- 12 Feb, 2007 3 commits
-
-
Leigh B. Stoller authored
register_globals=1 to turn POST/GET/COOKIES arguments in local variables. This is known to be a terrible security risk, and we keep saying we are going to fix it, and now I am. In order to accomplish this on a transitional basis (since I don't want the entire web interface to stop working while I debug it), and because the code just needs the cleanup, I am doing it like this: Each page will sport new declarations at the top: RequiredPageArguments("experiment", PAGEARG_EXPERIMENT, "template", PAGEARG_TEMPLATE, "instance", PAGEARG_INSTANCE, "metadata", PAGEARG_METADATA, "osinfo", PAGEARG_OSINFO, "image", PAGEARG_IMAGE, "project", PAGEARG_PROJECT, "group", PAGEARG_GROUP, "user", PAGEARG_USER, "node", PAGEARG_NODE, "yesno", PAGEARG_BOOLEAN, "message", PAGEARG_STRING, "age", PAGEARG_INTEGER, "cost", PAGEARG_NUMERIC, "formfields", PAGEARG_ARRAY, "unknown", PAGEARG_ANYTHING); OptionalPageArguments("canceled", PAGEARG_BOOLEAN); The first token in each pair is the name of the global variable to set, and the second token is the type. So, for "experiment" we look at the URL for a pid/eid or exptidx, etc, sanity check them (safe for a DB query), and then try to find that experiment in the DB. If it maps to an experiment, set global variable $experiment to the object. Since its a required argument, produce an error if not supplied. Similar treatment for optional arguments, with the obvious difference. The goal is to have ALL argument processing in one place, consistent, and correct. I've found numerous places where we leak unchecked arguments into queries. It also cuts out a lot of duplicated code. * To make the above easier to deal with, I've been replacing lots of hardcoded URLS in the code of the form: foo.php3?pid=$pid&eid=$eid ... with CreateURL("foo", $experiment) which creates and returns the neccessary url string, by looking at the type of its arguments (experiment, template, instance, etc.) Eventually plan to replace them all so that URL handling throughout the code is all defined in one place (all the new URL code is in url_defs.php). * I have cranked up error reporting to tell me anytime a variable is used before it is initialized, plus a bunch of other stuff that PHP deems improper. Think of it like -Wall ... and boy we get a lot of warnings. A very large percentage of the diffs are to fix all these warnings. The warnings are currently going to /usr/testbed/log/php-errors.log, and I'll be adding a script to capture them each night and mail them to tbops. This file also gets errors (this will be a change for developers; rather then seeing errors and warnings dumped in the middle of web pages, they will go to this file instead). * Major refactoring of the code. More objects (nodes, images, osids). Moving tons of queries into the objects in the hopes of someday getting to a point where we can split the web interface onto a different server. Lots of general cleanup.
-
Dan Gebhardt authored
This file was used for "human reference" when comparing to the nodes Emulab knows about.
-
Leigh B. Stoller authored
-
- 10 Feb, 2007 1 commit
-
-
David Johnson authored
-
- 09 Feb, 2007 2 commits
-
-
David Johnson authored
-
Leigh B. Stoller authored
day errors to tbops. The hope is that this will annoy us enough to fix them. Runs from cron just after midnight.
-
- 08 Feb, 2007 1 commit
-
-
Jay Lepreau authored
-
- 07 Feb, 2007 10 commits
-
-
Jonathon Duerig authored
Upgraded monitor to deal with udp, udp pseudo-connections, version 3 libnetmon format, version 1 magent format, fixed timing issue, generalized the difference between sockets and connections, and others.
-
David Johnson authored
libdb.pm.in. There's a nasty little hack to deal with forks, because the underlying python mysql db module does not help us deal with them. Basically, there is no way (and I mean no way!) to close a connection in the child without actually sending a disconnect to the server... so the parent's connection gets killed too. The only way around this is to hack the Python C API wrapper that the mysql python module is built on. For now, we just close off both connections before a fork via a TBDBPreFork(), and restore them implicitly on the first query after the fork. It sucks, but it's the best we can do until hacking the mysql module. Anyway, the big fix is that testbed-ops no longer gets spammed with DBQuery failures; they are retried just like in libdb.pm.in.
-
David Johnson authored
database as primary, but are recording all slice state changes on the new PLC database so the switchover should be seamless. * GNUMakefile.in: add mod_PLC4.py.in * mod_PLC4.py.in: more API changes. * libplab.py.in: add support for saving state at two PLCs, one primary, one "compat". * mod_PLCNM.py.in: change URL to access old xmlrpc server since PlanetLab went ahead and changed DNS.
-
Mike Hibler authored
-
Pramod R Sanaga authored
-
Mike Hibler authored
-
David Johnson authored
-
Mike Hibler authored
-
Mike Hibler authored
-
Leigh B. Stoller authored
-
- 06 Feb, 2007 2 commits
-
-
Pramod R Sanaga authored
2) Removed a double-long causing warning messages in RttSensor. 3) Added NullSensor as a dependency to UdpPacketSensor.
-
Jonathon Duerig authored
-
- 05 Feb, 2007 8 commits
-
-
Robert Ricci authored
-
Robert Ricci authored
-
Mike Hibler authored
-
Jonathon Duerig authored
-
Jonathon Duerig authored
Reduced snaplen to 100. Removed sensor logging by default and main_loop logging by default. This should reduce the data generated by the magent by 80% or so. The SENSOR_* logging can be looked at by running in replay. The MAIN_LOOP stuff just gives timings to determine how long the application spent sleeping in select.
-
Russ Fish authored
Finished adding machinery and data, probed the first 3/4 of the pages with it. . Add interspersed action lines to make the {setup,teardown}_forms.list files more like scripts, including wget and sql shortcuts. . Add undo actions so multiple setup/teardown probes don't collide. Undo the state changes after a probe that *DOESN'T FAIL*, due to ignoring the probe value given for the input field. E.g, the first beginexp that succeeds uses up the experiment name and blocks all other probes, so the experiment has to be deleted again before the next probe is done. . Add a ! prefix for input_values.list lines to skip the input field entirely. . Probe both POST input field args, and GET action= args on the same page. . Change success/failure lines from text snippets to grep patterns. Give failure matching patterns precedence over success. Finish categorizing probe output pages (needed by the probe undo mechanism.) . Add activation and setup/teardown for probing nodetype, osid, and imageid pages. . Add analysis of overall success/failure page counts to the probes_msg.
-
Pramod R Sanaga authored
Change in the wrap around compare function - to take sender timestamps into account.
-
David Johnson authored
to PLC 4. I haven't added the new NM functionality yet, so that stuff is stubbed out.
-
- 02 Feb, 2007 3 commits
-
-
Jonathon Duerig authored
Patch, fixing IP address printing for connections. We now avoid storing a pointer to the reults for inet_ntoa because the function is not re-entrant, using static memory to put the result in.
-
Leigh B. Stoller authored
-
Mike Hibler authored
Rev 20 of the tarball has no new function, it is just slimmed down. I replaced our large statically linked binaries with dynamically linked ones. Also found and stripped a couple of other binaries. The resulting tarball goes from 5.7MB to 0.9MB. The Makefile changes are to incorporate the NOSTATIC=1 environment hack to enable building the dynamic binaries above.
-
- 01 Feb, 2007 6 commits
-
-
Pramod R Sanaga authored
2) Some more error messages will be output to the log when junk packets(which are not generated by us) are received by the magent, and the throughput calculation will remain unaffected by these anomalies. 3) Changed mock-monitor to work with the change in Header::headerSize() ( as opposed to Header::headerSize variable ) .
-
Mike Hibler authored
of event/program-agent/program-agent.c
-
Mike Hibler authored
This causes program agents to become isolated and marginalized, in short, unresponsive to the needs of Emulab. It is now a Loyal Emulab Soldier, attempting reconnects til the end of time if necessary. I left in the "keep alive" (idle timeout) since it doesn't seem to be causing any problems.
-
Leigh B. Stoller authored
-
Mike Hibler authored
* if we have to create it, make sure to re-stat so that following /uid/gid/mode checks are legit * change the own/group if either of own/group are wrong
-
Jonathon Duerig authored
-
- 31 Jan, 2007 4 commits
-
-
Pramod R Sanaga authored
2) Modified SensorList.h, SensorList.cc and lib.h to include the new sensors. 3) made changes in UdppacketSensor to accommodate the above new ones. 4) Added a script makeUdpPlots.py to create gnuplot graphs from the output of UDP sensors.
-
Pramod R Sanaga authored
Modified monitor to work with the udp code integrated into magent and modified the compile script to include new udp sensor objects.
-
Pramod R Sanaga authored
-
Pramod R Sanaga authored
-