Python3 Version is not specified; `vigiles-openwrt.py` throws versioning related errors.

[phearus]

The python3 version is not specified in any meaningful way. All the libraries used are from the python standard library, but are often used with deprecated function arguments.

For example, the encoding option (file lib/libapi.py line 50) has been deprecated since python 3.1 and was removed in python 3.9. Executing this code throws an exception and results in the error:

Error: Unable to parse key file: /home/$user/timesys/linuxlink_key

I can verify the file /home/$user/timesys/linuxlink_key exists, is accessible, and is legal JSON.

Removing this argument or using python 3.8.10 gets us past this error. We then receive a communication error:

    Vigiles Communication Error:    Invalid credentials were sent to the LinuxLink Server.

    Current Time:   2022-01-30T20:10:02.073147
    Message:    HTTP Error 403: FORBIDDEN
    Parameter(s):   https://linuxlink.timesys.com/api/v1/vigiles/manifests

I have not dug any deeper into the code determine why API authentication / communications are failing.

[iancampbell]

Thank you for the detailed issue!

We'll dig into the authentication issue and update vigiles-openwrt to work with python 3.9 and above.

[iancampbell]

This issue has been resolved with d47be9bea002bf5c8efb9a02ceeb642fb7318db5

[phearus]

This issue has been resolved with d47be9b

This resolves the use of deprecated arguments, however the "Vigiles Communication Error" persists.

I will create a new issue to address this specific issue.

[iancampbell]

I was able to pinpoint the communication error and I just pushed a fix to our server for it. Please try again when you get a chance.

[phearus]

@iancampbell nicely-done - Yep - can confirm - communication error is now fixed and CVE report is now uploaded as expected.

Thank you @iancampbell and team!