RPC Ubus Session ID
When calling a ubus function via the package uhttpd-mod-ubus
I will always get a result 2 / invalid argument.
The problem is that the rpc call will unconditionally sent the ubus session ID to verify the authorization.
Looking at ubus -v monitor
I get:
-> c15a547b #751d66fa invoke: {"objid":-1920601747,"method":"access","data":{"ubus_rpc_session":"xxxx","object":"avarangedcd","function":"test"},"user":"root","group":"root"
My function is :
ubus.add("avarangedcd", {
"test": {"method": self.callback_test, "signature": {} }
})
And my remote call conatains of:
URL: /ubus
POST DATA: {'jsonrpc': '2.0', 'id': 1, 'method': 'call', 'params': ['xxxx', 'avarangedcd', 'test', {}]}
RESPONSE: 200 {'jsonrpc': '2.0', 'id': 1, 'result': [2]}
As a workaround I change my function to:
ubus.add("avarangedcd", {
"test": {"method": self.callback_test, "signature": {"ubus_rpc_session": ubus.BLOBMSG
_TYPE_STRING}}
})
The correct solution would be here to make an exception for ubus_rpc_session
: https://gitlab.nic.cz/turris/python-ubus/-/blob/master/ubus_python.c#L789
E.g. something like this:
blob_for_each_attr(cur, args, idx) {
const char *name = blobmsg_name(cur);
int type = blobmsg_type(cur);
int pol_idx;
// Skip comparision if RPC session ID is given
if (!strcmp("ubus_rpc_session", name)) {
continue;
}
// Iterate through policies
for (pol_idx = 0; pol_idx < n_policies; pol_idx++) {
// Skip ubus_rpc_session
if (!strcmp(name, policies[pol_idx].name)) {
passed_count += 1;
int pol_type = policies[pol_idx].type;
if (pol_type != BLOBMSG_TYPE_UNSPEC && pol_type != type) {
return false;
}
break;
}
}
``
Edited by Ghost User