diff options
author | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2018-11-13 19:00:58 +0530 |
---|---|---|
committer | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2018-11-20 11:33:52 +0530 |
commit | 282e79b49e6b36dac304b72ed0e9d065fb5b818c (patch) | |
tree | 511c6dbe5b5f7cfaed3247f1be5524874f65a828 /user_channel/usercommands.cpp | |
parent | f4b2b090a4c67e132d4c22fdc13ecbb261c6147a (diff) | |
download | phosphor-host-ipmid-282e79b49e6b36dac304b72ed0e9d065fb5b818c.tar.gz phosphor-host-ipmid-282e79b49e6b36dac304b72ed0e9d065fb5b818c.zip |
Add test & user enabled state in set user password
Support for test password and user enabled state in Set user
password command
Unit Test:
1. Performed user enabled & disabled and verified the state change
2. Performed test user password - both pass & fail condition
Change-Id: I0eb91ad849e43072b1d9e90d777304fabdfb40bc
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Diffstat (limited to 'user_channel/usercommands.cpp')
-rw-r--r-- | user_channel/usercommands.cpp | 39 |
1 files changed, 28 insertions, 11 deletions
diff --git a/user_channel/usercommands.cpp b/user_channel/usercommands.cpp index 0ed5b8f..84e9456 100644 --- a/user_channel/usercommands.cpp +++ b/user_channel/usercommands.cpp @@ -429,25 +429,42 @@ ipmi_ret_t ipmiSetUserPassword(ipmi_netfn_t netfn, ipmi_cmd_t cmd, if (!std::regex_match(passwd.c_str(), std::regex("[a-zA-z_0-9][a-zA-Z_0-9,?:`!\"]*"))) { - log<level::DEBUG>("Invalid password fields", - entry("USER-ID:%d", (uint8_t)req->userId)); + log<level::ERR>("Invalid password fields", + entry("USER-ID:%d", (uint8_t)req->userId)); return IPMI_CC_INVALID_FIELD_REQUEST; } if (!pamUpdatePasswd(userName.c_str(), passwd.c_str())) { - log<level::DEBUG>("Failed to update password", - entry("USER-ID:%d", (uint8_t)req->userId)); - return IPMI_CC_UNSPECIFIED_ERROR; + log<level::ERR>("Failed to update password", + entry("USER-ID:%d", (uint8_t)req->userId)); + return IPMI_CC_INVALID_FIELD_REQUEST; } + return IPMI_CC_OK; } - else + else if (req->operation == enableUser || req->operation == disableUser) { - // TODO: test the password by reading the encrypted file - log<level::ERR>( - "Other operations not implemented - TODO yet to implement"); - return IPMI_CC_INVALID_FIELD_REQUEST; + return ipmiUserUpdateEnabledState(req->userId, + static_cast<bool>(req->operation)); } - return IPMI_CC_OK; + else if (req->operation == testPassword) + { + auto password = ipmiUserGetPassword(userName); + std::string testPassword( + reinterpret_cast<const char*>(req->userPassword), 0, + passwordLength); + // Note: For security reasons password size won't be compared and + // wrong password size completion code will not be returned if size + // doesn't match as specified in IPMI specification. + if (password != testPassword) + { + log<level::DEBUG>("Test password failed", + entry("USER-ID:%d", (uint8_t)req->userId)); + return static_cast<ipmi_ret_t>( + IPMISetPasswordReturnCodes::ipmiCCPasswdFailMismatch); + } + return IPMI_CC_OK; + } + return IPMI_CC_INVALID_FIELD_REQUEST; } void registerUserIpmiFunctions() |