From 6c1e606c3e9da9910554e48a6409a9b3001deedb Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Fri, 4 Sep 2015 09:27:17 +0200 Subject: [PATCH 75/87] DP: Provide a way to mark subdomain as disabled and auto-enable it later with offline_timeout MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit https://fedorahosted.org/sssd/ticket/2637 Adds a new Data Provider function be_mark_dom_offline() that is a replacement for be_mark_offline(). When called, the function would either set the whole back end offline, just like be_mark_offline or just set the subdomain status to inactive. When a subdomain is inactive, there is a singleton timed task that would re-set the subdomin after offline_timeout seconds. Reviewed-by: Pavel Březina --- Makefile.am | 26 +++ src/providers/data_provider_be.c | 102 +++++++++++- src/providers/dp_backend.h | 1 + src/tests/cmocka/test_data_provider_be.c | 275 +++++++++++++++++++++++++++++++ 4 files changed, 395 insertions(+), 9 deletions(-) create mode 100644 src/tests/cmocka/test_data_provider_be.c diff --git a/Makefile.am b/Makefile.am index e1102333b019e32c516c59c5fa969c970b688737..4e80701872c0e4e1391f0c6de8a2f68e719f8236 100644 --- a/Makefile.am +++ b/Makefile.am @@ -236,6 +236,7 @@ if HAVE_CMOCKA test_ipa_subdom_server \ test_krb5_wait_queue \ test_cert_utils \ + test_data_provider_be \ $(NULL) if HAVE_LIBRESOLV @@ -2603,6 +2604,31 @@ test_cert_utils_LDADD = \ libsss_cert.la \ libsss_crypt.la \ $(NULL) + +test_data_provider_be_SOURCES = \ + $(sssd_be_SOURCES) \ + src/tests/cmocka/test_data_provider_be.c \ + src/tests/cmocka/common_mock_be.c \ + $(NULL) +test_data_provider_be_CFLAGS = \ + $(AM_CFLAGS) \ + -DUNIT_TESTING \ + $(CRYPTO_CFLAGS) \ + $(NULL) +test_data_provider_be_LDFLAGS = \ + -Wl,-wrap,_tevent_add_timer \ + $(NULL) +test_data_provider_be_LDADD = \ + $(CMOCKA_LIBS) \ + $(CARES_LIBS) \ + $(POPT_LIBS) \ + $(PAM_LIBS) \ + $(TALLOC_LIBS) \ + $(SSSD_INTERNAL_LTLIBS) \ + libsss_debug.la \ + libsss_test_common.la \ + $(NULL) + endif # HAVE_CMOCKA noinst_PROGRAMS = pam_test_client diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index d147630248f0a24f5a632760b55b9284a6928e40..f477ac8bde2b1e3eea862e8e8f503566282ea8f3 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -478,6 +478,24 @@ try_to_go_online(TALLOC_CTX *mem_ctx, return EOK; } +static int get_offline_timeout(struct be_ctx *ctx) +{ + errno_t ret; + int offline_timeout; + + ret = confdb_get_int(ctx->cdb, ctx->conf_path, + CONFDB_DOMAIN_OFFLINE_TIMEOUT, 60, + &offline_timeout); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to get offline_timeout from confdb. " + "Will use 60 seconds.\n"); + offline_timeout = 60; + } + + return offline_timeout; +} + void be_mark_offline(struct be_ctx *ctx) { int offline_timeout; @@ -493,15 +511,9 @@ void be_mark_offline(struct be_ctx *ctx) /* This is the first time we go offline - create a periodic task * to check if we can switch to online. */ DEBUG(SSSDBG_TRACE_INTERNAL, "Initialize check_if_online_ptask.\n"); - ret = confdb_get_int(ctx->cdb, ctx->conf_path, - CONFDB_DOMAIN_OFFLINE_TIMEOUT, 60, - &offline_timeout); - if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, - "Failed to get offline_timeout from confdb. " - "Will use 60 seconds.\n"); - offline_timeout = 60; - } + + offline_timeout = get_offline_timeout(ctx); + ret = be_ptask_create_sync(ctx, ctx, offline_timeout, offline_timeout, offline_timeout, 30, offline_timeout, @@ -524,10 +536,82 @@ void be_mark_offline(struct be_ctx *ctx) be_run_offline_cb(ctx); } +static void be_subdom_reset_status(struct tevent_context *ev, + struct tevent_timer *te, + struct timeval current_time, + void *pvt) +{ + struct sss_domain_info *subdom = talloc_get_type(pvt, + struct sss_domain_info); + + DEBUG(SSSDBG_TRACE_LIBS, "Resetting subdomain %s\n", subdom->name); + subdom->state = DOM_ACTIVE; +} + +static void be_mark_subdom_offline(struct sss_domain_info *subdom, + struct be_ctx *be_ctx) +{ + struct timeval tv; + struct tevent_timer *timeout = NULL; + int reset_status_timeout; + + reset_status_timeout = get_offline_timeout(be_ctx); + tv = tevent_timeval_current_ofs(reset_status_timeout, 0); + + switch (subdom->state) { + case DOM_DISABLED: + DEBUG(SSSDBG_MINOR_FAILURE, "Won't touch disabled subdomain\n"); + return; + case DOM_INACTIVE: + DEBUG(SSSDBG_TRACE_ALL, "Subdomain already inactive\n"); + return; + case DOM_ACTIVE: + DEBUG(SSSDBG_TRACE_LIBS, + "Marking subdomain %s as inactive\n", subdom->name); + break; + } + + timeout = tevent_add_timer(be_ctx->ev, be_ctx, tv, + be_subdom_reset_status, subdom); + if (timeout == NULL) { + DEBUG(SSSDBG_OP_FAILURE, "Cannot create timer\n"); + return; + } + + subdom->state = DOM_INACTIVE; +} + +void be_mark_dom_offline(struct sss_domain_info *dom, struct be_ctx *ctx) +{ + if (IS_SUBDOMAIN(dom) == false) { + DEBUG(SSSDBG_TRACE_LIBS, "Marking back end offline\n"); + be_mark_offline(ctx); + } else { + DEBUG(SSSDBG_TRACE_LIBS, "Marking subdomain %s offline\n", dom->name); + be_mark_subdom_offline(dom, ctx); + } +} + +static void reactivate_subdoms(struct sss_domain_info *head) +{ + struct sss_domain_info *dom; + + DEBUG(SSSDBG_TRACE_LIBS, "Resetting all subdomains"); + + for (dom = head; dom; dom = get_next_domain(dom, true)) { + if (sss_domain_get_state(dom) == DOM_INACTIVE) { + sss_domain_set_state(dom, DOM_ACTIVE); + } + } +} + static void be_reset_offline(struct be_ctx *ctx) { ctx->offstat.went_offline = 0; ctx->offstat.offline = false; + + reactivate_subdoms(ctx->domain); + be_ptask_disable(ctx->check_if_online_ptask); be_run_online_cb(ctx); } diff --git a/src/providers/dp_backend.h b/src/providers/dp_backend.h index e4e22ea343a5cbf4c75f176c3002dc579c2893fe..4d54bf547682379bcb8cf855b8fae39214495728 100644 --- a/src/providers/dp_backend.h +++ b/src/providers/dp_backend.h @@ -189,6 +189,7 @@ struct be_host_req { bool be_is_offline(struct be_ctx *ctx); void be_mark_offline(struct be_ctx *ctx); +void be_mark_dom_offline(struct sss_domain_info *dom, struct be_ctx *ctx); int be_add_reconnect_cb(TALLOC_CTX *mem_ctx, struct be_ctx *ctx, diff --git a/src/tests/cmocka/test_data_provider_be.c b/src/tests/cmocka/test_data_provider_be.c new file mode 100644 index 0000000000000000000000000000000000000000..68eb5841bee568bef64cb62461403036b1320bec --- /dev/null +++ b/src/tests/cmocka/test_data_provider_be.c @@ -0,0 +1,275 @@ +/* + Copyright (C) 2015 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include +#include +#include +#include +#include + +#include "providers/dp_backend.h" +#include "tests/cmocka/common_mock.h" +#include "tests/cmocka/common_mock_be.h" +#include "tests/common.h" + +#define TESTS_PATH "tests_dp_be" +#define TEST_CONF_DB "test_dp_be_conf.ldb" +#define TEST_DOM_NAME "dp_be_test" +#define TEST_ID_PROVIDER "ldap" + +#define OFFLINE_TIMEOUT 2 +#define AS_STR(param) (#param) + +static TALLOC_CTX *global_mock_context = NULL; +static bool global_timer_added; + +struct tevent_timer *__real__tevent_add_timer(struct tevent_context *ev, + TALLOC_CTX *mem_ctx, + struct timeval next_event, + tevent_timer_handler_t handler, + void *private_data, + const char *handler_name, + const char *location); + +struct tevent_timer *__wrap__tevent_add_timer(struct tevent_context *ev, + TALLOC_CTX *mem_ctx, + struct timeval next_event, + tevent_timer_handler_t handler, + void *private_data, + const char *handler_name, + const char *location) +{ + global_timer_added = true; + + return __real__tevent_add_timer(ev, mem_ctx, next_event, + handler, private_data, handler_name, + location); +} + + +struct test_ctx { + struct sss_test_ctx *tctx; + struct be_ctx *be_ctx; +}; + +static struct sss_domain_info *named_domain(TALLOC_CTX *mem_ctx, + const char *name, + struct sss_domain_info *parent) +{ + struct sss_domain_info *dom = NULL; + + dom = talloc_zero(mem_ctx, struct sss_domain_info); + assert_non_null(dom); + + dom->name = talloc_strdup(dom, name); + assert_non_null(dom->name); + + dom->parent = parent; + + return dom; +} + +static int test_setup(void **state) +{ + struct test_ctx *test_ctx = NULL; + struct sss_test_conf_param params[] = { + { "offline_timeout", AS_STR(OFFLINE_TIMEOUT) }, + { NULL, NULL }, /* Sentinel */ + }; + + assert_true(leak_check_setup()); + global_mock_context = talloc_new(global_talloc_context); + assert_non_null(global_mock_context); + + test_ctx = talloc_zero(global_talloc_context, struct test_ctx); + assert_non_null(test_ctx); + + test_ctx->tctx = create_dom_test_ctx(test_ctx, TESTS_PATH, + TEST_CONF_DB, TEST_DOM_NAME, + TEST_ID_PROVIDER, params); + assert_non_null(test_ctx->tctx); + + test_ctx->be_ctx = mock_be_ctx(test_ctx, test_ctx->tctx); + assert_non_null(test_ctx->be_ctx); + + test_ctx->be_ctx->domain->subdomains = named_domain(test_ctx, + "subdomains", + test_ctx->be_ctx->domain); + assert_non_null(test_ctx->be_ctx->domain->subdomains); + + *state = test_ctx; + + return 0; +} + +static int test_teardown(void **state) +{ + talloc_zfree(*state); + assert_true(leak_check_teardown()); + return 0; +} + +static void assert_domain_state(struct sss_domain_info *dom, + enum sss_domain_state expected_state) +{ + enum sss_domain_state dom_state; + + dom_state = sss_domain_get_state(dom); + assert_int_equal(dom_state, expected_state); +} + +static void test_mark_subdom_offline_check(struct tevent_context *ev, + struct tevent_timer *te, + struct timeval current_time, + void *pvt) +{ + struct test_ctx *test_ctx = talloc_get_type(pvt, struct test_ctx); + + assert_domain_state(test_ctx->be_ctx->domain->subdomains, + DOM_ACTIVE); + + test_ctx->tctx->done = true; + test_ctx->tctx->error = EOK; +} + +static void test_mark_dom_offline(void **state) +{ + struct test_ctx *test_ctx = talloc_get_type(*state, struct test_ctx); + + assert_domain_state(test_ctx->be_ctx->domain, DOM_ACTIVE); + assert_false(be_is_offline(test_ctx->be_ctx)); + + be_mark_dom_offline(test_ctx->be_ctx->domain, test_ctx->be_ctx); + + assert_true(be_is_offline(test_ctx->be_ctx)); + assert_domain_state(test_ctx->be_ctx->domain, DOM_ACTIVE); +} + +static void test_mark_subdom_offline(void **state) +{ + struct timeval tv; + struct tevent_timer *check_ev = NULL; + struct test_ctx *test_ctx = talloc_get_type(*state, struct test_ctx); + errno_t ret; + + assert_domain_state(test_ctx->be_ctx->domain->subdomains, + DOM_ACTIVE); + assert_false(be_is_offline(test_ctx->be_ctx)); + + global_timer_added = false; + be_mark_dom_offline(test_ctx->be_ctx->domain->subdomains, test_ctx->be_ctx); + assert_domain_state(test_ctx->be_ctx->domain->subdomains, + DOM_INACTIVE); + + /* A timer must be added that resets the state back */ + assert_true(global_timer_added); + + /* Global offline state must not change */ + assert_false(be_is_offline(test_ctx->be_ctx)); + + /* Make sure we don't add a second timer */ + global_timer_added = false; + be_mark_dom_offline(test_ctx->be_ctx->domain->subdomains, test_ctx->be_ctx); + assert_domain_state(test_ctx->be_ctx->domain->subdomains, + DOM_INACTIVE); + assert_false(global_timer_added); + + /* Wait for the internal timer to reset our subdomain back */ + tv = tevent_timeval_current_ofs(OFFLINE_TIMEOUT + 1, 0); + + check_ev = tevent_add_timer(test_ctx->tctx->ev, test_ctx, tv, + test_mark_subdom_offline_check, + test_ctx); + if (check_ev == NULL) { + DEBUG(SSSDBG_OP_FAILURE, "Cannot create timer\n"); + return; + } + + ret = test_ev_loop(test_ctx->tctx); + assert_int_equal(ret, EOK); +} + +static void test_mark_subdom_offline_disabled(void **state) +{ + struct test_ctx *test_ctx = talloc_get_type(*state, struct test_ctx); + + sss_domain_set_state(test_ctx->be_ctx->domain->subdomains, DOM_DISABLED); + assert_domain_state(test_ctx->be_ctx->domain->subdomains, + DOM_DISABLED); + + be_mark_dom_offline(test_ctx->be_ctx->domain->subdomains, test_ctx->be_ctx); + assert_domain_state(test_ctx->be_ctx->domain->subdomains, + DOM_DISABLED); +} + +int main(int argc, const char *argv[]) +{ + poptContext pc; + int opt; + int rv; + int no_cleanup = 0; + struct poptOption long_options[] = { + POPT_AUTOHELP + SSSD_DEBUG_OPTS + {"no-cleanup", 'n', POPT_ARG_NONE, &no_cleanup, 0, + _("Do not delete the test database after a test run"), NULL }, + POPT_TABLEEND + }; + + const struct CMUnitTest tests[] = { + cmocka_unit_test_setup_teardown(test_mark_dom_offline, + test_setup, + test_teardown), + cmocka_unit_test_setup_teardown(test_mark_subdom_offline, + test_setup, + test_teardown), + cmocka_unit_test_setup_teardown(test_mark_subdom_offline_disabled, + test_setup, + test_teardown), + }; + + /* Set debug level to invalid value so we can deside if -d 0 was used. */ + debug_level = SSSDBG_INVALID; + + pc = poptGetContext(argv[0], argc, argv, long_options, 0); + while((opt = poptGetNextOpt(pc)) != -1) { + switch(opt) { + default: + fprintf(stderr, "\nInvalid option %s: %s\n\n", + poptBadOption(pc, 0), poptStrerror(opt)); + poptPrintUsage(pc, stderr, 0); + return 1; + } + } + poptFreeContext(pc); + + DEBUG_CLI_INIT(debug_level); + + /* Even though normally the tests should clean up after themselves + * they might not after a failed run. Remove the old db to be sure */ + tests_set_cwd(); + test_dom_suite_cleanup(TESTS_PATH, TEST_CONF_DB, TEST_DOM_NAME); + test_dom_suite_setup(TESTS_PATH); + + rv = cmocka_run_group_tests(tests, NULL, NULL); + if (rv == 0 && !no_cleanup) { + test_dom_suite_cleanup(TESTS_PATH, TEST_CONF_DB, TEST_DOM_NAME); + } + return rv; + + return cmocka_run_group_tests(tests, NULL, NULL); +} -- 2.4.3