cmc-proxy: logout properly to prevent session exhaustion
Multiple calls to GetKVMData in a short timespan would make iDRAC refuse
all authentications because of dangling sessions... (and 5 concurrent
sessions limit)
diff --git a/go/svc/cmc-proxy/client.go b/go/svc/cmc-proxy/client.go
index 2735dbb..345a7b4 100644
--- a/go/svc/cmc-proxy/client.go
+++ b/go/svc/cmc-proxy/client.go
@@ -175,6 +175,7 @@
loc, _ := resp.Location()
if !strings.Contains(loc.String(), "cmc_sess_id") {
+ c.logout()
c.session = ""
return "", fmt.Errorf("redirect URL contains no session ID - session timed out?")
}
@@ -272,6 +273,31 @@
res.arguments = append(res.arguments, string(match[1]))
}
+ logoutURL := *lurl
+ logoutURL.Path = "/Applications/dellUI/RPC/WEBSES/logout.asp"
+ logoutURL.RawQuery = ""
+
+ req, err = http.NewRequest("GET", logoutURL.String(), nil)
+ for _, cookie := range resp.Cookies() {
+ req.AddCookie(cookie)
+ }
+ req.AddCookie(&http.Cookie{Name: "SessionCookie", Value: sessionCookie})
+ req.AddCookie(&http.Cookie{Name: "SessionCookieUser", Value: "cmc"})
+ req.AddCookie(&http.Cookie{Name: "IPMIPriv", Value: ipmiPriv})
+ req.AddCookie(&http.Cookie{Name: "ExtPriv", Value: extPriv})
+ req.AddCookie(&http.Cookie{Name: "SystemModel", Value: systemModel})
+
+ resp, err = cl.Do(req)
+ if err != nil {
+ return nil, err
+ }
+ defer resp.Body.Close()
+
+ data, err = ioutil.ReadAll(resp.Body)
+ if err != nil {
+ return nil, err
+ }
+
return res, nil
}