#!/bin/bash
#
# Copyright (C) 2007 Novell Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License 2
# as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the
# Free Software Foundation, Inc.,
# 51 Franklin Street,
# Fifth Floor,
# Boston, MA  02110-1301,
# USA.
#
# $Id: create_sha1sums,v 1.3 2007/07/24 16:48:23 lrupp Exp lrupp $
#

SIGN="yes"
EXTRA="no"

function usage() {
	echo "Usage: `basename $0` <CD-Rootdir>"
	echo "       (re-)creates the SHA1SUM lines in the content file"
	echo "       and signs the content and products file"
	exit $1
}

function signit(){
	if [ "$(which sign)" != "" ]; then 
	  sign -d $1
	else
	  gpg -a -b $1
	fi
}

if [ ! $1 ]; then
    usage 1
fi

while getopts 'nsx' OPTION ; do
	case $OPTION in
		h) usage 0
		;;
		n) SIGN="no"
		;;
		x) EXTRA="yes"
		;;
	esac
done
shift $(( OPTIND - 1 ))

CDS_PRIM=$1

if [ "$1" = "." ]; then
	CDS_PRIM=`pwd`
fi

# prepare content file
CONTTMP=`mktemp $CDS_PRIM/content-XXXXXX`
grep -v "^META " $CDS_PRIM/content | grep -v "^KEY " > $CONTTMP
mv $CONTTMP $CDS_PRIM/content

# add pattern and packages files to content file
DESCRDIR=`grep DESCRDIR $CDS_PRIM/content | awk '" " { print $2 }'`
pushd $CDS_PRIM/$DESCRDIR >/dev/null
rm -f *.asc
sha1sum * 2>/dev/null | grep -v "MD5SUMS" | grep -v "directory.yast" | sed -e "s@^@META SHA1 @" >> $CDS_PRIM/content
popd >/dev/null

pushd $CDS_PRIM >/dev/null
if [ "$EXTRA" = "yes" ] ; then
    for i in license.tar.gz control.xml installation.xml media.1/info.txt ; do
	test -f $i || continue
	sha1sum $i 2>/dev/null | sed -e "s@^@HASH SHA1 @" >> $CDS_PRIM/content
    done
    for i in boot/*/root boot/*/root.fonts boot/*/rescue ; do
	test -f $i || continue
	sha1sum $i 2>/dev/null | sed -e "s@^@HASH SHA1 @" >> $CDS_PRIM/content
    done
fi

# TODO: add control.xml and installation.xml to content file
#test -f control.xml && sha1sum control.xml 2>/dev/null | sed -e "s@^@META SHA1 @" >> $CDS_PRIM/content
#test -f installation.xml && sha1sum installation.xml 2>/dev/null | sed -e "s@^@META SHA1 @" >> $CDS_PRIM/content
# add gpg-key files to content file
sha1sum gpg-pubkey-* 2>/dev/null | sed -e "s@^@KEY SHA1 @" >> $CDS_PRIM/content
popd >/dev/null

# signing part
if [ $SIGN="yes" ]; then
  REPOFILE=`find $CDS_PRIM -name repomd.xml 2>/dev/null`
  REPOFILE=${REPOFILE##$CDS_PRIM}
  REPOFILE=${REPOFILE##/}
  for file in content media.1/products $REPOFILE; do
	test -f $CDS_PRIM/${file}.asc && rm -f $CDS_PRIM/${file}.asc
	signit $CDS_PRIM/${file}
  done

  # GPG file handling starts here
  if [ -f $CDS_PRIM/pubring.gpg ]; then
	KEY_ID=`gpg --verify --no-default-keyring --keyring $CDS_PRIM/pubring.gpg $CDS_PRIM/content.asc $CDS_PRIM/content 2>&1 | sed -ne "s@.*key ID @@p" | tr [A-Z] [a-z]`
	KEY_FILE=`ls $CDS_PRIM/gpg-pubkey-$KEY_ID-* 2>/dev/null | tail -1`
	if [ -f "$KEY_FILE" ] ; then
		for file in media.1/products.key content.key; do
			test -f $CDS_PRIM/$file && rm $CDS_PRIM/$file
			cp -a $KEY_FILE $CDS_PRIM/$file
		done
		if [ x"$REPOFILE" != x"" ] ; then
			cp -a $KEY_FILE $REPOFILE.key
		fi
	else
		echo "ERROR:  Could not find public key file for $CDS_PRIM/pubring.gpg in $CDS_PRIM/gpg-pubkey-*"
	fi
  else
	echo "WARNING: CDS_PRIM/pubring.gpg not found"
  fi
fi

# make shure everything is readable for all
for file in content media.1/products $REPOFILE; do
	chmod 644 $CDS_PRIM/$file*
done
