commit | 596b203317f16ab624d374f811426a516912db25 | [log] [tgz] |
---|---|---|
author | Ed Tanous <edtanous@google.com> | Mon Sep 13 10:32:22 2021 -0700 |
committer | Ed Tanous <ed@tanous.net> | Tue Sep 14 23:41:56 2021 +0000 |
tree | 31de3874779b00640a678169e0499e3d0a35447f | |
parent | 9a69d5a5efde522fccac2fcbf50052a73aaab671 [diff] |
Fill in request earlier Because http connection can possibly fail on a bad host header, we need to fill in the request object earlier in the flow. This has the potential to lead to use after free bugs, although in practice, we have null checks, so it's a lower likelihood. Tested: Ran redfishtool -S Always -A Session -u root -p 0penBmc -vvvvvvvvv -r 192.168.7.2 raw GET /redfish/v1/Managers/bmc and verified it returned a 200 and the managers data structure. Signed-off-by: Ed Tanous <edtanous@google.com> Change-Id: I789d50f67dff14b769ccefacf55530b0b7c5c7cd
This component attempts to be a "do everything" embedded webserver for openbmc.
At this time, the webserver implements a few interfaces:
BMCWeb is configured by setting -D
flags that correspond to options in bmcweb/meson_options.txt
and then compiling. For example, meson <builddir> -Dkvm=disabled ...
followed by ninja
in build directory. The option names become C++ preprocessor symbols that control which code is compiled into the program.
meson builddir ninja -C builddir
meson builddir -Dbuildtype=minsize -Db_lto=true -Dtests=disabled ninja -C buildir
If any of the dependencies are not found on the host system during configuration, meson automatically gets them via its wrap dependencies mentioned in bmcweb/subprojects
.
meson builddir -Dwrap_mode=nofallback ninja -C builddir
meson builddir -Dbuildtype=debug ninja -C builddir
meson builddir -Db_coverage=true -Dtests=enabled ninja coverage -C builddir test
When BMCWeb starts running, it reads persistent configuration data (such as UUID and session data) from a local file. If this is not usable, it generates a new configuration.
When BMCWeb SSL support is enabled and a usable certificate is not found, it will generate a self-sign a certificate before launching the server. The keys are generated by the secp384r1
algorithm. The certificate
C=US, O=OpenBMC, CN=testhost
,SHA-256
algorithm.