Age | Commit message (Collapse) | Author | Files | Lines |
|
Clang-tidy has the aforementioned check, which shows a few places in the
core where we ignored the required optional checks. Fix all uses.
Note, we cannot enable the check that this time because of some weird
code in health.hpp that crashes tidy[1]. That will need to be a future
improvement.
There are tests that call something like
ASSERT(optional)
EXPECT(optional->foo())
While this isn't an actual violation, clang-tidy doesn't seem to be
smart enough to deal with it, so add some explicit checks.
[1] https://github.com/llvm/llvm-project/issues/55530
Tested: Redfish service validator passes.
Change-Id: Ied579cd0b957efc81aff5d5d1091a740a7a2d7e3
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
std::format is a much more modern logging solution, and gives us a lot
more flexibility, and better compile times when doing logging.
Unfortunately, given its level of compile time checks, it needs to be a
method, instead of the stream style logging we had before. This
requires a pretty substantial change. Fortunately, this change can be
largely automated, via the script included in this commit under
scripts/replace_logs.py. This is to aid people in moving their
patchsets over to the new form in the short period where old patches
will be based on the old logging. The intention is that this script
eventually goes away.
The old style logging (stream based) looked like.
BMCWEB_LOG_DEBUG << "Foo " << foo;
The new equivalent of the above would be:
BMCWEB_LOG_DEBUG("Foo {}", foo);
In the course of doing this, this also cleans up several ignored linter
errors, including macro usage, and array to pointer deconstruction.
Note, This patchset does remove the timestamp from the log message. In
practice, this was duplicated between journald and bmcweb, and there's
no need for both to exist.
One design decision of note is the addition of logPtr. Because the
compiler can't disambiguate between const char* and const MyThing*, it's
necessary to add an explicit cast to void*. This is identical to how
fmt handled it.
Tested: compiled with logging meson_option enabled, and launched bmcweb
Saw the usual logging, similar to what was present before:
```
[Error include/webassets.hpp:60] Unable to find or open /usr/share/www/ static file hosting disabled
[Debug include/persistent_data.hpp:133] Restored Session Timeout: 1800
[Debug redfish-core/include/event_service_manager.hpp:671] Old eventService config not exist
[Info src/webserver_main.cpp:59] Starting webserver on port 18080
[Error redfish-core/include/event_service_manager.hpp:1301] inotify_add_watch failed for redfish log file.
[Info src/webserver_main.cpp:137] Start Hostname Monitor Service...
```
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I86a46aa2454be7fe80df608cb7e5573ca4029ec8
|
|
We already have a generator class. We should use it. Wrap this into a
function that can be unit tested, and add unit tests.
Note, some files also needed to change name, because random.hpp
conflicts with the built in random, and causes circular build problems.
This commit changes it to ossl_random.
Tested: Unit tests pass. Now has coverage.
Redfish service validator passes.
Change-Id: I5f8eee1af5f4843a352c6fd0e26d67fd3320ef53
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
It seems like clang-tidy doesn't catch every place that an emplace could
be used instead of a push. Use a few grep/sed pairs to find and fix up
some common patterns.
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I93eaec26b8e3be240599e92b66cf54947073dc4c
|
|
In the continual quest to get tidy passing when run in isolation, fix
some more includes.
This includes removing a circular #include to app.hpp. We don't use
app.hpp in these files, which is why our code compiles but having this
include it here causes a few circular dependencies
app.hpp -> http_server.hpp -> persistent_data.hpp -> app.hpp.
app.hpp -> http_server.hpp -> authentication.hpp -> app.hpp.
This confuses clang when run on header files directly.
Fix a couple more includes at the same time.
Tested: Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ib62d78b49c7e38ef7061c9fbbf6b3d463f11917d
|
|
Most of these missing includes were found by running clang-tidy on all
files, including headers. The existing scripts just run clang-tidy on
source files, which doesn't catch most of these.
Tested: Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic741fbb2cc9e5e92955fd5a1b778a482830e80e8
|
|
In 2022.2, Redfish added support for the Context parameter on the
Session Resource. This parameter has the same function that the
OemSession.ClientId field served. This commit moves all the existing
ClientId code to produce Context as well.
Functionally, this has one important difference, in that Context in
Redfish is optionally provided by the user, which means we need to omit
it if not given by the user. The old implementation left it set to
empty string ("").
Because of this, a few minor interfaces need to change to use
std::optional. Existing uses of clientId are moved to using
value_or("") to keep the same behavior as before.
Tested:
curl --insecure -X POST -d "{\"UserName\": \"root\", \"Password\":
\"0penBmc\"}" https://192.168.7.2/redfish/v1/SessionService/Sessions
Returns a Session object with no Context key present
curl --insecure -X POST -d "{\"UserName\": \"root\", \"Password\":
\"0penBmc\", \"Context\": \"Foobar\"}"
https://192.168.7.2/redfish/v1/SessionService/Sessions
Returns a Session object with:
"Context": "Foobar"
Subsequent Gets of /redfish/v1/SessionService/Sessions/<sid>
return the same session objects, both with and without Context.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I4df358623f93f3e6cb659e99970ad909cefebc62
|
|
The header pam_authenticate isn't referenced at all in these two files.
So remove it.
Tested: codes compiles
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
Change-Id: I4d9ea06dca2ce4d05add710ec3d6cc0df5c1a39d
|
|
Brace initialization of json objects, while quite interesting from an
academic sense, are very difficult for people to grok, and lead to
inconsistencies. This patchset aims to remove a majority of them in
lieu of operator[]. Interestingly, this saves about 1% of the binary
size of bmcweb.
This also has an added benefit that as a design pattern, we're never
constructing a new object, then moving it into place, we're always
adding to the existing object, which in the future _could_ make things
like OEM schemas or properties easier, as there's no case where we're
completely replacing the response object.
Tested:
Ran redfish service validator. No new failures.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iae409b0a40ddd3ae6112cb2d52c6f6ab388595fe
|
|
This saves about 4k on the binary size
Tested: Redfish service validator passes.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I9546227a19c691b1aecb80e80307889548c0293f
|
|
There's a number of redundancies in our code that clang can sanitize
out. Fix the existing problems, and enable the checks.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ie63d7b7f0777b702fbf1b23a24e1bed7b4f5183b
|
|
Part of enforcing cpp core guidelines involves explicitly including all
constructors required on a non-trivial class. We were missing quite a
few. In all cases, the copy/move/and operator= methods are simply
deleted.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ie8d6e8bf2bc311fa21a9ae48b0d61ee5c1940999
|
|
This commit moves the internal data structures to use
boost::beast::http::fields as its internal data structure. fields is a
hyper-optimized map implementation for http headers, and has a lot of
nice escaping properties. It is what boost::beast::http::request uses
under the covers, so this has some niceties in reducing the amount of
code, and means we can completely remove the headers structure, and
simply rely on req. When this conversion was done, now the type safety
of the incoming data needs to have better checking, as loading into the
keys has new requirements (like values must be strings), so that type
conversion code for to and from json was added, and the POST and PATCH
handler updated to put into the new structure.
Tested:
curl -vvvv --insecure -u root:0penBmc
"https://192.168.7.2:443/redfish/v1/EventService/Subscriptions" -X POST
-d
"{\"Destination\":\"http://192.168.7.2:443/\",\"Context\":\"Public\",\"Protocol\":\"Redfish\",\"HttpHeaders\":[{\"Foo\":\"Bar\"}]}"
returned 200.
Tested various "bad" headers, and observed the correct type errors.
Issued: systemctl restart bmcweb.
Subscription restored properly verified with.
GET https://localhost:8001/redfish/v1/EventService/Subscriptions/183211400
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I331f65e1a3960f1812c9baac27dbdcb1d54f112c
|
|
This commit resolves https://github.com/openbmc/bmcweb/issues/168
Current store mechanism makes it very difficult to keep in sync with
the existing files, and has caused several bugs because the path it
uses different than the existing bmcweb_persistent_data.json, and it's
missing several error checks.
If there has old config in /var/lib/bmcweb/eventservice_config.json.
Restart bmcweb will move old config to bmcweb_presistent_data.json and
delete the old config.
Tested:
- Create new Subscription via POST
https://${bmc}/redfish/v1/EventService/Subscriptions/
The subscription is successfully created and GET succussfully.
Restart bmcweb or reboot.
The subscription will restore.
- Delete the Subscription via DELETE
https://${bmc}/redfish/v1/EventService/Subscriptions/${subscription_id}
The subscription is successfully delete.
bmcweb_persistent_data.json will delete subscription content.
- Modify EventService config via PATCH
https://{{bmc}}/redfish/v1/EventService
GET https://{{bmc}}/redfish/v1/EventService and the changes applied.
bmcweb_persistent_data.json will apply modification after PATCH.
Restart bmcweb or reboot
The config maintains the changed.
Signed-off-by: JunLin Chen <Jun-Lin.Chen@quantatw.com>
Change-Id: Ic29385ea8231ba976bbf415af2803df2d30cb10a
|
|
Before writing bmcweb_persistent_data.json on bmcweb shutdown call
applySessionTimeouts() to ensure no stale sessions are wrote.
To accomplish this had to move applySessionTimeouts to public.
Tested: Stop bmcweb, modify bmcweb_persistent_data.json timeout to
be 30 seconds. Start bmcweb. Verify timeout 30 seconds and
1 session is restored. Wait 1 min. stop bmcweb. Verify
no sessions in bmcweb_persistent_data.json.
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
Change-Id: Idfaf7c144b3bdeb2741b48f603d7213ac1a51f10
|
|
This commit implements the ClientOriginIPAddress property on
the session resource. The IP address is persisted across the reboot
Tested by:
1. Create session
POST https://${bmc}/redfish/v1/SessionService/Sessions -d '{"UserName":<>, "Password":<>}'
2. Check the session gets updated with the ClientOriginIPAddress
GET https://${bmc}/redfish/v1/SessionService/Sessions/<id>
3. Redfish validator passed
4. Create session and reboot the BMC to ensure the IP address is persisted
5. Tested the basic auth populates the clientIp at req
Signed-off-by: Sunitha Harish <sunharis@in.ibm.com>
Change-Id: Iaa60d0657c991bde4bcf6c86819055c71c92e421
|
|
cppcheck isn't smart enough to recognize these are c++ headers, not c
headers. Considering we're already inconsistent about our naming, it's
easier to just be consistent, and move the last few files to use .hpp
instead of .h.
Tested:
Code builds, no changes.
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: Ic348d695f8527fa4a0ded53f433e1558c319db40
|
|
fix regression on 5fb91ba400e0482813cf5e1a86fdca17468d0a6a.
Timeout is a global setting, not a per-session setting. This caused
problems with regenerating it, as session restoration doesn't follow the
"best effort" policy we've done before.
This commit:
1. Makes Session::fromJson more robust against extra keys.
2. Disallowed reading in client_id if IBM_Management_console isn't
enabled.
3. Moves timeout to the proper place in the persistent config file.
Resolves https://github.com/openbmc/bmcweb/issues/158
Tested:
Downloaded to bmc, cleared bmcweb_persistent_data.json, then logged in
using webui-vue.
Rebooted BMC.
Reloaded /redfish/v1/SessionService/Sessions/<sessionid> and observed
that all data restored properly. Unclear why, but ClientOriginIPAddress
seems broken, but that seems true prior to this patch.
Data that got returned is included for completeness.
{
"@odata.id": "/redfish/v1/SessionService/Sessions/BKqK5dNfNS",
"@odata.type": "#Session.v1_3_0.Session",
"ClientOriginIPAddress": "",
"Description": "Manager User Session",
"Id": "BKqK5dNfNS",
"Name": "User Session",
"UserName": "root"
}
Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I716431fd4775af63715d07973f723caa8cb34259
|
|
Several pieces of code seems to be using the adl_serializer from
nlohmann. This unfortunately has very undesirable behavior in some
cases, and makes a lot of things really difficult to track back to the
function that did the serialization, which has caused several bugs in
the past with incorrect types.
This patchset removes them, and opts for the inline version of the
nlohmann json serialization.
Tested:
Booted bmcweb, and logged in.
cat bmcweb_persistent_data.json showed persistent data written properly.
Logged into bmc through webui-vue
systemctl restart bmcweb
Then refreshed webui-vue, and didn't get logged out.
Change-Id: I92868629c54d08b37dd1d956f7c2e2a954f9b670
|
|
- This commit would add the patch support for the session
timeout propery under the sessionservice.
- This commit also brings in support for persistent session
timeout property.
Tested By:
1. Redfish validator passed.
2. PATCH the session time out property using the below command
PATCH -d '{"SessionTimeout": 100}' https://<bmcip>/redfish/v1/SessionService
3. GET on sessionservice should return the value of time out which is
patched by using the above command & also GET on the session service fails
with Unauthorized error post the patched timeout value.
4. And also, the existing sessions that are open for the new timeout value are
also closed.
5. As per the schema , the range of values that are allowed for
session timeout are between 30 sec to 86400 sec, so any value which
is patched out of the range is failed with an appropriate error message.
6. PATCH the session timeout to new value using 2, and them restart the bmcweb
and the GET using 3 should return the new value.
Signed-off-by: Manojkiran Eda <manojkiran.eda@gmail.com>
Change-Id: Id50eacc5018b7a82371fd37a2ae1e7fb7596ed2b
|
|
Middlewares, while kinda cool from an academic standpoint, make our
build times even worse than they already are. Given that we only really
use 1 real middleware today (token auth) and it needs to move into the
parser mode anyway (for security limiting buffer sizes), we might as well
use this as an opportunity to delete some code.
Some other things that happen:
1. Persistent data now moves out of the crow namespace
2. App is no longer a template
3. All request_routes implementations no longer become templates. This
should be a decent (unmeasured) win on compile times.
This commit was part of a commit previously called "various cleanups".
This separates ONLY the middleware deletion part of that.
Note, this also deletes about 400 lines of hard to understand code.
Change-Id: I4c19e25491a153a2aa2e4ef46fc797bcb5b3581a
Signed-off-by: Ed Tanous <ed@tanous.net>
|