diff options
author | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2019-03-02 22:11:41 +0530 |
---|---|---|
committer | Tom Joseph <tomjoseph@in.ibm.com> | 2019-03-25 11:56:41 +0000 |
commit | 7e5d38d2fb51fc746624ff2f2b3701cea245a8fb (patch) | |
tree | 54ce91e11925fde20cd7bfc178177281726208bc | |
parent | b9631f8edf351990ed19f8708ded88be6d24c31b (diff) | |
download | phosphor-net-ipmid-7e5d38d2fb51fc746624ff2f2b3701cea245a8fb.tar.gz phosphor-net-ipmid-7e5d38d2fb51fc746624ff2f2b3701cea245a8fb.zip |
RAKP12: Don't allow user with NOACCESS priv.
Don't allow user to establish session with NOACCESS
user privilege.
Tested-by:
1. Updated the user privilege to NO_ACCESS and verified
RMCP+ session establishement errors out.
Change-Id: I787a787a3198a7e0550ac01962e69aab0041cccf
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
-rw-r--r-- | command/rakp12.cpp | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/command/rakp12.cpp b/command/rakp12.cpp index 59ca9e3..a8d5171 100644 --- a/command/rakp12.cpp +++ b/command/rakp12.cpp @@ -187,6 +187,12 @@ std::vector<uint8_t> RAKP12(const std::vector<uint8_t>& inPayload, static_cast<uint8_t>(RAKP_ReturnCode::INACTIVE_ROLE); return outPayload; } + if (userAccess.privilege > static_cast<uint8_t>(session::Privilege::OEM)) + { + response->rmcpStatusCode = + static_cast<uint8_t>(RAKP_ReturnCode::INACTIVE_ROLE); + return outPayload; + } session->chNum = chNum; // minimum privilege of Channel / User / session::privilege::USER/CALLBACK / // has to be used as session current privilege level |