From 6a2a53a82918ea2ccbbbe23510aa0279827b2783 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Tue, 20 Aug 2019 15:31:35 +0200 Subject: protocols: add client side protocol handler implementations Signed-off-by: Jo-Philipp Wich --- .../root/usr/libexec/rpcd/luci.openconnect | 78 ++++++++++++++++++++++ 1 file changed, 78 insertions(+) create mode 100755 protocols/luci-proto-openconnect/root/usr/libexec/rpcd/luci.openconnect (limited to 'protocols/luci-proto-openconnect/root/usr/libexec/rpcd') diff --git a/protocols/luci-proto-openconnect/root/usr/libexec/rpcd/luci.openconnect b/protocols/luci-proto-openconnect/root/usr/libexec/rpcd/luci.openconnect new file mode 100755 index 0000000000..9378cc518b --- /dev/null +++ b/protocols/luci-proto-openconnect/root/usr/libexec/rpcd/luci.openconnect @@ -0,0 +1,78 @@ +#!/usr/bin/env lua + +local json = require "luci.jsonc" +local fs = require "nixio.fs" + +local function readfile(path) + local s = fs.readfile(path) + return s and (s:gsub("^%s+", ""):gsub("%s+$", "")) +end + +local function writefile(path, data) + local n = fs.writefile(path, data) + return (n == #data) +end + +local function parseInput() + local parse = json.new() + local done, err + + while true do + local chunk = io.read(4096) + if not chunk then + break + elseif not done and not err then + done, err = parse:parse(chunk) + end + end + + if not done then + print(json.stringify({ error = err or "Incomplete input" })) + os.exit(1) + end + + return parse:get() +end + +if arg[1] == "list" then + print(json.stringify({ + getCertificates = { + interface = "interface" + }, + setCertificates = { + interface = "interface", + user_certificate = "PEM file data", + user_privatekey = "PEM file data", + ca_certificate = "PEM file data" + } + })) +elseif arg[1] == "call" then + local args = parseInput() + + if not args.interface or + type(args.interface) ~= "string" or + not args.interface:match("^[a-zA-Z0-9_]+$") + then + print(json.stringify({ error = "Invalid interface name" })) + os.exit(1) + end + + if arg[2] == "getCertificates" then + print(json.stringify({ + user_certificate = readfile(string.format("/etc/openconnect/user-cert-%s.pem", args.interface)), + user_privatekey = readfile(string.format("/etc/openconnect/user-key-%s.pem", args.interface)), + ca_certificate = readfile(string.format("/etc/openconnect/ca-%s.pem", args.interface)) + })) + elseif arg[2] == "setCertificates" then + if args.user_certificate then + writefile(string.format("/etc/openconnect/user-cert-%s.pem", args.interface), args.user_certificate) + end + if args.user_privatekey then + writefile(string.format("/etc/openconnect/user-key-%s.pem", args.interface), args.user_privatekey) + end + if args.ca_certificate then + writefile(string.format("/etc/openconnect/ca-%s.pem", args.interface), args.ca_certificate) + end + print(json.stringify({ result = true })) + end +end -- cgit v1.2.3