Allow setting of RMCP+ messaging cipher suite privilege levels

2025-05-11 02:57:22 +00:00 · 2005-03-08 20:11:48 +00:00 · 2005-03-08 20:11:48 +00:00 · e2cd941c34
commit e2cd941c34
parent ca85cb4688
1 changed files with 109 additions and 1 deletions
--- a/ipmitool/lib/ipmi_lanp.c
+++ b/ipmitool/lib/ipmi_lanp.c
@ -930,6 +930,85 @@ get_cmdline_macaddr(char * arg, uint8_t * buf)
 	return 0;
 }
 static int
 get_cmdline_cipher_suite_priv_data(char * arg, uint8_t * buf)
 {
 	int i, ret = 0;
 	if (strlen(arg) != 15)
 	{
 		lprintf(LOG_ERR, "Invalid privilege specification length: %d",
 			strlen(arg));
 		return -1;
 	}
 	/*
 	 * The first byte is reservered (0).  The resst of the buffer is setup
 	 * so that each nibble holds the maximum privilege level available for
 	 * that cipher suite number.  The number of nibbles (15) matches the number
 	 * of fixed cipher suite IDs.  This command documentation mentions 16 IDs
 	 * but table 22-19 shows that there are only 15 (0-14).
 	 *
 	 * data 1 - reserved
 	 * data 2 - maximum priv level for first (LSN) and second (MSN) ciphers
 	 * data 3 - maximum priv level for third (LSN) and fourth (MSN) ciphers
 	 * data 9 - maximum priv level for 15th (LSN) cipher.
 	 */
 	bzero(buf, 9);
 	for (i = 0; i < 15; ++i)
 	{
 		unsigned char priv_level;
 		switch (arg[i])
 		{
 		case 'X':
 			priv_level = IPMI_SESSION_PRIV_UNSPECIFIED; /* 0 */
 			break;
 		case 'c':
 			priv_level = IPMI_SESSION_PRIV_CALLBACK;    /* 1 */
 			break;
 		case 'u':
 			priv_level = IPMI_SESSION_PRIV_USER;        /* 2 */
 			break;
 		case 'o':
 			priv_level = IPMI_SESSION_PRIV_OPERATOR;    /* 3 */
 			break;
 		case 'a':
 			priv_level = IPMI_SESSION_PRIV_ADMIN;       /* 4 */
 			break;
 		case 'O':
 			priv_level = IPMI_SESSION_PRIV_OEM;         /* 5 */
 			break;
 		default:
 			lprintf(LOG_ERR, "Invalid privilege specification char: %c",
 				arg[i]);
 			ret = -1;
 			break;
 		}
 		if (ret != 0)
 			break;
 		else
 		{
 			if ((i + 1) % 2)
 			{
 				// Odd number cipher suites will be in the LSN
 				buf[1 + (i / 2)] += priv_level;
 			}
 			else
 			{
 				// Even number cipher suites will be in the MSN
 				buf[1 + (i / 2)] += (priv_level << 4);
 			}
 		}
 	}
 	return ret;
 }
 static int
 get_cmdline_ipaddr(char * arg, uint8_t * buf)
 {
@ -969,7 +1048,14 @@ static void ipmi_lan_set_usage(void)
 	lprintf(LOG_NOTICE, "    none   = unspecified source");
 	lprintf(LOG_NOTICE, "    static = address manually configured to be static");
 	lprintf(LOG_NOTICE, "    dhcp   = address obtained by BMC running DHCP");
-	lprintf(LOG_NOTICE, "    bios   = address loaded by BIOS or system software\n");
+	lprintf(LOG_NOTICE, "    bios   = address loaded by BIOS or system software");
 	lprintf(LOG_NOTICE, "  cipher_privs XXXXXXXXXXXXXXX   Set RMCP+ cipher suite privilege levels");
 	lprintf(LOG_NOTICE, "    X = Cipher Suite Unused");
 	lprintf(LOG_NOTICE, "    c = CALLBACK");
 	lprintf(LOG_NOTICE, "    u = USER");
 	lprintf(LOG_NOTICE, "    o = OPERATOR");
 	lprintf(LOG_NOTICE, "    a = ADMIN");
 	lprintf(LOG_NOTICE, "    O = OEM\n");
 }
 static int
@ -1188,9 +1274,31 @@ ipmi_lan_set(struct ipmi_intf * intf, int argc, char ** argv)
 		}
 	}
 	/* RMCP+ cipher suite privilege levels */
 	else if (strncmp(argv[1], "cipher_privs", 12) == 0)
 	{
 		if ((argc != 3)                        ||
 		    (strncmp(argv[2], "help", 4) == 0) ||
 		    get_cmdline_cipher_suite_priv_data(argv[2], data))
 		{
 			lprintf(LOG_NOTICE, "lan set <channel> cipher_privs XXXXXXXXXXXXXXX");
 			lprintf(LOG_NOTICE, "    X = Cipher Suite Unused");
 			lprintf(LOG_NOTICE, "    c = CALLBACK");
 			lprintf(LOG_NOTICE, "    u = USER");
 			lprintf(LOG_NOTICE, "    o = OPERATOR");
 			lprintf(LOG_NOTICE, "    a = ADMIN");
 			lprintf(LOG_NOTICE, "    O = OEM\n");
 		}
 		else
 		{
 			rc = set_lan_param(intf, chan, IPMI_LANP_RMCP_PRIV_LEVELS, data, 9);
 		}
 	}
 	return rc;
 }
 int
 ipmi_lanp_main(struct ipmi_intf * intf, int argc, char ** argv)
 {