Added a subcommand for testing password (as well as password length per v.2).

Also re-tabified.
2025-05-11 19:17:22 +00:00 · 2004-10-01 15:24:45 +00:00 · 2004-10-01 15:24:45 +00:00 · ac931daa86
commit ac931daa86
parent 3d4acbd829
1 changed files with 254 additions and 146 deletions
--- a/ipmitool/lib/ipmi_user.c
+++ b/ipmitool/lib/ipmi_user.c
@ -239,9 +239,12 @@ ipmi_print_user_list(
 		    strcmp("", user_name))
 		{
 			if (csv_output)
-				dump_user_access_csv(current_user_id, user_name, &user_access);
+				dump_user_access_csv(current_user_id,
+						     user_name, &user_access);
 			else
-				dump_user_access(current_user_id, user_name, &user_access);
+				dump_user_access(current_user_id,
+						 user_name,
+						 &user_access);
 		}


@ -342,27 +345,38 @@ ipmi_user_set_password(
 		       struct ipmi_intf * intf,	   
 		       unsigned char	  user_id,
 		       unsigned char	  operation,
-					   const char       * password)
+		       const char	* password,
+		       int                is_twenty_byte_password)
 {
 	struct ipmi_rs	     * rsp;
 	struct ipmi_rq	       req;
-	unsigned char              msg_data[18];
+	char	             * msg_data;
+	int                    ret = 0;
+
+	int password_length = (is_twenty_byte_password? 20 : 16);
+
+	msg_data = (char*)malloc(password_length + 2);
+

 	memset(&req, 0, sizeof(req));
 	req.msg.netfn    = IPMI_NETFN_APP;	    /* 0x06 */
 	req.msg.cmd	 = IPMI_SET_USER_PASSWORD;  /* 0x47 */
 	req.msg.data     = msg_data;
-	req.msg.data_len = 18;
+	req.msg.data_len = password_length + 2;


 	/* The channel number will remain constant throughout this function */
 	msg_data[0] = user_id;
+	
+	if (is_twenty_byte_password)
+		msg_data[0] |= 0x80;
+	
 	msg_data[1] = operation;

-	memset(msg_data + 2, 0, 16);
+	memset(msg_data + 2, 0, password_length);

 	if (password)
-		strcpy(msg_data + 2, password);
+		strncpy(msg_data + 2, password, password_length);

 	rsp = intf->sendrecv(intf, &req);

@ -370,11 +384,45 @@ ipmi_user_set_password(
 	{
 		printf("Error:%x Set User Password Command\n",
 		       rsp ? rsp->ccode : 0);
-		return -1;
+		ret = (rsp? rsp->ccode : -1);
 	}


-	return 0;
+	return ret;
+}
+
+
+
+/*
+ * ipmi_user_test_password
+ *
+ * Call ipmi_user_set_password, and interpret the result
+ */
+static int
+ipmi_user_test_password(
+			struct ipmi_intf * intf,
+			unsigned char      user_id,
+			const char       * password,
+			int                is_twenty_byte_password)
+{
+	int ret;
+
+	ret = ipmi_user_set_password(intf,
+				     user_id,
+				     IPMI_PASSWORD_TEST_PASSWORD,
+				     password,
+				     is_twenty_byte_password);
+
+	if (! ret)
+		printf("Success\n");
+	else if (ret == 0x80)
+		printf("Failure: password incorrect\n");
+ 	else if (ret == 0x81)
+		printf("Failure: wrong password size\n");
+	else
+		printf("Unknown error\n");
+
+	return (ret ? -1 : 0);
 }

 	
@ -392,24 +440,12 @@ print_user_usage()
 	printf("		   set password <user id> [<password>]\n");
 	printf("		   disable	<user id> [<channel number>]\n");
 	printf("		   enable	<user id> [<channel number>]\n");
-
+	printf("		   test		<user id> <16|20> [<password]>\n");
 	printf("\n");
 }



-/*
- *
- */
-void
-print_user_set_usage()
-{
-	printf("\nUser set parameters and values: \n\n");
-	printf("  name      <character string (max 16 chars)>\n");
-	printf("  password  <password  string (max 16 chars)>\n");
-	printf("\n");
-}
-

 const char *
 ipmi_user_build_password_prompt(unsigned char user_id)
@ -479,6 +515,67 @@ ipmi_user_main(struct ipmi_intf * intf, int argc, char ** argv)
 	}


+
+	/*
+	 * Test
+	 */
+	else if (!strncmp(argv[0], "test", 4))
+	{
+		// a little fucking irritating, isn't it
+		if ((argc == 3 || argc == 4)  &&
+		    ((!strncmp(argv[2], "16", 2)) ||
+		     (!strncmp(argv[2], "20", 2))))
+		{
+			char * password = NULL;
+			int password_length = atoi(argv[2]);
+			unsigned char user_id = (unsigned char)strtol(argv[1],
+								      NULL,
+								      0);
+			if (! user_id)
+			{
+				printf("Error. Invalid user ID: %d\n", user_id);
+				return -1;
+			}
+
+
+			if (argc == 3)
+			{
+				/* We need to prompt for a password */
+
+				char * tmp;
+				const char * password_prompt =
+					ipmi_user_build_password_prompt(user_id);
+				
+#ifdef HAVE_GETPASSPHRASE
+				if ((tmp = getpassphrase (password_prompt)))
+#else
+				if ((tmp = (char*)getpass(password_prompt)))
+#endif
+				{
+					password = strdup(tmp);
+					
+				}
+				
+			}
+			else
+				password = argv[3];
+
+			
+			retval = ipmi_user_test_password(intf,
+							 user_id,
+							 password,
+							 password_length == 20);
+
+
+		}
+		else
+		{
+			print_user_usage();
+			return -1;
+		}
+	}
+
+	
 	/*
 	 * Set
 	 */
@ -531,12 +628,21 @@ ipmi_user_main(struct ipmi_intf * intf, int argc, char ** argv)
 						}
 				}
 			}
+			else
+				password = argv[3];
+
+			if (strlen(password) > 20)
+			{
+				printf("Error.  Password is too long (> 20 bytes).\n");
+				return -1;
+			}
 			

 			retval = ipmi_user_set_password(intf,
 							user_id,
 							IPMI_PASSWORD_SET_PASSWORD,
-											argc == 4? argv[3]: password);
+							password,
+							strlen(password) > 16);
 		}
 		

@ -548,7 +654,7 @@ ipmi_user_main(struct ipmi_intf * intf, int argc, char ** argv)
 		{
 			if (argc != 4)
 			{
-				print_user_set_usage();
+				print_user_usage();
 				return -1;
 			}

@ -560,7 +666,7 @@ ipmi_user_main(struct ipmi_intf * intf, int argc, char ** argv)
 		}
 		else
 		{
-			print_user_set_usage();
+			print_user_usage();
 			return -1;
 		}
 	}
@ -600,10 +706,12 @@ ipmi_user_main(struct ipmi_intf * intf, int argc, char ** argv)
 		retval = ipmi_user_set_password(intf,
 						user_id,
 						operation,
-										null_password);
+						null_password,
+						0); /* This field is ignored */
 	}
 	

+    
 	else
 	{
 		print_user_usage();