Commit graph

423 commits

Author SHA1 Message Date
Jo-Philipp Wich
98d4eb1695 luci-base: mark password template dummy field as hidden
Mark the dummy input field as aria-hidden, should fix #2063.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-08-16 09:36:37 +02:00
Jo-Philipp Wich
849d153851 treewide: rework uci change display
- Use native rpcd uci changes format instead of incompletely converting
   back and forth between the old and the new format
 - Rework uci changelog template to print the equivalent uci commands
   for the various changes
 - Rework theme headers to properly count the uncomitted changes
 - Rework theme CSS to properly style new changelog

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-08-13 09:23:22 +02:00
Gregory L. Dietsche
abfe45ff61 Correct grammar in apply_widget.htm
This patch corrects "to get" to "to be" in apply_widget.htm
This shell command was used to find and make the change in
all impacted files:

find . -type f -exec sed -i 's/Waiting for configuration to get applied/Waiting for configuration to be applied/g' {} +

Signed-off-by: Gregory L. Dietsche <gregory.dietsche@cuw.edu>
2018-08-07 09:20:28 -05:00
Jo-Philipp Wich
350be23eb9 luci-base: fix footer template
Move the apply widget markup before the final </html> tag to avoid XHTML
errors with the OpenWrt theme.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-28 14:21:36 +02:00
Jo-Philipp Wich
e5a1ac0228 treewide: rework rollback/apply workflow
Rework the apply confirmation mechanism to be session agnostic in order to
circumvent cross domain restrictions which prevent the JS code from issuing
apply confirm requests in some cases, e.g. when changing the LAN IP.

Confirmation calls may now be done from unauthenticated pages, as long as a
matching confirmation token is sent along with the request.

The reasoning behind this is that there is little security impact in
confirming pending apply sessions, especially since those sessions can only
be initiated while being authenticated.

After this change, LuCI will now launch a confirmation process on every
rendered page when a rollback is pending. The confirmation will happen
regardless of whether the user is logged in or not, or if the current page
is a CBI form or static template.

A confirmation request now also requires a random one-time token which is
rendered along with the confirmation JavaScript code in order to succeed.

This token is not meant to provide security but to ensure that the confirm
was triggered from an interactive browser session and not some background
HTTP requests that happened to end up in the admin ui.

As a consequence, the different apply/confirm/rollback code paths in CBI
maps and the UCI change/revert pages have been consolidated into one common
implementation residing in the common global theme agnostic footer template.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-27 14:07:23 +02:00
Jo-Philipp Wich
9ead1e29a6 luci-base: utils: support multiple return values in util.ubus()
This is needed to deal with ubus methods that return multiple results,
e.g. session/list

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-27 14:07:23 +02:00
Jo-Philipp Wich
c27a77756c luci-base: strip superfluous space in additional field markup
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-23 15:10:55 +02:00
Jo-Philipp Wich
b6dd0ecd6c luci-base: rework reveal/hide CBI password template button
Also add a hidden type password field to prevent browser autocompleters
from entering the login passwords into fields liek the wireless WPA key
field.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-23 14:30:03 +02:00
Jo-Philipp Wich
8e0ee137a6 luci-base: add description annotations to tblsection cells
Add a "data-description" attribute to CBI fields which have a description
set, this allows responsive design themes to render a field description
when decomposing the table grid.

Also reuse the precalculated "typename" property if it exists, instead of
deriving it from the template name yet again.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-22 17:45:03 +02:00
Jo-Philipp Wich
3c90289e0f luci-base: fix bad CSS class names in table section template
The previous refactoring of the template caused the row stripying CSS
classes to be interpolated in such a way, that a separating space to
previous CSS classes was missing, leading to not rendered row names
and other side effects.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-20 11:35:09 +02:00
Jo-Philipp Wich
c09e154560 luci-base: rework CBI footer template
- Make sure that hitting enter in the form hits the CBI save action and not
  apply or cancel
- Hide action panel if no actions are available
- CLeanup code

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-18 12:05:05 +02:00
Jo-Philipp Wich
f1fb7122e3 luci-base: rework tblsection template
- Hide empty title and description rows
- Correct row striping offset
- Cleanup code

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-18 12:05:05 +02:00
Jo-Philipp Wich
bc562294b9 luci-base: rework simpleform template
- Ensure that pressing enter in the form triggers the submit action and
  not a cbi skip or cancel
- Hide page actions when empty
- Cleanup code

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-18 12:05:05 +02:00
Jo-Philipp Wich
fcc9cd6a9a luci-base: fix field section add button/input field names
Some CBI map models, mainly the Network -> VLAN page, expect a valid
previous section ID in their Section:create() callback.

Previous refactoring of the tblsection markup broke this behaviour as
the "section" loop variable was accidentally localized, causing it to
be undefined outside of the loop body which caused the section add
button and name input fields to get rendered with a wrong "name"
attribute.

Fix this by moving the "section" variable declaration out of the loop
and by readding references to it in the non-anonymous section add case.

Fixes FS#1657
Fixes 002c4d1d5 ("luci-base: add "Name" label to autogenerated title column")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-16 17:34:26 +02:00
Jo-Philipp Wich
ffff1e7c0a luci-base: fix handling alias interfaces in ifacelist widget
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-15 17:28:38 +02:00
Jo-Philipp Wich
37aeb77dda luci-base: luci.model.network: recognize alias interfaces
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-15 17:07:28 +02:00
Jo-Philipp Wich
22e4a2420c luci-base: tweak tblsection markup
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-13 09:37:08 +02:00
Jo-Philipp Wich
94be4881a0 luci-base: add error reporting and basic support for dynamic interfaces
This allows exposing virtual ubus-based network interfaces in LuCI.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-12 18:10:10 +02:00
Jo-Philipp Wich
d4e52ca03b luci-base: apply_widget: various fixes
- Fix button styles in failure message
 - Pause XHR polling during apply/rollback sessions
 - Throttle confirm requests to 1 request/second

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-12 18:10:10 +02:00
Jo-Philipp Wich
4a083f6d23 luci-base: fix placement of CBI strings
Commit c0de036b3 ("treewide: always include cbi.js") improperly removed the
cbi.js script include from header.htm, leaving behind the string dictionary.

Move the JSON dictionary to the parent <form> element and delete the
leftover </script> element.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-09 17:04:10 +02:00
Jo-Philipp Wich
c0de036b31 treewide: always include cbi.js
Include cbi.js in the main header template like it is done for xhr.js and
remove the page specific includes.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-09 11:51:43 +02:00
Jo-Philipp Wich
3aba615029 luci-base: rework "in request" flagging logic for menu nodes
The previous implementation failed to mark active nodes under some
circumstances.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-02 08:46:26 +02:00
Jo-Philipp Wich
c61c5deac4 luci-base: luci.tools.status: add host_hints to DHCPv6 leases
Attempt to derive a MAC from the DHCPv6 lease DUID and use it to look up
a host hint. If a hint is found, add it to the lease information.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-06-28 09:42:17 +02:00
Jo-Philipp Wich
002c4d1d5f luci-base: add "Name" label to autogenerated title column
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-06-25 11:12:25 +02:00
Jo-Philipp Wich
18d92aca53 luci-base: annotate tblsection description row as well
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-06-25 09:51:18 +02:00
Jo-Philipp Wich
e5ba594d77 luci-base, luci-mod-admin-full: unify wifi assoclist code
Merge the assoclist code of the status overview and wireless overview pages
into a single shared partial template.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-06-25 09:01:33 +02:00
Jo-Philipp Wich
d0b91bcca2 luci-base: globally cleanup markup
- add responsive attributes to partial cbi templates
 - unify and fix button style classes
 - fix styling of sysauth dialog
 - rework firewall_zoneforwards widget

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-06-23 17:13:22 +02:00
Jo-Philipp Wich
74be6f3974 treewide: switch firewall zone, network and iface lists to dropdown code
Also switch the weekday and monthday lists in the firewall rule details to
cbi dropdowns, vastly uncluttering the form.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-06-08 08:19:20 +02:00
Jo-Philipp Wich
9d48490729 luci-base: add markup, JS and CSS for new dropdown
This commit introduces the required code for a new, markup based dropdown
widget which can be used as a styleable alternative to select boxes or
radio/checkbox button groups.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-06-08 08:14:36 +02:00
Jo-Philipp Wich
4cca96ef09 luci-base: support option aliases in luci.cbi
AbstractValue descendants may now specify a new optional property `alias`
which refers to a uci option to read/write/remove that differs from the
option name itself.

This is mainly useful for widgets that are toggled based on dependencies,
e.g. for alternating between SingleValue and MultiValue, but which are
intented to write into the same uci option.

Such a setup was previously possible already by overriding the .cfgvalue(),
.write() and .remove() callbacks with custom implementations, but that
required a lot of boiler plate code and was rather fragile.

With the `alias` property, CBI now takes care of the details and tracks
aliased fields within a section accordingly.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-06-08 07:25:54 +02:00
Jo-Philipp Wich
7be3f0400c luci-base: fix some minor luci.model.uci issues
- Properly serialize option delete changelogs
 - Do not perform a section create if a nil value is passed to set()

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-06-06 21:45:49 +02:00
Jo-Philipp Wich
2d352a9251 luci-base: cbi: atomically reorder uci sections
Since the switch to ubus uci operations we do not have a local application-
side cursor cache anymore, instead uci operations happen synchronously in
the rpcd backend server.

This may cause cbi section reorder operations involving multiple elements
to fail, because anonymous section hashes may change due to rehashing
between consecutive ubus uci reorder calls.

In order to avoid that problem, use the ubus uci batch reorder extension,
which allows to pass a complete (or partial) list of section ids in the
desired order in one call, bypassing the volatile section id problem.

Fixes #1844.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-06-03 20:02:44 +02:00
Jo-Philipp Wich
29b391d7bc luci-base: use common alert message markup
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-05-31 19:06:48 +02:00
Jo-Philipp Wich
298d164dd7 luci-base: update coxpcall() implementation, fix runtime error reporting
Sync our coxpcall() implementation to the newest upstream version in order to
get access to the inner backtrace information and propagate these traces to
the browser in luci.dispatcher.dispatch().

This should make tracking down runtime errors much easier.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-05-31 17:45:49 +02:00
Jo-Philipp Wich
5427395649 luci-base: add full page overlay during apply
After applying uci configuration, a full map reload is required in many
cases as the anonymous section identifiers might have been rehashed, causing
the rendered map to go out of sync.

To avoid that, add both a full page overlay preventing further page
interaction and let the apply widget forcibly reload the current view once
the operation is complete.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-05-31 15:38:42 +02:00
Jo-Philipp Wich
067d7dc9f7 treewide: convert HTML tables to div
Mostly convert HTML tables to div based markup to allow for easier styling
in the future. Also change JS accessor code accordingly.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-05-28 15:18:45 +02:00
Ansuel Smith
da1e655294
luci-base: fix dispacher fail
http.getenv("SCRIPT_NAME") fail if it's not provided. This can happen in the login screen when we don't have any script to load.

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2018-05-23 02:52:08 +02:00
Jo-Philipp Wich
64da34b13c luci-base: handle potential crash in luci.model.network.interface.get_i18n()
Should prevent the crash mentioned in #1779.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-05-19 22:11:08 +02:00
Jo-Philipp Wich
9ed48ef2a6 luci-base: break circular luci.config <> luci.model.uci dependency
On certain environments, mainly with the embedded uhttpd interpreter, the
luci.config class cannot be loaded due to a circular dependency with the
luci.model.uci class.

Break up the dependency by deferring the loading of luci.config in
luci.model.uci until it is actually needed.

Fixes #1803, FS#1553.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-05-19 13:07:37 +02:00
Jo-Philipp Wich
828202ef52
Merge pull request #1769 from jow-/master
UCI apply/rollback workflow
2018-05-18 16:44:33 +02:00
Jo-Philipp Wich
80cb4fef8c luci-base: raise maximum POST value size to 100KB
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-05-18 16:43:29 +02:00
Hannu Nyman
521554f4a7
Merge pull request #1748 from hnyman/wifidata
luci-base: show wifi chip identification on overview
2018-05-18 12:51:24 +03:00
Yousong Zhou
2f0f456b71 luci-base: harden cookie sysauth=
A simple scan of the code indicates that currently no code in the repo
is accessing the sysauth= cookie

Closes openwrt/luci#1555

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-05-13 18:30:47 +08:00
Jo-Philipp Wich
8deb949551 treewide: rework uci apply workflow
Switch to rpcd based uci apply/rollback workflow which helps to avoid soft-
bricking devices by requiring an explicit confirmation call after config
apply.

When a user now clicks "Save & Apply", LuCI first issues a call to uci apply
which commits and reloads configuration, then goes into a polling countdown
mode where it repeatedly attempts to call uci confirm.

If the committed configuration is sane, the confirm call will go through and
cancel rpcd's pending rollback timer.

If the configuration change leads to a loss of connectivity (e.g. due to bad
firewall rules or similar), the rollback mechanism will kick in after the
timeout and revert configuration files and pending changes to the pre-apply
state.

In order to cover such rare cases where a lost of connectivity is expected
and desired, the user is offered an "unchecked" apply option after timing
out, which allows committing and applying the changes anyway, without the
extra safety checks.

As a consequence of this change, the luci-reload mechanism is now completely
unsused since rpcd uses ubus config reload signals to reload affected
services, which means that only procd-enabled services will receive proper
reload treatment with the new workflow.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-05-05 23:11:23 +02:00
Jo-Philipp Wich
7cca313959 luci-base: enable uci session isolation
Switch to per-session save directories to decouple LuCI configuration changes
from system wide ones.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-05-05 23:11:23 +02:00
Hannu Nyman
4edc9256fa luci-base: show wifi chip identification on overview
Show the correct wifi chip identification in case iwinfo
recognises the chip.

So far the wifidev.get_i18n function has practically always
returned just "Generic", but use iwinfo.hardware_name to
fetch the name.

In case iwinfo returns the default "Generic MAC80211", there
is a double 80211 in the final string, which is a cosmetic bug.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2018-05-05 21:20:41 +03:00
Jo-Philipp Wich
b0f3946570 luci-base: support hiding the "Back to Overview" button in cbi maps
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-05-03 08:25:26 +02:00
Jo-Philipp Wich
07de9190d8 Revert "luci-base: support hiding the "Back to Overview" button in cbi maps"
This reverts commit 52cf265c9d.

I accidentally committed unrelated changes.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-05-03 08:24:36 +02:00
Jo-Philipp Wich
52cf265c9d luci-base: support hiding the "Back to Overview" button in cbi maps
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-05-03 08:22:55 +02:00
Jo-Philipp Wich
8459ec0ec8 luci-base: add simple CORS handling to luci.dispatcher
Support a new boolean property `cors` which - if set to true - causes the
dispatcher to positively answer CORS OPTIONS requests after authentication
without actually running the dispatching target.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-26 08:26:30 +02:00
Jo-Philipp Wich
7d13ec6010 luci-base: handle bodies of non-POST requests as well
Decode the HTTP message bodies of any request carrying a Content-Length
header, not just those in POST requests.

This allows handling parameters in other methods, OPTIONS in particular.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-26 08:26:19 +02:00
Jo-Philipp Wich
11f4a50b3f luci-base: additionally return error code strings in luci.util.ubus()
Add a 3rd return value to luci.util.ubus() containing the string value
of the error return value.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-24 19:22:55 +02:00
Jo-Philipp Wich
914c661b58 luci-base: ensure that file upload values have length
Ensure that the (table) length of a file upload value has nonzero length
by initializing the first table index with the file name.

This fixes tests in the form

    x = luci.http.formvalue(...)
    if x and #x > 0 then ... end

Fixes #1763.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-24 13:44:40 +02:00
Jo-Philipp Wich
82abf9add9 luci-base: decode plus signs in x-www-form-urlencoded POST data
Depends on 5ef51b2ab ("lucihttp: update to latest HEAD").
Fixes #1755.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-22 12:03:23 +02:00
Jo-Philipp Wich
172155eb46 luci-base: properly handle repeated POST parameters
Restore the old luci.http behaviour of converting repeated POST params into
single tables holding all values instead of letting each repeated parameter
overwrite the value of the preceeding one.

Fixes, among other things, the handling of CBI dynamic list values.

Fixes #1752
Fixes 59dea0230 ("luci-base: switch to lucihttp based POST data processing")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-19 12:00:13 +02:00
Jo-Philipp Wich
9b22c9c1e1 luci-base: implement session handling in luci.model.uci
Introduce luci.model.uci.set_session_id() and luci.model.uci.get_session_id()
to set and get the effective session ID respectively.

When a session ID is set, it is sent as `ubus_rpc_session` attribute to rpcd,
causing it to use per-session change directories, isolating LuCI changes from
the global system uci state.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-19 11:42:12 +02:00
Jo-Philipp Wich
b4040aacb0 libs: move http.protocol.{date,mime,conditionals} to luci-lib-httpprotoutils
Also adjust the dependencies of components depending on these classes and
flatten the namespace from luci.http.protocol.* to luci.http.*

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-18 16:21:27 +02:00
Jo-Philipp Wich
eb4571c6dc luci-base: fold luci.http.protocol into luci.http
With only the decoder routines remaining in luci.http.protocol, it makes no
sense to keep the low level protocol class around, so fold the remaining code
into the central luci.http class.

Also adjust the few direct users of luci.http.protocol accordingly.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-18 16:21:27 +02:00
Jo-Philipp Wich
8f66de12c1 luci-base: refactor luci.http
- Rewrite getcookie() to use liblucihttp header value parsing
 - Rewrite setfilehandler() to use local variables and have cleaner code
 - Fix build_querystring() to actually *en*code the given params

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-18 16:21:27 +02:00
Jo-Philipp Wich
db0d5b33d0 luci-base: drop luci.util.dtable()
The dtable() function has no user in the entire LuCI repo, so drop it.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-18 16:21:27 +02:00
Jo-Philipp Wich
59dea0230c luci-base: switch to lucihttp based POST data processing
Use the liblucihttp provided multipart and x-www-urlencoded body parsers
and drop the old Lua parsing code.

The C based data parsers are way faster than their old Lua counterparts
while producing less string garbage and more correct results.

While refactoring the luci.http.protocol code, also drop unused functions
and dead code, heavily reducing the module size.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-18 16:21:27 +02:00
Jo-Philipp Wich
f52c8d0b7f luci-base: switch to lucihttp.urldecode() and lucihttp.urlencode()
Drop the Lua implementation in luci.http.protocol and use the optimized C
variants of liblucihttp instead.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-18 16:21:27 +02:00
Jo-Philipp Wich
2b516423a0 luci-base: fix rendering of 404 HTML error template
This 404 error template rendering has been broken for a long time due to bad
function environment level in luci.template when invoking the rendering from
the toplevel dispatcher context.

Fix this issue by adding a local function indirection, essentially adding an
additional stack frame.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-10 12:03:15 +02:00
Jo-Philipp Wich
48a5864f06 luci-base: error404: do not access request env directly
Instead of attempting to access the request environment directly (which does
not work anyway using the CGI SGI), use the already sanitized
dispatcher.context.request property to print out the not found url.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-10 12:01:43 +02:00
Jo-Philipp Wich
b194b8882e luci-base: don't propagate null bytes in path information
It is possible to inject unescaped markup using a double encoded null byte
via PATH_INFO on certain leaf nodes.

Since there is no legitimate reason to handle null bytes in any part of the
requested url, simply skip over such bytes when parsing the PATH_INFO value.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-10 11:41:32 +02:00
Jo-Philipp Wich
b1b5723516 luci-base: consider empty parameters as well when testing POST requirement
The cbi class will react on an empty "cbi.submit" parameter as well so we
must intercept GET requests using that too.

Fixes 186e690c0 ("luci-base: dispatcher: reject non-POST requests with any cbi.submit value")

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-09 07:19:28 +02:00
Hannu Nyman
c7369830b6 timezone data: update to 2018d
Update timezone data to 2018d

http://mm.icann.org/pipermail/tz-announce/2018-March/000049.html

  In 2018, Palestine starts DST on March 24, not March 31.
     Adjust future predictions accordingly.
  Casey Station in Antarctica changed from +11 to +08

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2018-04-07 23:26:29 +03:00
Jo-Philipp Wich
8c636c87ee luci-base: fix luci.model.uci.get_first()
Properly propagate the config parameter to the foreach iterator in order
to fix get_first() lookups.

Fixes #1734.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-07 14:09:18 +02:00
Jo-Philipp Wich
5c31937a0f luci-base: escape path strings and field parameter
Prevent various XSS vectors by not interpolating field and path values
verbatim into script and html contexts.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-07 11:43:44 +02:00
Jo-Philipp Wich
b00b676923 luci-base: properly initialize cbi.js on SimpleForms
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-06 16:39:39 +02:00
Jo-Philipp Wich
bf71ae5f1b luci-base: emit a warning if cbi() delegates a SimpleForm instance
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-06 12:07:49 +02:00
Jo-Philipp Wich
24ac0d81ee luci-base: implement luci.model.uci.get_state()
Introduce a get_state() function which can be used to access legacy
uci state variables. This is usually not needed anymore but some
packages (mainly mwan3) still rely on this.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-06 09:24:36 +02:00
Jo-Philipp Wich
7b04d0bbcf luci-base: introduce luci.dispatcher.lookup()
The lookup function takes multiple, possibly malformed path fragments,
splits them on slashes, constructs a temporary path and looks up the
result in the dispatch tree.

If a matching node has been found, the function will return both the
node reference and the canonical url to it.

If no corresponding node is found, the function returns nil.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-05 23:03:01 +02:00
Jo-Philipp Wich
ac2210376d
Merge pull request #1709 from dibdot/get_interface-fix
luci-base/network.lua: fix get_interface function
2018-04-05 09:49:49 +02:00
Jo-Philipp Wich
c0d9c4f3ce treewide: filter shell arguments through shellquote() where applicable
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-05 09:37:43 +02:00
Jo-Philipp Wich
45cefe71f6 luci-base: introduce luci.util.shellquote()
Introduce a new function luci.util.shellquote() which encloses the given
string argument in single quotes and escapes any embedded single quote
characters.

This function is intended to be used when interpolating untrusted input
into shell commands.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-05 09:37:43 +02:00
Jo-Philipp Wich
9db5fa93af luci-base: fix possible shell injection in luci.tools.status.switch_status()
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-05 00:32:56 +02:00
Jo-Philipp Wich
186e690c08 luci-base: dispatcher: reject non-POST requests with any cbi.submit value
Due to the fact that luci.model.cbi reacts on any "cbi.submit" value while
the dispatcher only required POST for cbi.submit == 1, the CSRF token
protection could be bypassed.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-05 00:15:22 +02:00
Jo-Philipp Wich
053c343ef1 luci-base: use FULL_REQUEST_URI on login form templates
Switch from using the REQUEST_URI CGI variable directly to the canonicalized
FULL_REQUEST_URI property.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-04 23:30:49 +02:00
Jo-Philipp Wich
8c617c02b5 luci-base: add FULL_REQUEST_URI template property
Introduce a new template property FULL_REQUEST_URI which returns the full
canonicalized request URL built from SCRIPT_NAME, PATH_INFO and QUERY_STRING.

This new property is safer to use compared to using the raw REQUEST_URI CGI
environment variable directly as this value is essentially untrusted user
input which may contain embedded escaped slashes, double forward slashes and
other oddities allowing XSS exploitation or request redirection.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-04 23:24:31 +02:00
Jo-Philipp Wich
70ffbe65a0 luci-base: add a strict flag to the hostname validator
Some applications, e.g. dnsmasq, do not allow hostnames starting with an
underscore, therefor extend the existing hostname datatype validator with
a `strict` which disallows a leading underscore.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-04 23:21:53 +02:00
Jo-Philipp Wich
4024d4f224 luci-base: switch to ubus uci operations
Switch luci.model.uci to use ubus uci calls instead of driving libuci-lua
directly.

This prepares support for more advanced features such as per-session change
isolation and configuration rollback on errors.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-04 23:21:53 +02:00
Dirk Brenken
87c2d95264 luci-base/network.lua: fix get_interface function
* fix wrong private function call to handle
  section id as parameter (fix for #1687)

Signed-off-by: Dirk Brenken <dev@brenken.org>
2018-03-31 07:11:02 +02:00
Florian Eckert
70783f5802 luci-base: fix colspans calculation in tblsection
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-03-27 10:39:55 +02:00
Dirk Brenken
29d8770983 luci-base/util.lua: enhance checklib function
* enhance the checklib function in util.lua to check the 'fullpathexe'
  as well, e.g. this fixes runtime errors on the dhcp/dns template in
  environments without dnsmasq

Signed-off-by: Dirk Brenken <dev@brenken.org>
2018-03-22 10:40:42 +01:00
Jo-Philipp Wich
005f4fb7d4
Merge pull request #1654 from TDT-AG/pr/20180301-luci-several-fixes
luci-app-firewall/luci-base/luci-mod-admin-full: some fixes and improvements
2018-03-15 09:52:22 +01:00
Jo-Philipp Wich
28e3b32854 treewide: unify mac address handling
Use the new luci.ip MAC address facilities to parse and verify MAC addresses
in a common way, instead of relying on various ad-hoc solutions.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-03-12 16:12:18 +01:00
Jo-Philipp Wich
dfba318140 luci-base: fix documentation spelling mistakes in luci.http.protocol
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-03-12 16:04:52 +01:00
Jo-Philipp Wich
6d253abd99 luci-base: fix documentation spelling mistakes in luci.util
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-03-12 16:03:58 +01:00
Jo-Philipp Wich
62630fbf88 luci-base: fix parsing of ethers(5)
The /etc/ethers file may contain any number of white space characters
between the mac address and the IP/hostname field, so extend the pattern
to allow for that.

Man ethers(5) also states that the IP field may be a symbolic hostname,
so test whether the name is an IP address or hostname before adding it
to the hints structure.

Fixes #1674.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-03-11 18:26:31 +01:00
Hannu Nyman
bf04031171
Merge pull request #1675 from dibdot/material-fix
luci-base/firewall_zonelist: fix visual interface/background alignment
2018-03-09 18:54:32 +02:00
Dirk Brenken
21fbe39858 luci-base/firewall_zonelist: fix visual interface/background alignment
* fix for #1667, tested with all standard themes

Signed-off-by: Dirk Brenken <dev@brenken.org>
2018-03-09 08:13:03 +01:00
Jo-Philipp Wich
bf49505ea0 luci-base: properly handle undefined IPv6 local-address information
If IPv6 prefix assignment is disabled, the "local-address" structure
might exist, but be empty which causes the adress formatting in the
network model class to bail out.

Verify the completeness of the "local-address" structure before using
it in order to avoid runtime errors.

Fixes #1657.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-03-02 14:42:52 +01:00
Jo-Philipp Wich
852ec6e28b luci-base, luci-mod-admin-full: store backup vars in luci configuration
Keep the ifname and bridge state backup variables in /etc/config/luci to not
pollute /etc/config/network.

Fixes #1655.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-03-02 12:44:35 +01:00
Florian Eckert
fa756d1fbb luci-base: fix browser.htm template
If cbi_init() is not called first browser gif will not be found.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-03-01 12:31:50 +01:00
Jo-Philipp Wich
461df8b0dc luci-base: do not assume a fixed host address in delegated prefix (#1484)
OpenWrt/LEDE introduced the "local-address" field a while back to expose the
effective local host address of the delegated prefix, so use that information
instead of assuming `[prefix]:1`.

Fixes #1484.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-02-16 17:05:52 +01:00
Jo-Philipp Wich
3e1e4d5eb6 luci-base: fix Lua-side ip6hostid() datatype validation
A valid host ID as accepted by netifd must meet the following criteria:

 - Is either one of the two special "random" or "eui64" strings
 - Or is a valid IPv6 address according to inet_pton(AF_INET6)
 - Has the first 64 bit set to zero

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-02-16 17:05:48 +01:00
Hannu Nyman
eae2f37b62 timezone data: update to 2018c
Update timezone data to 2018c

http://mm.icann.org/pipermail/tz-announce/2018-January/000048.html

   Briefly:
   Sao Tome and Príncipe switched from +00 to +01.
   Brazil's DST will now start on November's first Sunday.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2018-02-02 18:21:58 +02:00
Jo-Philipp Wich
a441721d32 luci-base: log login attempts
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-17 18:49:42 +01:00
Jo-Philipp Wich
75e9338b87 luci-base: fix luci.sys.wifi.getiwinfo() on radio names
Fall back to using a phy-wide iwinfo handle if the vif query yields no result.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-03 21:27:49 +01:00
Jo-Philipp Wich
c8b48f9524 luci-base: reorder private functions
The _wifi_sid_by_ifname() function depends on _wifi_state_by_ifname()
so reorder the private helper functions accordingly to avoid nil value
call attempts.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-02 00:30:53 +01:00
Jo-Philipp Wich
f9b8d7ff7b luci-base: rework wireless state handling (#1179)
- fix mapping of ubus wireless state to uci declared vifs
 - fix leaking foreign vif info into per-phy iwinfo stats

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-02 00:24:10 +01:00
Hannu Nyman
ede51e4641 timezone data: update to 2017c
Update timezone data to 2017c

http://mm.icann.org/pipermail/tz-announce/2017-October/000047.html

   Briefly:
   Northern Cyprus switches from +03 to +02/+03 on 2017-10-29.
   Fiji ends DST 2018-01-14, not 2018-01-21.
   Namibia switches from +01/+02 to +02 on 2018-04-01.
   Sudan switches from +03 to +02 on 2017-11-01.
   Tonga likely switches from +13/+14 to +13 on 2017-11-05.
   Turks & Caicos switches from -04 to -05/-04 on 2018-11-04.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2017-11-11 18:59:14 +02:00
Felix Yan
0167394a10
Fix typos in luci-base/luasrc/http/protocol.lua 2017-10-29 15:39:21 +08:00
Jo-Philipp Wich
98aacba3ac luci-base: gracefully handle broken firewall forwarding sections
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-10-17 17:35:01 +02:00
Jo-Philipp Wich
11d0129f96 http: add random security headers
Fixes #1343.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-09-02 17:45:37 +02:00
Yousong Zhou
3809bd6ffb luci-base: datatypes: add cidr, ipnet validator type
- Rewrite ipmask to use these subtypes
- Add ip{4,6}prefix validators to cbi.js

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-08-22 20:19:49 +08:00
Jo-Philipp Wich
15cb504b44 luci-base: improve language detection
Properly deal with client accept languages containing a culture identifier
such as "zh-CN" or "pt-BR".

Fixes #1226.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-08-13 15:55:22 +02:00
Jo-Philipp Wich
4201282559 luci-base: let luci.sys.net.devices() return all netdevs
The previous implementation of the function only returned ethernet
interfaces because it relied on the AF_PACKET family entries returned
by getifaddrs().

Change the function to simply collect all interface names it sees in
order to avoid missing tunnel interfaces.

Fixes FS#917.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-28 15:44:10 +02:00
Jo-Philipp Wich
4e1b884157 luci-base: properly handle authentication without authenticator
Some controller actions like the ones in "servicectl" require authentication
but are not meant to provide an authenticator because they're only invoked
by scripts.

Rework the dispatcher logic to handle this situation and only bail out if
an authenticator name other than "htmlauth" is set.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-11 14:12:50 +02:00
Jo-Philipp Wich
882427731a luci-base: use rpcd-mod-rrdns for reverse DNS lookups
Drop the individual calls to nixio.getnameinfo() in luci.sys.net and rely
on the "network.rrdns.lookup" ubus call instead to fetch domain information
within a guaranteed timeout.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-11 14:05:31 +02:00
Jo-Philipp Wich
366707a681 luci-base: drop unused functions in luci.sys
Drop a number of redundant functions from luci.sys to shrink the code a bit:

 * luci.sys.net.arptable()   - replaced by luci.ip.neighbors()
 * luci.sys.net.routes()     - replaced by luci.ip.routes()
 * luci.sys.net.routes6()    - replaced by luci.ip.routes6()
 * luci.sys.net.deviceinfo() - replaced by nixio.getaddrinfo()
 * luci.sys.net.pingtest()   - no known user

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-11 14:05:31 +02:00
Jo-Philipp Wich
d6360bf81e luci-base: use rpcd session logins
Drop the custom credentials checking in favor to perform proper session
logins via rpcd. This is needed to properly setup ACLs when spawning
rpcd sessions in order to support direct client side ubus access in the
future.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-09 21:35:26 +02:00
Hannu Nyman
5ca3864690 luci-base: support ip6ifaceid option for proto_static
Add support for 'ip6ifaceid' option for proto_static in LuCI.

Information about the option:
 The option is optional and defaults to '::1'.
 Allowed values: 'eui64', 'random', fixed value like '::1' or '::1:2'

 When IPv6 prefix (like 'a🅱️c:d::') is received from a delegating
 server, the ip6ifaceid suffix (like '::1') is used to form
 the IPv6 address ('a🅱️c:d::1') for the interface.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2017-05-21 22:08:38 +03:00
Hannu Nyman
f2cf516cf7 luci-base: add Etc/GMT timezones
Add Etc/GMT timezones like GMT+5

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2017-05-08 19:31:36 +03:00
Jo-Philipp Wich
57121f3743 luci-base: luci.dispatcher: allow overriding sysauth template
In some cases it is useful to be able to override the template used for the
sysauth login dialog.

Add a new property "sysauth_template" which allows overriding the template
name from controller files.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-06 15:06:07 +02:00
Hannu Nyman
54c97738bc timezone data: update to 2017b
Update timezone data to 2017b.

http://mm.icann.org/pipermail/tz-announce/2017-February/000045.html
http://mm.icann.org/pipermail/tz-announce/2017-March/000046.html

Key changes in 2017a-2017b:

* Mongolia no longer observes DST.
* Chile's Region of Magallanes moves from -04/-03 to -03 year-round.
* Switch to numeric time zone abbreviations for South America, as
  part of the ongoing project of removing invented abbreviations.
* Haiti resumed observance of DST in 2017.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2017-04-10 14:45:20 +03:00
Hannu Nyman
3c988cf16c treewide: cleanup references to madwifi from LuCI
Remove the code related to the deprecated madwifi driver.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2017-02-28 18:55:11 +02:00
danrl
cd8333cf0b luci-proto-wireguard: add support for fwmark option
Adds support for the fwmark option.

FwMark is a 32-bit fwmark for outgoing packets.
If set to 0 or "off", this option is disabled.

Signed-off-by: Dan Luedtke <mail@danrl.com>
2017-02-27 20:48:46 +01:00
danrl
94d6b7b70d luci-base: added dhcpv6 datatypes
Signed-off-by: Dan Luedtke <mail@danrl.com>
2017-02-15 09:50:58 +01:00
Hannu Nyman
11f23559e4 luci-base: add hexstring datatype
Add datatype 'hexstring' for input validaiton datatypes.

It will accept any hexadecimal string.

(no length validation, as rangelength can be used for that.)

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2017-02-09 16:58:07 +02:00
Daniel Dickinson
fecf6e1d11 Merge pull request #965 from cshore-firmware/pull-request-odhcpd-mac
base: status: For odhpcd leases display MAC formatted with colons
2017-02-07 16:00:09 -05:00
Jo-Philipp Wich
d85f7a8a00 luci-base: fix logic errors in ipmask4 and ipmask6 datatype validators
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-30 19:14:08 +01:00
Cody R. Brown
5377d22b4a mod-admin-full: Add IPv6 Prefix Delegation information to Status Pages
The Overview page and Network>Interfaces page currently do not give much information about IPv6, particularly with Prefix Delegated setups. In these setups, ISP will delegate a prefix to the router. Currently LuCI doesn't display this Prefix Delegation from the ISP anywhere. A number of changes was added to this commit:

1) self:_ubus("ipv6-prefix") was extracted and put into protocol.ip6prefix.
2) Network>Interfaces page, if a .ip6prefix is present, show it under Status. (IPv6-PD).
3) On the Overview page, "Type" and "Prefix Delegated" has been added to the IPv6 Network Overview Status:
  - Type will display the .proto, similar to the IPv4 case. If a .ip6prefix is present, it'll display a "-pd" at the end of the Type: i.e. dhcpv6-pd vs. dhcpv6.
  - If no .ip6prefix is present, it'll do what it does currently, and just show Address, or :: if no address is present.
  - If .ip6prefix is present, it'll show the "Prefix Delegated", it'll also hide "Address" if no address is present, else it'll show ifc6.ip6addr as well.

Signed-off-by: Cody R. Brown <dev@codybrown.ca>
2017-01-28 01:38:06 -08:00
Jo-Philipp Wich
ae7c6f48df luci-base: mvalue: fix column wrapping
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-26 00:07:26 +01:00
Jo-Philipp Wich
ec9942925c luci-base: datatypes.lua: add missing parentheses in conditional
The missing parens lead to a wrong expression precedence, causing a runtime
error when attempting to compare nil with a number.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-24 13:51:27 +01:00
Jo-Philipp Wich
e4b1bb3156 luci-base: ipmask, ipmask4 and ipmask6 validators
These validators accept IP address specifications in the form

 - address
 - address/bits
 - address/netmask

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-23 16:15:22 +01:00
Jo-Philipp Wich
937f4fbbdf luci-base: datatypes.lua: cleanup white space
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-23 16:10:07 +01:00
Cody R. Brown
0f35de886c luci-base: luci.tools.status: properly parse infinite dnsmasq leases
The expiry time in a dnsmasq lease file line may be 0 (i.e.
expiry date = 01/01/1970 00:00:00 GMT) to denote an infinite
lease time, so adjust the code to properly support that.

The expiry attribute of the lease object will be set to "false"
in case of an infinite lease. This is to mimic the odhcp code below.
If the expiry date is not equal to 0, then just do exactly what was
done before (return the os.diff of current time and ts).

Signed-off-by: Cody R. Brown <dev@codybrown.ca>
2017-01-23 09:37:10 +02:00
Daniel Dickinson
4fd2b74e4a base: status: For odhpcd leases display MAC formatted with colons
This should result in the MAC address display being the same
using odhcpd for v4 DHCP as when using DNSMasq for v4 DHCP.

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2017-01-20 02:09:34 -05:00
Daniel Dickinson
7bfd36d585 base: webadmin: Don't take substring of nil variable
When converting interface names to UCI network names
webadmin fails if there is no UCI network name because
webadmin failed to ensure uciname has a value before
attempting to take a substring.

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2016-12-30 13:44:22 -05:00
Jo-Philipp Wich
b56d1a85e2 luci-base: luci.sys.iptparser: properly check for table support
Do not assume that the "raw" table is present on any system, instead check
/proc/net/ip{,6}_tables_names to determine which iptables tables are available.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-21 18:04:24 +01:00
Daniel Dickinson
c5287ef15f Merge pull request #663 from NeoRaider/styleable-checkboxes
luci-base: view: make checkboxes and radio buttons styleable
2016-12-10 06:36:01 -05:00
Hannu Nyman
a7c5c018b6 time zone data: Update to 2016j
Changes:
     Saratov, Russia switches from +03 to +04 on 2016-12-04 at 02:00.
     This hives off a new zone Europe/Saratov from Europe/Volgograd.

     The new zone Asia/Atyrau for Atyraū Region, Kazakhstan, is like
     Asia/Aqtau except it switched from +04/+05 to +05/+06 in spring
     1999, not fall 1994.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-12-09 18:10:44 +02:00
Jo-Philipp Wich
8e9e92a630 luci-base: luci.tools.status: properly parse infinite odhcpd leases
The expiry time in an odhcpd lease file line may be -1 to denote an infinite
lease time, so adjust the code to properly support that.

The expiry attribute of the lease object will be set to "false" in case of an
infinite lease.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-09 13:05:44 +01:00
Hannu Nyman
3936e79cf8 time zone data: Update to 2016i
Note that several of the time zones now use a numeric name
that is quoted with < >  (e.g. "<+03>-3")

musl 1.1.15 and earlier have a bug with < > quoted time zone names.
Fix for the bug
* has already been patched in musl upstream with
  http://git.musl-libc.org/cgit/musl/commit/?id=8ca27ac4bfe73bff785d0c26c1de0da92b55e5c6
* has been committed in LEDE with
  671cb35880
* has been submitted to Openwrt as pull request
  https://github.com/openwrt/openwrt/pull/163

Key changes in 2016d-2016i:
---------------------------

2016d:
     America/Caracas switches from -0430 to -04 on 2016-05-01.

     Asia/Magadan switches from +10 to +11 on 2016-04-24.

     New zone Asia/Tomsk, split off from Asia/Novosibirsk.

2016f:
     Asia/Novosibirsk switches from +06 to +07 on 2016-07-24.

     Asia/Novokuznetsk and Asia/Novosibirsk now use numeric time zone
     abbreviations instead of invented ones.

2016g:
     Turkey switched from EET/EEST (+02/+03) to permanent +03,
     effective 2016-09-07. Use "+03" rather than an invented
     abbreviation for the new time.

     Several zones in Antarctica and the former Soviet Union, along
     with zones intended for ships at sea that cannot use POSIX TZ
     strings, now use numeric time zone abbreviations instead of
     invented or obsolete alphanumeric abbreviations.

2016h:
     Asia/Gaza and Asia/Hebron end DST on 2016-10-29, not
     2016-10-21. Predict that future fall transitions will
     be on the last Saturday of October.

     Asia/Colombo now uses numeric time zone abbreviations like "+0530"
     instead of alphabetic ones like "IST" and "LKT".

2016i:
     Pacific/Tongatapu begins DST on 2016-11-06, ending on
     2017-01-15.  Assume future observances in Tonga will be
     from the first Sunday in November through the third Sunday in
     January, like Fiji. Switch to numeric time zone abbreviations
     for this zone.

     Northern Cyprus is now +03 year round, causing a split in Cyprus
     time zones starting 2016-10-30 at 04:00. This creates a zone
     Asia/Famagusta.

     Antarctica/Casey switched from +08 to +11 on 2016-10-22.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-11-08 12:43:00 +02:00
Jo-Philipp Wich
4a5635cafa luci-base: properly style login alert message
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-18 09:19:54 +02:00
Jo-Philipp Wich
8cd6e4efe8 luci-base: support reading switch topology from /etc/board.json
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-15 17:52:28 +02:00
Jo-Philipp Wich
123f14b55d luci-base: fix handling of monitor ifaces
Wireless monitor interfaces usually have no SSID set in their config and
various network model utility functions did not handle this case properly,
mainly while trying to incorperate the SSID string into various description
labels.

Fall back to the internal network id (radioX.networkY) in cases where neither
the SSID nor the BSSID are available.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-04 11:45:30 +02:00
Jo-Philipp Wich
240b8c4b6e luci-base: improve string format error reporting
In mod metamethod, execute string format under pcall() and rethrow error in
caller context to report caller of function in errors and not the meta
method itself.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-04 11:45:30 +02:00
Hannu Nyman
1709800150 luci-base: fix whitespace
change spaces to tabs

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-06-03 10:35:37 +03:00
Jo-Philipp Wich
313e325ab1 luci-base: fix syntax error in luci.model.network
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-26 21:02:51 +02:00
Jo-Philipp Wich
182506113d luci-base: add more ignore patterns to luci.model.network
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-26 21:01:18 +02:00
Jo-Philipp Wich
4983a9b034 luci-base: fix luci.model.network.ignore_interface()
Fix the underlying _iface_ignore() function to not ignore virtual interfaces,
in order to let ignore_interface() return true for PPP and similar devices.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-26 21:01:18 +02:00
Hannu Nyman
51a7f96877 luci-base: read odhcpd leasefile location via uci
Check the location of the odhcpd leasefile from /etc/config/dhcp
via uci. Fallback to the default location.

This fixes #702

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-04-17 12:12:54 +03:00
Daniel Dickinson
97f2937034 luci-base: utils: Make checklib return a boolean
Using tristate is counter-intuitive and probably doesn't provide a lot
of benefit so we use a boolean and treat "don't know" as false (because
it is safer than showing options that are not actually available).

Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
2016-04-08 02:18:42 -04:00
Oskari Rauta
57e58b9bf9 Update network.lua
Fix display of WAN status when WAN is provided by using WWAN device or similar with other similar similar methods.
Explanation:
Before this, protocol was fetched from /etc/config/network for interface which often is wan_4 - but protocol is configured in file as wan, and therefore protocol is always none, since configuration is made for wan and then setup as wan_4 and possibly wan_6 if ipv6 is being used. This commit uses ubus to get used active protocol. For example, in case of qmi, it displays protocol as dhcp since even if I configured wan to use qmi, dhcp was used as a protocol for getting IP address.
2016-04-01 04:15:11 +00:00
Hannu Nyman
859e435378 timezone data: update to 2016c
Update timezone data to 2016c.

2016b: http://mm.icann.org/pipermail/tz-announce/2016-March/000036.html

   Changes affecting future time stamps

     New zones Europe/Astrakhan and Europe/Ulyanovsk for Astrakhan and
     Ulyanovsk Oblasts, Russia, both of which will switch from +03 to +04
     on 2016-03-27 at 02:00 local time.  They need distinct zones since
     their post-1970 histories disagree.  New zone Asia/Barnaul for Altai
     Krai and Altai Republic, Russia, which will switch from +06 to +07
     on the same date and local time.  Also, Asia/Sakhalin moves from +10
     to +11 on 2016-03-27 at 02:00.

     As a trial of a new system that needs less information to be made up,
     the new zones use numeric time zone abbreviations like "+04"
     instead of invented abbreviations like "ASTT".

     Haiti will not observe DST in 2016.

     Palestine's spring-forward transition on 2016-03-26 is at 01:00,
     not 00:00. Guess future transitions will be March's last Saturday
     at 01:00, not March's last Friday at 24:00.

2016c: http://mm.icann.org/pipermail/tz-announce/2016-March/000037.html

   Changes affecting future time stamps

     Azerbaijan no longer observes DST.

     Chile reverts from permanent to seasonal DST.
     Guess that future transitions are August's and May's second
     Saturdays at 24:00 mainland time.  Also, call the period from
     2014-09-07 through 2016-05-14 daylight saving time instead of
     standard time, as that seems more appropriate now.

Note for Openwrt usage:

Either musl or busybox does not like the new timezone format.
Although the rule looks ok in /etc/TZ, timezone is interpreted wrongly
by date, uptime etc. "Old timezones" are handle correctly, but these
new "<+04>-4" style zones do not work. Example below:

Europe/Helsinki
 root@OpenWrt:~# cat /etc/TZ
 EET-2EEST,M3.5.0/3,M10.5.0/4
 root@OpenWrt:~# uptime
  11:00:52 up 18:17,  load average: 0.43, 0.13, 0.11
 root@OpenWrt:~# date
 Wed Mar 30 11:00:55 EEST 2016

Europe/Astrakhan
 ( Time is showed as GMT instead of the correct zone and
   zone name is parsed wrongly )
 root@OpenWrt:~# cat /etc/TZ
 <+04>-4
 root@OpenWrt:~# uptime
  08:02:52 up 18:19,  load average: 0.17, 0.18, 0.13
 root@OpenWrt:~# date
 Wed Mar 30 08:02:59 +04>-4 2016

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-03-30 11:35:18 +03:00
Daniel Dickinson
9652d44ef2 luci-base: Add option to check linked libraries
Some packages have different variants that have different
capabilities depending on which libraries against which
they are linked.  Add a function to check which library a
binary links against in order to determine available
functionality.

Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
2016-03-25 03:04:25 -04:00
Hannu Nyman
e2e2696430 luci-base: fix bug in util.lua in 'shellsqescape'
Fix a bug introduced by #561

Function 'shellsqescape' calls 'gsub' with the empty result string 'res'
instead of the actual parameter 'value'. This leads into error:
.../util.lua:160: bad argument #1 to 'gsub' (string expected, got nil)

Fix error by passing the correct parameter to the function.

After the fix, the unmount button introduced by #561 finally works.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-03-20 13:12:05 +02:00
Hannu Nyman
a77ff30057 Add support for showing ipv6 NAT table in Luci
When kmod-nf-nat6 and kmod-ipt-nat6 are installed, the firewall has also
the 'nat' table for ipv6, and packages like 'adblock' utilize that table.

Currently that table is not shown on the Luci firewall status page,
although it is visible by 'ip6tables -L -v -t nat' from console.

Detect 'nat' table's presence from /proc/net/ip6_tables_names

Show 'nat' table in Status->Firewall->IPv6 if that table is present.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-03-16 15:50:00 +02:00
Matthias Schiffer
4de35274ca luci-base: view: make checkboxes and radio buttons styleable
Add an empty, normally invisible label after checkboxes and radio buttons
with cbi-input-{checkbox,radio} classes to allow CSS styling them as
suggested on http://www.paulund.co.uk/style-checkboxes-with-css

Signed-off-by: Nils Schneider <nils@nilsschneider.net>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-03-03 22:06:39 +01:00
Matthias Schiffer
c8675d0c55 modules/base: dispatcher: use default language if automatic choice fails
Fall back to default language if "auto" is configured, but none provided by
the browser matches.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-03-01 17:25:55 +01:00
Jo-Philipp Wich
55597da3a8 luci-base: cbi: fix misplaced ID in nullsection template
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-02-24 17:40:53 +01:00
Jo-Philipp Wich
e78759ad5a luci-base: cbi: also initialize JS if pageactions are disabled
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-02-24 17:40:01 +01:00
Jo-Philipp Wich
385a49277a luci-base: cbi: fix dependency handling of list and multivalues with radio/checkbox widgets
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-02-23 09:27:25 +01:00
Jo-Philipp Wich
4323935a1e luci-base: luci.sys: canonicalize src and dest addrs in luci.sys.net.conntrack()
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-02-20 22:14:47 +01:00
Christian Schoenebeck
77f5390472 Merge pull request #644 from chris5560/master
luci-base: fixed tabbed map when using NamedSection of same type
2016-02-18 19:25:41 +01:00
Jo-Philipp Wich
5b09d39e9c luci-base: cbi: rely on auto-serialization for combobox choices
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-02-10 19:36:37 +01:00
Jo-Philipp Wich
afdc349ab4 luci-base: cbi: rework ListValue and MultiValue templates
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-02-10 19:33:01 +01:00
Jo-Philipp Wich
8f409a45ab luci-base: dispatcher: let attr() automatically serialize JSON
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-02-10 19:31:10 +01:00
Jo-Philipp Wich
6d126649f0 luci-base: cbi: further refactoring
Eliminate more inline scripts in favor to global initialization, use a global
object for sharing fixed strings instead of passing them to each invocation.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-02-10 18:11:49 +01:00
Jo-Philipp Wich
cd85ef388c luci-base: fix dependency handling of optionals (#645)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-02-09 16:12:02 +01:00
Jo-Philipp Wich
84de513a79 luci-base: cbi: remove duplicate id from template
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-02-09 16:12:02 +01:00
Christian Schoenebeck
5fdfd903f4 luci-base: fixed tabbed map when using NamedSection of same type
* fixed tabbed map when using NamedSection of same sectiontype
* add error message on which tab(s) the invalid/required fields are located

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2016-02-08 21:04:23 +01:00
Hannu Nyman
9b5724d39e timezone data: update to 2016a
Update timezone data to 2016a.

http://mm.icann.org/pipermail/tz-announce/2016-January/000035.html

   Changes affecting future time stamps

     America/Cayman will not observe daylight saving this year after all.
     Revert our guess that it would.  (Thanks to Matt Johnson.)

     Asia/Chita switches from +0800 to +0900 on 2016-03-27 at 02:00.
     (Thanks to Alexander Krivenyshev.)

     Asia/Tehran now has DST predictions for the year 2038 and later,
     to be March 21 00:00 to September 21 00:00.  This is likely better
     than predicting no DST, albeit off by a day every now and then.

   Changes affecting past and future time stamps

     America/Metlakatla switched from PST all year to AKST/AKDT on
     2015-11-01 at 02:00.  (Thanks to Steffen Thorsen.)

     America/Santa_Isabel has been removed, and replaced with a
     backward compatibility link to America/Tijuana.  Its contents were
     apparently based on a misreading of Mexican legislation.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-02-07 12:28:16 +02:00
Jo-Philipp Wich
d65235f64a luci-base: fix parsing of non-TCP streams in conntrack table
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-02-02 11:52:51 +01:00
Hannu Nyman
c2cf5d1855 Fix embedded links: github instead of luci.subsignal.org
Fix links to point into Github repo instead of luci.subsignal.org
 - the hint to file a bug in dispatcher
 - footers of Bootstrap and Firefunk themes

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-02-02 12:07:16 +02:00
Jo-Philipp Wich
61239741d8 luci-base: fix initialization of MultiValue options
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-23 17:34:53 +01:00
Christian Schoenebeck
f779b00d88 sys.lua _nethints(): read location of dhcp.lease file from uci
status.lua - change default directory of dhcp.leases file
sys.lua - read location of dhcp.leases file from uci

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2016-01-21 22:17:05 +01:00
Jo-Philipp Wich
df7ab69eba luci-base: luci.sys.net: use luci.ip.neighbors() instead of /proc/net/arp
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-20 17:27:51 +01:00
Jo-Philipp Wich
c23885f6a7 luci-base: add luci.sys.net.host_hints() and regenerate documentation
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-20 16:56:25 +01:00
Jo-Philipp Wich
3f5fae2223 luci-base: add missing Lua side changes for new dependency code
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-19 08:07:28 +01:00
Jo-Philipp Wich
5eaf4cc489 luci-base: cbi: refactor event handling js
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-18 19:34:02 +01:00
Jo-Philipp Wich
b50471787f luci-base: refactor cbi dependency handling code
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-18 17:05:36 +01:00
Jo-Philipp Wich
be8dba57a9 luci-base: improve tab hide logic
Do not rely on explicit child counts but inspect the code instead to decide
when to hide tabs or not.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-18 11:23:11 +01:00
Jo-Philipp Wich
aa12e53333 luci-base: add extra css class for map level tabs, don't track tab child count
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-18 11:04:15 +01:00
Jo-Philipp Wich
879804f1d4 luci-base: do not render section description tag when description is empty
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-18 11:00:57 +01:00
Jo-Philipp Wich
1bf268de06 luci-base: add basic support for CBI map level tabbing
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-15 17:42:40 +01:00
Jo-Philipp Wich
27281dca56 luci-base: prevent CBI map save on invalid values (#618)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-15 17:04:28 +01:00
Jo-Philipp Wich
eaf961fa70 luci-base: initialize CBI optionals on initial Map render (#618)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-15 16:39:15 +01:00
Jo-Philipp Wich
ad064f0b03 Merge pull request #563 from cshore/pull-request-app-uhttpd
Pull request app uhttpd
2016-01-15 15:20:41 +01:00
Jo-Philipp Wich
81e80c4b87 luci-base: properly handle ubus connections for non-root (#570, #571)
Instead of relying on the connect-before-setuid hack, ship a proper
acl definition file whitelisting the procedures that LuCI requires
on its non-root pages.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-11 15:21:46 +01:00
Jo-Philipp Wich
967bb1f36f Merge pull request #464 from remakeelectric/pulls/list-operations
get/set list operations and documentation
2015-12-17 02:39:23 +01:00
Jo-Philipp Wich
31816e92f1 Merge pull request #577 from cshore/pull-request-safe-file-upload
luci-base: Make default for FileUpload 'safe'
2015-12-17 02:32:47 +01:00
Daniel Dickinson
c481f3f343 validation: Add option ipv4only option to host and hostport datatypes
Some applications only support ipv4 so add ipv4only option
to host and hostport datatypes so that for thos applications
that when an IP address is specified only and ipv4 ip address
gets accepted.
2015-12-15 20:41:01 -05:00
Daniel Dickinson
bbcfad7953 modules/luci-base: Fix ipaddrport validator to support ipv6
The previous versiono of ipaddrport validator only worked for ipv4
due to disallowing colons (:) in ip address which obvious fails for
ipv6.  We now instead allow either ipv4 address or an ipv6 address of
the form [<ipv6address>]:port
2015-12-15 20:40:14 -05:00
Daniel Dickinson
b475ec699d luci-base: Make default for FileUpload 'safe'
Some files and pointers to files are not safe to remove without a replacement
file and config pointing to the file.  For instance for uhttpd application in
the works, removing the certificate or key config or files without having the
replacements in places renders the WeUI inaccessible.

The only other place where FileUpload is currently used is for wifi certificates
for which the 'safe' handling is also preferred.  Therefore make the default for
the FileUpload widget the safe handling and add a property self.unsafeupload that
allows for the old unsafe handling should it prove useful in some case.

Also allow to specify a file already on router instead of uploading a file.

Signed-off By: Daniel Dickinson <openwrt@daniel.thecshore.com>
2015-12-15 20:36:17 -05:00
Jo-Philipp Wich
f25c4e07bc Merge pull request #564 from cshore/pull-request-app-firewall-timedate
Pull request app firewall timedate
2015-12-15 23:08:17 +01:00
Daniel Dickinson
b130ca554f lib-nixio / luci-base: Fix for reading csrf token prevents file upload
The call to http.formvalue in order to read the csrf token causes
_parse_input to be triggered *before* controllers and cbi maps have
been built.  This results in the failure of file uploads because
the file handler is not yet in place when _parse_input gets called,
and it is in _parse_input that POST data is parsed (including files).

To fix this we add the ability to write file fields to temporary
files (using mkstemp and unlink in nixio.file) and use this to
store file data until the filehandler is registered, with a
fallback to reading the file data into memory.

Once the filehandler callback gets registered we iterate
though all previously parsed (saved) files and copy the
data to the file handler, and then close the temporary
file (which finally removes because we unlinked after
creating the file, but didn't close the file so unlink
was deferred).

Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
2015-12-15 13:12:29 -05:00
Daniel Dickinson
0ec3f91a0c validation: Add option ipv4only option to host and hostport datatypes
Some applications only support ipv4 so add ipv4only option
to host and hostport datatypes so that for thos applications
that when an IP address is specified only and ipv4 ip address
gets accepted.
2015-12-15 13:12:10 -05:00
Daniel Dickinson
38880407aa modules/luci-base: Fix ipaddrport validator to support ipv6
The previous versiono of ipaddrport validator only worked for ipv4
due to disallowing colons (:) in ip address which obvious fails for
ipv6.  We now instead allow either ipv4 address or an ipv6 address of
the form [<ipv6address>]:port
2015-12-15 13:10:15 -05:00
Daniel Dickinson
6509e007e2 luci-base: Make default for FileUpload 'safe'
Some files and pointers to files are not safe to remove without a replacement
file and config pointing to the file.  For instance for uhttpd application in
the works, removing the certificate or key config or files without having the
replacements in places renders the WeUI inaccessible.

The only other place where FileUpload is currently used is for wifi certificates
for which the 'safe' handling is also preferred.  Therefore make the default for
the FileUpload widget the safe handling and add a property self.unsafeupload that
allows for the old unsafe handling should it prove useful in some case.

Also allow to specify a file already on router instead of uploading a file.

Signed-off By: Daniel Dickinson <openwrt@daniel.thecshore.com>
2015-12-15 13:09:41 -05:00
Daniel Dickinson
986baa5cce applications: firewall: Add time and date for rules and redirects
UCI config for the firewall has the option of specifying time and date
limitations; add these options the UI.
2015-12-14 23:26:33 -05:00
Daniel Dickinson
6318f67fd4 luci-base: Add time and data datatypes for use with firewall app
Adding LuCI configuation of the firewall time and data uci options
is in progress and this adds the necessary datatypes for validating
those fields.
2015-12-14 23:26:26 -05:00
Daniel Dickinson
403b939acd modules/luci-base: Move LuCI FileUpload directory to /etc/luci-uploads and save across sysupgrade
/lib/uci/upload is a rather odd place for configuration files

Also the files were not saved across sysupgrade, which is somewhat
counter-productive for configuration files.

Signed-off By: Daniel Dickinson <openwrt@daniel.thecshore.com>
2015-12-12 22:45:29 -05:00
Jo-Philipp Wich
397294ab06 luci-base: rewrite luci.sys.net.conntrack()
The new function is twice as fast as the old implementation and properly
summarizes outgoing and incoming byte and packet counters.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-12-09 15:54:43 +01:00
Yousong Zhou
862b84feb2 luci-base: fix escaping lua string to js repr
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2015-12-02 20:56:08 +08:00
Jo-Philipp Wich
9b30357454 luci-base: add hostport and ipaddrport validation types
Add two new types 'hostport' and 'ipaddrport' to validate strings in the form
'sub.example.org:1234' and '0.0.0.0:80'. The 'hostport' accepts hostnames or
IP addresses followed by a colon and a port number while the 'ipaddrport' type
accepts numeric IP addresses only, followed by a colon and a port.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-12-02 11:13:39 +01:00
Daniel Dickinson
829467b627 luci-base: Add function for shell single-quote parameter escaping
When using os.execute or luci.sys.call the shell is called with the
command line which means that standard shell interpretation of strings
occurs.  To allow to use these commands more easily we add functions
for properly escaping single-quoted strings used on the command line
2015-12-02 02:19:02 -05:00