From 763fbc26e89d7566ec661ef22a42848d9bf8e0bf Mon Sep 17 00:00:00 2001
From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
Date: Wed, 1 Jun 2022 05:04:47 -0500
Subject: user/openldap: Update to 2.6.2

* Fix all tests.
  Suite now runs in ~20m instead of ~2h, so re-enable.

* Update our patches for 2.6.

* Build deps before all target to fix #720.
---
 user/openldap/APKBUILD                        |  38 ++----
 user/openldap/configs.patch                   |  41 +++----
 user/openldap/fix-manpages.patch              |  22 +---
 user/openldap/openldap-2.4-ppolicy.patch      |  13 ---
 user/openldap/openldap-2.4.11-libldap_r.patch |  11 --
 user/openldap/test063.patch                   |  17 +++
 user/openldap/test079.patch                   | 160 ++++++++++++++++++++++++++
 7 files changed, 209 insertions(+), 93 deletions(-)
 delete mode 100644 user/openldap/openldap-2.4-ppolicy.patch
 delete mode 100644 user/openldap/openldap-2.4.11-libldap_r.patch
 create mode 100644 user/openldap/test063.patch
 create mode 100644 user/openldap/test079.patch

(limited to 'user')

diff --git a/user/openldap/APKBUILD b/user/openldap/APKBUILD
index 1743a4e6d..3f4874186 100644
--- a/user/openldap/APKBUILD
+++ b/user/openldap/APKBUILD
@@ -13,17 +13,15 @@
 #     - CVE-2017-9287
 #
 pkgname=openldap
-pkgver=2.4.50
+pkgver=2.6.2
 pkgrel=0
 pkgdesc="LDAP Server"
 url="https://www.openldap.org/"
 arch="all"
-options="!check"  # Test suite takes > 2 hours to complete on each builder.
 license="OLDAP-2.8"
 depends=""
 depends_dev="openssl-dev cyrus-sasl-dev util-linux-dev"
-makedepends="$depends_dev db-dev groff icu-dev unixodbc-dev
-	autoconf automake libtool"
+makedepends="$depends_dev groff icu-dev unixodbc-dev libtool"
 subpackages="$pkgname-dev $pkgname-doc libldap $pkgname-openrc
 	$pkgname-clients $pkgname-passwd-pbkdf2:passwd_pbkdf2
 	$pkgname-backend-all:_backend_all:noarch
@@ -32,10 +30,10 @@ pkgusers="ldap"
 pkggroups="ldap"
 install="$pkgname.pre-install $pkgname.post-install $pkgname.post-upgrade"
 source="https://www.$pkgname.org/software/download/OpenLDAP/$pkgname-release/$pkgname-$pkgver.tgz
-	openldap-2.4-ppolicy.patch
-	openldap-2.4.11-libldap_r.patch
 	fix-manpages.patch
 	configs.patch
+	test063.patch
+	test079.patch
 
 	slapd.initd
 	slapd.confd
@@ -43,8 +41,7 @@ source="https://www.$pkgname.org/software/download/OpenLDAP/$pkgname-release/$pk
 
 # SLAPD backends
 _backends=""
-for _name in bdb dnssrv hdb ldap mdb meta monitor null passwd \
-	relay shell sql sock
+for _name in dnssrv ldap mdb meta null passwd relay sock
 do
 	subpackages="$subpackages $pkgname-back-$_name:_backend"
 	_backends="$_backends $pkgname-back-$_name"
@@ -60,14 +57,7 @@ do
 	_overlays="$_overlays $pkgname-overlay-$_name"
 done
 
-prepare() {
-	default_prepare
-
-	sed -i '/^STRIP/s,-s,,g' build/top.mk
-	libtoolize --force && aclocal && autoconf
-}
-
-build () {
+build() {
 	./configure \
 		--build=$CBUILD \
 		--host=$CHOST \
@@ -80,22 +70,18 @@ build () {
 		--enable-crypt \
 		--enable-modules \
 		--enable-dynamic \
-		--enable-bdb=mod \
 		--enable-dnssrv=mod \
-		--enable-hdb=mod \
 		--enable-ldap=mod \
 		--enable-mdb=mod \
 		--enable-meta=mod \
-		--enable-monitor=mod \
 		--enable-null=mod \
 		--enable-passwd=mod \
 		--enable-relay=mod \
-		--enable-shell=mod \
 		--enable-sock=mod \
-		--enable-sql=mod \
 		--enable-overlays=mod \
 		--with-tls=openssl \
 		--with-cyrus-sasl
+	make depend
 	make
 
 	# Build passwd pbkdf2.
@@ -199,10 +185,10 @@ _submv() {
 	done
 }
 
-sha512sums="f528043ff9de36f7b65d8816c9a9c24f0ac400041b2969965178ee6eae62c92a11af33a0a883e4954e5fff98a0738a9f9aa2faf5b385d21974754e045aab31ae  openldap-2.4.50.tgz
-5d34d49eabe7cb66cf8284cc3bd9730fa23df4932df68549e242d250ee50d40c434ae074ebc720d5fbcd9d16587c9333c5598d30a5f1177caa61461ab7771f38  openldap-2.4-ppolicy.patch
-44d97efb25d4f39ab10cd5571db43f3bfa7c617a5bb087085ae16c0298aca899b55c8742a502121ba743a73e6d77cd2056bc96cee63d6d0862dabc8fb5574357  openldap-2.4.11-libldap_r.patch
-8c4244d316a05870dd1147b2ab7ddbcfd7626b5dce2f5a0e72f066dc635c2edb4f1ea3be88c6fec2d5ab016001be16bedef70f2ce0695c3cd96f69e1614ff177  fix-manpages.patch
-0d2e570ddcb7ace1221abad9fc1d3dd0d00d6948340df69879b449959a68feee6a0ad8e17ef9971b35986293e16fc9d8e88de81815fedd5ea6a952eb085406ca  configs.patch
+sha512sums="a490a760ec954710e78821877744e8a6caa4e4f47cc292baae8106af2a4b62c16b7e8003af05ae16f58b28464d89e5459f9e4cf33241fe440c0c6ca041364420  openldap-2.6.2.tgz
+0c026a5c8790ebb7d6784514363f1403c693d61defbeaacae574267c3b7833f198919d31604da1f49db3000c9a561cb6d36d95e021f7906761e45d1434cef15b  fix-manpages.patch
+1a1f669db968061eb8c9fb5e42768d0f12075d4eb4d8ae7085533276775027c56760c2f7413494deebec4d78b053f674661236e6e1506ecffadf510985c393c0  configs.patch
+26fbe3fa2182d80ee98e6885972f803d03ac45a72cb8478c31e76a6f07f45565e6fdcdbf528fcf61e77fd4f9e2068e4f82d9c9c178df7da103d4e9b714bf204e  test063.patch
+c7f2b32f2643d6b7ea5dbee6c1baad7cae53ea9d511cfae6c976edb8f8f85ae14351f612f02e560d15c6b577676804fd7b0a6f45f79cc1cdbe11f117e61ad088  test079.patch
 0c3606e4dad1b32f1c4b62f2bc1990a4c9f7ccd10c7b50e623309ba9df98064e68fc42a7242450f32fb6e5fa2203609d3d069871b5ae994cd4b227a078c93532  slapd.initd
 64dc4c0aa0abe3d9f7d2aef25fe4c8e23c53df2421067947ac4d096c9e942b26356cb8577ebc41b52d88d0b0a03b2a3e435fe86242671f9b36555a5f82ee0e3a  slapd.confd"
diff --git a/user/openldap/configs.patch b/user/openldap/configs.patch
index e7ec65c4b..c7077672a 100644
--- a/user/openldap/configs.patch
+++ b/user/openldap/configs.patch
@@ -1,3 +1,6 @@
+* Use /run/openldap for the state directory.
+* We use .so instead of .la for module suffix.
+
 --- a/servers/slapd/slapd.conf
 +++ b/servers/slapd/slapd.conf
 @@ -2,7 +2,7 @@
@@ -9,7 +12,7 @@
  
  # Define global ACLs to disable default read access.
  
-@@ -10,13 +10,16 @@
+@@ -10,13 +10,14 @@
  # service AND an understanding of referrals.
  #referral	ldap://root.openldap.org
  
@@ -20,18 +23,16 @@
 +argsfile	/run/openldap/slapd.args
  
  # Load dynamic backend modules:
--# modulepath	%MODULEDIR%
--# moduleload	back_mdb.la
+-modulepath	%MODULEDIR%
+-moduleload	back_mdb.la
 -# moduleload	back_ldap.la
 +modulepath	/usr/lib/openldap
 +moduleload	back_mdb.so
-+# moduleload	back_hdb.so
-+# moduleload	back_bbd.so
 +# moduleload	back_ldap.so
  
  # Sample security restrictions
  #	Require integrity protection (prevent hijacking)
-@@ -53,13 +56,16 @@
+@@ -62,13 +63,16 @@
  maxsize		1073741824
  suffix		"dc=my-domain,dc=com"
  rootdn		"cn=Manager,dc=my-domain,dc=com"
@@ -63,30 +64,18 @@
  #
  # Do not enable referrals until AFTER you have a working directory
  # service AND an understanding of referrals.
-@@ -26,22 +27,23 @@
- #
- # Load dynamic backend modules:
- #
--#dn: cn=module,cn=config
--#objectClass: olcModuleList
--#cn: module
--#olcModulepath:	%MODULEDIR%
--#olcModuleload:	back_bdb.la
--#olcModuleload:	back_hdb.la
+@@ -29,16 +30,16 @@
+ dn: cn=module,cn=config
+ objectClass: olcModuleList
+ cn: module
+-olcModulepath:	%MODULEDIR%
+-olcModuleload:	back_mdb.la
 -#olcModuleload:	back_ldap.la
 -#olcModuleload:	back_passwd.la
--#olcModuleload:	back_shell.la
-+dn: cn=module,cn=config
-+objectClass: olcModuleList
-+cn: module
 +olcModulepath:	/usr/lib/openldap
-+#olcModuleload:	back_bdb.so
-+#olcModuleload:	back_hdb.so
-+#olcModuleload:	back_ldap.so
 +olcModuleload:	back_mdb.so
++#olcModuleload:	back_ldap.so
 +#olcModuleload:	back_passwd.so
-+#olcModuleload:	back_shell.so
- 
  
  dn: cn=schema,cn=config
  objectClass: olcSchemaConfig
@@ -97,7 +86,7 @@
  
  # Frontend settings
  #
-@@ -83,13 +85,16 @@
+@@ -81,13 +82,16 @@
  olcDatabase: mdb
  olcSuffix: dc=my-domain,dc=com
  olcRootDN: cn=Manager,dc=my-domain,dc=com
diff --git a/user/openldap/fix-manpages.patch b/user/openldap/fix-manpages.patch
index 179569494..03c925537 100644
--- a/user/openldap/fix-manpages.patch
+++ b/user/openldap/fix-manpages.patch
@@ -8,7 +8,7 @@ diff --git a/doc/man/man1/ldapmodify.1 b/doc/man/man1/ldapmodify.1
 index 3def6da..466c772 100644
 --- a/doc/man/man1/ldapmodify.1
 +++ b/doc/man/man1/ldapmodify.1
-@@ -397,8 +397,7 @@ exit status and a diagnostic message being written to standard error.
+@@ -382,8 +382,7 @@ exit status and a diagnostic message being written to standard error.
  .BR ldap_add_ext (3),
  .BR ldap_delete_ext (3),
  .BR ldap_modify_ext (3),
@@ -18,18 +18,6 @@ index 3def6da..466c772 100644
  .SH AUTHOR
  The OpenLDAP Project <http://www.openldap.org/>
  .SH ACKNOWLEDGEMENTS
-diff --git a/doc/man/man5/ldap.conf.5 b/doc/man/man5/ldap.conf.5
-index cfde143..63592cb 100644
---- a/doc/man/man5/ldap.conf.5
-+++ b/doc/man/man5/ldap.conf.5
-@@ -317,6 +317,7 @@ certificates in separate individual files. The
- .B TLS_CACERT
- is always used before
- .B TLS_CACERTDIR.
-+The specified directory must be managed with the LibreSSL c_rehash utility.
- This parameter is ignored with GnuTLS.
- 
- When using Mozilla NSS, <path> may contain a Mozilla NSS cert/key
 diff --git a/doc/man/man8/slapd.8 b/doc/man/man8/slapd.8
 index b739f4d..e2a1a00 100644
 --- a/doc/man/man8/slapd.8
@@ -41,9 +29,9 @@ index b739f4d..e2a1a00 100644
 -.B LIBEXECDIR/slapd 
 +.B slapd
  [\c
- .BR \-4 | \-6 ]
+ .BR \-V [ V [ V ]]
  [\c
-@@ -317,7 +317,7 @@ the LDAP databases defined in the default config file, just type:
+@@ -332,7 +332,7 @@ the LDAP databases defined in the default config file, just type:
  .LP
  .nf
  .ft tt
@@ -52,7 +40,7 @@ index b739f4d..e2a1a00 100644
  .ft
  .fi
  .LP
-@@ -328,7 +328,7 @@ on voluminous debugging which will be printed on standard error, type:
+@@ -343,7 +343,7 @@ on voluminous debugging which will be printed on standard error, type:
  .LP
  .nf
  .ft tt
@@ -61,7 +49,7 @@ index b739f4d..e2a1a00 100644
  .ft
  .fi
  .LP
-@@ -336,7 +336,7 @@ To test whether the configuration file is correct or not, type:
+@@ -351,7 +351,7 @@ To test whether the configuration file is correct or not, type:
  .LP
  .nf
  .ft tt
diff --git a/user/openldap/openldap-2.4-ppolicy.patch b/user/openldap/openldap-2.4-ppolicy.patch
deleted file mode 100644
index c05790e3e..000000000
--- a/user/openldap/openldap-2.4-ppolicy.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff -urN ./clients.orig/tools/common.c ./clients/tools/common.c
---- ./clients.orig/tools/common.c	2007-09-01 01:13:50.000000000 +0200
-+++ ./clients/tools/common.c	2008-01-13 21:50:06.000000000 +0100
-@@ -1262,8 +1262,8 @@
- 	int		nsctrls = 0;
- 
- #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST
-+	LDAPControl c;
- 	if ( ppolicy ) {
--		LDAPControl c;
- 		c.ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST;
- 		c.ldctl_value.bv_val = NULL;
- 		c.ldctl_value.bv_len = 0;
diff --git a/user/openldap/openldap-2.4.11-libldap_r.patch b/user/openldap/openldap-2.4.11-libldap_r.patch
deleted file mode 100644
index 448249a3b..000000000
--- a/user/openldap/openldap-2.4.11-libldap_r.patch
+++ /dev/null
@@ -1,11 +0,0 @@
-diff -Nuar openldap-2.4.11.orig/servers/slapd/slapi/Makefile.in openldap-2.4.11/servers/slapd/slapi/Makefile.in
---- openldap-2.4.11.orig/servers/slapd/slapi/Makefile.in	2008-02-11 15:26:49.000000000 -0800
-+++ openldap-2.4.11/servers/slapd/slapi/Makefile.in	2008-10-14 02:10:18.402799262 -0700
-@@ -37,6 +37,7 @@
- XLIBS = $(LIBRARY)
- XXLIBS = 
- NT_LINK_LIBS = $(AC_LIBS)
-+UNIX_LINK_LIBS = ../../../libraries/libldap_r/libldap_r.la $(LTHREAD_LIBS)
- 
- XINCPATH = -I$(srcdir)/.. -I$(srcdir)
- XDEFS = $(MODULES_CPPFLAGS)
diff --git a/user/openldap/test063.patch b/user/openldap/test063.patch
new file mode 100644
index 000000000..972feba6f
--- /dev/null
+++ b/user/openldap/test063.patch
@@ -0,0 +1,17 @@
+Test #63 fails with a server replication race.
+
+Seen in Debian at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010608 -
+thanks to Ryan Tandy for root cause analysis and suggested fix.
+
+--- openldap-2.6.2/tests/scripts/test063-delta-multiprovider	2022-05-04 09:55:23.000000000 -0500
++++ openldap-2.6.2/tests/scripts/test063-delta-multiprovider	2022-06-01 02:14:47.230724205 -0500
+@@ -318,6 +318,9 @@
+ 	exit $RC
+ fi
+ 
++echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
++sleep $SLEEP1
++
+ THEDN="cn=James A Jones 2,ou=Alumni Association,ou=People,dc=example,dc=com"
+ sleep 1
+ for i in 1 2 3; do
diff --git a/user/openldap/test079.patch b/user/openldap/test079.patch
new file mode 100644
index 000000000..a902ba878
--- /dev/null
+++ b/user/openldap/test079.patch
@@ -0,0 +1,160 @@
+From 0031b8ed342386960ab9d0cd1566196ba0e6ae42 Mon Sep 17 00:00:00 2001
+From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
+Date: Wed, 1 Jun 2022 04:36:24 -0500
+Subject: [PATCH] Tests: Use ldapsearch(1) correctly in test079
+
+Before this change, ldapsearch(1) was not being called with the correct
+parameter syntax.  This caused the test to fail on musl libc environments
+where getopt(3) is more strict, with messages like:
+
+Error: LDAP connection to remote LDAP server is not found (1)
+
+The test.out file simply stated:
+
+ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
+
+Indeed, strace showed that the `-H` param was missed and we were trying
+to connect to port 389:
+
+connect(3, {sa_family=AF_INET6, sin6_port=htons(389), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_scope_id=0}, 28) = -1 ECONNREFUSED (Connection refused)
+---
+ tests/scripts/test079-proxy-timeout | 40 ++++++++++++++---------------
+ 1 file changed, 20 insertions(+), 20 deletions(-)
+
+diff --git a/tests/scripts/test079-proxy-timeout b/tests/scripts/test079-proxy-timeout
+index 6a8e0c7a8..9ece4c1a1 100755
+--- a/tests/scripts/test079-proxy-timeout
++++ b/tests/scripts/test079-proxy-timeout
+@@ -139,10 +139,10 @@ fi
+ 
+ echo "Checking that proxy has created connections towards backend (time_t now=`date +%s`)"
+ 
+-$LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL olmDbConnURI \
++$LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL \
+         -D "cn=Manager,dc=local,dc=com" \
+         -H $URI2 \
+-        -w $PASSWD 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
++        -w $PASSWD olmDbConnURI 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
+ RC=$?
+ if test $RC != 0 ; then
+     echo "Error: LDAP connection to remote LDAP server is not found ($RC)"
+@@ -150,10 +150,10 @@ if test $RC != 0 ; then
+     exit $RC
+ fi
+ 
+-$LDAPSEARCH -b "cn=Connections,cn=database 3,cn=databases,cn=monitor" -s one -LLL olmDbConnURI \
++$LDAPSEARCH -b "cn=Connections,cn=database 3,cn=databases,cn=monitor" -s one -LLL \
+         -D "cn=Manager,dc=local,dc=com" \
+         -H $URI2 \
+-        -w $PASSWD 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
++        -w $PASSWD olmDbConnURI 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
+ RC=$?
+ if test $RC != 0 ; then
+     echo "Error: LDAP connection to remote LDAP server is not found ($RC)"
+@@ -171,10 +171,10 @@ sleep `expr $CONN_EXPIRES - $NOW + 2`
+ 
+ echo "Checking that proxy has closed expired connections towards the remote LDAP server (time_t now=`date +%s`)"
+ 
+-$LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL olmDbConnURI \
++$LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL \
+         -D "cn=Manager,dc=local,dc=com" \
+         -H $URI2 \
+-        -w $PASSWD 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
++        -w $PASSWD olmDbConnURI 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
+ RC=$?
+ if test $RC != 1 ; then
+     echo "Error: LDAP connection to remote LDAP server was not closed"
+@@ -182,10 +182,10 @@ if test $RC != 1 ; then
+     exit $RC
+ fi
+ 
+-$LDAPSEARCH -b "cn=Connections,cn=database 3,cn=databases,cn=monitor" -s one -LLL olmDbConnURI \
++$LDAPSEARCH -b "cn=Connections,cn=database 3,cn=databases,cn=monitor" -s one -LLL \
+         -D "cn=Manager,dc=local,dc=com" \
+         -H $URI2 \
+-        -w $PASSWD 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
++        -w $PASSWD olmDbConnURI 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
+ RC=$?
+ if test $RC != 1 ; then
+     echo "Error: LDAP connection to remote LDAP server was not closed"
+@@ -235,10 +235,10 @@ sleep 2
+ 
+ echo "Checking that proxy has created connections towards backend (time_t now=`date +%s`)"
+ 
+-$LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL olmDbConnURI \
++$LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL \
+         -D "cn=Manager,dc=local,dc=com" \
+         -H $URI2 \
+-        -w $PASSWD 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
++        -w $PASSWD olmDbConnURI 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
+ RC=$?
+ if test $RC != 0 ; then
+     echo "Error: LDAP connection to remote LDAP server is not found ($RC)"
+@@ -246,10 +246,10 @@ if test $RC != 0 ; then
+     exit $RC
+ fi
+ 
+-$LDAPSEARCH -b "cn=Connections,cn=database 3,cn=databases,cn=monitor" -s one -LLL olmDbConnURI \
++$LDAPSEARCH -b "cn=Connections,cn=database 3,cn=databases,cn=monitor" -s one -LLL \
+         -D "cn=Manager,dc=local,dc=com" \
+         -H $URI2 \
+-        -w $PASSWD 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
++        -w $PASSWD olmDbConnURI 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
+ RC=$?
+ if test $RC != 0 ; then
+     echo "Error: LDAP connection to remote LDAP server is not found ($RC)"
+@@ -267,10 +267,10 @@ sleep `expr $CONN_EXPIRES - $NOW + 2`
+ 
+ echo "Checking that proxy has closed expired connections towards the remote LDAP server (time_t now=`date +%s`)"
+ 
+-$LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL olmDbConnURI \
++$LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL \
+         -D "cn=Manager,dc=local,dc=com" \
+         -H $URI2 \
+-        -w $PASSWD 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
++        -w $PASSWD olmDbConnURI 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
+ RC=$?
+ if test $RC != 1 ; then
+     echo "Error: LDAP connection to remote LDAP server was not closed"
+@@ -278,10 +278,10 @@ if test $RC != 1 ; then
+     exit $RC
+ fi
+ 
+-$LDAPSEARCH -b "cn=Connections,cn=database 3,cn=databases,cn=monitor" -s one -LLL olmDbConnURI \
++$LDAPSEARCH -b "cn=Connections,cn=database 3,cn=databases,cn=monitor" -s one -LLL \
+         -D "cn=Manager,dc=local,dc=com" \
+         -H $URI2 \
+-        -w $PASSWD 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
++        -w $PASSWD olmDbConnURI 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
+ RC=$?
+ if test $RC != 1 ; then
+     echo "Error: LDAP connection to remote LDAP server was not closed"
+@@ -339,10 +339,10 @@ fi
+ NOW=`date +%s`
+ sleep `expr $CONN_EXPIRES - $NOW - 2`
+ echo "Check that connection is still alive due to idle-timeout reset (time_t now=`date +%s`)"
+-$LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL olmDbConnURI \
++$LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL \
+         -D "cn=Manager,dc=local,dc=com" \
+         -H $URI2 \
+-        -w $PASSWD 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
++        -w $PASSWD olmDbConnURI 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
+ RC=$?
+ if test $RC != 0 ; then
+     echo "Error: LDAP connection to remote LDAP server is not found ($RC)"
+@@ -354,10 +354,10 @@ fi
+ NOW=`date +%s`
+ sleep `expr $CONN_EXPIRES - $NOW + 2`
+ echo "Check that connection is closed after extended idle-timeout has passed (time_t now=`date +%s`)"
+-$LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL olmDbConnURI \
++$LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL \
+         -D "cn=Manager,dc=local,dc=com" \
+         -H $URI2 \
+-        -w $PASSWD  2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
++        -w $PASSWD olmDbConnURI 2>&1 | tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null
+ RC=$?
+ if test $RC != 1 ; then
+     echo "Error: LDAP connection to remote LDAP server was not closed"
+-- 
+2.32.0 (Apple Git-132)
+
-- 
cgit v1.2.3-60-g2f50