From 341ad1ae68b71489e4729ec11a9b3efb7d9b98ea Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 10 Mar 2021 12:55:14 +0100 Subject: [PATCH] s4:torture: add a torture_user2_credentials() helper to pass additional credentials BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512 Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison --- source4/torture/util.h | 10 ++++++++ source4/torture/util_smb.c | 50 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+) diff --git a/source4/torture/util.h b/source4/torture/util.h index 4695710faec..385ee157311 100644 --- a/source4/torture/util.h +++ b/source4/torture/util.h @@ -24,6 +24,7 @@ struct smbcli_state; struct smbcli_tree; +struct cli_credentials; /** * Useful target macros for handling server bugs in torture tests. @@ -107,5 +108,14 @@ NTSTATUS torture_check_privilege(struct smbcli_state *cli, const char *sid_str, const char *privilege); +/* + * Use this to pass a 2nd user: + * + * --option='torture:user2name=user2' + * --option='torture:user2domain=domain2' + * --option='torture:user2password=password2' + */ +struct cli_credentials *torture_user2_credentials(struct torture_context *tctx, + TALLOC_CTX *mem_ctx); #endif /* _TORTURE_UTIL_H_ */ diff --git a/source4/torture/util_smb.c b/source4/torture/util_smb.c index 7641b1fbc0b..04971676e19 100644 --- a/source4/torture/util_smb.c +++ b/source4/torture/util_smb.c @@ -37,6 +37,8 @@ #include "libcli/util/clilsa.h" #include "torture/util.h" #include "libcli/smb/smbXcli_base.h" +#include "auth/credentials/credentials.h" +#include "auth/credentials/credentials_krb5.h" /** setup a directory ready for a test @@ -968,3 +970,51 @@ NTSTATUS torture_check_privilege(struct smbcli_state *cli, return smblsa_sid_check_privilege(cli, sid_str, privilege); } + +/* + * Use this to pass a 2nd user: + * + * --option='torture:user2name=user2' + * --option='torture:user2domain=domain2' + * --option='torture:user2password=password2' + */ +struct cli_credentials *torture_user2_credentials(struct torture_context *tctx, + TALLOC_CTX *mem_ctx) +{ + struct cli_credentials *credentials1 = popt_get_cmdline_credentials(); + const char *user1domain = cli_credentials_get_domain(credentials1); + const char *user2name = torture_setting_string(tctx, "user2name", NULL); + const char *user2domain = torture_setting_string(tctx, "user2domain", user1domain); + const char *user2password = torture_setting_string(tctx, "user2password", NULL); + struct cli_credentials *credentials2 = NULL; + + credentials2 = cli_credentials_shallow_copy(mem_ctx, credentials1); + if (credentials2 == NULL) { + torture_comment(tctx, + "%s: cli_credentials_shallow_copy() failed\n", + __func__); + return NULL; + } + if (user2name != NULL) { + torture_comment(tctx, + "Using " + "'torture:user2name'='%s' " + "'torture:user2domain'='%s' " + "'torture:user2password'='REDACTED'", + user2name, + user2domain); + cli_credentials_set_username(credentials2, user2name, CRED_SPECIFIED); + cli_credentials_set_domain(credentials2, user2domain, CRED_SPECIFIED); + cli_credentials_set_password(credentials2, user2password, CRED_SPECIFIED); + } else { + torture_comment(tctx, + "Fallback to anonymous for " + "'torture:user2name'=NULL " + "'torture:user2domain'='%s' " + "'torture:user2password'='REDACTED'", + user2domain); + cli_credentials_set_anonymous(credentials2); + } + + return credentials2; +}