#!/bin/bash

# Copyright (c) 2008--2012 Red Hat, Inc.
#
# This software is licensed to you under the GNU General Public License,
# version 2 (GPLv2). There is NO WARRANTY for this software, express or
# implied, including the implied warranties of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
# along with this software; if not, see
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
#
# Red Hat trademarks are not licensed under GPLv2. No permission is
# granted to use or replicate Red Hat trademarks that are incorporated
# in this software or its documentation.
#

CONFIG_FILE=/etc/sysconfig/rhn/rhn-ssl-cert-check

unset ADMIN EXPIRATION CHECK

# Source the config file
[ -f $CONFIG_FILE ] && . $CONFIG_FILE

# Valid variables to be set in the config file:
# CHECK=no                  # will disable checking
# ADMIN=user@example.org    # send notifications to this e-mail address
# EXPIRATION=30             # change the default warning policy (60 days)

# Was SSL checking turned off in the config file?
[ "$CHECK" == "no" ] && exit 0

EXPIRATION=${EXPIRATION:-60}

if [ -z "$ADMIN" ]; then
    ADMIN=$(spacewalk-cfg-get traceback_mail | perl -0777 -pe 's/\s+/,/g; s/^,|,$//g')
fi

if [ -z "$ADMIN" ]; then
    # Unable to read the admin's e-mail address
    echo "Unable to read the admin e-mail address in /etc/rhn/rhn.conf"
    echo
    echo "To disable monitoring, add CHECK=no in $CONFIG_FILE"
    echo "Otherwise, you will have to add a valid email address to receive"
    echo "expiration notifications, either in $RHN_CONF_FILE (traceback_mail)"
    echo "or set ADMIN in $CONFIG_FILE"
    exit 0
fi

sed -e "s!| */usr/sbin/sendmail!| sed \"s/'genkey'/'rhn-ssl-tool' or 'genkey'/; /Generated by/a\\\\                    and $0\" &!" \
		-e "/\.  *\/etc\/sysconfig\/httpd/aexport CERTWATCH_OPTS='--address $ADMIN --period $EXPIRATION' ; unset NOCERTWATCH" /etc/cron.daily/certwatch \
	| bash -

