#!/usr/bin/perl
#
# --- BEGIN COPYRIGHT BLOCK ---
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Copyright (C) 2007 Red Hat, Inc.
# All rights reserved.
# --- END COPYRIGHT BLOCK ---
#

##############################################################
# This script is used to complete setting up the framework
# that is required prior to creating various PKI instances.
#
# Objects placed in here consist of items that can only be
# determined at runtime (not at buildtime).
#
#     NOTE:  The steps completed by this script are only
#            needed by non-TPS (Java-based) PKI subsystems.
#
# Sample Invocation (for CA, KRA, OCSP, or TKS):
#
#    ./pkicomplete
#
##############################################################


##############################################################
# Perl Version
##############################################################

my $MINIMUM_PERL_VERSION = "5.006001";

my $perl_version_error_message = "ERROR:  Using Perl version $] ...\n"
                               . "        Must use Perl version "
                               . "$MINIMUM_PERL_VERSION or later to "
                               . "run this script!\n";

die "$perl_version_error_message" if $] < $MINIMUM_PERL_VERSION;


##############################################################
# Environment Variables
##############################################################

# untaint called subroutines
if( ( $^O ne 'Windows_NT' ) && ( $^O ne 'MSWin32' ) ) {
    $> = $<;   # set effective user ID to real UID
    $) = $(;   # set effective group ID to real GID
    $ENV{ 'PATH' } = '/bin:/usr/bin';
    $ENV{ 'ENV' } = '' if $ENV{ 'ENV' } ne '';
}


##############################################################
# Shared Common Perl Data and Subroutines
##############################################################

# Compute "flavor" of Operating System
my $pki_flavor = "";
if( $^O eq "linux" ) {
    $pki_flavor = "pki";
} elsif( $^O eq "solaris" ) {
    $pki_flavor = "pki";
} else {
    print( STDERR
           "ERROR:  Unsupported platform '$^O'!\n" );
    print( STDOUT "\n" );
    exit 255;
}

$pki_flavor =~ s/\s+$//g;

# Establish path to scripts
my $pki_subsystem_common_area = "/usr/share/$pki_flavor";
my $common_path = "/usr/share/pki/scripts";

if( ! -d "$common_path" ) {
    print( STDERR
           "ERROR:  The path '$common_path' does not exist!\n"
         . "        Unable to load shared Common Perl Data "
         . "and Subroutines!\n" );
    print( STDOUT "\n" );
    exit 255;
}

if( ! -e "$common_path/pkicommon" ) {
    print( STDERR
           "ERROR:  The file '$common_path/pkicommon' does not exist!\n"
         . "        Unable to load shared Common Perl Data "
         . "and Subroutines!\n" );
    print( STDOUT "\n" );
    exit 255;
}

eval( "use lib '" . $common_path . "'" );
require( 'pkicommon' );


##############################################################
# Local Constants
##############################################################

# Links created for initial "tomcat" installation that MUST exist!!!
my $jss4_common_symlink   = "/var/lib/tomcat5/common/lib/jss4.jar";
my $osutil_common_symlink = "/var/lib/tomcat5/common/lib/osutil.jar";
my $symkey_common_symlink = "/var/lib/tomcat5/common/lib/symkey.jar";
my $jss4_server_symlink   = "/var/lib/tomcat5/server/lib/jss4.jar";

# Locations of the actual files that the symlinks reference
#     first, try looking for the JSS jar file in a 32-bit directory
my $jss4_jar_file = "$default_system_jni_java_path/jss4.jar";
if (! file_exists($jss4_jar_file)) {
    # not found, try looking for it in a 32-bit dirsec directory
    $jss4_jar_file = "$default_system_jni_java_path/dirsec/jss4.jar";
    if (! file_exists($jss4_jar_file)) {
        # still not found, try looking for it in a 64-bit directory
        $jss4_jar_file = "$default_system_user_libraries/java/jss4.jar";
        if (! file_exists($jss4_jar_file)) {
            # as a last resort, try looking for it in a 64-bit dirsec directory
            $jss4_jar_file = "$default_system_user_libraries/java/dirsec/jss4.jar";
            if (! file_exists($jss4_jar_file)) {
                # unable to find 'jss4.jar' JNI file anywhere
                print( STDERR
                       "ERROR:  Unable to find a 'jss4.jar' JNI jar file!\n" );
                print( STDOUT "\n" );
                exit 255;
            }
        }
    }
}
my $osutil_jar_file = "$default_system_jni_java_path/osutil.jar";
my $symkey_jar_file = "$default_system_jni_java_path/symkey.jar";


##############################################################
# Main Program
##############################################################

# no args
# no return value
sub main()
{
    my $result          = 0;
    my $root_user       = "";
    my $root_group      = "";

    chdir( "/tmp" );

    # On Linux/UNIX, insure that this script is being run as "root".
    $result = check_for_root_UID();
    if( !$result ) {
        exit 255;
    }

    # Establish "root" usr/group based upon platform
    if( $^O eq "linux" ) {
        # Superuser and group to give to PKI installed files
        $root_user = "root";
        $root_group = "root";
    } elsif( $^O eq "solaris" ) {
        # Superuser and group to give to PKI installed files
        $root_user = "root";
        $root_group = "other";
    }

    # Complete setting up PKI framework . . .
    if( !symbolic_link_exists( $jss4_common_symlink ) ) {
        $result = create_symbolic_link( $jss4_common_symlink,
                                        $jss4_jar_file );
        if( !$result ) {
            exit 255;
        }

        $result = give_symbolic_link_to( $jss4_common_symlink,
                                         $root_user,
                                         $root_group );
        if( !$result ) {
            exit 255;
        }
    }

    if( !symbolic_link_exists( $osutil_common_symlink ) ) {
        $result = create_symbolic_link( $osutil_common_symlink,
                                        $osutil_jar_file );
        if( !$result ) {
            exit 255;
        }

        $result = give_symbolic_link_to( $osutil_common_symlink,
                                         $root_user,
                                         $root_group );
        if( !$result ) {
            exit 255;
        }
    }

    if( !symbolic_link_exists( $symkey_common_symlink ) ) {
        $result = create_symbolic_link( $symkey_common_symlink,
                                        $symkey_jar_file );
        if( !$result ) {
            exit 255;
        }

        $result = give_symbolic_link_to( $symkey_common_symlink,
                                         $root_user,
                                         $root_group );
        if( !$result ) {
            exit 255;
        }
    }

    if( !symbolic_link_exists( $jss4_server_symlink ) ) {
        $result = create_symbolic_link( $jss4_server_symlink,
                                        $jss4_jar_file );
        if( !$result ) {
            exit 255;
        }

        $result = give_symbolic_link_to( $jss4_server_symlink,
                                         $root_user,
                                         $root_group );
        if( !$result ) {
            exit 255;
        }
    }

    return;
}


##############################################################
# PKI Instance Removal
##############################################################

main();

exit 0;

