From 2a9c3a3173e0cec686fb8d9fafb8c063f80958e4 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Sun, 30 Apr 2023 00:19:35 +0200 Subject: [PATCH] luci-lua-runtime: fix legacy luci-mod-rpc authentication The legacy RPC module authentication fixup was improperly ported into the Lua dispatcher stub module, rendering legacy RPC authentication broken. Additionally, the split of the former `sysauth` cookie into `sysauth_http` and `sysauth_https` ones was also imposed upon the RPC module, without leaving the option to use just `sysauth` in place, so allow this cookie name again for the legacy RPC logins. Fixes: #6333 Fixes: e1932592c3 ("luci-base: use different cookie names for HTTP and HTTPS") Fixes: ded8ccf93e ("luci-base-ucode: add initial ucode based LuCI runtime") Signed-off-by: Jo-Philipp Wich --- modules/luci-lua-runtime/luasrc/dispatcher.lua | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/luci-lua-runtime/luasrc/dispatcher.lua b/modules/luci-lua-runtime/luasrc/dispatcher.lua index 93f7f8949b..dfbb225f0e 100644 --- a/modules/luci-lua-runtime/luasrc/dispatcher.lua +++ b/modules/luci-lua-runtime/luasrc/dispatcher.lua @@ -167,12 +167,12 @@ function process_lua_controller(path) login = true, methods = { "cookie:sysauth_https", "cookie:sysauth_http" } } - elseif subname == "rpc" and entry.module == "luci.controller.rpc" then + elseif path == "rpc" and modname == "luci.controller.rpc" then entry.auth = { login = false, - methods = { "query:auth", "cookie:sysauth_https", "cookie:sysauth_http" } + methods = { "query:auth", "cookie:sysauth_https", "cookie:sysauth_http", "cookie:sysauth" } } - elseif entry.module == "luci.controller.admin.uci" then + elseif modname == "luci.controller.admin.uci" then entry.auth = { login = false, methods = { "param:sid" } -- 2.30.2