2 * rpcd - UBUS RPC server
4 * Copyright (C) 2013 Felix Fietkau <nbd@openwrt.org>
5 * Copyright (C) 2013 Jo-Philipp Wich <jow@openwrt.org>
7 * Permission to use, copy, modify, and/or distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 #define _GNU_SOURCE /* crypt() */
22 #include <libubox/avl-cmp.h>
23 #include <libubox/blobmsg.h>
24 #include <libubox/utils.h>
34 #include <rpcd/session.h>
36 static struct avl_tree sessions;
37 static struct blob_buf buf;
39 static LIST_HEAD(create_callbacks);
40 static LIST_HEAD(destroy_callbacks);
42 static const struct blobmsg_policy new_policy = {
43 .name = "timeout", .type = BLOBMSG_TYPE_INT32
46 static const struct blobmsg_policy sid_policy = {
47 .name = "sid", .type = BLOBMSG_TYPE_STRING
55 static const struct blobmsg_policy set_policy[__RPC_SS_MAX] = {
56 [RPC_SS_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING },
57 [RPC_SS_VALUES] = { .name = "values", .type = BLOBMSG_TYPE_TABLE },
65 static const struct blobmsg_policy get_policy[__RPC_SG_MAX] = {
66 [RPC_SG_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING },
67 [RPC_SG_KEYS] = { .name = "keys", .type = BLOBMSG_TYPE_ARRAY },
76 static const struct blobmsg_policy acl_policy[__RPC_SA_MAX] = {
77 [RPC_SA_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING },
78 [RPC_SA_SCOPE] = { .name = "scope", .type = BLOBMSG_TYPE_STRING },
79 [RPC_SA_OBJECTS] = { .name = "objects", .type = BLOBMSG_TYPE_ARRAY },
89 static const struct blobmsg_policy perm_policy[__RPC_SP_MAX] = {
90 [RPC_SP_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING },
91 [RPC_SP_SCOPE] = { .name = "scope", .type = BLOBMSG_TYPE_STRING },
92 [RPC_SP_OBJECT] = { .name = "object", .type = BLOBMSG_TYPE_STRING },
93 [RPC_SP_FUNCTION] = { .name = "function", .type = BLOBMSG_TYPE_STRING },
103 static const struct blobmsg_policy dump_policy[__RPC_DUMP_MAX] = {
104 [RPC_DUMP_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING },
105 [RPC_DUMP_TIMEOUT] = { .name = "timeout", .type = BLOBMSG_TYPE_INT32 },
106 [RPC_DUMP_EXPIRES] = { .name = "expires", .type = BLOBMSG_TYPE_INT32 },
107 [RPC_DUMP_DATA] = { .name = "data", .type = BLOBMSG_TYPE_TABLE },
116 static const struct blobmsg_policy login_policy[__RPC_L_MAX] = {
117 [RPC_L_USERNAME] = { .name = "username", .type = BLOBMSG_TYPE_STRING },
118 [RPC_L_PASSWORD] = { .name = "password", .type = BLOBMSG_TYPE_STRING },
119 [RPC_L_TIMEOUT] = { .name = "timeout", .type = BLOBMSG_TYPE_INT32 },
123 * Keys in the AVL tree contain all pattern characters up to the first wildcard.
124 * To look up entries, start with the last entry that has a key less than or
125 * equal to the method name, then work backwards as long as the AVL key still
126 * matches its counterpart in the object name
128 #define uh_foreach_matching_acl_prefix(_acl, _avl, _obj, _func) \
129 for (_acl = avl_find_le_element(_avl, _obj, _acl, avl); \
131 _acl = avl_is_first(_avl, &(_acl)->avl) ? NULL : \
132 avl_prev_element((_acl), avl))
134 #define uh_foreach_matching_acl(_acl, _avl, _obj, _func) \
135 uh_foreach_matching_acl_prefix(_acl, _avl, _obj, _func) \
136 if (!strncmp((_acl)->object, _obj, (_acl)->sort_len) && \
137 !fnmatch((_acl)->object, (_obj), FNM_NOESCAPE) && \
138 !fnmatch((_acl)->function, (_func), FNM_NOESCAPE))
141 rpc_random(char *dest)
143 unsigned char buf[16] = { 0 };
147 f = fopen("/dev/urandom", "r");
151 fread(buf, 1, sizeof(buf), f);
154 for (i = 0; i < sizeof(buf); i++)
155 sprintf(dest + (i<<1), "%02x", buf[i]);
159 rpc_session_dump_data(struct rpc_session *ses, struct blob_buf *b)
161 struct rpc_session_data *d;
163 avl_for_each_element(&ses->data, d, avl) {
164 blobmsg_add_field(b, blobmsg_type(d->attr), blobmsg_name(d->attr),
165 blobmsg_data(d->attr), blobmsg_data_len(d->attr));
170 rpc_session_dump_acls(struct rpc_session *ses, struct blob_buf *b)
172 struct rpc_session_acl *acl;
173 struct rpc_session_acl_scope *acl_scope;
174 const char *lastobj = NULL;
175 const char *lastscope = NULL;
176 void *c = NULL, *d = NULL;
178 avl_for_each_element(&ses->acls, acl_scope, avl) {
179 if (!lastscope || strcmp(acl_scope->avl.key, lastscope))
181 if (c) blobmsg_close_table(b, c);
182 c = blobmsg_open_table(b, acl_scope->avl.key);
188 avl_for_each_element(&acl_scope->acls, acl, avl) {
189 if (!lastobj || strcmp(acl->object, lastobj))
191 if (d) blobmsg_close_array(b, d);
192 d = blobmsg_open_array(b, acl->object);
195 blobmsg_add_string(b, NULL, acl->function);
196 lastobj = acl->object;
199 if (d) blobmsg_close_array(b, d);
202 if (c) blobmsg_close_table(b, c);
206 rpc_session_to_blob(struct rpc_session *ses)
210 blob_buf_init(&buf, 0);
212 blobmsg_add_string(&buf, "sid", ses->id);
213 blobmsg_add_u32(&buf, "timeout", ses->timeout);
214 blobmsg_add_u32(&buf, "expires", uloop_timeout_remaining(&ses->t) / 1000);
216 c = blobmsg_open_table(&buf, "data");
217 rpc_session_dump_data(ses, &buf);
218 blobmsg_close_table(&buf, c);
222 rpc_session_dump(struct rpc_session *ses, struct ubus_context *ctx,
223 struct ubus_request_data *req)
225 rpc_session_to_blob(ses);
227 ubus_send_reply(ctx, req, buf.head);
231 rpc_touch_session(struct rpc_session *ses)
233 if (ses->timeout > 0)
234 uloop_timeout_set(&ses->t, ses->timeout * 1000);
238 rpc_session_destroy(struct rpc_session *ses)
240 struct rpc_session_acl *acl, *nacl;
241 struct rpc_session_acl_scope *acl_scope, *nacl_scope;
242 struct rpc_session_data *data, *ndata;
243 struct rpc_session_cb *cb;
245 list_for_each_entry(cb, &destroy_callbacks, list)
246 cb->cb(ses, cb->priv);
248 uloop_timeout_cancel(&ses->t);
250 avl_for_each_element_safe(&ses->acls, acl_scope, avl, nacl_scope) {
251 avl_remove_all_elements(&acl_scope->acls, acl, avl, nacl)
254 avl_delete(&ses->acls, &acl_scope->avl);
258 avl_remove_all_elements(&ses->data, data, avl, ndata)
261 avl_delete(&sessions, &ses->avl);
265 static void rpc_session_timeout(struct uloop_timeout *t)
267 struct rpc_session *ses;
269 ses = container_of(t, struct rpc_session, t);
270 rpc_session_destroy(ses);
273 static struct rpc_session *
274 rpc_session_new(void)
276 struct rpc_session *ses;
278 ses = calloc(1, sizeof(*ses));
283 ses->avl.key = ses->id;
285 avl_init(&ses->acls, avl_strcmp, true, NULL);
286 avl_init(&ses->data, avl_strcmp, false, NULL);
288 ses->t.cb = rpc_session_timeout;
293 static struct rpc_session *
294 rpc_session_create(int timeout)
296 struct rpc_session *ses;
297 struct rpc_session_cb *cb;
299 ses = rpc_session_new();
306 ses->timeout = timeout;
308 avl_insert(&sessions, &ses->avl);
310 rpc_touch_session(ses);
312 list_for_each_entry(cb, &create_callbacks, list)
313 cb->cb(ses, cb->priv);
318 static struct rpc_session *
319 rpc_session_get(const char *id)
321 struct rpc_session *ses;
323 ses = avl_find_element(&sessions, id, ses, avl);
327 rpc_touch_session(ses);
332 rpc_handle_create(struct ubus_context *ctx, struct ubus_object *obj,
333 struct ubus_request_data *req, const char *method,
334 struct blob_attr *msg)
336 struct rpc_session *ses;
337 struct blob_attr *tb;
338 int timeout = RPC_DEFAULT_SESSION_TIMEOUT;
340 blobmsg_parse(&new_policy, 1, &tb, blob_data(msg), blob_len(msg));
342 timeout = blobmsg_get_u32(tb);
344 ses = rpc_session_create(timeout);
346 rpc_session_dump(ses, ctx, req);
352 rpc_handle_list(struct ubus_context *ctx, struct ubus_object *obj,
353 struct ubus_request_data *req, const char *method,
354 struct blob_attr *msg)
356 struct rpc_session *ses;
357 struct blob_attr *tb;
359 blobmsg_parse(&sid_policy, 1, &tb, blob_data(msg), blob_len(msg));
362 avl_for_each_element(&sessions, ses, avl)
363 rpc_session_dump(ses, ctx, req);
367 ses = rpc_session_get(blobmsg_data(tb));
369 return UBUS_STATUS_NOT_FOUND;
371 rpc_session_dump(ses, ctx, req);
377 uh_id_len(const char *str)
379 return strcspn(str, "*?[");
383 rpc_session_grant(struct rpc_session *ses,
384 const char *scope, const char *object, const char *function)
386 struct rpc_session_acl *acl;
387 struct rpc_session_acl_scope *acl_scope;
388 char *new_scope, *new_obj, *new_func, *new_id;
391 if (!object || !function)
392 return UBUS_STATUS_INVALID_ARGUMENT;
394 acl_scope = avl_find_element(&ses->acls, scope, acl_scope, avl);
397 uh_foreach_matching_acl_prefix(acl, &acl_scope->acls, object, function) {
398 if (!strcmp(acl->object, object) &&
399 !strcmp(acl->function, function))
405 acl_scope = calloc_a(sizeof(*acl_scope),
406 &new_scope, strlen(scope) + 1);
409 return UBUS_STATUS_UNKNOWN_ERROR;
411 acl_scope->avl.key = strcpy(new_scope, scope);
412 avl_init(&acl_scope->acls, avl_strcmp, true, NULL);
413 avl_insert(&ses->acls, &acl_scope->avl);
416 id_len = uh_id_len(object);
417 acl = calloc_a(sizeof(*acl),
418 &new_obj, strlen(object) + 1,
419 &new_func, strlen(function) + 1,
420 &new_id, id_len + 1);
423 return UBUS_STATUS_UNKNOWN_ERROR;
425 acl->object = strcpy(new_obj, object);
426 acl->function = strcpy(new_func, function);
427 acl->avl.key = strncpy(new_id, object, id_len);
428 avl_insert(&acl_scope->acls, &acl->avl);
434 rpc_session_revoke(struct rpc_session *ses,
435 const char *scope, const char *object, const char *function)
437 struct rpc_session_acl *acl, *next;
438 struct rpc_session_acl_scope *acl_scope;
442 acl_scope = avl_find_element(&ses->acls, scope, acl_scope, avl);
447 if (!object && !function) {
448 avl_remove_all_elements(&acl_scope->acls, acl, avl, next)
450 avl_delete(&ses->acls, &acl_scope->avl);
455 id_len = uh_id_len(object);
456 id = alloca(id_len + 1);
457 strncpy(id, object, id_len);
460 acl = avl_find_element(&acl_scope->acls, id, acl, avl);
462 if (!avl_is_last(&acl_scope->acls, &acl->avl))
463 next = avl_next_element(acl, avl);
467 if (strcmp(id, acl->avl.key) != 0)
470 if (!strcmp(acl->object, object) &&
471 !strcmp(acl->function, function)) {
472 avl_delete(&acl_scope->acls, &acl->avl);
478 if (avl_is_empty(&acl_scope->acls)) {
479 avl_delete(&ses->acls, &acl_scope->avl);
488 rpc_handle_acl(struct ubus_context *ctx, struct ubus_object *obj,
489 struct ubus_request_data *req, const char *method,
490 struct blob_attr *msg)
492 struct rpc_session *ses;
493 struct blob_attr *tb[__RPC_SA_MAX];
494 struct blob_attr *attr, *sattr;
495 const char *object, *function;
496 const char *scope = "ubus";
499 int (*cb)(struct rpc_session *ses,
500 const char *scope, const char *object, const char *function);
502 blobmsg_parse(acl_policy, __RPC_SA_MAX, tb, blob_data(msg), blob_len(msg));
505 return UBUS_STATUS_INVALID_ARGUMENT;
507 ses = rpc_session_get(blobmsg_data(tb[RPC_SA_SID]));
509 return UBUS_STATUS_NOT_FOUND;
511 if (tb[RPC_SA_SCOPE])
512 scope = blobmsg_data(tb[RPC_SA_SCOPE]);
514 if (!strcmp(method, "grant"))
515 cb = rpc_session_grant;
517 cb = rpc_session_revoke;
519 if (!tb[RPC_SA_OBJECTS])
520 return cb(ses, scope, NULL, NULL);
522 blobmsg_for_each_attr(attr, tb[RPC_SA_OBJECTS], rem1) {
523 if (blob_id(attr) != BLOBMSG_TYPE_ARRAY)
529 blobmsg_for_each_attr(sattr, attr, rem2) {
530 if (blob_id(sattr) != BLOBMSG_TYPE_STRING)
534 object = blobmsg_data(sattr);
536 function = blobmsg_data(sattr);
541 if (object && function)
542 cb(ses, scope, object, function);
549 rpc_session_acl_allowed(struct rpc_session *ses, const char *scope,
550 const char *obj, const char *fun)
552 struct rpc_session_acl *acl;
553 struct rpc_session_acl_scope *acl_scope;
555 acl_scope = avl_find_element(&ses->acls, scope, acl_scope, avl);
558 uh_foreach_matching_acl(acl, &acl_scope->acls, obj, fun)
566 rpc_handle_access(struct ubus_context *ctx, struct ubus_object *obj,
567 struct ubus_request_data *req, const char *method,
568 struct blob_attr *msg)
570 struct rpc_session *ses;
571 struct blob_attr *tb[__RPC_SP_MAX];
572 const char *scope = "ubus";
575 blobmsg_parse(perm_policy, __RPC_SP_MAX, tb, blob_data(msg), blob_len(msg));
577 if (!tb[RPC_SP_SID] || !tb[RPC_SP_OBJECT] || !tb[RPC_SP_FUNCTION])
578 return UBUS_STATUS_INVALID_ARGUMENT;
580 ses = rpc_session_get(blobmsg_data(tb[RPC_SP_SID]));
582 return UBUS_STATUS_NOT_FOUND;
584 if (tb[RPC_SP_SCOPE])
585 scope = blobmsg_data(tb[RPC_SP_SCOPE]);
587 allow = rpc_session_acl_allowed(ses, scope,
588 blobmsg_data(tb[RPC_SP_OBJECT]),
589 blobmsg_data(tb[RPC_SP_FUNCTION]));
591 blob_buf_init(&buf, 0);
592 blobmsg_add_u8(&buf, "access", allow);
593 ubus_send_reply(ctx, req, buf.head);
599 rpc_session_set(struct rpc_session *ses, const char *key, struct blob_attr *val)
601 struct rpc_session_data *data;
603 data = avl_find_element(&ses->data, key, data, avl);
605 avl_delete(&ses->data, &data->avl);
609 data = calloc(1, sizeof(*data) + blob_pad_len(val));
613 memcpy(data->attr, val, blob_pad_len(val));
614 data->avl.key = blobmsg_name(data->attr);
615 avl_insert(&ses->data, &data->avl);
619 rpc_handle_set(struct ubus_context *ctx, struct ubus_object *obj,
620 struct ubus_request_data *req, const char *method,
621 struct blob_attr *msg)
623 struct rpc_session *ses;
624 struct blob_attr *tb[__RPC_SA_MAX];
625 struct blob_attr *attr;
628 blobmsg_parse(set_policy, __RPC_SS_MAX, tb, blob_data(msg), blob_len(msg));
630 if (!tb[RPC_SS_SID] || !tb[RPC_SS_VALUES])
631 return UBUS_STATUS_INVALID_ARGUMENT;
633 ses = rpc_session_get(blobmsg_data(tb[RPC_SS_SID]));
635 return UBUS_STATUS_NOT_FOUND;
637 blobmsg_for_each_attr(attr, tb[RPC_SS_VALUES], rem) {
638 if (!blobmsg_name(attr)[0])
641 rpc_session_set(ses, blobmsg_name(attr), attr);
648 rpc_handle_get(struct ubus_context *ctx, struct ubus_object *obj,
649 struct ubus_request_data *req, const char *method,
650 struct blob_attr *msg)
652 struct rpc_session *ses;
653 struct rpc_session_data *data;
654 struct blob_attr *tb[__RPC_SA_MAX];
655 struct blob_attr *attr;
659 blobmsg_parse(get_policy, __RPC_SG_MAX, tb, blob_data(msg), blob_len(msg));
662 return UBUS_STATUS_INVALID_ARGUMENT;
664 ses = rpc_session_get(blobmsg_data(tb[RPC_SG_SID]));
666 return UBUS_STATUS_NOT_FOUND;
668 blob_buf_init(&buf, 0);
669 c = blobmsg_open_table(&buf, "values");
672 blobmsg_for_each_attr(attr, tb[RPC_SG_KEYS], rem) {
673 if (blob_id(attr) != BLOBMSG_TYPE_STRING)
676 data = avl_find_element(&ses->data, blobmsg_data(attr), data, avl);
680 blobmsg_add_field(&buf, blobmsg_type(data->attr),
681 blobmsg_name(data->attr),
682 blobmsg_data(data->attr),
683 blobmsg_data_len(data->attr));
686 rpc_session_dump_data(ses, &buf);
688 blobmsg_close_table(&buf, c);
689 ubus_send_reply(ctx, req, buf.head);
695 rpc_handle_unset(struct ubus_context *ctx, struct ubus_object *obj,
696 struct ubus_request_data *req, const char *method,
697 struct blob_attr *msg)
699 struct rpc_session *ses;
700 struct rpc_session_data *data, *ndata;
701 struct blob_attr *tb[__RPC_SA_MAX];
702 struct blob_attr *attr;
705 blobmsg_parse(get_policy, __RPC_SG_MAX, tb, blob_data(msg), blob_len(msg));
708 return UBUS_STATUS_INVALID_ARGUMENT;
710 ses = rpc_session_get(blobmsg_data(tb[RPC_SG_SID]));
712 return UBUS_STATUS_NOT_FOUND;
714 if (!tb[RPC_SG_KEYS]) {
715 avl_remove_all_elements(&ses->data, data, avl, ndata)
720 blobmsg_for_each_attr(attr, tb[RPC_SG_KEYS], rem) {
721 if (blob_id(attr) != BLOBMSG_TYPE_STRING)
724 data = avl_find_element(&ses->data, blobmsg_data(attr), data, avl);
728 avl_delete(&ses->data, &data->avl);
736 rpc_handle_destroy(struct ubus_context *ctx, struct ubus_object *obj,
737 struct ubus_request_data *req, const char *method,
738 struct blob_attr *msg)
740 struct rpc_session *ses;
741 struct blob_attr *tb;
743 blobmsg_parse(&sid_policy, 1, &tb, blob_data(msg), blob_len(msg));
746 return UBUS_STATUS_INVALID_ARGUMENT;
748 if (!strcmp(blobmsg_get_string(tb), RPC_DEFAULT_SESSION_ID))
749 return UBUS_STATUS_PERMISSION_DENIED;
751 ses = rpc_session_get(blobmsg_data(tb));
753 return UBUS_STATUS_NOT_FOUND;
755 rpc_session_destroy(ses);
762 rpc_login_test_password(const char *hash, const char *password)
766 /* password is not set */
767 if (!hash || !*hash || !strcmp(hash, "!") || !strcmp(hash, "x"))
772 /* password hash refers to shadow/passwd */
773 else if (!strncmp(hash, "$p$", 3))
776 struct spwd *sp = getspnam(hash + 3);
781 return rpc_login_test_password(sp->sp_pwdp, password);
783 struct passwd *pw = getpwnam(hash + 3);
788 return rpc_login_test_password(pw->pw_passwd, password);
792 crypt_hash = crypt(password, hash);
794 return !strcmp(crypt_hash, hash);
797 static struct uci_section *
798 rpc_login_test_login(struct uci_context *uci,
799 const char *username, const char *password)
801 struct uci_package *p = NULL;
802 struct uci_section *s;
803 struct uci_element *e;
804 struct uci_ptr ptr = { .package = "rpcd" };
806 uci_load(uci, ptr.package, &p);
811 uci_foreach_element(&p->sections, e)
813 s = uci_to_section(e);
815 if (strcmp(s->type, "login"))
818 ptr.section = s->e.name;
821 /* test for matching username */
822 ptr.option = "username";
825 if (uci_lookup_ptr(uci, &ptr, NULL, true))
828 if (ptr.o->type != UCI_TYPE_STRING)
831 if (strcmp(ptr.o->v.string, username))
834 /* If password is NULL, we're restoring ACLs for an existing session,
835 * in this case do not check the password again. */
839 /* test for matching password */
840 ptr.option = "password";
843 if (uci_lookup_ptr(uci, &ptr, NULL, true))
846 if (ptr.o->type != UCI_TYPE_STRING)
849 if (rpc_login_test_password(ptr.o->v.string, password))
857 rpc_login_test_permission(struct uci_section *s,
858 const char *perm, const char *group)
860 struct uci_option *o;
861 struct uci_element *e, *l;
863 /* If the login section is not provided, we're setting up acls for the
864 * default session, in this case uncondionally allow access to the
865 * "unauthenticated" access group */
867 return !strcmp(group, "unauthenticated");
870 uci_foreach_element(&s->options, e)
872 o = uci_to_option(e);
874 if (o->type != UCI_TYPE_LIST)
877 if (strcmp(o->e.name, perm))
880 uci_foreach_element(&o->v.list, l)
881 if (l->name && !fnmatch(l->name, group, 0))
885 /* make sure that write permission implies read permission */
886 if (!strcmp(perm, "read"))
887 return rpc_login_test_permission(s, "write", group);
893 rpc_login_setup_acl_scope(struct rpc_session *ses,
894 struct blob_attr *acl_perm,
895 struct blob_attr *acl_scope)
897 struct blob_attr *acl_obj, *acl_func;
901 * Parse ACL scopes in table notation.
911 if (blob_id(acl_scope) == BLOBMSG_TYPE_TABLE) {
912 blobmsg_for_each_attr(acl_obj, acl_scope, rem) {
913 if (blob_id(acl_obj) != BLOBMSG_TYPE_ARRAY)
916 blobmsg_for_each_attr(acl_func, acl_obj, rem2) {
917 if (blob_id(acl_func) != BLOBMSG_TYPE_STRING)
920 rpc_session_grant(ses, blobmsg_name(acl_scope),
921 blobmsg_name(acl_obj),
922 blobmsg_data(acl_func));
928 * Parse ACL scopes in array notation. The permission ("read" or "write")
929 * will be used as function name for each object.
937 else if (blob_id(acl_scope) == BLOBMSG_TYPE_ARRAY) {
938 blobmsg_for_each_attr(acl_obj, acl_scope, rem) {
939 if (blob_id(acl_obj) != BLOBMSG_TYPE_STRING)
942 rpc_session_grant(ses, blobmsg_name(acl_scope),
943 blobmsg_data(acl_obj),
944 blobmsg_name(acl_perm));
950 rpc_login_setup_acl_file(struct rpc_session *ses, struct uci_section *login,
953 struct blob_buf acl = { 0 };
954 struct blob_attr *acl_group, *acl_perm, *acl_scope;
957 blob_buf_init(&acl, 0);
959 if (!blobmsg_add_json_from_file(&acl, path)) {
960 fprintf(stderr, "Failed to parse %s\n", path);
964 /* Iterate access groups in toplevel object */
965 blob_for_each_attr(acl_group, acl.head, rem) {
966 /* Iterate permission objects in each access group object */
967 blobmsg_for_each_attr(acl_perm, acl_group, rem2) {
968 if (blob_id(acl_perm) != BLOBMSG_TYPE_TABLE)
971 /* Only "read" and "write" permissions are defined */
972 if (strcmp(blobmsg_name(acl_perm), "read") &&
973 strcmp(blobmsg_name(acl_perm), "write"))
977 * Check if the current user context specifies the current
978 * "read" or "write" permission in the given access group.
980 if (!rpc_login_test_permission(login, blobmsg_name(acl_perm),
981 blobmsg_name(acl_group)))
984 /* Iterate scope objects within the permission object */
985 blobmsg_for_each_attr(acl_scope, acl_perm, rem3) {
986 /* Setup the scopes of the access group */
987 rpc_login_setup_acl_scope(ses, acl_perm, acl_scope);
990 * Add the access group itself as object to the "access-group"
991 * meta scope and the the permission level ("read" or "write")
1005 * This allows session clients to easily query the allowed
1006 * access groups without having to test access of each single
1007 * <scope>/<object>/<function> tuple defined in a group.
1009 rpc_session_grant(ses, "access-group",
1010 blobmsg_name(acl_group),
1011 blobmsg_name(acl_perm));
1017 blob_buf_free(&acl);
1021 rpc_login_setup_acls(struct rpc_session *ses, struct uci_section *login)
1026 if (glob(RPC_SESSION_ACL_DIR "/*.json", 0, NULL, &gl))
1029 for (i = 0; i < gl.gl_pathc; i++)
1030 rpc_login_setup_acl_file(ses, login, gl.gl_pathv[i]);
1036 rpc_handle_login(struct ubus_context *ctx, struct ubus_object *obj,
1037 struct ubus_request_data *req, const char *method,
1038 struct blob_attr *msg)
1040 struct uci_context *uci = NULL;
1041 struct uci_section *login;
1042 struct rpc_session *ses;
1043 struct blob_attr *tb[__RPC_L_MAX];
1044 int timeout = RPC_DEFAULT_SESSION_TIMEOUT;
1047 blobmsg_parse(login_policy, __RPC_L_MAX, tb, blob_data(msg), blob_len(msg));
1049 if (!tb[RPC_L_USERNAME] || !tb[RPC_L_PASSWORD]) {
1050 rv = UBUS_STATUS_INVALID_ARGUMENT;
1054 uci = uci_alloc_context();
1057 rv = UBUS_STATUS_UNKNOWN_ERROR;
1061 login = rpc_login_test_login(uci, blobmsg_get_string(tb[RPC_L_USERNAME]),
1062 blobmsg_get_string(tb[RPC_L_PASSWORD]));
1065 rv = UBUS_STATUS_PERMISSION_DENIED;
1069 if (tb[RPC_L_TIMEOUT])
1070 timeout = blobmsg_get_u32(tb[RPC_L_TIMEOUT]);
1072 ses = rpc_session_create(timeout);
1075 rv = UBUS_STATUS_UNKNOWN_ERROR;
1079 rpc_login_setup_acls(ses, login);
1081 rpc_session_set(ses, "user", tb[RPC_L_USERNAME]);
1082 rpc_session_dump(ses, ctx, req);
1086 uci_free_context(uci);
1093 rpc_validate_sid(const char *id)
1098 if (strlen(id) != RPC_SID_LEN)
1102 if (!isxdigit(*id++))
1109 rpc_blob_to_file(const char *path, struct blob_attr *attr)
1113 fd = open(path, O_WRONLY | O_CREAT | O_EXCL, 0600);
1118 len = write(fd, attr, blob_pad_len(attr));
1122 if (len != blob_pad_len(attr))
1131 static struct blob_attr *
1132 rpc_blob_from_file(const char *path)
1136 struct blob_attr head, *attr = NULL;
1138 if (stat(path, &s) || !S_ISREG(s.st_mode))
1141 fd = open(path, O_RDONLY);
1146 len = read(fd, &head, sizeof(head));
1148 if (len != sizeof(head) || blob_pad_len(&head) != s.st_size)
1151 attr = calloc(1, s.st_size);
1156 memcpy(attr, &head, sizeof(head));
1158 len += read(fd, (char *)attr + sizeof(head), s.st_size - sizeof(head));
1160 if (len != blob_pad_len(&head))
1176 rpc_session_from_blob(struct uci_context *uci, struct blob_attr *attr)
1179 const char *user = NULL;
1180 struct rpc_session *ses;
1181 struct uci_section *login;
1182 struct blob_attr *tb[__RPC_DUMP_MAX], *data;
1184 blobmsg_parse(dump_policy, __RPC_DUMP_MAX, tb,
1185 blob_data(attr), blob_len(attr));
1187 for (i = 0; i < __RPC_DUMP_MAX; i++)
1191 ses = rpc_session_new();
1196 memcpy(ses->id, blobmsg_data(tb[RPC_DUMP_SID]), RPC_SID_LEN);
1198 ses->timeout = blobmsg_get_u32(tb[RPC_DUMP_TIMEOUT]);
1200 blobmsg_for_each_attr(data, tb[RPC_DUMP_DATA], rem) {
1201 rpc_session_set(ses, blobmsg_name(data), data);
1203 if (!strcmp(blobmsg_name(data), "username"))
1204 user = blobmsg_get_string(data);
1208 login = rpc_login_test_login(uci, user, NULL);
1210 rpc_login_setup_acls(ses, login);
1213 avl_insert(&sessions, &ses->avl);
1215 uloop_timeout_set(&ses->t, blobmsg_get_u32(tb[RPC_DUMP_EXPIRES]) * 1000);
1220 int rpc_session_api_init(struct ubus_context *ctx)
1222 struct rpc_session *ses;
1224 static const struct ubus_method session_methods[] = {
1225 UBUS_METHOD("create", rpc_handle_create, &new_policy),
1226 UBUS_METHOD("list", rpc_handle_list, &sid_policy),
1227 UBUS_METHOD("grant", rpc_handle_acl, acl_policy),
1228 UBUS_METHOD("revoke", rpc_handle_acl, acl_policy),
1229 UBUS_METHOD("access", rpc_handle_access, perm_policy),
1230 UBUS_METHOD("set", rpc_handle_set, set_policy),
1231 UBUS_METHOD("get", rpc_handle_get, get_policy),
1232 UBUS_METHOD("unset", rpc_handle_unset, get_policy),
1233 UBUS_METHOD("destroy", rpc_handle_destroy, &sid_policy),
1234 UBUS_METHOD("login", rpc_handle_login, login_policy),
1237 static struct ubus_object_type session_type =
1238 UBUS_OBJECT_TYPE("luci-rpc-session", session_methods);
1240 static struct ubus_object obj = {
1242 .type = &session_type,
1243 .methods = session_methods,
1244 .n_methods = ARRAY_SIZE(session_methods),
1247 avl_init(&sessions, avl_strcmp, false, NULL);
1249 /* setup the default session */
1250 ses = rpc_session_new();
1253 strcpy(ses->id, RPC_DEFAULT_SESSION_ID);
1254 rpc_login_setup_acls(ses, NULL);
1255 avl_insert(&sessions, &ses->avl);
1258 return ubus_add_object(ctx, &obj);
1261 bool rpc_session_access(const char *sid, const char *scope,
1262 const char *object, const char *function)
1264 struct rpc_session *ses = rpc_session_get(sid);
1269 return rpc_session_acl_allowed(ses, scope, object, function);
1272 void rpc_session_create_cb(struct rpc_session_cb *cb)
1275 list_add(&cb->list, &create_callbacks);
1278 void rpc_session_destroy_cb(struct rpc_session_cb *cb)
1281 list_add(&cb->list, &destroy_callbacks);
1284 void rpc_session_freeze(void)
1287 struct rpc_session *ses;
1288 char path[PATH_MAX];
1290 if (stat(RPC_SESSION_DIRECTORY, &s))
1291 mkdir(RPC_SESSION_DIRECTORY, 0700);
1293 avl_for_each_element(&sessions, ses, avl) {
1294 /* skip default session */
1295 if (!strcmp(ses->id, RPC_DEFAULT_SESSION_ID))
1298 snprintf(path, sizeof(path) - 1, RPC_SESSION_DIRECTORY "/%s", ses->id);
1299 rpc_session_to_blob(ses);
1300 rpc_blob_to_file(path, buf.head);
1304 void rpc_session_thaw(void)
1307 char path[PATH_MAX];
1309 struct blob_attr *attr;
1310 struct uci_context *uci;
1312 d = opendir(RPC_SESSION_DIRECTORY);
1317 uci = uci_alloc_context();
1322 while ((e = readdir(d)) != NULL) {
1323 if (!rpc_validate_sid(e->d_name))
1326 snprintf(path, sizeof(path) - 1,
1327 RPC_SESSION_DIRECTORY "/%s", e->d_name);
1329 attr = rpc_blob_from_file(path);
1332 rpc_session_from_blob(uci, attr);
1341 uci_free_context(uci);