project/cgi-io.git
5 years agocgi-io: fix read after end errors
Ansuel Smith [Tue, 8 Oct 2019 20:34:11 +0000 (22:34 +0200)]
cgi-io: fix read after end errors

Currently cgi-io try to read data after the data ended.
- Adds "-" to whitelist char
- In main_upload is tried to consume the buffer while it's already readed by the while loop before

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
5 years agocgi-io: use splice() to stream backup archive
Jo-Philipp Wich [Fri, 13 Sep 2019 07:17:58 +0000 (09:17 +0200)]
cgi-io: use splice() to stream backup archive

This improves the I/O performance when outputting large backups.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agocgi-io: pass appropriate HTTP error codes to failure()
Jo-Philipp Wich [Fri, 13 Sep 2019 06:32:58 +0000 (08:32 +0200)]
cgi-io: pass appropriate HTTP error codes to failure()

Instead of always replying with a generic 500 internal server error code,
use more appropriate codes such as 403 to indicate denied permissions.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agocgi-io: add download operation
Jo-Philipp Wich [Fri, 13 Sep 2019 05:23:25 +0000 (07:23 +0200)]
cgi-io: add download operation

Add a new `cgi-download` applet which allows to retrieve the contents
of regular files or block devices.

In order to initiate a transfer, a POST request in x-www-form-urlencoded
format must be sent to the applet, with one field "sessionid" holding
the login session and another field "path" containing the file path to
download.

Further optional fields are "filename" which - if present - will cause
the download applet to set a Content-Dispostition header and "mimetype"
which allows to let the applet respond with a specific type instead of
the default "application/octet-stream".

Below is an example for the required acl rules to grant download access
to files or block devices:

    ubus call session grant '{
        "ubus_rpc_session": "...",
        "scope": "cgi-io",
        "objects": [
            [ "download", "read" ]
        ]
    }'

    ubus call session grant '{
        "ubus_rpc_session": "...",
        "scope": "file",
        "objects": [
            [ "/etc/config/*", "read" ],
            [ "/dev/mtdblock*", "read" ]
        ]
    }'

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agocgi-io: use different acl scopes for path and command permissions
Jo-Philipp Wich [Fri, 13 Sep 2019 04:52:21 +0000 (06:52 +0200)]
cgi-io: use different acl scopes for path and command permissions

Use the `cgi-io` scope to check for permission to execute the requested
command (`upload`, `backup`) and the `file` scope to check path
permissions.

The reasoning of this change is that `cgi-io` is usually used in
conjunction with `rpcd-mod-file` to transfer large file data out
of band and `rpcd-mod-file` already uses the `file` scope to manage
file path access permissions. After this change, both `rpc-mod-file`
and `cgi-io` can share the same path acl rules.

Write access to a path can be granted by using an ubus call in the
following form:

    ubus call session grant '{
        "ubus_rpc_session": "...",
        "scope": "file",
        "objects": [
            [ "/var/lib/uploads/*", "write" ]
        ]
    }'

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agotreewide: Change .*GPL.*+ licenses to SPDX compatible identifier
Sven Eckelmann [Mon, 2 Sep 2019 13:15:08 +0000 (15:15 +0200)]
treewide: Change .*GPL.*+ licenses to SPDX compatible identifier

The CONTRIBUTING.md requests an (or multiple) SPDX identifier for GPL
licenses. But a lot of packages did use a different, non-SPDX style with a
"+" at the end instead of "-or-later".

Signed-off-by: Sven Eckelmann <sven@narfation.org>
5 years agocgi-io: require whitelisting upload locations
Jo-Philipp Wich [Fri, 30 Aug 2019 05:50:43 +0000 (07:50 +0200)]
cgi-io: require whitelisting upload locations

Introduce further ACL checks to verify that the request-supplied
upload location may be written to. This prevents overwriting things
like /bin/busybox and allows to confine uploads to specific directories.

To setup the required ACLs, the following ubus command may be used
on the command line:

ubus call session grant '{
  "ubus_rpc_session": "d41d8cd98f00b204e9800998ecf8427e",
  "scope": "cgi-io",
  "objects": [
    [ "/etc/certificates/*", "write" ],
    [ "/var/uploads/*", "write" ]
  ]
}'

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agocgi-io: Fix bug
Jianhui Zhao [Thu, 30 May 2019 02:03:29 +0000 (10:03 +0800)]
cgi-io: Fix bug

The installation name is inconsistent with the code

Signed-off-by: Jianhui Zhao <jianhuizhao329@gmail.com>
7 years agocgi-io: support SHA256 checksums for file uploads
Jo-Philipp Wich [Mon, 13 Nov 2017 16:00:58 +0000 (17:00 +0100)]
cgi-io: support SHA256 checksums for file uploads

Report SHA256 checksums in addition to the MD5 ones to make cgi-io suitable
for sysupgrade image verification.

Also allow stat(), md5sum and/or sha256sum to fail and respond with a JSON
null value instead, leaving it to the frontend to handle errors as needed.

Fixes #4790.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
7 years agocgi-io: fix stray semicolon
Jo-Philipp Wich [Fri, 18 Aug 2017 12:28:33 +0000 (14:28 +0200)]
cgi-io: fix stray semicolon

Remove an improperly placed semicolon in order to solve the following
compiler error:

.../main.c:144:3: error: this 'if' clause does not guard... [-Werror=misleading-indentation]
    if (execl("/bin/busybox", "/bin/busybox", "md5sum", file, NULL));
    ^~
    .../main.c:145:4: note: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'
    return NULL;
    ^~~~~~
    cc1: all warnings being treated as errors

Fixes #4723.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
7 years agocgi-io: merge changes from luci2-io-helper
Daniel Golle [Mon, 19 Jun 2017 10:48:32 +0000 (12:48 +0200)]
cgi-io: merge changes from luci2-io-helper

luci2-io-helper: bugfix buckup script read timeout

Reading files from stdin will block for ever. The uhttpd is killing the
backup process after script_timeout.

Switching read to non blocking mode and add a waitpid for the slave
process does not end in a script_timeout anymore.

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
7 years agocgi-io: Find and search for libubus.h
Florian Fainelli [Sun, 18 Jun 2017 19:45:30 +0000 (12:45 -0700)]
cgi-io: Find and search for libubus.h

Fixes build errors with external toolchains:

[ 33%] Building C object CMakeFiles/cgi-io.dir/main.c.o
/home/florian/dev/openwrt/trunk/build_dir/target-mipsel-unknown-linux-gnu_glibc/cgi-io/main.c:30:21:
fatal error: libubus.h: No such file or directory
 #include <libubus.h>
                     ^
compilation terminated.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
8 years agotreewide: replace my defunct email address
Jo-Philipp Wich [Tue, 7 Jun 2016 10:00:01 +0000 (12:00 +0200)]
treewide: replace my defunct email address

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
9 years agocgi-io: add a small helper cgi that can be used by RPCD based UIs
John Crispin [Thu, 1 Oct 2015 15:34:13 +0000 (17:34 +0200)]
cgi-io: add a small helper cgi that can be used by RPCD based UIs

Signed-off-by: John Crispin <blogic@openwrt.org>