# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4

PortSystem          1.0
PortGroup           legacysupport 1.1

# CLOCK_REALTIME
legacysupport.newest_darwin_requires_legacy 15

name                wolfssl
version             5.9.1
categories          devel security
maintainers         {wolfssl.com:facts @JacobBarthelmeh} openmaintainer
homepage            https://wolfssl.com/wolfSSL/Products-wolfssl.html
license             GPL-3
description         wolfSSL Embedded SSL Library

long_description    \
    The wolfSSL embedded SSL library is a lightweight SSL library written \
    in ANSI C and targeted for embedded and RTOS environments - primarily \
    because of its small size, speed, and feature set.  It is commonly \
    used in standard operating environments as well because of its \
    royalty-free pricing and excellent cross platform support.  CyaSSL \
    supports industry standards up to the current TLS and DTLS 1.2 levels, \
    is up to 20 times smaller than OpenSSL, and offers progressive ciphers \
    such as ChaCha20, Poly1305, and NTRU.

master_sites        https://www.wolfssl.com/
use_zip             yes

checksums           rmd160  64cfcc39b89dbd3e5181adf0bd45e5382ad8bf51 \
                    sha256  e9d84299739ea16ae18340aee6b8de9e584b5206a751e1df088cd0459cfe5e45 \
                    size    28487279

configure.args      --enable-all \
                    --disable-jobserver \
                    --disable-silent-rules

# fails to build on macOS <10.13, uses newer intrinsic functions
compiler.blacklist-append \
                    {clang < 1000}

# src/internal.c:42797:24: error: call to undeclared function
# 'SecTrustEvaluateWithError' on macOS <10.14
# Arguably we do not need archaic system certificates anyway.
if {${os.platform} eq "darwin" && ${os.major} < 18} {
    configure.args-append \
                    --disable-sys-ca-certs
}

variant debug description {Enable wolfSSL debugging support} {
    configure.args-append \
        --enable-debug
}

variant aesni description {Enable wolfSSL Intel AES-NI support, if available} {
    configure.args-append \
        --enable-aesni
}

variant sniffer description {Enable wolfSSL sniffer support} {
    depends_lib-append \
        port:libpcap
    configure.args-append \
        --enable-sniffer
}

depends_build-append    path:libexec/coreutils/libstdbuf.so:coreutils

use_autoreconf  yes
autoreconf.args -fvi
configure.checks.implicit_function_declaration.whitelist-append strchr

livecheck.url   https://www.wolfssl.com/wolfSSL/download/downloadForm.php
livecheck.regex "${name}-((?!.*${name}.*|\\${extract.suffix}).*)\\${extract.suffix}"

test.run    yes

# Setting WOLFSSL_EXTERNAL_TEST to 0 to avoid tests that try to connect to the internet
# OPENSSL is set to no-openssl to avoid openssl interop tests that may dependent on version of OpenSSL installed
test.env    TMPDIR=/tmp RANDFILE=/tmp/wolfssl-unittest-rnd DYLD_LIBRARY_PATH=${worksrcpath}/src/.libs WOLFSSL_EXTERNAL_TEST=0 OPENSSL=no-openssl
test.target check
test.args   -j${build.jobs}

