search

bitfocus / companion-module-generic-http

Generic HTTP module
MIT License
9 stars 19 forks source link

Crash with some GET requests #21

Closed llamafilm closed 2 years ago

llamafilm commented 2 years ago

As an experiment, I tried sending GET requests to a Supermicro IPMI server using this module. I was just trying to test the syntax for including a Basic Auth header, but I found that this crashes Companion every time. Example URL: https://10.49.54.201/redfish/v1/Systems/1/EthernetInterfaces/1

It uses a self-signed SSL certificate, could that be the problem? If I use http (no S) instead, the server responds with 301. If I try without the basic auth header, the server responds 401. In all cases it crashes in the same way. Nothing is written to the log, but I see this error in the shell:

 /home/ubuntu/companion/node_modules/companion-module-generic-http/index.js:169
            self.log('error', `HTTP ${action.action.toUpperCase()} Request failed (${e.message})`)
                                                                                     ^

ReferenceError: e is not defined
    at errorHandler (/home/ubuntu/companion/node_modules/companion-module-generic-http/index.js:169:77)
    at ClientRequest.<anonymous> (/home/ubuntu/companion/lib/rest.js:46:5)
    at ClientRequest.emit (events.js:400:28)
    at RedirectableRequest.<anonymous> (/home/ubuntu/companion/node_modules/node-rest-client/lib/node-rest-client.js:721:39)
    at RedirectableRequest.emit (events.js:400:28)
    at ClientRequest.eventHandlers.<computed> (/home/ubuntu/companion/node_modules/follow-redirects/index.js:14:24)
    at ClientRequest.emit (events.js:400:28)
    at TLSSocket.socketErrorListener (_http_client.js:475:9)
    at TLSSocket.emit (events.js:400:28)
    at emitErrorNT (internal/streams/destroy.js:106:8)

Here is the same command from curl with a successful 200 response.

$ curl -v -k "https://10.49.54.201/redfish/v1/Systems/1/EthernetInterfaces/1" -H "Authorization: Basic xxxxxxxxxxxx="
*   Trying 10.49.54.201:443...
* TCP_NODELAY set
* Connected to 10.49.54.201 (10.49.54.201) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=US; ST=California; L=San Jose; O=Super Micro Computer; OU=Software; CN=IPMI
*  start date: Dec  9 00:00:00 2020 GMT
*  expire date: Dec  9 00:00:00 2023 GMT
*  issuer: C=US; ST=California; L=San Jose; O=Super Micro Computer; OU=Software; CN=IPMI
*  SSL certificate verify result: self signed certificate (18), continuing anyway.
> GET /redfish/v1/Systems/1/EthernetInterfaces/1 HTTP/1.1
> Host: 10.49.54.201
> User-Agent: curl/7.68.0
> Accept: */*
> Authorization: Basic xxxxxxxxxxxxxxx=
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Length: 278
< Content-Type: application/json
< Strict-Transport-Security: max-age=31536000; includeSubdomains
< X-XSS-Protection: 1; mode=block
< Content-Security-Policy: default-src 'self';connect-src 'self';frame-src 'self' data:;img-src 'self' data:;object-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';worker-src 'self' blob:;
< X-Frame-Options: SAMEORIGIN
< X-Content-Type-Options: nosniff
< OData-Version: 4.0
< Date: Tue, 21 Dec 2021 21:37:31 GMT
< 
* Connection #0 to host 10.49.54.201 left intact
{"@odata.type":"#EthernetInterface.v1_5_1.EthernetInterface","@odata.id":"/redfish/v1/Systems/1/EthernetInterfaces/1","Id":"1","Name":"OnBoard LAN 1","Description":"OnBoard #1","Status":{"State":"Disabled","Health":"OK"},"MACAddress":"3c:ec:ef:30:31:46","SpeedMbps":0,"FQDN":""}

I'm using version 2.2.0-4abb3e87-3673 on Ubuntu 20.04 headless. Other types of HTTP server work fine with this module.

estilles commented 2 years ago

@llamafilm / @krocheck Just pushed a fix that that will prevent that crash and instead will log the corresponding error. I'm not certain what's causing the underlying exception, except maybe the self-signed cert.

I'll push this change unto the Companion core, so it will be available on the next beta build. @llamafilm ... if there're still any problems please reopen this issue and let us know.

llamafilm commented 2 years ago

Thanks for fixing the crash. It would be great to handle bad SSL certificates too. I use several different softwares that offer a REST API using a self signed cert.

estilles commented 2 years ago

@llamafilm Can you tell me the specific error message that's logged? I'll try to reproduce on my end.

estilles commented 2 years ago

@llamafilm I was able to replicate your issue using https://self-signed.badssl.com/. I've submitted a PR for a potential fix. Let's wait for the team's acceptance/approval.

llamafilm commented 2 years ago

Wow that's a cool website! I tried your PR and it works for me.

estilles commented 2 years ago

Wow that's a cool website! I tried your PR and it works for me.

That was quick! What timezone are you in? :-)

llamafilm commented 2 years ago

I’m in LA. I just happened to be staring at my GitHub notifications when that came in :-)