openbmctool: Handle PasswordChangeRequired.

Resolves openbmc/openbmc-tools#53

Tested: Tested with latest op940 release and Joseph's patch image
with the required password setting.

Signed-off-by: J

openbmctool: Handle PasswordChangeRequired.

Resolves openbmc/openbmc-tools#53

Tested: Tested with latest op940 release and Joseph's patch image
with the required password setting.

Signed-off-by: Joy Onyerikwu <onyekachukwu.joy.onyerikwu@ibm.com>
Change-Id: Id893e07cf455bd7d42862969e54595c1bac6fc58

show more ...

Add expectedJsonChecker tool

Tool to cross check an expected set of JSON entries against an input set
of JSON entries. Optionally, the applying of filters to entries within
the expected set using lo

Add expectedJsonChecker tool

Tool to cross check an expected set of JSON entries against an input set
of JSON entries. Optionally, the applying of filters to entries within
the expected set using logical operations is allowed against another set
of entries within a JSON file.

Traversing/cross-checking JSON dictionary objects are supported, lists
are not supported yet.

Change-Id: I9537fd8d94316b90e301a8f671ed9d1c3ab2dc0e
Signed-off-by: Matthew Barth <msbarth@us.ibm.com>

show more ...

Fix dump delete all command defect

"openbmctool.py dump delete all" command can't work due to some entries
do not have valid entry number. Add the checking for the valid entry
number.

Tested: Test

Fix dump delete all command defect

"openbmctool.py dump delete all" command can't work due to some entries
do not have valid entry number. Add the checking for the valid entry
number.

Tested: Test dump list, dump delete -n <num>, dump delete all and
dump retrieve <num>

Change-Id: If1192631ec204df14cf46bed2278696a4911be8e
Signed-off-by: Alvin Wang <alvinwang@msn.com>

show more ...

openbmctool: Add import simplejson

Without the simplejson libary, the CertificateString can't be
serialized from byte arrary successfully. It's better to add
the explict "import simplejson" to avoid

openbmctool: Add import simplejson

Without the simplejson libary, the CertificateString can't be
serialized from byte arrary successfully. It's better to add
the explict "import simplejson" to avoid this kind of error.

The error message without the simplejson library
TypeError: b'-----BEGIN CERTIFICATE... is not JSON serializable

Signed-off-by: Alvin Wang <alvinwang@msn.com>
Change-Id: I50fb0c4a3f64bc8481d8162141292ea02a2eb2bc

show more ...

openbmctool: Thermal mode accessible at standby

Remove error response referencing if the system is powered off when
accessing thermal zones or thermal mode data.

Bumped tool version to 1.17

Change

openbmctool: Thermal mode accessible at standby

Remove error response referencing if the system is powered off when
accessing thermal zones or thermal mode data.

Bumped tool version to 1.17

Change-Id: Ibd677e1847300c89616832b6d34ced9c0395ea5c
Signed-off-by: Matthew Barth <msbarth@us.ibm.com>

show more ...

openbmctool: Ignore sensor associations

The sensors namespace also has associations in now it that are used to
point back to the inventory item they represent. Skip these
associations when printing

openbmctool: Ignore sensor associations

The sensors namespace also has associations in now it that are used to
point back to the inventory item they represent. Skip these
associations when printing sensors by checking the number of segments in
the D-Bus path.

Change-Id: I8dd6eb5ceca0e392d76312012e1fe49b4471ff1d
Signed-off-by: Matt Spinler <spinler@us.ibm.com>

show more ...

Fixing wrong error messages:

The commands getDNS, getNTP and getDomainName
were throwing incorrect error message when they are
not set in the BMC.

The rmIP command was throwing error while deleting

Fixing wrong error messages:

The commands getDNS, getNTP and getDomainName
were throwing incorrect error message when they are
not set in the BMC.

The rmIP command was throwing error while deleting any
IP address, even when the IP exists in the interface.
This commit will fix the tool to throw the error
only for the IP which does not exist in the interface.

Tested by:
1. Delete the IP address from the eth0.
python openbmctool.py -H <$bmc> -U root -P 0penBmc network rmIP -I eth0 -a <IP address>
2. getDomainName when the DomainName is not configured.
python openbmctool.py -H <$bmc> -U root -P 0penBmc network getDomainName -I eth0
3. getDNS when the DNS is not configured.
python openbmctool.py -H <$bmc> -U root -P 0penBmc network getDNS -I eth0
4. getNTP when the NTP is not configured.
python openbmctool.py -H <$bmc> -U root -P 0penBmc network getNTP -I eth0

Signed-off-by: Sunitha Harish <sunithaharish04@gmail.com>
Change-Id: I6463f78b4d6e8b15a1c512734c883b563db82dd1

show more ...

Remove key bit length parameter to generatecsr command

As only 2048 key bit length is supported for RSA algorithm removing
the option for the user to enter key bit length value. Bmcweb
defaults it t

Remove key bit length parameter to generatecsr command

As only 2048 key bit length is supported for RSA algorithm removing
the option for the user to enter key bit length value. Bmcweb
defaults it to 2048 if no value is provided.

This change is done to fix a defect where user is not allowed to enter
0 value for optional parameter keybit length as per redfish specificaton.

Tested:
python openbmctool.py -H $bmc -U $user -P $password certificate generatecsr server NJ w3.ibm.com US IBM IBM-UNIT NY EC prime256v1 cp abc.com an.com,bm.com gn sn un in
Attempting login...
Generating CSR url=/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/
GenerateCSR complete.
{
"CSRString": "-----BEGIN CERTIFICATE REQUEST-----\nMIIBtDCCAVsCAQEwgfgxDznzsk4oHCBWfI=\n-----END CERTIFICATE REQUEST-----\n",
"CertificateCollection": {
"@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/"
}
}

Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Change-Id: I98d77e79ae010c4b323d419f24b6cae20982907d

show more ...

Interface changes in LDAP role mapper

In the existing code, role mapping was global. Hence, we could have one
single config at a time. Now, with the changed backend, there can be
multiple LDAP conf

Interface changes in LDAP role mapper

In the existing code, role mapping was global. Hence, we could have one
single config at a time. Now, with the changed backend, there can be
multiple LDAP configs and the role mapping is tied to the config.

This commit make sure openbmctool ldap configuration options
compatible with both redfish and non-redfish enabled OpenBMC systems.

Tested By:

1. Configuring ldap active directory configuration:
$ python openbmctool.py -U root -P 0penBmc -H $BMC_IP ldap enable -a "ldap://$LDAP_SERVER/" -B "cn=user,cn=Users,dc=Corp,dc=xyz,dc=com" -b "dc=Corp,dc=xyz,dc=com" -p "ldap1" -S sub -t ActiveDirectory
Attempting login...
Role map exists for the server type ActiveDirectory
User root has been logged out

2. View ldap configuration
$ python openbmctool.py -U root -P 0penBmc -H $BMC_IP ldap view-config
Attempting login...
{
"data": {
"Enabled": true,
"GroupNameAttribute": "primaryGroupID",
"LDAPBaseDN": "dc=Corp,dc=xyz,dc=com",
"LDAPBindDN": "cn=user,cn=Users,dc=Corp,dc=xyz,dc=com",
"LDAPBindDNPassword": "",
"LDAPSearchScope": "xyz.openbmc_project.User.Ldap.Config.SearchScope.sub",
"LDAPServerURI": "ldap://$LDAP_SERVER/",
"LDAPType": "xyz.openbmc_project.User.Ldap.Config.Type.ActiveDirectory",
"UserNameAttribute": "sAMAccountName"
},
"message": "200 OK",
"status": "ok"
}

3.List privilege-mappings
$ python openbmctool.py -U root -P 0penBmc -H $BMC_IP ldap privilege-mapper list
Attempting login...
{
"data": {
"/xyz/openbmc_project/user/ldap/active_directory/role_map/1": {
"GroupName": "G1",
"Privilege": "priv-admin"
},
"/xyz/openbmc_project/user/ldap/active_directory/role_map/2": {
"GroupName": "G2",
"Privilege": "priv-operator"
},
"/xyz/openbmc_project/user/ldap/active_directory/role_map/3": {
"GroupName": "G3",
"Privilege": "priv-user"
}
},
"message": "200 OK",
"status": "ok"
}
User root has been logged out

4. Disable LDAP
$ python openbmctool.py -U root -P 0penBmc -H $BMC_IP ldap disable
Attempting login...
{
"data": null,
"message": "200 OK",
"status": "ok"
}
User root has been logged out

5. Configure OpenLDAP
$ python openbmctool.py -U root -P 0penBmc -H $BMC_IP ldap enable -a $LDAP_SERVER -B "cn=Administrator,dc=ldap,dc=com" -b "dc=ldap,dc=com" -p "ldap" -S sub -t OpenLDAP
Attempting login...
Server type OpenLDAP has been enabled. Create role map before using it...
User root has been logged out

6. View LDAP configuration
$ python openbmctool.py -U xyzjxp -P abc@123 -H $BMC_IP ldap view-config
Attempting login...
{
"data": {
"Enabled": true,
"GroupNameAttribute": "gidNumber",
"LDAPBaseDN": "dc=ldap,dc=com",
"LDAPBindDN": "cn=Administrator,dc=ldap,dc=com",
"LDAPBindDNPassword": "",
"LDAPSearchScope": "xyz.openbmc_project.User.Ldap.Config.SearchScope.sub",
"LDAPServerURI": $LDAP_SERVER,
"LDAPType": "xyz.openbmc_project.User.Ldap.Config.Type.OpenLdap",
"UserNameAttribute": "cn"
},
"message": "200 OK",
"status": "ok"
}

7. Create privilege role map
$ python openbmctool.py -H $BMC_IP -U root -P 0penBmc ldap privilege-mapper create -g G3 -p priv-user
Attempting login...
legacy: False
{
"data": "/xyz/openbmc_project/user/ldap/openldap/role_map/1",
"message": "200 OK",
"status": "ok"
}

8. List privilege role mappings
$ python openbmctool.py -U test -P test@123 -H $BMC_IP ldap privilege-mapper list
Attempting login...
{
"data": {
"/xyz/openbmc_project/user/ldap/openldap/role_map/1": {
"GroupName": "G3",
"Privilege": "priv-user"
}
},
"message": "200 OK",
"status": "ok"
}

$ python openbmctool.py -U test -P test@123 -H $BMC_IP ldap view-config
Attempting login...
{
"data": {
"LDAPBaseDN": "dc=ldap,dc=com",
"LDAPBindDN": "uid=test,dc=ldap,dc=com",
"LDAPSearchScope": "xyz.openbmc_project.User.Ldap.Config.SearchScope.sub",
"LDAPServerURI": $LDAP_SERVER,
"LDAPType": "xyz.openbmc_project.User.Ldap.Config.Type.OpenLdap"
},
"message": "200 OK",
"status": "ok"
}

Change-Id: I4df361c229d742381fa6edcd77c125ad6556b20e
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>

show more ...

Validate the certificate type and service values

In OP930 certificate type and service values are used to compute
the certifiate URL, any mismatch in the values used to result in
Invalid D-Bus path

Validate the certificate type and service values

In OP930 certificate type and service values are used to compute
the certifiate URL, any mismatch in the values used to result in
Invalid D-Bus path error.

In OP940 only certificate type is used in computing the Redfish
url and service value is ignored. But allowing the user to pass
service for backward compatability.

In OP940 as serivce value is not used, no validation is done to
check if certificate type and service are related leading to
confusion. Modified to add the validation.

listed below are the valid combinations of certificate type and
service values.
"server" and "https"
"client" and "ldap",
"autority" and "ldap"

Tested
$ python openbmctool.py -H $bmc -U user1 -P password1 certificate update server
ldap -f cert.pem
Attempting login...
Invalid service type
User user1 has been logged out
$ python openbmctool.py -H $bmc -U user1 -P password1 certificate update client
https -f cert.pem
Attempting login...
Invalid service type
User user1 has been logged out
$ python openbmctool.py -H $bmc -U user1 -P password1 certificate update
authority https -f cert.pem
Attempting login...
Invalid service type
User user1 has been logged out
$ python openbmctool.py -H $bmc -U user1 -P password1 certificate update
authority ldap -f cert.pem
Attempting login...
Update complete.
None
User user1 has been logged out

Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Change-Id: I64dccca42391dca583fd0b2b8b612aff3b3970c3

show more ...

For generate CSR set key usage based on certificate type

Redfish allows various values for setting the key usage in
generating CSR.

Modified to auto-set the key usage value based on the
certificate

For generate CSR set key usage based on certificate type

Redfish allows various values for setting the key usage in
generating CSR.

Modified to auto-set the key usage value based on the
certificate type set for generating the CSR.

Example for "Server" certifiacte set the key usage as
"ServerAuthentication" and "Client" certificate set the key
usage as "ClientAuthentication".

Setting default values so that user does not select unrelated
key usage value like "EmailProtection" for server certificate.

Certificate manager does not validate the key usage value rather
it is used for display purpose when listing the certificate
properties.

Tested:
python openbmctool.py -H $BMC -U aaa -P bbbb certificate generatecsr server
NJ w3.ibm.com US IBM IBM-UNIT NY EC 2048 prime256v1 cp abc.com an.com,bm.com gn
sn un in
Attempting login...
Generating CSR url=/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/
GenerateCSR complete.
{
"CSRString": "-----BEGIN CERTIFICATE
REQUEST-----\n-----END CERTIFICATE REQUEST-----\n",
"CertificateCollection": {
"@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/"
}
}
User root has been logged out

Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Change-Id: If5ab55f9d35b5e9f0c9e1d3e3dc2e75adf2fa6e9

show more ...

Fix for deleteVLAN command

The legacy rest command url is not case sensitive. With redfish, the url
is case sensitive and this command does not work.
Sending the command with "Delete".This works for

Fix for deleteVLAN command

The legacy rest command url is not case sensitive. With redfish, the url
is case sensitive and this command does not work.
Sending the command with "Delete".This works for both Rest and Redfish.

Tested by :
python openbmctool.py -U <user> -P <passwd> -H <host> network deleteVLAN -I <vlan>

Signed-off-by: Sunitha Harish <sunithaharish04@gmail.com>
Change-Id: If91def92c5420ebc93c9fa3231df11ef36a91e70

show more ...

Fix for the network usecases

The below network commands are fixed
1. rmIP functionality not working
2. addVLAN functionality not working
3. network addIP has the -p option as optional.
But withou

Fix for the network usecases

The below network commands are fixed
1. rmIP functionality not working
2. addVLAN functionality not working
3. network addIP has the -p option as optional.
But without this input, the functionality does not work.

Tested by:
1.python openbmctool.py -U <user> -P <passwd> -H <host> network rmIP -a <ip> -I eth0
2.python openbmctool.py -U <user> -P <passwd> -H <host> network addVLAN -I eth0 -n <id>
3.Verified -p is now required for addIP command.

Signed-off-by: Sunitha Harish <sunithaharish04@gmail.com>
Change-Id: Ie328d04996b0fef048d73f03ba9e41d9d8779776

show more ...

Fix login failure error message

Tested by:
$python openbmctool.py -U root -P <wrong_passwd> -H <host> set_password -p <new_passwd>
Attempting login...
Login Failed!
$
$
$python openbmctool.py -U roo

Fix login failure error message

Tested by:
$python openbmctool.py -U root -P <wrong_passwd> -H <host> set_password -p <new_passwd>
Attempting login...
Login Failed!
$
$
$python openbmctool.py -U root -P <right_passwd> -H <host> set_password -p <new_passwd>
Attempting login...
200
User root has been logged out
$

Signed-off-by: Sunitha Harish <sunithaharish04@gmail.com>
Change-Id: Ic1111038d8d6769753c37f86c938c24add708368

show more ...

openbmctool : change password support for OP940

The exisitng setPassword command is extended to support the
redfish interface for the OP940

Tested by:
Changing the password on a redfish supported s

openbmctool : change password support for OP940

The exisitng setPassword command is extended to support the
redfish interface for the OP940

Tested by:
Changing the password on a redfish supported system and non-redfish system.
python openbmctool.py -U root -P <current passwd> -H $BMC_IP set_password -p <new password>

Signed-off-by: Sunitha Harish <sunithaharish04@gmail.com>
Change-Id: Ic8dba6437607590feb26894b585b4d0d56413149

show more ...

Add support for Generate Certificate Signing Request(CSR)

Redfish supports generating CSR, added support for the same

Tested:
-------OP930-------
bash-4.2$ python python openbmctool.py -H $BMC_IP -

Add support for Generate Certificate Signing Request(CSR)

Redfish supports generating CSR, added support for the same

Tested:
-------OP930-------
bash-4.2$ python python openbmctool.py -H $BMC_IP -U rrr -P pppp certificate
generatecsr server NJ w3.ibm.com US IBM IBM-UNIT NY EC 2048 prime256v1 cp
abc.com an.com,bm.com gn sn un in ClientAuthentication,CodeSigning

Attempting login...
Not supported
User bbbb has been logged out

-------OP940-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U uuu -P ppp certificate generatecsr server NJ w3.ibm.com US IBM IBM-UNIT NY EC 2048 prime256v1 cp abc.com an.com,bm.com gn sn un in ClientAuthentication,CodeSigning
Attempting login...
Generating CSR url=/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/
GenerateCSR complete.
{
"CSRString": "-----BEGIN CERTIFICATE REQUEST-----\nMIIByzCCAXICAQEwggEOMQ8wDQYDVR0RDAZhbi5jb20xDzANBgNVHREMBmJtLmNv\nbTELMAkGA1UEBwwCTkoxEzARBgNVBAMMCnczLmlibS5jb20xCzAJBgNVBCkMAmNw\nMQswCQYDVQQGEwJVUzEWMBQGCSqGSIb3DQEJARYHYWJjLmNvbTELMAkGA1UEKgwC\nZ24xCzAJBgNVBCsMAmluMQwwCgYEKw4DAgwCRUMxHTAbBgNVHQ8MFENsaWVudEF1\ndGhlbnRpY2F0aW9uMRQwEgYDVR0PDAtDb2RlU2lnbmluZzEMMAoGA1UECgwDSUJN\nMQswCQYDVQQIDAJOWTELMAkGA1UEBAwCc24xETAPBgkqhkiG9w0BCQIMAnVuMFkw\nEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE9Rt+I8tkTneN+5w+Ln5YgrIlvjEVPFcI\nazDzmxgjL6jtaeDcha9cYtj/7VXA67WSp9odVGWhAgM61LMpP3DcNKAAMAoGCCqG\nSM49BAMCA0cAMEQCIDpPzyNqhoRCYHIXxbTaynQ/ac2Oa3zff2G5HBdqx+eBAiAZ\nl+O7TAYxr+UzbbgSWEARuc5Kc7c4xLwldtecwxPbRg==\n-----END CERTIFICATE REQUEST-----\n",
"CertificateCollection": {
"@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/"
}
}
User root has been logged out

bash-4.2$ python openbmctool.py -H $BMC_IP -U uuuu -P pppp certificate generatecsr --help
usage: openbmctool.py certificate generatecsr [-h]
{server,client,authority} city
commonName country organization
organizationUnit state {RSA,EC}
{2048} keyCurveId contactPerson
email alternativeNames givenname
surname unstructuredname
initials keyUsage

positional arguments:
{server,client,authority}
Generate CSR
city The city or locality of the organization making the
request
commonName The fully qualified domain name of the component that
is being secured.
country The country of the organization making the request
organization The name of the organization making the request.
organizationUnit The name of the unit or division of the organization
making the request.
state The state, province, or region of the organization
making the request.
{RSA,EC} The type of key pair for use with signing algorithms.
{2048} The length of the key in bits, if needed based on the
value of the 'KeyPairAlgorithm' parameter.
keyCurveId The curve ID to be used with the key, if needed based
on the value of the 'KeyPairAlgorithm' parameter.
contactPerson The name of the user making the request
email The email address of the contact within the
organization
alternativeNames Additional hostnames of the component that is being
secured
givenname The given name of the user making the request
surname The surname of the user making the request
unstructuredname he unstructured name of the subject
initials The initials of the user making the request
keyUsage The usage of the key contained in the certificate

optional arguments:
-h, --help show this help message and exit

Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Change-Id: I12c0a1311e233a238806f500fd97048780f0e0c1

show more ...

Add support to list certificates

Redfish supports listing the certificates present in the
system, catered for the listing certificates.

Tested:
-------OP930-------
bash-4.2$ python openbmctool.py -

Add support to list certificates

Redfish supports listing the certificates present in the
system, catered for the listing certificates.

Tested:
-------OP930-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U bbbb -P ppppp certificate list

Attempting login...
Not supported
User bbbb has been logged out

-------OP940-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U xxxx -P xxxx certificate --help
usage: openbmctool.py certificate [-h] {update,replace,display,list} ...

optional arguments:
-h, --help show this help message and exit

subcommands:
valid certificate commands

{update,replace,display,list}
sub-command help
update Update the certificate
replace Replace the certificate
display Print the certificate
list Certificate list
bash-4.2$ python openbmctool.py -H $BMC_IP -U xxxx -P xxxx certificate list
--help
usage: openbmctool.py certificate list [-h]

optional arguments:
-h, --help show this help message and exit
bash-4.2$ python openbmctool.py -H $BMC_IP -U xxxx -P xxxx certificate list
Attempting login...
List certificates complete.
{
"@odata.context":
"/redfish/v1/$metadata#CertificateLocations.CertificateLocations",
"@odata.id": "/redfish/v1/CertificateService/CertificateLocations",
"@odata.type": "#CertificateLocations.v1_0_0.CertificateLocations",
"Description": "Defines a resource that an administrator can use in order to
locate all certificates installed on a given service",
"Id": "CertificateLocations",
"Links": {
"Certificates": [
{
"@odata.id":
"/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1"
},
{
"@odata.id": "/redfish/v1/AccountService/LDAP/Certificates/1"
},
{
"@odata.id": "/redfish/v1/Managers/bmc/Truststore/Certificates/1"
}
],
"Certificates@odata.count": 3
},
"Name": "Certificate Locations"
}
User xxxx has been logged out

Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Change-Id: Ia41370f88bcc170f4d82dc340e6d4a5ea969bd2b

show more ...

Add support to display certificate contents

Redfish supports listing the certificate content catered
for the same.

Tested:
-------OP930-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U bbbb -P

Add support to display certificate contents

Redfish supports listing the certificate content catered
for the same.

Tested:
-------OP930-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U bbbb -P ppppp certificate display
server
Attempting login...
Not supported
User bbbb has been logged out

-------OP940-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U xxxx -P xxxx certificate --help
usage: openbmctool.py certificate [-h] {update,replace,display} ...

optional arguments:
-h, --help show this help message and exit

subcommands:
valid certificate commands

{update,replace,display}
sub-command help
update Update the certificate
replace Replace the certificate
display Print the certificate

bash-4.2$ python openbmctool.py -H $BMC_IP -U xxxx -P xxxx certificate display
--help
usage: openbmctool.py certificate display [-h] {server,client,authority}

positional arguments:
{server,client,authority}
certificate type to display

optional arguments:
-h, --help show this help message and exit

bash-4.2$ python openbmctool.py -H $BMC_IP -U xxxx -P xxxx certificate display
server
Attempting login...
Display complete.
{
"@odata.context": "/redfish/v1/$metadata#Certificate.Certificate",
"@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1",
"@odata.type": "#Certificate.v1_0_0.Certificate",
"CertificateString": "-----BEGIN CERTIFICATE-----\n/Q=\n-----END
CERTIFICATE-----\n",
"Description": "HTTPS Certificate",
"Id": "1",
"Issuer": {
"CommonName": "localhost",
"Organization": "openbmc-project.xyz"
},
"KeyUsage": [],
"Name": "HTTPS Certificate",
"Subject": {
"CommonName": "localhost",
"Organization": "openbmc-project.xyz"
},
"ValidNotAfter": "2029-05-09T19:59:40+00:00",
"ValidNotBefore": "2019-05-12T19:59:40+00:00"
}
User xxxx has been logged out

Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Change-Id: Iba2549524b2931db49111d92d7ec92867e6f41db

show more ...

Add Replace certificate command

Redfish does not support certificate delete rather supports
certificate replace added support for certificate replace.

Tested:
-------OP930-------
$ python openbmcto

Add Replace certificate command

Redfish does not support certificate delete rather supports
certificate replace added support for certificate replace.

Tested:
-------OP930-------
$ python openbmctool.py -H $BMC_IP -U root -P 0penBmc certificate replace
server https -f cert.pem
Attempting login...
Replace complete.
{
"data": null,
"message": "200 OK",
"status": "ok"
}
User root has been logged out

-------OP940-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U xxxx -P xxxx certificate --help
usage: openbmctool.py certificate [-h] {update,replace} ...

optional arguments:
-h, --help show this help message and exit

subcommands:
valid certificate commands

{update,replace} sub-command help
update Update the certificate
replace Replace the certificate
bash-4.2$ python openbmctool.py -H abc -U xxxx -P xxxx certificate replace --help
usage: openbmctool.py certificate replace [-h] -f FILELOC
{server,client,authority}

positional arguments:
{server,client,authority}
certificate type to replace

optional arguments:
-h, --help show this help message and exit
-f FILELOC, --fileloc FILELOC
The absolute path to the certificate file

bash-4.2$ python openbmctool.py -H $BMC_IP -U xxxx -P xxxx certificate replace server -f cert.pem
Attempting login...
Replacing certificate url=/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1
Replace complete.
{
"@odata.context": "/redfish/v1/$metadata#Certificate.Certificate",
"@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1",
"@odata.type": "#Certificate.v1_0_0.Certificate",
"CertificateString": "-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----\n",
"Description": "HTTPS certificate",
"Id": "1",
"Issuer": {
"CommonName": "localhost",
"Organization": "openbmc-project.xyz"
},
"KeyUsage": [],
"Name": "HTTPS certificate",
"Subject": {
"CommonName": "localhost",
"Organization": "openbmc-project.xyz"
},
"ValidNotAfter": "2029-05-09T19:59:40+00:00",
"ValidNotBefore": "2019-05-12T19:59:40+00:00"
}

Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Change-Id: I4d222a3db1590c2c4206798ac3cc0eea4899eb48

show more ...

Cater for certificate delete

Return error if user initiates certificae delete for
OP940 relase that has redfish support.

Certificate delete is not present in OP940 rather
user need to use certifica

Cater for certificate delete

Return error if user initiates certificae delete for
OP940 relase that has redfish support.

Certificate delete is not present in OP940 rather
user need to use certificate replace.

Tested:
-------OP930-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U aaa -P ppp certificate
delete server https
Attempting login...
Deleting certificate url=https://$BMC_IP/xyz/openbmc_project/certs/server/https
Delete complete.
None
User root has been logged out

-------OP940-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U aaa -P ppp certificate
Attempting login...
Not supported
User root has been logged out

Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Change-Id: I2b1906190a59dc7f10781eb78744d7350baae169

show more ...

Add support for certificate update command

Existing REST server is broken with design changes
done to phosphor-certificate-manager as it is catered
for Redfish specification

Modified certificate up

Add support for certificate update command

Existing REST server is broken with design changes
done to phosphor-certificate-manager as it is catered
for Redfish specification

Modified certificate update command to use Redfish
specification

Tested:
-------OP940-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U xxx -P xxxx certificate update
server -f testcert.pem
{
"@odata.context": "/redfish/v1/$metadata#Certificate.Certificate",
"@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1",
"@odata.type": "#Certificate.v1_0_0.Certificate",
"CertificateString": "-----BEGIN CERTIFICATE----DzyQ==\n-----END
CERTIFICATE-----\n",
"Description": "HTTPS Certificate",
"Id": "1",
"Name": "HTTPS Certificate",
"Subject": {
"City": "SomeCity",
"CommonName": "www.company.com",
"State": "VA"
},
"ValidNotAfter": "2029-03-14T02:11:02+00:00",
"ValidNotBefore": "2019-03-17T02:11:02+00:00"
}

-------OP930-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U rrrr -P aaaa certificate
update server https -f cert.pem
Attempting login...
Updating certificate url=https://$bmc/xyz/openbmc_project/certs/server/https
Update complete.
None
User root has been logged out

Change-Id: I3502683f7bf22898826accb2d154da3b9e6744b1
Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>

show more ...

Simple yaml formatter

Some yaml directory refactoring recently required the indents be fixed
in some existing yaml files. Wrote a quick tool that could be built on
to do more future formatting or ev

Simple yaml formatter

Some yaml directory refactoring recently required the indents be fixed
in some existing yaml files. Wrote a quick tool that could be built on
to do more future formatting or even run within CI to verify formatting.

Change-Id: Id289feef49d97cbb689dbff952aeb0ec30bbd8f0
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>

show more ...

Pwmtachtool

Pwmtachtool is a generic tool to configure Fan speed.
It supports set / get fan speed, set / get dutycycle.

Updated LICENSE file to cover all source files and
removed file specific lice

Pwmtachtool

Pwmtachtool is a generic tool to configure Fan speed.
It supports set / get fan speed, set / get dutycycle.

Updated LICENSE file to cover all source files and
removed file specific licenses at the top of each
of the files.

Signed-off-by: Hongwei Zhang <hongweiz@ami.com>
Change-Id: I9100c81e59f04f45af4e146e1e547cf7914770e3
Signed-off-by: Kiran Kumar <kirank@ami.com>

show more ...

adcapp

This is a tool to read all the available ADC channels.
A raw value is read from each of the channels.

Updated LICENSE file to cover all source files and
removed file specific licenses at the

adcapp

This is a tool to read all the available ADC channels.
A raw value is read from each of the channels.

Updated LICENSE file to cover all source files and
removed file specific licenses at the top of some
of the files.

Signed-off-by: Hongwei Zhang <hongweiz@ami.com>
Change-Id: I3c1b389c0d91bccfc3ee93bccfe04137d7ea9960
Signed-off-by: Kiran Kumar <kirank@ami.com>

show more ...

openbmctool: -E reads envvar OPENBMCTOOL_PASSWORD

tested: -E works; also -A and -P still work.

Signed-off-by: Joseph Reynolds <joseph.reynolds1@ibm.com>
Change-Id: I2d7bc22c842fb69c0859bcc7ef62746b

openbmctool: -E reads envvar OPENBMCTOOL_PASSWORD

tested: -E works; also -A and -P still work.

Signed-off-by: Joseph Reynolds <joseph.reynolds1@ibm.com>
Change-Id: I2d7bc22c842fb69c0859bcc7ef62746b2bd0b32f

show more ...