search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
libnet: Fix Coverity ID 1634803 Dereference after null check
[samba4-gss.git] / source3 / script / tests / test_veto_files.sh
blob65767aca1d93413a59050d4136aeac9fa9bce643
1 #!/bin/sh
2 #
3 # Check smbclient cannot get a file that matches a veto files
4 # parameter, or inside a directory that matches a veto files
5 # parameter.
6 #
7 # BUG: https://bugzilla.samba.org/show_bug.cgi?id=15143
8 #
9
10 if [ $# -lt 6 ]; then
11 cat <<EOF
12 Usage: $0 SERVER SERVER_IP USERNAME PASSWORD SHAREPATH SMBCLIENT
13 EOF
14 exit 1
15 fi
16
17 SERVER=${1}
18 SERVER_IP=${2}
19 USERNAME=${3}
20 PASSWORD=${4}
21 SHAREPATH=${5}
22 SMBCLIENT=${6}
23 shift 6
24 SMBCLIENT="$VALGRIND ${SMBCLIENT}"
25 # Used by test_smbclient()
26 # shellcheck disable=2034
27 smbclient="$VALGRIND ${SMBCLIENT}"
28 ADDARGS="$@"
29
30 incdir=$(dirname "$0")/../../../testprogs/blackbox
31 . "$incdir"/subunit.sh
32 . "${incdir}/common_test_fns.inc"
33
34 failed=0
35
36 TMPDIR=${PREFIX_ABS}/$(basename "${0}")
37 mkdir -p "${TMPDIR}" || exit 1
38 cd "${TMPDIR}" || exit 1
39
40 #
41 # Cleanup function.
42 #
43 do_cleanup()
44 {
45 (
46 #subshell.
47 rm -rf "$SHAREPATH/dir1"
48 rm -rf "$SHAREPATH/veto_name_dir"
49 rm -rf "$SHAREPATH/veto_name_dir\"mangle"
50 rm -f "$SHAREPATH/veto_name_file"
51 rm -f "$SHAREPATH/veto_name_file\"mangle"
52 rm -f "${SHAREPATH}/regular_file"
53 rm -f "${SHAREPATH}/.hidden_file"
54 )
55 }
56
57 #
58 # smbclient function given path and expected error.
59 #
60 smbclient_get_expect_error()
61 {
62 filename1="$1"
63 expected_error="$2"
64 tmpfile=${TMPDIR}/smbclient_interactive_prompt_commands
65 cat >"$tmpfile" <<EOF
66 get $filename1 got_file
67 quit
68 EOF
69 rm -f got_file
70
71 cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT -U$USERNAME%$PASSWORD //$SERVER/veto_files -I$SERVER_IP < $tmpfile 2>&1'
72 eval echo "$cmd"
73 out=$(eval "$cmd")
74 ret=$?
75 rm -f "$tmpfile"
76 rm -f got_file
77
78 if [ $ret != 0 ]; then
79 printf "%s\n" "$out"
80 printf "failed accessing veto_files share with error %s\n" "$ret"
81 return 1
82 fi
83
84 if [ "$expected_error" = "NT_STATUS_OK" ]; then
85 printf "%s" "$out" | grep "NT_STATUS_" | wc -l | grep '^0$'
86 else
87 printf "%s" "$out" | grep "$expected_error"
88 fi
89 ret=$?
90 if [ $ret != 0 ]; then
91 printf "%s\n" "$out"
92 printf "failed - should get %s doing \"get %s got_file\"\n" "$expected_error" "$filename1"
93 return 1
94 fi
95 }
96
97 smbclient_create_expect_error()
98 {
99 filename="$1.$$"
100 expected_error="$2"
101 tmpfile=${TMPDIR}/smbclient_interactive_prompt_commands
102 cat >"$tmpfile" <<EOF
103 put $tmpfile $filename
104 quit
105 EOF
106
107 cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT -U$USERNAME%$PASSWORD //$SERVER/veto_files -I$SERVER_IP < $tmpfile 2>&1'
108 eval echo "$cmd"
109 out=$(eval "$cmd")
110 ret=$?
111 rm -f "$tmpfile"
112 rm -f "$SHAREPATH/$filename"
113
114 if [ $ret != 0 ]; then
115 printf "%s\n" "$out"
116 printf "failed accessing veto_files share with error %s\n" "$ret"
117 return 1
118 fi
119
120 if [ "$expected_error" = "NT_STATUS_OK" ]; then
121 printf "%s" "$out" | grep -c "NT_STATUS_" && false
122 else
123 printf "%s" "$out" | grep "$expected_error"
124 fi
125 ret=$?
126 if [ $ret != 0 ]; then
127 printf "%s\n" "$out"
128 printf "failed - should get %s doing \"put %s\"\n" "$expected_error" "$filename"
129 return 1
130 fi
131 }
132
133 #
134 # Using the share "[veto_files]" ensure we
135 # cannot fetch a veto'd file or file in a veto'd directory.
136 #
137 test_get_veto_file()
138 {
139 # toplevel
140 smbclient_get_expect_error "veto_name_file" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
141 smbclient_get_expect_error "veto_name_dir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
142 smbclient_get_expect_error "veto_name_dir/testdir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
143
144 # toplevel mangle names
145 smbclient_get_expect_error "VHXE5P~M" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
146 smbclient_get_expect_error "VF5SKC~B/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
147 smbclient_get_expect_error "VF5SKC~B/testdir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
148
149 # depth1
150 smbclient_get_expect_error "dir1/veto_name_file" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
151 smbclient_get_expect_error "dir1/veto_name_dir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
152 smbclient_get_expect_error "dir1/veto_name_dir/testdir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
153
154 # depth1 mangle names
155 smbclient_get_expect_error "dir1/VHXE5P~M" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
156 smbclient_get_expect_error "dir1/VF5SKC~B/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
157 smbclient_get_expect_error "dir1/VF5SKC~B/testdir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
158
159 # depth2
160 smbclient_get_expect_error "dir1/dir2/veto_name_file" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
161 smbclient_get_expect_error "dir1/dir2/veto_name_dir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
162 smbclient_get_expect_error "dir1/dir2/veto_name_dir/testdir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
163
164 # depth2 mangle names
165 smbclient_get_expect_error "dir1/dir2/VHXE5P~M" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
166 smbclient_get_expect_error "dir1/dir2/VF5SKC~B/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
167 smbclient_get_expect_error "dir1/dir2/VF5SKC~B/testdir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
168
169 # depth3
170 smbclient_get_expect_error "dir1/dir2/dir3/veto_name_file" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
171 smbclient_get_expect_error "dir1/dir2/dir3/veto_name_dir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
172 smbclient_get_expect_error "dir1/dir2/dir3/veto_name_dir/testdir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
173
174 # depth3 mangle names
175 smbclient_get_expect_error "dir1/dir2/dir3/VHXE5P~M" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
176 smbclient_get_expect_error "dir1/dir2/dir3/VF5SKC~B/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
177 smbclient_get_expect_error "dir1/dir2/dir3/VF5SKC~B/testdir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
178
179 return 0
180 }
181
182 test_create_veto_file()
183 {
184 # Test creating files
185 smbclient_create_expect_error "veto_name_file" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
186 smbclient_create_expect_error "veto_name_dir/file_inside_dir" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
187 smbclient_create_expect_error "dir1/veto_name_file" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
188
189 return 0
190 }
191
192 test_per_user()
193 {
194 USERNAME=user1
195 smbclient_get_expect_error "dir1/user1file" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
196 smbclient_get_expect_error "dir1/user2file" "NT_STATUS_OK" || return 1
197 smbclient_get_expect_error "dir1/group1file" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
198 smbclient_get_expect_error "dir1/group2file" "NT_STATUS_OK" || return 1
199
200 USERNAME=user2
201 smbclient_get_expect_error "dir1/user1file" "NT_STATUS_OK" || return 1
202 smbclient_get_expect_error "dir1/user2file" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
203 smbclient_get_expect_error "dir1/group1file" "NT_STATUS_OK" || return 1
204 smbclient_get_expect_error "dir1/group2file" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
205
206 return 0
207 }
208
209 do_cleanup
210
211 echo "regular_file" > "${SHAREPATH}/regular_file"
212 echo "hidden_file" > "${SHAREPATH}/.hidden_file"
213
214 test_smbclient "download regular file" \
215 "get regular_file" "//${SERVER}/veto_files_nohidden" \
216 -U"${USERNAME}%${PASSWORD}" ||
217 failed=$((failed + 1))
218 rm -f regular_file
219 test_smbclient_expect_failure "hidden file can't be downloaded" \
220 "get .hidden_file" "//${SERVER}/veto_files_nohidden" \
221 -U"${USERNAME}%${PASSWORD}" ||
222 failed=$((failed + 1))
223 test_smbclient "list files" \
224 "ls" "//${SERVER}/veto_files_nohidden" \
225 -U"${USERNAME}%${PASSWORD}" ||
226 failed=$((failed + 1))
227
228 do_cleanup
229
230 # Using hash2, veto_name_file\"mangle == VHXE5P~M
231 # Using hash2, veto_name_dir\"mangle == VF5SKC~B
232
233 # I think a depth of 3 should be enough.
234 # toplevel
235 touch "$SHAREPATH/veto_name_file"
236 mkdir "$SHAREPATH/veto_name_dir"
237 touch "$SHAREPATH/veto_name_dir/file_inside_dir"
238 mkdir "$SHAREPATH/veto_name_dir/testdir"
239 touch "$SHAREPATH/veto_name_dir/testdir/file_inside_dir"
240 # toplevel mangle names.
241 touch "$SHAREPATH/veto_name_file\"mangle"
242 mkdir "$SHAREPATH/veto_name_dir\"mangle"
243 touch "$SHAREPATH/veto_name_dir\"mangle/file_inside_dir"
244 mkdir "$SHAREPATH/veto_name_dir\"mangle/testdir"
245 touch "$SHAREPATH/veto_name_dir\"mangle/testdir/file_inside_dir"
246
247 #depth1
248 mkdir "$SHAREPATH/dir1"
249 touch "$SHAREPATH/dir1/veto_name_file"
250 mkdir "$SHAREPATH/dir1/veto_name_dir"
251 touch "$SHAREPATH/dir1/veto_name_dir/file_inside_dir"
252 mkdir "$SHAREPATH/dir1/veto_name_dir/testdir"
253 touch "$SHAREPATH/dir1/veto_name_dir/testdir/file_inside_dir"
254 # depth1 mangle names.
255 touch "$SHAREPATH/dir1/veto_name_file\"mangle"
256 mkdir "$SHAREPATH/dir1/veto_name_dir\"mangle"
257 touch "$SHAREPATH/dir1/veto_name_dir\"mangle/file_inside_dir"
258 mkdir "$SHAREPATH/dir1/veto_name_dir\"mangle/testdir"
259 touch "$SHAREPATH/dir1/veto_name_dir\"mangle/testdir/file_inside_dir"
260
261 #depth2
262 mkdir "$SHAREPATH/dir1/dir2"
263 touch "$SHAREPATH/dir1/dir2/veto_name_file"
264 mkdir "$SHAREPATH/dir1/dir2/veto_name_dir"
265 touch "$SHAREPATH/dir1/dir2/veto_name_dir/file_inside_dir"
266 mkdir "$SHAREPATH/dir1/dir2/veto_name_dir/testdir"
267 touch "$SHAREPATH/dir1/dir2/veto_name_dir/testdir/file_inside_dir"
268 # depth2 mangle names.
269 touch "$SHAREPATH/dir1/dir2/veto_name_file\"mangle"
270 mkdir "$SHAREPATH/dir1/dir2/veto_name_dir\"mangle"
271 touch "$SHAREPATH/dir1/dir2/veto_name_dir\"mangle/file_inside_dir"
272 mkdir "$SHAREPATH/dir1/dir2/veto_name_dir\"mangle/testdir"
273 touch "$SHAREPATH/dir1/dir2/veto_name_dir\"mangle/testdir/file_inside_dir"
274
275 #depth3
276 mkdir "$SHAREPATH/dir1/dir2/dir3"
277 touch "$SHAREPATH/dir1/dir2/dir3/veto_name_file"
278 mkdir "$SHAREPATH/dir1/dir2/dir3/veto_name_dir"
279 touch "$SHAREPATH/dir1/dir2/dir3/veto_name_dir/file_inside_dir"
280 mkdir "$SHAREPATH/dir1/dir2/dir3/veto_name_dir/testdir"
281 touch "$SHAREPATH/dir1/dir2/dir3/veto_name_dir/testdir/file_inside_dir"
282 # depth3 mangle names.
283 touch "$SHAREPATH/dir1/dir2/dir3/veto_name_file\"mangle"
284 mkdir "$SHAREPATH/dir1/dir2/dir3/veto_name_dir\"mangle"
285 touch "$SHAREPATH/dir1/dir2/dir3/veto_name_dir\"mangle/file_inside_dir"
286 mkdir "$SHAREPATH/dir1/dir2/dir3/veto_name_dir\"mangle/testdir"
287 touch "$SHAREPATH/dir1/dir2/dir3/veto_name_dir\"mangle/testdir/file_inside_dir"
288
289 # testfiles for per-user feature
290 touch "$SHAREPATH/dir1/user1file"
291 touch "$SHAREPATH/dir1/user2file"
292 touch "$SHAREPATH/dir1/group1file"
293 touch "$SHAREPATH/dir1/group2file"
294
295 testit "create_veto_file" test_create_veto_file || failed=$((failed + 1))
296 testit "get_veto_file" test_get_veto_file || failed=$(("$failed" + 1))
297 testit "per-user" test_per_user || failed=$(("$failed" + 1))
298
299 do_cleanup
300
301 cd "${PREFIX_ABS}" && rm -rf ${TMPDIR}
302
303 exit "$failed"
GSS-enabled samba4