search

inverse-inc / packetfence

PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks.
https://packetfence.org
GNU General Public License v2.0
1.27k stars 275 forks source link

Integration tests: LDAP test can fail randomly #5884

Closed nqb closed 3 years ago

nqb commented 3 years ago

Describe the bug During integration tests, sometimes, LDAP test failed with following error:

1514    pfdeb9dev: FAILED Create and test AD machine source [/usr/local/pf/t/venom/pfservers/dot1x_eap_peap/15_create_and_test_ad_machine_source.yml]
1515    pfdeb9dev: Failure in "/usr/local/pf/t/venom/pfservers/dot1x_eap_peap/15_create_and_test_ad_machine_source.yml:86"
1516    pfdeb9dev: In test case "test_ad_machine_source", at step 0
1517    pfdeb9dev: Assertion "result.statuscode ShouldEqual 200" failed
1518    pfdeb9dev: Expected: '200'
1519    pfdeb9dev: Actual:   '422'
1520    pfdeb9dev: (Should be equal)

Example job.

Logs show following errors:

Oct  5 05:27:55 pfdeb9dev packetfence: pfperl-api(26604) DEBUG: POST "/api/v1/config/sources/test" (e55de10b) (Mojolicious::dispatch)                                                                             │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) DEBUG: Memory configuration is not valid anymore for key config::Pf(pfdeb9dev) in local cached_hash (pfconfig::cached::is_valid)                         │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) DEBUG: Routing to controller "pf::UnifiedApi::Controller::Config::Sources" and action "test" (Mojolicious::Routes::_controller)                          │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) DEBUG: cache get for namespace='configfiles', key='/usr/local/pf/conf/roles.conf', cache='Redis:l1_cache', time='0ms': HIT (CHI::Driver::_log_get_result)│
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) TRACE: Memory configuration is still valid for key config::Pf(pfdeb9dev) in local cached_hash (pfconfig::cached::is_valid)                               │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) TRACE: Memory configuration is still valid for key config::Pf(pfdeb9dev) in local cached_hash (pfconfig::cached::is_valid)                               │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) TRACE: Memory configuration is still valid for key config::Pf(pfdeb9dev) in local cached_hash (pfconfig::cached::is_valid)                               │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) TRACE: Memory configuration is still valid for key config::Pf(pfdeb9dev) in local cached_hash (pfconfig::cached::is_valid)                               │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) TRACE: Memory configuration is still valid for key config::Pf(pfdeb9dev) in local cached_hash (pfconfig::cached::is_valid)                               │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) DEBUG: Memory configuration is not valid anymore for key config::AdminRoles() in local cached_hash (pfconfig::cached::is_valid)                          │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) DEBUG: Memory configuration is not valid anymore for key config::Realm() in local cached_hash (pfconfig::cached::is_valid)                               │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) TRACE: Memory configuration is still valid for key config::Pf(pfdeb9dev) in local cached_hash (pfconfig::cached::is_valid)                               │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) TRACE: Memory configuration is still valid for key config::Pf(pfdeb9dev) in local cached_hash (pfconfig::cached::is_valid)                               │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) DEBUG: cache get for namespace='Default', key='ARRAY(0x56282a5543f8)', cache='RawMemory', time='0ms': MISS (not in cache) (CHI::Driver::_log_get_result) │
Oct  5 05:27:56 pfdeb9dev packetfence: pfperl-api(26604) TRACE: Connected to 172.17.17.100:389 using encryption starttls (pf::LDAP::compute_connection)                                                           ┤
Oct  5 05:27:57 pfdeb9dev packetfence: pfperl-api(26604) ERROR: Error starting tls for 172.17.17.100:389 (pf::LDAP::compute_connection)                                                                           ┤
Oct  5 05:27:57 pfdeb9dev packetfence: pfperl-api(26604) ERROR: Error binding: 'SSL wants a read first' (pf::LDAP::log_error_msg)                                                                                 │
Oct  5 05:27:57 pfdeb9dev packetfence: pfperl-api(26604) WARN: [dot1x_eap_peap_machine_auth] Unable to connect to 172.17.17.100 (pf::Authentication::Source::LDAPSource::_connect)                                ┤
Oct  5 05:27:57 pfdeb9dev packetfence: pfperl-api(26604) ERROR: [dot1x_eap_peap_machine_auth] Unable to connect to any LDAP server (pf::Authentication::Source::LDAPSource::_connect)                             │
Oct  5 05:27:57 pfdeb9dev packetfence: pfperl-api(26604) WARN: [dot1x_eap_peap_machine_auth] Unable to connect to any LDAP server (pf::Authentication::Source::LDAPSource::test)                                  │
Oct  5 05:27:57 pfdeb9dev packetfence: pfperl-api(26604) DEBUG: 422 Unprocessable Entity (1.023391s, 0.977/s) (Mojolicious::Controller::rendered)
nqb commented 3 years ago

I found a reference to this kind of issue: https://rt.cpan.org/Public/Bug/Display.html?id=90459 but it should be fixed in perl modules we are using.

Issue is random, I will just run more test before failing.