From 50b8a36b0932a510e825ed1ad8103f81ead2b7d8 Mon Sep 17 00:00:00 2001 From: Pavel Reichl Date: Fri, 6 Mar 2015 04:29:24 -0500 Subject: TESTS: test expiration Reviewed-by: Jakub Hrozek --- src/providers/ldap/sdap_access.c | 2 +- src/tests/cmocka/test_expire_common.c | 130 ++++++++++++++++++++++++++++++++++ src/tests/cmocka/test_expire_common.h | 39 ++++++++++ src/tests/cmocka/test_ldap_auth.c | 102 ++++++++++++++++++++++++++ src/tests/cmocka/test_sdap_access.c | 74 +++++++++++++++++++ 5 files changed, 346 insertions(+), 1 deletion(-) create mode 100644 src/tests/cmocka/test_expire_common.c create mode 100644 src/tests/cmocka/test_expire_common.h create mode 100644 src/tests/cmocka/test_ldap_auth.c create mode 100644 src/tests/cmocka/test_sdap_access.c (limited to 'src') diff --git a/src/providers/ldap/sdap_access.c b/src/providers/ldap/sdap_access.c index be2dacf53..9e9cfc9e3 100644 --- a/src/providers/ldap/sdap_access.c +++ b/src/providers/ldap/sdap_access.c @@ -528,7 +528,7 @@ static errno_t sdap_account_expired_rhds(struct pam_data *pd, #define NDS_EXPIRED_MSG "The user account is expired" #define NDS_TIME_MAP_MSG "The user account is not allowed at this time" -static bool nds_check_expired(const char *exp_time_str) +bool nds_check_expired(const char *exp_time_str) { char *end; struct tm tm; diff --git a/src/tests/cmocka/test_expire_common.c b/src/tests/cmocka/test_expire_common.c new file mode 100644 index 000000000..1698bd80e --- /dev/null +++ b/src/tests/cmocka/test_expire_common.c @@ -0,0 +1,130 @@ +/* + Authors: + Pavel Reichl + + Copyright (C) 2015 Red Hat + + SSSD tests - common code for password expiration tests + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "tests/common_check.h" +#include "tests/cmocka/test_expire_common.h" + +#define MAX 100 + +static char *now_str(TALLOC_CTX *mem_ctx, const char* format, int s) +{ + time_t t = time(NULL) + s; + struct tm *tm; + size_t len; + char *timestr; + + timestr = talloc_array(mem_ctx, char, MAX); + + tm = gmtime(&t); + len = strftime(timestr, MAX, format, tm); + if (len == 0) { + return NULL; + } + + return timestr; +} + +int expire_test_setup(void **state) +{ + struct expire_test_ctx *exp_state; + TALLOC_CTX *mem_ctx; + char *past_time; + char *future_time; + char *invalid_format; + char *invalid_longer_format; + + mem_ctx = talloc_new(NULL); + assert_non_null(mem_ctx); + + exp_state = talloc(mem_ctx, struct expire_test_ctx); + assert_non_null(exp_state); + + *state = exp_state; + + /* testing data */ + invalid_format = now_str(exp_state, "%Y%m%d%H%M%S", -20); + assert_non_null(invalid_format); + + invalid_longer_format = (void*)now_str(exp_state, "%Y%m%d%H%M%SZA", -20); + assert_non_null(invalid_longer_format); + + past_time = (void*)now_str(exp_state, "%Y%m%d%H%M%SZ", -20); + assert_non_null(past_time); + + future_time = (void*)now_str(exp_state, "%Y%m%d%H%M%SZ", 20); + assert_non_null(future_time); + + exp_state->past_time = past_time; + exp_state->future_time = future_time; + exp_state->invalid_format = invalid_format; + exp_state->invalid_longer_format = invalid_longer_format; + + return 0; +} + +int expire_test_teardown(void **state) +{ + struct expire_test_ctx *test_ctx; + + test_ctx = talloc_get_type(*state, struct expire_test_ctx); + assert_non_null(test_ctx); + + talloc_free(test_ctx); + + return 0; +} + +void expire_test_tz(const char* tz, + void (*test_func)(void*, void*), + void *test_in, + void *_test_out) +{ + errno_t ret; + const char *orig_tz = NULL; + + orig_tz = getenv("TZ"); + if (orig_tz == NULL) { + orig_tz = ""; + } + + if (tz) { + ret = setenv("TZ", tz, 1); + assert_false(ret == -1); + } + + test_func(test_in, _test_out); + + /* restore */ + if (orig_tz != NULL) { + ret = setenv("TZ", orig_tz, 1); + assert_false(ret == -1); + } +} diff --git a/src/tests/cmocka/test_expire_common.h b/src/tests/cmocka/test_expire_common.h new file mode 100644 index 000000000..0ccff14fc --- /dev/null +++ b/src/tests/cmocka/test_expire_common.h @@ -0,0 +1,39 @@ +/* + Authors: + Pavel Reichl + + Copyright (C) 2015 Red Hat + + SSSD tests: Tests for password expiration related functionality + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#ifndef __TEST_EXPIRE_COMMON_H +#define __TEST_EXPIRE_COMMON_H + +struct expire_test_ctx +{ + char *past_time; + char *future_time; + char *invalid_format; + char *invalid_longer_format; +}; + +int expire_test_setup(void **state); +int expire_test_teardown(void **state); +void expire_test_tz(const char* tz, void (*f)(void*, void*), void *in, + void *_out); + +#endif /* __TEST_EXPIRE_COMMON_H */ diff --git a/src/tests/cmocka/test_ldap_auth.c b/src/tests/cmocka/test_ldap_auth.c new file mode 100644 index 000000000..814178eb0 --- /dev/null +++ b/src/tests/cmocka/test_ldap_auth.c @@ -0,0 +1,102 @@ +/* + Authors: + Pavel Reichl + + Copyright (C) 2015 Red Hat + + SSSD tests - ldap auth + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include +#include +#include +#include +#include +#include +#include + +#include "tests/common_check.h" +#include "providers/ldap/ldap_auth.h" +#include "tests/cmocka/test_expire_common.h" + +struct check_pwexpire_policy_wrap_indata { + enum pwexpire type; + void *time_fmt; +}; + +static void check_pwexpire_policy_wrap(void *in, void *_out) +{ + errno_t ret; + struct check_pwexpire_policy_wrap_indata *data = + (struct check_pwexpire_policy_wrap_indata*) in; + + ret = check_pwexpire_policy(data->type, data->time_fmt, NULL, 0); + *(errno_t*)_out = ret; +} + +static void test_pwexpire_krb(void **state) +{ + struct expire_test_ctx *tc; + enum pwexpire type = PWEXPIRE_KERBEROS; + errno_t ret; + + tc = talloc_get_type(*state, struct expire_test_ctx); + assert_non_null(tc); + + ret = check_pwexpire_policy(type, + (void*) tc->invalid_longer_format, NULL, 0); + assert_true(ret == EINVAL); + + ret = check_pwexpire_policy(type, (void*) tc->invalid_format, + NULL, 0); + assert_true(ret == EINVAL); + + ret = check_pwexpire_policy(type, (void*) tc->past_time, + NULL, 0); + assert_true(ret == ERR_PASSWORD_EXPIRED); + + ret = check_pwexpire_policy(type, (void*) tc->future_time, + NULL, 0); + assert_true(ret == EOK); + + /* changing time zone has no effect as time of expiration is in UTC */ + struct check_pwexpire_policy_wrap_indata data; + data.type = type; + data.time_fmt = (void*)tc->future_time; + expire_test_tz("GST-2", + check_pwexpire_policy_wrap, + (void*)&data, + (void*)&ret); + assert_true(ret == EOK); + + data.time_fmt = (void*)tc->past_time; + expire_test_tz("GST-2", + check_pwexpire_policy_wrap, + (void*)&data, + (void*)&ret); + assert_true(ret == ERR_PASSWORD_EXPIRED); +} + +int main(void) +{ + const struct CMUnitTest tests[] = { + cmocka_unit_test_setup_teardown(test_pwexpire_krb, + expire_test_setup, + expire_test_teardown), + }; + + return cmocka_run_group_tests(tests, NULL, NULL); +} diff --git a/src/tests/cmocka/test_sdap_access.c b/src/tests/cmocka/test_sdap_access.c new file mode 100644 index 000000000..f306d8a42 --- /dev/null +++ b/src/tests/cmocka/test_sdap_access.c @@ -0,0 +1,74 @@ +/* + Authors: + Pavel Reichl + + Copyright (C) 2015 Red Hat + + SSSD tests - sdap access + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include +#include +#include +#include +#include +#include +#include + +#include "tests/common_check.h" +#include "tests/cmocka/test_expire_common.h" + +/* linking against function from sdap_access.c module */ +extern bool nds_check_expired(const char *exp_time_str); + +static void nds_check_expired_wrap(void *in, void *_out) +{ + *(bool*)_out = nds_check_expired((const char*)in); +} + +void test_nds_check_expire(void **state) +{ + struct expire_test_ctx *tc; + bool res; + + tc = talloc_get_type(*state, struct expire_test_ctx); + assert_non_null(tc); + + assert_false(nds_check_expired(NULL)); + assert_true(nds_check_expired(tc->invalid_longer_format)); + assert_true(nds_check_expired(tc->invalid_format)); + assert_true(nds_check_expired(tc->past_time)); + assert_false(nds_check_expired(tc->future_time)); + + /* changing time zone has no effect as time of expiration is in UTC */ + expire_test_tz("GST+2", nds_check_expired_wrap, (void*)tc->future_time, + (void*)&res); + assert_false(res); + expire_test_tz("GST-2", nds_check_expired_wrap, (void*)tc->future_time, + (void*)&res); + assert_false(res); +} + +int main(void) +{ + const struct CMUnitTest tests[] = { + cmocka_unit_test_setup_teardown(test_nds_check_expire, + expire_test_setup, + expire_test_teardown) + }; + + return cmocka_run_group_tests(tests, NULL, NULL); +} -- cgit