###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007-2013  IPFire Team  <info@ipfire.org>                     #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

###############################################################################
# Definitions
###############################################################################

include Config

VER        = 5.2.2

THISAPP    = strongswan-$(VER)
DL_FILE    = $(THISAPP).tar.bz2
DL_FROM    = $(URL_IPFIRE)
DIR_APP    = $(DIR_SRC)/strongswan-$(VER)
TARGET     = $(DIR_INFO)/$(THISAPP)

ifeq "$(MACHINE)" "i586"
	CONFIGURE_OPTIONS = \
		--enable-padlock
else
	CONFIGURE_OPTIONS = \
		--disable-padlock
endif

###############################################################################
# Top-level Rules
###############################################################################

objects = $(DL_FILE)

$(DL_FILE) = $(DL_FROM)/$(DL_FILE)

$(DL_FILE)_MD5 = 7ee1a33060b2bde35be0f6d78a1d26d0

install : $(TARGET)

check : $(patsubst %,$(DIR_CHK)/%,$(objects))

download :$(patsubst %,$(DIR_DL)/%,$(objects))

md5 : $(subst %,%_MD5,$(objects))

###############################################################################
# Downloading, checking, md5sum
###############################################################################

$(patsubst %,$(DIR_CHK)/%,$(objects)) :
	@$(CHECK)

$(patsubst %,$(DIR_DL)/%,$(objects)) :
	@$(LOAD)

$(subst %,%_MD5,$(objects)) :
	@$(MD5)

###############################################################################
# Installation Details
###############################################################################

$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
	@$(PREBUILD)
	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.0.2_ipfire.patch
	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816-eb25190.patch
	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816-650a3ad.patch
	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816-dd0ebb.patch
	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-819-cd2c30a.patch

	cd $(DIR_APP) && [ -x "configure" ] || ./autogen.sh
	cd $(DIR_APP) && ./configure \
		--prefix="/usr" \
		--sysconfdir="/etc" \
		--enable-curl \
		--enable-dhcp \
		--enable-farp \
		--enable-openssl \
		--enable-gcrypt \
		--enable-xauth-eap \
		--enable-xauth-noauth \
		--enable-eap-radius \
		--enable-eap-tls \
		--enable-eap-ttls \
		--enable-eap-peap \
		--enable-eap-mschapv2 \
		--enable-eap-identity \
		$(CONFIGURE_OPTIONS)

	cd $(DIR_APP) && make $(MAKETUNING)
	cd $(DIR_APP) && make install

	# Remove all library files we don't want or need.
	rm -vf /usr/lib/ipsec/plugins/*.{,l}a

	-rm -rfv /etc/rc*.d/*ipsec
	cd $(DIR_SRC) && cp src/initscripts/init.d/ipsec /etc/rc.d/init.d/ipsec
	rm -f /etc/ipsec.conf /etc/ipsec.secrets
	ln -sf $(CONFIG_ROOT)/vpn/ipsec.conf /etc/ipsec.conf
	ln -sf $(CONFIG_ROOT)/vpn/ipsec.secrets /etc/ipsec.secrets

	rm -rf /etc/ipsec.d/{cacerts,certs,crls}
	ln -sf $(CONFIG_ROOT)/ca    /etc/ipsec.d/cacerts
	ln -sf $(CONFIG_ROOT)/certs /etc/ipsec.d/certs
	ln -sf $(CONFIG_ROOT)/crls  /etc/ipsec.d/crls

	install -v -m 644 $(DIR_SRC)/config/strongswan/charon.conf \
		/etc/strongswan.d/charon.conf

	@rm -rf $(DIR_APP)
	@$(POSTBUILD)
