]> andersk Git - openssh.git/blame - loginrec.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c
[openssh.git] / loginrec.c
CommitLineData
1d7b9b20 1/*
2 * Copyright (c) 2000 Andre Lucas. All rights reserved.
564dd50a 3 * Portions copyright (c) 1998 Todd C. Miller
4 * Portions copyright (c) 1996 Jason Downs
5 * Portions copyright (c) 1996 Theo de Raadt
1d7b9b20 6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
1d7b9b20 15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
b6610e8f 28/*
29 * The btmp logging code is derived from login.c from util-linux and is under
30 * the the following license:
31 *
32 * Copyright (c) 1980, 1987, 1988 The Regents of the University of California.
33 * All rights reserved.
34 *
35 * Redistribution and use in source and binary forms are permitted
36 * provided that the above copyright notice and this paragraph are
37 * duplicated in all such forms and that any documentation,
38 * advertising materials, and other materials related to such
39 * distribution and use acknowledge that the software was developed
40 * by the University of California, Berkeley. The name of the
41 * University may not be used to endorse or promote products derived
42 * from this software without specific prior written permission.
43 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
44 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
45 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
46 */
47
48
2b87da3b 49/**
1d7b9b20 50 ** loginrec.c: platform-independent login recording and lastlog retrieval
51 **/
52
564dd50a 53/*
fa64c868 54 * The new login code explained
55 * ============================
56 *
57 * This code attempts to provide a common interface to login recording
58 * (utmp and friends) and last login time retrieval.
59 *
60 * Its primary means of achieving this is to use 'struct logininfo', a
61 * union of all the useful fields in the various different types of
62 * system login record structures one finds on UNIX variants.
63 *
64 * We depend on autoconf to define which recording methods are to be
65 * used, and which fields are contained in the relevant data structures
66 * on the local system. Many C preprocessor symbols affect which code
67 * gets compiled here.
68 *
69 * The code is designed to make it easy to modify a particular
70 * recording method, without affecting other methods nor requiring so
71 * many nested conditional compilation blocks as were commonplace in
72 * the old code.
73 *
74 * For login recording, we try to use the local system's libraries as
75 * these are clearly most likely to work correctly. For utmp systems
76 * this usually means login() and logout() or setutent() etc., probably
77 * in libutil, along with logwtmp() etc. On these systems, we fall back
78 * to writing the files directly if we have to, though this method
79 * requires very thorough testing so we do not corrupt local auditing
80 * information. These files and their access methods are very system
81 * specific indeed.
82 *
83 * For utmpx systems, the corresponding library functions are
84 * setutxent() etc. To the author's knowledge, all utmpx systems have
85 * these library functions and so no direct write is attempted. If such
86 * a system exists and needs support, direct analogues of the [uw]tmp
87 * code should suffice.
88 *
89 * Retrieving the time of last login ('lastlog') is in some ways even
90 * more problemmatic than login recording. Some systems provide a
91 * simple table of all users which we seek based on uid and retrieve a
92 * relatively standard structure. Others record the same information in
93 * a directory with a separate file, and others don't record the
94 * information separately at all. For systems in the latter category,
95 * we look backwards in the wtmp or wtmpx file for the last login entry
96 * for our user. Naturally this is slower and on busy systems could
97 * incur a significant performance penalty.
98 *
99 * Calling the new code
100 * --------------------
101 *
102 * In OpenSSH all login recording and retrieval is performed in
103 * login.c. Here you'll find working examples. Also, in the logintest.c
104 * program there are more examples.
105 *
106 * Internal handler calling method
107 * -------------------------------
108 *
109 * When a call is made to login_login() or login_logout(), both
110 * routines set a struct logininfo flag defining which action (log in,
111 * or log out) is to be taken. They both then call login_write(), which
112 * calls whichever of the many structure-specific handlers autoconf
113 * selects for the local system.
114 *
115 * The handlers themselves handle system data structure specifics. Both
116 * struct utmp and struct utmpx have utility functions (see
117 * construct_utmp*()) to try to make it simpler to add extra systems
118 * that introduce new features to either structure.
119 *
120 * While it may seem terribly wasteful to replicate so much similar
121 * code for each method, experience has shown that maintaining code to
122 * write both struct utmp and utmpx in one function, whilst maintaining
123 * support for all systems whether they have library support or not, is
124 * a difficult and time-consuming task.
125 *
126 * Lastlog support proceeds similarly. Functions login_get_lastlog()
127 * (and its OpenSSH-tuned friend login_get_lastlog_time()) call
128 * getlast_entry(), which tries one of three methods to find the last
129 * login time. It uses local system lastlog support if it can,
130 * otherwise it tries wtmp or wtmpx before giving up and returning 0,
131 * meaning "tilt".
132 *
133 * Maintenance
134 * -----------
135 *
136 * In many cases it's possible to tweak autoconf to select the correct
137 * methods for a particular platform, either by improving the detection
138 * code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE
139 * symbols for the platform.
140 *
141 * Use logintest to check which symbols are defined before modifying
142 * configure.ac and loginrec.c. (You have to build logintest yourself
143 * with 'make logintest' as it's not built by default.)
144 *
145 * Otherwise, patches to the specific method(s) are very helpful!
146 */
1d7b9b20 147
148#include "includes.h"
149
1d7b9b20 150#include "ssh.h"
151#include "xmalloc.h"
152#include "loginrec.h"
42f11eb2 153#include "log.h"
154#include "atomicio.h"
b6610e8f 155#include "packet.h"
156#include "canohost.h"
c00e4d75 157#include "auth.h"
1d7b9b20 158
44d5f7f7 159#ifdef HAVE_UTIL_H
fa64c868 160# include <util.h>
44d5f7f7 161#endif
162
8f523d67 163#ifdef HAVE_LIBUTIL_H
fa64c868 164# include <libutil.h>
8f523d67 165#endif
166
fa64c868 167RCSID("$Id$");
168
1d7b9b20 169/**
170 ** prototypes for helper functions in this file
171 **/
172
173#if HAVE_UTMP_H
1d7b9b20 174void set_utmp_time(struct logininfo *li, struct utmp *ut);
175void construct_utmp(struct logininfo *li, struct utmp *ut);
176#endif
177
178#ifdef HAVE_UTMPX_H
1d7b9b20 179void set_utmpx_time(struct logininfo *li, struct utmpx *ut);
180void construct_utmpx(struct logininfo *li, struct utmpx *ut);
181#endif
182
183int utmp_write_entry(struct logininfo *li);
184int utmpx_write_entry(struct logininfo *li);
185int wtmp_write_entry(struct logininfo *li);
186int wtmpx_write_entry(struct logininfo *li);
187int lastlog_write_entry(struct logininfo *li);
188int syslogin_write_entry(struct logininfo *li);
189
190int getlast_entry(struct logininfo *li);
191int lastlog_get_entry(struct logininfo *li);
192int wtmp_get_entry(struct logininfo *li);
193int wtmpx_get_entry(struct logininfo *li);
194
5abcdf8e 195/* pick the shortest string */
fa64c868 196#define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))
5abcdf8e 197
1d7b9b20 198/**
199 ** platform-independent login functions
200 **/
201
fa64c868 202/*
203 * login_login(struct logininfo *) - Record a login
2b87da3b 204 *
5abcdf8e 205 * Call with a pointer to a struct logininfo initialised with
206 * login_init_entry() or login_alloc_entry()
207 *
208 * Returns:
209 * >0 if successful
210 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
211 */
564dd50a 212int
fa64c868 213login_login(struct logininfo *li)
564dd50a 214{
215 li->type = LTYPE_LOGIN;
fa64c868 216 return (login_write(li));
564dd50a 217}
1d7b9b20 218
219
fa64c868 220/*
221 * login_logout(struct logininfo *) - Record a logout
5abcdf8e 222 *
223 * Call as with login_login()
224 *
225 * Returns:
226 * >0 if successful
227 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
228 */
564dd50a 229int
230login_logout(struct logininfo *li)
231{
232 li->type = LTYPE_LOGOUT;
fa64c868 233 return (login_write(li));
1d7b9b20 234}
235
fa64c868 236/*
237 * login_get_lastlog_time(int) - Retrieve the last login time
5abcdf8e 238 *
239 * Retrieve the last login time for the given uid. Will try to use the
240 * system lastlog facilities if they are available, but will fall back
241 * to looking in wtmp/wtmpx if necessary
242 *
243 * Returns:
244 * 0 on failure, or if user has never logged in
245 * Time in seconds from the epoch if successful
246 *
247 * Useful preprocessor symbols:
248 * DISABLE_LASTLOG: If set, *never* even try to retrieve lastlog
249 * info
250 * USE_LASTLOG: If set, indicates the presence of system lastlog
251 * facilities. If this and DISABLE_LASTLOG are not set,
252 * try to retrieve lastlog information from wtmp/wtmpx.
253 */
564dd50a 254unsigned int
255login_get_lastlog_time(const int uid)
256{
257 struct logininfo li;
1d7b9b20 258
5abcdf8e 259 if (login_get_lastlog(&li, uid))
fa64c868 260 return (li.tv_sec);
5abcdf8e 261 else
fa64c868 262 return (0);
564dd50a 263}
1d7b9b20 264
fa64c868 265/*
266 * login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry
5abcdf8e 267 *
268 * Retrieve a logininfo structure populated (only partially) with
269 * information from the system lastlog data, or from wtmp/wtmpx if no
270 * system lastlog information exists.
271 *
272 * Note this routine must be given a pre-allocated logininfo.
273 *
274 * Returns:
275 * >0: A pointer to your struct logininfo if successful
276 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
5abcdf8e 277 */
564dd50a 278struct logininfo *
279login_get_lastlog(struct logininfo *li, const int uid)
280{
5abcdf8e 281 struct passwd *pw;
5abcdf8e 282
dbaa2e87 283 memset(li, '\0', sizeof(*li));
1d7b9b20 284 li->uid = uid;
5abcdf8e 285
2b87da3b 286 /*
9f32ceb4 287 * If we don't have a 'real' lastlog, we need the username to
5abcdf8e 288 * reliably search wtmp(x) for the last login (see
2b87da3b 289 * wtmp_get_entry().)
9f32ceb4 290 */
5abcdf8e 291 pw = getpwuid(uid);
a05a70ab 292 if (pw == NULL)
a233586b 293 fatal("%s: Cannot find account for uid %i", __func__, uid);
2b87da3b 294
1bfbb762 295 /* No MIN_SIZEOF here - we absolutely *must not* truncate the
fa64c868 296 * username (XXX - so check for trunc!) */
d8caae24 297 strlcpy(li->username, pw->pw_name, sizeof(li->username));
a05a70ab 298
564dd50a 299 if (getlast_entry(li))
fa64c868 300 return (li);
564dd50a 301 else
fa64c868 302 return (NULL);
1d7b9b20 303}
304
1d7b9b20 305
fa64c868 306/*
307 * login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
2b87da3b 308 * a logininfo structure
309 *
5abcdf8e 310 * This function creates a new struct logininfo, a data structure
311 * meant to carry the information required to portably record login info.
312 *
313 * Returns a pointer to a newly created struct logininfo. If memory
314 * allocation fails, the program halts.
315 */
564dd50a 316struct
317logininfo *login_alloc_entry(int pid, const char *username,
fa64c868 318 const char *hostname, const char *line)
564dd50a 319{
320 struct logininfo *newli;
1d7b9b20 321
fa64c868 322 newli = xmalloc(sizeof(*newli));
323 login_init_entry(newli, pid, username, hostname, line);
324 return (newli);
1d7b9b20 325}
326
327
5abcdf8e 328/* login_free_entry(struct logininfo *) - free struct memory */
1d7b9b20 329void
564dd50a 330login_free_entry(struct logininfo *li)
331{
332 xfree(li);
1d7b9b20 333}
334
335
5abcdf8e 336/* login_init_entry(struct logininfo *, int, char*, char*, char*)
337 * - initialise a struct logininfo
2b87da3b 338 *
5abcdf8e 339 * Populates a new struct logininfo, a data structure meant to carry
340 * the information required to portably record login info.
341 *
342 * Returns: 1
343 */
564dd50a 344int
2b87da3b 345login_init_entry(struct logininfo *li, int pid, const char *username,
fa64c868 346 const char *hostname, const char *line)
564dd50a 347{
d8caae24 348 struct passwd *pw;
2b87da3b 349
dbaa2e87 350 memset(li, 0, sizeof(*li));
2b87da3b 351
564dd50a 352 li->pid = pid;
d8caae24 353
564dd50a 354 /* set the line information */
355 if (line)
356 line_fullname(li->line, line, sizeof(li->line));
1d7b9b20 357
d8caae24 358 if (username) {
564dd50a 359 strlcpy(li->username, username, sizeof(li->username));
d8caae24 360 pw = getpwnam(li->username);
fa64c868 361 if (pw == NULL) {
a233586b 362 fatal("%s: Cannot find user \"%s\"", __func__,
fa64c868 363 li->username);
364 }
d8caae24 365 li->uid = pw->pw_uid;
366 }
a05a70ab 367
564dd50a 368 if (hostname)
369 strlcpy(li->hostname, hostname, sizeof(li->hostname));
d8caae24 370
fa64c868 371 return (1);
1d7b9b20 372}
373
fa64c868 374/*
375 * login_set_current_time(struct logininfo *) - set the current time
5abcdf8e 376 *
377 * Set the current time in a logininfo structure. This function is
378 * meant to eliminate the need to deal with system dependencies for
379 * time handling.
380 */
1d7b9b20 381void
564dd50a 382login_set_current_time(struct logininfo *li)
383{
1d7b9b20 384 struct timeval tv;
385
386 gettimeofday(&tv, NULL);
2b87da3b 387
d8caae24 388 li->tv_sec = tv.tv_sec;
389 li->tv_usec = tv.tv_usec;
1d7b9b20 390}
391
564dd50a 392/* copy a sockaddr_* into our logininfo */
1d7b9b20 393void
564dd50a 394login_set_addr(struct logininfo *li, const struct sockaddr *sa,
fa64c868 395 const unsigned int sa_size)
564dd50a 396{
397 unsigned int bufsize = sa_size;
398
399 /* make sure we don't overrun our union */
400 if (sizeof(li->hostaddr) < sa_size)
401 bufsize = sizeof(li->hostaddr);
402
fa64c868 403 memcpy(&li->hostaddr.sa, sa, bufsize);
1d7b9b20 404}
1d7b9b20 405
564dd50a 406
407/**
408 ** login_write: Call low-level recording functions based on autoconf
409 ** results
410 **/
1d7b9b20 411int
fa64c868 412login_write(struct logininfo *li)
564dd50a 413{
3c62e7eb 414#ifndef HAVE_CYGWIN
fa64c868 415 if (geteuid() != 0) {
416 logit("Attempt to write login records by non-root user (aborting)");
417 return (1);
1d7b9b20 418 }
3c62e7eb 419#endif
a05a70ab 420
1d7b9b20 421 /* set the timestamp */
422 login_set_current_time(li);
423#ifdef USE_LOGIN
424 syslogin_write_entry(li);
425#endif
426#ifdef USE_LASTLOG
fa64c868 427 if (li->type == LTYPE_LOGIN)
1d7b9b20 428 lastlog_write_entry(li);
1d7b9b20 429#endif
430#ifdef USE_UTMP
431 utmp_write_entry(li);
432#endif
433#ifdef USE_WTMP
434 wtmp_write_entry(li);
435#endif
436#ifdef USE_UTMPX
437 utmpx_write_entry(li);
438#endif
439#ifdef USE_WTMPX
440 wtmpx_write_entry(li);
f5ed3301 441#endif
442#ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
443 if (li->type == LTYPE_LOGIN &&
444 !sys_auth_record_login(li->username,li->hostname,li->line))
445 logit("Writing login record failed for %s", li->username);
c00e4d75 446#endif
447#ifdef AUDIT_EVENTS
448 if (li->type == LTYPE_LOGIN)
449 audit_session_open(li->line);
450 else if (li->type == LTYPE_LOGOUT)
451 audit_session_close(li->line);
1d7b9b20 452#endif
fa64c868 453 return (0);
1d7b9b20 454}
455
7e2d5fa4 456#ifdef LOGIN_NEEDS_UTMPX
457int
458login_utmp_only(struct logininfo *li)
459{
aff51935 460 li->type = LTYPE_LOGIN;
9e127e27 461 login_set_current_time(li);
7e2d5fa4 462# ifdef USE_UTMP
463 utmp_write_entry(li);
464# endif
465# ifdef USE_WTMP
466 wtmp_write_entry(li);
467# endif
468# ifdef USE_UTMPX
469 utmpx_write_entry(li);
470# endif
471# ifdef USE_WTMPX
472 wtmpx_write_entry(li);
473# endif
fa64c868 474 return (0);
7e2d5fa4 475}
476#endif
477
564dd50a 478/**
479 ** getlast_entry: Call low-level functions to retrieve the last login
480 ** time.
481 **/
1d7b9b20 482
564dd50a 483/* take the uid in li and return the last login time */
1d7b9b20 484int
564dd50a 485getlast_entry(struct logininfo *li)
486{
487#ifdef USE_LASTLOG
9f32ceb4 488 return(lastlog_get_entry(li));
a05a70ab 489#else /* !USE_LASTLOG */
1d7b9b20 490
fa64c868 491#if defined(DISABLE_LASTLOG)
2b87da3b 492 /* On some systems we shouldn't even try to obtain last login
3f45f1c3 493 * time, e.g. AIX */
fa64c868 494 return (0);
495# elif defined(USE_WTMP) && \
496 (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP))
564dd50a 497 /* retrieve last login time from utmp */
a05a70ab 498 return (wtmp_get_entry(li));
fa64c868 499# elif defined(USE_WTMPX) && \
500 (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX))
564dd50a 501 /* If wtmp isn't available, try wtmpx */
a05a70ab 502 return (wtmpx_get_entry(li));
fa64c868 503# else
564dd50a 504 /* Give up: No means of retrieving last login time */
fa64c868 505 return (0);
2b87da3b 506# endif /* DISABLE_LASTLOG */
a05a70ab 507#endif /* USE_LASTLOG */
564dd50a 508}
1d7b9b20 509
510
1d7b9b20 511
512/*
564dd50a 513 * 'line' string utility functions
514 *
515 * These functions process the 'line' string into one of three forms:
516 *
1d7b9b20 517 * 1. The full filename (including '/dev')
518 * 2. The stripped name (excluding '/dev')
564dd50a 519 * 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
520 * /dev/pts/1 -> ts/1 )
1d7b9b20 521 *
522 * Form 3 is used on some systems to identify a .tmp.? entry when
523 * attempting to remove it. Typically both addition and removal is
564dd50a 524 * performed by one application - say, sshd - so as long as the choice
525 * uniquely identifies a terminal it's ok.
1d7b9b20 526 */
527
528
fa64c868 529/*
530 * line_fullname(): add the leading '/dev/' if it doesn't exist make
531 * sure dst has enough space, if not just copy src (ugh)
532 */
1d7b9b20 533char *
564dd50a 534line_fullname(char *dst, const char *src, int dstsize)
535{
1d7b9b20 536 memset(dst, '\0', dstsize);
fa64c868 537 if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5)))
1d7b9b20 538 strlcpy(dst, src, dstsize);
fa64c868 539 else {
a4d05724 540 strlcpy(dst, "/dev/", dstsize);
1d7b9b20 541 strlcat(dst, src, dstsize);
542 }
fa64c868 543 return (dst);
1d7b9b20 544}
545
564dd50a 546/* line_stripname(): strip the leading '/dev' if it exists, return dst */
1d7b9b20 547char *
564dd50a 548line_stripname(char *dst, const char *src, int dstsize)
549{
1d7b9b20 550 memset(dst, '\0', dstsize);
551 if (strncmp(src, "/dev/", 5) == 0)
89d7510a 552 strlcpy(dst, src + 5, dstsize);
1d7b9b20 553 else
554 strlcpy(dst, src, dstsize);
fa64c868 555 return (dst);
564dd50a 556}
557
fa64c868 558/*
559 * line_abbrevname(): Return the abbreviated (usually four-character)
564dd50a 560 * form of the line (Just use the last <dstsize> characters of the
561 * full name.)
562 *
563 * NOTE: use strncpy because we do NOT necessarily want zero
fa64c868 564 * termination
565 */
1d7b9b20 566char *
2b87da3b 567line_abbrevname(char *dst, const char *src, int dstsize)
a05a70ab 568{
569 size_t len;
2b87da3b 570
1d7b9b20 571 memset(dst, '\0', dstsize);
2b87da3b 572
daaff4d5 573 /* Always skip prefix if present */
574 if (strncmp(src, "/dev/", 5) == 0)
575 src += 5;
2b87da3b 576
0e8f4eba 577#ifdef WITH_ABBREV_NO_TTY
578 if (strncmp(src, "tty", 3) == 0)
579 src += 3;
580#endif
581
a05a70ab 582 len = strlen(src);
583
daaff4d5 584 if (len > 0) {
585 if (((int)len - dstsize) > 0)
586 src += ((int)len - dstsize);
587
588 /* note: _don't_ change this to strlcpy */
2b87da3b 589 strncpy(dst, src, (size_t)dstsize);
a05a70ab 590 }
2b87da3b 591
fa64c868 592 return (dst);
1d7b9b20 593}
594
1d7b9b20 595/**
596 ** utmp utility functions
564dd50a 597 **
598 ** These functions manipulate struct utmp, taking system differences
599 ** into account.
1d7b9b20 600 **/
601
602#if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN)
603
1d7b9b20 604/* build the utmp structure */
605void
564dd50a 606set_utmp_time(struct logininfo *li, struct utmp *ut)
607{
fa64c868 608# if defined(HAVE_TV_IN_UTMP)
1d7b9b20 609 ut->ut_tv.tv_sec = li->tv_sec;
610 ut->ut_tv.tv_usec = li->tv_usec;
fa64c868 611# elif defined(HAVE_TIME_IN_UTMP)
1d7b9b20 612 ut->ut_time = li->tv_sec;
a05a70ab 613# endif
1d7b9b20 614}
615
616void
617construct_utmp(struct logininfo *li,
564dd50a 618 struct utmp *ut)
619{
9746ee4b 620# ifdef HAVE_ADDR_V6_IN_UTMP
621 struct sockaddr_in6 *sa6;
fa64c868 622# endif
623
dbaa2e87 624 memset(ut, '\0', sizeof(*ut));
5abcdf8e 625
626 /* First fill out fields used for both logins and logouts */
627
a05a70ab 628# ifdef HAVE_ID_IN_UTMP
1d7b9b20 629 line_abbrevname(ut->ut_id, li->line, sizeof(ut->ut_id));
a05a70ab 630# endif
1d7b9b20 631
a05a70ab 632# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 633 /* This is done here to keep utmp constants out of struct logininfo */
1d7b9b20 634 switch (li->type) {
635 case LTYPE_LOGIN:
636 ut->ut_type = USER_PROCESS;
ef51930f 637#ifdef _UNICOS
1a23ac2c 638 cray_set_tmpdir(ut);
639#endif
1d7b9b20 640 break;
641 case LTYPE_LOGOUT:
642 ut->ut_type = DEAD_PROCESS;
ef51930f 643#ifdef _UNICOS
1a23ac2c 644 cray_retain_utmp(ut, li->pid);
645#endif
1d7b9b20 646 break;
647 }
a05a70ab 648# endif
5abcdf8e 649 set_utmp_time(li, ut);
1d7b9b20 650
5abcdf8e 651 line_stripname(ut->ut_line, li->line, sizeof(ut->ut_line));
a05a70ab 652
653# ifdef HAVE_PID_IN_UTMP
1d7b9b20 654 ut->ut_pid = li->pid;
a05a70ab 655# endif
5abcdf8e 656
657 /* If we're logging out, leave all other fields blank */
658 if (li->type == LTYPE_LOGOUT)
fa64c868 659 return;
5abcdf8e 660
a05a70ab 661 /*
662 * These fields are only used when logging in, and are blank
2b87da3b 663 * for logouts.
a05a70ab 664 */
5abcdf8e 665
666 /* Use strncpy because we don't necessarily want null termination */
fa64c868 667 strncpy(ut->ut_name, li->username,
668 MIN_SIZEOF(ut->ut_name, li->username));
a05a70ab 669# ifdef HAVE_HOST_IN_UTMP
fa64c868 670 strncpy(ut->ut_host, li->hostname,
671 MIN_SIZEOF(ut->ut_host, li->hostname));
a05a70ab 672# endif
673# ifdef HAVE_ADDR_IN_UTMP
564dd50a 674 /* this is just a 32-bit IP address */
675 if (li->hostaddr.sa.sa_family == AF_INET)
676 ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
2b87da3b 677# endif
9746ee4b 678# ifdef HAVE_ADDR_V6_IN_UTMP
679 /* this is just a 128-bit IPv6 address */
680 if (li->hostaddr.sa.sa_family == AF_INET6) {
681 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
682 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
683 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
684 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
685 ut->ut_addr_v6[1] = 0;
686 ut->ut_addr_v6[2] = 0;
687 ut->ut_addr_v6[3] = 0;
688 }
689 }
690# endif
564dd50a 691}
a05a70ab 692#endif /* USE_UTMP || USE_WTMP || USE_LOGIN */
564dd50a 693
1d7b9b20 694/**
695 ** utmpx utility functions
564dd50a 696 **
697 ** These functions manipulate struct utmpx, accounting for system
698 ** variations.
1d7b9b20 699 **/
700
701#if defined(USE_UTMPX) || defined (USE_WTMPX)
1d7b9b20 702/* build the utmpx structure */
703void
564dd50a 704set_utmpx_time(struct logininfo *li, struct utmpx *utx)
705{
fa64c868 706# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 707 utx->ut_tv.tv_sec = li->tv_sec;
708 utx->ut_tv.tv_usec = li->tv_usec;
fa64c868 709# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 710 utx->ut_time = li->tv_sec;
fa64c868 711# endif
1d7b9b20 712}
713
714void
564dd50a 715construct_utmpx(struct logininfo *li, struct utmpx *utx)
716{
9746ee4b 717# ifdef HAVE_ADDR_V6_IN_UTMP
718 struct sockaddr_in6 *sa6;
719# endif
dbaa2e87 720 memset(utx, '\0', sizeof(*utx));
fa64c868 721
daaff4d5 722# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 723 line_abbrevname(utx->ut_id, li->line, sizeof(utx->ut_id));
daaff4d5 724# endif
1d7b9b20 725
726 /* this is done here to keep utmp constants out of loginrec.h */
727 switch (li->type) {
728 case LTYPE_LOGIN:
729 utx->ut_type = USER_PROCESS;
730 break;
731 case LTYPE_LOGOUT:
732 utx->ut_type = DEAD_PROCESS;
733 break;
734 }
1d7b9b20 735 line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line));
1d7b9b20 736 set_utmpx_time(li, utx);
5abcdf8e 737 utx->ut_pid = li->pid;
fa64c868 738
f3837bc6 739 /* strncpy(): Don't necessarily want null termination */
fa64c868 740 strncpy(utx->ut_name, li->username,
741 MIN_SIZEOF(utx->ut_name, li->username));
5abcdf8e 742
743 if (li->type == LTYPE_LOGOUT)
744 return;
745
a05a70ab 746 /*
747 * These fields are only used when logging in, and are blank
2b87da3b 748 * for logouts.
a05a70ab 749 */
5abcdf8e 750
a05a70ab 751# ifdef HAVE_HOST_IN_UTMPX
fa64c868 752 strncpy(utx->ut_host, li->hostname,
753 MIN_SIZEOF(utx->ut_host, li->hostname));
a05a70ab 754# endif
755# ifdef HAVE_ADDR_IN_UTMPX
764d4113 756 /* this is just a 32-bit IP address */
757 if (li->hostaddr.sa.sa_family == AF_INET)
758 utx->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
a05a70ab 759# endif
9746ee4b 760# ifdef HAVE_ADDR_V6_IN_UTMP
761 /* this is just a 128-bit IPv6 address */
762 if (li->hostaddr.sa.sa_family == AF_INET6) {
763 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
764 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
765 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
766 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
767 ut->ut_addr_v6[1] = 0;
768 ut->ut_addr_v6[2] = 0;
769 ut->ut_addr_v6[3] = 0;
770 }
771 }
772# endif
a05a70ab 773# ifdef HAVE_SYSLEN_IN_UTMPX
5abcdf8e 774 /* ut_syslen is the length of the utx_host string */
775 utx->ut_syslen = MIN(strlen(li->hostname), sizeof(utx->ut_host));
a05a70ab 776# endif
564dd50a 777}
a05a70ab 778#endif /* USE_UTMPX || USE_WTMPX */
1d7b9b20 779
780/**
564dd50a 781 ** Low-level utmp functions
1d7b9b20 782 **/
783
784/* FIXME: (ATL) utmp_write_direct needs testing */
1d7b9b20 785#ifdef USE_UTMP
786
1d7b9b20 787/* if we can, use pututline() etc. */
a05a70ab 788# if !defined(DISABLE_PUTUTLINE) && defined(HAVE_SETUTENT) && \
789 defined(HAVE_PUTUTLINE)
1d7b9b20 790# define UTMP_USE_LIBRARY
a05a70ab 791# endif
1d7b9b20 792
793
794/* write a utmp entry with the system's help (pututline() and pals) */
a05a70ab 795# ifdef UTMP_USE_LIBRARY
1d7b9b20 796static int
564dd50a 797utmp_write_library(struct logininfo *li, struct utmp *ut)
798{
1d7b9b20 799 setutent();
800 pututline(ut);
a05a70ab 801# ifdef HAVE_ENDUTENT
1d7b9b20 802 endutent();
a05a70ab 803# endif
fa64c868 804 return (1);
564dd50a 805}
a05a70ab 806# else /* UTMP_USE_LIBRARY */
1d7b9b20 807
fa64c868 808/*
809 * Write a utmp entry direct to the file
810 * This is a slightly modification of code in OpenBSD's login.c
811 */
1d7b9b20 812static int
564dd50a 813utmp_write_direct(struct logininfo *li, struct utmp *ut)
814{
1d7b9b20 815 struct utmp old_ut;
816 register int fd;
817 int tty;
818
5abcdf8e 819 /* FIXME: (ATL) ttyslot() needs local implementation */
dbaa2e87 820
698d107e 821#if defined(HAVE_GETTTYENT)
fa64c868 822 struct ttyent *ty;
dbaa2e87 823
824 tty=0;
dbaa2e87 825 setttyent();
fa64c868 826 while (NULL != (ty = getttyent())) {
dbaa2e87 827 tty++;
828 if (!strncmp(ty->ty_name, ut->ut_line, sizeof(ut->ut_line)))
829 break;
830 }
831 endttyent();
832
fa64c868 833 if (NULL == ty) {
5f12e050 834 logit("%s: tty not found", __func__);
835 return (0);
dbaa2e87 836 }
837#else /* FIXME */
838
1d7b9b20 839 tty = ttyslot(); /* seems only to work for /dev/ttyp? style names */
840
698d107e 841#endif /* HAVE_GETTTYENT */
dbaa2e87 842
1d7b9b20 843 if (tty > 0 && (fd = open(UTMP_FILE, O_RDWR|O_CREAT, 0644)) >= 0) {
5f12e050 844 off_t pos, ret;
845
846 pos = (off_t)tty * sizeof(struct utmp);
847 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 848 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 849 return (0);
850 }
851 if (ret != pos) {
f6d20d59 852 logit("%s: Couldn't seek to tty %d slot in %s",
853 __func__, tty, UTMP_FILE);
5f12e050 854 return (0);
855 }
1d7b9b20 856 /*
857 * Prevent luser from zero'ing out ut_host.
858 * If the new ut_line is empty but the old one is not
dc2a6d09 859 * and ut_line and ut_name match, preserve the old ut_line.
1d7b9b20 860 */
2b87da3b 861 if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) &&
fa64c868 862 (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') &&
863 (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) &&
864 (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0))
865 memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host));
2b87da3b 866
5f12e050 867 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
f6d20d59 868 logit("%s: lseek: %s", __func__, strerror(errno));
5f12e050 869 return (0);
870 }
871 if (ret != pos) {
f6d20d59 872 logit("%s: Couldn't seek to tty %d slot in %s",
5f12e050 873 __func__, tty, UTMP_FILE);
874 return (0);
875 }
fa64c868 876 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
5f12e050 877 logit("%s: error writing %s: %s", __func__,
5abcdf8e 878 UTMP_FILE, strerror(errno));
fa64c868 879 }
2b87da3b 880
fa64c868 881 close(fd);
882 return (1);
9f32ceb4 883 } else {
fa64c868 884 return (0);
9f32ceb4 885 }
564dd50a 886}
a05a70ab 887# endif /* UTMP_USE_LIBRARY */
1d7b9b20 888
889static int
564dd50a 890utmp_perform_login(struct logininfo *li)
891{
1d7b9b20 892 struct utmp ut;
893
894 construct_utmp(li, &ut);
a05a70ab 895# ifdef UTMP_USE_LIBRARY
1d7b9b20 896 if (!utmp_write_library(li, &ut)) {
a233586b 897 logit("%s: utmp_write_library() failed", __func__);
fa64c868 898 return (0);
1d7b9b20 899 }
a05a70ab 900# else
1d7b9b20 901 if (!utmp_write_direct(li, &ut)) {
a233586b 902 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 903 return (0);
1d7b9b20 904 }
a05a70ab 905# endif
fa64c868 906 return (1);
564dd50a 907}
1d7b9b20 908
909
910static int
564dd50a 911utmp_perform_logout(struct logininfo *li)
912{
1d7b9b20 913 struct utmp ut;
914
5abcdf8e 915 construct_utmp(li, &ut);
a05a70ab 916# ifdef UTMP_USE_LIBRARY
5abcdf8e 917 if (!utmp_write_library(li, &ut)) {
a233586b 918 logit("%s: utmp_write_library() failed", __func__);
fa64c868 919 return (0);
5abcdf8e 920 }
a05a70ab 921# else
5abcdf8e 922 if (!utmp_write_direct(li, &ut)) {
a233586b 923 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 924 return (0);
5abcdf8e 925 }
a05a70ab 926# endif
fa64c868 927 return (1);
564dd50a 928}
1d7b9b20 929
930
931int
564dd50a 932utmp_write_entry(struct logininfo *li)
933{
1d7b9b20 934 switch(li->type) {
935 case LTYPE_LOGIN:
fa64c868 936 return (utmp_perform_login(li));
1d7b9b20 937
938 case LTYPE_LOGOUT:
fa64c868 939 return (utmp_perform_logout(li));
1d7b9b20 940
941 default:
a233586b 942 logit("%s: invalid type field", __func__);
fa64c868 943 return (0);
1d7b9b20 944 }
564dd50a 945}
a05a70ab 946#endif /* USE_UTMP */
1d7b9b20 947
948
949/**
564dd50a 950 ** Low-level utmpx functions
1d7b9b20 951 **/
952
953/* not much point if we don't want utmpx entries */
954#ifdef USE_UTMPX
955
1d7b9b20 956/* if we have the wherewithall, use pututxline etc. */
a05a70ab 957# if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \
958 defined(HAVE_PUTUTXLINE)
1d7b9b20 959# define UTMPX_USE_LIBRARY
a05a70ab 960# endif
1d7b9b20 961
962
963/* write a utmpx entry with the system's help (pututxline() and pals) */
a05a70ab 964# ifdef UTMPX_USE_LIBRARY
1d7b9b20 965static int
564dd50a 966utmpx_write_library(struct logininfo *li, struct utmpx *utx)
967{
1d7b9b20 968 setutxent();
969 pututxline(utx);
970
a05a70ab 971# ifdef HAVE_ENDUTXENT
1d7b9b20 972 endutxent();
a05a70ab 973# endif
fa64c868 974 return (1);
564dd50a 975}
1d7b9b20 976
a05a70ab 977# else /* UTMPX_USE_LIBRARY */
1d7b9b20 978
979/* write a utmp entry direct to the file */
980static int
564dd50a 981utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
2b87da3b 982{
a233586b 983 logit("%s: not implemented!", __func__);
fa64c868 984 return (0);
564dd50a 985}
a05a70ab 986# endif /* UTMPX_USE_LIBRARY */
1d7b9b20 987
988static int
564dd50a 989utmpx_perform_login(struct logininfo *li)
990{
1d7b9b20 991 struct utmpx utx;
992
993 construct_utmpx(li, &utx);
a05a70ab 994# ifdef UTMPX_USE_LIBRARY
1d7b9b20 995 if (!utmpx_write_library(li, &utx)) {
a233586b 996 logit("%s: utmp_write_library() failed", __func__);
fa64c868 997 return (0);
1d7b9b20 998 }
a05a70ab 999# else
1d7b9b20 1000 if (!utmpx_write_direct(li, &ut)) {
a233586b 1001 logit("%s: utmp_write_direct() failed", __func__);
fa64c868 1002 return (0);
1d7b9b20 1003 }
a05a70ab 1004# endif
fa64c868 1005 return (1);
564dd50a 1006}
1d7b9b20 1007
1008
1009static int
564dd50a 1010utmpx_perform_logout(struct logininfo *li)
1011{
1d7b9b20 1012 struct utmpx utx;
1013
f3837bc6 1014 construct_utmpx(li, &utx);
a05a70ab 1015# ifdef HAVE_ID_IN_UTMPX
1d7b9b20 1016 line_abbrevname(utx.ut_id, li->line, sizeof(utx.ut_id));
a05a70ab 1017# endif
1018# ifdef HAVE_TYPE_IN_UTMPX
1d7b9b20 1019 utx.ut_type = DEAD_PROCESS;
a05a70ab 1020# endif
1d7b9b20 1021
a05a70ab 1022# ifdef UTMPX_USE_LIBRARY
1d7b9b20 1023 utmpx_write_library(li, &utx);
a05a70ab 1024# else
1d7b9b20 1025 utmpx_write_direct(li, &utx);
a05a70ab 1026# endif
fa64c868 1027 return (1);
564dd50a 1028}
1d7b9b20 1029
1d7b9b20 1030int
564dd50a 1031utmpx_write_entry(struct logininfo *li)
1032{
1d7b9b20 1033 switch(li->type) {
1034 case LTYPE_LOGIN:
fa64c868 1035 return (utmpx_perform_login(li));
1d7b9b20 1036 case LTYPE_LOGOUT:
fa64c868 1037 return (utmpx_perform_logout(li));
1d7b9b20 1038 default:
a233586b 1039 logit("%s: invalid type field", __func__);
fa64c868 1040 return (0);
1d7b9b20 1041 }
564dd50a 1042}
a05a70ab 1043#endif /* USE_UTMPX */
1d7b9b20 1044
1045
1046/**
564dd50a 1047 ** Low-level wtmp functions
1d7b9b20 1048 **/
1049
2b87da3b 1050#ifdef USE_WTMP
1d7b9b20 1051
fa64c868 1052/*
1053 * Write a wtmp entry direct to the end of the file
1054 * This is a slight modification of code in OpenBSD's logwtmp.c
1055 */
1d7b9b20 1056static int
564dd50a 1057wtmp_write(struct logininfo *li, struct utmp *ut)
1058{
1d7b9b20 1059 struct stat buf;
1060 int fd, ret = 1;
1061
1062 if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
a233586b 1063 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1064 WTMP_FILE, strerror(errno));
fa64c868 1065 return (0);
1d7b9b20 1066 }
2b87da3b 1067 if (fstat(fd, &buf) == 0)
d72f7b79 1068 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
1d7b9b20 1069 ftruncate(fd, buf.st_size);
a233586b 1070 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1071 WTMP_FILE, strerror(errno));
1072 ret = 0;
1073 }
fa64c868 1074 close(fd);
1075 return (ret);
564dd50a 1076}
1d7b9b20 1077
1d7b9b20 1078static int
a05a70ab 1079wtmp_perform_login(struct logininfo *li)
1080{
1d7b9b20 1081 struct utmp ut;
1082
1083 construct_utmp(li, &ut);
fa64c868 1084 return (wtmp_write(li, &ut));
564dd50a 1085}
1d7b9b20 1086
1087
1088static int
564dd50a 1089wtmp_perform_logout(struct logininfo *li)
1090{
1d7b9b20 1091 struct utmp ut;
1092
1093 construct_utmp(li, &ut);
fa64c868 1094 return (wtmp_write(li, &ut));
564dd50a 1095}
1d7b9b20 1096
1097
1098int
564dd50a 1099wtmp_write_entry(struct logininfo *li)
1100{
1d7b9b20 1101 switch(li->type) {
1102 case LTYPE_LOGIN:
fa64c868 1103 return (wtmp_perform_login(li));
1d7b9b20 1104 case LTYPE_LOGOUT:
fa64c868 1105 return (wtmp_perform_logout(li));
1d7b9b20 1106 default:
a233586b 1107 logit("%s: invalid type field", __func__);
fa64c868 1108 return (0);
1d7b9b20 1109 }
564dd50a 1110}
1d7b9b20 1111
1112
fa64c868 1113/*
1114 * Notes on fetching login data from wtmp/wtmpx
2b87da3b 1115 *
5abcdf8e 1116 * Logouts are usually recorded with (amongst other things) a blank
1117 * username on a given tty line. However, some systems (HP-UX is one)
1118 * leave all fields set, but change the ut_type field to DEAD_PROCESS.
1119 *
1120 * Since we're only looking for logins here, we know that the username
1121 * must be set correctly. On systems that leave it in, we check for
1122 * ut_type==USER_PROCESS (indicating a login.)
1123 *
1124 * Portability: Some systems may set something other than USER_PROCESS
1125 * to indicate a login process. I don't know of any as I write. Also,
1126 * it's possible that some systems may both leave the username in
1127 * place and not have ut_type.
1128 */
1129
5abcdf8e 1130/* return true if this wtmp entry indicates a login */
1131static int
1132wtmp_islogin(struct logininfo *li, struct utmp *ut)
1133{
2b87da3b 1134 if (strncmp(li->username, ut->ut_name,
fa64c868 1135 MIN_SIZEOF(li->username, ut->ut_name)) == 0) {
a05a70ab 1136# ifdef HAVE_TYPE_IN_UTMP
5abcdf8e 1137 if (ut->ut_type & USER_PROCESS)
fa64c868 1138 return (1);
a05a70ab 1139# else
fa64c868 1140 return (1);
a05a70ab 1141# endif
5abcdf8e 1142 }
fa64c868 1143 return (0);
5abcdf8e 1144}
1145
1d7b9b20 1146int
564dd50a 1147wtmp_get_entry(struct logininfo *li)
1148{
1d7b9b20 1149 struct stat st;
1150 struct utmp ut;
fa64c868 1151 int fd, found = 0;
5abcdf8e 1152
1153 /* Clear the time entries in our logininfo */
1154 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1155
1156 if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) {
a233586b 1157 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1158 WTMP_FILE, strerror(errno));
fa64c868 1159 return (0);
1d7b9b20 1160 }
2b87da3b 1161 if (fstat(fd, &st) != 0) {
a233586b 1162 logit("%s: couldn't stat %s: %s", __func__,
1d7b9b20 1163 WTMP_FILE, strerror(errno));
1164 close(fd);
fa64c868 1165 return (0);
1d7b9b20 1166 }
1d7b9b20 1167
5abcdf8e 1168 /* Seek to the start of the last struct utmp */
d9d47a26 1169 if (lseek(fd, -(off_t)sizeof(struct utmp), SEEK_END) == -1) {
5abcdf8e 1170 /* Looks like we've got a fresh wtmp file */
1171 close(fd);
fa64c868 1172 return (0);
5abcdf8e 1173 }
1174
1175 while (!found) {
9f32ceb4 1176 if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) {
a233586b 1177 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1178 WTMP_FILE, strerror(errno));
1179 close (fd);
fa64c868 1180 return (0);
1d7b9b20 1181 }
5abcdf8e 1182 if ( wtmp_islogin(li, &ut) ) {
1183 found = 1;
fa64c868 1184 /*
1185 * We've already checked for a time in struct
1186 * utmp, in login_getlast()
1187 */
a05a70ab 1188# ifdef HAVE_TIME_IN_UTMP
1d7b9b20 1189 li->tv_sec = ut.ut_time;
a05a70ab 1190# else
1d7b9b20 1191# if HAVE_TV_IN_UTMP
1192 li->tv_sec = ut.ut_tv.tv_sec;
1193# endif
a05a70ab 1194# endif
5abcdf8e 1195 line_fullname(li->line, ut.ut_line,
fa64c868 1196 MIN_SIZEOF(li->line, ut.ut_line));
a05a70ab 1197# ifdef HAVE_HOST_IN_UTMP
5abcdf8e 1198 strlcpy(li->hostname, ut.ut_host,
fa64c868 1199 MIN_SIZEOF(li->hostname, ut.ut_host));
a05a70ab 1200# endif
5abcdf8e 1201 continue;
1d7b9b20 1202 }
5abcdf8e 1203 /* Seek back 2 x struct utmp */
d9d47a26 1204 if (lseek(fd, -(off_t)(2 * sizeof(struct utmp)), SEEK_CUR) == -1) {
5abcdf8e 1205 /* We've found the start of the file, so quit */
fa64c868 1206 close(fd);
1207 return (0);
1d7b9b20 1208 }
5abcdf8e 1209 }
1210
1211 /* We found an entry. Tidy up and return */
1212 close(fd);
fa64c868 1213 return (1);
564dd50a 1214}
a05a70ab 1215# endif /* USE_WTMP */
1d7b9b20 1216
1217
1218/**
564dd50a 1219 ** Low-level wtmpx functions
1d7b9b20 1220 **/
1221
1222#ifdef USE_WTMPX
fa64c868 1223/*
1224 * Write a wtmpx entry direct to the end of the file
1225 * This is a slight modification of code in OpenBSD's logwtmp.c
1226 */
1d7b9b20 1227static int
564dd50a 1228wtmpx_write(struct logininfo *li, struct utmpx *utx)
1229{
41c64c91 1230#ifndef HAVE_UPDWTMPX
1d7b9b20 1231 struct stat buf;
1232 int fd, ret = 1;
1233
1234 if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
a233586b 1235 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1236 WTMPX_FILE, strerror(errno));
fa64c868 1237 return (0);
1d7b9b20 1238 }
1239
2b87da3b 1240 if (fstat(fd, &buf) == 0)
d72f7b79 1241 if (atomicio(vwrite, fd, utx, sizeof(*utx)) != sizeof(*utx)) {
1d7b9b20 1242 ftruncate(fd, buf.st_size);
a233586b 1243 logit("%s: problem writing %s: %s", __func__,
1d7b9b20 1244 WTMPX_FILE, strerror(errno));
1245 ret = 0;
1246 }
fa64c868 1247 close(fd);
1d7b9b20 1248
fa64c868 1249 return (ret);
41c64c91 1250#else
1251 updwtmpx(WTMPX_FILE, utx);
fa64c868 1252 return (1);
41c64c91 1253#endif
564dd50a 1254}
1d7b9b20 1255
1256
1257static int
564dd50a 1258wtmpx_perform_login(struct logininfo *li)
1259{
1d7b9b20 1260 struct utmpx utx;
1261
1262 construct_utmpx(li, &utx);
fa64c868 1263 return (wtmpx_write(li, &utx));
564dd50a 1264}
1d7b9b20 1265
1266
1267static int
564dd50a 1268wtmpx_perform_logout(struct logininfo *li)
1269{
1d7b9b20 1270 struct utmpx utx;
1271
1272 construct_utmpx(li, &utx);
fa64c868 1273 return (wtmpx_write(li, &utx));
564dd50a 1274}
1d7b9b20 1275
1276
1277int
564dd50a 1278wtmpx_write_entry(struct logininfo *li)
1279{
1d7b9b20 1280 switch(li->type) {
1281 case LTYPE_LOGIN:
fa64c868 1282 return (wtmpx_perform_login(li));
1d7b9b20 1283 case LTYPE_LOGOUT:
fa64c868 1284 return (wtmpx_perform_logout(li));
1d7b9b20 1285 default:
a233586b 1286 logit("%s: invalid type field", __func__);
fa64c868 1287 return (0);
1d7b9b20 1288 }
564dd50a 1289}
1d7b9b20 1290
5abcdf8e 1291/* Please see the notes above wtmp_islogin() for information about the
1292 next two functions */
1293
1294/* Return true if this wtmpx entry indicates a login */
1295static int
1296wtmpx_islogin(struct logininfo *li, struct utmpx *utx)
1297{
fa64c868 1298 if (strncmp(li->username, utx->ut_name,
1299 MIN_SIZEOF(li->username, utx->ut_name)) == 0 ) {
a05a70ab 1300# ifdef HAVE_TYPE_IN_UTMPX
5abcdf8e 1301 if (utx->ut_type == USER_PROCESS)
fa64c868 1302 return (1);
a05a70ab 1303# else
fa64c868 1304 return (1);
a05a70ab 1305# endif
5abcdf8e 1306 }
fa64c868 1307 return (0);
5abcdf8e 1308}
1309
1d7b9b20 1310
1311int
564dd50a 1312wtmpx_get_entry(struct logininfo *li)
1313{
1d7b9b20 1314 struct stat st;
1315 struct utmpx utx;
5abcdf8e 1316 int fd, found=0;
1317
1318 /* Clear the time entries */
1319 li->tv_sec = li->tv_usec = 0;
1d7b9b20 1320
1321 if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) {
a233586b 1322 logit("%s: problem opening %s: %s", __func__,
1d7b9b20 1323 WTMPX_FILE, strerror(errno));
fa64c868 1324 return (0);
1d7b9b20 1325 }
2b87da3b 1326 if (fstat(fd, &st) != 0) {
a233586b 1327 logit("%s: couldn't stat %s: %s", __func__,
fdebdd4f 1328 WTMPX_FILE, strerror(errno));
1d7b9b20 1329 close(fd);
fa64c868 1330 return (0);
1d7b9b20 1331 }
2b87da3b 1332
5abcdf8e 1333 /* Seek to the start of the last struct utmpx */
d9d47a26 1334 if (lseek(fd, -(off_t)sizeof(struct utmpx), SEEK_END) == -1 ) {
5abcdf8e 1335 /* probably a newly rotated wtmpx file */
1336 close(fd);
fa64c868 1337 return (0);
5abcdf8e 1338 }
1d7b9b20 1339
5abcdf8e 1340 while (!found) {
9f32ceb4 1341 if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) {
a233586b 1342 logit("%s: read of %s failed: %s", __func__,
1d7b9b20 1343 WTMPX_FILE, strerror(errno));
1344 close (fd);
fa64c868 1345 return (0);
1d7b9b20 1346 }
fa64c868 1347 /*
1348 * Logouts are recorded as a blank username on a particular
1349 * line. So, we just need to find the username in struct utmpx
1350 */
1351 if (wtmpx_islogin(li, &utx)) {
d80063fe 1352 found = 1;
fa64c868 1353# if defined(HAVE_TV_IN_UTMPX)
1d7b9b20 1354 li->tv_sec = utx.ut_tv.tv_sec;
fa64c868 1355# elif defined(HAVE_TIME_IN_UTMPX)
1d7b9b20 1356 li->tv_sec = utx.ut_time;
a05a70ab 1357# endif
a4d05724 1358 line_fullname(li->line, utx.ut_line, sizeof(li->line));
fa64c868 1359# if defined(HAVE_HOST_IN_UTMPX)
5abcdf8e 1360 strlcpy(li->hostname, utx.ut_host,
fa64c868 1361 MIN_SIZEOF(li->hostname, utx.ut_host));
a05a70ab 1362# endif
5abcdf8e 1363 continue;
1d7b9b20 1364 }
d9d47a26 1365 if (lseek(fd, -(off_t)(2 * sizeof(struct utmpx)), SEEK_CUR) == -1) {
fa64c868 1366 close(fd);
1367 return (0);
1d7b9b20 1368 }
5abcdf8e 1369 }
1370
1371 close(fd);
fa64c868 1372 return (1);
564dd50a 1373}
f988dce5 1374#endif /* USE_WTMPX */
1d7b9b20 1375
1d7b9b20 1376/**
564dd50a 1377 ** Low-level libutil login() functions
1d7b9b20 1378 **/
1379
1380#ifdef USE_LOGIN
1d7b9b20 1381static int
564dd50a 1382syslogin_perform_login(struct logininfo *li)
1383{
1d7b9b20 1384 struct utmp *ut;
1385
7a52470e 1386 ut = xmalloc(sizeof(*ut));
1d7b9b20 1387 construct_utmp(li, ut);
1388 login(ut);
6cef88bc 1389 free(ut);
1d7b9b20 1390
fa64c868 1391 return (1);
564dd50a 1392}
1d7b9b20 1393
564dd50a 1394static int
1395syslogin_perform_logout(struct logininfo *li)
1396{
a05a70ab 1397# ifdef HAVE_LOGOUT
f20d4564 1398 char line[UT_LINESIZE];
2b87da3b 1399
1d7b9b20 1400 (void)line_stripname(line, li->line, sizeof(line));
1401
fa64c868 1402 if (!logout(line))
a233586b 1403 logit("%s: logout() returned an error", __func__);
a05a70ab 1404# ifdef HAVE_LOGWTMP
fa64c868 1405 else
1d7b9b20 1406 logwtmp(line, "", "");
a05a70ab 1407# endif
5abcdf8e 1408 /* FIXME: (ATL - if the need arises) What to do if we have
1409 * login, but no logout? what if logout but no logwtmp? All
1410 * routines are in libutil so they should all be there,
1411 * but... */
a05a70ab 1412# endif
fa64c868 1413 return (1);
564dd50a 1414}
1d7b9b20 1415
1d7b9b20 1416int
564dd50a 1417syslogin_write_entry(struct logininfo *li)
1418{
1d7b9b20 1419 switch (li->type) {
1420 case LTYPE_LOGIN:
fa64c868 1421 return (syslogin_perform_login(li));
1d7b9b20 1422 case LTYPE_LOGOUT:
fa64c868 1423 return (syslogin_perform_logout(li));
1d7b9b20 1424 default:
a233586b 1425 logit("%s: Invalid type field", __func__);
fa64c868 1426 return (0);
1d7b9b20 1427 }
564dd50a 1428}
f988dce5 1429#endif /* USE_LOGIN */
1d7b9b20 1430
1431/* end of file log-syslogin.c */
1432
1d7b9b20 1433/**
564dd50a 1434 ** Low-level lastlog functions
1d7b9b20 1435 **/
1436
1437#ifdef USE_LASTLOG
a05a70ab 1438#define LL_FILE 1
1439#define LL_DIR 2
1440#define LL_OTHER 3
1d7b9b20 1441
1d7b9b20 1442static void
564dd50a 1443lastlog_construct(struct logininfo *li, struct lastlog *last)
1444{
1d7b9b20 1445 /* clear the structure */
dbaa2e87 1446 memset(last, '\0', sizeof(*last));
2b87da3b 1447
fa64c868 1448 line_stripname(last->ll_line, li->line, sizeof(last->ll_line));
5abcdf8e 1449 strlcpy(last->ll_host, li->hostname,
1450 MIN_SIZEOF(last->ll_host, li->hostname));
1d7b9b20 1451 last->ll_time = li->tv_sec;
564dd50a 1452}
1d7b9b20 1453
1d7b9b20 1454static int
564dd50a 1455lastlog_filetype(char *filename)
1456{
1d7b9b20 1457 struct stat st;
1458
a05a70ab 1459 if (stat(LASTLOG_FILE, &st) != 0) {
a233586b 1460 logit("%s: Couldn't stat %s: %s", __func__,
fa64c868 1461 LASTLOG_FILE, strerror(errno));
1462 return (0);
1d7b9b20 1463 }
1d7b9b20 1464 if (S_ISDIR(st.st_mode))
fa64c868 1465 return (LL_DIR);
1d7b9b20 1466 else if (S_ISREG(st.st_mode))
fa64c868 1467 return (LL_FILE);
1d7b9b20 1468 else
fa64c868 1469 return (LL_OTHER);
564dd50a 1470}
1d7b9b20 1471
1472
1473/* open the file (using filemode) and seek to the login entry */
1474static int
564dd50a 1475lastlog_openseek(struct logininfo *li, int *fd, int filemode)
1476{
1d7b9b20 1477 off_t offset;
1478 int type;
1479 char lastlog_file[1024];
1480
1481 type = lastlog_filetype(LASTLOG_FILE);
1482 switch (type) {
fa64c868 1483 case LL_FILE:
1484 strlcpy(lastlog_file, LASTLOG_FILE,
1485 sizeof(lastlog_file));
1486 break;
1487 case LL_DIR:
1488 snprintf(lastlog_file, sizeof(lastlog_file), "%s/%s",
1489 LASTLOG_FILE, li->username);
1490 break;
1491 default:
a233586b 1492 logit("%s: %.100s is not a file or directory!", __func__,
fa64c868 1493 LASTLOG_FILE);
1494 return (0);
a05a70ab 1495 }
1d7b9b20 1496
ee476051 1497 *fd = open(lastlog_file, filemode, 0600);
fa64c868 1498 if (*fd < 0) {
a233586b 1499 debug("%s: Couldn't open %s: %s", __func__,
1d7b9b20 1500 lastlog_file, strerror(errno));
fa64c868 1501 return (0);
1d7b9b20 1502 }
2b87da3b 1503
d93a7e5a 1504 if (type == LL_FILE) {
1505 /* find this uid's offset in the lastlog file */
d9d47a26 1506 offset = (off_t) ((long)li->uid * sizeof(struct lastlog));
1d7b9b20 1507
fa64c868 1508 if (lseek(*fd, offset, SEEK_SET) != offset) {
a233586b 1509 logit("%s: %s->lseek(): %s", __func__,
1510 lastlog_file, strerror(errno));
fa64c868 1511 return (0);
d93a7e5a 1512 }
1d7b9b20 1513 }
2b87da3b 1514
fa64c868 1515 return (1);
564dd50a 1516}
1d7b9b20 1517
1518static int
564dd50a 1519lastlog_perform_login(struct logininfo *li)
1520{
1d7b9b20 1521 struct lastlog last;
1522 int fd;
1523
1524 /* create our struct lastlog */
1525 lastlog_construct(li, &last);
1526
ee476051 1527 if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT))
fa64c868 1528 return (0);
2b87da3b 1529
1d7b9b20 1530 /* write the entry */
d72f7b79 1531 if (atomicio(vwrite, fd, &last, sizeof(last)) != sizeof(last)) {
1a022229 1532 close(fd);
a233586b 1533 logit("%s: Error writing to %s: %s", __func__,
1a022229 1534 LASTLOG_FILE, strerror(errno));
fa64c868 1535 return (0);
a05a70ab 1536 }
1a022229 1537
1538 close(fd);
fa64c868 1539 return (1);
564dd50a 1540}
1d7b9b20 1541
1d7b9b20 1542int
564dd50a 1543lastlog_write_entry(struct logininfo *li)
1544{
1d7b9b20 1545 switch(li->type) {
1546 case LTYPE_LOGIN:
fa64c868 1547 return (lastlog_perform_login(li));
1d7b9b20 1548 default:
a233586b 1549 logit("%s: Invalid type field", __func__);
fa64c868 1550 return (0);
1d7b9b20 1551 }
564dd50a 1552}
1d7b9b20 1553
1d7b9b20 1554static void
564dd50a 1555lastlog_populate_entry(struct logininfo *li, struct lastlog *last)
1556{
1d7b9b20 1557 line_fullname(li->line, last->ll_line, sizeof(li->line));
2b87da3b 1558 strlcpy(li->hostname, last->ll_host,
fa64c868 1559 MIN_SIZEOF(li->hostname, last->ll_host));
1d7b9b20 1560 li->tv_sec = last->ll_time;
564dd50a 1561}
1d7b9b20 1562
1d7b9b20 1563int
564dd50a 1564lastlog_get_entry(struct logininfo *li)
1565{
1d7b9b20 1566 struct lastlog last;
ed05a983 1567 int fd, ret;
1d7b9b20 1568
ce49121d 1569 if (!lastlog_openseek(li, &fd, O_RDONLY))
ed05a983 1570 return (0);
ce49121d 1571
ed05a983 1572 ret = atomicio(read, fd, &last, sizeof(last));
ce49121d 1573 close(fd);
1574
ed05a983 1575 switch (ret) {
1576 case 0:
1577 memset(&last, '\0', sizeof(last));
1578 /* FALLTHRU */
1579 case sizeof(last):
1580 lastlog_populate_entry(li, &last);
1581 return (1);
1582 case -1:
aff51935 1583 error("%s: Error reading from %s: %s", __func__,
ed05a983 1584 LASTLOG_FILE, strerror(errno));
1585 return (0);
1586 default:
1587 error("%s: Error reading from %s: Expecting %d, got %d",
1588 __func__, LASTLOG_FILE, sizeof(last), ret);
1589 return (0);
1590 }
ce49121d 1591
ed05a983 1592 /* NOTREACHED */
1593 return (0);
564dd50a 1594}
f988dce5 1595#endif /* USE_LASTLOG */
b6610e8f 1596
1597#ifdef USE_BTMP
1598 /*
1599 * Logs failed login attempts in _PATH_BTMP if that exists.
1600 * The most common login failure is to give password instead of username.
1601 * So the _PATH_BTMP file checked for the correct permission, so that
1602 * only root can read it.
1603 */
1604
1605void
1606record_failed_login(const char *username, const char *hostname,
1607 const char *ttyn)
1608{
1609 int fd;
1610 struct utmp ut;
1611 struct sockaddr_storage from;
1612 size_t fromlen = sizeof(from);
1613 struct sockaddr_in *a4;
1614 struct sockaddr_in6 *a6;
1615 time_t t;
1616 struct stat fst;
1617
1618 if (geteuid() != 0)
1619 return;
1620 if ((fd = open(_PATH_BTMP, O_WRONLY | O_APPEND)) < 0) {
1621 debug("Unable to open the btmp file %s: %s", _PATH_BTMP,
1622 strerror(errno));
1623 return;
1624 }
1625 if (fstat(fd, &fst) < 0) {
1626 logit("%s: fstat of %s failed: %s", __func__, _PATH_BTMP,
1627 strerror(errno));
1628 goto out;
1629 }
1630 if((fst.st_mode & (S_IRWXG | S_IRWXO)) || (fst.st_uid != 0)){
1631 logit("Excess permission or bad ownership on file %s",
1632 _PATH_BTMP);
1633 goto out;
1634 }
1635
1636 memset(&ut, 0, sizeof(ut));
1637 /* strncpy because we don't necessarily want nul termination */
1638 strncpy(ut.ut_user, username, sizeof(ut.ut_user));
1639 strlcpy(ut.ut_line, "ssh:notty", sizeof(ut.ut_line));
1640
1641 time(&t);
1642 ut.ut_time = t; /* ut_time is not always a time_t */
1643 ut.ut_type = LOGIN_PROCESS;
1644 ut.ut_pid = getpid();
1645
1646 /* strncpy because we don't necessarily want nul termination */
1647 strncpy(ut.ut_host, hostname, sizeof(ut.ut_host));
1648
1649 if (packet_connection_is_on_socket() &&
1650 getpeername(packet_get_connection_in(),
1651 (struct sockaddr *)&from, &fromlen) == 0) {
1652 ipv64_normalise_mapped(&from, &fromlen);
1653 if (from.ss_family == AF_INET) {
1654 a4 = (struct sockaddr_in *)&from;
1655 memcpy(&ut.ut_addr, &(a4->sin_addr),
1656 MIN_SIZEOF(ut.ut_addr, a4->sin_addr));
1657 }
1658#ifdef HAVE_ADDR_V6_IN_UTMP
1659 if (from.ss_family == AF_INET6) {
1660 a6 = (struct sockaddr_in6 *)&from;
1661 memcpy(&ut.ut_addr_v6, &(a6->sin6_addr),
1662 MIN_SIZEOF(ut.ut_addr_v6, a6->sin6_addr));
1663 }
1664#endif
1665 }
1666
1667 if (atomicio(vwrite, fd, &ut, sizeof(ut)) != sizeof(ut))
1668 error("Failed to write to %s: %s", _PATH_BTMP,
1669 strerror(errno));
1670
1671out:
1672 close(fd);
1673}
1674#endif /* USE_BTMP */
git-cvsimport mirror of OpenSSH
This page took 0.473018 seconds and 5 git commands to generate.