File 0021-nss-imap-add-sss_nss_getsidbyuid-and-sss_nss_getsidb.patch of Package sssd.22444
From 271a1fbc6f335e00ad18b7ab0e349ebf65f8f029 Mon Sep 17 00:00:00 2001
From: Richard Sharpe <realrichardsharpe@gmail.com>
Date: Fri, 25 May 2018 18:43:25 +0200
Subject: [PATCH 3/8] nss-imap: add sss_nss_getsidbyuid() and
sss_nss_getsidbygid()
Two new calls are added to allow the caller to specify if the given
POSIX ID is a UID or a GID and the expected result is a user or a group
respectively. This is needed because on POSIX a user and a group may
share numerically the same ID value but might have different SIDs
assigned.
Related to https://pagure.io/SSSD/sssd/issue/3629
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 8550c06fd960f2b68d7aa67f403510415cd8fdda)
---
Makefile.am | 2 +-
src/responder/nss/nss_cmd.c | 18 ++
src/sss_client/idmap/sss_nss_idmap.c | 58 ++++
src/sss_client/idmap/sss_nss_idmap.exports | 9 +
src/sss_client/idmap/sss_nss_idmap.h | 56 ++++
src/sss_client/sss_cli.h | 8 +
src/tests/cmocka/test_nss_srv.c | 305 +++++++++++++++++++--
7 files changed, 439 insertions(+), 17 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 25e996d2d..8c64ed845 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1179,7 +1179,7 @@ libsss_nss_idmap_la_LIBADD = \
$(NULL)
libsss_nss_idmap_la_LDFLAGS = \
-Wl,--version-script,$(srcdir)/src/sss_client/idmap/sss_nss_idmap.exports \
- -version-info 4:0:4
+ -version-info 5:0:5
dist_noinst_DATA += src/sss_client/idmap/sss_nss_idmap.exports
diff --git a/src/responder/nss/nss_cmd.c b/src/responder/nss/nss_cmd.c
index 7b2fc9d83..25e663ed5 100644
--- a/src/responder/nss/nss_cmd.c
+++ b/src/responder/nss/nss_cmd.c
@@ -1134,6 +1134,22 @@ static errno_t nss_cmd_getsidbyid(struct cli_ctx *cli_ctx)
SSS_MC_NONE, nss_protocol_fill_sid);
}
+static errno_t nss_cmd_getsidbyuid(struct cli_ctx *cli_ctx)
+{
+ const char *attrs[] = { SYSDB_SID_STR, NULL };
+
+ return nss_getby_id(cli_ctx, false, CACHE_REQ_USER_BY_ID, attrs,
+ SSS_MC_NONE, nss_protocol_fill_sid);
+}
+
+static errno_t nss_cmd_getsidbygid(struct cli_ctx *cli_ctx)
+{
+ const char *attrs[] = { SYSDB_SID_STR, NULL };
+
+ return nss_getby_id(cli_ctx, false, CACHE_REQ_GROUP_BY_ID, attrs,
+ SSS_MC_NONE, nss_protocol_fill_sid);
+}
+
static errno_t nss_cmd_getnamebysid(struct cli_ctx *cli_ctx)
{
return nss_getby_sid(cli_ctx, CACHE_REQ_OBJECT_BY_SID,
@@ -1225,6 +1241,8 @@ struct sss_cmd_table *get_nss_cmds(void)
{ SSS_NSS_ENDSERVENT, nss_cmd_endservent },
{ SSS_NSS_GETSIDBYNAME, nss_cmd_getsidbyname },
{ SSS_NSS_GETSIDBYID, nss_cmd_getsidbyid },
+ { SSS_NSS_GETSIDBYUID, nss_cmd_getsidbyuid },
+ { SSS_NSS_GETSIDBYGID, nss_cmd_getsidbygid },
{ SSS_NSS_GETNAMEBYSID, nss_cmd_getnamebysid },
{ SSS_NSS_GETIDBYSID, nss_cmd_getidbysid },
{ SSS_NSS_GETORIGBYNAME, nss_cmd_getorigbyname },
diff --git a/src/sss_client/idmap/sss_nss_idmap.c b/src/sss_client/idmap/sss_nss_idmap.c
index cbf8c11f2..323392f3f 100644
--- a/src/sss_client/idmap/sss_nss_idmap.c
+++ b/src/sss_client/idmap/sss_nss_idmap.c
@@ -246,6 +246,8 @@ static int sss_nss_getyyybyxxx(union input inp, enum sss_cli_command cmd,
break;
case SSS_NSS_GETSIDBYID:
+ case SSS_NSS_GETSIDBYUID:
+ case SSS_NSS_GETSIDBYGID:
rd.len = sizeof(uint32_t);
rd.data = &inp.id;
@@ -292,6 +294,8 @@ static int sss_nss_getyyybyxxx(union input inp, enum sss_cli_command cmd,
switch(cmd) {
case SSS_NSS_GETSIDBYID:
+ case SSS_NSS_GETSIDBYUID:
+ case SSS_NSS_GETSIDBYGID:
case SSS_NSS_GETSIDBYNAME:
case SSS_NSS_GETNAMEBYSID:
case SSS_NSS_GETNAMEBYCERT:
@@ -414,6 +418,60 @@ int sss_nss_getsidbyid(uint32_t id, char **sid, enum sss_id_type *type)
return sss_nss_getsidbyid_timeout(id, NO_TIMEOUT, sid, type);
}
+int sss_nss_getsidbyuid_timeout(uint32_t uid, unsigned int timeout,
+ char **sid, enum sss_id_type *type)
+{
+ int ret;
+ union input inp;
+ struct output out;
+
+ if (sid == NULL) {
+ return EINVAL;
+ }
+
+ inp.id = uid;
+
+ ret = sss_nss_getyyybyxxx(inp, SSS_NSS_GETSIDBYUID, timeout, &out);
+ if (ret == EOK) {
+ *sid = out.d.str;
+ *type = out.type;
+ }
+
+ return ret;
+}
+
+int sss_nss_getsidbyuid(uint32_t uid, char **sid, enum sss_id_type *type)
+{
+ return sss_nss_getsidbyuid_timeout(uid, NO_TIMEOUT, sid, type);
+}
+
+int sss_nss_getsidbygid_timeout(uint32_t gid, unsigned int timeout,
+ char **sid, enum sss_id_type *type)
+{
+ int ret;
+ union input inp;
+ struct output out;
+
+ if (sid == NULL) {
+ return EINVAL;
+ }
+
+ inp.id = gid;
+
+ ret = sss_nss_getyyybyxxx(inp, SSS_NSS_GETSIDBYGID, timeout, &out);
+ if (ret == EOK) {
+ *sid = out.d.str;
+ *type = out.type;
+ }
+
+ return ret;
+}
+
+int sss_nss_getsidbygid(uint32_t gid, char **sid, enum sss_id_type *type)
+{
+ return sss_nss_getsidbygid_timeout(gid, NO_TIMEOUT, sid, type);
+}
+
int sss_nss_getnamebysid_timeout(const char *sid, unsigned int timeout,
char **fq_name, enum sss_id_type *type)
{
diff --git a/src/sss_client/idmap/sss_nss_idmap.exports b/src/sss_client/idmap/sss_nss_idmap.exports
index 8d0a24f42..d1b61f59f 100644
--- a/src/sss_client/idmap/sss_nss_idmap.exports
+++ b/src/sss_client/idmap/sss_nss_idmap.exports
@@ -48,3 +48,12 @@ SSS_NSS_IDMAP_0.4.0 {
sss_nss_getnamebycert_timeout;
sss_nss_getlistbycert_timeout;
} SSS_NSS_IDMAP_0.3.0;
+
+SSS_NSS_IDMAP_0.5.0 {
+ # public functions
+ global:
+ sss_nss_getsidbyuid;
+ sss_nss_getsidbyuid_timeout;
+ sss_nss_getsidbygid;
+ sss_nss_getsidbygid_timeout;
+} SSS_NSS_IDMAP_0.4.0;
diff --git a/src/sss_client/idmap/sss_nss_idmap.h b/src/sss_client/idmap/sss_nss_idmap.h
index 125e72a64..46e2425bc 100644
--- a/src/sss_client/idmap/sss_nss_idmap.h
+++ b/src/sss_client/idmap/sss_nss_idmap.h
@@ -78,6 +78,32 @@ int sss_nss_getsidbyname(const char *fq_name, char **sid,
*/
int sss_nss_getsidbyid(uint32_t id, char **sid, enum sss_id_type *type);
+/**
+ * @brief Find SID by a POSIX UID
+ *
+ * @param[in] uid POSIX UID
+ * @param[out] sid String representation of the SID of the requested user,
+ * must be freed by the caller
+ * @param[out] type Type of the object related to the given ID
+ *
+ * @return
+ * - see #sss_nss_getsidbyname
+ */
+int sss_nss_getsidbyuid(uint32_t uid, char **sid, enum sss_id_type *type);
+
+/**
+ * @brief Find SID by a POSIX GID
+ *
+ * @param[in] gid POSIX GID
+ * @param[out] sid String representation of the SID of the requested group,
+ * must be freed by the caller
+ * @param[out] type Type of the object related to the given ID
+ *
+ * @return
+ * - see #sss_nss_getsidbyname
+ */
+int sss_nss_getsidbygid(uint32_t id, char **sid, enum sss_id_type *type);
+
/**
* @brief Return the fully qualified name for the given SID
*
@@ -340,6 +366,36 @@ int sss_nss_getsidbyname_timeout(const char *fq_name, unsigned int timeout,
*/
int sss_nss_getsidbyid_timeout(uint32_t id, unsigned int timeout,
char **sid, enum sss_id_type *type);
+/**
+ * @brief Find SID by a POSIX UID with timeout
+ *
+ * @param[in] uid POSIX UID
+ * @param[in] timeout timeout in milliseconds
+ * @param[out] sid String representation of the SID of the requested user,
+ * must be freed by the caller
+ * @param[out] type Type of the object related to the given ID
+ *
+ * @return
+ * - see #sss_nss_getsidbyname_timeout
+ */
+int sss_nss_getsidbyuid_timeout(uint32_t uid, unsigned int timeout,
+ char **sid, enum sss_id_type *type);
+
+/**
+ * @brief Find SID by a POSIX GID with timeout
+ *
+ * @param[in] gid POSIX GID
+ * @param[in] timeout timeout in milliseconds
+ * @param[out] sid String representation of the SID of the requested group,
+ * must be freed by the caller
+ * @param[out] type Type of the object related to the given ID
+ *
+ * @return
+ * - see #sss_nss_getsidbyname_timeout
+ */
+int sss_nss_getsidbygid_timeout(uint32_t gid, unsigned int timeout,
+ char **sid, enum sss_id_type *type);
+
/**
* @brief Return the fully qualified name for the given SID with timeout
diff --git a/src/sss_client/sss_cli.h b/src/sss_client/sss_cli.h
index 34eee58d7..24d28ed4b 100644
--- a/src/sss_client/sss_cli.h
+++ b/src/sss_client/sss_cli.h
@@ -272,6 +272,14 @@ SSS_NSS_GETLISTBYCERT = 0x0117, /**< Takes the zero terminated string
of a X509 certificate and returns a list
of zero terminated fully qualified names
of the related objects. */
+SSS_NSS_GETSIDBYUID = 0x0118, /**< Takes an unsigned 32bit integer (POSIX UID)
+ and reurn the zero terminated string
+ representation of the SID of the object
+ with the given UID. */
+SSS_NSS_GETSIDBYGID = 0x0119, /**< Takes an unsigned 32bit integer (POSIX GID)
+ and reurn the zero terminated string
+ representation of the SID of the object
+ with the given UID. */
};
/**
diff --git a/src/tests/cmocka/test_nss_srv.c b/src/tests/cmocka/test_nss_srv.c
index 930495d25..1f7de7bd9 100644
--- a/src/tests/cmocka/test_nss_srv.c
+++ b/src/tests/cmocka/test_nss_srv.c
@@ -544,6 +544,7 @@ static void assert_users_equal(struct passwd *a, struct passwd *b)
static errno_t store_group(struct nss_test_ctx *ctx,
struct sss_domain_info *dom,
struct group *group,
+ struct sysdb_attrs *attrs,
time_t cache_update)
{
errno_t ret;
@@ -556,10 +557,10 @@ static errno_t store_group(struct nss_test_ctx *ctx,
return ENOMEM;
}
- ret = sysdb_add_group(dom,
- fqname,
- group->gr_gid,
- NULL, 300, 0);
+ ret = sysdb_store_group(dom,
+ fqname,
+ group->gr_gid,
+ attrs, 300, 0);
talloc_free(fqname);
return ret;
}
@@ -1485,7 +1486,7 @@ void test_nss_getgrnam_no_members(void **state)
/* Prime the cache with a valid group */
ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
- &getgrnam_no_members, 0);
+ &getgrnam_no_members, NULL, 0);
assert_int_equal(ret, EOK);
mock_input_user_or_group(getgrnam_no_members.gr_name);
@@ -1563,7 +1564,7 @@ void test_nss_getgrnam_members(void **state)
errno_t ret;
ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
- &testgroup_members, 0);
+ &testgroup_members, NULL, 0);
assert_int_equal(ret, EOK);
ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
@@ -2149,7 +2150,7 @@ void test_nss_getgrnam_space(void **state)
/* Prime the cache with a valid group */
ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
- &space_group, 0);
+ &space_group, NULL, 0);
assert_int_equal(ret, EOK);
mock_input_user_or_group("space group");
@@ -2965,11 +2966,11 @@ void test_nss_initgroups(void **state)
assert_int_equal(ret, EOK);
ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
- &testinitgr_gr1, 0);
+ &testinitgr_gr1, NULL, 0);
assert_int_equal(ret, EOK);
ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
- &testinitgr_gr2, 0);
+ &testinitgr_gr2, NULL, 0);
assert_int_equal(ret, EOK);
ret = store_group_member(nss_test_ctx,
@@ -3099,11 +3100,11 @@ static int test_nss_initgr_search_acct_cb(void *pvt)
assert_int_equal(ret, EOK);
ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
- &testinitgr_srch_gr1, 0);
+ &testinitgr_srch_gr1, NULL, 0);
assert_int_equal(ret, EOK);
ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
- &testinitgr_srch_gr2, 0);
+ &testinitgr_srch_gr2, NULL, 0);
assert_int_equal(ret, EOK);
ret = store_group_member(nss_test_ctx,
@@ -3209,7 +3210,7 @@ static int test_nss_initgr_update_acct_cb(void *pvt)
assert_int_equal(ret, EOK);
ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
- &testinitgr_update_gr2, 0);
+ &testinitgr_update_gr2, NULL, 0);
assert_int_equal(ret, EOK);
ret = store_group_member(nss_test_ctx,
@@ -3249,7 +3250,7 @@ void test_nss_initgr_update(void **state)
assert_int_equal(ret, EOK);
ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
- &testinitgr_update_gr1, 0);
+ &testinitgr_update_gr1, NULL, 0);
assert_int_equal(ret, EOK);
ret = store_group_member(nss_test_ctx,
@@ -3317,7 +3318,7 @@ static int test_nss_initgr_update_acct_2expire_attributes_cb(void *pvt)
assert_int_equal(ret, EOK);
ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
- &testinitgr_2attr_gr2, 0);
+ &testinitgr_2attr_gr2, NULL, 0);
assert_int_equal(ret, EOK);
ret = store_group_member(nss_test_ctx,
@@ -3369,7 +3370,7 @@ void test_nss_initgr_update_two_expire_attributes(void **state)
assert_int_equal(ret, EOK);
ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
- &testinitgr_2attr_gr1, 0);
+ &testinitgr_2attr_gr1, NULL, 0);
assert_int_equal(ret, EOK);
ret = store_group_member(nss_test_ctx,
@@ -3504,7 +3505,7 @@ static int nss_subdom_test_setup_common(void **state, bool nonfqnames)
nss_test_ctx->subdom = nss_test_ctx->tctx->dom->subdomains;
ret = store_group(nss_test_ctx, nss_test_ctx->subdom,
- &testsubdomgroup, 0);
+ &testsubdomgroup, NULL, 0);
assert_int_equal(ret, EOK);
ret = store_user(nss_test_ctx, nss_test_ctx->subdom,
@@ -4163,6 +4164,264 @@ void test_nss_getsidbyname(void **state)
assert_int_equal(ret, EOK);
}
+void test_nss_getsidbyid(void **state)
+{
+ errno_t ret;
+ struct sysdb_attrs *attrs;
+ const char *testuser_sid = "S-1-2-3-4";
+
+ attrs = sysdb_new_attrs(nss_test_ctx);
+ assert_non_null(attrs);
+
+ ret = sysdb_attrs_add_string(attrs, SYSDB_SID_STR, testuser_sid);
+ assert_int_equal(ret, EOK);
+
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &sid_user, attrs, 0);
+ assert_int_equal(ret, EOK);
+
+ mock_input_id(nss_test_ctx, 1234);
+ will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYID);
+ will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL);
+
+ will_return(test_nss_getsidbyname_check, testuser_sid);
+
+ /* Query for that user, call a callback when command finishes */
+ set_cmd_cb(test_nss_getsidbyname_check);
+ ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYID,
+ nss_test_ctx->nss_cmds);
+ assert_int_equal(ret, EOK);
+
+ /* Wait until the test finishes with EOK */
+ ret = test_ev_loop(nss_test_ctx->tctx);
+ assert_int_equal(ret, EOK);
+}
+
+void test_nss_getsidbyuid(void **state)
+{
+ errno_t ret;
+ struct sysdb_attrs *attrs;
+ const char *testuser_sid = "S-1-2-3-4";
+
+ attrs = sysdb_new_attrs(nss_test_ctx);
+ assert_non_null(attrs);
+
+ ret = sysdb_attrs_add_string(attrs, SYSDB_SID_STR, testuser_sid);
+ assert_int_equal(ret, EOK);
+
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &sid_user, attrs, 0);
+ assert_int_equal(ret, EOK);
+
+ mock_input_id(nss_test_ctx, 1234);
+ will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYUID);
+ will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL);
+
+ will_return(test_nss_getsidbyname_check, testuser_sid);
+
+ /* Query for that user, call a callback when command finishes */
+ set_cmd_cb(test_nss_getsidbyname_check);
+ ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYUID,
+ nss_test_ctx->nss_cmds);
+ assert_int_equal(ret, EOK);
+
+ /* Wait until the test finishes with EOK */
+ ret = test_ev_loop(nss_test_ctx->tctx);
+ assert_int_equal(ret, EOK);
+}
+
+void test_nss_getsidbygid_no_group(void **state)
+{
+ errno_t ret;
+ struct sysdb_attrs *attrs;
+ const char *testuser_sid = "S-1-2-3-4";
+
+ attrs = sysdb_new_attrs(nss_test_ctx);
+ assert_non_null(attrs);
+
+ ret = sysdb_attrs_add_string(attrs, SYSDB_SID_STR, testuser_sid);
+ assert_int_equal(ret, EOK);
+
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &sid_user, attrs, 0);
+ assert_int_equal(ret, EOK);
+
+ mock_input_id(nss_test_ctx, 1234);
+ mock_account_recv_simple();
+ set_cmd_cb(NULL);
+
+ /* Query for that user, call a callback when command finishes */
+ ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYGID,
+ nss_test_ctx->nss_cmds);
+ assert_int_equal(ret, EOK);
+
+ /* Wait until the test finishes with ENOENT (because there is no such
+ * group) */
+ ret = test_ev_loop(nss_test_ctx->tctx);
+ assert_int_equal(ret, ENOENT);
+}
+
+struct group sid_group = {
+ .gr_name = discard_const("testgroupsid"),
+ .gr_gid = 5555,
+};
+
+static int test_nss_getsidbyname_group_check(uint32_t status,
+ uint8_t *body,
+ size_t blen)
+{
+ const char *name;
+ enum sss_id_type type;
+ size_t rp = 2 * sizeof(uint32_t);
+ char *expected_result = sss_mock_ptr_type(char *);
+
+ if (expected_result == NULL) {
+ assert_int_equal(status, EINVAL);
+ assert_int_equal(blen, 0);
+ } else {
+ assert_int_equal(status, EOK);
+
+ SAFEALIGN_COPY_UINT32(&type, body+rp, &rp);
+
+ name = (char *) body+rp;
+
+ assert_int_equal(type, SSS_ID_TYPE_GID);
+ assert_string_equal(name, expected_result);
+ }
+
+ return EOK;
+}
+
+void test_nss_getsidbyname_group(void **state)
+{
+ errno_t ret;
+ struct sysdb_attrs *attrs;
+ const char *testgroup_sid = "S-1-2-3-5";
+
+ attrs = sysdb_new_attrs(nss_test_ctx);
+ assert_non_null(attrs);
+
+ ret = sysdb_attrs_add_string(attrs, SYSDB_SID_STR, testgroup_sid);
+ assert_int_equal(ret, EOK);
+
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &sid_group, attrs, 0);
+ assert_int_equal(ret, EOK);
+
+ mock_input_user_or_group("testgroupsid");
+ will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYNAME);
+ will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL);
+
+ will_return(test_nss_getsidbyname_group_check, testgroup_sid);
+
+ /* Query for that group, call a callback when command finishes */
+ set_cmd_cb(test_nss_getsidbyname_group_check);
+ ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYNAME,
+ nss_test_ctx->nss_cmds);
+ assert_int_equal(ret, EOK);
+
+ /* Wait until the test finishes with EOK */
+ ret = test_ev_loop(nss_test_ctx->tctx);
+ assert_int_equal(ret, EOK);
+}
+
+void test_nss_getsidbyid_group(void **state)
+{
+ errno_t ret;
+ struct sysdb_attrs *attrs;
+ const char *testgroup_sid = "S-1-2-3-5";
+
+ attrs = sysdb_new_attrs(nss_test_ctx);
+ assert_non_null(attrs);
+
+ ret = sysdb_attrs_add_string(attrs, SYSDB_SID_STR, testgroup_sid);
+ assert_int_equal(ret, EOK);
+
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &sid_group, attrs, 0);
+ assert_int_equal(ret, EOK);
+
+ mock_input_id(nss_test_ctx, 5555);
+ will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYID);
+ will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL);
+
+ will_return(test_nss_getsidbyname_group_check, testgroup_sid);
+
+ /* Query for that group, call a callback when command finishes */
+ set_cmd_cb(test_nss_getsidbyname_group_check);
+ ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYID,
+ nss_test_ctx->nss_cmds);
+ assert_int_equal(ret, EOK);
+
+ /* Wait until the test finishes with EOK */
+ ret = test_ev_loop(nss_test_ctx->tctx);
+ assert_int_equal(ret, EOK);
+}
+
+void test_nss_getsidbygid_group(void **state)
+{
+ errno_t ret;
+ struct sysdb_attrs *attrs;
+ const char *testgroup_sid = "S-1-2-3-5";
+
+ attrs = sysdb_new_attrs(nss_test_ctx);
+ assert_non_null(attrs);
+
+ ret = sysdb_attrs_add_string(attrs, SYSDB_SID_STR, testgroup_sid);
+ assert_int_equal(ret, EOK);
+
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &sid_group, attrs, 0);
+ assert_int_equal(ret, EOK);
+
+ mock_input_id(nss_test_ctx, 5555);
+ will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETSIDBYGID);
+ will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL);
+
+ will_return(test_nss_getsidbyname_group_check, testgroup_sid);
+
+ /* Query for that user, call a callback when command finishes */
+ set_cmd_cb(test_nss_getsidbyname_group_check);
+ ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYGID,
+ nss_test_ctx->nss_cmds);
+ assert_int_equal(ret, EOK);
+
+ /* Wait until the test finishes with EOK */
+ ret = test_ev_loop(nss_test_ctx->tctx);
+ assert_int_equal(ret, EOK);
+}
+
+void test_nss_getsidbyuid_no_user(void **state)
+{
+ errno_t ret;
+ struct sysdb_attrs *attrs;
+ const char *testgroup_sid = "S-1-2-3-5";
+
+ attrs = sysdb_new_attrs(nss_test_ctx);
+ assert_non_null(attrs);
+
+ ret = sysdb_attrs_add_string(attrs, SYSDB_SID_STR, testgroup_sid);
+ assert_int_equal(ret, EOK);
+
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &sid_group, attrs, 0);
+ assert_int_equal(ret, EOK);
+
+ mock_input_id(nss_test_ctx, 5555);
+ mock_account_recv_simple();
+ set_cmd_cb(NULL);
+
+ /* Query for that user, call a callback when command finishes */
+ ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETSIDBYUID,
+ nss_test_ctx->nss_cmds);
+ assert_int_equal(ret, EOK);
+
+ /* Wait until the test finishes with ENOENT (because there is no such
+ * user) */
+ ret = test_ev_loop(nss_test_ctx->tctx);
+ assert_int_equal(ret, ENOENT);
+}
+
void test_nss_getsidbyupn(void **state)
{
errno_t ret;
@@ -4835,6 +5094,20 @@ int main(int argc, const char *argv[])
nss_subdom_test_teardown),
cmocka_unit_test_setup_teardown(test_nss_getsidbyname,
nss_test_setup, nss_test_teardown),
+ cmocka_unit_test_setup_teardown(test_nss_getsidbyid,
+ nss_test_setup, nss_test_teardown),
+ cmocka_unit_test_setup_teardown(test_nss_getsidbyuid,
+ nss_test_setup, nss_test_teardown),
+ cmocka_unit_test_setup_teardown(test_nss_getsidbygid_no_group,
+ nss_test_setup, nss_test_teardown),
+ cmocka_unit_test_setup_teardown(test_nss_getsidbyname_group,
+ nss_test_setup, nss_test_teardown),
+ cmocka_unit_test_setup_teardown(test_nss_getsidbyid_group,
+ nss_test_setup, nss_test_teardown),
+ cmocka_unit_test_setup_teardown(test_nss_getsidbygid_group,
+ nss_test_setup, nss_test_teardown),
+ cmocka_unit_test_setup_teardown(test_nss_getsidbyuid_no_user,
+ nss_test_setup, nss_test_teardown),
cmocka_unit_test_setup_teardown(test_nss_getsidbyupn,
nss_test_setup, nss_test_teardown),
cmocka_unit_test_setup_teardown(test_nss_getsidbyname_neg,
--
2.23.0