summaryrefslogtreecommitdiffhomepage
path: root/modules/luci-base/root
AgeCommit message (Collapse)Author
2022-07-08luci-base: use different cookie names for HTTP and HTTPSJo-Philipp Wich
Since HTTP cookies may not overwrite HTTPS ("secure") ones, users are frequently unable to log into LuCI when a stale, "secure" `sysauth` cookie is still present in the browser as it commonly happens after e.g. a sysupgrade operation or when frequently jumping between HTTP and HTTPS access. Rework the dispatcher to set either a `sysauth_http` or `sysauth_https` cookie, depending on the HTTPS state of the server connection and accept both cookie names when verifying the session ID. This allows users to log into a HTTP-only LuCI instance while a stale, "secure" HTTPS cookie is still present. Requires commit 2b0539ef9d ("lucihttp: update to latest Git HEAD") to function properly. Fixes: #5843 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-05-03luci-base: fix DSL feature detectionJo-Philipp Wich
On boards with ADSL instead of VDSL support we need to expect an `/sbin/dsl_cpe_control` instead of an `/sbin/vdsl_cpe_control` executable. Ref: https://forum.openwrt.org/t/dsl-line-stats/126580 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-03-30luci-base: ucitrack: fix broken affects logicJo-Philipp Wich
Changes on a given configuration should trigger change events on affected configurations, not the other way around. Fixes: #5745 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-01-25luci-base: explicitly invoke busybox applet for password changeJo-Philipp Wich
Ensure to invoke the Busybox `passwd` applet to change the system password in a non-interactive manner. Non-Busybox variants may not take the new password input from stdin or use password hashes which are not supported by musl's `crypt()` implementation by default. Fixes: #5629 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-01-22luci-base: fix ubus luci.getConntrackHelpers call with firewall4Jo-Philipp Wich
Fallback to firewall4's helper list if the fw3 one cannot be loaded. Fixes broken zone configuration when firewall4 is installed as backend. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-01-20luci-base: properly detect flow offloading capabilities with nftablesJo-Philipp Wich
When the system is running with nftables instead of iptables, the proprietary XT_FLOWOFFLOAD module will not be present, query the nft equivalent instead. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-01-06luci-app-firewall: initial firewall4 compatibilityStijn Tintel
Initial changes required for firewall4 compatibility: * depend on uc-firewall instead of firewall * detect installed version of firewall and hide incompatible features Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Reviewed-by: Jo-Philipp Wich <jo@mein.io>
2021-11-16luci-base: apply Browser/OS dark mode preference to index redirect pageJo-Philipp Wich
Turn white body, black link into black body, white link if the Browser/OS indicates dark mode preference. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-10-28luci-base: add "dsl" system featureJo-Philipp Wich
Allows LuCI views to probe DSL presence using `L.hasSystemFeature('dsl')`. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-10-11luci-base: dispatcher: rework dispatching and menu filtering logicJo-Philipp Wich
- Prefer nodes that do not require authentication over nodes that do - Honour ACL dependencies while resolving firstchild nodes - Consider currently active session while scanning menu tree instead of only loading effective ACLs when a login node is encountered - Do not consider nodes for firstchild dispatching which specify a special "firstchild_ineligible" property - Hide menu nodes that have no accessible children Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-02-13luci-base: remove deprecated radvd from ucitrackHannu Nyman
Cleanup /etc/config/ucitrack by removing 'radvd' affect item from network, as the radvd package has deprecated by odhcpd and odhcp6c in 2014. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2021-01-02luci-mod-network: skip check for 802.11w featureDobroslaw Kijowski
OpenWrt commit 1a9b896d ("treewide: nuke DRIVER_11W_SUPPORT") enables 802.11w feature for all wpad/hostapd configurations. The feature flag was removed at all but for the compatibility reasons 11w is still advertised (but there's a plan to nuke it also) [1]. Remove conditional 802.11w LuCI support to match current behavior. [1]: https://github.com/openwrt/openwrt/pull/3347 Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
2020-10-31luci-base: fix syntax error in hostapd featuresMartin Böh
Signed-off-by: Martin Böh <mart.b@outlook.de>
2020-10-11luci-base: check support for hostapd wpsAnsuel Smith
Check if hostapd supports wps pushbutton features. (wps is now supported by ubus instead of using hostapd_cli) Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2020-08-02luci-base: Fixed delayed portstatus loading on R7800Nicolas Thumann
Signed-off-by: Nicolas Thumann <me@n-thumann.de>
2020-06-16Merge pull request #4127 from blocktrron/luci-wep-featuresJo-Philipp Wich
luci-mod-network: query WEP support
2020-06-16luci-base: move vpn sectionFlorian Eckert
Move the VPN configuration section behind the network configuration. The normal workflow is add/edit the network and then add/edit a vpn configuration. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2020-06-02luci-base: grant uci rename permissionsJo-Philipp Wich
When doing an initial wireless configuration migration, LuCI needs to perform a series of rename calls which weren't allowed so far. Ref: https://forum.openwrt.org/t/config-migration-endless-loop/64340 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-06-01luci-base: add queryable WEP WiFi featureDavid Bauer
This commit adds WEP as a queryable WiFi feature. Support for the deprecated WEP encryption is not compiled-in to hostapd or wpa_supplicant by default anymore. Allow LuCi to query the availability of WEP to remove it from the list of avialable encryption methods in case hostapd / wpa_supplicant are compiled without it. Signed-off-by: David Bauer <mail@david-bauer.net>
2020-04-25luci-base: make logout link depend on luci-base ACLJo-Philipp Wich
Fixes: #3966 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-04-17luci-base: fix trainling comma in ACL specificationJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-04-16luci-base: implement JSON endpoint to fetch menu informationJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-04-09treewide: reorganize base ACLsJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-04-08Merge pull request #3769 from dibdot/logread-fixJo-Philipp Wich
luci-base: accept alternative logread location
2020-04-08Merge pull request #3749 from Ansuel/fix_relaydJo-Philipp Wich
luci-base: fix error 404 on missing relay protocol
2020-03-23ucitrack: fix bug for exec with paramsjjm2473
In file `/etc/config/ucitrack` ``` config fstab option exec '/sbin/block mount' ``` `/sbin/block mount` never be called after fstab changed. Signed-off-by: jjm2473 <1129525450@qq.com>
2020-03-20luci-base: accept alternative logread locationDirk Brenken
* minimal change to accept the usual logread location plus the alternative location (/usr/sbin/logread) used by syslog-ng (see openwrt/packages/issues/11535 for reference) Signed-off-by: Dirk Brenken <dev@brenken.org>
2020-03-13luci-base: ensure that ubus path uses trailing slashJo-Philipp Wich
Without the trailing slash, probing endpoint availability will fail. Fixes: 529bde440 ("luci-base: make rpc webserver path configurable") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-03-12luci-base: add relayd to getFeature listAnsuel Smith
Add /sbin/block to the generic Feature list to make it easily accessible by getProtocolHandlers Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2020-02-13luci-base: extend rollback timeout to 90 secondsJo-Philipp Wich
Ref: #3628 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-01-28luci-base: make swconfig port state parsing more robustJo-Philipp Wich
Since swconfig output varies wildly among different switch drivers, rely on a simpler more robust parsing approach to find the required information. Ref: https://forum.openwrt.org/t/cannot-read-property-link/50766 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-01-25luci-base: allow loading translations when not authenticatedJo-Philipp Wich
Fixes: #3563 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-01-17Merge pull request #3522 from swg0101/systemcertJo-Philipp Wich
luci-base/mod-network: corrections to previous commit
2020-01-16luci-base: correct rpcd bad access modeDavid Lam
Corrects the bad access mode from a previous commit that did not allow rpcd luci to execute. Signed-off-by: David Lam <david@thedavid.net>
2020-01-16Merge pull request #3511 from Ansuel/no-hardJo-Philipp Wich
luci-base: remove hardcoded cgi-bin path
2020-01-16Merge pull request #3517 from Ansuel/ubus_shortJo-Philipp Wich
luci-base: make rpc webserver path configurable
2020-01-16luci-base: make rpc webserver path configurableAnsuel Smith
Currently the ubus path that provide the webserver is hardcoded to be /ubus. Change this to make it configurable from the luci config file. Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2020-01-16luci-base: remove hardcoded cgi-bin pathAnsuel Smith
Currently LuCI can be loaded only when placed in the root of the server as the cgi-bin path are hardcoded. Change the index.html to load the cgi-bin path from the current level. Also add a new entry in the env Object to make the cgi_base path easily accessible. This variable will be based on the position of /cgi-bin/luci. Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2020-01-16luci-base: add system cert bundle detectionDavid Lam
Add detection mechanism for system cert CA bundle installed by the ca-bundle package. Used by LuCI to detect whether the "Use system certificates" certificate validation option should be enabled. Signed-off-by: David Lam <david@thedavid.net>
2019-12-29luci-mod-status: reimplement route status page as client side viewJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-12-22luci-mod-status: reimplement log pages as client side viewsJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-12-22luci-mod-status: reimplement iptables status page as client side viewJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-12-22luci-mod-status: replace iptables controller actions with cgi-io callsJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-12-18luci-mod-network: replace controller address check action with cgi-io scriptJo-Philipp Wich
This change removes the last bit of Lua code from luci-mod-network. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-12-16luci-mod-network: reimplement diagnostics page as client side viewJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-12-16luci-base: convert menu nodes to JSONJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-08luci-base, luci-mod-network: migrate getDUIDHints method to C pluginJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-03luci-base, luci-app-firewall: port custom rules to client side viewJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-03luci-base, luci-mod-status: convert process status to client side viewJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-03luci-base: add luci/getProcessList RPC methodJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>