luci-mod-network: replace controller address check action with cgi-io script

This change removes the last bit of Lua code from luci-mod-network.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
index e215cf9455eb28d7006f4dd3887d388f34dbf27e..298b5ed336e995bc740a079bef7ce1fc7c224340 100644 (file)
--- a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
+++ b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
@@ -20,7 +20,7 @@
        "luci-access": {
                "description": "Grant access to basic LuCI procedures",
                "read": {
-                       "cgi-io": [ "backup", "download" ],
+                       "cgi-io": [ "backup", "download", "exec" ],
                        "file": {
                                "/": [ "list" ],
                                "/*": [ "list" ],
@@ -47,7 +47,8 @@
                                "/usr/bin/ping6 *": [ "exec" ],
                                "/usr/bin/traceroute *": [ "exec" ],
                                "/usr/bin/traceroute6 *": [ "exec" ],
-                               "/usr/bin/nslookup *": [ "exec" ]
+                               "/usr/bin/nslookup *": [ "exec" ],
+                               "/usr/libexec/luci-peeraddr": [ "exec" ]
                        },
                        "ubus": {
                                "file": [ "list", "read", "stat" ],

diff --git a/modules/luci-mod-network/htdocs/luci-static/resources/view/network/interfaces.js b/modules/luci-mod-network/htdocs/luci-static/resources/view/network/interfaces.js
index 9ca7773fe1d2e51abd9028b684a762bcef3d672d..280356efbad61509f4f00ff8ccb8295380da263f 100644 (file)
--- a/modules/luci-mod-network/htdocs/luci-static/resources/view/network/interfaces.js
+++ b/modules/luci-mod-network/htdocs/luci-static/resources/view/network/interfaces.js
@@ -160,8 +160,8 @@ function iface_updown(up, id, ev, force) {
        btns[1].disabled = true;
 
        if (!up) {
-               L.Request.get(L.url('admin/network/remote_addr')).then(function(res) {
-                       var info = res.json();
+               L.resolveDefault(fs.exec_direct('/usr/libexec/luci-peeraddr')).then(function(res) {
+                       var info = null; try { info = JSON.parse(res); } catch(e) {}
 
                        if (L.isObject(info) &&
                            Array.isArray(info.inbound_interfaces) &&

diff --git a/modules/luci-mod-network/luasrc/controller/admin/network.lua b/modules/luci-mod-network/luasrc/controller/admin/network.lua
deleted file mode 100644 (file)
index 109c59f..0000000
--- a/modules/luci-mod-network/luasrc/controller/admin/network.lua
+++ /dev/null
@@ -1,68 +0,0 @@
--- Copyright 2008 Steven Barth <steven@midlink.org>
--- Copyright 2011-2018 Jo-Philipp Wich <jo@mein.io>
--- Licensed to the public under the Apache License 2.0.
-
-module("luci.controller.admin.network", package.seeall)
-
-local function addr2dev(addr, src)
-       local ip = require "luci.ip"
-       local route = ip.route(addr, src)
-       if not src and route and route.src then
-               route = ip.route(addr, route.src:string())
-       end
-       return route and route.dev
-end
-
-function remote_addr()
-       local uci    = require "luci.model.uci"
-       local peer   = luci.http.getenv("REMOTE_ADDR")
-       local serv   = luci.http.getenv("SERVER_ADDR")
-       local device = addr2dev(peer, serv)
-       local ifaces = luci.util.ubus("network.interface", "dump")
-       local indevs = {}
-       local inifs  = {}
-
-       local result = {
-               remote_addr        = peer,
-               server_addr        = serv,
-               inbound_devices    = {},
-               inbound_interfaces = {}
-       }
-
-       if type(ifaces) == "table" and type(ifaces.interface) == "table" then
-               for _, iface in ipairs(ifaces.interface) do
-                       if type(iface) == "table" then
-                               if iface.device == device or iface.l3_device == device then
-                                       inifs[iface.interface] = true
-                                       indevs[device] = true
-                               end
-
-                               local peeraddr = uci:get("network", iface.interface, "peeraddr")
-                               for _, ai in ipairs(peeraddr and nixio.getaddrinfo(peeraddr) or {}) do
-                                       local peerdev = addr2dev(ai.address)
-                                       if peerdev then
-                                               for _, iface in ipairs(ifaces.interface) do
-                                                       if type(iface) == "table" and
-                                                          (iface.device == peerdev or iface.l3_device == peerdev)
-                                                       then
-                                                               inifs[iface.interface] = true
-                                                               indevs[peerdev] = true
-                                                       end
-                                               end
-                                       end
-                               end
-                       end
-               end
-       end
-
-       for k in pairs(inifs) do
-               result.inbound_interfaces[#result.inbound_interfaces + 1] = k
-       end
-
-       for k in pairs(indevs) do
-               result.inbound_devices[#result.inbound_devices + 1] = k
-       end
-
-       luci.http.prepare_content("application/json")
-       luci.http.write_json(result)
-end

diff --git a/modules/luci-mod-network/root/usr/libexec/luci-peeraddr b/modules/luci-mod-network/root/usr/libexec/luci-peeraddr
new file mode 100755 (executable)
index 0000000..84a0158
--- /dev/null
+++ b/modules/luci-mod-network/root/usr/libexec/luci-peeraddr
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+NL="
+"
+
+function ifaces_by_device() {
+       ubus call network.interface dump 2>/dev/null | \
+               jsonfilter -e "@.interface[@.device='$1' || @.l3_device='$1'].interface"
+}
+
+function device_by_addr() {
+       set -- $(ip route get "$1" ${2:+from "$2"} 2>/dev/null)
+       echo "$5"
+}
+
+for inbound_device in $(device_by_addr "$REMOTE_ADDR" "$SERVER_ADDR"); do
+       inbound_devices="$inbound_device"
+       inbound_interfaces=""
+
+       for iface in $(ifaces_by_device "$inbound_device"); do
+               inbound_interfaces="${inbound_interfaces:+$inbound_interfaces$NL}$iface"
+
+               for peeraddr in $(uci get "network.$iface.peeraddr"); do
+                       for ipaddr in $(resolveip -t 1 "$peeraddr" 2>/dev/null); do
+                               for peerdev in $(device_by_addr "$ipaddr"); do
+                                       for iface in $(ifaces_by_device "$peerdev"); do
+                                               inbound_devices="${inbound_devices:+$inbound_devices$NL}$peerdev"
+                                               inbound_interfaces="${inbound_interfaces:+$inbound_interfaces$NL}$iface"
+                                       done
+                               done
+                       done
+               done
+       done
+done
+
+inbound_devices="$(echo "$inbound_devices" | sort -u | sed ':a;N;$!ba;s/\n/", "/g')"
+inbound_interfaces="$(echo "$inbound_interfaces" | sort -u | sed ':a;N;$!ba;s/\n/", "/g')"
+
+cat <<JSON
+{
+       "remote_addr": "$REMOTE_ADDR",
+       "server_addr": "$SERVER_ADDR",
+       "inbound_devices": [ ${inbound_devices:+\"$inbound_devices\"} ],
+       "inbound_interfaces": [ ${inbound_interfaces:+\"$inbound_interfaces\"} ]
+}
+JSON