e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek Jakub Hrozek <jhrozek@redhat.com>
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek Copyright (C) 2014 Red Hat
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek This program is free software; you can redistribute it and/or modify
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek it under the terms of the GNU General Public License as published by
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek the Free Software Foundation; either version 3 of the License, or
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek (at your option) any later version.
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek This program is distributed in the hope that it will be useful,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek but WITHOUT ANY WARRANTY; without even the implied warranty of
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek GNU General Public License for more details.
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek You should have received a copy of the GNU General Public License
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek along with this program. If not, see <http://www.gnu.org/licenses/>.
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek/* mock an LDAP entry */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozekstatic struct mock_ldap_entry *mock_ldap_entry_get(void)
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek return sss_mock_ptr_type(struct mock_ldap_entry *);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozekvoid set_entry_parse(struct mock_ldap_entry *entry)
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek will_return_always(mock_ldap_entry_get, entry);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub HrozekLDAPDerefRes *mock_deref_res(TALLOC_CTX *mem_ctx,
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek dref->derefVal.bv_val = talloc_strdup(dref, entry->dn);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek /* no attributes, done */
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek for (nattr = 0; entry->attrs[nattr].name; nattr++) {
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek dval->type = talloc_strdup(dval, entry->attrs[nattr].name);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek for (nval = 0; entry->attrs[nattr].values[nval]; nval++);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek dval->vals = talloc_zero_array(dval, struct berval, nval+1);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek for (nval = 0; entry->attrs[nattr].values[nval]; nval++) {
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek dval->vals[nval].bv_val = talloc_strdup(dval->vals,
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek dval->vals[nval].bv_len = strlen(dval->vals[nval].bv_val);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek/* libldap wrappers */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozekchar *__wrap_ldap_get_dn(LDAP *ld, LDAPMessage *entry)
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct mock_ldap_entry *ldap_entry = mock_ldap_entry_get();
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozekstruct berval **__wrap_ldap_get_values_len(LDAP *ld,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct mock_ldap_entry *ldap_entry = mock_ldap_entry_get();
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek /* Should we return empty array here? */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek for (i = 0; ldap_entry->attrs[i].name != NULL; i++) {
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek if (strcmp(ldap_entry->attrs[i].name, target) == 0) {
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek for (i = 0; attrvals[i]; i++) {
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek vals = talloc_zero_array(global_talloc_context,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek for (i = 0; attrvals[i]; i++) {
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek vals[i]->bv_val = talloc_strdup(vals[i], attrvals[i]);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozekvoid __wrap_ldap_value_free_len(struct berval **vals)
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek talloc_free(vals); /* Allocated on global_talloc_context */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct mock_ldap_entry *ldap_entry = mock_ldap_entry_get();
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek return discard_const(ldap_entry->attrs[0].name);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct mock_ldap_entry *ldap_entry = mock_ldap_entry_get();
df9e9a1f9b7dc255eb62c390163c25917b08f5a2Lukas Slebodnik val = discard_const(ldap_entry->attrs[idx].name);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek/* Mock parsing search base without overlinking the test */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozekerrno_t sdap_parse_search_base(TALLOC_CTX *mem_ctx,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek/* Utility function */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozekvoid assert_entry_has_attr(struct sysdb_attrs *attrs,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek const char *attr,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek const char *v;
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozekvoid assert_entry_has_no_attr(struct sysdb_attrs *attrs,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek const char *attr)
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek const char *v;
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek test_ctx = talloc_zero(global_talloc_context, struct parse_test_ctx);
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozekstatic int parse_entry_test_teardown(void **state)
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct parse_test_ctx *test_ctx = talloc_get_type_abort(*state,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek assert_true(check_leaks_pop(test_ctx) == true);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct parse_test_ctx *test_ctx = talloc_get_type_abort(*state,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek const char *oc_values[] = { "posixAccount", NULL };
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek const char *extra_values[] = { "extra", NULL };
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek const char *multi_values[] = { "svc1", "svc2", NULL };
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct mock_ldap_attr test_ipa_user_attrs[] = {
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek { .name = "objectClass", .values = oc_values },
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek { .name = "authorizedService", .values = multi_values },
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek { .name = "ipaSshPubKey", .values = ssh_values },
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek test_ipa_user.dn = "cn=testuser,dc=example,dc=com";
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sdap_copy_map(test_ctx, ipa_user_map, SDAP_OPTS_USER, &map);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sdap_parse_entry(test_ctx, &test_ctx->sh, &test_ctx->sm,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek /* Every entry has a DN */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek "cn=testuser,dc=example,dc=com");
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek /* Test the single-valued attribute */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek assert_entry_has_attr(attrs, SYSDB_NAME, "tuser1");
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek /* Multivalued attributes must return all values */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sysdb_attrs_get_el_ext(attrs, SYSDB_AUTHORIZED_SERVICE, false, &el);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek assert_true((strcmp((const char *) el->values[0].data, "svc1") == 0 &&
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek strcmp((const char *) el->values[1].data, "svc2") == 0) ||
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek (strcmp((const char *) el->values[1].data, "svc1") == 0 &&
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek strcmp((const char *) el->values[0].data, "svc2") == 0));
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek /* The SSH attribute must be base64 encoded */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sysdb_attrs_get_el_ext(attrs, SYSDB_SSH_PUBKEY, false, &el);
d528e4960bf233bc002f9676919ede196c91564cLukas Slebodnik assert_memory_equal(decoded_key, "1234", key_len);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek /* The extra attribute must not be downloaded, it's not present in map */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek/* Some searches, like rootDSE search do not use any map */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct parse_test_ctx *test_ctx = talloc_get_type_abort(*state,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek const char *foo_values[] = { "fooval1", "fooval2", NULL };
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek const char *bar_values[] = { "barval1", NULL };
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct mock_ldap_attr test_nomap_entry_attrs[] = {
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek test_nomap_entry.dn = "cn=testentry,dc=example,dc=com";
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek test_nomap_entry.attrs = test_nomap_entry_attrs;
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sdap_parse_entry(test_ctx, &test_ctx->sh, &test_ctx->sm,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek "cn=testentry,dc=example,dc=com");
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek assert_entry_has_attr(attrs, "bar", "barval1");
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek /* Multivalued attributes must return all values */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sysdb_attrs_get_el_ext(attrs, "foo", false, &el);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek assert_true((strcmp((const char *) el->values[0].data, "fooval1") == 0 &&
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek strcmp((const char *) el->values[1].data, "fooval2") == 0) ||
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek (strcmp((const char *) el->values[1].data, "fooval1") == 0 &&
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek strcmp((const char *) el->values[0].data, "fooval2") == 0));
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek/* Only DN and OC, no real attributes */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct parse_test_ctx *test_ctx = talloc_get_type_abort(*state,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek const char *oc_values[] = { "posixAccount", NULL };
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct mock_ldap_attr test_rfc2307_user_attrs[] = {
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek { .name = "objectClass", .values = oc_values },
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek test_rfc2307_user.dn = "cn=testuser,dc=example,dc=com";
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek test_rfc2307_user.attrs = test_rfc2307_user_attrs;
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sdap_copy_map(test_ctx, rfc2307_user_map, SDAP_OPTS_USER, &map);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sdap_parse_entry(test_ctx, &test_ctx->sh, &test_ctx->sm,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek "cn=testuser,dc=example,dc=com");
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek struct parse_test_ctx *test_ctx = talloc_get_type_abort(*state,
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek const char *oc_values[] = { "posixAccount", NULL };
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek { .name = "objectClass", .values = oc_values },
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek test_dupattr_user.dn = "cn=dupuser,dc=example,dc=com";
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek ret = sdap_copy_map(test_ctx, rfc2307_user_map, SDAP_OPTS_USER, &map);
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek /* Set both uidNumber and gidNumber to idNumber */
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek for (i = 0; i < SDAP_OPTS_USER; i++) {
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek ret = sdap_parse_entry(test_ctx, &test_ctx->sh, &test_ctx->sm,
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek /* Every entry has a DN */
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek "cn=dupuser,dc=example,dc=com");
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek /* Test the single-valued attribute */
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek assert_entry_has_attr(attrs, SYSDB_UIDNUM, "1234");
eed2073f6f7bed7df0327b9fc0f2d410975d5332Jakub Hrozek assert_entry_has_attr(attrs, SYSDB_GIDNUM, "1234");
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek struct parse_test_ctx *test_ctx = talloc_get_type_abort(*state,
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek const char *oc_values[] = { "posixAccount", NULL };
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek const char *extra_values[] = { "extra", NULL };
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek struct mock_ldap_attr test_ipa_user_attrs[] = {
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek { .name = "objectClass", .values = oc_values },
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek test_ipa_user.dn = "cn=testuser,dc=example,dc=com";
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek ret = sdap_copy_map(test_ctx, rfc2307_user_map, SDAP_OPTS_USER, &minfo.map);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek dref = mock_deref_res(test_ctx, &test_ipa_user);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek ret = sdap_parse_deref(test_ctx, &minfo, 1, dref, &res);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek /* The extra attribute must not be downloaded, it's not present in map */
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek assert_entry_has_attr(res[0]->attrs, SYSDB_ORIG_DN,
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek "cn=testuser,dc=example,dc=com");
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek assert_entry_has_attr(res[0]->attrs, SYSDB_NAME, "tuser1");
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek assert_entry_has_no_attr(res[0]->attrs, "extra");
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek struct parse_test_ctx *test_ctx = talloc_get_type_abort(*state,
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek test_ipa_user.dn = "cn=testuser,dc=example,dc=com";
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek ret = sdap_copy_map(test_ctx, rfc2307_user_map, SDAP_OPTS_USER, &minfo.map);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek dref = mock_deref_res(test_ctx, &test_ipa_user);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek ret = sdap_parse_deref(test_ctx, &minfo, 1, dref, &res);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek assert_null(res); /* res must be NULL on receiving no attributes */
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozekvoid test_parse_deref_map_mismatch(void **state)
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek struct parse_test_ctx *test_ctx = talloc_get_type_abort(*state,
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek const char *oc_values[] = { "posixAccount", NULL };
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek struct mock_ldap_attr test_ipa_user_attrs[] = {
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek { .name = "objectClass", .values = oc_values },
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek test_ipa_user.dn = "cn=testuser,dc=example,dc=com";
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek ret = sdap_copy_map(test_ctx, rfc2307_group_map, SDAP_OPTS_GROUP, &minfo.map);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek dref = mock_deref_res(test_ctx, &test_ipa_user);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek ret = sdap_parse_deref(test_ctx, &minfo, 1, dref, &res);
0321da68a393943797ea8cb9eb5e9672431ff8f4Jakub Hrozek /* the group map didn't match, so no attrs will be parsed out of the map */
4a196cdb4b287f3ae5624cb9bf114711a0319c15Jakub Hrozek struct parse_test_ctx *test_ctx = talloc_get_type_abort(*state,
4a196cdb4b287f3ae5624cb9bf114711a0319c15Jakub Hrozek const char *oc_values[] = { "secondaryOC", NULL };
4a196cdb4b287f3ae5624cb9bf114711a0319c15Jakub Hrozek const char *uid_values[] = { "tgroup1", NULL };
4a196cdb4b287f3ae5624cb9bf114711a0319c15Jakub Hrozek struct mock_ldap_attr test_rfc2307_group_attrs[] = {
4a196cdb4b287f3ae5624cb9bf114711a0319c15Jakub Hrozek { .name = "objectClass", .values = oc_values },
4a196cdb4b287f3ae5624cb9bf114711a0319c15Jakub Hrozek test_rfc2307_group.dn = "cn=testgroup,dc=example,dc=com";
4a196cdb4b287f3ae5624cb9bf114711a0319c15Jakub Hrozek test_rfc2307_group.attrs = test_rfc2307_group_attrs;
4a196cdb4b287f3ae5624cb9bf114711a0319c15Jakub Hrozek ret = sdap_copy_map(test_ctx, rfc2307_group_map, SDAP_OPTS_GROUP, &map);
4a196cdb4b287f3ae5624cb9bf114711a0319c15Jakub Hrozek map[SDAP_OC_GROUP_ALT].name = discard_const("secondaryOC");
4a196cdb4b287f3ae5624cb9bf114711a0319c15Jakub Hrozek ret = sdap_parse_entry(test_ctx, &test_ctx->sh, &test_ctx->sm,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek/* Negative test - objectclass doesn't match the map */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct parse_test_ctx *test_ctx = talloc_get_type_abort(*state,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek const char *oc_values[] = { "someRandomValueWhoCaresItsAUnitTest", NULL };
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct mock_ldap_attr test_rfc2307_user_attrs[] = {
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek { .name = "objectClass", .values = oc_values },
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek test_rfc2307_user.dn = "cn=testuser,dc=example,dc=com";
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek test_rfc2307_user.attrs = test_rfc2307_user_attrs;
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sdap_copy_map(test_ctx, rfc2307_user_map, SDAP_OPTS_USER, &map);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sdap_parse_entry(test_ctx, &test_ctx->sh, &test_ctx->sm,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek/* Negative test - the entry has no objectClass. Just make sure
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek * we don't crash
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct parse_test_ctx *test_ctx = talloc_get_type_abort(*state,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct mock_ldap_attr test_rfc2307_user_attrs[] = {
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek test_rfc2307_user.dn = "cn=testuser,dc=example,dc=com";
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek test_rfc2307_user.attrs = test_rfc2307_user_attrs;
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sdap_copy_map(test_ctx, rfc2307_user_map, SDAP_OPTS_USER, &map);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sdap_parse_entry(test_ctx, &test_ctx->sh, &test_ctx->sm,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek/* Negative test - the entry has no DN. Just make sure
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek * we don't crash and detect the failure.
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct parse_test_ctx *test_ctx = talloc_get_type_abort(*state,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek const char *oc_values[] = { "posixAccount", NULL };
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek struct mock_ldap_attr test_rfc2307_user_attrs[] = {
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek { .name = "objectClass", .values = oc_values },
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek test_rfc2307_user.attrs = test_rfc2307_user_attrs;
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sdap_copy_map(test_ctx, rfc2307_user_map, SDAP_OPTS_USER, &map);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek ret = sdap_parse_entry(test_ctx, &test_ctx->sh, &test_ctx->sm,
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozekstatic int copy_map_entry_test_setup(void **state)
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek ret = sdap_copy_map(test_ctx, rfc2307_user_map,
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek ret = sdap_copy_map(test_ctx, rfc2307_user_map,
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozekstatic int copy_map_entry_test_teardown(void **state)
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek struct copy_map_entry_test_ctx *test_ctx = talloc_get_type_abort(*state,
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek assert_true(check_leaks_pop(test_ctx) == true);
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozekstatic const char *copy_uuid(struct copy_map_entry_test_ctx *test_ctx)
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek assert_null(test_ctx->dst_map[SDAP_AT_USER_UUID].name);
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek ret = sdap_copy_map_entry(test_ctx->src_map, test_ctx->dst_map,
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek return test_ctx->dst_map[SDAP_AT_USER_UUID].name;
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozekstatic void test_sdap_copy_map_entry(void **state)
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek struct copy_map_entry_test_ctx *test_ctx = talloc_get_type_abort(*state,
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek test_ctx->src_map[SDAP_AT_USER_UUID].name = discard_const(uuid_set_val);
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek talloc_free(test_ctx->dst_map[SDAP_AT_USER_UUID].name);
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozekstatic void test_sdap_copy_map_entry_null_name(void **state)
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek struct copy_map_entry_test_ctx *test_ctx = talloc_get_type_abort(*state,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozekstruct sdap_options *mock_sdap_opts(TALLOC_CTX *mem_ctx)
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek opts = talloc_zero(mem_ctx, struct sdap_options);
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek ret = dp_copy_defaults(opts, default_basic_opts,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozekstatic int test_sdap_inherit_option_setup(void **state)
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek test_ctx->child_sdap_opts = talloc_zero(test_ctx, struct sdap_options);
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek test_ctx->parent_sdap_opts = mock_sdap_opts(test_ctx);
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek test_ctx->child_sdap_opts = mock_sdap_opts(test_ctx);
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek test_ctx->parent_sdap_opts->user_map[SDAP_AT_USER_PRINC].name = \
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek ret = dp_opt_set_int(test_ctx->parent_sdap_opts->basic,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozekstatic int test_sdap_inherit_option_teardown(void **state)
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek talloc_get_type_abort(*state, struct test_sdap_inherit_ctx);
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozekstatic void test_sdap_inherit_option_null(void **state)
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek talloc_get_type_abort(*state, struct test_sdap_inherit_ctx);
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek val = dp_opt_get_int(test_ctx->child_sdap_opts->basic,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek val = dp_opt_get_int(test_ctx->child_sdap_opts->basic,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozekstatic void test_sdap_inherit_option_notset(void **state)
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek talloc_get_type_abort(*state, struct test_sdap_inherit_ctx);
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek const char *inherit_options[] = { "ldap_use_tokengroups", NULL };
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek val = dp_opt_get_int(test_ctx->child_sdap_opts->basic,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek /* parent has nondefault, but it's not supposed to be inherited */
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek sdap_inherit_options(discard_const(inherit_options),
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek val = dp_opt_get_int(test_ctx->child_sdap_opts->basic,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozekstatic void test_sdap_inherit_option_basic(void **state)
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek talloc_get_type_abort(*state, struct test_sdap_inherit_ctx);
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek const char *inherit_options[] = { "ldap_purge_cache_timeout", NULL };
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek val = dp_opt_get_int(test_ctx->child_sdap_opts->basic,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek /* parent has nondefault, but it's not supposed to be inherited */
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek sdap_inherit_options(discard_const(inherit_options),
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek val = dp_opt_get_int(test_ctx->child_sdap_opts->basic,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozekstatic void test_sdap_inherit_option_user(void **state)
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek talloc_get_type_abort(*state, struct test_sdap_inherit_ctx);
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek const char *inherit_options[] = { "ldap_user_principal", NULL };
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek test_ctx->child_sdap_opts->user_map[SDAP_AT_USER_PRINC].name,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek "krbPrincipalName");
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek /* parent has nondefault, but it's not supposed to be inherited */
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek sdap_inherit_options(discard_const(inherit_options),
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek test_ctx->child_sdap_opts->user_map[SDAP_AT_USER_PRINC].name,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek "test_princ");
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek talloc_free(test_ctx->child_sdap_opts->user_map[SDAP_AT_USER_PRINC].name);
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozekstatic struct sysdb_attrs *test_obj(TALLOC_CTX *mem_ctx,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek const char *name,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek orig_dn = talloc_asprintf(obj, "CN=%s,%s", name, basedn);
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek ret = sysdb_attrs_add_string(obj, SYSDB_ORIG_DN, orig_dn);
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek ret = sysdb_attrs_add_string(obj, SYSDB_NAME, name);
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozekstatic struct sdap_domain *create_sdap_domain(struct sdap_options *opts,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek sdom->search_bases = talloc_array(sdom, struct sdap_search_base *, 2);
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek ret = sdap_create_search_base(sdom, sdom->basedn,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozekstatic int sdap_copy_objects_in_dom_setup(void **state)
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek test_ctx->opts = talloc_zero(test_ctx, struct sdap_options);
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek test_ctx->parent = named_domain(test_ctx, "win.trust.test", NULL);
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek test_ctx->child = named_domain(test_ctx, "child.win.trust.test",
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek test_ctx->parent_sd = create_sdap_domain(test_ctx->opts,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek test_ctx->child_sd = create_sdap_domain(test_ctx->opts,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek /* These two objects were 'returned by LDAP' */
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek test_ctx->ldap_objects = talloc_zero_array(test_ctx,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek test_ctx->ldap_objects[0] = test_obj(test_ctx->ldap_objects, "parent",
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek test_ctx->ldap_objects[1] = test_obj(test_ctx->ldap_objects, "child",
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek /* This is the array we'll filter to */
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek test_ctx->dom_objects = talloc_zero_array(test_ctx,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozekstatic int sdap_copy_objects_in_dom_teardown(void **state)
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek struct copy_dom_obj_test_ctx *test_ctx = talloc_get_type_abort(*state,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozekstatic void test_sdap_copy_objects_in_dom(void **state)
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek struct copy_dom_obj_test_ctx *test_ctx = talloc_get_type_abort(*state,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek assert_ptr_equal(talloc_parent(test_ctx->ldap_objects[0]),
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek assert_ptr_equal(talloc_parent(test_ctx->ldap_objects[1]),
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek count = sdap_steal_objects_in_dom(test_ctx->opts,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek assert_non_null(test_ctx->dom_objects[0] == test_ctx->ldap_objects[0]);
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek assert_ptr_equal(talloc_parent(test_ctx->ldap_objects[0]),
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek count = sdap_steal_objects_in_dom(test_ctx->opts,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek assert_non_null(test_ctx->dom_objects[1] == test_ctx->ldap_objects[1]);
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek assert_ptr_equal(talloc_parent(test_ctx->ldap_objects[1]),
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozekstatic void test_sdap_copy_objects_in_dom_nofilter(void **state)
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek struct copy_dom_obj_test_ctx *test_ctx = talloc_get_type_abort(*state,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek count = sdap_steal_objects_in_dom(test_ctx->opts,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek assert_ptr_equal(talloc_parent(test_ctx->ldap_objects[0]),
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek assert_ptr_equal(talloc_parent(test_ctx->ldap_objects[1]),
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek cmocka_unit_test_setup_teardown(test_parse_with_map,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek cmocka_unit_test_setup_teardown(test_parse_no_map,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek cmocka_unit_test_setup_teardown(test_parse_no_attrs,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek cmocka_unit_test_setup_teardown(test_parse_dups,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek cmocka_unit_test_setup_teardown(test_parse_deref,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek cmocka_unit_test_setup_teardown(test_parse_deref_no_attrs,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek cmocka_unit_test_setup_teardown(test_parse_secondary_oc,
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek /* Negative tests */
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek cmocka_unit_test_setup_teardown(test_parse_no_oc,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek cmocka_unit_test_setup_teardown(test_parse_bad_oc,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek cmocka_unit_test_setup_teardown(test_parse_no_dn,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek cmocka_unit_test_setup_teardown(test_parse_deref_map_mismatch,
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek /* Map option tests */
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek cmocka_unit_test_setup_teardown(test_sdap_copy_map_entry,
12089241f6a6eabf4f0c95669e5fc2bb3b503c06Jakub Hrozek cmocka_unit_test_setup_teardown(test_sdap_copy_map_entry_null_name,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek /* Option inherit tests */
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek cmocka_unit_test_setup_teardown(test_sdap_inherit_option_null,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek cmocka_unit_test_setup_teardown(test_sdap_inherit_option_notset,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek cmocka_unit_test_setup_teardown(test_sdap_inherit_option_basic,
9b162bf39ef75629f54ffa1d0bd5f9c13119b650Jakub Hrozek cmocka_unit_test_setup_teardown(test_sdap_inherit_option_user,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek /* Per-domain object filter tests */
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek cmocka_unit_test_setup_teardown(test_sdap_copy_objects_in_dom,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek cmocka_unit_test_setup_teardown(test_sdap_copy_objects_in_dom_nofilter,
57c5ea8825c7179fd93382dbcbb07e828e5aec19René Genz /* Set debug level to invalid value so we can decide if -d 0 was used. */
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek pc = poptGetContext(argv[0], argc, argv, long_options, 0);
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek /* Even though normally the tests should clean up after themselves
57c5ea8825c7179fd93382dbcbb07e828e5aec19René Genz * they might not after a failed run. Remove the old DB to be sure */