]> andersk Git - openssh.git/blame - loginrec.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- djm@cvs.openbsd.org 2010/01/30 02:54:53
[openssh.git] / loginrec.c
CommitLineData
1d7b9b20 1/*
2 * Copyright (c) 2000 Andre Lucas. All rights reserved.
564dd50a 3 * Portions copyright (c) 1998 Todd C. Miller
4 * Portions copyright (c) 1996 Jason Downs
5 * Portions copyright (c) 1996 Theo de Raadt
1d7b9b20 6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
1d7b9b20 15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
b6610e8f 28/*
29 * The btmp logging code is derived from login.c from util-linux and is under
30 * the the following license:
31 *
32 * Copyright (c) 1980, 1987, 1988 The Regents of the University of California.
33 * All rights reserved.
34 *
35 * Redistribution and use in source and binary forms are permitted
36 * provided that the above copyright notice and this paragraph are
37 * duplicated in all such forms and that any documentation,
38 * advertising materials, and other materials related to such
39 * distribution and use acknowledge that the software was developed
40 * by the University of California, Berkeley. The name of the
41 * University may not be used to endorse or promote products derived
42 * from this software without specific prior written permission.
43 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
44 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
45 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
46 */
47
48
2b87da3b 49/**
1d7b9b20 50 ** loginrec.c: platform-independent login recording and lastlog retrieval
51 **/
52
564dd50a 53/*
fa64c868 54 * The new login code explained
55 * ============================
56 *
57 * This code attempts to provide a common interface to login recording
58 * (utmp and friends) and last login time retrieval.
59 *
60 * Its primary means of achieving this is to use 'struct logininfo', a
61 * union of all the useful fields in the various different types of
62 * system login record structures one finds on UNIX variants.
63 *
64 * We depend on autoconf to define which recording methods are to be
65 * used, and which fields are contained in the relevant data structures
66 * on the local system. Many C preprocessor symbols affect which code
67 * gets compiled here.
68 *
69 * The code is designed to make it easy to modify a particular
70 * recording method, without affecting other methods nor requiring so
71 * many nested conditional compilation blocks as were commonplace in
72 * the old code.
73 *
74 * For login recording, we try to use the local system's libraries as
75 * these are clearly most likely to work correctly. For utmp systems
76 * this usually means login() and logout() or setutent() etc., probably
77 * in libutil, along with logwtmp() etc. On these systems, we fall back
78 * to writing the files directly if we have to, though this method
79 * requires very thorough testing so we do not corrupt local auditing
80 * information. These files and their access methods are very system
81 * specific indeed.
82 *
83 * For utmpx systems, the corresponding library functions are
84 * setutxent() etc. To the author's knowledge, all utmpx systems have
85 * these library functions and so no direct write is attempted. If such
86 * a system exists and needs support, direct analogues of the [uw]tmp
87 * code should suffice.
88 *
89 * Retrieving the time of last login ('lastlog') is in some ways even
90 * more problemmatic than login recording. Some systems provide a
91 * simple table of all users which we seek based on uid and retrieve a
92 * relatively standard structure. Others record the same information in
93 * a directory with a separate file, and others don't record the
94 * information separately at all. For systems in the latter category,
95 * we look backwards in the wtmp or wtmpx file for the last login entry
96 * for our user. Naturally this is slower and on busy systems could
97 * incur a significant performance penalty.
98 *
99 * Calling the new code
100 * --------------------
101 *
102 * In OpenSSH all login recording and retrieval is performed in
103 * login.c. Here you'll find working examples. Also, in the logintest.c
104 * program there are more examples.
105 *
106 * Internal handler calling method
107 * -------------------------------
108 *
109 * When a call is made to login_login() or login_logout(), both
110 * routines set a struct logininfo flag defining which action (log in,
111 * or log out) is to be taken. They both then call login_write(), which
112 * calls whichever of the many structure-specific handlers autoconf
113 * selects for the local system.
114 *
115 * The handlers themselves handle system data structure specifics. Both
116 * struct utmp and struct utmpx have utility functions (see
117 * construct_utmp*()) to try to make it simpler to add extra systems
118 * that introduce new features to either structure.
119 *
120 * While it may seem terribly wasteful to replicate so much similar
121 * code for each method, experience has shown that maintaining code to
122 * write both struct utmp and utmpx in one function, whilst maintaining
123 * support for all systems whether they have library support or not, is
124 * a difficult and time-consuming task.
125 *
126 * Lastlog support proceeds similarly. Functions login_get_lastlog()
127 * (and its OpenSSH-tuned friend login_get_lastlog_time()) call
128 * getlast_entry(), which tries one of three methods to find the last
129 * login time. It uses local system lastlog support if it can,
130 * otherwise it tries wtmp or wtmpx before giving up and returning 0,
131 * meaning "tilt".
132 *
133 * Maintenance
134 * -----------
135 *
136 * In many cases it's possible to tweak autoconf to select the correct
137 * methods for a particular platform, either by improving the detection
138 * code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE
139 * symbols for the platform.
140 *
141 * Use logintest to check which symbols are defined before modifying
142 * configure.ac and loginrec.c. (You have to build logintest yourself
143 * with 'make logintest' as it's not built by default.)
144 *
145 * Otherwise, patches to the specific method(s) are very helpful!
146 */
1d7b9b20 147
148#include "includes.h"
149
81e73e57 150#include <sys/types.h>
151#include <sys/stat.h>
9794d008 152#include <sys/socket.h>
153
154#include <netinet/in.h>
81e73e57 155
fec71b2f 156#include <errno.h>
22bbb3e6 157#include <fcntl.h>
4130b6f1 158#ifdef HAVE_PATHS_H
159# include <paths.h>
160#endif
b1842393 161#include <pwd.h>
24436b92 162#include <stdarg.h>
28cb0a43 163#include <string.h>
e5b792cd 164#include <time.h>
28cb0a43 165#include <unistd.h>
b1842393 166
1d7b9b20 167#include "xmalloc.h"
31652869 168#include "key.h"
169#include "hostfile.h"
170#include "ssh.h"
1d7b9b20 171#include "loginrec.h"
42f11eb2 172#include "log.h"
173#include "atomicio.h"
b6610e8f 174#include "packet.h"
175#include "canohost.h"
c00e4d75 176#include "auth.h"
c53d8c93 177#include "buffer.h"
1d7b9b20 178
44d5f7f7 179#ifdef HAVE_UTIL_H
fa64c868 180# include <util.h>
44d5f7f7 181#endif
182
8f523d67 183#ifdef HAVE_LIBUTIL_H
fa64c868 184# include <libutil.h>
8f523d67 185#endif
186
1d7b9b20 187/**
188 ** prototypes for helper functions in this file
189 **/
190
191#if HAVE_UTMP_H
1d7b9b20 192void set_utmp_time(struct logininfo *li, struct utmp *ut);
193void construct_utmp(struct logininfo *li, struct utmp *ut);
194#endif
195
196#ifdef HAVE_UTMPX_H
1d7b9b20 197void set_utmpx_time(struct logininfo *li, struct utmpx *ut);
198void construct_utmpx(struct logininfo *li, struct utmpx *ut);
199#endif
200
201int utmp_write_entry(struct logininfo *li);
202int utmpx_write_entry(struct logininfo *li);
203int wtmp_write_entry(struct logininfo *li);
204int wtmpx_write_entry(struct logininfo *li);
205int lastlog_write_entry(struct logininfo *li);
206int syslogin_write_entry(struct logininfo *li);
207
208int getlast_entry(struct logininfo *li);
209int lastlog_get_entry(struct logininfo *li);
210int wtmp_get_entry(struct logininfo *li);
211int wtmpx_get_entry(struct logininfo *li);
212
5ccf88cb 213extern Buffer loginmsg;
214
5abcdf8e 215/* pick the shortest string */
fa64c868 216#define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))
5abcdf8e 217
1d7b9b20 218/**
219 ** platform-independent login functions
220 **/
221
fa64c868 222/*
223 * login_login(struct logininfo *) - Record a login
2b87da3b 224 *
5abcdf8e 225 * Call with a pointer to a struct logininfo initialised with
226 * login_init_entry() or login_alloc_entry()
227 *
228 * Returns:
229 * >0 if successful
230 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
231 */
564dd50a 232int
fa64c868 233login_login(struct logininfo *li)
564dd50a 234{
235 li->type = LTYPE_LOGIN;
fa64c868 236 return (login_write(li));
564dd50a 237}
1d7b9b20 238
239
fa64c868 240/*
241 * login_logout(struct logininfo *) - Record a logout
5abcdf8e 242 *
243 * Call as with login_login()
244 *
245 * Returns:
246 * >0 if successful
247 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
248 */
564dd50a 249int
250login_logout(struct logininfo *li)
251{
252 li->type = LTYPE_LOGOUT;
fa64c868 253 return (login_write(li));
1d7b9b20 254}
255
fa64c868 256/*
257 * login_get_lastlog_time(int) - Retrieve the last login time
5abcdf8e 258 *
259 * Retrieve the last login time for the given uid. Will try to use the
260 * system lastlog facilities if they are available, but will fall back
261 * to looking in wtmp/wtmpx if necessary
262 *
263 * Returns:
264 * 0 on failure, or if user has never logged in
265 * Time in seconds from the epoch if successful
266 *
267 * Useful preprocessor symbols:
268 * DISABLE_LASTLOG: If set, *never* even try to retrieve lastlog
269 * info
270 * USE_LASTLOG: If set, indicates the presence of system lastlog
271 * facilities. If this and DISABLE_LASTLOG are not set,
272 * try to retrieve lastlog information from wtmp/wtmpx.
273 */
564dd50a 274unsigned int
275login_get_lastlog_time(const int uid)
276{
277 struct logininfo li;
1d7b9b20 278
5abcdf8e 279 if (login_get_lastlog(&li, uid))
fa64c868 280 return (li.tv_sec);
5abcdf8e 281 else
fa64c868 282 return (0);
564dd50a 283}
1d7b9b20 284
fa64c868 285/*
286 * login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry
5abcdf8e 287 *
288 * Retrieve a logininfo structure populated (only partially) with
289 * information from the system lastlog data, or from wtmp/wtmpx if no
290 * system lastlog information exists.
291 *
292 * Note this routine must be given a pre-allocated logininfo.
293 *
294 * Returns:
295 * >0: A pointer to your struct logininfo if successful
296 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
5abcdf8e 297 */
564dd50a 298struct logininfo *
299login_get_lastlog(struct logininfo *li, const int uid)
300{
5abcdf8e 301 struct passwd *pw;
5abcdf8e 302
dbaa2e87 303 memset(li, '\0', sizeof(*li));
1d7b9b20 304 li->uid = uid;
5abcdf8e 305
2b87da3b 306 /*
9f32ceb4 307 * If we don't have a 'real' lastlog, we need the username to
5abcdf8e 308 * reliably search wtmp(x) for the last login (see
2b87da3b 309 * wtmp_get_entry().)
9f32ceb4 310 */
5abcdf8e 311 pw = getpwuid(uid);
a05a70ab 312 if (pw == NULL)
a233586b 313 fatal("%s: Cannot find account for uid %i", __func__, uid);
2b87da3b 314
1bfbb762 315 /* No MIN_SIZEOF here - we absolutely *must not* truncate the
fa64c868 316 * username (XXX - so check for trunc!) */
d8caae24 317 strlcpy(li->username, pw->pw_name, sizeof(li->username));
a05a70ab 318
564dd50a 319 if (getlast_entry(li))
fa64c868 320 return (li);
564dd50a 321 else
fa64c868 322 return (NULL);
1d7b9b20 323}
324
1d7b9b20 325
fa64c868 326/*
327 * login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
2b87da3b 328 * a logininfo structure
329 *
5abcdf8e 330 * This function creates a new struct logininfo, a data structure
331 * meant to carry the information required to portably record login info.
332 *
333 * Returns a pointer to a newly created struct logininfo. If memory
334 * allocation fails, the program halts.
335 */
564dd50a 336struct
337logininfo *login_alloc_entry(int pid, const char *username,
fa64c868 338 const char *hostname, const char *line)
564dd50a 339{
340 struct logininfo *newli;
1d7b9b20 341
fa64c868 342 newli = xmalloc(sizeof(*newli));
343 login_init_entry(newli, pid, username, hostname, line);
344 return (newli);
1d7b9b20 345}
346
347
5abcdf8e 348/* login_free_entry(struct logininfo *) - free struct memory */
1d7b9b20 349void
564dd50a 350login_free_entry(struct logininfo *li)
351{
352 xfree(li);
1d7b9b20 353}
354
355
5abcdf8e 356/* login_init_entry(struct logininfo *, int, char*, char*, char*)
357 * - initialise a struct logininfo
2b87da3b 358 *
5abcdf8e 359 * Populates a new struct logininfo, a data structure meant to carry
360 * the information required to portably record login info.
361 *
362 * Returns: 1
363 */
564dd50a 364int
2b87da3b 365login_init_entry(struct logininfo *li, int pid, const char *username,
fa64c868 366 const char *hostname, const char *line)
564dd50a 367{
d8caae24 368 struct passwd *pw;
2b87da3b 369
dbaa2e87 370 memset(li, 0, sizeof(*li));
2b87da3b 371
564dd50a 372 li->pid = pid;
d8caae24 373
564dd50a 374 /* set the line information */
375 if (line)
376 line_fullname(li->line, line, sizeof(li->line));
1d7b9b20 377
d8caae24 378 if (username) {
564dd50a 379 strlcpy(li->username, username, sizeof(li->username));
d8caae24 380 pw = getpwnam(li->username);
fa64c868 381 if (pw == NULL) {
d1cf9a87 382 fatal("%s: Cannot find user \"%s\"", __func__,
fa64c868 383 li->username);
384 }
d8caae24 385 li->uid = pw->pw_uid;
386 }
a05a70ab 387
564dd50a 388 if (hostname)
389 strlcpy(li->hostname, hostname, sizeof(li->hostname));
d8caae24 390
fa64c868 391 return (1);
1d7b9b20 392}
393
d1cf9a87 394/*
fa64c868 395 * login_set_current_time(struct logininfo *) - set the current time
5abcdf8e 396 *
397 * Set the current time in a logininfo structure. This function is
398 * meant to eliminate the need to deal with system dependencies for
399 * time handling.
400 */
1d7b9b20 401void
564dd50a 402login_set_current_time(struct logininfo *li)
403{
1d7b9b20 404 struct timeval tv;
405
406 gettimeofday(&tv, NULL);
2b87da3b 407
d8caae24 408 li->tv_sec = tv.tv_sec;
409 li->tv_usec = tv.tv_usec;
1d7b9b20 410}
411
564dd50a 412/* copy a sockaddr_* into our logininfo */
1d7b9b20 413void
564dd50a 414login_set_addr(struct logininfo *li, const struct sockaddr *sa,
fa64c868 415 const unsigned int sa_size)
564dd50a 416{
417 unsigned int bufsize = sa_size;
418
419 /* make sure we don't overrun our union */
420 if (sizeof(li->hostaddr) < sa_size)
421 bufsize = sizeof(li->hostaddr);
422
fa64c868 423 memcpy(&li->hostaddr.sa, sa, bufsize);
1d7b9b20 424}
1d7b9b20 425
564dd50a 426
427/**
428 ** login_write: Call low-level recording functions based on autoconf
429 ** results
430 **/
1d7b9b20 431int
fa64c868 432login_write(struct logininfo *li)
564dd50a 433{
3c62e7eb 434#ifndef HAVE_CYGWIN
fa64c868 435 if (geteuid() != 0) {
436 logit("Attempt to write login records by non-root user (aborting)");
437 return (1);
1d7b9b20 438 }
3c62e7eb 439#endif
a05a70ab 440
1d7b9b20 441 /* set the timestamp */
442 login_set_current_time(li);
443#ifdef USE_LOGIN
444 syslogin_write_entry(li);
445#endif
446#ifdef USE_LASTLOG
fa64c868 447 if (li->type == LTYPE_LOGIN)
1d7b9b20 448 lastlog_write_entry(li);
1d7b9b20 449#endif
450#ifdef USE_UTMP
451 utmp_write_entry(li);
452#endif
453#ifdef USE_WTMP
454 wtmp_write_entry(li);
455#endif
456#ifdef USE_UTMPX
457 utmpx_write_entry(li);
458#endif
459#ifdef USE_WTMPX
460 wtmpx_write_entry(li);
f5ed3301 461#endif
462#ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
d1cf9a87 463 if (li->type == LTYPE_LOGIN &&
98c044d0 464 !sys_auth_record_login(li->username,li->hostname,li->line,
465 &loginmsg))
f5ed3301 466 logit("Writing login record failed for %s", li->username);
c00e4d75 467#endif
6039eeef 468#ifdef SSH_AUDIT_EVENTS
c00e4d75 469 if (li->type == LTYPE_LOGIN)
470 audit_session_open(li->line);
471 else if (li->type == LTYPE_LOGOUT)
472 audit_session_close(li->line);
1d7b9b20 473#endif
fa64c868 474 return (0);
1d7b9b20 475}
476
7e2d5fa4 477#ifdef LOGIN_NEEDS_UTMPX
478int
479login_utmp_only(struct logininfo *li)
480{
aff51935 481 li->type = LTYPE_LOGIN;
9e127e27 482 login_set_current_time(li);
7e2d5fa4 483# ifdef USE_UTMP
484 utmp_write_entry(li);
485# endif
486# ifdef USE_WTMP
487 wtmp_write_entry(li);
488# endif
489# ifdef USE_UTMPX
490 utmpx_write_entry(li);
491# endif
492# ifdef USE_WTMPX
493 wtmpx_write_entry(li);
494# endif
fa64c868 495 return (0);
7e2d5fa4 496}
497#endif
498
564dd50a 499/**
500 ** getlast_entry: Call low-level functions to retrieve the last login
501 ** time.
502 **/
1d7b9b20 503
564dd50a 504/* take the uid in li and return the last login time */
1d7b9b20 505int
564dd50a 506getlast_entry(struct logininfo *li)
507{
508#ifdef USE_LASTLOG
9f32ceb4 509 return(lastlog_get_entry(li));
a05a70ab 510#else /* !USE_LASTLOG */
1d7b9b20 511
fa64c868 512#if defined(DISABLE_LASTLOG)
2b87da3b 513 /* On some systems we shouldn't even try to obtain last login
3f45f1c3 514 * time, e.g. AIX */
fa64c868 515 return (0);
516# elif defined(USE_WTMP) && \
517 (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP))
564dd50a 518 /* retrieve last login time from utmp */
a05a70ab 519 return (wtmp_get_entry(li));
fa64c868 520# elif defined(USE_WTMPX) && \
521 (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX))
564dd50a 522 /* If wtmp isn't available, try wtmpx */
a05a70ab 523 return (wtmpx_get_entry(li));
fa64c868 524# else
564dd50a 525 /* Give up: No means of retrieving last login time */
fa64c868 526 return (0);
2b87da3b 527# endif /* DISABLE_LASTLOG */
a05a70ab 528#endif /* USE_LASTLOG */
564dd50a 529}
1d7b9b20 530
531
1d7b9b20 532
533/*
564dd50a 534 * 'line' string utility functions
535 *
536 * These functions process the 'line' string into one of three forms:
537 *
1d7b9b20 538 * 1. The full filename (including '/dev')
539 * 2. The stripped name (excluding '/dev')
564dd50a 540 * 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
541 * /dev/pts/1 -> ts/1 )
1d7b9b20 542 *
543 * Form 3 is used on some systems to identify a .tmp.? entry when
544 * attempting to remove it. Typically both addition and removal is
564dd50a 545 * performed by one application - say, sshd - so as long as the choice
546 * uniquely identifies a terminal it's ok.
1d7b9b20 547 */
548
549
fa64c868 550/*
551 * line_fullname(): add the leading '/dev/' if it doesn't exist make
552 * sure dst has enough space, if not just copy src (ugh)
553 */
1d7b9b20 554char *
44d71ad5 555line_fullname(char *dst, const char *src, u_int dstsize)
564dd50a 556{
1d7b9b20 557 memset(dst, '\0', dstsize);
fa64c868 558 if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5)))
1d7b9b20 559 strlcpy(dst, src, dstsize);
fa64c868 560 else {
a4d05724 561 strlcpy(dst, "/dev/", dstsize);
1d7b9b20 562 strlcat(dst, src, dstsize);
563 }
fa64c868 564 return (dst);
1d7b9b20 565}
566
564dd50a 567/* line_stripname(): strip the leading '/dev' if it exists, return dst */
1d7b9b20 568char *
564dd50a 569line_stripname(char *dst, const char *src, int dstsize)
570{
1d7b9b20 571 memset(dst, '\0', dstsize);
572 if (strncmp(src, "/dev/", 5) == 0)
89d7510a 573 strlcpy(dst, src + 5, dstsize);
1d7b9b20 574 else
575 strlcpy(dst, src, dstsize);
fa64c868 576 return (dst);
564dd50a 577}
578
d1cf9a87 579/*
fa64c868 580 * line_abbrevname(): Return the abbreviated (usually four-character)
564dd50a 581 * form of the line (Just use the last <dstsize> characters of the
582 * full name.)
583 *
584 * NOTE: use strncpy because we do NOT necessarily want zero
fa64c868 585 * termination
586 */
1d7b9b20 587char *
2b87da3b 588line_abbrevname(char *dst, const char *src, int dstsize)
a05a70ab 589{
590 size_t len;
2b87da3b 591
1d7b9b20 592 memset(dst, '\0', dstsize);
2b87da3b 593
daaff4d5 594 /* Always skip prefix if present */
595 if (strncmp(src, "/dev/", 5) == 0)
596 src += 5;
2b87da3b 597
0e8f4eba 598#ifdef WITH_ABBREV_NO_TTY
599 if (strncmp(src, "tty", 3) == 0)
600 src += 3;
601#endif
602
a05a70ab 603 len = strlen(src);
604
daaff4d5 605 if (len > 0) {
606 if (((int)len - dstsize) > 0)
607 src += ((int)len - dstsize);
608
609 /* note: _don't_ change this to strlcpy */
2b87da3b 610 strncpy(dst, src, (size_t)dstsize);
a05a70ab 611 }
2b87da3b 612
fa64c868 613 return (dst);
1d7b9b20 614}
615
1d7b9b20 616/**
617 ** utmp utility functions
564dd50a 618 **
619 ** These functions manipulate struct utmp, taking system differences
620 ** into account.
1d7b9b20 621 **/
622
623#if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN)
624
1d7b9b20 625/* build the utmp structure */
626void
564dd50a 627set_utmp_time(struct logininfo *li, struct utmp *ut)
628{
fa64c868 629# if defined(HAVE_TV_IN_UTMP)
1d7b9b20 630 ut->ut_tv.tv_sec = li->tv_sec;
631 ut->ut_tv.tv_usec = li->tv_usec;
fa64c868 632# elif defined(HAVE_TIME_IN_UTMP)
1d7b9b20 633 ut->ut_time = li->tv_sec;
a05a70ab 634# endif
1d7b9b20 635}
636
637void
638construct_utmp(struct logininfo *li,
564dd50a 639 struct utmp *ut)
640{
9746ee4b 641# ifdef HAVE_ADDR_V6_IN_UTMP
642 struct sockaddr_in6 *sa6;
fa64c868 643# endif
644
dbaa2e87 645 memset(ut, '\0', sizeof(*ut));
5abcdf8e 646
647 /* First fill out fields used for both logins and logouts */
648
a05a70ab 649# ifdef HAVE_ID_IN_UTMP
1d7b9b20 650 line_abbrevname(ut->ut_id, li->line, sizeof(ut->ut_id));
a05a70ab 651# endif
1d7b9b20 652
a05a70ab 653# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 654 /* This is done here to keep utmp constants out of struct logininfo */
1d7b9b20 655 switch (li->type) {
656 case LTYPE_LOGIN:
657 ut->ut_type = USER_PROCESS;
ef51930f 658#ifdef _UNICOS
1a23ac2c 659 cray_set_tmpdir(ut);
660#endif
1d7b9b20 661 break;
662 case LTYPE_LOGOUT:
663 ut->ut_type = DEAD_PROCESS;
ef51930f 664#ifdef _UNICOS
1a23ac2c 665 cray_retain_utmp(ut, li->pid);
666#endif
1d7b9b20 667 break;
668 }
a05a70ab 669# endif
5abcdf8e 670 set_utmp_time(li, ut);
1d7b9b20 671
5abcdf8e 672 line_stripname(ut->ut_line, li->line, sizeof(ut->ut_line));
a05a70ab 673
674# ifdef HAVE_PID_IN_UTMP
1d7b9b20 675 ut->ut_pid = li->pid;
a05a70ab 676# endif
5abcdf8e 677
678 /* If we're logging out, leave all other fields blank */
679 if (li->type == LTYPE_LOGOUT)
fa64c868 680 return;
5abcdf8e 681
a05a70ab 682 /*
683 * These fields are only used when logging in, and are blank
2b87da3b 684 * for logouts.
a05a70ab 685 */
5abcdf8e 686
687 /* Use strncpy because we don't necessarily want null termination */
fa64c868 688 strncpy(ut->ut_name, li->username,
689 MIN_SIZEOF(ut->ut_name, li->username));
a05a70ab 690# ifdef HAVE_HOST_IN_UTMP
fa64c868 691 strncpy(ut->ut_host, li->hostname,
692 MIN_SIZEOF(ut->ut_host, li->hostname));
a05a70ab 693# endif
694# ifdef HAVE_ADDR_IN_UTMP
564dd50a 695 /* this is just a 32-bit IP address */
696 if (li->hostaddr.sa.sa_family == AF_INET)
697 ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
2b87da3b 698# endif
9746ee4b 699# ifdef HAVE_ADDR_V6_IN_UTMP
700 /* this is just a 128-bit IPv6 address */
701 if (li->hostaddr.sa.sa_family == AF_INET6) {
702 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
703 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
704 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
705 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
706 ut->ut_addr_v6[1] = 0;
707 ut->ut_addr_v6[2] = 0;
708 ut->ut_addr_v6[3] = 0;
709 }
710 }
711# endif
564dd50a 712}
a05a70ab 713#endif /* USE_UTMP || USE_WTMP || USE_LOGIN */
564dd50a 714
1d7b9b20 715/**
716 ** utmpx utility functions
564dd50a 717 **
718 ** These functions manipulate struct utmpx, accounting for system
719 ** variations.
1d7b9b20 720 **/
721
722#if defined(USE_UTMPX) || defined (USE_WTMPX)
1d7b9b20 723/* build the utmpx structure */
724void
564dd50a 725set_utmpx_time(struct logininfo *li, struct utmpx *utx)
726{
fa64c868 727# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 728 utx->ut_tv.tv_sec = li->tv_sec;
729 utx->ut_tv.tv_usec = li->tv_usec;
fa64c868 730# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 731 utx->ut_time = li->tv_sec;
fa64c868 732# endif
1d7b9b20 733}
734
735void
564dd50a 736construct_utmpx(struct logininfo *li, struct utmpx *utx)
737{
9746ee4b 738# ifdef HAVE_ADDR_V6_IN_UTMP
739 struct sockaddr_in6 *sa6;
740# endif
dbaa2e87 741 memset(utx, '\0', sizeof(*utx));
fa64c868 742
daaff4d5 743# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 744 line_abbrevname(utx->ut_id, li->line, sizeof(utx->ut_id));
daaff4d5 745# endif
1d7b9b20 746
747 /* this is done here to keep utmp constants out of loginrec.h */
748 switch (li->type) {
749 case LTYPE_LOGIN:
750 utx->ut_type = USER_PROCESS;
751 break;
752 case LTYPE_LOGOUT:
753 utx->ut_type = DEAD_PROCESS;
754 break;
755 }
1d7b9b20 756 line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line));
1d7b9b20 757 set_utmpx_time(li, utx);
5abcdf8e 758 utx->ut_pid = li->pid;
fa64c868 759
f3837bc6 760 /* strncpy(): Don't necessarily want null termination */
5dec7926 761 strncpy(utx->ut_user, li->username,
762 MIN_SIZEOF(utx->ut_user, li->username));
5abcdf8e 763
764 if (li->type == LTYPE_LOGOUT)
765 return;
766
a05a70ab 767 /*
768 * These fields are only used when logging in, and are blank
2b87da3b 769 * for logouts.
a05a70ab 770 */
5abcdf8e 771
a05a70ab 772# ifdef HAVE_HOST_IN_UTMPX
fa64c868 773 strncpy(utx->ut_host, li->hostname,
774 MIN_SIZEOF(utx->ut_host, li->hostname));
a05a70ab 775# endif
776# ifdef HAVE_ADDR_IN_UTMPX
764d4113 777 /* this is just a 32-bit IP address */
778 if (li->hostaddr.sa.sa_family == AF_INET)
779 utx->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
a05a70ab 780# endif
9746ee4b 781# ifdef HAVE_ADDR_V6_IN_UTMP
782 /* this is just a 128-bit IPv6 address */
783 if (li->hostaddr.sa.sa_family == AF_INET6) {
784 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
785 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
786 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
787 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
788 ut->ut_addr_v6[1] = 0;
789 ut->ut_addr_v6[2] = 0;
790 ut->ut_addr_v6[3] = 0;
791 }
792 }
793# endif
a05a70ab 794# ifdef HAVE_SYSLEN_IN_UTMPX
5abcdf8e 795 /* ut_syslen is the length of the utx_host string */
796 utx->ut_syslen = MIN(strlen(li->hostname), sizeof(utx->ut_host));
a05a70ab 797# endif
564dd50a 798}
a05a70ab 799#endif /* USE_UTMPX || USE_WTMPX */
1d7b9b20 800
801/**
564dd50a 802 ** Low-level utmp functions
1d7b9b20 803 **/
804
805/* FIXME: (ATL) utmp_write_direct needs testing */
1d7b9b20 806#ifdef USE_UTMP
807
1d7b9b20 808/* if we can, use pututline() etc. */
a05a70ab 809# if !defined(DISABLE_PUTUTLINE) && defined(HAVE_SETUTENT) && \
810 defined(HAVE_PUTUTLINE)
1d7b9b20 811# define UTMP_USE_LIBRARY
a05a70ab 812# endif
1d7b9b20 813
814
815/* write a utmp entry with the system's help (pututline() and pals) */
a05a70ab 816# ifdef UTMP_USE_LIBRARY
1d7b9b20 817static int
564dd50a 818utmp_write_library(struct logininfo *li, struct utmp *ut)
819{
1d7b9b20 820 setutent();
821 pututline(ut);
a05a70ab 822# ifdef HAVE_ENDUTENT
1d7b9b20 823 endutent();
a05a70ab 824# endif
fa64c868 825 return (1);
564dd50a 826}
a05a70ab 827# else /* UTMP_USE_LIBRARY */
1d7b9b20 828
d1cf9a87 829/*
fa64c868 830 * Write a utmp entry direct to the file
831 * This is a slightly modification of code in OpenBSD's login.c
832 */
1d7b9b20 833static int
564dd50a 834utmp_write_direct(struct logininfo *li, struct utmp *ut)
835{
1d7b9b20 836 struct utmp old_ut;
837 register int fd;
838 int tty;
839
5abcdf8e 840 /* FIXME: (ATL) ttyslot() needs local implementation */
dbaa2e87 841
698d107e 842#if defined(HAVE_GETTTYENT)
fa64c868 843 struct ttyent *ty;
dbaa2e87 844
845 tty=0;
dbaa2e87 846 setttyent();
fa64c868 847 while (NULL != (ty = getttyent())) {
dbaa2e87 848 tty++;
849 if (!strncmp(ty->ty_name, ut->ut_line, sizeof(ut->ut_line)))
850 break;
851 }
852 endttyent();
853
fa64c868 854 if (NULL == ty) {
5f12e050 855 logit("%s: tty not found", __func__);
856 return (0);
dbaa2e87 857 }
858#else /* FIXME */
859
1d7b9b20 860 tty = ttyslot(); /* seems only to work for /dev/ttyp? style names */
861
698d107e 862#endif /* HAVE_GETTTYENT */
dbaa2e87 863
1d7b9b20 864 if (tty > 0 && (fd = open(UTMP_FILE, O_RDWR|O_CREAT, 0644)) >= 0) {
5f12e050 865 off_t pos, ret;
866
867 pos = (off_t)tty * sizeof(struct utmp);
868 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 869 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 870 return (0);
871 }
872 if (ret != pos) {
d1cf9a87 873 logit("%s: Couldn't seek to tty %d slot in %s",
f6d20d59 874 __func__, tty, UTMP_FILE);
5f12e050 875 return (0);
876 }
1d7b9b20 877 /*
878 * Prevent luser from zero'ing out ut_host.
879 * If the new ut_line is empty but the old one is not
dc2a6d09 880 * and ut_line and ut_name match, preserve the old ut_line.
1d7b9b20 881 */
2b87da3b 882 if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) &&
fa64c868 883 (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') &&
884 (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) &&
885 (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0))
886 memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host));
2b87da3b 887
5f12e050 888 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 889 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 890 return (0);
891 }
892 if (ret != pos) {
f6d20d59 893 logit("%s: Couldn't seek to tty %d slot in %s",
5f12e050 894 __func__, tty, UTMP_FILE);
895 return (0);
896 }
fa64c868 897 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
5f12e050 898 logit("%s: error writing %s: %s", __func__,
5abcdf8e 899 UTMP_FILE, strerror(errno));
fa64c868 900 }
2b87da3b 901
fa64c868 902 close(fd);
903 return (1);
9f32ceb4 904 } else {
fa64c868 905 return (0);
9f32ceb4 906 }
564dd50a 907}
a05a70ab 908# endif /* UTMP_USE_LIBRARY */
1d7b9b20 909
910static int
564dd50a 911utmp_perform_login(struct logininfo *li)
912{
1d7b9b20 913 struct utmp ut;
914
915 construct_utmp(li, &ut);
a05a70ab 916# ifdef UTMP_USE_LIBRARY
1d7b9b20 917 if (!utmp_write_library(li, &ut)) {
a233586b 918 logit("%s: utmp_write_library() failed", __func__);
fa64c868 919 return (0);
1d7b9b20 920 }
a05a70ab 921# else
1d7b9b20 922 if (!utmp_write_direct(li, &ut)) {
a233586b 923 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 924 return (0);
1d7b9b20 925 }
a05a70ab 926# endif
fa64c868 927 return (1);
564dd50a 928}
1d7b9b20 929
930
931static int
564dd50a 932utmp_perform_logout(struct logininfo *li)
933{
1d7b9b20 934 struct utmp ut;
935
5abcdf8e 936 construct_utmp(li, &ut);
a05a70ab 937# ifdef UTMP_USE_LIBRARY
5abcdf8e 938 if (!utmp_write_library(li, &ut)) {
a233586b 939 logit("%s: utmp_write_library() failed", __func__);
fa64c868 940 return (0);
5abcdf8e 941 }
a05a70ab 942# else
5abcdf8e 943 if (!utmp_write_direct(li, &ut)) {
a233586b 944 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 945 return (0);
5abcdf8e 946 }
a05a70ab 947# endif
fa64c868 948 return (1);
564dd50a 949}
1d7b9b20 950
951
952int
564dd50a 953utmp_write_entry(struct logininfo *li)
954{
1d7b9b20 955 switch(li->type) {
956 case LTYPE_LOGIN:
fa64c868 957 return (utmp_perform_login(li));
1d7b9b20 958
959 case LTYPE_LOGOUT:
fa64c868 960 return (utmp_perform_logout(li));
1d7b9b20 961
962 default:
a233586b 963 logit("%s: invalid type field", __func__);
fa64c868 964 return (0);
1d7b9b20 965 }
564dd50a 966}
a05a70ab 967#endif /* USE_UTMP */
1d7b9b20 968
969
970/**
564dd50a 971 ** Low-level utmpx functions
1d7b9b20 972 **/
973
974/* not much point if we don't want utmpx entries */
975#ifdef USE_UTMPX
976
1d7b9b20 977/* if we have the wherewithall, use pututxline etc. */
a05a70ab 978# if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \
979 defined(HAVE_PUTUTXLINE)
1d7b9b20 980# define UTMPX_USE_LIBRARY
a05a70ab 981# endif
1d7b9b20 982
983
984/* write a utmpx entry with the system's help (pututxline() and pals) */
a05a70ab 985# ifdef UTMPX_USE_LIBRARY
1d7b9b20 986static int
564dd50a 987utmpx_write_library(struct logininfo *li, struct utmpx *utx)
988{
1d7b9b20 989 setutxent();
990 pututxline(utx);
991
a05a70ab 992# ifdef HAVE_ENDUTXENT
1d7b9b20 993 endutxent();
a05a70ab 994# endif
fa64c868 995 return (1);
564dd50a 996}
1d7b9b20 997
a05a70ab 998# else /* UTMPX_USE_LIBRARY */
1d7b9b20 999
1000/* write a utmp entry direct to the file */
1001static int
564dd50a 1002utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
2b87da3b 1003{
a233586b 1004 logit("%s: not implemented!", __func__);
fa64c868 1005 return (0);
564dd50a 1006}
a05a70ab 1007# endif /* UTMPX_USE_LIBRARY */
1d7b9b20 1008
1009static int
564dd50a 1010utmpx_perform_login(struct logininfo *li)
1011{
1d7b9b20 1012 struct utmpx utx;
1013
1014 construct_utmpx(li, &utx);
a05a70ab 1015# ifdef UTMPX_USE_LIBRARY
1d7b9b20 1016 if (!utmpx_write_library(li, &utx)) {
a233586b 1017 logit("%s: utmp_write_library() failed", __func__);
fa64c868 1018 return (0);
1d7b9b20 1019 }
a05a70ab 1020# else
1d7b9b20 1021 if (!utmpx_write_direct(li, &ut)) {
a233586b 1022 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 1023 return (0);
1d7b9b20 1024 }
a05a70ab 1025# endif
fa64c868 1026 return (1);
564dd50a 1027}
1d7b9b20 1028
1029
1030static int
564dd50a 1031utmpx_perform_logout(struct logininfo *li)
1032{
1d7b9b20 1033 struct utmpx utx;
1034
f3837bc6 1035 construct_utmpx(li, &utx);
a05a70ab 1036# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 1037 line_abbrevname(utx.ut_id, li->line, sizeof(utx.ut_id));
a05a70ab 1038# endif
1039# ifdef HAVE_TYPE_IN_UTMPX
1d7b9b20 1040 utx.ut_type = DEAD_PROCESS;
a05a70ab 1041# endif
1d7b9b20 1042
a05a70ab 1043# ifdef UTMPX_USE_LIBRARY
1d7b9b20 1044 utmpx_write_library(li, &utx);
a05a70ab 1045# else
1d7b9b20 1046 utmpx_write_direct(li, &utx);
a05a70ab 1047# endif
fa64c868 1048 return (1);
564dd50a 1049}
1d7b9b20 1050
1d7b9b20 1051int
564dd50a 1052utmpx_write_entry(struct logininfo *li)
1053{
1d7b9b20 1054 switch(li->type) {
1055 case LTYPE_LOGIN:
fa64c868 1056 return (utmpx_perform_login(li));
1d7b9b20 1057 case LTYPE_LOGOUT:
fa64c868 1058 return (utmpx_perform_logout(li));
1d7b9b20 1059 default:
a233586b 1060 logit("%s: invalid type field", __func__);
fa64c868 1061 return (0);
1d7b9b20 1062 }
564dd50a 1063}
a05a70ab 1064#endif /* USE_UTMPX */
1d7b9b20 1065
1066
1067/**
564dd50a 1068 ** Low-level wtmp functions
1d7b9b20 1069 **/
1070
2b87da3b 1071#ifdef USE_WTMP
1d7b9b20 1072
d1cf9a87 1073/*
fa64c868 1074 * Write a wtmp entry direct to the end of the file
1075 * This is a slight modification of code in OpenBSD's logwtmp.c
1076 */
1d7b9b20 1077static int
564dd50a 1078wtmp_write(struct logininfo *li, struct utmp *ut)
1079{
1d7b9b20 1080 struct stat buf;
1081 int fd, ret = 1;
1082
1083 if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
a233586b 1084 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1085 WTMP_FILE, strerror(errno));
fa64c868 1086 return (0);
1d7b9b20 1087 }
2b87da3b 1088 if (fstat(fd, &buf) == 0)
d72f7b79 1089 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
1d7b9b20 1090 ftruncate(fd, buf.st_size);
a233586b 1091 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1092 WTMP_FILE, strerror(errno));
1093 ret = 0;
1094 }
fa64c868 1095 close(fd);
1096 return (ret);
564dd50a 1097}
1d7b9b20 1098
1d7b9b20 1099static int
a05a70ab 1100wtmp_perform_login(struct logininfo *li)
1101{
1d7b9b20 1102 struct utmp ut;
1103
1104 construct_utmp(li, &ut);
fa64c868 1105 return (wtmp_write(li, &ut));
564dd50a 1106}
1d7b9b20 1107
1108
1109static int
564dd50a 1110wtmp_perform_logout(struct logininfo *li)
1111{
1d7b9b20 1112 struct utmp ut;
1113
1114 construct_utmp(li, &ut);
fa64c868 1115 return (wtmp_write(li, &ut));
564dd50a 1116}
1d7b9b20 1117
1118
1119int
564dd50a 1120wtmp_write_entry(struct logininfo *li)
1121{
1d7b9b20 1122 switch(li->type) {
1123 case LTYPE_LOGIN:
fa64c868 1124 return (wtmp_perform_login(li));
1d7b9b20 1125 case LTYPE_LOGOUT:
fa64c868 1126 return (wtmp_perform_logout(li));
1d7b9b20 1127 default:
a233586b 1128 logit("%s: invalid type field", __func__);
fa64c868 1129 return (0);
1d7b9b20 1130 }
564dd50a 1131}
1d7b9b20 1132
1133
d1cf9a87 1134/*
fa64c868 1135 * Notes on fetching login data from wtmp/wtmpx
2b87da3b 1136 *
5abcdf8e 1137 * Logouts are usually recorded with (amongst other things) a blank
1138 * username on a given tty line. However, some systems (HP-UX is one)
1139 * leave all fields set, but change the ut_type field to DEAD_PROCESS.
1140 *
1141 * Since we're only looking for logins here, we know that the username
1142 * must be set correctly. On systems that leave it in, we check for
1143 * ut_type==USER_PROCESS (indicating a login.)
1144 *
1145 * Portability: Some systems may set something other than USER_PROCESS
1146 * to indicate a login process. I don't know of any as I write. Also,
1147 * it's possible that some systems may both leave the username in
1148 * place and not have ut_type.
1149 */
1150
5abcdf8e 1151/* return true if this wtmp entry indicates a login */
1152static int
1153wtmp_islogin(struct logininfo *li, struct utmp *ut)
1154{
2b87da3b 1155 if (strncmp(li->username, ut->ut_name,
fa64c868 1156 MIN_SIZEOF(li->username, ut->ut_name)) == 0) {
a05a70ab 1157# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 1158 if (ut->ut_type & USER_PROCESS)
fa64c868 1159 return (1);
a05a70ab 1160# else
fa64c868 1161 return (1);
a05a70ab 1162# endif
5abcdf8e 1163 }
fa64c868 1164 return (0);
5abcdf8e 1165}
1166
1d7b9b20 1167int
564dd50a 1168wtmp_get_entry(struct logininfo *li)
1169{
1d7b9b20 1170 struct stat st;
1171 struct utmp ut;
fa64c868 1172 int fd, found = 0;
5abcdf8e 1173
1174 /* Clear the time entries in our logininfo */
1175 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1176
1177 if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) {
d1cf9a87 1178 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1179 WTMP_FILE, strerror(errno));
fa64c868 1180 return (0);
1d7b9b20 1181 }
2b87da3b 1182 if (fstat(fd, &st) != 0) {
d1cf9a87 1183 logit("%s: couldn't stat %s: %s", __func__,
1d7b9b20 1184 WTMP_FILE, strerror(errno));
1185 close(fd);
fa64c868 1186 return (0);
1d7b9b20 1187 }
1d7b9b20 1188
5abcdf8e 1189 /* Seek to the start of the last struct utmp */
d9d47a26 1190 if (lseek(fd, -(off_t)sizeof(struct utmp), SEEK_END) == -1) {
5abcdf8e 1191 /* Looks like we've got a fresh wtmp file */
1192 close(fd);
fa64c868 1193 return (0);
5abcdf8e 1194 }
1195
1196 while (!found) {
9f32ceb4 1197 if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) {
d1cf9a87 1198 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1199 WTMP_FILE, strerror(errno));
1200 close (fd);
fa64c868 1201 return (0);
1d7b9b20 1202 }
5abcdf8e 1203 if ( wtmp_islogin(li, &ut) ) {
1204 found = 1;
fa64c868 1205 /*
1206 * We've already checked for a time in struct
1207 * utmp, in login_getlast()
1208 */
a05a70ab 1209# ifdef HAVE_TIME_IN_UTMP
1d7b9b20 1210 li->tv_sec = ut.ut_time;
a05a70ab 1211# else
1d7b9b20 1212# if HAVE_TV_IN_UTMP
1213 li->tv_sec = ut.ut_tv.tv_sec;
1214# endif
a05a70ab 1215# endif
5abcdf8e 1216 line_fullname(li->line, ut.ut_line,
fa64c868 1217 MIN_SIZEOF(li->line, ut.ut_line));
a05a70ab 1218# ifdef HAVE_HOST_IN_UTMP
5abcdf8e 1219 strlcpy(li->hostname, ut.ut_host,
fa64c868 1220 MIN_SIZEOF(li->hostname, ut.ut_host));
a05a70ab 1221# endif
5abcdf8e 1222 continue;
1d7b9b20 1223 }
5abcdf8e 1224 /* Seek back 2 x struct utmp */
d9d47a26 1225 if (lseek(fd, -(off_t)(2 * sizeof(struct utmp)), SEEK_CUR) == -1) {
5abcdf8e 1226 /* We've found the start of the file, so quit */
fa64c868 1227 close(fd);
1228 return (0);
1d7b9b20 1229 }
5abcdf8e 1230 }
1231
1232 /* We found an entry. Tidy up and return */
1233 close(fd);
fa64c868 1234 return (1);
564dd50a 1235}
a05a70ab 1236# endif /* USE_WTMP */
1d7b9b20 1237
1238
1239/**
564dd50a 1240 ** Low-level wtmpx functions
1d7b9b20 1241 **/
1242
1243#ifdef USE_WTMPX
fa64c868 1244/*
1245 * Write a wtmpx entry direct to the end of the file
1246 * This is a slight modification of code in OpenBSD's logwtmp.c
1247 */
1d7b9b20 1248static int
564dd50a 1249wtmpx_write(struct logininfo *li, struct utmpx *utx)
1250{
41c64c91 1251#ifndef HAVE_UPDWTMPX
1d7b9b20 1252 struct stat buf;
1253 int fd, ret = 1;
1254
1255 if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
d1cf9a87 1256 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1257 WTMPX_FILE, strerror(errno));
fa64c868 1258 return (0);
1d7b9b20 1259 }
1260
2b87da3b 1261 if (fstat(fd, &buf) == 0)
d72f7b79 1262 if (atomicio(vwrite, fd, utx, sizeof(*utx)) != sizeof(*utx)) {
1d7b9b20 1263 ftruncate(fd, buf.st_size);
a233586b 1264 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1265 WTMPX_FILE, strerror(errno));
1266 ret = 0;
1267 }
fa64c868 1268 close(fd);
1d7b9b20 1269
fa64c868 1270 return (ret);
41c64c91 1271#else
1272 updwtmpx(WTMPX_FILE, utx);
fa64c868 1273 return (1);
41c64c91 1274#endif
564dd50a 1275}
1d7b9b20 1276
1277
1278static int
564dd50a 1279wtmpx_perform_login(struct logininfo *li)
1280{
1d7b9b20 1281 struct utmpx utx;
1282
1283 construct_utmpx(li, &utx);
fa64c868 1284 return (wtmpx_write(li, &utx));
564dd50a 1285}
1d7b9b20 1286
1287
1288static int
564dd50a 1289wtmpx_perform_logout(struct logininfo *li)
1290{
1d7b9b20 1291 struct utmpx utx;
1292
1293 construct_utmpx(li, &utx);
fa64c868 1294 return (wtmpx_write(li, &utx));
564dd50a 1295}
1d7b9b20 1296
1297
1298int
564dd50a 1299wtmpx_write_entry(struct logininfo *li)
1300{
1d7b9b20 1301 switch(li->type) {
1302 case LTYPE_LOGIN:
fa64c868 1303 return (wtmpx_perform_login(li));
1d7b9b20 1304 case LTYPE_LOGOUT:
fa64c868 1305 return (wtmpx_perform_logout(li));
1d7b9b20 1306 default:
a233586b 1307 logit("%s: invalid type field", __func__);
fa64c868 1308 return (0);
1d7b9b20 1309 }
564dd50a 1310}
1d7b9b20 1311
5abcdf8e 1312/* Please see the notes above wtmp_islogin() for information about the
1313 next two functions */
1314
1315/* Return true if this wtmpx entry indicates a login */
1316static int
1317wtmpx_islogin(struct logininfo *li, struct utmpx *utx)
1318{
5dec7926 1319 if (strncmp(li->username, utx->ut_user,
1320 MIN_SIZEOF(li->username, utx->ut_user)) == 0 ) {
a05a70ab 1321# ifdef HAVE_TYPE_IN_UTMPX
5abcdf8e 1322 if (utx->ut_type == USER_PROCESS)
fa64c868 1323 return (1);
a05a70ab 1324# else
fa64c868 1325 return (1);
a05a70ab 1326# endif
5abcdf8e 1327 }
fa64c868 1328 return (0);
5abcdf8e 1329}
1330
1d7b9b20 1331
1332int
564dd50a 1333wtmpx_get_entry(struct logininfo *li)
1334{
1d7b9b20 1335 struct stat st;
1336 struct utmpx utx;
5abcdf8e 1337 int fd, found=0;
1338
1339 /* Clear the time entries */
1340 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1341
1342 if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) {
d1cf9a87 1343 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1344 WTMPX_FILE, strerror(errno));
fa64c868 1345 return (0);
1d7b9b20 1346 }
2b87da3b 1347 if (fstat(fd, &st) != 0) {
d1cf9a87 1348 logit("%s: couldn't stat %s: %s", __func__,
fdebdd4f 1349 WTMPX_FILE, strerror(errno));
1d7b9b20 1350 close(fd);
fa64c868 1351 return (0);
1d7b9b20 1352 }
2b87da3b 1353
5abcdf8e 1354 /* Seek to the start of the last struct utmpx */
d9d47a26 1355 if (lseek(fd, -(off_t)sizeof(struct utmpx), SEEK_END) == -1 ) {
5abcdf8e 1356 /* probably a newly rotated wtmpx file */
1357 close(fd);
fa64c868 1358 return (0);
5abcdf8e 1359 }
1d7b9b20 1360
5abcdf8e 1361 while (!found) {
9f32ceb4 1362 if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) {
d1cf9a87 1363 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1364 WTMPX_FILE, strerror(errno));
1365 close (fd);
fa64c868 1366 return (0);
1d7b9b20 1367 }
fa64c868 1368 /*
d1cf9a87 1369 * Logouts are recorded as a blank username on a particular
fa64c868 1370 * line. So, we just need to find the username in struct utmpx
1371 */
1372 if (wtmpx_islogin(li, &utx)) {
d80063fe 1373 found = 1;
fa64c868 1374# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 1375 li->tv_sec = utx.ut_tv.tv_sec;
fa64c868 1376# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 1377 li->tv_sec = utx.ut_time;
a05a70ab 1378# endif
a4d05724 1379 line_fullname(li->line, utx.ut_line, sizeof(li->line));
fa64c868 1380# if defined(HAVE_HOST_IN_UTMPX)
5abcdf8e 1381 strlcpy(li->hostname, utx.ut_host,
fa64c868 1382 MIN_SIZEOF(li->hostname, utx.ut_host));
a05a70ab 1383# endif
5abcdf8e 1384 continue;
1d7b9b20 1385 }
d9d47a26 1386 if (lseek(fd, -(off_t)(2 * sizeof(struct utmpx)), SEEK_CUR) == -1) {
fa64c868 1387 close(fd);
1388 return (0);
1d7b9b20 1389 }
5abcdf8e 1390 }
1391
1392 close(fd);
fa64c868 1393 return (1);
564dd50a 1394}
f988dce5 1395#endif /* USE_WTMPX */
1d7b9b20 1396
1d7b9b20 1397/**
564dd50a 1398 ** Low-level libutil login() functions
1d7b9b20 1399 **/
1400
1401#ifdef USE_LOGIN
1d7b9b20 1402static int
564dd50a 1403syslogin_perform_login(struct logininfo *li)
1404{
1d7b9b20 1405 struct utmp *ut;
1406
7a52470e 1407 ut = xmalloc(sizeof(*ut));
1d7b9b20 1408 construct_utmp(li, ut);
1409 login(ut);
6cef88bc 1410 free(ut);
1d7b9b20 1411
fa64c868 1412 return (1);
564dd50a 1413}
1d7b9b20 1414
564dd50a 1415static int
1416syslogin_perform_logout(struct logininfo *li)
1417{
a05a70ab 1418# ifdef HAVE_LOGOUT
f20d4564 1419 char line[UT_LINESIZE];
2b87da3b 1420
1d7b9b20 1421 (void)line_stripname(line, li->line, sizeof(line));
1422
fa64c868 1423 if (!logout(line))
a233586b 1424 logit("%s: logout() returned an error", __func__);
a05a70ab 1425# ifdef HAVE_LOGWTMP
fa64c868 1426 else
1d7b9b20 1427 logwtmp(line, "", "");
a05a70ab 1428# endif
5abcdf8e 1429 /* FIXME: (ATL - if the need arises) What to do if we have
1430 * login, but no logout? what if logout but no logwtmp? All
1431 * routines are in libutil so they should all be there,
1432 * but... */
a05a70ab 1433# endif
fa64c868 1434 return (1);
564dd50a 1435}
1d7b9b20 1436
1d7b9b20 1437int
564dd50a 1438syslogin_write_entry(struct logininfo *li)
1439{
1d7b9b20 1440 switch (li->type) {
1441 case LTYPE_LOGIN:
fa64c868 1442 return (syslogin_perform_login(li));
1d7b9b20 1443 case LTYPE_LOGOUT:
fa64c868 1444 return (syslogin_perform_logout(li));
1d7b9b20 1445 default:
a233586b 1446 logit("%s: Invalid type field", __func__);
fa64c868 1447 return (0);
1d7b9b20 1448 }
564dd50a 1449}
f988dce5 1450#endif /* USE_LOGIN */
1d7b9b20 1451
1452/* end of file log-syslogin.c */
1453
1d7b9b20 1454/**
564dd50a 1455 ** Low-level lastlog functions
1d7b9b20 1456 **/
1457
1458#ifdef USE_LASTLOG
1d7b9b20 1459
295dd642 1460#if !defined(LASTLOG_WRITE_PUTUTXLINE) || !defined(HAVE_GETLASTLOGXBYNAME)
1461/* open the file (using filemode) and seek to the login entry */
1d7b9b20 1462static int
295dd642 1463lastlog_openseek(struct logininfo *li, int *fd, int filemode)
564dd50a 1464{
295dd642 1465 off_t offset;
1466 char lastlog_file[1024];
1d7b9b20 1467 struct stat st;
1468
a05a70ab 1469 if (stat(LASTLOG_FILE, &st) != 0) {
a233586b 1470 logit("%s: Couldn't stat %s: %s", __func__,
fa64c868 1471 LASTLOG_FILE, strerror(errno));
1472 return (0);
1d7b9b20 1473 }
295dd642 1474 if (S_ISDIR(st.st_mode)) {
fa64c868 1475 snprintf(lastlog_file, sizeof(lastlog_file), "%s/%s",
1476 LASTLOG_FILE, li->username);
295dd642 1477 } else if (S_ISREG(st.st_mode)) {
1478 strlcpy(lastlog_file, LASTLOG_FILE, sizeof(lastlog_file));
1479 } else {
a233586b 1480 logit("%s: %.100s is not a file or directory!", __func__,
fa64c868 1481 LASTLOG_FILE);
1482 return (0);
a05a70ab 1483 }
1d7b9b20 1484
ee476051 1485 *fd = open(lastlog_file, filemode, 0600);
fa64c868 1486 if (*fd < 0) {
a233586b 1487 debug("%s: Couldn't open %s: %s", __func__,
1d7b9b20 1488 lastlog_file, strerror(errno));
fa64c868 1489 return (0);
1d7b9b20 1490 }
2b87da3b 1491
295dd642 1492 if (S_ISREG(st.st_mode)) {
d93a7e5a 1493 /* find this uid's offset in the lastlog file */
d9d47a26 1494 offset = (off_t) ((long)li->uid * sizeof(struct lastlog));
1d7b9b20 1495
fa64c868 1496 if (lseek(*fd, offset, SEEK_SET) != offset) {
a233586b 1497 logit("%s: %s->lseek(): %s", __func__,
1498 lastlog_file, strerror(errno));
fa64c868 1499 return (0);
d93a7e5a 1500 }
1d7b9b20 1501 }
2b87da3b 1502
fa64c868 1503 return (1);
564dd50a 1504}
295dd642 1505#endif /* !LASTLOG_WRITE_PUTUTXLINE || !HAVE_GETLASTLOGXBYNAME */
1d7b9b20 1506
295dd642 1507#ifdef LASTLOG_WRITE_PUTUTXLINE
1508int
1509lastlog_write_entry(struct logininfo *li)
564dd50a 1510{
295dd642 1511 switch(li->type) {
1512 case LTYPE_LOGIN:
1513 return 1; /* lastlog written by pututxline */
1514 default:
1515 logit("lastlog_write_entry: Invalid type field");
1516 return 0;
a05a70ab 1517 }
564dd50a 1518}
295dd642 1519#else /* LASTLOG_WRITE_PUTUTXLINE */
1d7b9b20 1520int
564dd50a 1521lastlog_write_entry(struct logininfo *li)
1522{
295dd642 1523 struct lastlog last;
1524 int fd;
1525
1d7b9b20 1526 switch(li->type) {
1527 case LTYPE_LOGIN:
295dd642 1528 /* create our struct lastlog */
1529 memset(&last, '\0', sizeof(last));
1530 line_stripname(last.ll_line, li->line, sizeof(last.ll_line));
1531 strlcpy(last.ll_host, li->hostname,
1532 MIN_SIZEOF(last.ll_host, li->hostname));
1533 last.ll_time = li->tv_sec;
1534
1535 if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT))
1536 return (0);
1537
1538 /* write the entry */
1539 if (atomicio(vwrite, fd, &last, sizeof(last)) != sizeof(last)) {
1540 close(fd);
1541 logit("%s: Error writing to %s: %s", __func__,
1542 LASTLOG_FILE, strerror(errno));
1543 return (0);
1544 }
1545
1546 close(fd);
1547 return (1);
1d7b9b20 1548 default:
a233586b 1549 logit("%s: Invalid type field", __func__);
fa64c868 1550 return (0);
1d7b9b20 1551 }
564dd50a 1552}
295dd642 1553#endif /* LASTLOG_WRITE_PUTUTXLINE */
1d7b9b20 1554
295dd642 1555#ifdef HAVE_GETLASTLOGXBYNAME
1556int
1557lastlog_get_entry(struct logininfo *li)
564dd50a 1558{
295dd642 1559 struct lastlogx l, *ll;
1d7b9b20 1560
295dd642 1561 if ((ll = getlastlogxbyname(li->username, &l)) == NULL) {
1562 memset(&l, '\0', sizeof(l));
1563 ll = &l;
1564 }
1565 line_fullname(li->line, ll->ll_line, sizeof(li->line));
1566 strlcpy(li->hostname, ll->ll_host,
1567 MIN_SIZEOF(li->hostname, ll->ll_host));
1568 li->tv_sec = ll->ll_tv.tv_sec;
1569 li->tv_usec = ll->ll_tv.tv_usec;
1570 return (1);
1571}
1572#else /* HAVE_GETLASTLOGXBYNAME */
1d7b9b20 1573int
564dd50a 1574lastlog_get_entry(struct logininfo *li)
1575{
1d7b9b20 1576 struct lastlog last;
ed05a983 1577 int fd, ret;
1d7b9b20 1578
ce49121d 1579 if (!lastlog_openseek(li, &fd, O_RDONLY))
ed05a983 1580 return (0);
ce49121d 1581
ed05a983 1582 ret = atomicio(read, fd, &last, sizeof(last));
ce49121d 1583 close(fd);
1584
ed05a983 1585 switch (ret) {
1586 case 0:
1587 memset(&last, '\0', sizeof(last));
1588 /* FALLTHRU */
1589 case sizeof(last):
295dd642 1590 line_fullname(li->line, last.ll_line, sizeof(li->line));
1591 strlcpy(li->hostname, last.ll_host,
1592 MIN_SIZEOF(li->hostname, last.ll_host));
1593 li->tv_sec = last.ll_time;
ed05a983 1594 return (1);
1595 case -1:
aff51935 1596 error("%s: Error reading from %s: %s", __func__,
ed05a983 1597 LASTLOG_FILE, strerror(errno));
1598 return (0);
1599 default:
1600 error("%s: Error reading from %s: Expecting %d, got %d",
dfde7f6e 1601 __func__, LASTLOG_FILE, (int)sizeof(last), ret);
ed05a983 1602 return (0);
1603 }
ce49121d 1604
ed05a983 1605 /* NOTREACHED */
1606 return (0);
564dd50a 1607}
295dd642 1608#endif /* HAVE_GETLASTLOGXBYNAME */
f988dce5 1609#endif /* USE_LASTLOG */
b6610e8f 1610
1611#ifdef USE_BTMP
1612 /*
1613 * Logs failed login attempts in _PATH_BTMP if that exists.
1614 * The most common login failure is to give password instead of username.
1615 * So the _PATH_BTMP file checked for the correct permission, so that
1616 * only root can read it.
1617 */
1618
1619void
1620record_failed_login(const char *username, const char *hostname,
1621 const char *ttyn)
1622{
1623 int fd;
1624 struct utmp ut;
1625 struct sockaddr_storage from;
dfde7f6e 1626 socklen_t fromlen = sizeof(from);
b6610e8f 1627 struct sockaddr_in *a4;
1628 struct sockaddr_in6 *a6;
1629 time_t t;
1630 struct stat fst;
1631
1632 if (geteuid() != 0)
1633 return;
1634 if ((fd = open(_PATH_BTMP, O_WRONLY | O_APPEND)) < 0) {
1635 debug("Unable to open the btmp file %s: %s", _PATH_BTMP,
1636 strerror(errno));
1637 return;
1638 }
1639 if (fstat(fd, &fst) < 0) {
1640 logit("%s: fstat of %s failed: %s", __func__, _PATH_BTMP,
1641 strerror(errno));
1642 goto out;
1643 }
1644 if((fst.st_mode & (S_IRWXG | S_IRWXO)) || (fst.st_uid != 0)){
1645 logit("Excess permission or bad ownership on file %s",
1646 _PATH_BTMP);
1647 goto out;
1648 }
1649
1650 memset(&ut, 0, sizeof(ut));
1651 /* strncpy because we don't necessarily want nul termination */
1652 strncpy(ut.ut_user, username, sizeof(ut.ut_user));
1653 strlcpy(ut.ut_line, "ssh:notty", sizeof(ut.ut_line));
1654
1655 time(&t);
1656 ut.ut_time = t; /* ut_time is not always a time_t */
1657 ut.ut_type = LOGIN_PROCESS;
1658 ut.ut_pid = getpid();
1659
1660 /* strncpy because we don't necessarily want nul termination */
1661 strncpy(ut.ut_host, hostname, sizeof(ut.ut_host));
1662
1663 if (packet_connection_is_on_socket() &&
1664 getpeername(packet_get_connection_in(),
1665 (struct sockaddr *)&from, &fromlen) == 0) {
1666 ipv64_normalise_mapped(&from, &fromlen);
1667 if (from.ss_family == AF_INET) {
1668 a4 = (struct sockaddr_in *)&from;
1669 memcpy(&ut.ut_addr, &(a4->sin_addr),
1670 MIN_SIZEOF(ut.ut_addr, a4->sin_addr));
1671 }
1672#ifdef HAVE_ADDR_V6_IN_UTMP
1673 if (from.ss_family == AF_INET6) {
1674 a6 = (struct sockaddr_in6 *)&from;
1675 memcpy(&ut.ut_addr_v6, &(a6->sin6_addr),
1676 MIN_SIZEOF(ut.ut_addr_v6, a6->sin6_addr));
1677 }
1678#endif
1679 }
1680
1681 if (atomicio(vwrite, fd, &ut, sizeof(ut)) != sizeof(ut))
1682 error("Failed to write to %s: %s", _PATH_BTMP,
1683 strerror(errno));
1684
1685out:
1686 close(fd);
1687}
1688#endif /* USE_BTMP */
git-cvsimport mirror of OpenSSH
This page took 0.552372 seconds and 5 git commands to generate.