Downloads:

6,800

Downloads of v 2.0.21:

1,151

Last Update:

04 Oct 2017

Package Maintainer(s):

Software Author(s):

  • Securepoint Security Solutions

Tags:

securepoint openvpn community tunnel ssl admin

Securepoint SSL VPN Client

This is not the latest version of Securepoint SSL VPN Client available.

2.0.21 | Updated: 04 Oct 2017

Downloads:

6,800

Downloads of v 2.0.21:

1,151

Maintainer(s):

Software Author(s):

  • Securepoint Security Solutions

Securepoint SSL VPN Client 2.0.21

This is not the latest version of Securepoint SSL VPN Client available.

All Checks are Passing

2 Passing Test


Validation Testing Passed


Verification Testing Passed

Details

To install Securepoint SSL VPN Client, run the following command from the command line or from PowerShell:

>

To upgrade Securepoint SSL VPN Client, run the following command from the command line or from PowerShell:

>

To uninstall Securepoint SSL VPN Client, run the following command from the command line or from PowerShell:

>

NOTE: This applies to both open source and commercial editions of Chocolatey.

1. Ensure you are set for organizational deployment

Please see the organizational deployment guide

  • Open Source or Commercial:
    • Proxy Repository - Create a proxy nuget repository on Nexus, Artifactory Pro, or a proxy Chocolatey repository on ProGet. Point your upstream to https://chocolatey.org/api/v2. Packages cache on first access automatically. Make sure your choco clients are using your proxy repository as a source and NOT the default community repository. See source command for more information.
    • You can also just download the package and push it to a repository Download

3. Enter your internal repository url

(this should look similar to https://chocolatey.org/api/v2)

4. Choose your deployment method:


choco upgrade securepointsslvpn -y --source="'STEP 3 URL'" [other options]

See options you can pass to upgrade.

See best practices for scripting.

Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes.

If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:


choco upgrade securepointsslvpn -y --source="'STEP 3 URL'"
$exitCode = $LASTEXITCODE

Write-Verbose "Exit code was $exitCode"
$validExitCodes = @(0, 1605, 1614, 1641, 3010)
if ($validExitCodes -contains $exitCode) {
  Exit 0
}

Exit $exitCode

- name: Ensure securepointsslvpn installed
  win_chocolatey:
    name: securepointsslvpn
    state: present
    version: 2.0.21
    source: STEP 3 URL

See docs at https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html.

Coming early 2020! Central Managment Reporting available now! More information...


chocolatey_package 'securepointsslvpn' do
  action    :install
  version  '2.0.21'
  source   'STEP 3 URL'
end

See docs at https://docs.chef.io/resource_chocolatey_package.html.


Chocolatey::Ensure-Package
(
    Name: securepointsslvpn,
    Version: 2.0.21,
    Source: STEP 3 URL
);

Requires Otter Chocolatey Extension. See docs at https://inedo.com/den/otter/chocolatey.


cChocoPackageInstaller securepointsslvpn
{
   Name     = 'securepointsslvpn'
   Ensure   = 'Present'
   Version  = '2.0.21'
   Source   = 'STEP 3 URL'
}

Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.


package { 'securepointsslvpn':
  provider => 'chocolatey',
  ensure   => '2.0.21',
  source   => 'STEP 3 URL',
}

Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.


salt '*' chocolatey.install securepointsslvpn version="2.0.21" source="STEP 3 URL"

See docs at https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.chocolatey.html.

5. If applicable - Chocolatey configuration/installation

See infrastructure management matrix for Chocolatey configuration elements and examples.

This package was approved by moderator flcdrg on 15 Oct 2017.

Description

Securepoint VPN Client is a solution built on OpenVPN. It basically adds an friendly graphical user interface to OpenVPN on Windows.

From the Securepoint website:

Securepoint VPN is compatible with all current VPN servers and VPN clients from third-parties such as NCP, Greenbow etc. and can be run with these fee-based VPN clients. Securepoint VPN supports the protocols: L2TP/PPTP, IPSec via X.509 certificate/IKE and preshared keys, SSL VPN (OpenVPN) and is Windows 7-ready with IKEv1 and IKEv2 support.

Features:

* Configuration assistant, enables the simple creation of VPN connections
* Automatic configuration in conjunction with Securepoint VPN-/UTM-Gateways; out-of-the-box VPN-Client can be downloaded from the VPN-/UTM-Gateway user website.
* Administrator rights are not required on the computer
* Clear user interface for managing large number of VPN connections
* Multiple simultaneous VPN connections are possible
* Start connection: An automatic dial-up is possible in combination with saving the user data
* Automatic execution of programs if VPN tunnels are established
* Log window to analyse traffic data / depending on the connection
* Integration into system tray with status display
* Importing configurations incl. Certificate Authority (CA), certificate, key and script file
* Simple import of third-party openVPN configurations
* Encrypted export of configurations
* Saving user data (user name, password, PKCS12 password, HTTP proxy user, HTTP proxy password) AES encrypted
* HTTP proxy with authentication (NTLM etc.)
* PKCS12 handling and Windows path in the GUI
* 32bit and 64bit TAP adapter installation and deinstallation from client


tools\chocolateyInstall.ps1
$packageName= 'securepointsslvpn'
$toolsDir   = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
$url        = 'https://github.com/Securepoint/openvpn-client/releases/download/2.0.21/openvpn-client-installer-2.0.21.exe'
$checksum   = '843f11b744deeeeb928bb8c4109f74c88a81c152cc69279e3585b2dbc19fc9798b9ba30fdc4d90b4ddef08a506b884b4dbd3ab2c1b8f3560c22dc79576717b19'

# Load custom functions
. "$toolsDir\utils\utils.ps1"

# The installer is bundled with an msi file, with certificates and with C++
# runtimes. We can't get the msi file directly. We have to run the
# installer executable first, then select the language and click OK.
# Just after, the .msi is unpacked to the %temp% directory under the
# following filename: SecurepointSSLVPN.msi

# The msi file provides several controls to customize the installation.
# After the msi file is unpacked. The installer immediately runs cmd which
# runs the msiexec which itself runs the .msi file.

# When this is the first installation, the user can customize the installation
# with the controls mentionned above. However, when the msi file has been
# already installed, the msi installation does not provide any way to control
# the install process anymore. The installation is run again automatically
# without anyway to control the process.

# Our initial purpose was to recover the msi file and execute it silently.
# First, we needed to kill the initial msi file. When the msi returns, the
# cmd and the installer processes quit immediately.

# However, when the msi file has already been installed, this causes several
# issues:
# - First, we cannot kill the msi file properly.
# - Second, reinstalling the msi when it has a filename different than the
#   msi product name, we are running into a 1316 error. "The product code
#   must be changed if any of the following are true for the update: [...]
#   The name of the .msi file has been changed."
#   We thus need to keep the filename securepointsslvpn.msi (not case
#   sensitive). src.: http://stackoverflow.com/a/21987987/3514658

# This is why we will first remove the previous installation to avoid issues.

# But first we need to receover the services state.
Write-Host "Getting the state of the current Securepoint VPN service (if any)..."
# Needed to reset the state of the service if upgrading from a previous version
try {
    $previousService = GetServiceProperties "Securepoint VPN"
} catch {
    Write-Host "No previous Securepoint VPN service detected."
}

Write-Host "Removing the previous installation to avoid issues..."
. "$toolsDir\chocolateyUninstall.ps1"

# To select the language in the installer, we need to use AutoIT scripts.
# Use AU3Info.exe to get Win32 control names. src.: https://goo.gl/Ndytjn
# If installed with chocolatey (autoit.commandline), AutoIT is installed as
# a Chocolatey dependency at:
# C:\ProgramData\Chocolatey\lib\autoit.commandline\tools\install
# In order to get the documentation of the AutoIt PowerShell cmdlets, we need
# to import the module with Import-Module.
# Import-Module C:\ProgramData\chocolatey\lib\autoit.commandline\tools\install\AutoItX\AutoItX.psd1
# The imported modules are only valid for the current script session.
Import-Module "$toolsDir\..\..\autoit.commandline\tools\install\AutoItX\AutoItX.psd1"
if (!(Get-Command 'Invoke-AU3Run' -ErrorAction SilentlyContinue)) {
    throw "The AutoItX PowerShell module was not imported properly."
}

Write-Host "Downloading package installer..."
$packageFileName = Get-ChocolateyWebFile `
    -PackageName $packageName `
    -FileFullPath $(Join-Path $(CreateTempDirPackageVersion) "$($packageName)Install.exe")`
    -Url $url `
    -Checksum $checksum `
    -ChecksumType 'sha512'

Write-Host "Trying to recover the MSI file..."
# Invoke-AU3Run returns an Int32 corresponding to the PID of the process
[Int32]$installerPid = Invoke-AU3Run -Program "$packageFileName"
Wait-AU3Win -Title "SSLVPN Installer" | Out-Null
$winHandle = Get-AU3WinHandle -Title "SSLVPN Installer"
# Get the focus on the window
Show-AU3WinActivate -WinHandle $winHandle | Out-Null
# Even if we could override the language using the parameters to the msi file,
# we needed to detect text in the msi file run just after (we want English).
$controlHandle = Get-AU3ControlHandle -WinHandle $winHandle -Control Button3
Invoke-AU3ControlClick -WinHandle $winHandle -ControlHandle $controlHandle | Out-Null
# Press Enter as the OK button has the focus. 
Send-AU3Key -Key "{ENTER}" | Out-Null

Write-Host "Waiting for the MSI installer to launch..."
Wait-AU3Win -Title "Securepoint SSL VPN Setup" | Out-Null

Write-Host "Copying the MSI installer..."
# Do not use the environment variable, as the latter might get redefined (which
# happens in AppVeyor for example) and some installers might use the default
# TEMP location instead.
#$([Environment]::ExpandEnvironmentVariables('%TEMP%')) 
$msiTempFile = Join-Path `
    $([System.IO.Path]::GetTempPath()) `
    'SecurepointSSLVPN.msi'
$msiPermanentFile = Join-Path `
    $(CreateTempDirPackageVersion) `
    "$($packageName)Install.msi"
# Copy it to C:\Users\<user>\AppData\Local\Temp\chocolatey\securepointsslvpn\<version>
# Prevent to continue if the copy fails. By default every command relies on
# the $ErrorActionPreference. By default the latter is set on Continue (tested).
Copy-Item -Path "$msiTempFile" -Destination "$msiPermanentFile" -ErrorAction Stop

Write-Host "Killing the non silent MSI installer..."
[array]$childPid = GetChildPid -id $installerPid
Write-Debug "installer PID: $installerPid"
if ($childPid.Count -eq 0) {
    throw "Unable to find the pid of the cmd executable run by the installer."
}
Write-Debug "cmd PID: $($childPid[0].ProcessId)"
[array]$childPid = GetChildPid -id $childPid[0].ProcessId
if ($childPid.Count -eq 0) {
    throw "Unable to find the pid of the msiexec executable run by the cmd process."
}
# cmd has several childs PID. The PID of msiexec is usually the second one.
# Just to be sure, we are gonna kill all cmd childs.
$cmdChilds = $($childPid.Count)
Write-Debug "cmd childs number: $cmdChilds"
for ($i = 0; $i -lt $cmdChilds; $i++) {
    Write-Debug "Killing PID: $($childPid[$i].ProcessId)"
    Stop-Process -Id $childPid[$i].ProcessId -Force
}

Write-Host "Installing silently the recovered MSI installer..."
$packageArgs = @{
    packageName   = $packageName
    fileType      = 'msi'
    file          = $msiPermanentFile

    #MSI
    silentArgs    = "TRANSFORMS=`":en-us.mst`" /qn /norestart /l*v `"$($env:TEMP)\$($packageName).$($env:chocolateyPackageVersion).MsiInstall.log`"" # ALLUSERS=1 DISABLEDESKTOPSHORTCUT=1 ADDDESKTOPICON=0 ADDSTARTMENU=0
    validExitCodes= @(0, 3010, 1641)
    softwareName  = $packageName
}
Install-ChocolateyInstallPackage @packageArgs

if ($previousService) {
    Write-Host "Resetting previous Securepoint VPN service to " `
        "'$($previousService.status)' and " `
        "'$($previousService.startupType)'..."
    SetServiceProperties `
        -name "Securepoint VPN" `
        -status "$($previousService.status)" `
        -startupType "$($previousService.startupType)"
}
tools\chocolateyUninstall.ps1
$packageName = 'securepointsslvpn'
$softwareName = 'Securepoint*SSL*VPN*'
$installerType = 'msi'  

$silentArgs = '/qn /norestart'
$validExitCodes = @(0, 3010, 1605, 1614, 1641)

$uninstalled = $false
# Get-UninstallRegistryKey is new to 0.9.10, if supporting 0.9.9.x and below,
# take a dependency on "chocolatey-uninstall.extension" in your nuspec file.
# This is only a fuzzy search if $softwareName includes '*'. Otherwise it is 
# exact. In the case of versions in key names, we recommend removing the version
# and using '*'.
[array]$key = Get-UninstallRegistryKey -SoftwareName $softwareName

if ($key.Count -eq 1) {
    $key | % { 
        $file = "$($_.UninstallString)"

        if ($installerType -eq 'MSI') {
            # The Product Code GUID is all that should be passed for MSI, and very 
            # FIRST, because it comes directly after /x, which is already set in the 
            # Uninstall-ChocolateyPackage msiargs (facepalm).
            $silentArgs = "$($_.PSChildName) $silentArgs"

            # Don't pass anything for file, it is ignored for msi (facepalm number 2) 
            # Alternatively if you need to pass a path to an msi, determine that and 
            # use it instead of the above in silentArgs, still very first
            $file = ''
        }

        Uninstall-ChocolateyPackage -PackageName $packageName `
                                    -FileType $installerType `
                                    -SilentArgs "$silentArgs" `
                                    -ValidExitCodes $validExitCodes `
                                    -File "$file"
    }
} elseif ($key.Count -eq 0) {
    Write-Warning "$packageName has already been uninstalled by other means."
} elseif ($key.Count -gt 1) {
    Write-Warning "$key.Count matches found!"
    Write-Warning "To prevent accidental data loss, no programs will be uninstalled."
    Write-Warning "Please alert package maintainer the following keys were matched:"
    $key | % {Write-Warning "- $_.DisplayName"}
}
tools\utils\.git
 
tools\utils\README.md
# Chocolatey custom functions

The current development state of Chocolatey and the fact we have to support old Windows versions leads us to require some quirks or to reinvent the wheel at each Chocolatey package we write.

This repository aims at gathering some generic PowerShell 2.0 functions to be used with Chocolatey.

These are intended to work only for Chocolatey, although you can take inspiration from this work to write your own PowerShell functions.

## Features

* CreateTempDirPackageVersion
* PrintWhenVerbose
* GetServiceProperties
* SetServiceProperties
* CheckPGPSignature
* GetCertificateInfo
* AddTrustedPublisherCertificate
* RemoveTrustedPublisherCertificate

To see how these commands/functions work, simply read the documentation in the source file.

## Testing

Some functions can be tested outside Chocolatey only if these are not too tied to Chocolatey internals. To test these functions outside of Chocolatey, just copy them to another file and run the following command:

    powershell -ExecutionPolicy Unrestricted -File .\utils.ps1

Please note these functions come as a bundle and are not intended to be used as a standalone solution.

## Contributions

If you have comments to make or push requests to submit, you are welcome to contribute to this repository.

## License

[As Apache 2 software can be included in GPLv3 projects, but GPLv3 software cannot be included in Apache projects](https://www.apache.org/licenses/GPL-compatibility.html) and in order to comply with [NuGet](https://www.nuget.org/policies/About) and Chocolatey licenses, this software is licensed under the terms of the Apache License 2.0.
tools\utils\utils.ps1
function CreateTempDirPackageVersion {
<#
.DESCRIPTION
Create a temporary folder in current user temporary location. The folder name
has the name of the package name and version (if any).

.OUTPUTS
The location to the created directory

.NOTES
This function is based on part of the code of the command
Install-ChocolateyPackage
src.: https://goo.gl/jUpwOQ
#>
    $chocTempDir = $env:TEMP
    $tempDir = Join-Path $chocTempDir "$($env:chocolateyPackageName)"
    if ($env:chocolateyPackageVersion -ne $null) {
        $tempDir = Join-Path $tempDir "$($env:chocolateyPackageVersion)"
    }
    $tempDir = $tempDir -replace '\\chocolatey\\chocolatey\\', '\chocolatey\'

    if (![System.IO.Directory]::Exists($tempDir)) {
        [System.IO.Directory]::CreateDirectory($tempDir) | Out-Null
    }

    return $tempDir
}

function PrintWhenVerbose {
<#
.DESCRIPTION
Display the string passed as argument if chocolatey has been run in debug or
verbose mode. The string argument is cut automatically and each line is
prefixed by the "VERBOSE: " statement thanks to the call of Write-Verbose
cmdlet.

.PARAMETER string
The string to display in verbose mode
#>
    param (
        [Parameter(Position=0)]
        [string]
        $string
    )

    # Display the output of the executables if chocolatey is run either in debug
    # or in verbose mode.
    if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
        $env:ChocolateyEnvironmentVerbose -eq 'true') {

        $stringReader = New-Object System.IO.StringReader("$string")
        while (($line = $stringReader.ReadLine()) -ne $null) {
           Write-Verbose "$line"
        }
    }
}

function GetServiceProperties {
<#
.DESCRIPTION
Get service properties

.OUTPUTS
An object made of the following fields:
- name (string)
- status (string)
- startupType (string)
- delayedStart (bool)
#>
    param (
        [Parameter(Mandatory=$true)][string]$name
    )

    # Lets return our own object.
    # src.: http://stackoverflow.com/a/12621314
    $properties = "" | Select-Object -Property name,status,startupType,delayedStart

    # Get-Service is not throwing an exception when the service name
    # contains * (asterisks) and the service is not found. Prevent that.
    if ($name -cmatch "\*") {
        Write-Warning "Asterisks have been discarded from the service name '$name'"
        $name = $name -Replace "\*",""
    }

    # The Get-Service Cmdlet returns a System.ServiceProcess.ServiceController
    # Get-Service throws an exception when the exact case insensitive service
    # is not found. Therefore, there is no need to make any further checks.
    $service = Get-Service "$name" -ErrorAction Stop

    # Correct to the exact service name
    if ($name -cnotmatch $service.Name) {
        Write-Debug "The service name '$name' has been corrected to '$($service.Name)'"
    }
    $properties.name = $service.Name

    # Get the service status. The Status property returns an enumeration
    # ServiceControllerStatus src.: https://goo.gl/oq8Bbx
    # This cannot be tested directly from CLI as the .NET assembly is not
    # loaded, we get an exception
    [array]$statusAvailable = [enum]::GetValues([System.ServiceProcess.ServiceControllerStatus])
    if ($statusAvailable -notcontains "$($service.Status)") {
        $errorString = "The status '$service.status' must be '"
        $errorString += $statusAvailable -join "', '"
        $errorString += "'"
        throw "$errorString"
    }

    $properties.status = $service.Status

    # The property StartType of the class System.ServiceProcess.ServiceController
    # might not available in the .NET Framework when used with PowerShell 2.0
    # (cf. https://goo.gl/5NDtZJ). This property has been made available since
    # .NET 4.6.1 (src.: https://goo.gl/ZSvO7B).
    # Since we cannot rely on this property, we need to find another solution.
    # While WMI is widely available and working, let's parse the registry;
    # later we will need an info exclusively storred in it.

    # To list all the properties of an object:
    # $services[0] | Get-ItemProperty
    $service = Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\$name
    if (!$service) {
        throw "The service '$name' was not found using the registry"
    }

    # The values are the ones defined in
    # [enum]::GetValues([System.ServiceProcess.ServiceStartMode])
    switch ($service.Start) {
        2 { $properties.startupType = "Automatic" }
        3 { $properties.startupType = "Manual" }
        4 { $properties.startupType = "Disabled" }
        default { throw "The startup type is invalid" }
    }

    # If the delayed flag is not set, there is no record DelayedAutoStart to the
    # object.
    if ($service.DelayedAutoStart) {
        $properties.delayedStart = $true
    } else {
        $properties.delayedStart = $false
    }

    return $properties
}

function SetServiceProperties {
<#
.DESCRIPTION
Set service properties supporting delayed services

.PARAMETER name
The service name

.PARAMETER status
One of the following service status:
- 'Stopped'
- 'StartPending'
- 'StopPending'
- 'Running'
- 'ContinuePending'
- 'PausePending'
- 'Paused'

.PARAMETER startupType
One of the following service startup type:
- 'Automatic (Delayed Start)'
- 'Automatic'
- 'Manual'
- 'Disabled'
#>
    param (
        # By default parameter are positional, this means the parameter name
        # can be omitted, but needs to repect the order in which the arguments
        # are declared, except if the PositionalBinding is set to false.
        # src.: https://goo.gl/UpOU62
        [Parameter(Mandatory=$true)][string]$name,
        [Parameter(Mandatory=$true)][string]$status,
        [Parameter(Mandatory=$true)][string]$startupType
    )

    try {
        $service = GetServiceProperties "$name"
    } catch {
        throw "The service '$name' cannot be found"
    }

    if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
        $env:ChocolateyEnvironmentVerbose -eq 'true') {
        Write-Verbose "Before SetServicesProperties:"
        if ($service.delayedStart) {
            Write-Verbose "Service '$($service.name)' was '$($service.status)', with '$($service.startupType)' startup type and delayed"
        } else {
            Write-Verbose "Service '$($service.name)' was '$($service.status)', with '$($service.startupType)' startup type"
        }
    }

    # src.: https://goo.gl/oq8Bbx
    [array]$statusAvailable = [enum]::GetValues([System.ServiceProcess.ServiceControllerStatus])
    if ($statusAvailable -notcontains "$status") {
        $errorString = "The status '$status' must be '"
        $errorString += $statusAvailable -join "', '"
        $errorString += "'"
        throw "$errorString"
    }

    if ($startupType -ne "Automatic (Delayed Start)" -and
        $startupType -ne "Automatic" -and
        $startupType -ne "Manual" -and
        $startupType -ne "Disabled") {
        throw "The startupType '$startupType' must either be 'Automatic (Delayed Start)', 'Automatic', 'Manual' or 'Disabled'"
    }

    # Set delayed auto start
    if ($startupType -eq "Automatic (Delayed Start)") {

        # (src.: https://goo.gl/edhCxm and https://goo.gl/NyVXxM)
        # Modifying the registry does not change the value in services.msc,
        # using sc.exe does. sc.exe uses the Windows NT internal functions
        # OpenServiceW and ChangeServiceConfigW. We could use it in PowerShell,
        # but it would requires a C++ wrapper imported in C# code with
        # DllImport, the same C# code imported in PowerShell. While this is
        # doable, this is way slower than calling the sc utility directly.
        # Set-ItemProperty -Path "Registry::HKLM\System\CurrentControlSet\Services\$($service.Name)" -Name DelayedAutostart -Value 1 -Type DWORD
        # An .exe can be called directly but ensuring the exit code and
        # stdout/stderr are properly redirected can only be checked with
        # this code.
        $psi = New-object System.Diagnostics.ProcessStartInfo
        $psi.CreateNoWindow = $true
        $psi.UseShellExecute = $false
        $psi.RedirectStandardInput = $true
        $psi.RedirectStandardOutput = $true
        $psi.RedirectStandardError = $true
        $process = New-Object System.Diagnostics.Process
        $process.StartInfo = $psi
        $psi.FileName = 'sc.exe'
        $psi.Arguments = "Config ""$($service.Name)"" Start= Delayed-Auto"
        # The [void] casting is actually needed to avoid True or False to be displayed
        # on stdout.
        [void]$process.Start()
        #PrintWhenVerbose $process.StandardOutput.ReadToEnd()
        #PrintWhenVerbose $process.StandardError.ReadToEnd()
        $process.WaitForExit()
        if (!($process.ExitCode -eq 0)) {
            throw "Unable to set the service '$($service.Name)' to a delayed autostart."
        }
    } else {
        # Make sure the property DelayedAutostart is reset otherwise
        # GetServiceProperties could report a service as Manual and delayed
        # which is not possible.
        Set-ItemProperty `
        -Path "Registry::HKLM\System\CurrentControlSet\Services\$($service.Name)" `
        -Name DelayedAutostart -Value 1 -Type DWORD -ErrorAction Stop
    }

    # Cast "Automatic (Delayed Start)" to "Automatic" to have a valid name
    if ($startupType -match "Automatic (Delayed Start)") {
        $startupType = "Automatic"
    }

    # Set-Service cannot stop services properly and complains the service is
    # dependent on other services, which seems to be wrong.
    # src.: http://stackoverflow.com/a/39811972/3514658
    if ($status -eq "Stopped") {
        Stop-Service "$($service.Name)" -ErrorAction Stop
    }

    Set-Service -Name "$($service.Name)" -StartupType "$startupType" -Status "$status" -ErrorAction Stop

    if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
        $env:ChocolateyEnvironmentVerbose -eq 'true') {
        $service = GetServiceProperties "$name"
        Write-Verbose "After SetServicesProperties:"
        if ($service.delayedStart) {
            Write-Verbose "Service '$($service.name)' now '$($service.status)', with '$($service.startupType)' startup type and delayed"
        } else {
            Write-Verbose "Service '$($service.name)' now '$($service.status)', with '$($service.startupType)' startup type"
        }
    }
}

function CheckPGPSignature {
<#
.DESCRIPTION
Check the signature of a file using the public key and signatures provided.

.PARAMETER pgpKey
The path and file name to PGP public key to check the signature.

.PARAMETER signatureFile
The path and file name to the signature file. The signature file must keep
its original filename if the argument 'file' is not specified.

.PARAMETER file (optional)
GPG can find the filename of the file to check by itself, only if the
signatureFile has its original file name. What GnuPG does is to retrieve the
filename of the file to check is to remove the .asc suffix from the
signature file.
#>
    param (
        [Parameter(Mandatory=$true)][string]$pgpKey,
        [Parameter(Mandatory=$true)][string]$signatureFile,
        [Parameter(Mandatory=$false)][string]$file
    )

    # Get-Command throws an error message but continues execution, ask to
    # continue without message at all.
    if (!(Get-Command 'gpg.exe' -ErrorAction SilentlyContinue)) {
        throw "Unable to find the GnuPG executable 'gpg.exe'."
    }

    # Check if folder or path exists. Work for files as well.
    if (!(Test-Path "$pgpKey")) {
        throw "Unable to find the PGP key '$pgpKey'."
    }

    if (!(Test-Path "$signatureFile")) {
        throw "Unable tofind the PGP signature file '$signatureFile'."
    }

    if ($file -and !(Test-Path "$file")) {
        throw "Unable to find the file '$file'."
    }

    # Get temporary folder for the keyring
    # src.: http://stackoverflow.com/a/34559554/3514658
    $tempDirKeyring = Join-Path $(Split-Path $pgpKey) $([System.Guid]::NewGuid())
    [System.IO.Directory]::CreateDirectory($tempDirKeyring) | Out-Null

    $psi = New-object System.Diagnostics.ProcessStartInfo
    $psi.CreateNoWindow = $true
    $psi.UseShellExecute = $false
    $psi.RedirectStandardInput = $true
    $psi.RedirectStandardOutput = $true
    $psi.RedirectStandardError = $true
    $process = New-Object System.Diagnostics.Process
    $process.StartInfo = $psi

    Write-Debug "Importing PGP key '$pgpKey' in the temporary keyring ($tempDirKeyring\pubring.gpg)..."
    # Simply invoing the command gpg.exe and checking the value of $? was not
    # enough. Using the following method worked and was indeed more reliable.
    # src.: https://goo.gl/Ungugv
    $psi.FileName = 'gpg.exe'
    # Surrounding filenames by 2 double quotes is needed, otherwise of the user
    # folder has a space in it, the space is not taken into account and gpg cannot
    # find the signed data to verify.
    if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
        $env:ChocolateyEnvironmentVerbose -eq 'true') {
        $psi.Arguments = "-v --homedir ""$tempDirKeyring"" --import ""$pgpKey"""
    } else {
        $psi.Arguments = "--homedir ""$tempDirKeyring"" --import ""$pgpKey"""
    }
    # The [void] casting is actually needed to avoid True or False to be displayed
    # on stdout.
    [void]$process.Start()
    PrintWhenVerbose $process.StandardOutput.ReadToEnd()
    PrintWhenVerbose $process.StandardError.ReadToEnd()
    $process.WaitForExit()
    if (!($process.ExitCode -eq 0)) {
        throw "Unable to import PGP key '$pgpKey' in the temporary keyring ($tempDirKeyring\pubring.gpg)."
    }

    # This step is actually facultative. It avoids to have this kind of warning
    # by trusting ultimately the key with the highest level available (level 5,
    # number 6, used for the ultimate/owner trust, a level used for own keys.
    # gpg: WARNING: This key is not certified with a trusted signature!
    # gpg:          There is no indication that the signature belongs to the owner.
    Write-Debug "Getting the fingerprint of the PGP key '$pgpKey'..."
    $psi.FileName = 'gpg.exe'
    if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
        $env:ChocolateyEnvironmentVerbose -eq 'true') {
        $psi.Arguments = "-v --homedir ""$tempDirKeyring"" --with-fingerprint --with-colons ""$pgpKey"""
    } else {
        $psi.Arguments = "--homedir ""$tempDirKeyring"" --with-fingerprint --with-colons ""$pgpKey"""
    }
    # Get the full fingerprint of the key
    [void]$process.Start()
    # src.: http://stackoverflow.com/a/8762068/3514658
    $pgpFingerprint = $process.StandardOutput.ReadToEnd()
    $process.WaitForExit()
    $pgpFingerprint = $pgpFingerprint -split ':'
    $pgpFingerprint = $pgpFingerprint[18]

    Write-Debug "Trusting the PGP key '$pgpKey' ultimately based on its fingerprint '$pgpFingerprint'..."
    $psi.FileName = 'gpg.exe'
    if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
        $env:ChocolateyEnvironmentVerbose -eq 'true') {
        $psi.Arguments = "-v --homedir ""$tempDirKeyring"" --import-ownertrust"
    } else {
        $psi.Arguments = "--homedir ""$tempDirKeyring"" --import-ownertrust"
    }
    [void]$process.Start()
    # Specify the fingerprint and the trust level to stdin
    # e.g.: ABCDEF01234567890ABCDEF01234567890ABCDEF:6:
    $input = $process.StandardInput
    $input.WriteLine($pgpFingerprint + ":6:")
    # Not written until the stream is closed. If not closed, the process will
    # still run and the software will hang.
    # src.: https://goo.gl/5oYgk4
    $input.Close()
    $process.WaitForExit()

    Write-Debug "Checking PGP signature..."
    $psi.FileName = 'gpg.exe'
    if ($env:ChocolateyEnvironmentDebug -eq 'true' -or
        $env:ChocolateyEnvironmentVerbose -eq 'true') {
        if ($file) {
            $psi.Arguments = "-v --homedir ""$tempDirKeyring"" --verify ""$signatureFile"" ""$file"""
        } else {
            $psi.Arguments = "-v --homedir ""$tempDirKeyring"" --verify ""$signatureFile"""
        }
    } else {
        if ($file) {
            $psi.Arguments = "--homedir ""$tempDirKeyring"" --verify ""$signatureFile"" ""$file"""
        } else {
            $psi.Arguments = "--homedir ""$tempDirKeyring"" --verify ""$signatureFile"""
        }
    }
    [void]$process.Start()
    PrintWhenVerbose $process.StandardOutput.ReadToEnd()
    PrintWhenVerbose $process.StandardError.ReadToEnd()
    $process.WaitForExit()
    if (!($process.ExitCode -eq 0)) {
        throw "The signature does not match."
    }
}

function GetCertificateInfo {
<#
.DESCRIPTION
Return a X509Certificate object.
This function has ben implemented in a polymorphic way. Either we specify
a file or we specify a store and a certificate fingerprint.

Usage 1: Specify a file to open as a X509 certificate.

Usage 2: Specify a store and a certificate fingerprint to search for.

.PARAMETER file (usage 1)
The path and file name to the certificate file.

.PARAMETER store (usage 2)
The certificate store (X509Store object) which has been previously opened.

.PARAMETER fingerprint (usage 2)
The fingerprint of the certificate to search for from the certificate store.

.OUTPUTS
A X509Certificate object cf. https://goo.gl/VRuWkL to see the documentation
#>
    param (
        [Parameter(Mandatory=$true, ParameterSetName="file")]
        [string]$file,
        [Parameter(Mandatory=$true, ParameterSetName="fingerprint")]
        [System.Security.Cryptography.X509Certificates.X509Store]$store,
        [Parameter(Mandatory=$true, ParameterSetName="fingerprint")]
        [string]$fingerprint
    )

    switch ($PsCmdlet.ParameterSetName) {
        "file" {
            # New-Object does not respect the rule -ErrorAction
            # src.: https://goo.gl/bzXAL0
            try {
                $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate `
                -ArgumentList "$file"
            } catch {
                throw "Unable to open the X509certificate '$file'"
            }
        }
        "fingerprint" {
            # Sanitize the fingerprint
            if ($fingerprint) {
                $fingerprint = $fingerprint.replace(' ','')
            }

            $certificates = New-Object `
            System.Security.Cryptography.X509Certificates.X509CertificateCollection `
            -ArgumentList $store.Certificates

            $i = 0
            while ($i -lt $certificates.Count) {
                if ("$($certificates.item($i).GetCertHashString())" -eq "$fingerprint") {
                    $cert = $certificates.item($i)
                    break
                }
                $i++
            }
            if ($i -gt $certificates.Count) {
                throw "Unable to find the certificate in the store '$($store.Name)' at location '$($store.Location)'"
            }
        }
    }

    return $cert
}

function AddTrustedPublisherCertificate {
<#
.DESCRIPTION
Adds a X509 certificate to the TrustedPublisher certificate store.

.PARAMETER file (usage 1)
The path and file name to the certificate file.

.NOTES
Sometimes setup executables try to install autosigned drivers. Windows asks us
if we want to trust the certificate from the software publisher. In order to
have a complete silent install, it is needed to add that certificate to the
Windows TrustedPublisher keystore.

In order to recover that certificate for firther use, we have to
- Install the driver accepting the certificate
- Tick the checkbox "Always trust software from "Software Publisher, Inc.""
- As by default, only certificates of the local users are displayed in the
  certificate manager, we need to add the view for the whole computer first.
  For that, we need to run the Microsoft Management Console, run mmc.exe
- Then go to "File -> Add/Remove Snap-in..."
- Select "Certificates" from the left list view then run certmgr.msc,
- Click the "Add >" button at the center of the window
- Select the "Computer account" radio button
- Click the "Next >" button
- Click the "Finish" button
- Click the "OK" button
- Expand "Certificates (Local Computer) -> Trusted Publishers -> Certificates"
- Right click the "OpenVPN Technologies, Inc." certificate
- Select "All Tasks -> Export..."
- Click the "Next >" button
- Select the "Base64 encoded x.509 (.CER)" radio button
- Click the "Next" button
- Select a destination and a filename you wish to save the certificate
- Click the "Next >" button
- Click the "Finish" button
- Click the "OK" button from the confirmation dialog box

The certificate is now in the location specified.
src.: https://goo.gl/o3BVGJ
Next time we install the same piece of software, even if we remove that
certificate, Windows will not ask us to confirm the installation as the
driver is cached in the Drivers Store (C:\Windows\Inf).

To simulate a first install we need to remove the cached drivers as well.
src.: https://goo.gl/Zbcs6T
#>
    param (
        [Parameter(Mandatory=$true)][string]$file
    )

    $cert = GetCertificateInfo -file "$file"

    $store = New-Object System.Security.Cryptography.X509Certificates.X509Store `
    -ArgumentList ([System.Security.Cryptography.X509Certificates.StoreName]::TrustedPublisher,`
    [System.Security.Cryptography.X509Certificates.StoreLocation]::LocalMachine)

    $store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)

    $store.Add($cert)
    $store.Close()
}

function RemoveTrustedPublisherCertificate {
<#
.DESCRIPTION
Removes a X509 certificate from the TrustedPublisher certificate store.
This function has ben implemented in a polymorphic way. Either we specify
a file or we specify a certificate fingerprint.

Usage 1: Specify a file to remove a X509 certificate from the certificate
         store.

Usage 2: Specify a certificate fingerprint to remove the certificate
         corresponding to that certificate fingerprint.

.PARAMETER file (usage 1)
The path and file name to the certificate file.

.PARAMETER fingerprint (usage 2)
The fingerprint of the certificate to remove from the certificate store.
#>
    param (
        [Parameter(Mandatory=$true, ParameterSetName="file")]
        [string]$file,
        [Parameter(Mandatory=$true, ParameterSetName="fingerprint")]
        [string]$fingerprint
    )

    $store = New-Object System.Security.Cryptography.X509Certificates.X509Store `
    -ArgumentList ([System.Security.Cryptography.X509Certificates.StoreName]::TrustedPublisher,`
    [System.Security.Cryptography.X509Certificates.StoreLocation]::LocalMachine)

    $store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)

    switch ($PsCmdlet.ParameterSetName) {
        "file" {
            $cert = GetCertificateInfo -file "$file"
        }
        "fingerprint" {
            $cert = GetCertificateInfo -store $store -fingerprint "$fingerprint"
        }
    }

    $store.Remove($cert)
    $store.Close()
}

<#
.DESCRIPTION
Get the childs processes of the process pid passed as argument.

.PARAMETER string
The PID of the process to search for the subprocesses.

.OUTPUTS
An array of Win32_Process objects
#>
function GetChildPid {
    param (
        [Parameter(Mandatory=$true)][Int32]$id
    )

    [array]$result = Get-WmiObject -Class Win32_Process -Filter "ParentProcessID=$id"
    return $result
}

Log in or click on link to see number of positives.

In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).

Chocolatey Pro provides runtime protection from possible malware.

Version Downloads Last Updated Status
Securepoint SSL VPN Client 2.0.25 594 Saturday, March 23, 2019 Approved
Securepoint SSL VPN Client 2.0.22 790 Thursday, July 12, 2018 Approved
Securepoint SSL VPN Client 2.0.21 1151 Wednesday, October 4, 2017 Approved
Securepoint SSL VPN Client 2.0.18 1655 Monday, February 13, 2017 Approved
Securepoint SSL VPN 1.0.3.1 595 Monday, June 9, 2014 Approved
Securepoint SSL VPN 1.0.3 398 Monday, June 9, 2014 Approved

Discussion for the Securepoint SSL VPN Client Package

Ground Rules:

  • This discussion is only about Securepoint SSL VPN Client and the Securepoint SSL VPN Client package. If you have feedback for Chocolatey, please contact the Google Group.
  • This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
  • The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
  • Tell us what you love about the package or Securepoint SSL VPN Client, or tell us what needs improvement.
  • Share your experiences with the package, or extra configuration or gotchas that you've found.
  • If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.
comments powered by Disqus