summaryrefslogtreecommitdiff
path: root/src/tests
AgeCommit message (Collapse)AuthorFilesLines
2011-08-01HBAC rule validation Python bindingsJakub Hrozek1-0/+30
https://fedorahosted.org/sssd/ticket/943
2011-08-01Add rule validator to libipa_hbacStephen Gallagher1-0/+115
https://fedorahosted.org/sssd/ticket/943
2011-07-29UTF8 HBAC testJakub Hrozek1-0/+117
2011-07-21fo_get_server_name() getter for a server nameJakub Hrozek1-1/+1
Allows to be more concise in tests and more defensive in resolve callbacks
2011-07-21Rename fo_get_server_name to fo_get_server_str_nameJakub Hrozek1-1/+1
2011-07-13Fix python HBAC bindings for python <= 2.4Jakub Hrozek1-3/+4
Several parts of the HBAC python bindings did not work with old Python versions, such as the one shipped in RHEL5. The changes include: * a compatibility wrapper around python set object * PyModule_AddIntMacro compat macro * Py_ssize_t compat definition * Do not use PyUnicode_FromFormat * several function prototypes and structures used to have "char arguments where they have "const char *" in recent versions. This caused compilation warnings this patch mitigates by using the discard_const hack on python 2.4
2011-07-13Fixes for python HBAC bindingsJakub Hrozek1-0/+23
These changes were proposed during a review: * Change the signature of str_concat_sequence() to const char * * use a getsetter for HbacRule.enabled to allow string true/false and integer 1/0 in addition to bool * fix a minor memory leak (HbacRequest.rule_name) * remove overzealous discard consts
2011-07-08Provide python bindings for the HBAC evaluator libraryJakub Hrozek1-0/+468
2011-07-08Add HBAC evaluator and testsStephen Gallagher1-0/+618
2011-06-16Test NULL server hostname in fail over testsJakub Hrozek1-8/+16
2011-06-15Switch resolver to using resolv_hostent and honor TTLJakub Hrozek2-43/+85
2011-06-15Unit test for parge_argsJakub Hrozek1-0/+58
2011-06-02Non-posix group processing - sysdb changesJan Zeleny1-4/+6
2011-04-27Require openssl-devel is libcrypto backend is selectedJakub Hrozek1-5/+14
2011-04-25Case insensitive originalDN testJakub Hrozek1-0/+47
2011-03-23Add originalDN to fake groupsJakub Hrozek1-2/+2
2011-02-28Use realm for basedn instead of IPA domainJakub Hrozek1-0/+1
https://fedorahosted.org/sssd/ticket/807
2011-02-11Clear up -Wunused-but-set-variable warningsStephen Gallagher1-1/+1
2011-01-21Delete attributes that are removed from LDAPStephen Gallagher1-1/+1
Sometimes, a value in LDAP will cease to exist (the classic example being shadowExpire). We need to make sure we purge that value from SSSD's sysdb as well. https://fedorahosted.org/sssd/ticket/750
2011-01-11Validate user supplied size of data itemsSumit Bose1-0/+14
Specially crafted packages might lead to an integer overflow and the parsing of the input buffer might not continue as expected. This issue was identified by Sebastian Krahmer <krahmer@suse.de>.
2010-12-20Add sysdb_has_enumerated and sysdb_set_enumerated helper functionsStephen Gallagher1-0/+40
Includes a unit test
2010-12-17Fix unchecked return value in test_sysdb_attrs_to_listStephen Gallagher1-3/+6
https://fedorahosted.org/sssd/ticket/714
2010-12-15Fix uninitialized value error in main() in stress-tests.cSumit Bose1-0/+1
https://fedorahosted.org/sssd/ticket/732
2010-12-14Fix uninitialized value error in setup_test in fail_over-tests.cSumit Bose1-0/+1
https://fedorahosted.org/sssd/ticket/728
2010-12-13Add group support to the simple access providerStephen Gallagher1-2/+2
This patch adds simple_allow_groups and simple_deny_groups options to the simple access provider. It makes it possible to grant or deny access based on a user's group memberships within the domain. This patch makes one minor change to previous functionality: now all deny rules will supersede allow rules. Previously, if both simple_allow_users and simple_deny_users were set with the same value, the allow would win. https://fedorahosted.org/sssd/ticket/440
2010-12-08Bye, bye, ipa_timerulesSumit Bose1-582/+0
It was decided that IPA HBAC will move to a different format to specify time ranges in access control rules. The evaluation based on the old format is not needed anymore.
2010-11-15Fix const cast warnings in testsStephen Gallagher2-2/+2
2010-11-15Fix const cast warning for sysdb_update_membersStephen Gallagher1-4/+4
2010-11-15Add unit tests for users and groups with odd charactersStephen Gallagher1-0/+145
2010-11-15Add utility function to sanitize LDAP/LDB filtersStephen Gallagher1-0/+68
Also adds a unit test.
2010-10-26Always use uint32_t for UID/GID numbersJakub Hrozek1-10/+10
2010-10-18Modify sysdb_[add|remove]_group_member to accept users and groupsStephen Gallagher1-5/+10
Previously, it assumed that all members were users. This changes the interface so that either a user or a group can be specified. Also, it eliminates the need for a memory context to be passed, since the internal memory should be self-contained.
2010-10-15sysdb interface for adding incomplete groupsJakub Hrozek1-0/+40
Useful for optimizing the initgroups operation.
2010-10-13Also return member groups to the clientSumit Bose1-44/+44
2010-10-13netgroup testsStephen Gallagher1-0/+516
2010-10-13Use POPT_TABLEEND to close option tableSumit Bose7-8/+8
2010-09-28Suppress some 'unchecked return value' warningsSumit Bose1-6/+13
2010-09-28Suppress some 'may be used uninitialized' warningsSumit Bose1-1/+1
Additionally the handling of errno and the errno_t return value of functions is fixed in krb5_common.c.
2010-09-22Initialize debug_level to zero in crypto testsStephen Gallagher1-1/+1
2010-09-22Fix sysdb_group_dn_nameJakub Hrozek1-0/+35
2010-09-15Add parameter to skip cleanup in sysdb testJakub Hrozek1-1/+4
This might be useful for examining the test database manually with LDB tools
2010-09-08Password obfuscation utility functionsJakub Hrozek1-0/+139
Adds two utility functions to obfuscate a password and inverse to extract the cleartext password back. So far, only NSS-based implementation is provided.
2010-08-03Add sysdb_update_members functionStephen Gallagher1-0/+56
This function will take a user, a list of groups that this user should be added to and a list of groups the user should be removed from and will recursively call sysdb_[add|remove]_group_member Includes a unit test
2010-08-03Add diff_string_lists utility functionStephen Gallagher1-0/+227
Includes a unit test
2010-08-03Add sysdb_attrs_to_list() utility functionStephen Gallagher1-0/+31
2010-06-16Standardize on correct spelling of "principal" for krb5Stephen Gallagher1-4/+4
https://fedorahosted.org/sssd/ticket/542
2010-06-14Print correct return codeJakub Hrozek1-1/+1
Fixes: #535
2010-05-26Add support for delayed kinit if offlineSumit Bose1-2/+2
If the configuration option krb5_store_password_if_offline is set to true and the backend is offline the plain text user password is stored and used to request a TGT if the backend becomes online. If available the Linux kernel key retention service is used.
2010-04-30Sort SRV replies according to RFC 2782Jakub Hrozek1-0/+88
RFC 2782 defines a way to sort replies to a SRV query. In short, the algorithm sorts all replies by priority and then does a weight-based selection for every priority level. For details, please see the sections "Usage rules" for overview of the algorithm and section "The 'Weight' field" for description on the weight selection.
2010-04-14Fix warning in sysdb-tests.cStephen Gallagher1-8/+0
When we converted to the synchronous sysdb interface, the synchronous-simulating function test_loop() became unnecessary, but we forgot to remove it.