Remove cookie clear

d8139c68[1] added:
asyncResp->res.addHeader("Clear-Site-Data",
R"("cache","cookies","storage")");

This causes the browsers to clear the cache, cookie, and storage for
that site.

Remove cookie clear

d8139c68[1] added:
asyncResp->res.addHeader("Clear-Site-Data",
R"("cache","cookies","storage")");

This causes the browsers to clear the cache, cookie, and storage for
that site. [2]

Don't see where OWASP recommends Clear-Site-Data response header. [3]

This seems reasonable but breaks our server manager (HMC) when using
webui-vue from the HMC proxy. [4][5]
The HMC is also using the cookie and storage from the same URI. The
proxy works by going to a URI and the HMC proxing it forward/reverse
for webui-vue.

Also had other problems clearing headers, Clear-Site-Data seems too
strict, just remove it.

[1]: https://github.com/openbmc/bmcweb/commit/d8139c683a2f42c47ed913b731becc6cd681e2dd
[2]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data
[3]: https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Headers_Cheat_Sheet.html
[4]: https://en.wikipedia.org/wiki/IBM_Hardware_Management_Console
[5]: https://www.ibm.com/docs/en/power10?topic=asmi-accessing-by-using-hmc

Tested: Firefox and Chrome no longer logout the HMC when logging out
webui-vue.

Change-Id: I061eae9163ce5d88a3bd9f297ca5e10ff3a07984
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Change Session Cookie name

We have a use case where the GUI sits behind a Apache Tomcat proxy[1].

In this environment the cookie looks like:
```
en-US,en;q=0.9cookie:
JSESSIONIDSSO=4E999D77EF4E01CB

Change Session Cookie name

We have a use case where the GUI sits behind a Apache Tomcat proxy[1].

In this environment the cookie looks like:
```
en-US,en;q=0.9cookie:
JSESSIONIDSSO=4E999D77EF4E01CB72DE63949D5FF830;
CCFWSESSION=48A66EB93C00AD4F6327FB3FC2A338FC; LOGIN_MODE=Dashboard;
XSRF-TOKEN=Ue1La3Ik48Bn5NosyLnJ; SESSION=pCAdqApWt4Kb4IUV9vh8dnt:
```

The bmcweb code thinks the CCFWSESSION= is the SESSION. The bmcweb code
could be made smarter to differentiate "CCFWSESSION" and "SESSION" but
reading SESSION seems too generic of a name and something like
"BMCWEB-SESSION" better matches [2], [3], and [4].

[1]: https://tomcat.apache.org/tomcat-9.0-doc/proxy-howto.html
[2]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#session_cookie
[3]: https://http.dev/set-cookie
[4]: https://www.geeksforgeeks.org/http-headers-set-cookie/

Tested: The GUI works and this proxy environment now works.

Change-Id: I9b63093c1839e26602fe26313a330e337961cb81
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Add support for systemd service watchdog

Systemd has support for enabling service level watchdog. The MR enables
this support for bmcweb daemon. Request for watchdog monitor from
systemd is added in

Add support for systemd service watchdog

Systemd has support for enabling service level watchdog. The MR enables
this support for bmcweb daemon. Request for watchdog monitor from
systemd is added in bmcweb.service.in. From the event loop a timer is
registered to kick the watchdog periodically

The default watchdog timeout is set at 120 seconds and the timer is set
to kick it at a quarter of the interval (every 30 seconds).
This timeout is set somewhat arbitrarily based on the longest blocking
call that could occur and still give a valid HTTP response. Suspect
lower values could work equally as well.

Benefits of Service Watchdog
- Bmcweb route handlers should not make any blocking IO calls which
block the event loop for considerable amount of time and slowdown the
response of other URI requests in the queue. Watchdog can help to detect
such issues.
- Watchdog can help restart the service if any route handler code has
uncaught bugs resulting from system API errors (this is in theory,
currently we don't have any use case).

Tested
1. UT is passing
2. Service validator is passing
3. Fw upgrade POST requests are working

Change-Id: If62397d8836c942fdcbc0618810fe82a8b248df8
Signed-off-by: rohitpai <ropai@nvidia.com>
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

mtls: implement UPN parse mode

This commit is intended to implement the UserPrincipalName (UPN) parse
mode on mutual TLS (MTLS). By implementing this we can use the X509
certificate extension Subjec

mtls: implement UPN parse mode

This commit is intended to implement the UserPrincipalName (UPN) parse
mode on mutual TLS (MTLS). By implementing this we can use the X509
certificate extension Subject Alternative Name (SAN), specifically UPN
to be used as the username

In our case, this feature is needed because we have a specific format
on our Subject CN of X509 certificate. This format cannot directly
mapped to the username of bmcweb because it contains special
characters (`/` and `:`), which cannot exist in the username.
Changing the format of our Subject CN is very risky. By enabling
this feature we can use other field, which is the SAN extension to
be used as the username and do not change our Subject CN on the
X509 certificate

In general, by implementing this feature, we can enable multiple
options for the system. There might be other cases where we want to
have the username of the bmcweb is not equal to the Subject CN of the
certificate, instead the username is added as the UserPrincipalName
field in the certificate

The format of the UPN is `<username>@<domain>` [1][2]. The format
is similar to email format. The domain name identifies the domain
in which the user is located [3] and it should match the device name's
domain (domain forest).

Tested
- Test using `generate_auth_certificate.py` (extended on patch [4])
- Manual testing (please see the script mentioned above for more detail)
- Setup certificate with UPN inside SAN extension
- Change the CertificateMappingAttribute to use UPN
- Get request to `/SessionService/Sessions`
- Run unit tests

[1] UPN Format: https://learn.microsoft.com/en-us/windows/win32/secauthn/user-name-formats#user-principal-name
[2] UPN Properties: https://learn.microsoft.com/en-us/windows/win32/ad/naming-properties#userprincipalname
[3] UPN Glossary: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-wcce/719b890d-62e6-4322-b9b1-1f34d11535b4#gt_9d606f55-b798-4def-bf96-97b878bb92c6
[4] Patch Testing Script: https://gerrit.openbmc.org/c/openbmc/bmcweb/+/78837

Change-Id: I490da8b95aee9579546971e58ab2c4afd64c5997
Signed-off-by: Malik Akbar Hashemi Rafsanjani <malikrafsan@meta.com>

show more ...

Break out dbus utilities into compile unit

ClangBuildAnalyzer shows that each of these dbus calls is relatively
expensive to compile, so put them in their own compile unit so they can
be compiled se

Break out dbus utilities into compile unit

ClangBuildAnalyzer shows that each of these dbus calls is relatively
expensive to compile, so put them in their own compile unit so they can
be compiled separately.

Tested: Redfish service validator passes

Change-Id: Ia383611182d8bc93c125248c4196898cb51fd807
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Remove getIoContext from Request object

At one point it was thought that we could pass the io_context object
through the request object, and have the potential to run multiple
io_context instances (

Remove getIoContext from Request object

At one point it was thought that we could pass the io_context object
through the request object, and have the potential to run multiple
io_context instances (one per connection).

Given the safety refactoring we had to do in
9838eb20341568971b9543c2187372d20daf64aa that idea is on ice for the
moment, and would need a major rethink of code to be viable. For the
moment, and in prep for
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/75668

make sure all calls are pulling from the same io object.

Tested: Unit tests pass. Redfish service validator passes.

Change-Id: I877752005c4ce94efbc13ce815f3cd0d99cc3d51
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Add missing pragma once

This was found when running gcc -ftime-report, which at the end flags
this as possibly missing include header.

This appears to have been missed in
f51d863523b7bfec5c45b0a847

Add missing pragma once

This was found when running gcc -ftime-report, which at the end flags
this as possibly missing include header.

This appears to have been missed in
f51d863523b7bfec5c45b0a847178b5d853404d9 where this was initially added.
Add it.

Tested: code compiles

Change-Id: I31e0ea55c080c239edcd366627ce0829ef9ac41b
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

clang-format: update latest spec and reformat

Copy the latest format file from the docs repository and apply.

Change-Id: I2f0b9d0fb6e01ed36a2f34c750ba52de3b6d15d1
Signed-off-by: Patrick Williams <p

clang-format: update latest spec and reformat

Copy the latest format file from the docs repository and apply.

Change-Id: I2f0b9d0fb6e01ed36a2f34c750ba52de3b6d15d1
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Use specific misc-include-cleaner statement

There are a few places that which clang-tidy seems reporting
false-positives and which can be suppressed either via using
`modernize-deprecated-headers`

Use specific misc-include-cleaner statement

There are a few places that which clang-tidy seems reporting
false-positives and which can be suppressed either via using
`modernize-deprecated-headers` or more targeted inline
`misc-include-cleaner` statement.

Tested: Compiles

Change-Id: Ib609adbe8619f4b9a84e08388eea1e7cee58aa54
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

show more ...

Move io context to singleton

The way we pass around io contexts is somewhat odd. Boost maintainers
in slack recommended that we just have a method that returns an io
context, and from there we can

Move io context to singleton

The way we pass around io contexts is somewhat odd. Boost maintainers
in slack recommended that we just have a method that returns an io
context, and from there we can control this (context link lost years
ago).

The new version of clang claims the singleton pattern of passing in an
io_context pattern is a potential nullptr dereference. It's technically
correct, as calling the singleton without immediately initializing the
io context will lead to a crash.

This commit implements what the boost maintainers suggested, having a
single method that returns "the context" that should be used. This also
helps to maintain isolation, as some pieces are no longer tied directly
to dbus to get their reactor.

Tested: WIP

Change-Id: Ifaa11335ae00a3d092ecfdfb26a38380227e8576
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Fix includes

Clang-tidy misc-include-cleaner appears to now be enforcing
significantly more headers than previously. That is overall a good
thing, but forces us to fix some issues. This commit is

Fix includes

Clang-tidy misc-include-cleaner appears to now be enforcing
significantly more headers than previously. That is overall a good
thing, but forces us to fix some issues. This commit is largely just
taking the clang-recommended fixes and checking them in. Subsequent
patches will fix the more unique issues.

Note, that a number of new ignores are added into the .clang-tidy file.
These can be cleaned up over time as they're understood. The majority
are places where boost includes a impl/x.hpp and x.hpp, but expects you
to use the later. include-cleaner opts for the impl, but it isn't clear
why.

Change-Id: Id3fdd7ee6df6c33b2fd35626898523048dd51bfb
Signed-off-by: Ed Tanous <etanous@nvidia.com>
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Use SPDX identifiers

SPDX identifiers are simpler, and reduce the amount of cruft we have in
code files. They are recommended by linux foundation, and therefore we
should do as they allow.

This pa

Use SPDX identifiers

SPDX identifiers are simpler, and reduce the amount of cruft we have in
code files. They are recommended by linux foundation, and therefore we
should do as they allow.

This patchset does not intend to modify any intent on any existing
copyrights or licenses, only to standardize their inclusion.

[1] https://www.linuxfoundation.org/blog/blog/copyright-notices-in-open-source-software-projects

Change-Id: I935c7c0156caa78fc368c929cebd0f068031e830
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

openbmc_dbus_rest: Allow empty interfaces

In mapper, there is a change to remove the default interfaces for
parent objects that not implement any interfaces.

So there will be the case to get an obj

openbmc_dbus_rest: Allow empty interfaces

In mapper, there is a change to remove the default interfaces for
parent objects that not implement any interfaces.

So there will be the case to get an object that implements no interfaces
from mapper. Handle the case in `handleGet()` so that it does not give
error response.

Signed-off-by: Lei YU <yulei.sh@bytedance.com>
Change-Id: Ia246ff2e65bd25ec2e1c58e191b34892343ecac7

show more ...

Clang-tidy updates for 19

Update to add new checks that are now available to us. Fix the minor
issues we have. A few of our checks that we previously had enabled have
been renamed, so remove those

Clang-tidy updates for 19

Update to add new checks that are now available to us. Fix the minor
issues we have. A few of our checks that we previously had enabled have
been renamed, so remove those from the file as well.

Change-Id: Idbbfc3cb7ba42ac780e557554d7ae8ab190e7551
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Don't use template for callback

Using template params for callbacks isn't worth the extra generated
code, and reduces our ability to make sure that function callbacks are
consistent.

In short order

Don't use template for callback

Using template params for callbacks isn't worth the extra generated
code, and reduces our ability to make sure that function callbacks are
consistent.

In short order after this patchset, std::move_only_function will be
supported by gcc, which is the best of both worlds.

Change to std::function.

Tested: AccountService PATCH Password works properly.

No GET usages of this function.

Change-Id: I94dd99e5cfb65fabed7e569e04251bec4faf2fc3
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Move isJSONContentType to content-type parser

Previously this function was based on a basic string comparison. This
is fine, but found several inconsistencies, like not handling spaces in
the appro

Move isJSONContentType to content-type parser

Previously this function was based on a basic string comparison. This
is fine, but found several inconsistencies, like not handling spaces in
the appropriate places.

This commit creates a new function getContentType, using the new parsing
infrastructure. As doing this, it showed that the existing parser
functions were not handling case insensitive compares for the mime type.
While this is technically not required, it's something we unit test for,
and relatively easy to add.

Note, that because this parser ignores charset, this moves charset=ascii
from something that previously failed, to something that now succeeds.
This is expected.

Tested: Unit tests pass. Good coverage

Change-Id: I825a72862135b62112ee504ab0d9ead9d6796354
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Replace unique ptrs with concrete classes

Static analysis notes that these constructors should be using
make_unique. While it's right, these don't need to be pointers at all.

Tested: No tests for

Replace unique ptrs with concrete classes

Static analysis notes that these constructors should be using
make_unique. While it's right, these don't need to be pointers at all.

Tested: No tests for this code available.

Change-Id: Ia7383da573e8ffeed7542c94556f59b1e4022d16
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Transition to simpler trigger interface

Using this simpler interface allows us to simplify the unpacking code,
and remove the use of a variant containing a variant, which has caused
bugs in the past

Transition to simpler trigger interface

Using this simpler interface allows us to simplify the unpacking code,
and remove the use of a variant containing a variant, which has caused
bugs in the past. Splitting these apart allows us to replicate the
Redfish interfaces with less code.

Tested:

Discrete and Numeric triggers both create correctly
```
curl -k --user "root:0penBmc" -H "Content-Type: application/json" -X POST https://192.168.7.2/redfish/v1/TelemetryService/Triggers -d '{"Name": "eds", "NumericThresholds": {"LowerCritical": {"Reading": 1.0, "Activation": "Increasing", "DwellTime": "P1S"}}}'
curl -k --user "root:0penBmc" -H "Content-Type: application/json" -X POST https://192.168.7.2/redfish/v1/TelemetryService/Triggers -d '{"Name": "eds", "DiscreteTriggers": [{"DwellTime": "P1S", "Severity": "OK", "Value": "1234"}]}

```

Change-Id: If898e2285f90f78b22e47cc670e4206ba4368665
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Make trigger use common types

Trigger having its own variant causes us to duplicate code. This was
left out of the original refactoring because it was complex given
the variant of a variant status.

Make trigger use common types

Trigger having its own variant causes us to duplicate code. This was
left out of the original refactoring because it was complex given
the variant of a variant status.

This commit finally does the port.

Tested: Unclear what tests exist for triggers that would use this code
```
curl -k --user "root:0penBmc" -H "Content-Type: application/json" -X POST https://192.168.7.2/redfish/v1/TelemetryService/Triggers -d '{"Name": "eds", "NumericThresholds": {"LowerCritical": {"Reading": 1.0, "Activation": "Increasing", "DwellTime": "P1S"}}}'
```

Succeeds. GET on the resource results in:
{
"@odata.id": "/redfish/v1/TelemetryService/Triggers/eds",
"@odata.type": "#Triggers.v1_2_0.Triggers",
"Id": "eds",
"Links": {
"MetricReportDefinitions": []
},
"MetricProperties": [],
"MetricType": "Numeric",
"Name": "eds",
"NumericThresholds": {
"LowerCritical": {
"Activation": "Increasing",
"DwellTime": "PT1.000S",
"Reading": 1.0
}
},
"TriggerActions": []
}

Change-Id: I8f683cc9423ee2ba111d3ca1889e78f7d33433c9
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Handle all possible subtypes

Accept header allows any possible parameter value, and expects
that unknown property subtypes are simply ignored.

We were previously enforcing that things either match

Handle all possible subtypes

Accept header allows any possible parameter value, and expects
that unknown property subtypes are simply ignored.

We were previously enforcing that things either match q=<number>
or have no params. bmcweb has no usage of the params, but allow
them to parse silently per the spec in case someone sends them.

[1] https://developer.mozilla.org/en-US/docs/Web/HTTP/MIME_types#structure_of_a_mime_type

This more meets the intent. In theory we could parse only q and charset
values, but allowing any key/values here makes us more resilient against
new mime types being added.

Tested: Unit tests included and passing

Change-Id: I1500be0da4c0c72185ee5bda5dfc31885dc6102d
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Move getProperty calls to utility

Having all dbus calls run through the same utility reduces the amount of
generated code, and more importantly, gives us a place where we can log
the requests and re

Move getProperty calls to utility

Having all dbus calls run through the same utility reduces the amount of
generated code, and more importantly, gives us a place where we can log
the requests and responses to help with debugging.

Tested: Redfish service validator passes.

Change-Id: Ic1bf45130b5069cd57f7af26e12c8d3159c87c67
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Add content-encoding parser

Similar to content-type, add an http content-encoding parser.

Tested: Unit tests pass.

Change-Id: Ic62809934f84804c910458184de19ca9a4207ce5
Signed-off-by: Ed Tanous <et

Add content-encoding parser

Similar to content-type, add an http content-encoding parser.

Tested: Unit tests pass.

Change-Id: Ic62809934f84804c910458184de19ca9a4207ce5
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Add Persistent Heartbeat subscription properties

This adds Heartbeat parameters to subscriptions so that the future
heartbeat implementation can use those parameters specified by the
schema [1][2][3

Add Persistent Heartbeat subscription properties

This adds Heartbeat parameters to subscriptions so that the future
heartbeat implementation can use those parameters specified by the
schema [1][2][3].
- SendHeartbeat
- HeartbeatIntervalMinutes

Tested:

1. POST Subscription
- Create a subscription (e.g. via Redfish-Event-Listener) or like

```
curl -k -H "Content-Type: application/json" -X POST https://${bmc}/redfish/v1/EventService/Subscriptions \
-d '{
"Context": "Public",
"DeliveryRetryPolicy": "TerminateAfterRetries",
"Destination": "https://DESTINATION-IPADDR/Redfish-Evt-Listener",
"EventFormatType": "Event",
"HeartbeatIntervalMinutes": 2,
"HttpHeaders": [],
"MessageIds": [],
"MetricReportDefinitions": [],
"Protocol": "Redfish",
"RegistryPrefixes": [],
"ResourceTypes": [],
"SendHeartbeat": true,
"SubscriptionType": "RedfishEvent",
"VerifyCertificate": true
}'
```

2. GET the subscription and check the content
```
SUBID=<id>
curl -k -X GET https://${bmc}/redfish/v1/EventService/Subscriptions/${SUBID}
```

3. PATCH Subscription
- PATCH with various SendHeartbeat & HeartbeatIntervalMinutes

For example,
```
curl -k -X PATCH https://${bmc}/redfish/v1/EventService/Subscriptions/${SUBID} \
-H "Content-Type: application/json" \
-d '{"SendHeartbeat":true, "HeartbeatIntervalMinutes":10}'
```

- Restart bmcweb or reboot BMC

- Get the subscription data and see whether the heartbeat properties are
persistent.

4. Redfish Validator Service passes

[1] https://github.com/openbmc/bmcweb/blob/d109e2b60f7bb367dc8115475c6cb86bca6e1914/redfish-core/schema/dmtf/json-schema/EventDestination.v1_15_0.json#L356
[2] https://github.com/openbmc/bmcweb/blob/d109e2b60f7bb367dc8115475c6cb86bca6e1914/redfish-core/schema/dmtf/json-schema/EventDestination.v1_15_0.json#L222
[3] https://www.dmtf.org/sites/default/files/standards/documents/DSP2046_2022.3.html

Change-Id: I9e7feadb2e851ca320147df2231f65ece58ddf25
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

show more ...

Make accepts a real parser

We somewhat copped out a little with regards to this originally, because
writing parsers is hard, and we don't have to implement the full field
of what the Accepts header

Make accepts a real parser

We somewhat copped out a little with regards to this originally, because
writing parsers is hard, and we don't have to implement the full field
of what the Accepts header allows.

We should aim to be correct where we can, so implement a real parser
that parses values, including the floats.

Tested: Unit tests pass, good coverage.

Change-Id: I1b4232929367d230641be9f41f5af6e6dbcea037
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Make UserSubscription as shared_ptr in Subscription

Currently UserSubscription are used as value in Subscription. This
causes the copy of the object between subscriptionsMap and
subscriptionConfigMa

Make UserSubscription as shared_ptr in Subscription

Currently UserSubscription are used as value in Subscription. This
causes the copy of the object between subscriptionsMap and
subscriptionConfigMap when doing PATCH.

Using a shared_ptr for UserSubscription avoids the memory copy of it.

Tested:

- Using Redfish Event Listener, test subscriptions and eventing.
- Redfish Service Validator passes

Change-Id: I5821b72f28ba737a5c9b75288d377766c84c6a6a
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

show more ...