# $Id$
# Maintainer: Pierre Schmitz <pierre@archlinux.de>

# ALARM: Kevin Mihelich <kevin@archlinuxarm.org>
#  - use linux-armv4 target for our architectures
#  - cryptodev-enabled version

noautobuild=1
buildarch=6

pkgname=openssl-cryptodev
_pkgname=openssl
_ver=1.0.1c
# use a pacman compatible version scheme
pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
#pkgver=$_ver
pkgrel=1
pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
arch=('arm' 'armv7h')
url='https://www.openssl.org'
license=('custom:BSD')
depends=('perl')
if [ "${CARCH}" == 'armv7h' ]; then
	makedepends=('linux-headers-cubox')
else
	makedepends=('linux-headers')
fi
optdepends=('ca-certificates')
options=('!makeflags')
backup=('etc/ssl/openssl.cnf')
conflicts=('openssl')
provides=("openssl=${pkgver}")
source=("https://www.openssl.org/source/${_pkgname}-${_ver}.tar.gz"
        'fix-manpages.patch'
        'no-rpath.patch'
        'ca-dir.patch')
md5sums=('ae412727c8c15b67880aef7bd2999b2e'
         '5bbc0655bda2af95bc8eb568963ce8ba'
         'dc78d3d06baffc16217519242ce92478'
         '3bf51be3a1bbd262be46dc619f92aa90')

build() {
	cd $srcdir/$_pkgname-$_ver

	if [ "${CARCH}" == 'x86_64' ]; then
		openssltarget='linux-x86_64'
	elif [ "${CARCH}" == 'i686' ]; then
		openssltarget='linux-elf'
	elif [ "${CARCH}" == 'arm' -o "${CARCH}" == 'armv7h' ]; then
		openssltarget='linux-armv4'
	fi

	if [ "${CARCH}" == 'armv7h' ]; then
		_kernel_release="$(pacman -Q linux-headers-cubox | grep -Eo "[^\ ]+$")-ARCH+"
	else
		_kernel_release="$(uname -r)"
	fi

	# avoid conflicts with other man pages
	# see http://www.linuxfromscratch.org/patches/downloads/openssl/
	patch -p1 -i $srcdir/fix-manpages.patch
	# remove rpath: http://bugs.archlinux.org/task/14367
	patch -p0 -i $srcdir/no-rpath.patch
	# set ca dir to /etc/ssl by default
	patch -p0 -i $srcdir/ca-dir.patch
	# mark stack as non-executable: http://bugs.archlinux.org/task/12434
	./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
		-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DHASH_MAX_LEN=64 \
		shared threads zlib enable-md2 \
		"${openssltarget}" \
		-Wa,--noexecstack "${CFLAGS} -I/usr/src/linux-${_kernel_release}" \
		-DOPENSSL_NO_TLS1_2_CLIENT

	make depend
	make
}

check() {
	cd $srcdir/$_pkgname-$_ver
	# the test fails due to missing write permissions in /etc/ssl
	# revert this patch for make test
	patch -p0 -R -i $srcdir/ca-dir.patch
#	make test
	patch -p0 -i $srcdir/ca-dir.patch
}

package() {
	depends=('cryptodev_friendly')
	cd $srcdir/$_pkgname-$_ver
	make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man install
	install -D -m644 LICENSE $pkgdir/usr/share/licenses/$_pkgname/LICENSE
}