mirror of
https://github.com/TalAloni/SMBLibrary.git
synced 2025-04-30 02:37:49 +02:00
store AuthenticationContext and AccessToken in SecurityContext
This commit is contained in:
Tal Aloni
parent
a84226abb9
commit
0764237260
7 changed files with 25 additions and 18 deletions
|
|
@ -52,20 +52,20 @@ namespace SMBLibrary.Server
|
|||
return null;
|
||||
}
|
||||
|
||||
public SMB1Session CreateSession(ushort userID, string userName, string machineName)
|
||||
public SMB1Session CreateSession(ushort userID, string userName, string machineName, object accessToken)
|
||||
{
|
||||
SMB1Session session = new SMB1Session(this, userID, userName, machineName);
|
||||
SMB1Session session = new SMB1Session(this, userID, userName, machineName, accessToken);
|
||||
m_sessions.Add(userID, session);
|
||||
return session;
|
||||
}
|
||||
|
||||
/// <returns>null if all UserID values have already been allocated</returns>
|
||||
public SMB1Session CreateSession(string userName, string machineName)
|
||||
public SMB1Session CreateSession(string userName, string machineName, object accessToken)
|
||||
{
|
||||
ushort? userID = AllocateUserID();
|
||||
if (userID.HasValue)
|
||||
{
|
||||
return CreateSession(userID.Value, userName, machineName);
|
||||
return CreateSession(userID.Value, userName, machineName, accessToken);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,11 +29,11 @@ namespace SMBLibrary.Server
|
|||
private Dictionary<ushort, OpenSearch> m_openSearches = new Dictionary<ushort, OpenSearch>();
|
||||
private ushort m_nextSearchHandle = 1;
|
||||
|
||||
public SMB1Session(SMB1ConnectionState connection, ushort userID, string userName, string machineName)
|
||||
public SMB1Session(SMB1ConnectionState connection, ushort userID, string userName, string machineName, object accessToken)
|
||||
{
|
||||
m_connection = connection;
|
||||
m_userID = userID;
|
||||
m_securityContext = new SecurityContext(userName, machineName, connection.ClientEndPoint);
|
||||
m_securityContext = new SecurityContext(userName, machineName, connection.ClientEndPoint, connection.AuthenticationContext, accessToken);
|
||||
}
|
||||
|
||||
public ushort? AddConnectedTree(ISMBShare share)
|
||||
|
|
|
|||
|
|
@ -44,9 +44,9 @@ namespace SMBLibrary.Server
|
|||
return null;
|
||||
}
|
||||
|
||||
public SMB2Session CreateSession(ulong sessionID, string userName, string machineName)
|
||||
public SMB2Session CreateSession(ulong sessionID, string userName, string machineName, object accessToken)
|
||||
{
|
||||
SMB2Session session = new SMB2Session(this, sessionID, userName, machineName);
|
||||
SMB2Session session = new SMB2Session(this, sessionID, userName, machineName, accessToken);
|
||||
m_sessions.Add(sessionID, session);
|
||||
return session;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -28,11 +28,11 @@ namespace SMBLibrary.Server
|
|||
// Key is the persistent portion of the FileID
|
||||
private Dictionary<ulong, OpenSearch> m_openSearches = new Dictionary<ulong, OpenSearch>();
|
||||
|
||||
public SMB2Session(SMB2ConnectionState connecton, ulong sessionID, string userName, string machineName)
|
||||
public SMB2Session(SMB2ConnectionState connection, ulong sessionID, string userName, string machineName, object accessToken)
|
||||
{
|
||||
m_connection = connecton;
|
||||
m_connection = connection;
|
||||
m_sessionID = sessionID;
|
||||
m_securityContext = new SecurityContext(userName, machineName, connecton.ClientEndPoint);
|
||||
m_securityContext = new SecurityContext(userName, machineName, connection.ClientEndPoint, connection.AuthenticationContext, accessToken);
|
||||
}
|
||||
|
||||
private uint? AllocateTreeID()
|
||||
|
|
|
|||
|
|
@ -15,12 +15,16 @@ namespace SMBLibrary
|
|||
private string m_userName;
|
||||
private string m_machineName;
|
||||
private IPEndPoint m_clientEndPoint;
|
||||
public object AuthenticationContext;
|
||||
public object AccessToken;
|
||||
|
||||
public SecurityContext(string userName, string machineName, IPEndPoint clientEndPoint)
|
||||
public SecurityContext(string userName, string machineName, IPEndPoint clientEndPoint, object authenticationContext, object accessToken)
|
||||
{
|
||||
m_userName = userName;
|
||||
m_machineName = machineName;
|
||||
m_clientEndPoint = clientEndPoint;
|
||||
AuthenticationContext = authenticationContext;
|
||||
AccessToken = accessToken;
|
||||
}
|
||||
|
||||
public string UserName
|
||||
|
|
|
|||
|
|
@ -33,17 +33,18 @@ namespace SMBLibrary.Server.SMB1
|
|||
return new ErrorResponse(request.CommandName);
|
||||
}
|
||||
|
||||
object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
|
||||
bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
|
||||
SMB1Session session;
|
||||
if (!isGuest.HasValue || !isGuest.Value)
|
||||
{
|
||||
state.LogToServer(Severity.Information, "User '{0}' authenticated successfully.", message.UserName);
|
||||
session = state.CreateSession(message.UserName, message.WorkStation);
|
||||
session = state.CreateSession(message.UserName, message.WorkStation, accessToken);
|
||||
}
|
||||
else
|
||||
{
|
||||
state.LogToServer(Severity.Information, "User '{0}' failed authentication, logged in as guest.", message.UserName);
|
||||
session = state.CreateSession("Guest", message.WorkStation);
|
||||
session = state.CreateSession("Guest", message.WorkStation, accessToken);
|
||||
response.Action = SessionSetupAction.SetupGuest;
|
||||
}
|
||||
|
||||
|
|
@ -109,16 +110,17 @@ namespace SMBLibrary.Server.SMB1
|
|||
{
|
||||
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
|
||||
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
|
||||
object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
|
||||
bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
|
||||
if (!isGuest.HasValue || !isGuest.Value)
|
||||
{
|
||||
state.LogToServer(Severity.Information, "User '{0}' authenticated successfully.", userName);
|
||||
state.CreateSession(header.UID, userName, machineName);
|
||||
state.CreateSession(header.UID, userName, machineName, accessToken);
|
||||
}
|
||||
else
|
||||
{
|
||||
state.LogToServer(Severity.Information, "User '{0}' failed authentication, logged in as guest.", userName);
|
||||
state.CreateSession(header.UID, "Guest", machineName);
|
||||
state.CreateSession(header.UID, "Guest", machineName, accessToken);
|
||||
response.Action = SessionSetupAction.SetupGuest;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -55,16 +55,17 @@ namespace SMBLibrary.Server.SMB2
|
|||
{
|
||||
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
|
||||
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
|
||||
object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
|
||||
bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
|
||||
if (!isGuest.HasValue || !isGuest.Value)
|
||||
{
|
||||
state.LogToServer(Severity.Information, "User '{0}' authenticated successfully.", userName);
|
||||
state.CreateSession(request.Header.SessionID, userName, machineName);
|
||||
state.CreateSession(request.Header.SessionID, userName, machineName, accessToken);
|
||||
}
|
||||
else
|
||||
{
|
||||
state.LogToServer(Severity.Information, "User '{0}' failed authentication, logged in as guest.", userName);
|
||||
state.CreateSession(request.Header.SessionID, "Guest", machineName);
|
||||
state.CreateSession(request.Header.SessionID, "Guest", machineName, accessToken);
|
||||
response.SessionFlags = SessionFlags.IsGuest;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue