Remove extra logging.

Signed-off-by: Adam Capparelli <adam.capparelli@alumni.utoronto.ca>

.github/workflows/ci.yml

@@ -21,7 +21,7 @@ defaults:
 
 jobs:
   docker:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     env:
       DOCKER_REGISTRY_URL: tip-tip-wlan-cloud-ucentral.jfrog.io
       DOCKER_REGISTRY_USERNAME: ucentral

.github/workflows/release.yml

@@ -11,7 +11,7 @@ defaults:
 
 jobs:
   helm-package:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     env:
       HELM_REPO_URL: https://tip.jfrog.io/artifactory/tip-wlan-cloud-ucentral-helm/
       HELM_REPO_USERNAME: ucentral

CMakeLists.txt

@@ -1,5 +1,5 @@
 cmake_minimum_required(VERSION 3.13)
-project(owgw VERSION 4.0.0)
+project(owgw VERSION 3.2.1)
 
 set(CMAKE_CXX_STANDARD 20)
 set(CMAKE_CXX_STANDARD_REQUIRED True)

helm/values.yaml

@@ -9,7 +9,7 @@ fullnameOverride: ""
 images:
   owgw:
     repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owgw
-    tag: v4.0.0
+    tag: master
     pullPolicy: Always
 #    regcred:
 #      registry: tip-tip-wlan-cloud-ucentral.jfrog.io

src/AP_WS_Connection.cpp

@@ -561,14 +561,14 @@ namespace OpenWifi {
 	void AP_WS_Connection::OnSocketShutdown(
 		[[maybe_unused]] const Poco::AutoPtr<Poco::Net::ShutdownNotification> &pNf) {
 		poco_trace(Logger_, fmt::format("SOCKET-SHUTDOWN({}): Closing.", CId_));
-//		std::lock_guard	G(ConnectionMutex_);
+		std::lock_guard	G(ConnectionMutex_);
 		return EndConnection();
 	}
 
 	void AP_WS_Connection::OnSocketError(
 		[[maybe_unused]] const Poco::AutoPtr<Poco::Net::ErrorNotification> &pNf) {
 		poco_trace(Logger_, fmt::format("SOCKET-ERROR({}): Closing.", CId_));
-//		std::lock_guard	G(ConnectionMutex_);
+		std::lock_guard	G(ConnectionMutex_);
 		return EndConnection();
 	}
 
@@ -652,9 +652,10 @@ namespace OpenWifi {
 
 				case Poco::Net::WebSocket::FRAME_OP_TEXT: {
 					poco_trace(Logger_,
-							   fmt::format("FRAME({}): Frame received (length={}, flags={}). Msg={}",
-										   CId_, IncomingSize, flags, IncomingFrame.begin()));
+						fmt::format("FRAME({}): Frame received (length={}, flags={}). Msg={}",
+									CId_, IncomingSize, flags, IncomingFrame.begin()));
 
+					
 					Poco::JSON::Parser parser;
 					auto ParsedMessage = parser.parse(IncomingFrame.begin());
 					auto IncomingJSON = ParsedMessage.extract<Poco::JSON::Object::Ptr>();

src/AP_WS_Server.cpp

@@ -57,8 +57,9 @@ namespace OpenWifi {
 			if (request.find("Upgrade") != request.end() &&
 				Poco::icompare(request["Upgrade"], "websocket") == 0) {
 				Utils::SetThreadName("ws:conn-init");
-				session_id_++;
-				return new AP_WS_RequestHandler(Logger_, session_id_);
+				//session_id_++;
+				auto new_session_id =  session_id_.fetch_add(1, std::memory_order_seq_cst) + 1;
+				return new AP_WS_RequestHandler(Logger_, new_session_id);
 			} else {
 				return nullptr;
 			}
@@ -71,18 +72,14 @@ namespace OpenWifi {
 	bool AP_WS_Server::ValidateCertificate(const std::string &ConnectionId,
 										   const Poco::Crypto::X509Certificate &Certificate) {
 		if (IsCertOk()) {
-			// validate certificate agains trusted chain
-			for (const auto &cert : ClientCasCerts_) {
-				if (Certificate.issuedBy(cert)) {
-					return true;
-				}
-			}
-			poco_warning(
+			if (!Certificate.issuedBy(*IssuerCert_)) {
+				poco_warning(
 					Logger(),
-					fmt::format(
-						"CERTIFICATE({}): issuer mismatch. Certificate not issued by any trusted CA",
-						ConnectionId)
-					);
+					fmt::format("CERTIFICATE({}): issuer mismatch. Local='{}' Incoming='{}'",
+								ConnectionId, IssuerCert_->issuerName(), Certificate.issuerName()));
+				return false;
+			}
+			return true;
 		}
 		return false;
 	}
@@ -137,13 +134,6 @@ namespace OpenWifi {
 			Context->addChainCertificate(Issuing);
 			Context->addCertificateAuthority(Issuing);
 
-			// add certificates from clientcas to trust chain
-			ClientCasCerts_ = Poco::Net::X509Certificate::readPEM(Svr.ClientCas());
-			for (const auto &cert : ClientCasCerts_) {
-				Context->addChainCertificate(cert);
-				Context->addCertificateAuthority(cert);
-			}
-
 			Poco::Crypto::RSAKey Key("", Svr.KeyFile(), Svr.KeyFilePassword());
 			Context->usePrivateKey(Key);
 
@@ -525,10 +515,27 @@ namespace OpenWifi {
 			Connection = SessionHint->second;
 			Sessions_[sessionHash].erase(SessionHint);
 		}
-
-		auto deviceHash = MACHash::Hash(SerialNumber);
-		std::lock_guard DeviceLock(SerialNumbersMutex_[deviceHash]);
-		SerialNumbers_[deviceHash][SerialNumber] = Connection;
+		std::atomic_bool duplicate_session = false;
+		{
+			auto deviceHash = MACHash::Hash(SerialNumber);
+			std::lock_guard DeviceLock(SerialNumbersMutex_[deviceHash]);
+			auto DeviceHint = SerialNumbers_[deviceHash].find(SerialNumber);
+            if (DeviceHint == SerialNumbers_[deviceHash].end()) {
+                // No duplicate connection go ahead and add new connection
+		        SerialNumbers_[deviceHash][SerialNumber] = Connection;
+            }
+            else {
+                // Mark a duplicate session
+                duplicate_session = true;
+				poco_information(Logger(), fmt::format("[session ID: {}] Found a duplicate connection for device serial: {}", session_id, Utils::IntToSerialNumber(SerialNumber)));
+            }
+		}
+		if (duplicate_session.load()){
+            // This is only called if we have a duplicate session
+            // We remove the new incoming session that we just added a few lines above, forcing the destructor for this new session while not impacting the pointers to the old session.
+            std::lock_guard SessionLock(SessionMutex_[sessionHash]);
+			Sessions_[sessionHash].erase(session_id);
+        }
 	}
 
 	bool AP_WS_Server::EndSession(uint64_t session_id, uint64_t SerialNumber) {

src/AP_WS_Server.h

@@ -223,7 +223,6 @@ namespace OpenWifi {
 		mutable std::array<std::mutex,MACHashMax>		SerialNumbersMutex_;
 
 		std::unique_ptr<Poco::Crypto::X509Certificate> IssuerCert_;
-		std::vector<Poco::Crypto::X509Certificate> ClientCasCerts_;
 		std::list<std::unique_ptr<Poco::Net::HTTPServer>> WebServers_;
 		Poco::ThreadPool DeviceConnectionPool_{"ws:dev-pool", 4, 256};
 		Poco::Net::SocketReactor Reactor_;

src/framework/SubSystemServer.cpp

@@ -68,16 +68,6 @@ namespace OpenWifi {
 				Context->addCertificateAuthority(Issuing);
 			}
 
-			if (!client_cas_.empty()) {
-				// add certificates specified in clientcas
-				std::vector<Poco::Crypto::X509Certificate> Certs =
-					Poco::Net::X509Certificate::readPEM(client_cas_);
-				for (const auto &cert : Certs) {
-					Context->addChainCertificate(cert);
-					Context->addCertificateAuthority(cert);
-				}
-			}
-
 			Poco::Crypto::RSAKey Key("", key_file_, key_file_password_);
 			Context->usePrivateKey(Key);
 

src/framework/SubSystemServer.h

@@ -45,7 +45,6 @@ namespace OpenWifi {
 		[[nodiscard]] inline auto KeyFile() const { return key_file_; };
 		[[nodiscard]] inline auto CertFile() const { return cert_file_; };
 		[[nodiscard]] inline auto RootCA() const { return root_ca_; };
-		[[nodiscard]] inline auto ClientCas() const { return client_cas_; };
 		[[nodiscard]] inline auto KeyFilePassword() const { return key_file_password_; };
 		[[nodiscard]] inline auto IssuerCertFile() const { return issuer_cert_file_; };
 		[[nodiscard]] inline auto Name() const { return name_; };