Consitently use dbus::utility types

This saves about 4k on the binary size

Tested: Redfish service validator passes.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I9546227a19c691b1aecb

Consitently use dbus::utility types

This saves about 4k on the binary size

Tested: Redfish service validator passes.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I9546227a19c691b1aecb80e80307889548c0293f

show more ...

json_utils: Add support jsonRead Patch/Action

Added support for readJson for Patch and Action. The only difference is
that Patch does not allow empty json input while Action does. Action with
empty

json_utils: Add support jsonRead Patch/Action

Added support for readJson for Patch and Action. The only difference is
that Patch does not allow empty json input while Action does. Action with
empty input will use the default value based on the implementation and
return 200 OK response code.

readJsonPatch will replace the existing readJson and be used for path
requests. It will not allow empty json input and all requested
keys are required in the json input.

readJsonAction will be used for Action requests where it is possible for
all of the properties to be optional and allow empty request.
The optional properties are determined by the requested values type.

All current Action readJson are replaced with readJsonAction. It does
not change the existing behavior since it needs `std::optional`.
This will have to be updated later as we define the default behavior.

Tested:
Added unit tests and readJsonAction allows empty empty json object.

No Change to Redfish Tree.

Change-Id: Ia5e1f81695c528a20f1dc985aee19c920d8adaea
Signed-off-by: Willy Tu <wltu@google.com>

show more ...

Add readability-redundant-* checks

There's a number of redundancies in our code that clang can sanitize
out. Fix the existing problems, and enable the checks.

Signed-off-by: Ed Tanous <edtanous@go

Add readability-redundant-* checks

There's a number of redundancies in our code that clang can sanitize
out. Fix the existing problems, and enable the checks.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ie63d7b7f0777b702fbf1b23a24e1bed7b4f5183b

show more ...

Enable readability-avoid-const-params-in-decls

This check involves explicitly declaring variables const when they're
declared auto, which helps in readability, and makes it more clear that
the varia

Enable readability-avoid-const-params-in-decls

This check involves explicitly declaring variables const when they're
declared auto, which helps in readability, and makes it more clear that
the variables are const.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I71198ea03850384a389a56ad26f2c4a48c75b148

show more ...

Enable readability-container-size-empty tests

This one is a little trivial, but it does help in readability.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I5366d4eec8af2f781b3bad804131a

Enable readability-container-size-empty tests

This one is a little trivial, but it does help in readability.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I5366d4eec8af2f781b3bad804131ae2eb806e3aa

show more ...

Enable clang-tidy forward reference checks

Clang-13 adds new checks we can turn on, which find quite a few errors.

Tested: Code compiles

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I

Enable clang-tidy forward reference checks

Clang-13 adds new checks we can turn on, which find quite a few errors.

Tested: Code compiles

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I74b780760014c898cc440b37aea640b33e91c439

show more ...

Consistently use ManagedObjectType

Some subsystems seem to have invented their own typedefs for this stuff,
move to using the one typedef in dbus::utility so we're consistent, and
we reduce our temp

Consistently use ManagedObjectType

Some subsystems seem to have invented their own typedefs for this stuff,
move to using the one typedef in dbus::utility so we're consistent, and
we reduce our templates.

Tested: code compiles

This saves a negligible amount (104 bytes compressed) on our binary
size.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I952ea1f960aa703808d0ac80f35dc24cdd8d5027

show more ...

Using sdbusplus::asio::getProperty

It simplifies a lot of code and after changing sdbusplus implementation
slightly reduces binary size if used together with:

https://gerrit.openbmc-project.xyz/c/o

Using sdbusplus::asio::getProperty

It simplifies a lot of code and after changing sdbusplus implementation
slightly reduces binary size if used together with:

https://gerrit.openbmc-project.xyz/c/openbmc/sdbusplus/+/49467

* Uncompressed size: 3033148 -> 3012164, -20984 B
* gzip compressed size: 1220586 -> 1214625, -5961 B

Tested:
- Redfish validator output is the same before and after the change

Change-Id: Ibe3227d3f4230de2363ba3d9396e51130c8240a5
Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>

show more ...

Move to common variant

This saves approximately 34kB in the compressed binary size of bmcweb
due to reduced template instantiations. This amounts to a 2.5%
reduction in the overall size.

Note, the

Move to common variant

This saves approximately 34kB in the compressed binary size of bmcweb
due to reduced template instantiations. This amounts to a 2.5%
reduction in the overall size.

Note, there were a few places where we broke const-correctness in the
form of pulling a non-const reference out of a const variant. This
new variant now requires const correctness, so some consts are
added where required.

Tested: Code compiles.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I6a60c8881c1268627eedb4ffddf16689dc5f6ed2

show more ...

Enhance logs for networkd, hypervisor networkd app

Everytime a user does a GET on the ethernet interface redfish endpoint
the journal logs gets filled with errors like the following:

curl command:

Enhance logs for networkd, hypervisor networkd app

Everytime a user does a GET on the ethernet interface redfish endpoint
the journal logs gets filled with errors like the following:

curl command:
GET https://${bmc}/redfish/v1/Managers/bmc/EthernetInterfaces/eth1
GET https://${bmc}/redfish/v1/Systems/hypervisor/EthernetInterfaces/eth1

[ERROR "hyperv \
isor_system.hpp":211] Got extra property: Type on the /xyz/openbmc_pr \
oject/network/hypervisor/eth0/ipv4/addr0 object

[ERROR "ethernet.hpp":499] Got extra property: Type on the \
/xyz/openbmc_project/network/hypervisor/eth0/ipv4/addr0 object

While extracting the ip object, the properties Type & Gateway in the
implementation are logged as errors, but they are not. The reason is,
these two properties are not used but only the origin, prefix length,
and address are fetched from the dbus to fill the ipv<4/6>config object.

This commit avoids logging the above properties as errors. If there are
properties other than these, then error will logged.

Tested By:

Before the changes:

Nov 26 06:10:46 bmc bmcweb[264]: (2021-11-26 06:10:46) [ERROR "hyperv \
isor_system.hpp":211] Got extra property: Type on the /xyz/openbmc_pr \
oject/network/hypervisor/eth0/ipv4/addr0 object
Nov 26 06:10:46 bmc bmcweb[264]: (2021-11-26 06:10:46) [ERROR "hyperv \
isor_system.hpp":211] Got extra property: Origin on the /xyz/openbmc_ \
project/network/hypervisor/eth1/ipv4/addr0 object
Nov 26 06:10:46 bmc bmcweb[264]: (2021-11-26 06:10:46) [ERROR "hyperv \
isor_system.hpp":211] Got extra property: Type on the /xyz/openbmc_pr \
oject/network/hypervisor/eth1/ipv4/addr0 object

After changes:

These traces wont be logged as errors.

Signed-off-by: Asmitha Karunanithi <asmitk01@in.ibm.com>
Change-Id: I7160d3f71121a9758124a7c29517176e396c333e

show more ...

Update clang-format

refer: https://github.com/openbmc/docs/blob/master/style/cpp/.clang-format
`Don't break long string literals`

Tested: built bmcweb successfully and RedfishValidator Passed.

Sig

Update clang-format

refer: https://github.com/openbmc/docs/blob/master/style/cpp/.clang-format
`Don't break long string literals`

Tested: built bmcweb successfully and RedfishValidator Passed.

Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: Ib58f7c942fd3838592e043c57e0b6ffcdc3d963b

show more ...

Add SystemType to Systems/hypervisor

Add SystemType to hypervisor page. Set Systemtype to 'OS'
Redfish Schema definition of 'OS' [1]
"OS": "A SystemType of OS typically represents an OS or hyperviso

Add SystemType to Systems/hypervisor

Add SystemType to hypervisor page. Set Systemtype to 'OS'
Redfish Schema definition of 'OS' [1]
"OS": "A SystemType of OS typically represents an OS or hypervisor
view of the system.",

[1] https://redfish.dmtf.org/schemas/v1/ComputerSystem.v1_15_0.json

Testing:
1) Passed Redfish validator
2) Curl testing

curl -k -H "X-Auth-Token: $token" https://$bmc/redfish/v1/Systems/hypervisor
{
"@odata.id": "/redfish/v1/Systems/hypervisor",
"@odata.type": "#ComputerSystem.v1_6_0.ComputerSystem",
...
"SystemType": "OS"
}

Signed-off-by: Ali Ahmed <ama213000@gmail.com>
Change-Id: If2a68e592303f1d862864fc06b6d33c146cb3450

show more ...

Fix PATCH on hypervisor IPv4Addresses

Currently Patch on ipv4addresses overrides values because of
missing return statement.

Tested By:

PATCH -d '{"IPv4Addresses": [null]}' https://${bmc_ip}/redfi

Fix PATCH on hypervisor IPv4Addresses

Currently Patch on ipv4addresses overrides values because of
missing return statement.

Tested By:

PATCH -d '{"IPv4Addresses": [null]}' https://${bmc_ip}/redfish/v1/Systems/hypervisor/EthernetInterfaces/eth0

Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
Change-Id: I1839572e635f137a93c777468a6cc6cc18059f4e

show more ...

Automate PrivilegeRegistry to code

This commit attempts to automate the creation of our privileges
structures from the redfish privilege registry. It accomplishes this by
updating parse_registries.

Automate PrivilegeRegistry to code

This commit attempts to automate the creation of our privileges
structures from the redfish privilege registry. It accomplishes this by
updating parse_registries.py to also pull down the privilege registry
from DMTF.
The script then generates privilege_registry.hpp, which include const
defines for all the privilege registry entries in the same format that
the Privileges struct accepts. This allows new clients to simply
reference the variable to these privilege structures, instead of having
to manually (ie error pronely) put the privileges in themselves.

This commit updates all the routes.

For the moment, override and OEM schemas are not considered. Today we
don't have any OEM-specific Redfish routes, so the existing ones inherit
their parents schema. Overrides have other issues, and are already
incorrect as Redfish defines them.

Binary size remains unchanged after this patchset.

Tested:
Ran redfish service validator

Ran test case from f9a6708c4c6490257e2eb6a8c04458f500902476 to ensure
that the new privileges constructor didn't cause us to regress the brace
construction initializer.

Checked binary size with:
gzip -c
$BBPATH/tmp/work/s7106-openbmc-linux-gnueabi/obmc-phosphor-image/1.0-r0/rootfs/usr/bin/bmcweb
| wc -c
1244048

(tested on previous patchset)

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ideede3d5b39d50bffe7fe78a0848bdbc22ac387f

show more ...

Remove ambiguous privileges constructor

There are a number of endpoints that assume that a given routes
privileges are governed by a single set of privileges, instead of
multiple sets ORed together.

Remove ambiguous privileges constructor

There are a number of endpoints that assume that a given routes
privileges are governed by a single set of privileges, instead of
multiple sets ORed together. To handle this, there were two overloads
of the privileges() method, one that took a vector of Privileges, and
one that took an initializer_list of const char*. Unfortunately, this
leads some code in AccountService to pick the wrong overload when it's
called like this
.privileges( {{"ConfigureUsers"}, {"ConfigureManager"},
{"ConfigureSelf"}})

This is supposed to be "User must have ConfigureUsers, or
ConfigureManager, or ConfigureSelf". Currently, because it selects the
wrong overload, it computes to "User must have ConfigureUsers AND
ConfigureManager AND ConfigureSelf.

The double braces are supposed to cause this to form a vector of
Privileges, but it appears that the initializer list gets consumed, and
the single invocation of initializer list is called. Interestingly,
trying to put in a privileges overload of
intializer_list<initializer_list<const char*>> causes the compilation to
fail with an ambiguous call error, which is what I would've expected to
see previously in this case, but alas, I'm only a novice when it comes
to how the C++ standard works in these edge cases. This is likely due
in part to the fact that they were templates of an unused template param
(seemingly copied from the previous method) and SFINAE rules around
templates.

This commit functionally removes one of the privileges overloads, and
adds a second set of braces to every privileges call that previously had
a single set of braces. Previous code will not compile now, which is
IMO a good thing.

This likely popped up in the Node class removal, because the Node class
explicitly constructs a vector of Privilege objects, ensuing it can hit
the right overload

Tested:
Ran Redfish service validator

Tested the specific use case outlined on discord with:
Creating a new user with operator privilege:
```
redfishtool -S Always -u root -p 0penBmc -vvvvvvvvv -r 192.168.7.2
AccountService adduser foo mysuperPass1 Operator
```

Then attempting to list accounts:
```
curl -vvvv --insecure --user foo:mysuperPass1
https://192.168.7.2/redfish/v1/AccountService/Accounts/foo
```

Which succeeded and returned the account in question.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I83e62b70e97f56dc57d43b9081f333a02fe85495

show more ...

Remove the Node class

Fixes #181

Lots of specific details around why the node class have been removed are
in the previous patchsets. This commit actually does the deed and makes
it go away entirel

Remove the Node class

Fixes #181

Lots of specific details around why the node class have been removed are
in the previous patchsets. This commit actually does the deed and makes
it go away entirely.

Now that this is finally done, we can compare binary size. Surprisingly
enough, this series saves a full 72KB of compressed binary size, which
amounts to about 6.4% of the total code size.

Before: 1197632 bytes
After: 1124688 bytes

This IMO makes it worth it, considering we've significantly reduced the
amount of code at the same time.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I3c8688715f933b381cad0be75a079ccfd72c3130

show more ...

Move ethernet interface away from Node class

Pursuant to the other patchsets further up in this chain, continue to
move things to the simpler BMCWEB_ROUTE mechanism. This moves the
Ethernet modules

Move ethernet interface away from Node class

Pursuant to the other patchsets further up in this chain, continue to
move things to the simpler BMCWEB_ROUTE mechanism. This moves the
Ethernet modules up the chain.

Tested:
Ed Tested on redfish service validator, no new errors (unrelated UUID
error present)
Gunnar Tested Series on validator and GUI.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Id1937e0d3f525d58744e6ff6360ef23f66350c66

show more ...

Move the hypervisor endpoints into a namespace

The /redfish/v1/systems/hypervisor endpoints seem to have copy/pasted a
lot of code from ethernet.hpp, including all the function naming. This
is caus

Move the hypervisor endpoints into a namespace

The /redfish/v1/systems/hypervisor endpoints seem to have copy/pasted a
lot of code from ethernet.hpp, including all the function naming. This
is causing naming conflicts as part of removing the Node class. For the
moment, just put these methods into the redfish::hypervisor namespace,
along with a comment, so we can at least get code that builds. At some
point in the future we can deduplicate the duplicated code, and give the
unique things unique method names so we don't have collisions and this
can be undone.

Tested:
Ran redfish service validator on 42a9e0ee96ef1928732ffd8d567ad656a4f41887
No change in behavior, one failure on Manager UUID that appears
unrelated.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I0d715ed3bf04a86a93eb7842804319568083f86d

show more ...

Remove Redfish Node class

Reduces the total number of lines and will allow for easier testing of
the redfish responses.

A main purpose of the node class was to set app.routeDynamic(). However
now a

Remove Redfish Node class

Reduces the total number of lines and will allow for easier testing of
the redfish responses.

A main purpose of the node class was to set app.routeDynamic(). However
now app.routeDynamic can handle the complexity that was once in critical
to node. The macro app.routeDynamic() provides a shorter cleaner
interface to the unerlying app.routeDyanic call. The old pattern set
permissions for 6 interfaces (get, head, patch, put, delete_, and post)
even if only one interface is created. That pattern creates unneeded
code that can be safely removed with no effect.
Unit test for the responses would have to mock the node the class in
order to fully test responses.

see https://github.com/openbmc/bmcweb/issues/181

The following files still need node to be extracted.

virtual_media.hpp
account_service.hpp
redfish_sessions.hpp
ethernet.hpp

The files above use a pattern that is not trivial to address. Often their
responses call an async lambda capturing the inherited class. ie
(https://github.com/openbmc/bmcweb/blob/ffed87b5ad1797ca966d030e7f979770
28d258fa/redfish-core/lib/account_service.hpp#L1393)
At a later point I plan to remove node from the files above.

Tested:
I ran the docker unit test with the following command.
WORKSPACE=$(pwd) UNIT_TEST_PKG=bmcweb
./openbmc-build-scripts/run-unit-test-docker.sh

I ran the validator and this change did not create any issues.
python3 RedfishServiceValidator.py -c config.ini

Signed-off-by: John Edward Broadbent <jebr@google.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I147a0289c52cb4198345b1ad9bfe6fdddf57f3df

show more ...

Using AsyncResp everywhere

Get the core using AsyncResp everywhere, and not have each individual handler
creating its own object.We can call app.handle() without fear of the response
getting ended a

Using AsyncResp everywhere

Get the core using AsyncResp everywhere, and not have each individual handler
creating its own object.We can call app.handle() without fear of the response
getting ended after the first tree is done populating.
Don't use res.end() anymore.

Tested:
1. Validator passed.

Signed-off-by: zhanghaicheng <zhanghch05@inspur.com>
Change-Id: I867367ce4a0caf8c4b3f4e07e06c11feed0782e8

show more ...

Fix hypervisor IPv4StaticAddresses property patch

This commit fixes bmcweb crash while patching
"IPv4StaticAddresses" property with below values
'{"IPv4StaticAddresses": null}'
'{"IPv4StaticAddresse

Fix hypervisor IPv4StaticAddresses property patch

This commit fixes bmcweb crash while patching
"IPv4StaticAddresses" property with below values
'{"IPv4StaticAddresses": null}'
'{"IPv4StaticAddresses": []}'

Tested By:
GET
PATCH
'{"IPv4StaticAddresses": null}' returned a 400
'{"IPv4StaticAddresses": []}' returned a 400
'{"IPv4StaticAddresses": [null]}' returned a 200 and deleted the entry

Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
Change-Id: Ia310818c87fc1a425d32dd3648c2cbdd6fe5f526

show more ...

hypervisor: add support to turn on

If the customer has requested the hypervisor stop at its Standby state
vs. booting all the way to Running, then a mechanism is needed to
request the hypervisor boo

hypervisor: add support to turn on

If the customer has requested the hypervisor stop at its Standby state
vs. booting all the way to Running, then a mechanism is needed to
request the hypervisor boot to Running. A common use case for IBM is
the system user has requested the hypervisor stop at Standby so some
manual debug can be performed and then they want to move the hypervisor
into the Running state so they can boot their operating system.

Asking the hypervisor to stop at Standby is done via the
BootSourceOverrideEnabled and BootSourceOverrideTarget properties under
the redfish/v1/Systems/system.

Utilize the ComputerSystem.Reset action for this. Similar to how
redfish/v1/Systems/system/Actions/ComputerSystem.Reset is utilized for
the overall system, implement a limited subset of it for the hypervisor
object.

Tested:
- Verified when phosphor-hypervisor-state-manager package is not
installed that Redfish API returns same info it does currently
- Verified when phosphor-hypervisor-state-manager was installed that the
hypervisor state was returned correctly, the Actions field was filled
in, and a post to the Action with ResetType set to "On" was correctly
propagated to RequestedHostTransition
- Verified that an invalid ResetType (i.e. "Off") returned the
appropriate "invalid parameter" error message to the Redfish API
- Verified no new errors logged by Redfish validator on system with this
hypervisor package installed

- Verify resource not found when hypervisor not enabled
curl -k -H "X-Auth-Token: $TOKEN" -X POST https://${BMC_IP}/redfish/v1/Systems/hypervisor/Actions/ComputerSystem.Reset -d '{"ResetType": "On"}'
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The requested resource of type Actions named Reset was not found.",
"MessageArgs": [
"Actions",
"Reset"
],
"MessageId": "Base.1.8.1.ResourceNotFound",
"MessageSeverity": "Critical",
"Resolution": "Provide a valid resource identifier and resubmit the request."
}
],
"code": "Base.1.8.1.ResourceNotFound",
"message": "The requested resource of type Actions named Reset was not found."
}
}

- Verify ResourceNotFound returned when hypervisor not enabled
curl -k -H "X-Auth-Token: $TOKEN" -X GET https://${BMC_IP}/redfish/v1/Systems/hypervisor/ResetActionInfo
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The requested resource of type hypervisor named ResetActionInfo was not found.",
"MessageArgs": [
"hypervisor",
"ResetActionInfo"
],
"MessageId": "Base.1.8.1.ResourceNotFound",
"MessageSeverity": "Critical",
"Resolution": "Provide a valid resource identifier and resubmit the request."
}
],
"code": "Base.1.8.1.ResourceNotFound",
"message": "The requested resource of type hypervisor named ResetActionInfo was not found."
}
}

- Verify input parameters validated
curl -k -H "X-Auth-Token: $TOKEN" -X POST https://${BMC_IP}/redfish/v1/Systems/hypervisor/Actions/ComputerSystem.Reset -d '{"ResetTypeInvalid": "On"}'
{
"ResetTypeInvalid@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The property ResetTypeInvalid is not in the list of valid properties for the resource.",
"MessageArgs": [
"ResetTypeInvalid"
],
"MessageId": "Base.1.8.1.PropertyUnknown",
"MessageSeverity": "Warning",
"Resolution": "Remove the unknown property from the request body and resubmit the request if the operation failed."
}
]
}

curl -k -H "X-Auth-Token: $TOKEN" -X POST https://${BMC_IP}/redfish/v1/Systems/hypervisor/Actions/ComputerSystem.Reset -d '{"ResetType": "OnInvalid"}'
{
"ResetType@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The value OnInvalid for the property ResetType is not in the list of acceptable values.",
"MessageArgs": [
"OnInvalid",
"ResetType"
],
"MessageId": "Base.1.8.1.PropertyValueNotInList",
"MessageSeverity": "Warning",
"Resolution": "Choose a value from the enumeration list that the implementation can support and resubmit the request if the operation failed."
}
]
}

Change-Id: Ia7b4e78b7b0d907cc06eb3f20d51ff87b7dde564
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>

show more ...

hypervisor: add state support

phosphor-state-manager support a new optional package,
phosphor-state-manager-hypervisor. IBM plans to include this package on
their system to monitor and control the h

hypervisor: add state support

phosphor-state-manager support a new optional package,
phosphor-state-manager-hypervisor. IBM plans to include this package on
their system to monitor and control the hypervisor firmware running on
the system.

Since this package is optional, this patch set is written to just ignore
any errors associated with the package and not report hypervior state
in these cases.

Tested:
- Verified when phosphor-hypervisor-state-manager package is not
installed that Redfish API returns same info it does currently
- Verified when phosphor-hypervisor-state-manager was installed that the
hypervisor state was returned correctly.
- The redfish validator was run on the final patch in this series

Change-Id: I3843914894ded9494f92b96714c1f88a5deb5ec3
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>

show more ...

Fix nlohmann::json::dump calls

The nlohmann::json::dump call needs to be called with specific arguments
to avoid throwing in failure cases. http connection already does this
properly, but a bunch o

Fix nlohmann::json::dump calls

The nlohmann::json::dump call needs to be called with specific arguments
to avoid throwing in failure cases. http connection already does this
properly, but a bunch of code has snuck in (mostly in redfish) that
ignores this, and calls it incorrectly. This can potentially lead to a
crash if the wrong thing throws on invalid UTF8 characters.

This audits the whole codebase, and replaces every dump() call with the
correct dump(2, ' ', true, nlohmann::json::error_handler_t::replace)
call. For correct output, the callers should expect no change, and in
practice, this would require injecting non-utf8 characters into the
BMC.

Tested:
Ran several of the endpoints/error conditions in question, including
some of the error cases. Observed correct responses. I don't know of a
security issue that would allow injecting invalid utf8 into the BMC, but
in theory if it were possible, this would prevent a crash.

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I4a15b8e260e3db129bc20484ade4ed5449f75ad0

show more ...

Start using sdbusplus::message::filename()

Lots of code gets checked in that does this path checking incorrectly.
So much so, that we have it documented in COMMON_ERRORS.md, yet, we
persist. This p

Start using sdbusplus::message::filename()

Lots of code gets checked in that does this path checking incorrectly.
So much so, that we have it documented in COMMON_ERRORS.md, yet, we
persist. This patchset starts using the new object_path::filename()
method that was added recently to sdbusplus. Overall, it deletes code,
and makes for a much better developer experience.

Tested:
Pulled down several endpoints and verified that filename() method works
properly, and the collections are returned as expected.

curl -vvvv --insecure --user root:0penBmc https://192.168.7.2/redfish/v1/AccountService/Accounts

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ief1e0584394fb139678d3453265f7011bc931f3c

show more ...