summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Beck <gbeck@sernet.de>2012-08-23 15:21:06 +0200
committerMichael Adam <obnox@samba.org>2012-10-19 12:15:00 +0200
commitb288ddd5c0ee7524e30a4fce3ec4f03c19a1764a (patch)
tree5274a6e05da5639ef76913a77592ba32f1fdd314
parent92d53dd7dc8ca71ae28d2a8762524396cd3c6f58 (diff)
downloadsamba-b288ddd5c0ee7524e30a4fce3ec4f03c19a1764a.tar.gz
samba-b288ddd5c0ee7524e30a4fce3ec4f03c19a1764a.tar.bz2
samba-b288ddd5c0ee7524e30a4fce3ec4f03c19a1764a.zip
s3:smbd: use session_global_id as session number for pam and utmp
Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r--source3/include/local.h20
-rw-r--r--source3/smbd/session.c76
-rw-r--r--source3/smbd/utmp.c16
3 files changed, 15 insertions, 97 deletions
diff --git a/source3/include/local.h b/source3/include/local.h
index 02e6b43673..a87ab8f100 100644
--- a/source3/include/local.h
+++ b/source3/include/local.h
@@ -154,26 +154,6 @@
/* Minimum length of allowed password when changing UNIX password. */
#define MINPASSWDLENGTH 5
-/* maximum ID number used for session control. This cannot be larger
- than 62*62 for the current code */
-#define MAX_SESSION_ID 3000
-
-/* For the benifit of PAM and the 'session exec' scripts, we fake up a terminal
- name. This can be in one of two forms: The first for systems not using
- utmp (and therefore not constrained as to length or the need for a number
- < 3000 or so) and the second for systems with this 'well behaved terminal
- like name' constraint.
-*/
-
-#ifndef SESSION_TEMPLATE
-/* Paramaters are 'pid' and 'vuid' */
-#define SESSION_TEMPLATE "smb/%lu/%llu"
-#endif
-
-#ifndef SESSION_UTMP_TEMPLATE
-#define SESSION_UTMP_TEMPLATE "smb/%d"
-#endif
-
/* the maximum age in seconds of a password. Should be a lp_ parameter */
#define MAX_PASSWORD_AGE (21*24*60*60)
diff --git a/source3/smbd/session.c b/source3/smbd/session.c
index abb1e316bc..6b0263e122 100644
--- a/source3/smbd/session.c
+++ b/source3/smbd/session.c
@@ -46,7 +46,6 @@ bool session_claim(struct smbXsrv_session *session)
struct smbd_server_connection *sconn = session->connection->sconn;
struct server_id pid = messaging_server_id(sconn->msg_ctx);
TDB_DATA data;
- int i = 0;
struct sessionid sessionid;
fstring keystr;
struct db_record *rec;
@@ -67,77 +66,21 @@ bool session_claim(struct smbXsrv_session *session)
ZERO_STRUCT(sessionid);
+ sessionid.id_num = session->global->session_global_id;
+
data.dptr = NULL;
data.dsize = 0;
- if (lp_utmp()) {
+ snprintf(keystr, sizeof(keystr), "ID/%u", sessionid.id_num);
+ snprintf(sessionid.id_str, sizeof(sessionid.id_str),
+ "smb/%u", sessionid.id_num);
- for (i=1;i<MAX_SESSION_ID;i++) {
-
- /*
- * This is very inefficient and needs fixing -- vl
- */
-
- struct server_id sess_pid;
- TDB_DATA value;
-
- snprintf(keystr, sizeof(keystr), "ID/%d", i);
-
- rec = sessionid_fetch_record(NULL, keystr);
- if (rec == NULL) {
- DEBUG(1, ("Could not lock \"%s\"\n", keystr));
- return False;
- }
-
- value = dbwrap_record_get_value(rec);
-
- if (value.dsize != sizeof(sessionid)) {
- DEBUG(1, ("Re-using invalid record\n"));
- break;
- }
-
- memcpy(&sess_pid,
- ((char *)value.dptr)
- + offsetof(struct sessionid, pid),
- sizeof(sess_pid));
-
- if (!process_exists(sess_pid)) {
- DEBUG(5, ("%s has died -- re-using session\n",
- procid_str_static(&sess_pid)));
- break;
- }
-
- TALLOC_FREE(rec);
- }
-
- if (i == MAX_SESSION_ID) {
- SMB_ASSERT(rec == NULL);
- DEBUG(1,("session_claim: out of session IDs "
- "(max is %d)\n", MAX_SESSION_ID));
- return False;
- }
-
- snprintf(sessionid.id_str, sizeof(sessionid.id_str),
- SESSION_UTMP_TEMPLATE, i);
- } else
- {
- snprintf(keystr, sizeof(keystr), "ID/%s/%llu",
- procid_str_static(&pid),
- (unsigned long long)vuser->vuid);
-
- rec = sessionid_fetch_record(NULL, keystr);
- if (rec == NULL) {
- DEBUG(1, ("Could not lock \"%s\"\n", keystr));
- return False;
- }
-
- snprintf(sessionid.id_str, sizeof(sessionid.id_str),
- SESSION_TEMPLATE, (long unsigned int)getpid(),
- (unsigned long long)vuser->vuid);
+ rec = sessionid_fetch_record(NULL, keystr);
+ if (rec == NULL) {
+ DEBUG(1, ("Could not lock \"%s\"\n", keystr));
+ return False;
}
- SMB_ASSERT(rec != NULL);
-
raddr = tsocket_address_inet_addr_string(session->connection->remote_address,
talloc_tos());
if (raddr == NULL) {
@@ -149,7 +92,6 @@ bool session_claim(struct smbXsrv_session *session)
fstrcpy(sessionid.username, vuser->session_info->unix_info->unix_name);
fstrcpy(sessionid.hostname, sconn->remote_hostname);
- sessionid.id_num = i; /* Only valid for utmp sessions */
sessionid.pid = pid;
sessionid.uid = vuser->session_info->unix_token->uid;
sessionid.gid = vuser->session_info->unix_token->gid;
diff --git a/source3/smbd/utmp.c b/source3/smbd/utmp.c
index bb48d36946..0dc1917bfe 100644
--- a/source3/smbd/utmp.c
+++ b/source3/smbd/utmp.c
@@ -472,22 +472,23 @@ static int ut_id_encode(int i, char *fourbyte)
int nbase;
const char *ut_id_encstr = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
- fourbyte[0] = 'S';
- fourbyte[1] = 'M';
-
/*
- * Encode remaining 2 bytes from 'i'.
* 'ut_id_encstr' is the character set on which modulo arithmetic is done.
* Example: digits would produce the base-10 numbers from '001'.
*/
nbase = strlen(ut_id_encstr);
+ fourbyte[0] = ut_id_encstr[i % nbase];
+ i /= nbase;
+ fourbyte[1] = ut_id_encstr[i % nbase];
+ i /= nbase;
fourbyte[3] = ut_id_encstr[i % nbase];
i /= nbase;
fourbyte[2] = ut_id_encstr[i % nbase];
i /= nbase;
- return(i); /* 0: good; else overflow */
+ /* we do not care about overflows as i is a random number */
+ return 0;
}
#endif /* defined(HAVE_UT_UT_ID) */
@@ -517,11 +518,6 @@ static bool sys_utmp_fill(struct utmp *u,
* ut_line:
* If size limit proves troublesome, then perhaps use "ut_id_encode()".
*/
- if (strlen(id_str) > sizeof(u->ut_line)) {
- DEBUG(1,("id_str [%s] is too long for %lu char utmp field\n",
- id_str, (unsigned long)sizeof(u->ut_line)));
- return False;
- }
utmp_strcpy(u->ut_line, id_str, sizeof(u->ut_line));
#if defined(HAVE_UT_UT_PID)