ODBC SSL Compliance Fix #75
Conversation
…oint bug when using SSL without protocol specified in url Signed-off-by: forestmvey <forestv@bitquilltech.com>
…he url Signed-off-by: forestmvey <forestv@bitquilltech.com>
…tribution node Signed-off-by: forestmvey <forestv@bitquilltech.com>
… url and/or incompatible with server url Signed-off-by: forestmvey <forestv@bitquilltech.com>
Signed-off-by: forestmvey <forestv@bitquilltech.com>
Signed-off-by: forestmvey <forestv@bitquilltech.com>
Codecov Report
@@ Coverage Diff @@
## integ-odbc_ssl_compliance_fix opensearch-project/sql#75 +/- ##
================================================================
Coverage 97.66% 97.66%
Complexity 2743 2743
================================================================
Files 268 268
Lines 6772 6772
Branches 435 435
================================================================
Hits 6614 6614
Misses 157 157
Partials 1 1
Flags with carried forward coverage won't be shown. Click here to find out more. Continue to review full report at Codecov.
|
sql-odbc/src/IntegrationTests/ITODBCConnection/test_odbc_connection.cpp
Outdated
Show resolved
Hide resolved
sql-odbc/src/IntegrationTests/ITODBCConnection/test_odbc_connection.cpp
Outdated
Show resolved
Hide resolved
sql-odbc/src/IntegrationTests/ITODBCConnection/test_odbc_connection.cpp
Outdated
Show resolved
Hide resolved
sql-odbc/src/IntegrationTests/ITODBCConnection/test_odbc_connection.cpp
Outdated
Show resolved
Hide resolved
sql-odbc/src/IntegrationTests/ITODBCConnection/test_odbc_connection.cpp
Outdated
Show resolved
Hide resolved
| if(rt_opts.crypt.use_ssl) { | ||
| rt_opts.conn.server = std::string("https://") + std::string(self->connInfo.server); | ||
| } else { | ||
| rt_opts.conn.server = std::string("http://") + std::string(self->connInfo.server); |
There was a problem hiding this comment.
rt_opts.conn.server should follow the same assignment patter as other properties in this method -- rt_opts.conn.server.assign(...)
| @@ -1005,7 +1009,9 @@ std::string OpenSearchCommunication::GetClusterName() { | |||
|
|
|||
| void OpenSearchCommunication::SetSqlEndpoint() { | |||
| std::string distribution = GetServerDistribution(); | |||
| if (distribution.compare("opensearch") == 0) { | |||
| if (distribution.empty()) { | |||
| sql_endpoint = "Error"; | |||
There was a problem hiding this comment.
If this is an error state, is there a better way to propagate the error to the user?
Is it possible for distribution to be empty?
There was a problem hiding this comment.
Distribution is empty in the event of GetServerDistribution() having an exception caught. I figured having Error for the endpoint is better than the previous /_opendistro/_sql when unable to query sql plugin. I am open to something else.
There was a problem hiding this comment.
I see.
So, with this change, if GetServerDistribution returns "", then SetSqlEndpoint sets sql_endpoint to "Error", then EstablishConnection proceeds to try to connect to host Error, probably fails and returns false?
If that's correct, then it's better if EstablishConnection returns false after SetSqlEndpoint.
…ut server url generation into own function. Minor logic revisions. Signed-off-by: forestmvey <forestv@bitquilltech.com>
630d961 to
af7c34b
Compare
…ausing an unusable UI state for windows users. Signed-off-by: forestmvey <forestv@bitquilltech.com>
…failure to establish connection with url Signed-off-by: forestmvey <forestv@bitquilltech.com>
| SetErrorDetails("Connection error", m_error_message, | ||
| ConnErrorType::CONN_ERROR_COMM_LINK_FAILURE); | ||
| LogMsg(OPENSEARCH_ERROR, m_error_message.c_str()); | ||
| m_error_message_to_user = m_error_message; | ||
| return ""; |
There was a problem hiding this comment.
why are we returning "" in all cases? Does it make sense to reconsider the response type of this function? Change to return void, or change the returns so that they return actual content ....?
There was a problem hiding this comment.
Note: this is the problem with not have a javadoc.
The API contract for this function isn't described, which means I have to read the code and look up all the usages of this function to understand WHAT string is expected from this function.
Please add a javadoc header comment to the function you know what the parameters/returns are supposed to be. Then determine if a string return type is appropriate.
| @@ -73,6 +75,26 @@ char CC_connect(ConnectionClass *self) { | |||
| return 1; | |||
| } | |||
|
|
|||
| std::string generateValidServerUrl(ConnectionClass *self) { | |||
| std::string valid_server_url = ""; | |||
| if(!strlen(self->connInfo.server)) { | |||
There was a problem hiding this comment.
I think, you'll simplify this function if you wrap self->connInfo.server into a string_view.
| return valid_server_url; | ||
| } | ||
|
|
||
| bool url_len_valid = (strlen(self->connInfo.server) > strlen(HTTPS_PREFIX)); |
There was a problem hiding this comment.
std::string::find: "If s does not point to an array long enough, it causes undefined behavior".
https://cplusplus.com/reference/string/string/find/
…g valid server URL's with string_view usage. Signed-off-by: forestmvey <forestv@bitquilltech.com>
1. Remove unnecessary throws exception. 2. Use java style array declaration. 3. Remove unused variables. 4. Replace lambda with method references 5. Replace statement with lambda 6. Use valid random string Signed-off-by: Vijayan Balasubramanian <balasvij@amazon.com>
Description
Fixed ODBC Driver Issues:
Issues Resolved
Github: 280
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.