From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 3 Jul 2023 13:10:08 +0000 (+0200)
Subject: s3:utils: let connections_forall_read() report if the session was authenticated
X-Git-Tag: ldb-2.8.1~73
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8cc6ccb54a37680aa8a1f91b2ca871a405daf59d;p=thirdparty%2Fsamba.git

s3:utils: let connections_forall_read() report if the session was authenticated

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit 5089d8550640f72b1e0373f8ac321378ccaa8bd5)
---

diff --git a/source3/utils/conn_tdb.c b/source3/utils/conn_tdb.c
index 2689f71068a..3f4ef00ae4f 100644
--- a/source3/utils/conn_tdb.c
+++ b/source3/utils/conn_tdb.c
@@ -27,6 +27,7 @@
 #include "conn_tdb.h"
 #include "util_tdb.h"
 #include "lib/util/string_wrappers.h"
+#include "../libcli/security/session.h"
 
 struct connections_forall_state {
 	struct db_context *session_by_pid;
@@ -44,6 +45,7 @@ struct connections_forall_session {
 	uint16_t cipher;
 	uint16_t dialect;
 	uint16_t signing;
+	bool authenticated;
 };
 
 static int collect_sessions_fn(struct smbXsrv_session_global0 *global,
@@ -55,6 +57,7 @@ static int collect_sessions_fn(struct smbXsrv_session_global0 *global,
 
 	uint32_t id = global->session_global_id;
 	struct connections_forall_session sess;
+	enum security_user_level ul;
 
 	if (global->auth_session_info == NULL) {
 		sess.uid = -1;
@@ -68,6 +71,12 @@ static int collect_sessions_fn(struct smbXsrv_session_global0 *global,
 	sess.cipher = global->channels[0].encryption_cipher;
 	sess.signing = global->channels[0].signing_algo;
 	sess.dialect = global->connection_dialect;
+	ul = security_session_user_level(global->auth_session_info, NULL);
+	if (ul >= SECURITY_USER) {
+		sess.authenticated = true;
+	} else {
+		sess.authenticated = false;
+	}
 
 	status = dbwrap_store(state->session_by_pid,
 			      make_tdb_data((void*)&id, sizeof(id)),
@@ -132,6 +141,7 @@ static int traverse_tcon_fn(struct smbXsrv_tcon_global0 *global,
 	data.dialect = sess.dialect;
 	data.signing = sess.signing;
 	data.signing_flags = global->signing_flags;
+	data.authenticated = sess.authenticated;
 
 	state->count++;
 
diff --git a/source3/utils/conn_tdb.h b/source3/utils/conn_tdb.h
index 2a6e04e0a82..23a5e214ff2 100644
--- a/source3/utils/conn_tdb.h
+++ b/source3/utils/conn_tdb.h
@@ -36,6 +36,7 @@ struct connections_data {
 	uint16_t dialect;
 	uint8_t signing_flags;
 	uint16_t signing;
+	bool authenticated;
 };
 
 /* The following definitions come from lib/conn_tdb.c  */