1. 10 Nov, 2019 1 commit
  2. 29 Oct, 2019 9 commits
  3. 17 Oct, 2019 1 commit
    • Jo-Philipp Wich's avatar
      plugin: fix leaking invoked method name for exec plugins · 37aa9196
      Jo-Philipp Wich authored
      The invoked method name was separately duplicated from the call_context
      structure. The structure itself is eventually freed by rpc_exec_reply()
      but the method string it points to is lost after that.
      
      Use calloc_a() instead to allocate the string copy buffer together with
      the context structure, to ensure that all involved memory is freed.
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      37aa9196
  4. 21 Sep, 2019 1 commit
  5. 09 Sep, 2019 1 commit
  6. 08 Sep, 2019 1 commit
    • Jo-Philipp Wich's avatar
      file: refactor message parsing and permission checking · 69eeb1b4
      Jo-Philipp Wich authored
      Refactor rpc_check_path() and wrap it with a macro to allow passing
      different policies and permission names.
      
      This allows using the function for non-read operations and simplifies
      the message parsing code there.
      
      Also change the stat and list methods to require "list" instead of
      "read" permissions which is useful to allow browing the filesystem
      without allowing read access to all files.
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      69eeb1b4
  7. 04 Sep, 2019 2 commits
  8. 03 Sep, 2019 3 commits
  9. 01 Sep, 2019 2 commits
    • Jo-Philipp Wich's avatar
      file: add path based read/write/exec ACL checks · 821045f6
      Jo-Philipp Wich authored
      Introduce ACL checks to verify that the requested path may be read, written
      or executed. This allows to restrict ubus file commands to specific paths.
      
      To setup the required ACLs, the following ubus command may be used
      on the command line:
      
      ubus call session grant '{
        "ubus_rpc_session": "d41d8cd98f00b204e9800998ecf8427e",
        "scope": "file",
        "objects": [
          [ "/etc", "read" ],
          [ "/etc/*", "write" ],
          [ "/sbin/sysupgrade", "exec" ]
        ]
      }'
      
      The "read", "list", "stat" and "md5" procedures require "read" permissions,
      the "write" procedure requires "write" permission and the "exec" procedure
      requires "exec" permissions.
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      821045f6
    • Jo-Philipp Wich's avatar
      fb337e5a
  10. 05 Jun, 2019 1 commit
  11. 22 May, 2019 1 commit
    • Jo-Philipp Wich's avatar
      session: handle NULL return values of crypt() · 569284a1
      Jo-Philipp Wich authored
      The crypt() function may return NULL with errno ENOSYS when an attempt
      was made to crypt the plaintext password using a salt requesting an
      unsupported cipher.
      
      Avoid triggering segmentation faults in the subsequent strcmp() operation
      by checking for a non-NULL hash value.
      
      Fixes: FS#2291
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      569284a1
  12. 05 Mar, 2019 3 commits
  13. 21 Dec, 2018 4 commits
  14. 28 Nov, 2018 3 commits
  15. 22 Nov, 2018 3 commits
  16. 08 Aug, 2018 4 commits