diff options
author | Jiaqing Zhao <jiaqing.zhao@intel.com> | 2022-06-07 19:02:04 +0300 |
---|---|---|
committer | Ed Tanous <ed@tanous.net> | 2022-08-01 01:11:56 +0300 |
commit | 75b63a2cfe2560b2d4267349882f19538c1fe2f2 (patch) | |
tree | 43d63e5e7028510911399709a370d3bd76beb8bf | |
parent | 717b9802fad291b07dfb870a3502846f54298a82 (diff) | |
download | bmcweb-75b63a2cfe2560b2d4267349882f19538c1fe2f2.tar.xz |
certificate: Parse URL with readUrlSegments in ReplaceCertificate
readUrlSegments both validates and reads segments from URL, using it is
way better than comparing the URL with boost::start_with now (which
violates common error #12). It also removes the last part that relies
on the incorrect assumption that the certificate id is always a number.
Also removes the boost::convert dependency as it is not longer needed.
Tested:
* Verified calling ReplaceCertificate with malformed CertificateUri
gives ActionParameterNotSupported error.
* Replacing certificate at a valid but non-existing returns 404 Not
found
* Replacing an existing certificate operates successfully.
Change-Id: I96ffe7060b3350ea9240ef64624246af0fdd3da0
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@intel.com>
-rw-r--r-- | redfish-core/lib/certificate_service.hpp | 68 |
1 files changed, 24 insertions, 44 deletions
diff --git a/redfish-core/lib/certificate_service.hpp b/redfish-core/lib/certificate_service.hpp index 53c72e6780..6da91ff65e 100644 --- a/redfish-core/lib/certificate_service.hpp +++ b/redfish-core/lib/certificate_service.hpp @@ -1,8 +1,6 @@ #pragma once #include <app.hpp> -#include <boost/convert.hpp> -#include <boost/convert/strtol.hpp> #include <boost/system/linux_error.hpp> #include <dbus_utility.hpp> #include <query.hpp> @@ -86,30 +84,6 @@ inline void requestRoutesCertificateService(App& app) }); } // requestRoutesCertificateService -/** - * @brief Find the ID specified in the URL - * Finds the numbers specified after the last "/" in the URL and returns. - * @param[in] path URL - * @return -1 on failure and number on success - */ -inline long getIDFromURL(const std::string_view url) -{ - std::size_t found = url.rfind('/'); - if (found == std::string::npos) - { - return -1; - } - - if ((found + 1) < url.length()) - { - std::string_view str = url.substr(found + 1); - - return boost::convert<long>(str, boost::cnv::strtol()).value_or(-1); - } - - return -1; -} - inline std::string getCertificateFromReqBody( const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, const crow::Request& req) @@ -783,40 +757,47 @@ inline void requestRoutesCertificateActionsReplaceCertificate(App& app) asyncResp->res, "ReplaceCertificate", "CertificateUri"); return; } + BMCWEB_LOG_INFO << "Certificate URI to replace: " << certURI; - BMCWEB_LOG_INFO << "Certificate URI to replace" << certURI; - long id = getIDFromURL(certURI); - if (id < 0) + boost::urls::result<boost::urls::url_view> parsedUrl = + boost::urls::parse_relative_ref(certURI); + if (!parsedUrl) { messages::actionParameterValueFormatError(asyncResp->res, certURI, "CertificateUri", "ReplaceCertificate"); return; } - std::string objectPath; + + std::string id; + sdbusplus::message::object_path objectPath; std::string name; std::string service; - if (certURI.starts_with( - "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/")) + if (crow::utility::readUrlSegments( + *parsedUrl, "redfish", "v1", "Managers", "bmc", + "NetworkProtocol", "HTTPS", "Certificates", std::ref(id))) { objectPath = - std::string(certs::httpsObjectPath) + "/" + std::to_string(id); + sdbusplus::message::object_path(certs::httpsObjectPath) / id; name = "HTTPS certificate"; service = certs::httpsServiceName; } - else if (certURI.starts_with( - "/redfish/v1/AccountService/LDAP/Certificates/")) + else if (crow::utility::readUrlSegments(*parsedUrl, "redfish", "v1", + "AccountService", "LDAP", + "Certificates", std::ref(id))) { objectPath = - std::string(certs::ldapObjectPath) + "/" + std::to_string(id); + sdbusplus::message::object_path(certs::ldapObjectPath) / id; name = "LDAP certificate"; service = certs::ldapServiceName; } - else if (certURI.starts_with( - "/redfish/v1/Managers/bmc/Truststore/Certificates/")) + else if (crow::utility::readUrlSegments(*parsedUrl, "redfish", "v1", + "Managers", "bmc", "Truststore", + "Certificates", std::ref(id))) { - objectPath = std::string(certs::authorityObjectPath) + "/" + - std::to_string(id); + objectPath = + sdbusplus::message::object_path(certs::authorityObjectPath) / + id; name = "TrustStore certificate"; service = certs::authorityServiceName; } @@ -838,15 +819,14 @@ inline void requestRoutesCertificateActionsReplaceCertificate(App& app) if (ec.value() == boost::system::linux_error::bad_request_descriptor) { - messages::resourceNotFound(asyncResp->res, name, - std::to_string(id)); + messages::resourceNotFound(asyncResp->res, name, id); return; } messages::internalError(asyncResp->res); return; } - getCertificateProperties(asyncResp, objectPath, service, - std::to_string(id), certURI, name); + getCertificateProperties(asyncResp, objectPath, service, id, + certURI, name); BMCWEB_LOG_DEBUG << "HTTPS certificate install file=" << certFile->getCertFilePath(); }, |