summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authorMuflone2019-08-31 13:24:20 +0200
committerMuflone2019-08-31 13:24:20 +0200
commit06fd9bc3273dcfeb6b42917d05fdba6381506232 (patch)
tree8046db7e92dc0e5aed4c72d223cf69e15946cfff
downloadaur-kerio-control-vpnclient-9.2.7.tar.gz
New package kerio-control-vpnclient-9.2.7 9.2.7.2921-1
-rw-r--r--.SRCINFO24
-rw-r--r--PKGBUILD58
-rw-r--r--kerio-control-vpnclient-9.2.7.install7
-rwxr-xr-xkvpnc220
-rw-r--r--kvpnc.conf7
-rw-r--r--kvpnc.service16
6 files changed, 332 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 00000000000..96e4563f044
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,24 @@
+pkgbase = kerio-control-vpnclient-9.2.7
+ pkgdesc = Kerio Control VPN client for corporate networks (version 9.2.7, the last compatible version for older Kerio Control 9.2.6 VPN servers).
+ pkgver = 9.2.7.2921
+ pkgrel = 1
+ url = http://www.kerio.com/control
+ install = kerio-control-vpnclient-9.2.7.install
+ arch = x86_64
+ license = custom:EULA
+ depends = procps
+ depends = dialog
+ depends = util-linux
+ conflicts = kerio-control-vpnclient
+ options = !strip
+ source = http://download.kerio.com/dwn/control/control-9.2.7-2921/kerio-control-vpnclient-9.2.7-2921-linux-amd64.deb
+ source = kvpnc
+ source = kvpnc.conf
+ source = kvpnc.service
+ sha256sums = 05efa0b2abc3affd5258b6ba64533609bc59ae016282ab3fd2865c1ee368e54f
+ sha256sums = 984ac81f6fe291ca11a4dc6822bcb1e7efaf82d14259f5395247fdbdef4c1759
+ sha256sums = b4d0915cc9de186ff4efe5c91b3b011e7819d67f93ef62c8feafd29baa599bd8
+ sha256sums = bd8b1aabc31b9b24c4b63ce8099bef111dc84bd4923c77d42e05d3f1704d5c17
+
+pkgname = kerio-control-vpnclient-9.2.7
+
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 00000000000..915058f89b7
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,58 @@
+# Maintainer: Muflone http://www.muflone.com/contacts/english/
+# Contributor: ssv1982 <ssv1982@gmail.com>
+
+pkgname=kerio-control-vpnclient-9.2.7
+_pkgname=${pkgname%-*}
+pkgver=9.2.7.2921
+pkgrel=1
+pkgdesc="Kerio Control VPN client for corporate networks (version 9.2.7, the last compatible version for older Kerio Control 9.2.6 VPN servers)."
+arch=('x86_64')
+url="http://www.kerio.com/control"
+license=('custom:EULA')
+options=(!strip)
+install="${pkgname}.install"
+depends=('procps' 'dialog' 'util-linux')
+conflicts=('kerio-control-vpnclient')
+source=("http://download.kerio.com/dwn/control/control-${pkgver%.*}-${pkgver##*.}/kerio-control-vpnclient-${pkgver%.*}-${pkgver##*.}-linux-amd64.deb"
+ "kvpnc"
+ "kvpnc.conf"
+ "kvpnc.service")
+sha256sums=('05efa0b2abc3affd5258b6ba64533609bc59ae016282ab3fd2865c1ee368e54f'
+ '984ac81f6fe291ca11a4dc6822bcb1e7efaf82d14259f5395247fdbdef4c1759'
+ 'b4d0915cc9de186ff4efe5c91b3b011e7819d67f93ef62c8feafd29baa599bd8'
+ 'bd8b1aabc31b9b24c4b63ce8099bef111dc84bd4923c77d42e05d3f1704d5c17')
+
+build() {
+ # Get binary sources.
+ bsdtar -xf "data.tar.xz"
+
+ # Extract license file
+ gzip -dfc "usr/share/doc/${_pkgname}/EULA.txt.gz" > "EULA.txt"
+}
+
+package() {
+ # Install files in the package
+ install -m 755 -d "${pkgdir}/usr/bin"
+ install -m 755 -t "${pkgdir}/usr/bin" "kvpnc"
+
+ install -m 755 -d "${pkgdir}/usr/lib/${pkgname}"
+ install -m 755 -t "${pkgdir}/usr/lib/${pkgname}" "usr/sbin/kvpncsvc"
+
+ install -m 755 -d "${pkgdir}/usr/lib"
+ install -m 644 -t "${pkgdir}/usr/lib" "usr/lib"/*
+
+ install -m 755 -d "${pkgdir}/usr/share/doc/${pkgname}"
+ install -m 644 -t "${pkgdir}/usr/share/doc/${pkgname}" "usr/share/doc/${_pkgname}/Acknowledgments.gz"
+ install -m 644 -t "${pkgdir}/usr/share/doc/${pkgname}" "usr/share/doc/${_pkgname}/copyright"
+
+ install -m 755 -d "${pkgdir}/usr/share/licenses/${pkgname}"
+ install -m 644 -t "${pkgdir}/usr/share/licenses/${pkgname}" "EULA.txt"
+
+ # Install configuration file
+ install -m 755 -d "${pkgdir}/etc/conf.d"
+ install -m 644 -t "${pkgdir}/etc/conf.d" kvpnc.conf
+
+ # Install systemd service
+ install -m 755 -d "${pkgdir}/usr/lib/systemd/system"
+ install -m 644 -t "${pkgdir}/usr/lib/systemd/system" kvpnc.service
+}
diff --git a/kerio-control-vpnclient-9.2.7.install b/kerio-control-vpnclient-9.2.7.install
new file mode 100644
index 00000000000..73e2f341a4b
--- /dev/null
+++ b/kerio-control-vpnclient-9.2.7.install
@@ -0,0 +1,7 @@
+post_install() {
+ echo "To configure Kerio VPN Client, launch as root: /usr/bin/kvpnc configure"
+}
+
+pre_remove() {
+ /usr/bin/kvpnc stop
+}
diff --git a/kvpnc b/kvpnc
new file mode 100755
index 00000000000..3c66cbf73a2
--- /dev/null
+++ b/kvpnc
@@ -0,0 +1,220 @@
+#!/bin/bash
+
+. /etc/conf.d/kvpnc.conf
+
+COMMAND_TIMEOUT=3
+NAME="kvpnc"
+DESC="Kerio Control VPN client"
+
+dialogbox () {
+ dialog \
+ --backtitle "$DAEMON_NAME configuration" \
+ --stdout \
+ $5 \
+ --title "$2" \
+ "$1" "\n$3" 9 78 $4
+}
+
+inputbox () {
+ dialogbox --inputbox "$1" "$2" "$3"
+}
+
+passwordbox () {
+ # Insecure means that asterisks will be shown in the input field
+ dialogbox --passwordbox "$1" "$2" "$3" --insecure
+}
+
+yesnobox () {
+ dialogbox --yesno "$1" "$2" "$3"
+ case "$?" in
+ 0)
+ echo yes
+ ;;
+ 1)
+ echo no
+ ;;
+ *)
+ ;;
+ esac
+}
+
+messagebox () {
+ dialogbox --msgbox "$1" "$2"
+}
+
+die () {
+ echo "Procedure aborted: $2" >&2
+ exit $1
+}
+
+execute_with_timeout() {
+ local PID
+ local TIMEOUT
+ local ITERATION
+ TIMEOUT=$1
+ shift
+ "$@" &
+ PID=$!
+ ITERATION=0
+ while [ $ITERATION -lt $TIMEOUT ]; do
+ # Check if the PID is still running
+ [ ! -d "/proc/$PID" ] && return 0
+ # Sleep 1 second for each iteration
+ sleep 1
+ ((ITERATION++))
+ done
+ # If the process is still running then try to kill it
+ [ -d "/proc/$PID" ] && killtree $PID 9
+ return 1
+}
+
+killtree() {
+ # Kill a process and all its children (from children to parent)
+ local _CHILD
+ for _CHILD in $(ps -o pid --no-headers --ppid $1); do
+ killtree ${_CHILD} ${2-TERM}
+ done
+ kill -${2-TERM} $1 1>&2 2> /dev/null
+}
+
+configure() {
+ local SERVER_NAME
+ local PORT_NUMBER
+ local SSL_REPLY
+ local AUTODETECT_FP
+ local DETECTED_FP
+ local ACCEPT_FP
+ local FINGERPRINT
+ local USER_NAME
+ local PASSWORD
+ local CONFIRM_PW
+ local XOR_PW
+ local ITERATION
+
+ SERVER_NAME=$(inputbox \
+ "Kerio VPN server address" \
+ "Please enter the host name or IP address of your Kerio VPN server." \
+ )
+ [ -z "$SERVER_NAME" ] && die 2 "The Kerio VPN server address must be set."
+
+ PORT_NUMBER=$(inputbox \
+ "Kerio VPN server port number" \
+ "Please enter the TCP port number of your Kerio VPN server." \
+ "4090" \
+ )
+ [ -z "$PORT_NUMBER" ] && die 3 "The Kerio VPN server port number must be set."
+
+ SSL_REPLY=$(execute_with_timeout $COMMAND_TIMEOUT bash -c "echo | \
+ openssl s_client -connect $SERVER_NAME:$PORT_NUMBER 2> /dev/null"
+ )
+ [ -z $SSL_REPLY ] && die 4 "Unable to connect to the Kerio VPN server"
+
+ AUTODETECT_FP=$(yesnobox \
+ "Autodetect fingerprint" \
+ "Automaticaly detect fingerprint from the Kerio VPN server?" \
+ )
+ [ -z "$AUTODETECT_FP" ] && die 5 "The user has cancelled."
+
+ if [ "$AUTODETECT_FP" = "yes" ]
+ then
+ # Detect the SSL server fingerprint
+ DETECTED_FP=$(echo "$SSL_REPLY" | \
+ openssl x509 -fingerprint -md5 -noout | \
+ sed s'/.*=//'
+ )
+ # A fingerprint was detected?
+ if [ -z "$DETECTED_FP" ]
+ then
+ # Fingerprint not detected, ask for manual input
+ messagebox \
+ "Automatic fingerprint detection failed" \
+ "The Kerio VPN server fingerprint was not automatically detected."
+ AUTODETECT_FP="no"
+ else
+ # Accept the autodetected fingerprint?
+ ACCEPT_FP=$(yesnobox \
+ "Accept detected fingerprint?" \
+ "The automatically detected fingerprint is $DETECTED_FP.\n\n
+Please check if the automaticaly detected fingerprint is correct." \
+ )
+ [ $ACCEPT_FP = "yes" ] && FINGERPRINT="$DETECTED_FP"
+ fi
+ fi
+
+ if [ "$AUTODETECT_FP" = "no" ]
+ then
+ # Ask for SSL server fingerprint
+ FINGERPRINT=$(inputbox \
+ "Kerio VPN server fingerprint" \
+ "Enter the Kerio VPN server's fingerprint."
+ )
+ fi
+ [ -z "$FINGERPRINT" ] && die 6 "The Kerio VPN server fingerprint must be set."
+
+ USER_NAME=$(inputbox \
+ "Kerio VPN server user name" \
+ "Please enter the user name of your Kerio VPN server account." \
+ )
+ [ -z "$USER_NAME" ] && die 7 "User name must be set."
+
+ PASSWORD=$(passwordbox \
+ "Kerio VPN server password for user $USER_NAME" \
+ "Please enter the password of your Kerio VPN server account." \
+ )
+ [ -z "$PASSWORD" ] && die 8 "Password must be set."
+
+ CONFIRM_PW=$(passwordbox \
+ "Kerio VPN server password for user $USER_NAME" \
+ "Please confirm the previous password of your Kerio VPN server account." \
+ )
+ [ "$CONFIRM_PW" != "$PASSWORD" ] && die 9 "Confirmed password is different."
+
+ for ITERATION in $(echo -n "$PASSWORD" | od -t d1 -A n)
+ do
+ XOR_PW=$(printf "%s%02x" "$XOR_PW" $((ITERATION ^ 85)))
+ done
+ cat > "$CFGFILE" << EOF
+<config>
+ <connections>
+ <connection type="persistent">
+ <server>${SERVER_NAME}</server>
+ <port>${PORT_NUMBER}</port>
+ <username>${USER_NAME}</username>
+ <password>XOR:${XOR_PW}</password>
+ <fingerprint>${FINGERPRINT}</fingerprint>
+ <active>1</active>
+ </connection>
+ </connections>
+</config>
+EOF
+ chmod 0600 "$CFGFILE"
+}
+
+case "$1" in
+ start)
+ # Check and prepare environment
+ [ ! -f "$CFGFILE" ] && die 1 "Configuration file not found, configure with $0 configure"
+ [ ! -d "$LIBDIR" ] && mkdir -p "$LIBDIR"
+ [ ! -d "$LOGDIR" ] && mkdir -p "$LOGDIR"
+ [ ! -h "$LIBDIR/logs" ] && ln -s -f -n "$LOGDIR" "$LIBDIR/logs"
+ # Start the daemon and append the output to the system logger
+ "$BINSVC" "$LIBDIR" > /dev/null
+ # Get exit status of the first command BEFORE the pipe
+ RET=$?
+ if [ $RET -gt 0 ]; then
+ die 1 "The kvpnsvc daemon died with exit code $RET"
+ else
+ pidof -o %PPID kvpncsvc > "$PIDFILE"
+ fi
+ ;;
+ stop)
+ killall -q kvpncsvc
+ rm -f "$PIDFILE"
+ ;;
+ configure)
+ configure
+ ;;
+ *)
+ echo "usage: $0 {start|stop|configure}"
+ ;;
+esac
diff --git a/kvpnc.conf b/kvpnc.conf
new file mode 100644
index 00000000000..5588ba6a0de
--- /dev/null
+++ b/kvpnc.conf
@@ -0,0 +1,7 @@
+# Kerio Control VPN Client configuration
+
+BINSVC="/usr/lib/kerio-control-vpnclient-9.2.7/kvpncsvc"
+LIBDIR="/var/lib/kerio-control-vpn"
+LOGDIR="/var/log/kerio-kvc"
+CFGFILE="/etc/kerio-kvc.conf"
+PIDFILE="/var/run/kvpncsvc.pid"
diff --git a/kvpnc.service b/kvpnc.service
new file mode 100644
index 00000000000..b627ec33c01
--- /dev/null
+++ b/kvpnc.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Kerio Control VPN client daemon
+Wants=network.target
+After=network.target
+
+[Service]
+EnvironmentFile=/etc/conf.d/kvpnc.conf
+Type=forking
+ExecStart=/usr/bin/kvpnc start
+ExecStop=/usr/bin/kvpnc stop
+KillMode=control-group
+
+[Install]
+WantedBy=multi-user.target
+
+# This service file runs a Kerio control VPN client daemon