-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathioiexec.sh
executable file
·57 lines (47 loc) · 1.4 KB
/
ioiexec.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
#!/bin/sh
PARTKEY=$(/opt/ioi/sbin/genkey.sh)
if [ $# -lt 2 ]; then
echo "Too few arguments" >&2
exit 1
fi
TOTP=$1
shift 1
CMDSTRING=$*
FULLKEY=$(echo $PARTKEY $CMDSTRING | sha256sum | cut -d\ -f1)
logger -p local0.info "IOIEXEC: invoke '$CMDSTRING'"
# totp interval set to 30 minutes
if ! oathtool -s 1800 --totp $FULLKEY -d 8 -w 1 -- "$TOTP" > /dev/null 2>&1; then
echo "TOTP failed" >&2
logger -p local0.info "IOIEXEC: totp failed"
exit;
fi
case $1 in
fwstop)
systemctl stop tinc@vpn
iptables -P OUTPUT ACCEPT
iptables -P INPUT ACCEPT
iptables -F
logger -p local0.info "IOIEXEC: firewall stopped"
;;
vpnclear)
systemctl stop tinc@vpn
systemctl disable tinc@vpn 2> /dev/null
rm /etc/tinc/vpn/ip.conf 2> /dev/null
rm /etc/tinc/vpn/mask.conf 2> /dev/null
rm /etc/tinc/vpn/dns.conf 2> /dev/null
rm /etc/tinc/vpn/hosts/* 2> /dev/null
rm /etc/tinc/vpn/rsa_key.* 2> /dev/null
rm /etc/tinc/vpn/tinc.conf 2> /dev/null
rm /opt/ioi/config/ssh/ioibackup* 2> /dev/null
logger -p local0.info "IOIEXEC: vpn stopped"
chfn -f "IOI Contestant" ioi
echo "Due to some issues, we have disabled VPN connection to CMS."
echo ""
echo "For now, open https://cms-public.ioi2022.id on Firefox,"
echo "and log in using the following credentials:"
echo ""
echo "- Username: $(cat /opt/ioi/run/username.txt)"
echo "- Password: $(cat /opt/ioi/run/password.txt)"
;;
esac
# vim: ft=sh ts=4 noet