sssd.git/src/tests/cmocka, branch mdbtest sssd with jhrozek's patches tests: Add NSS responder tests for bysid requests 2015-04-24T14:47:00+00:00 Jakub Hrozek jhrozek@redhat.com 2015-03-30T16:54:34+00:00 bbd6f73bbad478a450ecfa2933a63de6dc269778 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
AD: Always get domain-specific ID connection 2015-04-15T15:30:27+00:00 Stephen Gallagher sgallagh@redhat.com 2015-04-15T01:50:36+00:00 e2bd4f8a41b72aea0712ad21ad02ccebb707f536 ad_get_dom_ldap_conn() assumed that ad_ctx->ldap_ctx always points at the LDAP connection for the primary domain, however it turns out that this is not always the case. It's currently unclear why, but this connection can sometimes be pointing at a subdomain. Since the value of subdom_id_ctx->ldap_ctx always points to the correct domain (including the primary domain case), there's no benefit to trying to shortcut to the ad_ctx->ldap_ctx when performing this lookup. This patch also makes a minor tweak to the tests so that the primary domain passes the sdap_domain_get() check for validity (since it needs to have a private member assigned). Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> 
ad_get_dom_ldap_conn() assumed that ad_ctx->ldap_ctx always points at
the LDAP connection for the primary domain, however it turns out that
this is not always the case. It's currently unclear why, but this
connection can sometimes be pointing at a subdomain. Since the value of
subdom_id_ctx->ldap_ctx always points to the correct domain (including
the primary domain case), there's no benefit to trying to shortcut to
the ad_ctx->ldap_ctx when performing this lookup.

This patch also makes a minor tweak to the tests so that the primary
domain passes the sdap_domain_get() check for validity (since it needs
to have a private member assigned).

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
responders: reset ncache after domains are discovered during startup 2015-04-09T06:35:23+00:00 Jakub Hrozek jhrozek@redhat.com 2015-03-29T14:31:19+00:00 0528fdec17d0031996e919fcd852459e86592c35 After responders start, they add a lookup operation that discovers the subdomains so that qualifying users works. After this operation is finishes, we need to reset negcache to allow users to be added into the newly discovered domains. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
After responders start, they add a lookup operation that discovers the
subdomains so that qualifying users works. After this operation is
finishes, we need to reset negcache to allow users to be added into the
newly discovered domains.

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
ncache: Add sss_ncache_reset_repopulate_permanent 2015-04-09T06:35:20+00:00 Jakub Hrozek jhrozek@redhat.com 2015-03-29T14:30:27+00:00 0d19785f9ffd9c66df5b30d208ec7b0216a9555b This new function resets the negative cache and then re-adds the permanent entries. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
This new function resets the negative cache and then re-adds the
permanent entries.

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
ncache: Silence critical error from filter_users when default_domain_suffix is set 2015-04-09T06:35:16+00:00 Jakub Hrozek jhrozek@redhat.com 2015-03-27T11:30:53+00:00 1aa492ce890f362564bfac21f3cfb0a3e38608bd When default_domain_suffix is used and filter_users is set (at least root is always, by default), SSSD tried to add the negcache entry to the default domain. But since the default domain is not known after start up, adding the entries fail with a verbose error message. This patch handles EAGAIN returned from the parsing function while setting negcache entries gracefully and also makes the debug message in parsing function more precise. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
When default_domain_suffix is used and filter_users is set (at least
root is always, by default), SSSD tried to add the negcache entry to the
default domain. But since the default domain is not known after start
up, adding the entries fail with a verbose error message.

This patch handles EAGAIN returned from the parsing function while
setting negcache entries gracefully and also makes the debug message in
parsing function more precise.

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
ncache: Fix sss_ncache_reset_permanent 2015-04-09T06:35:10+00:00 Jakub Hrozek jhrozek@redhat.com 2015-03-27T11:57:17+00:00 d338bb46b8c03c33e6182e725911af6d778bcf00 There was an off-by-one error in sss_ncache_reset_permanent that prevented the reset from working. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
There was an off-by-one error in sss_ncache_reset_permanent that
prevented the reset from working.

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
test_resolv_fake: Fix alignment warning 2015-03-27T15:30:47+00:00 Lukas Slebodnik lslebodn@redhat.com 2015-03-14T15:29:36+00:00 2b84054e2f9fa7301af4dbef4dcbf1cba066ecb3 src/tests/cmocka/test_resolv_fake.c:60:9: error: cast from 'uint8_t *' (aka 'unsigned char *') to 'HEADER *' increases required alignment from 1 to 4 [-Werror,-Wcast-align] h = (HEADER *) hb; ^~~~~~~~~~~~~ 1 error generated. Reviewed-by: Michal Židek <mzidek@redhat.com> 
src/tests/cmocka/test_resolv_fake.c:60:9:
    error: cast from 'uint8_t *' (aka 'unsigned char *') to 'HEADER *'
    increases required alignment from 1 to 4 [-Werror,-Wcast-align]

    h = (HEADER *) hb;
        ^~~~~~~~~~~~~
1 error generated.

Reviewed-by: Michal Židek <mzidek@redhat.com>
test_ldap_auth: Use right assertion for integer comparison 2015-03-26T10:22:10+00:00 Lukas Slebodnik lslebodn@redhat.com 2015-03-25T14:14:59+00:00 33e54a998f51558faaec82872a59723d2ceadb4f The macro assert_int_equal prints value of integers if they are not equal. Reviewed-by: Pavel Reichl <preichl@redhat.com> 
The macro assert_int_equal prints value of integers if
they are not equal.

Reviewed-by: Pavel Reichl <preichl@redhat.com>
test_expire: Use right assertion macro for standard functions 2015-03-26T10:20:49+00:00 Lukas Slebodnik lslebodn@redhat.com 2015-03-25T14:11:45+00:00 2233216c653247dd9cc06ce7db6f61f464299906 Documentation to macro assert_return_code says: Assert that the return_code is greater than or equal to 0. The function prints an error message to standard error and terminates the test by calling fail() if the return code is smaller than 0. If the function you check sets an errno if it fails you can pass it to the function and it will be printed as part of the error message. So in case of error we will see more verbose message. Reviewed-by: Pavel Reichl <preichl@redhat.com> 
Documentation to macro assert_return_code says:
Assert that the return_code is greater than or equal to 0.

The function prints an error message to standard error and terminates the
test by calling fail() if the return code is smaller than 0. If the function
you check sets an errno if it fails you can pass it to the function and
it will be printed as part of the error message.

So in case of error we will see more verbose message.

Reviewed-by: Pavel Reichl <preichl@redhat.com>
Resolv: re-read SRV query every time if its TTL is 0 2015-03-24T16:55:51+00:00 Jakub Hrozek jhrozek@redhat.com 2015-03-23T20:09:53+00:00 9797aa5907191cef5db8279e20ec75fd0abbe980 We should make sure the client re-checks the SRV query each request if the SRV query is 0. Reviewed-by: Pavel Březina <pbrezina@redhat.com> 
We should make sure the client re-checks the SRV query each request if
the SRV query is 0.

Reviewed-by: Pavel Březina <pbrezina@redhat.com>