#!/bin/sh

die() {
	printf "$1\n" >&2
	exit 1
}

usage() {
	cat <<EOF
usage: configure [options]

  --prefix=PREFIX        installation prefix [/usr]
  --exec-prefix=EPREFIX  installation prefix for executable files [PREFIX]
  --bindir=DIR           user executables [PREFIX/bin]
  --datadir=DIR          architecture-independent data files [PREFIX/share]
  --mandir=DIR           manual pages [DATADIR/man]
  --sysconfdir=DIR       directory for configuration files [/etc]
  --pamdir=DIR           PAM directory [SYSCONFDIR/pam.d]

  --build=build-alias    a cpu-vendor-opsys for the system where the application will be built
  --host=host-alias      a cpu-vendor-opsys for the system where the application will run
  --target=target-alias  the machine that CC will produce code for

  --enable-debug         enable debugging
  --enable-seccomp       enable seccomp
  --enable-static        prepare for static build

  --help, -h             display this help and exit
EOF
	exit 0
}

for x; do
	opt=${x%%=*}
	var=${x#*=}
	case "$opt" in
	--prefix) PREFIX=$var;;
	--exec-prefix) EPREFIX=$var;;
	--bindir) BINDIR=$var;;
	--datadir) SHAREDIR=$var;;
	--mandir) MANDIR=$var;;
	--sysconfdir) SYSCONFDIR=$var;;
	--pamdir) PAMDIR=$var;;
	--build) BUILD=$var;;
	--host) HOST=$var;;
	--target) TARGET=$var;;
	--enable-debug) DEBUG=yes;;
	--enable-seccomp) BUILD_SECCOMP=yes;;
	--enable-static) BUILD_STATIC=yes;;
	--help|-h) usage;;
	*) die "Error: unknown option $opt";;
	esac
done

CONFIG_MK=config.mk
rm -f "$CONFIG_MK"

: ${VERSION:="$(git describe --dirty --tags --long --always)"}

cat <<EOF >>$CONFIG_MK
PREFIX   ?=	${PREFIX:="/usr"}
EPREFIX  ?=	${EPREFIX:="${PREFIX}"}
BINDIR   ?=	${BINDIR:="${PREFIX}/bin"}
SHAREDIR ?=	${SHAREDIR:="${PREFIX}/share"}
MANDIR   ?=	${MANDIR:="${SHAREDIR}/man"}
SYSCONFDIR?=	${SYSCONFDIR:="/etc"}
PAMDIR   ?=	${PAMDIR:="${SYSCONFDIR}/pam.d"}
CFLAGS   +=	-DVERSION="\"${VERSION}\""
EOF

if [ -z "$BUILD" ]; then
	BUILD="$(uname -m)-unknown-$(uname -s | tr '[:upper:]' '[:lower:]')"
fi
if [ -z "$HOST" ]; then
	[ -z "$TARGET" ] && TARGET=$BUILD
	HOST=$TARGET
fi
if [ -z "$TARGET" ]; then
	[ -z "$HOST" ] && HOST=$BUILD
	TARGET=$HOST
fi

if [ -z "$OS" ]; then
	# Derive OS from cpu-manufacturer-os-kernel
	CPU=${TARGET%%-*}
	REST=${TARGET#*-}
	MANU=${REST%%-*}
	REST=${REST#*-}
	OS=${REST%%-*}
	REST=${REST#*-}
	KERNEL=${REST%%-*}
fi

OS_FLAGS="-D__${OS}__"

case "$OS" in
	linux)
		OS_CFLAGS+=" -D_DEFAULT_SOURCE -D_GNU_SOURCE -DUID_MAX=60000 -DGID_MAX=60000"
		printf 'CURDIR   :=	.\n' >>$CONFIG_MK
		printf 'PAM_DOAS  =	pam.d__doas__linux\n' >>$CONFIG_MK
		;;
esac

[ -n "$OS_CFLAGS" ] && \
	printf 'CFLAGS   +=	%s\n' "$OS_CFLAGS" >>$CONFIG_MK

[ -n "$DEBUG" ] && \
	printf 'CFLAGS   +=	-O0 -g\n' >>$CONFIG_MK

[ -n "$BUILD_STATIC" ] && \
	printf 'CFLAGS   +=	-static\n' >>$CONFIG_MK

# Add CPPFLAGS/CFLAGS/LDFLAGS to CC for testing features
XCC="${CC:=clang} $CFLAGS $OS_CFLAGS $CPPFLAGS $LDFLAGS"
# Make sure to disable --as-needed for CC tests.
XCC="$XCC -Wl,--no-as-needed"

check_func() {
	func="$1"; src="$2"; shift 2
	printf 'Checking for %-14s\t\t' "$func ..."
	printf '%s\n' "$src" >"_$func.c"
	$XCC "_$func.c" -o "_$func" 2>/dev/null
	ret=$?
	rm -f "_$func.c" "_$func"
	if [ $ret -eq 0 ]; then
		printf 'yes.\n'
		upperfunc="$(printf '%s\n' "$func" | tr '[[:lower:]]' '[[:upper:]]')"
		printf 'CFLAGS   +=	-DHAVE_%s\n' "$upperfunc" >>$CONFIG_MK
		return 0
	else
		printf 'no.\n'
		return 1
	fi
}

src='
#include <string.h>
int main(void) {
	explicit_bzero(NULL, 0);
	return 0;
}'
check_func "explicit_bzero" "$src" || {
	printf 'OPENBSD  +=	explicit_bzero.o\n' >>$CONFIG_MK
}


#
# Check for strlcat().
#
src='
#include <string.h>
int main(void) {
	const char s1[] = "foo";
	char s2[10];
	strlcat(s2, s1, sizeof(s2));
	return 0;
}'
check_func "strlcat" "$src" || {
	printf 'OPENBSD  +=	strlcat.o\n' >>$CONFIG_MK
}

#
# Check for strlcpy().
#
src='
#include <string.h>
int main(void) {
	const char s1[] = "foo";
	char s2[10];
	strlcpy(s2, s1, sizeof(s2));
	return 0;
}'
check_func "strlcpy" "$src" || {
	printf 'OPENBSD  +=	strlcpy.o\n' >>$CONFIG_MK
}

#
# Check for errc().
#
src='
#include <err.h>
int main(void) {
	errc(0, 0, "");
	return 0;
}'
check_func "errc" "$src" || {
	printf 'OPENBSD  +=	errc.o\n' >>$CONFIG_MK
}

#
# Check for verrc().
#
src='
#include <err.h>
int main(void) {
	verrc(0, 0, "");
	return 0;
}'
check_func "verrc" "$src" || {
	printf 'OPENBSD  +=	verrc.o\n' >>$CONFIG_MK
}

#
# Check for setprogname().
#
src='
#include <stdlib.h>
int main(void) {
	setprogname("");
	return 0;
}'
check_func "setprogname" "$src" || {
	printf 'OPENBSD  +=	progname.o\n' >>$CONFIG_MK
}

#
# Check for readpassphrase().
#
src='
#include <readpassphrase.h>
int main(void) {
	char buf[12];
	readpassphrase("", buf, sizeof(buf), 0);
	return 0;
}'
check_func "readpassphrase" "$src" || {
	printf 'OPENBSD  +=	readpassphrase.o\n' >>$CONFIG_MK
}

#
# Check for strtonum().
#
src='
#include <stdlib.h>
int main(void) {
	const char *errstr;
	strtonum("", 1, 64, &errstr);
	return 0;
}'
check_func "strtonum" "$src" || {
	printf 'OPENBSD  +=	strtonum.o\n' >>$CONFIG_MK
}

#
# Check for reallocarray().
#
src='
#include <stdlib.h>
int main(void) {
	reallocarray(NULL, 0, 0);
	return 0;
}'
check_func "reallocarray" "$src" || {
	printf 'OPENBSD  +=	reallocarray.o\n' >>$CONFIG_MK
}

#
# Check for bsd_auth.h.
#
src='
#include <bsd_auth.h>
int main(void) {
	return 0;
}'
check_func "bsd_auth_h" "$src" && \
	have_bsd_auth_h=1

#
# Check for pam_appl.h.
#
src='
#include <security/pam_appl.h>
int main(void) {
	return 0;
}'
[ -z "$have_bsd_auth_h" ] && \
	check_func "pam_appl_h" "$src" && {
		printf 'SRCS     +=	doas_pam.c\n' >>$CONFIG_MK
		printf 'LDFLAGS  +=	-lpam\n' >>$CONFIG_MK
	}

#
# Check for login_cap.h.
#
src='
#include <login_cap.h>
int main(void) {
	return 0;
}'
check_func "login_cap_h" "$src" || {
	printf 'OPENBSD  +=	setusercontext.o\n' >>$CONFIG_MK
}

#
# Check for execvpe().
#
src='
#include <unistd.h>
int main(void) {
	const char *p = { "", NULL };
	execvpe("", p, p);
	return 0;
}'
check_func "execvpe" "$src" || {
	printf 'OPENBSD  +=	execvpe.o\n' >>$CONFIG_MK
}

#
# Check for setresuid().
#
src='
#include <unistd.h>
int main(void) {
	setresuid(0, 0, 0);
	return 0;
}'
check_func "setresuid" "$src" || {
	printf 'OPENBSD  +=	setresuid.o\n' >>$CONFIG_MK
}

#
# Check for pledge().
#
src='
#include <unistd.h>
int main(void) {
	pledge("", NULL);
	return 0;
}'
check_func "pledge" "$src" && {
	have_pledge=1
}

#
# Check for seccomp.h
#
src='
#include <linux/seccomp.h>
#include <sys/prctl.h>
#include <unistd.h>
int main(void) {
	prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, NULL);
	return 0;
}'
[ -z "$have_pledge" -a -n "$BUILD_SECCOMP" ] && \
	check_func "seccomp_h" "$src" && \
	{
		have_pledge=1
		printf 'OPENBSD  +=	pledge-seccomp.o\n' >>$CONFIG_MK
	}

[ -z "$have_pledge" ] && \
	printf 'OPENBSD  +=	pledge-noop.o\n' >>$CONFIG_MK