# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
#
# Raw commands to set BMCs to defaults
#   dx320
#     0x2e 0x10 0x4d 0x4f 0x00 0xff
#
#   dx340 
#     0x30 0x13 0xff 0x00 0x00 0x00
#
#   dx360/x3450
#     0x30 0x02 0x43 0x4c 0x52 0xaa
#     0x08 0x00 0x49 0x4e 0x54 0x45 0x4c
#     0x08 0x04
#
allowcred.awk &
CREDPID=$!
sleep 5
modprobe ipmi_si
modprobe ipmi_devintf
IPCFGMETHOD=static
while [ -z "$BMCIP" -a $IPCFGMETHOD="static" ]; do
    while ! getipmi
    do
        echo "Retrying retrieval of IPMI settings from server"
    done
    TIMEOUT=15
    BMCIP=`grep bmcip /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
    BMCVLAN=`grep taggedvlan /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
    if [ -z "$BMCVLAN" ]; then BMCVLAN=off; fi
    BMCGW=`grep gateway /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
    BMCNM=`grep netmask /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
    BMCUS=`grep username /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
    BMCPW=`grep password /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
    IPCFGMETHOD=`grep ipcfgmethod /tmp/ipmicfg.xml|awk -F\> '{print $2}'|awk -F\< '{print $1}'`
    if [ -z "$IPCFGMETHOD" ]; then
	IPCFGMETHOD="static"
    fi
    if [ -z "$BMCIP" -a $IPCFGMETHOD="static" ]; then
        echo "FAILED TO RETRIEVE SETTINGS, RETRYING in 15 seconds"
        sleep 15
    fi
done
kill $CREDPID
NUMBMCS=`grep bmcip /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'|wc -l`
IPMIVER=`ipmitool mc info|grep ^IPMI|awk  '{print $4}'`
IPMIMFG=`ipmitool mc info|grep "^Manufacturer ID"|awk  '{print $4}'`
if [ "$IPMIMFG" == 2 ]; then #IBM
    XPROD=`ipmitool mc info|grep "^Product ID"|awk '{print $4}'`
    if [ "$XPROD" == "220" ]; then
        LOCKEDUSERS=1
        BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
        if [ ! -z "$BMCPORT" ]; then
	    let idev=0
	    IFS=','
	    for p in $BMCPORT; do
            	ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
            	ipmitool -d $idev raw 0x04 0x12 0x09 0x01 0x18 0x${p}1 0x00 > /dev/null
                CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
                while [ "$CURBMCPORT" -ne "$BMCPORT" ]; do
                    sleep 1
                    CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
                done
	    	let idev=idev+1
	    done
	    unset IFS
        fi
    elif [ "$XPROD" == "291" ]; then
        LOCKEDUSERS=1
    else
        IBMFAM=`ipmitool raw 0x3a 0x50 |head -n 1| awk '{print $1 $2 $3 $4}'`
        if [ "$IBMFAM" == "59554f4f" ]; then
            BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
            if [ ! -z "$BMCPORT" ]; then
	    	let idev=0
		    IFS=','
		    for p in $BMCPORT; do
	            	ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
                    CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
                    while [ "$CURBMCPORT" -ne "$BMCPORT" ]; do
                        sleep 1
                        CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
                    done
		    	    let idev=idev+1
		    done
		    unset IFS
            fi
        fi
    fi
elif [ "$IPMIMFG" == 20301 ] ; then
    XPROD=`ipmitool mc info|grep "^Product ID"|awk '{print $4}'`
    IBMVPDV=`ipmitool raw 0x3a 0xb 2 0 16 1`
    if [ $IBMVPDV -eq 2 ]; then
	ISITE=1;
    fi
        LOCKEDUSERS=1
        BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
        if [ ! -z "$BMCPORT" ]; then
	    	let idev=0
		    IFS=','
		    for p in $BMCPORT; do
	            	ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
                    # after this change, we need to watch and wait to see that it
                    # actually takes effect.  On port change, the service processor
                    # does not migrate the network configuration over
                    # so we might be halfway through setting up when the net config 
                    # reverts to dhcp then static, which setting a static ip for is
                    # considered invalid
                    CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
                    while [ -z "$CURBMCPORT" -o 0"$CURBMCPORT" -ne "$BMCPORT" ]; do
                        sleep 1
                        CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
                    done

		    	let idev=idev+1
		    done
		    unset IFS
        fi
elif [ "$IPMIMFG" == "47488" ]; then
        LOCKEDUSERS=1
fi
echo -n "Auto detecting LAN channel..."

while [ -z "$LANCHAN" ]; do 
	for TLANCHAN in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16; do 
	   if ipmitool channel info $TLANCHAN 2> /dev/null | grep 802.3 > /dev/null 2>&1 && ipmitool raw 0xc 2 $TLANCHAN 5 0 0 > /dev/null 2>&1; 
	   then 
		LANCHAN=$TLANCHAN
	        break; 
	    fi; 
	    echo -n "."
	done
	if [ -z "$LANCHAN" ]; then
		echo "Unable to detect lan channel, retrying in 10 seconds";
		sleep 10
	fi
done
echo "Detected LAN channel $LANCHAN"
        
let idev=NUMBMCS
if [ $IPCFGMETHOD="static" ]; then
	while [ $idev -gt 0 ]; do
		let idev=idev-1
		TRIES=0
		while ! ipmitool -d $idev lan set $LANCHAN ipsrc static; do
		    sleep 1
		    let TRIES=TRIES+1
		    if [ $TRIES -gt $TIMEOUT ]; then break; fi
		done
	done
	let idev=0
	for b in $BMCIP; do
		TRIES=0
		while ! ipmitool -d $idev lan set $LANCHAN ipaddr $b; do
		    sleep 1
		    let TRIES=TRIES+1
		    if [ $TRIES -gt $TIMEOUT ]; then break; fi
		done
		let idev=idev+1
	done
	let idev=0
	for m in $BMCNM; do
		TRIES=0
		while ! ipmitool -d $idev lan set $LANCHAN netmask $m; do
		    sleep 1
		    let TRIES=TRIES+1
		    if [ $TRIES -gt $TIMEOUT ]; then break; fi
		done
		let idev=idev+1
	done
	TRIES=0
	if [ ! -z "$BMCGW" ]; then
	    let idev=0
	    for g in $BMCGW; do
	    	TRIES=0
		    while ! ipmitool -d $idev lan set $LANCHAN defgw ipaddr $g; do
		        sleep 1
		        let TRIES=TRIES+1
		        if [ $TRIES -gt $TIMEOUT ]; then break; fi
		    done
	            let idev=idev+1
	    done
	    TRIES=0
	fi
else
	 let idev=NUMBMCS
	 while [ $idev -gt 0 ]; do
                let idev=idev-1
                TRIES=0
                while ! ipmitool -d $idev lan set $LANCHAN ipsrc $IPCFGMETHOD; do
                    sleep 1
                    let TRIES=TRIES+1
                    if [ $TRIES -gt $TIMEOUT ]; then break; fi
                done
        done
fi

let idev=0
for b in $BMCVLAN; do
	TRIES=0
	while ! ipmitool -d $idev lan set $LANCHAN vlan id $b; do
	    sleep 1
	    let TRIES=TRIES+1
	    if [ $TRIES -gt $TIMEOUT ]; then break; fi
	done
	let idev=idev+1
done

let idev=NUMBMCS-1
for bmcu in $BMCUS; do
    if [ "$bmcu" = "" ]; then continue; fi
DISABLEUSERS="1 2 3 4"
if [ ! -z "$LOCKEDUSERS" ]; then
    USERSLOT=`ipmitool -d $idev user list $LANCHAN |grep -v ^ID|awk '{print $1 " " $2}'|grep -w "$BMCUS"|awk '{print $1}'`
    if [ -z "$USERSLOT" ]; then
        USERSLOT=4
    fi
else
    USERSLOT=2
fi
if [ "$ISITE" = 1 ]; then
    allowcred.awk &
    CREDPID=$!
    while ! remoteimmsetup
    do
        echo "Waiting for xCAT remote configuration of service processor via CMM.."
    done
    kill $CREDPID
fi
CURRENTUSER=`ipmitool -d $idev user list $LANCHAN|grep ^$USERSLOT|awk '{print $2}'`
DISABLEUSERS=`echo 1 2 3 4|sed -e s/$USERSLOT//`
for user in $DISABLEUSERS; do
    while ! ipmitool -d $idev user disable $user; do
        sleep 1
        let TRIES=TRIES+1
        if [ $TRIES -gt $TIMEOUT ]; then break; fi
    done
    TRIES=0
done
TRIES=0
while ! ipmitool -d $idev user enable $USERSLOT; do
    sleep 1
    let TRIES=TRIES+1
    if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
# Last param in ipmitool user priv is the channel to set it on.
# Penguin boxes are all channel 2
CURRPRIV=`ipmitool -d $idev user list $LANCHAN|grep ^$USERSLOT|awk '{print $6}'`
if [ "$CURRPRIV" != "ADMINISTRATOR" ]; then 
    while ! ipmitool -d $idev user priv $USERSLOT 4 $LANCHAN; do
        sleep 1
        let TRIES=TRIES+1
    if [ $TRIES -gt $TIMEOUT ]; then break; fi
    done
    TRIES=0
fi
TRIES=0
while ! ipmitool -d $idev channel setaccess $LANCHAN $USERSLOT link=on; do
    sleep 1
    let TRIES=TRIES+1
    if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
if [ "$CURRENTUSER" != "$bmcu" ]; then
    while ! ipmitool -d $idev user set name $USERSLOT $bmcu; do
        sleep 1
        let TRIES=TRIES+1
        if [ $TRIES -gt $TIMEOUT ]; then break; fi
    done
fi
let idev=idev-1
done
let idev=NUMBMCS-1
for bmcp in $BMCPW; do
    if [ "$bmcp" = "" ]; then continue; fi
TRIES=0
while ! ipmitool -d $idev user set password $USERSLOT $bmcp; do
    sleep 1
    let TRIES=TRIES+1
    if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
echo "Set up following user table: "
ipmitool -d $idev user list $LANCHAN
let idev=idev-1
done

let idev=NUMBMCS
while [ $idev -gt 0 ]; do
let idev=idev-1


echo -n "Enabling Channel $LANCHAN: "
while ! ipmitool -d $idev raw 0x6 0x40 $LANCHAN 0x42 0x44 > /dev/null; do
    sleep 1
    let TRIES=TRIES+1
    if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
while ! ipmitool -d $idev raw 0x6 0x40 $LANCHAN 0x82 0x84 > /dev/null; do
    sleep 1
    let TRIES=TRIES+1
    if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
TRIES=0

echo -n "Enabling ARP responses: "
while ! ipmitool -d $idev lan set $LANCHAN arp respond on > /dev/null; do
    sleep 1
    let TRIES=TRIES+1
    echo -n .
    if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
TRIES=0

echo -n "Enabling IPMI v 1.5 MD5 LAN access:"
while ! ipmitool -d $idev lan set $LANCHAN auth admin md5 > /dev/null; do
    sleep 1
    let TRIES=TRIES+1
    if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
TRIES=0
if [ ! "$IPMIVER" == "1.5"  ]; then 
    echo -n "Enabling IPMI v 2.0 LAN access: "
    #the following goals:
    #disable cipher suite 0 (if present, avoid password bypass)
    #disable cipher suite 1 (if present, to avoid weaking Kg if used)
    #enable cipher suite 2 (scenarios without perl Rijndael)
    #enable cipher suite 3
    #ignore the rest
    ZEROIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '%0$'|sed -e 's/:.*//')
    ONEIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '^1$'|sed -e 's/:.*//')
    TWOIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '^2$'|sed -e 's/:.*//')
    THREEIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '^3$'|sed -e 's/:.*//')
    ACCESS=$(ipmitool lan print $LANCHAN|grep 'Cipher Suite Priv Max'|cut -d: -f 2|sed -e 's/ //g' -e 's/\(.\)/\1\n/g'|grep -v '^$')
    NEWACCESS=""
    i=1
    for elem in $ACCESS; do
        if [ $i = "$ZEROIDX" -o $i = "$ONEIDX" ]; then
            NEWACCESS="$NEWACCESS"X
        elif [ $i = "$TWOIDX" -o $i = "$THREEIDX" ]; then
            #do not *downgrade* from OEM priv
            if [ "$elem" != "O" ]; then NEWACCESS="$NEWACCESS"a; else NEWACCESS="$NEWACCESS"$elem; fi
        else
            NEWACCESS="$NEWACCESS"$elem
        fi
	    i=$((i+1))
    done
    if ipmitool lan set $LANCHAN cipher_privs $NEWACCESS > /dev/null; then
		echo OK
    else
		echo ERROR
    fi


    TRIES=0

    echo -n "Enabling SOL for channel $LANCHAN:"
    while ! ipmitool -d $idev raw 0xc 0x21 $LANCHAN 0x1 0x1 > /dev/null; do
        sleep 1
        let TRIES=TRIES+1
        if [ $TRIES -gt $TIMEOUT ]; then break; fi
    done
    if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
    TRIES=0
    
    echo -n "Enabling SOL for $BMCUS:"
    while ! ipmitool -d $idev raw 6 0x4c $LANCHAN $USERSLOT 2 0 0 0 > /dev/null; do
        sleep 1
        let TRIES=TRIES+1
        if [ $TRIES -gt $TIMEOUT ]; then break; fi
    done
    if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
    echo -n "Putting SOL on channel $LANCHAN:"
    while ! OUTPUT=`ipmitool -d $idev raw 0xc 0x21 $LANCHAN 7 $LANCHAN 2>&1 > /dev/null`; do
	if echo $OUTPUT|grep "Unknown (0x80)" > /dev/null; then
		echo "Not Needed"
		break
        fi
        sleep 1
        let TRIES=TRIES+1
        if [ $TRIES -gt $TIMEOUT ]; then break; fi
    done
    if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
fi

# Reset the BMC for the x3755 M4 (8722), otherwise the BMC will not be pingable after running of bmcsetup
XPROD=`ipmitool mc info|grep "^Product ID"|awk '{print $4}'`
if [ "$XPROD" = "309" ] ; then
    echo "Resetting BMC ..."
    ipmitool mc reset cold
    echo "Waiting for the BMC to appear ..."
    sleep 15
    TRIES=0
    while ! ipmitool lan print $LANCHAN > /dev/null; do
        sleep 3
        let TRIES=TRIES+1
        if [ $TRIES -gt $TIMEOUT ]; then break; fi
    done
fi

# update the node status to 'bmcready'
for parm in `cat /proc/cmdline`; do
	key=`echo $parm|awk -F= '{print $1}'`
	if [ "$key" = "xcatd" ]; then
		XCATMASTER=`echo $parm|awk -F= '{print $2}'|awk -F: '{print $1}'`
	fi
done
if [ ! -z "$XCATMASTER" ]; then
    updateflag.awk $XCATMASTER 3002 "installstatus bmcready"
fi
#frume.awk

echo "Lighting Identify Light"
while :
    do ipmitool -d $idev raw 0 4 10 > /dev/null
    sleep 7
done &
done