|
|
f29388 |
From 05b37ac18ed8da00ce560ed52244c6ad7abfa6a9 Mon Sep 17 00:00:00 2001
|
|
|
f29388 |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
f29388 |
Date: Wed, 13 Mar 2019 17:41:29 +0100
|
|
|
f29388 |
Subject: [PATCH 34/35] TESTS: Add a unit test for UPNs stored by
|
|
|
f29388 |
sss_ncache_prepopulate
|
|
|
f29388 |
|
|
|
f29388 |
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
f29388 |
(cherry picked from commit 48c1e3ac34ec5b2d7cf27d7393d049c880bca319)
|
|
|
f29388 |
---
|
|
|
f29388 |
src/tests/cmocka/test_negcache.c | 111 +++++++++++++++++++++++++------
|
|
|
f29388 |
1 file changed, 92 insertions(+), 19 deletions(-)
|
|
|
f29388 |
|
|
|
f29388 |
diff --git a/src/tests/cmocka/test_negcache.c b/src/tests/cmocka/test_negcache.c
|
|
|
f29388 |
index a0210928b..9bddddd8d 100644
|
|
|
f29388 |
--- a/src/tests/cmocka/test_negcache.c
|
|
|
f29388 |
+++ b/src/tests/cmocka/test_negcache.c
|
|
|
f29388 |
@@ -39,6 +39,7 @@
|
|
|
f29388 |
#include "lib/idmap/sss_idmap.h"
|
|
|
f29388 |
#include "util/util.h"
|
|
|
f29388 |
#include "util/util_sss_idmap.h"
|
|
|
f29388 |
+#include "db/sysdb_private.h"
|
|
|
f29388 |
#include "responder/common/responder.h"
|
|
|
f29388 |
#include "responder/common/negcache.h"
|
|
|
f29388 |
|
|
|
f29388 |
@@ -52,6 +53,7 @@
|
|
|
f29388 |
#define TEST_CONF_DB "test_nss_conf.ldb"
|
|
|
f29388 |
#define TEST_DOM_NAME "nss_test"
|
|
|
f29388 |
#define TEST_ID_PROVIDER "ldap"
|
|
|
f29388 |
+#define TEST_SUBDOM_NAME "test.subdomain"
|
|
|
f29388 |
|
|
|
f29388 |
/* register_cli_protocol_version is required in test since it links with
|
|
|
f29388 |
* responder_common.c module
|
|
|
f29388 |
@@ -582,6 +584,29 @@ static int check_gid_in_ncache(struct sss_nc_ctx *ctx,
|
|
|
f29388 |
return ret;
|
|
|
f29388 |
}
|
|
|
f29388 |
|
|
|
f29388 |
+static int add_confdb_params(struct sss_test_conf_param params[],
|
|
|
f29388 |
+ struct confdb_ctx *cdb, const char *section)
|
|
|
f29388 |
+{
|
|
|
f29388 |
+ const char *val[2];
|
|
|
f29388 |
+ int ret;
|
|
|
f29388 |
+
|
|
|
f29388 |
+ val[1] = NULL;
|
|
|
f29388 |
+
|
|
|
f29388 |
+ for (int i = 0; params[i].key; i++) {
|
|
|
f29388 |
+ val[0] = params[i].value;
|
|
|
f29388 |
+ ret = confdb_add_param(cdb, true, section, params[i].key, val);
|
|
|
f29388 |
+ assert_int_equal(ret, EOK);
|
|
|
f29388 |
+ }
|
|
|
f29388 |
+
|
|
|
f29388 |
+ return EOK;
|
|
|
f29388 |
+}
|
|
|
f29388 |
+
|
|
|
f29388 |
+static int add_nss_params(struct sss_test_conf_param nss_params[],
|
|
|
f29388 |
+ struct confdb_ctx *cdb)
|
|
|
f29388 |
+{
|
|
|
f29388 |
+ return add_confdb_params(nss_params, cdb, CONFDB_NSS_CONF_ENTRY);
|
|
|
f29388 |
+}
|
|
|
f29388 |
+
|
|
|
f29388 |
static void test_sss_ncache_prepopulate(void **state)
|
|
|
f29388 |
{
|
|
|
f29388 |
int ret;
|
|
|
f29388 |
@@ -589,9 +614,14 @@ static void test_sss_ncache_prepopulate(void **state)
|
|
|
f29388 |
struct tevent_context *ev;
|
|
|
f29388 |
struct sss_nc_ctx *ncache;
|
|
|
f29388 |
struct sss_test_ctx *tc;
|
|
|
f29388 |
- struct sss_domain_info *dom;
|
|
|
f29388 |
+ const char *const testdom[4] = { TEST_SUBDOM_NAME, "TEST.SUB", "test", "S-3" };
|
|
|
f29388 |
+ struct sss_domain_info *subdomain;
|
|
|
f29388 |
|
|
|
f29388 |
- struct sss_test_conf_param params[] = {
|
|
|
f29388 |
+ struct sss_test_conf_param nss_params[] = {
|
|
|
f29388 |
+ { "filter_users", "testuser_nss@UPN.REALM, testuser_nss_short" },
|
|
|
f29388 |
+ { NULL, NULL },
|
|
|
f29388 |
+ };
|
|
|
f29388 |
+ struct sss_test_conf_param dom_params[] = {
|
|
|
f29388 |
{ "filter_users", "testuser1, testuser2@"TEST_DOM_NAME", testuser3@somedomain" },
|
|
|
f29388 |
{ "filter_groups", "testgroup1, testgroup2@"TEST_DOM_NAME", testgroup3@somedomain" },
|
|
|
f29388 |
{ NULL, NULL },
|
|
|
f29388 |
@@ -602,22 +632,35 @@ static void test_sss_ncache_prepopulate(void **state)
|
|
|
f29388 |
ev = tevent_context_init(ts);
|
|
|
f29388 |
assert_non_null(ev);
|
|
|
f29388 |
|
|
|
f29388 |
- dom = talloc_zero(ts, struct sss_domain_info);
|
|
|
f29388 |
- assert_non_null(dom);
|
|
|
f29388 |
- dom->name = discard_const_p(char, TEST_DOM_NAME);
|
|
|
f29388 |
-
|
|
|
f29388 |
ts->nctx = mock_nctx(ts);
|
|
|
f29388 |
assert_non_null(ts->nctx);
|
|
|
f29388 |
|
|
|
f29388 |
tc = create_dom_test_ctx(ts, TESTS_PATH, TEST_CONF_DB,
|
|
|
f29388 |
- TEST_DOM_NAME, TEST_ID_PROVIDER, params);
|
|
|
f29388 |
+ TEST_DOM_NAME, TEST_ID_PROVIDER, dom_params);
|
|
|
f29388 |
assert_non_null(tc);
|
|
|
f29388 |
|
|
|
f29388 |
+ ret = add_nss_params(nss_params, tc->confdb);
|
|
|
f29388 |
+ assert_int_equal(ret, EOK);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ subdomain = new_subdomain(tc, tc->dom,
|
|
|
f29388 |
+ testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
f29388 |
+ false, false, NULL, NULL, 0,
|
|
|
f29388 |
+ tc->confdb);
|
|
|
f29388 |
+ assert_non_null(subdomain);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ ret = sysdb_subdomain_store(tc->sysdb,
|
|
|
f29388 |
+ testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
f29388 |
+ false, false, NULL, 0, NULL);
|
|
|
f29388 |
+ assert_int_equal(ret, EOK);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ ret = sysdb_update_subdomains(tc->dom, tc->confdb);
|
|
|
f29388 |
+ assert_int_equal(ret, EOK);
|
|
|
f29388 |
+
|
|
|
f29388 |
ncache = ts->ctx;
|
|
|
f29388 |
- ts->rctx = mock_rctx(ts, ev, dom, ts->nctx);
|
|
|
f29388 |
+ ts->rctx = mock_rctx(ts, ev, tc->dom, ts->nctx);
|
|
|
f29388 |
assert_non_null(ts->rctx);
|
|
|
f29388 |
|
|
|
f29388 |
- ret = sss_names_init(ts, tc->confdb, TEST_DOM_NAME, &dom->names);
|
|
|
f29388 |
+ ret = sss_names_init(ts, tc->confdb, TEST_DOM_NAME, &tc->dom->names);
|
|
|
f29388 |
assert_int_equal(ret, EOK);
|
|
|
f29388 |
|
|
|
f29388 |
ret = sss_ncache_prepopulate(ncache, tc->confdb, ts->rctx);
|
|
|
f29388 |
@@ -625,34 +668,37 @@ static void test_sss_ncache_prepopulate(void **state)
|
|
|
f29388 |
|
|
|
f29388 |
sleep(SHORTSPAN);
|
|
|
f29388 |
|
|
|
f29388 |
- ret = check_user_in_ncache(ncache, dom, "testuser1");
|
|
|
f29388 |
+ ret = check_user_in_ncache(ncache, tc->dom, "testuser1");
|
|
|
f29388 |
assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
|
|
|
f29388 |
- ret = check_group_in_ncache(ncache, dom, "testgroup1");
|
|
|
f29388 |
+ ret = check_group_in_ncache(ncache, tc->dom, "testgroup1");
|
|
|
f29388 |
assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
|
|
|
f29388 |
- ret = check_user_in_ncache(ncache, dom, "testuser2");
|
|
|
f29388 |
+ ret = check_user_in_ncache(ncache, tc->dom, "testuser2");
|
|
|
f29388 |
assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
|
|
|
f29388 |
- ret = check_group_in_ncache(ncache, dom, "testgroup2");
|
|
|
f29388 |
+ ret = check_group_in_ncache(ncache, tc->dom, "testgroup2");
|
|
|
f29388 |
assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
|
|
|
f29388 |
- ret = check_user_in_ncache(ncache, dom, "testuser3");
|
|
|
f29388 |
+ ret = check_user_in_ncache(ncache, tc->dom, "testuser3");
|
|
|
f29388 |
assert_int_equal(ret, ENOENT);
|
|
|
f29388 |
|
|
|
f29388 |
- ret = check_group_in_ncache(ncache, dom, "testgroup3");
|
|
|
f29388 |
+ ret = check_group_in_ncache(ncache, tc->dom, "testgroup3");
|
|
|
f29388 |
assert_int_equal(ret, ENOENT);
|
|
|
f29388 |
|
|
|
f29388 |
- ret = check_user_in_ncache(ncache, dom, "testuser3@somedomain");
|
|
|
f29388 |
+ ret = check_user_in_ncache(ncache, tc->dom, "testuser3@somedomain");
|
|
|
f29388 |
assert_int_equal(ret, ENOENT);
|
|
|
f29388 |
|
|
|
f29388 |
- ret = check_group_in_ncache(ncache, dom, "testgroup3@somedomain");
|
|
|
f29388 |
+ ret = sss_ncache_check_upn(ncache, tc->dom, "testuser3@somedomain");
|
|
|
f29388 |
+ assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ ret = check_group_in_ncache(ncache, tc->dom, "testgroup3@somedomain");
|
|
|
f29388 |
assert_int_equal(ret, ENOENT);
|
|
|
f29388 |
|
|
|
f29388 |
- ret = check_user_in_ncache(ncache, dom, "root");
|
|
|
f29388 |
+ ret = check_user_in_ncache(ncache, tc->dom, "root");
|
|
|
f29388 |
assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
|
|
|
f29388 |
- ret = check_group_in_ncache(ncache, dom, "root");
|
|
|
f29388 |
+ ret = check_group_in_ncache(ncache, tc->dom, "root");
|
|
|
f29388 |
assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
|
|
|
f29388 |
ret = check_uid_in_ncache(ncache, 0);
|
|
|
f29388 |
@@ -660,6 +706,33 @@ static void test_sss_ncache_prepopulate(void **state)
|
|
|
f29388 |
|
|
|
f29388 |
ret = check_gid_in_ncache(ncache, 0);
|
|
|
f29388 |
assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ ret = sss_ncache_check_upn(ncache, tc->dom, "testuser_nss@UPN.REALM");
|
|
|
f29388 |
+ assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ ret = sss_ncache_check_upn(ncache, tc->dom->subdomains, "testuser_nss@UPN.REALM");
|
|
|
f29388 |
+ assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ ret = sss_ncache_check_upn(ncache, tc->dom, "testuser_nss_short@" TEST_DOM_NAME);
|
|
|
f29388 |
+ assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ ret = sss_ncache_check_upn(ncache, tc->dom->subdomains, "testuser_nss_short@" TEST_SUBDOM_NAME);
|
|
|
f29388 |
+ assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ ret = check_user_in_ncache(ncache, tc->dom, "testuser_nss_short");
|
|
|
f29388 |
+ assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ ret = check_user_in_ncache(ncache, tc->dom->subdomains, "testuser_nss_short");
|
|
|
f29388 |
+ assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ ret = sss_ncache_check_upn(ncache, tc->dom, "testuser1@" TEST_DOM_NAME);
|
|
|
f29388 |
+ assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ ret = sss_ncache_check_upn(ncache, tc->dom, "testuser2@" TEST_DOM_NAME);
|
|
|
f29388 |
+ assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
+
|
|
|
f29388 |
+ ret = sss_ncache_check_upn(ncache, tc->dom, "testuser3@somedomain");
|
|
|
f29388 |
+ assert_int_equal(ret, EEXIST);
|
|
|
f29388 |
}
|
|
|
f29388 |
|
|
|
f29388 |
static void test_sss_ncache_default_domain_suffix(void **state)
|
|
|
f29388 |
--
|
|
|
f29388 |
2.20.1
|
|
|
f29388 |
|