diff options
Diffstat (limited to 'loginrec.c')
| -rw-r--r-- | loginrec.c | 28 |
1 files changed, 18 insertions, 10 deletions
diff --git a/loginrec.c b/loginrec.c index 6f655cb16..32941c985 100644 --- a/loginrec.c +++ b/loginrec.c | |||
| @@ -273,7 +273,7 @@ login_logout(struct logininfo *li) | |||
| 273 | * try to retrieve lastlog information from wtmp/wtmpx. | 273 | * try to retrieve lastlog information from wtmp/wtmpx. |
| 274 | */ | 274 | */ |
| 275 | unsigned int | 275 | unsigned int |
| 276 | login_get_lastlog_time(const int uid) | 276 | login_get_lastlog_time(const uid_t uid) |
| 277 | { | 277 | { |
| 278 | struct logininfo li; | 278 | struct logininfo li; |
| 279 | 279 | ||
| @@ -297,7 +297,7 @@ login_get_lastlog_time(const int uid) | |||
| 297 | * 0 on failure (will use OpenSSH's logging facilities for diagnostics) | 297 | * 0 on failure (will use OpenSSH's logging facilities for diagnostics) |
| 298 | */ | 298 | */ |
| 299 | struct logininfo * | 299 | struct logininfo * |
| 300 | login_get_lastlog(struct logininfo *li, const int uid) | 300 | login_get_lastlog(struct logininfo *li, const uid_t uid) |
| 301 | { | 301 | { |
| 302 | struct passwd *pw; | 302 | struct passwd *pw; |
| 303 | 303 | ||
| @@ -311,7 +311,8 @@ login_get_lastlog(struct logininfo *li, const int uid) | |||
| 311 | */ | 311 | */ |
| 312 | pw = getpwuid(uid); | 312 | pw = getpwuid(uid); |
| 313 | if (pw == NULL) | 313 | if (pw == NULL) |
| 314 | fatal("%s: Cannot find account for uid %i", __func__, uid); | 314 | fatal("%s: Cannot find account for uid %ld", __func__, |
| 315 | (long)uid); | ||
| 315 | 316 | ||
| 316 | /* No MIN_SIZEOF here - we absolutely *must not* truncate the | 317 | /* No MIN_SIZEOF here - we absolutely *must not* truncate the |
| 317 | * username (XXX - so check for trunc!) */ | 318 | * username (XXX - so check for trunc!) */ |
| @@ -335,7 +336,7 @@ login_get_lastlog(struct logininfo *li, const int uid) | |||
| 335 | * allocation fails, the program halts. | 336 | * allocation fails, the program halts. |
| 336 | */ | 337 | */ |
| 337 | struct | 338 | struct |
| 338 | logininfo *login_alloc_entry(int pid, const char *username, | 339 | logininfo *login_alloc_entry(pid_t pid, const char *username, |
| 339 | const char *hostname, const char *line) | 340 | const char *hostname, const char *line) |
| 340 | { | 341 | { |
| 341 | struct logininfo *newli; | 342 | struct logininfo *newli; |
| @@ -363,7 +364,7 @@ login_free_entry(struct logininfo *li) | |||
| 363 | * Returns: 1 | 364 | * Returns: 1 |
| 364 | */ | 365 | */ |
| 365 | int | 366 | int |
| 366 | login_init_entry(struct logininfo *li, int pid, const char *username, | 367 | login_init_entry(struct logininfo *li, pid_t pid, const char *username, |
| 367 | const char *hostname, const char *line) | 368 | const char *hostname, const char *line) |
| 368 | { | 369 | { |
| 369 | struct passwd *pw; | 370 | struct passwd *pw; |
| @@ -468,9 +469,9 @@ login_write(struct logininfo *li) | |||
| 468 | #endif | 469 | #endif |
| 469 | #ifdef SSH_AUDIT_EVENTS | 470 | #ifdef SSH_AUDIT_EVENTS |
| 470 | if (li->type == LTYPE_LOGIN) | 471 | if (li->type == LTYPE_LOGIN) |
| 471 | audit_session_open(li->line); | 472 | audit_session_open(li); |
| 472 | else if (li->type == LTYPE_LOGOUT) | 473 | else if (li->type == LTYPE_LOGOUT) |
| 473 | audit_session_close(li->line); | 474 | audit_session_close(li); |
| 474 | #endif | 475 | #endif |
| 475 | return (0); | 476 | return (0); |
| 476 | } | 477 | } |
| @@ -872,11 +873,13 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut) | |||
| 872 | pos = (off_t)tty * sizeof(struct utmp); | 873 | pos = (off_t)tty * sizeof(struct utmp); |
| 873 | if ((ret = lseek(fd, pos, SEEK_SET)) == -1) { | 874 | if ((ret = lseek(fd, pos, SEEK_SET)) == -1) { |
| 874 | logit("%s: lseek: %s", __func__, strerror(errno)); | 875 | logit("%s: lseek: %s", __func__, strerror(errno)); |
| 876 | close(fd); | ||
| 875 | return (0); | 877 | return (0); |
| 876 | } | 878 | } |
| 877 | if (ret != pos) { | 879 | if (ret != pos) { |
| 878 | logit("%s: Couldn't seek to tty %d slot in %s", | 880 | logit("%s: Couldn't seek to tty %d slot in %s", |
| 879 | __func__, tty, UTMP_FILE); | 881 | __func__, tty, UTMP_FILE); |
| 882 | close(fd); | ||
| 880 | return (0); | 883 | return (0); |
| 881 | } | 884 | } |
| 882 | /* | 885 | /* |
| @@ -892,16 +895,20 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut) | |||
| 892 | 895 | ||
| 893 | if ((ret = lseek(fd, pos, SEEK_SET)) == -1) { | 896 | if ((ret = lseek(fd, pos, SEEK_SET)) == -1) { |
| 894 | logit("%s: lseek: %s", __func__, strerror(errno)); | 897 | logit("%s: lseek: %s", __func__, strerror(errno)); |
| 898 | close(fd); | ||
| 895 | return (0); | 899 | return (0); |
| 896 | } | 900 | } |
| 897 | if (ret != pos) { | 901 | if (ret != pos) { |
| 898 | logit("%s: Couldn't seek to tty %d slot in %s", | 902 | logit("%s: Couldn't seek to tty %d slot in %s", |
| 899 | __func__, tty, UTMP_FILE); | 903 | __func__, tty, UTMP_FILE); |
| 904 | close(fd); | ||
| 900 | return (0); | 905 | return (0); |
| 901 | } | 906 | } |
| 902 | if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) { | 907 | if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) { |
| 903 | logit("%s: error writing %s: %s", __func__, | 908 | logit("%s: error writing %s: %s", __func__, |
| 904 | UTMP_FILE, strerror(errno)); | 909 | UTMP_FILE, strerror(errno)); |
| 910 | close(fd); | ||
| 911 | return (0); | ||
| 905 | } | 912 | } |
| 906 | 913 | ||
| 907 | close(fd); | 914 | close(fd); |
| @@ -1205,7 +1212,7 @@ wtmp_get_entry(struct logininfo *li) | |||
| 1205 | close (fd); | 1212 | close (fd); |
| 1206 | return (0); | 1213 | return (0); |
| 1207 | } | 1214 | } |
| 1208 | if ( wtmp_islogin(li, &ut) ) { | 1215 | if (wtmp_islogin(li, &ut) ) { |
| 1209 | found = 1; | 1216 | found = 1; |
| 1210 | /* | 1217 | /* |
| 1211 | * We've already checked for a time in struct | 1218 | * We've already checked for a time in struct |
| @@ -1496,11 +1503,12 @@ lastlog_openseek(struct logininfo *li, int *fd, int filemode) | |||
| 1496 | 1503 | ||
| 1497 | if (S_ISREG(st.st_mode)) { | 1504 | if (S_ISREG(st.st_mode)) { |
| 1498 | /* find this uid's offset in the lastlog file */ | 1505 | /* find this uid's offset in the lastlog file */ |
| 1499 | offset = (off_t) ((long)li->uid * sizeof(struct lastlog)); | 1506 | offset = (off_t) ((u_long)li->uid * sizeof(struct lastlog)); |
| 1500 | 1507 | ||
| 1501 | if (lseek(*fd, offset, SEEK_SET) != offset) { | 1508 | if (lseek(*fd, offset, SEEK_SET) != offset) { |
| 1502 | logit("%s: %s->lseek(): %s", __func__, | 1509 | logit("%s: %s->lseek(): %s", __func__, |
| 1503 | lastlog_file, strerror(errno)); | 1510 | lastlog_file, strerror(errno)); |
| 1511 | close(*fd); | ||
| 1504 | return (0); | 1512 | return (0); |
| 1505 | } | 1513 | } |
| 1506 | } | 1514 | } |
| @@ -1672,7 +1680,7 @@ record_failed_login(const char *username, const char *hostname, | |||
| 1672 | strerror(errno)); | 1680 | strerror(errno)); |
| 1673 | goto out; | 1681 | goto out; |
| 1674 | } | 1682 | } |
| 1675 | if((fst.st_mode & (S_IRWXG | S_IRWXO)) || (fst.st_uid != 0)){ | 1683 | if((fst.st_mode & (S_IXGRP | S_IRWXO)) || (fst.st_uid != 0)){ |
| 1676 | logit("Excess permission or bad ownership on file %s", | 1684 | logit("Excess permission or bad ownership on file %s", |
| 1677 | _PATH_BTMP); | 1685 | _PATH_BTMP); |
| 1678 | goto out; | 1686 | goto out; |