# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4

PortSystem          1.0
PortGroup           legacysupport 1.1

# CLOCK_REALTIME
legacysupport.newest_darwin_requires_legacy 15

name                wolfssl
version             5.7.6
categories          devel security
maintainers         {wolfssl.com:facts @JacobBarthelmeh} openmaintainer
homepage            https://wolfssl.com/wolfSSL/Products-wolfssl.html
license             GPL-2
description         wolfSSL Embedded SSL Library

long_description    \
    The wolfSSL embedded SSL library is a lightweight SSL library written \
    in ANSI C and targeted for embedded and RTOS environments - primarily \
    because of its small size, speed, and feature set.  It is commonly \
    used in standard operating environments as well because of its \
    royalty-free pricing and excellent cross platform support.  CyaSSL \
    supports industry standards up to the current TLS and DTLS 1.2 levels, \
    is up to 20 times smaller than OpenSSL, and offers progressive ciphers \
    such as ChaCha20, Poly1305, and NTRU.

master_sites        https://www.wolfssl.com/
use_zip             yes

checksums           rmd160  e219a662b428ff72ff0ee48401927048c69f03fa \
                    sha256  cbb9da98a678156b1b294301ffd0139cfae19c60b46dff397418940690291a20 \
                    size    26109443

configure.args      --enable-all \
                    --disable-jobserver \
                    --disable-silent-rules

# Enabling this option does not work at least on 10.6:
# src/internal.c:41288: error: 'errSecSuccess' undeclared (first use in this function)
# Arguably we do not need archaic system certificates anyway.
# OS version threshold is set according to system git being functional.
if {${os.platform} eq "darwin" && ${os.major} < 14} {
    configure.args-append \
                    --disable-sys-ca-certs
}

variant debug description {Enable wolfSSL debugging support} {
    configure.args-append \
        --enable-debug
}

variant aesni description {Enable wolfSSL Intel AES-NI support, if available} {
    configure.args-append \
        --enable-aesni
}

variant sniffer description {Enable wolfSSL sniffer support} {
    depends_lib-append \
        port:libpcap
    configure.args-append \
        --enable-sniffer
}

depends_build-append    path:libexec/coreutils/libstdbuf.so:coreutils

use_autoreconf  yes
autoreconf.args -fvi
configure.checks.implicit_function_declaration.whitelist-append strchr

livecheck.url   https://www.wolfssl.com/wolfSSL/download/downloadForm.php
livecheck.regex "${name}-((?!.*${name}.*|\\${extract.suffix}).*)\\${extract.suffix}"

test.run    yes
test.env    TMPDIR=/tmp RANDFILE=/tmp/wolfssl-unittest-rnd DYLD_LIBRARY_PATH=${worksrcpath}/src/.libs WOLFSSL_EXTERNAL_TEST=0
test.target check
test.args   -j${build.jobs}