Context Navigation

source: branches/samba-3.2.x/source/smbd/session.c

Visit:

Last change on this file was 228, checked in by Herwig Bauernfeind, 16 years ago
Update 3.2 branch to 3.2.6
File size: 8.5 KB

Rev	Line
[228]	1	/*
	2	Unix SMB/CIFS implementation.
	3	session handling for utmp and PAM
	4
	5	Copyright (C) tridge@samba.org 2001
	6	Copyright (C) abartlet@samba.org 2001
	7	Copyright (C) Gerald (Jerry) Carter 2006
	8
	9	This program is free software; you can redistribute it and/or modify
	10	it under the terms of the GNU General Public License as published by
	11	the Free Software Foundation; either version 3 of the License, or
	12	(at your option) any later version.
	13
	14	This program is distributed in the hope that it will be useful,
	15	but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	17	GNU General Public License for more details.
	18
	19	You should have received a copy of the GNU General Public License
	20	along with this program. If not, see <http://www.gnu.org/licenses/>.
	21	*/
	22
	23	/* a "session" is claimed when we do a SessionSetupX operation
	24	and is yielded when the corresponding vuid is destroyed.
	25
	26	sessions are used to populate utmp and PAM session structures
	27	*/
	28
	29	#include "includes.h"
	30
	31	/********************************************************************
	32	********************************************************************/
	33
	34	static struct db_context *session_db_ctx(void)
	35	{
	36	static struct db_context *ctx;
	37
	38	if (ctx)
	39	return ctx;
	40
	41	ctx = db_open(NULL, lock_path("sessionid.tdb"), 0,
	42	TDB_CLEAR_IF_FIRST\|TDB_DEFAULT,
	43	O_RDWR \| O_CREAT, 0644);
	44	return ctx;
	45	}
	46
	47	bool session_init(void)
	48	{
	49	if (session_db_ctx() == NULL) {
	50	DEBUG(1,("session_init: failed to open sessionid tdb\n"));
	51	return False;
	52	}
	53
	54	return True;
	55	}
	56
	57	/********************************************************************
	58	called when a session is created
	59	********************************************************************/
	60
	61	bool session_claim(user_struct *vuser)
	62	{
	63	TDB_DATA key, data;
	64	int i = 0;
	65	struct sessionid sessionid;
	66	struct server_id pid = procid_self();
	67	fstring keystr;
	68	const char * hostname;
	69	struct db_context *ctx;
	70	struct db_record *rec;
	71	NTSTATUS status;
	72	char addr[INET6_ADDRSTRLEN];
	73
	74	vuser->session_keystr = NULL;
	75
	76	/* don't register sessions for the guest user - its just too
	77	expensive to go through pam session code for browsing etc */
	78	if (vuser->guest) {
	79	return True;
	80	}
	81
	82	if (!(ctx = session_db_ctx())) {
	83	return False;
	84	}
	85
	86	ZERO_STRUCT(sessionid);
	87
	88	data.dptr = NULL;
	89	data.dsize = 0;
	90
	91	if (lp_utmp()) {
	92
	93	for (i=1;i<MAX_SESSION_ID;i++) {
	94
	95	/*
	96	* This is very inefficient and needs fixing -- vl
	97	*/
	98
	99	struct server_id sess_pid;
	100
	101	snprintf(keystr, sizeof(keystr), "ID/%d", i);
	102	key = string_term_tdb_data(keystr);
	103
	104	rec = ctx->fetch_locked(ctx, NULL, key);
	105
	106	if (rec == NULL) {
	107	DEBUG(1, ("Could not lock \"%s\"\n", keystr));
	108	return False;
	109	}
	110
	111	if (rec->value.dsize != sizeof(sessionid)) {
	112	DEBUG(1, ("Re-using invalid record\n"));
	113	break;
	114	}
	115
	116	memcpy(&sess_pid,
	117	((char *)rec->value.dptr)
	118	+ offsetof(struct sessionid, pid),
	119	sizeof(sess_pid));
	120
	121	if (!process_exists(sess_pid)) {
	122	DEBUG(5, ("%s has died -- re-using session\n",
	123	procid_str_static(&sess_pid)));
	124	break;
	125	}
	126
	127	TALLOC_FREE(rec);
	128	}
	129
	130	if (i == MAX_SESSION_ID) {
	131	SMB_ASSERT(rec == NULL);
	132	DEBUG(1,("session_claim: out of session IDs "
	133	"(max is %d)\n", MAX_SESSION_ID));
	134	return False;
	135	}
	136
	137	snprintf(sessionid.id_str, sizeof(sessionid.id_str),
	138	SESSION_UTMP_TEMPLATE, i);
	139	} else
	140	{
	141	snprintf(keystr, sizeof(keystr), "ID/%s/%u",
	142	procid_str_static(&pid), vuser->vuid);
	143	key = string_term_tdb_data(keystr);
	144
	145	rec = ctx->fetch_locked(ctx, NULL, key);
	146
	147	if (rec == NULL) {
	148	DEBUG(1, ("Could not lock \"%s\"\n", keystr));
	149	return False;
	150	}
	151
	152	snprintf(sessionid.id_str, sizeof(sessionid.id_str),
	153	SESSION_TEMPLATE, (long unsigned int)sys_getpid(),
	154	vuser->vuid);
	155	}
	156
	157	SMB_ASSERT(rec != NULL);
	158
	159	/* If 'hostname lookup' == yes, then do the DNS lookup. This is
	160	needed because utmp and PAM both expect DNS names
	161
	162	client_name() handles this case internally.
	163	*/
	164
	165	hostname = client_name(get_client_fd());
	166	if (strcmp(hostname, "UNKNOWN") == 0) {
	167	hostname = client_addr(get_client_fd(),addr,sizeof(addr));
	168	}
	169
	170	fstrcpy(sessionid.username, vuser->user.unix_name);
	171	fstrcpy(sessionid.hostname, hostname);
	172	sessionid.id_num = i; /* Only valid for utmp sessions */
	173	sessionid.pid = pid;
	174	sessionid.uid = vuser->uid;
	175	sessionid.gid = vuser->gid;
	176	fstrcpy(sessionid.remote_machine, get_remote_machine_name());
	177	fstrcpy(sessionid.ip_addr_str,
	178	client_addr(get_client_fd(),addr,sizeof(addr)));
	179	sessionid.connect_start = time(NULL);
	180
	181	if (!smb_pam_claim_session(sessionid.username, sessionid.id_str,
	182	sessionid.hostname)) {
	183	DEBUG(1,("pam_session rejected the session for %s [%s]\n",
	184	sessionid.username, sessionid.id_str));
	185
	186	TALLOC_FREE(rec);
	187	return False;
	188	}
	189
	190	data.dptr = (uint8 *)&sessionid;
	191	data.dsize = sizeof(sessionid);
	192
	193	status = rec->store(rec, data, TDB_REPLACE);
	194
	195	TALLOC_FREE(rec);
	196
	197	if (!NT_STATUS_IS_OK(status)) {
	198	DEBUG(1,("session_claim: unable to create session id "
	199	"record: %s\n", nt_errstr(status)));
	200	return False;
	201	}
	202
	203	if (lp_utmp()) {
	204	sys_utmp_claim(sessionid.username, sessionid.hostname,
	205	sessionid.ip_addr_str,
	206	sessionid.id_str, sessionid.id_num);
	207	}
	208
	209	vuser->session_keystr = talloc_strdup(vuser, keystr);
	210	if (!vuser->session_keystr) {
	211	DEBUG(0, ("session_claim: talloc_strdup() failed for session_keystr\n"));
	212	return False;
	213	}
	214	return True;
	215	}
	216
	217	/********************************************************************
	218	called when a session is destroyed
	219	********************************************************************/
	220
	221	void session_yield(user_struct *vuser)
	222	{
	223	TDB_DATA key;
	224	struct sessionid sessionid;
	225	struct db_context *ctx;
	226	struct db_record *rec;
	227
	228	if (!(ctx = session_db_ctx())) return;
	229
	230	if (!vuser->session_keystr) {
	231	return;
	232	}
	233
	234	key = string_term_tdb_data(vuser->session_keystr);
	235
	236	if (!(rec = ctx->fetch_locked(ctx, NULL, key))) {
	237	return;
	238	}
	239
	240	if (rec->value.dsize != sizeof(sessionid))
	241	return;
	242
	243	memcpy(&sessionid, rec->value.dptr, sizeof(sessionid));
	244
	245	if (lp_utmp()) {
	246	sys_utmp_yield(sessionid.username, sessionid.hostname,
	247	sessionid.ip_addr_str,
	248	sessionid.id_str, sessionid.id_num);
	249	}
	250
	251	smb_pam_close_session(sessionid.username, sessionid.id_str,
	252	sessionid.hostname);
	253
	254	rec->delete_rec(rec);
	255
	256	TALLOC_FREE(rec);
	257	}
	258
	259	/********************************************************************
	260	********************************************************************/
	261
	262	static bool session_traverse(int (fn)(struct db_record db,
	263	void *private_data),
	264	void *private_data)
	265	{
	266	struct db_context *ctx;
	267
	268	if (!(ctx = session_db_ctx())) {
	269	DEBUG(3, ("No tdb opened\n"));
	270	return False;
	271	}
	272
	273	ctx->traverse_read(ctx, fn, private_data);
	274	return True;
	275	}
	276
	277	/********************************************************************
	278	********************************************************************/
	279
	280	struct session_list {
	281	TALLOC_CTX *mem_ctx;
	282	int count;
	283	struct sessionid *sessions;
	284	};
	285
	286	static int gather_sessioninfo(struct db_record rec, void state)
	287	{
	288	struct session_list sesslist = (struct session_list ) state;
	289	const struct sessionid *current =
	290	(const struct sessionid *) rec->value.dptr;
	291
	292	sesslist->sessions = TALLOC_REALLOC_ARRAY(
	293	sesslist->mem_ctx, sesslist->sessions, struct sessionid,
	294	sesslist->count+1);
	295
	296	if (!sesslist->sessions) {
	297	sesslist->count = 0;
	298	return -1;
	299	}
	300
	301	memcpy(&sesslist->sessions[sesslist->count], current,
	302	sizeof(struct sessionid));
	303
	304	sesslist->count++;
	305
	306	DEBUG(7,("gather_sessioninfo session from %s@%s\n",
	307	current->username, current->remote_machine));
	308
	309	return 0;
	310	}
	311
	312	/********************************************************************
	313	********************************************************************/
	314
	315	int list_sessions(TALLOC_CTX mem_ctx, struct sessionid *session_list)
	316	{
	317	struct session_list sesslist;
	318
	319	sesslist.mem_ctx = mem_ctx;
	320	sesslist.count = 0;
	321	sesslist.sessions = NULL;
	322
	323	if (!session_traverse(gather_sessioninfo, (void *) &sesslist)) {
	324	DEBUG(3, ("Session traverse failed\n"));
	325	SAFE_FREE(sesslist.sessions);
	326	*session_list = NULL;
	327	return 0;
	328	}
	329
	330	*session_list = sesslist.sessions;
	331	return sesslist.count;
	332	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: