From 59054e07951518d070b970e4645a6ad7ec0b447a Mon Sep 17 00:00:00 2001 From: Pavel Cahyna Date: Mon, 12 Feb 2024 17:53:51 +0100 Subject: [PATCH] Delete unused 0003-ipmitool-1.8.11-set-kg-key.patch Superseded by ipmitool-1.8.19-set-kg-key.patch --- 0003-ipmitool-1.8.11-set-kg-key.patch | 240 -------------------------- 1 file changed, 240 deletions(-) delete mode 100644 0003-ipmitool-1.8.11-set-kg-key.patch diff --git a/0003-ipmitool-1.8.11-set-kg-key.patch b/0003-ipmitool-1.8.11-set-kg-key.patch deleted file mode 100644 index 00a396e..0000000 --- a/0003-ipmitool-1.8.11-set-kg-key.patch +++ /dev/null @@ -1,240 +0,0 @@ -diff -urNp old/doc/ipmitool.1 new/doc/ipmitool.1 ---- old/doc/ipmitool.1 2017-02-06 10:20:02.254362909 +0100 -+++ new/doc/ipmitool.1 2017-02-06 10:33:41.729294474 +0100 -@@ -372,6 +372,20 @@ Configure user access information on the - - Displays the list of cipher suites supported for the given - application (ipmi or sol) on the given channel. -+.TP -+\fIsetkg\fP <\fIhex\fP|\fIplain\fP> <\fBkey\fP> [<\fBchannel\fR>] -+.br -+ -+Sets K_g key to given value. Use \fIplain\fP to specify \fBkey\fR as simple ASCII string. -+Use \fIhex\fP to specify \fBkey\fR as sequence of hexadecimal codes of ASCII charactes. -+I.e. following two examples are equivalent: -+ -+.RS -+ipmitool channel setkg plain PASSWORD -+ -+ipmitool channel setkg hex 50415353574F5244 -+.RE -+ - .RE - .RE - .TP -diff -urNp old/include/ipmitool/helper.h new/include/ipmitool/helper.h ---- old/include/ipmitool/helper.h 2017-02-06 10:20:02.254362909 +0100 -+++ new/include/ipmitool/helper.h 2017-02-06 10:40:07.336136844 +0100 -@@ -58,6 +58,8 @@ - # define IPMI_UID_MAX 63 - #endif - -+#define IPMI_KG_BUFFER_SIZE 21 /* key plus null byte */ -+ - struct ipmi_intf; - - struct valstr { -diff -urNp old/include/ipmitool/ipmi_channel.h new/include/ipmitool/ipmi_channel.h ---- old/include/ipmitool/ipmi_channel.h 2017-02-06 10:20:02.253316684 +0100 -+++ new/include/ipmitool/ipmi_channel.h 2017-02-06 10:58:15.291287621 +0100 -@@ -49,6 +49,10 @@ - #define IPMI_GET_USER_NAME 0x46 - #define IPMI_SET_USER_PASSWORD 0x47 - #define IPMI_GET_CHANNEL_CIPHER_SUITES 0x54 -+#define IPMI_SET_CHANNEL_SECURITY_KEYS 0x56 -+ -+#define IPMI_KG_KEY_ID 1 -+#define IPMI_SET_CHANNEL_SECURITY_KEYS_OP_SET 1 - - /* These are for channel_info_t.session_support */ - #define IPMI_CHANNEL_SESSION_LESS 0x00 -@@ -137,6 +141,40 @@ int _ipmi_set_channel_access(struct ipmi - struct channel_access_t channel_access, uint8_t access_option, - uint8_t privilege_option); - -+struct set_channel_security_keys_req { -+#if WORDS_BIGENDIAN -+ uint8_t __reserved1 :4; -+ uint8_t channel :4; -+ -+ uint8_t __reserved2 :6; -+ uint8_t operation :2; -+ -+ uint8_t key_id; -+ unsigned char key_value[IPMI_KG_BUFFER_SIZE-1]; /* we don't want space for '\0' at the end */ -+#else -+ uint8_t channel :4; -+ uint8_t __reserved1 :4; -+ -+ uint8_t operation :2; -+ uint8_t __reserved2 :6; -+ -+ uint8_t key_id; -+ unsigned char key_value[IPMI_KG_BUFFER_SIZE-1]; /* we don't want space for '\0' at the end */ -+#endif -+} __attribute__ ((packed)); -+ -+struct set_channel_security_keys_rsp { -+#if WORDS_BIGENDIAN -+ uint8_t __reserved1 :6; -+ uint8_t lock_status :2; -+ unsigned char key_value; /* just the first character, use &key_value to explore the rest */ -+#else -+ uint8_t lock_status :2; -+ uint8_t __reserved1 :6; -+ unsigned char key_value; /* just the first character, use &key_value to explore the rest */ -+#endif -+} __attribute__ ((packed)); -+ - uint8_t ipmi_get_channel_medium(struct ipmi_intf * intf, uint8_t channel); - uint8_t ipmi_current_channel_medium(struct ipmi_intf * intf); - int ipmi_channel_main(struct ipmi_intf * intf, int argc, char ** argv); -diff -urNp old/include/ipmitool/ipmi_intf.h new/include/ipmitool/ipmi_intf.h ---- old/include/ipmitool/ipmi_intf.h 2017-02-06 10:20:02.254362909 +0100 -+++ new/include/ipmitool/ipmi_intf.h 2017-02-06 10:40:40.264577602 +0100 -@@ -60,7 +60,6 @@ enum LANPLUS_SESSION_STATE { - - #define IPMI_AUTHCODE_BUFFER_SIZE 20 - #define IPMI_SIK_BUFFER_SIZE IPMI_MAX_MD_SIZE --#define IPMI_KG_BUFFER_SIZE 21 /* key plus null byte */ - - struct ipmi_session_params { - char * hostname; -diff -urNp old/lib/ipmi_channel.c new/lib/ipmi_channel.c ---- old/lib/ipmi_channel.c 2017-02-06 10:20:02.255409134 +0100 -+++ new/lib/ipmi_channel.c 2017-02-06 12:32:14.222282317 +0100 -@@ -821,6 +821,92 @@ ipmi_set_user_access(struct ipmi_intf *i - return 0; - } - -+int -+ipmi_set_channel_security_keys (struct ipmi_intf *intf, uint8_t channel, const char *method, const char *key) -+{ -+ uint8_t kgkey[IPMI_KG_BUFFER_SIZE]; -+ struct ipmi_rs *rsp; -+ struct ipmi_rq req; -+ struct set_channel_security_keys_req req_data; -+ int rc = -1; -+ -+ /* convert provided key to array of bytes */ -+ if (strcmp(method, "hex") == 0) { -+ if (strlen(key) > (IPMI_KG_BUFFER_SIZE-1)*2) { -+ lprintf(LOG_ERR, "Provided key is too long, max. length is %d bytes", (IPMI_KG_BUFFER_SIZE-1)); -+ printf_channel_usage(); -+ return -1; -+ } -+ -+ rc = ipmi_parse_hex(key, kgkey, sizeof(kgkey)-1); -+ if (rc == -1) { -+ lprintf(LOG_ERR, "Number of Kg key characters is not even"); -+ return rc; -+ } else if (rc == -3) { -+ lprintf(LOG_ERR, "Kg key is not hexadecimal number"); -+ return rc; -+ } else if (rc > (IPMI_KG_BUFFER_SIZE-1)) { -+ lprintf(LOG_ERR, "Kg key is too long"); -+ return rc; -+ } -+ -+ } else if (strcmp(method, "plain") == 0) { -+ if (strlen(key) > IPMI_KG_BUFFER_SIZE-1) { -+ lprintf(LOG_ERR, "Provided key is too long, max. length is %d bytes", (IPMI_KG_BUFFER_SIZE -1)); -+ printf_channel_usage(); -+ return rc; -+ } -+ -+ strncpy(kgkey, key, IPMI_KG_BUFFER_SIZE-1); -+ } else { -+ printf_channel_usage(); -+ return rc; -+ } -+ -+ /* assemble and send request to set kg key */ -+ memset(&req_data, 0, sizeof(req_data)); -+ req_data.channel = channel; -+ req_data.operation = IPMI_SET_CHANNEL_SECURITY_KEYS_OP_SET; -+ req_data.key_id = IPMI_KG_KEY_ID; -+ memcpy(req_data.key_value, kgkey, IPMI_KG_BUFFER_SIZE-1); -+ -+ memset(&req, 0, sizeof(req)); -+ req.msg.netfn = IPMI_NETFN_APP; -+ req.msg.cmd = IPMI_SET_CHANNEL_SECURITY_KEYS; -+ req.msg.data = (uint8_t*) &req_data; -+ req.msg.data_len = sizeof(req_data); -+ -+ rsp = intf->sendrecv(intf, &req); -+ if (rsp == NULL) { -+ lprintf(LOG_ERR, "Set Channel Security Keys command failed"); -+ return rc; -+ } -+ if (rsp->ccode > 0) { -+ const char *error = NULL; -+ switch (rsp->ccode) { -+ case 0x80: -+ error = "Key is locked"; -+ break; -+ case 0x81: -+ error = "Insufficient key bytes"; -+ break; -+ case 0x82: -+ error = "Too many key bytes"; -+ break; -+ case 0x83: -+ error = "Key value does not meet criteria for K_g key"; -+ break; -+ default: -+ error = val2str(rsp->ccode, completion_code_vals); -+ } -+ lprintf(LOG_ERR, "Error setting security key: %X (%s)", rsp->ccode, error); -+ return rc; -+ } -+ -+ lprintf(LOG_NOTICE, "Set Channel Security Keys command succeeded"); -+ return 0; -+} -+ - int - ipmi_channel_main(struct ipmi_intf *intf, int argc, char **argv) - { -@@ -890,6 +976,19 @@ ipmi_channel_main(struct ipmi_intf *intf - retval = ipmi_get_channel_cipher_suites(intf, - argv[1], /* ipmi | sol */ - channel); -+ } else if (strncmp(argv[0], "setkg", 5) == 0) { -+ if (argc < 3 || argc > 4) -+ printf_channel_usage(); -+ else { -+ uint8_t ch = 0xe; -+ char *method = argv[1]; -+ char *key = argv[2]; -+ if (argc == 4) { -+ ch = (uint8_t)strtol(argv[3], NULL, 0); -+ } -+ -+ retval = ipmi_set_channel_security_keys(intf, ch, method, key); -+ } - } else { - lprintf(LOG_ERR, "Invalid CHANNEL command: %s\n", argv[0]); - printf_channel_usage(); -@@ -916,6 +1015,10 @@ printf_channel_usage() - lprintf(LOG_NOTICE, - ""); - lprintf(LOG_NOTICE, -+" setkg hex|plain [channel]"); -+ lprintf(LOG_NOTICE, -+""); -+ lprintf(LOG_NOTICE, - "Possible privilege levels are:"); - lprintf(LOG_NOTICE, - " 1 Callback level"); -diff -urNp old/src/plugins/ipmi_intf.c new/src/plugins/ipmi_intf.c ---- old/src/plugins/ipmi_intf.c 2017-02-06 10:20:02.257501584 +0100 -+++ new/src/plugins/ipmi_intf.c 2017-02-06 10:42:12.585257810 +0100 -@@ -55,6 +55,7 @@ - #include - #include - #include -+#include - - #define IPMI_DEFAULT_PAYLOAD_SIZE 25 -