Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
Apq
/
MoeClub-Note
kopia lustrzana https://github.com/MoeClub/Note.git
1
0
Forkuj 0
Pliki Problemy 0 Wiki
Drzewo: c4102d30c8
Gałęzie Tagi
MoeClub-Note
/
AnyConnect
/
mac.sh

mac.sh 2.1 KB
Historia Czysty

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 
  1. #!/bin/bash
    2. 

  2. 

  3. [[ $# -ge 1 ]] || exit 1
    4. 

  4. CERT_URL="${1:-}"
    5. 

  5. CERT_PWD="${2:-}"
    6. 

  6. 

  7. 

  8. # DO NOT EDIT
    9. 

  9. [[ -n "${CERT_URL}" ]] || exit 1
    10. 

  10. [[ -n "${CERT_PWD}" ]] && Mode=0 || Mode=1
    11. 

  11. USER_Home=`echo "$HOME"`
    12. 

  12. [[ "$(sudo whoami)" == "root" ]] || exit 1
    13. 

  13. 

  14. [[ -e "${USER_Home}/.cisco" ]] && rm -rf "${USER_Home}/.cisco"
    15. 

  15. [[ -e "${USER_Home}/.anyconnect" ]] && rm -rf "${USER_Home}/.anyconnect"
    16. 

  16. 

  17. cat >"${USER_Home}/.anyconnect"<<EOF
    18. 

  18. <?xml version="1.0" encoding="UTF-8"?>
    19. 

  19. <AnyConnectPreferences>
    20. 

  20. <DefaultUser></DefaultUser>
    21. 

  21. <DefaultSecondUser></DefaultSecondUser>
    22. 

  22. <ClientCertificateThumbprint></ClientCertificateThumbprint>
    23. 

  23. <MultipleClientCertificateThumbprints></MultipleClientCertificateThumbprints>
    24. 

  24. <ServerCertificateThumbprint></ServerCertificateThumbprint>
    25. 

  25. <DefaultHostName></DefaultHostName>
    26. 

  26. <DefaultHostAddress></DefaultHostAddress>
    27. 

  27. <DefaultGroup>Default</DefaultGroup>
    28. 

  28. <ProxyHost></ProxyHost>
    29. 

  29. <ProxyPort></ProxyPort>
    30. 

  30. <SDITokenType>none</SDITokenType>
    31. 

  31. <ControllablePreferences>
    32. 

  32. <AutoConnectOnStart>true</AutoConnectOnStart>
    33. 

  33. <LocalLanAccess>true</LocalLanAccess>
    34. 

  34. <BlockUntrustedServers>false</BlockUntrustedServers>
    35. 

  35. <DisableCaptivePortalDetection>true</DisableCaptivePortalDetection></ControllablePreferences>
    36. 

  36. </AnyConnectPreferences>
    37. 

  37. EOF
    38. 

  38. chomd 777 "${USER_Home}/.anyconnect"
    39. 

  39. 

  40. [[ -f "${CERT_URL}" ]] && cp -f "${CERT_URL}" "/tmp/MacOS.p12" || curl -ksSL -H "User-Agent: wget/1.0" -o "/tmp/MacOS.p12" "${CERT_URL}"
    41. 

  41. if [[ -f "/tmp/MacOS.p12" ]]; then
    42. 

  42.   if [[ "$Mode" == "0" ]]; then
    43. 

  43.     security import "/tmp/MacOS.p12" -P "${CERT_PWD}"
    44. 

  44.     rm -rf "/tmp/MacOS.p12"
    45. 

  45.   elif [[ "$Mode" == "1" ]]; then
    46. 

  46.     openssl pkcs12 -in "/tmp/MacOS.p12" -nodes -nokeys -clcerts -out "/tmp/MacOS_Cert.pem" -password pass:
    47. 

  47.     openssl pkcs12 -in "/tmp/MacOS.p12" -nodes -nocerts -out "/tmp/MacOS_Key.pem" -password pass:
    48. 

  48.     openssl pkcs12 -in "/tmp/MacOS.p12" -nodes -nokeys -cacerts -out "/tmp/MacOS_CA.pem" -password pass:
    49. 

  49.     openssl pkcs12 -export -inkey "/tmp/MacOS_Key.pem" -in "/tmp/MacOS_Cert.pem" -certfile "/tmp/MacOS_CA.pem" -out "/tmp/MacOS_New.p12" -passout pass:New
    50. 

  50.     security import "/tmp/MacOS_New.p12" -P "New"
    51. 

  51.   else
    52. 

  52.     exit 1
    53. 

  53.   fi
    54. 

  54. fi
    55. 

  55. 

  56.