#!/bin/sh
#
#       Copyright (c) 1997 Sun Microsystems, Inc.
#	       All Rights Reserved
#
#pragma	ident	"@(#)postinstall	1.6	98/01/29 SMI"
#
#

#
# Certificate number (license) installation
#

licFile="/etc/ski/license"
cert_lic_num=10 # number of certificate licenses
IFS=

#
# update_cert_cnt_file()
#
# DESCRIPTION:
# 	Parse certificate counter string and determine how many
#	certificates have been issued and how many more certificates.
# 	can be issued.
#	Add the number of new certificate licenses to the existing
#	number of certificate licenses (i.e., credit unused certificates
#	from old package towards new package)
#
# PARAMETER:
#	New certificate licenses
#
# RETURN VALUES:
#	Success: 0
#	Error: -1
#
update_cert_cnt_file () {
    /usr/bin/nawk '{ preIssuedStrLen = 14; # Parse (random) PRE_ISSUED_STRING
	preIssuedStr = substr($0, 1, preIssuedStrLen);
	# PRE_AVAIL_STRING is a constant
	preAvailStr = "0292kew0w21002-20202";
	match($0, preAvailStr);
	preAvailStrStart = RSTART;
	if (preAvailStrStart == 0) {
		print "Invalid certificate counter string"
		exit -1
	}
	preAvailStrLen = RLENGTH;
	# Parse number of issued certificates
	issuedLen = preAvailStrStart - preIssuedStrLen - 1;
	issued = substr($0, preIssuedStrLen + 1, issuedLen);
	# Parse (random) TRAIL_AVAIL_STRING
	trailAvailStrLen = 30;
	trailAvailStrStart = length($0) - trailAvailStrLen + 1;
	trailAvailStr = substr($0, trailAvailStrStart, trailAvailStrLen);
	# Parse number of available certificate licenses
	availLen = trailAvailStrStart - preIssuedStrLen - preAvailStrLen - issuedLen - 1;
	avail = substr($0, preAvailStrStart + preAvailStrLen, availLen);
	# Add the new licenses to the old ones
	avail += certNum
	licFile = "/etc/ski/license";
	printf "%s%s%s%s%s", preIssuedStr, issued, preAvailStr, avail, trailAvailStr > licFile }' certNum=$1
}

#
# create_cert_cnt_file
#
# DESCRIPTION:
#	Create new certificate license file and store
#	10 certificate licenses in it.
#
create_cert_cnt_file () {
	/usr/bin/printf \
	"92jsp03220222500292kew0w21002-20202100002187798acbd312302fd431adf4578" \
	>> $licFile
#	/usr/bin/chmod 600 $licFile
	/usr/bin/chmod 777 $licFile
	/usr/bin/chgrp sys $licFile
#	echo ""
#	echo "NOTE: In order to be able to issue certificates from this machine,"
#	echo "you must set the file ownership and file group ownership of the"
#	echo "'/etc/ski/license' file appropriately, using chmod(1) and chgrp(1)."
#	echo ""
#	echo "In order to do this, you have to determine who will be issuing"
#	echo "certificates from this machine, i.e., you have to determine the user"
#	echo "names of the Certificate Authorities (CAs) running on this machine."
#	echo ""
#	echo "Make sure that you have set the file ownership and file group ownership"
#	echo "flags for the '/etc/ski/license' file appropriately BEFORE any of the"
#	echo "commands that issue certificates (i.e., 'create_rootca', 'create_creds',"
#	echo "and 'certify') are executed from this machine."
#	echo ""
#	echo "Example: If your Root CA operates on this machine, and your Root CA"
#	echo "is run as user 'rootca', the '/etc/ski/license' file must be owned"
#	echo "by 'rootca', and 'rootca' must be able to update (i.e., read from"
#	echo "and write to) this file."
#	echo ""
}

#
# START
#
echo ""
echo "Certificate License Installation"

# Check if certificate counter file exists
if [ -s $licFile ]; then
	# certificate counter file exists and is not empty; update it
	/usr/bin/cat "/etc/ski/license" | update_cert_cnt_file $cert_lic_num
else
	# certificate file does not exist or is empty; create it
	create_cert_cnt_file
fi
status=$?
if [ $status -ne 0 ]; then
	exit 1
fi

echo "## Done ##"
exit 0
