# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4

PortSystem          1.0
PortGroup           active_variants 1.1
PortGroup           boost 1.0

name                shibboleth
version             3.5.2
revision            0
categories          security www shibboleth
license             Apache
maintainers         {snc @nerdling} {scantor @scantor}
description         Shibboleth Native Service Provider
long_description    The Shibboleth System is a standards based, open source \
                    software package for web single sign-on across or within \
                    organizational boundaries. It allows sites to make \
                    informed authorization decisions for individual access of \
                    protected online resources in a privacy-preserving manner.

homepage            https://www.shibboleth.net/

boost.depends_type  build

depends_build       path:bin/pkg-config:pkgconfig
depends_lib         port:opensaml \
                    port:xmltooling \
                    port:xercesc3 \
                    port:xml-security-c \
                    port:log4shib \
                    port:apache2

master_sites        http://shibboleth.net/downloads/service-provider/${version}/
distname            ${name}-sp-${version}
use_bzip2           yes
checksums           rmd160  954d411dc26a113406b3b9d3848cbe28adbd77d7 \
                    sha256  c4e92c11e56adaa5ea480aba1d78c5f30fbd5d1badb4a13bdd85684bd801298a \
                    size    838391

require_active_variants curl ssl

use_autoreconf      yes
autoreconf.args     -fvi
configure.args      --disable-odbc \
                    --enable-apache-24 \
                    --with-apxs24=${prefix}/bin/apxs \
                    --without-gssapi

variant odbc description {enable odbc support} {
        depends_lib-append port:unixODBC
        configure.args-replace --disable-odbc --enable-odbc
}

destroot.keepdirs ${destroot}${prefix}/var/log/${name} ${destroot}${prefix}/var/run/${name} ${destroot}${prefix}/var/cache/${name}

destroot.args   NOKEYGEN=1

post-destroot {
    file delete {*}[glob ${destroot}${prefix}/etc/${name}/*.logger]
    file delete {*}[glob ${destroot}${prefix}/etc/${name}/*.html]
    file delete {*}[glob ${destroot}${prefix}/etc/${name}/*.xml]
    file delete {*}[glob ${destroot}${prefix}/etc/${name}/shibd-*]
}

post-activate {
    # Make sure initial conf files are present and set up correctly
    set confDir ${prefix}/etc/${name}
    foreach f [glob -tails -directory ${confDir} *.dist] {
        regexp {(.+)\.dist} $f ign destname
        if {![file exists ${confDir}/${destname}]} {
            file copy ${confDir}/${f} ${confDir}/${destname}
        }
    }
    if {![file exists ${confDir}/sp-key.pem]} {
        system -W ${prefix}/etc/${name} "./keygen.sh -b -n sp-signing"
        system -W ${prefix}/etc/${name} "./keygen.sh -b -n sp-encrypt"
    }
}

startupitem.create      yes
startupitem.name        shibd
startupitem.executable  ${prefix}/sbin/shibd -F -f -p ${prefix}/var/run/${name}/shibd.pid

livecheck.type          regex
livecheck.url           http://shibboleth.net/downloads/service-provider/latest/
livecheck.regex         ${name}-sp-(\\d+\\.\\d+(\\.\\d+)?)
