]> andersk Git - openssh.git/blame - loginrec.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- dtucker@cvs.openbsd.org 2005/11/22 03:36:03
[openssh.git] / loginrec.c
CommitLineData
1d7b9b20 1/*
2 * Copyright (c) 2000 Andre Lucas. All rights reserved.
564dd50a 3 * Portions copyright (c) 1998 Todd C. Miller
4 * Portions copyright (c) 1996 Jason Downs
5 * Portions copyright (c) 1996 Theo de Raadt
1d7b9b20 6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
1d7b9b20 15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
b6610e8f 28/*
29 * The btmp logging code is derived from login.c from util-linux and is under
30 * the the following license:
31 *
32 * Copyright (c) 1980, 1987, 1988 The Regents of the University of California.
33 * All rights reserved.
34 *
35 * Redistribution and use in source and binary forms are permitted
36 * provided that the above copyright notice and this paragraph are
37 * duplicated in all such forms and that any documentation,
38 * advertising materials, and other materials related to such
39 * distribution and use acknowledge that the software was developed
40 * by the University of California, Berkeley. The name of the
41 * University may not be used to endorse or promote products derived
42 * from this software without specific prior written permission.
43 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
44 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
45 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
46 */
47
48
2b87da3b 49/**
1d7b9b20 50 ** loginrec.c: platform-independent login recording and lastlog retrieval
51 **/
52
564dd50a 53/*
fa64c868 54 * The new login code explained
55 * ============================
56 *
57 * This code attempts to provide a common interface to login recording
58 * (utmp and friends) and last login time retrieval.
59 *
60 * Its primary means of achieving this is to use 'struct logininfo', a
61 * union of all the useful fields in the various different types of
62 * system login record structures one finds on UNIX variants.
63 *
64 * We depend on autoconf to define which recording methods are to be
65 * used, and which fields are contained in the relevant data structures
66 * on the local system. Many C preprocessor symbols affect which code
67 * gets compiled here.
68 *
69 * The code is designed to make it easy to modify a particular
70 * recording method, without affecting other methods nor requiring so
71 * many nested conditional compilation blocks as were commonplace in
72 * the old code.
73 *
74 * For login recording, we try to use the local system's libraries as
75 * these are clearly most likely to work correctly. For utmp systems
76 * this usually means login() and logout() or setutent() etc., probably
77 * in libutil, along with logwtmp() etc. On these systems, we fall back
78 * to writing the files directly if we have to, though this method
79 * requires very thorough testing so we do not corrupt local auditing
80 * information. These files and their access methods are very system
81 * specific indeed.
82 *
83 * For utmpx systems, the corresponding library functions are
84 * setutxent() etc. To the author's knowledge, all utmpx systems have
85 * these library functions and so no direct write is attempted. If such
86 * a system exists and needs support, direct analogues of the [uw]tmp
87 * code should suffice.
88 *
89 * Retrieving the time of last login ('lastlog') is in some ways even
90 * more problemmatic than login recording. Some systems provide a
91 * simple table of all users which we seek based on uid and retrieve a
92 * relatively standard structure. Others record the same information in
93 * a directory with a separate file, and others don't record the
94 * information separately at all. For systems in the latter category,
95 * we look backwards in the wtmp or wtmpx file for the last login entry
96 * for our user. Naturally this is slower and on busy systems could
97 * incur a significant performance penalty.
98 *
99 * Calling the new code
100 * --------------------
101 *
102 * In OpenSSH all login recording and retrieval is performed in
103 * login.c. Here you'll find working examples. Also, in the logintest.c
104 * program there are more examples.
105 *
106 * Internal handler calling method
107 * -------------------------------
108 *
109 * When a call is made to login_login() or login_logout(), both
110 * routines set a struct logininfo flag defining which action (log in,
111 * or log out) is to be taken. They both then call login_write(), which
112 * calls whichever of the many structure-specific handlers autoconf
113 * selects for the local system.
114 *
115 * The handlers themselves handle system data structure specifics. Both
116 * struct utmp and struct utmpx have utility functions (see
117 * construct_utmp*()) to try to make it simpler to add extra systems
118 * that introduce new features to either structure.
119 *
120 * While it may seem terribly wasteful to replicate so much similar
121 * code for each method, experience has shown that maintaining code to
122 * write both struct utmp and utmpx in one function, whilst maintaining
123 * support for all systems whether they have library support or not, is
124 * a difficult and time-consuming task.
125 *
126 * Lastlog support proceeds similarly. Functions login_get_lastlog()
127 * (and its OpenSSH-tuned friend login_get_lastlog_time()) call
128 * getlast_entry(), which tries one of three methods to find the last
129 * login time. It uses local system lastlog support if it can,
130 * otherwise it tries wtmp or wtmpx before giving up and returning 0,
131 * meaning "tilt".
132 *
133 * Maintenance
134 * -----------
135 *
136 * In many cases it's possible to tweak autoconf to select the correct
137 * methods for a particular platform, either by improving the detection
138 * code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE
139 * symbols for the platform.
140 *
141 * Use logintest to check which symbols are defined before modifying
142 * configure.ac and loginrec.c. (You have to build logintest yourself
143 * with 'make logintest' as it's not built by default.)
144 *
145 * Otherwise, patches to the specific method(s) are very helpful!
146 */
1d7b9b20 147
148#include "includes.h"
149
1d7b9b20 150#include "ssh.h"
151#include "xmalloc.h"
152#include "loginrec.h"
42f11eb2 153#include "log.h"
154#include "atomicio.h"
b6610e8f 155#include "packet.h"
156#include "canohost.h"
c00e4d75 157#include "auth.h"
c53d8c93 158#include "buffer.h"
1d7b9b20 159
44d5f7f7 160#ifdef HAVE_UTIL_H
fa64c868 161# include <util.h>
44d5f7f7 162#endif
163
8f523d67 164#ifdef HAVE_LIBUTIL_H
fa64c868 165# include <libutil.h>
8f523d67 166#endif
167
fa64c868 168RCSID("$Id$");
169
1d7b9b20 170/**
171 ** prototypes for helper functions in this file
172 **/
173
174#if HAVE_UTMP_H
1d7b9b20 175void set_utmp_time(struct logininfo *li, struct utmp *ut);
176void construct_utmp(struct logininfo *li, struct utmp *ut);
177#endif
178
179#ifdef HAVE_UTMPX_H
1d7b9b20 180void set_utmpx_time(struct logininfo *li, struct utmpx *ut);
181void construct_utmpx(struct logininfo *li, struct utmpx *ut);
182#endif
183
184int utmp_write_entry(struct logininfo *li);
185int utmpx_write_entry(struct logininfo *li);
186int wtmp_write_entry(struct logininfo *li);
187int wtmpx_write_entry(struct logininfo *li);
188int lastlog_write_entry(struct logininfo *li);
189int syslogin_write_entry(struct logininfo *li);
190
191int getlast_entry(struct logininfo *li);
192int lastlog_get_entry(struct logininfo *li);
193int wtmp_get_entry(struct logininfo *li);
194int wtmpx_get_entry(struct logininfo *li);
195
5ccf88cb 196extern Buffer loginmsg;
197
5abcdf8e 198/* pick the shortest string */
fa64c868 199#define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))
5abcdf8e 200
1d7b9b20 201/**
202 ** platform-independent login functions
203 **/
204
fa64c868 205/*
206 * login_login(struct logininfo *) - Record a login
2b87da3b 207 *
5abcdf8e 208 * Call with a pointer to a struct logininfo initialised with
209 * login_init_entry() or login_alloc_entry()
210 *
211 * Returns:
212 * >0 if successful
213 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
214 */
564dd50a 215int
fa64c868 216login_login(struct logininfo *li)
564dd50a 217{
218 li->type = LTYPE_LOGIN;
fa64c868 219 return (login_write(li));
564dd50a 220}
1d7b9b20 221
222
fa64c868 223/*
224 * login_logout(struct logininfo *) - Record a logout
5abcdf8e 225 *
226 * Call as with login_login()
227 *
228 * Returns:
229 * >0 if successful
230 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
231 */
564dd50a 232int
233login_logout(struct logininfo *li)
234{
235 li->type = LTYPE_LOGOUT;
fa64c868 236 return (login_write(li));
1d7b9b20 237}
238
fa64c868 239/*
240 * login_get_lastlog_time(int) - Retrieve the last login time
5abcdf8e 241 *
242 * Retrieve the last login time for the given uid. Will try to use the
243 * system lastlog facilities if they are available, but will fall back
244 * to looking in wtmp/wtmpx if necessary
245 *
246 * Returns:
247 * 0 on failure, or if user has never logged in
248 * Time in seconds from the epoch if successful
249 *
250 * Useful preprocessor symbols:
251 * DISABLE_LASTLOG: If set, *never* even try to retrieve lastlog
252 * info
253 * USE_LASTLOG: If set, indicates the presence of system lastlog
254 * facilities. If this and DISABLE_LASTLOG are not set,
255 * try to retrieve lastlog information from wtmp/wtmpx.
256 */
564dd50a 257unsigned int
258login_get_lastlog_time(const int uid)
259{
260 struct logininfo li;
1d7b9b20 261
5abcdf8e 262 if (login_get_lastlog(&li, uid))
fa64c868 263 return (li.tv_sec);
5abcdf8e 264 else
fa64c868 265 return (0);
564dd50a 266}
1d7b9b20 267
fa64c868 268/*
269 * login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry
5abcdf8e 270 *
271 * Retrieve a logininfo structure populated (only partially) with
272 * information from the system lastlog data, or from wtmp/wtmpx if no
273 * system lastlog information exists.
274 *
275 * Note this routine must be given a pre-allocated logininfo.
276 *
277 * Returns:
278 * >0: A pointer to your struct logininfo if successful
279 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
5abcdf8e 280 */
564dd50a 281struct logininfo *
282login_get_lastlog(struct logininfo *li, const int uid)
283{
5abcdf8e 284 struct passwd *pw;
5abcdf8e 285
dbaa2e87 286 memset(li, '\0', sizeof(*li));
1d7b9b20 287 li->uid = uid;
5abcdf8e 288
2b87da3b 289 /*
9f32ceb4 290 * If we don't have a 'real' lastlog, we need the username to
5abcdf8e 291 * reliably search wtmp(x) for the last login (see
2b87da3b 292 * wtmp_get_entry().)
9f32ceb4 293 */
5abcdf8e 294 pw = getpwuid(uid);
a05a70ab 295 if (pw == NULL)
a233586b 296 fatal("%s: Cannot find account for uid %i", __func__, uid);
2b87da3b 297
1bfbb762 298 /* No MIN_SIZEOF here - we absolutely *must not* truncate the
fa64c868 299 * username (XXX - so check for trunc!) */
d8caae24 300 strlcpy(li->username, pw->pw_name, sizeof(li->username));
a05a70ab 301
564dd50a 302 if (getlast_entry(li))
fa64c868 303 return (li);
564dd50a 304 else
fa64c868 305 return (NULL);
1d7b9b20 306}
307
1d7b9b20 308
fa64c868 309/*
310 * login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
2b87da3b 311 * a logininfo structure
312 *
5abcdf8e 313 * This function creates a new struct logininfo, a data structure
314 * meant to carry the information required to portably record login info.
315 *
316 * Returns a pointer to a newly created struct logininfo. If memory
317 * allocation fails, the program halts.
318 */
564dd50a 319struct
320logininfo *login_alloc_entry(int pid, const char *username,
fa64c868 321 const char *hostname, const char *line)
564dd50a 322{
323 struct logininfo *newli;
1d7b9b20 324
fa64c868 325 newli = xmalloc(sizeof(*newli));
326 login_init_entry(newli, pid, username, hostname, line);
327 return (newli);
1d7b9b20 328}
329
330
5abcdf8e 331/* login_free_entry(struct logininfo *) - free struct memory */
1d7b9b20 332void
564dd50a 333login_free_entry(struct logininfo *li)
334{
335 xfree(li);
1d7b9b20 336}
337
338
5abcdf8e 339/* login_init_entry(struct logininfo *, int, char*, char*, char*)
340 * - initialise a struct logininfo
2b87da3b 341 *
5abcdf8e 342 * Populates a new struct logininfo, a data structure meant to carry
343 * the information required to portably record login info.
344 *
345 * Returns: 1
346 */
564dd50a 347int
2b87da3b 348login_init_entry(struct logininfo *li, int pid, const char *username,
fa64c868 349 const char *hostname, const char *line)
564dd50a 350{
d8caae24 351 struct passwd *pw;
2b87da3b 352
dbaa2e87 353 memset(li, 0, sizeof(*li));
2b87da3b 354
564dd50a 355 li->pid = pid;
d8caae24 356
564dd50a 357 /* set the line information */
358 if (line)
359 line_fullname(li->line, line, sizeof(li->line));
1d7b9b20 360
d8caae24 361 if (username) {
564dd50a 362 strlcpy(li->username, username, sizeof(li->username));
d8caae24 363 pw = getpwnam(li->username);
fa64c868 364 if (pw == NULL) {
d1cf9a87 365 fatal("%s: Cannot find user \"%s\"", __func__,
fa64c868 366 li->username);
367 }
d8caae24 368 li->uid = pw->pw_uid;
369 }
a05a70ab 370
564dd50a 371 if (hostname)
372 strlcpy(li->hostname, hostname, sizeof(li->hostname));
d8caae24 373
fa64c868 374 return (1);
1d7b9b20 375}
376
d1cf9a87 377/*
fa64c868 378 * login_set_current_time(struct logininfo *) - set the current time
5abcdf8e 379 *
380 * Set the current time in a logininfo structure. This function is
381 * meant to eliminate the need to deal with system dependencies for
382 * time handling.
383 */
1d7b9b20 384void
564dd50a 385login_set_current_time(struct logininfo *li)
386{
1d7b9b20 387 struct timeval tv;
388
389 gettimeofday(&tv, NULL);
2b87da3b 390
d8caae24 391 li->tv_sec = tv.tv_sec;
392 li->tv_usec = tv.tv_usec;
1d7b9b20 393}
394
564dd50a 395/* copy a sockaddr_* into our logininfo */
1d7b9b20 396void
564dd50a 397login_set_addr(struct logininfo *li, const struct sockaddr *sa,
fa64c868 398 const unsigned int sa_size)
564dd50a 399{
400 unsigned int bufsize = sa_size;
401
402 /* make sure we don't overrun our union */
403 if (sizeof(li->hostaddr) < sa_size)
404 bufsize = sizeof(li->hostaddr);
405
fa64c868 406 memcpy(&li->hostaddr.sa, sa, bufsize);
1d7b9b20 407}
1d7b9b20 408
564dd50a 409
410/**
411 ** login_write: Call low-level recording functions based on autoconf
412 ** results
413 **/
1d7b9b20 414int
fa64c868 415login_write(struct logininfo *li)
564dd50a 416{
3c62e7eb 417#ifndef HAVE_CYGWIN
fa64c868 418 if (geteuid() != 0) {
419 logit("Attempt to write login records by non-root user (aborting)");
420 return (1);
1d7b9b20 421 }
3c62e7eb 422#endif
a05a70ab 423
1d7b9b20 424 /* set the timestamp */
425 login_set_current_time(li);
426#ifdef USE_LOGIN
427 syslogin_write_entry(li);
428#endif
429#ifdef USE_LASTLOG
fa64c868 430 if (li->type == LTYPE_LOGIN)
1d7b9b20 431 lastlog_write_entry(li);
1d7b9b20 432#endif
433#ifdef USE_UTMP
434 utmp_write_entry(li);
435#endif
436#ifdef USE_WTMP
437 wtmp_write_entry(li);
438#endif
439#ifdef USE_UTMPX
440 utmpx_write_entry(li);
441#endif
442#ifdef USE_WTMPX
443 wtmpx_write_entry(li);
f5ed3301 444#endif
445#ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
d1cf9a87 446 if (li->type == LTYPE_LOGIN &&
98c044d0 447 !sys_auth_record_login(li->username,li->hostname,li->line,
448 &loginmsg))
f5ed3301 449 logit("Writing login record failed for %s", li->username);
c00e4d75 450#endif
6039eeef 451#ifdef SSH_AUDIT_EVENTS
c00e4d75 452 if (li->type == LTYPE_LOGIN)
453 audit_session_open(li->line);
454 else if (li->type == LTYPE_LOGOUT)
455 audit_session_close(li->line);
1d7b9b20 456#endif
fa64c868 457 return (0);
1d7b9b20 458}
459
7e2d5fa4 460#ifdef LOGIN_NEEDS_UTMPX
461int
462login_utmp_only(struct logininfo *li)
463{
aff51935 464 li->type = LTYPE_LOGIN;
9e127e27 465 login_set_current_time(li);
7e2d5fa4 466# ifdef USE_UTMP
467 utmp_write_entry(li);
468# endif
469# ifdef USE_WTMP
470 wtmp_write_entry(li);
471# endif
472# ifdef USE_UTMPX
473 utmpx_write_entry(li);
474# endif
475# ifdef USE_WTMPX
476 wtmpx_write_entry(li);
477# endif
fa64c868 478 return (0);
7e2d5fa4 479}
480#endif
481
564dd50a 482/**
483 ** getlast_entry: Call low-level functions to retrieve the last login
484 ** time.
485 **/
1d7b9b20 486
564dd50a 487/* take the uid in li and return the last login time */
1d7b9b20 488int
564dd50a 489getlast_entry(struct logininfo *li)
490{
491#ifdef USE_LASTLOG
9f32ceb4 492 return(lastlog_get_entry(li));
a05a70ab 493#else /* !USE_LASTLOG */
1d7b9b20 494
fa64c868 495#if defined(DISABLE_LASTLOG)
2b87da3b 496 /* On some systems we shouldn't even try to obtain last login
3f45f1c3 497 * time, e.g. AIX */
fa64c868 498 return (0);
499# elif defined(USE_WTMP) && \
500 (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP))
564dd50a 501 /* retrieve last login time from utmp */
a05a70ab 502 return (wtmp_get_entry(li));
fa64c868 503# elif defined(USE_WTMPX) && \
504 (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX))
564dd50a 505 /* If wtmp isn't available, try wtmpx */
a05a70ab 506 return (wtmpx_get_entry(li));
fa64c868 507# else
564dd50a 508 /* Give up: No means of retrieving last login time */
fa64c868 509 return (0);
2b87da3b 510# endif /* DISABLE_LASTLOG */
a05a70ab 511#endif /* USE_LASTLOG */
564dd50a 512}
1d7b9b20 513
514
1d7b9b20 515
516/*
564dd50a 517 * 'line' string utility functions
518 *
519 * These functions process the 'line' string into one of three forms:
520 *
1d7b9b20 521 * 1. The full filename (including '/dev')
522 * 2. The stripped name (excluding '/dev')
564dd50a 523 * 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
524 * /dev/pts/1 -> ts/1 )
1d7b9b20 525 *
526 * Form 3 is used on some systems to identify a .tmp.? entry when
527 * attempting to remove it. Typically both addition and removal is
564dd50a 528 * performed by one application - say, sshd - so as long as the choice
529 * uniquely identifies a terminal it's ok.
1d7b9b20 530 */
531
532
fa64c868 533/*
534 * line_fullname(): add the leading '/dev/' if it doesn't exist make
535 * sure dst has enough space, if not just copy src (ugh)
536 */
1d7b9b20 537char *
44d71ad5 538line_fullname(char *dst, const char *src, u_int dstsize)
564dd50a 539{
1d7b9b20 540 memset(dst, '\0', dstsize);
fa64c868 541 if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5)))
1d7b9b20 542 strlcpy(dst, src, dstsize);
fa64c868 543 else {
a4d05724 544 strlcpy(dst, "/dev/", dstsize);
1d7b9b20 545 strlcat(dst, src, dstsize);
546 }
fa64c868 547 return (dst);
1d7b9b20 548}
549
564dd50a 550/* line_stripname(): strip the leading '/dev' if it exists, return dst */
1d7b9b20 551char *
564dd50a 552line_stripname(char *dst, const char *src, int dstsize)
553{
1d7b9b20 554 memset(dst, '\0', dstsize);
555 if (strncmp(src, "/dev/", 5) == 0)
89d7510a 556 strlcpy(dst, src + 5, dstsize);
1d7b9b20 557 else
558 strlcpy(dst, src, dstsize);
fa64c868 559 return (dst);
564dd50a 560}
561
d1cf9a87 562/*
fa64c868 563 * line_abbrevname(): Return the abbreviated (usually four-character)
564dd50a 564 * form of the line (Just use the last <dstsize> characters of the
565 * full name.)
566 *
567 * NOTE: use strncpy because we do NOT necessarily want zero
fa64c868 568 * termination
569 */
1d7b9b20 570char *
2b87da3b 571line_abbrevname(char *dst, const char *src, int dstsize)
a05a70ab 572{
573 size_t len;
2b87da3b 574
1d7b9b20 575 memset(dst, '\0', dstsize);
2b87da3b 576
daaff4d5 577 /* Always skip prefix if present */
578 if (strncmp(src, "/dev/", 5) == 0)
579 src += 5;
2b87da3b 580
0e8f4eba 581#ifdef WITH_ABBREV_NO_TTY
582 if (strncmp(src, "tty", 3) == 0)
583 src += 3;
584#endif
585
a05a70ab 586 len = strlen(src);
587
daaff4d5 588 if (len > 0) {
589 if (((int)len - dstsize) > 0)
590 src += ((int)len - dstsize);
591
592 /* note: _don't_ change this to strlcpy */
2b87da3b 593 strncpy(dst, src, (size_t)dstsize);
a05a70ab 594 }
2b87da3b 595
fa64c868 596 return (dst);
1d7b9b20 597}
598
1d7b9b20 599/**
600 ** utmp utility functions
564dd50a 601 **
602 ** These functions manipulate struct utmp, taking system differences
603 ** into account.
1d7b9b20 604 **/
605
606#if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN)
607
1d7b9b20 608/* build the utmp structure */
609void
564dd50a 610set_utmp_time(struct logininfo *li, struct utmp *ut)
611{
fa64c868 612# if defined(HAVE_TV_IN_UTMP)
1d7b9b20 613 ut->ut_tv.tv_sec = li->tv_sec;
614 ut->ut_tv.tv_usec = li->tv_usec;
fa64c868 615# elif defined(HAVE_TIME_IN_UTMP)
1d7b9b20 616 ut->ut_time = li->tv_sec;
a05a70ab 617# endif
1d7b9b20 618}
619
620void
621construct_utmp(struct logininfo *li,
564dd50a 622 struct utmp *ut)
623{
9746ee4b 624# ifdef HAVE_ADDR_V6_IN_UTMP
625 struct sockaddr_in6 *sa6;
fa64c868 626# endif
627
dbaa2e87 628 memset(ut, '\0', sizeof(*ut));
5abcdf8e 629
630 /* First fill out fields used for both logins and logouts */
631
a05a70ab 632# ifdef HAVE_ID_IN_UTMP
1d7b9b20 633 line_abbrevname(ut->ut_id, li->line, sizeof(ut->ut_id));
a05a70ab 634# endif
1d7b9b20 635
a05a70ab 636# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 637 /* This is done here to keep utmp constants out of struct logininfo */
1d7b9b20 638 switch (li->type) {
639 case LTYPE_LOGIN:
640 ut->ut_type = USER_PROCESS;
ef51930f 641#ifdef _UNICOS
1a23ac2c 642 cray_set_tmpdir(ut);
643#endif
1d7b9b20 644 break;
645 case LTYPE_LOGOUT:
646 ut->ut_type = DEAD_PROCESS;
ef51930f 647#ifdef _UNICOS
1a23ac2c 648 cray_retain_utmp(ut, li->pid);
649#endif
1d7b9b20 650 break;
651 }
a05a70ab 652# endif
5abcdf8e 653 set_utmp_time(li, ut);
1d7b9b20 654
5abcdf8e 655 line_stripname(ut->ut_line, li->line, sizeof(ut->ut_line));
a05a70ab 656
657# ifdef HAVE_PID_IN_UTMP
1d7b9b20 658 ut->ut_pid = li->pid;
a05a70ab 659# endif
5abcdf8e 660
661 /* If we're logging out, leave all other fields blank */
662 if (li->type == LTYPE_LOGOUT)
fa64c868 663 return;
5abcdf8e 664
a05a70ab 665 /*
666 * These fields are only used when logging in, and are blank
2b87da3b 667 * for logouts.
a05a70ab 668 */
5abcdf8e 669
670 /* Use strncpy because we don't necessarily want null termination */
fa64c868 671 strncpy(ut->ut_name, li->username,
672 MIN_SIZEOF(ut->ut_name, li->username));
a05a70ab 673# ifdef HAVE_HOST_IN_UTMP
fa64c868 674 strncpy(ut->ut_host, li->hostname,
675 MIN_SIZEOF(ut->ut_host, li->hostname));
a05a70ab 676# endif
677# ifdef HAVE_ADDR_IN_UTMP
564dd50a 678 /* this is just a 32-bit IP address */
679 if (li->hostaddr.sa.sa_family == AF_INET)
680 ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
2b87da3b 681# endif
9746ee4b 682# ifdef HAVE_ADDR_V6_IN_UTMP
683 /* this is just a 128-bit IPv6 address */
684 if (li->hostaddr.sa.sa_family == AF_INET6) {
685 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
686 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
687 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
688 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
689 ut->ut_addr_v6[1] = 0;
690 ut->ut_addr_v6[2] = 0;
691 ut->ut_addr_v6[3] = 0;
692 }
693 }
694# endif
564dd50a 695}
a05a70ab 696#endif /* USE_UTMP || USE_WTMP || USE_LOGIN */
564dd50a 697
1d7b9b20 698/**
699 ** utmpx utility functions
564dd50a 700 **
701 ** These functions manipulate struct utmpx, accounting for system
702 ** variations.
1d7b9b20 703 **/
704
705#if defined(USE_UTMPX) || defined (USE_WTMPX)
1d7b9b20 706/* build the utmpx structure */
707void
564dd50a 708set_utmpx_time(struct logininfo *li, struct utmpx *utx)
709{
fa64c868 710# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 711 utx->ut_tv.tv_sec = li->tv_sec;
712 utx->ut_tv.tv_usec = li->tv_usec;
fa64c868 713# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 714 utx->ut_time = li->tv_sec;
fa64c868 715# endif
1d7b9b20 716}
717
718void
564dd50a 719construct_utmpx(struct logininfo *li, struct utmpx *utx)
720{
9746ee4b 721# ifdef HAVE_ADDR_V6_IN_UTMP
722 struct sockaddr_in6 *sa6;
723# endif
dbaa2e87 724 memset(utx, '\0', sizeof(*utx));
fa64c868 725
daaff4d5 726# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 727 line_abbrevname(utx->ut_id, li->line, sizeof(utx->ut_id));
daaff4d5 728# endif
1d7b9b20 729
730 /* this is done here to keep utmp constants out of loginrec.h */
731 switch (li->type) {
732 case LTYPE_LOGIN:
733 utx->ut_type = USER_PROCESS;
734 break;
735 case LTYPE_LOGOUT:
736 utx->ut_type = DEAD_PROCESS;
737 break;
738 }
1d7b9b20 739 line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line));
1d7b9b20 740 set_utmpx_time(li, utx);
5abcdf8e 741 utx->ut_pid = li->pid;
fa64c868 742
f3837bc6 743 /* strncpy(): Don't necessarily want null termination */
fa64c868 744 strncpy(utx->ut_name, li->username,
745 MIN_SIZEOF(utx->ut_name, li->username));
5abcdf8e 746
747 if (li->type == LTYPE_LOGOUT)
748 return;
749
a05a70ab 750 /*
751 * These fields are only used when logging in, and are blank
2b87da3b 752 * for logouts.
a05a70ab 753 */
5abcdf8e 754
a05a70ab 755# ifdef HAVE_HOST_IN_UTMPX
fa64c868 756 strncpy(utx->ut_host, li->hostname,
757 MIN_SIZEOF(utx->ut_host, li->hostname));
a05a70ab 758# endif
759# ifdef HAVE_ADDR_IN_UTMPX
764d4113 760 /* this is just a 32-bit IP address */
761 if (li->hostaddr.sa.sa_family == AF_INET)
762 utx->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
a05a70ab 763# endif
9746ee4b 764# ifdef HAVE_ADDR_V6_IN_UTMP
765 /* this is just a 128-bit IPv6 address */
766 if (li->hostaddr.sa.sa_family == AF_INET6) {
767 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
768 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
769 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
770 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
771 ut->ut_addr_v6[1] = 0;
772 ut->ut_addr_v6[2] = 0;
773 ut->ut_addr_v6[3] = 0;
774 }
775 }
776# endif
a05a70ab 777# ifdef HAVE_SYSLEN_IN_UTMPX
5abcdf8e 778 /* ut_syslen is the length of the utx_host string */
779 utx->ut_syslen = MIN(strlen(li->hostname), sizeof(utx->ut_host));
a05a70ab 780# endif
564dd50a 781}
a05a70ab 782#endif /* USE_UTMPX || USE_WTMPX */
1d7b9b20 783
784/**
564dd50a 785 ** Low-level utmp functions
1d7b9b20 786 **/
787
788/* FIXME: (ATL) utmp_write_direct needs testing */
1d7b9b20 789#ifdef USE_UTMP
790
1d7b9b20 791/* if we can, use pututline() etc. */
a05a70ab 792# if !defined(DISABLE_PUTUTLINE) && defined(HAVE_SETUTENT) && \
793 defined(HAVE_PUTUTLINE)
1d7b9b20 794# define UTMP_USE_LIBRARY
a05a70ab 795# endif
1d7b9b20 796
797
798/* write a utmp entry with the system's help (pututline() and pals) */
a05a70ab 799# ifdef UTMP_USE_LIBRARY
1d7b9b20 800static int
564dd50a 801utmp_write_library(struct logininfo *li, struct utmp *ut)
802{
1d7b9b20 803 setutent();
804 pututline(ut);
a05a70ab 805# ifdef HAVE_ENDUTENT
1d7b9b20 806 endutent();
a05a70ab 807# endif
fa64c868 808 return (1);
564dd50a 809}
a05a70ab 810# else /* UTMP_USE_LIBRARY */
1d7b9b20 811
d1cf9a87 812/*
fa64c868 813 * Write a utmp entry direct to the file
814 * This is a slightly modification of code in OpenBSD's login.c
815 */
1d7b9b20 816static int
564dd50a 817utmp_write_direct(struct logininfo *li, struct utmp *ut)
818{
1d7b9b20 819 struct utmp old_ut;
820 register int fd;
821 int tty;
822
5abcdf8e 823 /* FIXME: (ATL) ttyslot() needs local implementation */
dbaa2e87 824
698d107e 825#if defined(HAVE_GETTTYENT)
fa64c868 826 struct ttyent *ty;
dbaa2e87 827
828 tty=0;
dbaa2e87 829 setttyent();
fa64c868 830 while (NULL != (ty = getttyent())) {
dbaa2e87 831 tty++;
832 if (!strncmp(ty->ty_name, ut->ut_line, sizeof(ut->ut_line)))
833 break;
834 }
835 endttyent();
836
fa64c868 837 if (NULL == ty) {
5f12e050 838 logit("%s: tty not found", __func__);
839 return (0);
dbaa2e87 840 }
841#else /* FIXME */
842
1d7b9b20 843 tty = ttyslot(); /* seems only to work for /dev/ttyp? style names */
844
698d107e 845#endif /* HAVE_GETTTYENT */
dbaa2e87 846
1d7b9b20 847 if (tty > 0 && (fd = open(UTMP_FILE, O_RDWR|O_CREAT, 0644)) >= 0) {
5f12e050 848 off_t pos, ret;
849
850 pos = (off_t)tty * sizeof(struct utmp);
851 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 852 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 853 return (0);
854 }
855 if (ret != pos) {
d1cf9a87 856 logit("%s: Couldn't seek to tty %d slot in %s",
f6d20d59 857 __func__, tty, UTMP_FILE);
5f12e050 858 return (0);
859 }
1d7b9b20 860 /*
861 * Prevent luser from zero'ing out ut_host.
862 * If the new ut_line is empty but the old one is not
dc2a6d09 863 * and ut_line and ut_name match, preserve the old ut_line.
1d7b9b20 864 */
2b87da3b 865 if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) &&
fa64c868 866 (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') &&
867 (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) &&
868 (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0))
869 memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host));
2b87da3b 870
5f12e050 871 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 872 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 873 return (0);
874 }
875 if (ret != pos) {
f6d20d59 876 logit("%s: Couldn't seek to tty %d slot in %s",
5f12e050 877 __func__, tty, UTMP_FILE);
878 return (0);
879 }
fa64c868 880 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
5f12e050 881 logit("%s: error writing %s: %s", __func__,
5abcdf8e 882 UTMP_FILE, strerror(errno));
fa64c868 883 }
2b87da3b 884
fa64c868 885 close(fd);
886 return (1);
9f32ceb4 887 } else {
fa64c868 888 return (0);
9f32ceb4 889 }
564dd50a 890}
a05a70ab 891# endif /* UTMP_USE_LIBRARY */
1d7b9b20 892
893static int
564dd50a 894utmp_perform_login(struct logininfo *li)
895{
1d7b9b20 896 struct utmp ut;
897
898 construct_utmp(li, &ut);
a05a70ab 899# ifdef UTMP_USE_LIBRARY
1d7b9b20 900 if (!utmp_write_library(li, &ut)) {
a233586b 901 logit("%s: utmp_write_library() failed", __func__);
fa64c868 902 return (0);
1d7b9b20 903 }
a05a70ab 904# else
1d7b9b20 905 if (!utmp_write_direct(li, &ut)) {
a233586b 906 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 907 return (0);
1d7b9b20 908 }
a05a70ab 909# endif
fa64c868 910 return (1);
564dd50a 911}
1d7b9b20 912
913
914static int
564dd50a 915utmp_perform_logout(struct logininfo *li)
916{
1d7b9b20 917 struct utmp ut;
918
5abcdf8e 919 construct_utmp(li, &ut);
a05a70ab 920# ifdef UTMP_USE_LIBRARY
5abcdf8e 921 if (!utmp_write_library(li, &ut)) {
a233586b 922 logit("%s: utmp_write_library() failed", __func__);
fa64c868 923 return (0);
5abcdf8e 924 }
a05a70ab 925# else
5abcdf8e 926 if (!utmp_write_direct(li, &ut)) {
a233586b 927 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 928 return (0);
5abcdf8e 929 }
a05a70ab 930# endif
fa64c868 931 return (1);
564dd50a 932}
1d7b9b20 933
934
935int
564dd50a 936utmp_write_entry(struct logininfo *li)
937{
1d7b9b20 938 switch(li->type) {
939 case LTYPE_LOGIN:
fa64c868 940 return (utmp_perform_login(li));
1d7b9b20 941
942 case LTYPE_LOGOUT:
fa64c868 943 return (utmp_perform_logout(li));
1d7b9b20 944
945 default:
a233586b 946 logit("%s: invalid type field", __func__);
fa64c868 947 return (0);
1d7b9b20 948 }
564dd50a 949}
a05a70ab 950#endif /* USE_UTMP */
1d7b9b20 951
952
953/**
564dd50a 954 ** Low-level utmpx functions
1d7b9b20 955 **/
956
957/* not much point if we don't want utmpx entries */
958#ifdef USE_UTMPX
959
1d7b9b20 960/* if we have the wherewithall, use pututxline etc. */
a05a70ab 961# if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \
962 defined(HAVE_PUTUTXLINE)
1d7b9b20 963# define UTMPX_USE_LIBRARY
a05a70ab 964# endif
1d7b9b20 965
966
967/* write a utmpx entry with the system's help (pututxline() and pals) */
a05a70ab 968# ifdef UTMPX_USE_LIBRARY
1d7b9b20 969static int
564dd50a 970utmpx_write_library(struct logininfo *li, struct utmpx *utx)
971{
1d7b9b20 972 setutxent();
973 pututxline(utx);
974
a05a70ab 975# ifdef HAVE_ENDUTXENT
1d7b9b20 976 endutxent();
a05a70ab 977# endif
fa64c868 978 return (1);
564dd50a 979}
1d7b9b20 980
a05a70ab 981# else /* UTMPX_USE_LIBRARY */
1d7b9b20 982
983/* write a utmp entry direct to the file */
984static int
564dd50a 985utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
2b87da3b 986{
a233586b 987 logit("%s: not implemented!", __func__);
fa64c868 988 return (0);
564dd50a 989}
a05a70ab 990# endif /* UTMPX_USE_LIBRARY */
1d7b9b20 991
992static int
564dd50a 993utmpx_perform_login(struct logininfo *li)
994{
1d7b9b20 995 struct utmpx utx;
996
997 construct_utmpx(li, &utx);
a05a70ab 998# ifdef UTMPX_USE_LIBRARY
1d7b9b20 999 if (!utmpx_write_library(li, &utx)) {
a233586b 1000 logit("%s: utmp_write_library() failed", __func__);
fa64c868 1001 return (0);
1d7b9b20 1002 }
a05a70ab 1003# else
1d7b9b20 1004 if (!utmpx_write_direct(li, &ut)) {
a233586b 1005 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 1006 return (0);
1d7b9b20 1007 }
a05a70ab 1008# endif
fa64c868 1009 return (1);
564dd50a 1010}
1d7b9b20 1011
1012
1013static int
564dd50a 1014utmpx_perform_logout(struct logininfo *li)
1015{
1d7b9b20 1016 struct utmpx utx;
1017
f3837bc6 1018 construct_utmpx(li, &utx);
a05a70ab 1019# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 1020 line_abbrevname(utx.ut_id, li->line, sizeof(utx.ut_id));
a05a70ab 1021# endif
1022# ifdef HAVE_TYPE_IN_UTMPX
1d7b9b20 1023 utx.ut_type = DEAD_PROCESS;
a05a70ab 1024# endif
1d7b9b20 1025
a05a70ab 1026# ifdef UTMPX_USE_LIBRARY
1d7b9b20 1027 utmpx_write_library(li, &utx);
a05a70ab 1028# else
1d7b9b20 1029 utmpx_write_direct(li, &utx);
a05a70ab 1030# endif
fa64c868 1031 return (1);
564dd50a 1032}
1d7b9b20 1033
1d7b9b20 1034int
564dd50a 1035utmpx_write_entry(struct logininfo *li)
1036{
1d7b9b20 1037 switch(li->type) {
1038 case LTYPE_LOGIN:
fa64c868 1039 return (utmpx_perform_login(li));
1d7b9b20 1040 case LTYPE_LOGOUT:
fa64c868 1041 return (utmpx_perform_logout(li));
1d7b9b20 1042 default:
a233586b 1043 logit("%s: invalid type field", __func__);
fa64c868 1044 return (0);
1d7b9b20 1045 }
564dd50a 1046}
a05a70ab 1047#endif /* USE_UTMPX */
1d7b9b20 1048
1049
1050/**
564dd50a 1051 ** Low-level wtmp functions
1d7b9b20 1052 **/
1053
2b87da3b 1054#ifdef USE_WTMP
1d7b9b20 1055
d1cf9a87 1056/*
fa64c868 1057 * Write a wtmp entry direct to the end of the file
1058 * This is a slight modification of code in OpenBSD's logwtmp.c
1059 */
1d7b9b20 1060static int
564dd50a 1061wtmp_write(struct logininfo *li, struct utmp *ut)
1062{
1d7b9b20 1063 struct stat buf;
1064 int fd, ret = 1;
1065
1066 if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
a233586b 1067 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1068 WTMP_FILE, strerror(errno));
fa64c868 1069 return (0);
1d7b9b20 1070 }
2b87da3b 1071 if (fstat(fd, &buf) == 0)
d72f7b79 1072 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
1d7b9b20 1073 ftruncate(fd, buf.st_size);
a233586b 1074 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1075 WTMP_FILE, strerror(errno));
1076 ret = 0;
1077 }
fa64c868 1078 close(fd);
1079 return (ret);
564dd50a 1080}
1d7b9b20 1081
1d7b9b20 1082static int
a05a70ab 1083wtmp_perform_login(struct logininfo *li)
1084{
1d7b9b20 1085 struct utmp ut;
1086
1087 construct_utmp(li, &ut);
fa64c868 1088 return (wtmp_write(li, &ut));
564dd50a 1089}
1d7b9b20 1090
1091
1092static int
564dd50a 1093wtmp_perform_logout(struct logininfo *li)
1094{
1d7b9b20 1095 struct utmp ut;
1096
1097 construct_utmp(li, &ut);
fa64c868 1098 return (wtmp_write(li, &ut));
564dd50a 1099}
1d7b9b20 1100
1101
1102int
564dd50a 1103wtmp_write_entry(struct logininfo *li)
1104{
1d7b9b20 1105 switch(li->type) {
1106 case LTYPE_LOGIN:
fa64c868 1107 return (wtmp_perform_login(li));
1d7b9b20 1108 case LTYPE_LOGOUT:
fa64c868 1109 return (wtmp_perform_logout(li));
1d7b9b20 1110 default:
a233586b 1111 logit("%s: invalid type field", __func__);
fa64c868 1112 return (0);
1d7b9b20 1113 }
564dd50a 1114}
1d7b9b20 1115
1116
d1cf9a87 1117/*
fa64c868 1118 * Notes on fetching login data from wtmp/wtmpx
2b87da3b 1119 *
5abcdf8e 1120 * Logouts are usually recorded with (amongst other things) a blank
1121 * username on a given tty line. However, some systems (HP-UX is one)
1122 * leave all fields set, but change the ut_type field to DEAD_PROCESS.
1123 *
1124 * Since we're only looking for logins here, we know that the username
1125 * must be set correctly. On systems that leave it in, we check for
1126 * ut_type==USER_PROCESS (indicating a login.)
1127 *
1128 * Portability: Some systems may set something other than USER_PROCESS
1129 * to indicate a login process. I don't know of any as I write. Also,
1130 * it's possible that some systems may both leave the username in
1131 * place and not have ut_type.
1132 */
1133
5abcdf8e 1134/* return true if this wtmp entry indicates a login */
1135static int
1136wtmp_islogin(struct logininfo *li, struct utmp *ut)
1137{
2b87da3b 1138 if (strncmp(li->username, ut->ut_name,
fa64c868 1139 MIN_SIZEOF(li->username, ut->ut_name)) == 0) {
a05a70ab 1140# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 1141 if (ut->ut_type & USER_PROCESS)
fa64c868 1142 return (1);
a05a70ab 1143# else
fa64c868 1144 return (1);
a05a70ab 1145# endif
5abcdf8e 1146 }
fa64c868 1147 return (0);
5abcdf8e 1148}
1149
1d7b9b20 1150int
564dd50a 1151wtmp_get_entry(struct logininfo *li)
1152{
1d7b9b20 1153 struct stat st;
1154 struct utmp ut;
fa64c868 1155 int fd, found = 0;
5abcdf8e 1156
1157 /* Clear the time entries in our logininfo */
1158 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1159
1160 if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) {
d1cf9a87 1161 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1162 WTMP_FILE, strerror(errno));
fa64c868 1163 return (0);
1d7b9b20 1164 }
2b87da3b 1165 if (fstat(fd, &st) != 0) {
d1cf9a87 1166 logit("%s: couldn't stat %s: %s", __func__,
1d7b9b20 1167 WTMP_FILE, strerror(errno));
1168 close(fd);
fa64c868 1169 return (0);
1d7b9b20 1170 }
1d7b9b20 1171
5abcdf8e 1172 /* Seek to the start of the last struct utmp */
d9d47a26 1173 if (lseek(fd, -(off_t)sizeof(struct utmp), SEEK_END) == -1) {
5abcdf8e 1174 /* Looks like we've got a fresh wtmp file */
1175 close(fd);
fa64c868 1176 return (0);
5abcdf8e 1177 }
1178
1179 while (!found) {
9f32ceb4 1180 if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) {
d1cf9a87 1181 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1182 WTMP_FILE, strerror(errno));
1183 close (fd);
fa64c868 1184 return (0);
1d7b9b20 1185 }
5abcdf8e 1186 if ( wtmp_islogin(li, &ut) ) {
1187 found = 1;
fa64c868 1188 /*
1189 * We've already checked for a time in struct
1190 * utmp, in login_getlast()
1191 */
a05a70ab 1192# ifdef HAVE_TIME_IN_UTMP
1d7b9b20 1193 li->tv_sec = ut.ut_time;
a05a70ab 1194# else
1d7b9b20 1195# if HAVE_TV_IN_UTMP
1196 li->tv_sec = ut.ut_tv.tv_sec;
1197# endif
a05a70ab 1198# endif
5abcdf8e 1199 line_fullname(li->line, ut.ut_line,
fa64c868 1200 MIN_SIZEOF(li->line, ut.ut_line));
a05a70ab 1201# ifdef HAVE_HOST_IN_UTMP
5abcdf8e 1202 strlcpy(li->hostname, ut.ut_host,
fa64c868 1203 MIN_SIZEOF(li->hostname, ut.ut_host));
a05a70ab 1204# endif
5abcdf8e 1205 continue;
1d7b9b20 1206 }
5abcdf8e 1207 /* Seek back 2 x struct utmp */
d9d47a26 1208 if (lseek(fd, -(off_t)(2 * sizeof(struct utmp)), SEEK_CUR) == -1) {
5abcdf8e 1209 /* We've found the start of the file, so quit */
fa64c868 1210 close(fd);
1211 return (0);
1d7b9b20 1212 }
5abcdf8e 1213 }
1214
1215 /* We found an entry. Tidy up and return */
1216 close(fd);
fa64c868 1217 return (1);
564dd50a 1218}
a05a70ab 1219# endif /* USE_WTMP */
1d7b9b20 1220
1221
1222/**
564dd50a 1223 ** Low-level wtmpx functions
1d7b9b20 1224 **/
1225
1226#ifdef USE_WTMPX
fa64c868 1227/*
1228 * Write a wtmpx entry direct to the end of the file
1229 * This is a slight modification of code in OpenBSD's logwtmp.c
1230 */
1d7b9b20 1231static int
564dd50a 1232wtmpx_write(struct logininfo *li, struct utmpx *utx)
1233{
41c64c91 1234#ifndef HAVE_UPDWTMPX
1d7b9b20 1235 struct stat buf;
1236 int fd, ret = 1;
1237
1238 if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
d1cf9a87 1239 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1240 WTMPX_FILE, strerror(errno));
fa64c868 1241 return (0);
1d7b9b20 1242 }
1243
2b87da3b 1244 if (fstat(fd, &buf) == 0)
d72f7b79 1245 if (atomicio(vwrite, fd, utx, sizeof(*utx)) != sizeof(*utx)) {
1d7b9b20 1246 ftruncate(fd, buf.st_size);
a233586b 1247 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1248 WTMPX_FILE, strerror(errno));
1249 ret = 0;
1250 }
fa64c868 1251 close(fd);
1d7b9b20 1252
fa64c868 1253 return (ret);
41c64c91 1254#else
1255 updwtmpx(WTMPX_FILE, utx);
fa64c868 1256 return (1);
41c64c91 1257#endif
564dd50a 1258}
1d7b9b20 1259
1260
1261static int
564dd50a 1262wtmpx_perform_login(struct logininfo *li)
1263{
1d7b9b20 1264 struct utmpx utx;
1265
1266 construct_utmpx(li, &utx);
fa64c868 1267 return (wtmpx_write(li, &utx));
564dd50a 1268}
1d7b9b20 1269
1270
1271static int
564dd50a 1272wtmpx_perform_logout(struct logininfo *li)
1273{
1d7b9b20 1274 struct utmpx utx;
1275
1276 construct_utmpx(li, &utx);
fa64c868 1277 return (wtmpx_write(li, &utx));
564dd50a 1278}
1d7b9b20 1279
1280
1281int
564dd50a 1282wtmpx_write_entry(struct logininfo *li)
1283{
1d7b9b20 1284 switch(li->type) {
1285 case LTYPE_LOGIN:
fa64c868 1286 return (wtmpx_perform_login(li));
1d7b9b20 1287 case LTYPE_LOGOUT:
fa64c868 1288 return (wtmpx_perform_logout(li));
1d7b9b20 1289 default:
a233586b 1290 logit("%s: invalid type field", __func__);
fa64c868 1291 return (0);
1d7b9b20 1292 }
564dd50a 1293}
1d7b9b20 1294
5abcdf8e 1295/* Please see the notes above wtmp_islogin() for information about the
1296 next two functions */
1297
1298/* Return true if this wtmpx entry indicates a login */
1299static int
1300wtmpx_islogin(struct logininfo *li, struct utmpx *utx)
1301{
fa64c868 1302 if (strncmp(li->username, utx->ut_name,
1303 MIN_SIZEOF(li->username, utx->ut_name)) == 0 ) {
a05a70ab 1304# ifdef HAVE_TYPE_IN_UTMPX
5abcdf8e 1305 if (utx->ut_type == USER_PROCESS)
fa64c868 1306 return (1);
a05a70ab 1307# else
fa64c868 1308 return (1);
a05a70ab 1309# endif
5abcdf8e 1310 }
fa64c868 1311 return (0);
5abcdf8e 1312}
1313
1d7b9b20 1314
1315int
564dd50a 1316wtmpx_get_entry(struct logininfo *li)
1317{
1d7b9b20 1318 struct stat st;
1319 struct utmpx utx;
5abcdf8e 1320 int fd, found=0;
1321
1322 /* Clear the time entries */
1323 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1324
1325 if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) {
d1cf9a87 1326 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1327 WTMPX_FILE, strerror(errno));
fa64c868 1328 return (0);
1d7b9b20 1329 }
2b87da3b 1330 if (fstat(fd, &st) != 0) {
d1cf9a87 1331 logit("%s: couldn't stat %s: %s", __func__,
fdebdd4f 1332 WTMPX_FILE, strerror(errno));
1d7b9b20 1333 close(fd);
fa64c868 1334 return (0);
1d7b9b20 1335 }
2b87da3b 1336
5abcdf8e 1337 /* Seek to the start of the last struct utmpx */
d9d47a26 1338 if (lseek(fd, -(off_t)sizeof(struct utmpx), SEEK_END) == -1 ) {
5abcdf8e 1339 /* probably a newly rotated wtmpx file */
1340 close(fd);
fa64c868 1341 return (0);
5abcdf8e 1342 }
1d7b9b20 1343
5abcdf8e 1344 while (!found) {
9f32ceb4 1345 if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) {
d1cf9a87 1346 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1347 WTMPX_FILE, strerror(errno));
1348 close (fd);
fa64c868 1349 return (0);
1d7b9b20 1350 }
fa64c868 1351 /*
d1cf9a87 1352 * Logouts are recorded as a blank username on a particular
fa64c868 1353 * line. So, we just need to find the username in struct utmpx
1354 */
1355 if (wtmpx_islogin(li, &utx)) {
d80063fe 1356 found = 1;
fa64c868 1357# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 1358 li->tv_sec = utx.ut_tv.tv_sec;
fa64c868 1359# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 1360 li->tv_sec = utx.ut_time;
a05a70ab 1361# endif
a4d05724 1362 line_fullname(li->line, utx.ut_line, sizeof(li->line));
fa64c868 1363# if defined(HAVE_HOST_IN_UTMPX)
5abcdf8e 1364 strlcpy(li->hostname, utx.ut_host,
fa64c868 1365 MIN_SIZEOF(li->hostname, utx.ut_host));
a05a70ab 1366# endif
5abcdf8e 1367 continue;
1d7b9b20 1368 }
d9d47a26 1369 if (lseek(fd, -(off_t)(2 * sizeof(struct utmpx)), SEEK_CUR) == -1) {
fa64c868 1370 close(fd);
1371 return (0);
1d7b9b20 1372 }
5abcdf8e 1373 }
1374
1375 close(fd);
fa64c868 1376 return (1);
564dd50a 1377}
f988dce5 1378#endif /* USE_WTMPX */
1d7b9b20 1379
1d7b9b20 1380/**
564dd50a 1381 ** Low-level libutil login() functions
1d7b9b20 1382 **/
1383
1384#ifdef USE_LOGIN
1d7b9b20 1385static int
564dd50a 1386syslogin_perform_login(struct logininfo *li)
1387{
1d7b9b20 1388 struct utmp *ut;
1389
7a52470e 1390 ut = xmalloc(sizeof(*ut));
1d7b9b20 1391 construct_utmp(li, ut);
1392 login(ut);
6cef88bc 1393 free(ut);
1d7b9b20 1394
fa64c868 1395 return (1);
564dd50a 1396}
1d7b9b20 1397
564dd50a 1398static int
1399syslogin_perform_logout(struct logininfo *li)
1400{
a05a70ab 1401# ifdef HAVE_LOGOUT
f20d4564 1402 char line[UT_LINESIZE];
2b87da3b 1403
1d7b9b20 1404 (void)line_stripname(line, li->line, sizeof(line));
1405
fa64c868 1406 if (!logout(line))
a233586b 1407 logit("%s: logout() returned an error", __func__);
a05a70ab 1408# ifdef HAVE_LOGWTMP
fa64c868 1409 else
1d7b9b20 1410 logwtmp(line, "", "");
a05a70ab 1411# endif
5abcdf8e 1412 /* FIXME: (ATL - if the need arises) What to do if we have
1413 * login, but no logout? what if logout but no logwtmp? All
1414 * routines are in libutil so they should all be there,
1415 * but... */
a05a70ab 1416# endif
fa64c868 1417 return (1);
564dd50a 1418}
1d7b9b20 1419
1d7b9b20 1420int
564dd50a 1421syslogin_write_entry(struct logininfo *li)
1422{
1d7b9b20 1423 switch (li->type) {
1424 case LTYPE_LOGIN:
fa64c868 1425 return (syslogin_perform_login(li));
1d7b9b20 1426 case LTYPE_LOGOUT:
fa64c868 1427 return (syslogin_perform_logout(li));
1d7b9b20 1428 default:
a233586b 1429 logit("%s: Invalid type field", __func__);
fa64c868 1430 return (0);
1d7b9b20 1431 }
564dd50a 1432}
f988dce5 1433#endif /* USE_LOGIN */
1d7b9b20 1434
1435/* end of file log-syslogin.c */
1436
1d7b9b20 1437/**
564dd50a 1438 ** Low-level lastlog functions
1d7b9b20 1439 **/
1440
1441#ifdef USE_LASTLOG
a05a70ab 1442#define LL_FILE 1
1443#define LL_DIR 2
1444#define LL_OTHER 3
1d7b9b20 1445
1d7b9b20 1446static void
564dd50a 1447lastlog_construct(struct logininfo *li, struct lastlog *last)
1448{
1d7b9b20 1449 /* clear the structure */
dbaa2e87 1450 memset(last, '\0', sizeof(*last));
2b87da3b 1451
fa64c868 1452 line_stripname(last->ll_line, li->line, sizeof(last->ll_line));
5abcdf8e 1453 strlcpy(last->ll_host, li->hostname,
1454 MIN_SIZEOF(last->ll_host, li->hostname));
1d7b9b20 1455 last->ll_time = li->tv_sec;
564dd50a 1456}
1d7b9b20 1457
1d7b9b20 1458static int
564dd50a 1459lastlog_filetype(char *filename)
1460{
1d7b9b20 1461 struct stat st;
1462
a05a70ab 1463 if (stat(LASTLOG_FILE, &st) != 0) {
a233586b 1464 logit("%s: Couldn't stat %s: %s", __func__,
fa64c868 1465 LASTLOG_FILE, strerror(errno));
1466 return (0);
1d7b9b20 1467 }
1d7b9b20 1468 if (S_ISDIR(st.st_mode))
fa64c868 1469 return (LL_DIR);
1d7b9b20 1470 else if (S_ISREG(st.st_mode))
fa64c868 1471 return (LL_FILE);
1d7b9b20 1472 else
fa64c868 1473 return (LL_OTHER);
564dd50a 1474}
1d7b9b20 1475
1476
1477/* open the file (using filemode) and seek to the login entry */
1478static int
564dd50a 1479lastlog_openseek(struct logininfo *li, int *fd, int filemode)
1480{
1d7b9b20 1481 off_t offset;
1482 int type;
1483 char lastlog_file[1024];
1484
1485 type = lastlog_filetype(LASTLOG_FILE);
1486 switch (type) {
fa64c868 1487 case LL_FILE:
1488 strlcpy(lastlog_file, LASTLOG_FILE,
1489 sizeof(lastlog_file));
1490 break;
1491 case LL_DIR:
1492 snprintf(lastlog_file, sizeof(lastlog_file), "%s/%s",
1493 LASTLOG_FILE, li->username);
1494 break;
1495 default:
a233586b 1496 logit("%s: %.100s is not a file or directory!", __func__,
fa64c868 1497 LASTLOG_FILE);
1498 return (0);
a05a70ab 1499 }
1d7b9b20 1500
ee476051 1501 *fd = open(lastlog_file, filemode, 0600);
fa64c868 1502 if (*fd < 0) {
a233586b 1503 debug("%s: Couldn't open %s: %s", __func__,
1d7b9b20 1504 lastlog_file, strerror(errno));
fa64c868 1505 return (0);
1d7b9b20 1506 }
2b87da3b 1507
d93a7e5a 1508 if (type == LL_FILE) {
1509 /* find this uid's offset in the lastlog file */
d9d47a26 1510 offset = (off_t) ((long)li->uid * sizeof(struct lastlog));
1d7b9b20 1511
fa64c868 1512 if (lseek(*fd, offset, SEEK_SET) != offset) {
a233586b 1513 logit("%s: %s->lseek(): %s", __func__,
1514 lastlog_file, strerror(errno));
fa64c868 1515 return (0);
d93a7e5a 1516 }
1d7b9b20 1517 }
2b87da3b 1518
fa64c868 1519 return (1);
564dd50a 1520}
1d7b9b20 1521
1522static int
564dd50a 1523lastlog_perform_login(struct logininfo *li)
1524{
1d7b9b20 1525 struct lastlog last;
1526 int fd;
1527
1528 /* create our struct lastlog */
1529 lastlog_construct(li, &last);
1530
ee476051 1531 if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT))
fa64c868 1532 return (0);
2b87da3b 1533
1d7b9b20 1534 /* write the entry */
d72f7b79 1535 if (atomicio(vwrite, fd, &last, sizeof(last)) != sizeof(last)) {
1a022229 1536 close(fd);
a233586b 1537 logit("%s: Error writing to %s: %s", __func__,
1a022229 1538 LASTLOG_FILE, strerror(errno));
fa64c868 1539 return (0);
a05a70ab 1540 }
1a022229 1541
1542 close(fd);
fa64c868 1543 return (1);
564dd50a 1544}
1d7b9b20 1545
1d7b9b20 1546int
564dd50a 1547lastlog_write_entry(struct logininfo *li)
1548{
1d7b9b20 1549 switch(li->type) {
1550 case LTYPE_LOGIN:
fa64c868 1551 return (lastlog_perform_login(li));
1d7b9b20 1552 default:
a233586b 1553 logit("%s: Invalid type field", __func__);
fa64c868 1554 return (0);
1d7b9b20 1555 }
564dd50a 1556}
1d7b9b20 1557
1d7b9b20 1558static void
564dd50a 1559lastlog_populate_entry(struct logininfo *li, struct lastlog *last)
1560{
1d7b9b20 1561 line_fullname(li->line, last->ll_line, sizeof(li->line));
2b87da3b 1562 strlcpy(li->hostname, last->ll_host,
fa64c868 1563 MIN_SIZEOF(li->hostname, last->ll_host));
1d7b9b20 1564 li->tv_sec = last->ll_time;
564dd50a 1565}
1d7b9b20 1566
1d7b9b20 1567int
564dd50a 1568lastlog_get_entry(struct logininfo *li)
1569{
1d7b9b20 1570 struct lastlog last;
ed05a983 1571 int fd, ret;
1d7b9b20 1572
ce49121d 1573 if (!lastlog_openseek(li, &fd, O_RDONLY))
ed05a983 1574 return (0);
ce49121d 1575
ed05a983 1576 ret = atomicio(read, fd, &last, sizeof(last));
ce49121d 1577 close(fd);
1578
ed05a983 1579 switch (ret) {
1580 case 0:
1581 memset(&last, '\0', sizeof(last));
1582 /* FALLTHRU */
1583 case sizeof(last):
1584 lastlog_populate_entry(li, &last);
1585 return (1);
1586 case -1:
aff51935 1587 error("%s: Error reading from %s: %s", __func__,
ed05a983 1588 LASTLOG_FILE, strerror(errno));
1589 return (0);
1590 default:
1591 error("%s: Error reading from %s: Expecting %d, got %d",
1592 __func__, LASTLOG_FILE, sizeof(last), ret);
1593 return (0);
1594 }
ce49121d 1595
ed05a983 1596 /* NOTREACHED */
1597 return (0);
564dd50a 1598}
f988dce5 1599#endif /* USE_LASTLOG */
b6610e8f 1600
1601#ifdef USE_BTMP
1602 /*
1603 * Logs failed login attempts in _PATH_BTMP if that exists.
1604 * The most common login failure is to give password instead of username.
1605 * So the _PATH_BTMP file checked for the correct permission, so that
1606 * only root can read it.
1607 */
1608
1609void
1610record_failed_login(const char *username, const char *hostname,
1611 const char *ttyn)
1612{
1613 int fd;
1614 struct utmp ut;
1615 struct sockaddr_storage from;
1616 size_t fromlen = sizeof(from);
1617 struct sockaddr_in *a4;
1618 struct sockaddr_in6 *a6;
1619 time_t t;
1620 struct stat fst;
1621
1622 if (geteuid() != 0)
1623 return;
1624 if ((fd = open(_PATH_BTMP, O_WRONLY | O_APPEND)) < 0) {
1625 debug("Unable to open the btmp file %s: %s", _PATH_BTMP,
1626 strerror(errno));
1627 return;
1628 }
1629 if (fstat(fd, &fst) < 0) {
1630 logit("%s: fstat of %s failed: %s", __func__, _PATH_BTMP,
1631 strerror(errno));
1632 goto out;
1633 }
1634 if((fst.st_mode & (S_IRWXG | S_IRWXO)) || (fst.st_uid != 0)){
1635 logit("Excess permission or bad ownership on file %s",
1636 _PATH_BTMP);
1637 goto out;
1638 }
1639
1640 memset(&ut, 0, sizeof(ut));
1641 /* strncpy because we don't necessarily want nul termination */
1642 strncpy(ut.ut_user, username, sizeof(ut.ut_user));
1643 strlcpy(ut.ut_line, "ssh:notty", sizeof(ut.ut_line));
1644
1645 time(&t);
1646 ut.ut_time = t; /* ut_time is not always a time_t */
1647 ut.ut_type = LOGIN_PROCESS;
1648 ut.ut_pid = getpid();
1649
1650 /* strncpy because we don't necessarily want nul termination */
1651 strncpy(ut.ut_host, hostname, sizeof(ut.ut_host));
1652
1653 if (packet_connection_is_on_socket() &&
1654 getpeername(packet_get_connection_in(),
1655 (struct sockaddr *)&from, &fromlen) == 0) {
1656 ipv64_normalise_mapped(&from, &fromlen);
1657 if (from.ss_family == AF_INET) {
1658 a4 = (struct sockaddr_in *)&from;
1659 memcpy(&ut.ut_addr, &(a4->sin_addr),
1660 MIN_SIZEOF(ut.ut_addr, a4->sin_addr));
1661 }
1662#ifdef HAVE_ADDR_V6_IN_UTMP
1663 if (from.ss_family == AF_INET6) {
1664 a6 = (struct sockaddr_in6 *)&from;
1665 memcpy(&ut.ut_addr_v6, &(a6->sin6_addr),
1666 MIN_SIZEOF(ut.ut_addr_v6, a6->sin6_addr));
1667 }
1668#endif
1669 }
1670
1671 if (atomicio(vwrite, fd, &ut, sizeof(ut)) != sizeof(ut))
1672 error("Failed to write to %s: %s", _PATH_BTMP,
1673 strerror(errno));
1674
1675out:
1676 close(fd);
1677}
1678#endif /* USE_BTMP */
git-cvsimport mirror of OpenSSH
This page took 0.649422 seconds and 5 git commands to generate.