Uri-Path and Uri-Query of Server URI #230
Comments
|
Another interpretation that didn't occur to me while originally writing this ticket is that the Server URI written to the data model should actually include the So another question is: if Uri-Path in the Server URI resource is allowed and meaningful
|
|
Also, just noting that on-site input from @hannestschofenig during the meeting of the Working Group with TestFest Warsaw participants on Wednesday seemed to suggest that:
As for me, I think this would be a perfectly suitable conclusion. |
Features: - Extracted Firmware Update logic to a separate module so that the end user have to implement device-specific firmware updating logic only - Implemented API for firmware update resumption - Implemented stub of the portfolio object (in demo client) required for the OMA TestFest 2017 - Added support for DTLS session resumption as well as register-after-reconnect semantics - Added object versioning support - Added support for LwM2M Server URIs with Uri-Path and Uri-Query Bugfixes: - Fixed travis builds on macOS - Fixed a few misleading statements in the documentation - Fixed anjay_codegen.py handling of Multiple Instance Resources - Fixed Content-Format for responses on Bootstrap Discover request - Fixed Write (replace) on Device object instance in demo client Improvements: - Added more tests covering OMA TestFest 2017 test cases - Allowed configuring Security/Server IIDs from command line in demo - Allowed Bootstrap Delete on "/" - Added support for re-bootstrapping after failed registrations - Added anjay_server/security_object_is_modified simiar to anjay_attr_storage_is_modified - Updated porting guide - Replaced Internal Server Error responses with more specific error codes in a few places Other: - Relaxed validator of Update location path, due to specification being unclear (see: OpenMobileAlliance/OMA_LwM2M_for_Developers#230)
|
From a related issue:
Allow to include uri-path and any uri-query in a resource of LwM2M server URI ( For example: |
|
For v1.1 we have to clarify the security processing that relates to the comparison between the content of a certificate (such as the string contained in the CN field of a cert) with the LwM2M Server URI resource value. A dedicated resource carrying the Server Name Indication (SNI) has been defined already. |
|
If this issue is still valid, please re-issue it against the LwM2M v1.1 release. |
Up until the second-to-last pre-1.0 draft, the LwM2M Server URI Resource in Section E.1 (LwM2M Object: LwM2M Security) read:
However, it has been changed in
2017-0051R02-CR_security_object_bugfix_uri_format, and in all current versions, including the 1.0 and 1.0.1 approved versions, it reads:Allowing all URIs that are valid as per RFC suggests that things like paths and query-strings are now allowed, so that e.g.
coaps://example.com:1234/some/crazy/path?and=more&crazinessnow seems a valid LwM2M Server URI.However, other parts of the spec do not seem to be prepared for such URIs; for example, section 8.2.4 mentions that Register shall be sent on the "/rd" URI and also that "The LwM2M Server MUST return a location under the /rd path segment" in Location-Path Options. It might be interpreted as requiring an absolute "/rd" path, essentially discarding any Uri-Path present in the Server URI.
There are more unresolved questions if the configured Server URI includes a query string. Shall these values be reproduced when sending Register or Bootstrap-Request? What if the configured URI already contains some query-string arguments that are meaningful for LwM2M, such as
ep? Also, what about Update?All in all:
coaps://example.com:1234/some/path?/rdpath of a Register URI or/bspath of a Bootstrap Request URI?/rdand/bspaths always used?Location-Pathreturned in response to Register contain an absolute path or a path relative to the Server URI?coaps://example.com:1234?some=query?coaps://example.com:1234?ep=iamcrazy? What will be the Register URI?epattribute with Endpoint Client Name?epattribute? In what order?The text was updated successfully, but these errors were encountered: