# Maintainer: Andreas Radke <andyrtr@archlinux.org>
# Contributor: Jan de Groot <jgc@archlinux.org>

# ALARM: Kevin Mihelich <kevin@archlinuxarm.org>
#  - compile v7 with -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64

pkgname=gnutls
pkgver=3.8.5
pkgrel=1
pkgdesc="A library which provides a secure layer over a reliable transport layer"
arch=('x86_64')
license=('GPL-3.0-or-later AND LGPL-2.1-or-later')
url="https://www.gnutls.org/"
options=('!zipman')
depends=('glibc' 'gcc-libs' 'gmp' 'libtasn1' 'zlib' 'nettle'
         'libp11-kit' 'libidn2' 'zstd' 'libidn2.so' 'libunistring' 'brotli')
makedepends=('tpm2-tss'
            # required for autoreconf when patching
            'gtk-doc')
checkdepends=('net-tools' 'tpm2-tools')
optdepends=('tpm2-tss: support for TPM2 wrapped keys')
backup=(etc/gnutls/config
        etc/modules-load.d/gnutls.conf)
source=(https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/${pkgname}-${pkgver}.tar.xz{,.sig}
        config
        gnutls-ktls_disable_keyupdate_test.patch)
sha256sums=('66269a2cfe0e1c2dabec87bdbbd8ab656f396edd9a40dd006978e003cfa52bfc'
            'SKIP'
            '22e614510fe52defe8c233ce3e5ead2205739fd967657ce3176ca121f3c562b5'
            '2a911615739cb327b6dced36b595ea10c89f40bb7274d062dab14a9ecfe89708')
#validpgpkeys=('462225C3B46F34879FC8496CD605848ED7E69871') # "Daiki Ueno <ueno@unixuser.org>"
validpgpkeys=('5D46CB0F763405A7053556F47A75A648B3F9220C') # "Zoltan Fridrich <zfridric@redhat.com>"

prepare() {
  cd ${pkgname}-${pkgver}
  patch -Np1 -i ../gnutls-ktls_disable_keyupdate_test.patch
  autoreconf -vfi
}

build() {
  cd ${pkgname}-${pkgver}
  [[ $CARCH == "armv7h" ]] && CPPFLAGS+=" -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64"
  ./configure --prefix=/usr \
	--disable-static \
	--with-idn \
	--with-brotli \
	--with-zstd \
	--with-tpm2 \
	--enable-openssl-compatibility \
	--with-default-trust-store-pkcs11="pkcs11:" \
	--enable-ktls
  sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool
  make
}

check() {
  cd ${pkgname}-${pkgver}
  make check
}

package() {
  cd ${pkgname}-${pkgver}
  make DESTDIR="${pkgdir}" install

  # prepare to load tls module required for ktls
  install -dm755 "$pkgdir"/etc/modules-load.d
  echo "#tls" > "$pkgdir"/etc/modules-load.d/gnutls.conf

  # disable ktls by default for now
  install -dm755 "$pkgdir"/etc/gnutls
  install -Dm644 "${srcdir}"/config  "$pkgdir"/etc/gnutls/config

  # license due to notice about gmp/nettle
  install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"

  # lots of .png files are put into infodir and are gzipped by makepkg! this needs to be fixed by using !zipman
  # gzip -9 all files in infodir and manpages manually
  find "$pkgdir/usr/share/info" -name '*.info*' -exec gzip -n -9 {} \;
  find "$pkgdir/usr/share/man" -exec gzip -n -9 {} \;
}