From 49dbd380477f9987d2511ca3111af50f2bdd2859 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sun, 6 May 2012 21:09:47 +0200 Subject: s4:smb_server/smb: only create a new session with vuid == 0 metze --- source4/smb_server/session.c | 9 +++------ source4/smb_server/smb/sesssetup.c | 12 +++++++++--- source4/smb_server/smb2/sesssetup.c | 5 +++++ 3 files changed, 17 insertions(+), 9 deletions(-) diff --git a/source4/smb_server/session.c b/source4/smb_server/session.c index 3cb6576041..aa8d752fde 100644 --- a/source4/smb_server/session.c +++ b/source4/smb_server/session.c @@ -85,12 +85,9 @@ struct smbsrv_session *smbsrv_session_find_sesssetup(struct smbsrv_connection *s p = idr_find(smb_conn->sessions.idtree_vuid, vuid); if (!p) return NULL; - /* only return an unfinished session */ - sess = talloc_get_type(p, struct smbsrv_session); - if (sess && !sess->session_info) { - return sess; - } - return NULL; + sess = talloc_get_type_abort(p, struct smbsrv_session); + + return sess; } /* diff --git a/source4/smb_server/smb/sesssetup.c b/source4/smb_server/smb/sesssetup.c index 57460fa72d..b26c1281dd 100644 --- a/source4/smb_server/smb/sesssetup.c +++ b/source4/smb_server/smb/sesssetup.c @@ -435,8 +435,7 @@ static void sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup *se vuid = SVAL(req->in.hdr,HDR_UID); /* lookup an existing session */ - smb_sess = smbsrv_session_find_sesssetup(req->smb_conn, vuid); - if (!smb_sess) { + if (vuid == 0) { struct gensec_security *gensec_ctx; status = samba_server_gensec_start(req, @@ -466,10 +465,17 @@ static void sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup *se status = NT_STATUS_INSUFFICIENT_RESOURCES; goto failed; } + } else { + smb_sess = smbsrv_session_find_sesssetup(req->smb_conn, vuid); } if (!smb_sess) { - status = NT_STATUS_ACCESS_DENIED; + status = NT_STATUS_DOS(ERRSRV, ERRbaduid); + goto failed; + } + + if (smb_sess->session_info) { + status = NT_STATUS_INVALID_PARAMETER; goto failed; } diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 41f629b978..35a1484030 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -167,6 +167,11 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses } if (!smb_sess) { + status = NT_STATUS_USER_SESSION_DELETED; + goto failed; + } + + if (smb_sess->session_info) { /* see WSPP test suite - test 11 */ status = NT_STATUS_REQUEST_NOT_ACCEPTED; goto failed; -- cgit