#!/bin/ksh
# @(#)postbackout       1.16 01/07/25 Sun Microsystems

trap 2

#######################################################################################
#
# Patch unique env vars...
#

PATCHID="118950-18"
VERSION="PS6.3.1p18"

#######################################################################################

LOG=/dev/stdout # /dev/null or /dev/stdout

#######################################################################################
#
# Static ENV vars
#
ECHO=/usr/bin/echo
UMASK=/usr/bin/umask
CP=/usr/bin/cp
SED=/usr/bin/sed
UNIQ=/usr/bin/uniq
GREP=/usr/bin/grep
LS=/usr/bin/ls
BASENAME=/usr/bin/basename
CAT=/usr/bin/cat
CHMOD=/usr/bin/chmod
CP=/usr/bin/cp
CUT=/usr/bin/cut
DATE=/usr/bin/date
DIRNAME=/usr/bin/dirname
AWK=/usr/bin/awk
ENV=/usr/bin/env
GREP=/usr/bin/grep
ID=/usr/bin/id
LN=/usr/bin/ln
LS=/usr/bin/ls
MKDIR=/usr/bin/mkdir
MV=/usr/bin/mv
NAWK=/usr/bin/nawk
PKGINFO=/usr/bin/pkginfo
RM=/usr/bin/rm
STTY=/usr/bin/stty
TOUCH=/usr/bin/touch
GETFACL=/usr/bin/getfacl
SETFACL=/usr/bin/setfacl

/usr/bin/echo $PATH | /usr/bin/grep "/usr/java/bin[^/]" > /dev/null 2>&1
if [ $? -ne 0 ] ; then
  PATH="$PATH:/usr/java/bin"
  export PATH
fi
PATCHREV=`/usr/bin/echo ${PATCHID} | /usr/bin/awk ' BEGIN { FS="-" } {print $2 }`
PATCHBASE=`/usr/bin/echo ${PATCHID} | /usr/bin/awk ' BEGIN { FS="-" } {print $1 }`
HAS_IDENTITY_SUPER_ADMIN_PASSWORD="n"

# Get value of a key in a flatfile and assign it to ANSWER

GrabConfig() {
  local FILE=$1
  local KEY=$2
  local SEPARATOR=$3

  ANSWER=`$GREP "^$KEY$SEPARATOR" $FILE | $UNIQ | $SED -e "s/$KEY$SEPARATOR//"`
}

BELL_CHAR='\a'
pkginfo -q SUNWps
if [ $? -eq 0 ]; then

  PS_STATE_FILE="/etc/opt/SUNWps/PSConfig.properties"
  if [ ! -f $PS_STATE_FILE ]; then
    $ECHO "Error: $PS_STATE_FILE does not exist. $BELL_CHAR"
    exit 1
  fi

  GrabConfig $PS_STATE_FILE "BASEDIR" "="
  if [ "$ANSWER" != "" ]; then
     PS_INSTALL_DIR=$ANSWER
  else
     $ECHO "Error: Cannot determine BASEDIR. $BELL_CHAR"
     exit 1
  fi

  GrabConfig $PS_STATE_FILE "IDSAME_BASEDIR" "="
  if [ "$ANSWER" != "" ]; then
     IS_INSTALL_DIR=$ANSWER
  else
     $ECHO "Error: Cannot determine IDSAME_BASEDIR. $BELL_CHAR"
     exit 1
  fi
fi # end of checking for Portal Server node

pkginfo -q SUNWpsgw
if [ $? -eq 0 ]; then

  GW_STATE_FILE="/etc/opt/SUNWps/GWConfig.properties"
  if [ ! -f $GW_STATE_FILE ]; then
    $ECHO "Error: $GW_STATE_FILE does not exist. $BELL_CHAR"
    exit 1
  fi

  GrabConfig $GW_STATE_FILE "GW_BASEDIR" "="
  if [ "$ANSWER" != "" ]; then
     GW_INSTALL_DIR=$ANSWER
  else
     $ECHO "Error: Cannot determine GW_BASEDIR. $BELL_CHAR"
     exit 1
  fi

  GrabConfig $GW_STATE_FILE "IDSAME_BASEDIR" "="
  if [ "$ANSWER" != "" ]; then
     IS_INSTALL_DIR=$ANSWER
  else
     $ECHO "Error: Cannot determine IDSAME_BASEDIR. $BELL_CHAR"
     exit 1
  fi
fi # End of checking for Gateway node

pkginfo -q SUNWpsnlp
if [ $? -eq 0 ]; then

  NLP_STATE_FILE="/etc/opt/SUNWps/NLPConfig.properties"
  if [ ! -f $NLP_STATE_FILE ]; then
    $ECHO "Error: $NLP_STATE_FILE does not exist. $BELL_CHAR"
    exit 1
  fi

  GrabConfig $NLP_STATE_FILE "NLP_BASEDIR" "="
  if [ "$ANSWER" != "" ]; then
     NLP_INSTALL_DIR=$ANSWER
  else
     $ECHO "Error: Cannot determine NLP_BASEDIR. $BELL_CHAR"
     exit 1
  fi

  GrabConfig $NLP_STATE_FILE "IDSAME_BASEDIR" "="
  if [ "$ANSWER" != "" ]; then
     IS_INSTALL_DIR=$ANSWER
  else
     $ECHO "Error: Cannot determine IDSAME_BASEDIR. $BELL_CHAR"
     exit 1
  fi
fi # End of checking for NetletProxy node

pkginfo -q SUNWpsrwp
if [ $? -eq 0 ]; then

  RWP_STATE_FILE="/etc/opt/SUNWps/RWPConfig.properties"
  if [ ! -f $RWP_STATE_FILE ]; then
    $ECHO "Error: $RWP_STATE_FILE does not exist. $BELL_CHAR"
    exit 1
  fi

  GrabConfig $RWP_STATE_FILE "RWP_BASEDIR" "="
  if [ "$ANSWER" != "" ]; then
     RWP_INSTALL_DIR=$ANSWER
  else
     $ECHO "Error: Cannot determine RWP_BASEDIR. $BELL_CHAR"
     exit 1
  fi

  GrabConfig $RWP_STATE_FILE "IDSAME_BASEDIR" "="
  if [ "$ANSWER" != "" ]; then
     IS_INSTALL_DIR=$ANSWER
  else
     $ECHO "Error: Cannot determine IDSAME_BASEDIR. $BELL_CHAR"
     exit 1
  fi
fi # End of checking for RewriterProxy node

##############################################################
#
# Util functions
#

insert_line() {
  file=$1
  match=$2
  new=$3

  #$CP $file $file-orig-$$
  sed -e "
/$match/ {
i\\
$new
}" $file > $file-tmp
mv $file-tmp $file
}

replace_line() {
  file=$1
  match=$2
  new=$3

  #$CP $file $file-orig-$$
  sed -e "
/$match/ {
c\\
$new
}" $file > $file-tmp
mv $file-tmp $file
}

restoreVersionString() {
    pkginfo -q SUNWps
    if [ $? -eq 0 ]; then
      VERSION_FILE=$PS_INSTALL_DIR/SUNWps/lib/PSversion.properties
      $ECHO "`$GREP -v $PATCHID $VERSION_FILE`" > $VERSION_FILE
    fi
    pkginfo -q SUNWpsgw
    if [ $? = 0 ]; then
      VERSION_FILE=$GW_INSTALL_DIR/SUNWps/lib/SRAversion.properties
      # Backout Fix for BugID #5006702
      $SED -e '/productname=/d' $VERSION_FILE > /var/tmp/SRAversion.properties
      $SED -e '/productversion=/d' /var/tmp/SRAversion.properties > $VERSION_FILE     
      $RM /var/tmp/SRAversion.properties
      # End of Backout for fix for BugID #5006702
      $ECHO "`$GREP -v $PATCHID $VERSION_FILE`" > $VERSION_FILE
    fi
}

# function test_bind checks to make sure that the password matches for the super
# admin bind DN set in the Identity config file.  Sets BIND_SUCCESS to y if the
# password given is correct

test_bind() {
  local PASSWD=$1
  GrabConfig "/etc/opt/SUNWps/PSConfig.properties" "IDSAME_BASEDIR" "="
  local IS_INST_DIR=$ANSWER
  GrabConfig "/etc/opt/SUNWps/PSConfig.properties" "BASEDIR" "="
  local PS_INST_DIR=$ANSWER
  local BIND_DN=`$GREP "com.sun.identity.authentication.super.user" "$IS_INST_DIR/SUNWam/lib/AMConfig.properties" | cut -d "=" -f2-`
  `$PS_INST_DIR/SUNWps/bin/rwadmin list --runasdn "$BIND_DN" --password "$PASSWD" | $GREP -i "Authorization Failed" > /dev/null 2>&1`
  if [ $? -eq 0 ]; then
    $ECHO "Authentication failed for user $BIND_DN..."
    BIND_SUCCESS=n
  else
    BIND_SUCCESS=y
  fi
}

GetIdentitySuperAdminPassword() {
BIND_SUCCESS="n"
typeset -i fail_count=0
while (( $fail_count < 3 )) && [ $BIND_SUCCESS = "n" ]
do
  DONE="n"
  while [ "$DONE" = "n" ]; do
    $ECHO
    $ECHO "Please Enter Identity Server Super Administrator Password: "
    $STTY -echo
    read PASSWORD
    $STTY echo
    if [ "$PASSWORD" != "" ]; then
      print "Again? $OMIT_CHAR"
      $STTY -echo
      read PASSWORD_REPEAT
      $STTY echo
      print ""
      if [ "$PASSWORD" != "$PASSWORD_REPEAT" ]; then
        print "Passwords do not match! $BELL_CHAR"
      else
        DONE="y"
      fi
    fi
  done
  test_bind $PASSWORD
  ((fail_count=$fail_count + 1))
  if (( $fail_count == 3 )); then
    $ECHO "Failed to authenticate 3 times..."
  fi
done
IS_ADMIN_PASSWORD=$PASSWORD
HAS_IDENTITY_SUPER_ADMIN_PASSWORD="y"
}




#######################################################################################
#
# Helper functions specific to handling previous patch revisions 
#

# function sort_arr sorts an array lexicographically and writes a global val NEW_ARR 
#   with the results

sort_arr() {
  set -s
  set -A NEW_ARR $*
}

# function call_rev_mods() calls rev_mods for every revision between the current 
#   revision on the system, and the revision of the patch to be installed
#   for backout, the order is reversed

call_rev_mods() {
  typeset -i patch_rev=$1
  typeset -i orig_rev=$2

  while (($orig_rev < $patch_rev))
  do
    rev_mods $patch_rev;
    ((patch_rev=$patch_rev - 1))
  done
}

######################################################################################
#
# rev_mods handles all profile updates file manipulation and anything else which may
#   be required by the patch itself.  rev_mods is the workhorse of the patch install
#   script. 
#

rev_mods() {
  typeset -i rev=$1

  if [[ $rev == 1 ]]
  then
  #########Make changes for Rev01 here###########
  echo "Backing out changes for $PATCHBASE-01..."
  ### backing out changes for bug# 6218094
  pkginfo -q SUNWpsgw
  if [ $? -eq 0 ]; then
    FILE="$GW_INSTALL_DIR/SUNWps/bin/gateway"
    if [ -f $FILE.pre$PATCHID ]; then
	mv $FILE.pre$PATCHID $FILE
    fi
  fi
  #########End of changes for Rev01##############
  elif [[ $rev == 2 ]]
  then
  #########Make changes for Rev02 here###########
  echo "Backing out changes for $PATCHBASE-02..."

  #########End of changes for Rev02##############
  elif [[ $rev == 3 ]]
  then
  #########Make changes for Rev03 here###########
  echo "Backing out changes for $PATCHBASE-03..."

  #########End of changes for Rev03##############
  elif [[ $rev == 4 ]]
  then
  #########Make changes for Rev04 here###########
  echo "Backing out changes for $PATCHBASE-04..."

  #########End of changes for Rev04##############
  elif [[ $rev == 5 ]]
  then
  #########Make changes for Rev05 here###########
  echo "Backing out changes for $PATCHBASE-05..."

  #########End of changes for Rev05##############
  elif [[ $rev == 9 ]]
  then
  #########Make changes for Rev09 here###########
  echo "Backing out changes for $PATCHBASE-09..."

  #########End of changes for Rev09##############
  elif [[ $rev == 10 ]]
  then
  #########Make changes for Rev10 here###########
  echo "Backing out changes for $PATCHBASE-10..."

  #########End of changes for Rev10##############
  elif [[ $rev == 11 ]]
  then
  #########Make changes for Rev11 here###########
  echo "Backing out changes for $PATCHBASE-11..."

  #########End of changes for Rev11##############
  elif [[ $rev == 12 ]]
  then
  #########Make changes for Rev12 here###########
  echo "Backing out changes for $PATCHBASE-12..."

  #########End of changes for Rev12##############
  elif [[ $rev == 13 ]]
  then
  #########Make changes for Rev13 here###########
  echo "Backing out changes for $PATCHBASE-13..."

  #########End of changes for Rev13##############
  elif [[ $rev == 14 ]]
  then
  #########Make changes for Rev14 here###########
  echo "Backing out changes for $PATCHBASE-14..."

  #########End of changes for Rev14##############
  elif [[ $rev == 15 ]]
  then
  #########Make changes for Rev15 here###########
  echo "Backing out changes for $PATCHBASE-15..."

  #########End of changes for Rev15##############
  elif [[ $rev == 16 ]]
  then
  #########Make changes for Rev16 here###########
  echo "Backing out changes for $PATCHBASE-16..."

  #########End of changes for Rev16##############
  elif [[ $rev == 17 ]]
  then
  #########Make changes for Rev17 here###########
  echo "Backing out changes for $PATCHBASE-17..."

  #########End of changes for Rev17##############
  elif [[ $rev == 18 ]]
  then
  #########Make changes for Rev18 here###########
  echo "Backing out changes for $PATCHBASE-18..."

  #########End of changes for Rev18##############


  #########End of rev_mods huge if block#########
  fi
}

#######################################################################################
#
# Check for previous patch revisions.  If there are not any, then continue with profile
#    updates and flatfile manipulation.  For more than one patch revision, use another
#    'if' block so that the statements are not executed multiple times.  Check for the
#    highest rev first, and then only make changes from it to the current rev.
#    EX:  PATCHREV=04
#         if 03, then only apply changes for 04
#         if 02, then apply changes for 03, and 04
#         if 01, then apply changes for 02, 03, and 04
#         else, just apply changes for 04
#    
#    Note: These steps are necessary for the cummulative patch process to work correctly
#

# Function check_patch_revs checks for the existence of previous patch revisions for 
#    the current patch being installed.

check_patch_revs() {

  /usr/bin/echo "Checking for previous patch revisions..."

  # First get highest rev for the patch
  set -A CURRENT_REVS `showrev -p | /usr/bin/nawk ' { print substr($0, match($0, "Patch:")+7)} ' | \
  /usr/bin/sed 's/ Obsoletes:.*//g' | grep ${PATCHBASE} | /usr/bin/awk ' BEGIN { FS="-" } {print $2} '`

  typeset -i NUM_REVS=${#CURRENT_REVS[*]}

  # Check case where there may be no patch revisions installed
  if [[ $NUM_REVS > 0 ]]
  then 

    # Now sort it and get the highest rev currently installed
    sort_arr ${CURRENT_REVS[*]}

    HIGHEST_REV=${NEW_ARR[${NUM_REVS}-1]}
  
    call_rev_mods ${PATCHREV} ${HIGHEST_REV}
  else
    call_rev_mods ${PATCHREV} '00'
  fi

} 

# Restarting stand-alone processes
restart_processes() {
  pkginfo -q SUNWpsrwp
  if [ $? -eq 0 ]; then
    $GW_INSTALL_DIR/SUNWps/bin/gateway start
  fi

  pkginfo -q SUNWpsnlp
  if [ $? -eq 0 ]; then
    $NLP_INSTALL_DIR/SUNWps/bin/netletd start
  fi

  pkginfo -q SUNWpsrwp
  if [ $? -eq 0 ]; then
    $RWP_INSTALL_DIR/SUNWps/bin/rwproxyd start
  fi
}

#######################################################################################
#
# Main processing
#
check_patch_revs
restoreVersionString
restart_processes

/usr/bin/echo ""
/usr/bin/echo "Postbackout processing complete."

trap ''
