From 1ee7cefa772da05483fff7968ed939c33be1821f Mon Sep 17 00:00:00 2001 From: Nick Child Date: Thu, 23 Sep 2021 14:08:18 -0400 Subject: [PATCH] OpTestIPMI.py: Use SHA256 for server connection algorithm When using ipmitool, the default server encryption algorithm for lanplus connections use SHA1. openBMC has dropped support for SHA1. This will result in ipmi connection errors due to "invalid authentication algorithm". Fortunately, a more trusted algorithm, like SHA256, can be used with the ipmitool option `-C `. This commit uses `-C 17` in all ipmitool commands to ensure that SHA256 is used instead of the deprecated SHA1. Signed-off-by: Nick Child --- common/OpTestIPMI.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/common/OpTestIPMI.py b/common/OpTestIPMI.py index b80f26132..627050d6a 100644 --- a/common/OpTestIPMI.py +++ b/common/OpTestIPMI.py @@ -65,7 +65,7 @@ class IPMITool(): the caller. ''' - def __init__(self, method='lanplus', binary='ipmitool', + def __init__(self, method='lanplus', binary='ipmitool', alg_id='17', ip=None, username=None, password=None, logfile=sys.stdout): self.method = 'lanplus' self.ip = ip @@ -73,12 +73,13 @@ def __init__(self, method='lanplus', binary='ipmitool', self.password = password self.binary = binary self.logfile = logfile + self.alg_id = alg_id def binary_name(self): return self.binary def arguments(self): - s = ' -H %s -I %s' % (self.ip, self.method) + s = ' -H %s -I %s -C %s' % (self.ip, self.method, self.alg_id) if self.username: s += ' -U %s' % (self.username) if self.password: