Merge pull request #364 from bmc-toolbox/smc-nocsrf

Supermicro no CSRF

providers/supermicro/firmware.go

@@ -28,7 +28,6 @@ var (
 		"X12STH-SYS",
 	}
 
-	errUnexpectedModel      = errors.New("unexpected device model")
 	errUploadTaskIDExpected = errors.New("expected an firmware upload taskID")
 )
 

providers/supermicro/floppy.go

@@ -50,18 +50,23 @@ func (c *Client) MountFloppyImage(ctx context.Context, image io.Reader) error {
 
 	var payloadBuffer bytes.Buffer
 
-	formParts := []struct {
+	type form struct {
 		name string
 		data io.Reader
-	}{
+	}
+
+	formParts := []form{
 		{
 			name: "img_file",
 			data: image,
 		},
-		{
+	}
+
+	if c.serviceClient.csrfToken != "" {
+		formParts = append(formParts, form{
 			name: "csrf-token",
 			data: bytes.NewBufferString(c.serviceClient.csrfToken),
-		},
+		})
 	}
 
 	payloadWriter := multipart.NewWriter(&payloadBuffer)

providers/supermicro/supermicro.go

@@ -45,6 +45,7 @@ var (
 		providers.FeatureFirmwareUpload,
 		providers.FeatureFirmwareInstallUploaded,
 		providers.FeatureFirmwareTaskStatus,
+		providers.FeatureFirmwareInstallSteps,
 	}
 )
 
@@ -168,12 +169,12 @@ func (c *Client) Open(ctx context.Context) (err error) {
 		return errors.Wrap(bmclibErrs.ErrLoginFailed, strconv.Itoa(status))
 	}
 
-	token := parseToken(contentsTopMenu)
-	if token == "" {
-		return errors.Wrap(bmclibErrs.ErrLoginFailed, "could not parse CSRF-TOKEN from page")
-	}
-
-	c.serviceClient.setCsrfToken(token)
+	// Note: older firmware version on the X11s don't use a CSRF token
+	// so here theres no explicit requirement for it to be found.
+	//
+	// X11DPH-T 01.71.11 10/25/2019
+	csrfToken := parseToken(contentsTopMenu)
+	c.serviceClient.setCsrfToken(csrfToken)
 
 	c.bmc, err = c.bmcQueryor(ctx)
 	if err != nil {
@@ -246,7 +247,7 @@ func parseToken(body []byte) string {
 		return ""
 	}
 
-	re, err := regexp.Compile(`"CSRF_TOKEN", "(?P<token>.*)"`)
+	re, err := regexp.Compile(fmt.Sprintf(`"%s", "(?P<token>.*)"`, key))
 	if err != nil {
 		return ""
 	}

providers/supermicro/supermicro_test.go

@@ -50,6 +50,11 @@ func TestParseToken(t *testing.T) {
 			[]byte(`<script>SmcCsrfInsert ("CSRF_TOKEN", "RYjdEjWIhU+PCRFMBP2ZRPPePcQ4n3dM3s+rCgTnBBU");</script></body>`),
 			"RYjdEjWIhU+PCRFMBP2ZRPPePcQ4n3dM3s+rCgTnBBU",
 		},
+		{
+			"token with key type 5 found",
+			[]byte(`<script>SmcCsrfInsert ("CSRF-TOKEN", "RYjdEjWIhU+PCRFMBP2ZRPPePcQ4n3dM3s+rCgTnBBU");</script></body>`),
+			"RYjdEjWIhU+PCRFMBP2ZRPPePcQ4n3dM3s+rCgTnBBU",
+		},
 	}
 
 	for _, tc := range testcases {

providers/supermicro/x11_firmware_bios.go

@@ -195,18 +195,23 @@ func (c *x11) uploadBIOSFirmware(ctx context.Context, fwReader io.Reader) error
 	var payloadBuffer bytes.Buffer
 	var err error
 
-	formParts := []struct {
+	type form struct {
 		name string
 		data io.Reader
-	}{
+	}
+
+	formParts := []form{
 		{
 			name: "bios_rom",
 			data: fwReader,
 		},
-		{
+	}
+
+	if c.csrfToken != "" {
+		formParts = append(formParts, form{
 			name: "csrf-token",
 			data: bytes.NewBufferString(c.csrfToken),
-		},
+		})
 	}
 
 	payloadWriter := multipart.NewWriter(&payloadBuffer)

providers/supermicro/x11_firmware_bmc.go

@@ -106,18 +106,23 @@ func (c *x11) uploadBMCFirmware(ctx context.Context, fwReader io.Reader) error {
 	var payloadBuffer bytes.Buffer
 	var err error
 
-	formParts := []struct {
+	type form struct {
 		name string
 		data io.Reader
-	}{
+	}
+
+	formParts := []form{
 		{
 			name: "fw_image",
 			data: fwReader,
 		},
-		{
+	}
+
+	if c.csrfToken != "" {
+		formParts = append(formParts, form{
 			name: "csrf-token",
 			data: bytes.NewBufferString(c.csrfToken),
-		},
+		})
 	}
 
 	payloadWriter := multipart.NewWriter(&payloadBuffer)