Put simple update behind an option
4e338b2313f9f2a91aa1fb36693e36a328d58933 Removed tftp update support
from the codebase, but left SimpleUpdate in a non functional state.
Given that a number of forks have implemented the HTTPS/SCP versions of
simple update, we don't want to fully delete the code at this time, so
for the moment put it behind an option flag.
Tested: WIP
Change-Id: Ibab1e3a48ff640787eabf8ed5f7a5c08e3381307
Signed-off-by: Ed Tanous <etanous@nvidia.com>
diff --git a/config/meson.build b/config/meson.build
index be54d2d..3c9fc25 100644
--- a/config/meson.build
+++ b/config/meson.build
@@ -23,6 +23,7 @@
'mutual-tls-auth',
'redfish-aggregation',
'redfish-allow-deprecated-power-thermal',
+ 'redfish-allow-simple-update',
'redfish-use-3-digit-messageid',
'redfish-bmc-journal',
'redfish-cpu-log',
diff --git a/meson.options b/meson.options
index 915f427..d1a9dda 100644
--- a/meson.options
+++ b/meson.options
@@ -340,6 +340,17 @@
''',
)
+# BMCWEB_REDFISH_ALLOW_SIMPLE_UPDATE
+option(
+ 'redfish-allow-simple-update',
+ type: 'feature',
+ value: 'disabled',
+ description: '''Enables Redfish UpdateService SimpleUpdate Action. Note
+ that at this time this option is non-functional. Redfish
+ recommends using MultiPartUpdate.''',
+)
+
+
# BMCWEB_HTTPS_PORT
option(
'https_port',
diff --git a/redfish-core/lib/update_service.hpp b/redfish-core/lib/update_service.hpp
index 74c6f92..243b9ad 100644
--- a/redfish-core/lib/update_service.hpp
+++ b/redfish-core/lib/update_service.hpp
@@ -497,12 +497,8 @@
res, imageURI, "ImageURI", "UpdateService.SimpleUpdate");
return std::nullopt;
}
- // OpenBMC currently only supports TFTP or HTTPS
- if (*transferProtocol == "TFTP")
- {
- imageURI = "tftp://" + imageURI;
- }
- else if (*transferProtocol == "HTTPS")
+ // OpenBMC currently only supports HTTPS
+ if (*transferProtocol == "HTTPS")
{
imageURI = "https://" + imageURI;
}
@@ -1105,22 +1101,19 @@
asyncResp->res.jsonValue["MaxImageSizeBytes"] =
BMCWEB_HTTP_BODY_LIMIT * 1024 * 1024;
- // Update Actions object.
- nlohmann::json& updateSvcSimpleUpdate =
- asyncResp->res.jsonValue["Actions"]["#UpdateService.SimpleUpdate"];
- updateSvcSimpleUpdate["target"] =
- "/redfish/v1/UpdateService/Actions/UpdateService.SimpleUpdate";
-
- nlohmann::json::array_t allowed;
- allowed.emplace_back(update_service::TransferProtocolType::HTTPS);
-
- if constexpr (BMCWEB_INSECURE_PUSH_STYLE_NOTIFICATION)
+ if constexpr (BMCWEB_REDFISH_ALLOW_SIMPLE_UPDATE)
{
- allowed.emplace_back(update_service::TransferProtocolType::TFTP);
- }
+ // Update Actions object.
+ nlohmann::json& updateSvcSimpleUpdate =
+ asyncResp->res.jsonValue["Actions"]["#UpdateService.SimpleUpdate"];
+ updateSvcSimpleUpdate["target"] =
+ "/redfish/v1/UpdateService/Actions/UpdateService.SimpleUpdate";
- updateSvcSimpleUpdate["TransferProtocol@Redfish.AllowableValues"] =
- std::move(allowed);
+ nlohmann::json::array_t allowed;
+ allowed.emplace_back(update_service::TransferProtocolType::HTTPS);
+ updateSvcSimpleUpdate["TransferProtocol@Redfish.AllowableValues"] =
+ std::move(allowed);
+ }
asyncResp->res
.jsonValue["HttpPushUriOptions"]["HttpPushUriApplyTime"]["ApplyTime"] =
@@ -1324,12 +1317,15 @@
inline void requestRoutesUpdateService(App& app)
{
- BMCWEB_ROUTE(
- app, "/redfish/v1/UpdateService/Actions/UpdateService.SimpleUpdate/")
- .privileges(redfish::privileges::postUpdateService)
- .methods(boost::beast::http::verb::post)(std::bind_front(
- handleUpdateServiceSimpleUpdateAction, std::ref(app)));
-
+ if constexpr (BMCWEB_REDFISH_ALLOW_SIMPLE_UPDATE)
+ {
+ BMCWEB_ROUTE(
+ app,
+ "/redfish/v1/UpdateService/Actions/UpdateService.SimpleUpdate/")
+ .privileges(redfish::privileges::postUpdateService)
+ .methods(boost::beast::http::verb::post)(std::bind_front(
+ handleUpdateServiceSimpleUpdateAction, std::ref(app)));
+ }
BMCWEB_ROUTE(app, "/redfish/v1/UpdateService/FirmwareInventory/<str>/")
.privileges(redfish::privileges::getSoftwareInventory)
.methods(boost::beast::http::verb::get)(std::bind_front(
diff --git a/test/redfish-core/lib/update_service_test.cpp b/test/redfish-core/lib/update_service_test.cpp
index 3e013e3..6f60043 100644
--- a/test/redfish-core/lib/update_service_test.cpp
+++ b/test/redfish-core/lib/update_service_test.cpp
@@ -13,13 +13,13 @@
namespace
{
-TEST(UpdateService, ParseTFTPPostitive)
+TEST(UpdateService, ParseHTTSPPostitive)
{
crow::Response res;
{
// No protocol, schema on url
std::optional<boost::urls::url> ret =
- parseSimpleUpdateUrl("tftp://1.1.1.1/path", std::nullopt, res);
+ parseSimpleUpdateUrl("https://1.1.1.1/path", std::nullopt, res);
ASSERT_TRUE(ret);
if (!ret)
{
@@ -27,12 +27,12 @@
}
EXPECT_EQ(ret->encoded_host_and_port(), "1.1.1.1");
EXPECT_EQ(ret->encoded_path(), "/path");
- EXPECT_EQ(ret->scheme(), "tftp");
+ EXPECT_EQ(ret->scheme(), "https");
}
{
// Protocol, no schema on url
std::optional<boost::urls::url> ret =
- parseSimpleUpdateUrl("1.1.1.1/path", "TFTP", res);
+ parseSimpleUpdateUrl("1.1.1.1/path", "HTTPS", res);
ASSERT_TRUE(ret);
if (!ret)
{
@@ -40,12 +40,12 @@
}
EXPECT_EQ(ret->encoded_host_and_port(), "1.1.1.1");
EXPECT_EQ(ret->encoded_path(), "/path");
- EXPECT_EQ(ret->scheme(), "tftp");
+ EXPECT_EQ(ret->scheme(), "https");
}
{
// Both protocol and schema on url
std::optional<boost::urls::url> ret =
- parseSimpleUpdateUrl("tftp://1.1.1.1/path", "TFTP", res);
+ parseSimpleUpdateUrl("https://1.1.1.1/path", "HTTPS", res);
ASSERT_TRUE(ret);
if (!ret)
{
@@ -53,7 +53,7 @@
}
EXPECT_EQ(ret->encoded_host_and_port(), "1.1.1.1");
EXPECT_EQ(ret->encoded_path(), "/path");
- EXPECT_EQ(ret->scheme(), "tftp");
+ EXPECT_EQ(ret->scheme(), "https");
}
}
@@ -127,23 +127,14 @@
}
}
-TEST(UpdateService, ParseTFTPNegative)
+TEST(UpdateService, ParseHTTPSNegative)
{
crow::Response res;
// No protocol, no schema
ASSERT_EQ(parseSimpleUpdateUrl("1.1.1.1/path", std::nullopt, res),
std::nullopt);
// No host
- ASSERT_EQ(parseSimpleUpdateUrl("/path", "TFTP", res), std::nullopt);
-
- // No host
- ASSERT_EQ(parseSimpleUpdateUrl("path", "TFTP", res), std::nullopt);
-
- // No path
- ASSERT_EQ(parseSimpleUpdateUrl("tftp://1.1.1.1", "TFTP", res),
- std::nullopt);
- ASSERT_EQ(parseSimpleUpdateUrl("tftp://1.1.1.1/", "TFTP", res),
- std::nullopt);
+ ASSERT_EQ(parseSimpleUpdateUrl("/path", "HTTPS", res), std::nullopt);
}
} // namespace
} // namespace redfish