/*
- * luci-rpcd - LuCI UBUS RPC server
+ * rpcd - UBUS RPC server
*
* Copyright (C) 2013 Jo-Philipp Wich <jow@openwrt.org>
*
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#include "uci.h"
+#include <rpcd/uci.h>
+#include <rpcd/session.h>
static struct blob_buf buf;
static struct uci_context *cursor;
RPC_G_OPTION,
RPC_G_TYPE,
RPC_G_MATCH,
+ RPC_G_SESSION,
__RPC_G_MAX,
};
[RPC_G_OPTION] = { .name = "option", .type = BLOBMSG_TYPE_STRING },
[RPC_G_TYPE] = { .name = "type", .type = BLOBMSG_TYPE_STRING },
[RPC_G_MATCH] = { .name = "match", .type = BLOBMSG_TYPE_TABLE },
+ [RPC_G_SESSION] = { .name = "ubus_rpc_session",
+ .type = BLOBMSG_TYPE_STRING },
};
enum {
RPC_A_TYPE,
RPC_A_NAME,
RPC_A_VALUES,
+ RPC_A_SESSION,
__RPC_A_MAX,
};
[RPC_A_TYPE] = { .name = "type", .type = BLOBMSG_TYPE_STRING },
[RPC_A_NAME] = { .name = "name", .type = BLOBMSG_TYPE_STRING },
[RPC_A_VALUES] = { .name = "values", .type = BLOBMSG_TYPE_TABLE },
+ [RPC_A_SESSION] = { .name = "ubus_rpc_session",
+ .type = BLOBMSG_TYPE_STRING },
};
enum {
RPC_S_TYPE,
RPC_S_MATCH,
RPC_S_VALUES,
+ RPC_S_SESSION,
__RPC_S_MAX,
};
[RPC_S_TYPE] = { .name = "type", .type = BLOBMSG_TYPE_STRING },
[RPC_S_MATCH] = { .name = "match", .type = BLOBMSG_TYPE_TABLE },
[RPC_S_VALUES] = { .name = "values", .type = BLOBMSG_TYPE_TABLE },
+ [RPC_S_SESSION] = { .name = "ubus_rpc_session",
+ .type = BLOBMSG_TYPE_STRING },
};
enum {
RPC_D_MATCH,
RPC_D_OPTION,
RPC_D_OPTIONS,
+ RPC_D_SESSION,
__RPC_D_MAX,
};
[RPC_D_MATCH] = { .name = "match", .type = BLOBMSG_TYPE_TABLE },
[RPC_D_OPTION] = { .name = "option", .type = BLOBMSG_TYPE_STRING },
[RPC_D_OPTIONS] = { .name = "options", .type = BLOBMSG_TYPE_ARRAY },
+ [RPC_D_SESSION] = { .name = "ubus_rpc_session",
+ .type = BLOBMSG_TYPE_STRING },
};
enum {
RPC_R_SECTION,
RPC_R_OPTION,
RPC_R_NAME,
+ RPC_R_SESSION,
__RPC_R_MAX,
};
[RPC_R_SECTION] = { .name = "section", .type = BLOBMSG_TYPE_STRING },
[RPC_R_OPTION] = { .name = "option", .type = BLOBMSG_TYPE_STRING },
[RPC_R_NAME] = { .name = "name", .type = BLOBMSG_TYPE_STRING },
+ [RPC_R_SESSION] = { .name = "ubus_rpc_session",
+ .type = BLOBMSG_TYPE_STRING },
};
enum {
RPC_O_CONFIG,
RPC_O_SECTIONS,
+ RPC_O_SESSION,
__RPC_O_MAX,
};
static const struct blobmsg_policy rpc_uci_order_policy[__RPC_O_MAX] = {
[RPC_O_CONFIG] = { .name = "config", .type = BLOBMSG_TYPE_STRING },
[RPC_O_SECTIONS] = { .name = "sections", .type = BLOBMSG_TYPE_ARRAY },
+ [RPC_O_SESSION] = { .name = "ubus_rpc_session",
+ .type = BLOBMSG_TYPE_STRING },
};
enum {
RPC_C_CONFIG,
+ RPC_C_SESSION,
__RPC_C_MAX,
};
static const struct blobmsg_policy rpc_uci_config_policy[__RPC_C_MAX] = {
[RPC_C_CONFIG] = { .name = "config", .type = BLOBMSG_TYPE_STRING },
+ [RPC_C_SESSION] = { .name = "ubus_rpc_session",
+ .type = BLOBMSG_TYPE_STRING },
};
/*
}
/*
+ * Setup per-session delta save directory. If the passed "sid" blob attribute
+ * pointer is NULL then the precedure was not invoked through the ubus-rpc so
+ * we do not perform session isolation and use the default save directory.
+ */
+static void
+rpc_uci_set_savedir(struct blob_attr *sid)
+{
+ char path[PATH_MAX];
+
+ if (!sid)
+ {
+ uci_set_savedir(cursor, "/tmp/.uci");
+ return;
+ }
+
+ snprintf(path, sizeof(path) - 1,
+ "/tmp/.uci-rpc-%s", (char *)blobmsg_data(sid));
+
+ uci_set_savedir(cursor, path);
+}
+
+/*
+ * Test read access to given config. If the passed "sid" blob attribute pointer
+ * is NULL then the precedure was not invoked through the ubus-rpc so we do not
+ * perform access control and always assume true.
+ */
+static bool
+rpc_uci_read_access(struct blob_attr *sid, struct blob_attr *config)
+{
+ rpc_uci_set_savedir(sid);
+
+ if (!sid)
+ return true;
+
+ return rpc_session_access(blobmsg_data(sid), "uci",
+ blobmsg_data(config), "read");
+}
+
+/*
+ * Test write access to given config. If the passed "sid" blob attribute pointer
+ * is NULL then the precedure was not invoked through the ubus-rpc so we do not
+ * perform access control and always assume true.
+ */
+static bool
+rpc_uci_write_access(struct blob_attr *sid, struct blob_attr *config)
+{
+ rpc_uci_set_savedir(sid);
+
+ if (!sid)
+ return true;
+
+ return rpc_session_access(blobmsg_data(sid), "uci",
+ blobmsg_data(config), "write");
+}
+
+/*
* Format applicable blob value as string and place a pointer to the string
* buffer in "p". Uses a static string buffer.
*/
if (!tb[RPC_G_CONFIG])
return UBUS_STATUS_INVALID_ARGUMENT;
+ if (!rpc_uci_read_access(tb[RPC_G_SESSION], tb[RPC_G_CONFIG]))
+ return UBUS_STATUS_PERMISSION_DENIED;
+
ptr.package = blobmsg_data(tb[RPC_G_CONFIG]);
uci_load(cursor, ptr.package, &p);
if (!tb[RPC_A_CONFIG] || !tb[RPC_A_TYPE])
return UBUS_STATUS_INVALID_ARGUMENT;
+ if (!rpc_uci_write_access(tb[RPC_A_SESSION], tb[RPC_A_CONFIG]))
+ return UBUS_STATUS_PERMISSION_DENIED;
+
ptr.package = blobmsg_data(tb[RPC_A_CONFIG]);
uci_load(cursor, ptr.package, &p);
(!tb[RPC_S_SECTION] && !tb[RPC_S_TYPE] && !tb[RPC_S_MATCH]))
return UBUS_STATUS_INVALID_ARGUMENT;
+ if (!rpc_uci_write_access(tb[RPC_S_SESSION], tb[RPC_S_CONFIG]))
+ return UBUS_STATUS_PERMISSION_DENIED;
+
ptr.package = blobmsg_data(tb[RPC_S_CONFIG]);
uci_load(cursor, ptr.package, &p);
(!tb[RPC_D_SECTION] && !tb[RPC_D_TYPE] && !tb[RPC_D_MATCH]))
return UBUS_STATUS_INVALID_ARGUMENT;
+ if (!rpc_uci_write_access(tb[RPC_D_SESSION], tb[RPC_D_CONFIG]))
+ return UBUS_STATUS_PERMISSION_DENIED;
+
ptr.package = blobmsg_data(tb[RPC_D_CONFIG]);
uci_load(cursor, ptr.package, &p);
if (!tb[RPC_R_CONFIG] || !tb[RPC_R_SECTION] || !tb[RPC_R_NAME])
return UBUS_STATUS_INVALID_ARGUMENT;
+ if (!rpc_uci_write_access(tb[RPC_R_SESSION], tb[RPC_R_CONFIG]))
+ return UBUS_STATUS_PERMISSION_DENIED;
+
ptr.package = blobmsg_data(tb[RPC_R_CONFIG]);
ptr.section = blobmsg_data(tb[RPC_R_SECTION]);
ptr.value = blobmsg_data(tb[RPC_R_NAME]);
if (!tb[RPC_O_CONFIG] || !tb[RPC_O_SECTIONS])
return UBUS_STATUS_INVALID_ARGUMENT;
+ if (!rpc_uci_write_access(tb[RPC_O_SESSION], tb[RPC_O_CONFIG]))
+ return UBUS_STATUS_PERMISSION_DENIED;
+
ptr.package = blobmsg_data(tb[RPC_O_CONFIG]);
uci_load(cursor, ptr.package, &p);
if (!tb[RPC_C_CONFIG])
return UBUS_STATUS_INVALID_ARGUMENT;
+ if (!rpc_uci_read_access(tb[RPC_C_SESSION], tb[RPC_C_CONFIG]))
+ return UBUS_STATUS_PERMISSION_DENIED;
+
uci_load(cursor, blobmsg_data(tb[RPC_C_CONFIG]), &p);
if (!p)
if (!tb[RPC_C_CONFIG])
return UBUS_STATUS_INVALID_ARGUMENT;
- ptr.package = blobmsg_data(tb[RPC_C_CONFIG]);
- uci_load(cursor, ptr.package, &p);
+ if (!rpc_uci_write_access(tb[RPC_C_SESSION], tb[RPC_C_CONFIG]))
+ return UBUS_STATUS_PERMISSION_DENIED;
- if (!p || uci_lookup_ptr(cursor, &ptr, NULL, true) || !ptr.p)
- goto out;
+ ptr.package = blobmsg_data(tb[RPC_C_CONFIG]);
if (commit)
- uci_commit(cursor, &p, false);
- else
- uci_revert(cursor, &ptr);
+ {
+ uci_load(cursor, ptr.package, &p);
-out:
- if (p)
- uci_unload(cursor, p);
+ if (p)
+ {
+ uci_commit(cursor, &p, false);
+ uci_unload(cursor, p);
+ }
+ }
+ else
+ {
+ if (!uci_lookup_ptr(cursor, &ptr, NULL, true) && ptr.p)
+ uci_revert(cursor, &ptr);
+ }
return rpc_uci_status();
}
}
+/*
+ * Remove given delta save directory (if any).
+ */
+static void
+rpc_uci_purge_savedir(const char *path)
+{
+ DIR *d;
+ struct stat s;
+ struct dirent *e;
+ char file[PATH_MAX];
+
+ if (stat(path, &s) || !S_ISDIR(s.st_mode))
+ return;
+
+ if ((d = opendir(path)) != NULL)
+ {
+ while ((e = readdir(d)) != NULL)
+ {
+ snprintf(file, sizeof(file) - 1, "%s/%s", path, e->d_name);
+
+ if (stat(file, &s) || !S_ISREG(s.st_mode))
+ continue;
+
+ unlink(file);
+ }
+
+ closedir(d);
+
+ rmdir(path);
+ }
+}
+
+/*
+ * Session destroy callback to purge associated delta directory.
+ */
+static void
+rpc_uci_purge_savedir_cb(struct rpc_session *ses, void *priv)
+{
+ char path[PATH_MAX];
+
+ snprintf(path, sizeof(path) - 1, "/tmp/.uci-rpc-%s", ses->id);
+ rpc_uci_purge_savedir(path);
+}
+
+/*
+ * Removes all delta directories which match the /tmp/.uci-rpc-* pattern.
+ * This is used to clean up garbage when starting rpcd.
+ */
+void rpc_uci_purge_savedirs(void)
+{
+ int i;
+ glob_t gl;
+
+ if (!glob("/tmp/.uci-rpc-*", 0, NULL, &gl))
+ {
+ for (i = 0; i < gl.gl_pathc; i++)
+ rpc_uci_purge_savedir(gl.gl_pathv[i]);
+
+ globfree(&gl);
+ }
+}
+
int rpc_uci_api_init(struct ubus_context *ctx)
{
static const struct ubus_method uci_methods[] = {
.n_methods = ARRAY_SIZE(uci_methods),
};
+ static struct rpc_session_cb cb = {
+ .cb = rpc_uci_purge_savedir_cb
+ };
+
cursor = uci_alloc_context();
if (!cursor)
return UBUS_STATUS_UNKNOWN_ERROR;
+ rpc_session_destroy_cb(&cb);
+
return ubus_add_object(ctx, &obj);
}
projects / project / rpcd.git / blobdiff