LCOV - code coverage report
Current view: top level - source3/smbd - session.c (source / functions) Hit Total Coverage
Test: coverage report for master 6248eab5 Lines: 46 77 59.7 %
Date: 2021-08-25 13:27:56 Functions: 4 5 80.0 %

          Line data    Source code
       1             : /* 
       2             :    Unix SMB/CIFS implementation.
       3             :    session handling for utmp and PAM
       4             : 
       5             :    Copyright (C) tridge@samba.org       2001
       6             :    Copyright (C) abartlet@samba.org     2001
       7             :    Copyright (C) Gerald (Jerry) Carter  2006   
       8             :    
       9             :    This program is free software; you can redistribute it and/or modify
      10             :    it under the terms of the GNU General Public License as published by
      11             :    the Free Software Foundation; either version 3 of the License, or
      12             :    (at your option) any later version.
      13             :    
      14             :    This program is distributed in the hope that it will be useful,
      15             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      16             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      17             :    GNU General Public License for more details.
      18             :    
      19             :    You should have received a copy of the GNU General Public License
      20             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      21             : */
      22             : 
      23             : /* a "session" is claimed when we do a SessionSetupX operation
      24             :    and is yielded when the corresponding vuid is destroyed.
      25             : 
      26             :    sessions are used to populate utmp and PAM session structures
      27             : */
      28             : 
      29             : #include "includes.h"
      30             : #include "smbd/smbd.h"
      31             : #include "smbd/globals.h"
      32             : #include "dbwrap/dbwrap.h"
      33             : #include "session.h"
      34             : #include "auth.h"
      35             : #include "../lib/tsocket/tsocket.h"
      36             : #include "../libcli/security/security.h"
      37             : #include "messages.h"
      38             : 
      39             : /********************************************************************
      40             :  called when a session is created
      41             : ********************************************************************/
      42             : 
      43       25504 : bool session_claim(struct smbXsrv_session *session)
      44             : {
      45       25504 :         struct auth_session_info *session_info =
      46       25504 :                 session->global->auth_session_info;
      47             :         const char *username;
      48             :         const char *hostname;
      49             :         unsigned int id_num;
      50             :         fstring id_str;
      51             : 
      52             :         /* don't register sessions for the guest user - its just too
      53             :            expensive to go through pam session code for browsing etc */
      54       25504 :         if (security_session_user_level(session_info, NULL) < SECURITY_USER) {
      55         764 :                 return true;
      56             :         }
      57             : 
      58       24738 :         id_num = session->global->session_global_id;
      59             : 
      60       24738 :         snprintf(id_str, sizeof(id_str), "smb/%u", id_num);
      61             : 
      62             :         /* Make clear that we require the optional unix_token in the source3 code */
      63       24738 :         SMB_ASSERT(session_info->unix_token);
      64             : 
      65       24738 :         username = session_info->unix_info->unix_name;
      66       24738 :         hostname = session->global->channels[0].remote_name;
      67             : 
      68       24738 :         if (!smb_pam_claim_session(username, id_str, hostname)) {
      69           0 :                 DEBUG(1,("pam_session rejected the session for %s [%s]\n",
      70             :                                 username, id_str));
      71           0 :                 return false;
      72             :         }
      73             : 
      74       24738 :         if (lp_utmp()) {
      75           0 :                 sys_utmp_claim(username, hostname, id_str, id_num);
      76             :         }
      77             : 
      78       24218 :         return true;
      79             : }
      80             : 
      81             : /********************************************************************
      82             :  called when a session is destroyed
      83             : ********************************************************************/
      84             : 
      85       25490 : void session_yield(struct smbXsrv_session *session)
      86             : {
      87       25490 :         struct auth_session_info *session_info =
      88       25490 :                 session->global->auth_session_info;
      89             :         const char *username;
      90             :         const char *hostname;
      91             :         unsigned int id_num;
      92       25490 :         fstring id_str = "";
      93             : 
      94       25490 :         id_num = session->global->session_global_id;
      95             : 
      96       25490 :         snprintf(id_str, sizeof(id_str), "smb/%u", id_num);
      97             : 
      98             :         /* Make clear that we require the optional unix_token in the source3 code */
      99       25490 :         SMB_ASSERT(session_info->unix_token);
     100             : 
     101       25490 :         username = session_info->unix_info->unix_name;
     102       25490 :         hostname = session->global->channels[0].remote_name;
     103             : 
     104       25490 :         if (lp_utmp()) {
     105           0 :                 sys_utmp_yield(username, hostname, id_str, id_num);
     106             :         }
     107             : 
     108       25490 :         smb_pam_close_session(username, id_str, hostname);
     109       25490 : }
     110             : 
     111             : /********************************************************************
     112             : ********************************************************************/
     113             : 
     114             : struct session_list {
     115             :         TALLOC_CTX *mem_ctx;
     116             :         int count;
     117             :         const char *filter_user;
     118             :         const char *filter_machine;
     119             :         struct sessionid *sessions;
     120             : };
     121             : 
     122          20 : static int gather_sessioninfo(const char *key, struct sessionid *session,
     123             :                               void *private_data)
     124             : {
     125          20 :         struct session_list *sesslist = (struct session_list *)private_data;
     126             : 
     127             :         /* filter the session if required */
     128             : 
     129          20 :         if (sesslist->filter_user &&
     130           0 :             (sesslist->filter_user[0] != '\0') &&
     131           0 :             !strequal(session->username, sesslist->filter_user)) {
     132           0 :                 return 0;
     133             :         }
     134             : 
     135          20 :         if (sesslist->filter_machine &&
     136           0 :             (sesslist->filter_machine[0] != '\0') &&
     137           0 :             !strequal(session->remote_machine,
     138             :                       sesslist->filter_machine)) {
     139           0 :                 return 0;
     140             :         }
     141             : 
     142          20 :         if (!process_exists(session->pid)) {
     143           0 :                 return 0;
     144             :         }
     145             : 
     146          20 :         sesslist->sessions = talloc_realloc(
     147             :                 sesslist->mem_ctx, sesslist->sessions, struct sessionid,
     148             :                 sesslist->count+1);
     149             : 
     150          20 :         if (!sesslist->sessions) {
     151           0 :                 sesslist->count = 0;
     152           0 :                 return -1;
     153             :         }
     154             : 
     155          20 :         memcpy(&sesslist->sessions[sesslist->count], session,
     156             :                sizeof(struct sessionid));
     157             : 
     158          20 :         sesslist->count++;
     159             : 
     160          20 :         DEBUG(7, ("gather_sessioninfo session from %s@%s\n",
     161             :                   session->username, session->remote_machine));
     162             : 
     163          20 :         return 0;
     164             : }
     165             : 
     166             : /********************************************************************
     167             : ********************************************************************/
     168             : 
     169          20 : int list_sessions(TALLOC_CTX *mem_ctx, struct sessionid **session_list)
     170             : {
     171             :         struct session_list sesslist;
     172             :         NTSTATUS status;
     173             : 
     174          20 :         sesslist.mem_ctx = mem_ctx;
     175          20 :         sesslist.count = 0;
     176          20 :         sesslist.filter_user = NULL;
     177          20 :         sesslist.filter_machine = NULL;
     178          20 :         sesslist.sessions = NULL;
     179             : 
     180          20 :         status = sessionid_traverse_read(gather_sessioninfo, (void *) &sesslist);
     181          20 :         if (!NT_STATUS_IS_OK(status)) {
     182           0 :                 DBG_ERR("Session traverse failed: %s\n", nt_errstr(status));
     183           0 :                 TALLOC_FREE(sesslist.sessions);
     184           0 :                 *session_list = NULL;
     185           0 :                 return 0;
     186             :         }
     187             : 
     188          20 :         *session_list = sesslist.sessions;
     189          20 :         return sesslist.count;
     190             : }
     191             : 
     192             : /********************************************************************
     193             : find the sessions that match the given username and machine
     194             : ********************************************************************/
     195             : 
     196           0 : int find_sessions(TALLOC_CTX *mem_ctx, const char *username,
     197             :                   const char *machine, struct sessionid **session_list)
     198             : {
     199             :         struct session_list sesslist;
     200             :         NTSTATUS status;
     201             : 
     202           0 :         sesslist.mem_ctx = mem_ctx;
     203           0 :         sesslist.count = 0;
     204           0 :         sesslist.filter_user = username;
     205           0 :         sesslist.filter_machine = machine;
     206           0 :         sesslist.sessions = NULL;
     207             : 
     208           0 :         status = sessionid_traverse_read(gather_sessioninfo, (void *)&sesslist);
     209           0 :         if (!NT_STATUS_IS_OK(status)) {
     210           0 :                 DEBUG(3, ("Session traverse failed: %s\n", nt_errstr(status)));
     211           0 :                 TALLOC_FREE(sesslist.sessions);
     212           0 :                 *session_list = NULL;
     213           0 :                 return 0;
     214             :         }
     215             : 
     216           0 :         *session_list = sesslist.sessions;
     217           0 :         return sesslist.count;
     218             : }

Generated by: LCOV version 1.13