#!/bin/sh

mbedtls_enable() {
	perl -pi -e "s/^\/\/#define ${1}$/#define ${1}/" include/mbedtls/mbedtls_config.h
}

mbedtls_disable() {
	perl -pi -e "s/^#define ${1}$/\/\/#define ${1}/" include/mbedtls/mbedtls_config.h
}

cd `dirname $0`

if [ ! `which curl` ]; then
	echo "Curl not found."
	exit
fi

if [ "$1" = "" ]; then
version=`curl -s https://raw.githubusercontent.com/ARMmbed/mbedtls/development/ChangeLog | grep "^=" | head -1 | cut -f4 -d' '`
else
version=$1
fi
echo "Downloading mbed TLS v${version}."
curl -sO https://codeload.github.com/ARMmbed/mbedtls/zip/refs/tags/v${version}
unzip -q v${version} 2> /dev/null
rm -f v${version}
if [ ! -d mbedtls-${version} ]; then
	echo "mbed TLS v${version} not found."
	exit
fi

echo "Removing current mbed TLS library."
rm -rf cmake
rm -rf include
rm -rf library

echo "Installing new mbed TLS library."
mv mbedtls-${version}/ChangeLog .
mv mbedtls-${version}/cmake .
mv mbedtls-${version}/include .
mv mbedtls-${version}/library .

echo "Enabling threading support."
mbedtls_enable MBEDTLS_THREADING_PTHREAD
mbedtls_enable MBEDTLS_THREADING_C
mbedtls_enable MBEDTLS_SSL_PROTO_TLS1_3
mbedtls_enable MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE

echo "Disabling secp192r1 and secp192k1."
mbedtls_disable MBEDTLS_ECP_DP_SECP192R1_ENABLED
mbedtls_disable MBEDTLS_ECP_DP_SECP192K1_ENABLED

if [ -f ${version}.patch ]; then
	echo "Applying patch."
	patch -p1 < ${version}.patch
fi

echo "Cleaning up."
rm -f include/.gitignore
rm -f library/.gitignore
rm -rf mbedtls-${version}

echo "mbed TLS upgraded to version ${version}."
