Refactor large lambda

Similar to other patches, refactor this large lambda into a normal
function.

Tested: Redfish service validator passes

Change-Id: I45e0b421f04ad8351de367bfdc7b8512bf10ca45
Sig

Refactor large lambda

Similar to other patches, refactor this large lambda into a normal
function.

Tested: Redfish service validator passes

Change-Id: I45e0b421f04ad8351de367bfdc7b8512bf10ca45
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

account_service: Move to unpackproperty method

Change-Id: If677e2b4e9bd03b359913670d120f15d4a5f29b9
Signed-off-by: Asmitha Karunanithi <asmitk01@in.ibm.com>

Move getProperty calls to utility

Having all dbus calls run through the same utility reduces the amount of
generated code, and more importantly, gives us a place where we can log
the requests and re

Move getProperty calls to utility

Having all dbus calls run through the same utility reduces the amount of
generated code, and more importantly, gives us a place where we can log
the requests and responses to help with debugging.

Tested: Redfish service validator passes.

Change-Id: Ic1bf45130b5069cd57f7af26e12c8d3159c87c67
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Format readjson

clang-format may potentially reformat the readJson calls if they may
have more keys or key names are longer. This makes formatting in a way
that's readable by forcing to break a line

Format readjson

clang-format may potentially reformat the readJson calls if they may
have more keys or key names are longer. This makes formatting in a way
that's readable by forcing to break a line for each key using an
empty-comment (`//`) each line.

It also allows trivially alphabetizing the list such that new additions
are less likely to have merge conflicts.

Tested:
- Check whitespace only.
- Code compiles.
- Redfish Service Validator with the same results before this

Change-Id: I3824a8c4faa9fa7c820d5d2fab6b565404926e2c
Signed-off-by: Ed Tanous <etanous@nvidia.com>
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

show more ...

Add unit test for trailing slashes

Common error #9 requires that most urls end in a trailing slash. Given
the redfish standard, we know that all redfish routes need to end in a
trailing slash, so w

Add unit test for trailing slashes

Common error #9 requires that most urls end in a trailing slash. Given
the redfish standard, we know that all redfish routes need to end in a
trailing slash, so write a unit test that verifies that is true.

Despite code review, this appears to have snuck into the codebase in 4
different handlers. Fix those at the same time so the tests pass.

Tested: Unit tests pass.

Change-Id: I0299a7231662725a7100d5308b3977a549b49253
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Remove duplicated block comments

Static analysis flags that these two comments are redundant[1], which
seem to be duplicated a lot in copyright headers. Although there is a
larger discussion that c

Remove duplicated block comments

Static analysis flags that these two comments are redundant[1], which
seem to be duplicated a lot in copyright headers. Although there is a
larger discussion that can likely be had.

[1] https://sonarcloud.io/project/issues?issueStatuses=OPEN%2CCONFIRMED&id=edtanous_bmcweb&open=AY9_HYjgKXKyw1ZFwgVP

Tested: Comment change only. Code compiles.

Change-Id: Ia960317761f558a87842347ca0b5f3da63f8e730
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

User creation: Add EC to Log

On an internal error, having the error code from D-Bus is really
helpful to debug. A trace before an internal error without the ec, is
pretty pointless so make this trac

User creation: Add EC to Log

On an internal error, having the error code from D-Bus is really
helpful to debug. A trace before an internal error without the ec, is
pretty pointless so make this trace useful.

Tested: None. Inspection only.

Change-Id: I953e5bcbbba197b158beabdb55f57b4fd3d73125
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

clang-format: re-format for clang-18

clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda forma

clang-format: re-format for clang-18

clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda formatting also changed, so we have made changes to the
organization default style format to better handle lambda formatting.

See I5e08687e696dd240402a2780158664b7113def0e for updated style.
See Iea0776aaa7edd483fa395e23de25ebf5a6288f71 for clang-18 enablement.

Change-Id: Iceec1dc95b6c908ec6c21fb40093de9dd18bf11a
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Fix RemoteRoleMap PATCH operation

RemoteRoleMap "LocalRole" property update fails since there was
conversion missing from redfish privilege to D-bus values

Looks like this commit dropped this chang

Fix RemoteRoleMap PATCH operation

RemoteRoleMap "LocalRole" property update fails since there was
conversion missing from redfish privilege to D-bus values

Looks like this commit dropped this change
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/64325/

This commit fixes this issue

Tested by:
Verified patch operation on RemoteRoleMap

Change-Id: Ic05aa3457a45e98ea5dc8e9dd83e0f1a42772070
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>

show more ...

Support RespondToUnauthenticatedClients PATCH

RespondToUnauthenticatedClients allows users to explicitly select mTLS
as their only authentication mechanism, thus significantly reducing
their code ex

Support RespondToUnauthenticatedClients PATCH

RespondToUnauthenticatedClients allows users to explicitly select mTLS
as their only authentication mechanism, thus significantly reducing
their code exposure to unauthenticated clients.

From the Redfish specification

```
The RespondToUnauthenticatedClients property within the
ClientCertificate property within the MFA property of the AccountService
resource controls the response behavior when an invalid certificate is
provided by the client.
• If the property contains true or is not
supported by the service, the service shall not fail the TLS handshake.
This is to allow the service to send error messages or unauthenticated
resources to the client.
• If the property contains false , the service
shall fail the TLS handshake.
```

This commit implements that behavior.

This also has some added benefits in that we no longer have to check the
filesystem for every connection, as TLS is controlled explicitly, and
not whether or not a root cert is in place.

Note, this also implements a TODO to disable cookie auth when using
mTLS. Clients can still use IsAuthenticated to determine if they are
authenticated on request.

Tested:
Run scripts/generate_auth_certs.py to set up a root certificate and
client certificate. This verifies that mTLS as optional has not been
broken. Script succeeds.

```
PATCH /redfish/v1/AccountService
{"MultiFactorAuth": {"ClientCertificate": {"RespondToUnauthenticatedClients": false}}}
```

GET /redfish/v1
without a client certificate now fails with an ssl verification error

GET /redfish/v1
with a client certificate returns the result

```
PATCH /redfish/v1/AccountService
{"MultiFactorAuth": {"ClientCertificate": {"RespondToUnauthenticatedClients": false}}}
With certificate returns non mTLS functionality.
```

Change-Id: I5a9d6d6b1698bff83ab62b1f760afed6555849c9
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Mutual TLS parsing change at runtime

Redfish AccountService[1] defines methods for selecting how to map a
certificate CommonName attribute to a user. These are intended to be a
patch parameter.

Th

Mutual TLS parsing change at runtime

Redfish AccountService[1] defines methods for selecting how to map a
certificate CommonName attribute to a user. These are intended to be a
patch parameter.

This commit implements the Redfish defined schemas; The parsing mode is
stored in the bmcweb persistent configuration file as an integer enum,
with Mapping to the Redfish schema.

To handle OEM specific parsing modes, an enum value of 100+ is defined
to allow the additional OEM parameters. Unfortunately, Redfish doesn't
have a way to represent these today, so those modes are currently not
selectable at runtime.

Now that things are runtime selectable, this obsoletes the option
mutual-tls-common-name-parsing, as it is not longer required at compile
time.

Tested:
GET /redfish/v1/AccountService

returns MultiFactorAuth/ClientCertificate/CertificateMappingAttribute

PATCH /redfish/v1/AccountService
```
{"MultiFactorAuth": {"ClientCertificate": {"CertificateMappingAttribute":"CommonName"}}}
```

Returns 200

[1] https://github.com/DMTF/Redfish-Publications/blob/5b217908b5378b24e4f390c063427d7a707cd308/csdl/AccountService_v1.xml#L1631

Change-Id: I67db0dfa5245a9da973320aab666d12dbd9229e4
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Pass redfishPropertyName earlier argument

It was pointed out that the setDbusProperty method should have an end
that approximately matches dbus-send and busctl set-property in its
arguments, to aid

Pass redfishPropertyName earlier argument

It was pointed out that the setDbusProperty method should have an end
that approximately matches dbus-send and busctl set-property in its
arguments, to aid with debug. This seems reasonable.

Tested: Redfish service validator passes.

Change-Id: Ic20295d93c71c957e3e76704e1eda9da187861b1
Signed-off-by: Ginu George <ginugeorge@ami.com>
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Remove the last instances of json pattern

In the past, we've tried to erradicate the use of
nlohmann::json(initiatlizer_list<...>) because it bloats binary sizes,
as every type is given a new nlohma

Remove the last instances of json pattern

In the past, we've tried to erradicate the use of
nlohmann::json(initiatlizer_list<...>) because it bloats binary sizes,
as every type is given a new nlohmann constructor.

This commit hunts down the last few places where we call this. There is
still 2 remaining in openbmc_dbus_rest after this, but those are variant
accesses that are difficult to triage, and considering it's a less used
api, they're left as is.

Tested: WIP

Change-Id: Iaac24584bb78bb238da69010b511c1d598bd38bc
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Remove openbmc-rest includes

These includes seem to have snuck in. In theory nothing in redfish
should be taking a #include in anything in openbmc-rest.

Tested: Code compiles

Change-Id: Ifec2a9b1

Remove openbmc-rest includes

These includes seem to have snuck in. In theory nothing in redfish
should be taking a #include in anything in openbmc-rest.

Tested: Code compiles

Change-Id: Ifec2a9b18f296870f67b15f98fc44c67050e9e28
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Remove sessions on user password update

When a user's password is changed, existing Redfish sessions for that
user, created with the old password, continue to work.

As per OWASP session management,

Remove sessions on user password update

When a user's password is changed, existing Redfish sessions for that
user, created with the old password, continue to work.

As per OWASP session management, "The session ID must be renewed or
regenerated by the web application after any privilege level change
within the associated user session... Common scenarios to consider
include; password changes, permission changes, or switching from a
regular user role to an administrator role within the web application."
[1] https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html

This commit removes existing user sessions when the user's password is
changed. This commit leaves the current session in place though a new
removeSessionsByUsernameExceptSession().

This commit doesn't completely get us fully to what owasp says but is a
start.

Tested:
Create some users:
```
curl -k -v -X POST -H "Content-Type: application/json" \
https://$bmc/redfish/v1/AccountService/Accounts/ -d \
'{"UserName":"testadminuser","Password":"<password>","RoleId":"Administrator","Enabled":true}'
```

Using basic auth was able to update own password and another user's
password.

Using token auth, verified the current session did not get deleted but
other sessions from that user did.

```
curl -k -H "Content-Type: application/json" -X POST -D headers.txt \
https://${bmc}/redfish/v1/SessionService/Sessions -d \
'{"UserName":"testadminuser", "Password":"<password>"}'
```

```
curl -k -v -X PATCH -H "X-Auth-Token: $token" \
-H "Content-Type:application/json" \
https://$bmc/redfish/v1/AccountService/Accounts/testadminuser \
-d '{"Password":"<password>"}'
```

Verified when changing another user's password all sessions were
dropped.

Change-Id: I4de60b84964a6b29c021dc3a2bece9ed4bc09eac
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>

show more ...

Implement client certificate schemas

The Redfish standard seems to have caught up with some of the OEM
schemas and features we already have, namely MutualTLS and Basic Auth
disablement.

This commit

Implement client certificate schemas

The Redfish standard seems to have caught up with some of the OEM
schemas and features we already have, namely MutualTLS and Basic Auth
disablement.

This commit implements most of the GET parameters for which we already
have backends. ClientCertificate is pointed to the same resources as
TrustStore.

Tested: generate_auth_certificates.py succeeds, and shows a certificate
in ClientCertificate collection

Get AccountService, and ClientAuthentication/Certificates returns
expected values.

Redfish service validator passes.

Change-Id: If18e34e9dfa8f38293fceff288596811afd16d4a
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Bring consistency to config options

The configuration options that exist in bmcweb are an amalgimation of
CROW options, CMAKE options using #define, pre-bmcweb ifdef mechanisms
and meson options usi

Bring consistency to config options

The configuration options that exist in bmcweb are an amalgimation of
CROW options, CMAKE options using #define, pre-bmcweb ifdef mechanisms
and meson options using a config file. This history has led to a lot of
different ways to configure code in the codebase itself, which has led
to problems, and issues in consistency.

ifdef options do no compile time checking of code not within the branch.
This is good when you have optional dependencies, but not great when
you're trying to ensure both options compile.

This commit moves all internal configuration options to:
1. A namespace called bmcweb
2. A naming scheme matching the meson option. hyphens are replaced with
underscores, and the option is uppercased. This consistent transform
allows matching up option keys with their code counterparts, without
naming changes.
3. All options are bool true = enabled, and any options with _ENABLED or
_DISABLED postfixes have those postfixes removed. (note, there are
still some options with disable in the name, those are left as-is)
4. All options are now constexpr booleans, without an explicit compare.

To accomplish this, unfortunately an option list in config/meson.build
is required, given that meson doesn't provide a way to dump all options,
as is a manual entry in bmcweb_config.h.in, in addition to the
meson_options. This obsoletes the map in the main meson.build, which
helps some of the complexity.

Now that we've done this, we have some rules that will be documented.
1. Runtime behavior changes should be added as a constexpr bool to
bmcweb_config.h
2. Options that require optionally pulling in a dependency shall use an
ifdef, defined in the primary meson.build. (note, there are no
options that currently meet this class, but it's included for
completeness.)

Note, that this consolidation means that at configure time, all options
are printed. This is a good thing and allows direct comparison of
configs in log files.

Tested: Code compiles
Server boots, and shows options configured in the default build. (HTTPS,
log level, etc)

Change-Id: I94e79a56bcdc01755036e4e7278c7e69e25809ce
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

AccountService: Add HTTPBasicAuth support

This commit adds HTTPBasicAuth Get/Patch support

Tested By:
Redfish service validator passes.
```
curl -k --user "root:0penBmc" -H "Content-Type: applicat

AccountService: Add HTTPBasicAuth support

This commit adds HTTPBasicAuth Get/Patch support

Tested By:
Redfish service validator passes.
```
curl -k --user "root:0penBmc" -H "Content-Type: application/json" -X PATCH -d '{"HTTPBasicAuth":"Enabled"}' https://192.168.7.2/redfish/v1/AccountService
```

Succeeds with various values.
Enabled: Basic auth succeeds.
Disabled: Basic auth no longer works. AccountService reports "Disabled"
For HTTPBasicAuth status.

Change-Id: Ic417bf3cd4135f05ab34c8613c7fbce953157b03
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Stage 2 refactor LDAP parameters

ReadJsonObject isn't required for cases where we don't have a list of
structures, and ideally we should consolidate all fixed readJson calls
in one place (and not ha

Stage 2 refactor LDAP parameters

ReadJsonObject isn't required for cases where we don't have a list of
structures, and ideally we should consolidate all fixed readJson calls
in one place (and not have multi-depth readJson calls).

This commit moves all the calls up, and consolidates all the LDAP patch
params into a single struct that can be moved between the layers, rather
than having the parameters individually.

Tested: Does LDAP work anymore? Could use some help if anyone has test
scripts, otherwise code compiles and this is inspection only, but
similar to other mechanical changes we've made recently

Change-Id: I77c0a8b97d4783fdca875c86d7dace122a0a55d7
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Fix account service

Session might not be initialized, and might be nullptr.

This line was accessing the session BEFORE the nullptr check. Move it
to after. Found using static analysis.

Change-Id

Fix account service

Session might not be initialized, and might be nullptr.

This line was accessing the session BEFORE the nullptr check. Move it
to after. Found using static analysis.

Change-Id: I966c642aee7c76a29c7d0d57d3b78f5f7bef7d62
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Fix moves/forward

Clang has new checks for std::move/std::forward correctness, which
catches quite a few "wrong" things where we were making copies of
callback handlers.

Unfortunately, the lambda s

Fix moves/forward

Clang has new checks for std::move/std::forward correctness, which
catches quite a few "wrong" things where we were making copies of
callback handlers.

Unfortunately, the lambda syntax of

callback{std::forward<Callback>(callback)}

in a capture confuses it, so change usages to
callback = std::forward<Callback>(callback)

to be consistent.

Tested: Redfish service validator passes.

Change-Id: I7a111ec00cf78ecb7d5f5b102c786c1c14d74384
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Clean up Account Service to use readJson

Use multiple level direct read.

Tested: Visual only. Need help if anyone wants to test.

Change-Id: I67c77bdd42a05a42f9cd1b40dc74517dceebdaad
Signed-off-by:

Clean up Account Service to use readJson

Use multiple level direct read.

Tested: Visual only. Need help if anyone wants to test.

Change-Id: I67c77bdd42a05a42f9cd1b40dc74517dceebdaad
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Create Redfish specific setProperty call

There are currently 78 sdbusplus::asio::setProperty calls in
redfish-core. The error handler for nearly all of them looks something
like:

```
if (ec)
{

Create Redfish specific setProperty call

There are currently 78 sdbusplus::asio::setProperty calls in
redfish-core. The error handler for nearly all of them looks something
like:

```
if (ec)
{
const sd_bus_error* dbusError = msg.get_error();
if ((dbusError != nullptr) &&
(dbusError->name ==
std::string_view(
"xyz.openbmc_project.Common.Error.InvalidArgument")))
{
BMCWEB_LOG_WARNING("DBUS response error: {}", ec);
messages::propertyValueIncorrect(asyncResp->res, "<PropertyName>", <PropertyValue>);
return;
}
messages::internalError(asyncResp->res);
return;
}
messages::success(asyncResp->res);

```

In some cases there are more errors handled that translate to more error
messages, but the vast majority only handle InvalidArgument. Many of
these, like the ones in account_service.hpp, do the error handling in a
lambda, which causes readability problems. This commit starts to make
things more consistent, and easier for trivial property sets.

This commit invents a setDbusProperty method in the redfish namespace
that tries to handle all DBus errors in a consistent manner. Looking
for input on whether this will work before changing over the other 73
calls. Overall this is less code, fewer inline lambdas, and defaults
that should work for MOST use cases of calling an OpenBMC daemon, and
fall back to more generic errors when calling a "normal" dbus daemon.

As part of this, I've ported over several examples. Some things that
might be up in the air:
1. Do we always return 204 no_content on property sets? Today there's a
mix of 200, with a Base::Success message, and 204, with an empty body.
2. Do all DBus response codes map to the same error? A majority are
covered by xyz.openbmc_project.Common.Error.InvalidArgument, but there
are likely differences. If we allow any daemon to return any return
code, does that cause compatibility problems later?

Tested:
```
curl -k --user "root:0penBmc" -H "Content-Type: application/json" -X PATCH -d '{"HostName":"openbmc@#"}' https://192.168.7.2/redfish/v1/Managers/bmc/EthernetInterfaces/eth0
```

Returns the appropriate error in the response
Base.1.16.0.PropertyValueIncorrect

Change-Id: If033a1112ba516792c9386c997d090c8f9094f3a
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Fix unused variable warning in LDAP

It's not clear how this came to be the way it is, but tidy now warns
that this variable is unused (which it is).

Refactor the LDAP code to not use the variable,

Fix unused variable warning in LDAP

It's not clear how this came to be the way it is, but tidy now warns
that this variable is unused (which it is).

Refactor the LDAP code to not use the variable, and to use concrete
object_t and array_t

Tested: Redfish service validator passes.

Change-Id: I0c106d10594a396d506bf9865cb29d4a10a372a1
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Fix redundant init issues

clang-tidy-18 must've fixed their checking for these in headers.
Resolve as the robot commands.

Tested: Noop changes made by tidy. Code compiles.

Change-Id: I1de7686c597

Fix redundant init issues

clang-tidy-18 must've fixed their checking for these in headers.
Resolve as the robot commands.

Tested: Noop changes made by tidy. Code compiles.

Change-Id: I1de7686c597deffb0df91c30dae1a29f9ba7900e
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...