diff options
| author | Damien Miller <djm@mindrot.org> | 1999-11-25 00:26:21 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 1999-11-25 00:26:21 +1100 |
| commit | 95def09838fc61b37b6ea7cd5c234a465b4b129b (patch) | |
| tree | 042744f76f40a326b873cb1c3690a6d7d966bc3e /login.c | |
| parent | 4d2f15f895f4c795afc008aeff3fd2ceffbc44f4 (diff) | |
- Merged very large OpenBSD source code reformat
- OpenBSD CVS updates
- [channels.c cipher.c compat.c log-client.c scp.c serverloop.c]
[ssh.h sshd.8 sshd.c]
syslog changes:
* Unified Logmessage for all auth-types, for success and for failed
* Standard connections get only ONE line in the LOG when level==LOG:
Auth-attempts are logged only, if authentication is:
a) successfull or
b) with passwd or
c) we had more than AUTH_FAIL_LOG failues
* many log() became verbose()
* old behaviour with level=VERBOSE
- [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c]
tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE
messages. allows use of s/key in windows (ttssh, securecrt) and
ssh-1.2.27 clients without 'ssh -v', ok: niels@
- [sshd.8]
-V, for fallback to openssh in SSH2 compatibility mode
- [sshd.c]
fix sigchld race; cjc5@po.cwru.edu
Diffstat (limited to 'login.c')
| -rw-r--r-- | login.c | 193 |
1 files changed, 97 insertions, 96 deletions
| @@ -1,128 +1,129 @@ | |||
| 1 | /* | 1 | /* |
| 2 | 2 | * | |
| 3 | login.c | 3 | * login.c |
| 4 | 4 | * | |
| 5 | Author: Tatu Ylonen <ylo@cs.hut.fi> | 5 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 6 | 6 | * | |
| 7 | Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 7 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 8 | All rights reserved | 8 | * All rights reserved |
| 9 | 9 | * | |
| 10 | Created: Fri Mar 24 14:51:08 1995 ylo | 10 | * Created: Fri Mar 24 14:51:08 1995 ylo |
| 11 | 11 | * | |
| 12 | This file performs some of the things login(1) normally does. We cannot | 12 | * This file performs some of the things login(1) normally does. We cannot |
| 13 | easily use something like login -p -h host -f user, because there are | 13 | * easily use something like login -p -h host -f user, because there are |
| 14 | several different logins around, and it is hard to determined what kind of | 14 | * several different logins around, and it is hard to determined what kind of |
| 15 | login the current system has. Also, we want to be able to execute commands | 15 | * login the current system has. Also, we want to be able to execute commands |
| 16 | on a tty. | 16 | * on a tty. |
| 17 | 17 | * | |
| 18 | */ | 18 | */ |
| 19 | 19 | ||
| 20 | #include "includes.h" | 20 | #include "includes.h" |
| 21 | RCSID("$Id: login.c,v 1.2 1999/11/10 23:40:23 damien Exp $"); | 21 | RCSID("$Id: login.c,v 1.3 1999/11/24 13:26:22 damien Exp $"); |
| 22 | 22 | ||
| 23 | #include <utmp.h> | 23 | #include <utmp.h> |
| 24 | #include "ssh.h" | ||
| 24 | 25 | ||
| 26 | #ifdef HAVE_UTIL_H | ||
| 27 | # include <util.h> | ||
| 28 | #endif | ||
| 25 | #ifdef HAVE_LASTLOG_H | 29 | #ifdef HAVE_LASTLOG_H |
| 26 | # include <lastlog.h> | 30 | # include <lastlog.h> |
| 27 | #endif | 31 | #endif |
| 28 | 32 | ||
| 29 | #include "ssh.h" | 33 | /* Returns the time when the user last logged in. Returns 0 if the |
| 30 | 34 | information is not available. This must be called before record_login. | |
| 31 | /* Returns the time when the user last logged in. Returns 0 if the | ||
| 32 | information is not available. This must be called before record_login. | ||
| 33 | The host the user logged in from will be returned in buf. */ | 35 | The host the user logged in from will be returned in buf. */ |
| 34 | 36 | ||
| 35 | /* Returns the time when the user last logged in (or 0 if no previous login | 37 | /* Returns the time when the user last logged in (or 0 if no previous login |
| 36 | is found). The name of the host used last time is returned in buf. */ | 38 | is found). The name of the host used last time is returned in buf. */ |
| 37 | 39 | ||
| 38 | unsigned long get_last_login_time(uid_t uid, const char *logname, | 40 | unsigned long |
| 39 | char *buf, unsigned int bufsize) | 41 | get_last_login_time(uid_t uid, const char *logname, |
| 42 | char *buf, unsigned int bufsize) | ||
| 40 | { | 43 | { |
| 41 | struct lastlog ll; | 44 | struct lastlog ll; |
| 42 | char *lastlog; | 45 | char *lastlog; |
| 43 | int fd; | 46 | int fd; |
| 44 | 47 | ||
| 45 | lastlog = _PATH_LASTLOG; | 48 | lastlog = _PATH_LASTLOG; |
| 46 | 49 | buf[0] = '\0'; | |
| 47 | buf[0] = '\0'; | 50 | |
| 48 | 51 | fd = open(lastlog, O_RDONLY); | |
| 49 | fd = open(lastlog, O_RDONLY); | 52 | if (fd < 0) |
| 50 | if (fd < 0) | 53 | return 0; |
| 51 | return 0; | 54 | lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET); |
| 52 | lseek(fd, (off_t)((long)uid * sizeof(ll)), SEEK_SET); | 55 | if (read(fd, &ll, sizeof(ll)) != sizeof(ll)) { |
| 53 | if (read(fd, &ll, sizeof(ll)) != sizeof(ll)) | 56 | close(fd); |
| 54 | { | 57 | return 0; |
| 55 | close(fd); | 58 | } |
| 56 | return 0; | 59 | close(fd); |
| 57 | } | 60 | if (bufsize > sizeof(ll.ll_host) + 1) |
| 58 | close(fd); | 61 | bufsize = sizeof(ll.ll_host) + 1; |
| 59 | if (bufsize > sizeof(ll.ll_host) + 1) | 62 | strncpy(buf, ll.ll_host, bufsize - 1); |
| 60 | bufsize = sizeof(ll.ll_host) + 1; | 63 | buf[bufsize - 1] = 0; |
| 61 | strncpy(buf, ll.ll_host, bufsize - 1); | 64 | return ll.ll_time; |
| 62 | buf[bufsize - 1] = 0; | ||
| 63 | return ll.ll_time; | ||
| 64 | } | 65 | } |
| 65 | 66 | ||
| 66 | /* Records that the user has logged in. I these parts of operating systems | 67 | /* Records that the user has logged in. I these parts of operating systems |
| 67 | were more standardized. */ | 68 | were more standardized. */ |
| 68 | 69 | ||
| 69 | void record_login(int pid, const char *ttyname, const char *user, uid_t uid, | 70 | void |
| 70 | const char *host, struct sockaddr_in *addr) | 71 | record_login(int pid, const char *ttyname, const char *user, uid_t uid, |
| 72 | const char *host, struct sockaddr_in * addr) | ||
| 71 | { | 73 | { |
| 72 | int fd; | 74 | int fd; |
| 73 | struct lastlog ll; | 75 | struct lastlog ll; |
| 74 | char *lastlog; | 76 | char *lastlog; |
| 75 | 77 | struct utmp u; | |
| 76 | struct utmp u; | 78 | const char *utmp, *wtmp; |
| 77 | const char *utmp, *wtmp; | 79 | |
| 78 | 80 | /* Construct an utmp/wtmp entry. */ | |
| 79 | /* Construct an utmp/wtmp entry. */ | 81 | memset(&u, 0, sizeof(u)); |
| 80 | memset(&u, 0, sizeof(u)); | 82 | strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line)); |
| 81 | strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line)); | 83 | u.ut_time = time(NULL); |
| 82 | u.ut_time = time(NULL); | 84 | strncpy(u.ut_name, user, sizeof(u.ut_name)); |
| 83 | strncpy(u.ut_name, user, sizeof(u.ut_name)); | ||
| 84 | #ifdef HAVE_HOST_IN_UTMP | 85 | #ifdef HAVE_HOST_IN_UTMP |
| 85 | strncpy(u.ut_host, host, sizeof(u.ut_host)); | 86 | strncpy(u.ut_host, host, sizeof(u.ut_host)); |
| 86 | #endif | 87 | #endif |
| 87 | 88 | ||
| 88 | /* Figure out the file names. */ | 89 | /* Figure out the file names. */ |
| 89 | utmp = _PATH_UTMP; | 90 | utmp = _PATH_UTMP; |
| 90 | wtmp = _PATH_WTMP; | 91 | wtmp = _PATH_WTMP; |
| 91 | 92 | ||
| 92 | login(&u); | 93 | login(&u); |
| 93 | 94 | lastlog = _PATH_LASTLOG; | |
| 94 | lastlog = _PATH_LASTLOG; | 95 | |
| 95 | 96 | /* Update lastlog unless actually recording a logout. */ | |
| 96 | /* Update lastlog unless actually recording a logout. */ | 97 | if (strcmp(user, "") != 0) { |
| 97 | if (strcmp(user, "") != 0) | 98 | /* It is safer to bzero the lastlog structure first |
| 98 | { | 99 | because some systems might have some extra fields in it |
| 99 | /* It is safer to bzero the lastlog structure first because some | 100 | (e.g. SGI) */ |
| 100 | systems might have some extra fields in it (e.g. SGI) */ | 101 | memset(&ll, 0, sizeof(ll)); |
| 101 | memset(&ll, 0, sizeof(ll)); | 102 | |
| 102 | 103 | /* Update lastlog. */ | |
| 103 | /* Update lastlog. */ | 104 | ll.ll_time = time(NULL); |
| 104 | ll.ll_time = time(NULL); | 105 | strncpy(ll.ll_line, ttyname + 5, sizeof(ll.ll_line)); |
| 105 | strncpy(ll.ll_line, ttyname + 5, sizeof(ll.ll_line)); | 106 | strncpy(ll.ll_host, host, sizeof(ll.ll_host)); |
| 106 | strncpy(ll.ll_host, host, sizeof(ll.ll_host)); | 107 | fd = open(lastlog, O_RDWR); |
| 107 | fd = open(lastlog, O_RDWR); | 108 | if (fd >= 0) { |
| 108 | if (fd >= 0) | 109 | lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET); |
| 109 | { | 110 | if (write(fd, &ll, sizeof(ll)) != sizeof(ll)) |
| 110 | lseek(fd, (off_t)((long)uid * sizeof(ll)), SEEK_SET); | 111 | log("Could not write %.100s: %.100s", lastlog, strerror(errno)); |
| 111 | if (write(fd, &ll, sizeof(ll)) != sizeof(ll)) | 112 | close(fd); |
| 112 | log("Could not write %.100s: %.100s", lastlog, strerror(errno)); | 113 | } |
| 113 | close(fd); | ||
| 114 | } | 114 | } |
| 115 | } | ||
| 116 | } | 115 | } |
| 117 | 116 | ||
| 118 | void record_logout(int pid, const char *ttyname) | 117 | /* Records that the user has logged out. */ |
| 118 | |||
| 119 | void | ||
| 120 | record_logout(int pid, const char *ttyname) | ||
| 119 | { | 121 | { |
| 120 | #ifdef HAVE_LIBUTIL_LOGIN | 122 | #ifdef HAVE_LIBUTIL_LOGIN |
| 121 | const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */ | 123 | const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */ |
| 122 | if (logout(line)) | 124 | if (logout(line)) |
| 123 | logwtmp(line, "", ""); | 125 | logwtmp(line, "", ""); |
| 124 | #else /* HAVE_LIBUTIL_LOGIN */ | 126 | #else /* HAVE_LIBUTIL_LOGIN */ |
| 125 | record_login(pid, ttyname, "", -1, "", NULL); | 127 | record_login(pid, ttyname, "", -1, "", NULL); |
| 126 | #endif /* HAVE_LIBUTIL_LOGIN */ | 128 | #endif /* HAVE_LIBUTIL_LOGIN */ |
| 127 | } | 129 | } |
| 128 | |||