###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007-2014  IPFire Team  <info@ipfire.org>                     #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

###############################################################################
# Definitions
###############################################################################

include Config

VER        = 1.0.1m

THISAPP    = openssl-$(VER)
DL_FILE    = $(THISAPP).tar.gz
DL_FROM    = $(URL_IPFIRE)
DIR_APP    = $(DIR_SRC)/$(THISAPP)
TARGET     = $(DIR_INFO)/$(THISAPP)

ifeq "$(MACHINE)" "i586"
	CONFIGURE_ARGS = linux-elf no-asm 386
endif

ifeq "$(MACHINE)" "armv5tel"
	CONFIGURE_ARGS = linux-generic32
endif

CFLAGS += -DPURIFY
export RPM_OPT_FLAGS = $(CFLAGS)

###############################################################################
# Top-level Rules
###############################################################################

objects = $(DL_FILE)

$(DL_FILE) = $(DL_FROM)/$(DL_FILE)

$(DL_FILE)_MD5 = d143d1555d842a069cb7cc34ba745a06

install : $(TARGET)

check : $(patsubst %,$(DIR_CHK)/%,$(objects))

download :$(patsubst %,$(DIR_DL)/%,$(objects))

md5 : $(subst %,%_MD5,$(objects))

###############################################################################
# Downloading, checking, md5sum
###############################################################################

$(patsubst %,$(DIR_CHK)/%,$(objects)) :
	@$(CHECK)

$(patsubst %,$(DIR_DL)/%,$(objects)) :
	@$(LOAD)

$(subst %,%_MD5,$(objects)) :
	@$(MD5)

###############################################################################
# Installation Details
###############################################################################

$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
	@$(PREBUILD)
	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.0-beta5-enginesdir.patch
	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.1e-rpmbuild.patch
	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.1m-weak-ciphers.patch
	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-disable-sslv2-sslv3.patch

	# Apply our CFLAGS
	cd $(DIR_APP) && sed -i Configure \
		-e "s/-O3 -fomit-frame-pointer/$(CFLAGS)/g"

	cd $(DIR_APP) && find crypto/ -name Makefile -exec \
		sed 's/^ASFLAGS=/&-Wa,--noexecstack /' -i {} \;

	cd $(DIR_APP) && ./Configure \
		--prefix=/usr \
		--openssldir=/etc/ssl \
		--enginesdir=/usr/lib/openssl/engines \
		shared \
		zlib-dynamic \
		enable-camellia \
		enable-md2 \
		enable-seed \
		enable-tlsext \
		enable-rfc3779 \
		no-idea \
		no-mdc2 \
		no-rc5 \
		no-srp \
		$(CONFIGURE_ARGS) \
		-DSSL_FORBID_ENULL

	cd $(DIR_APP) && make depend
	cd $(DIR_APP) && make

	# Install everything.
	cd $(DIR_APP) && make install
	install -m 0644 $(DIR_SRC)/config/ssl/openssl.cnf /etc/ssl

	# Remove man pages.
	-rm -vfr /etc/ssl/man

	# Move engines to the right place.
	-mkdir -pv /usr/lib/openssl
	rm -vfr /usr/lib/openssl/engines
	mv -v /usr/lib/engines /usr/lib/openssl

	@rm -rf $(DIR_APP)
	@$(POSTBUILD)
