diff options
author | Fabiano FidĂȘncio <fidencio@redhat.com> | 2017-06-19 09:05:00 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-06-21 11:28:08 +0200 |
commit | 86526891366c4bc3e1ee861143b736d2670a6ba8 (patch) | |
tree | 8adb299e99742a0416e135ebe06dc6ed0f5b214e /src/tests | |
parent | 7c0402b85627587bcac004d4bfdbf181bbae8549 (diff) | |
download | sssd-86526891366c4bc3e1ee861143b736d2670a6ba8.tar.gz sssd-86526891366c4bc3e1ee861143b736d2670a6ba8.tar.xz sssd-86526891366c4bc3e1ee861143b736d2670a6ba8.zip |
RESPONDER: Use fqnames as output when needed
As some regressions have been caused by not handling properly naming
conflicts when using shortnames, last explicitly use fully qualified
names as output in the following situations:
- domain resolution order is set;
- a trusted domain has been using `use_fully_qualified_name = false`
In both cases we want to ensure that even handling shortnames as input,
the output will always be fully qualified.
As part of this patch, our tests ended up being modified to reflect the
changes done. In other words, the tests related to shortnames now return
expect as return a fully qualified name for trusted domains.
Resolves:
https://pagure.io/SSSD/sssd/issue/3403
Signed-off-by: Fabiano FidĂȘncio <fidencio@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/tests')
-rw-r--r-- | src/tests/cmocka/test_nss_srv.c | 108 |
1 files changed, 43 insertions, 65 deletions
diff --git a/src/tests/cmocka/test_nss_srv.c b/src/tests/cmocka/test_nss_srv.c index 03b5bcc30..ccedf96be 100644 --- a/src/tests/cmocka/test_nss_srv.c +++ b/src/tests/cmocka/test_nss_srv.c @@ -1648,29 +1648,23 @@ static int test_nss_getgrnam_members_check_subdom(uint32_t status, tmp_ctx = talloc_new(nss_test_ctx); assert_non_null(tmp_ctx); - if (nss_test_ctx->subdom->fqnames) { - exp_members[0] = sss_tc_fqname(tmp_ctx, - nss_test_ctx->subdom->names, - nss_test_ctx->subdom, - submember1.pw_name); - assert_non_null(exp_members[0]); - - exp_members[1] = sss_tc_fqname(tmp_ctx, - nss_test_ctx->subdom->names, - nss_test_ctx->subdom, - submember2.pw_name); - assert_non_null(exp_members[1]); + exp_members[0] = sss_tc_fqname(tmp_ctx, + nss_test_ctx->subdom->names, + nss_test_ctx->subdom, + submember1.pw_name); + assert_non_null(exp_members[0]); - expected.gr_name = sss_tc_fqname(tmp_ctx, - nss_test_ctx->subdom->names, - nss_test_ctx->subdom, - testsubdomgroup.gr_name); - assert_non_null(expected.gr_name); - } else { - exp_members[0] = submember1.pw_name; - exp_members[1] = submember2.pw_name; - expected.gr_name = testsubdomgroup.gr_name; - } + exp_members[1] = sss_tc_fqname(tmp_ctx, + nss_test_ctx->subdom->names, + nss_test_ctx->subdom, + submember2.pw_name); + assert_non_null(exp_members[1]); + + expected.gr_name = sss_tc_fqname(tmp_ctx, + nss_test_ctx->subdom->names, + nss_test_ctx->subdom, + testsubdomgroup.gr_name); + assert_non_null(expected.gr_name); assert_int_equal(status, EOK); @@ -1744,15 +1738,11 @@ static int test_nss_getgrnam_check_mix_dom(uint32_t status, tmp_ctx = talloc_new(nss_test_ctx); assert_non_null(tmp_ctx); - if (nss_test_ctx->subdom->fqnames) { - exp_members[0] = sss_tc_fqname(tmp_ctx, - nss_test_ctx->subdom->names, - nss_test_ctx->subdom, - submember1.pw_name); - assert_non_null(exp_members[0]); - } else { - exp_members[0] = submember1.pw_name; - } + exp_members[0] = sss_tc_fqname(tmp_ctx, + nss_test_ctx->subdom->names, + nss_test_ctx->subdom, + submember1.pw_name); + assert_non_null(exp_members[0]); exp_members[1] = testmember1.pw_name; exp_members[2] = testmember2.pw_name; @@ -1840,15 +1830,12 @@ static int test_nss_getgrnam_check_mix_dom_fqdn(uint32_t status, tmp_ctx = talloc_new(nss_test_ctx); assert_non_null(tmp_ctx); - if (nss_test_ctx->subdom->fqnames) { - exp_members[0] = sss_tc_fqname(tmp_ctx, - nss_test_ctx->subdom->names, - nss_test_ctx->subdom, - submember1.pw_name); - assert_non_null(exp_members[0]); - } else { - exp_members[0] = submember1.pw_name; - } + exp_members[0] = sss_tc_fqname(tmp_ctx, + nss_test_ctx->subdom->names, + nss_test_ctx->subdom, + submember1.pw_name); + assert_non_null(exp_members[0]); + if (nss_test_ctx->tctx->dom->fqnames) { exp_members[1] = sss_tc_fqname(tmp_ctx, nss_test_ctx->tctx->dom->names, nss_test_ctx->tctx->dom, testmember1.pw_name); @@ -1961,37 +1948,28 @@ static int test_nss_getgrnam_check_mix_subdom(uint32_t status, tmp_ctx = talloc_new(nss_test_ctx); assert_non_null(tmp_ctx); - if (nss_test_ctx->subdom->fqnames) { - exp_members[0] = sss_tc_fqname(tmp_ctx, - nss_test_ctx->subdom->names, - nss_test_ctx->subdom, - submember1.pw_name); - assert_non_null(exp_members[0]); - - exp_members[1] = sss_tc_fqname(tmp_ctx, - nss_test_ctx->subdom->names, - nss_test_ctx->subdom, - submember2.pw_name); - assert_non_null(exp_members[1]); - } else { - exp_members[0] = submember1.pw_name; - exp_members[1] = submember2.pw_name; - } + exp_members[0] = sss_tc_fqname(tmp_ctx, + nss_test_ctx->subdom->names, + nss_test_ctx->subdom, + submember1.pw_name); + assert_non_null(exp_members[0]); + + exp_members[1] = sss_tc_fqname(tmp_ctx, + nss_test_ctx->subdom->names, + nss_test_ctx->subdom, + submember2.pw_name); + assert_non_null(exp_members[1]); /* Important: this member is from a non-qualified domain, so his name will * not be qualified either */ exp_members[2] = testmember1.pw_name; - if (nss_test_ctx->subdom->fqnames) { - expected.gr_name = sss_tc_fqname(tmp_ctx, - nss_test_ctx->subdom->names, - nss_test_ctx->subdom, - testsubdomgroup.gr_name); - assert_non_null(expected.gr_name); - } else { - expected.gr_name = testsubdomgroup.gr_name; - } + expected.gr_name = sss_tc_fqname(tmp_ctx, + nss_test_ctx->subdom->names, + nss_test_ctx->subdom, + testsubdomgroup.gr_name); + assert_non_null(expected.gr_name); assert_int_equal(status, EOK); |