Commit graph

31 commits

Author SHA1 Message Date
Fabian Bläse
3df62bcebd session: deny access if password login is disabled
The special characters '!' and '*' in /etc/shadow are
used to disable password login for a specific account.

The character 'x' has no special meaning, but should not
be interpreted as an empty password.

However, rpcd did treat these special characters like no
password was set, which allows access even though the account
is disabled.

By removing the additional checks for these characters, the
encrypted password string is passed to crypt, which returns NULL
if the salt has an invalid format and therefore access is denied.

Fixes: FS#2634

Signed-off-by: Fabian Bläse <fabian@blaese.de>
2020-03-17 19:33:35 +01:00
Jo-Philipp Wich
569284a119 session: handle NULL return values of crypt()
The crypt() function may return NULL with errno ENOSYS when an attempt
was made to crypt the plaintext password using a salt requesting an
unsupported cipher.

Avoid triggering segmentation faults in the subsequent strcmp() operation
by checking for a non-NULL hash value.

Fixes: FS#2291
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-05-22 14:25:52 +02:00
Jo-Philipp Wich
eb09f3a3fd session: ignore non-string username attribute upon restore
When restoring session information from blob data, only consider the
embedded username attribute if it is a string value.

Other types may cause invalid memory accesses when attempting to strcmp()
the attribute value.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-03-15 12:29:15 +01:00
Jo-Philipp Wich
3d400c723b session: support reclaiming pending apply session
Reclaim the pending apply session upon login when the username matches the
current login.

This is required to support apply-confirm-rollback workflow for ubus browser
clients, since changing IPs requires re-login to the device due to cross
domain restrictions.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-03-15 12:29:15 +01:00
Jo-Philipp Wich
f0f6f81edb session: remove redundant key attribute to rpc_session_set()
The given const char *key was used to look up the blob attribute, while
the blob attributes internal name was used to store it in the avl tree.

This leads to confusion and potential memory leaks when the given key name
does not match the blob attributes internal name.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-03-15 12:29:15 +01:00
John Crispin
311c85e7d9 properly handle return codes
Signed-off-by: John Crispin <blogic@openwrt.org>
2015-03-28 18:36:40 +01:00
Jo-Philipp Wich
7b7f254682 session: fix method signatures for create, list and destroy
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-02-09 12:51:44 +01:00
Felix Fietkau
3c55504336 session: add missing include
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2014-06-29 23:22:50 +02:00
Jo-Philipp Wich
967d815022 session: make object and function arguments of session.access optional, dump effective acls in this case 2014-01-19 19:45:25 +00:00
Jo-Philipp Wich
0c4e97b4e7 Extend copyright 2014-01-12 12:48:58 +00:00
Jo-Philipp Wich
a7ef5ca736 session: fix file descriptor leak in rpc_blob_from_file() 2013-10-26 14:16:29 +00:00
Jo-Philipp Wich
a23010d407 session: change "sid" attribute to "ubus_rpc_session", this ensures that exposed session calls are confined to the calling session context 2013-09-13 14:52:35 +02:00
Jo-Philipp Wich
22c7c2675d session.c: use blobmsg_type() instead of blob_id() 2013-09-12 13:31:21 +02:00
Jo-Philipp Wich
296c9d9ceb session: support negative group expressions
This change allows excluding specific groups after a wildcard expression.
The following example would grant read access to any acl group except the
group named "example".

  list read '*'
  list read '!example'
2013-09-12 13:10:30 +02:00
Jo-Philipp Wich
b76addec87 session: restore ACL dumping for session get and session list calls 2013-09-12 12:13:05 +02:00
Jo-Philipp Wich
4c9f178ad6 session: fix enum mismatch in rpc_handle_get() and rpc_handle_set() 2013-09-12 12:04:14 +02:00
Jo-Philipp Wich
6128bf647c session: remove unused ctx argument from rpc_session_grant() and rpc_session_destroy() 2013-09-12 12:04:14 +02:00
Jo-Philipp Wich
d0d1a92432 session: do not dump and restore session ACLs but recalculate them when restoring the session 2013-09-12 12:04:06 +02:00
Jo-Philipp Wich
00a3ec2e52 session: disallow destroying the null session 2013-09-12 10:35:55 +02:00
Jo-Philipp Wich
4d618b2e3b session: fix argument order of crypt() and prevent segfault if /etc/config/rpcd does not exist 2013-09-10 20:12:39 +02:00
Jo-Philipp Wich
4bf5d60f65 session: use correct policy for rpc_handle_login() 2013-09-10 20:01:05 +02:00
Jo-Philipp Wich
5a101fcc08 session: setup a persistent NULL section and implement login procedure 2013-09-10 19:56:36 +02:00
Jo-Philipp Wich
aa2afdb739 session: add support for saving and restoring session data to disk 2013-09-04 17:08:56 +02:00
Jo-Philipp Wich
e0afdb10ae Move includes into subdirectory 2013-09-04 12:46:11 +02:00
Jo-Philipp Wich
60b9c9d919 session: introduce api to register session create and destroy callbacks 2013-09-03 12:47:04 +02:00
Jo-Philipp Wich
07c2f0a9b1 Rename from "luci-rpcd" to "rpcd" 2013-09-02 17:23:30 +02:00
Jo-Philipp Wich
c6985dd5a6 session: expose rpc_session_access() function for testing session ACLs in other rpcd subsystems 2013-08-12 13:51:51 +02:00
Jo-Philipp Wich
743901cfca session: fix acl dumping if last object of previous scope is equal to first object of next one 2013-08-10 21:56:06 +02:00
Jo-Philipp Wich
c6e81f4b69 sessions: add scopes for acls, default to "ubus" scope 2013-08-08 18:53:59 +02:00
Jo-Philipp Wich
09f387b2fa Fix session.get procedure with undefined keys attribute 2013-05-30 14:58:30 +02:00
Jo-Philipp Wich
0607cfda5b initial commit 2013-01-26 15:29:09 +01:00