Auto sync2gitlab import of ipmitool-1.8.18-18.el8.src.rpm

This commit is contained in:
James Antill 2022-05-26 09:50:08 -04:00
parent bf2df7d299
commit a67e023fd3
23 changed files with 3048 additions and 1 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
/ipmitool-1.8.18.tar.bz2

View File

@ -0,0 +1,25 @@
From 152efd46931a70ab4e3d81e99d312df7dcd666e6 Mon Sep 17 00:00:00 2001
From: Boris Ranto <branto@redhat.com>
Date: Tue, 10 May 2016 19:12:08 +0200
Subject: [PATCH] CVE-2011-4339 OpenIPMI
IPMI event daemon creates PID file with world writeable permissions
---
lib/helper.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/lib/helper.c b/lib/helper.c
index de91438..c3a1c80 100644
--- a/lib/helper.c
+++ b/lib/helper.c
@@ -829,7 +829,6 @@ ipmi_start_daemon(struct ipmi_intf *intf)
#endif
chdir("/");
- umask(0);
for (fd=0; fd<64; fd++) {
if (fd != intf->fd)
--
2.7.4

89
0002-openssl.patch Normal file
View File

@ -0,0 +1,89 @@
diff -urNp old/src/plugins/lanplus/lanplus_crypt_impl.c new/src/plugins/lanplus/lanplus_crypt_impl.c
--- old/src/plugins/lanplus/lanplus_crypt_impl.c 2016-05-28 10:20:20.000000000 +0200
+++ new/src/plugins/lanplus/lanplus_crypt_impl.c 2017-02-21 10:50:21.634873466 +0100
@@ -164,10 +164,10 @@ lanplus_encrypt_aes_cbc_128(const uint8_
uint8_t * output,
uint32_t * bytes_written)
{
- EVP_CIPHER_CTX ctx;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX_init(ctx);
+ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
*bytes_written = 0;
@@ -191,7 +191,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_
assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
+ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
{
/* Error */
*bytes_written = 0;
@@ -201,7 +201,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_
{
uint32_t tmplen;
- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
+ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
{
*bytes_written = 0;
return; /* Error */
@@ -210,7 +210,8 @@ lanplus_encrypt_aes_cbc_128(const uint8_
{
/* Success */
*bytes_written += tmplen;
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_cleanup(ctx);
+ EVP_CIPHER_CTX_free(ctx);
}
}
}
@@ -239,10 +240,10 @@ lanplus_decrypt_aes_cbc_128(const uint8_
uint8_t * output,
uint32_t * bytes_written)
{
- EVP_CIPHER_CTX ctx;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX_init(ctx);
+ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
if (verbose >= 5)
@@ -266,7 +267,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_
assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
+ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
{
/* Error */
lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
@@ -277,7 +278,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_
{
uint32_t tmplen;
- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
+ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
{
char buffer[1000];
ERR_error_string(ERR_get_error(), buffer);
@@ -290,7 +291,8 @@ lanplus_decrypt_aes_cbc_128(const uint8_
{
/* Success */
*bytes_written += tmplen;
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_cleanup(ctx);
+ EVP_CIPHER_CTX_free(ctx);
}
}

View File

@ -0,0 +1,240 @@
diff -urNp old/doc/ipmitool.1 new/doc/ipmitool.1
--- old/doc/ipmitool.1 2017-02-06 10:20:02.254362909 +0100
+++ new/doc/ipmitool.1 2017-02-06 10:33:41.729294474 +0100
@@ -372,6 +372,20 @@ Configure user access information on the
Displays the list of cipher suites supported for the given
application (ipmi or sol) on the given channel.
+.TP
+\fIsetkg\fP <\fIhex\fP|\fIplain\fP> <\fBkey\fP> [<\fBchannel\fR>]
+.br
+
+Sets K_g key to given value. Use \fIplain\fP to specify \fBkey\fR as simple ASCII string.
+Use \fIhex\fP to specify \fBkey\fR as sequence of hexadecimal codes of ASCII charactes.
+I.e. following two examples are equivalent:
+
+.RS
+ipmitool channel setkg plain PASSWORD
+
+ipmitool channel setkg hex 50415353574F5244
+.RE
+
.RE
.RE
.TP
diff -urNp old/include/ipmitool/helper.h new/include/ipmitool/helper.h
--- old/include/ipmitool/helper.h 2017-02-06 10:20:02.254362909 +0100
+++ new/include/ipmitool/helper.h 2017-02-06 10:40:07.336136844 +0100
@@ -58,6 +58,8 @@
# define IPMI_UID_MAX 63
#endif
+#define IPMI_KG_BUFFER_SIZE 21 /* key plus null byte */
+
struct ipmi_intf;
struct valstr {
diff -urNp old/include/ipmitool/ipmi_channel.h new/include/ipmitool/ipmi_channel.h
--- old/include/ipmitool/ipmi_channel.h 2017-02-06 10:20:02.253316684 +0100
+++ new/include/ipmitool/ipmi_channel.h 2017-02-06 10:58:15.291287621 +0100
@@ -49,6 +49,10 @@
#define IPMI_GET_USER_NAME 0x46
#define IPMI_SET_USER_PASSWORD 0x47
#define IPMI_GET_CHANNEL_CIPHER_SUITES 0x54
+#define IPMI_SET_CHANNEL_SECURITY_KEYS 0x56
+
+#define IPMI_KG_KEY_ID 1
+#define IPMI_SET_CHANNEL_SECURITY_KEYS_OP_SET 1
/* These are for channel_info_t.session_support */
#define IPMI_CHANNEL_SESSION_LESS 0x00
@@ -137,6 +141,40 @@ int _ipmi_set_channel_access(struct ipmi
struct channel_access_t channel_access, uint8_t access_option,
uint8_t privilege_option);
+struct set_channel_security_keys_req {
+#if WORDS_BIGENDIAN
+ uint8_t __reserved1 :4;
+ uint8_t channel :4;
+
+ uint8_t __reserved2 :6;
+ uint8_t operation :2;
+
+ uint8_t key_id;
+ unsigned char key_value[IPMI_KG_BUFFER_SIZE-1]; /* we don't want space for '\0' at the end */
+#else
+ uint8_t channel :4;
+ uint8_t __reserved1 :4;
+
+ uint8_t operation :2;
+ uint8_t __reserved2 :6;
+
+ uint8_t key_id;
+ unsigned char key_value[IPMI_KG_BUFFER_SIZE-1]; /* we don't want space for '\0' at the end */
+#endif
+} __attribute__ ((packed));
+
+struct set_channel_security_keys_rsp {
+#if WORDS_BIGENDIAN
+ uint8_t __reserved1 :6;
+ uint8_t lock_status :2;
+ unsigned char key_value; /* just the first character, use &key_value to explore the rest */
+#else
+ uint8_t lock_status :2;
+ uint8_t __reserved1 :6;
+ unsigned char key_value; /* just the first character, use &key_value to explore the rest */
+#endif
+} __attribute__ ((packed));
+
uint8_t ipmi_get_channel_medium(struct ipmi_intf * intf, uint8_t channel);
uint8_t ipmi_current_channel_medium(struct ipmi_intf * intf);
int ipmi_channel_main(struct ipmi_intf * intf, int argc, char ** argv);
diff -urNp old/include/ipmitool/ipmi_intf.h new/include/ipmitool/ipmi_intf.h
--- old/include/ipmitool/ipmi_intf.h 2017-02-06 10:20:02.254362909 +0100
+++ new/include/ipmitool/ipmi_intf.h 2017-02-06 10:40:40.264577602 +0100
@@ -60,7 +60,6 @@ enum LANPLUS_SESSION_STATE {
#define IPMI_AUTHCODE_BUFFER_SIZE 20
#define IPMI_SIK_BUFFER_SIZE IPMI_MAX_MD_SIZE
-#define IPMI_KG_BUFFER_SIZE 21 /* key plus null byte */
struct ipmi_session_params {
char * hostname;
diff -urNp old/lib/ipmi_channel.c new/lib/ipmi_channel.c
--- old/lib/ipmi_channel.c 2017-02-06 10:20:02.255409134 +0100
+++ new/lib/ipmi_channel.c 2017-02-06 12:32:14.222282317 +0100
@@ -821,6 +821,92 @@ ipmi_set_user_access(struct ipmi_intf *i
return 0;
}
+int
+ipmi_set_channel_security_keys (struct ipmi_intf *intf, uint8_t channel, const char *method, const char *key)
+{
+ uint8_t kgkey[IPMI_KG_BUFFER_SIZE];
+ struct ipmi_rs *rsp;
+ struct ipmi_rq req;
+ struct set_channel_security_keys_req req_data;
+ int rc = -1;
+
+ /* convert provided key to array of bytes */
+ if (strcmp(method, "hex") == 0) {
+ if (strlen(key) > (IPMI_KG_BUFFER_SIZE-1)*2) {
+ lprintf(LOG_ERR, "Provided key is too long, max. length is %d bytes", (IPMI_KG_BUFFER_SIZE-1));
+ printf_channel_usage();
+ return -1;
+ }
+
+ rc = ipmi_parse_hex(key, kgkey, sizeof(kgkey)-1);
+ if (rc == -1) {
+ lprintf(LOG_ERR, "Number of Kg key characters is not even");
+ return rc;
+ } else if (rc == -3) {
+ lprintf(LOG_ERR, "Kg key is not hexadecimal number");
+ return rc;
+ } else if (rc > (IPMI_KG_BUFFER_SIZE-1)) {
+ lprintf(LOG_ERR, "Kg key is too long");
+ return rc;
+ }
+
+ } else if (strcmp(method, "plain") == 0) {
+ if (strlen(key) > IPMI_KG_BUFFER_SIZE-1) {
+ lprintf(LOG_ERR, "Provided key is too long, max. length is %d bytes", (IPMI_KG_BUFFER_SIZE -1));
+ printf_channel_usage();
+ return rc;
+ }
+
+ strncpy(kgkey, key, IPMI_KG_BUFFER_SIZE-1);
+ } else {
+ printf_channel_usage();
+ return rc;
+ }
+
+ /* assemble and send request to set kg key */
+ memset(&req_data, 0, sizeof(req_data));
+ req_data.channel = channel;
+ req_data.operation = IPMI_SET_CHANNEL_SECURITY_KEYS_OP_SET;
+ req_data.key_id = IPMI_KG_KEY_ID;
+ memcpy(req_data.key_value, kgkey, IPMI_KG_BUFFER_SIZE-1);
+
+ memset(&req, 0, sizeof(req));
+ req.msg.netfn = IPMI_NETFN_APP;
+ req.msg.cmd = IPMI_SET_CHANNEL_SECURITY_KEYS;
+ req.msg.data = (uint8_t*) &req_data;
+ req.msg.data_len = sizeof(req_data);
+
+ rsp = intf->sendrecv(intf, &req);
+ if (rsp == NULL) {
+ lprintf(LOG_ERR, "Set Channel Security Keys command failed");
+ return rc;
+ }
+ if (rsp->ccode > 0) {
+ const char *error = NULL;
+ switch (rsp->ccode) {
+ case 0x80:
+ error = "Key is locked";
+ break;
+ case 0x81:
+ error = "Insufficient key bytes";
+ break;
+ case 0x82:
+ error = "Too many key bytes";
+ break;
+ case 0x83:
+ error = "Key value does not meet criteria for K_g key";
+ break;
+ default:
+ error = val2str(rsp->ccode, completion_code_vals);
+ }
+ lprintf(LOG_ERR, "Error setting security key: %X (%s)", rsp->ccode, error);
+ return rc;
+ }
+
+ lprintf(LOG_NOTICE, "Set Channel Security Keys command succeeded");
+ return 0;
+}
+
int
ipmi_channel_main(struct ipmi_intf *intf, int argc, char **argv)
{
@@ -890,6 +976,19 @@ ipmi_channel_main(struct ipmi_intf *intf
retval = ipmi_get_channel_cipher_suites(intf,
argv[1], /* ipmi | sol */
channel);
+ } else if (strncmp(argv[0], "setkg", 5) == 0) {
+ if (argc < 3 || argc > 4)
+ printf_channel_usage();
+ else {
+ uint8_t ch = 0xe;
+ char *method = argv[1];
+ char *key = argv[2];
+ if (argc == 4) {
+ ch = (uint8_t)strtol(argv[3], NULL, 0);
+ }
+
+ retval = ipmi_set_channel_security_keys(intf, ch, method, key);
+ }
} else {
lprintf(LOG_ERR, "Invalid CHANNEL command: %s\n", argv[0]);
printf_channel_usage();
@@ -916,6 +1015,10 @@ printf_channel_usage()
lprintf(LOG_NOTICE,
"");
lprintf(LOG_NOTICE,
+" setkg hex|plain <key> [channel]");
+ lprintf(LOG_NOTICE,
+"");
+ lprintf(LOG_NOTICE,
"Possible privilege levels are:");
lprintf(LOG_NOTICE,
" 1 Callback level");
diff -urNp old/src/plugins/ipmi_intf.c new/src/plugins/ipmi_intf.c
--- old/src/plugins/ipmi_intf.c 2017-02-06 10:20:02.257501584 +0100
+++ new/src/plugins/ipmi_intf.c 2017-02-06 10:42:12.585257810 +0100
@@ -55,6 +55,7 @@
#include <ipmitool/ipmi.h>
#include <ipmitool/ipmi_sdr.h>
#include <ipmitool/log.h>
+#include <ipmitool/helper.h>
#define IPMI_DEFAULT_PAYLOAD_SIZE 25

16
0004-slowswid.patch Normal file
View File

@ -0,0 +1,16 @@
diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c
index fa7b082..9bc5ac2 100644
--- a/lib/ipmi_sdr.c
+++ b/lib/ipmi_sdr.c
@@ -572,6 +572,8 @@ ipmi_sdr_get_sensor_reading_ipmb(struct ipmi_intf *intf, uint8_t sensor,
uint32_t save_addr;
uint32_t save_channel;
+ if (target == (uint8_t) 0xb1)
+ return ipmi_sdr_get_sensor_reading(intf, sensor);
if ( BRIDGE_TO_SENSOR(intf, target, channel) ) {
lprintf(LOG_DEBUG,
"Bridge to Sensor "
--
2.1.0

View File

@ -0,0 +1,16 @@
diff --git a/include/ipmitool/ipmi_sdr.h b/include/ipmitool/ipmi_sdr.h
index ccf0cf0..47d3949 100644
--- a/include/ipmitool/ipmi_sdr.h
+++ b/include/ipmitool/ipmi_sdr.h
@@ -819,7 +819,7 @@ static const char *sensor_type_desc[] __attribute__ ((unused)) = {
"Version Change", "FRU State" };
struct sensor_reading {
- char s_id[17]; /* name of the sensor */
+ char s_id[33]; /* name of the sensor */
struct sdr_record_full_sensor *full;
struct sdr_record_compact_sensor *compact;
uint8_t s_reading_valid; /* read value valididity */
--
2.1.0

21
0006-enable-usb.patch Normal file
View File

@ -0,0 +1,21 @@
diff -urNp old/configure.ac new/configure.ac
--- old/configure.ac 2017-02-02 14:20:33.230784269 +0100
+++ new/configure.ac 2017-02-02 14:22:53.528510336 +0100
@@ -63,7 +63,7 @@ xenable_intf_imb=yes
xenable_intf_lipmi=yes
xenable_intf_open=yes
#xenable_intf_serial=yes
-xenable_intf_usb=no
+xenable_intf_usb=yes
xenable_ipmishell=yes
dnl set some things so we build with GNU tools on Solaris
@@ -209,7 +209,7 @@ fi
dnl enable IPMI USB interface
AC_ARG_ENABLE([intf-usb],
[AC_HELP_STRING([--enable-intf-usb],
- [enable IPMI USB interface [default=auto]])],
+ [enable IPMI USB interface [default=yes]])],
[xenable_intf_usb=$enableval],
[xenable_intf_usb=$xenable_intf_usb])
if test "x$xenable_intf_usb" = "xstatic" || test "x$xenable_intf_usb" = "xplugin"; then

41
0007-check-input.patch Normal file
View File

@ -0,0 +1,41 @@
diff -urNp old/doc/ipmitool.1 new/doc/ipmitool.1
--- old/doc/ipmitool.1 2017-10-03 16:10:50.446539988 +0200
+++ new/doc/ipmitool.1 2017-10-03 16:16:37.039673239 +0200
@@ -3170,13 +3170,14 @@ SOL configuration data for the currently
Enable, disable or show status of SOL payload for the user on the specified channel.
.TP
-\fIset\fP <\fBparameter\fR> <\fBvalue\fR> [<\fBchannel\fR>]
+\fIset\fP <\fBparameter\fR> <\fBvalue\fR> [<\fBchannel\fR>] [\fBnoguard\fR]
.br
Configure parameters for Serial Over Lan. If no channel is given,
it will display SOL configuration data for the currently used
channel. Configuration parameter updates are automatically guarded
-with the updates to the set\-in\-progress parameter.
+with the updates to the set\-in\-progress parameter, unless \fInoguard\fR
+parameter is present.
.RS
.TP
Valid parameters and values are:
diff -urNp old/lib/ipmi_sol.c new/lib/ipmi_sol.c
--- old/lib/ipmi_sol.c 2017-10-03 16:10:50.447539996 +0200
+++ new/lib/ipmi_sol.c 2017-10-03 16:18:37.079006949 +0200
@@ -1875,7 +1875,7 @@ static void
print_sol_usage(void)
{
lprintf(LOG_NOTICE, "SOL Commands: info [<channel number>]");
- lprintf(LOG_NOTICE, " set <parameter> <value> [channel]");
+ lprintf(LOG_NOTICE, " set <parameter> <value> [channel] [noguard]");
lprintf(LOG_NOTICE, " payload <enable|disable|status> [channel] [userid]");
lprintf(LOG_NOTICE, " activate [<usesolkeepalive|nokeepalive>] [instance=<number>]");
lprintf(LOG_NOTICE, " deactivate [instance=<number>]");
@@ -1890,6 +1890,8 @@ print_sol_usage(void)
static void
print_sol_set_usage(void)
{
+ lprintf(LOG_NOTICE, "\nSOL set usage: \n");
+ lprintf(LOG_NOTICE, " sol set <parameter> <value> [channel] [noguard]\n");
lprintf(LOG_NOTICE, "\nSOL set parameters and values: \n");
lprintf(LOG_NOTICE, " set-in-progress set-complete | "
"set-in-progress | commit-write");

864
0008-use-best-cipher.patch Normal file
View File

@ -0,0 +1,864 @@
From 260293c0ee5a268bc7fc1483e5304546745122a6 Mon Sep 17 00:00:00 2001
From: Vernon Mauery <vernon.mauery@intel.com>
Date: Mon, 9 Apr 2018 12:28:57 -0700
Subject: [PATCH] lanplus: Auto-select 'best' cipher suite available
Current cipher suites could be ranked as this:
17 > 3 >> all the rest
Cherry-picked-from: 7772254b62826b894ca629df8c597030a98f4f72
Cherry-picked-from: f9c699c712f884c82fc1a62f1f61a8d597ac0cfd
Also fetched some functions/macros for helper.h
Equals to getting include/ipmitool/helper.h changes from commits:
(oldest first)
6c00d44 mc: watchdog get: Update to match IPMI 2.0 spec
e8e94d8 mc: watchdog set: Refactor to reduce complexity
0310208 mc: Code refactor to reduce copy-paste ratio
249e092 general: Make byteswapping arch-independent
5491b12 refix 249e0929: Fix byteswapping helpers
bb1a4cc Refactoring. Improve code reuse ratio.
---
include/ipmitool/helper.h | 58 ++++++++
include/ipmitool/ipmi_channel.h | 47 +++++++
include/ipmitool/ipmi_intf.h | 39 ++++-
lib/ipmi_channel.c | 242 +++++++++++++++-----------------
lib/ipmi_main.c | 23 +--
src/plugins/ipmi_intf.c | 5 +-
src/plugins/lanplus/lanplus.c | 114 +++++++++++----
7 files changed, 360 insertions(+), 168 deletions(-)
diff --git a/include/ipmitool/helper.h b/include/ipmitool/helper.h
index c53736f..6a2e5f4 100644
--- a/include/ipmitool/helper.h
+++ b/include/ipmitool/helper.h
@@ -38,6 +38,8 @@
#include <stdio.h>
#include <string.h>
+#define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0]))
+
#ifndef TRUE
#define TRUE 1
#endif
@@ -111,6 +113,62 @@ FILE * ipmi_open_file(const char * file, int rw);
void ipmi_start_daemon(struct ipmi_intf *intf);
uint16_t ipmi_get_oem_id(struct ipmi_intf *intf);
+#define IS_SET(v, b) ((v) & (1 << (b)))
+
+/* le16toh(), hto16le(), et. al. don't exist for Windows or Apple */
+/* For portability, let's simply define our own versions here */
+
+/* IPMI is always little-endian */
+static inline uint16_t ipmi16toh(void *ipmi16)
+{
+ uint8_t *ipmi = (uint8_t *)ipmi16;
+ uint16_t h;
+
+ h = ipmi[1] << 8; /* MSB */
+ h |= ipmi[0]; /* LSB */
+
+ return h;
+}
+
+static inline void htoipmi16(uint16_t h, uint8_t *ipmi)
+{
+ ipmi[0] = h & 0xFF; /* LSB */
+ ipmi[1] = h >> 8; /* MSB */
+}
+
+static inline uint32_t ipmi24toh(void *ipmi24)
+{
+ uint8_t *ipmi = (uint8_t *)ipmi24;
+ uint32_t h = 0;
+
+ h = ipmi[2] << 16; /* MSB */
+ h |= ipmi[1] << 8;
+ h |= ipmi[0]; /* LSB */
+
+ return h;
+}
+
+static inline uint32_t ipmi32toh(void *ipmi32)
+{
+ uint8_t *ipmi = ipmi32;
+ uint32_t h;
+
+ h = ipmi[3] << 24; /* MSB */
+ h |= ipmi[2] << 16;
+ h |= ipmi[1] << 8;
+ h |= ipmi[0]; /* LSB */
+
+ return h;
+}
+
+static inline void htoipmi32(uint32_t h, uint8_t *ipmi)
+{
+ ipmi[0] = h & 0xFF; /* LSB */
+ ipmi[1] = (h >> 8) & 0xFF;
+ ipmi[2] = (h >> 16) & 0xFF;
+ ipmi[3] = (h >> 24) & 0xFF; /* MSB */
+}
+
#define ipmi_open_file_read(file) ipmi_open_file(file, 0)
#define ipmi_open_file_write(file) ipmi_open_file(file, 1)
diff --git a/include/ipmitool/ipmi_channel.h b/include/ipmitool/ipmi_channel.h
index 3ade2d5..324c0bb 100644
--- a/include/ipmitool/ipmi_channel.h
+++ b/include/ipmitool/ipmi_channel.h
@@ -37,6 +37,7 @@
# include <config.h>
#endif
#include <ipmitool/ipmi.h>
+#include <ipmitool/ipmi_intf.h>
#define IPMI_GET_CHANNEL_AUTH_CAP 0x38
@@ -81,6 +82,50 @@ struct channel_access_t {
uint8_t user_level_auth;
};
+/*
+ * The Cipher Suite Record Format from table 22-18 of the IPMI v2.0 spec
+ */
+enum cipher_suite_format_tag {
+ STANDARD_CIPHER_SUITE = 0xc0,
+ OEM_CIPHER_SUITE = 0xc1,
+};
+#ifdef HAVE_PRAGMA_PACK
+#pragma pack(1)
+#endif
+struct std_cipher_suite_record_t {
+ uint8_t start_of_record;
+ uint8_t cipher_suite_id;
+ uint8_t auth_alg;
+ uint8_t integrity_alg;
+ uint8_t crypt_alg;
+} ATTRIBUTE_PACKING;
+struct oem_cipher_suite_record_t {
+ uint8_t start_of_record;
+ uint8_t cipher_suite_id;
+ uint8_t iana[3];
+ uint8_t auth_alg;
+ uint8_t integrity_alg;
+ uint8_t crypt_alg;
+} ATTRIBUTE_PACKING;
+#ifdef HAVE_PRAGMA_PACK
+#pragma pack(0)
+#endif
+#define CIPHER_ALG_MASK 0x3f
+#define MAX_CIPHER_SUITE_RECORD_OFFSET 0x40
+#define MAX_CIPHER_SUITE_DATA_LEN 0x10
+#define LIST_ALGORITHMS_BY_CIPHER_SUITE 0x80
+
+/* Below is the theoretical maximum number of cipher suites that could be
+ * reported by a BMC. That is with the Get Channel Cipher Suites Command, at 16
+ * bytes at a time and 0x40 requests, it can report 1024 bytes, which is about
+ * 204 standard records or 128 OEM records. Really, we probably don't need more
+ * than about 20, which is the full set of standard records plus a few OEM
+ * records.
+ */
+#define MAX_CIPHER_SUITE_COUNT (MAX_CIPHER_SUITE_RECORD_OFFSET * \
+ MAX_CIPHER_SUITE_DATA_LEN / \
+ sizeof(struct std_cipher_suite_record_t))
+
/*
* The Get Authentication Capabilities response structure
* From table 22-15 of the IPMI v2.0 spec
@@ -135,6 +180,8 @@ struct get_channel_auth_cap_rsp {
int _ipmi_get_channel_access(struct ipmi_intf *intf,
struct channel_access_t *channel_access,
uint8_t get_volatile_settings);
+int ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type,
+ uint8_t channel, struct cipher_suite_info *suites, size_t *count);
int _ipmi_get_channel_info(struct ipmi_intf *intf,
struct channel_info_t *channel_info);
int _ipmi_set_channel_access(struct ipmi_intf *intf,
diff --git a/include/ipmitool/ipmi_intf.h b/include/ipmitool/ipmi_intf.h
index 0b8c64b..7a07d66 100644
--- a/include/ipmitool/ipmi_intf.h
+++ b/include/ipmitool/ipmi_intf.h
@@ -61,13 +61,45 @@ enum LANPLUS_SESSION_STATE {
#define IPMI_AUTHCODE_BUFFER_SIZE 20
#define IPMI_SIK_BUFFER_SIZE IPMI_MAX_MD_SIZE
+enum cipher_suite_ids {
+ IPMI_LANPLUS_CIPHER_SUITE_0 = 0,
+ IPMI_LANPLUS_CIPHER_SUITE_1 = 1,
+ IPMI_LANPLUS_CIPHER_SUITE_2 = 2,
+ IPMI_LANPLUS_CIPHER_SUITE_3 = 3,
+ IPMI_LANPLUS_CIPHER_SUITE_4 = 4,
+ IPMI_LANPLUS_CIPHER_SUITE_5 = 5,
+ IPMI_LANPLUS_CIPHER_SUITE_6 = 6,
+ IPMI_LANPLUS_CIPHER_SUITE_7 = 7,
+ IPMI_LANPLUS_CIPHER_SUITE_8 = 8,
+ IPMI_LANPLUS_CIPHER_SUITE_9 = 9,
+ IPMI_LANPLUS_CIPHER_SUITE_10 = 10,
+ IPMI_LANPLUS_CIPHER_SUITE_11 = 11,
+ IPMI_LANPLUS_CIPHER_SUITE_12 = 12,
+ IPMI_LANPLUS_CIPHER_SUITE_13 = 13,
+ IPMI_LANPLUS_CIPHER_SUITE_14 = 14,
+#ifdef HAVE_CRYPTO_SHA256
+ IPMI_LANPLUS_CIPHER_SUITE_15 = 15,
+ IPMI_LANPLUS_CIPHER_SUITE_16 = 16,
+ IPMI_LANPLUS_CIPHER_SUITE_17 = 17,
+#endif /* HAVE_CRYPTO_SHA256 */
+ IPMI_LANPLUS_CIPHER_SUITE_RESERVED = 0xff,
+};
+
+struct cipher_suite_info {
+ enum cipher_suite_ids cipher_suite_id;
+ uint8_t auth_alg;
+ uint8_t integrity_alg;
+ uint8_t crypt_alg;
+ uint32_t iana;
+};
+
struct ipmi_session_params {
char * hostname;
uint8_t username[17];
uint8_t authcode_set[IPMI_AUTHCODE_BUFFER_SIZE + 1];
uint8_t authtype_set;
uint8_t privlvl;
- uint8_t cipher_suite_id;
+ enum cipher_suite_ids cipher_suite_id;
char sol_escape_char;
int password;
int port;
@@ -217,7 +249,10 @@ void ipmi_intf_session_set_username(struct ipmi_intf * intf, char * username);
void ipmi_intf_session_set_password(struct ipmi_intf * intf, char * password);
void ipmi_intf_session_set_privlvl(struct ipmi_intf * intf, uint8_t privlvl);
void ipmi_intf_session_set_lookupbit(struct ipmi_intf * intf, uint8_t lookupbit);
-void ipmi_intf_session_set_cipher_suite_id(struct ipmi_intf * intf, uint8_t cipher_suite_id);
+#ifdef IPMI_INTF_LANPLUS
+void ipmi_intf_session_set_cipher_suite_id(struct ipmi_intf * intf,
+ enum cipher_suite_ids cipher_suite_id);
+#endif /* IPMI_INTF_LANPLUS */
void ipmi_intf_session_set_sol_escape_char(struct ipmi_intf * intf, char sol_escape_char);
void ipmi_intf_session_set_kgkey(struct ipmi_intf *intf, const uint8_t *kgkey);
void ipmi_intf_session_set_port(struct ipmi_intf * intf, int port);
diff --git a/lib/ipmi_channel.c b/lib/ipmi_channel.c
index e1fc75f..3ae3104 100644
--- a/lib/ipmi_channel.c
+++ b/lib/ipmi_channel.c
@@ -342,86 +342,116 @@ ipmi_get_channel_auth_cap(struct ipmi_intf *intf, uint8_t channel, uint8_t priv)
return 0;
}
-static int
+static size_t
+parse_channel_cipher_suite_data(uint8_t *cipher_suite_data, size_t data_len,
+ struct cipher_suite_info* suites, size_t nr_suites)
+{
+ size_t count = 0;
+ size_t offset = 0;
+ uint32_t iana;
+ uint8_t auth_alg, integrity_alg, crypt_alg;
+ uint8_t cipher_suite_id;
+
+ memset(suites, 0, sizeof(*suites) * nr_suites);
+
+ while (offset < data_len && count < nr_suites) {
+ auth_alg = IPMI_AUTH_RAKP_NONE;
+ integrity_alg = IPMI_INTEGRITY_NONE;
+ crypt_alg = IPMI_CRYPT_NONE;
+ if (cipher_suite_data[offset] == STANDARD_CIPHER_SUITE) {
+ struct std_cipher_suite_record_t *record =
+ (struct std_cipher_suite_record_t*)(&cipher_suite_data[offset]);
+ /* standard type */
+ iana = 0;
+
+ /* Verify that we have at least a full record left; id + 3 algs */
+ if ((data_len - offset) < sizeof(*record)) {
+ lprintf(LOG_INFO, "Incomplete data record in cipher suite data");
+ break;
+ }
+ cipher_suite_id = record->cipher_suite_id;
+ auth_alg = CIPHER_ALG_MASK & record->auth_alg;
+ integrity_alg = CIPHER_ALG_MASK & record->integrity_alg;
+ crypt_alg = CIPHER_ALG_MASK & record->crypt_alg;
+ offset += sizeof(*record);
+ } else if (cipher_suite_data[offset] == OEM_CIPHER_SUITE) {
+ /* OEM record type */
+ struct oem_cipher_suite_record_t *record =
+ (struct oem_cipher_suite_record_t*)(&cipher_suite_data[offset]);
+ /* Verify that we have at least a full record left
+ * id + iana + 3 algs
+ */
+ if ((data_len - offset) < sizeof(*record)) {
+ lprintf(LOG_INFO, "Incomplete data record in cipher suite data");
+ break;
+ }
+
+ cipher_suite_id = record->cipher_suite_id;
+
+ /* Grab the IANA */
+ iana = ipmi24toh(record->iana);
+ auth_alg = CIPHER_ALG_MASK & record->auth_alg;
+ integrity_alg = CIPHER_ALG_MASK & record->integrity_alg;
+ crypt_alg = CIPHER_ALG_MASK & record->crypt_alg;
+ offset += sizeof(*record);
+ } else {
+ lprintf(LOG_INFO, "Bad start of record byte in cipher suite data (offset %d, value %x)", offset, cipher_suite_data[offset]);
+ break;
+ }
+ suites[count].cipher_suite_id = cipher_suite_id;
+ suites[count].iana = iana;
+ suites[count].auth_alg = auth_alg;
+ suites[count].integrity_alg = integrity_alg;
+ suites[count].crypt_alg = crypt_alg;
+ count++;
+ }
+ return count;
+}
+
+int
ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type,
- uint8_t channel)
+ uint8_t channel, struct cipher_suite_info *suites, size_t *count)
{
struct ipmi_rs *rsp;
struct ipmi_rq req;
uint8_t rqdata[3];
- uint32_t iana;
- uint8_t auth_alg, integrity_alg, crypt_alg;
- uint8_t cipher_suite_id;
uint8_t list_index = 0;
/* 0x40 sets * 16 bytes per set */
- uint8_t cipher_suite_data[1024];
- uint16_t offset = 0;
- /* how much was returned, total */
- uint16_t cipher_suite_data_length = 0;
+ uint8_t cipher_suite_data[MAX_CIPHER_SUITE_RECORD_OFFSET *
+ MAX_CIPHER_SUITE_DATA_LEN];
+ size_t offset = 0;
+ size_t nr_suites = 0;
+ if (!suites || !count || !*count)
+ return -1;
+
+ nr_suites = *count;
+ *count = 0;
memset(cipher_suite_data, 0, sizeof(cipher_suite_data));
-
+
memset(&req, 0, sizeof(req));
req.msg.netfn = IPMI_NETFN_APP;
req.msg.cmd = IPMI_GET_CHANNEL_CIPHER_SUITES;
req.msg.data = rqdata;
- req.msg.data_len = 3;
+ req.msg.data_len = sizeof(rqdata);
rqdata[0] = channel;
rqdata[1] = ((strncmp(payload_type, "ipmi", 4) == 0)? 0: 1);
- /* Always ask for cipher suite format */
- rqdata[2] = 0x80;
-
- rsp = intf->sendrecv(intf, &req);
- if (rsp == NULL) {
- lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites");
- return -1;
- }
- if (rsp->ccode > 0) {
- lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s",
- val2str(rsp->ccode, completion_code_vals));
- return -1;
- }
-
-
- /*
- * Grab the returned channel number once. We assume it's the same
- * in future calls.
- */
- if (rsp->data_len >= 1) {
- channel = rsp->data[0];
- }
-
- while ((rsp->data_len > 1) && (rsp->data_len == 17) && (list_index < 0x3F)) {
- /*
- * We got back cipher suite data -- store it.
- * printf("copying data to offset %d\n", offset);
- * printbuf(rsp->data + 1, rsp->data_len - 1, "this is the data");
- */
- memcpy(cipher_suite_data + offset, rsp->data + 1, rsp->data_len - 1);
- offset += rsp->data_len - 1;
-
- /*
- * Increment our list for the next call
- */
- ++list_index;
- rqdata[2] = (rqdata[2] & 0x80) + list_index;
+ do {
+ /* Always ask for cipher suite format */
+ rqdata[2] = LIST_ALGORITHMS_BY_CIPHER_SUITE | list_index;
rsp = intf->sendrecv(intf, &req);
if (rsp == NULL) {
lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites");
return -1;
}
- if (rsp->ccode > 0) {
+ if (rsp->ccode || rsp->data_len < 1) {
lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s",
val2str(rsp->ccode, completion_code_vals));
return -1;
}
- }
-
- /* Copy last chunk */
- if(rsp->data_len > 1) {
/*
* We got back cipher suite data -- store it.
* printf("copying data to offset %d\n", offset);
@@ -429,88 +459,46 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type,
*/
memcpy(cipher_suite_data + offset, rsp->data + 1, rsp->data_len - 1);
offset += rsp->data_len - 1;
- }
- /* We can chomp on all our data now. */
- cipher_suite_data_length = offset;
- offset = 0;
+ /*
+ * Increment our list for the next call
+ */
+ ++list_index;
+ } while ((rsp->data_len == (sizeof(uint8_t) + MAX_CIPHER_SUITE_DATA_LEN)) &&
+ (list_index < MAX_CIPHER_SUITE_RECORD_OFFSET));
- if (! csv_output) {
- printf("ID IANA Auth Alg Integrity Alg Confidentiality Alg\n");
- }
- while (offset < cipher_suite_data_length) {
- if (cipher_suite_data[offset++] == 0xC0) {
- /* standard type */
- iana = 0;
+ *count = parse_channel_cipher_suite_data(cipher_suite_data, offset, suites,
+ nr_suites);
+ return 0;
+}
- /* Verify that we have at least a full record left; id + 3 algs */
- if ((cipher_suite_data_length - offset) < 4) {
- lprintf(LOG_ERR, "Incomplete data record in cipher suite data");
- return -1;
- }
- cipher_suite_id = cipher_suite_data[offset++];
- } else if (cipher_suite_data[offset++] == 0xC1) {
- /* OEM record type */
- /* Verify that we have at least a full record left
- * id + iana + 3 algs
- */
- if ((cipher_suite_data_length - offset) < 4) {
- lprintf(LOG_ERR, "Incomplete data record in cipher suite data");
- return -1;
- }
+static int
+ipmi_print_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type,
+ uint8_t channel)
+{
+ int rc;
+ size_t i = 0;
+ struct cipher_suite_info suites[MAX_CIPHER_SUITE_COUNT];
+ size_t nr_suites = sizeof(*suites);
- cipher_suite_id = cipher_suite_data[offset++];
+ rc = ipmi_get_channel_cipher_suites(intf, payload_type, channel,
+ suites, &nr_suites);
- /* Grab the IANA */
- iana =
- cipher_suite_data[offset] |
- (cipher_suite_data[offset + 1] << 8) |
- (cipher_suite_data[offset + 2] << 16);
- offset += 3;
- } else {
- lprintf(LOG_ERR, "Bad start of record byte in cipher suite data");
- return -1;
- }
+ if (rc < 0)
+ return rc;
- /*
- * Grab the algorithms for this cipher suite. I guess we can't be
- * sure of what order they'll come in. Also, I suppose we default
- * to the NONE algorithm if one were absent. This part of the spec is
- * poorly written -- I have read the errata document. For now, I'm only
- * allowing one algorithm per type (auth, integrity, crypt) because I
- * don't I understand how it could be otherwise.
- */
- auth_alg = IPMI_AUTH_RAKP_NONE;
- integrity_alg = IPMI_INTEGRITY_NONE;
- crypt_alg = IPMI_CRYPT_NONE;
-
- while (((cipher_suite_data[offset] & 0xC0) != 0xC0) &&
- ((cipher_suite_data_length - offset) > 0))
- {
- switch (cipher_suite_data[offset] & 0xC0)
- {
- case 0x00:
- /* Authentication algorithm specifier */
- auth_alg = cipher_suite_data[offset++] & 0x3F;
- break;
- case 0x40:
- /* Interity algorithm specifier */
- integrity_alg = cipher_suite_data[offset++] & 0x3F;
- break;
- case 0x80:
- /* Confidentiality algorithm specifier */
- crypt_alg = cipher_suite_data[offset++] & 0x3F;
- break;
- }
- }
+ if (! csv_output) {
+ printf("ID IANA Auth Alg Integrity Alg Confidentiality Alg\n");
+ }
+ for (i = 0; i < nr_suites; i++) {
/* We have everything we need to spit out a cipher suite record */
printf((csv_output? "%d,%s,%s,%s,%s\n" :
"%-4d %-7s %-15s %-15s %-15s\n"),
- cipher_suite_id,
- iana_string(iana),
- val2str(auth_alg, ipmi_auth_algorithms),
- val2str(integrity_alg, ipmi_integrity_algorithms),
- val2str(crypt_alg, ipmi_encryption_algorithms));
+ suites[i].cipher_suite_id,
+ iana_string(suites[i].iana),
+ val2str(suites[i].auth_alg, ipmi_auth_algorithms),
+ val2str(suites[i].integrity_alg, ipmi_integrity_algorithms),
+ val2str(suites[i].crypt_alg, ipmi_encryption_algorithms));
}
return 0;
}
@@ -973,7 +961,7 @@ ipmi_channel_main(struct ipmi_intf *intf, int argc, char **argv)
return (-1);
}
}
- retval = ipmi_get_channel_cipher_suites(intf,
+ retval = ipmi_print_channel_cipher_suites(intf,
argv[1], /* ipmi | sol */
channel);
} else if (strncmp(argv[0], "setkg", 5) == 0) {
diff --git a/lib/ipmi_main.c b/lib/ipmi_main.c
index 811c80b..6aee102 100644
--- a/lib/ipmi_main.c
+++ b/lib/ipmi_main.c
@@ -323,6 +323,7 @@ ipmi_main(int argc, char ** argv,
uint8_t target_addr = 0;
uint8_t target_channel = 0;
+ uint8_t u8tmp = 0;
uint8_t transit_addr = 0;
uint8_t transit_channel = 0;
uint8_t target_lun = 0;
@@ -347,7 +348,10 @@ ipmi_main(int argc, char ** argv,
char * seloem = NULL;
int port = 0;
int devnum = 0;
- int cipher_suite_id = 3; /* See table 22-19 of the IPMIv2 spec */
+#ifdef IPMI_INTF_LANPLUS
+ /* lookup best cipher suite available */
+ enum cipher_suite_ids cipher_suite_id = IPMI_LANPLUS_CIPHER_SUITE_RESERVED;
+#endif /* IPMI_INTF_LANPLUS */
int argflag, i, found;
int rc = -1;
int ai_family = AF_UNSPEC;
@@ -425,19 +429,18 @@ ipmi_main(int argc, char ** argv,
goto out_free;
}
break;
+#ifdef IPMI_INTF_LANPLUS
case 'C':
- if (str2int(optarg, &cipher_suite_id) != 0) {
- lprintf(LOG_ERR, "Invalid parameter given or out of range for '-C'.");
- rc = -1;
- goto out_free;
- }
- /* add check Cipher is -gt 0 */
- if (cipher_suite_id < 0) {
- lprintf(LOG_ERR, "Cipher suite ID %i is invalid.", cipher_suite_id);
+ /* Cipher Suite ID is a byte as per IPMI specification */
+ if (str2uchar(optarg, &u8tmp) != 0) {
+ lprintf(LOG_ERR, "Invalid parameter given or out of "
+ "range [0-255] for '-C'.");
rc = -1;
goto out_free;
}
+ cipher_suite_id = u8tmp;
break;
+#endif /* IPMI_INTF_LANPLUS */
case 'v':
verbose++;
break;
@@ -870,7 +873,9 @@ ipmi_main(int argc, char ** argv,
ipmi_intf_session_set_lookupbit(ipmi_main_intf, lookupbit);
ipmi_intf_session_set_sol_escape_char(ipmi_main_intf, sol_escape_char);
+#ifdef IPMI_INTF_LANPLUS
ipmi_intf_session_set_cipher_suite_id(ipmi_main_intf, cipher_suite_id);
+#endif /* IPMI_INTF_LANPLUS */
ipmi_main_intf->devnum = devnum;
diff --git a/src/plugins/ipmi_intf.c b/src/plugins/ipmi_intf.c
index 1d9e87b..00b0918 100644
--- a/src/plugins/ipmi_intf.c
+++ b/src/plugins/ipmi_intf.c
@@ -252,11 +252,14 @@ ipmi_intf_session_set_lookupbit(struct ipmi_intf * intf, uint8_t lookupbit)
intf->ssn_params.lookupbit = lookupbit;
}
+#ifdef IPMI_INTF_LANPLUS
void
-ipmi_intf_session_set_cipher_suite_id(struct ipmi_intf * intf, uint8_t cipher_suite_id)
+ipmi_intf_session_set_cipher_suite_id(struct ipmi_intf * intf,
+ enum cipher_suite_ids cipher_suite_id)
{
intf->ssn_params.cipher_suite_id = cipher_suite_id;
}
+#endif /* IPMI_INTF_LANPLUS */
void
ipmi_intf_session_set_sol_escape_char(struct ipmi_intf * intf, char sol_escape_char)
diff --git a/src/plugins/lanplus/lanplus.c b/src/plugins/lanplus/lanplus.c
index a0e388c..3087348 100644
--- a/src/plugins/lanplus/lanplus.c
+++ b/src/plugins/lanplus/lanplus.c
@@ -164,114 +164,109 @@ extern int verbose;
* returns 0 on success
* 1 on failure
*/
-int lanplus_get_requested_ciphers(int cipher_suite_id,
+int lanplus_get_requested_ciphers(enum cipher_suite_ids cipher_suite_id,
uint8_t * auth_alg,
uint8_t * integrity_alg,
uint8_t * crypt_alg)
{
-#ifdef HAVE_CRYPTO_SHA256
- if ((cipher_suite_id < 0) || (cipher_suite_id > 17)) {
- return 1;
- }
-#else
- if ((cipher_suite_id < 0) || (cipher_suite_id > 14))
- return 1;
-#endif /* HAVE_CRYPTO_SHA256 */
/* See table 22-19 for the source of the statement */
switch (cipher_suite_id)
{
- case 0:
+ case IPMI_LANPLUS_CIPHER_SUITE_0:
*auth_alg = IPMI_AUTH_RAKP_NONE;
*integrity_alg = IPMI_INTEGRITY_NONE;
*crypt_alg = IPMI_CRYPT_NONE;
break;
- case 1:
+ case IPMI_LANPLUS_CIPHER_SUITE_1:
*auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1;
*integrity_alg = IPMI_INTEGRITY_NONE;
*crypt_alg = IPMI_CRYPT_NONE;
break;
- case 2:
+ case IPMI_LANPLUS_CIPHER_SUITE_2:
*auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1;
*integrity_alg = IPMI_INTEGRITY_HMAC_SHA1_96;
*crypt_alg = IPMI_CRYPT_NONE;
break;
- case 3:
+ case IPMI_LANPLUS_CIPHER_SUITE_3:
*auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1;
*integrity_alg = IPMI_INTEGRITY_HMAC_SHA1_96;
*crypt_alg = IPMI_CRYPT_AES_CBC_128;
break;
- case 4:
+ case IPMI_LANPLUS_CIPHER_SUITE_4:
*auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1;
*integrity_alg = IPMI_INTEGRITY_HMAC_SHA1_96;
*crypt_alg = IPMI_CRYPT_XRC4_128;
break;
- case 5:
+ case IPMI_LANPLUS_CIPHER_SUITE_5:
*auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1;
*integrity_alg = IPMI_INTEGRITY_HMAC_SHA1_96;
*crypt_alg = IPMI_CRYPT_XRC4_40;
break;
- case 6:
+ case IPMI_LANPLUS_CIPHER_SUITE_6:
*auth_alg = IPMI_AUTH_RAKP_HMAC_MD5;
*integrity_alg = IPMI_INTEGRITY_NONE;
*crypt_alg = IPMI_CRYPT_NONE;
break;
- case 7:
+ case IPMI_LANPLUS_CIPHER_SUITE_7:
*auth_alg = IPMI_AUTH_RAKP_HMAC_MD5;
*integrity_alg = IPMI_INTEGRITY_HMAC_MD5_128;
*crypt_alg = IPMI_CRYPT_NONE;
break;
- case 8:
+ case IPMI_LANPLUS_CIPHER_SUITE_8:
*auth_alg = IPMI_AUTH_RAKP_HMAC_MD5;
*integrity_alg = IPMI_INTEGRITY_HMAC_MD5_128;
*crypt_alg = IPMI_CRYPT_AES_CBC_128;
break;
- case 9:
+ case IPMI_LANPLUS_CIPHER_SUITE_9:
*auth_alg = IPMI_AUTH_RAKP_HMAC_MD5;
*integrity_alg = IPMI_INTEGRITY_HMAC_MD5_128;
*crypt_alg = IPMI_CRYPT_XRC4_128;
break;
- case 10:
+ case IPMI_LANPLUS_CIPHER_SUITE_10:
*auth_alg = IPMI_AUTH_RAKP_HMAC_MD5;
*integrity_alg = IPMI_INTEGRITY_HMAC_MD5_128;
*crypt_alg = IPMI_CRYPT_XRC4_40;
break;
- case 11:
+ case IPMI_LANPLUS_CIPHER_SUITE_11:
*auth_alg = IPMI_AUTH_RAKP_HMAC_MD5;
*integrity_alg = IPMI_INTEGRITY_MD5_128;
*crypt_alg = IPMI_CRYPT_NONE;
break;
- case 12:
+ case IPMI_LANPLUS_CIPHER_SUITE_12:
*auth_alg = IPMI_AUTH_RAKP_HMAC_MD5;
*integrity_alg = IPMI_INTEGRITY_MD5_128;
*crypt_alg = IPMI_CRYPT_AES_CBC_128;
break;
- case 13:
+ case IPMI_LANPLUS_CIPHER_SUITE_13:
*auth_alg = IPMI_AUTH_RAKP_HMAC_MD5;
*integrity_alg = IPMI_INTEGRITY_MD5_128;
*crypt_alg = IPMI_CRYPT_XRC4_128;
break;
- case 14:
+ case IPMI_LANPLUS_CIPHER_SUITE_14:
*auth_alg = IPMI_AUTH_RAKP_HMAC_MD5;
*integrity_alg = IPMI_INTEGRITY_MD5_128;
*crypt_alg = IPMI_CRYPT_XRC4_40;
break;
#ifdef HAVE_CRYPTO_SHA256
- case 15:
+ case IPMI_LANPLUS_CIPHER_SUITE_15:
*auth_alg = IPMI_AUTH_RAKP_HMAC_SHA256;
*integrity_alg = IPMI_INTEGRITY_NONE;
*crypt_alg = IPMI_CRYPT_NONE;
break;
- case 16:
+ case IPMI_LANPLUS_CIPHER_SUITE_16:
*auth_alg = IPMI_AUTH_RAKP_HMAC_SHA256;
*integrity_alg = IPMI_INTEGRITY_HMAC_SHA256_128;
*crypt_alg = IPMI_CRYPT_NONE;
break;
- case 17:
+ case IPMI_LANPLUS_CIPHER_SUITE_17:
*auth_alg = IPMI_AUTH_RAKP_HMAC_SHA256;
*integrity_alg = IPMI_INTEGRITY_HMAC_SHA256_128;
*crypt_alg = IPMI_CRYPT_AES_CBC_128;
break;
#endif /* HAVE_CRYPTO_SHA256 */
+ case IPMI_LANPLUS_CIPHER_SUITE_RESERVED:
+ default:
+ return 1;
}
return 0;
@@ -3441,6 +3436,57 @@ ipmi_set_session_privlvl_cmd(struct ipmi_intf * intf)
return 0;
}
+static uint8_t
+ipmi_find_best_cipher_suite(struct ipmi_intf *intf)
+{
+ enum cipher_suite_ids best_suite = IPMI_LANPLUS_CIPHER_SUITE_RESERVED;
+#ifdef HAVE_CRYPTO_SHA256
+ struct cipher_suite_info suites[MAX_CIPHER_SUITE_COUNT];
+ size_t nr_suites = ARRAY_SIZE(suites);
+ /* cipher suite best order is chosen with this criteria:
+ * HMAC-MD5 and MD5 are BAD; xRC4 is bad; AES128 is required
+ * HMAC-SHA256 > HMAC-SHA1
+ * secure authentication > encrypted content
+ *
+ * With xRC4 out, all cipher suites with MD5 out, and cipher suite 3 being
+ * required by the spec, the only better defined standard cipher suite is
+ * 17. So if SHA256 is available, we should try to use that, otherwise,
+ * fall back to 3.
+ */
+ const enum cipher_suite_ids cipher_order_preferred[] = {
+ IPMI_LANPLUS_CIPHER_SUITE_17,
+ IPMI_LANPLUS_CIPHER_SUITE_3,
+ };
+ const size_t nr_preferred = ARRAY_SIZE(cipher_order_preferred);
+ size_t ipref, i;
+
+ if (ipmi_get_channel_cipher_suites(intf, "ipmi", IPMI_LAN_CHANNEL_E,
+ suites, &nr_suites) < 0)
+ {
+ /* default legacy behavior - cipher suite 3 if none is requested */
+ return IPMI_LANPLUS_CIPHER_SUITE_3;
+ }
+ for (ipref = 0; ipref < nr_preferred &&
+ IPMI_LANPLUS_CIPHER_SUITE_RESERVED == best_suite; ipref++)
+ {
+ for (i = 0; i < nr_suites; i++) {
+ if (cipher_order_preferred[ipref] == suites[i].cipher_suite_id) {
+ best_suite = cipher_order_preferred[ipref];
+ break;
+ }
+ }
+ }
+#endif /* HAVE_CRYPTO_SHA256 */
+ if (IPMI_LANPLUS_CIPHER_SUITE_RESERVED == best_suite) {
+ /* IPMI 2.0 spec requires that cipher suite 3 is implemented
+ * so we should always be able to fall back to that if better
+ * options are not available. */
+ best_suite = IPMI_LANPLUS_CIPHER_SUITE_3;
+ }
+ lprintf(LOG_INFO, "Using best available cipher suite %d\n", best_suite);
+ return best_suite;
+}
+
/**
* ipmi_lanplus_open
*/
@@ -3514,6 +3560,16 @@ ipmi_lanplus_open(struct ipmi_intf * intf)
lprintf(LOG_INFO, "This BMC does not support IPMI v2 / RMCP+");
goto fail;
}
+ /*
+ * If no cipher suite was provided, query the channel cipher suite list and
+ * pick the best one available
+ */
+ if (IPMI_LANPLUS_CIPHER_SUITE_RESERVED ==
+ intf->ssn_params.cipher_suite_id)
+ {
+ ipmi_intf_session_set_cipher_suite_id(intf,
+ ipmi_find_best_cipher_suite(intf));
+ }
/*
* If the open/rakp1/rakp3 sequence encounters a timeout, the whole sequence
@@ -3728,7 +3784,7 @@ static int ipmi_lanplus_setup(struct ipmi_intf * intf)
static void ipmi_lanp_set_max_rq_data_size(struct ipmi_intf * intf, uint16_t size)
{
- if (intf->ssn_params.cipher_suite_id == 3) {
+ if (intf->ssn_params.cipher_suite_id == IPMI_LANPLUS_CIPHER_SUITE_3) {
/*
* encrypted payload can only be multiple of 16 bytes
*/
@@ -3746,7 +3802,7 @@ static void ipmi_lanp_set_max_rq_data_size(struct ipmi_intf * intf, uint16_t siz
static void ipmi_lanp_set_max_rp_data_size(struct ipmi_intf * intf, uint16_t size)
{
- if (intf->ssn_params.cipher_suite_id == 3) {
+ if (intf->ssn_params.cipher_suite_id == IPMI_LANPLUS_CIPHER_SUITE_3) {
/*
* encrypted payload can only be multiple of 16 bytes
*/
--
2.20.1

383
0009-CVE-2020-5208.patch Normal file
View File

@ -0,0 +1,383 @@
From a1732e68bce148255785e67eb035520729274d86 Mon Sep 17 00:00:00 2001
From: Chrostoper Ertl <chertl@microsoft.com>
Date: Thu, 28 Nov 2019 16:33:59 +0000
Subject: [PATCH] Fixes for CVE-2020-5208
see https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
This patch is combination of following commits:
pick e824c23316ae50beb7f7488f2055ac65e8b341f2 fru: Fix buffer overflow vulnerabilities
pick 840fb1cbb4fb365cb9797300e3374d4faefcdb10 fru: Fix buffer overflow in ipmi_spd_print_fru
pick 41d7026946fafbd4d1ec0bcaca3ea30a6e8eed22 session: Fix buffer overflow in ipmi_get_session_info
pick 9452be87181a6e83cfcc768b3ed8321763db50e4 channel: Fix buffer overflow
pick d45572d71e70840e0d4c50bf48218492b79c1a10 lanp: Fix buffer overflows in get_lan_param_select
pick 7ccea283dd62a05a320c1921e3d8d71a87772637 fru, sdr: Fix id_string buffer overflows
[vdolezal@redhat.com]: fixed memleak of `spd_data` in
lib/dimm_spd.c:ipmi_spd_print_fru()
---
lib/dimm_spd.c | 11 ++++++++++-
lib/ipmi_channel.c | 5 ++++-
lib/ipmi_fru.c | 35 ++++++++++++++++++++++++++++++++---
lib/ipmi_lanp.c | 14 +++++++-------
lib/ipmi_sdr.c | 40 ++++++++++++++++++++++++----------------
lib/ipmi_session.c | 12 ++++++++----
6 files changed, 85 insertions(+), 32 deletions(-)
diff --git a/lib/dimm_spd.c b/lib/dimm_spd.c
index 41e30db..ebcc94c 100644
--- a/lib/dimm_spd.c
+++ b/lib/dimm_spd.c
@@ -1621,7 +1621,7 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id)
struct ipmi_rq req;
struct fru_info fru;
uint8_t *spd_data, msg_data[4];
- int len, offset;
+ uint32_t len, offset;
msg_data[0] = id;
@@ -1697,6 +1697,15 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id)
}
len = rsp->data[0];
+ if(rsp->data_len < 1
+ || len > rsp->data_len - 1
+ || len > fru.size - offset)
+ {
+ printf(" Not enough buffer size");
+ free(spd_data);
+ spd_data = NULL;
+ return -1;
+ }
memcpy(&spd_data[offset], rsp->data + 1, len);
offset += len;
} while (offset < fru.size);
diff --git a/lib/ipmi_channel.c b/lib/ipmi_channel.c
index 3ae3104..80ba522 100644
--- a/lib/ipmi_channel.c
+++ b/lib/ipmi_channel.c
@@ -447,7 +447,10 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type,
lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites");
return -1;
}
- if (rsp->ccode || rsp->data_len < 1) {
+ if (rsp->ccode
+ || rsp->data_len < 1
+ || rsp->data_len > sizeof(uint8_t) + MAX_CIPHER_SUITE_DATA_LEN)
+ {
lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s",
val2str(rsp->ccode, completion_code_vals));
return -1;
diff --git a/lib/ipmi_fru.c b/lib/ipmi_fru.c
index cf00eff..98bc984 100644
--- a/lib/ipmi_fru.c
+++ b/lib/ipmi_fru.c
@@ -615,7 +615,10 @@ int
read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
uint32_t offset, uint32_t length, uint8_t *frubuf)
{
- uint32_t off = offset, tmp, finish;
+ uint32_t off = offset;
+ uint32_t tmp;
+ uint32_t finish;
+ uint32_t size_left_in_buffer;
struct ipmi_rs * rsp;
struct ipmi_rq req;
uint8_t msg_data[4];
@@ -628,10 +631,12 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
finish = offset + length;
if (finish > fru->size) {
+ memset(frubuf + fru->size, 0, length - fru->size);
finish = fru->size;
lprintf(LOG_NOTICE, "Read FRU Area length %d too large, "
"Adjusting to %d",
offset + length, finish - offset);
+ length = finish - offset;
}
memset(&req, 0, sizeof(req));
@@ -667,6 +672,7 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
}
}
+ size_left_in_buffer = length;
do {
tmp = fru->access ? off >> 1 : off;
msg_data[0] = id;
@@ -707,9 +713,18 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
}
tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0];
+ if(rsp->data_len < 1
+ || tmp > rsp->data_len - 1
+ || tmp > size_left_in_buffer)
+ {
+ printf(" Not enough buffer size");
+ return -1;
+ }
+
memcpy(frubuf, rsp->data + 1, tmp);
off += tmp;
frubuf += tmp;
+ size_left_in_buffer -= tmp;
/* sometimes the size returned in the Info command
* is too large. return 0 so higher level function
* still attempts to parse what was returned */
@@ -742,7 +757,9 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
uint32_t offset, uint32_t length, uint8_t *frubuf)
{
static uint32_t fru_data_rqst_size = 20;
- uint32_t off = offset, tmp, finish;
+ uint32_t off = offset;
+ uint32_t tmp, finish;
+ uint32_t size_left_in_buffer;
struct ipmi_rs * rsp;
struct ipmi_rq req;
uint8_t msg_data[4];
@@ -755,10 +772,12 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
finish = offset + length;
if (finish > fru->size) {
+ memset(frubuf + fru->size, 0, length - fru->size);
finish = fru->size;
lprintf(LOG_NOTICE, "Read FRU Area length %d too large, "
"Adjusting to %d",
offset + length, finish - offset);
+ length = finish - offset;
}
memset(&req, 0, sizeof(req));
@@ -773,6 +792,8 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
if (fru->access && fru_data_rqst_size > 16)
#endif
fru_data_rqst_size = 16;
+
+ size_left_in_buffer = length;
do {
tmp = fru->access ? off >> 1 : off;
msg_data[0] = id;
@@ -804,8 +825,16 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
}
tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0];
+ if(rsp->data_len < 1
+ || tmp > rsp->data_len - 1
+ || tmp > size_left_in_buffer)
+ {
+ printf(" Not enough buffer size");
+ return -1;
+ }
memcpy((frubuf + off)-offset, rsp->data + 1, tmp);
off += tmp;
+ size_left_in_buffer -= tmp;
/* sometimes the size returned in the Info command
* is too large. return 0 so higher level function
@@ -3033,7 +3062,7 @@ ipmi_fru_print(struct ipmi_intf * intf, struct sdr_record_fru_locator * fru)
return 0;
memset(desc, 0, sizeof(desc));
- memcpy(desc, fru->id_string, fru->id_code & 0x01f);
+ memcpy(desc, fru->id_string, __min(fru->id_code & 0x01f, sizeof(desc)));
desc[fru->id_code & 0x01f] = 0;
printf("FRU Device Description : %s (ID %d)\n", desc, fru->device_id);
diff --git a/lib/ipmi_lanp.c b/lib/ipmi_lanp.c
index 65d881b..022c7f1 100644
--- a/lib/ipmi_lanp.c
+++ b/lib/ipmi_lanp.c
@@ -1809,7 +1809,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
if (p == NULL) {
return (-1);
}
- memcpy(data, p->data, p->data_len);
+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
/* set new ipaddr */
memcpy(data+3, temp, 4);
printf("Setting LAN Alert %d IP Address to %d.%d.%d.%d\n", alert,
@@ -1824,7 +1824,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
if (p == NULL) {
return (-1);
}
- memcpy(data, p->data, p->data_len);
+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
/* set new macaddr */
memcpy(data+7, temp, 6);
printf("Setting LAN Alert %d MAC Address to "
@@ -1838,7 +1838,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
if (p == NULL) {
return (-1);
}
- memcpy(data, p->data, p->data_len);
+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
if (strncasecmp(argv[1], "def", 3) == 0 ||
strncasecmp(argv[1], "default", 7) == 0) {
@@ -1864,7 +1864,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
if (p == NULL) {
return (-1);
}
- memcpy(data, p->data, p->data_len);
+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
if (strncasecmp(argv[1], "on", 2) == 0 ||
strncasecmp(argv[1], "yes", 3) == 0) {
@@ -1889,7 +1889,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
if (p == NULL) {
return (-1);
}
- memcpy(data, p->data, p->data_len);
+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
if (strncasecmp(argv[1], "pet", 3) == 0) {
printf("Setting LAN Alert %d destination to PET Trap\n", alert);
@@ -1917,7 +1917,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
if (p == NULL) {
return (-1);
}
- memcpy(data, p->data, p->data_len);
+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
if (str2uchar(argv[1], &data[2]) != 0) {
lprintf(LOG_ERR, "Invalid time: %s", argv[1]);
@@ -1933,7 +1933,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
if (p == NULL) {
return (-1);
}
- memcpy(data, p->data, p->data_len);
+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
if (str2uchar(argv[1], &data[3]) != 0) {
lprintf(LOG_ERR, "Invalid retry: %s", argv[1]);
diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c
index fd2c02d..01d81f7 100644
--- a/lib/ipmi_sdr.c
+++ b/lib/ipmi_sdr.c
@@ -2086,7 +2086,7 @@ ipmi_sdr_print_sensor_eventonly(struct ipmi_intf *intf,
return -1;
memset(desc, 0, sizeof (desc));
- snprintf(desc, (sensor->id_code & 0x1f) + 1, "%s", sensor->id_string);
+ snprintf(desc, sizeof(desc), "%.*s", (sensor->id_code & 0x1f) + 1, sensor->id_string);
if (verbose) {
printf("Sensor ID : %s (0x%x)\n",
@@ -2137,7 +2137,7 @@ ipmi_sdr_print_sensor_mc_locator(struct ipmi_intf *intf,
return -1;
memset(desc, 0, sizeof (desc));
- snprintf(desc, (mc->id_code & 0x1f) + 1, "%s", mc->id_string);
+ snprintf(desc, sizeof(desc), "%.*s", (mc->id_code & 0x1f) + 1, mc->id_string);
if (verbose == 0) {
if (csv_output)
@@ -2230,7 +2230,7 @@ ipmi_sdr_print_sensor_generic_locator(struct ipmi_intf *intf,
char desc[17];
memset(desc, 0, sizeof (desc));
- snprintf(desc, (dev->id_code & 0x1f) + 1, "%s", dev->id_string);
+ snprintf(desc, sizeof(desc), "%.*s", (dev->id_code & 0x1f) + 1, dev->id_string);
if (!verbose) {
if (csv_output)
@@ -2287,7 +2287,7 @@ ipmi_sdr_print_sensor_fru_locator(struct ipmi_intf *intf,
char desc[17];
memset(desc, 0, sizeof (desc));
- snprintf(desc, (fru->id_code & 0x1f) + 1, "%s", fru->id_string);
+ snprintf(desc, sizeof(desc), "%.*s", (fru->id_code & 0x1f) + 1, fru->id_string);
if (!verbose) {
if (csv_output)
@@ -2491,35 +2491,43 @@ ipmi_sdr_print_name_from_rawentry(struct ipmi_intf *intf, uint16_t id,
int rc =0;
char desc[17];
+ const char *id_string;
+ uint8_t id_code;
memset(desc, ' ', sizeof (desc));
switch ( type) {
case SDR_RECORD_TYPE_FULL_SENSOR:
record.full = (struct sdr_record_full_sensor *) raw;
- snprintf(desc, (record.full->id_code & 0x1f) +1, "%s",
- (const char *)record.full->id_string);
+ id_code = record.full->id_code;
+ id_string = record.full->id_string;
break;
+
case SDR_RECORD_TYPE_COMPACT_SENSOR:
record.compact = (struct sdr_record_compact_sensor *) raw ;
- snprintf(desc, (record.compact->id_code & 0x1f) +1, "%s",
- (const char *)record.compact->id_string);
+ id_code = record.compact->id_code;
+ id_string = record.compact->id_string;
break;
+
case SDR_RECORD_TYPE_EVENTONLY_SENSOR:
record.eventonly = (struct sdr_record_eventonly_sensor *) raw ;
- snprintf(desc, (record.eventonly->id_code & 0x1f) +1, "%s",
- (const char *)record.eventonly->id_string);
- break;
+ id_code = record.eventonly->id_code;
+ id_string = record.eventonly->id_string;
+ break;
+
case SDR_RECORD_TYPE_MC_DEVICE_LOCATOR:
record.mcloc = (struct sdr_record_mc_locator *) raw ;
- snprintf(desc, (record.mcloc->id_code & 0x1f) +1, "%s",
- (const char *)record.mcloc->id_string);
+ id_code = record.mcloc->id_code;
+ id_string = record.mcloc->id_string;
break;
+
default:
rc = -1;
- break;
- }
+ }
+ if (!rc) {
+ snprintf(desc, sizeof(desc), "%.*s", (id_code & 0x1f) + 1, id_string);
+ }
- lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc);
+ lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc);
return rc;
}
diff --git a/lib/ipmi_session.c b/lib/ipmi_session.c
index 141f0f4..b9af1fd 100644
--- a/lib/ipmi_session.c
+++ b/lib/ipmi_session.c
@@ -309,8 +309,10 @@ ipmi_get_session_info(struct ipmi_intf * intf,
}
else
{
- memcpy(&session_info, rsp->data, rsp->data_len);
- print_session_info(&session_info, rsp->data_len);
+ memcpy(&session_info, rsp->data,
+ __min(rsp->data_len, sizeof(session_info)));
+ print_session_info(&session_info,
+ __min(rsp->data_len, sizeof(session_info)));
}
break;
@@ -341,8 +343,10 @@ ipmi_get_session_info(struct ipmi_intf * intf,
break;
}
- memcpy(&session_info, rsp->data, rsp->data_len);
- print_session_info(&session_info, rsp->data_len);
+ memcpy(&session_info, rsp->data,
+ __min(rsp->data_len, sizeof(session_info)));
+ print_session_info(&session_info,
+ __min(rsp->data_len, sizeof(session_info)));
} while (i <= session_info.session_slot_count);
break;
--
2.20.1

View File

@ -0,0 +1,420 @@
From 87a898756a7bd54898c1f6d2a5441efb1f810b67 Mon Sep 17 00:00:00 2001
From: qctbmc <qct.bmc@gmail.com>
Date: Tue, 10 Jul 2018 11:21:55 +0800
Subject: [PATCH] oem: Add basic support for Quanta
---
include/ipmitool/Makefile.am | 2 +-
include/ipmitool/ipmi_quantaoem.h | 55 +++++++++
lib/Makefile.am | 2 +-
lib/ipmi_main.c | 1 +
lib/ipmi_oem.c | 14 +++
lib/ipmi_quantaoem.c | 184 ++++++++++++++++++++++++++++++
lib/ipmi_sel.c | 21 +++-
src/ipmitool.c | 1 +
8 files changed, 274 insertions(+), 6 deletions(-)
create mode 100644 include/ipmitool/ipmi_quantaoem.h
create mode 100644 lib/ipmi_quantaoem.c
diff --git a/include/ipmitool/Makefile.am b/include/ipmitool/Makefile.am
index 9093a56..8bc584a 100644
--- a/include/ipmitool/Makefile.am
+++ b/include/ipmitool/Makefile.am
@@ -39,4 +39,4 @@ noinst_HEADERS = log.h bswap.h hpm2.h helper.h ipmi.h ipmi_cc.h ipmi_intf.h \
ipmi_fwum.h ipmi_main.h ipmi_tsol.h ipmi_firewall.h \
ipmi_kontronoem.h ipmi_ekanalyzer.h ipmi_gendev.h ipmi_ime.h \
ipmi_delloem.h ipmi_dcmi.h ipmi_vita.h ipmi_sel_supermicro.h \
- ipmi_cfgp.h ipmi_lanp6.h
+ ipmi_cfgp.h ipmi_lanp6.h ipmi_quantaoem.h
diff --git a/include/ipmitool/ipmi_quantaoem.h b/include/ipmitool/ipmi_quantaoem.h
new file mode 100644
index 0000000..544f510
--- /dev/null
+++ b/include/ipmitool/ipmi_quantaoem.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2018 Quanta Computer Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistribution of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistribution in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * Neither the name of Quanta Computer Inc. or the names of
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any kind.
+ * ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES,
+ * INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A
+ * PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED.
+ * Quanta Computer Inc. AND ITS LICENSORS SHALL NOT BE LIABLE
+ * FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING
+ * OR DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL
+ * Quanta Computer Inc. OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA,
+ * OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR
+ * PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF
+ * LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
+ * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ */
+
+#ifndef IPMI_QUANTAOEM_H
+#define IPMI_QUANTAOEM_H
+
+#if HAVE_CONFIG_H
+# include <config.h>
+#endif
+#include <ipmitool/ipmi.h>
+#include <ipmitool/ipmi_sdr.h>
+
+#define OEM_QCT_NETFN 0x36
+#define OEM_QCT_GET_INFO 0x65
+
+typedef enum
+{
+ OEM_QCT_PLATFORM_UNKNOWN = 0,
+ OEM_QCT_PLATFORM_GRANTLEY,
+ OEM_QCT_PLATFORM_PURLEY
+} qct_platform_t;
+
+qct_platform_t oem_qct_get_platform_id(struct ipmi_intf *intf);
+char *oem_qct_get_evt_desc(struct ipmi_intf *intf, struct sel_event_record *rec);
+
+#endif /*IPMI_QUANTAOEM_H*/
diff --git a/lib/Makefile.am b/lib/Makefile.am
index cc69a8f..e7568f3 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -41,7 +41,7 @@ libipmitool_la_SOURCES = helper.c ipmi_sdr.c ipmi_sel.c ipmi_sol.c ipmi_pef.c \
ipmi_main.c ipmi_tsol.c ipmi_firewall.c ipmi_kontronoem.c \
ipmi_hpmfwupg.c ipmi_sdradd.c ipmi_ekanalyzer.c ipmi_gendev.c \
ipmi_ime.c ipmi_delloem.c ipmi_dcmi.c hpm2.c ipmi_vita.c \
- ipmi_lanp6.c ipmi_cfgp.c \
+ ipmi_lanp6.c ipmi_cfgp.c ipmi_quantaoem.c \
../src/plugins/lan/md5.c ../src/plugins/lan/md5.h
libipmitool_la_LDFLAGS = -export-dynamic
diff --git a/lib/ipmi_main.c b/lib/ipmi_main.c
index 6aee102..9d4a148 100644
--- a/lib/ipmi_main.c
+++ b/lib/ipmi_main.c
@@ -75,6 +75,7 @@
#include <ipmitool/ipmi_picmg.h>
#include <ipmitool/ipmi_kontronoem.h>
#include <ipmitool/ipmi_vita.h>
+#include <ipmitool/ipmi_quantaoem.h>
#ifdef HAVE_CONFIG_H
# include <config.h>
diff --git a/lib/ipmi_oem.c b/lib/ipmi_oem.c
index 96db2ea..86fd803 100644
--- a/lib/ipmi_oem.c
+++ b/lib/ipmi_oem.c
@@ -39,6 +39,7 @@
static int ipmi_oem_supermicro(struct ipmi_intf * intf);
static int ipmi_oem_ibm(struct ipmi_intf * intf);
+static int ipmi_oem_quanta(struct ipmi_intf * intf);
static struct ipmi_oem_handle ipmi_oem_list[] = {
{
@@ -71,6 +72,11 @@ static struct ipmi_oem_handle ipmi_oem_list[] = {
.name = "kontron",
.desc = "Kontron OEM big buffer support"
},
+ {
+ .name = "quanta",
+ .desc = "Quanta IPMIv1.5 BMC with OEM LAN authentication support",
+ .setup = ipmi_oem_quanta,
+ },
{ 0 }
};
@@ -93,6 +99,14 @@ ipmi_oem_ibm(struct ipmi_intf * intf)
return ipmi_sel_oem_init((const char *)filename);
}
+/* Quanta IPMIv2 BMCs use OEM authtype */
+static int
+ipmi_oem_quanta(struct ipmi_intf * intf)
+{
+ ipmi_intf_session_set_authtype(intf, IPMI_SESSION_AUTHTYPE_OEM);
+ return 0;
+}
+
/* ipmi_oem_print - print list of OEM handles
*/
void
diff --git a/lib/ipmi_quantaoem.c b/lib/ipmi_quantaoem.c
new file mode 100644
index 0000000..7b4c5c6
--- /dev/null
+++ b/lib/ipmi_quantaoem.c
@@ -0,0 +1,184 @@
+/*
+ * Copyright (c) 2018 Quanta Computer Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistribution of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistribution in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * Neither the name of Quanta Computer Inc. or the names of
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any kind.
+ * ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES,
+ * INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A
+ * PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED.
+ * Quanta Computer Inc. AND ITS LICENSORS SHALL NOT BE LIABLE
+ * FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING
+ * OR DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL
+ * Quanta Computer Inc. OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA,
+ * OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR
+ * PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF
+ * LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
+ * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ */
+#define _XOPEN_SOURCE
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <strings.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <errno.h>
+#include <time.h>
+#include <unistd.h>
+#include <signal.h>
+#include <ctype.h>
+#include <sys/time.h>
+#include <limits.h>
+#include <fcntl.h>
+#include <sys/select.h>
+#include <termios.h>
+#include <ipmitool/ipmi.h>
+#include <ipmitool/ipmi_mc.h>
+#include <ipmitool/ipmi_intf.h>
+#include <ipmitool/helper.h>
+#include <ipmitool/log.h>
+#include <ipmitool/ipmi_sel.h>
+#include <ipmitool/ipmi_sdr.h>
+#include <ipmitool/ipmi_strings.h>
+#include <ipmitool/ipmi_channel.h>
+#include <ipmitool/ipmi_quantaoem.h>
+#include <ipmitool/ipmi_raw.h>
+
+/* Max Size of the description String to be displyed for the Each sel entry */
+#define SIZE_OF_DESC 128
+
+#define CPU_SHIFT 6
+#define CPU_MASK 0X03
+#define CPU_NUM(x) (((x) >> CPU_SHIFT) & CPU_MASK)
+
+#define CHANNEL_BASE 0x41
+#define CHANNEL_SHIFT 3
+#define CHANNEL_MASK 0x07
+#define CHANNEL_OFFSET(x) (((x) >> CHANNEL_SHIFT) & CHANNEL_MASK)
+#define CHANNEL_NUM(x) (CHANNEL_BASE + CHANNEL_OFFSET(x))
+
+#define DIMM_MASK 0x07
+#define DIMM_NUM(x) ((x) & DIMM_MASK)
+
+#define GET_PLATFORM_ID_DATA_SIZE 4
+
+// Magic code to check if it's valid command
+#define QCT_MAGIC_1 0x4C
+#define QCT_MAGIC_2 0x1C
+#define QCT_MAGIC_3 0x00
+#define QCT_MAGIC_4 0x02
+
+qct_platform_t
+oem_qct_get_platform_id(struct ipmi_intf *intf)
+{
+ /* Execute a Get platform ID command to determine the board */
+ struct ipmi_rs *rsp;
+ struct ipmi_rq req;
+ qct_platform_t platform_id;
+ uint8_t msg_data[GET_PLATFORM_ID_DATA_SIZE];
+
+ /* Ask for IPMI v2 data as well */
+ msg_data[0] = QCT_MAGIC_1;
+ msg_data[1] = QCT_MAGIC_2;
+ msg_data[2] = QCT_MAGIC_3;
+ msg_data[3] = QCT_MAGIC_4;
+
+ memset(&req, 0, sizeof(req));
+ req.msg.netfn = OEM_QCT_NETFN;
+ req.msg.cmd = OEM_QCT_GET_INFO;
+ req.msg.data = msg_data;
+ req.msg.data_len = sizeof(msg_data);
+
+ rsp = intf->sendrecv(intf, &req);
+ if (rsp == NULL) {
+ lprintf(LOG_ERR, "Get Platform ID command failed");
+ return 0;
+ }
+ if (rsp->ccode) {
+ lprintf(LOG_ERR, "Get Platform ID command failed: %#x %s",
+ rsp->ccode, val2str(rsp->ccode, completion_code_vals));
+ return 0;
+ }
+ platform_id = rsp->data[0];
+ lprintf(LOG_DEBUG,"Platform ID: %hhx", rsp->data[0]);
+ return platform_id;
+}
+
+char *
+oem_qct_get_evt_desc(struct ipmi_intf *intf, struct sel_event_record *rec)
+{
+ struct ipmi_rs *rsp;
+ struct ipmi_rq req;
+ char *desc = NULL;
+ int data;
+ int sensor_type;
+ qct_platform_t platform_id;
+
+ /* Get the OEM event Bytes of the SEL Records byte 15 to data */
+ data = rec->sel_type.standard_type.event_data[2];
+ /* Check for the Standard Event type == 0x6F */
+ if (rec->sel_type.standard_type.event_type != 0x6F) {
+ goto out;
+ }
+ /* Allocate mem for te Description string */
+ desc = malloc(SIZE_OF_DESC);
+ if (desc == NULL) {
+ lprintf(LOG_ERR, "ipmitool: malloc failure");
+ goto out;
+ }
+ memset(desc, 0, SIZE_OF_DESC);
+ sensor_type = rec->sel_type.standard_type.sensor_type;
+ switch (sensor_type) {
+ case SENSOR_TYPE_MEMORY:
+ memset(&req, 0, sizeof (req));
+ req.msg.netfn = IPMI_NETFN_APP;
+ req.msg.lun = 0;
+ req.msg.cmd = BMC_GET_DEVICE_ID;
+ req.msg.data = NULL;
+ req.msg.data_len = 0;
+
+ rsp = intf->sendrecv(intf, &req);
+ if (rsp == NULL) {
+ lprintf(LOG_ERR, " Error getting system info");
+ goto out;
+ } else if (rsp->ccode) {
+ lprintf(LOG_ERR, " Error getting system info: %s",
+ val2str(rsp->ccode, completion_code_vals));
+ goto out;
+ }
+ /* check the platform type */
+ platform_id = oem_qct_get_platform_id(intf);
+ if (OEM_QCT_PLATFORM_PURLEY == platform_id) {
+ snprintf(desc, SIZE_OF_DESC, "CPU%d_%c%d",
+ CPU_NUM(data),
+ CHANNEL_NUM(data),
+ DIMM_NUM(data));
+ }
+ break;
+ default:
+ goto out;
+ }
+ return desc;
+out:
+ if (desc) {
+ free(desc);
+ desc = NULL;
+ }
+ return desc;
+}
diff --git a/lib/ipmi_sel.c b/lib/ipmi_sel.c
index 8b0395e..a54fefd 100644
--- a/lib/ipmi_sel.c
+++ b/lib/ipmi_sel.c
@@ -50,6 +50,7 @@
#include <ipmitool/ipmi_fru.h>
#include <ipmitool/ipmi_sensor.h>
#include <ipmitool/ipmi_strings.h>
+#include <ipmitool/ipmi_quantaoem.h>
extern int verbose;
static int sel_extended = 0;
@@ -1244,6 +1245,9 @@ ipmi_get_oem_desc(struct ipmi_intf * intf, struct sel_event_record * rec)
case IPMI_OEM_SUPERMICRO_47488:
desc = get_supermicro_evt_desc(intf, rec);
break;
+ case IPMI_OEM_QUANTA:
+ desc = oem_qct_get_evt_desc(intf, rec);
+ break;
case IPMI_OEM_UNKNOWN:
default:
break;
@@ -1349,6 +1353,9 @@ ipmi_get_event_desc(struct ipmi_intf * intf, struct sel_event_record * rec, char
sfx = ipmi_get_oem_desc(intf, rec);
break;
/* add your oem sensor assignation here */
+ case IPMI_OEM_QUANTA:
+ sfx = ipmi_get_oem_desc(intf, rec);
+ break;
default:
lprintf(LOG_DEBUG, "oem sensor type %x using standard type supplied description",
rec->sel_type.standard_type.sensor_type );
@@ -1359,9 +1366,12 @@ ipmi_get_event_desc(struct ipmi_intf * intf, struct sel_event_record * rec, char
case IPMI_OEM_SUPERMICRO:
case IPMI_OEM_SUPERMICRO_47488:
sfx = ipmi_get_oem_desc(intf, rec);
- break;
+ break;
+ case IPMI_OEM_QUANTA:
+ sfx = ipmi_get_oem_desc(intf, rec);
+ break;
default:
- break;
+ break;
}
}
/*
@@ -1986,9 +1996,12 @@ ipmi_sel_print_std_entry(struct ipmi_intf * intf, struct sel_event_record * evt)
case IPMI_OEM_SUPERMICRO:
case IPMI_OEM_SUPERMICRO_47488:
print_sensor = 0;
- break;
+ break;
+ case IPMI_OEM_QUANTA:
+ print_sensor = 0;
+ break;
default:
- break;
+ break;
}
/*
* Sensor-Specific Discrete
diff --git a/src/ipmitool.c b/src/ipmitool.c
index 5e19c6e..ec0b741 100644
--- a/src/ipmitool.c
+++ b/src/ipmitool.c
@@ -66,6 +66,7 @@
#include <ipmitool/ipmi_ime.h>
#include <ipmitool/ipmi_dcmi.h>
#include <ipmitool/ipmi_vita.h>
+#include <ipmitool/ipmi_quantaoem.h>
#ifdef HAVE_CONFIG_H
# include <config.h>
--
2.20.1

View File

@ -0,0 +1,33 @@
From a365e624fff752bfe79438f6c177399492ccfdde Mon Sep 17 00:00:00 2001
From: Vaclav Dolezal <vdolezal@redhat.com>
Date: Fri, 1 Mar 2019 14:46:12 +0100
Subject: [PATCH] Fix "ipmitool pef {status,info}" not printing final newline
Signed-off-by: Vaclav Dolezal <vdolezal@redhat.com>
---
lib/ipmi_pef.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/ipmi_pef.c b/lib/ipmi_pef.c
index bbf25f2..4be749e 100644
--- a/lib/ipmi_pef.c
+++ b/lib/ipmi_pef.c
@@ -1183,6 +1183,7 @@ ipmi_pef2_get_info(struct ipmi_intf *intf)
ipmi_pef_print_guid(guid_ptr);
}
ipmi_pef_print_flags(&pef_b2s_actions, P_SUPP, pcap.actions);
+ putchar('\n');
return 0;
}
@@ -1242,6 +1243,7 @@ ipmi_pef2_get_status(struct ipmi_intf *intf)
return (-1);
}
ipmi_pef_print_flags(&pef_b2s_actions, P_ACTV, rsp->data[1]);
+ putchar('\n');
return 0;
}
--
2.25.4

View File

@ -0,0 +1,38 @@
From 9d72def87ecc384d0a46525c766e755068fefe54 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=A1clav=20Dole=C5=BEal?= <vdolezal@redhat.com>
Date: Thu, 28 May 2020 13:32:31 +0200
Subject: [PATCH] lanplus: don't retry pre-session Get cipher suites
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Some BMCs are ignoring it, causing needless delay.
Signed-off-by: Václav Doležal <vdolezal@redhat.com>
---
src/plugins/lanplus/lanplus.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/plugins/lanplus/lanplus.c b/src/plugins/lanplus/lanplus.c
index 3087348..c442c0e 100644
--- a/src/plugins/lanplus/lanplus.c
+++ b/src/plugins/lanplus/lanplus.c
@@ -3459,9 +3459,13 @@ ipmi_find_best_cipher_suite(struct ipmi_intf *intf)
};
const size_t nr_preferred = ARRAY_SIZE(cipher_order_preferred);
size_t ipref, i;
+ int rc;
+ int retry_old = intf->ssn_params.retry;
- if (ipmi_get_channel_cipher_suites(intf, "ipmi", IPMI_LAN_CHANNEL_E,
- suites, &nr_suites) < 0)
+ ipmi_intf_session_set_retry(intf, 1);
+ rc = ipmi_get_channel_cipher_suites(intf, "ipmi", IPMI_LAN_CHANNEL_E, suites, &nr_suites);
+ ipmi_intf_session_set_retry(intf, retry_old);
+ if (rc < 0)
{
/* default legacy behavior - cipher suite 3 if none is requested */
return IPMI_LANPLUS_CIPHER_SUITE_3;
--
2.25.4

View File

@ -0,0 +1,65 @@
From 646160e2175f9e0ba33e4f2bda12d84555e9c30e Mon Sep 17 00:00:00 2001
From: Alexander Amelkin <alexander@amelkin.msk.ru>
Date: Thu, 29 Nov 2018 13:10:53 +0300
Subject: [PATCH] lanplus: Cleanup. Refix 6dec83ff, fix be2c0c4b
This is a cleanup commit.
Commit 6dec83ff removed assignment of `rsp` pointer
in SOL-processing block of ipmi_lan_poll_single(),
but left the check for the pointer validity in place.
Although that has effectively fixed the bug of potentially
accessing the null `rsp` pointer in the `else` block introduced
with be2c0c4b, the resulting if/else looked suspicious and left
and impression that a NULL pointer could still be accessed.
This commit removes the check for `rsp` from the `if`
as it is checked at the start of the function where `rsp`
is initialized (and that is the only place where it is ever changed).
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
(cherry picked from commit 64727f59c4a1412fdb73e092fb838ae66e2aad1a)
lanplus: Fix segfault for truncated dcmi response
On occasion a dcmi power reading will return error C6, and a
truncated response payload. As the decrypted payload is shorter
than the expected length, lanplus_decrypt_aes_cbc_128() adjusts
the payload_size downward by one byte. In ipmi_lan_poll_single()
the calculation to determine if the payload size has increased
erroniously sets extra_data_length to -1, with a subsequent
segv when calling a memmove to shift response data.
The fix is to check for a positive value in the extra_data_length.
Resolves ipmitool/ipmitool#72
(cherry picked from commit 9ec2232321a7bca7e1fb8f939d071f12c8dfa7fd)
---
src/plugins/lanplus/lanplus.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/plugins/lanplus/lanplus.c b/src/plugins/lanplus/lanplus.c
index c442c0e..ef132f6 100644
--- a/src/plugins/lanplus/lanplus.c
+++ b/src/plugins/lanplus/lanplus.c
@@ -814,7 +814,7 @@ ipmi_lan_poll_single(struct ipmi_intf * intf)
* rsp->data_len becomes the length of that data
*/
extra_data_length = payload_size - (offset - payload_start) - 1;
- if (extra_data_length) {
+ if (extra_data_length > 0) {
rsp->data_len = extra_data_length;
memmove(rsp->data, rsp->data + offset, extra_data_length);
} else {
@@ -868,7 +868,7 @@ ipmi_lan_poll_single(struct ipmi_intf * intf)
}
read_sol_packet(rsp, &offset);
extra_data_length = payload_size - (offset - payload_start);
- if (rsp && extra_data_length) {
+ if (extra_data_length > 0) {
rsp->data_len = extra_data_length;
memmove(rsp->data, rsp->data + offset, extra_data_length);
} else {
--
2.26.3

1
EMPTY
View File

@ -1 +0,0 @@

326
exchange-bmc-os-info Normal file
View File

@ -0,0 +1,326 @@
#!/bin/sh
#############################################################################
#
# exchange-bmc-os-info: Set OS and BMC (Baseboard Management Controller)
# parameters during system startup.
#
# version: 0.72
#
# Authors: Charles Rose <charles_rose@dell.com>
# Jordan Hargrave <jordan_hargrave@dell.com>
#
# Description: Script to set OS information in the BMC; fetch BMC IP/URL
# and set in the OS for use by other scripts/user.
#
# BMC IP and URL are made available in /var/run/bmc-info
#
# Example to launch BMC web-interface:
# # . /var/run/bmc-info
# # xdg-open $BMC_URL
#
# See here for details:
# https://fedoraproject.org/wiki/Features/AgentFreeManagement
#
# OEM Specific: OEM specific ipmi commands go in:
# 'oem_set_os_version' and 'oem_get_bmc_url'
#############################################################################
#
# chkconfig: 345 99 00
# description: Set OS name, hostname in BMC; make BMC IP/URL available in OS
# processname: exchange-bmc-os-info
# config: /etc/sysconfig/exchange-bmc-os-info
#
### BEGIN INIT INFO
# Provides: exchange-bmc-os-info
# Required-Start: ipmi
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
#############################################################################
# GLOBALS
#############################################################################
CONFIGFILE=/etc/sysconfig/exchange-bmc-os-info
IPMI_TOOL=/usr/bin/ipmitool
BMC_INFO=/var/run/bmc-info
# BMC Manufacturer ID used in 'oem_set_os_version' and 'oem_get_bmc_url'
DELL="674"
#OTHER_OEM="123"
# Defaults for ${CONFIGFILE}
SET_OS_INFO="yes"
RESET_OS_INFO="no"
SET_BMC_INFO="yes"
# getsysinfo and setsysinfo commands
IPMI_SET_SYSINFO="${IPMI_TOOL} mc setsysinfo"
IPMI_GET_SYSINFO="${IPMI_TOOL} mc getsysinfo"
#############################################################################
SCRIPT_NAME=$(basename $0)
# source config
[ -r ${CONFIGFILE} ] && . ${CONFIGFILE}
RETVAL=0
if [ -f /bin/gettext.sh ]; then
GETTEXT=1
. /bin/gettext.sh
OUTPUT="eval_gettext"
else
GETTEXT=0
OUTPUT="echo"
fi
#############################################################################
# Get Vendor ID of BMC for use in 'oem_set_os_version' and 'oem_get_bmc_url'
#
get_bmc_vendor_id()
{
BMC_VENDOR=$(${IPMI_TOOL} mc info 2>/dev/null | \
sed -n "s#^Manufacturer ID.*: ##p")
[ -z "${BMC_VENDOR}" ] && RETVAL=4
}
# set/getsysinfo support was added to ipmitool post v1.8.12 via this patch
# http://sourceforge.net/mailarchive/message.php?msg_id=29647222
check_ipmitool()
{
if [ -x ${IPMI_TOOL} ]; then
[ ! ${IPMI_GET_SYSINFO} >/dev/null 2>&1 ] && \
RETVAL=3
else
RETVAL=2
fi
}
bmc_exists()
{
check_ipmitool
[ $RETVAL -eq 0 ] && get_bmc_vendor_id
return $RETVAL
}
#############################################################################
get_os_info()
{
OS_HOSTNAME=$(hostname)
KERNEL_VERSION=$(uname -r -m)
if [ -e /etc/lsb-release ] ; then
. /etc/lsb-release
NAME=${DISTRIB_ID}
VERSION="${DISTRIB_RELEASE} ${DISTRIB_CODENAME}"
fi
# we prefer systemd's /etc/os-release over other sources
[ -e /etc/os-release ] && . /etc/os-release
OS_NAME=${NAME}
OS_VERSION="${VERSION} kernel ${KERNEL_VERSION}"
}
oem_set_os_version()
{
# OS Version setting is not standard yet
# we need per vendor oem commands
case "${BMC_VENDOR}" in
$DELL) ${IPMI_SET_SYSINFO} delloem_os_version \
"${OS_VERSION}" > /dev/null 2>&1
return $?
;;
# Add OEM specific commands.
# Example:
# $OTHER_OEM) ${IPMI_SET_SYSINFO} otheroem_os_version \
# "${OS_VERSION}" > /dev/null 2>&1
# return $?
# ;;
*) return 0
;;
esac
}
set_os_info()
{
# Set and reset OS info in the BMC
if [ "$1" = "reset" ]; then
OS_NAME=""
OS_HOSTNAME=""
OS_VERSION=""
fi
${IPMI_SET_SYSINFO} os_name "${OS_NAME}" >/dev/null 2>&1 \
|| RETVAL=6
${IPMI_SET_SYSINFO} primary_os_name "${OS_NAME}" >/dev/null 2>&1 \
|| RETVAL=6
${IPMI_SET_SYSINFO} system_name "${OS_HOSTNAME}" >/dev/null 2>&1 \
|| RETVAL=6
oem_set_os_version || RETVAL=6
}
#############################################################################
valid_url()
{
url="(https?|http)://[a-z0-9-]+(\.[a-z0-9-]+)+([/?].*)?"
printf -- "%s" "${TMP_URL}"| grep -Eq "^${url}"
return $?
}
oem_get_bmc_url()
{
# BMC URL is not standard yet
# we need per vendor oem commands
case "$BMC_VENDOR" in
$DELL) TMP_URL=$(${IPMI_GET_SYSINFO} delloem_url 2> /dev/null)
;;
# Add OEM specific commands
# Example:
# $OTHER_OEM)
# TMP_URL=$(${IPMI_GET_SYSINFO} otheroem_url 2> /dev/null)
# ;;
*) TMP_URL="" ;;
esac
valid_url && BMC_URL=${TMP_URL} || BMC_URL=""
}
valid_ip()
{
#Thanks to mkyong.com
octet="([01]?[[:digit:]][[:digit:]]?|2[0-4][[:digit:]]|25[0-5])"
printf -- "%s" "${TMP_IPv4}"| grep -Eq "^${octet}\\.${octet}\\.${octet}\\.${octet}$"
return $?
}
get_bmc_ip()
{
#Thanks to http://ingvar.blog.redpill-linpro.com
for CHANNEL in `seq 1 14`
do
[ $(${IPMI_TOOL} lan print ${CHANNEL} 2>/dev/null \
| grep -q "^Set") ] || break
done
# Get BMC_IPv4 and BMC_URL from BMC
TMP_IPv4=$(${IPMI_TOOL} lan print ${CHANNEL} 2>/dev/null \
| sed -n "s#^IP Address .*: ##p")
valid_ip && BMC_IPv4=${TMP_IPv4} || BMC_IPv4=""
}
get_bmc_info()
{
get_bmc_ip
if [ -z "${BMC_IPv4}" ] || [ "${BMC_IPv4}" = "0.0.0.0" ]; then
BMC_IPv4=""
RETVAL=5
else
# URL makes sense only if there is an IP
oem_get_bmc_url
fi
}
set_bmc_info()
{
if [ ! $(touch "${BMC_INFO}" && chmod 600 "${BMC_INFO}") ]; then
printf "BMC_IPv4=%s\n" "${BMC_IPv4}" > "${BMC_INFO}"
[ -n "${BMC_URL}" ] && \
printf "BMC_URL=%s\n" "${BMC_URL}" >> "${BMC_INFO}"
else
RETVAL=5
fi
}
unset_bmc_info()
{
[ -f ${BMC_INFO} ] && rm -f ${BMC_INFO} > /dev/null 2>&1
}
#############################################################################
start()
{
if bmc_exists; then
[ "${SET_OS_INFO}" = "yes" ] && \
get_os_info && set_os_info
if [ "${SET_BMC_INFO}" = "yes" ]; then
get_bmc_info
if [ ${RETVAL} -eq 0 ]; then
set_bmc_info
fi
fi
fi
}
#############################################################################
stop()
{
if bmc_exists; then
# reset OS info while system reboots
# aids with debugging OS boot-up issues
if [ "${RESET_OS_INFO}" = "yes" ]; then
set_os_info reset
fi
unset_bmc_info
fi
}
#############################################################################
restart()
{
stop
[ $RETVAL -eq 0 ] && start
}
#############################################################################
status()
{
[ -r ${BMC_INFO} ] && \
grep -q "BMC_IPv4" "${BMC_INFO}" >/dev/null 1>&2 && \
BMC_STATUS="ok" || BMC_STATUS="inactive"
${OUTPUT} "${SCRIPT_NAME}: ${BMC_STATUS}" 1>&2
[ ${GETTEXT} -eq 1 ] && echo
}
#############################################################################
usage()
{
${OUTPUT} "Usage: ${SCRIPT_NAME} {start|stop|restart|status}" 1>&2
[ ${GETTEXT} -eq 1 ] && echo
RETVAL=1
}
#############################################################################
# MAIN
#############################################################################
case "$1" in
start) start ;;
stop) stop ;;
restart) restart ;;
status) status ;;
*) usage ;;
esac
case "$RETVAL" in
0|1) ;;
2) ${OUTPUT} "${SCRIPT_NAME}: ipmitool(1) not found." 1>&2 ;;
3) ${OUTPUT} "${SCRIPT_NAME}: this version of ipmitool does not support getsysinfo." 1>&2 ;;
4) ${OUTPUT} "${SCRIPT_NAME}: failed to communicate with BMC." 1>&2 ;;
5) ${OUTPUT} "${SCRIPT_NAME}: failed to set OS information in BMC." 1>&2 ;;
6) ${OUTPUT} "${SCRIPT_NAME}: failed to get BMC information." 1>&2 ;;
*) ${OUTPUT} "${SCRIPT_NAME}: unexpected error." 1>&2 ;;
esac
if [ ${RETVAL} -gt 1 ]; then
${OUTPUT} " Return code: ${RETVAL}" 1>&2
[ ${GETTEXT} -eq 1 ] && echo
fi
exit ${RETVAL}
#############################################################################
# end of file
#############################################################################

View File

@ -0,0 +1,13 @@
[Unit]
Description=Exchange Information between BMC and OS
After=ipmi.service network.target
Requires=ipmi.service
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/libexec/exchange-bmc-os-info start
ExecStop=/usr/libexec/exchange-bmc-os-info stop
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,26 @@
# exchange-bmc-os-info
#
# Config file to control Exchange of information between
# the OS and Service Processor/Baseboard Management Controller (BMC)
#
# See here for details
# https://fedoraproject.org/wiki/Features/AgentFreeManagement
### Set OS Info in BMC/Service Processor ###
# Name: SET_OS_INFO
# Description: Set OS Name, Version and Hostname in the Service Processor (BMC)
# Default: yes
SET_OS_INFO="yes"
### Reset OS Info in BMC/Service Processor ###
# Name: RESET_OS_INFO
# Description: Reset OS Name, Version and Hostname in the Service Processor (BMC).
# Useful when the OS Name/Hostname should be empty on reboot
# Default: no
RESET_OS_INFO="no"
### Set BMC/Service Processor Info in OS ###
# Name; SET_BMC_INFO
# Description: Set IP Address and URL of Service Processor/BMC in /run/bmc-info
# Default: yes
SET_BMC_INFO="yes"

13
ipmievd.service Normal file
View File

@ -0,0 +1,13 @@
[Unit]
Description=Ipmievd Daemon
After=syslog.target
After=ipmi.service
[Service]
EnvironmentFile=-/etc/sysconfig/ipmievd
ExecStart=/usr/sbin/ipmievd $IPMIEVD_OPTIONS
Type=forking
PIDFile=/var/run/ipmievd.pid
[Install]
WantedBy=multi-user.target

405
ipmitool.spec Normal file
View File

@ -0,0 +1,405 @@
Name: ipmitool
Summary: Utility for IPMI control
Version: 1.8.18
Release: 18%{?dist}
License: BSD
URL: http://ipmitool.sourceforge.net/
Source0: http://downloads.sourceforge.net/project/%{name}/%{name}/%{version}/%{name}-%{version}.tar.bz2
Source1: openipmi-ipmievd.sysconf
Source2: ipmievd.service
Source3: exchange-bmc-os-info.service
Source4: exchange-bmc-os-info.sysconf
Source5: set-bmc-url.sh
Source6: exchange-bmc-os-info
Patch1: 0001-CVE-2011-4339-OpenIPMI.patch
# WARNING: THIS PATCH MUST BE USED FOR RAWHIDE (f26+) BRANCH
Patch2: 0002-openssl.patch
Patch3: 0003-ipmitool-1.8.11-set-kg-key.patch
Patch4: 0004-slowswid.patch
Patch5: 0005-sensor-id-length.patch
Patch6: 0006-enable-usb.patch
Patch7: 0007-check-input.patch
Patch8: 0008-use-best-cipher.patch
Patch9: 0009-CVE-2020-5208.patch
Patch10: 0010-quanta-oem-support.patch
Patch11: 0011-pef-missing-newline.patch
Patch12: 0012-lanplus-cipher-retry.patch
Patch13: 0013-lanplus-Cleanup.-Refix-6dec83ff-fix-be2c0c4b.patch
BuildRequires: openssl-devel readline-devel ncurses-devel
%{?systemd_requires}
BuildRequires: systemd
# bootstrap
BuildRequires: automake autoconf libtool
Obsoletes: OpenIPMI-tools < 2.0.14-3
Provides: OpenIPMI-tools = 2.0.14-3
%description
This package contains a utility for interfacing with devices that support
the Intelligent Platform Management Interface specification. IPMI is
an open standard for machine health, inventory, and remote power control.
This utility can communicate with IPMI-enabled devices through either a
kernel driver such as OpenIPMI or over the RMCP LAN protocol defined in
the IPMI specification. IPMIv2 adds support for encrypted LAN
communications and remote Serial-over-LAN functionality.
It provides commands for reading the Sensor Data Repository (SDR) and
displaying sensor values, displaying the contents of the System Event
Log (SEL), printing Field Replaceable Unit (FRU) information, reading and
setting LAN configuration, and chassis power control.
%package -n ipmievd
Requires: ipmitool
%{?systemd_requires}
BuildRequires: systemd
Summary: IPMI event daemon for sending events to syslog
%description -n ipmievd
ipmievd is a daemon which will listen for events from the BMC that are
being sent to the SEL and also log those messages to syslog.
%package -n bmc-snmp-proxy
Requires: net-snmp
Requires: exchange-bmc-os-info
BuildArch: noarch
Summary: Reconfigure SNMP to include host SNMP agent within BMC
%description -n bmc-snmp-proxy
Given a host with BMC, this package would extend system configuration
of net-snmp to include redirections to BMC based SNMP.
%package -n exchange-bmc-os-info
Requires: hostname
Requires: ipmitool
BuildArch: noarch
%{?systemd_requires}
BuildRequires: systemd
Summary: Let OS and BMC exchange info
%description -n exchange-bmc-os-info
Given a host with BMC, this package would pass the hostname &
OS information to the BMC and also capture the BMC ip info
for the host OS to use.
%prep
%autosetup -p1
for f in AUTHORS ChangeLog; do
iconv -f iso-8859-1 -t utf8 < ${f} > ${f}.utf8
mv ${f}.utf8 ${f}
done
%build
# --disable-dependency-tracking speeds up the build
# --enable-file-security adds some security checks
# --disable-intf-free disables FreeIPMI support - we don't want to depend on
# FreeIPMI libraries, FreeIPMI has its own ipmitoool-like utility.
# begin: release auto-tools
# Used to be needed by aarch64 support, now only cxoem patch makefiles are left.
aclocal
libtoolize --automake --copy
autoheader
automake --foreign --add-missing --copy
aclocal
autoconf
automake --foreign
# end: release auto-tools
%configure \
CFLAGS="%{optflags} -fno-strict-aliasing" \
--disable-dependency-tracking --enable-file-security --disable-intf-free
make %{?_smp_mflags}
%install
make DESTDIR=%{buildroot} install
install -Dpm 644 %{SOURCE2} %{buildroot}%{_unitdir}/ipmievd.service
install -Dpm 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/sysconfig/ipmievd
install -Dm 644 %{SOURCE3} %{buildroot}%{_unitdir}/exchange-bmc-os-info.service
install -Dm 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/exchange-bmc-os-info
install -Dm 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/profile.d/set-bmc-url.sh
install -Dm 755 %{SOURCE6} %{buildroot}%{_libexecdir}/exchange-bmc-os-info
install -Dm 644 contrib/bmc-snmp-proxy.sysconf %{buildroot}%{_sysconfdir}/sysconfig/bmc-snmp-proxy
install -Dm 644 contrib/bmc-snmp-proxy.service %{buildroot}%{_unitdir}/bmc-snmp-proxy.service
install -Dm 755 contrib/bmc-snmp-proxy %{buildroot}%{_libexecdir}/bmc-snmp-proxy
%post -n ipmievd
%systemd_post ipmievd.service
%preun -n ipmievd
%systemd_preun ipmievd.service
%postun -n ipmievd
%systemd_postun_with_restart ipmievd.service
%post -n exchange-bmc-os-info
%systemd_post exchange-bmc-os-info.service
%preun -n exchange-bmc-os-info
%systemd_preun exchange-bmc-os-info.service
%postun -n exchange-bmc-os-info
%systemd_postun_with_restart exchange-bmc-os-info.service
%triggerun -- ipmievd < 1.8.11-7
# Save the current service runlevel info
# User must manually run systemd-sysv-convert --apply ipmievd
# to migrate them to systemd targets
/usr/bin/systemd-sysv-convert --save ipmievd >/dev/null 2>&1 ||:
# Run these because the SysV package being removed won't do them
/sbin/chkconfig --del ipmievd >/dev/null 2>&1 || :
/bin/systemctl try-restart ipmievd.service >/dev/null 2>&1 || :
%files
%{_bindir}/ipmitool
%{_mandir}/man1/ipmitool.1*
%doc %{_datadir}/doc/ipmitool
%{_datadir}/ipmitool
%files -n ipmievd
%config(noreplace) %{_sysconfdir}/sysconfig/ipmievd
%{_unitdir}/ipmievd.service
%{_sbindir}/ipmievd
%{_mandir}/man8/ipmievd.8*
%files -n exchange-bmc-os-info
%config(noreplace) %{_sysconfdir}/sysconfig/exchange-bmc-os-info
%{_sysconfdir}/profile.d/set-bmc-url.sh
%{_unitdir}/exchange-bmc-os-info.service
%{_libexecdir}/exchange-bmc-os-info
%files -n bmc-snmp-proxy
%config(noreplace) %{_sysconfdir}/sysconfig/bmc-snmp-proxy
%{_unitdir}/bmc-snmp-proxy.service
%{_libexecdir}/bmc-snmp-proxy
%changelog
* Mon Jul 19 2021 Pavel Cahyna <pcahyna@redhat.com> - 1.8.18-18
- Protect against negative values to memmove that caused
"ipmitool sol activate" to crash against an IBM DataPower appliance
(#1951480)
Cherry-picked from upstream PR#78.
* Wed Jun 03 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-17
- Disable retry of pre-session "Get cipher suites" command as some
BMCs are ignoring it (#1831158)
* Thu Apr 30 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-16
- Fix "ipmitool pef {status,info}" not printing final newline (#1840546)
* Thu Apr 30 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-15
- Backport OEM support for Quanta (#1811941)
* Fri Feb 07 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-14
- Fix memory leak (found by covscan)
* Fri Feb 07 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-13
- Backport fix for CVE-2020-5208 (#1799039)
* Fri Nov 15 2019 Václav Doležal <vdolezal@redhat.com> - 1.8.18-12
- Disable -fstrict-aliasing (RPMDiff issue)
* Tue Oct 15 2019 Václav Doležal <vdolezal@redhat.com> - 1.8.18-11
- Choose the best cipher suite available when connecting over LAN (#1749360)
* Thu Feb 22 2018 Josef Ridky <jridky@redhat.com> - 1.8.18-10
- Spec clean up
- Add support to set kg key
- Fix DDR4 memory issues
- Increase length of sensor id
- Enable usb interface by default
- Fix input options
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.18-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Tue Jan 30 2018 Josef Ridky <jridky@redhat.com> - 1.8.18-8
- remove old systemd dependencies
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.18-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.18-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Tue Feb 21 2017 Josef Ridky <jridky@redhat.com> - 1.8.18-5
- Fix allocation issue
* Tue Feb 21 2017 Josef Ridky <jridky@redhat.com> - 1.8.18-4
- Add support for OpenSSL-1.1.0 library (#1423743)
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.18-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Thu Jan 12 2017 Igor Gnatenko <ignatenko@redhat.com> - 1.8.18-2
- Rebuild for readline 7.x
* Mon Oct 10 2016 Boris Ranto <branto@redhat.com> - 0:1.8.18-1
- New version (0:1.8.18-1)
- CVE-2011-4339 OpenIPMI
* Tue May 10 2016 Boris Ranto <branto@redhat.com> - 0:1.8.17-1
- New version (0:1.8.17-1)
- CVE-2011-4339 OpenIPMI
* Tue Feb 23 2016 Boris Ranto <branto@redhat.com> - 1.8.16-1
- Rebase to version 1.8.16
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.15-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Tue Nov 24 2015 Boris Ranto <branto@redhat.com> - 1.8.15-5
- Split ipmievd bits into a separate package
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.15-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Wed Apr 22 2015 Ales Ledvinka <aledvink@redhat.com> 1.8.15-3
- Remove modalias dependency.
* Thu Mar 19 2015 Ales Ledvinka <aledvink@redhat.com> 1.8.15-1
- Upstream release 1.8.15
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.13-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.13-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue Apr 8 2014 Ales Ledvinka <aledvink@redhat.com> 1.8.13-4
- Support for environment variable short options.
* Tue Nov 5 2013 Ales Ledvinka <aledvink@redhat.com> 1.8.13-3
- Cleanup of dual bridge option.
* Tue Oct 15 2013 Ales Ledvinka <aledvink@redhat.com> 1.8.13-2
- BMC SNMP agent redirection
* Mon Oct 14 2013 Ales Ledvinka <aledvink@redhat.com> 1.8.13-1
- Upstream release 1.8.13
* Fri Aug 09 2013 Ales Ledvinka <aledvink@redhat.com> 1.8.12-13073103
- Avoid FIPS mode crashes if possible.
- Document FIPS limitations.
* Wed Jul 31 2013 Ales Ledvinka <aledvink@redhat.com> 1.8.12-13073101
- Include current upstream bugfixes.
* Thu Jul 25 2013 Ales Ledvinka <aledvink@redhat.com> 1.8.12-16
- Calxeda OEM extensions.
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.12-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Dec 17 2012 Praveen K Paladugu <praveen_paladugu@dell.com> - 1.8.12-14
- Updated the exchange-bmc-os-info's service file with Requires stmt
* Fri Dec 14 2012 Ales Ledvinka <aledvink@redhat.com> 1.8.12-13
- fixed argument parsing leaks
- ask user for password only once and do so only when interactive password
is the chosen password method.
* Thu Dec 13 2012 Praveen K Paladugu <praveen_paladugu@dell.com> - 1.8.12-12
- Removed the extra symbols in the patch, as the build is failing.
* Thu Dec 13 2012 Praveen K Paladugu <praveen_paladugu@dell.com> - 1.8.12-11
- Subpackage for exchange-bmc-os-info as it requires OPenIPMI
* Wed Dec 12 2012 Ales Ledvinka <aledvink@redhat.com> 1.8.12-10
- documented fixed and conditional defaults. adjusted synopsis
* Tue Dec 4 2012 Ales Ledvinka <aledvink@redhat.com> 1.8.12-9
- fixed ipmitool documentation
* Fri Nov 30 2012 Praveen K Paladugu <praveen_paladugu@dell.com> 1.8.12-8
- service & scripts to allow OS to capture BMC's IP & URL info
- Also pass the OS information to BMC
- patches submitted by Charles Rose (charles_rose[at]dell.com)
* Fri Nov 16 2012 Ales Ledvinka <aledvink@redhat.com> 1.8.12-7
- failed sol session activation crashes while logging exit
* Fri Nov 16 2012 Ales Ledvinka <aledvink@redhat.com> 1.8.12-6
- revert default cipersuite back to 3 which includes integrity and confidentiality
* Thu Oct 18 2012 Dan Horák <dan[at]danny.cz> - 1.8.12-5
- fix build on big endian arches
* Wed Oct 17 2012 Ales Ledvinka <aledvink@redhat.cz> 1.8.12-4
- support setting OS name and Hostname on BMC
* Tue Sep 04 2012 Dan Horák <dan[at]danny.cz> - 1.8.12-3
- fix build on big endian arches
* Mon Aug 27 2012 Jan Safranek <jsafrane@redhat.com> - 1.8.12-2
- Fixed starting ipmievd under systemd (#819234).
- Updated RPM scriplets with latest systemd-rpm macros (#850161)
* Fri Aug 10 2012 Jan Safranek <jsafrane@redhat.com> - 1.8.12-1
- update to ipmitool-1.8.12
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.11-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue May 22 2012 Jan Safranek <jsafrane@redhat.com> - 1.8.11-11
- start ipmievd.service after ipmi (#819234)
* Thu Apr 26 2012 Jan Safranek <jsafrane@redhat.com> - 1.8.11-10
- fixed ipmievd.service systemd unit (#807757)
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.11-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Dec 13 2011 Jan Safranek <jsafrane@redhat.com> - 1.8.11-8
- fixed CVE-2011-4339
* Mon Sep 12 2011 Tom Callaway <spot@fedoraproject.org> - 1.8.11-7
- convert to systemd
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.11-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Mar 3 2010 Jan Safranek <jsafrane@redhat.com> - 1.8.11-5
- Fixed exit code of ipmievd initscript with wrong arguments
* Mon Nov 2 2009 Jan Safranek <jsafrane@redhat.com> 1.8.11-4
- fix ipmievd initscript 'condrestart' action (#532188)
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 1.8.11-3
- rebuilt with new openssl
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Thu Feb 26 2009 Jan Safranek <jsafrane@redhat.com> 1.8.11-1
- updated to new version
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.10-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Sat Jan 17 2009 Tomas Mraz <tmraz@redhat.com> 1.8.10-3
- rebuild with new openssl
* Tue Oct 14 2008 Jan Safranek <jsafrane@redhat.com> 1.8.10-2
- fix issues found during package review:
- clear Default-Start: line in the init script, the service should be
disabled by default
- added Obsoletes: OpenIPMI-tools
- compile with --disable-dependency-tracking to speed things up
- compile with --enable-file-security
- compile with --disable-intf-free, don't depend on FreeIPMI libraries
(FreeIPMI has its own ipmitool-like utility)
* Mon Oct 13 2008 Jan Safranek <jsafrane@redhat.com> 1.8.10-1
- package created, based on upstream .spec file

1
openipmi-ipmievd.sysconf Normal file
View File

@ -0,0 +1 @@
IPMIEVD_OPTIONS="sel daemon pidfile=/var/run/ipmievd.pid"

11
set-bmc-url.sh Normal file
View File

@ -0,0 +1,11 @@
# Export BMC URL
#
BMC_INFO="/var/run/bmc-info"
if [ "$(id -u)" = "0" ]; then
[ -f ${BMC_INFO} ] && . ${BMC_INFO} && \
export "${BMC_URL}" "${BMC_IPv4}" >/dev/null 2>&1
fi
unset BMC_INFO

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (ipmitool-1.8.18.tar.bz2) = b20a2791efff748af62ffca56266fd2d8c8003395a6a21ef7b0ff5f8b7be6d6b1fe52150cdb32d6a91cdd3edd197e0ca5709ead923065474852301246710ce02