5 Usage: test_symlink_traversal_smb1.sh SERVER SERVER_IP USERNAME PASSWORD LOCAL_PATH PREFIX SMBCLIENT
17 SMBCLIENT="$VALGRIND ${SMBCLIENT}"
20 incdir=$(dirname "$0")/../../../testprogs/blackbox
21 . "$incdir"/subunit.sh
25 # Do not let deprecated option warnings muck this up
26 SAMBA_DEPRECATED_SUPPRESS=1
27 export SAMBA_DEPRECATED_SUPPRESS
29 # Define the test environment/filenames.
31 share_test_dir="$LOCAL_PATH"
33 # These files/directories will be created.
35 file_outside_share="/tmp/symlink_traverse_test_file.$$"
36 dir_outside_share="/tmp/symlink_traverse_test_dir.$$"
37 file_outside_share_noperms="/tmp/symlink_traverse_test_file_noperm.$$"
38 dir_outside_share_noperms="/tmp/symlink_traverse_test_dir_noperm.$$"
40 # These two objects do not exist.
42 file_outside_share_noexist="/tmp/symlink_traverse_test_noexist.$$"
43 dir_outside_share_noexist="/tmp/symlink_traverse_test_dir_noexist.$$"
52 cd "$share_test_dir" || return
54 rm -f "symlink_noexist"
55 rm -f "symlink_file_outside_share"
56 rm -f "symlink_file_outside_share_noexist"
57 rm -f "symlink_dir_outside_share"
58 rm -f "symlink_dir_outside_share_noexist"
59 rm -f "symlink_file_outside_share_noperms"
60 rm -f "symlink_dir_outside_share_noperms"
63 rm -f "symlink_file_inside_share_noperms"
64 rm -f "file_inside_share_noperms"
65 rm -f "symlink_dir_inside_share_noperms"
66 chmod 755 "dir_inside_share_noperms"
67 rm -rf "dir_inside_share_noperms"
69 rm -f "$file_outside_share"
70 rm -rf "$dir_outside_share"
71 rm -f "$file_outside_share_noperms"
72 rm -rf "$dir_outside_share_noperms"
76 # Ensure we start from a clean slate.
81 # Create the test files/directories/symlinks.
83 # File/directory explicitly outside share.
84 touch "$file_outside_share"
85 mkdir "$dir_outside_share"
86 # File/directory explicitly outside share with permission denied.
87 touch "$file_outside_share_noperms"
88 chmod 0 "$file_outside_share_noperms"
89 mkdir "$dir_outside_share_noperms"
90 chmod 0 "$dir_outside_share_noperms"
92 # Create links to these objects inside the share definition.
95 cd "$share_test_dir" || return
97 ln -s "noexist" "symlink_noexist"
98 ln -s "$file_outside_share" "symlink_file_outside_share"
99 ln -s "$file_outside_share_noexist" "symlink_file_outside_share_noexist"
100 ln -s "$dir_outside_share" "symlink_dir_outside_share"
101 ln -s "$dir_outside_share_noexist" "symlink_dir_outside_share_noexist"
102 ln -s "$file_outside_share_noperms" "symlink_file_outside_share_noperms"
103 ln -s "$dir_outside_share_noperms" "symlink_dir_outside_share_noperms"
105 # Create the identical symlink set underneath "emptydir"
109 cd "emptydir" || return
111 ln -s "noexist" "symlink_noexist"
112 ln -s "$file_outside_share" "symlink_file_outside_share"
113 ln -s "$file_outside_share_noexist" "symlink_file_outside_share_noexist"
114 ln -s "$dir_outside_share" "symlink_dir_outside_share"
115 ln -s "$dir_outside_share_noexist" "symlink_dir_outside_share_noexist"
116 ln -s "$file_outside_share_noperms" "symlink_file_outside_share_noperms"
117 ln -s "$dir_outside_share_noperms" "symlink_dir_outside_share_noperms"
120 # Create symlinks to access denied file and directory
121 # objects within the share
122 touch "file_inside_share_noperms"
123 chmod 0 "file_inside_share_noperms"
124 ln -s "file_inside_share_noperms" "symlink_file_inside_share_noperms"
125 mkdir "dir_inside_share_noperms"
126 touch "dir_inside_share_noperms/noperm_file_exists"
127 chmod 0 "dir_inside_share_noperms"
128 ln -s "dir_inside_share_noperms" "symlink_dir_inside_share_noperms"
132 # smbclient function given command, path, expected error, and posix.
134 smbclient_expect_error()
140 tmpfile=$PREFIX/smbclient_interactive_prompt_commands
141 cat >"$tmpfile" <<EOF
142 $filecmd $filename1 $filename2
145 cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT -U$USERNAME%$PASSWORD //$SERVER/local_symlinks -I$SERVER_IP -mNT1 < $tmpfile 2>&1'
151 if [ $ret != 0 ]; then
153 printf "failed accessing local_symlinks with error %s\n" "$ret"
157 if [ "$expected_error" = "NT_STATUS_OK" ]; then
158 printf "%s" "$out" | grep -v "NT_STATUS_"
160 printf "%s" "$out" | grep "$expected_error"
163 if [ $ret != 0 ]; then
165 printf "failed - should get %s doing \"%s %s %s\"\n" "$expected_error" "$filecmd" "$filename1" "$filename2"
173 test_symlink_traversal_SMB1_onename()
180 smbclient_expect_error "get" "$name" "" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
181 smbclient_expect_error "get" "$name/noexist" "" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
182 smbclient_expect_error "get" "$name/*" "" "NT_STATUS_OBJECT_NAME_INVALID" || return 1
183 smbclient_expect_error "get" "$name/*/noexist" "" "NT_STATUS_OBJECT_NAME_INVALID" || return 1
184 # Now in subdirectory emptydir
185 smbclient_expect_error "get" "emptydir/$name" "" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
186 smbclient_expect_error "get" "emptydir/$name/noexist" "" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
187 smbclient_expect_error "get" "emptydir/$name/*" "" "NT_STATUS_OBJECT_NAME_INVALID" || return 1
188 smbclient_expect_error "get" "emptydir/$name/*/noexist" "" "NT_STATUS_OBJECT_NAME_INVALID" || return 1
192 smbclient_expect_error "ls" "$name" "" "NT_STATUS_NO_SUCH_FILE" || return 1
193 smbclient_expect_error "ls" "$name/noexist" "" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
194 smbclient_expect_error "ls" "$name/*" "" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
195 smbclient_expect_error "ls" "$name/*/noexist" "" "NT_STATUS_OBJECT_NAME_INVALID" || return 1
196 # Now in subdirectory emptydir
197 smbclient_expect_error "ls" "emptydir/$name" "" "NT_STATUS_NO_SUCH_FILE" || return 1
198 smbclient_expect_error "ls" "emptydir/$name/noexist" "" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
199 smbclient_expect_error "ls" "emptydir/$name/*" "" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
200 smbclient_expect_error "ls" "emptydir/$name/*/noexist" "" "NT_STATUS_OBJECT_NAME_INVALID" || return 1
204 # smbclient internally does a cli_list, so we expect similar errors.
206 smbclient_expect_error "del" "$name" "" "NT_STATUS_NO_SUCH_FILE" || return 1
207 smbclient_expect_error "del" "$name/noexist" "" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
208 # Now in subdirectory emptydir
209 smbclient_expect_error "del" "emptydir/$name" "" "NT_STATUS_NO_SUCH_FILE" || return 1
210 smbclient_expect_error "del" "emptydir/$name/noexist" "" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
212 if [ "$do_rename" = "do rename" ]; then
216 smbclient_expect_error "rename" "file_exists" "$name" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
217 smbclient_expect_error "rename" "file_exists" "$name/noexist" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
218 # Now in subdirectory emptydir
219 smbclient_expect_error "rename" "file_exists" "emptydir/$name" "NT_STATUS_OBJECT_NAME_NOT_FOUND" || return 1
220 smbclient_expect_error "rename" "file_exists" "emptydir/$name/noexist" "NT_STATUS_OBJECT_PATH_NOT_FOUND" || return 1
226 # Check error code returns traversing through different
227 # kinds of symlinks over SMB1.
229 test_symlink_traversal_SMB1()
231 test_symlink_traversal_SMB1_onename "symlink_noexist" "no rename" || return 1
232 test_symlink_traversal_SMB1_onename "symlink_file_outside_share" "do rename" || return 1
233 test_symlink_traversal_SMB1_onename "symlink_dir_outside_share" "do rename" || return 1
234 test_symlink_traversal_SMB1_onename "symlink_dir_outside_share_noexist" "no rename" || return 1
235 test_symlink_traversal_SMB1_onename "symlink_file_outside_share_noperms" "do rename" || return 1
236 test_symlink_traversal_SMB1_onename "symlink_dir_outside_share_noperms" "do rename" || return 1
238 # Test paths within share with no permissions.
240 # Can't 'get' file with no perms or a symlink to it.
241 smbclient_expect_error "get" "file_inside_share_noperms" "" "NT_STATUS_ACCESS_DENIED" || return 1
242 smbclient_expect_error "get" "symlink_file_inside_share_noperms" "" "NT_STATUS_ACCESS_DENIED" || return 1
243 # But can list it and the symlink to it.
244 smbclient_expect_error "ls" "file_inside_share_noperms" "" "NT_STATUS_OK" || return 1
245 smbclient_expect_error "ls" "symlink_file_inside_share_noperms" "" "NT_STATUS_OK" || return 1
246 # Can't 'get' file inside a directory with no perms or a symlink to it.
247 smbclient_expect_error "get" "dir_inside_share_noperms/noperm_file_exists" "" "NT_STATUS_ACCESS_DENIED" || return 1
248 smbclient_expect_error "get" "symlink_dir_inside_share_noperms/noperm_file_exists" "" "NT_STATUS_ACCESS_DENIED" || return 1
249 # But can list the directory with no perms and the symlink to it.
250 smbclient_expect_error "ls" "dir_inside_share_noperms" "" "NT_STATUS_OK" || return 1
251 smbclient_expect_error "ls" "symlink_dir_inside_share_noperms" "" "NT_STATUS_OK" || return 1
254 testit "symlink_traversal_SMB1" \
255 test_symlink_traversal_SMB1 ||
256 failed=$((failed + 1))
262 testok "$0" "$failed"