s4:torture: add a torture_user2_credentials() helper to pass additional credentials

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/source4/torture/util.h b/source4/torture/util.h
index 4695710faece634f9e8b0b88fb993a4dfe1069db..385ee157311df1194dffd41dd7095d9a9159718d 100644 (file)
--- a/source4/torture/util.h
+++ b/source4/torture/util.h
@@ -24,6 +24,7 @@
 
 struct smbcli_state;
 struct smbcli_tree;
+struct cli_credentials;
 
 /**
  * Useful target macros for handling server bugs in torture tests.
@@ -107,5 +108,14 @@ NTSTATUS torture_check_privilege(struct smbcli_state *cli,
                                 const char *sid_str,
                                 const char *privilege);
 
+/*
+ * Use this to pass a 2nd user:
+ *
+ * --option='torture:user2name=user2'
+ * --option='torture:user2domain=domain2'
+ * --option='torture:user2password=password2'
+ */
+struct cli_credentials *torture_user2_credentials(struct torture_context *tctx,
+                                                 TALLOC_CTX *mem_ctx);
 
 #endif /* _TORTURE_UTIL_H_ */

diff --git a/source4/torture/util_smb.c b/source4/torture/util_smb.c
index 7641b1fbc0bfb7ebeb53c3516af44d784427d52f..04971676e19892bbc66ae7f1abe36911629ee704 100644 (file)
--- a/source4/torture/util_smb.c
+++ b/source4/torture/util_smb.c
@@ -37,6 +37,8 @@
 #include "libcli/util/clilsa.h"
 #include "torture/util.h"
 #include "libcli/smb/smbXcli_base.h"
+#include "auth/credentials/credentials.h"
+#include "auth/credentials/credentials_krb5.h"
 
 /**
   setup a directory ready for a test
@@ -968,3 +970,51 @@ NTSTATUS torture_check_privilege(struct smbcli_state *cli,
 
        return smblsa_sid_check_privilege(cli, sid_str, privilege);
 }
+
+/*
+ * Use this to pass a 2nd user:
+ *
+ * --option='torture:user2name=user2'
+ * --option='torture:user2domain=domain2'
+ * --option='torture:user2password=password2'
+ */
+struct cli_credentials *torture_user2_credentials(struct torture_context *tctx,
+                                                 TALLOC_CTX *mem_ctx)
+{
+       struct cli_credentials *credentials1 = popt_get_cmdline_credentials();
+       const char *user1domain = cli_credentials_get_domain(credentials1);
+       const char *user2name = torture_setting_string(tctx, "user2name", NULL);
+       const char *user2domain = torture_setting_string(tctx, "user2domain", user1domain);
+       const char *user2password = torture_setting_string(tctx, "user2password", NULL);
+       struct cli_credentials *credentials2 = NULL;
+
+       credentials2 = cli_credentials_shallow_copy(mem_ctx, credentials1);
+       if (credentials2 == NULL) {
+               torture_comment(tctx,
+                               "%s: cli_credentials_shallow_copy() failed\n",
+                               __func__);
+               return NULL;
+       }
+       if (user2name != NULL) {
+               torture_comment(tctx,
+                               "Using "
+                               "'torture:user2name'='%s' "
+                               "'torture:user2domain'='%s' "
+                               "'torture:user2password'='REDACTED'",
+                               user2name,
+                               user2domain);
+               cli_credentials_set_username(credentials2, user2name, CRED_SPECIFIED);
+               cli_credentials_set_domain(credentials2, user2domain, CRED_SPECIFIED);
+               cli_credentials_set_password(credentials2, user2password, CRED_SPECIFIED);
+       } else {
+               torture_comment(tctx,
+                               "Fallback to anonymous for "
+                               "'torture:user2name'=NULL "
+                               "'torture:user2domain'='%s' "
+                               "'torture:user2password'='REDACTED'",
+                               user2domain);
+               cli_credentials_set_anonymous(credentials2);
+       }
+
+       return credentials2;
+}