-
-
Save FollowMeDown/c9cd41dc8fdd2d0b4076d260a3239305 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # description: Cisco Anyconnect CSD wrapper for OpenConnect | |
| # author: https://github.com/asarkar/ | |
| # gist: https://gist.github.com/asarkar/fb4452a4abdf9e4a9752a7d55d2cdc93 | |
| # connect: sudo openconnect --background \ | |
| # --user=<username> \ | |
| # --authgroup=1 \ | |
| # --csd-user=<localhost username> \ | |
| # --csd-wrapper=<script location on localhost> \ | |
| # --os=mac-intel \ | |
| # https://<server>[:port][/group] | |
| # disconnect: sudo pkill openconnect | |
| # OR if you don't have pkill | |
| # sudo kill -SIGTERM $(ps aux | awk '/openconnect/ && !/awk/ {print $2}') | |
| if [ -z ${SUDO_COMMAND+x} ]; then | |
| printf "Please define CSD_HOSTNAME" | |
| exit 1 | |
| fi | |
| CMD=($SUDO_COMMAND) | |
| URL=${CMD[@]: -1} | |
| NUM_SLASH=$(echo "$URL" | awk -F/ '{print NF-1}') | |
| if (( NUM_SLASH > 2 )); then # URL contains group | |
| CSD_HOSTNAME=$(dirname "$URL") | |
| else | |
| CSD_HOSTNAME=$URL | |
| fi | |
| # parse command line | |
| shift | |
| URL= | |
| TICKET= | |
| STUB= | |
| GROUP= | |
| CERTHASH= | |
| LANGSELEN= | |
| while [ "$1" ]; do | |
| if [ "$1" == "-ticket" ]; then shift; TICKET=$1; fi | |
| if [ "$1" == "-stub" ]; then shift; STUB=$1; fi | |
| if [ "$1" == "-group" ]; then shift; GROUP=$1; fi | |
| if [ "$1" == "-certhash" ]; then shift; CERTHASH=$1; fi | |
| if [ "$1" == "-url" ]; then shift; URL=$1; fi | |
| if [ "$1" == "-langselen" ];then shift; LANGSELEN=$1; fi | |
| shift | |
| done | |
| case $(uname) in | |
| Darwin) | |
| ARCH="darwin_x64" | |
| ;; | |
| linux) | |
| ARCH=$(uname -m) | |
| if [[ "$ARCH" == "x86_64" ]]; then | |
| ARCH="linux_x64" | |
| else | |
| ARCH="linux_i386" | |
| fi | |
| ;; | |
| esac | |
| HOSTSCAN_DIR="$HOME/.cisco/hostscan" | |
| LIB_DIR="$HOSTSCAN_DIR/lib" | |
| BIN_DIR="$HOSTSCAN_DIR/bin" | |
| # create dirs | |
| for dir in $HOSTSCAN_DIR $LIB_DIR $BIN_DIR ; do | |
| if [[ ! -d $dir ]]; then | |
| printf "Creating dir: %s\n" "$dir" | |
| mkdir -p "$dir" | |
| fi | |
| done | |
| # download manifest | |
| curl -kLsS "$CSD_HOSTNAME/CACHE/sdesktop/hostscan/$ARCH/manifest" -o "$HOSTSCAN_DIR/manifest" | |
| case $(uname) in | |
| Darwin) | |
| SED="sed -E"; | |
| ;; | |
| *) | |
| SED="sed -r"; | |
| ;; | |
| esac; | |
| ${SED} 's/\(|\)//g' "$HOSTSCAN_DIR/manifest" | cut -d " " -f 2,4 | \ | |
| while read -r line; do | |
| read -ra TOKENS <<< "$line" | |
| FOUND=$(find "$HOSTSCAN_DIR" -name "${TOKENS[0]}" -exec md5 -rq {} \; | grep "${TOKENS[1]}") | |
| if [[ -z "$FOUND" ]]; then | |
| DEST_DIR= | |
| if [[ "${TOKENS[0]}" = *.dylib ]]; then | |
| DEST_DIR="$LIB_DIR" | |
| else | |
| DEST_DIR="$BIN_DIR" | |
| fi | |
| FILE_URL="$CSD_HOSTNAME/CACHE/sdesktop/hostscan/$ARCH/${TOKENS[0]}" | |
| printf "Downloading %s to %s\n" "${TOKENS[0]}" "$DEST_DIR" | |
| if curl -o /dev/null -ks --head --fail "$FILE_URL"; then | |
| curl -kLsS "$FILE_URL" -o "$DEST_DIR/${TOKENS[0]}" | |
| else | |
| curl -o - -kLsS "$FILE_URL.gz" | gunzip > "$DEST_DIR/${TOKENS[0]}" | |
| fi | |
| else | |
| printf "%s already exists\n" "${TOKENS[0]}" | |
| fi | |
| done | |
| chmod -R u+x "$BIN_DIR" | |
| ARGS="-log error -ticket $TICKET -stub $STUB -group $GROUP -host $URL -certhash $CERTHASH" | |
| rm -rf "$HOSTSCAN_DIR/log" | |
| printf "Launching: %s/cstub %s\n" "$BIN_DIR" "$ARGS" | |
| "$BIN_DIR/cstub" $ARGS |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment