/*
 *
 */

#include <stdio.h>
#include <unistd.h> /* close() */
#include <stdlib.h>
#include <string.h> /* memset() */
#include <errno.h>
#include <string.h>
#include <errno.h>
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <openssl/ssl.h>
#include <openssl/err.h>

#include "UDPTCPNetwork.h"

static int ssl_init = 0;

SSLSocket::SSLSocket() {
	readcnt = 0;
	writecnt = 0;
	certfile = "";
	keyfile = "";
	sslerror = SSL_ERROR_NONE;
	timeout = 0;
	ctx = NULL;
	ssl = NULL;
	if (ssl_init == 0) {
		ssl_init = 1;
		SSL_library_init();
		OpenSSL_add_all_algorithms();
		SSL_load_error_strings();
	}
};


SSLSocket::~SSLSocket() {
	if (ctx) SSL_CTX_free(ctx);
	ctx = NULL;
	if (ssl) SSL_free(ssl);
	ssl = NULL;
};


int SSLSocket::NewServerCTX() {
	struct stat st;

	if (stat (certfile.c_str(), &st))	return 0;
	if (stat (keyfile.c_str(), &st))	return 0;

	if (ctx) SSL_CTX_free(ctx);
	ctx = NULL;
#ifdef SSLv23_method
	ctx = SSL_CTX_new(TLS_server_method());
#else
	ctx = SSL_CTX_new(TLSv1_2_server_method());
#endif
	if (SSL_CTX_use_certificate_file(ctx, certfile.c_str(), SSL_FILETYPE_PEM) <= 0 ) {
        ERR_print_errors_fp(stderr);
        if (ctx) SSL_CTX_free(ctx);
        ctx = NULL;
        errno = EPROTO;
        return 0;
    }

	if ( SSL_CTX_use_PrivateKey_file(ctx, keyfile.c_str(), SSL_FILETYPE_PEM) <= 0 ) {
        ERR_print_errors_fp(stderr);
        if (ctx) SSL_CTX_free(ctx);
        ctx = NULL;
        errno = EPROTO;
        return 0;
    }

	if (!SSL_CTX_check_private_key(ctx)) {
        if (ctx) SSL_CTX_free(ctx);
        ctx = NULL;
        errno = EPROTO;
        return 0;
    }

	return 1;
};


int SSLSocket::NewClientCTX() {
	if (ctx) SSL_CTX_free(ctx);
	ctx = NULL;
#ifdef SSLv23_method
	ctx = SSL_CTX_new(TLS_client_method());
#else
	ctx = SSL_CTX_new(TLSv1_2_client_method());
#endif
	return 1;
};


int SSLSocket::SetCertificat(string certf, string keyf) {
	certfile = certf;
	keyfile = keyf;
	
	if (!file_is_readable(certf.c_str())) return 0;
	if (!file_is_readable(keyf.c_str())) return 0;

	return 1;
};


int SSLSocket::Connect (int sockfd, int block_timeout) {
	int flags, res;

	TimeoutReset();
	sslerror = SSL_ERROR_NONE;
	NewClientCTX();
	timeout = block_timeout;

	if (sockfd > 0 && block_timeout > 0) {
#if defined(_WIN32) || defined(_WIN64) || defined(__CYGWIN__)
		u_long mode = 1;
		ioctlsocket(sockfd, FIONBIO, &mode);
#else
		flags = fcntl(sockfd, F_GETFL, 0);
		fcntl(sockfd, F_SETFL, flags | O_NONBLOCK);
#endif
	}

	ssl = SSL_new(ctx);
	SSL_set_fd (ssl, sockfd);

	do {
		res = SSL_connect(ssl);
		if (res == -1) sslerror = SSL_get_error(ssl, -1);
	} while (res == -1 && TimeoutTime() < timeout &&
			(sslerror == SSL_ERROR_WANT_READ || sslerror == SSL_ERROR_WANT_WRITE));

	if (res == -1) return 0;
	return 1;
};



int SSLSocket::Accept (int sockfd, int block_timeout) {
	int flags, res;

	TimeoutReset();
	sslerror = SSL_ERROR_NONE;
	timeout = block_timeout;
	NewServerCTX();

	if (sockfd > 0 && block_timeout > 0) {
#if defined(_WIN32) || defined(_WIN64) || defined(__CYGWIN__)
		u_long mode = 1;
		ioctlsocket(sockfd, FIONBIO, &mode);
#else
		flags = fcntl(sockfd, F_GETFL, 0);
		fcntl(sockfd, F_SETFL, flags | O_NONBLOCK);
#endif
	}

	ssl = SSL_new(ctx);
	SSL_set_fd (ssl, sockfd);
	do {
		res = SSL_accept(ssl);
		if (res == -1) sslerror = SSL_get_error(ssl, -1);
	} while (res == -1 && TimeoutTime() < timeout &&
			(sslerror == SSL_ERROR_WANT_READ || sslerror == SSL_ERROR_WANT_WRITE));

	return 1;
};


const string SSLSocket::GetSSLErrorText(int err) {
	string s;

	switch (err) {
	case SSL_ERROR_NONE:
		s = "SSL_ERROR_NONE";
		break;

	case SSL_ERROR_SSL:
		s = "SSL_ERROR_SSL";
		break;

	case SSL_ERROR_WANT_READ:
		s = "SSL_ERROR_WANT_READ";
		break;

	case SSL_ERROR_WANT_WRITE:
		s = "SSL_ERROR_WANT_WRITE";
		break;

	case SSL_ERROR_SYSCALL:
		s = "SSL_ERROR_SYSCALL";
		break;

	case SSL_ERROR_WANT_CONNECT:
		s = "SSL_ERROR_WANT_CONNECT";
		break;

	case SSL_ERROR_ZERO_RETURN:
		s = "SSL_ERROR_ZERO_RETURN";
		break;

	case SSL_ERROR_WANT_ACCEPT:
		s = "SSL_ERROR_WANT_ACCEPT";
		break;
	default:
		s = "SSL_ERROR unknown " + to_string(err);
		break;
	}

	return s;
}


//
// close ssl and return socket.
int SSLSocket::Close () {
	int sock = 0;
	int flags;

	if (ssl) {
		sock = SSL_get_fd(ssl);
		SSL_free(ssl);
		ssl = NULL;
	}

	if (ctx) {
		SSL_CTX_free(ctx);
		ctx = NULL;
	}

	if (sock > 0 && timeout > 0) {
#if defined(_WIN32) || defined(_WIN64) || defined(__CYGWIN__)
		u_long mode = 0;
		ioctlsocket(sock, FIONBIO, &mode);
#else
		flags = fcntl(sock, F_GETFL, 0);
		fcntl(sock, F_SETFL, flags & ~(O_NONBLOCK));
#endif
	}

	return sock;
};


//
//
long int SSLSocket::Read (char *buffer, long int len) {
	int ret;
	sslerror = SSL_ERROR_NONE;

	TimeoutReset();

	if (!ssl) {
		errno = EPROTO;
		return -1;
	}

	do {
		ret = SSL_read(ssl, buffer, len);
		if (ret == -1) sslerror = SSL_get_error(ssl, -1);
	} while (ret == -1 && TimeoutTime() < timeout &&
			(sslerror == SSL_ERROR_WANT_READ || sslerror == SSL_ERROR_WANT_WRITE));

	return ret;
};


//
//
long int SSLSocket::Write (char *buffer, long int len) {
	int ret;
	sslerror = SSL_ERROR_NONE;
	TimeoutReset();

	if (!ssl) {
		errno = EPROTO;
		return -1;
	}

	do {
		ret = SSL_write(ssl, buffer, len);
		if (ret == -1) sslerror = SSL_get_error(ssl, -1);
	} while (ret == -1 && TimeoutTime() < timeout &&
			(sslerror == SSL_ERROR_WANT_READ || sslerror == SSL_ERROR_WANT_WRITE));

	return ret;
};


//
// Reset Timeout Timer
void SSLSocket::TimeoutReset() {
	gettimeofday (&timeout_start, NULL);
};


//
// Return time which has past since reset in ms.
int SSLSocket::TimeoutTime() {
	struct timeval tv;
	gettimeofday (&tv, NULL);

	return ((tv.tv_sec-timeout_start.tv_sec) * 1000) +
			((tv.tv_usec-timeout_start.tv_usec) / 1000);
};

/// @brief generate an sha256 hash from the giving string
/// @param in string to get an hash sum from
/// @return hashsum
std::string getsha256sum(std::string *in) {
    std::string out = "";
    EVP_MD_CTX *mdctx;
    unsigned char *chksum = NULL;
    unsigned int chksumlen;
    char hex[] = "0123456789abcdef";
    int i;

    if (in == NULL) return "";

    if ((mdctx = EVP_MD_CTX_create()) == NULL) return "";
    if (1 != EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL)) {
        EVP_MD_CTX_destroy(mdctx);
        return "";
    }
    if (1 != EVP_DigestUpdate(mdctx, in->c_str(), strlen(in->c_str()))) {
        EVP_MD_CTX_destroy(mdctx);
        return "";
    }
    if ((chksum = (unsigned char *)OPENSSL_malloc(EVP_MD_size(EVP_sha256()))) == NULL) {
        EVP_MD_CTX_destroy(mdctx);
        return "";
    }

    if (1 != EVP_DigestFinal_ex(mdctx, chksum, &chksumlen)) out = "";
    else {
        //
        // convert data to hex;
        for (out = "", i = 0; i < chksumlen; i++) {
            unsigned char c = chksum[i];
            out += hex[(c >> 4) & 0x0f];
            out += hex[c & 0x0f];
        }
    }

    OPENSSL_free (chksum);
    EVP_MD_CTX_destroy(mdctx);

    return out;
};


std::string getrandomtext(int numbytes) {
    std::string text = "";

    for (int i = 0; i < numbytes; i++) {
        char c = ((rand() % (90-48)) + 48);
        text += c;
    }

    return text;
};