From fc161eb0799a46f9cd615a9078c5127b7fe0ce75 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Mon, 2 Jan 2023 11:59:43 -0800 Subject: [PATCH] Update to 1.8.19. Fixes rhbz#2123819 Signed-off-by: Kevin Fenzi --- .gitignore | 1 + 0001-CVE-2011-4339-OpenIPMI.patch | 25 - 0002-openssl.patch | 89 - 0005-sensor-id-length.patch | 14 +- 0006-enable-usb.patch | 21 - 0007-check-input.patch | 6 +- 0008-add-extern.patch | 40 - 0009-best-cipher.patch | 864 - 0010-pef-missing-newline.patch | 33 - 0011-expand-sensor-name-column.patch | 57 - 0012-CVE-2020-5208.patch | 378 - cxoem-jb-cx6.patch | 4759 - enterprise-numbers | 238898 ++++++++++++++++++++++++ ipmitool-1.8.19-set-kg-key.patch | 239 + ipmitool.spec | 27 +- sources | 6 +- 16 files changed, 239160 insertions(+), 6297 deletions(-) delete mode 100644 0001-CVE-2011-4339-OpenIPMI.patch delete mode 100644 0002-openssl.patch delete mode 100644 0006-enable-usb.patch delete mode 100644 0008-add-extern.patch delete mode 100644 0009-best-cipher.patch delete mode 100644 0010-pef-missing-newline.patch delete mode 100644 0011-expand-sensor-name-column.patch delete mode 100644 0012-CVE-2020-5208.patch delete mode 100644 cxoem-jb-cx6.patch create mode 100644 enterprise-numbers create mode 100644 ipmitool-1.8.19-set-kg-key.patch diff --git a/.gitignore b/.gitignore index 66f072a..91f3150 100644 --- a/.gitignore +++ b/.gitignore @@ -11,3 +11,4 @@ ipmitool-1.8.11.tar.bz2 /ipmitool-1.8.17.tar.bz2 /ipmitool-1.8.18.tar.bz2 /ipmitool-1.8.18.tar.gz +/ipmitool-1.8.19.tar.gz diff --git a/0001-CVE-2011-4339-OpenIPMI.patch b/0001-CVE-2011-4339-OpenIPMI.patch deleted file mode 100644 index 437c9ad..0000000 --- a/0001-CVE-2011-4339-OpenIPMI.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 152efd46931a70ab4e3d81e99d312df7dcd666e6 Mon Sep 17 00:00:00 2001 -From: Boris Ranto -Date: Tue, 10 May 2016 19:12:08 +0200 -Subject: [PATCH] CVE-2011-4339 OpenIPMI - -IPMI event daemon creates PID file with world writeable permissions ---- - lib/helper.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/lib/helper.c b/lib/helper.c -index de91438..c3a1c80 100644 ---- a/lib/helper.c -+++ b/lib/helper.c -@@ -829,7 +829,6 @@ ipmi_start_daemon(struct ipmi_intf *intf) - #endif - - chdir("/"); -- umask(0); - - for (fd=0; fd<64; fd++) { - if (fd != intf->fd) --- -2.7.4 - diff --git a/0002-openssl.patch b/0002-openssl.patch deleted file mode 100644 index ff5e705..0000000 --- a/0002-openssl.patch +++ /dev/null @@ -1,89 +0,0 @@ -diff -urNp old/src/plugins/lanplus/lanplus_crypt_impl.c new/src/plugins/lanplus/lanplus_crypt_impl.c ---- old/src/plugins/lanplus/lanplus_crypt_impl.c 2016-05-28 10:20:20.000000000 +0200 -+++ new/src/plugins/lanplus/lanplus_crypt_impl.c 2017-02-21 10:50:21.634873466 +0100 -@@ -164,10 +164,10 @@ lanplus_encrypt_aes_cbc_128(const uint8_ - uint8_t * output, - uint32_t * bytes_written) - { -- EVP_CIPHER_CTX ctx; -- EVP_CIPHER_CTX_init(&ctx); -- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); -- EVP_CIPHER_CTX_set_padding(&ctx, 0); -+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); -+ EVP_CIPHER_CTX_init(ctx); -+ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); -+ EVP_CIPHER_CTX_set_padding(ctx, 0); - - - *bytes_written = 0; -@@ -191,7 +191,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_ - assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); - - -- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) -+ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) - { - /* Error */ - *bytes_written = 0; -@@ -201,7 +201,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_ - { - uint32_t tmplen; - -- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) -+ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) - { - *bytes_written = 0; - return; /* Error */ -@@ -210,7 +210,8 @@ lanplus_encrypt_aes_cbc_128(const uint8_ - { - /* Success */ - *bytes_written += tmplen; -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_cleanup(ctx); -+ EVP_CIPHER_CTX_free(ctx); - } - } - } -@@ -239,10 +240,10 @@ lanplus_decrypt_aes_cbc_128(const uint8_ - uint8_t * output, - uint32_t * bytes_written) - { -- EVP_CIPHER_CTX ctx; -- EVP_CIPHER_CTX_init(&ctx); -- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); -- EVP_CIPHER_CTX_set_padding(&ctx, 0); -+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); -+ EVP_CIPHER_CTX_init(ctx); -+ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); -+ EVP_CIPHER_CTX_set_padding(ctx, 0); - - - if (verbose >= 5) -@@ -266,7 +267,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_ - assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); - - -- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) -+ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) - { - /* Error */ - lprintf(LOG_DEBUG, "ERROR: decrypt update failed"); -@@ -277,7 +278,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_ - { - uint32_t tmplen; - -- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) -+ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) - { - char buffer[1000]; - ERR_error_string(ERR_get_error(), buffer); -@@ -290,7 +291,8 @@ lanplus_decrypt_aes_cbc_128(const uint8_ - { - /* Success */ - *bytes_written += tmplen; -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_cleanup(ctx); -+ EVP_CIPHER_CTX_free(ctx); - } - } - diff --git a/0005-sensor-id-length.patch b/0005-sensor-id-length.patch index 0cb8313..d7f2a14 100644 --- a/0005-sensor-id-length.patch +++ b/0005-sensor-id-length.patch @@ -1,9 +1,8 @@ -diff --git a/include/ipmitool/ipmi_sdr.h b/include/ipmitool/ipmi_sdr.h -index ccf0cf0..47d3949 100644 ---- a/include/ipmitool/ipmi_sdr.h -+++ b/include/ipmitool/ipmi_sdr.h -@@ -819,7 +819,7 @@ static const char *sensor_type_desc[] __attribute__ ((unused)) = { - "Version Change", "FRU State" }; +diff --color -Nur ipmitool-IPMITOOL_1_8_19.orig/include/ipmitool/ipmi_sdr.h ipmitool-IPMITOOL_1_8_19/include/ipmitool/ipmi_sdr.h +--- ipmitool-IPMITOOL_1_8_19.orig/include/ipmitool/ipmi_sdr.h 2022-09-01 11:42:31.000000000 -0700 ++++ ipmitool-IPMITOOL_1_8_19/include/ipmitool/ipmi_sdr.h 2022-12-20 14:12:47.675994549 -0800 +@@ -799,7 +799,7 @@ + #define SENSOR_TYPE_MAX 0x2C struct sensor_reading { - char s_id[17]; /* name of the sensor */ @@ -11,6 +10,3 @@ index ccf0cf0..47d3949 100644 struct sdr_record_full_sensor *full; struct sdr_record_compact_sensor *compact; uint8_t s_reading_valid; /* read value valididity */ --- -2.1.0 - diff --git a/0006-enable-usb.patch b/0006-enable-usb.patch deleted file mode 100644 index d3bfba5..0000000 --- a/0006-enable-usb.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -urNp old/configure.ac new/configure.ac ---- old/configure.ac 2017-02-02 14:20:33.230784269 +0100 -+++ new/configure.ac 2017-02-02 14:22:53.528510336 +0100 -@@ -63,7 +63,7 @@ xenable_intf_imb=yes - xenable_intf_lipmi=yes - xenable_intf_open=yes - #xenable_intf_serial=yes --xenable_intf_usb=no -+xenable_intf_usb=yes - xenable_ipmishell=yes - - dnl set some things so we build with GNU tools on Solaris -@@ -209,7 +209,7 @@ fi - dnl enable IPMI USB interface - AC_ARG_ENABLE([intf-usb], - [AC_HELP_STRING([--enable-intf-usb], -- [enable IPMI USB interface [default=auto]])], -+ [enable IPMI USB interface [default=yes]])], - [xenable_intf_usb=$enableval], - [xenable_intf_usb=$xenable_intf_usb]) - if test "x$xenable_intf_usb" = "xstatic" || test "x$xenable_intf_usb" = "xplugin"; then diff --git a/0007-check-input.patch b/0007-check-input.patch index 030fd2a..74f9020 100644 --- a/0007-check-input.patch +++ b/0007-check-input.patch @@ -1,6 +1,6 @@ -diff -urNp old/doc/ipmitool.1 new/doc/ipmitool.1 ---- old/doc/ipmitool.1 2017-10-03 16:10:50.446539988 +0200 -+++ new/doc/ipmitool.1 2017-10-03 16:16:37.039673239 +0200 +diff -urNp old/doc/ipmitool.1.in new/doc/ipmitool.1.in +--- old/doc/ipmitool.1.in 2017-10-03 16:10:50.446539988 +0200 ++++ new/doc/ipmitool.1.in 2017-10-03 16:16:37.039673239 +0200 @@ -3170,13 +3170,14 @@ SOL configuration data for the currently Enable, disable or show status of SOL payload for the user on the specified channel. diff --git a/0008-add-extern.patch b/0008-add-extern.patch deleted file mode 100644 index 53f4ca2..0000000 --- a/0008-add-extern.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 95f666fa10c32233ee202d8b99d05b5e13528a25 Mon Sep 17 00:00:00 2001 -From: Vaclav Dolezal -Date: Thu, 23 Jan 2020 11:26:32 +0100 -Subject: [PATCH] hpmfwupg: move variable definition to .c file - -Signed-off-by: Vaclav Dolezal ---- - include/ipmitool/ipmi_hpmfwupg.h | 2 +- - lib/ipmi_hpmfwupg.c | 2 ++ - 2 files changed, 3 insertions(+), 1 deletion(-) - -diff --git a/include/ipmitool/ipmi_hpmfwupg.h b/include/ipmitool/ipmi_hpmfwupg.h -index de65292..07f597b 100644 ---- a/include/ipmitool/ipmi_hpmfwupg.h -+++ b/include/ipmitool/ipmi_hpmfwupg.h -@@ -800,7 +800,7 @@ typedef struct _VERSIONINFO { - char descString[HPMFWUPG_DESC_STRING_LENGTH + 1]; - }VERSIONINFO, *PVERSIONINFO; - --VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX]; -+extern VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX]; - - #define TARGET_VER (0x01) - #define ROLLBACK_VER (0x02) -diff --git a/lib/ipmi_hpmfwupg.c b/lib/ipmi_hpmfwupg.c -index bbcffc0..d7cdcd6 100644 ---- a/lib/ipmi_hpmfwupg.c -+++ b/lib/ipmi_hpmfwupg.c -@@ -58,6 +58,8 @@ ipmi_intf_get_max_request_data_size(struct ipmi_intf * intf); - - extern int verbose; - -+VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX]; -+ - int HpmfwupgUpgrade(struct ipmi_intf *intf, char *imageFilename, - int activate, int, int); - int HpmfwupgValidateImageIntegrity(struct HpmfwupgUpgradeCtx *pFwupgCtx); --- -2.20.1 - diff --git a/0009-best-cipher.patch b/0009-best-cipher.patch deleted file mode 100644 index 8f999b3..0000000 --- a/0009-best-cipher.patch +++ /dev/null @@ -1,864 +0,0 @@ -From f2df2aa5a010544d53589a5b048677406eb40ee8 Mon Sep 17 00:00:00 2001 -From: Vernon Mauery -Date: Mon, 9 Apr 2018 12:28:57 -0700 -Subject: [PATCH] lanplus: Auto-select 'best' cipher suite available - -Current cipher suites could be ranked as this: - 17 > 3 >> all the rest - -Cherry-picked-from: 7772254b62826b894ca629df8c597030a98f4f72 -Cherry-picked-from: f9c699c712f884c82fc1a62f1f61a8d597ac0cfd - -Also fetched some functions/macros for helper.h - -Equals to getting include/ipmitool/helper.h changes from commits: -(oldest first) - - 6c00d44 mc: watchdog get: Update to match IPMI 2.0 spec - e8e94d8 mc: watchdog set: Refactor to reduce complexity - 0310208 mc: Code refactor to reduce copy-paste ratio - 249e092 general: Make byteswapping arch-independent - 5491b12 refix 249e0929: Fix byteswapping helpers - bb1a4cc Refactoring. Improve code reuse ratio. ---- - include/ipmitool/helper.h | 58 ++++++++ - include/ipmitool/ipmi_channel.h | 47 +++++++ - include/ipmitool/ipmi_intf.h | 39 ++++- - lib/ipmi_channel.c | 242 +++++++++++++++----------------- - lib/ipmi_main.c | 23 +-- - src/plugins/ipmi_intf.c | 5 +- - src/plugins/lanplus/lanplus.c | 114 +++++++++++---- - 7 files changed, 360 insertions(+), 168 deletions(-) - -diff --git a/include/ipmitool/helper.h b/include/ipmitool/helper.h -index c53736f..6a2e5f4 100644 ---- a/include/ipmitool/helper.h -+++ b/include/ipmitool/helper.h -@@ -38,6 +38,8 @@ - #include - #include - -+#define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0])) -+ - #ifndef TRUE - #define TRUE 1 - #endif -@@ -111,6 +113,62 @@ FILE * ipmi_open_file(const char * file, int rw); - void ipmi_start_daemon(struct ipmi_intf *intf); - uint16_t ipmi_get_oem_id(struct ipmi_intf *intf); - -+#define IS_SET(v, b) ((v) & (1 << (b))) -+ -+/* le16toh(), hto16le(), et. al. don't exist for Windows or Apple */ -+/* For portability, let's simply define our own versions here */ -+ -+/* IPMI is always little-endian */ -+static inline uint16_t ipmi16toh(void *ipmi16) -+{ -+ uint8_t *ipmi = (uint8_t *)ipmi16; -+ uint16_t h; -+ -+ h = ipmi[1] << 8; /* MSB */ -+ h |= ipmi[0]; /* LSB */ -+ -+ return h; -+} -+ -+static inline void htoipmi16(uint16_t h, uint8_t *ipmi) -+{ -+ ipmi[0] = h & 0xFF; /* LSB */ -+ ipmi[1] = h >> 8; /* MSB */ -+} -+ -+static inline uint32_t ipmi24toh(void *ipmi24) -+{ -+ uint8_t *ipmi = (uint8_t *)ipmi24; -+ uint32_t h = 0; -+ -+ h = ipmi[2] << 16; /* MSB */ -+ h |= ipmi[1] << 8; -+ h |= ipmi[0]; /* LSB */ -+ -+ return h; -+} -+ -+static inline uint32_t ipmi32toh(void *ipmi32) -+{ -+ uint8_t *ipmi = ipmi32; -+ uint32_t h; -+ -+ h = ipmi[3] << 24; /* MSB */ -+ h |= ipmi[2] << 16; -+ h |= ipmi[1] << 8; -+ h |= ipmi[0]; /* LSB */ -+ -+ return h; -+} -+ -+static inline void htoipmi32(uint32_t h, uint8_t *ipmi) -+{ -+ ipmi[0] = h & 0xFF; /* LSB */ -+ ipmi[1] = (h >> 8) & 0xFF; -+ ipmi[2] = (h >> 16) & 0xFF; -+ ipmi[3] = (h >> 24) & 0xFF; /* MSB */ -+} -+ - #define ipmi_open_file_read(file) ipmi_open_file(file, 0) - #define ipmi_open_file_write(file) ipmi_open_file(file, 1) - -diff --git a/include/ipmitool/ipmi_channel.h b/include/ipmitool/ipmi_channel.h -index 3ade2d5..324c0bb 100644 ---- a/include/ipmitool/ipmi_channel.h -+++ b/include/ipmitool/ipmi_channel.h -@@ -37,6 +37,7 @@ - # include - #endif - #include -+#include - - - #define IPMI_GET_CHANNEL_AUTH_CAP 0x38 -@@ -81,6 +82,50 @@ struct channel_access_t { - uint8_t user_level_auth; - }; - -+/* -+ * The Cipher Suite Record Format from table 22-18 of the IPMI v2.0 spec -+ */ -+enum cipher_suite_format_tag { -+ STANDARD_CIPHER_SUITE = 0xc0, -+ OEM_CIPHER_SUITE = 0xc1, -+}; -+#ifdef HAVE_PRAGMA_PACK -+#pragma pack(1) -+#endif -+struct std_cipher_suite_record_t { -+ uint8_t start_of_record; -+ uint8_t cipher_suite_id; -+ uint8_t auth_alg; -+ uint8_t integrity_alg; -+ uint8_t crypt_alg; -+} ATTRIBUTE_PACKING; -+struct oem_cipher_suite_record_t { -+ uint8_t start_of_record; -+ uint8_t cipher_suite_id; -+ uint8_t iana[3]; -+ uint8_t auth_alg; -+ uint8_t integrity_alg; -+ uint8_t crypt_alg; -+} ATTRIBUTE_PACKING; -+#ifdef HAVE_PRAGMA_PACK -+#pragma pack(0) -+#endif -+#define CIPHER_ALG_MASK 0x3f -+#define MAX_CIPHER_SUITE_RECORD_OFFSET 0x40 -+#define MAX_CIPHER_SUITE_DATA_LEN 0x10 -+#define LIST_ALGORITHMS_BY_CIPHER_SUITE 0x80 -+ -+/* Below is the theoretical maximum number of cipher suites that could be -+ * reported by a BMC. That is with the Get Channel Cipher Suites Command, at 16 -+ * bytes at a time and 0x40 requests, it can report 1024 bytes, which is about -+ * 204 standard records or 128 OEM records. Really, we probably don't need more -+ * than about 20, which is the full set of standard records plus a few OEM -+ * records. -+ */ -+#define MAX_CIPHER_SUITE_COUNT (MAX_CIPHER_SUITE_RECORD_OFFSET * \ -+ MAX_CIPHER_SUITE_DATA_LEN / \ -+ sizeof(struct std_cipher_suite_record_t)) -+ - /* - * The Get Authentication Capabilities response structure - * From table 22-15 of the IPMI v2.0 spec -@@ -135,6 +180,8 @@ struct get_channel_auth_cap_rsp { - int _ipmi_get_channel_access(struct ipmi_intf *intf, - struct channel_access_t *channel_access, - uint8_t get_volatile_settings); -+int ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, -+ uint8_t channel, struct cipher_suite_info *suites, size_t *count); - int _ipmi_get_channel_info(struct ipmi_intf *intf, - struct channel_info_t *channel_info); - int _ipmi_set_channel_access(struct ipmi_intf *intf, -diff --git a/include/ipmitool/ipmi_intf.h b/include/ipmitool/ipmi_intf.h -index 0b8c64b..7a07d66 100644 ---- a/include/ipmitool/ipmi_intf.h -+++ b/include/ipmitool/ipmi_intf.h -@@ -61,13 +61,45 @@ enum LANPLUS_SESSION_STATE { - #define IPMI_AUTHCODE_BUFFER_SIZE 20 - #define IPMI_SIK_BUFFER_SIZE IPMI_MAX_MD_SIZE - -+enum cipher_suite_ids { -+ IPMI_LANPLUS_CIPHER_SUITE_0 = 0, -+ IPMI_LANPLUS_CIPHER_SUITE_1 = 1, -+ IPMI_LANPLUS_CIPHER_SUITE_2 = 2, -+ IPMI_LANPLUS_CIPHER_SUITE_3 = 3, -+ IPMI_LANPLUS_CIPHER_SUITE_4 = 4, -+ IPMI_LANPLUS_CIPHER_SUITE_5 = 5, -+ IPMI_LANPLUS_CIPHER_SUITE_6 = 6, -+ IPMI_LANPLUS_CIPHER_SUITE_7 = 7, -+ IPMI_LANPLUS_CIPHER_SUITE_8 = 8, -+ IPMI_LANPLUS_CIPHER_SUITE_9 = 9, -+ IPMI_LANPLUS_CIPHER_SUITE_10 = 10, -+ IPMI_LANPLUS_CIPHER_SUITE_11 = 11, -+ IPMI_LANPLUS_CIPHER_SUITE_12 = 12, -+ IPMI_LANPLUS_CIPHER_SUITE_13 = 13, -+ IPMI_LANPLUS_CIPHER_SUITE_14 = 14, -+#ifdef HAVE_CRYPTO_SHA256 -+ IPMI_LANPLUS_CIPHER_SUITE_15 = 15, -+ IPMI_LANPLUS_CIPHER_SUITE_16 = 16, -+ IPMI_LANPLUS_CIPHER_SUITE_17 = 17, -+#endif /* HAVE_CRYPTO_SHA256 */ -+ IPMI_LANPLUS_CIPHER_SUITE_RESERVED = 0xff, -+}; -+ -+struct cipher_suite_info { -+ enum cipher_suite_ids cipher_suite_id; -+ uint8_t auth_alg; -+ uint8_t integrity_alg; -+ uint8_t crypt_alg; -+ uint32_t iana; -+}; -+ - struct ipmi_session_params { - char * hostname; - uint8_t username[17]; - uint8_t authcode_set[IPMI_AUTHCODE_BUFFER_SIZE + 1]; - uint8_t authtype_set; - uint8_t privlvl; -- uint8_t cipher_suite_id; -+ enum cipher_suite_ids cipher_suite_id; - char sol_escape_char; - int password; - int port; -@@ -217,7 +249,10 @@ void ipmi_intf_session_set_username(struct ipmi_intf * intf, char * username); - void ipmi_intf_session_set_password(struct ipmi_intf * intf, char * password); - void ipmi_intf_session_set_privlvl(struct ipmi_intf * intf, uint8_t privlvl); - void ipmi_intf_session_set_lookupbit(struct ipmi_intf * intf, uint8_t lookupbit); --void ipmi_intf_session_set_cipher_suite_id(struct ipmi_intf * intf, uint8_t cipher_suite_id); -+#ifdef IPMI_INTF_LANPLUS -+void ipmi_intf_session_set_cipher_suite_id(struct ipmi_intf * intf, -+ enum cipher_suite_ids cipher_suite_id); -+#endif /* IPMI_INTF_LANPLUS */ - void ipmi_intf_session_set_sol_escape_char(struct ipmi_intf * intf, char sol_escape_char); - void ipmi_intf_session_set_kgkey(struct ipmi_intf *intf, const uint8_t *kgkey); - void ipmi_intf_session_set_port(struct ipmi_intf * intf, int port); -diff --git a/lib/ipmi_channel.c b/lib/ipmi_channel.c -index e1fc75f..3ae3104 100644 ---- a/lib/ipmi_channel.c -+++ b/lib/ipmi_channel.c -@@ -342,86 +342,116 @@ ipmi_get_channel_auth_cap(struct ipmi_intf *intf, uint8_t channel, uint8_t priv) - return 0; - } - --static int -+static size_t -+parse_channel_cipher_suite_data(uint8_t *cipher_suite_data, size_t data_len, -+ struct cipher_suite_info* suites, size_t nr_suites) -+{ -+ size_t count = 0; -+ size_t offset = 0; -+ uint32_t iana; -+ uint8_t auth_alg, integrity_alg, crypt_alg; -+ uint8_t cipher_suite_id; -+ -+ memset(suites, 0, sizeof(*suites) * nr_suites); -+ -+ while (offset < data_len && count < nr_suites) { -+ auth_alg = IPMI_AUTH_RAKP_NONE; -+ integrity_alg = IPMI_INTEGRITY_NONE; -+ crypt_alg = IPMI_CRYPT_NONE; -+ if (cipher_suite_data[offset] == STANDARD_CIPHER_SUITE) { -+ struct std_cipher_suite_record_t *record = -+ (struct std_cipher_suite_record_t*)(&cipher_suite_data[offset]); -+ /* standard type */ -+ iana = 0; -+ -+ /* Verify that we have at least a full record left; id + 3 algs */ -+ if ((data_len - offset) < sizeof(*record)) { -+ lprintf(LOG_INFO, "Incomplete data record in cipher suite data"); -+ break; -+ } -+ cipher_suite_id = record->cipher_suite_id; -+ auth_alg = CIPHER_ALG_MASK & record->auth_alg; -+ integrity_alg = CIPHER_ALG_MASK & record->integrity_alg; -+ crypt_alg = CIPHER_ALG_MASK & record->crypt_alg; -+ offset += sizeof(*record); -+ } else if (cipher_suite_data[offset] == OEM_CIPHER_SUITE) { -+ /* OEM record type */ -+ struct oem_cipher_suite_record_t *record = -+ (struct oem_cipher_suite_record_t*)(&cipher_suite_data[offset]); -+ /* Verify that we have at least a full record left -+ * id + iana + 3 algs -+ */ -+ if ((data_len - offset) < sizeof(*record)) { -+ lprintf(LOG_INFO, "Incomplete data record in cipher suite data"); -+ break; -+ } -+ -+ cipher_suite_id = record->cipher_suite_id; -+ -+ /* Grab the IANA */ -+ iana = ipmi24toh(record->iana); -+ auth_alg = CIPHER_ALG_MASK & record->auth_alg; -+ integrity_alg = CIPHER_ALG_MASK & record->integrity_alg; -+ crypt_alg = CIPHER_ALG_MASK & record->crypt_alg; -+ offset += sizeof(*record); -+ } else { -+ lprintf(LOG_INFO, "Bad start of record byte in cipher suite data (offset %d, value %x)", offset, cipher_suite_data[offset]); -+ break; -+ } -+ suites[count].cipher_suite_id = cipher_suite_id; -+ suites[count].iana = iana; -+ suites[count].auth_alg = auth_alg; -+ suites[count].integrity_alg = integrity_alg; -+ suites[count].crypt_alg = crypt_alg; -+ count++; -+ } -+ return count; -+} -+ -+int - ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, -- uint8_t channel) -+ uint8_t channel, struct cipher_suite_info *suites, size_t *count) - { - struct ipmi_rs *rsp; - struct ipmi_rq req; - - uint8_t rqdata[3]; -- uint32_t iana; -- uint8_t auth_alg, integrity_alg, crypt_alg; -- uint8_t cipher_suite_id; - uint8_t list_index = 0; - /* 0x40 sets * 16 bytes per set */ -- uint8_t cipher_suite_data[1024]; -- uint16_t offset = 0; -- /* how much was returned, total */ -- uint16_t cipher_suite_data_length = 0; -+ uint8_t cipher_suite_data[MAX_CIPHER_SUITE_RECORD_OFFSET * -+ MAX_CIPHER_SUITE_DATA_LEN]; -+ size_t offset = 0; -+ size_t nr_suites = 0; - -+ if (!suites || !count || !*count) -+ return -1; -+ -+ nr_suites = *count; -+ *count = 0; - memset(cipher_suite_data, 0, sizeof(cipher_suite_data)); -- -+ - memset(&req, 0, sizeof(req)); - req.msg.netfn = IPMI_NETFN_APP; - req.msg.cmd = IPMI_GET_CHANNEL_CIPHER_SUITES; - req.msg.data = rqdata; -- req.msg.data_len = 3; -+ req.msg.data_len = sizeof(rqdata); - - rqdata[0] = channel; - rqdata[1] = ((strncmp(payload_type, "ipmi", 4) == 0)? 0: 1); -- /* Always ask for cipher suite format */ -- rqdata[2] = 0x80; -- -- rsp = intf->sendrecv(intf, &req); -- if (rsp == NULL) { -- lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites"); -- return -1; -- } -- if (rsp->ccode > 0) { -- lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s", -- val2str(rsp->ccode, completion_code_vals)); -- return -1; -- } -- -- -- /* -- * Grab the returned channel number once. We assume it's the same -- * in future calls. -- */ -- if (rsp->data_len >= 1) { -- channel = rsp->data[0]; -- } -- -- while ((rsp->data_len > 1) && (rsp->data_len == 17) && (list_index < 0x3F)) { -- /* -- * We got back cipher suite data -- store it. -- * printf("copying data to offset %d\n", offset); -- * printbuf(rsp->data + 1, rsp->data_len - 1, "this is the data"); -- */ -- memcpy(cipher_suite_data + offset, rsp->data + 1, rsp->data_len - 1); -- offset += rsp->data_len - 1; -- -- /* -- * Increment our list for the next call -- */ -- ++list_index; -- rqdata[2] = (rqdata[2] & 0x80) + list_index; - -+ do { -+ /* Always ask for cipher suite format */ -+ rqdata[2] = LIST_ALGORITHMS_BY_CIPHER_SUITE | list_index; - rsp = intf->sendrecv(intf, &req); - if (rsp == NULL) { - lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites"); - return -1; - } -- if (rsp->ccode > 0) { -+ if (rsp->ccode || rsp->data_len < 1) { - lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s", - val2str(rsp->ccode, completion_code_vals)); - return -1; - } -- } -- -- /* Copy last chunk */ -- if(rsp->data_len > 1) { - /* - * We got back cipher suite data -- store it. - * printf("copying data to offset %d\n", offset); -@@ -429,88 +459,46 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, - */ - memcpy(cipher_suite_data + offset, rsp->data + 1, rsp->data_len - 1); - offset += rsp->data_len - 1; -- } - -- /* We can chomp on all our data now. */ -- cipher_suite_data_length = offset; -- offset = 0; -+ /* -+ * Increment our list for the next call -+ */ -+ ++list_index; -+ } while ((rsp->data_len == (sizeof(uint8_t) + MAX_CIPHER_SUITE_DATA_LEN)) && -+ (list_index < MAX_CIPHER_SUITE_RECORD_OFFSET)); - -- if (! csv_output) { -- printf("ID IANA Auth Alg Integrity Alg Confidentiality Alg\n"); -- } -- while (offset < cipher_suite_data_length) { -- if (cipher_suite_data[offset++] == 0xC0) { -- /* standard type */ -- iana = 0; -+ *count = parse_channel_cipher_suite_data(cipher_suite_data, offset, suites, -+ nr_suites); -+ return 0; -+} - -- /* Verify that we have at least a full record left; id + 3 algs */ -- if ((cipher_suite_data_length - offset) < 4) { -- lprintf(LOG_ERR, "Incomplete data record in cipher suite data"); -- return -1; -- } -- cipher_suite_id = cipher_suite_data[offset++]; -- } else if (cipher_suite_data[offset++] == 0xC1) { -- /* OEM record type */ -- /* Verify that we have at least a full record left -- * id + iana + 3 algs -- */ -- if ((cipher_suite_data_length - offset) < 4) { -- lprintf(LOG_ERR, "Incomplete data record in cipher suite data"); -- return -1; -- } -+static int -+ipmi_print_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, -+ uint8_t channel) -+{ -+ int rc; -+ size_t i = 0; -+ struct cipher_suite_info suites[MAX_CIPHER_SUITE_COUNT]; -+ size_t nr_suites = sizeof(*suites); - -- cipher_suite_id = cipher_suite_data[offset++]; -+ rc = ipmi_get_channel_cipher_suites(intf, payload_type, channel, -+ suites, &nr_suites); - -- /* Grab the IANA */ -- iana = -- cipher_suite_data[offset] | -- (cipher_suite_data[offset + 1] << 8) | -- (cipher_suite_data[offset + 2] << 16); -- offset += 3; -- } else { -- lprintf(LOG_ERR, "Bad start of record byte in cipher suite data"); -- return -1; -- } -+ if (rc < 0) -+ return rc; - -- /* -- * Grab the algorithms for this cipher suite. I guess we can't be -- * sure of what order they'll come in. Also, I suppose we default -- * to the NONE algorithm if one were absent. This part of the spec is -- * poorly written -- I have read the errata document. For now, I'm only -- * allowing one algorithm per type (auth, integrity, crypt) because I -- * don't I understand how it could be otherwise. -- */ -- auth_alg = IPMI_AUTH_RAKP_NONE; -- integrity_alg = IPMI_INTEGRITY_NONE; -- crypt_alg = IPMI_CRYPT_NONE; -- -- while (((cipher_suite_data[offset] & 0xC0) != 0xC0) && -- ((cipher_suite_data_length - offset) > 0)) -- { -- switch (cipher_suite_data[offset] & 0xC0) -- { -- case 0x00: -- /* Authentication algorithm specifier */ -- auth_alg = cipher_suite_data[offset++] & 0x3F; -- break; -- case 0x40: -- /* Interity algorithm specifier */ -- integrity_alg = cipher_suite_data[offset++] & 0x3F; -- break; -- case 0x80: -- /* Confidentiality algorithm specifier */ -- crypt_alg = cipher_suite_data[offset++] & 0x3F; -- break; -- } -- } -+ if (! csv_output) { -+ printf("ID IANA Auth Alg Integrity Alg Confidentiality Alg\n"); -+ } -+ for (i = 0; i < nr_suites; i++) { - /* We have everything we need to spit out a cipher suite record */ - printf((csv_output? "%d,%s,%s,%s,%s\n" : - "%-4d %-7s %-15s %-15s %-15s\n"), -- cipher_suite_id, -- iana_string(iana), -- val2str(auth_alg, ipmi_auth_algorithms), -- val2str(integrity_alg, ipmi_integrity_algorithms), -- val2str(crypt_alg, ipmi_encryption_algorithms)); -+ suites[i].cipher_suite_id, -+ iana_string(suites[i].iana), -+ val2str(suites[i].auth_alg, ipmi_auth_algorithms), -+ val2str(suites[i].integrity_alg, ipmi_integrity_algorithms), -+ val2str(suites[i].crypt_alg, ipmi_encryption_algorithms)); - } - return 0; - } -@@ -973,7 +961,7 @@ ipmi_channel_main(struct ipmi_intf *intf, int argc, char **argv) - return (-1); - } - } -- retval = ipmi_get_channel_cipher_suites(intf, -+ retval = ipmi_print_channel_cipher_suites(intf, - argv[1], /* ipmi | sol */ - channel); - } else if (strncmp(argv[0], "setkg", 5) == 0) { -diff --git a/lib/ipmi_main.c b/lib/ipmi_main.c -index 811c80b..6aee102 100644 ---- a/lib/ipmi_main.c -+++ b/lib/ipmi_main.c -@@ -323,6 +323,7 @@ ipmi_main(int argc, char ** argv, - uint8_t target_addr = 0; - uint8_t target_channel = 0; - -+ uint8_t u8tmp = 0; - uint8_t transit_addr = 0; - uint8_t transit_channel = 0; - uint8_t target_lun = 0; -@@ -347,7 +348,10 @@ ipmi_main(int argc, char ** argv, - char * seloem = NULL; - int port = 0; - int devnum = 0; -- int cipher_suite_id = 3; /* See table 22-19 of the IPMIv2 spec */ -+#ifdef IPMI_INTF_LANPLUS -+ /* lookup best cipher suite available */ -+ enum cipher_suite_ids cipher_suite_id = IPMI_LANPLUS_CIPHER_SUITE_RESERVED; -+#endif /* IPMI_INTF_LANPLUS */ - int argflag, i, found; - int rc = -1; - int ai_family = AF_UNSPEC; -@@ -425,19 +429,18 @@ ipmi_main(int argc, char ** argv, - goto out_free; - } - break; -+#ifdef IPMI_INTF_LANPLUS - case 'C': -- if (str2int(optarg, &cipher_suite_id) != 0) { -- lprintf(LOG_ERR, "Invalid parameter given or out of range for '-C'."); -- rc = -1; -- goto out_free; -- } -- /* add check Cipher is -gt 0 */ -- if (cipher_suite_id < 0) { -- lprintf(LOG_ERR, "Cipher suite ID %i is invalid.", cipher_suite_id); -+ /* Cipher Suite ID is a byte as per IPMI specification */ -+ if (str2uchar(optarg, &u8tmp) != 0) { -+ lprintf(LOG_ERR, "Invalid parameter given or out of " -+ "range [0-255] for '-C'."); - rc = -1; - goto out_free; - } -+ cipher_suite_id = u8tmp; - break; -+#endif /* IPMI_INTF_LANPLUS */ - case 'v': - verbose++; - break; -@@ -870,7 +873,9 @@ ipmi_main(int argc, char ** argv, - - ipmi_intf_session_set_lookupbit(ipmi_main_intf, lookupbit); - ipmi_intf_session_set_sol_escape_char(ipmi_main_intf, sol_escape_char); -+#ifdef IPMI_INTF_LANPLUS - ipmi_intf_session_set_cipher_suite_id(ipmi_main_intf, cipher_suite_id); -+#endif /* IPMI_INTF_LANPLUS */ - - ipmi_main_intf->devnum = devnum; - -diff --git a/src/plugins/ipmi_intf.c b/src/plugins/ipmi_intf.c -index 1d9e87b..00b0918 100644 ---- a/src/plugins/ipmi_intf.c -+++ b/src/plugins/ipmi_intf.c -@@ -252,11 +252,14 @@ ipmi_intf_session_set_lookupbit(struct ipmi_intf * intf, uint8_t lookupbit) - intf->ssn_params.lookupbit = lookupbit; - } - -+#ifdef IPMI_INTF_LANPLUS - void --ipmi_intf_session_set_cipher_suite_id(struct ipmi_intf * intf, uint8_t cipher_suite_id) -+ipmi_intf_session_set_cipher_suite_id(struct ipmi_intf * intf, -+ enum cipher_suite_ids cipher_suite_id) - { - intf->ssn_params.cipher_suite_id = cipher_suite_id; - } -+#endif /* IPMI_INTF_LANPLUS */ - - void - ipmi_intf_session_set_sol_escape_char(struct ipmi_intf * intf, char sol_escape_char) -diff --git a/src/plugins/lanplus/lanplus.c b/src/plugins/lanplus/lanplus.c -index a0e388c..3087348 100644 ---- a/src/plugins/lanplus/lanplus.c -+++ b/src/plugins/lanplus/lanplus.c -@@ -164,114 +164,109 @@ extern int verbose; - * returns 0 on success - * 1 on failure - */ --int lanplus_get_requested_ciphers(int cipher_suite_id, -+int lanplus_get_requested_ciphers(enum cipher_suite_ids cipher_suite_id, - uint8_t * auth_alg, - uint8_t * integrity_alg, - uint8_t * crypt_alg) - { --#ifdef HAVE_CRYPTO_SHA256 -- if ((cipher_suite_id < 0) || (cipher_suite_id > 17)) { -- return 1; -- } --#else -- if ((cipher_suite_id < 0) || (cipher_suite_id > 14)) -- return 1; --#endif /* HAVE_CRYPTO_SHA256 */ - /* See table 22-19 for the source of the statement */ - switch (cipher_suite_id) - { -- case 0: -+ case IPMI_LANPLUS_CIPHER_SUITE_0: - *auth_alg = IPMI_AUTH_RAKP_NONE; - *integrity_alg = IPMI_INTEGRITY_NONE; - *crypt_alg = IPMI_CRYPT_NONE; - break; -- case 1: -+ case IPMI_LANPLUS_CIPHER_SUITE_1: - *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1; - *integrity_alg = IPMI_INTEGRITY_NONE; - *crypt_alg = IPMI_CRYPT_NONE; - break; -- case 2: -+ case IPMI_LANPLUS_CIPHER_SUITE_2: - *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1; - *integrity_alg = IPMI_INTEGRITY_HMAC_SHA1_96; - *crypt_alg = IPMI_CRYPT_NONE; - break; -- case 3: -+ case IPMI_LANPLUS_CIPHER_SUITE_3: - *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1; - *integrity_alg = IPMI_INTEGRITY_HMAC_SHA1_96; - *crypt_alg = IPMI_CRYPT_AES_CBC_128; - break; -- case 4: -+ case IPMI_LANPLUS_CIPHER_SUITE_4: - *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1; - *integrity_alg = IPMI_INTEGRITY_HMAC_SHA1_96; - *crypt_alg = IPMI_CRYPT_XRC4_128; - break; -- case 5: -+ case IPMI_LANPLUS_CIPHER_SUITE_5: - *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA1; - *integrity_alg = IPMI_INTEGRITY_HMAC_SHA1_96; - *crypt_alg = IPMI_CRYPT_XRC4_40; - break; -- case 6: -+ case IPMI_LANPLUS_CIPHER_SUITE_6: - *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; - *integrity_alg = IPMI_INTEGRITY_NONE; - *crypt_alg = IPMI_CRYPT_NONE; - break; -- case 7: -+ case IPMI_LANPLUS_CIPHER_SUITE_7: - *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; - *integrity_alg = IPMI_INTEGRITY_HMAC_MD5_128; - *crypt_alg = IPMI_CRYPT_NONE; - break; -- case 8: -+ case IPMI_LANPLUS_CIPHER_SUITE_8: - *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; - *integrity_alg = IPMI_INTEGRITY_HMAC_MD5_128; - *crypt_alg = IPMI_CRYPT_AES_CBC_128; - break; -- case 9: -+ case IPMI_LANPLUS_CIPHER_SUITE_9: - *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; - *integrity_alg = IPMI_INTEGRITY_HMAC_MD5_128; - *crypt_alg = IPMI_CRYPT_XRC4_128; - break; -- case 10: -+ case IPMI_LANPLUS_CIPHER_SUITE_10: - *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; - *integrity_alg = IPMI_INTEGRITY_HMAC_MD5_128; - *crypt_alg = IPMI_CRYPT_XRC4_40; - break; -- case 11: -+ case IPMI_LANPLUS_CIPHER_SUITE_11: - *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; - *integrity_alg = IPMI_INTEGRITY_MD5_128; - *crypt_alg = IPMI_CRYPT_NONE; - break; -- case 12: -+ case IPMI_LANPLUS_CIPHER_SUITE_12: - *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; - *integrity_alg = IPMI_INTEGRITY_MD5_128; - *crypt_alg = IPMI_CRYPT_AES_CBC_128; - break; -- case 13: -+ case IPMI_LANPLUS_CIPHER_SUITE_13: - *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; - *integrity_alg = IPMI_INTEGRITY_MD5_128; - *crypt_alg = IPMI_CRYPT_XRC4_128; - break; -- case 14: -+ case IPMI_LANPLUS_CIPHER_SUITE_14: - *auth_alg = IPMI_AUTH_RAKP_HMAC_MD5; - *integrity_alg = IPMI_INTEGRITY_MD5_128; - *crypt_alg = IPMI_CRYPT_XRC4_40; - break; - #ifdef HAVE_CRYPTO_SHA256 -- case 15: -+ case IPMI_LANPLUS_CIPHER_SUITE_15: - *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA256; - *integrity_alg = IPMI_INTEGRITY_NONE; - *crypt_alg = IPMI_CRYPT_NONE; - break; -- case 16: -+ case IPMI_LANPLUS_CIPHER_SUITE_16: - *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA256; - *integrity_alg = IPMI_INTEGRITY_HMAC_SHA256_128; - *crypt_alg = IPMI_CRYPT_NONE; - break; -- case 17: -+ case IPMI_LANPLUS_CIPHER_SUITE_17: - *auth_alg = IPMI_AUTH_RAKP_HMAC_SHA256; - *integrity_alg = IPMI_INTEGRITY_HMAC_SHA256_128; - *crypt_alg = IPMI_CRYPT_AES_CBC_128; - break; - #endif /* HAVE_CRYPTO_SHA256 */ -+ case IPMI_LANPLUS_CIPHER_SUITE_RESERVED: -+ default: -+ return 1; - } - - return 0; -@@ -3441,6 +3436,57 @@ ipmi_set_session_privlvl_cmd(struct ipmi_intf * intf) - return 0; - } - -+static uint8_t -+ipmi_find_best_cipher_suite(struct ipmi_intf *intf) -+{ -+ enum cipher_suite_ids best_suite = IPMI_LANPLUS_CIPHER_SUITE_RESERVED; -+#ifdef HAVE_CRYPTO_SHA256 -+ struct cipher_suite_info suites[MAX_CIPHER_SUITE_COUNT]; -+ size_t nr_suites = ARRAY_SIZE(suites); -+ /* cipher suite best order is chosen with this criteria: -+ * HMAC-MD5 and MD5 are BAD; xRC4 is bad; AES128 is required -+ * HMAC-SHA256 > HMAC-SHA1 -+ * secure authentication > encrypted content -+ * -+ * With xRC4 out, all cipher suites with MD5 out, and cipher suite 3 being -+ * required by the spec, the only better defined standard cipher suite is -+ * 17. So if SHA256 is available, we should try to use that, otherwise, -+ * fall back to 3. -+ */ -+ const enum cipher_suite_ids cipher_order_preferred[] = { -+ IPMI_LANPLUS_CIPHER_SUITE_17, -+ IPMI_LANPLUS_CIPHER_SUITE_3, -+ }; -+ const size_t nr_preferred = ARRAY_SIZE(cipher_order_preferred); -+ size_t ipref, i; -+ -+ if (ipmi_get_channel_cipher_suites(intf, "ipmi", IPMI_LAN_CHANNEL_E, -+ suites, &nr_suites) < 0) -+ { -+ /* default legacy behavior - cipher suite 3 if none is requested */ -+ return IPMI_LANPLUS_CIPHER_SUITE_3; -+ } -+ for (ipref = 0; ipref < nr_preferred && -+ IPMI_LANPLUS_CIPHER_SUITE_RESERVED == best_suite; ipref++) -+ { -+ for (i = 0; i < nr_suites; i++) { -+ if (cipher_order_preferred[ipref] == suites[i].cipher_suite_id) { -+ best_suite = cipher_order_preferred[ipref]; -+ break; -+ } -+ } -+ } -+#endif /* HAVE_CRYPTO_SHA256 */ -+ if (IPMI_LANPLUS_CIPHER_SUITE_RESERVED == best_suite) { -+ /* IPMI 2.0 spec requires that cipher suite 3 is implemented -+ * so we should always be able to fall back to that if better -+ * options are not available. */ -+ best_suite = IPMI_LANPLUS_CIPHER_SUITE_3; -+ } -+ lprintf(LOG_INFO, "Using best available cipher suite %d\n", best_suite); -+ return best_suite; -+} -+ - /** - * ipmi_lanplus_open - */ -@@ -3514,6 +3560,16 @@ ipmi_lanplus_open(struct ipmi_intf * intf) - lprintf(LOG_INFO, "This BMC does not support IPMI v2 / RMCP+"); - goto fail; - } -+ /* -+ * If no cipher suite was provided, query the channel cipher suite list and -+ * pick the best one available -+ */ -+ if (IPMI_LANPLUS_CIPHER_SUITE_RESERVED == -+ intf->ssn_params.cipher_suite_id) -+ { -+ ipmi_intf_session_set_cipher_suite_id(intf, -+ ipmi_find_best_cipher_suite(intf)); -+ } - - /* - * If the open/rakp1/rakp3 sequence encounters a timeout, the whole sequence -@@ -3728,7 +3784,7 @@ static int ipmi_lanplus_setup(struct ipmi_intf * intf) - - static void ipmi_lanp_set_max_rq_data_size(struct ipmi_intf * intf, uint16_t size) - { -- if (intf->ssn_params.cipher_suite_id == 3) { -+ if (intf->ssn_params.cipher_suite_id == IPMI_LANPLUS_CIPHER_SUITE_3) { - /* - * encrypted payload can only be multiple of 16 bytes - */ -@@ -3746,7 +3802,7 @@ static void ipmi_lanp_set_max_rq_data_size(struct ipmi_intf * intf, uint16_t siz - - static void ipmi_lanp_set_max_rp_data_size(struct ipmi_intf * intf, uint16_t size) - { -- if (intf->ssn_params.cipher_suite_id == 3) { -+ if (intf->ssn_params.cipher_suite_id == IPMI_LANPLUS_CIPHER_SUITE_3) { - /* - * encrypted payload can only be multiple of 16 bytes - */ --- -2.20.1 - diff --git a/0010-pef-missing-newline.patch b/0010-pef-missing-newline.patch deleted file mode 100644 index 7650333..0000000 --- a/0010-pef-missing-newline.patch +++ /dev/null @@ -1,33 +0,0 @@ -From f65ea137f0d03f883219a791a49cf8ea7e16776a Mon Sep 17 00:00:00 2001 -From: Vaclav Dolezal -Date: Fri, 1 Mar 2019 14:46:12 +0100 -Subject: [PATCH] Fix "ipmitool pef {status,info}" not printing final newline - -Signed-off-by: Vaclav Dolezal ---- - lib/ipmi_pef.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/lib/ipmi_pef.c b/lib/ipmi_pef.c -index bbf25f2..4be749e 100644 ---- a/lib/ipmi_pef.c -+++ b/lib/ipmi_pef.c -@@ -1183,6 +1183,7 @@ ipmi_pef2_get_info(struct ipmi_intf *intf) - ipmi_pef_print_guid(guid_ptr); - } - ipmi_pef_print_flags(&pef_b2s_actions, P_SUPP, pcap.actions); -+ putchar('\n'); - return 0; - } - -@@ -1242,6 +1243,7 @@ ipmi_pef2_get_status(struct ipmi_intf *intf) - return (-1); - } - ipmi_pef_print_flags(&pef_b2s_actions, P_ACTV, rsp->data[1]); -+ putchar('\n'); - return 0; - } - --- -2.20.1 - diff --git a/0011-expand-sensor-name-column.patch b/0011-expand-sensor-name-column.patch deleted file mode 100644 index 85e0c92..0000000 --- a/0011-expand-sensor-name-column.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 57b57b27fe2c17e3030c41ee5566af36ccd33941 Mon Sep 17 00:00:00 2001 -From: Vaclav Dolezal -Date: Thu, 30 Jan 2020 16:18:37 +0100 -Subject: [PATCH] Expand column with name in ipmitool sdr/sensor output - ---- - lib/ipmi_sdr.c | 4 ++-- - lib/ipmi_sensor.c | 4 ++-- - 2 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c -index fd2c02d..0f6faab 100644 ---- a/lib/ipmi_sdr.c -+++ b/lib/ipmi_sdr.c -@@ -1619,7 +1619,7 @@ ipmi_sdr_print_sensor_fc(struct ipmi_intf *intf, - /* - * print sensor name, reading, state - */ -- printf("%-16s | ", sr->s_id); -+ printf("%-24s | ", sr->s_id); - - memset(sval, 0, sizeof (sval)); - -@@ -1657,7 +1657,7 @@ ipmi_sdr_print_sensor_fc(struct ipmi_intf *intf, - /* - * print sensor name, number, state, entity, reading - */ -- printf("%-16s | %02Xh | ", -+ printf("%-24s | %02Xh | ", - sr->s_id, sensor->keys.sensor_num); - - if (IS_THRESHOLD_SENSOR(sensor)) { -diff --git a/lib/ipmi_sensor.c b/lib/ipmi_sensor.c -index a0b7eb8..7328508 100644 ---- a/lib/ipmi_sensor.c -+++ b/lib/ipmi_sensor.c -@@ -175,7 +175,7 @@ ipmi_sensor_print_fc_discrete(struct ipmi_intf *intf, - /* output format - * id value units status thresholds.... - */ -- printf("%-16s ", sr->s_id); -+ printf("%-24s ", sr->s_id); - if (sr->s_reading_valid) { - if (sr->s_has_analog_value) { - /* don't show discrete component */ -@@ -276,7 +276,7 @@ ipmi_sensor_print_fc_threshold(struct ipmi_intf *intf, - /* output format - * id value units status thresholds.... - */ -- printf("%-16s ", sr->s_id); -+ printf("%-24s ", sr->s_id); - if (sr->s_reading_valid) { - if (sr->s_has_analog_value) - printf("| %-10.3f | %-10s | %-6s", --- -2.20.1 - diff --git a/0012-CVE-2020-5208.patch b/0012-CVE-2020-5208.patch deleted file mode 100644 index 4d5a487..0000000 --- a/0012-CVE-2020-5208.patch +++ /dev/null @@ -1,378 +0,0 @@ -From b3e74778c65ba3ffc8a9b3133c87588ee5d18a74 Mon Sep 17 00:00:00 2001 -From: Chrostoper Ertl -Date: Thu, 28 Nov 2019 16:33:59 +0000 -Subject: [PATCH] Fixes for CVE-2020-5208 - -see https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp - -This patch is combination of following commits: - -pick e824c23316ae50beb7f7488f2055ac65e8b341f2 fru: Fix buffer overflow vulnerabilities -pick 840fb1cbb4fb365cb9797300e3374d4faefcdb10 fru: Fix buffer overflow in ipmi_spd_print_fru -pick 41d7026946fafbd4d1ec0bcaca3ea30a6e8eed22 session: Fix buffer overflow in ipmi_get_session_info -pick 9452be87181a6e83cfcc768b3ed8321763db50e4 channel: Fix buffer overflow -pick d45572d71e70840e0d4c50bf48218492b79c1a10 lanp: Fix buffer overflows in get_lan_param_select -pick 7ccea283dd62a05a320c1921e3d8d71a87772637 fru, sdr: Fix id_string buffer overflows ---- - lib/dimm_spd.c | 9 ++++++++- - lib/ipmi_channel.c | 5 ++++- - lib/ipmi_fru.c | 35 ++++++++++++++++++++++++++++++++--- - lib/ipmi_lanp.c | 14 +++++++------- - lib/ipmi_sdr.c | 40 ++++++++++++++++++++++++---------------- - lib/ipmi_session.c | 12 ++++++++---- - 6 files changed, 83 insertions(+), 32 deletions(-) - -diff --git a/lib/dimm_spd.c b/lib/dimm_spd.c -index 41e30db..68f3b4f 100644 ---- a/lib/dimm_spd.c -+++ b/lib/dimm_spd.c -@@ -1621,7 +1621,7 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id) - struct ipmi_rq req; - struct fru_info fru; - uint8_t *spd_data, msg_data[4]; -- int len, offset; -+ uint32_t len, offset; - - msg_data[0] = id; - -@@ -1697,6 +1697,13 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id) - } - - len = rsp->data[0]; -+ if(rsp->data_len < 1 -+ || len > rsp->data_len - 1 -+ || len > fru.size - offset) -+ { -+ printf(" Not enough buffer size"); -+ return -1; -+ } - memcpy(&spd_data[offset], rsp->data + 1, len); - offset += len; - } while (offset < fru.size); -diff --git a/lib/ipmi_channel.c b/lib/ipmi_channel.c -index 3ae3104..80ba522 100644 ---- a/lib/ipmi_channel.c -+++ b/lib/ipmi_channel.c -@@ -447,7 +447,10 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, - lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites"); - return -1; - } -- if (rsp->ccode || rsp->data_len < 1) { -+ if (rsp->ccode -+ || rsp->data_len < 1 -+ || rsp->data_len > sizeof(uint8_t) + MAX_CIPHER_SUITE_DATA_LEN) -+ { - lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s", - val2str(rsp->ccode, completion_code_vals)); - return -1; -diff --git a/lib/ipmi_fru.c b/lib/ipmi_fru.c -index cf00eff..98bc984 100644 ---- a/lib/ipmi_fru.c -+++ b/lib/ipmi_fru.c -@@ -615,7 +615,10 @@ int - read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, - uint32_t offset, uint32_t length, uint8_t *frubuf) - { -- uint32_t off = offset, tmp, finish; -+ uint32_t off = offset; -+ uint32_t tmp; -+ uint32_t finish; -+ uint32_t size_left_in_buffer; - struct ipmi_rs * rsp; - struct ipmi_rq req; - uint8_t msg_data[4]; -@@ -628,10 +631,12 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, - - finish = offset + length; - if (finish > fru->size) { -+ memset(frubuf + fru->size, 0, length - fru->size); - finish = fru->size; - lprintf(LOG_NOTICE, "Read FRU Area length %d too large, " - "Adjusting to %d", - offset + length, finish - offset); -+ length = finish - offset; - } - - memset(&req, 0, sizeof(req)); -@@ -667,6 +672,7 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, - } - } - -+ size_left_in_buffer = length; - do { - tmp = fru->access ? off >> 1 : off; - msg_data[0] = id; -@@ -707,9 +713,18 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, - } - - tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0]; -+ if(rsp->data_len < 1 -+ || tmp > rsp->data_len - 1 -+ || tmp > size_left_in_buffer) -+ { -+ printf(" Not enough buffer size"); -+ return -1; -+ } -+ - memcpy(frubuf, rsp->data + 1, tmp); - off += tmp; - frubuf += tmp; -+ size_left_in_buffer -= tmp; - /* sometimes the size returned in the Info command - * is too large. return 0 so higher level function - * still attempts to parse what was returned */ -@@ -742,7 +757,9 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, - uint32_t offset, uint32_t length, uint8_t *frubuf) - { - static uint32_t fru_data_rqst_size = 20; -- uint32_t off = offset, tmp, finish; -+ uint32_t off = offset; -+ uint32_t tmp, finish; -+ uint32_t size_left_in_buffer; - struct ipmi_rs * rsp; - struct ipmi_rq req; - uint8_t msg_data[4]; -@@ -755,10 +772,12 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, - - finish = offset + length; - if (finish > fru->size) { -+ memset(frubuf + fru->size, 0, length - fru->size); - finish = fru->size; - lprintf(LOG_NOTICE, "Read FRU Area length %d too large, " - "Adjusting to %d", - offset + length, finish - offset); -+ length = finish - offset; - } - - memset(&req, 0, sizeof(req)); -@@ -773,6 +792,8 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, - if (fru->access && fru_data_rqst_size > 16) - #endif - fru_data_rqst_size = 16; -+ -+ size_left_in_buffer = length; - do { - tmp = fru->access ? off >> 1 : off; - msg_data[0] = id; -@@ -804,8 +825,16 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id, - } - - tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0]; -+ if(rsp->data_len < 1 -+ || tmp > rsp->data_len - 1 -+ || tmp > size_left_in_buffer) -+ { -+ printf(" Not enough buffer size"); -+ return -1; -+ } - memcpy((frubuf + off)-offset, rsp->data + 1, tmp); - off += tmp; -+ size_left_in_buffer -= tmp; - - /* sometimes the size returned in the Info command - * is too large. return 0 so higher level function -@@ -3033,7 +3062,7 @@ ipmi_fru_print(struct ipmi_intf * intf, struct sdr_record_fru_locator * fru) - return 0; - - memset(desc, 0, sizeof(desc)); -- memcpy(desc, fru->id_string, fru->id_code & 0x01f); -+ memcpy(desc, fru->id_string, __min(fru->id_code & 0x01f, sizeof(desc))); - desc[fru->id_code & 0x01f] = 0; - printf("FRU Device Description : %s (ID %d)\n", desc, fru->device_id); - -diff --git a/lib/ipmi_lanp.c b/lib/ipmi_lanp.c -index 65d881b..022c7f1 100644 ---- a/lib/ipmi_lanp.c -+++ b/lib/ipmi_lanp.c -@@ -1809,7 +1809,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, - if (p == NULL) { - return (-1); - } -- memcpy(data, p->data, p->data_len); -+ memcpy(data, p->data, __min(p->data_len, sizeof(data))); - /* set new ipaddr */ - memcpy(data+3, temp, 4); - printf("Setting LAN Alert %d IP Address to %d.%d.%d.%d\n", alert, -@@ -1824,7 +1824,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, - if (p == NULL) { - return (-1); - } -- memcpy(data, p->data, p->data_len); -+ memcpy(data, p->data, __min(p->data_len, sizeof(data))); - /* set new macaddr */ - memcpy(data+7, temp, 6); - printf("Setting LAN Alert %d MAC Address to " -@@ -1838,7 +1838,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, - if (p == NULL) { - return (-1); - } -- memcpy(data, p->data, p->data_len); -+ memcpy(data, p->data, __min(p->data_len, sizeof(data))); - - if (strncasecmp(argv[1], "def", 3) == 0 || - strncasecmp(argv[1], "default", 7) == 0) { -@@ -1864,7 +1864,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, - if (p == NULL) { - return (-1); - } -- memcpy(data, p->data, p->data_len); -+ memcpy(data, p->data, __min(p->data_len, sizeof(data))); - - if (strncasecmp(argv[1], "on", 2) == 0 || - strncasecmp(argv[1], "yes", 3) == 0) { -@@ -1889,7 +1889,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, - if (p == NULL) { - return (-1); - } -- memcpy(data, p->data, p->data_len); -+ memcpy(data, p->data, __min(p->data_len, sizeof(data))); - - if (strncasecmp(argv[1], "pet", 3) == 0) { - printf("Setting LAN Alert %d destination to PET Trap\n", alert); -@@ -1917,7 +1917,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, - if (p == NULL) { - return (-1); - } -- memcpy(data, p->data, p->data_len); -+ memcpy(data, p->data, __min(p->data_len, sizeof(data))); - - if (str2uchar(argv[1], &data[2]) != 0) { - lprintf(LOG_ERR, "Invalid time: %s", argv[1]); -@@ -1933,7 +1933,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert, - if (p == NULL) { - return (-1); - } -- memcpy(data, p->data, p->data_len); -+ memcpy(data, p->data, __min(p->data_len, sizeof(data))); - - if (str2uchar(argv[1], &data[3]) != 0) { - lprintf(LOG_ERR, "Invalid retry: %s", argv[1]); -diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c -index 0f6faab..9890132 100644 ---- a/lib/ipmi_sdr.c -+++ b/lib/ipmi_sdr.c -@@ -2086,7 +2086,7 @@ ipmi_sdr_print_sensor_eventonly(struct ipmi_intf *intf, - return -1; - - memset(desc, 0, sizeof (desc)); -- snprintf(desc, (sensor->id_code & 0x1f) + 1, "%s", sensor->id_string); -+ snprintf(desc, sizeof(desc), "%.*s", (sensor->id_code & 0x1f) + 1, sensor->id_string); - - if (verbose) { - printf("Sensor ID : %s (0x%x)\n", -@@ -2137,7 +2137,7 @@ ipmi_sdr_print_sensor_mc_locator(struct ipmi_intf *intf, - return -1; - - memset(desc, 0, sizeof (desc)); -- snprintf(desc, (mc->id_code & 0x1f) + 1, "%s", mc->id_string); -+ snprintf(desc, sizeof(desc), "%.*s", (mc->id_code & 0x1f) + 1, mc->id_string); - - if (verbose == 0) { - if (csv_output) -@@ -2230,7 +2230,7 @@ ipmi_sdr_print_sensor_generic_locator(struct ipmi_intf *intf, - char desc[17]; - - memset(desc, 0, sizeof (desc)); -- snprintf(desc, (dev->id_code & 0x1f) + 1, "%s", dev->id_string); -+ snprintf(desc, sizeof(desc), "%.*s", (dev->id_code & 0x1f) + 1, dev->id_string); - - if (!verbose) { - if (csv_output) -@@ -2287,7 +2287,7 @@ ipmi_sdr_print_sensor_fru_locator(struct ipmi_intf *intf, - char desc[17]; - - memset(desc, 0, sizeof (desc)); -- snprintf(desc, (fru->id_code & 0x1f) + 1, "%s", fru->id_string); -+ snprintf(desc, sizeof(desc), "%.*s", (fru->id_code & 0x1f) + 1, fru->id_string); - - if (!verbose) { - if (csv_output) -@@ -2491,35 +2491,43 @@ ipmi_sdr_print_name_from_rawentry(struct ipmi_intf *intf, uint16_t id, - - int rc =0; - char desc[17]; -+ const char *id_string; -+ uint8_t id_code; - memset(desc, ' ', sizeof (desc)); - - switch ( type) { - case SDR_RECORD_TYPE_FULL_SENSOR: - record.full = (struct sdr_record_full_sensor *) raw; -- snprintf(desc, (record.full->id_code & 0x1f) +1, "%s", -- (const char *)record.full->id_string); -+ id_code = record.full->id_code; -+ id_string = record.full->id_string; - break; -+ - case SDR_RECORD_TYPE_COMPACT_SENSOR: - record.compact = (struct sdr_record_compact_sensor *) raw ; -- snprintf(desc, (record.compact->id_code & 0x1f) +1, "%s", -- (const char *)record.compact->id_string); -+ id_code = record.compact->id_code; -+ id_string = record.compact->id_string; - break; -+ - case SDR_RECORD_TYPE_EVENTONLY_SENSOR: - record.eventonly = (struct sdr_record_eventonly_sensor *) raw ; -- snprintf(desc, (record.eventonly->id_code & 0x1f) +1, "%s", -- (const char *)record.eventonly->id_string); -- break; -+ id_code = record.eventonly->id_code; -+ id_string = record.eventonly->id_string; -+ break; -+ - case SDR_RECORD_TYPE_MC_DEVICE_LOCATOR: - record.mcloc = (struct sdr_record_mc_locator *) raw ; -- snprintf(desc, (record.mcloc->id_code & 0x1f) +1, "%s", -- (const char *)record.mcloc->id_string); -+ id_code = record.mcloc->id_code; -+ id_string = record.mcloc->id_string; - break; -+ - default: - rc = -1; -- break; -- } -+ } -+ if (!rc) { -+ snprintf(desc, sizeof(desc), "%.*s", (id_code & 0x1f) + 1, id_string); -+ } - -- lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc); -+ lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc); - return rc; - } - -diff --git a/lib/ipmi_session.c b/lib/ipmi_session.c -index 141f0f4..b9af1fd 100644 ---- a/lib/ipmi_session.c -+++ b/lib/ipmi_session.c -@@ -309,8 +309,10 @@ ipmi_get_session_info(struct ipmi_intf * intf, - } - else - { -- memcpy(&session_info, rsp->data, rsp->data_len); -- print_session_info(&session_info, rsp->data_len); -+ memcpy(&session_info, rsp->data, -+ __min(rsp->data_len, sizeof(session_info))); -+ print_session_info(&session_info, -+ __min(rsp->data_len, sizeof(session_info))); - } - break; - -@@ -341,8 +343,10 @@ ipmi_get_session_info(struct ipmi_intf * intf, - break; - } - -- memcpy(&session_info, rsp->data, rsp->data_len); -- print_session_info(&session_info, rsp->data_len); -+ memcpy(&session_info, rsp->data, -+ __min(rsp->data_len, sizeof(session_info))); -+ print_session_info(&session_info, -+ __min(rsp->data_len, sizeof(session_info))); - - } while (i <= session_info.session_slot_count); - break; --- -2.20.1 - diff --git a/cxoem-jb-cx6.patch b/cxoem-jb-cx6.patch deleted file mode 100644 index 12c6e6b..0000000 --- a/cxoem-jb-cx6.patch +++ /dev/null @@ -1,4759 +0,0 @@ -commit 194d20c909c93874583db20fbf1e0739a8f8c7e0 -Author: Ales Ledvinka -Date: Thu Jul 25 12:29:08 2013 +0200 - - Jeff's bugzilla cx6 patch - -diff --git a/include/ipmitool/Makefile.am b/include/ipmitool/Makefile.am -index fb6f6bf..83bc76f 100644 ---- a/include/ipmitool/Makefile.am -+++ b/include/ipmitool/Makefile.am -@@ -38,5 +38,5 @@ noinst_HEADERS = log.h bswap.h helper.h ipmi.h ipmi_cc.h ipmi_intf.h \ - ipmi_oem.h ipmi_sdradd.h ipmi_isol.h ipmi_sunoem.h ipmi_picmg.h \ - ipmi_fwum.h ipmi_main.h ipmi_tsol.h ipmi_firewall.h \ - ipmi_kontronoem.h ipmi_ekanalyzer.h ipmi_gendev.h ipmi_ime.h \ -- ipmi_delloem.h ipmi_dcmi.h -+ ipmi_delloem.h ipmi_dcmi.h ipmi_cxoem.h - -diff --git a/include/ipmitool/ipmi.h b/include/ipmitool/ipmi.h -index e74c252..759417c 100644 ---- a/include/ipmitool/ipmi.h -+++ b/include/ipmitool/ipmi.h -@@ -245,6 +245,7 @@ struct ipmi_rs { - #define IPMI_NETFN_OEM 0x2E - #define IPMI_NETFN_ISOL 0x34 - #define IPMI_NETFN_TSOL 0x30 -+#define IPMI_NETFN_CX_OEM 0x3e - - #define IPMI_BMC_SLAVE_ADDR 0x20 - #define IPMI_REMOTE_SWID 0x81 -diff --git a/include/ipmitool/ipmi_constants.h b/include/ipmitool/ipmi_constants.h -index 2aad2cf..d316c61 100644 ---- a/include/ipmitool/ipmi_constants.h -+++ b/include/ipmitool/ipmi_constants.h -@@ -114,6 +114,8 @@ - #define IPMI_CHASSIS_BOOTPARAM_INIT_INFO 6 - #define IPMI_CHASSIS_BOOTPARAM_INIT_MBOX 7 - -+#define IPMI_CHASSIS_BOOTPARAM_OEM_BOOT_POLICY 96 // Calxeda OEM boot param -+ - /* From table 13-17 of the IPMI v2 specification */ - #define IPMI_AUTH_RAKP_NONE 0x00 - #define IPMI_AUTH_RAKP_HMAC_SHA1 0x01 -diff --git a/include/ipmitool/ipmi_cxoem.h b/include/ipmitool/ipmi_cxoem.h -new file mode 100644 -index 0000000..9a01f85 ---- /dev/null -+++ b/include/ipmitool/ipmi_cxoem.h -@@ -0,0 +1,209 @@ -+/* -+ * Copyright (c) 2011 Calxeda, Inc. All Rights Reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * Redistribution of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * Redistribution in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * Neither the name of Calxeda, Inc. or the names of -+ * contributors may be used to endorse or promote products derived -+ * from this software without specific prior written permission. -+ * -+ * This software is provided "AS IS," without a warranty of any kind. -+ */ -+ -+#ifndef IPMI_CXOEM_H -+#define IPMI_CXOEM_H -+ -+#if HAVE_CONFIG_H -+#include -+#endif -+#include -+#include -+ -+#define CX_VERSION "-cx6" -+#define IPMI_NETFN_OEM_SS 0x3e -+ -+/* -+ * CX IPMI OEM command ids -+ */ -+#define MSG_ELEMENT_TERMINATOR 0xff -+#define MSG_PARAM_VAL_START_SCALAR 0xf0 -+#define MSG_PARAM_VAL_START_STRING 0xf1 -+#define MSG_PARAM_VAL_START_IPV4_ADDR 0xf2 -+#define MSG_PARAM_VAL_START_MAC_ADDR 0xf3 -+#define MSG_PARAM_VAL_START_BITMAP 0xf4 -+ -+#define IPMI_CMD_OEM_GET_DEVICE_INFO 0x01 -+#define IPMI_CMD_OEM_FEATURES_ENABLE 0xD0 -+#define IPMI_CMD_OEM_FW_DOWNLOAD 0xE0 -+#define IPMI_CMD_OEM_FW_GET_STATUS 0xE1 -+#define IPMI_CMD_OEM_FW_SET_STATUS 0xE2 -+#define IPMI_CMD_OEM_FW_RAW 0xE3 -+#define IPMI_CMD_OEM_FABRIC_GET 0xE4 -+#define IPMI_CMD_OEM_FABRIC_SET 0xE5 -+#define IPMI_CMD_OEM_FABRIC_CONFIG_GET 0xE6 -+#define IPMI_CMD_OEM_FABRIC_CONFIG_SET 0xE7 -+#define IPMI_CMD_OEM_FABRIC_UPDATE_CONFIG 0xE8 -+#define IPMI_CMD_OEM_FW_RESET 0xE9 -+#define IPMI_CMD_OEM_DATA_ACCESS 0xEA -+#define IPMI_CMD_OEM_FABRIC_ADD 0xEB -+#define IPMI_CMD_OEM_FABRIC_RM 0xEC -+#define IPMI_CMD_OEM_TEST 0xED -+#define IPMI_CMD_OEM_FABRIC_INFO 0xEE -+#define IPMI_CMD_OEM_FABRIC_SET_WATCH 0xEF -+#define IPMI_CMD_OEM_FABRIC_CLEAR_WATCH 0xF0 -+#define IPMI_CMD_OEM_FABRIC_FACTORY_DEFAULT 0xF1 -+#define IPMI_CMD_OEM_FABRIC_CREATE 0xF2 -+#define IPMI_CMD_OEM_FABRIC_DELETE 0xF3 -+#define IPMI_CMD_OEM_FABRIC_TRACE 0xF4 -+ -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_IPADDR 0x01 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_NETMASK 0x02 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_DEFGW 0x03 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_IPSRC 0x04 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_MACADDR 0x05 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_IPINFO 0x06 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_MTU 0x07 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_UPLINK_MODE 0x08 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_MACADDRS 0x09 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_NODEID 0x0A -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_LINKSPEED 0x0B -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_UPLINK 0x0C -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_LINKMAP 0x0D -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_DEPTH_CHART 0x0E -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_ROUTING_TABLE 0x0F -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_LINK_STATS 0x10 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_MAC_STATS 0x11 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_UPLINK_STATS 0x12 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_MAC_CHANNEL_STATS 0x13 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_GLOBAL_WATCH 0x14 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_MAC_WATCH 0x15 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_MAC_CHANNEL_WATCH 0x16 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_LINK_WATCH 0x17 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_UPLINK_WATCH 0x18 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_NTP_SERVER 0x19 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_NTP_PORT 0x1A -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_LINK_RESILIENCE 0x1B -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_NODENUM_OFFSET 0x1C -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_LINKSPEED_POLICY 0x1D -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_LINK_USERS 0x1E -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_CONFIGURATIONID 0x1F -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_PARTITIONID 0x20 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_PARTITION_NODES 0x21 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_PARTITION_RANGE 0x22 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_PROFILEID 0x23 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_IPADDR_BASE 0x24 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_IPADDR_NUM 0x25 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_CUSTOMER_MACADDR 0x26 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_LINK_USERS_FACTOR 0x27 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_UPLINK_INFO 0x28 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_START 0x29 -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_STOP 0x2a -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_STATUS 0x2b -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_DUMP 0x2c -+#define IPMI_CMD_OEM_FABRIC_PARAMETER_LACP_STATUS 0x2d -+ -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_NODE 0x40 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_INTERFACE 0x41 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_TFTP 0x42 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_PORT 0x43 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_FILENAME 0x44 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_LINK 0x45 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_OVERRIDE 0x46 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_MAC 0x47 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_HOST 0x48 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_FREQUENCY 0x49 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_ACTUAL 0x50 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_AVERAGING_FREQUENCY 0x51 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_CONFIGURATION 0x52 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_PARTITION 0x53 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_PROFILE 0x54 -+#define IPMI_CMD_OEM_FABRIC_SPECIFIER_SIZE 0x55 -+ -+/* -+ * CX-defined constants -+ */ -+#define CXOEM_FW_DOWNLOAD 1 -+#define CXOEM_FW_STOP 2 -+#define CXOEM_FW_UPLOAD 3 -+#define CXOEM_FW_REGISTER_READ 4 -+#define CXOEM_FW_REGISTER_WRITE 5 -+ -+ -+static const int CXOEM_SUCCESS = 0; -+static const int CXOEM_ERROR = -1; -+ -+ -+/* -+ * OEM FW rq/rs structs -+ */ -+ -+typedef struct img_info_s { -+ unsigned char id; -+ unsigned char type; -+ uint32_t img_addr; -+ uint32_t img_size; -+ uint32_t in_use; -+} __attribute__ ((packed)) img_info_t; -+ -+typedef struct simg_header_s { -+ unsigned char magic[4]; -+ uint16_t hdrfmt; -+ uint16_t priority; -+ uint32_t imgoff; -+ uint32_t imglen; -+ uint32_t daddr; -+ uint32_t flags; -+ uint32_t crc32; -+ unsigned char version[32]; -+} __attribute__ ((packed)) simg_header_t; -+ -+struct cx_fw_info_rs { -+ unsigned char ver; /* param version */ -+ unsigned char count; /* number of bytes */ -+ img_info_t img_info; -+} __attribute__ ((packed)); -+ -+ -+/* -+ * OEM info rs structs -+ */ -+ -+typedef union cx_info_basic_u { -+ /* Revision 1 */ -+ struct { -+ uint32_t iana; -+ uint8_t parameter_revision; -+ uint8_t ecme_major_version; -+ uint8_t ecme_minor_version; -+ uint8_t ecme_revision; -+ uint32_t ecme_build_number; -+ uint32_t ecme_timestamp; -+ char firmware_version[32]; -+ } __attribute__ ((packed)) rev1; -+ -+ /* Revision 2 -- replaced ECME version with a string */ -+ struct { -+ uint32_t iana; -+ uint8_t parameter_revision; -+ char ecme_version[32]; -+ uint32_t ecme_timestamp; -+ char firmware_version[32]; -+ } __attribute__ ((packed)) rev2; -+} cx_info_basic_t; -+ -+ -+/* -+ * Prototypes -+ */ -+int ipmi_cxoem_main(struct ipmi_intf *, int, char **); -+ -+#endif /*IPMI_CXOEM_H */ -diff --git a/include/ipmitool/ipmi_lanp.h b/include/ipmitool/ipmi_lanp.h -index 1aaae5e..0e457f7 100644 ---- a/include/ipmitool/ipmi_lanp.h -+++ b/include/ipmitool/ipmi_lanp.h -@@ -79,10 +79,17 @@ enum { - IPMI_LANP_OEM_ALERT_STRING=96, - IPMI_LANP_ALERT_RETRY=97, - IPMI_LANP_UTC_OFFSET=98, -- IPMI_LANP_DHCP_SERVER_IP=192, -- IPMI_LANP_DHCP_SERVER_MAC=193, -- IPMI_LANP_DHCP_ENABLE=194, -- IPMI_LANP_CHAN_ACCESS_MODE=201, -+ IPMI_LANP_TFTP_SERVER_IP=193, -+ IPMI_LANP_TFTP_UDP_PORT=194, -+ IPMI_LANP_NTP_SERVER_IP=195, -+ IPMI_LANP_NTP_UDP_PORT=196, -+ IPMI_LANP_OEM_OUID=197, -+ IPMI_LANP_OEM_MAC0=198, -+ IPMI_LANP_OEM_MAC1=199, -+ IPMI_LANP_OEM_MAC2=200, -+ IPMI_LANP_SC_OUID=201, -+ IPMI_LANP_SC_MODE=202, -+ IPMI_LANP_SC_FID=203 - }; - - static struct lan_param { -@@ -120,10 +127,17 @@ static struct lan_param { - { IPMI_LANP_OEM_ALERT_STRING, 28, "OEM Alert String" }, /* 25 */ - { IPMI_LANP_ALERT_RETRY, 1, "Alert Retry Algorithm" }, - { IPMI_LANP_UTC_OFFSET, 3, "UTC Offset" }, -- { IPMI_LANP_DHCP_SERVER_IP, 4, "DHCP Server IP" }, -- { IPMI_LANP_DHCP_SERVER_MAC, 6, "DHDP Server MAC" }, -- { IPMI_LANP_DHCP_ENABLE, 1, "DHCP Enable" }, /* 30 */ -- { IPMI_LANP_CHAN_ACCESS_MODE, 2, "Channel Access Mode" }, -+ { IPMI_LANP_TFTP_SERVER_IP, 4, "TFTP Server IP" }, /* 28 */ -+ { IPMI_LANP_TFTP_UDP_PORT, 2, "TFTP UDP port" }, -+ { IPMI_LANP_NTP_SERVER_IP, 4, "NTP Server IP" }, -+ { IPMI_LANP_NTP_UDP_PORT, 2, "NTP UDP port" }, -+ { IPMI_LANP_OEM_OUID, 3, "OEM OUID" }, -+ { IPMI_LANP_OEM_MAC0, 6, "OEM MAC0" }, -+ { IPMI_LANP_OEM_MAC1, 6, "OEM MAC1" }, -+ { IPMI_LANP_OEM_MAC2, 6, "OEM MAC2" }, -+ { IPMI_LANP_SC_OUID, 3, "Supercluster OUID" }, -+ { IPMI_LANP_SC_MODE, 1, "Supercluster mode" }, -+ { IPMI_LANP_SC_FID, 1, "Supercluster FID" }, - { -1 } - }; - -diff --git a/lib/Makefile.am b/lib/Makefile.am -index 3422521..f304502 100644 ---- a/lib/Makefile.am -+++ b/lib/Makefile.am -@@ -39,7 +39,7 @@ libipmitool_la_SOURCES = helper.c ipmi_sdr.c ipmi_sel.c ipmi_sol.c ipmi_pef.c \ - ipmi_oem.c ipmi_isol.c ipmi_sunoem.c ipmi_fwum.c ipmi_picmg.c \ - ipmi_main.c ipmi_tsol.c ipmi_firewall.c ipmi_kontronoem.c \ - ipmi_hpmfwupg.c ipmi_sdradd.c ipmi_ekanalyzer.c ipmi_gendev.c \ -- ipmi_ime.c ipmi_delloem.c ipmi_dcmi.c \ -+ ipmi_ime.c ipmi_delloem.c ipmi_dcmi.c ipmi_cxoem.c \ - ../src/plugins/lan/md5.c ../src/plugins/lan/md5.h - - libipmitool_la_LDFLAGS = -export-dynamic -diff --git a/lib/ipmi_chassis.c b/lib/ipmi_chassis.c -index 2d47974..445b34d 100644 ---- a/lib/ipmi_chassis.c -+++ b/lib/ipmi_chassis.c -@@ -746,6 +746,12 @@ ipmi_chassis_get_bootparam(struct ipmi_intf * intf, char * arg) - printf(" Block Data : %s\n", buf2str(rsp->data+3, rsp->data_len - 2)); - } - break; -+ case 96: -+ { -+ printf(" Selector : %d\n", rsp->data[1] ); -+ printf(" Boot Policy : %d\n", rsp->data[2] ); -+ } -+ break; - default: - printf(" Undefined byte\n"); - break; -@@ -860,6 +866,86 @@ ipmi_chassis_set_bootdev(struct ipmi_intf * intf, char * arg, uint8_t *iflags) - } - - static int -+ipmi_chassis_set_boot_policy(struct ipmi_intf * intf, char * arg) -+{ -+ uint8_t flags[5]; -+ int rc = 0; -+ int use_progress = 1; -+ -+ if (use_progress) { -+ /* set set-in-progress flag */ -+ memset(flags, 0, 5); -+ flags[0] = 0x01; -+ rc = ipmi_chassis_set_bootparam(intf, -+ IPMI_CHASSIS_BOOTPARAM_SET_IN_PROGRESS, flags, 1); -+ if (rc < 0) -+ use_progress = 0; -+ } -+ -+ memset(flags, 0, 5); -+ flags[0] = 0x01; -+ flags[1] = 0x01; -+ rc = ipmi_chassis_set_bootparam(intf, IPMI_CHASSIS_BOOTPARAM_INFO_ACK, -+ flags, 2); -+ -+ if (rc < 0) { -+ if (use_progress) { -+ /* set-in-progress = set-complete */ -+ memset(flags, 0, 5); -+ ipmi_chassis_set_bootparam(intf, -+ IPMI_CHASSIS_BOOTPARAM_SET_IN_PROGRESS, -+ flags, 1); -+ } -+ return -1; -+ } -+ -+ memset(flags, 0, 5); -+ -+ if (strncmp(arg, "0", 1) == 0) -+ flags[0] = 0; -+ else if (strncmp(arg, "1", 1) == 0) -+ flags[0] = 1; -+ else if (strncmp(arg, "2", 1) == 0) -+ flags[0] = 2; -+ else { -+ lprintf(LOG_ERR, "Invalid argument: %s", arg); -+ if (use_progress) { -+ /* set-in-progress = set-complete */ -+ memset(flags, 0, 5); -+ ipmi_chassis_set_bootparam(intf, -+ IPMI_CHASSIS_BOOTPARAM_SET_IN_PROGRESS, -+ flags, 1); -+ } -+ return -1; -+ } -+ -+ rc = ipmi_chassis_set_bootparam(intf, IPMI_CHASSIS_BOOTPARAM_OEM_BOOT_POLICY, -+ flags, 1); -+ if (rc == 0) { -+ if (use_progress) { -+ /* set-in-progress = commit-write */ -+ memset(flags, 0, 5); -+ flags[0] = 0x02; -+ ipmi_chassis_set_bootparam(intf, -+ IPMI_CHASSIS_BOOTPARAM_SET_IN_PROGRESS, -+ flags, 1); -+ } -+ -+ printf("Set Boot Policy to %s\n", arg); -+ } -+ -+ if (use_progress) { -+ /* set-in-progress = set-complete */ -+ memset(flags, 0, 5); -+ ipmi_chassis_set_bootparam(intf, -+ IPMI_CHASSIS_BOOTPARAM_SET_IN_PROGRESS, -+ flags, 1); -+ } -+ -+ return rc; -+} -+ -+static int - ipmi_chassis_power_policy(struct ipmi_intf * intf, uint8_t policy) - { - struct ipmi_rs * rsp; -@@ -1043,6 +1129,10 @@ ipmi_chassis_main(struct ipmi_intf * intf, int argc, char ** argv) - lprintf(LOG_NOTICE, " force_diag : Force boot from Diagnostic Partition"); - lprintf(LOG_NOTICE, " force_cdrom : Force boot from CD/DVD"); - lprintf(LOG_NOTICE, " force_bios : Force boot into BIOS Setup"); -+ lprintf(LOG_NOTICE, "bootparam set policy "); -+ lprintf(LOG_NOTICE, " 0 : Boot ASAP"); -+ lprintf(LOG_NOTICE, " 1 : Boot when Fabric is ready"); -+ lprintf(LOG_NOTICE, " 2 : Boot after a fixed delay"); - } - else { - if (strncmp(argv[1], "get", 3) == 0) { -@@ -1054,6 +1144,8 @@ ipmi_chassis_main(struct ipmi_intf * intf, int argc, char ** argv) - } else { - if (strncmp(argv[2], "bootflag", 8) == 0) - rc = ipmi_chassis_set_bootdev(intf, argv[3], NULL); -+ else if (strncmp(argv[2], "policy", 6) == 0) -+ rc = ipmi_chassis_set_boot_policy(intf, argv[3]); - else - lprintf(LOG_NOTICE, "bootparam set