+++ /dev/null
-#!/usr/bin/env lua
-
-local json = require "luci.jsonc"
-local fs = require "nixio.fs"
-
-local function readfile(path)
- local s = fs.readfile(path)
- return s and (s:gsub("^%s+", ""):gsub("%s+$", ""))
-end
-
-local function writefile(path, data)
- local n = fs.writefile(path, data)
- return (n == #data)
-end
-
-local function parseInput()
- local parse = json.new()
- local done, err
-
- while true do
- local chunk = io.read(4096)
- if not chunk then
- break
- elseif not done and not err then
- done, err = parse:parse(chunk)
- end
- end
-
- if not done then
- print(json.stringify({ error = err or "Incomplete input" }))
- os.exit(1)
- end
-
- return parse:get()
-end
-
-if arg[1] == "list" then
- print(json.stringify({
- getCertificates = {
- interface = "interface"
- },
- setCertificates = {
- interface = "interface",
- user_certificate = "PEM file data",
- user_privatekey = "PEM file data",
- ca_certificate = "PEM file data"
- }
- }))
-elseif arg[1] == "call" then
- local args = parseInput()
-
- if not args.interface or
- type(args.interface) ~= "string" or
- not args.interface:match("^[a-zA-Z0-9_]+$")
- then
- print(json.stringify({ error = "Invalid interface name" }))
- os.exit(1)
- end
-
- if arg[2] == "getCertificates" then
- print(json.stringify({
- user_certificate = readfile(string.format("/etc/openconnect/user-cert-vpn-%s.pem", args.interface)),
- user_privatekey = readfile(string.format("/etc/openconnect/user-key-vpn-%s.pem", args.interface)),
- ca_certificate = readfile(string.format("/etc/openconnect/ca-vpn-%s.pem", args.interface))
- }))
- elseif arg[2] == "setCertificates" then
- if args.user_certificate then
- writefile(string.format("/etc/openconnect/user-cert-vpn-%s.pem", args.interface), args.user_certificate)
- end
- if args.user_privatekey then
- writefile(string.format("/etc/openconnect/user-key-vpn-%s.pem", args.interface), args.user_privatekey)
- end
- if args.ca_certificate then
- writefile(string.format("/etc/openconnect/ca-vpn-%s.pem", args.interface), args.ca_certificate)
- end
- print(json.stringify({ result = true }))
- end
-end
--- /dev/null
+#!/usr/bin/env ucode
+
+'use strict';
+
+import { readfile, writefile, stat } from 'fs';
+
+const interfaceregex = /^[a-zA-Z0-9_]+$/;
+const user_certificate_string = "/etc/openconnect/user-cert-vpn-%s.pem";
+const user_privatekey_string = "/etc/openconnect/user-key-vpn-%s.pem";
+const ca_certificate_string = "/etc/openconnect/ca-vpn-%s.pem";
+
+
+// Utility to read a file
+function _readfile(path) {
+ let _stat = stat(path);
+ if (_stat && _stat.type == "file") {
+ let content = readfile(path);
+ return content ? trim(content) : 'File empty';
+ }
+ return 'File not found';
+}
+
+// Utility to write a file
+function _writefile(path, data) {
+ if (!data) {
+ return false;
+ }
+ return writefile(path, data) == length(data);
+}
+
+const methods = {
+
+ list:{
+ call: function() {
+ return {
+ getCertificates: {
+ interface: "interface"
+ },
+ setCertificates: {
+ interface: "interface",
+ user_certificate: "user_certificate",
+ user_privatekey: "user_privatekey",
+ ca_certificate: "ca_certificate"
+ }
+ };
+ }
+ },
+
+ getCertificates: {
+ args: {
+ interface: "interface",
+ },
+ call: function(req) {
+
+ const _interface = req.args?.interface;
+ if (!_interface || !match(_interface, interfaceregex)) {
+ // printf("Invalid interface name");
+ return;
+ }
+
+ const user_certificate_pem = _readfile(sprintf(user_certificate_string, _interface));
+ const user_privatekey_pem = _readfile(sprintf(user_privatekey_string, _interface));
+ const ca_certificate_pem = _readfile(sprintf(ca_certificate_string, _interface));
+
+ if(user_certificate_pem && user_privatekey_pem && ca_certificate_pem){
+ return {
+ user_certificate: user_certificate_pem,
+ user_privatekey: user_privatekey_pem,
+ ca_certificate: ca_certificate_pem,
+ };
+ }
+
+ }
+ },
+
+ setCertificates: {
+ args: {
+ interface: "interface",
+ user_certificate: "user_certificate",
+ user_privatekey: "user_privatekey",
+ ca_certificate: "ca_certificate",
+ },
+ call: function(req) {
+
+ let result = false;
+ let _interface = req.args?.interface;
+
+ if (!_interface || !match(_interface, interfaceregex)) {
+ // printf("Invalid interface name");
+ return;
+ }
+
+ /* the interface is set up to call 1 write per certificate,
+ with only one of the following arguments not null */
+ if (req.args?.user_certificate) {
+ result = _writefile(sprintf(user_certificate_string, _interface), req.args?.user_certificate);
+ }
+ if (req.args?.user_privatekey) {
+ result = _writefile(sprintf(user_privatekey_string, _interface), req.args?.user_privatekey);
+ }
+ if (req.args?.ca_certificate) {
+ result = _writefile(sprintf(ca_certificate_string, _interface), req.args?.ca_certificate);
+ }
+
+ return {
+ result: result,
+ };
+
+ }
+ }
+
+};
+
+return { 'luci.openconnect': methods };
+
projects / project / luci.git / commitdiff