From 987a2453cb83d7833ab26dc103881def745e072c Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Wed, 19 Apr 2023 20:45:52 +0200 Subject: [PATCH 1/3] s3:tests: Create a temporary directory for test_veto_files.sh BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360 Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison (cherry picked from commit b5a66840e3057cbff85fe6cd231310c4a9cfb34b) --- source3/script/tests/test_veto_files.sh | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/source3/script/tests/test_veto_files.sh b/source3/script/tests/test_veto_files.sh index 5ecfb53b8a4..e246e864b32 100755 --- a/source3/script/tests/test_veto_files.sh +++ b/source3/script/tests/test_veto_files.sh @@ -29,6 +29,10 @@ incdir=$(dirname "$0")/../../../testprogs/blackbox failed=0 +TMPDIR=${PREFIX_ABS}/$(basename "${0}") +mkdir -p "${TMPDIR}" || exit 1 +cd "${TMPDIR}" || exit 1 + # # Cleanup function. # @@ -51,7 +55,7 @@ smbclient_get_expect_error() { filename1="$1" expected_error="$2" - tmpfile=$PREFIX/smbclient_interactive_prompt_commands + tmpfile=${TMPDIR}/smbclient_interactive_prompt_commands cat >"$tmpfile" <"$tmpfile" < Date: Wed, 19 Apr 2023 15:35:47 +0200 Subject: [PATCH 2/3] s3:tests: Add test that veto files works for hidden files BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360 Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison (cherry picked from commit a2acbd3f3cff8d1cac63acdead4b7be14a7092b2) --- selftest/knownfail.d/veto_files | 1 + selftest/target/Samba3.pm | 4 ++++ source3/script/tests/test_veto_files.sh | 25 +++++++++++++++++++++++++ 3 files changed, 30 insertions(+) create mode 100644 selftest/knownfail.d/veto_files diff --git a/selftest/knownfail.d/veto_files b/selftest/knownfail.d/veto_files new file mode 100644 index 00000000000..be28da859b7 --- /dev/null +++ b/selftest/knownfail.d/veto_files @@ -0,0 +1 @@ +^samba3.blackbox.test_veto_files.list.files.fileserver diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index f9c732284c2..9c590547c94 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -1974,6 +1974,10 @@ sub setup_fileserver path = $veto_sharedir delete veto files = yes +[veto_files_nohidden] + path = $veto_sharedir + veto files = /.*/ + [veto_files] path = $veto_sharedir veto files = /veto_name*/ diff --git a/source3/script/tests/test_veto_files.sh b/source3/script/tests/test_veto_files.sh index e246e864b32..201883ee330 100755 --- a/source3/script/tests/test_veto_files.sh +++ b/source3/script/tests/test_veto_files.sh @@ -22,10 +22,14 @@ SHAREPATH=${5} SMBCLIENT=${6} shift 6 SMBCLIENT="$VALGRIND ${SMBCLIENT}" +# Used by test_smbclient() +# shellcheck disable=2034 +smbclient="$VALGRIND ${SMBCLIENT}" ADDARGS="$@" incdir=$(dirname "$0")/../../../testprogs/blackbox . "$incdir"/subunit.sh +. "${incdir}/common_test_fns.inc" failed=0 @@ -45,6 +49,8 @@ do_cleanup() rm -rf "$SHAREPATH/veto_name_dir\"mangle" rm -f "$SHAREPATH/veto_name_file" rm -f "$SHAREPATH/veto_name_file\"mangle" + rm -f "${SHAREPATH}/regular_file" + rm -f "${SHAREPATH}/.hidden_file" ) } @@ -185,6 +191,25 @@ test_create_veto_file() do_cleanup +echo "regular_file" > "${SHAREPATH}/regular_file" +echo "hidden_file" > "${SHAREPATH}/.hidden_file" + +test_smbclient "download regular file" \ + "get regular_file" "//${SERVER}/veto_files_nohidden" \ + -U"${USERNAME}%${PASSWORD}" || + failed=$((failed + 1)) +rm -f regular_file +test_smbclient_expect_failure "hidden file can't be downloaded" \ + "get .hidden_file" "//${SERVER}/veto_files_nohidden" \ + -U"${USERNAME}%${PASSWORD}" || + failed=$((failed + 1)) +test_smbclient "list files" \ + "ls" "//${SERVER}/veto_files_nohidden" \ + -U"${USERNAME}%${PASSWORD}" || + failed=$((failed + 1)) + +do_cleanup + # Using hash2, veto_name_file\"mangle == VHXE5P~M # Using hash2, veto_name_dir\"mangle == VF5SKC~B -- 2.40.0 From 9d8597fb41fe1dfdaa68cc63eb399b1434d85636 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Wed, 19 Apr 2023 16:23:10 +0200 Subject: [PATCH 3/3] s3:lib: Do not try to match '.' and '..' directories in is_in_path() This fixes setting veto files to '.*' to not list hidden files and directories starting with a dot. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360 Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison (cherry picked from commit 9eb44306623fc4897b373b04763e475f696ab92d) --- selftest/knownfail.d/veto_files | 1 - source3/lib/util.c | 5 +++++ 2 files changed, 5 insertions(+), 1 deletion(-) delete mode 100644 selftest/knownfail.d/veto_files diff --git a/selftest/knownfail.d/veto_files b/selftest/knownfail.d/veto_files deleted file mode 100644 index be28da859b7..00000000000 --- a/selftest/knownfail.d/veto_files +++ /dev/null @@ -1 +0,0 @@ -^samba3.blackbox.test_veto_files.list.files.fileserver diff --git a/source3/lib/util.c b/source3/lib/util.c index 912ce1d3004..919dbcf68c5 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -748,6 +748,11 @@ bool is_in_path(const char *name, name_compare_entry *namelist, bool case_sensit return False; } + /* Do not reject path components if namelist is set to '.*' */ + if (ISDOT(name) || ISDOTDOT(name)) { + return false; + } + DEBUG(8, ("is_in_path: %s\n", name)); /* Get the last component of the unix name. */ -- 2.40.0