# Compile Apache 2.2.4 with OpenSSL 0.9.8e for Windows using Microsoft Visual C++
# Copyright (c) 2005-2007 Ross Smith. All Rights Reserved.

# $Id$

# inspiration: http://www.devside.net/web/server/windows/apache-ssl-deflate

# http://www.apache.org/dist/httpd/httpd-2.2.6-win32-src-r2.zip

APACHE_VER?=2.2.6
APACHE_REV?=-r2
OPENSSL_VER?=0.9.8g
ZLIB_VER?=1.2.3
# Cygwin's awk causes wierd errors, so we'll use gnuwin32's version
GAWK_VER?=3.1.3-2

# use forward slashes for the following patches
OUTDIR?=C:/Program Files/Apache Software Foundation/Apache2.2

# 6.0, 7.0 or .NET
MSVC_DIR_WIN?=C:/Program Files/Microsoft Visual Studio/VC98

# required for ml.exe, this may be provided if you have Visual Studio .NET
# NASM may also work, haven't tried it...
ASM_DIR_WIN?=D:/PROGRA~1/MICROS~1/VC

OUTDIRS?=$(shell mkdir -p "$(OUTDIR)" && cygpath -ms "$(OUTDIR)")

# 6.0, 7.0 or .NET
#MSVC_DIR_WIN?=C:/PROGRA~1/MICROS~3/VC98

# required for ml.exe, this may be provided if you have Visual Studio .NET
# NASM may also work, haven't tried it...
#ASM_DIR_WIN?=C:/PROGRA~1/NTDDK

# Must use ActiveState's perl, not Cygwin's perl
PERL_DIR_WIN?=C:/perl

SERVERNAME?=localhost
# preface @'s with backslashes (e.g., enter ex@ex.com as ex\@ex.com)
SERVERADMIN?=webmaster\@example.com
PORT?=80
SSL_PORT?=443

SSL_INPUT_PASSWORD?=aaaa
SSL_OUTPUT_PASSWORD?=${SSL_INPUT_PASSWORD}
SSL_COUNTRY?=Your Country
SSL_STATE?=Your State
SSL_LOCALITY?=Your Town
SSL_ORG?=Your Organization
SSL_ORG_UNIT?=Your Org Unit
SSL_COMMON_NAME?=Your Common Name
# preface @'s with backslashes (e.g., enter ex@ex.com as ex\@ex.com)
SSL_EMAIL?=${SERVERADMIN}
SSL_PASSWD_MIN?=0
SSL_UNSTRUCTURED_NAME?=

WGET?=wget -N

APACHE?=httpd-${APACHE_VER}
APACHE_ZIP?=${APACHE}-win32-src${APACHE_REV}.zip
APACHE_URL?=http://www.apache.org/dist/httpd/${APACHE_ZIP}

APACHE_DIR?=${APACHE}

ZLIB?=zlib-${ZLIB_VER}
ZLIB_GZ?=${ZLIB}.tar.gz
ZLIB_URL?=http://www.zlib.net/${ZLIB_GZ}

OPENSSL?=openssl-${OPENSSL_VER}
OPENSSL_GZ?=${OPENSSL}.tar.gz
OPENSSL_URL?=http://www.openssl.org/source/${OPENSSL_GZ}

GAWK?=gawk-${GAWK_VER}
GAWK_ZIP?=${GAWK}-bin.zip
GAWK_URL?=http://easynews.dl.sourceforge.net/sourceforge/gnuwin32/${GAWK_ZIP}

GAWK_DEP_ZIP?=gawk-${GAWK_VER}-dep.zip
GAWK_DEP_URL?=http://easynews.dl.sourceforge.net/sourceforge/gnuwin32/${GAWK_DEP_ZIP}

SRCLIB=${APACHE_DIR}/srclib
ZLIB_DIR=${SRCLIB}/zlib
OPENSSL_DIR=${SRCLIB}/openssl

APACHE_CONF_TOUCH=${APACHE_ZIP}_conf.touch
APACHE_NMAKE_TOUCH=${APACHE_ZIP}_nmake.touch
APACHE_ZIP_TOUCH=${APACHE_ZIP}.touch
GAWK_DEP_ZIP_TOUCH=${GAWK_DEP_ZIP}.touch
GAWK_ZIP_TOUCH=${GAWK_ZIP}.touch
OPENSSL_CNF_TOUCH=${OPENSSL_GZ}_cnf.touch
OPENSSL_CONFIGURE_TOUCH=${OPENSSL_GZ}_configure.touch
OPENSSL_DO_MASM_TOUCH=${OPENSSL_GZ}_do_masm.touch
OPENSSL_GZ_TOUCH=${OPENSSL_GZ}.touch
OPENSSL_KEY_SETUP_TOUCH=${OPENSSL_GZ}_key_setup.touch
OPENSSL_NMAKE_TOUCH=${OPENSSL_GZ}_nmake.touch
OPENSSL_INSTALL_TOUCH=${OPENSSL_GZ}_install.touch
ZLIB_GZ_TOUCH=${ZLIB_GZ}.touch
ZLIB_NMAKE_TOUCH=${ZLIB_GZ}_nmake.touch

BINDIR=${OUTDIR}/bin
BINDIRS=${OUTDIRS}/bin
CONFDIR=${OUTDIR}/conf

BUILD_DIR=${shell pwd}

define unix2dos
$(shell cygpath -w "$(1)" | sed -e 's|/|\\|g')
endef

define dos2unix
$(shell cygpath $(1) | sed -e 's/ /\\ /g')
endef

OUTDIR_WIN=$(call unix2dos,"$(OUTDIR)")

MSVC_DIR=$(call dos2unix,"$(MSVC_DIR_WIN)")
ASM_DIR=$(call dos2unix,"$(ASM_DIR_WIN)")
PERL_DIR=$(call dos2unix,"$(PERL_DIR_WIN)")
CMD_EXE=$(call dos2unix,"$(COMSPEC)")

.PHONY: all
all: download config

##############################################################################

${APACHE_ZIP}:
	${WGET} ${APACHE_URL}

${GAWK_DEP_ZIP}:
	${WGET} ${GAWK_DEP_URL}

${GAWK_ZIP}:
	${WGET} ${GAWK_URL}

${OPENSSL_GZ}:
	${WGET} ${OPENSSL_URL}

${ZLIB_GZ}:
	${WGET} ${ZLIB_URL}

.PHONY: download
download:	${APACHE_ZIP} ${GAWK_DEP_ZIP} ${GAWK_ZIP} ${OPENSSL_GZ} ${ZLIB_GZ}

##############################################################################

${APACHE_ZIP_TOUCH}:	${APACHE_ZIP}
	unzip -o $<
	touch $@

.PHONY: apache_unzip	
apache_unzip:	${APACHE_ZIP_TOUCH}

##############################################################################

${ZLIB_GZ_TOUCH}:	${ZLIB_GZ}
	-mkdir -p "${SRCLIB}"
	tar -xvz -f $< --directory="${SRCLIB}"
	cd "${SRCLIB}" && \
		mv -f ${ZLIB} zlib
	touch $@

$(ZLIB_NMAKE_TOUCH):	${ZLIB_GZ_TOUCH}
	cd "${SRCLIB}/zlib" && \
		MAKEFLAGS="" \
		PATH=${MSVC_DIR}/bin:${ASM_DIR}/bin:$$PATH \
		nmake -f win32/Makefile.msc
	touch $@

.PHONY: zlib
zlib:	$(ZLIB_NMAKE_TOUCH)

##############################################################################

${OPENSSL_GZ_TOUCH}:	${OPENSSL_GZ} 
	-mkdir -p "${SRCLIB}"
	tar -xvz -f $< --directory="${SRCLIB}"
	cd "${SRCLIB}" && \
		mv -f ${OPENSSL} openssl
	touch $@

${OPENSSL_CONFIGURE_TOUCH}: ${OPENSSL_GZ_TOUCH}
	cd "${OPENSSL_DIR}" && \
		PATH=${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:$$PATH \
		"${PERL_DIR}/bin/perl" Configure --openssldir="${BINDIRS}" VC-WIN32
	touch $@

${OPENSSL_DO_MASM_TOUCH}: ${OPENSSL_CONFIGURE_TOUCH}
	cd "${OPENSSL_DIR}" && \
		PATH=${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:$$PATH \
		"${CMD_EXE}" /c ms\\do_masm.bat
	touch $@

${OPENSSL_NMAKE_TOUCH}:	${OPENSSL_DO_MASM_TOUCH}
	cd "${OPENSSL_DIR}" && \
		MAKEFLAGS="" \
		PATH=${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:$$PATH \
		"${CMD_EXE}" /c nmake /f ms\\ntdll.mak
	cd "${OPENSSL_DIR}/out32dll" && \
		chmod a+x *.exe *.dll
	touch $@

.PHONY: openssl
openssl: ${OPENSSL_NMAKE_TOUCH}

##############################################################################

${GAWK_DEP_ZIP_TOUCH}:	${GAWK_DEP_ZIP} 
	unzip -o -d gawk $<
	touch $@

${GAWK_ZIP_TOUCH}:	${GAWK_ZIP} ${GAWK_DEP_ZIP_TOUCH}
	unzip -o -d gawk $<
	cp -pf gawk/bin/gawk.exe gawk/bin/awk.exe 
	chmod a+x gawk/bin/*
	touch $@

.PHONY: gawk
gawk:	${GAWK_ZIP_TOUCH}

##############################################################################

${APACHE_NMAKE_TOUCH}: apache_unzip zlib openssl gawk
	test -d "${SRCLIB}/zlib"
	cd ${APACHE_DIR} && \
		MAKEFLAGS="" \
		PATH=${BUILD_DIR}/gawk/bin:${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:$$PATH \
		${CMD_EXE} /c nmake /f Makefile.win SERVERNAME="${SERVERNAME}" PORT=${PORT} INSTDIR="${OUTDIR_WIN}" installr
	touch $@

.PHONY: apache
apache: ${APACHE_NMAKE_TOUCH}

##############################################################################

${APACHE_CONF_TOUCH}: apache
	perl -pi.bak -e ' \
		s~ServerName\s+.*~ServerName ${SERVERNAME}~i; \
		s~ServerAdmin\s+.*~ServerAdmin ${SERVERADMIN}~i; \
		s~443~${SSL_PORT}~; \
		s~SSLMutex\s*file:logs/ssl_mutex~SSLMutex default~i;' \
		"${CONFDIR}/extra/httpd-ssl.conf"
	perl -pi.bak -e ' \
		s~.*LoadModule\s+headers_module\s+modules/mod_headers.so~LoadModule headers_module modules/mod_headers.so~i; \
		s~.*LoadModule\s+ssl_module\s+modules/mod_ssl.so~LoadModule ssl_module modules/mod_ssl.so\nLoadModule deflate_module modules/mod_deflate.so~i; \
		s~.*<Directory\s+/>.*~<Directory />\n    AddOutputFilterByType DEFLATE text/html text/plain text/css\n    Header append Vary User-Agent~i; \
		s~^\s*#\s*</VirtualHost>.*~#</VirtualHost>\n\nBrowserMatch ^Mozilla/4 gzip-only-text/html\nBrowserMatch ^Mozilla/4\.0[678] no-gzip\nBrowserMatch \\bMSIE !no-gzip !gzip-only-text/html\n~i; \
		s~ServerName\s+.*~ServerName ${SERVERNAME}~i; \
		s~ServerAdmin\s+.*~ServerAdmin ${SERVERADMIN}~i; \
		s~^\s*#\s*Include\s+conf/extra/httpd-ssl.conf~Include conf/extra/httpd-ssl.conf~i;' \
		"${CONFDIR}/httpd.conf"
	touch $@

.PHONY: apache_config
apache_config: ${APACHE_CONF_TOUCH}

##############################################################################

${OPENSSL_INSTALL_TOUCH}:	apache
	cp -pf "${OPENSSL_DIR}/apps/openssl.cnf" "${BINDIR}"
	cd "${OPENSSL_DIR}/out32dll" && \
		cp -pf openssl.exe *.dll "$(BINDIR)"
	touch $@

.PHONY: openssl_install
openssl_install: ${OPENSSL_INSTALL_TOUCH}

##############################################################################

${OPENSSL_CNF_TOUCH}: openssl_install
	perl -pi.bak -e ' \
		s~.*countryName_default\s*=.*~countryName_default=${SSL_COUNTRY}~i; \
		s~.*stateOrProvinceName_default.*~stateOrProvinceName_default=${SSL_STATE}~i; \
		s~.*localityName\s*=\s*(L.*)~localityName=\1\nlocalityName_default=${SSL_LOCALITY}~i; \
		s~.*0.organizationName_default.*~0.organizationName_default=${SSL_ORG}~i; \
		s~.*organizationalUnitName_default.*~organizationalUnitName_default=${SSL_ORG_UNIT}~i; \
		s~.*commonName_max\s*=\s*(\d+).*~commonName_max=\1\ncommonName_default=${SSL_COMMON_NAME}~i; \
		s~.*emailAddress_max\s*=\s*(\d+).*~emailAddress_max=\1\nemailAddress_default=${SSL_EMAIL}~i; \
		s~.*challengePassword_min.*~challengePassword_min=${SSL_PASSWD_MIN}~i; \
		s~.*unstructuredName\s*=\s*(A.*)~unstructuredName=\1\nunstructuredName_default=${SSL_UNSTRUCTURED_NAME}~i; \
		s~.*input_password\s*=\s*\w+~input_password=${SSL_INPUT_PASSWORD}~i; \
		s~.*output_password\s*=\s*\w+~output_password=${SSL_OUTPUT_PASSWORD}~i; ' \
		"${BINDIR}/openssl.cnf"
	touch $@

${OPENSSL_KEY_SETUP_TOUCH}: ${OPENSSL_CNF_TOUCH} 
	cd "${BINDIR}" && \
		./openssl req -new -out server.csr
	@-echo ""
	@-echo "*************************************************"
	@-echo "***** password is \"${SSL_INPUT_PASSWORD}\" without the quotes *****"
	@-echo "*************************************************"
	@-echo ""
	cd "${BINDIR}" && \
		./openssl rsa -in privkey.pem -out server.key
	cd "${BINDIR}" && \
		./openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365
	cd "${OUTDIR}" && \
		mv -f bin/server.crt conf
	cd "${OUTDIR}" && \
		mv -f bin/server.key conf
	cd "${BINDIR}" && \
		rm -fr .rnd privkey.pem server.csr
	touch $@

.PHONY: openssl_config
openssl_config: ${OPENSSL_KEY_SETUP_TOUCH}

##############################################################################

.PHONY: config
config: apache_config openssl_config

##############################################################################

DIST_FILES=\
	OPENSSL-README.txt \
	OPENSSL-NEWS.txt \
	bin/libeay32.dll \
	bin/openssl.exe \
	bin/ssleay32.dll \
	bin/openssl.cnf \
	conf/httpd.conf \
	conf/extra/httpd-ssl.conf \
	conf/server.crt \
	conf/server.key \
	modules/mod_ssl.so \
	modules/mod_deflate.so

RM_FILES=\
	bin/openssl.cnf.bak \
	conf/httpd.conf.bak \
	logs/access.log \
	logs/access_log \
	logs/error.log \
	logs/error_log \
	logs/ssl_request_log \

DIST_FILE=apache-${APACHE_VER}_openssl-${OPENSSL_VER}.zip

$(DIST_FILE):
	-cd "${OUTDIR}" && \
		rm -f ${RM_FILES}
	find "${OUTDIR}" -name '*.exe' -o -name '*.dll' -o -name '*.so' -printf '"%p" ' | xargs chmod a+rx
	cd "${OUTDIR}/.." && \
		zip -9qr "$(BUILD_DIR)/$(DIST_FILE)" Apache2*

.PHONY: dist
dist:	$(DIST_FILE)

.PHONY: clean
clean:
	rm -fr \
		httpd*.touch \
		gawk*.touch \
		openssl*.touch \
		zlib*.touch \
		gawk \
		${APACHE_DIR}

.PHONY: realclean
realclean:	clean
	rm -fr \
	${APACHE_ZIP} \
	${ZLIB_GZ} \
	${OPENSSL_GZ} \
	${GAWK_ZIP} \
	${GAWK_DEP_ZIP}

	#s~SSLCertificateFile\s+conf/server.crt~SSLCertificateFile conf/ssl.crt/server.crt~i;
	#s~SSLCertificateKeyFile\s+conf/server.key~SSLCertificateKeyFile conf/ssl.key/server.key~i;
	#mkdir -p "${CONFDIR}/ssl.crt" 
	#mkdir -p "${CONFDIR}/ssl.key"

.PHONY:	diff
diff:
	diff -urN httpd-${APACHE_VER}.orig httpd-${APACHE_VER} | tr -d '\015' >httpd-${APACHE_VER}-win32-src.patch