session: ensure past linked sessions are not active

ellemouton · ellemouton · commit 3b5007c3994c · 2023-08-30T12:34:29.000+02:00
This commit adds logic to the CreateSession method that checks that a
all the past sessions in a linked set are no longer active.
diff --git a/session/store.go b/session/store.go
@@ -85,15 +85,54 @@ func (db *DB) CreateSession(session *Session) error {
 
 		// If this is a linked session (meaning the group ID is
 		// different from the ID) the make sure that the Group ID of
-		// this session is an ID known by the store. We can do this by
-		// checking that an entry for this ID exists in the id-to-key
-		// index.
+		// this session is an ID known by the store. We also need to
+		// check that all older sessions in this group have been
+		// revoked.
 		if session.ID != session.GroupID {
 			_, err = getKeyForID(sessionBucket, session.GroupID)
 			if err != nil {
 				return fmt.Errorf("unknown linked session "+
 					"%x: %w", session.GroupID, err)
 			}
+
+			// Fetch all the session IDs for this group. This will
+			// through an error if this group does not exist.
+			sessionIDs, err := getSessionIDs(
+				sessionBucket, session.GroupID,
+			)
+			if err != nil {
+				return err
+			}
+
+			for _, id := range sessionIDs {
+				keyBytes, err := getKeyForID(
+					sessionBucket, id,
+				)
+				if err != nil {
+					return err
+				}
+
+				v := sessionBucket.Get(keyBytes)
+				if len(v) == 0 {
+					return ErrSessionNotFound
+				}
+
+				sess, err := DeserializeSession(
+					bytes.NewReader(v),
+				)
+				if err != nil {
+					return err
+				}
+
+				// Ensure that the session is no longer active.
+				if sess.State == StateCreated ||
+					sess.State == StateInUse {
+
+					return fmt.Errorf("session (id=%x) "+
+						"in group %x is still active",
+						sess.ID, sess.GroupID)
+				}
+			}
 		}
 
 		// Add the mapping from session ID to session key to the ID
@@ -390,7 +429,12 @@ func (db *DB) GetSessionIDs(groupID ID) ([]ID, error) {
 		err        error
 	)
 	err = db.View(func(tx *bbolt.Tx) error {
-		sessionIDs, err = getSessionIDs(tx, groupID)
+		sessionBkt, err := getBucket(tx, sessionBucketKey)
+		if err != nil {
+			return err
+		}
+
+		sessionIDs, err = getSessionIDs(sessionBkt, groupID)
 
 		return err
 	})
@@ -419,7 +463,7 @@ func (db *DB) CheckSessionGroupPredicate(groupID ID,
 			return err
 		}
 
-		sessionIDs, err := getSessionIDs(tx, groupID)
+		sessionIDs, err := getSessionIDs(sessionBkt, groupID)
 		if err != nil {
 			return err
 		}
@@ -461,14 +505,9 @@ func (db *DB) CheckSessionGroupPredicate(groupID ID,
 }
 
 // getSessionIDs returns all the session IDs associated with the given group ID.
-func getSessionIDs(tx *bbolt.Tx, groupID ID) ([]ID, error) {
+func getSessionIDs(sessionBkt *bbolt.Bucket, groupID ID) ([]ID, error) {
 	var sessionIDs []ID
 
-	sessionBkt, err := getBucket(tx, sessionBucketKey)
-	if err != nil {
-		return nil, err
-	}
-
 	groupIndexBkt := sessionBkt.Bucket(groupIDIndexKey)
 	if groupIndexBkt == nil {
 		return nil, ErrDBInitErr
@@ -486,7 +525,7 @@ func getSessionIDs(tx *bbolt.Tx, groupID ID) ([]ID, error) {
 			groupID)
 	}
 
-	err = sessionIDsBkt.ForEach(func(_,
+	err := sessionIDsBkt.ForEach(func(_,
 		sessionIDBytes []byte) error {
 
 		var sessionID ID
diff --git a/session/store_test.go b/session/store_test.go
@@ -108,6 +108,15 @@ func TestLinkingSessions(t *testing.T) {
 	// Now persist the first session and retry persisting the second one
 	// and assert that this now works.
 	require.NoError(t, db.CreateSession(s1))
+
+	// Persisting the second session immediately should fail due to the
+	// first session still being active.
+	require.ErrorContains(t, db.CreateSession(s2), "is still active")
+
+	// Revoke the first session.
+	require.NoError(t, db.RevokeSession(s1.LocalPublicKey))
+
+	// Persisting the second linked session should now work.
 	require.NoError(t, db.CreateSession(s2))
 }
 
@@ -132,7 +141,11 @@ func TestLinkedSessions(t *testing.T) {
 
 	// Persist the sessions.
 	require.NoError(t, db.CreateSession(s1))
+
+	require.NoError(t, db.RevokeSession(s1.LocalPublicKey))
 	require.NoError(t, db.CreateSession(s2))
+
+	require.NoError(t, db.RevokeSession(s2.LocalPublicKey))
 	require.NoError(t, db.CreateSession(s3))
 
 	// Assert that the session ID to group ID index works as expected.
@@ -157,6 +170,8 @@ func TestLinkedSessions(t *testing.T) {
 
 	// Persist the sessions.
 	require.NoError(t, db.CreateSession(s4))
+	require.NoError(t, db.RevokeSession(s4.LocalPublicKey))
+
 	require.NoError(t, db.CreateSession(s5))
 
 	// Assert that the session ID to group ID index works as expected.
@@ -208,6 +223,9 @@ func TestCheckSessionGroupPredicate(t *testing.T) {
 	require.NoError(t, err)
 	require.False(t, ok)
 
+	// Revoke the first session.
+	require.NoError(t, db.RevokeSession(s1.LocalPublicKey))
+
 	// Add a new session to the same group as the first one.
 	s2 := newSession(t, db, "label 2", &s1.GroupID)
 	require.NoError(t, db.CreateSession(s2))
