Remove unused methods

Converting hpp -> cpp determined that these functions were unused. Fix
them.

Tested: Code compiles.

Change-Id: Ifb712cb12085c187847666194b59caa959f37f83
Signed-off-by: Ed Ta

Remove unused methods

Converting hpp -> cpp determined that these functions were unused. Fix
them.

Tested: Code compiles.

Change-Id: Ifb712cb12085c187847666194b59caa959f37f83
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Fix namespace

This comment snuck in, probably added by clang-format. Fix it.

Change-Id: I0c272922c040ab80e9f5849698b063b0cfaea9e8
Signed-off-by: Ed Tanous <ed@tanous.net>

Fix : PATCH always returns 204 response for invalid arguments

Problem:
It is observed that PATCH request network protocol using request

```
curl -k -u ${credentials} -X PATCH https://${IP}/redfish/

Fix : PATCH always returns 204 response for invalid arguments

Problem:
It is observed that PATCH request network protocol using request

```
curl -k -u ${credentials} -X PATCH https://${IP}/redfish/v1/Managers/bmc/NetworkProtocol -d '{"NTP": {"ProtocolEnabled": true, "NTPServers": ["\n"]}}' -H "Content-Type:application/json"
returns 204 response.

Root cause : The 400 Bad response set by bmcweb when NTP server set
value "NTPServers": ["\n"] is overridden by "ProtocolEnabled" response
value of 204 therefore we were getting 204 response for invalid
arguments as well.

Fix : Check the response of "NTPServers" value in async object and set
the response code

The MRs for PDI and phosphor network are as below

https://gerrit.openbmc.org/c/openbmc/phosphor-dbus-interfaces/+/82693
https://gerrit.openbmc.org/c/openbmc/phosphor-networkd/+/82694

Testing:
curl -k -u ${credentials} -X PATCH https://${IP}/redfish/v1/Managers/bmc/NetworkProtocol -d '{"NTP": {"ProtocolEnabled": true, "NTPServers": ["\n"]}}' -H "Content-Type:application/json"
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The property 'NTP/NTPServers/' with the requested value of '[\"\\n\"]' could not be written because the value does not meet the constraints of the implementation.",
"MessageArgs": [
"NTP/NTPServers/",
"[\"\\n\"]"
],
"MessageId": "Base.1.19.PropertyValueIncorrect",
"MessageSeverity": "Warning",
"Resolution": "None."
}
],
"code": "Base.1.19.PropertyValueIncorrect",
"message": "The property 'NTP/NTPServers/' with the requested value of '[\"\\n\"]' could not be written because the value does not meet the constraints of the implementation."
}
}
```

Change-Id: Icfbfc3d065a6a307344093eef8b2eb3e39c70f83
Signed-off-by: Chandramohan Harkude <chandramohan.harkude@gmail.com>

show more ...

Add async_method_call to utility

Adding async_method_call in dbus utility gives us a place where we can
intercept method call requests from dbus to potentially add
logging/caching.

An example of lo

Add async_method_call to utility

Adding async_method_call in dbus utility gives us a place where we can
intercept method call requests from dbus to potentially add
logging/caching.

An example of logging is in the later commit:
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/78265/

We already do this for setProperty, this moves the method calls to
follow a similar pattern.

Tested: Redfish service validator passes.

Change-Id: I6d2c96e2b6b6a023ed2138106a55faebca161592
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

mtls: implement UPN parse mode

This commit is intended to implement the UserPrincipalName (UPN) parse
mode on mutual TLS (MTLS). By implementing this we can use the X509
certificate extension Subjec

mtls: implement UPN parse mode

This commit is intended to implement the UserPrincipalName (UPN) parse
mode on mutual TLS (MTLS). By implementing this we can use the X509
certificate extension Subject Alternative Name (SAN), specifically UPN
to be used as the username

In our case, this feature is needed because we have a specific format
on our Subject CN of X509 certificate. This format cannot directly
mapped to the username of bmcweb because it contains special
characters (`/` and `:`), which cannot exist in the username.
Changing the format of our Subject CN is very risky. By enabling
this feature we can use other field, which is the SAN extension to
be used as the username and do not change our Subject CN on the
X509 certificate

In general, by implementing this feature, we can enable multiple
options for the system. There might be other cases where we want to
have the username of the bmcweb is not equal to the Subject CN of the
certificate, instead the username is added as the UserPrincipalName
field in the certificate

The format of the UPN is `<username>@<domain>` [1][2]. The format
is similar to email format. The domain name identifies the domain
in which the user is located [3] and it should match the device name's
domain (domain forest).

Tested
- Test using `generate_auth_certificate.py` (extended on patch [4])
- Manual testing (please see the script mentioned above for more detail)
- Setup certificate with UPN inside SAN extension
- Change the CertificateMappingAttribute to use UPN
- Get request to `/SessionService/Sessions`
- Run unit tests

[1] UPN Format: https://learn.microsoft.com/en-us/windows/win32/secauthn/user-name-formats#user-principal-name
[2] UPN Properties: https://learn.microsoft.com/en-us/windows/win32/ad/naming-properties#userprincipalname
[3] UPN Glossary: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-wcce/719b890d-62e6-4322-b9b1-1f34d11535b4#gt_9d606f55-b798-4def-bf96-97b878bb92c6
[4] Patch Testing Script: https://gerrit.openbmc.org/c/openbmc/bmcweb/+/78837

Change-Id: I490da8b95aee9579546971e58ab2c4afd64c5997
Signed-off-by: Malik Akbar Hashemi Rafsanjani <malikrafsan@meta.com>

show more ...

clang-format: update latest spec and reformat

Copy the latest format file from the docs repository and apply.

Change-Id: I2f0b9d0fb6e01ed36a2f34c750ba52de3b6d15d1
Signed-off-by: Patrick Williams <p

clang-format: update latest spec and reformat

Copy the latest format file from the docs repository and apply.

Change-Id: I2f0b9d0fb6e01ed36a2f34c750ba52de3b6d15d1
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Fix includes

Clang-tidy misc-include-cleaner appears to now be enforcing
significantly more headers than previously. That is overall a good
thing, but forces us to fix some issues. This commit is

Fix includes

Clang-tidy misc-include-cleaner appears to now be enforcing
significantly more headers than previously. That is overall a good
thing, but forces us to fix some issues. This commit is largely just
taking the clang-recommended fixes and checking them in. Subsequent
patches will fix the more unique issues.

Note, that a number of new ignores are added into the .clang-tidy file.
These can be cleaned up over time as they're understood. The majority
are places where boost includes a impl/x.hpp and x.hpp, but expects you
to use the later. include-cleaner opts for the impl, but it isn't clear
why.

Change-Id: Id3fdd7ee6df6c33b2fd35626898523048dd51bfb
Signed-off-by: Ed Tanous <etanous@nvidia.com>
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Use SPDX identifiers

SPDX identifiers are simpler, and reduce the amount of cruft we have in
code files. They are recommended by linux foundation, and therefore we
should do as they allow.

This pa

Use SPDX identifiers

SPDX identifiers are simpler, and reduce the amount of cruft we have in
code files. They are recommended by linux foundation, and therefore we
should do as they allow.

This patchset does not intend to modify any intent on any existing
copyrights or licenses, only to standardize their inclusion.

[1] https://www.linuxfoundation.org/blog/blog/copyright-notices-in-open-source-software-projects

Change-Id: I935c7c0156caa78fc368c929cebd0f068031e830
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Move getProperty calls to utility

Having all dbus calls run through the same utility reduces the amount of
generated code, and more importantly, gives us a place where we can log
the requests and re

Move getProperty calls to utility

Having all dbus calls run through the same utility reduces the amount of
generated code, and more importantly, gives us a place where we can log
the requests and responses to help with debugging.

Tested: Redfish service validator passes.

Change-Id: Ic1bf45130b5069cd57f7af26e12c8d3159c87c67
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Format readjson

clang-format may potentially reformat the readJson calls if they may
have more keys or key names are longer. This makes formatting in a way
that's readable by forcing to break a line

Format readjson

clang-format may potentially reformat the readJson calls if they may
have more keys or key names are longer. This makes formatting in a way
that's readable by forcing to break a line for each key using an
empty-comment (`//`) each line.

It also allows trivially alphabetizing the list such that new additions
are less likely to have merge conflicts.

Tested:
- Check whitespace only.
- Code compiles.
- Redfish Service Validator with the same results before this

Change-Id: I3824a8c4faa9fa7c820d5d2fab6b565404926e2c
Signed-off-by: Ed Tanous <etanous@nvidia.com>
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

show more ...

Remove duplicated block comments

Static analysis flags that these two comments are redundant[1], which
seem to be duplicated a lot in copyright headers. Although there is a
larger discussion that c

Remove duplicated block comments

Static analysis flags that these two comments are redundant[1], which
seem to be duplicated a lot in copyright headers. Although there is a
larger discussion that can likely be had.

[1] https://sonarcloud.io/project/issues?issueStatuses=OPEN%2CCONFIRMED&id=edtanous_bmcweb&open=AY9_HYjgKXKyw1ZFwgVP

Tested: Comment change only. Code compiles.

Change-Id: Ia960317761f558a87842347ca0b5f3da63f8e730
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

NetworkProtocol: Support NetworkSuppliedServers

This commit re-introduces changes proposed earlier to support
NetworkSuppliedServers property in bmcweb.
https://gerrit.openbmc.org/c/openbmc/bmcweb/+

NetworkProtocol: Support NetworkSuppliedServers

This commit re-introduces changes proposed earlier to support
NetworkSuppliedServers property in bmcweb.
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/52671

It helps to differentiate between the static and DHCP assigned
NTP servers. Networkd and Dbus has added support for StaticNTPServers to
save the static configuration.

Tested by:
1. PATCH /redfish/v1/Managers/bmc/NetworkProtocol -d
'{"NTP":{"NTPServers": [<ip>]}}'
Verify that this adds the NTPs server to the NetworkProtocol
2. Enable DHCP to fetch NTP servers list from the DHCP server. Verify
that they are listed when GET on NetworkProtocol as below
"NTP": {
"NTPServers": [
<static ntp server ip>
],
"NetworkSuppliedServers": [
<dynamic ntp server ip>
],
"ProtocolEnabled": true
},
3. Redfish validator run

Change-Id: I22591ad6d49245bf74ef24dd68a51f015f6a8b07
Signed-off-by: Jishnu CM <jishnunambiarcm@duck.com>

show more ...

clang-format: re-format for clang-18

clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda forma

clang-format: re-format for clang-18

clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda formatting also changed, so we have made changes to the
organization default style format to better handle lambda formatting.

See I5e08687e696dd240402a2780158664b7113def0e for updated style.
See Iea0776aaa7edd483fa395e23de25ebf5a6288f71 for clang-18 enablement.

Change-Id: Iceec1dc95b6c908ec6c21fb40093de9dd18bf11a
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Consistently use generated enumerations

This commit causes all of Redfish to use generated enum values for enum
types. Using generated code prevents problems, and makes it more clear
what types are

Consistently use generated enumerations

This commit causes all of Redfish to use generated enum values for enum
types. Using generated code prevents problems, and makes it more clear
what types are allowed.

Doing this found two places where we had structs that didn't fulfill the
schema. They have been commented, but will be fixed with a breaking
change at some point in the future.

Tested: WIP

Change-Id: I5fdd2f2dfb6ec05606a522e1f4e331f982c8e476
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Pass redfishPropertyName earlier argument

It was pointed out that the setDbusProperty method should have an end
that approximately matches dbus-send and busctl set-property in its
arguments, to aid

Pass redfishPropertyName earlier argument

It was pointed out that the setDbusProperty method should have an end
that approximately matches dbus-send and busctl set-property in its
arguments, to aid with debug. This seems reasonable.

Tested: Redfish service validator passes.

Change-Id: Ic20295d93c71c957e3e76704e1eda9da187861b1
Signed-off-by: Ginu George <ginugeorge@ami.com>
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Remove openbmc-rest includes

These includes seem to have snuck in. In theory nothing in redfish
should be taking a #include in anything in openbmc-rest.

Tested: Code compiles

Change-Id: Ifec2a9b1

Remove openbmc-rest includes

These includes seem to have snuck in. In theory nothing in redfish
should be taking a #include in anything in openbmc-rest.

Tested: Code compiles

Change-Id: Ifec2a9b18f296870f67b15f98fc44c67050e9e28
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Allow configuring "bmc" and "system"

In the early days of bmcweb, we made two pretty critical assumptions;
First, is that a given platform would only have a single BMC instance
(represented as "bmc"

Allow configuring "bmc" and "system"

In the early days of bmcweb, we made two pretty critical assumptions;
First, is that a given platform would only have a single BMC instance
(represented as "bmc") and a single host instance (represented as
"system").
Second we assumed that, given that Redfish suggests against hardcoding
URIs in client implementation and leaves them freeform, clients would
code to the standard.

Our own webui-vue hardcodes Redfish URIs [1], and the documentation is
littered with examples of hardcoded curl examples of hardcoding these
URIs. That bug was filed in 2020, and the issue has only gotten worse
over time.

This patchset is an attempt to give a target that we can start solving
these issues, without trying to boil the ocean and fix all clients in
parallel.

This commit adds the meson options
redfish-manager-uri-name
and
redfish-system-uri-name

These are used to control the "name" that bmcweb places in the fixed
locations in the ManagerCollection and ComputerSystemCollection schemas.

Note, managers is added, but is not currently testable. It will be
iterated on over time.

Tested:
Changed the URL options to "edsbmc" and "edssystem" in meson options.

Redfish service validator passes.
URLs appear changed when walking the tree.

[1] https://github.com/openbmc/webui-vue/issues/43

Change-Id: I4b44685067051512bd065da8c2e3db68ae5ce23a
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Fix NTP set race condition

There's currently a problem with phosphor-timesyncd, where enabling NTP
doesn't immediately reflect in the system status on return[1]. To say
it another way, NTP is not e

Fix NTP set race condition

There's currently a problem with phosphor-timesyncd, where enabling NTP
doesn't immediately reflect in the system status on return[1]. To say
it another way, NTP is not enabled/disabled atomically, which leads to
the following problem.

// Disable NTP
PATCH /redfish/v1/Managers/bmc/NetworkProtocol
{"NTP":{"ProtocolEnabled": false}}
// Set the time manually
PATCH /redfish/v1/Managers/bmc {"DateTime": "<timestring"}

Doing this in rapid succession leads to a 500 error, which is obviously
a bug. In the prior commit, this error was changed to a
PropertyValueConflict error, which is still incorrect, but at least
informative of what's going on. REST APIs are intended to have CRUD
compliance. The response should not be returned until the value has
been accepted, and not doing that can lead to problems.

This commit changes the backend to use systemd directly, rather than
routing through phosphor-settings, to avoid this race.

Quite possibly resolves #264 but haven't tested that.

Tested: The above procedure succeeds.

[1] https://github.com/systemd/systemd/pull/11424

Change-Id: I19241e7677d9b6415aff79ac65c474ae71984417
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Add type safety for NTP server objects

NTPServers is our last usage of nlohmann::json in a readJson unpack.
The capability and unit tests are left in place for that type in case we
need them in the

Add type safety for NTP server objects

NTPServers is our last usage of nlohmann::json in a readJson unpack.
The capability and unit tests are left in place for that type in case we
need them in the future, but for now, document them as deprecated.

Tested: Redfish service validator passes. Redfish protocol validator
passes most tests (1 known failure in SSE is unrelated to this change).

Change-Id: If4b2ea061a941cc23d47189af7ff453094dc7dca
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Move to Redfish setProperty call

This commit changes sdbusplus setProperty calls (in various files) to
setDbusProperty method in Redfish namespace that handles all DBus
errors in a consistent manner

Move to Redfish setProperty call

This commit changes sdbusplus setProperty calls (in various files) to
setDbusProperty method in Redfish namespace that handles all DBus
errors in a consistent manner.

It also handles and translates additional DBus errors to Redfish
specific errors in dbus_utils file.

Tested By:
Not tested yet

Change-Id: If440774879413754f4c24f9b6572c3c9fa1fd033
Signed-off-by: Asmitha Karunanithi <asmitk01@in.ibm.com>

show more ...

Fix moves/forward

Clang has new checks for std::move/std::forward correctness, which
catches quite a few "wrong" things where we were making copies of
callback handlers.

Unfortunately, the lambda s

Fix moves/forward

Clang has new checks for std::move/std::forward correctness, which
catches quite a few "wrong" things where we were making copies of
callback handlers.

Unfortunately, the lambda syntax of

callback{std::forward<Callback>(callback)}

in a capture confuses it, so change usages to
callback = std::forward<Callback>(callback)

to be consistent.

Tested: Redfish service validator passes.

Change-Id: I7a111ec00cf78ecb7d5f5b102c786c1c14d74384
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Call dump() less

nlohmann::json::dump() is not an easy function to get the call
parameters correct on. We should limit the places we use it.

Luckily, both logging and redfish::messages support pri

Call dump() less

nlohmann::json::dump() is not an easy function to get the call
parameters correct on. We should limit the places we use it.

Luckily, both logging and redfish::messages support printing
json values directly. Use them where appropriate.

Tested: Error logging and out of range calls only of heavily used
messages and logging calls. Inspection only.

Change-Id: I57521d8791dd95250c93e8e3b2d4a959740ac713
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Remove some boost includes

The less we rely on boost, and more on std algorithms, the less people
have to look up, and the more likely that our code will deduplicate.

Replace all uses of boost::alg

Remove some boost includes

The less we rely on boost, and more on std algorithms, the less people
have to look up, and the more likely that our code will deduplicate.

Replace all uses of boost::algorithms with std alternatives.

Tested: Redfish Service Validator passes.

Change-Id: I8a26f39b5709adc444b4178e92f5f3c7b988b05b
Signed-off-by: Ed Tanous <edtanous@google.com>

show more ...

clang-format: copy latest and re-format

clang-format-17 has some backwards incompatible changes that require
additional settings for best compatibility and re-running the formatter.
Copy the latest

clang-format: copy latest and re-format

clang-format-17 has some backwards incompatible changes that require
additional settings for best compatibility and re-running the formatter.
Copy the latest .clang-format from the docs repository and reformat the
repository.

Change-Id: I2f9540cf0d545a2da4d6289fc87b754f684bc9a7
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Replace logging with std::format

std::format is a much more modern logging solution, and gives us a lot
more flexibility, and better compile times when doing logging.

Unfortunately, given its level

Replace logging with std::format

std::format is a much more modern logging solution, and gives us a lot
more flexibility, and better compile times when doing logging.

Unfortunately, given its level of compile time checks, it needs to be a
method, instead of the stream style logging we had before. This
requires a pretty substantial change. Fortunately, this change can be
largely automated, via the script included in this commit under
scripts/replace_logs.py. This is to aid people in moving their
patchsets over to the new form in the short period where old patches
will be based on the old logging. The intention is that this script
eventually goes away.

The old style logging (stream based) looked like.

BMCWEB_LOG_DEBUG << "Foo " << foo;

The new equivalent of the above would be:
BMCWEB_LOG_DEBUG("Foo {}", foo);

In the course of doing this, this also cleans up several ignored linter
errors, including macro usage, and array to pointer deconstruction.

Note, This patchset does remove the timestamp from the log message. In
practice, this was duplicated between journald and bmcweb, and there's
no need for both to exist.

One design decision of note is the addition of logPtr. Because the
compiler can't disambiguate between const char* and const MyThing*, it's
necessary to add an explicit cast to void*. This is identical to how
fmt handled it.

Tested: compiled with logging meson_option enabled, and launched bmcweb

Saw the usual logging, similar to what was present before:
```
[Error include/webassets.hpp:60] Unable to find or open /usr/share/www/ static file hosting disabled
[Debug include/persistent_data.hpp:133] Restored Session Timeout: 1800
[Debug redfish-core/include/event_service_manager.hpp:671] Old eventService config not exist
[Info src/webserver_main.cpp:59] Starting webserver on port 18080
[Error redfish-core/include/event_service_manager.hpp:1301] inotify_add_watch failed for redfish log file.
[Info src/webserver_main.cpp:137] Start Hostname Monitor Service...
```
Signed-off-by: Ed Tanous <ed@tanous.net>

Change-Id: I86a46aa2454be7fe80df608cb7e5573ca4029ec8

show more ...