#include <arpa/inet.h>
#include <iostream>
#include <netinet/in.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/opensslv.h>
#include <openssl/ssl.h>
#include <ostream>
#include <sys/socket.h>
#include <unistd.h>

using std::cout, std::endl, std::string;

/*
 * Remember to build with the flags "-L/usr/lib -lssl -lcrypto"
 */

/**
 * Gets the latest error from OpenSSL and returns it as an string.
 * This makes it easier to log any errors that OpenSSL throws.
 */
string getCtxError() {

    // Get the latest error code
    unsigned long errCode = ERR_get_error();

    // Define a buffer of 128 bytes to hold the error message
    char errBuffer[128];

    // Get a human readable description of the error from OpenSSL and write it
    // to the buffer
    ERR_error_string_n(errCode, errBuffer, sizeof(errBuffer));
    return errBuffer;
}

int main() {

    // Inistialize the SSL library
    if (OpenSSL_version_num() < 0x10100000L) {
        // Old version, deprecated as of version 1.1.0
        SSL_library_init();

        // Loads human readable error strings
        // Automatically inistialized in newer versions
        SSL_load_error_strings();
    } else {
        // New version
        // Initalizes both SSl and crypto and is generally better
        OPENSSL_init_ssl(0, nullptr);
    }

    // Create new SSL context with server side connections and save it to a
    // pointer
    SSL_CTX *ctx = SSL_CTX_new(TLS_server_method());

    // Check of the context is null
    // If it's null, then an error occurred
    if (!ctx) {
        cout << "Creation of SSL context failed: " << getCtxError() << endl;
    }

    // Load certificate into the context
    // Returns 1 on success, otherwise check error stack
    if (SSL_CTX_use_certificate_file(ctx, "./ssl/server.crt",
                                     SSL_FILETYPE_PEM) <= 0) {
        cout << "Certificate load failed: " << getCtxError() << endl;
    }

    // Load certificate private key into the context
    // Returns 1 on success, otherwise check error stack
    if (SSL_CTX_use_PrivateKey_file(ctx, "./ssl/server.key",
                                    SSL_FILETYPE_PEM) <= 0) {
        cout << "Private key load failed: " << getCtxError() << endl;
    }

    cout << "Initializing server" << endl;
    int serverSocket = socket(AF_INET, SOCK_STREAM, 0);
    if (serverSocket == -1) {
        cout << "Server socket failed" << endl;
    }

    sockaddr_in serverAddress;
    serverAddress.sin_family = AF_INET;
    serverAddress.sin_port = htons(8080);
    serverAddress.sin_addr.s_addr = inet_addr("127.0.0.50");

    int bindStatus = bind(serverSocket, (struct sockaddr *)&serverAddress,
                          sizeof(serverAddress));
    if (bindStatus == -1) {
        cout << "Bind failed" << endl;
    }

    int listenStatus = listen(serverSocket, 5);
    if (listenStatus == -1) {
        cout << "Listen failed" << endl;
    }

    int clientSocket = accept(serverSocket, nullptr, nullptr);
    if (clientSocket == -1) {
        cout << "Client socket failed" << endl;
    }

    SSL *ssl = SSL_new(ctx);
    SSL_set_fd(ssl, clientSocket);

    // Perform the SSL negotiation
    int sslAcceptCode = SSL_accept(ssl);
    if (sslAcceptCode <= 0) {
        int sslError = SSL_get_error(ssl, sslAcceptCode);
        char *errStr = ERR_error_string(ERR_get_error(), nullptr);
        cout << "SSL_accept failed with SSL error: " << sslError << endl;
        cout << "OpenSSL error: " << errStr << endl;
    } else {
        cout << "negotiated SSL" << endl;
    }

    while (true) {
        char buffer[1024] = {0};
        SSL_read(ssl, buffer, sizeof(buffer) - 1);

        if (strlen(buffer) <= 0) {
            cout << "Client seems to have just straight up left :(" << endl;
            break;
        }

        cout << buffer << endl;
    }

    SSL_free(ssl);
    SSL_CTX_free(ctx);
    ERR_free_strings();
    close(serverSocket);

    return 0;
}