Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env bash
- if [ -z "$BASH" ] ; then
- bash $0
- exit
- fi
- my_name=$0
- function setup_environment {
- bf=""
- n=""
- ORGANISATION="ENSTA ParisTech - Ecole Nationale Supérieure de Techniques Avancées"
- URL="your local eduroam support page"
- SUPPORT="sie.enseignement@ensta-paristech.fr"
- if [ ! -z "$DISPLAY" ] ; then
- if which zenity 1>/dev/null 2>&1 ; then
- ZENITY=`which zenity`
- elif which kdialog 1>/dev/null 2>&1 ; then
- KDIALOG=`which kdialog`
- else
- if tty > /dev/null 2>&1 ; then
- if echo $TERM | grep -E -q "xterm|gnome-terminal|lxterminal" ; then
- bf="[1m";
- n="[0m";
- fi
- else
- find_xterm
- if [ -n "$XT" ] ; then
- $XT -e $my_name
- fi
- fi
- fi
- fi
- }
- function split_line {
- echo $1 | awk -F '\\\\n' 'END { for(i=1; i <= NF; i++) print $i }'
- }
- function find_xterm {
- terms="xterm aterm wterm lxterminal rxvt gnome-terminal konsole"
- for t in $terms
- do
- if which $t > /dev/null 2>&1 ; then
- XT=$t
- break
- fi
- done
- }
- function ask {
- T="eduroam CAT"
- # if ! [ -z "$3" ] ; then
- # T="$T: $3"
- # fi
- if [ ! -z $KDIALOG ] ; then
- if $KDIALOG --yesno "${1}\n${2}?" --title "$T" ; then
- return 0
- else
- return 1
- fi
- fi
- if [ ! -z $ZENITY ] ; then
- text=`echo "${1}" | fmt -w60`
- if $ZENITY --no-wrap --question --text="${text}\n${2}?" --title="$T" 2>/dev/null ; then
- return 0
- else
- return 1
- fi
- fi
- yes=Y
- no=N
- yes1=`echo $yes | awk '{ print toupper($0) }'`
- no1=`echo $no | awk '{ print toupper($0) }'`
- if [ $3 == "0" ]; then
- def=$yes
- else
- def=$no
- fi
- echo "";
- while true
- do
- split_line "$1"
- read -p "${bf}$2 ${yes}/${no}? [${def}]:$n " answer
- if [ -z "$answer" ] ; then
- answer=${def}
- fi
- answer=`echo $answer | awk '{ print toupper($0) }'`
- case "$answer" in
- ${yes1})
- return 0
- ;;
- ${no1})
- return 1
- ;;
- esac
- done
- }
- function alert {
- if [ ! -z $KDIALOG ] ; then
- $KDIALOG --sorry "${1}"
- return
- fi
- if [ ! -z $ZENITY ] ; then
- $ZENITY --warning --text="$1" 2>/dev/null
- return
- fi
- echo "$1"
- }
- function show_info {
- if [ ! -z $KDIALOG ] ; then
- $KDIALOG --msgbox "${1}"
- return
- fi
- if [ ! -z $ZENITY ] ; then
- $ZENITY --info --width=500 --text="$1" 2>/dev/null
- return
- fi
- split_line "$1"
- }
- function confirm_exit {
- if [ ! -z $KDIALOG ] ; then
- if $KDIALOG --yesno "Really quit?" ; then
- exit 1
- fi
- fi
- if [ ! -z $ZENITY ] ; then
- if $ZENITY --question --text="Really quit?" 2>/dev/null ; then
- exit 1
- fi
- fi
- }
- function prompt_nonempty_string {
- prompt=$2
- if [ ! -z $ZENITY ] ; then
- if [ $1 -eq 0 ] ; then
- H="--hide-text "
- fi
- if ! [ -z "$3" ] ; then
- D="--entry-text=$3"
- fi
- elif [ ! -z $KDIALOG ] ; then
- if [ $1 -eq 0 ] ; then
- H="--password"
- else
- H="--inputbox"
- fi
- fi
- out_s="";
- if [ ! -z $ZENITY ] ; then
- while [ ! "$out_s" ] ; do
- out_s=`$ZENITY --entry --width=300 $H $D --text "$prompt" 2>/dev/null`
- if [ $? -ne 0 ] ; then
- confirm_exit
- fi
- done
- elif [ ! -z $KDIALOG ] ; then
- while [ ! "$out_s" ] ; do
- out_s=`$KDIALOG $H "$prompt" "$3"`
- if [ $? -ne 0 ] ; then
- confirm_exit
- fi
- done
- else
- while [ ! "$out_s" ] ; do
- read -p "${prompt}: " out_s
- done
- fi
- echo "$out_s";
- }
- function user_cred {
- PASSWORD="a"
- PASSWORD1="b"
- if ! USER_NAME=`prompt_nonempty_string 1 "enter your userid"` ; then
- exit 1
- fi
- while [ "$PASSWORD" != "$PASSWORD1" ]
- do
- if ! PASSWORD=`prompt_nonempty_string 0 "enter your password"` ; then
- exit 1
- fi
- if ! PASSWORD1=`prompt_nonempty_string 0 "repeat your password"` ; then
- exit 1
- fi
- if [ "$PASSWORD" != "$PASSWORD1" ] ; then
- alert "passwords do not match"
- fi
- done
- }
- setup_environment
- show_info "This installer has been prepared for ${ORGANISATION}\n\nMore information and comments:\n\nEMAIL: ${SUPPORT}\nWWW: ${URL}\n\nInstaller created with software from the GEANT project."
- if ! ask "This installer will only work properly if you are a member of ${bf}ENSTA ParisTech - Ecole Nationale Supérieure de Techniques Avancées.${n}" "Continue" 1 ; then exit; fi
- if [ -d $HOME/.cat_installer ] ; then
- if ! ask "Directory $HOME/.cat_installer exists; some of its files may be overwritten." "Continue" 1 ; then exit; fi
- else
- mkdir $HOME/.cat_installer
- fi
- # save certificates
- echo "-----BEGIN CERTIFICATE-----
- MIIDsTCCApmgAwIBAgIQES7lgeBjIpJDjzDZApJMTTANBgkqhkiG9w0BAQUFADBN
- MRMwEQYKCZImiZPyLGQBGRYDbG9jMRcwFQYKCZImiZPyLGQBGRYHZXh0cmVtZTEd
- MBsGA1UEAxMURU5TVEEgUm9vdCBBdXRob3JpdHkwHhcNMTEwNzIwMDgzODU1WhcN
- MjEwNzIwMTQ0NzU3WjBNMRMwEQYKCZImiZPyLGQBGRYDbG9jMRcwFQYKCZImiZPy
- LGQBGRYHZXh0cmVtZTEdMBsGA1UEAxMURU5TVEEgUm9vdCBBdXRob3JpdHkwggEi
- MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF/Qbr9yrfx7xqqHiIxTbRDvkY
- DZog4pcz1BGYfKOHQRD05iYn2CLSPv5V9LJfHzsPRjFeomoB+my7XOrm+Kcg0PO7
- SzVs1dK8V97K+f5TIu700FanIFwic/eT6zu5y1O32Qk3EQy2VObMdJ/C94HDeL0z
- wZX2A15438NTg47zIEvwuuloeqWprL2WdMP/LHKQ0FWGaEMOvXzB1yzd6Z38cNou
- 7rixWKQ/JsV+bfM22vqAw5eVTxN7xe4qPyKswDuELLv3axClWuHaAilcsgoxEg8q
- ns8h6jKdmG5Uc8zPAlqMAgBBujGCpZHt6ii1HM6SIK/F7RMJR9/bHTc6IX3BAgMB
- AAGjgYwwgYkwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgFGMA8GA1Ud
- EwEB/wQFMAMBAf8wHQYDVR0OBBYEFAX6Wl9zsCFJh5dVrrCRRAupkciCMBAGCSsG
- AQQBgjcVAQQDAgEBMCMGCSsGAQQBgjcVAgQWBBS1HRFb/Qlvi8kzAcCZEUETQsyC
- YTANBgkqhkiG9w0BAQUFAAOCAQEAWbDXhIn5NHXp9RgWMCw/DQ2bW41NQfhhapzH
- DaaTz1WQkdUggrduZ/eMe8THXXVqwDt2IO2DnH/1h/p1GJ4Isp+1EJWPMEzPY3vJ
- Ud3huYDk3ZKWxpG2yx7AjxyHMmrYO0RpaLFyjHmkhvr7/kxsFYYjbalKVtUSqevJ
- Dhq1Op/vfsRxw8TVEF4Oj4ZAyRG857wxQbL8LWRJ+ME84njJLpjzWpj4q51Q0RVI
- QYg2pxrkav+sMQYvcAn6faBkHVzFmsvKjOM2QONrDQlEQw833vYD8cyDSVUP7/MY
- 58Un63r0GoR/xVGh//6/QNz98g37u/aFhPalzgwt82IoBdK9fw==
- -----END CERTIFICATE-----
- " > $HOME/.cat_installer/ca.pem
- function run_python_script {
- PASSWORD=$( echo "$PASSWORD" | sed "s/'/\\\'/g" )
- if python << EEE1 > /dev/null 2>&1
- import dbus
- EEE1
- then
- PYTHON=python
- elif python3 << EEE2 > /dev/null 2>&1
- import dbus
- EEE2
- then
- PYTHON=python3
- else
- PYTHON=none
- return 1
- fi
- $PYTHON << EOF > /dev/null 2>&1
- #-*- coding: utf-8 -*-
- import dbus
- import re
- import sys
- import uuid
- import os
- class EduroamNMConfigTool:
- def connect_to_NM(self):
- #connect to DBus
- try:
- self.bus = dbus.SystemBus()
- except dbus.exceptions.DBusException:
- print("Can't connect to DBus")
- sys.exit(2)
- #main service name
- self.system_service_name = "org.freedesktop.NetworkManager"
- #check NM version
- self.check_nm_version()
- if self.nm_version == "0.9" or self.nm_version == "1.0":
- self.settings_service_name = self.system_service_name
- self.connection_interface_name = "org.freedesktop.NetworkManager.Settings.Connection"
- #settings proxy
- sysproxy = self.bus.get_object(self.settings_service_name, "/org/freedesktop/NetworkManager/Settings")
- #settings intrface
- self.settings = dbus.Interface(sysproxy, "org.freedesktop.NetworkManager.Settings")
- elif self.nm_version == "0.8":
- #self.settings_service_name = "org.freedesktop.NetworkManagerUserSettings"
- self.settings_service_name = "org.freedesktop.NetworkManager"
- self.connection_interface_name = "org.freedesktop.NetworkManagerSettings.Connection"
- #settings proxy
- sysproxy = self.bus.get_object(self.settings_service_name, "/org/freedesktop/NetworkManagerSettings")
- #settings intrface
- self.settings = dbus.Interface(sysproxy, "org.freedesktop.NetworkManagerSettings")
- else:
- print("This Network Manager version is not supported")
- sys.exit(2)
- def check_opts(self):
- self.cacert_file = '${HOME}/.cat_installer/ca.pem'
- self.pfx_file = '${HOME}/.cat_installer/user.p12'
- if not os.path.isfile(self.cacert_file):
- print("Certificate file not found, looks like a CAT error")
- sys.exit(2)
- def check_nm_version(self):
- try:
- proxy = self.bus.get_object(self.system_service_name, "/org/freedesktop/NetworkManager")
- props = dbus.Interface(proxy, "org.freedesktop.DBus.Properties")
- version = props.Get("org.freedesktop.NetworkManager", "Version")
- except dbus.exceptions.DBusException:
- version = "0.8"
- if re.match(r'^1\.', version):
- self.nm_version = "1.0"
- return
- if re.match(r'^0\.9', version):
- self.nm_version = "0.9"
- return
- if re.match(r'^0\.8', version):
- self.nm_version = "0.8"
- return
- else:
- self.nm_version = "Unknown version"
- return
- def byte_to_string(self, barray):
- return "".join([chr(x) for x in barray])
- def delete_existing_connections(self, ssid):
- "checks and deletes earlier connections"
- try:
- conns = self.settings.ListConnections()
- except dbus.exceptions.DBusException:
- print("DBus connection problem, a sudo might help")
- exit(3)
- for each in conns:
- con_proxy = self.bus.get_object(self.system_service_name, each)
- connection = dbus.Interface(con_proxy, "org.freedesktop.NetworkManager.Settings.Connection")
- try:
- connection_settings = connection.GetSettings()
- if connection_settings['connection']['type'] == '802-11-wireless':
- conn_ssid = self.byte_to_string(connection_settings['802-11-wireless']['ssid'])
- if conn_ssid == ssid:
- connection.Delete()
- except dbus.exceptions.DBusException:
- pass
- def add_connection(self,ssid):
- server_alt_subject_name_list = dbus.Array({'DNS:ucopia.ensta.fr','DNS:ucopya.ensta.fr'})
- server_name = 'ensta.fr'
- if self.nm_version == "0.9" or self.nm_version == "1.0":
- match_key = 'altsubject-matches'
- match_value = server_alt_subject_name_list
- else:
- match_key = 'subject-match'
- match_value = server_name
- s_con = dbus.Dictionary({
- 'type': '802-11-wireless',
- 'uuid': str(uuid.uuid4()),
- 'permissions': ['user:$USER'],
- 'id': ssid
- })
- s_wifi = dbus.Dictionary({
- 'ssid': dbus.ByteArray(ssid.encode('utf8')),
- 'security': '802-11-wireless-security'
- })
- s_wsec = dbus.Dictionary({
- 'key-mgmt': 'wpa-eap',
- 'proto': ['rsn',],
- 'pairwise': ['ccmp',],
- 'group': ['ccmp', 'tkip']
- })
- s_8021x = dbus.Dictionary({
- 'eap': ['ttls'],
- 'identity': '$USER_NAME',
- 'ca-cert': dbus.ByteArray("file://{0}\0".format(self.cacert_file).encode('utf8')),
- match_key: match_value,
- 'password': '$PASSWORD',
- 'phase2-auth': 'pap',
- 'anonymous-identity': 'anonymous@ensta.fr',
- })
- s_ip4 = dbus.Dictionary({'method': 'auto'})
- s_ip6 = dbus.Dictionary({'method': 'auto'})
- con = dbus.Dictionary({
- 'connection': s_con,
- '802-11-wireless': s_wifi,
- '802-11-wireless-security': s_wsec,
- '802-1x': s_8021x,
- 'ipv4': s_ip4,
- 'ipv6': s_ip6
- })
- self.settings.AddConnection(con)
- def main(self):
- self.check_opts()
- ver = self.connect_to_NM()
- self.delete_existing_connections('eduroam')
- self.add_connection('eduroam')
- if __name__ == "__main__":
- ENMCT = EduroamNMConfigTool()
- ENMCT.main()
- EOF
- }
- function create_wpa_conf {
- cat << EOFW >> $HOME/.cat_installer/cat_installer.conf
- network={
- ssid="eduroam"
- key_mgmt=WPA-EAP
- pairwise=CCMP
- group=CCMP TKIP
- eap=TTLS
- ca_cert="${HOME}/.cat_installer/ca.pem"
- identity="${USER_NAME}"
- domain_suffix_match="ensta.fr"
- phase2="auth=PAP"
- password="${PASSWORD}"
- anonymous_identity="anonymous@ensta.fr"
- }
- EOFW
- chmod 600 $HOME/.cat_installer/cat_installer
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement