struct ipmi_config_section * ipmi_config_core_lan_conf_security_keys_section_get (ipmi_config_state_data_t *state_data, unsigned int config_flags, int channel_index) { struct ipmi_config_section *section = NULL; char *section_comment = "If your system supports IPMI 2.0 and Serial-over-LAN (SOL), a " "K_g BMC key may be configurable. The K_g key is an optional key that " "can be set for two key authentication in IPMI 2.0. It is optionally " "configured. Most users will want to set this to zero (or blank)."; char *section_name_base_str = "Lan_Conf_Security_Keys"; assert (state_data); if (!(section = ipmi_config_section_multi_channel_create (state_data, section_name_base_str, section_comment, NULL, NULL, config_flags, channel_index, state_data->lan_channel_numbers, state_data->lan_channel_numbers_count))) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "K_R", "Give string or blank to clear. Max 20 chars", 0, k_r_checkout, k_r_commit, k_r_validate) < 0) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "K_G", "Give string or blank to clear. Max 20 bytes, prefix with 0x to enter hex", 0, k_g_checkout, k_g_commit, k_g_validate) < 0) goto cleanup; return (section); cleanup: if (section) ipmi_config_section_destroy (section); return (NULL); }
struct ipmi_config_section * ipmi_config_core_lan_channel_section_get (ipmi_config_state_data_t *state_data, unsigned int config_flags, int channel_index) { struct ipmi_config_section * section = NULL; char *section_comment = "In the Lan_Channel section, general IPMI over LAN can be enabled for " "disabled. In the below, \"Volatile\" configurations are immediately " "configured onto the BMC and will have immediate effect on the system. " "\"Non_Volatile\" configurations are only available after the next " "system reset. Generally, both the \"Volatile\" and \"Non_Volatile\" " "equivalent fields should be configured identically." "\n" "To enable IPMI over LAN, typically \"Access_Mode\" " "should be set to \"Always_Available\". " "\"Channel_Privilege_Limit\" should be set to the highest privilege " "level any username was configured with. Typically, this " "is set to \"Administrator\"." "\n" "\"User_Level_Auth\" and \"Per_Message_Auth\" are typically set to " "\"Yes\" for additional security."; char *section_name_base_str = "Lan_Channel"; assert (state_data); if (!(section = ipmi_config_section_multi_channel_create (state_data, section_name_base_str, section_comment, NULL, NULL, config_flags, channel_index, state_data->lan_channel_numbers, state_data->lan_channel_numbers_count))) goto cleanup; if (ipmi_config_core_channel_common_section_get (state_data, section) < 0) goto cleanup; return (section); cleanup: if (section) ipmi_config_section_destroy (section); return (NULL); }
struct ipmi_config_section * ipmi_config_pef_community_string_section_get (ipmi_config_state_data_t *state_data, unsigned int config_flags, int channel_index) { struct ipmi_config_section *section = NULL; char *section_name_base_str = "Community_String"; assert (state_data); if (!(section = ipmi_config_section_multi_channel_create (state_data, section_name_base_str, NULL, NULL, NULL, config_flags, channel_index, state_data->lan_channel_numbers, state_data->lan_channel_numbers_count))) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Community_String", "Give valid string", 0, community_string_checkout, community_string_commit, community_string_validate) < 0) goto cleanup; return (section); cleanup: if (section) ipmi_config_section_destroy (section); return (NULL); }
struct ipmi_config_section * ipmi_config_core_lan_conf_user_security_section_get (ipmi_config_state_data_t *state_data, unsigned int config_flags, int channel_index) { struct ipmi_config_section *section = NULL; char *section_comment = "The following user security configuration options are optionally " "implemented by the vendor. They may not be available your system and " "may not be visible below." "\n" "The following configuration supports the ability for the BMC to " "disable a user if a number of bad passwords are entered sequentially. " "\"Bad_Password_Threshold\" determines the number of bad passwords that " "must be entered sequentially. \"Attempt_Count_Reset_Interval\" determines " "the range of time the bad passwords must occur in. \"User_Lockout_Interval\" " "determines the time a user will be locked off if the bad password " "threshold is reached. If set to \"Yes\", \"Enable_Event_Message_When_User_Disabled\" " "will inform the BMC to log an event message when a user is disabled."; char *section_name_base_str = "Lan_Conf_User_Security"; assert (state_data); if (!(section = ipmi_config_section_multi_channel_create (state_data, section_name_base_str, section_comment, NULL, NULL, config_flags, channel_index, state_data->lan_channel_numbers, state_data->lan_channel_numbers_count))) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Bad_Password_Threshold", "Possible values: 0-255, 0 indicates no limit", 0, bad_password_threshold_checkout, bad_password_threshold_commit, number_range_one_byte_validate) < 0) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Attempt_Count_Reset_Interval", "Possible values: 0-65535, in 10 second increments (e.g. 2 = 20 sec)\n" " 0 indicates no interval (i.e. don't reset counter)", 0, attempt_count_reset_interval_checkout, attempt_count_reset_interval_commit, number_range_two_bytes_validate) < 0) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "User_Lockout_Interval", "Possible values: 0-65535, in 10 second increments (e.g. 2 = 20 sec)\n" " 0 indicates no interval (i.e. don't re-enable user)", 0, user_lockout_interval_checkout, user_lockout_interval_commit, number_range_two_bytes_validate) < 0) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Enable_Event_Message_When_User_Disabled", "Possible values: Yes/No", 0, enable_event_message_when_user_disabled_checkout, enable_event_message_when_user_disabled_commit, yes_no_validate) < 0) goto cleanup; return (section); cleanup: if (section) ipmi_config_section_destroy (section); return (NULL); }
struct ipmi_config_section * ipmi_config_core_serial_conf_section_get (ipmi_config_state_data_t *state_data, unsigned int config_flags, int channel_index) { struct ipmi_config_section *section = NULL; char *section_comment = "In the Serial_Conf section, typical serial communication configuration " "is setup. Most users will only be interested in IPMI over LAN, " "therefore this section can generally be ignored."; char *section_name_base_str = "Serial_Conf"; assert (state_data); /* * achu: section not checked out by default. */ if (!state_data->prog_data->args->verbose_count) config_flags |= IPMI_CONFIG_DO_NOT_CHECKOUT; if (!(section = ipmi_config_section_multi_channel_create (state_data, section_name_base_str, section_comment, NULL, NULL, config_flags, channel_index, state_data->serial_channel_numbers, state_data->serial_channel_numbers_count))) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Enable_Basic_Mode", "Possible values: Yes/No", 0, enable_basic_mode_checkout, enable_basic_mode_commit, yes_no_validate) < 0) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Enable_PPP_Mode", "Possible values: Yes/No", 0, enable_ppp_mode_checkout, enable_ppp_mode_commit, yes_no_validate) < 0) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Enable_Terminal_Mode", "Possible values: Yes/No", 0, enable_terminal_mode_checkout, enable_terminal_mode_commit, yes_no_validate) < 0) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Connect_Mode", "Possible values: Modem_Connect/Direct_Connect", 0, connect_mode_checkout, connect_mode_commit, connect_mode_number_validate) < 0) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Page_Blackout_Interval", "Give a valid number", 0, page_blackout_interval_checkout, page_blackout_interval_commit, number_range_one_byte_validate) < 0) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Call_Retry_Interval", "Give a valid number", 0, call_retry_interval_checkout, call_retry_interval_commit, number_range_one_byte_validate) < 0) goto cleanup; /* achu: For backwards compatability to ipmi-config in 0.2.0 */ if (ipmi_config_section_add_key (state_data, section, "Call_Retry_Time", "Give a valid number", IPMI_CONFIG_DO_NOT_CHECKOUT, call_retry_interval_checkout, call_retry_interval_commit, number_range_one_byte_validate) < 0) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Enable_DTR_Hangup", "Possible values: Yes/No", 0, enable_dtr_hangup_checkout, enable_dtr_hangup_commit, yes_no_validate) < 0) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Flow_Control", "Possible values: No_Flow_Control/RTS_CTS/XON_XOFF", 0, flow_control_checkout, flow_control_commit, flow_control_number_validate) < 0) goto cleanup; if (ipmi_config_section_add_key (state_data, section, "Bit_Rate", "Possible values: 9600/19200/38400/57600/115200", 0, bit_rate_checkout, bit_rate_commit, bit_rate_number_validate) < 0) goto cleanup; return (section); cleanup: if (section) ipmi_config_section_destroy (section); return (NULL); }