2 Unix SMB/CIFS implementation.
4 Copyright (C) Stefan Metzmacher 2011-2012
5 Copyright (C) Michael Adam 2012
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "system/filesys.h"
24 #include "smbd/smbd.h"
25 #include "smbd/globals.h"
26 #include "dbwrap/dbwrap.h"
27 #include "dbwrap/dbwrap_rbt.h"
28 #include "dbwrap/dbwrap_open.h"
29 #include "dbwrap/dbwrap_watch.h"
32 #include "auth/gensec/gensec.h"
33 #include "../lib/tsocket/tsocket.h"
34 #include "../libcli/security/security.h"
36 #include "lib/util/util_tdb.h"
37 #include "librpc/gen_ndr/ndr_smbXsrv.h"
39 #include "lib/util/tevent_ntstatus.h"
41 struct smbXsrv_session_table {
43 struct db_context *db_ctx;
46 uint32_t max_sessions;
47 uint32_t num_sessions;
50 struct db_context *db_ctx;
54 static NTSTATUS smb2srv_session_lookup_raw(struct smbXsrv_session_table *table,
55 uint64_t session_id, NTTIME now,
56 struct smbXsrv_session **session);
58 static struct db_context *smbXsrv_session_global_db_ctx = NULL;
60 NTSTATUS smbXsrv_session_global_init(void)
62 char *global_path = NULL;
63 struct db_context *db_ctx = NULL;
65 if (smbXsrv_session_global_db_ctx != NULL) {
70 * This contains secret information like session keys!
72 global_path = lock_path("smbXsrv_session_global.tdb");
73 if (global_path == NULL) {
74 return NT_STATUS_NO_MEMORY;
77 db_ctx = db_open(NULL, global_path,
81 TDB_INCOMPATIBLE_HASH,
82 O_RDWR | O_CREAT, 0600,
85 TALLOC_FREE(global_path);
89 status = map_nt_error_from_unix_common(errno);
94 smbXsrv_session_global_db_ctx = db_ctx;
101 * We need to store the keys in big endian so that dbwrap_rbt's memcmp
102 * has the same result as integer comparison between the uint32_t
105 * TODO: implement string based key
108 #define SMBXSRV_SESSION_GLOBAL_TDB_KEY_SIZE sizeof(uint32_t)
110 static TDB_DATA smbXsrv_session_global_id_to_key(uint32_t id,
115 RSIVAL(key_buf, 0, id);
117 key = make_tdb_data(key_buf, SMBXSRV_SESSION_GLOBAL_TDB_KEY_SIZE);
123 static NTSTATUS smbXsrv_session_global_key_to_id(TDB_DATA key, uint32_t *id)
126 return NT_STATUS_INVALID_PARAMETER;
129 if (key.dsize != SMBXSRV_SESSION_GLOBAL_TDB_KEY_SIZE) {
130 return NT_STATUS_INTERNAL_DB_CORRUPTION;
133 *id = RIVAL(key.dptr, 0);
139 #define SMBXSRV_SESSION_LOCAL_TDB_KEY_SIZE sizeof(uint32_t)
141 static TDB_DATA smbXsrv_session_local_id_to_key(uint32_t id,
146 RSIVAL(key_buf, 0, id);
148 key = make_tdb_data(key_buf, SMBXSRV_SESSION_LOCAL_TDB_KEY_SIZE);
153 static NTSTATUS smbXsrv_session_local_key_to_id(TDB_DATA key, uint32_t *id)
156 return NT_STATUS_INVALID_PARAMETER;
159 if (key.dsize != SMBXSRV_SESSION_LOCAL_TDB_KEY_SIZE) {
160 return NT_STATUS_INTERNAL_DB_CORRUPTION;
163 *id = RIVAL(key.dptr, 0);
168 static void smbXsrv_session_close_loop(struct tevent_req *subreq);
170 static NTSTATUS smbXsrv_session_table_init(struct smbXsrv_connection *conn,
173 uint32_t max_sessions)
175 struct smbXsrv_client *client = conn->client;
176 struct smbXsrv_session_table *table;
178 struct tevent_req *subreq;
181 if (lowest_id > highest_id) {
182 return NT_STATUS_INTERNAL_ERROR;
185 max_range = highest_id;
186 max_range -= lowest_id;
189 if (max_sessions > max_range) {
190 return NT_STATUS_INTERNAL_ERROR;
193 table = talloc_zero(client, struct smbXsrv_session_table);
195 return NT_STATUS_NO_MEMORY;
198 table->local.db_ctx = db_open_rbt(table);
199 if (table->local.db_ctx == NULL) {
201 return NT_STATUS_NO_MEMORY;
203 table->local.lowest_id = lowest_id;
204 table->local.highest_id = highest_id;
205 table->local.max_sessions = max_sessions;
207 status = smbXsrv_session_global_init();
208 if (!NT_STATUS_IS_OK(status)) {
213 table->global.db_ctx = smbXsrv_session_global_db_ctx;
215 dbwrap_watch_db(table->global.db_ctx, client->msg_ctx);
217 subreq = messaging_read_send(table, client->ev_ctx, client->msg_ctx,
218 MSG_SMBXSRV_SESSION_CLOSE);
219 if (subreq == NULL) {
221 return NT_STATUS_NO_MEMORY;
223 tevent_req_set_callback(subreq, smbXsrv_session_close_loop, client);
225 client->session_table = table;
229 static void smbXsrv_session_close_shutdown_done(struct tevent_req *subreq);
231 static void smbXsrv_session_close_loop(struct tevent_req *subreq)
233 struct smbXsrv_client *client =
234 tevent_req_callback_data(subreq,
235 struct smbXsrv_client);
236 struct smbXsrv_session_table *table = client->session_table;
238 struct messaging_rec *rec = NULL;
239 struct smbXsrv_session_closeB close_blob;
240 enum ndr_err_code ndr_err;
241 struct smbXsrv_session_close0 *close_info0 = NULL;
242 struct smbXsrv_session *session = NULL;
244 struct timeval tv = timeval_current();
245 NTTIME now = timeval_to_nttime(&tv);
247 ret = messaging_read_recv(subreq, talloc_tos(), &rec);
253 ndr_err = ndr_pull_struct_blob(&rec->buf, rec, &close_blob,
254 (ndr_pull_flags_fn_t)ndr_pull_smbXsrv_session_closeB);
255 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
256 status = ndr_map_error2ntstatus(ndr_err);
257 DEBUG(1,("smbXsrv_session_close_loop: "
258 "ndr_pull_struct_blob - %s\n",
263 DEBUG(10,("smbXsrv_session_close_loop: MSG_SMBXSRV_SESSION_CLOSE\n"));
265 NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob);
268 if (close_blob.version != SMBXSRV_VERSION_0) {
269 DEBUG(0,("smbXsrv_session_close_loop: "
270 "ignore invalid version %u\n", close_blob.version));
271 NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob);
275 close_info0 = close_blob.info.info0;
276 if (close_info0 == NULL) {
277 DEBUG(0,("smbXsrv_session_close_loop: "
278 "ignore NULL info %u\n", close_blob.version));
279 NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob);
283 status = smb2srv_session_lookup_raw(client->session_table,
284 close_info0->old_session_wire_id,
286 if (NT_STATUS_EQUAL(status, NT_STATUS_USER_SESSION_DELETED)) {
287 DEBUG(4,("smbXsrv_session_close_loop: "
288 "old_session_wire_id %llu not found\n",
289 (unsigned long long)close_info0->old_session_wire_id));
291 NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob);
295 if (!NT_STATUS_IS_OK(status) &&
296 !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) &&
297 !NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_SESSION_EXPIRED)) {
298 DEBUG(1,("smbXsrv_session_close_loop: "
299 "old_session_wire_id %llu - %s\n",
300 (unsigned long long)close_info0->old_session_wire_id,
303 NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob);
308 if (session->global->session_global_id != close_info0->old_session_global_id) {
309 DEBUG(1,("smbXsrv_session_close_loop: "
310 "old_session_wire_id %llu - global %u != %u\n",
311 (unsigned long long)close_info0->old_session_wire_id,
312 session->global->session_global_id,
313 close_info0->old_session_global_id));
315 NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob);
320 if (session->global->creation_time != close_info0->old_creation_time) {
321 DEBUG(1,("smbXsrv_session_close_loop: "
322 "old_session_wire_id %llu - "
323 "creation %s (%llu) != %s (%llu)\n",
324 (unsigned long long)close_info0->old_session_wire_id,
325 nt_time_string(rec, session->global->creation_time),
326 (unsigned long long)session->global->creation_time,
327 nt_time_string(rec, close_info0->old_creation_time),
328 (unsigned long long)close_info0->old_creation_time));
330 NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob);
335 subreq = smb2srv_session_shutdown_send(session, client->ev_ctx,
337 if (subreq == NULL) {
338 status = NT_STATUS_NO_MEMORY;
339 DEBUG(0, ("smbXsrv_session_close_loop: "
340 "smb2srv_session_shutdown_send(%llu) failed: %s\n",
341 (unsigned long long)session->global->session_wire_id,
344 NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob);
348 tevent_req_set_callback(subreq,
349 smbXsrv_session_close_shutdown_done,
355 subreq = messaging_read_send(table, client->ev_ctx, client->msg_ctx,
356 MSG_SMBXSRV_SESSION_CLOSE);
357 if (subreq == NULL) {
359 r = "messaging_read_send(MSG_SMBXSRV_SESSION_CLOSE) failed";
360 exit_server_cleanly(r);
363 tevent_req_set_callback(subreq, smbXsrv_session_close_loop, client);
366 static void smbXsrv_session_close_shutdown_done(struct tevent_req *subreq)
368 struct smbXsrv_session *session =
369 tevent_req_callback_data(subreq,
370 struct smbXsrv_session);
373 status = smb2srv_session_shutdown_recv(subreq);
375 if (!NT_STATUS_IS_OK(status)) {
376 DEBUG(0, ("smbXsrv_session_close_loop: "
377 "smb2srv_session_shutdown_recv(%llu) failed: %s\n",
378 (unsigned long long)session->global->session_wire_id,
382 status = smbXsrv_session_logoff(session);
383 if (!NT_STATUS_IS_OK(status)) {
384 DEBUG(0, ("smbXsrv_session_close_loop: "
385 "smbXsrv_session_logoff(%llu) failed: %s\n",
386 (unsigned long long)session->global->session_wire_id,
390 TALLOC_FREE(session);
393 struct smb1srv_session_local_allocate_state {
394 const uint32_t lowest_id;
395 const uint32_t highest_id;
401 static int smb1srv_session_local_allocate_traverse(struct db_record *rec,
404 struct smb1srv_session_local_allocate_state *state =
405 (struct smb1srv_session_local_allocate_state *)private_data;
406 TDB_DATA key = dbwrap_record_get_key(rec);
410 status = smbXsrv_session_local_key_to_id(key, &id);
411 if (!NT_STATUS_IS_OK(status)) {
412 state->status = status;
416 if (id <= state->last_id) {
417 state->status = NT_STATUS_INTERNAL_DB_CORRUPTION;
422 if (id > state->useable_id) {
423 state->status = NT_STATUS_OK;
427 if (state->useable_id == state->highest_id) {
428 state->status = NT_STATUS_INSUFFICIENT_RESOURCES;
432 state->useable_id +=1;
436 static NTSTATUS smb1srv_session_local_allocate_id(struct db_context *db,
440 struct db_record **_rec,
443 struct smb1srv_session_local_allocate_state state = {
444 .lowest_id = lowest_id,
445 .highest_id = highest_id,
447 .useable_id = lowest_id,
448 .status = NT_STATUS_INTERNAL_ERROR,
458 if (lowest_id > highest_id) {
459 return NT_STATUS_INSUFFICIENT_RESOURCES;
463 * first we try randomly
465 range = (highest_id - lowest_id) + 1;
467 for (i = 0; i < (range / 2); i++) {
469 uint8_t key_buf[SMBXSRV_SESSION_LOCAL_TDB_KEY_SIZE];
472 struct db_record *rec = NULL;
474 id = generate_random() % range;
477 if (id < lowest_id) {
480 if (id > highest_id) {
484 key = smbXsrv_session_local_id_to_key(id, key_buf);
486 rec = dbwrap_fetch_locked(db, mem_ctx, key);
488 return NT_STATUS_INSUFFICIENT_RESOURCES;
491 val = dbwrap_record_get_value(rec);
492 if (val.dsize != 0) {
503 * if the range is almost full,
504 * we traverse the whole table
505 * (this relies on sorted behavior of dbwrap_rbt)
507 status = dbwrap_traverse_read(db, smb1srv_session_local_allocate_traverse,
509 if (NT_STATUS_IS_OK(status)) {
510 if (NT_STATUS_IS_OK(state.status)) {
511 return NT_STATUS_INTERNAL_ERROR;
514 if (!NT_STATUS_EQUAL(state.status, NT_STATUS_INTERNAL_ERROR)) {
518 if (state.useable_id <= state.highest_id) {
519 state.status = NT_STATUS_OK;
521 return NT_STATUS_INSUFFICIENT_RESOURCES;
523 } else if (!NT_STATUS_EQUAL(status, NT_STATUS_INTERNAL_DB_CORRUPTION)) {
525 * Here we really expect NT_STATUS_INTERNAL_DB_CORRUPTION!
527 * If we get anything else it is an error, because it
528 * means we did not manage to find a free slot in
531 return NT_STATUS_INSUFFICIENT_RESOURCES;
534 if (NT_STATUS_IS_OK(state.status)) {
536 uint8_t key_buf[SMBXSRV_SESSION_LOCAL_TDB_KEY_SIZE];
539 struct db_record *rec = NULL;
541 id = state.useable_id;
543 key = smbXsrv_session_local_id_to_key(id, key_buf);
545 rec = dbwrap_fetch_locked(db, mem_ctx, key);
547 return NT_STATUS_INSUFFICIENT_RESOURCES;
550 val = dbwrap_record_get_value(rec);
551 if (val.dsize != 0) {
553 return NT_STATUS_INTERNAL_DB_CORRUPTION;
564 struct smbXsrv_session_local_fetch_state {
565 struct smbXsrv_session *session;
569 static void smbXsrv_session_local_fetch_parser(TDB_DATA key, TDB_DATA data,
572 struct smbXsrv_session_local_fetch_state *state =
573 (struct smbXsrv_session_local_fetch_state *)private_data;
576 if (data.dsize != sizeof(ptr)) {
577 state->status = NT_STATUS_INTERNAL_DB_ERROR;
581 memcpy(&ptr, data.dptr, data.dsize);
582 state->session = talloc_get_type_abort(ptr, struct smbXsrv_session);
583 state->status = NT_STATUS_OK;
586 static NTSTATUS smbXsrv_session_local_lookup(struct smbXsrv_session_table *table,
587 uint32_t session_local_id,
589 struct smbXsrv_session **_session)
591 struct smbXsrv_session_local_fetch_state state = {
593 .status = NT_STATUS_INTERNAL_ERROR,
595 uint8_t key_buf[SMBXSRV_SESSION_LOCAL_TDB_KEY_SIZE];
601 if (session_local_id == 0) {
602 return NT_STATUS_USER_SESSION_DELETED;
606 /* this might happen before the end of negprot */
607 return NT_STATUS_USER_SESSION_DELETED;
610 if (table->local.db_ctx == NULL) {
611 return NT_STATUS_INTERNAL_ERROR;
614 key = smbXsrv_session_local_id_to_key(session_local_id, key_buf);
616 status = dbwrap_parse_record(table->local.db_ctx, key,
617 smbXsrv_session_local_fetch_parser,
619 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
620 return NT_STATUS_USER_SESSION_DELETED;
621 } else if (!NT_STATUS_IS_OK(status)) {
624 if (!NT_STATUS_IS_OK(state.status)) {
628 if (NT_STATUS_EQUAL(state.session->status, NT_STATUS_USER_SESSION_DELETED)) {
629 return NT_STATUS_USER_SESSION_DELETED;
632 state.session->idle_time = now;
634 if (!NT_STATUS_IS_OK(state.session->status)) {
635 *_session = state.session;
636 return state.session->status;
639 if (now > state.session->global->expiration_time) {
640 state.session->status = NT_STATUS_NETWORK_SESSION_EXPIRED;
643 *_session = state.session;
644 return state.session->status;
647 static int smbXsrv_session_global_destructor(struct smbXsrv_session_global0 *global)
652 static void smbXsrv_session_global_verify_record(struct db_record *db_rec,
656 struct smbXsrv_session_global0 **_g);
658 static NTSTATUS smbXsrv_session_global_allocate(struct db_context *db,
660 struct smbXsrv_session_global0 **_global)
663 struct smbXsrv_session_global0 *global = NULL;
664 uint32_t last_free = 0;
665 const uint32_t min_tries = 3;
669 global = talloc_zero(mem_ctx, struct smbXsrv_session_global0);
670 if (global == NULL) {
671 return NT_STATUS_NO_MEMORY;
673 talloc_set_destructor(global, smbXsrv_session_global_destructor);
676 * Here we just randomly try the whole 32-bit space
678 * We use just 32-bit, because we want to reuse the
681 for (i = 0; i < UINT32_MAX; i++) {
682 bool is_free = false;
683 bool was_free = false;
685 uint8_t key_buf[SMBXSRV_SESSION_GLOBAL_TDB_KEY_SIZE];
688 if (i >= min_tries && last_free != 0) {
691 id = generate_random();
696 if (id == UINT32_MAX) {
700 key = smbXsrv_session_global_id_to_key(id, key_buf);
702 global->db_rec = dbwrap_fetch_locked(db, mem_ctx, key);
703 if (global->db_rec == NULL) {
705 return NT_STATUS_INSUFFICIENT_RESOURCES;
708 smbXsrv_session_global_verify_record(global->db_rec,
714 TALLOC_FREE(global->db_rec);
718 if (!was_free && i < min_tries) {
720 * The session_id is free now,
721 * but was not free before.
723 * This happens if a smbd crashed
724 * and did not cleanup the record.
726 * If this is one of our first tries,
727 * then we try to find a real free one.
729 if (last_free == 0) {
732 TALLOC_FREE(global->db_rec);
736 global->session_global_id = id;
742 /* should not be reached */
744 return NT_STATUS_INTERNAL_ERROR;
747 static void smbXsrv_session_global_verify_record(struct db_record *db_rec,
751 struct smbXsrv_session_global0 **_g)
756 struct smbXsrv_session_globalB global_blob;
757 enum ndr_err_code ndr_err;
758 struct smbXsrv_session_global0 *global = NULL;
760 TALLOC_CTX *frame = talloc_stackframe();
771 key = dbwrap_record_get_key(db_rec);
773 val = dbwrap_record_get_value(db_rec);
774 if (val.dsize == 0) {
783 blob = data_blob_const(val.dptr, val.dsize);
785 ndr_err = ndr_pull_struct_blob(&blob, frame, &global_blob,
786 (ndr_pull_flags_fn_t)ndr_pull_smbXsrv_session_globalB);
787 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
788 NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
789 DEBUG(1,("smbXsrv_session_global_verify_record: "
790 "key '%s' ndr_pull_struct_blob - %s\n",
791 hex_encode_talloc(frame, key.dptr, key.dsize),
797 DEBUG(10,("smbXsrv_session_global_verify_record\n"));
799 NDR_PRINT_DEBUG(smbXsrv_session_globalB, &global_blob);
802 if (global_blob.version != SMBXSRV_VERSION_0) {
803 DEBUG(0,("smbXsrv_session_global_verify_record: "
804 "key '%s' use unsupported version %u\n",
805 hex_encode_talloc(frame, key.dptr, key.dsize),
806 global_blob.version));
807 NDR_PRINT_DEBUG(smbXsrv_session_globalB, &global_blob);
812 global = global_blob.info.info0;
814 exists = serverid_exists(&global->channels[0].server_id);
816 struct server_id_buf idbuf;
817 DEBUG(2,("smbXsrv_session_global_verify_record: "
818 "key '%s' server_id %s does not exist.\n",
819 hex_encode_talloc(frame, key.dptr, key.dsize),
820 server_id_str_buf(global->channels[0].server_id,
823 NDR_PRINT_DEBUG(smbXsrv_session_globalB, &global_blob);
826 dbwrap_record_delete(db_rec);
832 *_g = talloc_move(mem_ctx, &global);
837 static NTSTATUS smbXsrv_session_global_store(struct smbXsrv_session_global0 *global)
839 struct smbXsrv_session_globalB global_blob;
840 DATA_BLOB blob = data_blob_null;
844 enum ndr_err_code ndr_err;
847 * TODO: if we use other versions than '0'
848 * we would add glue code here, that would be able to
849 * store the information in the old format.
852 if (global->db_rec == NULL) {
853 return NT_STATUS_INTERNAL_ERROR;
856 key = dbwrap_record_get_key(global->db_rec);
857 val = dbwrap_record_get_value(global->db_rec);
859 ZERO_STRUCT(global_blob);
860 global_blob.version = smbXsrv_version_global_current();
861 if (val.dsize >= 8) {
862 global_blob.seqnum = IVAL(val.dptr, 4);
864 global_blob.seqnum += 1;
865 global_blob.info.info0 = global;
867 ndr_err = ndr_push_struct_blob(&blob, global->db_rec, &global_blob,
868 (ndr_push_flags_fn_t)ndr_push_smbXsrv_session_globalB);
869 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
870 status = ndr_map_error2ntstatus(ndr_err);
871 DEBUG(1,("smbXsrv_session_global_store: key '%s' ndr_push - %s\n",
872 hex_encode_talloc(global->db_rec, key.dptr, key.dsize),
874 TALLOC_FREE(global->db_rec);
878 val = make_tdb_data(blob.data, blob.length);
879 status = dbwrap_record_store(global->db_rec, val, TDB_REPLACE);
880 if (!NT_STATUS_IS_OK(status)) {
881 DEBUG(1,("smbXsrv_session_global_store: key '%s' store - %s\n",
882 hex_encode_talloc(global->db_rec, key.dptr, key.dsize),
884 TALLOC_FREE(global->db_rec);
889 DEBUG(10,("smbXsrv_session_global_store: key '%s' stored\n",
890 hex_encode_talloc(global->db_rec, key.dptr, key.dsize)));
891 NDR_PRINT_DEBUG(smbXsrv_session_globalB, &global_blob);
894 TALLOC_FREE(global->db_rec);
899 struct smb2srv_session_close_previous_state {
900 struct tevent_context *ev;
901 struct smbXsrv_connection *connection;
902 struct dom_sid *current_sid;
903 uint64_t current_session_id;
904 struct db_record *db_rec;
907 static void smb2srv_session_close_previous_check(struct tevent_req *req);
908 static void smb2srv_session_close_previous_modified(struct tevent_req *subreq);
910 struct tevent_req *smb2srv_session_close_previous_send(TALLOC_CTX *mem_ctx,
911 struct tevent_context *ev,
912 struct smbXsrv_connection *conn,
913 struct auth_session_info *session_info,
914 uint64_t previous_session_id,
915 uint64_t current_session_id)
917 struct tevent_req *req;
918 struct smb2srv_session_close_previous_state *state;
919 uint32_t global_id = previous_session_id & UINT32_MAX;
920 uint64_t global_zeros = previous_session_id & 0xFFFFFFFF00000000LLU;
921 struct smbXsrv_session_table *table = conn->client->session_table;
922 struct security_token *current_token = NULL;
923 uint8_t key_buf[SMBXSRV_SESSION_GLOBAL_TDB_KEY_SIZE];
926 req = tevent_req_create(mem_ctx, &state,
927 struct smb2srv_session_close_previous_state);
932 state->connection = conn;
933 state->current_session_id = current_session_id;
935 if (global_zeros != 0) {
936 tevent_req_done(req);
937 return tevent_req_post(req, ev);
940 if (session_info == NULL) {
941 tevent_req_done(req);
942 return tevent_req_post(req, ev);
944 current_token = session_info->security_token;
946 if (current_token->num_sids > PRIMARY_USER_SID_INDEX) {
947 state->current_sid = ¤t_token->sids[PRIMARY_USER_SID_INDEX];
950 if (state->current_sid == NULL) {
951 tevent_req_done(req);
952 return tevent_req_post(req, ev);
955 if (!security_token_has_nt_authenticated_users(current_token)) {
957 tevent_req_done(req);
958 return tevent_req_post(req, ev);
961 key = smbXsrv_session_global_id_to_key(global_id, key_buf);
963 state->db_rec = dbwrap_fetch_locked(table->global.db_ctx,
965 if (state->db_rec == NULL) {
966 tevent_req_nterror(req, NT_STATUS_UNSUCCESSFUL);
967 return tevent_req_post(req, ev);
970 smb2srv_session_close_previous_check(req);
971 if (!tevent_req_is_in_progress(req)) {
972 return tevent_req_post(req, ev);
978 static void smb2srv_session_close_previous_check(struct tevent_req *req)
980 struct smb2srv_session_close_previous_state *state =
982 struct smb2srv_session_close_previous_state);
983 struct smbXsrv_connection *conn = state->connection;
985 struct security_token *previous_token = NULL;
986 struct smbXsrv_session_global0 *global = NULL;
987 enum ndr_err_code ndr_err;
988 struct smbXsrv_session_close0 close_info0;
989 struct smbXsrv_session_closeB close_blob;
990 struct tevent_req *subreq = NULL;
992 bool is_free = false;
994 smbXsrv_session_global_verify_record(state->db_rec,
1001 TALLOC_FREE(state->db_rec);
1002 tevent_req_done(req);
1006 if (global->auth_session_info == NULL) {
1007 TALLOC_FREE(state->db_rec);
1008 tevent_req_done(req);
1012 previous_token = global->auth_session_info->security_token;
1014 if (!security_token_is_sid(previous_token, state->current_sid)) {
1015 TALLOC_FREE(state->db_rec);
1016 tevent_req_done(req);
1020 subreq = dbwrap_record_watch_send(state, state->ev,
1021 state->db_rec, conn->msg_ctx);
1022 if (tevent_req_nomem(subreq, req)) {
1023 TALLOC_FREE(state->db_rec);
1026 tevent_req_set_callback(subreq,
1027 smb2srv_session_close_previous_modified,
1030 close_info0.old_session_global_id = global->session_global_id;
1031 close_info0.old_session_wire_id = global->session_wire_id;
1032 close_info0.old_creation_time = global->creation_time;
1033 close_info0.new_session_wire_id = state->current_session_id;
1035 ZERO_STRUCT(close_blob);
1036 close_blob.version = smbXsrv_version_global_current();
1037 close_blob.info.info0 = &close_info0;
1039 ndr_err = ndr_push_struct_blob(&blob, state, &close_blob,
1040 (ndr_push_flags_fn_t)ndr_push_smbXsrv_session_closeB);
1041 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1042 TALLOC_FREE(state->db_rec);
1043 status = ndr_map_error2ntstatus(ndr_err);
1044 DEBUG(1,("smb2srv_session_close_previous_check: "
1045 "old_session[%llu] new_session[%llu] ndr_push - %s\n",
1046 (unsigned long long)close_info0.old_session_wire_id,
1047 (unsigned long long)close_info0.new_session_wire_id,
1048 nt_errstr(status)));
1049 tevent_req_nterror(req, status);
1053 status = messaging_send(conn->msg_ctx,
1054 global->channels[0].server_id,
1055 MSG_SMBXSRV_SESSION_CLOSE, &blob);
1056 TALLOC_FREE(state->db_rec);
1057 if (tevent_req_nterror(req, status)) {
1061 TALLOC_FREE(global);
1065 static void smb2srv_session_close_previous_modified(struct tevent_req *subreq)
1067 struct tevent_req *req =
1068 tevent_req_callback_data(subreq,
1070 struct smb2srv_session_close_previous_state *state =
1071 tevent_req_data(req,
1072 struct smb2srv_session_close_previous_state);
1075 status = dbwrap_record_watch_recv(subreq, state, &state->db_rec);
1076 TALLOC_FREE(subreq);
1077 if (tevent_req_nterror(req, status)) {
1081 smb2srv_session_close_previous_check(req);
1084 NTSTATUS smb2srv_session_close_previous_recv(struct tevent_req *req)
1088 if (tevent_req_is_nterror(req, &status)) {
1089 tevent_req_received(req);
1093 tevent_req_received(req);
1094 return NT_STATUS_OK;
1097 static int smbXsrv_session_destructor(struct smbXsrv_session *session)
1100 struct smbXsrv_connection *xconn = NULL;
1102 if (session->client != NULL) {
1103 xconn = session->client->connections;
1106 for (; xconn != NULL; xconn = xconn->next) {
1107 struct smbd_smb2_request *preq;
1109 for (preq = xconn->smb2.requests; preq != NULL; preq = preq->next) {
1110 if (preq->session != session) {
1114 preq->session = NULL;
1116 * If we no longer have a session we can't
1117 * sign or encrypt replies.
1119 preq->do_signing = false;
1120 preq->do_encryption = false;
1124 status = smbXsrv_session_logoff(session);
1125 if (!NT_STATUS_IS_OK(status)) {
1126 DEBUG(0, ("smbXsrv_session_destructor: "
1127 "smbXsrv_session_logoff() failed: %s\n",
1128 nt_errstr(status)));
1131 TALLOC_FREE(session->global);
1136 NTSTATUS smbXsrv_session_create(struct smbXsrv_connection *conn,
1138 struct smbXsrv_session **_session)
1140 struct smbXsrv_session_table *table = conn->client->session_table;
1141 struct db_record *local_rec = NULL;
1142 struct smbXsrv_session *session = NULL;
1145 struct smbXsrv_session_global0 *global = NULL;
1146 struct smbXsrv_channel_global0 *channels = NULL;
1149 if (table->local.num_sessions >= table->local.max_sessions) {
1150 return NT_STATUS_INSUFFICIENT_RESOURCES;
1153 session = talloc_zero(table, struct smbXsrv_session);
1154 if (session == NULL) {
1155 return NT_STATUS_NO_MEMORY;
1157 session->table = table;
1158 session->idle_time = now;
1159 session->status = NT_STATUS_MORE_PROCESSING_REQUIRED;
1160 session->client = conn->client;
1162 status = smbXsrv_session_global_allocate(table->global.db_ctx,
1165 if (!NT_STATUS_IS_OK(status)) {
1166 TALLOC_FREE(session);
1169 session->global = global;
1171 if (conn->protocol >= PROTOCOL_SMB2_02) {
1172 uint64_t id = global->session_global_id;
1173 uint8_t key_buf[SMBXSRV_SESSION_LOCAL_TDB_KEY_SIZE];
1176 global->connection_dialect = conn->smb2.server.dialect;
1178 global->session_wire_id = id;
1180 status = smb2srv_tcon_table_init(session);
1181 if (!NT_STATUS_IS_OK(status)) {
1182 TALLOC_FREE(session);
1186 session->local_id = global->session_global_id;
1188 key = smbXsrv_session_local_id_to_key(session->local_id, key_buf);
1190 local_rec = dbwrap_fetch_locked(table->local.db_ctx,
1192 if (local_rec == NULL) {
1193 TALLOC_FREE(session);
1194 return NT_STATUS_NO_MEMORY;
1197 val = dbwrap_record_get_value(local_rec);
1198 if (val.dsize != 0) {
1199 TALLOC_FREE(session);
1200 return NT_STATUS_INTERNAL_DB_CORRUPTION;
1204 status = smb1srv_session_local_allocate_id(table->local.db_ctx,
1205 table->local.lowest_id,
1206 table->local.highest_id,
1209 &session->local_id);
1210 if (!NT_STATUS_IS_OK(status)) {
1211 TALLOC_FREE(session);
1215 global->session_wire_id = session->local_id;
1218 global->creation_time = now;
1219 global->expiration_time = GENSEC_EXPIRE_TIME_INFINITY;
1221 global->num_channels = 1;
1222 channels = talloc_zero_array(global,
1223 struct smbXsrv_channel_global0,
1224 global->num_channels);
1225 if (channels == NULL) {
1226 TALLOC_FREE(session);
1227 return NT_STATUS_NO_MEMORY;
1229 global->channels = channels;
1231 channels[0].server_id = messaging_server_id(conn->msg_ctx);
1232 channels[0].local_address = tsocket_address_string(conn->local_address,
1234 if (channels[0].local_address == NULL) {
1235 TALLOC_FREE(session);
1236 return NT_STATUS_NO_MEMORY;
1238 channels[0].remote_address = tsocket_address_string(conn->remote_address,
1240 if (channels[0].remote_address == NULL) {
1241 TALLOC_FREE(session);
1242 return NT_STATUS_NO_MEMORY;
1244 channels[0].remote_name = talloc_strdup(channels, conn->remote_hostname);
1245 if (channels[0].remote_name == NULL) {
1246 TALLOC_FREE(session);
1247 return NT_STATUS_NO_MEMORY;
1249 channels[0].signing_key = data_blob_null;
1250 channels[0].connection = conn;
1253 val = make_tdb_data((uint8_t const *)&ptr, sizeof(ptr));
1254 status = dbwrap_record_store(local_rec, val, TDB_REPLACE);
1255 TALLOC_FREE(local_rec);
1256 if (!NT_STATUS_IS_OK(status)) {
1257 TALLOC_FREE(session);
1260 table->local.num_sessions += 1;
1262 talloc_set_destructor(session, smbXsrv_session_destructor);
1264 status = smbXsrv_session_global_store(global);
1265 if (!NT_STATUS_IS_OK(status)) {
1266 DEBUG(0,("smbXsrv_session_create: "
1267 "global_id (0x%08x) store failed - %s\n",
1268 session->global->session_global_id,
1269 nt_errstr(status)));
1270 TALLOC_FREE(session);
1275 struct smbXsrv_sessionB session_blob;
1277 ZERO_STRUCT(session_blob);
1278 session_blob.version = SMBXSRV_VERSION_0;
1279 session_blob.info.info0 = session;
1281 DEBUG(10,("smbXsrv_session_create: global_id (0x%08x) stored\n",
1282 session->global->session_global_id));
1283 NDR_PRINT_DEBUG(smbXsrv_sessionB, &session_blob);
1286 *_session = session;
1287 return NT_STATUS_OK;
1290 NTSTATUS smbXsrv_session_update(struct smbXsrv_session *session)
1292 struct smbXsrv_session_table *table = session->table;
1294 uint8_t key_buf[SMBXSRV_SESSION_GLOBAL_TDB_KEY_SIZE];
1297 if (session->global->db_rec != NULL) {
1298 DEBUG(0, ("smbXsrv_session_update(0x%08x): "
1299 "Called with db_rec != NULL'\n",
1300 session->global->session_global_id));
1301 return NT_STATUS_INTERNAL_ERROR;
1304 key = smbXsrv_session_global_id_to_key(
1305 session->global->session_global_id,
1308 session->global->db_rec = dbwrap_fetch_locked(table->global.db_ctx,
1309 session->global, key);
1310 if (session->global->db_rec == NULL) {
1311 DEBUG(0, ("smbXsrv_session_update(0x%08x): "
1312 "Failed to lock global key '%s'\n",
1313 session->global->session_global_id,
1314 hex_encode_talloc(talloc_tos(), key.dptr,
1316 return NT_STATUS_INTERNAL_DB_ERROR;
1319 status = smbXsrv_session_global_store(session->global);
1320 if (!NT_STATUS_IS_OK(status)) {
1321 DEBUG(0,("smbXsrv_session_update: "
1322 "global_id (0x%08x) store failed - %s\n",
1323 session->global->session_global_id,
1324 nt_errstr(status)));
1329 struct smbXsrv_sessionB session_blob;
1331 ZERO_STRUCT(session_blob);
1332 session_blob.version = SMBXSRV_VERSION_0;
1333 session_blob.info.info0 = session;
1335 DEBUG(10,("smbXsrv_session_update: global_id (0x%08x) stored\n",
1336 session->global->session_global_id));
1337 NDR_PRINT_DEBUG(smbXsrv_sessionB, &session_blob);
1340 return NT_STATUS_OK;
1343 NTSTATUS smbXsrv_session_find_channel(const struct smbXsrv_session *session,
1344 const struct smbXsrv_connection *conn,
1345 struct smbXsrv_channel_global0 **_c)
1349 for (i=0; i < session->global->num_channels; i++) {
1350 struct smbXsrv_channel_global0 *c = &session->global->channels[i];
1352 if (c->connection == conn) {
1354 return NT_STATUS_OK;
1358 return NT_STATUS_USER_SESSION_DELETED;
1361 struct smb2srv_session_shutdown_state {
1362 struct tevent_queue *wait_queue;
1365 static void smb2srv_session_shutdown_wait_done(struct tevent_req *subreq);
1367 struct tevent_req *smb2srv_session_shutdown_send(TALLOC_CTX *mem_ctx,
1368 struct tevent_context *ev,
1369 struct smbXsrv_session *session,
1370 struct smbd_smb2_request *current_req)
1372 struct tevent_req *req;
1373 struct smb2srv_session_shutdown_state *state;
1374 struct tevent_req *subreq;
1375 struct smbXsrv_connection *xconn = NULL;
1379 * Make sure that no new request will be able to use this session.
1381 session->status = NT_STATUS_USER_SESSION_DELETED;
1383 req = tevent_req_create(mem_ctx, &state,
1384 struct smb2srv_session_shutdown_state);
1389 state->wait_queue = tevent_queue_create(state, "smb2srv_session_shutdown_queue");
1390 if (tevent_req_nomem(state->wait_queue, req)) {
1391 return tevent_req_post(req, ev);
1394 for (xconn = session->client->connections; xconn != NULL; xconn = xconn->next) {
1395 struct smbd_smb2_request *preq;
1397 for (preq = xconn->smb2.requests; preq != NULL; preq = preq->next) {
1398 if (preq == current_req) {
1399 /* Can't cancel current request. */
1402 if (preq->session != session) {
1403 /* Request on different session. */
1407 if (!NT_STATUS_IS_OK(xconn->transport.status)) {
1408 preq->session = NULL;
1410 * If we no longer have a session we can't
1411 * sign or encrypt replies.
1413 preq->do_signing = false;
1414 preq->do_encryption = false;
1416 if (preq->subreq != NULL) {
1417 tevent_req_cancel(preq->subreq);
1423 * Never cancel anything in a compound
1424 * request. Way too hard to deal with
1427 if (!preq->compound_related && preq->subreq != NULL) {
1428 tevent_req_cancel(preq->subreq);
1432 * Now wait until the request is finished.
1434 * We don't set a callback, as we just want to block the
1435 * wait queue and the talloc_free() of the request will
1436 * remove the item from the wait queue.
1438 subreq = tevent_queue_wait_send(preq, ev, state->wait_queue);
1439 if (tevent_req_nomem(subreq, req)) {
1440 return tevent_req_post(req, ev);
1445 len = tevent_queue_length(state->wait_queue);
1447 tevent_req_done(req);
1448 return tevent_req_post(req, ev);
1452 * Now we add our own waiter to the end of the queue,
1453 * this way we get notified when all pending requests are finished
1454 * and send to the socket.
1456 subreq = tevent_queue_wait_send(state, ev, state->wait_queue);
1457 if (tevent_req_nomem(subreq, req)) {
1458 return tevent_req_post(req, ev);
1460 tevent_req_set_callback(subreq, smb2srv_session_shutdown_wait_done, req);
1465 static void smb2srv_session_shutdown_wait_done(struct tevent_req *subreq)
1467 struct tevent_req *req =
1468 tevent_req_callback_data(subreq,
1471 tevent_queue_wait_recv(subreq);
1472 TALLOC_FREE(subreq);
1474 tevent_req_done(req);
1477 NTSTATUS smb2srv_session_shutdown_recv(struct tevent_req *req)
1479 return tevent_req_simple_recv_ntstatus(req);
1482 NTSTATUS smbXsrv_session_logoff(struct smbXsrv_session *session)
1484 struct smbXsrv_session_table *table;
1485 struct db_record *local_rec = NULL;
1486 struct db_record *global_rec = NULL;
1487 struct smbd_server_connection *sconn = NULL;
1489 NTSTATUS error = NT_STATUS_OK;
1491 if (session->table == NULL) {
1492 return NT_STATUS_OK;
1495 table = session->table;
1496 session->table = NULL;
1498 sconn = session->client->sconn;
1499 session->client = NULL;
1500 session->status = NT_STATUS_USER_SESSION_DELETED;
1502 global_rec = session->global->db_rec;
1503 session->global->db_rec = NULL;
1504 if (global_rec == NULL) {
1505 uint8_t key_buf[SMBXSRV_SESSION_GLOBAL_TDB_KEY_SIZE];
1508 key = smbXsrv_session_global_id_to_key(
1509 session->global->session_global_id,
1512 global_rec = dbwrap_fetch_locked(table->global.db_ctx,
1513 session->global, key);
1514 if (global_rec == NULL) {
1515 DEBUG(0, ("smbXsrv_session_logoff(0x%08x): "
1516 "Failed to lock global key '%s'\n",
1517 session->global->session_global_id,
1518 hex_encode_talloc(global_rec, key.dptr,
1520 error = NT_STATUS_INTERNAL_ERROR;
1524 if (global_rec != NULL) {
1525 status = dbwrap_record_delete(global_rec);
1526 if (!NT_STATUS_IS_OK(status)) {
1527 TDB_DATA key = dbwrap_record_get_key(global_rec);
1529 DEBUG(0, ("smbXsrv_session_logoff(0x%08x): "
1530 "failed to delete global key '%s': %s\n",
1531 session->global->session_global_id,
1532 hex_encode_talloc(global_rec, key.dptr,
1534 nt_errstr(status)));
1538 TALLOC_FREE(global_rec);
1540 local_rec = session->db_rec;
1541 if (local_rec == NULL) {
1542 uint8_t key_buf[SMBXSRV_SESSION_LOCAL_TDB_KEY_SIZE];
1545 key = smbXsrv_session_local_id_to_key(session->local_id,
1548 local_rec = dbwrap_fetch_locked(table->local.db_ctx,
1550 if (local_rec == NULL) {
1551 DEBUG(0, ("smbXsrv_session_logoff(0x%08x): "
1552 "Failed to lock local key '%s'\n",
1553 session->global->session_global_id,
1554 hex_encode_talloc(local_rec, key.dptr,
1556 error = NT_STATUS_INTERNAL_ERROR;
1560 if (local_rec != NULL) {
1561 status = dbwrap_record_delete(local_rec);
1562 if (!NT_STATUS_IS_OK(status)) {
1563 TDB_DATA key = dbwrap_record_get_key(local_rec);
1565 DEBUG(0, ("smbXsrv_session_logoff(0x%08x): "
1566 "failed to delete local key '%s': %s\n",
1567 session->global->session_global_id,
1568 hex_encode_talloc(local_rec, key.dptr,
1570 nt_errstr(status)));
1573 table->local.num_sessions -= 1;
1575 if (session->db_rec == NULL) {
1576 TALLOC_FREE(local_rec);
1578 session->db_rec = NULL;
1580 if (session->compat) {
1581 file_close_user(sconn, session->compat->vuid);
1584 if (session->tcon_table != NULL) {
1586 * Note: We only have a tcon_table for SMB2.
1588 status = smb2srv_tcon_disconnect_all(session);
1589 if (!NT_STATUS_IS_OK(status)) {
1590 DEBUG(0, ("smbXsrv_session_logoff(0x%08x): "
1591 "smb2srv_tcon_disconnect_all() failed: %s\n",
1592 session->global->session_global_id,
1593 nt_errstr(status)));
1598 if (session->compat) {
1599 invalidate_vuid(sconn, session->compat->vuid);
1600 session->compat = NULL;
1606 struct smbXsrv_session_logoff_all_state {
1607 NTSTATUS first_status;
1611 static int smbXsrv_session_logoff_all_callback(struct db_record *local_rec,
1612 void *private_data);
1614 NTSTATUS smbXsrv_session_logoff_all(struct smbXsrv_connection *conn)
1616 struct smbXsrv_session_table *table = conn->client->session_table;
1617 struct smbXsrv_session_logoff_all_state state;
1621 if (table == NULL) {
1622 DEBUG(10, ("smbXsrv_session_logoff_all: "
1623 "empty session_table, nothing to do.\n"));
1624 return NT_STATUS_OK;
1629 status = dbwrap_traverse(table->local.db_ctx,
1630 smbXsrv_session_logoff_all_callback,
1632 if (!NT_STATUS_IS_OK(status)) {
1633 DEBUG(0, ("smbXsrv_session_logoff_all: "
1634 "dbwrap_traverse() failed: %s\n",
1635 nt_errstr(status)));
1639 if (!NT_STATUS_IS_OK(state.first_status)) {
1640 DEBUG(0, ("smbXsrv_session_logoff_all: "
1641 "count[%d] errors[%d] first[%s]\n",
1642 count, state.errors,
1643 nt_errstr(state.first_status)));
1644 return state.first_status;
1647 return NT_STATUS_OK;
1650 static int smbXsrv_session_logoff_all_callback(struct db_record *local_rec,
1653 struct smbXsrv_session_logoff_all_state *state =
1654 (struct smbXsrv_session_logoff_all_state *)private_data;
1657 struct smbXsrv_session *session = NULL;
1658 struct smbXsrv_connection *xconn = NULL;
1661 val = dbwrap_record_get_value(local_rec);
1662 if (val.dsize != sizeof(ptr)) {
1663 status = NT_STATUS_INTERNAL_ERROR;
1664 if (NT_STATUS_IS_OK(state->first_status)) {
1665 state->first_status = status;
1671 memcpy(&ptr, val.dptr, val.dsize);
1672 session = talloc_get_type_abort(ptr, struct smbXsrv_session);
1674 session->db_rec = local_rec;
1676 if (session->client != NULL) {
1677 xconn = session->client->connections;
1679 for (; xconn != NULL; xconn = xconn->next) {
1680 struct smbd_smb2_request *preq;
1682 for (preq = xconn->smb2.requests; preq != NULL; preq = preq->next) {
1683 if (preq->session != session) {
1687 preq->session = NULL;
1689 * If we no longer have a session we can't
1690 * sign or encrypt replies.
1692 preq->do_signing = false;
1693 preq->do_encryption = false;
1697 status = smbXsrv_session_logoff(session);
1698 if (!NT_STATUS_IS_OK(status)) {
1699 if (NT_STATUS_IS_OK(state->first_status)) {
1700 state->first_status = status;
1709 NTSTATUS smb1srv_session_table_init(struct smbXsrv_connection *conn)
1712 * Allow a range from 1..65534 with 65534 values.
1714 return smbXsrv_session_table_init(conn, 1, UINT16_MAX - 1,
1718 NTSTATUS smb1srv_session_lookup(struct smbXsrv_connection *conn,
1719 uint16_t vuid, NTTIME now,
1720 struct smbXsrv_session **session)
1722 struct smbXsrv_session_table *table = conn->client->session_table;
1723 uint32_t local_id = vuid;
1725 return smbXsrv_session_local_lookup(table, local_id, now, session);
1728 NTSTATUS smb2srv_session_table_init(struct smbXsrv_connection *conn)
1731 * Allow a range from 1..4294967294 with 65534 (same as SMB1) values.
1733 return smbXsrv_session_table_init(conn, 1, UINT32_MAX - 1,
1737 static NTSTATUS smb2srv_session_lookup_raw(struct smbXsrv_session_table *table,
1738 uint64_t session_id, NTTIME now,
1739 struct smbXsrv_session **session)
1741 uint32_t local_id = session_id & UINT32_MAX;
1742 uint64_t local_zeros = session_id & 0xFFFFFFFF00000000LLU;
1744 if (local_zeros != 0) {
1745 return NT_STATUS_USER_SESSION_DELETED;
1748 return smbXsrv_session_local_lookup(table, local_id, now, session);
1751 NTSTATUS smb2srv_session_lookup(struct smbXsrv_connection *conn,
1752 uint64_t session_id, NTTIME now,
1753 struct smbXsrv_session **session)
1755 struct smbXsrv_session_table *table = conn->client->session_table;
1756 return smb2srv_session_lookup_raw(table, session_id, now, session);
1759 struct smbXsrv_session_global_traverse_state {
1760 int (*fn)(struct smbXsrv_session_global0 *, void *);
1764 static int smbXsrv_session_global_traverse_fn(struct db_record *rec, void *data)
1767 struct smbXsrv_session_global_traverse_state *state =
1768 (struct smbXsrv_session_global_traverse_state*)data;
1769 TDB_DATA key = dbwrap_record_get_key(rec);
1770 TDB_DATA val = dbwrap_record_get_value(rec);
1771 DATA_BLOB blob = data_blob_const(val.dptr, val.dsize);
1772 struct smbXsrv_session_globalB global_blob;
1773 enum ndr_err_code ndr_err;
1774 TALLOC_CTX *frame = talloc_stackframe();
1776 ndr_err = ndr_pull_struct_blob(&blob, frame, &global_blob,
1777 (ndr_pull_flags_fn_t)ndr_pull_smbXsrv_session_globalB);
1778 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1779 DEBUG(1,("Invalid record in smbXsrv_session_global.tdb:"
1780 "key '%s' ndr_pull_struct_blob - %s\n",
1781 hex_encode_talloc(frame, key.dptr, key.dsize),
1782 ndr_errstr(ndr_err)));
1786 if (global_blob.version != SMBXSRV_VERSION_0) {
1787 DEBUG(1,("Invalid record in smbXsrv_session_global.tdb:"
1788 "key '%s' unsuported version - %d\n",
1789 hex_encode_talloc(frame, key.dptr, key.dsize),
1790 (int)global_blob.version));
1794 global_blob.info.info0->db_rec = rec;
1795 ret = state->fn(global_blob.info.info0, state->private_data);
1801 NTSTATUS smbXsrv_session_global_traverse(
1802 int (*fn)(struct smbXsrv_session_global0 *, void *),
1808 struct smbXsrv_session_global_traverse_state state = {
1810 .private_data = private_data,
1814 status = smbXsrv_session_global_init();
1815 if (!NT_STATUS_IS_OK(status)) {
1817 DEBUG(0, ("Failed to initialize session_global: %s\n",
1818 nt_errstr(status)));
1822 status = dbwrap_traverse_read(smbXsrv_session_global_db_ctx,
1823 smbXsrv_session_global_traverse_fn,