diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 8 | ||||
-rw-r--r-- | src/tests/cmocka/test_nss_srv.c | 92 | ||||
-rw-r--r-- | src/util/usertools.c | 3 |
3 files changed, 62 insertions, 41 deletions
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 012946730..b3998015f 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -1255,6 +1255,14 @@ static int nss_check_name_of_well_known_sid(struct nss_cmd_ctx *cmdctx, return ret; } + if (wk_dom_name == NULL || wk_name == NULL) { + DEBUG(SSSDBG_OP_FAILURE, + "Unable to split [%s] in name and domain part. " \ + "Skipping check for well-known name.\n", full_name); + + return ENOENT; + } + ret = name_to_well_known_sid(wk_dom_name, wk_name, &wk_sid); talloc_free(wk_dom_name); talloc_free(wk_name); diff --git a/src/tests/cmocka/test_nss_srv.c b/src/tests/cmocka/test_nss_srv.c index 3ab8d39c4..84d3413be 100644 --- a/src/tests/cmocka/test_nss_srv.c +++ b/src/tests/cmocka/test_nss_srv.c @@ -1734,63 +1734,77 @@ void test_nss_well_known_getidbysid_failure(void **state) void test_nss_well_known_getsidbyname(void **state) { errno_t ret; + const char *names[] = { "Cryptographic Operators@BUILTIN", + "BUILTIN\\Cryptographic Operators", NULL}; + size_t c; + + for (c = 0; names[c] != NULL; c++) { + will_return(__wrap_sss_packet_get_body, WRAP_CALL_WRAPPER); + will_return(__wrap_sss_packet_get_body, names[c]); + will_return(__wrap_sss_packet_get_body, 0); + will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME); + will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL); + will_return(test_nss_well_known_sid_check, "S-1-5-32-569"); - will_return(__wrap_sss_packet_get_body, WRAP_CALL_WRAPPER); - will_return(__wrap_sss_packet_get_body, "Cryptographic Operators@BUILTIN"); - will_return(__wrap_sss_packet_get_body, 0); - will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME); - will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL); - will_return(test_nss_well_known_sid_check, "S-1-5-32-569"); + set_cmd_cb(test_nss_well_known_sid_check); + ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME, + nss_test_ctx->nss_cmds); + assert_int_equal(ret, EOK); - set_cmd_cb(test_nss_well_known_sid_check); - ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME, - nss_test_ctx->nss_cmds); - assert_int_equal(ret, EOK); - - /* Wait until the test finishes with EOK */ - ret = test_ev_loop(nss_test_ctx->tctx); - assert_int_equal(ret, EOK); + /* Wait until the test finishes with EOK */ + ret = test_ev_loop(nss_test_ctx->tctx); + assert_int_equal(ret, EOK); + } } void test_nss_well_known_getsidbyname_nonexisting(void **state) { errno_t ret; + const char *names[] = { "Abc@BUILTIN", "BUILTIN\\Abc", NULL }; + size_t c; - will_return(__wrap_sss_packet_get_body, WRAP_CALL_WRAPPER); - will_return(__wrap_sss_packet_get_body, "Abc@BUILTIN"); - will_return(__wrap_sss_packet_get_body, 0); - will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME); - will_return(test_nss_well_known_sid_check, NULL); + for (c = 0; names[c] != NULL; c++) { + will_return(__wrap_sss_packet_get_body, WRAP_CALL_WRAPPER); + will_return(__wrap_sss_packet_get_body, names[c]); + will_return(__wrap_sss_packet_get_body, 0); + will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME); + will_return(test_nss_well_known_sid_check, NULL); - set_cmd_cb(test_nss_well_known_sid_check); - ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME, - nss_test_ctx->nss_cmds); - assert_int_equal(ret, EOK); + set_cmd_cb(test_nss_well_known_sid_check); + ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME, + nss_test_ctx->nss_cmds); + assert_int_equal(ret, EOK); - /* Wait until the test finishes with EOK */ - ret = test_ev_loop(nss_test_ctx->tctx); - assert_int_equal(ret, EOK); + /* Wait until the test finishes with EOK */ + ret = test_ev_loop(nss_test_ctx->tctx); + assert_int_equal(ret, EOK); + } } void test_nss_well_known_getsidbyname_special(void **state) { errno_t ret; + const char *names[] = { "CREATOR OWNER@CREATOR AUTHORITY", + "CREATOR AUTHORITY\\CREATOR OWNER", NULL }; + size_t c; - will_return(__wrap_sss_packet_get_body, WRAP_CALL_WRAPPER); - will_return(__wrap_sss_packet_get_body, "CREATOR OWNER@CREATOR AUTHORITY"); - will_return(__wrap_sss_packet_get_body, 0); - will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME); - will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL); - will_return(test_nss_well_known_sid_check, "S-1-3-0"); + for (c = 0; names[c] != NULL; c++) { + will_return(__wrap_sss_packet_get_body, WRAP_CALL_WRAPPER); + will_return(__wrap_sss_packet_get_body, names[c]); + will_return(__wrap_sss_packet_get_body, 0); + will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME); + will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL); + will_return(test_nss_well_known_sid_check, "S-1-3-0"); - set_cmd_cb(test_nss_well_known_sid_check); - ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME, - nss_test_ctx->nss_cmds); - assert_int_equal(ret, EOK); + set_cmd_cb(test_nss_well_known_sid_check); + ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME, + nss_test_ctx->nss_cmds); + assert_int_equal(ret, EOK); - /* Wait until the test finishes with EOK */ - ret = test_ev_loop(nss_test_ctx->tctx); - assert_int_equal(ret, EOK); + /* Wait until the test finishes with EOK */ + ret = test_ev_loop(nss_test_ctx->tctx); + assert_int_equal(ret, EOK); + } } static int test_nss_getorigbyname_check(uint32_t status, uint8_t *body, diff --git a/src/util/usertools.c b/src/util/usertools.c index c43d420e3..87a8d7411 100644 --- a/src/util/usertools.c +++ b/src/util/usertools.c @@ -249,8 +249,7 @@ int sss_names_init(TALLOC_CTX *mem_ctx, struct confdb_ctx *cdb, } if (!re_pattern) { - re_pattern = talloc_strdup(tmpctx, - "(?P<name>[^@]+)@?(?P<domain>[^@]*$)"); + re_pattern = talloc_strdup(tmpctx, IPA_AD_DEFAULT_RE); if (!re_pattern) { ret = ENOMEM; goto done; |