#!/bin/sh
#
# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
# (Royal Institute of Technology, Stockholm, Sweden). 
# All rights reserved. 
#
# Redistribution and use in source and binary forms, with or without 
# modification, are permitted provided that the following conditions 
# are met: 
#
# 1. Redistributions of source code must retain the above copyright 
#    notice, this list of conditions and the following disclaimer. 
#
# 2. Redistributions in binary form must reproduce the above copyright 
#    notice, this list of conditions and the following disclaimer in the 
#    documentation and/or other materials provided with the distribution. 
#
# 3. Neither the name of the Institute nor the names of its contributors 
#    may be used to endorse or promote products derived from this software 
#    without specific prior written permission. 
#
# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
# ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
# SUCH DAMAGE. 
#
# $Id: check-ldap.in 21856 2007-08-08 06:59:23Z lha $
#

srcdir="@srcdir@"
objdir="@objdir@"
EGREP="@EGREP@"

R=TEST.H5L.SE

port=@port@

cache="FILE:${objdir}/cache.krb5"

kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog"
kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R"
kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port"

testfailed="echo test failed; exit 1"

# If there is no ldap support compile in, disable test
if ${kdc} --builtin-hdb | grep ldap > /dev/null ; then
   :
else
    echo "no ldap support"
    exit 77
fi

#search for all ldap tools

PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/libexec:/usr/lib/openldap:$PATH
export PATH

oldifs=$IFS
IFS=:
set -- $PATH
IFS=$oldifs
for j in slapd slapadd; do
  for i in $*; do
    test -n "$i" || i="."
    if test -x $i/$j; then
       continue 2
    fi
  done
  echo "$j missing, not running test"
  exit 77
done

sh ${objdir}/slapd-init || exit 1

trap "sh ${srcdir}/slapd-stop ; exit 1;" EXIT

KRB5_CONFIG="${objdir}/krb5.conf"
export KRB5_CONFIG

rm -f current-db*

> messages.log

echo Creating database
${kadmin} \
    init \
    --realm-max-ticket-life=1day \
    --realm-max-renewable-life=1month \
    ${R} || exit 1

${kadmin} add -p foo --use-defaults foo@${R} || exit 1
${kadmin} add -p foo --use-defaults bar@${R} || exit 1

${kadmin} cpw --random-password bar@${R} > /dev/null || exit 1
${kadmin} cpw --random-password bar@${R} > /dev/null || exit 1
${kadmin} cpw --random-password bar@${R} > /dev/null || exit 1

${kadmin} cpw --random-password suser@${R} > /dev/null|| exit 1
${kadmin} cpw --password=foo suser@${R} || exit 1

${kadmin} list '*' > /dev/null || exit 1

echo foo > ${objdir}/foopassword

echo Starting kdc
${kdc} &
kdcpid=$!

sh ${srcdir}/../kdc/wait-kdc.sh
if [ "$?" != 0 ] ; then
    kill ${kdcpid}
    sh ${srcdir}/slapd-stop
    exit 1
fi

trap "kill ${kdcpid}; echo signal killing kdc; sh ${srcdir}/slapd-stop ; exit 1;" EXIT

ec=0

echo "Getting client initial tickets";
${kinit} --password-file=${objdir}/foopassword foo@$R || \
	{ ec=1 ; eval "${testfailed}"; }


echo "killing kdc (${kdcpid})"
kill $kdcpid || exit 1

trap "" EXIT

# kill of old slapd
sh ${srcdir}/slapd-stop

rm -rf db schema

exit $ec