| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
As is, it reads the whole file into memory before sending it. While
fairly fast for the user, this wastes ram, and makes bmcweb less useful
on less capable systems.
This patch enables using the boost::beast::http::file_body type, which
has more efficient serialization semantics than using a std::string. To
do this, it adds a openFile() handler to http::Response, which can be
used to properly open a file. Once the file is opened, the existing
string body is ignored, and the file payload is sent instead.
openFile() also returns success or failure, to allow users to properly
handle 404s and other errors.
To prove that it works, I moved over every instance of direct use of the
body() method over to using this, including the webasset handler. The
webasset handler specifically should help with system load when doing an
initial page load of the webui.
Tested:
Redfish service validator passes.
Change-Id: Ic7ea9ffefdbc81eb985de7edc0fac114822994ad
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
- No need to set error code in asyncResp since caller already does that.
Then we can remove the asyncResp param altogether.
- Check if session is valid before unpacking properties to avoid
unnecessary work.
- Use std::optional instead of pointers for slighter cleaner code.
- Enforce required properties for local users based on D-Bus interface
documentation (UserGroups must be provided for local users).
Change-Id: I770d3556a0d62182b6abd72bfa3f8d62e2a105d1
Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
|
|
This commit refactors the getComputerSystem function into smaller
functions. There is no functional change in this commit.
Tested: Validator passed
'''
curl -k https://$bmc/redfish/v1/Systems/system
{
"@odata.id": "/redfish/v1/Systems/system",
"@odata.type": "#ComputerSystem.v1_16_0.ComputerSystem",
"Actions": {
"#ComputerSystem.Reset": {
"@Redfish.ActionInfo": "/redfish/v1/Systems/system/ResetActionInfo",
"target": "/redfish/v1/Systems/system/Actions/ComputerSystem.Reset"
}
},
"Bios": {
"@odata.id": "/redfish/v1/Systems/system/Bios"
},
"Boot": {
"AutomaticRetryAttempts": 3,
"AutomaticRetryConfig": "RetryAttempts",
"AutomaticRetryConfig@Redfish.AllowableValues": [
"Disabled",
"RetryAttempts"
],
"BootSourceOverrideEnabled": "Disabled",
"BootSourceOverrideMode": "UEFI",
"BootSourceOverrideMode@Redfish.AllowableValues": [
"Legacy",
"UEFI"
],
"BootSourceOverrideTarget": "None",
"BootSourceOverrideTarget@Redfish.AllowableValues": [
"None",
"Pxe",
"Hdd",
"Cd",
"Diags",
"BiosSetup",
"Usb"
],
"RemainingAutomaticRetryAttempts": 3,
"StopBootOnFault": "Never",
"TrustedModuleRequiredToBoot": "Required"
},
"BootProgress": {
"LastState": "None",
"LastStateTime": "1970-01-01T00:00:00.000000+00:00"
},
"Description": "Computer System",
"FabricAdapters": {
"@odata.id": "/redfish/v1/Systems/system/FabricAdapters"
},
"GraphicalConsole": {
"ConnectTypesSupported": [
"KVMIP"
],
"MaxConcurrentSessions": 4,
"ServiceEnabled": true
},
"Id": "system",
"IndicatorLED": "Off",
"LastResetTime": "2023-09-29T13:27:47+00:00",
"Links": {
"Chassis": [
{
"@odata.id": "/redfish/v1/Chassis/chassis"
}
],
"ManagedBy": [
{
"@odata.id": "/redfish/v1/Managers/bmc"
}
]
},
"LocationIndicatorActive": false,
"LogServices": {
"@odata.id": "/redfish/v1/Systems/system/LogServices"
},
"Memory": {
"@odata.id": "/redfish/v1/Systems/system/Memory"
},
"MemorySummary": {
"TotalSystemMemoryGiB": 0.0
},
"Name": "system",
"PCIeDevices": [],
"PCIeDevices@odata.count": 0,
"PowerRestorePolicy": "LastState",
"PowerState": "Off",
"ProcessorSummary": {
"Count": 0
},
"Processors": {
"@odata.id": "/redfish/v1/Systems/system/Processors"
},
"SerialConsole": {
"IPMI": {
"ServiceEnabled": true
},
"MaxConcurrentSessions": 15,
"SSH": {
"HotKeySequenceDisplay": "Press ~. to exit console",
"Port": 2200,
"ServiceEnabled": true
}
},
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "Disabled"
},
"Storage": {
"@odata.id": "/redfish/v1/Systems/system/Storage"
},
"SystemType": "Physical"
}
'''
Change-Id: I16a0c054dfff4ace0b43e156a64fd07b3244fbc1
Signed-off-by: Lakshmi Yadlapati <lakshmiy@us.ibm.com>
|
|
Change I1d00ef561fed7e3ba799969a112ee58b6578ce32 fixed local
compilation of bmcweb, but it is causing failures when attempting to
SRCREV bump. This should fix the issues during SRCREV bump while still
allowing local builds to succeed.
Tested (Carson):
I was able to locally build bmcweb without having previously installed
any boost libraries. All unit tests also passed.
meson buildlocal && ninja -C buildlocal test
Change-Id: I8cbb764dc564b84b4adb06ba80cb87b2a2c4701f
Signed-off-by: Ed Tanous <edtanous@google.com>
Signed-off-by: Carson Labrado <clabrado@google.com>
|
|
Fix the following clang-tidy warning:
```
../include/multipart_parser.hpp:108:50: error: unnecessary temporary object created while calling emplace_back [modernize-use-emplace,-warnings-as-errors]
108 | mime_fields.emplace_back(FormPart{});
| ^~~~~~~~~~
```
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I362b4ad7f90f80a7746b79d643e3a7c5ff1db78c
|
|
```
../redfish-core/include/utils/extern/date.h:983:34: error: identifier '_d' preceded by whitespace in a literal operator declaration is deprecated [-Werror,-Wdeprecated-literal-operator]
983 | CONSTCD11 date::day operator "" _d(unsigned long long d) NOEXCEPT;
| ~~~~~~~~~~~~^~
| operator""_d
../redfish-core/include/utils/extern/date.h:984:34: error: identifier '_y' preceded by whitespace in a literal operator declaration is deprecated [-Werror,-Wdeprecated-literal-operator]
984 | CONSTCD11 date::year operator "" _y(unsigned long long y) NOEXCEPT;
| ~~~~~~~~~~~~^~
| operator""_y
```
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I2304818ddc498441f9ed2ede54c92b7f7c48b7c1
|
|
clang-format-17 has some backwards incompatible changes that require
additional settings for best compatibility and re-running the formatter.
Copy the latest .clang-format from the docs repository and reformat the
repository.
Change-Id: I2f9540cf0d545a2da4d6289fc87b754f684bc9a7
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
|
|
To quote from The Redfish release [1]
2022.3 Redfish Schema Bundle – This .zip file contains the current
versions of all Redfish schemas. The bundle includes 40 schema updates
and developer resources.
Added Compute Express Link (CXL) support (NEW)
Extensions to Fabric, PCIeDevice, Processor, Memory, ComputerSystem,
and Chassis schemas Defined by DMTF alliance partner Compute Express
Link (CXL) Consortium
Extensions to Fabric, PCIeDevice, Processor, Memory, ComputerSystem,
and Chassis schemas New CXLLogicalDevice schema
Added MultiFactorAuth to AccountService to configure a service for
multi-factor authentication
HTTP Basic authentication is not available for accounts configured
for multi-factor authentication
For client certificate authentication, the client provides their
identity certificate during TLS handshaking
For RSA SecurID, Google Authenticator, and Microsoft Authenticator,
clients provide a new Token property in the session creation request
Added Heater and HeaterMetrics resources
[1] https://www.dmtf.org/content/redfish-release-20223-now-available
Change-Id: Iefe80866bfb83e65ab98b2cf4ee2eacce5238c5b
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
Adds support for retrieving the dump file that's generated by
phosphor-debug-collector as a result of using the LogServices/Dump
Action LogService.CollectDiagnosticData from the bmc Manager resource.
Refactors the handling for
/redfish/v1/Systems/<str>/LogServices/EventLog/Entries/<str>/attachment
to use one of the new functions and remove the large lambda.
Tested:
I began the dump generation process by sending a POST request to
/redfish/v1/Managers/bmc/LogServices/Dump/Actions/LogService.CollectDiagnosticData.
That spawned a Task to track the dump being generated by
phosphor-debug-collector. The dump was retrieved by querying the
/redfish/v1/Managers/bmc/LogServices/Dump/Entries/<str>/attachment URI
which is associated with the Task.
Verified that an event log returned by querying
/redfish/v1/Systems/<str>/LogServices/EventLog/Entries/<str>/attachment
is the same as it was before this change.
Signed-off-by: Carson Labrado <clabrado@google.com>
Change-Id: I352b2628a9990bbde40f22e6134f02c89189c925
|
|
clang-17 will have a stronger 'modernize-use-emplace' check and
fails with the following warning:
```
../include/multipart_parser.hpp:308:33: error: use emplace_back instead of push_back [modernize-use-emplace,-warnings-as-errors]
308 | mime_fields.push_back({});
| ^~~~~~~~~~~~
| emplace_back(
```
The vector::emplace_back needed an extra hint, as it would not directly
coerce an initializer-list into the vector's value_type, so we need to
use the value_type constructor.
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I74417e0ff5a6e0991bfbe4936b4814f6ee4c1269
|
|
The update to boost 1.83.0 was breaking for our build process if boost
1.83.0 was not already installed. Update our meson file to correctly
pull in all of the required boost libraries.
Tested:
I was able to locally build bmcweb without having previously installed
any boost libraries. All unit tests also passed.
meson buildlocal && ninja -C buildlocal test
Signed-off-by: Carson Labrado <clabrado@google.com>
Change-Id: I1d00ef561fed7e3ba799969a112ee58b6578ce32
|
|
These variables don't need propagated to handlers. Any usage of them is
incorrect.
This makes Websocket once again a pure virtual class, which is desired.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Id1ecc3911fc502d436a3e6aa29024628fc51aff4
|
|
GET on redfish/v1/JsonSchema does not show OEM schemas but shows only
DMTF redfish schemas.
It is because Oem schemas are not included into `schemas.hpp`.
In addition, the explicit OEM JsonSchema gives the content of the file
rather than the valid Json output.
Tested:
- Query JsonSchemas
```
curl -k -H "X-Auth-Token: $token" -X GET "https://$bmc/redfish/v1/JsonSchemas"
curl -k -H "X-Auth-Token: $token" -X GET "https://$bmc/redfish/v1/JsonSchemas/<OemSchema>"
e.g.
curl -k -H "X-Auth-Token: $token" -X GET "https://$bmc/redfish/v1/JsonSchemas/OemManager"
```
- Redfish Service Validator passed
Change-Id: I0fc9c3d4a48fb9c6ddec9591af12fd2c849331e3
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
|
|
In boost 1.83.0, the boost::url maintainers deprecated the header only
usage of the library without warning. A discussion with the
maintainers[1] made it clear that they removed the abiliy on purpose,
and they're not going to add it back or add a deprecation strategy (they
did say they would update the documentation to actually match the
intent), and that from here on in we should be using the cmake boost
project to pull in the non-header-only boost libraries we use (which at
this point is ONLY boost url).
This commit updates to remove the usage of boost::urls::result typedef,
which was deprecated in this release (which causes a compile error) and
moves it to boost::system::result.
In addition, it updates our meson files to pull in the boost project as
a cmake dependency.
[1] https://cpplang.slack.com/archives/C01JR6C9C4U/p1696441238739129
Tested: Not yet.
Change-Id: Ia7adfc0348588915440687c3ab83a1de3e6b845a
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Have seen this internalError a few times. A trace would help debug why
User Manager is returning an error.
In line with
https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#logging-levels.
IBM has bmcweb-logging=error enabled.
Tested: None. Visual only.
Change-Id: I16f56c3170fb92dcfb52e57c9a420cefabc4c763
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
This commit refactors the getCollectionMembers function into smaller
functions. Additionally, the 'subtree' parameter is no longer a
default parameter but is explicitly required in the function. All
calls to getCollectionMembers have been updated to pass the 'subtree'
parameter.
Tested: Validator passed
'''
curl -k https://$bmc/redfish/v1/Systems/system/Storage
{
"@odata.id": "/redfish/v1/Systems/system/Storage",
"@odata.type": "#StorageCollection.StorageCollection",
"Members": [
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1"
}
],
"Members@odata.count": 1,
"Name": "Storage Collection"
}
curl -k https://$bmc/redfish/v1/Cables
{
"@odata.id": "/redfish/v1/Cables",
"@odata.type": "#CableCollection.CableCollection",
"Description": "Collection of Cable Entries",
"Members": [
{
"@odata.id": "/redfish/v1/Cables/dp0_cable0"
},
{
"@odata.id": "/redfish/v1/Cables/dp0_cable1"
},
{
"@odata.id": "/redfish/v1/Cables/dp0_cable2"
},
{
"@odata.id": "/redfish/v1/Cables/dp0_cable3"
}
],
"Members@odata.count": 4,
"Name": "Cable Collection"
}
curl -k https://$bmc/redfish/v1/Chassis
{
"@odata.id": "/redfish/v1/Chassis",
"@odata.type": "#ChassisCollection.ChassisCollection",
"Members": [
{
"@odata.id": "/redfish/v1/Chassis/chassis"
}
],
"Members@odata.count": 1,
"Name": "Chassis Collection"
}
curl -k https://$bmc/redfish/v1/Systems/system/Memory
{
"@odata.id": "/redfish/v1/Systems/system/Memory",
"@odata.type": "#MemoryCollection.MemoryCollection",
"Members": [
{
"@odata.id": "/redfish/v1/Systems/system/Memory/dimm0"
},
{
"@odata.id": "/redfish/v1/Systems/system/Memory/dimm1"
},
......
{
"@odata.id": "/redfish/v1/Systems/system/Memory/dimm31"
}
],
"Members@odata.count": 32,
"Name": "Memory Module Collection"
}
'''
Change-Id: If5091431b548f371bff03b2897fd0aaf8b0ef203
Signed-off-by: Lakshmi Yadlapati <lakshmiy@us.ibm.com>
|
|
Response and Request are now movable, so lets use that to our advantage
and make this no longer require a pointer. This removes a couple NOLINT
exceptions in our code, and cleans up a lot of places where we could
potentially get a nullptr.
Tested:
enabled http2-experimental option.
Loaded service root from redfish in curl with logging enabled, logging
verified http/2 was being used.
Redfish service validator passes.
Curl compiled with http returns service root correctly.
Change-Id: I65e11a2311be982df594086413d52838235e1a0c
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
This code is needlessly complicated for what it does. Even with the
intent, which is secure buffer cleanup, it's trivial to encase all this
into a single class that accepts the strings by rvalue reference, then
cleans them up afterward.
Doing this also cleans up a potential lifetime problem, where if the
unix socket returned immediately, it would've invalidated the buffers
that were being sent. It also moves to async_write, instead of
async_write_some. The former could in theory fail if the socket blocks
(unlikely in this scenario) but it's good to handle anyway.
Tested: Need some help here. There's no backend for this, so we might
just have to rely on inspection.
Change-Id: I9032d458f8eb7a0689bee575aae611641bacee26
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Both the #LogService.v1_1_0.LogService and #LogService.v1_2_0.LogService
schemas were being used. Follow what OpenBMC has done in the past
and use the same version across all resources of that type.
I've moved them all to use #LogService.v1_2_0.LogService.
The original addition of #LogService.v1_2_0.LogService was here:
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/36638
Tested:
Ran Redfish Validator with and without the change. No new failures seen.
No failures in the #LogService routes.
Change-Id: Ie9eaeca32d190d627b439e511e25dfeee4b7e4eb
Signed-off-by: Janet Adkins <janeta@us.ibm.com>
|
|
This call was neccesary back when we were doing moves of a url_view, but
because this constructor doesn't use a url_view anymore, this isn't
neccesary.
Functionally, this clears up a strange unit test failure that occured in
some cases where this consturctor is used. This constructor is not used
for anything but unit tests.
Tested: Unit tests pass.
Change-Id: I034a69d3a6b6aeada2460bb39f3518846b39f817
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
We haven't been very good about maintaining this file, so lets generate
it like we do everything else.
This commit takes the existing, manually built
openbmc_message_registry.hpp and copies the generated json from a
working system, then hooks it into the parse_registries script to
generate the hpp file. This results in a couple changes, and somewhat
proves how bad our ability to manage this file manually is..
Tested: Looking for input on if this is the right direction.
Change-Id: I5dc03021d194f0674e4a8f41421096b211462a0a
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
After upgrading jsnbd to meson.build, the nbd-proxy path will change from
/usr/sbin to /usr/bin.
- https://gerrit.openbmc.org/c/openbmc/jsnbd/+/65434
- https://gerrit.openbmc.org/c/openbmc/openbmc/+/65466
Error message:
```
bmcweb[220]: [DEBUG http_connection.hpp:561] 0x235bad0 Clearing response
bmcweb[220]: [DEBUG http_response.hpp:181] 0x235dd90 Clearing response
containers
bmcweb[220]: [DEBUG http_connection.hpp:403] 0x235bad0 doReadHeaders
bmcweb[220]: [DEBUG http_connection.hpp:71] 0x22c20c8 Connection open,
total 8
bmcweb[220]: [DEBUG http_connection.hpp:625] 0x23dc940 timer started
[FAILED] Failed to start Wait for Network to be Configured.
See 'systemctl status systemd-networkd-wait-online.service' for details.
[ OK ] Reached target Network is Online.
Starting System Logging Service...
[ OK ] Started System Logging Service.
systemd-journald[160]: Received SIGTERM from PID 220 (bmcweb).
systemd[1]: avahi-daemon.service: Deactivated successfully.
systemd[1]: bmcweb.service: Main process exited, code=exited,
status=255/EXCEPTION
systemd[1]: bmcweb.service: Failed with result 'exit-code'.
systemd[1]: bmcweb.service: Consumed 1.940s CPU time.
systemd[1]: obmc-dump-monitor.service: Deactivated successfully.
systemd[1]: phosphor-certificate-manager@authority.service: Deactivated
successfully.
```
After this fix:
```
bmcweb[219]: [DEBUG http_connection.hpp:268] Setting completion handler
bmcweb[219]: [DEBUG http_response.hpp:238] 0xfb23e0 setting completion
handler
bmcweb[219]: [DEBUG http_response.hpp:238] 0xfb23e0 setting completion
handler
bmcweb[219]: [DEBUG routing.hpp:601] Matched rule (upgrade) '/vm/0/0' 1
/ 2
bmcweb[219]: [DEBUG dbus_privileges.hpp:51] userName = root userRole =
priv-admin
bmcweb[219]: [DEBUG websocketrule.hpp:50] Websocket handles upgrade
bmcweb[219]: [DEBUG websocket.hpp:78] Creating new connection 0xe641ec
bmcweb[219]: [DEBUG websocket.hpp:89] starting connection 0xe641ec
bmcweb[219]: [DEBUG http_response.hpp:223] 0xfb23e0 calling completion
handler
bmcweb[219]: [DEBUG http_response.hpp:226] 0xfb23e0 completion handler
was valid
bmcweb[219]: [DEBUG http_response.hpp:238] 0x108b008 setting completion
handler
bmcweb[219]: [DEBUG http_connection.hpp:81] 0x1088d48 Connection closed,
total 8
bmcweb[219]: [DEBUG websocket.hpp:226] Websocket accepted connection
bmcweb[219]: [DEBUG vm_websocket.hpp:172] Connection 0xe641ec opened
bmcweb[219]: [DEBUG vm_websocket.hpp:85] inputBuffer empty. Bailing out
bmcweb[219]: [DEBUG vm_websocket.hpp:94] Wrote 18bytes
bmcweb[219]: [DEBUG vm_websocket.hpp:85] inputBuffer empty. Bailing out
bmcweb[219]: [DEBUG vm_websocket.hpp:125] Read done. Read 26 bytes
```
Change-Id: Ic5dc3d0c32517add158d5354b712c166bc6bf204
Signed-off-by: Troy Lee <troy_lee@aspeedtech.com>
Signed-off-by: Vince Chang <vince.chang@vertiv.com>
|
|
This code as it stands pulls in the full datetime library from boost,
including io, and a bunch of timezone code. The bmc doesn't make use of
any of this, so we can rely on a much simplified version.
Unfortunately for us, gcc still doesn't implement the c++20
std::chrono::parse[1]. There is a reference library available from [2]
that backports the parse function to compilers that don't yet support
it, and is the basis for the libc++ version. This commit opts to copy
in the header as-written, under the assumption that we will never need
to pull in new versions of this library, and will move to the std
ersion as soon as it's available in the next gcc version.
This commit simplifies things down to improve compile times and binary
size. It saves ~22KB of compressed binary size, or about 3%.
Tested: Unit tests pass. Pretty good coverage.
[1] https://en.cppreference.com/w/cpp/chrono/parse
[2] https://github.com/HowardHinnant/date/blob/master/include/date/date.h
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I706b91cc3d9df3f32068125bc47ff0c374eb8d87
|
|
9c5e585c3faa73941cedcc70cdff680f403c17bc flipped around two parameters
as part of a bug fix. This fixes #263.
Tested: Inspection only.
Change-Id: I2c8dea2e947fd34784475c0eb0144baa3b68dcb5
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Post:
```
/redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate
```
The "@odata.id" field in the response will appear garbled. This is
caused by boost::urls::url_view outlives its original char sequence.
Fix this issue.
Tested:
```
1.Get token
2.curl -k -H "X-Auth-Token: $token" -X POST https://${bmc}/redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate -d '{"CertificateUri": {"@odata.id":"/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1"}, "CertificateString":"...", "CertificateType": "PEM"}'
{
"@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1",
...
}
```
Change-Id: I6b16cbfaf22f835488a54097c83cee8a1b9e9f6a
Signed-off-by: Xinnan Xie <xiexinnan@bytedance.com>
|
|
Mounting in legacy mode doesn't provide "TransferProtocolType" in json,
the protocol is specified in the uri instead which means
paramTransferProtocolType was empty and always failing the new check
[1], that was added because of a clang-tidy warning (sounds like a
clang-tidy bug). Restored original behavior and added checking
paramTransferProtocolType explicitly.
[1]: https://github.com/openbmc/bmcweb/commit/e01d0c36af115ed46d54b5dbbacfe3ad92226bd3#diff-3d181e155cfa7f397eface92af17130f3db87773ce4219d9c7e24e00b76b94acR767
Change-Id: I9bbebad262356933a9482f73b78597c838777f65
Signed-off-by: Boleslaw Ogonczyk Makowski <boleslawx.ogonczyk-makowski@intel.com>
|
|
Even though the password failed, it's not great to return it in plain
text in the Redfish error response (which is also displayed in a toast
pop-up in webui-vue). This replaces the password text with null in the
Redfish response to protect the password content.
Tested:
Set a bad password for a new user and an existing user and confirmed
that the provided password text is no longer included in the error
response.
Change-Id: I1882667396006861c2211dbe27b554dd5a32c122
Signed-off-by: Jason M. Bills <jason.m.bills@intel.com>
|
|
In line with
https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#logging-levels.
When there is an InternalError, set the logging level to Error.
Added some additional traces to get the EC. Having the EC is really
helpful when debugging.
IBM has bmcweb-logging=error enabled.
Tested: None. Visual only.
Change-Id: I4ba2fb6be52696dc115c5f2ac54ec123926778af
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
In this commit the response code for the exceeding header size limit
during event subscription(post request to
/redfish/v1/EventService/Subscriptions) is changed to 400 (Bad
Request) instead of 405 (Method not allowed)
Tested:
If header size in post body is large(>8096), then response code is
returned as 400
Change-Id: Ie1301777c994dff64a49e625d7f4f7de72010610
Signed-off-by: Divya Jyoti <divya1.jyoti@intel.com>
|
|
Changing authority service references in code from 'ldap' to more
generic name, to comply with change in phosphor-certificate-manager.
Related change:
https://gerrit.openbmc.org/c/openbmc/phosphor-certificate-manager/+/65458
Tested:
Adding, reading and removal of CA Certificate works without any
noticeable regression.
Change-Id: Ia3e7a13bf7093bb7a9964769847d769475ed3e61
Signed-off-by: Michal Orzel <michalx.orzel@intel.com>
|
|
During code update, if another application (e.g. pldm[1]) logs an error
unrelated to code update, this triggers an error event notification
and causes the code update failure.
```
$ uri=$(curl -k https://${bmc}/redfish/v1/UpdateService | jq -r ' .HttpPushUri'); echo $uri
$ curl -k -H "Content-Type: application/octet-stream" -X POST -T ${image} https://${bmc}${uri}
{
"error": {
...
"code": "Base.1.13.0.InternalError",
"message": "The request failed due to an internal service error. The service is still operational."
}
}
```
This commit is to filter out those non-update-related error events
from concluding the code update as failure.
The valid update-related errors are defined in
- https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/yaml/xyz/openbmc_project/Software/Version.errors.yaml
- https://github.com/openbmc/phosphor-bmc-code-mgmt/blob/master/xyz/openbmc_project/Software/Image.errors.yaml
Tested:
1) Redfish validator passed
2) Error injection during Update.
- Start the code update and wait for completion of update (e.g. using journalctl -f)
```
$ uri=$(curl -k https://${bmc}/redfish/v1/UpdateService | jq -r ' .HttpPushUri'); echo $uri
$ curl -k -H "Content-Type: application/octet-stream" -X POST -T ${image} https://${bmc}${uri}
```
- As soon as the image is untarring, and issue busctl cmd to inject a non-update error
```
busctl call xyz.openbmc_project.Logging /xyz/openbmc_project/logging \
xyz.openbmc_project.Logging.Create Create ssa{ss} \
xyz.openbmc_project.Host.Error.Event \
xyz.openbmc_project.Logging.Entry.Level.Error 1 RAWPEL \
/tmp/FILE_NBMC_UNRECOVERABLE
```
[1] https://github.com/openbmc/pldm/blob/master/oem/ibm/libpldmresponder/file_io_type_pel.cpp#L268
Change-Id: Ice54c403efacffa6a388e182bd04d97c3e2b97fc
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
|
|
Phosphor-rest is no longer supported by the project, and phosphor-webui,
which required some of these workarounds has been archived a year ago.
There's no reason to keep this login type, given that it was
undocumented.
NOTE: Upon inspection, it looks like webui-vue used the same hack.
[1] https://github.com/openbmc/webui-vue/blob/43e3bd26133b06ed117a3a3f10b2bc09e2c2aafc/src/store/modules/Authentication/AuthenticanStore.js#L41
Tested:
Combined with https://gerrit.openbmc.org/c/openbmc/webui-vue/+/65811
Webui Login succceeds.
Change-Id: Ie42380029e799e44b3a7404d4ec6d285b371402b
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Kvm_websocket captures the this pointer in the handler lambda of the
socket. When the callback is called, if the object has been destructed,
there will be a crash problem. This is fixed by using weak_from_this in
the callback, if the object was destructed, the callback just returns
without doing anything.
Tested:
1. Open two kvm sessions in WebUI, and keep refreshing in one of the
pages, there is a small chance of coredump happening.
Debug infomation shows:
```
bmcweb[5331]: DEBUG: doRead. conn:0x28d19a0. this: 0x284d470
bmcweb[5331]: DEBUG: doRead. conn:0x28d19a0. this: 0x284d470
bmcweb[5331]: DEBUG: doRead. conn:0x28d19a0. this: 0x284d470
bmcweb[5331]: DEBUG: doRead. conn:0x28d19a0. this: 0x284d470
bmcweb[5331]: DEBUG: doRead. conn:0x28d19a0. this: 0x284d470
bmcweb[5331]: DEBUG: onclose. conn:0x28d19a0
bmcweb[5331]: DEBUG: doRead. conn:0x2876648. this: 0x284d470
systemd[1]: bmeweb.service: Main process exited, code=dumped, status=11/SEGV
systemd[1]: bmcweb.service: Failed with result 'core-dump
systemd[1]: Started Start bmweb server.
```
2. After this fix no coredump occurred.
Change-Id: I7bba9b67c470def90ddb1e471a0ac95edd6165e5
Signed-off-by: Xinnan Xie <xiexinnan@bytedance.com>
|
|
ssl_handshake fails while establishing connection to IPv6 destination
address, as IPv6 addresses considered as invalid value for SNI hostname
due to special characters.
SNI allows valid HostName which allows characters are only {alphabetic
characters (A-Z), numeric characters (0-9), the minus sign
This commit adds check to avoid setting SNI hostname if its an IP
address
Tested By: Verified redfish events 1. Subscribing Destination with IPv6
address. 2. Subscribing Destination with IPv4 address.
Change-Id: I32d30292bbc29c753f1c1815c66fcc93e8074eaa
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
|
|
It won't show anything when do the POST
/redfish/v1/Systems/<str>/LogServices/PostCodes/Actions/LogService.ClearLog
Give a response which same as
/redfish/v1/Systems/<str>/LogServices/EventLog/Actions/LogService.ClearLog
Tested:
curl -k -X POST http://${bmc}/redfish/v1/Systems/system/LogServices/PostCodes/Actions/LogService.ClearLog
{
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The request completed successfully.",
"MessageArgs": [],
"MessageId": "Base.1.13.0.Success",
"MessageSeverity": "OK",
"Resolution": "None"
}
]
}
Change-Id: I35f41a82bba750397bd8d9af657036d4f03a61c8
Signed-off-by: Tony Lee <tony.lee@quantatw.com>
|
|
Change-Id: I9a851076eccee9d79ad7bb036e58b717e06ad5d1
Signed-off-by: Michael Shen <gpgpgp@google.com>
|
|
Type safety is a good thing. In:
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/65606
It was found that splitting out the URI into encoded pieces in the early
phase removed some information we needed, namely whether or not a URI
was ipv6. This commit changes http client such that it passes all the
information through, with the correct type, rather than passing in
hostname, port, path, and ssl separately.
Opportunistically, because a number of log lines are changing, this uses
the opportunity to remove a number of calls to std::to_string, and rely
on std::format instead.
Now that we no longer use custom URI splitting code, the
ValidateAndSplitUrl() method can be removed, given that our validation
now happens in the URI class.
Tested: Aggregation works properly when satellite URIs are queried.
Change-Id: I9f605863179af54c5af2719bc5ce9d29cbfffab7
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
C++20 brought us std::ranges for a lot of algorithms. Most of these
conversions were done using comby, similar to:
```
comby -verbose 'std::lower_bound(:[a].begin(),:[b].end(),:[c])' 'std::ranges::lower_bound(:[a], :[c])' $(git ls-files | grep "\.[hc]\(pp\)\?$") -in-place
```
Change-Id: I0c99c04e9368312555c08147d474ca93a5959e8d
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
The user's groups were getting re-appended in the session object on
every request, resulting in a small memory leak (that does clear away
when the session is ended). Fix by just overwriting instead of
appending.
Tested: Added debug prints in ~UserSession to check contents of
userGroups, then ran multiple GETs to /redfish/v1 via token auth, then
destroyed session via WebUI and confirmed userGroups contained correct
set of groups.
Change-Id: I7c04a18437f69a97f138ff1f9aeee2731952ae8b
Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
|
|
Change introduced in [1] has exposed significant problem in mTLS
verification process, during which an attempt to an uninitialized object
was made. This change removes that attempt and replaces it with resource
that is available at this specific moment of connection lifetime.
Tested:
1. Created and uploaded a set of certificates by following instructions
from TLS Configuration guide [2].
2. Attempted to access /redfish/v1/SessionService/Sessions endpoint
using mTLS authentication method.
With this fix connection has been successful.
[1] https://github.com/openbmc/bmcweb/commit/e01d0c36af115ed46d54b5dbbacfe3ad92226bd3
[2] https://github.com/openbmc/docs/blob/master/security/TLS-configuration.md
Change-Id: I434dbf27169d7ea0207dfd139868d5bf398d24b0
Signed-off-by: Michal Orzel <michalx.orzel@intel.com>
|
|
cout is usually buffered, so make sure that every log message gets
individually flushed. This is especially important when relying on the
systemd journal for timestamping of messages.
Change-Id: I28f6f46978c2fad7855f819b04df964ab3c51351
Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
|
|
The scope of this code refactor is to limit the function of
monitorForSoftwareAvailable() for the coming future code modifications
in the area.
Tested:
- Compiles successfully.
- Code update works as before (for success and failure cases)
Change-Id: I90fd41caa6b88c97c2a0c47fcf4553d48905b886
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
|
|
This "Unauthorized" message has been a constant source of confusion for
users that forget to install a UI. This commit updates the message to
be more clear, and present users with some hints that they have
forgotten to install a webui if they expected the auth to succeed.
Tested: String change only. Code compiles.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic68e4622082caf5e32e496ec56f0c8b409b91990
|
|
This adds a missing comma in the Permissions-Policy response header value.
Tested: no; I didn't even try to compile it.
Change-Id: I4f08b54a5e5af040e10a95d913ef8b457f5bd457
Signed-off-by: Joseph Reynolds <joseph-reynolds@charter.net>
|
|
Use boost::urls::format. Boost::urls::format allows escaping URLs
properly, and has been deployed in most places. This now includes
users in that set.
Tested: Inspection only.
Change-Id: Ib16c8fceb7c58f4074f65df7634ac91af0633e2b
Signed-off-by: Willy Tu <wltu@google.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Yaml gives more configurability, and the ability to better enforce our
template, hopefully helping get more defined bug reports.
Tested:
This commit is hosted here:
https://github.com/edtanous/bmcweb/issues/new/choose
To give a better idea of how the template works.
Change-Id: I3a76b2762cf1a285eca75b67878b5a6ab2c2011a
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
FanRemoved MessageArgs was mistakenly changed from 1 to 0. This changes
it back to 1 to fix getting Internal Server Error on events.
Tested:
Confirmed that FanRemoved events can be retrieved without getting a 500
error code.
Change-Id: I9a2a55a5ee3d2bea073d7d55ed9fe53dc2aaee9d
Signed-off-by: Jason M. Bills <jason.m.bills@intel.com>
|
|
There are instances of ERROR logs that would work better as WARNING or
DEBUG since they do not actually result in bailing early and returning
an error response.
Signed-off-by: Carson Labrado <clabrado@google.com>
Change-Id: I1e7bca0bb38487b26a4642ab72ce475170bb53c6
|
|
While this is more of a question of style, we have enough problems with
our lambda usage that it is worth having some documentation we can point
people to in review.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I2a3f819693dfd6a9a46f92037574c5d28c3121e5
|
|
As the value of the PowerInputWatts and PowerOutputWatts
are getting exchanged,so I added negation in the logic.This
will correct the values.
Tested:
I have tested it and now the values are coming correct.
Change-Id: I67bf6c5050ceb05c13419b370105d80f913b0c17
Signed-off-by: Anjaliintel-21 <anjali.ray@intel.com>
|
