summaryrefslogtreecommitdiff
path: root/lib/ipmi_user.c
diff options
context:
space:
mode:
authorJörg Frings-Fürst <debian@jff-webhosting.net>2022-09-10 15:44:41 +0200
committerJörg Frings-Fürst <debian@jff-webhosting.net>2022-09-10 15:44:41 +0200
commita9ee361f27e0439530387765924574e5358c8a5c (patch)
tree3104aecc4d574f7d7bbb269223814586277b1797 /lib/ipmi_user.c
parent82ac6c87ce0b0af2fb8de25d70442fec406bb742 (diff)
New upstream version 1.8.19upstream/1.8.19upstream
Diffstat (limited to 'lib/ipmi_user.c')
-rw-r--r--lib/ipmi_user.c138
1 files changed, 77 insertions, 61 deletions
diff --git a/lib/ipmi_user.c b/lib/ipmi_user.c
index 2780e61..2068c93 100644
--- a/lib/ipmi_user.c
+++ b/lib/ipmi_user.c
@@ -29,10 +29,6 @@
* LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
* EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
*/
-#define _BSD_SOURCE || \
- (_XOPEN_SOURCE >= 500 || \
- _XOPEN_SOURCE && _XOPEN_SOURCE_EXTENDED) && \
- !(_POSIX_C_SOURCE >= 200112L || _XOPEN_SOURCE >= 600)
#include <stdlib.h>
#include <string.h>
@@ -72,27 +68,27 @@ _ipmi_get_user_access(struct ipmi_intf *intf,
struct ipmi_rq req = {0};
struct ipmi_rs *rsp;
uint8_t data[2];
- if (user_access_rsp == NULL) {
+ if (!user_access_rsp) {
return (-3);
}
data[0] = user_access_rsp->channel & 0x0F;
- data[1] = user_access_rsp->user_id & 0x3F;
+ data[1] = IPMI_UID(user_access_rsp->user_id);
req.msg.netfn = IPMI_NETFN_APP;
req.msg.cmd = IPMI_GET_USER_ACCESS;
req.msg.data = data;
req.msg.data_len = 2;
rsp = intf->sendrecv(intf, &req);
- if (rsp == NULL) {
+ if (!rsp) {
return (-1);
- } else if (rsp->ccode != 0) {
+ } else if (rsp->ccode) {
return rsp->ccode;
} else if (rsp->data_len != 4) {
return (-2);
}
- user_access_rsp->max_user_ids = rsp->data[0] & 0x3F;
+ user_access_rsp->max_user_ids = IPMI_UID(rsp->data[0]);
user_access_rsp->enable_status = rsp->data[1] & 0xC0;
- user_access_rsp->enabled_user_ids = rsp->data[1] & 0x3F;
- user_access_rsp->fixed_user_ids = rsp->data[2] & 0x3F;
+ user_access_rsp->enabled_user_ids = IPMI_UID(rsp->data[1]);
+ user_access_rsp->fixed_user_ids = IPMI_UID(rsp->data[2]);
user_access_rsp->callin_callback = rsp->data[3] & 0x40;
user_access_rsp->link_auth = rsp->data[3] & 0x20;
user_access_rsp->ipmi_messaging = rsp->data[3] & 0x10;
@@ -114,18 +110,18 @@ _ipmi_get_user_name(struct ipmi_intf *intf, struct user_name_t *user_name_ptr)
struct ipmi_rq req = {0};
struct ipmi_rs *rsp;
uint8_t data[1];
- if (user_name_ptr == NULL) {
+ if (!user_name_ptr) {
return (-3);
}
- data[0] = user_name_ptr->user_id & 0x3F;
+ data[0] = IPMI_UID(user_name_ptr->user_id);
req.msg.netfn = IPMI_NETFN_APP;
req.msg.cmd = IPMI_GET_USER_NAME;
req.msg.data = data;
req.msg.data_len = 1;
rsp = intf->sendrecv(intf, &req);
- if (rsp == NULL) {
+ if (!rsp) {
return (-1);
- } else if (rsp->ccode > 0) {
+ } else if (rsp->ccode) {
return rsp->ccode;
} else if (rsp->data_len != 16) {
return (-2);
@@ -151,7 +147,7 @@ _ipmi_set_user_access(struct ipmi_intf *intf,
uint8_t data[4];
struct ipmi_rq req = {0};
struct ipmi_rs *rsp;
- if (user_access_req == NULL) {
+ if (!user_access_req) {
return (-3);
}
data[0] = change_priv_limit_only ? 0x00 : 0x80;
@@ -165,7 +161,7 @@ _ipmi_set_user_access(struct ipmi_intf *intf,
data[0] |= 0x10;
}
data[0] |= (user_access_req->channel & 0x0F);
- data[1] = user_access_req->user_id & 0x3F;
+ data[1] = IPMI_UID(user_access_req->user_id);
data[2] = user_access_req->privilege_limit & 0x0F;
data[3] = user_access_req->session_limit & 0x0F;
req.msg.netfn = IPMI_NETFN_APP;
@@ -173,7 +169,7 @@ _ipmi_set_user_access(struct ipmi_intf *intf,
req.msg.data = data;
req.msg.data_len = 4;
rsp = intf->sendrecv(intf, &req);
- if (rsp == NULL) {
+ if (!rsp) {
return (-1);
} else {
return rsp->ccode;
@@ -200,14 +196,14 @@ _ipmi_set_user_password(struct ipmi_intf *intf, uint8_t user_id,
uint8_t *data;
uint8_t data_len = (is_twenty_byte) ? 22 : 18;
data = malloc(sizeof(uint8_t) * data_len);
- if (data == NULL) {
+ if (!data) {
return (-4);
}
memset(data, 0, data_len);
data[0] = (is_twenty_byte) ? 0x80 : 0x00;
- data[0] |= (0x0F & user_id);
+ data[0] |= IPMI_UID(user_id);
data[1] = 0x03 & operation;
- if (password != NULL) {
+ if (password) {
size_t copy_len = strlen(password);
if (copy_len > (data_len - 2)) {
copy_len = data_len - 2;
@@ -224,7 +220,7 @@ _ipmi_set_user_password(struct ipmi_intf *intf, uint8_t user_id,
rsp = intf->sendrecv(intf, &req);
free(data);
data = NULL;
- if (rsp == NULL) {
+ if (!rsp) {
return (-1);
}
return rsp->ccode;
@@ -371,18 +367,20 @@ ipmi_user_set_username(
req.msg.data_len = sizeof(msg_data);
memset(msg_data, 0, sizeof(msg_data));
+ user_id = IPMI_UID(user_id);
+
/* The channel number will remain constant throughout this function */
msg_data[0] = user_id;
strncpy((char *)(msg_data + 1), name, strlen(name));
rsp = intf->sendrecv(intf, &req);
- if (rsp == NULL) {
+ if (!rsp) {
lprintf(LOG_ERR, "Set User Name command failed (user %d, name %s)",
user_id, name);
return -1;
}
- if (rsp->ccode > 0) {
+ if (rsp->ccode) {
lprintf(LOG_ERR, "Set User Name command failed (user %d, name %s): %s",
user_id, name, val2str(rsp->ccode, completion_code_vals));
return -1;
@@ -436,7 +434,7 @@ print_user_usage(void)
lprintf(LOG_NOTICE,
" set name <user id> <username>");
lprintf(LOG_NOTICE,
-" set password <user id> [<password> <16|20>]");
+" set password <user id> [<password> [<16|20>]]");
lprintf(LOG_NOTICE,
" disable <user id>");
lprintf(LOG_NOTICE,
@@ -553,7 +551,7 @@ ipmi_user_test(struct ipmi_intf *intf, int argc, char **argv)
if (argc == 3) {
/* We need to prompt for a password */
password = ask_password(user_id);
- if (password == NULL) {
+ if (!password) {
lprintf(LOG_ERR, "ipmitool: malloc failure");
return (-1);
}
@@ -615,7 +613,7 @@ ipmi_user_mod(struct ipmi_intf *intf, int argc, char **argv)
if (is_ipmi_user_id(argv[1], &user_id)) {
return (-1);
}
- operation = (strncmp(argv[0], "disable", 7) == 0) ?
+ operation = (!strcmp(argv[0], "disable")) ?
IPMI_PASSWORD_DISABLE_USER : IPMI_PASSWORD_ENABLE_USER;
ccode = _ipmi_set_user_password(intf, user_id, operation,
@@ -628,12 +626,17 @@ ipmi_user_mod(struct ipmi_intf *intf, int argc, char **argv)
return 0;
}
+#define USER_PW_IPMI15_LEN 16 /* IPMI 1.5 only allowed for 16 bytes */
+#define USER_PW_IPMI20_LEN 20 /* IPMI 2.0 allows for 20 bytes */
+#define USER_PW_MAX_LEN USER_PW_IPMI20_LEN
+
int
ipmi_user_password(struct ipmi_intf *intf, int argc, char **argv)
{
char *password = NULL;
int ccode = 0;
- uint8_t password_type = 16;
+ uint8_t password_type = USER_PW_IPMI15_LEN;
+ size_t password_len;
uint8_t user_id = 0;
if (is_ipmi_user_id(argv[2], &user_id)) {
return (-1);
@@ -642,52 +645,63 @@ ipmi_user_password(struct ipmi_intf *intf, int argc, char **argv)
if (argc == 3) {
/* We need to prompt for a password */
char *tmp;
+ size_t tmplen;
password = ask_password(user_id);
- if (password == NULL) {
+ if (!password) {
lprintf(LOG_ERR, "ipmitool: malloc failure");
return (-1);
}
tmp = ask_password(user_id);
- if (tmp == NULL) {
+ tmplen = strnlen(tmp, USER_PW_MAX_LEN + 1);
+ if (!tmp) {
lprintf(LOG_ERR, "ipmitool: malloc failure");
return (-1);
}
- if (strlen(password) != strlen(tmp)
- || strncmp(password, tmp, strlen(tmp))) {
- lprintf(LOG_ERR, "Passwords do not match.");
+ if (strncmp(password, tmp, tmplen)) {
+ lprintf(LOG_ERR, "Passwords do not match or are "
+ "longer than %d", USER_PW_MAX_LEN);
return (-1);
}
} else {
password = argv[3];
- if (argc > 4) {
- if ((str2uchar(argv[4], &password_type) != 0)
- || (password_type != 16 && password_type != 20)) {
- lprintf(LOG_ERR, "Invalid password length '%s'", argv[4]);
- return (-1);
- }
- } else {
- password_type = 16;
- }
}
- if (password == NULL) {
+ if (!password) {
lprintf(LOG_ERR, "Unable to parse password argument.");
return (-1);
- } else if (strlen(password) > 20) {
- lprintf(LOG_ERR, "Password is too long (> 20 bytes)");
+ }
+
+ password_len = strnlen(password, USER_PW_MAX_LEN + 1);
+
+ if (argc > 4) {
+ if ((str2uchar(argv[4], &password_type) != 0)
+ || (password_type != USER_PW_IPMI15_LEN
+ && password_type != USER_PW_IPMI20_LEN))
+ {
+ lprintf(LOG_ERR, "Invalid password length '%s'",
+ argv[4]);
+ return (-1);
+ }
+ } else if (password_len > USER_PW_IPMI15_LEN) {
+ password_type = USER_PW_IPMI20_LEN;
+ }
+
+ if (password_len > password_type) {
+ lprintf(LOG_ERR, "Password is too long (> %d bytes)",
+ password_type);
return (-1);
}
ccode = _ipmi_set_user_password(intf, user_id,
- IPMI_PASSWORD_SET_PASSWORD, password,
- password_type > 16);
+ IPMI_PASSWORD_SET_PASSWORD, password,
+ password_type > USER_PW_IPMI15_LEN);
if (eval_ccode(ccode) != 0) {
lprintf(LOG_ERR, "Set User Password command failed (user %d)",
- user_id);
+ user_id);
return (-1);
} else {
printf("Set User Password command successful (user %d)\n",
- user_id);
+ user_id);
return 0;
}
}
@@ -726,32 +740,34 @@ ipmi_user_main(struct ipmi_intf *intf, int argc, char **argv)
print_user_usage();
return (-1);
}
- if (strncmp(argv[0], "help", 4) == 0) {
+ if (!strcmp(argv[0], "help")) {
/* Help */
print_user_usage();
return 0;
- } else if (strncmp(argv[0], "summary", 7) == 0) {
+ } else if (!strcmp(argv[0], "summary")) {
return ipmi_user_summary(intf, argc, argv);
- } else if (strncmp(argv[0], "list", 4) == 0) {
+ } else if (!strcmp(argv[0], "list")) {
return ipmi_user_list(intf, argc, argv);
- } else if (strncmp(argv[0], "test", 4) == 0) {
+ } else if (!strcmp(argv[0], "test")) {
return ipmi_user_test(intf, argc, argv);
- } else if (strncmp(argv[0], "set", 3) == 0) {
+ } else if (!strcmp(argv[0], "set")) {
/* Set */
- if ((argc >= 3)
- && (strncmp("password", argv[1], 8) == 0)) {
+ if (argc >= 3
+ && !strcmp("password", argv[1]))
+ {
return ipmi_user_password(intf, argc, argv);
- } else if ((argc >= 2)
- && (strncmp("name", argv[1], 4) == 0)) {
+ } else if (argc >= 2
+ && !strcmp("name", argv[1]))
+ {
return ipmi_user_name(intf, argc, argv);
} else {
print_user_usage();
return (-1);
}
- } else if (strncmp(argv[0], "priv", 4) == 0) {
+ } else if (!strcmp(argv[0], "priv")) {
return ipmi_user_priv(intf, argc, argv);
- } else if ((strncmp(argv[0], "disable", 7) == 0)
- || (strncmp(argv[0], "enable", 6) == 0)) {
+ } else if (!strcmp(argv[0], "disable")
+ || !strcmp(argv[0], "enable")) {
return ipmi_user_mod(intf, argc, argv);
} else {
lprintf(LOG_ERR, "Invalid user command: '%s'\n", argv[0]);