2 Unix SMB/CIFS implementation.
3 session handling for utmp and PAM
5 Copyright (C) tridge@samba.org 2001
6 Copyright (C) abartlet@samba.org 2001
7 Copyright (C) Gerald (Jerry) Carter 2006
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 /* a "session" is claimed when we do a SessionSetupX operation
25 and is yielded when the corresponding vuid is destroyed.
27 sessions are used to populate utmp and PAM session structures
32 static TDB_CONTEXT *tdb;
34 /********************************************************************
35 ********************************************************************/
37 BOOL session_init(void)
42 tdb = tdb_open_log(lock_path("sessionid.tdb"), 0, TDB_CLEAR_IF_FIRST|TDB_DEFAULT,
43 O_RDWR | O_CREAT, 0644);
45 DEBUG(1,("session_init: failed to open sessionid tdb\n"));
52 /********************************************************************
53 called when a session is created
54 ********************************************************************/
56 BOOL session_claim(user_struct *vuser)
61 struct in_addr *client_ip;
62 struct sessionid sessionid;
63 struct server_id pid = procid_self();
66 int tdb_store_flag; /* If using utmp, we do an inital 'lock hold' store,
67 but we don't need this if we are just using the
68 (unique) pid/vuid combination */
70 vuser->session_keystr = NULL;
72 /* don't register sessions for the guest user - its just too
73 expensive to go through pam session code for browsing etc */
81 ZERO_STRUCT(sessionid);
87 for (i=1;i<MAX_SESSION_ID;i++) {
88 slprintf(keystr, sizeof(keystr)-1, "ID/%d", i);
90 if (tdb_store_bystring(tdb, keystr, data, TDB_INSERT) == 0) break;
93 if (i == MAX_SESSION_ID) {
94 DEBUG(1,("session_claim: out of session IDs (max is %d)\n",
98 slprintf(sessionid.id_str, sizeof(sessionid.id_str)-1, SESSION_UTMP_TEMPLATE, i);
99 tdb_store_flag = TDB_MODIFY;
102 slprintf(keystr, sizeof(keystr)-1, "ID/%lu/%u",
103 (long unsigned int)sys_getpid(),
105 slprintf(sessionid.id_str, sizeof(sessionid.id_str)-1,
106 SESSION_TEMPLATE, (long unsigned int)sys_getpid(),
108 tdb_store_flag = TDB_REPLACE;
111 /* If 'hostname lookup' == yes, then do the DNS lookup. This is
112 needed because utmp and PAM both expect DNS names
114 client_name() handles this case internally.
117 hostname = client_name();
118 if (strcmp(hostname, "UNKNOWN") == 0) {
119 hostname = client_addr();
122 fstrcpy(sessionid.username, vuser->user.unix_name);
123 fstrcpy(sessionid.hostname, hostname);
124 sessionid.id_num = i; /* Only valid for utmp sessions */
126 sessionid.uid = vuser->uid;
127 sessionid.gid = vuser->gid;
128 fstrcpy(sessionid.remote_machine, get_remote_machine_name());
129 fstrcpy(sessionid.ip_addr, client_addr());
130 sessionid.connect_start = time(NULL);
132 client_ip = client_inaddr(&sa);
134 if (!smb_pam_claim_session(sessionid.username, sessionid.id_str, sessionid.hostname)) {
135 DEBUG(1,("pam_session rejected the session for %s [%s]\n",
136 sessionid.username, sessionid.id_str));
137 if (tdb_store_flag == TDB_MODIFY) {
138 tdb_delete_bystring(tdb, keystr);
143 data.dptr = (uint8 *)&sessionid;
144 data.dsize = sizeof(sessionid);
145 if (tdb_store_bystring(tdb, keystr, data, tdb_store_flag) != 0) {
146 DEBUG(1,("session_claim: unable to create session id record\n"));
151 sys_utmp_claim(sessionid.username, sessionid.hostname,
153 sessionid.id_str, sessionid.id_num);
156 vuser->session_keystr = talloc_strdup(vuser, keystr);
157 if (!vuser->session_keystr) {
158 DEBUG(0, ("session_claim: talloc_strdup() failed for session_keystr\n"));
164 /********************************************************************
165 called when a session is destroyed
166 ********************************************************************/
168 void session_yield(user_struct *vuser)
171 struct sessionid sessionid;
172 struct in_addr *client_ip;
176 if (!vuser->session_keystr) {
180 dbuf = tdb_fetch_bystring(tdb, vuser->session_keystr);
182 if (dbuf.dsize != sizeof(sessionid))
185 memcpy(&sessionid, dbuf.dptr, sizeof(sessionid));
187 client_ip = interpret_addr2(sessionid.ip_addr);
189 SAFE_FREE(dbuf.dptr);
192 sys_utmp_yield(sessionid.username, sessionid.hostname,
194 sessionid.id_str, sessionid.id_num);
197 smb_pam_close_session(sessionid.username, sessionid.id_str, sessionid.hostname);
199 tdb_delete_bystring(tdb, vuser->session_keystr);
202 /********************************************************************
203 ********************************************************************/
205 BOOL session_traverse(int (*fn)(TDB_CONTEXT *, TDB_DATA, TDB_DATA, void *),
208 if (!session_init()) {
209 DEBUG(3, ("No tdb opened\n"));
213 tdb_traverse(tdb, fn, state);
217 /********************************************************************
218 ********************************************************************/
220 struct session_list {
223 struct sessionid *sessions;
226 static int gather_sessioninfo(TDB_CONTEXT *stdb, TDB_DATA kbuf, TDB_DATA dbuf, void *state)
229 struct session_list *sesslist = (struct session_list *) state;
230 const struct sessionid *current = (const struct sessionid *) dbuf.dptr;
234 sesslist->sessions = TALLOC_REALLOC_ARRAY(
235 sesslist->mem_ctx, sesslist->sessions, struct sessionid, i+1);
237 if (!sesslist->sessions) {
242 memcpy(&sesslist->sessions[i], current, sizeof(struct sessionid));
245 DEBUG(7,("gather_sessioninfo session from %s@%s\n",
246 current->username, current->remote_machine));
251 /********************************************************************
252 ********************************************************************/
254 int list_sessions(TALLOC_CTX *mem_ctx, struct sessionid **session_list)
256 struct session_list sesslist;
258 sesslist.mem_ctx = mem_ctx;
260 sesslist.sessions = NULL;
262 if (!session_traverse(gather_sessioninfo, (void *) &sesslist)) {
263 DEBUG(3, ("Session traverse failed\n"));
264 SAFE_FREE(sesslist.sessions);
265 *session_list = NULL;
269 *session_list = sesslist.sessions;
270 return sesslist.count;