Both 'Set/Get LAN Configuration Parameter' commands may return
command-specific codes that weren't properly parsed and were
reported as 'Unknown' before. This is fixed now.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
The length of internal use area printed by ekanalyzer
didn't take in account the version byte.
The data printed was also 1 byte longer than needed.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
When there was no chassis and board areas, the internal use
are size was calculated incorrectly.
Additionally, it is possible that the internal area is actually
located after all other areas or that areas are arranged in
a different order than their offsets in the header. All those
cases weren't properly handled.
Now that is fixed.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
This patch has been added to fix "error: comparison between signed
and unsigned integer expressions [-Werror=sign-compare]"
Signed-off-by: Shitalkumar Gandhi <shitalkumar.gandhi@seagate.com>
- Drop a useless `extern` definition
- Remove static variable `errorCount` from header, move it to
the c file where it is actually used if needed
Related to ipmitool/ipmitool#220
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
Fix calculation of the buffer size for decoded 6-bit ASCII
strings. Previously the program could allocate too a short buffer
that caused buffer overflows and segmentation fault crashes on
certain FRU contents.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
Restore using strncmp() for "options=" and similar
substrings.
Resolvesipmitool/ipmitool#223
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
- Initialize the log at the start of ipmi_main() to allow for proper
logging at the start;
- Remove the unused log_level_get() function;
- Update log_level_set() to take verbosity instead of log level
(default verbosity is 0, which is LOG_NOTICE log level),
use the function to update log level as `-v` is encountered
in command line;
- Move IANA PEN list debugging to verbosity 6. The list is too long
to see it in each debug output of verbosity 5 that is used for
debugging lan/lanplus packets;
- For verbosity >= 2 (that is `-vv`) add the ipmitool version
information at the start.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
The `make distcheck` was failing because of some files deleted twice
and some intermediate files not deleted at all.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
Unify the comparison idioms use.
Always use `if(!strcmp())` for "if string equals"
and `if(strcmp())` for "if string is not equal".
Never use `== 0` and `!= 0` with `strcmp()`.
Minor reformatting of the code immediately surrounding the
refactored lines.
Resolvesipmitool/ipmitool#104
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
Reduce code duplication by extracting option names, types,
and value ranges into a separate structure, and rewriting
the option parsing code without mixing it with the data.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
Clean up use of strcmp/strncmp/strncasecmp for command line arguments.
Never use anything but `strcmp()` unless absolutely neccessary.
Partialy resolvesipmitool/ipmitool#104
The current behavior:
- correct date format is not accepted by "sel time set".
- incorrect date format that looks correct is accepted, but time is not
set correctly.
- commands like
ipmitool sel time set "11/22/2013 trash"
are accepted.
Final part of the fixes for CVE-2020-5208, see
https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
9 variants of stack buffer overflow when parsing `id_string` field of
SDR records returned from `CMD_GET_SDR` command.
SDR record structs have an `id_code` field, and an `id_string` `char`
array.
The length of `id_string` is calculated as `(id_code & 0x1f) + 1`,
which can be larger than expected 16 characters (if `id_code = 0xff`,
then length will be `(0xff & 0x1f) + 1 = 32`).
In numerous places, this can cause stack buffer overflow when copying
into fixed buffer of size `17` bytes from this calculated length.
Partial fix for CVE-2020-5208, see
https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
The `ipmi_spd_print_fru` function has a similar issue as the one fixed
by the previous commit in `read_fru_area_section`. An initial request is
made to get the `fru.size`, which is used as the size for the allocation
of `spd_data`. Inside a loop, further requests are performed to get the
copy sizes which are not checked before being used as the size for a
copy into the buffer.
Partial fix for CVE-2020-5208, see
https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
The `read_fru_area_section` function only performs size validation of
requested read size, and falsely assumes that the IPMI message will not
respond with more than the requested amount of data; it uses the
unvalidated response size to copy into `frubuf`. If the response is
larger than the request, this can result in overflowing the buffer.
The same issue affects the `read_fru_area` function.
Fix ipmitool not writing the last block of boot mailbox data if the
block is shorter than 3 bytes.
Signed-off-by: Ivan Mikhaylov <fr0st61te@gmail.com>
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
For parameter checking replace calls to strncmp() with calls
to strcmp() in order to improve readability and get rid of literal
string lengths.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
* Get rid of magic '8' in bootdev options processing.
* Optimize the code of bootdev arguments processing, remove the
special crafting of flags for 'clear-cmos' argument, make it use
the same code as other options.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
There was a wrong help message regarding the console redirection,
and also the help formatting was a bit off. Straightened this all up.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
Refactor the boot flags decoder:
* Add macros for boot flag bits, replace magic numbers in
the `chassis bootparam get 5` and in `chassis bootdev`
handlers.
The macros are prefixed with BFx_ where x stands for the
boot flags data byte as per IPMI 2.0 specification Table 28-14;
* Add decoding of remote/redirected media boot flags;
* Remove erroneous decoding of boot flags byte 3 bit 1 as
Sleep button lockout whereas the bit is a part of console
redirection setting;
* Fix console redirection settings reported under the 'BIOS verbosity'
header and vice versa;
* Fix resetting of all other boot flags in the data byte when
setting any of the bits in the same byte. This fixes inability
to set both 'efiboot' and 'persistent' bits at the same time,
and other similar cases.
Resolvesipmitool/ipmitool#163
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
ftp://ftp.supermicro.com/utility/IPMICFG/IPMICFG_1.30.0_build.190710.zip
contains MBType.dat file that lists all known Supermicro product IDs
with their respective names.
Import that knowledge into ipmitool.
Resolvesipmitool/ipmitool#151
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
Commit 6e2b688e introduced a bug due to which VLAN id range checking
was negated and resulted in error messages printed for correct VLAN ids.
Resolvesipmitool/ipmitool#55
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
No longer truncate passwords (16 < p <= 20) silently, instead attempt
to set a 20-char password when such a password is given.
Fail if an explicit length is exceeded, and any time the upper limit
is exceeded.
ipmi_intf.h was missing a couple of declarations for the functions
used by fru, sdr and hpmfwupg modules. Add those declarations
to ipmi_intf.h and remove local declarations.
This fixes a couple of compilation warnings.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
The ipmi_event_fromfile() function was massively repeating the code of
ipmi_send_platform_event() and ipmi_event_msg_print().
This commit cleans up ipmi_event_fromfile() to simply call
ipmi_send_platform_event() with all the prepared data read from the
file. That function in its turn calls ipmi_event_msg_print().
This commit also replaces the dummy generator ID 2 that was printed to
the user with a more relevant generator ID that will actually be sent
by ipmi_send_platform_event().
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
IPMI 2.0 specification is quite inconsistent about system interfaces.
They have section 1.7.16 "System Interfaces" that clearly states that
there are FOUR system interfaces (KCS, SMIC, BT and SSIF), but then they
have section 1.7.31 saying that "It is mandatory to implement a system
interface that is compatible with one of the **three** specified system
interfaces" without specifying which three of the four interfaces are
meant. Then in section 6 "IPMI Messaging interfaces" they again say that
"As mentioned earlier, there are three System Interface implementations
specified for the BMC: SMIC, KCS, and BT". Is all looks like during
update from 1.5 to 2.0 they have updated section 1.7.16, but forgot to
update Table 6-3, section 1.7.31 and section 6. Yet again, there is 'Get
System Interface Capabilities' command that has a parameter 'System
Interface Type' that can specify that SI is of SSIF type.
All that have lead to a situation where some BMC manufacturers treated
the specification as if it prohibited specifying media type 0xC
(which is "System Interface") for system interfaces using SSIF
(SMBus Sustem Interface), and so they specified an SMBUS media type
for their system interface channels.
As a result, ipmitool failed to properly send event data via such
system interfaces as it treated them as non-system and didn't add
the required Generator ID.
To mitigate the inconsistency of IPMI specification and yet not
ask BMC manufacturers to alter their code, thus increasing compatibility
with legacy BMCs, this commit adds checking of current interface number.
The system interface, according to Table 6-1 of IPMI Specification is
required to have channel number 15 (0Fh). So with this commit the
generator ID is added for any interfaces that are either marked
as media type 0Ch 'System Interface' or have channel number 0Fh.
Resolvesipmitool/ipmitool#111
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
If a manufacturer's IANA PEN (aka manufacturer ID) was above
65535, it wasn't reported properly. Luckily there are no such
IDs so far, the biggest is 54077 as of 2019/06/18.
There is, however, an ID 0xFFFFFE used by fake_ipmistack
for debug purposes, and it was not reported correctly.
This commit expands the value argument to string searching functions
from 16-bit to 32-bit to allow for any possible IANA PEN.
Fixes: 73d6af57827fc85e78c700ca1dff00b3dbc63948
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
Add support for IANADIR and IANAUSERDIR variables to configure
to allow for customizable locations of system and user-supplied
IANA PEN registry.
Also make path building code portable to Windows.
Partially resolvesipmitool/ipmitool#11
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
