diff options
| author | Ed Tanous <ed@tanous.net> | 2023-07-18 03:06:25 +0300 |
|---|---|---|
| committer | Ed Tanous <ed@tanous.net> | 2023-07-20 01:38:41 +0300 |
| commit | 62598e31d0988d589506d5091bd38f72d61faf5e (patch) | |
| tree | e3e548632da934083c21cc1262f8b9d8f255f2a9 /http/mutual_tls.hpp | |
| parent | 609ba4c9ffb9c6b83861ff557108c89007ca369a (diff) | |
| download | bmcweb-62598e31d0988d589506d5091bd38f72d61faf5e.tar.xz | |
Replace logging with std::format
std::format is a much more modern logging solution, and gives us a lot
more flexibility, and better compile times when doing logging.
Unfortunately, given its level of compile time checks, it needs to be a
method, instead of the stream style logging we had before. This
requires a pretty substantial change. Fortunately, this change can be
largely automated, via the script included in this commit under
scripts/replace_logs.py. This is to aid people in moving their
patchsets over to the new form in the short period where old patches
will be based on the old logging. The intention is that this script
eventually goes away.
The old style logging (stream based) looked like.
BMCWEB_LOG_DEBUG << "Foo " << foo;
The new equivalent of the above would be:
BMCWEB_LOG_DEBUG("Foo {}", foo);
In the course of doing this, this also cleans up several ignored linter
errors, including macro usage, and array to pointer deconstruction.
Note, This patchset does remove the timestamp from the log message. In
practice, this was duplicated between journald and bmcweb, and there's
no need for both to exist.
One design decision of note is the addition of logPtr. Because the
compiler can't disambiguate between const char* and const MyThing*, it's
necessary to add an explicit cast to void*. This is identical to how
fmt handled it.
Tested: compiled with logging meson_option enabled, and launched bmcweb
Saw the usual logging, similar to what was present before:
```
[Error include/webassets.hpp:60] Unable to find or open /usr/share/www/ static file hosting disabled
[Debug include/persistent_data.hpp:133] Restored Session Timeout: 1800
[Debug redfish-core/include/event_service_manager.hpp:671] Old eventService config not exist
[Info src/webserver_main.cpp:59] Starting webserver on port 18080
[Error redfish-core/include/event_service_manager.hpp:1301] inotify_add_watch failed for redfish log file.
[Info src/webserver_main.cpp:137] Start Hostname Monitor Service...
```
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I86a46aa2454be7fe80df608cb7e5573ca4029ec8
Diffstat (limited to 'http/mutual_tls.hpp')
| -rw-r--r-- | http/mutual_tls.hpp | 35 |
1 files changed, 18 insertions, 17 deletions
diff --git a/http/mutual_tls.hpp b/http/mutual_tls.hpp index f8af0f6f57..9cd4cde01c 100644 --- a/http/mutual_tls.hpp +++ b/http/mutual_tls.hpp @@ -21,14 +21,14 @@ inline std::shared_ptr<persistent_data::UserSession> .getAuthMethodsConfig() .tls) { - BMCWEB_LOG_DEBUG << "TLS auth_config is disabled"; + BMCWEB_LOG_DEBUG("TLS auth_config is disabled"); return nullptr; } X509_STORE_CTX* cts = ctx.native_handle(); if (cts == nullptr) { - BMCWEB_LOG_DEBUG << "Cannot get native TLS handle."; + BMCWEB_LOG_DEBUG("Cannot get native TLS handle."); return nullptr; } @@ -36,7 +36,7 @@ inline std::shared_ptr<persistent_data::UserSession> X509* peerCert = X509_STORE_CTX_get_current_cert(ctx.native_handle()); if (peerCert == nullptr) { - BMCWEB_LOG_DEBUG << "Cannot get current TLS certificate."; + BMCWEB_LOG_DEBUG("Cannot get current TLS certificate."); return nullptr; } @@ -44,7 +44,7 @@ inline std::shared_ptr<persistent_data::UserSession> int ctxError = X509_STORE_CTX_get_error(cts); if (ctxError != X509_V_OK) { - BMCWEB_LOG_INFO << "Last TLS error is: " << ctxError; + BMCWEB_LOG_INFO("Last TLS error is: {}", ctxError); return nullptr; } // Check that we have reached final certificate in chain @@ -52,12 +52,13 @@ inline std::shared_ptr<persistent_data::UserSession> if (depth != 0) { - BMCWEB_LOG_DEBUG << "Certificate verification in progress (depth " - << depth << "), waiting to reach final depth"; + BMCWEB_LOG_DEBUG( + "Certificate verification in progress (depth {}), waiting to reach final depth", + depth); return nullptr; } - BMCWEB_LOG_DEBUG << "Certificate verification of final depth"; + BMCWEB_LOG_DEBUG("Certificate verification of final depth"); // Verify KeyUsage bool isKeyUsageDigitalSignature = false; @@ -68,7 +69,7 @@ inline std::shared_ptr<persistent_data::UserSession> if ((usage == nullptr) || (usage->data == nullptr)) { - BMCWEB_LOG_DEBUG << "TLS usage is null"; + BMCWEB_LOG_DEBUG("TLS usage is null"); return nullptr; } @@ -88,9 +89,9 @@ inline std::shared_ptr<persistent_data::UserSession> if (!isKeyUsageDigitalSignature || !isKeyUsageKeyAgreement) { - BMCWEB_LOG_DEBUG << "Certificate ExtendedKeyUsage does " - "not allow provided certificate to " - "be used for user authentication"; + BMCWEB_LOG_DEBUG("Certificate ExtendedKeyUsage does " + "not allow provided certificate to " + "be used for user authentication"); return nullptr; } @@ -101,7 +102,7 @@ inline std::shared_ptr<persistent_data::UserSession> if (extUsage == nullptr) { - BMCWEB_LOG_DEBUG << "TLS extUsage is null"; + BMCWEB_LOG_DEBUG("TLS extUsage is null"); return nullptr; } @@ -121,9 +122,9 @@ inline std::shared_ptr<persistent_data::UserSession> // Certificate has to have proper key usages set if (!isExKeyUsageClientAuth) { - BMCWEB_LOG_DEBUG << "Certificate ExtendedKeyUsage does " - "not allow provided certificate to " - "be used for user authentication"; + BMCWEB_LOG_DEBUG("Certificate ExtendedKeyUsage does " + "not allow provided certificate to " + "be used for user authentication"); return nullptr; } std::string sslUser; @@ -136,14 +137,14 @@ inline std::shared_ptr<persistent_data::UserSession> if (status == -1) { - BMCWEB_LOG_DEBUG << "TLS cannot get username to create session"; + BMCWEB_LOG_DEBUG("TLS cannot get username to create session"); return nullptr; } size_t lastChar = sslUser.find('\0'); if (lastChar == std::string::npos || lastChar == 0) { - BMCWEB_LOG_DEBUG << "Invalid TLS user name"; + BMCWEB_LOG_DEBUG("Invalid TLS user name"); return nullptr; } sslUser.resize(lastChar); |