diff options
Diffstat (limited to 'server/tests')
| -rw-r--r-- | server/tests/auth-tests.c | 51 | ||||
| -rw-r--r-- | server/tests/sysdb-tests.c | 12 |
2 files changed, 41 insertions, 22 deletions
diff --git a/server/tests/auth-tests.c b/server/tests/auth-tests.c index 0cb64533c..71215bcd2 100644 --- a/server/tests/auth-tests.c +++ b/server/tests/auth-tests.c @@ -157,7 +157,8 @@ static void do_failed_login_test(uint32_t failed_login_attempts, int offline_failed_login_attempts, int offline_failed_login_delay, int expected_result, - int expected_counter) + int expected_counter, + time_t expected_delay) { struct sysdb_test_ctx *test_ctx; int ret; @@ -165,6 +166,7 @@ static void do_failed_login_test(uint32_t failed_login_attempts, val[1] = NULL; struct ldb_message *ldb_msg; uint32_t returned_failed_login_attempts; + time_t delayed_until; /* Setup */ ret = setup_sysdb_tests(&test_ctx); @@ -193,48 +195,57 @@ static void do_failed_login_test(uint32_t failed_login_attempts, fail_unless(ret == EOK, "ldb_msg_add_string failed"); ret = check_failed_login_attempts(test_ctx, test_ctx->confdb, ldb_msg, - &returned_failed_login_attempts); + &returned_failed_login_attempts, + &delayed_until); fail_unless(ret == expected_result, "check_failed_login_attempts returned wrong error code, " - "excected [%d], got [%d]", expected_result, ret); + "expected [%d], got [%d]", expected_result, ret); + fail_unless(returned_failed_login_attempts == expected_counter, "check_failed_login_attempts returned wrong number of failed " - "login attempts, excected [%d], got [%d]", + "login attempts, expected [%d], got [%d]", expected_counter, failed_login_attempts); + fail_unless(delayed_until == expected_delay, + "check_failed_login_attempts wrong delay, " + "expected [%d], got [%d]", + expected_delay, delayed_until); + talloc_free(test_ctx); } START_TEST(test_failed_login_attempts) { + time_t now; /* if offline_failed_login_attempts == 0 a login is never denied */ - do_failed_login_test(0, 0, 0, 5, EOK, 0); - do_failed_login_test(0, time(NULL), 0, 5, EOK, 0); - do_failed_login_test(2, 0, 0, 5, EOK, 2); - do_failed_login_test(2, time(NULL), 0, 5, EOK, 2); + do_failed_login_test(0, 0, 0, 5, EOK, 0, -1); + do_failed_login_test(0, time(NULL), 0, 5, EOK, 0, -1); + do_failed_login_test(2, 0, 0, 5, EOK, 2, -1); + do_failed_login_test(2, time(NULL), 0, 5, EOK, 2, -1); - do_failed_login_test(0, 0, 0, 0, EOK, 0); - do_failed_login_test(0, time(NULL), 0, 0, EOK, 0); - do_failed_login_test(2, 0, 0, 0, EOK, 2); - do_failed_login_test(2, time(NULL), 0, 0, EOK, 2); + do_failed_login_test(0, 0, 0, 0, EOK, 0, -1); + do_failed_login_test(0, time(NULL), 0, 0, EOK, 0, -1); + do_failed_login_test(2, 0, 0, 0, EOK, 2, -1); + do_failed_login_test(2, time(NULL), 0, 0, EOK, 2, -1); /* if offline_failed_login_attempts != 0 and * offline_failed_login_delay == 0 a login is denied if the number of * failed attempts >= offline_failed_login_attempts */ - do_failed_login_test(0, 0, 2, 0, EOK, 0); - do_failed_login_test(0, time(NULL), 2, 0, EOK, 0); - do_failed_login_test(2, 0, 2, 0, EACCES, 2); - do_failed_login_test(2, time(NULL), 2, 0, EACCES, 2); + do_failed_login_test(0, 0, 2, 0, EOK, 0, -1); + do_failed_login_test(0, time(NULL), 2, 0, EOK, 0, -1); + do_failed_login_test(2, 0, 2, 0, EACCES, 2, -1); + do_failed_login_test(2, time(NULL), 2, 0, EACCES, 2, -1); /* if offline_failed_login_attempts != 0 and * offline_failed_login_delay != 0 a login is denied only if the number of * failed attempts >= offline_failed_login_attempts AND the last failed * login attempt is not longer than offline_failed_login_delay ago */ - do_failed_login_test(0, 0, 2, 5, EOK, 0); - do_failed_login_test(0, time(NULL), 2, 5, EOK, 0); - do_failed_login_test(2, 0, 2, 5, EOK, 0); - do_failed_login_test(2, time(NULL), 2, 5, EACCES, 2); + do_failed_login_test(0, 0, 2, 5, EOK, 0, -1); + do_failed_login_test(0, time(NULL), 2, 5, EOK, 0, -1); + do_failed_login_test(2, 0, 2, 5, EOK, 0, -1); + now = time(NULL); + do_failed_login_test(2, now, 2, 5, EACCES, 2, (now + 5 * 60)); } END_TEST diff --git a/server/tests/sysdb-tests.c b/server/tests/sysdb-tests.c index 978764480..8b486b691 100644 --- a/server/tests/sysdb-tests.c +++ b/server/tests/sysdb-tests.c @@ -2287,6 +2287,7 @@ static void cached_authentication_without_expiration(const char *username, struct tevent_req *req; int ret; time_t expire_date; + time_t delayed_until; const char *val[2]; val[1] = NULL; @@ -2319,7 +2320,7 @@ static void cached_authentication_without_expiration(const char *username, ret = test_loop(data); fail_unless(ret == EOK, "test_loop failed."); - ret = sysdb_cache_auth_recv(req, &expire_date); + ret = sysdb_cache_auth_recv(req, &expire_date, &delayed_until); fail_unless(ret == expected_result, "sysdb_cache_auth request does not " "return expected result [%d].", expected_result); @@ -2327,6 +2328,9 @@ static void cached_authentication_without_expiration(const char *username, fail_unless(expire_date == 0, "Wrong expire date, expected [%d], got [%d]", 0, expire_date); + fail_unless(delayed_until == -1, "Wrong delay, expected [%d], got [%d]", + -1, delayed_until); + talloc_free(test_ctx); } @@ -2343,6 +2347,7 @@ static void cached_authentication_with_expiration(const char *username, val[1] = NULL; time_t now; time_t expected_expire_date; + time_t delayed_until; /* Setup */ ret = setup_sysdb_tests(&test_ctx); @@ -2390,7 +2395,7 @@ static void cached_authentication_with_expiration(const char *username, ret = test_loop(data); fail_unless(ret == EOK, "test_loop failed."); - ret = sysdb_cache_auth_recv(req, &expire_date); + ret = sysdb_cache_auth_recv(req, &expire_date, &delayed_until); fail_unless(ret == expected_result, "sysdb_cache_auth request does not " "return expected result [%d], got [%d].", expected_result, ret); @@ -2399,6 +2404,9 @@ static void cached_authentication_with_expiration(const char *username, "Wrong expire date, expected [%d], got [%d]", expected_expire_date, expire_date); + fail_unless(delayed_until == -1, "Wrong delay, expected [%d], got [%d]", + -1, delayed_until); + talloc_free(test_ctx); } |