#!/bin/bash
#
# Copyright (C) 2007 Novell Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License 2
# as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the
# Free Software Foundation, Inc.,
# 51 Franklin Street,
# Fifth Floor,
# Boston, MA  02110-1301,
# USA.
#
# $Id: create_sha1sums 109 2009-03-06 15:29:58Z lrupp $
#

SIGN="yes"
SIGN_OPTS=""
INCLUDE_SHA1SUMS="no"
EXTRA="no"

function usage() {
	echo "Usage: `basename $0` [OPTIONS] <CD-Rootdir>"
    echo "       -n : don't re-sign the generated files"
    echo "       -m : include SHA1SUMS files"
    echo "       -x : add sha1sums for extra files"
    echo
	echo "       (re-)creates the SHA1SUM lines in the content file"
	echo "       and signs the content and products file"
	exit $1
}

function signit(){
	if [ "$(which sign 2>/dev/null)" != "" ]; then 
	  sign $SIGN_OPTS -d $1
	else
	  gpg -a -b $1
	fi
}

while getopts 'hnmxs:' OPTION ; do
	case $OPTION in
		h) usage 0
		;;
        m) INCLUDE_SHA1SUMS="yes"
        ;;
		n) SIGN="no"
		;;
		s) SIGN_OPTS=$OPTARG
		;;
		x) EXTRA="yes"
		;;
	esac
done
shift $(( OPTIND - 1 ))

if [ ! "$1" ]; then
    usage 1
fi

CDS_PRIM=$1

if [ "$1" = "." ]; then
	CDS_PRIM=$(pwd)
fi

# prepare content file
CONTTMP=$(mktemp $CDS_PRIM/content-XXXXXX)
grep -v "^META " $CDS_PRIM/content | grep -v "^KEY " | grep -v "^HASH SHA1" > $CONTTMP
mv $CONTTMP $CDS_PRIM/content

# add pattern and packages files to content file
DESCRDIR=`grep DESCRDIR $CDS_PRIM/content | awk '" " { print $2 }'`
if [ -z "$DESCRDIR" ]; then
	DESCRDIR="suse/setup/descr"
fi
if test -d $CDS_PRIM/$DESCRDIR ; then
  pushd $CDS_PRIM/$DESCRDIR >/dev/null
  rm -f *.asc
  sha1sum * 2>/dev/null | grep -v "MD5SUMS" | grep -v "directory.yast" | sed -e "s@^@META SHA1 @" >> $CDS_PRIM/content
  popd >/dev/null
fi
pushd $CDS_PRIM >/dev/null
if [ "$EXTRA" = "yes" ] ; then
    for i in license.tar.gz control.xml installation.xml media.1/info.txt media.1/license.zip y2update.tgz driverupdate; do
        test -f $i || continue
        sha1sum $i 2>/dev/null | sed -e "s@^@HASH SHA1 @" >> $CDS_PRIM/content
    done
    for i in boot/*/* boot/*/loader/linux boot/*/loader/initrd boot/*/loader/*.spl docu/* images/* ; do
    	test -f $i || continue
        sha1sum $i 2>/dev/null | sed -e "s@^@HASH SHA1 @" >> $CDS_PRIM/content
    done
	# check if we need to include additional files for > 11.0
	if grep -q CONTENTSTYLE $CDS_PRIM/content; then
		DATADIR=$(grep DATADIR content | awk '" " { print $2 }')
		if [ -d "$CDS_PRIM/$DATADIR/setup/slide" ]; then
			SLIDESHOWDIR="$CDS_PRIM/$DATADIR/setup/slide"
		fi
		if test -n "$SLIDESHOWDIR" -a -d "$SLIDESHOWDIR" ; then
			/usr/bin/create_sha1sum --quiet "$SLIDESHOWDIR"
		fi
		for sha1sumfile in $(find $SLIDESHOWDIR -name SHA1SUMS); do
			signit "$sha1sumfile"
		done
	fi

fi
if [ "$INCLUDE_SHA1SUMS" = "yes" ]; then
    for i in $(find $CDS_PRIM/ -name SHA1SUMS | sed -e "s|./||"); do
        test -f $i || continue
        sha1sum $i 2>/dev/null | sed -e "s@^@HASH SHA1 @" >> $CDS_PRIM/content
    done
fi

# add gpg-key files to content file
sha1sum gpg-pubkey-* 2>/dev/null | sed -e "s@^@KEY SHA1  @" >> $CDS_PRIM/content
popd >/dev/null

# signing part
if [ $SIGN = "yes" ]; then
  REPOFILE=`find $CDS_PRIM -type f -name repomd.xml 2>/dev/null`
  REPOFILE=${REPOFILE##$CDS_PRIM}
  REPOFILE=${REPOFILE##/}
  for file in content media.1/products $REPOFILE; do
	test -f $CDS_PRIM/${file}.asc && rm -f $CDS_PRIM/${file}.asc
	test -f $CDS_PRIM/${file} || continue
	signit $CDS_PRIM/${file}
  done

  # GPG file handling starts here
  if [ -f $CDS_PRIM/pubring.gpg ]; then
	KEY_ID=`gpg --verify --no-default-keyring --keyring $CDS_PRIM/pubring.gpg $CDS_PRIM/content.asc $CDS_PRIM/content 2>&1 | sed -ne "s@.*key ID @@p" | tr [A-Z] [a-z]`
	KEY_FILE=`ls $CDS_PRIM/gpg-pubkey-$KEY_ID-* 2>/dev/null | tail -1`
	if [ -f "$KEY_FILE" ] ; then
		for file in media.1/products.key content.key; do
			test -f $CDS_PRIM/$file && rm $CDS_PRIM/$file
			cp -a $KEY_FILE $CDS_PRIM/$file
		done
		if [ x"$REPOFILE" != x"" ] ; then
			cp -a $KEY_FILE $CDS_PRIM/$REPOFILE.key
		fi
        if [ -n "$SLIDESHOWDIR" ]; then
            for sha1sumfile in $(find $SLIDESHOWDIR -name SHA1SUMS); do
                cp -a $KEY_FILE ${sha1sumfile}.key
                # XXXX: check if this is needed
                create_directory.yast $(dirname "$sha1sumfile")
            done
        fi
	else
		echo "ERROR:  Could not find public key file for $CDS_PRIM/pubring.gpg in $CDS_PRIM/gpg-pubkey-*" >&2
	fi
  else
	echo "WARNING: CDS_PRIM/pubring.gpg not found" >&2
  fi
fi

# make sure everything is readable for all
for file in content media.1/products $REPOFILE; do
	for xfile in $CDS_PRIM/$file* ; do
		test -e $xfile || continue
		chmod 644 $xfile
	done
done