#! /usr/bin/tclsh

package require Tclx

set netlink(inside) {
    local-address "172.18.232.9";
    secnet-address "172.18.232.10";
    remote-networks "172.18.232.0/28";
}
set netlink(outside) {
    local-address "172.18.232.1";
    secnet-address "172.18.232.2";
    remote-networks "172.18.232.0/28";
}

set ports(inside) {16913 16910}
set ports(outside) 16900

set extra(inside) {
    local-mobile True;
    mtu-target 1260;
}
set extra(outside) {}

proc mkconf {which} {
    global netlink
    global ports
    global extra
    global netlinkfh
    set pipefp test/$which.netlink
    foreach tr {t r} {
	file delete $pipefp.$tr
	exec mkfifo -m600 $pipefp.$tr
	set netlinkfh($which.$tr) [set fh [open $pipefp.$tr r+]]
	fconfigure $fh -blocking 0 -buffering none -translation binary
    }
    fileevent $netlinkfh($which.r) readable [list netlink-readable $which]
    set fakeuf test/$which.fake-userv
    set fakeuh [open $fakeuf w 0755]
    puts $fakeuh "#!/bin/sh
set -e
exec 3<&0
cat <&3 3<&- >$pipefp.r &
exec 3<>$pipefp.t
exec <$pipefp.t
exec 3<&-
exec cat
"
    close $fakeuh
    set cfg "
	netlink userv-ipif {
	    name \"netlink\";
            userv-path \"$fakeuf\";
	$netlink($which)
	    mtu 1400;
	    buffer sysbuffer(2048);
	    interface \"secnet-test-[string range $which 0 0]\";
        };
        comm
"
    set delim {}
    foreach port $ports($which) {
	append cfg "$delim
	    udp {
                port $port;
		buffer sysbuffer(4096);
	    }
	"
        set delim ,
    }
    append cfg ";
	local-name \"test-example/$which/$which\";
	local-key rsa-private(\"test-example/$which.key\");
"
    append cfg $extra($which)
    append cfg {
	log logfile {
	    filename "/dev/tty";
	    class "info","notice","warning","error","security","fatal";
	};
	system {
	};
	resolver adns {
	};
	log-events "all";
	random randomfile("/dev/urandom",no);
	transform eax-serpent { }, serpent256-cbc { };
	include test-example/sites.conf
	sites map(site,vpn/test-example/all-sites);
    }
    return $cfg
}

proc spawn-secnet {which} {
    global netlinkfh
    upvar #0 pids($which) pid
    set cf test/$which.conf
    set ch [open $cf w]
    puts $ch [mkconf $which]
    close $ch
    set argl [list -dvnc $cf]
    set pid [fork]
    if {!$pid} {
	execl ./secnet $argl
    }
    puts -nonewline $netlinkfh($which.t) "\xc0"
}

proc netlink-readable {which} {
    global ok
    upvar #0 netlinkfh($which.r) fh
    read $fh; # empty the buffer
    switch -exact $which {
	outside {
	    puts OK
	    set ok 1; # what a bodge
	    return
	}
	inside {
	    error "inside rx'd!"
	}
    }
}

proc bgerror {message} {
    global errorInfo errorCode
    catch {
	puts stderr "
----------------------------------------
$errorInfo

$errorCode
$message
----------------------------------------
    "
    }
    exit 1
}

spawn-secnet inside
spawn-secnet outside

vwait ok