From 62c7a61dd2c46a6bfdd199a550571c701b16ab31 Mon Sep 17 00:00:00 2001
From: Janis Hutz <development@janishutz.com>
Date: Thu, 20 Mar 2025 13:12:22 +0100
Subject: [PATCH] Add ETHZ-VPN script by Glib

---
 general/scripts/ethz-vpn | 59 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100755 general/scripts/ethz-vpn

diff --git a/general/scripts/ethz-vpn b/general/scripts/ethz-vpn
new file mode 100755
index 0000000..7343ede
--- /dev/null
+++ b/general/scripts/ethz-vpn
@@ -0,0 +1,59 @@
+#!/usr/bin/env bash
+
+connect() {
+	read -sp $'Please type in your Encryption Password:\n' encpass
+	TOKEN=$(cat ~/.local/share/ethz-vpn-connect/ethzvpntoken.secret | openssl enc -aes-256-cbc -pbkdf2 -d -a -k $encpass)
+	PASSWORD=$(cat ~/.local/share/ethz-vpn-connect/ethzvpnpass.secret | openssl enc -aes-256-cbc -pbkdf2 -d -a -k $encpass)
+	USERNAME=$(cat ~/.local/share/ethz-vpn-connect/ethzvpnusername.txt)
+	echo $PASSWORD | sudo openconnect -b -u $USERNAME@student-net.ethz.ch -g student-net --useragent=AnyConnect --passwd-on-stdin --token-mode=totp --token-secret=sha1:base32:$TOKEN sslvpn.ethz.ch
+	encpass=""
+	PASSWORD=""
+	TOKEN=""
+}
+
+disconnect() {
+	sudo killall -v -SIGINT openconnect #add -i option to ask for confirmation, usefull if running multible openconnect.
+}
+
+setup() {
+	echo 'You are about to overwrite your secrets. Press ctrl + C to cancel.'
+	read -p $'Please type in your Username: ' USERNAME
+    echo 'Ok!'
+	read -sp $'Please type in your Encryption Password: ' encpass
+    echo 'Ok!'
+	read -sp $'Please type in your ETHZ WLAN Password: ' PASSWORD
+    echo 'Ok!'
+	read -sp $'Please type in your ETHZ OTP Secret: ' TOKEN
+	mkdir ~/.local/share/ethz-vpn-connect
+	echo $PASSWORD | openssl enc -aes-256-cbc -pbkdf2 -a -k $encpass >~/.local/share/ethz-vpn-connect/ethzvpnpass.secret
+	echo $TOKEN | openssl enc -aes-256-cbc -pbkdf2 -a -k $encpass >~/.local/share/ethz-vpn-connect/ethzvpntoken.secret
+	echo $USERNAME >~/.local/share/ethz-vpn-connect/ethzvpnusername.txt
+	encpass=""
+	PASSWORD=""
+	TOKEN=""
+	echo $'Secrets set\n'
+}
+
+case "$1" in
+'connect')
+	connect
+	;;
+c)
+	connect
+	;;
+'disconnect')
+	disconnect
+	;;
+d)
+	disconnect
+	;;
+dc)
+	disconnect
+	;;
+setup)
+	setup
+	;;
+*)
+	echo -e 'Usage: ethz-vpn [Option] \n [Option]: \n       connect, c:             Connect VPN \n  disconnect, d, dc:      Disconnect VPN \n setup: set secrets and eth-Kürzel.\n'
+	;;
+esac