Hi,
I have tried making all the changes suggested to the unit test of negcache
patch. The patch is attached with the mail.
All is working fine except when I add the check for the existence of
"testuser1" and "testgroup1" in test_sss_ncache_prepopulate(). Test
fails
there. Please review the patch and kindly let me know where I am going
wrong.
Thanks!
On 29 January 2014 03:26, Jakub Hrozek <jhrozek(a)redhat.com> wrote:
> On Tue, Jan 28, 2014 at 04:50:44AM +0545, Pallavi Jha wrote:
> > Hi,
> >
> > I have tried to make all the required changes as mentioned in the above
> > mail. The patch for the same is attached along with this mail. While
> > writing test "test_sss_ncache_prepopulate" I came across a bug, as
> > mentioned below. Let me know if I am going wrong anywhere:
> >
> > *In negcache.c*
> >
> > line 676 ret = sss_parse_name_for_domains(tmpctx, domain_list,
> > rctx->default_domain,
> > filter_list[i],
> > &domainname, &name);
> >
> > line 676 calls sss_parse_name() which in return executes line no 395 in
> > src/util/usertools.c which is ret = sss_parse_name(tmp_ctx, dom->names,
> > orig, &dmatch, &nmatch);
> >
> > Now look at 2nd argument of sss_parse_namae it is of type char * but if
> you
> > check sss_parse_name defn at line no 304:
> >
> > int sss_parse_name(TALLOC_CTX *memctx,
> > struct sss_names_ctx *snctx,
> > const char *orig, char **domain, char **name)
> >
> > so line no 308 : pcre *re = snctx->re; is the reason for
> > crash(segmentation fault).
> >
> > Please review the patch.
>
> Hi,
>
> you just need to initialize the snctx, that can be done with a similar
> call in the prepopulate test:
>
> ret = sss_names_init(ts, tc->confdb, TEST_DOM_NAME, &dom->names);
> assert_int_equal(ret, EOK);
>
> See some minor comments about the patch inline.
>
> > +#define SHORTSPAN 2
>
> I know I suggested the sleep of 2 seconds, but when I ran the test now
> it looked like too much, the test was paused for too long. Maybe just 1s
> would be better, I tried running the test in a loop and didn't find any
> bugs the short span would cause
>
>
> [snip]
>
> > +static void test_sss_ncache_prepopulate(void **state)
> > +{
> > + int ret;
> > + struct test_state *ts;
> > + struct tevent_context *ev;
> > + struct sss_nc_ctx *ncache;
> > + struct sss_test_ctx *tc;
> > + struct sss_domain_info *dom;
> > +
> > + ts = talloc_get_type_abort(*state, struct test_state);
> > +
> > + ev = tevent_context_init(ts);
>
> You should check if ev is not NULL.
>
> > +
> > + dom = talloc(ts, struct sss_domain_info);
>
> Same here for dom.
>
> > + dom->name = NAME;
>
> It's a very good idea to define the NAME, but with my (admittedly
> strict) CFLAGS, I'm getting a warning because the domain name is "char
> *" but the string constant in NAME is "const char *".
>
> You can get around this warning by using a special 'discard_const' macro
> like this:
> dom->name = discard_const(NAME);
>
> > +
> > + ts->nctx = mock_nctx(ts);
> > + assert_non_null(ts->nctx);
> > +
> > + struct sss_test_conf_param params[] = {
> > + { "filter_users", "testuser1" },
> > + { "filter_groups", "testgroup1" },
> > + { NULL, NULL },
> > + };
>
> I prefer if variable definitions are kept at the function beginning and
> not interleave with code.
>
> > +
> > + tc = create_dom_test_ctx(ts, TESTS_PATH, TEST_CONF_DB,
> > + TEST_SYSDB_FILE, TEST_DOM_NAME,
> > + TEST_ID_PROVIDER, params);
> > + assert_non_null(tc);
> > +
> > + ncache = ts->ctx;
> > + ts->rctx = mock_rctx(ts, ev, dom, ts->nctx);
> > + assert_non_null(ts->rctx);
> > + assert_non_null(tc->confdb);
>
> Why do you check confdb here separately? I think create_dom_test_ctx can
> be trusted to create it on its own.
>
> > +
> > + ret = sss_ncache_prepopulate(ncache, tc->confdb, ts->rctx);
> > + assert_int_equal(ret, EOK);
>
> I assume the continuation of this test would be to check that testuser1
> and testgroup1 will be present in the cache even after the short sleep?
>
> > +}
>
> The test is looking good, nice work!
>
From 55b61c6ab1b0578a6ccb1f88c010c56cda6e16ec Mon Sep 17 00:00:00
2001
From: Pallavi Jha <pallavikumarijha(a)gmail.com>
Date: Sat, 18 Jan 2014 14:36:25 +0545
Subject: [PATCH] Unit-test-for-negcache-module-added
---
Makefile.am | 17 +
src/tests/cmocka/test_negcache.c | 648 +++++++++++++++++++++++++++++++++++++++
2 files changed, 665 insertions(+)
create mode 100644 src/tests/cmocka/test_negcache.c
diff --git a/Makefile.am b/Makefile.am
index 9c155d68c7f452bb02a4da154992fa2fca6af273..3ef6c3f57fd1ca31b57745cc068f918a135ae3a9
100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -150,6 +150,7 @@ if HAVE_CMOCKA
nss-srv-tests \
test-find-uid \
test-io \
+ test-negcache \
test-authtok \
sss_nss_idmap-tests \
dyndns-tests \
@@ -1347,6 +1348,22 @@ test_io_CFLAGS = \
test_io_LDADD = \
$(CMOCKA_LIBS)
+EXTRA_test_negcache_DEPENDENCIES = \
+ $(ldblib_LTLIBRARIES)
+test_negcache_SOURCES = \
+ $(SSSD_RESPONDER_OBJ) \
+ src/tests/cmocka/test_negcache.c
+test_negcache_CFLAGS = \
+ $(AM_CFLAGS) \
+ $(TALLOC_CFLAGS) \
+ $(DHASH_CFLAGS)
+test_negcache_LDADD = \
+ $(CMOCKA_LIBS) \
+ $(SSSD_LIBS) \
+ $(SSSD_INTERNAL_LTLIBS) \
+ libsss_test_common.la \
+ libsss_idmap.la
+
test_authtok_SOURCES = \
src/tests/cmocka/test_authtok.c \
src/util/authtok.c \
diff --git a/src/tests/cmocka/test_negcache.c b/src/tests/cmocka/test_negcache.c
new file mode 100644
index 0000000000000000000000000000000000000000..85903a3be7900e39a3bebac438d6e7d977f177d3
--- /dev/null
+++ b/src/tests/cmocka/test_negcache.c
@@ -0,0 +1,648 @@
+/*
+ SSSD
+
+ NSS Responder
+
+ Authors:
+ Pallavi Jha <pallavikumarijha(a)gmail.com>
+
+ Copyright (C) 2013 Red Hat
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <
http://www.gnu.org/licenses/>.
+*/
+
+#include <stdarg.h>
+#include <stdlib.h>
+#include <stddef.h>
+#include <setjmp.h>
+#include <errno.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <inttypes.h>
+#include <cmocka.h>
+
+#include "tests/cmocka/common_mock.h"
+#include "tests/cmocka/common_mock_resp.h"
+#include "responder/nss/nsssrv.h"
+#include "responder/nss/nsssrv_private.h"
+#include "sss_client/idmap/sss_nss_idmap.h"
+#include "util/util_sss_idmap.h"
+#include "lib/idmap/sss_idmap.h"
+#include "util/util.h"
+#include "util/util_sss_idmap.h"
+#include "responder/common/responder.h"
+#include "responder/common/negcache.h"
+
+#define PORT 21
+#define SID "S-1-2-3-4-5"
+#define PROTO "TCP"
+#define LIFETIME 200
+#define SHORTSPAN 1
+#define NAME "foo_name"
+#define UID "U-1-2-3-4-5"
+#define TESTS_PATH "tests_nss"
+#define TEST_CONF_DB "test_nss_conf.ldb"
+#define TEST_SYSDB_FILE "cache_nss_test.ldb"
+#define TEST_DOM_NAME "nss_test"
+#define TEST_SUBDOM_NAME "test.sub"
+#define TEST_ID_PROVIDER "ldap"
+
+/* register_cli_protocol_version is required in test since it links with
+ * responder_common.c module
+ */
+struct cli_protocol_version *register_cli_protocol_version(void)
+{
+ static struct cli_protocol_version responder_test_cli_protocol_version[] = {
+ {0, NULL, NULL}
+ };
+
+ return responder_test_cli_protocol_version;
+}
+
+/* Mock NSS structure */
+struct nss_ctx *
+mock_nctx(TALLOC_CTX *mem_ctx)
+{
+ struct nss_ctx *nctx;
+ errno_t ret;
+ enum idmap_error_code err;
+
+ nctx = talloc_zero(mem_ctx, struct nss_ctx);
+ if (!nctx) {
+ return NULL;
+ }
+
+ ret = sss_ncache_init(nctx, &nctx->ncache);
+ if (ret != EOK) {
+ talloc_free(nctx);
+ return NULL;
+ }
+ nctx->neg_timeout = 10;
+ nctx->pwfield = discard_const("*");
+
+ err = sss_idmap_init(sss_idmap_talloc, nctx, sss_idmap_talloc_free,
+ &nctx->idmap_ctx);
+ if (err != IDMAP_SUCCESS) {
+ DEBUG(SSSDBG_FATAL_FAILURE, ("sss_idmap_init failed.\n"));
+ talloc_free(nctx);
+ return NULL;
+ }
+ return nctx;
+}
+
+/* Mock a responder context */
+struct resp_ctx *
+mock_rctx(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct sss_domain_info *domains,
+ void *pvt_ctx)
+{
+ struct resp_ctx *rctx;
+ errno_t ret;
+
+ rctx = talloc_zero(mem_ctx, struct resp_ctx);
+ if (!rctx) return NULL;
+
+ ret = sss_hash_create(rctx, 30, &rctx->dp_request_table);
+ if (ret != EOK) {
+ talloc_free(rctx);
+ return NULL;
+ }
+
+ rctx->ev = ev;
+ rctx->domains = domains;
+ rctx->pvt_ctx = pvt_ctx;
+ return rctx;
+}
+
+struct test_state {
+ struct sss_nc_ctx *ctx;
+ struct nss_ctx *nctx;
+ struct resp_ctx *rctx;
+};
+
+static void setup(void **state)
+{
+ int ret;
+ struct test_state *ts;
+
+ ts = talloc(NULL, struct test_state);
+ assert_non_null(ts);
+
+ ret = sss_ncache_init(ts, &ts->ctx);
+ assert_int_equal(ret, EOK);
+ assert_non_null(ts->ctx);
+
+ *state = (void *)ts;
+}
+
+static void teardown(void **state)
+{
+ struct test_state *ts = talloc_get_type_abort(*state, struct test_state);
+ talloc_free(ts);
+}
+
+static void test_sss_ncache_init(void **state)
+{
+ int ret;
+ TALLOC_CTX *memctx;
+ struct sss_nc_ctx *ctx;
+
+ memctx = talloc_new(NULL);
+ assert_non_null(memctx);
+
+ ret = sss_ncache_init(memctx, &ctx );
+ assert_int_equal(ret, errno);
+ assert_int_equal(ret, EOK);
+ assert_non_null(ctx);
+
+ talloc_free(memctx);
+}
+
+/* @test_sss_ncache_uid : test following functions
+ * sss_ncache_set_uid
+ * sss_ncache_check_uid
+ */
+static void test_sss_ncache_uid(void **state)
+{
+ uid_t uid;
+ int ret, ttl;
+ bool permanent;
+ struct test_state *ts;
+
+ ttl = LIFETIME;
+ uid = getuid();
+
+ ts = talloc_get_type_abort(*state, struct test_state);
+
+ /* test when uid not present in database */
+ ret = sss_ncache_check_uid(ts->ctx, ttl, uid);
+ assert_int_equal(ret, ENOENT);
+
+ /* test when uid is present in database */
+ permanent = true;
+
+ ret = sss_ncache_reset_permanent(ts->ctx);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_set_uid(ts->ctx, permanent, uid);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_uid(ts->ctx, ttl, uid);
+ assert_int_equal(ret, EEXIST);
+
+ ttl = SHORTSPAN;
+ ret = sss_ncache_set_uid(ts->ctx, permanent, uid);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_uid(ts->ctx, ttl, uid);
+ assert_int_equal(ret, EEXIST);
+
+ sleep(SHORTSPAN + 1);
+
+ ret = sss_ncache_check_uid(ts->ctx, ttl, uid);
+ assert_int_equal(ret, EEXIST);
+
+ permanent = false;
+
+ ret = sss_ncache_set_uid(ts->ctx, permanent, uid);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_uid(ts->ctx, ttl, uid);
+ assert_int_equal(ret, EEXIST);
+
+ sleep(SHORTSPAN + 1);
+
+ ret = sss_ncache_check_uid(ts->ctx, ttl, uid);
+ assert_int_equal(ret, ENOENT);
+
+ ret = sss_ncache_set_uid(ts->ctx, permanent, uid);
+ assert_int_equal(ret, EOK);
+
+ /* test when ttl is -1 with uid present in database*/
+ ttl = -1;
+ ret = sss_ncache_check_uid(ts->ctx, ttl, uid);
+ assert_int_equal(ret, EEXIST);
+}
+
+/* @test_sss_ncache_gid : test following functions
+ * sss_ncache_set_gid
+ * sss_ncache_check_gid
+ */
+static void test_sss_ncache_gid(void **state)
+{
+ gid_t gid;
+ int ret, ttl;
+ bool permanent;
+ struct test_state *ts;
+
+ ttl = LIFETIME;
+ gid = getgid();
+ ts = talloc_get_type_abort(*state, struct test_state);
+
+ /* test when gid is not present in database */
+ ret = sss_ncache_check_gid(ts->ctx, ttl, gid);
+ assert_int_equal(ret, ENOENT);
+
+ /* test when gid is present in database */
+ permanent = true;
+ ret = sss_ncache_set_gid(ts->ctx, permanent, gid);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_gid(ts->ctx, ttl, gid);
+ assert_int_equal(ret, EEXIST);
+
+ permanent = false;
+ ret = sss_ncache_set_uid(ts->ctx, permanent, gid);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_uid(ts->ctx, ttl, gid);
+ assert_int_equal(ret, EEXIST);
+
+ /* test when ttl is -1 with gid present in database*/
+ ttl = -1;
+ ret = sss_ncache_check_gid(ts->ctx, ttl, gid);
+ assert_int_equal(ret, EEXIST);
+}
+
+
+/* @test_sss_ncache_sid : test following functions
+ * sss_ncache_set_sid
+ * sss_ncache_check_sid
+ */
+static void test_sss_ncache_sid(void **state)
+{
+ int ret, ttl;
+ bool permanent;
+ const char *sid = NULL;
+ struct test_state *ts;
+
+ ttl = LIFETIME;
+ sid = SID;
+ ts = talloc_get_type_abort(*state, struct test_state);
+
+ /*test when sid in not present in database */
+ ret = sss_ncache_check_sid(ts->ctx, ttl, sid);
+ assert_int_equal(ret, ENOENT);
+
+ /* test when sid is present in database */
+ permanent = true;
+ ret = sss_ncache_set_sid(ts->ctx, permanent, sid);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_sid(ts->ctx, ttl, sid);
+ assert_int_equal(ret, EEXIST);
+
+ permanent = false;
+ ret = sss_ncache_set_sid(ts->ctx, permanent, sid);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_sid(ts->ctx, ttl, sid);
+ assert_int_equal(ret, EEXIST);
+
+ /* test when ttl is -1 with sid present in database*/
+ ttl = -1;
+ ret = sss_ncache_check_sid(ts->ctx, ttl, sid);
+ assert_int_equal(ret, EEXIST);
+}
+
+/* @test_sss_ncache_user : test following functions
+ * sss_ncache_check_user
+ * sss_ncache_set_user
+ */
+static void test_sss_ncache_user(void **state)
+{
+ int ret, ttl;
+ bool permanent;
+ const char *name = NAME;
+ struct test_state *ts;
+ struct sss_domain_info *dom;
+
+ ttl = LIFETIME;
+ ts = talloc_get_type_abort(*state, struct test_state);
+ dom = talloc(ts, struct sss_domain_info);
+ dom->name = discard_const(NAME);
+
+ /* test when domain name is not present in database */
+ dom->case_sensitive = false;
+ ret = sss_ncache_check_user(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, ENOENT);
+
+ dom->case_sensitive = true;
+ ret = sss_ncache_check_user(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, ENOENT);
+
+ /* test when domain name is present in database */
+ permanent = true;
+ ret = sss_ncache_set_user(ts->ctx, permanent, dom, name);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_user(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, EEXIST);
+
+ permanent = false;
+ ret = sss_ncache_set_user(ts->ctx, permanent, dom, name);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_user(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, EEXIST);
+
+ /* test when ttl is -1 with domain name present in database */
+ ttl = -1;
+ ret = sss_ncache_check_user(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, EEXIST);
+}
+
+/* @test_sss_ncache_group : test following functions
+ * sss_ncache_check_group
+ * sss_ncache_set_group
+ */
+static void test_sss_ncache_group(void **state)
+{
+ int ret, ttl;
+ bool permanent;
+ const char *name = NAME;
+ struct test_state *ts;
+ struct sss_domain_info *dom;
+
+ ttl = LIFETIME;
+ ts = talloc_get_type_abort(*state, struct test_state);
+ dom = talloc(ts, struct sss_domain_info);
+ dom->name = discard_const(NAME);
+
+ /* test when domain name is not present in database */
+ dom->case_sensitive = false;
+ ret = sss_ncache_check_group(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, ENOENT);
+
+ dom->case_sensitive = true;
+ ret = sss_ncache_check_group(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, ENOENT);
+
+ /* test when domain name is present in database */
+ permanent = true;
+ ret = sss_ncache_set_group(ts->ctx, permanent, dom, name);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_group(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, EEXIST);
+
+ permanent = false;
+ ret = sss_ncache_set_group(ts->ctx, permanent, dom, name);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_group(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, EEXIST);
+
+ /* test when ttl is -1 with domain name present in database */
+ ttl = -1;
+ ret = sss_ncache_check_group(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, EEXIST);
+}
+
+/* @test_sss_ncache_netgr : test following functions
+ * sss_ncache_check_netgr
+ * sss_ncache_set_netgr
+ */
+static void test_sss_ncache_netgr(void **state)
+{
+ int ret, ttl;
+ bool permanent;
+ const char *name = NAME;
+ struct test_state *ts;
+ struct sss_domain_info *dom;
+
+ ttl = LIFETIME;
+ ts = talloc_get_type_abort(*state, struct test_state);
+ dom = talloc(ts, struct sss_domain_info);
+ dom->name = discard_const(NAME);
+
+ /* test when domain name is not present in database */
+ dom->case_sensitive = false;
+ ret = sss_ncache_check_netgr(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, ENOENT);
+
+ dom->case_sensitive = true;
+ ret = sss_ncache_check_netgr(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, ENOENT);
+
+ /* test when domain name is present in database */
+ permanent = true;
+ ret = sss_ncache_set_netgr(ts->ctx, permanent, dom, name);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_netgr(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, EEXIST);
+
+ permanent = false;
+ ret = sss_ncache_set_netgr(ts->ctx, permanent, dom, name);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_netgr(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, EEXIST);
+
+ /* test when ttl is -1 with domain name present in database */
+ ttl = -1;
+ ret = sss_ncache_check_netgr(ts->ctx, ttl, dom, name);
+ assert_int_equal(ret, EEXIST);
+}
+
+/* @test_sss_ncache_service_name : test following functions
+ * sss_ncache_check_service
+ * sss_ncache_set_service_name
+ */
+static void test_sss_ncache_service_name(void **state)
+{
+ int ret, ttl;
+ bool permanent;
+ const char *name = NAME;
+ struct test_state *ts;
+ struct sss_domain_info *dom;
+
+ ttl = LIFETIME;
+ ts = talloc_get_type_abort(*state, struct test_state);
+ dom = talloc(ts, struct sss_domain_info);
+ dom->name = discard_const(NAME);
+
+ /* test when domain name and protocol are not present in database */
+ dom->case_sensitive = false;
+ ret = sss_ncache_check_service(ts->ctx, ttl, dom, name, PROTO);
+ assert_int_equal(ret, ENOENT);
+
+ dom->case_sensitive = true;
+ ret = sss_ncache_check_service(ts->ctx, ttl, dom, name, PROTO);
+ assert_int_equal(ret, ENOENT);
+
+ /* test when domain name and protocol are present in database */
+ permanent = true;
+ ret = sss_ncache_set_service_name(ts->ctx, permanent, dom, name, PROTO);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_service(ts->ctx, ttl, dom, name, PROTO);
+ assert_int_equal(ret, EEXIST);
+
+ permanent = false;
+ ret = sss_ncache_set_service_name(ts->ctx, permanent, dom, name, PROTO);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_service(ts->ctx, ttl, dom, name, PROTO);
+ assert_int_equal(ret, EEXIST);
+
+ /* test when ttl is -1 with domain name present in database */
+ ttl = -1;
+ ret = sss_ncache_check_service(ts->ctx, ttl, dom, name, PROTO);
+ assert_int_equal(ret, EEXIST);
+}
+
+/* @test_sss_ncache_service_port : test following functions
+ * sss_ncache_check_service_port
+ * sss_ncache_set_service_port
+ */
+static void test_sss_ncache_service_port(void **state)
+{
+ int ret, ttl;
+ bool permanent;
+ struct test_state *ts;
+ struct sss_domain_info *dom;
+
+ ttl = LIFETIME;
+ ts = talloc_get_type_abort(*state, struct test_state);
+ dom = talloc(ts, struct sss_domain_info);
+ dom->name = discard_const(NAME);
+
+ /* test when domain name, port and protocol are not present in database */
+ dom->case_sensitive = false;
+ ret = sss_ncache_check_service_port(ts->ctx, ttl, dom, (uint16_t)PORT,
+ PROTO);
+ assert_int_equal(ret, ENOENT);
+
+ dom->case_sensitive = true;
+ ret = sss_ncache_check_service_port(ts->ctx, ttl, dom, (uint16_t)PORT,
+ PROTO);
+ assert_int_equal(ret, ENOENT);
+
+ /* test when domain name, port and protocol are present in database */
+ permanent = true;
+ ret = sss_ncache_set_service_port(ts->ctx, permanent, dom, (uint16_t)PORT,
+ PROTO);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_service_port(ts->ctx, ttl, dom, (uint16_t)PORT,
+ PROTO);
+ assert_int_equal(ret, EEXIST);
+
+ permanent = false;
+ ret = sss_ncache_set_service_port(ts->ctx, permanent, dom, (uint16_t)PORT,
+ PROTO);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_check_service_port(ts->ctx, ttl, dom, (uint16_t)PORT,
+ PROTO);
+ assert_int_equal(ret, EEXIST);
+
+ /* test when ttl is -1 with domain name present in database */
+ ttl = -1;
+ ret = sss_ncache_check_service_port(ts->ctx, ttl, dom, (uint16_t)PORT,
+ PROTO);
+ assert_int_equal(ret, EEXIST);
+}
+
+#if 0
+static void test_sss_ncache_reset_permanent(void **state)
+{
+ int ret;
+ struct test_state *ts;
+
+ ts = talloc_get_type_abort(*state, struct test_state);
+ ret = sss_ncache_reset_permanent(ts->ctx);
+ assert_int_equal(ret, EOK);
+}
+#endif
+
+static void test_sss_ncache_prepopulate(void **state)
+{
+ int ret;
+ struct test_state *ts;
+ struct tevent_context *ev;
+ struct sss_nc_ctx *ncache;
+ struct sss_test_ctx *tc;
+ struct sss_domain_info *dom;
+
+ struct sss_test_conf_param params[] = {
+ { "filter_users", "testuser1" },
+ { "filter_groups", "testgroup1" },
+ { NULL, NULL },
+ };
+
+ ts = talloc_get_type_abort(*state, struct test_state);
+
+ ev = tevent_context_init(ts);
+ assert_non_null(ev);
+
+ dom = talloc(ts, struct sss_domain_info);
+ assert_non_null(dom);
+ dom->name = discard_const(NAME);
+
+ ts->nctx = mock_nctx(ts);
+ assert_non_null(ts->nctx);
+
+ tc = create_dom_test_ctx(ts, TESTS_PATH, TEST_CONF_DB,
+ TEST_SYSDB_FILE, TEST_DOM_NAME,
+ TEST_ID_PROVIDER, params);
+ assert_non_null(tc);
+
+ ncache = ts->ctx;
+ ts->rctx = mock_rctx(ts, ev, dom, ts->nctx);
+ assert_non_null(ts->rctx);
+
+ ret = sss_names_init(ts, tc->confdb, TEST_DOM_NAME, &dom->names);
+ assert_int_equal(ret, EOK);
+
+ ret = sss_ncache_prepopulate(ncache, tc->confdb, ts->rctx);
+ assert_int_equal(ret, EOK);
+
+ sleep(SHORTSPAN);
+
+ ret = sss_ncache_check_user(ncache, 1, dom, "testuser1");
+ assert_int_equal(ret, EEXIST);
+
+ ret = sss_ncache_check_group(ncache, 1, dom, "testgroup1");
+ assert_int_equal(ret, EEXIST);
The test(s) don't pass because they cannot pass.
You used function create_dom_test_ctx and param with filter_groups and
filter_users and result of this is configuration:
[domain/nss_test]
filter_users = testuser1
filter_groups = testgroup1
But negative cache reads configuration options from [nss] section.
[nss]
filter_users = testuser1
filter_groups = testgroup1
You will need to write new auxiliary function create_service_test_ctx.
It should not be very difficult, because it will be very similar to
create_dom_test_ctx. SSSD internally uses ldb to read configutration options.
I will try to explain what shoul you change.
struct sss_test_conf_param params[] = {
{ "filter_users", "testuser1" },
{ "filter_groups", "testgroup1" },
{ NULL, NULL },
};
<snip>
tc = create_dom_test_ctx(ts, TESTS_PATH, TEST_CONF_DB,
TEST_SYSDB_FILE, TEST_DOM_NAME,
TEST_ID_PROVIDER, params);
Previous code snippet will generate:
sh-4.2$ ldbsearch -H ./test_nss_conf.ldb
# record 1
dn: cn=sssd,cn=config
cn: sssd
domains: nss_test
distinguishedName: cn=sssd,cn=config
# record 2
dn: cn=nss_test,cn=domain,cn=config
cn: nss_test
id_provider: ldap
filter_users: testuser1
filter_groups: testgroup1
distinguishedName: cn=nss_test,cn=domain,cn=config
And the proposed function create_service_test_ctx should generate file:
struct sss_test_conf_param params[] = {
{ "filter_users", "testuser1" },
{ "filter_groups", "testgroup1" },
{ NULL, NULL },
};
<snip>
tc = create_service_test_ctx(ts, TESTS_PATH, TEST_CONF_DB,
TEST_SYSDB_FILE, TEST_DOM_NAME,
TEST_ID_PROVIDER, params);
sh-4.2$ ldbsearch -H ./test_nss_conf.ldb
# record 1
dn: cn=sssd,cn=config
cn: sssd
services: nss
distinguishedName: cn=sssd,cn=config
# record 2
dn: cn=nss,cn=config
cn: nss
filter_groups: testgroup1
filter_users: testuser1
distinguishedName: cn=nss,cn=config
Command line utility ldbsearch is part of package ldb-tools (in Fedora)
LS