GitLab

  register_globals=1 to turn POST/GET/COOKIES arguments in local variables.
  This is known to be a terrible security risk, and we keep saying we are
  going to fix it, and now I am. In order to accomplish this on a
  transitional basis (since I don't want the entire web interface to stop
  working while I debug it), and because the code just needs the cleanup, I
  am doing it like this: Each page will sport new declarations at the top:

	RequiredPageArguments("experiment", PAGEARG_EXPERIMENT,
                              "template",   PAGEARG_TEMPLATE,
                              "instance",   PAGEARG_INSTANCE,
                              "metadata",   PAGEARG_METADATA,
                              "osinfo",     PAGEARG_OSINFO,
                              "image",      PAGEARG_IMAGE,
                              "project",    PAGEARG_PROJECT,
                              "group",      PAGEARG_GROUP,
                              "user",       PAGEARG_USER,
			      "node",       PAGEARG_NODE,
			      "yesno",      PAGEARG_BOOLEAN,
			      "message",    PAGEARG_STRING,
			      "age",        PAGEARG_INTEGER,
                              "cost",       PAGEARG_NUMERIC,
                              "formfields", PAGEARG_ARRAY,
                              "unknown",    PAGEARG_ANYTHING);

	OptionalPageArguments("canceled", PAGEARG_BOOLEAN);

  The first token in each pair is the name of the global variable to
  set, and the second token is the type. So, for "experiment" we look at
  the URL for a pid/eid or exptidx, etc, sanity check them (safe for a
  DB query), and then try to find that experiment in the DB. If it maps
  to an experiment, set global variable $experiment to the object. Since
  its a required argument, produce an error if not supplied. Similar
  treatment for optional arguments, with the obvious difference.

  The goal is to have ALL argument processing in one place, consistent,
  and correct. I've found numerous places where we leak unchecked
  arguments into queries. It also cuts out a lot of duplicated code.

* To make the above easier to deal with, I've been replacing lots of
  hardcoded URLS in the code of the form:

	foo.php3?pid=$pid&eid=$eid ...

  with

        CreateURL("foo", $experiment)

  which creates and returns the neccessary url string, by looking at
  the type of its arguments (experiment, template, instance, etc.)

  Eventually plan to replace them all so that URL handling throughout
  the code is all defined in one place (all the new URL code is in
  url_defs.php).

* I have cranked up error reporting to tell me anytime a variable is
  used before it is initialized, plus a bunch of other stuff that PHP
  deems improper. Think of it like -Wall ... and boy we get a lot of
  warnings.  A very large percentage of the diffs are to fix all these
  warnings.

  The warnings are currently going to /usr/testbed/log/php-errors.log,
  and I'll be adding a script to capture them each night and mail them
  to tbops. This file also gets errors (this will be a change for
  developers; rather then seeing errors and warnings dumped in the
  middle of web pages, they will go to this file instead).

* Major refactoring of the code. More objects (nodes, images, osids).
  Moving tons of queries into the objects in the hopes of someday
  getting to a point where we can split the web interface onto a
  different server.  Lots of general cleanup.

This file was used for "human reference" when comparing to the nodes
Emulab knows about.

day errors to tbops. The hope is that this will annoy us enough to
fix them.

Runs from cron just after midnight.

Upgraded monitor to deal with udp, udp pseudo-connections, version 3 libnetmon format, version 1 magent format, fixed timing issue, generalized the difference between sockets and connections, and others.

libdb.pm.in.  There's a nasty little hack to deal with forks, because the
underlying python mysql db module does not help us deal with them.
Basically, there is no way (and I mean no way!) to close a connection in
the child without actually sending a disconnect to the server... so the
parent's connection gets killed too.  The only way around this is to hack
the Python C API wrapper that the mysql python module is built on.  For
now, we just close off both connections before a fork via a TBDBPreFork(),
and restore them implicitly on the first query after the fork.  It sucks,
but it's the best we can do until hacking the mysql module.

Anyway, the big fix is that testbed-ops no longer gets spammed with
DBQuery failures; they are retried just like in libdb.pm.in.

database as primary, but are recording all slice state changes on the new
PLC database so the switchover should be seamless.

  * GNUMakefile.in: add mod_PLC4.py.in
  * mod_PLC4.py.in: more API changes.
  * libplab.py.in:  add support for saving state at two PLCs, one primary,
      one "compat".
  * mod_PLCNM.py.in: change URL to access old xmlrpc server since
      PlanetLab went ahead and changed DNS.

2) Removed a double-long causing warning messages in RttSensor.
3) Added NullSensor as a dependency to UdpPacketSensor.

Reduced snaplen to 100. Removed sensor logging by default and main_loop logging by default. This should reduce the data generated by the magent by 80% or so.

The SENSOR_* logging can be looked at by running in replay. The MAIN_LOOP stuff just gives timings to determine how long the application spent sleeping in select.

Finished adding machinery and data, probed the first 3/4 of the pages with it.

 . Add interspersed action lines to make the {setup,teardown}_forms.list files
   more like scripts, including wget and sql shortcuts.

 . Add undo actions so multiple setup/teardown probes don't collide.  Undo the
   state changes after a probe that *DOESN'T FAIL*, due to ignoring the probe
   value given for the input field.  E.g, the first beginexp that succeeds
   uses up the experiment name and blocks all other probes, so the experiment
   has to be deleted again before the next probe is done.

 . Add a ! prefix for input_values.list lines to skip the input field entirely.

 . Probe both POST input field args, and GET action= args on the same page.

 . Change success/failure lines from text snippets to grep patterns.  Give
   failure matching patterns precedence over success.  Finish categorizing
   probe output pages (needed by the probe undo mechanism.)

 . Add activation and setup/teardown for probing nodetype, osid, and imageid pages.

 . Add analysis of overall success/failure page counts to the probes_msg.

Change in the wrap around compare function - to take sender timestamps into account.

to PLC 4.  I haven't added the new NM functionality yet, so that stuff is
stubbed out.

Patch, fixing IP address printing for connections. We now avoid storing a pointer to the reults for inet_ntoa because the function is not re-entrant, using static memory to put the result in.

Rev 20 of the tarball has no new function, it is just slimmed down.
I replaced our large statically linked binaries with dynamically linked ones.
Also found and stripped a couple of other binaries.

The resulting tarball goes from 5.7MB to 0.9MB.

The Makefile changes are to incorporate the NOSTATIC=1 environment hack
to enable building the dynamic binaries above.

2) Some more error messages will be output to the log when junk packets(which are not
generated by us) are received by the magent, and the throughput calculation will remain unaffected by these anomalies.
3) Changed mock-monitor to work with the change in Header::headerSize() ( as opposed to Header::headerSize variable ) .

of event/program-agent/program-agent.c

This causes program agents to become isolated and marginalized, in short,
unresponsive to the needs of Emulab.  It is now a Loyal Emulab Soldier,
attempting reconnects til the end of time if necessary.

I left in the "keep alive" (idle timeout) since it doesn't seem to be causing
any problems.

 * if we have to create it, make sure to re-stat so that following
   /uid/gid/mode checks are legit
 * change the own/group if either of own/group are wrong

2) Modified SensorList.h, SensorList.cc and lib.h to include the new sensors.
3) made changes in UdppacketSensor to accommodate the above new ones.
4) Added a script makeUdpPlots.py to create gnuplot graphs from the output
of UDP sensors.

Modified monitor to work with the udp code integrated into magent and modified the compile script to include new udp sensor objects.