diff options
| author | Fabiano Fidêncio <fidencio@redhat.com> | 2017-02-06 11:05:16 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-03-03 13:55:13 +0100 |
| commit | 5aaaf081765b3f23e1518b5f299c289afb9d3f13 (patch) | |
| tree | 05309c77ef4746fc53430d1de628286527b8839c /src/python | |
| parent | ed891c0c55985cd25de05f65e82debf4452987e1 (diff) | |
| download | sssd-5aaaf081765b3f23e1518b5f299c289afb9d3f13.tar.gz sssd-5aaaf081765b3f23e1518b5f299c289afb9d3f13.tar.xz sssd-5aaaf081765b3f23e1518b5f299c289afb9d3f13.zip | |
TESTS: Adapt pam-srv-tests to deal with cache_req related changes
Similar to what happened for nss-srv-tests, there were a few kind of
changes required to fix the tests breakage caused by the last commit.
1) For tests including no user, no changes was required.
2) As we call an equivalent to "get by name" command, a name is parsed
with sss_parse_inp and the returned value is now mocked.
3) For the "cache_auth_success*" tests we set pam_test_ctx->tctx->done
to false after adding the password to the cache, since the code now
contains tevent calls and without it only the first request proceeds
into tevent_loop in test_ev_loop(), as the first finished request sets
done to true.
4) As the user certificate is added as a result of calling
sss_dp_account_recv and the certificate value is read by the certificate
lookup, we have to, in case a certificate lookup callback is set, call
mock_account_recv() for the certificate before going through the
mock_account_recv() for the initgroup.
5) If no logon name is given, then the user is looked by certificates
first. Since there's a matching user, the upcoming lookup by name will
find the user entry. However, since the looked ip data is up to date the
dp response has to be mocked and the second argument of
mock_input_pam_cert() cannot be NULL but must match the user name.
6) Add a new attribute to mock_input_pam_cert() that represents whether
the backend is contacted only once. It's needed because in
test_pam_cert_auth() the backend is contacted first to check whether it
can handle smartcard authenticatiom, but before that there's a lookup.
Since the first mocked reply already adds the certificate to the user
entry, the lookup by certificate will already find the user in the cache
and no second lookup is needed.
Co-Author: Pavel Březina <pbrezina@redhat.com>
Co-Author: Sumit Bose <sbose@redhat.com>
Resolves:
https://fedorahosted.org/sssd/ticket/1126
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/python')
0 files changed, 0 insertions, 0 deletions