[PATCH V2 uhttpd] ubus: add new RESTful API
Rafał Miłecki
zajec5 at gmail.com
Tue Aug 18 12:39:22 EDT 2020
On 08.08.2020 01:47, Andre Valentin wrote:
> I'm just experimenting a bit with the patch.
> There were multiple this:
You need to reply to all, this is public stuff potentially affecting
all OpenWrt users.
> 1)
> I habe some mips routers and an ipq806x based router.
> After I added that patch, I cannot authenticate on via json-rpc on the ipq806x.
> I remove the patch, rebuild. It works again.
> This does not seem to happen on the mips routers.
I can't think of any explanation for this. Platform or endianess should
not affect ubus behaviour.
Maybe you just missed something in your rpcd confguration? Acl stuff?
I can't say anything without providing more debugging info.
> 2)
> Authentication over rest-api works fine:
> "jsonrpc": "2.0",
> "id": 1,
> "result": {
> "ubus_rpc_session": "3653e64078f1f6ebaf4803e67c18fa2a",
> "timeout": 300,
Perfect.
> But if I try to subscribe I get this error:
>> GET /ubus/subscribe/hostapd.wap-knet1 HTTP/1.1
>> Host: ap-av-grwz
>> User-Agent: curl/7.64.0
>> Accept: */*
>> Authorization: Bearer 3653e64078f1f6ebaf4803e67c18fa2a
>>
> < HTTP/1.1 200 OK
> HTTP/1.1 200 OK
> < Connection: Keep-Alive
> Connection: Keep-Alive
> < Transfer-Encoding: chunked
> Transfer-Encoding: chunked
> < Keep-Alive: timeout=20
> Keep-Alive: timeout=20
> < Content-Type: application/json
> Content-Type: application/json
>
> <
> * Connection #0 to host ap-av-grwz left intact
> {"code":-13,"message":"Permission denied"}
>
> I do not have an idea what's wrong, perhaps you have an idea?
Sure, it means you / your session is not allowed to subscribe. See:
if (!conf.ubus_noauth && !uh_ubus_allowed(sid, path, data.method)) {
err = ERROR_ACCESS;
goto error;
}
Until we add acl.d rule for allowing subscription access it's possible
only with ubus_noauth. I'm going to work on proper / new acl.d as soon
as I get this patch accepted.
More information about the openwrt-devel
mailing list