diff options
| -rw-r--r-- | source3/include/local.h | 14 | ||||
| -rw-r--r-- | source3/include/smb.h | 4 | ||||
| -rw-r--r-- | source3/smbd/session.c | 70 |
3 files changed, 62 insertions, 26 deletions
diff --git a/source3/include/local.h b/source3/include/local.h index 24f3fa7724..2538715c41 100644 --- a/source3/include/local.h +++ b/source3/include/local.h @@ -187,8 +187,20 @@ than 62*62 for the current code */ #define MAX_SESSION_ID 3000 +/* For the benifit of PAM and the 'session exec' scripts, we fake up a terminal + name. This can be in one of two forms: The first for systems not using + utmp (and therefore not constrained as to length or the need for a number + < 3000 or so) and the second for systems with this 'well behaved terminal + like name' constraint. +*/ + #ifndef SESSION_TEMPLATE -#define SESSION_TEMPLATE "smb/%d" +/* Paramaters are 'pid' and 'vuid' */ +#define SESSION_TEMPLATE "smb/%lu/%d" +#endif + +#ifndef SESSION_UTMP_TEMPLATE +#define SESSION_UTMP_TEMPLATE "smb/%d" #endif /* the maximum age in seconds of a password. Should be a lp_ parameter */ diff --git a/source3/include/smb.h b/source3/include/smb.h index 636e4ab00c..c48c81e6e4 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -1594,8 +1594,8 @@ typedef struct user_struct uint8 session_key[16]; - int session_id; /* used by utmp and pam session code */ - + char *session_keystr; /* used by utmp and pam session code. + TDB key string */ int homes_snum; } user_struct; diff --git a/source3/smbd/session.c b/source3/smbd/session.c index dade953ec1..f7ade5570c 100644 --- a/source3/smbd/session.c +++ b/source3/smbd/session.c @@ -33,15 +33,18 @@ static TDB_CONTEXT *tdb; /* called when a session is created */ BOOL session_claim(user_struct *vuser) { - int i; + int i = 0; TDB_DATA data; struct sessionid sessionid; uint32 pid = (uint32)sys_getpid(); TDB_DATA key; fstring keystr; char * hostname; + int tdb_store_flag; /* If using utmp, we do an inital 'lock hold' store, + but we don't need this if we are just using the + (unique) pid/vuid combination */ - vuser->session_id = 0; + vuser->session_keystr = NULL; /* don't register sessions for the guest user - its just too expensive to go through pam session code for browsing etc */ @@ -63,18 +66,37 @@ BOOL session_claim(user_struct *vuser) data.dptr = NULL; data.dsize = 0; - for (i=1;i<MAX_SESSION_ID;i++) { - slprintf(keystr, sizeof(keystr)-1, "ID/%d", i); +#if WITH_UTMP + if (lp_utmp()) { + for (i=1;i<MAX_SESSION_ID;i++) { + slprintf(keystr, sizeof(keystr)-1, "ID/%d", i); + key.dptr = keystr; + key.dsize = strlen(keystr)+1; + + if (tdb_store(tdb, key, data, TDB_INSERT) == 0) break; + } + + if (i == MAX_SESSION_ID) { + DEBUG(1,("session_claim: out of session IDs (max is %d)\n", + MAX_SESSION_ID)); + return False; + } + slprintf(sessionid.id_str, sizeof(sessionid.id_str)-1, SESSION_UTMP_TEMPLATE, i); + tdb_store_flag = TDB_MODIFY; + } else +#endif + { + slprintf(keystr, sizeof(keystr)-1, "ID/%lu/%u", + (long unsigned int)sys_getpid(), + vuser->vuid); + slprintf(sessionid.id_str, sizeof(sessionid.id_str)-1, + SESSION_TEMPLATE, (long unsigned int)sys_getpid(), + vuser->vuid); + key.dptr = keystr; key.dsize = strlen(keystr)+1; - - if (tdb_store(tdb, key, data, TDB_INSERT) == 0) break; - } - - if (i == MAX_SESSION_ID) { - DEBUG(1,("session_claim: out of session IDs (max is %d)\n", - MAX_SESSION_ID)); - return False; + + tdb_store_flag = TDB_REPLACE; } /* If 'hostname lookup' == yes, then do the DNS lookup. This is @@ -90,8 +112,7 @@ BOOL session_claim(user_struct *vuser) fstrcpy(sessionid.username, vuser->user.unix_name); fstrcpy(sessionid.hostname, hostname); - slprintf(sessionid.id_str, sizeof(sessionid.id_str)-1, SESSION_TEMPLATE, i); - sessionid.id_num = i; + sessionid.id_num = i; /* Only valid for utmp sessions */ sessionid.pid = pid; sessionid.uid = vuser->uid; sessionid.gid = vuser->gid; @@ -101,13 +122,15 @@ BOOL session_claim(user_struct *vuser) if (!smb_pam_claim_session(sessionid.username, sessionid.id_str, sessionid.hostname)) { DEBUG(1,("pam_session rejected the session for %s [%s]\n", sessionid.username, sessionid.id_str)); - tdb_delete(tdb, key); + if (tdb_store_flag == TDB_MODIFY) { + tdb_delete(tdb, key); + } return False; } data.dptr = (char *)&sessionid; data.dsize = sizeof(sessionid); - if (tdb_store(tdb, key, data, TDB_MODIFY) != 0) { + if (tdb_store(tdb, key, data, tdb_store_flag) != 0) { DEBUG(1,("session_claim: unable to create session id record\n")); return False; } @@ -119,7 +142,11 @@ BOOL session_claim(user_struct *vuser) } #endif - vuser->session_id = i; + vuser->session_keystr = strdup(keystr); + if (!vuser->session_keystr) { + DEBUG(0, ("session_claim: strdup() failed for session_keystr\n")); + return False; + } return True; } @@ -129,18 +156,15 @@ void session_yield(user_struct *vuser) TDB_DATA dbuf; struct sessionid sessionid; TDB_DATA key; - fstring keystr; if (!tdb) return; - if (vuser->session_id == 0) { + if (!vuser->session_keystr) { return; } - slprintf(keystr, sizeof(keystr)-1, "ID/%d", vuser->session_id); - - key.dptr = keystr; - key.dsize = strlen(keystr)+1; + key.dptr = vuser->session_keystr; + key.dsize = strlen(vuser->session_keystr)+1; dbuf = tdb_fetch(tdb, key); |