History log of /openbmc/bmcweb/ (Results 1 – 25 of 3111)
Revision Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
cc67d0a001-Feb-2025 rohitpai <rohitpai77@gmail.com>

Migration of OpenBMC Manager OEM schema

With the support of OEM route infrastructure each OEM implementation
can be separated into an OEM route handler. The MR migrates OEM resource
of manager resou

Migration of OpenBMC Manager OEM schema

With the support of OEM route infrastructure each OEM implementation
can be separated into an OEM route handler. The MR migrates OEM resource
of manager resource into new files and route handlers

Tested
- All unit tests are passing
- GET request on /redfish/v1/Managers/<bmcid> has OpenBMC OEM properties

Change-Id: I935524dcdad6a6cc38a5532b6e7e7ffa1cb0369f
Signed-off-by: rohitpai <rohitpai77@gmail.com>
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

178c55a511-Feb-2025 Ed Tanous <etanous@nvidia.com>

Fix generate auth certificates script

pyCrypto has removed support for the PKCS12 certificates this script
generates, so this script is broken as-is on any distro from the last
year or two.

Rewrite

Fix generate auth certificates script

pyCrypto has removed support for the PKCS12 certificates this script
generates, so this script is broken as-is on any distro from the last
year or two.

Rewrite the script to target python-cryptography instead. While there,
implement TODOs around code formatting, using EC keys, removing the
dependency on the redfish library, using the service root to
determine the correct manager instance to update, and cleaning up the
redfish session after a crash.

Tested: running this script targeting redfish instance shows it runs
to completion and test passes.

Change-Id: Ie1ee1a6f0a548258fe7b7d4c9678a9d55c8b71d1
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

c35475f917-Feb-2025 Ed Tanous <etanous@nvidia.com>

Fix tidy misc-include issue

Fix minor #include regression caused by
ee993dc84b1e9917b545fdd7367f1127a358084a

Change-Id: Ieda0205a4a4faf877a4f2298e6935bc3aa506fde
Signed-off-by: Ed Tanous <etanous@n

Fix tidy misc-include issue

Fix minor #include regression caused by
ee993dc84b1e9917b545fdd7367f1127a358084a

Change-Id: Ieda0205a4a4faf877a4f2298e6935bc3aa506fde
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

ee993dc819-Nov-2024 Ed Tanous <etanous@nvidia.com>

Use systemd logging levels

Systemd has an option[1] that allows it to interpret our log levels
directly. This allows for journald to sort/filter/colorize our logs
better than it was able to previou

Use systemd logging levels

Systemd has an option[1] that allows it to interpret our log levels
directly. This allows for journald to sort/filter/colorize our logs
better than it was able to previously. Its indexes don't map perfectly
to bmcwebs, so come up with a constexpr lookup table to map the two
values across.

Tested: Enabled logging, and dumped journal logs. Observed colorized
output.

[1] https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#SyslogLevelPrefix=

Change-Id: I7722ae86e114daec88709b68405498eeb8164c07
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

27f5ecf709-Feb-2025 Ed Tanous <etanous@nvidia.com>

Make code compile with latest clang

The latest clang and boost include a number of warnings that need to be
explicitly handled to get code to compile.
Namely:
-Wno-c++26-extensions given we use some

Make code compile with latest clang

The latest clang and boost include a number of warnings that need to be
explicitly handled to get code to compile.
Namely:
-Wno-c++26-extensions given we use some parts of c++26
-Wno-c++23-extensions out of consistency (warning isn't yet needed).
-Wno-missing-include-dirs, because without it nghttp2 fails to find a
missing include dir (used for windows vs linux handling) which is
expected.

Change-Id: I28eda6662c95c331fffc4e3bb9c415b7947520b9
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

ebe4c57408-Feb-2025 Ed Tanous <etanous@nvidia.com>

Implement http2 TODO

To support HTTP2 simultaneously on http and https connections, the HTTP
connection classes formerly took the socket as a template option,
allowing passing ssl::stream<tcp::socke

Implement http2 TODO

To support HTTP2 simultaneously on http and https connections, the HTTP
connection classes formerly took the socket as a template option,
allowing passing ssl::stream<tcp::socket> or simply tcp socket. With
the addition of the multiple-sockets option, this would cause two copies
of the template to be instantiated, increasing both compile times and
binary size.

This commit applies the same logic to http2connection as was applied to
HTTPConnection, adding an http type parameter to the constructor, which
allows switching between adapter and adapter.next_level() on each read
or write operation. In compiled code, this means that the connection
classes are only specialized once.

Tested:
When configured for one of each http and https socket and http2
curl --http2 http://<ip>/redfish/v1
succeeds
curl --http2 https://<ip>/redfish/v1 succeeds

Change-Id: I8f33796edd5874d5b93d10a3f253cfadd4f6d7a4
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

bb1c7d3009-Feb-2025 Ed Tanous <etanous@nvidia.com>

Break out dbus utilities into compile unit

ClangBuildAnalyzer shows that each of these dbus calls is relatively
expensive to compile, so put them in their own compile unit so they can
be compiled se

Break out dbus utilities into compile unit

ClangBuildAnalyzer shows that each of these dbus calls is relatively
expensive to compile, so put them in their own compile unit so they can
be compiled separately.

Tested: Redfish service validator passes

Change-Id: Ia383611182d8bc93c125248c4196898cb51fd807
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

9a56031917-Apr-2024 Ed Tanous <ed@tanous.net>

Remove nlohmann::json::object helpers

readJsonHelper existed back before the distinction between
nlohmann::json and nlohmann::json::object_t was understood. This commit
cleans up our sub-value pars

Remove nlohmann::json::object helpers

readJsonHelper existed back before the distinction between
nlohmann::json and nlohmann::json::object_t was understood. This commit
cleans up our sub-value parsing by removing readJsonHelper that accepts
a nlohmann::json overload, and always accepting via an object_t
overload. Functionally, these two are identical, given that
readJsonHelper only did a type check that was redundant.

Tested: Unit tests pass. Good coverage of these methods.

Change-Id: I734d956dd4bc2ddb14f6e3c735e15adf1f7e00a0
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

57d0f5c110-Feb-2025 Ed Tanous <etanous@nvidia.com>

Fix websocket test script

Unclear when or why this changed in python, but doesn't really matter.
Fix the script.

Tested: Script now succeeds with rest option enabled.

Change-Id: I3e548aad03c6150f4

Fix websocket test script

Unclear when or why this changed in python, but doesn't really matter.
Fix the script.

Tested: Script now succeeds with rest option enabled.

Change-Id: I3e548aad03c6150f404d5fddc742f8baa5274a83
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

beb96b0b09-Feb-2025 Ed Tanous <etanous@nvidia.com>

Break out websockets

When running clang build analyzer it shows that one of the largest
templates in the Redfish compile unit (which is also the slowest compile
unit) is actually the beast websocket

Break out websockets

When running clang build analyzer it shows that one of the largest
templates in the Redfish compile unit (which is also the slowest compile
unit) is actually the beast websocket instantiations, taking about 6
seconds to compile on their own.

Luckily, the websocket layer is already split into Websocket and
WebsocketImpl classes that we inherited from crow. Unfortunately, crow
puts these two classes into the same file. So.

1. Move the WebSocketImpl class into its own header.
2. Move the websocket() upgrade routes in the websocket routing rule
into their own compile unit to take advantage of only needing
WebsocketImpl in this compile unit.

Tested: Drops build time by several seconds depending on what other
level of optimizations are present (1:15 -> 1:00)

[1] https://github.com/aras-p/ClangBuildAnalyzer

Change-Id: Ia0445eae4a793bb4ccb28136f30d2a05662c529c
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

d98a2f9306-Feb-2025 Ed Tanous <etanous@nvidia.com>

Remove getIoContext from Request object

At one point it was thought that we could pass the io_context object
through the request object, and have the potential to run multiple
io_context instances (

Remove getIoContext from Request object

At one point it was thought that we could pass the io_context object
through the request object, and have the potential to run multiple
io_context instances (one per connection).

Given the safety refactoring we had to do in
9838eb20341568971b9543c2187372d20daf64aa that idea is on ice for the
moment, and would need a major rethink of code to be viable. For the
moment, and in prep for
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/75668

make sure all calls are pulling from the same io object.

Tested: Unit tests pass. Redfish service validator passes.

Change-Id: I877752005c4ce94efbc13ce815f3cd0d99cc3d51
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

bb456a6d15-Mar-2024 Ed Tanous <etanous@nvidia.com>

Remove the last memcpy

This is the last memcpy in bmcweb. Remove it in leui of std::bit_cast

Tested: Need help.

Change-Id: Ibd6fbc1a8fa9e80cd7e7edf356f8a45448c16189
Signed-off-by: Ed Tanous <etan

Remove the last memcpy

This is the last memcpy in bmcweb. Remove it in leui of std::bit_cast

Tested: Need help.

Change-Id: Ibd6fbc1a8fa9e80cd7e7edf356f8a45448c16189
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

46f780f709-Feb-2025 Ed Tanous <etanous@nvidia.com>

Move chassis and trigger to dbus utility

Using the utility classes reduces compile times and reduces the number
of template specializations that get generated. These are the last two
left in the co

Move chassis and trigger to dbus utility

Using the utility classes reduces compile times and reduces the number
of template specializations that get generated. These are the last two
left in the codebase for getProperty, so fix them.

Tested: On Last commit.

Change-Id: I0ca8411b74b58dbeb42587b88cfd66c0e674b8c8
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

9e2d203302-Feb-2025 rohitpai <rohitpai77@gmail.com>

Update common error doc

Update common error doc related to D-Bus utility functions usage and
usage of redfish schema generated enumerations in implementation

Change-Id: I7284bc28af73dc0036c7a24fb6b

Update common error doc

Update common error doc related to D-Bus utility functions usage and
usage of redfish schema generated enumerations in implementation

Change-Id: I7284bc28af73dc0036c7a24fb6bddb4441892122
Signed-off-by: rohitpai <rohitpai77@gmail.com>

show more ...

796ba93b01-Aug-2020 Ed Tanous <ed@tanous.net>

Enable HTTP additional sockets

This commit attempts to add the concept of an SSL detector from beast,
and add the capability into bmcweb. This allows directing multiple
socket files to the bmcweb i

Enable HTTP additional sockets

This commit attempts to add the concept of an SSL detector from beast,
and add the capability into bmcweb. This allows directing multiple
socket files to the bmcweb instance, and bmcweb will automatically sort
out whether or not they're SSL, and give the correct response. This
allows users to plug in erroneous urls like "https://mybmc:80" and they
will forward and work correctly.

Some key design points:
The HTTP side of bmcweb implements the exact same http headers as the
HTTPS side, with the exception of HSTS, which is explicitly disallowed.
This is for consistency and security.

The above allows bmcweb builds to "select" the appropriate security
posture (http, https, or both) for a given channel using the
FileDescriptorName field within a socket file. Items ending in:
both: Will support both HTTPS and HTTP redirect to HTTPS
https: Will support HTTPS only
http: will support HTTP only

Given the flexibility in bind statements, this allows administrators to
support essentially any security posture they like. The openbmc
defaults are:
HTTPS + Redirect on both ports 443 and port 80 if http-redirect is
enabled

And HTTPS only if http-redirect is disabled.

This commit adds the following meson options that each take an array of
strings, indexex on the port.
additional-ports
Adds additional ports that bmcweb should listen to. This is always
required when adding new ports.

additional-protocol
Specifies 'http', 'https', or 'both' for whether or not tls is enfoced
on this socket. 'both' allows bmcweb to detect whether a user has
specified tls or not on a given connection and give the correct
response.

additional-bind-to-device
Accepts values that fill the SO_BINDTODEVICE flag in systemd/linux,
and allows binding to a specific device

additional-auth
Accepts values of 'auth' or 'noauth' that determines whether this
socket should apply the normal authentication routines, or treat the
socket as unauthenticated.

Tested:
Previous commits ran the below tests.
Ran the server with options enabled. Tried:
```
curl -vvvv --insecure --user root:0penBmc http://192.168.7.2/redfish/v1/Managers/bmc
* Trying 192.168.7.2:80...
* Connected to 192.168.7.2 (192.168.7.2) port 80 (#0)
* Server auth using Basic with user 'root'
> GET /redfish/v1/Managers/bmc HTTP/1.1
> Host: 192.168.7.2
> Authorization: Basic cm9vdDowcGVuQm1j
> User-Agent: curl/7.72.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Location: https://192.168.7.2
< X-Frame-Options: DENY
< Pragma: no-cache
< Cache-Control: no-Store,no-Cache
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Content-Security-Policy: default-src 'none'; img-src 'self' data:; font-src 'self'; style-src 'self'; script-src 'self'; connect-src 'self' wss:
< Date: Fri, 08 Jan 2021 01:43:49 GMT
< Connection: close
< Content-Length: 0
<
* Closing connection 0
```

Observe above:
webserver returned 301 redirect.
webserver returned the appropriate security headers
webserver immediately closed the connection.

The same test above over https:// returns the values as expected

Loaded the webui to test static file hosting. Webui logs in and works
as expected.

Used the scripts/websocket_test.py to verify that websockets work.
Sensors report as expected.

Change-Id: Ib5733bbe5473fed6e0e27c56cdead0bffedf2993
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

cd7dbb3001-Feb-2025 Ed Tanous <etanous@nvidia.com>

Support h2c upgrade

h2c upgrade is a mechanism for supporting http/2 on connections that
might not support alpn [1]. This is done by the client specifying
Connection: upgrade
Upgrade: h2c

This loo

Support h2c upgrade

h2c upgrade is a mechanism for supporting http/2 on connections that
might not support alpn [1]. This is done by the client specifying
Connection: upgrade
Upgrade: h2c

This looks very similar to a websocket upgrade, which h2c replacing
websocket. Because of this, the existing upgrade code needs some
upgrades to avoid parsing twice.

Tested:
```
curl -u root:0penBmc --http2 -k http://192.168.7.2:443/redfish/v1/SessionService/Sessions
```

Succeeds and verbose logging shows that http upgrade succeeded

websocket_test.py in the scripts directory connects and reports events

[1] https://datatracker.ietf.org/doc/html/rfc7540#section-11.8

Change-Id: I8f76e355f99f21337d310ef2f345e6aaa253b48b
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

b5edf03c09-Feb-2025 Ed Tanous <etanous@nvidia.com>

Sort compiler args

For all of our -Wno-* compiler args, sort them alphabetically.

Tested: Code compiles.

Change-Id: I119a8107aa5629fdc4b8c0d535a04a4c58be96ce
Signed-off-by: Ed Tanous <etanous@nvid

Sort compiler args

For all of our -Wno-* compiler args, sort them alphabetically.

Tested: Code compiles.

Change-Id: I119a8107aa5629fdc4b8c0d535a04a4c58be96ce
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

3d21c59f08-Feb-2025 Ed Tanous <etanous@nvidia.com>

Update boost to 1.87

Subproject seems to build. No need to hold this back.

Change-Id: I415c736af512d951278a252329028870c051bbbf
Signed-off-by: Ed Tanous <etanous@nvidia.com>

f2cd766508-Feb-2025 Ed Tanous <etanous@nvidia.com>

Add missing pragma once

This was found when running gcc -ftime-report, which at the end flags
this as possibly missing include header.

This appears to have been missed in
f51d863523b7bfec5c45b0a847

Add missing pragma once

This was found when running gcc -ftime-report, which at the end flags
this as possibly missing include header.

This appears to have been missed in
f51d863523b7bfec5c45b0a847178b5d853404d9 where this was initially added.
Add it.

Tested: code compiles

Change-Id: I31e0ea55c080c239edcd366627ce0829ef9ac41b
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

80d2ef3104-Feb-2025 Ed Tanous <etanous@nvidia.com>

Implement urlsafe base64 decode

base64 decoding comes in two flavors, "normal" which we already
implement, and "url safe" which modifies the alphabet to create base64
encodings that are safe to use

Implement urlsafe base64 decode

base64 decoding comes in two flavors, "normal" which we already
implement, and "url safe" which modifies the alphabet to create base64
encodings that are safe to use in filenames and urls. Functionally this
just involves swapping two characters with underscore and minus in the
encode/decode table. To avoid duplicating a lot of code, this commit
refactors the base64 tables to be generated at compile time.

Tested: Included unit tests pass. No usage until next commit.

Change-Id: I71724fd2e04000f115c22a40d382d411986d7b39
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

4a19a7b527-Jan-2025 Ed Tanous <etanous@nvidia.com>

Deduplicate event ids

Redfish specification states:
```
The value of the id field shall be the same as the Id property in the
event payload. The value of the Id property in the event payload should

Deduplicate event ids

Redfish specification states:
```
The value of the id field shall be the same as the Id property in the
event payload. The value of the Id property in the event payload should
be the same as the EventId property of the last event record in the
Events array. The value of the EventId property for an event record
should be a positive integer value and should be generated in a
sequential manner.
```

The event service code did not implement that correctly. So:
1. Add ID fields for all events.
2. Remove the per-sse connection id field and rely solely on
EventServiceManager.
3. Make sure all paths, (including metric report) are generating an
event id that's based on the eventservice event id

Tested: Redfish event listener now sees events populated.
LastEventId when sent to the SSE socket now sees a contiguous id.

```
uri=$(curl -s --user "root:0penBmc" -k "https://192.168.7.2/redfish/v1/EventService" | jq -r .ServerSentEventUri)
curl -u root:0penBmc -vvv -k -N -H "Accept: text/event-stream" -H "Last-Event-Id: 0" "https://192.168.7.2$uri"
```

Change-Id: Ic32e036f40a53a9b2715639ae384d7891c768260
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

8b07838531-Jan-2025 rohitpai <rohitpai77@gmail.com>

Fix Message arg error in JSON Patch

When array/vector object is expected in JSON patch the error info does
not contain the actual wrong property instead shows "null". Fix is to
correct the value in

Fix Message arg error in JSON Patch

When array/vector object is expected in JSON patch the error info does
not contain the actual wrong property instead shows "null". Fix is to
correct the value in the error info.

Tested
- add new test case to verify this
- unit tests are passing.

Change-Id: Ica26ac9e501b5a34a5b118769cc1917eeab30524
Signed-off-by: rohitpai <rohitpai77@gmail.com>

show more ...

504af5a003-Feb-2025 Patrick Williams <patrick@stwcx.xyz>

clang-format: update latest spec and reformat

Copy the latest format file from the docs repository and apply.

Change-Id: I2f0b9d0fb6e01ed36a2f34c750ba52de3b6d15d1
Signed-off-by: Patrick Williams <p

clang-format: update latest spec and reformat

Copy the latest format file from the docs repository and apply.

Change-Id: I2f0b9d0fb6e01ed36a2f34c750ba52de3b6d15d1
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...


.clang-format
http/http2_connection.hpp
http/http_body.hpp
http/mutual_tls.cpp
http/mutual_tls.hpp
http/mutual_tls_meta.hpp
http/nghttp2_adapters.hpp
http/routing/baserule.hpp
http/utility.hpp
include/authentication.hpp
include/dbus_privileges.hpp
include/dbus_utility.hpp
include/duplicatable_file_handle.hpp
include/google/google_service_root.hpp
include/http_utility.hpp
include/ibm/management_console_rest.hpp
include/image_upload.hpp
include/sessions.hpp
include/ssl_key_handler.hpp
include/vm_websocket.hpp
redfish-core/include/dbus_log_watcher.hpp
redfish-core/include/error_messages.hpp
redfish-core/include/event_service_manager.hpp
redfish-core/include/privileges.hpp
redfish-core/include/query.hpp
redfish-core/include/redfish_aggregator.hpp
redfish-core/include/registries_selector.hpp
redfish-core/include/resource_messages.hpp
redfish-core/include/snmp_trap_event_clients.hpp
redfish-core/include/utils/json_utils.hpp
redfish-core/include/utils/pcie_util.hpp
redfish-core/include/utils/query_param.hpp
redfish-core/include/utils/sensor_utils.hpp
redfish-core/include/utils/sw_utils.hpp
redfish-core/include/utils/telemetry_utils.hpp
redfish-core/lib/account_service.hpp
redfish-core/lib/bios.hpp
redfish-core/lib/cable.hpp
redfish-core/lib/certificate_service.hpp
redfish-core/lib/chassis.hpp
redfish-core/lib/ethernet.hpp
redfish-core/lib/event_service.hpp
redfish-core/lib/fan.hpp
redfish-core/lib/hypervisor_system.hpp
redfish-core/lib/led.hpp
redfish-core/lib/log_services.hpp
redfish-core/lib/manager_diagnostic_data.hpp
redfish-core/lib/managers.hpp
redfish-core/lib/metadata.hpp
redfish-core/lib/metric_report_definition.hpp
redfish-core/lib/network_protocol.hpp
redfish-core/lib/pcie_slots.hpp
redfish-core/lib/power.hpp
redfish-core/lib/power_supply.hpp
redfish-core/lib/processor.hpp
redfish-core/lib/redfish_sessions.hpp
redfish-core/lib/redfish_v1.hpp
redfish-core/lib/roles.hpp
redfish-core/lib/sensors.hpp
redfish-core/lib/service_root.hpp
redfish-core/lib/storage.hpp
redfish-core/lib/systems.hpp
redfish-core/lib/systems_logservices_hostlogger.hpp
redfish-core/lib/systems_logservices_postcodes.hpp
redfish-core/lib/thermal.hpp
redfish-core/lib/thermal_metrics.hpp
redfish-core/lib/trigger.hpp
redfish-core/lib/update_service.hpp
redfish-core/lib/virtual_media.hpp
redfish-core/src/error_messages.cpp
redfish-core/src/filter_expr_executor.cpp
redfish-core/src/filter_expr_printer.cpp
redfish-core/src/resource_messages.cpp
redfish-core/src/utils/time_utils.cpp
src/ssl_key_handler.cpp
test/http/http_connection_test.cpp
92e11bf831-Jan-2025 Myung Bae <myungbae@us.ibm.com>

Use specific misc-include-cleaner statement

There are a few places that which clang-tidy seems reporting
false-positives and which can be suppressed either via using
`modernize-deprecated-headers`

Use specific misc-include-cleaner statement

There are a few places that which clang-tidy seems reporting
false-positives and which can be suppressed either via using
`modernize-deprecated-headers` or more targeted inline
`misc-include-cleaner` statement.

Tested: Compiles

Change-Id: Ib609adbe8619f4b9a84e08388eea1e7cee58aa54
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

show more ...

1e4bc6ff03-Feb-2025 Patrick Williams <patrick@stwcx.xyz>

meson: reformat with meson formatter

Apply the `meson format` results.

Change-Id: I76fbfada6f32c42209409e46aaa02b03b106416b
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

12345678910>>...125