uci: fix memory leak in rpc_uci_replace_savedir() The rpc_uci_replace_savedir() function did not take into account that libuci uci_set_savedir() does an additional implicit uci_strdup() of the directory path string when appending a new delta directory item. Due to this oversight, only the struct uci_element items got freed, but not the duplicated path string, leading to leaking memory when invoking the uci api with session id argument. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
uci: use correct sort index when reordering sections When reordering, the section indexes must be 0-based while the current implementation incorrectly numbers starting with 1. Fix this by start numbering ther sections with index 0. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
uci: fix memory leak in rpc_uci_apply_timeout() Signed-off-by: Jo-Philipp Wich <jo@mein.io>
uci: switch to proper save directory on apply/rollback The existing code failed to set the uci cursor save directory to the current session path, causing the apply routine to either fail or to merge settings from unrelated neighboring sessions, potentially leaking data. Solve the issue by switching the uci cursor save directory to the session directory before performing the actual apply actions. Additionally set the save directory path to "/dev/null" during rollback, to avoid merging unrelated system wide uci changes when restoring configs from the snapshot directory. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
uci: add rpc_uci_replace_savedir() helper The rpc_uci_replace_savedir() function removes all configured save directories from the uci cursor instance and adds the given path argument as sole item. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
session: support reclaiming pending apply session Reclaim the pending apply session upon login when the username matches the current login. This is required to support apply-confirm-rollback workflow for ubus browser clients, since changing IPs requires re-login to the device due to cross domain restrictions. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
uci: fix session delta isolation The libuci `uci_set_savedir()` function does not replace, but appends the requested delta directory to the search path, this causes information leaks between sessions. Due to a lack of an official api for this, clear the uci contexts private delta path before setting the save directory. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
uci: allow setting zero-length values (to delete an option) Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
add a reload_config method to the uci object Signed-off-by: John Crispin <blogic@openwrt.org>
uci: unload package on revert Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
uci: rework variable usage Signed-off-by: Luka Perkov <luka@openwrt.org>
uci: fix same buffer reuse introduced by previous commit
debug
uci: grant access to confirm and rollback methods only to initiating session Previously any session with access permissions for the corresponding method was able to confirm or rollback commits initiated by another session. Change those methods to only grant access to the initiating session. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
uci: introduce confirm method to cancel pending rollbacks without side effects Calling commit with rollback=false to cancel a pending rollback timer can potentially trigger another commit if no rollback is actually pending. This introduces a new method "confirm" which cancels the rollback timer without any other possible side effects. While being at it, change the return code when trying to commit during a pending rollback or when trying to rollback without a pending timeout to UBUS_STATUS_NO_DATA. This is needed to be able to differentiate between a denied request and an inappropriate state. Also change the error return code for glob() failures to the more appropriate UBUS_STATUS_NOT_FOUND. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Extend copyright
uci: rename uci.apply "commit" attribute to "roolback" and invert its logic
config.change triggers should only run if the config is valid Signed-off-by: John Crispin <blogic@openwrt.org>
fix inverted apply_running check Signed-off-by: John Crispin <blogic@openwrt.org>
uci: make config argument of changes call optional to allow listing all changes in all files