#!/bin/bash my_name=$0 function setup_environment { bf="" n="" ORGANISATION="Goldsmiths, University of London" URL="http://www.gold.ac.uk/it/byod" SUPPORT="helpdesk@gold.ac.uk" if [ ! -z "$DISPLAY" ] ; then if which zenity 1>/dev/null 2>&1 ; then ZENITY=`which zenity` elif which kdialog 1>/dev/null 2>&1 ; then KDIALOG=`which kdialog` else if tty > /dev/null 2>&1 ; then if echo $TERM | grep -E -q "xterm|gnome-terminal|lxterminal" ; then bf=""; n=""; fi else find_xterm if [ -n "$XT" ] ; then $XT -e $my_name fi fi fi fi } function split_line { echo $1 | awk -F '\\\\n' 'END { for(i=1; i <= NF; i++) print $i }' } function find_xterm { terms="xterm aterm wterm lxterminal rxvt gnome-terminal konsole" for t in $terms do if which $t > /dev/null 2>&1 ; then XT=$t break fi done } function ask { T="eduroam CAT" # if ! [ -z "$3" ] ; then # T="$T: $3" # fi if [ ! -z $KDIALOG ] ; then if $KDIALOG --yesno "${1}\n${2}?" --title "$T" ; then return 0 else return 1 fi fi if [ ! -z $ZENITY ] ; then if $ZENITY --question --text="${1}\n${2}?" --title="$T" ; then return 0 else return 1 fi fi yes=Y no=N yes1=`echo $yes | awk '{ print toupper($0) }'` no1=`echo $no | awk '{ print toupper($0) }'` if [ $3 == "0" ]; then def=$yes else def=$no fi echo ""; while true do split_line "$1" read -p "${bf}$2 ${yes}/${no}? [${def}]:$n " answer if [ -z "$answer" ] ; then answer=${def} fi answer=`echo $answer | awk '{ print toupper($0) }'` case "$answer" in ${yes1}) return 0 ;; ${no1}) return 1 ;; esac done } function alert { if [ ! -z $KDIALOG ] ; then $KDIALOG --sorry "${1}" return fi if [ ! -z $ZENITY ] ; then $ZENITY --warning --text="$1" return fi echo "$1" } function show_info { if [ ! -z $KDIALOG ] ; then $KDIALOG --msgbox "${1}" return fi if [ ! -z $ZENITY ] ; then $ZENITY --info --width=500 --text="$1" return fi echo "$1" } function confirm_exit { if [ ! -z $KDIALOG ] ; then if $KDIALOG --yesno \"Really quit?\" ; then exit 1 fi fi if [ ! -z $ZENITY ] ; then if $ZENITY --question --text=\"Really quit?\" ; then exit 1 fi fi } function prompt_nonempty_string { prompt=$2 if [ ! -z $ZENITY ] ; then if [ $1 -eq 0 ] ; then H="--hide-text " fi if ! [ -z "$3" ] ; then D="--entry-text=$3" fi elif [ ! -z $KDIALOG ] ; then if [ $1 -eq 0 ] ; then H="--password" else H="--inputbox" fi fi out_s=""; if [ ! -z $ZENITY ] ; then while [ ! "$out_s" ] ; do out_s=`$ZENITY --entry --width=300 $H $D --text "$prompt"` if [ $? -ne 0 ] ; then confirm_exit fi done elif [ ! -z $KDIALOG ] ; then while [ ! "$out_s" ] ; do out_s=`$KDIALOG $H "$prompt" "$3"` if [ $? -ne 0 ] ; then confirm_exit fi done else while [ ! "$out_s" ] ; do read -p "${prompt}: " out_s done fi echo $out_s; } function user_cred { PASSWORD="a" PASSWORD1="b" if ! USER_NAME=`prompt_nonempty_string 1 "enter your userid"` ; then exit 1 fi while [ "$PASSWORD" != "$PASSWORD1" ] do if ! PASSWORD=`prompt_nonempty_string 0 "enter your password"` ; then exit 1 fi if ! PASSWORD1=`prompt_nonempty_string 0 "repeat your password"` ; then exit 1 fi if [ "$PASSWORD" != "$PASSWORD1" ] ; then alert "passwords do not match" fi done } setup_environment show_info "This installer has been prepared for ${ORGANISATION}\n\nMore information and comments:\n\nEMAIL: ${SUPPORT}\nWWW: ${URL}\n\nInstaller created with software from the GEANT project." if ! ask "This installer will only work properly if you are a member of ${bf}Goldsmiths, University of London${n} and the user group: ${bf}eduroam.${n}" "Continue" 1 ; then exit; fi if [ -d $HOME/.eduroam ] ; then if ! ask "Directory $HOME/.eduroam exists; some of its files may be overwritten." "Continue" 1 ; then exit; fi else mkdir $HOME/.eduroam fi # save certificates echo "-----BEGIN CERTIFICATE----- MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290 MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9 uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0 WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0 Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIRAO2KQswXyC3U9iXNOaWpskQwDQYJKoZIhvcNAQEFBQAw NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B IFNTTCBDQTAeFw0xMzAxMjkwMDAwMDBaFw0xNjAxMjkyMzU5NTlaMIGXMQswCQYD VQQGEwJHQjEPMA0GA1UECBMGTG9uZG9uMRIwEAYDVQQHEwlOZXcgQ3Jvc3MxHDAa BgNVBAoTE0dvbGRzbWl0aHMnIENvbGxlZ2UxFDASBgNVBAsTC0lUIFNlcnZpY2Vz MS8wLQYDVQQDEyZjZ3MtdnN2ci1yYWQwMi5jYW1wdXMuZ29sZHNtaXRocy5hYy51 azCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDT/bCmj/fRjVaFrXX2 njg3RNxyxodLhJ+Z+Bw6QrFMZTIbd1sU0WJtx1yiwvvQpmRwjPUidI8wPLeSrBcc iJ3Z6dd9oZE3w+tiUR+8sPjIFJInTlvfkSTJybDjo3qtbW+eTaWrnaVZvetX+IZ4 MrGKcvf1ImPjdmIU/gFHw5CnAoCxeWgHubg4FNrrIZ+KSG9u5lcZQBYsdnWBHg3j XIYnxI/8sUgCbVkFfV1s86g3rM5GZ1AQqsMxiFSPRE+sOrXz/G0uT3Lp5T4ATR+F pzvx95/Q29G6Zt+6tPq42dOZpIhkQgpkX6e9V77yXQcGEgMmAaxjpxvhqIoVcn4o LYkCAwEAAaOCAYMwggF/MB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47nt MB0GA1UdDgQWBBQ/Bd7i5N4pTbhQ58zfXkg91WU3+zAOBgNVHQ8BAf8EBAMCBaAw DAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYD VR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgIwOgYDVR0fBDMwMTAvoC2g K4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYI KwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEu b3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNz LnRlcmVuYS5vcmcwMQYDVR0RBCowKIImY2dzLXZzdnItcmFkMDIuY2FtcHVzLmdv bGRzbWl0aHMuYWMudWswDQYJKoZIhvcNAQEFBQADggEBAKNy5ziXldhE/9kW6yUO sy5V14xsKPd3i3HA6ynOo89WyuoyvKwApiBMjSTMqv74bW6v38Sr3BpNfGU5i+xs AJ/xvGj/qDsNiReB+nj+lSVMDKilKsZu1JdPGTnV8+5FUePCB5o3oMOFbwrFycPi dmSj8lEFIm5A8eT9ThOqsl44AaNspV+CwhUkDF/w+qNJMWfGJP3DSN0NY+wqJ6oF Ns5xwuV3Juq1udN7YUq0KRluzJ7g6dL64EMinxhuwWdGUYFaHOpmqTxTLWU9fJVK iB+IZKTiKEHanaxMv339Y/f2zvjixMydM3i+goVQ50vGw/S7hf0smycNUHJ4aCUv PFA= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIRANPtTfBwr9FttmPrmS+Wt0QwDQYJKoZIhvcNAQEFBQAw NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B IFNTTCBDQTAeFw0xMzAxMzAwMDAwMDBaFw0xNjAxMzAyMzU5NTlaMIGXMQswCQYD VQQGEwJHQjEPMA0GA1UECBMGTG9uZG9uMRIwEAYDVQQHEwlOZXcgQ3Jvc3MxHDAa BgNVBAoTE0dvbGRzbWl0aHMnIENvbGxlZ2UxFDASBgNVBAsTC0lUIFNlcnZpY2Vz MS8wLQYDVQQDEyZjZ3MtdnN2ci1yYWQwMy5jYW1wdXMuZ29sZHNtaXRocy5hYy51 azCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL7N8g/F84rEqzH6jGGe sIM4RLvwYLTjyZaMNRss4401lJJ6aMXLioYbu+6NoxdDVi54VKWipZd9HE9BWpdi nV8QhU0o/poIpcrBlF2jwdheLOskFCwcuRqR7tlyfmLTkIO7ywhftbKBy4qa/gcF nw4LdLUKsu1Me5lu0al7JKqgigoDmooSlk78g7LPox42t1XuzjCeJ+8s3JkLH6t/ 648ZtpwUsXBBbtibysnRNW3kDmnFbCLyWOSK6tR5uVit1FIBjFuqzGgnpWsvBnBj xjVQPG6+ZVx1vsrqSTBivx8BzTFQwpP1DqoUJgfe1ljVZxUCqWoeBe53oUdOs+Yc ds8CAwEAAaOCAYMwggF/MB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47nt MB0GA1UdDgQWBBSITtMfeVaMyZp5vieTQyvSJ5kgETAOBgNVHQ8BAf8EBAMCBaAw DAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYD VR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgIwOgYDVR0fBDMwMTAvoC2g K4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYI KwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEu b3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNz LnRlcmVuYS5vcmcwMQYDVR0RBCowKIImY2dzLXZzdnItcmFkMDMuY2FtcHVzLmdv bGRzbWl0aHMuYWMudWswDQYJKoZIhvcNAQEFBQADggEBAK1DhJCnEpK3DRlvzxfo Zq5Wvr5TIH2NFGzf35TqKptgKcwMMT5BuoPtJSRSPO4Olm8460pYi6zsb86OUXan 8hlAu2+GxGkeIftufsW6jYVtDiHV73+nUDnUIqSJ8/ma5UfuRcUq/+Sfe+GU7lBY 2aQkpzn00SwKqJTwPe/MbeP4gD2h7gEs1gMtNgz/7kBprO0YABy2RqXoyOHUs9OD Sn6RrE9zTy4hImq6n3U/w3tC/bbvxkJk4h09DWQDQ2XG6W798KxTD7uhRNVTP84E L5SyZrWMZQAcYrlf7vBqRFMSyP2bmAmkYgQWsmAwvs3Rr+bQxGecu89A5/RFC5yk OzY= -----END CERTIFICATE----- " > $HOME/.eduroam/ca.pem function run_python_script { python << EOF > /dev/null 2>&1 #-*- coding: utf-8 -*- import dbus import re import sys import uuid import os class EduroamNMConfigTool: def connect_to_NM(self): #connect to DBus try: self.bus = dbus.SystemBus() except dbus.exceptions.DBusException: print "Can't connect to DBus" sys.exit(2) #main service name self.system_service_name = "org.freedesktop.NetworkManager" #check NM version nm_version = self.check_nm_version() if nm_version == "0.9": self.settings_service_name = self.system_service_name self.connection_interface_name = "org.freedesktop.NetworkManager.Settings.Connection" #settings proxy sysproxy = self.bus.get_object(self.settings_service_name, "/org/freedesktop/NetworkManager/Settings") #settings intrface self.settings = dbus.Interface(sysproxy, "org.freedesktop.NetworkManager.Settings") elif nm_version == "0.8": #self.settings_service_name = "org.freedesktop.NetworkManagerUserSettings" self.settings_service_name = "org.freedesktop.NetworkManager" self.connection_interface_name = "org.freedesktop.NetworkManagerSettings.Connection" #settings proxy sysproxy = self.bus.get_object(self.settings_service_name, "/org/freedesktop/NetworkManagerSettings") #settings intrface self.settings = dbus.Interface(sysproxy, "org.freedesktop.NetworkManagerSettings") else: print "This Network Manager version is not supported" sys.exit(2) def check_opts(self): self.cacert_file = '${HOME}/.eduroam/ca.pem' self.pfx_file = '${HOME}/.eduroam/user.p12' if not os.path.isfile(self.cacert_file): print "Certificate file not found, looks like a CAT error" sys.exit(2) def check_nm_version(self): try: proxy = self.bus.get_object(self.system_service_name, "/org/freedesktop/NetworkManager") props = dbus.Interface(proxy, "org.freedesktop.DBus.Properties") version = props.Get("org.freedesktop.NetworkManager", "Version") except dbus.exceptions.DBusException: version = "0.8" if re.match(r'^0\.9', version): return "0.9" if re.match(r'^0\.8', version): return "0.8" else: return "Unknown version" def byte_to_string(self, barray): return "".join([chr(x) for x in barray]) def delete_existing_connections(self, ssid): "checks and deletes earlier connections" try: conns = self.settings.ListConnections() except dbus.exceptions.DBusException: print "DBus connection problem, a sudo might help" exit(3) for each in conns: con_proxy = self.bus.get_object(self.system_service_name, each) connection = dbus.Interface(con_proxy, "org.freedesktop.NetworkManager.Settings.Connection") try: connection_settings = connection.GetSettings() if connection_settings['connection']['type'] == '802-11-wireless': conn_ssid = self.byte_to_string(connection_settings['802-11-wireless']['ssid']) if conn_ssid == ssid: connection.Delete() except dbus.exceptions.DBusException: pass def add_connection(self,ssid): s_con = dbus.Dictionary({ 'type': '802-11-wireless', 'uuid': str(uuid.uuid4()), 'permissions': ['user:$USER'], 'id': ssid }) s_wifi = dbus.Dictionary({ 'ssid': dbus.ByteArray(ssid), 'security': '802-11-wireless-security' }) s_wsec = dbus.Dictionary({'key-mgmt': 'wpa-eap'}) s_8021x = dbus.Dictionary({ 'eap': ['peap'], 'identity': '$USER_NAME', 'ca-cert': dbus.ByteArray("file://" + self.cacert_file + "\0"), 'subject-match': 'cgs-vsvr-rad02.campus.goldsmiths.ac.uk;cgs-vsvr-rad03.campus.goldsmiths.ac.uk', 'password': '$PASSWORD', 'phase2-auth': 'mschapv2', }) s_ip4 = dbus.Dictionary({'method': 'auto'}) s_ip6 = dbus.Dictionary({'method': 'auto'}) con = dbus.Dictionary({ 'connection': s_con, '802-11-wireless': s_wifi, '802-11-wireless-security': s_wsec, '802-1x': s_8021x, 'ipv4': s_ip4, 'ipv6': s_ip6 }) self.settings.AddConnection(con) def main(self): self.check_opts() ver = self.connect_to_NM() self.delete_existing_connections('eduroam') self.add_connection('eduroam') if __name__ == "__main__": ENMCT = EduroamNMConfigTool() ENMCT.main() EOF } function create_wpa_conf { cat << EOFW >> $HOME/.eduroam/eduroam.conf network={ ssid="eduroam" key_mgmt=WPA-EAP eap=PEAP ca_cert="${HOME}/.eduroam/ca.pem" identity="${USER_NAME}" subject_match="cgs-vsvr-rad02.campus.goldsmiths.ac.uk;cgs-vsvr-rad03.campus.goldsmiths.ac.uk" phase2="auth=MSCHAPV2" password="${PASSWORD}" } EOFW chmod 600 $HOME/.eduroam/eduroam.conf } #prompt user for credentials user_cred if run_python_script ; then show_info "Installation successful" else show_info "Network Manager configuration failed, generating wpa_supplicant.conf" if [ -f $HOME/.eduroam/eduroam.conf ] ; then if ! ask "File $HOME/.eduroam/eduroam.conf exists; it will be overwritten." "Continue" 1 ; then confirm_exit; fi rm $HOME/.eduroam/eduroam.conf fi create_wpa_conf show_info "Output written to $HOME/.eduroam/eduroam.conf" fi