experiments/clixon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

restconf: removed try to reply on http on https error, fails on openssl 3

Browse source 
test: pipe background restconf to /dev/null
This commit is contained in:
Olof hagsand 2022-09-02 19:43:05 +02:00
parent 2eb9c6cda1
commit 71fc85af0b
3 changed files with 10 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

7
apps/restconf/restconf_native.c
View file

@ -409,6 +409,7 @@ native_buf_write(clicon_handle h,
usleep(10000); usleep(10000);
continue; continue;
break; break;
// case EBADF: // XXX if this happens there is some larger error
case ECONNRESET: /* Connection reset by peer */ case ECONNRESET: /* Connection reset by peer */
case EPIPE: /* Broken pipe */ case EPIPE: /* Broken pipe */
if (restconf_connection_close(h, s, rsock) < 0) if (restconf_connection_close(h, s, rsock) < 0)
@ -1159,11 +1160,6 @@ restconf_ssl_accept_client(clicon_handle h,
switch (e){ switch (e){
case SSL_ERROR_SSL: /* 1 */ case SSL_ERROR_SSL: /* 1 */
clicon_debug(1, "%s SSL_ERROR_SSL (non-ssl message on ssl socket)", __FUNCTION__); clicon_debug(1, "%s SSL_ERROR_SSL (non-ssl message on ssl socket)", __FUNCTION__);
#if 1
if (native_send_badrequest(h, rc->rc_s, NULL, "application/yang-data+xml",
"<errors xmlns=\"urn:ietf:params:xml:ns:yang:ietf-restconf\"><error><error-type>protocol</error-type><error-tag>malformed-message</error-tag><error-message>The plain HTTP request was sent to HTTPS port</error-message></error></errors>", rc->rc_socket) < 0)
goto done;
#endif
SSL_free(rc->rc_ssl); SSL_free(rc->rc_ssl);
rc->rc_ssl = NULL; rc->rc_ssl = NULL;
if (restconf_connection_close(h, rc->rc_s, rc->rc_socket) < 0) if (restconf_connection_close(h, rc->rc_s, rc->rc_socket) < 0)
@ -1274,6 +1270,7 @@ restconf_ssl_accept_client(clicon_handle h,
* continue to http/1 or http/2 handling * continue to http/1 or http/2 handling
* @see restconf_connection_sanity * @see restconf_connection_sanity
*/ */
} }
#endif #endif
#if 0 /* debug */ #if 0 /* debug */

3
test/lib.sh
View file

@ -569,7 +569,7 @@ function wait_backend(){
function start_restconf(){ function start_restconf(){
# Start in background # Start in background
echo "sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG $*" echo "sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG $*"
sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG $* & sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG $* </dev/null &>/dev/null &
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
err1 "expected 0" "$?" err1 "expected 0" "$?"
fi fi
@ -989,7 +989,6 @@ EOF
# clixon tester read from file for large tests # clixon tester read from file for large tests
# Arguments: # Arguments:
# - Command # - Command
# - Expected retval
# - Filename to pipe to stdin # - Filename to pipe to stdin
# - expected stdout outcome # - expected stdout outcome
function expecteof_file(){ function expecteof_file(){

10
test/test_restconf.sh
View file

@ -155,7 +155,7 @@ function testrun()
new "start restconf daemon" new "start restconf daemon"
# inline of start_restconf, cant make quotes to work # inline of start_restconf, cant make quotes to work
echo "sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG -f $cfg -R $RESTCONFIG1" echo "sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG -f $cfg -R $RESTCONFIG1"
sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG -f $cfg -R "$RESTCONFIG1" & sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG -f $cfg -R "$RESTCONFIG1" </dev/null &>/dev/null &
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
err1 "expected 0" "$?" err1 "expected 0" "$?"
fi fi
@ -206,8 +206,12 @@ function testrun()
expectpart "$(curl $CURLOPTS -X GET https://$addr:80/.well-known/host-meta 2>&1)" 35 #"wrong version number" # dependent on curl version expectpart "$(curl $CURLOPTS -X GET https://$addr:80/.well-known/host-meta 2>&1)" 35 #"wrong version number" # dependent on curl version
else # see (1) http to https port in restconf_main_native.c else # see (1) http to https port in restconf_main_native.c
new "Wrong proto=http on https port, expect bad request" new "Wrong proto=http on https port, expect bad request"
expectpart "$(curl $CURLOPTS -X GET http://$addr:443/.well-known/host-meta)" 0 "HTTP/" "400" expectpart "$(curl $CURLOPTS -X GET http://$addr:443/.well-known/host-meta 2>&1)" 56 "Connection reset by peer"
# expectpart "$(curl $CURLOPTS -X GET http://$addr:443/.well-known/host-meta 2>&1)" 56 "Connection reset by peer" # An effort to return an HTTP error on HTTPS socket, but it breaks other
# error cases, more stable is to just close the socket, but
# curl gets an error code instead, see ^
# expectpart "$(curl $CURLOPTS -X GET http://$addr:443/.well-known/host-meta)" 0 "HTTP/" "400"
fi fi
#------------------------------------------------------- HTTP/2 ONLY #------------------------------------------------------- HTTP/2 ONLY