]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
smbd: add get_valid_smbXsrv_session()
authorRalph Boehme <slow@samba.org>
Mon, 6 Jan 2020 07:19:18 +0000 (08:19 +0100)
committerJeremy Allison <jra@samba.org>
Mon, 13 Jan 2020 19:41:35 +0000 (19:41 +0000)
In memory of get_valid_user_struct() and functionally equivalent it only returns
the session if session setup was successfully completed and
session->global->auth_session_info is valid.

This function is similar to smbXsrv_session_local_lookup() and it's wrappers,
but it doesn't implement the state checks of those. get_valid_smbXsrv_session()
is NOT meant to be called to validate the session wire-id of incoming SMB
requests, it MUST only be used in later internal processing where the session
wire-id has already been validated.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
source3/smbd/globals.h
source3/smbd/smbXsrv_session.c

index d91d174a776319c150b4b7f55e4d7663c16af25a..57300dd02ae49dbf53ccbfa840d25bb173b39181 100644 (file)
@@ -583,6 +583,9 @@ NTSTATUS smb2srv_session_lookup_conn(struct smbXsrv_connection *conn,
 NTSTATUS smb2srv_session_lookup_client(struct smbXsrv_client *client,
                                       uint64_t session_id, NTTIME now,
                                       struct smbXsrv_session **session);
+NTSTATUS get_valid_smbXsrv_session(struct smbXsrv_client *client,
+                                  uint64_t session_wire_id,
+                                  struct smbXsrv_session **session);
 struct smbXsrv_session_global0;
 NTSTATUS smbXsrv_session_global_traverse(
                        int (*fn)(struct smbXsrv_session_global0 *, void *),
index 14a2d6c8ca271cfd68b2690eec28f3a962e26035..b2d36d380be01e752552bd42fdd850be4c5703e4 100644 (file)
@@ -1895,6 +1895,60 @@ NTSTATUS smbXsrv_session_info_lookup(struct smbXsrv_client *client,
        return NT_STATUS_OK;
 }
 
+/*
+ * In memory of get_valid_user_struct()
+ *
+ * This function is similar to smbXsrv_session_local_lookup() and it's wrappers,
+ * but it doesn't implement the state checks of
+ * those. get_valid_smbXsrv_session() is NOT meant to be called to validate the
+ * session wire-id of incoming SMB requests, it MUST only be used in later
+ * internal processing where the session wire-id has already been validated.
+ */
+NTSTATUS get_valid_smbXsrv_session(struct smbXsrv_client *client,
+                                  uint64_t session_wire_id,
+                                  struct smbXsrv_session **session)
+{
+       struct smbXsrv_session_table *table = client->session_table;
+       uint8_t key_buf[SMBXSRV_SESSION_LOCAL_TDB_KEY_SIZE];
+       struct smbXsrv_session_local_fetch_state state = {
+               .session = NULL,
+               .status = NT_STATUS_INTERNAL_ERROR,
+       };
+       TDB_DATA key;
+       NTSTATUS status;
+
+       if (session_wire_id == 0) {
+               return NT_STATUS_USER_SESSION_DELETED;
+       }
+
+       if (table == NULL) {
+               /* this might happen before the end of negprot */
+               return NT_STATUS_USER_SESSION_DELETED;
+       }
+
+       if (table->local.db_ctx == NULL) {
+               return NT_STATUS_INTERNAL_ERROR;
+       }
+
+       key = smbXsrv_session_local_id_to_key(session_wire_id, key_buf);
+
+       status = dbwrap_parse_record(table->local.db_ctx, key,
+                                    smbXsrv_session_local_fetch_parser,
+                                    &state);
+       if (!NT_STATUS_IS_OK(status)) {
+               return status;
+       }
+       if (!NT_STATUS_IS_OK(state.status)) {
+               return state.status;
+       }
+       if (state.session->global->auth_session_info == NULL) {
+               return NT_STATUS_USER_SESSION_DELETED;
+       }
+
+       *session = state.session;
+       return NT_STATUS_OK;
+}
+
 NTSTATUS smb2srv_session_table_init(struct smbXsrv_connection *conn)
 {
        /*