2 * rpcd - UBUS RPC server
4 * Copyright (C) 2013 Felix Fietkau <nbd@openwrt.org>
5 * Copyright (C) 2013 Jo-Philipp Wich <jow@openwrt.org>
7 * Permission to use, copy, modify, and/or distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 #define _GNU_SOURCE /* crypt() */
22 #include <libubox/avl-cmp.h>
23 #include <libubox/blobmsg.h>
24 #include <libubox/utils.h>
34 #include <rpcd/session.h>
36 static struct avl_tree sessions;
37 static struct blob_buf buf;
39 static LIST_HEAD(create_callbacks);
40 static LIST_HEAD(destroy_callbacks);
42 static const struct blobmsg_policy new_policy = {
43 .name = "timeout", .type = BLOBMSG_TYPE_INT32
46 static const struct blobmsg_policy sid_policy = {
47 .name = "sid", .type = BLOBMSG_TYPE_STRING
55 static const struct blobmsg_policy set_policy[__RPC_SS_MAX] = {
56 [RPC_SS_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING },
57 [RPC_SS_VALUES] = { .name = "values", .type = BLOBMSG_TYPE_TABLE },
65 static const struct blobmsg_policy get_policy[__RPC_SG_MAX] = {
66 [RPC_SG_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING },
67 [RPC_SG_KEYS] = { .name = "keys", .type = BLOBMSG_TYPE_ARRAY },
76 static const struct blobmsg_policy acl_policy[__RPC_SA_MAX] = {
77 [RPC_SA_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING },
78 [RPC_SA_SCOPE] = { .name = "scope", .type = BLOBMSG_TYPE_STRING },
79 [RPC_SA_OBJECTS] = { .name = "objects", .type = BLOBMSG_TYPE_ARRAY },
89 static const struct blobmsg_policy perm_policy[__RPC_SP_MAX] = {
90 [RPC_SP_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING },
91 [RPC_SP_SCOPE] = { .name = "scope", .type = BLOBMSG_TYPE_STRING },
92 [RPC_SP_OBJECT] = { .name = "object", .type = BLOBMSG_TYPE_STRING },
93 [RPC_SP_FUNCTION] = { .name = "function", .type = BLOBMSG_TYPE_STRING },
103 static const struct blobmsg_policy dump_policy[__RPC_DUMP_MAX] = {
104 [RPC_DUMP_SID] = { .name = "sid", .type = BLOBMSG_TYPE_STRING },
105 [RPC_DUMP_TIMEOUT] = { .name = "timeout", .type = BLOBMSG_TYPE_INT32 },
106 [RPC_DUMP_EXPIRES] = { .name = "expires", .type = BLOBMSG_TYPE_INT32 },
107 [RPC_DUMP_DATA] = { .name = "data", .type = BLOBMSG_TYPE_TABLE },
116 static const struct blobmsg_policy login_policy[__RPC_L_MAX] = {
117 [RPC_L_USERNAME] = { .name = "username", .type = BLOBMSG_TYPE_STRING },
118 [RPC_L_PASSWORD] = { .name = "password", .type = BLOBMSG_TYPE_STRING },
119 [RPC_L_TIMEOUT] = { .name = "timeout", .type = BLOBMSG_TYPE_INT32 },
123 * Keys in the AVL tree contain all pattern characters up to the first wildcard.
124 * To look up entries, start with the last entry that has a key less than or
125 * equal to the method name, then work backwards as long as the AVL key still
126 * matches its counterpart in the object name
128 #define uh_foreach_matching_acl_prefix(_acl, _avl, _obj, _func) \
129 for (_acl = avl_find_le_element(_avl, _obj, _acl, avl); \
131 _acl = avl_is_first(_avl, &(_acl)->avl) ? NULL : \
132 avl_prev_element((_acl), avl))
134 #define uh_foreach_matching_acl(_acl, _avl, _obj, _func) \
135 uh_foreach_matching_acl_prefix(_acl, _avl, _obj, _func) \
136 if (!strncmp((_acl)->object, _obj, (_acl)->sort_len) && \
137 !fnmatch((_acl)->object, (_obj), FNM_NOESCAPE) && \
138 !fnmatch((_acl)->function, (_func), FNM_NOESCAPE))
141 rpc_random(char *dest)
143 unsigned char buf[16] = { 0 };
147 f = fopen("/dev/urandom", "r");
151 fread(buf, 1, sizeof(buf), f);
154 for (i = 0; i < sizeof(buf); i++)
155 sprintf(dest + (i<<1), "%02x", buf[i]);
159 rpc_session_dump_data(struct rpc_session *ses, struct blob_buf *b)
161 struct rpc_session_data *d;
163 avl_for_each_element(&ses->data, d, avl) {
164 blobmsg_add_field(b, blobmsg_type(d->attr), blobmsg_name(d->attr),
165 blobmsg_data(d->attr), blobmsg_data_len(d->attr));
170 rpc_session_dump_acls(struct rpc_session *ses, struct blob_buf *b)
172 struct rpc_session_acl *acl;
173 struct rpc_session_acl_scope *acl_scope;
174 const char *lastobj = NULL;
175 const char *lastscope = NULL;
176 void *c = NULL, *d = NULL;
178 avl_for_each_element(&ses->acls, acl_scope, avl) {
179 if (!lastscope || strcmp(acl_scope->avl.key, lastscope))
181 if (c) blobmsg_close_table(b, c);
182 c = blobmsg_open_table(b, acl_scope->avl.key);
188 avl_for_each_element(&acl_scope->acls, acl, avl) {
189 if (!lastobj || strcmp(acl->object, lastobj))
191 if (d) blobmsg_close_array(b, d);
192 d = blobmsg_open_array(b, acl->object);
195 blobmsg_add_string(b, NULL, acl->function);
196 lastobj = acl->object;
199 if (d) blobmsg_close_array(b, d);
202 if (c) blobmsg_close_table(b, c);
206 rpc_session_to_blob(struct rpc_session *ses, bool acls)
210 blob_buf_init(&buf, 0);
212 blobmsg_add_string(&buf, "sid", ses->id);
213 blobmsg_add_u32(&buf, "timeout", ses->timeout);
214 blobmsg_add_u32(&buf, "expires", uloop_timeout_remaining(&ses->t) / 1000);
217 c = blobmsg_open_table(&buf, "acls");
218 rpc_session_dump_acls(ses, &buf);
219 blobmsg_close_table(&buf, c);
222 c = blobmsg_open_table(&buf, "data");
223 rpc_session_dump_data(ses, &buf);
224 blobmsg_close_table(&buf, c);
228 rpc_session_dump(struct rpc_session *ses, struct ubus_context *ctx,
229 struct ubus_request_data *req)
231 rpc_session_to_blob(ses, true);
233 ubus_send_reply(ctx, req, buf.head);
237 rpc_touch_session(struct rpc_session *ses)
239 if (ses->timeout > 0)
240 uloop_timeout_set(&ses->t, ses->timeout * 1000);
244 rpc_session_destroy(struct rpc_session *ses)
246 struct rpc_session_acl *acl, *nacl;
247 struct rpc_session_acl_scope *acl_scope, *nacl_scope;
248 struct rpc_session_data *data, *ndata;
249 struct rpc_session_cb *cb;
251 list_for_each_entry(cb, &destroy_callbacks, list)
252 cb->cb(ses, cb->priv);
254 uloop_timeout_cancel(&ses->t);
256 avl_for_each_element_safe(&ses->acls, acl_scope, avl, nacl_scope) {
257 avl_remove_all_elements(&acl_scope->acls, acl, avl, nacl)
260 avl_delete(&ses->acls, &acl_scope->avl);
264 avl_remove_all_elements(&ses->data, data, avl, ndata)
267 avl_delete(&sessions, &ses->avl);
271 static void rpc_session_timeout(struct uloop_timeout *t)
273 struct rpc_session *ses;
275 ses = container_of(t, struct rpc_session, t);
276 rpc_session_destroy(ses);
279 static struct rpc_session *
280 rpc_session_new(void)
282 struct rpc_session *ses;
284 ses = calloc(1, sizeof(*ses));
289 ses->avl.key = ses->id;
291 avl_init(&ses->acls, avl_strcmp, true, NULL);
292 avl_init(&ses->data, avl_strcmp, false, NULL);
294 ses->t.cb = rpc_session_timeout;
299 static struct rpc_session *
300 rpc_session_create(int timeout)
302 struct rpc_session *ses;
303 struct rpc_session_cb *cb;
305 ses = rpc_session_new();
312 ses->timeout = timeout;
314 avl_insert(&sessions, &ses->avl);
316 rpc_touch_session(ses);
318 list_for_each_entry(cb, &create_callbacks, list)
319 cb->cb(ses, cb->priv);
324 static struct rpc_session *
325 rpc_session_get(const char *id)
327 struct rpc_session *ses;
329 ses = avl_find_element(&sessions, id, ses, avl);
333 rpc_touch_session(ses);
338 rpc_handle_create(struct ubus_context *ctx, struct ubus_object *obj,
339 struct ubus_request_data *req, const char *method,
340 struct blob_attr *msg)
342 struct rpc_session *ses;
343 struct blob_attr *tb;
344 int timeout = RPC_DEFAULT_SESSION_TIMEOUT;
346 blobmsg_parse(&new_policy, 1, &tb, blob_data(msg), blob_len(msg));
348 timeout = blobmsg_get_u32(tb);
350 ses = rpc_session_create(timeout);
352 rpc_session_dump(ses, ctx, req);
358 rpc_handle_list(struct ubus_context *ctx, struct ubus_object *obj,
359 struct ubus_request_data *req, const char *method,
360 struct blob_attr *msg)
362 struct rpc_session *ses;
363 struct blob_attr *tb;
365 blobmsg_parse(&sid_policy, 1, &tb, blob_data(msg), blob_len(msg));
368 avl_for_each_element(&sessions, ses, avl)
369 rpc_session_dump(ses, ctx, req);
373 ses = rpc_session_get(blobmsg_data(tb));
375 return UBUS_STATUS_NOT_FOUND;
377 rpc_session_dump(ses, ctx, req);
383 uh_id_len(const char *str)
385 return strcspn(str, "*?[");
389 rpc_session_grant(struct rpc_session *ses,
390 const char *scope, const char *object, const char *function)
392 struct rpc_session_acl *acl;
393 struct rpc_session_acl_scope *acl_scope;
394 char *new_scope, *new_obj, *new_func, *new_id;
397 if (!object || !function)
398 return UBUS_STATUS_INVALID_ARGUMENT;
400 acl_scope = avl_find_element(&ses->acls, scope, acl_scope, avl);
403 uh_foreach_matching_acl_prefix(acl, &acl_scope->acls, object, function) {
404 if (!strcmp(acl->object, object) &&
405 !strcmp(acl->function, function))
411 acl_scope = calloc_a(sizeof(*acl_scope),
412 &new_scope, strlen(scope) + 1);
415 return UBUS_STATUS_UNKNOWN_ERROR;
417 acl_scope->avl.key = strcpy(new_scope, scope);
418 avl_init(&acl_scope->acls, avl_strcmp, true, NULL);
419 avl_insert(&ses->acls, &acl_scope->avl);
422 id_len = uh_id_len(object);
423 acl = calloc_a(sizeof(*acl),
424 &new_obj, strlen(object) + 1,
425 &new_func, strlen(function) + 1,
426 &new_id, id_len + 1);
429 return UBUS_STATUS_UNKNOWN_ERROR;
431 acl->object = strcpy(new_obj, object);
432 acl->function = strcpy(new_func, function);
433 acl->avl.key = strncpy(new_id, object, id_len);
434 avl_insert(&acl_scope->acls, &acl->avl);
440 rpc_session_revoke(struct rpc_session *ses,
441 const char *scope, const char *object, const char *function)
443 struct rpc_session_acl *acl, *next;
444 struct rpc_session_acl_scope *acl_scope;
448 acl_scope = avl_find_element(&ses->acls, scope, acl_scope, avl);
453 if (!object && !function) {
454 avl_remove_all_elements(&acl_scope->acls, acl, avl, next)
456 avl_delete(&ses->acls, &acl_scope->avl);
461 id_len = uh_id_len(object);
462 id = alloca(id_len + 1);
463 strncpy(id, object, id_len);
466 acl = avl_find_element(&acl_scope->acls, id, acl, avl);
468 if (!avl_is_last(&acl_scope->acls, &acl->avl))
469 next = avl_next_element(acl, avl);
473 if (strcmp(id, acl->avl.key) != 0)
476 if (!strcmp(acl->object, object) &&
477 !strcmp(acl->function, function)) {
478 avl_delete(&acl_scope->acls, &acl->avl);
484 if (avl_is_empty(&acl_scope->acls)) {
485 avl_delete(&ses->acls, &acl_scope->avl);
494 rpc_handle_acl(struct ubus_context *ctx, struct ubus_object *obj,
495 struct ubus_request_data *req, const char *method,
496 struct blob_attr *msg)
498 struct rpc_session *ses;
499 struct blob_attr *tb[__RPC_SA_MAX];
500 struct blob_attr *attr, *sattr;
501 const char *object, *function;
502 const char *scope = "ubus";
505 int (*cb)(struct rpc_session *ses,
506 const char *scope, const char *object, const char *function);
508 blobmsg_parse(acl_policy, __RPC_SA_MAX, tb, blob_data(msg), blob_len(msg));
511 return UBUS_STATUS_INVALID_ARGUMENT;
513 ses = rpc_session_get(blobmsg_data(tb[RPC_SA_SID]));
515 return UBUS_STATUS_NOT_FOUND;
517 if (tb[RPC_SA_SCOPE])
518 scope = blobmsg_data(tb[RPC_SA_SCOPE]);
520 if (!strcmp(method, "grant"))
521 cb = rpc_session_grant;
523 cb = rpc_session_revoke;
525 if (!tb[RPC_SA_OBJECTS])
526 return cb(ses, scope, NULL, NULL);
528 blobmsg_for_each_attr(attr, tb[RPC_SA_OBJECTS], rem1) {
529 if (blob_id(attr) != BLOBMSG_TYPE_ARRAY)
535 blobmsg_for_each_attr(sattr, attr, rem2) {
536 if (blob_id(sattr) != BLOBMSG_TYPE_STRING)
540 object = blobmsg_data(sattr);
542 function = blobmsg_data(sattr);
547 if (object && function)
548 cb(ses, scope, object, function);
555 rpc_session_acl_allowed(struct rpc_session *ses, const char *scope,
556 const char *obj, const char *fun)
558 struct rpc_session_acl *acl;
559 struct rpc_session_acl_scope *acl_scope;
561 acl_scope = avl_find_element(&ses->acls, scope, acl_scope, avl);
564 uh_foreach_matching_acl(acl, &acl_scope->acls, obj, fun)
572 rpc_handle_access(struct ubus_context *ctx, struct ubus_object *obj,
573 struct ubus_request_data *req, const char *method,
574 struct blob_attr *msg)
576 struct rpc_session *ses;
577 struct blob_attr *tb[__RPC_SP_MAX];
578 const char *scope = "ubus";
581 blobmsg_parse(perm_policy, __RPC_SP_MAX, tb, blob_data(msg), blob_len(msg));
583 if (!tb[RPC_SP_SID] || !tb[RPC_SP_OBJECT] || !tb[RPC_SP_FUNCTION])
584 return UBUS_STATUS_INVALID_ARGUMENT;
586 ses = rpc_session_get(blobmsg_data(tb[RPC_SP_SID]));
588 return UBUS_STATUS_NOT_FOUND;
590 if (tb[RPC_SP_SCOPE])
591 scope = blobmsg_data(tb[RPC_SP_SCOPE]);
593 allow = rpc_session_acl_allowed(ses, scope,
594 blobmsg_data(tb[RPC_SP_OBJECT]),
595 blobmsg_data(tb[RPC_SP_FUNCTION]));
597 blob_buf_init(&buf, 0);
598 blobmsg_add_u8(&buf, "access", allow);
599 ubus_send_reply(ctx, req, buf.head);
605 rpc_session_set(struct rpc_session *ses, const char *key, struct blob_attr *val)
607 struct rpc_session_data *data;
609 data = avl_find_element(&ses->data, key, data, avl);
611 avl_delete(&ses->data, &data->avl);
615 data = calloc(1, sizeof(*data) + blob_pad_len(val));
619 memcpy(data->attr, val, blob_pad_len(val));
620 data->avl.key = blobmsg_name(data->attr);
621 avl_insert(&ses->data, &data->avl);
625 rpc_handle_set(struct ubus_context *ctx, struct ubus_object *obj,
626 struct ubus_request_data *req, const char *method,
627 struct blob_attr *msg)
629 struct rpc_session *ses;
630 struct blob_attr *tb[__RPC_SS_MAX];
631 struct blob_attr *attr;
634 blobmsg_parse(set_policy, __RPC_SS_MAX, tb, blob_data(msg), blob_len(msg));
636 if (!tb[RPC_SS_SID] || !tb[RPC_SS_VALUES])
637 return UBUS_STATUS_INVALID_ARGUMENT;
639 ses = rpc_session_get(blobmsg_data(tb[RPC_SS_SID]));
641 return UBUS_STATUS_NOT_FOUND;
643 blobmsg_for_each_attr(attr, tb[RPC_SS_VALUES], rem) {
644 if (!blobmsg_name(attr)[0])
647 rpc_session_set(ses, blobmsg_name(attr), attr);
654 rpc_handle_get(struct ubus_context *ctx, struct ubus_object *obj,
655 struct ubus_request_data *req, const char *method,
656 struct blob_attr *msg)
658 struct rpc_session *ses;
659 struct rpc_session_data *data;
660 struct blob_attr *tb[__RPC_SG_MAX];
661 struct blob_attr *attr;
665 blobmsg_parse(get_policy, __RPC_SG_MAX, tb, blob_data(msg), blob_len(msg));
668 return UBUS_STATUS_INVALID_ARGUMENT;
670 ses = rpc_session_get(blobmsg_data(tb[RPC_SG_SID]));
672 return UBUS_STATUS_NOT_FOUND;
674 blob_buf_init(&buf, 0);
675 c = blobmsg_open_table(&buf, "values");
678 blobmsg_for_each_attr(attr, tb[RPC_SG_KEYS], rem) {
679 if (blob_id(attr) != BLOBMSG_TYPE_STRING)
682 data = avl_find_element(&ses->data, blobmsg_data(attr), data, avl);
686 blobmsg_add_field(&buf, blobmsg_type(data->attr),
687 blobmsg_name(data->attr),
688 blobmsg_data(data->attr),
689 blobmsg_data_len(data->attr));
692 rpc_session_dump_data(ses, &buf);
694 blobmsg_close_table(&buf, c);
695 ubus_send_reply(ctx, req, buf.head);
701 rpc_handle_unset(struct ubus_context *ctx, struct ubus_object *obj,
702 struct ubus_request_data *req, const char *method,
703 struct blob_attr *msg)
705 struct rpc_session *ses;
706 struct rpc_session_data *data, *ndata;
707 struct blob_attr *tb[__RPC_SA_MAX];
708 struct blob_attr *attr;
711 blobmsg_parse(get_policy, __RPC_SG_MAX, tb, blob_data(msg), blob_len(msg));
714 return UBUS_STATUS_INVALID_ARGUMENT;
716 ses = rpc_session_get(blobmsg_data(tb[RPC_SG_SID]));
718 return UBUS_STATUS_NOT_FOUND;
720 if (!tb[RPC_SG_KEYS]) {
721 avl_remove_all_elements(&ses->data, data, avl, ndata)
726 blobmsg_for_each_attr(attr, tb[RPC_SG_KEYS], rem) {
727 if (blob_id(attr) != BLOBMSG_TYPE_STRING)
730 data = avl_find_element(&ses->data, blobmsg_data(attr), data, avl);
734 avl_delete(&ses->data, &data->avl);
742 rpc_handle_destroy(struct ubus_context *ctx, struct ubus_object *obj,
743 struct ubus_request_data *req, const char *method,
744 struct blob_attr *msg)
746 struct rpc_session *ses;
747 struct blob_attr *tb;
749 blobmsg_parse(&sid_policy, 1, &tb, blob_data(msg), blob_len(msg));
752 return UBUS_STATUS_INVALID_ARGUMENT;
754 if (!strcmp(blobmsg_get_string(tb), RPC_DEFAULT_SESSION_ID))
755 return UBUS_STATUS_PERMISSION_DENIED;
757 ses = rpc_session_get(blobmsg_data(tb));
759 return UBUS_STATUS_NOT_FOUND;
761 rpc_session_destroy(ses);
768 rpc_login_test_password(const char *hash, const char *password)
772 /* password is not set */
773 if (!hash || !*hash || !strcmp(hash, "!") || !strcmp(hash, "x"))
778 /* password hash refers to shadow/passwd */
779 else if (!strncmp(hash, "$p$", 3))
782 struct spwd *sp = getspnam(hash + 3);
787 return rpc_login_test_password(sp->sp_pwdp, password);
789 struct passwd *pw = getpwnam(hash + 3);
794 return rpc_login_test_password(pw->pw_passwd, password);
798 crypt_hash = crypt(password, hash);
800 return !strcmp(crypt_hash, hash);
803 static struct uci_section *
804 rpc_login_test_login(struct uci_context *uci,
805 const char *username, const char *password)
807 struct uci_package *p = NULL;
808 struct uci_section *s;
809 struct uci_element *e;
810 struct uci_ptr ptr = { .package = "rpcd" };
812 uci_load(uci, ptr.package, &p);
817 uci_foreach_element(&p->sections, e)
819 s = uci_to_section(e);
821 if (strcmp(s->type, "login"))
824 ptr.section = s->e.name;
827 /* test for matching username */
828 ptr.option = "username";
831 if (uci_lookup_ptr(uci, &ptr, NULL, true))
834 if (ptr.o->type != UCI_TYPE_STRING)
837 if (strcmp(ptr.o->v.string, username))
840 /* If password is NULL, we're restoring ACLs for an existing session,
841 * in this case do not check the password again. */
845 /* test for matching password */
846 ptr.option = "password";
849 if (uci_lookup_ptr(uci, &ptr, NULL, true))
852 if (ptr.o->type != UCI_TYPE_STRING)
855 if (rpc_login_test_password(ptr.o->v.string, password))
863 rpc_login_test_permission(struct uci_section *s,
864 const char *perm, const char *group)
866 struct uci_option *o;
867 struct uci_element *e, *l;
869 /* If the login section is not provided, we're setting up acls for the
870 * default session, in this case uncondionally allow access to the
871 * "unauthenticated" access group */
873 return !strcmp(group, "unauthenticated");
876 uci_foreach_element(&s->options, e)
878 o = uci_to_option(e);
880 if (o->type != UCI_TYPE_LIST)
883 if (strcmp(o->e.name, perm))
886 uci_foreach_element(&o->v.list, l)
887 if (l->name && !fnmatch(l->name, group, 0))
891 /* make sure that write permission implies read permission */
892 if (!strcmp(perm, "read"))
893 return rpc_login_test_permission(s, "write", group);
899 rpc_login_setup_acl_scope(struct rpc_session *ses,
900 struct blob_attr *acl_perm,
901 struct blob_attr *acl_scope)
903 struct blob_attr *acl_obj, *acl_func;
907 * Parse ACL scopes in table notation.
917 if (blob_id(acl_scope) == BLOBMSG_TYPE_TABLE) {
918 blobmsg_for_each_attr(acl_obj, acl_scope, rem) {
919 if (blob_id(acl_obj) != BLOBMSG_TYPE_ARRAY)
922 blobmsg_for_each_attr(acl_func, acl_obj, rem2) {
923 if (blob_id(acl_func) != BLOBMSG_TYPE_STRING)
926 rpc_session_grant(ses, blobmsg_name(acl_scope),
927 blobmsg_name(acl_obj),
928 blobmsg_data(acl_func));
934 * Parse ACL scopes in array notation. The permission ("read" or "write")
935 * will be used as function name for each object.
943 else if (blob_id(acl_scope) == BLOBMSG_TYPE_ARRAY) {
944 blobmsg_for_each_attr(acl_obj, acl_scope, rem) {
945 if (blob_id(acl_obj) != BLOBMSG_TYPE_STRING)
948 rpc_session_grant(ses, blobmsg_name(acl_scope),
949 blobmsg_data(acl_obj),
950 blobmsg_name(acl_perm));
956 rpc_login_setup_acl_file(struct rpc_session *ses, struct uci_section *login,
959 struct blob_buf acl = { 0 };
960 struct blob_attr *acl_group, *acl_perm, *acl_scope;
963 blob_buf_init(&acl, 0);
965 if (!blobmsg_add_json_from_file(&acl, path)) {
966 fprintf(stderr, "Failed to parse %s\n", path);
970 /* Iterate access groups in toplevel object */
971 blob_for_each_attr(acl_group, acl.head, rem) {
972 /* Iterate permission objects in each access group object */
973 blobmsg_for_each_attr(acl_perm, acl_group, rem2) {
974 if (blob_id(acl_perm) != BLOBMSG_TYPE_TABLE)
977 /* Only "read" and "write" permissions are defined */
978 if (strcmp(blobmsg_name(acl_perm), "read") &&
979 strcmp(blobmsg_name(acl_perm), "write"))
983 * Check if the current user context specifies the current
984 * "read" or "write" permission in the given access group.
986 if (!rpc_login_test_permission(login, blobmsg_name(acl_perm),
987 blobmsg_name(acl_group)))
990 /* Iterate scope objects within the permission object */
991 blobmsg_for_each_attr(acl_scope, acl_perm, rem3) {
992 /* Setup the scopes of the access group */
993 rpc_login_setup_acl_scope(ses, acl_perm, acl_scope);
996 * Add the access group itself as object to the "access-group"
997 * meta scope and the the permission level ("read" or "write")
1011 * This allows session clients to easily query the allowed
1012 * access groups without having to test access of each single
1013 * <scope>/<object>/<function> tuple defined in a group.
1015 rpc_session_grant(ses, "access-group",
1016 blobmsg_name(acl_group),
1017 blobmsg_name(acl_perm));
1023 blob_buf_free(&acl);
1027 rpc_login_setup_acls(struct rpc_session *ses, struct uci_section *login)
1032 if (glob(RPC_SESSION_ACL_DIR "/*.json", 0, NULL, &gl))
1035 for (i = 0; i < gl.gl_pathc; i++)
1036 rpc_login_setup_acl_file(ses, login, gl.gl_pathv[i]);
1042 rpc_handle_login(struct ubus_context *ctx, struct ubus_object *obj,
1043 struct ubus_request_data *req, const char *method,
1044 struct blob_attr *msg)
1046 struct uci_context *uci = NULL;
1047 struct uci_section *login;
1048 struct rpc_session *ses;
1049 struct blob_attr *tb[__RPC_L_MAX];
1050 int timeout = RPC_DEFAULT_SESSION_TIMEOUT;
1053 blobmsg_parse(login_policy, __RPC_L_MAX, tb, blob_data(msg), blob_len(msg));
1055 if (!tb[RPC_L_USERNAME] || !tb[RPC_L_PASSWORD]) {
1056 rv = UBUS_STATUS_INVALID_ARGUMENT;
1060 uci = uci_alloc_context();
1063 rv = UBUS_STATUS_UNKNOWN_ERROR;
1067 login = rpc_login_test_login(uci, blobmsg_get_string(tb[RPC_L_USERNAME]),
1068 blobmsg_get_string(tb[RPC_L_PASSWORD]));
1071 rv = UBUS_STATUS_PERMISSION_DENIED;
1075 if (tb[RPC_L_TIMEOUT])
1076 timeout = blobmsg_get_u32(tb[RPC_L_TIMEOUT]);
1078 ses = rpc_session_create(timeout);
1081 rv = UBUS_STATUS_UNKNOWN_ERROR;
1085 rpc_login_setup_acls(ses, login);
1087 rpc_session_set(ses, "user", tb[RPC_L_USERNAME]);
1088 rpc_session_dump(ses, ctx, req);
1092 uci_free_context(uci);
1099 rpc_validate_sid(const char *id)
1104 if (strlen(id) != RPC_SID_LEN)
1108 if (!isxdigit(*id++))
1115 rpc_blob_to_file(const char *path, struct blob_attr *attr)
1119 fd = open(path, O_WRONLY | O_CREAT | O_EXCL, 0600);
1124 len = write(fd, attr, blob_pad_len(attr));
1128 if (len != blob_pad_len(attr))
1137 static struct blob_attr *
1138 rpc_blob_from_file(const char *path)
1142 struct blob_attr head, *attr = NULL;
1144 if (stat(path, &s) || !S_ISREG(s.st_mode))
1147 fd = open(path, O_RDONLY);
1152 len = read(fd, &head, sizeof(head));
1154 if (len != sizeof(head) || blob_pad_len(&head) != s.st_size)
1157 attr = calloc(1, s.st_size);
1162 memcpy(attr, &head, sizeof(head));
1164 len += read(fd, (char *)attr + sizeof(head), s.st_size - sizeof(head));
1166 if (len != blob_pad_len(&head))
1182 rpc_session_from_blob(struct uci_context *uci, struct blob_attr *attr)
1185 const char *user = NULL;
1186 struct rpc_session *ses;
1187 struct uci_section *login;
1188 struct blob_attr *tb[__RPC_DUMP_MAX], *data;
1190 blobmsg_parse(dump_policy, __RPC_DUMP_MAX, tb,
1191 blob_data(attr), blob_len(attr));
1193 for (i = 0; i < __RPC_DUMP_MAX; i++)
1197 ses = rpc_session_new();
1202 memcpy(ses->id, blobmsg_data(tb[RPC_DUMP_SID]), RPC_SID_LEN);
1204 ses->timeout = blobmsg_get_u32(tb[RPC_DUMP_TIMEOUT]);
1206 blobmsg_for_each_attr(data, tb[RPC_DUMP_DATA], rem) {
1207 rpc_session_set(ses, blobmsg_name(data), data);
1209 if (!strcmp(blobmsg_name(data), "username"))
1210 user = blobmsg_get_string(data);
1214 login = rpc_login_test_login(uci, user, NULL);
1216 rpc_login_setup_acls(ses, login);
1219 avl_insert(&sessions, &ses->avl);
1221 uloop_timeout_set(&ses->t, blobmsg_get_u32(tb[RPC_DUMP_EXPIRES]) * 1000);
1226 int rpc_session_api_init(struct ubus_context *ctx)
1228 struct rpc_session *ses;
1230 static const struct ubus_method session_methods[] = {
1231 UBUS_METHOD("create", rpc_handle_create, &new_policy),
1232 UBUS_METHOD("list", rpc_handle_list, &sid_policy),
1233 UBUS_METHOD("grant", rpc_handle_acl, acl_policy),
1234 UBUS_METHOD("revoke", rpc_handle_acl, acl_policy),
1235 UBUS_METHOD("access", rpc_handle_access, perm_policy),
1236 UBUS_METHOD("set", rpc_handle_set, set_policy),
1237 UBUS_METHOD("get", rpc_handle_get, get_policy),
1238 UBUS_METHOD("unset", rpc_handle_unset, get_policy),
1239 UBUS_METHOD("destroy", rpc_handle_destroy, &sid_policy),
1240 UBUS_METHOD("login", rpc_handle_login, login_policy),
1243 static struct ubus_object_type session_type =
1244 UBUS_OBJECT_TYPE("luci-rpc-session", session_methods);
1246 static struct ubus_object obj = {
1248 .type = &session_type,
1249 .methods = session_methods,
1250 .n_methods = ARRAY_SIZE(session_methods),
1253 avl_init(&sessions, avl_strcmp, false, NULL);
1255 /* setup the default session */
1256 ses = rpc_session_new();
1259 strcpy(ses->id, RPC_DEFAULT_SESSION_ID);
1260 rpc_login_setup_acls(ses, NULL);
1261 avl_insert(&sessions, &ses->avl);
1264 return ubus_add_object(ctx, &obj);
1267 bool rpc_session_access(const char *sid, const char *scope,
1268 const char *object, const char *function)
1270 struct rpc_session *ses = rpc_session_get(sid);
1275 return rpc_session_acl_allowed(ses, scope, object, function);
1278 void rpc_session_create_cb(struct rpc_session_cb *cb)
1281 list_add(&cb->list, &create_callbacks);
1284 void rpc_session_destroy_cb(struct rpc_session_cb *cb)
1287 list_add(&cb->list, &destroy_callbacks);
1290 void rpc_session_freeze(void)
1293 struct rpc_session *ses;
1294 char path[PATH_MAX];
1296 if (stat(RPC_SESSION_DIRECTORY, &s))
1297 mkdir(RPC_SESSION_DIRECTORY, 0700);
1299 avl_for_each_element(&sessions, ses, avl) {
1300 /* skip default session */
1301 if (!strcmp(ses->id, RPC_DEFAULT_SESSION_ID))
1304 snprintf(path, sizeof(path) - 1, RPC_SESSION_DIRECTORY "/%s", ses->id);
1305 rpc_session_to_blob(ses, false);
1306 rpc_blob_to_file(path, buf.head);
1310 void rpc_session_thaw(void)
1313 char path[PATH_MAX];
1315 struct blob_attr *attr;
1316 struct uci_context *uci;
1318 d = opendir(RPC_SESSION_DIRECTORY);
1323 uci = uci_alloc_context();
1328 while ((e = readdir(d)) != NULL) {
1329 if (!rpc_validate_sid(e->d_name))
1332 snprintf(path, sizeof(path) - 1,
1333 RPC_SESSION_DIRECTORY "/%s", e->d_name);
1335 attr = rpc_blob_from_file(path);
1338 rpc_session_from_blob(uci, attr);
1347 uci_free_context(uci);