Home Explore Help
Register Sign In
Apq
/
MoeClub-Note
mirror of https://github.com/MoeClub/Note.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 1e5695ceb3
Branches Tags
MoeClub-Note
/
AnyConnect
/
ocserv
/
template
/
client.sh

client.sh 2.5 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. #!/bin/bash
    2. 

  2. 

  3. command -v openssl >>/dev/null 2>&1
    4. 

  4. [ $? -ne 0 ] && echo "Not Found openssl" && exit 1
    5. 

  5. command -v certtool >>/dev/null 2>&1
    6. 

  6. [ $? -ne 0 ] && echo "Not Found certtool" && exit 1
    7. 

  7. cd `dirname "$0"`
    8. 

  8. 

  9. export OrgName
    10. 

  10. export GroupName
    11. 

  11. export PASSWORD
    12. 

  12. 

  13. 

  14. while [[ $# -ge 1 ]]; do
    15. 

  15.   case $1 in
    16. 

  16.     -o)
    17. 

  17.       shift
    18. 

  18.       OrgName=`echo "$1" |sed 's/\s//g'`
    19. 

  19.       shift
    20. 

  20.       ;;
    21. 

  21.     -g)
    22. 

  22.       shift
    23. 

  23.       GroupName=`echo "$1" |sed 's/\s//g'`
    24. 

  24.       shift
    25. 

  25.       ;;
    26. 

  26.     -p)
    27. 

  27.       shift
    28. 

  28.       PASSWORD=`echo "$1" |sed 's/\s//g'`
    29. 

  29.       shift
    30. 

  30.       ;;
    31. 

  31.     *)
    32. 

  32.       echo -e "Usage:\n\tbash $0 -o <OrgName> -g <GroupName> -p <PASSWORD>\n"
    33. 

  33.       exit 1;
    34. 

  34.       ;;
    35. 

  35.   esac
    36. 

  36. done
    37. 

  37. 

  38. [ -n "${OrgName}" ] || OrgName="Haibara"
    39. 

  39. [ -n "${GroupName}" ] || GroupName="Default"
    40. 

  40. 

  41. 

  42. if [ ! -f ./ca.cert.pem -o ! -f ./ca.key.pem ]; then
    43. 

  43.   if [ ! -f ./ca.cfg ]; then
    44. 

  44.     echo -e "cn = \"${OrgName} CA\"\norganization = \"${OrgName}\"\nserial = 1\nexpiration_days = 3650\nca\nsigning_key\ncert_signing_key\ncrl_signing_key\n" >./ca.cfg
    45. 

  45.   fi
    46. 

  46.   openssl genrsa -out ./ca.key.pem 2048
    47. 

  47.   certtool --generate-privkey --outfile ./ca.key.pem
    48. 

  48.   certtool --generate-self-signed --template ./ca.cfg --load-privkey ./ca.key.pem --outfile ./ca.cert.pem
    49. 

  49.   cp -rf ./ca.cert.pem ../ca.cert.pem
    50. 

  50.   rm -rf ./ca.cfg
    51. 

  51. fi
    52. 

  52. 

  53. if [ ! -f ../server.cert.pem -o ! -f ../server.key.pem ]; then
    54. 

  54.   if [ ! -f ./server.cfg ]; then
    55. 

  55.     echo -e "cn = \"${OrgName} CA\"\norganization = \"${OrgName}\"\nexpiration_days = -1\nsigning_key\nencryption_key\ntls_www_server\n" >./server.cfg
    56. 

  56.   fi
    57. 

  57.   openssl genrsa -out ../server.key.pem 2048
    58. 

  58.   certtool --generate-certificate --load-privkey ../server.key.pem --load-ca-certificate ./ca.cert.pem --load-ca-privkey ./ca.key.pem --template ./server.cfg --outfile ../server.cert.pem
    59. 

  59.   rm -rf ./server.cfg
    60. 

  60. fi
    61. 

  61. 

  62. if [ ! -f ../dh.pem ]; then
    63. 

  63.   certtool --generate-dh-params --outfile ../dh.pem
    64. 

  64. fi
    65. 

  65. 

  66. echo -e "cn = \"${OrgName}.${GroupName}\"\nunit = \"${GroupName}\"\nexpiration_days = 3650\nsigning_key\ntls_www_client\n" >./user.cfg
    67. 

  67. openssl genrsa -out ./user.key.pem 2048
    68. 

  68. certtool --generate-certificate --load-privkey ./user.key.pem --load-ca-certificate ./ca.cert.pem --load-ca-privkey ./ca.key.pem --template ./user.cfg --outfile ./user.cert.pem
    69. 

  69. cat ./ca.cert.pem >>./user.cert.pem
    70. 

  70. openssl pkcs12 -export -inkey ./user.key.pem -in ./user.cert.pem -name "${OrgName}.${GroupName}" -certfile ./ca.cert.pem -caname "${OrgName} CA" -out "./${GroupName}.p12" -passout pass:$PASSWORD
    71. 

  71. 

  72. [ $? -eq '0' ] && echo -e "\nSuccess! \nGROUP\t\tPASSWORD\n${GroupName}\t\t$PASSWORD\n" || echo -e "\nFail! \n";
    73. 

  73. rm -rf ./user.cert.pem ./user.key.pem ./user.cfg
    74.