#!/bin/sh
# Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
# PROPRIETARY/CONFIDENTIAL.  Use of this product is subject to license terms.

PATH=/bin:/usr/bin:/sbin:/usr/sbin

#
PS_HOME=${BASE_DIR}/${PRODUCT_DIR}
IS_HOME=${IDSAME_BASE_DIR}/SUNWam

FILE_GW_INSTANCE_SETUP=/etc/opt/${PRODUCT_DIR}/platform.conf
FILE_GW_INSTANCE_SETUP_DIR=/etc/opt/${PRODUCT_DIR}
FILE_GW_LOG=/var/opt/${PRODUCT_DIR}/debug/gateway.log
FILE_VERSION=${BASE_DIR}/${PRODUCT_DIR}/lib/SRAversion.properties

FILE_GATEWAY_PID=/var/opt/${PRODUCT_DIR}/.gw.pid # Reverse Proxy pid
FILE_GATEWAY_PORT=/var/opt/SUNWps/.gw.            # Reverse Proxy port

IS_CHROOT=0          # Running from chroot env? 1=yes 0=no
CHROOT_DIR=CHROOTDIR # Chroot directory

TEXTDOMAIN=gwscripts
TEXTDOMAINDIR=${BASE_DIR}/${PRODUCT_DIR}/locale
export TEXTDOMAIN
export TEXTDOMAINDIR
export LANG
NEWLINE='\n'

# Shared components, utilities
NOHUP=/usr/bin/nohup
GETTEXT=/usr/bin/gettext
JSS_NSS_NSPR_LIBPATH=/usr/lib/mps/secv1
JSS_JAR=/usr/share/lib/mps/secv1/jss3.jar

###############################################################################

###############################################
#
###############################################
GrabConfig() {
    ANSWER=`grep "^$2$3" $1 | uniq | sed -e "s/$2$3//"`
}
GrabConfigSingle() {
    ANSWER=`grep "^$2$3" $1 | uniq | sed -e "s/$2$3//" | tr -d "\t " `
}

###############################################
#
###############################################
GetJDKVersion() {
    AWK=/usr/bin/awk
    SED=/usr/bin/sed

    if [ -x ${JAVA_HOME}/bin/java ]; then
        ANSWER_VERSION=`${JAVA_HOME}/bin/java -fullversion 2>&1 | ${AWK} '{print $4}' | ${SED} -e "s/\"//g"`
    else
        ANSWER_VERSION=""
    fi

    INDEX1_4=`echo ${ANSWER_VERSION} | ${AWK} '{print index($0,"1.4")}'`
    INDEX1_3=`echo ${ANSWER_VERSION} | ${AWK} '{print index($0,"1.3")}'`

    if [ "${INDEX1_4}" = "1" ]; then
        JDK_VERSION="1.4"
    else
        if [ "${INDEX1_3}" = "1" ]; then
            JDK_VERSION="1.3"
        fi
    fi
}

###############################################
#
###############################################
GearUp() {
    # cd Out of CDROM dir, otherwise CDROM can't eject
    cd /var/opt/SUNWps/debug

    GrabConfig $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "gateway.jdk.dir" "="
    JAVA_HOME=$ANSWER
    GetJDKVersion

    GrabConfigSingle $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "gateway.host" "="
    GATEWAY_HOST=$ANSWER
    GrabConfigSingle $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "gateway.port" "="
    GATEWAY_PORT=$ANSWER
    GrabConfigSingle $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "gateway.protocol" "="
    GATEWAY_PROTOCOL=$ANSWER
    GrabConfigSingle $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "gateway.notification.url" "="
    GATEWAY_NOTIFICATION_URL=$ANSWER
    IDENTITY_NOTIFICATION_URL=$GATEWAY_PROTOCOL://$GATEWAY_HOST:$GATEWAY_PORT/$GATEWAY_NOTIFICATION_URL

    GrabConfigSingle $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "portal.server.instance" "="
    IS_CONFIG_NAME=$ANSWER

    GrabConfigSingle $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "gateway.retries" "="
    TRY_COUNT=$ANSWER

    GrabConfig $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "gateway.certdir" "="
    DIRECTORY_CERT_DB=$ANSWER
    FILE_CERT_DB_PASSWORD=$DIRECTORY_CERT_DB/.jsspass
    FILE_CERT_NICKNAME=$DIRECTORY_CERT_DB/.nickname

    GrabConfigSingle $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "http.proxySet" "="
    HTTP_PROXY_SET=$ANSWER
    GrabConfigSingle $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "http.proxyHost" "="
    HTTP_PROXY_HOST=$ANSWER
    GrabConfigSingle $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "http.proxyPort" "="
    HTTP_PROXY_PORT=$ANSWER
}

###############################################
#
###############################################
DoDebug() {
    if [ "$1" = "debug" ]; then
        echo "`$GETTEXT 'Gateway debugging on'`"
        log=/dev/stdout
        NOHUP=""
    else
        log=/dev/null
    fi
}

###############################################
#
###############################################
LogGatewayCertificateStatus() {
    NICKNAME=`cat $FILE_CERT_NICKNAME`
    echo "`$GETTEXT 'Gateway certificate status'` ($NICKNAME) `$JAVA_HOME/bin/java -ms64m -mx128m -classpath ${CLASSPATH} com.sun.portal.cli.cert.CertUtil -option=verifycert $DIRECTORY_CERT_DB "en_US" $NICKNAME`" >> $FILE_GW_LOG.$GW_INSTANCE 2>&1
}

###############################################
#
###############################################
CheckPortalInstance() {
    index=0
    while [ $index -le $TRY_COUNT ]; do
        FindPortalInstance
        if [ "$DSAME_AGENT" != "" ]; then
            break;
        fi

        echo "`$GETTEXT 'Portal Server Gateway is waiting for Portal Server to start first!'`"
        index=`expr $index + 1`
        sleep 10
    done

    if [ "$DSAME_AGENT" = "" ]; then
        echo "`date`... " >> $FILE_GW_LOG.$GW_INSTANCE 2>&1
        echo "`$GETTEXT 'Portal Server Gateway cannot get started. Portal Server has to start first.'` " >> $FILE_GW_LOG.$GW_INSTANCE 2>&1
        exit 1
    fi
}

FindPortalInstance() {
    instance=0
    while [ true ]; do
        GrabConfigSingle $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "gateway.dsame.agent.$instance" "="
        DSAME_INSTANCE=$ANSWER

        if [ "$DSAME_INSTANCE" = "" ]; then
            break;
        fi

        PORTAL_HOST=`echo "$DSAME_INSTANCE" | cut -d/ -f3 | cut -d: -f1`
        PORTAL_PORT=`echo "$DSAME_INSTANCE" | cut -d/ -f3 | cut -d: -f2`
        $PS_HOME/bin/checkport $PORTAL_HOST $PORTAL_PORT 3
        if [ $? -eq  0 ]; then
            DSAME_AGENT="$DSAME_INSTANCE"
            break;
        fi
        instance=`expr $instance + 1`
    done
}

###############################################
# Set the CLASSPATH and LD_LIBRARY_PATH
###############################################
SetPath() {
    # Classpath
    IS_CLASSPATH="$IS_HOME/lib:$IS_HOME/locale:$IS_HOME/lib/am_sdk.jar:$IS_HOME/lib/am_services.jar:$IS_HOME/lib/am_logging.jar:$IS_HOME/lib/servlet.jar"
    JCE_CLASSPATH="$IS_HOME/lib/jce1_2_1.jar:$IS_HOME/lib/local_policy.jar:$IS_HOME/lib/US_export_policy.jar:$IS_HOME/lib/sunjce_provider.jar"
    # Classpath is w.r.t. working directory that is $PS_HOME
    GW_CLASSPATH="lib:locale:lib/gateway.jar:lib/rewriter.jar:lib/certadmin.jar:lib/ssl.jar:lib/x509v1.jar"

    GW_CLASSPATH="$IS_CLASSPATH:$JCE_CLASSPATH:$JSS_JAR:$GW_CLASSPATH"

    if [ -z "$CLASSPATH" ] ; then
	    CLASSPATH="$GW_CLASSPATH"
    else
	    CLASSPATH="$GW_CLASSPATH:$CLASSPATH"
    fi
    export CLASSPATH

    # LD_LIBRARY_PATH
    if [ -z "$LD_LIBRARY_PATH" ] ; then
	    LD_LIBRARY_PATH="$JSS_NSS_NSPR_LIBPATH:$PS_HOME/lib/solaris/sparc"
    else
	    LD_LIBRARY_PATH="$JSS_NSS_NSPR_LIBPATH:$PS_HOME/lib/solaris/sparc:$LD_LIBRARY_PATH"
    fi
    export LD_LIBRARY_PATH

}

###############################################
#
###############################################
Start() {
    cd $PS_HOME

    echo "`$GETTEXT 'Starting gateway... '`\c"
    echo "`date`... " >> $FILE_GW_LOG.$GW_INSTANCE 2>&1
#    LogGatewayCertificateStatus
    echo "`$GETTEXT 'Portal Server Gateway started.'` " >> $FILE_GW_LOG.$GW_INSTANCE 2>&1

    CMD="$JAVA_HOME/bin/java $NATIVE_THREAD -ms64m -mx128m -classpath $CLASSPATH $DEFINES1 $DEFINES2 $DEFINES3 $DEFINES4 $DEFINES5 $PROXY_DEFINES $BOOT_CLASSPATH com.sun.portal.netlet.eproxy.EProxy"
    if [ "$IS_CHROOT" -eq 1 ] ; then
        ($NOHUP chroot $CHROOT_DIR ${CMD}) \
	    > $log 2>&1 &
    else
        ($NOHUP ${CMD}) > $log 2>&1 &
    fi

    echo $! > ${FILE_GATEWAY_PID}.${GW_INSTANCE}
    chmod 400 ${FILE_GATEWAY_PID}.${GW_INSTANCE}
    echo "`$GETTEXT 'done.'`"
}

###############################################
#
###############################################
StartGateway() {
    # Use native threads if JDK supports '-native' option
    native_test1=`${JAVA_HOME}/bin/java -native 2>&1 | grep -i "illegal\ argument"`
    native_test2=`${JAVA_HOME}/bin/java -native 2>&1 | grep -i "not\ supported"`
    if [ -z "$native_test1" ] && [ -z "$native_test2" ]; then
        NATIVE_THREAD=-native
    else
        NATIVE_THREAD=""
    fi

    # Defines or Java system properties
    DEFINES1="-Dsun.net.inetaddr.ttl=0 -Djava.protocol.handler.pkgs=com.iplanet.services.comm"
    DEFINES2="-Dcom.iplanet.am.notification.url=$IDENTITY_NOTIFICATION_URL -Dgateway.notification.url=$GATEWAY_NOTIFICATION_URL"
    DEFINES3="-Dgateway.keybase=$DIRECTORY_CERT_DB -Dgateway.pass=$FILE_CERT_DB_PASSWORD -Dgateway.nickname=$FILE_CERT_NICKNAME"
    DEFINES4="-Djava.util.logging.manager=com.sun.identity.log.LogManager -Djava.util.logging.config.file=$IS_HOME/lib/LogConfig.properties"

    DEFINES5="-Dgateway.profilename=$GW_INSTANCE -Dconf.suffix=$GW_INSTANCE"
    if [ "$IS_CONFIG_NAME" -ne "" ]; then
        DEFINES5="$DEFINES5 -Dserver.name=$IS_CONFIG_NAME"
    fi

    BOOT_CLASSPATH="-Xbootclasspath/p:$IS_HOME/lib/jdk_logging.jar"
    useProxy="false"
    if [ "$HTTP_PROXY_SET" = "true" ]; then
        useProxy="true"
        if [ "$HTTP_PROXY_HOST" = "" ]; then
            useProxy="false"
        fi
        if [ "$HTTP_PROXY_PORT" = "" ]; then
            useProxy="false"
      fi
    fi

    if [ "$useProxy" = "false" ]; then
        # Verify if Portal Server is up
        CheckPortalInstance
    else
        GrabConfigSingle $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE "gateway.dsame.agent.$instance" "="
        DSAME_AGENT=$ANSWER
        PROXY_DEFINES="-Dhttp.proxySet=$HTTP_PROXY_SET -Dhttp.proxyHost=$HTTP_PROXY_HOST -Dhttp.proxyPort=$HTTP_PROXY_PORT"
    fi

    DEFINES5="$DEFINES5 -Dgateway.dsame.agent=$DSAME_AGENT"

    # Start
    Start
}

###############################################
#
###############################################
StopGateway() {
    if [ -s $FILE_GATEWAY_PID.$GW_INSTANCE ]; then
	    pid=`cat $FILE_GATEWAY_PID.$GW_INSTANCE`
	    echo "`$GETTEXT 'Stopping gateway... '`\c"
	    kill $pid > /dev/null 2>&1

        rm -f $FILE_GATEWAY_PID.$GW_INSTANCE
        rm -f $FILE_GATEWAY_PORT.$GW_INSTANCE
    	echo "`$GETTEXT 'done.'`"
    elif [ "$1" = "warn" ]; then
	    eval echo "`$GETTEXT 'Portal Server Gateway is not running. If this is not correct,'`" \
	        "`$GETTEXT 'please check whether $NEWLINE$FILE_GATEWAY_PID.$GW_INSTANCE exists. If this file does'`"\
	        "`$GETTEXT 'not exist, $NEWLINEyou will have to manually kill the gateway processes.'`"
    fi
}

###############################################
#
###############################################
ParseArguments() {
    while getopts n: name
    do
        case $name in
            n)  nflag=1
                GW_INSTANCE="$OPTARG"
                ;;

            ?)  echo "`$GETTEXT 'Usage:'` $0 { [-n <instance-name>] start | [-n <instance-name>] stop | watchdog <on|off> | version }"
                exit 2
                ;;
        esac
    done
}

###############################################################################
# Main
###############################################################################

if test `id | /usr/bin/awk '{print $1}'` != "uid=0(root)"
then
	echo "`$GETTEXT 'You must be root user to run'` $0."
	exit 0
fi

umask 000
ulimit -n 10240

SetPath

nflag=
GW_INSTANCE=

ParseArguments $*
shift `expr $OPTIND - 1`

case "$1" in
    'start')
        if [ -z "$nflag" ]; then
            for x in `ls $FILE_GW_INSTANCE_SETUP_DIR | grep "^platform\.conf\." | grep -v pre`; do
                x=$FILE_GW_INSTANCE_SETUP_DIR/$x
                if [ -r $x ]; then
                    GW_INSTANCE=`echo $x | sed -e "s#$FILE_GW_INSTANCE_SETUP.##"`

                    GearUp
                    StopGateway nowarn

#                    if [ ! -s $FILE_CERT_DB_PASSWORD ] ; then
#                        eval echo "`$GETTEXT '$0: Cannot auto-start without $FILE_CERT_DB_PASSWORD file.'`"
#                        exit 0
#                    fi

                    DoDebug $2
                    StartGateway
                fi
            done
        else
            if [ ! -f $FILE_GW_INSTANCE_SETUP.$GW_INSTANCE ]; then
                echo "`$GETTEXT 'Portal Server Gateway cannot get started. Configuration for specified profile does not exist!'`"
                exit 1
            fi

            GearUp
            StopGateway nowarn

#            if [ ! -s $FILE_CERT_DB_PASSWORD ] ; then
#                eval echo "`$GETTEXT '$0: Cannot auto-start without $FILE_CERT_DB_PASSWORD file.'`"
#                exit 0
#            fi

            DoDebug $2
            StartGateway
        fi
        ;;

    'stop')
        if [ -z "$nflag" ]; then
            for x in $FILE_GATEWAY_PID.*; do
                if [ -r $x ]; then
                    GW_INSTANCE=`echo $x | sed -e "s#$FILE_GATEWAY_PID.##"`
                    StopGateway nowarn
                fi
            done
        else
            StopGateway warn
        fi
        ;;

    'watchdog')
        CRONTAB="/var/spool/cron/crontabs/root"
        CRON="/etc/init.d/cron"
        if [ "$2" = "on" ]; then
            if  grep checkgw $CRONTAB >/dev/null ; then
                echo "`$GETTEXT 'Gateway watchdog already enabled'`"
                exit
            fi

            echo "`$GETTEXT 'Enabling gateway watchdog... '`"
            echo "0-59 * * * * ${PS_HOME}/bin/checkgw $FILE_GATEWAY_PORT 5 > /dev/null 2>&1" >> $CRONTAB
            $CRON stop
            $CRON start
            echo "`$GETTEXT 'done.'`"
        else
            if [ "$2" = "off" ]; then
                echo "`$GETTEXT 'Disabling gateway watchdog... '`"
                cp $CRONTAB /tmp/.cron
                sed -e '/checkgw/d' /tmp/.cron > $CRONTAB
                rm -f /tmp/.cron
                $CRON stop
                $CRON start
                echo "`$GETTEXT 'done.'`"
            else
                echo "`$GETTEXT 'Usage:'` $0 { [-n <instance-name>] start | [-n <instance-name>] stop | watchdog <on|off> | version }"
            fi
        fi
        ;;

    'version')
        if [ -f $FILE_VERSION ]; then
            GrabConfig $FILE_VERSION "build" "="
            BUILD=$ANSWER
            GrabConfig $FILE_VERSION "productname" "="
            PNAME=$ANSWER
            GrabConfig $FILE_VERSION "productversion" "="
            PRODUCTVERSION=$ANSWER
            GrabConfig $FILE_VERSION "patch" "="
            echo "$BUILD $PNAME $PRODUCTVERSION"
            echo "$ANSWER"
        fi
        ;;

    *)
        echo "`$GETTEXT 'Usage:'` $0 { [-n <instance-name>] start | [-n <instance-name>] stop | watchdog <on|off> | version }"
        ;;
esac

