diff options
author | Ed Tanous <ed@tanous.net> | 2024-05-10 01:48:09 +0300 |
---|---|---|
committer | Ed Tanous <ed@tanous.net> | 2024-05-10 02:16:06 +0300 |
commit | 83328316857b42960edd46cadf06902d2d4ba00b (patch) | |
tree | 1329cd1fe0eb4084411f8d9459a52f8cf3f0ed14 /http/http_connection.hpp | |
parent | 3eaecac33685ca3297d53e041ab5c5116bc18d25 (diff) | |
download | bmcweb-83328316857b42960edd46cadf06902d2d4ba00b.tar.xz |
Fix lesser used options
25b54dba775b31021a3a4677eb79e9771bcb97f7 missed several cases where we
had ifndef instead of ifdef. because these weren't the defaults, these
don't show up as failures when testing.
Tested: Redfish service validator passes. Inspection primarily.
Mechanical change.
Change-Id: I3f6915a97eb44d071795aed76476c6bee7e8ed27
Signed-off-by: Ed Tanous <ed@tanous.net>
Diffstat (limited to 'http/http_connection.hpp')
-rw-r--r-- | http/http_connection.hpp | 53 |
1 files changed, 28 insertions, 25 deletions
diff --git a/http/http_connection.hpp b/http/http_connection.hpp index 29e876d0a9..4d9c9806ef 100644 --- a/http/http_connection.hpp +++ b/http/http_connection.hpp @@ -273,20 +273,21 @@ class Connection : keepAlive = req->keepAlive(); if constexpr (!std::is_same_v<Adaptor, boost::beast::test::stream>) { -#ifndef BMCWEB_INSECURE_DISABLE_AUTHX - if (!crow::authentication::isOnAllowlist(req->url().path(), - req->method()) && - req->session == nullptr) + if constexpr (!BMCWEB_INSECURE_DISABLE_AUTH) { - BMCWEB_LOG_WARNING("Authentication failed"); - forward_unauthorized::sendUnauthorized( - req->url().encoded_path(), - req->getHeaderValue("X-Requested-With"), - req->getHeaderValue("Accept"), res); - completeRequest(res); - return; + if (!crow::authentication::isOnAllowlist(req->url().path(), + req->method()) && + req->session == nullptr) + { + BMCWEB_LOG_WARNING("Authentication failed"); + forward_unauthorized::sendUnauthorized( + req->url().encoded_path(), + req->getHeaderValue("X-Requested-With"), + req->getHeaderValue("Accept"), res); + completeRequest(res); + return; + } } -#endif // BMCWEB_INSECURE_DISABLE_AUTHX } auto asyncResp = std::make_shared<bmcweb::AsyncResp>(); BMCWEB_LOG_DEBUG("Setting completion handler"); @@ -406,12 +407,13 @@ class Connection : private: uint64_t getContentLengthLimit() { -#ifndef BMCWEB_INSECURE_DISABLE_AUTHX - if (userSession == nullptr) + if constexpr (!BMCWEB_INSECURE_DISABLE_AUTH) { - return loggedOutPostBodyLimit; + if (userSession == nullptr) + { + return loggedOutPostBodyLimit; + } } -#endif return httpReqBodyLimit; } @@ -515,6 +517,16 @@ class Connection : return; } + if constexpr (!std::is_same_v<Adaptor, boost::beast::test::stream>) + { + if constexpr (!BMCWEB_INSECURE_DISABLE_AUTH) + { + boost::beast::http::verb method = parser->get().method(); + userSession = crow::authentication::authenticate( + ip, res, method, parser->get().base(), mtlsSession); + } + } + std::string_view expect = parser->get()[boost::beast::http::field::expect]; if (bmcweb::asciiIEquals(expect, "100-continue")) @@ -524,15 +536,6 @@ class Connection : return; } - if constexpr (!std::is_same_v<Adaptor, boost::beast::test::stream>) - { -#ifndef BMCWEB_INSECURE_DISABLE_AUTHX - boost::beast::http::verb method = parser->get().method(); - userSession = crow::authentication::authenticate( - ip, res, method, parser->get().base(), mtlsSession); -#endif // BMCWEB_INSECURE_DISABLE_AUTHX - } - if (!handleContentLengthError()) { return; |