#!/bin/ksh -p
#
# ident "@(#)utauthd.sh	1.42	11/03/06 Oracle"
#
# Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved.
#

function usage {
	print -u2 "$prog: unknown option $OPTARG"
	print -u2 "Usage: $prog [-b|-e] [-s signal] [-n fds]"
	print -u2 "    -e # End execution of authentication manager"
	print -u2 "    -s # Signal to send to utauthd"
	print -u2 "    -b # Begin execution of authentication manager (default)"
	print -u2 "    -n # Number of file descriptors to make available"
	exit 1
}

function checkJavaVersion {
#
# Returns 0, if java version is greater than or equal to 1.5
# otherwise returns 1
#
	PRODVERS=$(/etc/opt/SUNWut/basedir/lib/utprodinfo -p SUNWuto PRODVERS)
	. $SUNWUTLIB/support_lib/util_lib
	if [ ! -x $JAVA ]
	then
		print -u2 "Cannot find $JAVA"
		exit 1
	fi

	JAVA_VERSION=$($JAVA -version 2>&1 | \
		sed -n '1s/java version "\([0-9.]*\).*"/\1/p')
	if [[ -z "$JAVA_VERSION" ]]; then
		print -u2 "Unable to determine the Java version installed on this server."
		exit 1
	fi
	CompareVersion ${JAVA_VERSION} "1.5"
	if [[ $? -eq 2 ]]; then
		# installed Java version is older than 1.5
    		print -u2 "Supported java version not found in $JAVA_HOME.\n"\
"Please refer to the SRSS ${PRODVERS} release guide for the supported java version(s)."
		exit 1
	fi
	return 0
}

# compare pids on stdin to see if any match function arguments
function isPIDInList {
	while read newpid
	do
		for pid
		do
			if [ $pid = $newpid ]
			then
				return 0
			fi
		done
	done
	return 1
}

function findAuthdPIDS {
	pgrep -f "^$JAVA .* auth.utauthd.utauthd"
}

################################################################
#
# MAIN
#
################################################################

PATH=/bin:/usr/bin:/usr/sbin
export PATH
ROOTDIR=/

cd $ROOTDIR
SUNWUTLIB=/opt/SUNWut/lib

ETCDIR=/etc/opt/SUNWut
JAVA_HOME=$ETCDIR/jre
JAVA=$JAVA_HOME/bin/java
OPTIONS="-client"

CLASSPATH=$JAVA_HOME/lib/:$JAVA_HOME/jre/lib/rt.jar
CLASSPATH=$SUNWUTLIB/utauthd.jar:$CLASSPATH
CLASSPATH=$SUNWUTLIB/sdk.jar:$CLASSPATH
CLASSPATH=$SUNWUTLIB/protocol.jar:$CLASSPATH
CLASSPATH=$SUNWUTLIB/utils.jar:$CLASSPATH
CLASSPATH=$(print $SUNWUTLIB/modules/AuthModule*.jar | tr ' ' ':'):$CLASSPATH
if [ -f "$SUNWUTLIB/admin.jar" ]
then
	CLASSPATH=$SUNWUTLIB/admin.jar:$CLASSPATH
fi
export CLASSPATH

export LD_LIBRARY_PATH=$SUNWUTLIB

action=""
signal=TERM
#maxfds=$(ulimit -n)
maxfds=9000

prog=${0##*/}
while getopts bdens c
do
	case $c in
	b)	# Begin
		[[ -n "$action" ]] && usage || action="start"
		;;
	e)	# End
		[[ -n "$action" ]] && usage || action="stop"
		;;
	s)	# Signal
		signal=$OPTARG
		;;
	n)	# Max number of file descriptors
		maxfds=$OPTARG
		;;
	\?)
		usage;
		;;
	esac
done

[[ -z "$action" ]] && action=start

if [[ $action == start ]]
then
	checkJavaVersion	# this routine will exit if incorrect Java is installed
	ulimit -n $maxfds	# Default number of file descriptors is usually 64

	CURR_POLICY=$($SUNWUTLIB/utglpolicy 2>/dev/null)

	if [[ $? -eq 0 ]]
	then
		$SUNWUTLIB/utgenpolicy $CURR_POLICY
	fi

	exec env -i	\
		PATH="$PATH"	\
		CLASSPATH="$CLASSPATH:$LD_LIBRARY_PATH"	\
		LD_LIBRARY_PATH="$LD_LIBRARY_PATH"	\
		JAVA_HOME=$JAVA_HOME			\
	         $JAVA $OPTIONS auth.utauthd.utauthd 
else
	PIDS=`findAuthdPIDS`
	if [ -n "$PIDS" ]
	then
		kill -$signal $PIDS

		typeset -i INTERVAL=1
		while true
		do
			sleep $INTERVAL
			NEWPIDS=`findAuthdPIDS`
			if [ -n "$NEWPIDS" ] \
				&& print "$NEWPIDS" | isPIDInList $PIDS
			then
				# if any new authds have tried to start up
				# before the old ones have exited, they can't be
				# working properly so kill off the whole new list
				PIDS=$NEWPIDS
				if [ $INTERVAL -lt 16 ]
				then
					kill -$signal $PIDS
					# exponential backoff
					let INTERVAL="$INTERVAL * 2"
					continue
				else
					# give up - bring out the big hammer
					print -u2 "$prog: ERROR: utauthd not exiting, SIGKILL issued"
					kill -KILL $PIDS
				fi
			fi
			break	
		done
	fi
fi
