summaryrefslogtreecommitdiffstats
path: root/src/tests
Commit message (Collapse)AuthorAgeFilesLines
* tests: Remove tests that check creating public directoriesJakub Hrozek2014-01-091-121/+0
| | | | | The functionality was removed, but we forgot to remove the corresponding tests, mostly because these tests were only ever ran as root.
* AD: Enable fallback to LDAP of trusted domainJakub Hrozek2013-12-191-3/+4
| | | | | Since we have the LDAP port of a trusted AD GC always available now, we can always perform a fallback.
* AD: Add a new option to turn off GC lookupsJakub Hrozek2013-12-191-0/+20
| | | | | | | | | | SSSD now defaults to using GC by default. For some environments, for instance those that don't or can't replicate the POSIX attributes to Global Catalog, this might not be desirable. This patch introduces a new option ad_enable_gc, that is enabled by default. Setting this option to false makes the SSSD contact only the LDAP port of AD DCs.
* AD: Add a utility function to create list of connectionsJakub Hrozek2013-12-191-0/+221
| | | | | | | | | | ad_id.c and ad_access.c used the same block of code. With the upcoming option to disable GC lookups, we should unify the code in a function to avoid breaking one of the code paths. The same applies for the LDAP connection to the trusted AD DC. Includes a unit test.
* Use lower-case name for case-insensitive searchesSumit Bose2013-12-191-0/+38
| | | | | | | | | | | | The patch makes sure that a completely lower-cased version of a fully qualified name is used for case insensitive searches. Currently there are code paths where the domain name was used as configured and was not lower-cased. To make sure this patch does not break with old entries in the cache or case sensitive domains a third template was added to the related filters templates which is either filled with a completely lower-cased version or with the old version. The other two template values are unchanged.
* Add sysdb_attrs_add_lc_name_aliasSumit Bose2013-12-191-0/+29
|
* SSSD: Unit test - sss_ldap_dn_in_search_basesPavel Reichl2013-11-291-0/+191
| | | | | | | Unit test testing detection of the right domain when processing group with members from several domains Resolves: https://fedorahosted.org/sssd/ticket/2132
* SYSDB: Sanitize filter before removing ghost attrsLukas Slebodnik2013-11-291-0/+19
| | | | | | | | | | | sysdb_add_user fails with EIO if enumeration is disabled and user contains backslashes. We try to remove ghost attributes from groups with disabled enumeration, but unsanitized filter is used to find ghost attributes "(|(ghost=usr\\\\002)" and ldb cannot parse this filter. Resolves: https://fedorahosted.org/sssd/ticket/2163
* SYSDB: Sanitize filter before sysdb_search_groupsLukas Slebodnik2013-11-291-0/+5
| | | | | | | | | | sysdb_delete_user fails with EIO if user does not exist and contains backslashes. ldb could not parse filter (&(objectclass=group)(ghost=usr\\\\001)), because ghost value was not sanitized Resolves: https://fedorahosted.org/sssd/ticket/2163
* free idmapped binary SIDs correctlyPavel Březina2013-11-071-5/+5
| | | | | Resolves: https://fedorahosted.org/sssd/ticket/2133
* free idmapped smb SIDs correctlyPavel Březina2013-11-071-3/+3
| | | | | Resolves: https://fedorahosted.org/sssd/ticket/2133
* free idmapped dom SIDs correctlyPavel Březina2013-11-071-6/+6
| | | | | Resolves: https://fedorahosted.org/sssd/ticket/2133
* free idmapped SIDs correctlyPavel Březina2013-11-072-7/+9
| | | | | Resolves: https://fedorahosted.org/sssd/ticket/2133
* AD: Fix ad_access_filter parsing with empty filterJakub Hrozek2013-10-301-0/+16
|
* NSS: Print FQDN for groups with mixed domain membershipJakub Hrozek2013-10-291-0/+175
| | | | | | | | | | | | | | | | | This patch is a workaround until https://fedorahosted.org/sssd/ticket/2129 is fixed properly. Consider a group entry such as: cn: subgroup@subdom ghost: someuser ghost: anotheruser@subdom Currently in order to print all group members as FQDN (which is the default for AD provider), the code needs to iterate over the ghost attributes and parse them into (name,domain) and optionally re-add the domain. The proper fix would be to store always just the FQDN in the hardcoded form of user@domain
* TEST: Test getgrnam with emphasis on membersJakub Hrozek2013-10-291-8/+386
|
* AD: Add extended access filterJakub Hrozek2013-10-251-0/+341
| | | | | | | https://fedorahosted.org/sssd/ticket/2082 Adds a new option that allows the admin to specify a LDAP access filter that can be applied globally, per-domain or per-forest.
* tests: Use right format string for type size_tLukas Slebodnik2013-10-251-3/+3
| | | | | | | | This patch fixes few format string warnings in the file test_utils.c src/tests/cmocka/test_utils.c:54:56: warning: format specifies type 'unsigned int' but the argument has type 'size_t' (aka 'unsigned long') [-Wformat]
* SYSDB: Add sysdb_delete_by_sidJakub Hrozek2013-10-251-0/+12
|
* idmap: add sss_idmap_domain_by_name_has_algorithmic_mapping()Sumit Bose2013-10-251-0/+41
|
* find_subdomain_by_sid: skip domains with missing domain_idSumit Bose2013-10-251-0/+221
|
* idmap: allow ranges with external mapping to overlapSumit Bose2013-10-171-0/+64
| | | | | | | | | | | If POSIX IDs are managed externally e.g. by AD it might be possible that the IDs are centrally manages for the whole forest. Hence there might not be a single ID range for each member domain in the forest but only a single ID range for the whole forest. This means that we have to allow collisions if ID ranges in this case. Unit tests are added to make sure that the collisions are only allowed for external mappings.
* krb5: Fix unit testsJakub Hrozek2013-10-072-85/+46
|
* IPA: store forest name for forest member domainsSumit Bose2013-09-271-8/+8
| | | | | In order to fix https://fedorahosted.org/sssd/ticket/2093 the name of the forest must be known for a member domain of the forest.
* sysdb: sysdb_update_members can take either name or dnPavel Březina2013-09-262-5/+5
| | | | | | | | | We need to work with distinguish names when processing cross-domain membership, because groups and users may be stored in different sysdb tree. Resolves: https://fedorahosted.org/sssd/ticket/2066
* simple access test: initialize be_ctx for all testsPavel Březina2013-09-171-15/+16
| | | | | | | | | Recent simple access provider patches started using be_ctx during access check. This caused segfault in unit tests, since be_ctx wasn't initialized. Resolves: https://fedorahosted.org/sssd/ticket/2034
* simple access tests: fix typosPavel Březina2013-09-171-5/+5
|
* TESTS: Remove unused variableJakub Hrozek2013-09-121-4/+0
| | | | | | The tmpl variable was only ever used to default to FILE backend in case absolute patch w/o ccache type was selected. Since backends are no longer there, we can remove the variable, too.
* Fix formating of variables with type: id_tLukas Slebodnik2013-09-111-1/+1
|
* DB: Add user/group lookup by SIDOndrej Kos2013-09-101-19/+32
|
* krb5: Remove unused ccache backend infrastructureSimo Sorce2013-09-091-23/+0
| | | | | | | | Remove struct sss_krb5_cc_be and the remaining functions that reference it as they are all unused now. Resolves: https://fedorahosted.org/sssd/ticket/2061
* krb5: Unify function to create ccache filesSimo Sorce2013-09-092-25/+21
| | | | | | | | | | | Only 2 types (FILE and DIR) need to precreate files or directories on the file system, and the 2 functions were basically identical. Consolidate all in one common function and use that function directly where needed instead of using indirection. Resolves: https://fedorahosted.org/sssd/ticket/2061
* krb5: Use krb5_cc_destroy to remove old ccachesSimo Sorce2013-09-091-1/+1
| | | | | | | | | This completely replaces the per-ccache-type custom code to remove old cacches and instead uses libkrb5 base doperations (krb5_cc_destroy) and operating as the user owner. Resolves: https://fedorahosted.org/sssd/ticket/2061
* tests: Add dlopen test to make sure modules worksSimo Sorce2013-09-091-0/+159
| | | | | This tests dlopens and resolves all symbols to make sure there are no missing symbols in our provider modules.
* krb5: Ingnore unknown expansion sequencesSimo Sorce2013-09-091-0/+30
| | | | | | | | | | | | | | | | Recently support was added to use also libkrb5 style expansions that uses a %{varname} type of template. There are a number of templates we do not care/can't expand in sssd. The current code misses tests and failed to properly preserve some of the templates we do not want to handle. Addiotionally in order to be future proof this patch treats unknown templates as pass-through templates and defer any error checking to libkrb5, so that sssd is consistent with how kinit would behave. Resolves: https://fedorahosted.org/sssd/ticket/2076
* utils: add is_host_in_domain()Pavel Březina2013-09-051-0/+28
|
* resolv_sort_srv_reply: remove unnecessary mem_ctxPavel Březina2013-09-051-2/+2
|
* krb5_utils tests: fix some typosPavel Březina2013-09-051-8/+8
|
* UTIL: Use standard maximum value of type size_tLukas Slebodnik2013-09-031-6/+6
| | | | | | | It is better to use standard constant for maximum value of type size_t, instead of reinventing wheel with own defined constant SIZE_T_MAX This patch replace string "SIZE_T_MAX" -> "SIZE_MAX"
* Read enumerate state for subdomains from cacheJakub Hrozek2013-08-281-3/+3
| | | | | The enumerate flag will be read from the cache for subdomains and the domain object will be created accordingly.
* SYSDB: Store enumerate flag for subdomainJakub Hrozek2013-08-281-5/+7
|
* KRB5: Add new #define for collection cache typesStephen Gallagher2013-08-222-6/+6
| | | | | | Kerberos now supports multiple types of collection caches, not just DIR: caches. We should add a macro for generic collection behavior and use that where appropriate.
* sysdb_add_incomplete_group: store SID string is availableSumit Bose2013-08-191-4/+45
| | | | | | During initgroups request we read the SID of a group from the server but do not save it to the cache. This patch fixes this and might help to avoid an additional lookup of the SID later.
* add simple access provider init testPavel Březina2013-08-071-0/+98
|
* resolv-tests failing with memory leakMichal Zidek2013-07-251-2/+4
| | | | | | Wait for c-ares to finish before checking for memory leaks. https://fedorahosted.org/sssd/ticket/1899
* AD: Set the bool value same as default value in optsJakub Hrozek2013-07-191-0/+69
| | | | | | | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/2023 When the option values are copied using dp_opt_copy_map, the .val member is used if it's not NULL. At the same time, the bool options are never NULL, unlike integers or strings that can have special NULL-like values such as NULL_STRING. This effectively means that when copying a bool option, the .val member is always used. But in the AD maps, some .val fields were set differently from the .def_val fields. The effect was that when the AD subdomain provider was initialized from IPA subdomain provider using only the defaults, some options (notably referral chasing) were set to a value that didn't make sense for the AD provider. This patch makes sure that for all boolean option, the .val is always the same as .def_val.
* Fix clang format string warning.Lukas Slebodnik2013-07-191-1/+1
| | | | | warning: format string is not a string literal (potentially insecure) [-Wformat-security]
* dyndns timeout test: catch SIGCHLD handler eventsPavel Březina2013-07-171-0/+12
| | | | | | https://fedorahosted.org/sssd/ticket/1992 dyndns test will crash with this patch
* Do not copy special files when creating homedirOndrej Kos2013-07-091-5/+3
| | | | | | https://fedorahosted.org/sssd/ticket/1778 When trying to copy special file, only message is logged now.
* DB: sysdb_search_user_by_name: search by both name and aliasJakub Hrozek2013-07-091-4/+19
|
generated by cgit (git 2.34.1) at 2024-04-28 05:16:37 +0000