| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
Marri Devender Rao (1):
Modify unit test cases to cater for Certificate D-Bus object
(From meta-phosphor rev: 86b8529e34cecaaa61dbdef4d101e4c2c7ea7515)
Change-Id: I4ecff9a81fb39ec472f952f0f1d79ff2ffc272f6
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
A number of corequisites exist so squashing these all into one patch.
meta-ingrasys - refresh master bc513127f4..67bcaf389f
meta-hxt - refresh master 86a4df514f..8fe0d38bbb
meta-phosphor - refresh master 06c09d7cce..df6ddae3d2
meta-quanta - refresh master 4f126361a1..53f3025271
Change-Id: I3daeef2a0467d8ea4f1fd1c617e526f8b11258af
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Patrick Venture (1):
build: install into bin instead of sbin
(From meta-phosphor rev: 83ef054cd29bdfa12bbab4f58de2b7313409b1fe)
Change-Id: I72a19eeaaeb71569929c41451b864971a037fb42
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Dhruvaraj Subhashchandran (1):
Add method to update certificate properities.
Marri Devender Rao (4):
Refactor code for uploading different types of certificates
Create cerificate object during startup for existing certificate
Implement Certificate and Install interface
Support creation/deletion of D-Bus certificate object
(From meta-phosphor rev: 44f319eaf27fd0d388e69d0072790dab76f1c366)
Change-Id: I79e3cb5ea0b3c04347fd6085fd4f44bc401ee06a
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the config recipe packages will create symlinks to the certificate
manager template, RDEPEND rather than RRECOMMEND on the certificate
manager package (which provides the template).
Avoid obmc-phosphor-systemd. Enabling systemd units is the realm of
packaging scripts and the SYSTEMD_LINK feature in obmc-phosphor-systemd
implements this incorrectly. Just directly code install, pkg_postinst
and pkg_prerm here rather than trying to fix obmc-phosphor-systemd - the
extra indirection is more harmful to ease of comprehension for seasoned
Yocto developers than the couple of lines of code it saves.
(From meta-phosphor rev: 1a4e65e5847e299348b5f28ffa2b4b1837769deb)
Change-Id: Ideb12d62461b3b18ff5c92f3a76f1aa20c94a269
Tested: Built witherspoon image and verified rootfs unchanged.
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
nginx is not supported same will be replaced by bmcweb
Removed certificate manager service file and configuration file
(From meta-phosphor rev: df947512e69e2a5a949d4a6dc8eaa93ab961a439)
Change-Id: I3b856ced972f7494048317d1f28d321aef02f8c0
Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Patrick Venture (1):
build: pkg anti-pattern: use defaults
(From meta-phosphor rev: 1c6f584e01056f7ae70dd0d92bcfd7d91460230d)
Change-Id: I9d0cb3e4ecbcc205b6bbd908156b07f6bfcbde95
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Patrick Venture (7):
build: Add missing inclusion of phosphor-logging
build: add requirement for openssl to configure_ac
build: add check for experimental/filesystem
test: delete empty parameters
build: add gtest, gmock to configure_ac
gitignore: add missing items
test: use tabs in Makefile_am
(From meta-phosphor rev: 7222db38e730434d22df4e5cd32f8de5f212494e)
Change-Id: I13c037b80ecf36706499fae8e5eab31309f282c5
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added new service to install CA certificate
To start/stop service use commands
systemctl start phosphor-certificate-manager@authority.service
systemctl status phosphor-certificate-manager@authority.service
Tested:
2$ curl -c cjar -b cjar -k -H "Content-Type: application/octet-stream" -X
PUT -T cert.pem https://$BMC_IP//xyz/openbmc_project/certs/authority/ldap
{
"data": null,
"message": "200 OK",
"status": "ok"
}
root@witherspoon-w5:/tmp# systemctl stop phosphor-certificate-manager@authority.service
root@witherspoon-w5:/tmp#
root@witherspoon-w5:/tmp# systemctl start phosphor-certificate-manager@authority.service
root@witherspoon-w5:/tmp#
(From meta-phosphor rev: 139b373080872a96f7c64dfdc46807ed993daff0)
Change-Id: I993f1d7db13212f04022fd562ea058f389b26da9
Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Jayanth Othayoth (2):
Add support to upload CA certificate
Replace std::bind with lambda expressions
(From meta-phosphor rev: d59e4d1ec157a555fc3f9b1b5ece5c9219015173)
Change-Id: Iec6f65df12e1ecd129bbda069f248971b8c9ed14
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Certificate manager restarts the service during upload process
based on the specific service file configuration.
nslcd service already subscribing upload/delete signal and
doing required configuration changes and service restart.
This patch is used to disable the service restart related
actions from certificate manager during activate/delete
process.
(From meta-phosphor rev: 36bfc20bc720fdeaecb7c3a7bb801f9a4d9cbfd7)
Change-Id: I841c276db1ff0f4487f03f5c2032bb0f5576e226
Signed-off-by: Jayanth Othayoth <ojayanth@in.ibm.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Jayanth Othayoth (1):
Certificate manager: Fix application crash for empty units
(From meta-phosphor rev: 8b32c268aaff7a093d20fd9b29d7a88dbb48528f)
Change-Id: Ia0c25e2d44bc93f304b7065bb6ee70d78d867824
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Jayanth Othayoth (1):
Add MAINTAINERS file
(From meta-phosphor rev: 73ded97f4241060a7f1189cc1c284f23d1e7fee6)
Change-Id: Icbe7fb0e4be4b429dbd3ac2d775cf83a9cc431ec
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Deepak Kodihalli (1):
Implement certificate delete
Jayanth Othayoth (5):
Add Certificate verification support
Add Public/Private key compare function
Enable client type certificate install interface
Allow certificate upload for "not yet valid" case
Ignore trust-chain related errors during certificate upload
Marri Devender Rao (3):
Add unit tests for certificate verification
Additional unit test for verification
Add unit test for certificate delete
(From meta-phosphor rev: 90bdaa9cb51039bc78c6c1ccb03e3061bf3a2e52)
Change-Id: I3ad78d37347f38bbab8e37c3e7a2979276e47d17
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Marri Devender Rao (1):
Add unit test for certificate install
(From meta-phosphor rev: 59bdba58dcf34726a1a938d5bcd46475a795bf5b)
Change-Id: Id0c8485e87673f8520be29c636acd0170e7b59c3
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
| |
(From meta-phosphor rev: cb27451978f0228de6b3806c43be39abbac043cb)
Change-Id: I914c482f659fbabf30af34d849b2821ce7932ee8
Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Jayanth Othayoth (1):
Implementation of certificate install interface
(From meta-phosphor rev: 015a5c90697703ace3e713a76c0dbdc0fd46c355)
Change-Id: I23fd26e326d874180b06735f9b824c4d3ac557ef
Signed-off-by: Andrew Geissler <openbmcbump-github@yahoo.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
Add recipe and service files to start/stop nginx and nslcd services
To start/stop nginx service use
systemctl stop phosphor-certificate-manager@nginx.service
systemctl start phosphor-certificate-manager@nginx.service
To start/stop nslcd service use
systemctl stop phosphor-certificate-manager@nslcd.service
systemctl start phosphor-certificate-manager@nslcd.service
(From meta-phosphor rev: 08b55912f01f7a2b53ccc11fb8e508c9c8bc8a14)
Change-Id: Ie55613f8da061f9f948d645086db12be8239beea
Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|