Several devices have multiple upstream interfaces, for example a fixed
and a mobile broadband connection. Currently, only one upstream
interface is shown per address family in Luci. So in my example, one of
the interfaces would not appear on the Status-page.
This PR introduces support for showing multiple upstream interfaces on
the Status-page. The code is not very complicated. get_status_by_route()
has been extended to return a list of all routes, and
get_wannet()/get_wan6net() now returns all upstream interfaces.
I could not find any other (active) users of these three functions than
calls triggered from the Status-page, so changing the default behavior
should be fine. get_wandev()/get_wan6dev() called get_status_by_route(),
but I could not find any place where those functions were called. I
removed the dev-functions instead of keeping the old
get_status_by_route().
On the status page, the wan/wan6-variables have been replaced with
arrays. When populating the html, we now iterate through these arrays
and create one element for each interface.
I have tested the code with different interface types, v4, v6, as well as
disconnecting and connecting interfaces. The status is updated and the
correct interfaces (or sometimes none at all) are shown.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
- Use native rpcd uci changes format instead of incompletely converting
back and forth between the old and the new format
- Rework uci changelog template to print the equivalent uci commands
for the various changes
- Rework theme headers to properly count the uncomitted changes
- Rework theme CSS to properly style new changelog
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This patch corrects "to get" to "to be" in apply_widget.htm
This shell command was used to find and make the change in
all impacted files:
find . -type f -exec sed -i 's/Waiting for configuration to get applied/Waiting for configuration to be applied/g' {} +
Signed-off-by: Gregory L. Dietsche <gregory.dietsche@cuw.edu>
Rework the apply confirmation mechanism to be session agnostic in order to
circumvent cross domain restrictions which prevent the JS code from issuing
apply confirm requests in some cases, e.g. when changing the LAN IP.
Confirmation calls may now be done from unauthenticated pages, as long as a
matching confirmation token is sent along with the request.
The reasoning behind this is that there is little security impact in
confirming pending apply sessions, especially since those sessions can only
be initiated while being authenticated.
After this change, LuCI will now launch a confirmation process on every
rendered page when a rollback is pending. The confirmation will happen
regardless of whether the user is logged in or not, or if the current page
is a CBI form or static template.
A confirmation request now also requires a random one-time token which is
rendered along with the confirmation JavaScript code in order to succeed.
This token is not meant to provide security but to ensure that the confirm
was triggered from an interactive browser session and not some background
HTTP requests that happened to end up in the admin ui.
As a consequence, the different apply/confirm/rollback code paths in CBI
maps and the UCI change/revert pages have been consolidated into one common
implementation residing in the common global theme agnostic footer template.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Also add a hidden type password field to prevent browser autocompleters
from entering the login passwords into fields liek the wireless WPA key
field.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Add a "data-description" attribute to CBI fields which have a description
set, this allows responsive design themes to render a field description
when decomposing the table grid.
Also reuse the precalculated "typename" property if it exists, instead of
deriving it from the template name yet again.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The previous refactoring of the template caused the row stripying CSS
classes to be interpolated in such a way, that a separating space to
previous CSS classes was missing, leading to not rendered row names
and other side effects.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
- Make sure that hitting enter in the form hits the CBI save action and not
apply or cancel
- Hide action panel if no actions are available
- CLeanup code
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
- Ensure that pressing enter in the form triggers the submit action and
not a cbi skip or cancel
- Hide page actions when empty
- Cleanup code
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Some CBI map models, mainly the Network -> VLAN page, expect a valid
previous section ID in their Section:create() callback.
Previous refactoring of the tblsection markup broke this behaviour as
the "section" loop variable was accidentally localized, causing it to
be undefined outside of the loop body which caused the section add
button and name input fields to get rendered with a wrong "name"
attribute.
Fix this by moving the "section" variable declaration out of the loop
and by readding references to it in the non-anonymous section add case.
Fixes FS#1657
Fixes 002c4d1d5 ("luci-base: add "Name" label to autogenerated title column")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Commit c0de036b3 ("treewide: always include cbi.js") improperly removed the
cbi.js script include from header.htm, leaving behind the string dictionary.
Move the JSON dictionary to the parent <form> element and delete the
leftover </script> element.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Include cbi.js in the main header template like it is done for xhr.js and
remove the page specific includes.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Attempt to derive a MAC from the DHCPv6 lease DUID and use it to look up
a host hint. If a hint is found, add it to the lease information.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Merge the assoclist code of the status overview and wireless overview pages
into a single shared partial template.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Also switch the weekday and monthday lists in the firewall rule details to
cbi dropdowns, vastly uncluttering the form.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This commit introduces the required code for a new, markup based dropdown
widget which can be used as a styleable alternative to select boxes or
radio/checkbox button groups.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
AbstractValue descendants may now specify a new optional property `alias`
which refers to a uci option to read/write/remove that differs from the
option name itself.
This is mainly useful for widgets that are toggled based on dependencies,
e.g. for alternating between SingleValue and MultiValue, but which are
intented to write into the same uci option.
Such a setup was previously possible already by overriding the .cfgvalue(),
.write() and .remove() callbacks with custom implementations, but that
required a lot of boiler plate code and was rather fragile.
With the `alias` property, CBI now takes care of the details and tracks
aliased fields within a section accordingly.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
- Properly serialize option delete changelogs
- Do not perform a section create if a nil value is passed to set()
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Since the switch to ubus uci operations we do not have a local application-
side cursor cache anymore, instead uci operations happen synchronously in
the rpcd backend server.
This may cause cbi section reorder operations involving multiple elements
to fail, because anonymous section hashes may change due to rehashing
between consecutive ubus uci reorder calls.
In order to avoid that problem, use the ubus uci batch reorder extension,
which allows to pass a complete (or partial) list of section ids in the
desired order in one call, bypassing the volatile section id problem.
Fixes#1844.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Sync our coxpcall() implementation to the newest upstream version in order to
get access to the inner backtrace information and propagate these traces to
the browser in luci.dispatcher.dispatch().
This should make tracking down runtime errors much easier.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
After applying uci configuration, a full map reload is required in many
cases as the anonymous section identifiers might have been rehashed, causing
the rendered map to go out of sync.
To avoid that, add both a full page overlay preventing further page
interaction and let the apply widget forcibly reload the current view once
the operation is complete.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Mostly convert HTML tables to div based markup to allow for easier styling
in the future. Also change JS accessor code accordingly.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
http.getenv("SCRIPT_NAME") fail if it's not provided. This can happen in the login screen when we don't have any script to load.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
On certain environments, mainly with the embedded uhttpd interpreter, the
luci.config class cannot be loaded due to a circular dependency with the
luci.model.uci class.
Break up the dependency by deferring the loading of luci.config in
luci.model.uci until it is actually needed.
Fixes#1803, FS#1553.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
A simple scan of the code indicates that currently no code in the repo
is accessing the sysauth= cookie
Closesopenwrt/luci#1555
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Switch to rpcd based uci apply/rollback workflow which helps to avoid soft-
bricking devices by requiring an explicit confirmation call after config
apply.
When a user now clicks "Save & Apply", LuCI first issues a call to uci apply
which commits and reloads configuration, then goes into a polling countdown
mode where it repeatedly attempts to call uci confirm.
If the committed configuration is sane, the confirm call will go through and
cancel rpcd's pending rollback timer.
If the configuration change leads to a loss of connectivity (e.g. due to bad
firewall rules or similar), the rollback mechanism will kick in after the
timeout and revert configuration files and pending changes to the pre-apply
state.
In order to cover such rare cases where a lost of connectivity is expected
and desired, the user is offered an "unchecked" apply option after timing
out, which allows committing and applying the changes anyway, without the
extra safety checks.
As a consequence of this change, the luci-reload mechanism is now completely
unsused since rpcd uses ubus config reload signals to reload affected
services, which means that only procd-enabled services will receive proper
reload treatment with the new workflow.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Show the correct wifi chip identification in case iwinfo
recognises the chip.
So far the wifidev.get_i18n function has practically always
returned just "Generic", but use iwinfo.hardware_name to
fetch the name.
In case iwinfo returns the default "Generic MAC80211", there
is a double 80211 in the final string, which is a cosmetic bug.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Support a new boolean property `cors` which - if set to true - causes the
dispatcher to positively answer CORS OPTIONS requests after authentication
without actually running the dispatching target.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Decode the HTTP message bodies of any request carrying a Content-Length
header, not just those in POST requests.
This allows handling parameters in other methods, OPTIONS in particular.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Ensure that the (table) length of a file upload value has nonzero length
by initializing the first table index with the file name.
This fixes tests in the form
x = luci.http.formvalue(...)
if x and #x > 0 then ... end
Fixes#1763.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Restore the old luci.http behaviour of converting repeated POST params into
single tables holding all values instead of letting each repeated parameter
overwrite the value of the preceeding one.
Fixes, among other things, the handling of CBI dynamic list values.
Fixes#1752
Fixes 59dea0230 ("luci-base: switch to lucihttp based POST data processing")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Introduce luci.model.uci.set_session_id() and luci.model.uci.get_session_id()
to set and get the effective session ID respectively.
When a session ID is set, it is sent as `ubus_rpc_session` attribute to rpcd,
causing it to use per-session change directories, isolating LuCI changes from
the global system uci state.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Also adjust the dependencies of components depending on these classes and
flatten the namespace from luci.http.protocol.* to luci.http.*
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
With only the decoder routines remaining in luci.http.protocol, it makes no
sense to keep the low level protocol class around, so fold the remaining code
into the central luci.http class.
Also adjust the few direct users of luci.http.protocol accordingly.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
- Rewrite getcookie() to use liblucihttp header value parsing
- Rewrite setfilehandler() to use local variables and have cleaner code
- Fix build_querystring() to actually *en*code the given params
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Use the liblucihttp provided multipart and x-www-urlencoded body parsers
and drop the old Lua parsing code.
The C based data parsers are way faster than their old Lua counterparts
while producing less string garbage and more correct results.
While refactoring the luci.http.protocol code, also drop unused functions
and dead code, heavily reducing the module size.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This 404 error template rendering has been broken for a long time due to bad
function environment level in luci.template when invoking the rendering from
the toplevel dispatcher context.
Fix this issue by adding a local function indirection, essentially adding an
additional stack frame.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Instead of attempting to access the request environment directly (which does
not work anyway using the CGI SGI), use the already sanitized
dispatcher.context.request property to print out the not found url.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
It is possible to inject unescaped markup using a double encoded null byte
via PATH_INFO on certain leaf nodes.
Since there is no legitimate reason to handle null bytes in any part of the
requested url, simply skip over such bytes when parsing the PATH_INFO value.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The cbi class will react on an empty "cbi.submit" parameter as well so we
must intercept GET requests using that too.
Fixes 186e690c0 ("luci-base: dispatcher: reject non-POST requests with any cbi.submit value")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update timezone data to 2018d
http://mm.icann.org/pipermail/tz-announce/2018-March/000049.html
In 2018, Palestine starts DST on March 24, not March 31.
Adjust future predictions accordingly.
Casey Station in Antarctica changed from +11 to +08
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Properly propagate the config parameter to the foreach iterator in order
to fix get_first() lookups.
Fixes#1734.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Prevent various XSS vectors by not interpolating field and path values
verbatim into script and html contexts.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Introduce a get_state() function which can be used to access legacy
uci state variables. This is usually not needed anymore but some
packages (mainly mwan3) still rely on this.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The lookup function takes multiple, possibly malformed path fragments,
splits them on slashes, constructs a temporary path and looks up the
result in the dispatch tree.
If a matching node has been found, the function will return both the
node reference and the canonical url to it.
If no corresponding node is found, the function returns nil.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Introduce a new function luci.util.shellquote() which encloses the given
string argument in single quotes and escapes any embedded single quote
characters.
This function is intended to be used when interpolating untrusted input
into shell commands.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Due to the fact that luci.model.cbi reacts on any "cbi.submit" value while
the dispatcher only required POST for cbi.submit == 1, the CSRF token
protection could be bypassed.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Introduce a new template property FULL_REQUEST_URI which returns the full
canonicalized request URL built from SCRIPT_NAME, PATH_INFO and QUERY_STRING.
This new property is safer to use compared to using the raw REQUEST_URI CGI
environment variable directly as this value is essentially untrusted user
input which may contain embedded escaped slashes, double forward slashes and
other oddities allowing XSS exploitation or request redirection.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Some applications, e.g. dnsmasq, do not allow hostnames starting with an
underscore, therefor extend the existing hostname datatype validator with
a `strict` which disallows a leading underscore.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Switch luci.model.uci to use ubus uci calls instead of driving libuci-lua
directly.
This prepares support for more advanced features such as per-session change
isolation and configuration rollback on errors.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* enhance the checklib function in util.lua to check the 'fullpathexe'
as well, e.g. this fixes runtime errors on the dhcp/dns template in
environments without dnsmasq
Signed-off-by: Dirk Brenken <dev@brenken.org>
Use the new luci.ip MAC address facilities to parse and verify MAC addresses
in a common way, instead of relying on various ad-hoc solutions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The /etc/ethers file may contain any number of white space characters
between the mac address and the IP/hostname field, so extend the pattern
to allow for that.
Man ethers(5) also states that the IP field may be a symbolic hostname,
so test whether the name is an IP address or hostname before adding it
to the hints structure.
Fixes#1674.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
If IPv6 prefix assignment is disabled, the "local-address" structure
might exist, but be empty which causes the adress formatting in the
network model class to bail out.
Verify the completeness of the "local-address" structure before using
it in order to avoid runtime errors.
Fixes#1657.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Keep the ifname and bridge state backup variables in /etc/config/luci to not
pollute /etc/config/network.
Fixes#1655.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
OpenWrt/LEDE introduced the "local-address" field a while back to expose the
effective local host address of the delegated prefix, so use that information
instead of assuming `[prefix]:1`.
Fixes#1484.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
A valid host ID as accepted by netifd must meet the following criteria:
- Is either one of the two special "random" or "eui64" strings
- Or is a valid IPv6 address according to inet_pton(AF_INET6)
- Has the first 64 bit set to zero
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
