commit a444b4c30bb22bc92685f158e1a94517f69f31a5 Author: CentOS Sources Date: Tue May 17 05:04:49 2022 -0400 import ipmitool-1.8.18-25.el9 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..29f328a --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/ipmitool-1.8.18.tar.gz diff --git a/.ipmitool.metadata b/.ipmitool.metadata new file mode 100644 index 0000000..3bae649 --- /dev/null +++ b/.ipmitool.metadata @@ -0,0 +1 @@ +ebb7c4387c11130ea874531beedba774f6431839 SOURCES/ipmitool-1.8.18.tar.gz diff --git a/SOURCES/0001-CVE-2011-4339-OpenIPMI.patch b/SOURCES/0001-CVE-2011-4339-OpenIPMI.patch new file mode 100644 index 0000000..437c9ad --- /dev/null +++ b/SOURCES/0001-CVE-2011-4339-OpenIPMI.patch @@ -0,0 +1,25 @@ +From 152efd46931a70ab4e3d81e99d312df7dcd666e6 Mon Sep 17 00:00:00 2001 +From: Boris Ranto +Date: Tue, 10 May 2016 19:12:08 +0200 +Subject: [PATCH] CVE-2011-4339 OpenIPMI + +IPMI event daemon creates PID file with world writeable permissions +--- + lib/helper.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/lib/helper.c b/lib/helper.c +index de91438..c3a1c80 100644 +--- a/lib/helper.c ++++ b/lib/helper.c +@@ -829,7 +829,6 @@ ipmi_start_daemon(struct ipmi_intf *intf) + #endif + + chdir("/"); +- umask(0); + + for (fd=0; fd<64; fd++) { + if (fd != intf->fd) +-- +2.7.4 + diff --git a/SOURCES/0002-openssl.patch b/SOURCES/0002-openssl.patch new file mode 100644 index 0000000..ff5e705 --- /dev/null +++ b/SOURCES/0002-openssl.patch @@ -0,0 +1,89 @@ +diff -urNp old/src/plugins/lanplus/lanplus_crypt_impl.c new/src/plugins/lanplus/lanplus_crypt_impl.c +--- old/src/plugins/lanplus/lanplus_crypt_impl.c 2016-05-28 10:20:20.000000000 +0200 ++++ new/src/plugins/lanplus/lanplus_crypt_impl.c 2017-02-21 10:50:21.634873466 +0100 +@@ -164,10 +164,10 @@ lanplus_encrypt_aes_cbc_128(const uint8_ + uint8_t * output, + uint32_t * bytes_written) + { +- EVP_CIPHER_CTX ctx; +- EVP_CIPHER_CTX_init(&ctx); +- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); +- EVP_CIPHER_CTX_set_padding(&ctx, 0); ++ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); ++ EVP_CIPHER_CTX_init(ctx); ++ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); ++ EVP_CIPHER_CTX_set_padding(ctx, 0); + + + *bytes_written = 0; +@@ -191,7 +191,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_ + assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); + + +- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) ++ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) + { + /* Error */ + *bytes_written = 0; +@@ -201,7 +201,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_ + { + uint32_t tmplen; + +- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) ++ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) + { + *bytes_written = 0; + return; /* Error */ +@@ -210,7 +210,8 @@ lanplus_encrypt_aes_cbc_128(const uint8_ + { + /* Success */ + *bytes_written += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_cleanup(ctx); ++ EVP_CIPHER_CTX_free(ctx); + } + } + } +@@ -239,10 +240,10 @@ lanplus_decrypt_aes_cbc_128(const uint8_ + uint8_t * output, + uint32_t * bytes_written) + { +- EVP_CIPHER_CTX ctx; +- EVP_CIPHER_CTX_init(&ctx); +- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); +- EVP_CIPHER_CTX_set_padding(&ctx, 0); ++ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); ++ EVP_CIPHER_CTX_init(ctx); ++ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); ++ EVP_CIPHER_CTX_set_padding(ctx, 0); + + + if (verbose >= 5) +@@ -266,7 +267,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_ + assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); + + +- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) ++ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) + { + /* Error */ + lprintf(LOG_DEBUG, "ERROR: decrypt update failed"); +@@ -277,7 +278,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_ + { + uint32_t tmplen; + +- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) ++ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) + { + char buffer[1000]; + ERR_error_string(ERR_get_error(), buffer); +@@ -290,7 +291,8 @@ lanplus_decrypt_aes_cbc_128(const uint8_ + { + /* Success */ + *bytes_written += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_cleanup(ctx); ++ EVP_CIPHER_CTX_free(ctx); + } + } + diff --git a/SOURCES/0003-ipmitool-1.8.11-set-kg-key.patch b/SOURCES/0003-ipmitool-1.8.11-set-kg-key.patch new file mode 100644 index 0000000..00a396e --- /dev/null +++ b/SOURCES/0003-ipmitool-1.8.11-set-kg-key.patch @@ -0,0 +1,240 @@ +diff -urNp old/doc/ipmitool.1 new/doc/ipmitool.1 +--- old/doc/ipmitool.1 2017-02-06 10:20:02.254362909 +0100 ++++ new/doc/ipmitool.1 2017-02-06 10:33:41.729294474 +0100 +@@ -372,6 +372,20 @@ Configure user access information on the + + Displays the list of cipher suites supported for the given + application (ipmi or sol) on the given channel. ++.TP ++\fIsetkg\fP <\fIhex\fP|\fIplain\fP> <\fBkey\fP> [<\fBchannel\fR>] ++.br ++ ++Sets K_g key to given value. Use \fIplain\fP to specify \fBkey\fR as simple ASCII string. ++Use \fIhex\fP to specify \fBkey\fR as sequence of hexadecimal codes of ASCII charactes. ++I.e. following two examples are equivalent: ++ ++.RS ++ipmitool channel setkg plain PASSWORD ++ ++ipmitool channel setkg hex 50415353574F5244 ++.RE ++ + .RE + .RE + .TP +diff -urNp old/include/ipmitool/helper.h new/include/ipmitool/helper.h +--- old/include/ipmitool/helper.h 2017-02-06 10:20:02.254362909 +0100 ++++ new/include/ipmitool/helper.h 2017-02-06 10:40:07.336136844 +0100 +@@ -58,6 +58,8 @@ + # define IPMI_UID_MAX 63 + #endif + ++#define IPMI_KG_BUFFER_SIZE 21 /* key plus null byte */ ++ + struct ipmi_intf; + + struct valstr { +diff -urNp old/include/ipmitool/ipmi_channel.h new/include/ipmitool/ipmi_channel.h +--- old/include/ipmitool/ipmi_channel.h 2017-02-06 10:20:02.253316684 +0100 ++++ new/include/ipmitool/ipmi_channel.h 2017-02-06 10:58:15.291287621 +0100 +@@ -49,6 +49,10 @@ + #define IPMI_GET_USER_NAME 0x46 + #define IPMI_SET_USER_PASSWORD 0x47 + #define IPMI_GET_CHANNEL_CIPHER_SUITES 0x54 ++#define IPMI_SET_CHANNEL_SECURITY_KEYS 0x56 ++ ++#define IPMI_KG_KEY_ID 1 ++#define IPMI_SET_CHANNEL_SECURITY_KEYS_OP_SET 1 + + /* These are for channel_info_t.session_support */ + #define IPMI_CHANNEL_SESSION_LESS 0x00 +@@ -137,6 +141,40 @@ int _ipmi_set_channel_access(struct ipmi + struct channel_access_t channel_access, uint8_t access_option, + uint8_t privilege_option); + ++struct set_channel_security_keys_req { ++#if WORDS_BIGENDIAN ++ uint8_t __reserved1 :4; ++ uint8_t channel :4; ++ ++ uint8_t __reserved2 :6; ++ uint8_t operation :2; ++ ++ uint8_t key_id; ++ unsigned char key_value[IPMI_KG_BUFFER_SIZE-1]; /* we don't want space for '\0' at the end */ ++#else ++ uint8_t channel :4; ++ uint8_t __reserved1 :4; ++ ++ uint8_t operation :2; ++ uint8_t __reserved2 :6; ++ ++ uint8_t key_id; ++ unsigned char key_value[IPMI_KG_BUFFER_SIZE-1]; /* we don't want space for '\0' at the end */ ++#endif ++} __attribute__ ((packed)); ++ ++struct set_channel_security_keys_rsp { ++#if WORDS_BIGENDIAN ++ uint8_t __reserved1 :6; ++ uint8_t lock_status :2; ++ unsigned char key_value; /* just the first character, use &key_value to explore the rest */ ++#else ++ uint8_t lock_status :2; ++ uint8_t __reserved1 :6; ++ unsigned char key_value; /* just the first character, use &key_value to explore the rest */ ++#endif ++} __attribute__ ((packed)); ++ + uint8_t ipmi_get_channel_medium(struct ipmi_intf * intf, uint8_t channel); + uint8_t ipmi_current_channel_medium(struct ipmi_intf * intf); + int ipmi_channel_main(struct ipmi_intf * intf, int argc, char ** argv); +diff -urNp old/include/ipmitool/ipmi_intf.h new/include/ipmitool/ipmi_intf.h +--- old/include/ipmitool/ipmi_intf.h 2017-02-06 10:20:02.254362909 +0100 ++++ new/include/ipmitool/ipmi_intf.h 2017-02-06 10:40:40.264577602 +0100 +@@ -60,7 +60,6 @@ enum LANPLUS_SESSION_STATE { + + #define IPMI_AUTHCODE_BUFFER_SIZE 20 + #define IPMI_SIK_BUFFER_SIZE IPMI_MAX_MD_SIZE +-#define IPMI_KG_BUFFER_SIZE 21 /* key plus null byte */ + + struct ipmi_session_params { + char * hostname; +diff -urNp old/lib/ipmi_channel.c new/lib/ipmi_channel.c +--- old/lib/ipmi_channel.c 2017-02-06 10:20:02.255409134 +0100 ++++ new/lib/ipmi_channel.c 2017-02-06 12:32:14.222282317 +0100 +@@ -821,6 +821,92 @@ ipmi_set_user_access(struct ipmi_intf *i + return 0; + } + ++int ++ipmi_set_channel_security_keys (struct ipmi_intf *intf, uint8_t channel, const char *method, const char *key) ++{ ++ uint8_t kgkey[IPMI_KG_BUFFER_SIZE]; ++ struct ipmi_rs *rsp; ++ struct ipmi_rq req; ++ struct set_channel_security_keys_req req_data; ++ int rc = -1; ++ ++ /* convert provided key to array of bytes */ ++ if (strcmp(method, "hex") == 0) { ++ if (strlen(key) > (IPMI_KG_BUFFER_SIZE-1)*2) { ++ lprintf(LOG_ERR, "Provided key is too long, max. length is %d bytes", (IPMI_KG_BUFFER_SIZE-1)); ++ printf_channel_usage(); ++ return -1; ++ } ++ ++ rc = ipmi_parse_hex(key, kgkey, sizeof(kgkey)-1); ++ if (rc == -1) { ++ lprintf(LOG_ERR, "Number of Kg key characters is not even"); ++ return rc; ++ } else if (rc == -3) { ++ lprintf(LOG_ERR, "Kg key is not hexadecimal number"); ++ return rc; ++ } else if (rc > (IPMI_KG_BUFFER_SIZE-1)) { ++ lprintf(LOG_ERR, "Kg key is too long"); ++ return rc; ++ } ++ ++ } else if (strcmp(method, "plain") == 0) { ++ if (strlen(key) > IPMI_KG_BUFFER_SIZE-1) { ++ lprintf(LOG_ERR, "Provided key is too long, max. length is %d bytes", (IPMI_KG_BUFFER_SIZE -1)); ++ printf_channel_usage(); ++ return rc; ++ } ++ ++ strncpy(kgkey, key, IPMI_KG_BUFFER_SIZE-1); ++ } else { ++ printf_channel_usage(); ++ return rc; ++ } ++ ++ /* assemble and send request to set kg key */ ++ memset(&req_data, 0, sizeof(req_data)); ++ req_data.channel = channel; ++ req_data.operation = IPMI_SET_CHANNEL_SECURITY_KEYS_OP_SET; ++ req_data.key_id = IPMI_KG_KEY_ID; ++ memcpy(req_data.key_value, kgkey, IPMI_KG_BUFFER_SIZE-1); ++ ++ memset(&req, 0, sizeof(req)); ++ req.msg.netfn = IPMI_NETFN_APP; ++ req.msg.cmd = IPMI_SET_CHANNEL_SECURITY_KEYS; ++ req.msg.data = (uint8_t*) &req_data; ++ req.msg.data_len = sizeof(req_data); ++ ++ rsp = intf->sendrecv(intf, &req); ++ if (rsp == NULL) { ++ lprintf(LOG_ERR, "Set Channel Security Keys command failed"); ++ return rc; ++ } ++ if (rsp->ccode > 0) { ++ const char *error = NULL; ++ switch (rsp->ccode) { ++ case 0x80: ++ error = "Key is locked"; ++ break; ++ case 0x81: ++ error = "Insufficient key bytes"; ++ break; ++ case 0x82: ++ error = "Too many key bytes"; ++ break; ++ case 0x83: ++ error = "Key value does not meet criteria for K_g key"; ++ break; ++ default: ++ error = val2str(rsp->ccode, completion_code_vals); ++ } ++ lprintf(LOG_ERR, "Error setting security key: %X (%s)", rsp->ccode, error); ++ return rc; ++ } ++ ++ lprintf(LOG_NOTICE, "Set Channel Security Keys command succeeded"); ++ return 0; ++} ++ + int + ipmi_channel_main(struct ipmi_intf *intf, int argc, char **argv) + { +@@ -890,6 +976,19 @@ ipmi_channel_main(struct ipmi_intf *intf + retval = ipmi_get_channel_cipher_suites(intf, + argv[1], /* ipmi | sol */ + channel); ++ } else if (strncmp(argv[0], "setkg", 5) == 0) { ++ if (argc < 3 || argc > 4) ++ printf_channel_usage(); ++ else { ++ uint8_t ch = 0xe; ++ char *method = argv[1]; ++ char *key = argv[2]; ++ if (argc == 4) { ++ ch = (uint8_t)strtol(argv[3], NULL, 0); ++ } ++ ++ retval = ipmi_set_channel_security_keys(intf, ch, method, key); ++ } + } else { + lprintf(LOG_ERR, "Invalid CHANNEL command: %s\n", argv[0]); + printf_channel_usage(); +@@ -916,6 +1015,10 @@ printf_channel_usage() + lprintf(LOG_NOTICE, + ""); + lprintf(LOG_NOTICE, ++" setkg hex|plain [channel]"); ++ lprintf(LOG_NOTICE, ++""); ++ lprintf(LOG_NOTICE, + "Possible privilege levels are:"); + lprintf(LOG_NOTICE, + " 1 Callback level"); +diff -urNp old/src/plugins/ipmi_intf.c new/src/plugins/ipmi_intf.c +--- old/src/plugins/ipmi_intf.c 2017-02-06 10:20:02.257501584 +0100 ++++ new/src/plugins/ipmi_intf.c 2017-02-06 10:42:12.585257810 +0100 +@@ -55,6 +55,7 @@ + #include + #include + #include ++#include + + #define IPMI_DEFAULT_PAYLOAD_SIZE 25 + diff --git a/SOURCES/0004-slowswid.patch b/SOURCES/0004-slowswid.patch new file mode 100644 index 0000000..c5f91b7 --- /dev/null +++ b/SOURCES/0004-slowswid.patch @@ -0,0 +1,16 @@ +diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c +index fa7b082..9bc5ac2 100644 +--- a/lib/ipmi_sdr.c ++++ b/lib/ipmi_sdr.c +@@ -572,6 +572,8 @@ ipmi_sdr_get_sensor_reading_ipmb(struct ipmi_intf *intf, uint8_t sensor, + uint32_t save_addr; + uint32_t save_channel; + ++ if (target == (uint8_t) 0xb1) ++ return ipmi_sdr_get_sensor_reading(intf, sensor); + if ( BRIDGE_TO_SENSOR(intf, target, channel) ) { + lprintf(LOG_DEBUG, + "Bridge to Sensor " +-- +2.1.0 + diff --git a/SOURCES/0005-sensor-id-length.patch b/SOURCES/0005-sensor-id-length.patch new file mode 100644 index 0000000..0cb8313 --- /dev/null +++ b/SOURCES/0005-sensor-id-length.patch @@ -0,0 +1,16 @@ +diff --git a/include/ipmitool/ipmi_sdr.h b/include/ipmitool/ipmi_sdr.h +index ccf0cf0..47d3949 100644 +--- a/include/ipmitool/ipmi_sdr.h ++++ b/include/ipmitool/ipmi_sdr.h +@@ -819,7 +819,7 @@ static const char *sensor_type_desc[] __attribute__ ((unused)) = { + "Version Change", "FRU State" }; + + struct sensor_reading { +- char s_id[17]; /* name of the sensor */ ++ char s_id[33]; /* name of the sensor */ + struct sdr_record_full_sensor *full; + struct sdr_record_compact_sensor *compact; + uint8_t s_reading_valid; /* read value valididity */ +-- +2.1.0 + diff --git a/SOURCES/0006-enable-usb.patch b/SOURCES/0006-enable-usb.patch new file mode 100644 index 0000000..d3bfba5 --- /dev/null +++ b/SOURCES/0006-enable-usb.patch @@ -0,0 +1,21 @@ +diff -urNp old/configure.ac new/configure.ac +--- old/configure.ac 2017-02-02 14:20:33.230784269 +0100 ++++ new/configure.ac 2017-02-02 14:22:53.528510336 +0100 +@@ -63,7 +63,7 @@ xenable_intf_imb=yes + xenable_intf_lipmi=yes + xenable_intf_open=yes + #xenable_intf_serial=yes +-xenable_intf_usb=no ++xenable_intf_usb=yes + xenable_ipmishell=yes + + dnl set some things so we build with GNU tools on Solaris +@@ -209,7 +209,7 @@ fi + dnl enable IPMI USB interface + AC_ARG_ENABLE([intf-usb], + [AC_HELP_STRING([--enable-intf-usb], +- [enable IPMI USB interface [default=auto]])], ++ [enable IPMI USB interface [default=yes]])], + [xenable_intf_usb=$enableval], + [xenable_intf_usb=$xenable_intf_usb]) + if test "x$xenable_intf_usb" = "xstatic" || test "x$xenable_intf_usb" = "xplugin"; then diff --git a/SOURCES/0007-check-input.patch b/SOURCES/0007-check-input.patch new file mode 100644 index 0000000..030fd2a --- /dev/null +++ b/SOURCES/0007-check-input.patch @@ -0,0 +1,41 @@ +diff -urNp old/doc/ipmitool.1 new/doc/ipmitool.1 +--- old/doc/ipmitool.1 2017-10-03 16:10:50.446539988 +0200 ++++ new/doc/ipmitool.1 2017-10-03 16:16:37.039673239 +0200 +@@ -3170,13 +3170,14 @@ SOL configuration data for the currently + + Enable, disable or show status of SOL payload for the user on the specified channel. + .TP +-\fIset\fP <\fBparameter\fR> <\fBvalue\fR> [<\fBchannel\fR>] ++\fIset\fP <\fBparameter\fR> <\fBvalue\fR> [<\fBchannel\fR>] [\fBnoguard\fR] + .br + + Configure parameters for Serial Over Lan. If no channel is given, + it will display SOL configuration data for the currently used + channel. Configuration parameter updates are automatically guarded +-with the updates to the set\-in\-progress parameter. ++with the updates to the set\-in\-progress parameter, unless \fInoguard\fR ++parameter is present. + .RS + .TP + Valid parameters and values are: +diff -urNp old/lib/ipmi_sol.c new/lib/ipmi_sol.c +--- old/lib/ipmi_sol.c 2017-10-03 16:10:50.447539996 +0200 ++++ new/lib/ipmi_sol.c 2017-10-03 16:18:37.079006949 +0200 +@@ -1875,7 +1875,7 @@ static void + print_sol_usage(void) + { + lprintf(LOG_NOTICE, "SOL Commands: info []"); +- lprintf(LOG_NOTICE, " set [channel]"); ++ lprintf(LOG_NOTICE, " set [channel] [noguard]"); + lprintf(LOG_NOTICE, " payload [channel] [userid]"); + lprintf(LOG_NOTICE, " activate [] [instance=]"); + lprintf(LOG_NOTICE, " deactivate [instance=]"); +@@ -1890,6 +1890,8 @@ print_sol_usage(void) + static void + print_sol_set_usage(void) + { ++ lprintf(LOG_NOTICE, "\nSOL set usage: \n"); ++ lprintf(LOG_NOTICE, " sol set [channel] [noguard]\n"); + lprintf(LOG_NOTICE, "\nSOL set parameters and values: \n"); + lprintf(LOG_NOTICE, " set-in-progress set-complete | " + "set-in-progress | commit-write"); diff --git a/SOURCES/0008-add-extern.patch b/SOURCES/0008-add-extern.patch new file mode 100644 index 0000000..53f4ca2 --- /dev/null +++ b/SOURCES/0008-add-extern.patch @@ -0,0 +1,40 @@ +From 95f666fa10c32233ee202d8b99d05b5e13528a25 Mon Sep 17 00:00:00 2001 +From: Vaclav Dolezal +Date: Thu, 23 Jan 2020 11:26:32 +0100 +Subject: [PATCH] hpmfwupg: move variable definition to .c file + +Signed-off-by: Vaclav Dolezal +--- + include/ipmitool/ipmi_hpmfwupg.h | 2 +- + lib/ipmi_hpmfwupg.c | 2 ++ + 2 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/include/ipmitool/ipmi_hpmfwupg.h b/include/ipmitool/ipmi_hpmfwupg.h +index de65292..07f597b 100644 +--- a/include/ipmitool/ipmi_hpmfwupg.h ++++ b/include/ipmitool/ipmi_hpmfwupg.h +@@ -800,7 +800,7 @@ typedef struct _VERSIONINFO { + char descString[HPMFWUPG_DESC_STRING_LENGTH + 1]; + }VERSIONINFO, *PVERSIONINFO; + +-VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX]; ++extern VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX]; + + #define TARGET_VER (0x01) + #define ROLLBACK_VER (0x02) +diff --git a/lib/ipmi_hpmfwupg.c b/lib/ipmi_hpmfwupg.c +index bbcffc0..d7cdcd6 100644 +--- a/lib/ipmi_hpmfwupg.c ++++ b/lib/ipmi_hpmfwupg.c +@@ -58,6 +58,8 @@ ipmi_intf_get_max_request_data_size(struct ipmi_intf * intf); + + extern int verbose; + ++VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX]; ++ + int HpmfwupgUpgrade(struct ipmi_intf *intf, char *imageFilename, + int activate, int, int); + int HpmfwupgValidateImageIntegrity(struct HpmfwupgUpgradeCtx *pFwupgCtx); +-- +2.20.1 + diff --git a/SOURCES/0009-best-cipher.patch b/SOURCES/0009-best-cipher.patch new file mode 100644 index 0000000..8f999b3 --- /dev/null +++ b/SOURCES/0009-best-cipher.patch @@ -0,0 +1,864 @@ +From f2df2aa5a010544d53589a5b048677406eb40ee8 Mon Sep 17 00:00:00 2001 +From: Vernon Mauery +Date: Mon, 9 Apr 2018 12:28:57 -0700 +Subject: [PATCH] lanplus: Auto-select 'best' cipher suite available + +Current cipher suites could be ranked as this: + 17 > 3 >> all the rest + +Cherry-picked-from: 7772254b62826b894ca629df8c597030a98f4f72 +Cherry-picked-from: f9c699c712f884c82fc1a62f1f61a8d597ac0cfd + +Also fetched some functions/macros for helper.h + +Equals to getting include/ipmitool/helper.h changes from commits: +(oldest first) + + 6c00d44 mc: watchdog get: Update to match IPMI 2.0 spec + e8e94d8 mc: watchdog set: Refactor to reduce complexity + 0310208 mc: Code refactor to reduce copy-paste ratio + 249e092 general: Make byteswapping arch-independent + 5491b12 refix 249e0929: Fix byteswapping helpers + bb1a4cc Refactoring. Improve code reuse ratio. +--- + include/ipmitool/helper.h | 58 ++++++++ + include/ipmitool/ipmi_channel.h | 47 +++++++ + include/ipmitool/ipmi_intf.h | 39 ++++- + lib/ipmi_channel.c | 242 +++++++++++++++----------------- + lib/ipmi_main.c | 23 +-- + src/plugins/ipmi_intf.c | 5 +- + src/plugins/lanplus/lanplus.c | 114 +++++++++++---- + 7 files changed, 360 insertions(+), 168 deletions(-) + +diff --git a/include/ipmitool/helper.h b/include/ipmitool/helper.h +index c53736f..6a2e5f4 100644 +--- a/include/ipmitool/helper.h ++++ b/include/ipmitool/helper.h +@@ -38,6 +38,8 @@ + #include + #include + ++#define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0])) ++ + #ifndef TRUE + #define TRUE 1 + #endif +@@ -111,6 +113,62 @@ FILE * ipmi_open_file(const char * file, int rw); + void ipmi_start_daemon(struct ipmi_intf *intf); + uint16_t ipmi_get_oem_id(struct ipmi_intf *intf); + ++#define IS_SET(v, b) ((v) & (1 << (b))) ++ ++/* le16toh(), hto16le(), et. al. don't exist for Windows or Apple */ ++/* For portability, let's simply define our own versions here */ ++ ++/* IPMI is always little-endian */ ++static inline uint16_t ipmi16toh(void *ipmi16) ++{ ++ uint8_t *ipmi = (uint8_t *)ipmi16; ++ uint16_t h; ++ ++ h = ipmi[1] << 8; /* MSB */ ++ h |= ipmi[0]; /* LSB */ ++ ++ return h; ++} ++ ++static inline void htoipmi16(uint16_t h, uint8_t *ipmi) ++{ ++ ipmi[0] = h & 0xFF; /* LSB */ ++ ipmi[1] = h >> 8; /* MSB */ ++} ++ ++static inline uint32_t ipmi24toh(void *ipmi24) ++{ ++ uint8_t *ipmi = (uint8_t *)ipmi24; ++ uint32_t h = 0; ++ ++ h = ipmi[2] << 16; /* MSB */ ++ h |= ipmi[1] << 8; ++ h |= ipmi[0]; /* LSB */ ++ ++ return h; ++} ++ ++static inline uint32_t ipmi32toh(void *ipmi32) ++{ ++ uint8_t *ipmi = ipmi32; ++ uint32_t h; ++ ++ h = ipmi[3] << 24; /* MSB */ ++ h |= ipmi[2] << 16; ++ h |= ipmi[1] << 8; ++ h |= ipmi[0]; /* LSB */ ++ ++ return h; ++} ++ ++static inline void htoipmi32(uint32_t h, uint8_t *ipmi) ++{ ++ ipmi[0] = h & 0xFF; /* LSB */ ++ ipmi[1] = (h >> 8) & 0xFF; ++ ipmi[2] = (h >> 16) & 0xFF; ++ ipmi[3] = (h >> 24) & 0xFF; /* MSB */ ++} ++ + #define ipmi_open_file_read(file) ipmi_open_file(file, 0) + #define ipmi_open_file_write(file) ipmi_open_file(file, 1) + +diff --git a/include/ipmitool/ipmi_channel.h b/include/ipmitool/ipmi_channel.h +index 3ade2d5..324c0bb 100644 +--- a/include/ipmitool/ipmi_channel.h ++++ b/include/ipmitool/ipmi_channel.h +@@ -37,6 +37,7 @@ + # include + #endif + #include ++#include + + + #define IPMI_GET_CHANNEL_AUTH_CAP 0x38 +@@ -81,6 +82,50 @@ struct channel_access_t { + uint8_t user_level_auth; + }; + ++/* ++ * The Cipher Suite Record Format from table 22-18 of the IPMI v2.0 spec ++ */ ++enum cipher_suite_format_tag { ++ STANDARD_CIPHER_SUITE = 0xc0, ++ OEM_CIPHER_SUITE = 0xc1, ++}; ++#ifdef HAVE_PRAGMA_PACK ++#pragma pack(1) ++#endif ++struct std_cipher_suite_record_t { ++ uint8_t start_of_record; ++ uint8_t cipher_suite_id; ++ uint8_t auth_alg; ++ uint8_t integrity_alg; ++ uint8_t crypt_alg; ++} ATTRIBUTE_PACKING; ++struct oem_cipher_suite_record_t { ++ uint8_t start_of_record; ++ uint8_t cipher_suite_id; ++ uint8_t iana[3]; ++ uint8_t auth_alg; ++ uint8_t integrity_alg; ++ uint8_t crypt_alg; ++} ATTRIBUTE_PACKING; ++#ifdef HAVE_PRAGMA_PACK ++#pragma pack(0) ++#endif ++#define CIPHER_ALG_MASK 0x3f ++#define MAX_CIPHER_SUITE_RECORD_OFFSET 0x40 ++#define MAX_CIPHER_SUITE_DATA_LEN 0x10 ++#define LIST_ALGORITHMS_BY_CIPHER_SUITE 0x80 ++ ++/* Below is the theoretical maximum number of cipher suites that could be ++ * reported by a BMC. That is with the Get Channel Cipher Suites Command, at 16 ++ * bytes at a time and 0x40 requests, it can report 1024 bytes, which is about ++ * 204 standard records or 128 OEM records. Really, we probably don't need more ++ * than about 20, which is the full set of standard records plus a few OEM ++ * records. ++ */ ++#define MAX_CIPHER_SUITE_COUNT (MAX_CIPHER_SUITE_RECORD_OFFSET * \ ++ MAX_CIPHER_SUITE_DATA_LEN / \ ++ sizeof(struct std_cipher_suite_record_t)) ++ + /* + * The Get Authentication Capabilities response structure + * From table 22-15 of the IPMI v2.0 spec +@@ -135,6 +180,8 @@ struct get_channel_auth_cap_rsp { + int _ipmi_get_channel_access(struct ipmi_intf *intf, + struct channel_access_t *channel_access, + uint8_t get_volatile_settings); ++int ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, ++ uint8_t channel, struct cipher_suite_info *suites, size_t *count); + int _ipmi_get_channel_info(struct ipmi_intf *intf, + struct channel_info_t *channel_info); + int _ipmi_set_channel_access(struct ipmi_intf *intf, +diff --git a/include/ipmitool/ipmi_intf.h b/include/ipmitool/ipmi_intf.h +index 0b8c64b..7a07d66 100644 +--- a/include/ipmitool/ipmi_intf.h ++++ b/include/ipmitool/ipmi_intf.h +@@ -61,13 +61,45 @@ enum LANPLUS_SESSION_STATE { + #define IPMI_AUTHCODE_BUFFER_SIZE 20 + #define IPMI_SIK_BUFFER_SIZE IPMI_MAX_MD_SIZE + ++enum cipher_suite_ids { ++ IPMI_LANPLUS_CIPHER_SUITE_0 = 0, ++ IPMI_LANPLUS_CIPHER_SUITE_1 = 1, ++ IPMI_LANPLUS_CIPHER_SUITE_2 = 2, ++ IPMI_LANPLUS_CIPHER_SUITE_3 = 3, ++ IPMI_LANPLUS_CIPHER_SUITE_4 = 4, ++ IPMI_LANPLUS_CIPHER_SUITE_5 = 5, ++ IPMI_LANPLUS_CIPHER_SUITE_6 = 6, ++ IPMI_LANPLUS_CIPHER_SUITE_7 = 7, ++ IPMI_LANPLUS_CIPHER_SUITE_8 = 8, ++ IPMI_LANPLUS_CIPHER_SUITE_9 = 9, ++ IPMI_LANPLUS_CIPHER_SUITE_10 = 10, ++ IPMI_LANPLUS_CIPHER_SUITE_11 = 11, ++ IPMI_LANPLUS_CIPHER_SUITE_12 = 12, ++ IPMI_LANPLUS_CIPHER_SUITE_13 = 13, ++ IPMI_LANPLUS_CIPHER_SUITE_14 = 14, ++#ifdef HAVE_CRYPTO_SHA256 ++ IPMI_LANPLUS_CIPHER_SUITE_15 = 15, ++ IPMI_LANPLUS_CIPHER_SUITE_16 = 16, ++ IPMI_LANPLUS_CIPHER_SUITE_17 = 17, ++#endif /* HAVE_CRYPTO_SHA256 */ ++ IPMI_LANPLUS_CIPHER_SUITE_RESERVED = 0xff, ++}; ++ ++struct cipher_suite_info { ++ enum cipher_suite_ids cipher_suite_id; ++ uint8_t auth_alg; ++ uint8_t integrity_alg; ++ uint8_t crypt_alg; ++ uint32_t iana; ++}; ++ + struct ipmi_session_params { + char * hostname; + uint8_t username[17]; + uint8_t authcode_set[IPMI_AUTHCODE_BUFFER_SIZE + 1]; + uint8_t authtype_set; + uint8_t privlvl; +- uint8_t cipher_suite_id; ++ enum cipher_suite_ids cipher_suite_id; + char sol_escape_char; + int password; + int port; +@@ -217,7 +249,10 @@ void ipmi_intf_session_set_username(struct ipmi_intf * intf, char * username); + void ipmi_intf_session_set_password(struct ipmi_intf * intf, char * password); + void ipmi_intf_session_set_privlvl(struct ipmi_intf * intf, uint8_t privlvl); + void ipmi_intf_session_set_lookupbit(struct ipmi_intf * intf, uint8_t lookupbit); +-void ipmi_intf_session_set_cipher_suite_id(struct ipmi_intf * intf, uint8_t cipher_suite_id); ++#ifdef IPMI_INTF_LANPLUS ++void ipmi_intf_session_set_cipher_suite_id(struct ipmi_intf * intf, ++ enum cipher_suite_ids cipher_suite_id); ++#endif /* IPMI_INTF_LANPLUS */ + void ipmi_intf_session_set_sol_escape_char(struct ipmi_intf * intf, char sol_escape_char); + void ipmi_intf_session_set_kgkey(struct ipmi_intf *intf, const uint8_t *kgkey); + void ipmi_intf_session_set_port(struct ipmi_intf * intf, int port); +diff --git a/lib/ipmi_channel.c b/lib/ipmi_channel.c +index e1fc75f..3ae3104 100644 +--- a/lib/ipmi_channel.c ++++ b/lib/ipmi_channel.c +@@ -342,86 +342,116 @@ ipmi_get_channel_auth_cap(struct ipmi_intf *intf, uint8_t channel, uint8_t priv) + return 0; + } + +-static int ++static size_t ++parse_channel_cipher_suite_data(uint8_t *cipher_suite_data, size_t data_len, ++ struct cipher_suite_info* suites, size_t nr_suites) ++{ ++ size_t count = 0; ++ size_t offset = 0; ++ uint32_t iana; ++ uint8_t auth_alg, integrity_alg, crypt_alg; ++ uint8_t cipher_suite_id; ++ ++ memset(suites, 0, sizeof(*suites) * nr_suites); ++ ++ while (offset < data_len && count < nr_suites) { ++ auth_alg = IPMI_AUTH_RAKP_NONE; ++ integrity_alg = IPMI_INTEGRITY_NONE; ++ crypt_alg = IPMI_CRYPT_NONE; ++ if (cipher_suite_data[offset] == STANDARD_CIPHER_SUITE) { ++ struct std_cipher_suite_record_t *record = ++ (struct std_cipher_suite_record_t*)(&cipher_suite_data[offset]); ++ /* standard type */ ++ iana = 0; ++ ++ /* Verify that we have at least a full record left; id + 3 algs */ ++ if ((data_len - offset) < sizeof(*record)) { ++ lprintf(LOG_INFO, "Incomplete data record in cipher suite data"); ++ break; ++ } ++ cipher_suite_id = record->cipher_suite_id; ++ auth_alg = CIPHER_ALG_MASK & record->auth_alg; ++ integrity_alg = CIPHER_ALG_MASK & record->integrity_alg; ++ crypt_alg = CIPHER_ALG_MASK & record->crypt_alg; ++ offset += sizeof(*record); ++ } else if (cipher_suite_data[offset] == OEM_CIPHER_SUITE) { ++ /* OEM record type */ ++ struct oem_cipher_suite_record_t *record = ++ (struct oem_cipher_suite_record_t*)(&cipher_suite_data[offset]); ++ /* Verify that we have at least a full record left ++ * id + iana + 3 algs ++ */ ++ if ((data_len - offset) < sizeof(*record)) { ++ lprintf(LOG_INFO, "Incomplete data record in cipher suite data"); ++ break; ++ } ++ ++ cipher_suite_id = record->cipher_suite_id; ++ ++ /* Grab the IANA */ ++ iana = ipmi24toh(record->iana); ++ auth_alg = CIPHER_ALG_MASK & record->auth_alg; ++ integrity_alg = CIPHER_ALG_MASK & record->integrity_alg; ++ crypt_alg = CIPHER_ALG_MASK & record->crypt_alg; ++ offset += sizeof(*record); ++ } else { ++ lprintf(LOG_INFO, "Bad start of record byte in cipher suite data (offset %d, value %x)", offset, cipher_suite_data[offset]); ++ break; ++ } ++ suites[count].cipher_suite_id = cipher_suite_id; ++ suites[count].iana = iana; ++ suites[count].auth_alg = auth_alg; ++ suites[count].integrity_alg = integrity_alg; ++ suites[count].crypt_alg = crypt_alg; ++ count++; ++ } ++ return count; ++} ++ ++int + ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, +- uint8_t channel) ++ uint8_t channel, struct cipher_suite_info *suites, size_t *count) + { + struct ipmi_rs *rsp; + struct ipmi_rq req; + + uint8_t rqdata[3]; +- uint32_t iana; +- uint8_t auth_alg, integrity_alg, crypt_alg; +- uint8_t cipher_suite_id; + uint8_t list_index = 0; + /* 0x40 sets * 16 bytes per set */ +- uint8_t cipher_suite_data[1024]; +- uint16_t offset = 0; +- /* how much was returned, total */ +- uint16_t cipher_suite_data_length = 0; ++ uint8_t cipher_suite_data[MAX_CIPHER_SUITE_RECORD_OFFSET * ++ MAX_CIPHER_SUITE_DATA_LEN]; ++ size_t offset = 0; ++ size_t nr_suites = 0; + ++ if (!suites || !count || !*count) ++ return -1; ++ ++ nr_suites = *count; ++ *count = 0; + memset(cipher_suite_data, 0, sizeof(cipher_suite_data)); +- ++ + memset(&req, 0, sizeof(req)); + req.msg.netfn = IPMI_NETFN_APP; + req.msg.cmd = IPMI_GET_CHANNEL_CIPHER_SUITES; + req.msg.data = rqdata; +- req.msg.data_len = 3; ++ req.msg.data_len = sizeof(rqdata); + + rqdata[0] = channel; + rqdata[1] = ((strncmp(payload_type, "ipmi", 4) == 0)? 0: 1); +- /* Always ask for cipher suite format */ +- rqdata[2] = 0x80; +- +- rsp = intf->sendrecv(intf, &req); +- if (rsp == NULL) { +- lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites"); +- return -1; +- } +- if (rsp->ccode > 0) { +- lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s", +- val2str(rsp->ccode, completion_code_vals)); +- return -1; +- } +- +- +- /* +- * Grab the returned channel number once. We assume it's the same +- * in future calls. +- */ +- if (rsp->data_len >= 1) { +- channel = rsp->data[0]; +- } +- +- while ((rsp->data_len > 1) && (rsp->data_len == 17) && (list_index < 0x3F)) { +- /* +- * We got back cipher suite data -- store it. +- * printf("copying data to offset %d\n", offset); +- * printbuf(rsp->data + 1, rsp->data_len - 1, "this is the data"); +- */ +- memcpy(cipher_suite_data + offset, rsp->data + 1, rsp->data_len - 1); +- offset += rsp->data_len - 1; +- +- /* +- * Increment our list for the next call +- */ +- ++list_index; +- rqdata[2] = (rqdata[2] & 0x80) + list_index; + ++ do { ++ /* Always ask for cipher suite format */ ++ rqdata[2] = LIST_ALGORITHMS_BY_CIPHER_SUITE | list_index; + rsp = intf->sendrecv(intf, &req); + if (rsp == NULL) { + lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites"); + return -1; + } +- if (rsp->ccode > 0) { ++ if (rsp->ccode || rsp->data_len < 1) { + lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s", + val2str(rsp->ccode, completion_code_vals)); + return -1; + } +- } +- +- /* Copy last chunk */ +- if(rsp->data_len > 1) { + /* + * We got back cipher suite data -- store it. + * printf("copying data to offset %d\n", offset); +@@ -429,88 +459,46 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, + */ + memcpy(cipher_suite_data + offset, rsp->data + 1, rsp->data_len - 1); + offset += rsp->data_len - 1; +- } + +- /* We can chomp on all our data now. */ +- cipher_suite_data_length = offset; +- offset = 0; ++ /* ++ * Increment our list for the next call ++ */ ++ ++list_index; ++ } while ((rsp->data_len == (sizeof(uint8_t) + MAX_CIPHER_SUITE_DATA_LEN)) && ++ (list_index < MAX_CIPHER_SUITE_RECORD_OFFSET)); + +- if (! csv_output) { +- printf("ID IANA Auth Alg Integrity Alg Confidentiality Alg\n"); +- } +- while (offset < cipher_suite_data_length) { +- if (cipher_suite_data[offset++] == 0xC0) { +- /* standard type */ +- iana = 0; ++ *count = parse_channel_cipher_suite_data(cipher_suite_data, offset, suites, ++ nr_suites); ++ return 0; ++} + +- /* Verify that we have at least a full record left; id + 3 algs */ +- if ((cipher_suite_data_length - offset) < 4) { +- lprintf(LOG_ERR, "Incomplete data record in cipher suite data"); +- return -1; +- } +- cipher_suite_id = cipher_suite_data[offset++]; +- } else if (cipher_suite_data[offset++] == 0xC1) { +- /* OEM record type */ +- /* Verify that we have at least a full record left +- * id + iana + 3 algs +- */ +- if ((cipher_suite_data_length - offset) < 4) { +- lprintf(LOG_ERR, "Incomplete data record in cipher suite data"); +- return -1; +- } ++static int ++ipmi_print_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, ++ uint8_t channel) ++{ ++ int rc; ++ size_t i = 0; ++ struct cipher_suite_info suites[MAX_CIPHER_SUITE_COUNT]; ++ size_t nr_suites = sizeof(*suites); + +- cipher_suite_id = cipher_suite_data[offset++]; ++ rc = ipmi_get_channel_cipher_suites(intf, payload_type, channel, ++ suites, &nr_suites); + +- /* Grab the IANA */ +- iana = +- cipher_suite_data[offset] | +- (cipher_suite_data[offset + 1] << 8) | +- (cipher_suite_data[offset + 2] << 16); +- offset += 3; +- } else { +- lprintf(LOG_ERR, "Bad start of record byte in cipher suite data"); +- return -1; +- } ++ if (rc < 0) ++ return rc; + +- /* +- * Grab the algorithms for this cipher suite. I guess we can't be +- * sure of what order they'll come in. Also, I suppose we default +- * to the NONE algorithm if one were absent. This part of the spec is +- * poorly written -- I have read the errata document. For now, I'm only +- * allowing one algorithm per type (auth, integrity, crypt) because I +- * don't I understand how it could be otherwise. +- */ +- auth_alg = IPMI_AUTH_RAKP_NONE; +- integrity_alg = IPMI_INTEGRITY_NONE; +- crypt_alg = IPMI_CRYPT_NONE; +- +- while (((cipher_suite_data[offset] & 0xC0) != 0xC0) && +- ((cipher_suite_data_length - offset) > 0)) +- { +- switch (cipher_suite_data[offset] & 0xC0) +- { +- case 0x00: +- /* Authentication algorithm specifier */ +- auth_alg = cipher_suite_data[offset++] & 0x3F; +- break; +- case 0x40: +- /* Interity algorithm specifier */ +- integrity_alg = cipher_suite_data[offset++] & 0x3F; +- break; +- case 0x80: +- /* Confidentiality algorithm specifier */ +- crypt_alg = cipher_suite_data[offset++] & 0x3F; +- break; +- } +- } ++ if (! csv_output) { ++ printf("ID IANA Auth Alg Integrity Alg Confidentiality Alg\n"); ++ } ++ for (i = 0; i < nr_suites; i++) { + /* We have everything we need to spit out a cipher suite record */ + printf((csv_output? "%d,%s,%s,%s,%s\n" : + "%-4d %-7s %-15s %-15s %-15s\n"), +- cipher_suite_id, +- iana_string(iana), +- val2str(auth_alg, ipmi_auth_algorithms), +- val2str(integrity_alg, ipmi_integrity_algorithms), +- val2str(crypt_alg, ipmi_encryption_algorithms)); ++ suites[i].cipher_suite_id, ++ iana_string(suites[i].iana), ++ val2str(suites[i].auth_alg, ipmi_auth_algorithms), ++ val2str(suites[i].integrity_alg, ipmi_integrity_algorithms), ++ val2str(suites[i].crypt_alg, ipmi_encryption_algorithms)); + } + return 0; + } +@@ -973,7 +961,7 @@ ipmi_channel_main(struct ipmi_intf *intf, int argc, char **argv) + return (-1); + } + } +- retval = ipmi_get_channel_cipher_suites(intf, ++ retval = ipmi_print_channel_cipher_suites(intf, + argv[1], /* ipmi | sol */ + channel); + } else if (strncmp(argv[0], "setkg", 5) == 0) { +diff --git a/lib/ipmi_main.c b/lib/ipmi_main.c +index 811c80b..6aee102 100644 +--- a/lib/ipmi_main.c ++++ b/lib/ipmi_main.c +@@ -323,6 +323,7 @@ ipmi_main(int argc, char ** argv, + uint8_t target_addr = 0; + uint8_t target_channel = 0; + ++ uint8_t u8tmp = 0; + uint8_t transit_addr = 0; + uint8_t transit_channel = 0; + uint8_t target_lun = 0; +@@ -347,7 +348,10 @@ ipmi_main(int argc, char ** argv, + char * seloem = NULL; + int port = 0; + int devnum = 0; +- int cipher_suite_id = 3; /* See table 22-19 of the IPMIv2 spec */ ++#ifdef IPMI_INTF_LANPLUS ++ /* lookup best cipher suite available */ ++ enum cipher_suite_ids cipher_suite_id = IPMI_LANPLUS_CIPHER_SUITE_RESERVED; ++#endif /* IPMI_INTF_LANPLUS */ + int argflag, i, found; + int rc = -1; + int ai_family = AF_UNSPEC; +@@ -425,19 +429,18 @@ ipmi_main(int argc, char ** argv, + goto out_free; + } + break; ++#ifdef IPMI_INTF_LANPLUS + case 'C': +- if (str2int(optarg, &cipher_suite_id) != 0) { +- lprintf(LOG_ERR, "Invalid parameter given or out of range for '-C'."); +- rc = -1; +- goto out_free; +- } +- /* add check Cipher is -gt 0 */ +- if (cipher_suite_id < 0) { +- lprintf(LOG_ERR, "Cipher suite ID %i is invalid.", cipher_suite_id); ++ /* Cipher Suite ID is a byte as per IPMI specification */ ++ if (str2uchar(optarg, &u8tmp) != 0) { ++ lprintf(LOG_ERR, "Invalid parameter given or out of " ++ "range [0-255] for '-C'."); + rc = -1; + goto out_free; + } ++ cipher_suite_id = u8tmp; + break; ++#endif /* IPMI_INTF_LANPLUS */ + case 'v': + verbose++; + break; +@@ -870,7 +873,9 @@ ipmi_main(int argc, char ** argv, + + ipmi_intf_session_set_lookupbit(ipmi_main_intf, lookupbit); + ipmi_intf_session_set_sol_escape_char(ipmi_main_intf, sol_escape_char); ++#ifdef IPMI_INTF_LANPLUS + ipmi_intf_session_set_cipher_suite_id(ipmi_main_intf, cipher_suite_id); ++#endif /* IPMI_INTF_LANPLUS */ + + ipmi_main_intf->devnum = devnum; + +diff --git a/src/plugins/ipmi_intf.c b/src/plugins/ipmi_intf.c +index 1d9e87b..00b0918 100644 +--- a/src/plugins/ipmi_intf.c ++++ b/src/plugins/ipmi_intf.c +@@ -252,11 +252,14 @@ ipmi_intf_session_set_lookupbit(struct ipmi_intf * intf, uint8_t lookupbit) + intf->ssn_params.lookupbit = lookupbit; + } + ++#ifdef IPMI_INTF_LANPLUS + void +-ipmi_intf_session_set_cipher_suite_id(struct ipmi_intf * intf, uint8_t cipher_suite_id) ++ipmi_intf_session_set_cipher_suite_id(struct ipmi_intf * intf, ++ enum cipher_suite_ids cipher_suite_id) + { + intf->ssn_params.cipher_suite_id = cipher_suite_id; + } ++#endif /* IPMI_INTF_LANPLUS */ + + void + ipmi_intf_session_set_sol_escape_char(struct ipmi_intf * intf, char sol_escape_char) +diff --git a/src/plugins/lanplus/lanplus.c b/src/plugins/lanplus/lanplus.c +index a0e388c..3087348 100644 +--- a/src/plugins/lanplus/lanplus.c ++++ b/src/plugins/lanplus/lanplus.c +@@ -164,114 +164,109 @@ extern int verbose; + * returns 0 on success + * 1 on failure + */ +-int lanplus_get_requested_ciphers(int cipher_suite_id, ++int lanplus_get_requested_ciphers(enum cipher_suite_ids cipher_suite_id, + uint8_t * auth_alg, + uint8_t * integrity_alg, + uint8_t * crypt_alg) + { +-#ifdef HAVE_CRYPTO_SHA256 +- if ((cipher_suite_id < 0) || (cipher_suite_id > 17)) { +- return 1; +- } +-#else +- if ((cipher_suite_id < 0) || (cipher_suite_id > 14)) +- return 1; +-#endif /* HAVE_CRYPTO_SHA256 */ + /* See table 22-19 for the source of the statement */ + switch (cipher_suite_id) + { +- case 0: ++ case IPMI_LANPLUS_CIPHER_SUITE_0: + *auth_alg = IPMI_AUTH_RAKP_NONE; + *integrity_alg = IPMI_INTEGRITY_NONE; + *crypt_alg = IPMI_CRYPT_NONE; + break; +- case 1: ++ case IPMI_LANPLUS_CIPHER_SUITE_1: + *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1; + *integrity_alg = IPMI_INTEGRITY_NONE; + *crypt_alg = IPMI_CRYPT_NONE; + break; +- case 2: ++ case IPMI_LANPLUS_CIPHER_SUITE_2: + *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1; + *integrity_alg = IPMI_INTEGRITY_HMAC_SHA1_96; + *crypt_alg = IPMI_CRYPT_NONE; + break; +- case 3: ++ case IPMI_LANPLUS_CIPHER_SUITE_3: + *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1; + *integrity_alg = IPMI_INTEGRITY_HMAC_SHA1_96; + *crypt_alg = IPMI_CRYPT_AES_CBC_128; + break; +- case 4: ++ case IPMI_LANPLUS_CIPHER_SUITE_4: + *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1; + *integrity_alg = IPMI_INTEGRITY_HMAC_SHA1_96; + *crypt_alg = IPMI_CRYPT_XRC4_128; + break; +- case 5: ++ case IPMI_LANPLUS_CIPHER_SUITE_5: + *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1; + *integrity_alg = IPMI_INTEGRITY_HMAC_SHA1_96; + *crypt_alg = IPMI_CRYPT_XRC4_40; + break; +- case 6: ++ case IPMI_LANPLUS_CIPHER_SUITE_6: + *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; + *integrity_alg = IPMI_INTEGRITY_NONE; + *crypt_alg = IPMI_CRYPT_NONE; + break; +- case 7: ++ case IPMI_LANPLUS_CIPHER_SUITE_7: + *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; + *integrity_alg = IPMI_INTEGRITY_HMAC_MD5_128; + *crypt_alg = IPMI_CRYPT_NONE; + break; +- case 8: ++ case IPMI_LANPLUS_CIPHER_SUITE_8: + *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; + *integrity_alg = IPMI_INTEGRITY_HMAC_MD5_128; + *crypt_alg = IPMI_CRYPT_AES_CBC_128; + break; +- case 9: ++ case IPMI_LANPLUS_CIPHER_SUITE_9: + *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; + *integrity_alg = IPMI_INTEGRITY_HMAC_MD5_128; + *crypt_alg = IPMI_CRYPT_XRC4_128; + break; +- case 10: ++ case IPMI_LANPLUS_CIPHER_SUITE_10: + *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; + *integrity_alg = IPMI_INTEGRITY_HMAC_MD5_128; + *crypt_alg = IPMI_CRYPT_XRC4_40; + break; +- case 11: ++ case IPMI_LANPLUS_CIPHER_SUITE_11: + *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; + *integrity_alg = IPMI_INTEGRITY_MD5_128; + *crypt_alg = IPMI_CRYPT_NONE; + break; +- case 12: ++ case IPMI_LANPLUS_CIPHER_SUITE_12: + *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; + *integrity_alg = IPMI_INTEGRITY_MD5_128; + *crypt_alg = IPMI_CRYPT_AES_CBC_128; + break; +- case 13: ++ case IPMI_LANPLUS_CIPHER_SUITE_13: + *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; + *integrity_alg = IPMI_INTEGRITY_MD5_128; + *crypt_alg = IPMI_CRYPT_XRC4_128; + break; +- case 14: ++ case IPMI_LANPLUS_CIPHER_SUITE_14: + *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; + *integrity_alg = IPMI_INTEGRITY_MD5_128; + *crypt_alg = IPMI_CRYPT_XRC4_40; + break; + #ifdef HAVE_CRYPTO_SHA256 +- case 15: ++ case IPMI_LANPLUS_CIPHER_SUITE_15: + *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA256; + *integrity_alg = IPMI_INTEGRITY_NONE; + *crypt_alg = IPMI_CRYPT_NONE; + break; +- case 16: ++ case IPMI_LANPLUS_CIPHER_SUITE_16: + *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA256; + *integrity_alg = IPMI_INTEGRITY_HMAC_SHA256_128; + *crypt_alg = IPMI_CRYPT_NONE; + break; +- case 17: ++ case IPMI_LANPLUS_CIPHER_SUITE_17: + *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA256; + *integrity_alg = IPMI_INTEGRITY_HMAC_SHA256_128; + *crypt_alg = IPMI_CRYPT_AES_CBC_128; + break; + #endif /* HAVE_CRYPTO_SHA256 */ ++ case IPMI_LANPLUS_CIPHER_SUITE_RESERVED: ++ default: ++ return 1; + } + + return 0; +@@ -3441,6 +3436,57 @@ ipmi_set_session_privlvl_cmd(struct ipmi_intf * intf) + return 0; + } + ++static uint8_t ++ipmi_find_best_cipher_suite(struct ipmi_intf *intf) ++{ ++ enum cipher_suite_ids best_suite = IPMI_LANPLUS_CIPHER_SUITE_RESERVED; ++#ifdef HAVE_CRYPTO_SHA256 ++ struct cipher_suite_info suites[MAX_CIPHER_SUITE_COUNT]; ++ size_t nr_suites = ARRAY_SIZE(suites); ++ /* cipher suite best order is chosen with this criteria: ++ * HMAC-MD5 and MD5 are BAD; xRC4 is bad; AES128 is required ++ * HMAC-SHA256 > HMAC-SHA1 ++ * secure authentication > encrypted content ++ * ++ * With xRC4 out, all cipher suites with MD5 out, and cipher suite 3 being ++ * required by the spec, the only better defined standard cipher suite is ++ * 17. So if SHA256 is available, we should try to use that, otherwise, ++ * fall back to 3. ++ */ ++ const enum cipher_suite_ids cipher_order_preferred[] = { ++ IPMI_LANPLUS_CIPHER_SUITE_17, ++ IPMI_LANPLUS_CIPHER_SUITE_3, ++ }; ++ const size_t nr_preferred = ARRAY_SIZE(cipher_order_preferred); ++ size_t ipref, i; ++ ++ if (ipmi_get_channel_cipher_suites(intf, "ipmi", IPMI_LAN_CHANNEL_E, ++ suites, &nr_suites) < 0) ++ { ++ /* default legacy behavior - cipher suite 3 if none is requested */ ++ return IPMI_LANPLUS_CIPHER_SUITE_3; ++ } ++ for (ipref = 0; ipref < nr_preferred && ++ IPMI_LANPLUS_CIPHER_SUITE_RESERVED == best_suite; ipref++) ++ { ++ for (i = 0; i < nr_suites; i++) { ++ if (cipher_order_preferred[ipref] == suites[i].cipher_suite_id) { ++ best_suite = cipher_order_preferred[ipref]; ++ break; ++ } ++ } ++ } ++#endif /* HAVE_CRYPTO_SHA256 */ ++ if (IPMI_LANPLUS_CIPHER_SUITE_RESERVED == best_suite) { ++ /* IPMI 2.0 spec requires that cipher suite 3 is implemented ++ * so we should always be able to fall back to that if better ++ * options are not available. */ ++ best_suite = IPMI_LANPLUS_CIPHER_SUITE_3; ++ } ++ lprintf(LOG_INFO, "Using best available cipher suite %d\n", best_suite); ++ return best_suite; ++} ++ + /** + * ipmi_lanplus_open + */ +@@ -3514,6 +3560,16 @@ ipmi_lanplus_open(struct ipmi_intf * intf) + lprintf(LOG_INFO, "This BMC does not support IPMI v2 / RMCP+"); + goto fail; + } ++ /* ++ * If no cipher suite was provided, query the channel cipher suite list and ++ * pick the best one available ++ */ ++ if (IPMI_LANPLUS_CIPHER_SUITE_RESERVED == ++ intf->ssn_params.cipher_suite_id) ++ { ++ ipmi_intf_session_set_cipher_suite_id(intf, ++ ipmi_find_best_cipher_suite(intf)); ++ } + + /* + * If the open/rakp1/rakp3 sequence encounters a timeout, the whole sequence +@@ -3728,7 +3784,7 @@ static int ipmi_lanplus_setup(struct ipmi_intf * intf) + + static void ipmi_lanp_set_max_rq_data_size(struct ipmi_intf * intf, uint16_t size) + { +- if (intf->ssn_params.cipher_suite_id == 3) { ++ if (intf->ssn_params.cipher_suite_id == IPMI_LANPLUS_CIPHER_SUITE_3) { + /* + * encrypted payload can only be multiple of 16 bytes + */ +@@ -3746,7 +3802,7 @@ static void ipmi_lanp_set_max_rq_data_size(struct ipmi_intf * intf, uint16_t siz + + static void ipmi_lanp_set_max_rp_data_size(struct ipmi_intf * intf, uint16_t size) + { +- if (intf->ssn_params.cipher_suite_id == 3) { ++ if (intf->ssn_params.cipher_suite_id == IPMI_LANPLUS_CIPHER_SUITE_3) { + /* + * encrypted payload can only be multiple of 16 bytes + */ +-- +2.20.1 + diff --git a/SOURCES/0010-pef-missing-newline.patch b/SOURCES/0010-pef-missing-newline.patch new file mode 100644 index 0000000..7650333 --- /dev/null +++ b/SOURCES/0010-pef-missing-newline.patch @@ -0,0 +1,33 @@ +From f65ea137f0d03f883219a791a49cf8ea7e16776a Mon Sep 17 00:00:00 2001 +From: Vaclav Dolezal +Date: Fri, 1 Mar 2019 14:46:12 +0100 +Subject: [PATCH] Fix "ipmitool pef {status,info}" not printing final newline + +Signed-off-by: Vaclav Dolezal +--- + lib/ipmi_pef.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/lib/ipmi_pef.c b/lib/ipmi_pef.c +index bbf25f2..4be749e 100644 +--- a/lib/ipmi_pef.c ++++ b/lib/ipmi_pef.c +@@ -1183,6 +1183,7 @@ ipmi_pef2_get_info(struct ipmi_intf *intf) + ipmi_pef_print_guid(guid_ptr); + } + ipmi_pef_print_flags(&pef_b2s_actions, P_SUPP, pcap.actions); ++ putchar('\n'); + return 0; + } + +@@ -1242,6 +1243,7 @@ ipmi_pef2_get_status(struct ipmi_intf *intf) + return (-1); + } + ipmi_pef_print_flags(&pef_b2s_actions, P_ACTV, rsp->data[1]); ++ putchar('\n'); + return 0; + } + +-- +2.20.1 + diff --git a/SOURCES/0011-expand-sensor-name-column.patch b/SOURCES/0011-expand-sensor-name-column.patch new file mode 100644 index 0000000..85e0c92 --- /dev/null +++ b/SOURCES/0011-expand-sensor-name-column.patch @@ -0,0 +1,57 @@ +From 57b57b27fe2c17e3030c41ee5566af36ccd33941 Mon Sep 17 00:00:00 2001 +From: Vaclav Dolezal +Date: Thu, 30 Jan 2020 16:18:37 +0100 +Subject: [PATCH] Expand column with name in ipmitool sdr/sensor output + +--- + lib/ipmi_sdr.c | 4 ++-- + lib/ipmi_sensor.c | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c +index fd2c02d..0f6faab 100644 +--- a/lib/ipmi_sdr.c ++++ b/lib/ipmi_sdr.c +@@ -1619,7 +1619,7 @@ ipmi_sdr_print_sensor_fc(struct ipmi_intf *intf, + /* + * print sensor name, reading, state + */ +- printf("%-16s | ", sr->s_id); ++ printf("%-24s | ", sr->s_id); + + memset(sval, 0, sizeof (sval)); + +@@ -1657,7 +1657,7 @@ ipmi_sdr_print_sensor_fc(struct ipmi_intf *intf, + /* + * print sensor name, number, state, entity, reading + */ +- printf("%-16s | %02Xh | ", ++ printf("%-24s | %02Xh | ", + sr->s_id, sensor->keys.sensor_num); + + if (IS_THRESHOLD_SENSOR(sensor)) { +diff --git a/lib/ipmi_sensor.c b/lib/ipmi_sensor.c +index a0b7eb8..7328508 100644 +--- a/lib/ipmi_sensor.c ++++ b/lib/ipmi_sensor.c +@@ -175,7 +175,7 @@ ipmi_sensor_print_fc_discrete(struct ipmi_intf *intf, + /* output format + * id value units status thresholds.... + */ +- printf("%-16s ", sr->s_id); ++ printf("%-24s ", sr->s_id); + if (sr->s_reading_valid) { + if (sr->s_has_analog_value) { + /* don't show discrete component */ +@@ -276,7 +276,7 @@ ipmi_sensor_print_fc_threshold(struct ipmi_intf *intf, + /* output format + * id value units status thresholds.... + */ +- printf("%-16s ", sr->s_id); ++ printf("%-24s ", sr->s_id); + if (sr->s_reading_valid) { + if (sr->s_has_analog_value) + printf("| %-10.3f | %-10s | %-6s", +-- +2.20.1 + diff --git a/SOURCES/0012-CVE-2020-5208.patch b/SOURCES/0012-CVE-2020-5208.patch new file mode 100644 index 0000000..4d5a487 --- /dev/null +++ b/SOURCES/0012-CVE-2020-5208.patch @@ -0,0 +1,378 @@ +From b3e74778c65ba3ffc8a9b3133c87588ee5d18a74 Mon Sep 17 00:00:00 2001 +From: Chrostoper Ertl +Date: Thu, 28 Nov 2019 16:33:59 +0000 +Subject: [PATCH] Fixes for CVE-2020-5208 + +see https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp + +This patch is combination of following commits: + +pick e824c23316ae50beb7f7488f2055ac65e8b341f2 fru: Fix buffer overflow vulnerabilities +pick 840fb1cbb4fb365cb9797300e3374d4faefcdb10 fru: Fix buffer overflow in ipmi_spd_print_fru +pick 41d7026946fafbd4d1ec0bcaca3ea30a6e8eed22 session: Fix buffer overflow in ipmi_get_session_info +pick 9452be87181a6e83cfcc768b3ed8321763db50e4 channel: Fix buffer overflow +pick d45572d71e70840e0d4c50bf48218492b79c1a10 lanp: Fix buffer overflows in get_lan_param_select +pick 7ccea283dd62a05a320c1921e3d8d71a87772637 fru, sdr: Fix id_string buffer overflows +--- + lib/dimm_spd.c | 9 ++++++++- + lib/ipmi_channel.c | 5 ++++- + lib/ipmi_fru.c | 35 ++++++++++++++++++++++++++++++++--- + lib/ipmi_lanp.c | 14 +++++++------- + lib/ipmi_sdr.c | 40 ++++++++++++++++++++++++---------------- + lib/ipmi_session.c | 12 ++++++++---- + 6 files changed, 83 insertions(+), 32 deletions(-) + +diff --git a/lib/dimm_spd.c b/lib/dimm_spd.c +index 41e30db..68f3b4f 100644 +--- a/lib/dimm_spd.c ++++ b/lib/dimm_spd.c +@@ -1621,7 +1621,7 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id) + struct ipmi_rq req; + struct fru_info fru; + uint8_t *spd_data, msg_data[4]; +- int len, offset; ++ uint32_t len, offset; + + msg_data[0] = id; + +@@ -1697,6 +1697,13 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id) + } + + len = rsp->data[0]; ++ if(rsp->data_len < 1 ++ || len > rsp->data_len - 1 ++ || len > fru.size - offset) ++ { ++ printf(" Not enough buffer size"); ++ return -1; ++ } + memcpy(&spd_data[offset], rsp->data + 1, len); + offset += len; + } while (offset < fru.size); +diff --git a/lib/ipmi_channel.c b/lib/ipmi_channel.c +index 3ae3104..80ba522 100644 +--- a/lib/ipmi_channel.c ++++ b/lib/ipmi_channel.c +@@ -447,7 +447,10 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, + lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites"); + return -1; + } +- if (rsp->ccode || rsp->data_len < 1) { ++ if (rsp->ccode ++ || rsp->data_len < 1 ++ || rsp->data_len > sizeof(uint8_t) + MAX_CIPHER_SUITE_DATA_LEN) ++ { + lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s", + val2str(rsp->ccode, completion_code_vals)); + return -1; +diff --git a/lib/ipmi_fru.c b/lib/ipmi_fru.c +index cf00eff..98bc984 100644 +--- a/lib/ipmi_fru.c ++++ b/lib/ipmi_fru.c +@@ -615,7 +615,10 @@ int + read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + uint32_t offset, uint32_t length, uint8_t *frubuf) + { +- uint32_t off = offset, tmp, finish; ++ uint32_t off = offset; ++ uint32_t tmp; ++ uint32_t finish; ++ uint32_t size_left_in_buffer; + struct ipmi_rs * rsp; + struct ipmi_rq req; + uint8_t msg_data[4]; +@@ -628,10 +631,12 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + + finish = offset + length; + if (finish > fru->size) { ++ memset(frubuf + fru->size, 0, length - fru->size); + finish = fru->size; + lprintf(LOG_NOTICE, "Read FRU Area length %d too large, " + "Adjusting to %d", + offset + length, finish - offset); ++ length = finish - offset; + } + + memset(&req, 0, sizeof(req)); +@@ -667,6 +672,7 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + } + } + ++ size_left_in_buffer = length; + do { + tmp = fru->access ? off >> 1 : off; + msg_data[0] = id; +@@ -707,9 +713,18 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + } + + tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0]; ++ if(rsp->data_len < 1 ++ || tmp > rsp->data_len - 1 ++ || tmp > size_left_in_buffer) ++ { ++ printf(" Not enough buffer size"); ++ return -1; ++ } ++ + memcpy(frubuf, rsp->data + 1, tmp); + off += tmp; + frubuf += tmp; ++ size_left_in_buffer -= tmp; + /* sometimes the size returned in the Info command + * is too large. return 0 so higher level function + * still attempts to parse what was returned */ +@@ -742,7 +757,9 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + uint32_t offset, uint32_t length, uint8_t *frubuf) + { + static uint32_t fru_data_rqst_size = 20; +- uint32_t off = offset, tmp, finish; ++ uint32_t off = offset; ++ uint32_t tmp, finish; ++ uint32_t size_left_in_buffer; + struct ipmi_rs * rsp; + struct ipmi_rq req; + uint8_t msg_data[4]; +@@ -755,10 +772,12 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + + finish = offset + length; + if (finish > fru->size) { ++ memset(frubuf + fru->size, 0, length - fru->size); + finish = fru->size; + lprintf(LOG_NOTICE, "Read FRU Area length %d too large, " + "Adjusting to %d", + offset + length, finish - offset); ++ length = finish - offset; + } + + memset(&req, 0, sizeof(req)); +@@ -773,6 +792,8 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + if (fru->access && fru_data_rqst_size > 16) + #endif + fru_data_rqst_size = 16; ++ ++ size_left_in_buffer = length; + do { + tmp = fru->access ? off >> 1 : off; + msg_data[0] = id; +@@ -804,8 +825,16 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, + } + + tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0]; ++ if(rsp->data_len < 1 ++ || tmp > rsp->data_len - 1 ++ || tmp > size_left_in_buffer) ++ { ++ printf(" Not enough buffer size"); ++ return -1; ++ } + memcpy((frubuf + off)-offset, rsp->data + 1, tmp); + off += tmp; ++ size_left_in_buffer -= tmp; + + /* sometimes the size returned in the Info command + * is too large. return 0 so higher level function +@@ -3033,7 +3062,7 @@ ipmi_fru_print(struct ipmi_intf * intf, struct sdr_record_fru_locator * fru) + return 0; + + memset(desc, 0, sizeof(desc)); +- memcpy(desc, fru->id_string, fru->id_code & 0x01f); ++ memcpy(desc, fru->id_string, __min(fru->id_code & 0x01f, sizeof(desc))); + desc[fru->id_code & 0x01f] = 0; + printf("FRU Device Description : %s (ID %d)\n", desc, fru->device_id); + +diff --git a/lib/ipmi_lanp.c b/lib/ipmi_lanp.c +index 65d881b..022c7f1 100644 +--- a/lib/ipmi_lanp.c ++++ b/lib/ipmi_lanp.c +@@ -1809,7 +1809,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + /* set new ipaddr */ + memcpy(data+3, temp, 4); + printf("Setting LAN Alert %d IP Address to %d.%d.%d.%d\n", alert, +@@ -1824,7 +1824,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + /* set new macaddr */ + memcpy(data+7, temp, 6); + printf("Setting LAN Alert %d MAC Address to " +@@ -1838,7 +1838,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (strncasecmp(argv[1], "def", 3) == 0 || + strncasecmp(argv[1], "default", 7) == 0) { +@@ -1864,7 +1864,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (strncasecmp(argv[1], "on", 2) == 0 || + strncasecmp(argv[1], "yes", 3) == 0) { +@@ -1889,7 +1889,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (strncasecmp(argv[1], "pet", 3) == 0) { + printf("Setting LAN Alert %d destination to PET Trap\n", alert); +@@ -1917,7 +1917,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (str2uchar(argv[1], &data[2]) != 0) { + lprintf(LOG_ERR, "Invalid time: %s", argv[1]); +@@ -1933,7 +1933,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, + if (p == NULL) { + return (-1); + } +- memcpy(data, p->data, p->data_len); ++ memcpy(data, p->data, __min(p->data_len, sizeof(data))); + + if (str2uchar(argv[1], &data[3]) != 0) { + lprintf(LOG_ERR, "Invalid retry: %s", argv[1]); +diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c +index 0f6faab..9890132 100644 +--- a/lib/ipmi_sdr.c ++++ b/lib/ipmi_sdr.c +@@ -2086,7 +2086,7 @@ ipmi_sdr_print_sensor_eventonly(struct ipmi_intf *intf, + return -1; + + memset(desc, 0, sizeof (desc)); +- snprintf(desc, (sensor->id_code & 0x1f) + 1, "%s", sensor->id_string); ++ snprintf(desc, sizeof(desc), "%.*s", (sensor->id_code & 0x1f) + 1, sensor->id_string); + + if (verbose) { + printf("Sensor ID : %s (0x%x)\n", +@@ -2137,7 +2137,7 @@ ipmi_sdr_print_sensor_mc_locator(struct ipmi_intf *intf, + return -1; + + memset(desc, 0, sizeof (desc)); +- snprintf(desc, (mc->id_code & 0x1f) + 1, "%s", mc->id_string); ++ snprintf(desc, sizeof(desc), "%.*s", (mc->id_code & 0x1f) + 1, mc->id_string); + + if (verbose == 0) { + if (csv_output) +@@ -2230,7 +2230,7 @@ ipmi_sdr_print_sensor_generic_locator(struct ipmi_intf *intf, + char desc[17]; + + memset(desc, 0, sizeof (desc)); +- snprintf(desc, (dev->id_code & 0x1f) + 1, "%s", dev->id_string); ++ snprintf(desc, sizeof(desc), "%.*s", (dev->id_code & 0x1f) + 1, dev->id_string); + + if (!verbose) { + if (csv_output) +@@ -2287,7 +2287,7 @@ ipmi_sdr_print_sensor_fru_locator(struct ipmi_intf *intf, + char desc[17]; + + memset(desc, 0, sizeof (desc)); +- snprintf(desc, (fru->id_code & 0x1f) + 1, "%s", fru->id_string); ++ snprintf(desc, sizeof(desc), "%.*s", (fru->id_code & 0x1f) + 1, fru->id_string); + + if (!verbose) { + if (csv_output) +@@ -2491,35 +2491,43 @@ ipmi_sdr_print_name_from_rawentry(struct ipmi_intf *intf, uint16_t id, + + int rc =0; + char desc[17]; ++ const char *id_string; ++ uint8_t id_code; + memset(desc, ' ', sizeof (desc)); + + switch ( type) { + case SDR_RECORD_TYPE_FULL_SENSOR: + record.full = (struct sdr_record_full_sensor *) raw; +- snprintf(desc, (record.full->id_code & 0x1f) +1, "%s", +- (const char *)record.full->id_string); ++ id_code = record.full->id_code; ++ id_string = record.full->id_string; + break; ++ + case SDR_RECORD_TYPE_COMPACT_SENSOR: + record.compact = (struct sdr_record_compact_sensor *) raw ; +- snprintf(desc, (record.compact->id_code & 0x1f) +1, "%s", +- (const char *)record.compact->id_string); ++ id_code = record.compact->id_code; ++ id_string = record.compact->id_string; + break; ++ + case SDR_RECORD_TYPE_EVENTONLY_SENSOR: + record.eventonly = (struct sdr_record_eventonly_sensor *) raw ; +- snprintf(desc, (record.eventonly->id_code & 0x1f) +1, "%s", +- (const char *)record.eventonly->id_string); +- break; ++ id_code = record.eventonly->id_code; ++ id_string = record.eventonly->id_string; ++ break; ++ + case SDR_RECORD_TYPE_MC_DEVICE_LOCATOR: + record.mcloc = (struct sdr_record_mc_locator *) raw ; +- snprintf(desc, (record.mcloc->id_code & 0x1f) +1, "%s", +- (const char *)record.mcloc->id_string); ++ id_code = record.mcloc->id_code; ++ id_string = record.mcloc->id_string; + break; ++ + default: + rc = -1; +- break; +- } ++ } ++ if (!rc) { ++ snprintf(desc, sizeof(desc), "%.*s", (id_code & 0x1f) + 1, id_string); ++ } + +- lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc); ++ lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc); + return rc; + } + +diff --git a/lib/ipmi_session.c b/lib/ipmi_session.c +index 141f0f4..b9af1fd 100644 +--- a/lib/ipmi_session.c ++++ b/lib/ipmi_session.c +@@ -309,8 +309,10 @@ ipmi_get_session_info(struct ipmi_intf * intf, + } + else + { +- memcpy(&session_info, rsp->data, rsp->data_len); +- print_session_info(&session_info, rsp->data_len); ++ memcpy(&session_info, rsp->data, ++ __min(rsp->data_len, sizeof(session_info))); ++ print_session_info(&session_info, ++ __min(rsp->data_len, sizeof(session_info))); + } + break; + +@@ -341,8 +343,10 @@ ipmi_get_session_info(struct ipmi_intf * intf, + break; + } + +- memcpy(&session_info, rsp->data, rsp->data_len); +- print_session_info(&session_info, rsp->data_len); ++ memcpy(&session_info, rsp->data, ++ __min(rsp->data_len, sizeof(session_info))); ++ print_session_info(&session_info, ++ __min(rsp->data_len, sizeof(session_info))); + + } while (i <= session_info.session_slot_count); + break; +-- +2.20.1 + diff --git a/SOURCES/0013-quanta-oem-support.patch b/SOURCES/0013-quanta-oem-support.patch new file mode 100644 index 0000000..d4b3809 --- /dev/null +++ b/SOURCES/0013-quanta-oem-support.patch @@ -0,0 +1,420 @@ +From 87a898756a7bd54898c1f6d2a5441efb1f810b67 Mon Sep 17 00:00:00 2001 +From: qctbmc +Date: Tue, 10 Jul 2018 11:21:55 +0800 +Subject: [PATCH] oem: Add basic support for Quanta + +--- + include/ipmitool/Makefile.am | 2 +- + include/ipmitool/ipmi_quantaoem.h | 55 +++++++++ + lib/Makefile.am | 2 +- + lib/ipmi_main.c | 1 + + lib/ipmi_oem.c | 14 +++ + lib/ipmi_quantaoem.c | 184 ++++++++++++++++++++++++++++++ + lib/ipmi_sel.c | 21 +++- + src/ipmitool.c | 1 + + 8 files changed, 274 insertions(+), 6 deletions(-) + create mode 100644 include/ipmitool/ipmi_quantaoem.h + create mode 100644 lib/ipmi_quantaoem.c + +diff --git a/include/ipmitool/Makefile.am b/include/ipmitool/Makefile.am +index 9093a56..8bc584a 100644 +--- a/include/ipmitool/Makefile.am ++++ b/include/ipmitool/Makefile.am +@@ -39,4 +39,4 @@ noinst_HEADERS = log.h bswap.h hpm2.h helper.h ipmi.h ipmi_cc.h ipmi_intf.h \ + ipmi_fwum.h ipmi_main.h ipmi_tsol.h ipmi_firewall.h \ + ipmi_kontronoem.h ipmi_ekanalyzer.h ipmi_gendev.h ipmi_ime.h \ + ipmi_delloem.h ipmi_dcmi.h ipmi_vita.h ipmi_sel_supermicro.h \ +- ipmi_cfgp.h ipmi_lanp6.h ++ ipmi_cfgp.h ipmi_lanp6.h ipmi_quantaoem.h +diff --git a/include/ipmitool/ipmi_quantaoem.h b/include/ipmitool/ipmi_quantaoem.h +new file mode 100644 +index 0000000..544f510 +--- /dev/null ++++ b/include/ipmitool/ipmi_quantaoem.h +@@ -0,0 +1,55 @@ ++/* ++ * Copyright (c) 2018 Quanta Computer Inc. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * Redistribution of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * Redistribution in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * ++ * Neither the name of Quanta Computer Inc. or the names of ++ * contributors may be used to endorse or promote products derived ++ * from this software without specific prior written permission. ++ * ++ * This software is provided "AS IS," without a warranty of any kind. ++ * ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, ++ * INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A ++ * PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. ++ * Quanta Computer Inc. AND ITS LICENSORS SHALL NOT BE LIABLE ++ * FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING ++ * OR DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL ++ * Quanta Computer Inc. OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, ++ * OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR ++ * PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF ++ * LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, ++ * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. ++ */ ++ ++#ifndef IPMI_QUANTAOEM_H ++#define IPMI_QUANTAOEM_H ++ ++#if HAVE_CONFIG_H ++# include ++#endif ++#include ++#include ++ ++#define OEM_QCT_NETFN 0x36 ++#define OEM_QCT_GET_INFO 0x65 ++ ++typedef enum ++{ ++ OEM_QCT_PLATFORM_UNKNOWN = 0, ++ OEM_QCT_PLATFORM_GRANTLEY, ++ OEM_QCT_PLATFORM_PURLEY ++} qct_platform_t; ++ ++qct_platform_t oem_qct_get_platform_id(struct ipmi_intf *intf); ++char *oem_qct_get_evt_desc(struct ipmi_intf *intf, struct sel_event_record *rec); ++ ++#endif /*IPMI_QUANTAOEM_H*/ +diff --git a/lib/Makefile.am b/lib/Makefile.am +index cc69a8f..e7568f3 100644 +--- a/lib/Makefile.am ++++ b/lib/Makefile.am +@@ -41,7 +41,7 @@ libipmitool_la_SOURCES = helper.c ipmi_sdr.c ipmi_sel.c ipmi_sol.c ipmi_pef.c \ + ipmi_main.c ipmi_tsol.c ipmi_firewall.c ipmi_kontronoem.c \ + ipmi_hpmfwupg.c ipmi_sdradd.c ipmi_ekanalyzer.c ipmi_gendev.c \ + ipmi_ime.c ipmi_delloem.c ipmi_dcmi.c hpm2.c ipmi_vita.c \ +- ipmi_lanp6.c ipmi_cfgp.c \ ++ ipmi_lanp6.c ipmi_cfgp.c ipmi_quantaoem.c \ + ../src/plugins/lan/md5.c ../src/plugins/lan/md5.h + + libipmitool_la_LDFLAGS = -export-dynamic +diff --git a/lib/ipmi_main.c b/lib/ipmi_main.c +index 6aee102..9d4a148 100644 +--- a/lib/ipmi_main.c ++++ b/lib/ipmi_main.c +@@ -75,6 +75,7 @@ + #include + #include + #include ++#include + + #ifdef HAVE_CONFIG_H + # include +diff --git a/lib/ipmi_oem.c b/lib/ipmi_oem.c +index 96db2ea..86fd803 100644 +--- a/lib/ipmi_oem.c ++++ b/lib/ipmi_oem.c +@@ -39,6 +39,7 @@ + + static int ipmi_oem_supermicro(struct ipmi_intf * intf); + static int ipmi_oem_ibm(struct ipmi_intf * intf); ++static int ipmi_oem_quanta(struct ipmi_intf * intf); + + static struct ipmi_oem_handle ipmi_oem_list[] = { + { +@@ -71,6 +72,11 @@ static struct ipmi_oem_handle ipmi_oem_list[] = { + .name = "kontron", + .desc = "Kontron OEM big buffer support" + }, ++ { ++ .name = "quanta", ++ .desc = "Quanta IPMIv1.5 BMC with OEM LAN authentication support", ++ .setup = ipmi_oem_quanta, ++ }, + { 0 } + }; + +@@ -93,6 +99,14 @@ ipmi_oem_ibm(struct ipmi_intf * intf) + return ipmi_sel_oem_init((const char *)filename); + } + ++/* Quanta IPMIv2 BMCs use OEM authtype */ ++static int ++ipmi_oem_quanta(struct ipmi_intf * intf) ++{ ++ ipmi_intf_session_set_authtype(intf, IPMI_SESSION_AUTHTYPE_OEM); ++ return 0; ++} ++ + /* ipmi_oem_print - print list of OEM handles + */ + void +diff --git a/lib/ipmi_quantaoem.c b/lib/ipmi_quantaoem.c +new file mode 100644 +index 0000000..7b4c5c6 +--- /dev/null ++++ b/lib/ipmi_quantaoem.c +@@ -0,0 +1,184 @@ ++/* ++ * Copyright (c) 2018 Quanta Computer Inc. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * Redistribution of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * Redistribution in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * ++ * Neither the name of Quanta Computer Inc. or the names of ++ * contributors may be used to endorse or promote products derived ++ * from this software without specific prior written permission. ++ * ++ * This software is provided "AS IS," without a warranty of any kind. ++ * ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, ++ * INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A ++ * PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. ++ * Quanta Computer Inc. AND ITS LICENSORS SHALL NOT BE LIABLE ++ * FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING ++ * OR DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL ++ * Quanta Computer Inc. OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, ++ * OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR ++ * PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF ++ * LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, ++ * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. ++ */ ++#define _XOPEN_SOURCE ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++/* Max Size of the description String to be displyed for the Each sel entry */ ++#define SIZE_OF_DESC 128 ++ ++#define CPU_SHIFT 6 ++#define CPU_MASK 0X03 ++#define CPU_NUM(x) (((x) >> CPU_SHIFT) & CPU_MASK) ++ ++#define CHANNEL_BASE 0x41 ++#define CHANNEL_SHIFT 3 ++#define CHANNEL_MASK 0x07 ++#define CHANNEL_OFFSET(x) (((x) >> CHANNEL_SHIFT) & CHANNEL_MASK) ++#define CHANNEL_NUM(x) (CHANNEL_BASE + CHANNEL_OFFSET(x)) ++ ++#define DIMM_MASK 0x07 ++#define DIMM_NUM(x) ((x) & DIMM_MASK) ++ ++#define GET_PLATFORM_ID_DATA_SIZE 4 ++ ++// Magic code to check if it's valid command ++#define QCT_MAGIC_1 0x4C ++#define QCT_MAGIC_2 0x1C ++#define QCT_MAGIC_3 0x00 ++#define QCT_MAGIC_4 0x02 ++ ++qct_platform_t ++oem_qct_get_platform_id(struct ipmi_intf *intf) ++{ ++ /* Execute a Get platform ID command to determine the board */ ++ struct ipmi_rs *rsp; ++ struct ipmi_rq req; ++ qct_platform_t platform_id; ++ uint8_t msg_data[GET_PLATFORM_ID_DATA_SIZE]; ++ ++ /* Ask for IPMI v2 data as well */ ++ msg_data[0] = QCT_MAGIC_1; ++ msg_data[1] = QCT_MAGIC_2; ++ msg_data[2] = QCT_MAGIC_3; ++ msg_data[3] = QCT_MAGIC_4; ++ ++ memset(&req, 0, sizeof(req)); ++ req.msg.netfn = OEM_QCT_NETFN; ++ req.msg.cmd = OEM_QCT_GET_INFO; ++ req.msg.data = msg_data; ++ req.msg.data_len = sizeof(msg_data); ++ ++ rsp = intf->sendrecv(intf, &req); ++ if (rsp == NULL) { ++ lprintf(LOG_ERR, "Get Platform ID command failed"); ++ return 0; ++ } ++ if (rsp->ccode) { ++ lprintf(LOG_ERR, "Get Platform ID command failed: %#x %s", ++ rsp->ccode, val2str(rsp->ccode, completion_code_vals)); ++ return 0; ++ } ++ platform_id = rsp->data[0]; ++ lprintf(LOG_DEBUG,"Platform ID: %hhx", rsp->data[0]); ++ return platform_id; ++} ++ ++char * ++oem_qct_get_evt_desc(struct ipmi_intf *intf, struct sel_event_record *rec) ++{ ++ struct ipmi_rs *rsp; ++ struct ipmi_rq req; ++ char *desc = NULL; ++ int data; ++ int sensor_type; ++ qct_platform_t platform_id; ++ ++ /* Get the OEM event Bytes of the SEL Records byte 15 to data */ ++ data = rec->sel_type.standard_type.event_data[2]; ++ /* Check for the Standard Event type == 0x6F */ ++ if (rec->sel_type.standard_type.event_type != 0x6F) { ++ goto out; ++ } ++ /* Allocate mem for te Description string */ ++ desc = malloc(SIZE_OF_DESC); ++ if (desc == NULL) { ++ lprintf(LOG_ERR, "ipmitool: malloc failure"); ++ goto out; ++ } ++ memset(desc, 0, SIZE_OF_DESC); ++ sensor_type = rec->sel_type.standard_type.sensor_type; ++ switch (sensor_type) { ++ case SENSOR_TYPE_MEMORY: ++ memset(&req, 0, sizeof (req)); ++ req.msg.netfn = IPMI_NETFN_APP; ++ req.msg.lun = 0; ++ req.msg.cmd = BMC_GET_DEVICE_ID; ++ req.msg.data = NULL; ++ req.msg.data_len = 0; ++ ++ rsp = intf->sendrecv(intf, &req); ++ if (rsp == NULL) { ++ lprintf(LOG_ERR, " Error getting system info"); ++ goto out; ++ } else if (rsp->ccode) { ++ lprintf(LOG_ERR, " Error getting system info: %s", ++ val2str(rsp->ccode, completion_code_vals)); ++ goto out; ++ } ++ /* check the platform type */ ++ platform_id = oem_qct_get_platform_id(intf); ++ if (OEM_QCT_PLATFORM_PURLEY == platform_id) { ++ snprintf(desc, SIZE_OF_DESC, "CPU%d_%c%d", ++ CPU_NUM(data), ++ CHANNEL_NUM(data), ++ DIMM_NUM(data)); ++ } ++ break; ++ default: ++ goto out; ++ } ++ return desc; ++out: ++ if (desc) { ++ free(desc); ++ desc = NULL; ++ } ++ return desc; ++} +diff --git a/lib/ipmi_sel.c b/lib/ipmi_sel.c +index 8b0395e..a54fefd 100644 +--- a/lib/ipmi_sel.c ++++ b/lib/ipmi_sel.c +@@ -50,6 +50,7 @@ + #include + #include + #include ++#include + + extern int verbose; + static int sel_extended = 0; +@@ -1244,6 +1245,9 @@ ipmi_get_oem_desc(struct ipmi_intf * intf, struct sel_event_record * rec) + case IPMI_OEM_SUPERMICRO_47488: + desc = get_supermicro_evt_desc(intf, rec); + break; ++ case IPMI_OEM_QUANTA: ++ desc = oem_qct_get_evt_desc(intf, rec); ++ break; + case IPMI_OEM_UNKNOWN: + default: + break; +@@ -1349,6 +1353,9 @@ ipmi_get_event_desc(struct ipmi_intf * intf, struct sel_event_record * rec, char + sfx = ipmi_get_oem_desc(intf, rec); + break; + /* add your oem sensor assignation here */ ++ case IPMI_OEM_QUANTA: ++ sfx = ipmi_get_oem_desc(intf, rec); ++ break; + default: + lprintf(LOG_DEBUG, "oem sensor type %x using standard type supplied description", + rec->sel_type.standard_type.sensor_type ); +@@ -1359,9 +1366,12 @@ ipmi_get_event_desc(struct ipmi_intf * intf, struct sel_event_record * rec, char + case IPMI_OEM_SUPERMICRO: + case IPMI_OEM_SUPERMICRO_47488: + sfx = ipmi_get_oem_desc(intf, rec); +- break; ++ break; ++ case IPMI_OEM_QUANTA: ++ sfx = ipmi_get_oem_desc(intf, rec); ++ break; + default: +- break; ++ break; + } + } + /* +@@ -1986,9 +1996,12 @@ ipmi_sel_print_std_entry(struct ipmi_intf * intf, struct sel_event_record * evt) + case IPMI_OEM_SUPERMICRO: + case IPMI_OEM_SUPERMICRO_47488: + print_sensor = 0; +- break; ++ break; ++ case IPMI_OEM_QUANTA: ++ print_sensor = 0; ++ break; + default: +- break; ++ break; + } + /* + * Sensor-Specific Discrete +diff --git a/src/ipmitool.c b/src/ipmitool.c +index 5e19c6e..ec0b741 100644 +--- a/src/ipmitool.c ++++ b/src/ipmitool.c +@@ -66,6 +66,7 @@ + #include + #include + #include ++#include + + #ifdef HAVE_CONFIG_H + # include +-- +2.20.1 + diff --git a/SOURCES/0014-lanplus-cipher-retry.patch b/SOURCES/0014-lanplus-cipher-retry.patch new file mode 100644 index 0000000..9aa3437 --- /dev/null +++ b/SOURCES/0014-lanplus-cipher-retry.patch @@ -0,0 +1,38 @@ +From 9d72def87ecc384d0a46525c766e755068fefe54 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?V=C3=A1clav=20Dole=C5=BEal?= +Date: Thu, 28 May 2020 13:32:31 +0200 +Subject: [PATCH] lanplus: don't retry pre-session Get cipher suites +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Some BMCs are ignoring it, causing needless delay. + +Signed-off-by: Václav Doležal +--- + src/plugins/lanplus/lanplus.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/plugins/lanplus/lanplus.c b/src/plugins/lanplus/lanplus.c +index 3087348..c442c0e 100644 +--- a/src/plugins/lanplus/lanplus.c ++++ b/src/plugins/lanplus/lanplus.c +@@ -3459,9 +3459,13 @@ ipmi_find_best_cipher_suite(struct ipmi_intf *intf) + }; + const size_t nr_preferred = ARRAY_SIZE(cipher_order_preferred); + size_t ipref, i; ++ int rc; ++ int retry_old = intf->ssn_params.retry; + +- if (ipmi_get_channel_cipher_suites(intf, "ipmi", IPMI_LAN_CHANNEL_E, +- suites, &nr_suites) < 0) ++ ipmi_intf_session_set_retry(intf, 1); ++ rc = ipmi_get_channel_cipher_suites(intf, "ipmi", IPMI_LAN_CHANNEL_E, suites, &nr_suites); ++ ipmi_intf_session_set_retry(intf, retry_old); ++ if (rc < 0) + { + /* default legacy behavior - cipher suite 3 if none is requested */ + return IPMI_LANPLUS_CIPHER_SUITE_3; +-- +2.25.4 + diff --git a/SOURCES/0015-lanplus-Cleanup.-Refix-6dec83ff-fix-be2c0c4b.patch b/SOURCES/0015-lanplus-Cleanup.-Refix-6dec83ff-fix-be2c0c4b.patch new file mode 100644 index 0000000..3be5e44 --- /dev/null +++ b/SOURCES/0015-lanplus-Cleanup.-Refix-6dec83ff-fix-be2c0c4b.patch @@ -0,0 +1,65 @@ +From 646160e2175f9e0ba33e4f2bda12d84555e9c30e Mon Sep 17 00:00:00 2001 +From: Alexander Amelkin +Date: Thu, 29 Nov 2018 13:10:53 +0300 +Subject: [PATCH] lanplus: Cleanup. Refix 6dec83ff, fix be2c0c4b + +This is a cleanup commit. + +Commit 6dec83ff removed assignment of `rsp` pointer +in SOL-processing block of ipmi_lan_poll_single(), +but left the check for the pointer validity in place. +Although that has effectively fixed the bug of potentially +accessing the null `rsp` pointer in the `else` block introduced +with be2c0c4b, the resulting if/else looked suspicious and left +and impression that a NULL pointer could still be accessed. + +This commit removes the check for `rsp` from the `if` +as it is checked at the start of the function where `rsp` +is initialized (and that is the only place where it is ever changed). + +Signed-off-by: Alexander Amelkin +(cherry picked from commit 64727f59c4a1412fdb73e092fb838ae66e2aad1a) + +lanplus: Fix segfault for truncated dcmi response + +On occasion a dcmi power reading will return error C6, and a +truncated response payload. As the decrypted payload is shorter +than the expected length, lanplus_decrypt_aes_cbc_128() adjusts +the payload_size downward by one byte. In ipmi_lan_poll_single() +the calculation to determine if the payload size has increased +erroniously sets extra_data_length to -1, with a subsequent +segv when calling a memmove to shift response data. +The fix is to check for a positive value in the extra_data_length. + +Resolves ipmitool/ipmitool#72 + +(cherry picked from commit 9ec2232321a7bca7e1fb8f939d071f12c8dfa7fd) +--- + src/plugins/lanplus/lanplus.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/plugins/lanplus/lanplus.c b/src/plugins/lanplus/lanplus.c +index c442c0e..ef132f6 100644 +--- a/src/plugins/lanplus/lanplus.c ++++ b/src/plugins/lanplus/lanplus.c +@@ -814,7 +814,7 @@ ipmi_lan_poll_single(struct ipmi_intf * intf) + * rsp->data_len becomes the length of that data + */ + extra_data_length = payload_size - (offset - payload_start) - 1; +- if (extra_data_length) { ++ if (extra_data_length > 0) { + rsp->data_len = extra_data_length; + memmove(rsp->data, rsp->data + offset, extra_data_length); + } else { +@@ -868,7 +868,7 @@ ipmi_lan_poll_single(struct ipmi_intf * intf) + } + read_sol_packet(rsp, &offset); + extra_data_length = payload_size - (offset - payload_start); +- if (rsp && extra_data_length) { ++ if (extra_data_length > 0) { + rsp->data_len = extra_data_length; + memmove(rsp->data, rsp->data + offset, extra_data_length); + } else { +-- +2.26.3 + diff --git a/SOURCES/exchange-bmc-os-info b/SOURCES/exchange-bmc-os-info new file mode 100644 index 0000000..c23b507 --- /dev/null +++ b/SOURCES/exchange-bmc-os-info @@ -0,0 +1,326 @@ +#!/bin/sh +############################################################################# +# +# exchange-bmc-os-info: Set OS and BMC (Baseboard Management Controller) +# parameters during system startup. +# +# version: 0.72 +# +# Authors: Charles Rose +# Jordan Hargrave +# +# Description: Script to set OS information in the BMC; fetch BMC IP/URL +# and set in the OS for use by other scripts/user. +# +# BMC IP and URL are made available in /var/run/bmc-info +# +# Example to launch BMC web-interface: +# # . /var/run/bmc-info +# # xdg-open $BMC_URL +# +# See here for details: +# https://fedoraproject.org/wiki/Features/AgentFreeManagement +# +# OEM Specific: OEM specific ipmi commands go in: +# 'oem_set_os_version' and 'oem_get_bmc_url' +############################################################################# +# +# chkconfig: 345 99 00 +# description: Set OS name, hostname in BMC; make BMC IP/URL available in OS +# processname: exchange-bmc-os-info +# config: /etc/sysconfig/exchange-bmc-os-info +# +### BEGIN INIT INFO +# Provides: exchange-bmc-os-info +# Required-Start: ipmi +# Default-Start: 3 4 5 +# Default-Stop: 0 1 2 6 + + +############################################################################# +# GLOBALS +############################################################################# +CONFIGFILE=/etc/sysconfig/exchange-bmc-os-info +IPMI_TOOL=/usr/bin/ipmitool +BMC_INFO=/var/run/bmc-info + +# BMC Manufacturer ID used in 'oem_set_os_version' and 'oem_get_bmc_url' +DELL="674" +#OTHER_OEM="123" + +# Defaults for ${CONFIGFILE} +SET_OS_INFO="yes" +RESET_OS_INFO="no" +SET_BMC_INFO="yes" + +# getsysinfo and setsysinfo commands +IPMI_SET_SYSINFO="${IPMI_TOOL} mc setsysinfo" +IPMI_GET_SYSINFO="${IPMI_TOOL} mc getsysinfo" +############################################################################# +SCRIPT_NAME=$(basename $0) + +# source config +[ -r ${CONFIGFILE} ] && . ${CONFIGFILE} + +RETVAL=0 + +if [ -f /bin/gettext.sh ]; then + GETTEXT=1 + . /bin/gettext.sh + OUTPUT="eval_gettext" +else + GETTEXT=0 + OUTPUT="echo" +fi + +############################################################################# +# Get Vendor ID of BMC for use in 'oem_set_os_version' and 'oem_get_bmc_url' +# +get_bmc_vendor_id() +{ + BMC_VENDOR=$(${IPMI_TOOL} mc info 2>/dev/null | \ + sed -n "s#^Manufacturer ID.*: ##p") + [ -z "${BMC_VENDOR}" ] && RETVAL=4 +} + +# set/getsysinfo support was added to ipmitool post v1.8.12 via this patch +# http://sourceforge.net/mailarchive/message.php?msg_id=29647222 +check_ipmitool() +{ + if [ -x ${IPMI_TOOL} ]; then + [ ! ${IPMI_GET_SYSINFO} >/dev/null 2>&1 ] && \ + RETVAL=3 + else + RETVAL=2 + fi +} + +bmc_exists() +{ + check_ipmitool + [ $RETVAL -eq 0 ] && get_bmc_vendor_id + return $RETVAL +} +############################################################################# + +get_os_info() +{ + OS_HOSTNAME=$(hostname) + KERNEL_VERSION=$(uname -r -m) + + if [ -e /etc/lsb-release ] ; then + . /etc/lsb-release + NAME=${DISTRIB_ID} + VERSION="${DISTRIB_RELEASE} ${DISTRIB_CODENAME}" + fi + + # we prefer systemd's /etc/os-release over other sources + [ -e /etc/os-release ] && . /etc/os-release + + OS_NAME=${NAME} + OS_VERSION="${VERSION} kernel ${KERNEL_VERSION}" +} + +oem_set_os_version() +{ + # OS Version setting is not standard yet + # we need per vendor oem commands + case "${BMC_VENDOR}" in + $DELL) ${IPMI_SET_SYSINFO} delloem_os_version \ + "${OS_VERSION}" > /dev/null 2>&1 + return $? + ;; +# Add OEM specific commands. +# Example: +# $OTHER_OEM) ${IPMI_SET_SYSINFO} otheroem_os_version \ +# "${OS_VERSION}" > /dev/null 2>&1 +# return $? +# ;; + *) return 0 + ;; + esac +} + +set_os_info() +{ + # Set and reset OS info in the BMC + if [ "$1" = "reset" ]; then + OS_NAME="" + OS_HOSTNAME="" + OS_VERSION="" + fi + + ${IPMI_SET_SYSINFO} os_name "${OS_NAME}" >/dev/null 2>&1 \ + || RETVAL=6 + ${IPMI_SET_SYSINFO} primary_os_name "${OS_NAME}" >/dev/null 2>&1 \ + || RETVAL=6 + ${IPMI_SET_SYSINFO} system_name "${OS_HOSTNAME}" >/dev/null 2>&1 \ + || RETVAL=6 + oem_set_os_version || RETVAL=6 +} + +############################################################################# +valid_url() +{ + url="(https?|http)://[a-z0-9-]+(\.[a-z0-9-]+)+([/?].*)?" + printf -- "%s" "${TMP_URL}"| grep -Eq "^${url}" + return $? +} + +oem_get_bmc_url() +{ + # BMC URL is not standard yet + # we need per vendor oem commands + case "$BMC_VENDOR" in + $DELL) TMP_URL=$(${IPMI_GET_SYSINFO} delloem_url 2> /dev/null) + ;; +# Add OEM specific commands +# Example: +# $OTHER_OEM) +# TMP_URL=$(${IPMI_GET_SYSINFO} otheroem_url 2> /dev/null) +# ;; + *) TMP_URL="" ;; + esac + + valid_url && BMC_URL=${TMP_URL} || BMC_URL="" +} + +valid_ip() +{ + #Thanks to mkyong.com + octet="([01]?[[:digit:]][[:digit:]]?|2[0-4][[:digit:]]|25[0-5])" + + printf -- "%s" "${TMP_IPv4}"| grep -Eq "^${octet}\\.${octet}\\.${octet}\\.${octet}$" + return $? +} + +get_bmc_ip() +{ + #Thanks to http://ingvar.blog.redpill-linpro.com + for CHANNEL in `seq 1 14` + do + [ $(${IPMI_TOOL} lan print ${CHANNEL} 2>/dev/null \ + | grep -q "^Set") ] || break + done + + # Get BMC_IPv4 and BMC_URL from BMC + TMP_IPv4=$(${IPMI_TOOL} lan print ${CHANNEL} 2>/dev/null \ + | sed -n "s#^IP Address .*: ##p") + + valid_ip && BMC_IPv4=${TMP_IPv4} || BMC_IPv4="" +} + +get_bmc_info() +{ + get_bmc_ip + if [ -z "${BMC_IPv4}" ] || [ "${BMC_IPv4}" = "0.0.0.0" ]; then + BMC_IPv4="" + RETVAL=5 + else + # URL makes sense only if there is an IP + oem_get_bmc_url + fi +} + +set_bmc_info() +{ + if [ ! $(touch "${BMC_INFO}" && chmod 600 "${BMC_INFO}") ]; then + printf "BMC_IPv4=%s\n" "${BMC_IPv4}" > "${BMC_INFO}" + [ -n "${BMC_URL}" ] && \ + printf "BMC_URL=%s\n" "${BMC_URL}" >> "${BMC_INFO}" + else + RETVAL=5 + fi +} + +unset_bmc_info() +{ + [ -f ${BMC_INFO} ] && rm -f ${BMC_INFO} > /dev/null 2>&1 +} + +############################################################################# +start() +{ + if bmc_exists; then + [ "${SET_OS_INFO}" = "yes" ] && \ + get_os_info && set_os_info + + if [ "${SET_BMC_INFO}" = "yes" ]; then + get_bmc_info + if [ ${RETVAL} -eq 0 ]; then + set_bmc_info + fi + fi + fi +} + +############################################################################# +stop() +{ + if bmc_exists; then + # reset OS info while system reboots + # aids with debugging OS boot-up issues + if [ "${RESET_OS_INFO}" = "yes" ]; then + set_os_info reset + fi + unset_bmc_info + fi +} + +############################################################################# +restart() +{ + stop + [ $RETVAL -eq 0 ] && start +} + +############################################################################# +status() +{ + [ -r ${BMC_INFO} ] && \ + grep -q "BMC_IPv4" "${BMC_INFO}" >/dev/null 1>&2 && \ + BMC_STATUS="ok" || BMC_STATUS="inactive" + ${OUTPUT} "${SCRIPT_NAME}: ${BMC_STATUS}" 1>&2 + [ ${GETTEXT} -eq 1 ] && echo +} + +############################################################################# +usage() +{ + ${OUTPUT} "Usage: ${SCRIPT_NAME} {start|stop|restart|status}" 1>&2 + [ ${GETTEXT} -eq 1 ] && echo + RETVAL=1 +} + +############################################################################# +# MAIN +############################################################################# +case "$1" in + start) start ;; + stop) stop ;; + restart) restart ;; + status) status ;; + *) usage ;; +esac + +case "$RETVAL" in + 0|1) ;; + 2) ${OUTPUT} "${SCRIPT_NAME}: ipmitool(1) not found." 1>&2 ;; + 3) ${OUTPUT} "${SCRIPT_NAME}: this version of ipmitool does not support getsysinfo." 1>&2 ;; + 4) ${OUTPUT} "${SCRIPT_NAME}: failed to communicate with BMC." 1>&2 ;; + 5) ${OUTPUT} "${SCRIPT_NAME}: failed to set OS information in BMC." 1>&2 ;; + 6) ${OUTPUT} "${SCRIPT_NAME}: failed to get BMC information." 1>&2 ;; + *) ${OUTPUT} "${SCRIPT_NAME}: unexpected error." 1>&2 ;; +esac + +if [ ${RETVAL} -gt 1 ]; then + ${OUTPUT} " Return code: ${RETVAL}" 1>&2 + [ ${GETTEXT} -eq 1 ] && echo +fi + + +exit ${RETVAL} + +############################################################################# +# end of file +############################################################################# diff --git a/SOURCES/exchange-bmc-os-info.service b/SOURCES/exchange-bmc-os-info.service new file mode 100644 index 0000000..100493b --- /dev/null +++ b/SOURCES/exchange-bmc-os-info.service @@ -0,0 +1,13 @@ +[Unit] +Description=Exchange Information between BMC and OS +After=ipmi.service network.target +Requires=ipmi.service + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/libexec/exchange-bmc-os-info start +ExecStop=/usr/libexec/exchange-bmc-os-info stop + +[Install] +WantedBy=multi-user.target diff --git a/SOURCES/exchange-bmc-os-info.sysconf b/SOURCES/exchange-bmc-os-info.sysconf new file mode 100644 index 0000000..2f0e675 --- /dev/null +++ b/SOURCES/exchange-bmc-os-info.sysconf @@ -0,0 +1,26 @@ +# exchange-bmc-os-info +# +# Config file to control Exchange of information between +# the OS and Service Processor/Baseboard Management Controller (BMC) +# +# See here for details +# https://fedoraproject.org/wiki/Features/AgentFreeManagement + +### Set OS Info in BMC/Service Processor ### +# Name: SET_OS_INFO +# Description: Set OS Name, Version and Hostname in the Service Processor (BMC) +# Default: yes +SET_OS_INFO="yes" + +### Reset OS Info in BMC/Service Processor ### +# Name: RESET_OS_INFO +# Description: Reset OS Name, Version and Hostname in the Service Processor (BMC). +# Useful when the OS Name/Hostname should be empty on reboot +# Default: no +RESET_OS_INFO="no" + +### Set BMC/Service Processor Info in OS ### +# Name; SET_BMC_INFO +# Description: Set IP Address and URL of Service Processor/BMC in /run/bmc-info +# Default: yes +SET_BMC_INFO="yes" diff --git a/SOURCES/ipmievd.service b/SOURCES/ipmievd.service new file mode 100644 index 0000000..88c22c2 --- /dev/null +++ b/SOURCES/ipmievd.service @@ -0,0 +1,13 @@ +[Unit] +Description=Ipmievd Daemon +After=syslog.target +After=ipmi.service + +[Service] +EnvironmentFile=-/etc/sysconfig/ipmievd +ExecStart=/usr/sbin/ipmievd $IPMIEVD_OPTIONS +Type=forking +PIDFile=/var/run/ipmievd.pid + +[Install] +WantedBy=multi-user.target diff --git a/SOURCES/openipmi-ipmievd.sysconf b/SOURCES/openipmi-ipmievd.sysconf new file mode 100644 index 0000000..8cc15e0 --- /dev/null +++ b/SOURCES/openipmi-ipmievd.sysconf @@ -0,0 +1 @@ +IPMIEVD_OPTIONS="sel daemon pidfile=/var/run/ipmievd.pid" diff --git a/SOURCES/set-bmc-url.sh b/SOURCES/set-bmc-url.sh new file mode 100644 index 0000000..a179981 --- /dev/null +++ b/SOURCES/set-bmc-url.sh @@ -0,0 +1,11 @@ +# Export BMC URL +# + +BMC_INFO="/var/run/bmc-info" + +if [ "$(id -u)" = "0" ]; then + [ -f ${BMC_INFO} ] && . ${BMC_INFO} && \ + export "${BMC_URL}" "${BMC_IPv4}" >/dev/null 2>&1 +fi + +unset BMC_INFO diff --git a/SPECS/ipmitool.spec b/SPECS/ipmitool.spec new file mode 100644 index 0000000..e3c4027 --- /dev/null +++ b/SPECS/ipmitool.spec @@ -0,0 +1,432 @@ +%global gitname IPMITOOL +%global gitversion 1_8_18 + +Name: ipmitool +Summary: Utility for IPMI control +Version: 1.8.18 +Release: 25%{?dist} +License: BSD +URL: http://ipmitool.sourceforge.net/ +Source0: https://github.com/%{name}/%{name}/archive/%{gitname}_%{gitversion}/%{name}-%{version}.tar.gz +Source1: openipmi-ipmievd.sysconf +Source2: ipmievd.service +Source3: exchange-bmc-os-info.service +Source4: exchange-bmc-os-info.sysconf +Source5: set-bmc-url.sh +Source6: exchange-bmc-os-info + +Patch1: 0001-CVE-2011-4339-OpenIPMI.patch +# WARNING: THIS PATCH MUST BE USED FOR RAWHIDE (f26+) BRANCH +Patch2: 0002-openssl.patch +Patch3: 0003-ipmitool-1.8.11-set-kg-key.patch +Patch4: 0004-slowswid.patch +Patch5: 0005-sensor-id-length.patch +Patch6: 0006-enable-usb.patch +Patch7: 0007-check-input.patch +Patch8: 0008-add-extern.patch +Patch9: 0009-best-cipher.patch +Patch10: 0010-pef-missing-newline.patch +Patch11: 0011-expand-sensor-name-column.patch +Patch12: 0012-CVE-2020-5208.patch +Patch13: 0013-quanta-oem-support.patch +Patch14: 0014-lanplus-cipher-retry.patch +Patch15: 0015-lanplus-Cleanup.-Refix-6dec83ff-fix-be2c0c4b.patch + +BuildRequires: openssl-devel readline-devel ncurses-devel +%{?systemd_requires} +BuildRequires: systemd +# bootstrap +BuildRequires: automake autoconf libtool +Obsoletes: OpenIPMI-tools < 2.0.14-3 +Provides: OpenIPMI-tools = 2.0.14-3 + + +%description +This package contains a utility for interfacing with devices that support +the Intelligent Platform Management Interface specification. IPMI is +an open standard for machine health, inventory, and remote power control. + +This utility can communicate with IPMI-enabled devices through either a +kernel driver such as OpenIPMI or over the RMCP LAN protocol defined in +the IPMI specification. IPMIv2 adds support for encrypted LAN +communications and remote Serial-over-LAN functionality. + +It provides commands for reading the Sensor Data Repository (SDR) and +displaying sensor values, displaying the contents of the System Event +Log (SEL), printing Field Replaceable Unit (FRU) information, reading and +setting LAN configuration, and chassis power control. + + +%package -n ipmievd +Requires: ipmitool +%{?systemd_requires} +BuildRequires: systemd +Summary: IPMI event daemon for sending events to syslog +%description -n ipmievd +ipmievd is a daemon which will listen for events from the BMC that are +being sent to the SEL and also log those messages to syslog. + + +%package -n bmc-snmp-proxy +Requires: net-snmp +Requires: exchange-bmc-os-info +BuildArch: noarch +Summary: Reconfigure SNMP to include host SNMP agent within BMC +%description -n bmc-snmp-proxy +Given a host with BMC, this package would extend system configuration +of net-snmp to include redirections to BMC based SNMP. + + +%package -n exchange-bmc-os-info +Requires: hostname +Requires: ipmitool +BuildArch: noarch +%{?systemd_requires} +BuildRequires: systemd +BuildRequires: make + +Summary: Let OS and BMC exchange info + +%description -n exchange-bmc-os-info +Given a host with BMC, this package would pass the hostname & +OS information to the BMC and also capture the BMC ip info +for the host OS to use. + + +%prep +%autosetup -n %{name}-%{gitname}_%{gitversion} -p1 + +for f in AUTHORS ChangeLog; do + iconv -f iso-8859-1 -t utf8 < ${f} > ${f}.utf8 + mv ${f}.utf8 ${f} +done + +%build +# --disable-dependency-tracking speeds up the build +# --enable-file-security adds some security checks +# --disable-intf-free disables FreeIPMI support - we don't want to depend on +# FreeIPMI libraries, FreeIPMI has its own ipmitoool-like utility. + +# begin: release auto-tools +# Used to be needed by aarch64 support, now only cxoem patch makefiles are left. +aclocal +libtoolize --automake --copy +autoheader +automake --foreign --add-missing --copy +aclocal +autoconf +automake --foreign +# end: release auto-tools + +%configure --disable-dependency-tracking --enable-file-security --disable-intf-free +make %{?_smp_mflags} + +%install +make DESTDIR=%{buildroot} install + +install -Dpm 644 %{SOURCE2} %{buildroot}%{_unitdir}/ipmievd.service +install -Dpm 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/sysconfig/ipmievd +install -Dm 644 %{SOURCE3} %{buildroot}%{_unitdir}/exchange-bmc-os-info.service +install -Dm 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/exchange-bmc-os-info +install -Dm 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/profile.d/set-bmc-url.sh +install -Dm 755 %{SOURCE6} %{buildroot}%{_libexecdir}/exchange-bmc-os-info + + +install -Dm 644 contrib/bmc-snmp-proxy.sysconf %{buildroot}%{_sysconfdir}/sysconfig/bmc-snmp-proxy +install -Dm 644 contrib/bmc-snmp-proxy.service %{buildroot}%{_unitdir}/bmc-snmp-proxy.service +install -Dm 755 contrib/bmc-snmp-proxy %{buildroot}%{_libexecdir}/bmc-snmp-proxy + +%post -n ipmievd +%systemd_post ipmievd.service + +%preun -n ipmievd +%systemd_preun ipmievd.service + +%postun -n ipmievd +%systemd_postun_with_restart ipmievd.service + +%post -n exchange-bmc-os-info +%systemd_post exchange-bmc-os-info.service + +%preun -n exchange-bmc-os-info +%systemd_preun exchange-bmc-os-info.service + +%postun -n exchange-bmc-os-info +%systemd_postun_with_restart exchange-bmc-os-info.service + + +%triggerun -- ipmievd < 1.8.11-7 +# Save the current service runlevel info +# User must manually run systemd-sysv-convert --apply ipmievd +# to migrate them to systemd targets +/usr/bin/systemd-sysv-convert --save ipmievd >/dev/null 2>&1 ||: + +# Run these because the SysV package being removed won't do them +/sbin/chkconfig --del ipmievd >/dev/null 2>&1 || : +/bin/systemctl try-restart ipmievd.service >/dev/null 2>&1 || : + +%files +%{_bindir}/ipmitool +%{_mandir}/man1/ipmitool.1* +%doc %{_datadir}/doc/ipmitool +%{_datadir}/ipmitool + +%files -n ipmievd +%config(noreplace) %{_sysconfdir}/sysconfig/ipmievd +%{_unitdir}/ipmievd.service +%{_sbindir}/ipmievd +%{_mandir}/man8/ipmievd.8* + +%files -n exchange-bmc-os-info +%config(noreplace) %{_sysconfdir}/sysconfig/exchange-bmc-os-info +%{_sysconfdir}/profile.d/set-bmc-url.sh +%{_unitdir}/exchange-bmc-os-info.service +%{_libexecdir}/exchange-bmc-os-info + +%files -n bmc-snmp-proxy +%config(noreplace) %{_sysconfdir}/sysconfig/bmc-snmp-proxy +%{_unitdir}/bmc-snmp-proxy.service +%{_libexecdir}/bmc-snmp-proxy + +%changelog +* Mon Feb 7 2022 Pavel Cahyna - 1.8.18-25 +- Apply changes from RHEL 8 (#1811941, #1831158, #1951480) + Resolves: rhbz#2051621 + +* Mon Aug 09 2021 Mohan Boddu - 1.8.18-24 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Wed Jun 16 2021 Mohan Boddu - 1.8.18-23 +- Rebuilt for RHEL 9 BETA for openssl 3.0 + Related: rhbz#1971065 + +* Fri Apr 16 2021 Mohan Boddu - 1.8.18-22 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Tue Jan 26 2021 Fedora Release Engineering - 1.8.18-21 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 1.8.18-20 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Thu Feb 06 2020 Václav Doležal - 1.8.18-19 +- Backport fix for CVE-2020-5208 (#1798722); for details see + https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp + +* Mon Feb 03 2020 Václav Doležal - 1.8.18-18 +- Backport patch to autoselect best cipher suite when working over lanplus backend +- Fixed 'ipmitool pef status/info' not printing final newline +- Expanded column for sensor name in 'ipmi sdr/sensor' output so longer names are aligned + +* Wed Jan 29 2020 Fedora Release Engineering - 1.8.18-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Thu Jan 23 2020 Václav Doležal - 1.8.18-16 +- Fix FTBFS with GCC 10 + +* Thu Jul 25 2019 Fedora Release Engineering - 1.8.18-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Sun Feb 17 2019 Igor Gnatenko - 1.8.18-14 +- Rebuild for readline 8.0 + +* Fri Feb 01 2019 Fedora Release Engineering - 1.8.18-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Fri Jul 13 2018 Fedora Release Engineering - 1.8.18-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Tue Apr 10 2018 Josef Ridky - 1.8.18-11 +- Project moved to github + +* Thu Feb 22 2018 Josef Ridky - 1.8.18-10 +- Spec clean up +- Add support to set kg key +- Fix DDR4 memory issues +- Increase length of sensor id +- Enable usb interface by default +- Fix input options + +* Wed Feb 07 2018 Fedora Release Engineering - 1.8.18-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Tue Jan 30 2018 Josef Ridky - 1.8.18-8 +- remove old systemd dependencies + +* Wed Aug 02 2017 Fedora Release Engineering - 1.8.18-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 1.8.18-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Tue Feb 21 2017 Josef Ridky - 1.8.18-5 +- Fix allocation issue + +* Tue Feb 21 2017 Josef Ridky - 1.8.18-4 +- Add support for OpenSSL-1.1.0 library (#1423743) + +* Fri Feb 10 2017 Fedora Release Engineering - 1.8.18-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Thu Jan 12 2017 Igor Gnatenko - 1.8.18-2 +- Rebuild for readline 7.x + +* Mon Oct 10 2016 Boris Ranto - 0:1.8.18-1 +- New version (0:1.8.18-1) +- CVE-2011-4339 OpenIPMI + +* Tue May 10 2016 Boris Ranto - 0:1.8.17-1 +- New version (0:1.8.17-1) +- CVE-2011-4339 OpenIPMI + +* Tue Feb 23 2016 Boris Ranto - 1.8.16-1 +- Rebase to version 1.8.16 + +* Thu Feb 04 2016 Fedora Release Engineering - 1.8.15-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Tue Nov 24 2015 Boris Ranto - 1.8.15-5 +- Split ipmievd bits into a separate package + +* Wed Jun 17 2015 Fedora Release Engineering - 1.8.15-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Wed Apr 22 2015 Ales Ledvinka 1.8.15-3 +- Remove modalias dependency. + +* Thu Mar 19 2015 Ales Ledvinka 1.8.15-1 +- Upstream release 1.8.15 + +* Sat Aug 16 2014 Fedora Release Engineering - 1.8.13-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 1.8.13-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue Apr 8 2014 Ales Ledvinka 1.8.13-4 +- Support for environment variable short options. + +* Tue Nov 5 2013 Ales Ledvinka 1.8.13-3 +- Cleanup of dual bridge option. + +* Tue Oct 15 2013 Ales Ledvinka 1.8.13-2 +- BMC SNMP agent redirection + +* Mon Oct 14 2013 Ales Ledvinka 1.8.13-1 +- Upstream release 1.8.13 + +* Fri Aug 09 2013 Ales Ledvinka 1.8.12-13073103 +- Avoid FIPS mode crashes if possible. +- Document FIPS limitations. + +* Wed Jul 31 2013 Ales Ledvinka 1.8.12-13073101 +- Include current upstream bugfixes. + +* Thu Jul 25 2013 Ales Ledvinka 1.8.12-16 +- Calxeda OEM extensions. + +* Thu Feb 14 2013 Fedora Release Engineering - 1.8.12-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Mon Dec 17 2012 Praveen K Paladugu - 1.8.12-14 +- Updated the exchange-bmc-os-info's service file with Requires stmt + +* Fri Dec 14 2012 Ales Ledvinka 1.8.12-13 +- fixed argument parsing leaks +- ask user for password only once and do so only when interactive password + is the chosen password method. + +* Thu Dec 13 2012 Praveen K Paladugu - 1.8.12-12 +- Removed the extra symbols in the patch, as the build is failing. + +* Thu Dec 13 2012 Praveen K Paladugu - 1.8.12-11 +- Subpackage for exchange-bmc-os-info as it requires OPenIPMI + +* Wed Dec 12 2012 Ales Ledvinka 1.8.12-10 +- documented fixed and conditional defaults. adjusted synopsis + +* Tue Dec 4 2012 Ales Ledvinka 1.8.12-9 +- fixed ipmitool documentation + +* Fri Nov 30 2012 Praveen K Paladugu 1.8.12-8 +- service & scripts to allow OS to capture BMC's IP & URL info +- Also pass the OS information to BMC +- patches submitted by Charles Rose (charles_rose[at]dell.com) + +* Fri Nov 16 2012 Ales Ledvinka 1.8.12-7 +- failed sol session activation crashes while logging exit + +* Fri Nov 16 2012 Ales Ledvinka 1.8.12-6 +- revert default cipersuite back to 3 which includes integrity and confidentiality + +* Thu Oct 18 2012 Dan Horák - 1.8.12-5 +- fix build on big endian arches + +* Wed Oct 17 2012 Ales Ledvinka 1.8.12-4 +- support setting OS name and Hostname on BMC + +* Tue Sep 04 2012 Dan Horák - 1.8.12-3 +- fix build on big endian arches + +* Mon Aug 27 2012 Jan Safranek - 1.8.12-2 +- Fixed starting ipmievd under systemd (#819234). +- Updated RPM scriplets with latest systemd-rpm macros (#850161) + +* Fri Aug 10 2012 Jan Safranek - 1.8.12-1 +- update to ipmitool-1.8.12 + +* Thu Jul 19 2012 Fedora Release Engineering - 1.8.11-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Tue May 22 2012 Jan Safranek - 1.8.11-11 +- start ipmievd.service after ipmi (#819234) + +* Thu Apr 26 2012 Jan Safranek - 1.8.11-10 +- fixed ipmievd.service systemd unit (#807757) + +* Fri Jan 13 2012 Fedora Release Engineering - 1.8.11-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Dec 13 2011 Jan Safranek - 1.8.11-8 +- fixed CVE-2011-4339 + +* Mon Sep 12 2011 Tom Callaway - 1.8.11-7 +- convert to systemd + +* Wed Feb 09 2011 Fedora Release Engineering - 1.8.11-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Mar 3 2010 Jan Safranek - 1.8.11-5 +- Fixed exit code of ipmievd initscript with wrong arguments + +* Mon Nov 2 2009 Jan Safranek 1.8.11-4 +- fix ipmievd initscript 'condrestart' action (#532188) + +* Fri Aug 21 2009 Tomas Mraz - 1.8.11-3 +- rebuilt with new openssl + +* Fri Jul 24 2009 Fedora Release Engineering - 1.8.11-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Thu Feb 26 2009 Jan Safranek 1.8.11-1 +- updated to new version + +* Tue Feb 24 2009 Fedora Release Engineering - 1.8.10-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Sat Jan 17 2009 Tomas Mraz 1.8.10-3 +- rebuild with new openssl + +* Tue Oct 14 2008 Jan Safranek 1.8.10-2 +- fix issues found during package review: + - clear Default-Start: line in the init script, the service should be + disabled by default + - added Obsoletes: OpenIPMI-tools + - compile with --disable-dependency-tracking to speed things up + - compile with --enable-file-security + - compile with --disable-intf-free, don't depend on FreeIPMI libraries + (FreeIPMI has its own ipmitool-like utility) + +* Mon Oct 13 2008 Jan Safranek 1.8.10-1 +- package created, based on upstream .spec file