RDK-60476: Reduce default connection pool size to 1

[yogeswaransky]

Code changes include,

1. L1 and L2 testcases for multicurlinterface.c
2. Fix for RDKEMW-12350
3. Reduced connection pool to default size of 1
4. Log level corrections and aligned logs
5. Improved inline comments.

[Copilot]

Pull request overview

Updates unit tests to align with the new “fork elimination” HTTP implementation (connection-pool + libcurl), replacing older pipe/fork/read-based expectations and expanding the test mocks to interpose additional libcurl calls.

Changes:

• Enable previously disabled xconf-client and protocol HTTP tests and update them to use curl/pool expectations instead of fork()/pipe().
• Extend FileioMock interposition to cover curl_easy_getinfo() and curl_easy_setopt().
• Add helper logic intended to avoid deadlocks when GTest/logging writes to FILE* while file I/O is mocked.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 5 comments.

File	Description
source/test/xconf-client/xconfclientTest.cpp	Enables/updates doHttpGet tests to mock curl/pool behavior; adds a helper macro intended to prevent GTest logging deadlocks.
source/test/protocol/ProtocolTest.cpp	Updates protocol HTTP tests to mock curl/pool behavior; adds default curl behaviors in fixture setup and a helper macro/comment.
source/test/mocks/FileioMock.h	Adds/adjusts mock method signatures for curl interposition (curl_easy_setopt).
source/test/mocks/FileioMock.cpp	Adds interposed curl_easy_getinfo() and a new interposed curl_easy_setopt() implementation for tests.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 6 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 12 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 8 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 14 out of 14 changed files in this pull request and generated 1 comment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 17 out of 17 changed files in this pull request and generated 1 comment.

Comments suppressed due to low confidence (3)

source/test/mocks/FileioMock.cpp:503

• This wrapper returns CURLE_FAILED_INIT whenever g_fileIOMock is null, instead of falling back to the real curl_easy_setopt (similar to how other wrappers fall back via dlsym). This can cause unrelated tests or code paths to fail if they invoke curl_easy_setopt before the mock is installed. Prefer calling curl_easy_setopt_func when g_fileIOMock == nullptr.

extern "C" CURLcode curl_easy_setopt(CURL* handle, CURLoption option, ...) {
    if (g_fileIOMock != nullptr) {
        va_list args;
        va_start(args, option);
        void* param = va_arg(args, void*);
        va_end(args);
        return g_fileIOMock->curl_easy_setopt(handle, option, param);
    }
    return CURLE_FAILED_INIT;
}

test/functional-tests/tests/helper_functions.py:120

• verify=CA_BUNDLE hard-codes /etc/ssl/certs/ca-certificates.crt without checking it exists. In minimal containers/distros this file may be missing or in a different location, causing requests.get(...) to raise and fail tests. Consider checking os.path.exists(CA_BUNDLE) and falling back to verify=True (requests default) or to verify=False in the test environment, and/or make the CA bundle path configurable via env var.

# CA certificate for server verification
CA_BUNDLE = '/etc/ssl/certs/ca-certificates.crt'  # System CA bundle


def run_telemetry():
    return subprocess.run("/usr/local/bin/telemetry2_0", shell=True)

def run_shell_silent(command):
    subprocess.run(command, shell=True, capture_output=False, text=False)
    return 

def run_shell_command(command):
    result = subprocess.run(command, shell=True, capture_output=True, text=True)
    return result.stdout.strip()

def kill_telemetry(signal: int=9):
    print(f"Recived Signal to kill telemetry2_0 {signal} with pid {get_pid('telemetry2_0')}")
    resp = subprocess.run(f"kill -{signal} {get_pid('telemetry2_0')}", shell=True, capture_output=True)
    print(resp.stdout.decode('utf-8'))
    print(resp.stderr.decode('utf-8'))
    return ""
"""
def sigterm_telemetry(pid:str):
    resp = subprocess.run(f"echo 'this is a test'; kill -15 `pidof telemetry2_0`; echo $?; echo !!", shell=True, capture_output=True)
    print(resp.stdout.decode('utf-8'))
    print(resp.stderr.decode('utf-8'))
    print(get_pid("telemetry2_0"))
    cmd=["kill","-15",str(pid)]
    print(f"Running command: {' '.join(cmd)}")
    result = subprocess.run(cmd, capture_output=True, text=True)
    print("Output:", result.stdout)
    print("Error:", result.stderr)
"""

def sigterm_telemetry(pid):
    try:
        # Print the command being executed
        print(f"Sending SIGTERM to process {pid}")
        
        # Send the SIGTERM signal to the process
        os.kill(int(pid), signal.SIGTERM)
        
        print(f"Process {pid} has been terminated.")
    except ProcessLookupError:
        print(f"No process with PID {pid} found.")
    except PermissionError:
        print(f"Permission denied to kill process {pid}.")
    except Exception as e:
        print(f"An error occurred: {e}")


def adminSupport_cache(save: bool = True):
    if(requests.get(ADMIN_SUPPORT_SET, verify=CA_BUNDLE, cert=CERT_PATH, params={ADMIN_CACHE_ARG: str(save).lower()})):
        return True
    return False

def adminSupport_requestData():
    return_data = requests.get(ADMIN_SUPPORT_GET, verify=CA_BUNDLE, cert=CERT_PATH, params={ADMIN_RQUEST_DATA: "true"})
    try:

test/run_l2.sh:41

• $RESULT_DIR is expanded unquoted in the --json-report-file arguments. Quoting it avoids failures if the path ever contains spaces or glob characters (and is consistent with how mkdir -p is called above).

pytest -v --json-report --json-report-summary --json-report-file $RESULT_DIR/runs_as_daemon.json test/functional-tests/tests/test_runs_as_daemon.py || final_result=1
pytest -v --json-report --json-report-summary --json-report-file $RESULT_DIR/bootup_sequence.json test/functional-tests/tests/test_bootup_sequence.py || final_result=1
pytest -v --json-report --json-report-summary --json-report-file $RESULT_DIR/xconf_communications.json test/functional-tests/tests/test_xconf_communications.py || final_result=1
pytest -v --json-report --json-report-summary --json-report-file $RESULT_DIR/msg_packet.json test/functional-tests/tests/test_multiprofile_msgpacket.py || final_result=1

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 17 out of 17 changed files in this pull request and generated no new comments.

Comments suppressed due to low confidence (12)

source/protocol/http/multicurlinterface.c:115

• The log message incorrectly states "Curl connection pool size set from environment" even though it's printed regardless of whether the value came from the environment or the default. This should only be logged when env_size is actually set. Consider moving this log inside the if condition or changing the message to indicate whether it's from the environment or the default.

            T2Info("Curl connection pool size set from environment: %d\n", configured_size);

source/protocol/http/multicurlinterface.c:472

• This comment is misleading. The function still clears CURLOPT_POSTFIELDS, CURLOPT_POSTFIELDSIZE, and CURLOPT_HTTPHEADER even though the comment only mentions that CURLOPT_CUSTOMREQUEST was removed. The comment should be updated to accurately describe which POST-specific options are being cleared. Note that line 469 that clears CURLOPT_CUSTOMREQUEST was removed but the comment wasn't updated accordingly.

    // Clear any POST-specific settings so that the handle can be used for GET operations
    // curl_easy_perform ends up in crash when POST specific options are not cleared
    CURL_SETOPT_CHECK(easy, CURLOPT_POSTFIELDS, NULL);
    CURL_SETOPT_CHECK(easy, CURLOPT_POSTFIELDSIZE, 0L);
    CURL_SETOPT_CHECK(easy, CURLOPT_HTTPHEADER, NULL);

source/xconf-client/xconfclient.c:547

• Logging level changed from T2Info to T2Debug. This reduces log verbosity for successful HTTP GET operations. While this may be intentional for reducing log noise, consider whether successful HTTP GET operations should still be logged at INFO level for operational visibility. Debug-level logging may make troubleshooting more difficult in production environments.

        T2Debug("HTTP GET request completed successfully\n");

source/test/xconf-client/xconfclientTest.cpp:651

• The lambda function for getParameterValue mock returns void (empty return statement at line 650), but the function is expected to return T2ERROR. This will cause a compilation error or undefined behavior. The return statement should be 'return T2ERROR_SUCCESS;' to match the function signature and the pattern used in other similar mocks in this file.

    EXPECT_CALL(*m_xconfclientMock, getParameterValue(_,_))
            .Times(1)
            .WillOnce([](const char* paramName, char** paramValue) {
            if (strcmp(paramName, "Device.X_RDK_WanManager.CurrentActiveInterface") == 0)
                *paramValue = strdup("erouter0");
            else
                *paramValue = strdup("unknown");
            return ;
    });

source/test/xconf-client/xconfclientTest.cpp:698

• The lambda function for getParameterValue mock returns void (empty return statement at line 697), but the function is expected to return T2ERROR. This will cause a compilation error or undefined behavior. The return statement should be 'return T2ERROR_SUCCESS;' to match the function signature and the pattern used in other similar mocks in this file.

    EXPECT_CALL(*m_xconfclientMock, getParameterValue(_,_))
            .Times(1)
            .WillOnce([](const char* paramName, char** paramValue) {
            if (strcmp(paramName, "Device.X_RDK_WanManager.CurrentActiveInterface") == 0)
                *paramValue = strdup("erouter0");
            else
                *paramValue = strdup("unknown");
            return ;
    });

source/test/xconf-client/xconfclientTest.cpp:68

• The comment describes preventing a deadlock caused by mocked fwrite calls when GTest logs output. However, this macro only mocks fwrite and not fputs which is also mentioned in the comment. If fputs can also cause deadlock issues, it should be included in the macro. Otherwise, the comment should be updated to only mention fwrite.

// Helper macro to prevent deadlock from mocked fwrite and fputs calls in the protocol code when GTest tries to log output, which can cause a deadlock if the logging functions are mocked without allowing real calls to them.
#define PREVENT_GTEST_LOGGING_DEADLOCK() \
    EXPECT_CALL(*g_fileIOMock, fwrite(::testing::_, ::testing::_, ::testing::_, ::testing::_)) \
        .Times(::testing::AnyNumber()) \
        .WillRepeatedly(::testing::Invoke( \
            [](const void* ptr, size_t size, size_t nitems, FILE* stream) { \
                return ::fwrite(ptr, size, nitems, stream); \
            }))

source/xconf-client/Makefile.am:27

• Adding -lrdkconfig to the linker flags when LIBRDKCERTSEL is enabled. However, based on the conditional compilation guards in the code (#ifndef LIBRDKCERTSEL_BUILD wrapping #ifdef LIBRDKCONFIG_BUILD), rdkconfig should NOT be used when LIBRDKCERTSEL_BUILD is defined. This creates a potential inconsistency - the library will be linked but the code won't use it when LIBRDKCERTSEL is enabled. Consider whether -lrdkconfig should be added unconditionally or under a separate IS_LIBRDKCONFIG_ENABLED condition rather than within the IS_LIBRDKCERTSEL_ENABLED block.

libxconfclient_la_LDFLAGS += -lRdkCertSelector -lrdkconfig

test/functional-tests/tests/helper_functions.py:60

• The certificate path discovery logic attempts to find valid certificates by checking multiple standard locations. However, if CERT_PATH remains None (no valid certificates found), subsequent requests.get() calls will still use cert=CERT_PATH which passes None, effectively disabling client certificates. While a warning is printed, consider whether the tests should fail explicitly if no certificates are found, or if this is intentional to allow running tests without mTLS in some environments.

if CERT_PATH is None:
    print("WARNING: No valid client certificate found!")

build_inside_container.sh:34

• Adding -DENABLE_MTLS to CFLAGS and --enable-rdkcertselector=yes to configure. This enables mTLS support in the build. Ensure that the test environment (docker containers) has the necessary certificates and configuration to support mTLS testing, as indicated by the ENABLE_MTLS=true environment variable being passed to the docker containers in the L2-tests.yml workflow.

export CFLAGS=" ${DEBUG_CFLAGS} -I${INSTALL_DIR}/include/rtmessage -I${INSTALL_DIR}/include/msgpack -I${INSTALL_DIR}/include/rbus -I${INSTALL_DIR}/include -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -I/usr/local/include -DFEATURE_SUPPORT_WEBCONFIG -DRDK_LOGGER -DPERSIST_LOG_MON_REF -DDCMAGENT -DENABLE_MTLS" 

export LDFLAGS="-L/usr/lib/x86_64-linux-gnu -lglib-2.0"

./configure --prefix=${INSTALL_DIR} --enable-rdkcertselector=yes && make && make install

source/test/protocol/ProtocolTest.cpp:363

• The test expects T2ERROR_FAILURE but doesn't set up the necessary mocks to simulate the failure condition. The test only mocks isMtlsEnabled() to return true and access() to return 0, but doesn't mock curl_easy_perform or curl_easy_getinfo_mock, which are likely needed for the actual HTTP operation. Without these mocks, the test may not behave as intended. Consider adding the missing mock expectations or documenting why this specific failure case is being tested.

TEST_F(protocolTestFixture, SENDREPORTOVERHTTP3)
{
      char* httpURL = "https://mockxconf:50051/dataLakeMock";
      char* payload = strdup("This is a payload string");
      char *cm = (char*)0xFFFFFFFF;

      EXPECT_CALL(*g_fileIOMock, curl_easy_init())
      .Times(::testing::AnyNumber())
      .WillRepeatedly(::testing::Invoke([]() {
          // Return unique fake handles for each call
          static int handle_counter = 1;
          return (CURL*)(uintptr_t)(0x1000 + handle_counter++);
      }));

      #if defined(ENABLE_RDKB_SUPPORT) && !defined(RDKB_EXTENDER)
      #if defined(WAN_FAILOVER_SUPPORTED) || defined(FEATURE_RDKB_CONFIGURABLE_WAN_INTERFACE)
      EXPECT_CALL(*m_xconfclientMock, getParameterValue(_,_))
              .Times(1)
              .WillOnce(Return(T2ERROR_SUCCESS));
      #endif
      #endif
      EXPECT_CALL(*m_xconfclientMock, isMtlsEnabled())
              .Times(1)
              .WillOnce(Return(true));
      EXPECT_CALL(*g_systemMock, access(_,_))
             .Times(1)
             .WillOnce(Return(0));
      #ifdef LIBRDKCONFIG_BUILD
      EXPECT_CALL(*g_rdkconfigMock, rdkconfig_get(_,_,_))
             .Times(1)
             .WillOnce(Return(RDKCONFIG_OK));
      #endif
      EXPECT_EQ(T2ERROR_FAILURE, sendReportOverHTTP(httpURL, payload));
      free(payload);
}

source/protocol/http/multicurlinterface.c:66

• The DEFAULT_POOL_SIZE is reduced from 2 to 1. While this is a valid optimization for low-end devices, consider verifying that this change doesn't negatively impact performance in scenarios with concurrent HTTP requests. The pool size can still be configured via the T2_CONNECTION_POOL_SIZE environment variable for devices that need higher concurrency.

#define DEFAULT_POOL_SIZE 1

source/protocol/http/Makefile.am:27

• Adding -lrdkconfig to the linker flags when LIBRDKCERTSEL is enabled. However, based on the conditional compilation guards in the code (#ifndef LIBRDKCERTSEL_BUILD wrapping #ifdef LIBRDKCONFIG_BUILD), rdkconfig should NOT be used when LIBRDKCERTSEL_BUILD is defined. This creates a potential inconsistency - the library will be linked but the code won't use it when LIBRDKCERTSEL is enabled. Consider whether -lrdkconfig should be added unconditionally or under a separate IS_LIBRDKCONFIG_ENABLED condition rather than within the IS_LIBRDKCERTSEL_ENABLED block.

libhttp_la_LDFLAGS += -lRdkCertSelector -lrdkconfig

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 17 out of 17 changed files in this pull request and generated no new comments.

Comments suppressed due to low confidence (5)

source/protocol/http/multicurlinterface.c:781

• The removal of CURL_SETOPT_CHECK(easy, CURLOPT_HTTPGET, 0L); from the POST request cleanup could cause issues. When a curl handle is reused from the pool after performing a GET request, CURLOPT_HTTPGET may still be set to 1L (from line 497). Setting CURLOPT_POST to 1L doesn't necessarily disable the GET flag. According to libcurl documentation, you should explicitly disable HTTPGET before doing a POST to avoid undefined behavior. Consider restoring this line or verifying that CURLOPT_POST automatically clears CURLOPT_HTTPGET.

    // Clear any GET-specific settings from previous use
    CURL_SETOPT_CHECK(easy, CURLOPT_WRITEFUNCTION, NULL);
    CURL_SETOPT_CHECK(easy, CURLOPT_WRITEDATA, NULL);

source/protocol/http/multicurlinterface.c:66

• The DEFAULT_POOL_SIZE was changed from 2 to 1. This is a significant change that may impact performance. With a pool size of 1, concurrent HTTP requests will have to wait for the single handle to become available, potentially creating a bottleneck. Consider documenting why this change was made, especially since the comment on line 106 mentions "configure the connection pool size based on the device type" and there's an environment variable T2_CONNECTION_POOL_SIZE to override this. If this is intentional for low-end devices, it should be clearly documented.

#define DEFAULT_POOL_SIZE 1

source/protocol/http/multicurlinterface.c:469

• The comment states "curl_easy_perform ends up in crash when POST specific options are not cleared", but this is actually clearing POST options before a GET request, not after. The comment should say "Clear any POST-specific settings from previous use to prevent crashes" to be more accurate.

    // curl_easy_perform ends up in crash when POST specific options are not cleared

source/protocol/http/multicurlinterface.c:107

• The comment on line 106 has a typo: "to have the size" should be part of a grammatically complete sentence. Consider rewording to: "Check environment variable T2_CONNECTION_POOL_SIZE to configure the connection pool size based on the device type".

    // Check environment variable T2_CONNECTION_POOL_SIZE to have the size
    // of the connection pool based on the device type

source/protocol/http/multicurlinterface.c:726

• The spelling of "certicates" is incorrect. It should be "certificates" for consistency with standard spelling.

    // In case of CertSelector, CertSelector will take care of freeing the certicates

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 17 out of 17 changed files in this pull request and generated 2 comments.

Comments suppressed due to low confidence (3)

test/functional-tests/tests/report_profiles.py:1240

• This URL change updates the Split66 profile endpoint, but related functional tests still assert the old dataLookeMock URL (e.g., test_temp_profile.py and test_multiprofile_msgpacket.py grep for it). Either keep the profile URL consistent with those expectations or update the assertions/test data so they match the new endpoint.

        "HTTP": {
          "URL": "https://mockxconf:50051/dataLakeMockXconf/",
          "Compression": "None",
          "Method": "POST",
          "RequestURIParameter": [

test/run_l2.sh:44

• Unquoted shell variables can break if paths ever contain spaces or glob characters. Quote $RESULT_DIR (and $final_result in the test) consistently in the pytest invocations and the [ ... ] comparison to avoid word-splitting issues.

pytest -v --json-report --json-report-summary --json-report-file $RESULT_DIR/runs_as_daemon.json test/functional-tests/tests/test_runs_as_daemon.py || final_result=1
pytest -v --json-report --json-report-summary --json-report-file $RESULT_DIR/bootup_sequence.json test/functional-tests/tests/test_bootup_sequence.py || final_result=1
pytest -v --json-report --json-report-summary --json-report-file $RESULT_DIR/xconf_communications.json test/functional-tests/tests/test_xconf_communications.py || final_result=1
pytest -v --json-report --json-report-summary --json-report-file $RESULT_DIR/msg_packet.json test/functional-tests/tests/test_multiprofile_msgpacket.py || final_result=1

if [ $final_result -ne 0 ]; then
    echo "Some tests failed. Please check the JSON reports in $RESULT_DIR for details."

source/test/xconf-client/xconfclientTest.cpp:422

• The comment here says the pool default size is 2, but this PR changes DEFAULT_POOL_SIZE to 1 in multicurlinterface.c. Please update the comment to reflect the current default (or avoid hard-coding the number in the comment).

        // Set up curl_easy_init to return valid handles for pool initialization
        // The pool will call curl_easy_init() based on pool size (default 2)
        EXPECT_CALL(*g_fileIOMock, curl_easy_init())

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[shibu-kv]

Please revisit . There are high chances of race conditions and deadlocks.

[Copilot]

Pull request overview

Copilot reviewed 18 out of 18 changed files in this pull request and generated no new comments.

Comments suppressed due to low confidence (3)

source/protocol/http/multicurlinterface.c:495

• http_pool_get() attempts to “clear POST-specific settings” on a reused easy handle, but it only resets POSTFIELDS/POSTFIELDSIZE/HTTPHEADER. http_pool_post() sets CURLOPT_POST=1L (and may also have other POST-related state), and relying solely on CURLOPT_HTTPGET=1L later can leave request method/state ambiguous across libcurl versions and options. To make handle reuse deterministic, explicitly reset method-related flags (e.g., CURLOPT_POST=0L, CURLOPT_HTTPGET=1L, and clear any custom request) when switching a handle from POST to GET.

    // Clear any POST-specific settings so that the handle can be used for GET operations
    // curl_easy_perform ends up in crash when POST specific options are not cleared
    CURL_SETOPT_CHECK(easy, CURLOPT_POSTFIELDS, NULL);
    CURL_SETOPT_CHECK(easy, CURLOPT_POSTFIELDSIZE, 0L);
    CURL_SETOPT_CHECK(easy, CURLOPT_HTTPHEADER, NULL);

test/functional-tests/tests/helper_functions.py:63

• CA_BUNDLE is hardcoded to /etc/ssl/certs/ca-certificates.crt and later passed to requests.get(verify=CA_BUNDLE). In minimal containers this file may not exist, which will make requests raise an exception and fail the tests. Consider checking os.path.exists(CA_BUNDLE) and falling back to verify=True/False accordingly, and only pass cert=... when a certificate was actually found (CERT_PATH != None) to avoid surprising behavior.

if CERT_PATH is None:
    print("WARNING: No valid client certificate found!")

# CA certificate for server verification
CA_BUNDLE = '/etc/ssl/certs/ca-certificates.crt'  # System CA bundle

source/docs/protocol/curl_usage_architecture.md:34

• The documentation still describes a condition variable-based design (pool_cond, pthread_cond_wait/signal) for handle acquisition/release, but the current multicurlinterface.c implementation uses polling with usleep() and no condition variable. Please update this doc (and the mermaid diagrams / pseudo-code) to match the actual synchronization approach so it doesn’t mislead future debugging and changes.

- `pool_entries`: Array of pool entries
- `pool_mutex`: Protects pool state (statically initialized)
- `pool_cond`: Condition variable for handle availability
- `pool_initialized`: Initialization flag
- `active_requests`: Counter for in-use handles

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.