| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
There were a few places we weren't initting our variables per cpp core
guidelines. Fix all of them, and enable checks for this.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iba09924beb9fb26f597ff94d1cecbd6d6b1af912
|
|
Quite a few places we've disobeyed this rule, so simply ignore them for
now to avoid new issues popping up.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I3e518a8e8742279afb3ad1a9dad54006ed109fb1
|
|
We seem to use reinterpret cast in a few cases unfortunately. For the
moment, simply ignore most of them, and make it so we don't get more.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic860cf922576b18cdc8d51d6132f5a9cbcc1d9dc
|
|
Part of enforcing cpp core guidelines involves explicitly including all
constructors required on a non-trivial class. We were missing quite a
few. In all cases, the copy/move/and operator= methods are simply
deleted.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ie8d6e8bf2bc311fa21a9ae48b0d61ee5c1940999
|
|
clang-tidy added cppcoreguidelines-init-variables as a check, which is
something we already enforce to some extent, but getting CI to enforce
it will help reviews move faster.
Tested: Code compiles. Noop changes.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I7e10950de617b1d3262265572b1703f2e60b69d0
|
|
clang-13 brought some additional checks we can turn on that we already
pass, so enable them. List of checks can be found in the diff, and
includes the suspicious includes check, which we previously had to
disable due to a clang bug.
Tested: Code compiles, clang-tidy passes
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I1a4d1da0a8e775cdeb6b898bc1cdb0f3f7b6f06a
|
|
Most of the errors we hit are simply places we need to explicitly
increase the width of the integer. Luckily, these are few and far
between.
Tested: Code compiles, unit tests pass.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I617d87f3970ae773e0767bb2f20118fca2e71daa
|
|
clang-13 includes new checks, and finds some issues. The first is that
the boost::vector constructor can possibly throw, so replace the
underlying flat_map container with std::vector instead.
The others are places where we could possibly throw in destructors,
which would be bad. Ideally we wouldn't use the destructor pattern, but
that would be non-trivial to clean up at this point, so just catch the
exception, and log it. At the same time, catch exceptions thrown to
main and log them.
Tested: Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I77b86eaa2fc79e43d1ca044c78ca3b0ce0a7c38c
|
|
Clang-13 adds new checks we can turn on, which find quite a few errors.
Tested: Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I74b780760014c898cc440b37aea640b33e91c439
|
|
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/49840 was recently
checked in that made some changes here, and had issues that weren't
caught on my system because of how my sensor setup is setup. This
commit changes to only make a single copy, then filter the copy inplace,
rather than make a copy, filter, then do the move.
Tested: Ran redfish service validator in a similar setup to Romulus, and
saw that it passed with the same failures as previously.
Unit tested:
curl --insecure -u root:0penBmc "https://192.168.7.2:443/redfish/v1/TaskService"
now succeeds
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I5b59b7074e0a7aad4e95c5ddb625ff24170f3981
|
|
Telemetry service is using timestamp with milliseconds accuracy. Bmcweb
code assumed that timestamp is in seconds which produced a bad result.
This patchset updates the APIs, and adds a getDateTimeUintMs method,
which can be used to convert a millisecond timestamp into a string. In
the future, this can be used to get more precision out of the API.
Reference: '9.4.3. Date-Time values'
https://www.dmtf.org/sites/default/files/standards/documents/DSP0266_1.8.0.pdf
Tested:
- Telemetry service timestamp show correct timestamp with milliseconds
precission. Example: 2022-01-11T13:06:58.648000+00:00
- Other timestamps in bmcweb did not change
- All unit tests are passing
Reference: Properties.Readings
https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/yaml/xyz/openbmc_project/Telemetry/Report.interface.yaml
Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I5b40ef6889b5af8c045ec0d35a758967e53dbed2
|
|
For all async calls, we should be consistently capturing non trivial
objects by const reference. This corrects bmcweb to be consistent and
capture errors by const value, and objects by const reference.
Tested: Code compiles. Trivial changes.
This saves about 300 bytes on our compressed binary size.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ib3e0b6edef9803a1c480701556949488406305d4
|
|
Some subsystems seem to have invented their own typedefs for this stuff,
move to using the one typedef in dbus::utility so we're consistent, and
we reduce our templates.
Tested: code compiles
This saves a negligible amount (104 bytes compressed) on our binary
size.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I952ea1f960aa703808d0ac80f35dc24cdd8d5027
|
|
All bmcweb code is now converted to use
DbusVariantType to reduce the image size.
Its missed in one place where the code is under compiler
flag BMCWEB_ENABLE_REDFISH_PROVISIONING_FEATURE. This commit
convert missed types to DbusVariantType.
Tested:
After conversion, image builds fine with compiler
flag enabled. Also tested the PFR provisioned
dbus calls and it works fine.
Change-Id: Idcef956a18a6f822c44399ef867e26551dd8124f
Signed-off-by: AppaRao Puli <apparao.puli@intel.com>
|
|
Testing:
- The privilege_registry.hpp was generated successfully after running
the parse_registries script
- bmcweb was built with newly generated privilege registry file
Signed-off-by: Shantappa Teekappanavar <sbteeks@yahoo.com>
Change-Id: I84b5f3eccbbb2c4f12b326b99fb41192b12d245a
|
|
This logic has grown enough to deserve its own function.
Tested:
- Validated BootProgress returned as expected via Redfish API
- Redfish validator passed
Change-Id: I798841a79b40b0fb60fdd21b95430958e20c2a03
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
|
|
The following phosphor-dbus-interfaces commit introduced a new
BootProgress value:
https://github.com/openbmc/phosphor-dbus-interfaces/commit/d01d1f84191894ad605a9ba5b546280bcfc64f7d
Add support for this to the Redfish API provided by bmcweb.
Tested:
- Manually set BootProgress D-Bus property to SystemSetup and verify
busctl set-property xyz.openbmc_project.State.Host
/xyz/openbmc_project/state/host0 xyz.openbmc_project.State.Boot.Progress
BootProgress s
xyz.openbmc_project.State.Boot.Progress.ProgressStages.SystemSetup
curl -k -H "X-Auth-Token: $token" -X GET https://${bmc}/redfish/v1/Systems/system
"BootProgress": {
"LastState": "SetupEntered"
},
- Verified validator passed when LastState was "SetupEntered"
Change-Id: Ie966766b88d2923bc0d10d89370713c7b17df14b
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
|
|
Because the phosphor logging commit ef952af2 stop emitting the
propChanged signal before ifacesAdded signal raising, the
fwUpdateErrorMatcher cannot get any software error after image update.
Update fwUpdateErrorMatcher to get ifacesAdded dbus signal to handle
software error.
Tested:
Post bad manifest image and get "Invalid manifest" error response
Signed-off-by: Brian Ma <chma0@nuvoton.com>
Change-Id: I066e0cec0ddf7569dd73b2601f838c697bac24da
|
|
One minor shadowed variable that needed it's name changed, and a missing
inline statement.
Tested: Code now builds in clang-13
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I83b662a2818e1469dfeb29b818338346e40cb832
|
|
This got broke when moving to the Automate PrivilegeRegistry and was
correct before.
https://github.com/openbmc/bmcweb/commit/f5ffd8062e556cb3bdf5f441dd393e784b771e85
https://github.com/openbmc/bmcweb/blame/2c37b4b0f465344aeea311efd61fd9a217ad8e3e/redfish-core/lib/account_service.hpp#L569
This is moving AccountService patch privilege from Login to
ConfigureUsers, moving to what it was before.
Without this change a ReadOnly user could set the AccountUnlockTimeout
and patch LDAP.
Tested: None. WIP.
Change-Id: I7fe3727e0909fe5c94b655bbb3bbc7ce7b3c842a
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/48719 added
support for the Chassis SparePartNumber. SparePartNumber was added to
the Chassis schema in v1_16_0 so need to bump the Chassis schema.
Bumped to v1_16_0 instead of the latest (v1_18_0) due to old guidance
from Redfish "only bump the schema if you need to". I.e. only bump if
using some property, etc in the schema. bmcweb has followed this.
The validator flags this as:
ERROR - SparePartNumber not defined in schema Chassis.v1_14_0 (check
version, spelling and casing)
From https://redfish.dmtf.org/schemas/v1/Chassis.v1_18_0.json:
"SparePartNumber": {
"description": "The spare part number of the chassis.",
...
"versionAdded": "v1_16_0"
},
Tested: None yet. WIP.
Change-Id: I31d0bd388c4d9c787276de7b1be3fc95586e8bd2
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
CI is failing on master due to clang-tidy failing for:
error: invalid case style for variable 'pkey_ctx'
[readability-identifier-naming,-warnings-as-errors]
EVP_PKEY_CTX* pkey_ctx =
^~~~~~~~
pkeyCtx
Change variable name to make clang-tidy happy.
This was introduced in 145bb764.
Tested: None. CI passing will validate clang-tidy passing.
Change-Id: Iedd8a40a871940066743ff8698dad53bfb0407c0
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
The variable niciPentry is really hard to understand at first glance,
rename it to nicIpEntry.
Tested:
Build pass.
Change-Id: Ie11efbb25e45c40435216fa10c094a0f190d0fe8
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@intel.com>
|
|
The code was using `req && req->session` to check if the session is
logged in. It is not working anymore and should use `userSession` to
check as other places.
This impacts the timeout value on uploading the tarball, where a logged
in user should have a connection timeout value of 60, but actually it is
15, and thus the upload will fail if it takes more than 15 seconds.
Tested: Without the change, it fails to upload a tarball with 64M and
times out at 15 seconds.
With the fix, the upload is successful.
Signed-off-by: Lei YU <yulei.sh@bytedance.com>
Change-Id: I5e7c9e5d1f4c48ec604afb574ceda9ecc3f1cbc3
|
|
It simplifies a lot of code and after changing sdbusplus implementation
slightly reduces binary size if used together with:
https://gerrit.openbmc-project.xyz/c/openbmc/sdbusplus/+/49467
* Uncompressed size: 3033148 -> 3012164, -20984 B
* gzip compressed size: 1220586 -> 1214625, -5961 B
Tested:
- Redfish validator output is the same before and after the change
Change-Id: Ibe3227d3f4230de2363ba3d9396e51130c8240a5
Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>
|
|
This saves approximately 34kB in the compressed binary size of bmcweb
due to reduced template instantiations. This amounts to a 2.5%
reduction in the overall size.
Note, there were a few places where we broke const-correctness in the
form of pulling a non-const reference out of a const variant. This
new variant now requires const correctness, so some consts are
added where required.
Tested: Code compiles.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I6a60c8881c1268627eedb4ffddf16689dc5f6ed2
|
|
Any string used to form a Dbus object path needs to be encoded.
This commit enables encoding the User Name before it is used as
Object path and decodes the object path to get the user readable
text.
The encoding is essemtial while getting details of a user,
deleting user and modifying properties of user as we need
the object path for these actions.
Decoding and getting the User name using object_path.filename()
is essential to display the user name in human readable format.
Tested:
- Successfully created new user using POST to
/redfish/v1/AccountService/Accounts
with body
{
"UserName": "_test_6566",
"Password": "openbmc123",
"RoleId": "NoAccess",
"Enabled": true
}
and it created a Dbus Object:
/xyz/openbmc_project/user/_5ftest_5f6566
- GET on
displayed all user names in correct human redable
format.
Example: The user name for
/xyz/openbmc_project/user/_5ftest_5f6566
was displayed as "_test_6566"
- Successfully fetched user Detais by GET to
/redfish/v1/AccountService/Accounts/<UserName>
- Successfully modified user details by PATCH to
/redfish/v1/AccountService/Accounts/<UserName>
Example body:
{
Enabled: false
}
- Successfully removed user by DELETE to
/redfish/v1/AccountService/Accounts/<UserName>
removed the user with given name
Example: Deleting _test_6566 actually removed
/xyz/openbmc_project/user/_5ftest_5f6566 object
path successfully.
Signed-off-by: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com>
Change-Id: I6e7559f7543ee504e2f8c137911f42887eb4cf16
|
|
Ideally, we'd use the DbusVariantType for all variant uses within bmcweb
to help with binary size. This commit adds all of the missing types to
DbusVariantType in the pursuit of this goal
Adding these new types made the struct pretty unwieldy, so as part of
that port, it disables clang-format and puts each item on its own line
to help with readability. At some point in the future, this list could
be alphabetized, but the ordering has the potential to change the
function of this, so it's avoided for the moment.
As an unrelated note, it turns out that the dbus-rest API never knew how
to serialize file descriptors. Using a FD off the system doesn't make
much sense, but now that we have a common variant type, we're required
to provide serialization specializations, so for the moment this code
just converts it to an int.
Tested: Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ice1953a163c761024f969acf1aa2654a8a7e9661
|
|
Where possible, we should avoid doing async_method_calls that capture by
mutable value.
Tested: Ran redfish/v1 and webui. Both appear to function.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I3065a230568ac13f63ce030b6f19eabba1ece5fe
|
|
This commit publishes PCIe device property "PcieType" which
defined in the Redfish PCIeDevice schema.
New property:
PCIeType : The PCIe interface generation in use by the device.
Dbus interfaces dependency PR:
https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-dbus-interfaces/+/46437
Peci-pcie dependency PR:
https://gerrit.openbmc-project.xyz/c/openbmc/peci-pcie/+/46438
Sample output:
/redfish/v1/Systems/systemPCIeDevices/S0B1D0/
{
"@odata.id": "/redfish/v1/Systems/system/PCIeDevices/S0B1D0",
"@odata.type": "#PCIeDevice.v1_4_0.PCIeDevice",
"DeviceType": "SingleFunction",
"Id": "S0B1D0",
"Manufacturer": "PLDA",
"Name": "PCIe Device",
"PCIeFunctions": {
"@odata.id": "/redfish/v1/Systems/system/PCIeDevices/S0B1D0/PCIeFunctions"
},
"PCIeInterface": {
"PcieType": "Gen2"
}
}
Signed-off-by: Spencer Ku <Spencer.Ku@quantatw.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I550a9ca8a266cf1d2e1bff5b6a03656a3f1f0281
|
|
If we update image via POST /redfish/v1/UpdateService.
Because there is no need to establish session in insecure-disable-auth,
This restricts unauthenticated users upload sizes cause POST image fail.
(image always greater than limit).
According to https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/30994
it should not be checked this when disable-auth condition is enabled.
Test:
curl -k -X POST -T <image_path>
"https://<bmcip>/redfish/v1/UpdateService"
Return
{
"@odata.id": "/redfish/v1/TaskService/Tasks/1",
"@odata.type": "#Task.v1_4_3.Task",
"Id": "1",
"TaskState": "Running",
"TaskStatus": "OK"
}
Signed-off-by: JunLin Chen <Jun-Lin.Chen@quantatw.com>
Change-Id: Iecb1cdc0213958e7d6191801043010b0ae10433d
|
|
This commit adds two core features to bmcweb:
1. A multipart mime parser that can read multipart form requests into
bmcweb. This is implemented as a generic parser that identifies the
content-type strings and parses them into structures.
2. A /login route that can be logged into with a multipart form. This
is to allow changing the login screen to a purely forms based
implementation, thus removing the very large whitelist we currently have
to maintain, and removing javascript from our threat envelope.
More testing is still needed, as this is a parser that exists outside of
the secured areas, but in this simple example, it seems to work well.
Tested: curl -vvvvv --insecure -X POST -F 'username=root' -F
'password=0penBmc' https://<bmc ip address>:18080/login
Returned; { "data": "User 'root' logged in", "message": "200 OK",
"status": "ok" }
Change-Id: Icc3f4c082d584170b65b9e82f7876926cd38035d
Signed-off-by: Ed Tanous<ed@tanous.net>
Signed-off-by: George Liu <liuxiwei@inspur.com>
|
|
REST D-Bus, while providing useful functionality, also allows
authenticated users access to privileged information that may be above
their permission level. This change sets the default to disabled. Users
if they wish can turn it back on in their own layers.
A lot of functionality previously provided by REST D-Bus is now
available on Redfish with more coming all the time.
Note: phosphor-webui uses the REST D-Bus so a user of that will have to
enable this in their layer. webui-vue, the replacement for
phosphor-webui, uses Redfish. See here [1].
Resolves openbmc/bmcweb/issues/114
[1] https://github.com/openbmc/webui-vue
Tested: Rest D-Bus was disabled
Change-Id: I35682b113287b3be4e19b033d0296790b204d8e0
Signed-off-by: James Feist <james.feist@linux.intel.com>
Signed-off-by: Ali Ahmed <ama213000@gmail.com>
|
|
Added DELETE method on /redfish/v1/TelemetryService/Triggers/<trigger>
uri. Dbus Delete interface on trigger object is used as a backend.
Tested:
- Trigger was removed successfully by making DELETE call on
redfish/v1/TelemetryService/Triggers/TestTrigger
Signed-off-by: Szymon Dompke <szymon.dompke@intel.com>
Change-Id: Ia830920dac6a539da5b289428374cb96d6492183
|
|
As much as I dislike removing tests, this one has been broken for a
very... very long time, and as written can't really pass given that we
no longer include the webui in the bmcweb repo.
Tested: no-op.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: If486fc45547203339b3e39ffbb28c2926c1247a2
|
|
Added GET method for retrieving details of individual Trigger searched
by given Trigger name, details are extracted from Telemetry service
Tested:
- Added single Trigger and requested result from bmcweb via
/redfish/v1/TelemetryService/Triggers/<triggername>
- Added multiple Triggers numeric and discrete with various parameters
(empty, non-empty), and requested results from bmcweb via
/redfish/v1/TelemetryService/Triggers/<triggername>
- Verified uris /redfish/v1/TelemetryService/Triggers/<triggername> by
using Redfish-Service-Validator (all passed)
Signed-off-by: Lukasz Kazmierczak <lukasz.kazmierczak@intel.com>
Change-Id: I1c966b2f792324cc6f6a8784ad18a683e5ce7bd9
|
|
Added GET method for retrieving list of Triggers from Telemetry service
Tested:
- Added single Trigger and requested result from bmcweb via
/redfish/v1/TelemetryService/Triggers
- Added multiple Triggers numeric and discrete, and requested results
from bmcweb via /redfish/v1/TelemetryService/Triggers
- Verified uri /redfish/v1/TelemetryService/Triggers by using
Redfish-Service-Validator with no Triggers/empty Collection (passed)
Signed-off-by: Lukasz Kazmierczak <lukasz.kazmierczak@intel.com>
Change-Id: Ide00eb44901ea1b97b80fc5c5ddfd97e393d4a04
|
|
Except for the first 7 lines, which are unchanged, all content is
directly copied from the output of this URL:
https://www.toptal.com/developers/gitignore/api/osx,linux,meson,windows,pycharm,eclipse,intellij,visualstudio,visualstudiocode,clion
This also updates to the latest version of the generated code we use,
so it includes more than just the CLion data.
This is expected and fine.
Tested: Code builds.
Signed-off-by: Josh Lehan <krellan@google.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Idb636c8da5714abba4dfa535b6c4126aca7c5af3
|
|
Tested: Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Idd1426bf5455f66ec873ebdebe96eb06e1df1fc0
|
|
Using int64_t instead of int, to permit 64-bit indices.
This is to support ExternalStorer, a new project I am working on,
which uses a 64-bit sequence number for long-term robustness.
Change-Id: I00121933067030fd722f6b02c2d2dbd1854dff1c
Signed-off-by: Josh Lehan <krellan@google.com>
|
|
Now that we rely on normal steady_timer, bmcweb doesn't limit http
connections. This commit moves the connectionCount variable out of the
debug ifdefs, and into the "normal" build. Then additionally, add a
check to ensure that less than 100 connections are started at a time.
This count is intended to match the code in timer_queue.hpp that limited
this to 100 timers at a given time.
Tested:
/redfish/v1 returns properly.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I93ceaf8319d09d911b36cb7b21bba0cf64a9f7b8
|
|
doAccept does essentially the same code in two ways.
boost::beast::lowest_layer is used elsewhere to deduplicate this code.
Use it here as well.
Tested:
curl -vvvv --insecure -u root:0penBmc "https://192.168.7.2:443/redfish/v1"
succeeds.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Idfb0cd8f62ffbc09d6e248c677c24ea1abcb7a5b
|
|
The original crow timeout system had a timer queue setup for handling
many thousands of connections at a time efficiently. The most common
use cases for the bmc involve a handful of connections, so this code
doesn't help us much.
These days, boost asio also implements a very similar timer queue
https://www.boost.org/doc/libs/1_72_0/boost/asio/detail/timer_queue.hpp
internally, so the only thing we're loosing here is the "fuzzy"
coalescing of timeout actions, for which it's tough to say if anyone
will even notice.
This commit implements a timer system that's self contained within each
connection, using steady_timer. This is much more "normal" and how most
of the beast examples implement timers.
Tested:
Minimal touch testing to ensure that things work, but more testing is
required, probably using sloworis to ensure that our timeouts are no
longer issues.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I19156411ce46adff6c88ad97ee8f6af8c858fe3c
|
|
I missed that getDateTimeOffsetNow is extracting the last 5 chars
for DateTimeOffset. So this patch changes the offset to the original
"+00:00" one.
Tested:
1. unit tests
2. Redfish Validator Tests: no errors found on DateTime or
DateTimeLocalOffset.
```
DateTime 1970-01-01T00:13:27+00:00 date Yes PASS
DateTimeLocalOffset +00:00 string Yes PASS
```
All other errors are not related.
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
Change-Id: I24977c476f18c88515d759e278ec56e5cbb73b3a
|
|
Loading and checking of keys is one area where OpenSSL 1.0 and 3.0 are
not compatible. Many of the functions currently used in the
ssl_key_handler are deprecated in 3.0, but the APIs necessary for
conversion also do not exist in 1.0. Until OpenSSL 3.0 is widely used
in Linux distributions we therefore need to support both APIs.
Add a #define on the OPENSSL_VERSION_NUMBER to identify 3.x (or greater)
support and switch between the two API sets.
Tested: Added to a Yocto test build for the subtree update that
includes OpenSSL 3.x and confirmed Romulus QEMU test is successful.
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I22bc77753bb32d1b92932f9918d64856a4e52af8
|
|
The APIs for generating an EC key for have changed between OpenSSL 1.x
and OpenSSL 3.x. Create a separate implementation for OpenSSL 3.x.
Tested: Copied code from phosphor-certificate-manager, which was
tested using unit tests, and confirmed it builds and runs when compiled
with the OpenSSL 3.x library.
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I6df0fb5429e0812763dad4a208bb914fb285fd78
|
|
Issue: If system is not in manufacturing mode, RedFish response is
success but sensor value is not updated
Fix: If the system is not in manufacturing mode, return proper error as
actionNotSupported.
Tested:
1. Redfish validator - passed for this new change
2. Verified RedFish response when system in not manufacturing mode.
Patch: https://<BMC-IP>/redfish/v1/Chassis/<Baseboard>/Thermal
Body:
{
"Temperatures": [
{
"MemberId": "BMC_Temp",
"ReadingCelsius": 34.313
}]
}
Response:
{
"@odata.id": "/redfish/v1/Chassis/<Baseboard>/Thermal",
"@odata.type": "#Thermal.v1_4_0.Thermal",
"Fans": [],
"Id": "Thermal",
"Name": "Thermal",
"Temperatures": [],
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "There are insufficient privileges for the
account or credentials associated with the current
session to perform the requested operation.",
"MessageArgs": [],
"MessageId": "Base.1.8.1.InsufficientPrivilege",
"MessageSeverity": "Critical",
"Resolution": "Either abandon the operation or change the
associated access rights and resubmit the request if the
operation failed."
}
],
"code": "Base.1.8.1.InsufficientPrivilege",
"message": "There are insufficient privileges for the account or
credentials associated with the current session to perform the
requested operation."
}
}
Signed-off-by: Jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Change-Id: I3c6bfc9d37e1e8648ad0ff713929ad3fd06f437b
|
|
pycodestyle was throwing errors in CI. Run 'black' to reformat the
script.
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I5138493c1e0641f0e927d0cc463ff6023f54454a
|
|
Spare part number field is missing from Chassis URI via Redfish
This commit added that.
Test:
curl -k -H "X-Auth-Token: $bmc_token" -X GET https://${bmc}:${port}/redfish/v1/Chassis/chassis
{
"@odata.id": "/redfish/v1/Chassis/chassis",
"@odata.type": "#Chassis.v1_14_0.Chassis",
"Actions": {
"#Chassis.Reset": {
"@Redfish.ActionInfo": "/redfish/v1/Chassis/chassis/ResetActionInfo",
"target": "/redfish/v1/Chassis/chassis/Actions/Chassis.Reset"
}
},
"ChassisType": "RackMount",
"Id": "chassis",
...
"Location": {
"PartLocation": {
"ServiceLabel": "U78DA.ND0.WZS0066"
}
},
"Manufacturer": "",
"Model": "2E2D",
"Name": "chassis",
...
"PartNumber": "03KP024",
...
"PowerState": "Off",
...
"SerialNumber": "YF32UF18C00A",
"SparePartNumber": "02WG677", <-------------------SparePartNumber
"Status": {
"Health": "OK",
"HealthRollup": "OK",
"State": "StandbyOffline"
},
Signed-off-by: Alpana Kumari <alpankum@in.ibm.com>
Change-Id: Ia29c8d76b3c110f150cd7dbaf7937a0bc9922b98
|
|
The existing codes cast uint64_t into time_t which is int32_t in
most 32-bit systems. It results overflow if the timestamp is larger
than INT_MAX.
time_t will be 64 bits in future releases of glibc. See
https://sourceware.org/bugzilla/show_bug.cgi?id=28182.
This change workarounds the year 2038 problem via boost's ptime.
std::chrono doesn't help since it is still 32 bits.
Tested on QEMU.
Example output for certificate:
{
"Name": "HTTPS Certificate",
"Subject": null,
"ValidNotAfter": "2106-01-28T20:40:31Z",
"ValidNotBefore": "2106-02-06T18:28:16Z"
}
Previously, the format is like "1969-12-31T12:00:00+00:00". Note
that the ending "+00:00" is the time zone, not ms.
Tested the schema on QEMU. No new Redfish Service Validator errors.
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I8ef0bee3d724184d96253c23f3919447828d3f82
|
