version 1.7, 2004/12/01 21:11:55
|
version 1.7.2.3, 2005/03/14 22:25:04
|
Line 1
|
Line 1
|
#! /bin/sh |
#! /bin/sh |
# $OpenLDAP: pkg/ldap/tests/scripts/test031-component-filter,v 1.2 2004/08/28 01:53:41 slim Exp $ |
# $OpenLDAP: pkg/ldap/tests/scripts/test031-component-filter,v 1.7.2.2 2005/01/20 18:04:08 kurt Exp $ |
## This work is part of OpenLDAP Software <http://www.openldap.org/>. |
## This work is part of OpenLDAP Software <http://www.openldap.org/>. |
## |
## |
## Copyright 1998-2004 The OpenLDAP Foundation. |
## Copyright 1998-2005 The OpenLDAP Foundation. |
## All rights reserved. |
## All rights reserved. |
## |
## |
## Redistribution and use in source and binary forms, with or without |
## Redistribution and use in source and binary forms, with or without |
Line 82 cat /dev/null > $SEARCHOUT
|
Line 82 cat /dev/null > $SEARCHOUT
|
echo "Testing Component Filter Match RFC3687 Certificate searching:" |
echo "Testing Component Filter Match RFC3687 Certificate searching:" |
echo "# Testing Component Filter Match RFC3687 Certificate searching:" >> $SEARCHOUT |
echo "# Testing Component Filter Match RFC3687 Certificate searching:" >> $SEARCHOUT |
|
|
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.serialNumber\", rule allComponentsMatch, value 0 })" |
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"toBeSigned.serialNumber\", rule allComponentsMatch, value 0 })" |
echo " f=$FILTER ..." |
echo " f=$FILTER ..." |
echo "# f=$FILTER ..." >> $SEARCHOUT |
echo "# f=$FILTER ..." >> $SEARCHOUT |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
Line 95 if test $RC != 0 ; then
|
Line 95 if test $RC != 0 ; then
|
exit $RC |
exit $RC |
fi |
fi |
|
|
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.version\", rule allComponentsMatch, value 2 })" |
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"toBeSigned.version\", rule allComponentsMatch, value 2 })" |
echo " f=$FILTER ..." |
echo " f=$FILTER ..." |
echo "# f=$FILTER ..." >> $SEARCHOUT |
echo "# f=$FILTER ..." >> $SEARCHOUT |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
Line 108 if test $RC != 0 ; then
|
Line 108 if test $RC != 0 ; then
|
exit $RC |
exit $RC |
fi |
fi |
|
|
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.issuer.rdnSequence.1.1.value\", rule caseExactMatch, value \"US\" })" |
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"toBeSigned.issuer.rdnSequence.1.1.value\", rule caseExactMatch, value \"US\" })" |
echo " f=$FILTER ..." |
echo " f=$FILTER ..." |
echo "# f=$FILTER ..." >> $SEARCHOUT |
echo "# f=$FILTER ..." >> $SEARCHOUT |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
Line 121 if test $RC != 0 ; then
|
Line 121 if test $RC != 0 ; then
|
exit $RC |
exit $RC |
fi |
fi |
|
|
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.issuer.rdnSequence.1.1.value\", rule allComponentsMatch, value \"US\" })" |
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"toBeSigned.issuer.rdnSequence.1.1.value\", rule allComponentsMatch, value \"US\" })" |
echo " f=$FILTER ..." |
echo " f=$FILTER ..." |
echo "# f=$FILTER ..." >> $SEARCHOUT |
echo "# f=$FILTER ..." >> $SEARCHOUT |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
Line 134 if test $RC != 0 ; then
|
Line 134 if test $RC != 0 ; then
|
exit $RC |
exit $RC |
fi |
fi |
|
|
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.issuer.rdnSequence\", rule allComponentsMatch, value { { { type 2.5.4.6 , value \"US\" } } } })" |
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"toBeSigned.issuer.rdnSequence\", rule allComponentsMatch, value { { { type 2.5.4.6 , value \"US\" } } } })" |
echo " f=$FILTER ..." |
echo " f=$FILTER ..." |
echo "# f=$FILTER ..." >> $SEARCHOUT |
echo "# f=$FILTER ..." >> $SEARCHOUT |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
Line 147 if test $RC != 0 ; then
|
Line 147 if test $RC != 0 ; then
|
exit $RC |
exit $RC |
fi |
fi |
|
|
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.extensions.0\", rule integerMatch, value 3 })" |
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"toBeSigned.extensions.0\", rule integerMatch, value 3 })" |
echo " f=$FILTER ..." |
echo " f=$FILTER ..." |
echo "# f=$FILTER ..." >> $SEARCHOUT |
echo "# f=$FILTER ..." >> $SEARCHOUT |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
Line 160 if test $RC != 0 ; then
|
Line 160 if test $RC != 0 ; then
|
exit $RC |
exit $RC |
fi |
fi |
|
|
FILTER="(userCertificate:componentFilterMatch:=item:{component \"tbsCertificate.extensions.\2a.extnID\",rule allComponentsMatch, value 2.5.29.14 })" |
FILTER="(userCertificate:componentFilterMatch:=item:{component \"toBeSigned.extensions.\2a.extnID\",rule allComponentsMatch, value 2.5.29.14 })" |
echo " f=$FILTER ..." |
echo " f=$FILTER ..." |
echo "# f=$FILTER ..." >> $SEARCHOUT |
echo "# f=$FILTER ..." >> $SEARCHOUT |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
Line 173 if test $RC != 0 ; then
|
Line 173 if test $RC != 0 ; then
|
exit $RC |
exit $RC |
fi |
fi |
|
|
FILTER="(userCertificate:componentFilterMatch:=not:item:{component \"tbsCertificate.extensions.\2a\",rule allComponentsMatch, value { extnID 2.5.29.19 , extnValue '30030101FF'H })" |
FILTER="(userCertificate:componentFilterMatch:=not:item:{component \"toBeSigned.extensions.\2a\",rule allComponentsMatch, value { extnID 2.5.29.19 , extnValue '30030101FF'H })" |
echo " f=$FILTER ..." |
echo " f=$FILTER ..." |
echo "# f=$FILTER ..." >> $SEARCHOUT |
echo "# f=$FILTER ..." >> $SEARCHOUT |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
Line 186 if test $RC != 0 ; then
|
Line 186 if test $RC != 0 ; then
|
exit $RC |
exit $RC |
fi |
fi |
|
|
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.issuer.rdnSequence\", rule distinguishedNameMatch, value \"c=US\" })" |
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"toBeSigned.issuer.rdnSequence\", rule distinguishedNameMatch, value \"c=US\" })" |
echo " f=$FILTER ..." |
echo " f=$FILTER ..." |
echo "# f=$FILTER ..." >> $SEARCHOUT |
echo "# f=$FILTER ..." >> $SEARCHOUT |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
Line 199 if test $RC != 0 ; then
|
Line 199 if test $RC != 0 ; then
|
exit $RC |
exit $RC |
fi |
fi |
|
|
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"tbsCertificate.issuer.rdnSequence.1\", rule rdnMatch, value \"c=US\" })" |
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"toBeSigned.issuer.rdnSequence.1\", rule rdnMatch, value \"c=US\" })" |
echo " f=$FILTER ..." |
echo " f=$FILTER ..." |
echo "# f=$FILTER ..." >> $SEARCHOUT |
echo "# f=$FILTER ..." >> $SEARCHOUT |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
Line 212 if test $RC != 0 ; then
|
Line 212 if test $RC != 0 ; then
|
exit $RC |
exit $RC |
fi |
fi |
|
|
|
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"toBeSigned.extensions.\2a.extnValue.content.\282.5.29.35\29.authorityCertSerialNumber\", rule integerMatch, value 0 })" |
|
echo " f=$FILTER ..." |
|
echo "# f=$FILTER ..." >> $SEARCHOUT |
|
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
|
"$FILTER" >> $SEARCHOUT 2>&1 |
|
|
|
RC=$? |
|
if test $RC != 0 ; then |
|
echo "ldapsearch failed ($RC)!" |
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS |
|
exit $RC |
|
fi |
|
|
|
|
|
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"toBeSigned.subject.rdnSequence.\2a\", rule rdnMatch, value \"c=US\" })" |
|
echo " f=$FILTER ..." |
|
echo "# f=$FILTER ..." >> $SEARCHOUT |
|
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
|
"$FILTER" >> $SEARCHOUT 2>&1 |
|
|
|
RC=$? |
|
if test $RC != 0 ; then |
|
echo "ldapsearch failed ($RC)!" |
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS |
|
exit $RC |
|
fi |
|
|
|
FILTER="(userCertificate:componentFilterMatch:=item:{ component \"toBeSigned.subject.rdnSequence.\2a.\2a.value.\282.5.4.6\29\", rule caseExactMatch, value \"US\" })" |
|
echo " f=$FILTER ..." |
|
echo "# f=$FILTER ..." >> $SEARCHOUT |
|
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
|
"$FILTER" >> $SEARCHOUT 2>&1 |
|
|
|
RC=$? |
|
if test $RC != 0 ; then |
|
echo "ldapsearch failed ($RC)!" |
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS |
|
exit $RC |
|
fi |
|
|
|
FILTER="(x509CertificateIssuer=c=US)" |
|
echo " f=$FILTER ..." |
|
echo "# f=$FILTER ..." >> $SEARCHOUT |
|
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
|
"$FILTER" >> $SEARCHOUT 2>&1 |
|
|
|
RC=$? |
|
if test $RC != 0 ; then |
|
echo "ldapsearch failed ($RC)!" |
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS |
|
exit $RC |
|
fi |
|
|
|
FILTER="(x509CertificateSerial=0)" |
|
echo " f=$FILTER ..." |
|
echo "# f=$FILTER ..." >> $SEARCHOUT |
|
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
|
"$FILTER" >> $SEARCHOUT 2>&1 |
|
|
|
RC=$? |
|
if test $RC != 0 ; then |
|
echo "ldapsearch failed ($RC)!" |
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS |
|
exit $RC |
|
fi |
|
|
|
FILTER="(x509CertificateSerialAndIssuer:certificateExactMatch:=0\$c=US)" |
|
echo " f=$FILTER ..." |
|
echo "# f=$FILTER ..." >> $SEARCHOUT |
|
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ |
|
"$FILTER" >> $SEARCHOUT 2>&1 |
|
|
|
RC=$? |
|
if test $RC != 0 ; then |
|
echo "ldapsearch failed ($RC)!" |
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS |
|
exit $RC |
|
fi |
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS |
test $KILLSERVERS != no && kill -HUP $KILLPIDS |
|
|