search

arcress0 / ipmiutil

ipmiutil is an easy to use set of IPMI server management utilities. It can get/set sensor readings & thresholds, automate SEL management, do SOL console, etc. Supports Linux, Windows, BSD, Solaris, MacOSX. The only IPMI project tool that runs natively on Windows. See http://ipmiutil.sf.net for rpms, etc. (formerly called panicsel). It can run driverless in Linux for use on boot media or embedded environments.
BSD 3-Clause "New" or "Revised" License
33 stars 5 forks source link

Got error message when change user password by IPMIUTIL command #14

Closed vien20010 closed 1 year ago

vien20010 commented 1 year ago

Step to reproduce: Create new user with ipmiutil command

ipmiutil user set <user_id> name <username>
ipmiutil user set <user_id>  password <password>
ipmiutil user set <user_id> priv <privilege>

Expected result: Command response success when setting account password

Actual result: Command return error when setting account password

ipmiutil user ver 3.12
Opening lanplus connection to node 10.76.116.83 ...
GET_USERNAME: 75 73 65, status = 0, ccode=0
SETUSERNAME - 4 75 73  status = 0, ccode=0
SETUSERENAB - inputData 4 1 73, status = 0, ccode=0
SETUSERPSW - inputData 4 2 41, status = 0, ccode=0
TESTUSERPSW - inputData 4 3 41, status = 0, ccode=0
SETUSER_ACCESS - inputData 91 4 1f, status = cc ccode=cc
ipmiutil user, Invalid data field in request
vien20010 commented 1 year ago

Phenomenon:

ipmiutil user set password fail when Set User Access command: Invalid data field in request

Root cause:

ipmiutil uses privilege of user configuration info which is result of GetUserInfo function

_ipmi_userset function ipmiutil-3.1.8/util/iuser.c

image

In GetUserInfo function, priv = responseData[3] of GET_USER_ACCESS command

GetUserInfo function ipmiutil-3.1.8/util/ilan.c

image

responseData[3] is 1 byte data which is defined in ipmi spec Table 22- Get User Access Command

image

ipmiutil use this byte to execute Set User Access Command. But Request Data of this command only use 4 LSB bits for privilege and 4 MSB bits is reserved (must be 0b0000). We can easily refer it in ipmi spec Table 22- Set User Access Command. image

So using a whole byte 5 (responseData[3]) of Get User Access command for request data of Set User Access Command isn’t suitable. ipmiutil should use only 4 LSB bits.

Solution: Use only 4 LSB bits in GetUserInfo function

image
arcress0 commented 1 year ago

Yes. The change on line 1007 is the right fix in ilan.c, thank you for your detailed research.
upriv = responseData[3] & 0x0F;