From a9ee361f27e0439530387765924574e5358c8a5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Sat, 10 Sep 2022 15:44:41 +0200 Subject: New upstream version 1.8.19 --- lib/ipmi_user.c | 138 +++++++++++++++++++++++++++++++------------------------- 1 file changed, 77 insertions(+), 61 deletions(-) (limited to 'lib/ipmi_user.c') diff --git a/lib/ipmi_user.c b/lib/ipmi_user.c index 2780e61..2068c93 100644 --- a/lib/ipmi_user.c +++ b/lib/ipmi_user.c @@ -29,10 +29,6 @@ * LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. */ -#define _BSD_SOURCE || \ - (_XOPEN_SOURCE >= 500 || \ - _XOPEN_SOURCE && _XOPEN_SOURCE_EXTENDED) && \ - !(_POSIX_C_SOURCE >= 200112L || _XOPEN_SOURCE >= 600) #include #include @@ -72,27 +68,27 @@ _ipmi_get_user_access(struct ipmi_intf *intf, struct ipmi_rq req = {0}; struct ipmi_rs *rsp; uint8_t data[2]; - if (user_access_rsp == NULL) { + if (!user_access_rsp) { return (-3); } data[0] = user_access_rsp->channel & 0x0F; - data[1] = user_access_rsp->user_id & 0x3F; + data[1] = IPMI_UID(user_access_rsp->user_id); req.msg.netfn = IPMI_NETFN_APP; req.msg.cmd = IPMI_GET_USER_ACCESS; req.msg.data = data; req.msg.data_len = 2; rsp = intf->sendrecv(intf, &req); - if (rsp == NULL) { + if (!rsp) { return (-1); - } else if (rsp->ccode != 0) { + } else if (rsp->ccode) { return rsp->ccode; } else if (rsp->data_len != 4) { return (-2); } - user_access_rsp->max_user_ids = rsp->data[0] & 0x3F; + user_access_rsp->max_user_ids = IPMI_UID(rsp->data[0]); user_access_rsp->enable_status = rsp->data[1] & 0xC0; - user_access_rsp->enabled_user_ids = rsp->data[1] & 0x3F; - user_access_rsp->fixed_user_ids = rsp->data[2] & 0x3F; + user_access_rsp->enabled_user_ids = IPMI_UID(rsp->data[1]); + user_access_rsp->fixed_user_ids = IPMI_UID(rsp->data[2]); user_access_rsp->callin_callback = rsp->data[3] & 0x40; user_access_rsp->link_auth = rsp->data[3] & 0x20; user_access_rsp->ipmi_messaging = rsp->data[3] & 0x10; @@ -114,18 +110,18 @@ _ipmi_get_user_name(struct ipmi_intf *intf, struct user_name_t *user_name_ptr) struct ipmi_rq req = {0}; struct ipmi_rs *rsp; uint8_t data[1]; - if (user_name_ptr == NULL) { + if (!user_name_ptr) { return (-3); } - data[0] = user_name_ptr->user_id & 0x3F; + data[0] = IPMI_UID(user_name_ptr->user_id); req.msg.netfn = IPMI_NETFN_APP; req.msg.cmd = IPMI_GET_USER_NAME; req.msg.data = data; req.msg.data_len = 1; rsp = intf->sendrecv(intf, &req); - if (rsp == NULL) { + if (!rsp) { return (-1); - } else if (rsp->ccode > 0) { + } else if (rsp->ccode) { return rsp->ccode; } else if (rsp->data_len != 16) { return (-2); @@ -151,7 +147,7 @@ _ipmi_set_user_access(struct ipmi_intf *intf, uint8_t data[4]; struct ipmi_rq req = {0}; struct ipmi_rs *rsp; - if (user_access_req == NULL) { + if (!user_access_req) { return (-3); } data[0] = change_priv_limit_only ? 0x00 : 0x80; @@ -165,7 +161,7 @@ _ipmi_set_user_access(struct ipmi_intf *intf, data[0] |= 0x10; } data[0] |= (user_access_req->channel & 0x0F); - data[1] = user_access_req->user_id & 0x3F; + data[1] = IPMI_UID(user_access_req->user_id); data[2] = user_access_req->privilege_limit & 0x0F; data[3] = user_access_req->session_limit & 0x0F; req.msg.netfn = IPMI_NETFN_APP; @@ -173,7 +169,7 @@ _ipmi_set_user_access(struct ipmi_intf *intf, req.msg.data = data; req.msg.data_len = 4; rsp = intf->sendrecv(intf, &req); - if (rsp == NULL) { + if (!rsp) { return (-1); } else { return rsp->ccode; @@ -200,14 +196,14 @@ _ipmi_set_user_password(struct ipmi_intf *intf, uint8_t user_id, uint8_t *data; uint8_t data_len = (is_twenty_byte) ? 22 : 18; data = malloc(sizeof(uint8_t) * data_len); - if (data == NULL) { + if (!data) { return (-4); } memset(data, 0, data_len); data[0] = (is_twenty_byte) ? 0x80 : 0x00; - data[0] |= (0x0F & user_id); + data[0] |= IPMI_UID(user_id); data[1] = 0x03 & operation; - if (password != NULL) { + if (password) { size_t copy_len = strlen(password); if (copy_len > (data_len - 2)) { copy_len = data_len - 2; @@ -224,7 +220,7 @@ _ipmi_set_user_password(struct ipmi_intf *intf, uint8_t user_id, rsp = intf->sendrecv(intf, &req); free(data); data = NULL; - if (rsp == NULL) { + if (!rsp) { return (-1); } return rsp->ccode; @@ -371,18 +367,20 @@ ipmi_user_set_username( req.msg.data_len = sizeof(msg_data); memset(msg_data, 0, sizeof(msg_data)); + user_id = IPMI_UID(user_id); + /* The channel number will remain constant throughout this function */ msg_data[0] = user_id; strncpy((char *)(msg_data + 1), name, strlen(name)); rsp = intf->sendrecv(intf, &req); - if (rsp == NULL) { + if (!rsp) { lprintf(LOG_ERR, "Set User Name command failed (user %d, name %s)", user_id, name); return -1; } - if (rsp->ccode > 0) { + if (rsp->ccode) { lprintf(LOG_ERR, "Set User Name command failed (user %d, name %s): %s", user_id, name, val2str(rsp->ccode, completion_code_vals)); return -1; @@ -436,7 +434,7 @@ print_user_usage(void) lprintf(LOG_NOTICE, " set name "); lprintf(LOG_NOTICE, -" set password [ <16|20>]"); +" set password [ [<16|20>]]"); lprintf(LOG_NOTICE, " disable "); lprintf(LOG_NOTICE, @@ -553,7 +551,7 @@ ipmi_user_test(struct ipmi_intf *intf, int argc, char **argv) if (argc == 3) { /* We need to prompt for a password */ password = ask_password(user_id); - if (password == NULL) { + if (!password) { lprintf(LOG_ERR, "ipmitool: malloc failure"); return (-1); } @@ -615,7 +613,7 @@ ipmi_user_mod(struct ipmi_intf *intf, int argc, char **argv) if (is_ipmi_user_id(argv[1], &user_id)) { return (-1); } - operation = (strncmp(argv[0], "disable", 7) == 0) ? + operation = (!strcmp(argv[0], "disable")) ? IPMI_PASSWORD_DISABLE_USER : IPMI_PASSWORD_ENABLE_USER; ccode = _ipmi_set_user_password(intf, user_id, operation, @@ -628,12 +626,17 @@ ipmi_user_mod(struct ipmi_intf *intf, int argc, char **argv) return 0; } +#define USER_PW_IPMI15_LEN 16 /* IPMI 1.5 only allowed for 16 bytes */ +#define USER_PW_IPMI20_LEN 20 /* IPMI 2.0 allows for 20 bytes */ +#define USER_PW_MAX_LEN USER_PW_IPMI20_LEN + int ipmi_user_password(struct ipmi_intf *intf, int argc, char **argv) { char *password = NULL; int ccode = 0; - uint8_t password_type = 16; + uint8_t password_type = USER_PW_IPMI15_LEN; + size_t password_len; uint8_t user_id = 0; if (is_ipmi_user_id(argv[2], &user_id)) { return (-1); @@ -642,52 +645,63 @@ ipmi_user_password(struct ipmi_intf *intf, int argc, char **argv) if (argc == 3) { /* We need to prompt for a password */ char *tmp; + size_t tmplen; password = ask_password(user_id); - if (password == NULL) { + if (!password) { lprintf(LOG_ERR, "ipmitool: malloc failure"); return (-1); } tmp = ask_password(user_id); - if (tmp == NULL) { + tmplen = strnlen(tmp, USER_PW_MAX_LEN + 1); + if (!tmp) { lprintf(LOG_ERR, "ipmitool: malloc failure"); return (-1); } - if (strlen(password) != strlen(tmp) - || strncmp(password, tmp, strlen(tmp))) { - lprintf(LOG_ERR, "Passwords do not match."); + if (strncmp(password, tmp, tmplen)) { + lprintf(LOG_ERR, "Passwords do not match or are " + "longer than %d", USER_PW_MAX_LEN); return (-1); } } else { password = argv[3]; - if (argc > 4) { - if ((str2uchar(argv[4], &password_type) != 0) - || (password_type != 16 && password_type != 20)) { - lprintf(LOG_ERR, "Invalid password length '%s'", argv[4]); - return (-1); - } - } else { - password_type = 16; - } } - if (password == NULL) { + if (!password) { lprintf(LOG_ERR, "Unable to parse password argument."); return (-1); - } else if (strlen(password) > 20) { - lprintf(LOG_ERR, "Password is too long (> 20 bytes)"); + } + + password_len = strnlen(password, USER_PW_MAX_LEN + 1); + + if (argc > 4) { + if ((str2uchar(argv[4], &password_type) != 0) + || (password_type != USER_PW_IPMI15_LEN + && password_type != USER_PW_IPMI20_LEN)) + { + lprintf(LOG_ERR, "Invalid password length '%s'", + argv[4]); + return (-1); + } + } else if (password_len > USER_PW_IPMI15_LEN) { + password_type = USER_PW_IPMI20_LEN; + } + + if (password_len > password_type) { + lprintf(LOG_ERR, "Password is too long (> %d bytes)", + password_type); return (-1); } ccode = _ipmi_set_user_password(intf, user_id, - IPMI_PASSWORD_SET_PASSWORD, password, - password_type > 16); + IPMI_PASSWORD_SET_PASSWORD, password, + password_type > USER_PW_IPMI15_LEN); if (eval_ccode(ccode) != 0) { lprintf(LOG_ERR, "Set User Password command failed (user %d)", - user_id); + user_id); return (-1); } else { printf("Set User Password command successful (user %d)\n", - user_id); + user_id); return 0; } } @@ -726,32 +740,34 @@ ipmi_user_main(struct ipmi_intf *intf, int argc, char **argv) print_user_usage(); return (-1); } - if (strncmp(argv[0], "help", 4) == 0) { + if (!strcmp(argv[0], "help")) { /* Help */ print_user_usage(); return 0; - } else if (strncmp(argv[0], "summary", 7) == 0) { + } else if (!strcmp(argv[0], "summary")) { return ipmi_user_summary(intf, argc, argv); - } else if (strncmp(argv[0], "list", 4) == 0) { + } else if (!strcmp(argv[0], "list")) { return ipmi_user_list(intf, argc, argv); - } else if (strncmp(argv[0], "test", 4) == 0) { + } else if (!strcmp(argv[0], "test")) { return ipmi_user_test(intf, argc, argv); - } else if (strncmp(argv[0], "set", 3) == 0) { + } else if (!strcmp(argv[0], "set")) { /* Set */ - if ((argc >= 3) - && (strncmp("password", argv[1], 8) == 0)) { + if (argc >= 3 + && !strcmp("password", argv[1])) + { return ipmi_user_password(intf, argc, argv); - } else if ((argc >= 2) - && (strncmp("name", argv[1], 4) == 0)) { + } else if (argc >= 2 + && !strcmp("name", argv[1])) + { return ipmi_user_name(intf, argc, argv); } else { print_user_usage(); return (-1); } - } else if (strncmp(argv[0], "priv", 4) == 0) { + } else if (!strcmp(argv[0], "priv")) { return ipmi_user_priv(intf, argc, argv); - } else if ((strncmp(argv[0], "disable", 7) == 0) - || (strncmp(argv[0], "enable", 6) == 0)) { + } else if (!strcmp(argv[0], "disable") + || !strcmp(argv[0], "enable")) { return ipmi_user_mod(intf, argc, argv); } else { lprintf(LOG_ERR, "Invalid user command: '%s'\n", argv[0]); -- cgit v1.2.3