From 010a288bd393ed6eef0aa8f9624fbe804a34756b Mon Sep 17 00:00:00 2001
From: GONG Jie <gongjie@linux.vnet.ibm.com>
Date: Thu, 15 Nov 2018 03:00:20 -0500
Subject: [PATCH] Add patches for ipmitool from RHEL8

---
 ipmitool/0001-CVE-2011-4339-OpenIPMI.patch    |  25 ++
 ipmitool/0002-openssl.patch                   |  89 +++++++
 .../0003-ipmitool-1.8.11-set-kg-key.patch     | 240 ++++++++++++++++++
 ipmitool/0004-slowswid.patch                  |  16 ++
 ipmitool/0005-sensor-id-length.patch          |  16 ++
 ipmitool/0006-enable-usb.patch                |  21 ++
 ipmitool/0007-check-input.patch               |  41 +++
 7 files changed, 448 insertions(+)
 create mode 100644 ipmitool/0001-CVE-2011-4339-OpenIPMI.patch
 create mode 100644 ipmitool/0002-openssl.patch
 create mode 100644 ipmitool/0003-ipmitool-1.8.11-set-kg-key.patch
 create mode 100644 ipmitool/0004-slowswid.patch
 create mode 100644 ipmitool/0005-sensor-id-length.patch
 create mode 100644 ipmitool/0006-enable-usb.patch
 create mode 100644 ipmitool/0007-check-input.patch

diff --git a/ipmitool/0001-CVE-2011-4339-OpenIPMI.patch b/ipmitool/0001-CVE-2011-4339-OpenIPMI.patch
new file mode 100644
index 0000000..437c9ad
--- /dev/null
+++ b/ipmitool/0001-CVE-2011-4339-OpenIPMI.patch
@@ -0,0 +1,25 @@
+From 152efd46931a70ab4e3d81e99d312df7dcd666e6 Mon Sep 17 00:00:00 2001
+From: Boris Ranto <branto@redhat.com>
+Date: Tue, 10 May 2016 19:12:08 +0200
+Subject: [PATCH] CVE-2011-4339 OpenIPMI
+
+IPMI event daemon creates PID file with world writeable permissions
+---
+ lib/helper.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/lib/helper.c b/lib/helper.c
+index de91438..c3a1c80 100644
+--- a/lib/helper.c
++++ b/lib/helper.c
+@@ -829,7 +829,6 @@ ipmi_start_daemon(struct ipmi_intf *intf)
+ #endif
+ 
+ 	chdir("/");
+-	umask(0);
+ 
+ 	for (fd=0; fd<64; fd++) {
+ 		if (fd != intf->fd)
+-- 
+2.7.4
+
diff --git a/ipmitool/0002-openssl.patch b/ipmitool/0002-openssl.patch
new file mode 100644
index 0000000..ff5e705
--- /dev/null
+++ b/ipmitool/0002-openssl.patch
@@ -0,0 +1,89 @@
+diff -urNp old/src/plugins/lanplus/lanplus_crypt_impl.c new/src/plugins/lanplus/lanplus_crypt_impl.c
+--- old/src/plugins/lanplus/lanplus_crypt_impl.c	2016-05-28 10:20:20.000000000 +0200
++++ new/src/plugins/lanplus/lanplus_crypt_impl.c	2017-02-21 10:50:21.634873466 +0100
+@@ -164,10 +164,10 @@ lanplus_encrypt_aes_cbc_128(const uint8_
+ 							uint8_t       * output,
+ 							uint32_t        * bytes_written)
+ {
+-	EVP_CIPHER_CTX ctx;
+-	EVP_CIPHER_CTX_init(&ctx);
+-	EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
+-	EVP_CIPHER_CTX_set_padding(&ctx, 0);
++	EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
++	EVP_CIPHER_CTX_init(ctx);
++	EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
++	EVP_CIPHER_CTX_set_padding(ctx, 0);
+ 	
+ 
+ 	*bytes_written = 0;
+@@ -191,7 +191,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_
+ 	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
+ 
+ 
+-	if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
++	if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
+ 	{
+ 		/* Error */
+ 		*bytes_written = 0;
+@@ -201,7 +201,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_
+ 	{
+ 		uint32_t tmplen;
+ 
+-		if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
++		if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
+ 		{
+ 			*bytes_written = 0;
+ 			return; /* Error */
+@@ -210,7 +210,8 @@ lanplus_encrypt_aes_cbc_128(const uint8_
+ 		{
+ 			/* Success */
+ 			*bytes_written += tmplen;
+-			EVP_CIPHER_CTX_cleanup(&ctx);
++			EVP_CIPHER_CTX_cleanup(ctx);
++			EVP_CIPHER_CTX_free(ctx);
+ 		}
+ 	}
+ }
+@@ -239,10 +240,10 @@ lanplus_decrypt_aes_cbc_128(const uint8_
+ 							uint8_t       * output,
+ 							uint32_t        * bytes_written)
+ {
+-	EVP_CIPHER_CTX ctx;
+-	EVP_CIPHER_CTX_init(&ctx);
+-	EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
+-	EVP_CIPHER_CTX_set_padding(&ctx, 0);
++	EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
++	EVP_CIPHER_CTX_init(ctx);
++	EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
++	EVP_CIPHER_CTX_set_padding(ctx, 0);
+ 
+ 
+ 	if (verbose >= 5)
+@@ -266,7 +267,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_
+ 	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
+ 
+ 
+-	if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
++	if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
+ 	{
+ 		/* Error */
+ 		lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
+@@ -277,7 +278,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_
+ 	{
+ 		uint32_t tmplen;
+ 
+-		if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
++		if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
+ 		{
+ 			char buffer[1000];
+ 			ERR_error_string(ERR_get_error(), buffer);
+@@ -290,7 +291,8 @@ lanplus_decrypt_aes_cbc_128(const uint8_
+ 		{
+ 			/* Success */
+ 			*bytes_written += tmplen;
+-			EVP_CIPHER_CTX_cleanup(&ctx);
++			EVP_CIPHER_CTX_cleanup(ctx);
++			EVP_CIPHER_CTX_free(ctx);
+ 		}
+ 	}
+ 
diff --git a/ipmitool/0003-ipmitool-1.8.11-set-kg-key.patch b/ipmitool/0003-ipmitool-1.8.11-set-kg-key.patch
new file mode 100644
index 0000000..00a396e
--- /dev/null
+++ b/ipmitool/0003-ipmitool-1.8.11-set-kg-key.patch
@@ -0,0 +1,240 @@
+diff -urNp old/doc/ipmitool.1 new/doc/ipmitool.1
+--- old/doc/ipmitool.1	2017-02-06 10:20:02.254362909 +0100
++++ new/doc/ipmitool.1	2017-02-06 10:33:41.729294474 +0100
+@@ -372,6 +372,20 @@ Configure user access information on the
+ 
+ Displays the list of cipher suites supported for the given
+ application (ipmi or sol) on the given channel.
++.TP
++\fIsetkg\fP <\fIhex\fP|\fIplain\fP> <\fBkey\fP> [<\fBchannel\fR>]
++.br
++
++Sets K_g key to given value. Use \fIplain\fP to specify \fBkey\fR as simple ASCII string.
++Use \fIhex\fP to specify \fBkey\fR as sequence of hexadecimal codes of ASCII charactes.
++I.e. following two examples are equivalent:
++
++.RS
++ipmitool channel setkg plain PASSWORD
++
++ipmitool channel setkg hex 50415353574F5244
++.RE
++
+ .RE
+ .RE
+ .TP 
+diff -urNp old/include/ipmitool/helper.h new/include/ipmitool/helper.h
+--- old/include/ipmitool/helper.h	2017-02-06 10:20:02.254362909 +0100
++++ new/include/ipmitool/helper.h	2017-02-06 10:40:07.336136844 +0100
+@@ -58,6 +58,8 @@
+ # define IPMI_UID_MAX 63
+ #endif
+ 
++#define IPMI_KG_BUFFER_SIZE       21 /* key plus null byte */
++
+ struct ipmi_intf;
+ 
+ struct valstr {
+diff -urNp old/include/ipmitool/ipmi_channel.h new/include/ipmitool/ipmi_channel.h
+--- old/include/ipmitool/ipmi_channel.h	2017-02-06 10:20:02.253316684 +0100
++++ new/include/ipmitool/ipmi_channel.h	2017-02-06 10:58:15.291287621 +0100
+@@ -49,6 +49,10 @@
+ #define IPMI_GET_USER_NAME             0x46
+ #define IPMI_SET_USER_PASSWORD         0x47
+ #define IPMI_GET_CHANNEL_CIPHER_SUITES 0x54
++#define IPMI_SET_CHANNEL_SECURITY_KEYS 0x56
++
++#define IPMI_KG_KEY_ID  1
++#define IPMI_SET_CHANNEL_SECURITY_KEYS_OP_SET 1
+ 
+ /* These are for channel_info_t.session_support */
+ #define IPMI_CHANNEL_SESSION_LESS 0x00
+@@ -137,6 +141,40 @@ int _ipmi_set_channel_access(struct ipmi
+ 		struct channel_access_t channel_access, uint8_t access_option,
+ 		uint8_t privilege_option);
+ 
++struct set_channel_security_keys_req {
++#if WORDS_BIGENDIAN
++	uint8_t __reserved1			:4;
++	uint8_t channel				:4;
++	
++	uint8_t __reserved2			:6;
++	uint8_t operation			:2;
++	
++	uint8_t key_id;
++	unsigned char key_value[IPMI_KG_BUFFER_SIZE-1]; /* we don't want space for '\0' at the end */
++#else
++	uint8_t channel				:4;
++	uint8_t __reserved1			:4;
++	
++	uint8_t operation			:2;
++	uint8_t __reserved2			:6;
++	
++	uint8_t key_id;
++	unsigned char key_value[IPMI_KG_BUFFER_SIZE-1]; /* we don't want space for '\0' at the end */
++#endif
++} __attribute__ ((packed));
++
++struct set_channel_security_keys_rsp {
++#if WORDS_BIGENDIAN
++	uint8_t __reserved1			:6;
++	uint8_t lock_status			:2;
++	unsigned char key_value; /* just the first character, use &key_value to explore the rest */
++#else
++	uint8_t lock_status			:2;
++	uint8_t __reserved1			:6;
++	unsigned char key_value; /* just the first character, use &key_value to explore the rest */
++#endif
++} __attribute__ ((packed));
++
+ uint8_t ipmi_get_channel_medium(struct ipmi_intf * intf, uint8_t channel);
+ uint8_t ipmi_current_channel_medium(struct ipmi_intf * intf);
+ int ipmi_channel_main(struct ipmi_intf * intf, int argc, char ** argv);
+diff -urNp old/include/ipmitool/ipmi_intf.h new/include/ipmitool/ipmi_intf.h
+--- old/include/ipmitool/ipmi_intf.h	2017-02-06 10:20:02.254362909 +0100
++++ new/include/ipmitool/ipmi_intf.h	2017-02-06 10:40:40.264577602 +0100
+@@ -60,7 +60,6 @@ enum LANPLUS_SESSION_STATE {
+ 
+ #define IPMI_AUTHCODE_BUFFER_SIZE 20
+ #define IPMI_SIK_BUFFER_SIZE      IPMI_MAX_MD_SIZE
+-#define IPMI_KG_BUFFER_SIZE       21 /* key plus null byte */
+ 
+ struct ipmi_session_params {
+ 	char * hostname;
+diff -urNp old/lib/ipmi_channel.c new/lib/ipmi_channel.c
+--- old/lib/ipmi_channel.c	2017-02-06 10:20:02.255409134 +0100
++++ new/lib/ipmi_channel.c	2017-02-06 12:32:14.222282317 +0100
+@@ -821,6 +821,92 @@ ipmi_set_user_access(struct ipmi_intf *i
+ 	return 0;
+ }
+ 
++int 
++ipmi_set_channel_security_keys (struct ipmi_intf *intf, uint8_t channel, const char *method, const char *key)
++{
++	uint8_t kgkey[IPMI_KG_BUFFER_SIZE];
++	struct ipmi_rs *rsp;
++	struct ipmi_rq req;
++	struct set_channel_security_keys_req req_data;
++	int rc = -1;
++	
++	/* convert provided key to array of bytes */
++	if (strcmp(method, "hex") == 0) {
++		if (strlen(key) > (IPMI_KG_BUFFER_SIZE-1)*2) {
++			lprintf(LOG_ERR, "Provided key is too long, max. length is %d bytes", (IPMI_KG_BUFFER_SIZE-1));
++			printf_channel_usage();
++			return -1;
++		}
++
++		rc = ipmi_parse_hex(key, kgkey, sizeof(kgkey)-1);
++		if (rc == -1) {
++			lprintf(LOG_ERR, "Number of Kg key characters is not even");
++			return rc;
++		} else if (rc == -3) {
++			lprintf(LOG_ERR, "Kg key is not hexadecimal number");
++			return rc;
++		} else if (rc > (IPMI_KG_BUFFER_SIZE-1)) {
++			lprintf(LOG_ERR, "Kg key is too long");
++			return rc;
++		}
++		
++	} else if (strcmp(method, "plain") == 0) {
++		if (strlen(key) > IPMI_KG_BUFFER_SIZE-1) {
++			lprintf(LOG_ERR, "Provided key is too long, max. length is %d bytes", (IPMI_KG_BUFFER_SIZE -1));
++			printf_channel_usage();
++			return rc;
++		}
++		
++		strncpy(kgkey, key, IPMI_KG_BUFFER_SIZE-1);
++	} else {
++		printf_channel_usage();
++		return rc;
++	}
++	
++	/* assemble and send request to set kg key */
++	memset(&req_data, 0, sizeof(req_data));
++	req_data.channel = channel;
++	req_data.operation = IPMI_SET_CHANNEL_SECURITY_KEYS_OP_SET;
++	req_data.key_id = IPMI_KG_KEY_ID;
++	memcpy(req_data.key_value, kgkey, IPMI_KG_BUFFER_SIZE-1);
++	
++	memset(&req, 0, sizeof(req));
++	req.msg.netfn = IPMI_NETFN_APP;
++	req.msg.cmd = IPMI_SET_CHANNEL_SECURITY_KEYS;
++	req.msg.data = (uint8_t*) &req_data;
++	req.msg.data_len = sizeof(req_data);
++
++	rsp = intf->sendrecv(intf, &req);
++	if (rsp == NULL) {
++		lprintf(LOG_ERR, "Set Channel Security Keys command failed");
++		return rc;
++	}
++	if (rsp->ccode > 0) {
++		const char *error = NULL;
++		switch (rsp->ccode) {
++		case 0x80:
++			error = "Key is locked";
++			break;
++		case 0x81:
++			error = "Insufficient key bytes";
++			break;
++		case 0x82:
++			error = "Too many key bytes";
++			break;
++		case 0x83:
++			error = "Key value does not meet criteria for K_g key";
++			break;
++		default:
++			error = val2str(rsp->ccode, completion_code_vals);
++		}
++		lprintf(LOG_ERR, "Error setting security key: %X (%s)", rsp->ccode, error);
++		return rc;
++	}
++	
++	lprintf(LOG_NOTICE, "Set Channel Security Keys command succeeded");
++	return 0;
++}
++
+ int
+ ipmi_channel_main(struct ipmi_intf *intf, int argc, char **argv)
+ {
+@@ -890,6 +976,19 @@ ipmi_channel_main(struct ipmi_intf *intf
+ 		retval = ipmi_get_channel_cipher_suites(intf,
+ 							argv[1], /* ipmi | sol */
+ 							channel);
++	} else if (strncmp(argv[0], "setkg", 5) == 0) {
++		if (argc < 3 || argc > 4)
++			printf_channel_usage();
++		else {
++			uint8_t ch = 0xe;
++			char *method = argv[1];
++			char *key = argv[2];
++			if (argc == 4) {
++				ch = (uint8_t)strtol(argv[3], NULL, 0);
++			}
++				
++			retval = ipmi_set_channel_security_keys(intf, ch, method, key);
++		}
+ 	} else {
+ 		lprintf(LOG_ERR, "Invalid CHANNEL command: %s\n", argv[0]);
+ 		printf_channel_usage();
+@@ -916,6 +1015,10 @@ printf_channel_usage()
+ 	lprintf(LOG_NOTICE,
+ "");
+ 	lprintf(LOG_NOTICE,
++"                  setkg hex|plain <key> [channel]");
++	lprintf(LOG_NOTICE,
++"");
++	lprintf(LOG_NOTICE,
+ "Possible privilege levels are:");
+ 	lprintf(LOG_NOTICE,
+ "   1   Callback level");
+diff -urNp old/src/plugins/ipmi_intf.c new/src/plugins/ipmi_intf.c
+--- old/src/plugins/ipmi_intf.c	2017-02-06 10:20:02.257501584 +0100
++++ new/src/plugins/ipmi_intf.c	2017-02-06 10:42:12.585257810 +0100
+@@ -55,6 +55,7 @@
+ #include <ipmitool/ipmi.h>
+ #include <ipmitool/ipmi_sdr.h>
+ #include <ipmitool/log.h>
++#include <ipmitool/helper.h>
+ 
+ #define IPMI_DEFAULT_PAYLOAD_SIZE   25
+ 
diff --git a/ipmitool/0004-slowswid.patch b/ipmitool/0004-slowswid.patch
new file mode 100644
index 0000000..c5f91b7
--- /dev/null
+++ b/ipmitool/0004-slowswid.patch
@@ -0,0 +1,16 @@
+diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c
+index fa7b082..9bc5ac2 100644
+--- a/lib/ipmi_sdr.c
++++ b/lib/ipmi_sdr.c
+@@ -572,6 +572,8 @@ ipmi_sdr_get_sensor_reading_ipmb(struct ipmi_intf *intf, uint8_t sensor,
+ 	uint32_t save_addr;
+ 	uint32_t save_channel;
+ 
++	if (target == (uint8_t) 0xb1)
++		return ipmi_sdr_get_sensor_reading(intf, sensor);
+ 	if ( BRIDGE_TO_SENSOR(intf, target, channel) ) {
+ 		lprintf(LOG_DEBUG,
+ 			"Bridge to Sensor "
+-- 
+2.1.0
+
diff --git a/ipmitool/0005-sensor-id-length.patch b/ipmitool/0005-sensor-id-length.patch
new file mode 100644
index 0000000..0cb8313
--- /dev/null
+++ b/ipmitool/0005-sensor-id-length.patch
@@ -0,0 +1,16 @@
+diff --git a/include/ipmitool/ipmi_sdr.h b/include/ipmitool/ipmi_sdr.h
+index ccf0cf0..47d3949 100644
+--- a/include/ipmitool/ipmi_sdr.h
++++ b/include/ipmitool/ipmi_sdr.h
+@@ -819,7 +819,7 @@ static const char *sensor_type_desc[] __attribute__ ((unused)) = {
+ 	    "Version Change", "FRU State" };
+ 
+ struct sensor_reading {
+-	char		s_id[17];		/* name of the sensor */
++	char		s_id[33];		/* name of the sensor */
+ 	struct sdr_record_full_sensor    *full;
+ 	struct sdr_record_compact_sensor *compact;
+ 	uint8_t		s_reading_valid;	/* read value valididity */
+-- 
+2.1.0
+
diff --git a/ipmitool/0006-enable-usb.patch b/ipmitool/0006-enable-usb.patch
new file mode 100644
index 0000000..d3bfba5
--- /dev/null
+++ b/ipmitool/0006-enable-usb.patch
@@ -0,0 +1,21 @@
+diff -urNp old/configure.ac new/configure.ac
+--- old/configure.ac	2017-02-02 14:20:33.230784269 +0100
++++ new/configure.ac	2017-02-02 14:22:53.528510336 +0100
+@@ -63,7 +63,7 @@ xenable_intf_imb=yes
+ xenable_intf_lipmi=yes
+ xenable_intf_open=yes
+ #xenable_intf_serial=yes
+-xenable_intf_usb=no
++xenable_intf_usb=yes
+ xenable_ipmishell=yes
+ 
+ dnl set some things so we build with GNU tools on Solaris
+@@ -209,7 +209,7 @@ fi
+ dnl enable IPMI USB interface
+ AC_ARG_ENABLE([intf-usb],
+ 	[AC_HELP_STRING([--enable-intf-usb],
+-			[enable IPMI USB interface [default=auto]])],
++			[enable IPMI USB interface [default=yes]])],
+ 		[xenable_intf_usb=$enableval],
+ 		[xenable_intf_usb=$xenable_intf_usb])
+ if test "x$xenable_intf_usb" = "xstatic" || test "x$xenable_intf_usb" = "xplugin"; then
diff --git a/ipmitool/0007-check-input.patch b/ipmitool/0007-check-input.patch
new file mode 100644
index 0000000..030fd2a
--- /dev/null
+++ b/ipmitool/0007-check-input.patch
@@ -0,0 +1,41 @@
+diff -urNp old/doc/ipmitool.1 new/doc/ipmitool.1
+--- old/doc/ipmitool.1	2017-10-03 16:10:50.446539988 +0200
++++ new/doc/ipmitool.1	2017-10-03 16:16:37.039673239 +0200
+@@ -3170,13 +3170,14 @@ SOL configuration data for the currently
+ 
+ Enable, disable or show status of SOL payload for the user on the specified channel. 
+ .TP 
+-\fIset\fP <\fBparameter\fR> <\fBvalue\fR> [<\fBchannel\fR>]
++\fIset\fP <\fBparameter\fR> <\fBvalue\fR> [<\fBchannel\fR>] [\fBnoguard\fR]
+ .br 
+ 
+ Configure parameters for Serial Over Lan.  If no channel is given,
+ it will display SOL configuration data for the currently used
+ channel.  Configuration parameter updates are automatically guarded
+-with the updates to the set\-in\-progress parameter.
++with the updates to the set\-in\-progress parameter, unless \fInoguard\fR
++parameter is present.
+ .RS
+ .TP 
+ Valid parameters and values are:
+diff -urNp old/lib/ipmi_sol.c new/lib/ipmi_sol.c
+--- old/lib/ipmi_sol.c	2017-10-03 16:10:50.447539996 +0200
++++ new/lib/ipmi_sol.c	2017-10-03 16:18:37.079006949 +0200
+@@ -1875,7 +1875,7 @@ static void
+ print_sol_usage(void)
+ {
+ 	lprintf(LOG_NOTICE, "SOL Commands: info [<channel number>]");
+-	lprintf(LOG_NOTICE, "              set <parameter> <value> [channel]");
++	lprintf(LOG_NOTICE, "              set <parameter> <value> [channel] [noguard]");
+ 	lprintf(LOG_NOTICE, "              payload <enable|disable|status> [channel] [userid]");
+ 	lprintf(LOG_NOTICE, "              activate [<usesolkeepalive|nokeepalive>] [instance=<number>]");
+ 	lprintf(LOG_NOTICE, "              deactivate [instance=<number>]");
+@@ -1890,6 +1890,8 @@ print_sol_usage(void)
+ static void
+ print_sol_set_usage(void)
+ {
++	lprintf(LOG_NOTICE, "\nSOL set usage: \n");
++	lprintf(LOG_NOTICE, "  sol set <parameter> <value> [channel] [noguard]\n");
+ 	lprintf(LOG_NOTICE, "\nSOL set parameters and values: \n");
+   	lprintf(LOG_NOTICE, "  set-in-progress             set-complete | "
+ 		"set-in-progress | commit-write");