//! Connect point types, and the code to parse them and resolve them.

use serde::Deserialize;

use serde_with::DeserializeFromStr;

use std::{

    fmt::Debug,

    net::{self, IpAddr},

    path::PathBuf,

    str::FromStr,

};

use tor_config_path::{

    CfgPath, CfgPathError, CfgPathResolver,

    addr::{CfgAddr, CfgAddrError},

};

use tor_general_addr::general::{self, AddrParseError};

#[cfg(feature = "rpc-server")]

use tor_rtcompat::{NetStreamListener, NetStreamProvider};

use crate::HasClientErrorAction;

/// A connect point, as deserialized from TOML.

///

/// Connect points tell an RPC client how to reach an RPC server,

/// and tell an RPC server where and how to listen for connections for RPC clients.

///

/// This type may have members containing symbolic paths, such as

/// `${USER_HOME}` or `${ARTI_LOCAL_STATE}`.

/// To convert these paths to a usable format,

/// invoke [`ParsedConnectPoint::resolve()`] on this object.

#[derive(Clone, Debug)]

pub struct ParsedConnectPoint(ConnectPointEnum<Unresolved>);

/// A connect point, with all paths resolved.

///

/// Connect points tell an RPC client how to reach an RPC server,

/// and tell an RPC server where and how to listen for connections for RPC clients.

///

/// This type is returned by [`ParsedConnectPoint::resolve()`],

/// and can be used to connect or bind.

#[derive(Clone, Debug)]

pub struct ResolvedConnectPoint(pub(crate) ConnectPointEnum<Resolved>);

impl ParsedConnectPoint {

    /// Try to resolve all symbolic paths in this connect point,

    /// using the rules of [`CfgPath`] and [`CfgAddr`].

        use ConnectPointEnum as CPE;

        }))

    /// Check whether authenticating this connect point grants superuser permission.

    /// Return true if this connect point is an explicit abort.

}

impl ResolvedConnectPoint {

    /// Check whether authenticating this connect point grants superuser permission.

    /// Return true if this connect point is an explicit abort.

}

impl FromStr for ParsedConnectPoint {

    type Err = ParseError;

}

/// A failure from [`ParsedConnectPoint::from_str()`].

#[derive(Clone, Debug, thiserror::Error)]

#[non_exhaustive]

pub enum ParseError {

    /// The input was not valid toml, or was an invalid connect point.

    #[error("Invalid connect point")]

    InvalidConnectPoint(#[source] toml::de::Error),

    /// The input had sections or members

    /// that are not allowed to appear in the same connect point.

    #[error("Conflicting members in connect point")]

    ConflictingMembers,

    /// The input was valid toml, but did not have any recognized

    /// connect point section.

    #[error("Unrecognized format on connect point")]

    UnrecognizedFormat,

    /// An inet-auto address was provided in a connect point

    /// that was not a loopback address.

    ///

    /// (Note that this error is only generated for inet-auto addresses.

    /// Other non-loopback addresses cause a [`ResolveError::AddressNotLoopback`].)

    #[error("inet-auto address was not a loopback address")]

    AutoAddressNotLoopback,

}

impl HasClientErrorAction for ParseError {

        use crate::ClientErrorAction as A;

        }

}

/// A failure from [`ParsedConnectPoint::resolve()`].

#[derive(Clone, Debug, thiserror::Error)]

#[non_exhaustive]

pub enum ResolveError {

    /// There was a path in the connect point that we couldn't resolve.

    #[error("Unable to resolve variables in path")]

    InvalidPath(#[from] CfgPathError),

    ///  There was an address in the connect point that we couldn't parse.

    #[error("Unable to parse address")]

    UnparseableAddr(#[from] AddrParseError),

    /// There was an address in the connect point that we couldn't resolve.

    #[error("Unable to resolve variables in address")]

    InvalidAddr(#[from] CfgAddrError),

    /// After substitution, we couldn't expand the path to a string.

    #[error("Cannot represent expanded path as string")]

    PathNotString,

    /// Address is not a loopback address.

    #[error("Tried to bind or connect to a non-loopback TCP address")]

    AddressNotLoopback,

    /// Authorization mechanism not compatible with address family

    #[error("Authorization type not compatible with address family")]

    AuthNotCompatible,

    /// Authorization mechanism not recognized

    #[error("Authorization type not recognized as a supported type")]

    AuthNotRecognized,

    /// Address type not supported by the RPC connect point subsystem.

    ///

    /// (This can only happen if somebody adds new variants to `general::SocketAddr`.)

    #[error("Address type not recognized")]

    AddressTypeNotRecognized,

    /// The address was incompatible with the presence or absence of socket_address_file.

    #[error("inet-auto without socket_address_file, or vice versa")]

    AutoIncompatibleWithSocketFile,

    /// The name of a file or AF_UNIX socket address was a relative path.

    #[error("Path was not absolute")]

    PathNotAbsolute,

}

impl HasClientErrorAction for ResolveError {

        use crate::ClientErrorAction as A;

        }

}

/// Implementation type for a connect point.

///

/// This type is hidden so that the enum fields remain private.

/// It is parameterized on a [`Addresses`] trait,

/// to indicate whether it is in resolved or unresolved form.

#[derive(Clone, Debug)]

pub(crate) enum ConnectPointEnum<R: Addresses> {

    /// Connect by opening a socket to a [`general::SocketAddr`]

    Connect(Connect<R>),

    /// Connect by some built-in mechanism.

    ///

    /// (Or, in the case of Abort, do not connect at all.)

    Builtin(Builtin),

}

/// Trait to hold types that vary depending on whether a connect point is resolved or not.

//

// Note: We could use instead separate `PATH` and `ADDR` parameters,

// but this approach makes specifying bounds significantly easier.

pub(crate) trait Addresses {

    /// Type to represent addresses that we can open a socket to.

    type SocketAddr: Clone + std::fmt::Debug;

    /// Type to represent paths on the filesystem.

    type Path: Clone + std::fmt::Debug;

}

/// Representation of a connect point as deserialized.

///

/// We could instead deserialize [`ConnectPointEnum`] directly,

/// but that would restrict our error-handling:

/// the `toml` crate doesn't make it easy to distinguish

/// one kind of parse error from another.

///

/// TODO We should revisit this choice when we add more variants

/// or more auxiliary tables.

#[derive(Deserialize, Clone, Debug)]

struct ConnectPointDe {

    /// A "connect" table.

    connect: Option<Connect<Unresolved>>,

    /// A "builtin" table.

    builtin: Option<Builtin>,

}

impl TryFrom<ConnectPointDe> for ConnectPointEnum<Unresolved> {

    type Error = ParseError;

            ConnectPointDe {

                builtin: None,

            ConnectPointDe {

                connect: None,

            ConnectPointDe {

                connect: Some(_),

                builtin: Some(_),

            // This didn't have either recognized section,

            // so it is likely itn an unrecognized format.

        }

}

impl<R: Addresses> ConnectPointEnum<R> {

    /// Check whether authenticating this connect point grants superuser permission.

        use crate::SuperuserPermission::*;

                } else {

                }

            }

        }

    /// Return true if this connect point is an explicit abort.

            ConnectPointEnum::Builtin(Builtin {

                builtin: BuiltinVariant::Abort

            })

        )

}

/// A "builtin" connect point.

///

/// This represents an approach to connecting that is handled purely

/// within arti.  In the future, this might include "embedded" or "owned";

/// but for now, it only includes "abort".

#[derive(Deserialize, Clone, Debug)]

pub(crate) struct Builtin {

    /// Actual strategy of built-in behavior to implement.

    pub(crate) builtin: BuiltinVariant,

}

/// A particular built-in strategy.

#[derive(Deserialize, Clone, Debug)]

#[serde(rename_all = "lowercase")]

pub(crate) enum BuiltinVariant {

    /// This connect point must fail,

    /// and no subsequent connect points may be tried.

    Abort,

}

/// Information for a connect point that is implemented by making a socket connection to an address.

#[derive(Deserialize, Clone, Debug)]

#[serde(bound = "R::Path : Deserialize<'de>, AddrWithStr<R::SocketAddr> : Deserialize<'de>")]

pub(crate) struct Connect<R: Addresses> {

    /// The address of the socket at which the client should try to reach the RPC server,

    /// and which the RPC server should bind.

    pub(crate) socket: ConnectAddress<R>,

    /// The address of the socket which the RPC server believes it is actually listening at.

    ///

    /// If absent, defaults to `socket`.

    ///

    /// This value is only needs to be different from `socket`

    /// in cases where cookie authentication is in use,

    /// and the client is sandboxed somehow (such as behind a NAT, or inside a container).

    pub(crate) socket_canonical: Option<AddrWithStr<R::SocketAddr>>,

    /// The authentication that the client should try to use,

    /// and which the server should require.

    pub(crate) auth: Auth<R>,

    /// A file in which the actual value of an `inet-auto` address should be stored.

    pub(crate) socket_address_file: Option<R::Path>,

    /// If true, we should allow authenticated connections to this connect point to acquire

    /// superuser permissions.

    #[serde(default)]

    pub(crate) superuser: bool,

}

/// A target of a [`Connect`] connpt.

///

/// Can be either a socket address, or an inet-auto address.

#[derive(Deserialize, Clone, Debug)]

#[serde(bound = "R::Path : Deserialize<'de>, AddrWithStr<R::SocketAddr> : Deserialize<'de>")]

#[serde(untagged, expecting = "a network schema and address")]

pub(crate) enum ConnectAddress<R: Addresses> {

    /// A socket address with an unspecified port.

    InetAuto(InetAutoAddress),

    /// A specified socket address.

    Socket(AddrWithStr<R::SocketAddr>),

}

/// Instructions to bind to an address chosen by the OS.

#[derive(Clone, Debug, DeserializeFromStr)]

pub(crate) struct InetAutoAddress {

    /// The address that the relay should bind to, or None if any loopback address is okay.

    ///

    /// Must be a loopback address.

    bind: Option<IpAddr>,

}

impl std::fmt::Display for InetAutoAddress {

        }

}

impl FromStr for InetAutoAddress {

    type Err = ParseError;

        };

        };

        } else {

        }

}

impl InetAutoAddress {

    /// Return a list of addresses to bind to.

            ],

            }

        }

    /// Having parsed `addr`, make sure it is a possible instantiation of this address.

    ///

    /// Return an error if it is not.

    #[cfg(feature = "rpc-client")]

        use general::SocketAddr::Inet;

        }

}

/// The representation of an address as written into a socket file.

#[derive(Clone, Debug)]

#[cfg_attr(feature = "rpc-client", derive(Deserialize))]

#[cfg_attr(feature = "rpc-server", derive(serde::Serialize))]

pub(crate) struct AddressFile {

    /// The address to which the server is bound.

    pub(crate) address: String,

}

impl<R: Addresses> ConnectAddress<R> {

    /// Return true if this is an inet-auto address.

}

impl ConnectAddress<Unresolved> {

    /// Expand all variables within this ConnectAddress to their concrete forms.

        use ConnectAddress::*;

        }

}

impl ConnectAddress<Resolved> {

    /// Return a list of addresses to bind to.

        use ConnectAddress::*;

        }

    /// Bind a single address from this `ConnectAddress`,

    /// or return an error if none can be bound.

    #[cfg(feature = "rpc-server")]

        use crate::ConnectError;

                        }

                        }

                    }

                }

                // if we reach here, we only got errors.

            }

            }

        }

}

impl Connect<Unresolved> {

    /// Expand all variables within this `Connect` to their concrete forms.

}

impl Connect<Resolved> {

    /// Return this `Connect` only if its parts are valid and compatible.

        use general::SocketAddr::{Inet, Unix};

                }

            };

        }

    /// Return an error if some path in this `Connect` is not absolute.

        }

        {

}

/// An authentication method for RPC implementations to use,

/// along with its related parameters.

#[derive(Deserialize, Clone, Debug)]

#[serde(rename_all = "lowercase")]

pub(crate) enum Auth<R: Addresses> {

    /// No authentication is needed or should be expected.

    None,

    /// Cookie-based authentication should be used.

    Cookie {

        /// Path to the cookie file.

        path: R::Path,

    },

    /// Unrecognized authentication method.

    ///

    /// (Serde will deserialize into this whenever the auth field

    /// is something unrecognized.)

    #[serde(untagged)]

    Unrecognized(toml::Value),

}

impl Auth<Unresolved> {

    /// Expand all variables within this `Auth` to their concrete forms.

            }),

        }

}

impl Auth<Resolved> {

    /// Return an error if any path in `self` is not absolute..

                } else {

                }

            }

        }

}

/// Type parameters for unresolved connect points

//

// This derive should be needless, but it permits derive(Clone,Debug) elsewhere.

#[derive(Clone, Debug)]

struct Unresolved;

impl Addresses for Unresolved {

    type SocketAddr = String;

    type Path = CfgPath;

}

/// Type parameters for resolved connect points

//

// This derive should be needless, but it permits derive(Clone,Debug) elsewhere.

#[derive(Clone, Debug)]

pub(crate) struct Resolved;

impl Addresses for Resolved {

    type SocketAddr = general::SocketAddr;

    type Path = PathBuf;

}

/// Represent an address type along with the string it was decoded from.

///

/// We use this type in connect points because, for some kinds of authentication,

/// we need the literal input string that created the address.

#[derive(

    Clone, Debug, derive_more::AsRef, serde_with::DeserializeFromStr, serde_with::SerializeDisplay,

)]

pub(crate) struct AddrWithStr<A>

where

    A: Clone + Debug,

{

    /// The string representation of the address.

    ///

    /// For inet addresses, this is the value that appeared in the configuration.

    /// For unix domain sockets, this is the value that appeared in the configuration,

    /// after shell expansion.

    string: String,

    /// The address itself.

    #[as_ref]

    addr: A,

}

impl<A> AddrWithStr<A>

where

    A: Clone + Debug,

{

    /// Return the string representation of this address,

    /// for use in the authentication handshake.

    /// Replace the string representation of this address with the one in `other`.

}

impl AddrWithStr<String> {

    /// Convert an `AddrWithStr<String>` into its substituted form.

        } else {

        };

}

impl<A> FromStr for AddrWithStr<A>

where

    A: Clone + Debug + FromStr,

{

    type Err = <A as FromStr>::Err;

}

impl<A> std::fmt::Display for AddrWithStr<A>

where

    A: Clone + Debug + std::fmt::Display,

{

}

/// Return true if `s` is an absolute address.

///

/// All IP addresses are considered absolute.

        },

    }

#[cfg(test)]

mod test {

    // @@ begin test lint list maintained by maint/add_warning @@

    #![allow(clippy::bool_assert_comparison)]

    #![allow(clippy::clone_on_copy)]

    #![allow(clippy::dbg_macro)]

    #![allow(clippy::mixed_attributes_style)]

    #![allow(clippy::print_stderr)]

    #![allow(clippy::print_stdout)]

    #![allow(clippy::single_char_pattern)]

    #![allow(clippy::unwrap_used)]

    #![allow(clippy::unchecked_time_subtraction)]

    #![allow(clippy::useless_vec)]

    #![allow(clippy::needless_pass_by_value)]

    //! <!-- @@ end test lint list maintained by maint/add_warning @@ -->

    use super::*;

    use assert_matches::assert_matches;

    fn parse(s: &str) -> ParsedConnectPoint {

        s.parse().unwrap()

    }

    #[test]

    fn examples() {

        let _e1 = parse(

            r#"

[builtin]

builtin = "abort"

"#,

        );

        let _e2 = parse(

            r#"

[connect]

socket = "unix:/var/run/arti/rpc_socket"

auth = "none"

"#,

        );

        let _e3 = parse(

            r#"

[connect]

socket = "inet:[::1]:9191"

socket_canonical = "inet:[::1]:2020"

auth = { cookie = { path = "/home/user/.arti_rpc/cookie" } }

"#,

        );

        let _e4 = parse(

            r#"

[connect]

socket = "inet:[::1]:9191"

socket_canonical = "inet:[::1]:2020"

[connect.auth.cookie]

path = "/home/user/.arti_rpc/cookie"

"#,

        );

    }

    #[test]

    fn parse_errors() {

        let r: Result<ParsedConnectPoint, _> = "not a toml string".parse();

        assert_matches!(r, Err(ParseError::InvalidConnectPoint(_)));

        let r: Result<ParsedConnectPoint, _> = "[squidcakes]".parse();

        assert_matches!(r, Err(ParseError::UnrecognizedFormat));

        let r: Result<ParsedConnectPoint, _> = r#"

[builtin]

builtin = "abort"

[connect]

socket = "inet:[::1]:9191"

socket_canonical = "inet:[::1]:2020"

auth = { cookie = { path = "/home/user/.arti_rpc/cookie" } }

"#

        .parse();

        assert_matches!(r, Err(ParseError::ConflictingMembers));

    }

    #[test]

    fn resolve_errors() {

        let resolver = CfgPathResolver::default();

        let r: ParsedConnectPoint = r#"

[connect]

socket = "inet:[::1]:9191"

socket_canonical = "inet:[::1]:2020"

[connect.auth.esp]

telekinetic_handshake = 3

"#

        .parse()

        .unwrap();

        let err = r.resolve(&resolver).err();

        assert_matches!(err, Some(ResolveError::AuthNotRecognized));

        let r: ParsedConnectPoint = r#"

[connect]

socket = "inet:[::1]:9191"

socket_canonical = "inet:[::1]:2020"

auth = "foo"

"#

        .parse()

        .unwrap();

        let err = r.resolve(&resolver).err();

        assert_matches!(err, Some(ResolveError::AuthNotRecognized));

    }

}