changeset 3535:41365091a41e

display a security warning in the logs at startup when ExecuteLuaEnabled is true
author Alain Mazy <alain@mazy.be>
date Sun, 06 Oct 2019 09:52:57 +0200
parents cac8ffcb9cef
children 8be5451f6820
files OrthancServer/OrthancConfiguration.cpp OrthancServer/OrthancConfiguration.h OrthancServer/OrthancRestApi/OrthancRestSystem.cpp OrthancServer/ServerContext.cpp OrthancServer/ServerContext.h OrthancServer/main.cpp
diffstat 6 files changed, 39 insertions(+), 13 deletions(-) [+]
line wrap: on
line diff
--- a/OrthancServer/OrthancConfiguration.cpp	Fri Oct 04 19:16:12 2019 +0200
+++ b/OrthancServer/OrthancConfiguration.cpp	Sun Oct 06 09:52:57 2019 +0200
@@ -656,6 +656,11 @@
   }
     
 
+  bool OrthancConfiguration::IsExecuteLuaEnabled() const
+  {
+    return GetBooleanParameter("ExecuteLuaEnabled", false);
+  }
+
   std::string OrthancConfiguration::InterpretStringParameterAsPath(
     const std::string& parameter) const
   {
--- a/OrthancServer/OrthancConfiguration.h	Fri Oct 04 19:16:12 2019 +0200
+++ b/OrthancServer/OrthancConfiguration.h	Sun Oct 06 09:52:57 2019 +0200
@@ -231,5 +231,7 @@
     void ResetServerIndex();
 
     TemporaryFile* CreateTemporaryFile() const;
+
+    bool IsExecuteLuaEnabled() const;
   };
 }
--- a/OrthancServer/OrthancRestApi/OrthancRestSystem.cpp	Fri Oct 04 19:16:12 2019 +0200
+++ b/OrthancServer/OrthancRestApi/OrthancRestSystem.cpp	Sun Oct 06 09:52:57 2019 +0200
@@ -139,22 +139,17 @@
 
   static void ExecuteScript(RestApiPostCall& call)
   {
-    {
-      OrthancConfiguration::ReaderLock lock;
+    ServerContext& context = OrthancRestApi::GetContext(call);
 
-      static const char* const OPTION = "ExecuteLuaEnabled";
-      if (!lock.GetConfiguration().GetBooleanParameter(OPTION, false))
-      {
-        LOG(ERROR) << "The URI /tools/execute-script is disallowed for security, "
-                   << "check value of configuration option \"" << OPTION << "\"";
-        call.GetOutput().SignalError(HttpStatus_403_Forbidden);
-        return;
-      }
+    if (!context.IsExecuteLuaEnabled())
+    {
+      LOG(ERROR) << "The URI /tools/execute-script is disallowed for security, "
+                 << "check your configuration file";
+      call.GetOutput().SignalError(HttpStatus_403_Forbidden);
+      return;
     }
 
     std::string result;
-    ServerContext& context = OrthancRestApi::GetContext(call);
-
     std::string command;
     call.BodyToString(command);
 
--- a/OrthancServer/ServerContext.cpp	Fri Oct 04 19:16:12 2019 +0200
+++ b/OrthancServer/ServerContext.cpp	Sun Oct 06 09:52:57 2019 +0200
@@ -240,7 +240,8 @@
     haveJobsChanged_(false),
     isJobsEngineUnserialized_(false),
     metricsRegistry_(new MetricsRegistry),
-    isHttpServerSecure_(true)
+    isHttpServerSecure_(true),
+    isExecuteLuaEnabled_(false)
   {
     {
       OrthancConfiguration::ReaderLock lock;
--- a/OrthancServer/ServerContext.h	Fri Oct 04 19:16:12 2019 +0200
+++ b/OrthancServer/ServerContext.h	Sun Oct 06 09:52:57 2019 +0200
@@ -221,6 +221,7 @@
 
     std::auto_ptr<MetricsRegistry>  metricsRegistry_;
     bool isHttpServerSecure_;
+    bool isExecuteLuaEnabled_;
 
   public:
     class DicomCacheLocker : public boost::noncopyable
@@ -413,5 +414,15 @@
     {
       return isHttpServerSecure_;
     }
+
+    void SetExecuteLuaEnabled(bool enabled)
+    {
+      isExecuteLuaEnabled_ = enabled;
+    }
+
+    bool IsExecuteLuaEnabled() const
+    {
+      return isExecuteLuaEnabled_;
+    }
   };
 }
--- a/OrthancServer/main.cpp	Fri Oct 04 19:16:12 2019 +0200
+++ b/OrthancServer/main.cpp	Sun Oct 06 09:52:57 2019 +0200
@@ -898,6 +898,18 @@
       {
         httpServer.SetSslEnabled(false);
       }
+
+      if (lock.GetConfiguration().GetBooleanParameter("ExecuteLuaEnabled", false))
+      {
+        context.SetExecuteLuaEnabled(true);
+        LOG(WARNING) << "====> Remote LUA script execution is enabled.  Review your configuration option \"ExecuteLuaEnabled\". "
+                     << "Your setup is POSSIBLY INSECURE <====";
+      }
+      else
+      {
+        context.SetExecuteLuaEnabled(false);
+        LOG(WARNING) << "Remote LUA script execution is disabled";
+      }
     }
 
     MyHttpExceptionFormatter exceptionFormatter(httpDescribeErrors, plugins);