f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek Jakub Hrozek <jhrozek@redhat.com>
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek Copyright (C) 2015 Red Hat
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek SSSD tests: IPA subdomain server utils tests
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek This program is free software; you can redistribute it and/or modify
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek it under the terms of the GNU General Public License as published by
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek the Free Software Foundation; either version 3 of the License, or
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek (at your option) any later version.
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek This program is distributed in the hope that it will be useful,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek but WITHOUT ANY WARRANTY; without even the implied warranty of
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek GNU General Public License for more details.
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek You should have received a copy of the GNU General Public License
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek along with this program. If not, see <http://www.gnu.org/licenses/>.
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek#define KEYTAB_TEST_PRINC TEST_AUTHID"@"DOM_REALM
bee2f31ca5d151b7fe35c509fe7eae24ca4f4451Lukas Slebodnik#define KEYTAB_PATH TEST_DIR"/"TESTS_PATH"/keytab_test.keytab"
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek#define TEST_CONF_DB "test_ipa_subdom_server.ldb"
bee2f31ca5d151b7fe35c509fe7eae24ca4f4451Lukas Slebodnik#define ONEWAY_KEYTAB TEST_DIR"/"TESTS_PATH"/"SUBDOM_REALM".keytab"
d2c552edde275e6c0de904760147afb2992796e9Jakub Hrozek#define ONEWAY_AUTHID ONEWAY_PRINC"@"SUBDOM_REALM
57c5ea8825c7179fd93382dbcbb07e828e5aec19René Genz/* Provide faster implementation of Kerberos function
1510d1264b44c437b8270e0a5a239e8624933c3dLukas Slebodnik * krb5int_labeled_[f]?open. Real functions take care also
1510d1264b44c437b8270e0a5a239e8624933c3dLukas Slebodnik * about SELinux context which is very expensive operation
57c5ea8825c7179fd93382dbcbb07e828e5aec19René Genz * and cause failures due to timeout when executing with Valgrind.
1510d1264b44c437b8270e0a5a239e8624933c3dLukas Slebodnik * It's approximately 40 times slower with real function
1510d1264b44c437b8270e0a5a239e8624933c3dLukas Slebodnikkrb5int_labeled_fopen(const char *path, const char *mode)
1510d1264b44c437b8270e0a5a239e8624933c3dLukas Slebodnikkrb5int_labeled_open(const char *path, int flags, mode_t mode)
1510d1264b44c437b8270e0a5a239e8624933c3dLukas Slebodnik#endif /* HAVE_SELINUX */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekkrb5_error_code __wrap_krb5_kt_default(krb5_context context, krb5_keytab *id)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek return krb5_kt_resolve(context, KEYTAB_PATH, id);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozekstatic void create_dummy_keytab(const char *dummy_kt)
d2c552edde275e6c0de904760147afb2992796e9Jakub Hrozek mock_keytab_with_contents(global_talloc_context,
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozekint __wrap_execle(const char *path, const char *arg, ...)
323943605c88838f1f86a72f891eb28600bb34e2Lukas Slebodnikint __wrap_execve(const char *path, const char *arg, ...)
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozekerrno_t __real_sss_unique_filename(TALLOC_CTX *owner, char *path_tmpl);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozekerrno_t __wrap_sss_unique_filename(TALLOC_CTX *owner, char *path_tmpl)
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek ret = __real_sss_unique_filename(owner, path_tmpl);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozekint __real_rename(const char *old, const char *new);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozekint __wrap_rename(const char *old, const char *new)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic struct ipa_id_ctx *mock_ipa_ctx(TALLOC_CTX *mem_ctx,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ipa_ctx = talloc_zero(mem_ctx, struct ipa_id_ctx);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ipa_ctx->ipa_options = talloc_zero(ipa_ctx, struct ipa_options);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ipa_ctx->ipa_options->id = talloc_zero(ipa_ctx->ipa_options,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = dp_get_options(ipa_ctx->ipa_options->basic,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = dp_opt_set_string(ipa_ctx->ipa_options->basic,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = dp_opt_set_string(ipa_ctx->ipa_options->basic,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = dp_opt_set_bool(ipa_ctx->ipa_options->basic,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ipa_ctx->sdap_id_ctx = mock_sdap_id_ctx(ipa_ctx, be_ctx,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic struct ipa_server_mode_ctx *mock_server_mode(TALLOC_CTX *mem_ctx)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek server_mode = talloc_zero(mem_ctx, struct ipa_server_mode_ctx);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozekstatic void add_test_subdomains(struct trust_test_ctx *test_ctx,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek /* Add two subdomains */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = sysdb_subdomain_store(test_ctx->tctx->sysdb,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = sysdb_subdomain_store(test_ctx->tctx->sysdb,
a63d74f65db2db7389cd373cb37adcdaaa2d56eaMichal Židek ret = sysdb_update_subdomains(test_ctx->tctx->dom, test_ctx->tctx->confdb);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozekstatic void add_test_2way_subdomains(struct trust_test_ctx *test_ctx)
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek return add_test_subdomains(test_ctx, 0x1 | 0x2);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozekstatic void add_test_1way_subdomains(struct trust_test_ctx *test_ctx)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic int test_ipa_server_create_trusts_setup(void **state)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek test_ctx->tctx = create_dom_test_ctx(test_ctx, TESTS_PATH,
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek test_ctx->tctx->dom->flat_name = discard_const(DOM_FLAT);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek test_ctx->tctx->dom->realm = discard_const(DOM_REALM);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek test_ctx->be_ctx = mock_be_ctx(test_ctx, test_ctx->tctx);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek test_ctx->ipa_ctx = mock_ipa_ctx(test_ctx, test_ctx->be_ctx, test_ctx->tctx,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek test_ctx->ipa_ctx->server_mode = mock_server_mode(test_ctx->ipa_ctx);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek assert_non_null(test_ctx->ipa_ctx->server_mode);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek mock_keytab_with_contents(test_ctx, KEYTAB_PATH, KEYTAB_TEST_PRINC);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic int test_ipa_server_create_trusts_teardown(void **state)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek talloc_get_type(*state, struct trust_test_ctx);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek /* Ignore failures */
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek /* If a test needs this variable, it should be set again in
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void test_ipa_server_create_trusts_none(struct tevent_req *req);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void test_ipa_server_create_trusts_twoway(struct tevent_req *req);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void test_ipa_server_create_trusts(void **state)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek talloc_get_type(*state, struct trust_test_ctx);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek tevent_req_set_callback(req, test_ipa_server_create_trusts_none, test_ctx);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void test_ipa_server_create_trusts_none(struct tevent_req *req)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek tevent_req_callback_data(req, struct trust_test_ctx);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek /* Add two subdomains */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek tevent_req_set_callback(req, test_ipa_server_create_trusts_twoway, test_ctx);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void assert_trust_object(struct ipa_ad_server_ctx *trust,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek const char *sid,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek const char *s;
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek assert_string_equal(trust->dom->name, dom_name);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek assert_string_equal(trust->dom->domain_id, sid);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek s = dp_opt_get_string(trust->ad_id_ctx->ad_options->basic,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek s = dp_opt_get_string(trust->ad_id_ctx->ad_options->basic,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek /* the system keytab is always used with two-way trusts */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek s = dp_opt_get_string(trust->ad_id_ctx->ad_options->id->basic,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek s = dp_opt_get_string(trust->ad_id_ctx->ad_options->id->basic,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek s = dp_opt_get_string(trust->ad_id_ctx->ad_options->id->basic,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void test_ipa_server_create_trusts_twoway(struct tevent_req *req)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek tevent_req_callback_data(req, struct trust_test_ctx);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek /* Trust object should be around now */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek assert_non_null(test_ctx->ipa_ctx->server_mode->trusts);
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose assert_non_null(test_ctx->ipa_ctx->server_mode->trusts->next);
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose if (strcmp(test_ctx->ipa_ctx->server_mode->trusts->dom->name,
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose s_trust = test_ctx->ipa_ctx->server_mode->trusts;
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose c_trust = test_ctx->ipa_ctx->server_mode->trusts->next;
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose s_trust = test_ctx->ipa_ctx->server_mode->trusts->next;
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose c_trust = test_ctx->ipa_ctx->server_mode->trusts;
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek /* Two-way trusts should use the system realm */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek /* No more trust objects */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek assert_null(test_ctx->ipa_ctx->server_mode->trusts->next->next);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = sysdb_subdomain_delete(test_ctx->tctx->sysdb, CHILD_NAME);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek child_dom = find_domain_by_name(test_ctx->be_ctx->domain, CHILD_NAME, true);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ipa_ad_subdom_remove(test_ctx->be_ctx, test_ctx->ipa_ctx, child_dom);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek assert_trust_object(test_ctx->ipa_ctx->server_mode->trusts,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek assert_null(test_ctx->ipa_ctx->server_mode->trusts->next);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void test_ipa_server_trust_init(void **state)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek talloc_get_type(*state, struct trust_test_ctx);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = ipa_ad_subdom_init(test_ctx->be_ctx, test_ctx->ipa_ctx);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek timeout_handler = tevent_add_timer(test_ctx->tctx->ev, test_ctx, tv,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek /* Trust object should be around now */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek assert_non_null(test_ctx->ipa_ctx->server_mode->trusts);
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose assert_non_null(test_ctx->ipa_ctx->server_mode->trusts->next);
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose if (strcmp(test_ctx->ipa_ctx->server_mode->trusts->dom->name,
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose s_trust = test_ctx->ipa_ctx->server_mode->trusts;
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose c_trust = test_ctx->ipa_ctx->server_mode->trusts->next;
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose s_trust = test_ctx->ipa_ctx->server_mode->trusts->next;
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose c_trust = test_ctx->ipa_ctx->server_mode->trusts;
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek /* Two-way trusts should use the system realm */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek /* No more trust objects */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek assert_null(test_ctx->ipa_ctx->server_mode->trusts->next->next);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic int test_get_trust_direction_setup(void **state)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic int test_get_trust_direction_teardown(void **state)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek/* These are stupid tests, but test real data */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void test_trust_dir_getset(struct dir_test_ctx *test_ctx,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = sysdb_attrs_add_uint32(test_ctx->tdo, IPA_TRUST_DIRECTION, dir_in);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = ipa_server_get_trust_direction(test_ctx->tdo, test_ctx->ldb, &dir);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void test_get_trust_direction_inbound(void **state)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void test_get_trust_direction_outbound(void **state)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void test_get_trust_direction_twoway(void **state)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void test_get_trust_direction_notset_root(void **state)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = sysdb_attrs_add_string(test_ctx->tdo, SYSDB_ORIG_DN,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek "cn=AD.DOM,cn=ad,cn=trusts,dc=example,dc=com");
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = ipa_server_get_trust_direction(test_ctx->tdo, test_ctx->ldb, &dir);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek /* With root domains we assume two-way trust */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozekstatic void test_get_trust_direction_notset_member(void **state)
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = sysdb_attrs_add_string(test_ctx->tdo, SYSDB_ORIG_DN,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek "cn=SUB.AD.DOM,cn=AD.DOM,cn=ad,cn=trusts,dc=example,dc=com");
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek ret = ipa_server_get_trust_direction(test_ctx->tdo, test_ctx->ldb, &dir);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek /* With members we set zero and take a look at the parent */
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozekstatic void test_ipa_server_create_trusts_oneway(struct tevent_req *req);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozekstatic void test_ipa_server_create_oneway(void **state)
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek talloc_get_type(*state, struct trust_test_ctx);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek assert_null(test_ctx->ipa_ctx->server_mode->trusts);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek tevent_req_set_callback(req, test_ipa_server_create_trusts_oneway, test_ctx);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozekstatic void test_ipa_server_create_trusts_oneway(struct tevent_req *req)
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek tevent_req_callback_data(req, struct trust_test_ctx);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek assert_true(test_ctx->expect_rename == global_rename_called);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek /* Trust object should be around now */
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek assert_non_null(test_ctx->ipa_ctx->server_mode->trusts);
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose assert_non_null(test_ctx->ipa_ctx->server_mode->trusts->next);
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose if (strcmp(test_ctx->ipa_ctx->server_mode->trusts->dom->name,
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose s_trust = test_ctx->ipa_ctx->server_mode->trusts;
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose c_trust = test_ctx->ipa_ctx->server_mode->trusts->next;
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose s_trust = test_ctx->ipa_ctx->server_mode->trusts->next;
0e238c259c066cf997aaa940d33d6bda96c15925Sumit Bose c_trust = test_ctx->ipa_ctx->server_mode->trusts;
d2c552edde275e6c0de904760147afb2992796e9Jakub Hrozek CHILD_REALM, /* AD realm can be child if SDAP realm is parent's */
d2c552edde275e6c0de904760147afb2992796e9Jakub Hrozek ONEWAY_KEYTAB, /* Keytab shared with parent AD dom */
d2c552edde275e6c0de904760147afb2992796e9Jakub Hrozek ONEWAY_PRINC, /* Principal shared with parent AD dom */
d2c552edde275e6c0de904760147afb2992796e9Jakub Hrozek SUBDOM_REALM); /* SDAP realm must be AD root domain */
d2c552edde275e6c0de904760147afb2992796e9Jakub Hrozek /* Here all properties point to the AD domain */
d2c552edde275e6c0de904760147afb2992796e9Jakub Hrozek assert_null(test_ctx->ipa_ctx->server_mode->trusts->next->next);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozekstatic void test_ipa_server_create_oneway_kt_exists(void **state)
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek talloc_get_type(*state, struct trust_test_ctx);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek assert_null(test_ctx->ipa_ctx->server_mode->trusts);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek tevent_req_set_callback(req, test_ipa_server_create_trusts_oneway, test_ctx);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek/* Test scenario where a keytab already exists, but refresh fails. In this case,
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek * sssd should attempt to reuse the previous keytab
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozekstatic void test_ipa_server_create_oneway_kt_refresh_fallback(void **state)
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek talloc_get_type(*state, struct trust_test_ctx);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek assert_null(test_ctx->ipa_ctx->server_mode->trusts);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek tevent_req_set_callback(req, test_ipa_server_create_trusts_oneway, test_ctx);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek/* Tests case where there's no keytab and retrieving fails. Just fail the
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek * request in that case
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozekstatic void test_ipa_server_create_trusts_oneway_fail(struct tevent_req *req);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozekstatic void test_ipa_server_create_oneway_kt_refresh_fail(void **state)
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek talloc_get_type(*state, struct trust_test_ctx);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek assert_null(test_ctx->ipa_ctx->server_mode->trusts);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozekstatic void test_ipa_server_create_trusts_oneway_fail(struct tevent_req *req)
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek tevent_req_callback_data(req, struct trust_test_ctx);
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek assert_true(test_ctx->expect_rename == global_rename_called);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozekstatic void test_ipa_server_trust_oneway_init(void **state)
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek talloc_get_type(*state, struct trust_test_ctx);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek ret = ipa_ad_subdom_init(test_ctx->be_ctx, test_ctx->ipa_ctx);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek timeout_handler = tevent_add_timer(test_ctx->tctx->ev, test_ctx, tv,
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek assert_non_null(test_ctx->ipa_ctx->server_mode->trusts);
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozekstatic void test_ipa_trust_dir2str(void **state)
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek /* Just make sure the caller can rely on getting a valid string.. */
9d69c05084176602c2c0969e51d6a81ed32974caLukas Slebodnik { "no-cleanup", 'n', POPT_ARG_NONE, &no_cleanup, 0,
9d69c05084176602c2c0969e51d6a81ed32974caLukas Slebodnik _("Do not delete the test database after a test run"), NULL },
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek cmocka_unit_test_setup_teardown(test_ipa_server_create_oneway,
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek cmocka_unit_test_setup_teardown(test_ipa_server_create_oneway_kt_exists,
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek cmocka_unit_test_setup_teardown(test_ipa_server_create_oneway_kt_refresh_fallback,
db5f9ab3feb85aa444eab20428ca2b98801b6783Jakub Hrozek cmocka_unit_test_setup_teardown(test_ipa_server_create_oneway_kt_refresh_fail,
64ea4127f463798410a2c20e0261c6b15f60257fJakub Hrozek cmocka_unit_test_setup_teardown(test_ipa_server_trust_oneway_init,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek cmocka_unit_test_setup_teardown(test_ipa_server_trust_init,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek cmocka_unit_test_setup_teardown(test_ipa_server_create_trusts,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek cmocka_unit_test_setup_teardown(test_get_trust_direction_inbound,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek cmocka_unit_test_setup_teardown(test_get_trust_direction_outbound,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek cmocka_unit_test_setup_teardown(test_get_trust_direction_twoway,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek cmocka_unit_test_setup_teardown(test_get_trust_direction_notset_root,
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek cmocka_unit_test_setup_teardown(test_get_trust_direction_notset_member,
57c5ea8825c7179fd93382dbcbb07e828e5aec19René Genz /* Set debug level to invalid value so we can decide if -d 0 was used. */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek pc = poptGetContext(argv[0], argc, argv, long_options, 0);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek /* Even though normally the tests should clean up after themselves
57c5ea8825c7179fd93382dbcbb07e828e5aec19René Genz * they might not after a failed run. Remove the old DB to be sure */
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek test_dom_suite_cleanup(TESTS_PATH, TEST_CONF_DB, TEST_DOM_NAME);
f4025ea817b3467be1c2e6092014a11fe4547c0dJakub Hrozek rv = cmocka_run_group_tests(tests, NULL, NULL);