1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
|
/*
* Copyright (c) 2003 Sun Microsystems, Inc. All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistribution of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistribution in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* Neither the name of Sun Microsystems, Inc. or the names of
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* This software is provided "AS IS," without a warranty of any kind.
* ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES,
* INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A
* PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED.
* SUN MICROSYSTEMS, INC. ("SUN") AND ITS LICENSORS SHALL NOT BE LIABLE
* FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING
* OR DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL
* SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA,
* OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR
* PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF
* LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
* EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
*/
#include "lanplus.h"
#include "lanplus_crypt.h"
#include "lanplus_dump.h"
extern const struct valstr ipmi_rakp_return_codes[];
extern const struct valstr ipmi_priv_levels[];
extern const struct valstr ipmi_auth_algorithms[];
extern const struct valstr ipmi_integrity_algorithms[];
extern const struct valstr ipmi_encryption_algorithms[];
#define DUMP_PREFIX_INCOMING "<<"
void lanplus_dump_open_session_response(const struct ipmi_rs * rsp)
{
if (verbose < 2)
return;
printf("%sOPEN SESSION RESPONSE\n", DUMP_PREFIX_INCOMING);
printf("%s Message tag : 0x%02x\n",
DUMP_PREFIX_INCOMING,
rsp->payload.open_session_response.message_tag);
printf("%s RMCP+ status : %s\n",
DUMP_PREFIX_INCOMING,
val2str(rsp->payload.open_session_response.rakp_return_code,
ipmi_rakp_return_codes));
printf("%s Maximum privilege level : %s\n",
DUMP_PREFIX_INCOMING,
val2str(rsp->payload.open_session_response.max_priv_level,
ipmi_priv_levels));
printf("%s Console Session ID : 0x%08lx\n",
DUMP_PREFIX_INCOMING,
(long)rsp->payload.open_session_response.console_id);
/* only tag, status, privlvl, and console id are returned if error */
if (rsp->payload.open_session_response.rakp_return_code !=
IPMI_RAKP_STATUS_NO_ERRORS)
return;
printf("%s BMC Session ID : 0x%08lx\n",
DUMP_PREFIX_INCOMING,
(long)rsp->payload.open_session_response.bmc_id);
printf("%s Negotiated authenticatin algorithm : %s\n",
DUMP_PREFIX_INCOMING,
val2str(rsp->payload.open_session_response.auth_alg,
ipmi_auth_algorithms));
printf("%s Negotiated integrity algorithm : %s\n",
DUMP_PREFIX_INCOMING,
val2str(rsp->payload.open_session_response.integrity_alg,
ipmi_integrity_algorithms));
printf("%s Negotiated encryption algorithm : %s\n",
DUMP_PREFIX_INCOMING,
val2str(rsp->payload.open_session_response.crypt_alg,
ipmi_encryption_algorithms));
printf("\n");
}
void lanplus_dump_rakp2_message(const struct ipmi_rs * rsp, uint8_t auth_alg)
{
int i;
if (verbose < 2)
return;
printf("%sRAKP 2 MESSAGE\n", DUMP_PREFIX_INCOMING);
printf("%s Message tag : 0x%02x\n",
DUMP_PREFIX_INCOMING,
rsp->payload.rakp2_message.message_tag);
printf("%s RMCP+ status : %s\n",
DUMP_PREFIX_INCOMING,
val2str(rsp->payload.rakp2_message.rakp_return_code,
ipmi_rakp_return_codes));
printf("%s Console Session ID : 0x%08lx\n",
DUMP_PREFIX_INCOMING,
(long)rsp->payload.rakp2_message.console_id);
printf("%s BMC random number : 0x", DUMP_PREFIX_INCOMING);
for (i = 0; i < 16; ++i)
printf("%02x", rsp->payload.rakp2_message.bmc_rand[i]);
printf("\n");
printf("%s BMC GUID : 0x", DUMP_PREFIX_INCOMING);
for (i = 0; i < 16; ++i)
printf("%02x", rsp->payload.rakp2_message.bmc_guid[i]);
printf("\n");
switch(auth_alg)
{
case IPMI_AUTH_RAKP_NONE:
printf("%s Key exchange auth code : none\n", DUMP_PREFIX_INCOMING);
break;
case IPMI_AUTH_RAKP_HMAC_SHA1:
printf("%s Key exchange auth code [sha1] : 0x", DUMP_PREFIX_INCOMING);
for (i = 0; i < IPMI_SHA_DIGEST_LENGTH; ++i) {
printf("%02x", rsp->payload.rakp2_message.key_exchange_auth_code[i]);
}
printf("\n");
break;
case IPMI_AUTH_RAKP_HMAC_MD5:
printf("%s Key exchange auth code [md5] : 0x", DUMP_PREFIX_INCOMING);
for (i = 0; i < IPMI_MD5_DIGEST_LENGTH; ++i) {
printf("%02x", rsp->payload.rakp2_message.key_exchange_auth_code[i]);
}
printf("\n");
break;
#ifdef HAVE_CRYPTO_SHA256
case IPMI_AUTH_RAKP_HMAC_SHA256:
printf("%s Key exchange auth code [sha256]: 0x", DUMP_PREFIX_INCOMING);
for (i = 0; i < IPMI_SHA256_DIGEST_LENGTH; ++i) {
printf("%02x", rsp->payload.rakp2_message.key_exchange_auth_code[i]);
}
printf("\n");
break;
#endif /* HAVE_CRYPTO_SHA256 */
default:
printf("%s Key exchange auth code : invalid", DUMP_PREFIX_INCOMING);
}
printf("\n");
}
void lanplus_dump_rakp4_message(const struct ipmi_rs * rsp, uint8_t auth_alg)
{
int i;
if (verbose < 2)
return;
printf("%sRAKP 4 MESSAGE\n", DUMP_PREFIX_INCOMING);
printf("%s Message tag : 0x%02x\n",
DUMP_PREFIX_INCOMING,
rsp->payload.rakp4_message.message_tag);
printf("%s RMCP+ status : %s\n",
DUMP_PREFIX_INCOMING,
val2str(rsp->payload.rakp4_message.rakp_return_code,
ipmi_rakp_return_codes));
printf("%s Console Session ID : 0x%08lx\n",
DUMP_PREFIX_INCOMING,
(long)rsp->payload.rakp4_message.console_id);
switch(auth_alg)
{
case IPMI_AUTH_RAKP_NONE:
printf("%s Key exchange auth code : none\n", DUMP_PREFIX_INCOMING);
break;
case IPMI_AUTH_RAKP_HMAC_SHA1:
printf("%s Key exchange auth code [sha1] : 0x", DUMP_PREFIX_INCOMING);
for (i = 0; i < IPMI_SHA1_AUTHCODE_SIZE; ++i) {
printf("%02x", rsp->payload.rakp4_message.integrity_check_value[i]);
}
printf("\n");
break;
case IPMI_AUTH_RAKP_HMAC_MD5:
printf("%s Key exchange auth code [md5] : 0x", DUMP_PREFIX_INCOMING);
for (i = 0; i < IPMI_HMAC_MD5_AUTHCODE_SIZE; ++i) {
printf("%02x", rsp->payload.rakp4_message.integrity_check_value[i]);
}
printf("\n");
break;
#ifdef HAVE_CRYPTO_SHA256
case IPMI_AUTH_RAKP_HMAC_SHA256:
printf("%s Key exchange auth code [sha256]: 0x", DUMP_PREFIX_INCOMING);
for (i = 0; i < IPMI_HMAC_SHA256_AUTHCODE_SIZE; ++i) {
printf("%02x", rsp->payload.rakp4_message.integrity_check_value[i]);
}
printf("\n");
break;
#endif /* HAVE_CRYPTO_SHA256 */
default:
printf("%s Key exchange auth code : invalid", DUMP_PREFIX_INCOMING);
}
printf("\n");
}
|