Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / 834d99ba6b7b06b73378ea62f56f0b25cf80e1ec^! / .
commit834d99ba6b7b06b73378ea62f56f0b25cf80e1ec[log] [tgz]
authorMyung Bae <myungbae@us.ibm.com>Sun Aug 03 11:33:43 2025 -0500
committerEd Tanous <ed@tanous.net>Mon Aug 11 23:57:57 2025 +0000
tree2ff25cccaba0ef8407d51ef9dba69988c63c4856
parent2c6f32a9e11e41ece5e2b103870c9a5795719320 [diff]
Fix handling of ssl_key_handler for WebUI

The previous commit 90cd2e1 [1] causes WebUI to fail to load and
connect.  It is because a global static var (`hasWebuiRoute`) is
instantiated per compile unit and it ends up causing the inconsistency
of the value of it.

Tested:
- Verify WebUI to load successful
- Redfish Service Validator passes

[1] https://github.com/openbmc/bmcweb/commit/90cd2e1d2e2228b0c575c9a3b6b2dc75eac9eb68

Change-Id: I09c3a9a831528e25c09299b0ee15993974d94d88
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

diff --git a/include/forward_unauthorized.hpp b/include/forward_unauthorized.hpp
index 8914602..3891077 100644
--- a/include/forward_unauthorized.hpp
+++ b/include/forward_unauthorized.hpp

@@ -15,8 +15,11 @@
 namespace forward_unauthorized
 {
 
-// NOLINTNEXTLINE(cppcoreguidelines-avoid-non-const-global-variables)
-static bool hasWebuiRoute = false;
+inline bool& hasWebuiRoute()
+{
+    static bool webuiRoute = false;
+    return webuiRoute;
+}
 
 inline void sendUnauthorized(std::string_view url,
                              std::string_view xRequestedWith,
@@ -28,7 +31,7 @@
             accept, http_helpers::ContentType::HTML, false /*allowWildcard*/))
     {
         // If we have a webui installed, redirect to that login page
-        if (hasWebuiRoute)
+        if (hasWebuiRoute())
         {
             boost::urls::url forward =
                 boost::urls::format("/?next={}#/login", url);

diff --git a/include/webassets.hpp b/include/webassets.hpp
index aa57230..baa16c4 100644
--- a/include/webassets.hpp
+++ b/include/webassets.hpp

@@ -216,7 +216,7 @@
 
     if (webpath == "/")
     {
-        forward_unauthorized::hasWebuiRoute = true;
+        forward_unauthorized::hasWebuiRoute() = true;
     }
 
     app.routeDynamic(webpath)(

diff --git a/src/ssl_key_handler.cpp b/src/ssl_key_handler.cpp
index f1442b9..c36841b 100644
--- a/src/ssl_key_handler.cpp
+++ b/src/ssl_key_handler.cpp

@@ -553,7 +553,7 @@
         mode |= boost::asio::ssl::verify_peer;
         mode |= boost::asio::ssl::verify_fail_if_no_peer_cert;
     }
-    else if (!forward_unauthorized::hasWebuiRoute)
+    else if (!forward_unauthorized::hasWebuiRoute())
     {
         // This is a HACK
         // If the webui is installed, and TLSSTrict is false, we don't want to