#!/bin/bash
#
# Author: Dubravko Penezic, 2011
#
# Skripta za instalaciju skripte za autentikaciju na eduroam sustav.
#
# Ocekuje se da je na sustavu instalirana slijedeca programska podrska
# iwconfig
# wpa_supplicant
# dhclient
# awk
# sed
# 
# te da postoji barem jedan mrezni adapter za bezicnu mrezu i da je isti 
# u funkciji
#
# verzija 1.0.2
#
# Nastala nadogradnjom i prilagodbom:
#
#               eduroam configuration utility for Linux
# Version 0.4-1 
# Written by Tomasz Wolniewicz (twoln@umk.pl)
# with contributions from Andrzej Angowski
# German locale provided by Torsten Kersting

# varijable
ver="1.0.2"
EDUROAM_CONF_PATH="/etc/eduroam"
EDUROAM_SBIN_PATH="/sbin"
EDUROAM_BIN_PATH="/usr/bin"

# xterm oznake teksta bold 
if [ "$TERM" = "xterm" ] ; then
  bf="[1m";
  n="[0m";
fi

drivers=("wext" "madwifi" "ipw" "ndiswrapper")

# functions
# ispis teksta na ekran, lprint samo tekst, lprintln cijeli redak 
# s prelaskom u novi red
#

lprint() {
  echo -n $1;
}

lprintln() {
  lprint "$1"
  echo ""
}

# ask user for confirmation
# the first argument is the user prompt
# if the second argument is 0 then the first element of yes_no array
# will be the default value prompted to the user

ask() {
  yes=`lprint DA`
  no=`lprint NE`
  if [ $2 == "0" ]; then
    def=$yes
  else
    def=$no
  fi

  while true
  do
  read -p "${bf}${1} ${yes}/${no}? [${def}]:$n " answer
  if [ -z "$answer" ] ; then 
    answer=${def}
  else
    answer=`echo $answer | awk '{ print toupper($0) }'`
  fi
  case "$answer" in
    ${yes})
       return 0
       ;;
    ${no})
       return 1
       ;;
  esac
  done
}

atn=`lprint "UPOZORENJE"`
attention="${bf}${atn}!${n} "

# Ispisivanje pozdravne poruke
echo ""
lprintln "eduroam_config ${ver}"
lprintln "================================"
echo ""
lprintln "Ova skripta obavlja instalaciju skripte i konfiguraciju klijenta"
lprintln "za pristup bezicnoj mrezi putem autentikacijske infrastrukture ${bf}eduroam$n"
echo ""
echo "------------------------------------------------------------------------"
lprintln "${attention}Skripta podesava parametre koje mogu koristiti samo korisnici"
lprintln "institucije ${bf}Veleknin$n cija korisnicka oznaka ima oblik"
lprintln "<uid>@veleknin.hr (pero@veleknin.hr)"
echo "------------------------------------------------------------------------"
echo "" 

# Provjera parametara pri pozivanju skripte

set -- `getopt ih $*`
for i
do
  case "$i" in
    -h)
      lprintn "Uporaba"; echo " $0 [-i]"
      echo ""
      echo ""
      exit 2 ;;
    -i)
       flag="i"; shift;;
    --)
       shift; break;;
  esac
done

user=`whoami`
if [ "$user" != "root" ]; then
  echo  -n "${attention} "
  lprintln "Ova skripta mora biti pokrenuta s root administrativnim ovlastima"
  exit
fi

if ! ask "`lprint 'Nastavak'`" 0 ; then exit; fi
clear

# locate iwconfig
#
if [ -x /sbin/iwconfig ]; then
  IWCONFIG="/sbin/iwconfig"
elif [ -x /usr/sbin/iwconfig ]; then
  IWCONFIG="/usr/sbin/iwconfig"
elif [ "$flag" ! = "-i" ] ; then
  lprint "Nemoguce pronaci";  echo " iwconfig"
  prompt=`lprint "unesite putanju do"`
  read -p "$prompt iwconfig: " IWCONFIG
  if [ ! -x $IWCONFIG ] ; then
    lprint "Nemoguce pronaci"; echo " $IWCONFIG";
    exit
  fi
fi

if [ "$flag" = "i" ] ; then
  read -p "iwconfig: [${IWCONFIG}] " iwcfg
  if [ "$iwcfg" ] ; then
    IWCONFIG=$iwcfg
  fi
  if [ ! -x $IWCONFIG ] ; then
    lprint "Nemoguce pronaci";echo " $IWCONFIG";
    exit 
  fi
fi

# locate wireless interface
iface=`${IWCONFIG} 2>/dev/null | awk '/^[a-z]/ {print $1 }'`

if [ -z "${iface}" ] ; then
  lprintln "Nije pronadjena niti jedan aktivni mrezni adapter za bezicnu mrezu. Skripta prekida izvrsenje."
  exit 
fi

# locate wpa_supplicant
#
if which wpa_supplicant 1>/dev/null 2>&1 ; then
  WPA_SUPPLICANT=`which wpa_supplicant`
elif [ -x /sbin/wpa_supplicant ]; then
  WPA_SUPPLICANT="/sbin/wpa_supplicant"
elif [ -x /usr/sbin/wpa_supplicant ]; then
  WPA_SUPPLICANT="/usr/sbin/wpa_supplicant"
elif [ "$flag" != "-i" ] ; then
  while [ ! -x "$WPA_SUPPLICANT" -o "$WPA_SUPPLICANT" = "" ]
  do
    lprint "Nemoguce pronaci";echo " wpa_supplicant"
    prompt=`lprint "unesite putanju do"`
    read -p "$prompt wpa_supplicant: " WPA_SUPPLICANT
  done
fi

if [ "$flag" = "i" ] ; then
  read -p "wpa_supplicant: [${WPA_SUPPLICANT}] " iwcfg
  if [ "$iwcfg" ] ; then
    WPA_SUPPLICANT=$iwcfg
  fi
  while [ ! -x "$WPA_SUPPLICANT" -o "$WPA_SUPPLICANT" = "" ]
  do
    lprint 101 "Nemoguce pronaci"; echo " wpa_supplicant"
    read -p "$prompt wpa_supplicant: " WPA_SUPPLICANT
  done
fi

# locate wpa_cli
#
if which wpa_cli 1>/dev/null 2>&1 ; then
   WPA_CLI=`which wpa_cli`
fi

# select the wireless interface
#
iface_count=`${IWCONFIG} 2>/dev/null | awk '/^[a-z]/ {print $1 }'| wc -l`
if [ $iface_count -gt 1 ] ; then
  lprintln "Pronadjeni slijedeci mrezni adapteri za bezicnu mrezu:"
  echo "$bf${iface}$n"
else
  lprint  "Pronadjen mrezni adapter za bezicnu mrezu"
  echo ": $bf${iface}$n"
fi

if [ $iface_count -gt 1 ] ; then
  lprintln "molim odaberite jedan"
  ifc=""
  while [ -z $ifc ]
  do
    read -p "${n}interface: ${bf}" ifc
  done
  iface=$ifc
elif [ "$flag" = "i" ] ; then
  read -p "adapter: [${iface}] " ifc
  if [ "$ifc" ] ; then
     iface=$ifc
  fi
fi

# select wireless driver
#
case $iface in
  ath[0-9])
    driver="madwifi"
    ;;
  eth[0-9] | wlan[0-9])
    driver="wext"
    ;;
esac

if [ "$flag" = "i" ] ; then
  lprintln "moguci drajveri:"

i=0
j=110
for ifs in ${drivers[*]} 
do
  printf  " %-19s - %s\n" "${bf}$ifs${n}" "${MSG[$j]}"
  let i++
  let j++
done
prompt=`lprintln "drajver"`
read -p "${prompt}: [${driver}] " dr
  if [ "$dr" ] ; then
     driver=$dr
  fi
fi


if [ -x /sbin/dhcpcd ] ; then
dhclient="/sbin/dhcpcd"
fi

if [ -x /sbin/dhclient ] ; then
dhclient="/sbin/dhclient"
fi

if [ -x /sbin/pump ] ; then
dhclient="/sbin/pump -i"
fi

# check for gksu
GKSU=""
if which gksu 1>/dev/null 2>&1 ; then
   GKSU=`which gksu`
fi

# check for kdesu
KDESU=""
if which kdesu 1>/dev/null 2>&1 ; then
   KDESU=`which kdesu`
fi

found=`lprint "pronadjen"`;

echo ""
lprintln "--------------------------------------------------------------------"
lprint "Podesava eduroam na"; echo " $bf$iface$n"
echo " ${found} $bf$WPA_SUPPLICANT$n"
echo " ${found} $bf$IWCONFIG$n"
echo " ${found} $bf$dhclient$n"
echo -n " "; lprint "podesavam drajver"; echo " $bf$driver$n"
echo -n " "; lprint "kreiranje direktorija"; echo " $bf$EDUROAM_CONF_PATH$n"
echo -n " "; lprintln "kreiranje naredbe:"
echo "  $bf${EDUROAM_SBIN_PATH}/eduroam$n"
echo "  $bf${EDUROAM_BIN_PATH}/eduroam-start$n"
echo "  $bf${EDUROAM_BIN_PATH}/eduroam-stop$n"
if [ -n "$GKSU" -o -n "$KDESU" ] ; then
echo -n " "; lprintln "i kreiranje pomocne naredbe:"
echo "  $bf${EDUROAM_BIN_PATH}/xeduroam-start$n"
echo "  $bf${EDUROAM_BIN_PATH}/xeduroam-stop$n"
fi
echo "--------------------------------------------------------------------"
echo ""
lprintln "Ako zelite promjeniti pojedine parametre, zaustavite instalaciju"
lprintln "i pokrenite skriptu s paramterom -i"
echo ""

if ! ask "`lprint 'Nastavak'`" 1 ; then exit; fi

if [ -z "$GKSU" -a -z "$KDESU" ]; then
  if which sudo 1>/dev/null 2>&1 ; then
    SUDO=`which sudo`
    prompt=`lprintln "zelite li koristiti ${n}sudo${bf} za pokretanje spajanja na eduroam"`
    if ask "$prompt" 1; then
      lprint "Da, koristit cu"
      echo " ${bf}${SUDO}$n"
    else
      lprint "Da, koristit cu"
      echo " ${bf}su${n}"
      SUDO=""
    fi
  fi
fi

if [ -d "$EDUROAM_CONF_PATH" ] ; then
  echo -n "${attention} "
  lprint "Direktorij"; echo -n " $EDUROAM_CONF_PATH "; lprintln "postoji"
  lprintln "neke datoteke ce biti modificirane"
  if ! ask "`lprint 'Nastavak'`" 1 ; then exit; fi
else
  lprint 20 "kreiranje"; echo " $EDUROAM_CONF_PATH"
  if ! mkdir $EDUROAM_CONF_PATH ; then
    lprint 21 "problem u kreiranju direktorija"; echo " $EDUROAM_CONF_PATH"
    exit
  fi
fi

PASSWORD="a"
PASSWORD1="b"
prompt=`lprint "Unesite svoju korisnicku oznaku u obliku <uid>@veleknin.hr (pero@veleknin.hr)"`
read -p "${prompt}: " USER
while [ "$PASSWORD" != "$PASSWORD1" ]
do
  prompt=`lprint "unesite svoju lozinku"`
  read -s -r -p "${prompt}: " PASSWORD
  echo ""
  prompt=`lprint "ponovno unesite svoju lozinku"`
  read -s -r -p "${prompt}: " PASSWORD1
  echo ""
  if [ "$PASSWORD" != "$PASSWORD1" ] ; then
    lprint "unesene lozinke se ne podudaraju"
  fi
done

eap="TTLS
    password=\"${PASSWORD}\"
    phase2=\"auth=PAP\""

echo "ctrl_interface=/var/run/wpa_supplicant 

network={ 
      ssid=\"eduroam\"
      proto=WPA2 WPA
      key_mgmt=WPA-EAP
      pairwise=CCMP TKIP
      group=CCMP TKIP
      ca_cert=\"${EDUROAM_CONF_PATH}/eduroam_veleknin.hr_CA.pem\"
      subject_match=\"freeradius.veleknin.hr\"
      identity=\"${USER}\"
      eap=$eap
     }

" > ${EDUROAM_CONF_PATH}/wpa_supplicant.conf


#INCLUDE_CERT

chown root ${EDUROAM_CONF_PATH}/wpa_supplicant.conf
chmod 600 ${EDUROAM_CONF_PATH}/wpa_supplicant.conf


starting=`lprintln  "pokretanje mrezne povezanosti"`
stopping=`lprintln "zaustavljanje mrezne povezanosti"`
waiting=`lprintln "cekanje na povezivanje"`
connected=`lprintln "povezano na"`
restarting=`lprintln "restartanje"`
assinging_ip=`lprintln "podesavanje IP adrese"`
msg=`lprint "Koristenje"`

echo "#!/bin/sh
WPA_SUPPLICANT=\"$WPA_SUPPLICANT\"" > ${EDUROAM_SBIN_PATH}/eduroam
if [ "$WPA_CLI" ] ; then
echo "WPA_CLI=\"$WPA_CLI\"" >> ${EDUROAM_SBIN_PATH}/eduroam
fi

echo "DRIVER=\"${driver}\"
WPA_CONF=\"${EDUROAM_CONF_PATH}/wpa_supplicant.conf\"
DHCPD=\"${dhclient}\"
INTERFACE=\"${iface}\"
REAUTH_TIMEOUT=\"120\"
# end of configuration section
dhclient=\`basename \$DHCPD\`
case \"\$1\" in
	start)
            echo \"$starting \${INTERFACE}\"
    	    pkill wpa_supplicant
    	    kill \`ps -ef | awk \"/\$dhclient/ && /${iface}/ && ! /awk/ {print \$2}\"\` 1>/dev/null 2>&1
	    \${WPA_SUPPLICANT} -B -D \${DRIVER} -c \${WPA_CONF} -i \${INTERFACE} -P /var/run/wpa_supplicant.pid 1>/dev/null 2>&1
    	    if [ \"\$WPA_CLI\" ] ; then
    		i=1
		echo \"$waiting\"
    		while ! \$WPA_CLI status | grep -q AUTHENTICATED ; do
            	    sleep 1
            	    i=\`expr \$i + 1\`
            	    if [ \$i -gt 40 ] ; then
                	echo \"$restarting wpa_supplicant\"
			echo \"$waiting\"
                	pkill wpa_supplicant
                	sleep 1
		        \${WPA_SUPPLICANT} -B -D \${DRIVER} -c \${WPA_CONF} -i \${INTERFACE} -P /var/run/wpa_supplicant.pid 1>/dev/null 2>&1
                	i=1
                	sleep 1
            	    fi
                done
		echo \"$connected eduroam\"
    	    else
		sleep 10
    	    fi
    	    echo \"$assinging_ip\"
	    \${DHCPD} \${INTERFACE}
	;;
        stop)
            echo \"$stopping \${INTERFACE}\"
    	    pkill wpa_supplicant
    	    kill \`ps -ef | awk \"/\$dhclient/ && /${iface}/ && ! /awk/ {print \$2}\"\` 1>/dev/null 2>&1
	;;
        *)
	    echo \"$msg \$0 {start|stop}\"
	    exit 1
	;;
esac
"  >> ${EDUROAM_SBIN_PATH}/eduroam
chmod 755 ${EDUROAM_SBIN_PATH}/eduroam
if [ -n "$GKSU" -o -n "$KDESU" ]; then
  msg=`lprint "izvrseno"; echo -n " ${EDUROAM_SBIN_PATH}/eduroam start "; lprint "kao root"`
echo "#!/bin/sh
xterm -geometry 80x5 -T 'eduroam start' -e '${EDUROAM_SBIN_PATH}/eduroam start; sleep 2'
" > ${EDUROAM_BIN_PATH}/xeduroam-start
echo "#!/bin/sh
xterm -geometry 80x5 -T 'eduroam stop' -e '${EDUROAM_SBIN_PATH}/eduroam stop; sleep 2'
" > ${EDUROAM_BIN_PATH}/xeduroam-stop
chmod 755 ${EDUROAM_BIN_PATH}/xeduroam-*

echo "#!/bin/sh
if [ -n \"\$DISPLAY\" ] ; then
  if env | grep -q GNOME ; then
    if which gksu 1>/dev/null 2>&1 ; then
     SSSU=\`which gksu\`
    fi
  fi
  if env | grep -q KDE ; then
    if which kdesu 1>/dev/null 2>&1 ; then
     SSSU=\`which kdesu\`
    fi
  fi
  if [ -n \"\$SSSU\" ] ; then
    \$SSSU xeduroam-start 1>/dev/null 2>&1
  else
    echo $msg
  fi
else
  echo $msg
fi
" > ${EDUROAM_BIN_PATH}/eduroam-start

  msg=`lprint "pokrenuto"; echo -n " ${EDUROAM_SBIN_PATH}/eduroam stop "; lprint "kao root"`

echo "#!/bin/sh
if [ -n \"\$DISPLAY\" ] ; then
  if env | grep -q GNOME ; then
    if which gksu 1>/dev/null 2>&1 ; then
     SSSU=\`which gksu\`
    fi
  fi
  if env | grep -q KDE ; then
    if which kdesu 1>/dev/null 2>&1 ; then
     SSSU=\`which kdesu\`
    fi
  fi
  if [ -n \"\$SSSU\" ] ; then
    \$SSSU xeduroam-stop 1>/dev/null 2>&1
  else
    echo $msg
  fi
else
  echo $msg
fi
" > ${EDUROAM_BIN_PATH}/eduroam-stop
else
if [ -n "$SUDO" ]; then
echo "#!/bin/sh
if [ -n \"\$DISPLAY\" ] ; then
  xterm -geometry 80x4 -T 'eduroam start' -e \"${SUDO} ${EDUROAM_SBIN_PATH}/eduroam start\"
else
  ${SUDO} ${EDUROAM_SBIN_PATH}/eduroam start
fi
" > ${EDUROAM_BIN_PATH}/eduroam-start

echo "#!/bin/sh
if [ -n \"\$DISPLAY\" ] ; then
  xterm -geometry 80x4 -T 'eduroam stop' -e \"${SUDO} ${EDUROAM_SBIN_PATH}/eduroam stop\"
else
  ${SUDO} ${EDUROAM_SBIN_PATH}/eduroam stop
fi
" > ${EDUROAM_BIN_PATH}/eduroam-stop
else
echo "#!/bin/sh
if [ -n \"\$DISPLAY\" ] ; then
  xterm -geometry 80x4 -T 'eduroam start' -e \"su -c '${EDUROAM_SBIN_PATH}/eduroam start'\"
else
  su -c '${EDUROAM_SBIN_PATH}/eduroam start'
fi
" > ${EDUROAM_BIN_PATH}/eduroam-start

echo "#!/bin/sh
if [ -n \"\$DISPLAY\" ] ; then
  xterm -geometry 80x4 -T 'eduroam stop' -e \"su -c '${EDUROAM_SBIN_PATH}/eduroam stop'\"
else
  su -c '${EDUROAM_SBIN_PATH}/eduroam stop'
fi
" > ${EDUROAM_BIN_PATH}/eduroam-stop
fi
fi

chmod 755 ${EDUROAM_BIN_PATH}/eduroam-*

cp eduroam_veleknin.hr_CA.pem ${EDUROAM_CONF_PATH}

echo ""
lprintln "${bf}Uspjesno dovrseno konfiguriranje$n"
echo ""
echo ""
lprintln "${bf}Koristenje${n}"
echo "------------------------"
echo ""
lprint "Pokretanje mrezne povezanosti"; echo " ${bf}eduroam-start${n}"
lprint "Zaustavljanje mrezne povezanosti"; echo " ${bf}eduroam-stop${n}"
echo ""

