path: root/src/main/java/org/openslx/taskmanager/tasks/LighttpdHttps.java

package org.openslx.taskmanager.tasks;

import java.io.File;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

import org.openslx.satserver.util.Exec;
import org.openslx.satserver.util.Util;
import org.openslx.taskmanager.api.AbstractTask;

import com.google.gson.annotations.Expose;

/**
 * Task for enabling or disabling https support in lighttpd.
 * Can greate a self-signed cert on the fly, or use a supplied one.
 */
public class LighttpdHttps extends AbstractTask
{

	private Output status = new Output();

	@Expose
	private String importcert = null;
	@Expose
	private String importkey = null;
	@Expose
	private String importchain = null;

	@Expose
	private String proxyip = null;

	@Expose
	private boolean redirect;
	@Expose
	private boolean redirectOnly;

	private List<String> baseCmd = Arrays.asList( new String[] { "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https" } );

	@Override
	protected boolean initTask()
	{
		this.setStatusObject( this.status );
		return true;
	}

	@Override
	protected boolean execute()
	{
		if ( this.redirectOnly )
			return setRedirect();
		if ( this.importcert != null && this.importkey != null && !this.importcert.isEmpty() && !this.importkey.isEmpty() )
			return createFromInput();
		if ( this.proxyip != null && !this.proxyip.isEmpty() )
			return createRandom();
		return disableHttps();
	}

	private boolean createRandom()
	{
		List<String> cmd = new ArrayList<>( baseCmd );
		if ( this.redirect ) {
			cmd.add( "--redirect" );
		}
		cmd.add( "--random" );
		cmd.add( this.proxyip );
		int ret = Exec.sync( 45, cmd.toArray( new String[ cmd.size() ] ) );
		if ( ret != 0 ) {
			status.error = "generator exited with code " + ret;
			return false;
		}
		return true;
	}

	private boolean createFromInput()
	{
		// Import supplied certificate and key. Test if they are valid first
		File tmpKey = null;
		File tmpCert = null;
		File tmpChain = null;
		List<String> cmd;
		try {
			try {
				tmpCert = File.createTempFile( "bwlp-", ".pem" );
				tmpKey = File.createTempFile( "bwlp-", ".pem" );
				Util.writeStringToFile( tmpCert, this.importcert );
				Util.writeStringToFile( tmpKey, this.importkey );
				if ( this.importchain != null && !this.importchain.isEmpty() ) {
					tmpChain = File.createTempFile( "bwlp-", ".pem" );
					Util.writeStringToFile( tmpChain, this.importchain );
				}
			} catch ( Exception e ) {
				status.error = "Could not create temporary files: " + e.getMessage();
				return false;
			}
			int ret;
			cmd = new ArrayList<>( baseCmd );
			cmd.add( "--test" );
			cmd.add( tmpKey.getAbsolutePath() );
			cmd.add( tmpCert.getAbsolutePath() );
			ret = Exec.sync( 45, cmd.toArray( new String[ cmd.size() ] ) );
			if ( ret != 0 ) {
				status.error = "Given key and certificate do not match, or have invalid format (exit code: " + ret + ")";
				return false;
			}
			cmd = new ArrayList<>( baseCmd );
			if ( this.redirect ) {
				cmd.add( "--redirect" );
			}
			cmd.add( "--import" );
			cmd.add( tmpKey.getAbsolutePath() );
			cmd.add( tmpCert.getAbsolutePath() );
			if ( tmpChain != null ) {
				cmd.add( tmpChain.getAbsolutePath() );
			}
			ret = Exec.sync( 45, cmd.toArray( new String[ cmd.size() ] ) );
			if ( ret != 0 ) {
				status.error = "import exited with code " + ret;
				return false;
			}
			return true;
		} finally {
			if ( tmpKey != null )
				tmpKey.delete();
			if ( tmpCert != null )
				tmpCert.delete();
		}
	}

	private boolean setRedirect()
	{
		List<String> cmd = new ArrayList<>( baseCmd );
		cmd.add( "--redirect-only" );
		if ( this.redirect ) {
			cmd.add( "--redirect" );
		}
		int ret = Exec.sync( 10, cmd.toArray( new String[ cmd.size() ] ) );
		if ( ret != 0 ) {
			status.error = "set redirect exited with code " + ret;
			return false;
		}
		return true;
	}

	private boolean disableHttps()
	{
		List<String> cmd = new ArrayList<>( baseCmd );
		cmd.add( "--disable" );
		int ret = Exec.sync( 10, cmd.toArray( new String[ cmd.size() ] ) );
		if ( ret != 0 ) {
			status.error = "disable exited with code " + ret;
			return false;
		}
		return true;
	}

	/**
	 * Output - contains additional status data of this task
	 */
	@SuppressWarnings( "unused" )
	private static class Output
	{
		protected String error = null;
	}

}