Here's the ipmiconsole patch, this time against the cvs trunk.  Had a
bit of trouble yesterday checking out the latest version, since it turns
out savannah went through a server OS upgrade and it messed up the cvs
config.  I found someone who could help on IRC, so it's working again
now.

I'll now be working on the bmc-config utility.

                --Levi


Index: ipmiconsole.8.in
===================================================================
RCS file: /sources/freeipmi/freeipmi/ipmiconsole/ipmiconsole.8.in,v
retrieving revision 1.13
diff -u -5 -r1.13 ipmiconsole.8.in
--- ipmiconsole.8.in    29 Apr 2007 16:54:10 -0000      1.13
+++ ipmiconsole.8.in    2 May 2007 16:51:22 -0000
@@ -67,15 +67,15 @@
 Prompt for password to avoid possibility of listing it in process
 lists.
 .TP
 .I "-k, --k-g str"
 Specify the K_g BMC key to use for authentication.  If not specified, a
-NULL key is assumed.
+NULL key is assumed.  The key may be entered in hex by prefixing with '0x'.
 .TP
 .I "-K, --k-g-prompt"
 Prompt for K_g to avoid possibility of listing it in process
-lists.
+lists.  The key may be entered in hex by prefixing with '0x'.
 .TP
 .I "-l, --privilege str"
 Specify the privilege type to use.  The currently available privilege
 types are "user", "operator", and "admin".  If not specified, a
 privilege of "admin" is assumed.  The privilege must be atleast the
Index: ipmiconsole.conf.5.in
===================================================================
RCS file: /sources/freeipmi/freeipmi/ipmiconsole/ipmiconsole.conf.5.in,v
retrieving revision 1.4
diff -u -5 -r1.4 ipmiconsole.conf.5.in
--- ipmiconsole.conf.5.in       9 Mar 2007 02:44:46 -0000       1.4
+++ ipmiconsole.conf.5.in       2 May 2007 16:51:22 -0000
@@ -70,11 +70,11 @@
 .TP
 .I password str
 Specify the default password to use.
 .TP
 .I k_g str
-Specify the BMC key (K_g) to use.
+Specify the BMC key (K_g) to use.  Prefix with '0x' to enter the key in hex.
 .TP
 .I privilege str
 Specify the default privilege type to use.  
 .B Ipmiconsole 
 currently supports the following privilege types: "user", "operator",
Index: src/ipmiconsole/Makefile.am
===================================================================
RCS file: /sources/freeipmi/freeipmi/ipmiconsole/src/ipmiconsole/Makefile.am,v
retrieving revision 1.3
diff -u -5 -r1.3 Makefile.am
--- src/ipmiconsole/Makefile.am 16 Feb 2007 18:00:01 -0000      1.3
+++ src/ipmiconsole/Makefile.am 2 May 2007 16:51:22 -0000
@@ -17,14 +17,18 @@
 
 ipmiconsole_CPPFLAGS = -I$(srcdir)/../libipmiconsole \
                       -I$(srcdir)/../../../common/src
 
 ipmiconsole_LDADD = ../../../common/src/libllnlcommon.la \
+                    ../../../common/src/libipmicommon.la \
                    ../libipmiconsole/libipmiconsole.la
 
 ../../../common/src/libllnlcommon.la: force-dependency-check
        $(MAKE) -C $(dir $@) $(notdir $@)
 
+../../../common/src/libipmicommon.la: force-dependency-check
+       $(MAKE) -C $(dir $@) $(notdir $@)
+
 ../libipmiconsole/libipmiconsole.la: force-dependency-check
        $(MAKE) -C $(dir $@) $(notdir $@)
 
 force-dependency-check:
Index: src/ipmiconsole/ipmiconsole.c
===================================================================
RCS file: /sources/freeipmi/freeipmi/ipmiconsole/src/ipmiconsole/ipmiconsole.c,v
retrieving revision 1.11
diff -u -5 -r1.11 ipmiconsole.c
--- src/ipmiconsole/ipmiconsole.c       31 Mar 2007 04:03:06 -0000      1.11
+++ src/ipmiconsole/ipmiconsole.c       2 May 2007 16:51:22 -0000
@@ -322,11 +322,11 @@
       exit(1);
     }
 
   ipmi_config.username = strlen(conf->username) ? conf->username : NULL;
   ipmi_config.password = strlen(conf->password) ? conf->password : NULL;
-  ipmi_config.k_g = strlen(conf->k_g) ? conf->k_g : NULL;
+  ipmi_config.k_g = conf->k_g_configured ? conf->k_g : NULL;
   ipmi_config.privilege_level = conf->privilege;
   ipmi_config.cipher_suite_id = conf->cipher_suite_id;
 
   protocol_config.session_timeout_len = -1; 
   protocol_config.retransmission_timeout_len = -1; 
Index: src/ipmiconsole/ipmiconsole_config.c
===================================================================
RCS file: 
/sources/freeipmi/freeipmi/ipmiconsole/src/ipmiconsole/ipmiconsole_config.c,v
retrieving revision 1.10
diff -u -5 -r1.10 ipmiconsole_config.c
--- src/ipmiconsole/ipmiconsole_config.c        26 Apr 2007 03:23:59 -0000      
1.10
+++ src/ipmiconsole/ipmiconsole_config.c        2 May 2007 16:51:22 -0000
@@ -46,10 +46,11 @@
 
 #include "ipmiconsole_config.h"
 #include "conffile.h"
 #include "error.h"
 #include "secure.h"
+#include "ipmi-common.h"
 
 extern struct ipmiconsole_config *conf;
 
 static void
 _config_default(void)
@@ -66,10 +67,13 @@
 #endif /* NDEBUG */
   conf->config_file = IPMICONSOLE_CONFIG_FILE_DEFAULT;
 
   conf->privilege = -1;
   conf->cipher_suite_id = -1;
+
+  memset(conf->k_g, '\0', IPMI_MAX_K_G_LENGTH);
+  conf->k_g_configured = 0;
 }
 
 static void
 _usage(void)
 {
@@ -113,10 +117,11 @@
   char options[100];
   char *pw;
   char *kg;
   char *ptr;
   int c;
+  int rv;
 
 #if HAVE_GETOPT_LONG
   struct option long_options[] =
     {
       {"help",                     0, NULL, 'H'},
@@ -208,28 +213,32 @@
             err_exit("password too long");
           strcpy(conf->password, pw);
           conf->password_set_on_cmdline++;
           break;
         case 'k':       /* --k-g */
-          if (strlen(optarg) > IPMI_MAX_K_G_LENGTH)
-            err_exit("Command Line Error: K_g too long");
-          strcpy(conf->k_g, optarg);
-          conf->k_g_set_on_cmdline++;
+          if ((rv = parse_kg(conf->k_g, IPMI_MAX_K_G_LENGTH, optarg)) < 0)
+            err_exit("Command Line Error: Invalid K_g");
+          if (rv > 0)
+            {
+              conf->k_g_configured++;
+              conf->k_g_set_on_cmdline++;
+            }
           if (optarg)
             {
               int n;
               n = strlen(optarg);
               secure_memset(optarg, '\0', n);
             }
           break;
         case 'K':       /* --k-g-prompt */
-          if (!(kg = getpass("K_g: ")))
-            err_exit("getpass: %s", strerror(errno));
-          if (strlen(kg) > IPMI_MAX_K_G_LENGTH)
-            err_exit("K_g too long");
-          strcpy(conf->k_g, kg);
-          conf->k_g_set_on_cmdline++;
+         if ((rv = parse_kg(conf->k_g, IPMI_MAX_K_G_LENGTH, kg)) < 0)
+           err_exit("K_g invalid");
+         if (rv > 0)
+           {
+             conf->k_g_configured++;
+             conf->k_g_set_on_cmdline++;
+           }
           break;
        case 'l':       /* --privilege */
          if (!strcasecmp(optarg, "user"))
            conf->privilege = IPMICONSOLE_PRIVILEGE_USER;
          else if (!strcasecmp(optarg, "operator"))
@@ -363,17 +372,20 @@
        void *option_ptr,
        int option_data,
        void *app_ptr,
        int app_data)
 {
+  int rv;
+
   if (conf->k_g_set_on_cmdline)
     return 0;
 
-  if (strlen(data->string) > IPMI_MAX_K_G_LENGTH)
-    err_exit("Config File Error: K_g too long");
+  if ((rv = parse_kg(conf->k_g, IPMI_MAX_K_G_LENGTH, data->string)) < 0)
+    err_exit("Config File Error: K_g invalid");
+  if (rv > 0)
+    conf->k_g_configured = 1;
 
-  strcpy(conf->k_g, data->string);
   return 0;
 }
 
 static int
 _cb_privilege(conffile_t cf, 
Index: src/ipmiconsole/ipmiconsole_config.h
===================================================================
RCS file: 
/sources/freeipmi/freeipmi/ipmiconsole/src/ipmiconsole/ipmiconsole_config.h,v
retrieving revision 1.6
diff -u -5 -r1.6 ipmiconsole_config.h
--- src/ipmiconsole/ipmiconsole_config.h        26 Apr 2007 03:23:59 -0000      
1.6
+++ src/ipmiconsole/ipmiconsole_config.h        2 May 2007 16:51:22 -0000
@@ -51,11 +51,11 @@
   char *config_file;
 
   char hostname[MAXHOSTNAMELEN+1];
   char username[IPMI_MAX_USER_NAME_LENGTH+1];
   char password[IPMI_2_0_MAX_PASSWORD_LENGTH+1];
-  char k_g[IPMI_MAX_K_G_LENGTH+1];
+  char k_g[IPMI_MAX_K_G_LENGTH];
   int privilege;
   int cipher_suite_id;
   int dont_steal;
   int deactivate;
   int lock_memory;
@@ -64,10 +64,11 @@
 
   int hostname_set_on_cmdline;
   int username_set_on_cmdline;
   int password_set_on_cmdline;
   int k_g_set_on_cmdline;
+  int k_g_configured;
   int privilege_set_on_cmdline;
   int cipher_suite_id_set_on_cmdline;
   int dont_steal_set_on_cmdline;
   int deactivate_set_on_cmdline;
   int lock_memory_set_on_cmdline;
Index: src/libipmiconsole/ipmiconsole.c
===================================================================
RCS file: 
/sources/freeipmi/freeipmi/ipmiconsole/src/libipmiconsole/ipmiconsole.c,v
retrieving revision 1.7
diff -u -5 -r1.7 ipmiconsole.c
--- src/libipmiconsole/ipmiconsole.c    31 Mar 2007 04:03:06 -0000      1.7
+++ src/libipmiconsole/ipmiconsole.c    2 May 2007 16:51:22 -0000
@@ -393,11 +393,10 @@
       || (hostname && strlen(hostname) > MAXHOSTNAMELEN)
       || !ipmi_config
       || !protocol_config
       || (ipmi_config->username && strlen(ipmi_config->username) > 
IPMI_MAX_USER_NAME_LENGTH)
       || (ipmi_config->password && strlen(ipmi_config->password) > 
IPMI_2_0_MAX_PASSWORD_LENGTH)
-      || (ipmi_config->k_g && strlen(ipmi_config->k_g) > IPMI_MAX_K_G_LENGTH)
       || (ipmi_config->privilege_level >= 0
          && (ipmi_config->privilege_level != IPMICONSOLE_PRIVILEGE_USER
              && ipmi_config->privilege_level != IPMICONSOLE_PRIVILEGE_OPERATOR
              && ipmi_config->privilege_level != IPMICONSOLE_PRIVILEGE_ADMIN))
       || (ipmi_config->cipher_suite_id >= IPMI_CIPHER_SUITE_ID_MIN
@@ -439,12 +438,16 @@
     strcpy((char *)c->username, ipmi_config->username);
 
   if (ipmi_config->password)
     strcpy((char *)c->password, ipmi_config->password);
 
-  if (ipmi_config->k_g)
-    strcpy((char *)c->k_g, ipmi_config->k_g);
+  /* k_g is a fixed-length binary chunk that may contain nulls */
+  if (ipmi_config->k_g) 
+    {
+      memcpy(c->k_g, ipmi_config->k_g, IPMI_MAX_K_G_LENGTH);
+      c->k_g_configured = 1;
+    }
 
   if (ipmi_config->privilege_level >= 0)
     {
       if (ipmi_config->privilege_level == IPMICONSOLE_PRIVILEGE_USER)
         c->privilege_level = IPMI_PRIVILEGE_LEVEL_USER;
Index: src/libipmiconsole/ipmiconsole.h
===================================================================
RCS file: 
/sources/freeipmi/freeipmi/ipmiconsole/src/libipmiconsole/ipmiconsole.h,v
retrieving revision 1.8
diff -u -5 -r1.8 ipmiconsole.h
--- src/libipmiconsole/ipmiconsole.h    31 Mar 2007 04:03:06 -0000      1.8
+++ src/libipmiconsole/ipmiconsole.h    2 May 2007 16:51:22 -0000
@@ -163,11 +163,11 @@
  *   20 bytes.
  *
  * k_g
  *
  *   BMC Key for 2-key authentication.  Pass NULL ptr to use password
- *   as BMC key.  Maximum length of 20 bytes.
+ *   as BMC key.  Length of 20 bytes.
  *
  * privilege_level
  *
  *   privilege level to authenticate with.  
  *
Index: src/libipmiconsole/ipmiconsole_defs.h
===================================================================
RCS file: 
/sources/freeipmi/freeipmi/ipmiconsole/src/libipmiconsole/ipmiconsole_defs.h,v
retrieving revision 1.7
diff -u -5 -r1.7 ipmiconsole_defs.h
--- src/libipmiconsole/ipmiconsole_defs.h       28 Apr 2007 00:32:58 -0000      
1.7
+++ src/libipmiconsole/ipmiconsole_defs.h       2 May 2007 16:51:22 -0000
@@ -366,11 +366,12 @@
 
   /* Configuration Parameters */
   char hostname[MAXHOSTNAMELEN+1];
   uint8_t username[IPMI_MAX_USER_NAME_LENGTH+1];
   uint8_t password[IPMI_2_0_MAX_PASSWORD_LENGTH+1];
-  uint8_t k_g[IPMI_MAX_K_G_LENGTH+1];
+  uint8_t k_g[IPMI_MAX_K_G_LENGTH];
+  uint8_t k_g_configured;
   uint8_t privilege_level;
   uint8_t cipher_suite_id;
 
   unsigned int session_timeout_len;
   unsigned int retransmission_timeout_len;
Index: src/libipmiconsole/ipmiconsole_processing.c
===================================================================
RCS file: 
/sources/freeipmi/freeipmi/ipmiconsole/src/libipmiconsole/ipmiconsole_processing.c,v
retrieving revision 1.8
diff -u -5 -r1.8 ipmiconsole_processing.c
--- src/libipmiconsole/ipmiconsole_processing.c 31 Mar 2007 04:03:06 -0000      
1.8
+++ src/libipmiconsole/ipmiconsole_processing.c 2 May 2007 16:51:23 -0000
@@ -1762,12 +1762,12 @@
     {
       c->errnum = IPMICONSOLE_ERR_USERNAME_INVALID;
       return -1;
     }
 
-  if ((!strlen((char *)c->k_g) && authentication_status_k_g)
-      || (strlen((char *)c->k_g) && !authentication_status_k_g))
+  if ((!c->k_g_configured && authentication_status_k_g)
+      || (c->k_g_configured && !authentication_status_k_g))
     {
       c->errnum = IPMICONSOLE_ERR_K_G_INVALID;
       return -1;
     }
 
@@ -1841,11 +1841,11 @@
   if (c->workaround_flags & IPMICONSOLE_WORKAROUND_INTEL_2_0
       && s->authentication_algorithm == 
IPMI_AUTHENTICATION_ALGORITHM_RAKP_HMAC_MD5
       && password_len > IPMI_1_5_MAX_PASSWORD_LENGTH)
     password_len = IPMI_1_5_MAX_PASSWORD_LENGTH;
   
-  if (strlen((char *)c->k_g))
+  if (c->k_g_configured)
     k_g = (uint8_t *)c->k_g;
   else
     k_g = NULL;
   
   if ((managed_system_random_number_len = Fiid_obj_get_data(c,
@@ -1866,11 +1866,11 @@
                                            s->integrity_algorithm,
                                            s->confidentiality_algorithm,
                                            password,
                                            password_len,
                                            k_g,
-                                           (k_g) ? strlen((char *)k_g) : 0,
+                                           (k_g) ? IPMI_MAX_K_G_LENGTH : 0,
                                            s->remote_console_random_number,
                                            
IPMI_REMOTE_CONSOLE_RANDOM_NUMBER_LENGTH,
                                            managed_system_random_number,
                                            
IPMI_MANAGED_SYSTEM_RANDOM_NUMBER_LENGTH,
                                            s->name_only_lookup,
_______________________________________________
Freeipmi-devel mailing list
Freeipmi-devel@gnu.org
http://lists.gnu.org/mailman/listinfo/freeipmi-devel

Reply via email to