From 4eb099030dfee37a7854e31efd1bd204ffa4ac76 Mon Sep 17 00:00:00 2001 From: SamNet-dev Date: Fri, 6 Feb 2026 12:51:23 -0600 Subject: [PATCH] fix: auto-install openssl for GFK certificate generation --- paqctl.sh | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/paqctl.sh b/paqctl.sh index e57731d..88bb143 100644 --- a/paqctl.sh +++ b/paqctl.sh @@ -264,6 +264,11 @@ check_dependencies() { esac fi + # openssl is required for GFK certificate generation + if ! command -v openssl &>/dev/null; then + install_package openssl || log_warn "Could not install openssl" + fi + # libpcap is required by paqet install_libpcap } @@ -1497,6 +1502,10 @@ generate_gfk_certs() { log_info "GFW-knocker certificates already exist" return 0 fi + if ! command -v openssl &>/dev/null; then + log_info "Installing openssl..." + install_package openssl || { log_error "Failed to install openssl"; return 1; } + fi log_info "Generating QUIC TLS certificates..." if ! openssl req -x509 -newkey rsa:2048 -keyout "$GFK_DIR/key.pem" \ -out "$GFK_DIR/cert.pem" -days 3650 -nodes -subj "/CN=gfk" 2>/dev/null; then @@ -2475,6 +2484,16 @@ download_gfk() { generate_gfk_certs() { [ -f "$GFK_DIR/cert.pem" ] && [ -f "$GFK_DIR/key.pem" ] && return 0 + if ! command -v openssl &>/dev/null; then + log_info "Installing openssl..." + if command -v apt-get &>/dev/null; then apt-get install -y openssl 2>/dev/null + elif command -v dnf &>/dev/null; then dnf install -y openssl 2>/dev/null + elif command -v yum &>/dev/null; then yum install -y openssl 2>/dev/null + elif command -v apk &>/dev/null; then apk add openssl 2>/dev/null + elif command -v pacman &>/dev/null; then pacman -S --noconfirm openssl 2>/dev/null + fi + command -v openssl &>/dev/null || { log_error "Failed to install openssl"; return 1; } + fi log_info "Generating QUIC certificates..." openssl req -x509 -newkey rsa:2048 -keyout "$GFK_DIR/key.pem" \ -out "$GFK_DIR/cert.pem" -days 3650 -nodes -subj "/CN=gfk" 2>/dev/null || return 1