]> andersk Git - openssh.git/blame - loginrec.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] Disable
[openssh.git] / loginrec.c
CommitLineData
1d7b9b20 1/*
2 * Copyright (c) 2000 Andre Lucas. All rights reserved.
564dd50a 3 * Portions copyright (c) 1998 Todd C. Miller
4 * Portions copyright (c) 1996 Jason Downs
5 * Portions copyright (c) 1996 Theo de Raadt
1d7b9b20 6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
1d7b9b20 15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
b6610e8f 28/*
29 * The btmp logging code is derived from login.c from util-linux and is under
30 * the the following license:
31 *
32 * Copyright (c) 1980, 1987, 1988 The Regents of the University of California.
33 * All rights reserved.
34 *
35 * Redistribution and use in source and binary forms are permitted
36 * provided that the above copyright notice and this paragraph are
37 * duplicated in all such forms and that any documentation,
38 * advertising materials, and other materials related to such
39 * distribution and use acknowledge that the software was developed
40 * by the University of California, Berkeley. The name of the
41 * University may not be used to endorse or promote products derived
42 * from this software without specific prior written permission.
43 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
44 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
45 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
46 */
47
48
2b87da3b 49/**
1d7b9b20 50 ** loginrec.c: platform-independent login recording and lastlog retrieval
51 **/
52
564dd50a 53/*
fa64c868 54 * The new login code explained
55 * ============================
56 *
57 * This code attempts to provide a common interface to login recording
58 * (utmp and friends) and last login time retrieval.
59 *
60 * Its primary means of achieving this is to use 'struct logininfo', a
61 * union of all the useful fields in the various different types of
62 * system login record structures one finds on UNIX variants.
63 *
64 * We depend on autoconf to define which recording methods are to be
65 * used, and which fields are contained in the relevant data structures
66 * on the local system. Many C preprocessor symbols affect which code
67 * gets compiled here.
68 *
69 * The code is designed to make it easy to modify a particular
70 * recording method, without affecting other methods nor requiring so
71 * many nested conditional compilation blocks as were commonplace in
72 * the old code.
73 *
74 * For login recording, we try to use the local system's libraries as
75 * these are clearly most likely to work correctly. For utmp systems
76 * this usually means login() and logout() or setutent() etc., probably
77 * in libutil, along with logwtmp() etc. On these systems, we fall back
78 * to writing the files directly if we have to, though this method
79 * requires very thorough testing so we do not corrupt local auditing
80 * information. These files and their access methods are very system
81 * specific indeed.
82 *
83 * For utmpx systems, the corresponding library functions are
84 * setutxent() etc. To the author's knowledge, all utmpx systems have
85 * these library functions and so no direct write is attempted. If such
86 * a system exists and needs support, direct analogues of the [uw]tmp
87 * code should suffice.
88 *
89 * Retrieving the time of last login ('lastlog') is in some ways even
90 * more problemmatic than login recording. Some systems provide a
91 * simple table of all users which we seek based on uid and retrieve a
92 * relatively standard structure. Others record the same information in
93 * a directory with a separate file, and others don't record the
94 * information separately at all. For systems in the latter category,
95 * we look backwards in the wtmp or wtmpx file for the last login entry
96 * for our user. Naturally this is slower and on busy systems could
97 * incur a significant performance penalty.
98 *
99 * Calling the new code
100 * --------------------
101 *
102 * In OpenSSH all login recording and retrieval is performed in
103 * login.c. Here you'll find working examples. Also, in the logintest.c
104 * program there are more examples.
105 *
106 * Internal handler calling method
107 * -------------------------------
108 *
109 * When a call is made to login_login() or login_logout(), both
110 * routines set a struct logininfo flag defining which action (log in,
111 * or log out) is to be taken. They both then call login_write(), which
112 * calls whichever of the many structure-specific handlers autoconf
113 * selects for the local system.
114 *
115 * The handlers themselves handle system data structure specifics. Both
116 * struct utmp and struct utmpx have utility functions (see
117 * construct_utmp*()) to try to make it simpler to add extra systems
118 * that introduce new features to either structure.
119 *
120 * While it may seem terribly wasteful to replicate so much similar
121 * code for each method, experience has shown that maintaining code to
122 * write both struct utmp and utmpx in one function, whilst maintaining
123 * support for all systems whether they have library support or not, is
124 * a difficult and time-consuming task.
125 *
126 * Lastlog support proceeds similarly. Functions login_get_lastlog()
127 * (and its OpenSSH-tuned friend login_get_lastlog_time()) call
128 * getlast_entry(), which tries one of three methods to find the last
129 * login time. It uses local system lastlog support if it can,
130 * otherwise it tries wtmp or wtmpx before giving up and returning 0,
131 * meaning "tilt".
132 *
133 * Maintenance
134 * -----------
135 *
136 * In many cases it's possible to tweak autoconf to select the correct
137 * methods for a particular platform, either by improving the detection
138 * code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE
139 * symbols for the platform.
140 *
141 * Use logintest to check which symbols are defined before modifying
142 * configure.ac and loginrec.c. (You have to build logintest yourself
143 * with 'make logintest' as it's not built by default.)
144 *
145 * Otherwise, patches to the specific method(s) are very helpful!
146 */
1d7b9b20 147
148#include "includes.h"
149
81e73e57 150#include <sys/types.h>
151#include <sys/stat.h>
152
1d7b9b20 153#include "ssh.h"
154#include "xmalloc.h"
155#include "loginrec.h"
42f11eb2 156#include "log.h"
157#include "atomicio.h"
b6610e8f 158#include "packet.h"
159#include "canohost.h"
c00e4d75 160#include "auth.h"
c53d8c93 161#include "buffer.h"
1d7b9b20 162
44d5f7f7 163#ifdef HAVE_UTIL_H
fa64c868 164# include <util.h>
44d5f7f7 165#endif
166
8f523d67 167#ifdef HAVE_LIBUTIL_H
fa64c868 168# include <libutil.h>
8f523d67 169#endif
170
fa64c868 171RCSID("$Id$");
172
1d7b9b20 173/**
174 ** prototypes for helper functions in this file
175 **/
176
177#if HAVE_UTMP_H
1d7b9b20 178void set_utmp_time(struct logininfo *li, struct utmp *ut);
179void construct_utmp(struct logininfo *li, struct utmp *ut);
180#endif
181
182#ifdef HAVE_UTMPX_H
1d7b9b20 183void set_utmpx_time(struct logininfo *li, struct utmpx *ut);
184void construct_utmpx(struct logininfo *li, struct utmpx *ut);
185#endif
186
187int utmp_write_entry(struct logininfo *li);
188int utmpx_write_entry(struct logininfo *li);
189int wtmp_write_entry(struct logininfo *li);
190int wtmpx_write_entry(struct logininfo *li);
191int lastlog_write_entry(struct logininfo *li);
192int syslogin_write_entry(struct logininfo *li);
193
194int getlast_entry(struct logininfo *li);
195int lastlog_get_entry(struct logininfo *li);
196int wtmp_get_entry(struct logininfo *li);
197int wtmpx_get_entry(struct logininfo *li);
198
5ccf88cb 199extern Buffer loginmsg;
200
5abcdf8e 201/* pick the shortest string */
fa64c868 202#define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))
5abcdf8e 203
1d7b9b20 204/**
205 ** platform-independent login functions
206 **/
207
fa64c868 208/*
209 * login_login(struct logininfo *) - Record a login
2b87da3b 210 *
5abcdf8e 211 * Call with a pointer to a struct logininfo initialised with
212 * login_init_entry() or login_alloc_entry()
213 *
214 * Returns:
215 * >0 if successful
216 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
217 */
564dd50a 218int
fa64c868 219login_login(struct logininfo *li)
564dd50a 220{
221 li->type = LTYPE_LOGIN;
fa64c868 222 return (login_write(li));
564dd50a 223}
1d7b9b20 224
225
fa64c868 226/*
227 * login_logout(struct logininfo *) - Record a logout
5abcdf8e 228 *
229 * Call as with login_login()
230 *
231 * Returns:
232 * >0 if successful
233 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
234 */
564dd50a 235int
236login_logout(struct logininfo *li)
237{
238 li->type = LTYPE_LOGOUT;
fa64c868 239 return (login_write(li));
1d7b9b20 240}
241
fa64c868 242/*
243 * login_get_lastlog_time(int) - Retrieve the last login time
5abcdf8e 244 *
245 * Retrieve the last login time for the given uid. Will try to use the
246 * system lastlog facilities if they are available, but will fall back
247 * to looking in wtmp/wtmpx if necessary
248 *
249 * Returns:
250 * 0 on failure, or if user has never logged in
251 * Time in seconds from the epoch if successful
252 *
253 * Useful preprocessor symbols:
254 * DISABLE_LASTLOG: If set, *never* even try to retrieve lastlog
255 * info
256 * USE_LASTLOG: If set, indicates the presence of system lastlog
257 * facilities. If this and DISABLE_LASTLOG are not set,
258 * try to retrieve lastlog information from wtmp/wtmpx.
259 */
564dd50a 260unsigned int
261login_get_lastlog_time(const int uid)
262{
263 struct logininfo li;
1d7b9b20 264
5abcdf8e 265 if (login_get_lastlog(&li, uid))
fa64c868 266 return (li.tv_sec);
5abcdf8e 267 else
fa64c868 268 return (0);
564dd50a 269}
1d7b9b20 270
fa64c868 271/*
272 * login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry
5abcdf8e 273 *
274 * Retrieve a logininfo structure populated (only partially) with
275 * information from the system lastlog data, or from wtmp/wtmpx if no
276 * system lastlog information exists.
277 *
278 * Note this routine must be given a pre-allocated logininfo.
279 *
280 * Returns:
281 * >0: A pointer to your struct logininfo if successful
282 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
5abcdf8e 283 */
564dd50a 284struct logininfo *
285login_get_lastlog(struct logininfo *li, const int uid)
286{
5abcdf8e 287 struct passwd *pw;
5abcdf8e 288
dbaa2e87 289 memset(li, '\0', sizeof(*li));
1d7b9b20 290 li->uid = uid;
5abcdf8e 291
2b87da3b 292 /*
9f32ceb4 293 * If we don't have a 'real' lastlog, we need the username to
5abcdf8e 294 * reliably search wtmp(x) for the last login (see
2b87da3b 295 * wtmp_get_entry().)
9f32ceb4 296 */
5abcdf8e 297 pw = getpwuid(uid);
a05a70ab 298 if (pw == NULL)
a233586b 299 fatal("%s: Cannot find account for uid %i", __func__, uid);
2b87da3b 300
1bfbb762 301 /* No MIN_SIZEOF here - we absolutely *must not* truncate the
fa64c868 302 * username (XXX - so check for trunc!) */
d8caae24 303 strlcpy(li->username, pw->pw_name, sizeof(li->username));
a05a70ab 304
564dd50a 305 if (getlast_entry(li))
fa64c868 306 return (li);
564dd50a 307 else
fa64c868 308 return (NULL);
1d7b9b20 309}
310
1d7b9b20 311
fa64c868 312/*
313 * login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
2b87da3b 314 * a logininfo structure
315 *
5abcdf8e 316 * This function creates a new struct logininfo, a data structure
317 * meant to carry the information required to portably record login info.
318 *
319 * Returns a pointer to a newly created struct logininfo. If memory
320 * allocation fails, the program halts.
321 */
564dd50a 322struct
323logininfo *login_alloc_entry(int pid, const char *username,
fa64c868 324 const char *hostname, const char *line)
564dd50a 325{
326 struct logininfo *newli;
1d7b9b20 327
fa64c868 328 newli = xmalloc(sizeof(*newli));
329 login_init_entry(newli, pid, username, hostname, line);
330 return (newli);
1d7b9b20 331}
332
333
5abcdf8e 334/* login_free_entry(struct logininfo *) - free struct memory */
1d7b9b20 335void
564dd50a 336login_free_entry(struct logininfo *li)
337{
338 xfree(li);
1d7b9b20 339}
340
341
5abcdf8e 342/* login_init_entry(struct logininfo *, int, char*, char*, char*)
343 * - initialise a struct logininfo
2b87da3b 344 *
5abcdf8e 345 * Populates a new struct logininfo, a data structure meant to carry
346 * the information required to portably record login info.
347 *
348 * Returns: 1
349 */
564dd50a 350int
2b87da3b 351login_init_entry(struct logininfo *li, int pid, const char *username,
fa64c868 352 const char *hostname, const char *line)
564dd50a 353{
d8caae24 354 struct passwd *pw;
2b87da3b 355
dbaa2e87 356 memset(li, 0, sizeof(*li));
2b87da3b 357
564dd50a 358 li->pid = pid;
d8caae24 359
564dd50a 360 /* set the line information */
361 if (line)
362 line_fullname(li->line, line, sizeof(li->line));
1d7b9b20 363
d8caae24 364 if (username) {
564dd50a 365 strlcpy(li->username, username, sizeof(li->username));
d8caae24 366 pw = getpwnam(li->username);
fa64c868 367 if (pw == NULL) {
d1cf9a87 368 fatal("%s: Cannot find user \"%s\"", __func__,
fa64c868 369 li->username);
370 }
d8caae24 371 li->uid = pw->pw_uid;
372 }
a05a70ab 373
564dd50a 374 if (hostname)
375 strlcpy(li->hostname, hostname, sizeof(li->hostname));
d8caae24 376
fa64c868 377 return (1);
1d7b9b20 378}
379
d1cf9a87 380/*
fa64c868 381 * login_set_current_time(struct logininfo *) - set the current time
5abcdf8e 382 *
383 * Set the current time in a logininfo structure. This function is
384 * meant to eliminate the need to deal with system dependencies for
385 * time handling.
386 */
1d7b9b20 387void
564dd50a 388login_set_current_time(struct logininfo *li)
389{
1d7b9b20 390 struct timeval tv;
391
392 gettimeofday(&tv, NULL);
2b87da3b 393
d8caae24 394 li->tv_sec = tv.tv_sec;
395 li->tv_usec = tv.tv_usec;
1d7b9b20 396}
397
564dd50a 398/* copy a sockaddr_* into our logininfo */
1d7b9b20 399void
564dd50a 400login_set_addr(struct logininfo *li, const struct sockaddr *sa,
fa64c868 401 const unsigned int sa_size)
564dd50a 402{
403 unsigned int bufsize = sa_size;
404
405 /* make sure we don't overrun our union */
406 if (sizeof(li->hostaddr) < sa_size)
407 bufsize = sizeof(li->hostaddr);
408
fa64c868 409 memcpy(&li->hostaddr.sa, sa, bufsize);
1d7b9b20 410}
1d7b9b20 411
564dd50a 412
413/**
414 ** login_write: Call low-level recording functions based on autoconf
415 ** results
416 **/
1d7b9b20 417int
fa64c868 418login_write(struct logininfo *li)
564dd50a 419{
3c62e7eb 420#ifndef HAVE_CYGWIN
fa64c868 421 if (geteuid() != 0) {
422 logit("Attempt to write login records by non-root user (aborting)");
423 return (1);
1d7b9b20 424 }
3c62e7eb 425#endif
a05a70ab 426
1d7b9b20 427 /* set the timestamp */
428 login_set_current_time(li);
429#ifdef USE_LOGIN
430 syslogin_write_entry(li);
431#endif
432#ifdef USE_LASTLOG
fa64c868 433 if (li->type == LTYPE_LOGIN)
1d7b9b20 434 lastlog_write_entry(li);
1d7b9b20 435#endif
436#ifdef USE_UTMP
437 utmp_write_entry(li);
438#endif
439#ifdef USE_WTMP
440 wtmp_write_entry(li);
441#endif
442#ifdef USE_UTMPX
443 utmpx_write_entry(li);
444#endif
445#ifdef USE_WTMPX
446 wtmpx_write_entry(li);
f5ed3301 447#endif
448#ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
d1cf9a87 449 if (li->type == LTYPE_LOGIN &&
98c044d0 450 !sys_auth_record_login(li->username,li->hostname,li->line,
451 &loginmsg))
f5ed3301 452 logit("Writing login record failed for %s", li->username);
c00e4d75 453#endif
6039eeef 454#ifdef SSH_AUDIT_EVENTS
c00e4d75 455 if (li->type == LTYPE_LOGIN)
456 audit_session_open(li->line);
457 else if (li->type == LTYPE_LOGOUT)
458 audit_session_close(li->line);
1d7b9b20 459#endif
fa64c868 460 return (0);
1d7b9b20 461}
462
7e2d5fa4 463#ifdef LOGIN_NEEDS_UTMPX
464int
465login_utmp_only(struct logininfo *li)
466{
aff51935 467 li->type = LTYPE_LOGIN;
9e127e27 468 login_set_current_time(li);
7e2d5fa4 469# ifdef USE_UTMP
470 utmp_write_entry(li);
471# endif
472# ifdef USE_WTMP
473 wtmp_write_entry(li);
474# endif
475# ifdef USE_UTMPX
476 utmpx_write_entry(li);
477# endif
478# ifdef USE_WTMPX
479 wtmpx_write_entry(li);
480# endif
fa64c868 481 return (0);
7e2d5fa4 482}
483#endif
484
564dd50a 485/**
486 ** getlast_entry: Call low-level functions to retrieve the last login
487 ** time.
488 **/
1d7b9b20 489
564dd50a 490/* take the uid in li and return the last login time */
1d7b9b20 491int
564dd50a 492getlast_entry(struct logininfo *li)
493{
494#ifdef USE_LASTLOG
9f32ceb4 495 return(lastlog_get_entry(li));
a05a70ab 496#else /* !USE_LASTLOG */
1d7b9b20 497
fa64c868 498#if defined(DISABLE_LASTLOG)
2b87da3b 499 /* On some systems we shouldn't even try to obtain last login
3f45f1c3 500 * time, e.g. AIX */
fa64c868 501 return (0);
502# elif defined(USE_WTMP) && \
503 (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP))
564dd50a 504 /* retrieve last login time from utmp */
a05a70ab 505 return (wtmp_get_entry(li));
fa64c868 506# elif defined(USE_WTMPX) && \
507 (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX))
564dd50a 508 /* If wtmp isn't available, try wtmpx */
a05a70ab 509 return (wtmpx_get_entry(li));
fa64c868 510# else
564dd50a 511 /* Give up: No means of retrieving last login time */
fa64c868 512 return (0);
2b87da3b 513# endif /* DISABLE_LASTLOG */
a05a70ab 514#endif /* USE_LASTLOG */
564dd50a 515}
1d7b9b20 516
517
1d7b9b20 518
519/*
564dd50a 520 * 'line' string utility functions
521 *
522 * These functions process the 'line' string into one of three forms:
523 *
1d7b9b20 524 * 1. The full filename (including '/dev')
525 * 2. The stripped name (excluding '/dev')
564dd50a 526 * 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
527 * /dev/pts/1 -> ts/1 )
1d7b9b20 528 *
529 * Form 3 is used on some systems to identify a .tmp.? entry when
530 * attempting to remove it. Typically both addition and removal is
564dd50a 531 * performed by one application - say, sshd - so as long as the choice
532 * uniquely identifies a terminal it's ok.
1d7b9b20 533 */
534
535
fa64c868 536/*
537 * line_fullname(): add the leading '/dev/' if it doesn't exist make
538 * sure dst has enough space, if not just copy src (ugh)
539 */
1d7b9b20 540char *
44d71ad5 541line_fullname(char *dst, const char *src, u_int dstsize)
564dd50a 542{
1d7b9b20 543 memset(dst, '\0', dstsize);
fa64c868 544 if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5)))
1d7b9b20 545 strlcpy(dst, src, dstsize);
fa64c868 546 else {
a4d05724 547 strlcpy(dst, "/dev/", dstsize);
1d7b9b20 548 strlcat(dst, src, dstsize);
549 }
fa64c868 550 return (dst);
1d7b9b20 551}
552
564dd50a 553/* line_stripname(): strip the leading '/dev' if it exists, return dst */
1d7b9b20 554char *
564dd50a 555line_stripname(char *dst, const char *src, int dstsize)
556{
1d7b9b20 557 memset(dst, '\0', dstsize);
558 if (strncmp(src, "/dev/", 5) == 0)
89d7510a 559 strlcpy(dst, src + 5, dstsize);
1d7b9b20 560 else
561 strlcpy(dst, src, dstsize);
fa64c868 562 return (dst);
564dd50a 563}
564
d1cf9a87 565/*
fa64c868 566 * line_abbrevname(): Return the abbreviated (usually four-character)
564dd50a 567 * form of the line (Just use the last <dstsize> characters of the
568 * full name.)
569 *
570 * NOTE: use strncpy because we do NOT necessarily want zero
fa64c868 571 * termination
572 */
1d7b9b20 573char *
2b87da3b 574line_abbrevname(char *dst, const char *src, int dstsize)
a05a70ab 575{
576 size_t len;
2b87da3b 577
1d7b9b20 578 memset(dst, '\0', dstsize);
2b87da3b 579
daaff4d5 580 /* Always skip prefix if present */
581 if (strncmp(src, "/dev/", 5) == 0)
582 src += 5;
2b87da3b 583
0e8f4eba 584#ifdef WITH_ABBREV_NO_TTY
585 if (strncmp(src, "tty", 3) == 0)
586 src += 3;
587#endif
588
a05a70ab 589 len = strlen(src);
590
daaff4d5 591 if (len > 0) {
592 if (((int)len - dstsize) > 0)
593 src += ((int)len - dstsize);
594
595 /* note: _don't_ change this to strlcpy */
2b87da3b 596 strncpy(dst, src, (size_t)dstsize);
a05a70ab 597 }
2b87da3b 598
fa64c868 599 return (dst);
1d7b9b20 600}
601
1d7b9b20 602/**
603 ** utmp utility functions
564dd50a 604 **
605 ** These functions manipulate struct utmp, taking system differences
606 ** into account.
1d7b9b20 607 **/
608
609#if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN)
610
1d7b9b20 611/* build the utmp structure */
612void
564dd50a 613set_utmp_time(struct logininfo *li, struct utmp *ut)
614{
fa64c868 615# if defined(HAVE_TV_IN_UTMP)
1d7b9b20 616 ut->ut_tv.tv_sec = li->tv_sec;
617 ut->ut_tv.tv_usec = li->tv_usec;
fa64c868 618# elif defined(HAVE_TIME_IN_UTMP)
1d7b9b20 619 ut->ut_time = li->tv_sec;
a05a70ab 620# endif
1d7b9b20 621}
622
623void
624construct_utmp(struct logininfo *li,
564dd50a 625 struct utmp *ut)
626{
9746ee4b 627# ifdef HAVE_ADDR_V6_IN_UTMP
628 struct sockaddr_in6 *sa6;
fa64c868 629# endif
630
dbaa2e87 631 memset(ut, '\0', sizeof(*ut));
5abcdf8e 632
633 /* First fill out fields used for both logins and logouts */
634
a05a70ab 635# ifdef HAVE_ID_IN_UTMP
1d7b9b20 636 line_abbrevname(ut->ut_id, li->line, sizeof(ut->ut_id));
a05a70ab 637# endif
1d7b9b20 638
a05a70ab 639# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 640 /* This is done here to keep utmp constants out of struct logininfo */
1d7b9b20 641 switch (li->type) {
642 case LTYPE_LOGIN:
643 ut->ut_type = USER_PROCESS;
ef51930f 644#ifdef _UNICOS
1a23ac2c 645 cray_set_tmpdir(ut);
646#endif
1d7b9b20 647 break;
648 case LTYPE_LOGOUT:
649 ut->ut_type = DEAD_PROCESS;
ef51930f 650#ifdef _UNICOS
1a23ac2c 651 cray_retain_utmp(ut, li->pid);
652#endif
1d7b9b20 653 break;
654 }
a05a70ab 655# endif
5abcdf8e 656 set_utmp_time(li, ut);
1d7b9b20 657
5abcdf8e 658 line_stripname(ut->ut_line, li->line, sizeof(ut->ut_line));
a05a70ab 659
660# ifdef HAVE_PID_IN_UTMP
1d7b9b20 661 ut->ut_pid = li->pid;
a05a70ab 662# endif
5abcdf8e 663
664 /* If we're logging out, leave all other fields blank */
665 if (li->type == LTYPE_LOGOUT)
fa64c868 666 return;
5abcdf8e 667
a05a70ab 668 /*
669 * These fields are only used when logging in, and are blank
2b87da3b 670 * for logouts.
a05a70ab 671 */
5abcdf8e 672
673 /* Use strncpy because we don't necessarily want null termination */
fa64c868 674 strncpy(ut->ut_name, li->username,
675 MIN_SIZEOF(ut->ut_name, li->username));
a05a70ab 676# ifdef HAVE_HOST_IN_UTMP
fa64c868 677 strncpy(ut->ut_host, li->hostname,
678 MIN_SIZEOF(ut->ut_host, li->hostname));
a05a70ab 679# endif
680# ifdef HAVE_ADDR_IN_UTMP
564dd50a 681 /* this is just a 32-bit IP address */
682 if (li->hostaddr.sa.sa_family == AF_INET)
683 ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
2b87da3b 684# endif
9746ee4b 685# ifdef HAVE_ADDR_V6_IN_UTMP
686 /* this is just a 128-bit IPv6 address */
687 if (li->hostaddr.sa.sa_family == AF_INET6) {
688 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
689 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
690 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
691 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
692 ut->ut_addr_v6[1] = 0;
693 ut->ut_addr_v6[2] = 0;
694 ut->ut_addr_v6[3] = 0;
695 }
696 }
697# endif
564dd50a 698}
a05a70ab 699#endif /* USE_UTMP || USE_WTMP || USE_LOGIN */
564dd50a 700
1d7b9b20 701/**
702 ** utmpx utility functions
564dd50a 703 **
704 ** These functions manipulate struct utmpx, accounting for system
705 ** variations.
1d7b9b20 706 **/
707
708#if defined(USE_UTMPX) || defined (USE_WTMPX)
1d7b9b20 709/* build the utmpx structure */
710void
564dd50a 711set_utmpx_time(struct logininfo *li, struct utmpx *utx)
712{
fa64c868 713# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 714 utx->ut_tv.tv_sec = li->tv_sec;
715 utx->ut_tv.tv_usec = li->tv_usec;
fa64c868 716# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 717 utx->ut_time = li->tv_sec;
fa64c868 718# endif
1d7b9b20 719}
720
721void
564dd50a 722construct_utmpx(struct logininfo *li, struct utmpx *utx)
723{
9746ee4b 724# ifdef HAVE_ADDR_V6_IN_UTMP
725 struct sockaddr_in6 *sa6;
726# endif
dbaa2e87 727 memset(utx, '\0', sizeof(*utx));
fa64c868 728
daaff4d5 729# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 730 line_abbrevname(utx->ut_id, li->line, sizeof(utx->ut_id));
daaff4d5 731# endif
1d7b9b20 732
733 /* this is done here to keep utmp constants out of loginrec.h */
734 switch (li->type) {
735 case LTYPE_LOGIN:
736 utx->ut_type = USER_PROCESS;
737 break;
738 case LTYPE_LOGOUT:
739 utx->ut_type = DEAD_PROCESS;
740 break;
741 }
1d7b9b20 742 line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line));
1d7b9b20 743 set_utmpx_time(li, utx);
5abcdf8e 744 utx->ut_pid = li->pid;
fa64c868 745
f3837bc6 746 /* strncpy(): Don't necessarily want null termination */
fa64c868 747 strncpy(utx->ut_name, li->username,
748 MIN_SIZEOF(utx->ut_name, li->username));
5abcdf8e 749
750 if (li->type == LTYPE_LOGOUT)
751 return;
752
a05a70ab 753 /*
754 * These fields are only used when logging in, and are blank
2b87da3b 755 * for logouts.
a05a70ab 756 */
5abcdf8e 757
a05a70ab 758# ifdef HAVE_HOST_IN_UTMPX
fa64c868 759 strncpy(utx->ut_host, li->hostname,
760 MIN_SIZEOF(utx->ut_host, li->hostname));
a05a70ab 761# endif
762# ifdef HAVE_ADDR_IN_UTMPX
764d4113 763 /* this is just a 32-bit IP address */
764 if (li->hostaddr.sa.sa_family == AF_INET)
765 utx->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
a05a70ab 766# endif
9746ee4b 767# ifdef HAVE_ADDR_V6_IN_UTMP
768 /* this is just a 128-bit IPv6 address */
769 if (li->hostaddr.sa.sa_family == AF_INET6) {
770 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
771 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
772 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
773 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
774 ut->ut_addr_v6[1] = 0;
775 ut->ut_addr_v6[2] = 0;
776 ut->ut_addr_v6[3] = 0;
777 }
778 }
779# endif
a05a70ab 780# ifdef HAVE_SYSLEN_IN_UTMPX
5abcdf8e 781 /* ut_syslen is the length of the utx_host string */
782 utx->ut_syslen = MIN(strlen(li->hostname), sizeof(utx->ut_host));
a05a70ab 783# endif
564dd50a 784}
a05a70ab 785#endif /* USE_UTMPX || USE_WTMPX */
1d7b9b20 786
787/**
564dd50a 788 ** Low-level utmp functions
1d7b9b20 789 **/
790
791/* FIXME: (ATL) utmp_write_direct needs testing */
1d7b9b20 792#ifdef USE_UTMP
793
1d7b9b20 794/* if we can, use pututline() etc. */
a05a70ab 795# if !defined(DISABLE_PUTUTLINE) && defined(HAVE_SETUTENT) && \
796 defined(HAVE_PUTUTLINE)
1d7b9b20 797# define UTMP_USE_LIBRARY
a05a70ab 798# endif
1d7b9b20 799
800
801/* write a utmp entry with the system's help (pututline() and pals) */
a05a70ab 802# ifdef UTMP_USE_LIBRARY
1d7b9b20 803static int
564dd50a 804utmp_write_library(struct logininfo *li, struct utmp *ut)
805{
1d7b9b20 806 setutent();
807 pututline(ut);
a05a70ab 808# ifdef HAVE_ENDUTENT
1d7b9b20 809 endutent();
a05a70ab 810# endif
fa64c868 811 return (1);
564dd50a 812}
a05a70ab 813# else /* UTMP_USE_LIBRARY */
1d7b9b20 814
d1cf9a87 815/*
fa64c868 816 * Write a utmp entry direct to the file
817 * This is a slightly modification of code in OpenBSD's login.c
818 */
1d7b9b20 819static int
564dd50a 820utmp_write_direct(struct logininfo *li, struct utmp *ut)
821{
1d7b9b20 822 struct utmp old_ut;
823 register int fd;
824 int tty;
825
5abcdf8e 826 /* FIXME: (ATL) ttyslot() needs local implementation */
dbaa2e87 827
698d107e 828#if defined(HAVE_GETTTYENT)
fa64c868 829 struct ttyent *ty;
dbaa2e87 830
831 tty=0;
dbaa2e87 832 setttyent();
fa64c868 833 while (NULL != (ty = getttyent())) {
dbaa2e87 834 tty++;
835 if (!strncmp(ty->ty_name, ut->ut_line, sizeof(ut->ut_line)))
836 break;
837 }
838 endttyent();
839
fa64c868 840 if (NULL == ty) {
5f12e050 841 logit("%s: tty not found", __func__);
842 return (0);
dbaa2e87 843 }
844#else /* FIXME */
845
1d7b9b20 846 tty = ttyslot(); /* seems only to work for /dev/ttyp? style names */
847
698d107e 848#endif /* HAVE_GETTTYENT */
dbaa2e87 849
1d7b9b20 850 if (tty > 0 && (fd = open(UTMP_FILE, O_RDWR|O_CREAT, 0644)) >= 0) {
5f12e050 851 off_t pos, ret;
852
853 pos = (off_t)tty * sizeof(struct utmp);
854 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 855 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 856 return (0);
857 }
858 if (ret != pos) {
d1cf9a87 859 logit("%s: Couldn't seek to tty %d slot in %s",
f6d20d59 860 __func__, tty, UTMP_FILE);
5f12e050 861 return (0);
862 }
1d7b9b20 863 /*
864 * Prevent luser from zero'ing out ut_host.
865 * If the new ut_line is empty but the old one is not
dc2a6d09 866 * and ut_line and ut_name match, preserve the old ut_line.
1d7b9b20 867 */
2b87da3b 868 if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) &&
fa64c868 869 (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') &&
870 (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) &&
871 (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0))
872 memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host));
2b87da3b 873
5f12e050 874 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 875 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 876 return (0);
877 }
878 if (ret != pos) {
f6d20d59 879 logit("%s: Couldn't seek to tty %d slot in %s",
5f12e050 880 __func__, tty, UTMP_FILE);
881 return (0);
882 }
fa64c868 883 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
5f12e050 884 logit("%s: error writing %s: %s", __func__,
5abcdf8e 885 UTMP_FILE, strerror(errno));
fa64c868 886 }
2b87da3b 887
fa64c868 888 close(fd);
889 return (1);
9f32ceb4 890 } else {
fa64c868 891 return (0);
9f32ceb4 892 }
564dd50a 893}
a05a70ab 894# endif /* UTMP_USE_LIBRARY */
1d7b9b20 895
896static int
564dd50a 897utmp_perform_login(struct logininfo *li)
898{
1d7b9b20 899 struct utmp ut;
900
901 construct_utmp(li, &ut);
a05a70ab 902# ifdef UTMP_USE_LIBRARY
1d7b9b20 903 if (!utmp_write_library(li, &ut)) {
a233586b 904 logit("%s: utmp_write_library() failed", __func__);
fa64c868 905 return (0);
1d7b9b20 906 }
a05a70ab 907# else
1d7b9b20 908 if (!utmp_write_direct(li, &ut)) {
a233586b 909 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 910 return (0);
1d7b9b20 911 }
a05a70ab 912# endif
fa64c868 913 return (1);
564dd50a 914}
1d7b9b20 915
916
917static int
564dd50a 918utmp_perform_logout(struct logininfo *li)
919{
1d7b9b20 920 struct utmp ut;
921
5abcdf8e 922 construct_utmp(li, &ut);
a05a70ab 923# ifdef UTMP_USE_LIBRARY
5abcdf8e 924 if (!utmp_write_library(li, &ut)) {
a233586b 925 logit("%s: utmp_write_library() failed", __func__);
fa64c868 926 return (0);
5abcdf8e 927 }
a05a70ab 928# else
5abcdf8e 929 if (!utmp_write_direct(li, &ut)) {
a233586b 930 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 931 return (0);
5abcdf8e 932 }
a05a70ab 933# endif
fa64c868 934 return (1);
564dd50a 935}
1d7b9b20 936
937
938int
564dd50a 939utmp_write_entry(struct logininfo *li)
940{
1d7b9b20 941 switch(li->type) {
942 case LTYPE_LOGIN:
fa64c868 943 return (utmp_perform_login(li));
1d7b9b20 944
945 case LTYPE_LOGOUT:
fa64c868 946 return (utmp_perform_logout(li));
1d7b9b20 947
948 default:
a233586b 949 logit("%s: invalid type field", __func__);
fa64c868 950 return (0);
1d7b9b20 951 }
564dd50a 952}
a05a70ab 953#endif /* USE_UTMP */
1d7b9b20 954
955
956/**
564dd50a 957 ** Low-level utmpx functions
1d7b9b20 958 **/
959
960/* not much point if we don't want utmpx entries */
961#ifdef USE_UTMPX
962
1d7b9b20 963/* if we have the wherewithall, use pututxline etc. */
a05a70ab 964# if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \
965 defined(HAVE_PUTUTXLINE)
1d7b9b20 966# define UTMPX_USE_LIBRARY
a05a70ab 967# endif
1d7b9b20 968
969
970/* write a utmpx entry with the system's help (pututxline() and pals) */
a05a70ab 971# ifdef UTMPX_USE_LIBRARY
1d7b9b20 972static int
564dd50a 973utmpx_write_library(struct logininfo *li, struct utmpx *utx)
974{
1d7b9b20 975 setutxent();
976 pututxline(utx);
977
a05a70ab 978# ifdef HAVE_ENDUTXENT
1d7b9b20 979 endutxent();
a05a70ab 980# endif
fa64c868 981 return (1);
564dd50a 982}
1d7b9b20 983
a05a70ab 984# else /* UTMPX_USE_LIBRARY */
1d7b9b20 985
986/* write a utmp entry direct to the file */
987static int
564dd50a 988utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
2b87da3b 989{
a233586b 990 logit("%s: not implemented!", __func__);
fa64c868 991 return (0);
564dd50a 992}
a05a70ab 993# endif /* UTMPX_USE_LIBRARY */
1d7b9b20 994
995static int
564dd50a 996utmpx_perform_login(struct logininfo *li)
997{
1d7b9b20 998 struct utmpx utx;
999
1000 construct_utmpx(li, &utx);
a05a70ab 1001# ifdef UTMPX_USE_LIBRARY
1d7b9b20 1002 if (!utmpx_write_library(li, &utx)) {
a233586b 1003 logit("%s: utmp_write_library() failed", __func__);
fa64c868 1004 return (0);
1d7b9b20 1005 }
a05a70ab 1006# else
1d7b9b20 1007 if (!utmpx_write_direct(li, &ut)) {
a233586b 1008 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 1009 return (0);
1d7b9b20 1010 }
a05a70ab 1011# endif
fa64c868 1012 return (1);
564dd50a 1013}
1d7b9b20 1014
1015
1016static int
564dd50a 1017utmpx_perform_logout(struct logininfo *li)
1018{
1d7b9b20 1019 struct utmpx utx;
1020
f3837bc6 1021 construct_utmpx(li, &utx);
a05a70ab 1022# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 1023 line_abbrevname(utx.ut_id, li->line, sizeof(utx.ut_id));
a05a70ab 1024# endif
1025# ifdef HAVE_TYPE_IN_UTMPX
1d7b9b20 1026 utx.ut_type = DEAD_PROCESS;
a05a70ab 1027# endif
1d7b9b20 1028
a05a70ab 1029# ifdef UTMPX_USE_LIBRARY
1d7b9b20 1030 utmpx_write_library(li, &utx);
a05a70ab 1031# else
1d7b9b20 1032 utmpx_write_direct(li, &utx);
a05a70ab 1033# endif
fa64c868 1034 return (1);
564dd50a 1035}
1d7b9b20 1036
1d7b9b20 1037int
564dd50a 1038utmpx_write_entry(struct logininfo *li)
1039{
1d7b9b20 1040 switch(li->type) {
1041 case LTYPE_LOGIN:
fa64c868 1042 return (utmpx_perform_login(li));
1d7b9b20 1043 case LTYPE_LOGOUT:
fa64c868 1044 return (utmpx_perform_logout(li));
1d7b9b20 1045 default:
a233586b 1046 logit("%s: invalid type field", __func__);
fa64c868 1047 return (0);
1d7b9b20 1048 }
564dd50a 1049}
a05a70ab 1050#endif /* USE_UTMPX */
1d7b9b20 1051
1052
1053/**
564dd50a 1054 ** Low-level wtmp functions
1d7b9b20 1055 **/
1056
2b87da3b 1057#ifdef USE_WTMP
1d7b9b20 1058
d1cf9a87 1059/*
fa64c868 1060 * Write a wtmp entry direct to the end of the file
1061 * This is a slight modification of code in OpenBSD's logwtmp.c
1062 */
1d7b9b20 1063static int
564dd50a 1064wtmp_write(struct logininfo *li, struct utmp *ut)
1065{
1d7b9b20 1066 struct stat buf;
1067 int fd, ret = 1;
1068
1069 if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
a233586b 1070 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1071 WTMP_FILE, strerror(errno));
fa64c868 1072 return (0);
1d7b9b20 1073 }
2b87da3b 1074 if (fstat(fd, &buf) == 0)
d72f7b79 1075 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
1d7b9b20 1076 ftruncate(fd, buf.st_size);
a233586b 1077 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1078 WTMP_FILE, strerror(errno));
1079 ret = 0;
1080 }
fa64c868 1081 close(fd);
1082 return (ret);
564dd50a 1083}
1d7b9b20 1084
1d7b9b20 1085static int
a05a70ab 1086wtmp_perform_login(struct logininfo *li)
1087{
1d7b9b20 1088 struct utmp ut;
1089
1090 construct_utmp(li, &ut);
fa64c868 1091 return (wtmp_write(li, &ut));
564dd50a 1092}
1d7b9b20 1093
1094
1095static int
564dd50a 1096wtmp_perform_logout(struct logininfo *li)
1097{
1d7b9b20 1098 struct utmp ut;
1099
1100 construct_utmp(li, &ut);
fa64c868 1101 return (wtmp_write(li, &ut));
564dd50a 1102}
1d7b9b20 1103
1104
1105int
564dd50a 1106wtmp_write_entry(struct logininfo *li)
1107{
1d7b9b20 1108 switch(li->type) {
1109 case LTYPE_LOGIN:
fa64c868 1110 return (wtmp_perform_login(li));
1d7b9b20 1111 case LTYPE_LOGOUT:
fa64c868 1112 return (wtmp_perform_logout(li));
1d7b9b20 1113 default:
a233586b 1114 logit("%s: invalid type field", __func__);
fa64c868 1115 return (0);
1d7b9b20 1116 }
564dd50a 1117}
1d7b9b20 1118
1119
d1cf9a87 1120/*
fa64c868 1121 * Notes on fetching login data from wtmp/wtmpx
2b87da3b 1122 *
5abcdf8e 1123 * Logouts are usually recorded with (amongst other things) a blank
1124 * username on a given tty line. However, some systems (HP-UX is one)
1125 * leave all fields set, but change the ut_type field to DEAD_PROCESS.
1126 *
1127 * Since we're only looking for logins here, we know that the username
1128 * must be set correctly. On systems that leave it in, we check for
1129 * ut_type==USER_PROCESS (indicating a login.)
1130 *
1131 * Portability: Some systems may set something other than USER_PROCESS
1132 * to indicate a login process. I don't know of any as I write. Also,
1133 * it's possible that some systems may both leave the username in
1134 * place and not have ut_type.
1135 */
1136
5abcdf8e 1137/* return true if this wtmp entry indicates a login */
1138static int
1139wtmp_islogin(struct logininfo *li, struct utmp *ut)
1140{
2b87da3b 1141 if (strncmp(li->username, ut->ut_name,
fa64c868 1142 MIN_SIZEOF(li->username, ut->ut_name)) == 0) {
a05a70ab 1143# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 1144 if (ut->ut_type & USER_PROCESS)
fa64c868 1145 return (1);
a05a70ab 1146# else
fa64c868 1147 return (1);
a05a70ab 1148# endif
5abcdf8e 1149 }
fa64c868 1150 return (0);
5abcdf8e 1151}
1152
1d7b9b20 1153int
564dd50a 1154wtmp_get_entry(struct logininfo *li)
1155{
1d7b9b20 1156 struct stat st;
1157 struct utmp ut;
fa64c868 1158 int fd, found = 0;
5abcdf8e 1159
1160 /* Clear the time entries in our logininfo */
1161 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1162
1163 if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) {
d1cf9a87 1164 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1165 WTMP_FILE, strerror(errno));
fa64c868 1166 return (0);
1d7b9b20 1167 }
2b87da3b 1168 if (fstat(fd, &st) != 0) {
d1cf9a87 1169 logit("%s: couldn't stat %s: %s", __func__,
1d7b9b20 1170 WTMP_FILE, strerror(errno));
1171 close(fd);
fa64c868 1172 return (0);
1d7b9b20 1173 }
1d7b9b20 1174
5abcdf8e 1175 /* Seek to the start of the last struct utmp */
d9d47a26 1176 if (lseek(fd, -(off_t)sizeof(struct utmp), SEEK_END) == -1) {
5abcdf8e 1177 /* Looks like we've got a fresh wtmp file */
1178 close(fd);
fa64c868 1179 return (0);
5abcdf8e 1180 }
1181
1182 while (!found) {
9f32ceb4 1183 if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) {
d1cf9a87 1184 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1185 WTMP_FILE, strerror(errno));
1186 close (fd);
fa64c868 1187 return (0);
1d7b9b20 1188 }
5abcdf8e 1189 if ( wtmp_islogin(li, &ut) ) {
1190 found = 1;
fa64c868 1191 /*
1192 * We've already checked for a time in struct
1193 * utmp, in login_getlast()
1194 */
a05a70ab 1195# ifdef HAVE_TIME_IN_UTMP
1d7b9b20 1196 li->tv_sec = ut.ut_time;
a05a70ab 1197# else
1d7b9b20 1198# if HAVE_TV_IN_UTMP
1199 li->tv_sec = ut.ut_tv.tv_sec;
1200# endif
a05a70ab 1201# endif
5abcdf8e 1202 line_fullname(li->line, ut.ut_line,
fa64c868 1203 MIN_SIZEOF(li->line, ut.ut_line));
a05a70ab 1204# ifdef HAVE_HOST_IN_UTMP
5abcdf8e 1205 strlcpy(li->hostname, ut.ut_host,
fa64c868 1206 MIN_SIZEOF(li->hostname, ut.ut_host));
a05a70ab 1207# endif
5abcdf8e 1208 continue;
1d7b9b20 1209 }
5abcdf8e 1210 /* Seek back 2 x struct utmp */
d9d47a26 1211 if (lseek(fd, -(off_t)(2 * sizeof(struct utmp)), SEEK_CUR) == -1) {
5abcdf8e 1212 /* We've found the start of the file, so quit */
fa64c868 1213 close(fd);
1214 return (0);
1d7b9b20 1215 }
5abcdf8e 1216 }
1217
1218 /* We found an entry. Tidy up and return */
1219 close(fd);
fa64c868 1220 return (1);
564dd50a 1221}
a05a70ab 1222# endif /* USE_WTMP */
1d7b9b20 1223
1224
1225/**
564dd50a 1226 ** Low-level wtmpx functions
1d7b9b20 1227 **/
1228
1229#ifdef USE_WTMPX
fa64c868 1230/*
1231 * Write a wtmpx entry direct to the end of the file
1232 * This is a slight modification of code in OpenBSD's logwtmp.c
1233 */
1d7b9b20 1234static int
564dd50a 1235wtmpx_write(struct logininfo *li, struct utmpx *utx)
1236{
41c64c91 1237#ifndef HAVE_UPDWTMPX
1d7b9b20 1238 struct stat buf;
1239 int fd, ret = 1;
1240
1241 if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
d1cf9a87 1242 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1243 WTMPX_FILE, strerror(errno));
fa64c868 1244 return (0);
1d7b9b20 1245 }
1246
2b87da3b 1247 if (fstat(fd, &buf) == 0)
d72f7b79 1248 if (atomicio(vwrite, fd, utx, sizeof(*utx)) != sizeof(*utx)) {
1d7b9b20 1249 ftruncate(fd, buf.st_size);
a233586b 1250 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1251 WTMPX_FILE, strerror(errno));
1252 ret = 0;
1253 }
fa64c868 1254 close(fd);
1d7b9b20 1255
fa64c868 1256 return (ret);
41c64c91 1257#else
1258 updwtmpx(WTMPX_FILE, utx);
fa64c868 1259 return (1);
41c64c91 1260#endif
564dd50a 1261}
1d7b9b20 1262
1263
1264static int
564dd50a 1265wtmpx_perform_login(struct logininfo *li)
1266{
1d7b9b20 1267 struct utmpx utx;
1268
1269 construct_utmpx(li, &utx);
fa64c868 1270 return (wtmpx_write(li, &utx));
564dd50a 1271}
1d7b9b20 1272
1273
1274static int
564dd50a 1275wtmpx_perform_logout(struct logininfo *li)
1276{
1d7b9b20 1277 struct utmpx utx;
1278
1279 construct_utmpx(li, &utx);
fa64c868 1280 return (wtmpx_write(li, &utx));
564dd50a 1281}
1d7b9b20 1282
1283
1284int
564dd50a 1285wtmpx_write_entry(struct logininfo *li)
1286{
1d7b9b20 1287 switch(li->type) {
1288 case LTYPE_LOGIN:
fa64c868 1289 return (wtmpx_perform_login(li));
1d7b9b20 1290 case LTYPE_LOGOUT:
fa64c868 1291 return (wtmpx_perform_logout(li));
1d7b9b20 1292 default:
a233586b 1293 logit("%s: invalid type field", __func__);
fa64c868 1294 return (0);
1d7b9b20 1295 }
564dd50a 1296}
1d7b9b20 1297
5abcdf8e 1298/* Please see the notes above wtmp_islogin() for information about the
1299 next two functions */
1300
1301/* Return true if this wtmpx entry indicates a login */
1302static int
1303wtmpx_islogin(struct logininfo *li, struct utmpx *utx)
1304{
fa64c868 1305 if (strncmp(li->username, utx->ut_name,
1306 MIN_SIZEOF(li->username, utx->ut_name)) == 0 ) {
a05a70ab 1307# ifdef HAVE_TYPE_IN_UTMPX
5abcdf8e 1308 if (utx->ut_type == USER_PROCESS)
fa64c868 1309 return (1);
a05a70ab 1310# else
fa64c868 1311 return (1);
a05a70ab 1312# endif
5abcdf8e 1313 }
fa64c868 1314 return (0);
5abcdf8e 1315}
1316
1d7b9b20 1317
1318int
564dd50a 1319wtmpx_get_entry(struct logininfo *li)
1320{
1d7b9b20 1321 struct stat st;
1322 struct utmpx utx;
5abcdf8e 1323 int fd, found=0;
1324
1325 /* Clear the time entries */
1326 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1327
1328 if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) {
d1cf9a87 1329 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1330 WTMPX_FILE, strerror(errno));
fa64c868 1331 return (0);
1d7b9b20 1332 }
2b87da3b 1333 if (fstat(fd, &st) != 0) {
d1cf9a87 1334 logit("%s: couldn't stat %s: %s", __func__,
fdebdd4f 1335 WTMPX_FILE, strerror(errno));
1d7b9b20 1336 close(fd);
fa64c868 1337 return (0);
1d7b9b20 1338 }
2b87da3b 1339
5abcdf8e 1340 /* Seek to the start of the last struct utmpx */
d9d47a26 1341 if (lseek(fd, -(off_t)sizeof(struct utmpx), SEEK_END) == -1 ) {
5abcdf8e 1342 /* probably a newly rotated wtmpx file */
1343 close(fd);
fa64c868 1344 return (0);
5abcdf8e 1345 }
1d7b9b20 1346
5abcdf8e 1347 while (!found) {
9f32ceb4 1348 if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) {
d1cf9a87 1349 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1350 WTMPX_FILE, strerror(errno));
1351 close (fd);
fa64c868 1352 return (0);
1d7b9b20 1353 }
fa64c868 1354 /*
d1cf9a87 1355 * Logouts are recorded as a blank username on a particular
fa64c868 1356 * line. So, we just need to find the username in struct utmpx
1357 */
1358 if (wtmpx_islogin(li, &utx)) {
d80063fe 1359 found = 1;
fa64c868 1360# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 1361 li->tv_sec = utx.ut_tv.tv_sec;
fa64c868 1362# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 1363 li->tv_sec = utx.ut_time;
a05a70ab 1364# endif
a4d05724 1365 line_fullname(li->line, utx.ut_line, sizeof(li->line));
fa64c868 1366# if defined(HAVE_HOST_IN_UTMPX)
5abcdf8e 1367 strlcpy(li->hostname, utx.ut_host,
fa64c868 1368 MIN_SIZEOF(li->hostname, utx.ut_host));
a05a70ab 1369# endif
5abcdf8e 1370 continue;
1d7b9b20 1371 }
d9d47a26 1372 if (lseek(fd, -(off_t)(2 * sizeof(struct utmpx)), SEEK_CUR) == -1) {
fa64c868 1373 close(fd);
1374 return (0);
1d7b9b20 1375 }
5abcdf8e 1376 }
1377
1378 close(fd);
fa64c868 1379 return (1);
564dd50a 1380}
f988dce5 1381#endif /* USE_WTMPX */
1d7b9b20 1382
1d7b9b20 1383/**
564dd50a 1384 ** Low-level libutil login() functions
1d7b9b20 1385 **/
1386
1387#ifdef USE_LOGIN
1d7b9b20 1388static int
564dd50a 1389syslogin_perform_login(struct logininfo *li)
1390{
1d7b9b20 1391 struct utmp *ut;
1392
7a52470e 1393 ut = xmalloc(sizeof(*ut));
1d7b9b20 1394 construct_utmp(li, ut);
1395 login(ut);
6cef88bc 1396 free(ut);
1d7b9b20 1397
fa64c868 1398 return (1);
564dd50a 1399}
1d7b9b20 1400
564dd50a 1401static int
1402syslogin_perform_logout(struct logininfo *li)
1403{
a05a70ab 1404# ifdef HAVE_LOGOUT
f20d4564 1405 char line[UT_LINESIZE];
2b87da3b 1406
1d7b9b20 1407 (void)line_stripname(line, li->line, sizeof(line));
1408
fa64c868 1409 if (!logout(line))
a233586b 1410 logit("%s: logout() returned an error", __func__);
a05a70ab 1411# ifdef HAVE_LOGWTMP
fa64c868 1412 else
1d7b9b20 1413 logwtmp(line, "", "");
a05a70ab 1414# endif
5abcdf8e 1415 /* FIXME: (ATL - if the need arises) What to do if we have
1416 * login, but no logout? what if logout but no logwtmp? All
1417 * routines are in libutil so they should all be there,
1418 * but... */
a05a70ab 1419# endif
fa64c868 1420 return (1);
564dd50a 1421}
1d7b9b20 1422
1d7b9b20 1423int
564dd50a 1424syslogin_write_entry(struct logininfo *li)
1425{
1d7b9b20 1426 switch (li->type) {
1427 case LTYPE_LOGIN:
fa64c868 1428 return (syslogin_perform_login(li));
1d7b9b20 1429 case LTYPE_LOGOUT:
fa64c868 1430 return (syslogin_perform_logout(li));
1d7b9b20 1431 default:
a233586b 1432 logit("%s: Invalid type field", __func__);
fa64c868 1433 return (0);
1d7b9b20 1434 }
564dd50a 1435}
f988dce5 1436#endif /* USE_LOGIN */
1d7b9b20 1437
1438/* end of file log-syslogin.c */
1439
1d7b9b20 1440/**
564dd50a 1441 ** Low-level lastlog functions
1d7b9b20 1442 **/
1443
1444#ifdef USE_LASTLOG
a05a70ab 1445#define LL_FILE 1
1446#define LL_DIR 2
1447#define LL_OTHER 3
1d7b9b20 1448
1d7b9b20 1449static void
564dd50a 1450lastlog_construct(struct logininfo *li, struct lastlog *last)
1451{
1d7b9b20 1452 /* clear the structure */
dbaa2e87 1453 memset(last, '\0', sizeof(*last));
2b87da3b 1454
fa64c868 1455 line_stripname(last->ll_line, li->line, sizeof(last->ll_line));
5abcdf8e 1456 strlcpy(last->ll_host, li->hostname,
1457 MIN_SIZEOF(last->ll_host, li->hostname));
1d7b9b20 1458 last->ll_time = li->tv_sec;
564dd50a 1459}
1d7b9b20 1460
1d7b9b20 1461static int
564dd50a 1462lastlog_filetype(char *filename)
1463{
1d7b9b20 1464 struct stat st;
1465
a05a70ab 1466 if (stat(LASTLOG_FILE, &st) != 0) {
a233586b 1467 logit("%s: Couldn't stat %s: %s", __func__,
fa64c868 1468 LASTLOG_FILE, strerror(errno));
1469 return (0);
1d7b9b20 1470 }
1d7b9b20 1471 if (S_ISDIR(st.st_mode))
fa64c868 1472 return (LL_DIR);
1d7b9b20 1473 else if (S_ISREG(st.st_mode))
fa64c868 1474 return (LL_FILE);
1d7b9b20 1475 else
fa64c868 1476 return (LL_OTHER);
564dd50a 1477}
1d7b9b20 1478
1479
1480/* open the file (using filemode) and seek to the login entry */
1481static int
564dd50a 1482lastlog_openseek(struct logininfo *li, int *fd, int filemode)
1483{
1d7b9b20 1484 off_t offset;
1485 int type;
1486 char lastlog_file[1024];
1487
1488 type = lastlog_filetype(LASTLOG_FILE);
1489 switch (type) {
fa64c868 1490 case LL_FILE:
1491 strlcpy(lastlog_file, LASTLOG_FILE,
1492 sizeof(lastlog_file));
1493 break;
1494 case LL_DIR:
1495 snprintf(lastlog_file, sizeof(lastlog_file), "%s/%s",
1496 LASTLOG_FILE, li->username);
1497 break;
1498 default:
a233586b 1499 logit("%s: %.100s is not a file or directory!", __func__,
fa64c868 1500 LASTLOG_FILE);
1501 return (0);
a05a70ab 1502 }
1d7b9b20 1503
ee476051 1504 *fd = open(lastlog_file, filemode, 0600);
fa64c868 1505 if (*fd < 0) {
a233586b 1506 debug("%s: Couldn't open %s: %s", __func__,
1d7b9b20 1507 lastlog_file, strerror(errno));
fa64c868 1508 return (0);
1d7b9b20 1509 }
2b87da3b 1510
d93a7e5a 1511 if (type == LL_FILE) {
1512 /* find this uid's offset in the lastlog file */
d9d47a26 1513 offset = (off_t) ((long)li->uid * sizeof(struct lastlog));
1d7b9b20 1514
fa64c868 1515 if (lseek(*fd, offset, SEEK_SET) != offset) {
a233586b 1516 logit("%s: %s->lseek(): %s", __func__,
1517 lastlog_file, strerror(errno));
fa64c868 1518 return (0);
d93a7e5a 1519 }
1d7b9b20 1520 }
2b87da3b 1521
fa64c868 1522 return (1);
564dd50a 1523}
1d7b9b20 1524
1525static int
564dd50a 1526lastlog_perform_login(struct logininfo *li)
1527{
1d7b9b20 1528 struct lastlog last;
1529 int fd;
1530
1531 /* create our struct lastlog */
1532 lastlog_construct(li, &last);
1533
ee476051 1534 if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT))
fa64c868 1535 return (0);
2b87da3b 1536
1d7b9b20 1537 /* write the entry */
d72f7b79 1538 if (atomicio(vwrite, fd, &last, sizeof(last)) != sizeof(last)) {
1a022229 1539 close(fd);
a233586b 1540 logit("%s: Error writing to %s: %s", __func__,
1a022229 1541 LASTLOG_FILE, strerror(errno));
fa64c868 1542 return (0);
a05a70ab 1543 }
1a022229 1544
1545 close(fd);
fa64c868 1546 return (1);
564dd50a 1547}
1d7b9b20 1548
1d7b9b20 1549int
564dd50a 1550lastlog_write_entry(struct logininfo *li)
1551{
1d7b9b20 1552 switch(li->type) {
1553 case LTYPE_LOGIN:
fa64c868 1554 return (lastlog_perform_login(li));
1d7b9b20 1555 default:
a233586b 1556 logit("%s: Invalid type field", __func__);
fa64c868 1557 return (0);
1d7b9b20 1558 }
564dd50a 1559}
1d7b9b20 1560
1d7b9b20 1561static void
564dd50a 1562lastlog_populate_entry(struct logininfo *li, struct lastlog *last)
1563{
1d7b9b20 1564 line_fullname(li->line, last->ll_line, sizeof(li->line));
2b87da3b 1565 strlcpy(li->hostname, last->ll_host,
fa64c868 1566 MIN_SIZEOF(li->hostname, last->ll_host));
1d7b9b20 1567 li->tv_sec = last->ll_time;
564dd50a 1568}
1d7b9b20 1569
1d7b9b20 1570int
564dd50a 1571lastlog_get_entry(struct logininfo *li)
1572{
1d7b9b20 1573 struct lastlog last;
ed05a983 1574 int fd, ret;
1d7b9b20 1575
ce49121d 1576 if (!lastlog_openseek(li, &fd, O_RDONLY))
ed05a983 1577 return (0);
ce49121d 1578
ed05a983 1579 ret = atomicio(read, fd, &last, sizeof(last));
ce49121d 1580 close(fd);
1581
ed05a983 1582 switch (ret) {
1583 case 0:
1584 memset(&last, '\0', sizeof(last));
1585 /* FALLTHRU */
1586 case sizeof(last):
1587 lastlog_populate_entry(li, &last);
1588 return (1);
1589 case -1:
aff51935 1590 error("%s: Error reading from %s: %s", __func__,
ed05a983 1591 LASTLOG_FILE, strerror(errno));
1592 return (0);
1593 default:
1594 error("%s: Error reading from %s: Expecting %d, got %d",
dfde7f6e 1595 __func__, LASTLOG_FILE, (int)sizeof(last), ret);
ed05a983 1596 return (0);
1597 }
ce49121d 1598
ed05a983 1599 /* NOTREACHED */
1600 return (0);
564dd50a 1601}
f988dce5 1602#endif /* USE_LASTLOG */
b6610e8f 1603
1604#ifdef USE_BTMP
1605 /*
1606 * Logs failed login attempts in _PATH_BTMP if that exists.
1607 * The most common login failure is to give password instead of username.
1608 * So the _PATH_BTMP file checked for the correct permission, so that
1609 * only root can read it.
1610 */
1611
1612void
1613record_failed_login(const char *username, const char *hostname,
1614 const char *ttyn)
1615{
1616 int fd;
1617 struct utmp ut;
1618 struct sockaddr_storage from;
dfde7f6e 1619 socklen_t fromlen = sizeof(from);
b6610e8f 1620 struct sockaddr_in *a4;
1621 struct sockaddr_in6 *a6;
1622 time_t t;
1623 struct stat fst;
1624
1625 if (geteuid() != 0)
1626 return;
1627 if ((fd = open(_PATH_BTMP, O_WRONLY | O_APPEND)) < 0) {
1628 debug("Unable to open the btmp file %s: %s", _PATH_BTMP,
1629 strerror(errno));
1630 return;
1631 }
1632 if (fstat(fd, &fst) < 0) {
1633 logit("%s: fstat of %s failed: %s", __func__, _PATH_BTMP,
1634 strerror(errno));
1635 goto out;
1636 }
1637 if((fst.st_mode & (S_IRWXG | S_IRWXO)) || (fst.st_uid != 0)){
1638 logit("Excess permission or bad ownership on file %s",
1639 _PATH_BTMP);
1640 goto out;
1641 }
1642
1643 memset(&ut, 0, sizeof(ut));
1644 /* strncpy because we don't necessarily want nul termination */
1645 strncpy(ut.ut_user, username, sizeof(ut.ut_user));
1646 strlcpy(ut.ut_line, "ssh:notty", sizeof(ut.ut_line));
1647
1648 time(&t);
1649 ut.ut_time = t; /* ut_time is not always a time_t */
1650 ut.ut_type = LOGIN_PROCESS;
1651 ut.ut_pid = getpid();
1652
1653 /* strncpy because we don't necessarily want nul termination */
1654 strncpy(ut.ut_host, hostname, sizeof(ut.ut_host));
1655
1656 if (packet_connection_is_on_socket() &&
1657 getpeername(packet_get_connection_in(),
1658 (struct sockaddr *)&from, &fromlen) == 0) {
1659 ipv64_normalise_mapped(&from, &fromlen);
1660 if (from.ss_family == AF_INET) {
1661 a4 = (struct sockaddr_in *)&from;
1662 memcpy(&ut.ut_addr, &(a4->sin_addr),
1663 MIN_SIZEOF(ut.ut_addr, a4->sin_addr));
1664 }
1665#ifdef HAVE_ADDR_V6_IN_UTMP
1666 if (from.ss_family == AF_INET6) {
1667 a6 = (struct sockaddr_in6 *)&from;
1668 memcpy(&ut.ut_addr_v6, &(a6->sin6_addr),
1669 MIN_SIZEOF(ut.ut_addr_v6, a6->sin6_addr));
1670 }
1671#endif
1672 }
1673
1674 if (atomicio(vwrite, fd, &ut, sizeof(ut)) != sizeof(ut))
1675 error("Failed to write to %s: %s", _PATH_BTMP,
1676 strerror(errno));
1677
1678out:
1679 close(fd);
1680}
1681#endif /* USE_BTMP */
git-cvsimport mirror of OpenSSH
This page took 0.493892 seconds and 5 git commands to generate.