Fix intermediate session id preauth tracking

On some hosts, the SESSION_SETUP_RESPONSE message that are not complete may not set the new session id on the response. This causes problems when the session is finalised as it tries to lookup the session based on the session id allocated in the last message which won't line up with any intermediate messages with a session id of 0. The fix is to not update the session id tracker for the first SESSION_SETUP_RESPONSE message but rather the last message where the session id will actually be allocated.
jborean93 · Nov 8, 2022 · 4c8b600 · 4c8b600
1 parent a885356
commit 4c8b600
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## 1.10.1 - TBD
+
+* Fix pre auth session id tracking if the intermediate token messages return 0 as the session id
+
 ## 1.10.0 - 2022-11-07
 
 * Require Python 3.7 or newer (dropped 3.6)

diff --git a/pyproject.toml b/pyproject.toml
@@ -6,7 +6,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "smbprotocol"
-version = "1.10.0"
+version = "1.10.1"
 description = "Interact with a server using the SMB 2/3 Protocol"
 readme = "README.md"
 requires-python = ">=3.7"

diff --git a/requirements-dev.txt b/requirements-dev.txt
@@ -7,4 +7,4 @@ pyspnego
 pytest
 pytest-cov
 pytest-mock
-tox
+tox
diff --git a/src/smbprotocol/session.py b/src/smbprotocol/session.py
@@ -276,6 +276,7 @@ def connect(self):
             raise SMBAuthenticationError("Failed to authenticate with server: %s" % str(err.message))
 
         self.connection.preauth_session_table[self.session_id] = self
+
         in_token = self.connection.gss_negotiate_token
         if self.auth_protocol != "negotiate":
             in_token = None  # The GSS Negotiate Token can only be used for Negotiate auth.
@@ -307,11 +308,11 @@ def connect(self):
             # If this is the first time we received the actual session_id, update the preauth table with the server
             # assigned id.
             session_id = response["session_id"].get_value()
-            if self.session_id < 0:
+            if self.session_id < 0 and session_id:
                 del self.connection.preauth_session_table[self.session_id]
                 self.connection.preauth_session_table[session_id] = self
 
-            self.session_id = session_id
+                self.session_id = session_id
 
             setup_response = SMB2SessionSetupResponse()
             setup_response.unpack(response["data"].get_value())
-Original file line number
+Diff line change
@@ Expand Up / @@ -7,4 +7,4 @@ pyspnego @@
     pytest
     pytest-cov
     pytest-mock
-    tox
+    tox