From 425cd2c6dc128859e7e95ae3a602e2c0937ac9de Mon Sep 17 00:00:00 2001
From: Brett <brett.r.nicholas.15@dartmouth.edu>
Date: Mon, 17 Jul 2023 14:47:23 -0600
Subject: [PATCH] added "-c" command line option to allow passing extra
 configure flags, removed curl and harden default options, updated
 documentation

---
 IDE/apple-universal/README.md                 | 11 ++++
 .../build-wolfssl-framework.sh                | 58 +++++++++++++++----
 2 files changed, 59 insertions(+), 10 deletions(-)

diff --git a/IDE/apple-universal/README.md b/IDE/apple-universal/README.md
index 98cff7353..576115468 100644
--- a/IDE/apple-universal/README.md
+++ b/IDE/apple-universal/README.md
@@ -14,6 +14,17 @@ This example consists of a build script and an Xcode example project. The build
 ## The build script
 `build-wolfssl-framework.sh` compiles wolfSSL as static library for all modern Apple platforms and simulators. This includes MacOS (`arm64`,`x86_64`), iPhone (`arm64`), iPhoneSimulator (`arm64`,`x86_64`), appleTV (`arm64`), appleTVSimulator (`arm64`,`x86_64`), appleWatch (`arm64`), and appleWatchSimulator (`arm64`,`x86_64`). The script compiles wolfSSL for each platform, creates universal binaries for platforms that support multiple architectures (macOS and simulators) using [lipo](https://developer.apple.com/documentation/apple-silicon/building-a-universal-macos-binary), then combines all the static libraries together into an `xcframework` that can be imported into Xcode. It is meant to be used as an example rather than a build tool, and chooses simplicity and readability over flexibility (no command line options). For an explanation of how the script cross compiles wolfSSL, see the [Technical Details](technical-details) section.
 
+To use the build script, you can run it without arguments to build a default configuration, or you can use the `-c` option to pass in a quoted string containing any additional flags to `configure` that you need. Note that `--enable-static --disable-shared` is always passed to `configure` by default. Consider the following usage example, with descriptions in the comments:
+
+```
+# default configuration
+./build-wolfssl-framework.sh
+
+# hardened configuration with curl support and FIPS-ready crypto
+./build-wolfssl-framework.sh -c "--enable-harden --enable-curl --enable-fips=ready"
+
+```
+
 ## Example project
 `wolfssl-multiplatform` is an xcode project containing a simple swiftUI "hello world" app that has been modified to run the wolfCrypt tests and establish a TLS connection to `www.wolfssl.com` on startup. It also provides an example for basic Swift/C interoperability using a "bridging header". When the app launches, the swiftUI initialization handler calls a C test driver function, which is responsible for running the wolfSSL examples. An overview of the additional files is as follows:
 
diff --git a/IDE/apple-universal/build-wolfssl-framework.sh b/IDE/apple-universal/build-wolfssl-framework.sh
index 6e932865c..14b3db328 100755
--- a/IDE/apple-universal/build-wolfssl-framework.sh
+++ b/IDE/apple-universal/build-wolfssl-framework.sh
@@ -21,7 +21,7 @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 
 
-set -euxo pipefail
+set -euo pipefail
 
 WOLFSSL_DIR=$(pwd)/../../
 OUTDIR=$(pwd)/artifacts
@@ -29,10 +29,34 @@ LIPODIR=${OUTDIR}/lib
 SDK_OUTPUT_DIR=${OUTDIR}/xcframework
 
 
-ENABLE_FIPS="no"
 CFLAGS_COMMON=""
-CONF_OPTS_COMMON="--disable-shared --enable-static --enable-curl --enable-harden --enable-fips=${ENABLE_FIPS}"
+# Optional configure flags passed in by user through -c argument
+CONF_OPTS_EXTRA=""
+# Base configure flags
+CONF_OPTS_COMMON="--disable-shared --enable-static"
 
+helpFunction()
+{
+   echo ""
+   echo "Usage: $0 [-c <config flags>]"
+   echo -e "\t-c Extra flags to be passed to ./configure"
+   exit 1 # Exit script after printing help
+}
+
+# Parse command line arguments
+while getopts ":c:" opt; do
+  case $opt in
+    c)
+      CONF_OPTS_EXTRA="$OPTARG"
+      ;;
+    \?)
+      echo "Invalid option: -$OPTARG" >&2; helpFunction
+      ;;
+  esac
+done
+
+# Amalgamate extra CLI options with base options
+CONF_OPTS="${CONF_OPTS_COMMON} ${CONF_OPTS_EXTRA}"
 
 rm -rf $OUTDIR
 mkdir -p $LIPODIR
@@ -41,6 +65,7 @@ mkdir -p $SDK_OUTPUT_DIR
 
 buildIOSSim()
 {
+    set -x
     pushd .
     cd $WOLFSSL_DIR
 
@@ -48,16 +73,18 @@ buildIOSSim()
     HOST="${ARCH}-apple-darwin"
     SDK_ROOT=$(xcrun --sdk iphonesimulator --show-sdk-path)
 
-    ./configure -prefix=${OUTDIR}/wolfssl-ios-simulator-${ARCH} ${CONF_OPTS_COMMON} --host=${HOST} \
+    ./configure -prefix=${OUTDIR}/wolfssl-ios-simulator-${ARCH} ${CONF_OPTS} --host=${HOST} \
         CFLAGS="${CFLAGS_COMMON} -arch ${ARCH} -isysroot ${SDK_ROOT}"
     make -j
     make install
 
     popd
+    set +x
 }
 
 buildIOS()
 {
+    set -x
     pushd .
     cd $WOLFSSL_DIR
 
@@ -65,16 +92,18 @@ buildIOS()
     HOST="${ARCH}-apple-darwin"
     SDK_ROOT=$(xcrun --sdk iphoneos --show-sdk-path)
 
-    ./configure -prefix=${OUTDIR}/wolfssl-ios-${ARCH} ${CONF_OPTS_COMMON} --host=${HOST} \
+    ./configure -prefix=${OUTDIR}/wolfssl-ios-${ARCH} ${CONF_OPTS} --host=${HOST} \
         CFLAGS="${CFLAGS_COMMON} -arch ${ARCH} -isysroot ${SDK_ROOT}"
     make -j
     make install
 
     popd
+    set +x
 }
 
 buildMacOS()
 {
+    set -x
     pushd .
     cd $WOLFSSL_DIR
 
@@ -82,16 +111,18 @@ buildMacOS()
     HOST="${ARCH}-apple-darwin"
     SDK_ROOT=$(xcrun --sdk macosx --show-sdk-path)
 
-    ./configure -prefix=${OUTDIR}/wolfssl-macos-${ARCH} ${CONF_OPTS_COMMON} --host=${HOST} \
+    ./configure -prefix=${OUTDIR}/wolfssl-macos-${ARCH} ${CONF_OPTS} --host=${HOST} \
         CFLAGS="${CFLAGS_COMMON} -arch ${ARCH} -isysroot ${SDK_ROOT}"
     make -j
     make install
 
     popd
+    set +x
 }
 
 buildWatchOS()
 {
+    set -x
     pushd .
     cd $WOLFSSL_DIR
 
@@ -99,16 +130,18 @@ buildWatchOS()
     HOST="${ARCH}-apple-darwin"
     SDK_ROOT=$(xcrun --sdk watchos --show-sdk-path)
 
-    ./configure -prefix=${OUTDIR}/wolfssl-watchos-${ARCH} ${CONF_OPTS_COMMON} --host=${HOST} \
+    ./configure -prefix=${OUTDIR}/wolfssl-watchos-${ARCH} ${CONF_OPTS} --host=${HOST} \
         CFLAGS="${CFLAGS_COMMON} -arch ${ARCH} -isysroot ${SDK_ROOT}"
     make -j
     make install
 
     popd
+    set +x
 }
 
 buildWatchOSSim()
 {
+    set -x
     pushd .
     cd $WOLFSSL_DIR
 
@@ -116,16 +149,18 @@ buildWatchOSSim()
     HOST="${ARCH}-apple-darwin"
     SDK_ROOT=$(xcrun --sdk watchsimulator --show-sdk-path)
 
-    ./configure -prefix=${OUTDIR}/wolfssl-watchos-simulator-${ARCH} ${CONF_OPTS_COMMON} --host=${HOST} \
+    ./configure -prefix=${OUTDIR}/wolfssl-watchos-simulator-${ARCH} ${CONF_OPTS} --host=${HOST} \
         CFLAGS="${CFLAGS_COMMON} -arch ${ARCH} -isysroot ${SDK_ROOT}"
     make -j
     make install
 
     popd
+    set +x
 }
 
 buildTVOS()
 {
+    set -x
     pushd .
     cd $WOLFSSL_DIR
 
@@ -133,16 +168,18 @@ buildTVOS()
     HOST="${ARCH}-apple-darwin"
     SDK_ROOT=$(xcrun --sdk appletvos --show-sdk-path)
 
-    ./configure -prefix=${OUTDIR}/wolfssl-tvos-${ARCH} ${CONF_OPTS_COMMON} --host=${HOST} \
+    ./configure -prefix=${OUTDIR}/wolfssl-tvos-${ARCH} ${CONF_OPTS} --host=${HOST} \
         CFLAGS="${CFLAGS_COMMON} -arch ${ARCH} -isysroot ${SDK_ROOT}"
     make -j
     make install
 
     popd
+    set +x
 }
 
 buildTVOSSim()
 {
+    set -x
     pushd .
     cd $WOLFSSL_DIR
 
@@ -150,12 +187,13 @@ buildTVOSSim()
     HOST="${ARCH}-apple-darwin"
     SDK_ROOT=$(xcrun --sdk appletvsimulator --show-sdk-path)
 
-    ./configure -prefix=${OUTDIR}/wolfssl-tvos-simulator-${ARCH} ${CONF_OPTS_COMMON} --host=${HOST} \
+    ./configure -prefix=${OUTDIR}/wolfssl-tvos-simulator-${ARCH} ${CONF_OPTS} --host=${HOST} \
         CFLAGS="${CFLAGS_COMMON} -arch ${ARCH} -isysroot ${SDK_ROOT}"
     make -j
     make install
 
     popd
+    set +x
 }
 
 buildCatalyst()