forked from hwdsl2/setup-ipsec-vpn
-
Notifications
You must be signed in to change notification settings - Fork 1
/
vpnsetup-debian-7-workaround.sh
73 lines (62 loc) · 2.88 KB
/
vpnsetup-debian-7-workaround.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#!/bin/sh
#
# Debian 7 (Wheezy) does NOT have the required libnss version (>= 3.16) for Libreswan.
# This script provides a workaround by installing unofficial packages from download.libreswan.org.
# Debian 7 users: Run this script first, before using the VPN setup script.
#
# IMPORTANT: These unofficial packages do not receive the latest security updates compared to
# official Debian packages. They could contain unpatched vulnerabilities. Use at your own risk!
#
# Copyright (C) 2015-2016 Lin Song <[email protected]>
#
# This program is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation, either version 3 of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this program. If not, see http://www.gnu.org/licenses/.
export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
exiterr() { echo "Error: ${1}" >&2; exit 1; }
if [ "$(sed 's/\..*//' /etc/debian_version 2>/dev/null)" != "7" ]; then
exiterr "This script only supports Debian 7 (Wheezy)."
fi
if [ "$(uname -m)" != "x86_64" ]; then
exiterr "This script only supports 64-bit Debian 7."
fi
if [ "$(id -u)" != 0 ]; then
exiterr "Script must be run as root. Try 'sudo sh $0'"
fi
# Create and change to working dir
mkdir -p /opt/src
cd /opt/src || exiterr "Cannot enter /opt/src."
# Update package index and install wget
export DEBIAN_FRONTEND=noninteractive
apt-get -yq update || exiterr "'apt-get update' failed."
apt-get -yq install wget || exiterr "Failed to install 'wget'."
# Install libnss/libnspr packages from download.libreswan.org.
# Ref: https://libreswan.org/wiki/3.14_on_Debian_Wheezy
base_url=https://download.libreswan.org/binaries/debian/wheezy
deb1=libnspr4_4.10.7-1_amd64.deb
deb2=libnspr4-dev_4.10.7-1_amd64.deb
deb3=libnss3_3.17.2-1.1_amd64.deb
deb4=libnss3-dev_3.17.2-1.1_amd64.deb
deb5=libnss3-tools_3.17.2-1.1_amd64.deb
wget -t 3 -T 30 -nv -O "$deb1" "$base_url/$deb1"
wget -t 3 -T 30 -nv -O "$deb2" "$base_url/$deb2"
wget -t 3 -T 30 -nv -O "$deb3" "$base_url/$deb3"
wget -t 3 -T 30 -nv -O "$deb4" "$base_url/$deb4"
wget -t 3 -T 30 -nv -O "$deb5" "$base_url/$deb5"
if [ -s "$deb1" ] && [ -s "$deb2" ] && [ -s "$deb3" ] && [ -s "$deb4" ] && [ -s "$deb5" ]; then
dpkg -i "$deb1" "$deb2" "$deb3" "$deb4" "$deb5" && /bin/rm -f "$deb1" "$deb2" "$deb3" "$deb4" "$deb5"
apt-get install -f
echo
echo 'Completed! If no error, you may now proceed to run the VPN setup script.'
exit 0
else
/bin/rm -f "$deb1" "$deb2" "$deb3" "$deb4" "$deb5"
exiterr 'Could not download libnss/libnspr package(s).'
fi