HTTP data server updates

Check of enable-http-data config option
HTTP/2 Return 400 bad request if no path match
Test: updated yang file revisions, extended restconf config with http-data

test/config.sh.in

@@ -71,8 +71,8 @@ DATASTORE_TOP="config"
 # clixon yang revisions occuring in tests (see eg yang/clixon/Makefile.in)
 CLIXON_AUTOCLI_REV="2022-02-11"
 CLIXON_LIB_REV="2021-12-05"
-CLIXON_CONFIG_REV="2022-02-11"
-CLIXON_RESTCONF_REV="2021-05-20"
+CLIXON_CONFIG_REV="2022-03-21"
+CLIXON_RESTCONF_REV="2022-03-21"
 CLIXON_EXAMPLE_REV="2020-12-01"
 
 # Length of TSL RSA key

test/lib.sh

@@ -228,6 +228,8 @@ fi
 # Args:
 # 1: auth-type (one of none, client-cert, user)
 # 2: pretty (if true pretty-print restconf return values)
+# [3: proto: http or https]
+# [4: http_data: true or false] # Note feature http-data must be enabled
 # Note, if AUTH=none then FEATURE clixon-restconf:allow-auth-none must be enabled
 # Note if https, check if server cert/key exists, if not generate them
 function restconf_config()
@@ -235,26 +237,42 @@ function restconf_config()
     AUTH=$1
     PRETTY=$2
 
-    if [ false -a ${WITH_RESTCONF} = "fcgi" ]; then
-	echo "<CLICON_FEATURE>clixon-restconf:fcgi</CLICON_FEATURE><restconf><enable>true</enable><auth-type>$AUTH</auth-type><pretty>$PRETTY</pretty><debug>$DBG</debug></restconf>"
+    # Change this to fixed parameters
+    if [ $# -gt 2 ]; then
+	proto=$3
     else
-	FEATURES="<CLICON_FEATURE>clixon-restconf:fcgi</CLICON_FEATURE>"
-	if [ $RCPROTO = http ]; then
-	    echo "${FEATURES}<restconf><enable>true</enable><auth-type>$AUTH</auth-type><pretty>$PRETTY</pretty><debug>$DBG</debug><socket><namespace>default</namespace><address>0.0.0.0</address><port>80</port><ssl>false</ssl></socket></restconf>"
-	else
-	    certdir=$dir/certs
-	    if [ ! -f ${dir}/clixon-server-crt.pem ]; then
-		certdir=$dir/certs
-		test -d $certdir || mkdir $certdir
-		srvcert=${certdir}/clixon-server-crt.pem
-		srvkey=${certdir}/clixon-server-key.pem
-		cacert=${certdir}/clixon-ca-crt.pem
-		cakey=${certdir}/clixon-ca-key.pem
-		cacerts $cakey $cacert
-		servercerts $cakey $cacert $srvkey $srvcert
-	    fi
-	    echo "${FEATURES}<restconf><enable>true</enable><auth-type>$AUTH</auth-type><pretty>$PRETTY</pretty><server-cert-path>${certdir}/clixon-server-crt.pem</server-cert-path><server-key-path>${certdir}/clixon-server-key.pem</server-key-path><server-ca-cert-path>${certdir}/clixon-ca-crt.pem</server-ca-cert-path><debug>$DBG</debug><socket><namespace>default</namespace><address>0.0.0.0</address><port>443</port><ssl>true</ssl></socket></restconf>"
+    	proto=$RCPROTO
+    fi
+    if [ $# -gt 3 ]; then
+	http_data=$4
+    else
+    	http_data=false
+    fi
+    
+    echo -n "<CLICON_FEATURE>clixon-restconf:fcgi</CLICON_FEATURE>"
+    if [ $proto = http ]; then
+	echo -n "<restconf><enable>true</enable>"
+	if ${http_data}; then
+	    echo -n "<enable-http-data>true</enable-http-data>"
 	fi
+	echo "<auth-type>$AUTH</auth-type><pretty>$PRETTY</pretty><debug>$DBG</debug><socket><namespace>default</namespace><address>0.0.0.0</address><port>80</port><ssl>false</ssl></socket></restconf>"
+    else
+	certdir=$dir/certs
+	if [ ! -f ${dir}/clixon-server-crt.pem ]; then
+	    certdir=$dir/certs
+	    test -d $certdir || mkdir $certdir
+	    srvcert=${certdir}/clixon-server-crt.pem
+	    srvkey=${certdir}/clixon-server-key.pem
+	    cacert=${certdir}/clixon-ca-crt.pem
+	    cakey=${certdir}/clixon-ca-key.pem
+	    cacerts $cakey $cacert
+	    servercerts $cakey $cacert $srvkey $srvcert
+	fi
+	echo -n "<restconf><enable>true</enable>"
+	if ${http_data}; then
+	    echo -n "<enable-http-data>true</enable-http-data>"
+	fi
+	echo "<auth-type>$AUTH</auth-type><pretty>$PRETTY</pretty><server-cert-path>${certdir}/clixon-server-crt.pem</server-cert-path><server-key-path>${certdir}/clixon-server-key.pem</server-key-path><server-ca-cert-path>${certdir}/clixon-ca-crt.pem</server-ca-cert-path><debug>$DBG</debug><socket><namespace>default</namespace><address>0.0.0.0</address><port>443</port><ssl>true</ssl></socket></restconf>"
     fi
 }
 

test/test_http_data.sh

@@ -1,5 +1,10 @@
 #!/usr/bin/env bash
-# Simple web data
+# Simple http data test
+# Create an html and css file
+# Get them via http and https
+# Send options and head request
+# Errors: not found, post, 
+# XXX: feature disabled
 
 # Magic line must be first in script (see README.md)
 s="$_" ; . ./lib.sh || if [ "$s" = $0 ]; then exit 0; else return 0; fi
@@ -7,9 +12,8 @@ s="$_" ; . ./lib.sh || if [ "$s" = $0 ]; then exit 0; else return 0; fi
 APPNAME=example
 
 cfg=$dir/conf.xml
-wdir=$dir/www
-rm -rf $wdir
-mkdir $wdir
+rm -rf $dir/www
+mkdir $dir/www
 
 # Does not work with fcgi
 if [ "${WITH_RESTCONF}" = "fcgi" ]; then
@@ -17,40 +21,8 @@ if [ "${WITH_RESTCONF}" = "fcgi" ]; then
     if [ "$s" = $0 ]; then exit 0; else return 0; fi
 fi
 
-RESTCONFIG=$(restconf_config none false)
-
-
-# Clixon config
-cat <<EOF > $cfg
-<clixon-config xmlns="http://clicon.org/config">
-  <CLICON_CONFIGFILE>$cfg</CLICON_CONFIGFILE>
-  <CLICON_FEATURE>clixon-restconf:allow-auth-none</CLICON_FEATURE> <!-- Use auth-type=none -->
-  <CLICON_FEATURE>clixon-restconf:http-data</CLICON_FEATURE>
-  <CLICON_YANG_DIR>${YANG_INSTALLDIR}</CLICON_YANG_DIR>
-  <CLICON_YANG_DIR>$IETFRFC</CLICON_YANG_DIR>
-  <CLICON_YANG_MAIN_DIR>$dir</CLICON_YANG_MAIN_DIR>
-  <CLICON_CLISPEC_DIR>/usr/local/lib/$APPNAME/clispec</CLICON_CLISPEC_DIR>
-  <CLICON_BACKEND_DIR>/usr/local/lib/$APPNAME/backend</CLICON_BACKEND_DIR>
-  <CLICON_BACKEND_REGEXP>example_backend.so$</CLICON_BACKEND_REGEXP>
-  <CLICON_RESTCONF_DIR>/usr/local/lib/$APPNAME/restconf</CLICON_RESTCONF_DIR>
-  <CLICON_HTTP_DATA_PATH>/data</CLICON_HTTP_DATA_PATH>
-  <CLICON_HTTP_DATA_ROOT>$wdir</CLICON_HTTP_DATA_ROOT>
-  <CLICON_CLI_DIR>/usr/local/lib/$APPNAME/cli</CLICON_CLI_DIR>
-  <CLICON_CLI_MODE>$APPNAME</CLICON_CLI_MODE>
-  <CLICON_SOCK>/usr/local/var/$APPNAME/$APPNAME.sock</CLICON_SOCK>
-  <CLICON_BACKEND_PIDFILE>/usr/local/var/$APPNAME/$APPNAME.pidfile</CLICON_BACKEND_PIDFILE>
-  <CLICON_XMLDB_DIR>/usr/local/var/$APPNAME</CLICON_XMLDB_DIR>
-  <CLICON_RESTCONF_HTTP2_PLAIN>true</CLICON_RESTCONF_HTTP2_PLAIN>
-  $RESTCONFIG
-</clixon-config>
-EOF
-
-# Host setup:
-#  <CLICON_HTTP_DATA_PATH>/</CLICON_HTTP_DATA_PATH>
-#  <CLICON_HTTP_DATA_ROOT>/var/www/html</CLICON_HTTP_DATA_ROOT>
-
 # Data file
-cat <<EOF > $wdir/index.html
+cat <<EOF > $dir/www/index.html
 <!DOCTYPE html>
 <html>
 <head>
@@ -71,7 +43,7 @@ working. Further configuration is required.</p>
 </html>
 EOF
 
-cat <<EOF > $wdir/example.css
+cat <<EOF > $dir/www/example.css
 img { 
     display: inline; 
     border: 
@@ -95,62 +67,138 @@ h1,h2,h3,h4,h5,h6 {
 }
 EOF
 
-
-new "test params: -f $cfg"
-if [ $BE -ne 0 ]; then
-    new "kill old backend"
-    sudo clixon_backend -zf $cfg
-    if [ $? -ne 0 ]; then
-	err
-    fi
-    sudo pkill -f clixon_backend # to be sure
+# Http test routine with arguments:
+# 1. proto:http/https
+function testrun()
+{
+    proto=$1  # http/https
+    enable=$2 # true/false
     
-    new "start backend -s init -f $cfg"
-    start_backend -s init -f $cfg
-fi
+    RESTCONFIG=$(restconf_config none false $proto $enable)
 
-new "wait backend"
-wait_backend
+    datapath=/data
+    wdir=$dir/www
+# Host setup:
+#    datapath=/
+#    wdir=/var/www/html
 
-if [ $RC -ne 0 ]; then
-    new "kill old restconf daemon"
-    stop_restconf_pre
+    # Clixon config
+    cat <<EOF > $cfg
+<clixon-config xmlns="http://clicon.org/config">
+  <CLICON_CONFIGFILE>$cfg</CLICON_CONFIGFILE>
+  <CLICON_FEATURE>clixon-restconf:allow-auth-none</CLICON_FEATURE> <!-- Use auth-type=none -->
+  <CLICON_FEATURE>clixon-restconf:http-data</CLICON_FEATURE>
+  <CLICON_YANG_DIR>${YANG_INSTALLDIR}</CLICON_YANG_DIR>
+  <CLICON_YANG_DIR>$IETFRFC</CLICON_YANG_DIR>
+  <CLICON_YANG_MAIN_DIR>$dir</CLICON_YANG_MAIN_DIR>
+  <CLICON_CLISPEC_DIR>/usr/local/lib/$APPNAME/clispec</CLICON_CLISPEC_DIR>
+  <CLICON_BACKEND_DIR>/usr/local/lib/$APPNAME/backend</CLICON_BACKEND_DIR>
+  <CLICON_BACKEND_REGEXP>example_backend.so$</CLICON_BACKEND_REGEXP>
+  <CLICON_RESTCONF_DIR>/usr/local/lib/$APPNAME/restconf</CLICON_RESTCONF_DIR>
+  <CLICON_HTTP_DATA_PATH>$datapath</CLICON_HTTP_DATA_PATH>
+  <CLICON_HTTP_DATA_ROOT>$wdir</CLICON_HTTP_DATA_ROOT>
+  <CLICON_CLI_DIR>/usr/local/lib/$APPNAME/cli</CLICON_CLI_DIR>
+  <CLICON_CLI_MODE>$APPNAME</CLICON_CLI_MODE>
+  <CLICON_SOCK>/usr/local/var/$APPNAME/$APPNAME.sock</CLICON_SOCK>
+  <CLICON_BACKEND_PIDFILE>/usr/local/var/$APPNAME/$APPNAME.pidfile</CLICON_BACKEND_PIDFILE>
+  <CLICON_XMLDB_DIR>/usr/local/var/$APPNAME</CLICON_XMLDB_DIR>
+  <CLICON_RESTCONF_HTTP2_PLAIN>true</CLICON_RESTCONF_HTTP2_PLAIN>
+  $RESTCONFIG
+</clixon-config>
+EOF
 
-    new "start restconf daemon"
-    start_restconf -f $cfg
-fi
-
-new "wait restconf"
-wait_restconf
-
-new "WWW get html"
-expectpart "$(curl $CURLOPTS -X GET -H 'Accept: text/html' $RCPROTO://localhost/data/index.html)" 0 "HTTP/$HVER 200" "Content-Type: text/html" "<title>Welcome to Clixon!</title>"
-
-new "WWW get css"
-expectpart "$(curl $CURLOPTS -X GET -H 'Accept: text/html' $RCPROTO://localhost/data/example.css)" 0 "HTTP/$HVER 200" "Content-Type: text/css" "display: inline;" --not-- "Content-Type: text/html"
-
-new "WWW head"
-expectpart "$(curl $CURLOPTS --head -H 'Accept: text/html' $RCPROTO://localhost/data/index.html)" 0 "HTTP/$HVER 200" "Content-Type: text/html" --not-- "<title>Welcome to Clixon!</title>"
-
-new "WWW options"
-expectpart "$(curl $CURLOPTS -X OPTIONS $RCPROTO://localhost/data/index.html)" 0 "HTTP/$HVER 200" "allow: OPTIONS,HEAD,GET" 
-
-new "WWW get http not found"
-expectpart "$(curl $CURLOPTS -X GET -H 'Accept: text/html' $RCPROTO://localhost/data/notfound.html)" 0 "HTTP/$HVER 404" "Content-Type: text/html" "<title>404 Not Found</title>"
-
-new "WWW post not allowed"
-expectpart "$(curl $CURLOPTS -X POST -H 'Accept: text/html' -H "Content-Type: application/yang-data+json" -d '{"ietf-interfaces:interfaces":{"interface":{"name":"eth/0/0","type":"clixon-example:eth","enabled":true}}}' $RCPROTO://localhost/data/notfound.html)" 0 "HTTP/$HVER 405" "Content-Type: text/html" "<title>405 Method Not Allowed</title>"
-
-if [ $BE -ne 0 ]; then
-    new "Kill backend"
-    # Check if premature kill
-    pid=$(pgrep -u root -f clixon_backend)
-    if [ -z "$pid" ]; then
-	err "backend already dead"
+    new "test params: -f $cfg"
+    if [ $BE -ne 0 ]; then
+	new "kill old backend"
+	sudo clixon_backend -zf $cfg
+	if [ $? -ne 0 ]; then
+	    err
+	fi
+	sudo pkill -f clixon_backend # to be sure
+	
+	new "start backend -s init -f $cfg"
+	start_backend -s init -f $cfg
     fi
-    # kill backend
-    stop_backend -f $cfg
+
+    new "wait backend"
+    wait_backend
+
+    if [ $RC -ne 0 ]; then
+	new "kill old restconf daemon"
+	stop_restconf_pre
+
+	new "start restconf daemon"
+	start_restconf -f $cfg
+    fi
+
+    new "wait restconf"
+    wait_restconf $proto
+
+#    echo "curl $CURLOPTS -X GET -H 'Accept: text/html' $proto://localhost/data/index.html"
+    if $enable; then
+	new "WWW get html"
+	expectpart "$(curl $CURLOPTS -X GET -H 'Accept: text/html' $proto://localhost/data/index.html)" 0 "HTTP/$HVER 200" "Content-Type: text/html" "<title>Welcome to Clixon!</title>"
+    else
+	new "WWW get html, not enabled, expect bad request"
+	expectpart "$(curl $CURLOPTS -X GET -H 'Accept: text/html' $proto://localhost/data/index.html)" 0 "HTTP/$HVER 400"
+	return
+    fi
+
+    new "WWW get css"
+    expectpart "$(curl $CURLOPTS -X GET -H 'Accept: text/html' $proto://localhost/data/example.css)" 0 "HTTP/$HVER 200" "Content-Type: text/css" "display: inline;" --not-- "Content-Type: text/html"
+
+    new "WWW head"
+    expectpart "$(curl $CURLOPTS --head -H 'Accept: text/html' $proto://localhost/data/index.html)" 0 "HTTP/$HVER 200" "Content-Type: text/html" --not-- "<title>Welcome to Clixon!</title>"
+
+    new "WWW options"
+    expectpart "$(curl $CURLOPTS -X OPTIONS $proto://localhost/data/index.html)" 0 "HTTP/$HVER 200" "allow: OPTIONS,HEAD,GET" 
+
+    # negative errors
+    new "WWW get http not found"
+    expectpart "$(curl $CURLOPTS -X GET -H 'Accept: text/html' $proto://localhost/data/notfound.html)" 0 "HTTP/$HVER 404" "Content-Type: text/html" "<title>404 Not Found</title>"
+
+    new "WWW post not allowed"
+    expectpart "$(curl $CURLOPTS -X POST -H 'Accept: text/html' -H "Content-Type: application/yang-data+json" -d '{"ietf-interfaces:interfaces":{"interface":{"name":"eth/0/0","type":"clixon-example:eth","enabled":true}}}' $proto://localhost/data/notfound.html)" 0 "HTTP/$HVER 405" "Content-Type: text/html" "<title>405 Method Not Allowed</title>"
+
+    if [ $RC -ne 0 ]; then
+	new "Kill restconf daemon"
+	stop_restconf
+    fi
+
+    if [ $BE -ne 0 ]; then
+	new "Kill backend"
+	# Check if premature kill
+	pid=$(pgrep -u root -f clixon_backend)
+	if [ -z "$pid" ]; then
+	    err "backend already dead"
+	fi
+	# kill backend
+	stop_backend -f $cfg
+    fi
+}
+
+protos=
+# Go thru all combinations of IPv4/IPv6, http/https, local/backend config
+if [ "${WITH_RESTCONF}" = "fcgi" ]; then
+    protos="http"
+elif ${HAVE_HTTP1}; then
+    protos="http"    # No plain http for http/2 only
 fi
+if [ "${WITH_RESTCONF}" = "native" ]; then
+    # https only relevant for internal (for fcgi: need nginx config)
+    protos="$protos https"
+fi
+
+for proto in $protos; do
+    for enable in true false; do    
+	new "http-data proto:$proto enabled:$enable"
+	testrun $proto $enable
+    done
+done
+
+# unset conditional parameters
+unset RCPROTO
+unset RESTCONFIG
 
 rm -rf $dir
 

test/test_restconf.sh

@@ -534,6 +534,7 @@ function testrun()
     fi
 }
 
+protos=
 # Go thru all combinations of IPv4/IPv6, http/https, local/backend config
 if [ "${WITH_RESTCONF}" = "fcgi" ]; then
     protos="http"
@@ -541,7 +542,7 @@ elif ${HAVE_HTTP1}; then
     protos="http"    # No plain http for http/2 only
 fi
 if [ "${WITH_RESTCONF}" = "native" ]; then
-    # http only relevant for internal (for fcgi: need nginx config)
+    # https only relevant for internal (for fcgi: need nginx config)
     protos="$protos https"
 fi
 for proto in $protos; do