]> andersk Git - openssh.git/blame - loginrec.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [README.platform auth.c configure.ac loginrec.c
[openssh.git] / loginrec.c
CommitLineData
1d7b9b20 1/*
2 * Copyright (c) 2000 Andre Lucas. All rights reserved.
564dd50a 3 * Portions copyright (c) 1998 Todd C. Miller
4 * Portions copyright (c) 1996 Jason Downs
5 * Portions copyright (c) 1996 Theo de Raadt
1d7b9b20 6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
1d7b9b20 15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
b6610e8f 28/*
29 * The btmp logging code is derived from login.c from util-linux and is under
30 * the the following license:
31 *
32 * Copyright (c) 1980, 1987, 1988 The Regents of the University of California.
33 * All rights reserved.
34 *
35 * Redistribution and use in source and binary forms are permitted
36 * provided that the above copyright notice and this paragraph are
37 * duplicated in all such forms and that any documentation,
38 * advertising materials, and other materials related to such
39 * distribution and use acknowledge that the software was developed
40 * by the University of California, Berkeley. The name of the
41 * University may not be used to endorse or promote products derived
42 * from this software without specific prior written permission.
43 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
44 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
45 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
46 */
47
48
2b87da3b 49/**
1d7b9b20 50 ** loginrec.c: platform-independent login recording and lastlog retrieval
51 **/
52
564dd50a 53/*
fa64c868 54 * The new login code explained
55 * ============================
56 *
57 * This code attempts to provide a common interface to login recording
58 * (utmp and friends) and last login time retrieval.
59 *
60 * Its primary means of achieving this is to use 'struct logininfo', a
61 * union of all the useful fields in the various different types of
62 * system login record structures one finds on UNIX variants.
63 *
64 * We depend on autoconf to define which recording methods are to be
65 * used, and which fields are contained in the relevant data structures
66 * on the local system. Many C preprocessor symbols affect which code
67 * gets compiled here.
68 *
69 * The code is designed to make it easy to modify a particular
70 * recording method, without affecting other methods nor requiring so
71 * many nested conditional compilation blocks as were commonplace in
72 * the old code.
73 *
74 * For login recording, we try to use the local system's libraries as
75 * these are clearly most likely to work correctly. For utmp systems
76 * this usually means login() and logout() or setutent() etc., probably
77 * in libutil, along with logwtmp() etc. On these systems, we fall back
78 * to writing the files directly if we have to, though this method
79 * requires very thorough testing so we do not corrupt local auditing
80 * information. These files and their access methods are very system
81 * specific indeed.
82 *
83 * For utmpx systems, the corresponding library functions are
84 * setutxent() etc. To the author's knowledge, all utmpx systems have
85 * these library functions and so no direct write is attempted. If such
86 * a system exists and needs support, direct analogues of the [uw]tmp
87 * code should suffice.
88 *
89 * Retrieving the time of last login ('lastlog') is in some ways even
90 * more problemmatic than login recording. Some systems provide a
91 * simple table of all users which we seek based on uid and retrieve a
92 * relatively standard structure. Others record the same information in
93 * a directory with a separate file, and others don't record the
94 * information separately at all. For systems in the latter category,
95 * we look backwards in the wtmp or wtmpx file for the last login entry
96 * for our user. Naturally this is slower and on busy systems could
97 * incur a significant performance penalty.
98 *
99 * Calling the new code
100 * --------------------
101 *
102 * In OpenSSH all login recording and retrieval is performed in
103 * login.c. Here you'll find working examples. Also, in the logintest.c
104 * program there are more examples.
105 *
106 * Internal handler calling method
107 * -------------------------------
108 *
109 * When a call is made to login_login() or login_logout(), both
110 * routines set a struct logininfo flag defining which action (log in,
111 * or log out) is to be taken. They both then call login_write(), which
112 * calls whichever of the many structure-specific handlers autoconf
113 * selects for the local system.
114 *
115 * The handlers themselves handle system data structure specifics. Both
116 * struct utmp and struct utmpx have utility functions (see
117 * construct_utmp*()) to try to make it simpler to add extra systems
118 * that introduce new features to either structure.
119 *
120 * While it may seem terribly wasteful to replicate so much similar
121 * code for each method, experience has shown that maintaining code to
122 * write both struct utmp and utmpx in one function, whilst maintaining
123 * support for all systems whether they have library support or not, is
124 * a difficult and time-consuming task.
125 *
126 * Lastlog support proceeds similarly. Functions login_get_lastlog()
127 * (and its OpenSSH-tuned friend login_get_lastlog_time()) call
128 * getlast_entry(), which tries one of three methods to find the last
129 * login time. It uses local system lastlog support if it can,
130 * otherwise it tries wtmp or wtmpx before giving up and returning 0,
131 * meaning "tilt".
132 *
133 * Maintenance
134 * -----------
135 *
136 * In many cases it's possible to tweak autoconf to select the correct
137 * methods for a particular platform, either by improving the detection
138 * code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE
139 * symbols for the platform.
140 *
141 * Use logintest to check which symbols are defined before modifying
142 * configure.ac and loginrec.c. (You have to build logintest yourself
143 * with 'make logintest' as it's not built by default.)
144 *
145 * Otherwise, patches to the specific method(s) are very helpful!
146 */
1d7b9b20 147
148#include "includes.h"
149
1d7b9b20 150#include "ssh.h"
151#include "xmalloc.h"
152#include "loginrec.h"
42f11eb2 153#include "log.h"
154#include "atomicio.h"
b6610e8f 155#include "packet.h"
156#include "canohost.h"
c00e4d75 157#include "auth.h"
1d7b9b20 158
44d5f7f7 159#ifdef HAVE_UTIL_H
fa64c868 160# include <util.h>
44d5f7f7 161#endif
162
8f523d67 163#ifdef HAVE_LIBUTIL_H
fa64c868 164# include <libutil.h>
8f523d67 165#endif
166
fa64c868 167RCSID("$Id$");
168
1d7b9b20 169/**
170 ** prototypes for helper functions in this file
171 **/
172
173#if HAVE_UTMP_H
1d7b9b20 174void set_utmp_time(struct logininfo *li, struct utmp *ut);
175void construct_utmp(struct logininfo *li, struct utmp *ut);
176#endif
177
178#ifdef HAVE_UTMPX_H
1d7b9b20 179void set_utmpx_time(struct logininfo *li, struct utmpx *ut);
180void construct_utmpx(struct logininfo *li, struct utmpx *ut);
181#endif
182
183int utmp_write_entry(struct logininfo *li);
184int utmpx_write_entry(struct logininfo *li);
185int wtmp_write_entry(struct logininfo *li);
186int wtmpx_write_entry(struct logininfo *li);
187int lastlog_write_entry(struct logininfo *li);
188int syslogin_write_entry(struct logininfo *li);
189
190int getlast_entry(struct logininfo *li);
191int lastlog_get_entry(struct logininfo *li);
192int wtmp_get_entry(struct logininfo *li);
193int wtmpx_get_entry(struct logininfo *li);
194
5ccf88cb 195extern Buffer loginmsg;
196
5abcdf8e 197/* pick the shortest string */
fa64c868 198#define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))
5abcdf8e 199
1d7b9b20 200/**
201 ** platform-independent login functions
202 **/
203
fa64c868 204/*
205 * login_login(struct logininfo *) - Record a login
2b87da3b 206 *
5abcdf8e 207 * Call with a pointer to a struct logininfo initialised with
208 * login_init_entry() or login_alloc_entry()
209 *
210 * Returns:
211 * >0 if successful
212 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
213 */
564dd50a 214int
fa64c868 215login_login(struct logininfo *li)
564dd50a 216{
217 li->type = LTYPE_LOGIN;
fa64c868 218 return (login_write(li));
564dd50a 219}
1d7b9b20 220
221
fa64c868 222/*
223 * login_logout(struct logininfo *) - Record a logout
5abcdf8e 224 *
225 * Call as with login_login()
226 *
227 * Returns:
228 * >0 if successful
229 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
230 */
564dd50a 231int
232login_logout(struct logininfo *li)
233{
234 li->type = LTYPE_LOGOUT;
fa64c868 235 return (login_write(li));
1d7b9b20 236}
237
fa64c868 238/*
239 * login_get_lastlog_time(int) - Retrieve the last login time
5abcdf8e 240 *
241 * Retrieve the last login time for the given uid. Will try to use the
242 * system lastlog facilities if they are available, but will fall back
243 * to looking in wtmp/wtmpx if necessary
244 *
245 * Returns:
246 * 0 on failure, or if user has never logged in
247 * Time in seconds from the epoch if successful
248 *
249 * Useful preprocessor symbols:
250 * DISABLE_LASTLOG: If set, *never* even try to retrieve lastlog
251 * info
252 * USE_LASTLOG: If set, indicates the presence of system lastlog
253 * facilities. If this and DISABLE_LASTLOG are not set,
254 * try to retrieve lastlog information from wtmp/wtmpx.
255 */
564dd50a 256unsigned int
257login_get_lastlog_time(const int uid)
258{
259 struct logininfo li;
1d7b9b20 260
5abcdf8e 261 if (login_get_lastlog(&li, uid))
fa64c868 262 return (li.tv_sec);
5abcdf8e 263 else
fa64c868 264 return (0);
564dd50a 265}
1d7b9b20 266
fa64c868 267/*
268 * login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry
5abcdf8e 269 *
270 * Retrieve a logininfo structure populated (only partially) with
271 * information from the system lastlog data, or from wtmp/wtmpx if no
272 * system lastlog information exists.
273 *
274 * Note this routine must be given a pre-allocated logininfo.
275 *
276 * Returns:
277 * >0: A pointer to your struct logininfo if successful
278 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
5abcdf8e 279 */
564dd50a 280struct logininfo *
281login_get_lastlog(struct logininfo *li, const int uid)
282{
5abcdf8e 283 struct passwd *pw;
5abcdf8e 284
dbaa2e87 285 memset(li, '\0', sizeof(*li));
1d7b9b20 286 li->uid = uid;
5abcdf8e 287
2b87da3b 288 /*
9f32ceb4 289 * If we don't have a 'real' lastlog, we need the username to
5abcdf8e 290 * reliably search wtmp(x) for the last login (see
2b87da3b 291 * wtmp_get_entry().)
9f32ceb4 292 */
5abcdf8e 293 pw = getpwuid(uid);
a05a70ab 294 if (pw == NULL)
a233586b 295 fatal("%s: Cannot find account for uid %i", __func__, uid);
2b87da3b 296
1bfbb762 297 /* No MIN_SIZEOF here - we absolutely *must not* truncate the
fa64c868 298 * username (XXX - so check for trunc!) */
d8caae24 299 strlcpy(li->username, pw->pw_name, sizeof(li->username));
a05a70ab 300
564dd50a 301 if (getlast_entry(li))
fa64c868 302 return (li);
564dd50a 303 else
fa64c868 304 return (NULL);
1d7b9b20 305}
306
1d7b9b20 307
fa64c868 308/*
309 * login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
2b87da3b 310 * a logininfo structure
311 *
5abcdf8e 312 * This function creates a new struct logininfo, a data structure
313 * meant to carry the information required to portably record login info.
314 *
315 * Returns a pointer to a newly created struct logininfo. If memory
316 * allocation fails, the program halts.
317 */
564dd50a 318struct
319logininfo *login_alloc_entry(int pid, const char *username,
fa64c868 320 const char *hostname, const char *line)
564dd50a 321{
322 struct logininfo *newli;
1d7b9b20 323
fa64c868 324 newli = xmalloc(sizeof(*newli));
325 login_init_entry(newli, pid, username, hostname, line);
326 return (newli);
1d7b9b20 327}
328
329
5abcdf8e 330/* login_free_entry(struct logininfo *) - free struct memory */
1d7b9b20 331void
564dd50a 332login_free_entry(struct logininfo *li)
333{
334 xfree(li);
1d7b9b20 335}
336
337
5abcdf8e 338/* login_init_entry(struct logininfo *, int, char*, char*, char*)
339 * - initialise a struct logininfo
2b87da3b 340 *
5abcdf8e 341 * Populates a new struct logininfo, a data structure meant to carry
342 * the information required to portably record login info.
343 *
344 * Returns: 1
345 */
564dd50a 346int
2b87da3b 347login_init_entry(struct logininfo *li, int pid, const char *username,
fa64c868 348 const char *hostname, const char *line)
564dd50a 349{
d8caae24 350 struct passwd *pw;
2b87da3b 351
dbaa2e87 352 memset(li, 0, sizeof(*li));
2b87da3b 353
564dd50a 354 li->pid = pid;
d8caae24 355
564dd50a 356 /* set the line information */
357 if (line)
358 line_fullname(li->line, line, sizeof(li->line));
1d7b9b20 359
d8caae24 360 if (username) {
564dd50a 361 strlcpy(li->username, username, sizeof(li->username));
d8caae24 362 pw = getpwnam(li->username);
fa64c868 363 if (pw == NULL) {
a233586b 364 fatal("%s: Cannot find user \"%s\"", __func__,
fa64c868 365 li->username);
366 }
d8caae24 367 li->uid = pw->pw_uid;
368 }
a05a70ab 369
564dd50a 370 if (hostname)
371 strlcpy(li->hostname, hostname, sizeof(li->hostname));
d8caae24 372
fa64c868 373 return (1);
1d7b9b20 374}
375
fa64c868 376/*
377 * login_set_current_time(struct logininfo *) - set the current time
5abcdf8e 378 *
379 * Set the current time in a logininfo structure. This function is
380 * meant to eliminate the need to deal with system dependencies for
381 * time handling.
382 */
1d7b9b20 383void
564dd50a 384login_set_current_time(struct logininfo *li)
385{
1d7b9b20 386 struct timeval tv;
387
388 gettimeofday(&tv, NULL);
2b87da3b 389
d8caae24 390 li->tv_sec = tv.tv_sec;
391 li->tv_usec = tv.tv_usec;
1d7b9b20 392}
393
564dd50a 394/* copy a sockaddr_* into our logininfo */
1d7b9b20 395void
564dd50a 396login_set_addr(struct logininfo *li, const struct sockaddr *sa,
fa64c868 397 const unsigned int sa_size)
564dd50a 398{
399 unsigned int bufsize = sa_size;
400
401 /* make sure we don't overrun our union */
402 if (sizeof(li->hostaddr) < sa_size)
403 bufsize = sizeof(li->hostaddr);
404
fa64c868 405 memcpy(&li->hostaddr.sa, sa, bufsize);
1d7b9b20 406}
1d7b9b20 407
564dd50a 408
409/**
410 ** login_write: Call low-level recording functions based on autoconf
411 ** results
412 **/
1d7b9b20 413int
fa64c868 414login_write(struct logininfo *li)
564dd50a 415{
3c62e7eb 416#ifndef HAVE_CYGWIN
fa64c868 417 if (geteuid() != 0) {
418 logit("Attempt to write login records by non-root user (aborting)");
419 return (1);
1d7b9b20 420 }
3c62e7eb 421#endif
a05a70ab 422
1d7b9b20 423 /* set the timestamp */
424 login_set_current_time(li);
425#ifdef USE_LOGIN
426 syslogin_write_entry(li);
427#endif
428#ifdef USE_LASTLOG
fa64c868 429 if (li->type == LTYPE_LOGIN)
1d7b9b20 430 lastlog_write_entry(li);
1d7b9b20 431#endif
432#ifdef USE_UTMP
433 utmp_write_entry(li);
434#endif
435#ifdef USE_WTMP
436 wtmp_write_entry(li);
437#endif
438#ifdef USE_UTMPX
439 utmpx_write_entry(li);
440#endif
441#ifdef USE_WTMPX
442 wtmpx_write_entry(li);
f5ed3301 443#endif
444#ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
445 if (li->type == LTYPE_LOGIN &&
5ccf88cb 446 !sys_auth_record_login(li->username,li->hostname,li->line, &loginmsg))
f5ed3301 447 logit("Writing login record failed for %s", li->username);
c00e4d75 448#endif
6039eeef 449#ifdef SSH_AUDIT_EVENTS
c00e4d75 450 if (li->type == LTYPE_LOGIN)
451 audit_session_open(li->line);
452 else if (li->type == LTYPE_LOGOUT)
453 audit_session_close(li->line);
1d7b9b20 454#endif
fa64c868 455 return (0);
1d7b9b20 456}
457
7e2d5fa4 458#ifdef LOGIN_NEEDS_UTMPX
459int
460login_utmp_only(struct logininfo *li)
461{
aff51935 462 li->type = LTYPE_LOGIN;
9e127e27 463 login_set_current_time(li);
7e2d5fa4 464# ifdef USE_UTMP
465 utmp_write_entry(li);
466# endif
467# ifdef USE_WTMP
468 wtmp_write_entry(li);
469# endif
470# ifdef USE_UTMPX
471 utmpx_write_entry(li);
472# endif
473# ifdef USE_WTMPX
474 wtmpx_write_entry(li);
475# endif
fa64c868 476 return (0);
7e2d5fa4 477}
478#endif
479
564dd50a 480/**
481 ** getlast_entry: Call low-level functions to retrieve the last login
482 ** time.
483 **/
1d7b9b20 484
564dd50a 485/* take the uid in li and return the last login time */
1d7b9b20 486int
564dd50a 487getlast_entry(struct logininfo *li)
488{
489#ifdef USE_LASTLOG
9f32ceb4 490 return(lastlog_get_entry(li));
a05a70ab 491#else /* !USE_LASTLOG */
1d7b9b20 492
fa64c868 493#if defined(DISABLE_LASTLOG)
2b87da3b 494 /* On some systems we shouldn't even try to obtain last login
3f45f1c3 495 * time, e.g. AIX */
fa64c868 496 return (0);
497# elif defined(USE_WTMP) && \
498 (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP))
564dd50a 499 /* retrieve last login time from utmp */
a05a70ab 500 return (wtmp_get_entry(li));
fa64c868 501# elif defined(USE_WTMPX) && \
502 (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX))
564dd50a 503 /* If wtmp isn't available, try wtmpx */
a05a70ab 504 return (wtmpx_get_entry(li));
fa64c868 505# else
564dd50a 506 /* Give up: No means of retrieving last login time */
fa64c868 507 return (0);
2b87da3b 508# endif /* DISABLE_LASTLOG */
a05a70ab 509#endif /* USE_LASTLOG */
564dd50a 510}
1d7b9b20 511
512
1d7b9b20 513
514/*
564dd50a 515 * 'line' string utility functions
516 *
517 * These functions process the 'line' string into one of three forms:
518 *
1d7b9b20 519 * 1. The full filename (including '/dev')
520 * 2. The stripped name (excluding '/dev')
564dd50a 521 * 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
522 * /dev/pts/1 -> ts/1 )
1d7b9b20 523 *
524 * Form 3 is used on some systems to identify a .tmp.? entry when
525 * attempting to remove it. Typically both addition and removal is
564dd50a 526 * performed by one application - say, sshd - so as long as the choice
527 * uniquely identifies a terminal it's ok.
1d7b9b20 528 */
529
530
fa64c868 531/*
532 * line_fullname(): add the leading '/dev/' if it doesn't exist make
533 * sure dst has enough space, if not just copy src (ugh)
534 */
1d7b9b20 535char *
564dd50a 536line_fullname(char *dst, const char *src, int dstsize)
537{
1d7b9b20 538 memset(dst, '\0', dstsize);
fa64c868 539 if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5)))
1d7b9b20 540 strlcpy(dst, src, dstsize);
fa64c868 541 else {
a4d05724 542 strlcpy(dst, "/dev/", dstsize);
1d7b9b20 543 strlcat(dst, src, dstsize);
544 }
fa64c868 545 return (dst);
1d7b9b20 546}
547
564dd50a 548/* line_stripname(): strip the leading '/dev' if it exists, return dst */
1d7b9b20 549char *
564dd50a 550line_stripname(char *dst, const char *src, int dstsize)
551{
1d7b9b20 552 memset(dst, '\0', dstsize);
553 if (strncmp(src, "/dev/", 5) == 0)
89d7510a 554 strlcpy(dst, src + 5, dstsize);
1d7b9b20 555 else
556 strlcpy(dst, src, dstsize);
fa64c868 557 return (dst);
564dd50a 558}
559
fa64c868 560/*
561 * line_abbrevname(): Return the abbreviated (usually four-character)
564dd50a 562 * form of the line (Just use the last <dstsize> characters of the
563 * full name.)
564 *
565 * NOTE: use strncpy because we do NOT necessarily want zero
fa64c868 566 * termination
567 */
1d7b9b20 568char *
2b87da3b 569line_abbrevname(char *dst, const char *src, int dstsize)
a05a70ab 570{
571 size_t len;
2b87da3b 572
1d7b9b20 573 memset(dst, '\0', dstsize);
2b87da3b 574
daaff4d5 575 /* Always skip prefix if present */
576 if (strncmp(src, "/dev/", 5) == 0)
577 src += 5;
2b87da3b 578
0e8f4eba 579#ifdef WITH_ABBREV_NO_TTY
580 if (strncmp(src, "tty", 3) == 0)
581 src += 3;
582#endif
583
a05a70ab 584 len = strlen(src);
585
daaff4d5 586 if (len > 0) {
587 if (((int)len - dstsize) > 0)
588 src += ((int)len - dstsize);
589
590 /* note: _don't_ change this to strlcpy */
2b87da3b 591 strncpy(dst, src, (size_t)dstsize);
a05a70ab 592 }
2b87da3b 593
fa64c868 594 return (dst);
1d7b9b20 595}
596
1d7b9b20 597/**
598 ** utmp utility functions
564dd50a 599 **
600 ** These functions manipulate struct utmp, taking system differences
601 ** into account.
1d7b9b20 602 **/
603
604#if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN)
605
1d7b9b20 606/* build the utmp structure */
607void
564dd50a 608set_utmp_time(struct logininfo *li, struct utmp *ut)
609{
fa64c868 610# if defined(HAVE_TV_IN_UTMP)
1d7b9b20 611 ut->ut_tv.tv_sec = li->tv_sec;
612 ut->ut_tv.tv_usec = li->tv_usec;
fa64c868 613# elif defined(HAVE_TIME_IN_UTMP)
1d7b9b20 614 ut->ut_time = li->tv_sec;
a05a70ab 615# endif
1d7b9b20 616}
617
618void
619construct_utmp(struct logininfo *li,
564dd50a 620 struct utmp *ut)
621{
9746ee4b 622# ifdef HAVE_ADDR_V6_IN_UTMP
623 struct sockaddr_in6 *sa6;
fa64c868 624# endif
625
dbaa2e87 626 memset(ut, '\0', sizeof(*ut));
5abcdf8e 627
628 /* First fill out fields used for both logins and logouts */
629
a05a70ab 630# ifdef HAVE_ID_IN_UTMP
1d7b9b20 631 line_abbrevname(ut->ut_id, li->line, sizeof(ut->ut_id));
a05a70ab 632# endif
1d7b9b20 633
a05a70ab 634# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 635 /* This is done here to keep utmp constants out of struct logininfo */
1d7b9b20 636 switch (li->type) {
637 case LTYPE_LOGIN:
638 ut->ut_type = USER_PROCESS;
ef51930f 639#ifdef _UNICOS
1a23ac2c 640 cray_set_tmpdir(ut);
641#endif
1d7b9b20 642 break;
643 case LTYPE_LOGOUT:
644 ut->ut_type = DEAD_PROCESS;
ef51930f 645#ifdef _UNICOS
1a23ac2c 646 cray_retain_utmp(ut, li->pid);
647#endif
1d7b9b20 648 break;
649 }
a05a70ab 650# endif
5abcdf8e 651 set_utmp_time(li, ut);
1d7b9b20 652
5abcdf8e 653 line_stripname(ut->ut_line, li->line, sizeof(ut->ut_line));
a05a70ab 654
655# ifdef HAVE_PID_IN_UTMP
1d7b9b20 656 ut->ut_pid = li->pid;
a05a70ab 657# endif
5abcdf8e 658
659 /* If we're logging out, leave all other fields blank */
660 if (li->type == LTYPE_LOGOUT)
fa64c868 661 return;
5abcdf8e 662
a05a70ab 663 /*
664 * These fields are only used when logging in, and are blank
2b87da3b 665 * for logouts.
a05a70ab 666 */
5abcdf8e 667
668 /* Use strncpy because we don't necessarily want null termination */
fa64c868 669 strncpy(ut->ut_name, li->username,
670 MIN_SIZEOF(ut->ut_name, li->username));
a05a70ab 671# ifdef HAVE_HOST_IN_UTMP
fa64c868 672 strncpy(ut->ut_host, li->hostname,
673 MIN_SIZEOF(ut->ut_host, li->hostname));
a05a70ab 674# endif
675# ifdef HAVE_ADDR_IN_UTMP
564dd50a 676 /* this is just a 32-bit IP address */
677 if (li->hostaddr.sa.sa_family == AF_INET)
678 ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
2b87da3b 679# endif
9746ee4b 680# ifdef HAVE_ADDR_V6_IN_UTMP
681 /* this is just a 128-bit IPv6 address */
682 if (li->hostaddr.sa.sa_family == AF_INET6) {
683 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
684 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
685 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
686 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
687 ut->ut_addr_v6[1] = 0;
688 ut->ut_addr_v6[2] = 0;
689 ut->ut_addr_v6[3] = 0;
690 }
691 }
692# endif
564dd50a 693}
a05a70ab 694#endif /* USE_UTMP || USE_WTMP || USE_LOGIN */
564dd50a 695
1d7b9b20 696/**
697 ** utmpx utility functions
564dd50a 698 **
699 ** These functions manipulate struct utmpx, accounting for system
700 ** variations.
1d7b9b20 701 **/
702
703#if defined(USE_UTMPX) || defined (USE_WTMPX)
1d7b9b20 704/* build the utmpx structure */
705void
564dd50a 706set_utmpx_time(struct logininfo *li, struct utmpx *utx)
707{
fa64c868 708# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 709 utx->ut_tv.tv_sec = li->tv_sec;
710 utx->ut_tv.tv_usec = li->tv_usec;
fa64c868 711# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 712 utx->ut_time = li->tv_sec;
fa64c868 713# endif
1d7b9b20 714}
715
716void
564dd50a 717construct_utmpx(struct logininfo *li, struct utmpx *utx)
718{
9746ee4b 719# ifdef HAVE_ADDR_V6_IN_UTMP
720 struct sockaddr_in6 *sa6;
721# endif
dbaa2e87 722 memset(utx, '\0', sizeof(*utx));
fa64c868 723
daaff4d5 724# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 725 line_abbrevname(utx->ut_id, li->line, sizeof(utx->ut_id));
daaff4d5 726# endif
1d7b9b20 727
728 /* this is done here to keep utmp constants out of loginrec.h */
729 switch (li->type) {
730 case LTYPE_LOGIN:
731 utx->ut_type = USER_PROCESS;
732 break;
733 case LTYPE_LOGOUT:
734 utx->ut_type = DEAD_PROCESS;
735 break;
736 }
1d7b9b20 737 line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line));
1d7b9b20 738 set_utmpx_time(li, utx);
5abcdf8e 739 utx->ut_pid = li->pid;
fa64c868 740
f3837bc6 741 /* strncpy(): Don't necessarily want null termination */
fa64c868 742 strncpy(utx->ut_name, li->username,
743 MIN_SIZEOF(utx->ut_name, li->username));
5abcdf8e 744
745 if (li->type == LTYPE_LOGOUT)
746 return;
747
a05a70ab 748 /*
749 * These fields are only used when logging in, and are blank
2b87da3b 750 * for logouts.
a05a70ab 751 */
5abcdf8e 752
a05a70ab 753# ifdef HAVE_HOST_IN_UTMPX
fa64c868 754 strncpy(utx->ut_host, li->hostname,
755 MIN_SIZEOF(utx->ut_host, li->hostname));
a05a70ab 756# endif
757# ifdef HAVE_ADDR_IN_UTMPX
764d4113 758 /* this is just a 32-bit IP address */
759 if (li->hostaddr.sa.sa_family == AF_INET)
760 utx->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
a05a70ab 761# endif
9746ee4b 762# ifdef HAVE_ADDR_V6_IN_UTMP
763 /* this is just a 128-bit IPv6 address */
764 if (li->hostaddr.sa.sa_family == AF_INET6) {
765 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
766 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
767 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
768 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
769 ut->ut_addr_v6[1] = 0;
770 ut->ut_addr_v6[2] = 0;
771 ut->ut_addr_v6[3] = 0;
772 }
773 }
774# endif
a05a70ab 775# ifdef HAVE_SYSLEN_IN_UTMPX
5abcdf8e 776 /* ut_syslen is the length of the utx_host string */
777 utx->ut_syslen = MIN(strlen(li->hostname), sizeof(utx->ut_host));
a05a70ab 778# endif
564dd50a 779}
a05a70ab 780#endif /* USE_UTMPX || USE_WTMPX */
1d7b9b20 781
782/**
564dd50a 783 ** Low-level utmp functions
1d7b9b20 784 **/
785
786/* FIXME: (ATL) utmp_write_direct needs testing */
1d7b9b20 787#ifdef USE_UTMP
788
1d7b9b20 789/* if we can, use pututline() etc. */
a05a70ab 790# if !defined(DISABLE_PUTUTLINE) && defined(HAVE_SETUTENT) && \
791 defined(HAVE_PUTUTLINE)
1d7b9b20 792# define UTMP_USE_LIBRARY
a05a70ab 793# endif
1d7b9b20 794
795
796/* write a utmp entry with the system's help (pututline() and pals) */
a05a70ab 797# ifdef UTMP_USE_LIBRARY
1d7b9b20 798static int
564dd50a 799utmp_write_library(struct logininfo *li, struct utmp *ut)
800{
1d7b9b20 801 setutent();
802 pututline(ut);
a05a70ab 803# ifdef HAVE_ENDUTENT
1d7b9b20 804 endutent();
a05a70ab 805# endif
fa64c868 806 return (1);
564dd50a 807}
a05a70ab 808# else /* UTMP_USE_LIBRARY */
1d7b9b20 809
fa64c868 810/*
811 * Write a utmp entry direct to the file
812 * This is a slightly modification of code in OpenBSD's login.c
813 */
1d7b9b20 814static int
564dd50a 815utmp_write_direct(struct logininfo *li, struct utmp *ut)
816{
1d7b9b20 817 struct utmp old_ut;
818 register int fd;
819 int tty;
820
5abcdf8e 821 /* FIXME: (ATL) ttyslot() needs local implementation */
dbaa2e87 822
698d107e 823#if defined(HAVE_GETTTYENT)
fa64c868 824 struct ttyent *ty;
dbaa2e87 825
826 tty=0;
dbaa2e87 827 setttyent();
fa64c868 828 while (NULL != (ty = getttyent())) {
dbaa2e87 829 tty++;
830 if (!strncmp(ty->ty_name, ut->ut_line, sizeof(ut->ut_line)))
831 break;
832 }
833 endttyent();
834
fa64c868 835 if (NULL == ty) {
5f12e050 836 logit("%s: tty not found", __func__);
837 return (0);
dbaa2e87 838 }
839#else /* FIXME */
840
1d7b9b20 841 tty = ttyslot(); /* seems only to work for /dev/ttyp? style names */
842
698d107e 843#endif /* HAVE_GETTTYENT */
dbaa2e87 844
1d7b9b20 845 if (tty > 0 && (fd = open(UTMP_FILE, O_RDWR|O_CREAT, 0644)) >= 0) {
5f12e050 846 off_t pos, ret;
847
848 pos = (off_t)tty * sizeof(struct utmp);
849 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 850 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 851 return (0);
852 }
853 if (ret != pos) {
f6d20d59 854 logit("%s: Couldn't seek to tty %d slot in %s",
855 __func__, tty, UTMP_FILE);
5f12e050 856 return (0);
857 }
1d7b9b20 858 /*
859 * Prevent luser from zero'ing out ut_host.
860 * If the new ut_line is empty but the old one is not
dc2a6d09 861 * and ut_line and ut_name match, preserve the old ut_line.
1d7b9b20 862 */
2b87da3b 863 if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) &&
fa64c868 864 (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') &&
865 (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) &&
866 (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0))
867 memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host));
2b87da3b 868
5f12e050 869 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 870 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 871 return (0);
872 }
873 if (ret != pos) {
f6d20d59 874 logit("%s: Couldn't seek to tty %d slot in %s",
5f12e050 875 __func__, tty, UTMP_FILE);
876 return (0);
877 }
fa64c868 878 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
5f12e050 879 logit("%s: error writing %s: %s", __func__,
5abcdf8e 880 UTMP_FILE, strerror(errno));
fa64c868 881 }
2b87da3b 882
fa64c868 883 close(fd);
884 return (1);
9f32ceb4 885 } else {
fa64c868 886 return (0);
9f32ceb4 887 }
564dd50a 888}
a05a70ab 889# endif /* UTMP_USE_LIBRARY */
1d7b9b20 890
891static int
564dd50a 892utmp_perform_login(struct logininfo *li)
893{
1d7b9b20 894 struct utmp ut;
895
896 construct_utmp(li, &ut);
a05a70ab 897# ifdef UTMP_USE_LIBRARY
1d7b9b20 898 if (!utmp_write_library(li, &ut)) {
a233586b 899 logit("%s: utmp_write_library() failed", __func__);
fa64c868 900 return (0);
1d7b9b20 901 }
a05a70ab 902# else
1d7b9b20 903 if (!utmp_write_direct(li, &ut)) {
a233586b 904 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 905 return (0);
1d7b9b20 906 }
a05a70ab 907# endif
fa64c868 908 return (1);
564dd50a 909}
1d7b9b20 910
911
912static int
564dd50a 913utmp_perform_logout(struct logininfo *li)
914{
1d7b9b20 915 struct utmp ut;
916
5abcdf8e 917 construct_utmp(li, &ut);
a05a70ab 918# ifdef UTMP_USE_LIBRARY
5abcdf8e 919 if (!utmp_write_library(li, &ut)) {
a233586b 920 logit("%s: utmp_write_library() failed", __func__);
fa64c868 921 return (0);
5abcdf8e 922 }
a05a70ab 923# else
5abcdf8e 924 if (!utmp_write_direct(li, &ut)) {
a233586b 925 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 926 return (0);
5abcdf8e 927 }
a05a70ab 928# endif
fa64c868 929 return (1);
564dd50a 930}
1d7b9b20 931
932
933int
564dd50a 934utmp_write_entry(struct logininfo *li)
935{
1d7b9b20 936 switch(li->type) {
937 case LTYPE_LOGIN:
fa64c868 938 return (utmp_perform_login(li));
1d7b9b20 939
940 case LTYPE_LOGOUT:
fa64c868 941 return (utmp_perform_logout(li));
1d7b9b20 942
943 default:
a233586b 944 logit("%s: invalid type field", __func__);
fa64c868 945 return (0);
1d7b9b20 946 }
564dd50a 947}
a05a70ab 948#endif /* USE_UTMP */
1d7b9b20 949
950
951/**
564dd50a 952 ** Low-level utmpx functions
1d7b9b20 953 **/
954
955/* not much point if we don't want utmpx entries */
956#ifdef USE_UTMPX
957
1d7b9b20 958/* if we have the wherewithall, use pututxline etc. */
a05a70ab 959# if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \
960 defined(HAVE_PUTUTXLINE)
1d7b9b20 961# define UTMPX_USE_LIBRARY
a05a70ab 962# endif
1d7b9b20 963
964
965/* write a utmpx entry with the system's help (pututxline() and pals) */
a05a70ab 966# ifdef UTMPX_USE_LIBRARY
1d7b9b20 967static int
564dd50a 968utmpx_write_library(struct logininfo *li, struct utmpx *utx)
969{
1d7b9b20 970 setutxent();
971 pututxline(utx);
972
a05a70ab 973# ifdef HAVE_ENDUTXENT
1d7b9b20 974 endutxent();
a05a70ab 975# endif
fa64c868 976 return (1);
564dd50a 977}
1d7b9b20 978
a05a70ab 979# else /* UTMPX_USE_LIBRARY */
1d7b9b20 980
981/* write a utmp entry direct to the file */
982static int
564dd50a 983utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
2b87da3b 984{
a233586b 985 logit("%s: not implemented!", __func__);
fa64c868 986 return (0);
564dd50a 987}
a05a70ab 988# endif /* UTMPX_USE_LIBRARY */
1d7b9b20 989
990static int
564dd50a 991utmpx_perform_login(struct logininfo *li)
992{
1d7b9b20 993 struct utmpx utx;
994
995 construct_utmpx(li, &utx);
a05a70ab 996# ifdef UTMPX_USE_LIBRARY
1d7b9b20 997 if (!utmpx_write_library(li, &utx)) {
a233586b 998 logit("%s: utmp_write_library() failed", __func__);
fa64c868 999 return (0);
1d7b9b20 1000 }
a05a70ab 1001# else
1d7b9b20 1002 if (!utmpx_write_direct(li, &ut)) {
a233586b 1003 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 1004 return (0);
1d7b9b20 1005 }
a05a70ab 1006# endif
fa64c868 1007 return (1);
564dd50a 1008}
1d7b9b20 1009
1010
1011static int
564dd50a 1012utmpx_perform_logout(struct logininfo *li)
1013{
1d7b9b20 1014 struct utmpx utx;
1015
f3837bc6 1016 construct_utmpx(li, &utx);
a05a70ab 1017# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 1018 line_abbrevname(utx.ut_id, li->line, sizeof(utx.ut_id));
a05a70ab 1019# endif
1020# ifdef HAVE_TYPE_IN_UTMPX
1d7b9b20 1021 utx.ut_type = DEAD_PROCESS;
a05a70ab 1022# endif
1d7b9b20 1023
a05a70ab 1024# ifdef UTMPX_USE_LIBRARY
1d7b9b20 1025 utmpx_write_library(li, &utx);
a05a70ab 1026# else
1d7b9b20 1027 utmpx_write_direct(li, &utx);
a05a70ab 1028# endif
fa64c868 1029 return (1);
564dd50a 1030}
1d7b9b20 1031
1d7b9b20 1032int
564dd50a 1033utmpx_write_entry(struct logininfo *li)
1034{
1d7b9b20 1035 switch(li->type) {
1036 case LTYPE_LOGIN:
fa64c868 1037 return (utmpx_perform_login(li));
1d7b9b20 1038 case LTYPE_LOGOUT:
fa64c868 1039 return (utmpx_perform_logout(li));
1d7b9b20 1040 default:
a233586b 1041 logit("%s: invalid type field", __func__);
fa64c868 1042 return (0);
1d7b9b20 1043 }
564dd50a 1044}
a05a70ab 1045#endif /* USE_UTMPX */
1d7b9b20 1046
1047
1048/**
564dd50a 1049 ** Low-level wtmp functions
1d7b9b20 1050 **/
1051
2b87da3b 1052#ifdef USE_WTMP
1d7b9b20 1053
fa64c868 1054/*
1055 * Write a wtmp entry direct to the end of the file
1056 * This is a slight modification of code in OpenBSD's logwtmp.c
1057 */
1d7b9b20 1058static int
564dd50a 1059wtmp_write(struct logininfo *li, struct utmp *ut)
1060{
1d7b9b20 1061 struct stat buf;
1062 int fd, ret = 1;
1063
1064 if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
a233586b 1065 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1066 WTMP_FILE, strerror(errno));
fa64c868 1067 return (0);
1d7b9b20 1068 }
2b87da3b 1069 if (fstat(fd, &buf) == 0)
d72f7b79 1070 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
1d7b9b20 1071 ftruncate(fd, buf.st_size);
a233586b 1072 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1073 WTMP_FILE, strerror(errno));
1074 ret = 0;
1075 }
fa64c868 1076 close(fd);
1077 return (ret);
564dd50a 1078}
1d7b9b20 1079
1d7b9b20 1080static int
a05a70ab 1081wtmp_perform_login(struct logininfo *li)
1082{
1d7b9b20 1083 struct utmp ut;
1084
1085 construct_utmp(li, &ut);
fa64c868 1086 return (wtmp_write(li, &ut));
564dd50a 1087}
1d7b9b20 1088
1089
1090static int
564dd50a 1091wtmp_perform_logout(struct logininfo *li)
1092{
1d7b9b20 1093 struct utmp ut;
1094
1095 construct_utmp(li, &ut);
fa64c868 1096 return (wtmp_write(li, &ut));
564dd50a 1097}
1d7b9b20 1098
1099
1100int
564dd50a 1101wtmp_write_entry(struct logininfo *li)
1102{
1d7b9b20 1103 switch(li->type) {
1104 case LTYPE_LOGIN:
fa64c868 1105 return (wtmp_perform_login(li));
1d7b9b20 1106 case LTYPE_LOGOUT:
fa64c868 1107 return (wtmp_perform_logout(li));
1d7b9b20 1108 default:
a233586b 1109 logit("%s: invalid type field", __func__);
fa64c868 1110 return (0);
1d7b9b20 1111 }
564dd50a 1112}
1d7b9b20 1113
1114
fa64c868 1115/*
1116 * Notes on fetching login data from wtmp/wtmpx
2b87da3b 1117 *
5abcdf8e 1118 * Logouts are usually recorded with (amongst other things) a blank
1119 * username on a given tty line. However, some systems (HP-UX is one)
1120 * leave all fields set, but change the ut_type field to DEAD_PROCESS.
1121 *
1122 * Since we're only looking for logins here, we know that the username
1123 * must be set correctly. On systems that leave it in, we check for
1124 * ut_type==USER_PROCESS (indicating a login.)
1125 *
1126 * Portability: Some systems may set something other than USER_PROCESS
1127 * to indicate a login process. I don't know of any as I write. Also,
1128 * it's possible that some systems may both leave the username in
1129 * place and not have ut_type.
1130 */
1131
5abcdf8e 1132/* return true if this wtmp entry indicates a login */
1133static int
1134wtmp_islogin(struct logininfo *li, struct utmp *ut)
1135{
2b87da3b 1136 if (strncmp(li->username, ut->ut_name,
fa64c868 1137 MIN_SIZEOF(li->username, ut->ut_name)) == 0) {
a05a70ab 1138# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 1139 if (ut->ut_type & USER_PROCESS)
fa64c868 1140 return (1);
a05a70ab 1141# else
fa64c868 1142 return (1);
a05a70ab 1143# endif
5abcdf8e 1144 }
fa64c868 1145 return (0);
5abcdf8e 1146}
1147
1d7b9b20 1148int
564dd50a 1149wtmp_get_entry(struct logininfo *li)
1150{
1d7b9b20 1151 struct stat st;
1152 struct utmp ut;
fa64c868 1153 int fd, found = 0;
5abcdf8e 1154
1155 /* Clear the time entries in our logininfo */
1156 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1157
1158 if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) {
a233586b 1159 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1160 WTMP_FILE, strerror(errno));
fa64c868 1161 return (0);
1d7b9b20 1162 }
2b87da3b 1163 if (fstat(fd, &st) != 0) {
a233586b 1164 logit("%s: couldn't stat %s: %s", __func__,
1d7b9b20 1165 WTMP_FILE, strerror(errno));
1166 close(fd);
fa64c868 1167 return (0);
1d7b9b20 1168 }
1d7b9b20 1169
5abcdf8e 1170 /* Seek to the start of the last struct utmp */
d9d47a26 1171 if (lseek(fd, -(off_t)sizeof(struct utmp), SEEK_END) == -1) {
5abcdf8e 1172 /* Looks like we've got a fresh wtmp file */
1173 close(fd);
fa64c868 1174 return (0);
5abcdf8e 1175 }
1176
1177 while (!found) {
9f32ceb4 1178 if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) {
a233586b 1179 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1180 WTMP_FILE, strerror(errno));
1181 close (fd);
fa64c868 1182 return (0);
1d7b9b20 1183 }
5abcdf8e 1184 if ( wtmp_islogin(li, &ut) ) {
1185 found = 1;
fa64c868 1186 /*
1187 * We've already checked for a time in struct
1188 * utmp, in login_getlast()
1189 */
a05a70ab 1190# ifdef HAVE_TIME_IN_UTMP
1d7b9b20 1191 li->tv_sec = ut.ut_time;
a05a70ab 1192# else
1d7b9b20 1193# if HAVE_TV_IN_UTMP
1194 li->tv_sec = ut.ut_tv.tv_sec;
1195# endif
a05a70ab 1196# endif
5abcdf8e 1197 line_fullname(li->line, ut.ut_line,
fa64c868 1198 MIN_SIZEOF(li->line, ut.ut_line));
a05a70ab 1199# ifdef HAVE_HOST_IN_UTMP
5abcdf8e 1200 strlcpy(li->hostname, ut.ut_host,
fa64c868 1201 MIN_SIZEOF(li->hostname, ut.ut_host));
a05a70ab 1202# endif
5abcdf8e 1203 continue;
1d7b9b20 1204 }
5abcdf8e 1205 /* Seek back 2 x struct utmp */
d9d47a26 1206 if (lseek(fd, -(off_t)(2 * sizeof(struct utmp)), SEEK_CUR) == -1) {
5abcdf8e 1207 /* We've found the start of the file, so quit */
fa64c868 1208 close(fd);
1209 return (0);
1d7b9b20 1210 }
5abcdf8e 1211 }
1212
1213 /* We found an entry. Tidy up and return */
1214 close(fd);
fa64c868 1215 return (1);
564dd50a 1216}
a05a70ab 1217# endif /* USE_WTMP */
1d7b9b20 1218
1219
1220/**
564dd50a 1221 ** Low-level wtmpx functions
1d7b9b20 1222 **/
1223
1224#ifdef USE_WTMPX
fa64c868 1225/*
1226 * Write a wtmpx entry direct to the end of the file
1227 * This is a slight modification of code in OpenBSD's logwtmp.c
1228 */
1d7b9b20 1229static int
564dd50a 1230wtmpx_write(struct logininfo *li, struct utmpx *utx)
1231{
41c64c91 1232#ifndef HAVE_UPDWTMPX
1d7b9b20 1233 struct stat buf;
1234 int fd, ret = 1;
1235
1236 if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
a233586b 1237 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1238 WTMPX_FILE, strerror(errno));
fa64c868 1239 return (0);
1d7b9b20 1240 }
1241
2b87da3b 1242 if (fstat(fd, &buf) == 0)
d72f7b79 1243 if (atomicio(vwrite, fd, utx, sizeof(*utx)) != sizeof(*utx)) {
1d7b9b20 1244 ftruncate(fd, buf.st_size);
a233586b 1245 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1246 WTMPX_FILE, strerror(errno));
1247 ret = 0;
1248 }
fa64c868 1249 close(fd);
1d7b9b20 1250
fa64c868 1251 return (ret);
41c64c91 1252#else
1253 updwtmpx(WTMPX_FILE, utx);
fa64c868 1254 return (1);
41c64c91 1255#endif
564dd50a 1256}
1d7b9b20 1257
1258
1259static int
564dd50a 1260wtmpx_perform_login(struct logininfo *li)
1261{
1d7b9b20 1262 struct utmpx utx;
1263
1264 construct_utmpx(li, &utx);
fa64c868 1265 return (wtmpx_write(li, &utx));
564dd50a 1266}
1d7b9b20 1267
1268
1269static int
564dd50a 1270wtmpx_perform_logout(struct logininfo *li)
1271{
1d7b9b20 1272 struct utmpx utx;
1273
1274 construct_utmpx(li, &utx);
fa64c868 1275 return (wtmpx_write(li, &utx));
564dd50a 1276}
1d7b9b20 1277
1278
1279int
564dd50a 1280wtmpx_write_entry(struct logininfo *li)
1281{
1d7b9b20 1282 switch(li->type) {
1283 case LTYPE_LOGIN:
fa64c868 1284 return (wtmpx_perform_login(li));
1d7b9b20 1285 case LTYPE_LOGOUT:
fa64c868 1286 return (wtmpx_perform_logout(li));
1d7b9b20 1287 default:
a233586b 1288 logit("%s: invalid type field", __func__);
fa64c868 1289 return (0);
1d7b9b20 1290 }
564dd50a 1291}
1d7b9b20 1292
5abcdf8e 1293/* Please see the notes above wtmp_islogin() for information about the
1294 next two functions */
1295
1296/* Return true if this wtmpx entry indicates a login */
1297static int
1298wtmpx_islogin(struct logininfo *li, struct utmpx *utx)
1299{
fa64c868 1300 if (strncmp(li->username, utx->ut_name,
1301 MIN_SIZEOF(li->username, utx->ut_name)) == 0 ) {
a05a70ab 1302# ifdef HAVE_TYPE_IN_UTMPX
5abcdf8e 1303 if (utx->ut_type == USER_PROCESS)
fa64c868 1304 return (1);
a05a70ab 1305# else
fa64c868 1306 return (1);
a05a70ab 1307# endif
5abcdf8e 1308 }
fa64c868 1309 return (0);
5abcdf8e 1310}
1311
1d7b9b20 1312
1313int
564dd50a 1314wtmpx_get_entry(struct logininfo *li)
1315{
1d7b9b20 1316 struct stat st;
1317 struct utmpx utx;
5abcdf8e 1318 int fd, found=0;
1319
1320 /* Clear the time entries */
1321 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1322
1323 if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) {
a233586b 1324 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1325 WTMPX_FILE, strerror(errno));
fa64c868 1326 return (0);
1d7b9b20 1327 }
2b87da3b 1328 if (fstat(fd, &st) != 0) {
a233586b 1329 logit("%s: couldn't stat %s: %s", __func__,
fdebdd4f 1330 WTMPX_FILE, strerror(errno));
1d7b9b20 1331 close(fd);
fa64c868 1332 return (0);
1d7b9b20 1333 }
2b87da3b 1334
5abcdf8e 1335 /* Seek to the start of the last struct utmpx */
d9d47a26 1336 if (lseek(fd, -(off_t)sizeof(struct utmpx), SEEK_END) == -1 ) {
5abcdf8e 1337 /* probably a newly rotated wtmpx file */
1338 close(fd);
fa64c868 1339 return (0);
5abcdf8e 1340 }
1d7b9b20 1341
5abcdf8e 1342 while (!found) {
9f32ceb4 1343 if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) {
a233586b 1344 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1345 WTMPX_FILE, strerror(errno));
1346 close (fd);
fa64c868 1347 return (0);
1d7b9b20 1348 }
fa64c868 1349 /*
1350 * Logouts are recorded as a blank username on a particular
1351 * line. So, we just need to find the username in struct utmpx
1352 */
1353 if (wtmpx_islogin(li, &utx)) {
d80063fe 1354 found = 1;
fa64c868 1355# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 1356 li->tv_sec = utx.ut_tv.tv_sec;
fa64c868 1357# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 1358 li->tv_sec = utx.ut_time;
a05a70ab 1359# endif
a4d05724 1360 line_fullname(li->line, utx.ut_line, sizeof(li->line));
fa64c868 1361# if defined(HAVE_HOST_IN_UTMPX)
5abcdf8e 1362 strlcpy(li->hostname, utx.ut_host,
fa64c868 1363 MIN_SIZEOF(li->hostname, utx.ut_host));
a05a70ab 1364# endif
5abcdf8e 1365 continue;
1d7b9b20 1366 }
d9d47a26 1367 if (lseek(fd, -(off_t)(2 * sizeof(struct utmpx)), SEEK_CUR) == -1) {
fa64c868 1368 close(fd);
1369 return (0);
1d7b9b20 1370 }
5abcdf8e 1371 }
1372
1373 close(fd);
fa64c868 1374 return (1);
564dd50a 1375}
f988dce5 1376#endif /* USE_WTMPX */
1d7b9b20 1377
1d7b9b20 1378/**
564dd50a 1379 ** Low-level libutil login() functions
1d7b9b20 1380 **/
1381
1382#ifdef USE_LOGIN
1d7b9b20 1383static int
564dd50a 1384syslogin_perform_login(struct logininfo *li)
1385{
1d7b9b20 1386 struct utmp *ut;
1387
7a52470e 1388 ut = xmalloc(sizeof(*ut));
1d7b9b20 1389 construct_utmp(li, ut);
1390 login(ut);
6cef88bc 1391 free(ut);
1d7b9b20 1392
fa64c868 1393 return (1);
564dd50a 1394}
1d7b9b20 1395
564dd50a 1396static int
1397syslogin_perform_logout(struct logininfo *li)
1398{
a05a70ab 1399# ifdef HAVE_LOGOUT
f20d4564 1400 char line[UT_LINESIZE];
2b87da3b 1401
1d7b9b20 1402 (void)line_stripname(line, li->line, sizeof(line));
1403
fa64c868 1404 if (!logout(line))
a233586b 1405 logit("%s: logout() returned an error", __func__);
a05a70ab 1406# ifdef HAVE_LOGWTMP
fa64c868 1407 else
1d7b9b20 1408 logwtmp(line, "", "");
a05a70ab 1409# endif
5abcdf8e 1410 /* FIXME: (ATL - if the need arises) What to do if we have
1411 * login, but no logout? what if logout but no logwtmp? All
1412 * routines are in libutil so they should all be there,
1413 * but... */
a05a70ab 1414# endif
fa64c868 1415 return (1);
564dd50a 1416}
1d7b9b20 1417
1d7b9b20 1418int
564dd50a 1419syslogin_write_entry(struct logininfo *li)
1420{
1d7b9b20 1421 switch (li->type) {
1422 case LTYPE_LOGIN:
fa64c868 1423 return (syslogin_perform_login(li));
1d7b9b20 1424 case LTYPE_LOGOUT:
fa64c868 1425 return (syslogin_perform_logout(li));
1d7b9b20 1426 default:
a233586b 1427 logit("%s: Invalid type field", __func__);
fa64c868 1428 return (0);
1d7b9b20 1429 }
564dd50a 1430}
f988dce5 1431#endif /* USE_LOGIN */
1d7b9b20 1432
1433/* end of file log-syslogin.c */
1434
1d7b9b20 1435/**
564dd50a 1436 ** Low-level lastlog functions
1d7b9b20 1437 **/
1438
1439#ifdef USE_LASTLOG
a05a70ab 1440#define LL_FILE 1
1441#define LL_DIR 2
1442#define LL_OTHER 3
1d7b9b20 1443
1d7b9b20 1444static void
564dd50a 1445lastlog_construct(struct logininfo *li, struct lastlog *last)
1446{
1d7b9b20 1447 /* clear the structure */
dbaa2e87 1448 memset(last, '\0', sizeof(*last));
2b87da3b 1449
fa64c868 1450 line_stripname(last->ll_line, li->line, sizeof(last->ll_line));
5abcdf8e 1451 strlcpy(last->ll_host, li->hostname,
1452 MIN_SIZEOF(last->ll_host, li->hostname));
1d7b9b20 1453 last->ll_time = li->tv_sec;
564dd50a 1454}
1d7b9b20 1455
1d7b9b20 1456static int
564dd50a 1457lastlog_filetype(char *filename)
1458{
1d7b9b20 1459 struct stat st;
1460
a05a70ab 1461 if (stat(LASTLOG_FILE, &st) != 0) {
a233586b 1462 logit("%s: Couldn't stat %s: %s", __func__,
fa64c868 1463 LASTLOG_FILE, strerror(errno));
1464 return (0);
1d7b9b20 1465 }
1d7b9b20 1466 if (S_ISDIR(st.st_mode))
fa64c868 1467 return (LL_DIR);
1d7b9b20 1468 else if (S_ISREG(st.st_mode))
fa64c868 1469 return (LL_FILE);
1d7b9b20 1470 else
fa64c868 1471 return (LL_OTHER);
564dd50a 1472}
1d7b9b20 1473
1474
1475/* open the file (using filemode) and seek to the login entry */
1476static int
564dd50a 1477lastlog_openseek(struct logininfo *li, int *fd, int filemode)
1478{
1d7b9b20 1479 off_t offset;
1480 int type;
1481 char lastlog_file[1024];
1482
1483 type = lastlog_filetype(LASTLOG_FILE);
1484 switch (type) {
fa64c868 1485 case LL_FILE:
1486 strlcpy(lastlog_file, LASTLOG_FILE,
1487 sizeof(lastlog_file));
1488 break;
1489 case LL_DIR:
1490 snprintf(lastlog_file, sizeof(lastlog_file), "%s/%s",
1491 LASTLOG_FILE, li->username);
1492 break;
1493 default:
a233586b 1494 logit("%s: %.100s is not a file or directory!", __func__,
fa64c868 1495 LASTLOG_FILE);
1496 return (0);
a05a70ab 1497 }
1d7b9b20 1498
ee476051 1499 *fd = open(lastlog_file, filemode, 0600);
fa64c868 1500 if (*fd < 0) {
a233586b 1501 debug("%s: Couldn't open %s: %s", __func__,
1d7b9b20 1502 lastlog_file, strerror(errno));
fa64c868 1503 return (0);
1d7b9b20 1504 }
2b87da3b 1505
d93a7e5a 1506 if (type == LL_FILE) {
1507 /* find this uid's offset in the lastlog file */
d9d47a26 1508 offset = (off_t) ((long)li->uid * sizeof(struct lastlog));
1d7b9b20 1509
fa64c868 1510 if (lseek(*fd, offset, SEEK_SET) != offset) {
a233586b 1511 logit("%s: %s->lseek(): %s", __func__,
1512 lastlog_file, strerror(errno));
fa64c868 1513 return (0);
d93a7e5a 1514 }
1d7b9b20 1515 }
2b87da3b 1516
fa64c868 1517 return (1);
564dd50a 1518}
1d7b9b20 1519
1520static int
564dd50a 1521lastlog_perform_login(struct logininfo *li)
1522{
1d7b9b20 1523 struct lastlog last;
1524 int fd;
1525
1526 /* create our struct lastlog */
1527 lastlog_construct(li, &last);
1528
ee476051 1529 if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT))
fa64c868 1530 return (0);
2b87da3b 1531
1d7b9b20 1532 /* write the entry */
d72f7b79 1533 if (atomicio(vwrite, fd, &last, sizeof(last)) != sizeof(last)) {
1a022229 1534 close(fd);
a233586b 1535 logit("%s: Error writing to %s: %s", __func__,
1a022229 1536 LASTLOG_FILE, strerror(errno));
fa64c868 1537 return (0);
a05a70ab 1538 }
1a022229 1539
1540 close(fd);
fa64c868 1541 return (1);
564dd50a 1542}
1d7b9b20 1543
1d7b9b20 1544int
564dd50a 1545lastlog_write_entry(struct logininfo *li)
1546{
1d7b9b20 1547 switch(li->type) {
1548 case LTYPE_LOGIN:
fa64c868 1549 return (lastlog_perform_login(li));
1d7b9b20 1550 default:
a233586b 1551 logit("%s: Invalid type field", __func__);
fa64c868 1552 return (0);
1d7b9b20 1553 }
564dd50a 1554}
1d7b9b20 1555
1d7b9b20 1556static void
564dd50a 1557lastlog_populate_entry(struct logininfo *li, struct lastlog *last)
1558{
1d7b9b20 1559 line_fullname(li->line, last->ll_line, sizeof(li->line));
2b87da3b 1560 strlcpy(li->hostname, last->ll_host,
fa64c868 1561 MIN_SIZEOF(li->hostname, last->ll_host));
1d7b9b20 1562 li->tv_sec = last->ll_time;
564dd50a 1563}
1d7b9b20 1564
1d7b9b20 1565int
564dd50a 1566lastlog_get_entry(struct logininfo *li)
1567{
1d7b9b20 1568 struct lastlog last;
ed05a983 1569 int fd, ret;
1d7b9b20 1570
ce49121d 1571 if (!lastlog_openseek(li, &fd, O_RDONLY))
ed05a983 1572 return (0);
ce49121d 1573
ed05a983 1574 ret = atomicio(read, fd, &last, sizeof(last));
ce49121d 1575 close(fd);
1576
ed05a983 1577 switch (ret) {
1578 case 0:
1579 memset(&last, '\0', sizeof(last));
1580 /* FALLTHRU */
1581 case sizeof(last):
1582 lastlog_populate_entry(li, &last);
1583 return (1);
1584 case -1:
aff51935 1585 error("%s: Error reading from %s: %s", __func__,
ed05a983 1586 LASTLOG_FILE, strerror(errno));
1587 return (0);
1588 default:
1589 error("%s: Error reading from %s: Expecting %d, got %d",
1590 __func__, LASTLOG_FILE, sizeof(last), ret);
1591 return (0);
1592 }
ce49121d 1593
ed05a983 1594 /* NOTREACHED */
1595 return (0);
564dd50a 1596}
f988dce5 1597#endif /* USE_LASTLOG */
b6610e8f 1598
1599#ifdef USE_BTMP
1600 /*
1601 * Logs failed login attempts in _PATH_BTMP if that exists.
1602 * The most common login failure is to give password instead of username.
1603 * So the _PATH_BTMP file checked for the correct permission, so that
1604 * only root can read it.
1605 */
1606
1607void
1608record_failed_login(const char *username, const char *hostname,
1609 const char *ttyn)
1610{
1611 int fd;
1612 struct utmp ut;
1613 struct sockaddr_storage from;
1614 size_t fromlen = sizeof(from);
1615 struct sockaddr_in *a4;
1616 struct sockaddr_in6 *a6;
1617 time_t t;
1618 struct stat fst;
1619
1620 if (geteuid() != 0)
1621 return;
1622 if ((fd = open(_PATH_BTMP, O_WRONLY | O_APPEND)) < 0) {
1623 debug("Unable to open the btmp file %s: %s", _PATH_BTMP,
1624 strerror(errno));
1625 return;
1626 }
1627 if (fstat(fd, &fst) < 0) {
1628 logit("%s: fstat of %s failed: %s", __func__, _PATH_BTMP,
1629 strerror(errno));
1630 goto out;
1631 }
1632 if((fst.st_mode & (S_IRWXG | S_IRWXO)) || (fst.st_uid != 0)){
1633 logit("Excess permission or bad ownership on file %s",
1634 _PATH_BTMP);
1635 goto out;
1636 }
1637
1638 memset(&ut, 0, sizeof(ut));
1639 /* strncpy because we don't necessarily want nul termination */
1640 strncpy(ut.ut_user, username, sizeof(ut.ut_user));
1641 strlcpy(ut.ut_line, "ssh:notty", sizeof(ut.ut_line));
1642
1643 time(&t);
1644 ut.ut_time = t; /* ut_time is not always a time_t */
1645 ut.ut_type = LOGIN_PROCESS;
1646 ut.ut_pid = getpid();
1647
1648 /* strncpy because we don't necessarily want nul termination */
1649 strncpy(ut.ut_host, hostname, sizeof(ut.ut_host));
1650
1651 if (packet_connection_is_on_socket() &&
1652 getpeername(packet_get_connection_in(),
1653 (struct sockaddr *)&from, &fromlen) == 0) {
1654 ipv64_normalise_mapped(&from, &fromlen);
1655 if (from.ss_family == AF_INET) {
1656 a4 = (struct sockaddr_in *)&from;
1657 memcpy(&ut.ut_addr, &(a4->sin_addr),
1658 MIN_SIZEOF(ut.ut_addr, a4->sin_addr));
1659 }
1660#ifdef HAVE_ADDR_V6_IN_UTMP
1661 if (from.ss_family == AF_INET6) {
1662 a6 = (struct sockaddr_in6 *)&from;
1663 memcpy(&ut.ut_addr_v6, &(a6->sin6_addr),
1664 MIN_SIZEOF(ut.ut_addr_v6, a6->sin6_addr));
1665 }
1666#endif
1667 }
1668
1669 if (atomicio(vwrite, fd, &ut, sizeof(ut)) != sizeof(ut))
1670 error("Failed to write to %s: %s", _PATH_BTMP,
1671 strerror(errno));
1672
1673out:
1674 close(fd);
1675}
1676#endif /* USE_BTMP */
git-cvsimport mirror of OpenSSH
This page took 7.513515 seconds and 5 git commands to generate.