14654d99fSRichard Marian Thomaiyar /* 24654d99fSRichard Marian Thomaiyar // Copyright (c) 2018 Intel Corporation 34654d99fSRichard Marian Thomaiyar // 44654d99fSRichard Marian Thomaiyar // Licensed under the Apache License, Version 2.0 (the "License"); 54654d99fSRichard Marian Thomaiyar // you may not use this file except in compliance with the License. 64654d99fSRichard Marian Thomaiyar // You may obtain a copy of the License at 74654d99fSRichard Marian Thomaiyar // 84654d99fSRichard Marian Thomaiyar // http://www.apache.org/licenses/LICENSE-2.0 94654d99fSRichard Marian Thomaiyar // 104654d99fSRichard Marian Thomaiyar // Unless required by applicable law or agreed to in writing, software 114654d99fSRichard Marian Thomaiyar // distributed under the License is distributed on an "AS IS" BASIS, 124654d99fSRichard Marian Thomaiyar // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 134654d99fSRichard Marian Thomaiyar // See the License for the specific language governing permissions and 144654d99fSRichard Marian Thomaiyar // limitations under the License. 154654d99fSRichard Marian Thomaiyar */ 164654d99fSRichard Marian Thomaiyar #pragma once 17194375f2SWilliam A. Kennington III #include <ipmid/api.h> 184654d99fSRichard Marian Thomaiyar 194654d99fSRichard Marian Thomaiyar #include <string> 204654d99fSRichard Marian Thomaiyar 214654d99fSRichard Marian Thomaiyar namespace ipmi 224654d99fSRichard Marian Thomaiyar { 235a6b6369SRichard Marian Thomaiyar 245a6b6369SRichard Marian Thomaiyar // TODO: Has to be replaced with proper channel number assignment logic 256e1ba9efSRichard Marian Thomaiyar /** 266e1ba9efSRichard Marian Thomaiyar * @enum Channel Id 276e1ba9efSRichard Marian Thomaiyar */ 285a6b6369SRichard Marian Thomaiyar enum class EChannelID : uint8_t 295a6b6369SRichard Marian Thomaiyar { 305a6b6369SRichard Marian Thomaiyar chanLan1 = 0x01 315a6b6369SRichard Marian Thomaiyar }; 325a6b6369SRichard Marian Thomaiyar 335a6b6369SRichard Marian Thomaiyar static constexpr uint8_t invalidUserId = 0xFF; 345a6b6369SRichard Marian Thomaiyar static constexpr uint8_t reservedUserId = 0x0; 355a6b6369SRichard Marian Thomaiyar static constexpr uint8_t ipmiMaxUserName = 16; 365a6b6369SRichard Marian Thomaiyar static constexpr uint8_t ipmiMaxUsers = 15; 375a6b6369SRichard Marian Thomaiyar static constexpr uint8_t ipmiMaxChannels = 16; 3890b00c71SSuryakanth Sekar static constexpr uint8_t maxIpmi20PasswordSize = 20; 3990b00c71SSuryakanth Sekar static constexpr uint8_t maxIpmi15PasswordSize = 16; 405a6b6369SRichard Marian Thomaiyar 416e1ba9efSRichard Marian Thomaiyar /** @struct PrivAccess 426e1ba9efSRichard Marian Thomaiyar * 436e1ba9efSRichard Marian Thomaiyar * User privilege related access data as per IPMI specification.(refer spec 446e1ba9efSRichard Marian Thomaiyar * sec 22.26) 456e1ba9efSRichard Marian Thomaiyar */ 465a6b6369SRichard Marian Thomaiyar struct PrivAccess 475a6b6369SRichard Marian Thomaiyar { 485a6b6369SRichard Marian Thomaiyar #if BYTE_ORDER == LITTLE_ENDIAN 495a6b6369SRichard Marian Thomaiyar uint8_t privilege : 4; 505a6b6369SRichard Marian Thomaiyar uint8_t ipmiEnabled : 1; 515a6b6369SRichard Marian Thomaiyar uint8_t linkAuthEnabled : 1; 525a6b6369SRichard Marian Thomaiyar uint8_t accessCallback : 1; 535a6b6369SRichard Marian Thomaiyar uint8_t reserved : 1; 545a6b6369SRichard Marian Thomaiyar #endif 555a6b6369SRichard Marian Thomaiyar #if BYTE_ORDER == BIG_ENDIAN 565a6b6369SRichard Marian Thomaiyar uint8_t reserved : 1; 575a6b6369SRichard Marian Thomaiyar uint8_t accessCallback : 1; 585a6b6369SRichard Marian Thomaiyar uint8_t linkAuthEnabled : 1; 595a6b6369SRichard Marian Thomaiyar uint8_t ipmiEnabled : 1; 605a6b6369SRichard Marian Thomaiyar uint8_t privilege : 4; 615a6b6369SRichard Marian Thomaiyar #endif 625a6b6369SRichard Marian Thomaiyar } __attribute__((packed)); 635a6b6369SRichard Marian Thomaiyar 645a6b6369SRichard Marian Thomaiyar /** @brief initializes user management 655a6b6369SRichard Marian Thomaiyar * 665a6b6369SRichard Marian Thomaiyar * @return IPMI_CC_OK for success, others for failure. 675a6b6369SRichard Marian Thomaiyar */ 685a6b6369SRichard Marian Thomaiyar ipmi_ret_t ipmiUserInit(); 695a6b6369SRichard Marian Thomaiyar 704654d99fSRichard Marian Thomaiyar /** @brief The ipmi get user password layer call 714654d99fSRichard Marian Thomaiyar * 725a6b6369SRichard Marian Thomaiyar * @param[in] userName - user name 734654d99fSRichard Marian Thomaiyar * 744654d99fSRichard Marian Thomaiyar * @return password or empty string 754654d99fSRichard Marian Thomaiyar */ 764654d99fSRichard Marian Thomaiyar std::string ipmiUserGetPassword(const std::string& userName); 774654d99fSRichard Marian Thomaiyar 78b29b5ab3SAppaRao Puli /** @brief The IPMI call to clear password entry associated with specified 79b29b5ab3SAppaRao Puli * username 80b29b5ab3SAppaRao Puli * 815a6b6369SRichard Marian Thomaiyar * @param[in] userName - user name to be removed 82b29b5ab3SAppaRao Puli * 83b29b5ab3SAppaRao Puli * @return 0 on success, non-zero otherwise. 84b29b5ab3SAppaRao Puli */ 8542bed64dSRichard Marian Thomaiyar ipmi_ret_t ipmiClearUserEntryPassword(const std::string& userName); 8642bed64dSRichard Marian Thomaiyar 8742bed64dSRichard Marian Thomaiyar /** @brief The IPMI call to reuse password entry for the renamed user 8842bed64dSRichard Marian Thomaiyar * to another one 8942bed64dSRichard Marian Thomaiyar * 905a6b6369SRichard Marian Thomaiyar * @param[in] userName - user name which has to be renamed 915a6b6369SRichard Marian Thomaiyar * @param[in] newUserName - new user name 9242bed64dSRichard Marian Thomaiyar * 9342bed64dSRichard Marian Thomaiyar * @return 0 on success, non-zero otherwise. 9442bed64dSRichard Marian Thomaiyar */ 9542bed64dSRichard Marian Thomaiyar ipmi_ret_t ipmiRenameUserEntryPassword(const std::string& userName, 9642bed64dSRichard Marian Thomaiyar const std::string& newUserName); 97b29b5ab3SAppaRao Puli 985a6b6369SRichard Marian Thomaiyar /** @brief determines valid userId 995a6b6369SRichard Marian Thomaiyar * 1005a6b6369SRichard Marian Thomaiyar * @param[in] userId - user id 1015a6b6369SRichard Marian Thomaiyar * 1025a6b6369SRichard Marian Thomaiyar * @return true if valid, false otherwise 1035a6b6369SRichard Marian Thomaiyar */ 104a45cb34fSRichard Marian Thomaiyar bool ipmiUserIsValidUserId(const uint8_t userId); 1055a6b6369SRichard Marian Thomaiyar 1065a6b6369SRichard Marian Thomaiyar /** @brief determines valid privilege level 1075a6b6369SRichard Marian Thomaiyar * 1085a6b6369SRichard Marian Thomaiyar * @param[in] priv - privilege level 1095a6b6369SRichard Marian Thomaiyar * 1105a6b6369SRichard Marian Thomaiyar * @return true if valid, false otherwise 1115a6b6369SRichard Marian Thomaiyar */ 112a45cb34fSRichard Marian Thomaiyar bool ipmiUserIsValidPrivilege(const uint8_t priv); 1135a6b6369SRichard Marian Thomaiyar 1145a6b6369SRichard Marian Thomaiyar /** @brief get user id corresponding to the user name 1155a6b6369SRichard Marian Thomaiyar * 1165a6b6369SRichard Marian Thomaiyar * @param[in] userName - user name 1175a6b6369SRichard Marian Thomaiyar * 1185a6b6369SRichard Marian Thomaiyar * @return userid. Will return 0xff if no user id found 1195a6b6369SRichard Marian Thomaiyar */ 1205a6b6369SRichard Marian Thomaiyar uint8_t ipmiUserGetUserId(const std::string& userName); 1215a6b6369SRichard Marian Thomaiyar 1225a6b6369SRichard Marian Thomaiyar /** @brief set's user name 1235a6b6369SRichard Marian Thomaiyar * 1245a6b6369SRichard Marian Thomaiyar * @param[in] userId - user id 1255a6b6369SRichard Marian Thomaiyar * @param[in] userName - user name 1265a6b6369SRichard Marian Thomaiyar * 1275a6b6369SRichard Marian Thomaiyar * @return IPMI_CC_OK for success, others for failure. 1285a6b6369SRichard Marian Thomaiyar */ 129a45cb34fSRichard Marian Thomaiyar ipmi_ret_t ipmiUserSetUserName(const uint8_t userId, const char* userName); 1305a6b6369SRichard Marian Thomaiyar 13190b00c71SSuryakanth Sekar /** @brief set user password 13290b00c71SSuryakanth Sekar * 13390b00c71SSuryakanth Sekar * @param[in] userId - user id 13490b00c71SSuryakanth Sekar * @param[in] userPassword - New Password 13590b00c71SSuryakanth Sekar * 13690b00c71SSuryakanth Sekar * @return IPMI_CC_OK for success, others for failure. 13790b00c71SSuryakanth Sekar */ 13890b00c71SSuryakanth Sekar ipmi_ret_t ipmiUserSetUserPassword(const uint8_t userId, 13990b00c71SSuryakanth Sekar const char* userPassword); 14090b00c71SSuryakanth Sekar 141788362ceSRichard Marian Thomaiyar /** @brief set special user password (non-ipmi accounts) 142788362ceSRichard Marian Thomaiyar * 143788362ceSRichard Marian Thomaiyar * @param[in] userName - user name 144788362ceSRichard Marian Thomaiyar * @param[in] userPassword - New Password 145788362ceSRichard Marian Thomaiyar * 146788362ceSRichard Marian Thomaiyar * @return IPMI_CC_OK for success, others for failure. 147788362ceSRichard Marian Thomaiyar */ 148788362ceSRichard Marian Thomaiyar ipmi_ret_t ipmiSetSpecialUserPassword(const std::string& userName, 149788362ceSRichard Marian Thomaiyar const std::string& userPassword); 150788362ceSRichard Marian Thomaiyar 1515a6b6369SRichard Marian Thomaiyar /** @brief get user name 1525a6b6369SRichard Marian Thomaiyar * 1535a6b6369SRichard Marian Thomaiyar * @param[in] userId - user id 1545a6b6369SRichard Marian Thomaiyar * @param[out] userName - user name 1555a6b6369SRichard Marian Thomaiyar * 1565a6b6369SRichard Marian Thomaiyar * @return IPMI_CC_OK for success, others for failure. 1575a6b6369SRichard Marian Thomaiyar */ 158a45cb34fSRichard Marian Thomaiyar ipmi_ret_t ipmiUserGetUserName(const uint8_t userId, std::string& userName); 1595a6b6369SRichard Marian Thomaiyar 1605a6b6369SRichard Marian Thomaiyar /** @brief provides available fixed, max, and enabled user counts 1615a6b6369SRichard Marian Thomaiyar * 1625a6b6369SRichard Marian Thomaiyar * @param[out] maxChUsers - max channel users 1635a6b6369SRichard Marian Thomaiyar * @param[out] enabledUsers - enabled user count 1645a6b6369SRichard Marian Thomaiyar * @param[out] fixedUsers - fixed user count 1655a6b6369SRichard Marian Thomaiyar * 1665a6b6369SRichard Marian Thomaiyar * @return IPMI_CC_OK for success, others for failure. 1675a6b6369SRichard Marian Thomaiyar */ 1685a6b6369SRichard Marian Thomaiyar ipmi_ret_t ipmiUserGetAllCounts(uint8_t& maxChUsers, uint8_t& enabledUsers, 1695a6b6369SRichard Marian Thomaiyar uint8_t& fixedUsers); 1705a6b6369SRichard Marian Thomaiyar 171282e79b4SRichard Marian Thomaiyar /** @brief function to update user enabled state 172282e79b4SRichard Marian Thomaiyar * 173282e79b4SRichard Marian Thomaiyar * @param[in] userId - user id 174282e79b4SRichard Marian Thomaiyar *..@param[in] state - state of the user to be updated, true - user enabled. 175282e79b4SRichard Marian Thomaiyar * 176282e79b4SRichard Marian Thomaiyar * @return IPMI_CC_OK for success, others for failure. 177282e79b4SRichard Marian Thomaiyar */ 178a45cb34fSRichard Marian Thomaiyar ipmi_ret_t ipmiUserUpdateEnabledState(const uint8_t userId, const bool& state); 179282e79b4SRichard Marian Thomaiyar 1805a6b6369SRichard Marian Thomaiyar /** @brief determines whether user is enabled 1815a6b6369SRichard Marian Thomaiyar * 1825a6b6369SRichard Marian Thomaiyar * @param[in] userId - user id 1835a6b6369SRichard Marian Thomaiyar *..@param[out] state - state of the user 1845a6b6369SRichard Marian Thomaiyar * 1855a6b6369SRichard Marian Thomaiyar * @return IPMI_CC_OK for success, others for failure. 1865a6b6369SRichard Marian Thomaiyar */ 187a45cb34fSRichard Marian Thomaiyar ipmi_ret_t ipmiUserCheckEnabled(const uint8_t userId, bool& state); 1885a6b6369SRichard Marian Thomaiyar 1895a6b6369SRichard Marian Thomaiyar /** @brief provides user privilege access data 1905a6b6369SRichard Marian Thomaiyar * 1915a6b6369SRichard Marian Thomaiyar * @param[in] userId - user id 1925a6b6369SRichard Marian Thomaiyar * @param[in] chNum - channel number 1935a6b6369SRichard Marian Thomaiyar * @param[out] privAccess - privilege access data 1945a6b6369SRichard Marian Thomaiyar * 1955a6b6369SRichard Marian Thomaiyar * @return IPMI_CC_OK for success, others for failure. 1965a6b6369SRichard Marian Thomaiyar */ 197a45cb34fSRichard Marian Thomaiyar ipmi_ret_t ipmiUserGetPrivilegeAccess(const uint8_t userId, const uint8_t chNum, 1985a6b6369SRichard Marian Thomaiyar PrivAccess& privAccess); 1995a6b6369SRichard Marian Thomaiyar 2005a6b6369SRichard Marian Thomaiyar /** @brief sets user privilege access data 2015a6b6369SRichard Marian Thomaiyar * 2025a6b6369SRichard Marian Thomaiyar * @param[in] userId - user id 2035a6b6369SRichard Marian Thomaiyar * @param[in] chNum - channel number 2045a6b6369SRichard Marian Thomaiyar * @param[in] privAccess - privilege access data 2055a6b6369SRichard Marian Thomaiyar * @param[in] otherPrivUpdate - flags to indicate other fields update 2065a6b6369SRichard Marian Thomaiyar * 2075a6b6369SRichard Marian Thomaiyar * @return IPMI_CC_OK for success, others for failure. 2085a6b6369SRichard Marian Thomaiyar */ 209a45cb34fSRichard Marian Thomaiyar ipmi_ret_t ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum, 2105a6b6369SRichard Marian Thomaiyar const PrivAccess& privAccess, 2115a6b6369SRichard Marian Thomaiyar const bool& otherPrivUpdate); 2125a6b6369SRichard Marian Thomaiyar 213*02650d53SAyushi Smriti /** @brief check for user pam authentication. This is to determine, whether user 214*02650d53SAyushi Smriti * is already locked out for failed login attempt 215*02650d53SAyushi Smriti * 216*02650d53SAyushi Smriti * @param[in] username - username 217*02650d53SAyushi Smriti * @param[in] password - password 218*02650d53SAyushi Smriti * 219*02650d53SAyushi Smriti * @return status 220*02650d53SAyushi Smriti */ 221*02650d53SAyushi Smriti bool ipmiUserPamAuthenticate(std::string_view userName, 222*02650d53SAyushi Smriti std::string_view userPassword); 223*02650d53SAyushi Smriti 2244654d99fSRichard Marian Thomaiyar } // namespace ipmi 225