From 64e94d96858b907f1266c0bfd10088ca33b032e0 Mon Sep 17 00:00:00 2001 From: Donald Buczek Date: Tue, 26 Nov 2019 16:32:46 +0100 Subject: [PATCH 1/6] pcsc-lite: Add version 1.5.4 Add pcsc-lite. pcsc-lite is a middleware to access a smart card using SCard API (PC/SC). https://pcsclite.apdu.fr/ Required to access the (Thales-) gemalto SafeNet eToken for vAP. Note: To use, the pcscd installed by this package needs to run. startup/unit files not yet included. --- pcsc-lite.be0 | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100755 pcsc-lite.be0 diff --git a/pcsc-lite.be0 b/pcsc-lite.be0 new file mode 100755 index 000000000..14cce7d11 --- /dev/null +++ b/pcsc-lite.be0 @@ -0,0 +1,37 @@ +#!/usr/bin/env beesh + +# BEE_VERSION pcsc-lite-1.8.25-0 + +# more info: https://pcsclite.apdu.fr/ + +SRCURL[0]="https://pcsclite.apdu.fr/files/pcsc-lite-${PKGVERSION}.tar.bz2" + +# PATCHURL+=() + +# build_in_sourcedir + +# sourcesubdir_append src + +#mee_extract() { +# bee_extract "${@}" +#} + +#mee_patch() { +# bee_patch "${@}" +#} + +#mee_configure() { +# bee_configure +#} + +#mee_build() { +# bee_build +#} + +#mee_install() { +# bee_install +#} + +#mee_install_post() { +# exit +#} From c041935800492c4084d4a6496320dfce24b220fb Mon Sep 17 00:00:00 2001 From: Donald Buczek Date: Thu, 28 Nov 2019 12:00:17 +0100 Subject: [PATCH 2/6] ccid: Add version 1.4.31 Add CCID (Chip/Smart Card Interfrace Decices) driver for PCSC lite. https://ccid.apdu.fr/ Required to access the (Thales-) gemalto SafeNet eToken for vAP. --- ccid.be0 | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100755 ccid.be0 diff --git a/ccid.be0 b/ccid.be0 new file mode 100755 index 000000000..d8785b645 --- /dev/null +++ b/ccid.be0 @@ -0,0 +1,37 @@ +#!/usr/bin/env beesh + +# BEE_VERSION ccid-1.4.31-0 + +# more info: https://ccid.apdu.fr/ + +SRCURL[0]="https://ccid.apdu.fr/files/ccid-${PKGVERSION}.tar.bz2" + +# PATCHURL+=() + +# build_in_sourcedir + +# sourcesubdir_append src + +#mee_extract() { +# bee_extract "${@}" +#} + +#mee_patch() { +# bee_patch "${@}" +#} + +#mee_configure() { +# bee_configure +#} + +#mee_build() { +# bee_build +#} + +#mee_install() { +# bee_install +#} + +#mee_install_post() { +# exit +#} From 87b951e8f9c037154a869be9b1e3232917d6f151 Mon Sep 17 00:00:00 2001 From: Donald Buczek Date: Thu, 28 Nov 2019 12:09:37 +0100 Subject: [PATCH 3/6] pcsc-tools: Add version 1.5.4 Add pcsc-tools, which can be used to test SmartCard connectivity provided by pcsc-lite. --- pcsc-tools.be0 | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100755 pcsc-tools.be0 diff --git a/pcsc-tools.be0 b/pcsc-tools.be0 new file mode 100755 index 000000000..0f95b0fab --- /dev/null +++ b/pcsc-tools.be0 @@ -0,0 +1,37 @@ +#!/usr/bin/env beesh + +# BEE_VERSION pcsc-tools-1.5.4-0 + +# more info: http://ludovic.rousseau.free.fr/softwares/pcsc-tools/ + +SRCURL[0]="http://ludovic.rousseau.free.fr/softwares/pcsc-tools/pcsc-tools-${PKGVERSION}.tar.bz2" + +# PATCHURL+=() + +# build_in_sourcedir + +# sourcesubdir_append src + +#mee_extract() { +# bee_extract "${@}" +#} + +#mee_patch() { +# bee_patch "${@}" +#} + +#mee_configure() { +# bee_configure +#} + +#mee_build() { +# bee_build +#} + +#mee_install() { +# bee_install +#} + +#mee_install_post() { +# exit +#} From e688d53b2c0d5a1f1bad905f84c99b4f21ba48b3 Mon Sep 17 00:00:00 2001 From: Donald Buczek Date: Thu, 28 Nov 2019 12:16:52 +0100 Subject: [PATCH 4/6] pcsc-tools: Remove Remove pcsc-tools which are not required to use pcsc-lite. It doesn't provide much help anyway. --- pcsc-tools.be0 | 37 ------------------------------------- 1 file changed, 37 deletions(-) delete mode 100755 pcsc-tools.be0 diff --git a/pcsc-tools.be0 b/pcsc-tools.be0 deleted file mode 100755 index 0f95b0fab..000000000 --- a/pcsc-tools.be0 +++ /dev/null @@ -1,37 +0,0 @@ -#!/usr/bin/env beesh - -# BEE_VERSION pcsc-tools-1.5.4-0 - -# more info: http://ludovic.rousseau.free.fr/softwares/pcsc-tools/ - -SRCURL[0]="http://ludovic.rousseau.free.fr/softwares/pcsc-tools/pcsc-tools-${PKGVERSION}.tar.bz2" - -# PATCHURL+=() - -# build_in_sourcedir - -# sourcesubdir_append src - -#mee_extract() { -# bee_extract "${@}" -#} - -#mee_patch() { -# bee_patch "${@}" -#} - -#mee_configure() { -# bee_configure -#} - -#mee_build() { -# bee_build -#} - -#mee_install() { -# bee_install -#} - -#mee_install_post() { -# exit -#} From d37dd4e4de6b7cdec4e64e7069466e7f0b9afd7b Mon Sep 17 00:00:00 2001 From: Donald Buczek Date: Thu, 28 Nov 2019 16:08:52 +0100 Subject: [PATCH 5/6] citrix-workspace-app: Add version 19.10.0.15 Add Citrix Workspace App for vAP. --- citrix-workspace-app.be0 | 210 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 210 insertions(+) create mode 100755 citrix-workspace-app.be0 diff --git a/citrix-workspace-app.be0 b/citrix-workspace-app.be0 new file mode 100755 index 000000000..de24507f6 --- /dev/null +++ b/citrix-workspace-app.be0 @@ -0,0 +1,210 @@ +#!/usr/bin/env beesh + +# BEE_VERSION citrix-workspace-app-19.10.0.15-0 + +# more info: https://www.citrix.com/downloads/workspace-app/linux/workspace-app-for-linux-latest.html +# +# never execute the provided installer. Its total junk. +# +# To use the package, this has to be done for each new user: +# +# mkdir -p $HOME/.ICAClient/cache +# cp /opt/Citrix/ICAClient/config/{All_Regions,Trusted_Region,Unknown_Region,canonicalization,regions}.ini $HOME/.ICAClient/ +# +# maybe we do this from a wrapper in a future build + +SRCURL[0]="/src/mariux/download/citrix_workspace_app-${PKGVERSION}.tgz" + +# PATCHURL+=() + +# build_in_sourcedir + +# sourcesubdir_append src + +#mee_extract() { +# bee_extract "${@}" +#} + +#mee_patch() { +# bee_patch "${@}" +#} + +#mee_configure() { +# bee_configure +#} + +#mee_build() { +# bee_build +#} + +mee_install() { + + # stolen from + # https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=icaclient + + srcdir="$S" + pkgdir=$D + + ICAROOT=/opt/Citrix/ICAClient + ICADIR="$srcdir/linuxx64/linuxx64.cor" + mkdir -p "${pkgdir}$ICAROOT" + + cd "$ICADIR" + install -m755 wfica *.so *.DLL AuthManagerDaemon PrimaryAuthManager ServiceRecord selfservice "${pkgdir}$ICAROOT" + + # copy directories + cp -r ./config/ "${pkgdir}$ICAROOT" + cp -r ./gtk/ "${pkgdir}$ICAROOT" + cp -r ./help/ "${pkgdir}$ICAROOT" + cp -r ./keyboard/ "${pkgdir}$ICAROOT" + cp -r ./keystore/ "${pkgdir}$ICAROOT" + cp -r ./lib/ "${pkgdir}$ICAROOT" + cp -r ./icons/ "${pkgdir}$ICAROOT" + cp -r ./nls/ "${pkgdir}$ICAROOT" + cp -r ./site/ "${pkgdir}$ICAROOT" + cp -r ./usb/ "${pkgdir}$ICAROOT" + cp -r ./util/ "${pkgdir}$ICAROOT" + + # Install License + install -m644 -D nls/en.UTF-8/eula.txt \ + "${pkgdir}$ICAROOT/eula.txt" + + # create /config/.server to enable user customization using ~/.ICACLient/ overrides. Thanks Tomek + touch "${pkgdir}$ICAROOT/config/.server" + +# # Extract system ca-certificates and install in the Citrix cacerts directory +# cp /etc/ca-certificates/extracted/tls-ca-bundle.pem "${pkgdir}$ICAROOT/keystore/cacerts/" +# cd "${pkgdir}$ICAROOT/keystore/cacerts/" +# awk 'BEGIN {c=0;} /BEGIN CERT/{c++} { print > "cert." c ".pem"}' < tls-ca-bundle.pem + + # The following 32-bit library causes false namcap errors + # rm util/libgstflatstm.32.so + +# # Install wrapper script +# install -m755 "${srcdir}/wfica.sh" "${pkgdir}$ICAROOT/wfica.sh" + + # Dirty Hack + # wfica expects {module,wfclient,apssrv}.ini in $ICAROOT/config + # sadly these configs differ slightly by locale + lang=${LANG%%_*} + if [[ ! -d "${pkgdir}/$ICAROOT/nls/$lang" ]]; then + lang='en' + fi + cp "${pkgdir}$ICAROOT/nls/$lang/module.ini" "${pkgdir}/$ICAROOT/config/" + cp "${pkgdir}$ICAROOT/nls/$lang/appsrv.template" "${pkgdir}/$ICAROOT/config/appsrv.ini" + cp "${pkgdir}$ICAROOT/nls/$lang/wfclient.template" "${pkgdir}/$ICAROOT/config/wfclient.ini" + + # Copy Firefox plugin into plugin directory + mkdir -p "${pkgdir}/usr/lib/mozilla/plugins" + ln -s "$ICAROOT/npica.so" "${pkgdir}"/usr/lib/mozilla/plugins/npica.so + cd "${srcdir}" + # install freedesktop.org files +# install -Dm644 wfica.desktop "${pkgdir}/usr/share/applications/wfica.desktop" +# install -Dm644 conncenter.desktop "${pkgdir}/usr/share/applications/conncentre.desktop" +# install -Dm644 configmgr.desktop "${pkgdir}/usr/share/applications/configmgr.desktop" +# install -Dm644 selfservice.desktop "${pkgdir}/usr/share/applications/wfcmgr.desktop" + mkdir -p "${pkgdir}/usr/share/applications/" + cat <<'EOF' >"${pkgdir}/usr/share/applications/wfica.desktop" +[Desktop Entry] +Encoding=UTF-8 +Version=1.0 +Type=Application +Name=Citrix Receiver Engine +StartupWMClass=Wfica +NoDisplay=true +Categories=Application;Network;X-Red-Hat-Base;X-SuSE-Core-Internet; +MimeType=application/x-ica; +Icon=/opt/Citrix/ICAClient/icons/manager.png +TryExec=/opt/Citrix/ICAClient/wfica.sh +Exec=/opt/Citrix/ICAClient/wfica.sh +EOF + cat <<'EOF' >"${pkgdir}/usr/share/applications/conncentre.desktop" +[Desktop Entry] +Encoding=UTF-8 +Version=1.0 +Type=Application +Name=Citrix Connection Centre +NoDisplay=false +Categories=Application;Network;X-Red-Hat-Base;X-SuSE-Core-Internet; +Icon=/opt/Citrix/ICAClient/icons/manager.png +TryExec=/opt/Citrix/ICAClient/util/conncenter +Exec=/opt/Citrix/ICAClient/util/conncenter --icaroot /opt/Citrix/ICAClient +EOF + cat <<'EOF' >"${pkgdir}/usr/share/applications/configmgr.desktop" +[Desktop Entry] +Encoding=UTF-8 +Version=1.0 +Type=Application +Name=Citrix Receiver Preferences +NoDisplay=false +Categories=Application;Network;X-Red-Hat-Base;X-SuSE-Core-Internet; +Icon=/opt/Citrix/ICAClient/icons/manager.png +TryExec=/opt/Citrix/ICAClient/util/configmgr +Exec=/opt/Citrix/ICAClient/util/configmgr --icaroot /opt/Citrix/ICAClient +EOF + cat <<'EOF' > "${pkgdir}/usr/share/applications/wfcmgr.desktop" +[Desktop Entry] +Encoding=UTF-8 +Version=1.0 +Type=Application +Name=Citrix Receiver Self Service +Categories=Application;Network;X-Red-Hat-Base;X-SuSE-Core-Internet; +Icon=/opt/Citrix/ICAClient/icons/manager.png +TryExec=/opt/Citrix/ICAClient/selfservice +Exec=/opt/Citrix/ICAClient/selfservice --icaroot /opt/Citrix/ICAClient +EOF + + # install scripts +# install -Dm755 wfica.sh "${pkgdir}$ICAROOT" +# install -Dm755 wfica_assoc.sh "${pkgdir}$ICAROOT" + cat <<'EOF' >"${pkgdir}$ICAROOT/wfica.sh" +#!/bin/sh +export ICAROOT=/opt/Citrix/ICAClient +${ICAROOT}/wfica -file "$1" +EOF + chmod 755 "${pkgdir}$ICAROOT/wfica.sh" + cat <<'EOF' >"${pkgdir}$ICAROOT/wfica_assoc.sh" +#!/bin/sh +export ICAROOT=/opt/Citrix/ICAClient +${ICAROOT}/wfica -associate -fileparam "$1" +EOF + chmod 755 "${pkgdir}$ICAROOT/wfica_assoc.sh" + +# # make certificates available +# rm -r "${pkgdir}/opt/Citrix/ICAClient/keystore/cacerts" +# ln -s /etc/ssl/certs "${pkgdir}/opt/Citrix/ICAClient/keystore/cacerts" +# #ln -s /usr/share/ca-certificates/trust-source/* "${pkgdir}/opt/Citrix/ICAClient/keystore/cacerts/" +# #c_rehash "${pkgdir}/opt/Citrix/ICAClient/keystore/cacerts/" + + cat<<'EOF' >"${pkgdir}/opt/Citrix/ICAClient/keystore/cacerts/T-TeleSec_GlobalRoot_Class_2.pem" +subject=/CN=T-TeleSec GlobalRoot Class 2/OU=T-Systems Trust Center/O=T-Systems Enterprise Services GmbH/C=DE +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx +KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd +BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl +YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 +OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy +aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 +ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd +AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC +FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi +1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq +jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ +wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj +QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ +WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy +NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC +uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw +IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 +g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN +9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP +BSeOE6Fuwg== +-----END CERTIFICATE----- +EOF + +} + +#mee_install_post() { +# exit +#} From 4438da126c87e7ebfaa7dbc2641f213f06226e16 Mon Sep 17 00:00:00 2001 From: Donald Buczek Date: Wed, 4 Dec 2019 10:58:35 +0100 Subject: [PATCH 6/6] safenetauthenticationclient: Add versiobn 10.7.77 Install driver for Thales / gemalto SafeNet eToken 5300. To use, the user has to add /usr/lib/libeToken.so as a security module. E.g. for firefox via Preferences - Privacy and Security - Security Devices - Load --- safenetauthenticationclient.be0 | 46 +++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100755 safenetauthenticationclient.be0 diff --git a/safenetauthenticationclient.be0 b/safenetauthenticationclient.be0 new file mode 100755 index 000000000..6aaab77d0 --- /dev/null +++ b/safenetauthenticationclient.be0 @@ -0,0 +1,46 @@ +#!/usr/bin/env beesh + +# BEE_VERSION safenetauthenticationclient-10.7.77-0 + +# more info on Token: https://safenet.gemalto.com/multi-factor-authentication/authenticators/pki-usb-authentication/etoken-5300-usb-token/ +# +# Download Driver from +# https://extranet.mpg.de/IKT/Projekte/15022/Datenraum%20Rollouts/Forms/AllItems.aspx +# - 001_Citrix_Client-Komponenten - 003_Linux - CryptoToken Treiber - safenetauthenticationclient_10.7.77_amd64 + +SRCURL[0]="/src/mariux/beeroot/downloads/safenetauthenticationclient_${PKGVERSION}_amd64.deb" + +# PATCHURL+=() + +# build_in_sourcedir + +# sourcesubdir_append src + +mee_extract() { + cd $S + start_cmd ar xv "${@}" + mkdir control + start_cmd tar xvf control.tar.gz -C control + start_cmd tar xvf data.tar.xz + echo \$S=$S +} + +#mee_patch() { +# bee_patch "${@}" +#} + +#mee_configure() { +# bee_configure +#} + +#mee_build() { +# bee_build +#} + +mee_install() { + start_cmd cp -r $S/etc $S/usr $D/ +} + +#mee_install_post() { +# exit +#}