#!/bin/sh
#
# * List of changes (generated via git log --oneline --decorate --pretty="format:%<(35)%ad %<(25)%an %s" ./recipes-connectivity/openssh/openssh-7.6p1/init)
#
# Timestamp                           Author                    Description
# --
# Mon May 21 17:42:25 2018 +0200      Nicolo Ongaro             BSP-1111 Make sure x11vnc starts in background
# Wed Nov 8 15:25:33 2017 +0100       Steven Dorigotti          BSP-893 Enable x11vnc and add x11vnc.conf file
# Wed Aug 10 18:33:24 2016 +0200      Steven Dorigotti          BSP-394 Provide a VNC Server solution for linux platform

# /etc/init.d/x11vnc: start and stop the VNC service
#
# *NOT A REAL INIT SCRIPT* - controlled by JMUConfig

NAME="x11vnc"
DAEMON="/usr/bin/${NAME}"
CONF="/etc/x11vnc/x11vnc.conf"
LOG="/var/log/x11vnc.log"
PWFILE="/etc/x11vnc/x11vnc_f.pw"
CERTFILE="/etc/x11vnc/x11vnc_f.pem"
CLIENTFILE="/etc/x11vnc/x11vnc_f.crt"
ISCERTFILE=0
ISCLIENTFILE=0

X11VNC_START_PARAM="services/x11vnc/autostart"
X11VNC_SWFLAG_OFFSET=6

CERTOPT=""
PWOPT=""

if test -f /etc/default/${NAME}; then
    . /etc/default/${NAME}
fi
X11VNC_OPTS="-noxinerama -bg -rc ${CONF} -o ${LOG} ${X11VNC_OPTS}"
export HOME="/home/$USER"  # env required for RAND_load_file() in SSL mode

die()
{
    echo $@
    exit 1
}

writesecurity()
{
    local res
    local key
    local cmd
    local tempfile

    if [ -f ${PWFILE} ]; then
        echo "Initializing pw file"
        key=${SS_DOMAIN_KEY}
        if [ -z ${key} ]; then
          key="."
        fi
        tempfile=$(mktemp /tmp/vncp.XXXXXX)
        cmd="dbus-send --print-reply --system --dest=com.exor.EPAD \"/Security\" com.exor.EPAD.Security.getSecrets string:'{ \"domain\":\"System\",\"domainkey\":\"${key}\",\"secretid\":\"VNC Password\",\"format\":\"text\" }'"
        res=`eval $cmd`
        if [ $? -ne 0 ]; then
           die "x11vnc: Unable to retrieve password"
        fi
        res=${res#*\"}
        res=${res::-1}
        /usr/bin/x11vnc -storepasswd "${res}" ${tempfile} &> /dev/null
        chmod 440 "${tempfile}"
        PWOPT="-rfbauth ${tempfile}"
    fi
    if [ -f ${CERTFILE} ]; then
        ISCERTFILE=1
    fi
    if [ -f ${CLIENTFILE} ]; then
        ISCLIENTFILE=1
    fi
    if [ ${ISCERTFILE} -eq 1 ] || [ ${ISCLIENTFILE} -eq 1 ]; then
        echo "Initializing cert file"
        key=${SS_DOMAIN_KEY}
        if [ -z ${key} ]; then
          key="."
        fi
        if [ ${ISCERTFILE} -eq 1 ]; then
          tempfile=$(mktemp /tmp/vncc.XXXXXX)
          cmd="dbus-send --print-reply --system --dest=com.exor.EPAD \"/Security\" com.exor.EPAD.Security.getSecrets string:'{ \"domain\":\"System\",\"domainkey\":\"${key}\",\"secretid\":\"VNC Certificate\",\"format\":\"file\",\"filepath\":\"${tempfile}\" }' > /dev/null"
          eval $cmd
          if [ $? -ne 0 ]; then
             die "x11vnc: Unable to retrieve server certificate"
          fi
          chmod 440 "${tempfile}"
          CERTOPT=${CERTOPT}" -ssl ${tempfile}"
        fi
        if [ ${ISCLIENTFILE} -eq 1 ]; then
          tempfile=$(mktemp /tmp/vncc.XXXXXX)
          cmd="dbus-send --print-reply --system --dest=com.exor.EPAD \"/Security\" com.exor.EPAD.Security.getSecrets string:'{ \"domain\":\"System\",\"domainkey\":\"${key}\",\"secretid\":\"VNC Client\",\"format\":\"file\",\"filepath\":\"${tempfile}\" }' > /dev/null"
          eval $cmd
          if [ $? -ne 0 ]; then
             die "x11vnc: Unable to retrieve client certificate"
          fi
          chmod 440 "${tempfile}"
          CERTOPT=${CERTOPT}" -sslverify ${tempfile}"
          if [ ${ISCERTFILE} -eq 0 ]; then
             CERTOPT=${CERTOPT}" -ssl TMP"
          fi
        fi
    fi
}

do_startnosecret()
{
    echo "Starting ${NAME} with opts: $X11VNC_OPTS $CERTOPT $PWOPT"

    start-stop-daemon -S -x "${DAEMON}" -- $X11VNC_OPTS $CERTOPT $PWOPT 2>&1 | logger
    [ $? -ne 0 ] && die "Failed starting daemon"

    echo "."
}

do_start()
{
    writesecurity
    do_startnosecret
}

do_stop()
{
    echo "Stopping ${NAME}"

    start-stop-daemon -K -x "${DAEMON}"
    [ $? -ne 0 ] && echo "Failed stopping daemon"

    echo "."
}

case "$1" in

  start)

    # X11VNC is enabled at boot by system parameter or by SWFlagArea bit
    if [ "$( cat /proc/$PPID/comm )" = "rc" ]; then
      . /etc/exorint.funcs

      autostart=$( sys_params $X11VNC_START_PARAM )
      ( [ $? -eq 0 -a "$autostart" = "true" ] || [ $( exorint_swflagarea_bit $X11VNC_SWFLAG_OFFSET ) -eq 1 ] ) || exit
    fi

    do_start
    ;;

  startnosecret)
    CERTOPT="${@:2}"
    do_startnosecret
    ;;

  stop)
    do_stop
    ;;

  restart)

    do_stop
    sleep 2
    do_start

    echo "."
    ;;

  *)
    echo "Usage: /etc/init.d/${NAME} {start|stop|restart}"
    exit 1
esac

exit 0
