From 15f6241aeba158bb735539e707e7af5f2ba27f42 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 20 Jun 2014 14:43:46 -0400 Subject: [PATCH] Improve robustness in downgrade of session privilege --- xCAT-server/lib/perl/xCAT/IPMI.pm | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/xCAT-server/lib/perl/xCAT/IPMI.pm b/xCAT-server/lib/perl/xCAT/IPMI.pm index 1af8ce35a..7abd6d738 100644 --- a/xCAT-server/lib/perl/xCAT/IPMI.pm +++ b/xCAT-server/lib/perl/xCAT/IPMI.pm @@ -320,6 +320,14 @@ sub admin_level_set { 0x82 => "Cannot disable User Level authentication", ); my $code = $rsp->{code}; + if (($code == 0x80 or $code == 0x81) and $self->{privlevel} == 4) { + $self->{privlevel} = 3; + $self->{logged}=1; + $self->logout(); + $self->relog(); + return; + } + if ($code) { my $errtxt = sprintf("ERROR: Failed requesting administrator privilege %02xh",$code); if ($localcodes{$code}) { @@ -710,6 +718,8 @@ sub send_rakp1 { } sub init { my $self = shift; + $self->{confalgo} = undef; + $self->{integrityalgo}=undef; $self->{sessionestablishmentcontext} = 0; $self->{'sequencenumber'} = 0; #init sequence number $self->{'sequencenumberbytes'} = [0,0,0,0]; #init sequence number @@ -817,7 +827,7 @@ sub got_rakp2 { } $byte = shift @data; unless ($byte == 0x00) { - if ($byte == 0x9 and $self->{privlevel} == 4) { + if (($byte == 0x9 or $byte == 0xd) and $self->{privlevel} == 4) { # this is probably an environment that wants to give us only operator # try to connect again at 3. $self->{privlevel} = 3;