4
* MontaVista IPMI LAN server include file
6
* Author: MontaVista Software, Inc.
7
* Corey Minyard <minyard@mvista.com>
10
* Copyright 2003,2004,2005 MontaVista Software Inc.
12
* This software is available to you under a choice of one of two
13
* licenses. You may choose to be licensed under the terms of the GNU
14
* Lesser General Public License (GPL) Version 2 or the modified BSD
15
* license below. The following disclamer applies to both licenses:
17
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
18
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
19
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
22
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
23
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
24
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
25
* TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
26
* USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28
* GNU Lesser General Public Licence
30
* This program is free software; you can redistribute it and/or
31
* modify it under the terms of the GNU Lesser General Public License
32
* as published by the Free Software Foundation; either version 2 of
33
* the License, or (at your option) any later version.
35
* You should have received a copy of the GNU Lesser General Public
36
* License along with this program; if not, write to the Free
37
* Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
39
* Modified BSD Licence
41
* Redistribution and use in source and binary forms, with or without
42
* modification, are permitted provided that the following conditions
45
* 1. Redistributions of source code must retain the above copyright
46
* notice, this list of conditions and the following disclaimer.
47
* 2. Redistributions in binary form must reproduce the above
48
* copyright notice, this list of conditions and the following
49
* disclaimer in the documentation and/or other materials provided
50
* with the distribution.
51
* 3. The name of the author may not be used to endorse or promote
52
* products derived from this software without specific prior
59
#include <sys/uio.h> /* for iovec */
61
#include <sys/types.h>
62
#include <sys/socket.h>
65
#include <OpenIPMI/ipmi_auth.h>
72
* Restrictions: <=64 sessions
73
* <=64 users (per spec, 6 bits)
76
#define USER_BITS_REQ 6 /* Bits required to hold a user. */
77
#define USER_MASK 0x3f
78
#define MAX_SESSIONS 63
79
#define SESSION_BITS_REQ 6 /* Bits required to hold a session. */
80
#define SESSION_MASK 0x3f
82
#define MAIN_CHANNEL 0x7
84
typedef struct session_s session_t;
85
typedef struct lan_data_s lan_data_t;
92
long oem_data; /* For use by OEM handlers. This will be set to
93
zero by the calling code. */
95
unsigned char authtype;
100
unsigned char *authcode;
101
unsigned char authcode_data[16];
104
unsigned char payload;
105
unsigned char encrypted;
106
unsigned char authenticated;
107
unsigned char iana[3];
109
unsigned char *authdata;
110
unsigned int authdata_len;
113
unsigned char rs_addr;
114
unsigned char rs_lun;
115
unsigned char rq_addr;
116
unsigned char rq_lun;
117
unsigned char rq_seq;
123
unsigned long ll_data; /* For use by the low-level code. */
126
typedef struct rsp_msg
130
unsigned short data_len;
134
#define NUM_PRIV_LEVEL 4
135
typedef struct channel_s
137
unsigned int available : 1;
139
unsigned int PEF_alerting : 1;
140
unsigned int per_msg_auth : 1;
142
/* We don't support user-level authentication disable, and access
143
mode is always available and cannot be set. */
145
unsigned int privilege_limit : 4;
147
unsigned char allowed_auths;
148
} priv_info[NUM_PRIV_LEVEL];
151
typedef struct integ_handlers_s
153
int (*init)(lan_data_t *lan, session_t *session);
154
void (*cleanup)(lan_data_t *lan, session_t *session);
155
int (*add)(lan_data_t *lan, session_t *session,
157
unsigned int *data_len, unsigned int data_size);
158
int (*check)(lan_data_t *lan, session_t *session, msg_t *msg);
161
typedef struct conf_handlers_s
163
int (*init)(lan_data_t *lan, session_t *session);
164
void (*cleanup)(lan_data_t *lan, session_t *session);
165
int (*encrypt)(lan_data_t *lan, session_t *session,
166
unsigned char **pos, unsigned int *hdr_left,
167
unsigned int *data_len, unsigned int *data_size);
168
int (*decrypt)(lan_data_t *lan, session_t *session, msg_t *msg);
171
typedef struct auth_handlers_s
173
int (*init)(lan_data_t *lan, session_t *session);
174
int (*set2)(lan_data_t *lan, session_t *session,
175
unsigned char *data, unsigned int *data_len,
176
unsigned int max_len);
177
int (*check3)(lan_data_t *lan, session_t *session,
178
unsigned char *data, unsigned int *data_len);
179
int (*set4)(lan_data_t *lan, session_t *session,
180
unsigned char *data, unsigned int *data_len,
181
unsigned int max_len);
184
typedef struct auth_data_s
186
unsigned char rand[16];
187
unsigned char rem_rand[16];
189
unsigned char username_len;
190
unsigned char username[16];
191
unsigned char sik[20];
192
unsigned char k1[20];
193
unsigned char k2[20];
194
unsigned int akey_len;
195
unsigned int integ_len;
198
unsigned int ikey_len;
202
unsigned int ckey_len;
209
unsigned int active : 1;
210
unsigned int in_startup : 1;
211
unsigned int rmcpplus : 1;
213
int handle; /* My index in the table. */
218
unsigned char userid;
221
unsigned char authtype;
222
ipmi_authdata_t authdata;
225
uint32_t unauth_recv_seq;
226
uint32_t unauth_xmit_seq;
231
integ_handlers_t *integh;
232
conf_handlers_t *confh;
233
auth_handlers_t *authh;
234
auth_data_t auth_data;
237
unsigned char max_priv;
239
/* The number of seconds left before the session is shut down. */
240
unsigned int time_left;
242
/* Address of the message that started the sessions. */
247
typedef struct user_s
250
unsigned char link_auth;
251
unsigned char cb_only;
252
unsigned char username[16];
253
unsigned char pw[20];
254
unsigned char privilege;
255
unsigned char max_sessions;
256
unsigned char curr_sessions;
257
uint16_t allowed_auths;
259
/* Set by the user code. */
260
int idx; /* My idx in the table. */
263
typedef struct lanparm_dest_data_s
265
unsigned char type[4];
266
unsigned char addr[13];
267
unsigned char vlan[4];
268
} lanparm_dest_data_t;
270
typedef struct lanparm_data_s lanparm_data_t;
271
struct lanparm_data_s
273
unsigned int set_in_progress : 2;
274
void (*commit)(lan_data_t *lan); /* Called when the commit occurs. */
275
unsigned int auth_type_support : 6; /* Read-only */
276
unsigned int ip_addr_src : 4;
277
unsigned int bmc_gen_arp_ctl : 2;
278
unsigned int garp_interval : 8;
279
unsigned int num_destinations : 4; /* Read-only */
280
lanparm_dest_data_t dest[16];
282
unsigned char auth_type_enables[5];
283
unsigned char ip_addr[4];
284
unsigned char mac_addr[6];
285
unsigned char subnet_mask[4];
286
unsigned char ipv4_hdr_parms[3];
287
unsigned char primary_rmcp_port[2];
288
unsigned char secondary_rmcp_port[2];
289
unsigned char default_gw_ip_addr[4];
290
unsigned char default_gw_mac_addr[6];
291
unsigned char backup_gw_ip_addr[4];
292
unsigned char backup_gw_mac_addr[6];
293
unsigned char community_string[18];
295
unsigned char vlan_id[2];
296
unsigned char vlan_priority;
297
unsigned int num_cipher_suites : 4;
298
unsigned char cipher_suite_entry[17];
299
unsigned char max_priv_for_cipher_suite[9];
301
/* Tells what has changed, so the commit can do something about it. */
303
unsigned int ip_addr_src : 1;
304
unsigned int bmc_gen_arp_ctl : 1;
305
unsigned int garp_interval : 1;
306
unsigned int auth_type_enables : 1;
307
unsigned int ip_addr : 1;
308
unsigned int mac_addr : 1;
309
unsigned int subnet_mask : 1;
310
unsigned int ipv4_hdr_parms : 1;
311
unsigned int primary_rmcp_port : 1;
312
unsigned int secondary_rmcp_port : 1;
313
unsigned int default_gw_ip_addr : 1;
314
unsigned int default_gw_mac_addr : 1;
315
unsigned int backup_gw_ip_addr : 1;
316
unsigned int backup_gw_mac_addr : 1;
317
unsigned int community_string : 1;
318
unsigned int vlan_id : 1;
319
unsigned int vlan_priority : 1;
320
unsigned int max_priv_for_cipher_suite : 1;
321
unsigned char dest_type[16];
322
unsigned char dest_addr[16];
323
unsigned char dest_vlan[16];
327
#define MAX_EVENT_FILTERS 16
328
#define MAX_ALERT_POLICIES 16
329
#define MAX_ALERT_STRINGS 16
330
#define MAX_ALERT_STRING_LEN 64
332
typedef struct pef_data_s
334
unsigned int set_in_progress : 2;
335
void (*commit)(lan_data_t *lan); /* Called when the commit occurs. */
337
unsigned char pef_control;
338
unsigned char pef_action_global_control;
339
unsigned char pef_startup_delay;
340
unsigned char pef_alert_startup_delay;
341
unsigned char num_event_filters;
342
unsigned char event_filter_table[MAX_EVENT_FILTERS][21];
343
unsigned char event_filter_data1[MAX_EVENT_FILTERS][2];
344
unsigned char num_alert_policies;
345
unsigned char alert_policy_table[MAX_ALERT_POLICIES][4];
346
unsigned char system_guid[17];
347
unsigned char num_alert_strings;
348
unsigned char alert_string_keys[MAX_ALERT_STRINGS][3];
349
unsigned char alert_strings[MAX_ALERT_STRINGS][MAX_ALERT_STRING_LEN];
351
/* Tells what has changed, so the commit can do something about it. */
353
unsigned int pef_control : 1;
354
unsigned int pef_action_global_control : 1;
355
unsigned int pef_startup_delay : 1;
356
unsigned int pef_alert_startup_delay : 1;
357
unsigned int system_guid : 1;
358
unsigned char event_filter_table[MAX_EVENT_FILTERS];
359
unsigned char event_filter_data1[MAX_EVENT_FILTERS];
360
unsigned char alert_policy_table[MAX_ALERT_POLICIES];
361
unsigned int alert_string_keys[MAX_ALERT_STRINGS];
362
unsigned int alert_strings[MAX_ALERT_STRINGS];
368
/* user 0 is not used. */
369
user_t users[MAX_USERS+1];
372
channel_t nonv_channel; /* What to write to nonv ram. */
374
/* The amount of time in seconds before a session will be shut
375
down if there is no activity. */
376
unsigned int default_session_timeout;
379
unsigned char *bmc_key;
383
/* Information about the MC we are hooked to. */
384
unsigned int manufacturer_id;
385
unsigned int product_id;
387
void (*lan_send)(lan_data_t *lan,
388
struct iovec *data, int vecs,
389
void *addr, int addr_len);
391
int (*smi_send)(lan_data_t *lan, msg_t *msg);
393
/* Generate 'size' bytes of random data into 'data'. */
394
int (*gen_rand)(lan_data_t *lan, void *data, int size);
396
/* Allocate and free data. */
397
void *(*alloc)(lan_data_t *lan, int size);
398
void (*free)(lan_data_t *lan, void *data);
402
/* IPMB address changed. Can be called by OEM code if it detects
403
an IPMB address change. It should be ignored if NULL. */
404
void (*ipmb_addr_change)(lan_data_t *lan, unsigned char addr);
406
/* Write the configuration file (done when a non-volatile
407
change is done, or when a user name/password is written. */
408
void (*write_config)(lan_data_t *lan);
410
#define NEW_SESSION 1
411
#define NEW_SESSION_FAILED 2
412
#define SESSION_CLOSED 3
413
#define SESSION_CHALLENGE 4
414
#define SESSION_CHALLENGE_FAILED 5
415
#define AUTH_FAILED 6
416
#define INVALID_MSG 7
421
void (*log)(int type, msg_t *msg, char *format, ...);
425
/* Do OEM message handling; this is called after the message is
426
authenticated. Should return 0 if the standard handling should
427
continue, or non-zero if the message should not go through
428
normal handling. This field may be NULL, and it will be
430
int (*oem_handle_msg)(lan_data_t *lan, msg_t *msg, session_t *session);
432
/* Called before a response is sent. Should return 0 if the
433
standard handling should continue, or non-zero if the OEM
434
handled the response itself. Note that this code should *not
435
free the message, the lanserv_ipmi code will handle that. */
436
int (*oem_handle_rsp)(lan_data_t *lan, msg_t *msg,
437
session_t *session, rsp_msg_t *rsp);
439
/* Check the privilege of a command to see if it is permitted. */
440
int (*oem_check_permitted)(unsigned char priv,
444
/* Don't fill in the below in the user code. */
446
/* session 0 is not used. */
447
session_t sessions[MAX_SESSIONS+1];
449
/* Used to make the sid somewhat unique. */
452
unsigned int active_sessions;
454
ipmi_authdata_t challenge_auth;
455
unsigned int next_challenge_seq;
457
lanparm_data_t lanparm;
458
lanparm_data_t lanparm_rollback;
461
pef_data_t pef_rollback;
465
typedef void (*handle_oem_cb)(lan_data_t *lan, void *cb_data);
466
typedef struct oem_handler_s
468
unsigned int manufacturer_id;
469
unsigned int product_id;
470
handle_oem_cb handler;
473
struct oem_handler_s *next;
476
/* Register a new OEM handler. */
477
void ipmi_register_oem(oem_handler_t *handler);
479
/* A helper function to allow OEM code to send messages. */
480
int ipmi_oem_send_msg(lan_data_t *lan,
487
void handle_asf(lan_data_t *lan,
488
unsigned char *data, int len,
489
void *from_addr, int from_len);
491
void ipmi_handle_lan_msg(lan_data_t *lan,
492
unsigned char *data, int len,
493
void *from_addr, int from_len);
495
void ipmi_handle_smi_rsp(lan_data_t *lan, msg_t *msg,
496
unsigned char *rsp, int rsp_len);
498
typedef struct sockaddr_ip_s {
501
struct sockaddr s_addr;
502
struct sockaddr_in s_addr4;
504
struct sockaddr_in6 s_addr6;
507
/* socklen_t addr_len;*/
510
/* Read in a configuration file and fill in the lan and address info. */
511
int lanserv_read_config(lan_data_t *lan,
513
sockaddr_ip_t addr[],
514
socklen_t addr_len[],
517
/* Call this periodically to time things. time_since_last is the
518
number of seconds since the last call to this. */
519
void ipmi_lan_tick(lan_data_t *lan, unsigned int time_since_last);
521
int ipmi_lan_init(lan_data_t *lan);
527
#endif /* __LANSERV_H */