davidecavestro/vpn_credentials_check.groovy

## vpn_credentials_check.groovy
/*
 * Uses `openconnect` to validate vpn user credentials
 * (tested on Debian GNU/Linux 9, where openconnect must be called as root user)
 */

credentials = [             //TODO set credentials here
    user1 : 'pass1',
    user2 : 'pass2'
]

def host = '127.0.0.1'      //TODO set vpn server address here
def args = ''               //TODO add optional args, i.e. '--mtu=1300 --servercert sha256:abcde...'

def valid = []
def invalid = []

print 'Checking credentials'
credentials.each {def user, def password->
  def process = "echo -n $password".execute() | "/usr/sbin/openconnect -u ${user} ${args} --passwd-on-stdin ${host}".execute()
  process.waitForOrKill (1000) //wait 1 sec

  process.exitValue().with {def exitValue ->
    if (exitValue==143) {//SIGTERM: consider the process killed after a success
      valid << user
    } else {
      invalid << user
    }
    print '.'
  }
}
println ''
println 'CHECK COMPLETED'

println "Valid credentials: ${valid}"
println "Invalid credentials: ${invalid}"
	/*
	* Uses `openconnect` to validate vpn user credentials
	* (tested on Debian GNU/Linux 9, where openconnect must be called as root user)
	*/

	credentials = [ //TODO set credentials here
	user1 : 'pass1',
	user2 : 'pass2'
	]

	def host = '127.0.0.1' //TODO set vpn server address here
	def args = '' //TODO add optional args, i.e. '--mtu=1300 --servercert sha256:abcde...'

	def valid = []
	def invalid = []

	print 'Checking credentials'
	credentials.each {def user, def password->
	def process = "echo -n $password".execute() \| "/usr/sbin/openconnect -u ${user} ${args} --passwd-on-stdin ${host}".execute()
	process.waitForOrKill (1000) //wait 1 sec

	process.exitValue().with {def exitValue ->
	if (exitValue==143) {//SIGTERM: consider the process killed after a success
	valid << user
	} else {
	invalid << user
	}
	print '.'
	}
	}
	println ''
	println 'CHECK COMPLETED'

	println "Valid credentials: ${valid}"
	println "Invalid credentials: ${invalid}"