#! /bin/bash

set -e

version="$1"

if [ -z "$version" ]; then
    echo >&2 "Usage: $0 <version>"
    exit 2
fi

name="grsecurity-$version.patch"
debname="grsecurity-$version+debian.patch"
dir="debian/patches/features/all/grsec"
url="https://grsecurity.net/test"

## Download and verify
wget -O "$dir/$name" "$url/$name"
wget -O "$dir/$name.sig" "$url/$name.sig"
( cd "$dir" && gpg --verify "$name.sig" )

## Small snippets for easy Debian porting
# localversion depends on the featureset
filterdiff -p1 \
  -x "localversion-grsec" \
  -X <(awk '!(/^#/||/^$/) { printf("%s*\n",$2) }' debian/patches/debian/dfsg/files-1) \
  "$dir/$name" > "$dir/$debname"

# sched_autogroup_enabled is set to 0 in Debian
sed -i 's/sysctl_sched_autogroup_enabled = 1/sysctl_sched_autogroup_enabled = 0/' "$dir/$debname"

## Cleanup
#rm "$dir/$name"
rm "$dir/$name.sig"

## Update patch name in series
sed -i "s/grsecurity-.*+debian.patch/${debname}/" debian/patches/series-grsec
