From 6c1e606c3e9da9910554e48a6409a9b3001deedb Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Fri, 4 Sep 2015 09:27:17 +0200
Subject: [PATCH 75/87] DP: Provide a way to mark subdomain as disabled and
auto-enable it later with offline_timeout
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
https://fedorahosted.org/sssd/ticket/2637
Adds a new Data Provider function be_mark_dom_offline() that is a
replacement for be_mark_offline(). When called, the function would
either set the whole back end offline, just like be_mark_offline or just
set the subdomain status to inactive.
When a subdomain is inactive, there is a singleton timed task that would
re-set the subdomin after offline_timeout seconds.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
---
Makefile.am | 26 +++
src/providers/data_provider_be.c | 102 +++++++++++-
src/providers/dp_backend.h | 1 +
src/tests/cmocka/test_data_provider_be.c | 275 +++++++++++++++++++++++++++++++
4 files changed, 395 insertions(+), 9 deletions(-)
create mode 100644 src/tests/cmocka/test_data_provider_be.c
diff --git a/Makefile.am b/Makefile.am
index e1102333b019e32c516c59c5fa969c970b688737..4e80701872c0e4e1391f0c6de8a2f68e719f8236 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -236,6 +236,7 @@ if HAVE_CMOCKA
test_ipa_subdom_server \
test_krb5_wait_queue \
test_cert_utils \
+ test_data_provider_be \
$(NULL)
if HAVE_LIBRESOLV
@@ -2603,6 +2604,31 @@ test_cert_utils_LDADD = \
libsss_cert.la \
libsss_crypt.la \
$(NULL)
+
+test_data_provider_be_SOURCES = \
+ $(sssd_be_SOURCES) \
+ src/tests/cmocka/test_data_provider_be.c \
+ src/tests/cmocka/common_mock_be.c \
+ $(NULL)
+test_data_provider_be_CFLAGS = \
+ $(AM_CFLAGS) \
+ -DUNIT_TESTING \
+ $(CRYPTO_CFLAGS) \
+ $(NULL)
+test_data_provider_be_LDFLAGS = \
+ -Wl,-wrap,_tevent_add_timer \
+ $(NULL)
+test_data_provider_be_LDADD = \
+ $(CMOCKA_LIBS) \
+ $(CARES_LIBS) \
+ $(POPT_LIBS) \
+ $(PAM_LIBS) \
+ $(TALLOC_LIBS) \
+ $(SSSD_INTERNAL_LTLIBS) \
+ libsss_debug.la \
+ libsss_test_common.la \
+ $(NULL)
+
endif # HAVE_CMOCKA
noinst_PROGRAMS = pam_test_client
diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c
index d147630248f0a24f5a632760b55b9284a6928e40..f477ac8bde2b1e3eea862e8e8f503566282ea8f3 100644
--- a/src/providers/data_provider_be.c
+++ b/src/providers/data_provider_be.c
@@ -478,6 +478,24 @@ try_to_go_online(TALLOC_CTX *mem_ctx,
return EOK;
}
+static int get_offline_timeout(struct be_ctx *ctx)
+{
+ errno_t ret;
+ int offline_timeout;
+
+ ret = confdb_get_int(ctx->cdb, ctx->conf_path,
+ CONFDB_DOMAIN_OFFLINE_TIMEOUT, 60,
+ &offline_timeout);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "Failed to get offline_timeout from confdb. "
+ "Will use 60 seconds.\n");
+ offline_timeout = 60;
+ }
+
+ return offline_timeout;
+}
+
void be_mark_offline(struct be_ctx *ctx)
{
int offline_timeout;
@@ -493,15 +511,9 @@ void be_mark_offline(struct be_ctx *ctx)
/* This is the first time we go offline - create a periodic task
* to check if we can switch to online. */
DEBUG(SSSDBG_TRACE_INTERNAL, "Initialize check_if_online_ptask.\n");
- ret = confdb_get_int(ctx->cdb, ctx->conf_path,
- CONFDB_DOMAIN_OFFLINE_TIMEOUT, 60,
- &offline_timeout);
- if (ret != EOK) {
- DEBUG(SSSDBG_CRIT_FAILURE,
- "Failed to get offline_timeout from confdb. "
- "Will use 60 seconds.\n");
- offline_timeout = 60;
- }
+
+ offline_timeout = get_offline_timeout(ctx);
+
ret = be_ptask_create_sync(ctx, ctx,
offline_timeout, offline_timeout,
offline_timeout, 30, offline_timeout,
@@ -524,10 +536,82 @@ void be_mark_offline(struct be_ctx *ctx)
be_run_offline_cb(ctx);
}
+static void be_subdom_reset_status(struct tevent_context *ev,
+ struct tevent_timer *te,
+ struct timeval current_time,
+ void *pvt)
+{
+ struct sss_domain_info *subdom = talloc_get_type(pvt,
+ struct sss_domain_info);
+
+ DEBUG(SSSDBG_TRACE_LIBS, "Resetting subdomain %s\n", subdom->name);
+ subdom->state = DOM_ACTIVE;
+}
+
+static void be_mark_subdom_offline(struct sss_domain_info *subdom,
+ struct be_ctx *be_ctx)
+{
+ struct timeval tv;
+ struct tevent_timer *timeout = NULL;
+ int reset_status_timeout;
+
+ reset_status_timeout = get_offline_timeout(be_ctx);
+ tv = tevent_timeval_current_ofs(reset_status_timeout, 0);
+
+ switch (subdom->state) {
+ case DOM_DISABLED:
+ DEBUG(SSSDBG_MINOR_FAILURE, "Won't touch disabled subdomain\n");
+ return;
+ case DOM_INACTIVE:
+ DEBUG(SSSDBG_TRACE_ALL, "Subdomain already inactive\n");
+ return;
+ case DOM_ACTIVE:
+ DEBUG(SSSDBG_TRACE_LIBS,
+ "Marking subdomain %s as inactive\n", subdom->name);
+ break;
+ }
+
+ timeout = tevent_add_timer(be_ctx->ev, be_ctx, tv,
+ be_subdom_reset_status, subdom);
+ if (timeout == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, "Cannot create timer\n");
+ return;
+ }
+
+ subdom->state = DOM_INACTIVE;
+}
+
+void be_mark_dom_offline(struct sss_domain_info *dom, struct be_ctx *ctx)
+{
+ if (IS_SUBDOMAIN(dom) == false) {
+ DEBUG(SSSDBG_TRACE_LIBS, "Marking back end offline\n");
+ be_mark_offline(ctx);
+ } else {
+ DEBUG(SSSDBG_TRACE_LIBS, "Marking subdomain %s offline\n", dom->name);
+ be_mark_subdom_offline(dom, ctx);
+ }
+}
+
+static void reactivate_subdoms(struct sss_domain_info *head)
+{
+ struct sss_domain_info *dom;
+
+ DEBUG(SSSDBG_TRACE_LIBS, "Resetting all subdomains");
+
+ for (dom = head; dom; dom = get_next_domain(dom, true)) {
+ if (sss_domain_get_state(dom) == DOM_INACTIVE) {
+ sss_domain_set_state(dom, DOM_ACTIVE);
+ }
+ }
+}
+
static void be_reset_offline(struct be_ctx *ctx)
{
ctx->offstat.went_offline = 0;
ctx->offstat.offline = false;
+
+ reactivate_subdoms(ctx->domain);
+
be_ptask_disable(ctx->check_if_online_ptask);
be_run_online_cb(ctx);
}
diff --git a/src/providers/dp_backend.h b/src/providers/dp_backend.h
index e4e22ea343a5cbf4c75f176c3002dc579c2893fe..4d54bf547682379bcb8cf855b8fae39214495728 100644
--- a/src/providers/dp_backend.h
+++ b/src/providers/dp_backend.h
@@ -189,6 +189,7 @@ struct be_host_req {
bool be_is_offline(struct be_ctx *ctx);
void be_mark_offline(struct be_ctx *ctx);
+void be_mark_dom_offline(struct sss_domain_info *dom, struct be_ctx *ctx);
int be_add_reconnect_cb(TALLOC_CTX *mem_ctx,
struct be_ctx *ctx,
diff --git a/src/tests/cmocka/test_data_provider_be.c b/src/tests/cmocka/test_data_provider_be.c
new file mode 100644
index 0000000000000000000000000000000000000000..68eb5841bee568bef64cb62461403036b1320bec
--- /dev/null
+++ b/src/tests/cmocka/test_data_provider_be.c
@@ -0,0 +1,275 @@
+/*
+ Copyright (C) 2015 Red Hat
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <talloc.h>
+#include <tevent.h>
+#include <errno.h>
+#include <popt.h>
+#include <time.h>
+
+#include "providers/dp_backend.h"
+#include "tests/cmocka/common_mock.h"
+#include "tests/cmocka/common_mock_be.h"
+#include "tests/common.h"
+
+#define TESTS_PATH "tests_dp_be"
+#define TEST_CONF_DB "test_dp_be_conf.ldb"
+#define TEST_DOM_NAME "dp_be_test"
+#define TEST_ID_PROVIDER "ldap"
+
+#define OFFLINE_TIMEOUT 2
+#define AS_STR(param) (#param)
+
+static TALLOC_CTX *global_mock_context = NULL;
+static bool global_timer_added;
+
+struct tevent_timer *__real__tevent_add_timer(struct tevent_context *ev,
+ TALLOC_CTX *mem_ctx,
+ struct timeval next_event,
+ tevent_timer_handler_t handler,
+ void *private_data,
+ const char *handler_name,
+ const char *location);
+
+struct tevent_timer *__wrap__tevent_add_timer(struct tevent_context *ev,
+ TALLOC_CTX *mem_ctx,
+ struct timeval next_event,
+ tevent_timer_handler_t handler,
+ void *private_data,
+ const char *handler_name,
+ const char *location)
+{
+ global_timer_added = true;
+
+ return __real__tevent_add_timer(ev, mem_ctx, next_event,
+ handler, private_data, handler_name,
+ location);
+}
+
+
+struct test_ctx {
+ struct sss_test_ctx *tctx;
+ struct be_ctx *be_ctx;
+};
+
+static struct sss_domain_info *named_domain(TALLOC_CTX *mem_ctx,
+ const char *name,
+ struct sss_domain_info *parent)
+{
+ struct sss_domain_info *dom = NULL;
+
+ dom = talloc_zero(mem_ctx, struct sss_domain_info);
+ assert_non_null(dom);
+
+ dom->name = talloc_strdup(dom, name);
+ assert_non_null(dom->name);
+
+ dom->parent = parent;
+
+ return dom;
+}
+
+static int test_setup(void **state)
+{
+ struct test_ctx *test_ctx = NULL;
+ struct sss_test_conf_param params[] = {
+ { "offline_timeout", AS_STR(OFFLINE_TIMEOUT) },
+ { NULL, NULL }, /* Sentinel */
+ };
+
+ assert_true(leak_check_setup());
+ global_mock_context = talloc_new(global_talloc_context);
+ assert_non_null(global_mock_context);
+
+ test_ctx = talloc_zero(global_talloc_context, struct test_ctx);
+ assert_non_null(test_ctx);
+
+ test_ctx->tctx = create_dom_test_ctx(test_ctx, TESTS_PATH,
+ TEST_CONF_DB, TEST_DOM_NAME,
+ TEST_ID_PROVIDER, params);
+ assert_non_null(test_ctx->tctx);
+
+ test_ctx->be_ctx = mock_be_ctx(test_ctx, test_ctx->tctx);
+ assert_non_null(test_ctx->be_ctx);
+
+ test_ctx->be_ctx->domain->subdomains = named_domain(test_ctx,
+ "subdomains",
+ test_ctx->be_ctx->domain);
+ assert_non_null(test_ctx->be_ctx->domain->subdomains);
+
+ *state = test_ctx;
+
+ return 0;
+}
+
+static int test_teardown(void **state)
+{
+ talloc_zfree(*state);
+ assert_true(leak_check_teardown());
+ return 0;
+}
+
+static void assert_domain_state(struct sss_domain_info *dom,
+ enum sss_domain_state expected_state)
+{
+ enum sss_domain_state dom_state;
+
+ dom_state = sss_domain_get_state(dom);
+ assert_int_equal(dom_state, expected_state);
+}
+
+static void test_mark_subdom_offline_check(struct tevent_context *ev,
+ struct tevent_timer *te,
+ struct timeval current_time,
+ void *pvt)
+{
+ struct test_ctx *test_ctx = talloc_get_type(pvt, struct test_ctx);
+
+ assert_domain_state(test_ctx->be_ctx->domain->subdomains,
+ DOM_ACTIVE);
+
+ test_ctx->tctx->done = true;
+ test_ctx->tctx->error = EOK;
+}
+
+static void test_mark_dom_offline(void **state)
+{
+ struct test_ctx *test_ctx = talloc_get_type(*state, struct test_ctx);
+
+ assert_domain_state(test_ctx->be_ctx->domain, DOM_ACTIVE);
+ assert_false(be_is_offline(test_ctx->be_ctx));
+
+ be_mark_dom_offline(test_ctx->be_ctx->domain, test_ctx->be_ctx);
+
+ assert_true(be_is_offline(test_ctx->be_ctx));
+ assert_domain_state(test_ctx->be_ctx->domain, DOM_ACTIVE);
+}
+
+static void test_mark_subdom_offline(void **state)
+{
+ struct timeval tv;
+ struct tevent_timer *check_ev = NULL;
+ struct test_ctx *test_ctx = talloc_get_type(*state, struct test_ctx);
+ errno_t ret;
+
+ assert_domain_state(test_ctx->be_ctx->domain->subdomains,
+ DOM_ACTIVE);
+ assert_false(be_is_offline(test_ctx->be_ctx));
+
+ global_timer_added = false;
+ be_mark_dom_offline(test_ctx->be_ctx->domain->subdomains, test_ctx->be_ctx);
+ assert_domain_state(test_ctx->be_ctx->domain->subdomains,
+ DOM_INACTIVE);
+
+ /* A timer must be added that resets the state back */
+ assert_true(global_timer_added);
+
+ /* Global offline state must not change */
+ assert_false(be_is_offline(test_ctx->be_ctx));
+
+ /* Make sure we don't add a second timer */
+ global_timer_added = false;
+ be_mark_dom_offline(test_ctx->be_ctx->domain->subdomains, test_ctx->be_ctx);
+ assert_domain_state(test_ctx->be_ctx->domain->subdomains,
+ DOM_INACTIVE);
+ assert_false(global_timer_added);
+
+ /* Wait for the internal timer to reset our subdomain back */
+ tv = tevent_timeval_current_ofs(OFFLINE_TIMEOUT + 1, 0);
+
+ check_ev = tevent_add_timer(test_ctx->tctx->ev, test_ctx, tv,
+ test_mark_subdom_offline_check,
+ test_ctx);
+ if (check_ev == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, "Cannot create timer\n");
+ return;
+ }
+
+ ret = test_ev_loop(test_ctx->tctx);
+ assert_int_equal(ret, EOK);
+}
+
+static void test_mark_subdom_offline_disabled(void **state)
+{
+ struct test_ctx *test_ctx = talloc_get_type(*state, struct test_ctx);
+
+ sss_domain_set_state(test_ctx->be_ctx->domain->subdomains, DOM_DISABLED);
+ assert_domain_state(test_ctx->be_ctx->domain->subdomains,
+ DOM_DISABLED);
+
+ be_mark_dom_offline(test_ctx->be_ctx->domain->subdomains, test_ctx->be_ctx);
+ assert_domain_state(test_ctx->be_ctx->domain->subdomains,
+ DOM_DISABLED);
+}
+
+int main(int argc, const char *argv[])
+{
+ poptContext pc;
+ int opt;
+ int rv;
+ int no_cleanup = 0;
+ struct poptOption long_options[] = {
+ POPT_AUTOHELP
+ SSSD_DEBUG_OPTS
+ {"no-cleanup", 'n', POPT_ARG_NONE, &no_cleanup, 0,
+ _("Do not delete the test database after a test run"), NULL },
+ POPT_TABLEEND
+ };
+
+ const struct CMUnitTest tests[] = {
+ cmocka_unit_test_setup_teardown(test_mark_dom_offline,
+ test_setup,
+ test_teardown),
+ cmocka_unit_test_setup_teardown(test_mark_subdom_offline,
+ test_setup,
+ test_teardown),
+ cmocka_unit_test_setup_teardown(test_mark_subdom_offline_disabled,
+ test_setup,
+ test_teardown),
+ };
+
+ /* Set debug level to invalid value so we can deside if -d 0 was used. */
+ debug_level = SSSDBG_INVALID;
+
+ pc = poptGetContext(argv[0], argc, argv, long_options, 0);
+ while((opt = poptGetNextOpt(pc)) != -1) {
+ switch(opt) {
+ default:
+ fprintf(stderr, "\nInvalid option %s: %s\n\n",
+ poptBadOption(pc, 0), poptStrerror(opt));
+ poptPrintUsage(pc, stderr, 0);
+ return 1;
+ }
+ }
+ poptFreeContext(pc);
+
+ DEBUG_CLI_INIT(debug_level);
+
+ /* Even though normally the tests should clean up after themselves
+ * they might not after a failed run. Remove the old db to be sure */
+ tests_set_cwd();
+ test_dom_suite_cleanup(TESTS_PATH, TEST_CONF_DB, TEST_DOM_NAME);
+ test_dom_suite_setup(TESTS_PATH);
+
+ rv = cmocka_run_group_tests(tests, NULL, NULL);
+ if (rv == 0 && !no_cleanup) {
+ test_dom_suite_cleanup(TESTS_PATH, TEST_CONF_DB, TEST_DOM_NAME);
+ }
+ return rv;
+
+ return cmocka_run_group_tests(tests, NULL, NULL);
+}
--
2.4.3