From 43761ef482e86bb2027b67d151f413716e333297 Mon Sep 17 00:00:00 2001
From: Michael Jumper <mjumper@apache.org>
Date: Thu, 21 Jul 2016 15:16:09 -0700
Subject: [PATCH] GUACAMOLE-5: Verify sharing profile belongs to the requested
 connection.

---
 .../auth/jdbc/sharing/ConnectionSharingService.java        | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java
index 8af3ac32a..7b97f5701 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java
@@ -24,6 +24,7 @@ import java.util.Collections;
 import javax.servlet.http.HttpServletRequest;
 import org.apache.guacamole.auth.jdbc.user.AuthenticatedUser;
 import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleSecurityException;
 import org.apache.guacamole.auth.jdbc.activeconnection.TrackedActiveConnection;
 import org.apache.guacamole.auth.jdbc.sharingprofile.ModeledSharingProfile;
 import org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileService;
@@ -105,6 +106,12 @@ public class ConnectionSharingService {
                 sharingProfileService.retrieveObject(user,
                         sharingProfileIdentifier);
 
+        // Verify that this profile is indeed a sharing profile for the
+        // requested connection
+        String connectionIdentifier = activeConnection.getConnectionIdentifier();
+        if (sharingProfile == null || !sharingProfile.getPrimaryConnectionIdentifier().equals(connectionIdentifier))
+            throw new GuacamoleSecurityException("Permission denied.");
+
         // Generate a share key for the requested connection
         String key = keyGenerator.getShareKey();
         connectionMap.put(key, new SharedConnectionDefinition(activeConnection,