| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit fixes timeout issues when transfering bigger payloads
like update image.
Tested by uploading image:
curl -k -H "X-Auth-Token: $token" -H "Content-Type: application/octet-stream" \
-X POST -T test.tar https://$bmc/upload/image
# slow connection upload (~10kB/s)
curl -k -H "X-Auth-Token: $token" -H "Content-Type: application/octet-stream" \
-X POST -T test.tar https://$bmc/upload/image --limit-rate 10k
Signed-off-by: Jan Sowinski <jan.sowinski@intel.com>
Change-Id: I913136013afb58c97071819288460f4cb64d0d83
|
| |
|
|
|
|
|
|
|
| |
This reverts commit a8086647b103f55116ce4c872e1455ebf1f3e346.
Reason for revert: Restoring commit c00500b as base for upload image issue fix
Change-Id: I1dd5d3fda2d1ee6f4027193a0506d5ca764b01e4
Signed-off-by: Jan Sowinski <jan.sowinski@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit c00500bcb9c5145f5cacb78bbe3dd694fb85ba0a.
Reason: Makes image upload fail
Tested: Image upload works again
requests.post(
'https://{}/redfish/v1/UpdateService'.format(args.address),
data=file.read(), verify=False,
auth=(args.username, args.password))
Change-Id: Iaf780d052d98accdead32e87f468002f5141b19a
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenBMC supports "System" or "bundled" images that contain two or more
firmware images, such as BMC and Host or PSU firmware, making the
resulting image file greater than the current limit of 30MB.
Make the http request body size configurable to allow bigger files to
be uploaded.
Tested:
- Upload a regular BMC image still works.
- Uploading a 50MB firmware image that contains the host fw fails:
$ curl -k -H "X-Auth-Token: $token" -H "Content-Type: application/octet-stream" -X POST -T obmc-phosphor-image-witherspoon-128.ubi.mtd.tar https://${bmc}/upload/image
curl: (52) Empty reply from server
- With the "-DBMCWEB_HTTP_REQ_BODY_LIMIT_MB=128" compile option works:
$ curl -k -H "X-Auth-Token: $token" -H "Content-Type: application/octet-stream" -X POST -T obmc-phosphor-image-witherspoon-128.ubi.mtd.tar https://${bmc}/upload/image
{
"data": "19e6fe13",
"message": "200 OK",
"status": "ok"
}
Change-Id: I0b0e1032c9daf00a01e42ac5ee1c0d979f857d5e
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit fixes issue around Connection class and websockets
- controlling connection lifetime by shared_ptr instead of manual new/delete
- fixed memory leak when upgrading connection to websockets
- removed dangling reference to conn.req in websockets
- fixed lack of reponse for invalid websockets URLs
- fixed not working connections deadline timer
There is no noticable performance impact after switching connection management
to shared pointers. Benchmark results using: wrk https://${bmc}
shared_ptr: 144.29 Requests/sec
new/delete: 144.41 Requests/sec
Tested manually:
performance: wrk https://${bmc}
memory leaks: top
websockets: webui- KVM and VirtualMedia
HTTP GET on random Redfish schemas: postman
Signed-off-by: Jan Sowinski <jan.sowinski@intel.com>
Change-Id: I63f7395ba081a68e7900eae2ed204acd50f58689
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit sets the mutual TLS option to ON by default.
Core mTLS implementation was accepted under this commit:
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/23588
where by default the mTLS was disabled.
Tested:
Manual tests were made to verify if this option turns the
mTLS ON.
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Change-Id: I3bc5f5453d4c4df1cd7ecb0b8868423285b6ab83
|
| |
|
|
|
|
|
|
|
|
| |
I now understand the router properly (as I did a while back). This call
is correct, as "/" and "" are considered the same by the router.
Tested: Comment change, no impact to code.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: Ic6fc17f0e7137bbc3674c2290d10dcdba9b4ed18
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We currently use multiple regex calls to convert specific
fields to links. Rather than continuing to add new regex
calls for individual link types, we can use one regex to
convert all '/redfish/' paths to links.
Tested:
Checked that all provided redfish paths are converted to
links: odata.id, odata.context, nextLink, Uri, etc.
Change-Id: I2f06e2d5ee9b3d88141f1629f168b3667669d93f
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modified the code to make an asynchronous call to GetUserInfo to get
the user role for authorization.
For local users, DBus matches are used to store user role map hot in
memory. Hence, bmcweb has to know whether a user is a local user or
LDAP user to get the role. To avoid this, removed the existing DBus
matches and modified the code to call GetUserInfo to get the role of
local users as well as LDAP users.
Tested:
- Created a local user having admin privilege and verified that he is
able to restart the system
/redfish/v1/Systems/system/Actions/ComputerSystem.Reset
-d '{"ResetType": "GracefulRestart"}'
- Created a local user having user privilege and verified that he is
unauthorized to restart the system
/redfish/v1/Systems/system/Actions/ComputerSystem.Reset
-d '{"ResetType": "GracefulRestart"}'
- Created a remote user having admin privilege and verified that he is
able to restart the system
/redfish/v1/Systems/system/Actions/ComputerSystem.Reset
-d '{"ResetType": "GracefulRestart"}'
- Created a remote user having user privilege and verified that he is
unauthorized to restart the system
/redfish/v1/Systems/system/Actions/ComputerSystem.Reset
-d '{"ResetType": "GracefulRestart"}'
- Tested Redfish ConfigureSelf privilege
Signed-off-by: RAJESWARAN THILLAIGOVINDAN <rajeswgo@in.ibm.com>
Change-Id: Ic3e46a0c0aff2cf456c98048350e58e302011c57
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This new value will be used by javascript in phosphor-webui
to perform login-less authentication.
Tested:
Manually tests were performed on Chrome browser.
Having enabled and configured mTLS user is able
to authenticate with proper certificates.
The login page is not displayed unless user logs out.
Appropriate phosphor-webui changes can be found here:
https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-webui/+/27851
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Change-Id: Iac76459e1843a5c8bd2287c6e078319aebedfdcc
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit is a fix for revert:
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/27205
The mTLS will work only when:
* Compilation flag BMCWEB_ENABLE_MUTUAL_TLS_AUTHENTICATION is
enabled and,
* AccountService->Oem->OpenBMC->AuthMethods->TLS is set and,
* at least one certificate is uploaded to TrustStore.
To enforce a new mTLS settings after switching AuthMethods->TLS
all awaiting for acceptance connections are dropped.
In case of authorized mTLS requests a cookie with XSRF-TOKEN entry
and SESSION is added to response. It will force the X-XSRF-TOKEN
challenge in case of applications supporting cookies like web
browsers.
Also some minor log messages changes were made in this commit.
Tested:
validator_service run with status: 'Validation has succeeded'.
Tests were made with Chrome browser Version 78.0.3904.108.
The certificate popup appears only when mTLS is enabled in CMake,
the TLS option is set and at least one CA certificate is present.
In other cases mTLS is not active and there is no popup for certs.
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Change-Id: I778b848b767356b60386694f802a89b3c1f6cb14
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 5e931ae994307babe6c3520cbaca6a7139acc81d.
Reason for revert: Causing build failures
/bmcweb/redfish-core/include/node.hpp: In member function ‘bool redfish::Node::isAllowedWithoutConfigureSelf(const crow::Request&)’:
/bmcweb/redfish-core/include/node.hpp:182:36: error: ‘crow::persistent_data::UserRoleMap’ has not been declared
crow::persistent_data::UserRoleMap::getInstance().getUserRole(
When 900f949773795141266271107219ea019f2839cd was merged first
this patch was not successfully rebased.
Change-Id: I947d96362c7dadea5572888468a11fac5ee361d4
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modified the code to make an asynchronous call to GetUserInfo to get
the user role for authorization.
For local users, DBus matches are used to store user role map hot in
memory. Hence, bmcweb has to know whether a user is a local user or
LDAP user to get the role. To avoid this, removed the existing DBus
matches and modified the code to call GetUserInfo to get the role of
local users as well as LDAP users.
Tested:
- Created a local user having admin privilege and verified that he is
able to restart the system
/redfish/v1/Systems/system/Actions/ComputerSystem.Reset
-d '{"ResetType": "GracefulRestart"}'
- Created a local user having user privilege and verified that he is
unauthorized to restart the system
/redfish/v1/Systems/system/Actions/ComputerSystem.Reset
-d '{"ResetType": "GracefulRestart"}'
- Created a remote user having admin privilege and verified that he is
able to restart the system
/redfish/v1/Systems/system/Actions/ComputerSystem.Reset
-d '{"ResetType": "GracefulRestart"}'
- Created a remote user having user privilege and verified that he is
unauthorized to restart the system
/redfish/v1/Systems/system/Actions/ComputerSystem.Reset
-d '{"ResetType": "GracefulRestart"}'
Signed-off-by: RAJESWARAN THILLAIGOVINDAN <rajeswgo@in.ibm.com>
Change-Id: Ifd813e1af4dfcb7aeaba18e04b6c9767d2a5e95a
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some log messages were not following logging format used in this
file, after this change logs from the http_connection.h file
should be coherent.
Also changing log level of one of messages in ‘doRead’ function.
Tested: Manually, the bmcweb was build with logging enabled and
tested by journalctl log verification.
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Change-Id: I6c96124cbc3b5ef96bfdca57f04c834728f52fe6
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nbd-proxy is responsible for exposing websocket endpoint in bmcweb.
It matches WS endpoints with unix socket paths using configuration
exposed on D-Bus by Virtual-Media.
Virtual-Media is then notified about unix socket availability through
mount/unmount D-Bus methods.
Currently, this feature is disabled by default.
Tested: Integrated with initial version of Virtual-Media.
Change-Id: I9c572e9841b16785727e5676fea1bb63b0311c63
Signed-off-by: Iwona Klimaszewska <iwona.klimaszewska@intel.com>
Signed-off-by: Przemyslaw Czarnowski <przemyslaw.hawrylewicz.czarnowski@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sessions implementation previously used operator== for session
comparisons. While unlikely to be attackable in the current
implementation, due to the time smearing in a number of cases, modern
security practices recommend using constant time comparison.
Tested By:
Logged into the webui, and observed no change to login flows. Logged
into redfish using Token Auth, and observed no changes. Closed a
previous session, then reopened with the new session information to
verify user sessions are restored properly and still work.
Change-Id: Ie759e4da67ba004fd8c327f177951ac756ea6799
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This patch is about fixing mTLS access to URL requiring Administrator
or Opeartor privileges (e.g. /redfish/v1/AccountService).
Tested manually with cURL:
- prepare and install CA certificate,
- call GET to the url=/redfish/v1/AccountService,
- verify whether got status=200 and proper body in the response.
Signed-off-by: Zbigniew Lukwinski <zbigniew.lukwinski@linux.intel.com>
Change-Id: I65109bffadf4f1d6d410cd303687b6da55fd1be0
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
User is now able to turn on and off the TLS authentication method.
Tested:
No regression found in manual testing. By default everything works
as before, and disabling TLS method prevents user to authenticate
by it.
Tested with Redfish Service Validator, version 1.2.8
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Change-Id: Ib7be1af659db568caa7e5b97e3844617586d7754
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
clang-tidy has checks for bugprone constructs. In this case, self
assignment is handled poorly by this object. There is nowhere in the
code where we do this, but add the check anyway to silence the warning.
Background:
https://clang.llvm.org/extra/clang-tidy/checks/bugprone-unhandled-self-assignment.html
Tested:
clang-tidy now passes. Code still compiles.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: I49b6d6e08165b23114a7f46f305523acfbb32241
|
| |
|
|
|
|
|
|
|
|
| |
This was an automatic change made by clang-tidy. It moves all uses of
NULL to nullptr, which are equivalent, but nullptr is prefered.
Tested: Code compiles.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: I9526599b222693c9723a69934b599c7a5b5d1fbf
|
| |
|
|
|
|
|
|
|
| |
modernize-use-bool-literals flagged one violation in the code.
Tested: No functional change.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: Iccfa7a88e7df0b7e7434fadd549c2f816c98a46e
|
| |
|
|
|
|
|
|
|
|
| |
Modern c++ prefers setting default destructors to =default
Tested: clang-tidy modernize-use-equals-default now passes
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: I9ca746473263abfe2330b7c3e2fe645cf96112f3
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implemented TLS based user auth. It utilizes certificates stored by
Phosphor Certificate Manager in storage mode, to verify that user
that tries to log in, has a certificate signed by a trusted CA.
More about this can be read in redfish-tls-user-authentication.md design
document.
Tested that it does not break current authentication methods, when not
using TLS Auth - user should not see difference between versions. TLS Auth
itself allows user in when certificate is signed by trusted CA and valid, and
stops working immediatley after it is removed. User is not let in when provided
certificate is not between notBefore and notAfter dates. Session is tested to
not be created when user does not exist in the system (courtesy of earlier
UserManagement usage commits).
Signed-off-by: Kowalski, Kamil <kamil.kowalski@intel.com>
Change-Id: I6bcaff018fe3105f77d3c10f69765e0011af8dab
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
clang-tidy flags these variables as having lifetime issues given that
they point to compile time parameters, resolve the error:
Tested: Code compiles, clang-tidy no longer returns an error on that
line.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: Iaa0da0c346786a79a6e66877082c3716bcffdf69
|
| |
|
|
|
|
|
|
|
|
| |
Now that we have constexpr if, clean this check up a bit
Tested: no functional change
Change-Id: Ia3541b056a502b0136c89c7e543ddc0b708f722b
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Signed-off-by: James Feist <james.feist@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If bmcweb is compiled with NON SSL mode then
HTTP/websocket connection upgrade was not happening
This commit fixes this behavior
TestedBy: Sent a websocket request in non secure mode
and the websocket handshake was working
ws://{ip}/vm/0/0 to verify this
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>
Change-Id: I33ca950cedf591f66f4d68514d48d3b9c9fec421
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This is fix for issue #107.
Tested:
Reproduction steps from #107 was followed. mTLS way of authentication
was used. As a result connection try based on user certificate
generated from already replaced CA certificate was dropped. Bmcweb
didn't allow make such connection.
Change-Id: I4709927b5fc108e5b26b7db1981ae77c6aa8a5bf
Signed-off-by: Zbigniew Lukwinski <zbigniew.lukwinski@linux.intel.com>
|
|
|
Recently, a number of people in the community have made the (admittedly
easy) mistake that we use a significant portion of crow.
Today, we use crow for the router, and the "app" structure, and even
those have been significantly modified to meet the bmc needs. All other
components have been replaced with Boost beast. This commit removes the
crow mentions from the Readme, and moves the crow folder to "http" to
camouflage it a little. No code content has changed.
Tested:
Code compiles. No functional change made to any executable code.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: Iceb57b26306cc8bdcfc77f3874246338864fd118
|
