summaryrefslogtreecommitdiffhomepage
path: root/libs
diff options
context:
space:
mode:
Diffstat (limited to 'libs')
-rw-r--r--libs/cbi/luasrc/cbi.lua13
-rw-r--r--libs/core/luasrc/sys.lua8
-rw-r--r--libs/sgi-haserl/luasrc/sgi/haserl.lua6
-rw-r--r--libs/sgi-webuci/luasrc/sgi/webuci.lua15
-rw-r--r--libs/sgi-webuci/root/usr/lib/boa/luci.lua2
-rw-r--r--libs/web/luasrc/dispatcher.lua26
6 files changed, 65 insertions, 5 deletions
diff --git a/libs/cbi/luasrc/cbi.lua b/libs/cbi/luasrc/cbi.lua
index 42b58ce0b..178c46f03 100644
--- a/libs/cbi/luasrc/cbi.lua
+++ b/libs/cbi/luasrc/cbi.lua
@@ -579,11 +579,6 @@ function AbstractValue.render(self, s, scope)
if not self.optional or self:cfgvalue(s) or self:formcreated(s) then
scope = scope or {}
scope.section = s
-
- -- fixup size for MultiValue fields
- if instanceof(self, MultiValue) and self.widget == "select" and not self.size then
- self.size = #self.vallist
- end
Node.render(self, scope)
end
@@ -741,6 +736,14 @@ function MultiValue.__init__(self, ...)
self.delimiter = " "
end
+function MultiValue.render(self, ...)
+ if self.widget == "select" and not self.size then
+ self.size = #self.vallist
+ end
+
+ AbstractValue.render(self, ...)
+end
+
function MultiValue.value(self, key, val)
val = val or key
table.insert(self.keylist, tostring(key))
diff --git a/libs/core/luasrc/sys.lua b/libs/core/luasrc/sys.lua
index 6d03f59db..80d702b94 100644
--- a/libs/core/luasrc/sys.lua
+++ b/libs/core/luasrc/sys.lua
@@ -263,6 +263,14 @@ end
user = {}
-- returns user information to a given uid
user.getuser = posix.getpasswd
+
+-- checks whether a string matches the password of a certain system user
+function user.checkpasswd(user, password)
+ local account = user.getuser(user)
+ if posix.crypt and account then
+ return (account.passwd == posix.crypt(account.passwd, password))
+ end
+end
-- Changes the user password of given user
function user.setpasswd(user, pwd)
diff --git a/libs/sgi-haserl/luasrc/sgi/haserl.lua b/libs/sgi-haserl/luasrc/sgi/haserl.lua
index f3994b5c8..35bc1c902 100644
--- a/libs/sgi-haserl/luasrc/sgi/haserl.lua
+++ b/libs/sgi-haserl/luasrc/sgi/haserl.lua
@@ -29,6 +29,12 @@ require("luci.fs")
-- Environment Table
luci.http.env = ENV
+-- Enforces user authentification
+function luci.http.basic_auth(verify_callback, realm)
+ -- Dummy for Haserl
+ return true
+end
+
-- Returns the main dispatcher URL
function luci.http.dispatcher()
return luci.http.env.SCRIPT_NAME or ""
diff --git a/libs/sgi-webuci/luasrc/sgi/webuci.lua b/libs/sgi-webuci/luasrc/sgi/webuci.lua
index 2beff6907..1ad067c6b 100644
--- a/libs/sgi-webuci/luasrc/sgi/webuci.lua
+++ b/libs/sgi-webuci/luasrc/sgi/webuci.lua
@@ -33,6 +33,21 @@ function initenv(env, vars)
luci.http.vars = vars
end
+-- Enforces user authentification
+function luci.http.basic_auth(verify_callback, realm)
+ local user = luci.http.env.auth_user
+ local pass = luci.http.env.auth_password
+ realm = realm or ""
+
+ if not user or not verify_callback(user, pass) then
+ luci.http.status("401", "Unauthorized")
+ luci.http.header("WWW-Authenticate", string.format('Basic realm="%s"', realm))
+ return false
+ else
+ return true
+ end
+end
+
-- Returns the main dispatcher URL
function luci.http.dispatcher()
return luci.http.env.SCRIPT_NAME or ""
diff --git a/libs/sgi-webuci/root/usr/lib/boa/luci.lua b/libs/sgi-webuci/root/usr/lib/boa/luci.lua
index 2ea6ba4cb..e34bd5e2d 100644
--- a/libs/sgi-webuci/root/usr/lib/boa/luci.lua
+++ b/libs/sgi-webuci/root/usr/lib/boa/luci.lua
@@ -38,6 +38,8 @@ function init(path)
luci.sys.net.routes = function() return {} end
luci.sys.wifi.getiwconfig = function() return {} end
luci.sys.wifi.iwscan = function() return {} end
+
+ luci.sys.user.checkpasswd = function() return true end
end
end
diff --git a/libs/web/luasrc/dispatcher.lua b/libs/web/luasrc/dispatcher.lua
index feda28d51..cd481622b 100644
--- a/libs/web/luasrc/dispatcher.lua
+++ b/libs/web/luasrc/dispatcher.lua
@@ -58,6 +58,18 @@ function build_url(...)
return luci.http.dispatcher() .. "/" .. table.concat(arg, "/")
end
+-- Prints an error message or renders the "error401" template if available
+function error401(message)
+ message = message or "Unauthorized"
+
+ require("luci.template")
+ if not pcall(luci.template.render, "error401") then
+ luci.http.prepare_content("text/plain")
+ print(message)
+ end
+ return false
+end
+
-- Sends a 404 error code and renders the "error404" template if available
function error404(message)
luci.http.status(404, "Not Found")
@@ -115,6 +127,20 @@ function dispatch()
end
end
+ if track.sysauth then
+ local accs = track.sysauth
+ accs = (type(accs) == "string") and {accs} or accs
+
+ local function sysauth(user, password)
+ return (luci.util.contains(accs, user)
+ and luci.sys.user.checkpasswd(user, password))
+ end
+
+ if not luci.http.basic_auth(sysauth) then
+ error401()
+ return
+ end
+ end
if track.i18n then
require("luci.i18n").loadc(track.i18n)