]> andersk Git - openssh.git/blame - loginrec.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (djm) [loginrec.c ssh-rand-helper.c sshd.c openbsd-compat/glob.c]
[openssh.git] / loginrec.c
CommitLineData
1d7b9b20 1/*
2 * Copyright (c) 2000 Andre Lucas. All rights reserved.
564dd50a 3 * Portions copyright (c) 1998 Todd C. Miller
4 * Portions copyright (c) 1996 Jason Downs
5 * Portions copyright (c) 1996 Theo de Raadt
1d7b9b20 6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
1d7b9b20 15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
b6610e8f 28/*
29 * The btmp logging code is derived from login.c from util-linux and is under
30 * the the following license:
31 *
32 * Copyright (c) 1980, 1987, 1988 The Regents of the University of California.
33 * All rights reserved.
34 *
35 * Redistribution and use in source and binary forms are permitted
36 * provided that the above copyright notice and this paragraph are
37 * duplicated in all such forms and that any documentation,
38 * advertising materials, and other materials related to such
39 * distribution and use acknowledge that the software was developed
40 * by the University of California, Berkeley. The name of the
41 * University may not be used to endorse or promote products derived
42 * from this software without specific prior written permission.
43 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
44 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
45 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
46 */
47
48
2b87da3b 49/**
1d7b9b20 50 ** loginrec.c: platform-independent login recording and lastlog retrieval
51 **/
52
564dd50a 53/*
fa64c868 54 * The new login code explained
55 * ============================
56 *
57 * This code attempts to provide a common interface to login recording
58 * (utmp and friends) and last login time retrieval.
59 *
60 * Its primary means of achieving this is to use 'struct logininfo', a
61 * union of all the useful fields in the various different types of
62 * system login record structures one finds on UNIX variants.
63 *
64 * We depend on autoconf to define which recording methods are to be
65 * used, and which fields are contained in the relevant data structures
66 * on the local system. Many C preprocessor symbols affect which code
67 * gets compiled here.
68 *
69 * The code is designed to make it easy to modify a particular
70 * recording method, without affecting other methods nor requiring so
71 * many nested conditional compilation blocks as were commonplace in
72 * the old code.
73 *
74 * For login recording, we try to use the local system's libraries as
75 * these are clearly most likely to work correctly. For utmp systems
76 * this usually means login() and logout() or setutent() etc., probably
77 * in libutil, along with logwtmp() etc. On these systems, we fall back
78 * to writing the files directly if we have to, though this method
79 * requires very thorough testing so we do not corrupt local auditing
80 * information. These files and their access methods are very system
81 * specific indeed.
82 *
83 * For utmpx systems, the corresponding library functions are
84 * setutxent() etc. To the author's knowledge, all utmpx systems have
85 * these library functions and so no direct write is attempted. If such
86 * a system exists and needs support, direct analogues of the [uw]tmp
87 * code should suffice.
88 *
89 * Retrieving the time of last login ('lastlog') is in some ways even
90 * more problemmatic than login recording. Some systems provide a
91 * simple table of all users which we seek based on uid and retrieve a
92 * relatively standard structure. Others record the same information in
93 * a directory with a separate file, and others don't record the
94 * information separately at all. For systems in the latter category,
95 * we look backwards in the wtmp or wtmpx file for the last login entry
96 * for our user. Naturally this is slower and on busy systems could
97 * incur a significant performance penalty.
98 *
99 * Calling the new code
100 * --------------------
101 *
102 * In OpenSSH all login recording and retrieval is performed in
103 * login.c. Here you'll find working examples. Also, in the logintest.c
104 * program there are more examples.
105 *
106 * Internal handler calling method
107 * -------------------------------
108 *
109 * When a call is made to login_login() or login_logout(), both
110 * routines set a struct logininfo flag defining which action (log in,
111 * or log out) is to be taken. They both then call login_write(), which
112 * calls whichever of the many structure-specific handlers autoconf
113 * selects for the local system.
114 *
115 * The handlers themselves handle system data structure specifics. Both
116 * struct utmp and struct utmpx have utility functions (see
117 * construct_utmp*()) to try to make it simpler to add extra systems
118 * that introduce new features to either structure.
119 *
120 * While it may seem terribly wasteful to replicate so much similar
121 * code for each method, experience has shown that maintaining code to
122 * write both struct utmp and utmpx in one function, whilst maintaining
123 * support for all systems whether they have library support or not, is
124 * a difficult and time-consuming task.
125 *
126 * Lastlog support proceeds similarly. Functions login_get_lastlog()
127 * (and its OpenSSH-tuned friend login_get_lastlog_time()) call
128 * getlast_entry(), which tries one of three methods to find the last
129 * login time. It uses local system lastlog support if it can,
130 * otherwise it tries wtmp or wtmpx before giving up and returning 0,
131 * meaning "tilt".
132 *
133 * Maintenance
134 * -----------
135 *
136 * In many cases it's possible to tweak autoconf to select the correct
137 * methods for a particular platform, either by improving the detection
138 * code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE
139 * symbols for the platform.
140 *
141 * Use logintest to check which symbols are defined before modifying
142 * configure.ac and loginrec.c. (You have to build logintest yourself
143 * with 'make logintest' as it's not built by default.)
144 *
145 * Otherwise, patches to the specific method(s) are very helpful!
146 */
1d7b9b20 147
148#include "includes.h"
149
81e73e57 150#include <sys/types.h>
151#include <sys/stat.h>
9794d008 152#include <sys/socket.h>
153
154#include <netinet/in.h>
81e73e57 155
22bbb3e6 156#include <fcntl.h>
b1842393 157#include <pwd.h>
158
1d7b9b20 159#include "ssh.h"
160#include "xmalloc.h"
161#include "loginrec.h"
42f11eb2 162#include "log.h"
163#include "atomicio.h"
b6610e8f 164#include "packet.h"
165#include "canohost.h"
c00e4d75 166#include "auth.h"
c53d8c93 167#include "buffer.h"
1d7b9b20 168
44d5f7f7 169#ifdef HAVE_UTIL_H
fa64c868 170# include <util.h>
44d5f7f7 171#endif
172
8f523d67 173#ifdef HAVE_LIBUTIL_H
fa64c868 174# include <libutil.h>
8f523d67 175#endif
176
1d7b9b20 177/**
178 ** prototypes for helper functions in this file
179 **/
180
181#if HAVE_UTMP_H
1d7b9b20 182void set_utmp_time(struct logininfo *li, struct utmp *ut);
183void construct_utmp(struct logininfo *li, struct utmp *ut);
184#endif
185
186#ifdef HAVE_UTMPX_H
1d7b9b20 187void set_utmpx_time(struct logininfo *li, struct utmpx *ut);
188void construct_utmpx(struct logininfo *li, struct utmpx *ut);
189#endif
190
191int utmp_write_entry(struct logininfo *li);
192int utmpx_write_entry(struct logininfo *li);
193int wtmp_write_entry(struct logininfo *li);
194int wtmpx_write_entry(struct logininfo *li);
195int lastlog_write_entry(struct logininfo *li);
196int syslogin_write_entry(struct logininfo *li);
197
198int getlast_entry(struct logininfo *li);
199int lastlog_get_entry(struct logininfo *li);
200int wtmp_get_entry(struct logininfo *li);
201int wtmpx_get_entry(struct logininfo *li);
202
5ccf88cb 203extern Buffer loginmsg;
204
5abcdf8e 205/* pick the shortest string */
fa64c868 206#define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))
5abcdf8e 207
1d7b9b20 208/**
209 ** platform-independent login functions
210 **/
211
fa64c868 212/*
213 * login_login(struct logininfo *) - Record a login
2b87da3b 214 *
5abcdf8e 215 * Call with a pointer to a struct logininfo initialised with
216 * login_init_entry() or login_alloc_entry()
217 *
218 * Returns:
219 * >0 if successful
220 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
221 */
564dd50a 222int
fa64c868 223login_login(struct logininfo *li)
564dd50a 224{
225 li->type = LTYPE_LOGIN;
fa64c868 226 return (login_write(li));
564dd50a 227}
1d7b9b20 228
229
fa64c868 230/*
231 * login_logout(struct logininfo *) - Record a logout
5abcdf8e 232 *
233 * Call as with login_login()
234 *
235 * Returns:
236 * >0 if successful
237 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
238 */
564dd50a 239int
240login_logout(struct logininfo *li)
241{
242 li->type = LTYPE_LOGOUT;
fa64c868 243 return (login_write(li));
1d7b9b20 244}
245
fa64c868 246/*
247 * login_get_lastlog_time(int) - Retrieve the last login time
5abcdf8e 248 *
249 * Retrieve the last login time for the given uid. Will try to use the
250 * system lastlog facilities if they are available, but will fall back
251 * to looking in wtmp/wtmpx if necessary
252 *
253 * Returns:
254 * 0 on failure, or if user has never logged in
255 * Time in seconds from the epoch if successful
256 *
257 * Useful preprocessor symbols:
258 * DISABLE_LASTLOG: If set, *never* even try to retrieve lastlog
259 * info
260 * USE_LASTLOG: If set, indicates the presence of system lastlog
261 * facilities. If this and DISABLE_LASTLOG are not set,
262 * try to retrieve lastlog information from wtmp/wtmpx.
263 */
564dd50a 264unsigned int
265login_get_lastlog_time(const int uid)
266{
267 struct logininfo li;
1d7b9b20 268
5abcdf8e 269 if (login_get_lastlog(&li, uid))
fa64c868 270 return (li.tv_sec);
5abcdf8e 271 else
fa64c868 272 return (0);
564dd50a 273}
1d7b9b20 274
fa64c868 275/*
276 * login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry
5abcdf8e 277 *
278 * Retrieve a logininfo structure populated (only partially) with
279 * information from the system lastlog data, or from wtmp/wtmpx if no
280 * system lastlog information exists.
281 *
282 * Note this routine must be given a pre-allocated logininfo.
283 *
284 * Returns:
285 * >0: A pointer to your struct logininfo if successful
286 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
5abcdf8e 287 */
564dd50a 288struct logininfo *
289login_get_lastlog(struct logininfo *li, const int uid)
290{
5abcdf8e 291 struct passwd *pw;
5abcdf8e 292
dbaa2e87 293 memset(li, '\0', sizeof(*li));
1d7b9b20 294 li->uid = uid;
5abcdf8e 295
2b87da3b 296 /*
9f32ceb4 297 * If we don't have a 'real' lastlog, we need the username to
5abcdf8e 298 * reliably search wtmp(x) for the last login (see
2b87da3b 299 * wtmp_get_entry().)
9f32ceb4 300 */
5abcdf8e 301 pw = getpwuid(uid);
a05a70ab 302 if (pw == NULL)
a233586b 303 fatal("%s: Cannot find account for uid %i", __func__, uid);
2b87da3b 304
1bfbb762 305 /* No MIN_SIZEOF here - we absolutely *must not* truncate the
fa64c868 306 * username (XXX - so check for trunc!) */
d8caae24 307 strlcpy(li->username, pw->pw_name, sizeof(li->username));
a05a70ab 308
564dd50a 309 if (getlast_entry(li))
fa64c868 310 return (li);
564dd50a 311 else
fa64c868 312 return (NULL);
1d7b9b20 313}
314
1d7b9b20 315
fa64c868 316/*
317 * login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
2b87da3b 318 * a logininfo structure
319 *
5abcdf8e 320 * This function creates a new struct logininfo, a data structure
321 * meant to carry the information required to portably record login info.
322 *
323 * Returns a pointer to a newly created struct logininfo. If memory
324 * allocation fails, the program halts.
325 */
564dd50a 326struct
327logininfo *login_alloc_entry(int pid, const char *username,
fa64c868 328 const char *hostname, const char *line)
564dd50a 329{
330 struct logininfo *newli;
1d7b9b20 331
fa64c868 332 newli = xmalloc(sizeof(*newli));
333 login_init_entry(newli, pid, username, hostname, line);
334 return (newli);
1d7b9b20 335}
336
337
5abcdf8e 338/* login_free_entry(struct logininfo *) - free struct memory */
1d7b9b20 339void
564dd50a 340login_free_entry(struct logininfo *li)
341{
342 xfree(li);
1d7b9b20 343}
344
345
5abcdf8e 346/* login_init_entry(struct logininfo *, int, char*, char*, char*)
347 * - initialise a struct logininfo
2b87da3b 348 *
5abcdf8e 349 * Populates a new struct logininfo, a data structure meant to carry
350 * the information required to portably record login info.
351 *
352 * Returns: 1
353 */
564dd50a 354int
2b87da3b 355login_init_entry(struct logininfo *li, int pid, const char *username,
fa64c868 356 const char *hostname, const char *line)
564dd50a 357{
d8caae24 358 struct passwd *pw;
2b87da3b 359
dbaa2e87 360 memset(li, 0, sizeof(*li));
2b87da3b 361
564dd50a 362 li->pid = pid;
d8caae24 363
564dd50a 364 /* set the line information */
365 if (line)
366 line_fullname(li->line, line, sizeof(li->line));
1d7b9b20 367
d8caae24 368 if (username) {
564dd50a 369 strlcpy(li->username, username, sizeof(li->username));
d8caae24 370 pw = getpwnam(li->username);
fa64c868 371 if (pw == NULL) {
d1cf9a87 372 fatal("%s: Cannot find user \"%s\"", __func__,
fa64c868 373 li->username);
374 }
d8caae24 375 li->uid = pw->pw_uid;
376 }
a05a70ab 377
564dd50a 378 if (hostname)
379 strlcpy(li->hostname, hostname, sizeof(li->hostname));
d8caae24 380
fa64c868 381 return (1);
1d7b9b20 382}
383
d1cf9a87 384/*
fa64c868 385 * login_set_current_time(struct logininfo *) - set the current time
5abcdf8e 386 *
387 * Set the current time in a logininfo structure. This function is
388 * meant to eliminate the need to deal with system dependencies for
389 * time handling.
390 */
1d7b9b20 391void
564dd50a 392login_set_current_time(struct logininfo *li)
393{
1d7b9b20 394 struct timeval tv;
395
396 gettimeofday(&tv, NULL);
2b87da3b 397
d8caae24 398 li->tv_sec = tv.tv_sec;
399 li->tv_usec = tv.tv_usec;
1d7b9b20 400}
401
564dd50a 402/* copy a sockaddr_* into our logininfo */
1d7b9b20 403void
564dd50a 404login_set_addr(struct logininfo *li, const struct sockaddr *sa,
fa64c868 405 const unsigned int sa_size)
564dd50a 406{
407 unsigned int bufsize = sa_size;
408
409 /* make sure we don't overrun our union */
410 if (sizeof(li->hostaddr) < sa_size)
411 bufsize = sizeof(li->hostaddr);
412
fa64c868 413 memcpy(&li->hostaddr.sa, sa, bufsize);
1d7b9b20 414}
1d7b9b20 415
564dd50a 416
417/**
418 ** login_write: Call low-level recording functions based on autoconf
419 ** results
420 **/
1d7b9b20 421int
fa64c868 422login_write(struct logininfo *li)
564dd50a 423{
3c62e7eb 424#ifndef HAVE_CYGWIN
fa64c868 425 if (geteuid() != 0) {
426 logit("Attempt to write login records by non-root user (aborting)");
427 return (1);
1d7b9b20 428 }
3c62e7eb 429#endif
a05a70ab 430
1d7b9b20 431 /* set the timestamp */
432 login_set_current_time(li);
433#ifdef USE_LOGIN
434 syslogin_write_entry(li);
435#endif
436#ifdef USE_LASTLOG
fa64c868 437 if (li->type == LTYPE_LOGIN)
1d7b9b20 438 lastlog_write_entry(li);
1d7b9b20 439#endif
440#ifdef USE_UTMP
441 utmp_write_entry(li);
442#endif
443#ifdef USE_WTMP
444 wtmp_write_entry(li);
445#endif
446#ifdef USE_UTMPX
447 utmpx_write_entry(li);
448#endif
449#ifdef USE_WTMPX
450 wtmpx_write_entry(li);
f5ed3301 451#endif
452#ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
d1cf9a87 453 if (li->type == LTYPE_LOGIN &&
98c044d0 454 !sys_auth_record_login(li->username,li->hostname,li->line,
455 &loginmsg))
f5ed3301 456 logit("Writing login record failed for %s", li->username);
c00e4d75 457#endif
6039eeef 458#ifdef SSH_AUDIT_EVENTS
c00e4d75 459 if (li->type == LTYPE_LOGIN)
460 audit_session_open(li->line);
461 else if (li->type == LTYPE_LOGOUT)
462 audit_session_close(li->line);
1d7b9b20 463#endif
fa64c868 464 return (0);
1d7b9b20 465}
466
7e2d5fa4 467#ifdef LOGIN_NEEDS_UTMPX
468int
469login_utmp_only(struct logininfo *li)
470{
aff51935 471 li->type = LTYPE_LOGIN;
9e127e27 472 login_set_current_time(li);
7e2d5fa4 473# ifdef USE_UTMP
474 utmp_write_entry(li);
475# endif
476# ifdef USE_WTMP
477 wtmp_write_entry(li);
478# endif
479# ifdef USE_UTMPX
480 utmpx_write_entry(li);
481# endif
482# ifdef USE_WTMPX
483 wtmpx_write_entry(li);
484# endif
fa64c868 485 return (0);
7e2d5fa4 486}
487#endif
488
564dd50a 489/**
490 ** getlast_entry: Call low-level functions to retrieve the last login
491 ** time.
492 **/
1d7b9b20 493
564dd50a 494/* take the uid in li and return the last login time */
1d7b9b20 495int
564dd50a 496getlast_entry(struct logininfo *li)
497{
498#ifdef USE_LASTLOG
9f32ceb4 499 return(lastlog_get_entry(li));
a05a70ab 500#else /* !USE_LASTLOG */
1d7b9b20 501
fa64c868 502#if defined(DISABLE_LASTLOG)
2b87da3b 503 /* On some systems we shouldn't even try to obtain last login
3f45f1c3 504 * time, e.g. AIX */
fa64c868 505 return (0);
506# elif defined(USE_WTMP) && \
507 (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP))
564dd50a 508 /* retrieve last login time from utmp */
a05a70ab 509 return (wtmp_get_entry(li));
fa64c868 510# elif defined(USE_WTMPX) && \
511 (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX))
564dd50a 512 /* If wtmp isn't available, try wtmpx */
a05a70ab 513 return (wtmpx_get_entry(li));
fa64c868 514# else
564dd50a 515 /* Give up: No means of retrieving last login time */
fa64c868 516 return (0);
2b87da3b 517# endif /* DISABLE_LASTLOG */
a05a70ab 518#endif /* USE_LASTLOG */
564dd50a 519}
1d7b9b20 520
521
1d7b9b20 522
523/*
564dd50a 524 * 'line' string utility functions
525 *
526 * These functions process the 'line' string into one of three forms:
527 *
1d7b9b20 528 * 1. The full filename (including '/dev')
529 * 2. The stripped name (excluding '/dev')
564dd50a 530 * 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
531 * /dev/pts/1 -> ts/1 )
1d7b9b20 532 *
533 * Form 3 is used on some systems to identify a .tmp.? entry when
534 * attempting to remove it. Typically both addition and removal is
564dd50a 535 * performed by one application - say, sshd - so as long as the choice
536 * uniquely identifies a terminal it's ok.
1d7b9b20 537 */
538
539
fa64c868 540/*
541 * line_fullname(): add the leading '/dev/' if it doesn't exist make
542 * sure dst has enough space, if not just copy src (ugh)
543 */
1d7b9b20 544char *
44d71ad5 545line_fullname(char *dst, const char *src, u_int dstsize)
564dd50a 546{
1d7b9b20 547 memset(dst, '\0', dstsize);
fa64c868 548 if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5)))
1d7b9b20 549 strlcpy(dst, src, dstsize);
fa64c868 550 else {
a4d05724 551 strlcpy(dst, "/dev/", dstsize);
1d7b9b20 552 strlcat(dst, src, dstsize);
553 }
fa64c868 554 return (dst);
1d7b9b20 555}
556
564dd50a 557/* line_stripname(): strip the leading '/dev' if it exists, return dst */
1d7b9b20 558char *
564dd50a 559line_stripname(char *dst, const char *src, int dstsize)
560{
1d7b9b20 561 memset(dst, '\0', dstsize);
562 if (strncmp(src, "/dev/", 5) == 0)
89d7510a 563 strlcpy(dst, src + 5, dstsize);
1d7b9b20 564 else
565 strlcpy(dst, src, dstsize);
fa64c868 566 return (dst);
564dd50a 567}
568
d1cf9a87 569/*
fa64c868 570 * line_abbrevname(): Return the abbreviated (usually four-character)
564dd50a 571 * form of the line (Just use the last <dstsize> characters of the
572 * full name.)
573 *
574 * NOTE: use strncpy because we do NOT necessarily want zero
fa64c868 575 * termination
576 */
1d7b9b20 577char *
2b87da3b 578line_abbrevname(char *dst, const char *src, int dstsize)
a05a70ab 579{
580 size_t len;
2b87da3b 581
1d7b9b20 582 memset(dst, '\0', dstsize);
2b87da3b 583
daaff4d5 584 /* Always skip prefix if present */
585 if (strncmp(src, "/dev/", 5) == 0)
586 src += 5;
2b87da3b 587
0e8f4eba 588#ifdef WITH_ABBREV_NO_TTY
589 if (strncmp(src, "tty", 3) == 0)
590 src += 3;
591#endif
592
a05a70ab 593 len = strlen(src);
594
daaff4d5 595 if (len > 0) {
596 if (((int)len - dstsize) > 0)
597 src += ((int)len - dstsize);
598
599 /* note: _don't_ change this to strlcpy */
2b87da3b 600 strncpy(dst, src, (size_t)dstsize);
a05a70ab 601 }
2b87da3b 602
fa64c868 603 return (dst);
1d7b9b20 604}
605
1d7b9b20 606/**
607 ** utmp utility functions
564dd50a 608 **
609 ** These functions manipulate struct utmp, taking system differences
610 ** into account.
1d7b9b20 611 **/
612
613#if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN)
614
1d7b9b20 615/* build the utmp structure */
616void
564dd50a 617set_utmp_time(struct logininfo *li, struct utmp *ut)
618{
fa64c868 619# if defined(HAVE_TV_IN_UTMP)
1d7b9b20 620 ut->ut_tv.tv_sec = li->tv_sec;
621 ut->ut_tv.tv_usec = li->tv_usec;
fa64c868 622# elif defined(HAVE_TIME_IN_UTMP)
1d7b9b20 623 ut->ut_time = li->tv_sec;
a05a70ab 624# endif
1d7b9b20 625}
626
627void
628construct_utmp(struct logininfo *li,
564dd50a 629 struct utmp *ut)
630{
9746ee4b 631# ifdef HAVE_ADDR_V6_IN_UTMP
632 struct sockaddr_in6 *sa6;
fa64c868 633# endif
634
dbaa2e87 635 memset(ut, '\0', sizeof(*ut));
5abcdf8e 636
637 /* First fill out fields used for both logins and logouts */
638
a05a70ab 639# ifdef HAVE_ID_IN_UTMP
1d7b9b20 640 line_abbrevname(ut->ut_id, li->line, sizeof(ut->ut_id));
a05a70ab 641# endif
1d7b9b20 642
a05a70ab 643# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 644 /* This is done here to keep utmp constants out of struct logininfo */
1d7b9b20 645 switch (li->type) {
646 case LTYPE_LOGIN:
647 ut->ut_type = USER_PROCESS;
ef51930f 648#ifdef _UNICOS
1a23ac2c 649 cray_set_tmpdir(ut);
650#endif
1d7b9b20 651 break;
652 case LTYPE_LOGOUT:
653 ut->ut_type = DEAD_PROCESS;
ef51930f 654#ifdef _UNICOS
1a23ac2c 655 cray_retain_utmp(ut, li->pid);
656#endif
1d7b9b20 657 break;
658 }
a05a70ab 659# endif
5abcdf8e 660 set_utmp_time(li, ut);
1d7b9b20 661
5abcdf8e 662 line_stripname(ut->ut_line, li->line, sizeof(ut->ut_line));
a05a70ab 663
664# ifdef HAVE_PID_IN_UTMP
1d7b9b20 665 ut->ut_pid = li->pid;
a05a70ab 666# endif
5abcdf8e 667
668 /* If we're logging out, leave all other fields blank */
669 if (li->type == LTYPE_LOGOUT)
fa64c868 670 return;
5abcdf8e 671
a05a70ab 672 /*
673 * These fields are only used when logging in, and are blank
2b87da3b 674 * for logouts.
a05a70ab 675 */
5abcdf8e 676
677 /* Use strncpy because we don't necessarily want null termination */
fa64c868 678 strncpy(ut->ut_name, li->username,
679 MIN_SIZEOF(ut->ut_name, li->username));
a05a70ab 680# ifdef HAVE_HOST_IN_UTMP
fa64c868 681 strncpy(ut->ut_host, li->hostname,
682 MIN_SIZEOF(ut->ut_host, li->hostname));
a05a70ab 683# endif
684# ifdef HAVE_ADDR_IN_UTMP
564dd50a 685 /* this is just a 32-bit IP address */
686 if (li->hostaddr.sa.sa_family == AF_INET)
687 ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
2b87da3b 688# endif
9746ee4b 689# ifdef HAVE_ADDR_V6_IN_UTMP
690 /* this is just a 128-bit IPv6 address */
691 if (li->hostaddr.sa.sa_family == AF_INET6) {
692 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
693 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
694 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
695 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
696 ut->ut_addr_v6[1] = 0;
697 ut->ut_addr_v6[2] = 0;
698 ut->ut_addr_v6[3] = 0;
699 }
700 }
701# endif
564dd50a 702}
a05a70ab 703#endif /* USE_UTMP || USE_WTMP || USE_LOGIN */
564dd50a 704
1d7b9b20 705/**
706 ** utmpx utility functions
564dd50a 707 **
708 ** These functions manipulate struct utmpx, accounting for system
709 ** variations.
1d7b9b20 710 **/
711
712#if defined(USE_UTMPX) || defined (USE_WTMPX)
1d7b9b20 713/* build the utmpx structure */
714void
564dd50a 715set_utmpx_time(struct logininfo *li, struct utmpx *utx)
716{
fa64c868 717# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 718 utx->ut_tv.tv_sec = li->tv_sec;
719 utx->ut_tv.tv_usec = li->tv_usec;
fa64c868 720# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 721 utx->ut_time = li->tv_sec;
fa64c868 722# endif
1d7b9b20 723}
724
725void
564dd50a 726construct_utmpx(struct logininfo *li, struct utmpx *utx)
727{
9746ee4b 728# ifdef HAVE_ADDR_V6_IN_UTMP
729 struct sockaddr_in6 *sa6;
730# endif
dbaa2e87 731 memset(utx, '\0', sizeof(*utx));
fa64c868 732
daaff4d5 733# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 734 line_abbrevname(utx->ut_id, li->line, sizeof(utx->ut_id));
daaff4d5 735# endif
1d7b9b20 736
737 /* this is done here to keep utmp constants out of loginrec.h */
738 switch (li->type) {
739 case LTYPE_LOGIN:
740 utx->ut_type = USER_PROCESS;
741 break;
742 case LTYPE_LOGOUT:
743 utx->ut_type = DEAD_PROCESS;
744 break;
745 }
1d7b9b20 746 line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line));
1d7b9b20 747 set_utmpx_time(li, utx);
5abcdf8e 748 utx->ut_pid = li->pid;
fa64c868 749
f3837bc6 750 /* strncpy(): Don't necessarily want null termination */
fa64c868 751 strncpy(utx->ut_name, li->username,
752 MIN_SIZEOF(utx->ut_name, li->username));
5abcdf8e 753
754 if (li->type == LTYPE_LOGOUT)
755 return;
756
a05a70ab 757 /*
758 * These fields are only used when logging in, and are blank
2b87da3b 759 * for logouts.
a05a70ab 760 */
5abcdf8e 761
a05a70ab 762# ifdef HAVE_HOST_IN_UTMPX
fa64c868 763 strncpy(utx->ut_host, li->hostname,
764 MIN_SIZEOF(utx->ut_host, li->hostname));
a05a70ab 765# endif
766# ifdef HAVE_ADDR_IN_UTMPX
764d4113 767 /* this is just a 32-bit IP address */
768 if (li->hostaddr.sa.sa_family == AF_INET)
769 utx->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
a05a70ab 770# endif
9746ee4b 771# ifdef HAVE_ADDR_V6_IN_UTMP
772 /* this is just a 128-bit IPv6 address */
773 if (li->hostaddr.sa.sa_family == AF_INET6) {
774 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
775 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
776 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
777 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
778 ut->ut_addr_v6[1] = 0;
779 ut->ut_addr_v6[2] = 0;
780 ut->ut_addr_v6[3] = 0;
781 }
782 }
783# endif
a05a70ab 784# ifdef HAVE_SYSLEN_IN_UTMPX
5abcdf8e 785 /* ut_syslen is the length of the utx_host string */
786 utx->ut_syslen = MIN(strlen(li->hostname), sizeof(utx->ut_host));
a05a70ab 787# endif
564dd50a 788}
a05a70ab 789#endif /* USE_UTMPX || USE_WTMPX */
1d7b9b20 790
791/**
564dd50a 792 ** Low-level utmp functions
1d7b9b20 793 **/
794
795/* FIXME: (ATL) utmp_write_direct needs testing */
1d7b9b20 796#ifdef USE_UTMP
797
1d7b9b20 798/* if we can, use pututline() etc. */
a05a70ab 799# if !defined(DISABLE_PUTUTLINE) && defined(HAVE_SETUTENT) && \
800 defined(HAVE_PUTUTLINE)
1d7b9b20 801# define UTMP_USE_LIBRARY
a05a70ab 802# endif
1d7b9b20 803
804
805/* write a utmp entry with the system's help (pututline() and pals) */
a05a70ab 806# ifdef UTMP_USE_LIBRARY
1d7b9b20 807static int
564dd50a 808utmp_write_library(struct logininfo *li, struct utmp *ut)
809{
1d7b9b20 810 setutent();
811 pututline(ut);
a05a70ab 812# ifdef HAVE_ENDUTENT
1d7b9b20 813 endutent();
a05a70ab 814# endif
fa64c868 815 return (1);
564dd50a 816}
a05a70ab 817# else /* UTMP_USE_LIBRARY */
1d7b9b20 818
d1cf9a87 819/*
fa64c868 820 * Write a utmp entry direct to the file
821 * This is a slightly modification of code in OpenBSD's login.c
822 */
1d7b9b20 823static int
564dd50a 824utmp_write_direct(struct logininfo *li, struct utmp *ut)
825{
1d7b9b20 826 struct utmp old_ut;
827 register int fd;
828 int tty;
829
5abcdf8e 830 /* FIXME: (ATL) ttyslot() needs local implementation */
dbaa2e87 831
698d107e 832#if defined(HAVE_GETTTYENT)
fa64c868 833 struct ttyent *ty;
dbaa2e87 834
835 tty=0;
dbaa2e87 836 setttyent();
fa64c868 837 while (NULL != (ty = getttyent())) {
dbaa2e87 838 tty++;
839 if (!strncmp(ty->ty_name, ut->ut_line, sizeof(ut->ut_line)))
840 break;
841 }
842 endttyent();
843
fa64c868 844 if (NULL == ty) {
5f12e050 845 logit("%s: tty not found", __func__);
846 return (0);
dbaa2e87 847 }
848#else /* FIXME */
849
1d7b9b20 850 tty = ttyslot(); /* seems only to work for /dev/ttyp? style names */
851
698d107e 852#endif /* HAVE_GETTTYENT */
dbaa2e87 853
1d7b9b20 854 if (tty > 0 && (fd = open(UTMP_FILE, O_RDWR|O_CREAT, 0644)) >= 0) {
5f12e050 855 off_t pos, ret;
856
857 pos = (off_t)tty * sizeof(struct utmp);
858 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 859 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 860 return (0);
861 }
862 if (ret != pos) {
d1cf9a87 863 logit("%s: Couldn't seek to tty %d slot in %s",
f6d20d59 864 __func__, tty, UTMP_FILE);
5f12e050 865 return (0);
866 }
1d7b9b20 867 /*
868 * Prevent luser from zero'ing out ut_host.
869 * If the new ut_line is empty but the old one is not
dc2a6d09 870 * and ut_line and ut_name match, preserve the old ut_line.
1d7b9b20 871 */
2b87da3b 872 if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) &&
fa64c868 873 (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') &&
874 (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) &&
875 (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0))
876 memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host));
2b87da3b 877
5f12e050 878 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 879 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 880 return (0);
881 }
882 if (ret != pos) {
f6d20d59 883 logit("%s: Couldn't seek to tty %d slot in %s",
5f12e050 884 __func__, tty, UTMP_FILE);
885 return (0);
886 }
fa64c868 887 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
5f12e050 888 logit("%s: error writing %s: %s", __func__,
5abcdf8e 889 UTMP_FILE, strerror(errno));
fa64c868 890 }
2b87da3b 891
fa64c868 892 close(fd);
893 return (1);
9f32ceb4 894 } else {
fa64c868 895 return (0);
9f32ceb4 896 }
564dd50a 897}
a05a70ab 898# endif /* UTMP_USE_LIBRARY */
1d7b9b20 899
900static int
564dd50a 901utmp_perform_login(struct logininfo *li)
902{
1d7b9b20 903 struct utmp ut;
904
905 construct_utmp(li, &ut);
a05a70ab 906# ifdef UTMP_USE_LIBRARY
1d7b9b20 907 if (!utmp_write_library(li, &ut)) {
a233586b 908 logit("%s: utmp_write_library() failed", __func__);
fa64c868 909 return (0);
1d7b9b20 910 }
a05a70ab 911# else
1d7b9b20 912 if (!utmp_write_direct(li, &ut)) {
a233586b 913 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 914 return (0);
1d7b9b20 915 }
a05a70ab 916# endif
fa64c868 917 return (1);
564dd50a 918}
1d7b9b20 919
920
921static int
564dd50a 922utmp_perform_logout(struct logininfo *li)
923{
1d7b9b20 924 struct utmp ut;
925
5abcdf8e 926 construct_utmp(li, &ut);
a05a70ab 927# ifdef UTMP_USE_LIBRARY
5abcdf8e 928 if (!utmp_write_library(li, &ut)) {
a233586b 929 logit("%s: utmp_write_library() failed", __func__);
fa64c868 930 return (0);
5abcdf8e 931 }
a05a70ab 932# else
5abcdf8e 933 if (!utmp_write_direct(li, &ut)) {
a233586b 934 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 935 return (0);
5abcdf8e 936 }
a05a70ab 937# endif
fa64c868 938 return (1);
564dd50a 939}
1d7b9b20 940
941
942int
564dd50a 943utmp_write_entry(struct logininfo *li)
944{
1d7b9b20 945 switch(li->type) {
946 case LTYPE_LOGIN:
fa64c868 947 return (utmp_perform_login(li));
1d7b9b20 948
949 case LTYPE_LOGOUT:
fa64c868 950 return (utmp_perform_logout(li));
1d7b9b20 951
952 default:
a233586b 953 logit("%s: invalid type field", __func__);
fa64c868 954 return (0);
1d7b9b20 955 }
564dd50a 956}
a05a70ab 957#endif /* USE_UTMP */
1d7b9b20 958
959
960/**
564dd50a 961 ** Low-level utmpx functions
1d7b9b20 962 **/
963
964/* not much point if we don't want utmpx entries */
965#ifdef USE_UTMPX
966
1d7b9b20 967/* if we have the wherewithall, use pututxline etc. */
a05a70ab 968# if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \
969 defined(HAVE_PUTUTXLINE)
1d7b9b20 970# define UTMPX_USE_LIBRARY
a05a70ab 971# endif
1d7b9b20 972
973
974/* write a utmpx entry with the system's help (pututxline() and pals) */
a05a70ab 975# ifdef UTMPX_USE_LIBRARY
1d7b9b20 976static int
564dd50a 977utmpx_write_library(struct logininfo *li, struct utmpx *utx)
978{
1d7b9b20 979 setutxent();
980 pututxline(utx);
981
a05a70ab 982# ifdef HAVE_ENDUTXENT
1d7b9b20 983 endutxent();
a05a70ab 984# endif
fa64c868 985 return (1);
564dd50a 986}
1d7b9b20 987
a05a70ab 988# else /* UTMPX_USE_LIBRARY */
1d7b9b20 989
990/* write a utmp entry direct to the file */
991static int
564dd50a 992utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
2b87da3b 993{
a233586b 994 logit("%s: not implemented!", __func__);
fa64c868 995 return (0);
564dd50a 996}
a05a70ab 997# endif /* UTMPX_USE_LIBRARY */
1d7b9b20 998
999static int
564dd50a 1000utmpx_perform_login(struct logininfo *li)
1001{
1d7b9b20 1002 struct utmpx utx;
1003
1004 construct_utmpx(li, &utx);
a05a70ab 1005# ifdef UTMPX_USE_LIBRARY
1d7b9b20 1006 if (!utmpx_write_library(li, &utx)) {
a233586b 1007 logit("%s: utmp_write_library() failed", __func__);
fa64c868 1008 return (0);
1d7b9b20 1009 }
a05a70ab 1010# else
1d7b9b20 1011 if (!utmpx_write_direct(li, &ut)) {
a233586b 1012 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 1013 return (0);
1d7b9b20 1014 }
a05a70ab 1015# endif
fa64c868 1016 return (1);
564dd50a 1017}
1d7b9b20 1018
1019
1020static int
564dd50a 1021utmpx_perform_logout(struct logininfo *li)
1022{
1d7b9b20 1023 struct utmpx utx;
1024
f3837bc6 1025 construct_utmpx(li, &utx);
a05a70ab 1026# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 1027 line_abbrevname(utx.ut_id, li->line, sizeof(utx.ut_id));
a05a70ab 1028# endif
1029# ifdef HAVE_TYPE_IN_UTMPX
1d7b9b20 1030 utx.ut_type = DEAD_PROCESS;
a05a70ab 1031# endif
1d7b9b20 1032
a05a70ab 1033# ifdef UTMPX_USE_LIBRARY
1d7b9b20 1034 utmpx_write_library(li, &utx);
a05a70ab 1035# else
1d7b9b20 1036 utmpx_write_direct(li, &utx);
a05a70ab 1037# endif
fa64c868 1038 return (1);
564dd50a 1039}
1d7b9b20 1040
1d7b9b20 1041int
564dd50a 1042utmpx_write_entry(struct logininfo *li)
1043{
1d7b9b20 1044 switch(li->type) {
1045 case LTYPE_LOGIN:
fa64c868 1046 return (utmpx_perform_login(li));
1d7b9b20 1047 case LTYPE_LOGOUT:
fa64c868 1048 return (utmpx_perform_logout(li));
1d7b9b20 1049 default:
a233586b 1050 logit("%s: invalid type field", __func__);
fa64c868 1051 return (0);
1d7b9b20 1052 }
564dd50a 1053}
a05a70ab 1054#endif /* USE_UTMPX */
1d7b9b20 1055
1056
1057/**
564dd50a 1058 ** Low-level wtmp functions
1d7b9b20 1059 **/
1060
2b87da3b 1061#ifdef USE_WTMP
1d7b9b20 1062
d1cf9a87 1063/*
fa64c868 1064 * Write a wtmp entry direct to the end of the file
1065 * This is a slight modification of code in OpenBSD's logwtmp.c
1066 */
1d7b9b20 1067static int
564dd50a 1068wtmp_write(struct logininfo *li, struct utmp *ut)
1069{
1d7b9b20 1070 struct stat buf;
1071 int fd, ret = 1;
1072
1073 if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
a233586b 1074 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1075 WTMP_FILE, strerror(errno));
fa64c868 1076 return (0);
1d7b9b20 1077 }
2b87da3b 1078 if (fstat(fd, &buf) == 0)
d72f7b79 1079 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
1d7b9b20 1080 ftruncate(fd, buf.st_size);
a233586b 1081 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1082 WTMP_FILE, strerror(errno));
1083 ret = 0;
1084 }
fa64c868 1085 close(fd);
1086 return (ret);
564dd50a 1087}
1d7b9b20 1088
1d7b9b20 1089static int
a05a70ab 1090wtmp_perform_login(struct logininfo *li)
1091{
1d7b9b20 1092 struct utmp ut;
1093
1094 construct_utmp(li, &ut);
fa64c868 1095 return (wtmp_write(li, &ut));
564dd50a 1096}
1d7b9b20 1097
1098
1099static int
564dd50a 1100wtmp_perform_logout(struct logininfo *li)
1101{
1d7b9b20 1102 struct utmp ut;
1103
1104 construct_utmp(li, &ut);
fa64c868 1105 return (wtmp_write(li, &ut));
564dd50a 1106}
1d7b9b20 1107
1108
1109int
564dd50a 1110wtmp_write_entry(struct logininfo *li)
1111{
1d7b9b20 1112 switch(li->type) {
1113 case LTYPE_LOGIN:
fa64c868 1114 return (wtmp_perform_login(li));
1d7b9b20 1115 case LTYPE_LOGOUT:
fa64c868 1116 return (wtmp_perform_logout(li));
1d7b9b20 1117 default:
a233586b 1118 logit("%s: invalid type field", __func__);
fa64c868 1119 return (0);
1d7b9b20 1120 }
564dd50a 1121}
1d7b9b20 1122
1123
d1cf9a87 1124/*
fa64c868 1125 * Notes on fetching login data from wtmp/wtmpx
2b87da3b 1126 *
5abcdf8e 1127 * Logouts are usually recorded with (amongst other things) a blank
1128 * username on a given tty line. However, some systems (HP-UX is one)
1129 * leave all fields set, but change the ut_type field to DEAD_PROCESS.
1130 *
1131 * Since we're only looking for logins here, we know that the username
1132 * must be set correctly. On systems that leave it in, we check for
1133 * ut_type==USER_PROCESS (indicating a login.)
1134 *
1135 * Portability: Some systems may set something other than USER_PROCESS
1136 * to indicate a login process. I don't know of any as I write. Also,
1137 * it's possible that some systems may both leave the username in
1138 * place and not have ut_type.
1139 */
1140
5abcdf8e 1141/* return true if this wtmp entry indicates a login */
1142static int
1143wtmp_islogin(struct logininfo *li, struct utmp *ut)
1144{
2b87da3b 1145 if (strncmp(li->username, ut->ut_name,
fa64c868 1146 MIN_SIZEOF(li->username, ut->ut_name)) == 0) {
a05a70ab 1147# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 1148 if (ut->ut_type & USER_PROCESS)
fa64c868 1149 return (1);
a05a70ab 1150# else
fa64c868 1151 return (1);
a05a70ab 1152# endif
5abcdf8e 1153 }
fa64c868 1154 return (0);
5abcdf8e 1155}
1156
1d7b9b20 1157int
564dd50a 1158wtmp_get_entry(struct logininfo *li)
1159{
1d7b9b20 1160 struct stat st;
1161 struct utmp ut;
fa64c868 1162 int fd, found = 0;
5abcdf8e 1163
1164 /* Clear the time entries in our logininfo */
1165 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1166
1167 if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) {
d1cf9a87 1168 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1169 WTMP_FILE, strerror(errno));
fa64c868 1170 return (0);
1d7b9b20 1171 }
2b87da3b 1172 if (fstat(fd, &st) != 0) {
d1cf9a87 1173 logit("%s: couldn't stat %s: %s", __func__,
1d7b9b20 1174 WTMP_FILE, strerror(errno));
1175 close(fd);
fa64c868 1176 return (0);
1d7b9b20 1177 }
1d7b9b20 1178
5abcdf8e 1179 /* Seek to the start of the last struct utmp */
d9d47a26 1180 if (lseek(fd, -(off_t)sizeof(struct utmp), SEEK_END) == -1) {
5abcdf8e 1181 /* Looks like we've got a fresh wtmp file */
1182 close(fd);
fa64c868 1183 return (0);
5abcdf8e 1184 }
1185
1186 while (!found) {
9f32ceb4 1187 if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) {
d1cf9a87 1188 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1189 WTMP_FILE, strerror(errno));
1190 close (fd);
fa64c868 1191 return (0);
1d7b9b20 1192 }
5abcdf8e 1193 if ( wtmp_islogin(li, &ut) ) {
1194 found = 1;
fa64c868 1195 /*
1196 * We've already checked for a time in struct
1197 * utmp, in login_getlast()
1198 */
a05a70ab 1199# ifdef HAVE_TIME_IN_UTMP
1d7b9b20 1200 li->tv_sec = ut.ut_time;
a05a70ab 1201# else
1d7b9b20 1202# if HAVE_TV_IN_UTMP
1203 li->tv_sec = ut.ut_tv.tv_sec;
1204# endif
a05a70ab 1205# endif
5abcdf8e 1206 line_fullname(li->line, ut.ut_line,
fa64c868 1207 MIN_SIZEOF(li->line, ut.ut_line));
a05a70ab 1208# ifdef HAVE_HOST_IN_UTMP
5abcdf8e 1209 strlcpy(li->hostname, ut.ut_host,
fa64c868 1210 MIN_SIZEOF(li->hostname, ut.ut_host));
a05a70ab 1211# endif
5abcdf8e 1212 continue;
1d7b9b20 1213 }
5abcdf8e 1214 /* Seek back 2 x struct utmp */
d9d47a26 1215 if (lseek(fd, -(off_t)(2 * sizeof(struct utmp)), SEEK_CUR) == -1) {
5abcdf8e 1216 /* We've found the start of the file, so quit */
fa64c868 1217 close(fd);
1218 return (0);
1d7b9b20 1219 }
5abcdf8e 1220 }
1221
1222 /* We found an entry. Tidy up and return */
1223 close(fd);
fa64c868 1224 return (1);
564dd50a 1225}
a05a70ab 1226# endif /* USE_WTMP */
1d7b9b20 1227
1228
1229/**
564dd50a 1230 ** Low-level wtmpx functions
1d7b9b20 1231 **/
1232
1233#ifdef USE_WTMPX
fa64c868 1234/*
1235 * Write a wtmpx entry direct to the end of the file
1236 * This is a slight modification of code in OpenBSD's logwtmp.c
1237 */
1d7b9b20 1238static int
564dd50a 1239wtmpx_write(struct logininfo *li, struct utmpx *utx)
1240{
41c64c91 1241#ifndef HAVE_UPDWTMPX
1d7b9b20 1242 struct stat buf;
1243 int fd, ret = 1;
1244
1245 if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
d1cf9a87 1246 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1247 WTMPX_FILE, strerror(errno));
fa64c868 1248 return (0);
1d7b9b20 1249 }
1250
2b87da3b 1251 if (fstat(fd, &buf) == 0)
d72f7b79 1252 if (atomicio(vwrite, fd, utx, sizeof(*utx)) != sizeof(*utx)) {
1d7b9b20 1253 ftruncate(fd, buf.st_size);
a233586b 1254 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1255 WTMPX_FILE, strerror(errno));
1256 ret = 0;
1257 }
fa64c868 1258 close(fd);
1d7b9b20 1259
fa64c868 1260 return (ret);
41c64c91 1261#else
1262 updwtmpx(WTMPX_FILE, utx);
fa64c868 1263 return (1);
41c64c91 1264#endif
564dd50a 1265}
1d7b9b20 1266
1267
1268static int
564dd50a 1269wtmpx_perform_login(struct logininfo *li)
1270{
1d7b9b20 1271 struct utmpx utx;
1272
1273 construct_utmpx(li, &utx);
fa64c868 1274 return (wtmpx_write(li, &utx));
564dd50a 1275}
1d7b9b20 1276
1277
1278static int
564dd50a 1279wtmpx_perform_logout(struct logininfo *li)
1280{
1d7b9b20 1281 struct utmpx utx;
1282
1283 construct_utmpx(li, &utx);
fa64c868 1284 return (wtmpx_write(li, &utx));
564dd50a 1285}
1d7b9b20 1286
1287
1288int
564dd50a 1289wtmpx_write_entry(struct logininfo *li)
1290{
1d7b9b20 1291 switch(li->type) {
1292 case LTYPE_LOGIN:
fa64c868 1293 return (wtmpx_perform_login(li));
1d7b9b20 1294 case LTYPE_LOGOUT:
fa64c868 1295 return (wtmpx_perform_logout(li));
1d7b9b20 1296 default:
a233586b 1297 logit("%s: invalid type field", __func__);
fa64c868 1298 return (0);
1d7b9b20 1299 }
564dd50a 1300}
1d7b9b20 1301
5abcdf8e 1302/* Please see the notes above wtmp_islogin() for information about the
1303 next two functions */
1304
1305/* Return true if this wtmpx entry indicates a login */
1306static int
1307wtmpx_islogin(struct logininfo *li, struct utmpx *utx)
1308{
fa64c868 1309 if (strncmp(li->username, utx->ut_name,
1310 MIN_SIZEOF(li->username, utx->ut_name)) == 0 ) {
a05a70ab 1311# ifdef HAVE_TYPE_IN_UTMPX
5abcdf8e 1312 if (utx->ut_type == USER_PROCESS)
fa64c868 1313 return (1);
a05a70ab 1314# else
fa64c868 1315 return (1);
a05a70ab 1316# endif
5abcdf8e 1317 }
fa64c868 1318 return (0);
5abcdf8e 1319}
1320
1d7b9b20 1321
1322int
564dd50a 1323wtmpx_get_entry(struct logininfo *li)
1324{
1d7b9b20 1325 struct stat st;
1326 struct utmpx utx;
5abcdf8e 1327 int fd, found=0;
1328
1329 /* Clear the time entries */
1330 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1331
1332 if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) {
d1cf9a87 1333 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1334 WTMPX_FILE, strerror(errno));
fa64c868 1335 return (0);
1d7b9b20 1336 }
2b87da3b 1337 if (fstat(fd, &st) != 0) {
d1cf9a87 1338 logit("%s: couldn't stat %s: %s", __func__,
fdebdd4f 1339 WTMPX_FILE, strerror(errno));
1d7b9b20 1340 close(fd);
fa64c868 1341 return (0);
1d7b9b20 1342 }
2b87da3b 1343
5abcdf8e 1344 /* Seek to the start of the last struct utmpx */
d9d47a26 1345 if (lseek(fd, -(off_t)sizeof(struct utmpx), SEEK_END) == -1 ) {
5abcdf8e 1346 /* probably a newly rotated wtmpx file */
1347 close(fd);
fa64c868 1348 return (0);
5abcdf8e 1349 }
1d7b9b20 1350
5abcdf8e 1351 while (!found) {
9f32ceb4 1352 if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) {
d1cf9a87 1353 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1354 WTMPX_FILE, strerror(errno));
1355 close (fd);
fa64c868 1356 return (0);
1d7b9b20 1357 }
fa64c868 1358 /*
d1cf9a87 1359 * Logouts are recorded as a blank username on a particular
fa64c868 1360 * line. So, we just need to find the username in struct utmpx
1361 */
1362 if (wtmpx_islogin(li, &utx)) {
d80063fe 1363 found = 1;
fa64c868 1364# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 1365 li->tv_sec = utx.ut_tv.tv_sec;
fa64c868 1366# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 1367 li->tv_sec = utx.ut_time;
a05a70ab 1368# endif
a4d05724 1369 line_fullname(li->line, utx.ut_line, sizeof(li->line));
fa64c868 1370# if defined(HAVE_HOST_IN_UTMPX)
5abcdf8e 1371 strlcpy(li->hostname, utx.ut_host,
fa64c868 1372 MIN_SIZEOF(li->hostname, utx.ut_host));
a05a70ab 1373# endif
5abcdf8e 1374 continue;
1d7b9b20 1375 }
d9d47a26 1376 if (lseek(fd, -(off_t)(2 * sizeof(struct utmpx)), SEEK_CUR) == -1) {
fa64c868 1377 close(fd);
1378 return (0);
1d7b9b20 1379 }
5abcdf8e 1380 }
1381
1382 close(fd);
fa64c868 1383 return (1);
564dd50a 1384}
f988dce5 1385#endif /* USE_WTMPX */
1d7b9b20 1386
1d7b9b20 1387/**
564dd50a 1388 ** Low-level libutil login() functions
1d7b9b20 1389 **/
1390
1391#ifdef USE_LOGIN
1d7b9b20 1392static int
564dd50a 1393syslogin_perform_login(struct logininfo *li)
1394{
1d7b9b20 1395 struct utmp *ut;
1396
7a52470e 1397 ut = xmalloc(sizeof(*ut));
1d7b9b20 1398 construct_utmp(li, ut);
1399 login(ut);
6cef88bc 1400 free(ut);
1d7b9b20 1401
fa64c868 1402 return (1);
564dd50a 1403}
1d7b9b20 1404
564dd50a 1405static int
1406syslogin_perform_logout(struct logininfo *li)
1407{
a05a70ab 1408# ifdef HAVE_LOGOUT
f20d4564 1409 char line[UT_LINESIZE];
2b87da3b 1410
1d7b9b20 1411 (void)line_stripname(line, li->line, sizeof(line));
1412
fa64c868 1413 if (!logout(line))
a233586b 1414 logit("%s: logout() returned an error", __func__);
a05a70ab 1415# ifdef HAVE_LOGWTMP
fa64c868 1416 else
1d7b9b20 1417 logwtmp(line, "", "");
a05a70ab 1418# endif
5abcdf8e 1419 /* FIXME: (ATL - if the need arises) What to do if we have
1420 * login, but no logout? what if logout but no logwtmp? All
1421 * routines are in libutil so they should all be there,
1422 * but... */
a05a70ab 1423# endif
fa64c868 1424 return (1);
564dd50a 1425}
1d7b9b20 1426
1d7b9b20 1427int
564dd50a 1428syslogin_write_entry(struct logininfo *li)
1429{
1d7b9b20 1430 switch (li->type) {
1431 case LTYPE_LOGIN:
fa64c868 1432 return (syslogin_perform_login(li));
1d7b9b20 1433 case LTYPE_LOGOUT:
fa64c868 1434 return (syslogin_perform_logout(li));
1d7b9b20 1435 default:
a233586b 1436 logit("%s: Invalid type field", __func__);
fa64c868 1437 return (0);
1d7b9b20 1438 }
564dd50a 1439}
f988dce5 1440#endif /* USE_LOGIN */
1d7b9b20 1441
1442/* end of file log-syslogin.c */
1443
1d7b9b20 1444/**
564dd50a 1445 ** Low-level lastlog functions
1d7b9b20 1446 **/
1447
1448#ifdef USE_LASTLOG
a05a70ab 1449#define LL_FILE 1
1450#define LL_DIR 2
1451#define LL_OTHER 3
1d7b9b20 1452
1d7b9b20 1453static void
564dd50a 1454lastlog_construct(struct logininfo *li, struct lastlog *last)
1455{
1d7b9b20 1456 /* clear the structure */
dbaa2e87 1457 memset(last, '\0', sizeof(*last));
2b87da3b 1458
fa64c868 1459 line_stripname(last->ll_line, li->line, sizeof(last->ll_line));
5abcdf8e 1460 strlcpy(last->ll_host, li->hostname,
1461 MIN_SIZEOF(last->ll_host, li->hostname));
1d7b9b20 1462 last->ll_time = li->tv_sec;
564dd50a 1463}
1d7b9b20 1464
1d7b9b20 1465static int
564dd50a 1466lastlog_filetype(char *filename)
1467{
1d7b9b20 1468 struct stat st;
1469
a05a70ab 1470 if (stat(LASTLOG_FILE, &st) != 0) {
a233586b 1471 logit("%s: Couldn't stat %s: %s", __func__,
fa64c868 1472 LASTLOG_FILE, strerror(errno));
1473 return (0);
1d7b9b20 1474 }
1d7b9b20 1475 if (S_ISDIR(st.st_mode))
fa64c868 1476 return (LL_DIR);
1d7b9b20 1477 else if (S_ISREG(st.st_mode))
fa64c868 1478 return (LL_FILE);
1d7b9b20 1479 else
fa64c868 1480 return (LL_OTHER);
564dd50a 1481}
1d7b9b20 1482
1483
1484/* open the file (using filemode) and seek to the login entry */
1485static int
564dd50a 1486lastlog_openseek(struct logininfo *li, int *fd, int filemode)
1487{
1d7b9b20 1488 off_t offset;
1489 int type;
1490 char lastlog_file[1024];
1491
1492 type = lastlog_filetype(LASTLOG_FILE);
1493 switch (type) {
fa64c868 1494 case LL_FILE:
1495 strlcpy(lastlog_file, LASTLOG_FILE,
1496 sizeof(lastlog_file));
1497 break;
1498 case LL_DIR:
1499 snprintf(lastlog_file, sizeof(lastlog_file), "%s/%s",
1500 LASTLOG_FILE, li->username);
1501 break;
1502 default:
a233586b 1503 logit("%s: %.100s is not a file or directory!", __func__,
fa64c868 1504 LASTLOG_FILE);
1505 return (0);
a05a70ab 1506 }
1d7b9b20 1507
ee476051 1508 *fd = open(lastlog_file, filemode, 0600);
fa64c868 1509 if (*fd < 0) {
a233586b 1510 debug("%s: Couldn't open %s: %s", __func__,
1d7b9b20 1511 lastlog_file, strerror(errno));
fa64c868 1512 return (0);
1d7b9b20 1513 }
2b87da3b 1514
d93a7e5a 1515 if (type == LL_FILE) {
1516 /* find this uid's offset in the lastlog file */
d9d47a26 1517 offset = (off_t) ((long)li->uid * sizeof(struct lastlog));
1d7b9b20 1518
fa64c868 1519 if (lseek(*fd, offset, SEEK_SET) != offset) {
a233586b 1520 logit("%s: %s->lseek(): %s", __func__,
1521 lastlog_file, strerror(errno));
fa64c868 1522 return (0);
d93a7e5a 1523 }
1d7b9b20 1524 }
2b87da3b 1525
fa64c868 1526 return (1);
564dd50a 1527}
1d7b9b20 1528
1529static int
564dd50a 1530lastlog_perform_login(struct logininfo *li)
1531{
1d7b9b20 1532 struct lastlog last;
1533 int fd;
1534
1535 /* create our struct lastlog */
1536 lastlog_construct(li, &last);
1537
ee476051 1538 if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT))
fa64c868 1539 return (0);
2b87da3b 1540
1d7b9b20 1541 /* write the entry */
d72f7b79 1542 if (atomicio(vwrite, fd, &last, sizeof(last)) != sizeof(last)) {
1a022229 1543 close(fd);
a233586b 1544 logit("%s: Error writing to %s: %s", __func__,
1a022229 1545 LASTLOG_FILE, strerror(errno));
fa64c868 1546 return (0);
a05a70ab 1547 }
1a022229 1548
1549 close(fd);
fa64c868 1550 return (1);
564dd50a 1551}
1d7b9b20 1552
1d7b9b20 1553int
564dd50a 1554lastlog_write_entry(struct logininfo *li)
1555{
1d7b9b20 1556 switch(li->type) {
1557 case LTYPE_LOGIN:
fa64c868 1558 return (lastlog_perform_login(li));
1d7b9b20 1559 default:
a233586b 1560 logit("%s: Invalid type field", __func__);
fa64c868 1561 return (0);
1d7b9b20 1562 }
564dd50a 1563}
1d7b9b20 1564
1d7b9b20 1565static void
564dd50a 1566lastlog_populate_entry(struct logininfo *li, struct lastlog *last)
1567{
1d7b9b20 1568 line_fullname(li->line, last->ll_line, sizeof(li->line));
2b87da3b 1569 strlcpy(li->hostname, last->ll_host,
fa64c868 1570 MIN_SIZEOF(li->hostname, last->ll_host));
1d7b9b20 1571 li->tv_sec = last->ll_time;
564dd50a 1572}
1d7b9b20 1573
1d7b9b20 1574int
564dd50a 1575lastlog_get_entry(struct logininfo *li)
1576{
1d7b9b20 1577 struct lastlog last;
ed05a983 1578 int fd, ret;
1d7b9b20 1579
ce49121d 1580 if (!lastlog_openseek(li, &fd, O_RDONLY))
ed05a983 1581 return (0);
ce49121d 1582
ed05a983 1583 ret = atomicio(read, fd, &last, sizeof(last));
ce49121d 1584 close(fd);
1585
ed05a983 1586 switch (ret) {
1587 case 0:
1588 memset(&last, '\0', sizeof(last));
1589 /* FALLTHRU */
1590 case sizeof(last):
1591 lastlog_populate_entry(li, &last);
1592 return (1);
1593 case -1:
aff51935 1594 error("%s: Error reading from %s: %s", __func__,
ed05a983 1595 LASTLOG_FILE, strerror(errno));
1596 return (0);
1597 default:
1598 error("%s: Error reading from %s: Expecting %d, got %d",
dfde7f6e 1599 __func__, LASTLOG_FILE, (int)sizeof(last), ret);
ed05a983 1600 return (0);
1601 }
ce49121d 1602
ed05a983 1603 /* NOTREACHED */
1604 return (0);
564dd50a 1605}
f988dce5 1606#endif /* USE_LASTLOG */
b6610e8f 1607
1608#ifdef USE_BTMP
1609 /*
1610 * Logs failed login attempts in _PATH_BTMP if that exists.
1611 * The most common login failure is to give password instead of username.
1612 * So the _PATH_BTMP file checked for the correct permission, so that
1613 * only root can read it.
1614 */
1615
1616void
1617record_failed_login(const char *username, const char *hostname,
1618 const char *ttyn)
1619{
1620 int fd;
1621 struct utmp ut;
1622 struct sockaddr_storage from;
dfde7f6e 1623 socklen_t fromlen = sizeof(from);
b6610e8f 1624 struct sockaddr_in *a4;
1625 struct sockaddr_in6 *a6;
1626 time_t t;
1627 struct stat fst;
1628
1629 if (geteuid() != 0)
1630 return;
1631 if ((fd = open(_PATH_BTMP, O_WRONLY | O_APPEND)) < 0) {
1632 debug("Unable to open the btmp file %s: %s", _PATH_BTMP,
1633 strerror(errno));
1634 return;
1635 }
1636 if (fstat(fd, &fst) < 0) {
1637 logit("%s: fstat of %s failed: %s", __func__, _PATH_BTMP,
1638 strerror(errno));
1639 goto out;
1640 }
1641 if((fst.st_mode & (S_IRWXG | S_IRWXO)) || (fst.st_uid != 0)){
1642 logit("Excess permission or bad ownership on file %s",
1643 _PATH_BTMP);
1644 goto out;
1645 }
1646
1647 memset(&ut, 0, sizeof(ut));
1648 /* strncpy because we don't necessarily want nul termination */
1649 strncpy(ut.ut_user, username, sizeof(ut.ut_user));
1650 strlcpy(ut.ut_line, "ssh:notty", sizeof(ut.ut_line));
1651
1652 time(&t);
1653 ut.ut_time = t; /* ut_time is not always a time_t */
1654 ut.ut_type = LOGIN_PROCESS;
1655 ut.ut_pid = getpid();
1656
1657 /* strncpy because we don't necessarily want nul termination */
1658 strncpy(ut.ut_host, hostname, sizeof(ut.ut_host));
1659
1660 if (packet_connection_is_on_socket() &&
1661 getpeername(packet_get_connection_in(),
1662 (struct sockaddr *)&from, &fromlen) == 0) {
1663 ipv64_normalise_mapped(&from, &fromlen);
1664 if (from.ss_family == AF_INET) {
1665 a4 = (struct sockaddr_in *)&from;
1666 memcpy(&ut.ut_addr, &(a4->sin_addr),
1667 MIN_SIZEOF(ut.ut_addr, a4->sin_addr));
1668 }
1669#ifdef HAVE_ADDR_V6_IN_UTMP
1670 if (from.ss_family == AF_INET6) {
1671 a6 = (struct sockaddr_in6 *)&from;
1672 memcpy(&ut.ut_addr_v6, &(a6->sin6_addr),
1673 MIN_SIZEOF(ut.ut_addr_v6, a6->sin6_addr));
1674 }
1675#endif
1676 }
1677
1678 if (atomicio(vwrite, fd, &ut, sizeof(ut)) != sizeof(ut))
1679 error("Failed to write to %s: %s", _PATH_BTMP,
1680 strerror(errno));
1681
1682out:
1683 close(fd);
1684}
1685#endif /* USE_BTMP */
git-cvsimport mirror of OpenSSH
This page took 1.352699 seconds and 5 git commands to generate.