Questa è una vecchia versione del documento!

---

#!/usr/bin/env perl # Stefan Tomanek stefan@pico.ruhr.de # updated by Wolfram Sang ninja@the-dreams.de on 21.10.06 and on 26.06.07 ## # pcf2vpnc <pcf file> [vpnc file] ## # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # $Id$

use IO::File; use strict; use warnings;

my %authmode = ( 1 ⇒ 'psk', 3 ⇒ 'cert', 5 ⇒ 'hybrid' ); my $needs_cert = 0; my $no_decrypt = 0; if (system(“cisco-decrypt”, “q”) == -1) {

  $no_decrypt = 1;
  print STDERR "cisco-decrypt not in search path,\n";
  print STDERR "  adding passwords in obfuscated form\n";

}

sub readPCF($) {

  my ($file) = @_;
  my %config;
  while (<$file>) {
# Filter unnecessary chars at beginning & end of line
s/^!*//; s/[\r ]*$//;
if (/^(.*?)=(.*?)$/) {
    # We don't need emtpy config strings
    next if ($2 eq "");
    if ($1 eq "Host") {
	$config{IPSec}{gateway} = $2;
    } elsif ($1 eq "GroupName") {
	$config{IPSec}{ID} = $2;
    } elsif ($1 eq "GroupPwd") {
	$config{IPSec}{secret} = $2;
    } elsif ($1 eq "enc_GroupPwd") {
	if ($no_decrypt) {
	    $config{IPSec}{obfuscated} = "secret $2";
	} else {
	    $config{IPSec}{secret} = `cisco-decrypt $2`;
	}
    } elsif ($1 eq "AuthType") {
	$config{IKE}{Authmode} = $authmode{$2};
	if ($2 == 3 || $2 == 5) {
	  $needs_cert = 1;
	}
    } elsif ($1 eq "DHGroup") {
	$config{IKE}{DH} = "Group dh$2";
    } elsif ($1 eq "Username") {
	$config{Xauth}{username} = $2;
    } elsif ($1 eq "UserPassword") {
	$config{Xauth}{password} = $2;
    } elsif ($1 eq "enc_UserPassword") {
	if ($no_decrypt) {
	    $config{Xauth}{obfuscated} = "password $2";
	} else {
	    $config{Xauth}{password} = `cisco-decrypt $2`;
	}
    } elsif ($1 eq "NTDomain") {
	$config{Domain}{""} = $2;
    }
}
  }
  return \%config;

}

sub writeVPNC($) {

  my ($config) = @_;
  my $text = "## generated by pcf2vpnc\n";
  foreach my $section (keys %$config) {
foreach my $item (keys %{ $config->{$section} }) {
    $text .= "$section ".($item ? "$item " : '').$config->{$section}{$item}."\n";
}
  }
  unless (defined $config->{Xauth}) {
$text .= "\n## To add your username and password,\n";
$text .= "## use the following lines:\n";
$text .= "# Xauth username <your username>\n";
$text .= "# Xauth password <your password>\n";
  }
  return $text;

}

if (defined $ARGV[0]) {

  my $src = new IO::File($ARGV[0]) || die "Unable to open file ".$ARGV[0]."\n";
  if (defined $ARGV[1]) {
my $dst = new IO::File($ARGV[1], "w") || die "Unable to open file ".$ARGV[1]."\n";
$dst->write( writeVPNC(readPCF($src)) ) || die "Unable to write to file ".$ARGV[1]."\n";
$dst->close() || die "Unable to close file ".$ARGV[1]."\n";
printf STDERR "vpnc config written to '%s' with permissions '%04o'.\n", $ARGV[1], (stat($ARGV[1]))[2];
print  STDERR "Please take care of permissions.\n";
  } else {
print writeVPNC(readPCF($src));
  }
  $src->close() || die "Unable to close file ".$ARGV[0]."\n";
  if ($needs_cert) {
print STDERR "\nDon't forget to copy the needed certificate(s).\n\n";
  }

} else {

  print STDERR "$0 converts VPN-config files from pcf to vpnc-format.\n";
  print STDERR "Usage: $0 <pcf file> [vpnc file]\n";

}