68ef824a5f
And also ... - Related: upstream#941 - return multiple server addresses to the Kerberos locator plugin - Related: upstream#3652 - kdcinfo doesn't get populated for other domains - Resolves: upstream#3747 - sss_ssh_authorizedkeys exits abruptly if SSHD closes its end of the pipe before reading all the SSH keys - Resolves: upstream#3607 - Handle conflicting e-mail addresses more gracefully - Resolves: upstream#3754 - SSSD AD uses LDAP filter to detect POSIX attributes stored in AD GC also for regular AD DC queries - Related: upstream#3219 - [RFE] Regular expression used in sssd.conf not being able to consume an @-sign in the user/group name. Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
725 lines
23 KiB
Diff
725 lines
23 KiB
Diff
From 3d6b8b306cdbd4ec15b36a1e7936d219204e08dc Mon Sep 17 00:00:00 2001
|
|
From: Sumit Bose <sbose@redhat.com>
|
|
Date: Thu, 24 May 2018 17:14:42 +0200
|
|
Subject: [PATCH] krb5 locator: add unit tests
|
|
|
|
Unit test for existing and new functionality of the Kerberos locator
|
|
plugin.
|
|
|
|
Related to https://pagure.io/SSSD/sssd/issue/941
|
|
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
|
(cherry picked from commit 2124275fe494a0241a552538c70f40c2291f3795)
|
|
---
|
|
Makefile.am | 20 +
|
|
src/krb5_plugin/sssd_krb5_locator_plugin.c | 16 +
|
|
.../cmocka/test_sssd_krb5_locator_plugin.c | 631 ++++++++++++++++++
|
|
3 files changed, 667 insertions(+)
|
|
create mode 100644 src/tests/cmocka/test_sssd_krb5_locator_plugin.c
|
|
|
|
diff --git a/Makefile.am b/Makefile.am
|
|
index 9539b3cff8544cf406e3e19ab23e76e9cc8234ee..9055130ed74057987795285c243ff47584cf8316 100644
|
|
--- a/Makefile.am
|
|
+++ b/Makefile.am
|
|
@@ -288,6 +288,7 @@ if HAVE_CMOCKA
|
|
krb5_common_test \
|
|
test_iobuf \
|
|
sss_certmap_test \
|
|
+ test_sssd_krb5_locator_plugin \
|
|
$(NULL)
|
|
|
|
|
|
@@ -3518,6 +3519,25 @@ sss_certmap_test_LDADD = \
|
|
libsss_certmap.la \
|
|
$(NULL)
|
|
|
|
+test_sssd_krb5_locator_plugin_SOURCES = \
|
|
+ src/tests/cmocka/test_sssd_krb5_locator_plugin.c \
|
|
+ src/krb5_plugin/sssd_krb5_locator_plugin.c \
|
|
+ $(NULL)
|
|
+test_sssd_krb5_locator_plugin_CFLAGS = \
|
|
+ $(AM_CFLAGS) \
|
|
+ $(POPT_CFLAGS) \
|
|
+ $(TALLOC_CFLAGS) \
|
|
+ $(KRB5_CFLAGS) \
|
|
+ -DTEST_PUBCONF_PATH=\"$(abs_builddir)/src/tests/cmocka/pubconf\" \
|
|
+ $(NULL)
|
|
+test_sssd_krb5_locator_plugin_LDADD = \
|
|
+ $(CMOCKA_LIBS) \
|
|
+ $(POPT_LIBS) \
|
|
+ $(TALLOC_LIBS) \
|
|
+ $(KRB5_LIBS) \
|
|
+ libsss_test_common.la \
|
|
+ $(NULL)
|
|
+
|
|
if BUILD_KCM
|
|
test_kcm_json_SOURCES = \
|
|
src/tests/cmocka/test_kcm_json_marshalling.c \
|
|
diff --git a/src/krb5_plugin/sssd_krb5_locator_plugin.c b/src/krb5_plugin/sssd_krb5_locator_plugin.c
|
|
index 9874fd2d1ce63b69099f057dd05f6e353a12ce75..952d487c276ed51e0c3a018b0d0af59ca214525f 100644
|
|
--- a/src/krb5_plugin/sssd_krb5_locator_plugin.c
|
|
+++ b/src/krb5_plugin/sssd_krb5_locator_plugin.c
|
|
@@ -38,6 +38,22 @@
|
|
|
|
#include "providers/krb5/krb5_common.h"
|
|
|
|
+/* The following override of KDCINFO_TMPL and KPASSWDINFO_TMPL is not very
|
|
+ * elegant but since they are defined in krb5_common.h with the help of
|
|
+ * PUBCONF_PATH from config.h and PUBCONF_PATH can by set by a configure
|
|
+ * options I didn't found another way to change the path for a unit test. */
|
|
+#ifdef TEST_PUBCONF_PATH
|
|
+#ifdef KDCINFO_TMPL
|
|
+#undef KDCINFO_TMPL
|
|
+#endif
|
|
+#define KDCINFO_TMPL TEST_PUBCONF_PATH"/kdcinfo.%s"
|
|
+
|
|
+#ifdef KPASSWDINFO_TMPL
|
|
+#undef KPASSWDINFO_TMPL
|
|
+#endif
|
|
+#define KPASSWDINFO_TMPL TEST_PUBCONF_PATH"/kpasswdinfo.%s"
|
|
+#endif /* TEST_PUBCONF_PATH */
|
|
+
|
|
#define DEFAULT_KERBEROS_PORT 88
|
|
#define DEFAULT_KADMIN_PORT 749
|
|
#define DEFAULT_KPASSWD_PORT 464
|
|
diff --git a/src/tests/cmocka/test_sssd_krb5_locator_plugin.c b/src/tests/cmocka/test_sssd_krb5_locator_plugin.c
|
|
new file mode 100644
|
|
index 0000000000000000000000000000000000000000..3e7d00632ddb59da5474c0544eee6fc67edc5570
|
|
--- /dev/null
|
|
+++ b/src/tests/cmocka/test_sssd_krb5_locator_plugin.c
|
|
@@ -0,0 +1,631 @@
|
|
+/*
|
|
+ SSSD
|
|
+
|
|
+ Unit test for SSSD's MIT Kerberos locator plugin
|
|
+
|
|
+ Authors:
|
|
+ Sumit Bose <sbose@redhat.com>
|
|
+
|
|
+ Copyright (C) 2018 Red Hat
|
|
+
|
|
+ This program is free software; you can redistribute it and/or modify
|
|
+ it under the terms of the GNU General Public License as published by
|
|
+ the Free Software Foundation; either version 3 of the License, or
|
|
+ (at your option) any later version.
|
|
+
|
|
+ This program is distributed in the hope that it will be useful,
|
|
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+ GNU General Public License for more details.
|
|
+
|
|
+ You should have received a copy of the GNU General Public License
|
|
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
+*/
|
|
+#include "config.h"
|
|
+
|
|
+#include <popt.h>
|
|
+#include <sys/types.h>
|
|
+#include <sys/socket.h>
|
|
+#include <sys/stat.h>
|
|
+#include <string.h>
|
|
+#include <fcntl.h>
|
|
+#include <netdb.h>
|
|
+#include <krb5/krb5.h>
|
|
+#include <krb5/locate_plugin.h>
|
|
+
|
|
+#include "tests/cmocka/common_mock.h"
|
|
+
|
|
+#define TEST_REALM "TEST.REALM"
|
|
+#define TEST_IP_1 "123.231.132.213"
|
|
+#define TEST_IPV6_1_PURE "7025:4d2d:2b06:e321:d971:16c0:6eeb:cc41"
|
|
+#define TEST_IPV6_1 "["TEST_IPV6_1_PURE"]"
|
|
+#define TEST_SERVICE_1 "22334"
|
|
+#define TEST_SERVICE_2 "54321"
|
|
+#define TEST_IP_1_WITH_SERVICE TEST_IP_1":"TEST_SERVICE_1
|
|
+#define TEST_IPV6_1_WITH_SERVICE TEST_IPV6_1":"TEST_SERVICE_2
|
|
+
|
|
+struct test_state {
|
|
+ void *dummy;
|
|
+};
|
|
+
|
|
+static int setup(void **state)
|
|
+{
|
|
+ struct test_state *ts = NULL;
|
|
+
|
|
+ assert_true(leak_check_setup());
|
|
+
|
|
+ ts = talloc(global_talloc_context, struct test_state);
|
|
+ assert_non_null(ts);
|
|
+
|
|
+ check_leaks_push(ts);
|
|
+ *state = (void *)ts;
|
|
+
|
|
+ unlink(TEST_PUBCONF_PATH"/kdcinfo."TEST_REALM);
|
|
+ rmdir(TEST_PUBCONF_PATH);
|
|
+
|
|
+ return 0;
|
|
+}
|
|
+
|
|
+static int teardown(void **state)
|
|
+{
|
|
+ struct test_state *ts = talloc_get_type_abort(*state, struct test_state);
|
|
+
|
|
+ assert_non_null(ts);
|
|
+
|
|
+ assert_true(check_leaks_pop(ts));
|
|
+ talloc_free(ts);
|
|
+ assert_true(leak_check_teardown());
|
|
+ return 0;
|
|
+}
|
|
+
|
|
+/* Taken from MIT Kerberos src/lib/krb5/os/locate_kdc.c and
|
|
+ * lib/krb5/os/os-proto.h */
|
|
+
|
|
+typedef enum {
|
|
+ TCP_OR_UDP = 0,
|
|
+ TCP,
|
|
+ UDP,
|
|
+ HTTPS,
|
|
+} k5_transport;
|
|
+
|
|
+/* A single server hostname or address. */
|
|
+struct server_entry {
|
|
+ char *hostname; /* NULL -> use addrlen/addr instead */
|
|
+ int port; /* Used only if hostname set */
|
|
+ k5_transport transport; /* May be 0 for UDP/TCP if hostname set */
|
|
+ char *uri_path; /* Used only if transport is HTTPS */
|
|
+ int family; /* May be 0 (aka AF_UNSPEC) if hostname set */
|
|
+ int master; /* True, false, or -1 for unknown. */
|
|
+ size_t addrlen;
|
|
+ struct sockaddr_storage addr;
|
|
+};
|
|
+
|
|
+/* A list of server hostnames/addresses. */
|
|
+struct serverlist {
|
|
+ struct server_entry *servers;
|
|
+ size_t nservers;
|
|
+};
|
|
+#define SERVERLIST_INIT { NULL, 0 }
|
|
+
|
|
+/* Free up everything pointed to by the serverlist structure, but don't
|
|
+ * * free the structure itself. */
|
|
+void
|
|
+k5_free_serverlist (struct serverlist *list)
|
|
+{
|
|
+ size_t i;
|
|
+
|
|
+ for (i = 0; i < list->nservers; i++) {
|
|
+ free(list->servers[i].hostname);
|
|
+ free(list->servers[i].uri_path);
|
|
+ }
|
|
+ free(list->servers);
|
|
+ list->servers = NULL;
|
|
+ list->nservers = 0;
|
|
+}
|
|
+
|
|
+/* Make room for a new server entry in list and return a pointer to the new
|
|
+ * entry. (Do not increment list->nservers.) */
|
|
+static struct server_entry *
|
|
+new_server_entry(struct serverlist *list)
|
|
+{
|
|
+ struct server_entry *newservers, *entry;
|
|
+ size_t newspace = (list->nservers + 1) * sizeof(struct server_entry);
|
|
+
|
|
+ newservers = realloc(list->servers, newspace);
|
|
+ if (newservers == NULL)
|
|
+ return NULL;
|
|
+ list->servers = newservers;
|
|
+ entry = &newservers[list->nservers];
|
|
+ memset(entry, 0, sizeof(*entry));
|
|
+ entry->master = -1;
|
|
+ return entry;
|
|
+}
|
|
+
|
|
+/* Add an address entry to list. */
|
|
+static int
|
|
+add_addr_to_list(struct serverlist *list, k5_transport transport, int family,
|
|
+ size_t addrlen, struct sockaddr *addr)
|
|
+{
|
|
+ struct server_entry *entry;
|
|
+
|
|
+ entry = new_server_entry(list);
|
|
+ if (entry == NULL)
|
|
+ return ENOMEM;
|
|
+ entry->transport = transport;
|
|
+ entry->family = family;
|
|
+ entry->hostname = NULL;
|
|
+ entry->uri_path = NULL;
|
|
+ entry->addrlen = addrlen;
|
|
+ memcpy(&entry->addr, addr, addrlen);
|
|
+ list->nservers++;
|
|
+ return 0;
|
|
+}
|
|
+
|
|
+struct module_callback_data {
|
|
+ int out_of_mem;
|
|
+ struct serverlist *list;
|
|
+};
|
|
+
|
|
+static int
|
|
+module_callback(void *cbdata, int socktype, struct sockaddr *sa)
|
|
+{
|
|
+ struct module_callback_data *d = cbdata;
|
|
+ size_t addrlen;
|
|
+ k5_transport transport;
|
|
+
|
|
+ if (socktype != SOCK_STREAM && socktype != SOCK_DGRAM)
|
|
+ return 0;
|
|
+ if (sa->sa_family == AF_INET)
|
|
+ addrlen = sizeof(struct sockaddr_in);
|
|
+ else if (sa->sa_family == AF_INET6)
|
|
+ addrlen = sizeof(struct sockaddr_in6);
|
|
+ else
|
|
+ return 0;
|
|
+ transport = (socktype == SOCK_STREAM) ? TCP : UDP;
|
|
+ if (add_addr_to_list(d->list, transport, sa->sa_family, addrlen,
|
|
+ sa) != 0) {
|
|
+ /* Assumes only error is ENOMEM. */
|
|
+ d->out_of_mem = 1;
|
|
+ return 1;
|
|
+ }
|
|
+ return 0;
|
|
+}
|
|
+
|
|
+krb5_error_code sssd_krb5_locator_init(krb5_context context,
|
|
+ void **private_data);
|
|
+void sssd_krb5_locator_close(void *private_data);
|
|
+
|
|
+krb5_error_code sssd_krb5_locator_lookup(void *private_data,
|
|
+ enum locate_service_type svc,
|
|
+ const char *realm,
|
|
+ int socktype,
|
|
+ int family,
|
|
+ int (*cbfunc)(void *, int, struct sockaddr *),
|
|
+ void *cbdata);
|
|
+
|
|
+void test_init(void **state)
|
|
+{
|
|
+ krb5_context ctx;
|
|
+ krb5_error_code kerr;
|
|
+ void *priv;
|
|
+
|
|
+ kerr = krb5_init_context (&ctx);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ kerr = sssd_krb5_locator_init(ctx, &priv);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ sssd_krb5_locator_close(priv);
|
|
+
|
|
+ krb5_free_context(ctx);
|
|
+}
|
|
+
|
|
+void test_failed_lookup(void **state)
|
|
+{
|
|
+ krb5_context ctx;
|
|
+ krb5_error_code kerr;
|
|
+ void *priv;
|
|
+ struct module_callback_data cbdata = { 0 };
|
|
+
|
|
+
|
|
+ kerr = krb5_init_context (&ctx);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ kerr = sssd_krb5_locator_init(ctx, &priv);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(NULL, -1, NULL, -1, -1, NULL, NULL);
|
|
+ assert_int_equal(kerr, KRB5_PLUGIN_NO_HANDLE);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, -1, NULL, -1, -1, NULL, NULL);
|
|
+ assert_int_equal(kerr, KRB5_PLUGIN_NO_HANDLE);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , NULL, -1, -1,
|
|
+ NULL, NULL);
|
|
+ assert_int_equal(kerr, KRB5_PLUGIN_NO_HANDLE);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM, -1,
|
|
+ -1, NULL, NULL);
|
|
+ assert_int_equal(kerr, KRB5_PLUGIN_NO_HANDLE);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, -1, NULL, NULL);
|
|
+ assert_int_equal(kerr, KRB5_PLUGIN_NO_HANDLE);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, AF_INET6, NULL, NULL);
|
|
+ assert_int_equal(kerr, KRB5_PLUGIN_NO_HANDLE);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, AF_INET6, module_callback,
|
|
+ NULL);
|
|
+ assert_int_equal(kerr, KRB5_PLUGIN_NO_HANDLE);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, AF_INET6, module_callback,
|
|
+ &cbdata);
|
|
+ assert_int_equal(kerr, KRB5_PLUGIN_NO_HANDLE);
|
|
+
|
|
+ sssd_krb5_locator_close(priv);
|
|
+
|
|
+ krb5_free_context(ctx);
|
|
+}
|
|
+
|
|
+void test_empty(void **state)
|
|
+{
|
|
+ krb5_context ctx;
|
|
+ krb5_error_code kerr;
|
|
+ void *priv;
|
|
+ int fd;
|
|
+ struct module_callback_data cbdata = { 0 };
|
|
+
|
|
+ kerr = krb5_init_context (&ctx);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ kerr = sssd_krb5_locator_init(ctx, &priv);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ mkdir(TEST_PUBCONF_PATH, 0777);
|
|
+ fd = open(TEST_PUBCONF_PATH"/kdcinfo."TEST_REALM, O_CREAT, 0777);
|
|
+ assert_int_not_equal(fd, -1);
|
|
+ close(fd);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, AF_INET6, module_callback,
|
|
+ &cbdata);
|
|
+ assert_int_equal(kerr, KRB5_PLUGIN_NO_HANDLE);
|
|
+ unlink(TEST_PUBCONF_PATH"/kdcinfo."TEST_REALM);
|
|
+ rmdir(TEST_PUBCONF_PATH);
|
|
+
|
|
+ sssd_krb5_locator_close(priv);
|
|
+
|
|
+ krb5_free_context(ctx);
|
|
+}
|
|
+
|
|
+void test_single(void **state)
|
|
+{
|
|
+ krb5_context ctx;
|
|
+ krb5_error_code kerr;
|
|
+ void *priv;
|
|
+ int fd;
|
|
+ struct serverlist list = SERVERLIST_INIT;
|
|
+ struct module_callback_data cbdata = { 0 };
|
|
+ ssize_t s;
|
|
+ int ret;
|
|
+ char host[NI_MAXHOST];
|
|
+ char service[NI_MAXSERV];
|
|
+
|
|
+ cbdata.list = &list;
|
|
+
|
|
+ kerr = krb5_init_context (&ctx);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ kerr = sssd_krb5_locator_init(ctx, &priv);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ mkdir(TEST_PUBCONF_PATH, 0777);
|
|
+ fd = open(TEST_PUBCONF_PATH"/kdcinfo."TEST_REALM, O_CREAT|O_RDWR, 0777);
|
|
+ assert_int_not_equal(fd, -1);
|
|
+ s = write(fd, TEST_IP_1, sizeof(TEST_IP_1));
|
|
+ assert_int_equal(s, sizeof(TEST_IP_1));
|
|
+ close(fd);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, AF_INET6, module_callback,
|
|
+ &cbdata);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ /* We asked for AF_INET6, but TEST_IP_1 is IPv4 */
|
|
+ assert_int_equal(list.nservers, 0);
|
|
+ assert_null(list.servers);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, AF_INET, module_callback,
|
|
+ &cbdata);
|
|
+ assert_int_equal(kerr, 0);
|
|
+ assert_int_equal(list.nservers, 1);
|
|
+ assert_non_null(list.servers);
|
|
+ assert_int_equal(list.servers[0].addrlen, 16);
|
|
+ ret = getnameinfo((struct sockaddr *) &list.servers[0].addr,
|
|
+ list.servers[0].addrlen,
|
|
+ host, sizeof(host), service, sizeof(service),
|
|
+ NI_NUMERICHOST|NI_NUMERICSERV);
|
|
+ assert_int_equal(ret, 0);
|
|
+ assert_string_equal(TEST_IP_1, host);
|
|
+ assert_string_equal("88", service);
|
|
+
|
|
+ k5_free_serverlist(&list);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, AF_UNSPEC, module_callback,
|
|
+ &cbdata);
|
|
+ assert_int_equal(kerr, 0);
|
|
+ assert_int_equal(list.nservers, 1);
|
|
+ assert_non_null(list.servers);
|
|
+ assert_int_equal(list.servers[0].addrlen, 16);
|
|
+ ret = getnameinfo((struct sockaddr *) &list.servers[0].addr,
|
|
+ list.servers[0].addrlen,
|
|
+ host, sizeof(host), service, sizeof(service),
|
|
+ NI_NUMERICHOST|NI_NUMERICSERV);
|
|
+ assert_int_equal(ret, 0);
|
|
+ assert_string_equal(TEST_IP_1, host);
|
|
+ assert_string_equal("88", service);
|
|
+
|
|
+ k5_free_serverlist(&list);
|
|
+
|
|
+ unlink(TEST_PUBCONF_PATH"/kdcinfo."TEST_REALM);
|
|
+ rmdir(TEST_PUBCONF_PATH);
|
|
+ sssd_krb5_locator_close(priv);
|
|
+
|
|
+ krb5_free_context(ctx);
|
|
+}
|
|
+
|
|
+struct test_data {
|
|
+ const char *ip;
|
|
+ bool found;
|
|
+};
|
|
+
|
|
+void test_multi_check_results(struct test_data *test_data,
|
|
+ struct serverlist *list,
|
|
+ const char *exp_service)
|
|
+{
|
|
+ int ret;
|
|
+ char host[NI_MAXHOST];
|
|
+ char service[NI_MAXSERV];
|
|
+ size_t c;
|
|
+ size_t d;
|
|
+
|
|
+ /* To make sure each result from list has a matching entry in test_data we
|
|
+ * use a flag to mark found entries, this way we can properly detect is
|
|
+ * the same address is used multiple times. */
|
|
+ for (d = 0; test_data[d].ip != NULL; d++) {
|
|
+ test_data[d].found = false;
|
|
+ }
|
|
+
|
|
+ for (c = 0; c < list->nservers; c++) {
|
|
+ ret = getnameinfo((struct sockaddr *) &list->servers[c].addr,
|
|
+ list->servers[c].addrlen,
|
|
+ host, sizeof(host), service, sizeof(service),
|
|
+ NI_NUMERICHOST|NI_NUMERICSERV);
|
|
+ assert_int_equal(ret, 0);
|
|
+ assert_string_equal(exp_service, service);
|
|
+ for (d = 0; test_data[d].ip != NULL; d++) {
|
|
+ /* Compare result with test_data, be aware that the test_data has
|
|
+ * '[]' around IPv& addresses */
|
|
+ if (strncmp(host,
|
|
+ test_data[d].ip + (test_data[d].ip[0] == '[' ? 1 : 0),
|
|
+ strlen(host)) == 0 && !test_data[d].found) {
|
|
+ test_data[d].found = true;
|
|
+ break;
|
|
+ }
|
|
+ }
|
|
+ /* Make sure we found the result in the list */
|
|
+ assert_non_null(test_data[d].ip);
|
|
+ }
|
|
+}
|
|
+
|
|
+void test_multi(void **state)
|
|
+{
|
|
+ krb5_context ctx;
|
|
+ krb5_error_code kerr;
|
|
+ void *priv;
|
|
+ int fd;
|
|
+ struct serverlist list = SERVERLIST_INIT;
|
|
+ struct module_callback_data cbdata = { 0 };
|
|
+ ssize_t s;
|
|
+ size_t c;
|
|
+ struct test_data test_data[] = {
|
|
+ {TEST_IP_1, false},
|
|
+ {TEST_IPV6_1, false},
|
|
+ {"[c89a:565b:4510:5b9f:41fe:ea81:87a0:f21b]", false},
|
|
+ {"155.42.66.53", false},
|
|
+ {"[f812:5941:ba69:2bae:e806:3b68:770d:d75e]", false},
|
|
+ {"[3ad3:9dda:50e4:3c82:548f:eaa1:e120:6dd]", false},
|
|
+ {"55.116.79.183", false},
|
|
+ {"[ce8a:ee99:98cd:d8cd:218d:393e:d5a9:dc52]", false},
|
|
+ /* the following address is added twice to check if
|
|
+ * an address can be added more than once. */
|
|
+ {"37.230.88.162", false},
|
|
+ {"37.230.88.162", false},
|
|
+ {NULL, false} };
|
|
+
|
|
+ cbdata.list = &list;
|
|
+
|
|
+ kerr = krb5_init_context (&ctx);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ kerr = sssd_krb5_locator_init(ctx, &priv);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ mkdir(TEST_PUBCONF_PATH, 0777);
|
|
+ fd = open(TEST_PUBCONF_PATH"/kdcinfo."TEST_REALM, O_CREAT|O_RDWR, 0777);
|
|
+ assert_int_not_equal(fd, -1);
|
|
+ for (c = 0; test_data[c].ip != NULL; c++) {
|
|
+ s = write(fd, test_data[c].ip, strlen(test_data[c].ip));
|
|
+ assert_int_equal(s, strlen(test_data[c].ip));
|
|
+ s = write(fd, "\n", 1);
|
|
+ assert_int_equal(s, 1);
|
|
+ }
|
|
+ close(fd);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, AF_INET6, module_callback,
|
|
+ &cbdata);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ assert_int_equal(list.nservers, 5);
|
|
+ assert_non_null(list.servers);
|
|
+ test_multi_check_results(test_data, &list, "88");
|
|
+
|
|
+ k5_free_serverlist(&list);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, AF_INET, module_callback,
|
|
+ &cbdata);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ assert_int_equal(list.nservers, 5);
|
|
+ assert_non_null(list.servers);
|
|
+ test_multi_check_results(test_data, &list, "88");
|
|
+
|
|
+
|
|
+ k5_free_serverlist(&list);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, AF_UNSPEC, module_callback,
|
|
+ &cbdata);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ assert_int_equal(list.nservers, 10);
|
|
+ assert_non_null(list.servers);
|
|
+ test_multi_check_results(test_data, &list, "88");
|
|
+
|
|
+ k5_free_serverlist(&list);
|
|
+
|
|
+ unlink(TEST_PUBCONF_PATH"/kdcinfo."TEST_REALM);
|
|
+ rmdir(TEST_PUBCONF_PATH);
|
|
+ sssd_krb5_locator_close(priv);
|
|
+
|
|
+ krb5_free_context(ctx);
|
|
+}
|
|
+
|
|
+void test_service(void **state)
|
|
+{
|
|
+ krb5_context ctx;
|
|
+ krb5_error_code kerr;
|
|
+ void *priv;
|
|
+ int fd;
|
|
+ struct serverlist list = SERVERLIST_INIT;
|
|
+ struct module_callback_data cbdata = { 0 };
|
|
+ ssize_t s;
|
|
+ int ret;
|
|
+ char host[NI_MAXHOST];
|
|
+ char service[NI_MAXSERV];
|
|
+
|
|
+ cbdata.list = &list;
|
|
+
|
|
+ kerr = krb5_init_context (&ctx);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ kerr = sssd_krb5_locator_init(ctx, &priv);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ mkdir(TEST_PUBCONF_PATH, 0777);
|
|
+ fd = open(TEST_PUBCONF_PATH"/kdcinfo."TEST_REALM, O_CREAT|O_RDWR, 0777);
|
|
+ assert_int_not_equal(fd, -1);
|
|
+ s = write(fd, TEST_IP_1_WITH_SERVICE, sizeof(TEST_IP_1_WITH_SERVICE));
|
|
+ assert_int_equal(s, sizeof(TEST_IP_1_WITH_SERVICE));
|
|
+ s = write(fd, "\n", 1);
|
|
+ assert_int_equal(s, 1);
|
|
+ s = write(fd, TEST_IPV6_1_WITH_SERVICE, sizeof(TEST_IPV6_1_WITH_SERVICE));
|
|
+ assert_int_equal(s, sizeof(TEST_IPV6_1_WITH_SERVICE));
|
|
+ close(fd);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, AF_INET6, module_callback,
|
|
+ &cbdata);
|
|
+ assert_int_equal(kerr, 0);
|
|
+
|
|
+ assert_int_equal(list.nservers, 1);
|
|
+ assert_non_null(list.servers);
|
|
+ ret = getnameinfo((struct sockaddr *) &list.servers[0].addr,
|
|
+ list.servers[0].addrlen,
|
|
+ host, sizeof(host), service, sizeof(service),
|
|
+ NI_NUMERICHOST|NI_NUMERICSERV);
|
|
+ assert_int_equal(ret, 0);
|
|
+ assert_string_equal(TEST_IPV6_1_PURE, host);
|
|
+ assert_string_equal(TEST_SERVICE_2, service);
|
|
+
|
|
+ k5_free_serverlist(&list);
|
|
+
|
|
+ kerr = sssd_krb5_locator_lookup(priv, locate_service_kdc , TEST_REALM,
|
|
+ SOCK_DGRAM, AF_INET, module_callback,
|
|
+ &cbdata);
|
|
+ assert_int_equal(kerr, 0);
|
|
+ assert_int_equal(list.nservers, 1);
|
|
+ assert_non_null(list.servers);
|
|
+ ret = getnameinfo((struct sockaddr *) &list.servers[0].addr,
|
|
+ list.servers[0].addrlen,
|
|
+ host, sizeof(host), service, sizeof(service),
|
|
+ NI_NUMERICHOST|NI_NUMERICSERV);
|
|
+ assert_int_equal(ret, 0);
|
|
+ assert_string_equal(TEST_IP_1, host);
|
|
+ assert_string_equal(TEST_SERVICE_1, service);
|
|
+
|
|
+ k5_free_serverlist(&list);
|
|
+
|
|
+
|
|
+ unlink(TEST_PUBCONF_PATH"/kdcinfo."TEST_REALM);
|
|
+ rmdir(TEST_PUBCONF_PATH);
|
|
+ sssd_krb5_locator_close(priv);
|
|
+
|
|
+ krb5_free_context(ctx);
|
|
+}
|
|
+
|
|
+int main(int argc, const char *argv[])
|
|
+{
|
|
+ poptContext pc;
|
|
+ int opt;
|
|
+ int ret;
|
|
+ struct poptOption long_options[] = {
|
|
+ POPT_AUTOHELP
|
|
+ SSSD_DEBUG_OPTS
|
|
+ POPT_TABLEEND
|
|
+ };
|
|
+
|
|
+ const struct CMUnitTest tests[] = {
|
|
+ cmocka_unit_test_setup_teardown(test_init,
|
|
+ setup, teardown),
|
|
+ cmocka_unit_test_setup_teardown(test_failed_lookup,
|
|
+ setup, teardown),
|
|
+ cmocka_unit_test_setup_teardown(test_empty,
|
|
+ setup, teardown),
|
|
+ cmocka_unit_test_setup_teardown(test_single,
|
|
+ setup, teardown),
|
|
+ cmocka_unit_test_setup_teardown(test_multi,
|
|
+ setup, teardown),
|
|
+ cmocka_unit_test_setup_teardown(test_service,
|
|
+ setup, teardown),
|
|
+ };
|
|
+
|
|
+ /* Set debug level to invalid value so we can decide if -d 0 was used. */
|
|
+ debug_level = SSSDBG_INVALID;
|
|
+
|
|
+ pc = poptGetContext(argv[0], argc, argv, long_options, 0);
|
|
+ while((opt = poptGetNextOpt(pc)) != -1) {
|
|
+ switch(opt) {
|
|
+ default:
|
|
+ fprintf(stderr, "\nInvalid option %s: %s\n\n",
|
|
+ poptBadOption(pc, 0), poptStrerror(opt));
|
|
+ poptPrintUsage(pc, stderr, 0);
|
|
+ return 1;
|
|
+ }
|
|
+ }
|
|
+ poptFreeContext(pc);
|
|
+
|
|
+ DEBUG_CLI_INIT(debug_level);
|
|
+
|
|
+ ret = cmocka_run_group_tests(tests, NULL, NULL);
|
|
+
|
|
+ return ret;
|
|
+}
|
|
--
|
|
2.17.1
|
|
|