[PATCH V2 uhttpd] ubus: add new RESTful API

Rafał Miłecki zajec5 at gmail.com
Tue Aug 18 12:39:22 EDT 2020


On 08.08.2020 01:47, Andre Valentin wrote:
> I'm just experimenting a bit with the patch.
> There were multiple this:

You need to reply to all, this is public stuff potentially affecting
all OpenWrt users.


> 1)
> I habe some mips routers and an ipq806x based router.
> After I added that patch, I cannot authenticate on via json-rpc on the ipq806x.
> I remove the patch, rebuild. It works again.
> This does not seem to happen on the mips routers.

I can't think of any explanation for this. Platform or endianess should
not affect ubus behaviour.
Maybe you just missed something in your rpcd confguration? Acl stuff?
I can't say anything without providing more debugging info.


> 2)
> Authentication over rest-api works fine:
>    "jsonrpc": "2.0",
>    "id": 1,
>    "result": {
>      "ubus_rpc_session": "3653e64078f1f6ebaf4803e67c18fa2a",
>      "timeout": 300,

Perfect.


> But if I try to subscribe I get this error:
>> GET /ubus/subscribe/hostapd.wap-knet1 HTTP/1.1
>> Host: ap-av-grwz
>> User-Agent: curl/7.64.0
>> Accept: */*
>> Authorization: Bearer 3653e64078f1f6ebaf4803e67c18fa2a
>>
> < HTTP/1.1 200 OK
> HTTP/1.1 200 OK
> < Connection: Keep-Alive
> Connection: Keep-Alive
> < Transfer-Encoding: chunked
> Transfer-Encoding: chunked
> < Keep-Alive: timeout=20
> Keep-Alive: timeout=20
> < Content-Type: application/json
> Content-Type: application/json
> 
> <
> * Connection #0 to host ap-av-grwz left intact
> {"code":-13,"message":"Permission denied"}
> 
> I do not have an idea what's wrong, perhaps you have an idea?

Sure, it means you / your session is not allowed to subscribe. See:

if (!conf.ubus_noauth && !uh_ubus_allowed(sid, path, data.method)) {
	err = ERROR_ACCESS;
	goto error;
}

Until we add acl.d rule for allowing subscription access it's possible
only with ubus_noauth. I'm going to work on proper / new acl.d as soon
as I get this patch accepted.



More information about the openwrt-devel mailing list