#!/bin/sh
# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
#(C)IBM Corp
# This scripts transfers the cfgloc files and the xCAT credentials from
# the Management Node to the Service Node on Linux.
# It only does something, if called with the -d flag. 
# The -d flag was implemented when the call to the routine was moved
# from the postscript table into the servicenode postscript. 
#
if [ ! $1 ]; then
   logger -t xcat -p local4.err "xcatserver call without -d, doing nothing."
   #echo "xcatserver call without -d, doing nothing."
   #echo $1
   exit 0
fi
if [ $1 != "-d" ]; then
   logger -t xcat -p local4.err "xcatserver call without -d, doing nothing."
   #echo "xcatserver call without -d, doing nothing."
   #echo $1
   exit 0
fi
logger -t xcat -p local4.info "xcatserver call with -d. getting credentials and cfgloc "
#echo "xcatserver call with -d, getting credentials and cfgloc."
#echo $1

if [ ! -x /usr/bin/openssl ]; then
   logger -t xcat -p local4.err "$0: /usr/bin/openssl is not executable"
   exit -1
fi
USEOPENSSLFORXCAT=1
export USEOPENSSLFORXCAT
# are we using xcat flow control
useflowcontrol=0
if [ "$USEFLOWCONTROL" = "YES" ] || [ "$USEFLOWCONTROL" = "yes" ] || [ "$USEFLOWCONTROL" = "1" ]; then
  useflowcontrol=1
fi

xcatpost="xcatpost"
master=$MASTER

allowcred.awk &
CREDPID=$!
sleep 1

# setup and get the xCAT SSL credentials down to the service  node
# create SSL certificate directory and then get them
mkdir -p /etc/xcat/cert
if [ $useflowcontrol = "1" ]; then
  #first contact daemon  xcatflowrequest <server> 3001
  logger -t xCAT -p local4.info "xcatserver: sending xcatflowrequest $master 3001"
 /$xcatpost/xcatflowrequest $master 3001
 rc=$?
 logger -t xCAT -p local4.info "xcatserver:xcatflowrequest received response return=$rc"
 if [ $rc -ne 0 ]; then
      logger -t xCAT -p local4.info "xcatserver: error from xcatflowrequest, will not use flow control"
      useflowcontrol=0
 fi


fi
getcredentials.awk xcat_server_cred | grep -v '<'|sed -e 's/&lt;/</' -e 's/&gt;/>/' -e 's/&amp;/&/' -e 's/&quot/"/' -e "s/&apos;/'/" > /etc/xcat/cert/server-cred.pem

#check the message is an error or not
grep -E '<error>' /etc/xcat/cert/server-cred.pem
if [ $? -ne 0 ]; then
        #the message received is the data
   logger -t xCAT -p local4.info "xcatserver: getting server-cred.pem"
    MAX_RETRIES=10
    RETRY=0
    MYCONT=`cat /etc/xcat/cert/server-cred.pem` 
    
    while [ -z "$MYCONT" ]; do
              # not using flow control , need to sleep
              if [ $useflowcontrol = "0" ]; then
                let SLI=$RANDOM%10
                let SLI=SLI+10
                sleep $SLI
              fi

                RETRY=$(($RETRY+1))
                if [ $RETRY -eq $MAX_RETRIES ]
                then
                  break
                fi
                if [ $useflowcontrol = "1" ]; then
                  #first contact daemon  xcatflowrequest <server> 3001
                  logger -t xCAT -p local4.info "xcatserver: sending xcatflowrequest $master 3001"
                  /$xcatpost/xcatflowrequest $master 3001
                  rc=$?
                  logger -t xCAT -p local4.info "xcatserver:xcatflowrequest return=$rc"
                  if [ $rc -ne 0 ]; then
                    logger -t xCAT -p local4.info "xcatserver: error from xcatflowrequest, will not use flow control"
                    useflowcontrol=0
                  fi
                fi
                getcredentials.awk xcat_server_cred | grep -v '<'|sed -e 's/&lt;/</' -e 's/&gt;/>/' -e 's/&amp;/&/' -e 's/&quot/"/' -e "s/&apos;/'/" > /etc/xcat/cert/server-cred.pem
                MYCONT=`cat /etc/xcat/cert/server-cred.pem` 
    done

   chmod 600 /etc/xcat/cert/*
   # do not assume working directory, use the full path
   cp /xcatpost/_xcat/ca.pem /etc/xcat/cert/ca.pem
else  # error from first getcredential call
        #the message received is an error from credentials.pm, so parse it
        ERR_MSG=`sed -n 's%.*<error>\(.*\)</error>.*%\1%p' /etc/xcat/cert/server-cred.pem`
        logger -t xCAT -p local4.err xcatserver: $ERR_MSG
        rm /etc/xcat/cert/server-cred.pem 
fi

# get the xcat cfgloc file

if [ $useflowcontrol = "1" ]; then
  #first contact daemon  xcatflowrequest <server> 3001
  logger -t xCAT -p local4.info "xcatserver: sending xcatflowrequest $master 3001"
 /$xcatpost/xcatflowrequest $master 3001
 rc=$?
 logger -t xCAT -p local4.info "xcatserver:xcatflowrequest received response return=$rc"
 if [ $rc -ne 0 ]; then
    logger -t xCAT -p local4.info "xcatserver: error from xcatflowrequest, will not use flow control"
    useflowcontrol=0
 fi

fi
getcredentials.awk xcat_cfgloc | grep -v '<'|sed -e 's/&lt;/</' -e 's/&gt;/>/' -e 's/&amp;/&/' -e 's/&quot/"/' -e "s/&apos;/'/" > /etc/xcat/cfgloc

#check the message is an error or not
grep -E '<error>' /etc/xcat/cfgloc
if [ $? -ne 0 ]; then
        #the message received is the data
   logger -t xCAT -p local4.info "xcatserver: getting cfgloc"
    MAX_RETRIES=10
    RETRY=0
    MYCONT=`cat /etc/xcat/cfgloc` 
    
    while [ -z "$MYCONT" ]; do
      # not using flow control , need to sleep
      if [ $useflowcontrol = "0" ]; then
         let SLI=$RANDOM%10
         let SLI=SLI+10
         sleep $SLI
      fi

      RETRY=$(($RETRY+1))
      if [ $RETRY -eq $MAX_RETRIES ]
         then
           break
      fi
      if [ $useflowcontrol = "1" ]; then
         #first contact daemon  xcatflowrequest <server> 3001
         logger -t xCAT -p local4.info "xcatserver: sending xcatflowrequest $master 3001"
         /$xcatpost/xcatflowrequest $master 3001
         rc=$?
         logger -t xCAT -p local4.info "xcatserver:xcatflowrequest return=$rc"
         if [ $rc -ne 0 ]; then
           logger -t xCAT -p local4.info "xcatserver: error from xcatflowrequest, will not use flow control"
           useflowcontrol=0
         fi
      fi
      getcredentials.awk xcat_cfgloc | grep -v '<'|sed -e 's/&lt;/</' -e 's/&gt;/>/' -e 's/&amp;/&/' -e 's/&quot/"/' -e "s/&apos;/'/" > /etc/xcat/cfgloc
      MYCONT=`cat /etc/xcat/cfgloc` 
    done
    # if we successfully got cfgloc 
    if [ -f /etc/xcat/cfgloc ]; then
      # if not DB2
      grep "DB2" /etc/xcat/cfgloc  2>&1 1> /dev/null
      if [ $? -ne 0 ]; then
        sed s/host=[^\|]*/host=$MASTER/ /etc/xcat/cfgloc > /etc/xcat/cfgloc.new
        mv /etc/xcat/cfgloc.new /etc/xcat/cfgloc
      else # DB2 cfgloc has different format
        if [ -n "$UPDATENODE" ] && [ $UPDATENODE -eq 1 ]; then
        cp /etc/xcat/cfgloc /etc/xcat/cfgloc.db2
      else
        mv /etc/xcat/cfgloc /etc/xcat/cfgloc.db2
      fi
    fi
    chmod 600 /etc/xcat/cfgloc*
   fi
else  # error from first getcredentials call
        #the message received is an error from credentials.pm, so parse it
        ERR_MSG=`sed -n 's%.*<error>\(.*\)</error>.*%\1%p' /etc/xcat/cfgloc`
        logger -t xCAT -p local4.err xcatserver: $ERR_MSG
        rm /etc/xcat/cfgloc
fi

kill -9 $CREDPID