1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-06 13:18:07 +03:00
samba-mirror/source3/rpc_client
Ralph Boehme a84244705d CVE-2023-34968: mdscli: return share relative paths
The next commit will change the Samba Spotlight server to return absolute paths
that start with the sharename as "/SHARENAME/..." followed by the share path
relative appended.

So given a share

  [spotlight]
    path = /foo/bar
    spotlight = yes

and a file inside this share with a full path of

  /foo/bar/dir/file

previously a search that matched this file would returns the absolute
server-side pato of the file, ie

  /foo/bar/dir/file

This will be change to

  /spotlight/dir/file

As currently the mdscli library and hence the mdsearch tool print out these
paths returned from the server, we have to change the output to accomodate these
fake paths. The only way to do this sensibly is by makeing the paths relative to
the containing share, so just

  dir/file

in the example above.

The client learns about the share root path prefix – real server-side of fake in
the future – in an initial handshake in the "share_path" out argument of the
mdssvc_open() RPC call, so the client can use this path to convert the absolute
path to relative.

There is however an additional twist: the macOS Spotlight server prefixes this
absolute path with another prefix, typically "/System/Volumes/Data", so in the
example above the full path for the same search would be

  /System/Volumes/Data/foo/bar/dir/file

So macOS does return the full server-side path too, just prefixed with an
additional path. This path prefixed can be queried by the client in the
mdssvc_cmd() RPC call with an Spotlight command of "fetchPropertiesForContext:"
and the path is returned in a dictionary with key "kMDSStorePathScopes". Samba
just returns "/" for this.

Currently the mdscli library doesn't issue this Spotlight RPC
request (fetchPropertiesForContext), so this is added in this commit. In the
end, all search result paths are stripped of the combined prefix

  kMDSStorePathScopes + share_path (from mdssvc_open).

eg

  kMDSStorePathScopes = /System/Volumes/Data
  share_path = /foo/bar
  search result = /System/Volumes/Data/foo/bar/dir/file
  relative path returned by mdscli = dir/file

Makes sense? :)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-07-14 15:12:34 +02:00
..
cli_lsarpc.c rpc_client: Save a few lines with direct struct initialization 2021-03-09 22:36:28 +00:00
cli_lsarpc.h s3:rpc_client: pass down lsa_LookupNamesLevel to dcerpc_lsa_lookup_sids_generic() 2018-02-10 08:35:16 +01:00
cli_mdssvc_private.h CVE-2023-34968: mdscli: return share relative paths 2023-07-14 15:12:34 +02:00
cli_mdssvc_util.c CVE-2023-34968: mdscli: return share relative paths 2023-07-14 15:12:34 +02:00
cli_mdssvc_util.h CVE-2023-34968: mdscli: return share relative paths 2023-07-14 15:12:34 +02:00
cli_mdssvc.c CVE-2023-34968: mdscli: return share relative paths 2023-07-14 15:12:34 +02:00
cli_mdssvc.h s3:rpc_client: add a mdssvc client library 2019-10-09 14:35:28 +00:00
cli_netlogon.c CVE-2022-38023 libcli/auth: pass lp_ctx to netlogon_creds_cli_set_global_db() 2022-12-13 13:07:29 +00:00
cli_netlogon.h s3:winbind: Pass the challenge to winbind_dual_SamLogon() as a data blob 2022-04-30 00:10:34 +00:00
cli_pipe_schannel.c s3:rpc_client: Pass remote name and socket to cli_rpc_pipe_open_schannel_with_creds() 2021-12-02 13:59:31 +00:00
cli_pipe.c librpc: Make rpc_pipe_open_np() public and async 2023-03-08 10:15:08 +00:00
cli_pipe.h librpc: Make rpc_pipe_open_np() public and async 2023-03-08 10:15:08 +00:00
cli_samr.c s3:rpc_client: Implement dcerpc_samr_chgpasswd_user4() 2022-07-28 11:51:29 +00:00
cli_samr.h s3:rpc_client: Implement dcerpc_samr_chgpasswd_user4() 2022-07-28 11:51:29 +00:00
cli_spoolss.c s3-spoolss: Make spoolss client os_major,os_minor and os_build configurable. 2018-09-08 01:43:27 +02:00
cli_spoolss.h
cli_winreg_int.c rpcclient: Fix a DBG msg: This is not dcerpc_winreg_int_openkey() 2021-03-16 17:09:32 +00:00
cli_winreg_int.h
cli_winreg_spoolss.c lib;smbd: Fix the -Os build by initializing variables 2021-08-06 17:22:30 +00:00
cli_winreg_spoolss.h rpc_client: cli_winreg_spoolss.h references spoolss structs 2021-03-24 21:28:48 +00:00
cli_winreg.c rpc_client: talloc_stackframe() aborts on failure 2021-04-19 18:18:31 +00:00
cli_winreg.h spell "recursive" 2019-04-05 04:41:25 +00:00
init_lsa.c
init_lsa.h
init_samr.c s3:rpcclient: Pass salt down to init_samr_CryptPasswordAES() 2022-10-25 09:34:33 +00:00
init_samr.h s3:rpcclient: Pass salt down to init_samr_CryptPasswordAES() 2022-10-25 09:34:33 +00:00
init_spoolss.c s3-rpc_client: Advertise Windows 7 client info 2018-09-08 01:43:27 +02:00
init_spoolss.h s3-spoolss: Make spoolss client os_major,os_minor and os_build configurable. 2018-09-08 01:43:27 +02:00
local_np.c rpc_server3: Pass winbind_env_set() state through to rpcd_* 2023-05-26 13:29:20 +00:00
local_np.h s3:rpc_client: Add local_np_connect() 2021-12-10 14:02:30 +00:00
py_mdscli.c Fix clang 9 missing-field-initializer warnings 2020-05-08 09:31:31 +00:00
rpc_client.h
rpc_transport_np.c librpc: Remove unused sync rpc_transport_np_init() 2023-03-08 10:15:08 +00:00
rpc_transport_sock.c
rpc_transport_tstream.c rpc_client: Replace ZERO_STRUCTP with struct assignment 2021-08-06 17:22:30 +00:00
rpc_transport.h librpc: Remove unused sync rpc_transport_np_init() 2023-03-08 10:15:08 +00:00
util_netlogon.c s3:rpc_client: Fix memory allocation hierarchy 2022-04-30 00:10:34 +00:00
util_netlogon.h s3-rpc_client: add copy_netr_DsRGetDCNameInfo() helper 2021-07-14 16:49:30 +00:00