/* This is essentially taken from Eric Vermeulen's TLS patch */
#include "tls_timeoutio.h"

#include "error.h"
#include "ndelay.h"
#include "select.h"

#include "now.h"

#define CALLBACK_ADAPTER(func)                            \
  static int func##_adapter(SSL *ssl, void *buf, int len) \
  {                                                       \
    (void)buf;                                            \
    (void)len;                                            \
    return func(ssl);                                     \
  }

int tls_timeoutio(int (*fun)(SSL *, void *, int), int t, int rfd, int wfd, SSL *ssl, char *buf, int len)
{
  int n;
  const datetime_sec end = (datetime_sec)t + now();

  do {
    fd_set fds;
    struct timeval tv;

    const int r = fun(ssl, buf, len);
    if (r > 0) return r;

    t = end - now();
    if (t < 0) break;
    tv.tv_sec = (time_t)t;
    tv.tv_usec = 0;

    FD_ZERO(&fds);
    switch (SSL_get_error(ssl, r)) {
      default: return r; /* some other error */
      case SSL_ERROR_WANT_READ:
        FD_SET(rfd, &fds);
        n = select(rfd + 1, &fds, NULL, NULL, &tv);
        break;
      case SSL_ERROR_WANT_WRITE:
        FD_SET(wfd, &fds);
        n = select(wfd + 1, NULL, &fds, NULL, &tv);
        break;
    }

    /* n is the number of descriptors that changed status */
  } while (n > 0);

  if (n != -1) errno = ETIMEDOUT;
  return -1;
}

CALLBACK_ADAPTER(SSL_accept);

int tls_timeoutaccept(int t, int rfd, int wfd, SSL *ssl)
{
  int r;

  /* if connection is established, keep NDELAY */
  if (ndelay_on(rfd) == -1 || ndelay_on(wfd) == -1) return -1;
  r = tls_timeoutio(SSL_accept_adapter, t, rfd, wfd, ssl, NULL, 0);

  if (r <= 0) {
    ndelay_off(rfd);
    ndelay_off(wfd);
  } else {
    SSL_set_mode(ssl, SSL_MODE_ENABLE_PARTIAL_WRITE);
  }

  return r;
}

CALLBACK_ADAPTER(SSL_connect);

int tls_timeoutconn(int t, int rfd, int wfd, SSL *ssl)
{
  int r;

  /* if connection is established, keep NDELAY */
  if (ndelay_on(rfd) == -1 || ndelay_on(wfd) == -1) return -1;
  r = tls_timeoutio(SSL_connect_adapter, t, rfd, wfd, ssl, NULL, 0);

  if (r <= 0) {
    ndelay_off(rfd);
    ndelay_off(wfd);
  } else {
    SSL_set_mode(ssl, SSL_MODE_ENABLE_PARTIAL_WRITE);
  }

  return r;
}

CALLBACK_ADAPTER(SSL_do_handshake);

int tls_timeoutrehandshake(int t, int rfd, int wfd, SSL *ssl)
{
  int r;

  SSL_renegotiate(ssl);
  r = tls_timeoutio(SSL_do_handshake_adapter, t, rfd, wfd, ssl, NULL, 0);
  if (r <= 0) return r;
  if (SSL_get_state(ssl) & SSL_ST_CONNECT) return -2; /* now a macro in ssl.h */

  /* this is for the client only */
  SSL_set_connect_state(ssl);

  return tls_timeoutio(SSL_do_handshake_adapter, t, rfd, wfd, ssl, NULL, 0);
}

int tls_timeoutread(int t, int rfd, int wfd, SSL *ssl, char *buf, int len)
{
  if (!buf) return 0;
  if (SSL_pending(ssl)) return SSL_read(ssl, buf, len);
  return tls_timeoutio(SSL_read, t, rfd, wfd, ssl, buf, len);
}

int tls_timeoutwrite(int t, int rfd, int wfd, SSL *ssl, char *buf, int len)
{
  if (!buf) return 0;
  return tls_timeoutio((int (*)(SSL *, void *, int))SSL_write, t, rfd, wfd, ssl, buf, len);
}