On 08/28/2013 09:07 AM, Nikita Yushchenko wrote: > Hi > > I'm trying to handle 'invalid user' and 'invalid password' errors in > openipmi-based application. > > I've found how I can detect 'invalid user'.In this case, error passed to > connection callback is either 0x1000081 or 0x200000d, depending on if > RMCP+ is used or not. First originates from 0x81 completion code returned > by Get Session Channenge command, and second is RMCP 'unauthorized name' > error. > > However, for 'invalid password' situation is worse. > Without RMCP+, there is just timeout. Perhaps hardware issue.
As Albert mentioned, most BMCs will just drop packets without proper authentication. > With RMCP+, there is EINVAL, originatiing from > > if (memcmp(data+40, integ_data, rinfo->key_len) != 0) > return EINVAL; > > in rakp_hmac_c2(). > > I suggest to replace this EINVAL with something other, to let application > detect and handle invalid login credentials. Maybe EACCES, or some > specific error code. > > > Other very questionable EINVAL is where ''Requested authentication not > supported' message is logged in auth_cap_done(). Some better value could > be returned here, maybe ENOTSUP. > > What do you think? I'm fine with changing both of these. -corey > > Nikita ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk _______________________________________________ Openipmi-developer mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openipmi-developer
