commit | 5beaf840f15f77474e4c8f1dbdbe8a701f1e7f77 | [log] [tgz] |
---|---|---|
author | Jonathan Doman <jonathan.doman@intel.com> | Fri Aug 14 11:23:33 2020 -0700 |
committer | Jonathan Doman <jonathan.doman@intel.com> | Tue Aug 18 16:29:57 2020 +0000 |
tree | 6c8d2b359a1622bef9ef4f7a27401f6d7436bf0e | |
parent | dc7a793d44b012ba9742c42c3b141b3378591a35 [diff] |
Improve base64Decode bounds checking Index the decode array with an unsigned char rather than a signed int (which could accees outside the bounds of decodingData, leading to undefined behavior). Add unit tests for basic decoding functionality. Remove duplicate unused base64 functions. Tested: ran webtest and observed that previously failing Base64DecodeNonAscii now passes. Also tested basic auth: $ curl -vku root:0penBmc https://<ip>/redfish/v1/Managers/bmc ... < HTTP/1.1 200 OK ... Change-Id: I9f9e32650b1796f9fc0b2b25d482dffa35fac72d Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
This component attempts to be a "do everything" embedded webserver for openbmc.
At this time, the webserver implements a few interfaces:
BMCWeb is configured by setting -D
flags that correspond to options in bmcweb/CMakeLists.txt
and then compiling. For example, cmake -DBMCWEB_ENABLE_KVM=NO ...
followed by make
. The option names become C++ preprocessor symbols that control which code is compiled into the program.
When BMCWeb starts running, it reads persistent configuration data (such as UUID and session data) from a local file. If this is not usable, it generates a new configuration.
When BMCWeb SSL support is enabled and a usable certificate is not found, it will generate a self-sign a certificate before launching the server. The keys are generated by the secp384r1
algorithm. The certificate
C=US, O=OpenBMC, CN=testhost
,SHA-256
algorithm.