#include "smbd/smbd.h"
#include "system/filesys.h"
#include "lib/util/time.h"
-#include "../lib/crypto/md5.h"
#include "system/shmem.h"
#include "locking/proto.h"
#include "smbd/globals.h"
#include "offload_token.h"
#include "string_replace.h"
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
+
/*
* Enhanced OS X and Netatalk compatibility
* ========================================
bool aapl_zero_file_id;
const char *model;
bool time_machine;
- size_t time_machine_max_size;
+ off_t time_machine_max_size;
+ bool wipe_intentionally_left_blank_rfork;
+ bool delete_empty_adfiles;
/*
* Additional options, all enabled by default,
#define ADEDLEN_VERSION 4
#define ADEDLEN_FILLER 16
#define AD_FILLER_TAG "Netatalk " /* should be 16 bytes */
+#define AD_FILLER_TAG_OSX "Mac OS X " /* should be 16 bytes */
#define ADEDLEN_NENTRIES 2
#define AD_HEADER_LEN (ADEDLEN_MAGIC + ADEDLEN_VERSION + \
ADEDLEN_FILLER + ADEDLEN_NENTRIES) /* 26 */
};
struct adouble {
- vfs_handle_struct *ad_handle;
int ad_fd;
bool ad_opened;
adouble_type_t ad_type;
uint32_t ad_magic;
uint32_t ad_version;
+ uint8_t ad_filler[ADEDLEN_FILLER];
struct ad_entry ad_eid[ADEID_MAX];
char *ad_data;
struct ad_xattr_header adx_header;
{0, 0, 0}
};
-/*
- * Fake AppleDouble entry oder for resource fork xattr. The xattr
- * isn't an AppleDouble file, it simply contains the resource data,
- * but in order to be able to use some API calls like ad_getentryoff()
- * we build a fake/helper struct adouble with this entry order struct.
- */
-static const
-struct ad_entry_order entry_order_rsrc_xattr[ADEID_NUM_RSRC_XATTR + 1] = {
- {ADEID_RFORK, 0, 0},
- {0, 0, 0}
-};
-
/* Conversion from enumerated id to on-disk AppleDouble id */
#define AD_EID_DISK(a) (set_eid[a])
static const uint32_t set_eid[] = {
AD_DEV, AD_INO, AD_SYN, AD_ID
};
+static char empty_resourcefork[] = {
+ 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1E,
+ 0x54, 0x68, 0x69, 0x73, 0x20, 0x72, 0x65, 0x73,
+ 0x6F, 0x75, 0x72, 0x63, 0x65, 0x20, 0x66, 0x6F,
+ 0x72, 0x6B, 0x20, 0x69, 0x6E, 0x74, 0x65, 0x6E,
+ 0x74, 0x69, 0x6F, 0x6E, 0x61, 0x6C, 0x6C, 0x79,
+ 0x20, 0x6C, 0x65, 0x66, 0x74, 0x20, 0x62, 0x6C,
+ 0x61, 0x6E, 0x6B, 0x20, 0x20, 0x20, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1E,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x1C, 0x00, 0x1E, 0xFF, 0xFF
+};
+
struct fio {
/* tcon config handle */
struct fruit_config_data *config;
/* Denote stream type, meta or rsrc */
adouble_type_t type;
+
+ /* Whether the create created the stream */
+ bool created;
+
+ /*
+ * AFP_AfpInfo stream created, but not written yet, thus still a fake
+ * pipe fd. This is set to true in fruit_open_meta if there was no
+ * exisiting stream but the caller requested O_CREAT. It is later set to
+ * false when we get a write on the stream that then does open and
+ * create the stream.
+ */
+ bool fake_fd;
+ int flags;
+ int mode;
};
/*
* Forward declarations
*/
-static struct adouble *ad_init(TALLOC_CTX *ctx, vfs_handle_struct *handle,
+static struct adouble *ad_init(TALLOC_CTX *ctx,
adouble_type_t type);
-static int ad_set(struct adouble *ad, const struct smb_filename *smb_fname);
-static int ad_fset(struct adouble *ad, files_struct *fsp);
+static struct adouble *ad_get(TALLOC_CTX *ctx,
+ vfs_handle_struct *handle,
+ const struct smb_filename *smb_fname,
+ adouble_type_t type);
+static int ad_set(vfs_handle_struct *handle,
+ struct adouble *ad,
+ const struct smb_filename *smb_fname);
+static int ad_fset(struct vfs_handle_struct *handle,
+ struct adouble *ad,
+ files_struct *fsp);
static int adouble_path(TALLOC_CTX *ctx,
const struct smb_filename *smb_fname__in,
struct smb_filename **ppsmb_fname_out);
return false;
}
+ memcpy(ad->ad_filler, ad->ad_data + ADEDOFF_FILLER, ADEDLEN_FILLER);
+
adentries = RSVAL(ad->ad_data, ADEDOFF_NENTRIES);
if (adentries != nentries) {
DEBUG(1, ("invalid number of entries: %zu\n",
return true;
}
-static bool ad_convert_xattr(struct adouble *ad,
+static bool ad_convert_move_reso(struct adouble *ad,
+ const struct smb_filename *smb_fname)
+{
+ char *map = MAP_FAILED;
+ size_t maplen;
+ ssize_t len;
+ int rc;
+ bool ok;
+
+ if (ad_getentrylen(ad, ADEID_RFORK) == 0) {
+ return true;
+ }
+
+ maplen = ad_getentryoff(ad, ADEID_RFORK) +
+ ad_getentrylen(ad, ADEID_RFORK);
+
+ /* FIXME: direct use of mmap(), vfs_aio_fork does it too */
+ map = mmap(NULL, maplen, PROT_READ|PROT_WRITE, MAP_SHARED,
+ ad->ad_fd, 0);
+ if (map == MAP_FAILED) {
+ DBG_ERR("mmap AppleDouble: %s\n", strerror(errno));
+ return false;
+ }
+
+
+ memmove(map + ADEDOFF_RFORK_DOT_UND,
+ map + ad_getentryoff(ad, ADEID_RFORK),
+ ad_getentrylen(ad, ADEID_RFORK));
+
+ rc = munmap(map, maplen);
+ if (rc != 0) {
+ DBG_ERR("munmap failed: %s\n", strerror(errno));
+ return false;
+ }
+
+ ad_setentryoff(ad, ADEID_RFORK, ADEDOFF_RFORK_DOT_UND);
+
+ ok = ad_pack(ad);
+ if (!ok) {
+ DBG_WARNING("ad_pack [%s] failed\n", smb_fname->base_name);
+ return false;
+ }
+
+ len = sys_pwrite(ad->ad_fd, ad->ad_data, AD_DATASZ_DOT_UND, 0);
+ if (len != AD_DATASZ_DOT_UND) {
+ DBG_ERR("%s: bad size: %zd\n", smb_fname->base_name, len);
+ return false;
+ }
+
+ return true;
+}
+
+static bool ad_convert_xattr(vfs_handle_struct *handle,
+ struct adouble *ad,
const struct smb_filename *smb_fname,
- char *map)
+ bool *converted_xattr)
{
static struct char_mappings **string_replace_cmaps = NULL;
+ char *map = MAP_FAILED;
+ size_t maplen;
uint16_t i;
+ ssize_t len;
int saved_errno = 0;
NTSTATUS status;
+ int rc;
+ bool ok;
- if (ad->adx_header.adx_num_attrs == 0) {
+ *converted_xattr = false;
+
+ if (ad_getentrylen(ad, ADEID_FINDERI) == ADEDLEN_FINDERI) {
return true;
}
TALLOC_FREE(mappings);
}
+ maplen = ad_getentryoff(ad, ADEID_RFORK) +
+ ad_getentrylen(ad, ADEID_RFORK);
+
+ /* FIXME: direct use of mmap(), vfs_aio_fork does it too */
+ map = mmap(NULL, maplen, PROT_READ|PROT_WRITE, MAP_SHARED,
+ ad->ad_fd, 0);
+ if (map == MAP_FAILED) {
+ DBG_ERR("mmap AppleDouble: %s\n", strerror(errno));
+ return false;
+ }
+
for (i = 0; i < ad->adx_header.adx_num_attrs; i++) {
struct ad_xattr_entry *e = &ad->adx_entries[i];
char *mapped_name = NULL;
files_struct *fsp = NULL;
ssize_t nwritten;
- status = string_replace_allocate(ad->ad_handle->conn,
+ status = string_replace_allocate(handle->conn,
e->adx_name,
string_replace_cmaps,
talloc_tos(),
!NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED))
{
DBG_ERR("string_replace_allocate failed\n");
- return -1;
+ ok = false;
+ goto fail;
}
tmp = mapped_name;
mapped_name = talloc_asprintf(talloc_tos(), ":%s", tmp);
TALLOC_FREE(tmp);
if (mapped_name == NULL) {
- return -1;
+ ok = false;
+ goto fail;
}
stream_name = synthetic_smb_fname(talloc_tos(),
TALLOC_FREE(mapped_name);
if (stream_name == NULL) {
DBG_ERR("synthetic_smb_fname failed\n");
- return -1;
+ ok = false;
+ goto fail;
}
DBG_DEBUG("stream_name: %s\n", smb_fname_str_dbg(stream_name));
status = SMB_VFS_CREATE_FILE(
- ad->ad_handle->conn, /* conn */
+ handle->conn, /* conn */
NULL, /* req */
0, /* root_dir_fid */
stream_name, /* fname */
TALLOC_FREE(stream_name);
if (!NT_STATUS_IS_OK(status)) {
DBG_ERR("SMB_VFS_CREATE_FILE failed\n");
- return -1;
+ ok = false;
+ goto fail;
}
nwritten = SMB_VFS_PWRITE(fsp,
saved_errno = errno;
close_file(NULL, fsp, ERROR_CLOSE);
errno = saved_errno;
- return -1;
+ ok = false;
+ goto fail;
}
status = close_file(NULL, fsp, NORMAL_CLOSE);
if (!NT_STATUS_IS_OK(status)) {
- return -1;
+ ok = false;
+ goto fail;
}
fsp = NULL;
}
- return true;
-}
-
-/**
- * Convert from Apple's ._ file to Netatalk
- *
- * Apple's AppleDouble may contain a FinderInfo entry longer then 32
- * bytes containing packed xattrs. Netatalk can't deal with that, so
- * we simply discard the packed xattrs.
- *
- * @return -1 in case an error occurred, 0 if no conversion was done, 1
- * otherwise
- **/
-static int ad_convert(struct adouble *ad,
- const struct smb_filename *smb_fname,
- int fd)
-{
- int rc = 0;
- char *map = MAP_FAILED;
- size_t origlen;
- bool ok;
-
- origlen = ad_getentryoff(ad, ADEID_RFORK) +
- ad_getentrylen(ad, ADEID_RFORK);
-
- /* FIXME: direct use of mmap(), vfs_aio_fork does it too */
- map = mmap(NULL, origlen, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0);
- if (map == MAP_FAILED) {
- DEBUG(2, ("mmap AppleDouble: %s\n", strerror(errno)));
- rc = -1;
- goto exit;
- }
+ ad_setentrylen(ad, ADEID_FINDERI, ADEDLEN_FINDERI);
- ok = ad_convert_xattr(ad, smb_fname, map);
+ ok = ad_pack(ad);
if (!ok) {
- munmap(map, origlen);
- return -1;
+ DBG_WARNING("ad_pack [%s] failed\n", smb_fname->base_name);
+ goto fail;
}
- if (ad_getentrylen(ad, ADEID_RFORK) > 0) {
- memmove(map + ad_getentryoff(ad, ADEID_FINDERI) + ADEDLEN_FINDERI,
- map + ad_getentryoff(ad, ADEID_RFORK),
- ad_getentrylen(ad, ADEID_RFORK));
+ len = sys_pwrite(ad->ad_fd, ad->ad_data, AD_DATASZ_DOT_UND, 0);
+ if (len != AD_DATASZ_DOT_UND) {
+ DBG_ERR("%s: bad size: %zd\n", smb_fname->base_name, len);
+ ok = false;
+ goto fail;
}
- ad_setentrylen(ad, ADEID_FINDERI, ADEDLEN_FINDERI);
- ad_setentryoff(ad, ADEID_RFORK,
- ad_getentryoff(ad, ADEID_FINDERI) + ADEDLEN_FINDERI);
+ ok = ad_convert_move_reso(ad, smb_fname);
+ if (!ok) {
+ goto fail;
+ }
- /*
- * FIXME: direct ftruncate(), but we don't have a fsp for the
- * VFS call
- */
- rc = ftruncate(fd, ad_getentryoff(ad, ADEID_RFORK)
- + ad_getentrylen(ad, ADEID_RFORK));
+ *converted_xattr = true;
+ ok = true;
-exit:
- if (map != MAP_FAILED) {
- munmap(map, origlen);
+fail:
+ rc = munmap(map, maplen);
+ if (rc != 0) {
+ DBG_ERR("munmap failed: %s\n", strerror(errno));
+ return false;
}
- return rc;
+
+ return ok;
}
-/**
- * Read and parse Netatalk AppleDouble metadata xattr
- **/
-static ssize_t ad_read_meta(struct adouble *ad,
- const struct smb_filename *smb_fname)
+static bool ad_convert_finderinfo(vfs_handle_struct *handle,
+ struct adouble *ad,
+ const struct smb_filename *smb_fname)
{
- int rc = 0;
- ssize_t ealen;
- bool ok;
-
- DEBUG(10, ("reading meta xattr for %s\n", smb_fname->base_name));
+ char *p_ad = NULL;
+ AfpInfo *ai = NULL;
+ DATA_BLOB aiblob;
+ struct smb_filename *stream_name = NULL;
+ files_struct *fsp = NULL;
+ size_t size;
+ ssize_t nwritten;
+ NTSTATUS status;
+ int saved_errno = 0;
+ int cmp;
- ealen = SMB_VFS_GETXATTR(ad->ad_handle->conn, smb_fname,
- AFPINFO_EA_NETATALK, ad->ad_data,
- AD_DATASZ_XATTR);
- if (ealen == -1) {
- switch (errno) {
- case ENOATTR:
- case ENOENT:
- if (errno == ENOATTR) {
- errno = ENOENT;
- }
- rc = -1;
- goto exit;
- default:
- DEBUG(2, ("error reading meta xattr: %s\n",
- strerror(errno)));
- rc = -1;
- goto exit;
- }
- }
- if (ealen != AD_DATASZ_XATTR) {
- DEBUG(2, ("bad size %zd\n", ealen));
- errno = EINVAL;
- rc = -1;
- goto exit;
+ cmp = memcmp(ad->ad_filler, AD_FILLER_TAG_OSX, ADEDLEN_FILLER);
+ if (cmp != 0) {
+ return true;
}
- /* Now parse entries */
- ok = ad_unpack(ad, ADEID_NUM_XATTR, AD_DATASZ_XATTR);
- if (!ok) {
- DEBUG(2, ("invalid AppleDouble metadata xattr\n"));
- errno = EINVAL;
- rc = -1;
- goto exit;
+ p_ad = ad_get_entry(ad, ADEID_FINDERI);
+ if (p_ad == NULL) {
+ return false;
}
- if (!ad_getentryoff(ad, ADEID_FINDERI)
- || !ad_getentryoff(ad, ADEID_COMMENT)
- || !ad_getentryoff(ad, ADEID_FILEDATESI)
- || !ad_getentryoff(ad, ADEID_AFPFILEI)
- || !ad_getentryoff(ad, ADEID_PRIVDEV)
- || !ad_getentryoff(ad, ADEID_PRIVINO)
- || !ad_getentryoff(ad, ADEID_PRIVSYN)
- || !ad_getentryoff(ad, ADEID_PRIVID)) {
- DEBUG(2, ("invalid AppleDouble metadata xattr\n"));
- errno = EINVAL;
- rc = -1;
- goto exit;
+ ai = afpinfo_new(talloc_tos());
+ if (ai == NULL) {
+ return false;
}
-exit:
- DEBUG(10, ("reading meta xattr for %s, rc: %d\n",
- smb_fname->base_name, rc));
+ memcpy(ai->afpi_FinderInfo, p_ad, ADEDLEN_FINDERI);
- if (rc != 0) {
- ealen = -1;
- if (errno == EINVAL) {
- become_root();
- removexattr(smb_fname->base_name, AFPINFO_EA_NETATALK);
- unbecome_root();
- errno = ENOENT;
- }
+ aiblob = data_blob_talloc(talloc_tos(), NULL, AFP_INFO_SIZE);
+ if (aiblob.data == NULL) {
+ TALLOC_FREE(ai);
+ return false;
}
- return ealen;
-}
-
-static int ad_open_rsrc_xattr(const struct smb_filename *smb_fname,
- int flags,
- mode_t mode)
-{
-#ifdef HAVE_ATTROPEN
- /* FIXME: direct Solaris xattr syscall */
- return attropen(smb_fname->base_name,
- AFPRESOURCE_EA_NETATALK, flags, mode);
-#else
- errno = ENOSYS;
- return -1;
-#endif
-}
-static int ad_open_rsrc_adouble(const struct smb_filename *smb_fname,
- int flags,
- mode_t mode)
-{
- int ret;
- int fd;
- struct smb_filename *adp_smb_fname = NULL;
+ size = afpinfo_pack(ai, (char *)aiblob.data);
+ TALLOC_FREE(ai);
+ if (size != AFP_INFO_SIZE) {
+ return false;
+ }
- ret = adouble_path(talloc_tos(), smb_fname, &adp_smb_fname);
- if (ret != 0) {
- return -1;
+ stream_name = synthetic_smb_fname(talloc_tos(),
+ smb_fname->base_name,
+ AFPINFO_STREAM,
+ NULL,
+ smb_fname->flags);
+ if (stream_name == NULL) {
+ data_blob_free(&aiblob);
+ DBG_ERR("synthetic_smb_fname failed\n");
+ return false;
}
- fd = open(adp_smb_fname->base_name, flags, mode);
- TALLOC_FREE(adp_smb_fname);
+ DBG_DEBUG("stream_name: %s\n", smb_fname_str_dbg(stream_name));
- return fd;
+ status = SMB_VFS_CREATE_FILE(
+ handle->conn, /* conn */
+ NULL, /* req */
+ 0, /* root_dir_fid */
+ stream_name, /* fname */
+ FILE_GENERIC_WRITE, /* access_mask */
+ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
+ FILE_OPEN_IF, /* create_disposition */
+ 0, /* create_options */
+ 0, /* file_attributes */
+ INTERNAL_OPEN_ONLY, /* oplock_request */
+ NULL, /* lease */
+ 0, /* allocation_size */
+ 0, /* private_flags */
+ NULL, /* sd */
+ NULL, /* ea_list */
+ &fsp, /* result */
+ NULL, /* psbuf */
+ NULL, NULL); /* create context */
+ TALLOC_FREE(stream_name);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_ERR("SMB_VFS_CREATE_FILE failed\n");
+ return false;
+ }
+
+ nwritten = SMB_VFS_PWRITE(fsp,
+ aiblob.data,
+ aiblob.length,
+ 0);
+ if (nwritten == -1) {
+ DBG_ERR("SMB_VFS_PWRITE failed\n");
+ saved_errno = errno;
+ close_file(NULL, fsp, ERROR_CLOSE);
+ errno = saved_errno;
+ return false;
+ }
+
+ status = close_file(NULL, fsp, NORMAL_CLOSE);
+ if (!NT_STATUS_IS_OK(status)) {
+ return false;
+ }
+ fsp = NULL;
+
+ return true;
}
-static int ad_open_rsrc(vfs_handle_struct *handle,
- const struct smb_filename *smb_fname,
- int flags,
- mode_t mode)
+static bool ad_convert_truncate(struct adouble *ad,
+ const struct smb_filename *smb_fname)
+{
+ int rc;
+
+ /*
+ * FIXME: direct ftruncate(), but we don't have a fsp for the
+ * VFS call
+ */
+ rc = ftruncate(ad->ad_fd, ADEDOFF_RFORK_DOT_UND +
+ ad_getentrylen(ad, ADEID_RFORK));
+ if (rc != 0) {
+ return false;
+ }
+
+ return true;
+}
+
+static bool ad_convert_blank_rfork(vfs_handle_struct *handle,
+ struct adouble *ad,
+ bool *blank)
{
struct fruit_config_data *config = NULL;
- int fd;
+ uint8_t *map = MAP_FAILED;
+ size_t maplen;
+ int cmp;
+ ssize_t len;
+ int rc;
+ bool ok;
+
+ *blank = false;
SMB_VFS_HANDLE_GET_DATA(handle, config,
- struct fruit_config_data, return -1);
+ struct fruit_config_data, return false);
- if (config->rsrc == FRUIT_RSRC_XATTR) {
- fd = ad_open_rsrc_xattr(smb_fname, flags, mode);
- } else {
- fd = ad_open_rsrc_adouble(smb_fname, flags, mode);
+ if (!config->wipe_intentionally_left_blank_rfork) {
+ return true;
+ }
+
+ if (ad_getentrylen(ad, ADEID_RFORK) != sizeof(empty_resourcefork)) {
+ return true;
+ }
+
+ maplen = ad_getentryoff(ad, ADEID_RFORK) +
+ ad_getentrylen(ad, ADEID_RFORK);
+
+ /* FIXME: direct use of mmap(), vfs_aio_fork does it too */
+ map = mmap(NULL, maplen, PROT_READ|PROT_WRITE, MAP_SHARED,
+ ad->ad_fd, 0);
+ if (map == MAP_FAILED) {
+ DBG_ERR("mmap AppleDouble: %s\n", strerror(errno));
+ return false;
+ }
+
+ cmp = memcmp(map + ADEDOFF_RFORK_DOT_UND,
+ empty_resourcefork,
+ sizeof(empty_resourcefork));
+ rc = munmap(map, maplen);
+ if (rc != 0) {
+ DBG_ERR("munmap failed: %s\n", strerror(errno));
+ return false;
+ }
+
+ if (cmp != 0) {
+ return true;
+ }
+
+ ad_setentrylen(ad, ADEID_RFORK, 0);
+
+ ok = ad_pack(ad);
+ if (!ok) {
+ return false;
+ }
+
+ len = sys_pwrite(ad->ad_fd, ad->ad_data, AD_DATASZ_DOT_UND, 0);
+ if (len != AD_DATASZ_DOT_UND) {
+ return false;
+ }
+
+ *blank = true;
+ return true;
+}
+
+static bool ad_convert_delete_adfile(vfs_handle_struct *handle,
+ struct adouble *ad,
+ const struct smb_filename *smb_fname)
+{
+ struct fruit_config_data *config = NULL;
+ struct smb_filename *ad_name = NULL;
+ int rc;
+
+ if (ad_getentrylen(ad, ADEID_RFORK) > 0) {
+ return true;
+ }
+
+ SMB_VFS_HANDLE_GET_DATA(handle, config,
+ struct fruit_config_data, return false);
+
+ if (!config->delete_empty_adfiles) {
+ return true;
+ }
+
+ rc = adouble_path(talloc_tos(), smb_fname, &ad_name);
+ if (rc != 0) {
+ return false;
+ }
+
+ rc = SMB_VFS_NEXT_UNLINK(handle, ad_name);
+ if (rc != 0) {
+ DBG_ERR("Unlinking [%s] failed: %s\n",
+ smb_fname_str_dbg(ad_name), strerror(errno));
+ TALLOC_FREE(ad_name);
+ return false;
+ }
+
+ DBG_WARNING("Unlinked [%s] after conversion\n", smb_fname_str_dbg(ad_name));
+ TALLOC_FREE(ad_name);
+
+ return true;
+}
+
+/**
+ * Convert from Apple's ._ file to Netatalk
+ *
+ * Apple's AppleDouble may contain a FinderInfo entry longer then 32
+ * bytes containing packed xattrs.
+ *
+ * @return -1 in case an error occurred, 0 if no conversion was done, 1
+ * otherwise
+ **/
+static int ad_convert(struct vfs_handle_struct *handle,
+ const struct smb_filename *smb_fname)
+{
+ struct adouble *ad = NULL;
+ bool ok;
+ bool converted_xattr = false;
+ bool blank;
+ int ret;
+
+ ad = ad_get(talloc_tos(), handle, smb_fname, ADOUBLE_RSRC);
+ if (ad == NULL) {
+ return 0;
+ }
+
+ ok = ad_convert_xattr(handle, ad, smb_fname, &converted_xattr);
+ if (!ok) {
+ ret = -1;
+ goto done;
+ }
+
+ ok = ad_convert_blank_rfork(handle, ad, &blank);
+ if (!ok) {
+ ret = -1;
+ goto done;
+ }
+
+ if (converted_xattr || blank) {
+ ok = ad_convert_truncate(ad, smb_fname);
+ if (!ok) {
+ ret = -1;
+ goto done;
+ }
+ }
+
+ ok = ad_convert_finderinfo(handle, ad, smb_fname);
+ if (!ok) {
+ DBG_ERR("Failed to convert [%s]\n",
+ smb_fname_str_dbg(smb_fname));
+ ret = -1;
+ goto done;
+ }
+
+ ok = ad_convert_delete_adfile(handle, ad, smb_fname);
+ if (!ok) {
+ ret = -1;
+ goto done;
+ }
+
+ ret = 0;
+done:
+ TALLOC_FREE(ad);
+ return ret;
+}
+
+/**
+ * Read and parse Netatalk AppleDouble metadata xattr
+ **/
+static ssize_t ad_read_meta(vfs_handle_struct *handle,
+ struct adouble *ad,
+ const struct smb_filename *smb_fname)
+{
+ int rc = 0;
+ ssize_t ealen;
+ bool ok;
+
+ DEBUG(10, ("reading meta xattr for %s\n", smb_fname->base_name));
+
+ ealen = SMB_VFS_GETXATTR(handle->conn, smb_fname,
+ AFPINFO_EA_NETATALK, ad->ad_data,
+ AD_DATASZ_XATTR);
+ if (ealen == -1) {
+ switch (errno) {
+ case ENOATTR:
+ case ENOENT:
+ if (errno == ENOATTR) {
+ errno = ENOENT;
+ }
+ rc = -1;
+ goto exit;
+ default:
+ DEBUG(2, ("error reading meta xattr: %s\n",
+ strerror(errno)));
+ rc = -1;
+ goto exit;
+ }
+ }
+ if (ealen != AD_DATASZ_XATTR) {
+ DEBUG(2, ("bad size %zd\n", ealen));
+ errno = EINVAL;
+ rc = -1;
+ goto exit;
+ }
+
+ /* Now parse entries */
+ ok = ad_unpack(ad, ADEID_NUM_XATTR, AD_DATASZ_XATTR);
+ if (!ok) {
+ DEBUG(2, ("invalid AppleDouble metadata xattr\n"));
+ errno = EINVAL;
+ rc = -1;
+ goto exit;
+ }
+
+ if (!ad_getentryoff(ad, ADEID_FINDERI)
+ || !ad_getentryoff(ad, ADEID_COMMENT)
+ || !ad_getentryoff(ad, ADEID_FILEDATESI)
+ || !ad_getentryoff(ad, ADEID_AFPFILEI)
+ || !ad_getentryoff(ad, ADEID_PRIVDEV)
+ || !ad_getentryoff(ad, ADEID_PRIVINO)
+ || !ad_getentryoff(ad, ADEID_PRIVSYN)
+ || !ad_getentryoff(ad, ADEID_PRIVID)) {
+ DEBUG(2, ("invalid AppleDouble metadata xattr\n"));
+ errno = EINVAL;
+ rc = -1;
+ goto exit;
+ }
+
+exit:
+ DEBUG(10, ("reading meta xattr for %s, rc: %d\n",
+ smb_fname->base_name, rc));
+
+ if (rc != 0) {
+ ealen = -1;
+ if (errno == EINVAL) {
+ become_root();
+ (void)SMB_VFS_REMOVEXATTR(handle->conn,
+ smb_fname,
+ AFPINFO_EA_NETATALK);
+ unbecome_root();
+ errno = ENOENT;
+ }
+ }
+ return ealen;
+}
+
+static int ad_open_rsrc_adouble(const struct smb_filename *smb_fname,
+ int flags,
+ mode_t mode)
+{
+ int ret;
+ int fd;
+ struct smb_filename *adp_smb_fname = NULL;
+
+ ret = adouble_path(talloc_tos(), smb_fname, &adp_smb_fname);
+ if (ret != 0) {
+ return -1;
}
+ fd = open(adp_smb_fname->base_name, flags, mode);
+ TALLOC_FREE(adp_smb_fname);
+
return fd;
}
+static int ad_open_rsrc(vfs_handle_struct *handle,
+ const struct smb_filename *smb_fname,
+ int flags,
+ mode_t mode)
+{
+ return ad_open_rsrc_adouble(smb_fname, flags, mode);
+}
+
/*
* Here's the deal: for ADOUBLE_META we can do without an fd as we can issue
* path based xattr calls. For ADOUBLE_RSRC however we need a full-fledged fd
return 0;
}
-static ssize_t ad_read_rsrc_xattr(struct adouble *ad)
-{
- int ret;
- SMB_STRUCT_STAT st;
-
- /* FIXME: direct sys_fstat(), don't have an fsp */
- ret = sys_fstat(ad->ad_fd, &st,
- lp_fake_directory_create_times(
- SNUM(ad->ad_handle->conn)));
- if (ret != 0) {
- return -1;
- }
-
- ad_setentrylen(ad, ADEID_RFORK, st.st_ex_size);
- return st.st_ex_size;
-}
-
-static ssize_t ad_read_rsrc_adouble(struct adouble *ad,
- const struct smb_filename *smb_fname)
+static ssize_t ad_read_rsrc_adouble(vfs_handle_struct *handle,
+ struct adouble *ad,
+ const struct smb_filename *smb_fname)
{
SMB_STRUCT_STAT sbuf;
char *p_ad = NULL;
- AfpInfo *ai = NULL;
- DATA_BLOB aiblob;
- struct smb_filename *stream_name = NULL;
- files_struct *fsp = NULL;
- ssize_t len;
size_t size;
- ssize_t nwritten;
- NTSTATUS status;
- int saved_errno = 0;
+ ssize_t len;
int ret;
bool ok;
ret = sys_fstat(ad->ad_fd, &sbuf, lp_fake_directory_create_times(
- SNUM(ad->ad_handle->conn)));
+ SNUM(handle->conn)));
if (ret != 0) {
return -1;
}
return -1;
}
- if (ad_getentrylen(ad, ADEID_FINDERI) == ADEDLEN_FINDERI) {
- return len;
- }
-
- /*
- * Try to fixup AppleDouble files created by OS X with xattrs
- * appended to the ADEID_FINDERI entry. We simply remove the
- * xattrs blob, this means any fancy xattr that was stored
- * there is lost.
- */
-
- ret = ad_convert(ad, smb_fname, ad->ad_fd);
- if (ret != 0) {
- DBG_WARNING("Failed to convert [%s]\n", smb_fname->base_name);
- return len;
- }
-
- ok = ad_pack(ad);
- if (!ok) {
- DBG_WARNING("ad_pack [%s] failed\n", smb_fname->base_name);
- return -1;
- }
-
- len = sys_pwrite(ad->ad_fd, ad->ad_data, AD_DATASZ_DOT_UND, 0);
- if (len != AD_DATASZ_DOT_UND) {
- DBG_ERR("%s: bad size: %zd\n", smb_fname->base_name, len);
- return -1;
- }
-
- p_ad = ad_get_entry(ad, ADEID_FINDERI);
- if (p_ad == NULL) {
- return -1;
- }
-
- ai = afpinfo_new(talloc_tos());
- if (ai == NULL) {
- return -1;
- }
-
- memcpy(ai->afpi_FinderInfo, p_ad, ADEDLEN_FINDERI);
-
- aiblob = data_blob_talloc(talloc_tos(), NULL, AFP_INFO_SIZE);
- if (aiblob.data == NULL) {
- TALLOC_FREE(ai);
- return -1;
- }
-
- size = afpinfo_pack(ai, (char *)aiblob.data);
- TALLOC_FREE(ai);
- if (size != AFP_INFO_SIZE) {
- return -1;
- }
-
- stream_name = synthetic_smb_fname(talloc_tos(),
- smb_fname->base_name,
- AFPINFO_STREAM,
- NULL,
- smb_fname->flags);
- if (stream_name == NULL) {
- data_blob_free(&aiblob);
- DBG_ERR("synthetic_smb_fname failed\n");
- return -1;
- }
-
- DBG_DEBUG("stream_name: %s\n", smb_fname_str_dbg(stream_name));
-
- status = SMB_VFS_CREATE_FILE(
- ad->ad_handle->conn, /* conn */
- NULL, /* req */
- 0, /* root_dir_fid */
- stream_name, /* fname */
- FILE_GENERIC_WRITE, /* access_mask */
- FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
- FILE_OPEN_IF, /* create_disposition */
- 0, /* create_options */
- 0, /* file_attributes */
- INTERNAL_OPEN_ONLY, /* oplock_request */
- NULL, /* lease */
- 0, /* allocation_size */
- 0, /* private_flags */
- NULL, /* sd */
- NULL, /* ea_list */
- &fsp, /* result */
- NULL, /* psbuf */
- NULL, NULL); /* create context */
- TALLOC_FREE(stream_name);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_ERR("SMB_VFS_CREATE_FILE failed\n");
- return -1;
- }
-
- nwritten = SMB_VFS_PWRITE(fsp,
- aiblob.data,
- aiblob.length,
- 0);
- if (nwritten == -1) {
- DBG_ERR("SMB_VFS_PWRITE failed\n");
- saved_errno = errno;
- close_file(NULL, fsp, ERROR_CLOSE);
- errno = saved_errno;
- return -1;
- }
-
- status = close_file(NULL, fsp, NORMAL_CLOSE);
- if (!NT_STATUS_IS_OK(status)) {
- return -1;
- }
- fsp = NULL;
-
return len;
}
/**
* Read and parse resource fork, either ._ AppleDouble file or xattr
**/
-static ssize_t ad_read_rsrc(struct adouble *ad,
- const struct smb_filename *smb_fname)
+static ssize_t ad_read_rsrc(vfs_handle_struct *handle,
+ struct adouble *ad,
+ const struct smb_filename *smb_fname)
{
- struct fruit_config_data *config = NULL;
- ssize_t len;
-
- SMB_VFS_HANDLE_GET_DATA(ad->ad_handle, config,
- struct fruit_config_data, return -1);
-
- if (config->rsrc == FRUIT_RSRC_XATTR) {
- len = ad_read_rsrc_xattr(ad);
- } else {
- len = ad_read_rsrc_adouble(ad, smb_fname);
- }
-
- return len;
+ return ad_read_rsrc_adouble(handle, ad, smb_fname);
}
/**
* Read and unpack an AppleDouble metadata xattr or resource
**/
-static ssize_t ad_read(struct adouble *ad, const struct smb_filename *smb_fname)
+static ssize_t ad_read(vfs_handle_struct *handle,
+ struct adouble *ad,
+ const struct smb_filename *smb_fname)
{
switch (ad->ad_type) {
case ADOUBLE_META:
- return ad_read_meta(ad, smb_fname);
+ return ad_read_meta(handle, ad, smb_fname);
case ADOUBLE_RSRC:
- return ad_read_rsrc(ad, smb_fname);
+ return ad_read_rsrc(handle, ad, smb_fname);
default:
return -1;
}
*
* @return adouble handle
**/
-static struct adouble *ad_alloc(TALLOC_CTX *ctx, vfs_handle_struct *handle,
+static struct adouble *ad_alloc(TALLOC_CTX *ctx,
adouble_type_t type)
{
int rc = 0;
size_t adsize = 0;
struct adouble *ad;
- struct fruit_config_data *config;
-
- SMB_VFS_HANDLE_GET_DATA(handle, config,
- struct fruit_config_data, return NULL);
switch (type) {
case ADOUBLE_META:
adsize = AD_DATASZ_XATTR;
break;
case ADOUBLE_RSRC:
- if (config->rsrc == FRUIT_RSRC_ADFILE) {
- adsize = AD_DATASZ_DOT_UND;
- }
+ adsize = AD_DATASZ_DOT_UND;
break;
default:
return NULL;
}
}
- ad->ad_handle = handle;
ad->ad_type = type;
ad->ad_magic = AD_MAGIC;
ad->ad_version = AD_VERSION;
* Allocate and initialize a new struct adouble
*
* @param[in] ctx talloc context
- * @param[in] handle vfs handle
* @param[in] type type of AppleDouble, ADOUBLE_META or ADOUBLE_RSRC
*
* @return adouble handle, initialized
**/
-static struct adouble *ad_init(TALLOC_CTX *ctx, vfs_handle_struct *handle,
+static struct adouble *ad_init(TALLOC_CTX *ctx,
adouble_type_t type)
{
int rc = 0;
const struct ad_entry_order *eid;
struct adouble *ad = NULL;
- struct fruit_config_data *config;
time_t t = time(NULL);
- SMB_VFS_HANDLE_GET_DATA(handle, config,
- struct fruit_config_data, return NULL);
-
switch (type) {
case ADOUBLE_META:
eid = entry_order_meta_xattr;
break;
case ADOUBLE_RSRC:
- if (config->rsrc == FRUIT_RSRC_ADFILE) {
- eid = entry_order_dot_und;
- } else {
- eid = entry_order_rsrc_xattr;
- }
+ eid = entry_order_dot_und;
break;
default:
return NULL;
}
- ad = ad_alloc(ctx, handle, type);
+ ad = ad_alloc(ctx, type);
if (ad == NULL) {
return NULL;
}
type == ADOUBLE_META ? "meta" : "rsrc",
smb_fname->base_name));
- ad = ad_alloc(ctx, handle, type);
+ ad = ad_alloc(ctx, type);
if (ad == NULL) {
rc = -1;
goto exit;
}
- len = ad_read(ad, smb_fname);
+ len = ad_read(handle, ad, smb_fname);
if (len == -1) {
DEBUG(10, ("error reading AppleDouble for %s\n",
smb_fname->base_name));
*
* @return status code, 0 means success
**/
-static int ad_set(struct adouble *ad, const struct smb_filename *smb_fname)
+static int ad_set(vfs_handle_struct *handle,
+ struct adouble *ad,
+ const struct smb_filename *smb_fname)
{
bool ok;
int ret;
return -1;
}
- ret = SMB_VFS_SETXATTR(ad->ad_handle->conn,
+ ret = SMB_VFS_SETXATTR(handle->conn,
smb_fname,
AFPINFO_EA_NETATALK,
ad->ad_data,
*
* @return status code, 0 means success
**/
-static int ad_fset(struct adouble *ad, files_struct *fsp)
+static int ad_fset(struct vfs_handle_struct *handle,
+ struct adouble *ad,
+ files_struct *fsp)
{
int rc = -1;
ssize_t len;
switch (ad->ad_type) {
case ADOUBLE_META:
- rc = SMB_VFS_NEXT_SETXATTR(ad->ad_handle,
+ rc = SMB_VFS_NEXT_SETXATTR(handle,
fsp->fsp_name,
AFPINFO_EA_NETATALK,
ad->ad_data,
break;
case ADOUBLE_RSRC:
- len = SMB_VFS_NEXT_PWRITE(ad->ad_handle,
+ len = SMB_VFS_NEXT_PWRITE(handle,
fsp,
ad->ad_data,
AD_DATASZ_DOT_UND,
}
/**
- * Test whether stream is an Apple stream, not used atm
+ * Test whether stream is an Apple stream.
**/
-#if 0
static bool is_apple_stream(const struct smb_filename *smb_fname)
{
if (is_afpinfo_stream(smb_fname)) {
}
return false;
}
-#endif
+
+static bool is_adouble_file(const char *path)
+{
+ const char *p = NULL;
+ int match;
+
+ p = strrchr(path, '/');
+ if (p == NULL) {
+ p = path;
+ } else {
+ p++;
+ }
+
+ match = strncmp(p,
+ ADOUBLE_NAME_PREFIX,
+ strlen(ADOUBLE_NAME_PREFIX));
+ if (match != 0) {
+ return false;
+ }
+ return true;
+}
/**
* Initialize config struct from our smb.conf config parameters
SNUM(handle->conn), FRUIT_PARAM_TYPE_NAME,
"time machine max size", NULL);
if (tm_size_str != NULL) {
- config->time_machine_max_size =
- (size_t)conv_str_size(tm_size_str);
+ config->time_machine_max_size = conv_str_size(tm_size_str);
}
+ config->wipe_intentionally_left_blank_rfork = lp_parm_bool(
+ SNUM(handle->conn), FRUIT_PARAM_TYPE_NAME,
+ "wipe_intentionally_left_blank_rfork", false);
+
+ config->delete_empty_adfiles = lp_parm_bool(
+ SNUM(handle->conn), FRUIT_PARAM_TYPE_NAME,
+ "delete_empty_adfiles", false);
+
SMB_VFS_HANDLE_SET_DATA(handle, config,
NULL, struct fruit_config_data,
return -1);
**/
static SMB_INO_T fruit_inode(const SMB_STRUCT_STAT *sbuf, const char *sname)
{
- MD5_CTX ctx;
+ gnutls_hash_hd_t hash_hnd = NULL;
unsigned char hash[16];
- SMB_INO_T result;
+ SMB_INO_T result = 0;
char *upper_sname;
+ int rc;
+
+ DBG_DEBUG("fruit_inode called for %ju/%ju [%s]\n",
+ (uintmax_t)sbuf->st_ex_dev,
+ (uintmax_t)sbuf->st_ex_ino, sname);
upper_sname = talloc_strdup_upper(talloc_tos(), sname);
SMB_ASSERT(upper_sname != NULL);
- MD5Init(&ctx);
- MD5Update(&ctx, (const unsigned char *)&(sbuf->st_ex_dev),
- sizeof(sbuf->st_ex_dev));
- MD5Update(&ctx, (const unsigned char *)&(sbuf->st_ex_ino),
- sizeof(sbuf->st_ex_ino));
- MD5Update(&ctx, (unsigned char *)upper_sname,
- talloc_get_size(upper_sname)-1);
- MD5Final(hash, &ctx);
+ rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5);
+ if (rc < 0) {
+ goto out;
+ }
- TALLOC_FREE(upper_sname);
+ rc = gnutls_hash(hash_hnd, &(sbuf->st_ex_dev), sizeof(sbuf->st_ex_dev));
+ if (rc < 0) {
+ gnutls_hash_deinit(hash_hnd, NULL);
+ goto out;
+ }
+ rc = gnutls_hash(hash_hnd,
+ &(sbuf->st_ex_ino),
+ sizeof(sbuf->st_ex_ino));
+ if (rc < 0) {
+ gnutls_hash_deinit(hash_hnd, NULL);
+ goto out;
+ }
+ rc = gnutls_hash(hash_hnd,
+ upper_sname,
+ talloc_get_size(upper_sname) - 1);
+ if (rc < 0) {
+ gnutls_hash_deinit(hash_hnd, NULL);
+ goto out;
+ }
+
+ gnutls_hash_deinit(hash_hnd, hash);
/* Hopefully all the variation is in the lower 4 (or 8) bytes! */
memcpy(&result, hash, sizeof(result));
+ ZERO_ARRAY(hash);
+
+ DBG_DEBUG("fruit_inode \"%s\": ino=%ju\n",
+ sname, (uintmax_t)result);
- DEBUG(10, ("fruit_inode \"%s\": ino=0x%llu\n",
- sname, (unsigned long long)result));
+out:
+ TALLOC_FREE(upper_sname);
return result;
}
static off_t denymode_to_netatalk_brl(enum apple_fork fork_type,
uint32_t deny_mode)
{
- off_t offset;
+ off_t offset = 0;
switch (deny_mode) {
case DENY_READ:
off_t offset = in_offset;
off_t len = 1;
int type = F_WRLCK;
- pid_t pid;
+ pid_t pid = 0;
result = SMB_VFS_GETLOCK(fsp, &offset, &len, &type, &pid);
if (result == false) {
static NTSTATUS fruit_check_access(vfs_handle_struct *handle,
files_struct *fsp,
uint32_t access_mask,
- uint32_t deny_mode)
+ uint32_t share_mode)
{
NTSTATUS status = NT_STATUS_OK;
- struct byte_range_lock *br_lck = NULL;
- bool open_for_reading, open_for_writing, deny_read, deny_write;
off_t off;
- bool have_read = false;
- int flags;
+ bool share_for_read = (share_mode & FILE_SHARE_READ);
+ bool share_for_write = (share_mode & FILE_SHARE_WRITE);
+ bool netatalk_already_open_for_reading = false;
+ bool netatalk_already_open_for_writing = false;
+ bool netatalk_already_open_with_deny_read = false;
+ bool netatalk_already_open_with_deny_write = false;
/* FIXME: hardcoded data fork, add resource fork */
enum apple_fork fork_type = APPLE_FORK_DATA;
- DEBUG(10, ("fruit_check_access: %s, am: %s/%s, dm: %s/%s\n",
+ DBG_DEBUG("fruit_check_access: %s, am: %s/%s, sm: 0x%x\n",
fsp_str_dbg(fsp),
access_mask & FILE_READ_DATA ? "READ" :"-",
access_mask & FILE_WRITE_DATA ? "WRITE" : "-",
- deny_mode & DENY_READ ? "DENY_READ" : "-",
- deny_mode & DENY_WRITE ? "DENY_WRITE" : "-"));
+ share_mode);
if (fsp->fh->fd == -1) {
return NT_STATUS_OK;
}
- flags = fcntl(fsp->fh->fd, F_GETFL);
- if (flags == -1) {
- DBG_ERR("fcntl get flags [%s] fd [%d] failed [%s]\n",
- fsp_str_dbg(fsp), fsp->fh->fd, strerror(errno));
- return map_nt_error_from_unix(errno);
+ /* Read NetATalk opens and deny modes on the file. */
+ netatalk_already_open_for_reading = test_netatalk_lock(fsp,
+ access_to_netatalk_brl(fork_type,
+ FILE_READ_DATA));
+
+ netatalk_already_open_with_deny_read = test_netatalk_lock(fsp,
+ denymode_to_netatalk_brl(fork_type,
+ DENY_READ));
+
+ netatalk_already_open_for_writing = test_netatalk_lock(fsp,
+ access_to_netatalk_brl(fork_type,
+ FILE_WRITE_DATA));
+
+ netatalk_already_open_with_deny_write = test_netatalk_lock(fsp,
+ denymode_to_netatalk_brl(fork_type,
+ DENY_WRITE));
+
+ /* If there are any conflicts - sharing violation. */
+ if ((access_mask & FILE_READ_DATA) &&
+ netatalk_already_open_with_deny_read) {
+ return NT_STATUS_SHARING_VIOLATION;
}
- if (flags & (O_RDONLY|O_RDWR)) {
+ if (!share_for_read &&
+ netatalk_already_open_for_reading) {
+ return NT_STATUS_SHARING_VIOLATION;
+ }
+
+ if ((access_mask & FILE_WRITE_DATA) &&
+ netatalk_already_open_with_deny_write) {
+ return NT_STATUS_SHARING_VIOLATION;
+ }
+
+ if (!share_for_write &&
+ netatalk_already_open_for_writing) {
+ return NT_STATUS_SHARING_VIOLATION;
+ }
+
+ if (!(access_mask & FILE_READ_DATA)) {
/*
- * Applying fcntl read locks requires an fd opened for
- * reading. This means we won't be applying locks for
- * files openend write-only, but what can we do...
+ * Nothing we can do here, we need read access
+ * to set locks.
*/
- have_read = true;
+ return NT_STATUS_OK;
}
- /*
- * Check read access and deny read mode
- */
- if ((access_mask & FILE_READ_DATA) || (deny_mode & DENY_READ)) {
- /* Check access */
- open_for_reading = test_netatalk_lock(
- fsp, access_to_netatalk_brl(fork_type, FILE_READ_DATA));
+ /* Set NetAtalk locks matching our access */
+ if (access_mask & FILE_READ_DATA) {
+ struct byte_range_lock *br_lck = NULL;
- deny_read = test_netatalk_lock(
- fsp, denymode_to_netatalk_brl(fork_type, DENY_READ));
+ off = access_to_netatalk_brl(fork_type, FILE_READ_DATA);
+ br_lck = do_lock(
+ handle->conn->sconn->msg_ctx, fsp,
+ fsp->op->global->open_persistent_id, 1, off,
+ READ_LOCK, POSIX_LOCK, false,
+ &status, NULL);
- DEBUG(10, ("read: %s, deny_write: %s\n",
- open_for_reading == true ? "yes" : "no",
- deny_read == true ? "yes" : "no"));
+ TALLOC_FREE(br_lck);
- if (((access_mask & FILE_READ_DATA) && deny_read)
- || ((deny_mode & DENY_READ) && open_for_reading)) {
- return NT_STATUS_SHARING_VIOLATION;
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
+ }
- /* Set locks */
- if ((access_mask & FILE_READ_DATA) && have_read) {
- off = access_to_netatalk_brl(fork_type, FILE_READ_DATA);
- br_lck = do_lock(
- handle->conn->sconn->msg_ctx, fsp,
- fsp->op->global->open_persistent_id, 1, off,
- READ_LOCK, POSIX_LOCK, false,
- &status, NULL);
-
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
- TALLOC_FREE(br_lck);
- }
+ if (!share_for_read) {
+ struct byte_range_lock *br_lck = NULL;
- if ((deny_mode & DENY_READ) && have_read) {
- off = denymode_to_netatalk_brl(fork_type, DENY_READ);
- br_lck = do_lock(
- handle->conn->sconn->msg_ctx, fsp,
- fsp->op->global->open_persistent_id, 1, off,
- READ_LOCK, POSIX_LOCK, false,
- &status, NULL);
+ off = denymode_to_netatalk_brl(fork_type, DENY_READ);
+ br_lck = do_lock(
+ handle->conn->sconn->msg_ctx, fsp,
+ fsp->op->global->open_persistent_id, 1, off,
+ READ_LOCK, POSIX_LOCK, false,
+ &status, NULL);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
- TALLOC_FREE(br_lck);
+ TALLOC_FREE(br_lck);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
}
- /*
- * Check write access and deny write mode
- */
- if ((access_mask & FILE_WRITE_DATA) || (deny_mode & DENY_WRITE)) {
- /* Check access */
- open_for_writing = test_netatalk_lock(
- fsp, access_to_netatalk_brl(fork_type, FILE_WRITE_DATA));
+ if (access_mask & FILE_WRITE_DATA) {
+ struct byte_range_lock *br_lck = NULL;
- deny_write = test_netatalk_lock(
- fsp, denymode_to_netatalk_brl(fork_type, DENY_WRITE));
+ off = access_to_netatalk_brl(fork_type, FILE_WRITE_DATA);
+ br_lck = do_lock(
+ handle->conn->sconn->msg_ctx, fsp,
+ fsp->op->global->open_persistent_id, 1, off,
+ READ_LOCK, POSIX_LOCK, false,
+ &status, NULL);
- DEBUG(10, ("write: %s, deny_write: %s\n",
- open_for_writing == true ? "yes" : "no",
- deny_write == true ? "yes" : "no"));
+ TALLOC_FREE(br_lck);
- if (((access_mask & FILE_WRITE_DATA) && deny_write)
- || ((deny_mode & DENY_WRITE) && open_for_writing)) {
- return NT_STATUS_SHARING_VIOLATION;
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
+ }
- /* Set locks */
- if ((access_mask & FILE_WRITE_DATA) && have_read) {
- off = access_to_netatalk_brl(fork_type, FILE_WRITE_DATA);
- br_lck = do_lock(
- handle->conn->sconn->msg_ctx, fsp,
- fsp->op->global->open_persistent_id, 1, off,
- READ_LOCK, POSIX_LOCK, false,
- &status, NULL);
-
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
- TALLOC_FREE(br_lck);
+ if (!share_for_write) {
+ struct byte_range_lock *br_lck = NULL;
- }
- if ((deny_mode & DENY_WRITE) && have_read) {
- off = denymode_to_netatalk_brl(fork_type, DENY_WRITE);
- br_lck = do_lock(
- handle->conn->sconn->msg_ctx, fsp,
- fsp->op->global->open_persistent_id, 1, off,
- READ_LOCK, POSIX_LOCK, false,
- &status, NULL);
-
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
- TALLOC_FREE(br_lck);
+ off = denymode_to_netatalk_brl(fork_type, DENY_WRITE);
+ br_lck = do_lock(
+ handle->conn->sconn->msg_ctx, fsp,
+ fsp->op->global->open_persistent_id, 1, off,
+ READ_LOCK, POSIX_LOCK, false,
+ &status, NULL);
+
+ TALLOC_FREE(br_lck);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
}
- TALLOC_FREE(br_lck);
-
- return status;
+ return NT_STATUS_OK;
}
static NTSTATUS check_aapl(vfs_handle_struct *handle,
switch (config->rsrc) {
case FRUIT_RSRC_ADFILE:
- case FRUIT_RSRC_XATTR:
rfork_size = readdir_attr_rfork_size_adouble(handle,
smb_fname);
break;
- case FRUIT_META_STREAM:
+ case FRUIT_RSRC_XATTR:
+ case FRUIT_RSRC_STREAM:
rfork_size = readdir_attr_rfork_size_stream(handle,
smb_fname);
break;
return status;
}
+static NTSTATUS remove_virtual_nfs_aces(struct security_descriptor *psd)
+{
+ NTSTATUS status;
+ uint32_t i;
+
+ if (psd->dacl == NULL) {
+ return NT_STATUS_OK;
+ }
+
+ for (i = 0; i < psd->dacl->num_aces; i++) {
+ /* MS NFS style mode/uid/gid */
+ int cmp = dom_sid_compare_domain(
+ &global_sid_Unix_NFS,
+ &psd->dacl->aces[i].trustee);
+ if (cmp != 0) {
+ /* Normal ACE entry. */
+ continue;
+ }
+
+ /*
+ * security_descriptor_dacl_del()
+ * *must* return NT_STATUS_OK as we know
+ * we have something to remove.
+ */
+
+ status = security_descriptor_dacl_del(psd,
+ &psd->dacl->aces[i].trustee);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_WARNING("failed to remove MS NFS style ACE: %s\n",
+ nt_errstr(status));
+ return status;
+ }
+
+ /*
+ * security_descriptor_dacl_del() may delete more
+ * then one entry subsequent to this one if the
+ * SID matches, but we only need to ensure that
+ * we stay looking at the same element in the array.
+ */
+ i--;
+ }
+ return NT_STATUS_OK;
+}
+
/* Search MS NFS style ACE with UNIX mode */
static NTSTATUS check_ms_nfs(vfs_handle_struct *handle,
files_struct *fsp,
- const struct security_descriptor *psd,
+ struct security_descriptor *psd,
mode_t *pmode,
bool *pdo_chmod)
{
}
}
- return NT_STATUS_OK;
+ /*
+ * Remove any incoming virtual ACE entries generated by
+ * fruit_fget_nt_acl().
+ */
+
+ return remove_virtual_nfs_aces(psd);
}
/****************************************************************************
return rc;
}
+static int fruit_fake_fd(void)
+{
+ int pipe_fds[2];
+ int fd;
+ int ret;
+
+ /*
+ * Return a valid fd, but ensure any attempt to use it returns
+ * an error (EPIPE). Once we get a write on the handle, we open
+ * the real fd.
+ */
+ ret = pipe(pipe_fds);
+ if (ret != 0) {
+ return -1;
+ }
+ fd = pipe_fds[0];
+ close(pipe_fds[1]);
+
+ return fd;
+}
+
static int fruit_open_meta_stream(vfs_handle_struct *handle,
struct smb_filename *smb_fname,
files_struct *fsp,
int flags,
mode_t mode)
{
- AfpInfo *ai = NULL;
- char afpinfo_buf[AFP_INFO_SIZE];
- ssize_t len, written;
- int hostfd = -1;
- int rc = -1;
+ struct fruit_config_data *config = NULL;
+ struct fio *fio = NULL;
+ int open_flags = flags & ~O_CREAT;
+ int fd;
- hostfd = SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
- if (hostfd == -1) {
- return -1;
- }
+ DBG_DEBUG("Path [%s]\n", smb_fname_str_dbg(smb_fname));
- if (!(flags & (O_CREAT | O_TRUNC))) {
- return hostfd;
- }
+ SMB_VFS_HANDLE_GET_DATA(handle, config,
+ struct fruit_config_data, return -1);
- ai = afpinfo_new(talloc_tos());
- if (ai == NULL) {
- rc = -1;
- goto fail;
- }
+ fio = VFS_ADD_FSP_EXTENSION(handle, fsp, struct fio, NULL);
+ fio->type = ADOUBLE_META;
+ fio->config = config;
- len = afpinfo_pack(ai, afpinfo_buf);
- if (len != AFP_INFO_SIZE) {
- rc = -1;
- goto fail;
+ fd = SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, open_flags, mode);
+ if (fd != -1) {
+ return fd;
}
- /* Set fd, needed in SMB_VFS_NEXT_PWRITE() */
- fsp->fh->fd = hostfd;
-
- written = SMB_VFS_NEXT_PWRITE(handle, fsp, afpinfo_buf,
- AFP_INFO_SIZE, 0);
- fsp->fh->fd = -1;
- if (written != AFP_INFO_SIZE) {
- DBG_ERR("bad write [%zd/%d]\n", written, AFP_INFO_SIZE);
- rc = -1;
- goto fail;
+ if (!(flags & O_CREAT)) {
+ VFS_REMOVE_FSP_EXTENSION(handle, fsp);
+ return -1;
}
- rc = 0;
+ fd = fruit_fake_fd();
+ if (fd == -1) {
+ VFS_REMOVE_FSP_EXTENSION(handle, fsp);
+ return -1;
+ }
-fail:
- DBG_DEBUG("rc=%d, fd=%d\n", rc, hostfd);
+ fio->fake_fd = true;
+ fio->flags = flags;
+ fio->mode = mode;
- if (rc != 0) {
- int saved_errno = errno;
- if (hostfd >= 0) {
- fsp->fh->fd = hostfd;
- SMB_VFS_NEXT_CLOSE(handle, fsp);
- }
- hostfd = -1;
- errno = saved_errno;
- }
- return hostfd;
+ return fd;
}
static int fruit_open_meta_netatalk(vfs_handle_struct *handle,
int flags,
mode_t mode)
{
- int rc;
- int fakefd = -1;
+ struct fruit_config_data *config = NULL;
+ struct fio *fio = NULL;
struct adouble *ad = NULL;
- int fds[2];
+ bool meta_exists = false;
+ int fd;
DBG_DEBUG("Path [%s]\n", smb_fname_str_dbg(smb_fname));
- /*
- * Return a valid fd, but ensure any attempt to use it returns an error
- * (EPIPE). All operations on the smb_fname or the fsp will use path
- * based syscalls.
- */
- rc = pipe(fds);
- if (rc != 0) {
- goto exit;
+ ad = ad_get(talloc_tos(), handle, smb_fname, ADOUBLE_META);
+ if (ad != NULL) {
+ meta_exists = true;
}
- fakefd = fds[0];
- close(fds[1]);
-
- if (flags & (O_CREAT | O_TRUNC)) {
- /*
- * The attribute does not exist or needs to be truncated,
- * create an AppleDouble EA
- */
- ad = ad_init(fsp, handle, ADOUBLE_META);
- if (ad == NULL) {
- rc = -1;
- goto exit;
- }
- rc = ad_set(ad, fsp->fsp_name);
- if (rc != 0) {
- rc = -1;
- goto exit;
- }
+ TALLOC_FREE(ad);
- TALLOC_FREE(ad);
+ if (!meta_exists && !(flags & O_CREAT)) {
+ errno = ENOENT;
+ return -1;
}
-exit:
- DEBUG(10, ("fruit_open meta rc=%d, fd=%d\n", rc, fakefd));
- if (rc != 0) {
- int saved_errno = errno;
- if (fakefd >= 0) {
- close(fakefd);
- }
- fakefd = -1;
- errno = saved_errno;
+ fd = fruit_fake_fd();
+ if (fd == -1) {
+ return -1;
}
- return fakefd;
+
+ SMB_VFS_HANDLE_GET_DATA(handle, config,
+ struct fruit_config_data, return -1);
+
+ fio = VFS_ADD_FSP_EXTENSION(handle, fsp, struct fio, NULL);
+ fio->type = ADOUBLE_META;
+ fio->config = config;
+ fio->fake_fd = true;
+ fio->flags = flags;
+ fio->mode = mode;
+
+ return fd;
}
static int fruit_open_meta(vfs_handle_struct *handle,
{
int fd;
struct fruit_config_data *config = NULL;
- struct fio *fio = NULL;
DBG_DEBUG("path [%s]\n", smb_fname_str_dbg(smb_fname));
DBG_DEBUG("path [%s] fd [%d]\n", smb_fname_str_dbg(smb_fname), fd);
- if (fd == -1) {
- return -1;
- }
-
- fio = VFS_ADD_FSP_EXTENSION(handle, fsp, struct fio, NULL);
- fio->type = ADOUBLE_META;
- fio->config = config;
-
return fd;
}
goto exit;
}
- /* Sanitize flags */
- if (flags & O_WRONLY) {
- /* We always need read access for the metadata header too */
- flags &= ~O_WRONLY;
- flags |= O_RDWR;
- }
+ /* We always need read/write access for the metadata header too */
+ flags &= ~(O_RDONLY | O_WRONLY);
+ flags |= O_RDWR;
hostfd = SMB_VFS_NEXT_OPEN(handle, smb_fname_base, fsp,
flags, mode);
}
if (flags & (O_CREAT | O_TRUNC)) {
- ad = ad_init(fsp, handle, ADOUBLE_RSRC);
+ ad = ad_init(fsp, ADOUBLE_RSRC);
if (ad == NULL) {
rc = -1;
goto exit;
fsp->fh->fd = hostfd;
- rc = ad_fset(ad, fsp);
+ rc = ad_fset(handle, ad, fsp);
fsp->fh->fd = -1;
if (rc != 0) {
rc = -1;
SMB_VFS_HANDLE_GET_DATA(handle, config,
struct fruit_config_data, return -1);
- if (((flags & O_ACCMODE) == O_RDONLY)
- && (flags & O_CREAT)
- && !VALID_STAT(fsp->fsp_name->st))
- {
- /*
- * This means the stream doesn't exist. macOS SMB server fails
- * this with NT_STATUS_OBJECT_NAME_NOT_FOUND, so must we. Cf bug
- * 12565 and the test for this combination in
- * test_rfork_create().
- */
- errno = ENOENT;
- return -1;
- }
-
switch (config->rsrc) {
case FRUIT_RSRC_STREAM:
fd = SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
DBG_DEBUG("Path [%s]\n", smb_fname_str_dbg(smb_fname));
- if (!is_ntfs_stream_smb_fname(smb_fname)) {
- return SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
+ if (!is_ntfs_stream_smb_fname(smb_fname)) {
+ return SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
+ }
+
+ if (is_afpinfo_stream(smb_fname)) {
+ fd = fruit_open_meta(handle, smb_fname, fsp, flags, mode);
+ } else if (is_afpresource_stream(smb_fname)) {
+ fd = fruit_open_rsrc(handle, smb_fname, fsp, flags, mode);
+ } else {
+ fd = SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
+ }
+
+ DBG_DEBUG("Path [%s] fd [%d]\n", smb_fname_str_dbg(smb_fname), fd);
+
+ return fd;
+}
+
+static int fruit_close_meta(vfs_handle_struct *handle,
+ files_struct *fsp)
+{
+ int ret;
+ struct fruit_config_data *config = NULL;
+
+ SMB_VFS_HANDLE_GET_DATA(handle, config,
+ struct fruit_config_data, return -1);
+
+ switch (config->meta) {
+ case FRUIT_META_STREAM:
+ ret = SMB_VFS_NEXT_CLOSE(handle, fsp);
+ break;
+
+ case FRUIT_META_NETATALK:
+ ret = close(fsp->fh->fd);
+ fsp->fh->fd = -1;
+ break;
+
+ default:
+ DBG_ERR("Unexpected meta config [%d]\n", config->meta);
+ return -1;
+ }
+
+ return ret;
+}
+
+
+static int fruit_close_rsrc(vfs_handle_struct *handle,
+ files_struct *fsp)
+{
+ int ret;
+ struct fruit_config_data *config = NULL;
+
+ SMB_VFS_HANDLE_GET_DATA(handle, config,
+ struct fruit_config_data, return -1);
+
+ switch (config->rsrc) {
+ case FRUIT_RSRC_STREAM:
+ case FRUIT_RSRC_ADFILE:
+ ret = SMB_VFS_NEXT_CLOSE(handle, fsp);
+ break;
+
+ case FRUIT_RSRC_XATTR:
+ ret = close(fsp->fh->fd);
+ fsp->fh->fd = -1;
+ break;
+
+ default:
+ DBG_ERR("Unexpected rsrc config [%d]\n", config->rsrc);
+ return -1;
+ }
+
+ return ret;
+}
+
+static int fruit_close(vfs_handle_struct *handle,
+ files_struct *fsp)
+{
+ int ret;
+ int fd;
+
+ fd = fsp->fh->fd;
+
+ DBG_DEBUG("Path [%s] fd [%d]\n", smb_fname_str_dbg(fsp->fsp_name), fd);
+
+ if (!is_ntfs_stream_smb_fname(fsp->fsp_name)) {
+ return SMB_VFS_NEXT_CLOSE(handle, fsp);
}
- if (is_afpinfo_stream(smb_fname)) {
- fd = fruit_open_meta(handle, smb_fname, fsp, flags, mode);
- } else if (is_afpresource_stream(smb_fname)) {
- fd = fruit_open_rsrc(handle, smb_fname, fsp, flags, mode);
+ if (is_afpinfo_stream(fsp->fsp_name)) {
+ ret = fruit_close_meta(handle, fsp);
+ } else if (is_afpresource_stream(fsp->fsp_name)) {
+ ret = fruit_close_rsrc(handle, fsp);
} else {
- fd = SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
+ ret = SMB_VFS_NEXT_CLOSE(handle, fsp);
}
- DBG_DEBUG("Path [%s] fd [%d]\n", smb_fname_str_dbg(smb_fname), fd);
-
- return fd;
+ return ret;
}
static int fruit_rename(struct vfs_handle_struct *handle,
return fruit_unlink_meta(handle, smb_fname);
} else if (is_afpresource_stream(smb_fname)) {
return fruit_unlink_rsrc(handle, smb_fname, false);
- } if (is_ntfs_stream_smb_fname(smb_fname)) {
+ } else if (is_ntfs_stream_smb_fname(smb_fname)) {
+ return SMB_VFS_NEXT_UNLINK(handle, smb_fname);
+ } else if (is_adouble_file(smb_fname->base_name)) {
return SMB_VFS_NEXT_UNLINK(handle, smb_fname);
}
}
while ((de = SMB_VFS_READDIR(handle->conn, dh, NULL)) != NULL) {
- int match;
struct adouble *ad = NULL;
char *p = NULL;
struct smb_filename *ad_smb_fname = NULL;
int ret;
- match = strncmp(de->d_name,
- ADOUBLE_NAME_PREFIX,
- strlen(ADOUBLE_NAME_PREFIX));
- if (match != 0) {
+ if (!is_adouble_file(de->d_name)) {
continue;
}
int ret;
nread = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset);
-
- if (nread == n) {
+ if (nread == -1 || nread == n) {
return nread;
}
return 0;
}
+ if (fio == NULL) {
+ DBG_ERR("Failed to fetch fsp extension");
+ return -1;
+ }
+
/* Yes, macOS always reads from offset 0 */
offset = 0;
to_return = MIN(n, AFP_INFO_SIZE);
return -1;
}
+ if (nread == -1 && fio->created) {
+ AfpInfo *ai = NULL;
+ char afpinfo_buf[AFP_INFO_SIZE];
+
+ ai = afpinfo_new(talloc_tos());
+ if (ai == NULL) {
+ return -1;
+ }
+
+ nread = afpinfo_pack(ai, afpinfo_buf);
+ TALLOC_FREE(ai);
+ if (nread != AFP_INFO_SIZE) {
+ return -1;
+ }
+
+ memcpy(data, afpinfo_buf, to_return);
+ return to_return;
+ }
+
return nread;
}
struct fio *fio = (struct fio *)VFS_FETCH_FSP_EXTENSION(handle, fsp);
ssize_t nread;
+ if (fio == NULL) {
+ errno = EINVAL;
+ return -1;
+ }
+
switch (fio->config->rsrc) {
case FRUIT_RSRC_STREAM:
nread = fruit_pread_rsrc_stream(handle, fsp, data, n, offset);
return false;
};
- if ((fio->type == ADOUBLE_META) &&
- (fio->config->meta == FRUIT_META_NETATALK))
- {
+ if (fio->type == ADOUBLE_META) {
return true;
}
files_struct *fsp, const void *data,
size_t n, off_t offset)
{
+ struct fio *fio = (struct fio *)VFS_FETCH_FSP_EXTENSION(handle, fsp);
AfpInfo *ai = NULL;
size_t nwritten;
+ int ret;
bool ok;
- ai = afpinfo_unpack(talloc_tos(), data);
- if (ai == NULL) {
+ DBG_DEBUG("Path [%s] offset=%"PRIdMAX", size=%zd\n",
+ fsp_str_dbg(fsp), (intmax_t)offset, n);
+
+ if (fio == NULL) {
return -1;
}
- nwritten = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
- if (nwritten != n) {
- return -1;
+ if (fio->fake_fd) {
+ int fd;
+
+ ret = SMB_VFS_NEXT_CLOSE(handle, fsp);
+ if (ret != 0) {
+ DBG_ERR("Close [%s] failed: %s\n",
+ fsp_str_dbg(fsp), strerror(errno));
+ fsp->fh->fd = -1;
+ return -1;
+ }
+
+ fd = SMB_VFS_NEXT_OPEN(handle,
+ fsp->fsp_name,
+ fsp,
+ fio->flags,
+ fio->mode);
+ if (fd == -1) {
+ DBG_ERR("On-demand create [%s] in write failed: %s\n",
+ fsp_str_dbg(fsp), strerror(errno));
+ return -1;
+ }
+ fsp->fh->fd = fd;
+ fio->fake_fd = false;
}
- if (!ai_empty_finderinfo(ai)) {
- return n;
+ ai = afpinfo_unpack(talloc_tos(), data);
+ if (ai == NULL) {
+ return -1;
}
- ok = set_delete_on_close(
+ if (ai_empty_finderinfo(ai)) {
+ /*
+ * Writing an all 0 blob to the metadata stream results in the
+ * stream being removed on a macOS server. This ensures we
+ * behave the same and it verified by the "delete AFP_AfpInfo by
+ * writing all 0" test.
+ */
+ ret = SMB_VFS_NEXT_FTRUNCATE(handle, fsp, 0);
+ if (ret != 0) {
+ DBG_ERR("SMB_VFS_NEXT_FTRUNCATE on [%s] failed\n",
+ fsp_str_dbg(fsp));
+ return -1;
+ }
+
+ ok = set_delete_on_close(
fsp,
true,
handle->conn->session_info->security_token,
handle->conn->session_info->unix_token);
- if (!ok) {
- DBG_ERR("set_delete_on_close on [%s] failed\n",
- fsp_str_dbg(fsp));
+ if (!ok) {
+ DBG_ERR("set_delete_on_close on [%s] failed\n",
+ fsp_str_dbg(fsp));
+ return -1;
+ }
+ return n;
+ }
+
+ nwritten = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
+ if (nwritten != n) {
return -1;
}
ad = ad_fget(talloc_tos(), handle, fsp, ADOUBLE_META);
if (ad == NULL) {
- ad = ad_init(talloc_tos(), handle, ADOUBLE_META);
+ ad = ad_init(talloc_tos(), ADOUBLE_META);
if (ad == NULL) {
return -1;
}
memcpy(p, &ai->afpi_FinderInfo[0], ADEDLEN_FINDERI);
- ret = ad_fset(ad, fsp);
+ ret = ad_fset(handle, ad, fsp);
if (ret != 0) {
DBG_ERR("ad_pwrite [%s] failed\n", fsp_str_dbg(fsp));
TALLOC_FREE(ad);
return n;
}
+ /*
+ * Writing an all 0 blob to the metadata stream results in the stream
+ * being removed on a macOS server. This ensures we behave the same and
+ * it verified by the "delete AFP_AfpInfo by writing all 0" test.
+ */
+
ok = set_delete_on_close(
fsp,
true,
{
struct fio *fio = (struct fio *)VFS_FETCH_FSP_EXTENSION(handle, fsp);
ssize_t nwritten;
+ uint8_t buf[AFP_INFO_SIZE];
+ size_t to_write;
+ size_t to_copy;
+ int cmp;
- /*
- * Writing an all 0 blob to the metadata stream
- * results in the stream being removed on a macOS
- * server. This ensures we behave the same and it
- * verified by the "delete AFP_AfpInfo by writing all
- * 0" test.
- */
- if (n != AFP_INFO_SIZE || offset != 0) {
- DBG_ERR("unexpected offset=%jd or size=%jd\n",
- (intmax_t)offset, (intmax_t)n);
+ if (fio == NULL) {
+ DBG_ERR("Failed to fetch fsp extension");
+ return -1;
+ }
+
+ if (n < 3) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ if (offset != 0 && n < 60) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ cmp = memcmp(data, "AFP", 3);
+ if (cmp != 0) {
+ errno = EINVAL;
return -1;
}
+ if (n <= AFP_OFF_FinderInfo) {
+ /*
+ * Nothing to do here really, just return
+ */
+ return n;
+ }
+
+ offset = 0;
+
+ to_copy = n;
+ if (to_copy > AFP_INFO_SIZE) {
+ to_copy = AFP_INFO_SIZE;
+ }
+ memcpy(buf, data, to_copy);
+
+ to_write = n;
+ if (to_write != AFP_INFO_SIZE) {
+ to_write = AFP_INFO_SIZE;
+ }
+
switch (fio->config->meta) {
case FRUIT_META_STREAM:
- nwritten = fruit_pwrite_meta_stream(handle, fsp, data,
- n, offset);
+ nwritten = fruit_pwrite_meta_stream(handle,
+ fsp,
+ buf,
+ to_write,
+ offset);
break;
case FRUIT_META_NETATALK:
- nwritten = fruit_pwrite_meta_netatalk(handle, fsp, data,
- n, offset);
+ nwritten = fruit_pwrite_meta_netatalk(handle,
+ fsp,
+ buf,
+ to_write,
+ offset);
break;
default:
return -1;
}
- return nwritten;
+ if (nwritten != to_write) {
+ return -1;
+ }
+
+ /*
+ * Return the requested amount, verified against macOS SMB server
+ */
+ return n;
}
static ssize_t fruit_pwrite_rsrc_stream(vfs_handle_struct *handle,
if ((n + offset) > ad_getentrylen(ad, ADEID_RFORK)) {
ad_setentrylen(ad, ADEID_RFORK, n + offset);
- ret = ad_fset(ad, fsp);
+ ret = ad_fset(handle, ad, fsp);
if (ret != 0) {
DBG_ERR("ad_pwrite [%s] failed\n", fsp_str_dbg(fsp));
TALLOC_FREE(ad);
struct fio *fio = (struct fio *)VFS_FETCH_FSP_EXTENSION(handle, fsp);
ssize_t nwritten;
+ if (fio == NULL) {
+ DBG_ERR("Failed to fetch fsp extension");
+ return -1;
+ }
+
switch (fio->config->rsrc) {
case FRUIT_RSRC_STREAM:
nwritten = fruit_pwrite_rsrc_stream(handle, fsp, data, n, offset);
rc = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
}
smb_fname->stream_name = tmp_stream_name;
+
+ DBG_DEBUG("fruit_stat_base [%s] dev [%ju] ino [%ju]\n",
+ smb_fname->base_name,
+ (uintmax_t)smb_fname->st.st_ex_dev,
+ (uintmax_t)smb_fname->st.st_ex_ino);
return rc;
}
bool follow_links)
{
int ret;
+ ino_t ino;
+
+ ret = fruit_stat_base(handle, smb_fname, false);
+ if (ret != 0) {
+ return -1;
+ }
+
+ ino = fruit_inode(&smb_fname->st, smb_fname->stream_name);
if (follow_links) {
ret = SMB_VFS_NEXT_STAT(handle, smb_fname);
ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
}
+ smb_fname->st.st_ex_ino = ino;
+
return ret;
}
files_struct *fsp,
SMB_STRUCT_STAT *sbuf)
{
- return SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
+ struct fio *fio = (struct fio *)VFS_FETCH_FSP_EXTENSION(handle, fsp);
+ struct smb_filename smb_fname;
+ ino_t ino;
+ int ret;
+
+ if (fio == NULL) {
+ return -1;
+ }
+
+ if (fio->fake_fd) {
+ ret = fruit_stat_base(handle, fsp->base_fsp->fsp_name, false);
+ if (ret != 0) {
+ return -1;
+ }
+
+ *sbuf = fsp->base_fsp->fsp_name->st;
+ sbuf->st_ex_size = AFP_INFO_SIZE;
+ sbuf->st_ex_ino = fruit_inode(sbuf, fsp->fsp_name->stream_name);
+ return 0;
+ }
+
+ smb_fname = (struct smb_filename) {
+ .base_name = fsp->fsp_name->base_name,
+ };
+
+ ret = fruit_stat_base(handle, &smb_fname, false);
+ if (ret != 0) {
+ return -1;
+ }
+ *sbuf = smb_fname.st;
+
+ ino = fruit_inode(sbuf, fsp->fsp_name->stream_name);
+
+ ret = SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
+ if (ret != 0) {
+ return -1;
+ }
+
+ sbuf->st_ex_ino = ino;
+ return 0;
}
static int fruit_fstat_meta_netatalk(vfs_handle_struct *handle,
const struct smb_filename *smb_fname,
TALLOC_CTX *mem_ctx,
unsigned int *pnum_streams,
- struct stream_struct **pstreams)
+ struct stream_struct **pstreams,
+ off_t size)
{
struct smb_filename *sname = NULL;
int ret;
return NT_STATUS_INTERNAL_ERROR;
}
+ if (size == 0) {
+ return NT_STATUS_OK;
+ }
+
sname = synthetic_smb_fname(talloc_tos(),
smb_fname->base_name,
AFPINFO_STREAM_NAME,
{
struct stream_struct *stream = *pstreams;
unsigned int num_streams = *pnum_streams;
- struct smb_filename *sname = NULL;
- char *full_name = NULL;
- uint32_t name_hash;
- struct share_mode_lock *lck = NULL;
- struct file_id id = {0};
- bool delete_on_close_set;
int i;
- int ret;
- NTSTATUS status;
- bool ok;
for (i = 0; i < num_streams; i++) {
if (strequal_m(stream[i].name, AFPINFO_STREAM)) {
DBG_ERR("Removing invalid AFPINFO_STREAM size [%jd] from [%s]\n",
(intmax_t)stream[i].size, smb_fname_str_dbg(smb_fname));
- return delete_invalid_meta_stream(handle, smb_fname, mem_ctx,
- pnum_streams, pstreams);
- }
-
- /*
- * Now check if there's a delete-on-close pending on the stream. If so,
- * hide the stream. This behaviour was verified against a macOS 10.12
- * SMB server.
- */
-
- sname = synthetic_smb_fname(talloc_tos(),
- smb_fname->base_name,
- AFPINFO_STREAM_NAME,
- NULL, 0);
- if (sname == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto out;
- }
-
- ret = SMB_VFS_NEXT_STAT(handle, sname);
- if (ret != 0) {
- status = map_nt_error_from_unix(errno);
- goto out;
- }
-
- id = SMB_VFS_NEXT_FILE_ID_CREATE(handle, &sname->st);
-
- lck = get_existing_share_mode_lock(talloc_tos(), id);
- if (lck == NULL) {
- status = NT_STATUS_OK;
- goto out;
- }
-
- full_name = talloc_asprintf(talloc_tos(),
- "%s%s",
- sname->base_name,
- AFPINFO_STREAM);
- if (full_name == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto out;
- }
-
- status = file_name_hash(handle->conn, full_name, &name_hash);
- if (!NT_STATUS_IS_OK(status)) {
- goto out;
- }
-
- delete_on_close_set = is_delete_on_close_set(lck, name_hash);
- if (delete_on_close_set) {
- ok = del_fruit_stream(mem_ctx,
- pnum_streams,
- pstreams,
- AFPINFO_STREAM);
- if (!ok) {
- status = NT_STATUS_INTERNAL_ERROR;
- goto out;
- }
+ return delete_invalid_meta_stream(handle,
+ smb_fname,
+ mem_ctx,
+ pnum_streams,
+ pstreams,
+ stream[i].size);
}
- status = NT_STATUS_OK;
-out:
- TALLOC_FREE(sname);
- TALLOC_FREE(lck);
- TALLOC_FREE(full_name);
- return status;
+ return NT_STATUS_OK;
}
static NTSTATUS fruit_streaminfo_meta_netatalk(
return status;
}
+static void fruit_filter_empty_streams(unsigned int *pnum_streams,
+ struct stream_struct **pstreams)
+{
+ unsigned num_streams = *pnum_streams;
+ struct stream_struct *streams = *pstreams;
+ unsigned i = 0;
+
+ if (!global_fruit_config.nego_aapl) {
+ return;
+ }
+
+ while (i < num_streams) {
+ struct smb_filename smb_fname = (struct smb_filename) {
+ .stream_name = streams[i].name,
+ };
+
+ if (is_ntfs_default_stream_smb_fname(&smb_fname)
+ || streams[i].size > 0)
+ {
+ i++;
+ continue;
+ }
+
+ streams[i] = streams[num_streams - 1];
+ num_streams--;
+ }
+
+ *pnum_streams = num_streams;
+}
+
static NTSTATUS fruit_streaminfo(vfs_handle_struct *handle,
struct files_struct *fsp,
const struct smb_filename *smb_fname,
return status;
}
+ fruit_filter_empty_streams(pnum_streams, pstreams);
+
status = fruit_streaminfo_meta(handle, fsp, smb_fname,
mem_ctx, pnum_streams, pstreams);
if (!NT_STATUS_IS_OK(status)) {
ad_setdate(ad, AD_DATE_CREATE | AD_DATE_UNIX,
convert_time_t_to_uint32_t(ft->create_time.tv_sec));
- rc = ad_set(ad, smb_fname);
+ rc = ad_set(handle, ad, smb_fname);
exit:
struct files_struct *fsp,
off_t offset)
{
- if (offset == 0) {
- return SMB_VFS_FREMOVEXATTR(fsp, AFPRESOURCE_EA_NETATALK);
- }
-
#ifdef HAVE_ATTROPEN
return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, offset);
#endif
ad_setentrylen(ad, ADEID_RFORK, offset);
- rc = ad_fset(ad, fsp);
+ rc = ad_fset(handle, ad, fsp);
if (rc != 0) {
DBG_ERR("ad_fset [%s] failed [%s]\n",
fsp_str_dbg(fsp), strerror(errno));
struct files_struct *fsp,
off_t offset)
{
- if (offset == 0) {
- return SMB_VFS_NEXT_UNLINK(handle, fsp->fsp_name);
- }
-
return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, offset);
}
struct fio *fio = (struct fio *)VFS_FETCH_FSP_EXTENSION(handle, fsp);
int ret;
+ if (fio == NULL) {
+ DBG_ERR("Failed to fetch fsp extension");
+ return -1;
+ }
+
switch (fio->config->rsrc) {
case FRUIT_RSRC_XATTR:
ret = fruit_ftruncate_rsrc_xattr(handle, fsp, offset);
NTSTATUS status;
struct fruit_config_data *config = NULL;
files_struct *fsp = NULL;
+ struct fio *fio = NULL;
+ bool internal_open = (oplock_request & INTERNAL_OPEN_ONLY);
+ int ret;
status = check_aapl(handle, req, in_context_blobs, out_context_blobs);
if (!NT_STATUS_IS_OK(status)) {
SMB_VFS_HANDLE_GET_DATA(handle, config, struct fruit_config_data,
return NT_STATUS_UNSUCCESSFUL);
+ if (is_apple_stream(smb_fname) && !internal_open) {
+ ret = ad_convert(handle, smb_fname);
+ if (ret != 0) {
+ DBG_ERR("ad_convert() failed\n");
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ }
+
status = SMB_VFS_NEXT_CREATE_FILE(
handle, req, root_dir_fid, smb_fname,
access_mask, share_access,
*
* Cf the vfs_fruit torture tests in test_rfork_create().
*/
- if (is_afpresource_stream(fsp->fsp_name) &&
- create_disposition == FILE_OPEN)
+ if (global_fruit_config.nego_aapl &&
+ create_disposition == FILE_OPEN &&
+ smb_fname->st.st_ex_size == 0 &&
+ is_ntfs_stream_smb_fname(smb_fname) &&
+ !(is_ntfs_default_stream_smb_fname(smb_fname)))
{
- if (fsp->fsp_name->st.st_ex_size == 0) {
- status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
- goto fail;
- }
+ status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ goto fail;
+ }
+
+ fio = (struct fio *)VFS_FETCH_FSP_EXTENSION(handle, fsp);
+ if (fio != NULL && pinfo != NULL && *pinfo == FILE_WAS_CREATED) {
+ fio->created = true;
}
if (is_ntfs_stream_smb_fname(smb_fname)
status = fruit_check_access(
handle, *result,
access_mask,
- map_share_mode_to_deny_mode(share_access, 0));
+ share_access);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
struct fruit_config_data *config = NULL;
struct readdir_attr_data *attr_data;
NTSTATUS status;
+ int ret;
SMB_VFS_HANDLE_GET_DATA(handle, config,
struct fruit_config_data,
DEBUG(10, ("fruit_readdir_attr %s\n", fname->base_name));
+ ret = ad_convert(handle, fname);
+ if (ret != 0) {
+ DBG_ERR("ad_convert() failed\n");
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
*pattr_data = talloc_zero(mem_ctx, struct readdir_attr_data);
if (*pattr_data == NULL) {
return NT_STATUS_UNSUCCESSFUL;
return NT_STATUS_OK;
}
+ /* First remove any existing ACE's with NFS style mode/uid/gid SIDs. */
+ status = remove_virtual_nfs_aces(*ppdesc);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_WARNING("failed to remove MS NFS style ACEs\n");
+ return status;
+ }
+
/* MS NFS style mode */
sid_compose(&sid, &global_sid_Unix_NFS_Mode, fsp->fsp_name->st.st_ex_mode);
init_sec_ace(&ace, &sid, SEC_ACE_TYPE_ACCESS_DENIED, 0, 0);
static NTSTATUS fruit_fset_nt_acl(vfs_handle_struct *handle,
files_struct *fsp,
uint32_t security_info_sent,
- const struct security_descriptor *psd)
+ const struct security_descriptor *orig_psd)
{
NTSTATUS status;
bool do_chmod;
mode_t ms_nfs_mode = 0;
int result;
+ struct security_descriptor *psd = NULL;
+ uint32_t orig_num_aces = 0;
+
+ if (orig_psd->dacl != NULL) {
+ orig_num_aces = orig_psd->dacl->num_aces;
+ }
+
+ psd = security_descriptor_copy(talloc_tos(), orig_psd);
+ if (psd == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
DBG_DEBUG("fruit_fset_nt_acl: %s\n", fsp_str_dbg(fsp));
status = check_ms_nfs(handle, fsp, psd, &ms_nfs_mode, &do_chmod);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("fruit_fset_nt_acl: check_ms_nfs failed%s\n", fsp_str_dbg(fsp)));
+ TALLOC_FREE(psd);
return status;
}
+ /*
+ * If only ms_nfs ACE entries were sent, ensure we set the DACL
+ * sent/present flags correctly now we've removed them.
+ */
+
+ if (orig_num_aces != 0) {
+ /*
+ * Are there any ACE's left ?
+ */
+ if (psd->dacl->num_aces == 0) {
+ /* No - clear the DACL sent/present flags. */
+ security_info_sent &= ~SECINFO_DACL;
+ psd->type &= ~SEC_DESC_DACL_PRESENT;
+ }
+ }
+
status = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("fruit_fset_nt_acl: SMB_VFS_NEXT_FSET_NT_ACL failed%s\n", fsp_str_dbg(fsp)));
+ TALLOC_FREE(psd);
return status;
}
result, (unsigned)ms_nfs_mode,
strerror(errno)));
status = map_nt_error_from_unix(errno);
+ TALLOC_FREE(psd);
return status;
}
}
+ TALLOC_FREE(psd);
return NT_STATUS_OK;
}
}
struct fruit_disk_free_state {
- size_t total_size;
+ off_t total_size;
};
static bool fruit_get_num_bands(vfs_handle_struct *handle,
size_t sparsebundle_strlen = strlen("sparsebundle");
size_t bandsize = 0;
size_t nbands;
- double tm_size;
+ off_t tm_size;
p = strstr(e->d_name, "sparsebundle");
if (p == NULL) {
return true;
}
- tm_size = bandsize * nbands;
- if (tm_size > UINT64_MAX) {
+ if (bandsize > SIZE_MAX/nbands) {
DBG_ERR("tmsize overflow: bandsize [%zu] nbands [%zu]\n",
bandsize, nbands);
return false;
}
+ tm_size = bandsize * nbands;
if (state->total_size + tm_size < state->total_size) {
DBG_ERR("tmsize overflow: bandsize [%zu] nbands [%zu]\n",
state->total_size += tm_size;
- DBG_DEBUG("[%s] tm_size [%.0f] total_size [%zu]\n",
- e->d_name, tm_size, state->total_size);
+ DBG_DEBUG("[%s] tm_size [%jd] total_size [%jd]\n",
+ e->d_name, (intmax_t)tm_size, (intmax_t)state->total_size);
return true;
}
.rename_fn = fruit_rename,
.rmdir_fn = fruit_rmdir,
.open_fn = fruit_open,
+ .close_fn = fruit_close,
.pread_fn = fruit_pread,
.pwrite_fn = fruit_pwrite,
.pread_send_fn = fruit_pread_send,