summaryrefslogtreecommitdiffstats
path: root/src/tests/cmocka
Commit message (Collapse)AuthorAgeFilesLines
...
* test_ipa_subdom_server: Add missing assertLukas Slebodnik2015-06-221-0/+1
| | | | Reviewed-by: Michal Židek <mzidek@redhat.com>
* utils: add get_last_x_chars()Sumit Bose2015-06-193-0/+30
| | | | Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* ncache: add calls for certificate based searchesSumit Bose2015-06-191-0/+42
| | | | | | Related to https://fedorahosted.org/sssd/ticket/2596 Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* certs: add PEM/DER conversion utilitiesSumit Bose2015-06-191-0/+361
| | | | | | Related to https://fedorahosted.org/sssd/ticket/2596 Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* test_ipa_subdomains_server: Run clean-up after successLukas Slebodnik2015-06-161-0/+7
| | | | Reviewed-by: Michal Židek <mzidek@redhat.com>
* IPA: Utility function for setting up one-way trust contextJakub Hrozek2015-06-141-5/+24
| | | | | | | Related: https://fedorahosted.org/sssd/ticket/2638 Reviewed-by: Sumit Bose <sbose@redhat.com>
* AD: Add ad_create_1way_trust_optionsJakub Hrozek2015-06-141-0/+74
| | | | | | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2638 For one-way trusts we can assume that AD domain is the same as the Kerberis realm. On the other hand, SASL realm and keytab path are specified, unlike two-way trusts that use the system keytab. Includes a unit test. Reviewed-by: Sumit Bose <sbose@redhat.com>
* IPA/AD: Set up AD domain in ad_create_2way_trust_optionsJakub Hrozek2015-06-141-0/+7
| | | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2638 Removed code duplication. Amends unit test to make sure we don't regress. Reviewed-by: Sumit Bose <sbose@redhat.com>
* AD: Split off ad_create_default_optionsJakub Hrozek2015-06-141-0/+17
| | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2638 Make the function reusable and add a simple unit test. Reviewed-by: Sumit Bose <sbose@redhat.com>
* AD: Rename ad_create_default_options to ad_create_2way_trust_optionsJakub Hrozek2015-06-141-22/+129
| | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2638 Better reflects what's going on in the function. Also adds a unit test. Reviewed-by: Sumit Bose <sbose@redhat.com>
* IPA: Fetch keytab for 1way trustsJakub Hrozek2015-06-141-5/+167
| | | | | | | | | Uses the ipa-getkeytab call to retrieve keytabs for one-way trust relationships. https://fedorahosted.org/sssd/ticket/2636 Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Add unit test for the subdomain_server.c moduleJakub Hrozek2015-06-141-0/+621
| | | | Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Move krb5_try_kdcip to nested group testJakub Hrozek2015-06-143-15/+8
| | | | | | Avoids duplicate errors during linking. Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Add a common function to set up sdap_id_ctxJakub Hrozek2015-06-143-7/+26
| | | | | | Reduces code duplication between tests. Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Add a common mock_be_ctx functionJakub Hrozek2015-06-145-9/+79
| | | | | | Reduces code duplication between tests. Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Split off keytab creation into a common moduleJakub Hrozek2015-06-143-36/+159
| | | | | | This change will make the keytab creating reusable by other tests. Reviewed-by: Sumit Bose <sbose@redhat.com>
* IPA: Split two functions to new module ipa_subdomains_utils.cJakub Hrozek2015-06-141-0/+227
| | | | | | | | | These functions will be later reused by the subdomains_server.c module. Splitting them into a separate subdomains_utils.c module will make sure there are no cyclic dependencies and the functions are testable in isolation. Reviewed-by: Sumit Bose <sbose@redhat.com>
* SYSDB: Add a forest root attribute to sss_domain_infoJakub Hrozek2015-06-141-7/+357
| | | | | | | | Instead of complex forest root search methods, establish forest root during subdomain list update. The subdomain code can then just use the forest_root pointer. Reviewed-by: Sumit Bose <sbose@redhat.com>
* SYSDB: Add realm to sysdb_master_domain_add_infoJakub Hrozek2015-06-141-0/+35
| | | | | | | | | | Adding realm to both master domain and subdomain will make it easier to set and select forest roots. Even master domains can be forest members, it's preferable to avoid special-casing as much as possible. Includes a unit test. Reviewed-by: Sumit Bose <sbose@redhat.com>
* TESTS: Add a test for sysdb_subdomains.cJakub Hrozek2015-06-141-0/+184
| | | | | | | The sysdb_subdomains.c module should have its own sysdb test, not share the generic sysdb one. Reviewed-by: Sumit Bose <sbose@redhat.com>
* UTIL/SYSDB: Move new_subdomain() to sysdb_subdomains.c and make it privateJakub Hrozek2015-06-141-0/+1
| | | | | | | | | | | In order to make updating the subdomain list a two-step process. Therefore we need to make sure that update_subdomains() is the only interface towards the SSSD that changes the subdomain list. Move the new_subdomain() function to sysdb_subdomains.c and only make it available through a private header so it's usable by unit tests. Reviewed-by: Sumit Bose <sbose@redhat.com>
* SYSDB: Store trust direction for subdomainsJakub Hrozek2015-06-142-3/+3
| | | | | | | | | | | | We need to store the subdomain trust direction in order to recover the structure after SSSD restart. The trust direction is a plain uint32_t to avoid leaking the knowledge about AD trust directions to sysdb while at the same time making it easy to compare values between sysdb and LDAP and avoid translating the values. Reviewed-by: Sumit Bose <sbose@redhat.com>
* subdomains: Inherit cleanup period and tokengroup settings from parent domainJakub Hrozek2015-06-051-0/+160
| | | | | | | | | | | Allows the administrator to extend the functionality of ldap_purge_cache_timeout, ldap_user_principal and ldap_use_tokengroups to the subdomains. This is a less intrusive way of achieving: https://fedorahosted.org/sssd/ticket/2627 Reviewed-by: Pavel Reichl <preichl@redhat.com>
* SDAP: Add sdap_copy_map_entryJakub Hrozek2015-06-051-0/+83
| | | | Reviewed-by: Pavel Reichl <preichl@redhat.com>
* DP: Add a function to inherit DP options, if setJakub Hrozek2015-06-051-8/+119
| | | | | | | | | | | Related to: https://fedorahosted.org/sssd/ticket/2644 Adds a utility function that checks if a DP option is present in the subdomain_inherit list. If it is, then the option is set from source to destination dp_option array. Reviewed-by: Pavel Reichl <preichl@redhat.com>
* LDAP: Do not print verbose DEBUG messages from providers that don't set UUIDJakub Hrozek2015-06-041-1/+9
| | | | | | https://fedorahosted.org/sssd/ticket/2666 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* TESTS: Add test for get_next_domainJakub Hrozek2015-06-021-0/+138
| | | | Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* IFP: add org.freedesktop.sssd.infopipe.Users.UserPavel Březina2015-05-221-7/+7
| | | | | | | | | | | | Example calls: dbus-send --print-reply --system --dest=org.freedesktop.sssd.infopipe /org/freedesktop/sssd/infopipe/Users/LDAP_2ePB/10001 org.freedesktop.DBus.Properties.Get string:org.freedesktop.sssd.infopipe.Users.User string:name method return sender=:1.159 -> dest=:1.165 reply_serial=2 variant string "user-1" Resolves: https://fedorahosted.org/sssd/ticket/2150 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sbus: add sbus_opath_decompose[_exact]Pavel Březina2015-05-221-0/+128
| | | | | | | | This function decomposes object path into array of strings. The "_exact" version expects a certain number of parts otherwise an error is thrown. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* nss: Do not ignore default vaue of SYSDB_INITGR_EXPIRELukas Slebodnik2015-05-221-0/+100
| | | | | | | | When SYSDB_INITGR_EXPIRE had default value (0) then value of SYSDB_CACHE_EXPIRE was used as initgroups expire attribute. The right apoach is already used in responder_cache_req.c Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* test_nss_srv: Use right function for storing time_tLukas Slebodnik2015-05-221-4/+4
| | | | | | | The size of time_t can be 8 bytes on some platforms. It is because of year 2038 problem. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* PAM: add PAM responder unit testSumit Bose2015-05-081-0/+965
| | | | Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* utils: add sss_authtok_[gs]et_2faSumit Bose2015-05-081-3/+186
| | | | Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* Add leak check and command line option to test_authtokSumit Bose2015-05-081-10/+57
| | | | Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* IPA: do not add domain name unconditionallySumit Bose2015-05-061-0/+1
| | | | | | | | | | | Depending on the server-side configuration the extdom plugin can return short or fully qualified names for IPA objects. The client must handle the names according to its own configuration and not add the domain part of the fully-qualified name unconditionally. Resolves https://fedorahosted.org/sssd/ticket/2647 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_nss_idmap-tests: Use different prepared buffers for big endianLukas Slebodnik2015-05-041-0/+12
| | | | | | | | | | | | | | | | | | We get error EBADMSG instead of EOK due to endianess issue [==========] Running 2 test(s). [ RUN ] test_getsidbyname 0x4a != 0 src/tests/cmocka/sss_nss_idmap-tests.c:108: error: Failure! [ FAILED ] test_getsidbyname [ RUN ] test_getorigbyname 0x4a != 0 src/tests/cmocka/sss_nss_idmap-tests.c:127: error: Failure! [ FAILED ] test_getorigbyname Reviewed-by: Sumit Bose <sbose@redhat.com>
* tests: Add NSS responder tests for bysid requestsJakub Hrozek2015-04-241-0/+219
| | | | Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* AD: Always get domain-specific ID connectionStephen Gallagher2015-04-151-0/+1
| | | | | | | | | | | | | | | | ad_get_dom_ldap_conn() assumed that ad_ctx->ldap_ctx always points at the LDAP connection for the primary domain, however it turns out that this is not always the case. It's currently unclear why, but this connection can sometimes be pointing at a subdomain. Since the value of subdom_id_ctx->ldap_ctx always points to the correct domain (including the primary domain case), there's no benefit to trying to shortcut to the ad_ctx->ldap_ctx when performing this lookup. This patch also makes a minor tweak to the tests so that the primary domain passes the sdap_domain_get() check for validity (since it needs to have a private member assigned). Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* responders: reset ncache after domains are discovered during startupJakub Hrozek2015-04-091-0/+37
| | | | | | | | | After responders start, they add a lookup operation that discovers the subdomains so that qualifying users works. After this operation is finishes, we need to reset negcache to allow users to be added into the newly discovered domains. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* ncache: Add sss_ncache_reset_repopulate_permanentJakub Hrozek2015-04-091-0/+93
| | | | | | | This new function resets the negative cache and then re-adds the permanent entries. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* ncache: Silence critical error from filter_users when default_domain_suffix ↵Jakub Hrozek2015-04-091-3/+85
| | | | | | | | | | | | | | | is set When default_domain_suffix is used and filter_users is set (at least root is always, by default), SSSD tried to add the negcache entry to the default domain. But since the default domain is not known after start up, adding the entries fail with a verbose error message. This patch handles EAGAIN returned from the parsing function while setting negcache entries gracefully and also makes the debug message in parsing function more precise. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* ncache: Fix sss_ncache_reset_permanentJakub Hrozek2015-04-091-0/+11
| | | | | | | There was an off-by-one error in sss_ncache_reset_permanent that prevented the reset from working. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* test_resolv_fake: Fix alignment warningLukas Slebodnik2015-03-271-9/+10
| | | | | | | | | | | | src/tests/cmocka/test_resolv_fake.c:60:9: error: cast from 'uint8_t *' (aka 'unsigned char *') to 'HEADER *' increases required alignment from 1 to 4 [-Werror,-Wcast-align] h = (HEADER *) hb; ^~~~~~~~~~~~~ 1 error generated. Reviewed-by: Michal Židek <mzidek@redhat.com>
* test_ldap_auth: Use right assertion for integer comparisonLukas Slebodnik2015-03-261-6/+6
| | | | | | | The macro assert_int_equal prints value of integers if they are not equal. Reviewed-by: Pavel Reichl <preichl@redhat.com>
* test_expire: Use right assertion macro for standard functionsLukas Slebodnik2015-03-261-2/+3
| | | | | | | | | | | | | | Documentation to macro assert_return_code says: Assert that the return_code is greater than or equal to 0. The function prints an error message to standard error and terminates the test by calling fail() if the return code is smaller than 0. If the function you check sets an errno if it fails you can pass it to the function and it will be printed as part of the error message. So in case of error we will see more verbose message. Reviewed-by: Pavel Reichl <preichl@redhat.com>
* Resolv: re-read SRV query every time if its TTL is 0Jakub Hrozek2015-03-241-5/+26
| | | | | | | We should make sure the client re-checks the SRV query each request if the SRV query is 0. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* tests: Use cmocka-1.0+ API in test_sysdb_utilsJakub Hrozek2015-03-241-3/+3
| | | | Reviewed-by: Pavel Reichl <preichl@redhat.com>
* ldap: refactor check_pwexpire_kerberos to use util funcPavel Reichl2015-03-231-2/+2
| | | | | | | | | Refactor check_pwexpire_kerberos() to use utility function sss_utc_to_time_t(). Modify test to handle new error code ERR_TIMESPEC_NOT_SUPPORTED Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* TESTS: test expirationPavel Reichl2015-03-234-0/+345
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sdap: properly handle binary objectGuid attributeSumit Bose2015-03-204-0/+195
| | | | | | | | | | | | | | Although in the initial processing SSSD treats the binary value right at some point it mainly assumes that it is a string. Depending on the value this might end up with the correct binary value stored in the cache but in most cases there will be only a broken entry in the cache. This patch converts the binary value into a string representation which is described in [MS-DTYP] and stores the result in the cache. Resolves https://fedorahosted.org/sssd/ticket/2588 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
generated by cgit (git 2.34.1) at 2025-08-31 21:20:02 +0000