#!/bin/bash
#
# Copyright (C) 2007 Novell Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License 2
# as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the
# Free Software Foundation, Inc.,
# 51 Franklin Street,
# Fifth Floor,
# Boston, MA  02110-1301,
# USA.
#
# $Id: create_sha1sums 419 2011-05-05 10:13:45Z ro $
#

SIGN="yes"
SIGN_OPTS=""
INCLUDE_SHA1SUMS="no"
EXTRA="no"

CHECKSUM="sha1sum"
CHECKSUM_T="SHA1"
CHECKSUM_F="SHA1SUMS"
CHECKSUM_O=""

unset LANGUAGE
unset LANG
export LC_ALL=POSIX
umask 022

function usage() {
	echo "Usage: `basename $0` [OPTIONS] <CD-Rootdir>"
	echo "       -n : don't re-sign the generated files"
	echo "       -m : include SHA1SUMS files (or CHECKSUMS files for others)"
	echo "       -2 : use sha256 instead of sha1"
	echo "       -x : add sha1sums for extra files"
	echo
	echo "       (re-)creates the SHA*SUM lines in the content file"
	echo "       and signs the content and products file"
	exit $1
}

function signit(){
	if [ "$(which sign 2>/dev/null)" != "" ]; then 
	  sign $SIGN_OPTS -d $1
	  sign $SIGN_OPTS -p > $1.key
	else
	  gpg -a -b $1
	  KEY_ID=`gpg -b < /dev/null | gpg --list-packets | sed -n -e "/^:signature/s@.*keyid @@p"`
	  gpg --export --armor $KEY_ID > $1.key
	fi
}

while getopts 'hnmx2s:' OPTION ; do
	case $OPTION in
		h) usage 0
		;;
		m) INCLUDE_SHA1SUMS="yes"
		;;
		n) SIGN="no"
		;;
		s) SIGN_OPTS=$OPTARG
		;;
		x) EXTRA="yes"
		;;
		2)	CHECKSUM="sha256sum"
			CHECKSUM_T="SHA256"
			CHECKSUM_F="CHECKSUMS"
			CHECKSUM_O="-2"
		;;
	esac
done
shift $(( OPTIND - 1 ))

if [ ! "$1" ]; then
    usage 1
fi

CDS_PRIM=$1

if [ "$1" = "." ]; then
	CDS_PRIM=$(pwd)
fi

# prepare content file
CONTTMP=$(mktemp $CDS_PRIM/content-XXXXXX)
grep -v "^META " $CDS_PRIM/content | grep -v "^KEY " | grep -v "^HASH SHA" > $CONTTMP
mv $CONTTMP $CDS_PRIM/content

# add pattern and packages files to content file
DESCRDIR=`grep DESCRDIR $CDS_PRIM/content | awk '" " { print $2 }'`
if [ -z "$DESCRDIR" ]; then
	DESCRDIR="suse/setup/descr"
fi
if test -d $CDS_PRIM/$DESCRDIR ; then
  pushd $CDS_PRIM/$DESCRDIR >/dev/null
  rm -f *.asc
  $CHECKSUM * 2>/dev/null | grep -v "MD5SUMS" | grep -v "directory.yast" | sed -e "s@^@META $CHECKSUM_T @" >> $CDS_PRIM/content
  popd >/dev/null
fi
pushd $CDS_PRIM >/dev/null
if [ "$EXTRA" = "yes" ] ; then
    for i in license.tar.gz control.xml installation.xml media.1/info.txt media.1/license.zip y2update.tgz driverupdate; do
        test -f $i || continue
        $CHECKSUM $i 2>/dev/null | sed -e "s@^@HASH $CHECKSUM_T @" >> $CDS_PRIM/content
    done
    for i in boot/*/* boot/*/loader/linux boot/*/loader/initrd boot/*/loader/*.spl docu/* images/* ; do
    	test -f $i || continue
        $CHECKSUM $i 2>/dev/null | sed -e "s@^@HASH $CHECKSUM_T @" >> $CDS_PRIM/content
    done
	# check if we need to include additional files for > 11.0
	if grep -q CONTENTSTYLE $CDS_PRIM/content; then
		DATADIR=$(grep DATADIR content | awk '" " { print $2 }')
		if [ -d "$CDS_PRIM/$DATADIR/setup/slide" ]; then
			SLIDESHOWDIR="$CDS_PRIM/$DATADIR/setup/slide"
		fi
		if test -n "$SLIDESHOWDIR" -a -d "$SLIDESHOWDIR" ; then
			/usr/bin/create_sha1sum $CHECKSUM_O --quiet "$SLIDESHOWDIR"
		fi
		if [ $SIGN = "yes" ]; then
			for sha1sumfile in $(find $SLIDESHOWDIR -name $CHECKSUM_F); do
				signit "$sha1sumfile"
			done
		fi
	fi

fi
if [ "$INCLUDE_SHA1SUMS" = "yes" ]; then
    for i in $(find $CDS_PRIM/ -name $CHECKSUM_F | sed -e "s|./||"); do
        test -f $i || continue
        $CHECKSUM $i 2>/dev/null | sed -e "s@^@HASH $CHECKSUM_T @" >> $CDS_PRIM/content
    done
fi

# add gpg-key files to content file
$CHECKSUM gpg-pubkey-* 2>/dev/null | sed -e "s@^@KEY $CHECKSUM_T  @" >> $CDS_PRIM/content
popd >/dev/null

# signing part
if [ $SIGN = "yes" ]; then
  REPOFILE=`find $CDS_PRIM -type f -name repomd.xml 2>/dev/null`
  REPOFILE=${REPOFILE##$CDS_PRIM}
  REPOFILE=${REPOFILE##/}
  for file in content media.1/products $REPOFILE; do
	test -f $CDS_PRIM/${file}.asc && rm -f $CDS_PRIM/${file}.asc
	test -f $CDS_PRIM/${file} || continue
	signit $CDS_PRIM/${file}
  done
fi

# make sure everything is readable for all
for file in content media.1/products $REPOFILE; do
	for xfile in $CDS_PRIM/$file* ; do
		test -e $xfile || continue
		chmod 644 $xfile
	done
done
