Hello Zaid,
I can see that the GenieACS is returning empty value for GPV RPC prameters where the password is held. This is OK with the standard: https://www.broadband-forum.org/pdfs/tr-069-1-6-1.pdf
"All writeable Parameters must also be readable
although those that contain confidential user information, e.g., passwords, may return
empty values when read (this is specified in the corresponding data model definition). "
Unfortunately the password empty values for RPC GPV affects the password parameter value in the ACS database by overwriting the value by empty field being received from the GPV.
The value before GPV:
the GPV Responce:
<soap:Envelope xmlns:soap=“http://schemas.xmlsoap.org/soap/envelope/” xmlns:soap-enc=“http://schemas.xmlsoap.org/soap/encoding/” xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance” xmlns:xsd=“http://www.w3.org/2001/XMLSchema” xmlns:cwmp=“urn:dslforum-org:cwmp-1-0”>soap:Header<cwmp:ID soap:mustUnderstand=“1”>18fde52837e0000</cwmp:ID></soap:Header>soap:Bodycwmp:GetParameterValuesResponseDevice.ManagementServer.ConnectionRequestPassword</cwmp:GetParameterValuesResponse></soap:Body></soap:Envelope>
result/affted GeniaACS value:
Bug/Unexpected effect:
As consequence the unit connected to GenieACS can not effectively use authorized service (for example XMPP).
It seems like it also affects somehow the example pass generator in provision being delivered during Genie installation, I believe you should recognize this one:
const username = declare("Device.DeviceInfo.SerialNumber", {value: 1}).value[0]
const password = Math.trunc(Math.random() * Number.MAX_SAFE_INTEGER).toString(36);
Please consider to fix overwriting passwords with empty value for the GPV RPC ASAP since it is braking the authorization related services apart.
The easy solution is to not refresh the entire Device.ManagementServer parameter tree. I’ve never once in the 2-3+ years we’ve been using v1.2, nor in the 7-8 years I’ve been using GenieACS in general had a need to refresh the entire Device.ManagementServer tree.
Additionally, if you use the default inform preset and provision script this should never be an issue as the default inform script ensures values are set for [InternetGatewayDevice|Device].ManagementServer.ConnectionRequestUsername and [InternetGatewayDevice|Device].ManagementServer.ConnectionRequestPassword.
So even if you did refresh the Device.ManagementServer.ConnectionRequestPassword value, in one inform cycle, the value will be restored. Given that the Math object in GenieACS is seeded with the DeviceID, you should always get the same password value.
@akcoder it sounds like I have other needs, expectations and experience.
One of many examples is the Data Model refresh in case of client firmware upgrade when new functionalities are expected = new parameters in the Data Model. Then I would like to relay on GPN and GPV RPC for the Data Model sub-tree not specific parameters that are unknown that moment.
Usage of the predefined provisions like inform and default sound like kind of remedy/ workaround to me.
In the inform predefined provision you are writing the CR username and password periodically so it sounds more like workaround than the solution.
I’ve other experience with other ACSes than Genie. They do not write the passwords value when GPV RPC gives empty result.
Again I see filed for improvement here.
Let me ask the question in the other way.
For BOOTSRAP where the Device.ManagementServer.ConnectionRequestPassword value is set in the provision
const cruser = declare("Device.DeviceInfo.SerialNumber", {value: 1}).value[0]
const crpass = declare("Device.DeviceInfo.SerialNumber", {value: 1}).value[0]
//
declare("Device.ManagementServer.ConnectionRequestUsername", {path: now, value: now}, {value: cruser});
declare("Device.ManagementServer.ConnectionRequestPassword", {path: now, value: now}, {value: crpass});
[...]
I see this order in the pcap:
GPN
then GPV
next
ans SPV
and this is it.
The question:
Is GenieACS seving the SPV ManagementServer.ConnectionRequestPassword value to a ACS Data Base?
looking at what result I got on Genie UI : Icorrect Credentials - I doubt.
@Zaid could you please answer my question?
I see that the Incorrect Credentials error vanish after next Inform
Is it the way it should be?
