summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* #915 fix "response too large" error pathJavier Sánchez Parra2021-04-191-12/+9
| | | | | Otherwise, ogServer sends "200 OK" after a "500 Internal Server Error error" response.
* #915 validate response json sizeJavier Sánchez Parra2021-04-191-15/+65
| | | | | | | | Otherwise, copying response json to response buffer could lead to stack smashing is the json response is too large. stdout example: *** stack smashing detected ***: <unknown> terminated
* #971 Remove sql bottleneck when removing software profilesJose M. Guisado2021-04-161-13/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Several universities have reported that creating a software profile hangs the machine running the ogServer for a while, sometimes up to minutes. Legacy SQL code is producing said bottleneck, responsible for pruning a intermediate table between "perfilessoft" and "softwares". There is redundant code, "perfilssoft" should be pruned first, speeding up the later task of pruning the intermediate table "perfilessoft_softwares" There is no need to execute: DELETE FROM perfilessoft_softwares WHERE idperfilsoft IN ( SELECT idperfilsoft FROM perfilessoft WHERE idperfilsoft NOT IN ( SELECT DISTINCT idperfilsoft from ordenadores_particiones) AND idperfilsoft NOT IN ( SELECT DISTINCT idperfilsoft from imagenes)) When afterwards "perfilessoft" is going to be pruned and "perfilessoft_softwares" pruned again: DELETE FROM perfilessoft WHERE idperfilsoft NOT IN (SELECT DISTINCT idperfilsoft from ordenadores_particiones) AND idperfilsoft NOT IN (SELECT DISTINCT idperfilsoft from imagenes) DELETE FROM perfilessoft_softwares WHERE idperfilsoft NOT IN (SELECT idperfilsoft from perfilessoft) The two latter commands suffice. This should not happen when using a relational database supporting foreign keys and ON DELETE CASCADE, like innoDB, which will be adopted soon.
* schedule: fix daylight saving problem with mktime()Jose M. Guisado2021-04-121-0/+3
| | | | | | | | | | | | | | | | | mktime modifies the struct tm it receives and takes into account whether DST is active or not (tm_isdst). tm_isdst == 0 adjusts the time, which causes the time mismatch error. All fields are being initialized to 0 and therefore it is assumed that the time that has been passed is not in daylight saving time. When the value is negative in tm.tm_isdst it delegates to mktime to guess if it is in daylight saving time or not, this works 99% of the time. Best way would be that ogserver knows what is its timezone and when daylight saving applies, so tm_isdst is set to 0 or 1 accordingly. Meanwhile, "tm_isdst = -1" provides the hotfix.
* #915 Add /center/add POST methodJose M. Guisado2021-04-082-0/+85
| | | | | | | | | Adds POST method to add centers (organizational unit), required payload parameter is the name, and an additional comment is optional. {"name": "ACME"} {"name": "ACME", "comment": "Some comment"}
* #915 Avoid duplicate db entries in /create/imagev1.2.0Jose M. Guisado2021-04-061-0/+18
| | | | | | | | | | /create/image adds an entry to the database for the given partition image created when payload contains a "description" attribute. This insertion into the database is lacking a check for duplicates, which are not supported for the images table. Add a prior duplicate check before inserting. Exit with -1 code if an image with the same name is found.
* #915 Add GET /oglive/test REST API functionJavier Sánchez Parra2021-04-052-0/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This function returns the installed and available ogLiveS in the server to be booted from. Request: GET /oglive/list NO BODY Response 200 OK { "oglive": [ { "distribution": "bionic", "kernel": "5.4.0-40-generic", "architecture": "amd64", "revision": "r20200629", "directory": "ogLive-5.4.0-r20200629", "iso": "ogLive-bionic-5.4.0-40-generic-amd64-r20200629.85eceaf.iso" }, { "distribution": "bionic", "kernel": "5.0.0-27-generic", "architecture": "amd64", "revision": "r20190830", "directory": "ogLive-5.0.0-r20190830", "iso": "ogLive-bionic-5.0.0-27-generic-amd64-r20190830.7208cc9.iso" } ], "default": 0 } This commit also adds tests for GET /oglive/test.
* #1004 Add GET /images testDiego Crespo Quinta2021-03-302-1/+26
| | | | Fix incorrect error if json is missing.
* #990 fix crash in wol with malformed IP addressOpenGnSys Support Team2021-03-301-1/+4
| | | | | | | | | | | | | | | | | | ==28831== 1 errors in context 1 of 2: ==28831== Invalid read of size 1 ==28831== at 0x55AC6FD: inet_aton (inet_addr.c:127) ==28831== by 0x10ECCA: WakeUp (ogAdmServer.c:337) ==28831== by 0x10EED6: Levanta (ogAdmServer.c:292) ==28831== by 0x11651E: og_cmd_wol (rest.c:498) ==28831== by 0x11651E: og_client_state_process_payload_rest (rest.c:3970) ==28831== by 0x110CF3: og_client_read_cb (core.c:143) ==28831== by 0x4E41D72: ev_invoke_pending (in /usr/lib/x86_64-linux-gnu/libev.so.4.0.0) ==28831== by 0x4E453DD: ev_run (in /usr/lib/x86_64-linux-gnu/libev.so.4.0.0) ==28831== by 0x10E3E5: ev_loop (ev.h:835) ==28831== by 0x10E3E5: main (main.c:100) ==28831== Address 0x0 is not stack'd, malloc'd or (recently) free'd Use number of matching ip addresses in the database, skip if zero.
* Fix GET /hardware test urlDiego Crespo Quinta2021-03-231-2/+2
|
* #1004 update size to 64-bitsOpenGnSys Support Team2021-03-191-1/+1
| | | | Otherwise dbi_result_get_uint returns 0.
* #971 check for NULL serial numberOpenGnSys Support Team2021-03-191-1/+1
| | | | ogclient might return an empty serial number.
* #990 Use lab netmask to calculate broadcast addressJavier Sánchez Parra2021-03-171-6/+15
| | | | | | | | | | | | ogServer gets netmask address from computer (ordenadores) table, see commit a35b7c4. Netmask field is empty in most cases, is only filled when the user adds computers with dhcpd.conf syntax and cannot be edited in computer properties view. Labs/rooms (aulas) table also have netmask field, WebConsole backend ensures it is not empty and can be edited in lab properties view. Get netmask from labs table to ensure it is not empty.
* #990 incorrect inet_aton() error checkOpenGnSys Support Team2021-03-171-2/+2
| | | | inet_aton() reports 0 on failure
* #997 Fix og_tm_hours_maskJose M. Guisado2021-03-151-2/+2
| | | | | | | | | | | | | | | | | | Tests for e68fefe were made after 00pm (12:00) so we did not cover <12:00 cases for immediate commands that are logged (scheduled for the exact moment they are processed and ignored the fact they are stale so they are executed right away) In addition, libdbi was complaining about the data type used to represent the hours, they were not being inserted properly. From syslog: failed to query database (og_dbi_schedule_create:3288) 1264: Out of range value for column 'horas' at row 1 Fix og_tm_hours_mask so <12:00 immediate schedule is handled correctly. Change return type to uint16_t, as the 'hours' column type is smallint(4) Fixes e68fefe ("#997 Set stale check flag when processing schedule/create")
* #997 Use stale check flag in schedule/updateJose M. Guisado2021-03-151-1/+19
| | | | | | | | | | | | | Commit e68fefe introduced 'check_stale' flag to better distinguish real scheduled actions that do not execute if they are stale from immediate actions that we want them to be logged in the action queue (by creating a decoy schedule for the exact moment they are processed, meaning that we ignore if the are stale). Add this feature into schedule update too, in order to avoid executing stale commands that were not meant to, ie. real scheduled commands. Follows e68fefe ("Set stale check flag when processing schedule/create")
* #942 return error if API REST parser failsOpenGnSys Support Team2021-03-151-38/+29
| | | | | Return error if json parser fails, ignore unknown json attributes. Missing uninitialized error value.
* #997 Remove unnecessary strdup in og_dbi_queue_*Jose M. Guisado2021-03-111-2/+2
| | | | | | | | | | | | | | | | | | | | | | | After executing an scheduled command/proc/task valgrind reported leaks inside og_dbi_queue_{command,procedure,task}. String duplication is not being freed after using them. ==21281== 36 bytes in 1 blocks are definitely lost in loss record 470 of 592 ... ==21281== by 0x113DCB: og_dbi_queue_procedure (rest.c:2748) ==21281== by 0x113F91: og_dbi_queue_task (rest.c:2804) ==21281== by 0x114392: og_schedule_run (rest.c:2916) ==21281== by 0x112059: og_agent_timer_cb (schedule.c:441) ... ==21281== by 0x10E2A5: main (main.c:100) These strdup are not necessary because the dbi result is not freed before using them, it's safe to use the dbi result's reference to this string. Fix previous memleaks when executing scheduled commands, procedures and tasks.
* #997 Set stale check flag when processing schedule/createJose M. Guisado2021-03-113-11/+78
| | | | | | | | | | | If you schedule a command in the past, the scheduler executes such command immediately. When expanding a schedule that result in commands that run weekly, commands in the past are also executed, which is not expected. Fix this by using the check_stale flag (formerly on_start) so commands in the past that result from expansions are skipped.
* #1004 Fix memleak in og_cmd_imagesJose M. Guisado2021-02-241-1/+1
| | | | | | | | | | image_json object is created to store the json representation of an image returned by the database. This object is going to be appended to a json list that will compose the overall root json object. Use json_array_append_new to let "images" steal the reference of image_json so when further decref(root) there is no json reference hanging around.
* #942 memleak in og_send_request()OpenGnSys Support Team2021-02-231-0/+2
|
* #980 memleak in json ogclient pathOpenGnSys Support Team2021-02-231-0/+1
|
* #942 memleak in error pathOpenGnSys Support Team2021-02-231-87/+172
| | | | | | Fix memleaks in error path. json_decref() checks for null objects.
* #915 Fix big request testJavier Sánchez Parra2021-02-231-4/+2
| | | | | ogServer now responses with "413 Payload Too Large" when the payload is too large.
* #915 Add Valgrind to python testsJavier Sánchez Parra2021-02-231-3/+10
| | | | | ogServer has some memory bugs we want to solve and avoid in the future. Run ogServer with Valgrind to help us find those errors.
* #990 Fix og_cmd_wol memory leakJose M. Guisado2021-02-231-0/+6
| | | | | | | Allocated strings using dbi_result_get_string_copy are not being freed after using them. This patch fix this memory leak. Fixes: e4cb91b ("#990 wol: migrate mac and netmask query to ogServer")
* #1019 UAF in schedule runOpenGnSys Support Team2021-02-231-1/+4
| | | | Otherwise accessing IP address results in use-after-free.
* #915 Fix test POST /wolJavier Sánchez Parra2021-02-231-2/+2
| | | | | | | Commit e4cb91b changed MAC and netmask retrieving, now ogServer take these addresses from the database instead of from the JSON. Remove MAC and netmask from the JSON body.
* #1019 Fix queued Wake on LANJavier Sánchez Parra2021-02-221-0/+28
| | | | | | | | | | | | | UMA and UPV report that Wake on LAN command (in queue mode) does not work. We improved WoL command, now ogServer calculates the broadcast address of the network to which the client belongs. To calculate this address ogServer needs the IP and the netmask of the client. We updated ogServer to retrieve the netmask from the database in non-queue mode, but we forgot to add this in queue mode. This patch adds netmask retrieving to queued WoL.
* #990 wol: migrate mac and netmask query to ogServerJose M. Guisado2021-02-151-69/+41
| | | | | | | | | | | | | ogServer WoL rest function is expecting ip, mac and netmask from the request's payload. This makes the client responsible for providing such data. ogServer should be the owner of the database, this patch adjusts the parameter expected in a request payload for /wol action so clients only need to provide the ips and wol type (broadcast, unicast). Database is expected to contain valid data for the netmask and mac of target computers.
* #915 refresh SQL schemaOpenGnSys Support Team2021-02-091-4/+4
| | | | Bring updates from opengnsys repository.
* #1004 Fix client setup disk size showing as 0Jose M. Guisado2021-02-091-2/+2
| | | | | | | | | | | | og_cmd_get_client_setup is querying the database for computers disk setup information. This includes the size of a disk or a partition, which are stored as BIGINT in the database. Using dbi_result_get_int will result in an error as libdbi expects to store this kind of data type in a long long instead of an int. Fix disk size variable declaration and use the correct dbi_result_get function for this particular data column.
* #1019 Fix setup legacy string parserJavier Sánchez Parra2021-02-081-3/+8
| | | | | | | | | | | | UMA reports that the setup command (in queue mode) does not work. WebConsole stores queued commands in the database using the deprecated SocketHidra legacy string format and ogServer parses them with sscanf(). The setup command has a new field "ttp" since commit 0dd3edd, however, the ogServer legacy parser was not updated to use this new field. This patch adds legacy setup support to work with GPT tables. Add new field table type to legacy setup that expects a string with "MSDOS" or "GPT".
* #1019 Fix restore-image legacy string parserJavier Sánchez Parra2021-02-081-1/+2
| | | | | | | | | | | | UMA reports that the restore image command (in queue mode) does not work, the non-queue mode works fine though. WebConsole stores queued commands in the database using the deprecated SocketHidra legacy string format and ogServer parses them with sscanf(). The restore-image command has the field "ptc" which stores a string with whitespaces, however, ogServer expects no whitespaces ("%s"). Update parser to read until carriage return, whitespaces included.
* #1021 remove LOG_DEBUG syslogOpenGnSys Support Team2021-02-041-20/+0
| | | | | | | Some distros enable *.* in syslog.conf to add all logging information to /var/log/syslog. The existing LOG_DEBUG syslog() entries that ogserver generates fill up the log files very quickly. Remove most of the LOG_DEBUG syslog() calls.
* #1022 increase maximum API REST request sizeOpenGnSys Support Team2021-02-042-2/+2
| | | | | Software inventory generates a request larger that 64 Kbytes. Rise the maximum API REST request size to 128 Kbytes.
* #802 add uefi folder for post_modes pxe template lookupJose M. Guisado2021-01-131-3/+13
| | | | | | | | | | | | | | | | | | | | | When executing og_cmd_post_modes ogServer is looking up for the template related to the mode coming as a parameter. This lookup is only done for the bios boot mode. (ie. /opt/opengnsys/tftpboot/menu.lst/templates/) Templates can be created for a given boot mode, for example you can create a UEFI-only template (it. /opt/opengnsys/tftpboot/grub/templates). When a UEFI only template was coming as a parameter to og_cmd_post_modes the file can't be located because the UEFI template folder is never tested. Add UEFI folder to the lookup of pxe templates, try this folder if bios mode fails. PS: Later on a bash script "setclientmode" is to be executed, which will take its own way of updating these pxe files (ie. templates/../), this script updates every boot mode if an available template is found.
* #915 add test POST /client/deleteIsabel Arrans2020-12-171-0/+25
|
* #915 Fix GET /software testDiego Crespo Quinta2020-12-151-1/+1
|
* #915 Fix test POST /client/addIsabel Arrans2020-12-151-6/+21
|
* #915 Fix GET /client/info testIsabel Arrans2020-12-151-1/+9
|
* #915 Add GET /software testDiego Crespo Quinta2020-12-122-5/+32
|
* #915 Add GET /hardware testDiego Crespo Quinta2020-12-122-3/+25
|
* #915 Test for GET /client/info and POST /client/addIsabel Arrans2020-12-112-0/+56
|
* #1010 Fix /software missing body in queued modeJavier Sánchez Parra2020-12-021-1/+16
| | | | | | ogServer do not send /software parameters to ogClient in queued mode. Add parameters as JSON body.
* #1010 Adapt ogServer to send GET /softwareJavier Sánchez Parra2020-12-021-1/+1
| | | | | | ogClient changed /software from POST to GET. Adapt ogServer to work with ogClient /software new method.
* #915 Add POST /mode testDiego Crespo Quinta2020-12-021-0/+30
|
* #915 Fix POST /setup testDiego Crespo Quinta2020-12-021-0/+1
| | | | Add new type field to json.
* #915 Test GET /scopesDiego Crespo Quinta2020-12-012-0/+30
| | | | And fix ogserver, report error if GET /scopes have a JSON body.
* #1008 Add support to work with GPT tablesJavier Sánchez Parra2020-11-271-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | ogServer /setup do not support to indicate which table type the user want to use. It always supposes that the partition table is MBR/MSDOS. Add ogServer support to work with GPT tables. Add new field table type to /setup that expects a string with "MSDOS" or "GPT". Example old JSON: { "clients": [...], "disk": "1", "cache": "0", "cache_size": "0", "partition_setup": [...] } Example new JSON: { "clients": [...], "type": "GPT", "disk": "1", "cache": "0", "cache_size": "0", "partition_setup": [...] }