diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2015-05-15 14:13:40 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-06-14 21:47:29 +0200 |
commit | 30dd3f3e063dded0ec9f58bc2535a94727d8e96d (patch) | |
tree | c7a0fea133261dd2734a2d534b8c4d1959d4686a /src/tests | |
parent | 0c37b025b3da6bed26d7c84c4254f8ecc05bfc77 (diff) | |
download | sssd-30dd3f3e063dded0ec9f58bc2535a94727d8e96d.tar.gz sssd-30dd3f3e063dded0ec9f58bc2535a94727d8e96d.tar.xz sssd-30dd3f3e063dded0ec9f58bc2535a94727d8e96d.zip |
AD: Add ad_create_1way_trust_options
Related:
https://fedorahosted.org/sssd/ticket/2638
For one-way trusts we can assume that AD domain is the same as the
Kerberis realm. On the other hand, SASL realm and keytab path are
specified, unlike two-way trusts that use the system keytab.
Includes a unit test.
Reviewed-by: Sumit Bose <sbose@redhat.com>
Diffstat (limited to 'src/tests')
-rw-r--r-- | src/tests/cmocka/test_ad_common.c | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/src/tests/cmocka/test_ad_common.c b/src/tests/cmocka/test_ad_common.c index c541b87db..985a05fae 100644 --- a/src/tests/cmocka/test_ad_common.c +++ b/src/tests/cmocka/test_ad_common.c @@ -44,6 +44,13 @@ #define KEYTAB_TEST_PRINC TEST_AUTHID"@"REALMNAME #define KEYTAB_PATH TEST_DIR"/keytab_test.keytab" +#define ONEWAY_DOMNAME "ONEWAY" +#define ONEWAY_HOST_NAME "ad."ONEWAY_DOMNAME + +#define ONEWAY_KEYTAB_PATH TEST_DIR"/oneway_test.keytab" +#define ONEWAY_AUTHID "host/"ONEWAY_HOST_NAME +#define ONEWAY_TEST_PRINC ONEWAY_AUTHID"@"ONEWAY_DOMNAME + static bool call_real_sasl_options; krb5_error_code __wrap_krb5_kt_default(krb5_context context, krb5_keytab *id) @@ -116,6 +123,70 @@ static int test_ad_common_teardown(void **state) return 0; } +static void test_ad_create_1way_trust_options(void **state) +{ + struct ad_common_test_ctx *test_ctx = talloc_get_type(*state, + struct ad_common_test_ctx); + const char *s; + + call_real_sasl_options = true; + /* Make sure this is not the keytab that __wrap_krb5_kt_default uses */ + mock_keytab_with_contents(test_ctx, ONEWAY_KEYTAB_PATH, ONEWAY_TEST_PRINC); + + test_ctx->ad_ctx->ad_options = ad_create_1way_trust_options( + test_ctx->ad_ctx, + ONEWAY_DOMNAME, + ONEWAY_HOST_NAME, + ONEWAY_KEYTAB_PATH, + ONEWAY_AUTHID); + assert_non_null(test_ctx->ad_ctx->ad_options); + + assert_int_equal(test_ctx->ad_ctx->ad_options->id->schema_type, + SDAP_SCHEMA_AD); + + s = dp_opt_get_string(test_ctx->ad_ctx->ad_options->basic, + AD_KRB5_REALM); + assert_non_null(s); + assert_string_equal(s, ONEWAY_DOMNAME); + + s = dp_opt_get_string(test_ctx->ad_ctx->ad_options->basic, + AD_DOMAIN); + assert_non_null(s); + assert_string_equal(s, ONEWAY_DOMNAME); + + s = dp_opt_get_string(test_ctx->ad_ctx->ad_options->basic, + AD_HOSTNAME); + assert_non_null(s); + assert_string_equal(s, ONEWAY_HOST_NAME); + + s = dp_opt_get_string(test_ctx->ad_ctx->ad_options->basic, + AD_KEYTAB); + assert_non_null(s); + assert_string_equal(s, ONEWAY_KEYTAB_PATH); + + s = dp_opt_get_string(test_ctx->ad_ctx->ad_options->id->basic, + SDAP_KRB5_KEYTAB); + assert_non_null(s); + + s = dp_opt_get_string(test_ctx->ad_ctx->ad_options->id->basic, + SDAP_SASL_REALM); + assert_non_null(s); + assert_string_equal(s, ONEWAY_DOMNAME); + + s = dp_opt_get_string(test_ctx->ad_ctx->ad_options->id->basic, + SDAP_KRB5_REALM); + assert_non_null(s); + assert_string_equal(s, ONEWAY_DOMNAME); + + s = dp_opt_get_string(test_ctx->ad_ctx->ad_options->id->basic, + SDAP_SASL_AUTHID); + assert_non_null(s); + assert_string_equal(s, ONEWAY_AUTHID); + + talloc_free(test_ctx->ad_ctx->ad_options); + + unlink(ONEWAY_KEYTAB_PATH); +} static void test_ad_create_2way_trust_options(void **state) { struct ad_common_test_ctx *test_ctx = talloc_get_type(*state, @@ -342,6 +413,9 @@ int main(int argc, const char *argv[]) const struct CMUnitTest tests[] = { cmocka_unit_test(test_ad_create_default_options), + cmocka_unit_test_setup_teardown(test_ad_create_1way_trust_options, + test_ad_common_setup, + test_ad_common_teardown), cmocka_unit_test_setup_teardown(test_ad_create_2way_trust_options, test_ad_common_setup, test_ad_common_teardown), |