72 lines
3.1 KiB
Diff
72 lines
3.1 KiB
Diff
From 8ad21108f88be4fcabc1919757eed2ed06c06fba Mon Sep 17 00:00:00 2001
|
|
From: Andrew Bartlett <abartlet@samba.org>
|
|
Date: Mon, 7 Aug 2023 11:55:55 +1200
|
|
Subject: [PATCH 17/28] CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests
|
|
twice
|
|
|
|
To re-use setup code, the super-class must have no test_*() methods
|
|
otherwise these will be run as well as the class-local tests.
|
|
|
|
We rename tests that would otherwise have duplicate names
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
|
|
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
Conflict: NA
|
|
Reference: https://download.samba.org/pub/samba/patches/security/samba-4.18.8-security-2023-10-10.patch
|
|
[PATCH 17/28] CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests
|
|
twice
|
|
---
|
|
selftest/knownfail | 2 +-
|
|
source4/dsdb/tests/python/dirsync.py | 7 ++-----
|
|
2 files changed, 3 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/selftest/knownfail b/selftest/knownfail
|
|
index c6e0a242ecb..f1768a270b5 100644
|
|
--- a/selftest/knownfail
|
|
+++ b/selftest/knownfail
|
|
@@ -151,7 +151,7 @@
|
|
^samba4.smb2.acls.*.inheritflags
|
|
^samba4.smb2.acls.*.owner
|
|
^samba4.smb2.acls.*.ACCESSBASED
|
|
-^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.ExtendedDirsyncTests.test_dirsync_deleted_items
|
|
+^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.SimpleDirsyncTests.test_dirsync_deleted_items_OBJECT_SECURITY
|
|
#^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.ExtendedDirsyncTests.*
|
|
^samba4.libsmbclient.opendir.(NT1|SMB3).opendir # This requires netbios browsing
|
|
^samba4.rpc.drsuapi.*.drsuapi.DsGetDomainControllerInfo\(.*\)$
|
|
diff --git a/source4/dsdb/tests/python/dirsync.py b/source4/dsdb/tests/python/dirsync.py
|
|
index ca0947e2d21..ad136b7efee 100755
|
|
--- a/source4/dsdb/tests/python/dirsync.py
|
|
+++ b/source4/dsdb/tests/python/dirsync.py
|
|
@@ -458,7 +458,7 @@ class SimpleDirsyncTests(DirsyncBaseTests):
|
|
self.assertTrue(res[0].get("name") is not None)
|
|
delete_force(self.ldb_admin, ouname)
|
|
|
|
- def test_dirsync_linkedattributes(self):
|
|
+ def test_dirsync_linkedattributes_OBJECT_SECURITY(self):
|
|
"""Check that dirsync returned deleted objects too"""
|
|
# Let's search for members
|
|
self.ldb_simple = self.get_ldb_connection(self.simple_user, self.user_pass)
|
|
@@ -585,9 +585,6 @@ class SimpleDirsyncTests(DirsyncBaseTests):
|
|
expression="(&(objectClass=organizationalUnit)(!(isDeleted=*)))",
|
|
controls=controls)
|
|
|
|
-
|
|
-class ExtendedDirsyncTests(SimpleDirsyncTests):
|
|
-
|
|
def test_dirsync_linkedattributes_range(self):
|
|
self.ldb_simple = self.get_ldb_connection(self.simple_user, self.user_pass)
|
|
res = self.ldb_admin.search(self.base_dn,
|
|
@@ -711,7 +708,7 @@ class ExtendedDirsyncTests(SimpleDirsyncTests):
|
|
self.assertIn(b"<GUID=", resEX0[0]["member"][0])
|
|
self.assertIn(b">;<SID=010500000000000515", resEX0[0]["member"][0])
|
|
|
|
- def test_dirsync_deleted_items(self):
|
|
+ def test_dirsync_deleted_items_OBJECT_SECURITY(self):
|
|
"""Check that dirsync returned deleted objects too"""
|
|
# Let's create an OU
|
|
self.ldb_simple = self.get_ldb_connection(self.simple_user, self.user_pass)
|
|
--
|
|
2.34.1
|