1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

s3:smbd: use session_global_id as session number for pam and utmp

Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Gregor Beck 2012-08-23 15:21:06 +02:00 committed by Michael Adam
parent 92d53dd7dc
commit b288ddd5c0
3 changed files with 15 additions and 97 deletions

View File

@ -154,26 +154,6 @@
/* Minimum length of allowed password when changing UNIX password. */
#define MINPASSWDLENGTH 5
/* maximum ID number used for session control. This cannot be larger
than 62*62 for the current code */
#define MAX_SESSION_ID 3000
/* For the benifit of PAM and the 'session exec' scripts, we fake up a terminal
name. This can be in one of two forms: The first for systems not using
utmp (and therefore not constrained as to length or the need for a number
< 3000 or so) and the second for systems with this 'well behaved terminal
like name' constraint.
*/
#ifndef SESSION_TEMPLATE
/* Paramaters are 'pid' and 'vuid' */
#define SESSION_TEMPLATE "smb/%lu/%llu"
#endif
#ifndef SESSION_UTMP_TEMPLATE
#define SESSION_UTMP_TEMPLATE "smb/%d"
#endif
/* the maximum age in seconds of a password. Should be a lp_ parameter */
#define MAX_PASSWORD_AGE (21*24*60*60)

View File

@ -46,7 +46,6 @@ bool session_claim(struct smbXsrv_session *session)
struct smbd_server_connection *sconn = session->connection->sconn;
struct server_id pid = messaging_server_id(sconn->msg_ctx);
TDB_DATA data;
int i = 0;
struct sessionid sessionid;
fstring keystr;
struct db_record *rec;
@ -67,77 +66,21 @@ bool session_claim(struct smbXsrv_session *session)
ZERO_STRUCT(sessionid);
sessionid.id_num = session->global->session_global_id;
data.dptr = NULL;
data.dsize = 0;
if (lp_utmp()) {
snprintf(keystr, sizeof(keystr), "ID/%u", sessionid.id_num);
snprintf(sessionid.id_str, sizeof(sessionid.id_str),
"smb/%u", sessionid.id_num);
for (i=1;i<MAX_SESSION_ID;i++) {
/*
* This is very inefficient and needs fixing -- vl
*/
struct server_id sess_pid;
TDB_DATA value;
snprintf(keystr, sizeof(keystr), "ID/%d", i);
rec = sessionid_fetch_record(NULL, keystr);
if (rec == NULL) {
DEBUG(1, ("Could not lock \"%s\"\n", keystr));
return False;
}
value = dbwrap_record_get_value(rec);
if (value.dsize != sizeof(sessionid)) {
DEBUG(1, ("Re-using invalid record\n"));
break;
}
memcpy(&sess_pid,
((char *)value.dptr)
+ offsetof(struct sessionid, pid),
sizeof(sess_pid));
if (!process_exists(sess_pid)) {
DEBUG(5, ("%s has died -- re-using session\n",
procid_str_static(&sess_pid)));
break;
}
TALLOC_FREE(rec);
}
if (i == MAX_SESSION_ID) {
SMB_ASSERT(rec == NULL);
DEBUG(1,("session_claim: out of session IDs "
"(max is %d)\n", MAX_SESSION_ID));
return False;
}
snprintf(sessionid.id_str, sizeof(sessionid.id_str),
SESSION_UTMP_TEMPLATE, i);
} else
{
snprintf(keystr, sizeof(keystr), "ID/%s/%llu",
procid_str_static(&pid),
(unsigned long long)vuser->vuid);
rec = sessionid_fetch_record(NULL, keystr);
if (rec == NULL) {
DEBUG(1, ("Could not lock \"%s\"\n", keystr));
return False;
}
snprintf(sessionid.id_str, sizeof(sessionid.id_str),
SESSION_TEMPLATE, (long unsigned int)getpid(),
(unsigned long long)vuser->vuid);
rec = sessionid_fetch_record(NULL, keystr);
if (rec == NULL) {
DEBUG(1, ("Could not lock \"%s\"\n", keystr));
return False;
}
SMB_ASSERT(rec != NULL);
raddr = tsocket_address_inet_addr_string(session->connection->remote_address,
talloc_tos());
if (raddr == NULL) {
@ -149,7 +92,6 @@ bool session_claim(struct smbXsrv_session *session)
fstrcpy(sessionid.username, vuser->session_info->unix_info->unix_name);
fstrcpy(sessionid.hostname, sconn->remote_hostname);
sessionid.id_num = i; /* Only valid for utmp sessions */
sessionid.pid = pid;
sessionid.uid = vuser->session_info->unix_token->uid;
sessionid.gid = vuser->session_info->unix_token->gid;

View File

@ -472,22 +472,23 @@ static int ut_id_encode(int i, char *fourbyte)
int nbase;
const char *ut_id_encstr = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
fourbyte[0] = 'S';
fourbyte[1] = 'M';
/*
* Encode remaining 2 bytes from 'i'.
* 'ut_id_encstr' is the character set on which modulo arithmetic is done.
* Example: digits would produce the base-10 numbers from '001'.
*/
nbase = strlen(ut_id_encstr);
fourbyte[0] = ut_id_encstr[i % nbase];
i /= nbase;
fourbyte[1] = ut_id_encstr[i % nbase];
i /= nbase;
fourbyte[3] = ut_id_encstr[i % nbase];
i /= nbase;
fourbyte[2] = ut_id_encstr[i % nbase];
i /= nbase;
return(i); /* 0: good; else overflow */
/* we do not care about overflows as i is a random number */
return 0;
}
#endif /* defined(HAVE_UT_UT_ID) */
@ -517,11 +518,6 @@ static bool sys_utmp_fill(struct utmp *u,
* ut_line:
* If size limit proves troublesome, then perhaps use "ut_id_encode()".
*/
if (strlen(id_str) > sizeof(u->ut_line)) {
DEBUG(1,("id_str [%s] is too long for %lu char utmp field\n",
id_str, (unsigned long)sizeof(u->ut_line)));
return False;
}
utmp_strcpy(u->ut_line, id_str, sizeof(u->ut_line));
#if defined(HAVE_UT_UT_PID)