#!/bin/bash


# prompt for java


function askForJavaHome {
    if [ -z "$JAVA_HOME" ] ; then
        echo "The JAVA_HOME environment variable is not set."
    else
      if [ -d "$JAVA_HOME" ]; then	
         echo "JAVA_HOME is currently set to $JAVA_HOME "
      fi
    fi

    # Let's guess where java is installed

   j_versions=`ls -F /root/ | grep "/" | grep jrockit | grep '1.5.0' | wc -l`
   if [ "$j_versions" != "0" ]; then
      echo " "
      


      jrockit_path=/root/`ls -F /root/ | grep "/" | grep jrockit | grep '1.5.0' | sed "s#\/##"`
      export JAVA_HOME="$jrockit_path"
      if [ "$j_versions" != "1" ]; then
          echo "Choose the JRE version you want to use:"
          for guess in `ls -F /root/ | grep "/" | grep jrockit | sed "s#\/##" | grep '1.5.0' `
	  do
	         echo "/root/$guess"
          done
	  echo " "
          read JAVA_HOME
          jrockit_path="$JAVA_HOME"
      fi
     
	      
   fi

   if [ "$j_versions" == "0" ]; then
      jrockit_path=/usr/java/`ls -F /usr/java/ | grep "/" | grep jrockit | grep '1.5.0' | sed "s#\/##"`
      if [ "$jrockit_path" != "/usr/java/" ]; then
	    j_versions=`ls -F /usr/java/ | grep "/" | grep jrockit | grep '1.5.0' | wc -l`
	    if [ "$j_versions" != "1" -a "$j_versions" != "0" ]; then
	      echo " "
	      echo "Choose the JRE version you want to use:"
	      for guess in `ls -F /usr/java/ | grep "/" | grep jrockit | sed "s#\/##" | grep '1.5.0' `
	      do
	         echo "/usr/java/$guess"
	      done
	         echo " "
	      read JAVA_HOME
	      jrockit_path="$JAVA_HOME"
	    fi
          if [ "$jrockit_path" == "/usr/java/" ]; then
             jrockit_path=""
          fi
      
         
      fi
           

   fi
   if [ -z "$jrockit_path" ]; then
      echo "Enter the location of the java SDK installation on your system "
      echo " or type exit to echo exit the installer."
      read JAVA_HOME
      if [ "$JAVA_HOME" == "exit" ] ; then
         echo "Exiting the installer.  See the HP Integrity Essentials Foundation Pack for "
         echo "Linux User's Guide for more information about installing java."
         exit 0
      fi
   
      export JAVA_HOME="$JAVA_HOME"
   else
      if [ "$j_versions" == "1" ]; then
         echo " "
         echo -e "Enter the location of the java SDK installation on your system or type "
         echo -e "exit to exit the installer. Press enter to use $jrockit_path "
         read JAVA_HOME
         if [ "$JAVA_HOME" == "exit" ] ; then
	          	  echo " "
	 	          echo "Exiting the installer.  See the HP Integrity Essentials Foundation Pack for "
	 	          echo "Linux User's Guide for more information about installing java."
	 	          exit 0
         fi
         export JAVA_HOME="$jrockit_path"
         
      fi
      if [ "$j_versions" == "0" ]; then
         echo " "
         echo "Enter the location of the java SDK installation on your system "
         echo "/usr/java/jdk1.*.*) or type exit to echo exit the installer."
         read JAVA_HOME

         if [ "$JAVA_HOME" == "exit" ] ; then
         	  echo " "
	          echo "Exiting the installer.  See the HP Integrity Essentials Foundation Pack for "
	          echo "Linux User's Guide for more information about installing java."
	          exit 0
         fi
      fi
      export JAVA_HOME="$JAVA_HOME"
      echo " "
     
   fi
   
  return 0
}
function checkJavaHome {
  while [ -z "$JAVA_HOME" ] ; do
    return 1
  done
  if [ -x "$JAVA_HOME/bin/java" ] ; then
    for javaVersion in `$JAVA_HOME/bin/java -version 2>&1 | awk ' { print $3 } ' | tr -d '\"'` 
    do  
        break 
    done
  else
    echo "JAVA_HOME does not point to a java installation."
    return 1
  fi
  majorJavaVersion=`echo $javaVersion | sed 's/_.*'//`
  minorJavaVersion=`echo $javaVersion | sed 's/.*_'//`
#  if [ "$majorJavaVersion" != "1.5.0" ] ; then
#    echo "JAVA_HOME points to an unsupported version of java. The java revision "
#    echo "should be jrockit-R27.1.0-jdk1.5.0 instead of $majorJavaVersion"
#    return 1
#  fi
#  if [ -z "$minorJavaVersion" ] ; then
#    echo "JAVA_HOME points to an unsupported version of java."
#    return 1
#  fi
  #does the minor version contain non digis
#  checkForNonDigits=`echo $minorJavaVersion | sed 's/[[:digit:]]//g'`
#  if [ -n "$checkForNonDigits" ] ; then
#    echo "JAVA_HOME points to an unsupported version of java."
#    return 1
#  fi
#  if [ $minorJavaVersion -lt 03 ] ; then
#    echo "JAVA_HOME points to an older version of java."
#    return 1
#  fi

  if [ ! -x $JAVA_HOME/bin/javac ] ; then
    echo "$JAVA_HOME/bin/javac is not present.  The sun SDK is required."
    return 1
  fi
  return 0
}
function mainCheckJavaHome {
CORRECT_JAVA=1
while [ $CORRECT_JAVA -ne 0 ]
do
checkJavaHome
if [ $? -ne 0 ] ; then
  askForJavaHome
  if [ $? -ne 0 ] ; then
    return 1
  fi
else 
  CORRECT_JAVA=0
fi
done
echo " "
echo " "
echo "===================================================="
echo "===        JAVA_HOME successfully defined.       ==="
echo "===                                              ==="
echo "===  Please, wait until tomcat_cfg is finishing  ==="
echo "===  the installation.                           ==="
echo "===================================================="

java_path="${JAVA_HOME}/bin/java"
}

mainCheckJavaHome




cleansweep_dir="/opt/hp/hpsmh"

#We create configuration files

if [ ! -d "/opt/hp/hpsmh/tomcat/conf" ] ; then
	mkdir ${cleansweep_dir}/tomcat/conf
	cp /tmp/tomcat_tmp/web.xml ${cleansweep_dir}/tomcat/conf
	cp /tmp/tomcat_tmp/server.in.xml ${cleansweep_dir}/tomcat/conf
	cp /tmp/tomcat_tmp/catalina.policy ${cleansweep_dir}/tomcat/conf
	chown hpsmh ${cleansweep_dir}/tomcat
	chgrp hpsmh ${cleansweep_dir}/tomcat

	touch ${cleansweep_dir}/tomcat/conf/java.conf
	touch ${cleansweep_dir}/tomcat/conf/server.xml
	touch ${cleansweep_dir}/tomcat/conf/truststore.properties
	touch ${cleansweep_dir}/tomcat/keystore

	chmod 644 ${cleansweep_dir}/tomcat/conf/java.conf
	chmod 644 ${cleansweep_dir}/tomcat/conf/server.xml
	chmod 644 ${cleansweep_dir}/tomcat/conf/truststore.properties
	chmod 644 ${cleansweep_dir}/tomcat/keystore
	chown hpsmh:hpsmh ${cleansweep_dir}/tomcat/conf/java.conf
	chown hpsmh:hpsmh ${cleansweep_dir}/tomcat/conf/server.xml
	chown hpsmh:hpsmh ${cleansweep_dir}/tomcat/conf/truststore.properties
	chown hpsmh:hpsmh ${cleansweep_dir}/tomcat/keystore
else
	echo ""
fi


keystore_pass="`for i in $(seq 1 50); do echo -n $RANDOM; done | md5sum | cut -d' ' -f 1`"

echo "${java_path}" | xargs dirname | xargs dirname > "${cleansweep_dir}/tomcat/conf/java.conf"

keytool="`echo ${java_path} | xargs dirname`/keytool"

cp "${cleansweep_dir}/tomcat/conf/server.in.xml" "${cleansweep_dir}/tomcat/conf/server.xml"
sed "s/@keystore_pass@/${keystore_pass}/" "${cleansweep_dir}/tomcat/conf/server.xml" > /tmp/server.xml.tmp
mv /tmp/server.xml.tmp "${cleansweep_dir}/tomcat/conf/server.xml"

rm -f "${cleansweep_dir}/tomcat/keystore"
yes | "${keytool}" -genkey -alias tomcat -keyalg RSA -keystore "${cleansweep_dir}/tomcat/keystore" -validity 3650 -keypass "${keystore_pass}" -storepass "${keystore_pass}" >/dev/null 2>/dev/null

# create a working dir 
xdir=`mktemp -d /tmp/ctlins.XXXXXX 2>/dev/null`
mkdir -p "${xdir}/certs"

# generate key and certificate
openssl genrsa -out "${xdir}/certs/proxy.key" 1024 > /dev/null 2>&1
yes NA | openssl req -new -key "${xdir}/certs/proxy.key" -x509 -days 3670 -out "${xdir}/certs/proxy.crt" > /dev/null 2>&1

# import cert as a trusted cert into Tomcat keystore 
yes yes | "${keytool}" -import -trustcacerts -keystore "${cleansweep_dir}/tomcat/keystore" -file  "${xdir}/certs/proxy.crt" -alias cs_proxy_cert -storepass "${keystore_pass}" > /dev/null 2>&1 

# install proxy certificate for cleansweep use 
cat "${xdir}/certs/proxy.key" > "${xdir}/certs/proxy.pem"
cat "${xdir}/certs/proxy.crt" >> "${xdir}/certs/proxy.pem"
if [ ! -d "/opt/hp/sslshare" ]; then
  mkdir /opt/hp/sslshare
fi
cp -f "${xdir}/certs/proxy.pem" "/opt/hp/sslshare"

# set up truststore properties, so Tomcat uses its own keystore for         
# trusted certificates lookup, instead of cacerts, the defualt one in java 

echo '# Properties for tomcat security. DO NOT EDIT THIS FILE.' > ${cleansweep_dir}/tomcat/conf/truststore.properties
echo "javax.net.ssl.trustStore=${cleansweep_dir}/tomcat/keystore" >> ${cleansweep_dir}/tomcat/conf/truststore.properties
echo "javax.net.ssl.trustStorePassword=${keystore_pass}" >> ${cleansweep_dir}/tomcat/conf/truststore.properties

# remove tmp dir
rm -rf ${xdir}/certs

# 
chown hpsmh ${cleansweep_dir}/tomcat/keystore
chgrp hpsmh ${cleansweep_dir}/tomcat/keystore
chown hpsmh ${cleansweep_dir}/tomcat/conf/server.xml
chgrp hpsmh ${cleansweep_dir}/tomcat/conf/server.xml
chown hpsmh /opt/hp/sslshare/proxy.pem
chgrp hpsmh /opt/hp/sslshare/proxy.pem
chmod 400 /opt/hp/sslshare/proxy.pem
chown hpsmh:hpsmh ${cleansweep_dir}/tomcat/conf/java.conf

chmod 400 ${cleansweep_dir}/tomcat/conf/truststore.properties 
chown hpsmh:hpsmh ${cleansweep_dir}/tomcat/conf/truststore.properties

chmod 400 ${cleansweep_dir}/tomcat/conf/server.xml 
chmod 400 ${cleansweep_dir}/tomcat/keystore

#
/etc/init.d/hpsmhd restart

