anti/DECNET
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(core): close HIGH ASVS findings V7.1.1 and correctness bugs BUG-1..6

Browse Source 
- V7.1.1: /swarm/check no longer returns raw exception text; logs detail
  server-side, returns generic 'probe failed'.
- BUG-1: register EditAction -> SSHDriver so edit ticks no longer crash.
- BUG-2: topology reconcile matches generator-named deckies by
  expected-name membership instead of a hyphen heuristic.
- BUG-3: intel provider lookups acquire the per-provider semaphore so
  declared concurrency bounds are enforced.
- BUG-4: RuleIndex.install evicts a rule from kinds it no longer applies to.
- BUG-5: UnixSocketBus.connect() is lock-guarded with a double-check so
  concurrent first-connects open exactly one socket and reader task.
- BUG-6/V5.1.3: multi-token JSON-field search binds each token to a
  distinct parameter instead of collapsing to the last value.

Regression tests added for every fix, verified red-before/green-after.
V4.1.1c/V12.1.1 (updater master-CN gate) and V12.5.1 (tarball include-list)
confirmed already fixed in prior commits and left untouched.
This commit is contained in:
anti
2026-06-09 23:12:49 -04:00
parent 8d18c59201
commit 6a8af315fb
16 changed files with 737 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
tests/swarm/test_swarm_api.py
View File

@@ -437,6 +437,43 @@ def test_check_marks_hosts_active(client: TestClient, stub_agent) -> None:
assert one["last_heartbeat"] is not None
# V7.1.1: a probe failure must mark the host unreachable WITHOUT leaking the
# raw exception text (file paths, TLS internals) back to the caller.
_LEAKY_PROBE_SECRET = "/etc/decnet/tls/worker-7.key: permission denied [TLSV1_ALERT]"
class _LeakyAgentClient(_StubAgentClient):
async def __aenter__(self) -> "_LeakyAgentClient":
raise RuntimeError(_LEAKY_PROBE_SECRET)
def test_check_unreachable_does_not_leak_exception_text(
client: TestClient, monkeypatch: pytest.MonkeyPatch
) -> None:
from decnet.web.router.swarm import api_check_hosts as check_mod
monkeypatch.setattr(check_mod, "AgentClient", _LeakyAgentClient)
h = client.post(
"/swarm/enroll",
json={"name": "leaky-w", "address": "10.0.0.13", "agent_port": 8765},
).json()
resp = client.post("/swarm/check")
assert resp.status_code == 200
results = resp.json()["results"]
assert len(results) == 1
assert results[0]["reachable"] is False
# Generic message only — the internal exception string must be absent.
assert results[0]["detail"] == "probe failed"
assert _LEAKY_PROBE_SECRET not in resp.text
assert "permission denied" not in resp.text
# The host is still correctly marked unreachable server-side.
one = client.get(f"/swarm/hosts/{h['host_uuid']}").json()
assert one["status"] == "unreachable"
# ---------------------------------------------------------------- /deckies