| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
Fix creation of mixed user/group "member" attribute for RFC2307bis
group entries in ldap_ent.py.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit c65de71bc38753320b9fd6f6fe1386244a2ff54a)
|
| |
|
|
|
|
|
|
| |
Use a function to generate basic sssd.conf in test_ldap.py to reduce
code duplication.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit 472800eda2ef4dfa3a738806d7adbc52be3fbe9c)
|
| |
|
|
|
|
|
|
| |
Split ldap_test.py fixtures into several functions to allow for partial
fixtures and direct use within tests.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit 19c2d951059498703c28aea2ce2d9c3db71a8820)
|
| |
|
|
|
|
|
|
| |
Support passing all user attributes to ldap_ent.py's user-creation
functions, in integration tests.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit c423ad75a56b199083463a2714c8fbfd6e8edcc8)
|
| |
|
|
|
|
|
|
|
| |
Don't use the global LDAP_BASE_DN in integration tests and fixtures, but
instead take it from the LDAP connection object (ldap_conn) passed to
them explicitly. This makes the tests and fixtures a bit more modular.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit a190e39ea4f2c084091be1cd37a3c6e3b603540e)
|
| |
|
|
|
| |
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit 6c2e507bd1571f9c7e26c5c9d60753b29fb75578)
|
| |
|
|
|
|
|
|
|
|
|
| |
Since msgs is attached to tmp_ctx then all the strings are freed
with tmp_ctx. Now steal the strings to objs.
Resolves:
https://fedorahosted.org/sssd/ticket/2826
Reviewed-by: Pavel Reichl <preichl@redhat.com>
(cherry picked from commit 3119225929463aecfbb1a7fc953263736955271e)
|
| |
|
|
|
| |
Reviewed-by: Pavel Reichl <preichl@redhat.com>
(cherry picked from commit 220a4cbb7fcf30d954b2b4fecd62887373aa8764)
|
| |
|
|
|
| |
Reviewed-by: Pavel Reichl <preichl@redhat.com>
(cherry picked from commit 1bf0ada00f59c153fe00853394508021d0ff9b24)
|
| |
|
|
|
| |
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 8ded8b2f4a57d1833fd230307218d8b07a571785)
|
| |
|
|
|
| |
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 374268c5eda35e8bbc2fef30752299199439cffe)
|
| |
|
|
|
| |
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 391b81f2a78a812a87530e0c50c70d59150f49eb)
|
| |
|
|
|
|
|
|
| |
Parsed name or UPN is now stored in input->name instead of touching
orig_name and storing the original name in raw_name.
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 2fce47f2dadd10d2a2c8bf9f03ab7094bc6c6b3a)
|
| |
|
|
|
| |
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 3688374991afb34bbaf2b7843683fc13dd77879d)
|
| |
|
|
|
| |
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 28ebfa4373d1e7ce45b5d70a3619df1c074a661e)
|
| |
|
|
|
| |
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit d8125f0e0d38c6939887a0849a44859d6c498c57)
|
| |
|
|
|
| |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit a4ed6c3a56b68f0deb27f291df510c3ba735f836)
|
| |
|
|
|
|
|
|
| |
It's not necessary to bundle libsss_crypto to crypto_tests.
We can link it directly.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 8f61739e0de45ce2ee3be436fc91ef12a1a1c4f3)
|
| |
|
|
|
|
|
|
|
| |
It should prevent such failures as in commit
73ec8fdfddb2d4bf99977f758eec80e1b1ee8542
BUILD: Link test_data_provider_be with -ldl
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 69b46c32357ccf1aab9c0bd6d1afa33a8724ad77)
|
| |
|
|
|
| |
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit afb21fd06690a0bec288a7970abf74ed2ea7dfdc)
|
| |
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2810
Provides a new AD common function ad_ldap_conn_list() that creates a
list of AD connection to use along with properties to avoid mistakes
when manually constructing these lists.
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 309aa83d16b5919f727af04850bcd0799ba0962f)
|
| |
|
|
|
|
|
|
| |
Exclude whitespace_test from Valgrind checks in contrib/ci/run to
prevent it from failing the tests due to Bash bugs.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit 8dff4a773dd9525ec587cd31646a9f67252122c1)
|
| |
|
|
|
|
|
|
|
|
|
| |
Memory context was not freed therefore we got stuck in tevent loop
that mocks D-Bus.
Resolves:
https://fedorahosted.org/sssd/ticket/2759
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit e51143e3e67c70b86dd9a67cb7e802dd96f989e1)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relax the check on UID or GID just to check if at least one of them is
present but do not require them to be positive numbers.
Add requirement on objectclass attributes to be user or group to make
check more reliable.
Resolves:
https://fedorahosted.org/sssd/ticket/2800
(cherry picked from commit 6735c0451d4e80d7cd4b480a8c1f7dafb2b536ea)
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The crash describe by ticket #2802 is caused by providing NULL options
in popt and yet trying to iterate over them. Instead of simply testing
for NULL this patch creates a new option table table merges several
option tables together, thus improving and simplifying usage string.
Resolves:
https://fedorahosted.org/sssd/ticket/2802
Reviewed-by: Pavel Reichl <preichl@redhat.com>
(cherry picked from commit bda8039465a0084fb380e878c8f9ea3e900505ea)
|
| |
|
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2811
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit 2e76b32e74abedb23665808bacc73cafd1097c37)
|
| |
|
|
| |
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| |
|
|
| |
Reviewed-by: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
All test failed due to missing /usr/bin/libtool
e.g.
/home/build/sssd/build/test-driver: line 107: libtool: command not found
FAIL test-io (exit status: 127)
Reviewed-by: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
|
| |
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2433
Reviewed-by: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Only group and user records are cached in memory cache so only timeouts
for those are checked.
Resolves:
https://fedorahosted.org/sssd/ticket/2176
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
| |
|
|
| |
Reviewed-by: Petr Cech <pcech@redhat.com>
|
| |
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2807
Reviewed-by: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2805
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
| |
|
|
| |
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
| |
|
|
|
|
|
| |
sh$ printf "ABC" | base64 -d
base64: invalid input
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The module data_provider_be.o uses uncfion dlsym and
thus need to be linked with -ldl.
/usr/bin/ld: src/providers/test_data_provider_be-data_provider_be.o: undefined reference to symbol 'dlsym@@GLIBC_2.2.5'
/usr/lib64/libdl.so.2: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
Makefile:10461: recipe for target 'test_data_provider_be' failed
It was not a problem when sssd was compiled with NSS because it contains -ldl
among its flags.
NSS_LIBS='-lssl3 -lsmime3 -lnss3 -lnssutil3 -lplds4 -lplc4 -lnspr4 -lpthread -ldl '
However the compilation failed when sssd was compiled with libcrypto
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
| |
|
|
|
|
|
| |
It seems that clang expected that errno can change to 0
in case of error. It might be a bug in static analyzer.
But the workaround does not change the logic and
the errno is read just once.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were errors in configure script when /bin/sh was not bash
./configure: 15889: test: xfedora: unexpected operator
./configure: 19981: test: xyes: unexpected operator
./configure: 23103: test: x1: unexpected operator
The equality operator "==" works in bash but it's not a standard.
The man page test(1) also does not mention it.
There is only short version "="
STRING1 = STRING2
the strings are equal
|
| |
|
|
|
|
|
| |
It was removed as part of commit
fe2091327ff44f80d6681c261494e4432404e9ba
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
libsss_ad_common.la was a dynamic library and was linked just with unit tests.
It was a workaroud because module libsss_ad.so cannot be linked with tests
without portability issues. But it was addted to pkglib_LTLIBRARIES
and therefore it was installed with other libraries.
This patch changed it and libsss_ad_test.la (old name libsss_ad_common.la)
will be compiled only for unit tests (check_LTLIBRARIES) and will not
be installed with command "make install".
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
| |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
| |
It's an alternative solution for
https://fedorahosted.org/sssd/ticket/2799
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Required for:
https://fedorahosted.org/sssd/ticket/2639
Instead of calling ipa_get_ad_acct_send directly, call a new request
ipa_srv_ad_acct_send. The new request wraps ipa_get_ad_acct_send and
either tries to request a new keytab every time the lookup fails but the
domain is online.
be_mark_dom_offline() is called when the retry fails with the new code.
The retry tries to re-setup the trusted domain. With two-way setups, the
request is a no-op. With one-way trust setups, the request re-fetches
new keytab unconditionally.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
In a server that is expanded from a SRV query was reset, only it's
'meta-server' status was set to neutral, but the server->common
structure still retained its not_working status.
This patch also resets the status of the common structure so that both
the SRV query and resolving the server are retried next time.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Required for:
https://fedorahosted.org/sssd/ticket/2639
Previously, we had a function that allowed the caller to reset the
status of all services in the global fail over context. This patch adds
a new function that allows the caller to reset a single service instead.
The main user would be IPA subdomain provider that might need to reset
the status of an AD trusted domain on demand.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Required for:
https://fedorahosted.org/sssd/ticket/2639
Expose a request ipa_server_trusted_dom_setup_send that sets up a
trusted domain. The setup might include actions like retrieving a keytab
for one-way trusts.
Creating the AD ID context for the trused domain is now done in the
caller of this new request.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Ticket:
https://fedorahosted.org/sssd/ticket/2773
Add way to set pam specific options in
pam_test_setup adn use it to set the
p11_child_timeout value to 30.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
