From 3ee7fe58b2acec0a6ae4eabad91a9dd609268870 Mon Sep 17 00:00:00 2001 From: Krzysztof Grobelny Date: Wed, 14 Jul 2021 09:04:42 +0000 Subject: [PATCH] Revert "Disable nbd proxy from the build" NBD Proxy has been disabled upstream. Reenable as we use it for Virtual Media This reverts commit efb8062c306474942bc94f15d748b2eb0b58fbb6. Change-Id: I19a88b30c1074dd376f2df8f5668245b638b881f --- meson.build | 3 ++- meson_options.txt | 10 ++-------- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/meson.build b/meson.build index bdc514b..19364a8 100644 --- a/meson.build +++ b/meson.build @@ -78,7 +78,8 @@ feature_map = { 'rest' : '-DBMCWEB_ENABLE_DBUS_REST', 'static-hosting' : '-DBMCWEB_ENABLE_STATIC_HOSTING', 'insecure-tftp-update' : '-DBMCWEB_INSECURE_ENABLE_REDFISH_FW_TFTP_UPDATE', -#'vm-nbdproxy' : '-DBMCWEB_ENABLE_VM_NBDPROXY', +'validate-unsecure-feature' : '-DBMCWEB_ENABLE_VALIDATION_UNSECURE_FEATURE', +'vm-nbdproxy' : '-DBMCWEB_ENABLE_VM_NBDPROXY', 'vm-websocket' : '-DBMCWEB_ENABLE_VM_WEBSOCKET', } diff --git a/meson_options.txt b/meson_options.txt index 0ab31b8..ea0f2fc 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -3,14 +3,7 @@ option('yocto-deps', type: 'feature', value: 'disabled', description : 'Use YOCT option('kvm', type : 'feature',value : 'enabled', description : 'Enable the KVM host video WebSocket. Path is \'/kvm/0\'. Video is from the BMC\'s \'/dev/video\' device.') option ('tests', type : 'feature', value : 'enabled', description : 'Enable Unit tests for bmcweb') option('vm-websocket', type : 'feature', value : 'enabled', description : '''Enable the Virtual Media WebSocket. Path is \'/vm/0/0\'to open the websocket. See https://github.com/openbmc/jsnbd/blob/master/README.''') - -# if you use this option and are seeing this comment, please comment here: -# https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions -# for this code. At this point, no daemon has been upstreamed that implements -# this interface, so for the moment this appears to be dead code; In leiu of -# removing it, it has been disabled to try to give those that use it the -# opportunity to upstream their backend implementation -#option('vm-nbdproxy', type: 'feature', value : 'disabled', description : 'Enable the Virtual Media WebSocket.') +option('vm-nbdproxy', type: 'feature', value : 'disabled', description : 'Enable the Virtual Media WebSocket.') option('rest', type : 'feature', value : 'enabled', description : '''Enable Phosphor REST (D-Bus) APIs. Paths directly map Phosphor D-Bus object paths, for example, \'/xyz/openbmc_project/logging/entry/enumerate\'. See https://github.com/openbmc/docs/blob/master/rest-api.md.''') option('redfish', type : 'feature',value : 'enabled', description: 'Enable Redfish APIs. Paths are under \'/redfish/v1/\'. See https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.') option('host-serial-socket', type : 'feature', value : 'enabled', description : 'Enable host serial console WebSocket. Path is \'/console0\'. See https://github.com/openbmc/docs/blob/master/console.md.') @@ -37,6 +30,7 @@ option ('https_port', type : 'integer', min : 1, max : 65535, value : 443, descr # the implications of doing so.In general, enabling these options will cause security # problems of varying degrees +option ('validate-unsecure-feature', type : 'feature', value : 'disabled', description : '''Enables unsecure features required by validation. Note: mustbe turned off for production images.''') option ('insecure-disable-csrf', type : 'feature', value : 'disabled', description : 'Disable CSRF prevention checks.Should be set to false for production systems.') option ('insecure-disable-ssl', type : 'feature', value : 'disabled', description : 'Disable SSL ports. Should be set to false for production systems.') option ('insecure-disable-auth', type : 'feature', value : 'disabled', description : 'Disable authentication on all ports. Should be set to false for production systems') -- 2.25.1