summaryrefslogtreecommitdiffstats
path: root/session.hpp
Commit message (Collapse)AuthorAgeFilesLines
* Cache the user & channel acces in sessionRichard Marian Thomaiyar2019-04-021-0/+8
| | | | | | | | | | | | | Instead of querying the user & channel access for every time cache the same during session creation, and use it for enforcements. Tested-by: Verified that RMCP+ session establishment works as expected including INSUFFICIENT_PRIVILEGE error. Change-Id: Ib5a05bd07cc9aabf2625a18090fd905d93489b24 Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
* Return the maximum privilege in open session commandTom Joseph2019-02-121-2/+2
| | | | | | | | | | | | | | | | | | This commit does the following: - Set the maximum privilege role in the session instead of current privilege in the implementation of the open session request/response. - In open session response, return the maximum privilege of the session instead of the current privilege level. - Update RAKP12 and RAKP34 implementation Tested: Checked the session setup works fine with ipmitool and freeipmi utility ipmipower. Change-Id: I41b63b91f08c2ed96856c4db41eedaa878c663e3 Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* RMCP+ login support with privilegeRichard Marian Thomaiyar2018-11-211-3/+8
| | | | | | | | | | | | | Implementation of RMCP login support with appropriate privilege level. Unit Test: 1. Verified that user is able to login without any issues 2. Privilege of the user is minimum of requested, user & channel 3. Unable to set higher privilege using Set session commands Change-Id: I5e9ef21dfc1f1b50aa815562a3a65d90c434877c Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
* netipmid: use libcrypto prng instead of insecure std::randVernon Mauery2018-11-141-1/+2
| | | | | | | | | | | | | std::rand is insecure. Add a simple openssl-crypto wrapper for a similar interface that can replace it. Tested-by: Run ipmitool six times in parallel to see that five independent sessions are created and the sixth one causes the BMC to dump the session list on the console. Note that the session numbers are still random. Change-Id: I0b387f1343abefc45be0d62cf9af45fbd5563047 Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
* netipmid: make session a header-only situationVernon Mauery2018-11-141-1/+25
| | | | | | | | The Session class is a fairly simple class, no need for an external cpp file; make it all header-only and allow the compiler to do its job. Change-Id: Ibbe7e963762926ec04c75ab187a5b8045de851f4 Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
* netipmid: apply clang-format rulesVernon Mauery2018-11-021-193/+189
| | | | | | | | Lots of whitespace change. Let clang-format do its job and keep the code looking nice. Change-Id: Idfcad1a99cab8170d55a06163de8ad3f420b68b7 Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
* Support username for IPMI default user accountTom Joseph2018-04-231-1/+1
| | | | | | | | | | | | | The current support in IPMI is for the nameless account, which has no username and only password associated with the account. In ipmitool for the nameless account -U option is not needed. There are management scripts which take a parameter for -U option and fails if -U option is not supported by ipmitool option. This patch is to support "admin" username for the default account. Once full fledged user account management is in place, this change can be removed. Change-Id: Idad73c0d04f189af66f2365424a68a637fe0e476 Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Correct doxygen syntax in phosphor-net-ipmidTom Joseph2017-05-231-10/+10
| | | | | | | Resolves openbmc/openbmc#1147 Change-Id: I57ab1b09ec1bf308cc3d97cd30b2d18564beb38b Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Add socket channel property to session to send SOL packets.Tom Joseph2017-04-251-0/+3
| | | | | Change-Id: I7bbdb9c23434aa6936c47796f296b2b08892a30e Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Provide API to check if the confidentiality algo is enabled for the session.Tom Joseph2017-04-251-0/+10
| | | | | Change-Id: Ia0585907191a921d7081e855e19d7a5fa9771c6b Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Provide API to check if integrity algorithm is enabled for the session.Tom Joseph2017-04-251-0/+9
| | | | | Change-Id: I6d57b5d964c9cbcf361ab97667fb43ae7fe03b6f Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Initialise the in/out sequence numbersTom Joseph2017-02-241-2/+2
| | | | | Change-Id: Iff887dddca1df013ea0fa1ac452ad9d2c04c5d12 Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Modify the session data to handle the Confidentiality algoTom Joseph2017-02-241-0/+34
| | | | | Change-Id: I1be4bb4349a5dfe0a512017cc5ed8f80e5ab14d9 Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Correct the aligment for a long lineTom Joseph2017-02-091-1/+1
| | | | | Change-Id: I38e0eacc702b5415acc97f6f0148312f246e577a Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Session data modified to handle integrity algoTom Joseph2017-01-171-0/+34
| | | | | Change-Id: I3ebc8f2e1599b01e3cfb89c2ab17651d549a7ca1 Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Representation of an IPMI sessionTom Joseph2016-12-121-0/+185
IPMI session class encapsulates the details regarding an IPMI session. It includes the details of the remote session id, BMC session id Cipher suites, session state information. Change-Id: Iffae0e05f33d1b3aa32cc17e5a3c1368d53c1d38 Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
OpenPOWER on IntegriCloud