//
// Copyright 2025 Staysail Systems, Inc. <info@staysail.tech>
// Copyright 2018 Capitar IT Group BV <info@capitar.com>
// Copyright 2019 Devolutions <info@devolutions.net>
//
// This software is supplied under the terms of the MIT License, a
// copy of which should be located in the distribution where this
// file was obtained (LICENSE.txt).  A copy of the license may also be
// found online at https://opensource.org/licenses/MIT.
//

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include "core/nng_impl.h"

#include "tls_engine.h"

#ifndef NNG_TLS_TLS_COMMON_H
#define NNG_TLS_TLS_COMMON_H

// NNG_TLS_MAX_SEND_SIZE limits the amount of data we will buffer for sending,
// exerting back-pressure if this size is exceeded.  The 16K is aligned to the
// maximum TLS record size.
#ifndef NNG_TLS_MAX_SEND_SIZE
#define NNG_TLS_MAX_SEND_SIZE 16384
#endif

// NNG_TLS_MAX_RECV_SIZE limits the amount of data we will receive in a single
// operation.  As we have to buffer data, this drives the size of our
// intermediary buffer.  The 16K is aligned to the maximum TLS record size.
#ifndef NNG_TLS_MAX_RECV_SIZE
#define NNG_TLS_MAX_RECV_SIZE 16384
#endif

// This file contains common code for TLS, and is only compiled if we
// have TLS configured in the system.  In particular, this provides the
// parts of TLS support that are invariant relative to different TLS
// libraries, such as dialer and listener support.

static nni_atomic_ptr tls_engine;

struct nng_tls_config {
	nng_tls_engine_config_ops ops;
	const nng_tls_engine     *engine; // store this so we can verify
	nni_mtx                   lock;
	int                       ref;
	bool                      busy;
	bool                      key_is_set;
	size_t                    size;

	// ... engine config data follows
};

typedef struct nni_tls_bio_ops_s {
	void (*bio_send)(void *, nng_aio *);
	void (*bio_recv)(void *, nng_aio *);
	void (*bio_stop)(void *);
	void (*bio_close)(void *);
	void (*bio_free)(void *);
} nni_tls_bio_ops;

typedef struct {
	nng_stream              stream;
	nng_tls_engine_conn_ops ops;
	nng_tls_config         *cfg;
	const nng_tls_engine   *engine;
	size_t                  size;
	nni_mtx                 lock;
	bool                    closed;
	nni_atomic_flag         did_close;
	bool                    hs_done;
	nni_list                send_queue;
	nni_list                recv_queue;

	void           *bio;      // lower level transport object
	nni_tls_bio_ops bio_ops;  // lower level ops vector
	nni_aio         bio_send; // lower level send pending
	nni_aio         bio_recv; // lower level recv pending
	uint8_t        *bio_send_buf;
	uint8_t        *bio_recv_buf;
	size_t          bio_recv_len;
	size_t          bio_recv_off;
	bool            bio_recv_pend;
	bool            bio_send_active;
	size_t          bio_send_len;
	size_t          bio_send_head;
	size_t          bio_send_tail;
	nni_reap_node   reap;

	// ... engine connection data follows
} tls_conn;

extern void nni_tls_fini(tls_conn *conn);
extern int  nni_tls_init(tls_conn *conn, nng_tls_config *cfg);
extern int  nni_tls_start(
     tls_conn *conn, const nni_tls_bio_ops *biops, void *bio);
extern void        nni_tls_stop(tls_conn *conn);
extern void        nni_tls_close(tls_conn *conn);
extern void        nni_tls_recv(tls_conn *conn, nni_aio *aio);
extern void        nni_tls_send(tls_conn *conn, nni_aio *aio);
extern bool        nni_tls_verified(tls_conn *conn);
extern const char *nni_tls_peer_cn(tls_conn *conn);

#endif // NNG_TLS_TLS_COMMON_H