summaryrefslogtreecommitdiffstats
path: root/src/tests
Commit message (Collapse)AuthorAgeFilesLines
* SYSDB: prepare for LOCAL viewPavel Březina2015-07-271-0/+66
| | | | | | | | | | Objects doesn't have to have overrideDN specified when using LOCAL view. Since the view is not stored on the server we do not want to contact LDAP therefore we special case LOCAL view saying that it is OK that this attribute is missing. Preparation for: https://fedorahosted.org/sssd/ticket/2584
* VIEWS TEST: add null-checkPavel Březina2015-07-271-0/+6
|
* intg: Invalidate memory cache before removing filesLukas Slebodnik2015-07-271-0/+1
| | | | | | | Workaround for: https://fedorahosted.org/sssd/ticket/2726 Reviewed-by: Michal Židek <mzidek@redhat.com>
* DYNDNS: support for dualstackPavel Reichl2015-07-271-0/+178
| | | | | | | | | | | | When dyndns_iface option was not used, address of connection to LDAP was used. This patch proposes following change: * Interface containing address of connection is found. * All A and AAAA addresses of this interface are collected. * Collected addresses are sent during DDNS update. * Function sss_iface_addr_add() is removed. Resolves: https://fedorahosted.org/sssd/ticket/2558
* TESTS: dyndns tests support AAAA addressesPavel Reichl2015-07-271-13/+38
| | | | | Resolves: https://fedorahosted.org/sssd/ticket/2558
* DYNDNS: sss_iface_addr_list_get return ENOENTPavel Reichl2015-07-271-0/+20
| | | | | | | If none of eligible interfaces matches ifname then ENOENT is returned. Resolves: https://fedorahosted.org/sssd/ticket/2549
* Fix minor typosYuri Chornoivan2015-07-271-3/+3
| | | | Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* nss_check_name_of_well_known_sid() improve name splittingSumit Bose2015-07-161-39/+53
| | | | | | | | | | | | | | | Currently in the default configuration nss_check_name_of_well_known_sid() can only split fully-qualified names in the user@domain.name style. DOM\user style names will cause an error and terminate the whole request. With this patch both styles can be handled by default, additionally if the name could not be split nss_check_name_of_well_known_sid() returns ENOENT which can be handled more gracefully by the caller. Resolves https://fedorahosted.org/sssd/ticket/2717 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* UTIL: Add sss_filter_sanitize_exJakub Hrozek2015-07-151-0/+9
| | | | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2553 In order to support wildcard request, we need to introduce an optionally relaxed version of sss_filter_sanitize that allows to select which characters are exempt from sanitizing. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* cache_req: Extend cache_req with wildcard lookupsJakub Hrozek2015-07-151-1/+413
| | | | | | | | | | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2553 Adds two new functions to the cache_req API: - cache_req_user_by_filter_send - cache_req_group_by_filter_send These functions can be used to retrieve users or groups that match a specified filter. Also renames a variable to avoid constant confusion -- the variable is only used for debug output. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* SYSDB: Add functions to look up multiple entries including name and custom ↵Jakub Hrozek2015-07-151-0/+494
| | | | | | | | | | | | | | | | | | | filter Related: https://fedorahosted.org/sssd/ticket/2553 Adds new sysdb function: - sysdb_enumpwent_filter - sysdb_enumpwent_filter_with_views - sysdb_enumgrent_filter - sysdb_enumgrent_filter_with_views These are similar to enumeration functions, but optionally allow to specify a filter to be applied on user/group names. Also an additional custom filter can be applied. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* tests: Move N_ELEMENTS definition to tests/common.hJakub Hrozek2015-07-154-9/+2
| | | | | | Avoids code duplication Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* test common: sss_dp_get_account_recv() fix assignmentSumit Bose2015-07-141-1/+1
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* Minor code improvementsPavel Reichl2015-07-061-1/+0
| | | | | | | | pam_helpers.h had to be included after util.h. Removed exara empty line. Fixed code alignment Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* KRB5: Add and use krb5_auth_queue_send to queue requests by defaultJakub Hrozek2015-07-061-0/+365
| | | | | | | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/2701 Previously, only the krb5 provides used to queue requests, which resulted in concurrent authentication requests stepping on one another. This patch queues requests by default. Reviewed-by: Sumit Bose <sbose@redhat.com>
* tests: Reduce duplication with new function test_ev_doneJakub Hrozek2015-07-065-15/+16
| | | | Reviewed-by: Sumit Bose <sbose@redhat.com>
* test_ipa_subdomains_server: Fix build with --coverageLukas Slebodnik2015-07-021-0/+6
| | | | | | | | | | | It seems that gcc did some optimization and used execve instead of execle when the code was instrumented for coverage analysis. So the exec* function was not wrapped and it tried to call real binary ipa-getkeytab Reviewed-by: Michal Židek <mzidek@redhat.com>
* test_ipa_subdom_server: Add missing assertLukas Slebodnik2015-06-221-0/+1
| | | | Reviewed-by: Michal Židek <mzidek@redhat.com>
* utils: add get_last_x_chars()Sumit Bose2015-06-193-0/+30
| | | | Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* ncache: add calls for certificate based searchesSumit Bose2015-06-191-0/+42
| | | | | | Related to https://fedorahosted.org/sssd/ticket/2596 Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* sysdb: add sysdb_search_user_by_cert() and sysdb_search_object_by_cert()Sumit Bose2015-06-192-0/+56
| | | | | | Related to https://fedorahosted.org/sssd/ticket/2596 Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* certs: add PEM/DER conversion utilitiesSumit Bose2015-06-191-0/+361
| | | | | | Related to https://fedorahosted.org/sssd/ticket/2596 Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* SBUS: Add support for <node /> in introspectionPavel Březina2015-06-181-1/+1
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* test_ipa_subdomains_server: Run clean-up after successLukas Slebodnik2015-06-161-0/+7
| | | | Reviewed-by: Michal Židek <mzidek@redhat.com>
* CONFIG: Add SSS_STATEDIR as VARDIR/lib/sssJakub Hrozek2015-06-161-0/+1
| | | | Reviewed-by: Michal Židek <mzidek@redhat.com>
* IPA: Utility function for setting up one-way trust contextJakub Hrozek2015-06-141-5/+24
| | | | | | | Related: https://fedorahosted.org/sssd/ticket/2638 Reviewed-by: Sumit Bose <sbose@redhat.com>
* AD: Add ad_create_1way_trust_optionsJakub Hrozek2015-06-141-0/+74
| | | | | | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2638 For one-way trusts we can assume that AD domain is the same as the Kerberis realm. On the other hand, SASL realm and keytab path are specified, unlike two-way trusts that use the system keytab. Includes a unit test. Reviewed-by: Sumit Bose <sbose@redhat.com>
* IPA/AD: Set up AD domain in ad_create_2way_trust_optionsJakub Hrozek2015-06-141-0/+7
| | | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2638 Removed code duplication. Amends unit test to make sure we don't regress. Reviewed-by: Sumit Bose <sbose@redhat.com>
* AD: Split off ad_create_default_optionsJakub Hrozek2015-06-141-0/+17
| | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2638 Make the function reusable and add a simple unit test. Reviewed-by: Sumit Bose <sbose@redhat.com>
* AD: Rename ad_create_default_options to ad_create_2way_trust_optionsJakub Hrozek2015-06-141-22/+129
| | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2638 Better reflects what's going on in the function. Also adds a unit test. Reviewed-by: Sumit Bose <sbose@redhat.com>
* IPA: Fetch keytab for 1way trustsJakub Hrozek2015-06-141-5/+167
| | | | | | | | | Uses the ipa-getkeytab call to retrieve keytabs for one-way trust relationships. https://fedorahosted.org/sssd/ticket/2636 Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Add unit test for the subdomain_server.c moduleJakub Hrozek2015-06-141-0/+621
| | | | Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Move krb5_try_kdcip to nested group testJakub Hrozek2015-06-143-15/+8
| | | | | | Avoids duplicate errors during linking. Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Add a common function to set up sdap_id_ctxJakub Hrozek2015-06-143-7/+26
| | | | | | Reduces code duplication between tests. Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Add a common mock_be_ctx functionJakub Hrozek2015-06-145-9/+79
| | | | | | Reduces code duplication between tests. Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Split off keytab creation into a common moduleJakub Hrozek2015-06-143-36/+159
| | | | | | This change will make the keytab creating reusable by other tests. Reviewed-by: Sumit Bose <sbose@redhat.com>
* IPA: Split two functions to new module ipa_subdomains_utils.cJakub Hrozek2015-06-141-0/+227
| | | | | | | | | These functions will be later reused by the subdomains_server.c module. Splitting them into a separate subdomains_utils.c module will make sure there are no cyclic dependencies and the functions are testable in isolation. Reviewed-by: Sumit Bose <sbose@redhat.com>
* SYSDB: Add a forest root attribute to sss_domain_infoJakub Hrozek2015-06-141-7/+357
| | | | | | | | Instead of complex forest root search methods, establish forest root during subdomain list update. The subdomain code can then just use the forest_root pointer. Reviewed-by: Sumit Bose <sbose@redhat.com>
* SYSDB: Add realm to sysdb_master_domain_add_infoJakub Hrozek2015-06-141-0/+35
| | | | | | | | | | Adding realm to both master domain and subdomain will make it easier to set and select forest roots. Even master domains can be forest members, it's preferable to avoid special-casing as much as possible. Includes a unit test. Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Add a test for sysdb_subdomains.cJakub Hrozek2015-06-142-73/+184
| | | | | | | The sysdb_subdomains.c module should have its own sysdb test, not share the generic sysdb one. Reviewed-by: Sumit Bose <sbose@redhat.com>
* UTIL/SYSDB: Move new_subdomain() to sysdb_subdomains.c and make it privateJakub Hrozek2015-06-141-0/+1
| | | | | | | | | | | In order to make updating the subdomain list a two-step process. Therefore we need to make sure that update_subdomains() is the only interface towards the SSSD that changes the subdomain list. Move the new_subdomain() function to sysdb_subdomains.c and only make it available through a private header so it's usable by unit tests. Reviewed-by: Sumit Bose <sbose@redhat.com>
* SYSDB: Store trust direction for subdomainsJakub Hrozek2015-06-143-13/+33
| | | | | | | | | | | | We need to store the subdomain trust direction in order to recover the structure after SSSD restart. The trust direction is a plain uint32_t to avoid leaking the knowledge about AD trust directions to sysdb while at the same time making it easy to compare values between sysdb and LDAP and avoid translating the values. Reviewed-by: Sumit Bose <sbose@redhat.com>
* subdomains: Inherit cleanup period and tokengroup settings from parent domainJakub Hrozek2015-06-051-0/+160
| | | | | | | | | | | Allows the administrator to extend the functionality of ldap_purge_cache_timeout, ldap_user_principal and ldap_use_tokengroups to the subdomains. This is a less intrusive way of achieving: https://fedorahosted.org/sssd/ticket/2627 Reviewed-by: Pavel Reichl <preichl@redhat.com>
* SDAP: Add sdap_copy_map_entryJakub Hrozek2015-06-051-0/+83
| | | | Reviewed-by: Pavel Reichl <preichl@redhat.com>
* DP: Add a function to inherit DP options, if setJakub Hrozek2015-06-051-8/+119
| | | | | | | | | | | Related to: https://fedorahosted.org/sssd/ticket/2644 Adds a utility function that checks if a DP option is present in the subdomain_inherit list. If it is, then the option is set from source to destination dp_option array. Reviewed-by: Pavel Reichl <preichl@redhat.com>
* LDAP: Do not print verbose DEBUG messages from providers that don't set UUIDJakub Hrozek2015-06-041-1/+9
| | | | | | https://fedorahosted.org/sssd/ticket/2666 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* TESTS: Add test for get_next_domainJakub Hrozek2015-06-021-0/+138
| | | | Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* TESTS: Use the right testcaseJakub Hrozek2015-06-021-8/+8
| | | | | | tc_autofs, not tc_subdomains.. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* util-tests: Add validation of internal error messagesLukas Slebodnik2015-06-011-0/+24
| | | | | | | The function sss_strerror() should not return a sentence. It shoudl return string; the same as strerror() Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* Add integration testsNikolai Kondrashov2015-05-289-0/+1719
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add "intgcheck" make target. Update CI to use it. The "intgcheck" target configures and builds sssd in a sub-directory, installs it into a prefix in another sub-directory, and then makes the "intgcheck-installed" target from within src/tests/intg in that separate build. The "intgcheck-installed" target in src/tests/intg runs py.test for all tests it can find in that directory, under fakeroot and nss_wrapper/uid_wrapper environments emulating running under root. It also adds the value of INTGCHECK_PYTEST_ARGS environment/make variable to the py.test command line. You can use it to pass additional py.test options, such as specifying a subset of tests to run. See "py.test --help" output. There are only two test suites in src/tests/intg at the moment: ent_test.py and ldap_test.py. The ent_test.py runs tests on ent.py - a module of assertion functions for checking entries in NSS database (passwd and group), for use in actual tests. The ent_test.py suite can be used as ent.py usage reference. The ldap_test.py suite sets up and starts a slapd instance, adds a few user and group entries, configures and starts sssd and verifies that those users and groups are retrieved correctly using various NSS functions. The tests are very basic at the moment. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Michal Židek <mzidek@redhat.com>
generated by cgit (git 2.34.1) at 2024-05-27 13:32:18 +0000