|
Packit |
d14fb6 |
/* -*-mode: C; indent-tabs-mode: t; -*-
|
|
Packit |
d14fb6 |
* Copyright (c) 2003 Sun Microsystems, Inc. All Rights Reserved.
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* Redistribution and use in source and binary forms, with or without
|
|
Packit |
d14fb6 |
* modification, are permitted provided that the following conditions
|
|
Packit |
d14fb6 |
* are met:
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* Redistribution of source code must retain the above copyright
|
|
Packit |
d14fb6 |
* notice, this list of conditions and the following disclaimer.
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* Redistribution in binary form must reproduce the above copyright
|
|
Packit |
d14fb6 |
* notice, this list of conditions and the following disclaimer in the
|
|
Packit |
d14fb6 |
* documentation and/or other materials provided with the distribution.
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* Neither the name of Sun Microsystems, Inc. or the names of
|
|
Packit |
d14fb6 |
* contributors may be used to endorse or promote products derived
|
|
Packit |
d14fb6 |
* from this software without specific prior written permission.
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* This software is provided "AS IS," without a warranty of any kind.
|
|
Packit |
d14fb6 |
* ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES,
|
|
Packit |
d14fb6 |
* INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A
|
|
Packit |
d14fb6 |
* PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED.
|
|
Packit |
d14fb6 |
* SUN MICROSYSTEMS, INC. ("SUN") AND ITS LICENSORS SHALL NOT BE LIABLE
|
|
Packit |
d14fb6 |
* FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING
|
|
Packit |
d14fb6 |
* OR DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL
|
|
Packit |
d14fb6 |
* SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA,
|
|
Packit |
d14fb6 |
* OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR
|
|
Packit |
d14fb6 |
* PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF
|
|
Packit |
d14fb6 |
* LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
|
|
Packit |
d14fb6 |
* EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
#include <stdlib.h>
|
|
Packit |
d14fb6 |
#include <stdio.h>
|
|
Packit |
d14fb6 |
#include <string.h>
|
|
Packit |
d14fb6 |
#include <strings.h>
|
|
Packit |
d14fb6 |
#include <sys/types.h>
|
|
Packit |
d14fb6 |
#include <sys/socket.h>
|
|
Packit |
d14fb6 |
#include <netinet/in.h>
|
|
Packit |
d14fb6 |
#include <arpa/inet.h>
|
|
Packit |
d14fb6 |
#include <errno.h>
|
|
Packit |
d14fb6 |
#include <unistd.h>
|
|
Packit |
d14fb6 |
#include <signal.h>
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
#include <ipmitool/ipmi.h>
|
|
Packit |
d14fb6 |
#include <ipmitool/ipmi_intf.h>
|
|
Packit |
d14fb6 |
#include <ipmitool/helper.h>
|
|
Packit |
d14fb6 |
#include <ipmitool/log.h>
|
|
Packit |
d14fb6 |
#include <ipmitool/ipmi_lanp.h>
|
|
Packit |
d14fb6 |
#include <ipmitool/ipmi_channel.h>
|
|
Packit |
d14fb6 |
#include <ipmitool/ipmi_strings.h>
|
|
Packit |
d14fb6 |
#include <ipmitool/ipmi_constants.h>
|
|
Packit |
d14fb6 |
#include <ipmitool/ipmi_user.h>
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
extern int csv_output;
|
|
Packit |
d14fb6 |
extern int verbose;
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
void printf_channel_usage(void);
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/* _ipmi_get_channel_access - Get Channel Access for given channel. Results are
|
|
Packit |
d14fb6 |
* stored into passed struct.
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* @intf - IPMI interface
|
|
Packit |
d14fb6 |
* @channel_access - ptr to channel_access_t with Channel set.
|
|
Packit |
d14fb6 |
* @get_volatile_settings - get volatile if != 0, else non-volatile settings.
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* returns - negative number means error, positive is a ccode.
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
int
|
|
Packit |
d14fb6 |
_ipmi_get_channel_access(struct ipmi_intf *intf,
|
|
Packit |
d14fb6 |
struct channel_access_t *channel_access,
|
|
Packit |
d14fb6 |
uint8_t get_volatile_settings)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
struct ipmi_rs *rsp;
|
|
Packit |
d14fb6 |
struct ipmi_rq req = {0};
|
|
Packit |
d14fb6 |
uint8_t data[2];
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
if (channel_access == NULL) {
|
|
Packit |
d14fb6 |
return (-3);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
data[0] = channel_access->channel & 0x0F;
|
|
Packit |
d14fb6 |
/* volatile - 0x80; non-volatile - 0x40 */
|
|
Packit |
d14fb6 |
data[1] = get_volatile_settings ? 0x80 : 0x40;
|
|
Packit |
d14fb6 |
req.msg.netfn = IPMI_NETFN_APP;
|
|
Packit |
d14fb6 |
req.msg.cmd = IPMI_GET_CHANNEL_ACCESS;
|
|
Packit |
d14fb6 |
req.msg.data = data;
|
|
Packit |
d14fb6 |
req.msg.data_len = 2;
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
rsp = intf->sendrecv(intf, &req;;
|
|
Packit |
d14fb6 |
if (rsp == NULL) {
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
} else if (rsp->ccode != 0) {
|
|
Packit |
d14fb6 |
return rsp->ccode;
|
|
Packit |
d14fb6 |
} else if (rsp->data_len != 2) {
|
|
Packit |
d14fb6 |
return (-2);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
channel_access->alerting = rsp->data[0] & 0x20;
|
|
Packit |
d14fb6 |
channel_access->per_message_auth = rsp->data[0] & 0x10;
|
|
Packit |
d14fb6 |
channel_access->user_level_auth = rsp->data[0] & 0x08;
|
|
Packit |
d14fb6 |
channel_access->access_mode = rsp->data[0] & 0x07;
|
|
Packit |
d14fb6 |
channel_access->privilege_limit = rsp->data[1] & 0x0F;
|
|
Packit |
d14fb6 |
return 0;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/* _ipmi_get_channel_info - Get Channel Info for given channel. Results are
|
|
Packit |
d14fb6 |
* stored into passed struct.
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* @intf - IPMI interface
|
|
Packit |
d14fb6 |
* @channel_info - ptr to channel_info_t with Channel set.
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* returns - negative number means error, positive is a ccode.
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
int
|
|
Packit |
d14fb6 |
_ipmi_get_channel_info(struct ipmi_intf *intf,
|
|
Packit |
d14fb6 |
struct channel_info_t *channel_info)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
struct ipmi_rs *rsp;
|
|
Packit |
d14fb6 |
struct ipmi_rq req = {0};
|
|
Packit |
d14fb6 |
uint8_t data[1];
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
if (channel_info == NULL) {
|
|
Packit |
d14fb6 |
return (-3);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
data[0] = channel_info->channel & 0x0F;
|
|
Packit |
d14fb6 |
req.msg.netfn = IPMI_NETFN_APP;
|
|
Packit |
d14fb6 |
req.msg.cmd = IPMI_GET_CHANNEL_INFO;
|
|
Packit |
d14fb6 |
req.msg.data = data;
|
|
Packit |
d14fb6 |
req.msg.data_len = 1;
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
rsp = intf->sendrecv(intf, &req;;
|
|
Packit |
d14fb6 |
if (rsp == NULL) {
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
} else if (rsp->ccode != 0) {
|
|
Packit |
d14fb6 |
return rsp->ccode;
|
|
Packit |
d14fb6 |
} else if (rsp->data_len != 9) {
|
|
Packit |
d14fb6 |
return (-2);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
channel_info->channel = rsp->data[0] & 0x0F;
|
|
Packit |
d14fb6 |
channel_info->medium = rsp->data[1] & 0x7F;
|
|
Packit |
d14fb6 |
channel_info->protocol = rsp->data[2] & 0x1F;
|
|
Packit |
d14fb6 |
channel_info->session_support = rsp->data[3] & 0xC0;
|
|
Packit |
d14fb6 |
channel_info->active_sessions = rsp->data[3] & 0x3F;
|
|
Packit |
d14fb6 |
memcpy(channel_info->vendor_id, &rsp->data[4],
|
|
Packit |
d14fb6 |
sizeof(channel_info->vendor_id));
|
|
Packit |
d14fb6 |
memcpy(channel_info->aux_info, &rsp->data[7],
|
|
Packit |
d14fb6 |
sizeof(channel_info->aux_info));
|
|
Packit |
d14fb6 |
return 0;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/* _ipmi_set_channel_access - Set Channel Access values for given channel.
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* @intf - IPMI interface
|
|
Packit |
d14fb6 |
* @channel_access - channel_access_t with desired values and channel set.
|
|
Packit |
d14fb6 |
* @access_option:
|
|
Packit |
d14fb6 |
* - 0 = don't set/change Channel Access
|
|
Packit |
d14fb6 |
* - 1 = set non-volatile settings of Channel Access
|
|
Packit |
d14fb6 |
* - 2 = set volatile settings of Channel Access
|
|
Packit |
d14fb6 |
* @privilege_option:
|
|
Packit |
d14fb6 |
* - 0 = don't set/change Privilege Level Limit
|
|
Packit |
d14fb6 |
* - 1 = set non-volatile settings of Privilege Limit
|
|
Packit |
d14fb6 |
* - 2 = set volatile settings of Privilege Limit
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* returns - negative number means error, positive is a ccode. See IPMI
|
|
Packit |
d14fb6 |
* specification for further information on ccodes for Set Channel Access.
|
|
Packit |
d14fb6 |
* 0x82 - set not supported on selected channel, eg. session-less channel.
|
|
Packit |
d14fb6 |
* 0x83 - access mode not supported
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
int
|
|
Packit |
d14fb6 |
_ipmi_set_channel_access(struct ipmi_intf *intf,
|
|
Packit |
d14fb6 |
struct channel_access_t channel_access,
|
|
Packit |
d14fb6 |
uint8_t access_option,
|
|
Packit |
d14fb6 |
uint8_t privilege_option)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
struct ipmi_rs *rsp;
|
|
Packit |
d14fb6 |
struct ipmi_rq req;
|
|
Packit |
d14fb6 |
uint8_t data[3];
|
|
Packit |
d14fb6 |
/* Only values from <0..2> are accepted as valid. */
|
|
Packit |
d14fb6 |
if (access_option > 2 || privilege_option > 2) {
|
|
Packit |
d14fb6 |
return (-3);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
memset(&data, 0, sizeof(data));
|
|
Packit |
d14fb6 |
data[0] = channel_access.channel & 0x0F;
|
|
Packit |
d14fb6 |
data[1] = (access_option << 6);
|
|
Packit |
d14fb6 |
if (channel_access.alerting) {
|
|
Packit |
d14fb6 |
data[1] |= 0x20;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
if (channel_access.per_message_auth) {
|
|
Packit |
d14fb6 |
data[1] |= 0x10;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
if (channel_access.user_level_auth) {
|
|
Packit |
d14fb6 |
data[1] |= 0x08;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
data[1] |= (channel_access.access_mode & 0x07);
|
|
Packit |
d14fb6 |
data[2] = (privilege_option << 6);
|
|
Packit |
d14fb6 |
data[2] |= (channel_access.privilege_limit & 0x0F);
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
memset(&req, 0, sizeof(req));
|
|
Packit |
d14fb6 |
req.msg.netfn = IPMI_NETFN_APP;
|
|
Packit |
d14fb6 |
req.msg.cmd = IPMI_SET_CHANNEL_ACCESS;
|
|
Packit |
d14fb6 |
req.msg.data = data;
|
|
Packit |
d14fb6 |
req.msg.data_len = 3;
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
rsp = intf->sendrecv(intf, &req;;
|
|
Packit |
d14fb6 |
if (rsp == NULL) {
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
return rsp->ccode;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
static const char *
|
|
Packit |
d14fb6 |
iana_string(uint32_t iana)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
static char s[10];
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
if (iana) {
|
|
Packit |
d14fb6 |
sprintf(s, "%06x", iana);
|
|
Packit |
d14fb6 |
return s;
|
|
Packit |
d14fb6 |
} else {
|
|
Packit |
d14fb6 |
return "N/A";
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/**
|
|
Packit |
d14fb6 |
* ipmi_1_5_authtypes
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* Create a string describing the supported authentication types as
|
|
Packit |
d14fb6 |
* specificed by the parameter n
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
static const char *
|
|
Packit |
d14fb6 |
ipmi_1_5_authtypes(uint8_t n)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
uint32_t i;
|
|
Packit |
d14fb6 |
static char supportedTypes[128];
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
memset(supportedTypes, 0, sizeof(supportedTypes));
|
|
Packit |
d14fb6 |
for (i = 0; ipmi_authtype_vals[i].val != 0; i++) {
|
|
Packit |
d14fb6 |
if (n & ipmi_authtype_vals[i].val) {
|
|
Packit |
d14fb6 |
strcat(supportedTypes, ipmi_authtype_vals[i].str);
|
|
Packit |
d14fb6 |
strcat(supportedTypes, " ");
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
return supportedTypes;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
uint8_t
|
|
Packit |
d14fb6 |
ipmi_current_channel_medium(struct ipmi_intf *intf)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
return ipmi_get_channel_medium(intf, 0xE);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/**
|
|
Packit |
d14fb6 |
* ipmi_get_channel_auth_cap
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* return 0 on success
|
|
Packit |
d14fb6 |
* -1 on failure
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
int
|
|
Packit |
d14fb6 |
ipmi_get_channel_auth_cap(struct ipmi_intf *intf, uint8_t channel, uint8_t priv)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
struct ipmi_rs *rsp;
|
|
Packit |
d14fb6 |
struct ipmi_rq req;
|
|
Packit |
d14fb6 |
struct get_channel_auth_cap_rsp auth_cap;
|
|
Packit |
d14fb6 |
uint8_t msg_data[2];
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/* Ask for IPMI v2 data as well */
|
|
Packit |
d14fb6 |
msg_data[0] = channel | 0x80;
|
|
Packit |
d14fb6 |
msg_data[1] = priv;
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
memset(&req, 0, sizeof(req));
|
|
Packit |
d14fb6 |
req.msg.netfn = IPMI_NETFN_APP;
|
|
Packit |
d14fb6 |
req.msg.cmd = IPMI_GET_CHANNEL_AUTH_CAP;
|
|
Packit |
d14fb6 |
req.msg.data = msg_data;
|
|
Packit |
d14fb6 |
req.msg.data_len = 2;
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
rsp = intf->sendrecv(intf, &req;;
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
if ((rsp == NULL) || (rsp->ccode > 0)) {
|
|
Packit |
d14fb6 |
/*
|
|
Packit |
d14fb6 |
* It's very possible that this failed because we asked for IPMI v2 data
|
|
Packit |
d14fb6 |
* Ask again, without requesting IPMI v2 data
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
msg_data[0] &= 0x7F;
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
rsp = intf->sendrecv(intf, &req;;
|
|
Packit |
d14fb6 |
if (rsp == NULL) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Unable to Get Channel Authentication Capabilities");
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
if (rsp->ccode > 0) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Get Channel Authentication Capabilities failed: %s",
|
|
Packit |
d14fb6 |
val2str(rsp->ccode, completion_code_vals));
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
memcpy(&auth_cap, rsp->data, sizeof(struct get_channel_auth_cap_rsp));
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
printf("Channel number : %d\n",
|
|
Packit |
d14fb6 |
auth_cap.channel_number);
|
|
Packit |
d14fb6 |
printf("IPMI v1.5 auth types : %s\n",
|
|
Packit |
d14fb6 |
ipmi_1_5_authtypes(auth_cap.enabled_auth_types));
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
if (auth_cap.v20_data_available) {
|
|
Packit |
d14fb6 |
printf("KG status : %s\n",
|
|
Packit |
d14fb6 |
(auth_cap.kg_status) ? "non-zero" : "default (all zeroes)");
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
printf("Per message authentication : %sabled\n",
|
|
Packit |
d14fb6 |
(auth_cap.per_message_auth) ? "dis" : "en");
|
|
Packit |
d14fb6 |
printf("User level authentication : %sabled\n",
|
|
Packit |
d14fb6 |
(auth_cap.user_level_auth) ? "dis" : "en");
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
printf("Non-null user names exist : %s\n",
|
|
Packit |
d14fb6 |
(auth_cap.non_null_usernames) ? "yes" : "no");
|
|
Packit |
d14fb6 |
printf("Null user names exist : %s\n",
|
|
Packit |
d14fb6 |
(auth_cap.null_usernames) ? "yes" : "no");
|
|
Packit |
d14fb6 |
printf("Anonymous login enabled : %s\n",
|
|
Packit |
d14fb6 |
(auth_cap.anon_login_enabled) ? "yes" : "no");
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
if (auth_cap.v20_data_available) {
|
|
Packit |
d14fb6 |
printf("Channel supports IPMI v1.5 : %s\n",
|
|
Packit |
d14fb6 |
(auth_cap.ipmiv15_support) ? "yes" : "no");
|
|
Packit |
d14fb6 |
printf("Channel supports IPMI v2.0 : %s\n",
|
|
Packit |
d14fb6 |
(auth_cap.ipmiv20_support) ? "yes" : "no");
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/*
|
|
Packit |
d14fb6 |
* If there is support for an OEM authentication type, there is some
|
|
Packit |
d14fb6 |
* information.
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
if (auth_cap.enabled_auth_types & IPMI_1_5_AUTH_TYPE_BIT_OEM) {
|
|
Packit |
d14fb6 |
printf("IANA Number for OEM : %d\n",
|
|
Packit |
d14fb6 |
auth_cap.oem_id[0] |
|
|
Packit |
d14fb6 |
auth_cap.oem_id[1] << 8 |
|
|
Packit |
d14fb6 |
auth_cap.oem_id[2] << 16);
|
|
Packit |
d14fb6 |
printf("OEM Auxiliary Data : 0x%x\n",
|
|
Packit |
d14fb6 |
auth_cap.oem_aux_data);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
return 0;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit Service |
3159ee |
static size_t
|
|
Packit Service |
3159ee |
parse_channel_cipher_suite_data(uint8_t *cipher_suite_data, size_t data_len,
|
|
Packit Service |
3159ee |
struct cipher_suite_info* suites, size_t nr_suites)
|
|
Packit Service |
3159ee |
{
|
|
Packit Service |
3159ee |
size_t count = 0;
|
|
Packit Service |
3159ee |
size_t offset = 0;
|
|
Packit Service |
3159ee |
uint32_t iana;
|
|
Packit Service |
3159ee |
uint8_t auth_alg, integrity_alg, crypt_alg;
|
|
Packit Service |
3159ee |
uint8_t cipher_suite_id;
|
|
Packit Service |
3159ee |
|
|
Packit Service |
3159ee |
memset(suites, 0, sizeof(*suites) * nr_suites);
|
|
Packit Service |
3159ee |
|
|
Packit Service |
3159ee |
while (offset < data_len && count < nr_suites) {
|
|
Packit Service |
3159ee |
auth_alg = IPMI_AUTH_RAKP_NONE;
|
|
Packit Service |
3159ee |
integrity_alg = IPMI_INTEGRITY_NONE;
|
|
Packit Service |
3159ee |
crypt_alg = IPMI_CRYPT_NONE;
|
|
Packit Service |
3159ee |
if (cipher_suite_data[offset] == STANDARD_CIPHER_SUITE) {
|
|
Packit Service |
3159ee |
struct std_cipher_suite_record_t *record =
|
|
Packit Service |
3159ee |
(struct std_cipher_suite_record_t*)(&cipher_suite_data[offset]);
|
|
Packit Service |
3159ee |
/* standard type */
|
|
Packit Service |
3159ee |
iana = 0;
|
|
Packit Service |
3159ee |
|
|
Packit Service |
3159ee |
/* Verify that we have at least a full record left; id + 3 algs */
|
|
Packit Service |
3159ee |
if ((data_len - offset) < sizeof(*record)) {
|
|
Packit Service |
3159ee |
lprintf(LOG_INFO, "Incomplete data record in cipher suite data");
|
|
Packit Service |
3159ee |
break;
|
|
Packit Service |
3159ee |
}
|
|
Packit Service |
3159ee |
cipher_suite_id = record->cipher_suite_id;
|
|
Packit Service |
3159ee |
auth_alg = CIPHER_ALG_MASK & record->auth_alg;
|
|
Packit Service |
3159ee |
integrity_alg = CIPHER_ALG_MASK & record->integrity_alg;
|
|
Packit Service |
3159ee |
crypt_alg = CIPHER_ALG_MASK & record->crypt_alg;
|
|
Packit Service |
3159ee |
offset += sizeof(*record);
|
|
Packit Service |
3159ee |
} else if (cipher_suite_data[offset] == OEM_CIPHER_SUITE) {
|
|
Packit Service |
3159ee |
/* OEM record type */
|
|
Packit Service |
3159ee |
struct oem_cipher_suite_record_t *record =
|
|
Packit Service |
3159ee |
(struct oem_cipher_suite_record_t*)(&cipher_suite_data[offset]);
|
|
Packit Service |
3159ee |
/* Verify that we have at least a full record left
|
|
Packit Service |
3159ee |
* id + iana + 3 algs
|
|
Packit Service |
3159ee |
*/
|
|
Packit Service |
3159ee |
if ((data_len - offset) < sizeof(*record)) {
|
|
Packit Service |
3159ee |
lprintf(LOG_INFO, "Incomplete data record in cipher suite data");
|
|
Packit Service |
3159ee |
break;
|
|
Packit Service |
3159ee |
}
|
|
Packit Service |
3159ee |
|
|
Packit Service |
3159ee |
cipher_suite_id = record->cipher_suite_id;
|
|
Packit Service |
3159ee |
|
|
Packit Service |
3159ee |
/* Grab the IANA */
|
|
Packit Service |
3159ee |
iana = ipmi24toh(record->iana);
|
|
Packit Service |
3159ee |
auth_alg = CIPHER_ALG_MASK & record->auth_alg;
|
|
Packit Service |
3159ee |
integrity_alg = CIPHER_ALG_MASK & record->integrity_alg;
|
|
Packit Service |
3159ee |
crypt_alg = CIPHER_ALG_MASK & record->crypt_alg;
|
|
Packit Service |
3159ee |
offset += sizeof(*record);
|
|
Packit Service |
3159ee |
} else {
|
|
Packit Service |
3159ee |
lprintf(LOG_INFO, "Bad start of record byte in cipher suite data (offset %d, value %x)", offset, cipher_suite_data[offset]);
|
|
Packit Service |
3159ee |
break;
|
|
Packit Service |
3159ee |
}
|
|
Packit Service |
3159ee |
suites[count].cipher_suite_id = cipher_suite_id;
|
|
Packit Service |
3159ee |
suites[count].iana = iana;
|
|
Packit Service |
3159ee |
suites[count].auth_alg = auth_alg;
|
|
Packit Service |
3159ee |
suites[count].integrity_alg = integrity_alg;
|
|
Packit Service |
3159ee |
suites[count].crypt_alg = crypt_alg;
|
|
Packit Service |
3159ee |
count++;
|
|
Packit Service |
3159ee |
}
|
|
Packit Service |
3159ee |
return count;
|
|
Packit Service |
3159ee |
}
|
|
Packit Service |
3159ee |
|
|
Packit Service |
3159ee |
int
|
|
Packit |
d14fb6 |
ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type,
|
|
Packit Service |
3159ee |
uint8_t channel, struct cipher_suite_info *suites, size_t *count)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
struct ipmi_rs *rsp;
|
|
Packit |
d14fb6 |
struct ipmi_rq req;
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
uint8_t rqdata[3];
|
|
Packit |
d14fb6 |
uint8_t list_index = 0;
|
|
Packit |
d14fb6 |
/* 0x40 sets * 16 bytes per set */
|
|
Packit Service |
3159ee |
uint8_t cipher_suite_data[MAX_CIPHER_SUITE_RECORD_OFFSET *
|
|
Packit Service |
3159ee |
MAX_CIPHER_SUITE_DATA_LEN];
|
|
Packit Service |
3159ee |
size_t offset = 0;
|
|
Packit Service |
3159ee |
size_t nr_suites = 0;
|
|
Packit |
1b63b3 |
|
|
Packit Service |
3159ee |
if (!suites || !count || !*count)
|
|
Packit Service |
3159ee |
return -1;
|
|
Packit Service |
3159ee |
|
|
Packit Service |
3159ee |
nr_suites = *count;
|
|
Packit Service |
3159ee |
*count = 0;
|
|
Packit |
d14fb6 |
memset(cipher_suite_data, 0, sizeof(cipher_suite_data));
|
|
Packit Service |
3159ee |
|
|
Packit |
d14fb6 |
memset(&req, 0, sizeof(req));
|
|
Packit |
d14fb6 |
req.msg.netfn = IPMI_NETFN_APP;
|
|
Packit |
d14fb6 |
req.msg.cmd = IPMI_GET_CHANNEL_CIPHER_SUITES;
|
|
Packit |
d14fb6 |
req.msg.data = rqdata;
|
|
Packit Service |
3159ee |
req.msg.data_len = sizeof(rqdata);
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
rqdata[0] = channel;
|
|
Packit |
d14fb6 |
rqdata[1] = ((strncmp(payload_type, "ipmi", 4) == 0)? 0: 1);
|
|
Packit |
d14fb6 |
|
|
Packit Service |
3159ee |
do {
|
|
Packit Service |
3159ee |
/* Always ask for cipher suite format */
|
|
Packit Service |
3159ee |
rqdata[2] = LIST_ALGORITHMS_BY_CIPHER_SUITE | list_index;
|
|
Packit |
d14fb6 |
rsp = intf->sendrecv(intf, &req;;
|
|
Packit |
d14fb6 |
if (rsp == NULL) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites");
|
|
Packit |
d14fb6 |
return -1;
|
|
Packit |
d14fb6 |
}
|
|
Packit Service |
3159ee |
if (rsp->ccode || rsp->data_len < 1) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s",
|
|
Packit |
d14fb6 |
val2str(rsp->ccode, completion_code_vals));
|
|
Packit |
d14fb6 |
return -1;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
/*
|
|
Packit |
d14fb6 |
* We got back cipher suite data -- store it.
|
|
Packit |
d14fb6 |
* printf("copying data to offset %d\n", offset);
|
|
Packit |
d14fb6 |
* printbuf(rsp->data + 1, rsp->data_len - 1, "this is the data");
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
memcpy(cipher_suite_data + offset, rsp->data + 1, rsp->data_len - 1);
|
|
Packit |
d14fb6 |
offset += rsp->data_len - 1;
|
|
Packit |
d14fb6 |
|
|
Packit Service |
3159ee |
/*
|
|
Packit Service |
3159ee |
* Increment our list for the next call
|
|
Packit Service |
3159ee |
*/
|
|
Packit Service |
3159ee |
++list_index;
|
|
Packit Service |
3159ee |
} while ((rsp->data_len == (sizeof(uint8_t) + MAX_CIPHER_SUITE_DATA_LEN)) &&
|
|
Packit Service |
3159ee |
(list_index < MAX_CIPHER_SUITE_RECORD_OFFSET));
|
|
Packit |
d14fb6 |
|
|
Packit Service |
3159ee |
*count = parse_channel_cipher_suite_data(cipher_suite_data, offset, suites,
|
|
Packit Service |
3159ee |
nr_suites);
|
|
Packit Service |
3159ee |
return 0;
|
|
Packit Service |
3159ee |
}
|
|
Packit |
d14fb6 |
|
|
Packit Service |
3159ee |
static int
|
|
Packit Service |
3159ee |
ipmi_print_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type,
|
|
Packit Service |
3159ee |
uint8_t channel)
|
|
Packit Service |
3159ee |
{
|
|
Packit Service |
3159ee |
int rc;
|
|
Packit Service |
3159ee |
size_t i = 0;
|
|
Packit Service |
3159ee |
struct cipher_suite_info suites[MAX_CIPHER_SUITE_COUNT];
|
|
Packit Service |
3159ee |
size_t nr_suites = sizeof(*suites);
|
|
Packit |
d14fb6 |
|
|
Packit Service |
3159ee |
rc = ipmi_get_channel_cipher_suites(intf, payload_type, channel,
|
|
Packit Service |
3159ee |
suites, &nr_suites);
|
|
Packit |
d14fb6 |
|
|
Packit Service |
3159ee |
if (rc < 0)
|
|
Packit Service |
3159ee |
return rc;
|
|
Packit |
d14fb6 |
|
|
Packit Service |
3159ee |
if (! csv_output) {
|
|
Packit Service |
3159ee |
printf("ID IANA Auth Alg Integrity Alg Confidentiality Alg\n");
|
|
Packit Service |
3159ee |
}
|
|
Packit Service |
3159ee |
for (i = 0; i < nr_suites; i++) {
|
|
Packit |
d14fb6 |
/* We have everything we need to spit out a cipher suite record */
|
|
Packit |
d14fb6 |
printf((csv_output? "%d,%s,%s,%s,%s\n" :
|
|
Packit |
d14fb6 |
"%-4d %-7s %-15s %-15s %-15s\n"),
|
|
Packit Service |
3159ee |
suites[i].cipher_suite_id,
|
|
Packit Service |
3159ee |
iana_string(suites[i].iana),
|
|
Packit Service |
3159ee |
val2str(suites[i].auth_alg, ipmi_auth_algorithms),
|
|
Packit Service |
3159ee |
val2str(suites[i].integrity_alg, ipmi_integrity_algorithms),
|
|
Packit Service |
3159ee |
val2str(suites[i].crypt_alg, ipmi_encryption_algorithms));
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
return 0;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/**
|
|
Packit |
d14fb6 |
* ipmi_get_channel_info
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* returns 0 on success
|
|
Packit |
d14fb6 |
* -1 on failure
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
int
|
|
Packit |
d14fb6 |
ipmi_get_channel_info(struct ipmi_intf *intf, uint8_t channel)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
struct channel_info_t channel_info = {0};
|
|
Packit |
d14fb6 |
struct channel_access_t channel_access = {0};
|
|
Packit |
d14fb6 |
int ccode = 0;
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
channel_info.channel = channel;
|
|
Packit |
d14fb6 |
ccode = _ipmi_get_channel_info(intf, &channel_info);
|
|
Packit |
d14fb6 |
if (eval_ccode(ccode) != 0) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Unable to Get Channel Info");
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
printf("Channel 0x%x info:\n", channel_info.channel);
|
|
Packit |
d14fb6 |
printf(" Channel Medium Type : %s\n",
|
|
Packit |
d14fb6 |
val2str(channel_info.medium,
|
|
Packit |
d14fb6 |
ipmi_channel_medium_vals));
|
|
Packit |
d14fb6 |
printf(" Channel Protocol Type : %s\n",
|
|
Packit |
d14fb6 |
val2str(channel_info.protocol,
|
|
Packit |
d14fb6 |
ipmi_channel_protocol_vals));
|
|
Packit |
d14fb6 |
printf(" Session Support : ");
|
|
Packit |
d14fb6 |
switch (channel_info.session_support) {
|
|
Packit |
d14fb6 |
case IPMI_CHANNEL_SESSION_LESS:
|
|
Packit |
d14fb6 |
printf("session-less\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
case IPMI_CHANNEL_SESSION_SINGLE:
|
|
Packit |
d14fb6 |
printf("single-session\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
case IPMI_CHANNEL_SESSION_MULTI:
|
|
Packit |
d14fb6 |
printf("multi-session\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
case IPMI_CHANNEL_SESSION_BASED:
|
|
Packit |
d14fb6 |
printf("session-based\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
default:
|
|
Packit |
d14fb6 |
printf("unknown\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
printf(" Active Session Count : %d\n",
|
|
Packit |
d14fb6 |
channel_info.active_sessions);
|
|
Packit |
d14fb6 |
printf(" Protocol Vendor ID : %d\n",
|
|
Packit |
d14fb6 |
channel_info.vendor_id[0] |
|
|
Packit |
d14fb6 |
channel_info.vendor_id[1] << 8 |
|
|
Packit |
d14fb6 |
channel_info.vendor_id[2] << 16);
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/* only proceed if this is LAN channel */
|
|
Packit |
d14fb6 |
if (channel_info.medium != IPMI_CHANNEL_MEDIUM_LAN
|
|
Packit |
d14fb6 |
&& channel_info.medium != IPMI_CHANNEL_MEDIUM_LAN_OTHER) {
|
|
Packit |
d14fb6 |
return 0;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
channel_access.channel = channel_info.channel;
|
|
Packit |
d14fb6 |
ccode = _ipmi_get_channel_access(intf, &channel_access, 1);
|
|
Packit |
d14fb6 |
if (eval_ccode(ccode) != 0) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Unable to Get Channel Access (volatile)");
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
printf(" Volatile(active) Settings\n");
|
|
Packit |
d14fb6 |
printf(" Alerting : %sabled\n",
|
|
Packit |
d14fb6 |
(channel_access.alerting) ? "dis" : "en");
|
|
Packit |
d14fb6 |
printf(" Per-message Auth : %sabled\n",
|
|
Packit |
d14fb6 |
(channel_access.per_message_auth) ? "dis" : "en");
|
|
Packit |
d14fb6 |
printf(" User Level Auth : %sabled\n",
|
|
Packit |
d14fb6 |
(channel_access.user_level_auth) ? "dis" : "en");
|
|
Packit |
d14fb6 |
printf(" Access Mode : ");
|
|
Packit |
d14fb6 |
switch (channel_access.access_mode) {
|
|
Packit |
d14fb6 |
case 0:
|
|
Packit |
d14fb6 |
printf("disabled\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
case 1:
|
|
Packit |
d14fb6 |
printf("pre-boot only\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
case 2:
|
|
Packit |
d14fb6 |
printf("always available\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
case 3:
|
|
Packit |
d14fb6 |
printf("shared\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
default:
|
|
Packit |
d14fb6 |
printf("unknown\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
memset(&channel_access, 0, sizeof(channel_access));
|
|
Packit |
d14fb6 |
channel_access.channel = channel_info.channel;
|
|
Packit |
d14fb6 |
/* get non-volatile settings */
|
|
Packit |
d14fb6 |
ccode = _ipmi_get_channel_access(intf, &channel_access, 0);
|
|
Packit |
d14fb6 |
if (eval_ccode(ccode) != 0) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Unable to Get Channel Access (non-volatile)");
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
printf(" Non-Volatile Settings\n");
|
|
Packit |
d14fb6 |
printf(" Alerting : %sabled\n",
|
|
Packit |
d14fb6 |
(channel_access.alerting) ? "dis" : "en");
|
|
Packit |
d14fb6 |
printf(" Per-message Auth : %sabled\n",
|
|
Packit |
d14fb6 |
(channel_access.per_message_auth) ? "dis" : "en");
|
|
Packit |
d14fb6 |
printf(" User Level Auth : %sabled\n",
|
|
Packit |
d14fb6 |
(channel_access.user_level_auth) ? "dis" : "en");
|
|
Packit |
d14fb6 |
printf(" Access Mode : ");
|
|
Packit |
d14fb6 |
switch (channel_access.access_mode) {
|
|
Packit |
d14fb6 |
case 0:
|
|
Packit |
d14fb6 |
printf("disabled\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
case 1:
|
|
Packit |
d14fb6 |
printf("pre-boot only\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
case 2:
|
|
Packit |
d14fb6 |
printf("always available\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
case 3:
|
|
Packit |
d14fb6 |
printf("shared\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
default:
|
|
Packit |
d14fb6 |
printf("unknown\n");
|
|
Packit |
d14fb6 |
break;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
return 0;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/* ipmi_get_channel_medium - Return Medium of given IPMI Channel.
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* @channel - IPMI Channel
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* returns - IPMI Channel Medium, IPMI_CHANNEL_MEDIUM_RESERVED if ccode > 0,
|
|
Packit |
d14fb6 |
* 0 on error.
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
uint8_t
|
|
Packit |
d14fb6 |
ipmi_get_channel_medium(struct ipmi_intf *intf, uint8_t channel)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
struct channel_info_t channel_info = {0};
|
|
Packit |
d14fb6 |
int ccode = 0;
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
channel_info.channel = channel;
|
|
Packit |
d14fb6 |
ccode = _ipmi_get_channel_info(intf, &channel_info);
|
|
Packit |
d14fb6 |
if (ccode == 0xCC) {
|
|
Packit |
d14fb6 |
return IPMI_CHANNEL_MEDIUM_RESERVED;
|
|
Packit |
d14fb6 |
} else if (ccode < 0 && eval_ccode(ccode) != 0) {
|
|
Packit |
d14fb6 |
return 0;
|
|
Packit |
d14fb6 |
} else if (ccode > 0) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Get Channel Info command failed: %s",
|
|
Packit |
d14fb6 |
val2str(ccode, completion_code_vals));
|
|
Packit |
d14fb6 |
return IPMI_CHANNEL_MEDIUM_RESERVED;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
lprintf(LOG_DEBUG, "Channel type: %s",
|
|
Packit |
d14fb6 |
val2str(channel_info.medium, ipmi_channel_medium_vals));
|
|
Packit |
d14fb6 |
return channel_info.medium;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/* ipmi_get_user_access - Get User Access for given Channel and User or Users.
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* @intf - IPMI interface
|
|
Packit |
d14fb6 |
* @channel - IPMI Channel we're getting access for
|
|
Packit |
d14fb6 |
* @user_id - User ID. If 0 is passed, all IPMI users will be listed
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* returns - 0 on success, (-1) on error
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
static int
|
|
Packit |
d14fb6 |
ipmi_get_user_access(struct ipmi_intf *intf, uint8_t channel, uint8_t user_id)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
struct user_access_t user_access;
|
|
Packit |
d14fb6 |
struct user_name_t user_name;
|
|
Packit |
d14fb6 |
int ccode = 0;
|
|
Packit |
d14fb6 |
int curr_uid;
|
|
Packit |
d14fb6 |
int init = 1;
|
|
Packit |
d14fb6 |
int max_uid = 0;
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
curr_uid = user_id ? user_id : 1;
|
|
Packit |
d14fb6 |
do {
|
|
Packit |
d14fb6 |
memset(&user_access, 0, sizeof(user_access));
|
|
Packit |
d14fb6 |
user_access.channel = channel;
|
|
Packit |
d14fb6 |
user_access.user_id = curr_uid;
|
|
Packit |
d14fb6 |
ccode = _ipmi_get_user_access(intf, &user_access);
|
|
Packit |
d14fb6 |
if (eval_ccode(ccode) != 0) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR,
|
|
Packit |
d14fb6 |
"Unable to Get User Access (channel %d id %d)",
|
|
Packit |
d14fb6 |
channel, curr_uid);
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
memset(&user_name, 0, sizeof(user_name));
|
|
Packit |
d14fb6 |
user_name.user_id = curr_uid;
|
|
Packit |
d14fb6 |
ccode = _ipmi_get_user_name(intf, &user_name);
|
|
Packit |
d14fb6 |
if (ccode == 0xCC) {
|
|
Packit |
d14fb6 |
user_name.user_id = curr_uid;
|
|
Packit |
d14fb6 |
memset(&user_name.user_name, '\0', 17);
|
|
Packit |
d14fb6 |
} else if (eval_ccode(ccode) != 0) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Unable to Get User Name (id %d)", curr_uid);
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
if (init) {
|
|
Packit |
d14fb6 |
printf("Maximum User IDs : %d\n", user_access.max_user_ids);
|
|
Packit |
d14fb6 |
printf("Enabled User IDs : %d\n", user_access.enabled_user_ids);
|
|
Packit |
d14fb6 |
max_uid = user_access.max_user_ids;
|
|
Packit |
d14fb6 |
init = 0;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
printf("\n");
|
|
Packit |
d14fb6 |
printf("User ID : %d\n", curr_uid);
|
|
Packit |
d14fb6 |
printf("User Name : %s\n", user_name.user_name);
|
|
Packit |
d14fb6 |
printf("Fixed Name : %s\n",
|
|
Packit |
d14fb6 |
(curr_uid <= user_access.fixed_user_ids) ? "Yes" : "No");
|
|
Packit |
d14fb6 |
printf("Access Available : %s\n",
|
|
Packit |
d14fb6 |
(user_access.callin_callback) ? "callback" : "call-in / callback");
|
|
Packit |
d14fb6 |
printf("Link Authentication : %sabled\n",
|
|
Packit |
d14fb6 |
(user_access.link_auth) ? "en" : "dis");
|
|
Packit |
d14fb6 |
printf("IPMI Messaging : %sabled\n",
|
|
Packit |
d14fb6 |
(user_access.ipmi_messaging) ? "en" : "dis");
|
|
Packit |
d14fb6 |
printf("Privilege Level : %s\n",
|
|
Packit |
d14fb6 |
val2str(user_access.privilege_limit, ipmi_privlvl_vals));
|
|
Packit |
d14fb6 |
printf("Enable Status : %s\n",
|
|
Packit |
d14fb6 |
val2str(user_access.enable_status, ipmi_user_enable_status_vals));
|
|
Packit |
d14fb6 |
curr_uid ++;
|
|
Packit |
d14fb6 |
} while (!user_id && curr_uid <= max_uid);
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
return 0;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/* ipmi_set_user_access - Query BMC for current Channel ACLs, parse CLI args
|
|
Packit |
d14fb6 |
* and update current ACLs.
|
|
Packit |
d14fb6 |
*
|
|
Packit |
d14fb6 |
* returns - 0 on success, (-1) on error
|
|
Packit |
d14fb6 |
*/
|
|
Packit |
d14fb6 |
int
|
|
Packit |
d14fb6 |
ipmi_set_user_access(struct ipmi_intf *intf, int argc, char **argv)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
struct user_access_t user_access = {0};
|
|
Packit |
d14fb6 |
int ccode = 0;
|
|
Packit |
d14fb6 |
int i = 0;
|
|
Packit |
d14fb6 |
uint8_t channel = 0;
|
|
Packit |
d14fb6 |
uint8_t priv = 0;
|
|
Packit |
d14fb6 |
uint8_t user_id = 0;
|
|
Packit |
d14fb6 |
if (argc > 0 && strncmp(argv[0], "help", 4) == 0) {
|
|
Packit |
d14fb6 |
printf_channel_usage();
|
|
Packit |
d14fb6 |
return 0;
|
|
Packit |
d14fb6 |
} else if (argc < 3) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Not enough parameters given.");
|
|
Packit |
d14fb6 |
printf_channel_usage();
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
if (is_ipmi_channel_num(argv[0], &channel) != 0
|
|
Packit |
d14fb6 |
|| is_ipmi_user_id(argv[1], &user_id) != 0) {
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
user_access.channel = channel;
|
|
Packit |
d14fb6 |
user_access.user_id = user_id;
|
|
Packit |
d14fb6 |
ccode = _ipmi_get_user_access(intf, &user_access);
|
|
Packit |
d14fb6 |
if (eval_ccode(ccode) != 0) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR,
|
|
Packit |
d14fb6 |
"Unable to Get User Access (channel %d id %d)",
|
|
Packit |
d14fb6 |
channel, user_id);
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
for (i = 2; i < argc; i ++) {
|
|
Packit |
d14fb6 |
if (strncmp(argv[i], "callin=", 7) == 0) {
|
|
Packit |
d14fb6 |
if (strncmp(argv[i] + 7, "off", 3) == 0) {
|
|
Packit |
d14fb6 |
user_access.callin_callback = 1;
|
|
Packit |
d14fb6 |
} else {
|
|
Packit |
d14fb6 |
user_access.callin_callback = 0;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
} else if (strncmp(argv[i], "link=", 5) == 0) {
|
|
Packit |
d14fb6 |
if (strncmp(argv[i] + 5, "off", 3) == 0) {
|
|
Packit |
d14fb6 |
user_access.link_auth = 0;
|
|
Packit |
d14fb6 |
} else {
|
|
Packit |
d14fb6 |
user_access.link_auth = 1;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
} else if (strncmp(argv[i], "ipmi=", 5) == 0) {
|
|
Packit |
d14fb6 |
if (strncmp(argv[i] + 5, "off", 3) == 0) {
|
|
Packit |
d14fb6 |
user_access.ipmi_messaging = 0;
|
|
Packit |
d14fb6 |
} else {
|
|
Packit |
d14fb6 |
user_access.ipmi_messaging = 1;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
} else if (strncmp(argv[i], "privilege=", 10) == 0) {
|
|
Packit |
d14fb6 |
if (str2uchar(argv[i] + 10, &priv) != 0) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR,
|
|
Packit |
d14fb6 |
"Numeric value expected, but '%s' given.",
|
|
Packit |
d14fb6 |
argv[i] + 10);
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
user_access.privilege_limit = priv;
|
|
Packit |
d14fb6 |
} else {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Invalid option: %s\n", argv[i]);
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
ccode = _ipmi_set_user_access(intf, &user_access, 0);
|
|
Packit |
d14fb6 |
if (eval_ccode(ccode) != 0) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR,
|
|
Packit |
d14fb6 |
"Unable to Set User Access (channel %d id %d)",
|
|
Packit |
d14fb6 |
channel, user_id);
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
printf("Set User Access (channel %d id %d) successful.\n",
|
|
Packit |
d14fb6 |
channel, user_id);
|
|
Packit |
d14fb6 |
return 0;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit Service |
0168fc |
int
|
|
Packit Service |
0168fc |
ipmi_set_channel_security_keys (struct ipmi_intf *intf, uint8_t channel, const char *method, const char *key)
|
|
Packit Service |
0168fc |
{
|
|
Packit Service |
0168fc |
uint8_t kgkey[IPMI_KG_BUFFER_SIZE];
|
|
Packit Service |
0168fc |
struct ipmi_rs *rsp;
|
|
Packit Service |
0168fc |
struct ipmi_rq req;
|
|
Packit Service |
0168fc |
struct set_channel_security_keys_req req_data;
|
|
Packit Service |
0168fc |
int rc = -1;
|
|
Packit Service |
0168fc |
|
|
Packit Service |
0168fc |
/* convert provided key to array of bytes */
|
|
Packit Service |
0168fc |
if (strcmp(method, "hex") == 0) {
|
|
Packit Service |
0168fc |
if (strlen(key) > (IPMI_KG_BUFFER_SIZE-1)*2) {
|
|
Packit Service |
0168fc |
lprintf(LOG_ERR, "Provided key is too long, max. length is %d bytes", (IPMI_KG_BUFFER_SIZE-1));
|
|
Packit Service |
0168fc |
printf_channel_usage();
|
|
Packit Service |
0168fc |
return -1;
|
|
Packit Service |
0168fc |
}
|
|
Packit Service |
0168fc |
|
|
Packit Service |
0168fc |
rc = ipmi_parse_hex(key, kgkey, sizeof(kgkey)-1);
|
|
Packit Service |
0168fc |
if (rc == -1) {
|
|
Packit Service |
0168fc |
lprintf(LOG_ERR, "Number of Kg key characters is not even");
|
|
Packit Service |
0168fc |
return rc;
|
|
Packit Service |
0168fc |
} else if (rc == -3) {
|
|
Packit Service |
0168fc |
lprintf(LOG_ERR, "Kg key is not hexadecimal number");
|
|
Packit Service |
0168fc |
return rc;
|
|
Packit Service |
0168fc |
} else if (rc > (IPMI_KG_BUFFER_SIZE-1)) {
|
|
Packit Service |
0168fc |
lprintf(LOG_ERR, "Kg key is too long");
|
|
Packit Service |
0168fc |
return rc;
|
|
Packit Service |
0168fc |
}
|
|
Packit Service |
0168fc |
|
|
Packit Service |
0168fc |
} else if (strcmp(method, "plain") == 0) {
|
|
Packit Service |
0168fc |
if (strlen(key) > IPMI_KG_BUFFER_SIZE-1) {
|
|
Packit Service |
0168fc |
lprintf(LOG_ERR, "Provided key is too long, max. length is %d bytes", (IPMI_KG_BUFFER_SIZE -1));
|
|
Packit Service |
0168fc |
printf_channel_usage();
|
|
Packit Service |
0168fc |
return rc;
|
|
Packit Service |
0168fc |
}
|
|
Packit Service |
0168fc |
|
|
Packit Service |
0168fc |
strncpy(kgkey, key, IPMI_KG_BUFFER_SIZE-1);
|
|
Packit Service |
0168fc |
} else {
|
|
Packit Service |
0168fc |
printf_channel_usage();
|
|
Packit Service |
0168fc |
return rc;
|
|
Packit Service |
0168fc |
}
|
|
Packit Service |
0168fc |
|
|
Packit Service |
0168fc |
/* assemble and send request to set kg key */
|
|
Packit Service |
0168fc |
memset(&req_data, 0, sizeof(req_data));
|
|
Packit Service |
0168fc |
req_data.channel = channel;
|
|
Packit Service |
0168fc |
req_data.operation = IPMI_SET_CHANNEL_SECURITY_KEYS_OP_SET;
|
|
Packit Service |
0168fc |
req_data.key_id = IPMI_KG_KEY_ID;
|
|
Packit Service |
0168fc |
memcpy(req_data.key_value, kgkey, IPMI_KG_BUFFER_SIZE-1);
|
|
Packit Service |
0168fc |
|
|
Packit Service |
0168fc |
memset(&req, 0, sizeof(req));
|
|
Packit Service |
0168fc |
req.msg.netfn = IPMI_NETFN_APP;
|
|
Packit Service |
0168fc |
req.msg.cmd = IPMI_SET_CHANNEL_SECURITY_KEYS;
|
|
Packit Service |
0168fc |
req.msg.data = (uint8_t*) &req_data;
|
|
Packit Service |
0168fc |
req.msg.data_len = sizeof(req_data);
|
|
Packit Service |
0168fc |
|
|
Packit Service |
0168fc |
rsp = intf->sendrecv(intf, &req;;
|
|
Packit Service |
0168fc |
if (rsp == NULL) {
|
|
Packit Service |
0168fc |
lprintf(LOG_ERR, "Set Channel Security Keys command failed");
|
|
Packit Service |
0168fc |
return rc;
|
|
Packit Service |
0168fc |
}
|
|
Packit Service |
0168fc |
if (rsp->ccode > 0) {
|
|
Packit Service |
0168fc |
const char *error = NULL;
|
|
Packit Service |
0168fc |
switch (rsp->ccode) {
|
|
Packit Service |
0168fc |
case 0x80:
|
|
Packit Service |
0168fc |
error = "Key is locked";
|
|
Packit Service |
0168fc |
break;
|
|
Packit Service |
0168fc |
case 0x81:
|
|
Packit Service |
0168fc |
error = "Insufficient key bytes";
|
|
Packit Service |
0168fc |
break;
|
|
Packit Service |
0168fc |
case 0x82:
|
|
Packit Service |
0168fc |
error = "Too many key bytes";
|
|
Packit Service |
0168fc |
break;
|
|
Packit Service |
0168fc |
case 0x83:
|
|
Packit Service |
0168fc |
error = "Key value does not meet criteria for K_g key";
|
|
Packit Service |
0168fc |
break;
|
|
Packit Service |
0168fc |
default:
|
|
Packit Service |
0168fc |
error = val2str(rsp->ccode, completion_code_vals);
|
|
Packit Service |
0168fc |
}
|
|
Packit Service |
0168fc |
lprintf(LOG_ERR, "Error setting security key: %X (%s)", rsp->ccode, error);
|
|
Packit Service |
0168fc |
return rc;
|
|
Packit Service |
0168fc |
}
|
|
Packit Service |
0168fc |
|
|
Packit Service |
0168fc |
lprintf(LOG_NOTICE, "Set Channel Security Keys command succeeded");
|
|
Packit Service |
0168fc |
return 0;
|
|
Packit Service |
0168fc |
}
|
|
Packit Service |
0168fc |
|
|
Packit |
d14fb6 |
int
|
|
Packit |
d14fb6 |
ipmi_channel_main(struct ipmi_intf *intf, int argc, char **argv)
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
int retval = 0;
|
|
Packit |
d14fb6 |
uint8_t channel;
|
|
Packit |
d14fb6 |
uint8_t priv = 0;
|
|
Packit |
d14fb6 |
if (argc < 1) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Not enough parameters given.");
|
|
Packit |
d14fb6 |
printf_channel_usage();
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
} else if (strncmp(argv[0], "help", 4) == 0) {
|
|
Packit |
d14fb6 |
printf_channel_usage();
|
|
Packit |
d14fb6 |
return 0;
|
|
Packit |
d14fb6 |
} else if (strncmp(argv[0], "authcap", 7) == 0) {
|
|
Packit |
d14fb6 |
if (argc != 3) {
|
|
Packit |
d14fb6 |
printf_channel_usage();
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
if (is_ipmi_channel_num(argv[1], &channel) != 0
|
|
Packit |
d14fb6 |
|| is_ipmi_user_priv_limit(argv[2], &priv) != 0) {
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
retval = ipmi_get_channel_auth_cap(intf, channel, priv);
|
|
Packit |
d14fb6 |
} else if (strncmp(argv[0], "getaccess", 10) == 0) {
|
|
Packit |
d14fb6 |
uint8_t user_id = 0;
|
|
Packit |
d14fb6 |
if ((argc < 2) || (argc > 3)) {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Not enough parameters given.");
|
|
Packit |
d14fb6 |
printf_channel_usage();
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
if (is_ipmi_channel_num(argv[1], &channel) != 0) {
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
if (argc == 3) {
|
|
Packit |
d14fb6 |
if (is_ipmi_user_id(argv[2], &user_id) != 0) {
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
retval = ipmi_get_user_access(intf, channel, user_id);
|
|
Packit |
d14fb6 |
} else if (strncmp(argv[0], "setaccess", 9) == 0) {
|
|
Packit |
d14fb6 |
return ipmi_set_user_access(intf, (argc - 1), &(argv[1]));
|
|
Packit |
d14fb6 |
} else if (strncmp(argv[0], "info", 4) == 0) {
|
|
Packit |
d14fb6 |
channel = 0xE;
|
|
Packit |
d14fb6 |
if (argc > 2) {
|
|
Packit |
d14fb6 |
printf_channel_usage();
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
if (argc == 2) {
|
|
Packit |
d14fb6 |
if (is_ipmi_channel_num(argv[1], &channel) != 0) {
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
retval = ipmi_get_channel_info(intf, channel);
|
|
Packit |
d14fb6 |
} else if (strncmp(argv[0], "getciphers", 10) == 0) {
|
|
Packit |
d14fb6 |
/* channel getciphers <ipmi|sol> [channel] */
|
|
Packit |
d14fb6 |
channel = 0xE;
|
|
Packit |
d14fb6 |
if ((argc < 2) || (argc > 3) ||
|
|
Packit |
d14fb6 |
(strncmp(argv[1], "ipmi", 4) && strncmp(argv[1], "sol", 3))) {
|
|
Packit |
d14fb6 |
printf_channel_usage();
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
if (argc == 3) {
|
|
Packit |
d14fb6 |
if (is_ipmi_channel_num(argv[2], &channel) != 0) {
|
|
Packit |
d14fb6 |
return (-1);
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
}
|
|
Packit Service |
3159ee |
retval = ipmi_print_channel_cipher_suites(intf,
|
|
Packit |
d14fb6 |
argv[1], /* ipmi | sol */
|
|
Packit |
d14fb6 |
channel);
|
|
Packit Service |
0168fc |
} else if (strncmp(argv[0], "setkg", 5) == 0) {
|
|
Packit Service |
0168fc |
if (argc < 3 || argc > 4)
|
|
Packit Service |
0168fc |
printf_channel_usage();
|
|
Packit Service |
0168fc |
else {
|
|
Packit Service |
0168fc |
uint8_t ch = 0xe;
|
|
Packit Service |
0168fc |
char *method = argv[1];
|
|
Packit Service |
0168fc |
char *key = argv[2];
|
|
Packit Service |
0168fc |
if (argc == 4) {
|
|
Packit Service |
0168fc |
ch = (uint8_t)strtol(argv[3], NULL, 0);
|
|
Packit Service |
0168fc |
}
|
|
Packit Service |
0168fc |
|
|
Packit Service |
0168fc |
retval = ipmi_set_channel_security_keys(intf, ch, method, key);
|
|
Packit Service |
0168fc |
}
|
|
Packit |
d14fb6 |
} else {
|
|
Packit |
d14fb6 |
lprintf(LOG_ERR, "Invalid CHANNEL command: %s\n", argv[0]);
|
|
Packit |
d14fb6 |
printf_channel_usage();
|
|
Packit |
d14fb6 |
retval = -1;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
return retval;
|
|
Packit |
d14fb6 |
}
|
|
Packit |
d14fb6 |
|
|
Packit |
d14fb6 |
/* printf_channel_usage - print-out help. */
|
|
Packit |
d14fb6 |
void
|
|
Packit |
d14fb6 |
printf_channel_usage()
|
|
Packit |
d14fb6 |
{
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
"Channel Commands: authcap <channel number> <max privilege>");
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
" getaccess <channel number> [user id]");
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
" setaccess <channel number> "
|
|
Packit |
d14fb6 |
"<user id> [callin=on|off] [ipmi=on|off] [link=on|off] [privilege=level]");
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
" info [channel number]");
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
" getciphers <ipmi | sol> [channel]");
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
"");
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit Service |
0168fc |
" setkg hex|plain <key> [channel]");
|
|
Packit Service |
0168fc |
lprintf(LOG_NOTICE,
|
|
Packit Service |
0168fc |
"");
|
|
Packit Service |
0168fc |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
"Possible privilege levels are:");
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
" 1 Callback level");
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
" 2 User level");
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
" 3 Operator level");
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
" 4 Administrator level");
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
" 5 OEM Proprietary level");
|
|
Packit |
d14fb6 |
lprintf(LOG_NOTICE,
|
|
Packit |
d14fb6 |
" 15 No access");
|
|
Packit |
d14fb6 |
}
|