1 files changed, 27 insertions, 3 deletions

diff --git a/command/channel_auth.cpp b/command/channel_auth.cpp
index 69b6d98..67ad8c7 100644
--- a/command/channel_auth.cpp
+++ b/command/channel_auth.cpp
@@ -2,6 +2,9 @@
 
 #include <ipmid/api.h>
 
+#include <user_channel/channel_layer.hpp>
+#include <user_channel/user_layer.hpp>
+
 namespace command
 {
 
@@ -9,6 +12,23 @@ std::vector<uint8_t>
     GetChannelCapabilities(const std::vector<uint8_t>& inPayload,
                            const message::Handler& handler)
 {
+    auto request =
+        reinterpret_cast<const GetChannelCapabilitiesReq*>(inPayload.data());
+    if (inPayload.size() != sizeof(*request))
+    {
+        std::vector<uint8_t> errorPayload{IPMI_CC_REQ_DATA_LEN_INVALID};
+        return errorPayload;
+    }
+    uint8_t chNum = ipmi::convertCurrentChannelNum(request->channelNumber);
+    if (!ipmi::isValidChannel(chNum) ||
+        (ipmi::EChannelSessSupported::none ==
+         ipmi::getChannelSessionSupport(chNum)) ||
+        !ipmi::isValidPrivLimit(request->reqMaxPrivLevel))
+    {
+        std::vector<uint8_t> errorPayload{IPMI_CC_INVALID_FIELD_REQUEST};
+        return errorPayload;
+    }
+
     std::vector<uint8_t> outPayload(sizeof(GetChannelCapabilitiesResp));
     auto response =
         reinterpret_cast<GetChannelCapabilitiesResp*>(outPayload.data());
@@ -16,8 +36,7 @@ std::vector<uint8_t>
     // A canned response, since there is no user and channel management.
     response->completionCode = IPMI_CC_OK;
 
-    // Channel Number 1 is arbitrarily applied to primary LAN channel;
-    response->channelNumber = 1;
+    response->channelNumber = chNum;
 
     response->ipmiVersion = 1; // IPMI v2.0 extended capabilities available.
     response->reserved1 = 0;
@@ -31,7 +50,12 @@ std::vector<uint8_t>
     response->KGStatus = 0;       // KG is set to default
     response->perMessageAuth = 0; // Per-message Authentication is enabled
     response->userAuth = 0;       // User Level Authentication is enabled
-    response->nonNullUsers = 1;   // Non-null usernames enabled
+    uint8_t maxChUsers = 0;
+    uint8_t enabledUsers = 0;
+    uint8_t fixedUsers = 0;
+    ipmi::ipmiUserGetAllCounts(maxChUsers, enabledUsers, fixedUsers);
+
+    response->nonNullUsers = enabledUsers > 0 ? 1 : 0; // Non-null usernames
     response->nullUsers = 0;      // Null usernames disabled
     response->anonymousLogin = 0; // Anonymous Login disabled