URL: https://github.com/SSSD/sssd/pull/130 Author: lslebodn Title: #130: Fix for 3284 Action: opened
PR body: """ """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/130/head:pr130 git checkout pr130
From a39fb5e80a467df0653c7c6b7ffa475446b06ceb Mon Sep 17 00:00:00 2001 From: Lukas Slebodnik <lsleb...@redhat.com> Date: Sat, 21 Jan 2017 19:07:45 +0100 Subject: [PATCH 1/4] SYSDB: Update filter for get object by id Resolves: https://fedorahosted.org/sssd/ticket/3283 --- src/db/sysdb.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/db/sysdb.h b/src/db/sysdb.h index 407a197..03cb456 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -204,7 +204,7 @@ #define SYSDB_SID_FILTER "(&(|("SYSDB_UC")("SYSDB_GC"))("SYSDB_SID_STR"=%s))" #define SYSDB_UUID_FILTER "(&(|("SYSDB_UC")("SYSDB_GC"))("SYSDB_UUID"=%s))" #define SYSDB_NAME_FILTER "(&(|("SYSDB_UC")("SYSDB_GC"))("SYSDB_NAME"=%s))" -#define SYSDB_ID_FILTER "(&(|("SYSDB_UC")("SYSDB_GC"))(|("SYSDB_UIDNUM"=%u)("SYSDB_GIDNUM"=%u)))" +#define SYSDB_ID_FILTER "(|(&("SYSDB_UC")("SYSDB_UIDNUM"=%u))(&("SYSDB_GC")("SYSDB_GIDNUM"=%u)))" #define SYSDB_USER_CERT_FILTER "(&("SYSDB_UC")%s)" #define SYSDB_HAS_ENUMERATED "has_enumerated" From 9bb8ba09a491e7c4a2ff50eced95babf1a435a05 Mon Sep 17 00:00:00 2001 From: Lukas Slebodnik <lsleb...@redhat.com> Date: Mon, 23 Jan 2017 08:05:26 +0100 Subject: [PATCH 2/4] sysdb-tests: Add test for sysdb_search_object_by_id --- src/tests/sysdb-tests.c | 124 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 124 insertions(+) diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c index d145001..efb6099 100644 --- a/src/tests/sysdb-tests.c +++ b/src/tests/sysdb-tests.c @@ -5331,6 +5331,127 @@ START_TEST(test_sysdb_search_sid_str) } END_TEST +START_TEST(test_sysdb_search_object_by_id) +{ + errno_t ret; + struct sysdb_test_ctx *test_ctx; + struct ldb_result *res; + struct test_data *data; + const uint32_t id = 23456; + uint32_t returned_id; + + /* Setup */ + ret = setup_sysdb_tests(&test_ctx); + fail_if(ret != EOK, "Could not set up the test"); + + /* test for missing entry */ + ret = sysdb_search_object_by_id(test_ctx, test_ctx->domain, 111, NULL, + &res); + fail_unless(ret == ENOENT, "sysdb_search_object_by_name failed with " + "[%d][%s].", ret, strerror(ret)); + + /* test user search */ + data = test_data_new_user(test_ctx, id); + fail_if(data == NULL); + + ret = test_add_user(data); + fail_unless(ret == EOK, "sysdb_add_user failed with [%d][%s].", + ret, strerror(ret)); + + ret = sysdb_search_object_by_id(test_ctx, test_ctx->domain, id, NULL, + &res); + fail_unless(ret == EOK, + "sysdb_search_object_by_id failed with [%d][%s].", + ret, strerror(ret)); + fail_unless(res->count == 1, "Unexpected number of results, " + "expected [%u], get [%u].", 1, res->count); + + returned_id = ldb_msg_find_attr_as_uint(res->msgs[0], SYSDB_UIDNUM, 0); + fail_unless(id == returned_id, + "Unexpected object found, expected UID [%"PRIu32"], " + "got [%"PRIu32"].", id, returned_id); + talloc_free(res); + + ret = test_remove_user(data); + fail_unless(ret == EOK, + "test_remove_user failed with [%d][%s].", ret, strerror(ret)); + + /* test group search */ + data = test_data_new_group(test_ctx, id); + fail_if(data == NULL); + + ret = test_add_group(data); + fail_unless(ret == EOK, "sysdb_add_group failed with [%d][%s].", + ret, strerror(ret)); + + ret = sysdb_search_object_by_id(test_ctx, test_ctx->domain, id, NULL, + &res); + fail_unless(ret == EOK, + "sysdb_search_object_by_id failed with [%d][%s].", + ret, strerror(ret)); + fail_unless(res->count == 1, "Unexpected number of results, " + "expected [%u], get [%u].", 1, res->count); + + returned_id = ldb_msg_find_attr_as_uint(res->msgs[0], SYSDB_GIDNUM, 0); + fail_unless(id == returned_id, + "Unexpected object found, expected GID [%"PRIu32"], " + "got [%"PRIu32"].", id, returned_id); + talloc_free(res); + + ret = test_remove_group(data); + fail_unless(ret == EOK, + "test_remove_group failed with [%d][%s].", ret, strerror(ret)); + + /* test for bad search filter bug #3283 */ + data = test_data_new_group(test_ctx, id); + fail_if(data == NULL); + + ret = test_add_group(data); + fail_unless(ret == EOK, "sysdb_add_group failed with [%d][%s].", + ret, strerror(ret)); + + test_ctx->domain->mpg = false; + ret = sysdb_add_user(test_ctx->domain, "user1", 4001, id, + "User 1", "/home/user1", "/bin/bash", + NULL, NULL, 0, 0); + fail_unless(ret == EOK, "sysdb_add_user failed with [%d][%s].", + ret, strerror(ret)); + + ret = sysdb_add_user(test_ctx->domain, "user2", 4002, id, + "User 2", "/home/user2", "/bin/bash", + NULL, NULL, 0, 0); + fail_unless(ret == EOK, "sysdb_add_user failed with [%d][%s].", + ret, strerror(ret)); + + ret = sysdb_search_object_by_id(test_ctx, test_ctx->domain, id, NULL, + &res); + fail_unless(ret == EOK, + "sysdb_search_object_by_id failed with [%d][%s].", + ret, strerror(ret)); + fail_unless(res->count == 1, "Unexpected number of results, " + "expected [%u], get [%u].", 1, res->count); + + returned_id = ldb_msg_find_attr_as_uint(res->msgs[0], SYSDB_GIDNUM, 0); + fail_unless(id == returned_id, + "Unexpected object found, expected GID [%"PRIu32"], " + "got [%"PRIu32"].", id, returned_id); + talloc_free(res); + + data->uid = 4001; + ret = test_remove_user_by_uid(data); + fail_unless(ret == EOK); + + data->uid = 4002; + ret = test_remove_user_by_uid(data); + fail_unless(ret == EOK); + + ret = test_remove_group(data); + fail_unless(ret == EOK); + + talloc_free(test_ctx); +} +END_TEST + START_TEST(test_sysdb_search_object_by_uuid) { errno_t ret; @@ -6669,6 +6790,9 @@ Suite *create_sysdb_suite(void) /* Test SID string searches */ tcase_add_test(tc_sysdb, test_sysdb_search_sid_str); + /* Test object by ID searches */ + tcase_add_test(tc_sysdb, test_sysdb_search_object_by_id); + /* Test UUID string searches */ tcase_add_test(tc_sysdb, test_sysdb_search_object_by_uuid); From b2e90738e5e6ddd602a41247a43f6ffb779c0df4 Mon Sep 17 00:00:00 2001 From: Lukas Slebodnik <lsleb...@redhat.com> Date: Sat, 21 Jan 2017 21:03:54 +0100 Subject: [PATCH 3/4] sysdb: Search also aliases in sysdb_search_object_by_name sysdb_search_object_by_name did not work well case insensitive domain. Resolves: https://fedorahosted.org/sssd/ticket/3284 --- src/db/sysdb.h | 2 +- src/db/sysdb_ops.c | 31 +++++++++++++++++++++++++++++-- 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/src/db/sysdb.h b/src/db/sysdb.h index 03cb456..8a363d0 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -203,7 +203,7 @@ #define SYSDB_SID_FILTER "(&(|("SYSDB_UC")("SYSDB_GC"))("SYSDB_SID_STR"=%s))" #define SYSDB_UUID_FILTER "(&(|("SYSDB_UC")("SYSDB_GC"))("SYSDB_UUID"=%s))" -#define SYSDB_NAME_FILTER "(&(|("SYSDB_UC")("SYSDB_GC"))("SYSDB_NAME"=%s))" +#define SYSDB_NAME_FILTER "(&(|("SYSDB_UC")("SYSDB_GC"))(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))" #define SYSDB_ID_FILTER "(|(&("SYSDB_UC")("SYSDB_UIDNUM"=%u))(&("SYSDB_GC")("SYSDB_GIDNUM"=%u)))" #define SYSDB_USER_CERT_FILTER "(&("SYSDB_UC")%s)" diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index cfa1586..77e4c1a 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -4590,8 +4590,35 @@ errno_t sysdb_search_object_by_name(TALLOC_CTX *mem_ctx, const char **attrs, struct ldb_result **res) { - return sysdb_search_object_by_str_attr(mem_ctx, domain, SYSDB_NAME_FILTER, - name, attrs, res); + TALLOC_CTX *tmp_ctx; + char *filter; + char *sanitized_name; + char *sanitized_alias_name; + errno_t ret; + + tmp_ctx = talloc_new(NULL); + if (!tmp_ctx) { + return ENOMEM; + } + + ret = sss_filter_sanitize_for_dom(tmp_ctx, name, domain, &sanitized_name, + &sanitized_alias_name); + if (ret != EOK) { + goto done; + } + + filter = talloc_asprintf(tmp_ctx, SYSDB_NAME_FILTER, sanitized_alias_name, + sanitized_name); + if (filter == NULL) { + ret = ENOMEM; + goto done; + } + + ret = sysdb_search_object_attr(mem_ctx, domain, filter, attrs, res); + +done: + talloc_free(tmp_ctx); + return ret; } errno_t sysdb_search_object_by_sid(TALLOC_CTX *mem_ctx, From 7dafb2cc700b73a12618c86ffe45b7b7e48e4e08 Mon Sep 17 00:00:00 2001 From: Lukas Slebodnik <lsleb...@redhat.com> Date: Mon, 23 Jan 2017 07:36:14 +0100 Subject: [PATCH 4/4] sysdb-tests: Add test for sysdb_search_object_by_name --- src/tests/sysdb-tests.c | 116 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 116 insertions(+) diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c index efb6099..e011c4b 100644 --- a/src/tests/sysdb-tests.c +++ b/src/tests/sysdb-tests.c @@ -5499,6 +5499,119 @@ START_TEST(test_sysdb_search_object_by_uuid) } END_TEST +START_TEST(test_sysdb_search_object_by_name) +{ + errno_t ret; + struct sysdb_test_ctx *test_ctx; + struct ldb_result *res; + struct test_data *data; + const char *user_name = "John Doe"; + const char *group_name = "Domain Users"; + const char *lc_group_name = "domain users"; + const char *returned_name; + + /* Setup */ + ret = setup_sysdb_tests(&test_ctx); + fail_if(ret != EOK, "Could not set up the test"); + + /* test for missing entry */ + ret = sysdb_search_object_by_name(test_ctx, test_ctx->domain, + "nonexisting_name", NULL, &res); + fail_unless(ret == ENOENT, "sysdb_search_object_by_name failed with " + "[%d][%s].", ret, strerror(ret)); + + /* test user search */ + data = test_data_new_user(test_ctx, 23456); + fail_if(data == NULL); + + data->username = user_name; + + ret = test_add_user(data); + fail_unless(ret == EOK, "sysdb_add_user failed with [%d][%s].", + ret, strerror(ret)); + + ret = sysdb_search_object_by_name(test_ctx, test_ctx->domain, + user_name, NULL, &res); + fail_unless(ret == EOK, + "sysdb_search_object_by_name failed with [%d][%s].", + ret, strerror(ret)); + fail_unless(res->count == 1, "Unexpected number of results, " + "expected [%u], get [%u].", 1, res->count); + + returned_name = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_NAME, ""), + fail_unless(strcmp(returned_name, data->username) == 0, + "Unexpected object found, expected [%s], got [%s].", + user_name, returned_name); + talloc_free(res); + + ret = test_remove_user(data); + fail_unless(ret == EOK, + "test_remove_user failed with [%d][%s].", ret, strerror(ret)); + + /* test group search */ + data = test_data_new_group(test_ctx, 23456); + fail_if(data == NULL); + + data->groupname = group_name; + + ret = test_add_group(data); + fail_unless(ret == EOK, "sysdb_add_group failed with [%d][%s].", + ret, strerror(ret)); + + ret = sysdb_search_object_by_name(test_ctx, test_ctx->domain, + group_name, NULL, &res); + fail_unless(ret == EOK, + "sysdb_search_object_by_name failed with [%d][%s].", + ret, strerror(ret)); + fail_unless(res->count == 1, "Unexpected number of results, " + "expected [%u], get [%u].", 1, res->count); + + returned_name = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_NAME, ""), + fail_unless(strcmp(returned_name, data->groupname) == 0, + "Unexpected object found, expected [%s], got [%s].", + group_name, returned_name); + talloc_free(res); + + ret = test_remove_group(data); + fail_unless(ret == EOK, + "test_remove_group failed with [%d][%s].", ret, strerror(ret)); + + /* test case insensitive search */ + data = test_data_new_group(test_ctx, 23456); + fail_if(data == NULL); + + data->groupname = group_name; + test_ctx->domain->case_sensitive = false; + + data->attrs = sysdb_new_attrs(test_ctx); + fail_if(data->attrs == NULL); + + ret = sysdb_attrs_add_lc_name_alias(data->attrs, group_name); + fail_unless(ret == EOK); + + ret = test_add_group(data); + fail_unless(ret == EOK, "sysdb_add_group failed with [%d][%s].", + ret, strerror(ret)); + + ret = sysdb_search_object_by_name(test_ctx, test_ctx->domain, + lc_group_name, NULL, &res); + fail_unless(ret == EOK, + "sysdb_search_object_by_name failed with [%d][%s].", + ret, strerror(ret)); + fail_unless(res->count == 1, "Unexpected number of results, " + "expected [%u], get [%u].", 1, res->count); + + returned_name = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_NAME, ""), + fail_unless(strcmp(returned_name, data->groupname) == 0, + "Unexpected object found, expected [%s], got [%s].", + group_name, returned_name); + + talloc_free(res); + + talloc_free(test_ctx); +} +END_TEST + /* For simple searches the content of the certificate does not matter */ #define TEST_USER_CERT_DERB64 "gJznJT7L0aETU5CMk+n+1Q==" START_TEST(test_sysdb_search_user_by_cert) @@ -6796,6 +6909,9 @@ Suite *create_sysdb_suite(void) /* Test UUID string searches */ tcase_add_test(tc_sysdb, test_sysdb_search_object_by_uuid); + /* Test object by name */ + tcase_add_test(tc_sysdb, test_sysdb_search_object_by_name); + /* Test user by certificate searches */ tcase_add_test(tc_sysdb, test_sysdb_search_user_by_cert);
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org