Drop the historically inherited "luci-rpc-" prefix and replace it with a
more appropriate "rpcd-plugin-" string.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
We need to use blobmsg_get_u64 for RPC_DUMP_EXPIRES as this is now
BLOBMSG_TYPE_INT64.
Fixes: 20bf958bea ("session: use uloop_timeout_remaining64")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Currently, rpcd cached /etc/config/rpcd once on the first login and then
keeps checking login attempts and ACL settings against the in-memory
copy until the process is restarted.
This is not desirable as we would like added, modified or removed accounts
to be effective immediately. In order to achive this behaviour, ensure to
unload the currently loaded rpcd configuration before looking up the login
account section.
Ref: https://github.com/openwrt/luci/issues/5179
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The special characters '!' and '*' in /etc/shadow are
used to disable password login for a specific account.
The character 'x' has no special meaning, but should not
be interpreted as an empty password.
However, rpcd did treat these special characters like no
password was set, which allows access even though the account
is disabled.
By removing the additional checks for these characters, the
encrypted password string is passed to crypt, which returns NULL
if the salt has an invalid format and therefore access is denied.
Fixes: FS#2634
Signed-off-by: Fabian Bläse <fabian@blaese.de>
The crypt() function may return NULL with errno ENOSYS when an attempt
was made to crypt the plaintext password using a salt requesting an
unsupported cipher.
Avoid triggering segmentation faults in the subsequent strcmp() operation
by checking for a non-NULL hash value.
Fixes: FS#2291
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When restoring session information from blob data, only consider the
embedded username attribute if it is a string value.
Other types may cause invalid memory accesses when attempting to strcmp()
the attribute value.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Reclaim the pending apply session upon login when the username matches the
current login.
This is required to support apply-confirm-rollback workflow for ubus browser
clients, since changing IPs requires re-login to the device due to cross
domain restrictions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The given const char *key was used to look up the blob attribute, while
the blob attributes internal name was used to store it in the avl tree.
This leads to confusion and potential memory leaks when the given key name
does not match the blob attributes internal name.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This change allows excluding specific groups after a wildcard expression.
The following example would grant read access to any acl group except the
group named "example".
list read '*'
list read '!example'
