1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/selftest
Joseph Sutton 9447c4e81e CVE-2023-0614 ldb: Prevent disclosure of confidential attributes
Add a hook, acl_redact_msg_for_filter(), in the aclread module, that
marks inaccessible any message elements used by an LDAP search filter
that the user has no right to access. Make the various ldb_match_*()
functions check whether message elements are accessible, and refuse to
match any that are not. Remaining message elements, not mentioned in the
search filter, are checked in aclread_callback(), and any inaccessible
elements are removed at this point.

Certain attributes, namely objectClass, distinguishedName, name, and
objectGUID, are always present, and hence the presence of said
attributes is always allowed to be checked in a search filter. This
corresponds with the behaviour of Windows.

Further, we unconditionally allow the attributes isDeleted and
isRecycled in a check for presence or equality. Windows is not known to
make this special exception, but it seems mostly harmless, and should
mitigate the performance impact on searches made by the show_deleted
module.

As a result of all these changes, our behaviour regarding confidential
attributes happens to match Windows more closely. For the test in
confidential_attr.py, we can now model our attribute handling with
DC_MODE_RETURN_ALL, which corresponds to the behaviour exhibited by
Windows.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

[abartlet@samba.org adapted due to Samba 4.17 and lower
 not having the patches for CVE-2020-25720 and 4.16 and lower
 not having the patches for CVE-2022-32743 ]
2023-03-20 10:03:38 +01:00
..
flapping.d CVE-2021-20251 s4:dsdb: Make badPwdCount update atomic 2022-09-18 16:46:09 +00:00
gnupg
knownfail.d CVE-2023-0614 ldb: Prevent disclosure of confidential attributes 2023-03-20 10:03:38 +01:00
manage-ca selftest/manage-ca: Add certificiate etc. for DC addcsmb1 2020-04-03 15:08:26 +00:00
ns selftest: use 10.53.57.0/8 instead of 127.0.0.1/8 2020-03-27 09:02:38 +00:00
target CVE-2022-38023 s3:rpc_server/netlogon: Use dcesrv_netr_creds_server_step_check() 2023-01-23 10:01:59 +00:00
checkpassword_arg1.sh selftest: require SAMBA_CPS_ACCOUNT_NAME in checkpassword_arg1.sh 2019-02-11 07:43:32 +01:00
create_smb1_fail_skipfile.txt selftest: Create instructions for generating skip file entries 2020-04-03 15:08:33 +00:00
devel_env.sh selftest: Add python path for compiled python modules like ldb 2021-08-24 12:29:32 +00:00
filter-subunit python2 reduction: Merge remaining compat code into common 2020-10-02 14:49:36 +00:00
flapping selftest: Remove samba3.blackbox.smbclient_tar from flapping tests 2020-12-01 19:06:45 +00:00
format-subunit PY3: change shebang to python3 in misc dirs 2018-12-14 18:00:40 +01:00
format-subunit-json python: remove all 'from __future__ import print_function' 2021-04-28 03:43:34 +00:00
gdb_backtrace selftest/gdb_backtrace: remove duplicate assignment. 2021-06-10 01:17:52 +00:00
gdb_backtrace_test.c
gdb_run
in_screen s3:rpc_server: Activate samba-dcerpcd 2021-12-10 14:02:30 +00:00
knownfail s3: smbd: Add test to show smbd crashes when doing an FSCTL on a named stream handle. 2023-01-23 10:01:59 +00:00
knownfail_heimdal_kdc CVE-2022-37966 kdc: Implement new Kerberos session key behaviour since ENC_HMAC_SHA1_96_AES256_SK was added 2022-12-14 10:28:16 +00:00
knownfail_mit_kdc CVE-2022-37966 s4:kdc: announce PA-SUPPORTED-ETYPES like windows. 2022-12-14 10:28:17 +00:00
no-python-tests.txt selftest: Add basic sanity-check tests for nopython target 2019-02-20 02:10:00 +01:00
perf_tests.py perf_tests: Implicit string concatenation 2021-06-17 04:21:30 +00:00
quick selftest/quick: add smb2.session 2022-02-13 09:11:16 +00:00
README
save.env.sh
selftest.pl CVE-2020-25719 CVE-2020-25717: selftest: remove "gensec:require_pac" settings 2021-11-09 19:45:32 +00:00
selftest.pl.1
selftesthelpers.py selftest: Fix setting environ for plansmbtorture4testsuite() 2021-08-03 09:28:38 +00:00
skip selftest: Remove skip of samba4.rpc.unixinfo 2021-08-31 00:12:53 +00:00
skip_mit_kdc selftest: add python S4U2Self tests including unkeyed checksums 2020-05-15 12:25:40 +00:00
skip.no-GSS_KRB5_CRED_NO_CI_FLAGS_X
skip.opath-required s3: smbd: Fix openat_pathref_fsp() to cope with FIFO's in the filesystem. 2021-09-06 09:51:54 +00:00
slow
slow-none selftest: Move some more tests from the samba-o3 job 2020-10-01 01:18:38 +00:00
SocketWrapper.pm selftest: enable perl warnings 2020-02-04 05:13:39 +00:00
Subunit.pm selftest: enable perl warnings 2020-02-04 05:13:39 +00:00
subunithelper.py selftest: make filter-subunit much more efficient for large knownfail lists 2022-12-14 10:28:16 +00:00
tap2subunit
tests.py lib/tsocket: Add tests for loop on EAGAIN 2022-10-31 14:30:08 +00:00
TODO
todo_smb2_tests_to_port.list s3: torture: Remove the wildcard unlink test code. 2021-12-09 18:06:35 +00:00
ubsan.supp HEIMDAL: move code from source4/heimdal* to third_party/heimdal* 2022-01-19 21:41:59 +00:00
valgrind_run
wscript s3:rpc_server: Activate samba-dcerpcd 2021-12-10 14:02:30 +00:00

# vim: ft=rst

This directory contains test scripts that are useful for running a
bunch of tests all at once.

There are two parts to this:

 * The test runner (selftest/selftest.pl)
 * The test formatter

selftest.pl simply outputs subunit, which can then be formatted or analyzed
by tools that understand the subunit protocol. One of these tools is
format-subunit, which is used by default as part of "make test".

Available testsuites
====================
The available testsuites are obtained from a script, usually
source{3,4}/selftest/tests.py. This script should for each testsuite output
the name of the test, the command to run and the environment that should be
provided. Use the included "plantest" function to generate the required output.

Testsuite behaviour
===================

Exit code
------------
The testsuites should exit with a non-zero exit code if at least one
test failed. Skipped tests should not influence the exit code.

Output format
-------------
Testsuites can simply use the exit code to indicate whether all of their
tests have succeeded or one or more have failed. It is also possible to
provide more granular information using the Subunit protocol.

This protocol works by writing simple messages to standard output. Any
messages that can not be interpreted by this protocol are considered comments
for the last announced test.

For a full description of the subunit protocol, see the README file in the subunit
repository at http://github.com/testing-cabal/subunit.

The following commands are Samba extensions to Subunit:

start-testsuite
~~~~~~~~~~~~~~~
start-testsuite: name

The testsuite name is used as prefix for all containing tests.

skip-testsuite
~~~~~~~~~~~~~~
skip-testsuite: name

Mark the testsuite with the specified name as skipped.

testsuite-success
~~~~~~~~~~~~~~~~~
testsuite-success: name

Indicate that the testsuite has succeeded successfully.

testsuite-fail
~~~~~~~~~~~~~~
testsuite-fail: name

Indicate that a testsuite has failed.

Environments
============
Tests often need to run against a server with particular things set up,
a "environment". This environment is provided by the test "target": Samba 3,
Samba 4 or Windows.

The environments are currently available include

 - none: No server set up, no variables set.
 - dc,s3dc: Domain controller set up. The following environment variables will
   be set:

     * USERNAME: Administrator user name
     * PASSWORD: Administrator password
     * DOMAIN: Domain name
     * REALM: Realm name
     * SERVER: DC host name
     * SERVER_IP: DC IPv4 address
     * SERVER_IPV6: DC IPv6 address
     * NETBIOSNAME: DC NetBIOS name
     * NETIOSALIAS: DC NetBIOS alias

 - member,s4member,s3member: Domain controller and member server that is joined to it set up. The
   following environment variables will be set:

     * USERNAME: Domain administrator user name
     * PASSWORD: Domain administrator password
     * DOMAIN: Domain name
     * REALM: Realm name
     * SERVER: Name of the member server

See Samba.pm, Samba3.pm and Samba4.pm for the full list.

Running tests
=============

To run all the tests use::

   make test

To run a quicker subset run::

   make quicktest

To run a specific test, use this syntax::

   make test TESTS=testname

for example::

   make test TESTS=samba4.BASE-DELETE