From: Ralph Boehme Date: Fri, 8 Nov 2024 07:38:05 +0000 (+0100) Subject: smbd: return EACCESS when Durable Handle is reconnected with different user X-Git-Tag: tevent-0.17.0~32 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ff9178b6b4ad2aff651e7897aed5cf4fe7e37c20;p=thirdparty%2Fsamba.git smbd: return EACCESS when Durable Handle is reconnected with different user MS-SMB2 3.3.5.9.7 Handling the SMB2_CREATE_DURABLE_HANDLE_RECONNECT Create Context 10. If the user represented by Session.SecurityContext is not the same user denoted by Open.DurableOwner, the server MUST fail the request with STATUS_ACCESS_DENIED and proceed as specified in "Failed Open Handling" BUG: https://bugzilla.samba.org/show_bug.cgi?id=11122 Signed-off-by: Ralph Boehme Reviewed-by: Stefan Metzmacher Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Fri Jun 6 17:15:45 UTC 2025 on atb-devel-224 --- diff --git a/selftest/knownfail.d/samba3.smb2.durable-open b/selftest/knownfail.d/samba3.smb2.durable-open deleted file mode 100644 index b6536e225f3..00000000000 --- a/selftest/knownfail.d/samba3.smb2.durable-open +++ /dev/null @@ -1 +0,0 @@ -^samba3.smb2.durable-open.reopen6\(nt4_dc\) diff --git a/source3/smbd/smbXsrv_open.c b/source3/smbd/smbXsrv_open.c index a2364137aaf..c939bbd39c3 100644 --- a/source3/smbd/smbXsrv_open.c +++ b/source3/smbd/smbXsrv_open.c @@ -1219,7 +1219,8 @@ static void smb2srv_open_recreate_fn( DBG_NOTICE("global owner %s not in our token in %s\n", dom_sid_str_buf(&global->open_owner, &buf), tdb_data_dbg(key)); - goto not_found; + state->status = NT_STATUS_ACCESS_DENIED; + return; } if (!global->durable) {