commit | 47c9e106e0057dd70133d50e928e48cbc68e709a | [log] [tgz] |
---|---|---|
author | James Feist <james.feist@linux.intel.com> | Wed Feb 12 13:05:07 2020 -0800 |
committer | Ed Tanous <ed@tanous.net> | Fri Dec 17 20:06:58 2021 +0000 |
tree | 9797400d91e71547b8303474fafd337c42275a98 | |
parent | 163994a86488b62011cddeb0b6edec03dad31587 [diff] |
Change Default of REST D-Bus to OFF REST D-Bus, while providing useful functionality, also allows authenticated users access to privileged information that may be above their permission level. This change sets the default to disabled. Users if they wish can turn it back on in their own layers. A lot of functionality previously provided by REST D-Bus is now available on Redfish with more coming all the time. Note: phosphor-webui uses the REST D-Bus so a user of that will have to enable this in their layer. webui-vue, the replacement for phosphor-webui, uses Redfish. See here [1]. Resolves openbmc/bmcweb/issues/114 [1] https://github.com/openbmc/webui-vue Tested: Rest D-Bus was disabled Change-Id: I35682b113287b3be4e19b033d0296790b204d8e0 Signed-off-by: James Feist <james.feist@linux.intel.com> Signed-off-by: Ali Ahmed <ama213000@gmail.com>
This component attempts to be a "do everything" embedded webserver for openbmc.
At this time, the webserver implements a few interfaces:
BMCWeb is configured by setting -D
flags that correspond to options in bmcweb/meson_options.txt
and then compiling. For example, meson <builddir> -Dkvm=disabled ...
followed by ninja
in build directory. The option names become C++ preprocessor symbols that control which code is compiled into the program.
meson builddir ninja -C builddir
meson builddir -Dbuildtype=minsize -Db_lto=true -Dtests=disabled ninja -C buildir
If any of the dependencies are not found on the host system during configuration, meson automatically gets them via its wrap dependencies mentioned in bmcweb/subprojects
.
meson builddir -Dwrap_mode=nofallback ninja -C builddir
meson builddir -Dbuildtype=debug ninja -C builddir
meson builddir -Db_coverage=true -Dtests=enabled ninja coverage -C builddir test
When BMCWeb starts running, it reads persistent configuration data (such as UUID and session data) from a local file. If this is not usable, it generates a new configuration.
When BMCWeb SSL support is enabled and a usable certificate is not found, it will generate a self-sign a certificate before launching the server. The keys are generated by the secp384r1
algorithm. The certificate
C=US, O=OpenBMC, CN=testhost
,SHA-256
algorithm.