gost-engine.install 5.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123
  1. # Author: Grigory Vasilyev <echo "h0tc0d3(-*A*-)g-m*a-i-l(-d#t-)c#m" | sed -e 's/-//ig;s/*//ig;s/(A)/@/i;s/#/o/ig;s/(dot)/./i'>
  2. # License: Apache 2.0
  3. post_install() {
  4. # Set OpenSSL Configuration file
  5. openssl_conf=/etc/ssl/openssl.cnf
  6. if [ ! -f ${openssl_conf} ]; then
  7. echo "OpenSSL Configuration file ${openssl_conf} not exist!"
  8. echo -e "Please manually edit yours OpenSSL configuration file and add strings \E[1;33mopenssl_conf=openssl_gost # Set GOST Configuration\E[0m" \
  9. "to the beginning and to the end \E[1;33m.include \$dir/gost.cnf # Include GOST Configuration file\E[0m of the file!"
  10. echo "Sample configuration file gost.cnf you are can get from /etc/ssl folder!"
  11. exit 0
  12. fi
  13. # Checking Active OpenSSL Configuration
  14. if ! grep -iq "\.include\s*\$dir/gost\.cnf" ${openssl_conf} ||
  15. ! grep -iq "openssl_conf=openssl_gost" ${openssl_conf}; then
  16. # Backup OpenSSL Configuration file
  17. name=${openssl_conf}
  18. if [[ -e $name.orig || -L $name.orig ]]; then
  19. i=0
  20. while [[ -e $name.$i.orig || -L $name.$i.orig ]]; do
  21. ((i++))
  22. done
  23. name=$name.$i
  24. fi
  25. echo "Backup OpenSSL Configuration to ${name}.orig"
  26. cp -f ${openssl_conf} ${name}.orig
  27. # Add include GOST Configuration file /etc/ssl/gost.cnf to the end of OpenSSL Configuration file
  28. if ! grep -iq "\.include\s*\$dir/gost\.cnf" ${openssl_conf}; then
  29. # Write '.include $dir/gost.cnf # Include GOST Configuration file' string to the end of configuration file
  30. sed -i "$ a\ \n.include \$dir/gost.cnf # Include GOST Configuration file" ${openssl_conf}
  31. fi
  32. # Set GOST Configuration in the OpenSSL Configuration file
  33. if ! grep -iq "openssl_conf" ${openssl_conf}; then
  34. # Write 'openssl_conf=openssl_gost # Set GOST Configuration' string before '# Note that you can' or in the top of configuration file
  35. sed -i "/#\s*Note\s*that\s*you\s*can/I i openssl_conf=openssl_gost # Set GOST Configuration\n" ${openssl_conf}
  36. # If not found GOST Configuration then write at first line 'openssl_conf=openssl_gost # Set GOST Configuration'
  37. if ! grep -iq "openssl_conf" ${openssl_conf}; then
  38. sed -i "1 i openssl_conf=openssl_gost # Set GOST Configuration\n" ${openssl_conf}
  39. fi
  40. else
  41. if ! grep -iq "openssl_conf=openssl_gost" ${openssl_conf}; then
  42. echo -e "\E[1;33mopenssl_conf\E[0m already defined in ${openssl_conf} file!"
  43. echo -e "Please check ${openssl_conf} file and add string \E[1;33mopenssl_conf=openssl_gost # Set GOST Configuration\E[0m" \
  44. "to the beginning of the ${openssl_conf} file!"
  45. exit 0
  46. fi
  47. fi
  48. fi
  49. if ! grep -iq "\.include\s*\$dir/gost\.cnf" ${openssl_conf} ||
  50. ! grep -iq "openssl_conf=openssl_gost" ${openssl_conf}; then
  51. echo 'OpenSSL GOST Configuration failed!'
  52. echo -e "Please check ${openssl_conf} file and add string \E[1;33mopenssl_conf=openssl_gost # Set GOST Configuration\E[0m" \
  53. "to the beginning and to the end \E[1;33m.include \$dir/gost.cnf # Include GOST Configuration file\E[0m of the file!"
  54. exit 0
  55. fi
  56. if openssl engine | grep -iq "gost"; then
  57. echo -e "\E[1;33mGost Engine successfully installed and OpenSSL automatic configured! All works fine!\E[0m"
  58. fi
  59. }
  60. post_remove() {
  61. # Set OpenSSL Configuration file
  62. openssl_conf=/etc/ssl/openssl.cnf
  63. if [ ! -f ${openssl_conf} ]; then
  64. echo "OpenSSL Configuration file ${openssl_conf} not exist!"
  65. echo -e "Please edit yours OpenSSL Configuration file and remove strings \E[1;33mopenssl_conf=openssl_gost # Set GOST Configuration\E[0m" \
  66. "in the beginning and in the end \E[1;33m.include \$dir/gost.cnf # Include GOST Configuration file\E[0m of the file!"
  67. exit 0
  68. fi
  69. # Checking Active OpenSSL Configuration
  70. if grep -iq "\.include\s*\$dir/gost\.cnf" ${openssl_conf} ||
  71. grep -iq "openssl_conf=openssl_gost" ${openssl_conf}; then
  72. # Backup OpenSSL Configuration
  73. name=${openssl_conf}
  74. if [[ -e $name.gost || -L $name.gost ]]; then
  75. i=0
  76. while [[ -e $name.$i.gost || -L $name.$i.gost ]]; do
  77. ((i++))
  78. done
  79. name=$name.$i
  80. fi
  81. echo "Backup OpenSSL Configuration to ${name}.gost"
  82. cp -f ${openssl_conf} ${name}.gost
  83. # Remove include GOST Configuration file gost.cnf from OpenSSL Configuration file
  84. if grep -iq "\.include\s*\$dir/gost\.cnf" ${openssl_conf}; then
  85. sed -i ":a;N;\$!ba;s/\n\?\(\#\s*Include\s*GOST\s*Configuration\s*file\s*\)\?\.include\s*\$dir\/gost\.cnf\s*\(\#\s*\(Include\)\?\s*GOST\s*\(Configuration\)\?\s*\(file\)\?\)\?//IM" ${openssl_conf}
  86. fi
  87. if ! grep -iq "\.include\s*\$dir/gost\.cnf" ${openssl_conf}; then
  88. echo -e "Remove include GOST Configuration file gost.cnf from ${openssl_conf} file - \E[1;32mSUCCESS\E[0m"
  89. else
  90. echo -e "Remove include GOST Configuration file gost.cnf from ${openssl_conf} file - \E[1;31mFAILED\E[0m" \
  91. "\nPlease manually remove string \E[1;33m.include \$dir/gost.cnf # Include GOST Configuration file\E[0m from the OpenSSL Configuration file!"
  92. fi
  93. # Remove GOST Configuration from OpenSSL Configuration file
  94. if grep -iq "openssl_conf=openssl_gost" ${openssl_conf}; then
  95. sed -i ":a;N;\$!ba;s/\(\#\s*Set\s*GOST\s*Configuration\s*\)\?openssl_conf\s*=\s*openssl_gost\s*\(\#\s*\(Set\)\?\s*GOST\s*\(Configuration\)\?\)\?\n\?//IM" ${openssl_conf}
  96. fi
  97. if ! grep -iq "openssl_conf=openssl_gost" ${openssl_conf}; then
  98. echo -e "Remove GOST Configuration from OpenSSL Configuration ${openssl_conf} file - \E[1;32mSUCCESS\E[0m"
  99. else
  100. echo -e "Remove GOST Configuration from ${openssl_conf} file - \E[1;31mFAILED\E[0m" \
  101. "\nPlease manually remove string \E[1;33mopenssl_conf=openssl_gost # Set GOST Configuration\E[0m from the OpenSSL Configuration file!"
  102. fi
  103. fi
  104. }