Regression: Invalid JSON with trailing commas in 'show sessions' (v1.3.0)

Regression: Invalid JSON with trailing commas in show sessions (ocserv 1.3.0)

Description

Issue #220 (closed) was fixed in v0.12.5 (milestone 0.12.5), but the bug has regressed in ocserv 1.3.0.

The commands occtl -j show sessions all and occtl -j show sessions valid now output invalid JSON with trailing commas again.

Affected commands:

• occtl -j show sessions all
• occtl -j show sessions valid

Symptoms

Trailing commas appear in JSON objects, violating JSON specification:

[
  {
    "Session":  "Al/uNv",
    "Full session":  "Al/uNvvwCC1n7lo1ZpVE57aA+pE=",
    "Created":  "2025-10-23 08:38",
    "State":  "authenticated",
    "Username":  "win2k25",
    "Groupname":  "(none)",
    "vhost":  "default",
    "User-Agent":  "AnyConnect Windows 5.1.2.42",
    "Remote IP":  "90.156.162.214",
    "Location":  "unknown",
    "session_is_open":  1,
    "tls_auth_ok":  0,
    "in_use":  1,
  },
  {
    "Session":  "FnL/93",
    ...
    "in_use":  1,
  }
]

Note the trailing commas after "in_use": 1, inside each object!

Impact

• Strict JSON parsers fail to parse the output
• Automation scripts break when relying on JSON mode
• Production monitoring tools fail to process session data
• Regression from working code - breaks existing integrations that worked in v0.12.5+

Steps to reproduce

1. Run on a server with ocserv 1.3.0 and at least one active session:

occtl -j show sessions all

2. Observe the trailing commas in the JSON output

3. Try to parse with a strict JSON parser:

occtl -j show sessions all | python3 -m json.tool

Result: Parse error due to trailing commas

Version information

• ocserv version: 1.3.0
• occtl version: 1.3.0
• OS tested: Debian 12
• Tested on: Production server with 3 active VPN sessions

Historical context

• Originally reported: Issue #220 (closed) (2019)
• Fixed in: v0.12.5 (milestone 0.12.5)
• Regressed in: v1.3.0 (current master)

This is a regression - the bug was successfully fixed but returned in a later version.

Source code analysis needed

The original fix in v0.12.5 should be reviewed to understand why it no longer works in v1.3.0. Possible causes:

1. Code refactoring that reintroduced the bug
2. Changes to the JSON output functions
3. Incomplete fix that only addressed some cases

Related issues

• Original issue: #220 (closed) (closed, milestone 0.12.5)
• Similar JSON bugs: #517 (closed) (fixed in 1.2.0), #661 (open, show iroutes)

Request

Please investigate why this bug returned after being fixed in v0.12.5, and ensure the fix is applied consistently to prevent future regressions.

Workaround

For now, users can:

1. Use lenient JSON parsers that accept trailing commas
2. Strip trailing commas with sed before parsing:

   occtl -j show sessions all | sed 's/,\s*}/}/g' | sed 's/,\s*]/]/g'

3. Use text mode (without -j flag) and parse manually