00001 /* 00002 * ipmi_lan.h 00003 * 00004 * Routines for setting up a connection to an IPMI Lan interface. 00005 * 00006 * Author: MontaVista Software, Inc. 00007 * Corey Minyard <minyard@mvista.com> 00008 * source@mvista.com 00009 * 00010 * Copyright 2002,2003 MontaVista Software Inc. 00011 * 00012 * This program is free software; you can redistribute it and/or 00013 * modify it under the terms of the GNU Lesser General Public License 00014 * as published by the Free Software Foundation; either version 2 of 00015 * the License, or (at your option) any later version. 00016 * 00017 * 00018 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 00019 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 00020 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 00021 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 00022 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 00023 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 00024 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 00025 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 00026 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 00027 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 00028 * 00029 * You should have received a copy of the GNU Lesser General Public 00030 * License along with this program; if not, write to the Free 00031 * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 00032 */ 00033 00034 #ifndef __IPMI_LAN_H 00035 #define __IPMI_LAN_H 00036 00037 #include <OpenIPMI/ipmiif.h> 00038 #include <OpenIPMI/ipmi_addr.h> 00039 #include <OpenIPMI/ipmi_conn.h> 00040 #include <netinet/in.h> 00041 00042 #ifdef __cplusplus 00043 extern "C" { 00044 #endif 00045 00046 #define IPMI_LAN_STD_PORT 623 00047 #define IPMI_LAN_STD_PORT_STR "623" 00048 00049 /* 00050 * Yet another interface to set up a LAN connection. This is the 00051 * most flexible, and hopefully will be the last one. This one is 00052 * flexible enough to handle RMCP+ connections and will also handle 00053 * normal LAN connections. The parameters are: 00054 * 00055 * ip_addrs - The IP addresses of the remote BMC. You may list 00056 * multiple IP addresses in an array, each address *must* be to the 00057 * same BMC. This is an array of string pointers to the string 00058 * representations of the IP addresses, you can pass in names or 00059 * dot notation. It takes IPV4 and IPV6 addresses. 00060 * ports - The UDP ports to use, one for each address. It should 00061 * generally be IPMI_LAN_STD_PORT. This is an array of string 00062 * pointers to string representations of the port. You can pass 00063 * in names or numeric values. 00064 * num_ip_addrs - The number of ip addresses (and thus ports) in the 00065 * arrays above. 00066 * parms - An array of items used to configure the connection. 00067 * See the individual parms for details. This may be NULL if 00068 * num_parms is zero. 00069 * num_parms - The number of parms in the parms array. 00070 * handlers - The set of OS handlers to use for this connection. 00071 * user_data - This will be put into the BMC and may be fetched by the 00072 * user. The user can use it for anything they like. 00073 * new_con - The new connection is returned here. 00074 */ 00075 typedef struct ipmi_lanp_parm_s 00076 { 00077 int parm_id; 00078 int parm_val; 00079 void *parm_data; 00080 unsigned int parm_data_len; 00081 } ipmi_lanp_parm_t; 00082 int ipmi_lanp_setup_con(ipmi_lanp_parm_t *parms, 00083 unsigned int num_parms, 00084 os_handler_t *handlers, 00085 void *user_data, 00086 ipmi_con_t **new_con); 00087 00088 /* Set the authorization type for a connection. If not specified, 00089 this will default to the best available one. The type is in the 00090 parm_val, the parm_data is not used. */ 00091 #define IPMI_LANP_PARMID_AUTHTYPE 1 00092 00093 /* Set the privilege level requested for a connection. If not 00094 specified, this will default to admin. The type is in the 00095 parm_val, the parm_data is not used. */ 00096 #define IPMI_LANP_PARMID_PRIVILEGE 2 00097 00098 /* Set the password for the connection. If not specified, a NULL 00099 password will be used. The password is in the parm_data, the 00100 parm_val is not used. */ 00101 #define IPMI_LANP_PARMID_PASSWORD 3 00102 00103 /* Set the password for the connection. If not specified, User 1 (the 00104 default user) will be used. The name is in the parm_data, the 00105 parm_val is not used. */ 00106 #define IPMI_LANP_PARMID_USERNAME 4 00107 00108 /* Set the addresses used for the connection. This should be supplied 00109 as an array of pointers to characters in the parm_data value. The 00110 parm_val is not used. To use this, have something like: 00111 char *ips[2]; 00112 ips[0] = ...; 00113 ips[1] = ...; 00114 parms[i].parm_id = IPMI_LANP_PARMID_ADDRS; 00115 parms[i].parm_data = ips; 00116 parms[i].parm_data_len = 2; 00117 Note that the parm_data_len is the number of elements in the array 00118 of addresses, not the size of the array. This parameter must be 00119 specified. */ 00120 #define IPMI_LANP_PARMID_ADDRS 5 00121 00122 /* Set the ports used for the connection. This should be supplied 00123 as an array of pointers to characters in the parm_data value. The 00124 parm_val is not used. To use this, have something like: 00125 char *ips[2]; 00126 ips[0] = ...; 00127 ips[1] = ...; 00128 parms[i].parm_id = IPMI_LANP_PARMID_ADDRS; 00129 parms[i].parm_data = ips; 00130 parms[i].parm_data_len = 2; 00131 Note that the parm_data_len is the number of elements in the array 00132 of addresses, not the size of the array. If not specified, this 00133 defaults to IPMI_LAN_STD_PORT for every address. Note that the length 00134 of this must match the length of the number of addresses. */ 00135 #define IPMI_LANP_PARMID_PORTS 6 00136 00137 /* Allow the specific authentication, integrity, and confidentiality 00138 algorithms to be specified by the user. Note that you can specify 00139 OEM values here. The defaults are RACKP_HMAC_SHA1, HMAC_SHA1_96, and 00140 AES_CBC_128 for the best mandatory security. */ 00141 #define IPMI_LANP_AUTHENTICATION_ALGORITHM 7 00142 #define IPMI_LANP_AUTHENTICATION_ALGORITHM_BMCPICK (~0) 00143 #define IPMI_LANP_AUTHENTICATION_ALGORITHM_RAKP_NONE 0 00144 #define IPMI_LANP_AUTHENTICATION_ALGORITHM_RAKP_HMAC_SHA1 1 00145 #define IPMI_LANP_AUTHENTICATION_ALGORITHM_RAKP_HMAC_MD5 2 00146 #define IPMI_LANP_INTEGRITY_ALGORITHM 8 00147 #define IPMI_LANP_INTEGRITY_ALGORITHM_BMCPICK (~0) 00148 #define IPMI_LANP_INTEGRITY_ALGORITHM_NONE 0 00149 #define IPMI_LANP_INTEGRITY_ALGORITHM_HMAC_SHA1_96 1 00150 #define IPMI_LANP_INTEGRITY_ALGORITHM_HMAC_MD5_128 2 00151 #define IPMI_LANP_INTEGRITY_ALGORITHM_MD5_128 3 00152 #define IPMI_LANP_CONFIDENTIALITY_ALGORITHM 9 00153 #define IPMI_LANP_CONFIDENTIALITY_ALGORITHM_BMCPICK (~0) 00154 #define IPMI_LANP_CONFIDENTIALITY_ALGORITHM_NONE 0 00155 #define IPMI_LANP_CONFIDENTIALITY_ALGORITHM_AES_CBC_128 1 00156 #define IPMI_LANP_CONFIDENTIALITY_ALGORITHM_xRC4_128 2 00157 #define IPMI_LANP_CONFIDENTIALITY_ALGORITHM_xRC4_40 3 00158 00159 /* 00160 * If true (the default) this will do a classic IPMI 1.5 name lookup. 00161 * If false, this will use the privilege as part of the lookup and 00162 * will match the first user with the matching name and privilege. 00163 * See the RAKP message 1 for details. 00164 */ 00165 #define IPMI_LANP_NAME_LOOKUP_ONLY 10 00166 00167 /* Set the BMC key for the connection (RMCP+ only). If not specified, 00168 all zeros will be used. The key is in the parm_data, the parm_val 00169 is not used. */ 00170 #define IPMI_LANP_BMC_KEY 11 00171 00172 /* 00173 * Set up an IPMI LAN connection. The boatload of parameters are: 00174 * 00175 * ip_addrs - The IP addresses of the remote BMC. You may list 00176 * multiple IP addresses in an array, each address *must* be to the 00177 * same BMC. This is an array of string pointers to the string 00178 * representations of the IP addresses, you can pass in names or 00179 * dot notation. It takes IPV4 and IPV6 addresses. 00180 * ports - The UDP ports to use, one for each address. It should 00181 * generally be IPMI_LAN_STD_PORT. This is an array of string 00182 * pointers to string representations of the port. You can pass 00183 * in names or numeric values. 00184 * num_ip_addrs - The number of ip addresses (and thus ports) in the 00185 * arrays above. 00186 * authtype - The authentication type to use, from ipmi_auth.h 00187 * privilege - The privilege level to request for the connection, from 00188 * the set of values in ipmi_auth.h. 00189 * username - The 16-byte max username to use for the connection. 00190 * username_len - The length of username. 00191 * password - The 16-byte max password to use for the connection. 00192 * password_len - The length of password. 00193 * handlers - The set of OS handlers to use for this connection. 00194 * user_data - This will be put into the BMC and may be fetched by the 00195 * user. The user can use it for anything they like. 00196 * new_con - The new connection is returned here. 00197 */ 00198 int ipmi_ip_setup_con(char * const ip_addrs[], 00199 char * const ports[], 00200 unsigned int num_ip_addrs, 00201 unsigned int authtype, 00202 unsigned int privilege, 00203 void *username, 00204 unsigned int username_len, 00205 void *password, 00206 unsigned int password_len, 00207 os_handler_t *handlers, 00208 void *user_data, 00209 ipmi_con_t **new_con); 00210 00211 /* This is the old version of the above call, it only works on IPv4 00212 addresses. Its use is deprecated. */ 00213 int ipmi_lan_setup_con(struct in_addr *ip_addrs, 00214 int *ports, 00215 unsigned int num_ip_addrs, 00216 unsigned int authtype, 00217 unsigned int privilege, 00218 void *username, 00219 unsigned int username_len, 00220 void *password, 00221 unsigned int password_len, 00222 os_handler_t *handlers, 00223 void *user_data, 00224 ipmi_con_t **new_con); 00225 00226 /* Used to handle SNMP traps. If the msg is NULL, that means that the 00227 trap sender didn't send enough information to handle the trap 00228 immediately, and the SEL needs to be scanned. */ 00229 int ipmi_lan_handle_external_event(const struct sockaddr *src_addr, 00230 const ipmi_msg_t *msg, 00231 const unsigned char *pet_ack); 00232 00233 /* 00234 * RMCP+ payload handling. To register a payload, pass in a static 00235 * ipmi_payload_t stucture with the various functions set. Note that 00236 * IPMI and OEM expicit payloads have special handling, you cannot 00237 * register those payload types. Registering a NULL payload removes 00238 * the handler. 00239 */ 00240 #define IPMI_RMCPP_PAYLOAD_TYPE_IPMI 0 00241 #define IPMI_RMCPP_PAYLOAD_TYPE_SOL 1 00242 #define IPMI_RMCPP_PAYLOAD_TYPE_OEM_EXPLICIT 2 00243 00244 #define IPMI_RMCPP_PAYLOAD_TYPE_OPEN_SESSION_REQUEST 0x10 00245 #define IPMI_RMCPP_PAYLOAD_TYPE_OPEN_SESSION_RESPONSE 0x11 00246 #define IPMI_RMCPP_PAYLOAD_TYPE_RAKP_1 0x12 00247 #define IPMI_RMCPP_PAYLOAD_TYPE_RAKP_2 0x13 00248 #define IPMI_RMCPP_PAYLOAD_TYPE_RAKP_3 0x14 00249 #define IPMI_RMCPP_PAYLOAD_TYPE_RAKP_4 0x15 00250 00251 #define IPMI_RMCPP_ADDR_SOL (IPMI_RMCPP_ADDR_START + IPMI_RMCPP_PAYLOAD_TYPE_SOL) 00252 00253 typedef struct ipmi_payload_s 00254 { 00255 /* Format a message for transmit on this payload. The address and 00256 message is the one specified by the user. The out_data is a 00257 pointer to where to store the output, out_data_len will point 00258 to the length of the buffer to store the output and should be 00259 updatated to be the actual length. The seq is a 6-bit value 00260 that should be store somewhere so the that response to this 00261 message can be identified. If the netfn is odd, the sequence 00262 number is not used. The out_of_session variable is set to zero 00263 by default; if the message is meant to be sent out of session, 00264 then the formatter should set this value to 1. */ 00265 int (*format_for_xmit)(ipmi_con_t *conn, 00266 const ipmi_addr_t *addr, 00267 unsigned int addr_len, 00268 const ipmi_msg_t *msg, 00269 unsigned char *out_data, 00270 unsigned int *out_data_len, 00271 int *out_of_session, 00272 unsigned char seq); 00273 00274 /* Get the recv sequence number from the message. Return ENOSYS 00275 if the sequence number is not valid for the message (it is 00276 asynchronous). */ 00277 int (*get_recv_seq)(ipmi_con_t *conn, 00278 unsigned char *data, 00279 unsigned int data_len, 00280 unsigned char *seq); 00281 00282 /* Fill in the rspi data structure from the given data, responses 00283 only. This does *not* deliver the message, that is done by the 00284 LAN code. If this returns -1, that means the LAN code should 00285 call handle_send_rsp_err on the connection if it is defined. */ 00286 int (*handle_recv_rsp)(ipmi_con_t *conn, 00287 ipmi_msgi_t *rspi, 00288 ipmi_addr_t *orig_addr, 00289 unsigned int orig_addr_len, 00290 ipmi_msg_t *orig_msg, 00291 unsigned char *data, 00292 unsigned int data_len); 00293 00294 /* Handle an asynchronous message. This *should* deliver the 00295 message, if possible. */ 00296 void (*handle_recv_async)(ipmi_con_t *conn, 00297 unsigned char *data, 00298 unsigned int data_len); 00299 00300 /* If the message has a tag, return it in "tag". This field may 00301 be NULL if the payload doesn't have tags. If this field is 00302 present, it should return an error if the message is not valid 00303 or the tag could not be extracted. Note that tags are only for 00304 identifying sessions ids for out-of-connection messages 00305 that have zero in the session id field, and thus this is not 00306 generally used by most payloads. */ 00307 int (*get_msg_tag)(unsigned char *data, unsigned int data_len, 00308 unsigned char *tag); 00309 } ipmi_payload_t; 00310 00311 int ipmi_rmcpp_register_payload(unsigned int payload_type, 00312 ipmi_payload_t *payload); 00313 00314 /* Register a payload to be called when the specific payload type 00315 (must be an OEM number) comes in with the iana and payload id or 00316 goes out with those values in the address. The payload id is only 00317 used for payload type 2. */ 00318 int ipmi_rmcpp_register_oem_payload(unsigned int payload_type, 00319 unsigned char iana[3], 00320 unsigned int payload_id, 00321 ipmi_payload_t *payload); 00322 00323 /* 00324 * RMCP+ algorithm handling. 00325 * 00326 * Note that all registered data structures should be static. Note that 00327 * you can deregister an algorithm by setting it to zero, but this is 00328 * discouraged because of race conditions. You should also not change 00329 * these pointers dynamically, as the RMCP code may copy these to internal 00330 * places for its own and you wouldn't be able to change those copies. 00331 */ 00332 00333 /* The auth data structure. The one passed to the algorithm is 00334 guaranteed to be valid until the free function is called on the 00335 algorithm. For authentication, an error value will be returned 00336 from ipmi_lan_send_command_forceip() (you are using that, right?) 00337 before the data goes away. The auth algorithm should fill in the 00338 data it is defined to set. Note that this returns pointers to the 00339 actual data and returns the full length of the data. Be careful 00340 not to overrun it when setting things. The password and bmc_key 00341 values will be filled out to zeros to the max_length. Note that 00342 the LAN code will make sure to zero the sensitive values upon 00343 shutdown. */ 00344 typedef struct ipmi_rmcpp_auth_s ipmi_rmcpp_auth_t; 00345 00346 uint32_t ipmi_rmcpp_auth_get_my_session_id(ipmi_rmcpp_auth_t *ainfo); 00347 uint32_t ipmi_rmcpp_auth_get_mgsys_session_id(ipmi_rmcpp_auth_t *ainfo); 00348 uint8_t ipmi_rmcpp_auth_get_role(ipmi_rmcpp_auth_t *ainfo); 00349 const unsigned char *ipmi_rmcpp_auth_get_username(ipmi_rmcpp_auth_t *ainfo, 00350 unsigned int *max_len); 00351 unsigned int ipmi_rmcpp_auth_get_username_len(ipmi_rmcpp_auth_t *ainfo); 00352 const unsigned char *ipmi_rmcpp_auth_get_password(ipmi_rmcpp_auth_t *ainfo, 00353 unsigned int *max_len); 00354 unsigned int ipmi_rmcpp_auth_get_password_len(ipmi_rmcpp_auth_t *ainfo); 00355 int ipmi_rmcpp_auth_get_use_two_keys(ipmi_rmcpp_auth_t *ainfo); 00356 const unsigned char *ipmi_rmcpp_auth_get_bmc_key(ipmi_rmcpp_auth_t *ainfo, 00357 unsigned int *max_len); 00358 unsigned int ipmi_rmcpp_auth_get_bmc_key_len(ipmi_rmcpp_auth_t *ainfo); 00359 00360 /* From the get channel auth. */ 00361 const unsigned char *ipmi_rmcpp_auth_get_oem_iana(ipmi_rmcpp_auth_t *ainfo, 00362 unsigned int *len); 00363 unsigned char ipmi_rmcpp_auth_get_oem_aux(ipmi_rmcpp_auth_t *ainfo); 00364 00365 /* Should be filled in by the auth algorithm. */ 00366 unsigned char *ipmi_rmcpp_auth_get_my_rand(ipmi_rmcpp_auth_t *ainfo, 00367 unsigned int *max_len); 00368 unsigned int ipmi_rmcpp_auth_get_my_rand_len(ipmi_rmcpp_auth_t *ainfo); 00369 void ipmi_rmcpp_auth_set_my_rand_len(ipmi_rmcpp_auth_t *ainfo, 00370 unsigned int length); 00371 unsigned char *ipmi_rmcpp_auth_get_mgsys_rand(ipmi_rmcpp_auth_t *ainfo, 00372 unsigned int *max_len); 00373 unsigned int ipmi_rmcpp_auth_get_mgsys_rand_len(ipmi_rmcpp_auth_t *ainfo); 00374 void ipmi_rmcpp_auth_set_mgsys_rand_len(ipmi_rmcpp_auth_t *ainfo, 00375 unsigned int length); 00376 unsigned char *ipmi_rmcpp_auth_get_mgsys_guid(ipmi_rmcpp_auth_t *ainfo, 00377 unsigned int *max_len); 00378 unsigned int ipmi_rmcpp_auth_get_mgsys_guid_len(ipmi_rmcpp_auth_t *ainfo); 00379 void ipmi_rmcpp_auth_set_mgsys_guid_len(ipmi_rmcpp_auth_t *ainfo, 00380 unsigned int length); 00381 unsigned char *ipmi_rmcpp_auth_get_sik(ipmi_rmcpp_auth_t *ainfo, 00382 unsigned int *max_len); 00383 unsigned int ipmi_rmcpp_auth_get_sik_len(ipmi_rmcpp_auth_t *ainfo); 00384 void ipmi_rmcpp_auth_set_sik_len(ipmi_rmcpp_auth_t *ainfo, 00385 unsigned int length); 00386 unsigned char *ipmi_rmcpp_auth_get_k1(ipmi_rmcpp_auth_t *ainfo, 00387 unsigned int *max_len); 00388 unsigned int ipmi_rmcpp_auth_get_k1_len(ipmi_rmcpp_auth_t *ainfo); 00389 void ipmi_rmcpp_auth_set_k1_len(ipmi_rmcpp_auth_t *ainfo, 00390 unsigned int length); 00391 unsigned char *ipmi_rmcpp_auth_get_k2(ipmi_rmcpp_auth_t *ainfo, 00392 unsigned int *max_len); 00393 unsigned int ipmi_rmcpp_auth_get_k2_len(ipmi_rmcpp_auth_t *ainfo); 00394 void ipmi_rmcpp_auth_set_k2_len(ipmi_rmcpp_auth_t *ainfo, 00395 unsigned int length); 00396 00397 00398 typedef void (*ipmi_rmcpp_finish_auth_cb)(ipmi_con_t *ipmi, 00399 int err, 00400 int addr_num, 00401 void *cb_data); 00402 typedef int (*ipmi_rmcpp_set_info_cb)(ipmi_con_t *ipmi, 00403 int addr_num, 00404 ipmi_rmcpp_auth_t *ainfo, 00405 void *cb_data); 00406 00407 typedef struct ipmi_rmcpp_authentication_s 00408 { 00409 /* Call the set function after the key info is obtained but before 00410 the final "ack". This lets the algorithm fail the connection 00411 if the lan code cannot set up the data. The msg_tag is a value 00412 that should be extractable from the message response (ie the 00413 rakp message tag). */ 00414 int (*start_auth)(ipmi_con_t *ipmi, 00415 int addr_num, 00416 unsigned char msg_tag, 00417 ipmi_rmcpp_auth_t *ainfo, 00418 ipmi_rmcpp_set_info_cb set, 00419 ipmi_rmcpp_finish_auth_cb done, 00420 void *cb_data); 00421 } ipmi_rmcpp_authentication_t; 00422 00423 int ipmi_rmcpp_register_authentication(unsigned int auth_num, 00424 ipmi_rmcpp_authentication_t *auth); 00425 00426 /* Register an OEM auth algorithm, the auth_num must be in the OEM range. */ 00427 int ipmi_rmcpp_register_oem_authentication(unsigned int auth_num, 00428 unsigned char iana[3], 00429 ipmi_rmcpp_authentication_t *auth); 00430 00431 typedef struct ipmi_rmcpp_confidentiality_s 00432 { 00433 int (*conf_init)(ipmi_con_t *ipmi, 00434 ipmi_rmcpp_auth_t *ainfo, 00435 void **conf_data); 00436 void (*conf_free)(ipmi_con_t *ipmi, 00437 void *conf_data); 00438 00439 /* This adds the confidentiality header and trailer. The payload 00440 points to a pointer to the payload data itself. The header 00441 length points to the number of bytes available before the 00442 payload. The payload length points to the length of the 00443 payload. The function should add the header and trailer to the 00444 payload, update the payload to point to the start of the 00445 header, update the header length to remove the data it used for 00446 its header, and update the payload length for any trailer used. 00447 The original payload_len value plus the trailer data should not 00448 exceed the max_payload_len for the trailer nor should 00449 header_len go negative. Note that if you use header data, you 00450 should increase max_payload_len appropriately. */ 00451 int (*conf_encrypt)(ipmi_con_t *ipmi, 00452 void *conf_data, 00453 unsigned char **payload, 00454 unsigned int *header_len, 00455 unsigned int *payload_len, 00456 unsigned int *max_payload_len); 00457 00458 00459 /* Decrypt the given data (in place). The payload starts at 00460 beginning of the confidentiality header and the payload length 00461 includes the confidentiality trailer. This function should 00462 update the payload to remove the header and the payload_len to 00463 remove any headers and trailers, including all padding. */ 00464 int (*conf_decrypt)(ipmi_con_t *ipmi, 00465 void *conf_data, 00466 unsigned char **payload, 00467 unsigned int *payload_len); 00468 00469 } ipmi_rmcpp_confidentiality_t; 00470 00471 int ipmi_rmcpp_register_confidentiality(unsigned int conf_num, 00472 ipmi_rmcpp_confidentiality_t *conf); 00473 00474 /* Register an OEM conf algorithm, the conf_num must be in the OEM range. */ 00475 int ipmi_rmcpp_register_oem_confidentiality(unsigned int conf_num, 00476 unsigned char iana[3], 00477 ipmi_rmcpp_confidentiality_t *conf); 00478 00479 00480 typedef struct ipmi_rmcpp_integrity_s 00481 { 00482 int (*integ_init)(ipmi_con_t *ipmi, 00483 ipmi_rmcpp_auth_t *ainfo, 00484 void **integ_data); 00485 void (*integ_free)(ipmi_con_t *ipmi, 00486 void *integ_data); 00487 00488 /* This adds the integrity trailer padding after the payload data. 00489 It should add any padding after the payload and update the 00490 payload length. The payload_len should not exceed 00491 max_payload_len. The payload starts at beginning of the user 00492 message (the RMCP version). */ 00493 int (*integ_pad)(ipmi_con_t *ipmi, 00494 void *integ_data, 00495 unsigned char *payload, 00496 unsigned int *payload_len, 00497 unsigned int max_payload_len); 00498 00499 /* This adds the integrity trailer after the payload data (and 00500 padding). The payload_len should not exceed max_payload_len. 00501 The payload starts at beginning of the user message (the RMCP 00502 version). */ 00503 int (*integ_add)(ipmi_con_t *ipmi, 00504 void *integ_data, 00505 unsigned char *payload, 00506 unsigned int *payload_len, 00507 unsigned int max_payload_len); 00508 00509 /* Verify the integrity of the given data. The payload starts at 00510 beginning of the user message (the RMCP version). The payload 00511 length is the length including any integrity padding but not 00512 the next header or authcode data. The total length includes all 00513 the data, including the autocode data. */ 00514 int (*integ_check)(ipmi_con_t *ipmi, 00515 void *integ_data, 00516 unsigned char *payload, 00517 unsigned int payload_len, 00518 unsigned int total_len); 00519 00520 } ipmi_rmcpp_integrity_t; 00521 00522 int ipmi_rmcpp_register_integrity(unsigned int integ_num, 00523 ipmi_rmcpp_integrity_t *integ); 00524 00525 /* Register an OEM integ algorithm, the integ_num must be in the OEM range. */ 00526 int ipmi_rmcpp_register_oem_integrity(unsigned int integ_num, 00527 unsigned char iana[3], 00528 ipmi_rmcpp_integrity_t *integ); 00529 00530 /* Authentication algorithms should use this to send messages. Note 00531 that when yo use this interface, it will always set rspi->data4 to 00532 the address number, you must cast it with (long) rspi->data4. */ 00533 int ipmi_lan_send_command_forceip(ipmi_con_t *ipmi, 00534 int addr_num, 00535 ipmi_addr_t *addr, 00536 unsigned int addr_len, 00537 ipmi_msg_t *msg, 00538 ipmi_ll_rsp_handler_t rsp_handler, 00539 ipmi_msgi_t *rspi); 00540 00541 #ifdef __cplusplus 00542 } 00543 #endif 00544 00545 #endif /* __IPMI_LAN_H */