From nobody Tue Nov 15 15:58:20 2022 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NBW712HS3z4h5sJ; Tue, 15 Nov 2022 15:58:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NBW711xzxz3n1W; Tue, 15 Nov 2022 15:58:21 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1668527901; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JNdMv7g8H1hFfg45ztS+urWKXtNbJRJZxO7frN23yJc=; b=KvXTElqj53Al3LOHpWATnOzHyoSRckEELi/3QrQEFco0pTn1pHHHnE6UsbyAbB4peKl+p2 lvkpFaQhn1yfzYGpqI0Ccpu+9g7pYGly79NF2NH3ybGTYmKfWtJNA4TdMdPdKP9z42568/ NAn5olPxqUIAu3VDE0eiKAkMcjS1Q09PBtx6W8ye2oNjOneg0xTpN9KDDOPKyhgQNVV/QU 28nc77y1H2FP+X21oVA5F47/3pRHH1k+zqvGUVR8oDFYAnBTs+olFOKzqji6GiPYmrkCBd yyCoBHOla6DjrY4iofNfVBFQ4WaL1YykzlQFINF3MzautdtDjh9JzvzlV3bePw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1668527901; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JNdMv7g8H1hFfg45ztS+urWKXtNbJRJZxO7frN23yJc=; b=crkZaIo3TikG5JIRJFkYvFHKxiqmbVWPGlF1UN8NTjNXDlQcHw1CJFcotcMtguh7kyl2Th hHFx3fv2IaDHlby4D+dVHJEIwp0kcOBzs8NNMhd5PrdrN4nzSpJN9u/zzcE3ZqT9ylVqc6 NaSXJaQPbtI76iDN+P508wmzWjLyF+vqkAFXWXqTlA5h/XInTDbPtP0Q7ykkzJ9n9/eHvm kPCiMvKRCh2S1yQB8jN9qf49QN1OktZY0T1ObrxxAfez/ZGZFNFnPNA6q30pKUwU6dZJ+P hXOXBsZrhjNS+SpsSS2N7JTxNo/1j4M6YUVGOvrft1tfphxF0tWI/1R2YCpqQg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1668527901; a=rsa-sha256; cv=none; b=swEXsgZsPIwjoX9tRjGzOl5fDVShTfGsGRsrTMT2ZWbkgyOwjJaqibmCkrpdjNQ2g6rx/w I00Yz+WtaYvOQOh5vflMM6lUim7BvKWLpBbP3Eh2ebbefYu8Xg5naA3E/3jsaYSv8SMQnj MyeHz3/WNaGSr6Qj8+xHR2e26hOZG8mzSjLBs/0ejq03IAWpOL8Q3RaD2r7uZj7fJnsT9O Wne0RVK4ta4xn+sUytIIXRVE3zTbnxD4UBsD5nkkuY+LqglCnXXRQ5J33W0y/4koMQUwfH v9sVnGp22cPOnF8qR6IrMfkePzUHDBaTBYPrKhSKRUROYfWATxJcIGT9DXZcTw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4NBW710lwZzSk6; Tue, 15 Nov 2022 15:58:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2AFFwKxJ071656; Tue, 15 Nov 2022 15:58:20 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2AFFwKa8071655; Tue, 15 Nov 2022 15:58:20 GMT (envelope-from git) Date: Tue, 15 Nov 2022 15:58:20 GMT Message-Id: <202211151558.2AFFwKa8071655@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Ryan Steinmetz Subject: git: 287db69a8e72 - main - security/shibboleth-idp: new port: List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: zi X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 287db69a8e7299e0984890e416fed4e30e406556 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by zi: URL: https://cgit.FreeBSD.org/ports/commit/?id=287db69a8e7299e0984890e416fed4e30e406556 commit 287db69a8e7299e0984890e416fed4e30e406556 Author: Ryan Steinmetz AuthorDate: 2022-11-15 15:55:34 +0000 Commit: Ryan Steinmetz CommitDate: 2022-11-15 15:57:59 +0000 security/shibboleth-idp: new port: A simple Single Sign-On solution for any organisation with complex identity management requirements. With excellent scaling capabilities and customisable user-related data, the Identity Provider equips workforces with a personalised user experience. * Widely adaptable to support custom scenarios * Built-in support for a range of authentication systems * Handles millions of authentication requests per day WWW: https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/1265631498/Home --- security/Makefile | 1 + security/shibboleth-idp/Makefile | 65 +++ security/shibboleth-idp/distinfo | 7 + security/shibboleth-idp/files/index.html | 8 + .../files/jetty-base/etc/jetty-requestlog.xml | 30 + .../files/jetty-base/modules/idp-logging.mod | 9 + .../files/jetty-base/modules/idp.mod | 18 + .../files/jetty-base/resources/logback-access.xml | 13 + .../files/jetty-base/resources/logback.xml | 18 + .../files/jetty-base/start.d/http.ini | 14 + .../files/jetty-base/start.d/idp.ini | 35 ++ .../files/jetty-base/start.d/start.ini | 24 + .../files/jetty-base/webapps/idp.xml | 12 + .../files/jetty-base/webapps/static.xml | 16 + security/shibboleth-idp/files/pkg-message.in | 42 ++ security/shibboleth-idp/files/shibboleth-idp.in | 87 +++ security/shibboleth-idp/files/shibboleth-idp.sh | 628 +++++++++++++++++++++ security/shibboleth-idp/files/shibboleth.in | 64 +++ security/shibboleth-idp/pkg-descr | 8 + security/shibboleth-idp/pkg-plist | 272 +++++++++ 20 files changed, 1371 insertions(+) diff --git a/security/Makefile b/security/Makefile index dfcf1c84c852..276b83d3a083 100644 --- a/security/Makefile +++ b/security/Makefile @@ -1179,6 +1179,7 @@ SUBDIR += setaudit SUBDIR += sha1collisiondetection SUBDIR += sha2wordlist + SUBDIR += shibboleth-idp SUBDIR += shibboleth-sp SUBDIR += sig2dot SUBDIR += signify diff --git a/security/shibboleth-idp/Makefile b/security/shibboleth-idp/Makefile new file mode 100644 index 000000000000..2c9a0034823f --- /dev/null +++ b/security/shibboleth-idp/Makefile @@ -0,0 +1,65 @@ +PORTNAME= shibboleth +PORTVERSION= 4.2.1 +CATEGORIES= security www +MASTER_SITES= http://shibboleth.net/downloads/identity-provider/${PORTVERSION}/ \ + http://shibboleth.net/downloads/identity-provider/latest4/${PORTVERSION}/ \ + http://shibboleth.net/downloads/identity-provider/archive/${PORTVERSION}/ \ + https://repo1.maven.org/maven2/ch/qos/logback/logback-core/${LOGBACKVER}/:logback_core \ + https://repo1.maven.org/maven2/ch/qos/logback/logback-classic/${LOGBACKVER}/:logback_classic +PKGNAMESUFFIX= -idp +DISTFILES= shibboleth-identity-provider-${PORTVERSION}.tar.gz \ + logback-classic-${LOGBACKVER}.jar:logback_classic \ + logback-core-${LOGBACKVER}.jar:logback_core +EXTRACT_ONLY= shibboleth-identity-provider-${PORTVERSION}.tar.gz + +MAINTAINER= zi@FreeBSD.org +COMMENT= Shibboleth Identity Provider (Internet2) +WWW= http://shibboleth.internet2.edu/ + +LICENSE= APACHE20 + +BUILD_DEPENDS= jetty10>=0:www/jetty10 +RUN_DEPENDS= bash:shells/bash \ + jetty10>=0:www/jetty10 + +USE_RC_SUBR= shibboleth-idp +CPE_VENDOR= shibboleth +WRKSRC= ${WRKDIR}/shibboleth-identity-provider-${PORTVERSION} + +NO_ARCH= yes +NO_BUILD= yes + +LOGBACKVER= 1.4.0 +SHIBUSER= shibd +SHIBGROUP= shibd +LOGDIR= /var/log/${PORTNAME} +RUNDIR= /var/run/${PORTNAME} +USERS= ${SHIBUSER} +GROUPS= ${SHIBGROUP} + +SUB_FILES= shibboleth + +SUB_LIST+= SHIBUSER=${SHIBUSER} SHIBGROUP=${SHIBGROUP} \ + RUNDIR=${RUNDIR} LOGDIR=${LOGDIR} +PLIST_SUB+= SHIBUSER=${SHIBUSER} SHIBGROUP=${SHIBGROUP} \ + RUNDIR=${RUNDIR} LOGDIR=${LOGDIR} LOGBACKVER=${LOGBACKVER} + +do-install: + @${MKDIR} ${STAGEDIR}${DATADIR} ${STAGEDIR}${ETCDIR} + @${MKDIR} ${STAGEDIR}${LOGDIR} ${STAGEDIR}${RUNDIR} + @${MKDIR} ${STAGEDIR}${WWWDIR}/lib/logging + @${MKDIR} ${STAGEDIR}${EXAMPLESDIR} +.for dir in conf credentials etc modules resources start.d webapps/ROOT + @${MKDIR} ${STAGEDIR}${WWWDIR}/${dir} +.endfor + (cd ${WRKSRC} && ${COPYTREE_SHARE} . ${STAGEDIR}${DATADIR}) + (cd ${FILESDIR}/jetty-base && ${COPYTREE_SHARE} . ${STAGEDIR}${EXAMPLESDIR}) + @${FIND} ${STAGEDIR}${DATADIR} -type f -name '*.sh' -exec ${CHMOD} +x {} \; +.for jar in logback-classic-${LOGBACKVER}.jar logback-core-${LOGBACKVER}.jar + ${INSTALL_DATA} ${DISTDIR}/${jar} ${STAGEDIR}${WWWDIR}/lib/logging +.endfor + ${INSTALL_DATA} ${WRKDIR}/shibboleth ${STAGEDIR}${ETCDIR}/shibboleth-idp + ${INSTALL_DATA} ${FILESDIR}/index.html ${STAGEDIR}${EXAMPLESDIR}/index.html + ${INSTALL_SCRIPT} ${FILESDIR}/shibboleth-idp.sh ${STAGEDIR}${PREFIX}/sbin + +.include diff --git a/security/shibboleth-idp/distinfo b/security/shibboleth-idp/distinfo new file mode 100644 index 000000000000..2d19c4209bac --- /dev/null +++ b/security/shibboleth-idp/distinfo @@ -0,0 +1,7 @@ +TIMESTAMP = 1666726432 +SHA256 (shibboleth-identity-provider-4.2.1.tar.gz) = fa5e46d160f6b1bc50326c1a31627a05b5d0847b8f620d7f4c0251999b806474 +SIZE (shibboleth-identity-provider-4.2.1.tar.gz) = 55960112 +SHA256 (logback-classic-1.4.0.jar) = 9ce4cfee4834195753b5be5016ded641e8456d9e82995821838dc662e866e212 +SIZE (logback-classic-1.4.0.jar) = 262118 +SHA256 (logback-core-1.4.0.jar) = 14e09a7896bee6ef2e005b48fc5560fe2299a57a826bc4c1f1c6d43002f0512c +SIZE (logback-core-1.4.0.jar) = 559203 diff --git a/security/shibboleth-idp/files/index.html b/security/shibboleth-idp/files/index.html new file mode 100644 index 000000000000..7f517dede1eb --- /dev/null +++ b/security/shibboleth-idp/files/index.html @@ -0,0 +1,8 @@ + + + Shibboleth + + +

Shibboleth

+ + diff --git a/security/shibboleth-idp/files/jetty-base/etc/jetty-requestlog.xml b/security/shibboleth-idp/files/jetty-base/etc/jetty-requestlog.xml new file mode 100644 index 000000000000..660f7b368199 --- /dev/null +++ b/security/shibboleth-idp/files/jetty-base/etc/jetty-requestlog.xml @@ -0,0 +1,30 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/security/shibboleth-idp/files/jetty-base/modules/idp-logging.mod b/security/shibboleth-idp/files/jetty-base/modules/idp-logging.mod new file mode 100644 index 000000000000..dccc34ae12b7 --- /dev/null +++ b/security/shibboleth-idp/files/jetty-base/modules/idp-logging.mod @@ -0,0 +1,9 @@ +[description] +Shibboleth IdP Logging + +[depend] +console-capture +logback-access + +[files] +/var/log/shibboleth/ diff --git a/security/shibboleth-idp/files/jetty-base/modules/idp.mod b/security/shibboleth-idp/files/jetty-base/modules/idp.mod new file mode 100644 index 000000000000..57a601105222 --- /dev/null +++ b/security/shibboleth-idp/files/jetty-base/modules/idp.mod @@ -0,0 +1,18 @@ +[description] +Shibboleth IdP + +[depend] +annotations +deploy +ext +#https +jsp +jstl +plus +resources +server +servlets +#ssl + +[files] +tmp/ diff --git a/security/shibboleth-idp/files/jetty-base/resources/logback-access.xml b/security/shibboleth-idp/files/jetty-base/resources/logback-access.xml new file mode 100644 index 000000000000..cec9236337fa --- /dev/null +++ b/security/shibboleth-idp/files/jetty-base/resources/logback-access.xml @@ -0,0 +1,13 @@ + + + + /var/log/shibboleth/access.log + + /var/log/shibboleth/access-%d{yyyy-MM-dd}.log.gz + + + combined + + + + diff --git a/security/shibboleth-idp/files/jetty-base/resources/logback.xml b/security/shibboleth-idp/files/jetty-base/resources/logback.xml new file mode 100644 index 000000000000..9a530677c4a9 --- /dev/null +++ b/security/shibboleth-idp/files/jetty-base/resources/logback.xml @@ -0,0 +1,18 @@ + + + + /var/log/shibboleth/jetty.log + + /var/log/shibboleth/jetty-%d{yyyy-MM-dd}.log.gz + + + UTF-8 + %date{ISO8601} - %level [%logger:%line] - %msg%n + + + + + + + + diff --git a/security/shibboleth-idp/files/jetty-base/start.d/http.ini b/security/shibboleth-idp/files/jetty-base/start.d/http.ini new file mode 100644 index 000000000000..fd91753eb783 --- /dev/null +++ b/security/shibboleth-idp/files/jetty-base/start.d/http.ini @@ -0,0 +1,14 @@ +# --------------------------------------- +# Module: http +# Shibboleth IdP +# --------------------------------------- + +--module=http +--module=http-forwarded + +# Allows use of default IdP command line tools. +jetty.http.host=127.0.0.1 +jetty.http.port=8080 + +# Hide server version +jetty.httpConfig.sendServerVersion=false diff --git a/security/shibboleth-idp/files/jetty-base/start.d/idp.ini b/security/shibboleth-idp/files/jetty-base/start.d/idp.ini new file mode 100644 index 000000000000..e87aa186019d --- /dev/null +++ b/security/shibboleth-idp/files/jetty-base/start.d/idp.ini @@ -0,0 +1,35 @@ +# --------------------------------------- +# Module: idp +# Shibboleth IdP +# --------------------------------------- +--module=logging-logback +--module=idp + +## Keystore file path (relative to $jetty.base) +jetty.sslContext.keyStorePath=credentials/idp-userfacing.p12 +## Truststore file path (relative to $jetty.base) +jetty.sslContext.trustStorePath=credentials/idp-userfacing.p12 + +## Keystore type +jetty.sslContext.keyStoreType=PKCS12 +## Truststore type and provider +jetty.sslContext.trustStoreType=PKCS12 + +## Keystore password +jetty.sslContext.keyStorePassword=%%KEYSTORE%% +## Truststore password +jetty.sslContext.trustStorePassword=%%KEYSTORE%% +## KeyManager password +jetty.sslContext.keyManagerPassword=%%KEYSTORE%% + +## Deny SSL renegotiation +jetty.sslContext.renegotiationAllowed=false + +## Connector host/address to bind to +jetty.ssl.host=127.0.0.1 + +## Connector port to listen on +jetty.ssl.port=443 + +# logging +etc/jetty-requestlog.xml diff --git a/security/shibboleth-idp/files/jetty-base/start.d/start.ini b/security/shibboleth-idp/files/jetty-base/start.d/start.ini new file mode 100644 index 000000000000..f83bcf36389e --- /dev/null +++ b/security/shibboleth-idp/files/jetty-base/start.d/start.ini @@ -0,0 +1,24 @@ +# Any other required Jetty modules... + +# Allows setting Java system properties (-Dname=value) +# and JVM flags (-X, -XX) in this file +# NOTE: spawns child Java process +--exec + +# Uncomment if IdP is installed somewhere other than /opt/shibboleth-idp +-Didp.home=/usr/local/www/shibboleth + +# Maximum amount of memory that Jetty may use, at least 1.5G is recommended +# for handling larger (> 25M) metadata files but you will need to test on +# your particular metadata configuration. If MDQ metadata on demand is used, +# requirements may be much lower. +-Xmx1500m + +# Prevent blocking for entropy. +-Djava.security.egd=file:/dev/urandom + +# Set Java tmp location +-Djava.io.tmpdir=/tmp + +# Where to put logs +-Didp.logfiles=/var/log/shibboleth diff --git a/security/shibboleth-idp/files/jetty-base/webapps/idp.xml b/security/shibboleth-idp/files/jetty-base/webapps/idp.xml new file mode 100644 index 000000000000..f5ba928e0b73 --- /dev/null +++ b/security/shibboleth-idp/files/jetty-base/webapps/idp.xml @@ -0,0 +1,12 @@ + + + + + + + + + false + false + true + diff --git a/security/shibboleth-idp/files/jetty-base/webapps/static.xml b/security/shibboleth-idp/files/jetty-base/webapps/static.xml new file mode 100644 index 000000000000..3c53036abb35 --- /dev/null +++ b/security/shibboleth-idp/files/jetty-base/webapps/static.xml @@ -0,0 +1,16 @@ + + + + + + + / + + + + / + + false + + + diff --git a/security/shibboleth-idp/files/pkg-message.in b/security/shibboleth-idp/files/pkg-message.in new file mode 100644 index 000000000000..156826d76bcf --- /dev/null +++ b/security/shibboleth-idp/files/pkg-message.in @@ -0,0 +1,42 @@ +[ +{ type: install + message: </webapps/jetty.war +# +# JETTY_BASE +# Where your Jetty base directory is. If not set, then the currently +# directory is checked, otherwise the value from +# $JETTY_HOME will be used. +# +# JETTY_RUN +# Where the $NAME.pid file should be stored. It defaults to the +# first available of /var/run, /usr/var/run, JETTY_BASE and /tmp +# if not set. +# +# JETTY_PID +# The Jetty PID file, defaults to $JETTY_RUN/$NAME.pid +# +# JETTY_ARGS +# The default arguments to pass to jetty. +# For example +# JETTY_ARGS=jetty.http.port=8080 jetty.ssl.port=8443 +# +# JETTY_USER +# if set, then used as a username to run the server as +# +# JETTY_SHELL +# If set, then used as the shell by su when starting the server. Will have +# no effect if start-stop-daemon exists. Useful when JETTY_USER does not +# have shell access, e.g. /bin/false +# +# JETTY_START_TIMEOUT +# Time spent waiting to see if startup was successful/failed. Defaults to 60 seconds +# + +usage() +{ + echo "Usage: ${0##*/} [-d] {start|stop|run|restart|check|supervise} [ CONFIGS ... ] " + exit 1 +} + +[ $# -gt 0 ] || usage + + +################################################## +# Some utility functions +################################################## +findDirectory() +{ + local L OP=$1 + shift + for L in "$@"; do + [ "$OP" "$L" ] || continue + printf %s "$L" + break + done +} + +running() +{ + if [ -f "$1" ] + then + local PID=$(cat "$1" 2>/dev/null) || return 1 + kill -0 "$PID" 2>/dev/null + return + fi + rm -f "$1" + return 1 +} + +started() +{ + # wait for 60s to see "STARTED" in PID file, needs jetty-started.xml as argument + for ((T = 0; T < $(($3 / 4)); T++)) + do + sleep 4 + [ -z "$(tail -1 $1 | grep STARTED 2>/dev/null)" ] || return 0 + [ -z "$(tail -1 $1 | grep STOPPED 2>/dev/null)" ] || return 1 + [ -z "$(tail -1 $1 | grep FAILED 2>/dev/null)" ] || return 1 + local PID=$(cat "$2" 2>/dev/null) || return 1 + kill -0 "$PID" 2>/dev/null || return 1 + echo -n ". " + done + + return 1; +} + + +readConfig() +{ + (( DEBUG )) && echo "Reading $1.." + source "$1" +} + +dumpEnv() +{ + echo "JAVA = $JAVA" + echo "JAVA_OPTIONS = ${JAVA_OPTIONS[*]}" + echo "JETTY_HOME = $JETTY_HOME" + echo "JETTY_BASE = $JETTY_BASE" + echo "START_D = $START_D" + echo "START_INI = $START_INI" + echo "JETTY_START = $JETTY_START" + echo "JETTY_CONF = $JETTY_CONF" + echo "JETTY_ARGS = ${JETTY_ARGS[*]}" + echo "JETTY_RUN = $JETTY_RUN" + echo "JETTY_PID = $JETTY_PID" + echo "JETTY_START_LOG = $JETTY_START_LOG" + echo "JETTY_STATE = $JETTY_STATE" + echo "JETTY_START_TIMEOUT = $JETTY_START_TIMEOUT" + echo "RUN_CMD = ${RUN_CMD[*]}" +} + + + +################################################## +# Get the action & configs +################################################## +CONFIGS=() +NO_START=0 +DEBUG=0 + +while [[ $1 = -* ]]; do + case $1 in + -d) DEBUG=1 ;; + esac + shift +done +ACTION=$1 +shift + +################################################## +# Read any configuration files +################################################## +ETC=/etc +if [ $UID != 0 ] +then + ETC=$HOME/etc +fi + +for CONFIG in {/etc,~/etc}/default/${NAME}{,9} $HOME/.${NAME}rc /usr/local/etc/shibboleth/${NAME}{,9}; do + if [ -f "$CONFIG" ] ; then + readConfig "$CONFIG" + fi +done + + +################################################## +# Set tmp if not already set. +################################################## +TMPDIR=${TMPDIR:-/tmp} + +################################################## +# Jetty's hallmark +################################################## +JETTY_INSTALL_TRACE_FILE="start.jar" + + +################################################## +# Try to determine JETTY_HOME if not set +################################################## +if [ -z "$JETTY_HOME" ] +then + JETTY_SH=$0 + case "$JETTY_SH" in + /*) JETTY_HOME=${JETTY_SH%/*/*} ;; + ./*/*) JETTY_HOME=${JETTY_SH%/*/*} ;; + ./*) JETTY_HOME=.. ;; + */*/*) JETTY_HOME=./${JETTY_SH%/*/*} ;; + */*) JETTY_HOME=. ;; + *) JETTY_HOME=.. ;; + esac + + if [ ! -f "$JETTY_HOME/$JETTY_INSTALL_TRACE_FILE" ] + then + JETTY_HOME= + fi +fi + +################################################## +# No JETTY_HOME yet? We're out of luck! +################################################## +if [ -z "$JETTY_HOME" ]; then + echo "** ERROR: JETTY_HOME not set, you need to set it or install in a standard location" + exit 1 +fi + +RUN_DIR=$(pwd) +cd "$JETTY_HOME" +JETTY_HOME=$(pwd) + +################################################## +# Set JETTY_BASE +################################################## +export JETTY_BASE +if [ -z "$JETTY_BASE" ]; then + if [ -d "$RUN_DIR/start.d" -o -f "$RUN_DIR/start.ini" ]; then + JETTY_BASE=$RUN_DIR + else + JETTY_BASE=$JETTY_HOME + fi +fi +cd "$JETTY_BASE" +JETTY_BASE=$(pwd) + +##################################################### +# Check that jetty is where we think it is +##################################################### +if [ ! -r "$JETTY_HOME/$JETTY_INSTALL_TRACE_FILE" ] +then + echo "** ERROR: Oops! Jetty doesn't appear to be installed in $JETTY_HOME" + echo "** ERROR: $JETTY_HOME/$JETTY_INSTALL_TRACE_FILE is not readable!" + exit 1 +fi + +################################################## +# Try to find this script's configuration file, +# but only if no configurations were given on the +# command line. +################################################## +if [ -z "$JETTY_CONF" ] +then + if [ -f $ETC/${NAME}.conf ] + then + JETTY_CONF=$ETC/${NAME}.conf + elif [ -f "$JETTY_BASE/etc/jetty.conf" ] + then + JETTY_CONF=$JETTY_BASE/etc/jetty.conf + elif [ -f "$JETTY_HOME/etc/jetty.conf" ] + then + JETTY_CONF=$JETTY_HOME/etc/jetty.conf + fi +fi + +##################################################### +# Find a location for the pid file +##################################################### +if [ -z "$JETTY_RUN" ] +then + JETTY_RUN=$(findDirectory -w /var/run /usr/var/run $JETTY_BASE /tmp)/jetty + [ -d "$JETTY_RUN" ] || mkdir $JETTY_RUN +fi + +##################################################### +# define start log location +##################################################### +if [ -z "$JETTY_START_LOG" ] +then + JETTY_START_LOG="$JETTY_RUN/$NAME-start.log" +fi + +##################################################### +# Find a pid and state file +##################################################### +if [ -z "$JETTY_PID" ] +then + JETTY_PID="$JETTY_RUN/${NAME}.pid" +fi + +if [ -z "$JETTY_STATE" ] +then + JETTY_STATE=$JETTY_BASE/${NAME}.state +fi + +case "`uname`" in +CYGWIN*) JETTY_STATE="`cygpath -w $JETTY_STATE`";; +esac + + +JETTY_ARGS=(${JETTY_ARGS[*]} "jetty.state=$JETTY_STATE") + +################################################## +# Get the list of config.xml files from jetty.conf +################################################## +if [ -f "$JETTY_CONF" ] && [ -r "$JETTY_CONF" ] +then + while read -r CONF + do + if expr "$CONF" : '#' >/dev/null ; then + continue + fi + + if [ -d "$CONF" ] + then + # assume it's a directory with configure.xml files + # for example: /etc/jetty.d/ + # sort the files before adding them to the list of JETTY_ARGS + for XMLFILE in "$CONF/"*.xml + do + if [ -r "$XMLFILE" ] && [ -f "$XMLFILE" ] + then + JETTY_ARGS=(${JETTY_ARGS[*]} "$XMLFILE") + else + echo "** WARNING: Cannot read '$XMLFILE' specified in '$JETTY_CONF'" + fi + done + else + # assume it's a command line parameter (let start.jar deal with its validity) + JETTY_ARGS=(${JETTY_ARGS[*]} "$CONF") + fi + done < "$JETTY_CONF" +fi + +################################################## +# Setup JAVA if unset +################################################## +if [ -z "$JAVA" ] +then + JAVA=$(which java) +fi + +if [ -z "$JAVA" ] +then + echo "Cannot find a Java JDK. Please set either set JAVA or put java (>=1.5) in your PATH." >&2 + exit 1 +fi + +##################################################### +# See if Deprecated JETTY_LOGS is defined +##################################################### +if [ "$JETTY_LOGS" ] +then + echo "** WARNING: JETTY_LOGS is Deprecated. Please configure logging within the jetty base." >&2 +fi + +##################################################### +# Set STARTED timeout +##################################################### +if [ -z "$JETTY_START_TIMEOUT" ] +then + JETTY_START_TIMEOUT=60 +fi + +##################################################### +# Are we running on Windows? Could be, with Cygwin/NT. +##################################################### +case "`uname`" in +CYGWIN*) PATH_SEPARATOR=";";; +*) PATH_SEPARATOR=":";; +esac + + +##################################################### +# Add jetty properties to Java VM options. +##################################################### + +case "`uname`" in +CYGWIN*) +JETTY_HOME="`cygpath -w $JETTY_HOME`" +JETTY_BASE="`cygpath -w $JETTY_BASE`" +TMPDIR="`cygpath -w $TMPDIR`" +;; +esac + +BASE_JETTY_SYS_PROPS=$(echo -ne "-Djetty.home=$JETTY_HOME" "-Djetty.base=$JETTY_BASE" "-Djava.io.tmpdir=$TMPDIR") +JETTY_SYS_PROPS=(${JETTY_SYS_PROPS[*]} $BASE_JETTY_SYS_PROPS) + +##################################################### +# This is how the Jetty server will be started +##################################################### + +JETTY_START=$JETTY_HOME/start.jar +START_INI=$JETTY_BASE/start.ini +START_D=$JETTY_BASE/start.d +if [ ! -f "$START_INI" -a ! -d "$START_D" ] +then + echo "Cannot find a start.ini file or a start.d directory in your JETTY_BASE directory: $JETTY_BASE" >&2 + exit 1 +fi + +case "`uname`" in +CYGWIN*) JETTY_START="`cygpath -w $JETTY_START`";; +esac + *** 554 LINES SKIPPED ***