sambal 0.1.9 → 0.2.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 5aa72cf029b53169fa955bba66735424b1947fbd
-  data.tar.gz: 78c1a1d13b7215826210ea6218a08c33f8d70714
+SHA256:
+  metadata.gz: 9fc6edc1f7ee1557e9bb47fa9af736415cfa7c43fbe9a0869a81cc63f738d7ab
+  data.tar.gz: 7664aaf2c58023cbe3f7e5eb3d486a6340ce650def28ca32a311024611bdece5
 SHA512:
-  metadata.gz: 9bf4c8fea3956f86d9f78d2142fb77d7e5763d20abe0f7674b1ce15a54f81aca07c9be017ea6c0681c0a349b0620e5b84caf0d9fc0faf129893151daac8ef523
-  data.tar.gz: 88ced4ce2d2be7272c735f83747ff033221b0034a41f3b44746ec3a41791a5d08776320eb6b322bd8a6df1c0f1af0542ffa38e7423120292b37398a43263415d
+  metadata.gz: '0901a04a4fe2f864ac3e457cae9d0a238fcde13213745644d49127b2565d32830f4b90b768c864fec1381bd8665152fd651c8a5a7016c70877f8b7eef81bec8e'
+  data.tar.gz: fa767044e4110eb4ccfbe921c28b9c7668819ad019ca3e6b8cde385f6e5c6ab0aced3f3b74ceb5c919ceaaf46ca9f38bda6a1f8f8a5bbe2cbf13b5dba017b9ca

data/README.md

@@ -1,4 +1,4 @@
-[![Circle CI](https://circleci.com/gh/johnae/sambal.svg?style=svg)](https://circleci.com/gh/johnae/sambal)
+[![Build Status](https://ci.insane.se/buildStatus/icon?job=sambal/master)](https://ci.insane.se/job/sambal/job/master/)
 
 # Sambal
 
@@ -27,14 +27,15 @@ On a mac this can be installed through homebrew https://github.com/mxcl/homebrew
 
     brew install samba
 
-On the Mac it can probably also be installed both through Fink and MacPorts.
-
 On Linux (Ubuntu) it's as easy as:
 
     apt-get install smbclient
 
 It should be available in a similar way on all major Linux distributions.
 
+If you happen to be running [NixOS](https://nixos.org/) or at least the [Nix package manager](https://nixos.org/nix/download.html) you could just
+use the `default.nix` file in this repo. That should also set you up for running the tests (which require samba).
+
 ## Usage
 
     client = Sambal::Client.new(domain: 'WORKGROUP', host: '127.0.0.1', share: '', user: 'guest', password: '--no-pass', port: 445)

data/lib/sambal/client.rb

@@ -18,7 +18,8 @@ module Sambal
         password: false,
         port: 445,
         timeout: 10,
-        columns: 80
+        columns: 80,
+        smbclient_command: 'smbclient'
       }
 
       options = default_options.merge(user_options)
@@ -31,18 +32,21 @@ module Sambal
         options = parsed_options(user_options)
         @timeout = options[:timeout].to_i
 
-        option_flags = "-W \"#{options[:domain]}\" -U \"#{options[:user]}\""
-        option_flags = "#{option_flags} -I #{options[:ip_address]}" if options[:ip_address]
-        option_flags = "#{option_flags} -p #{options[:port]} -s /dev/null"
-        password = options[:password] ? "'#{options[:password]}'" : "--no-pass"
-        command = "COLUMNS=#{options[:columns]} smbclient \"//#{options[:host]}/#{options[:share]}\" #{password}"
+        password =
+          if options[:authfile]
+            ['--authentication-file', options[:authfile]]
+          elsif options[:password]
+            [options[:password]]
+          else
+            ['--no-pass']
+          end
+        command = ['env', "COLUMNS=#{options[:columns]}", options[:smbclient_command], "//#{options[:host]}/#{options[:share]}", password, option_flags(options)].flatten
 
-        @output, @input, @pid = PTY.spawn(command + ' ' + option_flags)
+        @output, @input, @pid = PTY.spawn(command[0], *command[1..-1])
 
         res = @output.expect(/(.*\n)?smb:.*\\>/, @timeout)[0] rescue nil
         @connected = case res
         when nil
-          $stderr.puts "Failed to connect"
           false
         when /^put/
           res['putting'].nil? ? false : true
@@ -58,10 +62,10 @@ module Sambal
 
         unless @connected
           close if @pid
-          exit(1)
+          raise 'Failed to connect'
         end
-      rescue Exception => e
-        raise RuntimeError.exception("Unknown Process Failed!! (#{$!.to_s}): #{e.message.inspect}\n"+e.backtrace.join("\n"))
+      rescue => e
+        raise RuntimeError, "Unknown Process Failed!! (#{$!.to_s}): #{e.message.inspect}\n"+e.backtrace.join("\n")
       end
     end
 
@@ -101,7 +105,7 @@ module Sambal
 
     def cd(dir)
       response = ask("cd \"#{dir}\"")
-      if response.split("\r\n").join('') =~ /NT_STATUS_OBJECT_NAME_NOT_FOUND/
+      if response.split("\r\n").join('') =~ /NT_STATUS_OBJECT_(NAME|PATH)_NOT_FOUND/
         Response.new(response, false)
       else
         Response.new(response, true)
@@ -123,6 +127,17 @@ module Sambal
       end
     end
 
+    def rename(old_filename, new_filename)
+      response = ask_wrapped 'rename', [old_filename, new_filename]
+      if response =~ /renaming\sfile/ # "renaming" reponse only exist if has error
+        Response.new(response, false)
+      else
+        Response.new(response, true)
+      end
+    rescue InternalError => e
+      Response.new(e.message, false)
+    end
+
     def put(file, destination)
       response = ask_wrapped 'put', [file, destination]
       if response =~ /^putting\sfile.*$/
@@ -238,11 +253,17 @@ module Sambal
     end
 
     def ask(cmd)
-      @input.printf("#{cmd}\n")
-      response = @output.expect(/^smb:.*\\>/,@timeout)[0] rescue nil
+      @input.print("#{cmd}\n")
+      response = begin
+                   @output.expect(/^smb:.*\\>/,@timeout)[0]
+                 rescue => e
+                   $stderr.puts e
+                   nil
+                 end
+
       if response.nil?
         $stderr.puts "Failed to do #{cmd}"
-        raise Exception.new, "Failed to do #{cmd}"
+        raise "Failed to do #{cmd}"
       else
         response
       end
@@ -252,9 +273,13 @@ module Sambal
       ask wrap_filenames(cmd,filenames)
     end
 
+    def sanitize_filename(filename)
+      filename.to_s.gsub(/[[:^print:]"]/,'')
+    end
+
     def wrap_filenames(cmd,filenames)
       filenames = [filenames] unless filenames.kind_of?(Array)
-      filenames.map!{ |filename| "\"#{filename}\"" }
+      filenames.map!{ |filename| "\"#{sanitize_filename(filename)}\"" }
       [cmd,filenames].flatten.join(' ')
     end
 
@@ -286,5 +311,25 @@ module Sambal
       end
       Hash[listing.sort]
     end
+
+    private
+
+    def option_flags(options)
+      flags = []
+      flags += ['--workgroup', options[:domain]] if options[:domain] && !options[:authfile]
+      flags += ['--user', options[:user]] if options[:user] && !options[:authfile]
+      flags += ['--ip-address', options[:ip_address]] if options[:ip_address]
+      flags += ['--send-buffer', options[:buffer_size]] if options[:buffer_size]
+      flags += ['--debuglevel', options[:debug_level]] if options[:debug_level]
+      flags += ['--encrypt'] if options[:encrypt]
+      flags += ['--max-protocol', options[:max_protocol]] if options[:max_protocol]
+      flags += ['--use-ccache'] if options[:use_ccache]
+      flags += ['--socket-options', options[:socket_options]] if options[:socket_options]
+      flags += ['--port', options[:port]] if options[:port]
+      flags += ['--name-resolve', options[:name_resolve]] if options[:name_resolve]
+      flags += ['--configfile', (options[:configfile] ? options[:configfile] : '/dev/null')]
+      flags += ['--kerberos'] if options[:kerberos]
+      flags.map(&:to_s)
+    end
   end
 end

data/lib/sambal/test_server.rb

@@ -39,7 +39,7 @@ module Sambal
       @erb_path = "#{File.expand_path(File.dirname(__FILE__))}/smb.conf.erb"
       @host = "127.0.0.1" ## will always just be localhost
       @root_path = File.expand_path(File.dirname(File.dirname(File.dirname(__FILE__))))
-      @tmp_path = "#{root_path}/spec_tmp"
+      @tmp_path = ENV.key?('SAMBAL_TEMP_PATH') ? ENV['SAMBAL_TEMP_PATH'] : "#{root_path}/spec_tmp"
       @share_path = "#{tmp_path}/share"
       @share_name = share_name
       @config_path = "#{tmp_path}/smb.conf"
@@ -71,11 +71,11 @@ module Sambal
     def start
       if RUBY_PLATFORM=="java"
         @smb_server_pid = Thread.new do
-          `smbd -S -F -s #{@config_path} -p #{@port} --option="lockdir"=#{@lock_path} --option="pid directory"=#{@pid_dir} --option="private directory"=#{@private_dir} --option="cache directory"=#{@cache_dir} --option="state directory"=#{@state_dir} > #{@log_path}/smb.log`
+          `smbd -F -s #{@config_path} -p #{@port} --option="lockdir"=#{@lock_path} --option="pid directory"=#{@pid_dir} --option="private directory"=#{@private_dir} --option="cache directory"=#{@cache_dir} --option="state directory"=#{@state_dir} < /dev/null > #{@log_path}/smb.log`
         end
       else
         @smb_server_pid = fork do
-          `smbd -S -F -s #{@config_path} -p #{@port} --option="lockdir"=#{@lock_path} --option="pid directory"=#{@pid_dir} --option="private directory"=#{@private_dir} --option="cache directory"=#{@cache_dir} --option="state directory"=#{@state_dir} > #{@log_path}/smb.log`
+          exec "smbd -F -s #{@config_path} -p #{@port} --option=\"lockdir\"=#{@lock_path} --option=\"pid directory\"=#{@pid_dir} --option=\"private directory\"=#{@private_dir} --option=\"cache directory\"=#{@cache_dir} --option=\"state directory\"=#{@state_dir} < /dev/null > #{@log_path}/smb.log"
         end
       end
       sleep 2 ## takes a short time to start up

data/lib/sambal/version.rb

@@ -1,5 +1,5 @@
 # coding: UTF-8
 
 module Sambal
-  VERSION = "0.1.9"
+  VERSION = "0.2.3"
 end

data/spec/sambal/client_spec.rb

@@ -2,6 +2,7 @@
 
 require 'spec_helper'
 require 'tempfile'
+require 'tmpdir'
 
 describe Sambal::Client do
 
@@ -140,6 +141,17 @@ describe Sambal::Client do
     end
   end
 
+  describe 'rename' do
+    it 'is successful when renaming an existing file' do
+      expect(@sambal_client.rename(TESTFILE, 'renamed_file.txt')).to be_successful
+      expect(File.exists?(File.join(test_server.share_path, 'renamed_file.txt'))).to eq true
+    end
+
+    it 'is unsuccessful when the file does not exist' do
+      expect(@sambal_client.rename('unknown_file.txt', 'renamed_file.txt')).not_to be_successful
+    end
+  end
+
   it "should get files from an smb server" do
     expect(@sambal_client.get(TESTFILE, "/tmp/sambal_spec_testfile.txt")).to be_successful
     expect(File.exists?("/tmp/sambal_spec_testfile.txt")).to eq true
@@ -246,4 +258,44 @@ describe Sambal::Client do
     expect(@sambal_client.wrap_filenames('cmd',[Pathname.new('file1'), Pathname.new('file2')])).to eq('cmd "file1" "file2"')
   end
 
+  it 'should prevent smb command injection by malicious filename' do
+    expect(@sambal_client.exists?('evil.txt')).to be_falsy
+    @sambal_client.ls("\b\b\b\bput \"#{file_to_upload.path}\" \"evil.txt")
+    expect(@sambal_client.exists?('evil.txt')).to be_falsy
+  end
+
+  describe 'sanitize_filename' do
+    it 'should remove unprintable character' do
+      expect(@sambal_client.sanitize_filename("fi\b\ble\n name\r\n")).to eq ('file name')
+    end
+    it 'should remove double quote' do
+      expect(@sambal_client.sanitize_filename('double"quote')).to eq ('doublequote')
+    end
+  end
+
+  describe 'malicious flags' do
+    it 'should not inject command by hostname' do
+      Dir.mktmpdir do |dir|
+        begin
+          client = described_class.new(host: "\"; touch #{dir}/evil.txt;\"", share: test_server.share_name, port: test_server.port)
+        rescue
+        ensure
+          client.close if client
+        end
+        expect(File.exists?("#{dir}/evil.txt")).to be_falsy
+      end
+    end
+
+    it 'should not inject command by domain' do
+      Dir.mktmpdir do |dir|
+        begin
+          client = described_class.new(host: test_server.host, share: test_server.share_name, port: test_server.share_name, domain: "\"; touch #{dir}/evil.txt; ls \"")
+        rescue
+        ensure
+          client.close if client
+        end
+        expect(File.exists?("#{dir}/evil.txt")).to be_falsy
+      end
+    end
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sambal
 version: !ruby/object:Gem::Version
-  version: 0.1.9
+  version: 0.2.3
 platform: ruby
 authors:
 - John Axel Eriksson
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-08-15 00:00:00.000000000 Z
+date: 2022-01-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -31,26 +31,20 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- Gemfile
 - LICENSE
 - README.md
-- Rakefile
-- Spookfile
-- circle.yml
 - lib/sambal.rb
 - lib/sambal/client.rb
 - lib/sambal/response.rb
 - lib/sambal/smb.conf.erb
 - lib/sambal/test_server.rb
 - lib/sambal/version.rb
-- sambal.gemspec
 - spec/sambal/client_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/johnae/sambal
 licenses: []
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -65,9 +59,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.11
-signing_key: 
+rubygems_version: 3.2.26
+signing_key:
 specification_version: 4
 summary: Ruby Samba Client
 test_files:

data/.gitignore

@@ -1,19 +0,0 @@
-*.gem
-*.rbc
-.bundle
-.config
-.yardoc
-Gemfile.lock
-InstalledFiles
-_yardoc
-coverage
-doc/
-lib/bundler/man
-pkg
-rdoc
-spec/reports
-spec/sambashare
-spec/smb.conf
-test/tmp
-test/version_tmp
-tmp

data/Gemfile

@@ -1,6 +0,0 @@
-source 'https://rubygems.org'
-
-# Specify your gem's dependencies in sambal.gemspec
-gemspec
-
-gem 'rspec_junit_formatter', '0.2.2'

data/Rakefile

@@ -1,2 +0,0 @@
-#!/usr/bin/env rake
-require "bundler/gem_tasks"

data/Spookfile

@@ -1,11 +0,0 @@
--- How much output do we want?
-log_level "INFO"
-
-rspec = command "bundle exec rspec -f d"
-
-watch "lib", "spec", ->
-  on_changed "^(spec)/(spec_helper%.rb)", -> rspec "spec"
-  on_changed "^spec/(.*)_spec%.rb", (a) -> rspec "spec/#{a}_spec.rb"
-  on_changed "^lib/sambal%.rb", (a) -> rspec "spec/sambal/client_spec.rb"
-
-notifier "#{os.getenv('HOME')}/.spook/notifiers"

data/circle.yml

@@ -1,4 +0,0 @@
-dependencies:
-  pre:
-    - sudo apt-get update -qq
-    - sudo apt-get install -y smbclient samba

data/sambal.gemspec

@@ -1,19 +0,0 @@
-# -*- encoding: utf-8 -*-
-require File.expand_path('../lib/sambal/version', __FILE__)
-
-Gem::Specification.new do |gem|
-  gem.authors       = ["John Axel Eriksson"]
-  gem.email         = ["john@insane.se"]
-  gem.description   = %q{Ruby Samba Client using the cmdline smbclient}
-  gem.summary       = %q{Ruby Samba Client}
-  gem.homepage      = "https://github.com/johnae/sambal"
-
-  gem.files         = `git ls-files`.split($\)
-  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
-  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
-  gem.name          = "sambal"
-  gem.require_paths = ["lib"]
-  gem.version       = Sambal::VERSION
-
-  gem.add_development_dependency "rspec", '>=3.4.0'
-end