# Compile Apache 2.0.59 with OpenSSL 0.9.8e for Windows using Microsoft Visual C++
# Copyright (c) 2005 Ross Smith. All Rights Reserved.

# $Id$

# inspiration: http://www.devside.net/web/server/windows/apache-ssl-deflate

APACHE_VER?=2.0.61

OPENSSL_VER?=0.9.8g
ZLIB_VER?=1.2.3
# Cygwin's awk causes wierd errors, so we'll use gnuwin32's version
GAWK_VER?=3.1.3-2

# use forward slashes for the following patches
OUTDIR?=C:/Program Files/Apache Group/Apache2

# 6.0, 7.0 or .NET
MSVC_DIR_WIN?=C:/Program Files/Microsoft Visual Studio/VC98

# required for ml.exe, this may be provided if you have Visual Studio .NET
# NASM may also work, haven't tried it...
ASM_DIR_WIN?=D:/PROGRA~1/MICROS~1/VC

# Must use ActiveState's perl, not Cygwin's perl
PERL_DIR_WIN?=C:/perl

SERVERNAME?=localhost
# preface @'s with backslashes (e.g., enter ex@ex.com as ex\@ex.com)
SERVERADMIN?=webmaster\@example.com
PORT?=80
SSL_PORT?=443

SSL_INPUT_PASSWORD?=aaaa
SSL_OUTPUT_PASSWORD?=${SSL_INPUT_PASSWORD}
SSL_COUNTRY?=US
SSL_STATE?=CA
SSL_LOCALITY?=Santa Monica
SSL_ORG?=Ross Smith
SSL_ORG_UNIT?=
SSL_COMMON_NAME?=Ross Smith
# preface @'s with backslashes (e.g., enter ex@ex.com as ex\@ex.com)
SSL_EMAIL?=${SERVERADMIN}
SSL_PASSWD_MIN?=0
SSL_UNSTRUCTURED_NAME?=

WGET?=wget -N

APACHE?=httpd-${APACHE_VER}
APACHE_ZIP?=${APACHE}-win32-src.zip
APACHE_URL?=http://www.apache.org/dist/httpd/${APACHE_ZIP}
# http://apache.oc1.mirrors.redwire.net/httpd/httpd-2.0.55-win32-src.zip

APACHE_DIR?=${APACHE}

ZLIB?=zlib-${ZLIB_VER}
ZLIB_GZ?=${ZLIB}.tar.gz
ZLIB_URL?=http://www.zlib.net/${ZLIB_GZ}

OPENSSL?=openssl-${OPENSSL_VER}
OPENSSL_GZ?=${OPENSSL}.tar.gz
OPENSSL_URL?=http://www.openssl.org/source/${OPENSSL_GZ}

GAWK?=gawk-${GAWK_VER}
GAWK_ZIP?=${GAWK}-bin.zip
GAWK_URL?=http://internap.dl.sourceforge.net/sourceforge/gnuwin32/${GAWK_ZIP}

GAWK_DEP_ZIP?=gawk-${GAWK_VER}-dep.zip
GAWK_DEP_URL?=http://internap.dl.sourceforge.net/sourceforge/gnuwin32/${GAWK_DEP_ZIP}

APACHE_OPENSSL_PATCH?=apache-2.2.0_openssl-0.9.8a.patch
APACHE_OPENSSL_PATCH_URL?=http://smithii.com/files/$(APACHE_OPENSSL_PATCH)

APACHE_ZLIB_PATCH?=httpd-2.0.61_zlib-1.2.3.patch
APACHE_ZLIB_PATCH_URL?=http://smithii.com/files/$(APACHE_ZLIB_PATCH)

SRCLIB=${APACHE_DIR}/srclib
ZLIB_DIR=${SRCLIB}/zlib
OPENSSL_DIR=${SRCLIB}/openssl

APACHE_CONF_TOUCH=${APACHE_ZIP}_conf.touch
APACHE_NMAKE_TOUCH=${APACHE_ZIP}_nmake.touch
APACHE_ZIP_TOUCH=${APACHE_ZIP}.touch
APACHE_ZLIB_PATCH_TOUCH=${APACHE_ZLIB_PATCH}.touch
GAWK_DEP_ZIP_TOUCH=${GAWK_DEP_ZIP}.touch
GAWK_ZIP_TOUCH=${GAWK_ZIP}.touch
OPENSSL_CNF_TOUCH=${OPENSSL_GZ}_cnf.touch
OPENSSL_CONFIGURE_TOUCH=${OPENSSL_GZ}_configure.touch
OPENSSL_DO_MASM_TOUCH=${OPENSSL_GZ}_do_masm.touch
OPENSSL_GZ_TOUCH=${OPENSSL_GZ}.touch
OPENSSL_KEY_SETUP_TOUCH=${OPENSSL_GZ}_key_setup.touch
OPENSSL_NMAKE_TOUCH=${OPENSSL_GZ}_nmake.touch
OPENSSL_INSTALL_TOUCH=${OPENSSL_GZ}_install.touch
ZLIB_GZ_TOUCH=${ZLIB_GZ}.touch
ZLIB_NMAKE_TOUCH=${ZLIB_GZ}_nmake.touch

BINDIR=${OUTDIR}/bin
CONFDIR=${OUTDIR}/conf

OPENSSL_CNF=${BINDIR}/openssl.cnf

BUILD_DIR=${shell pwd}

define unix2dos
$(shell cygpath -w "$(1)" | sed -e 's|/|\\|g')
endef

define dos2unix
$(shell cygpath $(1))
endef

OUTDIR_WIN=$(call unix2dos,"$(OUTDIR)")

MSVC_DIR=$(call dos2unix,"$(MSVC_DIR_WIN)")
ASM_DIR=$(call dos2unix,"$(ASM_DIR_WIN)")
PERL_DIR=$(call dos2unix,"$(PERL_DIR_WIN)")
CMD_EXE=$(call dos2unix,"$(COMSPEC)")

.PHONY: all
all: download config

##############################################################################

${APACHE_ZIP}:
	${WGET} ${APACHE_URL}

${APACHE_OPENSSL_PATCH}:
	${WGET} ${APACHE_OPENSSL_PATCH_URL}

$(APACHE_ZLIB_PATCH):
	$(WGET) $(APACHE_ZLIB_PATCH_URL)

${GAWK_DEP_ZIP}:
	${WGET} ${GAWK_DEP_URL}

${GAWK_ZIP}:
	${WGET} ${GAWK_URL}

${OPENSSL_GZ}:
	${WGET} ${OPENSSL_URL}

${ZLIB_GZ}:
	${WGET} ${ZLIB_URL}

.PHONY: download
download:	${APACHE_ZIP} ${APACHE_OPENSSL_PATCH} ${GAWK_DEP_ZIP} ${GAWK_ZIP} ${OPENSSL_GZ} ${ZLIB_GZ}

##############################################################################

${APACHE_ZIP_TOUCH}:	${APACHE_ZIP}
	unzip -o $<
	touch $@

.PHONY: apache_unzip	
apache_unzip:	${APACHE_ZIP_TOUCH}

##############################################################################

${APACHE_ZLIB_PATCH_TOUCH}:	${APACHE_ZLIB_PATCH} ${APACHE_ZIP_TOUCH}
	cd ${APACHE_DIR} && \
		patch --unified --batch --ignore-whitespace -p1 <../$<
	touch $@

.PHONY: apache_patch	
apache_patch:	${APACHE_ZLIB_PATCH_TOUCH}

##############################################################################

${ZLIB_GZ_TOUCH}:	${ZLIB_GZ}
	-mkdir -p "${SRCLIB}"
	tar -xvz -f $< --directory="${SRCLIB}"
	cd "${SRCLIB}" && \
		mv -f ${ZLIB} zlib
	touch $@

$(ZLIB_NMAKE_TOUCH):	${ZLIB_GZ_TOUCH}
	cd "${SRCLIB}/zlib" && \
		MAKEFLAGS="" \
		PATH="${MSVC_DIR}/bin:${ASM_DIR}/bin:$$PATH" \
		nmake -f win32/Makefile.msc
	touch $@

.PHONY: zlib
zlib:	$(ZLIB_NMAKE_TOUCH)

##############################################################################

${OPENSSL_GZ_TOUCH}:	${OPENSSL_GZ}
	-mkdir -p ${SRCLIB}
	tar -xvz -f $< --directory=${SRCLIB}
	cd ${SRCLIB} && mv -f ${OPENSSL} openssl
	touch $@

${OPENSSL_CONFIGURE_TOUCH}: ${OPENSSL_GZ_TOUCH}
	cd "${OPENSSL_DIR}" && \
		PATH="${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:\$PATH" \
		"${PERL_DIR}/bin/perl" Configure --openssldir="${BINDIR}" VC-WIN32
	touch $@

${OPENSSL_DO_MASM_TOUCH}: ${OPENSSL_CONFIGURE_TOUCH}
	cd "${OPENSSL_DIR}" && \
		PATH="${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:$$PATH" \
		"${CMD_EXE}" /c ms\\do_masm.bat
	touch $@

${OPENSSL_NMAKE_TOUCH}:	${OPENSSL_DO_MASM_TOUCH}
	cd "${OPENSSL_DIR}" && \
		MAKEFLAGS="" \
		PATH="${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:$$PATH" \
		"${CMD_EXE}" /c nmake /f ms\\ntdll.mak
	chmod +x "${OPENSSL_DIR}/out32dll/openssl.exe"
	touch $@

.PHONY: openssl
openssl: ${OPENSSL_NMAKE_TOUCH}

##############################################################################

${GAWK_DEP_ZIP_TOUCH}:	${GAWK_DEP_ZIP} 
	unzip -o -d gawk $<
	touch $@

${GAWK_ZIP_TOUCH}:	${GAWK_ZIP} ${GAWK_DEP_ZIP_TOUCH}
	unzip -o -d gawk $<
	cp gawk/bin/gawk.exe gawk/bin/awk.exe 
	chmod +x gawk/bin/*.exe
	touch $@

.PHONY: gawk
gawk:	${GAWK_ZIP_TOUCH}

##############################################################################

${APACHE_NMAKE_TOUCH}: apache_patch zlib openssl gawk ${APACHE_OPENSSL_PATCH}
	test -d "${SRCLIB}/zlib"
	-cd "${APACHE_DIR}" && \
		MAKEFLAGS="" \
		PATH="${BUILD_DIR}/gawk/bin:${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:$$PATH" \
		"${CMD_EXE}" /c nmake /f Makefile.win SERVERNAME="${SERVERNAME}" PORT=${PORT} INSTDIR="${OUTDIR_WIN}" installr
	-cd ${APACHE_DIR} && \
		patch --unified --batch --ignore-whitespace -p0 <../${APACHE_OPENSSL_PATCH}
	cd "${APACHE_DIR}" && \
		MAKEFLAGS="" \
		PATH="${BUILD_DIR}/gawk/bin:${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:$$PATH" \
		"${CMD_EXE}" /c nmake /f Makefile.win SERVERNAME="${SERVERNAME}" PORT=${PORT} INSTDIR="${OUTDIR_WIN}" installr
	touch $@

.PHONY: apache
apache: ${APACHE_NMAKE_TOUCH}

##############################################################################

${APACHE_CONF_TOUCH}: ${APACHE_NMAKE_TOUCH}
	perl -pi.bak -e ' \
		s~SSLMutex\s*file:logs/ssl_mutex~SSLMutex default~i; \
		s~ServerName www.example.com~ServerName ${SERVERNAME}~i; \
		s~ServerAdmin you@example.com~ServerAdmin ${SERVERADMIN}~i; \
		s~443~${SSL_PORT}~;' \
		"${CONFDIR}/ssl.conf"
	perl -pi.bak -e ' \
		s~.*LoadModule\s+headers_module\s+modules/mod_headers.so~LoadModule headers_module modules/mod_headers.so~i; \
		s~.*LoadModule\s+ssl_module\s+modules/mod_ssl.so~LoadModule ssl_module modules/mod_ssl.so\nLoadModule deflate_module modules/mod_deflate.so~i; \
		s~.*<Directory\s+/>.*~<Directory />\n    AddOutputFilterByType DEFLATE text/html text/plain text/css\n    Header append Vary User-Agent~i; \
		s~^#</VirtualHost>.*~#</VirtualHost>\n\nBrowserMatch ^Mozilla/4 gzip-only-text/html\nBrowserMatch ^Mozilla/4\.0[678] no-gzip\nBrowserMatch \\bMSIE !no-gzip !gzip-only-text/html\n~i; \
		s~^ServerAdmin \@\@ServerAdmin\@\@~ServerAdmin ${SERVERADMIN}~i;' \
		"${CONFDIR}/httpd.conf"

.PHONY: apache_config
apache_config: ${APACHE_CONF_TOUCH}

##############################################################################

${OPENSSL_INSTALL_TOUCH}:	apache
	cp -pf "${OPENSSL_DIR}/apps/openssl.cnf" "${BINDIR}"
	cd "${OPENSSL_DIR}/out32dll" && \
		cp -pf openssl.exe *.dll "$(BINDIR)"
	touch $@

.PHONY: openssl_install
openssl_install: ${OPENSSL_INSTALL_TOUCH}

##############################################################################

${OPENSSL_CNF_TOUCH}: openssl_install
	perl -pi.bak -e ' \
		s~.*countryName_default\s*=.*~countryName_default=${SSL_COUNTRY}~i; \
		s~.*stateOrProvinceName_default.*~stateOrProvinceName_default=${SSL_STATE}~i; \
		s~.*localityName\s*=\s*(L.*)~localityName=\1\nlocalityName_default=${SSL_LOCALITY}~i; \
		s~.*0.organizationName_default.*~0.organizationName_default=${SSL_ORG}~i; \
		s~.*organizationalUnitName_default.*~organizationalUnitName_default=${SSL_ORG_UNIT}~i; \
		s~.*commonName_max\s*=\s*(\d+).*~commonName_max=\1\ncommonName_default=${SSL_COMMON_NAME}~i; \
		s~.*emailAddress_max\s*=\s*(\d+).*~emailAddress_max=\1\nemailAddress_default=${SSL_EMAIL}~i; \
		s~.*challengePassword_min.*~challengePassword_min=${SSL_PASSWD_MIN}~i; \
		s~.*unstructuredName\s*=\s*(A.*)~unstructuredName=\1\nunstructuredName_default=${SSL_UNSTRUCTURED_NAME}~i; \
		s~.*input_password\s*=\s*\w+~input_password=${SSL_INPUT_PASSWORD}~i; \
		s~.*output_password\s*=\s*\w+~output_password=${SSL_OUTPUT_PASSWORD}~i;' \
		"${OPENSSL_CNF}"

${OPENSSL_KEY_SETUP_TOUCH}: ${OPENSSL_CNF_TOUCH}
	mkdir -p "${CONFDIR}/ssl.crt" 
	mkdir -p "${CONFDIR}/ssl.key"
	cd "${BINDIR}" && \
		./openssl req -new -out server.csr
	@-echo ""
	@-echo "*************************************************"
	@-echo "***** password is \"${SSL_INPUT_PASSWORD}\" without the quotes *****"
	@-echo "*************************************************"
	@-echo ""
	cd "${BINDIR}" && \
		./openssl rsa -in privkey.pem -out server.key
	cd "${BINDIR}" && \
		./openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365
	cd "${OUTDIR}" && \
		mv -f bin/server.crt conf/ssl.crt
	cd "${OUTDIR}" && \
		mv -f bin/server.key conf/ssl.key
	cd "${BINDIR}" && \
		rm -fr .rnd privkey.pem server.csr
	touch $@

.PHONY: openssl_config
openssl_config: ${OPENSSL_KEY_SETUP_TOUCH}

##############################################################################

.PHONY: config
config: apache_config openssl_config

##############################################################################

DIST_FILES=\
	OPENSSL-README.txt \
	OPENSSL-NEWS.txt \
	bin/libeay32.dll \
	bin/openssl.exe \
	bin/ssleay32.dll \
	bin/openssl.cnf \
	conf/httpd.conf \
	conf/ssl.conf \
	conf/ssl.crt/server.crt \
	conf/ssl.key/server.key \
	modules/mod_ssl.so \
	modules/mod_deflate.so

RM_FILES=\
	bin/openssl.cnf.bak \
	conf/httpd.conf.bak \
	logs/access.log \
	logs/access_log \
	logs/error.log \
	logs/error_log \
	logs/ssl_request_log \

DIST_FILE=apache-${APACHE_VER}_openssl-${OPENSSL_VER}.zip

$(DIST_FILE):
	-cd "${OUTDIR}" && \
		rm -f ${RM_FILES}
	find "${OUTDIR}" -name '*.exe' -o -name '*.dll' -o -name '*.so' -printf '"%p" ' | xargs chmod a+rx
	cd "${OUTDIR}" && \
		zip -9qr "${BUILD_DIR}/${DIST_FILE}" ${DIST_FILES}

.PHONY: dist
dist:	$(DIST_FILE)

.PHONY: clean
clean:
	rm -fr \
		httpd*.touch \
		gawk*.touch \
		openssl*.touch \
		zlib*.touch \
		gawk \
		${APACHE_DIR}

.PHONY: realclean
realclean:	clean
	rm -fr \
	${APACHE_ZIP} \
	${ZLIB_GZ} \
	${OPENSSL_GZ} \
	${GAWK_ZIP} \
	${GAWK_DEP_ZIP}