cmc-proxy: logout properly to prevent session exhaustion

Multiple calls to GetKVMData in a short timespan would make iDRAC refuse all authentications because of dangling sessions... (and 5 concurrent sessions limit)
2019-02-10 15:31:48 +01:00 · 2019-02-10 15:31:48 +01:00 · 11603cb9fd
parent 1e565dc4a5
commit 11603cb9fd
1 changed files with 26 additions and 0 deletions
--- a/go/svc/cmc-proxy/client.go
+++ b/go/svc/cmc-proxy/client.go
@ -175,6 +175,7 @@ func (c *cmcClient) getiDRACURL(slot int) (string, error) {
 	loc, _ := resp.Location()

 	if !strings.Contains(loc.String(), "cmc_sess_id") {
+		c.logout()
 		c.session = ""
 		return "", fmt.Errorf("redirect URL contains no session ID - session timed out?")
 	}
@ -272,6 +273,31 @@ func (c *cmcClient) getiDRACJNLP(loginUrl string) (*KVMDetails, error) {
 		res.arguments = append(res.arguments, string(match[1]))
 	}

+	logoutURL := *lurl
+	logoutURL.Path = "/Applications/dellUI/RPC/WEBSES/logout.asp"
+	logoutURL.RawQuery = ""
+
+	req, err = http.NewRequest("GET", logoutURL.String(), nil)
+	for _, cookie := range resp.Cookies() {
+		req.AddCookie(cookie)
+	}
+	req.AddCookie(&http.Cookie{Name: "SessionCookie", Value: sessionCookie})
+	req.AddCookie(&http.Cookie{Name: "SessionCookieUser", Value: "cmc"})
+	req.AddCookie(&http.Cookie{Name: "IPMIPriv", Value: ipmiPriv})
+	req.AddCookie(&http.Cookie{Name: "ExtPriv", Value: extPriv})
+	req.AddCookie(&http.Cookie{Name: "SystemModel", Value: systemModel})
+
+	resp, err = cl.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	data, err = ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+
 	return res, nil
 }