Age | Commit message (Collapse) | Author |
|
Rework the apply confirmation mechanism to be session agnostic in order to
circumvent cross domain restrictions which prevent the JS code from issuing
apply confirm requests in some cases, e.g. when changing the LAN IP.
Confirmation calls may now be done from unauthenticated pages, as long as a
matching confirmation token is sent along with the request.
The reasoning behind this is that there is little security impact in
confirming pending apply sessions, especially since those sessions can only
be initiated while being authenticated.
After this change, LuCI will now launch a confirmation process on every
rendered page when a rollback is pending. The confirmation will happen
regardless of whether the user is logged in or not, or if the current page
is a CBI form or static template.
A confirmation request now also requires a random one-time token which is
rendered along with the confirmation JavaScript code in order to succeed.
This token is not meant to provide security but to ensure that the confirm
was triggered from an interactive browser session and not some background
HTTP requests that happened to end up in the admin ui.
As a consequence, the different apply/confirm/rollback code paths in CBI
maps and the UCI change/revert pages have been consolidated into one common
implementation residing in the common global theme agnostic footer template.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The previous approach of synchroneously scanning while building the result
page was suboptimal since it frequently led to connection resets when
accessing LuCI via wireless.
It also exhibited problems when accessed via SSL on recent Firefox versions
where the page were only loaded partially.
Rework the wireless scanning to gather scan results in a background process
and put them into the ubus session data area where they can be readily
accessed without causing network interruptions.
Subsequently rebuild the wireless join page to use XHR polling to
incrementally fetch updated scan results.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Remove the guessing of primary interfaces for now as we cannot yet properly
track parent / child interface relations.
Instead, add tooltips to the interface icons displaying detailed physical
layer information per netdev.
For dynamic or true alias interfaces (using "@" notation), skip the
reporting of MAC and traffic stats.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Convert interface enable, disable and delete actions to proper cbi
operations so that we can benefit from the apply/rollback workflow
when performing critical interface operations.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
This will offer apply/rollback workflow for tasks like deleting or shutting
down wireless networks.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
If an uploaded backup.tar.gz is not valid we will not get a respond from
LuCI. The system will perform a reboot without applying the "tar.gz"
even though the backup import failed.
To fix this check if the backup archive is valid with the command
"gunzip -t <archive>" and if the validation fails render the flashops page
with a hint. On the other hand apply the backup archive and perform a
reboot as before.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
|
luci-mod-admin-full: fix missing wifi_assoclist
|
|
With #e5ba594d77eed77d31d4b9b8c0e86026eb5a5fac the list of the connected device broke up. This fix this problem by creating a proper request link.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
UCI apply/rollback workflow
|
|
It's how the module was named when "require"d and used by other code in
the same function
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
The check "supports_reset" only covers /proc/mtd partitions. If we have
this the commands checks for names like ubi or rootfs_data. If this is
found the system is possible for a factory reset. But on x86 the
situation is different. We have no /proc/mtd partitions because this
system do not use a bare metall flash.
To solve this issue check if we have an overlay and if so we could do a
factory reset. This could be applied for system which uses bare metal
flash and system which uses FTL or harddisks.
Jffs2reset is the current command used for factory reset. It will try
to find volume "rootfs_data" and if it's mounted will delete all files
under directory /overlay
luci-mod-admin-mini also has check for reset available, but we leave it
alone for now as it uses "mtd -r erase rootfs_data"
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
Switch to rpcd based uci apply/rollback workflow which helps to avoid soft-
bricking devices by requiring an explicit confirmation call after config
apply.
When a user now clicks "Save & Apply", LuCI first issues a call to uci apply
which commits and reloads configuration, then goes into a polling countdown
mode where it repeatedly attempts to call uci confirm.
If the committed configuration is sane, the confirm call will go through and
cancel rpcd's pending rollback timer.
If the configuration change leads to a loss of connectivity (e.g. due to bad
firewall rules or similar), the rollback mechanism will kick in after the
timeout and revert configuration files and pending changes to the pre-apply
state.
In order to cover such rare cases where a lost of connectivity is expected
and desired, the user is offered an "unchecked" apply option after timing
out, which allows committing and applying the changes anyway, without the
extra safety checks.
As a consequence of this change, the luci-reload mechanism is now completely
unsused since rpcd uses ubus config reload signals to reload affected
services, which means that only procd-enabled services will receive proper
reload treatment with the new workflow.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
This fixes issues dicovered by check-controllers.sh
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Fixes #1725
Fixes 731ed77c0 ("treewide: improve handling of page redirections in uci change views")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Instead of passing the full LuCI request url, pass the relative resolved
request path instead and filter the received value through the lookup()
dispatcher function to only allow paths to actual internal pages.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Use the new luci.ip MAC address facilities to parse and verify MAC addresses
in a common way, instead of relying on various ad-hoc solutions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The Overview page and Network>Interfaces page currently do not give much information about IPv6, particularly with Prefix Delegated setups. In these setups, ISP will delegate a prefix to the router. Currently LuCI doesn't display this Prefix Delegation from the ISP anywhere. A number of changes was added to this commit:
1) self:_ubus("ipv6-prefix") was extracted and put into protocol.ip6prefix.
2) Network>Interfaces page, if a .ip6prefix is present, show it under Status. (IPv6-PD).
3) On the Overview page, "Type" and "Prefix Delegated" has been added to the IPv6 Network Overview Status:
- Type will display the .proto, similar to the IPv4 case. If a .ip6prefix is present, it'll display a "-pd" at the end of the Type: i.e. dhcpv6-pd vs. dhcpv6.
- If no .ip6prefix is present, it'll do what it does currently, and just show Address, or :: if no address is present.
- If .ip6prefix is present, it'll show the "Prefix Delegated", it'll also hide "Address" if no address is present, else it'll show ifc6.ip6addr as well.
Signed-off-by: Cody R. Brown <dev@codybrown.ca>
|
|
luci-mod-admin-full: Store system time into RTC also
|
|
Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
|
|
We're currently just setting system time, but we don't set battery
backed RTC. Time in the RTC is only set on the graceful shutdown, which
is quite hard to achieve on embedded devices.
In other words, on systems with battery backed RTC we currently don't
handle following use case properly:
1. Set system time from web UI (sets only system time, but not RTC)
2. Unplug the device from power
Then after the reboot, we've wrong system time again, because time set
in [1] is not saved to battery backed RTC.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
|
Show also the sha256 checksum in addition to MD5 checksum to enable
image verification also for builds with only sha256 checksums.
If the 'sha256sum' command is not present in the system, the value
remains empty.
Note: The easiest way to get the 'sha256sum' command is to compile it
into busybox.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
Replace the menu item "Wifi" by "Wireless",
which is already used for page and section headings
This closes #695
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
This pull request adds a condition, which checks whether the file "/etc/config/fstab" exists before it allows access to "mount points".
Signed-off-by: Guido Lipke <lipkegu@gmail.com>
|
|
Enable reset in LuCI also for ubi based firmwares.
This closes #672
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
- Under some conditions the system will shutdown
uhttpd before the page will be delivered to
the client. Waiting one second should eleminate
this behaviour.
Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Do not use standard post security checking for actions that require file upload
since reading the token value will trigger parsing of the http message body
before the file upload handler has been set, which causes LuCI to buffer the
entire request body in memory.
In order to simplify the code and logic flow, split action_flashops() into
separate handlers for reset, backup, restore and sysupgrade.
Let the backup restore and sysupgrade handlers use the new test_post_security()
method in luci.dispatcher to perform token checking *after* setting the upload
handler.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
The urltoken table is going to be removed.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
* Use post_on() target to require csrf token verification for modifying actions
* Ensure that package and flash operation handlers guard modifying operations
with parameter check
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Also rework the reboot tmeplate a little bit.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Switches UCI apply/revert/save to CSRF token protected POST actions.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Simplify fstab setup by offering hints for uuid/label and device node options.
Fix rootfs handling logic by removing obsolete references to the "is_rootfs"
option and offering "/" and "/overlay" choices for the mountpoint instead.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Remove luci.sauth session storage implementation and offload the session
management to the rpcd ubus backend. Also depend on rpcd due to this.
|