| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2023-01-17 | Add check for globals | Ed Tanous | 1 | -0/+1 | |
| We don't follow this cpp core guidelines rule well. This is something that we should aspire to cleaning up in the future, but for the moment, lets turn the rule on in clang-tidy to stop the bleeding, add ignores for the things that we know need some better abstractions, and work on these over time. Most of this commit is just adding NOLINTNEXTLINE exceptions for all of our globals. There was one case in the sensor code where clang correctly noted that those globals weren't actually const, which got missed because of the use of auto. Tested: CI should be good enough for this. Passes clang-tidy. Signed-off-by: Ed Tanous <edtanous@google.com> Change-Id: Ieda08fee69a3b209d4b3e9771809a6c41524f066 | |||||
| 2020-07-16 | Rework Authorization flow | James Feist | 1 | -0/+13 | |
| Currently we parse the whole message before authenticating, allowing an attacker the ability to upload a large image, or keep a connection open for the max amount of time easier than it should be. This moves the authentication to the earliest point possible, and restricts unauthenticated users timeouts and max upload sizes. It also makes it so that unauthenticated users cannot keep the connection alive forever by refusing to close the connection. Tested: - login/logout - firmware update - large POST when unauthenticated - timeouts when unauthenticated - slowhttptest Change-Id: Ifa02d8db04eac1821e8950eb85e71634a9e6d265 Signed-off-by: James Feist <james.feist@linux.intel.com> | |||||
 |
index : BMC/OpenBmc/bmcweb.git | |
| A do everything Redfish, KVM, GUI, and DBus webserver for OpenBMC (mirror) | Andrey V.Kosteltsev |
| summaryrefslogtreecommitdiff |