From 1488723a119736ed6401476ebe58afe5ba9953d4 Mon Sep 17 00:00:00 2001
From: Gary Lockyer <gary@catalyst.net.nz>
Date: Tue, 10 Apr 2018 06:44:00 +1200
Subject: auth: Add unique session GUID identifier

Generate a GUID for each successful authorization, this will allow the
tying of events in the logs back to a specific session.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 librpc/idl/auth.idl      | 7 +++++++
 source3/auth/auth_util.c | 6 ++++++
 source4/auth/session.c   | 2 ++
 3 files changed, 15 insertions(+)

diff --git a/librpc/idl/auth.idl b/librpc/idl/auth.idl
index 6cc7dcf0d8a..d26f57579a3 100644
--- a/librpc/idl/auth.idl
+++ b/librpc/idl/auth.idl
@@ -105,6 +105,13 @@ interface auth
 		[noprint] DATA_BLOB session_key;
 
 		[value(NULL), ignore] cli_credentials *credentials;
+
+	        /*
+		 * It is really handy to have our authorization code log a
+		 * token that can be used to tie later requests togeather.
+		 * We generate this in auth_generate_session_info()
+		 */
+	        GUID unique_session_token;
 	} auth_session_info;
 
 	typedef [public] struct {
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 3b951e7fa0a..24d1e37e9cb 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -488,6 +488,8 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
 			return NT_STATUS_NO_MEMORY;
 		}
 
+		session_info->unique_session_token = GUID_random();
+
 		*session_info_out = session_info;
 		return NT_STATUS_OK;
 	}
@@ -658,6 +660,8 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
 		return status;
 	}
 
+	session_info->unique_session_token = GUID_random();
+
 	*session_info_out = session_info;
 	return NT_STATUS_OK;
 }
@@ -1209,6 +1213,8 @@ done:
 		return status;
 	}
 
+	session_info->unique_session_token = GUID_random();
+	
 	*session_info_out = talloc_move(mem_ctx, &session_info);
 	TALLOC_FREE(frame);
 	return NT_STATUS_OK;
diff --git a/source4/auth/session.c b/source4/auth/session.c
index 982d51d65e9..c27d27398bb 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -220,6 +220,8 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
 		return nt_status;
 	}
 
+	session_info->unique_session_token = GUID_random();
+
 	session_info->credentials = NULL;
 
 	talloc_steal(mem_ctx, session_info);
-- 
cgit v1.2.1