git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 79ba530)
auth: Add unique session GUID identifier
authorGary Lockyer <gary@catalyst.net.nz>
Mon, 9 Apr 2018 18:44:00 +0000 (06:44 +1200)
committerAndrew Bartlett <abartlet@samba.org>
Thu, 10 May 2018 18:02:22 +0000 (20:02 +0200)
Generate a GUID for each successful authorization, this will allow the
tying of events in the logs back to a specific session.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
librpc/idl/auth.idl patch | blob | history
source3/auth/auth_util.c patch | blob | history
source4/auth/session.c patch | blob | history

diff --git a/librpc/idl/auth.idl b/librpc/idl/auth.idl
index 6cc7dcf0d8a0c3d2aa9fda8bc61821a21a96b0da..d26f57579a3b3f8c1c534e9e9462f5133f4a550e 100644 (file)
--- a/librpc/idl/auth.idl
+++ b/librpc/idl/auth.idl
@@ -105,6 +105,13 @@ interface auth
                [noprint] DATA_BLOB session_key;
 
                [value(NULL), ignore] cli_credentials *credentials;
+
+               /*
+                * It is really handy to have our authorization code log a
+                * token that can be used to tie later requests togeather.
+                * We generate this in auth_generate_session_info()
+                */
+               GUID unique_session_token;
        } auth_session_info;
 
        typedef [public] struct {
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 3b951e7fa0a6a2d1c9e3610801a887f899a5f5da..24d1e37e9cb3e8069500069abecf39516a503f5a 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -488,6 +488,8 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
                        return NT_STATUS_NO_MEMORY;
                }
 
+               session_info->unique_session_token = GUID_random();
+
                *session_info_out = session_info;
                return NT_STATUS_OK;
        }
@@ -658,6 +660,8 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
                return status;
        }
 
+       session_info->unique_session_token = GUID_random();
+
        *session_info_out = session_info;
        return NT_STATUS_OK;
 }
@@ -1209,6 +1213,8 @@ done:
                return status;
        }
 
+       session_info->unique_session_token = GUID_random();
+       
        *session_info_out = talloc_move(mem_ctx, &session_info);
        TALLOC_FREE(frame);
        return NT_STATUS_OK;
diff --git a/source4/auth/session.c b/source4/auth/session.c
index 982d51d65e922209479d184e73fd0305443c9b43..c27d27398bbdbd4906b84b88f3148e039cd3cb73 100644 (file)
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -220,6 +220,8 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
                return nt_status;
        }
 
+       session_info->unique_session_token = GUID_random();
+
        session_info->credentials = NULL;
 
        talloc_steal(mem_ctx, session_info);
Samba Shared Repository