From: Duncan L. <ice...@us...> - 2004-10-25 19:22:00
|
Update of /cvsroot/ipmitool/ipmitool/src/plugins/lan In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv5939/src/plugins/lan Modified Files: lan.c Log Message: add special auth support Index: lan.c =================================================================== RCS file: /cvsroot/ipmitool/ipmitool/src/plugins/lan/lan.c,v retrieving revision 1.30 retrieving revision 1.31 diff -C2 -d -r1.30 -r1.31 *** lan.c 8 Oct 2004 22:41:38 -0000 1.30 --- lan.c 25 Oct 2004 19:21:51 -0000 1.31 *************** *** 498,503 **** printf("IPMI Request Match found\n"); if (intf->target_addr != IPMI_BMC_SLAVE_ADDR) { ! if (verbose > 2) ! printf("Bridged cmd resp: %s\n", buf2str(&rsp->data[x],rsp->data_len)); /* bridged command: lose extra header */ x += sizeof(rsp->payload.ipmi_response); --- 498,503 ---- printf("IPMI Request Match found\n"); if (intf->target_addr != IPMI_BMC_SLAVE_ADDR) { ! if (verbose > 2) ! printf("Bridged cmd resp: %s\n", buf2str(&rsp->data[x],rsp->data_len)); /* bridged command: lose extra header */ x += sizeof(rsp->payload.ipmi_response); *************** *** 675,685 **** if (s->active) { switch (s->authtype) { case IPMI_SESSION_AUTHTYPE_MD5: ! temp = ipmi_auth_md5(intf->session, msg+mp, msg[mp-1]); memcpy(msg+ap, temp, 16); break; case IPMI_SESSION_AUTHTYPE_MD2: ! temp = ipmi_auth_md2(intf->session, msg+mp, msg[mp-1]); memcpy(msg+ap, temp, 16); break; --- 675,690 ---- if (s->active) { + /* + * s->authcode is already copied to msg+ap but some + * authtypes require portions of the ipmi message to + * create the authcode so they must be done last. + */ switch (s->authtype) { case IPMI_SESSION_AUTHTYPE_MD5: ! temp = ipmi_auth_md5(s, msg+mp, msg[mp-1]); memcpy(msg+ap, temp, 16); break; case IPMI_SESSION_AUTHTYPE_MD2: ! temp = ipmi_auth_md2(s, msg+mp, msg[mp-1]); memcpy(msg+ap, temp, 16); break; *************** *** 749,752 **** --- 754,758 ---- .seq = 0xff, }; + struct ipmi_session * s = intf->session; int cs, mp, ap = 0, tmp; int len; *************** *** 754,758 **** len = rsp->data_len + 22; ! if (intf->session->active) len += 16; --- 760,764 ---- len = rsp->data_len + 22; ! if (s->active) len += 16; *************** *** 765,784 **** /* ipmi session header */ ! msg[len++] = intf->session->active ? intf->session->authtype : 0; ! if (intf->session->in_seq) { ! intf->session->in_seq++; ! if (!intf->session->in_seq) ! intf->session->in_seq++; } ! memcpy(msg+len, &intf->session->in_seq, 4); len += 4; ! memcpy(msg+len, &intf->session->session_id, 4); len += 4; /* session authcode, if session active and authtype is not none */ ! if (intf->session->active && intf->session->authtype) { ap = len; ! memcpy(msg+len, intf->session->authcode, 16); len += 16; } --- 771,790 ---- /* ipmi session header */ ! msg[len++] = s->active ? s->authtype : 0; ! if (s->in_seq) { ! s->in_seq++; ! if (!s->in_seq) ! s->in_seq++; } ! memcpy(msg+len, &s->in_seq, 4); len += 4; ! memcpy(msg+len, &s->session_id, 4); len += 4; /* session authcode, if session active and authtype is not none */ ! if (s->active && s->authtype) { ap = len; ! memcpy(msg+len, s->authcode, 16); len += 16; } *************** *** 811,818 **** msg[len++] = ipmi_csum(msg+cs, tmp); ! if (intf->session->active && ! intf->session->authtype == IPMI_SESSION_AUTHTYPE_MD5) { ! unsigned char * d = ipmi_auth_md5(intf->session, msg+mp, msg[mp-1]); ! memcpy(msg+ap, d, 16); } --- 817,832 ---- msg[len++] = ipmi_csum(msg+cs, tmp); ! if (s->active) { ! unsigned char * d; ! switch (s->authtype) { ! case IPMI_SESSION_AUTHTYPE_MD5: ! d = ipmi_auth_md5(s, msg+mp, msg[mp-1]); ! memcpy(msg+ap, d, 16); ! break; ! case IPMI_SESSION_AUTHTYPE_MD2: ! d = ipmi_auth_md2(s, msg+mp, msg[mp-1]); ! memcpy(msg+ap, d, 16); ! break; ! } } *************** *** 952,955 **** --- 966,976 ---- s->authtype = IPMI_SESSION_AUTHTYPE_PASSWORD; } + else if (s->password && + (!s->authtype_set || + s->authtype_set == IPMI_SESSION_AUTHTYPE_OEM) && + (rsp->data[1] & 1<<IPMI_SESSION_AUTHTYPE_OEM)) + { + s->authtype = IPMI_SESSION_AUTHTYPE_OEM; + } else if ((!s->authtype_set || s->authtype_set == IPMI_SESSION_AUTHTYPE_NONE) && *************** *** 1049,1053 **** msg_data[0] = s->authtype; msg_data[1] = s->privlvl; ! memcpy(msg_data + 2, s->challenge, 16); /* setup initial outbound sequence number */ --- 1070,1083 ---- msg_data[0] = s->authtype; msg_data[1] = s->privlvl; ! ! if (s->authspecial) { ! unsigned char * special = ipmi_auth_special(s); ! memcpy(s->authcode, special, 16); ! memset(msg_data + 2, 0, 16); ! if (verbose > 2) ! printf(" OEM Auth : %s\n", buf2str(special, 16)); ! } else { ! memcpy(msg_data + 2, s->challenge, 16); ! } /* setup initial outbound sequence number */ *************** *** 1111,1115 **** if (!s->in_seq) ++s->in_seq; ! if (s->authtype & IPMI_AUTHSTATUS_PER_MSG_DISABLED) s->authtype = IPMI_SESSION_AUTHTYPE_NONE; else if (s->authtype != rsp->data[0] & 0xf) { --- 1141,1145 ---- if (!s->in_seq) ++s->in_seq; ! if (s->authstatus & IPMI_AUTHSTATUS_PER_MSG_DISABLED) s->authtype = IPMI_SESSION_AUTHTYPE_NONE; else if (s->authtype != rsp->data[0] & 0xf) { |