Getting a closed socket error when running specs

[jwoertink]

When I run this spec in Lucky, I'm getting a "Closed socket" error

it "tests the sign_in" do
    scanner = LuckySecTester.new
    target = scanner.build_target(SignIns::New)
    scanner.run_check(
      scan_name: "ref: #{ENV["GITHUB_REF"]?} commit: #{ENV["GITHUB_SHA"]?} run id: #{ENV["GITHUB_RUN_ID"]?}",
      tests: [
        "dom_xss", 
        "brute_force_login", 
      ],
      target: target
    )
  end

1) SecTester tests the sign_in

       Closed socket (IO::Error)
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/http/web_socket.cr:77:5 in 'check_open'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/http/web_socket.cr:82:5 in 'send'
         from lib/socket_io/src/engine_io/engine_io.cr:118:7 in 'send_packet'
         from lib/socket_io/src/engine_io/engine_io.cr:35:7 in 'send'
         from lib/socket_io/src/socket_io/socket_io.cr:127:7 in 'send_packet'
         from lib/socket_io/src/socket_io/socket_io.cr:113:7 in 'emit_event'
         from lib/socket_io/src/socket_io/socket_io.cr:62:7 in 'emit'
         from lib/sec_tester/src/sec_tester/repeater.cr:31:7 in 'close'
         from lib/sec_tester/src/sec_tester/scan.cr:222:9 in 'stop'
         from lib/sec_tester/src/sec_tester/scan.cr:195:11 in 'poll:timeout:on_issue:severity_threshold'
         from lib/sec_tester/src/sec_tester/test.cr:34:7 in 'run_check:scan_name:tests:target'
         from lib/lucky_sec_tester/src/lucky_sec_tester.cr:16:3 in 'run_check:scan_name:tests:target'
         from spec/flows/security_spec.cr:10:5 in '->'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/example.cr:45:13 in 'internal_run'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/example.cr:32:73 in '->'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/example/procsy.cr:16:15 in 'run'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/context.cr:368:11 in '->'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/example/procsy.cr:16:15 in 'run'
         from spec/setup/configure_lucky_flow.cr:37:1 in '->'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/context.cr:71:26 in 'run_around_each_hook'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/context.cr:66:7 in 'internal_run_around_each_hooks'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/context.cr:59:7 in 'run_around_each_hooks'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/context.cr:360:13 in 'run_around_each_hooks'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/example.cr:32:15 in 'run'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/context.cr:18:23 in 'internal_run'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/context.cr:342:7 in 'run'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/context.cr:18:23 in 'internal_run'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/context.cr:158:7 in 'run'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/spec/dsl.cr:212:7 in '->'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/crystal/at_exit_handlers.cr:14:19 in 'run'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/crystal/main.cr:64:14 in 'exit'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/crystal/main.cr:59:5 in 'main'
         from /home/runner/work/_temp/crystal-latest-true-undefined/share/crystal/src/crystal/main.cr:141:3 in 'main'
         from /lib/x86_64-linux-gnu/libc.so.6 in '??'
         from /lib/x86_64-linux-gnu/libc.so.6 in '__libc_start_main'
         from /home/runner/.cache/crystal/crystal-run-spec.tmp in '_start'
         from ???

This is running on the latest release, but maybe I'm missing a setup somewhere since the repeater moved to Crystal?

[bararchy]

@jwoertink I ran the whole spec suite now, and didn't see an issue. I don't think there is some inherent issue.. I do know that dom_xss is for now disabled but I don't think this should have caused the Socket connection issue....

@derevnjuk any ideas?

[bararchy]

@jwoertink does it fail only on the head version of Crystal?

[jwoertink]

oh, do I need to remove dom_xss? Also, this is on latest, not head. So 1.10.1.

[jwoertink]

Just re-ran the spec and I got an email

Unfortunately, a problem occurred with scan Please check the scan engine logs or contact support. Error: The repeater has not been responding for 10 minutes. The scan has been disrupted.

[jwoertink]

Ran again, and it all passed... Could have been a fluke? Maybe the CI was having a Monday? :man_shrugging: I won't worry too much about it for now, but let me know about the dom_xss if I should remove it, and what other tests I might have to remove from default.

[bararchy]

@jwoertink you can use xss instead of dom_xss.

We found an issue with scans longer then 10 minutes, I'm looking into it, we need to add a ping to our servers otherwise we decide the repeater is down.

@derevnjuk noticed this behavior

[bararchy]

Fixed via: ecb8f52fd98f80986b51ae624d6432835c880f0e