{ lib
, stdenv
, fetchFromGitHub
, Security
, autoreconfHook
, util-linux
, openssl
, cacert
# The primary --enable-XXX variant. 'all' enables most features, but causes build-errors for some software,
# requiring to build a special variant for that software. Example: 'haproxy'
, variant ? "all"
, extraConfigureFlags ? []
, enableARMCryptoExtensions ? stdenv.hostPlatform.isAarch64 && ((builtins.match "^.*\\+crypto.*$" stdenv.hostPlatform.gcc.arch) != null)
, enableLto ? !(stdenv.hostPlatform.isStatic || stdenv.cc.isClang)
}:
stdenv.mkDerivation (finalAttrs: {
  pname = "wolfssl-${variant}";
  version = "5.7.4";

  src = fetchFromGitHub {
    owner = "wolfSSL";
    repo = "wolfssl";
    rev = "refs/tags/v${finalAttrs.version}-stable";
    hash = "sha256-/dtW1E1wYfQEuotclUEOK5+Vg4S7vt1xWhr1lEtu60w=";
  };

  postPatch = ''
    patchShebangs ./scripts
    # ensure test detects musl-based systems too
    substituteInPlace scripts/ocsp-stapling2.test \
      --replace '"linux-gnu"' '"linux-"'
  '';

  configureFlags = [
    "--enable-${variant}"
    "--enable-reproducible-build"
  ] ++ lib.optionals (variant == "all") [
    # Extra feature flags to add while building the 'all' variant.
    # Since they conflict while building other variants, only specify them for this one.
    "--enable-pkcs11"
    "--enable-writedup"
    "--enable-base64encode"
  ] ++ [
    # We're not on tiny embedded machines.
    # Increase TLS session cache from 33 sessions to 20k.
    "--enable-bigcache"

    # Use WolfSSL's Single Precision Math with timing-resistant cryptography.
    "--enable-sp=yes${lib.optionalString (stdenv.hostPlatform.isx86_64 || stdenv.hostPlatform.isAarch) ",asm"}"
    "--enable-sp-math-all"
    "--enable-harden"
  ] ++ lib.optionals (stdenv.hostPlatform.isx86_64) [
    # Enable AVX/AVX2/AES-NI instructions, gated by runtime detection via CPUID.
    "--enable-intelasm"
    "--enable-aesni"
  ] ++ lib.optionals (stdenv.hostPlatform.isAarch64) [
    # No runtime detection under ARM and no platform function checks like for X86.
    (if enableARMCryptoExtensions
     then "--enable-armasm=inline"
     else "--disable-armasm")
  ] ++ extraConfigureFlags;

  # Breaks tls13 tests on aarch64-darwin.
  hardeningDisable = lib.optionals (stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isAarch64) [ "zerocallusedregs" ];

  # LTO should help with the C implementations.
  env.NIX_CFLAGS_COMPILE = lib.optionalString enableLto "-flto";
  env.NIX_LDFLAGS_COMPILE = lib.optionalString enableLto "-flto";

  # Don't attempt connections to external services in the test suite.
  env.WOLFSSL_EXTERNAL_TEST = "0";

  outputs = [
    "dev"
    "doc"
    "lib"
    "out"
  ];

  propagatedBuildInputs = lib.optionals stdenv.hostPlatform.isDarwin [
    Security
  ];

  nativeBuildInputs = [
    autoreconfHook
    util-linux
  ];

  doCheck = true;

  nativeCheckInputs = [
    openssl
    cacert
  ];

  postInstall = ''
    # fix recursive cycle:
    # wolfssl-config points to dev, dev propagates bin
    moveToOutput bin/wolfssl-config "$dev"
    # moveToOutput also removes "$out" so recreate it
    mkdir -p "$out"
  '';

  meta = with lib; {
    description = "Small, fast, portable implementation of TLS/SSL for embedded devices";
    mainProgram = "wolfssl-config";
    homepage = "https://www.wolfssl.com/";
    changelog = "https://github.com/wolfSSL/wolfssl/releases/tag/v${finalAttrs.version}-stable";
    platforms = platforms.all;
    license = licenses.gpl2Plus;
    maintainers = with maintainers; [ fab vifino ];
  };
})