diff options
| -rw-r--r-- | .SRCINFO | 27 | ||||
| -rw-r--r-- | PKGBUILD | 65 | ||||
| -rw-r--r-- | kerio-control-vpnclient.install | 7 | ||||
| -rwxr-xr-x | kvpnc | 220 | ||||
| -rw-r--r-- | kvpnc.conf | 7 | ||||
| -rw-r--r-- | kvpnc.service | 16 |
6 files changed, 342 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..a61178e262e8 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,27 @@ +pkgbase = kerio-control-vpnclient + pkgdesc = Kerio Control VPN client for corporate networks. + pkgver = 8.5.2.3397 + pkgrel = 1 + url = http://www.kerio.com/control + install = kerio-control-vpnclient.install + arch = i686 + arch = x86_64 + license = custom:EULA + depends = procps + depends = dialog + options = !strip + source = http://download.kerio.com/dwn/control/control-8.5.2-3397/kerio-control-vpnclient-8.5.2-3397-linux.deb + source = kvpnc + source = kvpnc.conf + source = kvpnc.service + sha256sums = bf9fc3ff1bb3cb22cc46efd50b737f4b803aee4c3b186bc1e2faee5e3f61958b + sha256sums = 8725cb7067f0640e75f6ac4d1894b067bca577fc0f1db1fdcedc937e8ca5f9a7 + sha256sums = 2f15a0d88c9fa915cd9150796638811daec911e6824b8ff5f96f131352d1e74a + sha256sums = bd8b1aabc31b9b24c4b63ce8099bef111dc84bd4923c77d42e05d3f1704d5c17 + depends_i686 = util-linux + depends_x86_64 = lib32-util-linux + depends_x86_64 = lib32-gcc-libs + depends_x86_64 = lib32-openssl + +pkgname = kerio-control-vpnclient + diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..6640195cc3b6 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,65 @@ +# Maintainer: Muflone http://www.muflone.com/contacts/english/ +# Contributor: ssv1982 <ssv1982@gmail.com> + +pkgname=kerio-control-vpnclient +pkgver=8.5.2.3397 +pkgrel=1 +pkgdesc="Kerio Control VPN client for corporate networks." +arch=('i686' 'x86_64') +url="http://www.kerio.com/control" +license=('custom:EULA') +options=(!strip) +install="${pkgname}.install" +depends=('procps' 'dialog') +depends_i686=('util-linux') +depends_x86_64=('lib32-util-linux' 'lib32-gcc-libs' 'lib32-openssl') +source=("http://download.kerio.com/dwn/control/control-${pkgver%.*}-${pkgver##*.}/kerio-control-vpnclient-${pkgver%.*}-${pkgver##*.}-linux.deb" + "kvpnc" + "kvpnc.conf" + "kvpnc.service") +sha256sums=('bf9fc3ff1bb3cb22cc46efd50b737f4b803aee4c3b186bc1e2faee5e3f61958b' + '8725cb7067f0640e75f6ac4d1894b067bca577fc0f1db1fdcedc937e8ca5f9a7' + '2f15a0d88c9fa915cd9150796638811daec911e6824b8ff5f96f131352d1e74a' + 'bd8b1aabc31b9b24c4b63ce8099bef111dc84bd4923c77d42e05d3f1704d5c17') + +build() { + # Get binary sources. + bsdtar -xf "data.tar.gz" + + # Extract license file + gzip -dfc "usr/share/doc/${pkgname}/EULA.txt.gz" > "EULA.txt" +} + +package() { + # Determine destination folder for libraries + if [ "$CARCH" = "x86_64" ]; then + _libdir=lib32 + else + _libdir=lib + fi + + # Install files in the package + install -m 755 -d "${pkgdir}/usr/bin" + install -m 755 -t "${pkgdir}/usr/bin" "kvpnc" + + install -m 755 -d "${pkgdir}/usr/lib/${pkgname}" + install -m 755 -t "${pkgdir}/usr/lib/${pkgname}" "usr/sbin/kvpncsvc" + + install -m 755 -d "${pkgdir}/usr/${_libdir}" + install -m 644 -t "${pkgdir}/usr/${_libdir}" "usr/lib"/* + + install -m 755 -d "${pkgdir}/usr/share/doc/${pkgname}" + install -m 644 -t "${pkgdir}/usr/share/doc/${pkgname}" "usr/share/doc/${pkgname}/Acknowledgments.gz" + install -m 644 -t "${pkgdir}/usr/share/doc/${pkgname}" "usr/share/doc/${pkgname}/copyright" + + install -m 755 -d "${pkgdir}/usr/share/licenses/${pkgname}" + install -m 644 -t "${pkgdir}/usr/share/licenses/${pkgname}" "EULA.txt" + + # Install configuration file + install -m 755 -d "${pkgdir}/etc/conf.d" + install -m 644 -t "${pkgdir}/etc/conf.d" kvpnc.conf + + # Install systemd service + install -m 755 -d "${pkgdir}/usr/lib/systemd/system" + install -m 644 -t "${pkgdir}/usr/lib/systemd/system" kvpnc.service +} diff --git a/kerio-control-vpnclient.install b/kerio-control-vpnclient.install new file mode 100644 index 000000000000..4b33afcd14d5 --- /dev/null +++ b/kerio-control-vpnclient.install @@ -0,0 +1,7 @@ +post_install() { + echo "To configure Kerio VPN Client launch as root: /usr/bin/kvpnc configure" +} + +pre_remove() { + /usr/bin/kvpnc stop +} diff --git a/kvpnc b/kvpnc new file mode 100755 index 000000000000..5db51c4e3aad --- /dev/null +++ b/kvpnc @@ -0,0 +1,220 @@ +#!/bin/bash + +. /etc/conf.d/kvpnc.conf + +COMMAND_TIMEOUT=3 +NAME="kvpnc" +DESC="Kerio Control VPN client" + +dialogbox () { + dialog \ + --backtitle "$DAEMON_NAME configuration" \ + --stdout \ + $5 \ + --title "$2" \ + "$1" "\n$3" 9 78 $4 +} + +inputbox () { + dialogbox --inputbox "$1" "$2" "$3" +} + +passwordbox () { + # Insecure means that asterisks will be shown in the input field + dialogbox --passwordbox "$1" "$2" "$3" --insecure +} + +yesnobox () { + dialogbox --yesno "$1" "$2" "$3" + case "$?" in + 0) + echo yes + ;; + 1) + echo no + ;; + *) + ;; + esac +} + +messagebox () { + dialogbox --msgbox "$1" "$2" +} + +die () { + echo "Procedure aborted: $2" >&2 + exit $1 +} + +execute_with_timeout() { + local PID + local TIMEOUT + local ITERATION + TIMEOUT=$1 + shift + "$@" & + PID=$! + ITERATION=0 + while [ $ITERATION -lt $TIMEOUT ]; do + # Check if the PID is still running + [ ! -d "/proc/$PID" ] && return 0 + # Sleep 1 second for each iteration + sleep 1 + ((ITERATION++)) + done + # If the process is still running then try to kill it + [ -d "/proc/$PID" ] && killtree $PID 9 + return 1 +} + +killtree() { + # Kill a process and all its children (from children to parent) + local _CHILD + for _CHILD in $(ps -o pid --no-headers --ppid $1); do + killtree ${_CHILD} ${2-TERM} + done + kill -${2-TERM} $1 1>&2 2> /dev/null +} + +configure() { + local SERVER_NAME + local PORT_NUMBER + local SSL_REPLY + local AUTODETECT_FP + local DETECTED_FP + local ACCEPT_FP + local FINGERPRINT + local USER_NAME + local PASSWORD + local CONFIRM_PW + local XOR_PW + local ITERATION + + SERVER_NAME=$(inputbox \ + "Kerio VPN server address" \ + "Please enter the host name or IP address of your Kerio VPN server." \ + ) + [ -z "$SERVER_NAME" ] && die 2 "The Kerio VPN server address must be set." + + PORT_NUMBER=$(inputbox \ + "Kerio VPN server port number" \ + "Please enter the TCP port number of your Kerio VPN server." \ + "4090" \ + ) + [ -z "$PORT_NUMBER" ] && die 3 "The Kerio VPN server port number must be set." + + SSL_REPLY=$(execute_with_timeout $COMMAND_TIMEOUT bash -c "echo | \ + openssl s_client -ssl3 -connect $SERVER_NAME:$PORT_NUMBER 2> /dev/null" + ) + [ -z $SSL_REPLY ] && die 4 "Unable to connect to the Kerio VPN server" + + AUTODETECT_FP=$(yesnobox \ + "Autodetect fingerprint" \ + "Automaticaly detect fingerprint from the Kerio VPN server?" \ + ) + [ -z "$AUTODETECT_FP" ] && die 5 "The user has cancelled." + + if [ "$AUTODETECT_FP" = "yes" ] + then + # Detect the SSL server fingerprint + DETECTED_FP=$(echo "$SSL_REPLY" | \ + openssl x509 -fingerprint -md5 -noout | \ + sed s'/.*=//' + ) + # A fingerprint was detected? + if [ -z "$DETECTED_FP" ] + then + # Fingerprint not detected, ask for manual input + messagebox \ + "Automatic fingerprint detection failed" \ + "The Kerio VPN server fingerprint was not automatically detected." + AUTODETECT_FP="no" + else + # Accept the autodetected fingerprint? + ACCEPT_FP=$(yesnobox \ + "Accept detected fingerprint?" \ + "The automatically detected fingerprint is $DETECTED_FP.\n\n +Please check if the automaticaly detected fingerprint is correct." \ + ) + [ $ACCEPT_FP = "yes" ] && FINGERPRINT="$DETECTED_FP" + fi + fi + + if [ "$AUTODETECT_FP" = "no" ] + then + # Ask for SSL server fingerprint + FINGERPRINT=$(inputbox \ + "Kerio VPN server fingerprint" \ + "Enter the Kerio VPN server's fingerprint." + ) + fi + [ -z "$FINGERPRINT" ] && die 6 "The Kerio VPN server fingerprint must be set." + + USER_NAME=$(inputbox \ + "Kerio VPN server user name" \ + "Please enter the user name of your Kerio VPN server account." \ + ) + [ -z "$USER_NAME" ] && die 7 "User name must be set." + + PASSWORD=$(passwordbox \ + "Kerio VPN server password for user $USER_NAME" \ + "Please enter the password of your Kerio VPN server account." \ + ) + [ -z "$PASSWORD" ] && die 8 "Password must be set." + + CONFIRM_PW=$(passwordbox \ + "Kerio VPN server password for user $USER_NAME" \ + "Please confirm the previous password of your Kerio VPN server account." \ + ) + [ "$CONFIRM_PW" != "$PASSWORD" ] && die 9 "Confirmed password is different." + + for ITERATION in $(echo -n "$PASSWORD" | od -t d1 -A n) + do + XOR_PW=$(printf "%s%02x" "$XOR_PW" $((ITERATION ^ 85))) + done + cat > "$CFGFILE" << EOF +<config> + <connections> + <connection type="persistent"> + <server>${SERVER_NAME}</server> + <port>${PORT_NUMBER}</port> + <username>${USER_NAME}</username> + <password>XOR:${XOR_PW}</password> + <fingerprint>${FINGERPRINT}</fingerprint> + <active>1</active> + </connection> + </connections> +</config> +EOF + chmod 0600 "$CFGFILE" +} + +case "$1" in + start) + # Check and prepare environment + [ ! -f "$CFGFILE" ] && die 1 "Configuration file not found, configure with $0 configure" + [ ! -d "$LIBDIR" ] && mkdir -p "$LIBDIR" + [ ! -d "$LOGDIR" ] && mkdir -p "$LOGDIR" + [ ! -h "$LIBDIR/logs" ] && ln -s -f -n "$LOGDIR" "$LIBDIR/logs" + # Start the daemon and append the output to the system logger + "$BINSVC" "$LIBDIR" > /dev/null + # Get exit status of the first command BEFORE the pipe + RET=$? + if [ $RET -gt 0 ]; then + die 1 "The kvpnsvc daemon died with exit code $RET" + else + pidof -o %PPID kvpncsvc > "$PIDFILE" + fi + ;; + stop) + killall -q kvpncsvc + rm -f "$PIDFILE" + ;; + configure) + configure + ;; + *) + echo "usage: $0 {start|stop|configure}" + ;; +esac diff --git a/kvpnc.conf b/kvpnc.conf new file mode 100644 index 000000000000..d2c2c5cf2145 --- /dev/null +++ b/kvpnc.conf @@ -0,0 +1,7 @@ +# Kerio Control VPN Client configuration + +BINSVC="/usr/lib/kerio-control-vpnclient/kvpncsvc" +LIBDIR="/var/lib/kerio-control-vpn" +LOGDIR="/var/log/kerio-kvc" +CFGFILE="/etc/kerio-kvc.conf" +PIDFILE="/var/run/kvpncsvc.pid" diff --git a/kvpnc.service b/kvpnc.service new file mode 100644 index 000000000000..b627ec33c018 --- /dev/null +++ b/kvpnc.service @@ -0,0 +1,16 @@ +[Unit] +Description=Kerio Control VPN client daemon +Wants=network.target +After=network.target + +[Service] +EnvironmentFile=/etc/conf.d/kvpnc.conf +Type=forking +ExecStart=/usr/bin/kvpnc start +ExecStop=/usr/bin/kvpnc stop +KillMode=control-group + +[Install] +WantedBy=multi-user.target + +# This service file runs a Kerio control VPN client daemon |