From 6e2cc327688e8faaed855bf7d14d93d13bbb1748 Mon Sep 17 00:00:00 2001
From: Evgenii Stratonikov <e.stratonikov@yadro.com>
Date: Wed, 24 Jan 2024 13:56:12 +0300
Subject: [PATCH] [#681] objsvc: Validate session token owner for local
 sessions

Previously, the check was in place only when session token was missing.
Format validator checks are applied only to fully-prepared object, so
this lead to the following situation:
1. Object is put locally with malformed token, because there are no
   checks.
2. Object cannot be replicated, because the token is malformed.

This is now fixed and token check is done before any payload receival.

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
---
 pkg/services/object/put/streamer.go | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/pkg/services/object/put/streamer.go b/pkg/services/object/put/streamer.go
index a9abe407..90d580a1 100644
--- a/pkg/services/object/put/streamer.go
+++ b/pkg/services/object/put/streamer.go
@@ -110,18 +110,22 @@ func (p *Streamer) initTrustedTarget(prm *PutInitPrm) error {
 
 	// In case session token is missing, the line above returns the default key.
 	// If it isn't owner key, replication attempts will fail, thus this check.
-	if sToken == nil {
-		ownerObj := prm.hdr.OwnerID()
-		if ownerObj.IsEmpty() {
-			return errors.New("missing object owner")
-		}
+	ownerObj := prm.hdr.OwnerID()
+	if ownerObj.IsEmpty() {
+		return errors.New("missing object owner")
+	}
 
+	if sToken == nil {
 		var ownerSession user.ID
 		user.IDFromKey(&ownerSession, sessionKey.PublicKey)
 
 		if !ownerObj.Equals(ownerSession) {
 			return fmt.Errorf("(%T) session token is missing but object owner id is different from the default key", p)
 		}
+	} else {
+		if !ownerObj.Equals(sessionInfo.Owner) {
+			return fmt.Errorf("(%T) different token issuer and object owner identifiers %s/%s", p, sessionInfo.Owner, ownerObj)
+		}
 	}
 
 	p.sessionKey = sessionKey