UTIL: Add a function to convert id_t from a number or a name

We need a custom function that would convert a numeric or string input
into uid_t. The function will be used to drop privileges in servers and
also in the PAC and IFP responders.

Includes a unit test to test all code that changed as well as a fix for
a misnamed attribute in the csv_to_uid_list function synopsis.

Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>

4 files changed, 306 insertions, 1 deletions

diff --git a/src/tests/cwrap/Makefile.am b/src/tests/cwrap/Makefile.am
index d1f0e9e1b..02be67387 100644
--- a/src/tests/cwrap/Makefile.am
+++ b/src/tests/cwrap/Makefile.am
@@ -45,6 +45,8 @@ if HAVE_UID_WRAPPER
 check_PROGRAMS += \
     become_user-tests \
     server-tests \
+    usertools-tests \
+    responder_common-tests \
     $(NULL)
 endif # HAVE_UID_WRAPPER
 endif # HAVE_NSS_WRAPPER
@@ -106,4 +108,56 @@ server_tests_LDADD = \
     $(abs_top_builddir)/libsss_test_common.la \
     $(NULL)
 
+usertools_tests_SOURCES = \
+    test_usertools.c \
+    ../../../src/util/domain_info_utils.c \
+    ../../../src/util/safe-format-string.c \
+    ../../../src/util/usertools.c \
+    ../../../src/util/strtonum.c \
+    ../../../src/util/backup_file.c \
+    ../../../src/util/atomic_io.c \
+    ../../../src/util/util.c \
+    ../../../src/util/util_errors.c \
+    ../../../src/util/sss_tc_utf8.c \
+    ../../../src/util/sss_utf8.c \
+    ../../../src/confdb/confdb.c \
+    ../../../src/db/sysdb.c \
+    ../../../src/db/sysdb_upgrade.c \
+    ../../../src/db/sysdb_autofs.c \
+    ../../../src/db/sysdb_search.c \
+    ../../../src/db/sysdb_services.c \
+    ../../../src/db/sysdb_ops.c \
+    ../../../src/db/sysdb_views.c \
+    $(NULL)
+usertools_tests_CFLAGS = \
+    $(AM_CFLAGS) \
+    $(NULL)
+usertools_tests_LDADD = \
+    $(CMOCKA_LIBS) \
+    $(UNICODE_LIBS) \
+    $(SSSD_LIBS) \
+    $(abs_top_builddir)/libsss_debug.la \
+    $(abs_top_builddir)/libsss_crypt.la \
+    $(abs_top_builddir)/libsss_test_common.la \
+    $(NULL)
+
+responder_common_tests_SOURCES =\
+    test_responder_common.c \
+    ../../../src/responder/common/responder_common.c \
+    ../../../src/responder/common/responder_packet.c \
+    ../../../src/responder/common/responder_cmd.c \
+    $(NULL)
+responder_common_tests_CFLAGS = \
+    $(AM_CFLAGS) \
+    $(NULL)
+responder_common_tests_LDADD = \
+    $(CMOCKA_LIBS) \
+    $(UNICODE_LIBS) \
+    $(SSSD_LIBS) \
+    $(abs_top_builddir)/libsss_debug.la \
+    $(abs_top_builddir)/libsss_crypt.la \
+    $(abs_top_builddir)/libsss_util.la \
+    $(abs_top_builddir)/libsss_test_common.la \
+    $(NULL)
+
 tests: $(check_PROGRAMS)
diff --git a/src/tests/cwrap/passwd b/src/tests/cwrap/passwd
index aa0a97db5..862ccfe03 100644
--- a/src/tests/cwrap/passwd
+++ b/src/tests/cwrap/passwd
@@ -1 +1,2 @@
-sssd:x:123:123:sssd unprivileged user:/:/sbin/nologin
+sssd:x:123:456:sssd unprivileged user:/:/sbin/nologin
+foobar:x:10001:10001:User for SSSD testing:/home/foobar:/bin/bash
diff --git a/src/tests/cwrap/test_responder_common.c b/src/tests/cwrap/test_responder_common.c
new file mode 100644
index 000000000..23dcf753f
--- /dev/null
+++ b/src/tests/cwrap/test_responder_common.c
@@ -0,0 +1,144 @@
+/*
+    Authors:
+        Jakub Hrozek <jhrozek@redhat.com>
+
+    Copyright (C) 2014 Red Hat
+
+    SSSD tests: User utilities
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include <popt.h>
+#include "util/util.h"
+#include "responder/common/responder.h"
+#include "tests/cmocka/common_mock.h"
+
+/* Just to satisfy dependencies */
+struct cli_protocol_version *register_cli_protocol_version(void)
+{
+    static struct cli_protocol_version responder_test_cli_protocol_version[] = {
+        {0, NULL, NULL}
+    };
+
+    return responder_test_cli_protocol_version;
+}
+
+void test_uid_csv_to_uid_list(void **state)
+{
+    TALLOC_CTX *tmp_ctx;
+    errno_t ret;
+    size_t count;
+    uid_t *list;
+
+    tmp_ctx = talloc_new(global_talloc_context);
+    assert_non_null(tmp_ctx);
+
+    check_leaks_push(tmp_ctx);
+
+    ret = csv_string_to_uid_array(tmp_ctx, "1, 2, 3", false, &count, &list);
+    assert_int_equal(ret, EOK);
+    assert_int_equal(count, 3);
+    assert_int_equal(list[0], 1);
+    assert_int_equal(list[1], 2);
+    assert_int_equal(list[2], 3);
+
+    talloc_free(list);
+    check_leaks_pop(tmp_ctx);
+    talloc_free(tmp_ctx);
+}
+
+void test_name_csv_to_uid_list(void **state)
+{
+    TALLOC_CTX *tmp_ctx;
+    errno_t ret;
+    size_t count;
+    uid_t *list;
+
+    tmp_ctx = talloc_new(global_talloc_context);
+    assert_non_null(tmp_ctx);
+
+    check_leaks_push(tmp_ctx);
+
+    ret = csv_string_to_uid_array(tmp_ctx, "sssd, foobar", true, &count, &list);
+    assert_int_equal(ret, EOK);
+    assert_int_equal(count, 2);
+    assert_int_equal(list[0], 123);
+    assert_int_equal(list[1], 10001);
+
+    talloc_free(list);
+    check_leaks_pop(tmp_ctx);
+    talloc_free(tmp_ctx);
+}
+
+void test_csv_to_uid_list_neg(void **state)
+{
+    TALLOC_CTX *tmp_ctx;
+    errno_t ret;
+    size_t count;
+    uid_t *list = NULL;
+
+    tmp_ctx = talloc_new(global_talloc_context);
+    assert_non_null(tmp_ctx);
+
+    check_leaks_push(tmp_ctx);
+
+    ret = csv_string_to_uid_array(tmp_ctx, "nosuchuser", true, &count, &list);
+    assert_int_not_equal(ret, EOK);
+
+    check_leaks_pop(tmp_ctx);
+    talloc_free(tmp_ctx);
+}
+
+int main(int argc, const char *argv[])
+{
+    poptContext pc;
+    int opt;
+    struct poptOption long_options[] = {
+        POPT_AUTOHELP
+        SSSD_DEBUG_OPTS
+        POPT_TABLEEND
+    };
+
+    const UnitTest tests[] = {
+        unit_test(test_uid_csv_to_uid_list),
+        unit_test(test_name_csv_to_uid_list),
+        unit_test(test_csv_to_uid_list_neg),
+    };
+
+    /* Set debug level to invalid value so we can deside if -d 0 was used. */
+    debug_level = SSSDBG_INVALID;
+
+    pc = poptGetContext(argv[0], argc, argv, long_options, 0);
+    while((opt = poptGetNextOpt(pc)) != -1) {
+        switch(opt) {
+        default:
+            fprintf(stderr, "\nInvalid option %s: %s\n\n",
+                    poptBadOption(pc, 0), poptStrerror(opt));
+            poptPrintUsage(pc, stderr, 0);
+            return 1;
+        }
+    }
+    poptFreeContext(pc);
+
+    DEBUG_CLI_INIT(debug_level);
+
+    tests_set_cwd();
+
+    return run_tests(tests);
+}
diff --git a/src/tests/cwrap/test_usertools.c b/src/tests/cwrap/test_usertools.c
new file mode 100644
index 000000000..642305945
--- /dev/null
+++ b/src/tests/cwrap/test_usertools.c
@@ -0,0 +1,106 @@
+/*
+    Authors:
+        Jakub Hrozek <jhrozek@redhat.com>
+
+    Copyright (C) 2014 Red Hat
+
+    SSSD tests: User utilities
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include <popt.h>
+#include "util/util.h"
+#include "tests/cmocka/common_mock.h"
+
+void test_get_user_num(void **state)
+{
+    uid_t uid;
+    gid_t gid;
+    errno_t ret;
+
+    ret = sss_user_by_name_or_uid("123", &uid, &gid);
+    assert_int_equal(ret, EOK);
+    assert_int_equal(uid, 123);
+    assert_int_equal(gid, 456);
+}
+
+void test_get_user_str(void **state)
+{
+    uid_t uid;
+    gid_t gid;
+    errno_t ret;
+
+    ret = sss_user_by_name_or_uid("sssd", &uid, &gid);
+    assert_int_equal(ret, EOK);
+    assert_int_equal(uid, 123);
+    assert_int_equal(gid, 456);
+}
+
+void test_get_user_nullparm(void **state)
+{
+    uid_t uid;
+    gid_t gid;
+    errno_t ret;
+
+    ret = sss_user_by_name_or_uid("sssd", &uid, NULL);
+    assert_int_equal(ret, EOK);
+    assert_int_equal(uid, 123);
+
+    ret = sss_user_by_name_or_uid("sssd", NULL, &gid);
+    assert_int_equal(ret, EOK);
+    assert_int_equal(gid, 456);
+}
+
+int main(int argc, const char *argv[])
+{
+    poptContext pc;
+    int opt;
+    struct poptOption long_options[] = {
+        POPT_AUTOHELP
+        SSSD_DEBUG_OPTS
+        POPT_TABLEEND
+    };
+
+    const UnitTest tests[] = {
+        unit_test(test_get_user_num),
+        unit_test(test_get_user_str),
+        unit_test(test_get_user_nullparm),
+    };
+
+    /* Set debug level to invalid value so we can deside if -d 0 was used. */
+    debug_level = SSSDBG_INVALID;
+
+    pc = poptGetContext(argv[0], argc, argv, long_options, 0);
+    while((opt = poptGetNextOpt(pc)) != -1) {
+        switch(opt) {
+        default:
+            fprintf(stderr, "\nInvalid option %s: %s\n\n",
+                    poptBadOption(pc, 0), poptStrerror(opt));
+            poptPrintUsage(pc, stderr, 0);
+            return 1;
+        }
+    }
+    poptFreeContext(pc);
+
+    DEBUG_CLI_INIT(debug_level);
+
+    tests_set_cwd();
+
+    return run_tests(tests);
+}