rakp12: Clear security sensitive data As password is sensitive data Clear after use. Tested: Verified using ipmitool command Command: ipmitool -I lanplus -C 17 -p 623 -U root -P <password> -H <BMC-IP> user list 1 Response: Displayed user list successfully. Signed-off-by: Jayaprakash Mutyala <mutyalax.jayaprakash@intel.com> Change-Id: I662572855fcdc083009a5217042b1018990be9b8

commit: 05c1447d75b89d597138eabba1c9da2b281d1bc3 [log] [tgz]
author: Jayaprakash Mutyala <mutyalax.jayaprakash@intel.com> Mon Oct 19 10:26:24 2020 +0000
committer: Snehalatha Venkatesh <snehalathax.v@intel.com> Fri Aug 06 19:00:52 2021 +0000
tree: 8e61d899456b9e75575fca4b3c0fc14b6e8263dd
parent: 0e0546f1d0ef7c5960edd710f137ed75fb024cc3 [diff] [blame]
diff --git a/command/rakp12.cpp b/command/rakp12.cpp
index cd84889..1130ee9 100644
--- a/command/rakp12.cpp
+++ b/command/rakp12.cpp

@@ -10,6 +10,7 @@
 #include <algorithm>
 #include <cstring>
 #include <iomanip>
+#include <ipmid/types.hpp>
 #include <phosphor-logging/log.hpp>
 
 using namespace phosphor::logging;
@@ -178,9 +179,7 @@
 
     // Perform user name based lookup
     std::string userName(request->user_name, request->user_name_len);
-    std::string passwd;
-
-    message += "user: " + userName;
+    ipmi::SecureString passwd;
     uint8_t userId = ipmi::ipmiUserGetUserId(userName);
     if (userId == ipmi::invalidUserId)
     {
commit	05c1447d75b89d597138eabba1c9da2b281d1bc3	[log] [tgz]
author	Jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>	Mon Oct 19 10:26:24 2020 +0000
committer	Snehalatha Venkatesh <snehalathax.v@intel.com>	Fri Aug 06 19:00:52 2021 +0000
tree	8e61d899456b9e75575fca4b3c0fc14b6e8263dd
parent	0e0546f1d0ef7c5960edd710f137ed75fb024cc3 [diff] [blame]