diff options
author | Sumit Bose <sbose@redhat.com> | 2015-07-14 14:41:34 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-07-16 15:26:29 +0200 |
commit | 4f1897ad419790834573643e88ac03e6c5c1c4be (patch) | |
tree | c4659332479e0be55ca84a7d6cf016194a7432c7 /src/tests/cmocka | |
parent | f6a71ab5f06642727d5004b9a745a1b8e0393d78 (diff) | |
download | sssd-4f1897ad419790834573643e88ac03e6c5c1c4be.tar.gz sssd-4f1897ad419790834573643e88ac03e6c5c1c4be.tar.xz sssd-4f1897ad419790834573643e88ac03e6c5c1c4be.zip |
nss_check_name_of_well_known_sid() improve name splitting
Currently in the default configuration
nss_check_name_of_well_known_sid() can only split fully-qualified names
in the user@domain.name style. DOM\user style names will cause an error
and terminate the whole request.
With this patch both styles can be handled by default, additionally if
the name could not be split nss_check_name_of_well_known_sid() returns
ENOENT which can be handled more gracefully by the caller.
Resolves https://fedorahosted.org/sssd/ticket/2717
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'src/tests/cmocka')
-rw-r--r-- | src/tests/cmocka/test_nss_srv.c | 92 |
1 files changed, 53 insertions, 39 deletions
diff --git a/src/tests/cmocka/test_nss_srv.c b/src/tests/cmocka/test_nss_srv.c index 3ab8d39c4..84d3413be 100644 --- a/src/tests/cmocka/test_nss_srv.c +++ b/src/tests/cmocka/test_nss_srv.c @@ -1734,63 +1734,77 @@ void test_nss_well_known_getidbysid_failure(void **state) void test_nss_well_known_getsidbyname(void **state) { errno_t ret; + const char *names[] = { "Cryptographic Operators@BUILTIN", + "BUILTIN\\Cryptographic Operators", NULL}; + size_t c; + + for (c = 0; names[c] != NULL; c++) { + will_return(__wrap_sss_packet_get_body, WRAP_CALL_WRAPPER); + will_return(__wrap_sss_packet_get_body, names[c]); + will_return(__wrap_sss_packet_get_body, 0); + will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME); + will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL); + will_return(test_nss_well_known_sid_check, "S-1-5-32-569"); - will_return(__wrap_sss_packet_get_body, WRAP_CALL_WRAPPER); - will_return(__wrap_sss_packet_get_body, "Cryptographic Operators@BUILTIN"); - will_return(__wrap_sss_packet_get_body, 0); - will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME); - will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL); - will_return(test_nss_well_known_sid_check, "S-1-5-32-569"); + set_cmd_cb(test_nss_well_known_sid_check); + ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME, + nss_test_ctx->nss_cmds); + assert_int_equal(ret, EOK); - set_cmd_cb(test_nss_well_known_sid_check); - ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME, - nss_test_ctx->nss_cmds); - assert_int_equal(ret, EOK); - - /* Wait until the test finishes with EOK */ - ret = test_ev_loop(nss_test_ctx->tctx); - assert_int_equal(ret, EOK); + /* Wait until the test finishes with EOK */ + ret = test_ev_loop(nss_test_ctx->tctx); + assert_int_equal(ret, EOK); + } } void test_nss_well_known_getsidbyname_nonexisting(void **state) { errno_t ret; + const char *names[] = { "Abc@BUILTIN", "BUILTIN\\Abc", NULL }; + size_t c; - will_return(__wrap_sss_packet_get_body, WRAP_CALL_WRAPPER); - will_return(__wrap_sss_packet_get_body, "Abc@BUILTIN"); - will_return(__wrap_sss_packet_get_body, 0); - will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME); - will_return(test_nss_well_known_sid_check, NULL); + for (c = 0; names[c] != NULL; c++) { + will_return(__wrap_sss_packet_get_body, WRAP_CALL_WRAPPER); + will_return(__wrap_sss_packet_get_body, names[c]); + will_return(__wrap_sss_packet_get_body, 0); + will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME); + will_return(test_nss_well_known_sid_check, NULL); - set_cmd_cb(test_nss_well_known_sid_check); - ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME, - nss_test_ctx->nss_cmds); - assert_int_equal(ret, EOK); + set_cmd_cb(test_nss_well_known_sid_check); + ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME, + nss_test_ctx->nss_cmds); + assert_int_equal(ret, EOK); - /* Wait until the test finishes with EOK */ - ret = test_ev_loop(nss_test_ctx->tctx); - assert_int_equal(ret, EOK); + /* Wait until the test finishes with EOK */ + ret = test_ev_loop(nss_test_ctx->tctx); + assert_int_equal(ret, EOK); + } } void test_nss_well_known_getsidbyname_special(void **state) { errno_t ret; + const char *names[] = { "CREATOR OWNER@CREATOR AUTHORITY", + "CREATOR AUTHORITY\\CREATOR OWNER", NULL }; + size_t c; - will_return(__wrap_sss_packet_get_body, WRAP_CALL_WRAPPER); - will_return(__wrap_sss_packet_get_body, "CREATOR OWNER@CREATOR AUTHORITY"); - will_return(__wrap_sss_packet_get_body, 0); - will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME); - will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL); - will_return(test_nss_well_known_sid_check, "S-1-3-0"); + for (c = 0; names[c] != NULL; c++) { + will_return(__wrap_sss_packet_get_body, WRAP_CALL_WRAPPER); + will_return(__wrap_sss_packet_get_body, names[c]); + will_return(__wrap_sss_packet_get_body, 0); + will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME); + will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL); + will_return(test_nss_well_known_sid_check, "S-1-3-0"); - set_cmd_cb(test_nss_well_known_sid_check); - ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME, - nss_test_ctx->nss_cmds); - assert_int_equal(ret, EOK); + set_cmd_cb(test_nss_well_known_sid_check); + ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME, + nss_test_ctx->nss_cmds); + assert_int_equal(ret, EOK); - /* Wait until the test finishes with EOK */ - ret = test_ev_loop(nss_test_ctx->tctx); - assert_int_equal(ret, EOK); + /* Wait until the test finishes with EOK */ + ret = test_ev_loop(nss_test_ctx->tctx); + assert_int_equal(ret, EOK); + } } static int test_nss_getorigbyname_check(uint32_t status, uint8_t *body, |