]> andersk Git - openssh.git/blame - loginrec.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [auth.c canohost.c canohost.h configure.ac defines.h loginrec.c]
[openssh.git] / loginrec.c
CommitLineData
1d7b9b20 1/*
2 * Copyright (c) 2000 Andre Lucas. All rights reserved.
564dd50a 3 * Portions copyright (c) 1998 Todd C. Miller
4 * Portions copyright (c) 1996 Jason Downs
5 * Portions copyright (c) 1996 Theo de Raadt
1d7b9b20 6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
1d7b9b20 15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
b6610e8f 28/*
29 * The btmp logging code is derived from login.c from util-linux and is under
30 * the the following license:
31 *
32 * Copyright (c) 1980, 1987, 1988 The Regents of the University of California.
33 * All rights reserved.
34 *
35 * Redistribution and use in source and binary forms are permitted
36 * provided that the above copyright notice and this paragraph are
37 * duplicated in all such forms and that any documentation,
38 * advertising materials, and other materials related to such
39 * distribution and use acknowledge that the software was developed
40 * by the University of California, Berkeley. The name of the
41 * University may not be used to endorse or promote products derived
42 * from this software without specific prior written permission.
43 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
44 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
45 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
46 */
47
48
2b87da3b 49/**
1d7b9b20 50 ** loginrec.c: platform-independent login recording and lastlog retrieval
51 **/
52
564dd50a 53/*
fa64c868 54 * The new login code explained
55 * ============================
56 *
57 * This code attempts to provide a common interface to login recording
58 * (utmp and friends) and last login time retrieval.
59 *
60 * Its primary means of achieving this is to use 'struct logininfo', a
61 * union of all the useful fields in the various different types of
62 * system login record structures one finds on UNIX variants.
63 *
64 * We depend on autoconf to define which recording methods are to be
65 * used, and which fields are contained in the relevant data structures
66 * on the local system. Many C preprocessor symbols affect which code
67 * gets compiled here.
68 *
69 * The code is designed to make it easy to modify a particular
70 * recording method, without affecting other methods nor requiring so
71 * many nested conditional compilation blocks as were commonplace in
72 * the old code.
73 *
74 * For login recording, we try to use the local system's libraries as
75 * these are clearly most likely to work correctly. For utmp systems
76 * this usually means login() and logout() or setutent() etc., probably
77 * in libutil, along with logwtmp() etc. On these systems, we fall back
78 * to writing the files directly if we have to, though this method
79 * requires very thorough testing so we do not corrupt local auditing
80 * information. These files and their access methods are very system
81 * specific indeed.
82 *
83 * For utmpx systems, the corresponding library functions are
84 * setutxent() etc. To the author's knowledge, all utmpx systems have
85 * these library functions and so no direct write is attempted. If such
86 * a system exists and needs support, direct analogues of the [uw]tmp
87 * code should suffice.
88 *
89 * Retrieving the time of last login ('lastlog') is in some ways even
90 * more problemmatic than login recording. Some systems provide a
91 * simple table of all users which we seek based on uid and retrieve a
92 * relatively standard structure. Others record the same information in
93 * a directory with a separate file, and others don't record the
94 * information separately at all. For systems in the latter category,
95 * we look backwards in the wtmp or wtmpx file for the last login entry
96 * for our user. Naturally this is slower and on busy systems could
97 * incur a significant performance penalty.
98 *
99 * Calling the new code
100 * --------------------
101 *
102 * In OpenSSH all login recording and retrieval is performed in
103 * login.c. Here you'll find working examples. Also, in the logintest.c
104 * program there are more examples.
105 *
106 * Internal handler calling method
107 * -------------------------------
108 *
109 * When a call is made to login_login() or login_logout(), both
110 * routines set a struct logininfo flag defining which action (log in,
111 * or log out) is to be taken. They both then call login_write(), which
112 * calls whichever of the many structure-specific handlers autoconf
113 * selects for the local system.
114 *
115 * The handlers themselves handle system data structure specifics. Both
116 * struct utmp and struct utmpx have utility functions (see
117 * construct_utmp*()) to try to make it simpler to add extra systems
118 * that introduce new features to either structure.
119 *
120 * While it may seem terribly wasteful to replicate so much similar
121 * code for each method, experience has shown that maintaining code to
122 * write both struct utmp and utmpx in one function, whilst maintaining
123 * support for all systems whether they have library support or not, is
124 * a difficult and time-consuming task.
125 *
126 * Lastlog support proceeds similarly. Functions login_get_lastlog()
127 * (and its OpenSSH-tuned friend login_get_lastlog_time()) call
128 * getlast_entry(), which tries one of three methods to find the last
129 * login time. It uses local system lastlog support if it can,
130 * otherwise it tries wtmp or wtmpx before giving up and returning 0,
131 * meaning "tilt".
132 *
133 * Maintenance
134 * -----------
135 *
136 * In many cases it's possible to tweak autoconf to select the correct
137 * methods for a particular platform, either by improving the detection
138 * code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE
139 * symbols for the platform.
140 *
141 * Use logintest to check which symbols are defined before modifying
142 * configure.ac and loginrec.c. (You have to build logintest yourself
143 * with 'make logintest' as it's not built by default.)
144 *
145 * Otherwise, patches to the specific method(s) are very helpful!
146 */
1d7b9b20 147
148#include "includes.h"
149
1d7b9b20 150#include "ssh.h"
151#include "xmalloc.h"
152#include "loginrec.h"
42f11eb2 153#include "log.h"
154#include "atomicio.h"
b6610e8f 155#include "packet.h"
156#include "canohost.h"
1d7b9b20 157
44d5f7f7 158#ifdef HAVE_UTIL_H
fa64c868 159# include <util.h>
44d5f7f7 160#endif
161
8f523d67 162#ifdef HAVE_LIBUTIL_H
fa64c868 163# include <libutil.h>
8f523d67 164#endif
165
fa64c868 166RCSID("$Id$");
167
1d7b9b20 168/**
169 ** prototypes for helper functions in this file
170 **/
171
172#if HAVE_UTMP_H
1d7b9b20 173void set_utmp_time(struct logininfo *li, struct utmp *ut);
174void construct_utmp(struct logininfo *li, struct utmp *ut);
175#endif
176
177#ifdef HAVE_UTMPX_H
1d7b9b20 178void set_utmpx_time(struct logininfo *li, struct utmpx *ut);
179void construct_utmpx(struct logininfo *li, struct utmpx *ut);
180#endif
181
182int utmp_write_entry(struct logininfo *li);
183int utmpx_write_entry(struct logininfo *li);
184int wtmp_write_entry(struct logininfo *li);
185int wtmpx_write_entry(struct logininfo *li);
186int lastlog_write_entry(struct logininfo *li);
187int syslogin_write_entry(struct logininfo *li);
188
189int getlast_entry(struct logininfo *li);
190int lastlog_get_entry(struct logininfo *li);
191int wtmp_get_entry(struct logininfo *li);
192int wtmpx_get_entry(struct logininfo *li);
193
5abcdf8e 194/* pick the shortest string */
fa64c868 195#define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))
5abcdf8e 196
1d7b9b20 197/**
198 ** platform-independent login functions
199 **/
200
fa64c868 201/*
202 * login_login(struct logininfo *) - Record a login
2b87da3b 203 *
5abcdf8e 204 * Call with a pointer to a struct logininfo initialised with
205 * login_init_entry() or login_alloc_entry()
206 *
207 * Returns:
208 * >0 if successful
209 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
210 */
564dd50a 211int
fa64c868 212login_login(struct logininfo *li)
564dd50a 213{
214 li->type = LTYPE_LOGIN;
fa64c868 215 return (login_write(li));
564dd50a 216}
1d7b9b20 217
218
fa64c868 219/*
220 * login_logout(struct logininfo *) - Record a logout
5abcdf8e 221 *
222 * Call as with login_login()
223 *
224 * Returns:
225 * >0 if successful
226 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
227 */
564dd50a 228int
229login_logout(struct logininfo *li)
230{
231 li->type = LTYPE_LOGOUT;
fa64c868 232 return (login_write(li));
1d7b9b20 233}
234
fa64c868 235/*
236 * login_get_lastlog_time(int) - Retrieve the last login time
5abcdf8e 237 *
238 * Retrieve the last login time for the given uid. Will try to use the
239 * system lastlog facilities if they are available, but will fall back
240 * to looking in wtmp/wtmpx if necessary
241 *
242 * Returns:
243 * 0 on failure, or if user has never logged in
244 * Time in seconds from the epoch if successful
245 *
246 * Useful preprocessor symbols:
247 * DISABLE_LASTLOG: If set, *never* even try to retrieve lastlog
248 * info
249 * USE_LASTLOG: If set, indicates the presence of system lastlog
250 * facilities. If this and DISABLE_LASTLOG are not set,
251 * try to retrieve lastlog information from wtmp/wtmpx.
252 */
564dd50a 253unsigned int
254login_get_lastlog_time(const int uid)
255{
256 struct logininfo li;
1d7b9b20 257
5abcdf8e 258 if (login_get_lastlog(&li, uid))
fa64c868 259 return (li.tv_sec);
5abcdf8e 260 else
fa64c868 261 return (0);
564dd50a 262}
1d7b9b20 263
fa64c868 264/*
265 * login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry
5abcdf8e 266 *
267 * Retrieve a logininfo structure populated (only partially) with
268 * information from the system lastlog data, or from wtmp/wtmpx if no
269 * system lastlog information exists.
270 *
271 * Note this routine must be given a pre-allocated logininfo.
272 *
273 * Returns:
274 * >0: A pointer to your struct logininfo if successful
275 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
5abcdf8e 276 */
564dd50a 277struct logininfo *
278login_get_lastlog(struct logininfo *li, const int uid)
279{
5abcdf8e 280 struct passwd *pw;
5abcdf8e 281
dbaa2e87 282 memset(li, '\0', sizeof(*li));
1d7b9b20 283 li->uid = uid;
5abcdf8e 284
2b87da3b 285 /*
9f32ceb4 286 * If we don't have a 'real' lastlog, we need the username to
5abcdf8e 287 * reliably search wtmp(x) for the last login (see
2b87da3b 288 * wtmp_get_entry().)
9f32ceb4 289 */
5abcdf8e 290 pw = getpwuid(uid);
a05a70ab 291 if (pw == NULL)
a233586b 292 fatal("%s: Cannot find account for uid %i", __func__, uid);
2b87da3b 293
1bfbb762 294 /* No MIN_SIZEOF here - we absolutely *must not* truncate the
fa64c868 295 * username (XXX - so check for trunc!) */
d8caae24 296 strlcpy(li->username, pw->pw_name, sizeof(li->username));
a05a70ab 297
564dd50a 298 if (getlast_entry(li))
fa64c868 299 return (li);
564dd50a 300 else
fa64c868 301 return (NULL);
1d7b9b20 302}
303
1d7b9b20 304
fa64c868 305/*
306 * login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
2b87da3b 307 * a logininfo structure
308 *
5abcdf8e 309 * This function creates a new struct logininfo, a data structure
310 * meant to carry the information required to portably record login info.
311 *
312 * Returns a pointer to a newly created struct logininfo. If memory
313 * allocation fails, the program halts.
314 */
564dd50a 315struct
316logininfo *login_alloc_entry(int pid, const char *username,
fa64c868 317 const char *hostname, const char *line)
564dd50a 318{
319 struct logininfo *newli;
1d7b9b20 320
fa64c868 321 newli = xmalloc(sizeof(*newli));
322 login_init_entry(newli, pid, username, hostname, line);
323 return (newli);
1d7b9b20 324}
325
326
5abcdf8e 327/* login_free_entry(struct logininfo *) - free struct memory */
1d7b9b20 328void
564dd50a 329login_free_entry(struct logininfo *li)
330{
331 xfree(li);
1d7b9b20 332}
333
334
5abcdf8e 335/* login_init_entry(struct logininfo *, int, char*, char*, char*)
336 * - initialise a struct logininfo
2b87da3b 337 *
5abcdf8e 338 * Populates a new struct logininfo, a data structure meant to carry
339 * the information required to portably record login info.
340 *
341 * Returns: 1
342 */
564dd50a 343int
2b87da3b 344login_init_entry(struct logininfo *li, int pid, const char *username,
fa64c868 345 const char *hostname, const char *line)
564dd50a 346{
d8caae24 347 struct passwd *pw;
2b87da3b 348
dbaa2e87 349 memset(li, 0, sizeof(*li));
2b87da3b 350
564dd50a 351 li->pid = pid;
d8caae24 352
564dd50a 353 /* set the line information */
354 if (line)
355 line_fullname(li->line, line, sizeof(li->line));
1d7b9b20 356
d8caae24 357 if (username) {
564dd50a 358 strlcpy(li->username, username, sizeof(li->username));
d8caae24 359 pw = getpwnam(li->username);
fa64c868 360 if (pw == NULL) {
a233586b 361 fatal("%s: Cannot find user \"%s\"", __func__,
fa64c868 362 li->username);
363 }
d8caae24 364 li->uid = pw->pw_uid;
365 }
a05a70ab 366
564dd50a 367 if (hostname)
368 strlcpy(li->hostname, hostname, sizeof(li->hostname));
d8caae24 369
fa64c868 370 return (1);
1d7b9b20 371}
372
fa64c868 373/*
374 * login_set_current_time(struct logininfo *) - set the current time
5abcdf8e 375 *
376 * Set the current time in a logininfo structure. This function is
377 * meant to eliminate the need to deal with system dependencies for
378 * time handling.
379 */
1d7b9b20 380void
564dd50a 381login_set_current_time(struct logininfo *li)
382{
1d7b9b20 383 struct timeval tv;
384
385 gettimeofday(&tv, NULL);
2b87da3b 386
d8caae24 387 li->tv_sec = tv.tv_sec;
388 li->tv_usec = tv.tv_usec;
1d7b9b20 389}
390
564dd50a 391/* copy a sockaddr_* into our logininfo */
1d7b9b20 392void
564dd50a 393login_set_addr(struct logininfo *li, const struct sockaddr *sa,
fa64c868 394 const unsigned int sa_size)
564dd50a 395{
396 unsigned int bufsize = sa_size;
397
398 /* make sure we don't overrun our union */
399 if (sizeof(li->hostaddr) < sa_size)
400 bufsize = sizeof(li->hostaddr);
401
fa64c868 402 memcpy(&li->hostaddr.sa, sa, bufsize);
1d7b9b20 403}
1d7b9b20 404
564dd50a 405
406/**
407 ** login_write: Call low-level recording functions based on autoconf
408 ** results
409 **/
1d7b9b20 410int
fa64c868 411login_write(struct logininfo *li)
564dd50a 412{
3c62e7eb 413#ifndef HAVE_CYGWIN
fa64c868 414 if (geteuid() != 0) {
415 logit("Attempt to write login records by non-root user (aborting)");
416 return (1);
1d7b9b20 417 }
3c62e7eb 418#endif
a05a70ab 419
1d7b9b20 420 /* set the timestamp */
421 login_set_current_time(li);
422#ifdef USE_LOGIN
423 syslogin_write_entry(li);
424#endif
425#ifdef USE_LASTLOG
fa64c868 426 if (li->type == LTYPE_LOGIN)
1d7b9b20 427 lastlog_write_entry(li);
1d7b9b20 428#endif
429#ifdef USE_UTMP
430 utmp_write_entry(li);
431#endif
432#ifdef USE_WTMP
433 wtmp_write_entry(li);
434#endif
435#ifdef USE_UTMPX
436 utmpx_write_entry(li);
437#endif
438#ifdef USE_WTMPX
439 wtmpx_write_entry(li);
f5ed3301 440#endif
441#ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
442 if (li->type == LTYPE_LOGIN &&
443 !sys_auth_record_login(li->username,li->hostname,li->line))
444 logit("Writing login record failed for %s", li->username);
1d7b9b20 445#endif
fa64c868 446 return (0);
1d7b9b20 447}
448
7e2d5fa4 449#ifdef LOGIN_NEEDS_UTMPX
450int
451login_utmp_only(struct logininfo *li)
452{
aff51935 453 li->type = LTYPE_LOGIN;
9e127e27 454 login_set_current_time(li);
7e2d5fa4 455# ifdef USE_UTMP
456 utmp_write_entry(li);
457# endif
458# ifdef USE_WTMP
459 wtmp_write_entry(li);
460# endif
461# ifdef USE_UTMPX
462 utmpx_write_entry(li);
463# endif
464# ifdef USE_WTMPX
465 wtmpx_write_entry(li);
466# endif
fa64c868 467 return (0);
7e2d5fa4 468}
469#endif
470
564dd50a 471/**
472 ** getlast_entry: Call low-level functions to retrieve the last login
473 ** time.
474 **/
1d7b9b20 475
564dd50a 476/* take the uid in li and return the last login time */
1d7b9b20 477int
564dd50a 478getlast_entry(struct logininfo *li)
479{
480#ifdef USE_LASTLOG
9f32ceb4 481 return(lastlog_get_entry(li));
a05a70ab 482#else /* !USE_LASTLOG */
1d7b9b20 483
fa64c868 484#if defined(DISABLE_LASTLOG)
2b87da3b 485 /* On some systems we shouldn't even try to obtain last login
3f45f1c3 486 * time, e.g. AIX */
fa64c868 487 return (0);
488# elif defined(USE_WTMP) && \
489 (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP))
564dd50a 490 /* retrieve last login time from utmp */
a05a70ab 491 return (wtmp_get_entry(li));
fa64c868 492# elif defined(USE_WTMPX) && \
493 (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX))
564dd50a 494 /* If wtmp isn't available, try wtmpx */
a05a70ab 495 return (wtmpx_get_entry(li));
fa64c868 496# else
564dd50a 497 /* Give up: No means of retrieving last login time */
fa64c868 498 return (0);
2b87da3b 499# endif /* DISABLE_LASTLOG */
a05a70ab 500#endif /* USE_LASTLOG */
564dd50a 501}
1d7b9b20 502
503
1d7b9b20 504
505/*
564dd50a 506 * 'line' string utility functions
507 *
508 * These functions process the 'line' string into one of three forms:
509 *
1d7b9b20 510 * 1. The full filename (including '/dev')
511 * 2. The stripped name (excluding '/dev')
564dd50a 512 * 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
513 * /dev/pts/1 -> ts/1 )
1d7b9b20 514 *
515 * Form 3 is used on some systems to identify a .tmp.? entry when
516 * attempting to remove it. Typically both addition and removal is
564dd50a 517 * performed by one application - say, sshd - so as long as the choice
518 * uniquely identifies a terminal it's ok.
1d7b9b20 519 */
520
521
fa64c868 522/*
523 * line_fullname(): add the leading '/dev/' if it doesn't exist make
524 * sure dst has enough space, if not just copy src (ugh)
525 */
1d7b9b20 526char *
564dd50a 527line_fullname(char *dst, const char *src, int dstsize)
528{
1d7b9b20 529 memset(dst, '\0', dstsize);
fa64c868 530 if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5)))
1d7b9b20 531 strlcpy(dst, src, dstsize);
fa64c868 532 else {
a4d05724 533 strlcpy(dst, "/dev/", dstsize);
1d7b9b20 534 strlcat(dst, src, dstsize);
535 }
fa64c868 536 return (dst);
1d7b9b20 537}
538
564dd50a 539/* line_stripname(): strip the leading '/dev' if it exists, return dst */
1d7b9b20 540char *
564dd50a 541line_stripname(char *dst, const char *src, int dstsize)
542{
1d7b9b20 543 memset(dst, '\0', dstsize);
544 if (strncmp(src, "/dev/", 5) == 0)
89d7510a 545 strlcpy(dst, src + 5, dstsize);
1d7b9b20 546 else
547 strlcpy(dst, src, dstsize);
fa64c868 548 return (dst);
564dd50a 549}
550
fa64c868 551/*
552 * line_abbrevname(): Return the abbreviated (usually four-character)
564dd50a 553 * form of the line (Just use the last <dstsize> characters of the
554 * full name.)
555 *
556 * NOTE: use strncpy because we do NOT necessarily want zero
fa64c868 557 * termination
558 */
1d7b9b20 559char *
2b87da3b 560line_abbrevname(char *dst, const char *src, int dstsize)
a05a70ab 561{
562 size_t len;
2b87da3b 563
1d7b9b20 564 memset(dst, '\0', dstsize);
2b87da3b 565
daaff4d5 566 /* Always skip prefix if present */
567 if (strncmp(src, "/dev/", 5) == 0)
568 src += 5;
2b87da3b 569
0e8f4eba 570#ifdef WITH_ABBREV_NO_TTY
571 if (strncmp(src, "tty", 3) == 0)
572 src += 3;
573#endif
574
a05a70ab 575 len = strlen(src);
576
daaff4d5 577 if (len > 0) {
578 if (((int)len - dstsize) > 0)
579 src += ((int)len - dstsize);
580
581 /* note: _don't_ change this to strlcpy */
2b87da3b 582 strncpy(dst, src, (size_t)dstsize);
a05a70ab 583 }
2b87da3b 584
fa64c868 585 return (dst);
1d7b9b20 586}
587
1d7b9b20 588/**
589 ** utmp utility functions
564dd50a 590 **
591 ** These functions manipulate struct utmp, taking system differences
592 ** into account.
1d7b9b20 593 **/
594
595#if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN)
596
1d7b9b20 597/* build the utmp structure */
598void
564dd50a 599set_utmp_time(struct logininfo *li, struct utmp *ut)
600{
fa64c868 601# if defined(HAVE_TV_IN_UTMP)
1d7b9b20 602 ut->ut_tv.tv_sec = li->tv_sec;
603 ut->ut_tv.tv_usec = li->tv_usec;
fa64c868 604# elif defined(HAVE_TIME_IN_UTMP)
1d7b9b20 605 ut->ut_time = li->tv_sec;
a05a70ab 606# endif
1d7b9b20 607}
608
609void
610construct_utmp(struct logininfo *li,
564dd50a 611 struct utmp *ut)
612{
9746ee4b 613# ifdef HAVE_ADDR_V6_IN_UTMP
614 struct sockaddr_in6 *sa6;
fa64c868 615# endif
616
dbaa2e87 617 memset(ut, '\0', sizeof(*ut));
5abcdf8e 618
619 /* First fill out fields used for both logins and logouts */
620
a05a70ab 621# ifdef HAVE_ID_IN_UTMP
1d7b9b20 622 line_abbrevname(ut->ut_id, li->line, sizeof(ut->ut_id));
a05a70ab 623# endif
1d7b9b20 624
a05a70ab 625# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 626 /* This is done here to keep utmp constants out of struct logininfo */
1d7b9b20 627 switch (li->type) {
628 case LTYPE_LOGIN:
629 ut->ut_type = USER_PROCESS;
ef51930f 630#ifdef _UNICOS
1a23ac2c 631 cray_set_tmpdir(ut);
632#endif
1d7b9b20 633 break;
634 case LTYPE_LOGOUT:
635 ut->ut_type = DEAD_PROCESS;
ef51930f 636#ifdef _UNICOS
1a23ac2c 637 cray_retain_utmp(ut, li->pid);
638#endif
1d7b9b20 639 break;
640 }
a05a70ab 641# endif
5abcdf8e 642 set_utmp_time(li, ut);
1d7b9b20 643
5abcdf8e 644 line_stripname(ut->ut_line, li->line, sizeof(ut->ut_line));
a05a70ab 645
646# ifdef HAVE_PID_IN_UTMP
1d7b9b20 647 ut->ut_pid = li->pid;
a05a70ab 648# endif
5abcdf8e 649
650 /* If we're logging out, leave all other fields blank */
651 if (li->type == LTYPE_LOGOUT)
fa64c868 652 return;
5abcdf8e 653
a05a70ab 654 /*
655 * These fields are only used when logging in, and are blank
2b87da3b 656 * for logouts.
a05a70ab 657 */
5abcdf8e 658
659 /* Use strncpy because we don't necessarily want null termination */
fa64c868 660 strncpy(ut->ut_name, li->username,
661 MIN_SIZEOF(ut->ut_name, li->username));
a05a70ab 662# ifdef HAVE_HOST_IN_UTMP
fa64c868 663 strncpy(ut->ut_host, li->hostname,
664 MIN_SIZEOF(ut->ut_host, li->hostname));
a05a70ab 665# endif
666# ifdef HAVE_ADDR_IN_UTMP
564dd50a 667 /* this is just a 32-bit IP address */
668 if (li->hostaddr.sa.sa_family == AF_INET)
669 ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
2b87da3b 670# endif
9746ee4b 671# ifdef HAVE_ADDR_V6_IN_UTMP
672 /* this is just a 128-bit IPv6 address */
673 if (li->hostaddr.sa.sa_family == AF_INET6) {
674 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
675 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
676 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
677 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
678 ut->ut_addr_v6[1] = 0;
679 ut->ut_addr_v6[2] = 0;
680 ut->ut_addr_v6[3] = 0;
681 }
682 }
683# endif
564dd50a 684}
a05a70ab 685#endif /* USE_UTMP || USE_WTMP || USE_LOGIN */
564dd50a 686
1d7b9b20 687/**
688 ** utmpx utility functions
564dd50a 689 **
690 ** These functions manipulate struct utmpx, accounting for system
691 ** variations.
1d7b9b20 692 **/
693
694#if defined(USE_UTMPX) || defined (USE_WTMPX)
1d7b9b20 695/* build the utmpx structure */
696void
564dd50a 697set_utmpx_time(struct logininfo *li, struct utmpx *utx)
698{
fa64c868 699# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 700 utx->ut_tv.tv_sec = li->tv_sec;
701 utx->ut_tv.tv_usec = li->tv_usec;
fa64c868 702# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 703 utx->ut_time = li->tv_sec;
fa64c868 704# endif
1d7b9b20 705}
706
707void
564dd50a 708construct_utmpx(struct logininfo *li, struct utmpx *utx)
709{
9746ee4b 710# ifdef HAVE_ADDR_V6_IN_UTMP
711 struct sockaddr_in6 *sa6;
712# endif
dbaa2e87 713 memset(utx, '\0', sizeof(*utx));
fa64c868 714
daaff4d5 715# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 716 line_abbrevname(utx->ut_id, li->line, sizeof(utx->ut_id));
daaff4d5 717# endif
1d7b9b20 718
719 /* this is done here to keep utmp constants out of loginrec.h */
720 switch (li->type) {
721 case LTYPE_LOGIN:
722 utx->ut_type = USER_PROCESS;
723 break;
724 case LTYPE_LOGOUT:
725 utx->ut_type = DEAD_PROCESS;
726 break;
727 }
1d7b9b20 728 line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line));
1d7b9b20 729 set_utmpx_time(li, utx);
5abcdf8e 730 utx->ut_pid = li->pid;
fa64c868 731
f3837bc6 732 /* strncpy(): Don't necessarily want null termination */
fa64c868 733 strncpy(utx->ut_name, li->username,
734 MIN_SIZEOF(utx->ut_name, li->username));
5abcdf8e 735
736 if (li->type == LTYPE_LOGOUT)
737 return;
738
a05a70ab 739 /*
740 * These fields are only used when logging in, and are blank
2b87da3b 741 * for logouts.
a05a70ab 742 */
5abcdf8e 743
a05a70ab 744# ifdef HAVE_HOST_IN_UTMPX
fa64c868 745 strncpy(utx->ut_host, li->hostname,
746 MIN_SIZEOF(utx->ut_host, li->hostname));
a05a70ab 747# endif
748# ifdef HAVE_ADDR_IN_UTMPX
764d4113 749 /* this is just a 32-bit IP address */
750 if (li->hostaddr.sa.sa_family == AF_INET)
751 utx->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
a05a70ab 752# endif
9746ee4b 753# ifdef HAVE_ADDR_V6_IN_UTMP
754 /* this is just a 128-bit IPv6 address */
755 if (li->hostaddr.sa.sa_family == AF_INET6) {
756 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
757 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
758 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
759 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
760 ut->ut_addr_v6[1] = 0;
761 ut->ut_addr_v6[2] = 0;
762 ut->ut_addr_v6[3] = 0;
763 }
764 }
765# endif
a05a70ab 766# ifdef HAVE_SYSLEN_IN_UTMPX
5abcdf8e 767 /* ut_syslen is the length of the utx_host string */
768 utx->ut_syslen = MIN(strlen(li->hostname), sizeof(utx->ut_host));
a05a70ab 769# endif
564dd50a 770}
a05a70ab 771#endif /* USE_UTMPX || USE_WTMPX */
1d7b9b20 772
773/**
564dd50a 774 ** Low-level utmp functions
1d7b9b20 775 **/
776
777/* FIXME: (ATL) utmp_write_direct needs testing */
1d7b9b20 778#ifdef USE_UTMP
779
1d7b9b20 780/* if we can, use pututline() etc. */
a05a70ab 781# if !defined(DISABLE_PUTUTLINE) && defined(HAVE_SETUTENT) && \
782 defined(HAVE_PUTUTLINE)
1d7b9b20 783# define UTMP_USE_LIBRARY
a05a70ab 784# endif
1d7b9b20 785
786
787/* write a utmp entry with the system's help (pututline() and pals) */
a05a70ab 788# ifdef UTMP_USE_LIBRARY
1d7b9b20 789static int
564dd50a 790utmp_write_library(struct logininfo *li, struct utmp *ut)
791{
1d7b9b20 792 setutent();
793 pututline(ut);
a05a70ab 794# ifdef HAVE_ENDUTENT
1d7b9b20 795 endutent();
a05a70ab 796# endif
fa64c868 797 return (1);
564dd50a 798}
a05a70ab 799# else /* UTMP_USE_LIBRARY */
1d7b9b20 800
fa64c868 801/*
802 * Write a utmp entry direct to the file
803 * This is a slightly modification of code in OpenBSD's login.c
804 */
1d7b9b20 805static int
564dd50a 806utmp_write_direct(struct logininfo *li, struct utmp *ut)
807{
1d7b9b20 808 struct utmp old_ut;
809 register int fd;
810 int tty;
811
5abcdf8e 812 /* FIXME: (ATL) ttyslot() needs local implementation */
dbaa2e87 813
698d107e 814#if defined(HAVE_GETTTYENT)
fa64c868 815 struct ttyent *ty;
dbaa2e87 816
817 tty=0;
dbaa2e87 818 setttyent();
fa64c868 819 while (NULL != (ty = getttyent())) {
dbaa2e87 820 tty++;
821 if (!strncmp(ty->ty_name, ut->ut_line, sizeof(ut->ut_line)))
822 break;
823 }
824 endttyent();
825
fa64c868 826 if (NULL == ty) {
5f12e050 827 logit("%s: tty not found", __func__);
828 return (0);
dbaa2e87 829 }
830#else /* FIXME */
831
1d7b9b20 832 tty = ttyslot(); /* seems only to work for /dev/ttyp? style names */
833
698d107e 834#endif /* HAVE_GETTTYENT */
dbaa2e87 835
1d7b9b20 836 if (tty > 0 && (fd = open(UTMP_FILE, O_RDWR|O_CREAT, 0644)) >= 0) {
5f12e050 837 off_t pos, ret;
838
839 pos = (off_t)tty * sizeof(struct utmp);
840 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 841 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 842 return (0);
843 }
844 if (ret != pos) {
f6d20d59 845 logit("%s: Couldn't seek to tty %d slot in %s",
846 __func__, tty, UTMP_FILE);
5f12e050 847 return (0);
848 }
1d7b9b20 849 /*
850 * Prevent luser from zero'ing out ut_host.
851 * If the new ut_line is empty but the old one is not
dc2a6d09 852 * and ut_line and ut_name match, preserve the old ut_line.
1d7b9b20 853 */
2b87da3b 854 if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) &&
fa64c868 855 (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') &&
856 (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) &&
857 (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0))
858 memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host));
2b87da3b 859
5f12e050 860 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 861 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 862 return (0);
863 }
864 if (ret != pos) {
f6d20d59 865 logit("%s: Couldn't seek to tty %d slot in %s",
5f12e050 866 __func__, tty, UTMP_FILE);
867 return (0);
868 }
fa64c868 869 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
5f12e050 870 logit("%s: error writing %s: %s", __func__,
5abcdf8e 871 UTMP_FILE, strerror(errno));
fa64c868 872 }
2b87da3b 873
fa64c868 874 close(fd);
875 return (1);
9f32ceb4 876 } else {
fa64c868 877 return (0);
9f32ceb4 878 }
564dd50a 879}
a05a70ab 880# endif /* UTMP_USE_LIBRARY */
1d7b9b20 881
882static int
564dd50a 883utmp_perform_login(struct logininfo *li)
884{
1d7b9b20 885 struct utmp ut;
886
887 construct_utmp(li, &ut);
a05a70ab 888# ifdef UTMP_USE_LIBRARY
1d7b9b20 889 if (!utmp_write_library(li, &ut)) {
a233586b 890 logit("%s: utmp_write_library() failed", __func__);
fa64c868 891 return (0);
1d7b9b20 892 }
a05a70ab 893# else
1d7b9b20 894 if (!utmp_write_direct(li, &ut)) {
a233586b 895 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 896 return (0);
1d7b9b20 897 }
a05a70ab 898# endif
fa64c868 899 return (1);
564dd50a 900}
1d7b9b20 901
902
903static int
564dd50a 904utmp_perform_logout(struct logininfo *li)
905{
1d7b9b20 906 struct utmp ut;
907
5abcdf8e 908 construct_utmp(li, &ut);
a05a70ab 909# ifdef UTMP_USE_LIBRARY
5abcdf8e 910 if (!utmp_write_library(li, &ut)) {
a233586b 911 logit("%s: utmp_write_library() failed", __func__);
fa64c868 912 return (0);
5abcdf8e 913 }
a05a70ab 914# else
5abcdf8e 915 if (!utmp_write_direct(li, &ut)) {
a233586b 916 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 917 return (0);
5abcdf8e 918 }
a05a70ab 919# endif
fa64c868 920 return (1);
564dd50a 921}
1d7b9b20 922
923
924int
564dd50a 925utmp_write_entry(struct logininfo *li)
926{
1d7b9b20 927 switch(li->type) {
928 case LTYPE_LOGIN:
fa64c868 929 return (utmp_perform_login(li));
1d7b9b20 930
931 case LTYPE_LOGOUT:
fa64c868 932 return (utmp_perform_logout(li));
1d7b9b20 933
934 default:
a233586b 935 logit("%s: invalid type field", __func__);
fa64c868 936 return (0);
1d7b9b20 937 }
564dd50a 938}
a05a70ab 939#endif /* USE_UTMP */
1d7b9b20 940
941
942/**
564dd50a 943 ** Low-level utmpx functions
1d7b9b20 944 **/
945
946/* not much point if we don't want utmpx entries */
947#ifdef USE_UTMPX
948
1d7b9b20 949/* if we have the wherewithall, use pututxline etc. */
a05a70ab 950# if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \
951 defined(HAVE_PUTUTXLINE)
1d7b9b20 952# define UTMPX_USE_LIBRARY
a05a70ab 953# endif
1d7b9b20 954
955
956/* write a utmpx entry with the system's help (pututxline() and pals) */
a05a70ab 957# ifdef UTMPX_USE_LIBRARY
1d7b9b20 958static int
564dd50a 959utmpx_write_library(struct logininfo *li, struct utmpx *utx)
960{
1d7b9b20 961 setutxent();
962 pututxline(utx);
963
a05a70ab 964# ifdef HAVE_ENDUTXENT
1d7b9b20 965 endutxent();
a05a70ab 966# endif
fa64c868 967 return (1);
564dd50a 968}
1d7b9b20 969
a05a70ab 970# else /* UTMPX_USE_LIBRARY */
1d7b9b20 971
972/* write a utmp entry direct to the file */
973static int
564dd50a 974utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
2b87da3b 975{
a233586b 976 logit("%s: not implemented!", __func__);
fa64c868 977 return (0);
564dd50a 978}
a05a70ab 979# endif /* UTMPX_USE_LIBRARY */
1d7b9b20 980
981static int
564dd50a 982utmpx_perform_login(struct logininfo *li)
983{
1d7b9b20 984 struct utmpx utx;
985
986 construct_utmpx(li, &utx);
a05a70ab 987# ifdef UTMPX_USE_LIBRARY
1d7b9b20 988 if (!utmpx_write_library(li, &utx)) {
a233586b 989 logit("%s: utmp_write_library() failed", __func__);
fa64c868 990 return (0);
1d7b9b20 991 }
a05a70ab 992# else
1d7b9b20 993 if (!utmpx_write_direct(li, &ut)) {
a233586b 994 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 995 return (0);
1d7b9b20 996 }
a05a70ab 997# endif
fa64c868 998 return (1);
564dd50a 999}
1d7b9b20 1000
1001
1002static int
564dd50a 1003utmpx_perform_logout(struct logininfo *li)
1004{
1d7b9b20 1005 struct utmpx utx;
1006
f3837bc6 1007 construct_utmpx(li, &utx);
a05a70ab 1008# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 1009 line_abbrevname(utx.ut_id, li->line, sizeof(utx.ut_id));
a05a70ab 1010# endif
1011# ifdef HAVE_TYPE_IN_UTMPX
1d7b9b20 1012 utx.ut_type = DEAD_PROCESS;
a05a70ab 1013# endif
1d7b9b20 1014
a05a70ab 1015# ifdef UTMPX_USE_LIBRARY
1d7b9b20 1016 utmpx_write_library(li, &utx);
a05a70ab 1017# else
1d7b9b20 1018 utmpx_write_direct(li, &utx);
a05a70ab 1019# endif
fa64c868 1020 return (1);
564dd50a 1021}
1d7b9b20 1022
1d7b9b20 1023int
564dd50a 1024utmpx_write_entry(struct logininfo *li)
1025{
1d7b9b20 1026 switch(li->type) {
1027 case LTYPE_LOGIN:
fa64c868 1028 return (utmpx_perform_login(li));
1d7b9b20 1029 case LTYPE_LOGOUT:
fa64c868 1030 return (utmpx_perform_logout(li));
1d7b9b20 1031 default:
a233586b 1032 logit("%s: invalid type field", __func__);
fa64c868 1033 return (0);
1d7b9b20 1034 }
564dd50a 1035}
a05a70ab 1036#endif /* USE_UTMPX */
1d7b9b20 1037
1038
1039/**
564dd50a 1040 ** Low-level wtmp functions
1d7b9b20 1041 **/
1042
2b87da3b 1043#ifdef USE_WTMP
1d7b9b20 1044
fa64c868 1045/*
1046 * Write a wtmp entry direct to the end of the file
1047 * This is a slight modification of code in OpenBSD's logwtmp.c
1048 */
1d7b9b20 1049static int
564dd50a 1050wtmp_write(struct logininfo *li, struct utmp *ut)
1051{
1d7b9b20 1052 struct stat buf;
1053 int fd, ret = 1;
1054
1055 if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
a233586b 1056 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1057 WTMP_FILE, strerror(errno));
fa64c868 1058 return (0);
1d7b9b20 1059 }
2b87da3b 1060 if (fstat(fd, &buf) == 0)
d72f7b79 1061 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
1d7b9b20 1062 ftruncate(fd, buf.st_size);
a233586b 1063 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1064 WTMP_FILE, strerror(errno));
1065 ret = 0;
1066 }
fa64c868 1067 close(fd);
1068 return (ret);
564dd50a 1069}
1d7b9b20 1070
1d7b9b20 1071static int
a05a70ab 1072wtmp_perform_login(struct logininfo *li)
1073{
1d7b9b20 1074 struct utmp ut;
1075
1076 construct_utmp(li, &ut);
fa64c868 1077 return (wtmp_write(li, &ut));
564dd50a 1078}
1d7b9b20 1079
1080
1081static int
564dd50a 1082wtmp_perform_logout(struct logininfo *li)
1083{
1d7b9b20 1084 struct utmp ut;
1085
1086 construct_utmp(li, &ut);
fa64c868 1087 return (wtmp_write(li, &ut));
564dd50a 1088}
1d7b9b20 1089
1090
1091int
564dd50a 1092wtmp_write_entry(struct logininfo *li)
1093{
1d7b9b20 1094 switch(li->type) {
1095 case LTYPE_LOGIN:
fa64c868 1096 return (wtmp_perform_login(li));
1d7b9b20 1097 case LTYPE_LOGOUT:
fa64c868 1098 return (wtmp_perform_logout(li));
1d7b9b20 1099 default:
a233586b 1100 logit("%s: invalid type field", __func__);
fa64c868 1101 return (0);
1d7b9b20 1102 }
564dd50a 1103}
1d7b9b20 1104
1105
fa64c868 1106/*
1107 * Notes on fetching login data from wtmp/wtmpx
2b87da3b 1108 *
5abcdf8e 1109 * Logouts are usually recorded with (amongst other things) a blank
1110 * username on a given tty line. However, some systems (HP-UX is one)
1111 * leave all fields set, but change the ut_type field to DEAD_PROCESS.
1112 *
1113 * Since we're only looking for logins here, we know that the username
1114 * must be set correctly. On systems that leave it in, we check for
1115 * ut_type==USER_PROCESS (indicating a login.)
1116 *
1117 * Portability: Some systems may set something other than USER_PROCESS
1118 * to indicate a login process. I don't know of any as I write. Also,
1119 * it's possible that some systems may both leave the username in
1120 * place and not have ut_type.
1121 */
1122
5abcdf8e 1123/* return true if this wtmp entry indicates a login */
1124static int
1125wtmp_islogin(struct logininfo *li, struct utmp *ut)
1126{
2b87da3b 1127 if (strncmp(li->username, ut->ut_name,
fa64c868 1128 MIN_SIZEOF(li->username, ut->ut_name)) == 0) {
a05a70ab 1129# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 1130 if (ut->ut_type & USER_PROCESS)
fa64c868 1131 return (1);
a05a70ab 1132# else
fa64c868 1133 return (1);
a05a70ab 1134# endif
5abcdf8e 1135 }
fa64c868 1136 return (0);
5abcdf8e 1137}
1138
1d7b9b20 1139int
564dd50a 1140wtmp_get_entry(struct logininfo *li)
1141{
1d7b9b20 1142 struct stat st;
1143 struct utmp ut;
fa64c868 1144 int fd, found = 0;
5abcdf8e 1145
1146 /* Clear the time entries in our logininfo */
1147 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1148
1149 if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) {
a233586b 1150 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1151 WTMP_FILE, strerror(errno));
fa64c868 1152 return (0);
1d7b9b20 1153 }
2b87da3b 1154 if (fstat(fd, &st) != 0) {
a233586b 1155 logit("%s: couldn't stat %s: %s", __func__,
1d7b9b20 1156 WTMP_FILE, strerror(errno));
1157 close(fd);
fa64c868 1158 return (0);
1d7b9b20 1159 }
1d7b9b20 1160
5abcdf8e 1161 /* Seek to the start of the last struct utmp */
d9d47a26 1162 if (lseek(fd, -(off_t)sizeof(struct utmp), SEEK_END) == -1) {
5abcdf8e 1163 /* Looks like we've got a fresh wtmp file */
1164 close(fd);
fa64c868 1165 return (0);
5abcdf8e 1166 }
1167
1168 while (!found) {
9f32ceb4 1169 if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) {
a233586b 1170 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1171 WTMP_FILE, strerror(errno));
1172 close (fd);
fa64c868 1173 return (0);
1d7b9b20 1174 }
5abcdf8e 1175 if ( wtmp_islogin(li, &ut) ) {
1176 found = 1;
fa64c868 1177 /*
1178 * We've already checked for a time in struct
1179 * utmp, in login_getlast()
1180 */
a05a70ab 1181# ifdef HAVE_TIME_IN_UTMP
1d7b9b20 1182 li->tv_sec = ut.ut_time;
a05a70ab 1183# else
1d7b9b20 1184# if HAVE_TV_IN_UTMP
1185 li->tv_sec = ut.ut_tv.tv_sec;
1186# endif
a05a70ab 1187# endif
5abcdf8e 1188 line_fullname(li->line, ut.ut_line,
fa64c868 1189 MIN_SIZEOF(li->line, ut.ut_line));
a05a70ab 1190# ifdef HAVE_HOST_IN_UTMP
5abcdf8e 1191 strlcpy(li->hostname, ut.ut_host,
fa64c868 1192 MIN_SIZEOF(li->hostname, ut.ut_host));
a05a70ab 1193# endif
5abcdf8e 1194 continue;
1d7b9b20 1195 }
5abcdf8e 1196 /* Seek back 2 x struct utmp */
d9d47a26 1197 if (lseek(fd, -(off_t)(2 * sizeof(struct utmp)), SEEK_CUR) == -1) {
5abcdf8e 1198 /* We've found the start of the file, so quit */
fa64c868 1199 close(fd);
1200 return (0);
1d7b9b20 1201 }
5abcdf8e 1202 }
1203
1204 /* We found an entry. Tidy up and return */
1205 close(fd);
fa64c868 1206 return (1);
564dd50a 1207}
a05a70ab 1208# endif /* USE_WTMP */
1d7b9b20 1209
1210
1211/**
564dd50a 1212 ** Low-level wtmpx functions
1d7b9b20 1213 **/
1214
1215#ifdef USE_WTMPX
fa64c868 1216/*
1217 * Write a wtmpx entry direct to the end of the file
1218 * This is a slight modification of code in OpenBSD's logwtmp.c
1219 */
1d7b9b20 1220static int
564dd50a 1221wtmpx_write(struct logininfo *li, struct utmpx *utx)
1222{
41c64c91 1223#ifndef HAVE_UPDWTMPX
1d7b9b20 1224 struct stat buf;
1225 int fd, ret = 1;
1226
1227 if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
a233586b 1228 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1229 WTMPX_FILE, strerror(errno));
fa64c868 1230 return (0);
1d7b9b20 1231 }
1232
2b87da3b 1233 if (fstat(fd, &buf) == 0)
d72f7b79 1234 if (atomicio(vwrite, fd, utx, sizeof(*utx)) != sizeof(*utx)) {
1d7b9b20 1235 ftruncate(fd, buf.st_size);
a233586b 1236 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1237 WTMPX_FILE, strerror(errno));
1238 ret = 0;
1239 }
fa64c868 1240 close(fd);
1d7b9b20 1241
fa64c868 1242 return (ret);
41c64c91 1243#else
1244 updwtmpx(WTMPX_FILE, utx);
fa64c868 1245 return (1);
41c64c91 1246#endif
564dd50a 1247}
1d7b9b20 1248
1249
1250static int
564dd50a 1251wtmpx_perform_login(struct logininfo *li)
1252{
1d7b9b20 1253 struct utmpx utx;
1254
1255 construct_utmpx(li, &utx);
fa64c868 1256 return (wtmpx_write(li, &utx));
564dd50a 1257}
1d7b9b20 1258
1259
1260static int
564dd50a 1261wtmpx_perform_logout(struct logininfo *li)
1262{
1d7b9b20 1263 struct utmpx utx;
1264
1265 construct_utmpx(li, &utx);
fa64c868 1266 return (wtmpx_write(li, &utx));
564dd50a 1267}
1d7b9b20 1268
1269
1270int
564dd50a 1271wtmpx_write_entry(struct logininfo *li)
1272{
1d7b9b20 1273 switch(li->type) {
1274 case LTYPE_LOGIN:
fa64c868 1275 return (wtmpx_perform_login(li));
1d7b9b20 1276 case LTYPE_LOGOUT:
fa64c868 1277 return (wtmpx_perform_logout(li));
1d7b9b20 1278 default:
a233586b 1279 logit("%s: invalid type field", __func__);
fa64c868 1280 return (0);
1d7b9b20 1281 }
564dd50a 1282}
1d7b9b20 1283
5abcdf8e 1284/* Please see the notes above wtmp_islogin() for information about the
1285 next two functions */
1286
1287/* Return true if this wtmpx entry indicates a login */
1288static int
1289wtmpx_islogin(struct logininfo *li, struct utmpx *utx)
1290{
fa64c868 1291 if (strncmp(li->username, utx->ut_name,
1292 MIN_SIZEOF(li->username, utx->ut_name)) == 0 ) {
a05a70ab 1293# ifdef HAVE_TYPE_IN_UTMPX
5abcdf8e 1294 if (utx->ut_type == USER_PROCESS)
fa64c868 1295 return (1);
a05a70ab 1296# else
fa64c868 1297 return (1);
a05a70ab 1298# endif
5abcdf8e 1299 }
fa64c868 1300 return (0);
5abcdf8e 1301}
1302
1d7b9b20 1303
1304int
564dd50a 1305wtmpx_get_entry(struct logininfo *li)
1306{
1d7b9b20 1307 struct stat st;
1308 struct utmpx utx;
5abcdf8e 1309 int fd, found=0;
1310
1311 /* Clear the time entries */
1312 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1313
1314 if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) {
a233586b 1315 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1316 WTMPX_FILE, strerror(errno));
fa64c868 1317 return (0);
1d7b9b20 1318 }
2b87da3b 1319 if (fstat(fd, &st) != 0) {
a233586b 1320 logit("%s: couldn't stat %s: %s", __func__,
fdebdd4f 1321 WTMPX_FILE, strerror(errno));
1d7b9b20 1322 close(fd);
fa64c868 1323 return (0);
1d7b9b20 1324 }
2b87da3b 1325
5abcdf8e 1326 /* Seek to the start of the last struct utmpx */
d9d47a26 1327 if (lseek(fd, -(off_t)sizeof(struct utmpx), SEEK_END) == -1 ) {
5abcdf8e 1328 /* probably a newly rotated wtmpx file */
1329 close(fd);
fa64c868 1330 return (0);
5abcdf8e 1331 }
1d7b9b20 1332
5abcdf8e 1333 while (!found) {
9f32ceb4 1334 if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) {
a233586b 1335 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1336 WTMPX_FILE, strerror(errno));
1337 close (fd);
fa64c868 1338 return (0);
1d7b9b20 1339 }
fa64c868 1340 /*
1341 * Logouts are recorded as a blank username on a particular
1342 * line. So, we just need to find the username in struct utmpx
1343 */
1344 if (wtmpx_islogin(li, &utx)) {
d80063fe 1345 found = 1;
fa64c868 1346# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 1347 li->tv_sec = utx.ut_tv.tv_sec;
fa64c868 1348# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 1349 li->tv_sec = utx.ut_time;
a05a70ab 1350# endif
a4d05724 1351 line_fullname(li->line, utx.ut_line, sizeof(li->line));
fa64c868 1352# if defined(HAVE_HOST_IN_UTMPX)
5abcdf8e 1353 strlcpy(li->hostname, utx.ut_host,
fa64c868 1354 MIN_SIZEOF(li->hostname, utx.ut_host));
a05a70ab 1355# endif
5abcdf8e 1356 continue;
1d7b9b20 1357 }
d9d47a26 1358 if (lseek(fd, -(off_t)(2 * sizeof(struct utmpx)), SEEK_CUR) == -1) {
fa64c868 1359 close(fd);
1360 return (0);
1d7b9b20 1361 }
5abcdf8e 1362 }
1363
1364 close(fd);
fa64c868 1365 return (1);
564dd50a 1366}
f988dce5 1367#endif /* USE_WTMPX */
1d7b9b20 1368
1d7b9b20 1369/**
564dd50a 1370 ** Low-level libutil login() functions
1d7b9b20 1371 **/
1372
1373#ifdef USE_LOGIN
1d7b9b20 1374static int
564dd50a 1375syslogin_perform_login(struct logininfo *li)
1376{
1d7b9b20 1377 struct utmp *ut;
1378
7a52470e 1379 ut = xmalloc(sizeof(*ut));
1d7b9b20 1380 construct_utmp(li, ut);
1381 login(ut);
6cef88bc 1382 free(ut);
1d7b9b20 1383
fa64c868 1384 return (1);
564dd50a 1385}
1d7b9b20 1386
564dd50a 1387static int
1388syslogin_perform_logout(struct logininfo *li)
1389{
a05a70ab 1390# ifdef HAVE_LOGOUT
f20d4564 1391 char line[UT_LINESIZE];
2b87da3b 1392
1d7b9b20 1393 (void)line_stripname(line, li->line, sizeof(line));
1394
fa64c868 1395 if (!logout(line))
a233586b 1396 logit("%s: logout() returned an error", __func__);
a05a70ab 1397# ifdef HAVE_LOGWTMP
fa64c868 1398 else
1d7b9b20 1399 logwtmp(line, "", "");
a05a70ab 1400# endif
5abcdf8e 1401 /* FIXME: (ATL - if the need arises) What to do if we have
1402 * login, but no logout? what if logout but no logwtmp? All
1403 * routines are in libutil so they should all be there,
1404 * but... */
a05a70ab 1405# endif
fa64c868 1406 return (1);
564dd50a 1407}
1d7b9b20 1408
1d7b9b20 1409int
564dd50a 1410syslogin_write_entry(struct logininfo *li)
1411{
1d7b9b20 1412 switch (li->type) {
1413 case LTYPE_LOGIN:
fa64c868 1414 return (syslogin_perform_login(li));
1d7b9b20 1415 case LTYPE_LOGOUT:
fa64c868 1416 return (syslogin_perform_logout(li));
1d7b9b20 1417 default:
a233586b 1418 logit("%s: Invalid type field", __func__);
fa64c868 1419 return (0);
1d7b9b20 1420 }
564dd50a 1421}
f988dce5 1422#endif /* USE_LOGIN */
1d7b9b20 1423
1424/* end of file log-syslogin.c */
1425
1d7b9b20 1426/**
564dd50a 1427 ** Low-level lastlog functions
1d7b9b20 1428 **/
1429
1430#ifdef USE_LASTLOG
a05a70ab 1431#define LL_FILE 1
1432#define LL_DIR 2
1433#define LL_OTHER 3
1d7b9b20 1434
1d7b9b20 1435static void
564dd50a 1436lastlog_construct(struct logininfo *li, struct lastlog *last)
1437{
1d7b9b20 1438 /* clear the structure */
dbaa2e87 1439 memset(last, '\0', sizeof(*last));
2b87da3b 1440
fa64c868 1441 line_stripname(last->ll_line, li->line, sizeof(last->ll_line));
5abcdf8e 1442 strlcpy(last->ll_host, li->hostname,
1443 MIN_SIZEOF(last->ll_host, li->hostname));
1d7b9b20 1444 last->ll_time = li->tv_sec;
564dd50a 1445}
1d7b9b20 1446
1d7b9b20 1447static int
564dd50a 1448lastlog_filetype(char *filename)
1449{
1d7b9b20 1450 struct stat st;
1451
a05a70ab 1452 if (stat(LASTLOG_FILE, &st) != 0) {
a233586b 1453 logit("%s: Couldn't stat %s: %s", __func__,
fa64c868 1454 LASTLOG_FILE, strerror(errno));
1455 return (0);
1d7b9b20 1456 }
1d7b9b20 1457 if (S_ISDIR(st.st_mode))
fa64c868 1458 return (LL_DIR);
1d7b9b20 1459 else if (S_ISREG(st.st_mode))
fa64c868 1460 return (LL_FILE);
1d7b9b20 1461 else
fa64c868 1462 return (LL_OTHER);
564dd50a 1463}
1d7b9b20 1464
1465
1466/* open the file (using filemode) and seek to the login entry */
1467static int
564dd50a 1468lastlog_openseek(struct logininfo *li, int *fd, int filemode)
1469{
1d7b9b20 1470 off_t offset;
1471 int type;
1472 char lastlog_file[1024];
1473
1474 type = lastlog_filetype(LASTLOG_FILE);
1475 switch (type) {
fa64c868 1476 case LL_FILE:
1477 strlcpy(lastlog_file, LASTLOG_FILE,
1478 sizeof(lastlog_file));
1479 break;
1480 case LL_DIR:
1481 snprintf(lastlog_file, sizeof(lastlog_file), "%s/%s",
1482 LASTLOG_FILE, li->username);
1483 break;
1484 default:
a233586b 1485 logit("%s: %.100s is not a file or directory!", __func__,
fa64c868 1486 LASTLOG_FILE);
1487 return (0);
a05a70ab 1488 }
1d7b9b20 1489
ee476051 1490 *fd = open(lastlog_file, filemode, 0600);
fa64c868 1491 if (*fd < 0) {
a233586b 1492 debug("%s: Couldn't open %s: %s", __func__,
1d7b9b20 1493 lastlog_file, strerror(errno));
fa64c868 1494 return (0);
1d7b9b20 1495 }
2b87da3b 1496
d93a7e5a 1497 if (type == LL_FILE) {
1498 /* find this uid's offset in the lastlog file */
d9d47a26 1499 offset = (off_t) ((long)li->uid * sizeof(struct lastlog));
1d7b9b20 1500
fa64c868 1501 if (lseek(*fd, offset, SEEK_SET) != offset) {
a233586b 1502 logit("%s: %s->lseek(): %s", __func__,
1503 lastlog_file, strerror(errno));
fa64c868 1504 return (0);
d93a7e5a 1505 }
1d7b9b20 1506 }
2b87da3b 1507
fa64c868 1508 return (1);
564dd50a 1509}
1d7b9b20 1510
1511static int
564dd50a 1512lastlog_perform_login(struct logininfo *li)
1513{
1d7b9b20 1514 struct lastlog last;
1515 int fd;
1516
1517 /* create our struct lastlog */
1518 lastlog_construct(li, &last);
1519
ee476051 1520 if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT))
fa64c868 1521 return (0);
2b87da3b 1522
1d7b9b20 1523 /* write the entry */
d72f7b79 1524 if (atomicio(vwrite, fd, &last, sizeof(last)) != sizeof(last)) {
1a022229 1525 close(fd);
a233586b 1526 logit("%s: Error writing to %s: %s", __func__,
1a022229 1527 LASTLOG_FILE, strerror(errno));
fa64c868 1528 return (0);
a05a70ab 1529 }
1a022229 1530
1531 close(fd);
fa64c868 1532 return (1);
564dd50a 1533}
1d7b9b20 1534
1d7b9b20 1535int
564dd50a 1536lastlog_write_entry(struct logininfo *li)
1537{
1d7b9b20 1538 switch(li->type) {
1539 case LTYPE_LOGIN:
fa64c868 1540 return (lastlog_perform_login(li));
1d7b9b20 1541 default:
a233586b 1542 logit("%s: Invalid type field", __func__);
fa64c868 1543 return (0);
1d7b9b20 1544 }
564dd50a 1545}
1d7b9b20 1546
1d7b9b20 1547static void
564dd50a 1548lastlog_populate_entry(struct logininfo *li, struct lastlog *last)
1549{
1d7b9b20 1550 line_fullname(li->line, last->ll_line, sizeof(li->line));
2b87da3b 1551 strlcpy(li->hostname, last->ll_host,
fa64c868 1552 MIN_SIZEOF(li->hostname, last->ll_host));
1d7b9b20 1553 li->tv_sec = last->ll_time;
564dd50a 1554}
1d7b9b20 1555
1d7b9b20 1556int
564dd50a 1557lastlog_get_entry(struct logininfo *li)
1558{
1d7b9b20 1559 struct lastlog last;
ed05a983 1560 int fd, ret;
1d7b9b20 1561
ce49121d 1562 if (!lastlog_openseek(li, &fd, O_RDONLY))
ed05a983 1563 return (0);
ce49121d 1564
ed05a983 1565 ret = atomicio(read, fd, &last, sizeof(last));
ce49121d 1566 close(fd);
1567
ed05a983 1568 switch (ret) {
1569 case 0:
1570 memset(&last, '\0', sizeof(last));
1571 /* FALLTHRU */
1572 case sizeof(last):
1573 lastlog_populate_entry(li, &last);
1574 return (1);
1575 case -1:
aff51935 1576 error("%s: Error reading from %s: %s", __func__,
ed05a983 1577 LASTLOG_FILE, strerror(errno));
1578 return (0);
1579 default:
1580 error("%s: Error reading from %s: Expecting %d, got %d",
1581 __func__, LASTLOG_FILE, sizeof(last), ret);
1582 return (0);
1583 }
ce49121d 1584
ed05a983 1585 /* NOTREACHED */
1586 return (0);
564dd50a 1587}
f988dce5 1588#endif /* USE_LASTLOG */
b6610e8f 1589
1590#ifdef USE_BTMP
1591 /*
1592 * Logs failed login attempts in _PATH_BTMP if that exists.
1593 * The most common login failure is to give password instead of username.
1594 * So the _PATH_BTMP file checked for the correct permission, so that
1595 * only root can read it.
1596 */
1597
1598void
1599record_failed_login(const char *username, const char *hostname,
1600 const char *ttyn)
1601{
1602 int fd;
1603 struct utmp ut;
1604 struct sockaddr_storage from;
1605 size_t fromlen = sizeof(from);
1606 struct sockaddr_in *a4;
1607 struct sockaddr_in6 *a6;
1608 time_t t;
1609 struct stat fst;
1610
1611 if (geteuid() != 0)
1612 return;
1613 if ((fd = open(_PATH_BTMP, O_WRONLY | O_APPEND)) < 0) {
1614 debug("Unable to open the btmp file %s: %s", _PATH_BTMP,
1615 strerror(errno));
1616 return;
1617 }
1618 if (fstat(fd, &fst) < 0) {
1619 logit("%s: fstat of %s failed: %s", __func__, _PATH_BTMP,
1620 strerror(errno));
1621 goto out;
1622 }
1623 if((fst.st_mode & (S_IRWXG | S_IRWXO)) || (fst.st_uid != 0)){
1624 logit("Excess permission or bad ownership on file %s",
1625 _PATH_BTMP);
1626 goto out;
1627 }
1628
1629 memset(&ut, 0, sizeof(ut));
1630 /* strncpy because we don't necessarily want nul termination */
1631 strncpy(ut.ut_user, username, sizeof(ut.ut_user));
1632 strlcpy(ut.ut_line, "ssh:notty", sizeof(ut.ut_line));
1633
1634 time(&t);
1635 ut.ut_time = t; /* ut_time is not always a time_t */
1636 ut.ut_type = LOGIN_PROCESS;
1637 ut.ut_pid = getpid();
1638
1639 /* strncpy because we don't necessarily want nul termination */
1640 strncpy(ut.ut_host, hostname, sizeof(ut.ut_host));
1641
1642 if (packet_connection_is_on_socket() &&
1643 getpeername(packet_get_connection_in(),
1644 (struct sockaddr *)&from, &fromlen) == 0) {
1645 ipv64_normalise_mapped(&from, &fromlen);
1646 if (from.ss_family == AF_INET) {
1647 a4 = (struct sockaddr_in *)&from;
1648 memcpy(&ut.ut_addr, &(a4->sin_addr),
1649 MIN_SIZEOF(ut.ut_addr, a4->sin_addr));
1650 }
1651#ifdef HAVE_ADDR_V6_IN_UTMP
1652 if (from.ss_family == AF_INET6) {
1653 a6 = (struct sockaddr_in6 *)&from;
1654 memcpy(&ut.ut_addr_v6, &(a6->sin6_addr),
1655 MIN_SIZEOF(ut.ut_addr_v6, a6->sin6_addr));
1656 }
1657#endif
1658 }
1659
1660 if (atomicio(vwrite, fd, &ut, sizeof(ut)) != sizeof(ut))
1661 error("Failed to write to %s: %s", _PATH_BTMP,
1662 strerror(errno));
1663
1664out:
1665 close(fd);
1666}
1667#endif /* USE_BTMP */
git-cvsimport mirror of OpenSSH
This page took 0.561401 seconds and 5 git commands to generate.