From 372ef358481bab5dcb3d4b34fab07409b935d485 Mon Sep 17 00:00:00 2001
From: David Sommerseth <dazo@users.sourceforge.net>
Date: Fri, 26 Sep 2008 07:09:26 +0200
Subject: BUGFIX: Made sure that eDBget_sessionkey_seed(...) only returns a
 sessionkey for sessions which is in open status (sessionstatus is 1 or 2).

When a client does a disconnect for session_A, the status of the session is 3,
as logged out but not yet deleted. In this status, the session is not deleted,
nor is the record in openvpn_sessionkeys for that sessions's sessionseed.

If the client then does a new reconnection (session_B) before the session is
deleted, it will get the sessionkey for the session which was just logged out,
session_A's sessionkey.  When OpenVPN then calls the learn_address function
to delete the session_A, that session will be closed.  This results in that
session_B will then do not match any open sessions at all, since session_A and
session_B shared the sessionseed to a sessionkey.

By changing the eDBget_sessionkey_seed(...) to check that the sessionstatus
is 1 or 2 (open session statuses), it should generate a new sessionkey for
the session_B, since no sessionkey would be returned for that sessionseed.
The destruction of the session (done via eurephia_learn_address(...)) will
still work, since this function uses the MAC address of the client and not
the sessionseed.
---
 database/sqlite/eurephiadb-sqlite.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'database/sqlite')

diff --git a/database/sqlite/eurephiadb-sqlite.c b/database/sqlite/eurephiadb-sqlite.c
index 926e94e..9c24c07 100644
--- a/database/sqlite/eurephiadb-sqlite.c
+++ b/database/sqlite/eurephiadb-sqlite.c
@@ -615,7 +615,12 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) {
                              "eDBget_sessionkey: No session seed given - cannot locate sessionkey");
                 return NULL;
         }
-        res = sqlite_query(ctx, "SELECT sessionkey FROM openvpn_sessionkeys WHERE sessionseed = '%q'", 
+        res = sqlite_query(ctx,
+                           "SELECT sessionkey "
+                           "  FROM openvpn_sessionkeys "
+                           "  JOIN openvpn_lastlog USING (sessionkey)"
+                           " WHERE sessionstatus IN (1,2)"
+                           "       AND sessionseed = '%q'",
                            sessionseed);
         if( res == NULL ) {
                 eurephia_log(ctx, LOG_CRITICAL, 0,"Could not retrieve sessionkey from openvpn_sessionkeys (%s)",
-- 
cgit