diff options
| author | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2018-03-12 23:42:34 +0530 |
|---|---|---|
| committer | Vernon Mauery <vernon.mauery@linux.intel.com> | 2018-11-20 00:05:33 +0000 |
| commit | 5a6b63694fecdd0b4df40033f31e6c113380f3f1 (patch) | |
| tree | 2a1aba56ee896c6a7764ee7b5fae11f64b49c3f3 /user_channel/usercommands.cpp | |
| parent | ad359eb03bee9ab3886d43e59d7b2ee877f84184 (diff) | |
| download | phosphor-host-ipmid-5a6b63694fecdd0b4df40033f31e6c113380f3f1.tar.gz phosphor-host-ipmid-5a6b63694fecdd0b4df40033f31e6c113380f3f1.zip | |
Basic IPMI User Management Support
Squashed commit containing Basic User Management
implementation
Unit Test:
1. Verified both Host & NetIpmid works fine.
2. Verified user related command responses
commit b46b869c0a3958a572b976b3bbaf6b5f33673778
Author: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Date: Tue Aug 7 15:30:32 2018 +0530
Fix static objects to directly link user layer
User layer library has to be directly linked with netipmid
in order to be used in RAKP commands. Hence user layer
library should not initialize the static bus objects in file
scope, as ipmid_get_sd_bus_connection() won't be available
during this time. Hence moved it under function scope and
initialize it later.
Unit test:
Made sure, with this change it is loaded perfectly under
phosphor-ipmi-host & phosphor-ipmi-net and responding to
all user commands
Change-Id: Id3f2e06580ca41b0347176ca33e011bf7b048c6a
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
commit dc60516c45234379a30ad8b03b1cbe53978faeae
Author: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Date: Tue Aug 7 15:22:37 2018 +0530
Fix to use proper user index for set user name
Fix to use proper user index, instead of bailing out
on first empty index. If user creation is requested on
random index with previous index empty, then signal
handler updates the data in first empty index, instead of
traversing the user list fully. Fix added to mark the first
free index, and still search for match to skip if found.
Unit Test:
Verified that user added in random index shows in that index
using ipmitool set user name command.
Change-Id: I30d9b884a5bae98b243ccf8ba7da194ef81355e6
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
commit 0b9a81a1261b08ea13ad8777d0d80dad937e9972
Author: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Date: Fri Jul 6 15:57:02 2018 +0530
Converting json store to array for user config
Addressed comments to convert to array instead of key
value pair.
Testing: Performed basic testing of user management commands
in both host & netipmid, by repeatedly restarting the same.
Change-Id: I2e51ded3e2299fa196d868213950d96c72886358
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
commit 182c945657b29acaeb13fc44129e0ed929013e59
Author: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Date: Sat Jun 30 00:07:28 2018 +0530
Fix D-Bus paths for user management
Fix D-Bus path as per upstream code in user management
Change-Id: Idb22bee4365520f3d58e70ff61b02d6f6512d707
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
commit cd5e22b16f8805dda396311b06994a9e021e97e9
Author: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Date: Thu Jun 28 06:22:27 2018 +0530
Json format to store user config & cleanup
Code updated to use json format to store and read
the user configuration data. Few basic cleanup's
performed.
Change-Id: I7005f4f2648ccb8214312982a755ddcc6c33e64d
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
commit 95ca9a67a4b84df603db0eb6a7024e9e0e5ad342
Author: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Date: Wed May 30 15:16:47 2018 +0530
Get & Set User Access command implementation
Get & Set User access command implementation
Change-Id: I4f7a86de95400387c47ae556127baa1f02a703b2
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
commit b2dea762362d06b70576dba5f45552d548792cb9
Author: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Date: Fri May 18 23:46:23 2018 +0530
User layer separation.
Separated out user commands from the implementation details,
by creating user layers. App Handler library and netipmid
will directly rely on this user_layer.so
Change-Id: Ie7d4b3a5a934e32da73e066a25da4c27485c59c8
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
commit 63e3113e522ecc7ce6e5aa1c85de4dc9b9a65a7b
Author: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Date: Mon May 7 12:00:06 2018 +0530
Updated user management ipmi support
1. Relying on Object Manager & D-Bus properties signal (except
user rename, for which still relying on user rename signal)
2. Minor clean-up.
Change-Id: I594e7823a2c626bb7c88ec54a3ffa89a60b09c65
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
commit 3e7b774c842917743369569790612d74387c755e
Author: AppaRao Puli <apparao.puli@intel.com>
Date: Tue Apr 24 22:01:15 2018 +0530
Synchronize user manager data during ipmi startup
Synchronizing the user information by reading
all managed user objects from dbus and checking
ipmi user data for any update/delete/add users.
Change-Id: I9e1a62ec9dd186a7276d083a57e679606d635e05
Signed-off-by: AppaRao Puli <apparao.puli@intel.com>
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
commit 92298ac0f591d167b0e26b977316a2b136127778
Author: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Date: Tue Apr 24 21:34:08 2018 +0530
Minor fix: Read user enabled state in signals
Fixed to read user enabled state in signal handlers.
Change-Id: I0aa6c4687c16e08d8e304315e85cb65e9dbd346a
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
commit 8646d2683fc247ce02a0460f9577276eb6e0a581
Author: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Date: Wed Apr 11 22:18:44 2018 +0530
Signal handler update
Support added to handle group, privilege
user rename, enable / disable signal, and
update the database accordingly.
Change-Id: Ia33d063715a35814bbe1f9220e9609b800261e33
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
commit fa411b2c4bbef50175b084889a4829206263ebdb
Author: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Date: Mon Mar 12 23:42:34 2018 +0530
Add Basic user manager support - IPMI
Add basic user manager support in IPMI
Creates user through D-Bus user interface
and sets password using pam_chauthok().
Lock & File reload mechanism also implmeneted.
UserUpdate signal handler support added to update
user in IPMI, when users are updated through
different interfaces.
Change-Id: I1adc538562615109189d7c19dadae0b6a109f4a5
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Change-Id: I1adc538562615109189d7c19dadae0b6a109f4a5
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Diffstat (limited to 'user_channel/usercommands.cpp')
| -rw-r--r-- | user_channel/usercommands.cpp | 473 |
1 files changed, 473 insertions, 0 deletions
diff --git a/user_channel/usercommands.cpp b/user_channel/usercommands.cpp new file mode 100644 index 0000000..0ed5b8f --- /dev/null +++ b/user_channel/usercommands.cpp @@ -0,0 +1,473 @@ +/* +// Copyright (c) 2018 Intel Corporation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +*/ + +#include "usercommands.hpp" + +#include "apphandler.hpp" +#include "user_layer.hpp" + +#include <host-ipmid/ipmid-api.h> +#include <security/pam_appl.h> + +#include <phosphor-logging/log.hpp> +#include <regex> + +namespace ipmi +{ + +using namespace phosphor::logging; + +static constexpr uint8_t maxIpmi20PasswordSize = 20; +static constexpr uint8_t maxIpmi15PasswordSize = 16; +static constexpr uint8_t disableUser = 0x00; +static constexpr uint8_t enableUser = 0x01; +static constexpr uint8_t setPassword = 0x02; +static constexpr uint8_t testPassword = 0x03; + +struct SetUserAccessReq +{ +#if BYTE_ORDER == LITTLE_ENDIAN + uint8_t chNum : 4; + uint8_t ipmiEnabled : 1; + uint8_t linkAuthEnabled : 1; + uint8_t accessCallback : 1; + uint8_t bitsUpdate : 1; + uint8_t userId : 6; + uint8_t reserved1 : 2; + uint8_t privilege : 4; + uint8_t reserved2 : 4; + uint8_t sessLimit : 4; // optional byte 4 + uint8_t reserved3 : 4; +#endif +#if BYTE_ORDER == BIG_ENDIAN + uint8_t bitsUpdate : 1; + uint8_t accessCallback : 1; + uint8_t linkAuthEnabled : 1; + uint8_t ipmiEnabled : 1; + uint8_t chNum : 4; + uint8_t reserved1 : 2; + uint8_t userId : 6; + uint8_t reserved2 : 4; + uint8_t privilege : 4; + uint8_t reserved3 : 4; + uint8_t sessLimit : 4; // optional byte 4 +#endif + +} __attribute__((packed)); + +struct GetUserAccessReq +{ +#if BYTE_ORDER == LITTLE_ENDIAN + uint8_t chNum : 4; + uint8_t reserved1 : 4; + uint8_t userId : 6; + uint8_t reserved2 : 2; +#endif +#if BYTE_ORDER == BIG_ENDIAN + uint8_t reserved1 : 4; + uint8_t chNum : 4; + uint8_t reserved2 : 2; + uint8_t userId : 6; +#endif +} __attribute__((packed)); + +struct GetUserAccessResp +{ +#if BYTE_ORDER == LITTLE_ENDIAN + uint8_t maxChUsers : 6; + uint8_t reserved1 : 2; + uint8_t enabledUsers : 6; + uint8_t enabledStatus : 2; + uint8_t fixedUsers : 6; + uint8_t reserved2 : 2; +#endif +#if BYTE_ORDER == BIG_ENDIAN + uint8_t reserved1 : 2; + uint8_t maxChUsers : 6; + uint8_t enabledStatus : 2; + uint8_t enabledUsers : 6; + uint8_t reserved2 : 2; + uint8_t fixedUsers : 6; +#endif + PrivAccess privAccess; +} __attribute__((packed)); + +struct SetUserNameReq +{ +#if BYTE_ORDER == LITTLE_ENDIAN + uint8_t userId : 6; + uint8_t reserved1 : 2; +#endif +#if BYTE_ORDER == BIG_ENDIAN + uint8_t reserved1 : 2; + uint8_t userId : 6; +#endif + uint8_t userName[16]; +} __attribute__((packed)); + +struct GetUserNameReq +{ +#if BYTE_ORDER == LITTLE_ENDIAN + uint8_t userId : 6; + uint8_t reserved1 : 2; +#endif +#if BYTE_ORDER == BIG_ENDIAN + uint8_t reserved1 : 2; + uint8_t userId : 6; +#endif +} __attribute__((packed)); + +struct GetUserNameResp +{ + uint8_t userName[16]; +} __attribute__((packed)); + +struct SetUserPasswordReq +{ +#if BYTE_ORDER == LITTLE_ENDIAN + uint8_t userId : 6; + uint8_t reserved1 : 1; + uint8_t ipmi20 : 1; + uint8_t operation : 2; + uint8_t reserved2 : 6; +#endif +#if BYTE_ORDER == BIG_ENDIAN + uint8_t ipmi20 : 1; + uint8_t reserved1 : 1; + uint8_t userId : 6; + uint8_t reserved2 : 6; + uint8_t operation : 2; +#endif + uint8_t userPassword[maxIpmi20PasswordSize]; +} __attribute__((packed)); + +ipmi_ret_t ipmiSetUserAccess(ipmi_netfn_t netfn, ipmi_cmd_t cmd, + ipmi_request_t request, ipmi_response_t response, + ipmi_data_len_t dataLen, ipmi_context_t context) +{ + const SetUserAccessReq* req = static_cast<SetUserAccessReq*>(request); + size_t reqLength = *dataLen; + + if (!(reqLength == sizeof(*req) || + (reqLength == (sizeof(*req) - sizeof(uint8_t) /* skip optional*/)))) + { + log<level::DEBUG>("Set user access - Invalid Length"); + return IPMI_CC_REQ_DATA_LEN_INVALID; + } + if (req->reserved1 != 0 || req->reserved2 != 0 || req->reserved3 != 0 || + req->sessLimit != 0 || + (!ipmiUserIsValidChannel(req->chNum) || + (!ipmiUserIsValidPrivilege(req->privilege)))) + // TODO: Need to check for session support and return invalid field in + // request + { + log<level::DEBUG>("Set user access - Invalid field in request"); + return IPMI_CC_INVALID_FIELD_REQUEST; + } + if (!ipmiUserIsValidUserId(req->userId)) + { + log<level::DEBUG>("Set user access - Parameter out of range"); + return IPMI_CC_PARM_OUT_OF_RANGE; + } + // TODO: Determine the Channel number 0xE (Self Channel number ?) + uint8_t chNum = req->chNum; + PrivAccess privAccess = {0}; + if (req->bitsUpdate) + { + privAccess.ipmiEnabled = req->ipmiEnabled; + privAccess.linkAuthEnabled = req->linkAuthEnabled; + privAccess.accessCallback = req->accessCallback; + } + privAccess.privilege = req->privilege; + ipmiUserSetPrivilegeAccess(req->userId, chNum, privAccess, req->bitsUpdate); + + return IPMI_CC_OK; +} + +ipmi_ret_t ipmiGetUserAccess(ipmi_netfn_t netfn, ipmi_cmd_t cmd, + ipmi_request_t request, ipmi_response_t response, + ipmi_data_len_t dataLen, ipmi_context_t context) +{ + const GetUserAccessReq* req = static_cast<GetUserAccessReq*>(request); + size_t reqLength = *dataLen; + + *dataLen = 0; + + if (reqLength != sizeof(*req)) + { + log<level::DEBUG>("Get user access - Invalid Length"); + return IPMI_CC_REQ_DATA_LEN_INVALID; + } + if (req->reserved1 != 0 || req->reserved2 != 0 || + (!ipmiUserIsValidChannel(req->chNum))) + // TODO: Need to check for session support and return invalid field in + // request + { + log<level::DEBUG>("Get user access - Invalid field in request"); + return IPMI_CC_INVALID_FIELD_REQUEST; + } + if (!ipmiUserIsValidUserId(req->userId)) + { + log<level::DEBUG>("Get user access - Parameter out of range"); + return IPMI_CC_PARM_OUT_OF_RANGE; + } + + uint8_t maxChUsers = 0, enabledUsers = 0, fixedUsers = 0; + bool enabledState = false; + // TODO: Determine the Channel number 0xE (Self Channel number ?) + uint8_t chNum = req->chNum; + GetUserAccessResp* resp = static_cast<GetUserAccessResp*>(response); + + std::fill(reinterpret_cast<uint8_t*>(resp), + reinterpret_cast<uint8_t*>(resp) + sizeof(*resp), 0); + + ipmiUserGetAllCounts(maxChUsers, enabledUsers, fixedUsers); + resp->maxChUsers = maxChUsers; + resp->enabledUsers = enabledUsers; + resp->fixedUsers = fixedUsers; + + ipmiUserCheckEnabled(req->userId, enabledState); + resp->enabledStatus = enabledState ? userIdEnabledViaSetPassword + : userIdDisabledViaSetPassword; + ipmiUserGetPrivilegeAccess(req->userId, chNum, resp->privAccess); + *dataLen = sizeof(*resp); + + return IPMI_CC_OK; +} + +ipmi_ret_t ipmiSetUserName(ipmi_netfn_t netfn, ipmi_cmd_t cmd, + ipmi_request_t request, ipmi_response_t response, + ipmi_data_len_t dataLen, ipmi_context_t context) +{ + const SetUserNameReq* req = static_cast<SetUserNameReq*>(request); + size_t reqLength = *dataLen; + *dataLen = 0; + + if (reqLength != sizeof(*req)) + { + log<level::DEBUG>("Set user name - Invalid Length"); + return IPMI_CC_REQ_DATA_LEN_INVALID; + } + if (req->reserved1) + { + return IPMI_CC_INVALID_FIELD_REQUEST; + } + if (!ipmiUserIsValidUserId(req->userId)) + { + log<level::DEBUG>("Set user name - Invalid user id"); + return IPMI_CC_PARM_OUT_OF_RANGE; + } + + return ipmiUserSetUserName(req->userId, + reinterpret_cast<const char*>(req->userName)); +} + +/** @brief implementes the get user name command + * @param[in] netfn - specifies netfn. + * @param[in] cmd - specifies cmd number. + * @param[in] request - pointer to request data. + * @param[in, out] dataLen - specifies request data length, and returns + * response data length. + * @param[in] context - ipmi context. + * @returns ipmi completion code. + */ +ipmi_ret_t ipmiGetUserName(ipmi_netfn_t netfn, ipmi_cmd_t cmd, + ipmi_request_t request, ipmi_response_t response, + ipmi_data_len_t dataLen, ipmi_context_t context) +{ + const GetUserNameReq* req = static_cast<GetUserNameReq*>(request); + size_t reqLength = *dataLen; + + *dataLen = 0; + + if (reqLength != sizeof(*req)) + { + log<level::DEBUG>("Get user name - Invalid Length"); + return IPMI_CC_REQ_DATA_LEN_INVALID; + } + + std::string userName; + if (ipmiUserGetUserName(req->userId, userName) != IPMI_CC_OK) + { // Invalid User ID + log<level::DEBUG>("User Name not found", + entry("USER-ID:%d", (uint8_t)req->userId)); + return IPMI_CC_PARM_OUT_OF_RANGE; + } + GetUserNameResp* resp = static_cast<GetUserNameResp*>(response); + std::fill(reinterpret_cast<uint8_t*>(resp), + reinterpret_cast<uint8_t*>(resp) + sizeof(*resp), 0); + userName.copy(reinterpret_cast<char*>(resp->userName), + sizeof(resp->userName), 0); + *dataLen = sizeof(*resp); + + return IPMI_CC_OK; +} + +int pamFunctionConversation(int numMsg, const struct pam_message** msg, + struct pam_response** resp, void* appdataPtr) +{ + if (appdataPtr == nullptr) + { + return PAM_AUTH_ERR; + } + size_t passSize = std::strlen(reinterpret_cast<char*>(appdataPtr)) + 1; + char* pass = reinterpret_cast<char*>(malloc(passSize)); + std::strncpy(pass, reinterpret_cast<char*>(appdataPtr), passSize); + + *resp = reinterpret_cast<pam_response*>( + calloc(numMsg, sizeof(struct pam_response))); + + for (int i = 0; i < numMsg; ++i) + { + if (msg[i]->msg_style != PAM_PROMPT_ECHO_OFF) + { + continue; + } + resp[i]->resp = pass; + } + return PAM_SUCCESS; +} + +bool pamUpdatePasswd(const char* username, const char* password) +{ + const struct pam_conv localConversation = {pamFunctionConversation, + const_cast<char*>(password)}; + pam_handle_t* localAuthHandle = NULL; // this gets set by pam_start + + if (pam_start("passwd", username, &localConversation, &localAuthHandle) != + PAM_SUCCESS) + { + return false; + } + int retval = pam_chauthtok(localAuthHandle, PAM_SILENT); + + if (retval != PAM_SUCCESS) + { + if (retval == PAM_AUTHTOK_ERR) + { + log<level::DEBUG>("Authentication Failure"); + } + else + { + log<level::DEBUG>("pam_chauthtok returned failure", + entry("ERROR=%d", retval)); + } + pam_end(localAuthHandle, retval); + return false; + } + if (pam_end(localAuthHandle, PAM_SUCCESS) != PAM_SUCCESS) + { + return false; + } + return true; +} + +/** @brief implementes the set user password command + * @param[in] netfn - specifies netfn. + * @param[in] cmd - specifies cmd number. + * @param[in] request - pointer to request data. + * @param[in, out] dataLen - specifies request data length, and returns + * response data length. + * @param[in] context - ipmi context. + * @returns ipmi completion code. + */ +ipmi_ret_t ipmiSetUserPassword(ipmi_netfn_t netfn, ipmi_cmd_t cmd, + ipmi_request_t request, ipmi_response_t response, + ipmi_data_len_t dataLen, ipmi_context_t context) +{ + const SetUserPasswordReq* req = static_cast<SetUserPasswordReq*>(request); + size_t reqLength = *dataLen; + // subtract 2 bytes header to know the password length - including NULL + uint8_t passwordLength = *dataLen - 2; + *dataLen = 0; + + // verify input length based on operation. Required password size is 20 + // bytes as we support only IPMI 2.0, but in order to be compatible with + // tools, accept 16 bytes of password size too. + if (reqLength < 2 || + // If enable / disable user, reqLength has to be >=2 & <= 22 + ((req->operation == disableUser || req->operation == enableUser) && + ((reqLength < 2) || (reqLength > sizeof(SetUserPasswordReq))))) + { + log<level::DEBUG>("Invalid Length"); + return IPMI_CC_REQ_DATA_LEN_INVALID; + } + // If set / test password then password length has to be 16 or 20 bytes + if (((req->operation == setPassword) || (req->operation == testPassword)) && + ((passwordLength != maxIpmi20PasswordSize) && + (passwordLength != maxIpmi15PasswordSize))) + { + log<level::DEBUG>("Invalid Length"); + return IPMI_CC_REQ_DATA_LEN_INVALID; + } + + std::string userName; + if (ipmiUserGetUserName(req->userId, userName) != IPMI_CC_OK) + { + log<level::DEBUG>("User Name not found", + entry("USER-ID:%d", (uint8_t)req->userId)); + return IPMI_CC_PARM_OUT_OF_RANGE; + } + if (req->operation == setPassword) + { + std::string passwd; + passwd.assign(reinterpret_cast<const char*>(req->userPassword), 0, + maxIpmi20PasswordSize); + if (!std::regex_match(passwd.c_str(), + std::regex("[a-zA-z_0-9][a-zA-Z_0-9,?:`!\"]*"))) + { + log<level::DEBUG>("Invalid password fields", + entry("USER-ID:%d", (uint8_t)req->userId)); + return IPMI_CC_INVALID_FIELD_REQUEST; + } + if (!pamUpdatePasswd(userName.c_str(), passwd.c_str())) + { + log<level::DEBUG>("Failed to update password", + entry("USER-ID:%d", (uint8_t)req->userId)); + return IPMI_CC_UNSPECIFIED_ERROR; + } + } + else + { + // TODO: test the password by reading the encrypted file + log<level::ERR>( + "Other operations not implemented - TODO yet to implement"); + return IPMI_CC_INVALID_FIELD_REQUEST; + } + return IPMI_CC_OK; +} + +void registerUserIpmiFunctions() +{ + ipmiUserInit(); + ipmi_register_callback(NETFUN_APP, IPMI_CMD_SET_USER_ACCESS, NULL, + ipmiSetUserAccess, PRIVILEGE_ADMIN); + + ipmi_register_callback(NETFUN_APP, IPMI_CMD_GET_USER_ACCESS, NULL, + ipmiGetUserAccess, PRIVILEGE_OPERATOR); + + ipmi_register_callback(NETFUN_APP, IPMI_CMD_GET_USER_NAME, NULL, + ipmiGetUserName, PRIVILEGE_OPERATOR); + + ipmi_register_callback(NETFUN_APP, IPMI_CMD_SET_USER_NAME, NULL, + ipmiSetUserName, PRIVILEGE_ADMIN); + + ipmi_register_callback(NETFUN_APP, IPMI_CMD_SET_USER_PASSWORD, NULL, + ipmiSetUserPassword, PRIVILEGE_ADMIN); + + return; +} +} // namespace ipmi |
