#!/bin/bash

## Copyright (C) 2025 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
## See the file COPYING for copying conditions.

## This script runs on the workstation and is systemd socket-activated.
## systemd will create a socket at
## /run/user/UID/sdwdate-gui/sdwdate-gui-server.socket. When that socket is
## connected to, this script will run, and its stdio streams will be connected
## to the socket.
##
## The script repeatedly calls sdwdate-gui.ConnectCheck once a second to see
## if it is possible to call sdwdate-gui.Connect yet. If it receives a 'y', it
## calls sdwdate-gui.Connect, which will pass all socket I/O from the systemd
## socket to the gateway sdwdate-gui-server instance. If it receives an 'n',
## it waits a second and then checks for the server again. If it receives
## anything other than a 'y' or 'n' (such as the special value 'q' for
## "quit"), it gives up entirely.

#set -x
set -o errexit
set -o nounset
set -o errtrace
set -o pipefail

true "$0: START"

source /usr/libexec/helper-scripts/systemd-notify.bsh

exit_handler() {
  ## Avoid error.
  ## > Dec 04 08:59:57 sys-net systemd[1]: sdwdate-gui-qubes@0-1443-1000.service: Failed with result 'protocol'.
  "${systemd_notify[@]}" --ready
  true "$0: END: OK."
}

trap exit_handler EXIT

target_vm="$(/usr/libexec/sdwdate-gui/sdwdate-gui-config-read 'gateway')" || exit 1

"${systemd_notify[@]}" --ready

connect_check_rslt='n'
while true; do
  sleep 1
  connect_check_rslt="$(
    ## We redirect a blank string into this qrexec-client-vm invocation's
    ## stdin, because otherwise it will eat the script's stdin up to this
    ## point, preventing some data from reaching the server.
    qrexec-client-vm "${target_vm}" sdwdate-gui.ConnectCheck <<< "" 2>&1
  )" || connect_check_rslt='n'
  if [ "${connect_check_rslt}" = 'n' ]; then
    continue
  fi
  break
done

if [ "${connect_check_rslt}" != 'y' ]; then
  ## Drop a flag file to let sdwdate-gui-client know that the server will
  ## never be available and it should stop waiting.
  if mkdir --parents -- '/run/sdwdate-gui'; then
    touch '/run/sdwdate-gui/qubes-gateway-server-disabled' || true
  fi
  ## Don't error out here, it is possible that sdwdate-gui has been disabled
  ## on the server end.
  exit 0
fi

qrexec-client-vm "${target_vm}" sdwdate-gui.Connect || true
