#!/bin/sh /etc/rc.common

START=13
ENGINES_CNF_D="/etc/ssl/engines.cnf.d"
ENGINES_CNF="/var/etc/ssl/engines.cnf"
ENGINES_DIR="%ENGINES_DIR%"

config_engine() {
	local builtin enabled force

	config_get_bool builtin "$1" builtin 0
	config_get_bool enabled "$1" enabled 1
	config_get_bool force "$1" force 0

	if [ "$enabled" = 0 ]; then
		[ "$builtin" != 1 ] && return 1
		echo "Engine $1 is built into the libcrypto library and can't be disabled through UCI." && \
		echo "If the engine was not built-in, remove 'config builtin' from /etc/config/openssl."
	elif [ "$force" = 1 ]; then
		printf "[Forced] "
	elif ! grep -q "\\[ *$1 *]" "${ENGINES_CNF_D}"/*; then
		echo "$1: Could not find section [$1] in config files."
		return 1
	elif [ "$builtin" = 1 ]; then
		printf "[Builtin] "
	elif [ ! -f "${ENGINES_DIR}/$1.so" ];then
		echo "$1: ${ENGINES_DIR}/$1.so not found."
		return 1
	fi
	echo Enabling engine "$1"
	echo "$1=$1" >> "${ENGINES_CNF}"
}

start() {
	mkdir -p "$(dirname "${ENGINES_CNF}")" || exit 1
	echo Generating engines.cnf
	echo "# This file is automatically generated from /etc/config/openssl." \
	      > "${ENGINES_CNF}" || \
	      { echo Error writing ${ENGINES_CNF} >&2; exit 1; }
        config_load openssl
	config_foreach config_engine engine
}