project/rpcd.git
3 years agouci: manually clear uci_ptr flags after uci_delete() operations openwrt-19.07
Jo-Philipp Wich [Wed, 23 Dec 2020 18:06:12 +0000 (19:06 +0100)]
uci: manually clear uci_ptr flags after uci_delete() operations

This is required to avoid potential use-after-free errors through the
uci_set()->uci_delete()->uci_expand_ptr() call chain when passing
zero-length strings as values.

Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3528
Suggested-by: olegio170 <olegios170@gmail.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit d3f2041f4363e76fda57dd6b581eb71cf1a0e114)

4 years agouci: reset uci_ptr flags when merging options during section add
Jo-Philipp Wich [Tue, 26 May 2020 13:49:18 +0000 (15:49 +0200)]
uci: reset uci_ptr flags when merging options during section add

Fixes: FS#3126
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 078bb57e0769c987c05244abe1f7d8d53e0e323e)

4 years agosession: deny access if password login is disabled
Fabian Bläse [Tue, 17 Mar 2020 15:55:57 +0000 (16:55 +0100)]
session: deny access if password login is disabled

The special characters '!' and '*' in /etc/shadow are
used to disable password login for a specific account.

The character 'x' has no special meaning, but should not
be interpreted as an empty password.

However, rpcd did treat these special characters like no
password was set, which allows access even though the account
is disabled.

By removing the additional checks for these characters, the
encrypted password string is passed to crypt, which returns NULL
if the salt has an invalid format and therefore access is denied.

Fixes: FS#2634
Signed-off-by: Fabian Bläse <fabian@blaese.de>
(cherry picked from commit 3df62bcebd2caff47506ccffb42df8d2d2123c06)

4 years agofile: extend exec acl checks to commands with arguments
Jo-Philipp Wich [Tue, 10 Dec 2019 15:49:55 +0000 (16:49 +0100)]
file: extend exec acl checks to commands with arguments

When the initial exec permission check on the executable path fails,
concatenate the command line with spaces and use the resulting string
as lookup path for a second exec permission check.

This allows for exec acls similar to this example:

    "file": {
        "/usr/bin/program --flag --option=1 arg *": [ "exec" ]
    }

The example above would allow executing `/usr/bin/program` with the
arguments `--flag`, `--option=1` and `arg` in exactly this order,
followed by any number of optional arguments as denoted by the
asterisk.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agoplugin: avoid truncating numeric values
Jo-Philipp Wich [Sun, 10 Nov 2019 20:10:29 +0000 (21:10 +0100)]
plugin: avoid truncating numeric values

When parsing the JSON output of exec plugins, store integer values exceeding
32bit value limits as 64bit integer blob values.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoplugin: fix double free in finish callback
Jo-Philipp Wich [Tue, 29 Oct 2019 11:01:36 +0000 (12:01 +0100)]
plugin: fix double free in finish callback

Fixes: 37aa919 ("plugin: fix leaking invoked method name for exec plugins")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agomain: exec_self: make clang analyzer happy
Yousong Zhou [Mon, 21 Oct 2019 12:59:24 +0000 (12:59 +0000)]
main: exec_self: make clang analyzer happy

Prevent a theoretical leak of the args memory when the executable path
cannot be found.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
[fix whitespace, commit description]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agofile: exec: properly free memory on error
Yousong Zhou [Mon, 21 Oct 2019 12:59:23 +0000 (12:59 +0000)]
file: exec: properly free memory on error

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
[fix whitespace]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agouci: free configs list memory on return
Yousong Zhou [Mon, 21 Oct 2019 06:10:29 +0000 (06:10 +0000)]
uci: free configs list memory on return

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
[fix whitespace]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoexec: always call finish_cb to allow plugin to free up memory
Yousong Zhou [Mon, 21 Oct 2019 06:10:28 +0000 (06:10 +0000)]
exec: always call finish_cb to allow plugin to free up memory

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
[fix whitespace, subject typo]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoplugin: do not free method name separately
Jo-Philipp Wich [Tue, 29 Oct 2019 08:04:55 +0000 (09:04 +0100)]
plugin: do not free method name separately

A previous commit changed the allocation method for the call context to
include the method name string memory directly, so we must not treat the
method member separately anymore.

Fixes: 37aa919 ("plugin: fix leaking invoked method name for exec plugins")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoexec: properly free memory on rpc_exec() error
Yousong Zhou [Mon, 21 Oct 2019 06:10:27 +0000 (06:10 +0000)]
exec: properly free memory on rpc_exec() error

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
[fix whitespace]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoplugin: exec: properly free memory on parse error
Yousong Zhou [Mon, 21 Oct 2019 06:10:26 +0000 (06:10 +0000)]
plugin: exec: properly free memory on parse error

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
5 years agouci: reset uci_ptr flags when merging set operations
Jo-Philipp Wich [Tue, 29 Oct 2019 07:28:17 +0000 (08:28 +0100)]
uci: reset uci_ptr flags when merging set operations

In some cases, e.g. when subsequently setting multiple empty option
values, uci_set() might free the section pointer of the given reused
uci_ptr structure without zeroing it, leading to a use-after-free on
processing subsequent options.

Avoid this issue by clearing the lookup pointer flags in order to
prevent uci_set() from incorrectly branching into a uci_delete()
operation leading to the freeing of the section member.

Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-October/019592.html
Reported-by: Daniel Danzberger <daniel@dd-wrt.com>
Suggested-by: Yousong Zhou <yszhou4tech@gmail.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoplugin: fix leaking invoked method name for exec plugins
Jo-Philipp Wich [Thu, 17 Oct 2019 09:50:39 +0000 (11:50 +0200)]
plugin: fix leaking invoked method name for exec plugins

The invoked method name was separately duplicated from the call_context
structure. The structure itself is eventually freed by rpc_exec_reply()
but the method string it points to is lost after that.

Use calloc_a() instead to allocate the string copy buffer together with
the context structure, to ensure that all involved memory is freed.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agofile: increase minimum read buffer size to 4096 bytes
Jo-Philipp Wich [Sat, 21 Sep 2019 12:56:39 +0000 (14:56 +0200)]
file: increase minimum read buffer size to 4096 bytes

Some sysfs or proc files contain more than 128 byte of data, e.g. the
/proc/filesystems or /proc/mounts files.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoiwinfo: add WPA3 support
Jo-Philipp Wich [Mon, 9 Sep 2019 10:44:51 +0000 (12:44 +0200)]
iwinfo: add WPA3 support

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agofile: refactor message parsing and permission checking
Jo-Philipp Wich [Sun, 8 Sep 2019 14:41:53 +0000 (16:41 +0200)]
file: refactor message parsing and permission checking

Refactor rpc_check_path() and wrap it with a macro to allow passing
different policies and permission names.

This allows using the function for non-read operations and simplifies
the message parsing code there.

Also change the stat and list methods to require "list" instead of
"read" permissions which is useful to allow browing the filesystem
without allowing read access to all files.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoiwinfo: expose all rate info fields in assoclist reply
Jo-Philipp Wich [Wed, 4 Sep 2019 13:47:44 +0000 (15:47 +0200)]
iwinfo: expose all rate info fields in assoclist reply

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agosys: fix symbol redeclaration
Jo-Philipp Wich [Wed, 4 Sep 2019 13:50:34 +0000 (15:50 +0200)]
sys: fix symbol redeclaration

Fixes: 27c24c7 ("rpcd: sys: actually move timespec declaration")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agorpcd: sys: actually move timespec declaration
Jo-Philipp Wich [Tue, 3 Sep 2019 09:36:31 +0000 (11:36 +0200)]
rpcd: sys: actually move timespec declaration

Move the timespec declaration to the function header, as mentioned in
commit "rpcd: Switch to nanosleep".

Fixes: 604db20 ("rpcd: Switch to nanosleep")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agofile: add remove operation
Jo-Philipp Wich [Tue, 3 Sep 2019 06:18:39 +0000 (08:18 +0200)]
file: add remove operation

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agorpcd: Switch to nanosleep
Rosen Penev [Thu, 18 Jul 2019 17:54:44 +0000 (10:54 -0700)]
rpcd: Switch to nanosleep

usleep has been deprecated by POSIX.1-2001 and removed in POSIX.1-2008.
Fixes compilation when libc does not include usleep (optional with
uClibc-ng).

nanosleep also has the advantage of being more accurate.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[move timespec definition to the top of the function]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agofile: add path based read/write/exec ACL checks
Jo-Philipp Wich [Sun, 1 Sep 2019 16:05:19 +0000 (18:05 +0200)]
file: add path based read/write/exec ACL checks

Introduce ACL checks to verify that the requested path may be read, written
or executed. This allows to restrict ubus file commands to specific paths.

To setup the required ACLs, the following ubus command may be used
on the command line:

ubus call session grant '{
  "ubus_rpc_session": "d41d8cd98f00b204e9800998ecf8427e",
  "scope": "file",
  "objects": [
    [ "/etc", "read" ],
    [ "/etc/*", "write" ],
    [ "/sbin/sysupgrade", "exec" ]
  ]
}'

The "read", "list", "stat" and "md5" procedures require "read" permissions,
the "write" procedure requires "write" permission and the "exec" procedure
requires "exec" permissions.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agofile: add stat() information to directory listings
Jo-Philipp Wich [Sun, 1 Sep 2019 15:23:41 +0000 (17:23 +0200)]
file: add stat() information to directory listings

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoFix possible linker errors by using CMake find_library macro
Petr Štetiar [Tue, 5 Jun 2018 07:41:25 +0000 (09:41 +0200)]
Fix possible linker errors by using CMake find_library macro

Fixes following errors while compiling natively on x86:

 cc -fPIC -shared  -o rpcsys.so sys.c.o -lubox -lubus
 ld: cannot find -lubox
 ld: cannot find -lubus

Signed-off-by: Petr Štetiar <ynezz@true.cz>
5 years agosession: handle NULL return values of crypt()
Jo-Philipp Wich [Wed, 22 May 2019 12:25:52 +0000 (14:25 +0200)]
session: handle NULL return values of crypt()

The crypt() function may return NULL with errno ENOSYS when an attempt
was made to crypt the plaintext password using a salt requesting an
unsupported cipher.

Avoid triggering segmentation faults in the subsequent strcmp() operation
by checking for a non-NULL hash value.

Fixes: FS#2291
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoiwinfo: add mesh infos in assoclist.
Daniel Danzberger [Mon, 18 Feb 2019 21:35:07 +0000 (22:35 +0100)]
iwinfo: add mesh infos in assoclist.

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
5 years agoiwinfo: add survey.
Daniel Danzberger [Mon, 18 Feb 2019 21:35:06 +0000 (22:35 +0100)]
iwinfo: add survey.

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
5 years agoiwinfo: show more stats from assoclist.
Daniel Danzberger [Mon, 18 Feb 2019 21:35:05 +0000 (22:35 +0100)]
iwinfo: show more stats from assoclist.

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
5 years agofile: avoid closing stdio descriptors in rpc_file_exec_run
Jo-Philipp Wich [Fri, 21 Dec 2018 08:30:19 +0000 (09:30 +0100)]
file: avoid closing stdio descriptors in rpc_file_exec_run

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agofile: patch process stdin to /dev/null
Jo-Philipp Wich [Fri, 21 Dec 2018 08:09:55 +0000 (09:09 +0100)]
file: patch process stdin to /dev/null

This prevents broken pipe errors in executed child processes that
attempt to access stdin.

Suggested-by: Vytautas Virvičius <vy.virvicius@gmail.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agofile: remove unused members from struct rpc_file_exec_context
Jo-Philipp Wich [Fri, 21 Dec 2018 08:00:48 +0000 (09:00 +0100)]
file: remove unused members from struct rpc_file_exec_context

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agofile: rpc_file_exec_run: fix potential memory leak and integer overflow
Jo-Philipp Wich [Fri, 21 Dec 2018 07:50:36 +0000 (08:50 +0100)]
file: rpc_file_exec_run: fix potential memory leak and integer overflow

 - Store the realloc result in a separate pointer so that we can free
   the original on allocation failure
 - Use an explicit uint8_t for the argument vector length instead of
   "char" which might be signed or unsigned, depending on the arch
 - Bail out with an invalid argument error if the argument vector
   exceeds 255 items

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agofile: access exec timeout via daemon ops structure
Jo-Philipp Wich [Wed, 28 Nov 2018 11:12:04 +0000 (12:12 +0100)]
file: access exec timeout via daemon ops structure

Since the plugin is not linked, but dlopen()'d with RTLD_LOCAL, we cannot
access global rpcd variables but need to access them via the common ops
structure symbol.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoplugin: store pointer to exec timeout value in the ops structure
Jo-Philipp Wich [Wed, 28 Nov 2018 11:09:35 +0000 (12:09 +0100)]
plugin: store pointer to exec timeout value in the ops structure

This is required for plugins that need access to the configured execution
timeout. The global variable cannot be used as-is since we dlopen() with
RTLD_LOCAL.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agotreewide: rename exec_timeout to rpc_exec_timeout
Jo-Philipp Wich [Wed, 28 Nov 2018 11:07:58 +0000 (12:07 +0100)]
treewide: rename exec_timeout to rpc_exec_timeout

Rename the extern int to denote a global symbol.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agomain: fix logic bug when not specifying a timeout option
Jo-Philipp Wich [Thu, 22 Nov 2018 15:25:39 +0000 (16:25 +0100)]
main: fix logic bug when not specifying a timeout option

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agofile: use global exec timeout instead of own hardcoded limit
Jo-Philipp Wich [Thu, 22 Nov 2018 13:07:37 +0000 (14:07 +0100)]
file: use global exec timeout instead of own hardcoded limit

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoexec: increase maximum execution time to 120s
Jo-Philipp Wich [Thu, 22 Nov 2018 13:04:45 +0000 (14:04 +0100)]
exec: increase maximum execution time to 120s

Increase the maximum possible execution time to 120 seconds and add a new
command line flag `-t` which allows overwriting the default value.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agouci: tighten uci reorder operation error handling
Jo-Philipp Wich [Wed, 8 Aug 2018 21:28:34 +0000 (23:28 +0200)]
uci: tighten uci reorder operation error handling

- Return UBUS_STATUS_INVALID_ARGUMENT for invalid section names
- Return UBUS_STATUS_NOT_FOUND if a section name could not be resolved

6 years agouci: tighten uci delete operation error handling
Jo-Philipp Wich [Wed, 8 Aug 2018 20:53:21 +0000 (22:53 +0200)]
uci: tighten uci delete operation error handling

- Return UBUS_STATUS_NOT_FOUND if no object could be resolved for delete
- Return UBUS_STATUS_INVALID_ARGUMENT for invalid section names or types

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agouci: tighten uci set operation error handling
Jo-Philipp Wich [Wed, 8 Aug 2018 20:43:57 +0000 (22:43 +0200)]
uci: tighten uci set operation error handling

 - Return UBUS_STATUS_NOT_FOUND if no section could be resolved for set
 - Return UBUS_STATUS_INVALID_ARGUMENT if unserializable values are found

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agouci: tighten uci add operation error handling
Jo-Philipp Wich [Wed, 8 Aug 2018 21:55:07 +0000 (23:55 +0200)]
uci: tighten uci add operation error handling

- Return UBUS_STATUS_INVALID_ARGUMENT for invalid section or option names
- Return UBUS_STATUS_NOT_FOUND if a section name could not be resolved

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agouci: reject invalid section and option names
Jo-Philipp Wich [Wed, 8 Aug 2018 16:14:30 +0000 (18:14 +0200)]
uci: reject invalid section and option names

The invoked libuci functions do not reliably check their arguments, causing
malformed section and option names to end up in the delta file, letting the
uci cli and other components to segfault when processung such invalid
entries.

In order to prevent that, manually test received values before passing them
on to libuci.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agouci: fix memory leak in rpc_uci_replace_savedir()
Jo-Philipp Wich [Sun, 13 May 2018 19:13:05 +0000 (21:13 +0200)]
uci: fix memory leak in rpc_uci_replace_savedir()

The rpc_uci_replace_savedir() function did not take into account that libuci
uci_set_savedir() does an additional implicit uci_strdup() of the directory
path string when appending a new delta directory item.

Due to this oversight, only the struct uci_element items got freed, but not
the duplicated path string, leading to leaking memory when invoking the uci
api with session id argument.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agoexec: close stdout and stderr streams on child signal
Jo-Philipp Wich [Tue, 8 May 2018 18:43:00 +0000 (20:43 +0200)]
exec: close stdout and stderr streams on child signal

This prevents timing out ubus call when the child invokes further detached
childs inheriting stdio descriptors.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agouci: use correct sort index when reordering sections
Jo-Philipp Wich [Thu, 15 Mar 2018 23:42:18 +0000 (00:42 +0100)]
uci: use correct sort index when reordering sections

When reordering, the section indexes must be 0-based while the current
implementation incorrectly numbers starting with 1.

Fix this by start numbering ther sections with index 0.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agouci: fix memory leak in rpc_uci_apply_timeout()
Jo-Philipp Wich [Thu, 19 Apr 2018 13:13:25 +0000 (15:13 +0200)]
uci: fix memory leak in rpc_uci_apply_timeout()

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agouci: switch to proper save directory on apply/rollback
Jo-Philipp Wich [Thu, 19 Apr 2018 12:02:30 +0000 (14:02 +0200)]
uci: switch to proper save directory on apply/rollback

The existing code failed to set the uci cursor save directory to the current
session path, causing the apply routine to either fail or to merge settings
from unrelated neighboring sessions, potentially leaking data.

Solve the issue by switching the uci cursor save directory to the session
directory before performing the actual apply actions.

Additionally set the save directory path to "/dev/null" during rollback, to
avoid merging unrelated system wide uci changes when restoring configs from
the snapshot directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agouci: add rpc_uci_replace_savedir() helper
Jo-Philipp Wich [Thu, 19 Apr 2018 11:54:40 +0000 (13:54 +0200)]
uci: add rpc_uci_replace_savedir() helper

The rpc_uci_replace_savedir() function removes all configured save directories
from the uci cursor instance and adds the given path argument as sole item.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agosession: ignore non-string username attribute upon restore
Jo-Philipp Wich [Thu, 15 Mar 2018 11:22:34 +0000 (12:22 +0100)]
session: ignore non-string username attribute upon restore

When restoring session information from blob data, only consider the
embedded username attribute if it is a string value.

Other types may cause invalid memory accesses when attempting to strcmp()
the attribute value.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agosession: support reclaiming pending apply session
Jo-Philipp Wich [Thu, 15 Mar 2018 10:22:47 +0000 (11:22 +0100)]
session: support reclaiming pending apply session

Reclaim the pending apply session upon login when the username matches the
current login.

This is required to support apply-confirm-rollback workflow for ubus browser
clients, since changing IPs requires re-login to the device due to cross
domain restrictions.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agosession: remove redundant key attribute to rpc_session_set()
Jo-Philipp Wich [Thu, 15 Mar 2018 11:05:31 +0000 (12:05 +0100)]
session: remove redundant key attribute to rpc_session_set()

The given const char *key was used to look up the blob attribute, while
the blob attributes internal name was used to store it in the avl tree.

This leads to confusion and potential memory leaks when the given key name
does not match the blob attributes internal name.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agouci: fix session delta isolation
Jo-Philipp Wich [Thu, 15 Mar 2018 10:46:54 +0000 (11:46 +0100)]
uci: fix session delta isolation

The libuci `uci_set_savedir()` function does not replace, but appends the
requested delta directory to the search path, this causes information leaks
between sessions.

Due to a lack of an official api for this, clear the uci contexts private
delta path before setting the save directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agosys: packagelist: allow listing all packages
Daniel Golle [Thu, 30 Nov 2017 16:41:28 +0000 (17:41 +0100)]
sys: packagelist: allow listing all packages

Introduce optional boolean attribute 'all' to allow listing all
installed packages instead of only the user-selected ones.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agosys: fix passwd path
Roman Yeryomin [Sun, 26 Nov 2017 17:14:22 +0000 (19:14 +0200)]
sys: fix passwd path

Signed-off-by: Roman Yeryomin <roman@advem.lv>
6 years agosys: fix memory leak in packagelist
Daniel Golle [Sun, 12 Nov 2017 20:41:05 +0000 (21:41 +0100)]
sys: fix memory leak in packagelist

Fixes commit 4e483312b0.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agosys: add packagelist method
Daniel Golle [Sun, 12 Nov 2017 16:25:18 +0000 (17:25 +0100)]
sys: add packagelist method

Add method to list installed software packages directly from
/usr/lib/opkg/status (ie. no need to have opkg installed).

ubus call rpc-sys packagelist

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agoplugin: use RTLD_LOCAL instead of RTLD_GLOBAL when loading library
Rafał Miłecki [Thu, 9 Nov 2017 14:08:16 +0000 (15:08 +0100)]
plugin: use RTLD_LOCAL instead of RTLD_GLOBAL when loading library

RTLD_GLOBAL was used to allow plugins use each other symbols but this
facility was (most likely) never used and is a bad design anyway. If
there is a common code it should just go to a library.

Using RTLD_LOCAL on the other hand saves us from conflicting symbols
used by different plugins. An example can be iwinfo plugin using libnl.
If there appears to be another plugin using incompatible netlink
implementation this will result in a problem. Both plugins will start
using the same libnl which will break one of them.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Jo-Philipp Wich <jo@mein.io>
7 years agocmake: Find libubox/blobmsg_json.h
Florian Fainelli [Sat, 3 Dec 2016 17:34:44 +0000 (09:34 -0800)]
cmake: Find libubox/blobmsg_json.h

Add a CMake FIND_PATH and INCLUDE_DIRECTORIES searching for blobmsg_json.h.
Some external toolchains which do not include standard locations would fail to
find the header otherwise.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
7 years agosys: Check return values of chdir and write
Florian Fainelli [Sat, 3 Dec 2016 17:34:45 +0000 (09:34 -0800)]
sys: Check return values of chdir and write

Fixes the following warnings:

rpcd/sys.c: In function 'rpc_cgi_password_set':
rpcd/sys.c:116:8: error: ignoring return value of 'chdir', declared with attribute warn_unused_result [-Werror=unused-result]
   chdir("/");
        ^
rpcd/sys.c:125:8: error: ignoring return value of 'write', declared with attribute warn_unused_result [-Werror=unused-result]
   write(fds[1], blobmsg_data(tb[RPC_P_PASSWORD]),
        ^
rpcd/sys.c:127:8: error: ignoring return value of 'write', declared with attribute warn_unused_result [-Werror=unused-result]
   write(fds[1], "\n", 1);
        ^
rpcd/sys.c:131:8: error: ignoring return value of 'write', declared with attribute warn_unused_result [-Werror=unused-result]
   write(fds[1], blobmsg_data(tb[RPC_P_PASSWORD]),
        ^
rpcd/sys.c:133:8: error: ignoring return value of 'write', declared with attribute warn_unused_result [-Werror=unused-result]
   write(fds[1], "\n", 1);
        ^
cc1: all warnings being treated as errors

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
8 years agocmake: Find libubus.h
Florian Fainelli [Mon, 11 Jul 2016 21:03:49 +0000 (14:03 -0700)]
cmake: Find libubus.h

Add a CMake FIND_PATH and INCLUDE_DIRECTORIES searching for libubus.h. Some
external toolchains which do not include standard locations would fail
to find the header otherwise.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
8 years agoiwinfo: expose available HT rates
Jo-Philipp Wich [Wed, 29 Jun 2016 22:36:01 +0000 (00:36 +0200)]
iwinfo: expose available HT rates

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
8 years agoiwinfo: zero out ccode buffer since library doesn't
Denis Osvald [Thu, 2 Jun 2016 15:06:30 +0000 (17:06 +0200)]
iwinfo: zero out ccode buffer since library doesn't

Making an ubus call iwinfo countrylist '{"device":"radio0"}' will result
in some entries having garbage uninitialized stack bytes in the "code"
fields.

With this patch we zero-initialize the buffer that libiwinfo writes to,
making it NUL-terminated so that behavior doesn't happen anymore.

Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
8 years agofile: add myself in Copyright header
Luka Perkov [Mon, 11 Apr 2016 16:56:53 +0000 (18:56 +0200)]
file: add myself in Copyright header

Signed-off-by: Luka Perkov <luka@openwrt.org>
8 years agofile: handle return output of b64_decode
Luka Perkov [Tue, 12 Apr 2016 08:56:21 +0000 (10:56 +0200)]
file: handle return output of b64_decode

Solve this compile warning:

file.c:300:16: error: comparison of unsigned expression < 0 is always false [-Werror,-Wtautological-compare]
                if (data_len < 0)

Signed-off-by: Luka Perkov <luka@openwrt.org>
8 years agofile: add append write support
Luka Perkov [Mon, 11 Apr 2016 16:56:51 +0000 (18:56 +0200)]
file: add append write support

Signed-off-by: Luka Perkov <luka@openwrt.org>
8 years agouci: allow setting zero-length values (to delete an option)
Jo-Philipp Wich [Mon, 23 Nov 2015 18:11:44 +0000 (19:11 +0100)]
uci: allow setting zero-length values (to delete an option)

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
8 years agopaths: substitute literal with macro
Javier Domingo Cansino [Wed, 11 Nov 2015 13:10:11 +0000 (13:10 +0000)]
paths: substitute literal with macro

Signed-off-by: Javier Domingo Cansino <javierdo1@gmail.com>
9 years agoadd a reload_config method to the uci object
John Crispin [Fri, 21 Aug 2015 05:45:44 +0000 (07:45 +0200)]
add a reload_config method to the uci object

Signed-off-by: John Crispin <blogic@openwrt.org>
9 years agoadd a system object that allows us to set passwords and trigger sysupgrade
John Crispin [Thu, 20 Aug 2015 20:49:43 +0000 (22:49 +0200)]
add a system object that allows us to set passwords and trigger sysupgrade

Signed-off-by: John Crispin <blogic@openwrt.org>
9 years agofile: be consistent with string termination character
Luka Perkov [Mon, 11 May 2015 21:28:19 +0000 (23:28 +0200)]
file: be consistent with string termination character

Signed-off-by: Luka Perkov <luka@openwrt.org>
9 years agofile: add support for setting mode when writing files
Luka Perkov [Mon, 11 May 2015 21:28:18 +0000 (23:28 +0200)]
file: add support for setting mode when writing files

Signed-off-by: Luka Perkov <luka@openwrt.org>
9 years agofile: add support for base64
Luka Perkov [Mon, 11 May 2015 22:22:01 +0000 (00:22 +0200)]
file: add support for base64

Signed-off-by: Luka Perkov <luka@openwrt.org>
9 years agouci: unload package on revert
Jo-Philipp Wich [Sun, 17 May 2015 12:13:02 +0000 (14:13 +0200)]
uci: unload package on revert

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
9 years agofile: add md5sum support
Luka Perkov [Sun, 12 Apr 2015 01:56:50 +0000 (03:56 +0200)]
file: add md5sum support

Signed-off-by: Luka Perkov <luka@openwrt.org>
9 years agoproperly handle return codes
John Crispin [Sat, 28 Mar 2015 16:05:56 +0000 (17:05 +0100)]
properly handle return codes

Signed-off-by: John Crispin <blogic@openwrt.org>
9 years agofile: free memory after opendir()
Luka Perkov [Tue, 10 Mar 2015 17:00:03 +0000 (18:00 +0100)]
file: free memory after opendir()

Signed-off-by: Luka Perkov <luka@openwrt.org>
9 years agofile: use blob_buf_free()
Luka Perkov [Tue, 10 Mar 2015 17:00:02 +0000 (18:00 +0100)]
file: use blob_buf_free()

Signed-off-by: Luka Perkov <luka@openwrt.org>
9 years agofile: show "data" ubus parameter only when used
Luka Perkov [Tue, 10 Mar 2015 17:00:01 +0000 (18:00 +0100)]
file: show "data" ubus parameter only when used

The ubus calls for file read, list and stat do not use data parameter, so lets
remove them to avoid confusion.

Signed-off-by: Luka Perkov <luka@openwrt.org>
9 years agofix for json 0.12
John Crispin [Sun, 8 Mar 2015 14:04:13 +0000 (15:04 +0100)]
fix for json 0.12
Signed-off-by: John Crispin <blogic@openwrt.org>
9 years agocmake: fix libcrypt test
Jo-Philipp Wich [Thu, 26 Feb 2015 15:34:31 +0000 (16:34 +0100)]
cmake: fix libcrypt test

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
9 years agoiwinfo: add phyname procedure
Jo-Philipp Wich [Wed, 11 Feb 2015 13:04:08 +0000 (14:04 +0100)]
iwinfo: add phyname procedure

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
9 years agosession: fix method signatures for create, list and destroy
Jo-Philipp Wich [Mon, 9 Feb 2015 11:51:44 +0000 (12:51 +0100)]
session: fix method signatures for create, list and destroy

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
9 years agoiwinfo: add support for requesting assoc info for a specific mac address
Felix Fietkau [Sat, 29 Nov 2014 18:43:00 +0000 (19:43 +0100)]
iwinfo: add support for requesting assoc info for a specific mac address

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
10 years agoiwinfo: add 802.11ac hw mode
Felix Fietkau [Mon, 20 Oct 2014 13:49:24 +0000 (15:49 +0200)]
iwinfo: add 802.11ac hw mode

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
10 years agoiwinfo: use UBUS_METHOD_NOARG
Felix Fietkau [Sat, 4 Oct 2014 17:55:58 +0000 (19:55 +0200)]
iwinfo: use UBUS_METHOD_NOARG

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
10 years agoplugin.h: explicitly include json.h
Felix Fietkau [Sat, 4 Oct 2014 17:54:58 +0000 (19:54 +0200)]
plugin.h: explicitly include json.h

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
10 years agoplugin: fix parsing libexec plugin output
Jo-Philipp Wich [Thu, 3 Jul 2014 21:39:21 +0000 (23:39 +0200)]
plugin: fix parsing libexec plugin output

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
10 years agosession: add missing include
Felix Fietkau [Sun, 29 Jun 2014 21:22:50 +0000 (23:22 +0200)]
session: add missing include

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
10 years agouci: rework variable usage
Luka Perkov [Thu, 29 May 2014 10:57:35 +0000 (12:57 +0200)]
uci: rework variable usage

Signed-off-by: Luka Perkov <luka@openwrt.org>
10 years agofix segmentation fault when plugins are loaded
Luka Perkov [Wed, 29 Jan 2014 11:21:59 +0000 (11:21 +0000)]
fix segmentation fault when plugins are loaded

Function rpc_plugin_register_library() is modifying the struct's contents in
list_add() call. That said, the rpc_plugin struct should not be defined as
const. This caused segmentation fault when built on up-to-date Arch Linux.

Signed-off-by: Luka Perkov <luka@openwrt.org>
10 years agofile: when writing a file make sure it's contents are stored
Luka Perkov [Wed, 29 Jan 2014 11:21:58 +0000 (11:21 +0000)]
file: when writing a file make sure it's contents are stored

Fixes problems with ubi(fs).

Signed-off-by: Luka Perkov <luka@openwrt.org>
10 years agofile: create a file on write if it does not exist
Luka Perkov [Wed, 29 Jan 2014 11:21:57 +0000 (11:21 +0000)]
file: create a file on write if it does not exist

Signed-off-by: Luka Perkov <luka@openwrt.org>
10 years agofix whitespaces
Luka Perkov [Wed, 29 Jan 2014 11:21:56 +0000 (11:21 +0000)]
fix whitespaces

Signed-off-by: Luka Perkov <luka@openwrt.org>
10 years agosession: make object and function arguments of session.access optional, dump effectiv...
Jo-Philipp Wich [Sun, 19 Jan 2014 19:45:25 +0000 (19:45 +0000)]
session: make object and function arguments of session.access optional, dump effective acls in this case

10 years agouci: fix same buffer reuse introduced by previous commit
Jo-Philipp Wich [Sun, 12 Jan 2014 17:43:48 +0000 (17:43 +0000)]
uci: fix same buffer reuse introduced by previous commit

10 years agodebug
Jo-Philipp Wich [Sun, 12 Jan 2014 17:33:46 +0000 (17:33 +0000)]
debug

10 years agouci: grant access to confirm and rollback methods only to initiating session
Jo-Philipp Wich [Sun, 12 Jan 2014 17:23:27 +0000 (17:23 +0000)]
uci: grant access to confirm and rollback methods only to initiating session

Previously any session with access permissions for the corresponding method
was able to confirm or rollback commits initiated by another session.

Change those methods to only grant access to the initiating session.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>