commit | 3909dc82a003893812f598434d6c4558107afa28 | [log] [tgz] |
---|---|---|
author | James Feist <james.feist@linux.intel.com> | Fri Apr 03 10:58:55 2020 -0700 |
committer | James Feist <james.feist@linux.intel.com> | Thu Jul 16 01:02:55 2020 +0000 |
tree | b5c39fbb7d66ad9134a4f0fcecaa12c9346c5752 | |
parent | e7808c93f01081ca12e1b4769691b5ae673f9017 [diff] |
Rework Authorization flow Currently we parse the whole message before authenticating, allowing an attacker the ability to upload a large image, or keep a connection open for the max amount of time easier than it should be. This moves the authentication to the earliest point possible, and restricts unauthenticated users timeouts and max upload sizes. It also makes it so that unauthenticated users cannot keep the connection alive forever by refusing to close the connection. Tested: - login/logout - firmware update - large POST when unauthenticated - timeouts when unauthenticated - slowhttptest Change-Id: Ifa02d8db04eac1821e8950eb85e71634a9e6d265 Signed-off-by: James Feist <james.feist@linux.intel.com>
This component attempts to be a "do everything" embedded webserver for openbmc.
At this time, the webserver implements a few interfaces:
BMCWeb is configured by setting -D
flags that correspond to options in bmcweb/CMakeLists.txt
and then compiling. For example, cmake -DBMCWEB_ENABLE_KVM=NO ...
followed by make
. The option names become C++ preprocessor symbols that control which code is compiled into the program.
When BMCWeb starts running, it reads persistent configuration data (such as UUID and session data) from a local file. If this is not usable, it generates a new configuration.
When BMCWeb SSL support is enabled and a usable certificate is not found, it will generate a self-sign a certificate before launching the server. The keys are generated by the secp384r1
algorithm. The certificate
C=US, O=OpenBMC, CN=testhost
,SHA-256
algorithm.