summaryrefslogtreecommitdiffstats
path: root/command/rakp34.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Return the maximum privilege in open session commandTom Joseph2019-02-121-1/+1
| | | | | | | | | | | | | | | | | | This commit does the following: - Set the maximum privilege role in the session instead of current privilege in the implementation of the open session request/response. - In open session response, return the maximum privilege of the session instead of the current privilege level. - Update RAKP12 and RAKP34 implementation Tested: Checked the session setup works fine with ipmitool and freeipmi utility ipmipower. Change-Id: I41b63b91f08c2ed96856c4db41eedaa878c663e3 Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* netipmid: replace std::cerr with phosphor::logging callsVernon Mauery2018-12-191-5/+8
| | | | | | | | This is part of a cleanup and standardization effort of code to get existing code up to date. Change-Id: I0c982ef8d7afa2f56a9cd204bb8ac3112769641c Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
* RMCP+ login support with privilegeRichard Marian Thomaiyar2018-11-211-1/+1
| | | | | | | | | | | | | Implementation of RMCP login support with appropriate privilege level. Unit Test: 1. Verified that user is able to login without any issues 2. Privilege of the user is minimum of requested, user & channel 3. Unable to set higher privilege using Set session commands Change-Id: I5e9ef21dfc1f1b50aa815562a3a65d90c434877c Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
* netipmid: use std::shared_ptr instead of weak_ptr/lockVernon Mauery2018-11-061-8/+5
| | | | | | | | | | | | | All of the instances of getSession and startSession were assigning the result to a local shared_ptr via lock on the weak_ptr. It doesn't make sense to demote the shared_ptr (from the sessionsMap) to a weak_ptr via the return, only to promote to a shared_ptr again via lock. Tested-by: running ipmitool -H a.b.c.d -P 0penBmc -I lanplus mc info Sessions start and stop, same as before. Change-Id: Ic10779285891d73ee51115f16ed0000b38d1c52a Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
* netipmid: apply clang-format rulesVernon Mauery2018-11-021-28/+30
| | | | | | | | Lots of whitespace change. Let clang-format do its job and keep the code looking nice. Change-Id: Idfcad1a99cab8170d55a06163de8ad3f420b68b7 Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
* Support username for IPMI default user accountTom Joseph2018-04-231-3/+9
| | | | | | | | | | | | | The current support in IPMI is for the nameless account, which has no username and only password associated with the account. In ipmitool for the nameless account -U option is not needed. There are management scripts which take a parameter for -U option and fails if -U option is not supported by ipmitool option. This patch is to support "admin" username for the default account. Once full fledged user account management is in place, this change can be removed. Change-Id: Idad73c0d04f189af66f2365424a68a637fe0e476 Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Patch #2 Reducing IPMI logging footprintNagaraju Goruganti2018-04-021-3/+0
| | | | | | | | | | net-ipmid is noisy in terms of journal logging. A small step towards cleaning that up. Partially Resolves openbmc/openbmc#2507 Change-Id: I78e0286fb37086373c86dca276c0948f4595cb0a Signed-off-by: Nagaraju Goruganti <ngorugan@in.ibm.com>
* Add support for cipher suite 17Vernon Mauery2017-12-081-0/+7
| | | | | | | | | cipher suite 17 uses RAKP_HMAC_SHA256 for authentication and RAKP_HMAC_SHA256_128 for integrity. This adds those in and fixes up the lookups so the stack knows about the new algorithms. Change-Id: Icdc66563d08060fc0e541ceaf3bee9dd5f89fdb2 Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
* Prepare for adding RMCP+ cipher suite 17Vernon Mauery2017-12-071-5/+9
| | | | | | | | | | In many places, there are baked-in assumptions about algorithms that tie the session initiation to cipher suite 3. This commit teases out those assumptions and prepares for the next patch that actually adds in the new authentication and integrity algorithms to support cipher suite 17. Change-Id: I2ee3672a7c503b89c5ff0aba30cf7a4601e24d04 Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
* Cache system GUID in netipmidTom Joseph2017-09-111-2/+1
| | | | | | | | | | | | | | | | GUID is used in the IPMI session setup steps RAKP12 and RAKP34. The GUID is read from the DBUS property. It is observed that when the host is booting, reading the GUID takes a significant delay and the session setup fails with ipmitool. Since GUID doesn't change for a machine, it is safe to cache GUID in the netipmid and speed up the session setup. Resolves openbmc/openbmc#1812 Resolves openbmc/openbmc#2245 Resolves openbmc/openbmc#2246 Change-Id: I78c993b3e5ef8b6764457c8fdb3ecb985b965c0c Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Change the signature of the command handler functions.Tom Joseph2017-04-251-2/+2
| | | | | | | Resolves openbmc/openbmc#857 Change-Id: I0b7ca6665dd89629838a238d77aff67fec1818c7 Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Set the Confidentiality Algo in the RAKP34 commandTom Joseph2017-02-241-0/+23
| | | | | Change-Id: I7601b2fd35bedd0145533c5742ef4c848055eefd Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Refactor the RAKP34 implementationTom Joseph2017-02-101-12/+23
| | | | | | | | Refactor the code to apply integrity algorithm to a separate function. Change-Id: I438165dd6fb4962084b319bbdcd53c47e0fc659f Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* Set the Integrity Algo once the Session setup succeedsTom Joseph2017-01-171-0/+13
| | | | | Change-Id: I5c6122b89c345d71e081aadb50c968344b5c697b Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
* RAKP Message 3 & RAKP Message 4 ImplementationTom Joseph2017-01-021-0/+217
Change-Id: I0206a04fec2531e5c5dfee8677d4a2b6942022f7 Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
OpenPOWER on IntegriCloud