#!/bin/ksh
# @(#)postbackout       1.16 01/07/25 Sun Microsystems

trap 2

#######################################################################################
#
# ENV vars which need to be modified
#

PROC=`uname -p`
if [ "$PROC" = "i386" ]; then
  PATCHID="117757-15"
else
  PATCHID="116856-15"
fi
LOG=/dev/stdout # /dev/null or /dev/stdout
VERSION="PS6.2PC15"
#set -x


#######################################################################################
#
# Static ENV vars
#
ECHO=/usr/bin/echo
UMASK=/usr/bin/umask
CP=/usr/bin/cp
SED=/usr/bin/sed
UNIQ=/usr/bin/uniq
GREP=/usr/bin/grep
LS=/usr/bin/ls
BASENAME=/usr/bin/basename
CAT=/usr/bin/cat
CHMOD=/usr/bin/chmod
CP=/usr/bin/cp
CUT=/usr/bin/cut
DATE=/usr/bin/date
DIRNAME=/usr/bin/dirname
AWK=/usr/bin/awk
ENV=/usr/bin/env
GREP=/usr/bin/grep
ID=/usr/bin/id
LN=/usr/bin/ln
LS=/usr/bin/ls
MKDIR=/usr/bin/mkdir
MV=/usr/bin/mv
NAWK=/usr/bin/nawk
PKGINFO=/usr/bin/pkginfo
RM=/usr/bin/rm
STTY=/usr/bin/stty
TOUCH=/usr/bin/touch

/usr/bin/echo $PATH | /usr/bin/grep "/usr/java/bin[^/]" > /dev/null 2>&1
if [ $? -ne 0 ] ; then
  PATH="$PATH:/usr/java/bin"
  export PATH
fi
PATCHREV=`/usr/bin/echo ${PATCHID} | /usr/bin/awk ' BEGIN { FS="-" } {print $2 }`
PATCHBASE=`/usr/bin/echo ${PATCHID} | /usr/bin/awk ' BEGIN { FS="-" } {print $1 }`
HAS_IDENTITY_SUPER_ADMIN_PASSWORD="n"
HAS_DEPLOY_ADMIN_PASSWORD="n"

# Get value of a key in a flatfile and assign it to ANSWER

GrabConfig() {
  local FILE=$1
  local KEY=$2
  local SEPARATOR=$3

  ANSWER=`$GREP "^$KEY$SEPARATOR" $FILE | $UNIQ | $SED -e "s/$KEY$SEPARATOR//"`
}

pkginfo -q SUNWps
if [ $? -eq 0 ]; then

BELL_CHAR='\a'
STATE_FILE="/etc/opt/SUNWps/PSConfig.properties"
if [ ! -f $STATE_FILE ]; then
  $ECHO "Error: $STATE_FILE does not exist. $BELL_CHAR"
  exit 1
fi

GrabConfig $STATE_FILE "DEPLOY_TYPE" "="
if [ "$ANSWER" != "" ]; then
  DEPLOY_TYPE=$ANSWER
else
  $ECHO "Error: Cannot determine DEPLOY_TYPE. $BELL_CHAR"
  exit 1
fi

if [ "$DEPLOY_TYPE" = "SUNONE" ]; then
  GrabConfig $STATE_FILE "DEPLOY_DIR" "="
  if [ "$ANSWER" != "" ]; then
    DEPLOY_DIR=$ANSWER
  else
    $ECHO "Error: Cannot determine DEPLOY_DIR. $BELL_CHAR"
    exit 1
  fi
  GrabConfig $STATE_FILE "DEPLOY_DOMAIN" "="
  if [ "$ANSWER" != "" ]; then
    DEPLOY_DOMAIN=$ANSWER
  else
    $ECHO "Error: Cannot determine DEPLOY_DOMAIN. $BELL_CHAR"
    exit 1
  fi
  GrabConfig $STATE_FILE "DEPLOY_INSTANCE" "="
  if [ "$ANSWER" != "" ]; then
    DEPLOY_INSTANCE=$ANSWER
  else
    $ECHO "Error: Cannot determine DEPLOY_INSTANCE. $BELL_CHAR"
    exit 1
  fi
  GrabConfig $STATE_FILE "DEPLOY_ADMIN" "="
  if [ "$ANSWER" != "" ]; then
    DEPLOY_ADMIN=$ANSWER
  else
    $ECHO "Error: Cannot determine DEPLOY_ADMIN. $BELL_CHAR"
    exit 1
  fi
  GrabConfig $STATE_FILE "DEPLOY_ADMIN_PORT" "="
  if [ "$ANSWER" != "" ]; then
    DEPLOY_ADMIN_PORT=$ANSWER
  else
    $ECHO "Error: Cannot determine DEPLOY_ADMIN_PORT. $BELL_CHAR"
    exit 1
  fi
else
  GrabConfig $STATE_FILE "DEPLOY_DIR" "="
  if [ "$ANSWER" != "" ]; then
    DEPLOY_DIR=$ANSWER
  else
    $ECHO "Error: Cannot determine DEPLOY_DIR. $BELL_CHAR"
    exit 1
  fi
  GrabConfig $STATE_FILE "DEPLOY_INSTANCE" "="
  if [ "$ANSWER" != "" ]; then
    DEPLOY_INSTANCE=$ANSWER
  else
    $ECHO "Error: Cannot determine DEPLOY_INSTANCE. $BELL_CHAR"
    exit 1
  fi
fi

  GrabConfig $STATE_FILE "BASEDIR" "="
  if [ "$ANSWER" != "" ]; then
     PS_INSTALL_DIR=$ANSWER
  else
     $ECHO "Error: Cannot determine BASEDIR. $BELL_CHAR"
     exit 1
  fi

  GrabConfig $STATE_FILE "IDSAME_BASEDIR" "="
  if [ "$ANSWER" != "" ]; then
     IS_INSTALL_DIR=$ANSWER
  else
     $ECHO "Error: Cannot determine IDSAME_BASEDIR. $BELL_CHAR"
     exit 1
  fi

DEPLOY=$PS_INSTALL_DIR/SUNWps/bin/deploy
ASADMIN="$DEPLOY_DIR/bin/asadmin"

fi # end of checking for Portal Server node

pkginfo -q SUNWpsgw
if [ $? -eq 0 ]; then
  #GrabConfig "/var/sadm/pkg/SUNWpsgw/pkginfo" "BASEDIR=" "="
  #GW_INSTALL_DIR=$ANSWER
  #May need to change this if DSAME and GW are installed on the same machine in different dirs
  GW_INSTALL_DIR=`$GREP "BASEDIR=" /var/sadm/pkg/SUNWpsgw/pkginfo | $GREP -v "IDSAME" | $AWK ' BEGIN { FS="=" } { print $2 }`
fi

###############################################
# Set DEPLOY_INSTANCES
###############################################
SetDeployInstanceList() {
  local INSTANCE=""
  local INSTANCES=""
  local ADMIN_INSTANCE=""
  local TMP_INSTANCES=""

   
  if [ "$DEPLOY_INSTANCE" != "" ]; then
    DEPLOY_INSTANCES="$DEPLOY_INSTANCE"
  else
    if [ "$DEPLOY_TYPE" = "SUNONE" ]; then
      ADMIN_INSTANCE="admin-server"

      INSTANCES=""
      TMP_INSTANCES=`$LS -d $DEPLOY_DOMAIN/* 2>&1`
      if [ $? -eq 0 ]; then
        for INSTANCE in $TMP_INSTANCES; do
          INSTANCES="$INSTANCE $INSTANCES"
        done
      fi
    elif [ "$DEPLOY_TYPE" = "WEBLOGIC" ]; then
      ADMIN_INSTANCE=""

      INSTANCES=""
      if [ -f $STATE_FILE ]; then
        GrabConfig $STATE_FILE "DEPLOY_INSTANCE" "="
        INSTANCES=$ANSWER
      fi
    elif [ "$DEPLOY_TYPE" = "WEBSPHERE" ]; then
      ADMIN_INSTANCE=""

      INSTANCES=""
      if [ -f $STATE_FILE ]; then
        GrabConfig $STATE_FILE "DEPLOY_INSTANCE" "="
        INSTANCES=$ANSWER
      fi
    elif [ "$DEPLOY_TYPE" = "IWS" ]; then
      ADMIN_INSTANCE="admserv"

      INSTANCES=""
      TMP_INSTANCES=`$LS -d $DEPLOY_DIR/https-* 2>&1`
      if [ $? -eq 0 ]; then
        for INSTANCE in $TMP_INSTANCES; do
          INSTANCES="$INSTANCE $INSTANCES"
        done
      fi
    fi

    DEPLOY_INSTANCES=""
    for INSTANCE in $INSTANCES; do
      INSTANCE=`$BASENAME $INSTANCE | $SED -e "s/https-//"`
      if [ "$INSTANCE" != "$ADMIN_INSTANCE" ]; then
        DEPLOY_INSTANCES="$INSTANCE $DEPLOY_INSTANCES"
      fi
    done
  fi
}

##############################################################
#
# Util functions
#

insert_line() {
  file=$1
  match=$2
  new=$3

  #$CP $file $file-orig-$$
  sed -e "
/$match/ {
i\\
$new
}" $file > $file-tmp
mv $file-tmp $file
}

replace_line() {
  file=$1
  match=$2
  new=$3

  #$CP $file $file-orig-$$
  sed -e "
/$match/ {
c\\
$new
}" $file > $file-tmp
mv $file-tmp $file
}

restoreVersionString() {
    pkginfo -q SUNWps
    if [ $? -eq 0 ]; then
      VERSION_FILE=$PS_INSTALL_DIR/SUNWps/lib/PSversion.properties
      $ECHO "`$GREP -v $PATCHID $VERSION_FILE`" > $VERSION_FILE
    fi
    pkginfo -q SUNWpsgw
    if [ $? = 0 ]; then
      VERSION_FILE=$GW_INSTALL_DIR/SUNWps/lib/SRAversion.properties
      # Backout Fix for BugID #5006702
      $SED -e 's/productname=/product=/' $VERSION_FILE > /var/tmp/SRAversion.properties
      $SED -e 's/productversion=/version=/' /var/tmp/SRAversion.properties > $VERSION_FILE     
      $RM /var/tmp/SRAversion.properties
      # End of Backout for fix for BugID #5006702
      $ECHO "`$GREP -v $PATCHID $VERSION_FILE`" > $VERSION_FILE
    fi
}

# function test_bind checks to make sure that the password matches for the super
# admin bind DN set in the Identity config file.  Sets BIND_SUCCESS to y if the
# password given is correct

test_bind() {
  local PASSWD=$1
  GrabConfig "/etc/opt/SUNWps/PSConfig.properties" "IDSAME_BASEDIR" "="
  local IS_INST_DIR=$ANSWER
  GrabConfig "/etc/opt/SUNWps/PSConfig.properties" "BASEDIR" "="
  local PS_INST_DIR=$ANSWER
  local BIND_DN=`$GREP "com.sun.identity.authentication.super.user" "$IS_INST_DIR/SUNWam/lib/AMConfig.properties" | cut -d "=" -f2-`
  `$PS_INST_DIR/SUNWps/bin/rwadmin list --runasdn "$BIND_DN" --password "$PASSWD" | $GREP -i "Authorization Failed" > /dev/null 2>&1`
  if [ $? -eq 0 ]; then
    $ECHO "Authentication failed for user $BIND_DN..."
    BIND_SUCCESS=n
  else
    BIND_SUCCESS=y
  fi
}

GetDeployAdminPassword() {
DONE="n"
while [ "$DONE" = "n" ]; do
  $ECHO
  $ECHO "Please enter Application Server Administration Password: "
  $STTY -echo
  read PASSWORD
  $STTY echo
  if [ "$PASSWORD" != "" ]; then
    print "Again? $OMIT_CHAR"
    $STTY -echo
    read PASSWORD_REPEAT
    $STTY echo
    print ""
    if [ "$PASSWORD" != "$PASSWORD_REPEAT" ]; then
      print "Passwords do not match! $BELL_CHAR"
    else
      DONE="y"
    fi
  fi
done
HAS_DEPLOY_ADMIN_PASSWORD="y"
DEPLOY_ADMIN_PASSWORD=$PASSWORD
}

GetIdentitySuperAdminPassword() {
BIND_SUCCESS="n"
typeset -i fail_count=0
while (( $fail_count < 3 )) && [ $BIND_SUCCESS = "n" ]
do
  DONE="n"
  while [ "$DONE" = "n" ]; do
    $ECHO
    $ECHO "Please Enter Identity Server Super Administrator Password: "
    $STTY -echo
    read PASSWORD
    $STTY echo
    if [ "$PASSWORD" != "" ]; then
      print "Again? $OMIT_CHAR"
      $STTY -echo
      read PASSWORD_REPEAT
      $STTY echo
      print ""
      if [ "$PASSWORD" != "$PASSWORD_REPEAT" ]; then
        print "Passwords do not match! $BELL_CHAR"
      else
        DONE="y"
      fi
    fi
  done
  test_bind $PASSWORD
  ((fail_count=$fail_count + 1))
  if (( $fail_count == 3 )); then
    $ECHO "Failed to authenticate 3 times..."
  fi
done
IS_ADMIN_PASSWORD=$PASSWORD
HAS_IDENTITY_SUPER_ADMIN_PASSWORD="y"
}




#######################################################################################
#
# Helper functions specific to handling previous patch revisions 
#

# function sort_arr sorts an array lexicographically and writes a global val NEW_ARR 
#   with the results

sort_arr() {
  set -s
  set -A NEW_ARR $*
}

# function call_rev_mods() calls rev_mods for every revision between the current 
#   revision on the system, and the revision of the patch to be installed
#   for backout, the order is reversed

call_rev_mods() {
  typeset -i patch_rev=$1
  typeset -i orig_rev=$2

  while (($orig_rev < $patch_rev))
  do
    rev_mods $patch_rev;
    ((patch_rev=$patch_rev - 1))
  done
}

######################################################################################
#
# rev_mods handles all profile updates file manipulation and anything else which may
#   be required by the patch itself.  rev_mods is the workhorse of the patch install
#   script. 
#

rev_mods() {
  typeset -i rev=$1

  if [[ $rev == 1 ]]
  then
  #########Make changes for Rev01 here###########
  echo "Backing out changes for $PATCHBASE-01..."
  #########End of changes for Rev01##############
  elif [[ $rev == 2 ]]
  then
  #########Make changes for Rev02 here###########
  echo "Backing out changes for $PATCHBASE-02..."
  ###############################################
  #########End of changes for Rev02##############
  elif [[ $rev == 3 ]]
  then
  #########Make changes for Rev03 here###########
  echo "Backing out changes for $PATCHBASE-03..."
  ###############################################  
  #########End of changes for Rev03##############
  elif [[ $rev == 4 ]]
  then
  #########Make changes for Rev04 here###########
  echo "Backing out changes for $PATCHBASE-04..."
  ###############################################

  #==============================================
  #
  # REV04
  # Backout of version logic changes
  #
  #==============================================

  $ECHO "Backing out version logic changes..."
  GWSTARTFILE=/etc/init.d/gateway
  if [ -f $GWSTARTFILE.pre$PATCHID ]; then
    $MV $GWSTARTFILE.pre$PATCHID $GWSTARTFILE
    $CHMOD 755 $GWSTARTFILE
  fi

  GWSTARTFILE=$GW_INSTALL_DIR/SUNWps/bin/gateway
  if [ -f $GWSTARTFILE.pre$PATCHID ]; then
    $MV $GWSTARTFILE.pre$PATCHID $GWSTARTFILE
    $CHMOD 755 $GWSTARTFILE
  fi

  VERSIONSCRIPT=$PS_INSTALL_DIR/SUNWps/bin/version
  if [ -f $VERSIONSCRIPT.pre$PATCHID ]; then
    $MV $VERSIONSCRIPT.pre$PATCHID $VERSIONSCRIPT
    $CHMOD 755 $VERSIONSCRIPT
  fi

  #==============================================
  #
  # REV04
  # Remove the new OWA2003 rewriter ruleset 
  #
  #==============================================

  pkginfo -q SUNWps
  if [ $? -eq 0 ]; then
    $ECHO "Removing Exchange 2003 Ruleset..."
    if [ $HAS_IDENTITY_SUPER_ADMIN_PASSWORD = "n" ]; then
      GetIdentitySuperAdminPassword
    fi
    BIND_DN=`$GREP "com.sun.identity.authentication.super.user" "$IS_INSTALL_DIR/SUNWam/lib/AMConfig.properties" | cut -d "=" -f2-`
    if [ $BIND_SUCCESS = "y" ]; then
      $PS_INSTALL_DIR/SUNWps/bin/rwadmin list --runasdn "$BIND_DN" --password "$IS_ADMIN_PASSWORD" | $GREP "exchange_2003_owa_ruleset" > /dev/null 2>&1
      if [ $? -eq 0 ]; then 
        $PS_INSTALL_DIR/SUNWps/bin/rwadmin remove --runasdn "$BIND_DN" --password "$IS_ADMIN_PASSWORD" --rulesetid "exchange_2003_owa_ruleset" > /dev/null 2>&1
      fi
    fi
  fi


  #########End of changes for Rev04##############
  elif [[ $rev == 5 ]]
  then
  #########Make changes for Rev05 here###########
  echo "Backing out changes for $PATCHBASE-05..."
  ###############################################

  #########End of changes for Rev05##############
  elif [[ $rev == 6 ]]
  then
  #########Make changes for Rev06 here###########
  echo "Backing out changes for $PATCHBASE-06..."
  ###############################################

  #########End of changes for Rev06##############
  elif [[ $rev == 7 ]]
  then
  #########Make changes for Rev07 here###########
  echo "Backing out changes for $PATCHBASE-07..."
  ###############################################

  #########End of changes for Rev07##############
  elif [[ $rev == 8 ]]
  then
  #########Make changes for Rev08 here###########
  echo "Backing out changes for $PATCHBASE-08..."
  ###############################################

  #==============================================
  #
  # REV08
  # Remove the new iDA rewriter ruleset
  #
  #==============================================

  pkginfo -q SUNWps
  if [ $? -eq 0 ]; then
    $ECHO "Removing Delegated Administrator Ruleset..."
    if [ $HAS_IDENTITY_SUPER_ADMIN_PASSWORD = "n" ]; then
      GetIdentitySuperAdminPassword
    fi
    BIND_DN=`$GREP "com.sun.identity.authentication.super.user" "$IS_INSTALL_DIR/SUNWam/lib/AMConfig.properties" | cut -d "=" -f2-`
    if [ $BIND_SUCCESS = "y" ]; then
      $PS_INSTALL_DIR/SUNWps/bin/rwadmin list --runasdn "$BIND_DN" --password "$IS_ADMIN_PASSWORD" | $GREP "ida_ruleset" > /dev/null 2>&1
      if [ $? -eq 0 ]; then
        $PS_INSTALL_DIR/SUNWps/bin/rwadmin remove --runasdn "$BIND_DN" --password "$IS_ADMIN_PASSWORD" --rulesetid "ida_ruleset" > /dev/null 2>&1
      fi
    fi
  fi


  #########End of changes for Rev08##############
  elif [[ $rev == 9 ]]
  then
  #########Make changes for Rev09 here###########
  echo "Backing out changes for $PATCHBASE-09..."
  ###############################################

  #########End of changes for Rev09##############
  elif [[ $rev == 10 ]]
  then
  #########Make changes for Rev10 here###########
  echo "Backing out changes for $PATCHBASE-10..."
  ###############################################

  #########End of changes for Rev10##############
  elif [[ $rev == 11 ]]
  then
  #########Make changes for Rev11 here###########
  echo "Backing out changes for $PATCHBASE-11..."
  ###############################################

  #########End of changes for Rev11##############
  elif [[ $rev == 12 ]]
  then
  #########Make changes for Rev12 here###########
  echo "Backing out changes for $PATCHBASE-12..."
  ###############################################

  #########End of changes for Rev12##############
  elif [[ $rev == 13 ]]
  then
  #########Make changes for Rev13 here###########
  echo "Backing out changes for $PATCHBASE-13..."
  ###############################################

  #########End of changes for Rev13##############
  elif [[ $rev == 14 ]]
  then
  #########Make changes for Rev14 here###########
  echo "Backing out changes for $PATCHBASE-14..."
  ###############################################

  elif [[ $rev == 15 ]]
  then
  #########Make changes for Rev15here###########
  echo "Backing out changes for $PATCHBASE-15..."
  ###############################################
  #########End of changes for Rev15##############


  #########End of rev_mods huge if block#########
  fi
}

#######################################################################################
#
# Check for previous patch revisions.  If there are not any, then continue with profile
#    updates and flatfile manipulation.  For more than one patch revision, use another
#    'if' block so that the statements are not executed multiple times.  Check for the
#    highest rev first, and then only make changes from it to the current rev.
#    EX:  PATCHREV=04
#         if 03, then only apply changes for 04
#         if 02, then apply changes for 03, and 04
#         if 01, then apply changes for 02, 03, and 04
#         else, just apply changes for 04
#    
#    Note: These steps are necessary for the cummulative patch process to work correctly
#

# Function check_patch_revs checks for the existence of previous patch revisions for 
#    the current patch being installed.

check_patch_revs() {

  /usr/bin/echo "Checking for previous patch revisions..."

  # First get highest rev for the patch
  set -A CURRENT_REVS `showrev -p | /usr/bin/nawk ' { print substr($0, match($0, "Patch:")+7)} ' | \
  /usr/bin/sed 's/ Obsoletes:.*//g' | grep ${PATCHBASE} | /usr/bin/awk ' BEGIN { FS="-" } {print $2} '`

  typeset -i NUM_REVS=${#CURRENT_REVS[*]}

  # Check case where there may be no patch revisions installed
  if [[ $NUM_REVS > 0 ]]
  then 

    # Now sort it and get the highest rev currently installed
    sort_arr ${CURRENT_REVS[*]}

    HIGHEST_REV=${NEW_ARR[${NUM_REVS}-1]}
  
    call_rev_mods ${PATCHREV} ${HIGHEST_REV}
  else
    call_rev_mods ${PATCHREV} '00'
  fi

} 

#######################################################################################
#
# Main processing
#
check_patch_revs
restoreVersionString

#######################################################################################
#
# Restart the Server
#

pkginfo -q SUNWps
if [ $? -eq 0 ]; then
  /usr/bin/echo ""
  # redeploy
  $ECHO ""
  $ECHO "Redeploying Portal Web Services...."
  $DEPLOY redeploy > /dev/null 2>&1

  ## restart the instances of webserver and appserver
  SetDeployInstanceList
  if [ $DEPLOY_TYPE="IWS" ]; then
      $ECHO "Restarting webserver instances ..."
      if [ -f /etc/init.d/amserver ]; then
        /etc/init.d/amserver startall
      fi
      ########Commented out because portal web module is not deployed
      ########propertly when started in this manner from the script
      #for SERVER_INSTANCE in $DEPLOY_INSTANCES
      #  do
      #     $ECHO
      #     $ECHO "Instance --- $SERVER_INSTANCE"
      #     $DEPLOY_DIR/https-$SERVER_INSTANCE/stop
      #     $ECHO "DEBUG: Calling $DEPLOY_DIR/https-$SERVER_INSTANCE/start..."
      #     $DEPLOY_DIR/https-$SERVER_INSTANCE/start
      #  done
  elif [ $DEPLOY_TYPE="SUNONE" ]; then
       $ECHO "Restarting Appserver instances ..."
       for SERVER_INSTANCE in $DEPLOY_INSTANCES
        do
           $ECHO
           $ECHO "Instance --- $SERVER_INSTANCE"
           $DEPLOY_DOMAIN/$SERVER_INSTANCE/bin/stopserv
           $DEPLOY_DOMAIN/$SERVER_INSTANCE/bin/startserv
      done
  fi
fi

pkginfo -q SUNWpsgw
if [ $? -eq 0 ]; then
  $ECHO ""
  $ECHO "Restarting Portal Gateway..."
  /etc/init.d/gateway stop
  /etc/init.d/gateway start
  $ECHO "Gateway restarted.  Please wait a moment before connecting to it."
fi


#
# Done
#

/usr/bin/echo ""
/usr/bin/echo "Postbackout processing complete."

trap ''
