| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Our includes haven't been enforced by tidy in a while. Run the script,
check in the result, minus the false positives.
Change-Id: I6a6da26f5ba5082d9b4aa17cdc9f55ebd8cd41a6
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Within this namespace, we don't need to call crow, we are already in the
crow namespace.
Tested: Code compiles.
Change-Id: Ida57624ef1157f98f2719b5c3af536aebaca601e
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Add support for multi-host GET request-handling under the
/redfish/v1/Systems/{computerSystemId}/ redfish resource.
All multi-host supported redfish URIs can be found in this listing [1].
Multi-host meson options needed:
-Dexperimental-redfish-multi-computer-system=enabled
Tested: Validator passes on single-host machine and yv4 qemu emulation.
[1] https://gerrit.openbmc.org/c/openbmc/bmcweb/+/76118
Change-Id: I67c17c3dd7a354fa9a2ebbc56d4def7a7e788909
Signed-off-by: Oliver Brewka <oliver.brewka@9elements.com>
|
|
Passing the TLS-provided credentials from the HTTP connection to the
http2 connection got missed, and appears to break mutual TLS for http2
connections. Pass the credentials.
Tested: Mutual TLS is now functional on http2 connections as shown in
the next patch.
Change-Id: Ia2bbcd5383dae859baa96908b76f221b9c74632c
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Take advantage of nesting meson files in directories to make things more
readable.
e.g. file path literals become shorter.
Tested: tests still build and pass.
Change-Id: I20cca4f35fb326df33a337bdbadb9811b78962a7
Signed-off-by: Alexander Hansen <alexander.hansen@9elements.com>
|
|
Given the size of Redfish schemas these days, it would be nice to be
able to store them on disk in a zstd format. Unfortunately, not all
clients support zstd at this time.
This commit implements reading of zstd files from disk, as well as
decompressing zstd in the case where the client does not support zstd as
a return type.
Tested:
Implanted an artificial zstd file into the system, and observed correct
decompression both with an allow-encoding header of empty string and
zstd.
Change-Id: I8b631bb943de99002fdd6745340aec010ee591ff
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
The backends are different things compared to generic code. Today,
these are all included in the /include folder, but it's not very clear
what options control which backends, or how things map together. This
also means that we can't separate ownership between the various
companies.
This commit is a proposal to try to create a features folder,
separated by the code for the various backends, to make interacting
with this easier. It takes the form
features/<option name>/files.hpp
features/<option name>/files_test.hpp
Note, redfish-core was already at top level, and contains lots of code,
so to prevent lots of conflicts, it's simply symlinked into that folder
to make clear that it is a backend, but not to move the implementation
and cause code conflicts.
Tested: Unit tests pass. Code compiles.
Change-Id: Idcc80ffcfd99c876734ee41d53f894ca5583fed5
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Since 2020, nlohmann has recognized that implicit conversions to and
from json are an issue. Many bugs have been caused at both development
time and runtime due to unexpected implicit conversions from json to
std::string/int/bool. This commit disables implicit conversions using
JSON_USE_IMPLICIT_CONVERSIONS [1]. This option will become the default
in the future. That comment was written 3 years ago at this point, so
we should prepare.
Tested:
Redfish service validator passes.
[1] https://json.nlohmann.me/api/macros/json_use_implicit_conversions/
Change-Id: Id6cc47b9bbf8889e4777fd6d77ec992f3139962c
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
as we have successfully merged patches that enable UserPrincipalName
parse mode, we can start removing Meta only parse mode. This commit
is intended to remove MTLSCommonNameParseMode::Meta from the upstream
code
Tested:
- build bmcweb
- deploy to a device that already use UPN
- check if it works fine by sending curl request /AccountService
Change-Id: Idcf4340a2a9940f035aea41cd30ef4df7bd95530
Signed-off-by: Malik Akbar Hashemi Rafsanjani <malikrafsan@meta.com>
|
|
Rather than having to manually hook code for registries, add a small
registration function to the registry header and use this registration
results throughout the registry interactions.
Tested:
Confirmed registries have same behavior.
```
$ curl -s -k https://localhost:18080/redfish/v1/Registries/ | jq '.Members | map(."@odata.id")'
[
"/redfish/v1/Registries/Base",
"/redfish/v1/Registries/HeartbeatEvent",
"/redfish/v1/Registries/OpenBMC",
"/redfish/v1/Registries/ResourceEvent",
"/redfish/v1/Registries/TaskEvent",
"/redfish/v1/Registries/Telemetry"
]
```
```
$ curl -s -k https://localhost:18080/redfish/v1/Registries/TaskEvent/TaskEvent | jq ".Messages | keys"
[
"TaskAborted",
"TaskCancelled",
"TaskCompletedOK",
"TaskCompletedWarning",
"TaskPaused",
"TaskProgressChanged",
"TaskRemoved",
"TaskResumed",
"TaskStarted"
]
```
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: Iaa355420736a2587d9da4e995208d579443ca9b8
|
|
Extension of OEM route infra to support registration of handlers for OEM
patch requests. When patch request is made on a redfish resource, first
the main route handler will be called and if request patch payload
contains any OEM fragments then, registered OEM patch handler will be
called.
Tested
1. UT passes with new test cases added for OEM patch handling
2. Patch on FAN OEM property works as expected
```
Step 1: Creating new fan controller...
Create PATCH data:
{
"Oem": {
"OpenBmc": {
"Fan": {
"FanControllers": {
"Fan_TEST_391715": {
"FFGainCoefficient": 2.0,
"Zones": [
{
"@odata.id": "/redfish/v1/Managers/bmc#/Oem/OpenBmc/Fan/FanZones/Zone_1"
}
]
}
}
}
}
}
}
HTTP Response Code (PATCH /redfish/v1/Managers/bmc): 200
HTTP Response Code (GET /redfish/v1/Managers/bmc): 200
✓ Fan controller created successfully
Step 2: Updating the fan controller...
Update PATCH data:
{
"Oem": {
"OpenBmc": {
"Fan": {
"FanControllers": {
"Fan_TEST_391715": {
"FFGainCoefficient": 3.0
}
}
}
}
}
}
HTTP Response Code (PATCH /redfish/v1/Managers/bmc): 200
HTTP Response Code (GET /redfish/v1/Managers/bmc): 200
Final Configuration:
{
"@odata.id": "/redfish/v1/Managers/bmc#/Oem/OpenBmc/Fan/FanControllers/Fan_TEST_391715",
"@odata.type": "#OpenBMCManager.v1_0_0.Manager.FanController",
"FFGainCoefficient": 3.0,
"Zones": [
{
"@odata.id": "/redfish/v1/Managers/bmc#/Oem/OpenBmc/Fan/FanZones/Zone_1"
}
]
}
✓ Fan controller updated successfully
```
Test Summary
```
[+] Tests DateTime update after NTP disable. Payload: {DateTime: <date-string>}. Expects: 204 success, validates date matches update.: PASSED
[-] Tests invalid property in request. Payload: {InvalidProperty: 'value', DateTime: <date-string>}. Expects: 400 PropertyUnknown error, validates DateTime unchanged.: PASSED
[-] Tests fan controller with invalid property. Payload: Oem/OpenBmc/Fan/FanControllers with InvalidProperty. Expects: 400 PropertyUnknown error, fan not created.: PASSED
[-] Tests empty PATCH request. Payload: {}. Expects: 400 MalformedJSON error.: PASSED
[-] Tests malformed fan controller JSON. Payload: Fan property as string instead of object. Expects: 400 PropertyValueTypeError error.: PASSED
[-] Tests DateTime with wrong type. Payload: {DateTime: 12345}. Expects: 400 PropertyValueTypeError error, DateTime unchanged.: PASSED
[-] Tests PATCH to invalid manager path. Payload: Valid DateTime and fan update to /invalid_bmc. Expects: 404 ResourceNotFound error.: PASSED
[+] Tests fan controller creation. Payload: Oem/OpenBmc/Fan/FanControllers with FFGainCoefficient and Zones. Expects: 200 success with success message.: PASSED
[-] Tests fan controller without required Zones. Payload: Oem/OpenBmc/Fan/FanControllers with only FFGainCoefficient. Expects: 500 InternalError, fan not created.: PASSED
[+] Tests combined DateTime and fan update. Payload: DateTime and Oem/OpenBmc/Fan/FanControllers. Expects: 200 success with success message.: PASSED
[-] Tests PATCH with wrong Content-Type header. Payload: Valid DateTime update with text/plain content-type. Expects: 400 UnrecognizedRequestBody error.: PASSED
[+] Tests fan controller creation and update. Payload: Create with FFGainCoefficient=2.0, then update to 3.0. Expects: 200 success for both operations, verifies all properties.: PASSED
```
Change-Id: Ib2498b6a4db0343d5d4a405a5a8e4d78f615bed8
Signed-off-by: Rohit PAI <rohitpai77@gmail.com>
|
|
Initial copy was done to avoid request object going out of scope before
OEM handler are invoked.
The MR avoids the whole copy of the request object and create a sub
route object which contains elements required for OEM route handling.
Tested
- Service Validator Passes
- OpenBMC OEM properties and rendered well.
Change-Id: I3ef80a130afe6ab764a13704a8b672f5b0635126
Signed-off-by: Rohit PAI <ropai@nvidia.com>
|
|
Goal of the MR is to provide infrastructure support in bmcweb to manage
the OEM fragment handling separately. OEM schema are vendor defined and
per DMTF resource we could have multiple vendor defined OEM schema to be
enabled.
The feature allows registration of route handler per schema per OEM
namespace.
Example
```
REDFISH_SUB_ROUTE<"/redfish/v1/Managers/<str>/#/Oem/OpenBmc">(service,
HttpVerb::Get)(oemOpenBmcCallback);
REDFISH_SUB_ROUTE<"/redfish/v1/Managers/<str>/#/Oem/Nvidia">(service,
HttpVerb::Get)(oemNidiaCallback);
```
We can have separate vendor defined route handlers per resource. Each of
these route handlers can populate their own vendor specific OEM data.
The OEM code can be better organized and enabled/disabled as per the
platform needs. The current MR has the code changes related to handling
GET requests alone. The feature only supports requests
where the response payload is JSON.
Tests
- All UT cases passes
- New UT added for RF OEM router passes
- Service Validator passes on qemu
- GET Response on Manager/bmc resource contains the OEM fragment
```
curl -c cjar -b cjar -k -X GET https://127.0.0.1:2443/redfish/v1/Managers/bmc
{
"@odata.id": "/redfish/v1/Managers/bmc",
"@odata.type": "#Manager.v1_14_0.Manager",
"Oem": {
"OpenBmc": {
"@odata.id": "/redfish/v1/Managers/bmc#/Oem/OpenBmc",
"@odata.type": "#OpenBMCManager.v1_0_0.Manager",
"Certificates": {
"@odata.id": "/redfish/v1/Managers/bmc/Truststore/Certificates"
}
}
},
"UUID": "40575e98-90d7-4c10-9eb5-8d8a7156c9b9"
}
```
Change-Id: Ic82aa5fe760eda31e2792fbdfb6884ac3ea613dc
Signed-off-by: Rohit PAI <rohitpai77@gmail.com>
|
|
This commit is intended to implement the UserPrincipalName (UPN) parse
mode on mutual TLS (MTLS). By implementing this we can use the X509
certificate extension Subject Alternative Name (SAN), specifically UPN
to be used as the username
In our case, this feature is needed because we have a specific format
on our Subject CN of X509 certificate. This format cannot directly
mapped to the username of bmcweb because it contains special
characters (`/` and `:`), which cannot exist in the username.
Changing the format of our Subject CN is very risky. By enabling
this feature we can use other field, which is the SAN extension to
be used as the username and do not change our Subject CN on the
X509 certificate
In general, by implementing this feature, we can enable multiple
options for the system. There might be other cases where we want to
have the username of the bmcweb is not equal to the Subject CN of the
certificate, instead the username is added as the UserPrincipalName
field in the certificate
The format of the UPN is `<username>@<domain>` [1][2]. The format
is similar to email format. The domain name identifies the domain
in which the user is located [3] and it should match the device name's
domain (domain forest).
Tested
- Test using `generate_auth_certificate.py` (extended on patch [4])
- Manual testing (please see the script mentioned above for more detail)
- Setup certificate with UPN inside SAN extension
- Change the CertificateMappingAttribute to use UPN
- Get request to `/SessionService/Sessions`
- Run unit tests
[1] UPN Format: https://learn.microsoft.com/en-us/windows/win32/secauthn/user-name-formats#user-principal-name
[2] UPN Properties: https://learn.microsoft.com/en-us/windows/win32/ad/naming-properties#userprincipalname
[3] UPN Glossary: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-wcce/719b890d-62e6-4322-b9b1-1f34d11535b4#gt_9d606f55-b798-4def-bf96-97b878bb92c6
[4] Patch Testing Script: https://gerrit.openbmc.org/c/openbmc/bmcweb/+/78837
Change-Id: I490da8b95aee9579546971e58ab2c4afd64c5997
Signed-off-by: Malik Akbar Hashemi Rafsanjani <malikrafsan@meta.com>
|
|
Verify similar to beb96b0 Break out websockets
Break out the SSE functions into a separate compile unit. This allows
the SSE sockets in beast to be compiled separately, which significantly
reduces the overall compile time by a few seconds. Code is identical
with the exceptions of minor header definitions to convert header-only
to compile unit.
Change-Id: I5aae4f17cbd2badf75b3e0bb644a2309f6300663
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
To support HTTP2 simultaneously on http and https connections, the HTTP
connection classes formerly took the socket as a template option,
allowing passing ssl::stream<tcp::socket> or simply tcp socket. With
the addition of the multiple-sockets option, this would cause two copies
of the template to be instantiated, increasing both compile times and
binary size.
This commit applies the same logic to http2connection as was applied to
HTTPConnection, adding an http type parameter to the constructor, which
allows switching between adapter and adapter.next_level() on each read
or write operation. In compiled code, this means that the connection
classes are only specialized once.
Tested:
When configured for one of each http and https socket and http2
curl --http2 http://<ip>/redfish/v1
succeeds
curl --http2 https://<ip>/redfish/v1 succeeds
Change-Id: I8f33796edd5874d5b93d10a3f253cfadd4f6d7a4
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
This commit attempts to add the concept of an SSL detector from beast,
and add the capability into bmcweb. This allows directing multiple
socket files to the bmcweb instance, and bmcweb will automatically sort
out whether or not they're SSL, and give the correct response. This
allows users to plug in erroneous urls like "https://mybmc:80" and they
will forward and work correctly.
Some key design points:
The HTTP side of bmcweb implements the exact same http headers as the
HTTPS side, with the exception of HSTS, which is explicitly disallowed.
This is for consistency and security.
The above allows bmcweb builds to "select" the appropriate security
posture (http, https, or both) for a given channel using the
FileDescriptorName field within a socket file. Items ending in:
both: Will support both HTTPS and HTTP redirect to HTTPS
https: Will support HTTPS only
http: will support HTTP only
Given the flexibility in bind statements, this allows administrators to
support essentially any security posture they like. The openbmc
defaults are:
HTTPS + Redirect on both ports 443 and port 80 if http-redirect is
enabled
And HTTPS only if http-redirect is disabled.
This commit adds the following meson options that each take an array of
strings, indexex on the port.
additional-ports
Adds additional ports that bmcweb should listen to. This is always
required when adding new ports.
additional-protocol
Specifies 'http', 'https', or 'both' for whether or not tls is enfoced
on this socket. 'both' allows bmcweb to detect whether a user has
specified tls or not on a given connection and give the correct
response.
additional-bind-to-device
Accepts values that fill the SO_BINDTODEVICE flag in systemd/linux,
and allows binding to a specific device
additional-auth
Accepts values of 'auth' or 'noauth' that determines whether this
socket should apply the normal authentication routines, or treat the
socket as unauthenticated.
Tested:
Previous commits ran the below tests.
Ran the server with options enabled. Tried:
```
curl -vvvv --insecure --user root:0penBmc http://192.168.7.2/redfish/v1/Managers/bmc
* Trying 192.168.7.2:80...
* Connected to 192.168.7.2 (192.168.7.2) port 80 (#0)
* Server auth using Basic with user 'root'
> GET /redfish/v1/Managers/bmc HTTP/1.1
> Host: 192.168.7.2
> Authorization: Basic cm9vdDowcGVuQm1j
> User-Agent: curl/7.72.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Location: https://192.168.7.2
< X-Frame-Options: DENY
< Pragma: no-cache
< Cache-Control: no-Store,no-Cache
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Content-Security-Policy: default-src 'none'; img-src 'self' data:; font-src 'self'; style-src 'self'; script-src 'self'; connect-src 'self' wss:
< Date: Fri, 08 Jan 2021 01:43:49 GMT
< Connection: close
< Content-Length: 0
<
* Closing connection 0
```
Observe above:
webserver returned 301 redirect.
webserver returned the appropriate security headers
webserver immediately closed the connection.
The same test above over https:// returns the values as expected
Loaded the webui to test static file hosting. Webui logs in and works
as expected.
Used the scripts/websocket_test.py to verify that websockets work.
Sensors report as expected.
Change-Id: Ib5733bbe5473fed6e0e27c56cdead0bffedf2993
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
base64 decoding comes in two flavors, "normal" which we already
implement, and "url safe" which modifies the alphabet to create base64
encodings that are safe to use in filenames and urls. Functionally this
just involves swapping two characters with underscore and minus in the
encode/decode table. To avoid duplicating a lot of code, this commit
refactors the base64 tables to be generated at compile time.
Tested: Included unit tests pass. No usage until next commit.
Change-Id: I71724fd2e04000f115c22a40d382d411986d7b39
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Redfish specification states:
```
The value of the id field shall be the same as the Id property in the
event payload. The value of the Id property in the event payload should
be the same as the EventId property of the last event record in the
Events array. The value of the EventId property for an event record
should be a positive integer value and should be generated in a
sequential manner.
```
The event service code did not implement that correctly. So:
1. Add ID fields for all events.
2. Remove the per-sse connection id field and rely solely on
EventServiceManager.
3. Make sure all paths, (including metric report) are generating an
event id that's based on the eventservice event id
Tested: Redfish event listener now sees events populated.
LastEventId when sent to the SSE socket now sees a contiguous id.
```
uri=$(curl -s --user "root:0penBmc" -k "https://192.168.7.2/redfish/v1/EventService" | jq -r .ServerSentEventUri)
curl -u root:0penBmc -vvv -k -N -H "Accept: text/event-stream" -H "Last-Event-Id: 0" "https://192.168.7.2$uri"
```
Change-Id: Ic32e036f40a53a9b2715639ae384d7891c768260
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
When array/vector object is expected in JSON patch the error info does
not contain the actual wrong property instead shows "null". Fix is to
correct the value in the error info.
Tested
- add new test case to verify this
- unit tests are passing.
Change-Id: Ica26ac9e501b5a34a5b118769cc1917eeab30524
Signed-off-by: rohitpai <rohitpai77@gmail.com>
|
|
Copy the latest format file from the docs repository and apply.
Change-Id: I2f0b9d0fb6e01ed36a2f34c750ba52de3b6d15d1
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
|
|
Error code utils can be used for aggregating error
responses from multiples responses including use case
for managing separate route handlers for OEM namespace
Tests
Units tests are passing.
Change-Id: I2223d41fb318c0276de1ca64dd3e841bb988d902
Signed-off-by: rohitpai <rohitpai77@gmail.com>
|
|
The way we pass around io contexts is somewhat odd. Boost maintainers
in slack recommended that we just have a method that returns an io
context, and from there we can control this (context link lost years
ago).
The new version of clang claims the singleton pattern of passing in an
io_context pattern is a potential nullptr dereference. It's technically
correct, as calling the singleton without immediately initializing the
io context will lead to a crash.
This commit implements what the boost maintainers suggested, having a
single method that returns "the context" that should be used. This also
helps to maintain isolation, as some pieces are no longer tied directly
to dbus to get their reactor.
Tested: WIP
Change-Id: Ifaa11335ae00a3d092ecfdfb26a38380227e8576
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Clang-tidy misc-include-cleaner appears to now be enforcing
significantly more headers than previously. That is overall a good
thing, but forces us to fix some issues. This commit is largely just
taking the clang-recommended fixes and checking them in. Subsequent
patches will fix the more unique issues.
Note, that a number of new ignores are added into the .clang-tidy file.
These can be cleaned up over time as they're understood. The majority
are places where boost includes a impl/x.hpp and x.hpp, but expects you
to use the later. include-cleaner opts for the impl, but it isn't clear
why.
Change-Id: Id3fdd7ee6df6c33b2fd35626898523048dd51bfb
Signed-off-by: Ed Tanous <etanous@nvidia.com>
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
Implemented the code to identify the '/' character in the
key and perform the level by level search
Testing :
Tested query parameter with path separated by / example
curl -k -u root:0penBmc https://<IP>/redfish/v1/Systems/
Baseboard/LogServices/FaultLog/Entries?$filter=CPER/Oem/
OEM/IpSignature eq 'DRAM-CHANNELS'
Results having 'DRAM-CHANNELS' in nested path "CPER/Oem/
OEM/IpSignature" are listed.
Change-Id: Ie6cf796026a29ec7a3e8a0366bbfd0c658d0ac7e
Signed-off-by: Chandramohan Harkude <chandramohan.harkude@gmail.com>
|
|
This code should really be in a cpp/hpp file, not in a generated python
script. The python script housed this temporarily to allow us to
generate the registries. It's time to roll it out.
Tested: Message registries generate successfully on GET. Redfish
service validator passes.
Change-Id: I7aca2d0a7fac6d530511421b667ff732617df61e
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
SPDX identifiers are simpler, and reduce the amount of cruft we have in
code files. They are recommended by linux foundation, and therefore we
should do as they allow.
This patchset does not intend to modify any intent on any existing
copyrights or licenses, only to standardize their inclusion.
[1] https://www.linuxfoundation.org/blog/blog/copyright-notices-in-open-source-software-projects
Change-Id: I935c7c0156caa78fc368c929cebd0f068031e830
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Currently that code is still unfinished,
but we can already define some trivial testcases.
The main result of this function is populating EventLogObjectsType.
Tested: Unit tests pass.
Change-Id: I2e23147190be33192d41176413c16cd98c7bfd81
Signed-off-by: Alexander Hansen <alexander.hansen@9elements.com>
|
|
Previously this function was based on a basic string comparison. This
is fine, but found several inconsistencies, like not handling spaces in
the appropriate places.
This commit creates a new function getContentType, using the new parsing
infrastructure. As doing this, it showed that the existing parser
functions were not handling case insensitive compares for the mime type.
While this is technically not required, it's something we unit test for,
and relatively easy to add.
Note, that because this parser ignores charset, this moves charset=ascii
from something that previously failed, to something that now succeeds.
This is expected.
Tested: Unit tests pass. Good coverage
Change-Id: I825a72862135b62112ee504ab0d9ead9d6796354
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
When sending last-event-id, the previous events were being received
before the the header was completed. This is because the open handler is
being called before the connect call was in place, so you get:
Connection starts
open handler called
sendEvent() called from open handler
sendSSEHeader() called.
This results in a spec violation.
Tested:
curl --user root:0penBmc -vvv -s --no-buffer -k -N -H 'Accept:
text/event-stream' -H 'Last-Event-Id: 4' -X GET
https://localhost:8000/redfish/v1/EventService/SSE
Now succeeds, and wireshark dumps show the header is being sent
correctly. Note that previously this command would fail unless http0.9
header was set.
Unit test coverage for this path without last-event-id passes.
Change-Id: I44bb6eedbcbdc727b257646ec55e808157231f75
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Accept header allows any possible parameter value, and expects
that unknown property subtypes are simply ignored.
We were previously enforcing that things either match q=<number>
or have no params. bmcweb has no usage of the params, but allow
them to parse silently per the spec in case someone sends them.
[1] https://developer.mozilla.org/en-US/docs/Web/HTTP/MIME_types#structure_of_a_mime_type
This more meets the intent. In theory we could parse only q and charset
values, but allowing any key/values here makes us more resilient against
new mime types being added.
Tested: Unit tests included and passing
Change-Id: I1500be0da4c0c72185ee5bda5dfc31885dc6102d
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
There's a number of conditions in setting gateways that don't work
properly. Specifically, one of the issues is setting a gateway on an
address that already exists. It returns a PropertyValueConflict error
on Ipv4Addresses/1/Gateway with Ipv4Addresses/1/Gateway
Obviously an address can't conflict with itself, so this is wrong.
To address this, move the gateway setting and selection code into a
routine outside of the main loop, after all the gateways are accounted
for, and so we can treat them separately.
Tested;
PATCH to an existing ip address works, and no longer returns the error.
More test cases likely needed.
Change-Id: I0339e02fc27164337416637153d0b0f744b64ad8
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Changes Added : Updated the submit test event feature to send test
data as per spec
https://www.dmtf.org/sites/default/files/standards/documents/
DSP2046_2019.1.pdf
Testing :
Tested sending custom test data
and same data received at the event listener
Change-Id: I2c2363a676aafd39c121c9fe4e16402c0f5961e2
Signed-off-by: Chandramohan Harkude <chandramohan.harkude@gmail.com>
|
|
Change-Id: Iefe1b695b86a640d8dfaafd1f77f374fa34246de
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
We use these pragmas, that we must've been getting transitively through
chrono in the past. Now we need to include them explicitly.
Change-Id: Iee4c0a8866981b91adaa17bee0678b2c10e65ea9
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
4e338b2313f9f2a91aa1fb36693e36a328d58933 Removed tftp update support
from the codebase, but left SimpleUpdate in a non functional state.
Given that a number of forks have implemented the HTTPS/SCP versions of
simple update, we don't want to fully delete the code at this time, so
for the moment put it behind an option flag.
Tested: WIP
Change-Id: Ibab1e3a48ff640787eabf8ed5f7a5c08e3381307
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/75914 added support for
dynamic ChassisType. Before 75914, ChassisType was hardcoded to
RackMount. If you implement Inventory.Item.Chassis the default Chassis
Type is Unknown. Unknown in 75914 maps to Invalid and ChassisType is
left off the Redfish Chassis resource. The Redfish Validator flags this
as an error since ChassisType is a required property in the Chassis
schema.
The implementations should be setting the ChassisType but let's get
bmcweb bumps back on the rails and just set ChassisType = RackMount if
there is an error or if the Chassis Type is something we can't map (like
Unknown). This "your default ChassisType is RackMount" matches what we
had before.
Tested: Inspection and unit tests only.
Change-Id: Id577be522be7c2d3463da9c497d9063a284a4d54
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
Redfish specification, section 9.5.11.2 says:
The MessageId property value shall be in the format:
<MessageRegistryPrefix>.<MajorVersion>.<MinorVersion>.<MessageKey>
bmcweb in certain places has incorrectly used the 3 digit version
instead of the 2 digit version. This commit fixes that by modifying the
parse_registries script to generate 3 separate struct entries to
represent the registry version, and parse them where appropriate.
MessageRegistryFileCollection uses the 3 digit version. No behavior
changes.
Message/event log entries use the 2 digit version. This will cause a
MessageId change from:
Base.1.19.0.InternalError
to
Base.1.19.InternalError
This is a breaking change, so a new option to allow the old behavior is
provided.
Tested: Redfish Service validator passes.
Heartbeat events on EventService show 2 digit versions.
Change-Id: I4165e994f73e200f13bed8ea76cb58bee2b69faa
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Similar to content-type, add an http content-encoding parser.
Tested: Unit tests pass.
Change-Id: Ic62809934f84804c910458184de19ca9a4207ce5
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
sd-journal has its own paging mechanisms for generating and seeking to
unique ids. Ironically they look fairly similar to what we've
implemented here, but they have more content, presumably because they
can use internal implementation details to do paging.
This commit switches all sd-journal paging to use cursors. Functionally
this changes the odata.id from being a concatenated string into being a
base64 encoded identifier that is much longer.
The end result is vastly simplified code.
Tested:
check journal script [1] succeeds
[1] https://github.com/openbmc/openbmc-tools/blob/master/check_journal/check_journal
Script runs to completion and shows all tests passed.
Change-Id: Ia49fbfc272bef6dfbe1ea45a8d993dc785041659
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
We somewhat copped out a little with regards to this originally, because
writing parsers is hard, and we don't have to implement the full field
of what the Accepts header allows.
We should aim to be correct where we can, so implement a real parser
that parses values, including the floats.
Tested: Unit tests pass, good coverage.
Change-Id: I1b4232929367d230641be9f41f5af6e6dbcea037
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
The function handleChassisGetSubTree will now handle properties that
are part of the xyz.openbmc_project.Inventory.Item.Chassis interface.
At time of development this is only ChassisType. The new function
"handleChassisProperties" will attempt to get the Type property from
the interface, translate it to a Redfish standard string and set it as
the ChassisType value. If the property cannot be found the default
"RackMount" will be used.
Tested: Added and ran 4 new unit tests. Ran manual tests with
ChassisType being exposed via dbus in QEMU emulated environments.
Tested on ASPEED 2600 eval board.
Change-Id: Ibbd048db5007f5154e88495ec6e651a3a2137b06
Signed-off-by: Joseph-Jonathan Salzano <joseph-jonathan.salzano@hp.com>
|
|
bmcweb replaces underscores with spaces in sensor names for better
readability. The existing objectKeyCmp function did not handle this
case, leading to core dumps in the sensor load path.
Error details are provided below.
```
bmcwebd[1368]: [DEBUG sensors.hpp:507] Added sensor P0_NS_VR_FAN_2
bmcwebd[1368]: terminate called after throwing an instance of
'boost::detail::with_throw_location<boost::system::system_error>'
bmcwebd[1368]: what(): leftover [boost.url.grammar:4]
```
Implemented a new algorithm that alphabetically sorts non-URL keys
and retains the existing logic for URL-type keys.
Tested: Updated and verified the test cases.
Change-Id: I39c3f7cc54dec5e7cf9658977e1078acb827afb2
Signed-off-by: Jayanth Othayoth <ojayanth@gmail.com>
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Provide basic unit test coverage for the functions from event_log.cpp.
Tested: Unit tests pass.
Change-Id: Ib555d2404e0f5cc5d5610d466100d0f07c79f5d9
Signed-off-by: Alexander Hansen <alexander.hansen@9elements.com>
|
|
gcc-14 enables the std::chrono features we need for doing lots of time
conversions. For whatever reason, std::chrono accepts a an hour of 60,
whereas date.h didn't. This test case is really just a corner case, so
accept either answer.
Tested: Unit tests pass. Good coverage.
Change-Id: I2fb7fcbebb2a4126b36f99d27b216b835d1e2994
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Currently readJsonPatch returns `PropertValueNotInList` in case when an
input integer is out of range. This change is to return
`PropertyValueOutOfRange` for the case out-of-range integer input.
Tested:
- Verify PATCH with an out-of-value integer. e.g.
```
$ curl -k -X PATCH https://${bmc}/redfish/v1/EventService/ -H "Content-Type: application/json" -d '{ "DeliveryRetryIntervalSeconds" : 4294967296}'
```
Before the change, its `MessageId` is `PropertyValueNotInList`.
```
"Message": "The value '4294967296' for the property DeliveryRetryIntervalSeconds is not in the list of acceptable values.",
"MessageId": "Base.1.19.0.PropertyValueNotInList",
"MessageSeverity": "Warning",
"Resolution": "Choose a value from the enumeration list that the implementation can support and resubmit the request if the operation failed."
```
After the change, its `MessageId` will be `PropertyValueOutOfRange`.
```
"Message": "The value '4294967296' for the property DeliveryRetryIntervalSeconds is not in the supported range of acceptable values.",
"MessageId": "Base.1.19.0.PropertyValueOutOfRange",
"MessageSeverity": "Warning",
"Resolution": "Correct the value for the property in the request body and resubmit the request if the operation failed."
```
- Redfish Service Validator passes
Change-Id: I0d0c5ecbc9f416b68fa7c0e81a0ea896ec2e50af
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
|
|
Fix the following clang-tidy errors:
```
../redfish-core/src/filter_expr_executor.cpp:102:21: error: no header providing "nlohmann::json" is directly included [misc-include-cleaner,-warnings-as-errors]
7 | const nlohmann::json& body;
```
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I2e0d66bb35c1010607b9795d00b3321dc20d6d65
|
|
The ThermalMetrics schema[1] provides for efficient thermal metric
gathering for thermal sensors. The schema allows retrieving just the
thermal metrics with one Redfish URI. This prevents the additional work
required when returning all the sensor data, or multiple Redfish URI
calls to retrieve the properties for all of the thermal sensors.
This commit implements the TemperatureReadingsCelsius property of
ThermalMetrics[1]. ThermalMetrics is a property of ThermalSubsystem[2].
TemperatureReadingsCelsius is a SensorArrayExcerpt[3].
[1] https://redfish.dmtf.org/schemas/v1/ThermalMetrics.v1_0_1.json
[2] https://redfish.dmtf.org/schemas/v1/ThermalSubsystem.v1_3_2.json
[3] http://redfish.dmtf.org/schemas/v1/Sensor.v1_9_0.json#/definitions/SensorArrayExcerpt
The temperature sensors are found by finding 'all_sensors' endpoints for
specific chassis of D-Bus service
/xyz/openbmc_project/sensors/temperature. An entry of SensorArrayExcerpt
is built for each temperature sensor retrieved.
Implementation Notes:
- Common function sensor_utils::objectPropertiesToJson() is used to
fill in sensor excerpt properties. Currently the only excerpt
ChassisSubNode is ThermalMetrics. However there are others excerpts
defined by Redfish. Right now mostly this is just skipping things,
but I'm expecting when other sensor excerpts are implemented that
some of the other properties may be added for excerpts as well. I'm
expecting the combination of the chassisSubNode and the sensorType
will be used to determine which properties are included for a
particular call to build a sensor Json representation.
- New sensor_utils::objectExcerptToJson() function created. This wraps
sensor_utils::objectPropertiesToJson() and builds DataSourceUri for a
sensor excerpt.
- New sensor_utils::getAllSensorObjects() function created. This builds
list of 'all_sensors' association endpoints for specified D-Bus path
with specified D-Bus interfaces. Callback function is called with
list for handling sensors.
Tested:
1. Redfish Service Validator passed.
2. doGet method:
```
curl -k -H "X-Auth-Token: ${token}" -X GET https://${bmc}/redfish/v1/Chassis/chassis/ThermalSubsystem/ThermalMetrics
{
"@odata.id": "/redfish/v1/Chassis/chassis/ThermalSubsystem/ThermalMetrics",
"@odata.type": "#ThermalMetrics.v1_0_1.ThermalMetrics",
"Id": "ThermalMetrics",
"Name": "Thermal Metrics",
"TemperatureReadingsCelsius": [
{
"DataSourceUri": "/redfish/v1/Chassis/chassis/Sensors/temperature_ps0_temp0",
"Reading": -131072000.0
},
{
"DataSourceUri": "/redfish/v1/Chassis/chassis/Sensors/temperature_ps0_temp1",
"Reading": -131072000.0
},
{
"DataSourceUri": "/redfish/v1/Chassis/chassis/Sensors/temperature_ps0_temp2",
"Reading": -131072000.0
},
{
"DataSourceUri": "/redfish/v1/Chassis/chassis/Sensors/temperature_ps1_temp0",
"Reading": -131072000.0
},
{
"DataSourceUri": "/redfish/v1/Chassis/chassis/Sensors/temperature_ps1_temp1",
"Reading": -131072000.0
},
{
"DataSourceUri": "/redfish/v1/Chassis/chassis/Sensors/temperature_ps1_temp2",
"Reading": -131072000.0
}
],
"TemperatureReadingsCelsius@odata.count": 6
}
```
3. Verification of DataSourceUri:
```
curl -k -H "X-Auth-Token: ${token}" -X GET https://${bmc}/redfish/v1/Chassis/chassis/Sensors/temperature_ps1_temp0
{
"@odata.id": "/redfish/v1/Chassis/chassis/Sensors/temperature_ps1_temp0",
"@odata.type": "#Sensor.v1_2_0.Sensor",
"Id": "temperature_ps1_temp0",
"Name": "ps1 temp0",
"Reading": -131072000.0,
"ReadingType": "Temperature",
"ReadingUnits": "Cel",
"Status": {
"Health": "OK",
"State": "Enabled"
}
}
```
4. A bad chassis ID:
```
curl -k -H "X-Auth-Token: ${token}" -X GET https://${bmc}/redfish/v1/Chassis/chassisBAD/ThermalSubsystem/ThermalMetrics
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The requested resource of type Chassis named 'chassisBAD' was not found.",
"MessageArgs": [
"Chassis",
"chassisBAD"
],
"MessageId": "Base.1.18.1.ResourceNotFound",
"MessageSeverity": "Critical",
"Resolution": "Provide a valid resource identifier and resubmit the request."
}
],
"code": "Base.1.18.1.ResourceNotFound",
"message": "The requested resource of type Chassis named 'chassisBAD' was not found."
}
}
```
Signed-off-by: George Liu <liuxiwei@ieisystem.com>
Change-Id: I6e4ed1f281fd5371c978983b6cc5666badd3752c
Signed-off-by: Janet Adkins <janeta@us.ibm.com>
|
|
eventMatchesFilter no longer needs to be a member of the Subscription
class, because it no longer uses subscription data. Refactor so it can
be in its own file, with its own set of unit tests.
Tested: Unit Tests pass.
Change-Id: I718fa36021078973609591c704cb717d31079df7
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
This allows for two very important simplifying changes. First, we can
use the default copy operators on the UserSubscription class, which is
far less error prone than writing it manually, which we have two copies
of in code already.
Second, it allows the Subscription class to move to using values rather
than shared_ptr everywhere, which cleans up a significant amount of
code.
Tested:
Ran Redfish-Event-Listener, subscription created and destroyed
correctly.
Calling POST SubmitTestEvent showed events propagating to server.
Change-Id: I6d258cfe3594edddf3960ae2d4559d70acca1bf8
Signed-off-by: Ed Tanous <ed@tanous.net>
|
