1 /* 2 * ipmi_lan.h 3 * 4 * Routines for setting up a connection to an IPMI Lan interface. 5 * 6 * Author: MontaVista Software, Inc. 7 * Corey Minyard <minyard@mvista.com> 8 * source@mvista.com 9 * 10 * Copyright 2002,2003 MontaVista Software Inc. 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU Lesser General Public License 14 * as published by the Free Software Foundation; either version 2 of 15 * the License, or (at your option) any later version. 16 * 17 * 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 19 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 24 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 26 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 27 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 * 29 * You should have received a copy of the GNU Lesser General Public 30 * License along with this program; if not, write to the Free 31 * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 32 */ 33 34 #ifndef OPENIPMI_LAN_H 35 #define OPENIPMI_LAN_H 36 37 #include <OpenIPMI/ipmi_addr.h> 38 #include <OpenIPMI/ipmi_conn.h> 39 #include <netinet/in.h> 40 41 #ifdef __cplusplus 42 extern "C" { 43 #endif 44 45 #define IPMI_LAN_STD_PORT 623 46 #define IPMI_LAN_STD_PORT_STR "623" 47 48 /* 49 * Yet another interface to set up a LAN connection. This is the 50 * most flexible, and hopefully will be the last one. This one is 51 * flexible enough to handle RMCP+ connections and will also handle 52 * normal LAN connections. The parameters are: 53 * 54 * ip_addrs - The IP addresses of the remote BMC. You may list 55 * multiple IP addresses in an array, each address *must* be to the 56 * same BMC. This is an array of string pointers to the string 57 * representations of the IP addresses, you can pass in names or 58 * dot notation. It takes IPV4 and IPV6 addresses. 59 * ports - The UDP ports to use, one for each address. It should 60 * generally be IPMI_LAN_STD_PORT. This is an array of string 61 * pointers to string representations of the port. You can pass 62 * in names or numeric values. 63 * num_ip_addrs - The number of ip addresses (and thus ports) in the 64 * arrays above. 65 * parms - An array of items used to configure the connection. 66 * See the individual parms for details. This may be NULL if 67 * num_parms is zero. 68 * num_parms - The number of parms in the parms array. 69 * handlers - The set of OS handlers to use for this connection. 70 * user_data - This will be put into the BMC and may be fetched by the 71 * user. The user can use it for anything they like. 72 * new_con - The new connection is returned here. 73 */ 74 typedef struct ipmi_lanp_parm_s 75 { 76 int parm_id; 77 int parm_val; 78 void *parm_data; 79 unsigned int parm_data_len; 80 } ipmi_lanp_parm_t; 81 int ipmi_lanp_setup_con(ipmi_lanp_parm_t *parms, 82 unsigned int num_parms, 83 os_handler_t *handlers, 84 void *user_data, 85 ipmi_con_t **new_con); 86 87 /* Set the authorization type for a connection. If not specified, 88 this will default to the best available one. The type is in the 89 parm_val, the parm_data is not used. */ 90 #define IPMI_LANP_PARMID_AUTHTYPE 1 91 92 /* Set the privilege level requested for a connection. If not 93 specified, this will default to admin. The type is in the 94 parm_val, the parm_data is not used. */ 95 #define IPMI_LANP_PARMID_PRIVILEGE 2 96 97 /* Set the password for the connection. If not specified, a NULL 98 password will be used. The password is in the parm_data, the 99 parm_val is not used. */ 100 #define IPMI_LANP_PARMID_PASSWORD 3 101 102 /* Set the password for the connection. If not specified, User 1 (the 103 default user) will be used. The name is in the parm_data, the 104 parm_val is not used. */ 105 #define IPMI_LANP_PARMID_USERNAME 4 106 107 /* Set the addresses used for the connection. This should be supplied 108 as an array of pointers to characters in the parm_data value. The 109 parm_val is not used. To use this, have something like: 110 char *ips[2]; 111 ips[0] = ...; 112 ips[1] = ...; 113 parms[i].parm_id = IPMI_LANP_PARMID_ADDRS; 114 parms[i].parm_data = ips; 115 parms[i].parm_data_len = 2; 116 Note that the parm_data_len is the number of elements in the array 117 of addresses, not the size of the array. This parameter must be 118 specified. */ 119 #define IPMI_LANP_PARMID_ADDRS 5 120 121 /* Set the ports used for the connection. This should be supplied 122 as an array of pointers to characters in the parm_data value. The 123 parm_val is not used. To use this, have something like: 124 char *ips[2]; 125 ips[0] = ...; 126 ips[1] = ...; 127 parms[i].parm_id = IPMI_LANP_PARMID_ADDRS; 128 parms[i].parm_data = ips; 129 parms[i].parm_data_len = 2; 130 Note that the parm_data_len is the number of elements in the array 131 of addresses, not the size of the array. If not specified, this 132 defaults to IPMI_LAN_STD_PORT for every address. Note that the length 133 of this must match the length of the number of addresses. */ 134 #define IPMI_LANP_PARMID_PORTS 6 135 136 /* Allow the specific authentication, integrity, and confidentiality 137 algorithms to be specified by the user. Note that you can specify 138 OEM values here. The defaults are RACKP_HMAC_SHA1, HMAC_SHA1_96, and 139 AES_CBC_128 for the best mandatory security. */ 140 #define IPMI_LANP_AUTHENTICATION_ALGORITHM 7 141 #define IPMI_LANP_AUTHENTICATION_ALGORITHM_BMCPICK (~0) 142 #define IPMI_LANP_AUTHENTICATION_ALGORITHM_RAKP_NONE 0 143 #define IPMI_LANP_AUTHENTICATION_ALGORITHM_RAKP_HMAC_SHA1 1 144 #define IPMI_LANP_AUTHENTICATION_ALGORITHM_RAKP_HMAC_MD5 2 145 #define IPMI_LANP_INTEGRITY_ALGORITHM 8 146 #define IPMI_LANP_INTEGRITY_ALGORITHM_BMCPICK (~0) 147 #define IPMI_LANP_INTEGRITY_ALGORITHM_NONE 0 148 #define IPMI_LANP_INTEGRITY_ALGORITHM_HMAC_SHA1_96 1 149 #define IPMI_LANP_INTEGRITY_ALGORITHM_HMAC_MD5_128 2 150 #define IPMI_LANP_INTEGRITY_ALGORITHM_MD5_128 3 151 #define IPMI_LANP_CONFIDENTIALITY_ALGORITHM 9 152 #define IPMI_LANP_CONFIDENTIALITY_ALGORITHM_BMCPICK (~0) 153 #define IPMI_LANP_CONFIDENTIALITY_ALGORITHM_NONE 0 154 #define IPMI_LANP_CONFIDENTIALITY_ALGORITHM_AES_CBC_128 1 155 #define IPMI_LANP_CONFIDENTIALITY_ALGORITHM_xRC4_128 2 156 #define IPMI_LANP_CONFIDENTIALITY_ALGORITHM_xRC4_40 3 157 158 /* 159 * If true (the default) this will do a classic IPMI 1.5 name lookup. 160 * If false, this will use the privilege as part of the lookup and 161 * will match the first user with the matching name and privilege. 162 * See the RAKP message 1 for details. 163 */ 164 #define IPMI_LANP_NAME_LOOKUP_ONLY 10 165 166 /* Set the BMC key for the connection (RMCP+ only). If not specified, 167 all zeros will be used. The key is in the parm_data, the parm_val 168 is not used. */ 169 #define IPMI_LANP_BMC_KEY 11 170 171 /* Allow the maximum outstanding message count to be set. Normally 172 this is 2, but 2 may even be too much for some systems. A larger 173 number may improve performance for systems that can handle it. The 174 maximum value is 63, but that's way bigger than anyone should need. 175 5-6 should be enough for anything. The value is set in parm_val */ 176 #define IPMI_LANP_MAX_OUTSTANDING_MSG_COUNT 12 177 178 /* Address family, integer value, generally AF_INET or AF_INET6. If 179 unspecified, it used AF_UNSPEC. */ 180 #define IPMI_LANP_ADDRESS_FAMILY 13 181 182 /* 183 * Set up an IPMI LAN connection. The boatload of parameters are: 184 * 185 * ip_addrs - The IP addresses of the remote BMC. You may list 186 * multiple IP addresses in an array, each address *must* be to the 187 * same BMC. This is an array of string pointers to the string 188 * representations of the IP addresses, you can pass in names or 189 * dot notation. It takes IPV4 and IPV6 addresses. 190 * ports - The UDP ports to use, one for each address. It should 191 * generally be IPMI_LAN_STD_PORT. This is an array of string 192 * pointers to string representations of the port. You can pass 193 * in names or numeric values. 194 * num_ip_addrs - The number of ip addresses (and thus ports) in the 195 * arrays above. 196 * authtype - The authentication type to use, from ipmi_auth.h 197 * privilege - The privilege level to request for the connection, from 198 * the set of values in ipmi_auth.h. 199 * username - The 16-byte max username to use for the connection. 200 * username_len - The length of username. 201 * password - The 16-byte max password to use for the connection. 202 * password_len - The length of password. 203 * handlers - The set of OS handlers to use for this connection. 204 * user_data - This will be put into the BMC and may be fetched by the 205 * user. The user can use it for anything they like. 206 * new_con - The new connection is returned here. 207 */ 208 int ipmi_ip_setup_con(char * const ip_addrs[], 209 char * const ports[], 210 unsigned int num_ip_addrs, 211 unsigned int authtype, 212 unsigned int privilege, 213 void *username, 214 unsigned int username_len, 215 void *password, 216 unsigned int password_len, 217 os_handler_t *handlers, 218 void *user_data, 219 ipmi_con_t **new_con); 220 221 /* This is the old version of the above call, it only works on IPv4 222 addresses. Its use is deprecated. */ 223 int ipmi_lan_setup_con(struct in_addr *ip_addrs, 224 int *ports, 225 unsigned int num_ip_addrs, 226 unsigned int authtype, 227 unsigned int privilege, 228 void *username, 229 unsigned int username_len, 230 void *password, 231 unsigned int password_len, 232 os_handler_t *handlers, 233 void *user_data, 234 ipmi_con_t **new_con); 235 236 /* Used to handle SNMP traps. If the msg is NULL, that means that the 237 trap sender didn't send enough information to handle the trap 238 immediately, and the SEL needs to be scanned. */ 239 int ipmi_lan_handle_external_event(const struct sockaddr *src_addr, 240 const ipmi_msg_t *msg, 241 const unsigned char *pet_ack); 242 243 /* 244 * RMCP+ payload handling. To register a payload, pass in a static 245 * ipmi_payload_t stucture with the various functions set. Note that 246 * IPMI and OEM expicit payloads have special handling, you cannot 247 * register those payload types. Registering a NULL payload removes 248 * the handler. 249 */ 250 #define IPMI_RMCPP_PAYLOAD_TYPE_IPMI 0 251 #define IPMI_RMCPP_PAYLOAD_TYPE_SOL 1 252 #define IPMI_RMCPP_PAYLOAD_TYPE_OEM_EXPLICIT 2 253 254 #define IPMI_RMCPP_PAYLOAD_TYPE_OPEN_SESSION_REQUEST 0x10 255 #define IPMI_RMCPP_PAYLOAD_TYPE_OPEN_SESSION_RESPONSE 0x11 256 #define IPMI_RMCPP_PAYLOAD_TYPE_RAKP_1 0x12 257 #define IPMI_RMCPP_PAYLOAD_TYPE_RAKP_2 0x13 258 #define IPMI_RMCPP_PAYLOAD_TYPE_RAKP_3 0x14 259 #define IPMI_RMCPP_PAYLOAD_TYPE_RAKP_4 0x15 260 261 #define IPMI_RMCPP_ADDR_SOL (IPMI_RMCPP_ADDR_START + IPMI_RMCPP_PAYLOAD_TYPE_SOL) 262 263 typedef struct ipmi_payload_s 264 { 265 /* Format a message for transmit on this payload. The address and 266 message is the one specified by the user. The out_data is a 267 pointer to where to store the output, out_data_len will point 268 to the length of the buffer to store the output and should be 269 updatated to be the actual length. The seq is a 6-bit value 270 that should be store somewhere so the that response to this 271 message can be identified. If the netfn is odd, the sequence 272 number is not used. The out_of_session variable is set to zero 273 by default; if the message is meant to be sent out of session, 274 then the formatter should set this value to 1. */ 275 int (*format_for_xmit)(ipmi_con_t *conn, 276 const ipmi_addr_t *addr, 277 unsigned int addr_len, 278 const ipmi_msg_t *msg, 279 unsigned char *out_data, 280 unsigned int *out_data_len, 281 int *out_of_session, 282 unsigned char seq); 283 284 /* Get the recv sequence number from the message. Return ENOSYS 285 if the sequence number is not valid for the message (it is 286 asynchronous). */ 287 int (*get_recv_seq)(ipmi_con_t *conn, 288 unsigned char *data, 289 unsigned int data_len, 290 unsigned char *seq); 291 292 /* Fill in the rspi data structure from the given data, responses 293 only. This does *not* deliver the message, that is done by the 294 LAN code. If this returns -1, that means the LAN code should 295 call handle_send_rsp_err on the connection if it is defined. */ 296 int (*handle_recv_rsp)(ipmi_con_t *conn, 297 ipmi_msgi_t *rspi, 298 ipmi_addr_t *orig_addr, 299 unsigned int orig_addr_len, 300 ipmi_msg_t *orig_msg, 301 unsigned char *data, 302 unsigned int data_len); 303 304 /* Handle an asynchronous message. This *should* deliver the 305 message, if possible. */ 306 void (*handle_recv_async)(ipmi_con_t *conn, 307 unsigned char *data, 308 unsigned int data_len); 309 310 /* If the message has a tag, return it in "tag". This field may 311 be NULL if the payload doesn't have tags. If this field is 312 present, it should return an error if the message is not valid 313 or the tag could not be extracted. Note that tags are only for 314 identifying sessions ids for out-of-connection messages 315 that have zero in the session id field, and thus this is not 316 generally used by most payloads. */ 317 int (*get_msg_tag)(unsigned char *data, unsigned int data_len, 318 unsigned char *tag); 319 } ipmi_payload_t; 320 321 int ipmi_rmcpp_register_payload(unsigned int payload_type, 322 ipmi_payload_t *payload); 323 324 /* Register a payload to be called when the specific payload type 325 (must be an OEM number) comes in with the iana and payload id or 326 goes out with those values in the address. The payload id is only 327 used for payload type 2. */ 328 int ipmi_rmcpp_register_oem_payload(unsigned int payload_type, 329 unsigned char iana[3], 330 unsigned int payload_id, 331 ipmi_payload_t *payload); 332 333 /* 334 * RMCP+ algorithm handling. 335 * 336 * Note that all registered data structures should be static. Note that 337 * you can deregister an algorithm by setting it to zero, but this is 338 * discouraged because of race conditions. You should also not change 339 * these pointers dynamically, as the RMCP code may copy these to internal 340 * places for its own and you wouldn't be able to change those copies. 341 */ 342 343 /* The auth data structure. The one passed to the algorithm is 344 guaranteed to be valid until the free function is called on the 345 algorithm. For authentication, an error value will be returned 346 from ipmi_lan_send_command_forceip() (you are using that, right?) 347 before the data goes away. The auth algorithm should fill in the 348 data it is defined to set. Note that this returns pointers to the 349 actual data and returns the full length of the data. Be careful 350 not to overrun it when setting things. The password and bmc_key 351 values will be filled out to zeros to the max_length. Note that 352 the LAN code will make sure to zero the sensitive values upon 353 shutdown. */ 354 typedef struct ipmi_rmcpp_auth_s ipmi_rmcpp_auth_t; 355 356 uint32_t ipmi_rmcpp_auth_get_my_session_id(ipmi_rmcpp_auth_t *ainfo); 357 uint32_t ipmi_rmcpp_auth_get_mgsys_session_id(ipmi_rmcpp_auth_t *ainfo); 358 uint8_t ipmi_rmcpp_auth_get_role(ipmi_rmcpp_auth_t *ainfo); 359 const unsigned char *ipmi_rmcpp_auth_get_username(ipmi_rmcpp_auth_t *ainfo, 360 unsigned int *max_len); 361 unsigned int ipmi_rmcpp_auth_get_username_len(ipmi_rmcpp_auth_t *ainfo); 362 const unsigned char *ipmi_rmcpp_auth_get_password(ipmi_rmcpp_auth_t *ainfo, 363 unsigned int *max_len); 364 unsigned int ipmi_rmcpp_auth_get_password_len(ipmi_rmcpp_auth_t *ainfo); 365 int ipmi_rmcpp_auth_get_use_two_keys(ipmi_rmcpp_auth_t *ainfo); 366 const unsigned char *ipmi_rmcpp_auth_get_bmc_key(ipmi_rmcpp_auth_t *ainfo, 367 unsigned int *max_len); 368 unsigned int ipmi_rmcpp_auth_get_bmc_key_len(ipmi_rmcpp_auth_t *ainfo); 369 370 /* From the get channel auth. */ 371 const unsigned char *ipmi_rmcpp_auth_get_oem_iana(ipmi_rmcpp_auth_t *ainfo, 372 unsigned int *len); 373 unsigned char ipmi_rmcpp_auth_get_oem_aux(ipmi_rmcpp_auth_t *ainfo); 374 375 /* Should be filled in by the auth algorithm. */ 376 unsigned char *ipmi_rmcpp_auth_get_my_rand(ipmi_rmcpp_auth_t *ainfo, 377 unsigned int *max_len); 378 unsigned int ipmi_rmcpp_auth_get_my_rand_len(ipmi_rmcpp_auth_t *ainfo); 379 void ipmi_rmcpp_auth_set_my_rand_len(ipmi_rmcpp_auth_t *ainfo, 380 unsigned int length); 381 unsigned char *ipmi_rmcpp_auth_get_mgsys_rand(ipmi_rmcpp_auth_t *ainfo, 382 unsigned int *max_len); 383 unsigned int ipmi_rmcpp_auth_get_mgsys_rand_len(ipmi_rmcpp_auth_t *ainfo); 384 void ipmi_rmcpp_auth_set_mgsys_rand_len(ipmi_rmcpp_auth_t *ainfo, 385 unsigned int length); 386 unsigned char *ipmi_rmcpp_auth_get_mgsys_guid(ipmi_rmcpp_auth_t *ainfo, 387 unsigned int *max_len); 388 unsigned int ipmi_rmcpp_auth_get_mgsys_guid_len(ipmi_rmcpp_auth_t *ainfo); 389 void ipmi_rmcpp_auth_set_mgsys_guid_len(ipmi_rmcpp_auth_t *ainfo, 390 unsigned int length); 391 unsigned char *ipmi_rmcpp_auth_get_sik(ipmi_rmcpp_auth_t *ainfo, 392 unsigned int *max_len); 393 unsigned int ipmi_rmcpp_auth_get_sik_len(ipmi_rmcpp_auth_t *ainfo); 394 void ipmi_rmcpp_auth_set_sik_len(ipmi_rmcpp_auth_t *ainfo, 395 unsigned int length); 396 unsigned char *ipmi_rmcpp_auth_get_k1(ipmi_rmcpp_auth_t *ainfo, 397 unsigned int *max_len); 398 unsigned int ipmi_rmcpp_auth_get_k1_len(ipmi_rmcpp_auth_t *ainfo); 399 void ipmi_rmcpp_auth_set_k1_len(ipmi_rmcpp_auth_t *ainfo, 400 unsigned int length); 401 unsigned char *ipmi_rmcpp_auth_get_k2(ipmi_rmcpp_auth_t *ainfo, 402 unsigned int *max_len); 403 unsigned int ipmi_rmcpp_auth_get_k2_len(ipmi_rmcpp_auth_t *ainfo); 404 void ipmi_rmcpp_auth_set_k2_len(ipmi_rmcpp_auth_t *ainfo, 405 unsigned int length); 406 407 408 typedef void (*ipmi_rmcpp_finish_auth_cb)(ipmi_con_t *ipmi, 409 int err, 410 int addr_num, 411 void *cb_data); 412 typedef int (*ipmi_rmcpp_set_info_cb)(ipmi_con_t *ipmi, 413 int addr_num, 414 ipmi_rmcpp_auth_t *ainfo, 415 void *cb_data); 416 417 typedef struct ipmi_rmcpp_authentication_s 418 { 419 /* Call the set function after the key info is obtained but before 420 the final "ack". This lets the algorithm fail the connection 421 if the lan code cannot set up the data. The msg_tag is a value 422 that should be extractable from the message response (ie the 423 rakp message tag). */ 424 int (*start_auth)(ipmi_con_t *ipmi, 425 int addr_num, 426 unsigned char msg_tag, 427 ipmi_rmcpp_auth_t *ainfo, 428 ipmi_rmcpp_set_info_cb set, 429 ipmi_rmcpp_finish_auth_cb done, 430 void *cb_data); 431 } ipmi_rmcpp_authentication_t; 432 433 int ipmi_rmcpp_register_authentication(unsigned int auth_num, 434 ipmi_rmcpp_authentication_t *auth); 435 436 /* Register an OEM auth algorithm, the auth_num must be in the OEM range. */ 437 int ipmi_rmcpp_register_oem_authentication(unsigned int auth_num, 438 unsigned char iana[3], 439 ipmi_rmcpp_authentication_t *auth); 440 441 typedef struct ipmi_rmcpp_confidentiality_s 442 { 443 int (*conf_init)(ipmi_con_t *ipmi, 444 ipmi_rmcpp_auth_t *ainfo, 445 void **conf_data); 446 void (*conf_free)(ipmi_con_t *ipmi, 447 void *conf_data); 448 449 /* This adds the confidentiality header and trailer. The payload 450 points to a pointer to the payload data itself. The header 451 length points to the number of bytes available before the 452 payload. The payload length points to the length of the 453 payload. The function should add the header and trailer to the 454 payload, update the payload to point to the start of the 455 header, update the header length to remove the data it used for 456 its header, and update the payload length for any trailer used. 457 The original payload_len value plus the trailer data should not 458 exceed the max_payload_len for the trailer nor should 459 header_len go negative. Note that if you use header data, you 460 should increase max_payload_len appropriately. */ 461 int (*conf_encrypt)(ipmi_con_t *ipmi, 462 void *conf_data, 463 unsigned char **payload, 464 unsigned int *header_len, 465 unsigned int *payload_len, 466 unsigned int *max_payload_len); 467 468 469 /* Decrypt the given data (in place). The payload starts at 470 beginning of the confidentiality header and the payload length 471 includes the confidentiality trailer. This function should 472 update the payload to remove the header and the payload_len to 473 remove any headers and trailers, including all padding. */ 474 int (*conf_decrypt)(ipmi_con_t *ipmi, 475 void *conf_data, 476 unsigned char **payload, 477 unsigned int *payload_len); 478 479 } ipmi_rmcpp_confidentiality_t; 480 481 int ipmi_rmcpp_register_confidentiality(unsigned int conf_num, 482 ipmi_rmcpp_confidentiality_t *conf); 483 484 /* Register an OEM conf algorithm, the conf_num must be in the OEM range. */ 485 int ipmi_rmcpp_register_oem_confidentiality(unsigned int conf_num, 486 unsigned char iana[3], 487 ipmi_rmcpp_confidentiality_t *conf); 488 489 490 typedef struct ipmi_rmcpp_integrity_s 491 { 492 int (*integ_init)(ipmi_con_t *ipmi, 493 ipmi_rmcpp_auth_t *ainfo, 494 void **integ_data); 495 void (*integ_free)(ipmi_con_t *ipmi, 496 void *integ_data); 497 498 /* This adds the integrity trailer padding after the payload data. 499 It should add any padding after the payload and update the 500 payload length. The payload_len should not exceed 501 max_payload_len. The payload starts at beginning of the user 502 message (the RMCP version). */ 503 int (*integ_pad)(ipmi_con_t *ipmi, 504 void *integ_data, 505 unsigned char *payload, 506 unsigned int *payload_len, 507 unsigned int max_payload_len); 508 509 /* This adds the integrity trailer after the payload data (and 510 padding). The payload_len should not exceed max_payload_len. 511 The payload starts at beginning of the user message (the RMCP 512 version). */ 513 int (*integ_add)(ipmi_con_t *ipmi, 514 void *integ_data, 515 unsigned char *payload, 516 unsigned int *payload_len, 517 unsigned int max_payload_len); 518 519 /* Verify the integrity of the given data. The payload starts at 520 beginning of the user message (the RMCP version). The payload 521 length is the length including any integrity padding but not 522 the next header or authcode data. The total length includes all 523 the data, including the autocode data. */ 524 int (*integ_check)(ipmi_con_t *ipmi, 525 void *integ_data, 526 unsigned char *payload, 527 unsigned int payload_len, 528 unsigned int total_len); 529 530 } ipmi_rmcpp_integrity_t; 531 532 int ipmi_rmcpp_register_integrity(unsigned int integ_num, 533 ipmi_rmcpp_integrity_t *integ); 534 535 /* Register an OEM integ algorithm, the integ_num must be in the OEM range. */ 536 int ipmi_rmcpp_register_oem_integrity(unsigned int integ_num, 537 unsigned char iana[3], 538 ipmi_rmcpp_integrity_t *integ); 539 540 /* Authentication algorithms should use this to send messages. Note 541 that when yo use this interface, it will always set rspi->data4 to 542 the address number, you must cast it with (long) rspi->data4. */ 543 int ipmi_lan_send_command_forceip(ipmi_con_t *ipmi, 544 int addr_num, 545 ipmi_addr_t *addr, 546 unsigned int addr_len, 547 ipmi_msg_t *msg, 548 ipmi_ll_rsp_handler_t rsp_handler, 549 ipmi_msgi_t *rspi); 550 551 552 /* 553 * Hacks for various things. Don't use this stuff unless you *really* 554 * know what you are doing. 555 */ 556 557 /* Call the connection change handlers on the LAN interface. This can 558 be used for OEM connection code that needs to manage its own 559 connections. Note that the OEM code must make sure this is 560 single-threaded. */ 561 void i_ipmi_lan_call_con_change_handlers(ipmi_con_t *ipmi, 562 int err, 563 unsigned int port); 564 565 void i_ipmi_lan_con_change_lock(ipmi_con_t *ipmi); 566 567 void i_ipmi_lan_con_change_unlock(ipmi_con_t *ipmi); 568 569 #ifdef __cplusplus 570 } 571 #endif 572 573 #endif /* OPENIPMI_LAN_H */ 574