- Added netconf to fuzz

- Restconf internal start more robust
- Restconf fcgi fix

apps/restconf/restconf_main_fcgi.c

@@ -370,9 +370,7 @@ main(int    argc,
      */
     if (netconf_module_features(h) < 0)
 	goto done;
-    /* In case ietf-yang-metadata is loaded by application, handle annotation extension */
-    if (yang_metadata_init(h) < 0)
-	goto done;
+
     /* Create top-level yang spec and store as option */
     if ((yspec = yspec_new()) == NULL)
 	goto done;
@@ -380,7 +378,9 @@ main(int    argc,
     /* Initialize plugin module by creating a handle holding plugin and callback lists */
     if (clixon_plugin_module_init(h) < 0)
 	goto done;
-    
+    /* In case ietf-yang-metadata is loaded by application, handle annotation extension */
+    if (yang_metadata_init(h) < 0)
+	goto done;    
     /* Load restconf plugins before yangs are loaded (eg extension callbacks) */
     if ((dir = clicon_restconf_dir(h)) != NULL)
 	if (clixon_plugins_load(h, CLIXON_PLUGIN_INIT, dir, NULL) < 0)

configure

@@ -1381,7 +1381,6 @@ Optional Packages:
   --with-restconf=native  Integration with embedded web server (DEFAULT)
   --with-restconf=fcgi    FCGI interface for stand-alone web rev-proxy eg
                           nginx (default)
-  --with-restconf=native  Integrate restconf with embedded http server
   --without-restconf      Disable restconf altogether
   --with-configfile=FILE  Set default path to config file
   --with-libxml2          Use gnome/libxml2 regex engine
@@ -5405,12 +5404,6 @@ if test "${with_restconf+set}" = set; then :
 fi
 
 
-# Check whether --with-restconf was given.
-if test "${with_restconf+set}" = set; then :
-  withval=$with_restconf;
-fi
-
-
 # Set default config file location
 CLIXON_DEFAULT_CONFIG=/usr/local/etc/clixon.xml
 

configure.ac

@@ -275,8 +275,6 @@ fi
 # These are dummies just to get the help strings right
 AC_ARG_WITH([restconf],
 	AS_HELP_STRING([--with-restconf=fcgi],[FCGI interface for stand-alone web rev-proxy eg nginx (default)]))
-AC_ARG_WITH([restconf],
-            AS_HELP_STRING([--with-restconf=native],[Integrate restconf with embedded http server]))
 AC_ARG_WITH([restconf],
 	    AS_HELP_STRING([--without-restconf],[Disable restconf altogether]))
 

fuzz/netconf/README.md

@@ -0,0 +1,30 @@
+# Clixon fuzzing
+
+This dir contains code for fuzzing clixon netconf.
+
+## Prereqs
+
+Install AFL, see [..](..)
+
+Build and install a clixon system (in particular the backend, the netconf will be replaced)
+
+## Build
+
+Build clixon netconf statically with the afl-clang compiler:
+```
+  CC=/usr/bin/afl-clang-fast LINKAGE=static ./configure # Dont care about restconf
+  make clean
+  cd apps/netconf
+  make clixon_netconf
+  sudo make install
+```
+
+## Run tests
+
+Run the script `runfuzz.sh` to run one test with a cli spec and an input string, eg:
+```
+  ./runfuzz.sh
+```
+
+After (or during) the test, investigate results in the output dir.
+

fuzz/netconf/input/1.xml

@@ -0,0 +1 @@
+<rpc><edit-config><target><candidate/></target><config><hello xmlns="urn:example:hello"><world/></hello></config></edit-config></rpc>]]>]]>

fuzz/netconf/input/2.xml

@@ -0,0 +1 @@
+<rpc><commit/></rpc>]]>]]>

fuzz/netconf/input/3.xml

@@ -0,0 +1 @@
+<rpc><get-config><source><running/></source></get-config></rpc>]]>]]>

fuzz/netconf/runfuzz.sh

@@ -0,0 +1,52 @@
+#!/usr/bin/env bash
+# Run a fuzzing test using american fuzzy lop
+set -eux
+
+if [ $# -ne 0 ]; then 
+    echo "usage: $0\n"
+    exit 255
+fi
+
+APPNAME=example
+cfg=conf.xml
+
+cat <<EOF > $cfg
+<clixon-config xmlns="http://clicon.org/config">
+  <CLICON_CONFIGFILE>$cfg</CLICON_CONFIGFILE>
+  <CLICON_FEATURE>*:*</CLICON_FEATURE>
+  <CLICON_YANG_DIR>/usr/local/share/clixon</CLICON_YANG_DIR>
+  <CLICON_YANG_MODULE_MAIN>clixon-example</CLICON_YANG_MODULE_MAIN>
+  <CLICON_SOCK>/usr/local/var/example/example.sock</CLICON_SOCK>
+  <CLICON_BACKEND_PIDFILE>/usr/local/var/$APPNAME/$APPNAME.pidfile</CLICON_BACKEND_PIDFILE>
+  <CLICON_XMLDB_DIR>/usr/local/var/$APPNAME</CLICON_XMLDB_DIR>
+  <CLICON_STARTUP_MODE>init</CLICON_STARTUP_MODE>
+  <CLICON_MODULE_LIBRARY_RFC7895>false</CLICON_MODULE_LIBRARY_RFC7895>
+  <CLICON_CLISPEC_DIR>/usr/local/lib/$APPNAME/clispec</CLICON_CLISPEC_DIR>
+  <CLICON_CLI_DIR>/usr/local/lib/$APPNAME/cli</CLICON_CLI_DIR>
+  <CLICON_CLI_MODE>$APPNAME</CLICON_CLI_MODE>
+  <CLICON_CLI_GENMODEL_COMPLETION>1</CLICON_CLI_GENMODEL_COMPLETION>
+  <CLICON_CLI_GENMODEL_TYPE>VARS</CLICON_CLI_GENMODEL_TYPE>
+  <CLICON_CLI_AUTOCLI_EXCLUDE>clixon-restconf</CLICON_CLI_AUTOCLI_EXCLUDE>
+  <CLICON_CLI_LINESCROLLING>0</CLICON_CLI_LINESCROLLING>
+  <CLICON_CLI_TAB_MODE>0</CLICON_CLI_TAB_MODE>
+</clixon-config>
+EOF
+
+# Kill previous
+sudo clixon_backend -z -f $cfg -s init 
+
+# Start backend
+sudo clixon_backend -f $cfg -s init
+
+MEGS=500 # memory limit for child process (50 MB)
+
+# remove input and input dirs
+#test ! -d input || rm -rf input
+test ! -d output || rm -rf output
+
+# create if dirs dont exists
+#test -d input || mkdir input
+test -d output || mkdir output
+
+# Run script 
+afl-fuzz -i input -o output -m $MEGS -- clixon_netconf -f $cfg

fuzz/netconf/xml.dict

@@ -0,0 +1,72 @@
+#
+# AFL dictionary for XML
+# ----------------------
+#
+# Several basic syntax elements and attributes, modeled on libxml2.
+#
+# Created by Michal Zalewski <lcamtuf@google.com>
+#
+
+attr_encoding=" encoding=\"1\""
+attr_generic=" a=\"1\""
+attr_href=" href=\"1\""
+attr_standalone=" standalone=\"no\""
+attr_version=" version=\"1\""
+attr_xml_base=" xml:base=\"1\""
+attr_xml_id=" xml:id=\"1\""
+attr_xml_lang=" xml:lang=\"1\""
+attr_xml_space=" xml:space=\"1\""
+attr_xmlns=" xmlns=\"1\""
+
+entity_builtin="&lt;"
+entity_decimal="&#1;"
+entity_external="&a;"
+entity_hex="&#x1;"
+
+string_any="ANY"
+string_brackets="[]"
+string_cdata="CDATA"
+string_col_fallback=":fallback"
+string_col_generic=":a"
+string_col_include=":include"
+string_dashes="--"
+string_empty="EMPTY"
+string_empty_dblquotes="\"\""
+string_empty_quotes="''"
+string_entities="ENTITIES"
+string_entity="ENTITY"
+string_fixed="#FIXED"
+string_id="ID"
+string_idref="IDREF"
+string_idrefs="IDREFS"
+string_implied="#IMPLIED"
+string_nmtoken="NMTOKEN"
+string_nmtokens="NMTOKENS"
+string_notation="NOTATION"
+string_parentheses="()"
+string_pcdata="#PCDATA"
+string_percent="%a"
+string_public="PUBLIC"
+string_required="#REQUIRED"
+string_schema=":schema"
+string_system="SYSTEM"
+string_ucs4="UCS-4"
+string_utf16="UTF-16"
+string_utf8="UTF-8"
+string_xmlns="xmlns:"
+
+tag_attlist="<!ATTLIST"
+tag_cdata="<![CDATA["
+tag_close="</a>"
+tag_doctype="<!DOCTYPE"
+tag_element="<!ELEMENT"
+tag_entity="<!ENTITY"
+tag_ignore="<![IGNORE["
+tag_include="<![INCLUDE["
+tag_notation="<!NOTATION"
+tag_open="<a>"
+tag_open_close="<a />"
+tag_open_exclamation="<!"
+tag_open_q="<?"
+tag_sq2_close="]]>]]>"
+tag_xml_q="<?xml?>"

lib/src/clixon_yang_module.c

@@ -763,6 +763,7 @@ yang_metadata_annotation_check(cxobj     *xa,
 
 /*! In case ietf-yang-metadata is loaded by application, handle annotation extension 
  * Consider moving fn
+ * Must be called after clixon_plugin_module_init
  */
 int
 yang_metadata_init(clicon_handle h)

test/test_restconf_internal.sh

@@ -491,9 +491,6 @@ new "kill restconf"
 sleep $DEMSLEEP
 stop_restconf
 
-new "Start backend with wrong restconf bindir"
-expectpart "$(sudo $clixon_backend -Fs init -f $cfg -l o -o CLICON_RESTCONF_INSTALLDIR=/usr/local/xxxx)" 255 "FATAL: /usr/local/xxxx/clixon_restconf" "No such file or directory"
-
 new "endtest"
 endtest