blob: 2e9dd1db28b733f98e0cf158e31f0676831ebc31 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
#!/bin/bash
declare -A connections=( ["shigoto"]="shigoto/vpn" ["ucell"]="shigoto/ucell/vpn" ["ums"]="shigoto/ums/vpn" ["telekomsrbija"]="shigoto/telekomsrbija/vpn" )
function get_from_pass () {
pass show "$1" | grep "^$2:" | sed -r "s|^$2: ||g"
}
[[ $# < 1 ]] && echo -e "Please specify a VPN connection profile.\nOptions:\n$( for conn in "${!connections[@]}"; do echo "$conn"; done)" && exit -1
passentry="${connections["$1"]}"
[[ -z $passentry ]] && echo -e "ERROR. VPN CONNECTION PROFILE NOT FOUND\nOptions:\n$( for conn in "${!connections[@]}"; do echo "$conn"; done)" && exit -2
CONN_NAME="$( get_from_pass "$passentry" "name" )"
if [[ "$( nmcli c s | grep "$CONN_NAME" | sed -r "s|.*\s+([^ ]+)\s+|\1|g" )" != "--" ]]; then
echo "ALREADY CONNECTED. DISCONNECTING..."
nmcli con down "$CONN_NAME"
else
CONN_GATEWAY="$( get_from_pass "$passentry" "gateway" )"
CONN_CERTIFICATE="$( get_from_pass "$passentry" "certificate" )"
CONN_USERAGENT="$( get_from_pass "$passentry" "useragent" )"
[[ -n $CONN_CERTIFICATE ]] && CERTFLAG="--servercert $CONN_CERTIFICATE" || CERTFLAG=""
[[ -n $CONN_USERAGENT ]] && USERAGENT="--useragent $CONN_USERAGENT" || USERAGENT=""
CONN_USERNAME="$( get_from_pass "$passentry" "username" )"
CONN_PASSWORD="$( pass $passentry | head -n1 )"
echo "CONNECTING... "
if get_from_pass "$passentry" "OTP" | grep -q "yes"; then
eval ` { echo "$CONN_PASSWORD"; read OTP; echo "$OTP"; } | openconnect $USERAGENT -u "$CONN_USERNAME" --passwd-on-stdin $CERTFLAG --authenticate $CONN_GATEWAY `
# eval ` echo "$CONN_PASSWORD" | cat - /dev/tty | openconnect $USERAGENT -u "$CONN_USERNAME" --passwd-on-stdin $CERTFLAG --authenticate $CONN_GATEWAY `
else
eval ` echo "$CONN_PASSWORD" | openconnect $USERAGENT -u "$CONN_USERNAME" --passwd-on-stdin $CERTFLAG --authenticate $CONN_GATEWAY `
fi
if [ -z "$COOKIE" ]; then
echo "ERROR: NO COOKIE"
exit 1
else
nmcli con up "$CONN_NAME" passwd-file /proc/self/fd/5 5< <( printf "%s\n%s\n%s\n%s" "vpn.secrets.cookie:$COOKIE" "vpn.secrets.gwcert:$FINGERPRINT" "vpn.secrets.gateway:$CONN_GATEWAY" "vpn.secrets.resolve:$RESOLVE" )
fi
fi
|
