From 03f712e58327e5b15856082074062b22fccb30bd Mon Sep 17 00:00:00 2001
From: Julien Dessaux
Date: Sat, 3 Nov 2018 00:49:22 +0100
Subject: Implemented session id management and session logs in database

---
 src/mysql.c     | 23 +++++++++++++++++++++++
 src/mysql.h     | 10 +++++++---
 src/recording.c |  2 +-
 src/session.c   |  4 ++--
 src/state.c     |  9 ++++-----
 src/state.h     |  4 ++--
 6 files changed, 39 insertions(+), 13 deletions(-)

(limited to 'src')

diff --git a/src/mysql.c b/src/mysql.c
index b2a271e..0931116 100644
--- a/src/mysql.c
+++ b/src/mysql.c
@@ -155,6 +155,29 @@ void db_set_host_publickey_hash(const char * hostname, const char * hash)
     }
 }
 
+unsigned long long // returns 0 on error, or the session_id
+db_init_session_and_get_id(const char * hostname, const char * username)
+{
+    char buff[255];
+    sprintf(buff, "INSERT INTO sessions (created_at, status, user_id, host_id) SELECT NOW(), \"opened\", users.id, hosts.id from users, hosts WHERE users.name = \"%s\" and hosts.name = \"%s\"", username, hostname);
+    int res = mysql_query(db, buff);
+    if (res != 0) {
+        fprintf(stderr, "FATAL: Couldn't insert new session in database for %s to %s\n", username, hostname);
+        return 0;
+    }
+    unsigned long long id = mysql_insert_id(db);
+    if (id == 0) {
+        fprintf(stderr, "FATAL: Didn't get proper mysql last insert id after inserting new session for %s to %s\n", username, hostname);
+        return 0;
+    }
+    res = mysql_commit(db);
+    if (res != 0) {
+        fprintf(stderr, "FATAL: Couldn't commit after inserting session for %s to %s\n", username, hostname);
+        return 0;
+    }
+    return id;
+}
+
 void db_free_host_info(struct db_host_info * info)
 {
     free(info->privkeytxt);
diff --git a/src/mysql.h b/src/mysql.h
index 46e607e..8c6040f 100644
--- a/src/mysql.h
+++ b/src/mysql.h
@@ -10,9 +10,13 @@ struct db_host_info {
 
 char db_init(void);
 void db_clean(void);
-char * db_get_username_from_pubkey(ssh_key pubkey);
-struct db_host_info * db_get_host_info(const char * hostname);
-void db_free_host_info(struct db_host_info * info);
+char * // returns NULL if no user found, this char * is to be freed from the calling code
+db_get_username_from_pubkey(ssh_key pubkey);
+struct db_host_info * // returns NULL if no key found, this char * is to be freed from the calling code
+db_get_host_info(const char * hostname);
 void db_set_host_publickey_hash(const char * hostname, const char * hash);
+unsigned long long // returns 0 on error, or the session_id
+db_init_session_and_get_id(const char * hostname, const char * username);
+void db_free_host_info(struct db_host_info * info);
 
 #endif
diff --git a/src/recording.c b/src/recording.c
index a001607..7692ff1 100644
--- a/src/recording.c
+++ b/src/recording.c
@@ -54,7 +54,7 @@ make_filename(void)
                 strcpy(filename + fname_pos, username);
                 fname_pos += len;
             } else if (format[format_pos] == 'i') {
-                sprintf(filename + fname_pos, "%d", state_get_session_id());
+                sprintf(filename + fname_pos, "%llu", state_get_session_id());
                 fname_pos += strlen(filename + fname_pos);
             }
             format_pos++;
diff --git a/src/session.c b/src/session.c
index 2261242..3d3b1b7 100644
--- a/src/session.c
+++ b/src/session.c
@@ -38,9 +38,9 @@ static int auth_pubkey(ssh_session session, const char *user, ssh_key pubkey, ch
             return SSH_ERROR;
         // TODO check access rights and host configs
         state_set_bastion_username(bastion_username);
+        unsigned long long session_id = db_init_session_and_get_id(user, bastion_username);
+        state_set_session_id(session_id);
         free(bastion_username);
-        // TODO log session creation in db
-        state_set_session_id(1337);
         return SSH_AUTH_SUCCESS;
     } else {
         free(bastion_username);
diff --git a/src/state.c b/src/state.c
index d9577e7..dd9cbf3 100644
--- a/src/state.c
+++ b/src/state.c
@@ -6,10 +6,9 @@
 #include "state.h"
 
 struct state {
+    unsigned long long session_id;
     char * destination;
     char * bastion_username;
-    int session_id;
-    int padding; // makes compiler happy
 };
 
 static struct state state = {0};
@@ -59,17 +58,17 @@ const char * state_get_bastion_username(void)
 }
 
 char // return 0 if ok, greater than 0 otherwise
-state_set_session_id(const int id)
+state_set_session_id(const unsigned long long id)
 {
     if (state.session_id != 0) {
-        fprintf(stderr, "BUG found, attempting to overwrite state.username that has already been set\n");
+        fprintf(stderr, "BUG found, attempting to set a state.session_id that has already been set\n");
         return 1;
     }
     state.session_id = id;
     return 0;
 }
 
-int state_get_session_id(void)
+unsigned long long state_get_session_id(void)
 {
     return state.session_id;
 }
diff --git a/src/state.h b/src/state.h
index df5bd6e..0ab70bc 100644
--- a/src/state.h
+++ b/src/state.h
@@ -5,8 +5,8 @@ char state_set_ssh_destination(const char * dest);
 const char * state_get_ssh_destination(void);
 char state_set_bastion_username(const char * name);
 const char * state_get_bastion_username(void);
-char state_set_session_id(const int id);
-int state_get_session_id(void);
+char state_set_session_id(const unsigned long long id);
+unsigned long long state_get_session_id(void);
 void state_clean(void);
 
 #endif
-- 
cgit v1.2.3