X-Git-Url: https://git.archive.openwrt.org/?p=project%2Fluci.git;a=blobdiff_plain;f=modules%2Frpc%2Fluasrc%2Fcontroller%2Frpc.lua;h=7255c1780a2239dd3db045a6abec57c6738c4c93;hp=aa77a8f2485d0248a16302b47bdf570f0235beff;hb=c4f70ce38a049acdfefb632f7778806192dcfe01;hpb=0c5dc7bc77a4fd7d7f0d965e3185e2df4c608f05 diff --git a/modules/rpc/luasrc/controller/rpc.lua b/modules/rpc/luasrc/controller/rpc.lua index aa77a8f24..7255c1780 100644 --- a/modules/rpc/luasrc/controller/rpc.lua +++ b/modules/rpc/luasrc/controller/rpc.lua @@ -16,6 +16,8 @@ $Id$ local require = require local pairs = pairs local print = print +local pcall = pcall +local table = table module "luci.controller.rpc" @@ -23,7 +25,8 @@ function index() local function authenticator(validator, accs) local auth = luci.http.formvalue("auth", true) if auth then - local user = luci.sauth.read(auth) + local sdat = luci.sauth.read(auth) + user = loadstring(sdat)().user if user and luci.util.contains(accs, user) then return user, auth end @@ -31,19 +34,16 @@ function index() luci.http.status(403, "Forbidden") end - uci = entry({"rpc", "uci"}, call("rpc_uci")) - uci.sysauth = "root" - uci.sysauth_authenticator = authenticator + local rpc = node("rpc") + rpc.sysauth = "root" + rpc.sysauth_authenticator = authenticator + rpc.notemplate = true - fs = entry({"rpc", "fs"}, call("rpc_fs")) - fs.sysauth = "root" - fs.sysauth_authenticator = authenticator - - fs = entry({"rpc", "sys"}, call("rpc_sys")) - fs.sysauth = "root" - fs.sysauth_authenticator = authenticator - - uci = entry({"rpc", "auth"}, call("rpc_auth")) + entry({"rpc", "uci"}, call("rpc_uci")) + entry({"rpc", "fs"}, call("rpc_fs")) + entry({"rpc", "sys"}, call("rpc_sys")) + entry({"rpc", "ipkg"}, call("rpc_ipkg")) + entry({"rpc", "auth"}, call("rpc_auth")).sysauth = false end function rpc_auth() @@ -51,54 +51,114 @@ function rpc_auth() local sauth = require "luci.sauth" local http = require "luci.http" local sys = require "luci.sys" - - http.setfilehandler() + local ltn12 = require "luci.ltn12" + local util = require "luci.util" local loginstat local server = {} - server.login = function(user, pass) - local sid - + server.challenge = function(user, pass) + local sid, token, secret + if sys.user.checkpasswd(user, pass) then sid = sys.uniqueid(16) + token = sys.uniqueid(16) + secret = sys.uniqueid(16) + http.header("Set-Cookie", "sysauth=" .. sid.."; path=/") - sauth.write(sid, user) + sauth.write(sid, util.get_bytecode({ + user=user, + token=token, + secret=secret + })) end - return sid + return sid and {sid=sid, token=token, secret=secret} + end + + server.login = function(...) + local challenge = server.challenge(...) + return challenge and challenge.sid end http.prepare_content("application/json") - http.write(jsonrpc.handle(server, http.content())) + ltn12.pump.all(jsonrpc.handle(server, http.source()), http.write) end function rpc_uci() - local uci = require "luci.controller.rpc.uci" + if not pcall(require, "luci.model.uci") then + luci.http.status(404, "Not Found") + return nil + end + local uci = require "luci.jsonrpcbind.uci" local jsonrpc = require "luci.jsonrpc" local http = require "luci.http" + local ltn12 = require "luci.ltn12" - http.setfilehandler() http.prepare_content("application/json") - http.write(jsonrpc.handle(uci, http.content())) + ltn12.pump.all(jsonrpc.handle(uci, http.source()), http.write) end function rpc_fs() - local fs = require "luci.fs" + local util = require "luci.util" + local io = require "io" + local fs2 = util.clone(require "nixio.fs") local jsonrpc = require "luci.jsonrpc" local http = require "luci.http" + local ltn12 = require "luci.ltn12" + + function fs2.readfile(filename) + local stat, mime = pcall(require, "mime") + if not stat then + error("Base64 support not available. Please install LuaSocket.") + end + + local fp = io.open(filename) + if not fp then + return nil + end + + local output = {} + local sink = ltn12.sink.table(output) + local source = ltn12.source.chain(ltn12.source.file(fp), mime.encode("base64")) + return ltn12.pump.all(source, sink) and table.concat(output) + end + + function fs2.writefile(filename, data) + local stat, mime = pcall(require, "mime") + if not stat then + error("Base64 support not available. Please install LuaSocket.") + end + + local file = io.open(filename, "w") + local sink = file and ltn12.sink.chain(mime.decode("base64"), ltn12.sink.file(file)) + return sink and ltn12.pump.all(ltn12.source.string(data), sink) or false + end - http.setfilehandler() http.prepare_content("application/json") - http.write(jsonrpc.handle(fs, http.content())) + ltn12.pump.all(jsonrpc.handle(fs2, http.source()), http.write) end function rpc_sys() local sys = require "luci.sys" local jsonrpc = require "luci.jsonrpc" local http = require "luci.http" + local ltn12 = require "luci.ltn12" - http.setfilehandler() http.prepare_content("application/json") - http.write(jsonrpc.handle(sys, http.content())) -end \ No newline at end of file + ltn12.pump.all(jsonrpc.handle(sys, http.source()), http.write) +end + +function rpc_ipkg() + if not pcall(require, "luci.model.ipkg") then + luci.http.status(404, "Not Found") + return nil + end + local ipkg = require "luci.model.ipkg" + local jsonrpc = require "luci.jsonrpc" + local http = require "luci.http" + local ltn12 = require "luci.ltn12" + + http.prepare_content("application/json") + ltn12.pump.all(jsonrpc.handle(ipkg, http.source()), http.write) +end