struct config_section *
bmc_config_serial_channel_section_get (bmc_config_state_data_t *state_data)
{
struct config_section * serial_channel_section = NULL;
char *section_comment =
"In the Serial_Channel section, IPMI over Serial communication can be "
"enabled or disabled. "
"In the below, \"Volatile\" configurations are immediately "
"configured onto the BMC and will have immediate effect on the system. "
"\"Non_Volatile\" configurations are only available after the next "
"system reset. Generally, both the \"Volatile\" and \"Non_Volatile\" "
"equivalent fields should be configured identically."
"\n"
"Most users will only be interested in IPMI over LAN, therefore serial "
"communication can be disabled. This can be done by setting "
"\"Access_Mode\" to \"Disabled\".";
unsigned int verbose_flags = 0;
/*
* achu: section not checked out by default.
*/
if (state_data->prog_data->args->config_args.verbose)
verbose_flags = 0;
else
verbose_flags = CONFIG_DO_NOT_CHECKOUT;
if (!(serial_channel_section = config_section_create (state_data->pstate,
"Serial_Channel",
"Serial_Channel",
section_comment,
verbose_flags,
NULL,
NULL)))
goto cleanup;
if (bmc_config_channel_common_section_get(state_data,
serial_channel_section,
verbose_flags) < 0)
goto cleanup;
return serial_channel_section;
cleanup:
if (serial_channel_section)
config_section_destroy(state_data->pstate, serial_channel_section);
return NULL;
}
struct config_section *
bmc_config_lan_channel_section_get (bmc_config_state_data_t *state_data,
unsigned int config_flags,
int channel_index)
{
struct config_section * section = NULL;
char *section_comment =
"In the Lan_Channel section, general IPMI over LAN can be enabled for "
"disabled. In the below, \"Volatile\" configurations are immediately "
"configured onto the BMC and will have immediate effect on the system. "
"\"Non_Volatile\" configurations are only available after the next "
"system reset. Generally, both the \"Volatile\" and \"Non_Volatile\" "
"equivalent fields should be configured identically."
"\n"
"To enable IPMI over LAN, typically \"Access_Mode\" "
"should be set to \"Always_Available\". "
"\"Channel_Privilege_Limit\" should be set to the highest privilege "
"level any username was configured with. Typically, this "
"is set to \"Administrator\"."
"\n"
"\"User_Level_Auth\" and \"Per_Message_Auth\" are typically set to "
"\"Yes\" for additional security.";
char *section_name_base_str = "Lan_Channel";
assert (state_data);
if (!(section = config_section_multi_channel_create (state_data->pstate,
section_name_base_str,
section_comment,
NULL,
NULL,
config_flags,
channel_index,
state_data->lan_channel_numbers,
state_data->lan_channel_numbers_count)))
goto cleanup;
if (bmc_config_channel_common_section_get (state_data,
section) < 0)
goto cleanup;
return (section);
cleanup:
if (section)
config_section_destroy (section);
return (NULL);
}
struct config_section *
bmc_config_lan_conf_security_keys_section_get (bmc_config_state_data_t *state_data)
{
struct config_section *lan_conf_security_keys_section = NULL;
char *section_comment =
"If your system supports IPMI 2.0 and Serial-over-LAN (SOL), a "
"K_g BMC key may be configurable. The K_g key is an optional key that "
"can be set for two key authentication in IPMI 2.0. It is optionally "
"configured. Most users will want to set this to zero (or blank).";
if (!(lan_conf_security_keys_section = config_section_create (state_data->pstate,
"Lan_Conf_Security_Keys",
"Lan_Conf_Security_Keys",
section_comment,
0,
NULL,
NULL)))
goto cleanup;
if (config_section_add_key (state_data->pstate,
lan_conf_security_keys_section,
"K_R",
"Give string or blank to clear. Max 20 chars",
0,
k_r_checkout,
k_r_commit,
k_r_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
lan_conf_security_keys_section,
"K_G",
"Give string or blank to clear. Max 20 bytes, prefix with 0x to enter hex",
0,
k_g_checkout,
k_g_commit,
k_g_validate) < 0)
goto cleanup;
return lan_conf_security_keys_section;
cleanup:
if (lan_conf_security_keys_section)
config_section_destroy(state_data->pstate, lan_conf_security_keys_section);
return NULL;
}
struct config_section *
ipmi_pef_config_community_string_section_get (ipmi_pef_config_state_data_t *state_data,
unsigned int config_flags,
int channel_index)
{
struct config_section *section = NULL;
char *section_name_base_str = "Community_String";
assert (state_data);
if (!(section = config_section_multi_channel_create (state_data->pstate,
section_name_base_str,
NULL,
NULL,
NULL,
config_flags,
channel_index,
state_data->lan_channel_numbers,
state_data->lan_channel_numbers_count)))
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Community_String",
"Give valid string",
0,
community_string_checkout,
community_string_commit,
community_string_validate) < 0)
goto cleanup;
return (section);
cleanup:
if (section)
config_section_destroy (section);
return (NULL);
}
struct config_section *
pef_config_alert_policy_table_section_get (pef_config_state_data_t *state_data, int num)
{
struct config_section *section = NULL;
uint8_t lan_channel_number;
char *strp = NULL;
config_err_t ret;
char buf[CONFIG_MAX_SECTION_NAME_LEN];
if (num <= 0)
{
pstdout_fprintf(state_data->pstate,
stderr,
"Invalid Num = %d\n",
num);
return NULL;
}
snprintf(buf, CONFIG_MAX_SECTION_NAME_LEN, "Alert_Policy_%d", num);
if (!(section = config_section_create (state_data->pstate,
buf,
NULL,
NULL,
0,
NULL,
NULL)))
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Policy_Type",
"Possible values: Always_Send_To_This_Destination/Proceed_To_Next_Entry/Do_Not_Proceed_Any_More_Entries/Proceed_To_Next_Entry_Different_Channel/Proceed_To_Next_Entry_Different_Destination_Type",
0,
policy_type_checkout,
policy_type_commit,
policy_type_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Policy_Enabled",
"Possible values: Yes/No",
0,
policy_enabled_checkout,
policy_enabled_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Policy_Number",
"Give a valid number",
0,
policy_number_checkout,
policy_number_commit,
config_number_range_four_bits) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Destination_Selector",
"Give a valid number",
0,
destination_selector_checkout,
destination_selector_commit,
config_number_range_four_bits) < 0)
goto cleanup;
ret = get_lan_channel_number (state_data, &lan_channel_number);
if (ret == CONFIG_ERR_SUCCESS)
{
if (asprintf(&strp,
"Give a valid number (LAN = %u)",
lan_channel_number) < 0)
{
if (!strp)
{
pstdout_perror(state_data->pstate,
"asprintf");
goto cleanup;
}
}
}
else
{
if (!(strp = strdup("Give a valid number")))
{
pstdout_perror(state_data->pstate,
"strdup");
goto cleanup;
}
}
if (config_section_add_key (state_data->pstate,
section,
"Channel_Number",
strp,
0,
channel_number_checkout,
channel_number_commit,
config_number_range_four_bits) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Alert_String_Set_Selector",
"Give a valid number",
0,
alert_string_set_selector_checkout,
alert_string_set_selector_commit,
config_number_range_seven_bits) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Event_Specific_Alert_String",
"Possible values: Yes/No",
0,
event_specific_alert_string_checkout,
event_specific_alert_string_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (strp)
free(strp);
return section;
cleanup:
if (strp)
free(strp);
if (section)
config_section_destroy(state_data->pstate, section);
return NULL;
}
struct config_section *
ipmi_pef_config_alert_policy_table_section_get (ipmi_pef_config_state_data_t *state_data, unsigned int num)
{
struct config_section *section = NULL;
char section_name[CONFIG_MAX_SECTION_NAME_LEN];
char description[CONFIG_MAX_DESCRIPTION_LEN];
assert (state_data);
assert (num);
snprintf (section_name, CONFIG_MAX_SECTION_NAME_LEN, "Alert_Policy_%u", num);
if (!(section = config_section_create (state_data->pstate,
section_name,
NULL,
NULL,
0,
NULL,
NULL)))
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Policy_Type",
"Possible values: Always_Send_To_This_Destination/Proceed_To_Next_Entry/Do_Not_Proceed_Any_More_Entries/Proceed_To_Next_Entry_Different_Channel/Proceed_To_Next_Entry_Different_Destination_Type",
0,
policy_type_checkout,
policy_type_commit,
policy_type_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Policy_Enabled",
"Possible values: Yes/No",
0,
policy_enabled_checkout,
policy_enabled_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Policy_Number",
"Give a valid number",
0,
policy_number_checkout,
policy_number_commit,
config_number_range_four_bits) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Destination_Selector",
"Give a valid number",
0,
destination_selector_checkout,
destination_selector_commit,
config_number_range_four_bits) < 0)
goto cleanup;
if (!state_data->lan_channel_numbers_loaded)
{
if (load_lan_channel_numbers (state_data) != CONFIG_ERR_SUCCESS)
goto cleanup;
}
if (state_data->lan_channel_numbers_count > 0)
{
char tempbuf[CONFIG_MAX_DESCRIPTION_LEN];
int i;
snprintf (description,
CONFIG_MAX_DESCRIPTION_LEN,
"Give a valid number (LAN = %u",
state_data->lan_channel_numbers[0]);
for (i = 1; i < state_data->lan_channel_numbers_count; i++)
{
snprintf (tempbuf,
CONFIG_MAX_DESCRIPTION_LEN,
", %u",
state_data->lan_channel_numbers[i]);
strcat (description, tempbuf);
}
strcat (description, ")");
}
else
snprintf (description,
CONFIG_MAX_DESCRIPTION_LEN,
"Give a valid number");
if (config_section_add_key (state_data->pstate,
section,
"Channel_Number",
description,
0,
channel_number_checkout,
channel_number_commit,
config_number_range_four_bits) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Alert_String_Set_Selector",
"Give a valid number",
0,
alert_string_set_selector_checkout,
alert_string_set_selector_commit,
config_number_range_seven_bits) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Event_Specific_Alert_String",
"Possible values: Yes/No",
0,
event_specific_alert_string_checkout,
event_specific_alert_string_commit,
config_yes_no_validate) < 0)
goto cleanup;
return (section);
cleanup:
if (section)
config_section_destroy (section);
return (NULL);
}
struct config_section *
bmc_config_rmcpplus_conf_privilege_section_get (bmc_config_state_data_t *state_data,
unsigned int config_flags,
int channel_index)
{
struct config_section *section = NULL;
char *section_comment =
"If your system supports IPMI 2.0 and Serial-over-LAN (SOL),"
"cipher suite IDs may be configurable below. In the "
"Rmcpplus_Conf_Privilege section, maximum user privilege levels "
"allowed for authentication under IPMI 2.0 (including Serial-over-LAN) "
"are set for each supported cipher suite ID. Each cipher suite ID "
"supports different sets of authentication, integrity, and encryption "
"algorithms for IPMI 2.0. Typically, the highest privilege level any "
"username configured should set for support under a cipher suite ID. "
"This is typically \"Administrator\".";
char *section_name_base_str = "Rmcpplus_Conf_Privilege";
assert (state_data);
if (!(section = config_section_multi_channel_create (state_data->pstate,
section_name_base_str,
section_comment,
NULL,
NULL,
config_flags,
channel_index,
state_data->lan_channel_numbers,
state_data->lan_channel_numbers_count)))
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_0",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_1",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_2",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_3",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_4",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_5",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_6",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_7",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_8",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_9",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_10",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_11",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_12",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_13",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_14",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_15",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
#if 0
/* achu: Can't support this config until IPMI spec is updated. Yeah, it sucks */
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_16",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_17",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_18",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Maximum_Privilege_Cipher_Suite_Id_19",
"Possible values: Unused/User/Operator/Administrator/OEM_Proprietary",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT_IF_VALUE_EMPTY,
id_checkout_cb,
id_commit_cb,
rmcpplus_priv_number_validate) < 0)
goto cleanup;
#endif
return (section);
cleanup:
if (section)
config_section_destroy (section);
return (NULL);
}
struct config_section *
bmc_config_lan_conf_auth_section_get (bmc_config_state_data_t *state_data,
unsigned int config_flags,
int channel_index)
{
struct config_section *section = NULL;
char *section_comment =
"In the Lan_Conf_Auth section, allowable authentication mechanisms for "
"IPMI 1.5 is configured. Most users will want to set all \"MD5\" "
"authentication to \"Yes\" and the rest to \"No\". If you have "
"configured a NULL username and a NULL password, you "
"will also want to configure some of the \"None\" fields to \"Yes\" "
"to allow \"None\" authentication to work. Some motherboards do not "
"allow you to enable OEM authentication, so you may wish to set all "
"OEM related fields to \"No\".";
char *section_name_base_str = "Lan_Conf_Auth";
assert (state_data);
if (!(section = config_section_multi_channel_create (state_data->pstate,
section_name_base_str,
section_comment,
NULL,
NULL,
config_flags,
channel_index,
state_data->lan_channel_numbers,
state_data->lan_channel_numbers_count)))
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Callback_Enable_Auth_Type_None",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Callback_Enable_Auth_Type_MD2",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Callback_Enable_Auth_Type_MD5",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Callback_Enable_Auth_Type_Straight_Password",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Callback_Enable_Auth_Type_OEM_Proprietary",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"User_Enable_Auth_Type_None",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"User_Enable_Auth_Type_MD2",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"User_Enable_Auth_Type_MD5",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"User_Enable_Auth_Type_Straight_Password",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"User_Enable_Auth_Type_OEM_Proprietary",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Operator_Enable_Auth_Type_None",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Operator_Enable_Auth_Type_MD2",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Operator_Enable_Auth_Type_MD5",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Operator_Enable_Auth_Type_Straight_Password",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Operator_Enable_Auth_Type_OEM_Proprietary",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Admin_Enable_Auth_Type_None",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Admin_Enable_Auth_Type_MD2",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Admin_Enable_Auth_Type_MD5",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Admin_Enable_Auth_Type_Straight_Password",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Admin_Enable_Auth_Type_OEM_Proprietary",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"OEM_Enable_Auth_Type_None",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"OEM_Enable_Auth_Type_MD2",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"OEM_Enable_Auth_Type_MD5",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"OEM_Enable_Auth_Type_Straight_Password",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"OEM_Enable_Auth_Type_OEM_Proprietary",
"Possible values: Yes/No",
0,
_authentication_level_checkout,
_authentication_level_commit,
config_yes_no_validate) < 0)
goto cleanup;
return (section);
cleanup:
if (section)
config_section_destroy (section);
return (NULL);
}
struct config_section *
pef_config_pef_conf_section_get (pef_config_state_data_t *state_data)
{
struct config_section *pef_section;
if (!(pef_section = config_section_create (state_data->pstate,
"PEF_Conf",
NULL,
NULL,
0,
NULL,
NULL)))
goto cleanup;
if (config_section_add_key (state_data->pstate,
pef_section,
"Enable_PEF",
"Possible values: Yes/No",
0,
_enable_pef_checkout,
_enable_pef_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
pef_section,
"Enable_PEF_Event_Messages",
"Possible values: Yes/No",
0,
_enable_pef_event_messages_checkout,
_enable_pef_event_messages_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
pef_section,
"Enable_PEF_Startup_Delay",
"Possible values: Yes/No",
0,
_enable_pef_startup_delay_checkout,
_enable_pef_startup_delay_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
pef_section,
"Enable_PEF_Alert_Startup_Delay",
"Possible values: Yes/No",
0,
_enable_pef_alert_startup_delay_checkout,
_enable_pef_alert_startup_delay_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
pef_section,
"Enable_Alert_Action",
"Possible values: Yes/No",
0,
_enable_alert_action_checkout,
_enable_alert_action_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
pef_section,
"Enable_Power_Down_Action",
"Possible values: Yes/No",
0,
_enable_power_down_action_checkout,
_enable_power_down_action_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
pef_section,
"Enable_Reset_Action",
"Possible values: Yes/No",
0,
_enable_reset_action_checkout,
_enable_reset_action_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
pef_section,
"Enable_Power_Cycle_Action",
"Possible values: Yes/No",
0,
_enable_power_cycle_action_checkout,
_enable_power_cycle_action_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
pef_section,
"Enable_OEM_Action",
"Possible values: Yes/No",
0,
_enable_oem_action_checkout,
_enable_oem_action_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
pef_section,
"Enable_Diagnostic_Interrupt",
"Possible values: Yes/No",
0,
_enable_diagnostic_interrupt_checkout,
_enable_diagnostic_interrupt_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
pef_section,
"Startup_Delay",
"Give value in seconds",
0,
_pef_startup_delay_checkout,
_pef_startup_delay_commit,
config_number_range_one_byte) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
pef_section,
"Alert_Startup_Delay",
"Give value in seconds",
0,
_pef_alert_startup_delay_checkout,
_pef_alert_startup_delay_commit,
config_number_range_one_byte) < 0)
goto cleanup;
return pef_section;
cleanup:
if (pef_section)
config_section_destroy(state_data->pstate, pef_section);
return NULL;
}
struct config_section *
bmc_config_lan_conf_user_security_section_get (bmc_config_state_data_t *state_data,
unsigned int config_flags,
int channel_index)
{
struct config_section *section = NULL;
char *section_comment =
"The following user security configuration options are optionally "
"implemented by the vendor. They may not be available your system and "
"may not be visible below."
"\n"
"The following configuration supports the ability for the BMC to "
"disable a user if a number of bad passwords are entered sequentially. "
"\"Bad_Password_Threshold\" determines the number of bad passwords that "
"must be entered sequentially. \"Attempt_Count_Reset_Interval\" determines "
"the range of time the bad passwords must occur in. \"User_Lockout_Interval\" "
"determines the time a user will be locked off if the bad password "
"threshold is reached. If set to \"Yes\", \"Enable_Event_Message_When_User_Disabled\" "
"will inform the BMC to log an event message when a user is disabled.";
char *section_name_base_str = "Lan_Conf_User_Security";
assert (state_data);
if (!(section = config_section_multi_channel_create (state_data->pstate,
section_name_base_str,
section_comment,
NULL,
NULL,
config_flags,
channel_index,
state_data->lan_channel_numbers,
state_data->lan_channel_numbers_count)))
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Bad_Password_Threshold",
"Possible values: 0-255, 0 indicates no limit",
0,
bad_password_threshold_checkout,
bad_password_threshold_commit,
config_number_range_one_byte) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Attempt_Count_Reset_Interval",
"Possible values: 0-65535, in 10 second increments (e.g. 2 = 20 sec)\n"
" 0 indicates no interval (i.e. don't reset counter)",
0,
attempt_count_reset_interval_checkout,
attempt_count_reset_interval_commit,
config_number_range_two_bytes) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"User_Lockout_Interval",
"Possible values: 0-65535, in 10 second increments (e.g. 2 = 20 sec)\n"
" 0 indicates no interval (i.e. don't re-enable user)",
0,
user_lockout_interval_checkout,
user_lockout_interval_commit,
config_number_range_two_bytes) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
section,
"Enable_Event_Message_When_User_Disabled",
"Possible values: Yes/No",
0,
enable_event_message_when_user_disabled_checkout,
enable_event_message_when_user_disabled_commit,
config_yes_no_validate) < 0)
goto cleanup;
return (section);
cleanup:
if (section)
config_section_destroy (section);
return (NULL);
}
struct config_section *
bmc_config_sol_conf_section_get (bmc_config_state_data_t *state_data)
{
struct config_section * sol_conf_section = NULL;
char *section_comment =
"If your system supports IPMI 2.0 and Serial-over-LAN (SOL), the "
"following configuration options will allow SOL configuration."
"\n"
"For most users that want to enable SOL, minimally \"Enable_SOL\" "
"should be set to \"Yes\" and \"SOL_Privilege_Level\" should be set to "
"the highest privilege level any username configured can authenticate "
"with (typically \"Administrator\"). For security purposes, "
"\"Force_SOL_Payload_Authentication\" and "
"\"Force_SOL_Payload_Encryption\" should be set to \"Yes\", however "
"forced authentication and/or encryption depends on the cipher suite "
"IDs supported. The \"Non_Volatile_Bit_Rate\" "
"and \"Volatile_Bit_Rate\" should both be set to the appropriate baud "
"rate for your system. This is typically the same baud rate configured "
"in the BIOS and/or operating system.";
if (!(sol_conf_section = config_section_create(state_data->pstate,
"SOL_Conf",
"SOL_Conf",
section_comment,
0,
NULL,
NULL)))
goto cleanup;
if (config_section_add_key (state_data->pstate,
sol_conf_section,
"Enable_SOL",
"Possible values: Yes/No",
0,
enable_sol_checkout,
enable_sol_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
sol_conf_section,
"SOL_Privilege_Level",
"Possible values: Callback/User/Operator/Administrator/OEM_Proprietary",
0,
sol_privilege_level_checkout,
sol_privilege_level_commit,
privilege_level_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
sol_conf_section,
"Force_SOL_Payload_Authentication",
"Possible values: Yes/No",
0,
force_sol_payload_authentication_checkout,
force_sol_payload_authentication_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
sol_conf_section,
"Force_SOL_Payload_Encryption",
"Possible values: Yes/No",
0,
force_sol_payload_encryption_checkout,
force_sol_payload_encryption_commit,
config_yes_no_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
sol_conf_section,
"Character_Accumulate_Interval",
"Give a non-zero valid integer. Each unit is 5ms",
0,
character_accumulate_interval_checkout,
character_accumulate_interval_commit,
config_number_range_one_byte_non_zero) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
sol_conf_section,
"Character_Send_Threshold",
"Give a valid number",
0,
character_send_threshold_checkout,
character_send_threshold_commit,
config_number_range_one_byte) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
sol_conf_section,
"SOL_Retry_Count",
"Give a valid integer",
0,
sol_retry_count_checkout,
sol_retry_count_commit,
config_number_range_one_byte) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
sol_conf_section,
"SOL_Retry_Interval",
"Give a valid integer. Interval unit is 10ms",
0,
sol_retry_interval_checkout,
sol_retry_interval_commit,
config_number_range_one_byte) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
sol_conf_section,
"Non_Volatile_Bit_Rate",
"Possible values: Serial/9600/19200/38400/57600/115200",
0,
non_volatile_bit_rate_checkout,
non_volatile_bit_rate_commit,
sol_bit_rate_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
sol_conf_section,
"Volatile_Bit_Rate",
"Possible values: Serial/9600/19200/38400/57600/115200",
0,
volatile_bit_rate_checkout,
volatile_bit_rate_commit,
sol_bit_rate_number_validate) < 0)
goto cleanup;
if (config_section_add_key (state_data->pstate,
sol_conf_section,
"SOL_Payload_Port_Number",
"Give a valid port number",
CONFIG_CHECKOUT_KEY_COMMENTED_OUT,
sol_payload_port_checkout,
sol_payload_port_commit,
config_number_range_two_bytes) < 0)
goto cleanup;
return sol_conf_section;
cleanup:
if (sol_conf_section)
config_section_destroy(state_data->pstate, sol_conf_section);
return NULL;
}
config_err_t
ipmi_sensors_config_threshold_section (ipmi_sensors_config_state_data_t *state_data,
struct config_section **section_ptr)
{
struct config_section *section = NULL;
char section_name[CONFIG_MAX_SECTION_NAME_LEN];
uint8_t threshold_access_support = 0;
uint8_t hysteresis_support = 0;
config_err_t rv = CONFIG_ERR_FATAL_ERROR;
config_err_t ret;
uint8_t sensor_type;
uint8_t sensor_units_percentage;
uint8_t sensor_units_modifier;
uint8_t sensor_units_rate;
uint8_t sensor_base_unit_type;
uint8_t sensor_modifier_unit_type;
char description[CONFIG_MAX_DESCRIPTION_LEN];
char sensor_units_buf[IPMI_SENSORS_CONFIG_UNITS_BUFLEN+1];
int sensor_units_ret;
const char *sensor_type_str = NULL;
assert (state_data);
assert (section_ptr);
if ((ret = create_section_name (state_data,
section_name,
CONFIG_MAX_SECTION_NAME_LEN)) != CONFIG_ERR_SUCCESS)
{
if (state_data->prog_data->args->config_args.common_args.debug)
pstdout_fprintf (state_data->pstate,
stderr,
"create_section_name: %s\n",
strerror (errno));
rv = ret;
goto cleanup;
}
if (!(section = config_section_create (state_data->pstate,
section_name,
NULL,
NULL,
0,
NULL,
NULL)))
goto cleanup;
if (ipmi_sdr_parse_sensor_capabilities (state_data->sdr_ctx,
NULL,
0,
NULL,
&threshold_access_support,
&hysteresis_support,
NULL,
NULL) < 0)
{
pstdout_fprintf (state_data->pstate,
stderr,
"ipmi_sdr_parse_sensor_capabilities: %s\n",
ipmi_sdr_ctx_errormsg (state_data->sdr_ctx));
goto cleanup;
}
if (ipmi_sdr_parse_sensor_type (state_data->sdr_ctx,
NULL,
0,
&sensor_type) < 0)
{
pstdout_fprintf (state_data->pstate,
stderr,
"ipmi_sdr_parse_sensor_type: %s\n",
ipmi_sdr_ctx_errormsg (state_data->sdr_ctx));
goto cleanup;
}
if (ipmi_sdr_parse_sensor_units (state_data->sdr_ctx,
NULL,
0,
&sensor_units_percentage,
&sensor_units_modifier,
&sensor_units_rate,
&sensor_base_unit_type,
&sensor_modifier_unit_type) < 0)
{
pstdout_fprintf (state_data->pstate,
stderr,
"ipmi_sdr_parse_sensor_unit: %s\n",
ipmi_sdr_ctx_errormsg (state_data->sdr_ctx));
goto cleanup;
}
memset (sensor_units_buf, '\0', IPMI_SENSORS_CONFIG_UNITS_BUFLEN);
sensor_units_ret = ipmi_sensor_units_string (sensor_units_percentage,
sensor_units_modifier,
sensor_units_rate,
sensor_base_unit_type,
sensor_modifier_unit_type,
sensor_units_buf,
IPMI_SENSORS_CONFIG_UNITS_BUFLEN,
0);
sensor_type_str = ipmi_get_sensor_type_string (sensor_type);
memset (description, '\0', CONFIG_MAX_DESCRIPTION_LEN);
if (sensor_units_ret > 0)
snprintf (description,
CONFIG_MAX_DESCRIPTION_LEN,
"Give valid input for sensor type = %s; units = %s",
sensor_type_str ? sensor_type_str : UNRECOGNIZED_SENSOR_TYPE,
sensor_units_buf);
else
snprintf (description,
CONFIG_MAX_DESCRIPTION_LEN,
"Give valid input for sensor type = %s",
sensor_type_str ? sensor_type_str : UNRECOGNIZED_SENSOR_TYPE);
if (setup_sensor_event_enable_fields (state_data, section) < 0)
goto cleanup;
if (threshold_access_support == IPMI_SDR_READABLE_THRESHOLDS_SUPPORT
|| threshold_access_support == IPMI_SDR_READABLE_SETTABLE_THRESHOLDS_SUPPORT
|| state_data->prog_data->args->config_args.verbose_count)
{
if (_setup_threshold_fields (state_data,
section,
description,
sensor_base_unit_type) < 0)
goto cleanup;
}
if (hysteresis_support == IPMI_SDR_READABLE_HYSTERESIS_SUPPORT
|| hysteresis_support == IPMI_SDR_READABLE_SETTABLE_HYSTERESIS_SUPPORT
|| state_data->prog_data->args->config_args.verbose_count)
{
if (_setup_threshold_hysteresis_fields (state_data,
section,
description,
sensor_base_unit_type,
hysteresis_support) < 0)
goto cleanup;
}
*section_ptr = section;
return (CONFIG_ERR_SUCCESS);
cleanup:
if (section)
config_section_destroy (section);
return (rv);
}