[openssh.git] / sshlogin.c

/* $OpenBSD: sshlogin.c,v 1.26 2007/09/11 15:47:17 gilles Exp $ */
/*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 * This file performs some of the things login(1) normally does.  We cannot
 * easily use something like login -p -h host -f user, because there are
 * several different logins around, and it is hard to determined what kind of
 * login the current system has.  Also, we want to be able to execute commands
 * on a tty.
 *
 * As far as I am concerned, the code I have written for this software
 * can be used freely for any purpose.  Any derived versions of this
 * software must be clearly marked as such, and if the derived work is
 * incompatible with the protocol description in the RFC file, it must be
 * called by a name other than "ssh" or "Secure Shell".
 *
 * Copyright (c) 1999 Theo de Raadt.  All rights reserved.
 * Copyright (c) 1999 Markus Friedl.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "includes.h"

#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>

#include <netinet/in.h>

#include <errno.h>
#include <fcntl.h>
#include <stdarg.h>
#include <stdio.h>
#include <string.h>
#include <time.h>
#include <unistd.h>

#include "loginrec.h"
#include "log.h"
#include "buffer.h"
#include "servconf.h"

extern Buffer loginmsg;
extern ServerOptions options;

/*
 * Returns the time when the user last logged in.  Returns 0 if the
 * information is not available.  This must be called before record_login.
 * The host the user logged in from will be returned in buf.
 */
time_t
get_last_login_time(uid_t uid, const char *logname,
    char *buf, size_t bufsize)
{
	struct logininfo li;

	login_get_lastlog(&li, uid);
	strlcpy(buf, li.hostname, bufsize);
	return (time_t)li.tv_sec;
}

/*
 * Generate and store last login message.  This must be done before
 * login_login() is called and lastlog is updated.
 */
static void
store_lastlog_message(const char *user, uid_t uid)
{
#ifndef NO_SSH_LASTLOG
	char *time_string, hostname[MAXHOSTNAMELEN] = "", buf[512];
	time_t last_login_time;

	if (!options.print_lastlog)
		return;

# ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG
	time_string = sys_auth_get_lastlogin_msg(user, uid);
	if (time_string != NULL) {
		buffer_append(&loginmsg, time_string, strlen(time_string));
		xfree(time_string);
	}
# else
	last_login_time = get_last_login_time(uid, user, hostname,
	    sizeof(hostname));

	if (last_login_time != 0) {
		time_string = ctime(&last_login_time);
		time_string[strcspn(time_string, "\n")] = '\0';
		if (strcmp(hostname, "") == 0)
			snprintf(buf, sizeof(buf), "Last login: %s\r\n",
			    time_string);
		else
			snprintf(buf, sizeof(buf), "Last login: %s from %s\r\n",
			    time_string, hostname);
		buffer_append(&loginmsg, buf, strlen(buf));
	}
# endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */
#endif /* NO_SSH_LASTLOG */
}

/*
 * Records that the user has logged in.  I wish these parts of operating
 * systems were more standardized.
 */
void
record_login(pid_t pid, const char *tty, const char *user, uid_t uid,
    const char *host, struct sockaddr *addr, socklen_t addrlen)
{
	struct logininfo *li;

	/* save previous login details before writing new */
	store_lastlog_message(user, uid);

	li = login_alloc_entry(pid, user, host, tty);
	login_set_addr(li, addr, addrlen);
	login_login(li);
	login_free_entry(li);
}

#ifdef LOGIN_NEEDS_UTMPX
void
record_utmp_only(pid_t pid, const char *ttyname, const char *user,
		 const char *host, struct sockaddr *addr, socklen_t addrlen)
{
	struct logininfo *li;

	li = login_alloc_entry(pid, user, host, ttyname);
	login_set_addr(li, addr, addrlen);
	login_utmp_only(li);
	login_free_entry(li);
}
#endif

/* Records that the user has logged out. */
void
record_logout(pid_t pid, const char *tty, const char *user)
{
	struct logininfo *li;

	li = login_alloc_entry(pid, user, NULL, tty);
	login_logout(li);
	login_free_entry(li);
}
Commit	Line	Data
b05117ac	1	/* $OpenBSD: sshlogin.c,v 1.26 2007/09/11 15:47:17 gilles Exp $ */
8efc0c15	2	/*
5260325f	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
5260325f	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5260325f	5	* All rights reserved
5260325f	6	* This file performs some of the things login(1) normally does. We cannot
	7	* easily use something like login -p -h host -f user, because there are
	8	* several different logins around, and it is hard to determined what kind of
	9	* login the current system has. Also, we want to be able to execute commands
	10	* on a tty.
6ae2364d	11	*
bcbf86ec	12	* As far as I am concerned, the code I have written for this software
	13	* can be used freely for any purpose. Any derived versions of this
	14	* software must be clearly marked as such, and if the derived work is
	15	* incompatible with the protocol description in the RFC file, it must be
	16	* called by a name other than "ssh" or "Secure Shell".
	17	*
	18	* Copyright (c) 1999 Theo de Raadt. All rights reserved.
	19	* Copyright (c) 1999 Markus Friedl. All rights reserved.
	20	*
	21	* Redistribution and use in source and binary forms, with or without
	22	* modification, are permitted provided that the following conditions
	23	* are met:
	24	* 1. Redistributions of source code must retain the above copyright
	25	* notice, this list of conditions and the following disclaimer.
	26	* 2. Redistributions in binary form must reproduce the above copyright
	27	* notice, this list of conditions and the following disclaimer in the
	28	* documentation and/or other materials provided with the distribution.
	29	*
	30	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	31	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	32	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	33	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	34	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	35	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	36	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	37	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	38	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	39	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
5260325f	40	*/
8efc0c15	41
8efc0c15	42	#include "includes.h"
8efc0c15	43
5188ba17	44	#include <sys/types.h>
536c14e8	45	#include <sys/param.h>
31652869	46	#include <sys/socket.h>
5188ba17	47
8ad2db2a	48	#include <netinet/in.h>
8ad2db2a	49
028094f4	50	#include <errno.h>
d3221cca	51	#include <fcntl.h>
31652869	52	#include <stdarg.h>
cf851879	53	#include <stdio.h>
00146caa	54	#include <string.h>
b0f6943a	55	#include <time.h>
5188ba17	56	#include <unistd.h>
d3221cca	57
1d7b9b20	58	#include "loginrec.h"
be2ca0c9	59	#include "log.h"
	60	#include "buffer.h"
	61	#include "servconf.h"
	62
	63	extern Buffer loginmsg;
	64	extern ServerOptions options;
5daf7064	65
aa3378df	66	/*
	67	* Returns the time when the user last logged in. Returns 0 if the
	68	* information is not available. This must be called before record_login.
	69	* The host the user logged in from will be returned in buf.
	70	*/
306f24ca	71	time_t
5260325f	72	get_last_login_time(uid_t uid, const char *logname,
306f24ca	73	char *buf, size_t bufsize)
8efc0c15	74	{
769a750c	75	struct logininfo li;
a7effaac	76
769a750c	77	login_get_lastlog(&li, uid);
769a750c	78	strlcpy(buf, li.hostname, bufsize);
306f24ca	79	return (time_t)li.tv_sec;
8efc0c15	80	}
8efc0c15	81
be2ca0c9	82	/*
	83	* Generate and store last login message. This must be done before
	84	* login_login() is called and lastlog is updated.
	85	*/
7456203e	86	static void
be2ca0c9	87	store_lastlog_message(const char *user, uid_t uid)
be2ca0c9	88	{
6ee76eea	89	#ifndef NO_SSH_LASTLOG
be2ca0c9	90	char *time_string, hostname[MAXHOSTNAMELEN] = "", buf[512];
	91	time_t last_login_time;
	92
be2ca0c9	93	if (!options.print_lastlog)
	94	return;
	95
e339fa25	96	# ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG
	97	time_string = sys_auth_get_lastlogin_msg(user, uid);
	98	if (time_string != NULL) {
	99	buffer_append(&loginmsg, time_string, strlen(time_string));
	100	xfree(time_string);
	101	}
	102	# else
be2ca0c9	103	last_login_time = get_last_login_time(uid, user, hostname,
	104	sizeof(hostname));
	105
	106	if (last_login_time != 0) {
	107	time_string = ctime(&last_login_time);
b05117ac	108	time_string[strcspn(time_string, "\n")] = '\0';
be2ca0c9	109	if (strcmp(hostname, "") == 0)
	110	snprintf(buf, sizeof(buf), "Last login: %s\r\n",
	111	time_string);
	112	else
	113	snprintf(buf, sizeof(buf), "Last login: %s from %s\r\n",
	114	time_string, hostname);
	115	buffer_append(&loginmsg, buf, strlen(buf));
	116	}
e339fa25	117	# endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */
be2ca0c9	118	#endif /* NO_SSH_LASTLOG */
	119	}
	120
aa3378df	121	/*
b8e04133	122	* Records that the user has logged in. I wish these parts of operating
b8e04133	123	* systems were more standardized.
aa3378df	124	*/
6ae2364d	125	void
ca75d7de	126	record_login(pid_t pid, const char tty, const char user, uid_t uid,
32596c7b	127	const char host, struct sockaddr addr, socklen_t addrlen)
8efc0c15	128	{
769a750c	129	struct logininfo *li;
8efc0c15	130
be2ca0c9	131	/* save previous login details before writing new */
	132	store_lastlog_message(user, uid);
	133
ca75d7de	134	li = login_alloc_entry(pid, user, host, tty);
769a750c	135	login_set_addr(li, addr, addrlen);
	136	login_login(li);
	137	login_free_entry(li);
8efc0c15	138	}
5260325f	139
7e2d5fa4	140	#ifdef LOGIN_NEEDS_UTMPX
	141	void
	142	record_utmp_only(pid_t pid, const char ttyname, const char user,
5b04a8bf	143	const char host, struct sockaddr addr, socklen_t addrlen)
7e2d5fa4	144	{
769a750c	145	struct logininfo *li;
7e2d5fa4	146
769a750c	147	li = login_alloc_entry(pid, user, host, ttyname);
	148	login_set_addr(li, addr, addrlen);
	149	login_utmp_only(li);
	150	login_free_entry(li);
7e2d5fa4	151	}
	152	#endif
	153
5260325f	154	/* Records that the user has logged out. */
6ae2364d	155	void
ca75d7de	156	record_logout(pid_t pid, const char tty, const char user)
8efc0c15	157	{
769a750c	158	struct logininfo *li;
1d7b9b20	159
ca75d7de	160	li = login_alloc_entry(pid, user, NULL, tty);
769a750c	161	login_logout(li);
769a750c	162	login_free_entry(li);
8efc0c15	163	}