New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ynh-vpnclient-loadcubefile.sh script isn't working anymore #60
Comments
ynh-vpnclient-loadcubefile.sh
script isn't working anymore
Just an idea : What do we want exactly to achieve with this code ? To get the session cookie. So we can maybe just test if the file Something like this : # make sure the cookies file doesn't exit to not get a false positive at the test
rm -f ${tmpdir}/cookies || true
# the curl command is the same as in the original code beside the additional -s and -o /dev/null parameters
curl -s -o /dev/null -kLe "https://${ynh_domain}/yunohost/sso/" --data-urlencode "user=${ynh_user}" --data-urlencode "password=${ynh_password}" "https://${ynh_domain}/yunohost/sso/" --resolve "${ynh_domain}:443:127.0.0.1" -c "${tmpdir}/cookies"
# test if the curl command failed, if the file doesn't exist or if the file is empty
if [ $? -ne 0 ] || [ ! -f "${tmpdir}/cookies" ] || [ ! -s "${tmpdir}/cookies" ]; then
echo "[ERROR] SSO login failed" >&2
exit 1
fi Is this test robust enough ? |
Didn't dig deep to check, but naively that looks kinda legit ? Did you test it ? |
Not with a full install. I'm going to launch one with this patch. I'll keep you updated this evening about the result. |
Cheers Don't hesitate to make a pull request and harass us, given that it breaks the install and reload of cube file, we should try to fix it asap ... ping @pitchum @keomabrun |
Ok, will do ! If the test works, I'll create the PR right away |
More precisely, the goal is probably to make sure that the authentication was successful. A better check would be to look for set-cookie: SSOwAuthUser= header in the response with "curl -i" or to look for this inside the generated cookie file.
If you have time to prepare a PR @SohKa it would be appreciated. Otherwise I'll do it next week-end. |
You're right. I've been a bit paranoid as I was thinking that the cookie variable name Instead of The code would look like this : curl -D - -skLe "https://${ynh_domain}/yunohost/sso/" --data-urlencode "user=${ynh_user}" --data-urlencode "password=${ynh_password}" "https://${ynh_domain}/yunohost/sso/" --resolve "${ynh_domain}:443:127.0.0.1" -o /dev/null -c "${tmpdir}/cookies" 2> /dev/null | grep -q "set-cookie: SSOwAuthUser=${ynh_user}"
if [ $? -ne 0 ]; then
echo "[ERROR] SSO login failed" >&2
exit 1
fi So basically, it's the same logic as the original one. I'll redo a full reinstallation for testing this. Edit : I've added the username to the |
Hello !
I did several attempts to install a cube from scratch without success. At each attempt, the cube's installation ended up with a non-functional vpnclient application. The script is failing at the step
15-configure_vpnclient.log
:The reason is, since this change has been merged in the SSOwat repository, the
grep
command at this line can't find theLogout
string any more (although thecurl
command is successful). Thus thegrep
command gives the return code1
and this check echoes the message[ERROR] SSO login failed
and exits the script (so the upload of the cube file and the configuration of the IPv6 prefix are skipped).We should maybe find a better way to check that the
curl
command succeeded than grepping the output. As it juts happened, the content of the web page can change again.I'll think of a solution, but I'm not really sure on what to rely to do this check.
In consequence, I think it is not possible any more to install cubes without manually modifying the code.
The text was updated successfully, but these errors were encountered: