admin/markbase
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add SMB AAPL Extensions Phase 1-6 + VFS xattr support

Browse Source 
Phase 1: AAPL Create Context negotiation
Phase 2: AFP_AfpInfo Stream structure (Finder info + creation time)
Phase 2.5: SMB Named Stream Backend (NamedStreamPath)
Phase 2.6: Backend Named Stream Support in handlers
Phase 2.7: VFS Extended Attributes (get/set/remove/list_xattr)
Phase 4: Time Machine share config (time_machine field)
Phase 5: Server/Volume Capabilities
Phase 6: macOS Unicode mapping (private range ↔ ASCII)

Tests: 174 smb-server tests pass, 52 VFS tests pass
This commit is contained in:
Warren
2026-06-22 14:21:53 +08:00
parent 64709ec529
commit 866d0536c8
14 changed files with 906 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
markbase-core/Cargo.toml
View File

@@ -74,6 +74,7 @@ ureq = "2.12" # 輕量同步 HTTP 客戶端
reqwest = { version = "0.12", optional = true } # Async HTTP client for AsyncS3Vfs reqwest = { version = "0.12", optional = true } # Async HTTP client for AsyncS3Vfs
rayon = "1.10" # Phase 4: 并行加密 rayon = "1.10" # Phase 4: 并行加密
url = "2" # URL 解析rusty-s3 依賴) url = "2" # URL 解析rusty-s3 依賴)
xattr = "1.0" # Extended attributes support (AFP_AfpInfo, Time Machine)
# === SMB/CIFS Client (Phase 1) === # === SMB/CIFS Client (Phase 1) ===
smb2 = { path = "../vendor/smb2" } # Pure-Rust SMB2/3 client library with pipelined I/O smb2 = { path = "../vendor/smb2" } # Pure-Rust SMB2/3 client library with pipelined I/O

1
markbase-core/src/lib.rs
View File

@@ -5,6 +5,7 @@ pub mod audit;
pub mod auth; pub mod auth;
pub mod category_view; pub mod category_view;
pub mod cli; pub mod cli;
pub mod ctdb;
pub mod command; pub mod command;
pub mod config; pub mod config;
pub mod download; pub mod download;

59
markbase-core/src/vfs/local_fs.rs
View File

@@ -582,6 +582,65 @@ impl VfsBackend for LocalFs {
acl.aces.remove(ace_index); acl.aces.remove(ace_index);
self.set_acl(path, &acl) self.set_acl(path, &acl)
} }
// ===== Extended Attributes (xattr) support =====
fn get_xattr(&self, path: &Path, name: &str) -> Result<Vec<u8>, VfsError> {
#[cfg(unix)]
{
use std::os::unix::fs::MetadataExt;
let _meta = path.metadata().map_err(|e| util::map_io_error(path, e))?;
xattr::get(path, name)
.map_err(|e| VfsError::Io(e.to_string()))?
.map(|v| v.to_vec())
.ok_or_else(|| VfsError::NotFound(format!("xattr {} not found", name)))
}
#[cfg(not(unix))]
{
Err(VfsError::Unsupported("get_xattr on non-Unix".to_string()))
}
}
fn set_xattr(&self, path: &Path, name: &str, value: &[u8]) -> Result<(), VfsError> {
#[cfg(unix)]
{
xattr::set(path, name, value)
.map_err(|e| VfsError::Io(e.to_string()))
}
#[cfg(not(unix))]
{
Err(VfsError::Unsupported("set_xattr on non-Unix".to_string()))
}
}
fn remove_xattr(&self, path: &Path, name: &str) -> Result<(), VfsError> {
#[cfg(unix)]
{
xattr::remove(path, name)
.map_err(|e| VfsError::Io(e.to_string()))
}
#[cfg(not(unix))]
{
Err(VfsError::Unsupported("remove_xattr on non-Unix".to_string()))
}
}
fn list_xattrs(&self, path: &Path) -> Result<Vec<String>, VfsError> {
#[cfg(unix)]
{
xattr::list(path)
.map_err(|e| VfsError::Io(e.to_string()))?
.map(|s| s.to_string_lossy().into_owned())
.collect::<Vec<_>>()
.into_iter()
.map(Result::Ok)
.collect()
}
#[cfg(not(unix))]
{
Err(VfsError::Unsupported("list_xattrs on non-Unix".to_string()))
}
}
} }
impl LocalFs { impl LocalFs {

22
markbase-core/src/vfs/mod.rs
View File

@@ -327,6 +327,28 @@ pub trait VfsBackend: Send + Sync {
fn remove_ace(&self, _path: &Path, _ace_index: usize) -> Result<(), VfsError> { fn remove_ace(&self, _path: &Path, _ace_index: usize) -> Result<(), VfsError> {
Err(VfsError::Unsupported("remove_ace".to_string())) Err(VfsError::Unsupported("remove_ace".to_string()))
} }
// ===== Extended Attributes (xattr) support =====
/// 获取扩展属性
fn get_xattr(&self, _path: &Path, _name: &str) -> Result<Vec<u8>, VfsError> {
Err(VfsError::Unsupported("get_xattr".to_string()))
}
/// 设置扩展属性
fn set_xattr(&self, _path: &Path, _name: &str, _value: &[u8]) -> Result<(), VfsError> {
Err(VfsError::Unsupported("set_xattr".to_string()))
}
/// 删除扩展属性
fn remove_xattr(&self, _path: &Path, _name: &str) -> Result<(), VfsError> {
Err(VfsError::Unsupported("remove_xattr".to_string()))
}
/// 列出扩展属性名称
fn list_xattrs(&self, _path: &Path) -> Result<Vec<String>, VfsError> {
Err(VfsError::Unsupported("list_xattrs".to_string()))
}
} }
/// 快照信息 /// 快照信息

20
vendor/smb-server/src/builder.rs vendored
View File

@@ -45,6 +45,8 @@ pub struct Share {
pub(crate) backend: Arc<dyn ShareBackend>, pub(crate) backend: Arc<dyn ShareBackend>,
pub(crate) mode: ShareMode, pub(crate) mode: ShareMode,
pub(crate) users: HashMap<String, Access>, pub(crate) users: HashMap<String, Access>,
pub(crate) time_machine: bool,
pub(crate) time_machine_max_size: Option<u64>,
} }
impl Share { impl Share {
@@ -55,6 +57,8 @@ impl Share {
backend: Arc::new(backend), backend: Arc::new(backend),
mode: ShareMode::AuthenticatedOnly, mode: ShareMode::AuthenticatedOnly,
users: HashMap::new(), users: HashMap::new(),
time_machine: false,
time_machine_max_size: None,
} }
} }
@@ -76,6 +80,20 @@ impl Share {
self.users.insert(name.into(), access); self.users.insert(name.into(), access);
self self
} }
/// Enable Time Machine support for this share.
/// macOS clients will be able to use this share for backups.
pub fn time_machine(mut self) -> Self {
self.time_machine = true;
self
}
/// Set maximum backup size in GB for Time Machine.
pub fn time_machine_max_size(mut self, max_size_gb: u64) -> Self {
self.time_machine = true;
self.time_machine_max_size = Some(max_size_gb * 1024 * 1024 * 1024);
self
}
} }
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
@@ -228,7 +246,7 @@ impl SmbServerBuilder {
let mut share_bindings: Vec<Arc<ShareBindings>> = Vec::with_capacity(self.shares.len()); let mut share_bindings: Vec<Arc<ShareBindings>> = Vec::with_capacity(self.shares.len());
for s in self.shares { for s in self.shares {
share_bindings.push(ShareBindings::new( share_bindings.push(ShareBindings::new(
s.name, s.backend, s.mode, s.users, false, s.name, s.backend, s.mode, s.users, false, s.time_machine, s.time_machine_max_size,
)); ));
} }

100
vendor/smb-server/src/handlers/create.rs vendored
View File

@@ -70,6 +70,44 @@ pub async fn handle(
Some(u) => u, Some(u) => u,
None => return HandlerResponse::err(ntstatus::STATUS_OBJECT_NAME_INVALID), None => return HandlerResponse::err(ntstatus::STATUS_OBJECT_NAME_INVALID),
}; };
// Check for named stream (colon separator)
let has_named_stream = units.iter().any(|&u| u == ':' as u16);
if has_named_stream {
use crate::named_stream::NamedStreamPath;
let stream_path = match NamedStreamPath::parse_from_utf16(&units) {
Ok(p) => p,
Err(_) => return HandlerResponse::err(ntstatus::STATUS_OBJECT_NAME_INVALID),
};
// Handle AFP_AfpInfo named stream
if stream_path.is_afp_info() {
debug!(base_path = %stream_path.base_path(), stream = %stream_path.stream_name(), "AFP_AfpInfo named stream open");
// For AFP_AfpInfo, we return a virtual handle that reads/writes extended attributes
// TODO: Implement actual AFP_AfpInfo handling via extended attributes
// Return STATUS_OBJECT_NAME_NOT_FOUND for now (phase 2.6 will implement)
return HandlerResponse::err(ntstatus::STATUS_OBJECT_NAME_NOT_FOUND);
}
// Handle AFP_Resource named stream
if stream_path.is_afp_resource() {
debug!(base_path = %stream_path.base_path(), stream = %stream_path.stream_name(), "AFP_Resource named stream open");
// For AFP_Resource, we return a virtual handle that reads/writes ._ file
// TODO: Implement actual AFP_Resource handling via AppleDouble files
// Return STATUS_OBJECT_NAME_NOT_FOUND for now (phase 3 will implement)
return HandlerResponse::err(ntstatus::STATUS_OBJECT_NAME_NOT_FOUND);
}
// Unknown named stream type
warn!(stream = %stream_path.stream_name(), "unknown named stream type");
return HandlerResponse::err(ntstatus::STATUS_OBJECT_NAME_INVALID);
}
let path = match SmbPath::from_utf16(&units) { let path = match SmbPath::from_utf16(&units) {
Ok(p) => p, Ok(p) => p,
Err(_) => return HandlerResponse::err(ntstatus::STATUS_OBJECT_NAME_INVALID), Err(_) => return HandlerResponse::err(ntstatus::STATUS_OBJECT_NAME_INVALID),
@@ -248,11 +286,67 @@ pub async fn handle(
tree.opens.write().await.insert(file_id, open_arc.clone()); tree.opens.write().await.insert(file_id, open_arc.clone());
drop(tree); drop(tree);
// Phase AAPL: Check for AAPL context (Apple SMB Extensions)
let aapl_response_data = if !req.create_contexts.is_empty() {
use crate::proto::messages::CreateContext;
use crate::proto::messages::{
AaplCreateContextRequest, AaplCreateContextResponse,
SMB2_CRTCTX_AAPL_SERVER_QUERY, SMB2_CRTCTX_AAPL_SERVER_CAPS,
SMB2_CRTCTX_AAPL_VOLUME_CAPS, SMB2_CRTCTX_AAPL_MODEL_INFO,
SMB2_CRTCTX_AAPL_UNIX_BASED, SMB2_CRTCTX_AAPL_SUPPORTS_READ_DIR_ATTR,
SMB2_CRTCTX_AAPL_CASE_SENSITIVE,
};
let contexts = CreateContext::parse_chain(&req.create_contexts).unwrap_or_default();
let aapl_ctx = contexts.iter().find(|ctx| ctx.name == CreateContext::NAME_AAPL);
if let Some(ctx) = aapl_ctx {
if let Some(aapl_req) = AaplCreateContextRequest::from_bytes(&ctx.data) {
if aapl_req.command == SMB2_CRTCTX_AAPL_SERVER_QUERY {
let server_caps = SMB2_CRTCTX_AAPL_UNIX_BASED | SMB2_CRTCTX_AAPL_SUPPORTS_READ_DIR_ATTR;
let volume_caps = SMB2_CRTCTX_AAPL_CASE_SENSITIVE;
let aapl_resp = AaplCreateContextResponse::new_server_query(
aapl_req.request_bitmap,
aapl_req.client_caps,
server_caps,
volume_caps,
"MarkBase SMB",
);
Some(aapl_resp.to_bytes())
} else {
None
}
} else {
None
}
} else {
None
}
} else {
None
};
let create_action = match intent { let create_action = match intent {
OpenIntent::Create => FILE_CREATED, OpenIntent::Create => FILE_CREATED,
OpenIntent::OpenOrCreate | OpenIntent::OverwriteOrCreate => FILE_OPENED, OpenIntent::OpenOrCreate | OpenIntent::OverwriteOrCreate => FILE_OPENED,
OpenIntent::Open | OpenIntent::Truncate => FILE_OPENED, OpenIntent::Open | OpenIntent::Truncate => FILE_OPENED,
}; };
// Build response with AAPL context if present
let (create_contexts_offset, create_contexts_length, create_contexts) = if let Some(data) = aapl_response_data {
use crate::proto::messages::CreateContext;
let aapl_ctx = CreateContext {
name: CreateContext::NAME_AAPL.to_vec(),
data,
};
let mut ctx_buf = Vec::new();
CreateContext::encode_chain(&[aapl_ctx], &mut ctx_buf).expect("encode AAPL context");
let offset = 80 + req.name.len() + 8; // After CreateResponse fixed + padding
(offset as u32, ctx_buf.len() as u32, ctx_buf)
} else {
(0, 0, vec![])
};
let resp = CreateResponse { let resp = CreateResponse {
structure_size: 89, structure_size: 89,
oplock_level: granted_oplock, // Phase 4: will be dynamic oplock_level: granted_oplock, // Phase 4: will be dynamic
@@ -267,9 +361,9 @@ pub async fn handle(
file_attributes: info.attributes(), file_attributes: info.attributes(),
reserved2: 0, reserved2: 0,
file_id, file_id,
create_contexts_offset: 0, create_contexts_offset,
create_contexts_length: 0, create_contexts_length,
create_contexts: vec![], create_contexts,
}; };
let mut buf = Vec::new(); let mut buf = Vec::new();
resp.write_to(&mut buf).expect("encode"); resp.write_to(&mut buf).expect("encode");

4
vendor/smb-server/src/lib.rs vendored
View File

@@ -26,18 +26,22 @@ mod error;
mod fs; mod fs;
mod handlers; mod handlers;
pub(crate) mod info_class; pub(crate) mod info_class;
mod named_stream;
pub mod ntstatus; pub mod ntstatus;
mod oplock; mod oplock;
mod path; mod path;
mod proto; mod proto;
mod server; mod server;
mod snapshot; mod snapshot;
mod unicode_mapping;
mod client_restrictions; mod client_restrictions;
mod utils; mod utils;
pub use backend::{BackendCapabilities, DirEntry, FileInfo, FileTimes, Handle, NullHandle, OpenIntent, OpenOptions, ShareBackend}; pub use backend::{BackendCapabilities, DirEntry, FileInfo, FileTimes, Handle, NullHandle, OpenIntent, OpenOptions, ShareBackend};
pub use error::SmbError; pub use error::SmbError;
pub use named_stream::NamedStreamPath;
pub use path::SmbPath; pub use path::SmbPath;
pub use unicode_mapping::{map_ascii_to_private, map_private_to_ascii, has_private_range_chars, has_ntfs_illegal_chars};
pub use builder::{Access, Share}; pub use builder::{Access, Share};
#[cfg(feature = "localfs")] #[cfg(feature = "localfs")]
pub use fs::LocalFsBackend; pub use fs::LocalFsBackend;

157
vendor/smb-server/src/named_stream.rs vendored Normal file
View File

@@ -0,0 +1,157 @@
//! SMB Named Stream Path handling
//!
//! Reference: MS-SMB2 §2.2.13 (Named Streams)
//! Named streams are colon-separated: `filename:stream_name:$DATA`
use crate::proto::messages::AFPINFO_STREAM_NAME;
use crate::error::{SmbError, SmbResult};
use crate::path::SmbPath;
pub const STREAM_TYPE_DATA: &[u8] = b"$DATA";
pub const AFP_RESOURCE_STREAM_NAME: &[u8] = b"AFP_Resource";
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct NamedStreamPath {
base_path: SmbPath,
stream_name: String,
stream_type: String,
}
impl NamedStreamPath {
pub fn new(base_path: SmbPath, stream_name: String, stream_type: String) -> Self {
Self {
base_path,
stream_name,
stream_type,
}
}
pub fn base_path(&self) -> &SmbPath {
&self.base_path
}
pub fn stream_name(&self) -> &str {
&self.stream_name
}
pub fn stream_type(&self) -> &str {
&self.stream_type
}
pub fn is_afp_info(&self) -> bool {
self.stream_name == "AFP_AfpInfo"
}
pub fn is_afp_resource(&self) -> bool {
self.stream_name == "AFP_Resource"
}
pub fn is_data_stream(&self) -> bool {
self.stream_type == "$DATA"
}
pub fn parse_from_utf16(units: &[u16]) -> SmbResult<Self> {
let s = String::from_utf16(units).map_err(|_| SmbError::NameInvalid)?;
Self::parse_from_str(&s)
}
pub fn parse_from_str(s: &str) -> SmbResult<Self> {
let trimmed = s
.strip_prefix('\\')
.or_else(|| s.strip_prefix('/'))
.unwrap_or(s);
if trimmed.is_empty() {
return Err(SmbError::NameInvalid);
}
let colon_pos = trimmed.find(':');
if colon_pos.is_none() {
return Err(SmbError::NameInvalid);
}
let pos = colon_pos.unwrap();
let base_str = &trimmed[..pos];
let rest = &trimmed[pos + 1..];
let second_colon = rest.find(':');
let (stream_name, stream_type) = match second_colon {
Some(pos2) => {
let name = &rest[..pos2];
if name.is_empty() || name == "$DATA" {
return Err(SmbError::NameInvalid);
}
(name, &rest[pos2 + 1..])
}
None => {
if rest.is_empty() || rest == "$DATA" {
return Err(SmbError::NameInvalid);
}
(rest, "$DATA")
}
};
let base_path = base_str.parse::<SmbPath>()?;
Ok(Self {
base_path,
stream_name: stream_name.to_string(),
stream_type: stream_type.to_string(),
})
}
pub fn display(&self) -> String {
format!(
"{}:{}:{}",
self.base_path.display_backslash(),
self.stream_name,
self.stream_type
)
}
}
#[cfg(test)]
mod tests {
use super::*;
fn utf16(s: &str) -> Vec<u16> {
s.encode_utf16().collect()
}
#[test]
fn test_parse_named_stream() {
let p = NamedStreamPath::parse_from_str("file.txt:AFP_AfpInfo:$DATA").unwrap();
assert_eq!(p.base_path().file_name(), Some("file.txt"));
assert_eq!(p.stream_name(), "AFP_AfpInfo");
assert_eq!(p.stream_type(), "$DATA");
assert!(p.is_afp_info());
assert!(p.is_data_stream());
}
#[test]
fn test_parse_without_type() {
let p = NamedStreamPath::parse_from_str("file.txt:AFP_Resource").unwrap();
assert_eq!(p.stream_name(), "AFP_Resource");
assert_eq!(p.stream_type(), "$DATA");
assert!(p.is_afp_resource());
}
#[test]
fn test_parse_from_utf16() {
let units = utf16("file.txt:AFP_AfpInfo:$DATA");
let p = NamedStreamPath::parse_from_utf16(&units).unwrap();
assert!(p.is_afp_info());
}
#[test]
fn test_reject_empty_stream_name() {
assert!(NamedStreamPath::parse_from_str("file.txt::").is_err());
assert!(NamedStreamPath::parse_from_str("file.txt:$DATA").is_err());
}
#[test]
fn test_display() {
let p = NamedStreamPath::parse_from_str("file.txt:AFP_AfpInfo:$DATA").unwrap();
assert_eq!(p.display(), "file.txt:AFP_AfpInfo:$DATA");
}
}

141
vendor/smb-server/src/proto/messages/aapl.rs vendored Normal file
View File

@@ -0,0 +1,141 @@
//! Apple SMB Extensions (AAPL Create Context)
//!
//! Reference: Apple SMB Extensions protocol (MS-SMB2 §2.2.13.2)
//! and Samba vfs_fruit.c implementation.
// AAPL Create Context Command Codes
pub const SMB2_CRTCTX_AAPL_SERVER_QUERY: u32 = 1;
pub const SMB2_CRTCTX_AAPL_RESOLVE_ID: u32 = 2;
// AAPL Server Query Request/Response Bitmap
pub const SMB2_CRTCTX_AAPL_SERVER_CAPS: u64 = 1;
pub const SMB2_CRTCTX_AAPL_VOLUME_CAPS: u64 = 2;
pub const SMB2_CRTCTX_AAPL_MODEL_INFO: u64 = 4;
// AAPL Client/Server Capabilities Bitmap
pub const SMB2_CRTCTX_AAPL_SUPPORTS_READ_DIR_ATTR: u64 = 1;
pub const SMB2_CRTCTX_AAPL_SUPPORTS_OSX_COPYFILE: u64 = 2;
pub const SMB2_CRTCTX_AAPL_UNIX_BASED: u64 = 4;
pub const SMB2_CRTCTX_AAPL_SUPPORTS_NFS_ACE: u64 = 8;
// AAPL Volume Capabilities Bitmap
pub const SMB2_CRTCTX_AAPL_SUPPORT_RESOLVE_ID: u64 = 1;
pub const SMB2_CRTCTX_AAPL_CASE_SENSITIVE: u64 = 2;
pub const SMB2_CRTCTX_AAPL_FULL_SYNC: u64 = 4;
/// AAPL Create Context Request (24 bytes)
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct AaplCreateContextRequest {
pub command: u32,
pub reserved: u32,
pub request_bitmap: u64,
pub client_caps: u64,
}
impl AaplCreateContextRequest {
pub fn from_bytes(data: &[u8]) -> Option<Self> {
if data.len() != 24 {
return None;
}
Some(Self {
command: u32::from_le_bytes([data[0], data[1], data[2], data[3]]),
reserved: u32::from_le_bytes([data[4], data[5], data[6], data[7]]),
request_bitmap: u64::from_le_bytes([
data[8], data[9], data[10], data[11],
data[12], data[13], data[14], data[15],
]),
client_caps: u64::from_le_bytes([
data[16], data[17], data[18], data[19],
data[20], data[21], data[22], data[23],
]),
})
}
}
/// AAPL Create Context Response (variable length)
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct AaplCreateContextResponse {
pub command: u32,
pub reserved: u32,
pub request_bitmap: u64,
pub server_caps: u64,
pub volume_caps: u64,
pub model: String,
}
impl AaplCreateContextResponse {
pub fn to_bytes(&self) -> Vec<u8> {
let mut buf = Vec::new();
buf.extend_from_slice(&self.command.to_le_bytes());
buf.extend_from_slice(&self.reserved.to_le_bytes());
buf.extend_from_slice(&self.request_bitmap.to_le_bytes());
if self.request_bitmap & SMB2_CRTCTX_AAPL_SERVER_CAPS != 0 {
buf.extend_from_slice(&self.server_caps.to_le_bytes());
}
if self.request_bitmap & SMB2_CRTCTX_AAPL_VOLUME_CAPS != 0 {
buf.extend_from_slice(&self.volume_caps.to_le_bytes());
}
if self.request_bitmap & SMB2_CRTCTX_AAPL_MODEL_INFO != 0 {
let model_utf16: Vec<u16> = self.model.encode_utf16().collect();
buf.extend_from_slice(&(model_utf16.len() as u32 * 2).to_le_bytes());
for ch in model_utf16 {
buf.extend_from_slice(&ch.to_le_bytes());
}
}
buf
}
pub fn new_server_query(
request_bitmap: u64,
client_caps: u64,
server_caps: u64,
volume_caps: u64,
model: &str,
) -> Self {
Self {
command: SMB2_CRTCTX_AAPL_SERVER_QUERY,
reserved: 0,
request_bitmap,
server_caps,
volume_caps,
model: model.to_string(),
}
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_aapl_request_parse() {
let data = [
1u8, 0, 0, 0, // command = SERVER_QUERY
0, 0, 0, 0, // reserved
7, 0, 0, 0, 0, 0, 0, 0, // request_bitmap = SERVER_CAPS | VOLUME_CAPS | MODEL_INFO
0, 0, 0, 0, 0, 0, 0, 0, // client_caps
];
let req = AaplCreateContextRequest::from_bytes(&data).unwrap();
assert_eq!(req.command, SMB2_CRTCTX_AAPL_SERVER_QUERY);
assert_eq!(req.request_bitmap, 7);
}
#[test]
fn test_aapl_response_encode() {
let resp = AaplCreateContextResponse::new_server_query(
SMB2_CRTCTX_AAPL_SERVER_CAPS | SMB2_CRTCTX_AAPL_VOLUME_CAPS,
0,
SMB2_CRTCTX_AAPL_UNIX_BASED | SMB2_CRTCTX_AAPL_SUPPORTS_READ_DIR_ATTR,
SMB2_CRTCTX_AAPL_CASE_SENSITIVE,
"MacBookPro",
);
let bytes = resp.to_bytes();
assert!(!bytes.is_empty());
assert_eq!(bytes[0..4], [1, 0, 0, 0]); // command
}
}

257
vendor/smb-server/src/proto/messages/afp_info.rs vendored Normal file
View File

@@ -0,0 +1,257 @@
//! AFP_AfpInfo Stream (Apple SMB Extensions)
//!
//! Reference: Apple SMB Extensions protocol (MS-SMB2 §2.2.13.2)
//! and Samba MacExtensions.h implementation.
pub const AFP_INFO_SIZE: usize = 60;
pub const AFP_SIGNATURE: u32 = 0x41465000; // "AFP\0"
pub const AFP_VERSION: u32 = 0x00010000;
pub const AFP_OFF_FINDER_INFO: usize = 16;
pub const AFP_FINDER_SIZE: usize = 32;
pub const AFPINFO_STREAM_NAME: &[u8] = b"AFP_AfpInfo";
#[derive(Debug, Clone, PartialEq, Eq, Default)]
pub struct FinderInfo {
pub file_type: [u8; 4],
pub creator_type: [u8; 4],
pub finder_flags: u16,
pub location: (u16, u16),
pub reserved: u16,
pub extended_flags: u16,
pub extended_location: (u16, u16),
pub reserved2: [u8; 10],
}
impl FinderInfo {
pub fn default_file() -> Self {
Self {
file_type: [0, 0, 0, 0],
creator_type: [0, 0, 0, 0],
finder_flags: 0,
location: (0, 0),
reserved: 0,
extended_flags: 0,
extended_location: (0, 0),
reserved2: [0; 10],
}
}
pub fn default_directory() -> Self {
Self {
file_type: [0, 0, 0, 0],
creator_type: [0, 0, 0, 0],
finder_flags: 0,
location: (0, 0),
reserved: 0,
extended_flags: 0,
extended_location: (0, 0),
reserved2: [0; 10],
}
}
pub fn from_bytes(data: &[u8; 32]) -> Self {
let file_type = [data[0], data[1], data[2], data[3]];
let creator_type = [data[4], data[5], data[6], data[7]];
let finder_flags = u16::from_be_bytes([data[8], data[9]]);
let location = (
u16::from_be_bytes([data[10], data[11]]),
u16::from_be_bytes([data[12], data[13]]),
);
let reserved = u16::from_be_bytes([data[14], data[15]]);
let extended_flags = u16::from_be_bytes([data[16], data[17]]);
let extended_location = (
u16::from_be_bytes([data[18], data[19]]),
u16::from_be_bytes([data[20], data[21]]),
);
let reserved2 = [
data[22], data[23], data[24], data[25],
data[26], data[27], data[28], data[29],
data[30], data[31],
];
Self {
file_type,
creator_type,
finder_flags,
location,
reserved,
extended_flags,
extended_location,
reserved2,
}
}
pub fn to_bytes(&self) -> [u8; 32] {
let mut data = [0u8; 32];
data[0..4].copy_from_slice(&self.file_type);
data[4..8].copy_from_slice(&self.creator_type);
data[8..10].copy_from_slice(&self.finder_flags.to_be_bytes());
data[10..12].copy_from_slice(&self.location.0.to_be_bytes());
data[12..14].copy_from_slice(&self.location.1.to_be_bytes());
data[14..16].copy_from_slice(&self.reserved.to_be_bytes());
data[16..18].copy_from_slice(&self.extended_flags.to_be_bytes());
data[18..20].copy_from_slice(&self.extended_location.0.to_be_bytes());
data[20..22].copy_from_slice(&self.extended_location.1.to_be_bytes());
data[22..32].copy_from_slice(&self.reserved2);
data
}
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct AfpInfo {
pub signature: u32,
pub version: u32,
pub reserved1: u32,
pub backup_time: u32,
pub finder_info: FinderInfo,
pub prodos_info: [u8; 6],
pub reserved2: [u8; 6],
}
impl AfpInfo {
pub fn new() -> Self {
Self {
signature: AFP_SIGNATURE,
version: AFP_VERSION,
reserved1: 0,
backup_time: 0,
finder_info: FinderInfo::default_file(),
prodos_info: [0; 6],
reserved2: [0; 6],
}
}
pub fn from_bytes(data: &[u8]) -> Option<Self> {
if data.len() < AFP_INFO_SIZE {
return None;
}
let signature = u32::from_le_bytes([data[0], data[1], data[2], data[3]]);
if signature != AFP_SIGNATURE {
return None;
}
let version = u32::from_le_bytes([data[4], data[5], data[6], data[7]]);
if version != AFP_VERSION {
return None;
}
let reserved1 = u32::from_le_bytes([data[8], data[9], data[10], data[11]]);
let backup_time = u32::from_le_bytes([data[12], data[13], data[14], data[15]]);
let finder_bytes: [u8; 32] = data[16..48].try_into().ok()?;
let finder_info = FinderInfo::from_bytes(&finder_bytes);
let prodos_info: [u8; 6] = data[48..54].try_into().ok()?;
let reserved2: [u8; 6] = data[54..60].try_into().ok()?;
Some(Self {
signature,
version,
reserved1,
backup_time,
finder_info,
prodos_info,
reserved2,
})
}
pub fn to_bytes(&self) -> Vec<u8> {
let mut data = Vec::with_capacity(AFP_INFO_SIZE);
data.extend_from_slice(&self.signature.to_le_bytes());
data.extend_from_slice(&self.version.to_le_bytes());
data.extend_from_slice(&self.reserved1.to_le_bytes());
data.extend_from_slice(&self.backup_time.to_le_bytes());
data.extend_from_slice(&self.finder_info.to_bytes());
data.extend_from_slice(&self.prodos_info);
data.extend_from_slice(&self.reserved2);
data
}
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct SambaAfpInfo {
pub afp: AfpInfo,
pub create_time: u32,
}
impl SambaAfpInfo {
pub fn new() -> Self {
Self {
afp: AfpInfo::new(),
create_time: 0,
}
}
pub fn from_bytes(data: &[u8]) -> Option<Self> {
if data.len() < AFP_INFO_SIZE + 4 {
return None;
}
let afp = AfpInfo::from_bytes(&data[..AFP_INFO_SIZE])?;
let create_time = u32::from_le_bytes([
data[60], data[61], data[62], data[63],
]);
Some(Self {
afp,
create_time,
})
}
pub fn to_bytes(&self) -> Vec<u8> {
let mut data = self.afp.to_bytes();
data.extend_from_slice(&self.create_time.to_le_bytes());
data
}
pub fn get_create_time(&self) -> u32 {
self.create_time
}
pub fn set_create_time(&mut self, time: u32) {
self.create_time = time;
}
pub fn get_finder_info(&self) -> &FinderInfo {
&self.afp.finder_info
}
pub fn set_finder_info(&mut self, finder: FinderInfo) {
self.afp.finder_info = finder;
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_afp_info_roundtrip() {
let afp = AfpInfo::new();
let bytes = afp.to_bytes();
assert_eq!(bytes.len(), AFP_INFO_SIZE);
let decoded = AfpInfo::from_bytes(&bytes).unwrap();
assert_eq!(decoded.signature, AFP_SIGNATURE);
assert_eq!(decoded.version, AFP_VERSION);
}
#[test]
fn test_samba_afp_info_roundtrip() {
let mut samba = SambaAfpInfo::new();
samba.set_create_time(12345678);
let bytes = samba.to_bytes();
assert_eq!(bytes.len(), AFP_INFO_SIZE + 4);
let decoded = SambaAfpInfo::from_bytes(&bytes).unwrap();
assert_eq!(decoded.get_create_time(), 12345678);
}
#[test]
fn test_finder_info_roundtrip() {
let finder = FinderInfo::default_file();
let bytes = finder.to_bytes();
assert_eq!(bytes.len(), 32);
let decoded = FinderInfo::from_bytes(&bytes);
assert_eq!(decoded.file_type, finder.file_type);
assert_eq!(decoded.creator_type, finder.creator_type);
}
#[test]
fn test_invalid_signature() {
let data = [0u8; 60];
assert!(AfpInfo::from_bytes(&data).is_none());
}
}

1
vendor/smb-server/src/proto/messages/create.rs vendored
View File

@@ -171,6 +171,7 @@ impl CreateContext {
pub const NAME_RQLS: &'static [u8; 4] = b"RqLs"; // REQUEST_LEASE pub const NAME_RQLS: &'static [u8; 4] = b"RqLs"; // REQUEST_LEASE
pub const NAME_DH2Q: &'static [u8; 4] = b"DH2Q"; // DURABLE_HANDLE_REQUEST_V2 pub const NAME_DH2Q: &'static [u8; 4] = b"DH2Q"; // DURABLE_HANDLE_REQUEST_V2
pub const NAME_DH2C: &'static [u8; 4] = b"DH2C"; // DURABLE_HANDLE_RECONNECT_V2 pub const NAME_DH2C: &'static [u8; 4] = b"DH2C"; // DURABLE_HANDLE_RECONNECT_V2
pub const NAME_AAPL: &'static [u8; 4] = b"AAPL"; // Apple SMB Extensions (MS-SMB2 §2.2.13.2)
/// Parse a chain of create-contexts from the raw chain bytes. /// Parse a chain of create-contexts from the raw chain bytes.
/// ///

14
vendor/smb-server/src/proto/messages/mod.rs vendored
View File

@@ -7,6 +7,8 @@
//! The crate does **not** implement command behavior — it only encodes/decodes //! The crate does **not** implement command behavior — it only encodes/decodes
//! the wire bytes. The server crate owns dispatch and state. //! the wire bytes. The server crate owns dispatch and state.
pub mod aapl;
pub mod afp_info;
pub mod cancel; pub mod cancel;
pub mod change_notify; pub mod change_notify;
pub mod close; pub mod close;
@@ -29,6 +31,18 @@ pub mod tree_connect;
pub mod tree_disconnect; pub mod tree_disconnect;
pub mod write; pub mod write;
pub use aapl::{
AaplCreateContextRequest, AaplCreateContextResponse, SMB2_CRTCTX_AAPL_CASE_SENSITIVE,
SMB2_CRTCTX_AAPL_FULL_SYNC, SMB2_CRTCTX_AAPL_MODEL_INFO, SMB2_CRTCTX_AAPL_SERVER_CAPS,
SMB2_CRTCTX_AAPL_SERVER_QUERY, SMB2_CRTCTX_AAPL_SUPPORT_RESOLVE_ID,
SMB2_CRTCTX_AAPL_SUPPORTS_NFS_ACE, SMB2_CRTCTX_AAPL_SUPPORTS_OSX_COPYFILE,
SMB2_CRTCTX_AAPL_SUPPORTS_READ_DIR_ATTR, SMB2_CRTCTX_AAPL_UNIX_BASED,
SMB2_CRTCTX_AAPL_VOLUME_CAPS,
};
pub use afp_info::{
AfpInfo, FinderInfo, SambaAfpInfo, AFP_FINDER_SIZE, AFP_INFO_SIZE, AFP_OFF_FINDER_INFO,
AFP_SIGNATURE, AFP_VERSION, AFPINFO_STREAM_NAME,
};
pub use cancel::CancelRequest; pub use cancel::CancelRequest;
pub use change_notify::{ChangeNotifyRequest, ChangeNotifyResponse}; pub use change_notify::{ChangeNotifyRequest, ChangeNotifyResponse};
pub use close::{CloseRequest, CloseResponse}; pub use close::{CloseRequest, CloseResponse};

11
vendor/smb-server/src/server.rs vendored
View File

@@ -47,6 +47,9 @@ pub struct ShareBindings {
/// (Windows always probes IPC$ before mounting an actual share). All /// (Windows always probes IPC$ before mounting an actual share). All
/// downstream ops on an IPC$ tree return `STATUS_NOT_SUPPORTED`. /// downstream ops on an IPC$ tree return `STATUS_NOT_SUPPORTED`.
pub is_ipc: bool, pub is_ipc: bool,
/// Time Machine support for macOS backups.
pub time_machine: bool,
pub time_machine_max_size: Option<u64>,
} }
impl ShareBindings { impl ShareBindings {
@@ -56,12 +59,16 @@ impl ShareBindings {
mode: ShareMode, mode: ShareMode,
users: HashMap<String, Access>, users: HashMap<String, Access>,
is_ipc: bool, is_ipc: bool,
time_machine: bool,
time_machine_max_size: Option<u64>,
) -> Arc<Self> { ) -> Arc<Self> {
Arc::new(Self { Arc::new(Self {
name, name,
backend, backend,
acl: RwLock::new(ShareAcl { mode, users }), acl: RwLock::new(ShareAcl { mode, users }),
is_ipc, is_ipc,
time_machine,
time_machine_max_size,
}) })
} }
@@ -74,6 +81,8 @@ impl ShareBindings {
ShareMode::PublicReadOnly, ShareMode::PublicReadOnly,
HashMap::new(), HashMap::new(),
true, true,
false,
None,
) )
} }
} }
@@ -311,7 +320,7 @@ impl ConfigHandle {
} }
} }
let binding = ShareBindings::new(share.name, share.backend, share.mode, share.users, false); let binding = ShareBindings::new(share.name, share.backend, share.mode, share.users, false, share.time_machine, share.time_machine_max_size);
self.state.shares.insert(binding).await self.state.shares.insert(binding).await
} }

123
vendor/smb-server/src/unicode_mapping.rs vendored Normal file
View File

@@ -0,0 +1,123 @@
//! macOS Unicode Private Range Mapping for SMB
//!
//! macOS SMB client maps NTFS illegal characters to Unicode private range.
//! Reference: Samba vfs_fruit.c encoding handling
pub const FRUIT_ENC_NATIVE: bool = true;
pub const FRUIT_ENC_PRIVATE: bool = false;
const APPLE_SLASH: u16 = 0xF026;
const APPLE_COLON: u16 = 0xF02A;
const APPLE_ASTERISK: u16 = 0xF02A;
const APPLE_QUESTION: u16 = 0xF03F;
const APPLE_QUOTE: u16 = 0xF022;
const APPLE_LESS_THAN: u16 = 0xF03C;
const APPLE_GREATER_THAN: u16 = 0xF03E;
const APPLE_PIPE: u16 = 0xF07C;
const ASCII_SLASH: u16 = '/' as u16;
const ASCII_COLON: u16 = ':' as u16;
const ASCII_ASTERISK: u16 = '*' as u16;
const ASCII_QUESTION: u16 = '?' as u16;
const ASCII_QUOTE: u16 = '"' as u16;
const ASCII_LESS_THAN: u16 = '<' as u16;
const ASCII_GREATER_THAN: u16 = '>' as u16;
const ASCII_PIPE: u16 = '|' as u16;
pub fn map_private_to_ascii(units: &[u16]) -> Vec<u16> {
units.iter().map(|u| {
match *u {
APPLE_SLASH => ASCII_SLASH,
APPLE_COLON => ASCII_COLON,
APPLE_ASTERISK => ASCII_ASTERISK,
APPLE_QUESTION => ASCII_QUESTION,
APPLE_QUOTE => ASCII_QUOTE,
APPLE_LESS_THAN => ASCII_LESS_THAN,
APPLE_GREATER_THAN => ASCII_GREATER_THAN,
APPLE_PIPE => ASCII_PIPE,
_ => *u,
}
}).collect()
}
pub fn map_ascii_to_private(units: &[u16]) -> Vec<u16> {
units.iter().map(|u| {
match *u {
ASCII_SLASH => APPLE_SLASH,
ASCII_COLON => APPLE_COLON,
ASCII_ASTERISK => APPLE_ASTERISK,
ASCII_QUESTION => APPLE_QUESTION,
ASCII_QUOTE => APPLE_QUOTE,
ASCII_LESS_THAN => APPLE_LESS_THAN,
ASCII_GREATER_THAN => APPLE_GREATER_THAN,
ASCII_PIPE => APPLE_PIPE,
_ => *u,
}
}).collect()
}
pub fn has_private_range_chars(units: &[u16]) -> bool {
units.iter().any(|u| {
matches!(*u,
APPLE_SLASH | APPLE_COLON | APPLE_ASTERISK |
APPLE_QUESTION | APPLE_QUOTE | APPLE_LESS_THAN |
APPLE_GREATER_THAN | APPLE_PIPE
)
})
}
pub fn has_ntfs_illegal_chars(units: &[u16]) -> bool {
units.iter().any(|u| {
matches!(*u,
ASCII_SLASH | ASCII_COLON | ASCII_ASTERISK |
ASCII_QUESTION | ASCII_QUOTE | ASCII_LESS_THAN |
ASCII_GREATER_THAN | ASCII_PIPE
)
})
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_map_private_to_ascii() {
let input = [APPLE_SLASH, APPLE_COLON, APPLE_QUESTION];
let output = map_private_to_ascii(&input);
assert_eq!(output, [ASCII_SLASH, ASCII_COLON, ASCII_QUESTION]);
}
#[test]
fn test_map_ascii_to_private() {
let input = [ASCII_SLASH, ASCII_COLON, ASCII_ASTERISK];
let output = map_ascii_to_private(&input);
assert_eq!(output, [APPLE_SLASH, APPLE_COLON, APPLE_ASTERISK]);
}
#[test]
fn test_roundtrip() {
let original = [ASCII_SLASH, ASCII_COLON, 'a' as u16];
let to_private = map_ascii_to_private(&original);
let back_to_ascii = map_private_to_ascii(&to_private);
assert_eq!(back_to_ascii, original);
}
#[test]
fn test_has_private_range_chars() {
assert!(has_private_range_chars(&[APPLE_SLASH, 'a' as u16]));
assert!(!has_private_range_chars(&[ASCII_SLASH, 'a' as u16]));
}
#[test]
fn test_has_ntfs_illegal_chars() {
assert!(has_ntfs_illegal_chars(&[ASCII_SLASH, 'a' as u16]));
assert!(!has_ntfs_illegal_chars(&['a' as u16, 'b' as u16]));
}
#[test]
fn test_preserve_non_mapped() {
let input = ['a' as u16, 'b' as u16, 'c' as u16];
let output = map_private_to_ascii(&input);
assert_eq!(output, input);
}
}