hwdsl2/vpnsetup-workaround.sh Secret

## vpnsetup-workaround.sh
#!/bin/sh
#
# Debian 7 (Wheezy) does NOT have the required libnss version (>= 3.16) for Libreswan.
# This script provides a workaround by installing newer packages from libreswan.org.
# Debian 7 users: Run this script first, before using the VPN setup script.
#
# IMPORTANT: These unofficial packages may not receive security updates compared to
# official Debian packages. They could contain vulnerabilities. Use at your own risk!
#
# Copyright (C) 2015-2017 Lin Song <linsongui@gmail.com>
#
# This program is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation, either version 3 of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this program. If not, see http://www.gnu.org/licenses/.

export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

exiterr() { echo "Error: $1" >&2; exit 1; }

if [ "$(sed 's/\..*//' /etc/debian_version 2>/dev/null)" != "7" ]; then
  exiterr "This script only supports Debian 7 (Wheezy)."
fi

if [ "$(uname -m)" != "x86_64" ]; then
  exiterr "This script only supports 64-bit Debian 7."
fi

if [ "$(id -u)" != 0 ]; then
  exiterr "Script must be run as root. Try 'sudo sh $0'"
fi

# Create and change to working dir
mkdir -p /opt/src
cd /opt/src || exiterr "Cannot enter /opt/src."

# Update package index and install wget
export DEBIAN_FRONTEND=noninteractive
apt-get -yq update || exiterr "'apt-get update' failed."
apt-get -yq install wget || exiterr "Failed to install 'wget'."

# Install libnss/libnspr packages from download.libreswan.org.
# Ref: https://libreswan.org/wiki/3.14_on_Debian_Wheezy
base_url=https://download.libreswan.org/binaries/debian/wheezy

deb1=libnspr4_4.10.7-1_amd64.deb
deb2=libnspr4-dev_4.10.7-1_amd64.deb
deb3=libnss3_3.17.2-1.1_amd64.deb
deb4=libnss3-dev_3.17.2-1.1_amd64.deb
deb5=libnss3-tools_3.17.2-1.1_amd64.deb

wget -t 3 -T 30 -nv -O "$deb1" "$base_url/$deb1"
wget -t 3 -T 30 -nv -O "$deb2" "$base_url/$deb2"
wget -t 3 -T 30 -nv -O "$deb3" "$base_url/$deb3"
wget -t 3 -T 30 -nv -O "$deb4" "$base_url/$deb4"
wget -t 3 -T 30 -nv -O "$deb5" "$base_url/$deb5"

if [ -s "$deb1" ] && [ -s "$deb2" ] && [ -s "$deb3" ] && [ -s "$deb4" ] && [ -s "$deb5" ]; then
  dpkg -i "$deb1" "$deb2" "$deb3" "$deb4" "$deb5" && /bin/rm -f "$deb1" "$deb2" "$deb3" "$deb4" "$deb5"
  apt-get install -f
  echo
  echo 'Completed! If no error, you may now proceed to run the VPN setup script.'
  exit 0
else
  /bin/rm -f "$deb1" "$deb2" "$deb3" "$deb4" "$deb5"
  exiterr 'Could not download libnss/libnspr package(s).'
fi
	#!/bin/sh
	#
	# Debian 7 (Wheezy) does NOT have the required libnss version (>= 3.16) for Libreswan.
	# This script provides a workaround by installing newer packages from libreswan.org.
	# Debian 7 users: Run this script first, before using the VPN setup script.
	#
	# IMPORTANT: These unofficial packages may not receive security updates compared to
	# official Debian packages. They could contain vulnerabilities. Use at your own risk!
	#
	# Copyright (C) 2015-2017 Lin Song <linsongui@gmail.com>
	#
	# This program is free software: you can redistribute it and/or modify it under
	# the terms of the GNU General Public License as published by the Free Software
	# Foundation, either version 3 of the License, or (at your option) any later version.
	#
	# This program is distributed in the hope that it will be useful, but WITHOUT ANY
	# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
	# PARTICULAR PURPOSE. See the GNU General Public License for more details.
	#
	# You should have received a copy of the GNU General Public License along with
	# this program. If not, see http://www.gnu.org/licenses/.

	export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

	exiterr() { echo "Error: $1" >&2; exit 1; }

	if [ "$(sed 's/\..*//' /etc/debian_version 2>/dev/null)" != "7" ]; then
	exiterr "This script only supports Debian 7 (Wheezy)."
	fi

	if [ "$(uname -m)" != "x86_64" ]; then
	exiterr "This script only supports 64-bit Debian 7."
	fi

	if [ "$(id -u)" != 0 ]; then
	exiterr "Script must be run as root. Try 'sudo sh $0'"
	fi

	# Create and change to working dir
	mkdir -p /opt/src
	cd /opt/src \|\| exiterr "Cannot enter /opt/src."

	# Update package index and install wget
	export DEBIAN_FRONTEND=noninteractive
	apt-get -yq update \|\| exiterr "'apt-get update' failed."
	apt-get -yq install wget \|\| exiterr "Failed to install 'wget'."

	# Install libnss/libnspr packages from download.libreswan.org.
	# Ref: https://libreswan.org/wiki/3.14_on_Debian_Wheezy
	base_url=https://download.libreswan.org/binaries/debian/wheezy

	deb1=libnspr4_4.10.7-1_amd64.deb
	deb2=libnspr4-dev_4.10.7-1_amd64.deb
	deb3=libnss3_3.17.2-1.1_amd64.deb
	deb4=libnss3-dev_3.17.2-1.1_amd64.deb
	deb5=libnss3-tools_3.17.2-1.1_amd64.deb

	wget -t 3 -T 30 -nv -O "$deb1" "$base_url/$deb1"
	wget -t 3 -T 30 -nv -O "$deb2" "$base_url/$deb2"
	wget -t 3 -T 30 -nv -O "$deb3" "$base_url/$deb3"
	wget -t 3 -T 30 -nv -O "$deb4" "$base_url/$deb4"
	wget -t 3 -T 30 -nv -O "$deb5" "$base_url/$deb5"

	if [ -s "$deb1" ] && [ -s "$deb2" ] && [ -s "$deb3" ] && [ -s "$deb4" ] && [ -s "$deb5" ]; then
	dpkg -i "$deb1" "$deb2" "$deb3" "$deb4" "$deb5" && /bin/rm -f "$deb1" "$deb2" "$deb3" "$deb4" "$deb5"
	apt-get install -f
	echo
	echo 'Completed! If no error, you may now proceed to run the VPN setup script.'
	exit 0
	else
	/bin/rm -f "$deb1" "$deb2" "$deb3" "$deb4" "$deb5"
	exiterr 'Could not download libnss/libnspr package(s).'
	fi