#! /bin/bash

set -o errexit
set -o pipefail
set -o nounset
#set -o xtrace

V=0.50	# initial

SERIAL=$(</etc/bcfg2.serial)

STATUS_FILE='/var/run/license.status'
PCRS_FILE='/sys/class/misc/tpm0/device/pcrs'
EXPIRE_AGE=$[ 3 * 24 * 60 * 60 ]

eval $(
awk '
BEGIN {
	FS=": "
}
{
	sub("-","s[",$1)
	gsub(" ","",$2)
	if ($2 != "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" &&
	    $2 != "0000000000000000000000000000000000000000")
		print $1 "]=" $2
}
' $PCRS_FILE )

VALIDATED=1
for PCR_ID in ${!PCRs[@]}
do
	CUR_VALUE=${PCRs[$PCR_ID]}
	KEY="$PCR_ID.$SERIAL.license.clearcable.net."
	REQ_VALUE=$(dig +short $KEY TXT)
	REQ_VALUE=${REQ_VALUE//\"/}
	if test "$CUR_VALUE" != "$REQ_VALUE"
	then
		VALIDATED=0
		echo -e "$KEY\t0\tTXT\t$CUR_VALUE"
	fi
done

# all OK
if test $VALIDATED -gt 0
then
	echo 'ok' > $STATUS_FILE
	exit
fi

test -f $STATUS_FILE || touch $STATUS_FILE
STATUS=$(<$STATUS_FILE)
if test -z "$STATUS" -o "$STATUS" = 'ok'
then
	echo 'failed' > $STATUS_FILE
	exit
fi

if test "$STATUS" = 'expired'
then
	service xendomains stop
	exit
fi

AGE=$[ $(date +%s) - $(stat --format="%Y" -- "$STATUS_FILE") ]

if test $AGE -gt $EXPIRE_AGE
then
	echo 'expired' > $STATUS_FILE
	exit
fi
