#include "test_framework.h"
#include "../src/types.h"
#include "../src/ssl_handler.h"
#include <string.h>
#include <openssl/ssl.h>
#include <openssl/err.h>

extern SSL_CTX *ssl_ctx;

void test_ssl_init_cleanup(void) {
    TEST_SUITE_BEGIN("SSL Init and Cleanup");

    ssl_init();
    TEST_ASSERT(ssl_ctx != NULL, "SSL context created");

    ssl_cleanup();
    TEST_ASSERT(ssl_ctx == NULL, "SSL context cleaned up");

    TEST_SUITE_END();
}

void test_ssl_multiple_init(void) {
    TEST_SUITE_BEGIN("SSL Multiple Init");

    ssl_init();
    SSL_CTX *first_ctx = ssl_ctx;
    TEST_ASSERT(first_ctx != NULL, "First init creates context");

    ssl_cleanup();

    ssl_init();
    SSL_CTX *second_ctx = ssl_ctx;
    TEST_ASSERT(second_ctx != NULL, "Second init creates context");

    ssl_cleanup();

    TEST_SUITE_END();
}

void test_ssl_set_verify(void) {
    TEST_SUITE_BEGIN("SSL Set Verify");

    ssl_set_verify(1);
    TEST_ASSERT(1, "Set verify enabled doesn't crash");

    ssl_set_verify(0);
    TEST_ASSERT(1, "Set verify disabled doesn't crash");

    ssl_init();
    TEST_ASSERT(ssl_ctx != NULL, "Context created after set_verify");

    ssl_cleanup();

    TEST_SUITE_END();
}

void test_ssl_set_ca_file(void) {
    TEST_SUITE_BEGIN("SSL Set CA File");

    ssl_set_ca_file(NULL);
    TEST_ASSERT(1, "NULL CA file doesn't crash");

    ssl_set_ca_file("/nonexistent/path/ca.crt");
    TEST_ASSERT(1, "Nonexistent CA file doesn't crash");

    ssl_set_ca_file("/etc/ssl/certs/ca-certificates.crt");
    TEST_ASSERT(1, "System CA file path set");

    ssl_init();
    TEST_ASSERT(ssl_ctx != NULL, "Context created after set_ca_file");

    ssl_cleanup();

    TEST_SUITE_END();
}

void test_ssl_set_ca_path(void) {
    TEST_SUITE_BEGIN("SSL Set CA Path");

    ssl_set_ca_path(NULL);
    TEST_ASSERT(1, "NULL CA path doesn't crash");

    ssl_set_ca_path("/nonexistent/path");
    TEST_ASSERT(1, "Nonexistent CA path doesn't crash");

    ssl_set_ca_path("/etc/ssl/certs");
    TEST_ASSERT(1, "System CA path set");

    ssl_init();
    TEST_ASSERT(ssl_ctx != NULL, "Context created after set_ca_path");

    ssl_cleanup();

    TEST_SUITE_END();
}

void test_ssl_context_options(void) {
    TEST_SUITE_BEGIN("SSL Context Options");

    ssl_set_verify(0);
    ssl_init();

    TEST_ASSERT(ssl_ctx != NULL, "Context created");

    if (ssl_ctx) {
        long options = SSL_CTX_get_options(ssl_ctx);
        TEST_ASSERT((options & SSL_OP_NO_SSLv3) != 0, "SSLv3 disabled");
    }

    ssl_cleanup();

    TEST_SUITE_END();
}

void test_ssl_create_connection(void) {
    TEST_SUITE_BEGIN("SSL Create Connection Object");

    ssl_set_verify(0);
    ssl_init();

    if (ssl_ctx) {
        SSL *ssl = SSL_new(ssl_ctx);
        TEST_ASSERT(ssl != NULL, "SSL object created from context");

        if (ssl) {
            SSL_free(ssl);
        }
    } else {
        TEST_ASSERT(1, "Skipped - no SSL context");
    }

    ssl_cleanup();

    TEST_SUITE_END();
}

void test_ssl_handshake_null(void) {
    TEST_SUITE_BEGIN("SSL Handshake NULL Safety");

    int result = ssl_do_handshake(NULL);
    TEST_ASSERT_EQ(-1, result, "NULL connection returns -1");

    connection_t conn;
    memset(&conn, 0, sizeof(conn));
    conn.ssl = NULL;

    result = ssl_do_handshake(&conn);
    TEST_ASSERT_EQ(-1, result, "Connection without SSL returns -1");

    TEST_SUITE_END();
}

void test_ssl_read_write_null(void) {
    TEST_SUITE_BEGIN("SSL Read/Write NULL Safety");

    char buf[100];

    int read_result = ssl_read(NULL, buf, sizeof(buf));
    TEST_ASSERT_EQ(-1, read_result, "NULL connection read returns -1");

    int write_result = ssl_write(NULL, buf, sizeof(buf));
    TEST_ASSERT_EQ(-1, write_result, "NULL connection write returns -1");

    connection_t conn;
    memset(&conn, 0, sizeof(conn));
    conn.ssl = NULL;

    read_result = ssl_read(&conn, buf, sizeof(buf));
    TEST_ASSERT_EQ(-1, read_result, "Connection without SSL read returns -1");

    write_result = ssl_write(&conn, buf, sizeof(buf));
    TEST_ASSERT_EQ(-1, write_result, "Connection without SSL write returns -1");

    TEST_SUITE_END();
}

void test_ssl_reinit(void) {
    TEST_SUITE_BEGIN("SSL Reinitialize");

    ssl_set_verify(0);
    ssl_init();
    TEST_ASSERT(ssl_ctx != NULL, "First init with verify=0");
    ssl_cleanup();

    ssl_set_verify(1);
    ssl_set_ca_path("/etc/ssl/certs");
    ssl_init();
    TEST_ASSERT(ssl_ctx != NULL, "Second init with verify=1");
    ssl_cleanup();

    TEST_SUITE_END();
}

void run_ssl_handler_tests(void) {
    test_ssl_init_cleanup();
    test_ssl_multiple_init();
    test_ssl_set_verify();
    test_ssl_set_ca_file();
    test_ssl_set_ca_path();
    test_ssl_context_options();
    test_ssl_create_connection();
    test_ssl_handshake_null();
    test_ssl_read_write_null();
    test_ssl_reinit();
}