import os
import select
import socket
import ssl
import sys
import traceback

HOST = "127.0.0.1"
PORT = 8912

def sslProtocolVersion():
    # sslProtocolVersion
    if sys.version_info >= (2,7,13):
        # this means TLSv1 or higher
        # in the future change to
        # ssl.PROTOCOL_TLS1.2
        return ssl.PROTOCOL_TLS
    elif sys.version_info >= (2,7,9):
        # this means any SSL/TLS. SSLv2 and 3 are excluded with an option after context is created
        return ssl.PROTOCOL_SSLv23
    else:
        # this means TLSv1, there is no way to set "TLSv1 or higher" or
        # "TLSv1.2" in < 2.7.9
        return ssl.PROTOCOL_TLSv1

def sslProtocolCiphers():
    if ssl.OPENSSL_VERSION_NUMBER >= 0x10100000:
        return "AECDH-AES256-SHA@SECLEVEL=0"
    else:
        return "AECDH-AES256-SHA"

def connect():
    sock = socket.create_connection((HOST, PORT))
    return sock

def listen():
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    sock.bind((HOST, PORT))
    sock.listen(0)
    return sock

def sslHandshake(sock, server=False):
    if sys.version_info >= (2,7,9):
        context = ssl.SSLContext(sslProtocolVersion())
        context.set_ciphers(sslProtocolCiphers())
        context.set_ecdh_curve("secp256k1")
        context.check_hostname = False
        context.verify_mode = ssl.CERT_NONE
        context.options = ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3 | ssl.OP_SINGLE_ECDH_USE | ssl.OP_CIPHER_SERVER_PREFERENCE
        sslSock = context.wrap_socket(sock, server_side = server, do_handshake_on_connect=False)
    else:
        sslSock = ssl.wrap_socket(sock, keyfile = os.path.join('src', 'sslkeys', 'key.pem'), certfile = os.path.join('src', 'sslkeys', 'cert.pem'), server_side = server, ssl_version=sslProtocolVersion(), do_handshake_on_connect=False, ciphers='AECDH-AES256-SHA')

    while True:
        try:
            sslSock.do_handshake()
            break
        except ssl.SSLWantReadError:
            print "Waiting for SSL socket handhake read"
            select.select([sslSock], [], [], 10)
        except ssl.SSLWantWriteError:
            print "Waiting for SSL socket handhake write"
            select.select([], [sslSock], [], 10)
        except Exception:
            print "SSL socket handhake failed, shutting down connection"
            traceback.print_exc()
            return
    print "Success!"
    return sslSock

if __name__ == "__main__":
    if len(sys.argv) != 2:
        print "Usage: ssltest.py client|server"
        sys.exit(0)
    elif sys.argv[1] == "server":
        serversock = listen()
        while True:
            print "Waiting for connection"
            sock, addr = serversock.accept()
            print "Got connection from %s:%i" % (addr[0], addr[1])
            sslSock = sslHandshake(sock, True)
            if sslSock:
                sslSock.shutdown(socket.SHUT_RDWR)
                sslSock.close()
    elif sys.argv[1] == "client":
        sock = connect()
        sslSock = sslHandshake(sock, False)
        if sslSock:
            sslSock.shutdown(socket.SHUT_RDWR)
            sslSock.close()
    else:
        print "Usage: ssltest.py client|server"
        sys.exit(0)