This patch adds og_msg_params_validate function as well as some flags that can
be used to validate parameters of a REST API request.
This patch ensures that all required parameters are sent in the request.
Irina reports that if you try to restore an image without success
(for example: the disk does not have enough space), the database changes
as if no error would happen. So you see the computer in the WebConsole
with an image/OS that, actually, does not have.
The bug is caused because the function respuestaEstandar only checks
the result of a command if it has a session. So the problem is that the
commands which use respuestaEstandar without a session can return an
error, but the ogAdmServer always works as no error would occur.
This commit changes the behaviour of respuestaEstadar to always check
the result of a command, whether it has a session or not.
This patch implements the command "run/schedule" that kicks in pending commands
execution.
Request:
POST /run/schedule
{
"clients": ["192.168.56.11"]
}
Reply:
200 OK
This patch also adds a simple test to cover correction of the command.
This patch adds the parameters "disk" and "partition" to
POST "software" command. This way the client can create a software
profile without failure.
New request:
POST /software
{
"clients":[
"192.168.56.12"
],
"disk":"1",
"partition":"1"
}
Reply:
200 OK
Call close() to release the socket in the event of an error.
infer says:
sources/ogAdmServer.cpp:1244: error: RESOURCE_LEAK
resource acquired by call to `socket()` at line 1236, column 6 is not released after line 1244, column 3.
1242. sizeof(on));
1243. if (res < 0) {
1244. > syslog(LOG_ERR, "cannot set broadcast socket\n");
1245. return false;
1246. }
Not a real problem since OS releases process resources if the server
cannot bind to the port, but just to be correct here.
If no payload is attached to method that requires a payload, then the API
returns a 400 status code (following RFC 7231) instead of the previous 404.
test_0001_get_clients.py is also modified to fit the new status code.
This patch changes the number of characters stored in cli->auth_token
from 64 to 63. This way the array has the last position available to
store the null character.
Clients might enter power saving mode, hence, closing the connection
with the server. When the server sends a request to refresh its state,
if they are gone, do not break the iteration over the list of clients.
This patch change the size of the array ptrPar from 6 to 7.
cppcheck says:
[sources/ogAdmServer.cpp:598]: (error) Array 'ptrCfg[6]' accessed at index 6, which is out of bounds.
Aug 28 17:12:33 server ogAdmServer[10110]: 127.0.0.1:54640 POST /nonexistent HTTP/1.1^M Host ...
Aug 28 17:12:33 server ogAdmServer[10110]: unknown command: nonexistent HTTP/1.1^M Host: loca ...
Irina reports a crash in the wol command on Ubuntu 18.04 and gcc 7.4.0:
==9542== Process terminating with default action of signal 6 (SIGABRT)
==9542== at 0x6C37E97: raise (raise.c:51)
==9542== by 0x6C39800: abort (abort.c:79)
==9542== by 0x6C82896: __libc_message (libc_fatal.c:181)
==9542== by 0x6D2DCD0: __fortify_fail_abort (fortify_fail.c:33)
==9542== by 0x6D2DC91: __stack_chk_fail (stack_chk_fail.c:29)
==9542== by 0x111DB1: WakeUp(int, char*, char*, char*) (ogAdmServer.cpp:1390)
==9542== by 0x11199F: Levanta(char**, char**, int, char*) (ogAdmServer.cpp:1251)
==9542== by 0x118372: og_cmd_wol(json_t*, og_msg_params*) (ogAdmServer.cpp:3580)
==9542== by 0x119B91: og_client_state_process_payload_rest(og_client*) (ogAdmServer.cpp:4030)
==9542== by 0x11A4E9: og_client_read_cb(ev_loop*, ev_io*, int) (ogAdmServer.cpp:4212)
==9542== by 0x5EA1D72: ev_invoke_pending (in /usr/lib/x86_64-linux-gnu/libev.so.4.0.0)
==9542== by 0x5EA53DD: ev_run (in /usr/lib/x86_64-linux-gnu/libev.so.4.0.0)
sscanf() returns integers (32-bits) instead of array of 8-bits.
ogAdmServer REST API now meets the starndar RFC 7235 when incorrect auth
happens.
og_client_not_authorized() now sends "401 Unauthorized" and
"WWW-Authenticate" instead of 404.
This patch implements the command "software" that fetches the software
configuration from the clients.
Request:
POST /software
{"clients" : [ "192.168.2.1", "192.168.2.2" ]}
Reply:
200 OK
This allows to refresh the software inventory from clients.
This patch implements the command "hardware" that fetches the hardware
configuration from the clients.
Request:
POST /hardware
{"clients" : [ "192.168.2.1", "192.168.2.2" ]}
Reply:
200 OK
This allows to refresh the hardware inventory from clients.
The new REST API obsoletes the following commands:
- Actualizar() has been replaced by POST /refresh.
- Purgar() has been replaced by POST /stop.
- Reiniciar() has been replaced by POST /reboot.
- IniciarSesion() has been replaced by POST /session.
Forces client to fetch and run any pending command from the server,
reload its local configuration file and re-start its selection menu.
curl -X POST http://127.0.0.1:8888/refresh -d @refresh.json
Request
POST /refresh
{"clients": [ "192.168.2.1" ] }
Reply:
200 OK
Stop the menu selection on client (through POST method):
curl -X POST http://127.0.0.1:8888/stop -d @stop.json
Request
POST /stop
{"clients": [ "192.168.2.1" ] }
Reply:
200 OK
Reboot a client (through POST method):
curl -X POST http://127.0.0.1:8888/reboot -d @reboot.json
Request
POST /reboot
{"clients": [ "192.168.2.1" ] }
Reply:
200 OK
Power off a client (through POST method):
curl -X POST http://127.0.0.1:8888/poweroff -d @poweroff.json
Request
POST /poweroff
{"clients": [ "192.168.2.1" ] }
Reply:
200 OK
The new REST API obsoletes the following commands:
- Sondeo() has been replaced by GET /clients.
- respuestaSondeo() has been replaced by POST /clients.
- ConsolaRemota() has been replaced by POST /shell/run.
- EcoConsola() has been replaced by POST /shell/output.
- Arrancar() has been replaced by POST /wol.
Start a session on client (through POST method):
curl -X POST http://127.0.0.1:8888/session -d @session.json
Request
POST /session
{"clients": [ "192.168.2.1" ] }
Reply:
200 OK
Fetching result from run command on client (through GET method):
curl -X POST http://127.0.0.1:8888/shell/output -d @post_shell_output.json
Request
POST /shell/output
{"clients": [ "192.168.2.1" ] }
Reply:
200 OK
{"clients": [ { "addr" : "192.168.2.1", "output" : "..." } ] }
Run command on client (through POST method):
curl -X POST http://127.0.0.1:8888/shell/run -d @post_run.json
Request
POST /shell/run
{"clients": [ "192.168.2.1", "192.168.2.2" ], "run" : "ls" }
Reply:
200 OK
Add REST API for ogAdmServer, this API is exposed through port 8888 on
the system that runs the ogAdmServer. The body of the HTTP message is
expressed in JSON format.
This patch implements the command "clients" that maps to the existing
legacy "Sondeo" command, that is used by the web interface to poll
refresh the client state.
This patch also includes an initial test infrastructure using 'curl' to
send commands to the new REST API.
Request:
POST /clients
{"clients" : [ "192.168.2.1", "192.168.2.2" ]}
Reply:
200 OK
This allows to refresh the status of the list of clients.
Add new function to check and send commands to the clients. This new
function takes an array of IP addresses (string) and send commands to
the clients.
* New parameter in ogAdmServer config file for setting an interface.
* ogAdmServer multicast WoL now search the interface of the config file in the
system, if the interface is found in the system the destination IP of the
packet change to a broadcast address of a specific range of addresses.
Fix function to send wake-on-lan packet:
- setsockopt() expects an integer as parameter.
- zero the struct socketaddr_in local structure.
- use sscanf() to parse the mac address string.
Before:
Dec 3 11:18:12 ogLab /opt/opengnsys/sbin/ogAdmServer[1025]: server closing connection to 192.168.56.10:50476
After this patch:
Dec 3 11:18:12 ogLab ogAdmServer[1025]: server closing connection to 192.168.56.10:50476
OgAdmServer leaves a connection in keepalive more (similar to HTTP
keepalive feature), the existing handling is not correct. The tbsocket
table is never cleaned up and properly.
Use the new og_client object that represents connections from the
clients in tbsocket[] instead.
The keepalive field now stores the index in the tbsocket table, so there
is no need to consult mysql to fetch the slot that this client is using.
This patch also extends syslog() support to include port number when
reporting connections from clients.
Modern server side using libev library, includes timeouts for clients.
After this patch, your system requires the libev-dev and libev4 packages
to compile ogAdmServer.
Roberto Hueso Gómez
Ramón M. Gómez
Javier Sánchez Parra
OpenGnSys Support Team