s3: Abstract access to sessionid.tdb, similar to conn_tdb.c
[ira/wip.git] / source3 / smbd / session.c
1 /* 
2    Unix SMB/CIFS implementation.
3    session handling for utmp and PAM
4
5    Copyright (C) tridge@samba.org       2001
6    Copyright (C) abartlet@samba.org     2001
7    Copyright (C) Gerald (Jerry) Carter  2006   
8    
9    This program is free software; you can redistribute it and/or modify
10    it under the terms of the GNU General Public License as published by
11    the Free Software Foundation; either version 3 of the License, or
12    (at your option) any later version.
13    
14    This program is distributed in the hope that it will be useful,
15    but WITHOUT ANY WARRANTY; without even the implied warranty of
16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17    GNU General Public License for more details.
18    
19    You should have received a copy of the GNU General Public License
20    along with this program.  If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 /* a "session" is claimed when we do a SessionSetupX operation
24    and is yielded when the corresponding vuid is destroyed.
25
26    sessions are used to populate utmp and PAM session structures
27 */
28
29 #include "includes.h"
30 #include "smbd/globals.h"
31
32 /********************************************************************
33  called when a session is created
34 ********************************************************************/
35
36 bool session_claim(user_struct *vuser)
37 {
38         TDB_DATA data;
39         int i = 0;
40         struct sessionid sessionid;
41         struct server_id pid = procid_self();
42         fstring keystr;
43         const char * hostname;
44         struct db_record *rec;
45         NTSTATUS status;
46         char addr[INET6_ADDRSTRLEN];
47
48         vuser->session_keystr = NULL;
49
50         /* don't register sessions for the guest user - its just too
51            expensive to go through pam session code for browsing etc */
52         if (vuser->server_info->guest) {
53                 return True;
54         }
55
56         if (!sessionid_init()) {
57                 return False;
58         }
59
60         ZERO_STRUCT(sessionid);
61
62         data.dptr = NULL;
63         data.dsize = 0;
64
65         if (lp_utmp()) {
66
67                 for (i=1;i<MAX_SESSION_ID;i++) {
68
69                         /*
70                          * This is very inefficient and needs fixing -- vl
71                          */
72
73                         struct server_id sess_pid;
74
75                         snprintf(keystr, sizeof(keystr), "ID/%d", i);
76
77                         rec = sessionid_fetch_record(NULL, keystr);
78                         if (rec == NULL) {
79                                 DEBUG(1, ("Could not lock \"%s\"\n", keystr));
80                                 return False;
81                         }
82
83                         if (rec->value.dsize != sizeof(sessionid)) {
84                                 DEBUG(1, ("Re-using invalid record\n"));
85                                 break;
86                         }
87
88                         memcpy(&sess_pid,
89                                ((char *)rec->value.dptr)
90                                + offsetof(struct sessionid, pid),
91                                sizeof(sess_pid));
92
93                         if (!process_exists(sess_pid)) {
94                                 DEBUG(5, ("%s has died -- re-using session\n",
95                                           procid_str_static(&sess_pid)));
96                                 break;
97                         }
98
99                         TALLOC_FREE(rec);
100                 }
101
102                 if (i == MAX_SESSION_ID) {
103                         SMB_ASSERT(rec == NULL);
104                         DEBUG(1,("session_claim: out of session IDs "
105                                  "(max is %d)\n", MAX_SESSION_ID));
106                         return False;
107                 }
108
109                 snprintf(sessionid.id_str, sizeof(sessionid.id_str),
110                          SESSION_UTMP_TEMPLATE, i);
111         } else
112         {
113                 snprintf(keystr, sizeof(keystr), "ID/%s/%u",
114                          procid_str_static(&pid), vuser->vuid);
115
116                 rec = sessionid_fetch_record(NULL, keystr);
117                 if (rec == NULL) {
118                         DEBUG(1, ("Could not lock \"%s\"\n", keystr));
119                         return False;
120                 }
121
122                 snprintf(sessionid.id_str, sizeof(sessionid.id_str),
123                          SESSION_TEMPLATE, (long unsigned int)sys_getpid(),
124                          vuser->vuid);
125         }
126
127         SMB_ASSERT(rec != NULL);
128
129         /* If 'hostname lookup' == yes, then do the DNS lookup.  This is
130            needed because utmp and PAM both expect DNS names
131
132            client_name() handles this case internally.
133         */
134
135         hostname = client_name(get_client_fd());
136         if (strcmp(hostname, "UNKNOWN") == 0) {
137                 hostname = client_addr(get_client_fd(),addr,sizeof(addr));
138         }
139
140         fstrcpy(sessionid.username, vuser->server_info->unix_name);
141         fstrcpy(sessionid.hostname, hostname);
142         sessionid.id_num = i;  /* Only valid for utmp sessions */
143         sessionid.pid = pid;
144         sessionid.uid = vuser->server_info->utok.uid;
145         sessionid.gid = vuser->server_info->utok.gid;
146         fstrcpy(sessionid.remote_machine, get_remote_machine_name());
147         fstrcpy(sessionid.ip_addr_str,
148                 client_addr(get_client_fd(),addr,sizeof(addr)));
149         sessionid.connect_start = time(NULL);
150
151         if (!smb_pam_claim_session(sessionid.username, sessionid.id_str,
152                                    sessionid.hostname)) {
153                 DEBUG(1,("pam_session rejected the session for %s [%s]\n",
154                                 sessionid.username, sessionid.id_str));
155
156                 TALLOC_FREE(rec);
157                 return False;
158         }
159
160         data.dptr = (uint8 *)&sessionid;
161         data.dsize = sizeof(sessionid);
162
163         status = rec->store(rec, data, TDB_REPLACE);
164
165         TALLOC_FREE(rec);
166
167         if (!NT_STATUS_IS_OK(status)) {
168                 DEBUG(1,("session_claim: unable to create session id "
169                          "record: %s\n", nt_errstr(status)));
170                 return False;
171         }
172
173         if (lp_utmp()) {
174                 sys_utmp_claim(sessionid.username, sessionid.hostname,
175                                sessionid.ip_addr_str,
176                                sessionid.id_str, sessionid.id_num);
177         }
178
179         vuser->session_keystr = talloc_strdup(vuser, keystr);
180         if (!vuser->session_keystr) {
181                 DEBUG(0, ("session_claim:  talloc_strdup() failed for session_keystr\n"));
182                 return False;
183         }
184         return True;
185 }
186
187 /********************************************************************
188  called when a session is destroyed
189 ********************************************************************/
190
191 void session_yield(user_struct *vuser)
192 {
193         struct sessionid sessionid;
194         struct db_record *rec;
195
196         if (!vuser->session_keystr) {
197                 return;
198         }
199
200         rec = sessionid_fetch_record(NULL, vuser->session_keystr);
201         if (rec == NULL) {
202                 return;
203         }
204
205         if (rec->value.dsize != sizeof(sessionid))
206                 return;
207
208         memcpy(&sessionid, rec->value.dptr, sizeof(sessionid));
209
210         if (lp_utmp()) {
211                 sys_utmp_yield(sessionid.username, sessionid.hostname, 
212                                sessionid.ip_addr_str,
213                                sessionid.id_str, sessionid.id_num);
214         }
215
216         smb_pam_close_session(sessionid.username, sessionid.id_str,
217                               sessionid.hostname);
218
219         rec->delete_rec(rec);
220
221         TALLOC_FREE(rec);
222 }
223
224 /********************************************************************
225 ********************************************************************/
226
227 struct session_list {
228         TALLOC_CTX *mem_ctx;
229         int count;
230         struct sessionid *sessions;
231 };
232
233 static int gather_sessioninfo(const char *key, struct sessionid *session,
234                               void *private_data)
235 {
236         struct session_list *sesslist = (struct session_list *)private_data;
237
238         sesslist->sessions = TALLOC_REALLOC_ARRAY(
239                 sesslist->mem_ctx, sesslist->sessions, struct sessionid,
240                 sesslist->count+1);
241
242         if (!sesslist->sessions) {
243                 sesslist->count = 0;
244                 return -1;
245         }
246
247         memcpy(&sesslist->sessions[sesslist->count], session,
248                sizeof(struct sessionid));
249
250         sesslist->count++;
251
252         DEBUG(7, ("gather_sessioninfo session from %s@%s\n",
253                   session->username, session->remote_machine));
254
255         return 0;
256 }
257
258 /********************************************************************
259 ********************************************************************/
260
261 int list_sessions(TALLOC_CTX *mem_ctx, struct sessionid **session_list)
262 {
263         struct session_list sesslist;
264         int ret;
265
266         sesslist.mem_ctx = mem_ctx;
267         sesslist.count = 0;
268         sesslist.sessions = NULL;
269
270         ret = sessionid_traverse_read(gather_sessioninfo, (void *) &sesslist);
271         if (ret == -1) {
272                 DEBUG(3, ("Session traverse failed\n"));
273                 SAFE_FREE(sesslist.sessions);
274                 *session_list = NULL;
275                 return 0;
276         }
277
278         *session_list = sesslist.sessions;
279         return sesslist.count;
280 }