Call close() to release the socket in the event of an error.
infer says:
sources/ogAdmServer.cpp:1244: error: RESOURCE_LEAK
resource acquired by call to `socket()` at line 1236, column 6 is not released after line 1244, column 3.
1242. sizeof(on));
1243. if (res < 0) {
1244. > syslog(LOG_ERR, "cannot set broadcast socket\n");
1245. return false;
1246. }
Not a real problem since OS releases process resources if the server
cannot bind to the port, but just to be correct here.
If no payload is attached to method that requires a payload, then the API
returns a 400 status code (following RFC 7231) instead of the previous 404.
test_0001_get_clients.py is also modified to fit the new status code.
This test checks for wrong headers HTTP requests:
1. POST /clients with a content length larger than a signed int.
2. POST /clients with an auth token larger than 63 characters.
This patch changes the number of characters stored in cli->auth_token
from 64 to 63. This way the array has the last position available to
store the null character.
Clients might enter power saving mode, hence, closing the connection
with the server. When the server sends a request to refresh its state,
if they are gone, do not break the iteration over the list of clients.
This patch change the size of the array ptrPar from 6 to 7.
cppcheck says:
[sources/ogAdmServer.cpp:598]: (error) Array 'ptrCfg[6]' accessed at index 6, which is out of bounds.
Currently, if you try to run the python test without the ogAdmServer
binary, it will throw an exception.
This patch adds a check to ensure the existence of the ogAdmServer binary
at the beginning of the script.
# python3 run-tests.py
You need to build the ogAdmServer binary to run these tests :-)
Aug 28 17:12:33 server ogAdmServer[10110]: 127.0.0.1:54640 POST /nonexistent HTTP/1.1^M Host ...
Aug 28 17:12:33 server ogAdmServer[10110]: unknown command: nonexistent HTTP/1.1^M Host: loca ...
Irina reports a crash in the wol command on Ubuntu 18.04 and gcc 7.4.0:
==9542== Process terminating with default action of signal 6 (SIGABRT)
==9542== at 0x6C37E97: raise (raise.c:51)
==9542== by 0x6C39800: abort (abort.c:79)
==9542== by 0x6C82896: __libc_message (libc_fatal.c:181)
==9542== by 0x6D2DCD0: __fortify_fail_abort (fortify_fail.c:33)
==9542== by 0x6D2DC91: __stack_chk_fail (stack_chk_fail.c:29)
==9542== by 0x111DB1: WakeUp(int, char*, char*, char*) (ogAdmServer.cpp:1390)
==9542== by 0x11199F: Levanta(char**, char**, int, char*) (ogAdmServer.cpp:1251)
==9542== by 0x118372: og_cmd_wol(json_t*, og_msg_params*) (ogAdmServer.cpp:3580)
==9542== by 0x119B91: og_client_state_process_payload_rest(og_client*) (ogAdmServer.cpp:4030)
==9542== by 0x11A4E9: og_client_read_cb(ev_loop*, ev_io*, int) (ogAdmServer.cpp:4212)
==9542== by 0x5EA1D72: ev_invoke_pending (in /usr/lib/x86_64-linux-gnu/libev.so.4.0.0)
==9542== by 0x5EA53DD: ev_run (in /usr/lib/x86_64-linux-gnu/libev.so.4.0.0)
sscanf() returns integers (32-bits) instead of array of 8-bits.
Irina reports a crash in the wol command on Ubuntu 18.04 and gcc 7.4.0:
==9542== Process terminating with default action of signal 6 (SIGABRT)
==9542== at 0x6C37E97: raise (raise.c:51)
==9542== by 0x6C39800: abort (abort.c:79)
==9542== by 0x6C82896: __libc_message (libc_fatal.c:181)
==9542== by 0x6D2DCD0: __fortify_fail_abort (fortify_fail.c:33)
==9542== by 0x6D2DC91: __stack_chk_fail (stack_chk_fail.c:29)
==9542== by 0x111DB1: WakeUp(int, char*, char*, char*) (ogAdmServer.cpp:1390)
==9542== by 0x11199F: Levanta(char**, char**, int, char*) (ogAdmServer.cpp:1251)
==9542== by 0x118372: og_cmd_wol(json_t*, og_msg_params*) (ogAdmServer.cpp:3580)
==9542== by 0x119B91: og_client_state_process_payload_rest(og_client*) (ogAdmServer.cpp:4030)
==9542== by 0x11A4E9: og_client_read_cb(ev_loop*, ev_io*, int) (ogAdmServer.cpp:4212)
==9542== by 0x5EA1D72: ev_invoke_pending (in /usr/lib/x86_64-linux-gnu/libev.so.4.0.0)
==9542== by 0x5EA53DD: ev_run (in /usr/lib/x86_64-linux-gnu/libev.so.4.0.0)
sscanf() returns integers (32-bits) instead of array of 8-bits.
This test adds four new error test cases:
1. Non existent method with POST.
2. Non existent method with GET.
3. Non existent method with POST but with wrong API token.
4. Non existent method with POST but without json.
ogAdmServer REST API now meets the starndar RFC 7235 when incorrect auth
happens.
og_client_not_authorized() now sends "401 Unauthorized" and
"WWW-Authenticate" instead of 404.
* Call the tests with python module unittest. In particular, the
discover function.
* Rename tests files to meet the default requirements of discover
function.
This patch implements the command "software" that fetches the software
configuration from the clients.
Request:
POST /software
{"clients" : [ "192.168.2.1", "192.168.2.2" ]}
Reply:
200 OK
This allows to refresh the software inventory from clients.
Javier Sánchez Parra
Roberto Hueso Gómez
OpenGnSys Support Team
Ramón M. Gómez