| #
16c2b681 |
| 16-Aug-2024 |
Patrick Williams <patrick@stwcx.xyz> |
clang-format: re-format for clang-18
clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda forma
clang-format: re-format for clang-18
clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda formatting also changed, so we have made changes to the
organization default style format to better handle lambda formatting.
See I5e08687e696dd240402a2780158664b7113def0e for updated style.
See Iea0776aaa7edd483fa395e23de25ebf5a6288f71 for clang-18 enablement.
Change-Id: I75bbf0de40859a5e507455a52ceaef9be5b686c7
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
show more ...
|
| #
11ec666b |
| 05-Jul-2022 |
Jiaqing Zhao <jiaqing.zhao@intel.com> |
Switch to lg2 for logging
After enabling C++20, lg2 is preferred for logging. This patch replaces
all phosphor::logging::log calls to lg2 calls.
Tested:
Build pass.
Change-Id: Ic37bc36f43c2b3a1c61
Switch to lg2 for logging
After enabling C++20, lg2 is preferred for logging. This patch replaces
all phosphor::logging::log calls to lg2 calls.
Tested:
Build pass.
Change-Id: Ic37bc36f43c2b3a1c61b1328af95e3a41c8d6d40
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@intel.com>
show more ...
|
| #
b3ef4e1a |
| 22-Jul-2022 |
Patrick Williams <patrick@stwcx.xyz> |
sdbusplus: use shorter type aliases
The sdbusplus headers provide shortened aliases for many types.
Switch to using them to provide better code clarity and shorter
lines. Possible replacements are
sdbusplus: use shorter type aliases
The sdbusplus headers provide shortened aliases for many types.
Switch to using them to provide better code clarity and shorter
lines. Possible replacements are for:
* bus_t
* exception_t
* manager_t
* match_t
* message_t
* object_t
* slot_t
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I19e094a2a99893627dbb82b615f630b87ad90fdd
show more ...
|
| #
0b1ad3d8 |
| 09-Jan-2022 |
Ratan Gupta <ratankgupta31@gmail.com> |
Resolve Meson issues
This commit includes fixes in the repo:
1. Errors that meson identified
2. Formatting changes
Signed-off-by: Ratan Gupta <ratankgupta31@gmail.com>
Change-Id: I4f57abb2236205fe
Resolve Meson issues
This commit includes fixes in the repo:
1. Errors that meson identified
2. Formatting changes
Signed-off-by: Ratan Gupta <ratankgupta31@gmail.com>
Change-Id: I4f57abb2236205fe6fc04292a00a270c816ba965
show more ...
|
| #
9638afb9 |
| 22-Feb-2021 |
Patrick Williams <patrick@stwcx.xyz> |
clang-format-11: reformat
The .clang-format file here is an old version of the common one.
Upgrade to the latest and reformat.
Signed-off-by: Patrick Williams <patrick@stwcx.xyz
clang-format-11: reformat
The .clang-format file here is an old version of the common one.
Upgrade to the latest and reformat.
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I0d532aa88d650e9c7664e07abfc8c4fdf0dd3df4
show more ...
|
| #
703131fa |
| 28-Oct-2020 |
Gunnar Mills <gmills@us.ibm.com> |
c++17: drop experimental::filesystem
Use std::filesystem, and drop support for building with experimental
under c++14.
Tested: Build the repo.
Change-Id: I4af0d9c034dbfef5a6
c++17: drop experimental::filesystem
Use std::filesystem, and drop support for building with experimental
under c++14.
Tested: Build the repo.
Change-Id: I4af0d9c034dbfef5a65153ba5447b86c961aebf1
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
show more ...
|
| #
5d00cf25 |
| 03-Oct-2019 |
Zbigniew Kurzynski <zbigniew.kurzynski@intel.com> |
Support uploading multiple certificates for ldap configuration
This code change regards replacing a path to CA file with directory
location holding multiple CA files within it.
Support uploading multiple certificates for ldap configuration
This code change regards replacing a path to CA file with directory
location holding multiple CA files within it.
Implementation assumes that one can still define TLS_CACERT_FILE as
either a single CA file or directory location.
Depending if the path points to a file or a directory a proper
value will be set in /etc/nslcd.conf
This code change depends on another change requests:
https://gerrit.openbmc-project.xyz/c/openbmc/meta-phosphor/+/25987
https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-certificate-manager/+/23348
Tested:
Manually tested, all changes propagate properly to
/etc/nslcd.conf file.
Unit Tests are passing.
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Depends-On: Icd33723c1fc2580679aaaf54b3e99dfb09342402
Depends-On: Ia02c552eb27744e45ccfff3b3a1232d10e65da74
Change-Id: I85dabd4841018f04b0b9e9b58dca9579e7ff1999
show more ...
|
| #
22f13f18 |
| 29-Apr-2019 |
Ratan Gupta <ratagupt@linux.vnet.ibm.com> |
phosphor-ldap-conf: handle "InterfaceAdded" signal on the ldap cert object
When LDAP client certificate is uploaded through install method on the
cert object, Object would emit the signa
phosphor-ldap-conf: handle "InterfaceAdded" signal on the ldap cert object
When LDAP client certificate is uploaded through install method on the
cert object, Object would emit the signal "InterfaceAdded".
Upon receiving the signal, Config file would be updated with
below given info if secure ldap is enabled:
tls_cert <path client certificate file>
tls_key <path to client certificate file>
Tested By: Unit Tested
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>
Change-Id: I54b3e116af1b8a9057d91797d4074d39efc65bb0
show more ...
|
| #
21e88cb5 |
| 12-Apr-2019 |
Ratan Gupta <ratagupt@linux.vnet.ibm.com> |
Serialize the config objects
This commit serializes the config object into cereal
path and restores the config object when the phosphor-ldap-conf
restarts.
TestedBy: Unit te
Serialize the config objects
This commit serializes the config object into cereal
path and restores the config object when the phosphor-ldap-conf
restarts.
TestedBy: Unit tested
Serialize the object
Restart the phosphor-ldap-conf restores the object.
Ldap/Local authentication works fine.
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>
Change-Id: Ie6e940ddd6851085dc4213677dfb20e3afa0964f
show more ...
|
| #
27d4c011 |
| 12-Apr-2019 |
Ratan Gupta <ratagupt@linux.vnet.ibm.com> |
Create the default object for openldap and AD.
This commit introduces the following functionalities
=> Default AD and openldap config object would always be there.
=> User should not
Create the default object for openldap and AD.
This commit introduces the following functionalities
=> Default AD and openldap config object would always be there.
=> User should not be able to change the type of the ldap
once it is created.
This change is to align with redfish sehema
(https://redfish.dmtf.org/schemas/AccountService.v1_4_0.json),
In the schema AD and LDAP is a property which user can PATCH,
Now with the current code which doesn't have the default config
so for the PATCH, We were forcing the user to give all the
properties and then create the object which is against the
PATCH semantics.
TestedBy: Unit tested
Default Object gets created when service starts.
change of ldap type gets the error back.
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>
Change-Id: I0ce951a13ee525df022fb0716f0aea10d1909781
show more ...
|
| #
e1f4db62 |
| 11-Apr-2019 |
Ratan Gupta <ratagupt@linux.vnet.ibm.com> |
Create separate file for ConfigMgr class
As the ldap_configuration.cpp was getting long
so it is good to create the seprate file for
ConfigMgr.
TestedBy:
Ran th
Create separate file for ConfigMgr class
As the ldap_configuration.cpp was getting long
so it is good to create the seprate file for
ConfigMgr.
TestedBy:
Ran the unit test.
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>
Change-Id: I312a9f423d4ab3ca4ebd5f17193f7b02162ded6b
show more ...
|
| #
95a29314 |
| 18-Feb-2019 |
Ratan Gupta <ratagupt@linux.vnet.ibm.com> |
LDAP: Add the persistency for the "Enabled" property
This property will control that whether the LDAP service would
be started or not.
We are persisting this property using cere
LDAP: Add the persistency for the "Enabled" property
This property will control that whether the LDAP service would
be started or not.
We are persisting this property using cereal, other properties
is being persisted through nslcd.conf, nslcd doesn't give us
a way to put this property under nslcd.conf.
Tested By:
Test the persistency of enabled property.
Verified that it was getting persisted across restart/reboot.
Change-Id: Id64b23b71865bac15d3be2d79abad615aa576bea
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>
show more ...
|
| #
5088e544 |
| 28-Oct-2018 |
Deepak Kodihalli <dkodihal@in.ibm.com> |
React to nsswitch config file changes
There's just one nsswitch config file now (instead of a default, an
_linux and an _ldap). Make fixes in code relevant to this.
Change-Id: I
React to nsswitch config file changes
There's just one nsswitch config file now (instead of a default, an
_linux and an _ldap). Make fixes in code relevant to this.
Change-Id: I92362aac7a1f5e034cea06e9299f7e574dc2fab9
Signed-off-by: Deepak Kodihalli <dkodihal@in.ibm.com>
Signed-off-by: Nagaraju Goruganti <ngorugan@in.ibm.com>
show more ...
|
| #
3b4d06a1 |
| 08-Nov-2018 |
Nagaraju Goruganti <ngorugan@in.ibm.com> |
phosphor-ldap-conf: update nslcd.conf file with tls_cacertfile info
tls_cacertfile specifies the path to the X.509 certificate for
peer authentication.
Also updated the file wit
phosphor-ldap-conf: update nslcd.conf file with tls_cacertfile info
tls_cacertfile specifies the path to the X.509 certificate for
peer authentication.
Also updated the file with "tls_reqcert hard", to force the
behavior: if no certificate is provided, or a bad certificate
is provided, the session is immediately terminated.
Tested: tested using below given commands
1.curl -c cjar -b cjar -k -H "Content-Type: application/json" -X POST -d \
'{"data":[true,"ldaps://<host_ip>/","cn=<user-id>,dc=Corp,dc=ibm,dc=com",\
"cn=Users,dc=Corp,dc=ibm,dc=com", "<password>",\
"xyz.openbmc_project.User.Ldap.Create.SearchScope.sub",\
"xyz.openbmc_project.User.Ldap.Create.Type.ActiveDirectory"] \
}' https://$BMC_IP//xyz/openbmc_project/user/ldap/action/CreateConfig
2.curl -b cjar -k -H "Content-Type: application/json" -X PUT -d '{"data":true}'\
https://$BMC_IP/xyz/openbmc_project/user/ldap/config/attr/SecureLDAP
3.curl -b cjar -k -H "Content-Type: application/json" -X PUT -d \
'{"data":"ldap://<host_ip>/"}' \
https://$BMC_IP/xyz/openbmc_project/ldap/config/attr/LDAPServerURI
when "/etc/ssl/certs/Root-CA.pem" doesn't exist on target, we get below
given exception(if we try to set SecureLDAP is true):
"DBusException: xyz.openbmc_project.Common.Error.NoCACertificate: \
Server's CA certificate has not been provided."
Change-Id: I56ffe8b08bb71307b4f2bfe9cf935b6113e4579a
Signed-off-by: Nagaraju Goruganti <ngorugan@in.ibm.com>
Signed-off-by: Deepak Kodihalli <dkodihal@in.ibm.com>
Signed-off-by: Nagaraju Goruganti <ngorugan@in.ibm.com>
show more ...
|
| #
d514e5dc |
| 08-Nov-2018 |
Nagaraju Goruganti <ngorugan@in.ibm.com> |
phosphor-ldap-conf: add unit tests
Added uinit tests to create and to restore config file.
Change-Id: Idf5231d46542cda1ff84241aa67aadd91a4788d6
Signed-off-by: Nagaraju Goruganti
phosphor-ldap-conf: add unit tests
Added uinit tests to create and to restore config file.
Change-Id: Idf5231d46542cda1ff84241aa67aadd91a4788d6
Signed-off-by: Nagaraju Goruganti <ngorugan@in.ibm.com>
Signed-off-by: Deepak Kodihalli <dkodihal@in.ibm.com>
Signed-off-by: Nagaraju Goruganti <ngorugan@in.ibm.com>
show more ...
|
| #
997f5e00 |
| 30-Aug-2018 |
Nagaraju Goruganti <ngorugan@in.ibm.com> |
phosphor-ldap-conf: add application to configure LDAP
The application implements the xyz.openbmc_project.User.Ldap.Config
and xyz.openbmc_project.User.Ldap.Create D-Bus interfaces to cre
phosphor-ldap-conf: add application to configure LDAP
The application implements the xyz.openbmc_project.User.Ldap.Config
and xyz.openbmc_project.User.Ldap.Create D-Bus interfaces to create
LDAP config file(for example generate nslcd.conf)
Change-Id: Idc7cc643c4143f9bc51182019926e1dd6125da2f
Signed-off-by: Nagaraju Goruganti <ngorugan@in.ibm.com>
show more ...
|