]>
Commit | Line | Data |
---|---|---|
1d7b9b20 | 1 | /* |
2 | * Copyright (c) 2000 Andre Lucas. All rights reserved. | |
564dd50a | 3 | * Portions copyright (c) 1998 Todd C. Miller |
4 | * Portions copyright (c) 1996 Jason Downs | |
5 | * Portions copyright (c) 1996 Theo de Raadt | |
1d7b9b20 | 6 | * |
7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | |
10 | * 1. Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in the | |
14 | * documentation and/or other materials provided with the distribution. | |
1d7b9b20 | 15 | * |
16 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |
18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | |
20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
21 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
22 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
23 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | |
25 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
26 | */ | |
27 | ||
b6610e8f | 28 | /* |
29 | * The btmp logging code is derived from login.c from util-linux and is under | |
30 | * the the following license: | |
31 | * | |
32 | * Copyright (c) 1980, 1987, 1988 The Regents of the University of California. | |
33 | * All rights reserved. | |
34 | * | |
35 | * Redistribution and use in source and binary forms are permitted | |
36 | * provided that the above copyright notice and this paragraph are | |
37 | * duplicated in all such forms and that any documentation, | |
38 | * advertising materials, and other materials related to such | |
39 | * distribution and use acknowledge that the software was developed | |
40 | * by the University of California, Berkeley. The name of the | |
41 | * University may not be used to endorse or promote products derived | |
42 | * from this software without specific prior written permission. | |
43 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR | |
44 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED | |
45 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. | |
46 | */ | |
47 | ||
48 | ||
2b87da3b | 49 | /** |
1d7b9b20 | 50 | ** loginrec.c: platform-independent login recording and lastlog retrieval |
51 | **/ | |
52 | ||
564dd50a | 53 | /* |
fa64c868 | 54 | * The new login code explained |
55 | * ============================ | |
56 | * | |
57 | * This code attempts to provide a common interface to login recording | |
58 | * (utmp and friends) and last login time retrieval. | |
59 | * | |
60 | * Its primary means of achieving this is to use 'struct logininfo', a | |
61 | * union of all the useful fields in the various different types of | |
62 | * system login record structures one finds on UNIX variants. | |
63 | * | |
64 | * We depend on autoconf to define which recording methods are to be | |
65 | * used, and which fields are contained in the relevant data structures | |
66 | * on the local system. Many C preprocessor symbols affect which code | |
67 | * gets compiled here. | |
68 | * | |
69 | * The code is designed to make it easy to modify a particular | |
70 | * recording method, without affecting other methods nor requiring so | |
71 | * many nested conditional compilation blocks as were commonplace in | |
72 | * the old code. | |
73 | * | |
74 | * For login recording, we try to use the local system's libraries as | |
75 | * these are clearly most likely to work correctly. For utmp systems | |
76 | * this usually means login() and logout() or setutent() etc., probably | |
77 | * in libutil, along with logwtmp() etc. On these systems, we fall back | |
78 | * to writing the files directly if we have to, though this method | |
79 | * requires very thorough testing so we do not corrupt local auditing | |
80 | * information. These files and their access methods are very system | |
81 | * specific indeed. | |
82 | * | |
83 | * For utmpx systems, the corresponding library functions are | |
84 | * setutxent() etc. To the author's knowledge, all utmpx systems have | |
85 | * these library functions and so no direct write is attempted. If such | |
86 | * a system exists and needs support, direct analogues of the [uw]tmp | |
87 | * code should suffice. | |
88 | * | |
89 | * Retrieving the time of last login ('lastlog') is in some ways even | |
90 | * more problemmatic than login recording. Some systems provide a | |
91 | * simple table of all users which we seek based on uid and retrieve a | |
92 | * relatively standard structure. Others record the same information in | |
93 | * a directory with a separate file, and others don't record the | |
94 | * information separately at all. For systems in the latter category, | |
95 | * we look backwards in the wtmp or wtmpx file for the last login entry | |
96 | * for our user. Naturally this is slower and on busy systems could | |
97 | * incur a significant performance penalty. | |
98 | * | |
99 | * Calling the new code | |
100 | * -------------------- | |
101 | * | |
102 | * In OpenSSH all login recording and retrieval is performed in | |
103 | * login.c. Here you'll find working examples. Also, in the logintest.c | |
104 | * program there are more examples. | |
105 | * | |
106 | * Internal handler calling method | |
107 | * ------------------------------- | |
108 | * | |
109 | * When a call is made to login_login() or login_logout(), both | |
110 | * routines set a struct logininfo flag defining which action (log in, | |
111 | * or log out) is to be taken. They both then call login_write(), which | |
112 | * calls whichever of the many structure-specific handlers autoconf | |
113 | * selects for the local system. | |
114 | * | |
115 | * The handlers themselves handle system data structure specifics. Both | |
116 | * struct utmp and struct utmpx have utility functions (see | |
117 | * construct_utmp*()) to try to make it simpler to add extra systems | |
118 | * that introduce new features to either structure. | |
119 | * | |
120 | * While it may seem terribly wasteful to replicate so much similar | |
121 | * code for each method, experience has shown that maintaining code to | |
122 | * write both struct utmp and utmpx in one function, whilst maintaining | |
123 | * support for all systems whether they have library support or not, is | |
124 | * a difficult and time-consuming task. | |
125 | * | |
126 | * Lastlog support proceeds similarly. Functions login_get_lastlog() | |
127 | * (and its OpenSSH-tuned friend login_get_lastlog_time()) call | |
128 | * getlast_entry(), which tries one of three methods to find the last | |
129 | * login time. It uses local system lastlog support if it can, | |
130 | * otherwise it tries wtmp or wtmpx before giving up and returning 0, | |
131 | * meaning "tilt". | |
132 | * | |
133 | * Maintenance | |
134 | * ----------- | |
135 | * | |
136 | * In many cases it's possible to tweak autoconf to select the correct | |
137 | * methods for a particular platform, either by improving the detection | |
138 | * code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE | |
139 | * symbols for the platform. | |
140 | * | |
141 | * Use logintest to check which symbols are defined before modifying | |
142 | * configure.ac and loginrec.c. (You have to build logintest yourself | |
143 | * with 'make logintest' as it's not built by default.) | |
144 | * | |
145 | * Otherwise, patches to the specific method(s) are very helpful! | |
146 | */ | |
1d7b9b20 | 147 | |
148 | #include "includes.h" | |
149 | ||
81e73e57 | 150 | #include <sys/types.h> |
151 | #include <sys/stat.h> | |
9794d008 | 152 | #include <sys/socket.h> |
153 | ||
154 | #include <netinet/in.h> | |
81e73e57 | 155 | |
fec71b2f | 156 | #include <errno.h> |
22bbb3e6 | 157 | #include <fcntl.h> |
e0f3adac | 158 | #include <paths.h> |
b1842393 | 159 | #include <pwd.h> |
24436b92 | 160 | #include <stdarg.h> |
28cb0a43 | 161 | #include <string.h> |
162 | #include <unistd.h> | |
b1842393 | 163 | |
1d7b9b20 | 164 | #include "xmalloc.h" |
31652869 | 165 | #include "key.h" |
166 | #include "hostfile.h" | |
167 | #include "ssh.h" | |
1d7b9b20 | 168 | #include "loginrec.h" |
42f11eb2 | 169 | #include "log.h" |
170 | #include "atomicio.h" | |
b6610e8f | 171 | #include "packet.h" |
172 | #include "canohost.h" | |
c00e4d75 | 173 | #include "auth.h" |
c53d8c93 | 174 | #include "buffer.h" |
1d7b9b20 | 175 | |
44d5f7f7 | 176 | #ifdef HAVE_UTIL_H |
fa64c868 | 177 | # include <util.h> |
44d5f7f7 | 178 | #endif |
179 | ||
8f523d67 | 180 | #ifdef HAVE_LIBUTIL_H |
fa64c868 | 181 | # include <libutil.h> |
8f523d67 | 182 | #endif |
183 | ||
1d7b9b20 | 184 | /** |
185 | ** prototypes for helper functions in this file | |
186 | **/ | |
187 | ||
188 | #if HAVE_UTMP_H | |
1d7b9b20 | 189 | void set_utmp_time(struct logininfo *li, struct utmp *ut); |
190 | void construct_utmp(struct logininfo *li, struct utmp *ut); | |
191 | #endif | |
192 | ||
193 | #ifdef HAVE_UTMPX_H | |
1d7b9b20 | 194 | void set_utmpx_time(struct logininfo *li, struct utmpx *ut); |
195 | void construct_utmpx(struct logininfo *li, struct utmpx *ut); | |
196 | #endif | |
197 | ||
198 | int utmp_write_entry(struct logininfo *li); | |
199 | int utmpx_write_entry(struct logininfo *li); | |
200 | int wtmp_write_entry(struct logininfo *li); | |
201 | int wtmpx_write_entry(struct logininfo *li); | |
202 | int lastlog_write_entry(struct logininfo *li); | |
203 | int syslogin_write_entry(struct logininfo *li); | |
204 | ||
205 | int getlast_entry(struct logininfo *li); | |
206 | int lastlog_get_entry(struct logininfo *li); | |
207 | int wtmp_get_entry(struct logininfo *li); | |
208 | int wtmpx_get_entry(struct logininfo *li); | |
209 | ||
5ccf88cb | 210 | extern Buffer loginmsg; |
211 | ||
5abcdf8e | 212 | /* pick the shortest string */ |
fa64c868 | 213 | #define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2)) |
5abcdf8e | 214 | |
1d7b9b20 | 215 | /** |
216 | ** platform-independent login functions | |
217 | **/ | |
218 | ||
fa64c868 | 219 | /* |
220 | * login_login(struct logininfo *) - Record a login | |
2b87da3b | 221 | * |
5abcdf8e | 222 | * Call with a pointer to a struct logininfo initialised with |
223 | * login_init_entry() or login_alloc_entry() | |
224 | * | |
225 | * Returns: | |
226 | * >0 if successful | |
227 | * 0 on failure (will use OpenSSH's logging facilities for diagnostics) | |
228 | */ | |
564dd50a | 229 | int |
fa64c868 | 230 | login_login(struct logininfo *li) |
564dd50a | 231 | { |
232 | li->type = LTYPE_LOGIN; | |
fa64c868 | 233 | return (login_write(li)); |
564dd50a | 234 | } |
1d7b9b20 | 235 | |
236 | ||
fa64c868 | 237 | /* |
238 | * login_logout(struct logininfo *) - Record a logout | |
5abcdf8e | 239 | * |
240 | * Call as with login_login() | |
241 | * | |
242 | * Returns: | |
243 | * >0 if successful | |
244 | * 0 on failure (will use OpenSSH's logging facilities for diagnostics) | |
245 | */ | |
564dd50a | 246 | int |
247 | login_logout(struct logininfo *li) | |
248 | { | |
249 | li->type = LTYPE_LOGOUT; | |
fa64c868 | 250 | return (login_write(li)); |
1d7b9b20 | 251 | } |
252 | ||
fa64c868 | 253 | /* |
254 | * login_get_lastlog_time(int) - Retrieve the last login time | |
5abcdf8e | 255 | * |
256 | * Retrieve the last login time for the given uid. Will try to use the | |
257 | * system lastlog facilities if they are available, but will fall back | |
258 | * to looking in wtmp/wtmpx if necessary | |
259 | * | |
260 | * Returns: | |
261 | * 0 on failure, or if user has never logged in | |
262 | * Time in seconds from the epoch if successful | |
263 | * | |
264 | * Useful preprocessor symbols: | |
265 | * DISABLE_LASTLOG: If set, *never* even try to retrieve lastlog | |
266 | * info | |
267 | * USE_LASTLOG: If set, indicates the presence of system lastlog | |
268 | * facilities. If this and DISABLE_LASTLOG are not set, | |
269 | * try to retrieve lastlog information from wtmp/wtmpx. | |
270 | */ | |
564dd50a | 271 | unsigned int |
272 | login_get_lastlog_time(const int uid) | |
273 | { | |
274 | struct logininfo li; | |
1d7b9b20 | 275 | |
5abcdf8e | 276 | if (login_get_lastlog(&li, uid)) |
fa64c868 | 277 | return (li.tv_sec); |
5abcdf8e | 278 | else |
fa64c868 | 279 | return (0); |
564dd50a | 280 | } |
1d7b9b20 | 281 | |
fa64c868 | 282 | /* |
283 | * login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry | |
5abcdf8e | 284 | * |
285 | * Retrieve a logininfo structure populated (only partially) with | |
286 | * information from the system lastlog data, or from wtmp/wtmpx if no | |
287 | * system lastlog information exists. | |
288 | * | |
289 | * Note this routine must be given a pre-allocated logininfo. | |
290 | * | |
291 | * Returns: | |
292 | * >0: A pointer to your struct logininfo if successful | |
293 | * 0 on failure (will use OpenSSH's logging facilities for diagnostics) | |
5abcdf8e | 294 | */ |
564dd50a | 295 | struct logininfo * |
296 | login_get_lastlog(struct logininfo *li, const int uid) | |
297 | { | |
5abcdf8e | 298 | struct passwd *pw; |
5abcdf8e | 299 | |
dbaa2e87 | 300 | memset(li, '\0', sizeof(*li)); |
1d7b9b20 | 301 | li->uid = uid; |
5abcdf8e | 302 | |
2b87da3b | 303 | /* |
9f32ceb4 | 304 | * If we don't have a 'real' lastlog, we need the username to |
5abcdf8e | 305 | * reliably search wtmp(x) for the last login (see |
2b87da3b | 306 | * wtmp_get_entry().) |
9f32ceb4 | 307 | */ |
5abcdf8e | 308 | pw = getpwuid(uid); |
a05a70ab | 309 | if (pw == NULL) |
a233586b | 310 | fatal("%s: Cannot find account for uid %i", __func__, uid); |
2b87da3b | 311 | |
1bfbb762 | 312 | /* No MIN_SIZEOF here - we absolutely *must not* truncate the |
fa64c868 | 313 | * username (XXX - so check for trunc!) */ |
d8caae24 | 314 | strlcpy(li->username, pw->pw_name, sizeof(li->username)); |
a05a70ab | 315 | |
564dd50a | 316 | if (getlast_entry(li)) |
fa64c868 | 317 | return (li); |
564dd50a | 318 | else |
fa64c868 | 319 | return (NULL); |
1d7b9b20 | 320 | } |
321 | ||
1d7b9b20 | 322 | |
fa64c868 | 323 | /* |
324 | * login_alloc_entry(int, char*, char*, char*) - Allocate and initialise | |
2b87da3b | 325 | * a logininfo structure |
326 | * | |
5abcdf8e | 327 | * This function creates a new struct logininfo, a data structure |
328 | * meant to carry the information required to portably record login info. | |
329 | * | |
330 | * Returns a pointer to a newly created struct logininfo. If memory | |
331 | * allocation fails, the program halts. | |
332 | */ | |
564dd50a | 333 | struct |
334 | logininfo *login_alloc_entry(int pid, const char *username, | |
fa64c868 | 335 | const char *hostname, const char *line) |
564dd50a | 336 | { |
337 | struct logininfo *newli; | |
1d7b9b20 | 338 | |
fa64c868 | 339 | newli = xmalloc(sizeof(*newli)); |
340 | login_init_entry(newli, pid, username, hostname, line); | |
341 | return (newli); | |
1d7b9b20 | 342 | } |
343 | ||
344 | ||
5abcdf8e | 345 | /* login_free_entry(struct logininfo *) - free struct memory */ |
1d7b9b20 | 346 | void |
564dd50a | 347 | login_free_entry(struct logininfo *li) |
348 | { | |
349 | xfree(li); | |
1d7b9b20 | 350 | } |
351 | ||
352 | ||
5abcdf8e | 353 | /* login_init_entry(struct logininfo *, int, char*, char*, char*) |
354 | * - initialise a struct logininfo | |
2b87da3b | 355 | * |
5abcdf8e | 356 | * Populates a new struct logininfo, a data structure meant to carry |
357 | * the information required to portably record login info. | |
358 | * | |
359 | * Returns: 1 | |
360 | */ | |
564dd50a | 361 | int |
2b87da3b | 362 | login_init_entry(struct logininfo *li, int pid, const char *username, |
fa64c868 | 363 | const char *hostname, const char *line) |
564dd50a | 364 | { |
d8caae24 | 365 | struct passwd *pw; |
2b87da3b | 366 | |
dbaa2e87 | 367 | memset(li, 0, sizeof(*li)); |
2b87da3b | 368 | |
564dd50a | 369 | li->pid = pid; |
d8caae24 | 370 | |
564dd50a | 371 | /* set the line information */ |
372 | if (line) | |
373 | line_fullname(li->line, line, sizeof(li->line)); | |
1d7b9b20 | 374 | |
d8caae24 | 375 | if (username) { |
564dd50a | 376 | strlcpy(li->username, username, sizeof(li->username)); |
d8caae24 | 377 | pw = getpwnam(li->username); |
fa64c868 | 378 | if (pw == NULL) { |
d1cf9a87 | 379 | fatal("%s: Cannot find user \"%s\"", __func__, |
fa64c868 | 380 | li->username); |
381 | } | |
d8caae24 | 382 | li->uid = pw->pw_uid; |
383 | } | |
a05a70ab | 384 | |
564dd50a | 385 | if (hostname) |
386 | strlcpy(li->hostname, hostname, sizeof(li->hostname)); | |
d8caae24 | 387 | |
fa64c868 | 388 | return (1); |
1d7b9b20 | 389 | } |
390 | ||
d1cf9a87 | 391 | /* |
fa64c868 | 392 | * login_set_current_time(struct logininfo *) - set the current time |
5abcdf8e | 393 | * |
394 | * Set the current time in a logininfo structure. This function is | |
395 | * meant to eliminate the need to deal with system dependencies for | |
396 | * time handling. | |
397 | */ | |
1d7b9b20 | 398 | void |
564dd50a | 399 | login_set_current_time(struct logininfo *li) |
400 | { | |
1d7b9b20 | 401 | struct timeval tv; |
402 | ||
403 | gettimeofday(&tv, NULL); | |
2b87da3b | 404 | |
d8caae24 | 405 | li->tv_sec = tv.tv_sec; |
406 | li->tv_usec = tv.tv_usec; | |
1d7b9b20 | 407 | } |
408 | ||
564dd50a | 409 | /* copy a sockaddr_* into our logininfo */ |
1d7b9b20 | 410 | void |
564dd50a | 411 | login_set_addr(struct logininfo *li, const struct sockaddr *sa, |
fa64c868 | 412 | const unsigned int sa_size) |
564dd50a | 413 | { |
414 | unsigned int bufsize = sa_size; | |
415 | ||
416 | /* make sure we don't overrun our union */ | |
417 | if (sizeof(li->hostaddr) < sa_size) | |
418 | bufsize = sizeof(li->hostaddr); | |
419 | ||
fa64c868 | 420 | memcpy(&li->hostaddr.sa, sa, bufsize); |
1d7b9b20 | 421 | } |
1d7b9b20 | 422 | |
564dd50a | 423 | |
424 | /** | |
425 | ** login_write: Call low-level recording functions based on autoconf | |
426 | ** results | |
427 | **/ | |
1d7b9b20 | 428 | int |
fa64c868 | 429 | login_write(struct logininfo *li) |
564dd50a | 430 | { |
3c62e7eb | 431 | #ifndef HAVE_CYGWIN |
fa64c868 | 432 | if (geteuid() != 0) { |
433 | logit("Attempt to write login records by non-root user (aborting)"); | |
434 | return (1); | |
1d7b9b20 | 435 | } |
3c62e7eb | 436 | #endif |
a05a70ab | 437 | |
1d7b9b20 | 438 | /* set the timestamp */ |
439 | login_set_current_time(li); | |
440 | #ifdef USE_LOGIN | |
441 | syslogin_write_entry(li); | |
442 | #endif | |
443 | #ifdef USE_LASTLOG | |
fa64c868 | 444 | if (li->type == LTYPE_LOGIN) |
1d7b9b20 | 445 | lastlog_write_entry(li); |
1d7b9b20 | 446 | #endif |
447 | #ifdef USE_UTMP | |
448 | utmp_write_entry(li); | |
449 | #endif | |
450 | #ifdef USE_WTMP | |
451 | wtmp_write_entry(li); | |
452 | #endif | |
453 | #ifdef USE_UTMPX | |
454 | utmpx_write_entry(li); | |
455 | #endif | |
456 | #ifdef USE_WTMPX | |
457 | wtmpx_write_entry(li); | |
f5ed3301 | 458 | #endif |
459 | #ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN | |
d1cf9a87 | 460 | if (li->type == LTYPE_LOGIN && |
98c044d0 | 461 | !sys_auth_record_login(li->username,li->hostname,li->line, |
462 | &loginmsg)) | |
f5ed3301 | 463 | logit("Writing login record failed for %s", li->username); |
c00e4d75 | 464 | #endif |
6039eeef | 465 | #ifdef SSH_AUDIT_EVENTS |
c00e4d75 | 466 | if (li->type == LTYPE_LOGIN) |
467 | audit_session_open(li->line); | |
468 | else if (li->type == LTYPE_LOGOUT) | |
469 | audit_session_close(li->line); | |
1d7b9b20 | 470 | #endif |
fa64c868 | 471 | return (0); |
1d7b9b20 | 472 | } |
473 | ||
7e2d5fa4 | 474 | #ifdef LOGIN_NEEDS_UTMPX |
475 | int | |
476 | login_utmp_only(struct logininfo *li) | |
477 | { | |
aff51935 | 478 | li->type = LTYPE_LOGIN; |
9e127e27 | 479 | login_set_current_time(li); |
7e2d5fa4 | 480 | # ifdef USE_UTMP |
481 | utmp_write_entry(li); | |
482 | # endif | |
483 | # ifdef USE_WTMP | |
484 | wtmp_write_entry(li); | |
485 | # endif | |
486 | # ifdef USE_UTMPX | |
487 | utmpx_write_entry(li); | |
488 | # endif | |
489 | # ifdef USE_WTMPX | |
490 | wtmpx_write_entry(li); | |
491 | # endif | |
fa64c868 | 492 | return (0); |
7e2d5fa4 | 493 | } |
494 | #endif | |
495 | ||
564dd50a | 496 | /** |
497 | ** getlast_entry: Call low-level functions to retrieve the last login | |
498 | ** time. | |
499 | **/ | |
1d7b9b20 | 500 | |
564dd50a | 501 | /* take the uid in li and return the last login time */ |
1d7b9b20 | 502 | int |
564dd50a | 503 | getlast_entry(struct logininfo *li) |
504 | { | |
505 | #ifdef USE_LASTLOG | |
9f32ceb4 | 506 | return(lastlog_get_entry(li)); |
a05a70ab | 507 | #else /* !USE_LASTLOG */ |
1d7b9b20 | 508 | |
fa64c868 | 509 | #if defined(DISABLE_LASTLOG) |
2b87da3b | 510 | /* On some systems we shouldn't even try to obtain last login |
3f45f1c3 | 511 | * time, e.g. AIX */ |
fa64c868 | 512 | return (0); |
513 | # elif defined(USE_WTMP) && \ | |
514 | (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP)) | |
564dd50a | 515 | /* retrieve last login time from utmp */ |
a05a70ab | 516 | return (wtmp_get_entry(li)); |
fa64c868 | 517 | # elif defined(USE_WTMPX) && \ |
518 | (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX)) | |
564dd50a | 519 | /* If wtmp isn't available, try wtmpx */ |
a05a70ab | 520 | return (wtmpx_get_entry(li)); |
fa64c868 | 521 | # else |
564dd50a | 522 | /* Give up: No means of retrieving last login time */ |
fa64c868 | 523 | return (0); |
2b87da3b | 524 | # endif /* DISABLE_LASTLOG */ |
a05a70ab | 525 | #endif /* USE_LASTLOG */ |
564dd50a | 526 | } |
1d7b9b20 | 527 | |
528 | ||
1d7b9b20 | 529 | |
530 | /* | |
564dd50a | 531 | * 'line' string utility functions |
532 | * | |
533 | * These functions process the 'line' string into one of three forms: | |
534 | * | |
1d7b9b20 | 535 | * 1. The full filename (including '/dev') |
536 | * 2. The stripped name (excluding '/dev') | |
564dd50a | 537 | * 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00 |
538 | * /dev/pts/1 -> ts/1 ) | |
1d7b9b20 | 539 | * |
540 | * Form 3 is used on some systems to identify a .tmp.? entry when | |
541 | * attempting to remove it. Typically both addition and removal is | |
564dd50a | 542 | * performed by one application - say, sshd - so as long as the choice |
543 | * uniquely identifies a terminal it's ok. | |
1d7b9b20 | 544 | */ |
545 | ||
546 | ||
fa64c868 | 547 | /* |
548 | * line_fullname(): add the leading '/dev/' if it doesn't exist make | |
549 | * sure dst has enough space, if not just copy src (ugh) | |
550 | */ | |
1d7b9b20 | 551 | char * |
44d71ad5 | 552 | line_fullname(char *dst, const char *src, u_int dstsize) |
564dd50a | 553 | { |
1d7b9b20 | 554 | memset(dst, '\0', dstsize); |
fa64c868 | 555 | if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5))) |
1d7b9b20 | 556 | strlcpy(dst, src, dstsize); |
fa64c868 | 557 | else { |
a4d05724 | 558 | strlcpy(dst, "/dev/", dstsize); |
1d7b9b20 | 559 | strlcat(dst, src, dstsize); |
560 | } | |
fa64c868 | 561 | return (dst); |
1d7b9b20 | 562 | } |
563 | ||
564dd50a | 564 | /* line_stripname(): strip the leading '/dev' if it exists, return dst */ |
1d7b9b20 | 565 | char * |
564dd50a | 566 | line_stripname(char *dst, const char *src, int dstsize) |
567 | { | |
1d7b9b20 | 568 | memset(dst, '\0', dstsize); |
569 | if (strncmp(src, "/dev/", 5) == 0) | |
89d7510a | 570 | strlcpy(dst, src + 5, dstsize); |
1d7b9b20 | 571 | else |
572 | strlcpy(dst, src, dstsize); | |
fa64c868 | 573 | return (dst); |
564dd50a | 574 | } |
575 | ||
d1cf9a87 | 576 | /* |
fa64c868 | 577 | * line_abbrevname(): Return the abbreviated (usually four-character) |
564dd50a | 578 | * form of the line (Just use the last <dstsize> characters of the |
579 | * full name.) | |
580 | * | |
581 | * NOTE: use strncpy because we do NOT necessarily want zero | |
fa64c868 | 582 | * termination |
583 | */ | |
1d7b9b20 | 584 | char * |
2b87da3b | 585 | line_abbrevname(char *dst, const char *src, int dstsize) |
a05a70ab | 586 | { |
587 | size_t len; | |
2b87da3b | 588 | |
1d7b9b20 | 589 | memset(dst, '\0', dstsize); |
2b87da3b | 590 | |
daaff4d5 | 591 | /* Always skip prefix if present */ |
592 | if (strncmp(src, "/dev/", 5) == 0) | |
593 | src += 5; | |
2b87da3b | 594 | |
0e8f4eba | 595 | #ifdef WITH_ABBREV_NO_TTY |
596 | if (strncmp(src, "tty", 3) == 0) | |
597 | src += 3; | |
598 | #endif | |
599 | ||
a05a70ab | 600 | len = strlen(src); |
601 | ||
daaff4d5 | 602 | if (len > 0) { |
603 | if (((int)len - dstsize) > 0) | |
604 | src += ((int)len - dstsize); | |
605 | ||
606 | /* note: _don't_ change this to strlcpy */ | |
2b87da3b | 607 | strncpy(dst, src, (size_t)dstsize); |
a05a70ab | 608 | } |
2b87da3b | 609 | |
fa64c868 | 610 | return (dst); |
1d7b9b20 | 611 | } |
612 | ||
1d7b9b20 | 613 | /** |
614 | ** utmp utility functions | |
564dd50a | 615 | ** |
616 | ** These functions manipulate struct utmp, taking system differences | |
617 | ** into account. | |
1d7b9b20 | 618 | **/ |
619 | ||
620 | #if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN) | |
621 | ||
1d7b9b20 | 622 | /* build the utmp structure */ |
623 | void | |
564dd50a | 624 | set_utmp_time(struct logininfo *li, struct utmp *ut) |
625 | { | |
fa64c868 | 626 | # if defined(HAVE_TV_IN_UTMP) |
1d7b9b20 | 627 | ut->ut_tv.tv_sec = li->tv_sec; |
628 | ut->ut_tv.tv_usec = li->tv_usec; | |
fa64c868 | 629 | # elif defined(HAVE_TIME_IN_UTMP) |
1d7b9b20 | 630 | ut->ut_time = li->tv_sec; |
a05a70ab | 631 | # endif |
1d7b9b20 | 632 | } |
633 | ||
634 | void | |
635 | construct_utmp(struct logininfo *li, | |
564dd50a | 636 | struct utmp *ut) |
637 | { | |
9746ee4b | 638 | # ifdef HAVE_ADDR_V6_IN_UTMP |
639 | struct sockaddr_in6 *sa6; | |
fa64c868 | 640 | # endif |
641 | ||
dbaa2e87 | 642 | memset(ut, '\0', sizeof(*ut)); |
5abcdf8e | 643 | |
644 | /* First fill out fields used for both logins and logouts */ | |
645 | ||
a05a70ab | 646 | # ifdef HAVE_ID_IN_UTMP |
1d7b9b20 | 647 | line_abbrevname(ut->ut_id, li->line, sizeof(ut->ut_id)); |
a05a70ab | 648 | # endif |
1d7b9b20 | 649 | |
a05a70ab | 650 | # ifdef HAVE_TYPE_IN_UTMP |
5abcdf8e | 651 | /* This is done here to keep utmp constants out of struct logininfo */ |
1d7b9b20 | 652 | switch (li->type) { |
653 | case LTYPE_LOGIN: | |
654 | ut->ut_type = USER_PROCESS; | |
ef51930f | 655 | #ifdef _UNICOS |
1a23ac2c | 656 | cray_set_tmpdir(ut); |
657 | #endif | |
1d7b9b20 | 658 | break; |
659 | case LTYPE_LOGOUT: | |
660 | ut->ut_type = DEAD_PROCESS; | |
ef51930f | 661 | #ifdef _UNICOS |
1a23ac2c | 662 | cray_retain_utmp(ut, li->pid); |
663 | #endif | |
1d7b9b20 | 664 | break; |
665 | } | |
a05a70ab | 666 | # endif |
5abcdf8e | 667 | set_utmp_time(li, ut); |
1d7b9b20 | 668 | |
5abcdf8e | 669 | line_stripname(ut->ut_line, li->line, sizeof(ut->ut_line)); |
a05a70ab | 670 | |
671 | # ifdef HAVE_PID_IN_UTMP | |
1d7b9b20 | 672 | ut->ut_pid = li->pid; |
a05a70ab | 673 | # endif |
5abcdf8e | 674 | |
675 | /* If we're logging out, leave all other fields blank */ | |
676 | if (li->type == LTYPE_LOGOUT) | |
fa64c868 | 677 | return; |
5abcdf8e | 678 | |
a05a70ab | 679 | /* |
680 | * These fields are only used when logging in, and are blank | |
2b87da3b | 681 | * for logouts. |
a05a70ab | 682 | */ |
5abcdf8e | 683 | |
684 | /* Use strncpy because we don't necessarily want null termination */ | |
fa64c868 | 685 | strncpy(ut->ut_name, li->username, |
686 | MIN_SIZEOF(ut->ut_name, li->username)); | |
a05a70ab | 687 | # ifdef HAVE_HOST_IN_UTMP |
fa64c868 | 688 | strncpy(ut->ut_host, li->hostname, |
689 | MIN_SIZEOF(ut->ut_host, li->hostname)); | |
a05a70ab | 690 | # endif |
691 | # ifdef HAVE_ADDR_IN_UTMP | |
564dd50a | 692 | /* this is just a 32-bit IP address */ |
693 | if (li->hostaddr.sa.sa_family == AF_INET) | |
694 | ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr; | |
2b87da3b | 695 | # endif |
9746ee4b | 696 | # ifdef HAVE_ADDR_V6_IN_UTMP |
697 | /* this is just a 128-bit IPv6 address */ | |
698 | if (li->hostaddr.sa.sa_family == AF_INET6) { | |
699 | sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa); | |
700 | memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16); | |
701 | if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) { | |
702 | ut->ut_addr_v6[0] = ut->ut_addr_v6[3]; | |
703 | ut->ut_addr_v6[1] = 0; | |
704 | ut->ut_addr_v6[2] = 0; | |
705 | ut->ut_addr_v6[3] = 0; | |
706 | } | |
707 | } | |
708 | # endif | |
564dd50a | 709 | } |
a05a70ab | 710 | #endif /* USE_UTMP || USE_WTMP || USE_LOGIN */ |
564dd50a | 711 | |
1d7b9b20 | 712 | /** |
713 | ** utmpx utility functions | |
564dd50a | 714 | ** |
715 | ** These functions manipulate struct utmpx, accounting for system | |
716 | ** variations. | |
1d7b9b20 | 717 | **/ |
718 | ||
719 | #if defined(USE_UTMPX) || defined (USE_WTMPX) | |
1d7b9b20 | 720 | /* build the utmpx structure */ |
721 | void | |
564dd50a | 722 | set_utmpx_time(struct logininfo *li, struct utmpx *utx) |
723 | { | |
fa64c868 | 724 | # if defined(HAVE_TV_IN_UTMPX) |
1d7b9b20 | 725 | utx->ut_tv.tv_sec = li->tv_sec; |
726 | utx->ut_tv.tv_usec = li->tv_usec; | |
fa64c868 | 727 | # elif defined(HAVE_TIME_IN_UTMPX) |
1d7b9b20 | 728 | utx->ut_time = li->tv_sec; |
fa64c868 | 729 | # endif |
1d7b9b20 | 730 | } |
731 | ||
732 | void | |
564dd50a | 733 | construct_utmpx(struct logininfo *li, struct utmpx *utx) |
734 | { | |
9746ee4b | 735 | # ifdef HAVE_ADDR_V6_IN_UTMP |
736 | struct sockaddr_in6 *sa6; | |
737 | # endif | |
dbaa2e87 | 738 | memset(utx, '\0', sizeof(*utx)); |
fa64c868 | 739 | |
daaff4d5 | 740 | # ifdef HAVE_ID_IN_UTMPX |
1d7b9b20 | 741 | line_abbrevname(utx->ut_id, li->line, sizeof(utx->ut_id)); |
daaff4d5 | 742 | # endif |
1d7b9b20 | 743 | |
744 | /* this is done here to keep utmp constants out of loginrec.h */ | |
745 | switch (li->type) { | |
746 | case LTYPE_LOGIN: | |
747 | utx->ut_type = USER_PROCESS; | |
748 | break; | |
749 | case LTYPE_LOGOUT: | |
750 | utx->ut_type = DEAD_PROCESS; | |
751 | break; | |
752 | } | |
1d7b9b20 | 753 | line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line)); |
1d7b9b20 | 754 | set_utmpx_time(li, utx); |
5abcdf8e | 755 | utx->ut_pid = li->pid; |
fa64c868 | 756 | |
f3837bc6 | 757 | /* strncpy(): Don't necessarily want null termination */ |
fa64c868 | 758 | strncpy(utx->ut_name, li->username, |
759 | MIN_SIZEOF(utx->ut_name, li->username)); | |
5abcdf8e | 760 | |
761 | if (li->type == LTYPE_LOGOUT) | |
762 | return; | |
763 | ||
a05a70ab | 764 | /* |
765 | * These fields are only used when logging in, and are blank | |
2b87da3b | 766 | * for logouts. |
a05a70ab | 767 | */ |
5abcdf8e | 768 | |
a05a70ab | 769 | # ifdef HAVE_HOST_IN_UTMPX |
fa64c868 | 770 | strncpy(utx->ut_host, li->hostname, |
771 | MIN_SIZEOF(utx->ut_host, li->hostname)); | |
a05a70ab | 772 | # endif |
773 | # ifdef HAVE_ADDR_IN_UTMPX | |
764d4113 | 774 | /* this is just a 32-bit IP address */ |
775 | if (li->hostaddr.sa.sa_family == AF_INET) | |
776 | utx->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr; | |
a05a70ab | 777 | # endif |
9746ee4b | 778 | # ifdef HAVE_ADDR_V6_IN_UTMP |
779 | /* this is just a 128-bit IPv6 address */ | |
780 | if (li->hostaddr.sa.sa_family == AF_INET6) { | |
781 | sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa); | |
782 | memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16); | |
783 | if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) { | |
784 | ut->ut_addr_v6[0] = ut->ut_addr_v6[3]; | |
785 | ut->ut_addr_v6[1] = 0; | |
786 | ut->ut_addr_v6[2] = 0; | |
787 | ut->ut_addr_v6[3] = 0; | |
788 | } | |
789 | } | |
790 | # endif | |
a05a70ab | 791 | # ifdef HAVE_SYSLEN_IN_UTMPX |
5abcdf8e | 792 | /* ut_syslen is the length of the utx_host string */ |
793 | utx->ut_syslen = MIN(strlen(li->hostname), sizeof(utx->ut_host)); | |
a05a70ab | 794 | # endif |
564dd50a | 795 | } |
a05a70ab | 796 | #endif /* USE_UTMPX || USE_WTMPX */ |
1d7b9b20 | 797 | |
798 | /** | |
564dd50a | 799 | ** Low-level utmp functions |
1d7b9b20 | 800 | **/ |
801 | ||
802 | /* FIXME: (ATL) utmp_write_direct needs testing */ | |
1d7b9b20 | 803 | #ifdef USE_UTMP |
804 | ||
1d7b9b20 | 805 | /* if we can, use pututline() etc. */ |
a05a70ab | 806 | # if !defined(DISABLE_PUTUTLINE) && defined(HAVE_SETUTENT) && \ |
807 | defined(HAVE_PUTUTLINE) | |
1d7b9b20 | 808 | # define UTMP_USE_LIBRARY |
a05a70ab | 809 | # endif |
1d7b9b20 | 810 | |
811 | ||
812 | /* write a utmp entry with the system's help (pututline() and pals) */ | |
a05a70ab | 813 | # ifdef UTMP_USE_LIBRARY |
1d7b9b20 | 814 | static int |
564dd50a | 815 | utmp_write_library(struct logininfo *li, struct utmp *ut) |
816 | { | |
1d7b9b20 | 817 | setutent(); |
818 | pututline(ut); | |
a05a70ab | 819 | # ifdef HAVE_ENDUTENT |
1d7b9b20 | 820 | endutent(); |
a05a70ab | 821 | # endif |
fa64c868 | 822 | return (1); |
564dd50a | 823 | } |
a05a70ab | 824 | # else /* UTMP_USE_LIBRARY */ |
1d7b9b20 | 825 | |
d1cf9a87 | 826 | /* |
fa64c868 | 827 | * Write a utmp entry direct to the file |
828 | * This is a slightly modification of code in OpenBSD's login.c | |
829 | */ | |
1d7b9b20 | 830 | static int |
564dd50a | 831 | utmp_write_direct(struct logininfo *li, struct utmp *ut) |
832 | { | |
1d7b9b20 | 833 | struct utmp old_ut; |
834 | register int fd; | |
835 | int tty; | |
836 | ||
5abcdf8e | 837 | /* FIXME: (ATL) ttyslot() needs local implementation */ |
dbaa2e87 | 838 | |
698d107e | 839 | #if defined(HAVE_GETTTYENT) |
fa64c868 | 840 | struct ttyent *ty; |
dbaa2e87 | 841 | |
842 | tty=0; | |
dbaa2e87 | 843 | setttyent(); |
fa64c868 | 844 | while (NULL != (ty = getttyent())) { |
dbaa2e87 | 845 | tty++; |
846 | if (!strncmp(ty->ty_name, ut->ut_line, sizeof(ut->ut_line))) | |
847 | break; | |
848 | } | |
849 | endttyent(); | |
850 | ||
fa64c868 | 851 | if (NULL == ty) { |
5f12e050 | 852 | logit("%s: tty not found", __func__); |
853 | return (0); | |
dbaa2e87 | 854 | } |
855 | #else /* FIXME */ | |
856 | ||
1d7b9b20 | 857 | tty = ttyslot(); /* seems only to work for /dev/ttyp? style names */ |
858 | ||
698d107e | 859 | #endif /* HAVE_GETTTYENT */ |
dbaa2e87 | 860 | |
1d7b9b20 | 861 | if (tty > 0 && (fd = open(UTMP_FILE, O_RDWR|O_CREAT, 0644)) >= 0) { |
5f12e050 | 862 | off_t pos, ret; |
863 | ||
864 | pos = (off_t)tty * sizeof(struct utmp); | |
865 | if ((ret = lseek(fd, pos, SEEK_SET)) == -1) { | |
f6d20d59 | 866 | logit("%s: lseek: %s", __func__, strerror(errno)); |
5f12e050 | 867 | return (0); |
868 | } | |
869 | if (ret != pos) { | |
d1cf9a87 | 870 | logit("%s: Couldn't seek to tty %d slot in %s", |
f6d20d59 | 871 | __func__, tty, UTMP_FILE); |
5f12e050 | 872 | return (0); |
873 | } | |
1d7b9b20 | 874 | /* |
875 | * Prevent luser from zero'ing out ut_host. | |
876 | * If the new ut_line is empty but the old one is not | |
dc2a6d09 | 877 | * and ut_line and ut_name match, preserve the old ut_line. |
1d7b9b20 | 878 | */ |
2b87da3b | 879 | if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) && |
fa64c868 | 880 | (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') && |
881 | (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) && | |
882 | (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0)) | |
883 | memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host)); | |
2b87da3b | 884 | |
5f12e050 | 885 | if ((ret = lseek(fd, pos, SEEK_SET)) == -1) { |
f6d20d59 | 886 | logit("%s: lseek: %s", __func__, strerror(errno)); |
5f12e050 | 887 | return (0); |
888 | } | |
889 | if (ret != pos) { | |
f6d20d59 | 890 | logit("%s: Couldn't seek to tty %d slot in %s", |
5f12e050 | 891 | __func__, tty, UTMP_FILE); |
892 | return (0); | |
893 | } | |
fa64c868 | 894 | if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) { |
5f12e050 | 895 | logit("%s: error writing %s: %s", __func__, |
5abcdf8e | 896 | UTMP_FILE, strerror(errno)); |
fa64c868 | 897 | } |
2b87da3b | 898 | |
fa64c868 | 899 | close(fd); |
900 | return (1); | |
9f32ceb4 | 901 | } else { |
fa64c868 | 902 | return (0); |
9f32ceb4 | 903 | } |
564dd50a | 904 | } |
a05a70ab | 905 | # endif /* UTMP_USE_LIBRARY */ |
1d7b9b20 | 906 | |
907 | static int | |
564dd50a | 908 | utmp_perform_login(struct logininfo *li) |
909 | { | |
1d7b9b20 | 910 | struct utmp ut; |
911 | ||
912 | construct_utmp(li, &ut); | |
a05a70ab | 913 | # ifdef UTMP_USE_LIBRARY |
1d7b9b20 | 914 | if (!utmp_write_library(li, &ut)) { |
a233586b | 915 | logit("%s: utmp_write_library() failed", __func__); |
fa64c868 | 916 | return (0); |
1d7b9b20 | 917 | } |
a05a70ab | 918 | # else |
1d7b9b20 | 919 | if (!utmp_write_direct(li, &ut)) { |
a233586b | 920 | logit("%s: utmp_write_direct() failed", __func__); |
fa64c868 | 921 | return (0); |
1d7b9b20 | 922 | } |
a05a70ab | 923 | # endif |
fa64c868 | 924 | return (1); |
564dd50a | 925 | } |
1d7b9b20 | 926 | |
927 | ||
928 | static int | |
564dd50a | 929 | utmp_perform_logout(struct logininfo *li) |
930 | { | |
1d7b9b20 | 931 | struct utmp ut; |
932 | ||
5abcdf8e | 933 | construct_utmp(li, &ut); |
a05a70ab | 934 | # ifdef UTMP_USE_LIBRARY |
5abcdf8e | 935 | if (!utmp_write_library(li, &ut)) { |
a233586b | 936 | logit("%s: utmp_write_library() failed", __func__); |
fa64c868 | 937 | return (0); |
5abcdf8e | 938 | } |
a05a70ab | 939 | # else |
5abcdf8e | 940 | if (!utmp_write_direct(li, &ut)) { |
a233586b | 941 | logit("%s: utmp_write_direct() failed", __func__); |
fa64c868 | 942 | return (0); |
5abcdf8e | 943 | } |
a05a70ab | 944 | # endif |
fa64c868 | 945 | return (1); |
564dd50a | 946 | } |
1d7b9b20 | 947 | |
948 | ||
949 | int | |
564dd50a | 950 | utmp_write_entry(struct logininfo *li) |
951 | { | |
1d7b9b20 | 952 | switch(li->type) { |
953 | case LTYPE_LOGIN: | |
fa64c868 | 954 | return (utmp_perform_login(li)); |
1d7b9b20 | 955 | |
956 | case LTYPE_LOGOUT: | |
fa64c868 | 957 | return (utmp_perform_logout(li)); |
1d7b9b20 | 958 | |
959 | default: | |
a233586b | 960 | logit("%s: invalid type field", __func__); |
fa64c868 | 961 | return (0); |
1d7b9b20 | 962 | } |
564dd50a | 963 | } |
a05a70ab | 964 | #endif /* USE_UTMP */ |
1d7b9b20 | 965 | |
966 | ||
967 | /** | |
564dd50a | 968 | ** Low-level utmpx functions |
1d7b9b20 | 969 | **/ |
970 | ||
971 | /* not much point if we don't want utmpx entries */ | |
972 | #ifdef USE_UTMPX | |
973 | ||
1d7b9b20 | 974 | /* if we have the wherewithall, use pututxline etc. */ |
a05a70ab | 975 | # if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \ |
976 | defined(HAVE_PUTUTXLINE) | |
1d7b9b20 | 977 | # define UTMPX_USE_LIBRARY |
a05a70ab | 978 | # endif |
1d7b9b20 | 979 | |
980 | ||
981 | /* write a utmpx entry with the system's help (pututxline() and pals) */ | |
a05a70ab | 982 | # ifdef UTMPX_USE_LIBRARY |
1d7b9b20 | 983 | static int |
564dd50a | 984 | utmpx_write_library(struct logininfo *li, struct utmpx *utx) |
985 | { | |
1d7b9b20 | 986 | setutxent(); |
987 | pututxline(utx); | |
988 | ||
a05a70ab | 989 | # ifdef HAVE_ENDUTXENT |
1d7b9b20 | 990 | endutxent(); |
a05a70ab | 991 | # endif |
fa64c868 | 992 | return (1); |
564dd50a | 993 | } |
1d7b9b20 | 994 | |
a05a70ab | 995 | # else /* UTMPX_USE_LIBRARY */ |
1d7b9b20 | 996 | |
997 | /* write a utmp entry direct to the file */ | |
998 | static int | |
564dd50a | 999 | utmpx_write_direct(struct logininfo *li, struct utmpx *utx) |
2b87da3b | 1000 | { |
a233586b | 1001 | logit("%s: not implemented!", __func__); |
fa64c868 | 1002 | return (0); |
564dd50a | 1003 | } |
a05a70ab | 1004 | # endif /* UTMPX_USE_LIBRARY */ |
1d7b9b20 | 1005 | |
1006 | static int | |
564dd50a | 1007 | utmpx_perform_login(struct logininfo *li) |
1008 | { | |
1d7b9b20 | 1009 | struct utmpx utx; |
1010 | ||
1011 | construct_utmpx(li, &utx); | |
a05a70ab | 1012 | # ifdef UTMPX_USE_LIBRARY |
1d7b9b20 | 1013 | if (!utmpx_write_library(li, &utx)) { |
a233586b | 1014 | logit("%s: utmp_write_library() failed", __func__); |
fa64c868 | 1015 | return (0); |
1d7b9b20 | 1016 | } |
a05a70ab | 1017 | # else |
1d7b9b20 | 1018 | if (!utmpx_write_direct(li, &ut)) { |
a233586b | 1019 | logit("%s: utmp_write_direct() failed", __func__); |
fa64c868 | 1020 | return (0); |
1d7b9b20 | 1021 | } |
a05a70ab | 1022 | # endif |
fa64c868 | 1023 | return (1); |
564dd50a | 1024 | } |
1d7b9b20 | 1025 | |
1026 | ||
1027 | static int | |
564dd50a | 1028 | utmpx_perform_logout(struct logininfo *li) |
1029 | { | |
1d7b9b20 | 1030 | struct utmpx utx; |
1031 | ||
f3837bc6 | 1032 | construct_utmpx(li, &utx); |
a05a70ab | 1033 | # ifdef HAVE_ID_IN_UTMPX |
1d7b9b20 | 1034 | line_abbrevname(utx.ut_id, li->line, sizeof(utx.ut_id)); |
a05a70ab | 1035 | # endif |
1036 | # ifdef HAVE_TYPE_IN_UTMPX | |
1d7b9b20 | 1037 | utx.ut_type = DEAD_PROCESS; |
a05a70ab | 1038 | # endif |
1d7b9b20 | 1039 | |
a05a70ab | 1040 | # ifdef UTMPX_USE_LIBRARY |
1d7b9b20 | 1041 | utmpx_write_library(li, &utx); |
a05a70ab | 1042 | # else |
1d7b9b20 | 1043 | utmpx_write_direct(li, &utx); |
a05a70ab | 1044 | # endif |
fa64c868 | 1045 | return (1); |
564dd50a | 1046 | } |
1d7b9b20 | 1047 | |
1d7b9b20 | 1048 | int |
564dd50a | 1049 | utmpx_write_entry(struct logininfo *li) |
1050 | { | |
1d7b9b20 | 1051 | switch(li->type) { |
1052 | case LTYPE_LOGIN: | |
fa64c868 | 1053 | return (utmpx_perform_login(li)); |
1d7b9b20 | 1054 | case LTYPE_LOGOUT: |
fa64c868 | 1055 | return (utmpx_perform_logout(li)); |
1d7b9b20 | 1056 | default: |
a233586b | 1057 | logit("%s: invalid type field", __func__); |
fa64c868 | 1058 | return (0); |
1d7b9b20 | 1059 | } |
564dd50a | 1060 | } |
a05a70ab | 1061 | #endif /* USE_UTMPX */ |
1d7b9b20 | 1062 | |
1063 | ||
1064 | /** | |
564dd50a | 1065 | ** Low-level wtmp functions |
1d7b9b20 | 1066 | **/ |
1067 | ||
2b87da3b | 1068 | #ifdef USE_WTMP |
1d7b9b20 | 1069 | |
d1cf9a87 | 1070 | /* |
fa64c868 | 1071 | * Write a wtmp entry direct to the end of the file |
1072 | * This is a slight modification of code in OpenBSD's logwtmp.c | |
1073 | */ | |
1d7b9b20 | 1074 | static int |
564dd50a | 1075 | wtmp_write(struct logininfo *li, struct utmp *ut) |
1076 | { | |
1d7b9b20 | 1077 | struct stat buf; |
1078 | int fd, ret = 1; | |
1079 | ||
1080 | if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) { | |
a233586b | 1081 | logit("%s: problem writing %s: %s", __func__, |
1d7b9b20 | 1082 | WTMP_FILE, strerror(errno)); |
fa64c868 | 1083 | return (0); |
1d7b9b20 | 1084 | } |
2b87da3b | 1085 | if (fstat(fd, &buf) == 0) |
d72f7b79 | 1086 | if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) { |
1d7b9b20 | 1087 | ftruncate(fd, buf.st_size); |
a233586b | 1088 | logit("%s: problem writing %s: %s", __func__, |
1d7b9b20 | 1089 | WTMP_FILE, strerror(errno)); |
1090 | ret = 0; | |
1091 | } | |
fa64c868 | 1092 | close(fd); |
1093 | return (ret); | |
564dd50a | 1094 | } |
1d7b9b20 | 1095 | |
1d7b9b20 | 1096 | static int |
a05a70ab | 1097 | wtmp_perform_login(struct logininfo *li) |
1098 | { | |
1d7b9b20 | 1099 | struct utmp ut; |
1100 | ||
1101 | construct_utmp(li, &ut); | |
fa64c868 | 1102 | return (wtmp_write(li, &ut)); |
564dd50a | 1103 | } |
1d7b9b20 | 1104 | |
1105 | ||
1106 | static int | |
564dd50a | 1107 | wtmp_perform_logout(struct logininfo *li) |
1108 | { | |
1d7b9b20 | 1109 | struct utmp ut; |
1110 | ||
1111 | construct_utmp(li, &ut); | |
fa64c868 | 1112 | return (wtmp_write(li, &ut)); |
564dd50a | 1113 | } |
1d7b9b20 | 1114 | |
1115 | ||
1116 | int | |
564dd50a | 1117 | wtmp_write_entry(struct logininfo *li) |
1118 | { | |
1d7b9b20 | 1119 | switch(li->type) { |
1120 | case LTYPE_LOGIN: | |
fa64c868 | 1121 | return (wtmp_perform_login(li)); |
1d7b9b20 | 1122 | case LTYPE_LOGOUT: |
fa64c868 | 1123 | return (wtmp_perform_logout(li)); |
1d7b9b20 | 1124 | default: |
a233586b | 1125 | logit("%s: invalid type field", __func__); |
fa64c868 | 1126 | return (0); |
1d7b9b20 | 1127 | } |
564dd50a | 1128 | } |
1d7b9b20 | 1129 | |
1130 | ||
d1cf9a87 | 1131 | /* |
fa64c868 | 1132 | * Notes on fetching login data from wtmp/wtmpx |
2b87da3b | 1133 | * |
5abcdf8e | 1134 | * Logouts are usually recorded with (amongst other things) a blank |
1135 | * username on a given tty line. However, some systems (HP-UX is one) | |
1136 | * leave all fields set, but change the ut_type field to DEAD_PROCESS. | |
1137 | * | |
1138 | * Since we're only looking for logins here, we know that the username | |
1139 | * must be set correctly. On systems that leave it in, we check for | |
1140 | * ut_type==USER_PROCESS (indicating a login.) | |
1141 | * | |
1142 | * Portability: Some systems may set something other than USER_PROCESS | |
1143 | * to indicate a login process. I don't know of any as I write. Also, | |
1144 | * it's possible that some systems may both leave the username in | |
1145 | * place and not have ut_type. | |
1146 | */ | |
1147 | ||
5abcdf8e | 1148 | /* return true if this wtmp entry indicates a login */ |
1149 | static int | |
1150 | wtmp_islogin(struct logininfo *li, struct utmp *ut) | |
1151 | { | |
2b87da3b | 1152 | if (strncmp(li->username, ut->ut_name, |
fa64c868 | 1153 | MIN_SIZEOF(li->username, ut->ut_name)) == 0) { |
a05a70ab | 1154 | # ifdef HAVE_TYPE_IN_UTMP |
5abcdf8e | 1155 | if (ut->ut_type & USER_PROCESS) |
fa64c868 | 1156 | return (1); |
a05a70ab | 1157 | # else |
fa64c868 | 1158 | return (1); |
a05a70ab | 1159 | # endif |
5abcdf8e | 1160 | } |
fa64c868 | 1161 | return (0); |
5abcdf8e | 1162 | } |
1163 | ||
1d7b9b20 | 1164 | int |
564dd50a | 1165 | wtmp_get_entry(struct logininfo *li) |
1166 | { | |
1d7b9b20 | 1167 | struct stat st; |
1168 | struct utmp ut; | |
fa64c868 | 1169 | int fd, found = 0; |
5abcdf8e | 1170 | |
1171 | /* Clear the time entries in our logininfo */ | |
1172 | li->tv_sec = li->tv_usec = 0; | |
1d7b9b20 | 1173 | |
1174 | if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) { | |
d1cf9a87 | 1175 | logit("%s: problem opening %s: %s", __func__, |
1d7b9b20 | 1176 | WTMP_FILE, strerror(errno)); |
fa64c868 | 1177 | return (0); |
1d7b9b20 | 1178 | } |
2b87da3b | 1179 | if (fstat(fd, &st) != 0) { |
d1cf9a87 | 1180 | logit("%s: couldn't stat %s: %s", __func__, |
1d7b9b20 | 1181 | WTMP_FILE, strerror(errno)); |
1182 | close(fd); | |
fa64c868 | 1183 | return (0); |
1d7b9b20 | 1184 | } |
1d7b9b20 | 1185 | |
5abcdf8e | 1186 | /* Seek to the start of the last struct utmp */ |
d9d47a26 | 1187 | if (lseek(fd, -(off_t)sizeof(struct utmp), SEEK_END) == -1) { |
5abcdf8e | 1188 | /* Looks like we've got a fresh wtmp file */ |
1189 | close(fd); | |
fa64c868 | 1190 | return (0); |
5abcdf8e | 1191 | } |
1192 | ||
1193 | while (!found) { | |
9f32ceb4 | 1194 | if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) { |
d1cf9a87 | 1195 | logit("%s: read of %s failed: %s", __func__, |
1d7b9b20 | 1196 | WTMP_FILE, strerror(errno)); |
1197 | close (fd); | |
fa64c868 | 1198 | return (0); |
1d7b9b20 | 1199 | } |
5abcdf8e | 1200 | if ( wtmp_islogin(li, &ut) ) { |
1201 | found = 1; | |
fa64c868 | 1202 | /* |
1203 | * We've already checked for a time in struct | |
1204 | * utmp, in login_getlast() | |
1205 | */ | |
a05a70ab | 1206 | # ifdef HAVE_TIME_IN_UTMP |
1d7b9b20 | 1207 | li->tv_sec = ut.ut_time; |
a05a70ab | 1208 | # else |
1d7b9b20 | 1209 | # if HAVE_TV_IN_UTMP |
1210 | li->tv_sec = ut.ut_tv.tv_sec; | |
1211 | # endif | |
a05a70ab | 1212 | # endif |
5abcdf8e | 1213 | line_fullname(li->line, ut.ut_line, |
fa64c868 | 1214 | MIN_SIZEOF(li->line, ut.ut_line)); |
a05a70ab | 1215 | # ifdef HAVE_HOST_IN_UTMP |
5abcdf8e | 1216 | strlcpy(li->hostname, ut.ut_host, |
fa64c868 | 1217 | MIN_SIZEOF(li->hostname, ut.ut_host)); |
a05a70ab | 1218 | # endif |
5abcdf8e | 1219 | continue; |
1d7b9b20 | 1220 | } |
5abcdf8e | 1221 | /* Seek back 2 x struct utmp */ |
d9d47a26 | 1222 | if (lseek(fd, -(off_t)(2 * sizeof(struct utmp)), SEEK_CUR) == -1) { |
5abcdf8e | 1223 | /* We've found the start of the file, so quit */ |
fa64c868 | 1224 | close(fd); |
1225 | return (0); | |
1d7b9b20 | 1226 | } |
5abcdf8e | 1227 | } |
1228 | ||
1229 | /* We found an entry. Tidy up and return */ | |
1230 | close(fd); | |
fa64c868 | 1231 | return (1); |
564dd50a | 1232 | } |
a05a70ab | 1233 | # endif /* USE_WTMP */ |
1d7b9b20 | 1234 | |
1235 | ||
1236 | /** | |
564dd50a | 1237 | ** Low-level wtmpx functions |
1d7b9b20 | 1238 | **/ |
1239 | ||
1240 | #ifdef USE_WTMPX | |
fa64c868 | 1241 | /* |
1242 | * Write a wtmpx entry direct to the end of the file | |
1243 | * This is a slight modification of code in OpenBSD's logwtmp.c | |
1244 | */ | |
1d7b9b20 | 1245 | static int |
564dd50a | 1246 | wtmpx_write(struct logininfo *li, struct utmpx *utx) |
1247 | { | |
41c64c91 | 1248 | #ifndef HAVE_UPDWTMPX |
1d7b9b20 | 1249 | struct stat buf; |
1250 | int fd, ret = 1; | |
1251 | ||
1252 | if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) { | |
d1cf9a87 | 1253 | logit("%s: problem opening %s: %s", __func__, |
1d7b9b20 | 1254 | WTMPX_FILE, strerror(errno)); |
fa64c868 | 1255 | return (0); |
1d7b9b20 | 1256 | } |
1257 | ||
2b87da3b | 1258 | if (fstat(fd, &buf) == 0) |
d72f7b79 | 1259 | if (atomicio(vwrite, fd, utx, sizeof(*utx)) != sizeof(*utx)) { |
1d7b9b20 | 1260 | ftruncate(fd, buf.st_size); |
a233586b | 1261 | logit("%s: problem writing %s: %s", __func__, |
1d7b9b20 | 1262 | WTMPX_FILE, strerror(errno)); |
1263 | ret = 0; | |
1264 | } | |
fa64c868 | 1265 | close(fd); |
1d7b9b20 | 1266 | |
fa64c868 | 1267 | return (ret); |
41c64c91 | 1268 | #else |
1269 | updwtmpx(WTMPX_FILE, utx); | |
fa64c868 | 1270 | return (1); |
41c64c91 | 1271 | #endif |
564dd50a | 1272 | } |
1d7b9b20 | 1273 | |
1274 | ||
1275 | static int | |
564dd50a | 1276 | wtmpx_perform_login(struct logininfo *li) |
1277 | { | |
1d7b9b20 | 1278 | struct utmpx utx; |
1279 | ||
1280 | construct_utmpx(li, &utx); | |
fa64c868 | 1281 | return (wtmpx_write(li, &utx)); |
564dd50a | 1282 | } |
1d7b9b20 | 1283 | |
1284 | ||
1285 | static int | |
564dd50a | 1286 | wtmpx_perform_logout(struct logininfo *li) |
1287 | { | |
1d7b9b20 | 1288 | struct utmpx utx; |
1289 | ||
1290 | construct_utmpx(li, &utx); | |
fa64c868 | 1291 | return (wtmpx_write(li, &utx)); |
564dd50a | 1292 | } |
1d7b9b20 | 1293 | |
1294 | ||
1295 | int | |
564dd50a | 1296 | wtmpx_write_entry(struct logininfo *li) |
1297 | { | |
1d7b9b20 | 1298 | switch(li->type) { |
1299 | case LTYPE_LOGIN: | |
fa64c868 | 1300 | return (wtmpx_perform_login(li)); |
1d7b9b20 | 1301 | case LTYPE_LOGOUT: |
fa64c868 | 1302 | return (wtmpx_perform_logout(li)); |
1d7b9b20 | 1303 | default: |
a233586b | 1304 | logit("%s: invalid type field", __func__); |
fa64c868 | 1305 | return (0); |
1d7b9b20 | 1306 | } |
564dd50a | 1307 | } |
1d7b9b20 | 1308 | |
5abcdf8e | 1309 | /* Please see the notes above wtmp_islogin() for information about the |
1310 | next two functions */ | |
1311 | ||
1312 | /* Return true if this wtmpx entry indicates a login */ | |
1313 | static int | |
1314 | wtmpx_islogin(struct logininfo *li, struct utmpx *utx) | |
1315 | { | |
fa64c868 | 1316 | if (strncmp(li->username, utx->ut_name, |
1317 | MIN_SIZEOF(li->username, utx->ut_name)) == 0 ) { | |
a05a70ab | 1318 | # ifdef HAVE_TYPE_IN_UTMPX |
5abcdf8e | 1319 | if (utx->ut_type == USER_PROCESS) |
fa64c868 | 1320 | return (1); |
a05a70ab | 1321 | # else |
fa64c868 | 1322 | return (1); |
a05a70ab | 1323 | # endif |
5abcdf8e | 1324 | } |
fa64c868 | 1325 | return (0); |
5abcdf8e | 1326 | } |
1327 | ||
1d7b9b20 | 1328 | |
1329 | int | |
564dd50a | 1330 | wtmpx_get_entry(struct logininfo *li) |
1331 | { | |
1d7b9b20 | 1332 | struct stat st; |
1333 | struct utmpx utx; | |
5abcdf8e | 1334 | int fd, found=0; |
1335 | ||
1336 | /* Clear the time entries */ | |
1337 | li->tv_sec = li->tv_usec = 0; | |
1d7b9b20 | 1338 | |
1339 | if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) { | |
d1cf9a87 | 1340 | logit("%s: problem opening %s: %s", __func__, |
1d7b9b20 | 1341 | WTMPX_FILE, strerror(errno)); |
fa64c868 | 1342 | return (0); |
1d7b9b20 | 1343 | } |
2b87da3b | 1344 | if (fstat(fd, &st) != 0) { |
d1cf9a87 | 1345 | logit("%s: couldn't stat %s: %s", __func__, |
fdebdd4f | 1346 | WTMPX_FILE, strerror(errno)); |
1d7b9b20 | 1347 | close(fd); |
fa64c868 | 1348 | return (0); |
1d7b9b20 | 1349 | } |
2b87da3b | 1350 | |
5abcdf8e | 1351 | /* Seek to the start of the last struct utmpx */ |
d9d47a26 | 1352 | if (lseek(fd, -(off_t)sizeof(struct utmpx), SEEK_END) == -1 ) { |
5abcdf8e | 1353 | /* probably a newly rotated wtmpx file */ |
1354 | close(fd); | |
fa64c868 | 1355 | return (0); |
5abcdf8e | 1356 | } |
1d7b9b20 | 1357 | |
5abcdf8e | 1358 | while (!found) { |
9f32ceb4 | 1359 | if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) { |
d1cf9a87 | 1360 | logit("%s: read of %s failed: %s", __func__, |
1d7b9b20 | 1361 | WTMPX_FILE, strerror(errno)); |
1362 | close (fd); | |
fa64c868 | 1363 | return (0); |
1d7b9b20 | 1364 | } |
fa64c868 | 1365 | /* |
d1cf9a87 | 1366 | * Logouts are recorded as a blank username on a particular |
fa64c868 | 1367 | * line. So, we just need to find the username in struct utmpx |
1368 | */ | |
1369 | if (wtmpx_islogin(li, &utx)) { | |
d80063fe | 1370 | found = 1; |
fa64c868 | 1371 | # if defined(HAVE_TV_IN_UTMPX) |
1d7b9b20 | 1372 | li->tv_sec = utx.ut_tv.tv_sec; |
fa64c868 | 1373 | # elif defined(HAVE_TIME_IN_UTMPX) |
1d7b9b20 | 1374 | li->tv_sec = utx.ut_time; |
a05a70ab | 1375 | # endif |
a4d05724 | 1376 | line_fullname(li->line, utx.ut_line, sizeof(li->line)); |
fa64c868 | 1377 | # if defined(HAVE_HOST_IN_UTMPX) |
5abcdf8e | 1378 | strlcpy(li->hostname, utx.ut_host, |
fa64c868 | 1379 | MIN_SIZEOF(li->hostname, utx.ut_host)); |
a05a70ab | 1380 | # endif |
5abcdf8e | 1381 | continue; |
1d7b9b20 | 1382 | } |
d9d47a26 | 1383 | if (lseek(fd, -(off_t)(2 * sizeof(struct utmpx)), SEEK_CUR) == -1) { |
fa64c868 | 1384 | close(fd); |
1385 | return (0); | |
1d7b9b20 | 1386 | } |
5abcdf8e | 1387 | } |
1388 | ||
1389 | close(fd); | |
fa64c868 | 1390 | return (1); |
564dd50a | 1391 | } |
f988dce5 | 1392 | #endif /* USE_WTMPX */ |
1d7b9b20 | 1393 | |
1d7b9b20 | 1394 | /** |
564dd50a | 1395 | ** Low-level libutil login() functions |
1d7b9b20 | 1396 | **/ |
1397 | ||
1398 | #ifdef USE_LOGIN | |
1d7b9b20 | 1399 | static int |
564dd50a | 1400 | syslogin_perform_login(struct logininfo *li) |
1401 | { | |
1d7b9b20 | 1402 | struct utmp *ut; |
1403 | ||
7a52470e | 1404 | ut = xmalloc(sizeof(*ut)); |
1d7b9b20 | 1405 | construct_utmp(li, ut); |
1406 | login(ut); | |
6cef88bc | 1407 | free(ut); |
1d7b9b20 | 1408 | |
fa64c868 | 1409 | return (1); |
564dd50a | 1410 | } |
1d7b9b20 | 1411 | |
564dd50a | 1412 | static int |
1413 | syslogin_perform_logout(struct logininfo *li) | |
1414 | { | |
a05a70ab | 1415 | # ifdef HAVE_LOGOUT |
f20d4564 | 1416 | char line[UT_LINESIZE]; |
2b87da3b | 1417 | |
1d7b9b20 | 1418 | (void)line_stripname(line, li->line, sizeof(line)); |
1419 | ||
fa64c868 | 1420 | if (!logout(line)) |
a233586b | 1421 | logit("%s: logout() returned an error", __func__); |
a05a70ab | 1422 | # ifdef HAVE_LOGWTMP |
fa64c868 | 1423 | else |
1d7b9b20 | 1424 | logwtmp(line, "", ""); |
a05a70ab | 1425 | # endif |
5abcdf8e | 1426 | /* FIXME: (ATL - if the need arises) What to do if we have |
1427 | * login, but no logout? what if logout but no logwtmp? All | |
1428 | * routines are in libutil so they should all be there, | |
1429 | * but... */ | |
a05a70ab | 1430 | # endif |
fa64c868 | 1431 | return (1); |
564dd50a | 1432 | } |
1d7b9b20 | 1433 | |
1d7b9b20 | 1434 | int |
564dd50a | 1435 | syslogin_write_entry(struct logininfo *li) |
1436 | { | |
1d7b9b20 | 1437 | switch (li->type) { |
1438 | case LTYPE_LOGIN: | |
fa64c868 | 1439 | return (syslogin_perform_login(li)); |
1d7b9b20 | 1440 | case LTYPE_LOGOUT: |
fa64c868 | 1441 | return (syslogin_perform_logout(li)); |
1d7b9b20 | 1442 | default: |
a233586b | 1443 | logit("%s: Invalid type field", __func__); |
fa64c868 | 1444 | return (0); |
1d7b9b20 | 1445 | } |
564dd50a | 1446 | } |
f988dce5 | 1447 | #endif /* USE_LOGIN */ |
1d7b9b20 | 1448 | |
1449 | /* end of file log-syslogin.c */ | |
1450 | ||
1d7b9b20 | 1451 | /** |
564dd50a | 1452 | ** Low-level lastlog functions |
1d7b9b20 | 1453 | **/ |
1454 | ||
1455 | #ifdef USE_LASTLOG | |
a05a70ab | 1456 | #define LL_FILE 1 |
1457 | #define LL_DIR 2 | |
1458 | #define LL_OTHER 3 | |
1d7b9b20 | 1459 | |
1d7b9b20 | 1460 | static void |
564dd50a | 1461 | lastlog_construct(struct logininfo *li, struct lastlog *last) |
1462 | { | |
1d7b9b20 | 1463 | /* clear the structure */ |
dbaa2e87 | 1464 | memset(last, '\0', sizeof(*last)); |
2b87da3b | 1465 | |
fa64c868 | 1466 | line_stripname(last->ll_line, li->line, sizeof(last->ll_line)); |
5abcdf8e | 1467 | strlcpy(last->ll_host, li->hostname, |
1468 | MIN_SIZEOF(last->ll_host, li->hostname)); | |
1d7b9b20 | 1469 | last->ll_time = li->tv_sec; |
564dd50a | 1470 | } |
1d7b9b20 | 1471 | |
1d7b9b20 | 1472 | static int |
564dd50a | 1473 | lastlog_filetype(char *filename) |
1474 | { | |
1d7b9b20 | 1475 | struct stat st; |
1476 | ||
a05a70ab | 1477 | if (stat(LASTLOG_FILE, &st) != 0) { |
a233586b | 1478 | logit("%s: Couldn't stat %s: %s", __func__, |
fa64c868 | 1479 | LASTLOG_FILE, strerror(errno)); |
1480 | return (0); | |
1d7b9b20 | 1481 | } |
1d7b9b20 | 1482 | if (S_ISDIR(st.st_mode)) |
fa64c868 | 1483 | return (LL_DIR); |
1d7b9b20 | 1484 | else if (S_ISREG(st.st_mode)) |
fa64c868 | 1485 | return (LL_FILE); |
1d7b9b20 | 1486 | else |
fa64c868 | 1487 | return (LL_OTHER); |
564dd50a | 1488 | } |
1d7b9b20 | 1489 | |
1490 | ||
1491 | /* open the file (using filemode) and seek to the login entry */ | |
1492 | static int | |
564dd50a | 1493 | lastlog_openseek(struct logininfo *li, int *fd, int filemode) |
1494 | { | |
1d7b9b20 | 1495 | off_t offset; |
1496 | int type; | |
1497 | char lastlog_file[1024]; | |
1498 | ||
1499 | type = lastlog_filetype(LASTLOG_FILE); | |
1500 | switch (type) { | |
fa64c868 | 1501 | case LL_FILE: |
1502 | strlcpy(lastlog_file, LASTLOG_FILE, | |
1503 | sizeof(lastlog_file)); | |
1504 | break; | |
1505 | case LL_DIR: | |
1506 | snprintf(lastlog_file, sizeof(lastlog_file), "%s/%s", | |
1507 | LASTLOG_FILE, li->username); | |
1508 | break; | |
1509 | default: | |
a233586b | 1510 | logit("%s: %.100s is not a file or directory!", __func__, |
fa64c868 | 1511 | LASTLOG_FILE); |
1512 | return (0); | |
a05a70ab | 1513 | } |
1d7b9b20 | 1514 | |
ee476051 | 1515 | *fd = open(lastlog_file, filemode, 0600); |
fa64c868 | 1516 | if (*fd < 0) { |
a233586b | 1517 | debug("%s: Couldn't open %s: %s", __func__, |
1d7b9b20 | 1518 | lastlog_file, strerror(errno)); |
fa64c868 | 1519 | return (0); |
1d7b9b20 | 1520 | } |
2b87da3b | 1521 | |
d93a7e5a | 1522 | if (type == LL_FILE) { |
1523 | /* find this uid's offset in the lastlog file */ | |
d9d47a26 | 1524 | offset = (off_t) ((long)li->uid * sizeof(struct lastlog)); |
1d7b9b20 | 1525 | |
fa64c868 | 1526 | if (lseek(*fd, offset, SEEK_SET) != offset) { |
a233586b | 1527 | logit("%s: %s->lseek(): %s", __func__, |
1528 | lastlog_file, strerror(errno)); | |
fa64c868 | 1529 | return (0); |
d93a7e5a | 1530 | } |
1d7b9b20 | 1531 | } |
2b87da3b | 1532 | |
fa64c868 | 1533 | return (1); |
564dd50a | 1534 | } |
1d7b9b20 | 1535 | |
1536 | static int | |
564dd50a | 1537 | lastlog_perform_login(struct logininfo *li) |
1538 | { | |
1d7b9b20 | 1539 | struct lastlog last; |
1540 | int fd; | |
1541 | ||
1542 | /* create our struct lastlog */ | |
1543 | lastlog_construct(li, &last); | |
1544 | ||
ee476051 | 1545 | if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT)) |
fa64c868 | 1546 | return (0); |
2b87da3b | 1547 | |
1d7b9b20 | 1548 | /* write the entry */ |
d72f7b79 | 1549 | if (atomicio(vwrite, fd, &last, sizeof(last)) != sizeof(last)) { |
1a022229 | 1550 | close(fd); |
a233586b | 1551 | logit("%s: Error writing to %s: %s", __func__, |
1a022229 | 1552 | LASTLOG_FILE, strerror(errno)); |
fa64c868 | 1553 | return (0); |
a05a70ab | 1554 | } |
1a022229 | 1555 | |
1556 | close(fd); | |
fa64c868 | 1557 | return (1); |
564dd50a | 1558 | } |
1d7b9b20 | 1559 | |
1d7b9b20 | 1560 | int |
564dd50a | 1561 | lastlog_write_entry(struct logininfo *li) |
1562 | { | |
1d7b9b20 | 1563 | switch(li->type) { |
1564 | case LTYPE_LOGIN: | |
fa64c868 | 1565 | return (lastlog_perform_login(li)); |
1d7b9b20 | 1566 | default: |
a233586b | 1567 | logit("%s: Invalid type field", __func__); |
fa64c868 | 1568 | return (0); |
1d7b9b20 | 1569 | } |
564dd50a | 1570 | } |
1d7b9b20 | 1571 | |
1d7b9b20 | 1572 | static void |
564dd50a | 1573 | lastlog_populate_entry(struct logininfo *li, struct lastlog *last) |
1574 | { | |
1d7b9b20 | 1575 | line_fullname(li->line, last->ll_line, sizeof(li->line)); |
2b87da3b | 1576 | strlcpy(li->hostname, last->ll_host, |
fa64c868 | 1577 | MIN_SIZEOF(li->hostname, last->ll_host)); |
1d7b9b20 | 1578 | li->tv_sec = last->ll_time; |
564dd50a | 1579 | } |
1d7b9b20 | 1580 | |
1d7b9b20 | 1581 | int |
564dd50a | 1582 | lastlog_get_entry(struct logininfo *li) |
1583 | { | |
1d7b9b20 | 1584 | struct lastlog last; |
ed05a983 | 1585 | int fd, ret; |
1d7b9b20 | 1586 | |
ce49121d | 1587 | if (!lastlog_openseek(li, &fd, O_RDONLY)) |
ed05a983 | 1588 | return (0); |
ce49121d | 1589 | |
ed05a983 | 1590 | ret = atomicio(read, fd, &last, sizeof(last)); |
ce49121d | 1591 | close(fd); |
1592 | ||
ed05a983 | 1593 | switch (ret) { |
1594 | case 0: | |
1595 | memset(&last, '\0', sizeof(last)); | |
1596 | /* FALLTHRU */ | |
1597 | case sizeof(last): | |
1598 | lastlog_populate_entry(li, &last); | |
1599 | return (1); | |
1600 | case -1: | |
aff51935 | 1601 | error("%s: Error reading from %s: %s", __func__, |
ed05a983 | 1602 | LASTLOG_FILE, strerror(errno)); |
1603 | return (0); | |
1604 | default: | |
1605 | error("%s: Error reading from %s: Expecting %d, got %d", | |
dfde7f6e | 1606 | __func__, LASTLOG_FILE, (int)sizeof(last), ret); |
ed05a983 | 1607 | return (0); |
1608 | } | |
ce49121d | 1609 | |
ed05a983 | 1610 | /* NOTREACHED */ |
1611 | return (0); | |
564dd50a | 1612 | } |
f988dce5 | 1613 | #endif /* USE_LASTLOG */ |
b6610e8f | 1614 | |
1615 | #ifdef USE_BTMP | |
1616 | /* | |
1617 | * Logs failed login attempts in _PATH_BTMP if that exists. | |
1618 | * The most common login failure is to give password instead of username. | |
1619 | * So the _PATH_BTMP file checked for the correct permission, so that | |
1620 | * only root can read it. | |
1621 | */ | |
1622 | ||
1623 | void | |
1624 | record_failed_login(const char *username, const char *hostname, | |
1625 | const char *ttyn) | |
1626 | { | |
1627 | int fd; | |
1628 | struct utmp ut; | |
1629 | struct sockaddr_storage from; | |
dfde7f6e | 1630 | socklen_t fromlen = sizeof(from); |
b6610e8f | 1631 | struct sockaddr_in *a4; |
1632 | struct sockaddr_in6 *a6; | |
1633 | time_t t; | |
1634 | struct stat fst; | |
1635 | ||
1636 | if (geteuid() != 0) | |
1637 | return; | |
1638 | if ((fd = open(_PATH_BTMP, O_WRONLY | O_APPEND)) < 0) { | |
1639 | debug("Unable to open the btmp file %s: %s", _PATH_BTMP, | |
1640 | strerror(errno)); | |
1641 | return; | |
1642 | } | |
1643 | if (fstat(fd, &fst) < 0) { | |
1644 | logit("%s: fstat of %s failed: %s", __func__, _PATH_BTMP, | |
1645 | strerror(errno)); | |
1646 | goto out; | |
1647 | } | |
1648 | if((fst.st_mode & (S_IRWXG | S_IRWXO)) || (fst.st_uid != 0)){ | |
1649 | logit("Excess permission or bad ownership on file %s", | |
1650 | _PATH_BTMP); | |
1651 | goto out; | |
1652 | } | |
1653 | ||
1654 | memset(&ut, 0, sizeof(ut)); | |
1655 | /* strncpy because we don't necessarily want nul termination */ | |
1656 | strncpy(ut.ut_user, username, sizeof(ut.ut_user)); | |
1657 | strlcpy(ut.ut_line, "ssh:notty", sizeof(ut.ut_line)); | |
1658 | ||
1659 | time(&t); | |
1660 | ut.ut_time = t; /* ut_time is not always a time_t */ | |
1661 | ut.ut_type = LOGIN_PROCESS; | |
1662 | ut.ut_pid = getpid(); | |
1663 | ||
1664 | /* strncpy because we don't necessarily want nul termination */ | |
1665 | strncpy(ut.ut_host, hostname, sizeof(ut.ut_host)); | |
1666 | ||
1667 | if (packet_connection_is_on_socket() && | |
1668 | getpeername(packet_get_connection_in(), | |
1669 | (struct sockaddr *)&from, &fromlen) == 0) { | |
1670 | ipv64_normalise_mapped(&from, &fromlen); | |
1671 | if (from.ss_family == AF_INET) { | |
1672 | a4 = (struct sockaddr_in *)&from; | |
1673 | memcpy(&ut.ut_addr, &(a4->sin_addr), | |
1674 | MIN_SIZEOF(ut.ut_addr, a4->sin_addr)); | |
1675 | } | |
1676 | #ifdef HAVE_ADDR_V6_IN_UTMP | |
1677 | if (from.ss_family == AF_INET6) { | |
1678 | a6 = (struct sockaddr_in6 *)&from; | |
1679 | memcpy(&ut.ut_addr_v6, &(a6->sin6_addr), | |
1680 | MIN_SIZEOF(ut.ut_addr_v6, a6->sin6_addr)); | |
1681 | } | |
1682 | #endif | |
1683 | } | |
1684 | ||
1685 | if (atomicio(vwrite, fd, &ut, sizeof(ut)) != sizeof(ut)) | |
1686 | error("Failed to write to %s: %s", _PATH_BTMP, | |
1687 | strerror(errno)); | |
1688 | ||
1689 | out: | |
1690 | close(fd); | |
1691 | } | |
1692 | #endif /* USE_BTMP */ |