summaryrefslogtreecommitdiff
path: root/src/tests
AgeCommit message (Collapse)AuthorFilesLines
2013-06-28Read mpg state for subdomains from cacheSumit Bose1-3/+6
The mpg flag will be read from the cache for subdomains and the domain object will be created accordingly.
2013-06-28Save mpg state for subdomainsSumit Bose1-5/+8
The information of a subdomain will use magic private groups (mpg) or not will be stored together with other information about the domain in the cache.
2013-06-28Add cmocka based tests for libsss_idmapSumit Bose1-0/+421
This patch implements some unit tests for the recent enhancements to libsss_idmap.
2013-06-10Fix dereference after a NULL check in tests.Lukas Slebodnik1-6/+20
https://fedorahosted.org/sssd/ticket/1972 Coverity IDs: 11870,11871 Do not call unlink with NULL pointer.
2013-06-06Enhance PAC responder for AD usersSumit Bose1-524/+0
This patch modifies the PAC responder so that it can be used with the AD provider as well. The main difference is that the POSIX UIDs and GIDs are now lookup up with the help of the SID instead of being calculated algorithmically. This was necessary because the AD provider allows either algorithmic mapping or reading the value from attributes stored in AD. Fixes https://fedorahosted.org/sssd/ticket/1558
2013-05-30Allow flat name in the FQname formatJakub Hrozek2-5/+423
https://fedorahosted.org/sssd/ticket/1648 Adds another expansion in the printf format that allows the user to use the domain flat name in the format.
2013-05-30Remove empty directories after tests run.Lukas Slebodnik3-27/+12
Empty directory tests_path is removed in function test_dom_suite_cleanup. Function test_dom_suite_cleanup is reused in other tests.
2013-05-30Making order in tests.Lukas Slebodnik2-1/+0
--removed duplicated test-io --reusing library libsss_test_common in other tests --cmocka test sss_nss_idmap-tests was moved to cmocka dir --moved leak_check.c to libsss_test_common --moved common_tev.c,common_dom.c to libsss_test_common (leak_check.c,common_tev.c,common_dom.c) are test framework independent
2013-05-27Fix dyndns timer initializationJakub Hrozek1-1/+5
The dyndns init function was starting the timer even if the updates were set to False. This patch splits the init of dynamic updates and the timer into two functions so that the back end can start the updates separately from reading the options.
2013-05-13tests: Do not set cwd twiceJakub Hrozek1-1/+0
The tests_set_cwd() function was called twice in the dyndns unit test.
2013-05-03Active Directory dynamic DNS updatesJakub Hrozek1-0/+6
https://fedorahosted.org/sssd/ticket/1504 Implements dynamic DNS updates for the AD provider. By default, the updates also update the reverse zone and run periodically every 24 hours.
2013-05-03dyndns: new option dyndns_authJakub Hrozek1-0/+3
This options is mostly provided for future expansion. Currently it is undocumented and both IPA and AD dynamic DNS updates default to GSS-TSIG. Allowed values are GSS-TSIG and none.
2013-05-03dyndns: new option dyndns_force_tcpJakub Hrozek1-3/+3
https://fedorahosted.org/sssd/ticket/1831 Adds a new option that can be used to force nsupdate to only use TCP to communicate with the DNS server.
2013-05-03resolver: Return PTR record as stringJakub Hrozek1-0/+104
This is a requirement to update the PTR records. Includes a unit test.
2013-05-03dyndns: new option dyndns_refresh_intervalJakub Hrozek1-2/+83
This new options adds the possibility of updating the DNS entries periodically regardless if they have changed or not. This feature will be useful mainly in AD environments where the Windows clients periodically update their DNS records.
2013-05-03Convert IPA-specific options to be back-end agnosticJakub Hrozek1-1/+1
This patch introduces new options for dynamic DNS updates that are not specific to any back end. The current ipa dyndns options are still usable, just with a deprecation warning.
2013-05-03Refactor dynamic DNS updatesJakub Hrozek4-8/+367
Provides two new layers instead of the previous IPA specific layer: 1) dp_dyndns.c -- a very generic dyndns layer on the DP level. Its purpose it to make it possible for any back end to use dynamic DNS updates. 2) sdap_dyndns.c -- a wrapper around dp_dyndns.c that utilizes some LDAP-specific features like autodetecting the address from the LDAP connection. Also converts the dyndns code to new specific error codes.
2013-05-03Add client library for SID related lookupsSumit Bose1-0/+118
This patch add a library for client side lookups for a SID or with a SID through the calls: - sss_nss_getsidbyname - sss_nss_getsidbyid - sss_nss_getnamebysid - sss_nss_getidbysid The library is called libsss_nss_idmap and the contributed spec file will create two new packages libsss_nss_idmap and libsss_nss_idmap-devel.
2013-05-02Fix segmentation fault in test_io.Abhishek Singh1-4/+19
tests_set_cwd is used and relativepath calculation method is changed and is made general based on basedir.
2013-05-02Default TEST_DIR to cwd, not empty string if not set explicitlyLukas Slebodnik1-6/+2
If configure isn't being run with argument --with-test-dir, then variable TEST_DIR will be defined, but its value will be empty (""). In this case opendir will fail with uncatched error "Directory does not exist, or name is an empty string". Finally function call dirfd will segfault because its argument is NULL. I changed default value of TEST_DIR (if --with-test-dir was not used). Function tests_set_cwd does not ignore return value of chdir, because TEST_DIR should not be the empty string.
2013-04-29Only try to relink ghost users if we're not enumeratingJakub Hrozek1-4/+8
https://fedorahosted.org/sssd/ticket/1893 When SSSD is not enumerating (which is the default), we are trying to link any "ghost" entries with a newly created user entry. However, when enumeration is on, this means a spurious search on adding any user.
2013-04-18tests: Fix the order of key/valuesJakub Hrozek1-2/+3
2013-04-17Make leak checks usable in tests that do not utilize checkJakub Hrozek12-138/+237
* Remove check-specific failure reporting from common_check.c * Check-specific abstraction over memleak checks * Rename common_check.c to leak_check.c
2013-04-15Fix simple access group control in case-insensitive domainsJakub Hrozek1-2/+2
https://fedorahosted.org/sssd/ticket/1713 In the simple access provider, we need to only canonicalize user names when comparing with values in the ACL, not when searching the cache. The sysdb searches might do a base search with a DN constructed with the username which fails if the username is lower case.
2013-04-10cmocka unittest for io addedAbhishek Singh1-0/+157
2013-04-10cmocka unittest for find_uid addedAbhishek Singh1-0/+105
2013-04-02Making the authtok structure really opaque.Lukas Slebodnik1-2/+2
Definition of structure sss_auth_token was removed from header file authtok.h and there left only declaration of this structure. Therefore only way how to use this structure is to use accessory function from same header file. To creating new empty authotok can only be used newly created function sss_authtok_new(). TALLOC context was removed from copy and setter functions, because pointer to stuct sss_auth_token is used as a memory context. All declaration of struct sss_auth_token variables was replaced with pointer to this structure and related changes was made in source code. Function copy_pam_data can copy from argument src which was dynamically allocated with function create_pam_data() or zero initialized struct pam_data allocated on stack. https://fedorahosted.org/sssd/ticket/1830
2013-04-02Reusing create_pam_data() on the other places.Lukas Slebodnik2-2/+2
Function create_pam_data() should be only one way how to create new struct pam_data, because it also initialize destructor to created object.
2013-03-21Fixing duplicate constLukas Slebodnik1-3/+3
const char const * --> const char *const
2013-03-20tests: Print warning if LDB_MODULES_PATH is not setMichal Zidek4-0/+21
Print warning if sysdb-tests or sysdb-ssh test are run individually and LDB_MODULES_PATH was not set. https://fedorahosted.org/sssd/ticket/1820
2013-03-19Resolve GIDs in the simple access providerJakub Hrozek1-101/+260
Changes the simple access provider's interface to be asynchronous. When the simple access provider encounters a group that has gid, but no meaningful name, it attempts to resolve the name using the be_file_account_request function. Some providers (like the AD provider) might perform initgroups without resolving the group names. In order for the simple access provider to work correctly, we need to resolve the groups before performing the access check. In AD provider, the situation is even more tricky b/c the groups HAVE name, but their name attribute is set to SID and they are set as non-POSIX
2013-03-19Add unit tests for simple access test by groupsJakub Hrozek1-31/+253
I realized that the current unit tests for the simple access provider only tested the user directives. To have a baseline and be able to detect new bugs in the upcoming patch, I implemented unit tests for the group lists, too.
2013-03-19Removing unused declaration of functions and variable.Lukas Slebodnik1-2/+0
Variables dir_cc and file_cc are used in three modules: krb5_common.c, krb5_utils.c, krb5_child-test.c, therefore should be declared with extern in krb5_utils.h.
2013-03-18Fix coverity issue 13136Ondrej Kos1-0/+1
https://fedorahosted.org/sssd/ticket/1811
2013-03-13krb5-utils-tests: remove invalid conditionPavel Březina1-2/+0
This condition is invalid because different_realm is not set, when EINVAL is returned. It can make the test fail sometimes.
2013-03-13fix segfault in nss responder unit testPavel Březina1-1/+1
https://fedorahosted.org/sssd/ticket/1833 state is expected to be a pointer
2013-03-08CMocka based test for the NSS responderJakub Hrozek4-0/+767
2013-03-08Add utility functions for tests that use sysdb or tevent.Jakub Hrozek3-0/+267
There was shared code for several unit tests that connected to their own sysdb instance. This patch adds common code to run a generic request to completion or connect to a test sysdb.
2013-03-04Use SSSD specific errors for offline authSimo Sorce2-7/+11
This prevents reportin false errors when internal functions return a generic EINVAL or EACCES that should just be treated as internal errors.
2013-02-10Change the way domains are linked.Simo Sorce2-87/+43
- Use a double-linked list for domains and subdomains. - Never remove a subdomain, simply mark it as disabled if it becomes unused. - Rework the way subdomains are refreshed. Now sysdb_update_subdomains() actually updates the current subdomains and marks as disabled the ones not found in the sysdb or add new ones found. It never removes them. Removal of missing domains from sysdb is deferred to the providers, which will perform it at refresh time, for the ipa provider that is done by ipa_subdomains_write_mappings() now. sysdb_update_subdomains() is then used to update the memory hierarchy of the subdomains. - Removes sysdb_get_subdomains() - Removes copy_subdomain() - Add sysdb_subdomain_delete()
2013-02-10Remove sysdb_subdom completelySimo Sorce1-45/+67
struct sss_domain_info is always used to represent domains now. Adjust tests accordingly.
2013-02-10Avoid sysdb_subdom in sysdb_get_subdomains()Simo Sorce1-11/+11
2013-02-10Add realm info to sss_domain_infoSimo Sorce1-3/+3
2013-01-29TESTS: include error message on failOndrej Kos1-8/+8
2013-01-29TESTS: Fix coverity issues 13126, 13127Ondrej Kos1-2/+6
https://fedorahosted.org/sssd/ticket/1763
2013-01-23TOOLS: Use file descriptor to avoid races when creating a home directoryJakub Hrozek1-3/+3
When creating a home directory, the destination tree can be modified in various ways while it is being constructed because directory permissions are set before populating the directory. This can lead to file creation and permission changes outside the target directory tree, using hard links. This security problem was assigned CVE-2013-0219 https://fedorahosted.org/sssd/ticket/1782
2013-01-15tests: unit test for sysdb_remove_attrsJakub Hrozek1-0/+45
2013-01-15tests: add unit test for sysdb_get_new_idJakub Hrozek1-1/+20
2013-01-15tests: test sysdb_initgroupsJakub Hrozek1-0/+48
2013-01-15tests: adda a unit test for test_sysdb_search_groupsJakub Hrozek1-0/+29