Require a valid session state prior to executing commands
The execution of commands should work fine for pre-session commands
and for session commands that have the session in a valid state
(not inactive or tearDownInProgress). This prevents a session from
getting used after the close session command.
Tested: send a command after the session has been closed or re-use an
old session ID. The BMC should ignore the request.
Change-Id: I112bbc3404ffcf90ab5358d2309672473662647a
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
diff --git a/command_table.cpp b/command_table.cpp
index 6779d55..1d9e063 100644
--- a/command_table.cpp
+++ b/command_table.cpp
@@ -61,6 +61,16 @@
entry("CMD=%x", command.cmd()));
return;
}
+ std::shared_ptr<session::Session> session =
+ std::get<session::Manager&>(singletonPool)
+ .getSession(handler->sessionID);
+
+ // Ignore messages that are not part of an active session
+ auto state = static_cast<session::State>(session->state());
+ if (state != session::State::active)
+ {
+ return;
+ }
auto bus = getSdBus();
// forward the request onto the main ipmi queue
@@ -69,9 +79,7 @@
uint8_t lun = command.lun();
uint8_t netFn = command.netFn();
uint8_t cmd = command.cmd();
- std::shared_ptr<session::Session> session =
- std::get<session::Manager&>(singletonPool)
- .getSession(handler->sessionID);
+
std::map<std::string, ipmi::Value> options = {
{"userId", ipmi::Value(static_cast<int>(
ipmi::ipmiUserGetUserId(session->userName)))},
@@ -110,6 +118,20 @@
{
auto start = std::chrono::steady_clock::now();
+ // Ignore messages that are not part of an active/pre-active session
+ if (handler->sessionID != session::sessionZero)
+ {
+ std::shared_ptr<session::Session> session =
+ std::get<session::Manager&>(singletonPool)
+ .getSession(handler->sessionID);
+ auto state = static_cast<session::State>(session->state());
+ if ((state != session::State::setupInProgress) &&
+ (state != session::State::active))
+ {
+ return;
+ }
+ }
+
handler->outPayload =
iterator->second->executeCommand(commandData, handler);