From dc70043f70f08f0d6540c77e53d30c0ed6e58ad5 Mon Sep 17 00:00:00 2001 From: Stephen Soltesz Date: Mon, 12 Nov 2007 21:21:05 +0000 Subject: [PATCH] Adding subdirectories for remote commands to control ILO and DRAC cards over HTTPS. The iloxml should probably be a subdirectory of cmdhttps... --- README.txt | 22 ++++++- cmdhttps/locfg.pl | 132 ++++++++++++++++++++++++++++++++++++++++ iloxml/Get_Network.xml | 7 +++ iloxml/Reset_Server.xml | 48 +++++++++++++++ 4 files changed, 208 insertions(+), 1 deletion(-) create mode 100755 cmdhttps/locfg.pl create mode 100644 iloxml/Get_Network.xml create mode 100644 iloxml/Reset_Server.xml diff --git a/README.txt b/README.txt index 9c8cf4d..836e529 100644 --- a/README.txt +++ b/README.txt @@ -5,7 +5,7 @@ Dependencies versions of the command line tool. The RPM pulls in *ALOT* of stuff; probably easier to work with from the - source package, especially, since all that's needed is the command line + source package, especially since all that's needed is the command line tool. It has far fewer dependencies than the full RT package. * MySQL-python @@ -15,3 +15,23 @@ Dependencies * util/PHPSerializer/PHPUnserializer these are helper scripts for converting pickle objects into php serialize objects and back. + + * For iLO control over https, rather than SSH, you'll need the latest + linux-LO* tools from HP. Searching for LOCFG.PL and Linux should get you + a link. + + These required CPAN perl modules "Net::SSLeay" and "IO::Socket::SSL". + These will pull in a bunch of other dependencies... + + $ perl -MCPAN -e "install Net::SSLeay" + $ perl -MCPAN -e "install IO::Socket::SSL" + + I had to 'force install IO::Socket::SSL'... + + This mirror is reasonably fast: ftp://mirrors.ibiblio.org + + * For DRAC control over https rather than SSH + http://lanceerplaats.nl/PowerEdge/RAC/ + + $ perl -MCPAN -e "install Crypt::SSLeay" + diff --git a/cmdhttps/locfg.pl b/cmdhttps/locfg.pl new file mode 100755 index 0000000..0ff3529 --- /dev/null +++ b/cmdhttps/locfg.pl @@ -0,0 +1,132 @@ +#!/usr/bin/perl +########################################################################### +## +## Simplified perl version of CPQLOCFG +## Copyright 2003,2007 Hewlett Packard Development Company, L.P. +## +## To use this program, you must have Net::SSLeay and IO::Socket::SSL +## installed. You may obtain these modules from http://www.cpan.org/ +## +## You may use and modify this program to suit your needs. +## +########################################################################### + +use IO::Socket::SSL; +use Getopt::Long; + + +sub usage +{ + print "Usage:\n"; + print " locfg -s server [-l logfile] -f inputfile [-u username -p password]\n"; + print " Note: Use -u and -p with caution as command line options are\n"; + print " visible on Linux.\n"; + exit 0; +} + +sub usage_err +{ + print "Note:\n"; + print " Both username and password must be specified with the -u and -p switches.\n"; + print " Use -u and -p with caution as command line options are visible on Linux.\n"; + exit 0; +} +########################################################################### +## +## Process options +## +########################################################################### + +my $host, $logfile, $file, $verbose, $help, $uname, $pword; +$verbose = 0; +$r = GetOptions("server|s=s" => \$host, + "logfile|l=s" => \$logfile, + "input|f=s" => \$file, + "u=s" => \$uname, + "p=s" => \$pword, + "verbose" => \$verbose, + "help|?" => \$help + ); + +if ($help || !$host || !$file) { + usage(); +} + +# Username and Password must be entered together +if( ($uname && !($pword)) || (!($uname) && $pword) ) { + usage_err(); +} + +if ($logfile) { + # If a logfile is specified, open it and select it as the default + # filehandle + open(L, ">$logfile") || die "Can't open $logfile\n"; + select(L); +} + +# Set the default SSL port number if no port is specified +$host .= ":443" unless ($host =~ m/:/); + +# Open the SSL connection and the input file +my $client = new IO::Socket::SSL->new(PeerAddr => $host); +if (!$client) { + print "ERROR: Failed to establish SSL connection with $host.\n"; + exit 1; +} + +open(F, "<$file") || die "Can't open $file\n"; + +# Send the XML header and begin processing the file +print $client '' . "\r\n"; +while($ln=) { + # Chomp of any EOL characters + $ln =~ s/\r|\n//g; + + # Find LOGIN tag. + if ((($ln =~ ?<[ ]*LOGIN[ ]?) || ($ln =~ ?<[ ]*LOGIN$?)) && ($pword) && ($uname)) { + while( !($ln =~ m/\>/i) ) { + $ln = ; + } + print $client "\n"; + print "\n\n" if ($verbose); + # print "\nOverriding credentials in scripts with those from command line.\n" if ($verbose); + next; + } + + # Special case: UPDATE_RIB_FIRMWARE violates XML. Send the full + # UPDATE firmware tag followed by the binary firmware image + if ($ln =~ m/UPDATE_RIB_FIRMWARE/i) { + if ($ln =~ m/IMAGE_LOCATION=\"(.*)\"/i) { + $firmware = $1; + open(G, "<$firmware") || die "Can't open $firmware\n"; + $len = (stat(G))[7]; + print $client "\r\n\r\n"; + print "\r\n\r\n" if ($verbose); + $x = read(G, $buf, $len); + print "Read $x bytes from $firmware\n" if ($verbose); + $x = $client->write($buf, $x); + print "Wrote $x bytes\n" if ($verbose); + close(G); + next; + } + # print "\nError: syntax error detected in $ln\n" if ($verbose); + } + # Send the script to the iLO board + print $ln . "\n" if ($verbose); + print $client $ln . "\r\n" ; +} +close(F); + +print "----\n" if ($verbose); + +# Ok, now read the responses back from iLO +while($ln=<$client>) { + last if (length($ln) == 0); + + # This isn't really required, but it makes the output look nicer + $ln =~ s/<\/RIBCL>/<\/RIBCL>\n/g; + print $ln; +} + +# All done +exit 0; diff --git a/iloxml/Get_Network.xml b/iloxml/Get_Network.xml new file mode 100644 index 0000000..fc7ae7b --- /dev/null +++ b/iloxml/Get_Network.xml @@ -0,0 +1,7 @@ + + + + + + + diff --git a/iloxml/Reset_Server.xml b/iloxml/Reset_Server.xml new file mode 100644 index 0000000..707331c --- /dev/null +++ b/iloxml/Reset_Server.xml @@ -0,0 +1,48 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -- 2.43.0