xCAT/xcat-core
2
0
Fork 0
mirror of https://github.com/xcat2/xcat-core.git synced 2026-05-17 19:57:18 +00:00
Code Issues Releases Wiki Activity

fix: set IPMI name-only lookup bit in RAKP1 to match ipmitool

Browse Source 
Set bit 4 (0x10) of the requested privilege byte in RAKP Message 1
for name-only user lookup, matching ipmitool behavior. Use the same
value consistently in all HMAC calculations (RAKP2 verification,
RAKP3 auth code, SIK derivation).

Without this, some BMCs fail user lookup with "Unauthorized name"
even though the credentials are correct.

Ref: #7511
This commit is contained in:
Vinícius Ferrão
2026-05-06 01:25:55 -03:00
parent 2bcdc52f92
commit 86f6a12264
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
xCAT-server/lib/perl/xCAT/IPMI.pm
+5 -4
View File
@@ -825,7 +825,7 @@ sub send_rakp3 {
$self->{rmcptag} += 1;
my @payload = ($self->{rmcptag}, 0, 0, 0, @{ $self->{pendingsessionid} });
my @user = unpack("C*", $self->{userid});
push @payload, unpack("C*", $self->{hshfn}->(pack("C*", @{ $self->{remoterandomnumber} }, @{ $self->{sidm} }, $self->{privlevel}, scalar @user, @user), $self->{password}));
push @payload, unpack("C*", $self->{hshfn}->(pack("C*", @{ $self->{remoterandomnumber} }, @{ $self->{sidm} }, $self->{rakp_privbyte}, scalar @user, @user), $self->{password}));
$self->sendpayload(payload => \@payload, type => $payload_types{'rakp3'});
}
@@ -839,7 +839,8 @@ sub send_rakp1 {
push @{ $self->{randomnumber} }, $randomnumber;
}
push @payload, @{ $self->{randomnumber} };
push @payload, ($self->{privlevel}, 0, 0); # request priv
$self->{rakp_privbyte} = $self->{privlevel} | 0x10;
push @payload, ($self->{rakp_privbyte}, 0, 0); # request priv, with name-only lookup
my @user = unpack("C*", $self->{userid});
push @payload, scalar @user;
push @payload, @user;
@@ -1007,7 +1008,7 @@ sub got_rakp2 {
#Data now represents authcode.. sha1 only..
my @user = unpack("C*", $self->{userid});
my $ulength = scalar @user;
my $hmacdata = pack("C*", (@{ $self->{sidm} }, @{ $self->{pendingsessionid} }, @{ $self->{randomnumber} }, @{ $self->{remoterandomnumber} }, @{ $self->{remoteguid} }, $self->{privlevel}, $ulength, @user));
my $hmacdata = pack("C*", (@{ $self->{sidm} }, @{ $self->{pendingsessionid} }, @{ $self->{randomnumber} }, @{ $self->{remoterandomnumber} }, @{ $self->{remoteguid} }, $self->{rakp_privbyte}, $ulength, @user));
my @expectedhash = (unpack("C*", $self->{hshfn}->($hmacdata, $self->{password})));
foreach (0 .. (scalar(@expectedhash) - 1)) {
if ($expectedhash[$_] != $data[$_]) {
@@ -1016,7 +1017,7 @@ sub got_rakp2 {
return 9;
}
}
$self->{sik} = $self->{hshfn}->(pack("C*", @{ $self->{randomnumber} }, @{ $self->{remoterandomnumber} }, $self->{privlevel}, $ulength, @user), $self->{password});
$self->{sik} = $self->{hshfn}->(pack("C*", @{ $self->{randomnumber} }, @{ $self->{remoterandomnumber} }, $self->{rakp_privbyte}, $ulength, @user), $self->{password});
$self->{k1} = $self->{hshfn}->(pack("C*", 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1), $self->{sik});
$self->{k2} = $self->{hshfn}->(pack("C*", 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2), $self->{sik});
my @aeskey = unpack("C*", $self->{k2});