summaryrefslogtreecommitdiffstats
path: root/src/tests
Commit message (Collapse)AuthorAgeFilesLines
* TOOLS: Use file descriptor to avoid races when creating a home directoryOndrej Kos2013-02-111-3/+3
| | | | | | | | | | | | | When creating a home directory, the destination tree can be modified in various ways while it is being constructed because directory permissions are set before populating the directory. This can lead to file creation and permission changes outside the target directory tree, using hard links. This security problem was assigned CVE-2013-0219 https://fedorahosted.org/sssd/ticket/1782
* fo_get_server_name() getter for a server nameJakub Hrozek2012-06-041-1/+1
| | | | | Allows to be more concise in tests and more defensive in resolve callbacks
* Rename fo_get_server_name to fo_get_server_str_nameJakub Hrozek2012-06-041-1/+1
|
* Add option to follow symlinks to check_file()Jakub Hrozek2011-10-131-1/+28
|
* HBAC rule validation Python bindingsJakub Hrozek2011-08-011-0/+30
| | | | https://fedorahosted.org/sssd/ticket/943
* Add rule validator to libipa_hbacStephen Gallagher2011-08-011-0/+115
| | | | https://fedorahosted.org/sssd/ticket/943
* UTF8 HBAC testJakub Hrozek2011-08-011-0/+117
|
* Fix python HBAC bindings for python <= 2.4Jakub Hrozek2011-08-011-3/+4
| | | | | | | | | | | | | | | Several parts of the HBAC python bindings did not work with old Python versions, such as the one shipped in RHEL5. The changes include: * a compatibility wrapper around python set object * PyModule_AddIntMacro compat macro * Py_ssize_t compat definition * Do not use PyUnicode_FromFormat * several function prototypes and structures used to have "char arguments where they have "const char *" in recent versions. This caused compilation warnings this patch mitigates by using the discard_const hack on python 2.4
* Fixes for python HBAC bindingsJakub Hrozek2011-08-011-0/+23
| | | | | | | | | These changes were proposed during a review: * Change the signature of str_concat_sequence() to const char * * use a getsetter for HbacRule.enabled to allow string true/false and integer 1/0 in addition to bool * fix a minor memory leak (HbacRequest.rule_name) * remove overzealous discard consts
* Provide python bindings for the HBAC evaluator libraryJakub Hrozek2011-08-011-0/+468
|
* Add HBAC evaluator and testsStephen Gallagher2011-08-011-0/+618
|
* Test NULL server hostname in fail over testsJakub Hrozek2011-06-301-8/+16
|
* Switch resolver to using resolv_hostent and honor TTLJakub Hrozek2011-06-302-43/+85
| | | | | | Conflicts: src/providers/fail_over.c
* Clear up -Wunused-but-set-variable warningsStephen Gallagher2011-06-021-1/+1
|
* Non-posix group processing - sysdb changesJan Zeleny2011-06-021-2/+2
|
* Add originalDN to fake groupsJakub Hrozek2011-03-231-2/+2
|
* Use realm for basedn instead of IPA domainJakub Hrozek2011-02-281-0/+1
| | | | https://fedorahosted.org/sssd/ticket/807
* Delete attributes that are removed from LDAPStephen Gallagher2011-01-211-1/+1
| | | | | | | | Sometimes, a value in LDAP will cease to exist (the classic example being shadowExpire). We need to make sure we purge that value from SSSD's sysdb as well. https://fedorahosted.org/sssd/ticket/750
* Validate user supplied size of data itemsSumit Bose2011-01-111-0/+14
| | | | | | Specially crafted packages might lead to an integer overflow and the parsing of the input buffer might not continue as expected. This issue was identified by Sebastian Krahmer <krahmer@suse.de>.
* Add sysdb_has_enumerated and sysdb_set_enumerated helper functionsStephen Gallagher2010-12-201-0/+40
| | | | Includes a unit test
* Fix unchecked return value in test_sysdb_attrs_to_listStephen Gallagher2010-12-171-3/+6
| | | | https://fedorahosted.org/sssd/ticket/714
* Fix uninitialized value error in main() in stress-tests.cSumit Bose2010-12-151-0/+1
| | | | https://fedorahosted.org/sssd/ticket/732
* Fix uninitialized value error in setup_test in fail_over-tests.cSumit Bose2010-12-141-0/+1
| | | | https://fedorahosted.org/sssd/ticket/728
* Add group support to the simple access providerStephen Gallagher2010-12-131-2/+2
| | | | | | | | | | | | | This patch adds simple_allow_groups and simple_deny_groups options to the simple access provider. It makes it possible to grant or deny access based on a user's group memberships within the domain. This patch makes one minor change to previous functionality: now all deny rules will supersede allow rules. Previously, if both simple_allow_users and simple_deny_users were set with the same value, the allow would win. https://fedorahosted.org/sssd/ticket/440
* Bye, bye, ipa_timerulesSumit Bose2010-12-081-582/+0
| | | | | | It was decided that IPA HBAC will move to a different format to specify time ranges in access control rules. The evaluation based on the old format is not needed anymore.
* Fix const cast warnings in testsStephen Gallagher2010-11-152-2/+2
|
* Fix const cast warning for sysdb_update_membersStephen Gallagher2010-11-151-4/+4
|
* Add unit tests for users and groups with odd charactersStephen Gallagher2010-11-151-0/+145
|
* Add utility function to sanitize LDAP/LDB filtersStephen Gallagher2010-11-151-0/+68
| | | | Also adds a unit test.
* Always use uint32_t for UID/GID numbersJakub Hrozek2010-10-261-10/+10
|
* Modify sysdb_[add|remove]_group_member to accept users and groupsStephen Gallagher2010-10-181-5/+10
| | | | | | | | Previously, it assumed that all members were users. This changes the interface so that either a user or a group can be specified. Also, it eliminates the need for a memory context to be passed, since the internal memory should be self-contained.
* sysdb interface for adding incomplete groupsJakub Hrozek2010-10-151-0/+40
| | | | Useful for optimizing the initgroups operation.
* Also return member groups to the clientSumit Bose2010-10-131-44/+44
|
* netgroup testsStephen Gallagher2010-10-131-0/+516
|
* Use POPT_TABLEEND to close option tableSumit Bose2010-10-137-8/+8
|
* Suppress some 'unchecked return value' warningsSumit Bose2010-09-281-6/+13
|
* Suppress some 'may be used uninitialized' warningsSumit Bose2010-09-281-1/+1
| | | | | Additionally the handling of errno and the errno_t return value of functions is fixed in krb5_common.c.
* Initialize debug_level to zero in crypto testsStephen Gallagher2010-09-221-1/+1
|
* Fix sysdb_group_dn_nameJakub Hrozek2010-09-221-0/+35
|
* Add parameter to skip cleanup in sysdb testJakub Hrozek2010-09-151-1/+4
| | | | This might be useful for examining the test database manually with LDB tools
* Password obfuscation utility functionsJakub Hrozek2010-09-081-0/+139
| | | | | | | Adds two utility functions to obfuscate a password and inverse to extract the cleartext password back. So far, only NSS-based implementation is provided.
* Add sysdb_update_members functionStephen Gallagher2010-08-031-0/+56
| | | | | | | | This function will take a user, a list of groups that this user should be added to and a list of groups the user should be removed from and will recursively call sysdb_[add|remove]_group_member Includes a unit test
* Add diff_string_lists utility functionStephen Gallagher2010-08-031-0/+227
| | | | Includes a unit test
* Add sysdb_attrs_to_list() utility functionStephen Gallagher2010-08-031-0/+31
|
* Standardize on correct spelling of "principal" for krb5Stephen Gallagher2010-06-161-4/+4
| | | | https://fedorahosted.org/sssd/ticket/542
* Print correct return codeJakub Hrozek2010-06-141-1/+1
| | | | Fixes: #535
* Add support for delayed kinit if offlineSumit Bose2010-05-261-2/+2
| | | | | | | If the configuration option krb5_store_password_if_offline is set to true and the backend is offline the plain text user password is stored and used to request a TGT if the backend becomes online. If available the Linux kernel key retention service is used.
* Sort SRV replies according to RFC 2782Jakub Hrozek2010-04-301-0/+88
| | | | | | | | | | RFC 2782 defines a way to sort replies to a SRV query. In short, the algorithm sorts all replies by priority and then does a weight-based selection for every priority level. For details, please see the sections "Usage rules" for overview of the algorithm and section "The 'Weight' field" for description on the weight selection.
* Fix warning in sysdb-tests.cStephen Gallagher2010-04-141-8/+0
| | | | | | When we converted to the synchronous sysdb interface, the synchronous-simulating function test_loop() became unnecessary, but we forgot to remove it.
* sysydb: Finally stop using a common event contextSimo Sorce2010-04-122-2/+2
| | | | This commit completes the migration to a synchronous sysdb
generated by cgit (git 2.34.1) at 2024-06-21 18:10:08 +0000