# Created by: Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>

PORTNAME=	tripwire
PORTVERSION=	2.4.3.7
PORTREVISION=	1
CATEGORIES=	security

MAINTAINER=	cy@FreeBSD.org
COMMENT=	File system security and verification program

LICENSE=	GPLv2

USE_GITHUB=	yes
GH_ACCOUNT=	Tripwire
GH_PROJECT=	tripwire-open-source

NO_LICENSES_INSTALL=	yes
MAKE_JOBS_UNSAFE=	yes
USES=		cpe gmake ssl
GNU_CONFIGURE=	yes
MAKE_ARGS=	SYSPRE=${ARCH}-unknown-freebsd \
		DESTDIR=${STAGEDIR}
M4=		/usr/bin/m4

# Tripwire database files are stored in TWDB.
TWDB?=		/var/db/tripwire

#	If TW_CLOBBER is set to true, the install script clobbers
#	previously installed config files.
#
#	If TW_PROMPT is set to true, the install script is interactive.

OPTIONS_SINGLE=	TWCFG
OPTIONS_SINGLE_TWCFG=	TWCFG_ETC TWCFG_TWDB
OPTIONS_DEFINE=	TW_CLOBBER TW_PROMPT SW_ONLY DB_BUILD
OPTIONS_DEFAULT=	TWCFG_ETC TW_PROMPT DB_BUILD
TWCFG_ETC_DESC=		Put config files in ${ETCDIR}
TWCFG_TWDB_DESC=	Put config files in ${TWDB}/etc
TW_CLOBBER_DESC=	Clobber existing database files at install
TW_PROMPT_DESC=		Interactive install (ignored when PACKAGE_BUILDING)
SW_ONLY_DESC=		Install software only, do not post-configure (ignored when PACKAGE_BUILDING)
DB_BUILD_DESC=		Build database during post-install (ignored when PACKAGE_BUILDING)

PACKAGE_BUILDING=	yes
.ifndef PACKAGE_BUILDING
BROKEN=		for testing only
.endif

.include <bsd.port.pre.mk>

# Tripwire config files are stored in TWCFG
.if ${PORT_OPTIONS:MTWCFG_ETC}
TWCFG?=		${ETCDIR}
.endif
.if ${PORT_OPTIONS:MTWCFG_TWDB}
TWCFG?=		${TWDB}/etc
.endif

.if ${PORT_OPTIONS:MTW_CLOBBER}
TW_CLOBBER=	true
.else
TW_CLOBBER=	false
.endif

.if ${PORT_OPTIONS:MTW_PROMPT}
TW_PROMPT=	true
.else
TW_PROMPT=	false
# TW_SITE_PASS?=	FreeBSD
.ifndef TW_SITE_PASS
BROKEN=		No site passphrase specified or turn PROMPT on
.endif
# TW_LOCAL_PASS?=	FreeBSD
.ifndef TW_LOCAL_PASS
BROKEN=		No local passphrase specified or turn PROMPT on
.endif
.endif

# Tripwire policy files are stored in TWPOLICY.
TWPOLICY?=	${TWCFG}
# The Tripwire site key files are stored in TWSITEKEYDIR.
TWSITEKEYDIR?=	${TWPOLICY}
# The Tripwire local key files are stored in TWLOCALKEYDIR.
TWLOCALKEYDIR?=	${TWPOLICY}
# Tripwire report files are stored in TWREPORT.
TWREPORT?=	${TWDB}/report
# This sets the default text editor for Tripwire.
TWEDITOR?=	/usr/bin/vi
# This sets the location of the twpol.txt file that is to be installed
TWPOL_TXT?=	${FILESDIR}/twpol.m4
CONFIGURE_ARGS=	--prefix=${PREFIX} --program-transform-name='' --sysconfdir=${TWCFG}

PLIST_SUB+=	TWCFG=${TWCFG} TWDB=${TWDB}
PKGPOSTINSTALL=	${WRKDIR}/pkg-postinstall
PKGPOSTDEINSTALL=	${WRKDIR}/pkg-deinstall
SUB_FILES=	pkg-deinstall
SUB_LIST=	TWCFG=${TWCFG} TWDB=${TWDB}

pre-configure:
	@ ${M4} -DFREEBSD_VERSION=`${ECHO_CMD} ${OSREL} | ${CUT} -d. -f1` < ${TWPOL_TXT} > ${WRKSRC}/policy/twpol-FreeBSD.txt
	@ ${MV} ${WRKSRC}/src/core/stdcore.h ${WRKSRC}/src/core/stdcore.h.orig
	@ ${SED} 's%^# define CONFIG_FILE_ROOT	"${TWCFG}"%# define CONFIG_FILE_ROOT	"${TWCFG}"%' ${WRKSRC}/src/core/stdcore.h.orig > ${WRKSRC}/src/core/stdcore.h
	@ ${MV} ${WRKSRC}/man/man4/twconfig.4 ${WRKSRC}/man/man5/twconfig.5
	@ ${MV} ${WRKSRC}/man/man4/twpolicy.4 ${WRKSRC}/man/man5/twpolicy.5
	@ ${LN} -s ${WRKSRC}/contrib ${WRKSRC}/install

install-config-files:
	@ ${ECHO_CMD} TWPOLICY=${TWPOLICY} >> ${WRKSRC}/installer/install.cfg
	@ ${ECHO_CMD} TWSITEKEYDIR=${TWSITEKEYDIR} >> ${WRKSRC}/installer/install.cfg
	@ ${ECHO_CMD} TWLOCALKEYDIR=${TWLOCALKEYDIR} >> ${WRKSRC}/installer/install.cfg
	@ ${ECHO_CMD} TWDB=${TWDB} >> ${WRKSRC}/installer/install.cfg
	@ ${ECHO_CMD} TWREPORT=${TWREPORT} >> ${WRKSRC}/installer/install.cfg
	@ ${ECHO_CMD} TWEDITOR=${TWEDITOR} >> ${WRKSRC}/installer/install.cfg
.ifdef TW_SITE_PASS
	@ ${ECHO_CMD} TW_SITE_PASS=${TW_SITE_PASS} >> ${WRKSRC}/installer/install.cfg
.endif
.ifdef TW_LOCAL_PASS
	@ ${ECHO_CMD} TW_LOCAL_PASS=${TW_LOCAL_PASS} >> ${WRKSRC}/installer/install.cfg
.endif
	@ cd ${WRKSRC} && ${LN} -sf installer/install.cfg installer/install.sh .
.ifdef PACKAGE_BUILDING
	@ cd ${WRKSRC} && DESTDIR=${STAGEDIR} PREFIX=${PREFIX} TW_CLOBBER=${TW_CLOBBER} DO_NOT_CONFIG="yes" TW_PROMPT="false" ${MAKE_CMD} install-data-hook
.else
.if ${PORT_OPTIONS:MSW_ONLY}
	@ cd ${WRKSRC} && DESTDIR=${STAGEDIR} PREFIX=${PREFIX} TW_CLOBBER=${TW_CLOBBER} DO_NOT_CONFIG="yes" TW_PROMPT="false" ${MAKE_CMD} install-data-hook
.else
	@ cd ${WRKSRC} && DESTDIR=${STAGEDIR} PREFIX=${PREFIX} TW_CLOBBER=${TW_CLOBBER} TW_PROMPT=${TW_PROMPT} ${MAKE_CMD} install-data-hook
.endif
.endif

make-pkg-install:
	@ ${ECHO_CMD} '#!/bin/sh -' > ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} '#' >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} "# Generated by make-${PKGPOSTINSTALL} on `date`" >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} '#' >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} 'case $$2 in' >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} 'POST-INSTALL)	;;' >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} '*)	exit 0;;' >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} 'esac' >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} PACKAGE_INSTALLER=yes >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} POLICYSRC=/tmp/$$$$.tmp >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} PREFIX="${PREFIX}" >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} DO_NOT_CONFIG=yes >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} TW_CLOBBER="false" >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} TW_PROMPT="false" >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} prefix=${PREFIX} >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} sysconfdir=${TWCFG} >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} path_to_vi="/usr/bin/vi" >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} path_to_sendmail="/usr/sbin/sendmail" >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} BASE_DIR=${PREFIX}/ >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} BIN_DIR=${PREFIX}/sbin >> ${PKGPOSTINSTALL}
.ifdef TW_SITE_PASS
	@ ${ECHO_CMD} TW_SITE_PASS=${TW_SITE_PASS} >> ${PKGPOSTINSTALL}
.endif
.ifdef TW_LOCAL_PASS
	@ ${ECHO_CMD} TW_LOCAL_PASS=${TW_LOCAL_PASS} >> ${PKGPOSTINSTALL}
.endif
	@ ${CAT} ${WRKSRC}/installer/install.cfg >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} ${CAT} "> /tmp/$$$$.tmp <<'EOF'" >> ${PKGPOSTINSTALL}
	@ ${M4} -DFREEBSD_VERSION=`${ECHO_CMD} ${OSREL} | ${CUT} -d. -f1` < ${TWPOL_TXT} >> ${PKGPOSTINSTALL}
	@ ${ECHO_CMD} EOF >> ${PKGPOSTINSTALL}
	@ ${SED} "/^\. /s/^/: /;/^BASE_DIR=/d;s/BIN_DIR=/: BIN_DIR=/;/^POLICYSRC/d" ${WRKSRC}/installer/install.sh >> ${PKGPOSTINSTALL}

create-database:
.ifndef PACKAGE_BUILDING
.if ${PORT_OPTIONS:MDB_BUILD}
.if ${PORT_OPTIONS:MSW_ONLY}
	@ ${ECHO} SW_ONLY has been specified, database will not be built.
.else
	@ ${MKDIR} ${TWCFG} ${TWPOLICY} ${TWSITEKEYDIR} ${TWLOCALKEYDIR} \
		${TWDB} ${TWREPORT}
	@ ${ECHO} Creating tripwire database
	@ cd ${TWCFG} && ${PREFIX}/sbin/tripwire --init
	@ ${ECHO_CMD}
	@ ${ECHO} The tripwire database, configuration file and
	@ ${ECHO} policy file are signed using the local and site keys,
	@ ${ECHO} therefore the authors suggest creating a floppy is not necessary.
.endif
.endif
.endif

post-install:	install-config-files create-database make-pkg-install
	${INSTALL_DATA} ${WRKSRC}/COPYING ${STAGEDIR}${DOCSDIR}

.include <bsd.port.post.mk>
