experiments/clixon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix: Restconf service did not close when restconf config was removed

Browse source
This commit is contained in:
Olof hagsand 2021-04-09 12:34:41 +02:00
parent 15d01c58d8
commit 9f5176adf5
4 changed files with 241 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

8
apps/backend/backend_plugin_restconf.c
View file

@ -258,16 +258,14 @@ restconf_pseudo_process_commit(clicon_handle h,
/* Toggle start/stop if enable flag changed */
if ((cx = xpath_first(xtarget, NULL, "/restconf/enable")) != NULL &&
xml_flag(cx, XML_FLAG_CHANGE|XML_FLAG_ADD)){
if (clixon_process_operation(h, RESTCONF_PROCESS,
enabled?PROC_OP_START:PROC_OP_STOP, 0) < 0)
goto done;
}
else if (enabled){ /* If something changed and running, restart process */
if (transaction_dlen(xtarget) != 0 ||
transaction_alen(xtarget) != 0 ||
transaction_clen(xtarget) != 0){
if (transaction_dlen(td) != 0 ||
transaction_alen(td) != 0 ||
transaction_clen(td) != 0){
if ((cx = xpath_first(xtarget, NULL, "/restconf")) != NULL &&
xml_flag(cx, XML_FLAG_CHANGE|XML_FLAG_ADD)){
/* A restart can terminate a restconf connection (cut the tree limb you are sitting on)

4
test/lib.sh
View file

@ -72,8 +72,10 @@ testname=
# eg logging to a file: RCLOG="-l f/www-data/restconf.log"
: ${RCLOG:=}
BASENS='urn:ietf:params:xml:ns:netconf:base:1.0'
# Default netconf namespace statement, typically as placed on top-level <rpc xmlns=""
DEFAULTONLY='xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"'
DEFAULTONLY="xmlns=\"$BASENS\""
# Default netconf namespace + message-id
DEFAULTNS="$DEFAULTONLY message-id=\"42\""

112
test/test_netconf_hello.sh Executable file
View file

@ -0,0 +1,112 @@
#!/usr/bin/env bash
# Netconf Hello functionality
# See RFC6241 Sec 8.1
# For prolog, ie <?xml ..> see test_xml.sh
# Note clixon sends rpc-error back on primitive errors prior to knowing it is an rpc.
# This means that some errors for hello messages get an rpc-error back which is somewhat
# fringe to the standard.
# Magic line must be first in script (see README.md)
s="$_" ; . ./lib.sh || if [ "$s" = $0 ]; then exit 0; else return 0; fi
APPNAME=example
cfg=$dir/conf_yang.xml
tmp=$dir/tmp.x
# Use yang in example
cat <<EOF > $cfg
<clixon-config xmlns="http://clicon.org/config">
<CLICON_CONFIGFILE>$cfg</CLICON_CONFIGFILE>
<CLICON_FEATURE>ietf-netconf:startup</CLICON_FEATURE>
<CLICON_MODULE_SET_ID>42</CLICON_MODULE_SET_ID>
<CLICON_YANG_DIR>/usr/local/share/clixon</CLICON_YANG_DIR>
<CLICON_YANG_DIR>$IETFRFC</CLICON_YANG_DIR>
<CLICON_YANG_MODULE_MAIN>clixon-example</CLICON_YANG_MODULE_MAIN>
<CLICON_CLISPEC_DIR>/usr/local/lib/$APPNAME/clispec</CLICON_CLISPEC_DIR>
<CLICON_BACKEND_DIR>/usr/local/lib/$APPNAME/backend</CLICON_BACKEND_DIR>
<CLICON_BACKEND_REGEXP>example_backend.so$</CLICON_BACKEND_REGEXP>
<CLICON_NETCONF_DIR>/usr/local/lib/$APPNAME/netconf</CLICON_NETCONF_DIR>
<CLICON_RESTCONF_DIR>/usr/local/lib/$APPNAME/restconf</CLICON_RESTCONF_DIR>
<CLICON_CLI_DIR>/usr/local/lib/$APPNAME/cli</CLICON_CLI_DIR>
<CLICON_CLI_MODE>$APPNAME</CLICON_CLI_MODE>
<CLICON_SOCK>$dir/$APPNAME.sock</CLICON_SOCK>
<CLICON_BACKEND_PIDFILE>/usr/local/var/$APPNAME/$APPNAME.pidfile</CLICON_BACKEND_PIDFILE>
<CLICON_XMLDB_DIR>/usr/local/var/$APPNAME</CLICON_XMLDB_DIR>
<CLICON_MODULE_LIBRARY_RFC7895>true</CLICON_MODULE_LIBRARY_RFC7895>
</clixon-config>
EOF
new "test params: -f $cfg -- -s"
# Bring your own backend
if [ $BE -ne 0 ]; then
# kill old backend (if any)
new "kill old backend"
sudo clixon_backend -zf $cfg
if [ $? -ne 0 ]; then
err
fi
new "start backend -s init -f $cfg -- -s"
start_backend -s init -f $cfg -- -s
new "waiting"
wait_backend
fi
# Hello
new "Netconf snd hello with xmldecl"
expecteof "$clixon_netconf -qf $cfg" 0 "<?xml version=\"1.0\" encoding=\"UTF-8\"?><hello $DEFAULTNS><capabilities><capability>urn:ietf:params:netconf:base:1.1</capability></capabilities></hello>]]>]]>" '^$' '^$'
new "Netconf snd hello without xmldecl"
expecteof "$clixon_netconf -qf $cfg" 0 "<hello $DEFAULTNS><capabilities><capability>urn:ietf:params:netconf:base:1.1</capability></capabilities></hello>]]>]]>" '^$' '^$'
new "Netconf snd hello with RFC 4741 base capability"
expecteof "$clixon_netconf -qf $cfg" 0 "<?xml version=\"1.0\" encoding=\"UTF-8\"?><hello $DEFAULTNS><capabilities><capability>urn:ietf:params:netconf:base:1.0</capability></capabilities></hello>]]>]]>" '^$' '^$'
new "Netconf snd hello with wrong base capability"
expecteof "$clixon_netconf -qf $cfg" 0 "<?xml version=\"1.0\" encoding=\"UTF-8\"?><hello $DEFAULTNS><capabilities><capability>urn:ietf:params:netconf:base:1.2</capability></capabilities></hello>]]>]]>" '^$' 'Server received hello without netconf base capability urn:ietf:params:netconf:base:1.1'
# This is a case where hello error gets an rpc-error back. Not strictly correct.
new "Netconf hello with session-id is wrong"
expecteof "$clixon_netconf -qf $cfg" 0 "<?xml version=\"1.0\" encoding=\"UTF-8\"?><hello $DEFAULTNS><capabilities><session-id>42</session-id><capability>urn:ietf:params:netconf:base:1.2</capability></capabilities></hello>]]>]]>" '^<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="42"><rpc-error><error-type>protocol</error-type><error-tag>unknown-element</error-tag><error-info><bad-element>session-id</bad-element></error-info><error-severity>error</error-severity><error-message>Unrecognized hello/capabilities element</error-message></rpc-error></rpc-reply>]]>]]>$' '^$'
# When comparing protocol version capability URIs, only the base part is used, in the event any
# parameters are encoded at the end of the URI string.
new "Netconf snd hello with base capability with extra arguments"
expecteof "$clixon_netconf -qf $cfg" 0 "<?xml version=\"1.0\" encoding=\"UTF-8\"?><hello $DEFAULTNS><capabilities><capability>urn:ietf:params:netconf:base:1.1?arg=val</capability></capabilities></hello>]]>]]>" '^$' '^$'
# This is hello - shouldnt really get rpc back?
new "Netconf snd hello with wrong prefix"
expecteof "$clixon_netconf -qf $cfg" 0 "<?xml version=\"1.0\" encoding=\"UTF-8\"?><xx:hello xmlns:nc=\"urn:ietf:params:xml:ns:netconf:base:1.0\"><nc:capabilities><nc:capability>urn:ietf:params:netconf:base:1.1</nc:capability></nc:capabilities></xx:hello>]]>]]>" '^$' 'XML error: No appropriate namespace associated with prefix:xx: Bad address'
new "Netconf snd hello with prefix"
expecteof "$clixon_netconf -qf $cfg" 0 "<?xml version=\"1.0\" encoding=\"UTF-8\"?><nc:hello xmlns:nc=\"urn:ietf:params:xml:ns:netconf:base:1.0\"><nc:capabilities><nc:capability>urn:ietf:params:netconf:base:1.1</nc:capability></nc:capabilities></nc:hello>]]>]]>" '^$' '^$'
new "netconf snd + rcv hello"
expecteof "$clixon_netconf -f $cfg" 0 "<?xml version=\"1.0\" encoding=\"UTF-8\"?><hello $DEFAULTNS><capabilities><capability>urn:ietf:params:netconf:base:1.1</capability></capabilities></hello>]]>]]>" "^<hello $DEFAULTNS><capabilities><capability>urn:ietf:params:netconf:base:1.1</capability><capability>urn:ietf:params:netconf:base:1.0</capability><capability>urn:ietf:params:netconf:capability:yang-library:1.0?revision=2019-01-04&amp;module-set-id=42</capability><capability>urn:ietf:params:netconf:capability:candidate:1.0</capability><capability>urn:ietf:params:netconf:capability:validate:1.1</capability><capability>urn:ietf:params:netconf:capability:startup:1.0</capability><capability>urn:ietf:params:netconf:capability:xpath:1.0</capability><capability>urn:ietf:params:netconf:capability:notification:1.0</capability></capabilities><session-id>[0-9]*</session-id></hello>]]>]]>$" '^$'
new "Netconf snd hello with extra element"
expecteof "$clixon_netconf -qf $cfg" 0 "<hello $DEFAULTNS><capabilities><extra-element/><capability>urn:ietf:params:netconf:base:1.1</capability></capabilities></hello>]]>]]>" '^<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="42"><rpc-error><error-type>protocol</error-type><error-tag>unknown-element</error-tag><error-info><bad-element>extra-element</bad-element></error-info><error-severity>error</error-severity><error-message>Unrecognized hello/capabilities element</error-message></rpc-error></rpc-reply>]]>]]>$' '^$'
new "Netconf send rpc without hello error"
expecteof "$clixon_netconf -qf $cfg" 0 "<rpc $DEFAULTNS><get-config><source><candidate/></source></get-config></rpc>]]>]]>" "<rpc-reply $DEFAULTNS><rpc-error><error-type>rpc</error-type><error-tag>operation-failed</error-tag><error-severity>error</error-severity><error-message>Client must send an hello element before any RPC</error-message></rpc-error></rpc-reply>]]>]]>" '^$'
new "Netconf send rpc without hello w CLICON_NETCONF_HELLO_OPTIONAL"
expecteof "$clixon_netconf -qf $cfg -o CLICON_NETCONF_HELLO_OPTIONAL=true" 0 "<rpc $DEFAULTNS><get-config><source><candidate/></source></get-config></rpc>]]>]]>" "<rpc-reply $DEFAULTNS><data/></rpc-reply>]]>]]>" '^$'
if [ $BE -ne 0 ]; then
new "Kill backend"
# Check if premature kill
pid=$(pgrep -u root -f clixon_backend)
if [ -z "$pid" ]; then
err "backend already dead"
fi
# kill backend
stop_backend -f $cfg
fi
rm -rf $dir
new "endtest"
endtest

136
test/test_restconf_rpc2.sh
View file

@ -4,14 +4,18 @@
# In comparison test_restconf_rpc.sh:
# - uses externally started restconf, here started by backend
# - generic tests, here specific
# The first usecases is:
# The first usecases is: empty status message
# 1. Start a minimal restconf
# 2. Kill it externally (or it exits)
# 3. Start a server
# 4. Query status (Error message is returned)
# The second usecase is
# The second usecase is: zombie process on exit
# 1. Start server with bad address
# 2. Zombie process appears
# The third usecase is: restconf not removed
# 1. Start server
# 2. Remove server
# 3. Check status (Error: still up)
# Magic line must be first in script (see README.md)
s="$_" ; . ./lib.sh || if [ "$s" = $0 ]; then exit 0; else return 0; fi
@ -23,6 +27,7 @@ startupdb=$dir/startup_db
# Restconf debug
RESTCONFDBG=0
RCPROTO=http # no ssl here
cat <<EOF > $cfg
<clixon-config xmlns="http://clicon.org/config">
@ -58,7 +63,6 @@ module example {
}
EOF
function testrpc()
{
operation=$1
@ -77,7 +81,7 @@ $DEFAULTHELLO
EOF
)
>&2 echo "ret:$ret" # debug
# >&2 echo "ret:$ret" # debug
expect1="<pid xmlns=\"http://clicon.org/lib\">[0-9]*</pid>"
match=$(echo "$ret" | grep --null -Go "$expect1")
@ -87,7 +91,7 @@ EOF
else
pid=$(echo "$match" | awk -F'[<>]' '{print $3}')
fi
>&2 echo "pid:$pid" # debug
# >&2 echo "pid:$pid" # debug
if [ -z "$pid" ]; then
err "Running process" "$ret"
@ -109,6 +113,10 @@ EOF
sleep $DEMSLEEP
}
# FIRST usecase
new "1. Empty status message"
new "kill old restconf"
stop_restconf_pre
@ -146,8 +154,9 @@ new "netconf commit"
expecteof "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO<rpc $DEFAULTNS><commit/></rpc>]]>]]>" "^<rpc-reply $DEFAULTNS><ok/></rpc-reply>]]>]]>$"
# Get pid2
new "get pid"
pid2=$(testrpc status 1)
echo "pid:$pid2"
echo "pid2:$pid2"
new "get status 2"
ret=$($clixon_netconf -qf $cfg<<EOF
@ -167,11 +176,19 @@ if [ -z "$match" ]; then
fi
# Kill it
new "kill $pid2"
sudo kill $pid2
sleep $DEMSLEEP
# Why kill it twice?
# I should really debug this,... it happens in docker somethimes but its not the aim of the test
new "kill $pid2 again"
sudo kill $pid2
sleep $DEMSLEEP
new "Check killed"
# Ensure no pid
pid2=$(testrpc status 0)
testrpc status 0 > /dev/null
RESTCONFIG2=$(cat <<EOF
<restconf xmlns="http://clicon.org/restconf">
@ -201,7 +218,8 @@ if [ $BE -ne 0 ]; then
stop_backend -f $cfg
fi
sleep $DEMSLEEP # Lots of processes need to die before next test
# SECOND usecase
new "2. zombie process on exit"
new "kill old restconf"
stop_restconf_pre
@ -221,16 +239,13 @@ new "wait backend"
wait_backend
new "get status 1"
testrpc status 0
testrpc status 0 > /dev/null
RESTCONFIG1=$(cat <<EOF
<restconf xmlns="http://clicon.org/restconf">
<enable>true</enable>
<debug>$RESTCONFDBG</debug>
<auth-type>none</auth-type>
<server-cert-path>$srvcert</server-cert-path>
<server-key-path>$srvkey</server-key-path>
<server-ca-cert-path>$cakey</server-ca-cert-path>
<pretty>false</pretty>
<socket><namespace>default</namespace><address>221.0.0.1</address><port>80</port><ssl>false</ssl></socket>
</restconf>
@ -245,11 +260,105 @@ expecteof "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO<rpc $DEFAULTNS><commit/></
sleep $DEMSLEEP
new "Check zombies"
ret=$(ps aux|grep defunc | grep -v grep)
# NOTE unsure where zombies actually appear
ret=$(ps aux| grep clixon | grep defunc | grep -v grep)
if [ -n "$ret" ]; then
err "No zombie process" "$ret"
fi
if [ $BE -ne 0 ]; then
new "Kill backend"
# Check if premature kill
pid=$(pgrep -u root -f clixon_backend)
if [ -z "$pid" ]; then
err "backend already dead"
fi
# kill backend
stop_backend -f $cfg
fi
sleep $DEMSLEEP
new "Check zombies again"
# NOTE unsure where zombies actually appear
ret=$(ps aux| grep clixon | grep defunc | grep -v grep)
if [ -n "$ret" ]; then
err "No zombie process" "$ret"
fi
new "3. restconf not removed"
new "kill old restconf"
stop_restconf_pre
new "test params: -f $cfg"
if [ $BE -ne 0 ]; then
new "kill old backend"
sudo clixon_backend -z -f $cfg
if [ $? -ne 0 ]; then
err
fi
new "start backend -s init -f $cfg"
start_backend -s init -f $cfg
fi
new "wait backend"
wait_backend
new "get status 1"
testrpc status 0 > /dev/null
RESTCONFIG1=$(cat <<EOF
<restconf xmlns="http://clicon.org/restconf">
<enable>true</enable>
<debug>$RESTCONFDBG</debug>
<auth-type>none</auth-type>
<pretty>false</pretty>
<socket><namespace>default</namespace><address>0.0.0.0</address><port>80</port><ssl>false</ssl></socket>
</restconf>
EOF
)
new "Create server"
expecteof "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO<rpc $DEFAULTNS><edit-config><target><candidate/></target><config>$RESTCONFIG1</config></edit-config></rpc>]]>]]>" "^<rpc-reply $DEFAULTNS><ok/></rpc-reply>]]>]]>$"
new "commit create"
expecteof "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO<rpc $DEFAULTNS><commit/></rpc>]]>]]>" "^<rpc-reply $DEFAULTNS><ok/></rpc-reply>]]>]]>$"
# pid
pid1=$(testrpc status 1)
sleep $DEMSLEEP
new "Get restconf config 1"
expectpart "$(curl $CURLOPTS -X GET -H 'Accept: application/yang-data+xml' $RCPROTO://localhost/restconf/data/clixon-restconf:restconf)" 0 "HTTP/1.1 200 OK" "<restconf xmlns=\"http://clicon.org/restconf\"><enable>true</enable><auth-type>none</auth-type><debug>0</debug><pretty>false</pretty><socket><namespace>default</namespace><address>0.0.0.0</address><port>80</port><ssl>false</ssl></socket></restconf>"
# remove it
new "Delete server"
expecteof "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO<rpc $DEFAULTNS xmlns:nc=\"$BASENS\"><edit-config><target><candidate/></target><default-operation>none</default-operation><config><restconf xmlns=\"http://clicon.org/restconf\"><socket nc:operation=\"remove\"><namespace>default</namespace><address>0.0.0.0</address><port>80</port></socket></restconf></config></edit-config></rpc>]]>]]>" "^<rpc-reply $DEFAULTNS xmlns:nc=\"$BASENS\"><ok/></rpc-reply>]]>]]>$"
new "commit delete"
expecteof "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO<rpc $DEFAULTNS><commit/></rpc>]]>]]>" "^<rpc-reply $DEFAULTNS><ok/></rpc-reply>]]>]]>$"
new "Get restconf config 2"
expectpart "$(curl $CURLOPTS -X GET -H 'Accept: application/yang-data+xml' $RCPROTO://localhost/restconf/data/clixon-restconf:restconf)" 0 "HTTP/1.1 200 OK" "<restconf xmlns=\"http://clicon.org/restconf\"><enable>true</enable><auth-type>none</auth-type><debug>0</debug><pretty>false</pretty></restconf>"
pid2=$(testrpc status 1)
if [ $pid1 -ne $pid2 ]; then
err "Same pid:$pid1" "$pid2"
fi
if [ $BE -ne 0 ]; then
new "Kill backend"
# Check if premature kill
pid=$(pgrep -u root -f clixon_backend)
if [ -z "$pid" ]; then
err "backend already dead"
fi
# kill backend
stop_backend -f $cfg
fi
new "endtest"
endtest
@ -257,6 +366,7 @@ endtest
unset RESTCONFIG1
unset RESTCONFIG2
unset RESTCONFDBG
unset RCPROTO
rm -rf $dir