| Age | Commit message (Collapse) | Author |
|---|
|
Since HTTP cookies may not overwrite HTTPS ("secure") ones, users are
frequently unable to log into LuCI when a stale, "secure" `sysauth` cookie
is still present in the browser as it commonly happens after e.g. a
sysupgrade operation or when frequently jumping between HTTP and HTTPS
access.
Rework the dispatcher to set either a `sysauth_http` or `sysauth_https`
cookie, depending on the HTTPS state of the server connection and accept
both cookie names when verifying the session ID.
This allows users to log into a HTTP-only LuCI instance while a stale,
"secure" HTTPS cookie is still present.
Requires commit 2b0539ef9d ("lucihttp: update to latest Git HEAD") to
function properly.
Fixes: #5843
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Flow offloaded conntrack entries carry no timeout value and trip up the
record parsing routine. Adjust the code to properly deal with such entries.
Ref: https://forum.openwrt.org/t/offloading-breaks-connections-list/126423
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The "absent" dependency type requires the given path to not exist on the
local system for the condition to be satisified. This is useful to disable
menu nodes depending on the presence of specific files.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Update timezone data to 2022a.
http://mm.icann.org/pipermail/tz-announce/2022-March/000070.html
* Palestine will spring forward on 2022-03-27, not 2022-03-26.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
Filter the init script name parameter through fs.basename() to avoid
invoking paths outside of /etc/init.d/.
Reported-by: Graham R <gr348@cam.ac.uk>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Update timezone data to 2021e.
http://mm.icann.org/pipermail/tz-announce/2021-September/000066.html
* Jordan now starts DST on February's last Thursday.
* Samoa no longer observes DST.
* Rename Pacific/Enderbury to Pacific/Kanton.
http://mm.icann.org/pipermail/tz-announce/2021-October/000068.html
* Fiji will suspend observance of DST for the 2021/2022 season.
http://mm.icann.org/pipermail/tz-announce/2021-October/000069.html
* Palestine will fall back 10-29 (not 10-30)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
- Prefer nodes that do not require authentication over nodes that do
- Honour ACL dependencies while resolving firstchild nodes
- Consider currently active session while scanning menu tree instead
of only loading effective ACLs when a login node is encountered
- Do not consider nodes for firstchild dispatching which specify a
special "firstchild_ineligible" property
- Hide menu nodes that have no accessible children
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The `up.gif` icon is not present by default anymore, it has been moved to
luci-compat. Probe loading.gif instead which is guaranteed to be available
by default.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Note: This change is relevant for systems that don't
use uhttpd for LuCI.
This log can be later used for fail2ban etc.
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
|
Fixes: #4778
Fixes: 366707a68 ("luci-base: drop unused functions in luci.sys")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Update timezone data to 2021a.
http://mm.icann.org/pipermail/tz-announce/2021-January/000065.html
* South Sudan changes from +03 to +02
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
Signed-off-by: Giovanni Giacobbi <giovanni@giacobbi.net>
|
|
Signed-off-by: Giovanni Giacobbi <giovanni@giacobbi.net>
|
|
Update timezone data to 2020f.
2020e: http://mm.icann.org/pipermail/tz-announce/2020-December/000063.html
Volgograd switches to Moscow time.
Australia/Currie removed as identical to Australia/Hobart
2020f: http://mm.icann.org/pipermail/tz-announce/2020-December/000064.html
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
The special characters '!' and '*' in /etc/shadow are
used to disable password login for a specific account.
The character 'x' has no special meaning, but should not
be interpreted as an empty password.
However, Luci treats the special characters '!' and 'x' like no password is
set and displays the "No password set!" notification.
As this might be misleading, the extra check for these special
characters is removed, so the invalid hash is returned in that case.
This aligns the behavior of this notification with a change in rpcd,
which also removed these extra checks, so no login is possible, if
password login is disabled [1].
[1] https://git.openwrt.org/?p=project/rpcd.git;a=commit;h=3df62bcebd2caff47506ccffb42df8d2d2123c06
Signed-off-by: Fabian Bläse <fabian@blaese.de>
|
|
Update timezone data to 2020d
2020b: http://mm.icann.org/pipermail/tz-announce/2020-October/000059.html
Macquarie Island has stayed in sync with Tasmania since 2011.
Casey, Antarctica is at +08 in winter and +11 in summer.
2020c: http://mm.icann.org/pipermail/tz-announce/2020-October/000060.html
2020d: http://mm.icann.org/pipermail/tz-announce/2020-October/000062.html
Palestine ends DST earlier than predicted, on 2020-10-24.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
Set the fallback value of the config change rollback timeout
to 90 seconds to match the change in /etc/config/luci by commit
81cf99a50.
That commit changed the value in the config file, but did
not change the underlying fallback values that do get applied
when there is no proper config item in etc/config/luci.
Users sysupgrading from old systems may have carried an ancient
/etc/config/luci (without rollback config) with them, so this
change should help them to see the intended user experience.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
Tweak the lua regex string for process list, so that processes
with extremely large memory sizes (over 100 MB) are matched.
For those large processes busybox top shows a MB value like '234m'
instead of a normal kB value like 234000.
Fixes #4425
Reference to https://github.com/openwrt/luci/issues/4425#issuecomment-694073479
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
luci-base: dispatcher: error404: flow message into template
|
|
In the previous commit the luci.xml module was created, Let's change all
references to the old functions to the new xml-module.
Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
|
|
To complete the previous commit these functions are defined in the resulting
luci-base package but are also used in the new luci-base-libs package. So
move them into the new xml-module of the new package.
Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
|
|
The new package luci-base-libs provides the modules that not strictly relate
to the web-interface of luci. By separating these libs they can be used by
other packages without having to install the web-components.
This change was inspired by providing a shell-only interface for 4MB-flash
devices, by keeping as much code common with a full install.
Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
|
|
message was only being shown in the plain text case when the render
failed.
Signed-off-by: Karl Palsson <karlp@etactica.com>
|
|
Support for sysauth_template was (inadvertently) dropped in refactorings
to support the json menu construction. This does not restore that
functionality, which allowed different templates for every node in the
dispatcher tree, but provides an alternative mechanism that allows a
theme to provide a sysauth.htm template file instead.
Tested-by: Karl Palsson <karlp@etactica.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Template strings have no associated name, which led to an attempt to
concat nil with a string when formatting the error message in case of
exceptions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Update timezone data to 2020a
http://mm.icann.org/pipermail/tz-announce/2020-April/000058.html
2020a:
Morocco springs forward on 2020-05-31, not 2020-05-24.
Canada's Yukon advanced to -07 year-round on 2020-03-08.
America/Nuuk renamed from America/Godthab.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
Ref: https://github.com/openwrt/luci/issues/3937
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The LuCI.fspath() function allows constructing absolute filesystem paths
from path segments relative to the document root.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Fixes: #3873
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Without the trailing slash, probing endpoint availability will fail.
Fixes: 529bde440 ("luci-base: make rpc webserver path configurable")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The cbi() function has a second argument 'config' in which various
configuration parameters can be passed. When converting the lua menu
to JSON, we must also convert this parameter.
Signed-off-by: Anton Kikin <a.kikin@tano-systems.com>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
A variable clash led to declarative `fs` dependencies being ineffective.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Fixes: #3585
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Currently the ubus path that provide the webserver is hardcoded to be /ubus.
Change this to make it configurable from the luci config file.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
When testing the luci-rpc authnetication, avoid clobbering the HTTP
post request body.
Fixes: #3470
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
