Skip to content

Commit

Permalink
Fix hypervisor handlers behaviour on empty and malformed requests
Browse files Browse the repository at this point in the history
  • Loading branch information
@nkryuchkov
nkryuchkov committed Jan 24, 2020
1 parent 1ee42c9 commit 72a98d9
Show file tree
Hide file tree
Showing 8 changed files with 81 additions and 27 deletions.
3 changes: 2 additions & 1 deletion pkg/app/mock_rpc_client.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

38 changes: 32 additions & 6 deletions pkg/hypervisor/hypervisor.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"encoding/hex"
"errors"
"fmt"
"io"
"math/rand"
"net"
"net/http"
Expand Down Expand Up @@ -151,7 +152,6 @@ func (m *Node) ServeHTTP(w http.ResponseWriter, req *http.Request) {

r.Get("/user", m.users.UserInfo())
r.Post("/change-password", m.users.ChangePassword())
r.Post("/exec/{pk}", m.exec())
r.Get("/nodes", m.getNodes())
r.Get("/nodes/{pk}/health", m.getHealth())
r.Get("/nodes/{pk}/uptime", m.getUptime())
Expand All @@ -172,6 +172,7 @@ func (m *Node) ServeHTTP(w http.ResponseWriter, req *http.Request) {
r.Delete("/nodes/{pk}/routes/{rid}", m.deleteRoute())
r.Get("/nodes/{pk}/loops", m.getLoops())
r.Get("/nodes/{pk}/restart", m.restart())
r.Post("/nodes/{pk}/exec", m.exec())
})
})

Expand Down Expand Up @@ -239,7 +240,12 @@ func (m *Node) exec() http.HandlerFunc {
}

if err := httputil.ReadJSON(r, &reqBody); err != nil {
httputil.WriteJSON(w, r, http.StatusBadRequest, err)
if err != io.EOF {
log.Warnf("exec request: %v", err)
}

httputil.WriteJSON(w, r, http.StatusBadRequest, ErrMalformedRequest)

return
}

Expand Down Expand Up @@ -337,7 +343,12 @@ func (m *Node) putApp() http.HandlerFunc {
}

if err := httputil.ReadJSON(r, &reqBody); err != nil {
httputil.WriteJSON(w, r, http.StatusBadRequest, err)
if err != io.EOF {
log.Warnf("putApp request: %v", err)
}

httputil.WriteJSON(w, r, http.StatusBadRequest, ErrMalformedRequest)

return
}

Expand Down Expand Up @@ -472,7 +483,12 @@ func (m *Node) postTransport() http.HandlerFunc {
}

if err := httputil.ReadJSON(r, &reqBody); err != nil {
httputil.WriteJSON(w, r, http.StatusBadRequest, err)
if err != io.EOF {
log.Warnf("postTransport request: %v", err)
}

httputil.WriteJSON(w, r, http.StatusBadRequest, ErrMalformedRequest)

return
}

Expand Down Expand Up @@ -550,7 +566,12 @@ func (m *Node) postRoute() http.HandlerFunc {
return m.withCtx(m.nodeCtx, func(w http.ResponseWriter, r *http.Request, ctx *httpCtx) {
var summary routing.RuleSummary
if err := httputil.ReadJSON(r, &summary); err != nil {
httputil.WriteJSON(w, r, http.StatusBadRequest, err)
if err != io.EOF {
log.Warnf("postRoute request: %v", err)
}

httputil.WriteJSON(w, r, http.StatusBadRequest, ErrMalformedRequest)

return
}

Expand Down Expand Up @@ -591,7 +612,12 @@ func (m *Node) putRoute() http.HandlerFunc {
return m.withCtx(m.routeCtx, func(w http.ResponseWriter, r *http.Request, ctx *httpCtx) {
var summary routing.RuleSummary
if err := httputil.ReadJSON(r, &summary); err != nil {
httputil.WriteJSON(w, r, http.StatusBadRequest, err)
if err != io.EOF {
log.Warnf("putRoute request: %v", err)
}

httputil.WriteJSON(w, r, http.StatusBadRequest, ErrMalformedRequest)

return
}

Expand Down
32 changes: 27 additions & 5 deletions pkg/hypervisor/user_manager.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"errors"
"fmt"
"io"
"net/http"
"sync"
"time"
Expand All @@ -20,10 +21,11 @@ const (

// Errors associated with user management.
var (
ErrBadBody = errors.New("ill-formatted request body")
ErrNotLoggedIn = errors.New("not logged in")
ErrNotLoggedOut = errors.New("not logged out")
ErrBadLogin = errors.New("incorrect username or password")
ErrBadSession = errors.New("session cookie is either non-existent, expired, or ill-formatted")
ErrMalformedRequest = errors.New("request format is malformed")
ErrBadUsernameFormat = errors.New("format of 'username' is not accepted")
ErrUserNotFound = errors.New("user is either deleted or not found")
)
Expand Down Expand Up @@ -77,7 +79,17 @@ func (s *UserManager) Login() http.HandlerFunc {
}

if err := httputil.ReadJSON(r, &rb); err != nil {
httputil.WriteJSON(w, r, http.StatusBadRequest, ErrBadBody)
if err != io.EOF {
log.Warnf("Login request: %v", err)
}

httputil.WriteJSON(w, r, http.StatusBadRequest, ErrMalformedRequest)

return
}

if !checkUsernameFormat(rb.Username) {
httputil.WriteJSON(w, r, http.StatusBadRequest, ErrBadUsernameFormat)
return
}

Expand Down Expand Up @@ -115,7 +127,7 @@ func (s *UserManager) Login() http.HandlerFunc {
func (s *UserManager) Logout() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if err := s.delSession(w, r); err != nil {
httputil.WriteJSON(w, r, http.StatusBadRequest, errors.New("not logged in"))
httputil.WriteJSON(w, r, http.StatusBadRequest, ErrNotLoggedIn)
return
}

Expand Down Expand Up @@ -149,7 +161,12 @@ func (s *UserManager) ChangePassword() http.HandlerFunc {
}

if err := httputil.ReadJSON(r, &rb); err != nil {
httputil.WriteJSON(w, r, http.StatusBadRequest, err)
if err != io.EOF {
log.Warnf("ChangePassword request: %v", err)
}

httputil.WriteJSON(w, r, http.StatusBadRequest, ErrMalformedRequest)

return
}

Expand Down Expand Up @@ -185,7 +202,12 @@ func (s *UserManager) CreateAccount() http.HandlerFunc {
}

if err := httputil.ReadJSON(r, &rb); err != nil {
httputil.WriteJSON(w, r, http.StatusBadRequest, err)
if err != io.EOF {
log.Warnf("CreateAccount request: %v", err)
}

httputil.WriteJSON(w, r, http.StatusBadRequest, ErrMalformedRequest)

return
}

Expand Down
13 changes: 9 additions & 4 deletions pkg/router/mock_router.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 3 additions & 2 deletions pkg/router/route_group_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,13 @@ import (
"time"

"github.com/SkycoinProject/dmsg/cipher"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"

"github.com/SkycoinProject/skywire-mainnet/pkg/routing"
"github.com/SkycoinProject/skywire-mainnet/pkg/snet/snettest"
"github.com/SkycoinProject/skywire-mainnet/pkg/snet/stcp"
"github.com/SkycoinProject/skywire-mainnet/pkg/transport"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)

func TestNewRouteGroup(t *testing.T) {
Expand Down
10 changes: 4 additions & 6 deletions pkg/router/routerclient/client_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,13 @@ import (
"net/rpc"
"testing"

"github.com/SkycoinProject/skywire-mainnet/internal/testhelpers"

"github.com/SkycoinProject/dmsg/cipher"
"github.com/SkycoinProject/skywire-mainnet/pkg/routing"

"github.com/SkycoinProject/skywire-mainnet/pkg/router"

"github.com/stretchr/testify/require"
"golang.org/x/net/nettest"

"github.com/SkycoinProject/skywire-mainnet/internal/testhelpers"
"github.com/SkycoinProject/skywire-mainnet/pkg/router"
"github.com/SkycoinProject/skywire-mainnet/pkg/routing"
)

func TestClient_Close(t *testing.T) {
Expand Down
1 change: 1 addition & 0 deletions pkg/visor/rpc_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"time"

"github.com/SkycoinProject/skycoin/src/util/logging"

"github.com/SkycoinProject/skywire-mainnet/internal/testhelpers"
"github.com/SkycoinProject/skywire-mainnet/pkg/router"
"github.com/SkycoinProject/skywire-mainnet/pkg/util/pathutil"
Expand Down
6 changes: 3 additions & 3 deletions vendor/golang.org/x/net/nettest/conntest.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 72a98d9

Please sign in to comment.