Al/Duncan,
I have a fix for the username greater than 16 (*3001519)*, but I did not look
at the issue associated with
permitting a password greater than 16 (*3184687*). The current code does
support both 16 and 20
character passwords, but does not differentiate between lan/lanplus with regard
to supported password
length. This is why the submitter was able to specify a 20 character password
for ipmi 1.5.
Duncan, can you put together a fix for 3184687 - IPMITool allows user with more
than 16 bytes password in lan?
**
-- Jim Mankovich | jm...@hp.com --
On 4/24/2012 10:52 AM, Albert Chu wrote:
On Mon, 2012-04-23 at 12:56 -0700, Jim Mankovich wrote:
Duncan,
I already have a fix for the 16 character username problem. I
already posted a patch for it to the Patch tracker
for version 1.8.11 and I was going to post a patch for it to TOB after
I complete the Threshold/Discrete/Analog
Display issue which is currently in review. If you look closely you
will see I assigned these defect to myself.
Both of the defects you mention are for the same issue, the problem is
that ipmitool permits a user to specify greater
than 16 character passwords. The IPMI password length limit is 16.
I see that the original bug was specified against the -I lan interface
(i.e. IPMI 1.5), but the IPMI 2.0 password length max is 20. Not sure
if this is being accounted for in the code changes for -I lanplus.
Al
I'll try to post a patch for review for the 16 character username
limit sometime this week.
Do you what you can with the resources you have a hand.
Any/All help is much appreciated.
-- Jim Mankovich | jm...@hp.com --
On 4/23/2012 12:22 PM, Duncan Idaho wrote:
On Mon, Apr 23, 2012 at 6:26 PM, Jim Mankovich<jm...@hp.com> wrote:
[...]
report and I could not find any existing resolution to in
the TOB CVS for ipmitool. If anyone
has any time to work on ipmitool, please look at Tracker
items first for something to do.
Time, yes(sometimes). Machines to test at? No.
And some stuff, well the most of it, will require some IPMI capable
hardware to test and develop at. So it won't be that easy to get
devs.
Anyway. Once we agree on code in 'lib/ipmi_user.c', I could take a
look at
http://sourceforge.net/tracker/?func=detail&aid=3001519&group_id=95200&atid=610550 and
http://sourceforge.net/tracker/?func=detail&aid=3184687&group_id=95200&atid=610550 . That's
where they'll go right? btw this sounds like a BMC(IPMI stack) to me as well and reportee should report
it to his vendor.
--Duncan
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Ipmitool-devel mailing list
Ipmitool-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipmitool-devel
