session: ignore non-string username attribute upon restore When restoring session information from blob data, only consider the embedded username attribute if it is a string value. Other types may cause invalid memory accesses when attempting to strcmp() the attribute value. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
session: support reclaiming pending apply session Reclaim the pending apply session upon login when the username matches the current login. This is required to support apply-confirm-rollback workflow for ubus browser clients, since changing IPs requires re-login to the device due to cross domain restrictions. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
session: remove redundant key attribute to rpc_session_set() The given const char *key was used to look up the blob attribute, while the blob attributes internal name was used to store it in the avl tree. This leads to confusion and potential memory leaks when the given key name does not match the blob attributes internal name. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
properly handle return codes Signed-off-by: John Crispin <blogic@openwrt.org>
session: fix method signatures for create, list and destroy Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
session: add missing include Signed-off-by: Felix Fietkau <nbd@openwrt.org>
session: make object and function arguments of session.access optional, dump effective acls in this case
Extend copyright
session: fix file descriptor leak in rpc_blob_from_file()
session: change "sid" attribute to "ubus_rpc_session", this ensures that exposed session calls are confined to the calling session context
session.c: use blobmsg_type() instead of blob_id()
session: support negative group expressions This change allows excluding specific groups after a wildcard expression. The following example would grant read access to any acl group except the group named "example". list read '*' list read '!example'
session: restore ACL dumping for session get and session list calls
session: fix enum mismatch in rpc_handle_get() and rpc_handle_set()
session: remove unused ctx argument from rpc_session_grant() and rpc_session_destroy()
session: do not dump and restore session ACLs but recalculate them when restoring the session
session: disallow destroying the null session
session: fix argument order of crypt() and prevent segfault if /etc/config/rpcd does not exist
session: use correct policy for rpc_handle_login()
session: setup a persistent NULL section and implement login procedure