Based on current crypto alogrithms, one could rank cipher suites along
these lines:
17 > 3 >> all the rest
17 and 3 are the only cipher suites that implement any sort of
confidentiality alogorithm that is secure. In addition, any hmac-md5 or
md5 integrity algorithm used in integrity is weak at best and dangerous
for authentication.
This could possibly be enabled in a simpler mechanism by simply checking
for 17 and then choosing it before falling back to 3, but the way this
is implemented, it makes it easy to change the list of acceptable
algorithms from two to three or more items.
Resolvesipmitool/ipmitool#29
Signed-off-by: Vernon Mauery <vernon.mauery@intel.com>
Remove all direct comparisons to 'NULL' for pointers.
Replace them with boolean-like 'if (ptr)' and 'if (!ptr)'.
This makes conditions shorter and easier to read.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
There are lots of feature test macros like _POSIX_SOURCE,
_BSD_SOURCE, etc. chaotically placed at the beginning of
multiple files without apparent reason, sometime purely
erroneously.
This commit removes them all for the sake of cleaner code.
No new warnings are added due to that at least for gcc 5.4
on Linux with glibc 2.23.
NI_MAXHOST and NI_MAXSERV is only defined in /usr/include/netdb.h if
_DARWIN_C_SOURCE is defined or _POSIX_C_SOURCE is undefined.
From /usr/include/netdb.h OS 10.11 - El Capitan:
/*
* Constants for getnameinfo()
*/
#if !defined(_POSIX_C_SOURCE) || defined(_DARWIN_C_SOURCE)
#define NI_MAXHOST 1025
#define NI_MAXSERV 32
#endif /* (!_POSIX_C_SOURCE || _DARWIN_C_SOURCE) */
Commit implements '-4' and '-6' switch in order to enforce IPv4 or IPv6
connection. In order to do so, struct ipmi_intf has been extended to carry
ai_family flag.
This feature request is for adding support for USB Medium as an interface in
IPMITool. AMI BMC (OEM feature) provides Virtual USB devices in the host as
part of its feature list. IPMITool can use this 'Virtual USB device' as a
medium for Inband communication with BMC.
Just like any other interface, use can just give 'ipmitool -I usb xxxx' to
communicate with the BMC via USB Interface.
Currently, interface-management code in the ipmitool does not allow safe
interface re-opening (i.e. closing and opening again). It is because the session
is allocated in the interface setup callback while is freed in the close
callback. So, normal re-opening of the interface, which can be required for
example durng the HPM.1 upgrade, leads to segmentation fault. That's why in the
ipmi_hpmfwupg.c instead of normal closing interface, directly access the
interface data for subsequent re-opening.
Commit for Dmitry Bazhenov
ID#313 ipmitool doesn't support hostname long than 64 symbols
ID#277 Minor issue with ipmi_intf_session_set_hostname()
Commit adds support pretty much for FQDN not just up to the length of one label.
This is achieved by change in in struct ipmi_session; and strdup() of user
input. Of course, we have to free() this once we're done.
This patch adds basic long message support for PICMG-based systems according to
the HPM.2 specification.
It also introduces APIs for setting inbound and outbound messages sizes per
selected interface.
This APIs are used in LAN and LAN+ interfaces to set autonomously detected
inbound and outbound message sizes.
The newly introduced APIs also replace the existing message size detection code
in several ipmitool commands in order to leverage the advantages of long message
support (HPM.1 upgrade, SDR acquring, FRU inventory read and write).
The Kontron-specific long message support is moved under a OEM option.
Commit for Dmitry Bazhenov
