#!/bin/bash
#-------------------------------------------------------------------------------
# Installation return codes:
#
# 0 - no error
# 1 - usage, input argument incorrect
# 2 - unable to mount service media
# 3 - error unzip'ing file on disk
# 4 - .signature file missing from service package
# 5 - service install script missing
# 6 - incompatible service release
# 7 - incorrect file successfully downloaded to system - better not happen!
# 8* - error executing install script, return the script error instead
# 9  - FileSystem is full
#-------------------------------------------------------------------------------

#-------------------------------------------------------------------------------
# Initialize service script return code
#-------------------------------------------------------------------------------
CDROM_DIR=/media/cdrom
INSTALL_DIR=/dump/hsc_install.images

MD5FILE=/tmp/md5.$$
RESULT=/tmp/res.$$
CNFILE=/tmp/cn.$$

OPENSSL=/usr/bin/openssl
MD5SUM=/usr/bin/md5sum
VERIFY=/opt/hsc/sbin/verify
DIFF=/usr/bin/diff
FIND=/usr/bin/find
ECHO=/bin/echo
SORT=/bin/sort
CAT=/bin/cat
CUT=/usr/bin/cut
RM=/bin/rm
typeset -i BOOT_REQUIRED
typeset -i NO_MORE_CD
typeset -i PREREQ
typeset -i NO_UPDATE

#-------------------------------------------------------------------------------
# Common exit point
#-------------------------------------------------------------------------------
exit_cleanup() {
    cd /
    if [ "$MOUNT_DIR" == "1" ]; then
         umount $INSTALL_DIR
    fi
    umount $CDROM_DIR > /dev/null 2>&1
    rm -rf $INSTALL_DIR/* > /dev/null 2>&1
    typeset -i retval
    retval=$1
    if [ $PREREQ -eq 1 ]; then
       retval=48
    else
       if [ $NO_UPDATE -eq 0 ]; then
           if [ $BOOT_REQUIRED -eq 1 ]; then
               retval=$retval+16
           else
               if [ $NO_MORE_CD -eq 1 ]; then
                   retval=$retval+32
               else
                   retval=$retval+64
               fi
           fi
       fi
    fi
    exit $retval
}

InstallUpdates() {
    if [ -f $IMG_BASE/images/.signature ]; then
        typeset -i cver
        typeset -i dver
        # Validate the signature file first
        grep -q "^Version" $IMG_BASE/images/.signature
        if [ $? -ne 0 ]; then
           exit_cleanup 4
        fi
        grep -q "-" $IMG_BASE/images/.signature
        if [ $? -eq 0 ]; then
           exit_cleanup 4
        fi

        cver=`/opt/hsc/bin/hsc version | grep Version | $CUT -d':' -f 2`
        dver=`$CAT $IMG_BASE/images/.signature | $CUT -d' ' -f 2`
   	noversioncheck=`$CAT $IMG_BASE/images/.signature | $CUT -d':' -f 2`
        if [ $cver -eq $dver ]; then
            if [ -x $IMG_BASE/images/installImages ]; then
                $IMG_BASE/images/installImages $IMG_BASE/images
                serviceRC=$?
                if [ $serviceRC -ne 0 ]; then
                    exit_cleanup 6
                fi
            else
                echo "Install script not found" 1>&2
                exit_cleanup 7
            fi
        else
 	    if [ "$noversioncheck" != " no version checking" ]; then
              echo "Incompatible service package" 1>&2
              exit_cleanup 8
            fi
            if [ -x $IMG_BASE/images/installImages ]; then
                $IMG_BASE/images/installImages $IMG_BASE/images
                serviceRC=$?
                if [ $serviceRC -ne 0 ]; then
                    exit_cleanup 6
                fi
            else
                echo "Install script not found" 1>&2
                exit_cleanup 7
            fi
        fi
    else
        echo "Missing Signature file" 1>&2
        exit_cleanup 4
    fi

   # see what image.updates tells us
    typeset -i br
    typeset -i ncd
    typeset -i retval
   
    retval=0
   
    if [ -f $IMG_BASE/images/.image.updates ]; then
        NO_UPDATE=0
        prereq=`$CAT $IMG_BASE/images/.image.updates | $CUT -d':' -f 1`
        br=`$CAT $IMG_BASE/images/.image.updates | $CUT -d':' -f 2`
        ncd=`$CAT $IMG_BASE/images/.image.updates | $CUT -d':' -f 3`
       
        if [ $br -eq 1 ]; then
            # boot required - overrides all
            BOOT_REQUIRED=1
        fi
        if [ $ncd -eq 0 ]; then
            # no additional CDs/images to install
            NO_MORE_CD=1
        fi
        if [[ "$prereq" == "" ||     \
              "$prereq" == "NONE" || \
              "$prereq" == "none" ]]; then
               # no prereq'd indicated and there should be
            retval=$retval+48
        else
            if [ -x /opt/hsc/bin/check_prereqs ]; then
                /opt/hsc/bin/check_prereqs $prereq
                if [ $? -ne 0 ]; then
                    retval=0
                    PREREQ=1
                    exit_cleanup $retval
                fi
            fi
        fi
    else
        BOOT_REQUIRED=1
        NO_MORE_CD=1
        PREREQ=0
    fi  
}


if [ "$*" = "" ]; then
    echo "Usage: applyUpdates [cdrom | disk]"
    exit_cleanup 1
fi
trap "exit_cleanup 0" 2 3 5 9 15
export LANG=en_US
MOUNT_DIR=0
MEDIA=$1
IMG_BASE=$INSTALL_DIR
BOOT_REQUIRED=0
NO_MORE_CD=0
PREREQ=0
NO_UPDATE=1
if [ `/bin/df / -l -m | /usr/bin/tail +2 | /bin/awk '{print $4}'` -lt 100 ]
then
   exit_cleanup 9
fi

case $MEDIA in
      cdrom ) IMG_BASE=$CDROM_DIR
              MOUNTED=`mount | grep cdrom | wc -l`
              if [ $MOUNTED = '0' ]; then
                  mount $CDROM_DIR
                  if [ $? -ne 0 ]; then
                      echo "Unable to mount media" 1>&2
                  exit_cleanup 2
                  fi
              fi ;; 
       disk ) /usr/bin/unzip -o $IMG_BASE/*.zip -d $IMG_BASE
              if [ $? -ne 0 ]; then
                  echo "Error uncompressing package" 1>&2
                  exit_cleanup 3
              fi ;;
    install ) IMG_BASE=$2 ;;
    network ) ;;
          * ) extension=`echo ${MEDIA##*.}`
              case $extension in
                  iso | img ) MOUNT_DIR=1
                              /bin/mount -o loop $MEDIA $IMG_BASE ;;
                        zip ) /usr/bin/unzip -o $MEDIA -d $IMG_BASE ;;
                          * ) exit_cleanup 3 ;;
              esac
              if [ $? -ne 0 ]; then
                  echo "Error uncompressing package" 1>&2
                  exit_cleanup 3
              fi ;;
esac

echo "Verifying Certificate Information"
/opt/hsc/sbin/AuthImage $IMG_BASE
if [ $? -eq 0 ]; then
    $RM -f $MD5FILE
    cd $IMG_BASE
    echo "Authenticating Install Packages"
    $FIND images -type f -exec $MD5SUM {} \; >> $MD5FILE
    $SORT $MD5FILE | $MD5SUM | $CUT -f1 -d " " > $RESULT

    $OPENSSL x509 -subject -noout -in cert.pem |$CUT -f8 -d "=" > $CNFILE
    $DIFF $RESULT $CNFILE > /dev/null 2>&1

    if  [ $? -eq 0 ]; then
        echo "Installing Packages"
        InstallUpdates
    else
        $ECHO "Install package corruption. HMC not updated"
        exit_cleanup 4
    fi
else
    $ECHO "Authentication Failure. HMC not updated"
    $ECHO "Corrupted install image or incorrect time on HMC"
    $ECHO "Please verify the date/time of the hmc and retry"
    exit_cleanup 5
fi

rm -f $MD5FILE $RESULT $CNFILE

exit_cleanup 0
