dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone

Blame SOURCES/0028-AD-Add-a-utility-function-to-create-list-of-connecti.patch

2fc102
From 1dced7370e55be16154bbb649606f928765819d0 Mon Sep 17 00:00:00 2001
2fc102
From: Jakub Hrozek <jhrozek@redhat.com>
2fc102
Date: Tue, 3 Dec 2013 20:45:44 +0100
2fc102
Subject: [PATCH 28/31] AD: Add a utility function to create list of
2fc102
 connections
2fc102
2fc102
ad_id.c and ad_access.c used the same block of code. With the upcoming
2fc102
option to disable GC lookups, we should unify the code in a function to
2fc102
avoid breaking one of the code paths.
2fc102
2fc102
The same applies for the LDAP connection to the trusted AD DC.
2fc102
2fc102
Includes a unit test.
2fc102
---
2fc102
 Makefile.am                       |  28 +++++
2fc102
 src/providers/ad/ad_access.c      |  16 +--
2fc102
 src/providers/ad/ad_access.h      |   4 +-
2fc102
 src/providers/ad/ad_common.c      |  52 +++++++++
2fc102
 src/providers/ad/ad_common.h      |   7 ++
2fc102
 src/providers/ad/ad_id.c          |  29 ++---
2fc102
 src/providers/ad/ad_init.c        |   3 +-
2fc102
 src/tests/cmocka/test_ad_common.c | 221 ++++++++++++++++++++++++++++++++++++++
2fc102
 8 files changed, 319 insertions(+), 41 deletions(-)
2fc102
 create mode 100644 src/tests/cmocka/test_ad_common.c
2fc102
2fc102
diff --git a/Makefile.am b/Makefile.am
2fc102
index 583ccdb499306268640bfb894f673c42945e19ff..da407038089f3c010dea139735db9e0e2f000943 100644
2fc102
--- a/Makefile.am
2fc102
+++ b/Makefile.am
2fc102
@@ -152,6 +152,7 @@ if HAVE_CMOCKA
2fc102
         test_sss_idmap \
2fc102
         test_utils \
2fc102
         ad_access_filter_tests \
2fc102
+        ad_common_tests \
2fc102
         test_search_bases
2fc102
 endif
2fc102
 
2fc102
@@ -1398,6 +1399,7 @@ ad_access_filter_tests_SOURCES = \
2fc102
     src/util/sss_krb5.c \
2fc102
     src/util/find_uid.c \
2fc102
     src/util/user_info_msg.c \
2fc102
+    src/providers/ad/ad_common.c \
2fc102
     src/tests/cmocka/test_ad_access_filter.c
2fc102
 ad_access_filter_tests_CFLAGS = \
2fc102
     $(AM_CFLAGS) \
2fc102
@@ -1416,6 +1418,32 @@ ad_access_filter_tests_LDADD = \
2fc102
     libsss_krb5_common.la \
2fc102
     libsss_test_common.la
2fc102
 
2fc102
+ad_common_tests_SOURCES = \
2fc102
+    $(sssd_be_SOURCES) \
2fc102
+    src/util/sss_ldap.c \
2fc102
+    src/util/sss_krb5.c \
2fc102
+    src/util/find_uid.c \
2fc102
+    src/util/user_info_msg.c \
2fc102
+    src/tests/cmocka/test_ad_common.c
2fc102
+ad_common_tests_CFLAGS = \
2fc102
+    $(AM_CFLAGS) \
2fc102
+    $(SYSTEMD_LOGIN_CFLAGS) \
2fc102
+    -DUNIT_TESTING
2fc102
+ad_common_tests_LDFLAGS = \
2fc102
+    -Wl,-wrap,sdap_set_sasl_options
2fc102
+ad_common_tests_LDADD = \
2fc102
+    $(PAM_LIBS) \
2fc102
+    $(CMOCKA_LIBS) \
2fc102
+    $(SSSD_LIBS) \
2fc102
+    $(CARES_LIBS) \
2fc102
+    $(KRB5_LIBS) \
2fc102
+    $(SSSD_INTERNAL_LTLIBS) \
2fc102
+    $(SYSTEMD_LOGIN_LIBS) \
2fc102
+    libsss_ldap_common.la \
2fc102
+    libsss_idmap.la \
2fc102
+    libsss_krb5_common.la \
2fc102
+    libsss_test_common.la
2fc102
+
2fc102
 endif
2fc102
 
2fc102
 noinst_PROGRAMS = pam_test_client
2fc102
diff --git a/src/providers/ad/ad_access.c b/src/providers/ad/ad_access.c
2fc102
index 6995172db304810899e538b37572e4ba953db3e7..68a292abc88daa2f10f6797db50cc75335e80483 100644
2fc102
--- a/src/providers/ad/ad_access.c
2fc102
+++ b/src/providers/ad/ad_access.c
2fc102
@@ -274,26 +274,12 @@ ad_access_send(TALLOC_CTX *mem_ctx,
2fc102
         goto done;
2fc102
     }
2fc102
 
2fc102
-    state->clist = talloc_zero_array(state, struct sdap_id_conn_ctx *, 3);
2fc102
+    state->clist = ad_gc_conn_list(state, ctx->ad_id_ctx, domain);
2fc102
     if (state->clist == NULL) {
2fc102
         ret = ENOMEM;
2fc102
         goto done;
2fc102
     }
2fc102
 
2fc102
-    /* Always try GC first */
2fc102
-    ctx->gc_ctx->ignore_mark_offline = false;
2fc102
-    state->clist[0] = ctx->gc_ctx;
2fc102
-    if (IS_SUBDOMAIN(domain) == false) {
2fc102
-        /* fall back to ldap if gc is not available */
2fc102
-        state->clist[0]->ignore_mark_offline = true;
2fc102
-
2fc102
-        /* With root domain users we have the option to
2fc102
-         * fall back to LDAP in case ie POSIX attributes
2fc102
-         * are used but not replicated to GC
2fc102
-         */
2fc102
-        state->clist[1] = ctx->ldap_ctx;
2fc102
-    }
2fc102
-
2fc102
     ret = ad_access_step(req, state->clist[state->cindex]);
2fc102
     if (ret != EOK) {
2fc102
         goto done;
2fc102
diff --git a/src/providers/ad/ad_access.h b/src/providers/ad/ad_access.h
2fc102
index ca5e69729c574be53b7da04df0ff89446da04c58..3bd19ccc508b43f7103c7041dcc8573a00235097 100644
2fc102
--- a/src/providers/ad/ad_access.h
2fc102
+++ b/src/providers/ad/ad_access.h
2fc102
@@ -26,9 +26,7 @@
2fc102
 struct ad_access_ctx {
2fc102
     struct dp_option *ad_options;
2fc102
     struct sdap_access_ctx *sdap_access_ctx;
2fc102
-
2fc102
-    struct sdap_id_conn_ctx *ldap_ctx;
2fc102
-    struct sdap_id_conn_ctx *gc_ctx;
2fc102
+    struct ad_id_ctx *ad_id_ctx;
2fc102
 };
2fc102
 
2fc102
 void
2fc102
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c
2fc102
index f679c11ad18078b454b778ef30e40cca716412cb..af0ec839964233c7642205f4489e5b6462509848 100644
2fc102
--- a/src/providers/ad/ad_common.c
2fc102
+++ b/src/providers/ad/ad_common.c
2fc102
@@ -1096,3 +1096,55 @@ ad_id_ctx_init(struct ad_options *ad_opts, struct be_ctx *bectx)
2fc102
 
2fc102
     return ad_ctx;
2fc102
 }
2fc102
+
2fc102
+struct sdap_id_conn_ctx *
2fc102
+ad_get_dom_ldap_conn(struct ad_id_ctx *ad_ctx, struct sss_domain_info *dom)
2fc102
+{
2fc102
+    struct sdap_id_conn_ctx *conn;
2fc102
+    struct sdap_domain *sdom;
2fc102
+    struct ad_id_ctx *subdom_id_ctx;
2fc102
+
2fc102
+    if (IS_SUBDOMAIN(dom)) {
2fc102
+        sdom = sdap_domain_get(ad_ctx->sdap_id_ctx->opts, dom);
2fc102
+        if (sdom == NULL || sdom->pvt == NULL) {
2fc102
+            DEBUG(SSSDBG_CRIT_FAILURE, ("No ID ctx available for [%s].\n",
2fc102
+                                        dom->name));
2fc102
+            return NULL;
2fc102
+        }
2fc102
+        subdom_id_ctx = talloc_get_type(sdom->pvt, struct ad_id_ctx);
2fc102
+        conn = subdom_id_ctx->ldap_ctx;
2fc102
+    } else {
2fc102
+        conn = ad_ctx->ldap_ctx;
2fc102
+    }
2fc102
+
2fc102
+    return conn;
2fc102
+}
2fc102
+
2fc102
+struct sdap_id_conn_ctx **
2fc102
+ad_gc_conn_list(TALLOC_CTX *mem_ctx, struct ad_id_ctx *ad_ctx,
2fc102
+                struct sss_domain_info *dom)
2fc102
+{
2fc102
+    struct sdap_id_conn_ctx **clist;
2fc102
+
2fc102
+    clist = talloc_zero_array(mem_ctx, struct sdap_id_conn_ctx *, 3);
2fc102
+    if (clist == NULL) return NULL;
2fc102
+
2fc102
+    /* Always try GC first */
2fc102
+    clist[0] = ad_ctx->gc_ctx;
2fc102
+    if (IS_SUBDOMAIN(dom) == true) {
2fc102
+        clist[0]->ignore_mark_offline = false;
2fc102
+        /* Subdomain users are only present in GC. */
2fc102
+        return clist;
2fc102
+    }
2fc102
+
2fc102
+    /* fall back to ldap if gc is not available */
2fc102
+    clist[0]->ignore_mark_offline = true;
2fc102
+
2fc102
+    /* With root domain users we have the option to
2fc102
+     * fall back to LDAP in case ie POSIX attributes
2fc102
+     * are used but not replicated to GC
2fc102
+     */
2fc102
+    clist[1] = ad_ctx->ldap_ctx;
2fc102
+
2fc102
+    return clist;
2fc102
+}
2fc102
diff --git a/src/providers/ad/ad_common.h b/src/providers/ad/ad_common.h
2fc102
index b8b73c042b8a5433f720c89c04447c07cd3eac43..ed5b8584dc5327a24e60985486c6155604271fd2 100644
2fc102
--- a/src/providers/ad/ad_common.h
2fc102
+++ b/src/providers/ad/ad_common.h
2fc102
@@ -115,6 +115,13 @@ ad_get_dyndns_options(struct be_ctx *be_ctx,
2fc102
 struct ad_id_ctx *
2fc102
 ad_id_ctx_init(struct ad_options *ad_opts, struct be_ctx *bectx);
2fc102
 
2fc102
+struct sdap_id_conn_ctx **
2fc102
+ad_gc_conn_list(TALLOC_CTX *mem_ctx, struct ad_id_ctx *ad_ctx,
2fc102
+               struct sss_domain_info *dom);
2fc102
+
2fc102
+struct sdap_id_conn_ctx *
2fc102
+ad_get_dom_ldap_conn(struct ad_id_ctx *ad_ctx, struct sss_domain_info *dom);
2fc102
+
2fc102
 /* AD dynamic DNS updates */
2fc102
 errno_t ad_dyndns_init(struct be_ctx *be_ctx,
2fc102
                        struct ad_options *ctx);
2fc102
diff --git a/src/providers/ad/ad_id.c b/src/providers/ad/ad_id.c
2fc102
index cf71b172dd7c241a9280a7ea72ef2518f66a7435..e47c41863a14eed695907548d64f4559fbae629d 100644
2fc102
--- a/src/providers/ad/ad_id.c
2fc102
+++ b/src/providers/ad/ad_id.c
2fc102
@@ -188,12 +188,6 @@ get_conn_list(struct be_req *breq, struct ad_id_ctx *ad_ctx,
2fc102
               struct sss_domain_info *dom, struct be_acct_req *ar)
2fc102
 {
2fc102
     struct sdap_id_conn_ctx **clist;
2fc102
-    struct sdap_domain *sdom;
2fc102
-    struct ad_id_ctx *subdom_id_ctx;
2fc102
-
2fc102
-    /* LDAP, GC, sentinel */
2fc102
-    clist = talloc_zero_array(breq, struct sdap_id_conn_ctx *, 3);
2fc102
-    if (clist == NULL) return NULL;
2fc102
 
2fc102
     switch (ar->entry_type & BE_REQ_TYPE_MASK) {
2fc102
     case BE_REQ_USER: /* user */
2fc102
@@ -201,24 +195,17 @@ get_conn_list(struct be_req *breq, struct ad_id_ctx *ad_ctx,
2fc102
     case BE_REQ_USER_AND_GROUP: /* get SID */
2fc102
     case BE_REQ_GROUP: /* group */
2fc102
     case BE_REQ_INITGROUPS: /* init groups for user */
2fc102
-        /* Always try GC first */
2fc102
-        clist[0] = ad_ctx->gc_ctx;
2fc102
-        if (IS_SUBDOMAIN(dom) == true) {
2fc102
-            clist[0]->ignore_mark_offline = false;
2fc102
-            /* Subdomain users are only present in GC. */
2fc102
-            break;
2fc102
-        }
2fc102
-        /* fall back to ldap if gc is not available */
2fc102
-        clist[0]->ignore_mark_offline = true;
2fc102
-
2fc102
-        /* With root domain users we have the option to
2fc102
-         * fall back to LDAP in case ie POSIX attributes
2fc102
-         * are used but not replicated to GC
2fc102
-         */
2fc102
-        clist[1] = ad_ctx->ldap_ctx;
2fc102
+        clist = ad_gc_conn_list(breq, ad_ctx, dom);
2fc102
+        if (clist == NULL) return NULL;
2fc102
         break;
2fc102
+
2fc102
     default:
2fc102
+        /* Requests for other object should only contact LDAP by default */
2fc102
+        clist = talloc_zero_array(breq, struct sdap_id_conn_ctx *, 2);
2fc102
+        if (clist == NULL) return NULL;
2fc102
+
2fc102
         clist[0] = ad_ctx->ldap_ctx;
2fc102
+        clist[1] = NULL;
2fc102
         break;
2fc102
     }
2fc102
 
2fc102
diff --git a/src/providers/ad/ad_init.c b/src/providers/ad/ad_init.c
2fc102
index 332bfda3801db3824ce1896d37e65e2c3a6b8b8b..ed69a7d9889bac1281b5ff7c7b0f290ab09173fb 100644
2fc102
--- a/src/providers/ad/ad_init.c
2fc102
+++ b/src/providers/ad/ad_init.c
2fc102
@@ -377,8 +377,7 @@ sssm_ad_access_init(struct be_ctx *bectx,
2fc102
     if (ret != EOK) {
2fc102
         goto fail;
2fc102
     }
2fc102
-    access_ctx->ldap_ctx = ad_id_ctx->ldap_ctx;
2fc102
-    access_ctx->gc_ctx = ad_id_ctx->gc_ctx;
2fc102
+    access_ctx->ad_id_ctx = ad_id_ctx;
2fc102
 
2fc102
     ret = dp_copy_options(access_ctx, ad_options->basic, AD_OPTS_BASIC,
2fc102
                           &access_ctx->ad_options);
2fc102
diff --git a/src/tests/cmocka/test_ad_common.c b/src/tests/cmocka/test_ad_common.c
2fc102
new file mode 100644
2fc102
index 0000000000000000000000000000000000000000..648b68f2dc05947b1fbb4c680ec63d3c2c6275b3
2fc102
--- /dev/null
2fc102
+++ b/src/tests/cmocka/test_ad_common.c
2fc102
@@ -0,0 +1,221 @@
2fc102
+/*
2fc102
+    Authors:
2fc102
+        Jakub Hrozek <jhrozek@redhat.com>
2fc102
+
2fc102
+    Copyright (C) 2013 Red Hat
2fc102
+
2fc102
+    SSSD tests: AD access control filter tests
2fc102
+
2fc102
+    This program is free software; you can redistribute it and/or modify
2fc102
+    it under the terms of the GNU General Public License as published by
2fc102
+    the Free Software Foundation; either version 3 of the License, or
2fc102
+    (at your option) any later version.
2fc102
+
2fc102
+    This program is distributed in the hope that it will be useful,
2fc102
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
2fc102
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
2fc102
+    GNU General Public License for more details.
2fc102
+
2fc102
+    You should have received a copy of the GNU General Public License
2fc102
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
2fc102
+*/
2fc102
+
2fc102
+#include <talloc.h>
2fc102
+#include <tevent.h>
2fc102
+#include <errno.h>
2fc102
+#include <popt.h>
2fc102
+#include <unistd.h>
2fc102
+#include <sys/types.h>
2fc102
+#include <ifaddrs.h>
2fc102
+#include <arpa/inet.h>
2fc102
+
2fc102
+/* In order to access opaque types */
2fc102
+#include "providers/ad/ad_common.c"
2fc102
+
2fc102
+#include "tests/cmocka/common_mock.h"
2fc102
+
2fc102
+#define DOMNAME     "domname"
2fc102
+#define SUBDOMNAME  "sub."DOMNAME
2fc102
+#define REALMNAME   DOMNAME
2fc102
+#define HOST_NAME   "ad."REALMNAME
2fc102
+
2fc102
+struct ad_common_test_ctx {
2fc102
+    struct ad_id_ctx *ad_ctx;
2fc102
+    struct ad_id_ctx *subdom_ad_ctx;
2fc102
+
2fc102
+    struct sss_domain_info *dom;
2fc102
+    struct sss_domain_info *subdom;
2fc102
+};
2fc102
+
2fc102
+static void
2fc102
+ad_common_test_setup(void **state)
2fc102
+{
2fc102
+    struct ad_common_test_ctx *test_ctx;
2fc102
+    errno_t ret;
2fc102
+    struct sdap_domain *sdom;
2fc102
+    struct ad_id_ctx *ad_ctx;
2fc102
+    struct ad_id_ctx *subdom_ad_ctx;
2fc102
+    struct sdap_id_conn_ctx *subdom_ldap_ctx;
2fc102
+
2fc102
+    assert_true(leak_check_setup());
2fc102
+    check_leaks_push(global_talloc_context);
2fc102
+
2fc102
+    test_ctx = talloc_zero(global_talloc_context, struct ad_common_test_ctx);
2fc102
+    assert_non_null(test_ctx);
2fc102
+
2fc102
+    test_ctx->dom = talloc_zero(test_ctx, struct sss_domain_info);
2fc102
+    assert_non_null(test_ctx->dom);
2fc102
+    test_ctx->dom->name = discard_const(DOMNAME);
2fc102
+
2fc102
+    test_ctx->subdom = talloc_zero(test_ctx, struct sss_domain_info);
2fc102
+    assert_non_null(test_ctx->subdom);
2fc102
+    test_ctx->subdom->name = discard_const(SUBDOMNAME);
2fc102
+    test_ctx->subdom->parent = test_ctx->dom;
2fc102
+
2fc102
+    ad_ctx = talloc_zero(test_ctx, struct ad_id_ctx);
2fc102
+    assert_non_null(ad_ctx);
2fc102
+
2fc102
+    ad_ctx->ad_options = ad_create_default_options(ad_ctx,
2fc102
+                                                   REALMNAME, HOST_NAME);
2fc102
+    assert_non_null(ad_ctx->ad_options);
2fc102
+
2fc102
+    ad_ctx->gc_ctx = talloc_zero(ad_ctx, struct sdap_id_conn_ctx);
2fc102
+    assert_non_null(ad_ctx->gc_ctx);
2fc102
+
2fc102
+    ad_ctx->ldap_ctx = talloc_zero(ad_ctx, struct sdap_id_conn_ctx);
2fc102
+    assert_non_null(ad_ctx->ldap_ctx);
2fc102
+
2fc102
+    ad_ctx->sdap_id_ctx = talloc_zero(ad_ctx, struct sdap_id_ctx);
2fc102
+    assert_non_null(ad_ctx->sdap_id_ctx);
2fc102
+
2fc102
+    ad_ctx->sdap_id_ctx->opts = talloc_zero(ad_ctx->sdap_id_ctx,
2fc102
+                                            struct sdap_options);
2fc102
+    assert_non_null(ad_ctx->sdap_id_ctx->opts);
2fc102
+
2fc102
+    ret = sdap_domain_add(ad_ctx->sdap_id_ctx->opts, test_ctx->dom, &sdom;;
2fc102
+    assert_int_equal(ret, EOK);
2fc102
+
2fc102
+    subdom_ad_ctx = talloc_zero(test_ctx, struct ad_id_ctx);
2fc102
+    assert_non_null(subdom_ad_ctx);
2fc102
+
2fc102
+    subdom_ldap_ctx = talloc_zero(subdom_ad_ctx, struct sdap_id_conn_ctx);
2fc102
+    assert_non_null(subdom_ldap_ctx);
2fc102
+    subdom_ad_ctx->ldap_ctx = subdom_ldap_ctx;
2fc102
+
2fc102
+    ret = sdap_domain_add(ad_ctx->sdap_id_ctx->opts, test_ctx->subdom, &sdom;;
2fc102
+    assert_int_equal(ret, EOK);
2fc102
+    sdom->pvt = subdom_ad_ctx;
2fc102
+
2fc102
+    test_ctx->ad_ctx = ad_ctx;
2fc102
+    test_ctx->subdom_ad_ctx = subdom_ad_ctx;
2fc102
+
2fc102
+    check_leaks_push(test_ctx);
2fc102
+    *state = test_ctx;
2fc102
+}
2fc102
+
2fc102
+static void
2fc102
+ad_common_test_teardown(void **state)
2fc102
+{
2fc102
+    struct ad_common_test_ctx *test_ctx = talloc_get_type(*state,
2fc102
+                                                  struct ad_common_test_ctx);
2fc102
+    assert_non_null(test_ctx);
2fc102
+
2fc102
+    assert_true(check_leaks_pop(test_ctx) == true);
2fc102
+    talloc_free(test_ctx);
2fc102
+    assert_true(check_leaks_pop(global_talloc_context) == true);
2fc102
+    assert_true(leak_check_teardown());
2fc102
+}
2fc102
+
2fc102
+errno_t
2fc102
+__wrap_sdap_set_sasl_options(struct sdap_options *id_opts,
2fc102
+                             char *default_primary,
2fc102
+                             char *default_realm,
2fc102
+                             const char *keytab_path)
2fc102
+{
2fc102
+    /* Pretend SASL is fine */
2fc102
+    return EOK;
2fc102
+}
2fc102
+
2fc102
+void test_ldap_conn_list(void **state)
2fc102
+{
2fc102
+    struct sdap_id_conn_ctx *conn;
2fc102
+
2fc102
+    struct ad_common_test_ctx *test_ctx = talloc_get_type(*state,
2fc102
+                                                     struct ad_common_test_ctx);
2fc102
+    assert_non_null(test_ctx);
2fc102
+
2fc102
+    conn = ad_get_dom_ldap_conn(test_ctx->ad_ctx, test_ctx->dom);
2fc102
+    assert_true(conn == test_ctx->ad_ctx->ldap_ctx);
2fc102
+
2fc102
+    conn = ad_get_dom_ldap_conn(test_ctx->ad_ctx, test_ctx->subdom);
2fc102
+    assert_true(conn == test_ctx->subdom_ad_ctx->ldap_ctx);
2fc102
+}
2fc102
+
2fc102
+void test_conn_list(void **state)
2fc102
+{
2fc102
+    struct sdap_id_conn_ctx **conn_list;
2fc102
+
2fc102
+    struct ad_common_test_ctx *test_ctx = talloc_get_type(*state,
2fc102
+                                                     struct ad_common_test_ctx);
2fc102
+    assert_non_null(test_ctx);
2fc102
+
2fc102
+    conn_list = ad_gc_conn_list(test_ctx, test_ctx->ad_ctx, test_ctx->dom);
2fc102
+    assert_non_null(conn_list);
2fc102
+
2fc102
+    assert_true(conn_list[0] == test_ctx->ad_ctx->gc_ctx);
2fc102
+    /* If there is a fallback, we should ignore the offline mode */
2fc102
+    assert_true(conn_list[0]->ignore_mark_offline);
2fc102
+    assert_true(conn_list[1] == test_ctx->ad_ctx->ldap_ctx);
2fc102
+    assert_false(conn_list[1]->ignore_mark_offline);
2fc102
+    assert_null(conn_list[2]);
2fc102
+    talloc_free(conn_list);
2fc102
+
2fc102
+    conn_list = ad_gc_conn_list(test_ctx, test_ctx->ad_ctx, test_ctx->subdom);
2fc102
+    assert_non_null(conn_list);
2fc102
+
2fc102
+    assert_true(conn_list[0] == test_ctx->ad_ctx->gc_ctx);
2fc102
+    assert_false(conn_list[0]->ignore_mark_offline);
2fc102
+    assert_null(conn_list[1]);
2fc102
+    talloc_free(conn_list);
2fc102
+}
2fc102
+
2fc102
+int main(int argc, const char *argv[])
2fc102
+{
2fc102
+    poptContext pc;
2fc102
+    int opt;
2fc102
+    struct poptOption long_options[] = {
2fc102
+        POPT_AUTOHELP
2fc102
+        SSSD_DEBUG_OPTS
2fc102
+        POPT_TABLEEND
2fc102
+    };
2fc102
+
2fc102
+    const UnitTest tests[] = {
2fc102
+        unit_test_setup_teardown(test_ldap_conn_list,
2fc102
+                                 ad_common_test_setup,
2fc102
+                                 ad_common_test_teardown),
2fc102
+        unit_test_setup_teardown(test_conn_list,
2fc102
+                                 ad_common_test_setup,
2fc102
+                                 ad_common_test_teardown),
2fc102
+    };
2fc102
+
2fc102
+    /* Set debug level to invalid value so we can deside if -d 0 was used. */
2fc102
+    debug_level = SSSDBG_INVALID;
2fc102
+
2fc102
+    pc = poptGetContext(argv[0], argc, argv, long_options, 0);
2fc102
+    while((opt = poptGetNextOpt(pc)) != -1) {
2fc102
+        switch(opt) {
2fc102
+        default:
2fc102
+            fprintf(stderr, "\nInvalid option %s: %s\n\n",
2fc102
+                    poptBadOption(pc, 0), poptStrerror(opt));
2fc102
+            poptPrintUsage(pc, stderr, 0);
2fc102
+            return 1;
2fc102
+        }
2fc102
+    }
2fc102
+    poptFreeContext(pc);
2fc102
+
2fc102
+    DEBUG_INIT(debug_level);
2fc102
+
2fc102
+    tests_set_cwd();
2fc102
+
2fc102
+    return run_tests(tests);
2fc102
+}
2fc102
-- 
2fc102
1.8.4.2
2fc102