blob: 028a6b3b188f5fd2202881faf2a879a80178e5bf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
# Author: Grigory Vasilyev <echo "h0tc0d3(-*A*-)g-m*a-i-l(-d#t-)c#m" | sed -e 's/-//ig;s/*//ig;s/(A)/@/i;s/#/o/ig;s/(dot)/./i'>
# License: Apache 2.0
post_install() {
# Set OpenSSL Configuration file
openssl_conf=/etc/ssl/openssl.cnf
if [ ! -f ${openssl_conf} ]; then
echo "OpenSSL Configuration file ${openssl_conf} not exist!"
echo -e "Please manually edit yours OpenSSL configuration file and add strings \E[1m\E[33mopenssl_conf=openssl_gost # Set GOST Configuration\E[0m" \
"to the beginning and to the end \E[1m\E[33m.include \$dir/gost.cnf # Include GOST Configuration file\E[0m of the file!"
echo "Sample configuration file gost.cnf you are can get from /etc/ssl folder!"
exit 0
fi
# Checking Active OpenSSL Configuration
if ! grep -iq "\.include\s*\$dir/gost\.cnf" ${openssl_conf} ||
! grep -iq "openssl_conf=openssl_gost" ${openssl_conf}; then
# Backup OpenSSL Configuration file
name=${openssl_conf}
if [[ -e $name.orig || -L $name.orig ]]; then
i=0
while [[ -e $name.$i.orig || -L $name.$i.orig ]]; do
((i++))
done
name=$name.$i
fi
echo "Backup OpenSSL Configuration to ${name}.orig"
cp -f ${openssl_conf} ${name}.orig
# Add include GOST Configuration file /etc/ssl/gost.cnf to the end of OpenSSL Configuration file
if ! grep -iq "\.include\s*\$dir/gost\.cnf" ${openssl_conf}; then
# Write '.include $dir/gost.cnf # Include GOST Configuration file' string to the end of configuration file
sed -i "$ a\ \n.include \$dir/gost.cnf # Include GOST Configuration file" ${openssl_conf}
fi
# Set GOST Configuration in the OpenSSL Configuration file
if ! grep -iq "openssl_conf" ${openssl_conf}; then
# Write 'openssl_conf=openssl_gost # Set GOST Configuration' string before '# Note that you can' or in the top of configuration file
sed -i "/#\s*Note\s*that\s*you\s*can/I i openssl_conf=openssl_gost # Set GOST Configuration\n" ${openssl_conf}
# If not found GOST Configuration then write at first line 'openssl_conf=openssl_gost # Set GOST Configuration'
if ! grep -iq "openssl_conf" ${openssl_conf}; then
sed -i "1 i openssl_conf=openssl_gost # Set GOST Configuration\n" ${openssl_conf}
fi
else
if ! grep -iq "openssl_conf=openssl_gost" ${openssl_conf}; then
echo -e "\E[1m\E[33mopenssl_conf\E[0m already defined in ${openssl_conf} file!"
echo -e "Please check ${openssl_conf} file and add string \E[1m\E[33mopenssl_conf=openssl_gost # Set GOST Configuration\E[0m" \
"to the beginning of the ${openssl_conf} file!"
exit 0
fi
fi
fi
if ! grep -iq "\.include\s*\$dir/gost\.cnf" ${openssl_conf} ||
! grep -iq "openssl_conf=openssl_gost" ${openssl_conf}; then
echo 'OpenSSL GOST Configuration failed!'
echo -e "Please check ${openssl_conf} file and add string \E[1m\E[33mopenssl_conf=openssl_gost # Set GOST Configuration\E[0m" \
"to the beginning and to the end \E[1m\E[33m.include \$dir/gost.cnf # Include GOST Configuration file\E[0m of the file!"
exit 0
fi
if openssl engine | grep -iq "gost"; then
echo -e "\E[1m\E[33mGost Engine successfully installed and OpenSSL automatic configured! All works fine!\E[0m"
fi
}
post_remove() {
# Set OpenSSL Configuration file
openssl_conf=/etc/ssl/openssl.cnf
if [ ! -f ${openssl_conf} ]; then
echo "OpenSSL Configuration file ${openssl_conf} not exist!"
echo -e "Please edit yours OpenSSL Configuration file and remove strings \E[1m\E[33mopenssl_conf=openssl_gost # Set GOST Configuration\E[0m" \
"in the beginning and in the end \E[1m\E[33m.include \$dir/gost.cnf # Include GOST Configuration file\E[0m of the file!"
exit 0
fi
# Checking Active OpenSSL Configuration
if grep -iq "\.include\s*\$dir/gost\.cnf" ${openssl_conf} ||
grep -iq "openssl_conf=openssl_gost" ${openssl_conf}; then
# Backup OpenSSL Configuration
name=${openssl_conf}
if [[ -e $name.gost || -L $name.gost ]]; then
i=0
while [[ -e $name.$i.gost || -L $name.$i.gost ]]; do
((i++))
done
name=$name.$i
fi
echo "Backup OpenSSL Configuration to ${name}.gost"
cp -f ${openssl_conf} ${name}.gost
# Remove include GOST Configuration file gost.cnf from OpenSSL Configuration file
if grep -iq "\.include\s*\$dir/gost\.cnf" ${openssl_conf}; then
sed -i ":a;N;\$!ba;s/\n\?\(\#\s*Include\s*GOST\s*Configuration\s*file\s*\)\?\.include\s*\$dir\/gost\.cnf\s*\(\#\s*\(Include\)\?\s*GOST\s*\(Configuration\)\?\s*\(file\)\?\)\?//IM" ${openssl_conf}
fi
if ! grep -iq "\.include\s*\$dir/gost\.cnf" ${openssl_conf}; then
echo -e "Remove include GOST Configuration file gost.cnf from ${openssl_conf} file - \E[1m\E[32mSUCCESS\E[0m"
else
echo -e "Remove include GOST Configuration file gost.cnf from ${openssl_conf} file - \E[1m\E[31mFAILED\E[0m" \
"\nPlease manually remove string \E[1m\E[33m.include \$dir/gost.cnf # Include GOST Configuration file\E[0m from the OpenSSL Configuration file!"
fi
# Remove GOST Configuration from OpenSSL Configuration file
if grep -iq "openssl_conf=openssl_gost" ${openssl_conf}; then
sed -i ":a;N;\$!ba;s/\(\#\s*Set\s*GOST\s*Configuration\s*\)\?openssl_conf\s*=\s*openssl_gost\s*\(\#\s*\(Set\)\?\s*GOST\s*\(Configuration\)\?\)\?\n\?//IM" ${openssl_conf}
fi
if ! grep -iq "openssl_conf=openssl_gost" ${openssl_conf}; then
echo -e "Remove GOST Configuration from OpenSSL Configuration ${openssl_conf} file - \E[1m\E[32mSUCCESS\E[0m"
else
echo -e "Remove GOST Configuration from ${openssl_conf} file - \E[1m\E[31mFAILED\E[0m" \
"\nPlease manually remove string \E[1m\E[33mopenssl_conf=openssl_gost # Set GOST Configuration\E[0m from the OpenSSL Configuration file!"
fi
fi
}
|