diff options
author | Robin Appelman <robin@icewind.nl> | 2020-03-27 16:57:55 +0100 |
---|---|---|
committer | Robin Appelman <robin@icewind.nl> | 2020-03-27 16:57:55 +0100 |
commit | b41e62db997a4d1d955f263c8a23abfa2e58f30b (patch) | |
tree | 65e94e995296c3bcb0f0795db4d15e03781e3649 /apps/files_external/3rdparty/icewind/smb/src | |
parent | c235a40c94792ca5f921b4b7b29d17f679c4a497 (diff) | |
download | nextcloud-server-b41e62db997a4d1d955f263c8a23abfa2e58f30b.tar.gz nextcloud-server-b41e62db997a4d1d955f263c8a23abfa2e58f30b.zip |
update icewind/smb to 3.2.1
Signed-off-by: Robin Appelman <robin@icewind.nl>
Diffstat (limited to 'apps/files_external/3rdparty/icewind/smb/src')
12 files changed, 271 insertions, 71 deletions
diff --git a/apps/files_external/3rdparty/icewind/smb/src/ACL.php b/apps/files_external/3rdparty/icewind/smb/src/ACL.php new file mode 100644 index 00000000000..bdb77257f17 --- /dev/null +++ b/apps/files_external/3rdparty/icewind/smb/src/ACL.php @@ -0,0 +1,81 @@ +<?php declare(strict_types=1); +/** + * @copyright Copyright (c) 2020 Robin Appelman <robin@icewind.nl> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace Icewind\SMB; + +class ACL { + const TYPE_ALLOW = 0; + const TYPE_DENY = 1; + + const MASK_READ = 0x0001; + const MASK_WRITE = 0x0002; + const MASK_EXECUTE = 0x00020; + const MASK_DELETE = 0x10000; + + const FLAG_OBJECT_INHERIT = 0x1; + const FLAG_CONTAINER_INHERIT = 0x2; + + private $type; + private $flags; + private $mask; + + public function __construct(int $type, int $flags, int $mask) { + $this->type = $type; + $this->flags = $flags; + $this->mask = $mask; + } + + /** + * Check if the acl allows a specific permissions + * + * Note that this does not take inherited acls into account + * + * @param int $mask one of the ACL::MASK_* constants + * @return bool + */ + public function allows(int $mask): bool { + return $this->type === self::TYPE_ALLOW && ($this->mask & $mask) === $mask; + } + + /** + * Check if the acl allows a specific permissions + * + * Note that this does not take inherited acls into account + * + * @param int $mask one of the ACL::MASK_* constants + * @return bool + */ + public function denies(int $mask): bool { + return $this->type === self::TYPE_DENY && ($this->mask & $mask) === $mask; + } + + public function getType(): int { + return $this->type; + } + + public function getFlags(): int { + return $this->flags; + } + + public function getMask(): int { + return $this->mask; + } +} diff --git a/apps/files_external/3rdparty/icewind/smb/src/IFileInfo.php b/apps/files_external/3rdparty/icewind/smb/src/IFileInfo.php index ae8acd3a3db..3411d498d78 100644 --- a/apps/files_external/3rdparty/icewind/smb/src/IFileInfo.php +++ b/apps/files_external/3rdparty/icewind/smb/src/IFileInfo.php @@ -65,4 +65,9 @@ interface IFileInfo { * @return bool */ public function isArchived(); + + /** + * @return ACL[] + */ + public function getAcls(): array; } diff --git a/apps/files_external/3rdparty/icewind/smb/src/ISystem.php b/apps/files_external/3rdparty/icewind/smb/src/ISystem.php index 7740c98d97e..09994610716 100644 --- a/apps/files_external/3rdparty/icewind/smb/src/ISystem.php +++ b/apps/files_external/3rdparty/icewind/smb/src/ISystem.php @@ -49,6 +49,13 @@ interface ISystem { public function getNetPath(); /** + * Get the full path to the `smbcacls` binary of false if the binary is not available + * + * @return string|bool + */ + public function getSmbcAclsPath(); + + /** * Get the full path to the `stdbuf` binary of false if the binary is not available * * @return string|bool diff --git a/apps/files_external/3rdparty/icewind/smb/src/Native/NativeFileInfo.php b/apps/files_external/3rdparty/icewind/smb/src/Native/NativeFileInfo.php index 904318907f2..24344e6f0df 100644 --- a/apps/files_external/3rdparty/icewind/smb/src/Native/NativeFileInfo.php +++ b/apps/files_external/3rdparty/icewind/smb/src/Native/NativeFileInfo.php @@ -7,11 +7,10 @@ namespace Icewind\SMB\Native; +use Icewind\SMB\ACL; use Icewind\SMB\IFileInfo; class NativeFileInfo implements IFileInfo { - const MODE_FILE = 0100000; - /** * @var string */ @@ -30,10 +29,7 @@ class NativeFileInfo implements IFileInfo { /** * @var array|null */ - protected $statCache = null; - - /** @var callable|null */ - protected $statCallback = null; + protected $attributeCache = null; /** * @var int @@ -44,20 +40,11 @@ class NativeFileInfo implements IFileInfo { * @param NativeShare $share * @param string $path * @param string $name - * @param array|callable $stat */ - public function __construct($share, $path, $name, $stat) { + public function __construct($share, $path, $name) { $this->share = $share; $this->path = $path; $this->name = $name; - - if (is_array($stat)) { - $this->statCache = $stat; - } elseif (is_callable($stat)) { - $this->statCallback = $stat; - } else { - throw new \InvalidArgumentException('$stat needs to be an array or callback'); - } } /** @@ -78,10 +65,20 @@ class NativeFileInfo implements IFileInfo { * @return array */ protected function stat() { - if (is_null($this->statCache)) { - $this->statCache = call_user_func($this->statCallback); + if (is_null($this->attributeCache)) { + $rawAttributes = explode(',', $this->share->getAttribute($this->path, 'system.dos_attr.*')); + $this->attributeCache = []; + foreach ($rawAttributes as $rawAttribute) { + [$name, $value] = explode(':', $rawAttribute); + $name = strtolower($name); + if ($name == 'mode') { + $this->attributeCache[$name] = (int)hexdec(substr($value, 2)); + } else { + $this->attributeCache[$name] = (int)$value; + } + } } - return $this->statCache; + return $this->attributeCache; } /** @@ -97,27 +94,22 @@ class NativeFileInfo implements IFileInfo { */ public function getMTime() { $stat = $this->stat(); - return $stat['mtime']; + return $stat['change_time']; } /** - * @return bool + * @return int */ - public function isDirectory() { - $stat = $this->stat(); - return !($stat['mode'] & self::MODE_FILE); + protected function getMode() { + return $this->stat()['mode']; } /** - * @return int + * @return bool */ - protected function getMode() { - if (!$this->modeCache) { - $attribute = $this->share->getAttribute($this->path, 'system.dos_attr.mode'); - // parse hex string - $this->modeCache = (int)hexdec(substr($attribute, 2)); - } - return $this->modeCache; + public function isDirectory() { + $mode = $this->getMode(); + return (bool)($mode & IFileInfo::MODE_DIRECTORY); } /** @@ -151,4 +143,22 @@ class NativeFileInfo implements IFileInfo { $mode = $this->getMode(); return (bool)($mode & IFileInfo::MODE_ARCHIVE); } + + /** + * @return ACL[] + */ + public function getAcls(): array { + $acls = []; + $attribute = $this->share->getAttribute($this->path, 'system.nt_sec_desc.acl.*+'); + + foreach (explode(',', $attribute) as $acl) { + [$user, $permissions] = explode(':', $acl, 2); + [$type, $flags, $mask] = explode('/', $permissions); + $mask = hexdec($mask); + + $acls[$user] = new ACL($type, $flags, $mask); + } + + return $acls; + } } diff --git a/apps/files_external/3rdparty/icewind/smb/src/Native/NativeShare.php b/apps/files_external/3rdparty/icewind/smb/src/Native/NativeShare.php index 1a33f4b0d36..26e7adb019d 100644 --- a/apps/files_external/3rdparty/icewind/smb/src/Native/NativeShare.php +++ b/apps/files_external/3rdparty/icewind/smb/src/Native/NativeShare.php @@ -94,9 +94,7 @@ class NativeShare extends AbstractShare { $name = $file['name']; if ($name !== '.' and $name !== '..') { $fullPath = $path . '/' . $name; - $files [] = new NativeFileInfo($this, $fullPath, $name, function () use ($fullPath) { - return $this->getStat($fullPath); - }); + $files [] = new NativeFileInfo($this, $fullPath, $name); } } @@ -109,7 +107,12 @@ class NativeShare extends AbstractShare { * @return \Icewind\SMB\IFileInfo */ public function stat($path) { - return new NativeFileInfo($this, $path, self::mb_basename($path), $this->getStat($path)); + $info = new NativeFileInfo($this, $path, self::mb_basename($path)); + + // trigger attribute loading + $info->getSize(); + + return $info; } /** @@ -129,10 +132,6 @@ class NativeShare extends AbstractShare { return ''; } - private function getStat($path) { - return $this->getState()->stat($this->buildUrl($path)); - } - /** * Create a folder on the share * @@ -223,6 +222,12 @@ class NativeShare extends AbstractShare { if (!$target) { throw new InvalidPathException('Invalid target path: Filename cannot be empty'); } + + $sourceHandle = $this->getState()->open($this->buildUrl($source), 'r'); + if (!$sourceHandle) { + throw new InvalidResourceException('Failed opening remote file "' . $source . '" for reading'); + } + $targetHandle = @fopen($target, 'wb'); if (!$targetHandle) { $error = error_get_last(); @@ -231,15 +236,10 @@ class NativeShare extends AbstractShare { } else { $reason = 'Unknown error'; } + $this->getState()->close($sourceHandle); throw new InvalidResourceException('Failed opening local file "' . $target . '" for writing: ' . $reason); } - $sourceHandle = $this->getState()->open($this->buildUrl($source), 'r'); - if (!$sourceHandle) { - fclose($targetHandle); - throw new InvalidResourceException('Failed opening remote file "' . $source . '" for reading'); - } - while ($data = $this->getState()->read($sourceHandle, NativeReadStream::CHUNK_SIZE)) { fwrite($targetHandle, $data); } @@ -289,7 +289,7 @@ class NativeShare extends AbstractShare { */ public function append($source) { $url = $this->buildUrl($source); - $handle = $this->getState()->open($url, "a"); + $handle = $this->getState()->open($url, "a+"); return NativeWriteStream::wrap($this->getState(), $handle, "a", $url); } diff --git a/apps/files_external/3rdparty/icewind/smb/src/Native/NativeState.php b/apps/files_external/3rdparty/icewind/smb/src/Native/NativeState.php index 5ab129cbfd3..0792b2f9d7f 100644 --- a/apps/files_external/3rdparty/icewind/smb/src/Native/NativeState.php +++ b/apps/files_external/3rdparty/icewind/smb/src/Native/NativeState.php @@ -9,6 +9,7 @@ namespace Icewind\SMB\Native; use Icewind\SMB\Exception\AlreadyExistsException; use Icewind\SMB\Exception\ConnectionRefusedException; +use Icewind\SMB\Exception\ConnectionResetException; use Icewind\SMB\Exception\Exception; use Icewind\SMB\Exception\FileInUseException; use Icewind\SMB\Exception\ForbiddenException; @@ -48,6 +49,7 @@ class NativeState { 22 => InvalidArgumentException::class, 28 => OutOfSpaceException::class, 39 => NotEmptyException::class, + 104 => ConnectionResetException::class, 110 => TimedOutException::class, 111 => ConnectionRefusedException::class, 112 => HostDownException::class, diff --git a/apps/files_external/3rdparty/icewind/smb/src/System.php b/apps/files_external/3rdparty/icewind/smb/src/System.php index 3428dd87cd6..0e41ee032d6 100644 --- a/apps/files_external/3rdparty/icewind/smb/src/System.php +++ b/apps/files_external/3rdparty/icewind/smb/src/System.php @@ -41,6 +41,10 @@ class System implements ISystem { return $this->getBinaryPath('net'); } + public function getSmbcAclsPath() { + return $this->getBinaryPath('smbcacls'); + } + public function getStdBufPath() { return $this->getBinaryPath('stdbuf'); } diff --git a/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Connection.php b/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Connection.php index 830f6fb17b0..347b63db110 100644 --- a/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Connection.php +++ b/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Connection.php @@ -117,8 +117,9 @@ class Connection extends RawConnection { } public function close($terminate = true) { - if (is_resource($this->getInputStream())) { - $this->write('close' . PHP_EOL); + if (get_resource_type($this->getInputStream()) === 'stream') { + // ignore any errors while trying to send the close command, the process might already be dead + @$this->write('close' . PHP_EOL); } parent::close($terminate); } diff --git a/apps/files_external/3rdparty/icewind/smb/src/Wrapped/FileInfo.php b/apps/files_external/3rdparty/icewind/smb/src/Wrapped/FileInfo.php index 094e665a935..a310a6bc913 100644 --- a/apps/files_external/3rdparty/icewind/smb/src/Wrapped/FileInfo.php +++ b/apps/files_external/3rdparty/icewind/smb/src/Wrapped/FileInfo.php @@ -7,6 +7,7 @@ namespace Icewind\SMB\Wrapped; +use Icewind\SMB\ACL; use Icewind\SMB\IFileInfo; class FileInfo implements IFileInfo { @@ -36,18 +37,25 @@ class FileInfo implements IFileInfo { protected $mode; /** + * @var callable + */ + protected $aclCallback; + + /** * @param string $path * @param string $name * @param int $size * @param int $time * @param int $mode + * @param callable $aclCallback */ - public function __construct($path, $name, $size, $time, $mode) { + public function __construct($path, $name, $size, $time, $mode, callable $aclCallback) { $this->path = $path; $this->name = $name; $this->size = $size; $this->time = $time; $this->mode = $mode; + $this->aclCallback = $aclCallback; } /** @@ -112,4 +120,11 @@ class FileInfo implements IFileInfo { public function isArchived() { return (bool)($this->mode & IFileInfo::MODE_ARCHIVE); } + + /** + * @return ACL[] + */ + public function getAcls(): array { + return ($this->aclCallback)(); + } } diff --git a/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Parser.php b/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Parser.php index 9eee686c0ba..a28432e4319 100644 --- a/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Parser.php +++ b/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Parser.php @@ -33,7 +33,6 @@ class Parser { */ private $host; - // todo replace with static once <5.6 support is dropped // see error.h const EXCEPTION_MAP = [ ErrorCodes::LogonFailure => AuthenticationException::class, @@ -146,12 +145,12 @@ class Parser { } return [ 'mtime' => strtotime($data['write_time']), - 'mode' => hexdec(substr($data['attributes'], strpos($data['attributes'], '('), -1)), + 'mode' => hexdec(substr($data['attributes'], strpos($data['attributes'], '(') + 1, -1)), 'size' => isset($data['stream']) ? (int)(explode(' ', $data['stream'])[1]) : 0 ]; } - public function parseDir($output, $basePath) { + public function parseDir($output, $basePath, callable $aclCallback) { //last line is used space array_pop($output); $regex = '/^\s*(.*?)\s\s\s\s+(?:([NDHARS]*)\s+)?([0-9]+)\s+(.*)$/'; @@ -163,7 +162,10 @@ class Parser { if ($name !== '.' and $name !== '..') { $mode = $this->parseMode($mode); $time = strtotime($time . ' ' . $this->timeZone); - $content[] = new FileInfo($basePath . '/' . $name, $name, $size, $time, $mode); + $path = $basePath . '/' . $name; + $content[] = new FileInfo($path, $name, $size, $time, $mode, function () use ($aclCallback, $path) { + return $aclCallback($path); + }); } } } diff --git a/apps/files_external/3rdparty/icewind/smb/src/Wrapped/RawConnection.php b/apps/files_external/3rdparty/icewind/smb/src/Wrapped/RawConnection.php index f29cf60eb66..3a114af5e4f 100644 --- a/apps/files_external/3rdparty/icewind/smb/src/Wrapped/RawConnection.php +++ b/apps/files_external/3rdparty/icewind/smb/src/Wrapped/RawConnection.php @@ -173,18 +173,6 @@ class RawConnection { return; } if ($terminate) { - // if for case that posix_ functions are not available - if (function_exists('posix_kill')) { - $status = proc_get_status($this->process); - $ppid = $status['pid']; - $pids = preg_split('/\s+/', `ps -o pid --no-heading --ppid $ppid`); - foreach ($pids as $pid) { - if (is_numeric($pid)) { - //9 is the SIGKILL signal - posix_kill($pid, 9); - } - } - } proc_terminate($this->process); } proc_close($this->process); diff --git a/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Share.php b/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Share.php index 5a79c49fecf..e0df1f60326 100644 --- a/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Share.php +++ b/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Share.php @@ -8,6 +8,7 @@ namespace Icewind\SMB\Wrapped; use Icewind\SMB\AbstractShare; +use Icewind\SMB\ACL; use Icewind\SMB\Exception\ConnectionException; use Icewind\SMB\Exception\DependencyException; use Icewind\SMB\Exception\FileInUseException; @@ -55,6 +56,8 @@ class Share extends AbstractShare { FileInfo::MODE_SYSTEM => 's' ]; + const EXEC_CMD = 'exec'; + /** * @param IServer $server * @param string $name @@ -78,7 +81,8 @@ class Share extends AbstractShare { protected function getConnection() { $command = sprintf( - '%s%s -t %s %s %s %s', + '%s %s%s -t %s %s %s %s', + self::EXEC_CMD, $this->system->getStdBufPath() ? $this->system->getStdBufPath() . ' -o0 ' : '', $this->system->getSmbclientPath(), $this->server->getOptions()->getTimeout(), @@ -150,7 +154,9 @@ class Share extends AbstractShare { $this->execute('cd /'); - return $this->parser->parseDir($output, $path); + return $this->parser->parseDir($output, $path, function ($path) { + return $this->getAcls($path); + }); } /** @@ -183,7 +189,9 @@ class Share extends AbstractShare { $this->parseOutput($output, $path); } $stat = $this->parser->parseStat($output); - return new FileInfo($path, basename($path), $stat['size'], $stat['mtime'], $stat['mode']); + return new FileInfo($path, basename($path), $stat['size'], $stat['mtime'], $stat['mode'], function () use ($path) { + return $this->getAcls($path); + }); } /** @@ -418,13 +426,13 @@ class Share extends AbstractShare { * @param string[] $lines * @param string $path * - * @throws NotFoundException + * @return bool * @throws \Icewind\SMB\Exception\AlreadyExistsException * @throws \Icewind\SMB\Exception\AccessDeniedException * @throws \Icewind\SMB\Exception\NotEmptyException * @throws \Icewind\SMB\Exception\InvalidTypeException * @throws \Icewind\SMB\Exception\Exception - * @return bool + * @throws NotFoundException */ protected function parseOutput($lines, $path = '') { if (count($lines) === 0) { @@ -467,6 +475,83 @@ class Share extends AbstractShare { return '"' . $path . '"'; } + protected function getAcls($path) { + $commandPath = $this->system->getSmbcAclsPath(); + if (!$commandPath) { + return []; + } + + $command = sprintf( + '%s %s %s %s/%s %s', + $commandPath, + $this->getAuthFileArgument(), + $this->server->getAuth()->getExtraCommandLineArguments(), + escapeshellarg('//' . $this->server->getHost()), + escapeshellarg($this->name), + escapeshellarg($path) + ); + $connection = new RawConnection($command); + $connection->writeAuthentication($this->server->getAuth()->getUsername(), $this->server->getAuth()->getPassword()); + $connection->connect(); + if (!$connection->isValid()) { + throw new ConnectionException($connection->readLine()); + } + + $rawAcls = $connection->readAll(); + + $acls = []; + foreach ($rawAcls as $acl) { + [$type, $acl] = explode(':', $acl, 2); + if ($type !== 'ACL') { + continue; + } + [$user, $permissions] = explode(':', $acl, 2); + [$type, $flags, $mask] = explode('/', $permissions); + + $type = $type === 'ALLOWED' ? ACL::TYPE_ALLOW : ACL::TYPE_DENY; + + $flagsInt = 0; + foreach (explode('|', $flags) as $flagString) { + if ($flagString === 'OI') { + $flagsInt += ACL::FLAG_OBJECT_INHERIT; + } elseif ($flagString === 'CI') { + $flagsInt += ACL::FLAG_CONTAINER_INHERIT; + } + } + + if (substr($mask, 0, 2) === '0x') { + $maskInt = hexdec($mask); + } else { + $maskInt = 0; + foreach (explode('|', $mask) as $maskString) { + if ($maskString === 'R') { + $maskInt += ACL::MASK_READ; + } elseif ($maskString === 'W') { + $maskInt += ACL::MASK_WRITE; + } elseif ($maskString === 'X') { + $maskInt += ACL::MASK_EXECUTE; + } elseif ($maskString === 'D') { + $maskInt += ACL::MASK_DELETE; + } elseif ($maskString === 'READ') { + $maskInt += ACL::MASK_READ + ACL::MASK_EXECUTE; + } elseif ($maskString === 'CHANGE') { + $maskInt += ACL::MASK_READ + ACL::MASK_EXECUTE + ACL::MASK_WRITE + ACL::MASK_DELETE; + } elseif ($maskString === 'FULL') { + $maskInt += ACL::MASK_READ + ACL::MASK_EXECUTE + ACL::MASK_WRITE + ACL::MASK_DELETE; + } + } + } + + if (isset($acls[$user])) { + $existing = $acls[$user]; + $maskInt += $existing->getMask(); + } + $acls[$user] = new ACL($type, $flagsInt, $maskInt); + } + + return $acls; + } + public function __destruct() { unset($this->connection); } |