Current Series Release Notes¶

5.10.0-7¶

Adds configurable TLS settings to the Sushy class constructor to allow operators to specify minimum TLS protocol versions and cipher suites for HTTPS connections to Redfish BMCs.
- tls_min_version: Minimum TLS version to use for HTTPS connections. Supported values are ‘1.1’, ‘1.2’, and ‘1.3’. If not specified, the default TLS version negotiation is used. Note that TLS 1.1 is deprecated and should only be used for compatibility with legacy BMC hardware.
- tls_ciphers: Colon-separated list of allowed cipher suites in OpenSSL format for HTTPS connections. If not specified, the default cipher suites are used.
This change is fully backwards compatible. When TLS settings are provided, a custom HTTPAdapter is mounted that configures an ssl.SSLContext with the specified settings. This allows operators to enforce security policies requiring specific TLS versions or cipher suites when communicating with BMCs.

The CD-to-UsbCd boot source override is now applied unconditionally to all Supermicro machines. Users running older ARS-111GL-NHR firmware where ‘Cd’ was the correct virtual media device string will need to upgrade their BMC firmware.

Fixes virtual media insertion on BMCs (such as Cisco C845A M8 with Redfish Base.1.18.1) that return ActionParameterMissing for the missing TransferProtocolType parameter without including a RelatedProperties field in the error response. The is_transfer_protocol_required method now also checks for the parameter name in MessageArgs as a fallback.

Fixes a bug where the connect_timeout parameter caused an Invalid timeout error on any HTTP retry inside Connector._op(). When connect_timeout is set, the timeout is wrapped into a (connect, read) tuple, but on recursive retries (server-side errors, re-authentication, or redirect following) the already-wrapped tuple was wrapped again, producing a nested tuple like (30, (30, 60)) that the requests library rejects. The timeout tuple is now passed through unchanged on retries. See LP#2146416.

Fixes virtual media boot failure on Supermicro ARS-111GL-NHR with newer BMC firmware, where the virtual media device string has changed back to ‘UsbCd’ consistent with other Supermicro servers. The model-specific exception that previously skipped the CD-to-UsbCd override for this model has been reverted.

Some Redfish implementations advertise collection members in their JSON responses that don’t actually exist. For example, the HGX board lists LogServices/FDR as a member, but returns 404 when sushy tries to fetch it. This causes sushy to fail during System initialization. We now handle those gracefully by allowing get_members() to catch ResourceNotFoundError for individual members.