I had occasion to use nixio.exece() recently and I could not figure out what it
wanted for the third argument (the environment) as no matter what sort of table
I passed, even nixio.getenv(), would fail with bad argument #3 to 'exece'
(invalid environment).
What it should expect is a table full of string values for keys and something
that can be converted to a string as a value, however it inverts the value of
lua_type() and compares it against a type, which will never evaluate to true.
Getting past this, the code inserts the KEY=VALUE string before the arg userdata,
and then forgets to take the env userdata into account when collecting the
arguments back into a C char**. This patch addresses all these issues and
provides a working nixio.exece().
[Fixes#500]
The nixio library can mistakenly build without shadow password support due to the
compile-time test failing.
Because the test for HAS_SHADOW in the nixio Makefile uses the default CC flags,
the test may attempt to cross-compile with different VFP abi than libc does and
will therefore not link. Passing CCFLAGS on the command line builds the test
correctly and will enable HAS_SHADOW if available.
The validity of authentication tokens was determined by the
mtime of respective authentication tokens on filesystem
stored in $sessionpath.
Talking about hardware without RTC or without a prior
connection to a time server, date/time usually around 1970 -
so is the mtime of the authentication token file in
$sessionpath.
When now configuring an internet connection via LuCI, the
system might fetch the current date/time (e.g. via ntp)
which invalidates the token, returns "403 Forbidden" and
kicks the user out of the interface.
This patch changes the authentication system to use time values
based on the uptime of the machine - rather than values based upon
gettimeofday() and {a|m}time values - and save them inside the token.
That way can always determine the difference between login
(last interaction respectively) and the current time, in-
dependant of the system clock jumping backwards/forwards.
Warning: This patch removes the clean() function and respective calls.
This means, invalid tokens will NOT be determined and removed from
filesystem automatically anymore.
Before, every HTTP-call caused a scan for invalid tokens,
which is quite expensive. Instead consider using a cron job
deleting all stalled files periodically.
Contributed by T-Labs, Deutsche Telekom Innovation Laboratories
Signed-off-by: Mirko Vogt <mirko@openwrt.org>
