X-Git-Url: http://git.archive.openwrt.org/?p=project%2Frpcd.git;a=blobdiff_plain;f=session.c;h=3ed45197ab9d039e89a189f6bb5c152fa60c61a8;hp=09f410486202ee6131c0a4b2c0a0d4e08561697b;hb=HEAD;hpb=3c55504336eb04a779515f0acff8ecbeea4a3d53 diff --git a/session.c b/session.c index 09f4104..3ed4519 100644 --- a/session.c +++ b/session.c @@ -40,12 +40,20 @@ static struct blob_buf buf; static LIST_HEAD(create_callbacks); static LIST_HEAD(destroy_callbacks); -static const struct blobmsg_policy new_policy = { - .name = "timeout", .type = BLOBMSG_TYPE_INT32 +enum { + RPC_SN_TIMEOUT, + __RPC_SN_MAX, +}; +static const struct blobmsg_policy new_policy[__RPC_SN_MAX] = { + [RPC_SN_TIMEOUT] = { .name = "timeout", .type = BLOBMSG_TYPE_INT32 }, }; -static const struct blobmsg_policy sid_policy = { - .name = "ubus_rpc_session", .type = BLOBMSG_TYPE_STRING +enum { + RPC_SI_SID, + __RPC_SI_MAX, +}; +static const struct blobmsg_policy sid_policy[__RPC_SI_MAX] = { + [RPC_SI_SID] = { .name = "ubus_rpc_session", .type = BLOBMSG_TYPE_STRING }, }; enum { @@ -138,22 +146,28 @@ static const struct blobmsg_policy login_policy[__RPC_L_MAX] = { !fnmatch((_acl)->object, (_obj), FNM_NOESCAPE) && \ !fnmatch((_acl)->function, (_func), FNM_NOESCAPE)) -static void +static int rpc_random(char *dest) { unsigned char buf[16] = { 0 }; FILE *f; int i; + int ret; f = fopen("/dev/urandom", "r"); if (!f) - return; + return -1; - fread(buf, 1, sizeof(buf), f); + ret = fread(buf, 1, sizeof(buf), f); fclose(f); + if (ret < 0) + return ret; + for (i = 0; i < sizeof(buf); i++) sprintf(dest + (i<<1), "%02x", buf[i]); + + return 0; } static void @@ -308,7 +322,8 @@ rpc_session_create(int timeout) if (!ses) return NULL; - rpc_random(ses->id); + if (rpc_random(ses->id)) + return NULL; ses->timeout = timeout; @@ -344,7 +359,7 @@ rpc_handle_create(struct ubus_context *ctx, struct ubus_object *obj, struct blob_attr *tb; int timeout = RPC_DEFAULT_SESSION_TIMEOUT; - blobmsg_parse(&new_policy, 1, &tb, blob_data(msg), blob_len(msg)); + blobmsg_parse(new_policy, __RPC_SN_MAX, &tb, blob_data(msg), blob_len(msg)); if (tb) timeout = blobmsg_get_u32(tb); @@ -363,7 +378,7 @@ rpc_handle_list(struct ubus_context *ctx, struct ubus_object *obj, struct rpc_session *ses; struct blob_attr *tb; - blobmsg_parse(&sid_policy, 1, &tb, blob_data(msg), blob_len(msg)); + blobmsg_parse(sid_policy, __RPC_SI_MAX, &tb, blob_data(msg), blob_len(msg)); if (!tb) { avl_for_each_element(&sessions, ses, avl) @@ -612,11 +627,11 @@ rpc_handle_access(struct ubus_context *ctx, struct ubus_object *obj, } static void -rpc_session_set(struct rpc_session *ses, const char *key, struct blob_attr *val) +rpc_session_set(struct rpc_session *ses, struct blob_attr *val) { struct rpc_session_data *data; - data = avl_find_element(&ses->data, key, data, avl); + data = avl_find_element(&ses->data, blobmsg_name(val), data, avl); if (data) { avl_delete(&ses->data, &data->avl); free(data); @@ -654,7 +669,7 @@ rpc_handle_set(struct ubus_context *ctx, struct ubus_object *obj, if (!blobmsg_name(attr)[0]) continue; - rpc_session_set(ses, blobmsg_name(attr), attr); + rpc_session_set(ses, attr); } return 0; @@ -756,7 +771,7 @@ rpc_handle_destroy(struct ubus_context *ctx, struct ubus_object *obj, struct rpc_session *ses; struct blob_attr *tb; - blobmsg_parse(&sid_policy, 1, &tb, blob_data(msg), blob_len(msg)); + blobmsg_parse(sid_policy, __RPC_SI_MAX, &tb, blob_data(msg), blob_len(msg)); if (!tb) return UBUS_STATUS_INVALID_ARGUMENT; @@ -1070,6 +1085,31 @@ rpc_login_setup_acls(struct rpc_session *ses, struct uci_section *login) globfree(&gl); } +static struct rpc_session * +rpc_reclaim_apply_session(const char *expected_username) +{ + struct rpc_session_data *username; + struct rpc_session *ses; + + if (!apply_sid[0]) + return NULL; + + ses = rpc_session_get(apply_sid); + + if (!ses) + return NULL; + + username = avl_find_element(&ses->data, "username", username, avl); + + if (!username || blobmsg_type(username->attr) != BLOBMSG_TYPE_STRING) + return NULL; + + if (strcmp(blobmsg_get_string(username->attr), expected_username)) + return NULL; + + return ses; +} + static int rpc_handle_login(struct ubus_context *ctx, struct ubus_object *obj, struct ubus_request_data *req, const char *method, @@ -1107,7 +1147,15 @@ rpc_handle_login(struct ubus_context *ctx, struct ubus_object *obj, if (tb[RPC_L_TIMEOUT]) timeout = blobmsg_get_u32(tb[RPC_L_TIMEOUT]); - ses = rpc_session_create(timeout); + /* + * attempt to reclaim a pending apply session, but only accept it + * if the username matches, otherwise perform a new login + */ + + ses = rpc_reclaim_apply_session(blobmsg_get_string(tb[RPC_L_USERNAME])); + + if (!ses) + ses = rpc_session_create(timeout); if (!ses) { rv = UBUS_STATUS_UNKNOWN_ERROR; @@ -1116,7 +1164,7 @@ rpc_handle_login(struct ubus_context *ctx, struct ubus_object *obj, rpc_login_setup_acls(ses, login); - rpc_session_set(ses, "user", tb[RPC_L_USERNAME]); + rpc_session_set(ses, tb[RPC_L_USERNAME]); rpc_session_dump(ses, ctx, req); out: @@ -1238,7 +1286,10 @@ rpc_session_from_blob(struct uci_context *uci, struct blob_attr *attr) ses->timeout = blobmsg_get_u32(tb[RPC_DUMP_TIMEOUT]); blobmsg_for_each_attr(data, tb[RPC_DUMP_DATA], rem) { - rpc_session_set(ses, blobmsg_name(data), data); + rpc_session_set(ses, data); + + if (blobmsg_type(data) != BLOBMSG_TYPE_STRING) + continue; if (!strcmp(blobmsg_name(data), "username")) user = blobmsg_get_string(data); @@ -1262,15 +1313,15 @@ int rpc_session_api_init(struct ubus_context *ctx) struct rpc_session *ses; static const struct ubus_method session_methods[] = { - UBUS_METHOD("create", rpc_handle_create, &new_policy), - UBUS_METHOD("list", rpc_handle_list, &sid_policy), + UBUS_METHOD("create", rpc_handle_create, new_policy), + UBUS_METHOD("list", rpc_handle_list, sid_policy), UBUS_METHOD("grant", rpc_handle_acl, acl_policy), UBUS_METHOD("revoke", rpc_handle_acl, acl_policy), UBUS_METHOD("access", rpc_handle_access, perm_policy), UBUS_METHOD("set", rpc_handle_set, set_policy), UBUS_METHOD("get", rpc_handle_get, get_policy), UBUS_METHOD("unset", rpc_handle_unset, get_policy), - UBUS_METHOD("destroy", rpc_handle_destroy, &sid_policy), + UBUS_METHOD("destroy", rpc_handle_destroy, sid_policy), UBUS_METHOD("login", rpc_handle_login, login_policy), };