X-Git-Url: http://git.archive.openwrt.org/?p=project%2Frpcd.git;a=blobdiff_plain;f=session.c;h=30adf0bb230a354ce8b4f2a0af9467fd26574c37;hp=9c2b35d7dcd85e93eae0666a768d26caef6c1e49;hb=2f5a613718f5297febddb3ca7dc860ab6ed8c513;hpb=0607cfda5b3449d0850861c140d36fbcc0f2ef1d diff --git a/session.c b/session.c index 9c2b35d..30adf0b 100644 --- a/session.c +++ b/session.c @@ -1,5 +1,5 @@ /* - * luci-rpcd - LuCI UBUS RPC server + * rpcd - UBUS RPC server * * Copyright (C) 2013 Felix Fietkau * Copyright (C) 2013 Jo-Philipp Wich @@ -17,22 +17,34 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#define _GNU_SOURCE /* crypt() */ + #include +#include #include #include #include +#include +#include + +#ifdef HAVE_SHADOW +#include +#endif -#include "session.h" +#include static struct avl_tree sessions; static struct blob_buf buf; +static LIST_HEAD(create_callbacks); +static LIST_HEAD(destroy_callbacks); + static const struct blobmsg_policy new_policy = { .name = "timeout", .type = BLOBMSG_TYPE_INT32 }; static const struct blobmsg_policy sid_policy = { - .name = "sid", .type = BLOBMSG_TYPE_STRING + .name = "ubus_rpc_session", .type = BLOBMSG_TYPE_STRING }; enum { @@ -41,7 +53,7 @@ enum { __RPC_SS_MAX, }; static const struct blobmsg_policy set_policy[__RPC_SS_MAX] = { - [RPC_SS_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING }, + [RPC_SS_SID] = { .name = "ubus_rpc_session", .type = BLOBMSG_TYPE_STRING }, [RPC_SS_VALUES] = { .name = "values", .type = BLOBMSG_TYPE_TABLE }, }; @@ -51,46 +63,76 @@ enum { __RPC_SG_MAX, }; static const struct blobmsg_policy get_policy[__RPC_SG_MAX] = { - [RPC_SG_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING }, + [RPC_SG_SID] = { .name = "ubus_rpc_session", .type = BLOBMSG_TYPE_STRING }, [RPC_SG_KEYS] = { .name = "keys", .type = BLOBMSG_TYPE_ARRAY }, }; enum { RPC_SA_SID, + RPC_SA_SCOPE, RPC_SA_OBJECTS, __RPC_SA_MAX, }; static const struct blobmsg_policy acl_policy[__RPC_SA_MAX] = { - [RPC_SA_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING }, + [RPC_SA_SID] = { .name = "ubus_rpc_session", .type = BLOBMSG_TYPE_STRING }, + [RPC_SA_SCOPE] = { .name = "scope", .type = BLOBMSG_TYPE_STRING }, [RPC_SA_OBJECTS] = { .name = "objects", .type = BLOBMSG_TYPE_ARRAY }, }; enum { RPC_SP_SID, + RPC_SP_SCOPE, RPC_SP_OBJECT, RPC_SP_FUNCTION, __RPC_SP_MAX, }; static const struct blobmsg_policy perm_policy[__RPC_SP_MAX] = { - [RPC_SP_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING }, + [RPC_SP_SID] = { .name = "ubus_rpc_session", .type = BLOBMSG_TYPE_STRING }, + [RPC_SP_SCOPE] = { .name = "scope", .type = BLOBMSG_TYPE_STRING }, [RPC_SP_OBJECT] = { .name = "object", .type = BLOBMSG_TYPE_STRING }, [RPC_SP_FUNCTION] = { .name = "function", .type = BLOBMSG_TYPE_STRING }, }; +enum { + RPC_DUMP_SID, + RPC_DUMP_TIMEOUT, + RPC_DUMP_EXPIRES, + RPC_DUMP_DATA, + __RPC_DUMP_MAX, +}; +static const struct blobmsg_policy dump_policy[__RPC_DUMP_MAX] = { + [RPC_DUMP_SID] = { .name = "ubus_rpc_session", .type = BLOBMSG_TYPE_STRING }, + [RPC_DUMP_TIMEOUT] = { .name = "timeout", .type = BLOBMSG_TYPE_INT32 }, + [RPC_DUMP_EXPIRES] = { .name = "expires", .type = BLOBMSG_TYPE_INT32 }, + [RPC_DUMP_DATA] = { .name = "data", .type = BLOBMSG_TYPE_TABLE }, +}; + +enum { + RPC_L_USERNAME, + RPC_L_PASSWORD, + RPC_L_TIMEOUT, + __RPC_L_MAX, +}; +static const struct blobmsg_policy login_policy[__RPC_L_MAX] = { + [RPC_L_USERNAME] = { .name = "username", .type = BLOBMSG_TYPE_STRING }, + [RPC_L_PASSWORD] = { .name = "password", .type = BLOBMSG_TYPE_STRING }, + [RPC_L_TIMEOUT] = { .name = "timeout", .type = BLOBMSG_TYPE_INT32 }, +}; + /* * Keys in the AVL tree contain all pattern characters up to the first wildcard. * To look up entries, start with the last entry that has a key less than or * equal to the method name, then work backwards as long as the AVL key still * matches its counterpart in the object name */ -#define uh_foreach_matching_acl_prefix(_acl, _ses, _obj, _func) \ - for (_acl = avl_find_le_element(&(_ses)->acls, _obj, _acl, avl); \ - _acl; \ - _acl = avl_is_first(&(ses)->acls, &(_acl)->avl) ? NULL : \ +#define uh_foreach_matching_acl_prefix(_acl, _avl, _obj, _func) \ + for (_acl = avl_find_le_element(_avl, _obj, _acl, avl); \ + _acl; \ + _acl = avl_is_first(_avl, &(_acl)->avl) ? NULL : \ avl_prev_element((_acl), avl)) -#define uh_foreach_matching_acl(_acl, _ses, _obj, _func) \ - uh_foreach_matching_acl_prefix(_acl, _ses, _obj, _func) \ +#define uh_foreach_matching_acl(_acl, _avl, _obj, _func) \ + uh_foreach_matching_acl_prefix(_acl, _avl, _obj, _func) \ if (!strncmp((_acl)->object, _obj, (_acl)->sort_len) && \ !fnmatch((_acl)->object, (_obj), FNM_NOESCAPE) && \ !fnmatch((_acl)->function, (_func), FNM_NOESCAPE)) @@ -128,43 +170,65 @@ static void rpc_session_dump_acls(struct rpc_session *ses, struct blob_buf *b) { struct rpc_session_acl *acl; + struct rpc_session_acl_scope *acl_scope; const char *lastobj = NULL; - void *c = NULL; + const char *lastscope = NULL; + void *c = NULL, *d = NULL; - avl_for_each_element(&ses->acls, acl, avl) { - if (!lastobj || strcmp(acl->object, lastobj)) + avl_for_each_element(&ses->acls, acl_scope, avl) { + if (!lastscope || strcmp(acl_scope->avl.key, lastscope)) { - if (c) blobmsg_close_array(b, c); - c = blobmsg_open_array(b, acl->object); + if (c) blobmsg_close_table(b, c); + c = blobmsg_open_table(b, acl_scope->avl.key); + lastobj = NULL; } - blobmsg_add_string(b, NULL, acl->function); - lastobj = acl->object; + d = NULL; + + avl_for_each_element(&acl_scope->acls, acl, avl) { + if (!lastobj || strcmp(acl->object, lastobj)) + { + if (d) blobmsg_close_array(b, d); + d = blobmsg_open_array(b, acl->object); + } + + blobmsg_add_string(b, NULL, acl->function); + lastobj = acl->object; + } + + if (d) blobmsg_close_array(b, d); } - if (c) blobmsg_close_array(b, c); + if (c) blobmsg_close_table(b, c); } static void -rpc_session_dump(struct rpc_session *ses, - struct ubus_context *ctx, - struct ubus_request_data *req) +rpc_session_to_blob(struct rpc_session *ses, bool acls) { void *c; blob_buf_init(&buf, 0); - blobmsg_add_string(&buf, "sid", ses->id); + blobmsg_add_string(&buf, "ubus_rpc_session", ses->id); blobmsg_add_u32(&buf, "timeout", ses->timeout); blobmsg_add_u32(&buf, "expires", uloop_timeout_remaining(&ses->t) / 1000); - c = blobmsg_open_table(&buf, "acls"); - rpc_session_dump_acls(ses, &buf); - blobmsg_close_table(&buf, c); + if (acls) { + c = blobmsg_open_table(&buf, "acls"); + rpc_session_dump_acls(ses, &buf); + blobmsg_close_table(&buf, c); + } c = blobmsg_open_table(&buf, "data"); rpc_session_dump_data(ses, &buf); blobmsg_close_table(&buf, c); +} + +static void +rpc_session_dump(struct rpc_session *ses, struct ubus_context *ctx, + struct ubus_request_data *req) +{ + rpc_session_to_blob(ses, true); ubus_send_reply(ctx, req, buf.head); } @@ -172,18 +236,30 @@ rpc_session_dump(struct rpc_session *ses, static void rpc_touch_session(struct rpc_session *ses) { - uloop_timeout_set(&ses->t, ses->timeout * 1000); + if (ses->timeout > 0) + uloop_timeout_set(&ses->t, ses->timeout * 1000); } static void rpc_session_destroy(struct rpc_session *ses) { struct rpc_session_acl *acl, *nacl; + struct rpc_session_acl_scope *acl_scope, *nacl_scope; struct rpc_session_data *data, *ndata; + struct rpc_session_cb *cb; + + list_for_each_entry(cb, &destroy_callbacks, list) + cb->cb(ses, cb->priv); uloop_timeout_cancel(&ses->t); - avl_remove_all_elements(&ses->acls, acl, avl, nacl) - free(acl); + + avl_for_each_element_safe(&ses->acls, acl_scope, avl, nacl_scope) { + avl_remove_all_elements(&acl_scope->acls, acl, avl, nacl) + free(acl); + + avl_delete(&ses->acls, &acl_scope->avl); + free(acl_scope); + } avl_remove_all_elements(&ses->data, data, avl, ndata) free(data); @@ -201,25 +277,47 @@ static void rpc_session_timeout(struct uloop_timeout *t) } static struct rpc_session * -rpc_session_create(int timeout) +rpc_session_new(void) { struct rpc_session *ses; ses = calloc(1, sizeof(*ses)); + if (!ses) return NULL; - ses->timeout = timeout; - ses->avl.key = ses->id; - rpc_random(ses->id); + ses->avl.key = ses->id; - avl_insert(&sessions, &ses->avl); avl_init(&ses->acls, avl_strcmp, true, NULL); avl_init(&ses->data, avl_strcmp, false, NULL); ses->t.cb = rpc_session_timeout; + + return ses; +} + +static struct rpc_session * +rpc_session_create(int timeout) +{ + struct rpc_session *ses; + struct rpc_session_cb *cb; + + ses = rpc_session_new(); + + if (!ses) + return NULL; + + rpc_random(ses->id); + + ses->timeout = timeout; + + avl_insert(&sessions, &ses->avl); + rpc_touch_session(ses); + list_for_each_entry(cb, &create_callbacks, list) + cb->cb(ses, cb->priv); + return ses; } @@ -288,20 +386,37 @@ uh_id_len(const char *str) } static int -rpc_session_grant(struct rpc_session *ses, struct ubus_context *ctx, - const char *object, const char *function) +rpc_session_grant(struct rpc_session *ses, + const char *scope, const char *object, const char *function) { struct rpc_session_acl *acl; - char *new_obj, *new_func, *new_id; + struct rpc_session_acl_scope *acl_scope; + char *new_scope, *new_obj, *new_func, *new_id; int id_len; if (!object || !function) return UBUS_STATUS_INVALID_ARGUMENT; - uh_foreach_matching_acl_prefix(acl, ses, object, function) { - if (!strcmp(acl->object, object) && - !strcmp(acl->function, function)) - return 0; + acl_scope = avl_find_element(&ses->acls, scope, acl_scope, avl); + + if (acl_scope) { + uh_foreach_matching_acl_prefix(acl, &acl_scope->acls, object, function) { + if (!strcmp(acl->object, object) && + !strcmp(acl->function, function)) + return 0; + } + } + + if (!acl_scope) { + acl_scope = calloc_a(sizeof(*acl_scope), + &new_scope, strlen(scope) + 1); + + if (!acl_scope) + return UBUS_STATUS_UNKNOWN_ERROR; + + acl_scope->avl.key = strcpy(new_scope, scope); + avl_init(&acl_scope->acls, avl_strcmp, true, NULL); + avl_insert(&ses->acls, &acl_scope->avl); } id_len = uh_id_len(object); @@ -316,22 +431,30 @@ rpc_session_grant(struct rpc_session *ses, struct ubus_context *ctx, acl->object = strcpy(new_obj, object); acl->function = strcpy(new_func, function); acl->avl.key = strncpy(new_id, object, id_len); - avl_insert(&ses->acls, &acl->avl); + avl_insert(&acl_scope->acls, &acl->avl); return 0; } static int -rpc_session_revoke(struct rpc_session *ses, struct ubus_context *ctx, - const char *object, const char *function) +rpc_session_revoke(struct rpc_session *ses, + const char *scope, const char *object, const char *function) { struct rpc_session_acl *acl, *next; + struct rpc_session_acl_scope *acl_scope; int id_len; char *id; + acl_scope = avl_find_element(&ses->acls, scope, acl_scope, avl); + + if (!acl_scope) + return 0; + if (!object && !function) { - avl_remove_all_elements(&ses->acls, acl, avl, next) + avl_remove_all_elements(&acl_scope->acls, acl, avl, next) free(acl); + avl_delete(&ses->acls, &acl_scope->avl); + free(acl_scope); return 0; } @@ -340,9 +463,9 @@ rpc_session_revoke(struct rpc_session *ses, struct ubus_context *ctx, strncpy(id, object, id_len); id[id_len] = 0; - acl = avl_find_element(&ses->acls, id, acl, avl); + acl = avl_find_element(&acl_scope->acls, id, acl, avl); while (acl) { - if (!avl_is_last(&ses->acls, &acl->avl)) + if (!avl_is_last(&acl_scope->acls, &acl->avl)) next = avl_next_element(acl, avl); else next = NULL; @@ -352,12 +475,17 @@ rpc_session_revoke(struct rpc_session *ses, struct ubus_context *ctx, if (!strcmp(acl->object, object) && !strcmp(acl->function, function)) { - avl_delete(&ses->acls, &acl->avl); + avl_delete(&acl_scope->acls, &acl->avl); free(acl); } acl = next; } + if (avl_is_empty(&acl_scope->acls)) { + avl_delete(&ses->acls, &acl_scope->avl); + free(acl_scope); + } + return 0; } @@ -371,10 +499,11 @@ rpc_handle_acl(struct ubus_context *ctx, struct ubus_object *obj, struct blob_attr *tb[__RPC_SA_MAX]; struct blob_attr *attr, *sattr; const char *object, *function; + const char *scope = "ubus"; int rem1, rem2; - int (*cb)(struct rpc_session *ses, struct ubus_context *ctx, - const char *object, const char *function); + int (*cb)(struct rpc_session *ses, + const char *scope, const char *object, const char *function); blobmsg_parse(acl_policy, __RPC_SA_MAX, tb, blob_data(msg), blob_len(msg)); @@ -385,23 +514,26 @@ rpc_handle_acl(struct ubus_context *ctx, struct ubus_object *obj, if (!ses) return UBUS_STATUS_NOT_FOUND; + if (tb[RPC_SA_SCOPE]) + scope = blobmsg_data(tb[RPC_SA_SCOPE]); + if (!strcmp(method, "grant")) cb = rpc_session_grant; else cb = rpc_session_revoke; if (!tb[RPC_SA_OBJECTS]) - return cb(ses, ctx, NULL, NULL); + return cb(ses, scope, NULL, NULL); blobmsg_for_each_attr(attr, tb[RPC_SA_OBJECTS], rem1) { - if (blob_id(attr) != BLOBMSG_TYPE_ARRAY) + if (blobmsg_type(attr) != BLOBMSG_TYPE_ARRAY) continue; object = NULL; function = NULL; blobmsg_for_each_attr(sattr, attr, rem2) { - if (blob_id(sattr) != BLOBMSG_TYPE_STRING) + if (blobmsg_type(sattr) != BLOBMSG_TYPE_STRING) continue; if (!object) @@ -413,19 +545,25 @@ rpc_handle_acl(struct ubus_context *ctx, struct ubus_object *obj, } if (object && function) - cb(ses, ctx, object, function); + cb(ses, scope, object, function); } return 0; } static bool -rpc_session_acl_allowed(struct rpc_session *ses, const char *obj, const char *fun) +rpc_session_acl_allowed(struct rpc_session *ses, const char *scope, + const char *obj, const char *fun) { struct rpc_session_acl *acl; + struct rpc_session_acl_scope *acl_scope; - uh_foreach_matching_acl(acl, ses, obj, fun) - return true; + acl_scope = avl_find_element(&ses->acls, scope, acl_scope, avl); + + if (acl_scope) { + uh_foreach_matching_acl(acl, &acl_scope->acls, obj, fun) + return true; + } return false; } @@ -437,6 +575,7 @@ rpc_handle_access(struct ubus_context *ctx, struct ubus_object *obj, { struct rpc_session *ses; struct blob_attr *tb[__RPC_SP_MAX]; + const char *scope = "ubus"; bool allow; blobmsg_parse(perm_policy, __RPC_SP_MAX, tb, blob_data(msg), blob_len(msg)); @@ -448,7 +587,10 @@ rpc_handle_access(struct ubus_context *ctx, struct ubus_object *obj, if (!ses) return UBUS_STATUS_NOT_FOUND; - allow = rpc_session_acl_allowed(ses, + if (tb[RPC_SP_SCOPE]) + scope = blobmsg_data(tb[RPC_SP_SCOPE]); + + allow = rpc_session_acl_allowed(ses, scope, blobmsg_data(tb[RPC_SP_OBJECT]), blobmsg_data(tb[RPC_SP_FUNCTION])); @@ -459,14 +601,33 @@ rpc_handle_access(struct ubus_context *ctx, struct ubus_object *obj, return 0; } +static void +rpc_session_set(struct rpc_session *ses, const char *key, struct blob_attr *val) +{ + struct rpc_session_data *data; + + data = avl_find_element(&ses->data, key, data, avl); + if (data) { + avl_delete(&ses->data, &data->avl); + free(data); + } + + data = calloc(1, sizeof(*data) + blob_pad_len(val)); + if (!data) + return; + + memcpy(data->attr, val, blob_pad_len(val)); + data->avl.key = blobmsg_name(data->attr); + avl_insert(&ses->data, &data->avl); +} + static int rpc_handle_set(struct ubus_context *ctx, struct ubus_object *obj, struct ubus_request_data *req, const char *method, struct blob_attr *msg) { struct rpc_session *ses; - struct rpc_session_data *data; - struct blob_attr *tb[__RPC_SA_MAX]; + struct blob_attr *tb[__RPC_SS_MAX]; struct blob_attr *attr; int rem; @@ -483,19 +644,7 @@ rpc_handle_set(struct ubus_context *ctx, struct ubus_object *obj, if (!blobmsg_name(attr)[0]) continue; - data = avl_find_element(&ses->data, blobmsg_name(attr), data, avl); - if (data) { - avl_delete(&ses->data, &data->avl); - free(data); - } - - data = calloc(1, sizeof(*data) + blob_pad_len(attr)); - if (!data) - break; - - memcpy(data->attr, attr, blob_pad_len(attr)); - data->avl.key = blobmsg_name(data->attr); - avl_insert(&ses->data, &data->avl); + rpc_session_set(ses, blobmsg_name(attr), attr); } return 0; @@ -508,7 +657,7 @@ rpc_handle_get(struct ubus_context *ctx, struct ubus_object *obj, { struct rpc_session *ses; struct rpc_session_data *data; - struct blob_attr *tb[__RPC_SA_MAX]; + struct blob_attr *tb[__RPC_SG_MAX]; struct blob_attr *attr; void *c; int rem; @@ -525,24 +674,22 @@ rpc_handle_get(struct ubus_context *ctx, struct ubus_object *obj, blob_buf_init(&buf, 0); c = blobmsg_open_table(&buf, "values"); - if (!tb[RPC_SG_KEYS]) { - rpc_session_dump_data(ses, &buf); - return 0; - } - - blobmsg_for_each_attr(attr, tb[RPC_SG_KEYS], rem) { - if (blob_id(attr) != BLOBMSG_TYPE_STRING) - continue; + if (tb[RPC_SG_KEYS]) + blobmsg_for_each_attr(attr, tb[RPC_SG_KEYS], rem) { + if (blobmsg_type(attr) != BLOBMSG_TYPE_STRING) + continue; - data = avl_find_element(&ses->data, blobmsg_data(attr), data, avl); - if (!data) - continue; + data = avl_find_element(&ses->data, blobmsg_data(attr), data, avl); + if (!data) + continue; - blobmsg_add_field(&buf, blobmsg_type(data->attr), - blobmsg_name(data->attr), - blobmsg_data(data->attr), - blobmsg_data_len(data->attr)); - } + blobmsg_add_field(&buf, blobmsg_type(data->attr), + blobmsg_name(data->attr), + blobmsg_data(data->attr), + blobmsg_data_len(data->attr)); + } + else + rpc_session_dump_data(ses, &buf); blobmsg_close_table(&buf, c); ubus_send_reply(ctx, req, buf.head); @@ -577,7 +724,7 @@ rpc_handle_unset(struct ubus_context *ctx, struct ubus_object *obj, } blobmsg_for_each_attr(attr, tb[RPC_SG_KEYS], rem) { - if (blob_id(attr) != BLOBMSG_TYPE_STRING) + if (blobmsg_type(attr) != BLOBMSG_TYPE_STRING) continue; data = avl_find_element(&ses->data, blobmsg_data(attr), data, avl); @@ -604,6 +751,9 @@ rpc_handle_destroy(struct ubus_context *ctx, struct ubus_object *obj, if (!tb) return UBUS_STATUS_INVALID_ARGUMENT; + if (!strcmp(blobmsg_get_string(tb), RPC_DEFAULT_SESSION_ID)) + return UBUS_STATUS_PERMISSION_DENIED; + ses = rpc_session_get(blobmsg_data(tb)); if (!ses) return UBUS_STATUS_NOT_FOUND; @@ -613,8 +763,494 @@ rpc_handle_destroy(struct ubus_context *ctx, struct ubus_object *obj, return 0; } + +static bool +rpc_login_test_password(const char *hash, const char *password) +{ + char *crypt_hash; + + /* password is not set */ + if (!hash || !*hash || !strcmp(hash, "!") || !strcmp(hash, "x")) + { + return true; + } + + /* password hash refers to shadow/passwd */ + else if (!strncmp(hash, "$p$", 3)) + { +#ifdef HAVE_SHADOW + struct spwd *sp = getspnam(hash + 3); + + if (!sp) + return false; + + return rpc_login_test_password(sp->sp_pwdp, password); +#else + struct passwd *pw = getpwnam(hash + 3); + + if (!pw) + return false; + + return rpc_login_test_password(pw->pw_passwd, password); +#endif + } + + crypt_hash = crypt(password, hash); + + return !strcmp(crypt_hash, hash); +} + +static struct uci_section * +rpc_login_test_login(struct uci_context *uci, + const char *username, const char *password) +{ + struct uci_package *p = NULL; + struct uci_section *s; + struct uci_element *e; + struct uci_ptr ptr = { .package = "rpcd" }; + + uci_load(uci, ptr.package, &p); + + if (!p) + return false; + + uci_foreach_element(&p->sections, e) + { + s = uci_to_section(e); + + if (strcmp(s->type, "login")) + continue; + + ptr.section = s->e.name; + ptr.s = NULL; + + /* test for matching username */ + ptr.option = "username"; + ptr.o = NULL; + + if (uci_lookup_ptr(uci, &ptr, NULL, true)) + continue; + + if (ptr.o->type != UCI_TYPE_STRING) + continue; + + if (strcmp(ptr.o->v.string, username)) + continue; + + /* If password is NULL, we're restoring ACLs for an existing session, + * in this case do not check the password again. */ + if (!password) + return ptr.s; + + /* test for matching password */ + ptr.option = "password"; + ptr.o = NULL; + + if (uci_lookup_ptr(uci, &ptr, NULL, true)) + continue; + + if (ptr.o->type != UCI_TYPE_STRING) + continue; + + if (rpc_login_test_password(ptr.o->v.string, password)) + return ptr.s; + } + + return NULL; +} + +static bool +rpc_login_test_permission(struct uci_section *s, + const char *perm, const char *group) +{ + const char *p; + struct uci_option *o; + struct uci_element *e, *l; + + /* If the login section is not provided, we're setting up acls for the + * default session, in this case uncondionally allow access to the + * "unauthenticated" access group */ + if (!s) { + return !strcmp(group, "unauthenticated"); + } + + uci_foreach_element(&s->options, e) + { + o = uci_to_option(e); + + if (o->type != UCI_TYPE_LIST) + continue; + + if (strcmp(o->e.name, perm)) + continue; + + /* Match negative expressions first. If a negative expression matches + * the current group name then deny access. */ + uci_foreach_element(&o->v.list, l) { + p = l->name; + + if (!p || *p != '!') + continue; + + while (isspace(*++p)); + + if (!*p) + continue; + + if (!fnmatch(p, group, 0)) + return false; + } + + uci_foreach_element(&o->v.list, l) { + if (!l->name || !*l->name || *l->name == '!') + continue; + + if (!fnmatch(l->name, group, 0)) + return true; + } + } + + /* make sure that write permission implies read permission */ + if (!strcmp(perm, "read")) + return rpc_login_test_permission(s, "write", group); + + return false; +} + +static void +rpc_login_setup_acl_scope(struct rpc_session *ses, + struct blob_attr *acl_perm, + struct blob_attr *acl_scope) +{ + struct blob_attr *acl_obj, *acl_func; + int rem, rem2; + + /* + * Parse ACL scopes in table notation. + * + * "": { + * "": [ + * "", + * "", + * ... + * ] + * } + */ + if (blobmsg_type(acl_scope) == BLOBMSG_TYPE_TABLE) { + blobmsg_for_each_attr(acl_obj, acl_scope, rem) { + if (blobmsg_type(acl_obj) != BLOBMSG_TYPE_ARRAY) + continue; + + blobmsg_for_each_attr(acl_func, acl_obj, rem2) { + if (blobmsg_type(acl_func) != BLOBMSG_TYPE_STRING) + continue; + + rpc_session_grant(ses, blobmsg_name(acl_scope), + blobmsg_name(acl_obj), + blobmsg_data(acl_func)); + } + } + } + + /* + * Parse ACL scopes in array notation. The permission ("read" or "write") + * will be used as function name for each object. + * + * "": [ + * "", + * "", + * ... + * ] + */ + else if (blobmsg_type(acl_scope) == BLOBMSG_TYPE_ARRAY) { + blobmsg_for_each_attr(acl_obj, acl_scope, rem) { + if (blobmsg_type(acl_obj) != BLOBMSG_TYPE_STRING) + continue; + + rpc_session_grant(ses, blobmsg_name(acl_scope), + blobmsg_data(acl_obj), + blobmsg_name(acl_perm)); + } + } +} + +static void +rpc_login_setup_acl_file(struct rpc_session *ses, struct uci_section *login, + const char *path) +{ + struct blob_buf acl = { 0 }; + struct blob_attr *acl_group, *acl_perm, *acl_scope; + int rem, rem2, rem3; + + blob_buf_init(&acl, 0); + + if (!blobmsg_add_json_from_file(&acl, path)) { + fprintf(stderr, "Failed to parse %s\n", path); + goto out; + } + + /* Iterate access groups in toplevel object */ + blob_for_each_attr(acl_group, acl.head, rem) { + /* Iterate permission objects in each access group object */ + blobmsg_for_each_attr(acl_perm, acl_group, rem2) { + if (blobmsg_type(acl_perm) != BLOBMSG_TYPE_TABLE) + continue; + + /* Only "read" and "write" permissions are defined */ + if (strcmp(blobmsg_name(acl_perm), "read") && + strcmp(blobmsg_name(acl_perm), "write")) + continue; + + /* + * Check if the current user context specifies the current + * "read" or "write" permission in the given access group. + */ + if (!rpc_login_test_permission(login, blobmsg_name(acl_perm), + blobmsg_name(acl_group))) + continue; + + /* Iterate scope objects within the permission object */ + blobmsg_for_each_attr(acl_scope, acl_perm, rem3) { + /* Setup the scopes of the access group */ + rpc_login_setup_acl_scope(ses, acl_perm, acl_scope); + + /* + * Add the access group itself as object to the "access-group" + * meta scope and the the permission level ("read" or "write") + * as function, so + * "": { + * "": { + * "": ... + * } + * } + * becomes + * "access-group": { + * "": [ + * "" + * ] + * } + * + * This allows session clients to easily query the allowed + * access groups without having to test access of each single + * // tuple defined in a group. + */ + rpc_session_grant(ses, "access-group", + blobmsg_name(acl_group), + blobmsg_name(acl_perm)); + } + } + } + +out: + blob_buf_free(&acl); +} + +static void +rpc_login_setup_acls(struct rpc_session *ses, struct uci_section *login) +{ + int i; + glob_t gl; + + if (glob(RPC_SESSION_ACL_DIR "/*.json", 0, NULL, &gl)) + return; + + for (i = 0; i < gl.gl_pathc; i++) + rpc_login_setup_acl_file(ses, login, gl.gl_pathv[i]); + + globfree(&gl); +} + +static int +rpc_handle_login(struct ubus_context *ctx, struct ubus_object *obj, + struct ubus_request_data *req, const char *method, + struct blob_attr *msg) +{ + struct uci_context *uci = NULL; + struct uci_section *login; + struct rpc_session *ses; + struct blob_attr *tb[__RPC_L_MAX]; + int timeout = RPC_DEFAULT_SESSION_TIMEOUT; + int rv = 0; + + blobmsg_parse(login_policy, __RPC_L_MAX, tb, blob_data(msg), blob_len(msg)); + + if (!tb[RPC_L_USERNAME] || !tb[RPC_L_PASSWORD]) { + rv = UBUS_STATUS_INVALID_ARGUMENT; + goto out; + } + + uci = uci_alloc_context(); + + if (!uci) { + rv = UBUS_STATUS_UNKNOWN_ERROR; + goto out; + } + + login = rpc_login_test_login(uci, blobmsg_get_string(tb[RPC_L_USERNAME]), + blobmsg_get_string(tb[RPC_L_PASSWORD])); + + if (!login) { + rv = UBUS_STATUS_PERMISSION_DENIED; + goto out; + } + + if (tb[RPC_L_TIMEOUT]) + timeout = blobmsg_get_u32(tb[RPC_L_TIMEOUT]); + + ses = rpc_session_create(timeout); + + if (!ses) { + rv = UBUS_STATUS_UNKNOWN_ERROR; + goto out; + } + + rpc_login_setup_acls(ses, login); + + rpc_session_set(ses, "user", tb[RPC_L_USERNAME]); + rpc_session_dump(ses, ctx, req); + +out: + if (uci) + uci_free_context(uci); + + return rv; +} + + +static bool +rpc_validate_sid(const char *id) +{ + if (!id) + return false; + + if (strlen(id) != RPC_SID_LEN) + return false; + + while (*id) + if (!isxdigit(*id++)) + return false; + + return true; +} + +static int +rpc_blob_to_file(const char *path, struct blob_attr *attr) +{ + int fd, len; + + fd = open(path, O_WRONLY | O_CREAT | O_EXCL, 0600); + + if (fd < 0) + return fd; + + len = write(fd, attr, blob_pad_len(attr)); + + close(fd); + + if (len != blob_pad_len(attr)) + { + unlink(path); + return -1; + } + + return len; +} + +static struct blob_attr * +rpc_blob_from_file(const char *path) +{ + int fd = -1, len; + struct stat s; + struct blob_attr head, *attr = NULL; + + if (stat(path, &s) || !S_ISREG(s.st_mode)) + return NULL; + + fd = open(path, O_RDONLY); + + if (fd < 0) + goto fail; + + len = read(fd, &head, sizeof(head)); + + if (len != sizeof(head) || blob_pad_len(&head) != s.st_size) + goto fail; + + attr = calloc(1, s.st_size); + + if (!attr) + goto fail; + + memcpy(attr, &head, sizeof(head)); + + len += read(fd, (char *)attr + sizeof(head), s.st_size - sizeof(head)); + + if (len != blob_pad_len(&head)) + goto fail; + + close(fd); + + return attr; + +fail: + if (fd >= 0) + close(fd); + + if (attr) + free(attr); + + return NULL; +} + +static bool +rpc_session_from_blob(struct uci_context *uci, struct blob_attr *attr) +{ + int i, rem; + const char *user = NULL; + struct rpc_session *ses; + struct uci_section *login; + struct blob_attr *tb[__RPC_DUMP_MAX], *data; + + blobmsg_parse(dump_policy, __RPC_DUMP_MAX, tb, + blob_data(attr), blob_len(attr)); + + for (i = 0; i < __RPC_DUMP_MAX; i++) + if (!tb[i]) + return false; + + ses = rpc_session_new(); + + if (!ses) + return false; + + memcpy(ses->id, blobmsg_data(tb[RPC_DUMP_SID]), RPC_SID_LEN); + + ses->timeout = blobmsg_get_u32(tb[RPC_DUMP_TIMEOUT]); + + blobmsg_for_each_attr(data, tb[RPC_DUMP_DATA], rem) { + rpc_session_set(ses, blobmsg_name(data), data); + + if (!strcmp(blobmsg_name(data), "username")) + user = blobmsg_get_string(data); + } + + if (uci && user) { + login = rpc_login_test_login(uci, user, NULL); + if (login) + rpc_login_setup_acls(ses, login); + } + + avl_insert(&sessions, &ses->avl); + + uloop_timeout_set(&ses->t, blobmsg_get_u32(tb[RPC_DUMP_EXPIRES]) * 1000); + + return true; +} + int rpc_session_api_init(struct ubus_context *ctx) { + struct rpc_session *ses; + static const struct ubus_method session_methods[] = { UBUS_METHOD("create", rpc_handle_create, &new_policy), UBUS_METHOD("list", rpc_handle_list, &sid_policy), @@ -625,6 +1261,7 @@ int rpc_session_api_init(struct ubus_context *ctx) UBUS_METHOD("get", rpc_handle_get, get_policy), UBUS_METHOD("unset", rpc_handle_unset, get_policy), UBUS_METHOD("destroy", rpc_handle_destroy, &sid_policy), + UBUS_METHOD("login", rpc_handle_login, login_policy), }; static struct ubus_object_type session_type = @@ -639,5 +1276,97 @@ int rpc_session_api_init(struct ubus_context *ctx) avl_init(&sessions, avl_strcmp, false, NULL); + /* setup the default session */ + ses = rpc_session_new(); + + if (ses) { + strcpy(ses->id, RPC_DEFAULT_SESSION_ID); + rpc_login_setup_acls(ses, NULL); + avl_insert(&sessions, &ses->avl); + } + return ubus_add_object(ctx, &obj); } + +bool rpc_session_access(const char *sid, const char *scope, + const char *object, const char *function) +{ + struct rpc_session *ses = rpc_session_get(sid); + + if (!ses) + return false; + + return rpc_session_acl_allowed(ses, scope, object, function); +} + +void rpc_session_create_cb(struct rpc_session_cb *cb) +{ + if (cb && cb->cb) + list_add(&cb->list, &create_callbacks); +} + +void rpc_session_destroy_cb(struct rpc_session_cb *cb) +{ + if (cb && cb->cb) + list_add(&cb->list, &destroy_callbacks); +} + +void rpc_session_freeze(void) +{ + struct stat s; + struct rpc_session *ses; + char path[PATH_MAX]; + + if (stat(RPC_SESSION_DIRECTORY, &s)) + mkdir(RPC_SESSION_DIRECTORY, 0700); + + avl_for_each_element(&sessions, ses, avl) { + /* skip default session */ + if (!strcmp(ses->id, RPC_DEFAULT_SESSION_ID)) + continue; + + snprintf(path, sizeof(path) - 1, RPC_SESSION_DIRECTORY "/%s", ses->id); + rpc_session_to_blob(ses, false); + rpc_blob_to_file(path, buf.head); + } +} + +void rpc_session_thaw(void) +{ + DIR *d; + char path[PATH_MAX]; + struct dirent *e; + struct blob_attr *attr; + struct uci_context *uci; + + d = opendir(RPC_SESSION_DIRECTORY); + + if (!d) + return; + + uci = uci_alloc_context(); + + if (!uci) + return; + + while ((e = readdir(d)) != NULL) { + if (!rpc_validate_sid(e->d_name)) + continue; + + snprintf(path, sizeof(path) - 1, + RPC_SESSION_DIRECTORY "/%s", e->d_name); + + attr = rpc_blob_from_file(path); + + if (attr) { + rpc_session_from_blob(uci, attr); + free(attr); + } + + unlink(path); + } + + closedir(d); + + uci_free_context(uci); +}