File: upstream-testsuite

package info (click to toggle)
php-net-ldap2 2.3.0-4
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 824 kB
  • sloc: php: 3,175; xml: 888; sh: 99; makefile: 9
file content (128 lines) | stat: -rwxr-xr-x 4,229 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
 
#!/bin/bash

set -ue
PATH="/usr/sbin:/sbin:/usr/bin:/bin"
export PATH

try_reload_apparmor_profile() {
    local apparmor_profile="$1" arch vendor
    local -i rc=0

    apparmor_parser -r -W -T "$apparmor_profile" 2>&1 || rc=$?
    if [ $rc -ne 0 ]; then
        # This can fail on armhf in the Ubuntu DEP8 infrastructure
        # because that environment restricts changing apparmor profiles.
        # (See LP: #2008393)
        arch="$(dpkg --print-architecture)"
        vendor="$(dpkg-vendor --query Vendor)"
        if [ "$arch" = "armhf" ] && [ "$vendor" = "Ubuntu" ]; then
            echo "WARNING: Failed to enforce apparmor profile."
            echo "On armhf and Ubuntu DEP8 infrastructure, this is not a fatal error."
            echo "See LP#2008393 for details."
            rc=0
        else
            echo "ERROR: Failed to adjust the slapd apparmor profile for this test."
        fi
    fi
    return $rc
}

for ((i = 0; i < 10; i++)); do
    if [ -S "/run/ldapi" ]; then
        break
    fi
    echo "Waiting for slapd ldapi:// socket..."
    sleep 1
done

apparmor_profile="/etc/apparmor.d/usr.sbin.slapd"
if [ -f "$apparmor_profile" ]; then
    if aa-status --enabled 2>/dev/null; then
        # Adjust apparmor so slapd can read the heimdal master key
        echo " $AUTOPKGTEST_TMP/** rwk, " >> /etc/apparmor.d/local/usr.sbin.slapd
        try_reload_apparmor_profile "$apparmor_profile"
    fi
fi

# see tests/HOWTO_SETUP_OPENLDAP_TESTCASE.txt and tests/ldapconfig.ini.dist
SLAPD_ADDRESS="127.0.0.1"
SLAPD_PORT=389
BASEDN="dc=example,dc=com"
ROOTDN="cn=admin,$BASEDN"
ROOTPW="test"

DBDIR="$(mktemp --tmpdir="$AUTOPKGTEST_TMP" --directory ldap.XXXXXXXXXX)"
openssl genrsa -out "$AUTOPKGTEST_TMP/ldap.key"
openssl req -x509 \
    -key "$AUTOPKGTEST_TMP/ldap.key" \
    -subj "/CN=localhost" \
    -addext "subjectAltName=IP:$SLAPD_ADDRESS" \
    -out "$AUTOPKGTEST_TMP/ldap.pem"
chown openldap: -- "$DBDIR" "$AUTOPKGTEST_TMP/ldap.key"
chmod og-rwx    -- "$DBDIR" "$AUTOPKGTEST_TMP/ldap.key"

# configure certificates for STARTTLS
ldapmodify -Y EXTERNAL -H ldapi:/// -Q <<-EOF
	dn: cn=config
	changetype: modify
	replace: olcTLSCACertificateFile
	olcTLSCACertificateFile: $AUTOPKGTEST_TMP/ldap.pem
	-
	replace: olcTLSCertificateFile
	olcTLSCertificateFile: $AUTOPKGTEST_TMP/ldap.pem
	-
	replace: olcTLSCertificateKeyFile
	olcTLSCertificateKeyFile: $AUTOPKGTEST_TMP/ldap.key
EOF

# configure new database with $BASEDN as suffix
ldapadd -Y EXTERNAL -H ldapi:/// -Q <<-EOF
	dn: olcDatabase=mdb,cn=config
	objectClass: olcDatabaseConfig
	objectClass: olcMdbConfig
	olcDbDirectory: $DBDIR
	olcSuffix: $BASEDN
	olcAccess: {0}to attrs=userPassword by self write by anonymous auth by * none
	olcAccess: {1}to * by * read
	olcRootDN: $ROOTDN
	olcRootPW: $ROOTPW
	olcDbIndex: objectClass eq
	olcDbIndex: cn,uid eq
	olcDbIndex: uidNumber,gidNumber eq
	olcDbIndex: member,memberUid eq
EOF

# populate database with test data
ldapadd -D "$ROOTDN" -w "$ROOTPW" -H ldapi:/// \
    -f tests/ldif_data/base.ldif
ldapadd -D "$ROOTDN" -w "$ROOTPW" -H ldapi:/// \
    -f tests/ldif_data/INITIAL_TESTDATA.ldif

# dump database (using STARTTLS to make sure that works)
cat >>/etc/ldap/ldap.conf <<-EOF
	TLS_CACERT $AUTOPKGTEST_TMP/ldap.pem
	TLS_REQCERT hard
EOF
ldapsearch -D "$ROOTDN" -w "$ROOTPW" -H "ldap://$SLAPD_ADDRESS:$SLAPD_PORT/" \
    -LLZZ -b "$BASEDN"

# configure the test suite
cp -vfT tests/ldapconfig.ini.dist tests/ldapconfig.ini
sed -ri "s/^(\\s*server_cap_tls)\\s*=.*/\\1 = true/;
         s/^(\\s*server_address)\\s*=.*/\\1 = $SLAPD_ADDRESS/;
         s/^(\\s*server_port)\\s*=.*/\\1 = $SLAPD_PORT/" \
        tests/ldapconfig.ini
cat tests/ldapconfig.ini

# the test suite tries to connect to 0.0.0.1 and 0.0.0.2 in order to
# test the fallback logic, so nullroute these so we don't have to wait
# for the timeout
ip route add blackhole "0.0.0.0/30"

declare -a extra_options=()
phpunit_cachedir="$AUTOPKGTEST_TMP/phpunit.cache.d"
install ${AUTOPKGTEST_NORMAL_USER+-o "$AUTOPKGTEST_NORMAL_USER"} -m0700 -d -- "$phpunit_cachedir"

cd ./tests
${AUTOPKGTEST_NORMAL_USER+runuser -u "$AUTOPKGTEST_NORMAL_USER" --} phpunit \
    --no-configuration --cache-directory "$phpunit_cachedir" --fail-on-skipped .