/*
 * This file and its contents are supplied under the terms of the
 * Common Development and Distribution License ("CDDL"), version 1.0.
 * You may only use this file in accordance with the terms of version
 * 1.0 of the CDDL.
 *
 * A full copy of the text of the CDDL should have accompanied this
 * source.  A copy of the CDDL is also available via the Internet at
 * http://www.illumos.org/license/CDDL.
 */

/*
 * Copyright 2018 Nexenta Systems, Inc.  All rights reserved.
 */

/*
 * Create context handler for "AAPL" extensions.
 * See: smbsrv/smb2_aapl.h for documentation.
 */

#include <smbsrv/smb2_kproto.h>
#include <smbsrv/smb2_aapl.h>
#include <smbsrv/smb_fsops.h>

/* SMB2 AAPL extensions: enabled? */
int smb2_aapl_extensions = 1;

/*
 * smb2_aapl_server_caps is a flags word containing detailed
 * capabilities as shown in smb2_aapl.h (kAPPL_...)
 *
 * We actually can support OSX_COPYFILE but modern MacOS clients
 * work better using the plain old FSCTL_SRV_COPYCHUNK ioctl, which
 * avoids our needing to handle all the meta-data and streams.
 *
 * We could turn on kAAPL_UNIX_BASED below and report UNIX modes in
 * directory listings (see smb2_aapl_get_macinfo below) but we don't
 * because the modes ZFS presents with non-trivial ACLs cause mac
 * clients to misbehave when copying files from the share to local.
 * For example, we may have a file that we can read, but which has
 * mode 0200.  When the mac copies such a file to the local disk,
 * the copy cannot be opened for read.  For now just turn off the
 * kAAPL_UNIX_BASED flag.  Later we might set this flag and return
 * modes only when we have a trivial ACL.
 */
uint64_t smb2_aapl_server_caps =
        kAAPL_SUPPORTS_READ_DIR_ATTR;
        /* | kAAPL_SUPPORTS_OSX_COPYFILE */
        /* | kAAPL_UNIX_BASED; */

uint64_t smb2_aapl_volume_caps = kAAPL_SUPPORTS_FULL_SYNC;

/*
 * Normally suppress file IDs for MacOS because it
 * requires them to be unique per share, and ours
 * can have duplicates under .zfs or sub-mounts.
 */
int smb2_aapl_use_file_ids = 0;

static uint32_t smb2_aapl_srv_query(smb_request_t *,
        mbuf_chain_t *, mbuf_chain_t *);

static int smb_aapl_ext_maxlen = 512;

/*
 * Decode an AAPL create context (command code) and build the
 * corresponding AAPL c.c. response.
 */
uint32_t
smb2_aapl_crctx(smb_request_t *sr,
    mbuf_chain_t *mbcin,
    mbuf_chain_t *mbcout)
{
        uint32_t cmdcode;
        uint32_t status;
        int rc;

        if (smb2_aapl_extensions == 0)
                return (NT_STATUS_NOT_SUPPORTED);

        rc = smb_mbc_decodef(mbcin, "l4.", &cmdcode);
        if (rc != 0)
                return (NT_STATUS_INFO_LENGTH_MISMATCH);
        mbcout->max_bytes = smb_aapl_ext_maxlen;
        (void) smb_mbc_encodef(mbcout, "ll", cmdcode, 0);

        switch (cmdcode) {
        case kAAPL_SERVER_QUERY:
                status = smb2_aapl_srv_query(sr, mbcin, mbcout);
                break;
        case kAAPL_RESOLVE_ID:
        default:
                status = NT_STATUS_INVALID_INFO_CLASS;
                break;
        }

        return (status);
}

/*
 * Handle an AAPL c.c. kAAPL_SERVER_QUERY
 * Return our Mac-ish capabilities.  We also need to remember
 * that this client wants AAPL readdir etc.
 * Typically see: client_bitmap=7, client_caps=7
 */
static uint32_t
smb2_aapl_srv_query(smb_request_t *sr,
    mbuf_chain_t *mbcin, mbuf_chain_t *mbcout)
{
        uint64_t client_bitmap;
        uint64_t client_caps;
        uint64_t server_bitmap;
        int rc;

        rc = smb_mbc_decodef(
            mbcin, "qq",
            &client_bitmap,
            &client_caps);
        if (rc != 0)
                return (NT_STATUS_INFO_LENGTH_MISMATCH);

        smb_rwx_rwenter(&sr->session->s_lock, RW_WRITER);

        /* Remember that this is a MacOS client. */
        sr->session->native_os = NATIVE_OS_MACOS;
        sr->session->s_flags |= SMB_SSN_AAPL_CCEXT;

        /*
         * Select which parts of the bitmap we use.
         */
        server_bitmap = client_bitmap &
            (kAAPL_SERVER_CAPS | kAAPL_VOLUME_CAPS);
        (void) smb_mbc_encodef(mbcout, "q", server_bitmap);

        if ((server_bitmap & kAAPL_SERVER_CAPS) != 0) {
                uint64_t server_caps =
                    smb2_aapl_server_caps & client_caps;
                if (server_caps & kAAPL_SUPPORTS_READ_DIR_ATTR)
                        sr->session->s_flags |= SMB_SSN_AAPL_READDIR;
                (void) smb_mbc_encodef(mbcout, "q", server_caps);
        }
        if ((server_bitmap & kAAPL_VOLUME_CAPS) != 0) {
                (void) smb_mbc_encodef(mbcout, "q", smb2_aapl_volume_caps);
        }

        /* Pad2, null model string. */
        (void) smb_mbc_encodef(mbcout, "ll", 0, 0);

        smb_rwx_rwexit(&sr->session->s_lock);

        return (0);
}

/*
 * Get additional information about a directory entry
 * needed when MacOS is using the AAPL extensions.
 * This is called after smb_odir_read_fileinfo has
 * filled in the fileinfo.  This fills in macinfo.
 *
 * This does a couple FS operations per directory entry.
 * That has some cost, but if we don't do it for them here,
 * the client has to make two more round trips for each
 * directory entry, which is much worse.
 */
int
smb2_aapl_get_macinfo(smb_request_t *sr, smb_odir_t *od,
    smb_fileinfo_t *fileinfo, smb_macinfo_t *mi,
    char *tbuf, size_t tbuflen)
{
        int             rc;
        cred_t          *kcr = zone_kcred();
        smb_node_t      *fnode, *snode;
        smb_attr_t      attr;
        uint32_t        AfpInfo[15];

        bzero(mi, sizeof (*mi));

        rc = smb_fsop_lookup(sr, od->d_cred, SMB_CASE_SENSITIVE,
            od->d_tree->t_snode, od->d_dnode, fileinfo->fi_name, &fnode);
        if (rc != 0)
                return (rc);
        /* Note: hold ref on fnode, must release */

        smb_fsop_eaccess(sr, od->d_cred, fnode, &mi->mi_maxaccess);

        /*
         * mi_rforksize
         * Get length of stream: "AFP_Resource"
         * Return size=zero if not found.
         */
        (void) snprintf(tbuf, tbuflen, "%s:AFP_Resource", fileinfo->fi_name);
        rc = smb_fsop_lookup_name(sr, kcr, 0, sr->tid_tree->t_snode,
            od->d_dnode, tbuf, &snode);
        if (rc == 0) {
                bzero(&attr, sizeof (attr));
                attr.sa_mask = SMB_AT_SIZE | SMB_AT_ALLOCSZ;
                rc = smb_node_getattr(NULL, snode, kcr, NULL, &attr);
                if (rc == 0) {
                        mi->mi_rforksize = attr.sa_vattr.va_size;
                }
                smb_node_release(snode);
                snode = NULL;
        }

        /*
         * mi_finder
         * Get contents of stream: "AFP_AfpInfo"
         * read 60 bytes, copy 32 bytes at off 16
         */
        (void) snprintf(tbuf, tbuflen, "%s:AFP_AfpInfo", fileinfo->fi_name);
        rc = smb_fsop_lookup_name(sr, kcr, 0, sr->tid_tree->t_snode,
            od->d_dnode, tbuf, &snode);
        if (rc == 0) {
                iovec_t iov;
                uio_t uio;

                bzero(&AfpInfo, sizeof (AfpInfo));
                bzero(&uio, sizeof (uio));

                iov.iov_base = (void *) &AfpInfo;
                iov.iov_len = sizeof (AfpInfo);
                uio.uio_iov = &iov;
                uio.uio_iovcnt = 1;
                uio.uio_resid = sizeof (AfpInfo);
                uio.uio_segflg = UIO_SYSSPACE;
                uio.uio_extflg = UIO_COPY_DEFAULT;
                rc = smb_fsop_read(sr, kcr, snode, NULL, &uio, 0);
                if (rc == 0 && uio.uio_resid == 0) {
                        bcopy(&AfpInfo[4], &mi->mi_finderinfo,
                            sizeof (mi->mi_finderinfo));
                }
                smb_node_release(snode);
                snode = NULL;
        }

        /*
         * Later: Fill in the mode if we have a trivial ACL
         * (otherwise leaving it zero as we do now).
         */
        if (smb2_aapl_server_caps & kAAPL_UNIX_BASED) {
                bzero(&attr, sizeof (attr));
                attr.sa_mask = SMB_AT_MODE;
                rc = smb_node_getattr(NULL, fnode, kcr, NULL, &attr);
                if (rc == 0) {
                        mi->mi_unixmode = (uint16_t)attr.sa_vattr.va_mode;
                }
        }

        smb_node_release(fnode);
        return (0);
}