#! /bin/sh

if test -z "${GLOBUS_LOCATION}"; then
    echo ""
    echo "ERROR: Please set GLOBUS_LOCATION to the Globus installation directory before"
    echo "running this script"
    echo ""
    exit 1
fi

. ${GLOBUS_LOCATION}/libexec/globus-script-initializer

secconfdir=${TRUSTED_CA_DIR-/etc/grid-security/certificates/}

# create a globus-ssl.conf file with the proper o's and ou's


ssl_conf=${GLOBUS_LOCATION}/setup/globus/globus-ssl.conf
ssl_user_conf=$secconfdir/globus-user-ssl.conf.80feec25
ssl_host_conf=$secconfdir/globus-host-ssl.conf.80feec25

tmp_ssl_conf=$tmpdir/globus-ssl.conf
security_conf=$secconfdir/grid-security.conf.80feec25

${GLOBUS_SH_SED-sed} -e "1,/BEGIN CONFIG/p" -e d < $ssl_conf > $tmp_ssl_conf.1.$$
${GLOBUS_SH_SED-sed} -e "/END CONFIG/,\$p" -e d < $ssl_conf > $tmp_ssl_conf.3.$$

if test \! -r ${security_conf} ; then
    echo "Cannot read ${security_conf}"
    exit 1
fi

. "${security_conf}"

ldap_dn_to_ssl_dn() {
    echo "$1" | ${GLOBUS_SH_AWK-awk} '
BEGIN     { FS = ","; lastorg=0; lastou=0; } 

{ 
    split($0, b, ",");
    i=1;
    while(b[i] != "")
    {
        split(b[i],c,"=");
        if(tolower(c[1]) ~ /ou/)
        { 
            ou[lastou++]=c[2];
        }
        else if(tolower(c[1]) ~ /c/)
        {
            country=c[2];
        }
        else if(tolower(c[1]) ~ /o/)
        {
            org[lastorg++]=c[2];
        }
        i++;
    }
}

END {
    if(country) {
        print  "countryName                     = Country Name (2 letter code)";
        printf("countryName_default             = %s\n",country);
        print  "countryName_min                 = 2";
        print  "countryName_max                 = 2";
    }

    for(i = lastorg; i > 0; i--)
    {
        printf("%d.organizationName               = Level %d Organization\n",lastorg-i,lastorg-i);
        printf("%d.organizationName_default       = %s\n", lastorg-i, org[i-1]);
    }
    for(i = lastou; i > 0; i--)
    {
        printf("%d.organizationalUnitName          = Level %d Organizational Unit\n",lastou-i,lastou-i);
        printf("%d.organizationalUnitName_default = %s\n", lastou-i, ou[i-1]);
    }

    print      "commonName                      = Name (e.g., John M. Smith)";
    print      "commonName_max                  = 64";
}
'
}

${GLOBUS_SH_CAT-cat} ${tmp_ssl_conf}.1.$$ > $ssl_user_conf
${GLOBUS_SH_CAT-cat} ${tmp_ssl_conf}.1.$$ > $ssl_host_conf

ldap_dn_to_ssl_dn "$GSI_USER_BASE_DN" >> $ssl_user_conf
ldap_dn_to_ssl_dn "$GSI_HOST_BASE_DN" >> $ssl_host_conf

${GLOBUS_SH_CAT-cat} ${tmp_ssl_conf}.3.$$ >> $ssl_user_conf
${GLOBUS_SH_CAT-cat} ${tmp_ssl_conf}.3.$$ >> $ssl_host_conf

trap '${GLOBUS_SH_RM-rm} -f ${tmp_ssl_conf}.1.$$ ${tmp_ssl_conf}.3.$$' 0

${GLOBUS_SH_CHMOD-chmod} 644 ${ssl_user_conf}
${GLOBUS_SH_CHMOD-chmod} 644 ${ssl_host_conf}