#!/usr/bin/env bash

# monkeysphere-host: Monkeysphere host admin tool
#
# The monkeysphere scripts are written by:
# Jameson Rollins <jrollins@fifthhorseman.net>
# Jamie McClelland <jm@mayfirst.org>
# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
#
# They are Copyright 2008, and are all released under the GPL, version 3
# or later.

########################################################################
PGRM=$(basename $0)

SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
export SYSSHAREDIR
. "${SYSSHAREDIR}/common" || exit 1

SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere/host"}
export SYSDATADIR

# monkeysphere temp directory, in sysdatadir to enable atomic moves of
# authorized_keys files
MSTMPDIR="${SYSDATADIR}/tmp"
export MSTMPDIR

# UTC date in ISO 8601 format if needed
DATE=$(date -u '+%FT%T')

# unset some environment variables that could screw things up
unset GREP_OPTIONS

# default return code
RETURN=0

########################################################################
# FUNCTIONS
########################################################################

usage() {
    cat <<EOF >&2
usage: $PGRM <subcommand> [options] [args]
Monkeysphere host admin tool.

subcommands:
 show-key (s)                        output all host key information
 extend-key (e) EXPIRE               extend host key expiration
 add-hostname (n+) NAME[:PORT]       add hostname user ID to host key
 revoke-hostname (n-) NAME[:PORT]    revoke hostname user ID
 add-revoker (o) FINGERPRINT         add a revoker to the host key
 revoke-key (r)                      revoke host key
 publish-key (p)                     publish server host key to keyserver

 expert
  import-key (i)                     import existing ssh key to gpg
   --hostname (-h) NAME[:PORT]         hostname for key user ID
   --keyfile (-f) FILE                 key file to import
   --expire (-e) EXPIRE                date to expire
  gen-key (g)                        generate gpg key for the host
   --hostname (-h) NAME[:PORT]         hostname for key user ID
   --length (-l) BITS                  key length in bits (2048)
   --expire (-e) EXPIRE                date to expire
   --revoker (-r) FINGERPRINT          add a revoker
  diagnostics (d)                    monkeysphere host status

 version (v)                         show version number
 help (h,?)                          this help

EOF
}

# function to run command as monkeysphere user
su_monkeysphere_user() {
    # if the current user is the monkeysphere user, then just eval
    # command
    if [ $(id -un) = "$MONKEYSPHERE_USER" ] ; then
	eval "$@"

    # otherwise su command as monkeysphere user
    else
	su "$MONKEYSPHERE_USER" -c "$@"
    fi
}

# function to interact with the host gnupg keyring
gpg_host() {
    local returnCode

    GNUPGHOME="$GNUPGHOME_HOST"
    export GNUPGHOME

    # NOTE: we supress this warning because we need the monkeysphere
    # user to be able to read the host pubring.  we realize this might
    # be problematic, but it's the simplest solution, without too much
    # loss of security.
    gpg --no-permission-warning "$@"
    returnCode="$?"

    # always reset the permissions on the host pubring so that the
    # monkeysphere user can read the trust signatures
    chgrp "$MONKEYSPHERE_USER" "${GNUPGHOME_HOST}/pubring.gpg"
    chmod g+r "${GNUPGHOME_HOST}/pubring.gpg"
    
    return "$returnCode"
}

# check if user is root
is_root() {
    [ $(id -u 2>/dev/null) = '0' ]
}

# check that user is root, for functions that require root access
check_user() {
    is_root || failure "You must be root to run this command."
}

# output just key fingerprint
fingerprint_server_key() {
    # set the pipefail option so functions fails if can't read sec key
    set -o pipefail

    gpg_host --list-secret-keys --fingerprint \
	--with-colons --fixed-list-mode 2> /dev/null | \
	grep '^fpr:' | head -1 | cut -d: -f10 2>/dev/null
}

# function to check for host secret key
check_host_keyring() {
    fingerprint_server_key >/dev/null \
	|| failure "You don't appear to have a Monkeysphere host key on this server.  Please run 'monkeysphere-server gen-key' first."
}

# show info about the host key
show_key() {
    local fingerprintPGP
    local fingerprintSSH
    local ret=0

    # FIXME: you shouldn't have to be root to see the host key fingerprint
    if is_root ; then
	check_host_keyring
	fingerprintPGP=$(fingerprint_server_key)
	gpg_authentication "--fingerprint --list-key --list-options show-unusable-uids $fingerprintPGP" 2>/dev/null
	echo "OpenPGP fingerprint: $fingerprintPGP"
    else
	log info "You must be root to see host OpenPGP fingerprint."
	ret='1'
    fi

    if [ -f "${SYSDATADIR}/ssh_host_rsa_key.pub" ] ; then
	fingerprintSSH=$(ssh-keygen -l -f "${SYSDATADIR}/ssh_host_rsa_key.pub" | \
	    awk '{ print $1, $2, $4 }')
	echo "ssh fingerprint: $fingerprintSSH"
    else
	log info "SSH host key not found."
	ret='1'
    fi

return $ret
}

########################################################################
# MAIN
########################################################################

# unset variables that should be defined only in config file
unset KEYSERVER
unset AUTHORIZED_USER_IDS
unset RAW_AUTHORIZED_KEYS
unset MONKEYSPHERE_USER

# load configuration file
[ -e ${MONKEYSPHERE_SERVER_CONFIG:="${SYSCONFIGDIR}/monkeysphere-server.conf"} ] && . "$MONKEYSPHERE_SERVER_CONFIG"

# set empty config variable with ones from the environment, or with
# defaults
LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}}
KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="pool.sks-keyservers.net"}}
AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.monkeysphere/authorized_user_ids"}}
RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=${RAW_AUTHORIZED_KEYS:="%h/.ssh/authorized_keys"}}
MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}}

# other variables
CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"}
REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"}
GNUPGHOME_HOST=${MONKEYSPHERE_GNUPGHOME_HOST:="${SYSDATADIR}/gnupg-host"}
GNUPGHOME_AUTHENTICATION=${MONKEYSPHERE_GNUPGHOME_AUTHENTICATION:="${SYSDATADIR}/gnupg-authentication"}

# export variables needed in su invocation
export DATE
export MODE
export MONKEYSPHERE_USER
export LOG_LEVEL
export KEYSERVER
export CHECK_KEYSERVER
export REQUIRED_USER_KEY_CAPABILITY
export GNUPGHOME_HOST
export GNUPGHOME_AUTHENTICATION
export GNUPGHOME

# get subcommand
COMMAND="$1"
[ "$COMMAND" ] || failure "Type '$PGRM help' for usage."
shift

case $COMMAND in
    'show-key'|'show'|'s')
	show_server_key
	;;

    'extend-key'|'e')
	check_user
	check_host_keyring
	extend_key "$@"
	;;

    'add-hostname'|'add-name'|'n+')
	check_user
	check_host_keyring
	add_hostname "$@"
	;;

    'revoke-hostname'|'revoke-name'|'n-')
	check_user
	check_host_keyring
	revoke_hostname "$@"
	;;

    'add-revoker'|'o')
	check_user
	check_host_keyring
	add_revoker "$@"
	;;

    'revoke-key'|'r')
	check_user
	check_host_keyring
	revoke_key "$@"
	;;

    'publish-key'|'publish'|'p')
	check_user
	check_host_keyring
	publish_server_key
	;;

    'expert'|'e')
	check_user
	SUBCOMMAND="$1"
	shift
	case "$SUBCOMMAND" in
	    'import-key'|'i')
		import_key "$@"
		;;

	    'gen-key'|'g')
		gen_key "$@"
		;;

	    'diagnostics'|'d')
		diagnostics
		;;

	    *)
		failure "Unknown expert subcommand: '$COMMAND'
Type '$PGRM help' for usage."
		;;
	esac
	;;

    'version'|'v')
	echo "$VERSION"
	;;

    '--help'|'help'|'-h'|'h'|'?')
        usage
        ;;

    *)
        failure "Unknown command: '$COMMAND'
Type '$PGRM help' for usage."
        ;;
esac

exit "$RETURN"