#!/bin/sh
# 20211128
# Jan Mojzis
# Public domain.

set -e

umask 077

dir=`dirname "$0"`

# change directory to $AUTOPKGTEST_TMP
cd "${AUTOPKGTEST_TMP}"

tcpserver -HRDl0 127.0.0.1 10000 \
sh -c '
  exec 2>tlswrapper1.log
  exec tlswrapper -vv -f ./cert.pem tlswrapper-tcp 127.0.0.1 10001
' &
tcpserver1pid=$!

tcpserver -HRDl0 127.0.0.1 10001 \
sh -c '
  exec 2>tcpserver2.log
  exec cat >data.out
' &
tcpserver2pid=$!

cleanup() {
  ex=$?
  #kill tcpserver
  kill -TERM "${tcpserver1pid}" 1>/dev/null 2>/dev/null || :
  kill -KILL "${tcpserver1pid}" 1>/dev/null 2>/dev/null || :
  kill -TERM "${tcpserver2pid}" 1>/dev/null 2>/dev/null || :
  kill -KILL "${tcpserver2pid}" 1>/dev/null 2>/dev/null || :
  if [ ${ex} -gt 0 ]; then
    (
      echo "tlswrapper1.log:"
      cat tlswrapper1.log
      echo "tcpserver2.log:"
      cat tcpserver2.log
      echo "openssl.log:"
      cat openssl.log
    ) >&2
  fi
  rm -f data.in data.out openssl.log ca.pem cert.pem tlswrapper1.log tcpserver2.log
  exit "${ex}"
}
trap "cleanup" EXIT TERM INT

# create CA
"${dir}/ca.sh" ec prime256v1 >ca.pem

# create RSA certfile
"${dir}/server.sh" ca.pem ec prime256v1 127.0.0.1 > cert.pem

# create random datafile
dd if=/dev/urandom of=data.in bs=1 count=1024 2>/dev/null

# run test
SCLIENT_CMD="openssl s_client -nocommands -tls1_2 -verify_return_error -CAfile ca.pem"
(
  ${SCLIENT_CMD} -connect 127.0.0.1:10000 <data.in >openssl.log 2>&1 || rm data.out
  if [ x"`sha512sum < data.in`" != x"`sha512sum < data.out`" ]; then
    echo "tlswrapper-tcp upload test: failed:" >&2
    exit 1
  fi
  echo "tlswrapper-tcp upload test: OK"
)
