Age | Commit message (Collapse) | Author | Files | Lines |
|
Now that our custom body type does things more than files, it makes
sense to rename it. This commit renames the header itself, then all
instances of the class.
Tested: Basic GET requests succeed.
Change-Id: If4361ac8992fc7c268f48a336707f96e68d3576c
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
Now that we have a custom boost http body class, we can use it in more
cases. There's some significant overhead and code when switching to a
file body, namely removing all the headers. Making the body class
support strings would allow us to completely avoid that inefficiency.
At the same time, it would mean that we can now use that class for all
cases, including HttpClient, and http::Request. This leads to some code
reduction overall, and means we're reliant on fewer beast structures.
As an added benefit, we no longer have to take a dependency on
boost::variant2.
Tested: Redfish service validator passes, with the exception of
badNamespaceInclude, which is showing warnings prior to this commit.
Change-Id: I061883a73230d6085d951c15891465c2c8445969
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
When we call a null weakptr, it will cause a crash.
Add nullptr check for weakptr can avoid this situation.
Tested:
bmcweb.service did not experience core-dump.
Change-Id: I4490d68c70ea5d43681f4fb18b3859afb01ed70a
Signed-off-by: Zhao Gang <zhaogang.0108@bytedance.com>
|
|
clang-format-17 has some backwards incompatible changes that require
additional settings for best compatibility and re-running the formatter.
Copy the latest .clang-format from the docs repository and reformat the
repository.
Change-Id: I2f9540cf0d545a2da4d6289fc87b754f684bc9a7
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
|
|
These variables don't need propagated to handlers. Any usage of them is
incorrect.
This makes Websocket once again a pure virtual class, which is desired.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Id1ecc3911fc502d436a3e6aa29024628fc51aff4
|
|
std::format is a much more modern logging solution, and gives us a lot
more flexibility, and better compile times when doing logging.
Unfortunately, given its level of compile time checks, it needs to be a
method, instead of the stream style logging we had before. This
requires a pretty substantial change. Fortunately, this change can be
largely automated, via the script included in this commit under
scripts/replace_logs.py. This is to aid people in moving their
patchsets over to the new form in the short period where old patches
will be based on the old logging. The intention is that this script
eventually goes away.
The old style logging (stream based) looked like.
BMCWEB_LOG_DEBUG << "Foo " << foo;
The new equivalent of the above would be:
BMCWEB_LOG_DEBUG("Foo {}", foo);
In the course of doing this, this also cleans up several ignored linter
errors, including macro usage, and array to pointer deconstruction.
Note, This patchset does remove the timestamp from the log message. In
practice, this was duplicated between journald and bmcweb, and there's
no need for both to exist.
One design decision of note is the addition of logPtr. Because the
compiler can't disambiguate between const char* and const MyThing*, it's
necessary to add an explicit cast to void*. This is identical to how
fmt handled it.
Tested: compiled with logging meson_option enabled, and launched bmcweb
Saw the usual logging, similar to what was present before:
```
[Error include/webassets.hpp:60] Unable to find or open /usr/share/www/ static file hosting disabled
[Debug include/persistent_data.hpp:133] Restored Session Timeout: 1800
[Debug redfish-core/include/event_service_manager.hpp:671] Old eventService config not exist
[Info src/webserver_main.cpp:59] Starting webserver on port 18080
[Error redfish-core/include/event_service_manager.hpp:1301] inotify_add_watch failed for redfish log file.
[Info src/webserver_main.cpp:137] Start Hostname Monitor Service...
```
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I86a46aa2454be7fe80df608cb7e5573ca4029ec8
|
|
This reverts commit e628df8658c57f6943b6d3612e1077618e5a168a.
This appears to cause problems with non-cookie login of the console
websocket. This appears to be a gap in both our testing, and things
that we have scripting to do, but clearly it's a change in behavior, so
if we want to change the behavior, we should do it intentionally, and
clearly, ideally with a path to make clients work, or an explicit
documentation that the webui is the only supported client.
Change-Id: I334257e1355a5b8431cb7ecfe58ef8a942f4981c
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
This drop adds support for multiple consoles. The following changes are
made to achieve this.
- Kept the "/console0" route for backward compatibility
- Added a new route "/console/<str>" to support multiple consoles. All
new consoles must use this route string.
Testing:
- Make sure that old console path /console0 is working.
[INFO "http_connection.hpp":209] Request: 0x1bc2e60 HTTP/1.1
GET /console0 ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1bdb67c opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request target = /console0
[DEBUG "obmc_console.hpp":198] Console web socket path: /console0
Console unix FD: 12 duped FD: 13
[DEBUG "obmc_console.hpp":82] Reading from socket
[DEBUG "obmc_console.hpp":162] Remove connection 0x1bdb67c from
obmc console
- Make sure that new path for default console working
[INFO "http_connection.hpp":209] Request: 0x1bd76a8 HTTP/1.1
GET /console/default ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console/<str>'
1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1baf82c opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/default service =
xyz.openbmc_project.Console.default Request
target = /console/default
[DEBUG "obmc_console.hpp":198] Console web socket path:
/console/default Console unix FD: 12 duped FD: 13
[DEBUG "obmc_console.hpp":82] Reading from socket
[INFO "obmc_console.hpp":154] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":162] Remove connection 0x1baf82c from
obmc console
- Make sure that path for hypervisor console is working.
[INFO "http_connection.hpp":209] Request: 0x1bc2e60 HTTP/1.1
GET /console/hypervisor ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console/<str>'
1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1bc5234 opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/hypervisor service =
xyz.openbmc_project.Console.hypervisor Request
target = /console/hypervisor
[DEBUG "obmc_console.hpp":198] Console web socket path:
/console/hypervisor Console unix FD: 12 duped FD: 13
[DEBUG "obmc_console.hpp":82] Reading from socket
[INFO "obmc_console.hpp":154] Closing websocket. Reason:
[DEBUG "obmc_console.hpp":162] Remove connection 0x1bc5234 from
obmc console
- Make sure that bad console path is failing properly due to DBUS error.
[INFO "http_connection.hpp":209] Request: 0x1bd76a8 HTTP/1.1
GET /console/badconsoleid ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1240] Matched rule (upgrade) '/console/<str>'
1 / 2
[DEBUG "obmc_console.hpp":212] Connection 0x1bdb67c opened
[DEBUG "obmc_console.hpp":241] Console Object path =
/xyz/openbmc_project/console/badconsoleid service =
xyz.openbmc_project.Console.badconsoleid Request
target = /console/badconsoleid
[ERROR "obmc_console.hpp":174] Failed to call console Connect()
method DBUS error: No route to host
Change-Id: I9b617bc51e3ddc605dd7f4d213c805d05d2cfead
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
clang-format-16 has some backwards incompatible changes that require
additional settings for best compatibility and re-running the formatter.
Copy the latest .clang-format from the docs repository and reformat the
repository.
Change-Id: I75f89d2959b0f1338c20d72ad669fbdc1d720835
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
|
|
https://github.com/openbmc/bmcweb/commit/f8aa3d2704d3897eb724dab9ac596af8b1f0e33e
(4/15/20) added CSRF check into websockets but later setting cookieAuth
to true was removed so this session->cookieAuth is always false.
https://github.com/openbmc/bmcweb/commit/3909dc82a003893812f598434d6c4558107afa28
(7/15/20).
2 choices here add back this cookieAuth=true when cookie auth is used or
remove this "if cookieAuth" and do this check anytime
BMCWEB_INSECURE_DISABLE_CSRF_PREVENTION isn't enabled.
Really we shouldn't support any other auth on websockets so maybe
if (!session->cookieAuth){
unauthorized;
}
if go with the first choice. Went with the 2nd choice because cleaner.
This checking is a bit weird because it uses protocol for csrf checking.
https://github.com/openbmc/webui-vue/blob/b63e9d9a70dabc4c9a7038f7727fca6bd17d940a/src/views/Operations/SerialOverLan/SerialOverLanConsole.vue#L98
Tested: Before could log in to webui-vue, delete the XSRF-TOKEN but
still connect to the host console. After if deleted the XSRF-TOKEN
(browser dev tools), the websocket does not connect. Don't have a system
with KVM, VM enabled so wasn't able to check those but the webui-vue
code for them looks to pass the token. The webui-vue host console works
the same as before if you aren't messing with the XSRF-TOKEN.
Change-Id: Ibd5910587648f68809c7fd518bcf5a0bcf8cf329
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
As-written, the nbd (and all websocket daemons) suffer from a problem
where there is no way to apply socket backpressure, so in certain
conditions, it's trivial to run the BMC out of memory on a given
message. This is a problem.
This commit implements the idea of an incremental callback handler, that
accepts a callback function to be run when the processing of the message
is complete. This allows applying backpressure on the socket, which in
turn, should provide pressure back to the client, and prevent buffering
crashes on slow connections, or connections with high latency.
Tested: NBD proxy not upstream, no way to test. No changes made to
normal websocket flow.
Signed-off-by: Michal Orzel <michalx.orzel@intel.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I3f116cc91eeadc949579deacbeb2d9f5e0f4fa53
|
|
nbd proxy should not have its own authorization checks, as these are
now handled in the core as of 7e9093e625961f533250a6c193c1a474e98007c4
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I8874d8a09278ba21d2acfdf076cb76dee718ecf4
|
|
By convention, we should be following boost here, and passing error_code
by reference, not by value. This makes our code consistent, and removes
the need for a copy in some cases.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Id42ea4a90b6685a84818b87d1506c11256b3b9ae
|
|
string_view should always be passed by value; This commit is a sed
replace of the code to make all string_views pass by value, per general
coding guidelines[1].
[1] https://quuxplusone.github.io/blog/2021/11/09/pass-string-view-by-value/
Tested: Code compiles.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I55b342a29a0fbfce0a4ed9ea63db6014d03b134c
|
|
Most of these missing includes were found by running clang-tidy on all
files, including headers. The existing scripts just run clang-tidy on
source files, which doesn't catch most of these.
Tested: Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic741fbb2cc9e5e92955fd5a1b778a482830e80e8
|
|
The new boost URL now interops properly with std::string_view, which is
great, and cleans up a bunch of mediocre code to convert one to another.
It has also been pulled into boost-proper, so we no longer need a
boost-url dependency that's separate.
Unfortunately, boost url makes these improvements by changing
boost::string_view for boost::urls::const_string, which causes us to
have some compile errors on the missing type.
The bulk of these changes fall into a couple categories, and have to be
executed in one commit.
string() is replaced with buffer() on the url and url_view types
boost::string_view is replaced by std::string_view for many times, in
many cases removing a temporary that we had in the code previously.
Tested: Code compiles with boost 1.81.0 beta.
Redfish service validator passes.
Pretty good unit test coverage for URL-specific use cases.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I8d3dc89b53d1cc390887fe53605d4867f75f76fd
|
|
Per the coding standard, now that C++ supports std::string::starts_with
and std::string::ends_with, we should be using them over the boost
alternatives. This commit goes through and updates all usages.
Arguably some of these are incorrect, and instances of common error 13,
but because this is mostly a mechanical it intentionally doesn't try to
handle it.
Tested: Unit tests pass.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic4c6e5d0da90f7442693199dc691a47d2240fa4f
|
|
This patchset is the conclusion of a multi-year effort to try to fix
shadowed variable names. Variables seem to be shadowed all over, and in
most places they exist, there's a "code smell" of things that aren't
doing what the author intended.
This commit attempts to clean up these in several ways by:
1. Renaming variables where appropriate.
2. Preferring to refer to member variables directly when operating
within a class
3. Rearranging code so that pass through variables are handled in the
calling scope, rather than passing them through.
These patterns are applied throughout the codebase, to the point where
-Wshadow can be enabled in meson.build.
Tested: Code compiles, unit tests pass. Still need to run redfish
service validator.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: If703398c2282f9e096ca2694fd94515de36a098b
|
|
clang-tidy has a setting, LambdaBodyIndentation, which it says:
"For callback-heavy code, it may improve readability to have the
signature indented two levels and to use OuterScope."
bmcweb is very callback heavy code. Try to enable it and see if that
improves things. There are many cases where the length of a lambda call
will change, and reindent the entire lambda function. This is really
bad for code reviews, as it's difficult to see the lines changed. This
commit should resolve it. This does have the downside of reindenting a
lot of functions, which is unfortunate, but probably worth it in the
long run.
All changes except for the .clang-format file were made by the robot.
Tested: Code compiles, whitespace changes only.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ib4aa2f1391fada981febd25b67dcdb9143827f43
|
|
This change, moving the openHandler back to only supporting websocket
disconnects and not 404s.Because AsyncResp is removed from openHandler.
Tested:
(from previous commit) Opened KVM in webui-vue and it works.
Signed-off-by: zhanghaicheng <zhanghch05@inspur.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I793f05836aeccdc275b7aaaeede41b3a2c276595
|
|
These modifications are from WIP:Redfish:Query parameters:Only
(https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/47474). It will
be used in future CLs for Query Parameters.
The code changed the completion handle to accept Res to be able to
recall handle with a new Response object.
AsyncResp owns a new res, so there is no need to pass in a res.
Also fixed a self-move assignment bug.
Context:
Originally submitted:
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/480020
Reveted here:
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/48880
Because of failures here:
https://gerrit.openbmc-project.xyz/c/openbmc/openbmc/+/48864
Tested:
1. Romulus QEMU + Robot tests; all passed
2. Use scripts/websocket_test.py to test websockets. It is still work correctly.
3. Tested in real hardware; no new validator errors; tested both
authless, session, and basic auth.
4. Hacked codes to return 500 errors on certain resource; response is
expected;
5. Tested Eventing, the push style one (not SSE which is still under
review), worked as expected.
6. Tested 404 errors; response is expected.
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
Signed-off-by: John Edward Broadbent <jebr@google.com>
Change-Id: I52adb174476e0f6656335baa6657456752a031be
|
|
We should check if session is nullptr before referencing its data
member.
Tested:
1. build authless BMCWeb
```
meson -Drest=enabled -Dbmcweb-logging=enabled
-Dinsecure-disable-auth=enabled build && ninja -C build &&
./build/bmcweb
```
2. start websocket client without problems
```
python scripts/websocket_test.py --host localhost:18080
```
3. bmcweb log
```
[DEBUG "websocket.hpp":221] Websocket accepted connection
[DEBUG "dbus_monitor.hpp":114] Connection opened
[DEBUG "dbus_monitor.hpp":115] Connection 0x55b22d618670 opened
[DEBUG "http_response.hpp":134] 0x55b22d611040 calling completion
handler
[DEBUG "dbus_monitor.hpp":129] Connection 0x55b22d618670 received
{"paths": ["/xyz/openbmc_project/sensors"],
"interfaces": ["xyz.openbmc_project.Sensor.Value"]}
[DEBUG "dbus_monitor.hpp":231] Creating match
type='signal',interface='org.freedesktop.DBus.Properties',
path_namespace='/xyz/openbmc_project/sensors',member='PropertiesChanged',
arg0='xyz.openbmc_project.Sensor.Value'
[DEBUG "dbus_monitor.hpp":246] Creating match
type='signal',interface='org.freedesktop.DBus.ObjectManager',
path_namespace='/xyz/openbmc_project/sensors',member='InterfacesAdded'
```
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
Change-Id: I56613a26c129736f0e6980bb24e83f22ef60eea0
|
|
There's a number of redundancies in our code that clang can sanitize
out. Fix the existing problems, and enable the checks.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ie63d7b7f0777b702fbf1b23a24e1bed7b4f5183b
|
|
This check involves explicitly declaring variables const when they're
declared auto, which helps in readability, and makes it more clear that
the variables are const.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I71198ea03850384a389a56ad26f2c4a48c75b148
|
|
Part of enforcing cpp core guidelines involves explicitly including all
constructors required on a non-trivial class. We were missing quite a
few. In all cases, the copy/move/and operator= methods are simply
deleted.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ie8d6e8bf2bc311fa21a9ae48b0d61ee5c1940999
|
|
This reverts commit 91995f3272010875e1559397e98ca93354066a0e.
Seeing bumps fail.
https://gerrit.openbmc-project.xyz/c/openbmc/openbmc/+/48864
Please fix, test, and resubmit.
Change-Id: Id539fe66d5a093caf8f22a393f7af7b58ead5247
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
This reverts commit 0f3d3a01aed4040ef73a977a958ecdf4f68111f6.
Seeing bumps fail.
Change-Id: Ida7b1bae48abbed2e00a5259e8f94b64168d4788
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
This change, moving the openHandler back to only supporting websocket
disconnects and not 404s.Because AsyncResp is removed from openHandler.
Tested:
Opened KVM in webui-vue and it works.
Signed-off-by: zhanghaicheng <zhanghch05@inspur.com>
Change-Id: I90811f4ab91ad41cb298877f76252dce80932b2b
|
|
These modifications are from WIP:Redfish:Query parameters:Only
(https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/47474). And they
will be used in Redfish:Query Parameters:Only.
(https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/38952)
The code changed the completion handle to accept Res to be able to
recall handle with a new Response object.
AsyncResp owns a new res, so there is no need to pass in a res.
Tested:
1.Basic and Token auth both still work.
2.Use scripts/websocket_test.py to test websockets. It is still work
correctly.
python3 websocket_test.py --host 127.0.0.1:2443
This modification is a public part, so you can use any URL to test
this function. The response is the same as before.
Signed-off-by: zhanghaicheng <zhanghch05@inspur.com>
Change-Id: I570e32fb47a9a90fe111fcd1f4054060cd21def3
|
|
This commit is for, enable the timeout setting with suggested
values for server(300sec) role. Server's keep_alive_pings is
true by default, so time to server role is become 300/2 sec.
It is used for to check server/client communication status
in every 150sec.
There is a timeout option to websocket stream, which is created
by boost library .By default, timeouts on websocket streams are
disabled. The way to turn them on is to set the suggested timeout
settings on the stream.
Idle Timeout is configured as 300sec to server role by default.
We can adjust the timeout value which we want exactly by changing
the idle_timeout.
Depends on keep_alive_pings , the suggested value of the idle
timeout will be consider. Keep_alive_pings of server role is
set to `true` by default in boost library. So idle_timeout of
server role is consider as 300/2 sec by default.
https://www.boost.org/doc/libs/master/libs/beast/doc/html/beast/using_websocket/timeouts.html
Tested:
Redirected Virtual media. connection has established successfully.
Media instance gets redirected to host machine. Disconnected the
client network. Keepalive idle timeout for server role will found
stream miss communication status in next 150sec cycle, and virtual
media websocket will be stop gracefully.
Existing behaviour:
900sec (15 minutes) will be taken for closing the websocket
connection due to network disconnection.
Signed-off-by: Dhines Kumar E <dhineskumare@ami.com>
Change-Id: Id68d6a5c9b0139b1c70f80e9265a3e4d96e2ee87
|
|
New versions of beast allow completely removing the per-message deflate
functionality from the binary, thus saving space. Considering we never
used it, it seems worthwhile to remove from the build entirely.
This should have no impact on any external interface.
https://www.boost.org/doc/libs/1_75_0/libs/beast/doc/html/beast/using_websocket.html
Tested:
Build before and after, ~31k of pre-compression binary space saved when
this patchset is included.
Also ran scripts/websocket_test.py
python3 websocket_test.py --host 192.168.7.2
CPU 67.56
Memory 5.95
and saw sensor values stream correctly.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I3d8e5febea2446eb4894a840f7fe7ef9cdf6995b
|
|
In theory, having a sessionless websocket isn't possible. In practice,
this did come up when an ownership issue caused UB, which is how I saw
this.
Tested:
Tested with scripts/websocket_test.py and saw sensor values streaming by
as expected.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I7cc9c9660c8207ba857e6f6f14f010eaf79b73ef
|
|
camelLower is not a type, camelBack is.
Changes were made automatically with clang-tidy --fix-errors
To be able to apply changes automatically, the only way I've found that
works was to build the version of clang/clang-tidy that yocto has, and
run the fix script within bitbake -c devshell bmcweb. Unfortunately,
yocto has clang-tidy 11, which can apparently find a couple extra errors
in tests we already had enabled. As such, a couple of those are also
included.
Tested:
Ran clang-tidy-11 and got a clean result.
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I9d1080b67f0342229c2f267160849445c065ca51
|
|
cppcheck isn't smart enough to recognize these are c++ headers, not c
headers. Considering we're already inconsistent about our naming, it's
easier to just be consistent, and move the last few files to use .hpp
instead of .h.
Tested:
Code builds, no changes.
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: Ic348d695f8527fa4a0ded53f433e1558c319db40
|