Hi,
the following two patches are the first step to fix
https://fedorahosted.org/freeipa/ticket/2881. Unit tests with time
measurements are added and the performance of the get_group_sids()
function is improved by an order of magnitude.
The caching of the LDAP results is still missing. I will finish this
after my PTO. But I haven't started to work on this. So if you think it
should be fixed earlier feel free to take the ticket.
bye,
Sumit
From a70dd5049943ae88aba46ef3e95b06a944efcf60 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Fri, 6 Jul 2012 12:24:01 +0200
Subject: [PATCH] Add unit tests for ipa-kdb
To improve the performance of some functions used for group filtering we
need a way to see if changes really help or not. This patch adds unit
tests for some of these functions and measures the execution time.
---
daemons/ipa-kdb/Makefile.am | 29 +++
daemons/ipa-kdb/ipa_kdb_mspac.c | 12 +-
daemons/ipa-kdb/ipa_kdb_tests.c | 548 +++
util/ipa_pwd.c |2 +
4 Dateien geändert, 587 Zeilen hinzugefügt(+), 4 Zeilen entfernt(-)
create mode 100644 daemons/ipa-kdb/ipa_kdb_tests.c
diff --git a/daemons/ipa-kdb/Makefile.am b/daemons/ipa-kdb/Makefile.am
index
17c090418ec5a0e2a39d948dc385d509c5d05321..34b7d93c4912f988130ae7dd143e054574605071
100644
--- a/daemons/ipa-kdb/Makefile.am
+++ b/daemons/ipa-kdb/Makefile.am
@@ -50,6 +50,35 @@ ipadb_la_LIBADD =\
$(NDRPAC_LIBS) \
$(NULL)
+if HAVE_CHECK
+TESTS = ipa_kdb_tests
+check_PROGRAMS = ipa_kdb_tests
+endif
+
+ipa_kdb_tests_SOURCES =\
+ ipa_kdb_tests.c \
+ ipa_kdb.c \
+ ipa_kdb_common.c\
+ ipa_kdb_mkey.c \
+ ipa_kdb_passwords.c \
+ ipa_kdb_principals.c\
+ ipa_kdb_pwdpolicy.c \
+ ipa_kdb_mspac.c \
+ ipa_kdb_delegation.c\
+ ipa_kdb_audit_as.c \
+ $(KRB5_UTIL_SRCS) \
+ $(NULL)
+ipa_kdb_tests_CFLAGS = $(CHECK_CFLAGS)
+ipa_kdb_tests_LDADD = \
+ $(CHECK_LIBS) \
+ $(KRB5_LIBS)\
+ $(LDAP_LIBS)\
+ $(NDRPAC_LIBS) \
+ -lnss3 \
+ -lkdb5 \
+ -lsss_idmap \
+ $(NULL)
+
dist_noinst_DATA = ipa_kdb.exports
EXTRA_DIST = \
diff --git a/daemons/ipa-kdb/ipa_kdb_mspac.c b/daemons/ipa-kdb/ipa_kdb_mspac.c
index
1c7487c3c8f75d02466a2e0746fbef5d36e3d995..ef9aa96943a7e93c21c665e3292a9843fdd8e03d
100644
--- a/daemons/ipa-kdb/ipa_kdb_mspac.c
+++ b/daemons/ipa-kdb/ipa_kdb_mspac.c
@@ -643,9 +643,9 @@ static char *gen_sid_string(TALLOC_CTX *memctx, struct
dom_sid *dom_sid,
return str;
}
-static int get_group_sids(TALLOC_CTX *memctx,
- struct PAC_LOGON_INFO_CTR *logon_info,
- char ***_group_sids)
+int get_group_sids(TALLOC_CTX *memctx,
+ struct PAC_LOGON_INFO_CTR *logon_info,
+ char ***_group_sids)
{
int ret;
size_t c;
@@ -653,6 +653,10 @@ static int get_group_sids(TALLOC_CTX *memctx,
struct dom_sid *domain_sid = NULL;
char **group_sids = NULL;
+if (logon_info == NULL || logon_info-info == NULL) {
+return EINVAL;
+}
+
domain_sid = dom_sid_dup(memctx, logon_info-info-info3.base.domain_sid);
if (domain_sid == NULL) {
krb5_klog_syslog(LOG_ERR, dom_sid_dup failed);
@@ -714,7 +718,7 @@ done:
return ret;
}
-static int add_groups(TALLOC_CTX *memctx,
+int add_groups(TALLOC_CTX *memctx,
struct PAC_LOGON_INFO_CTR *logon_info,
size_t ipa_group_sids_count,
struct dom_sid2 *ipa_group_sids)
diff --git a/daemons/ipa-kdb/ipa_kdb_tests.c b/daemons/ipa-kdb/ipa_kdb_tests.c
new file mode 100644
index
..d3f6c2f38176e2fe3eb081b050c974f351f221ac
--- /dev/null
+++ b/daemons/ipa-kdb/ipa_kdb_tests.c
@@ -0,0 +1,548 @@
+/** BEGIN COPYRIGHT BLOCK
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see http://www.gnu.org/licenses/.
+ *
+ * Additional permission under GPLv3 section 7:
+ *
+ * In the following paragraph, GPL means the GNU General Public
+ * License, version 3 or any later version, and Non-GPL Code means
+ * code that is governed neither by the GPL nor