diff options
| author | Stefan Metzmacher <metze@samba.org> | 2020-07-01 18:02:16 +0200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2020-07-08 15:54:41 +0000 |
| commit | ecef3fe077d6a44659c7bb9d30dfcab61c64f0e8 (patch) | |
| tree | 2fb2e4de1719be5c5c17fc27b4b11434bbfc941c /source3 | |
| parent | 876a84493bb4c90edc01f49cdd332275383a8eb0 (diff) | |
| download | samba-ecef3fe077d6a44659c7bb9d30dfcab61c64f0e8.tar.gz | |
s3:smbd: make sure we detect stale smbXsrv_connection pointers in smbXsrv_session_auth0
Pointer values can be reused (yes, I hit that during my testing!).
Introduce a channel_id to identify connections and also add
some timestamps to make debugging easier.
This makes smbXsrv_session_find_auth() much more robust.
This is a similar change as 0cec96526bf4d3209caf36c4a19632ff5d5dd112:
"smb2_server: make sure we detect stale smbXsrv_connection pointers in smbXsrv_channel_global"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/librpc/idl/smbXsrv.idl | 1 | ||||
| -rw-r--r-- | source3/smbd/smbXsrv_session.c | 5 |
2 files changed, 6 insertions, 0 deletions
diff --git a/source3/librpc/idl/smbXsrv.idl b/source3/librpc/idl/smbXsrv.idl index 1ecc40fcaac..a74ac42b312 100644 --- a/source3/librpc/idl/smbXsrv.idl +++ b/source3/librpc/idl/smbXsrv.idl @@ -284,6 +284,7 @@ interface smbXsrv uint8 in_security_mode; NTTIME creation_time; NTTIME idle_time; + hyper channel_id; } smbXsrv_session_auth0; typedef struct { diff --git a/source3/smbd/smbXsrv_session.c b/source3/smbd/smbXsrv_session.c index 8eaa9fdcbab..c55a57885a5 100644 --- a/source3/smbd/smbXsrv_session.c +++ b/source3/smbd/smbXsrv_session.c @@ -1464,6 +1464,10 @@ NTSTATUS smbXsrv_session_find_auth(const struct smbXsrv_session *session, struct smbXsrv_session_auth0 *a; for (a = session->pending_auth; a != NULL; a = a->next) { + if (a->channel_id != conn->channel_id) { + continue; + } + if (a->connection == conn) { if (now != 0) { a->idle_time = now; @@ -1512,6 +1516,7 @@ NTSTATUS smbXsrv_session_create_auth(struct smbXsrv_session *session, a->in_security_mode = in_security_mode; a->creation_time = now; a->idle_time = now; + a->channel_id = conn->channel_id; if (conn->protocol >= PROTOCOL_SMB3_10) { a->preauth = talloc(a, struct smbXsrv_preauth); |