Age | Commit message (Collapse) | Author | Files | Lines |
|
All new uses should be using boost::urls::url now. This was the last
usage.
Tested: Logged into webui, and observed the correct URL behavior.
In browser window /foobar
Forwarded to /?next=/foobar#/login
Which is correct.
Note, this is different behavior slightly than before. It was found
that the URI precedence goes query string THEN fragment, rather than the
other way around that we had it. This was flagged when moving over to
boost url structures.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ifb354537d71a43c531d7d380dd889cf646731e39
|
|
This makes several changes to server-sent events to allow it to merge
to master. The routing system has been removed in leiu of using
content-type eventstream detection. Timers have been added to the
sse connections, and sse connections now rely on async_wait, rather
than a full read.
Tested: WIP
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Id0ff0ebc2b3a795b3dba008e440556a9fdd882c2
|
|
string_view should always be passed by value; This commit is a sed
replace of the code to make all string_views pass by value, per general
coding guidelines[1].
[1] https://quuxplusone.github.io/blog/2021/11/09/pass-string-view-by-value/
Tested: Code compiles.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I55b342a29a0fbfce0a4ed9ea63db6014d03b134c
|
|
CBOR is a more efficient way to represent json, and something that, as
you can see from this patch, is relatively trivial to implement in our
current nlohmann json handlers. This allows users that specify an
accepts header of "application/cbor" to request the BMC produce a cbor
response.
This feature adds 1520 bytes (1.48KB) to the binary size of bmcweb.
For ServiceRoot
GET /redfish/v1 Accepts: application/json - returns json
GET /redfish/v1 Accepts: application/cbor - returns cbor
GET /redfish/v1 Accepts: */* - returns json
GET /redfish/v1 Accepts: text/html - returns html
GET /redfish/v1 no-accepts header - returns json
For service root, CBOR encoding drops the payload size from 1520 bytes
on my system, to 1021 byes, which is a significant improvement in the
number of bytes we need to compress.
Redfish-service-validator passes.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I847e678cf79dfd7d55e6d3b26960c419e47063af
|
|
cppcheck correctly notes that a lot of our variables can be declared at
more specific scopes, and in every case, it seems to be correct.
Tested: Redfish service validator passes. Unit test coverage on others.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ia4414410d0e8f74a3bd40fdc0e0232450d1a6416
|
|
An HTTP header of Accepts: */* throws a big wrench into our
implementation for a couple reasons. First, because it's the default in
a lot of commonly-used libraries, and second, because clients use it
when they certainly don't mean what the specification says it should
mean "ie, I accept ANY type".
This commit tries to address some of that, by making an explicit option
for content-type="ANY" and pushes it to the individual callers to handle
explicitly as if it were yet another type. In most protocols, there's a
"most common" representation, so protocols are free to use that, or to
explicitly handle it, and require that the user be explicit.
Tested:
Redfish Protocol Validator no longer locks up. (TBD, getting bugs filed
with protocol validator for this missing Accepts header).
For ServiceRoot
GET /redfish/v1 Accepts: application/json - returns json
GET /redfish/v1 Accepts: */* - returns json
GET /redfish/v1 Accepts: text/html - returns html
GET /redfish/v1 no-accepts header - returns json
Redfish-service-validator passes.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iae6711ae587115d3e159a48a6fc46a903ed6c403
|
|
We have a number of specialized content-type functions for varying
levels of degree, and most of them rely on quite a few strings. This
commit changes them to consolidate on two APIs.
isContentTypeSupported, which as the name implies, takes a single
content type, and returns a bool about whether or not that content type
is allowed.
getPreferedContentType, which takes an array of multiple options, and
fine the first one in the list that matches the clients expected string.
These two functions makes these functions more able to be reused in the
future, and don't require specialized entries for each possible type or
combination of types that we need to check for.
Tested: Unit tests passing. Pretty good coverage.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I8b976d0cefec5f24e62fbbfae33d12cc803cb373
|
|
bmcweb does not do anything with the q-factor weighting (;q=) so just
remove it from the encoding.
This is needed because routes like
"/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/attachment"
have a check for isOctetAccepted. Even though */* is in the Accept
Header isOctetAccepted still fails due to the q-factor weighting.
On the system I tested, on firefox, Accept looks like:
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
The GUI reported being unable to download a AdditionalDataURI (e.g.
...attachment/)
Here is the GUI code attempting to download the additional data:
https://github.com/openbmc/webui-vue/blob/9b79a6e7e3df3d3cbaf9a7750bbe343628022026/src/views/Logs/EventLogs/EventLogs.vue#L155
https://github.com/openbmc/webui-vue/blob/9b79a6e7e3df3d3cbaf9a7750bbe343628022026/src/locales/en-US.json#L251
Today this results in a 400 Bad Request due to isOctetAccepted.
See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept
Tested:
/redfish/v1/Systems/system/LogServices/PostCodes/Entries/<str>/attachment/
and .../EventLog/Entries/<str>/attachment now return correctly.
Change-Id: I969f5f2c32c4acccd4d80615f17c44d0c8fabd0d
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
These changes are done by running iwyu manually under clang14.
Suppressed some obvious impl or details headers. Kept the recommended
public headers.
IWYU can increase readability, make maintenance easier, and avoid errors
in some cases. See details in
https://github.com/include-what-you-use/include-what-you-use/blob/master/docs/WhyIWYU.md.
This commit also uses its best effort to correct obvious errors through
iwyu pragma.
See reference here:
https://github.com/include-what-you-use/include-what-you-use#how-to-correct-iwyu-mistakes
Tested: unit test passed.
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
Change-Id: I983b6f75601707cbb0f2f04546c3362ff4ba7fee
|
|
Per the coding standard, now that C++ supports std::string::starts_with
and std::string::ends_with, we should be using them over the boost
alternatives. This commit goes through and updates all usages.
Arguably some of these are incorrect, and instances of common error 13,
but because this is mostly a mechanical it intentionally doesn't try to
handle it.
Tested: Unit tests pass.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic4c6e5d0da90f7442693199dc691a47d2240fa4f
|
|
These checks ensure that we're not implicitly converting ints or
pointers into bools, which makes the code easier to read.
Tested:
Ran series through redfish service validator. No changes observed.
UUID failing in Qemu both before and after.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I1ca0be980d136bd4e5474341f4fd62f2f6bbdbae
|
|
- Add a GET method /redfish/v1/Systems/system/LogServices/PostCodes
/Entries/<str>/attachment/, Get the attribute value through the
getPostCodes method and encode it as base64, and send it off.
- This allows the use to offload error logs for analysis and further
parsing if needed. An http header of "Accept:
application/octet-stream" or the default "*/*" is expected.
Tested:
- Ran Redfish validator.
- Before, It broke post JSON content as HTTP
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/44660
Now, I tested it passed.
- pldmtool raw --data 0x80 0x3F 0xC 0x0A 0x00 0x00 0x00 0x00 0x00 0x07 0x00 0x00 0x00 0x48 0x00 0x00 0x00 0x02 0x00 0x00 0x01 0x00 0x00 0x00 0x48 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x53 0x54 0x41 0x4e 0x44 0x42 0x59 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20
$curl -k https://127.0.0.1:2443/redfish/v1/Systems/system/LogServices/PostCodes/Entries/B1-1/attachment/
output:
AgAAAQAAAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFNUQU5EQlkgICAgICAgICAgICAgICAgICAgICAgICAg
Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: Ide684146a4ae9d55dc95fb765927867b042fc27c
|
|
req is being created later, in the connection life cycle. req was
holding many important values when it was passed to authenticate, so the
authenticate call had to be refactored to includes all the data req was
holding.
Also uses of req before handle have been changed to direct calls to
boot::parse
Tested:
Made a request that did not require authentication
$ curl -vvvv --insecure "https://192.168.7.2:18080/redfish/v1"
Got correct service root
Made a unauthenticated request (Chassis)
$ curl -c cjar -b cjar -k -H "Content-Type: application/json" -X GET https://192.168.7.2:18080/redfish/v1/Chassis
Unauthenticated
Made a log-in request
$ curl -c cjar -b cjar -k -H "Content-Type: application/json" -X POST https://192.168.7.2:18080/login -d "{\"data\": [ \"root\", \"0penBmc\" ] }"
Made (same) Chassis request
$ curl -c cjar -b cjar -k -H "Content-Type: application/json" -X GET https://192.168.7.2:18080/redfish/v1/Chassis
Tested the websockets using scripts/websocket_test.py
Websockets continued to work after this change.
Followed the mTLS instructions here https://github.com/openbmc/docs/blob/master/security/TLS-configuration.md
mTLS continues to work after this change.
Change-Id: I78f78063be0331be00b66349d5d184847add1708
Signed-off-by: John Edward Broadbent <jebr@google.com>
|
|
This reverts commit af61db10fb40c7beb91a70f0b3ff28cb8e6c1704 which
breaks the ability to detect and post json content as HTTP. I suspect
something went wrong with the requestPrefersHtml() method that was
modified in this commit. Authors should feel free to resubmit this
patch once they have the failure understood and fixed.
Change-Id: Id6e8d102fe5d4b02ac0dce06bff50c28edfcf44c
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
- Add a GET method /redfish/v1/Systems/system/LogServices/PostCodes
/Entries/<str>/attachment/, Get the attribute value through the
getPostCodes method and encode it as base64, and send it off.
- This allows the use to offload error logs for analysis and further
parsing if needed. An http header of "Accept:
application/octet-stream" or the default "*/*" is expected.
Tested:
- Ran Redfish validator.
- pldmtool raw --data 0x80 0x3F 0xC 0x0A 0x00 0x00 0x00 0x00 0x00 0x07 0x00 0x00 0x00 0x48 0x00 0x00 0x00 0x02 0x00 0x00 0x01 0x00 0x00 0x00 0x48 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x53 0x54 0x41 0x4e 0x44 0x42 0x59 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20
$curl -k https://127.0.0.1:2443/redfish/v1/Systems/system/LogServices/PostCodes/Entries/B1-1/attachment/
output:
AgAAAQAAAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFNUQU5EQlkgICAgICAgICAgICAgICAgICAgICAgICAg
Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: I74dd6c1dc2d3dfb7908f7741e0d9e7825c1df816
|
|
cppcheck isn't smart enough to recognize these are c++ headers, not c
headers. Considering we're already inconsistent about our naming, it's
easier to just be consistent, and move the last few files to use .hpp
instead of .h.
Tested:
Code builds, no changes.
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: Ic348d695f8527fa4a0ded53f433e1558c319db40
|
|
Now that CI can handle clang-tidy, and a lot of the individual fixes
have landed for the various static analysis checks, lets see how close
we are.
This includes bringing a bunch of the code up to par with the checks
that require. Most of them fall into the category of extraneous else
statements, const correctness problems, or extra copies.
Tested:
CI only. Unit tests pass.
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I9fbd346560a75fdd3901fa40c57932486275e912
|
|
This commit enables clang warnings, and fixes all warnings that were
found. Most of these fall into a couple categories:
Variable shadow issues were fixed by renaming variables
unused parameter warnings were resolved by either checking error codes
that had been ignored, or removing the name of the variable from the
scope.
Other various warnings were fixed in the best way I was able to come up
with.
Note, the redfish Node class is especially insidious, as it causes all
imlementers to have variables for parameters, regardless of whether or
not they are used. Deprecating the Node class is on my list of things
to do, as it adds extra overhead, and in general isn't a useful
abstraction. For now, I have simply fixed all the handlers.
Tested:
Added the current meta-clang meta layer into bblayers.conf, and added
TOOLCHAIN_pn-bmcweb = "clang" to my local.conf
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: Ia75b94010359170159c703e535d1c1af182fe700
|
|
This is from openbmc/docs/style/cpp/.clang-format
Other OpenBMC repos are doing the same.
Tested: Built and validator passed.
Change-Id: Ief26c755c9ce012823e16a506342b0547a53517a
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
Recently, a number of people in the community have made the (admittedly
easy) mistake that we use a significant portion of crow.
Today, we use crow for the router, and the "app" structure, and even
those have been significantly modified to meet the bmc needs. All other
components have been replaced with Boost beast. This commit removes the
crow mentions from the Readme, and moves the crow folder to "http" to
camouflage it a little. No code content has changed.
Tested:
Code compiles. No functional change made to any executable code.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: Iceb57b26306cc8bdcfc77f3874246338864fd118
|
|
This patchset is the beginings of the infrastructure to allow
separate registrations, and map privileges to the actual node in the
url table rather than having each registration manage privileges
manually.
Tested by:
Running redfish compliance tool. All things still pass.
Change-Id: I72d278cc19c60ba5b6e563fbd705b0551faf9a6a
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
With boost 1.69, we get the new option, BOOST_BEAST_USE_STD_STRING_VIEW
which allows us to use std::string for all beast interfaces, instead of
boost string_view. This was originally intended to try to reduce the
binary size, but the comparison shows only a minor improvement.
boost::string_view: 7420780 bytes
std::string_view: 7419948 bytes
832 bytes saved ! ! ! ! !
So instead, we will use the argument that it's more standard and easier
for people to grok.
Tested By:
Pulled down some bmcweb endpoints, and observed no change. Because the
two objects are essentially drop in replacements for one another, there
should be no change.
Change-Id: I001e8cf2a0124de4792a7154bf246e3c35ef3f97
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
Related to patchset here. This patchset implements the bmc side of
redirecting the users URL after login correctly.
https://gerrit.openbmc-project.xyz/#/c/openbmc/phosphor-webui/+/15925
Change-Id: Idf42f4cecd29fb0c6088721eb5e10fb39e1168e7
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
This commit moves the codebase to the lastest clang-format file from
upstream, as well as clang-format-6.0.
Change-Id: Ice8313468097c0c42317fbb9e10ddf036e8cff4c
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
This patchset moves bmcweb over to the upstream style naming
conventions for variables, classes, and functions, as well as imposes
the latest clang-format file.
This changeset was mostly built automatically by the included
.clang-tidy file, which has the ability to autoformat and auto rename
variables. At some point in the future I would like to see this in
greater use, but for now, we will impose it on bmcweb, and see how it
goes.
Tested: Code still compiles, and appears to run, although other issues
are possible and likely.
Change-Id: If422a2e36df924e897736b3feffa89f411d9dac1
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
This fixes a bug where the webserver requests a resource that doesn't
exist, which triggers a www-authenticate, and causes the browser to
show the wrong thing.
Change-Id: I65643a50eb269b0a7c76dcb0c65c4e7db2165c88
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|