summaryrefslogtreecommitdiffstats
path: root/src/tests
Commit message (Collapse)AuthorAgeFilesLines
* subdomains: Inherit cleanup period and tokengroup settings from parent domainJakub Hrozek2015-06-081-0/+160
| | | | | | | | | | | | | Allows the administrator to extend the functionality of ldap_purge_cache_timeout, ldap_user_principal and ldap_use_tokengroups to the subdomains. This is a less intrusive way of achieving: https://fedorahosted.org/sssd/ticket/2627 Reviewed-by: Pavel Reichl <preichl@redhat.com> (cherry picked from commit 9b162bf39ef75629f54ffa1d0bd5f9c13119b650) (cherry picked from commit 602eb710c62c192060debad3062f13677ec3b105)
* SDAP: Add sdap_copy_map_entryJakub Hrozek2015-06-081-0/+83
| | | | | | Reviewed-by: Pavel Reichl <preichl@redhat.com> (cherry picked from commit 12089241f6a6eabf4f0c95669e5fc2bb3b503c06) (cherry picked from commit 155e6c7223b732bfcb2984aa79462f60c092bba8)
* DP: Add a function to inherit DP options, if setJakub Hrozek2015-06-081-8/+119
| | | | | | | | | | | | | Related to: https://fedorahosted.org/sssd/ticket/2644 Adds a utility function that checks if a DP option is present in the subdomain_inherit list. If it is, then the option is set from source to destination dp_option array. Reviewed-by: Pavel Reichl <preichl@redhat.com> (cherry picked from commit b3d110fbc424a03674a6e50e489a7cbab9702f0b) (cherry picked from commit 37a84884634e6e969c3617dac7fa1e463f42177b)
* nss: Do not ignore default vaue of SYSDB_INITGR_EXPIRELukas Slebodnik2015-05-251-0/+100
| | | | | | | | | | When SYSDB_INITGR_EXPIRE had default value (0) then value of SYSDB_CACHE_EXPIRE was used as initgroups expire attribute. The right apoach is already used in responder_cache_req.c Reviewed-by: Pavel Březina <pbrezina@redhat.com> (cherry picked from commit fd60528321fd52720222ec35b895ade54cccb48d) (cherry picked from commit 521eb7ca65040c009bc4885ba8d6c8ad257bc0f1)
* test_nss_srv: Use right function for storing time_tLukas Slebodnik2015-05-251-4/+4
| | | | | | | | | The size of time_t can be 8 bytes on some platforms. It is because of year 2038 problem. Reviewed-by: Pavel Březina <pbrezina@redhat.com> (cherry picked from commit 390de028b3130ae564059101c662fe74e0e85a45) (cherry picked from commit 21431d90b19068e86b2b8550667cb80c6475e27b)
* Add unit tests for initgroupsJakub Hrozek2015-05-251-0/+346
| | | | | | Reviewed-by: Pavel Reichl <preichl@redhat.com> (cherry picked from commit aa648535f445e7a95bf6dedc7c43bb5f94ab7354) (cherry picked from commit c3d7e06590b0755902c544897fab0951aba923e5)
* tests: Add a getpwnam-by-UPN testJakub Hrozek2015-05-251-0/+97
| | | | | | Reviewed-by: Pavel Reichl <preichl@redhat.com> (cherry picked from commit 84a4c4fcc93b3dcc70604817a05f7943606ff596) (cherry picked from commit 17f2f1caa26b1bdb213e166bcd77d2f237965d56)
* tests: ncache_hit must be an int to test UPNsJakub Hrozek2015-05-251-9/+9
| | | | | | | | | | In order to detect faulty cases where negcache would be checked twice, we need to convert the ncache_hit to integer and check exact amounts of hits. Reviewed-by: Pavel Reichl <preichl@redhat.com> (cherry picked from commit 9cc2223e0bc0478c1b47a47fd71bba7e7129492d) (cherry picked from commit eb6be4e9c1bafcf86822f9300d4c79f9299e015a)
* IPA: allow initgroups by UUID for FreeIPA usersSumit Bose2015-05-061-0/+9
| | | | | | | | | | | | | If a FreeIPA user is searched with the help of an override name the UUID from the override anchor is used to search the user. Currently the initgroups request only allows searches by SID or name. With this patch a UUID can be used as well. Related to https://fedorahosted.org/sssd/ticket/2642 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> (cherry picked from commit 0f9c28eb52d2b45c8a97f709308dc11377831b8c) (cherry picked from commit 3b00bcd8b6d53d33207005c4e7a631b6a241d300)
* IPA: do not add domain name unconditionallySumit Bose2015-05-061-0/+1
| | | | | | | | | | | | | Depending on the server-side configuration the extdom plugin can return short or fully qualified names for IPA objects. The client must handle the names according to its own configuration and not add the domain part of the fully-qualified name unconditionally. Resolves https://fedorahosted.org/sssd/ticket/2647 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> (cherry picked from commit 3fe2e555edd3963d72483600e5d9616873afd00a) (cherry picked from commit 226224c91971247f60a86d9c46dd1402f5c29e8a)
* IPA: allow initgroups by SID for AD usersSumit Bose2015-04-291-1/+11
| | | | | | | | | | | | If a user from a trusted AD domain is search with the help of an override name the SID from the override anchor is used to search the user in AD. Currently the initgroups request only allows searches by name. With this patch a SID can be used as well. Resolves https://fedorahosted.org/sssd/ticket/2632 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> (cherry picked from commit f70a1adbfc30b9acc302027439fb8157e0c6ea2a)
* AD: Always get domain-specific ID connectionStephen Gallagher2015-04-151-0/+1
| | | | | | | | | | | | | | | | | | ad_get_dom_ldap_conn() assumed that ad_ctx->ldap_ctx always points at the LDAP connection for the primary domain, however it turns out that this is not always the case. It's currently unclear why, but this connection can sometimes be pointing at a subdomain. Since the value of subdom_id_ctx->ldap_ctx always points to the correct domain (including the primary domain case), there's no benefit to trying to shortcut to the ad_ctx->ldap_ctx when performing this lookup. This patch also makes a minor tweak to the tests so that the primary domain passes the sdap_domain_get() check for validity (since it needs to have a private member assigned). Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> (cherry picked from commit e2bd4f8a41b72aea0712ad21ad02ccebb707f536) (cherry picked from commit 89a706acf3131bbe8c0aefa9c740dd44e892754f)
* sdap: properly handle binary objectGuid attributeSumit Bose2015-03-275-0/+197
| | | | | | | | | | | | | | | Although in the initial processing SSSD treats the binary value right at some point it mainly assumes that it is a string. Depending on the value this might end up with the correct binary value stored in the cache but in most cases there will be only a broken entry in the cache. This patch converts the binary value into a string representation which is described in [MS-DTYP] and stores the result in the cache. Resolves https://fedorahosted.org/sssd/ticket/2588 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> (cherry picked from commit 4619742836ec22edf8f9d274d928bc896c5b0883)
* Resolv: re-read SRV query every time if its TTL is 0Jakub Hrozek2015-03-261-5/+26
| | | | | | | | We should make sure the client re-checks the SRV query each request if the SRV query is 0. Reviewed-by: Pavel Březina <pbrezina@redhat.com> (cherry picked from commit 9797aa5907191cef5db8279e20ec75fd0abbe980)
* tests: convert all unit tests to cmocka 1.0 or laterJakub Hrozek2015-03-2633-638/+741
| | | | | | | All tests now use the cmocka-1.0-compatible API. Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* test: Check ERR_LASTMichal Zidek2015-03-131-0/+10
| | | | | | Check if number of error codes and messages is the same. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* UTIL: convert GeneralizedTime to unix timePavel Reichl2015-03-061-0/+57
| | | | | | | New utility function *sss_utc_to_time_t* to convert GeneralizedTime to unix time. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* FO: Use SRV TTL in fail over codeJakub Hrozek2015-03-031-0/+599
| | | | | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/1884 Removes the hardcoded SRV TTL timeout and uses TTL from the DNS instead. Reviewed-by: Pavel Březina <pbrezina@redhat.com> (cherry picked from commit 8df69bbc58c2f4d3f0b34be9756d9ddf24b1db6d)
* Add missing new lines to debug messagesLukas Slebodnik2015-02-181-1/+1
| | | | Reviewed-by: Pavel Reichl <preichl@redhat.com>
* Remove strict requirements of python2Lukas Slebodnik2015-02-133-3/+3
| | | | | | | | | | | * fix hashbangs * remove strict requirements of python2 in build system Resolves: https://fedorahosted.org/sssd/ticket/2017 Reviewed-by: Petr Viktorin <pviktori@redhat.com> (cherry picked from commit e8058322725ba050014777ee2484f7e833ab1e3a)
* Python3 support in SSSDBohuslav Kabrda2015-02-133-18/+31
| | | | | https://fedorahosted.org/sssd/ticket/2017 (cherry picked from commit 341a00311680a440d7f979f06c34c70d86c9367a)
* RESOLV: Add an internal function to read TTL from a DNS packetJakub Hrozek2015-02-112-1/+375
| | | | | | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/1884 Adds an internal resolver function that reads the TTL for SRV records as specified by RFC-2181. Several internal c-ares definitions are used until c-ares contains a function that exposes all this information via a parsing function. Reviewed-by: Pavel Březina <pbrezina@redhat.com> (cherry picked from commit bf54fbed126ec3d459af40ea370ffadacd31c76d)
* LDAP: Add UUID when saving incomplete groupsJakub Hrozek2015-01-301-8/+8
| | | | | | | | Related to: https://fedorahosted.org/sssd/ticket/2571 Reviewed-by: Sumit Bose <sbose@redhat.com> (cherry picked from commit 108db0e3b9e06e530364ef8228634f5e3f6bd3b5)
* IPA: properly handle mixed-case trusted domainsSumit Bose2015-01-231-0/+44
| | | | | | | | | | | | In the SSSD cache domain names are handled case-sensitive. As a result fully-qualified names in RDN contain the domain part in the original spelling. When IPA client lookup up group-memberships on the IPA server via the extdom plugin the names returned are all lower case. To make sure new DNs are generated correctly the domain part must adjusted. Related to https://fedorahosted.org/sssd/ticket/2159 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* nss: Add original DN and memberOf to origbyname requestSumit Bose2015-01-201-2/+1
| | | | | | | | | | IPA HBAC evaluation relies on the original values for DN and memberOf attributes. Resolves https://fedorahosted.org/sssd/ticket/2560 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> (cherry picked from commit 7543052f562f157f7b17fdc46a6777d80c0cb3bd)
* nss: make fill_orig() multi-value awareSumit Bose2015-01-201-1/+130
| | | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> (cherry picked from commit 5f4d896ec8e06476f4282b562b1044de14c48ecf)
* krb5: fix entry order in MEMORY keytabSumit Bose2015-01-191-0/+82
| | | | | | | | | | | | | | | Since krb5_kt_add_entry() adds new entries at the beginning of a MEMORY type keytab and not at the end a simple copy into a MEMORY type keytab will revert the order of the keytab entries. Since e.g. the sssd_krb5 man page give hints about where to add entries into keytab files to help SSSD to find a right entry we have to keep the order when coping a keytab into a MEMORY type keytab. This patch fixes this by doing a second copy to retain the original order. Resolves https://fedorahosted.org/sssd/ticket/2557 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* UTIL: Allow dup-ing child pipe to a different FDJakub Hrozek2015-01-131-5/+6
| | | | | | | | | | | Related to: https://fedorahosted.org/sssd/ticket/2544 Adds a new function exec_child_ex and moves setting the extra_argv[] to exec_child_ex() along with specifying the input and output fds. Reviewed-by: Sumit Bose <sbose@redhat.com> (cherry picked from commit 16cb0969f0a9ea71524d852077d6a480740d4f12)
* TESTS: Cover sysdb_gpo.c with unit testsJakub Hrozek2015-01-081-0/+78
| | | | | | | Untested code is risky to change. Reviewed-by: Pavel Reichl <preichl@redhat.com> (cherry picked from commit ee8dccf5f0a7de4aba16ab73a53872df9a65175c)
* TESTS: typo in 'assert message'Pavel Reichl2015-01-081-2/+2
| | | | Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* Add test for sysdb_store_overrideSumit Bose2015-01-071-0/+70
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* SYSDB: sysdb_search_object_by_sid returns ENOENTPavel Reichl2014-12-171-4/+1
| | | | | | | | | | | | sysdb_search_object_by_sid returns ENOENT if no results are found. Part od solution for: https://fedorahosted.org/sssd/ticket/1991 Fixes: https://fedorahosted.org/sssd/ticket/2520 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* TESTS: sysdb_delete_by_sid() test return valuePavel Reichl2014-12-171-0/+22
| | | | | | | | | | Check that return value of sysdb_delete_by_sid() is not changed as called SYSDB functions have changed the return value. Part of patches for: https://fedorahosted.org/sssd/ticket/1991 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* be_ptask: use gettimeofday() instead of time()Pavel Březina2014-12-111-33/+51
| | | | | | | | | | | Sometimes the timestamp from gettimeofday() slightly differs from the one obtained via time() which caused unit test to fail on occasionaly. Resolves: https://fedorahosted.org/sssd/ticket/2521 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* UTIL: Fix dependencies of internal sss librariesLukas Slebodnik2014-12-081-11/+3
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* be_ptask: let backoff affect only periodPavel Březina2014-12-081-2/+111
| | | | | | With this patch the first and enabled delay values are respected. Reviewed-by: Michal Židek <mzidek@redhat.com>
* krb5: add wrapper for krb5_kt_have_content()Sumit Bose2014-12-071-0/+33
| | | | | | | | | krb5_kt_have_content() was introduced in MIT Kerberos 1.11. For older platforms this patch adds sss_krb5_kt_have_content() as a wrapper. Resolves https://fedorahosted.org/sssd/ticket/2518 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* tests: Free popt_contextJakub Hrozek2014-12-071-0/+2
| | | | Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
* Rename test-child to dummy-childJakub Hrozek2014-12-042-1/+1
| | | | Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* Add extra_args to exec_child()Jakub Hrozek2014-12-032-15/+63
| | | | | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2503 Currently all child processes use the same arguments, the construction of argv[] is even hardcoded in exec_child(). Add an extra_args[] array that extends the common set of argvs so that we can have child-specific arguments. Also adds a unit test. Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Basic child testsJakub Hrozek2014-12-032-0/+233
| | | | | | The child_common.c module had no unit tests, yet we need to amend it. Reviewed-by: Sumit Bose <sbose@redhat.com>
* SYSDB: sysdb_get_bool() return ENOENT & unit testsPavel Reichl2014-12-021-4/+58
| | | | | | | | | | | | | sysdb_get_bool() return ENOENT if no result is found. Unit test for sysdb_get_bool() & sysdb_set_bool() was added. This patch also fixes ldap_setup_enumeration() to handle ENOENT returned by sysdb_has_enumerated(). Resolves: https://fedorahosted.org/sssd/ticket/1991 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* krb5: add copy_keytab_into_memory()Sumit Bose2014-12-021-0/+213
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* krb5: add copy_ccache_into_memory()Sumit Bose2014-12-021-0/+238
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* test: avoid leaks in leak testsSumit Bose2014-12-022-2/+9
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* tests: be_ptaskPavel Březina2014-11-281-0/+864
| | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/1939 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* sysdb: add sysdb_invalidate_overrides()Sumit Bose2014-11-251-0/+69
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sysdb: add sysdb_delete_view_tree()Sumit Bose2014-11-251-0/+74
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* util: Special-case PCRE_ERROR_NOMATCH in sss_parse_nameMichal Zidek2014-11-251-7/+7
| | | | | | | Add new SSSD specific error code for the case when pcre_exec returns PCRE_ERROR_NOMATCH. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* test: Wrong parameter type in sss_parse_name_checkMichal Zidek2014-11-251-1/+1
| | | | | | | This caused aritmetic overflow when SSSD specific error codes where used. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
generated by cgit (git 2.34.1) at 2024-06-04 11:10:28 +0000