#!/bin/bash
#
# libssl and libcrypto (OpenSSL or derivate) support, with installer.
# Requires OpenSSL version v1.0.1 or later.
#
# Usage:
#   mkl_require libssl
#

# And then call the following function from the correct place/order in checks:
#   mkl_check libssl
#
#
# This module is a bit hacky since OpenSSL provides both libcrypto and libssl,
# the latter depending on the former, but from a user perspective it is
# SSL that is the feature, not crypto.

mkl_toggle_option "Feature" ENABLE_SSL "--enable-ssl" "Enable SSL support" "try"


function manual_checks {
    case "$ENABLE_SSL" in
        n) return 0 ;;
        y) local action=fail ;;
        try) local action=disable ;;
        *) mkl_err "mklove internal error: invalid value for ENABLE_SSL: $ENABLE_SSL"; exit 1 ;;
    esac

    if [[ $MKL_DISTRO == "osx" ]]; then
        # Add brew's OpenSSL pkg-config path on OSX
        # to avoid picking up the outdated system-provided openssl/libcrypto.
        mkl_env_append PKG_CONFIG_PATH "/usr/local/opt/openssl/lib/pkgconfig" ":"
    fi

    # OpenSSL provides both libcrypto and libssl
    if [[ $WITH_STATIC_LINKING != y ]]; then
        # Debian's OpenSSL static libraries are broken.
        mkl_meta_set "libcrypto" "deb" "libssl-dev"
    fi
    mkl_meta_set "libcrypto" "rpm" "openssl-devel"
    mkl_meta_set "libcrypto" "brew" "openssl"
    mkl_meta_set "libcrypto" "apk" "openssl-dev"
    mkl_meta_set "libcrypto" "static" "libcrypto.a"

    if ! mkl_lib_check "libcrypto" "" $action CC "-lcrypto" "
#include <openssl/ssl.h>
#include <openssl/evp.h>
#if OPENSSL_VERSION_NUMBER < 0x1000100fL
#error \"Requires OpenSSL version >= v1.0.1\"
#endif"; then
        return
    fi


    #
    # libssl
    #
    mkl_meta_set "libssl" "static" "libssl.a"

    if [[ $(mkl_meta_get "libcrypto" "installed_with") == "source" ]]; then
        # Try to resolve the libssl.a static library path based on the
        # libcrypto (openssl) install path.
        mkl_resolve_static_libs "libssl" "$(mkl_dep_destdir libcrypto)"
    fi

    mkl_lib_check "libssl" "WITH_SSL" $action CC "-lssl -lcrypto" \
                  "#include <openssl/ssl.h>
#if OPENSSL_VERSION_NUMBER < 0x1000100fL
#error \"Requires OpenSSL version >= v1.0.1\"
#endif"
}


# No source installer on osx: rely on openssl from homebrew
if [[ $MKL_DISTRO != osx ]]; then

    # Install libcrypto/libssl from source tarball on linux.
    #
    # Param 1: name (libcrypto)
    # Param 2: install-dir-prefix (e.g., DESTDIR)
    # Param 2: version (optional)
    function libcrypto_install_source {
        local name=$1
        local destdir=$2
        local ver=1.1.1k
        local url=https://www.openssl.org/source/openssl-${ver}.tar.gz

        local conf_args="--openssldir=/usr/lib/ssl no-shared no-zlib no-deprecated"
        if [[ $ver == 1.0.* ]]; then
            extra_conf_args="${extra_conf_args} no-krb5"
        fi

        echo "### Installing $name $ver from source ($url) to $destdir"
        if [[ ! -f config ]]; then
            echo "### Downloading"
            curl -fL $url | tar xzf - --strip-components 1
        fi

        echo "### Configuring"
        ./config --prefix="/usr" $conf_args || return $?

        echo "### Building"
        make

        echo "### Installing to $destdir"
        if [[ $ver == 1.0.* ]]; then
            make INSTALL_PREFIX="$destdir" install_sw
        else
            make DESTDIR="$destdir" install
        fi

        return $?
    }
fi