tests/cmocka/test_ad_gpo.c

0352c371e743d8dae996123f658b5d32c677614eYassir Elley/*
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    Authors:
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        Yassir Elley <yelley@redhat.com>
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    Copyright (C) 2014 Red Hat
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    SSSD tests: GPO unit tests
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    This program is free software; you can redistribute it and/or modify
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    it under the terms of the GNU General Public License as published by
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    the Free Software Foundation; either version 3 of the License, or
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    (at your option) any later version.
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    This program is distributed in the hope that it will be useful,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    but WITHOUT ANY WARRANTY; without even the implied warranty of
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    GNU General Public License for more details.
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    You should have received a copy of the GNU General Public License
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    along with this program.  If not, see <http://www.gnu.org/licenses/>.
0352c371e743d8dae996123f658b5d32c677614eYassir Elley*/
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley#include <talloc.h>
0352c371e743d8dae996123f658b5d32c677614eYassir Elley#include <tevent.h>
0352c371e743d8dae996123f658b5d32c677614eYassir Elley#include <errno.h>
0352c371e743d8dae996123f658b5d32c677614eYassir Elley#include <popt.h>
0352c371e743d8dae996123f658b5d32c677614eYassir Elley#include <unistd.h>
0352c371e743d8dae996123f658b5d32c677614eYassir Elley#include <sys/types.h>
0352c371e743d8dae996123f658b5d32c677614eYassir Elley#include <ifaddrs.h>
0352c371e743d8dae996123f658b5d32c677614eYassir Elley#include <arpa/inet.h>
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley/* In order to access opaque types */
0352c371e743d8dae996123f658b5d32c677614eYassir Elley#include "providers/ad/ad_gpo.c"
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley#include "tests/cmocka/common_mock.h"
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleystruct ad_gpo_test_ctx {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct ldb_context *ldb_ctx;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleystatic struct ad_gpo_test_ctx *test_ctx;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozekstatic int ad_gpo_test_setup(void **state)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_true(leak_check_setup());
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    test_ctx = talloc_zero(global_talloc_context,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                           struct ad_gpo_test_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_non_null(test_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    test_ctx->ldb_ctx = ldb_init(test_ctx, NULL);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_non_null(test_ctx->ldb_ctx);
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek    return 0;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozekstatic int ad_gpo_test_teardown(void **state)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    talloc_free(test_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_true(leak_check_teardown());
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek    return 0;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleystruct som_list_result {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const int result;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const int num_soms;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const char **som_dns;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley/*
57c5ea8825c7179fd93382dbcbb07e828e5aec19René Genz * Test parsing target DN into som components
0352c371e743d8dae996123f658b5d32c677614eYassir Elley */
0352c371e743d8dae996123f658b5d32c677614eYassir Elleystatic void test_populate_som_list(const char *target_dn,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                   struct som_list_result *expected)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    errno_t ret;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    int i;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    int num_soms;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct gp_som **som_list = NULL;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    TALLOC_CTX *tmp_ctx;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    tmp_ctx = talloc_new(global_talloc_context);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_non_null(tmp_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    check_leaks_push(tmp_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    ret = ad_gpo_populate_som_list(tmp_ctx,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                   test_ctx->ldb_ctx,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                   target_dn,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                   &num_soms,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                   &som_list);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_int_equal(ret, expected->result);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    if (ret != EOK) {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        goto done;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    }
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_int_equal(num_soms, expected->num_soms);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    for (i=0; i<expected->num_soms; i++){
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        bool equal = true;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        if (strncmp(som_list[i]->som_dn,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                    expected->som_dns[i],
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                    strlen(expected->som_dns[i])) != 0) {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley            equal = false;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        }
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        assert_int_equal(equal, true);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    }
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    if (som_list) {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        talloc_free(som_list);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    }
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley done:
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_true(check_leaks_pop(tmp_ctx) == true);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    talloc_free(tmp_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleyvoid test_populate_som_list_plain(void **state)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const char *som_dns[] = {"OU=West OU,OU=Sales OU,DC=foo,DC=com",
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                             "OU=Sales OU,DC=foo,DC=com",
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                             "DC=foo,DC=com"};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct som_list_result expected = {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .result = EOK,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .num_soms = 3,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .som_dns = som_dns
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    };
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    test_populate_som_list("CN=F21-Client,OU=West OU,OU=Sales OU,DC=foo,DC=com",
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                           &expected);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleyvoid test_populate_som_list_malformed(void **state)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct som_list_result expected = {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .result = EINVAL,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    };
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    test_populate_som_list("malformed target dn", &expected);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleystruct gplink_list_result {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const int result;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const int num_gplinks;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const char **gpo_dns;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    bool *enforced;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley/*
0352c371e743d8dae996123f658b5d32c677614eYassir Elley * Test parsing raw_gplink_value into gplink components
0352c371e743d8dae996123f658b5d32c677614eYassir Elley */
0352c371e743d8dae996123f658b5d32c677614eYassir Elleystatic void test_populate_gplink_list(const char *input_gplink_value,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                      bool allow_enforced_only,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                      struct gplink_list_result *expected)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    errno_t ret;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    int i;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct gp_gplink **gplink_list = NULL;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    TALLOC_CTX *tmp_ctx;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    tmp_ctx = talloc_new(global_talloc_context);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_non_null(tmp_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    check_leaks_push(tmp_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    char *raw_gplink_value = talloc_strdup(tmp_ctx, input_gplink_value);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    ret = ad_gpo_populate_gplink_list(tmp_ctx,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                      NULL,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                      raw_gplink_value,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                      &gplink_list,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                      allow_enforced_only);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    talloc_free(raw_gplink_value);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_int_equal(ret, expected->result);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    if (ret != EOK) {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        goto done;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    }
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    for (i=0; i<expected->num_gplinks; i++){
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        bool equal = true;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        if (strncmp(gplink_list[i]->gpo_dn,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                    expected->gpo_dns[i],
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                    strlen(expected->gpo_dns[i])) != 0) {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley            equal = false;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        }
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        if (gplink_list[i]->enforced != expected->enforced[i])
0352c371e743d8dae996123f658b5d32c677614eYassir Elley            equal = false;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        assert_int_equal(equal, true);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    }
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    if (gplink_list) {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        talloc_free(gplink_list);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    }
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley done:
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_true(check_leaks_pop(tmp_ctx) == true);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    talloc_free(tmp_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleyvoid test_populate_gplink_list_plain(void **state)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const char *gpo_dns[] = {"OU=Sales,DC=FOO,DC=COM", "DC=FOO,DC=COM"};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    bool enforced[] = {false, true};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct gplink_list_result expected = {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .result = EOK,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .num_gplinks = 2,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .gpo_dns = gpo_dns,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .enforced = enforced
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    };
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    test_populate_gplink_list("[OU=Sales,DC=FOO,DC=COM;0][DC=FOO,DC=COM;2]",
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                              false,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                              &expected);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleyvoid test_populate_gplink_list_with_ignored(void **state)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const char *gpo_dns[] = {"OU=Sales,DC=FOO,DC=COM"};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    bool enforced[] = {false};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct gplink_list_result expected = {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .result = EOK,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .num_gplinks = 1,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .gpo_dns = gpo_dns,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .enforced = enforced
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    };
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    test_populate_gplink_list("[OU=Sales,DC=FOO,DC=COM;0][DC=ignored;1]",
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                              false,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                              &expected);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleyvoid test_populate_gplink_list_with_allow_enforced(void **state)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const char *gpo_dns[] = {"DC=FOO,DC=COM"};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    bool enforced[] = {true};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct gplink_list_result expected = {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .result = EOK,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .num_gplinks = 1,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .gpo_dns = gpo_dns,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .enforced = enforced
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    };
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    test_populate_gplink_list("[OU=Sales,DC=FOO,DC=COM;0][DC=FOO,DC=COM;2]",
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                              true,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                              &expected);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleyvoid test_populate_gplink_list_malformed(void **state)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct gplink_list_result expected = {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        .result = EINVAL,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    };
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    test_populate_gplink_list(NULL, false, &expected);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    test_populate_gplink_list("[malformed]", false, &expected);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    /* the GPLinkOptions value (after semicolon) must be between 0 and 3 */
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    test_populate_gplink_list("[gpo_dn; 4]", false, &expected);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley/*
57c5ea8825c7179fd93382dbcbb07e828e5aec19René Genz * Test SID-matching logic
0352c371e743d8dae996123f658b5d32c677614eYassir Elley */
0352c371e743d8dae996123f658b5d32c677614eYassir Elleystatic void test_ad_gpo_ace_includes_client_sid(const char *user_sid,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                                const char **group_sids,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                                int group_size,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                                struct dom_sid ace_dom_sid,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                                bool expected)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    errno_t ret;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    enum idmap_error_code err;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct sss_idmap_ctx *idmap_ctx;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    bool includes_client_sid;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    TALLOC_CTX *tmp_ctx;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    tmp_ctx = talloc_new(global_talloc_context);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_non_null(tmp_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    check_leaks_push(tmp_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    err = sss_idmap_init(sss_idmap_talloc, tmp_ctx, sss_idmap_talloc_free,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                         &idmap_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_int_equal(err, IDMAP_SUCCESS);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    ret = ad_gpo_ace_includes_client_sid(user_sid, group_sids, group_size,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                         ace_dom_sid, idmap_ctx,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                         &includes_client_sid);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    talloc_free(idmap_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_int_equal(ret, EOK);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_int_equal(includes_client_sid, expected);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    assert_true(check_leaks_pop(tmp_ctx) == true);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    talloc_free(tmp_ctx);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleyvoid test_ad_gpo_ace_includes_client_sid_true(void **state)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    /* ace_dom_sid represents "S-1-5-21-2-3-4" */
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct dom_sid ace_dom_sid = {1, 4, {0, 0, 0, 0, 0, 5}, {21, 2, 3, 4}};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const char *user_sid = "S-1-5-21-1175337206-4250576914-2321192831-1103";
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    int group_size = 2;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const char *group_sids[] = {"S-1-5-21-2-3-4",
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                "S-1-5-21-2-3-5"};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    test_ad_gpo_ace_includes_client_sid(user_sid, group_sids, group_size,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                        ace_dom_sid, true);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleyvoid test_ad_gpo_ace_includes_client_sid_false(void **state)
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    /* ace_dom_sid represents "S-1-5-21-2-3-4" */
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct dom_sid ace_dom_sid = {1, 4, {0, 0, 0, 0, 0, 5}, {21, 2, 3, 4}};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const char *user_sid = "S-1-5-21-1175337206-4250576914-2321192831-1103";
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    int group_size = 2;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    const char *group_sids[] = {"S-1-5-21-2-3-5",
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                "S-1-5-21-2-3-6"};
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    test_ad_gpo_ace_includes_client_sid(user_sid, group_sids, group_size,
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                                        ace_dom_sid, false);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elleyint main(int argc, const char *argv[])
0352c371e743d8dae996123f658b5d32c677614eYassir Elley{
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    poptContext pc;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    int opt;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    struct poptOption long_options[] = {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        POPT_AUTOHELP
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        SSSD_DEBUG_OPTS
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        POPT_TABLEEND
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    };
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek    const struct CMUnitTest tests[] = {
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek        cmocka_unit_test_setup_teardown(test_populate_som_list_plain,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_setup,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_teardown),
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek        cmocka_unit_test_setup_teardown(test_populate_som_list_malformed,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_setup,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_teardown),
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek        cmocka_unit_test_setup_teardown(test_populate_gplink_list_plain,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_setup,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_teardown),
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek        cmocka_unit_test_setup_teardown(test_populate_gplink_list_with_ignored,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_setup,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_teardown),
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek        cmocka_unit_test_setup_teardown(test_populate_gplink_list_with_allow_enforced,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_setup,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_teardown),
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek        cmocka_unit_test_setup_teardown(test_populate_gplink_list_malformed,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_setup,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_teardown),
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek        cmocka_unit_test_setup_teardown(test_ad_gpo_ace_includes_client_sid_true,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_setup,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_teardown),
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek        cmocka_unit_test_setup_teardown(test_ad_gpo_ace_includes_client_sid_false,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_setup,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek                                        ad_gpo_test_teardown),
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    };
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
57c5ea8825c7179fd93382dbcbb07e828e5aec19René Genz    /* Set debug level to invalid value so we can decide if -d 0 was used. */
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    debug_level = SSSDBG_INVALID;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    pc = poptGetContext(argv[0], argc, argv, long_options, 0);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    while((opt = poptGetNextOpt(pc)) != -1) {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        switch(opt) {
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        default:
0352c371e743d8dae996123f658b5d32c677614eYassir Elley            fprintf(stderr, "\nInvalid option %s: %s\n\n",
0352c371e743d8dae996123f658b5d32c677614eYassir Elley                    poptBadOption(pc, 0), poptStrerror(opt));
0352c371e743d8dae996123f658b5d32c677614eYassir Elley            poptPrintUsage(pc, stderr, 0);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley            return 1;
0352c371e743d8dae996123f658b5d32c677614eYassir Elley        }
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    }
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    poptFreeContext(pc);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
6b57784f0f175275fd900eca21c77415e3a5ea52Jakub Hrozek    DEBUG_CLI_INIT(debug_level);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
0352c371e743d8dae996123f658b5d32c677614eYassir Elley    tests_set_cwd();
0352c371e743d8dae996123f658b5d32c677614eYassir Elley
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek    return cmocka_run_group_tests(tests, NULL, NULL);
0352c371e743d8dae996123f658b5d32c677614eYassir Elley}