diff options
author | Sumit Bose <sbose@redhat.com> | 2010-01-07 10:26:50 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-01-20 08:55:59 -0500 |
commit | 6e52969c0dc8ac0dfb81e800bd2ef5228b8fea29 (patch) | |
tree | aff7df3dfbe8ba78134c298395c96fac16cfb011 /server/tests/sysdb-tests.c | |
parent | 30dcfad596af29830cd45adaebeb174a24151a34 (diff) | |
download | sssd-6e52969c0dc8ac0dfb81e800bd2ef5228b8fea29.tar.gz sssd-6e52969c0dc8ac0dfb81e800bd2ef5228b8fea29.tar.bz2 sssd-6e52969c0dc8ac0dfb81e800bd2ef5228b8fea29.zip |
Add sysdb request to authenticate against a cached password
The code for authentication against a cached password is moved from the
pam responder to a generic sysdb tevent request. The new code can be
used by other components of sssd to verify passwords on their own.
Tests for the sysdb_cache_password and sysdb_cache_auth request are
added and some unneeded or unused code and variables are removed.
Diffstat (limited to 'server/tests/sysdb-tests.c')
-rw-r--r-- | server/tests/sysdb-tests.c | 135 |
1 files changed, 135 insertions, 0 deletions
diff --git a/server/tests/sysdb-tests.c b/server/tests/sysdb-tests.c index ace03439..11fde6fe 100644 --- a/server/tests/sysdb-tests.c +++ b/server/tests/sysdb-tests.c @@ -2236,6 +2236,129 @@ START_TEST (test_sysdb_delete_custom) } END_TEST +START_TEST (test_sysdb_cache_password) +{ + struct sysdb_test_ctx *test_ctx; + struct test_data *data; + struct tevent_req *req; + int ret; + + /* Setup */ + ret = setup_sysdb_tests(&test_ctx); + fail_unless(ret == EOK, "Could not set up the test"); + + data = talloc_zero(test_ctx, struct test_data); + data->ctx = test_ctx; + data->ev = test_ctx->ev; + data->username = talloc_asprintf(data, "testuser%d", _i); + + req = sysdb_cache_password_send(data, test_ctx->ev, test_ctx->sysdb, NULL, + test_ctx->domain, data->username, + data->username); + fail_unless(req != NULL, "sysdb_cache_password_send failed [%d].", ret); + + tevent_req_set_callback(req, test_search_done, data); + + ret = test_loop(data); + fail_unless(ret == EOK, "test_loop failed [%d].", ret); + + ret = sysdb_cache_password_recv(req); + fail_unless(ret == EOK, "sysdb_cache_password request failed [%d].", ret); + + talloc_free(test_ctx); +} +END_TEST + +static void cached_authentication(const char *username, const char *password, + int expected_result) +{ + struct sysdb_test_ctx *test_ctx; + struct test_data *data; + struct tevent_req *req; + int ret; + + /* Setup */ + ret = setup_sysdb_tests(&test_ctx); + fail_unless(ret == EOK, "Could not set up the test"); + + data = talloc_zero(test_ctx, struct test_data); + data->ctx = test_ctx; + data->ev = test_ctx->ev; + data->username = username; + + req = sysdb_cache_auth_send(data, test_ctx->ev, test_ctx->sysdb, + test_ctx->domain, data->username, + (const uint8_t *) password, strlen(password), + test_ctx->confdb); + fail_unless(req != NULL, "sysdb_cache_password_send failed."); + + tevent_req_set_callback(req, test_search_done, data); + + ret = test_loop(data); + fail_unless(ret == EOK, "test_loop failed."); + + ret = sysdb_cache_auth_recv(req); + fail_unless(ret == expected_result, "sysdb_cache_auth request does not " + "return expected result [%d].", + expected_result); + + talloc_free(test_ctx); +} + +START_TEST (test_sysdb_cached_authentication_missing_password) +{ + TALLOC_CTX *tmp_ctx; + char *username; + + tmp_ctx = talloc_new(NULL); + fail_unless(tmp_ctx != NULL, "talloc_new failed."); + + username = talloc_asprintf(tmp_ctx, "testuser%d", _i); + fail_unless(username != NULL, "talloc_asprintf failed."); + + cached_authentication(username, "abc", ENOENT); + + talloc_free(tmp_ctx); + +} +END_TEST + +START_TEST (test_sysdb_cached_authentication_wrong_password) +{ + TALLOC_CTX *tmp_ctx; + char *username; + + tmp_ctx = talloc_new(NULL); + fail_unless(tmp_ctx != NULL, "talloc_new failed."); + + username = talloc_asprintf(tmp_ctx, "testuser%d", _i); + fail_unless(username != NULL, "talloc_asprintf failed."); + + cached_authentication(username, "abc", EINVAL); + + talloc_free(tmp_ctx); + +} +END_TEST + +START_TEST (test_sysdb_cached_authentication) +{ + TALLOC_CTX *tmp_ctx; + char *username; + + tmp_ctx = talloc_new(NULL); + fail_unless(tmp_ctx != NULL, "talloc_new failed."); + + username = talloc_asprintf(tmp_ctx, "testuser%d", _i); + fail_unless(username != NULL, "talloc_asprintf failed."); + + cached_authentication(username, username, EOK); + + talloc_free(tmp_ctx); + +} +END_TEST + START_TEST (test_sysdb_prepare_asq_test_user) { struct sysdb_test_ctx *test_ctx; @@ -2954,6 +3077,18 @@ Suite *create_sysdb_suite(void) /* Add some members to the groups */ tcase_add_loop_test(tc_sysdb, test_sysdb_add_group_member, 28010, 28020); + /* Authenticate with missing cached password */ + tcase_add_loop_test(tc_sysdb, test_sysdb_cached_authentication_missing_password, + 27010, 27011); + + /* Add a cached password */ + tcase_add_loop_test(tc_sysdb, test_sysdb_cache_password, 27010, 27011); + + /* Authenticate against cached password */ + tcase_add_loop_test(tc_sysdb, test_sysdb_cached_authentication_wrong_password, + 27010, 27011); + tcase_add_loop_test(tc_sysdb, test_sysdb_cached_authentication, 27010, 27011); + /* ASQ search test */ tcase_add_loop_test(tc_sysdb, test_sysdb_prepare_asq_test_user, 28011, 28020); tcase_add_test(tc_sysdb, test_sysdb_asq_search); |