Have IPMI more decisively quite should the password be incorrect. Hypothetically a DoS could be aimed at the client, but that's much less likely.
git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/branches/2.7@14248 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
parent
4106dec47e
commit
8c19948f3b
@ -21,6 +21,7 @@ use constant STATE_OPENSESSION=>1;
|
||||
use constant STATE_EXPECTINGRAKP2=>2;
|
||||
use constant STATE_EXPECTINGRAKP4=>3;
|
||||
use constant STATE_ESTABLISHED=>4;
|
||||
use constant STATE_FAILED=>4;
|
||||
#my $ipmidbg;
|
||||
#open($ipmidbg,">","/tmp/ipmidbg");
|
||||
#sub dprint {
|
||||
@ -469,6 +470,8 @@ sub timedout {
|
||||
$self->{ipmicallback}->($rsp,$self->{ipmicallback_args});
|
||||
$self->{nowait}=0;
|
||||
return;
|
||||
} elsif ($self->{sessionestablishmentcontext} == STATE_FAILED) {
|
||||
return;
|
||||
}
|
||||
if ($self->{sessionestablishmentcontext} == STATE_OPENSESSION) { #in this particular case, we want to craft a new rmcp session request with a new client side session id, to aid in distinguishing retry from new
|
||||
$self->open_rmcpplus_request();
|
||||
@ -797,6 +800,7 @@ sub got_rakp2 {
|
||||
my @expectedhash = (unpack("C*",hmac_sha1($hmacdata,$self->{password})));
|
||||
foreach (0..(scalar(@expectedhash)-1)) {
|
||||
if ($expectedhash[$_] != $data[$_]) {
|
||||
$self->{sessionestablishmentcontext}=STATE_FAILED;
|
||||
$self->{onlogon}->("ERROR: Incorrect password provided",$self->{onlogon_args});
|
||||
return 9;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user