# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4

PortSystem          1.0
PortGroup           legacysupport 1.1

# CLOCK_REALTIME
legacysupport.newest_darwin_requires_legacy 15

name                wolfssl
version             5.7.2
revision            0
categories          devel security
maintainers         {wolfssl.com:facts @JacobBarthelmeh} openmaintainer
homepage            https://wolfssl.com/wolfSSL/Products-wolfssl.html
license             GPL-2
description         wolfSSL Embedded SSL Library

long_description    \
    The wolfSSL embedded SSL library is a lightweight SSL library written \
    in ANSI C and targeted for embedded and RTOS environments - primarily \
    because of its small size, speed, and feature set.  It is commonly \
    used in standard operating environments as well because of its \
    royalty-free pricing and excellent cross platform support.  CyaSSL \
    supports industry standards up to the current TLS and DTLS 1.2 levels, \
    is up to 20 times smaller than OpenSSL, and offers progressive ciphers \
    such as ChaCha20, Poly1305, and NTRU.

master_sites        https://www.wolfssl.com/
use_zip             yes

checksums           rmd160  ed7c0a3d1699bcaaabe8652af1ea3bcce87d10e6 \
                    sha256  07d580eb452aed737f1ce71aecc4f076276508f9454d70c8083772f6143ca160 \
                    size    25112699

patch.pre_args-replace  -p0 -p1

# https://github.com/wolfSSL/wolfssl/pull/7931
# https://github.com/wolfSSL/wolfssl/pull/7932
patchfiles-append   0001-types.h-add-powerpc-macros.patch \
                    0002-asm.c-fix-ppc-asm-for-macOS.patch \
                    0003-sp_int.c-fix-ppc-asm-for-macOS.patch \
                    0004-wc_port.h-fix-macros-for-powerpc.patch \
                    0005-Fix-libdispatch-usage-condition.patch \
                    0006-crl.c-use-EV_TRIGGER-when-NOTE_TRIGGER-unavailable.patch

configure.args      --enable-all \
                    --disable-jobserver \
                    --disable-silent-rules

# Enabling this option does not work at least on 10.6:
# src/internal.c:41288: error: 'errSecSuccess' undeclared (first use in this function)
# Arguably we do not need archaic system certificates anyway.
# OS version threshold is set according to system git being functional.
if {${os.platform} eq "darwin" && ${os.major} < 14} {
    configure.args-append \
                    --disable-sys-ca-certs
}

variant debug description {Enable wolfSSL debugging support} {
    configure.args-append \
        --enable-debug
}

variant aesni description {Enable wolfSSL Intel AES-NI support, if available} {
    configure.args-append \
        --enable-aesni
}

variant sniffer description {Enable wolfSSL sniffer support} {
    depends_lib-append \
        port:libpcap
    configure.args-append \
        --enable-sniffer
}

depends_build-append    path:libexec/coreutils/libstdbuf.so:coreutils

use_autoreconf  yes
autoreconf.args -fvi
configure.checks.implicit_function_declaration.whitelist-append strchr

livecheck.url   https://www.wolfssl.com/wolfSSL/download/downloadForm.php
livecheck.regex "${name}-((?!.*${name}.*|\\${extract.suffix}).*)\\${extract.suffix}"

test.run    yes
test.env    TMPDIR=/tmp RANDFILE=/tmp/wolfssl-unittest-rnd DYLD_LIBRARY_PATH=${worksrcpath}/src/.libs
test.target check
test.args   -j${build.jobs}