#!/bin/bash

# This script is for grading the signed SSL cert lab.

# It does the following:
# determines the hostname of the user's serverX
# checks the SSL cert from https://serverX.example.com 
# and verifies that it is correct and signed by the CA on 
# instructor.example.com.

# Set environment and declare global variables
. /usr/local/lib/labtool.shlib
trap on_exit EXIT
LOG_FACILITY=local0
LOG_PRIORITY=info
LOG_TAG=hackerSSL
DEBUG=false
ERROR_MESSAGE="Failed."
PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin
PACKAGES=( elinks wget )

# Make sure we have the packages we need
check_packages

# Check to make sure we are running on the correct host
check_host "desktop"

N=$GLS_ENROLLMENT
CACERT=/net/i/var/ftp/pub/example-ca.crt
URL=https://server$N.example.com

curl --cacert $CACERT $URL >& /dev/null
CURLRV=$?

if [ $CURLRV -eq 0 ]; then
        echo "Passed."
        exit 0
fi

if [ $CURLRV -eq 7 ]; then
        echo "Could not connect to $URL."
        echo "Is your server running?"
        exit 1
fi

if [ $CURLRV -eq 77 ]; then
        echo "Trouble loading CACERT $CACERT"
        echo "make sure you can access $CACERT from here, and try again."
        exit 1
fi

