#!/bin/bash
set +x
G_MML_FILE_PATH="/opt/huawei/snas/script/inspect_mml"
source $G_MML_FILE_PATH/CheckItems
CurInspectNum="260"
CurInspectFun="$(GetInspectType $CurInspectNum)"
RESULTFILE="/tmp/tmpResult${CurInspectFun}"
LOG_FILE="/var/log/inspect.log"
>${RESULTFILE}

RET_BLANK="--"
RET_SUCCESS="yes"
RET_FAILURE="no"
TIP_OPERARION_RESULT="RESULT"
TIP_JOINED_DOMAIN="JOINED DOMAIN"
TIP_DOMAIN_CONTROL_STATUS="DOMAIN AVAILABLE"
Result=""
isPass=0

#AD״̬ Ѳ217ýűִ
if [ "$1" = "checkADDomain" ];then
    checkInfo=$( /usr/local/bin/nas_proto_auth -c show-join | grep \<join_state\>1\< )
    if [ "X$checkInfo" = "X" ];then
        echo "join_state:no"
    else
        echo "join_state:yes"
    fi
    HotPatchCheck=$(ls /var/huawei/patch/cur/sph/)
    if [ $? -ne 0 ];then
        echo "HotPatchCheck:Have no HotPatch"
        exit 0
    fi
    echo "HotPatchCheck:${HotPatchCheck}"
    exit 0
fi
function LOG
{
   time=$(date)
   echo [${time}][$$][${CurInspectFun}]$@ >> ${LOG_FILE}
}

ad_joined_xml=$(/usr/local/bin/nas_proto_auth -c show-join|grep -E '<status>|<join_state>')
status=$(echo $ad_joined_xml|awk -F '<status>' '{print $2}'|awk -F '</status>' '{print $1}')
if [ "$status"x != "0"x ]; then
    LOG "[$LINENO]nas_proto_auth show-join failed $status"
    Result="$TIP_OPERARION_RESULT($RET_FAILURE);$TIP_JOINED_DOMAIN($RET_BLANK);$TIP_DOMAIN_CONTROL_STATUS($RET_BLANK)"
    isPass=1
    echo "[ERR]INFO:${Result}" >> ${RESULTFILE}
    echo "${CurInspectFun}_Pass $isPass" >>${RESULTFILE}
    exit 0
fi

ad_joined=$(echo $ad_joined_xml|awk -F '<join_state>' '{print $2}'|awk -F '</join_state>' '{print $1}')
if [ "$ad_joined"x != "1"x ]; then
    LOG "[$LINENO]nas_proto_auth -c show-join false:$ad_joined"
    Result="$TIP_OPERARION_RESULT:$RET_SUCCESS||$TIP_JOINED_DOMAIN:$RET_FAILURE||$TIP_DOMAIN_CONTROL_STATUS:$RET_BLANK"
    echo "${Result}" >> ${RESULTFILE}
    echo "${CurInspectFun}_Pass $isPass" >>${RESULTFILE}
    exit 0
fi

domain_fqdn_xml=$(/usr/local/bin/nas_proto_cfg -c get_ad_server|grep -E '<status>|<value>')
status=$(echo $domain_fqdn_xml|awk -F '<status>' '{print $2}'|awk -F '</status>' '{print $1}')
if [ "$status"x != "0"x ]; then
    LOG "[$LINENO]nas_proto_cfg get_ad_server failed $status."
    Result="$TIP_OPERARION_RESULT($RET_FAILURE);$TIP_JOINED_DOMAIN($RET_SUCCESS);$TIP_DOMAIN_CONTROL_STATUS($RET_BLANK)"
    isPass=1
    echo "[ERR]INFO:${Result}" >> ${RESULTFILE}
    echo "${CurInspectFun}_Pass $isPass" >>${RESULTFILE}
    exit 0
fi

domain_fqdn=$(echo $domain_fqdn_xml|awk -F '<value>' '{print $2}'|awk -F '</value>' '{print $1}')
kerbers_svc_rr="_kerberos._tcp.dc._msdcs"
dc_list=$(nslookup -q=srv $kerbers_svc_rr.$domain_fqdn|grep $kerbers_svc_rr|grep 'service ='|awk  '{print $NF}')
dc_num=$(echo $dc_list|awk '{print NF}')
alive_dc=0

for((i=1;i<=$dc_num;i++));do
    dc_fqdn_raw=$(echo $dc_list|awk '{print $'$i'}')
    if [ -z "$dc_fqdn_raw" ]; then
        continue
    fi

    last_char=$(echo ${dc_fqdn_raw: -1})
    dc_fqdn=""
    if [ "$last_char" = "." ]; then
        dc_fqdn=$(echo ${dc_fqdn_raw%.*})
    else
        dc_fqdn=$dc_fqdn_raw
    fi
	dc_ip4_list=$(nslookup  $dc_fqdn|grep 'Address: '|awk  '{print $NF}')
	dc_ip4_num=$(echo $dc_ip4_list|awk '{print NF}')
	dc_ip6_list=$(nslookup  -q=AAAA $dc_fqdn|grep 'AAAA address '|awk  '{print $NF}')
	dc_ip6_num=$(echo $dc_ip6_list|awk '{print NF}')

	for ((j=1;j<=$dc_ip4_num;j++)); do
		dc_ip_raw=$(echo $dc_ip4_list|awk '{print $'$j'}')
		if [ -z "$dc_ip_raw" ]; then
			continue
		fi

		last_char=$(echo ${dc_ip_raw: -1})
		dc_ip=""
		if [ "$last_char" = "." ]; then
			dc_ip=$(echo ${dc_ip_raw%.*})
		else
			dc_ip=$dc_ip_raw
		fi

		LOG "[$LINENO]check $j/$dc_num dc $dc_ip starting"
		ping_rsp=$(ping $dc_ip -c 3 -w 7 2> /dev/null |grep 'ttl='|wc -l)
		if [ $ping_rsp -gt 0 ]; then
			alive_dc=1
			LOG "[$LINENO]dc $dc_ip is reachable"
			break
		else
			LOG "[$LINENO]WARN:dc $dc_ip is unreachable"
		fi
	done
       if [ "$alive_dc"x != "0"x ]; then
       break
       fi

	for ((j=1;j<=$dc_ip6_num;j++)); do
		dc_ip_raw=$(echo $dc_ip6_list|awk '{print $'$j'}')
		if [ -z "$dc_ip_raw" ]; then
			continue
		fi

		last_char=$(echo ${dc_ip_raw: -1})
		dc_ip=""
		if [ "$last_char" = "." ]; then
			dc_ip=$(echo ${dc_ip_raw%.*})
		else
			dc_ip=$dc_ip_raw
		fi

		LOG "[$LINENO]check $j/$dc_num dc $dc_ip starting"
		ping_rsp=$(ping6 $dc_ip -c 3 -w 7 2> /dev/null |grep 'ttl='|wc -l)
		if [ $ping_rsp -gt 0 ]; then
			alive_dc=1
			LOG "[$LINENO]dc $dc_ip is reachable"
			break
		else
			LOG "[$LINENO]WARN:dc $dc_ip is unreachable"
		fi
	done
       if [ "$alive_dc"x != "0"x ]; then
       break
       fi
done

if [ $alive_dc -eq 0 ]; then
    Result="$TIP_OPERARION_RESULT($RET_SUCCESS);$TIP_JOINED_DOMAIN($RET_SUCCESS);$TIP_DOMAIN_CONTROL_STATUS($RET_FAILURE)"
    isPass=1
	echo "[ERR]INFO:${Result}" >> ${RESULTFILE}
else
    Result="$TIP_OPERARION_RESULT:$RET_SUCCESS||$TIP_JOINED_DOMAIN:$RET_SUCCESS||$TIP_DOMAIN_CONTROL_STATUS:$RET_SUCCESS"
    echo "${Result}" >> ${RESULTFILE}
fi

echo "${CurInspectFun}_Pass $isPass" >>${RESULTFILE}
exit 0
