2 Unix SMB/CIFS implementation.
3 Password and authentication handling
4 Copyright (C) Andrew Tridgell 1992-1998
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 /****************************************************************************
25 check if a uid has been validated, and return an pointer to the user_struct
26 if it has. NULL if not. vuid is biased by an offset. This allows us to
27 tell random client vuid's (normally zero) from valid vuids.
28 ****************************************************************************/
29 struct smbsrv_session *smbsrv_session_find(struct smbsrv_connection *smb_conn, uint16_t vuid)
31 struct smbsrv_session *sess;
34 if (vuid == UID_FIELD_INVALID)
37 for (sess=smb_conn->sessions.session_list; sess; sess=sess->next,count++) {
38 if (vuid == sess->vuid) {
40 DLIST_PROMOTE(smb_conn->sessions.session_list, sess);
49 /****************************************************************************
51 ****************************************************************************/
52 void smbsrv_invalidate_vuid(struct smbsrv_connection *smb_conn, uint16_t vuid)
54 struct smbsrv_session *sess = smbsrv_session_find(smb_conn, vuid);
61 free_session_info(&sess->session_info);
63 DLIST_REMOVE(smb_conn->sessions.session_list, sess);
65 /* clear the vuid from the 'cache' on each connection, and
66 from the vuid 'owner' of connections */
67 /* REWRITE: conn_clear_vuid_cache(smb, vuid); */
69 smb_conn->sessions.num_validated_vuids--;
72 /****************************************************************************
73 invalidate all vuid entries for this process
74 ****************************************************************************/
75 void smbsrv_invalidate_all_vuids(struct smbsrv_connection *smb_conn)
77 struct smbsrv_session *sess,*next=NULL;
79 for (sess=smb_conn->sessions.session_list; sess; sess=next) {
82 smbsrv_invalidate_vuid(smb_conn, sess->vuid);
87 * register that a valid login has been performed, establish 'session'.
88 * @param session_info The token returned from the authentication process (if the authentication has completed)
89 * (now 'owned' by register_vuid)
91 * @param smb_name The untranslated name of the user
93 * @return Newly allocated vuid, biased by an offset. (This allows us to
94 * tell random client vuid's (normally zero) from valid vuids.)
98 uint16_t smbsrv_register_session(struct smbsrv_connection *smb_conn,
99 struct auth_session_info *session_info,
100 struct gensec_security *gensec_ctx)
102 struct smbsrv_session *sess = NULL;
104 sess = talloc_p(smb_conn->mem_ctx, struct smbsrv_session);
106 DEBUG(0,("talloc_p(smb_conn->mem_ctx, struct smbsrv_session) failed\n"));
107 return UID_FIELD_INVALID;
111 sess->vuid = UID_FIELD_INVALID;
113 /* Ensure no vuid gets registered in share level security. */
114 /* TODO: replace lp_security with a flag in smbsrv_connection */
115 if(lp_security() == SEC_SHARE)
118 /* Limit allowed vuids to 16bits - VUID_OFFSET. */
119 if (smb_conn->sessions.num_validated_vuids >= 0xFFFF-VUID_OFFSET)
122 /* Allocate a free vuid. Yes this is a linear search... :-) */
123 while (smbsrv_session_find(smb_conn, smb_conn->sessions.next_vuid) != NULL ) {
124 smb_conn->sessions.next_vuid++;
125 /* Check for vuid wrap. */
126 if (smb_conn->sessions.next_vuid == UID_FIELD_INVALID)
127 smb_conn->sessions.next_vuid = VUID_OFFSET;
130 DEBUG(10,("register_vuid: allocated vuid = %u\n",
131 (uint_t)smb_conn->sessions.next_vuid));
133 sess->vuid = smb_conn->sessions.next_vuid;
134 smb_conn->sessions.next_vuid++;
135 smb_conn->sessions.num_validated_vuids++;
137 /* use this to keep tabs on all our info from the authentication */
138 sess->session_info = session_info;
139 sess->gensec_ctx = gensec_ctx;
141 sess->smb_conn = smb_conn;
142 DLIST_ADD(smb_conn->sessions.session_list, sess);
144 /* we only need to do session_claim() when the session_setup is complete
145 * for spnego session_info is NULL the first time
147 if (session_info && !session_claim(sess)) {
148 DEBUG(1,("Failed to claim session for vuid=%d\n", sess->vuid));
149 smbsrv_invalidate_vuid(smb_conn, sess->vuid);
150 return UID_FIELD_INVALID;