Skip to content

Instantly share code, notes, and snippets.

@asarkar asarkar/csd-wrapper.sh
Last active Dec 10, 2018

Embed
What would you like to do?
#!/bin/bash
# description: Cisco Anyconnect CSD wrapper for OpenConnect
# author: https://github.com/asarkar/
# gist: https://gist.github.com/asarkar/fb4452a4abdf9e4a9752a7d55d2cdc93
# connect: sudo openconnect --background \
# --user=<username> \
# --authgroup=1 \
# --csd-user=<localhost username> \
# --csd-wrapper=<script location on localhost> \
# --os=mac-intel \
# https://<server>[:port][/group]
# disconnect: sudo pkill openconnect
# OR if you don't have pkill
# sudo kill -SIGTERM $(ps aux | awk '/openconnect/ && !/awk/ {print $2}')
if [ -z ${SUDO_COMMAND+x} ]; then
printf "Please define CSD_HOSTNAME"
exit 1
fi
CMD=($SUDO_COMMAND)
URL=${CMD[@]: -1}
NUM_SLASH=$(echo "$URL" | awk -F/ '{print NF-1}')
if (( NUM_SLASH > 2 )); then # URL contains group
CSD_HOSTNAME=$(dirname "$URL")
else
CSD_HOSTNAME=$URL
fi
# parse command line
shift
URL=
TICKET=
STUB=
GROUP=
CERTHASH=
LANGSELEN=
while [ "$1" ]; do
if [ "$1" == "-ticket" ]; then shift; TICKET=$1; fi
if [ "$1" == "-stub" ]; then shift; STUB=$1; fi
if [ "$1" == "-group" ]; then shift; GROUP=$1; fi
if [ "$1" == "-certhash" ]; then shift; CERTHASH=$1; fi
if [ "$1" == "-url" ]; then shift; URL=$1; fi
if [ "$1" == "-langselen" ];then shift; LANGSELEN=$1; fi
shift
done
case $(uname) in
Darwin)
ARCH="darwin_i386"
;;
linux)
ARCH=$(uname -m)
if [[ "$ARCH" == "x86_64" ]]; then
ARCH="linux_x64"
else
ARCH="linux_i386"
fi
;;
esac
HOSTSCAN_DIR="$HOME/.cisco/hostscan"
LIB_DIR="$HOSTSCAN_DIR/lib"
BIN_DIR="$HOSTSCAN_DIR/bin"
# create dirs
for dir in $HOSTSCAN_DIR $LIB_DIR $BIN_DIR ; do
if [[ ! -d $dir ]]; then
printf "Creating dir: %s\n" "$dir"
mkdir -p "$dir"
fi
done
# download manifest
curl -kLsS "$CSD_HOSTNAME/CACHE/sdesktop/hostscan/$ARCH/manifest" -o "$HOSTSCAN_DIR/manifest"
case $(uname) in
Darwin)
SED="sed -E";
;;
*)
SED="sed -r";
;;
esac;
${SED} 's/\(|\)//g' "$HOSTSCAN_DIR/manifest" | cut -d " " -f 2,4 | \
while read -r line; do
read -ra TOKENS <<< "$line"
FOUND=$(find "$HOSTSCAN_DIR" -name "${TOKENS[0]}" -exec md5 -rq {} \; | grep "${TOKENS[1]}")
if [[ -z "$FOUND" ]]; then
DEST_DIR=
if [[ "${TOKENS[0]}" = *.dylib ]]; then
DEST_DIR="$LIB_DIR"
else
DEST_DIR="$BIN_DIR"
fi
FILE_URL="$CSD_HOSTNAME/CACHE/sdesktop/hostscan/$ARCH/${TOKENS[0]}"
printf "Downloading %s to %s\n" "${TOKENS[0]}" "$DEST_DIR"
if curl -o /dev/null -ks --head --fail "$FILE_URL"; then
curl -kLsS "$FILE_URL" -o "$DEST_DIR/${TOKENS[0]}"
else
curl -o - -kLsS "$FILE_URL.gz" | gunzip > "$DEST_DIR/${TOKENS[0]}"
fi
else
printf "%s already exists\n" "${TOKENS[0]}"
fi
done
chmod -R u+x "$BIN_DIR"
ARGS="-log error -ticket $TICKET -stub $STUB -group $GROUP -host $URL -certhash $CERTHASH"
rm -rf "$HOSTSCAN_DIR/log"
printf "Launching: %s/cstub %s\n" "$BIN_DIR" "$ARGS"
"$BIN_DIR/cstub" $ARGS
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.