sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-03 04:22:09 +03:00
Code Activity

s3:tests: Test for users connecting to their 'homes' share

Browse Source 
This adds a test for CVE-2009-2813.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13699

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
This commit is contained in:
Andreas Schneider
2018-11-16 15:40:59 +01:00
committed by Jeremy Allison
parent 3b38dddff2
commit cc471448df
3 changed files with 104 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
selftest/target/Samba3.pm
View File

@ -977,6 +977,10 @@ sub setup_fileserver
comment = inherit only unix owner
inherit owner = unix only
acl_xattr:ignore system acls = yes
[homes]
comment = Home directories
browseable = No
read only = No
";
my $vars = $self->provision($path, "WORKGROUP",

99
source3/script/tests/test_homes.sh Executable file
View File

@ -0,0 +1,99 @@
#!/bin/sh
# Copyright (c) Andreas Schneider <asn@samba.org>
# License: GPLv3
if [ $# -lt 7 ]; then
echo "Usage: test_homes.sh SERVER USERNAME PASSWORD LOCAL_PATH PREFIX SMBCLIENT CONFIGURATION"
exit 1
fi
SERVER="${1}"
USERNAME="${2}"
PASSWORD="${3}"
LOCAL_PATH="${4}"
PREFIX="${5}"
SMBCLIENT="${6}"
CONFIGURATION="${7}"
shift 7
incdir=`dirname $0`/../../../testprogs/blackbox
. $incdir/subunit.sh
failed=0
test_gooduser_home()
{
tmpfile=$PREFIX/smbclient_homes_gooduser_commands
cat > $tmpfile <<EOF
ls
quit
EOF
USERNAME=gooduser
cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/$USERNAME $CONFIGURATION < $tmpfile 2>&1'
eval echo "$cmd"
out=$(eval $cmd)
ret=$?
rm -f $tmpfile
if [ $ret -ne 0 ] ; then
echo "$out"
echo "failed to connect error $ret"
return 1
fi
echo "$out" | grep 'Try "help" to get a list of possible commands.'
ret=$?
if [ $ret -ne 0 ] ; then
echo "$out"
echo 'failed - should get: Try "help" to get a list of possible commands.'
return 1
fi
return 0
}
test_eviluser_home()
{
tmpfile=$PREFIX/smbclient_homes_eviluser_commands
cat > $tmpfile <<EOF
ls
quit
EOF
USERNAME=eviluser
cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/$USERNAME $CONFIGURATION < $tmpfile 2>&1'
eval echo "$cmd"
out=$(eval $cmd)
ret=$?
rm -f $tmpfile
if [ $ret -ne 1 ] ; then
echo "$out"
echo "The server should reject connecting ret=$ret"
return 1
fi
echo "$out" | grep 'NT_STATUS_BAD_NETWORK_NAME'
ret=$?
if [ $ret -ne 0 ] ; then
echo "$out"
echo 'failed - should get: NT_STATUS_BAD_NETWORK_NAME.'
return 1
fi
return 0
}
testit "test gooduser home" \
test_gooduser_home || \
failed=`expr $failed + 1`
testit "test eviluser home reject" \
test_eviluser_home || \
failed=`expr $failed + 1`
testok $0 $failed

1
source3/selftest/tests.py
View File

@ -326,6 +326,7 @@ for env in ["fileserver"]:
plantestsuite("samba3.blackbox.large_acl.NT1", env, [os.path.join(samba3srcdir, "script/tests/test_large_acl.sh"), '$SERVER', '$USERNAME', '$PASSWORD', smbclient3, smbcacls, '-m', 'NT1'])
plantestsuite("samba3.blackbox.large_acl.SMB3", env, [os.path.join(samba3srcdir, "script/tests/test_large_acl.sh"), '$SERVER', '$USERNAME', '$PASSWORD', smbclient3, smbcacls, '-m', 'SMB3'])
plantestsuite("samba3.blackbox.give_owner", env, [os.path.join(samba3srcdir, "script/tests/test_give_owner.sh"), '$SERVER', '$SERVER_IP', '$USERNAME', '$PASSWORD', '$PREFIX', smbclient3, smbcacls, net, 'tmp'])
plantestsuite("samba3.blackbox.homes", env, [os.path.join(samba3srcdir, "script/tests/test_homes.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$LOCAL_PATH', '$PREFIX', smbclient3, configuration])
#
# tar command tests