From d38d6c183fbf748a46b601bdc64c81a86ba9d4c3 Mon Sep 17 00:00:00 2001 From: Jordan Borean Date: Tue, 8 Nov 2022 20:43:55 +1000 Subject: [PATCH] Fix intermediate session id preauth tracking On some hosts, the SESSION_SETUP_RESPONSE message that are not complete may not set the new session id on the response. This causes problems when the session is finalised as it tries to lookup the session based on the session id allocated in the last message which won't line up with any intermediate messages with a session id of 0. The fix is to not update the session id tracker for the first SESSION_SETUP_RESPONSE message but rather the last message where the session id will actually be allocated. --- CHANGELOG.md | 1 + requirements-dev.txt | 2 +- src/smbprotocol/session.py | 5 +++-- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f353bd17..47804c3c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ## 1.10.1 - TBD * Raise the original `BadNetworkName` error if the server doesn't indicate it supports DFS or `FSDriverRequired` was raised trying to lookup the DFS information - https://github.com/jborean93/smbprotocol/issues/196 +* Fix pre auth session id tracking if the intermediate token messages return 0 as the session id ## 1.10.0 - 2022-11-07 diff --git a/requirements-dev.txt b/requirements-dev.txt index c4c948f2..3c87357a 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -7,4 +7,4 @@ pyspnego pytest pytest-cov pytest-mock -tox \ No newline at end of file +tox diff --git a/src/smbprotocol/session.py b/src/smbprotocol/session.py index e35884ec..b8794d34 100644 --- a/src/smbprotocol/session.py +++ b/src/smbprotocol/session.py @@ -276,6 +276,7 @@ def connect(self): raise SMBAuthenticationError("Failed to authenticate with server: %s" % str(err.message)) self.connection.preauth_session_table[self.session_id] = self + in_token = self.connection.gss_negotiate_token if self.auth_protocol != "negotiate": in_token = None # The GSS Negotiate Token can only be used for Negotiate auth. @@ -307,11 +308,11 @@ def connect(self): # If this is the first time we received the actual session_id, update the preauth table with the server # assigned id. session_id = response["session_id"].get_value() - if self.session_id < 0: + if self.session_id < 0 and session_id: del self.connection.preauth_session_table[self.session_id] self.connection.preauth_session_table[session_id] = self - self.session_id = session_id + self.session_id = session_id setup_response = SMB2SessionSetupResponse() setup_response.unpack(response["data"].get_value())