3 local json = require "luci.jsonc"
4 local fs = require "nixio.fs"
6 local function readfile(path)
7 local s = fs.readfile(path)
8 return s and (s:gsub("^%s+", ""):gsub("%s+$", ""))
11 local function writefile(path, data)
12 local n = fs.writefile(path, data)
16 local function parseInput()
17 local parse = json.new()
21 local chunk = io.read(4096)
24 elseif not done and not err then
25 done, err = parse:parse(chunk)
30 print(json.stringify({ error = err or "Incomplete input" }))
37 if arg[1] == "list" then
38 print(json.stringify({
40 interface = "interface"
43 interface = "interface",
44 user_certificate = "PEM file data",
45 user_privatekey = "PEM file data",
46 ca_certificate = "PEM file data"
49 elseif arg[1] == "call" then
50 local args = parseInput()
52 if not args.interface or
53 type(args.interface) ~= "string" or
54 not args.interface:match("^[a-zA-Z0-9_]+$")
56 print(json.stringify({ error = "Invalid interface name" }))
60 if arg[2] == "getCertificates" then
61 print(json.stringify({
62 user_certificate = readfile(string.format("/etc/openconnect/user-cert-vpn-%s.pem", args.interface)),
63 user_privatekey = readfile(string.format("/etc/openconnect/user-key-vpn-%s.pem", args.interface)),
64 ca_certificate = readfile(string.format("/etc/openconnect/ca-vpn-%s.pem", args.interface))
66 elseif arg[2] == "setCertificates" then
67 if args.user_certificate then
68 writefile(string.format("/etc/openconnect/user-cert-vpn-%s.pem", args.interface), args.user_certificate)
70 if args.user_privatekey then
71 writefile(string.format("/etc/openconnect/user-key-vpn-%s.pem", args.interface), args.user_privatekey)
73 if args.ca_certificate then
74 writefile(string.format("/etc/openconnect/ca-vpn-%s.pem", args.interface), args.ca_certificate)
76 print(json.stringify({ result = true }))