#!/bin/bash

# Compile server manager for systemtap
#
# Copyright (C) 2008, 2009 Red Hat Inc.
#
# This file is part of systemtap, and is free software.  You can
# redistribute it and/or modify it under the terms of the GNU General
# Public License (GPL); either version 2, or (at your option) any
# later version.

# This script publishes its presence on the network and then listens for
# incoming connections. When a connection is detected, the stap-server script
# is run to handle the request.

# Catch ctrl-c and other termination signals
trap 'terminate' SIGTERM SIGINT

#-----------------------------------------------------------------------------
# Helper functions.
#-----------------------------------------------------------------------------
# function: initialization PORT
function initialization {
    # INSTALL-HOOK These settings work for running the server from the source tree
    # INSTALL-HOOK using the dejagnu test harness and will be overridden at install
    # INSTALL-HOOK time.
    exec_prefix=
    sysconfdir=`pwd`/net

    # Default settings.
    avahi_type=_stap._tcp

    # What port will we listen on?
    port=$1
    test "X$port" = "X" && port=65000
    while netstat -atn | awk '{print $4}' | cut -f2 -d: | egrep -q "^$port\$";
    do
        # Whoops, the port is busy; try another one.
	echo "$0: Port $port is busy"
        port=$((1024+($port + $RANDOM)%64000))
    done

    # Where is the ssl certificate/key database?
    ssl_db=$2
    if test "X$ssl_db" = "X"; then
	# If no certificate/key database has been specified, then find/create
	# a local one.
	if test $EUID = 0; then
	    ssl_db=$sysconfdir/systemtap/ssl/server
	else
	    ssl_db=$HOME/.systemtap/ssl/server
	fi
	if ! test -f $ssl_db/stap-server.cert; then
	    ${exec_prefix}stap-gen-server-cert `dirname $ssl_db` || exit 1
            # Now add the server's certificate to the client's database,
	    # making it a trusted peer. Do this only if the client has been installed.
	    if test -f `which ${exec_prefix}stap-add-server-cert` -a -x `which ${exec_prefix}stap-add-server-cert`; then
		${exec_prefix}stap-add-server-cert $ssl_db/stap-server.cert `dirname $ssl_db`/client
	    fi
	fi
    fi

    # Check the security of the database.
    check_db $ssl_db

    nss_pw=$ssl_db/pw
    nss_cert=stap-server
}

# function: advertise_presence
#
# Advertise the availability of the server on the network.
function advertise_presence {
    # Build up a string representing our server's properties.
    # TODO: this needs fleshing out.
    local sysinfo=`uname -rvm`
    local txt="sysinfo=$sysinfo"

    # Call avahi-publish-service to advertise our presence.
    avahi-publish-service "Systemtap Compile Server on `uname -n`" \
	$avahi_type $port "$txt" > /dev/null 2>&1 &

    echo "Systemtap Compile Server on `uname -n` listening on port $port"
}

# function: listen
#
# Listen for and handle requests to the server.
function listen {
    # The stap-server-connect program will listen forever
    # accepting requests.
    ${exec_prefix}stap-server-connect -p $port -n $nss_cert -d $ssl_db -w $nss_pw 2>&1 &
    wait '%${exec_prefix}stap-server-connect' >/dev/null 2>&1
}

# function: check_db DBNAME
#
# Check the security of the given database directory.
function check_db {
    local dir=$1
    local rc=0

    # Check that we have been given a directory
    if ! test -e $dir; then
	warning "Certificate database '$dir' does not exist"
	return 1
    fi
    if ! test -d $dir; then
	warning "Certificate database '$dir' is not a directory"
	return 1
    fi

    # Check that we can read the directory
    if ! test -r $dir; then
	warning "Certificate database '$dir' is not readble"
	rc=1
    fi

    # We must be the owner of the database.
    local ownerid=`stat -c "%u" $dir`
    if test "X$ownerid" != "X$EUID"; then
	warning "Certificate database '$dir' must be owned by $USER"
	rc=1
    fi

    # Check the access permissions of the directory
    local perm=0`stat -c "%a" $dir`
    if test $((($perm & 0400) == 0400)) = 0; then
	warning "Certificate database '$dir' should be readable by the owner"
    fi
    if test $((($perm & 0200) == 0200)) = 0; then
	warning "Certificate database '$dir' should be writeable by the owner"
    fi
    if test $((($perm & 0100) == 0100)) = 0; then
	warning "Certificate database '$dir' should be searchable by the owner"
    fi
    if test $((($perm & 0040) == 0040)) = 0; then
	warning "Certificate database '$dir' should be readable by the group"
    fi
    if test $((($perm & 0020) == 0020)) = 1; then
	warning "Certificate database '$dir' must not be writable by the group"
	rc=1
    fi
    if test $((($perm & 0010) == 0010)) = 0; then
	warning "Certificate database '$dir' should be searchable by the group"
    fi
    if test $((($perm & 0004) == 0004)) = 0; then
	warning "Certificate database '$dir' should be readable by others"
    fi
    if test $((($perm & 0002) == 0002)) = 1; then
	warning "Certificate database '$dir' must not be writable by others"
	rc=1
    fi
    if test $((($perm & 0001) == 0001)) = 0; then
	warning "Certificate database '$dir' should be searchable by others"
    fi

    # Now check the permissions of the critical files.
    check_db_file $dir/cert8.db || rc=1
    check_db_file $dir/key3.db || rc=1
    check_db_file $dir/secmod.db || rc=1
    check_db_file $dir/pw || rc=1
    check_cert_file $dir/stap-server.cert || rc=1

    test $rc = 1 && fatal "Unable to use certificate database '$dir' due to errors"

    return $rc
}

# function: check_db_file FILENAME
#
# Check the security of the given database file.
function check_db_file {
    local file=$1
    local rc=0

    # Check that we have been given a file
    if ! test -e $file; then
	warning "Certificate database file '$file' does not exist"
	return 1
    fi
    if ! test -f $file; then
	warning "Certificate database file '$file' is not a regular file"
	return 1
    fi

    # We must be the owner of the file.
    local ownerid=`stat -c "%u" $file`
    if test "X$ownerid" != "X$EUID"; then
	warning "Certificate database file '$file' must be owned by $USER"
	rc=1
    fi

    # Check that we can read the file
    if ! test -r $file; then
	warning "Certificate database file '$file' is not readble"
	rc=1
    fi

    # Check the access permissions of the file
    local perm=0`stat -c "%a" $file`
    if test $((($perm & 0400) == 0400)) = 0; then
	warning "Certificate database file '$file' should be readable by the owner"
    fi
    if test $((($perm & 0200) == 0200)) = 0; then
	warning "Certificate database file '$file' should be writeable by the owner"
    fi
    if test $((($perm & 0100) == 0100)) = 1; then
	warning "Certificate database file '$file' must not be executable by the owner"
	rc=1
    fi
    if test $((($perm & 0040) == 0040)) = 1; then
	warning "Certificate database file '$file' must not be readable by the group"
	rc=1
    fi
    if test $((($perm & 0020) == 0020)) = 1; then
	warning "Certificate database file '$file' must not be writable by the group"
	rc=1
    fi
    if test $((($perm & 0010) == 0010)) = 1; then
	warning "Certificate database file '$file' must not be executable by the group"
	rc=1
    fi
    if test $((($perm & 0004) == 0004)) = 1; then
	warning "Certificate database file '$file' must not be readable by others"
	rc=1
    fi
    if test $((($perm & 0002) == 0002)) = 1; then
	warning "Certificate database file '$file' must not be writable by others"
	rc=1
    fi
    if test $((($perm & 0001) == 0001)) = 1; then
	warning "Certificate database file '$file' must not be executable by others"
	rc=1
    fi

    return $rc
}

# function: check_db_file FILENAME
#
# Check the security of the given database file.
function check_cert_file {
    local file=$1
    local rc=0

    # Check that we have been given a file
    if ! test -e $file; then
	warning "Certificate database file '$file' does not exist"
	return 1
    fi
    if ! test -f $file; then
	warning "Certificate database file '$file' is not a regular file"
	return 1
    fi

    # We must be the owner of the file.
    local ownerid=`stat -c "%u" $file`
    if test "X$ownerid" != "X$EUID"; then
	warning "Certificate file '$file' must be owned by $USER"
	rc=1
    fi

    # Check the access permissions of the file
    local perm=0`stat -c "%a" $file`
    if test $((($perm & 0400) == 0400)) = 0; then
	warning "Certificate file '$file' should be readable by the owner"
    fi
    if test $((($perm & 0200) == 0200)) = 0; then
	warning "Certificate file '$file' should be writeable by the owner"
    fi
    if test $((($perm & 0100) == 0100)) = 1; then
	warning "Certificate file '$file' must not be executable by the owner"
	rc=1
    fi
    if test $((($perm & 0040) == 0040)) = 0; then
	warning "Certificate file '$file' should be readable by the group"
    fi
    if test $((($perm & 0020) == 0020)) = 1; then
	warning "Certificate file '$file' must not be writable by the group"
	rc=1
    fi
    if test $((($perm & 0010) == 0010)) = 1; then
	warning "Certificate file '$file' must not be executable by the group"
	rc=1
    fi
    if test $((($perm & 0004) == 0004)) = 0; then
	warning "Certificate file '$file' should be readable by others"
    fi
    if test $((($perm & 0002) == 0002)) = 1; then
	warning "Certificate file '$file' must not be writable by others"
	rc=1
    fi
    if test $((($perm & 0001) == 0001)) = 1; then
	warning "Certificate file '$file' must not be executable by others"
	rc=1
    fi

    return $rc
}

# function: warning [ MESSAGE ]
#
# Warning error
# Prints its arguments to stderr
function warning {
    echo "$0: WARNING:" "$@" >&2
}

# function: fatal [ MESSAGE ]
#
# Fatal error
# Prints its arguments to stderr and exits
function fatal {
    echo "$0: ERROR:" "$@" >&2
    terminate
    exit 1
}

# function: terminate
#
# Terminate gracefully.
function terminate {
    echo "$0: Exiting"

    # Kill the running 'avahi-publish-service' job
    kill -s SIGTERM '%avahi-publish-service' 2> /dev/null
    wait '%avahi-publish-service' >/dev/null 2>&1

    # Kill any running 'stap-server-connect' job.
    kill -s SIGTERM '%${exec_prefix}stap-server-connect' 2> /dev/null
    wait '%${exec_prefix}stap-server-connect'  >/dev/null 2>&1

    exit
}

#-----------------------------------------------------------------------------
# Beginning of main line execution.
#-----------------------------------------------------------------------------
initialization "$@"
advertise_presence
listen
