#!/bin/sh

set -ex

. debian/tests/util
. debian/tests/common-tests

cleanup() {
    result=$?
    set +e
    if [ ${result} -ne 0 ]; then
        echo "## Something failed, gathering logs"
        echo
        gather_logs
    else
        echo "## All tests passed, phew"
    fi
    cleanup_sshd_config
}

trap cleanup EXIT

mydomain="example.com"
myhostname="ldap.${mydomain}"
mysuffix="dc=example,dc=com"
admin_dn="cn=admin,${mysuffix}"
admin_pw="secret"
ldap_user="testuser1"
ldap_user_pw="testuser1secret"
ldap_group="ldapusers"

adjust_hostname "${myhostname}"
reconfigure_slapd
generate_certs "${myhostname}"
enable_ldap_ssl
populate_ldap_rfc2307
configure_sssd_ldap_rfc2307
enable_pam_mkhomedir

# tests begin here
run_common_tests

echo "The LDAP user can login via ssh"

# this test is not via gssapi: we need password authentication
setup_sshd_password_auth

/usr/bin/expect -f debian/tests/login.exp "${ldap_user}" "${ldap_user_pw}"
