infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Correct the use of auth.logout and make some other items more consistent 

git-svn-id: file:///home/svn/framework3/trunk@14105 4d416f70-5f16-0410-b530-b9f4589650da
unstable
HD Moore 2011-10-28 22:47:26 +00:00
parent 45d8c91929
commit e4695b21ec
1 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/msf/core/rpc/v10/rpc_auth.rb
View File

@ -10,7 +10,6 @@ begin
rescue ::LoadError rescue ::LoadError
end end
def rpc_login_noauth(user,pass) def rpc_login_noauth(user,pass)
# handle authentication here # handle authentication here
@ -27,18 +26,18 @@ end
error(401, "Login Failed") if fail error(401, "Login Failed") if fail
token = "TEMP" + Rex::Text.rand_text_alphanumeric(28) token = "TEMP" + Rex::Text.rand_text_alphanumeric(28)
self.tokens[token] = [user, Time.now.to_i, Time.now.to_i] self.service.tokens[token] = [user, Time.now.to_i, Time.now.to_i]
{ "result" => "success", "token" => token } { "result" => "success", "token" => token }
end end
def rpc_logout(token) def rpc_logout(token)
found = self.tokens[token] found = self.service.tokens[token]
error("500", "Invalid Authentication Token") error("500", "Invalid Authentication Token") if not found
error("500", "Permanent Authentication Token") if found[3] == true
# Delete the token if its not marked as permanent # Delete the token if its not marked as permanent
if found and found[3] != true self.service.tokens.delete(token)
self.tokens.delete(token)
end
{ "result" => "success" } { "result" => "success" }
end end
@ -88,7 +87,7 @@ end
end end
if not db if not db
token = "TEMP" + Rex::Text.rand_text_alphanumeric(28) token = "TEMP" + Rex::Text.rand_text_numeric(28)
self.service.tokens[token] = [nil, nil, nil, true] self.service.tokens[token] = [nil, nil, nil, true]
end end