From 35da30eb7f97968aabcbd34d4e198e44470ad3dd Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Wed, 4 Sep 2013 15:02:43 -0400
Subject: krb5: Ingnore unknown expansion sequences

Recently support was added to use also libkrb5 style expansions that
uses a %{varname} type of template.

There are a number of templates we do not care/can't expand in sssd.
The current code misses tests and failed to properly preserve some of
the templates we do not want to handle.

Addiotionally in order to be future proof this patch treats unknown
templates as pass-through templates and defer any error checking to
libkrb5, so that sssd is consistent with how kinit would behave.

Resolves:
https://fedorahosted.org/sssd/ticket/2076
---
 src/tests/krb5_utils-tests.c | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

(limited to 'src/tests')

diff --git a/src/tests/krb5_utils-tests.c b/src/tests/krb5_utils-tests.c
index 174d463b2..4715774ff 100644
--- a/src/tests/krb5_utils-tests.c
+++ b/src/tests/krb5_utils-tests.c
@@ -673,6 +673,35 @@ START_TEST(test_no_substitution)
 }
 END_TEST
 
+START_TEST(test_krb5_style_expansion)
+{
+    char *result;
+    bool private_path = false;
+    const char *file_template;
+    const char *expected;
+
+    file_template = BASE"/%{uid}/%{USERID}/%{euid}/%{username}";
+    expected = BASE"/"UID"/"UID"/"UID"/"USERNAME;
+    result = expand_ccname_template(tmp_ctx, kr, file_template, true,
+                                    true, &private_path);
+
+    fail_unless(result != NULL, "Cannot expand template [%s].", file_template);
+    fail_unless(strcmp(result, expected) == 0,
+                "Expansion failed, result [%s], expected [%s].",
+                result, expected);
+
+    file_template = BASE"/%{unknown}";
+    expected = BASE"/%{unknown}";
+    result = expand_ccname_template(tmp_ctx, kr, file_template, true,
+                                    false, &private_path);
+
+    fail_unless(result != NULL, "Cannot expand template [%s].", file_template);
+    fail_unless(strcmp(result, expected) == 0,
+                "Expansion failed, result [%s], expected [%s].",
+                result, expected);
+}
+END_TEST
+
 START_TEST(test_compare_principal_realm)
 {
     int ret;
@@ -738,6 +767,7 @@ Suite *krb5_utils_suite (void)
     tcase_add_test (tc_ccname_template, test_pid);
     tcase_add_test (tc_ccname_template, test_percent);
     tcase_add_test (tc_ccname_template, test_multiple_substitutions);
+    tcase_add_test (tc_ccname_template, test_krb5_style_expansion);
     suite_add_tcase (s, tc_ccname_template);
 
     TCase *tc_create_dir = tcase_create("create_dir");
-- 
cgit