Created
June 12, 2022 22:06
-
-
Save progandy/5d41b722485c24b21d5435ae9fb17207 to your computer and use it in GitHub Desktop.
Generate iwd configuration with the eduroam configuration tool
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| import sys | |
| DEBUG_ON=False | |
| def debug(msg): | |
| """Print debugging messages to stdout""" | |
| if not DEBUG_ON: | |
| return | |
| print("DEBUG:" + str(msg)) | |
| class Settings(object): | |
| filename = '' | |
| username = '' | |
| password = '' | |
| silent = False | |
| pfx_file = '' | |
| class IwdConf(object): | |
| user_data=None | |
| def __init__(self, user_data): | |
| self.user_data = user_data | |
| def encode_ssid(self, ssid): | |
| if re.match('^[-_ A-Za-z0-9]+$', ssid): | |
| return ssid | |
| return '='+ssid.encode('utf-8').hex().lower() | |
| def build_file(self, ssid): | |
| escape = str.maketrans({" ": r"\s", | |
| "\t": r"\t", | |
| "\n": r"\n", | |
| "\r": r"\r", | |
| "\\": r"\\"}) | |
| out = """[Security] | |
| EAP-Method=""" + Config.eap_outer + """ | |
| EAP-"""+Config.eap_outer+"""-CACert=embed:eduroam_ca_cert | |
| EAP-"""+Config.eap_outer+"""-ServerDomainMask=""" + ";".join(map(lambda s: re.sub(r'^.*?:', '', s).translate(escape) , Config.servers)) + """ | |
| """ | |
| if Config.eap_outer == 'PEAP' or Config.eap_outer == 'TTLS': | |
| out += """EAP-"""+Config.eap_outer+"""-Phase2-Identity=""" + self.user_data.username.translate(escape) + "\n" \ | |
| + " EAP-"""+Config.eap_outer+"""-Phase2-Method=""" + Config.eap_inner + "\n" \ | |
| + " EAP-"+Config.eap_outer+"-Phase2-Password=" + self.user_data.password.translate(escape) + "\n" | |
| if Config.anonymous_identity != '': | |
| out += " EAP-Identity=" + Config.anonymous_identity.translate(escape) + "" | |
| if Config.eap_outer == 'TLS': | |
| out += " EAP-TLS-ClientKeyPassphrase=" + self.user_data.password.translate(escape) + "\n" \ | |
| "EAP-TLS-ClientKeyBundle=/var/lib/iwd/user.p12\n" | |
| out += "\n\n[@pem@eduroam_ca_cert]\n" | |
| out += Config.CA | |
| out += "\n" | |
| return out | |
| def write_files(self): | |
| path = os.environ.get('HOME') + '/.cat_installer/iwd' | |
| if not os.path.isdir(path): | |
| os.mkdir(path, 0o700) | |
| for ssid in Config.ssids: | |
| with open(path + "/" + self.encode_ssid(ssid) + ".8021x", "w") as f: | |
| f.write(self.build_file(ssid)) | |
| f.close() | |
| def print(self): | |
| for ssid in Config.ssids: | |
| print(ssid + ":") | |
| print(self.build_file(ssid)) | |
| def prepare_installer_iwd(): | |
| """ | |
| This is the main installer part. It tests for MN availability | |
| gets user credentials and starts a proper installer. | |
| """ | |
| global DEBUG_ON | |
| parser = argparse.ArgumentParser(description='eduroam linux installer for iwd.') | |
| parser.add_argument('--debug', '-d', action='store_true', dest='debug', | |
| default=False, help='set debug flag') | |
| parser.add_argument('--filename', '-f', action='store', dest='filename', | |
| help='set eduroam installer file') | |
| parser.add_argument('--username', '-u', action='store', dest='username', | |
| help='set username') | |
| parser.add_argument('--password', '-p', action='store', dest='password', | |
| help='set text_mode flag') | |
| parser.add_argument('--silent', '-s', action='store_true', dest='silent', | |
| help='set silent flag') | |
| parser.add_argument('--pfxfile', action='store', dest='pfx_file', | |
| help='set path to user certificate file') | |
| args = parser.parse_args() | |
| if args.debug: | |
| DEBUG_ON = True | |
| print("Running debug mode") | |
| if args.filename: | |
| Settings.filename = args.filename | |
| else: | |
| print('The eduroam installer file is required') | |
| sys.exit(1) | |
| if args.username: | |
| Settings.username = args.username | |
| if args.password: | |
| Settings.password = args.password | |
| if args.silent: | |
| Settings.silent = args.silent | |
| if args.pfx_file: | |
| Settings.pfx_file = args.pfx_file | |
| debug("Configuration complete") | |
| def run_installer_iwd(): | |
| installer_data = InstallerData(silent=Settings.silent, username=Settings.username, | |
| password=Settings.password, pfx_file=Settings.pfx_file) | |
| installer_data.get_user_cred() | |
| #installer_data.save_ca() | |
| conf = IwdConf(installer_data) | |
| conf.write_files() | |
| installer_data.show_info(Messages.installation_finished) | |
| installer_data.show_info("Copy the files from $HOME/.cat_installer/iwd/ to /var/lib/iwd/.") | |
| if Config.eap_outer == 'TLS': | |
| installer_data.show_info("Copy the client cert from $HOME/.cat_installer/user.p12 to /var/lib/iwd/user.p12.") | |
| prepare_installer_iwd() | |
| debug("Load original installer and patch for iwd") | |
| with open(Settings.filename, 'r') as eduinst: | |
| exec(eduinst.read().replace("\nrun_installer()", "\nrun_installer_iwd()", 1)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment