Age | Commit message (Collapse) | Author | Files | Lines |
|
After upgrading jsnbd to meson.build, the nbd-proxy path will change from
/usr/sbin to /usr/bin.
- https://gerrit.openbmc.org/c/openbmc/jsnbd/+/65434
- https://gerrit.openbmc.org/c/openbmc/openbmc/+/65466
Error message:
```
bmcweb[220]: [DEBUG http_connection.hpp:561] 0x235bad0 Clearing response
bmcweb[220]: [DEBUG http_response.hpp:181] 0x235dd90 Clearing response
containers
bmcweb[220]: [DEBUG http_connection.hpp:403] 0x235bad0 doReadHeaders
bmcweb[220]: [DEBUG http_connection.hpp:71] 0x22c20c8 Connection open,
total 8
bmcweb[220]: [DEBUG http_connection.hpp:625] 0x23dc940 timer started
[FAILED] Failed to start Wait for Network to be Configured.
See 'systemctl status systemd-networkd-wait-online.service' for details.
[ OK ] Reached target Network is Online.
Starting System Logging Service...
[ OK ] Started System Logging Service.
systemd-journald[160]: Received SIGTERM from PID 220 (bmcweb).
systemd[1]: avahi-daemon.service: Deactivated successfully.
systemd[1]: bmcweb.service: Main process exited, code=exited,
status=255/EXCEPTION
systemd[1]: bmcweb.service: Failed with result 'exit-code'.
systemd[1]: bmcweb.service: Consumed 1.940s CPU time.
systemd[1]: obmc-dump-monitor.service: Deactivated successfully.
systemd[1]: phosphor-certificate-manager@authority.service: Deactivated
successfully.
```
After this fix:
```
bmcweb[219]: [DEBUG http_connection.hpp:268] Setting completion handler
bmcweb[219]: [DEBUG http_response.hpp:238] 0xfb23e0 setting completion
handler
bmcweb[219]: [DEBUG http_response.hpp:238] 0xfb23e0 setting completion
handler
bmcweb[219]: [DEBUG routing.hpp:601] Matched rule (upgrade) '/vm/0/0' 1
/ 2
bmcweb[219]: [DEBUG dbus_privileges.hpp:51] userName = root userRole =
priv-admin
bmcweb[219]: [DEBUG websocketrule.hpp:50] Websocket handles upgrade
bmcweb[219]: [DEBUG websocket.hpp:78] Creating new connection 0xe641ec
bmcweb[219]: [DEBUG websocket.hpp:89] starting connection 0xe641ec
bmcweb[219]: [DEBUG http_response.hpp:223] 0xfb23e0 calling completion
handler
bmcweb[219]: [DEBUG http_response.hpp:226] 0xfb23e0 completion handler
was valid
bmcweb[219]: [DEBUG http_response.hpp:238] 0x108b008 setting completion
handler
bmcweb[219]: [DEBUG http_connection.hpp:81] 0x1088d48 Connection closed,
total 8
bmcweb[219]: [DEBUG websocket.hpp:226] Websocket accepted connection
bmcweb[219]: [DEBUG vm_websocket.hpp:172] Connection 0xe641ec opened
bmcweb[219]: [DEBUG vm_websocket.hpp:85] inputBuffer empty. Bailing out
bmcweb[219]: [DEBUG vm_websocket.hpp:94] Wrote 18bytes
bmcweb[219]: [DEBUG vm_websocket.hpp:85] inputBuffer empty. Bailing out
bmcweb[219]: [DEBUG vm_websocket.hpp:125] Read done. Read 26 bytes
```
Change-Id: Ic5dc3d0c32517add158d5354b712c166bc6bf204
Signed-off-by: Troy Lee <troy_lee@aspeedtech.com>
Signed-off-by: Vince Chang <vince.chang@vertiv.com>
|
|
This code as it stands pulls in the full datetime library from boost,
including io, and a bunch of timezone code. The bmc doesn't make use of
any of this, so we can rely on a much simplified version.
Unfortunately for us, gcc still doesn't implement the c++20
std::chrono::parse[1]. There is a reference library available from [2]
that backports the parse function to compilers that don't yet support
it, and is the basis for the libc++ version. This commit opts to copy
in the header as-written, under the assumption that we will never need
to pull in new versions of this library, and will move to the std
ersion as soon as it's available in the next gcc version.
This commit simplifies things down to improve compile times and binary
size. It saves ~22KB of compressed binary size, or about 3%.
Tested: Unit tests pass. Pretty good coverage.
[1] https://en.cppreference.com/w/cpp/chrono/parse
[2] https://github.com/HowardHinnant/date/blob/master/include/date/date.h
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I706b91cc3d9df3f32068125bc47ff0c374eb8d87
|
|
9c5e585c3faa73941cedcc70cdff680f403c17bc flipped around two parameters
as part of a bug fix. This fixes #263.
Tested: Inspection only.
Change-Id: I2c8dea2e947fd34784475c0eb0144baa3b68dcb5
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Post:
```
/redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate
```
The "@odata.id" field in the response will appear garbled. This is
caused by boost::urls::url_view outlives its original char sequence.
Fix this issue.
Tested:
```
1.Get token
2.curl -k -H "X-Auth-Token: $token" -X POST https://${bmc}/redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate -d '{"CertificateUri": {"@odata.id":"/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1"}, "CertificateString":"...", "CertificateType": "PEM"}'
{
"@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1",
...
}
```
Change-Id: I6b16cbfaf22f835488a54097c83cee8a1b9e9f6a
Signed-off-by: Xinnan Xie <xiexinnan@bytedance.com>
|
|
Mounting in legacy mode doesn't provide "TransferProtocolType" in json,
the protocol is specified in the uri instead which means
paramTransferProtocolType was empty and always failing the new check
[1], that was added because of a clang-tidy warning (sounds like a
clang-tidy bug). Restored original behavior and added checking
paramTransferProtocolType explicitly.
[1]: https://github.com/openbmc/bmcweb/commit/e01d0c36af115ed46d54b5dbbacfe3ad92226bd3#diff-3d181e155cfa7f397eface92af17130f3db87773ce4219d9c7e24e00b76b94acR767
Change-Id: I9bbebad262356933a9482f73b78597c838777f65
Signed-off-by: Boleslaw Ogonczyk Makowski <boleslawx.ogonczyk-makowski@intel.com>
|
|
Even though the password failed, it's not great to return it in plain
text in the Redfish error response (which is also displayed in a toast
pop-up in webui-vue). This replaces the password text with null in the
Redfish response to protect the password content.
Tested:
Set a bad password for a new user and an existing user and confirmed
that the provided password text is no longer included in the error
response.
Change-Id: I1882667396006861c2211dbe27b554dd5a32c122
Signed-off-by: Jason M. Bills <jason.m.bills@intel.com>
|
|
In line with
https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#logging-levels.
When there is an InternalError, set the logging level to Error.
Added some additional traces to get the EC. Having the EC is really
helpful when debugging.
IBM has bmcweb-logging=error enabled.
Tested: None. Visual only.
Change-Id: I4ba2fb6be52696dc115c5f2ac54ec123926778af
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
In this commit the response code for the exceeding header size limit
during event subscription(post request to
/redfish/v1/EventService/Subscriptions) is changed to 400 (Bad
Request) instead of 405 (Method not allowed)
Tested:
If header size in post body is large(>8096), then response code is
returned as 400
Change-Id: Ie1301777c994dff64a49e625d7f4f7de72010610
Signed-off-by: Divya Jyoti <divya1.jyoti@intel.com>
|
|
Changing authority service references in code from 'ldap' to more
generic name, to comply with change in phosphor-certificate-manager.
Related change:
https://gerrit.openbmc.org/c/openbmc/phosphor-certificate-manager/+/65458
Tested:
Adding, reading and removal of CA Certificate works without any
noticeable regression.
Change-Id: Ia3e7a13bf7093bb7a9964769847d769475ed3e61
Signed-off-by: Michal Orzel <michalx.orzel@intel.com>
|
|
During code update, if another application (e.g. pldm[1]) logs an error
unrelated to code update, this triggers an error event notification
and causes the code update failure.
```
$ uri=$(curl -k https://${bmc}/redfish/v1/UpdateService | jq -r ' .HttpPushUri'); echo $uri
$ curl -k -H "Content-Type: application/octet-stream" -X POST -T ${image} https://${bmc}${uri}
{
"error": {
...
"code": "Base.1.13.0.InternalError",
"message": "The request failed due to an internal service error. The service is still operational."
}
}
```
This commit is to filter out those non-update-related error events
from concluding the code update as failure.
The valid update-related errors are defined in
- https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/yaml/xyz/openbmc_project/Software/Version.errors.yaml
- https://github.com/openbmc/phosphor-bmc-code-mgmt/blob/master/xyz/openbmc_project/Software/Image.errors.yaml
Tested:
1) Redfish validator passed
2) Error injection during Update.
- Start the code update and wait for completion of update (e.g. using journalctl -f)
```
$ uri=$(curl -k https://${bmc}/redfish/v1/UpdateService | jq -r ' .HttpPushUri'); echo $uri
$ curl -k -H "Content-Type: application/octet-stream" -X POST -T ${image} https://${bmc}${uri}
```
- As soon as the image is untarring, and issue busctl cmd to inject a non-update error
```
busctl call xyz.openbmc_project.Logging /xyz/openbmc_project/logging \
xyz.openbmc_project.Logging.Create Create ssa{ss} \
xyz.openbmc_project.Host.Error.Event \
xyz.openbmc_project.Logging.Entry.Level.Error 1 RAWPEL \
/tmp/FILE_NBMC_UNRECOVERABLE
```
[1] https://github.com/openbmc/pldm/blob/master/oem/ibm/libpldmresponder/file_io_type_pel.cpp#L268
Change-Id: Ice54c403efacffa6a388e182bd04d97c3e2b97fc
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
|
|
Phosphor-rest is no longer supported by the project, and phosphor-webui,
which required some of these workarounds has been archived a year ago.
There's no reason to keep this login type, given that it was
undocumented.
NOTE: Upon inspection, it looks like webui-vue used the same hack.
[1] https://github.com/openbmc/webui-vue/blob/43e3bd26133b06ed117a3a3f10b2bc09e2c2aafc/src/store/modules/Authentication/AuthenticanStore.js#L41
Tested:
Combined with https://gerrit.openbmc.org/c/openbmc/webui-vue/+/65811
Webui Login succceeds.
Change-Id: Ie42380029e799e44b3a7404d4ec6d285b371402b
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Kvm_websocket captures the this pointer in the handler lambda of the
socket. When the callback is called, if the object has been destructed,
there will be a crash problem. This is fixed by using weak_from_this in
the callback, if the object was destructed, the callback just returns
without doing anything.
Tested:
1. Open two kvm sessions in WebUI, and keep refreshing in one of the
pages, there is a small chance of coredump happening.
Debug infomation shows:
```
bmcweb[5331]: DEBUG: doRead. conn:0x28d19a0. this: 0x284d470
bmcweb[5331]: DEBUG: doRead. conn:0x28d19a0. this: 0x284d470
bmcweb[5331]: DEBUG: doRead. conn:0x28d19a0. this: 0x284d470
bmcweb[5331]: DEBUG: doRead. conn:0x28d19a0. this: 0x284d470
bmcweb[5331]: DEBUG: doRead. conn:0x28d19a0. this: 0x284d470
bmcweb[5331]: DEBUG: onclose. conn:0x28d19a0
bmcweb[5331]: DEBUG: doRead. conn:0x2876648. this: 0x284d470
systemd[1]: bmeweb.service: Main process exited, code=dumped, status=11/SEGV
systemd[1]: bmcweb.service: Failed with result 'core-dump
systemd[1]: Started Start bmweb server.
```
2. After this fix no coredump occurred.
Change-Id: I7bba9b67c470def90ddb1e471a0ac95edd6165e5
Signed-off-by: Xinnan Xie <xiexinnan@bytedance.com>
|
|
ssl_handshake fails while establishing connection to IPv6 destination
address, as IPv6 addresses considered as invalid value for SNI hostname
due to special characters.
SNI allows valid HostName which allows characters are only {alphabetic
characters (A-Z), numeric characters (0-9), the minus sign
This commit adds check to avoid setting SNI hostname if its an IP
address
Tested By: Verified redfish events 1. Subscribing Destination with IPv6
address. 2. Subscribing Destination with IPv4 address.
Change-Id: I32d30292bbc29c753f1c1815c66fcc93e8074eaa
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
|
|
It won't show anything when do the POST
/redfish/v1/Systems/<str>/LogServices/PostCodes/Actions/LogService.ClearLog
Give a response which same as
/redfish/v1/Systems/<str>/LogServices/EventLog/Actions/LogService.ClearLog
Tested:
curl -k -X POST http://${bmc}/redfish/v1/Systems/system/LogServices/PostCodes/Actions/LogService.ClearLog
{
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The request completed successfully.",
"MessageArgs": [],
"MessageId": "Base.1.13.0.Success",
"MessageSeverity": "OK",
"Resolution": "None"
}
]
}
Change-Id: I35f41a82bba750397bd8d9af657036d4f03a61c8
Signed-off-by: Tony Lee <tony.lee@quantatw.com>
|
|
Change-Id: I9a851076eccee9d79ad7bb036e58b717e06ad5d1
Signed-off-by: Michael Shen <gpgpgp@google.com>
|
|
Type safety is a good thing. In:
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/65606
It was found that splitting out the URI into encoded pieces in the early
phase removed some information we needed, namely whether or not a URI
was ipv6. This commit changes http client such that it passes all the
information through, with the correct type, rather than passing in
hostname, port, path, and ssl separately.
Opportunistically, because a number of log lines are changing, this uses
the opportunity to remove a number of calls to std::to_string, and rely
on std::format instead.
Now that we no longer use custom URI splitting code, the
ValidateAndSplitUrl() method can be removed, given that our validation
now happens in the URI class.
Tested: Aggregation works properly when satellite URIs are queried.
Change-Id: I9f605863179af54c5af2719bc5ce9d29cbfffab7
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
C++20 brought us std::ranges for a lot of algorithms. Most of these
conversions were done using comby, similar to:
```
comby -verbose 'std::lower_bound(:[a].begin(),:[b].end(),:[c])' 'std::ranges::lower_bound(:[a], :[c])' $(git ls-files | grep "\.[hc]\(pp\)\?$") -in-place
```
Change-Id: I0c99c04e9368312555c08147d474ca93a5959e8d
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
The user's groups were getting re-appended in the session object on
every request, resulting in a small memory leak (that does clear away
when the session is ended). Fix by just overwriting instead of
appending.
Tested: Added debug prints in ~UserSession to check contents of
userGroups, then ran multiple GETs to /redfish/v1 via token auth, then
destroyed session via WebUI and confirmed userGroups contained correct
set of groups.
Change-Id: I7c04a18437f69a97f138ff1f9aeee2731952ae8b
Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
|
|
Change introduced in [1] has exposed significant problem in mTLS
verification process, during which an attempt to an uninitialized object
was made. This change removes that attempt and replaces it with resource
that is available at this specific moment of connection lifetime.
Tested:
1. Created and uploaded a set of certificates by following instructions
from TLS Configuration guide [2].
2. Attempted to access /redfish/v1/SessionService/Sessions endpoint
using mTLS authentication method.
With this fix connection has been successful.
[1] https://github.com/openbmc/bmcweb/commit/e01d0c36af115ed46d54b5dbbacfe3ad92226bd3
[2] https://github.com/openbmc/docs/blob/master/security/TLS-configuration.md
Change-Id: I434dbf27169d7ea0207dfd139868d5bf398d24b0
Signed-off-by: Michal Orzel <michalx.orzel@intel.com>
|
|
cout is usually buffered, so make sure that every log message gets
individually flushed. This is especially important when relying on the
systemd journal for timestamping of messages.
Change-Id: I28f6f46978c2fad7855f819b04df964ab3c51351
Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
|
|
The scope of this code refactor is to limit the function of
monitorForSoftwareAvailable() for the coming future code modifications
in the area.
Tested:
- Compiles successfully.
- Code update works as before (for success and failure cases)
Change-Id: I90fd41caa6b88c97c2a0c47fcf4553d48905b886
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
|
|
This "Unauthorized" message has been a constant source of confusion for
users that forget to install a UI. This commit updates the message to
be more clear, and present users with some hints that they have
forgotten to install a webui if they expected the auth to succeed.
Tested: String change only. Code compiles.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic68e4622082caf5e32e496ec56f0c8b409b91990
|
|
This adds a missing comma in the Permissions-Policy response header value.
Tested: no; I didn't even try to compile it.
Change-Id: I4f08b54a5e5af040e10a95d913ef8b457f5bd457
Signed-off-by: Joseph Reynolds <joseph-reynolds@charter.net>
|
|
Use boost::urls::format. Boost::urls::format allows escaping URLs
properly, and has been deployed in most places. This now includes
users in that set.
Tested: Inspection only.
Change-Id: Ib16c8fceb7c58f4074f65df7634ac91af0633e2b
Signed-off-by: Willy Tu <wltu@google.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Yaml gives more configurability, and the ability to better enforce our
template, hopefully helping get more defined bug reports.
Tested:
This commit is hosted here:
https://github.com/edtanous/bmcweb/issues/new/choose
To give a better idea of how the template works.
Change-Id: I3a76b2762cf1a285eca75b67878b5a6ab2c2011a
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
FanRemoved MessageArgs was mistakenly changed from 1 to 0. This changes
it back to 1 to fix getting Internal Server Error on events.
Tested:
Confirmed that FanRemoved events can be retrieved without getting a 500
error code.
Change-Id: I9a2a55a5ee3d2bea073d7d55ed9fe53dc2aaee9d
Signed-off-by: Jason M. Bills <jason.m.bills@intel.com>
|
|
There are instances of ERROR logs that would work better as WARNING or
DEBUG since they do not actually result in bailing early and returning
an error response.
Signed-off-by: Carson Labrado <clabrado@google.com>
Change-Id: I1e7bca0bb38487b26a4642ab72ce475170bb53c6
|
|
While this is more of a question of style, we have enough problems with
our lambda usage that it is worth having some documentation we can point
people to in review.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I2a3f819693dfd6a9a46f92037574c5d28c3121e5
|
|
As the value of the PowerInputWatts and PowerOutputWatts
are getting exchanged,so I added negation in the logic.This
will correct the values.
Tested:
I have tested it and now the values are coming correct.
Change-Id: I67bf6c5050ceb05c13419b370105d80f913b0c17
Signed-off-by: Anjaliintel-21 <anjali.ray@intel.com>
|
|
Redfish event PowerSupplyPowerRestored has MessageArgs as 0 instead of
1. Due to this redfish events are not populated and getting Internal
Server Error.
So updated MessageArgs to 1.
Tested:
1. Redfish validator - passed for this new change
2. Verified GET /redfish/v1/Systems/system/LogServices/EventLog/Entries.
Able to populate Redfish event as expected.
Signed-off-by: Jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Change-Id: I9a2450cba5ff668ff495b7f2ba3b86b856581fff
|
|
Clang-tidy has the aforementioned check, which shows a few places in the
core where we ignored the required optional checks. Fix all uses.
Note, we cannot enable the check that this time because of some weird
code in health.hpp that crashes tidy[1]. That will need to be a future
improvement.
There are tests that call something like
ASSERT(optional)
EXPECT(optional->foo())
While this isn't an actual violation, clang-tidy doesn't seem to be
smart enough to deal with it, so add some explicit checks.
[1] https://github.com/llvm/llvm-project/issues/55530
Tested: Redfish service validator passes.
Change-Id: Ied579cd0b957efc81aff5d5d1091a740a7a2d7e3
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Update is failing due to unknown update dbus error type
but the cause can not be determined as its value is not showing.
This change is to add the error cause to journal in addition to
CRITICAL internalError.
```
Aug 02 09:00:16 bmcweb[2476]: (2023-08-02 09:00:14) [ERROR
"update_service.hpp":396] Unknown Software Image Error type = <XXX>
Aug 02 09:00:16 bmcweb[2476]: (2023-08-02 09:00:14) [CRITICAL
"error_messages.cpp":284] Internal Error ....`
```
Not tested but successfully compiled.
Change-Id: I20833d24042bf8d2f7e2d8a8e4359e3d80af702a
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
|
|
The log entries with the meson configured log level are
currently missing.
Tested:
- Add the logging level to debug to local.conf
```
conf/local.conf:
EXTRA_OEMESON:pn-bmcweb:append = "-Dbmcweb-logging='debug'"
```
- Run the current bmcweb and check bmcweb DEBUG logs which won't be shown.
- With the fix, do the same test and check the DEBUG logs.
```
Aug 02 00:07:52 p10bmc bmcweb[229]: [INFO http_connection.hpp:229] Request: 0x1759d10 HTTP/1.1 GET /redfish ::ffff:127.0.0.1
Aug 02 00:07:52 p10bmc bmcweb[229]: [DEBUG http_connection.hpp:260] Setting completion handler
Aug 02 00:07:52 p10bmc bmcweb[229]: [DEBUG http_response.hpp:238] 0x16d2540 setting completion handler
Aug 02 00:07:52 p10bmc bmcweb[229]: [DEBUG routing.hpp:669] Matched rule '/redfish/' 1 / 2
Aug 02 00:07:52 p10bmc bmcweb[229]: [DEBUG query.hpp:121] setup redfish route
```
Similar tests can be done with the other logging level.
Change-Id: Ifd6dac5b734363fbad70bc62f3dd03a5053ed2fd
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
|
|
This reverts commit 8ed41c35a314580bb794fa0fff2e01b0bf7efcf7.
In discord, it was posted 2 systems are hitting 403 Forbidden for all
endpoints.
Reverting fixed the problem, until time is given to dive into this,
just revert.
One of the things wrong is this is missing an After/Want
xyz.openbmc_project.User.Manager.service.
Change-Id: I1766a6ec2dbc9fb52da3940b07ac002a1a6d269a
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
Similar to what we've done elsewhere, move login and logout into their
own methods. This reduces the amount of scopes that need to be read at
any given time.
Tested: At last commit in series.
Change-Id: Ia2aa8b3fcbed18d7a481876fe4ffd55f31120064
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Support for PATCH method is added to Metric Report Definition,
now selected read/write Report properties can be modified by PATCH method
Tested:
- Added Report via POST, overwrite editable properties via PATCH and
fetched Report via GET checking if received data is properly modified
Signed-off-by: Lukasz Kazmierczak <lukasz.kazmierczak@intel.com>
Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>
Change-Id: If75110a92c55c9e4f2415f0ed4471baa802643ff
|
|
The sdbusplus headers provide shortened aliases for many types.
Switch to using them to provide better code clarity and shorter
lines. Possible replacements are for:
* bus_t
* exception_t
* manager_t
* match_t
* message_t
* object_t
* slot_t
Change-Id: I1621db436cb5e81ca597f5b9dac76452c6e7fd74
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
|
|
There is an async call within the router that leads to a small, but
pervasive performance issue for all queries. Removing that call from the
router has the potential to increase the performance of every
authenticated query, and significantly reduce our dbus traffic for
"simple" operations.
This commit re-implements the role cache in session object that existed
previously many years ago. Each users role is fetched during
authentication and persisted in session object. Each successive request
can then be matched against the privilege which is there in the
in-memory session object.
This was discussed on below commit
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/39756
Tested by:
```
POST /redfish/v1/SessionService/Sessions {"UserName":"root", "Password": “0penBmc”}
```
Followed by redfish queries
Get /redfish/v1/AccountService
Tested user role persistency
Redfish service validator passes.
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I575599c29358e32849446ce6ee7f62c8eb3885f6
|
|
Before this code looked like:
{"xyz.openbmc_project.Control.Power.RestorePolicy.Policy.Restore",
"LastState"},
and that matches the PDI:
https://github.com/openbmc/phosphor-dbus-interfaces/blob/d1484a1499bc241316853934e6e8b735166deee2/yaml/xyz/openbmc_project/Control/Power/RestorePolicy.interface.yaml#L33
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/64334/2/redfish-core/lib/systems.hpp#1350
changed this to RestorePolicy.Policy.AlwaysRestore, I think just a copy
mistake.
Pointed out by Patrick Rudolph.
Tested: None. Searching the enum now matches PDI and what was there
before.
Change-Id: I90e41d352dd1d1de3e465b4f2d5c9f78e0de5b3b
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
These were found by inspection, and should be cases that aren't
possible, but we should be consistent. Check the pointers for null
before dereferencing.
Tested: Inspection only. Condition theoretically not possible to hit.
Change-Id: I1423bb5bae5445d2b4b0cee2f3315b3ddd1c3836
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
The recent change to logging has caused a couple of bugs. First, when
building within yocto, the complete path is now returned on log
messages. This is wasteful of speed, and not super helpful to
developers to have a full path. Per the discussion on the original
patchset, drop this down to just the filename.
2, because of it's use as a pseudo log level, "enabled" is in the list
of strings. This causes an index mismatch, which causes logs to be
logged at the wrong level beyond debug. Move the entry to the end to
fix this.
Third, move the logging of level to upper case, to follow the old
convention.
Tested:
Enabled meson option for logging, observed logs like:
```
Jul 25 18:39:20 qemux86-64 bmcweb[209]: [DEBUG query.hpp:121] setup redfish route
Jul 25 18:39:20 qemux86-64 bmcweb[209]: [DEBUG http_response.hpp:248] 0x561bc11a7a40 releasing ce
Jul 25 18:39:20 qemux86-64 bmcweb[209]: [DEBUG http_response.hpp:238] 0x561bc11a7a40 setting comr
Jul 25 18:39:20 qemux86-64 bmcweb[209]: [DEBUG http_response.hpp:223] 0x561bc11a7a40 calling comr
Jul 25 18:39:20 qemux86-64 bmcweb[209]: [DEBUG http_response.hpp:226] 0x561bc11a7a40 completion d
Jul 25 18:39:20 qemux86-64 bmcweb[209]: [DEBUG query_param.hpp:1019] Processing query params
```
Change-Id: I4ac506c623a17f81ae83545e59291d2729dc82cb
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
This commit changes to using the interface
"xyz.openbmc_project.Chassis.Intrusion" to look up for the chassis
intrusion sensor's DBus object path under "/xyz/openbmc_project" path,
instead of specifying the complete object path. This helps remove the
dependence on the object path and relies on the interface name instead.
Change-Id: I046d1d2825f65f49b225c29239647c423b67242e
Signed-off-by: Chau Ly <chaul@amperecomputing.com>
|
|
When SNMP isn't present, and the name is not activatable, (becuase snmp
isn't installed) it returns a 113 error code. We should handle this
silently, rather than returning an internal error, because snmp is
optional.
Tested: Ran redfish service validator on a system without phosphor-snmp
installed, and observed no more error on
/redfish/v1/EventService/Subscriptions.
Change-Id: I2254d763de6c55c678a95765e1bc87fb9aaa9564
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
This is due to MemberId is the combination of sensorType+sensorName,
and we only extract sensorName from objectsWithConnection.
Therefore, prepend the sensorType to prevent this from occuring.
Tested: code complies, and confirmed via curl, function works.
Change-Id: Ic76607576475547030b9556a64c902e560aabf5d
Signed-off-by: Ban Feng <kcfeng0@nuvoton.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Currently while parsing destination URL, host address enclosed in [] braces for IPv6 addresses, so Resolve hostname fails for IPv6 addresses because of this invalid hostname which is enclosed in [] braces.
This commit uses encoded_host_address() method to fix this parsing hostname for IPv6 address.
Tested By: Configured redfish event subscription with IPv6 destination URI verified parsing logic of destination URI with IPv6 addresses.
Change-Id: I0e43468086ae0b961eb724de30e211d61ccda2d8
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
|
|
This script autogenerates:
1. Self-signed CA certificate/key pair
2. Server certificate/key pair
3. Client certificate/key pair
4. PKCS12 archive to store client certificate/key pair
These files are all generated and then stored in a local ./certs
directory.
Following this, they are added to the BMC over Redfish.
Then, the script attempts to use the client certificate/key pair to
access a Redfish url with permissions while not providing username or
password.
If this succeeds, then it generates the PKCS12 archive file and directs
the user to import it into a browser if they wish to test webui or would
prefer to do any testing in browser rather than over curl or similar
data tranfer tools for HTTP.
Tested:
Monitored output to ensure that each step succeeded and once the PKCS12
archive file was generated, imported it into a browser and accessed a
redfish url with permissions while not being redirected to the login
route.
Change-Id: Ie8a393feb472281d1865e52bddbdb58edbf5b071
Signed-off-by: Alex Schendel <alex.schendel@intel.com>
|
|
We enforced this naming convention a while ago, but some new patchsets
seem to have ignored it. Fix the naming convention.
Tested: Code compiles. Trivial find and replace.
Change-Id: I2921d80d9cdc536f99c2f9e522c60d12f4310a67
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Tested:
Added and removed cables to see state field being reflected
based on the presence.
Change-Id: I0136b1407634ebc9033a7c3ea2da555018fd622b
Signed-off-by: Akshit Shah <shahakshit@google.com>
|
|
This commit has following changes
1.Adds "StatelessAddressAutoConfig"
support as per latest EthernetInterface schema.
2.Remove support for deprecated Stateful and Stateless enums of DHCPv6
"OperatingMode"
Tested by:
```
GET PATCH -d '{"StatelessAddressAutoConfig": {"IPv6AutoConfigEnabled": true}}'
PATCH -d '{"StatelessAddressAutoConfig": { "IPv6AutoConfigEnabled": false}}'
PATCH -d '{"DHCPv6" : {"OperatingMode":"Enabled"}}' PATCH -d '{"DHCPv6"
: {"OperatingMode":"Disabled"}}'
```
Redfish Validator passed
Change-Id: I29d471750ef513074bc5e49c31a16fa15d3d760c
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
|
|
std::format is a much more modern logging solution, and gives us a lot
more flexibility, and better compile times when doing logging.
Unfortunately, given its level of compile time checks, it needs to be a
method, instead of the stream style logging we had before. This
requires a pretty substantial change. Fortunately, this change can be
largely automated, via the script included in this commit under
scripts/replace_logs.py. This is to aid people in moving their
patchsets over to the new form in the short period where old patches
will be based on the old logging. The intention is that this script
eventually goes away.
The old style logging (stream based) looked like.
BMCWEB_LOG_DEBUG << "Foo " << foo;
The new equivalent of the above would be:
BMCWEB_LOG_DEBUG("Foo {}", foo);
In the course of doing this, this also cleans up several ignored linter
errors, including macro usage, and array to pointer deconstruction.
Note, This patchset does remove the timestamp from the log message. In
practice, this was duplicated between journald and bmcweb, and there's
no need for both to exist.
One design decision of note is the addition of logPtr. Because the
compiler can't disambiguate between const char* and const MyThing*, it's
necessary to add an explicit cast to void*. This is identical to how
fmt handled it.
Tested: compiled with logging meson_option enabled, and launched bmcweb
Saw the usual logging, similar to what was present before:
```
[Error include/webassets.hpp:60] Unable to find or open /usr/share/www/ static file hosting disabled
[Debug include/persistent_data.hpp:133] Restored Session Timeout: 1800
[Debug redfish-core/include/event_service_manager.hpp:671] Old eventService config not exist
[Info src/webserver_main.cpp:59] Starting webserver on port 18080
[Error redfish-core/include/event_service_manager.hpp:1301] inotify_add_watch failed for redfish log file.
[Info src/webserver_main.cpp:137] Start Hostname Monitor Service...
```
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I86a46aa2454be7fe80df608cb7e5573ca4029ec8
|