From: Jo-Philipp Wich <jo@mein.io>
Date: Sat, 29 Apr 2023 22:19:35 +0000 (+0200)
Subject: luci-lua-runtime: fix legacy luci-mod-rpc authentication
X-Git-Url: http://git.openwrt.org/%22https:/collectd.org//%22/%22https:/collectd.org/%22?a=commitdiff_plain;h=2a9c3a3173e0cec686fb8d9fafb8c063f80958e4;p=project%2Fluci.git

luci-lua-runtime: fix legacy luci-mod-rpc authentication

The legacy RPC module authentication fixup was improperly ported into the
Lua dispatcher stub module, rendering legacy RPC authentication broken.

Additionally, the split of the former `sysauth` cookie into `sysauth_http`
and `sysauth_https` ones was also imposed upon the RPC module, without
leaving the option to use just `sysauth` in place, so allow this cookie
name again for the legacy RPC logins.

Fixes: #6333
Fixes: e1932592c3 ("luci-base: use different cookie names for HTTP and HTTPS")
Fixes: ded8ccf93e ("luci-base-ucode: add initial ucode based LuCI runtime")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
---

diff --git a/modules/luci-lua-runtime/luasrc/dispatcher.lua b/modules/luci-lua-runtime/luasrc/dispatcher.lua
index 93f7f8949b..dfbb225f0e 100644
--- a/modules/luci-lua-runtime/luasrc/dispatcher.lua
+++ b/modules/luci-lua-runtime/luasrc/dispatcher.lua
@@ -167,12 +167,12 @@ function process_lua_controller(path)
 					login = true,
 					methods = { "cookie:sysauth_https", "cookie:sysauth_http" }
 				}
-			elseif subname == "rpc" and entry.module == "luci.controller.rpc" then
+			elseif path == "rpc" and modname == "luci.controller.rpc" then
 				entry.auth = {
 					login = false,
-					methods = { "query:auth", "cookie:sysauth_https", "cookie:sysauth_http" }
+					methods = { "query:auth", "cookie:sysauth_https", "cookie:sysauth_http", "cookie:sysauth" }
 				}
-			elseif entry.module == "luci.controller.admin.uci" then
+			elseif modname == "luci.controller.admin.uci" then
 				entry.auth = {
 					login = false,
 					methods = { "param:sid" }