# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $

inherit eutils flag-o-matic

DESCRIPTION="The OpenCA Project is a collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography world-wide."
HOMEPAGE="http://www.openca.org/"
SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"

LICENSE="BSD"
SLOT="0"
KEYWORDS="~x86"
#IUSE="doc dbm mysql postgres ldap vhosts"
IUSE="doc dbm mysql postgres ldap"

# fix these
DEPEND=">=sys-apps/sed-4"
RDEPEND="${DEPEND}
	!dev-perl/OpenCA-X509
	!dev-perl/OpenCA-REQ
	!dev-perl/OpenCA-OpenSSL
	!dev-perl/OpenCA-CRL
	>=dev-libs/openssl-0.9.7
	net-www/apache
	>=perl-core/MIME-Base64-2.20
	>=dev-perl/Digest-HMAC-1.01
	>=dev-perl/Digest-SHA1-2.02
	>=perl-core/Digest-MD5-2.24
	>=dev-perl/libintl-perl-1.10
	>=dev-perl/IO-stringy-2.108
	>=dev-perl/MIME-Lite-3.01
	>=dev-perl/MIME-tools-5.411
	>=dev-perl/MailTools-1.58
	>=dev-perl/Parse-RecDescent-1.94
	>=dev-perl/X500-DN-0.28
	>=dev-perl/XML-Twig-3.09
	>=dev-perl/CGI-Session-3.95
	>=dev-perl/net-server-0.86
	>=dev-perl/Convert-ASN1-0.18
	dbm? ( perl-core/DB_File )
	mysql? ( dev-perl/DBD-mysql )
	postgres? ( dev-perl/DBD-Pg )
	!mysql? ( !postgres? ( perl-core/DB_File ) )
	ldap? ( net-nds/openldap
		>=dev-perl/perl-ldap-0.28
		>=dev-perl/IO-Socket-SSL-0.92
		>=dev-perl/URI-1.23
		)
	sasl? ( >=dev-perl/Authen-SASL-2.04 )"

pkg_setup() {
	enewgroup openca
	enewuser openca -1 -1 /dev/null openca
}

src_unpack() {
	unpack ${A}
	cd ${S}
	if ! use ldap ; then
		epatch ${FILESDIR}/openca-0.9.2_noldap.patch
	fi

	case $( gcc-version ) in
		3.4 | 3.3 | 3.2 )
			filter-flags -fprefetch-loop-arrays -freduce-all-givs -funroll-loops
		;;
	esac
	econf
}

src_compile() {
	einfo "Compiling ${P}"
	myconf="--with-openca-user=openca \
		--with-openca-group=openca \
		--with-htdocs-fs-prefix=/var/www/localhost/htdocs/openca \
		--with-cgi-fs-prefix=/var/www/localhost/cgi-bin \
		--with-openca-prefix=/var/lib/openca \
		--with-etc-prefix=/etc/openca \
		--with-lib-prefix=/usr/lib/openca \
		--with-httpd-user=apache \
		--with-httpd-group=apache \
		--disable-external-modules \
		--with-htdocs-url-prefix=/openca"
	#if ! use vhosts ; then
	#	myconf="${myconf} --with-htdocs-url-prefix=/openca"
	#fi
	if use ldap; then
		myconf="${myconf} --with-ldap-port=389 \
			--with-ldap-root='cn=Manager,o=OpenCA,c=IT' \
			--with-ldap-root-pwd='openca'"
	else
		myconf="${myconf} --disable-ldap"
	fi
	if ! use mysql && ! use postgres || use dbm; then
		myconf="${myconf} --enable-db"
	else
		myconf="${myconf} --disable-db"
	fi
	if use mysql; then
	        einfo "Setting random user/password details for the mysql database"
	        local dbpass="${RANDOM}${RANDOM}${RANDOM}${RANDOM}"
	        sed -e "s/@dbpass@/${dbpass}/g" \
	                ${FILESDIR}/mysql-setup.sql.in > ${T}/mysql-setup.sql

		myconf="${myconf}  --enable-dbi \
			--with-db-type=mysql \
			--with-db-name=openca \
			--with-db-host=localhost \
			--with-db-port=3306 \
			--with-db-user=openca \
			--with-db-passwd='${dbpass}'"
	fi
	if use postgres; then
	        einfo "Setting random user/password details for the postgres database"
	        local dbpass="${RANDOM}${RANDOM}${RANDOM}${RANDOM}"
# Need to write up a postgres setup script
#	        sed -e "s/@dbpass@/${dbpass}/g" \
#	                ${FILESDIR}/postgres-setup.sql.in > ${T}/posgres-setup.sql

		myconf="${myconf}  --enable-dbi \
			--with-db-type=Pg \
			--with-db-name=openca \
			--with-db-host=localhost \
			--with-db-port=5432 \
			--with-db-user=openca \
			--with-db-passwd='${dbpass}'"
	fi

	econf ${myconf}
	emake || die
}

src_install() {
	make install-online install-ca DESTDIR=${D} || die

	keepdir /var/lib/openca/var/tmp
	keepdir /var/lib/openca/var/log
	keepdir /var/lib/openca/var/log/xml

	dodoc CHANGES* LICENSE README
	dodoc docs/*.txt
	dodoc "${T}/mysql-setup.sql"
	fperms 600 "/usr/share/doc/${P}/mysql-setup.sql.gz"
	doman docs/man3/*.3

	if use doc; then
		dohtml -r docs/guide
		dohtml -r docs/howto
		docinto shared
		dodoc docs/shared/*.txt
	fi
	if use ldap; then
		docinto openldap
		dodoc contrib/openldap/openca.schema
	fi
	if ! use mysql && ! use postgres || use dbm ; then
		dodir /var/lib/openca/db
		keepdir /var/lib/openca/db
	fi
# Need to lookup current apache stuff
#	if use vhosts; then
#		insinto /etc/apache2/conf/vhosts
#	fi
}

pkg_postinst() {
	if [ ! -d ${ROOT}/etc/init.d/openca ] ; then
		ln -s /etc/openca/openca_rc ${ROOT}/etc/init.d/openca
	fi
	if [ ! -d ${ROOT}/var/log/openca ] ;  then
		ln -s /var/lib/openca/var/log ${ROOT}/var/log/openca
	fi

	einfo "Please check file '/etc/openca/config.xml'"
	einfo "Then run '/etc/openca/configure_etc.sh' script"
	if use mysql; then
		einfo "Please note that OpenCA was built with the specific password"
		einfo "that is contained in /usr/share/doc/"${P}"/mysql-setup.sql"
		einfo "You should run:"
		einfo "mysql -u root -p </usr/share/doc/"${P}"/mysql-setup.sql"
		einfo "in order to set up the database. Please ensure that you then put"
		einfo "the randomly generated password into the relevant part of"
		einfo "/etc/openca/config.xml. Once done you should delete the setup"
		einfo "script for security reasons."
	fi
}