brettvitaz · February 10, 2018 08:32 · brettvitaz · Feb 10, 2018
diff --git a/csd-wrapper.sh b/csd-wrapper.sh
 #!/usr/bin/env bash
 # Cisco Anyconnect CSD wrapper for OpenConnect
 # Requirements: 
 # - wget (brew install wget)
 # - md5sum (brew install md5sha1sum)

 # Enter your vpn host here
 #CSD_HOSTNAME=
 if [[ -z ${CSD_HOSTNAME} ]]
 then
    echo "Define CSD_HOSTNAME with vpn-host in script or environment var. Exiting."
    exit 1
 fi

 export HOSTSCAN_DIR="$HOME/.cisco/hostscan"
 LIB_DIR="$HOSTSCAN_DIR/lib"
 BIN_DIR="$HOSTSCAN_DIR/bin"

 BINS=("cscan" "cstub" "cnotify")


 # parsing command line
 shift

 URL=
 TICKET=
 STUB=
 GROUP=
 CERTHASH=
 LANGSELEN=

 while [ "$1" ]; do
    if [ "$1" == "-ticket" ];   then shift; TICKET=$1; fi
    if [ "$1" == "-stub" ];     then shift; STUB=$1; fi
    if [ "$1" == "-group" ];    then shift; GROUP=$1; fi
    if [ "$1" == "-certhash" ]; then shift; CERTHASH=$1; fi
    if [ "$1" == "-url" ];      then shift; URL=$1; fi
    if [ "$1" == "-langselen" ];then shift; LANGSELEN=$1; fi
    shift
 done


 case `uname` in
    Darwin)
        ARCH="darwin_i386"
        SED="sed -E";
    ;;
    linux)
        SED="sed -r";
        ARCH=$(uname -m)
        if [[ "$ARCH" == "x86_64" ]]
        then
            ARCH="linux_x64"
        else
            ARCH="linux_i386"
        fi
    ;;
    *)
        SED="sed -r";
    ;;
 esac

 # creating dirs
 for dir in $HOSTSCAN_DIR $LIB_DIR $BIN_DIR ; do
    if [[ ! -f $dir ]]
    then
        mkdir -p $dir
    fi
 done

 # getting manifest, and checking binaries
 wget --quiet --no-check-certificate -c "https://${CSD_HOSTNAME}/CACHE/sdesktop/hostscan/$ARCH/manifest" -O "$HOSTSCAN_DIR/manifest"

 # generating md5.sum with full paths from manifest
 cat $HOSTSCAN_DIR/manifest | ${SED} 's/\(|\)//g' | awk '{ cmd = "find $HOSTSCAN_DIR -iname " $2; while (cmd | getline line) { print $4, line; } }' > $HOSTSCAN_DIR/md5.sum

 # check number of files either
 MD5_LINES=`wc -l $HOSTSCAN_DIR/md5.sum | awk '{ print $1; }'`
 MANIFEST_LINES=`wc -l $HOSTSCAN_DIR/manifest | awk '{ print $1; }'`
 echo "Got $MANIFEST_LINES files in manifest, locally found $MD5_LINES"

 # check md5 - md5sum can hang if md5.sum file is empty (like on first run)
 if [[ $MD5_LINES -ne 0 ]]; then
    md5sum -c $HOSTSCAN_DIR/md5.sum
 fi

 if [[ "$?" -ne "0" || "$MD5_LINES" -ne "$MANIFEST_LINES" ]]
 then
    echo "Corrupted files, or whatever wrong with md5 sums, or missing some file"
    # just download every file mentioned in manifest (not ideal, but hopefully should be enough)
    FILES=( $(cat $HOSTSCAN_DIR/manifest | ${SED} 's/\(|\)//g' | awk '{ print $2; }') )
    WORK_DIR=`pwd`
    TMP_DIR=`mktemp -d` && cd $TMP_DIR
    for i in "${FILES[@]}" ; do
        FILE="$(basename "$i")"

        echo "Downloading: $FILE to $TMP_DIR"
        wget  --quiet --no-check-certificate -c "https://${CSD_HOSTNAME}/CACHE/sdesktop/hostscan/$ARCH/$FILE" -O $FILE

        # some files are in gz (don't understand logic here)
        if [[ ! -f $FILE || ! -s $FILE ]]
        then
            # remove 0 size files
            if [[ ! -s $FILE ]]; then
                rm $FILE
            fi

            echo "Failure on $FILE, trying gz"
            FILE_GZ=$FILE.gz
            wget --quiet --no-check-certificate -c "https://${CSD_HOSTNAME}/CACHE/sdesktop/hostscan/$ARCH/$FILE_GZ" -O $FILE_GZ
            gunzip --verbose --decompress $FILE_GZ
        fi

        # don't know why, but my version of hostscan requires tables to be stored in libs
        echo $FILE | grep --extended-regexp --quiet --invert-match ".dylib|.so|tables.dat"
        IS_LIB=$?
        if [[ "$IS_LIB" -eq "1" ]]
        then
            cp -v $FILE $LIB_DIR
        else
            cp -v $FILE $BIN_DIR
        fi

    done

    for i in "${BINS[@]}" ; do
        echo "Setting excecution bit on: $BIN_DIR/$i"
        test -f $BIN_DIR/$i && chmod u+x $BIN_DIR/$i
    done

    cd $WORK_DIR
    rm -rf $TMP_DIR
 fi

 # cstub doesn't care about logging options, sic!
 ARGS="-log error -ticket $TICKET -stub $STUB -group $GROUP -host $URL -certhash $CERTHASH"

 echo "Launching: $BIN_DIR/cstub $ARGS"
 $BIN_DIR/cstub $ARGS
	#!/usr/bin/env bash
	# Cisco Anyconnect CSD wrapper for OpenConnect
	# Requirements:
	# - wget (brew install wget)
	# - md5sum (brew install md5sha1sum)

	# Enter your vpn host here
	#CSD_HOSTNAME=
	if [[ -z ${CSD_HOSTNAME} ]]
	then
	echo "Define CSD_HOSTNAME with vpn-host in script or environment var. Exiting."
	exit 1
	fi

	export HOSTSCAN_DIR="$HOME/.cisco/hostscan"
	LIB_DIR="$HOSTSCAN_DIR/lib"
	BIN_DIR="$HOSTSCAN_DIR/bin"

	BINS=("cscan" "cstub" "cnotify")


	# parsing command line
	shift

	URL=
	TICKET=
	STUB=
	GROUP=
	CERTHASH=
	LANGSELEN=

	while [ "$1" ]; do
	if [ "$1" == "-ticket" ]; then shift; TICKET=$1; fi
	if [ "$1" == "-stub" ]; then shift; STUB=$1; fi
	if [ "$1" == "-group" ]; then shift; GROUP=$1; fi
	if [ "$1" == "-certhash" ]; then shift; CERTHASH=$1; fi
	if [ "$1" == "-url" ]; then shift; URL=$1; fi
	if [ "$1" == "-langselen" ];then shift; LANGSELEN=$1; fi
	shift
	done


	case `uname` in
	Darwin)
	ARCH="darwin_i386"
	SED="sed -E";
	;;
	linux)
	SED="sed -r";
	ARCH=$(uname -m)
	if [[ "$ARCH" == "x86_64" ]]
	then
	ARCH="linux_x64"
	else
	ARCH="linux_i386"
	fi
	;;
	*)
	SED="sed -r";
	;;
	esac

	# creating dirs
	for dir in $HOSTSCAN_DIR $LIB_DIR $BIN_DIR ; do
	if [[ ! -f $dir ]]
	then
	mkdir -p $dir
	fi
	done

	# getting manifest, and checking binaries
	wget --quiet --no-check-certificate -c "https://${CSD_HOSTNAME}/CACHE/sdesktop/hostscan/$ARCH/manifest" -O "$HOSTSCAN_DIR/manifest"

	# generating md5.sum with full paths from manifest
	cat $HOSTSCAN_DIR/manifest \| ${SED} 's/\(\|\)//g' \| awk '{ cmd = "find $HOSTSCAN_DIR -iname " $2; while (cmd \| getline line) { print $4, line; } }' > $HOSTSCAN_DIR/md5.sum

	# check number of files either
	MD5_LINES=`wc -l $HOSTSCAN_DIR/md5.sum \| awk '{ print $1; }'`
	MANIFEST_LINES=`wc -l $HOSTSCAN_DIR/manifest \| awk '{ print $1; }'`
	echo "Got $MANIFEST_LINES files in manifest, locally found $MD5_LINES"

	# check md5 - md5sum can hang if md5.sum file is empty (like on first run)
	if [[ $MD5_LINES -ne 0 ]]; then
	md5sum -c $HOSTSCAN_DIR/md5.sum
	fi

	if [[ "$?" -ne "0" \|\| "$MD5_LINES" -ne "$MANIFEST_LINES" ]]
	then
	echo "Corrupted files, or whatever wrong with md5 sums, or missing some file"
	# just download every file mentioned in manifest (not ideal, but hopefully should be enough)
	FILES=( $(cat $HOSTSCAN_DIR/manifest \| ${SED} 's/\(\|\)//g' \| awk '{ print $2; }') )
	WORK_DIR=`pwd`
	TMP_DIR=`mktemp -d` && cd $TMP_DIR
	for i in "${FILES[@]}" ; do
	FILE="$(basename "$i")"

	echo "Downloading: $FILE to $TMP_DIR"
	wget --quiet --no-check-certificate -c "https://${CSD_HOSTNAME}/CACHE/sdesktop/hostscan/$ARCH/$FILE" -O $FILE

	# some files are in gz (don't understand logic here)
	if [[ ! -f $FILE \|\| ! -s $FILE ]]
	then
	# remove 0 size files
	if [[ ! -s $FILE ]]; then
	rm $FILE
	fi

	echo "Failure on $FILE, trying gz"
	FILE_GZ=$FILE.gz
	wget --quiet --no-check-certificate -c "https://${CSD_HOSTNAME}/CACHE/sdesktop/hostscan/$ARCH/$FILE_GZ" -O $FILE_GZ
	gunzip --verbose --decompress $FILE_GZ
	fi

	# don't know why, but my version of hostscan requires tables to be stored in libs
	echo $FILE \| grep --extended-regexp --quiet --invert-match ".dylib\|.so\|tables.dat"
	IS_LIB=$?
	if [[ "$IS_LIB" -eq "1" ]]
	then
	cp -v $FILE $LIB_DIR
	else
	cp -v $FILE $BIN_DIR
	fi

	done

	for i in "${BINS[@]}" ; do
	echo "Setting excecution bit on: $BIN_DIR/$i"
	test -f $BIN_DIR/$i && chmod u+x $BIN_DIR/$i
	done

	cd $WORK_DIR
	rm -rf $TMP_DIR
	fi

	# cstub doesn't care about logging options, sic!
	ARGS="-log error -ticket $TICKET -stub $STUB -group $GROUP -host $URL -certhash $CERTHASH"

	echo "Launching: $BIN_DIR/cstub $ARGS"
	$BIN_DIR/cstub $ARGS