From 3f17deb1c41a6352f28b3e9f665a17b9231768e1 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Fri, 25 Jan 2013 17:49:44 +0100 Subject: [PATCH] ubus: add option to not authenticate ubus requests --- main.c | 12 +++++++++--- ubus.c | 2 +- uhttpd.h | 1 + 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/main.c b/main.c index ebc123c..8cf4027 100644 --- a/main.c +++ b/main.c @@ -139,14 +139,15 @@ static int usage(const char *name) " -L file Lua handler script, omit to disable Lua\n" #endif #ifdef HAVE_UBUS - " -u string URL prefix for HTTP/JSON handler\n" + " -u string URL prefix for UBUS via JSON-RPC handler\n" " -U file Override ubus socket path\n" + " -a Do not authenticate JSON-RPC requests against UBUS session api\n" #endif " -x string URL prefix for CGI handler, default is '/cgi-bin'\n" " -i .ext=path Use interpreter at path for files with the given extension\n" " -t seconds CGI, Lua and UBUS script timeout in seconds, default is 60\n" " -T seconds Network timeout in seconds, default is 30\n" - " -k seconds HTTP keepalive timeout\n" + " -k seconds HTTP keepalive timeout\n" " -d string URL decode given string\n" " -r string Specify basic auth realm\n" " -m string MD5 crypt given string\n" @@ -206,7 +207,7 @@ int main(int argc, char **argv) init_defaults(); signal(SIGPIPE, SIG_IGN); - while ((ch = getopt(argc, argv, "fSDRC:K:E:I:p:s:h:c:l:L:d:r:m:n:N:x:i:t:k:T:A:u:U:")) != -1) { + while ((ch = getopt(argc, argv, "afSDRC:K:E:I:p:s:h:c:l:L:d:r:m:n:N:x:i:t:k:T:A:u:U:")) != -1) { switch(ch) { #ifdef HAVE_TLS case 'C': @@ -367,6 +368,10 @@ int main(int argc, char **argv) break; #endif #ifdef HAVE_UBUS + case 'a': + conf.ubus_noauth = 1; + break; + case 'u': conf.ubus_prefix = optarg; break; @@ -375,6 +380,7 @@ int main(int argc, char **argv) conf.ubus_socket = optarg; break; #else + case 'a': case 'u': case 'U': fprintf(stderr, "uhttpd: UBUS support not compiled, " diff --git a/ubus.c b/ubus.c index d3cb6df..e128172 100644 --- a/ubus.c +++ b/ubus.c @@ -371,7 +371,7 @@ static void uh_ubus_handle_request_object(struct client *cl, struct json_object goto error; } - if (!uh_ubus_allowed(du->sid, data.object, data.function)) { + if (!conf.ubus_noauth && !uh_ubus_allowed(du->sid, data.object, data.function)) { err = ERROR_ACCESS; goto error; } diff --git a/uhttpd.h b/uhttpd.h index c4afee8..d6b6985 100644 --- a/uhttpd.h +++ b/uhttpd.h @@ -66,6 +66,7 @@ struct config { int max_connections; int http_keepalive; int script_timeout; + int ubus_noauth; }; struct auth_realm { -- 2.25.1