2 * Copyright (c) 2000 Andre Lucas. All rights reserved.
3 * Portions copyright (c) 1998 Todd C. Miller
4 * Portions copyright (c) 1996 Jason Downs
5 * Portions copyright (c) 1996 Theo de Raadt
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 * The btmp logging code is derived from login.c from util-linux and is under
30 * the the following license:
32 * Copyright (c) 1980, 1987, 1988 The Regents of the University of California.
33 * All rights reserved.
35 * Redistribution and use in source and binary forms are permitted
36 * provided that the above copyright notice and this paragraph are
37 * duplicated in all such forms and that any documentation,
38 * advertising materials, and other materials related to such
39 * distribution and use acknowledge that the software was developed
40 * by the University of California, Berkeley. The name of the
41 * University may not be used to endorse or promote products derived
42 * from this software without specific prior written permission.
43 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
44 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
45 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
50 ** loginrec.c: platform-independent login recording and lastlog retrieval
54 * The new login code explained
55 * ============================
57 * This code attempts to provide a common interface to login recording
58 * (utmp and friends) and last login time retrieval.
60 * Its primary means of achieving this is to use 'struct logininfo', a
61 * union of all the useful fields in the various different types of
62 * system login record structures one finds on UNIX variants.
64 * We depend on autoconf to define which recording methods are to be
65 * used, and which fields are contained in the relevant data structures
66 * on the local system. Many C preprocessor symbols affect which code
69 * The code is designed to make it easy to modify a particular
70 * recording method, without affecting other methods nor requiring so
71 * many nested conditional compilation blocks as were commonplace in
74 * For login recording, we try to use the local system's libraries as
75 * these are clearly most likely to work correctly. For utmp systems
76 * this usually means login() and logout() or setutent() etc., probably
77 * in libutil, along with logwtmp() etc. On these systems, we fall back
78 * to writing the files directly if we have to, though this method
79 * requires very thorough testing so we do not corrupt local auditing
80 * information. These files and their access methods are very system
83 * For utmpx systems, the corresponding library functions are
84 * setutxent() etc. To the author's knowledge, all utmpx systems have
85 * these library functions and so no direct write is attempted. If such
86 * a system exists and needs support, direct analogues of the [uw]tmp
87 * code should suffice.
89 * Retrieving the time of last login ('lastlog') is in some ways even
90 * more problemmatic than login recording. Some systems provide a
91 * simple table of all users which we seek based on uid and retrieve a
92 * relatively standard structure. Others record the same information in
93 * a directory with a separate file, and others don't record the
94 * information separately at all. For systems in the latter category,
95 * we look backwards in the wtmp or wtmpx file for the last login entry
96 * for our user. Naturally this is slower and on busy systems could
97 * incur a significant performance penalty.
99 * Calling the new code
100 * --------------------
102 * In OpenSSH all login recording and retrieval is performed in
103 * login.c. Here you'll find working examples. Also, in the logintest.c
104 * program there are more examples.
106 * Internal handler calling method
107 * -------------------------------
109 * When a call is made to login_login() or login_logout(), both
110 * routines set a struct logininfo flag defining which action (log in,
111 * or log out) is to be taken. They both then call login_write(), which
112 * calls whichever of the many structure-specific handlers autoconf
113 * selects for the local system.
115 * The handlers themselves handle system data structure specifics. Both
116 * struct utmp and struct utmpx have utility functions (see
117 * construct_utmp*()) to try to make it simpler to add extra systems
118 * that introduce new features to either structure.
120 * While it may seem terribly wasteful to replicate so much similar
121 * code for each method, experience has shown that maintaining code to
122 * write both struct utmp and utmpx in one function, whilst maintaining
123 * support for all systems whether they have library support or not, is
124 * a difficult and time-consuming task.
126 * Lastlog support proceeds similarly. Functions login_get_lastlog()
127 * (and its OpenSSH-tuned friend login_get_lastlog_time()) call
128 * getlast_entry(), which tries one of three methods to find the last
129 * login time. It uses local system lastlog support if it can,
130 * otherwise it tries wtmp or wtmpx before giving up and returning 0,
136 * In many cases it's possible to tweak autoconf to select the correct
137 * methods for a particular platform, either by improving the detection
138 * code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE
139 * symbols for the platform.
141 * Use logintest to check which symbols are defined before modifying
142 * configure.ac and loginrec.c. (You have to build logintest yourself
143 * with 'make logintest' as it's not built by default.)
145 * Otherwise, patches to the specific method(s) are very helpful!
148 #include "includes.h"
149 __RCSID("$FreeBSD$");
151 #include <sys/types.h>
152 #include <sys/stat.h>
153 #include <sys/socket.h>
155 #include <netinet/in.h>
170 #include "hostfile.h"
172 #include "loginrec.h"
174 #include "atomicio.h"
176 #include "canohost.h"
184 #ifdef HAVE_LIBUTIL_H
185 # include <libutil.h>
189 ** prototypes for helper functions in this file
193 void set_utmp_time(struct logininfo *li, struct utmp *ut);
194 void construct_utmp(struct logininfo *li, struct utmp *ut);
198 void set_utmpx_time(struct logininfo *li, struct utmpx *ut);
199 void construct_utmpx(struct logininfo *li, struct utmpx *ut);
202 int utmp_write_entry(struct logininfo *li);
203 int utmpx_write_entry(struct logininfo *li);
204 int wtmp_write_entry(struct logininfo *li);
205 int wtmpx_write_entry(struct logininfo *li);
206 int lastlog_write_entry(struct logininfo *li);
207 int syslogin_write_entry(struct logininfo *li);
209 int getlast_entry(struct logininfo *li);
210 int lastlog_get_entry(struct logininfo *li);
211 int utmpx_get_entry(struct logininfo *li);
212 int wtmp_get_entry(struct logininfo *li);
213 int wtmpx_get_entry(struct logininfo *li);
215 extern Buffer loginmsg;
217 /* pick the shortest string */
218 #define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))
221 ** platform-independent login functions
225 * login_login(struct logininfo *) - Record a login
227 * Call with a pointer to a struct logininfo initialised with
228 * login_init_entry() or login_alloc_entry()
232 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
235 login_login(struct logininfo *li)
237 li->type = LTYPE_LOGIN;
238 return (login_write(li));
243 * login_logout(struct logininfo *) - Record a logout
245 * Call as with login_login()
249 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
252 login_logout(struct logininfo *li)
254 li->type = LTYPE_LOGOUT;
255 return (login_write(li));
259 * login_get_lastlog_time(int) - Retrieve the last login time
261 * Retrieve the last login time for the given uid. Will try to use the
262 * system lastlog facilities if they are available, but will fall back
263 * to looking in wtmp/wtmpx if necessary
266 * 0 on failure, or if user has never logged in
267 * Time in seconds from the epoch if successful
269 * Useful preprocessor symbols:
270 * DISABLE_LASTLOG: If set, *never* even try to retrieve lastlog
272 * USE_LASTLOG: If set, indicates the presence of system lastlog
273 * facilities. If this and DISABLE_LASTLOG are not set,
274 * try to retrieve lastlog information from wtmp/wtmpx.
277 login_get_lastlog_time(const uid_t uid)
281 if (login_get_lastlog(&li, uid))
288 * login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry
290 * Retrieve a logininfo structure populated (only partially) with
291 * information from the system lastlog data, or from wtmp/wtmpx if no
292 * system lastlog information exists.
294 * Note this routine must be given a pre-allocated logininfo.
297 * >0: A pointer to your struct logininfo if successful
298 * 0 on failure (will use OpenSSH's logging facilities for diagnostics)
301 login_get_lastlog(struct logininfo *li, const uid_t uid)
305 memset(li, '\0', sizeof(*li));
309 * If we don't have a 'real' lastlog, we need the username to
310 * reliably search wtmp(x) for the last login (see
315 fatal("%s: Cannot find account for uid %ld", __func__,
318 /* No MIN_SIZEOF here - we absolutely *must not* truncate the
319 * username (XXX - so check for trunc!) */
320 strlcpy(li->username, pw->pw_name, sizeof(li->username));
322 if (getlast_entry(li))
330 * login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
331 * a logininfo structure
333 * This function creates a new struct logininfo, a data structure
334 * meant to carry the information required to portably record login info.
336 * Returns a pointer to a newly created struct logininfo. If memory
337 * allocation fails, the program halts.
340 logininfo *login_alloc_entry(pid_t pid, const char *username,
341 const char *hostname, const char *line)
343 struct logininfo *newli;
345 newli = xmalloc(sizeof(*newli));
346 login_init_entry(newli, pid, username, hostname, line);
351 /* login_free_entry(struct logininfo *) - free struct memory */
353 login_free_entry(struct logininfo *li)
359 /* login_init_entry(struct logininfo *, int, char*, char*, char*)
360 * - initialise a struct logininfo
362 * Populates a new struct logininfo, a data structure meant to carry
363 * the information required to portably record login info.
368 login_init_entry(struct logininfo *li, pid_t pid, const char *username,
369 const char *hostname, const char *line)
373 memset(li, 0, sizeof(*li));
377 /* set the line information */
379 line_fullname(li->line, line, sizeof(li->line));
382 strlcpy(li->username, username, sizeof(li->username));
383 pw = getpwnam(li->username);
385 fatal("%s: Cannot find user \"%s\"", __func__,
388 li->uid = pw->pw_uid;
392 strlcpy(li->hostname, hostname, sizeof(li->hostname));
398 * login_set_current_time(struct logininfo *) - set the current time
400 * Set the current time in a logininfo structure. This function is
401 * meant to eliminate the need to deal with system dependencies for
405 login_set_current_time(struct logininfo *li)
409 gettimeofday(&tv, NULL);
411 li->tv_sec = tv.tv_sec;
412 li->tv_usec = tv.tv_usec;
415 /* copy a sockaddr_* into our logininfo */
417 login_set_addr(struct logininfo *li, const struct sockaddr *sa,
418 const unsigned int sa_size)
420 unsigned int bufsize = sa_size;
422 /* make sure we don't overrun our union */
423 if (sizeof(li->hostaddr) < sa_size)
424 bufsize = sizeof(li->hostaddr);
426 memcpy(&li->hostaddr.sa, sa, bufsize);
431 ** login_write: Call low-level recording functions based on autoconf
435 login_write(struct logininfo *li)
438 if (geteuid() != 0) {
439 logit("Attempt to write login records by non-root user (aborting)");
444 /* set the timestamp */
445 login_set_current_time(li);
447 syslogin_write_entry(li);
450 if (li->type == LTYPE_LOGIN)
451 lastlog_write_entry(li);
454 utmp_write_entry(li);
457 wtmp_write_entry(li);
460 utmpx_write_entry(li);
463 wtmpx_write_entry(li);
465 #ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
466 if (li->type == LTYPE_LOGIN &&
467 !sys_auth_record_login(li->username,li->hostname,li->line,
469 logit("Writing login record failed for %s", li->username);
471 #ifdef SSH_AUDIT_EVENTS
472 if (li->type == LTYPE_LOGIN)
473 audit_session_open(li);
474 else if (li->type == LTYPE_LOGOUT)
475 audit_session_close(li);
480 #ifdef LOGIN_NEEDS_UTMPX
482 login_utmp_only(struct logininfo *li)
484 li->type = LTYPE_LOGIN;
485 login_set_current_time(li);
487 utmp_write_entry(li);
490 wtmp_write_entry(li);
493 utmpx_write_entry(li);
496 wtmpx_write_entry(li);
503 ** getlast_entry: Call low-level functions to retrieve the last login
507 /* take the uid in li and return the last login time */
509 getlast_entry(struct logininfo *li)
512 return(lastlog_get_entry(li));
513 #else /* !USE_LASTLOG */
514 #if defined(USE_UTMPX) && defined(HAVE_SETUTXDB) && \
515 defined(UTXDB_LASTLOGIN) && defined(HAVE_GETUTXUSER)
516 return (utmpx_get_entry(li));
520 return (utmpx_get_entry(li));
523 #if defined(DISABLE_LASTLOG)
524 /* On some systems we shouldn't even try to obtain last login
527 # elif defined(USE_WTMP) && \
528 (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP))
529 /* retrieve last login time from utmp */
530 return (wtmp_get_entry(li));
531 # elif defined(USE_WTMPX) && \
532 (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX))
533 /* If wtmp isn't available, try wtmpx */
534 return (wtmpx_get_entry(li));
536 /* Give up: No means of retrieving last login time */
538 # endif /* DISABLE_LASTLOG */
539 #endif /* USE_LASTLOG */
545 * 'line' string utility functions
547 * These functions process the 'line' string into one of three forms:
549 * 1. The full filename (including '/dev')
550 * 2. The stripped name (excluding '/dev')
551 * 3. The abbreviated name (e.g. /dev/ttyp00 -> yp00
552 * /dev/pts/1 -> ts/1 )
554 * Form 3 is used on some systems to identify a .tmp.? entry when
555 * attempting to remove it. Typically both addition and removal is
556 * performed by one application - say, sshd - so as long as the choice
557 * uniquely identifies a terminal it's ok.
562 * line_fullname(): add the leading '/dev/' if it doesn't exist make
563 * sure dst has enough space, if not just copy src (ugh)
566 line_fullname(char *dst, const char *src, u_int dstsize)
568 memset(dst, '\0', dstsize);
569 if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5)))
570 strlcpy(dst, src, dstsize);
572 strlcpy(dst, "/dev/", dstsize);
573 strlcat(dst, src, dstsize);
578 /* line_stripname(): strip the leading '/dev' if it exists, return dst */
580 line_stripname(char *dst, const char *src, int dstsize)
582 memset(dst, '\0', dstsize);
583 if (strncmp(src, "/dev/", 5) == 0)
584 strlcpy(dst, src + 5, dstsize);
586 strlcpy(dst, src, dstsize);
591 * line_abbrevname(): Return the abbreviated (usually four-character)
592 * form of the line (Just use the last <dstsize> characters of the
595 * NOTE: use strncpy because we do NOT necessarily want zero
599 line_abbrevname(char *dst, const char *src, int dstsize)
603 memset(dst, '\0', dstsize);
605 /* Always skip prefix if present */
606 if (strncmp(src, "/dev/", 5) == 0)
609 #ifdef WITH_ABBREV_NO_TTY
610 if (strncmp(src, "tty", 3) == 0)
617 if (((int)len - dstsize) > 0)
618 src += ((int)len - dstsize);
620 /* note: _don't_ change this to strlcpy */
621 strncpy(dst, src, (size_t)dstsize);
628 ** utmp utility functions
630 ** These functions manipulate struct utmp, taking system differences
634 #if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN)
636 /* build the utmp structure */
638 set_utmp_time(struct logininfo *li, struct utmp *ut)
640 # if defined(HAVE_TV_IN_UTMP)
641 ut->ut_tv.tv_sec = li->tv_sec;
642 ut->ut_tv.tv_usec = li->tv_usec;
643 # elif defined(HAVE_TIME_IN_UTMP)
644 ut->ut_time = li->tv_sec;
649 construct_utmp(struct logininfo *li,
652 # ifdef HAVE_ADDR_V6_IN_UTMP
653 struct sockaddr_in6 *sa6;
656 memset(ut, '\0', sizeof(*ut));
658 /* First fill out fields used for both logins and logouts */
660 # ifdef HAVE_ID_IN_UTMP
661 line_abbrevname(ut->ut_id, li->line, sizeof(ut->ut_id));
664 # ifdef HAVE_TYPE_IN_UTMP
665 /* This is done here to keep utmp constants out of struct logininfo */
668 ut->ut_type = USER_PROCESS;
674 ut->ut_type = DEAD_PROCESS;
676 cray_retain_utmp(ut, li->pid);
681 set_utmp_time(li, ut);
683 line_stripname(ut->ut_line, li->line, sizeof(ut->ut_line));
685 # ifdef HAVE_PID_IN_UTMP
686 ut->ut_pid = li->pid;
689 /* If we're logging out, leave all other fields blank */
690 if (li->type == LTYPE_LOGOUT)
694 * These fields are only used when logging in, and are blank
698 /* Use strncpy because we don't necessarily want null termination */
699 strncpy(ut->ut_name, li->username,
700 MIN_SIZEOF(ut->ut_name, li->username));
701 # ifdef HAVE_HOST_IN_UTMP
702 strncpy(ut->ut_host, li->hostname,
703 MIN_SIZEOF(ut->ut_host, li->hostname));
705 # ifdef HAVE_ADDR_IN_UTMP
706 /* this is just a 32-bit IP address */
707 if (li->hostaddr.sa.sa_family == AF_INET)
708 ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
710 # ifdef HAVE_ADDR_V6_IN_UTMP
711 /* this is just a 128-bit IPv6 address */
712 if (li->hostaddr.sa.sa_family == AF_INET6) {
713 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
714 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
715 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
716 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
717 ut->ut_addr_v6[1] = 0;
718 ut->ut_addr_v6[2] = 0;
719 ut->ut_addr_v6[3] = 0;
724 #endif /* USE_UTMP || USE_WTMP || USE_LOGIN */
727 ** utmpx utility functions
729 ** These functions manipulate struct utmpx, accounting for system
733 #if defined(USE_UTMPX) || defined (USE_WTMPX)
734 /* build the utmpx structure */
736 set_utmpx_time(struct logininfo *li, struct utmpx *utx)
738 # if defined(HAVE_TV_IN_UTMPX)
739 utx->ut_tv.tv_sec = li->tv_sec;
740 utx->ut_tv.tv_usec = li->tv_usec;
741 # elif defined(HAVE_TIME_IN_UTMPX)
742 utx->ut_time = li->tv_sec;
747 construct_utmpx(struct logininfo *li, struct utmpx *utx)
749 # ifdef HAVE_ADDR_V6_IN_UTMP
750 struct sockaddr_in6 *sa6;
752 memset(utx, '\0', sizeof(*utx));
754 # ifdef HAVE_ID_IN_UTMPX
755 line_abbrevname(utx->ut_id, li->line, sizeof(utx->ut_id));
758 /* this is done here to keep utmp constants out of loginrec.h */
761 utx->ut_type = USER_PROCESS;
764 utx->ut_type = DEAD_PROCESS;
767 line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line));
768 set_utmpx_time(li, utx);
769 utx->ut_pid = li->pid;
771 /* strncpy(): Don't necessarily want null termination */
772 strncpy(utx->ut_user, li->username,
773 MIN_SIZEOF(utx->ut_user, li->username));
775 if (li->type == LTYPE_LOGOUT)
779 * These fields are only used when logging in, and are blank
783 # ifdef HAVE_HOST_IN_UTMPX
784 strncpy(utx->ut_host, li->hostname,
785 MIN_SIZEOF(utx->ut_host, li->hostname));
787 # ifdef HAVE_ADDR_IN_UTMPX
788 /* this is just a 32-bit IP address */
789 if (li->hostaddr.sa.sa_family == AF_INET)
790 utx->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
792 # ifdef HAVE_ADDR_V6_IN_UTMP
793 /* this is just a 128-bit IPv6 address */
794 if (li->hostaddr.sa.sa_family == AF_INET6) {
795 sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
796 memcpy(ut->ut_addr_v6, sa6->sin6_addr.s6_addr, 16);
797 if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
798 ut->ut_addr_v6[0] = ut->ut_addr_v6[3];
799 ut->ut_addr_v6[1] = 0;
800 ut->ut_addr_v6[2] = 0;
801 ut->ut_addr_v6[3] = 0;
805 # ifdef HAVE_SYSLEN_IN_UTMPX
806 /* ut_syslen is the length of the utx_host string */
807 utx->ut_syslen = MIN(strlen(li->hostname), sizeof(utx->ut_host));
810 #endif /* USE_UTMPX || USE_WTMPX */
813 ** Low-level utmp functions
816 /* FIXME: (ATL) utmp_write_direct needs testing */
819 /* if we can, use pututline() etc. */
820 # if !defined(DISABLE_PUTUTLINE) && defined(HAVE_SETUTENT) && \
821 defined(HAVE_PUTUTLINE)
822 # define UTMP_USE_LIBRARY
826 /* write a utmp entry with the system's help (pututline() and pals) */
827 # ifdef UTMP_USE_LIBRARY
829 utmp_write_library(struct logininfo *li, struct utmp *ut)
833 # ifdef HAVE_ENDUTENT
838 # else /* UTMP_USE_LIBRARY */
841 * Write a utmp entry direct to the file
842 * This is a slightly modification of code in OpenBSD's login.c
845 utmp_write_direct(struct logininfo *li, struct utmp *ut)
851 /* FIXME: (ATL) ttyslot() needs local implementation */
853 #if defined(HAVE_GETTTYENT)
858 while (NULL != (ty = getttyent())) {
860 if (!strncmp(ty->ty_name, ut->ut_line, sizeof(ut->ut_line)))
866 logit("%s: tty not found", __func__);
871 tty = ttyslot(); /* seems only to work for /dev/ttyp? style names */
873 #endif /* HAVE_GETTTYENT */
875 if (tty > 0 && (fd = open(UTMP_FILE, O_RDWR|O_CREAT, 0644)) >= 0) {
878 pos = (off_t)tty * sizeof(struct utmp);
879 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
880 logit("%s: lseek: %s", __func__, strerror(errno));
885 logit("%s: Couldn't seek to tty %d slot in %s",
886 __func__, tty, UTMP_FILE);
891 * Prevent luser from zero'ing out ut_host.
892 * If the new ut_line is empty but the old one is not
893 * and ut_line and ut_name match, preserve the old ut_line.
895 if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) &&
896 (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') &&
897 (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) &&
898 (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0))
899 memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host));
901 if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
902 logit("%s: lseek: %s", __func__, strerror(errno));
907 logit("%s: Couldn't seek to tty %d slot in %s",
908 __func__, tty, UTMP_FILE);
912 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
913 logit("%s: error writing %s: %s", __func__,
914 UTMP_FILE, strerror(errno));
925 # endif /* UTMP_USE_LIBRARY */
928 utmp_perform_login(struct logininfo *li)
932 construct_utmp(li, &ut);
933 # ifdef UTMP_USE_LIBRARY
934 if (!utmp_write_library(li, &ut)) {
935 logit("%s: utmp_write_library() failed", __func__);
939 if (!utmp_write_direct(li, &ut)) {
940 logit("%s: utmp_write_direct() failed", __func__);
949 utmp_perform_logout(struct logininfo *li)
953 construct_utmp(li, &ut);
954 # ifdef UTMP_USE_LIBRARY
955 if (!utmp_write_library(li, &ut)) {
956 logit("%s: utmp_write_library() failed", __func__);
960 if (!utmp_write_direct(li, &ut)) {
961 logit("%s: utmp_write_direct() failed", __func__);
970 utmp_write_entry(struct logininfo *li)
974 return (utmp_perform_login(li));
977 return (utmp_perform_logout(li));
980 logit("%s: invalid type field", __func__);
984 #endif /* USE_UTMP */
988 ** Low-level utmpx functions
991 /* not much point if we don't want utmpx entries */
994 /* if we have the wherewithall, use pututxline etc. */
995 # if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \
996 defined(HAVE_PUTUTXLINE)
997 # define UTMPX_USE_LIBRARY
1001 /* write a utmpx entry with the system's help (pututxline() and pals) */
1002 # ifdef UTMPX_USE_LIBRARY
1004 utmpx_write_library(struct logininfo *li, struct utmpx *utx)
1009 # ifdef HAVE_ENDUTXENT
1015 # else /* UTMPX_USE_LIBRARY */
1017 /* write a utmp entry direct to the file */
1019 utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
1021 logit("%s: not implemented!", __func__);
1024 # endif /* UTMPX_USE_LIBRARY */
1027 utmpx_perform_login(struct logininfo *li)
1031 construct_utmpx(li, &utx);
1032 # ifdef UTMPX_USE_LIBRARY
1033 if (!utmpx_write_library(li, &utx)) {
1034 logit("%s: utmp_write_library() failed", __func__);
1038 if (!utmpx_write_direct(li, &ut)) {
1039 logit("%s: utmp_write_direct() failed", __func__);
1048 utmpx_perform_logout(struct logininfo *li)
1052 construct_utmpx(li, &utx);
1053 # ifdef HAVE_ID_IN_UTMPX
1054 line_abbrevname(utx.ut_id, li->line, sizeof(utx.ut_id));
1056 # ifdef HAVE_TYPE_IN_UTMPX
1057 utx.ut_type = DEAD_PROCESS;
1060 # ifdef UTMPX_USE_LIBRARY
1061 utmpx_write_library(li, &utx);
1063 utmpx_write_direct(li, &utx);
1069 utmpx_write_entry(struct logininfo *li)
1073 return (utmpx_perform_login(li));
1075 return (utmpx_perform_logout(li));
1077 logit("%s: invalid type field", __func__);
1081 #endif /* USE_UTMPX */
1085 ** Low-level wtmp functions
1091 * Write a wtmp entry direct to the end of the file
1092 * This is a slight modification of code in OpenBSD's logwtmp.c
1095 wtmp_write(struct logininfo *li, struct utmp *ut)
1100 if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
1101 logit("%s: problem writing %s: %s", __func__,
1102 WTMP_FILE, strerror(errno));
1105 if (fstat(fd, &buf) == 0)
1106 if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
1107 ftruncate(fd, buf.st_size);
1108 logit("%s: problem writing %s: %s", __func__,
1109 WTMP_FILE, strerror(errno));
1117 wtmp_perform_login(struct logininfo *li)
1121 construct_utmp(li, &ut);
1122 return (wtmp_write(li, &ut));
1127 wtmp_perform_logout(struct logininfo *li)
1131 construct_utmp(li, &ut);
1132 return (wtmp_write(li, &ut));
1137 wtmp_write_entry(struct logininfo *li)
1141 return (wtmp_perform_login(li));
1143 return (wtmp_perform_logout(li));
1145 logit("%s: invalid type field", __func__);
1152 * Notes on fetching login data from wtmp/wtmpx
1154 * Logouts are usually recorded with (amongst other things) a blank
1155 * username on a given tty line. However, some systems (HP-UX is one)
1156 * leave all fields set, but change the ut_type field to DEAD_PROCESS.
1158 * Since we're only looking for logins here, we know that the username
1159 * must be set correctly. On systems that leave it in, we check for
1160 * ut_type==USER_PROCESS (indicating a login.)
1162 * Portability: Some systems may set something other than USER_PROCESS
1163 * to indicate a login process. I don't know of any as I write. Also,
1164 * it's possible that some systems may both leave the username in
1165 * place and not have ut_type.
1168 /* return true if this wtmp entry indicates a login */
1170 wtmp_islogin(struct logininfo *li, struct utmp *ut)
1172 if (strncmp(li->username, ut->ut_name,
1173 MIN_SIZEOF(li->username, ut->ut_name)) == 0) {
1174 # ifdef HAVE_TYPE_IN_UTMP
1175 if (ut->ut_type & USER_PROCESS)
1185 wtmp_get_entry(struct logininfo *li)
1191 /* Clear the time entries in our logininfo */
1192 li->tv_sec = li->tv_usec = 0;
1194 if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) {
1195 logit("%s: problem opening %s: %s", __func__,
1196 WTMP_FILE, strerror(errno));
1199 if (fstat(fd, &st) != 0) {
1200 logit("%s: couldn't stat %s: %s", __func__,
1201 WTMP_FILE, strerror(errno));
1206 /* Seek to the start of the last struct utmp */
1207 if (lseek(fd, -(off_t)sizeof(struct utmp), SEEK_END) == -1) {
1208 /* Looks like we've got a fresh wtmp file */
1214 if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) {
1215 logit("%s: read of %s failed: %s", __func__,
1216 WTMP_FILE, strerror(errno));
1220 if (wtmp_islogin(li, &ut) ) {
1223 * We've already checked for a time in struct
1224 * utmp, in login_getlast()
1226 # ifdef HAVE_TIME_IN_UTMP
1227 li->tv_sec = ut.ut_time;
1229 # if HAVE_TV_IN_UTMP
1230 li->tv_sec = ut.ut_tv.tv_sec;
1233 line_fullname(li->line, ut.ut_line,
1234 MIN_SIZEOF(li->line, ut.ut_line));
1235 # ifdef HAVE_HOST_IN_UTMP
1236 strlcpy(li->hostname, ut.ut_host,
1237 MIN_SIZEOF(li->hostname, ut.ut_host));
1241 /* Seek back 2 x struct utmp */
1242 if (lseek(fd, -(off_t)(2 * sizeof(struct utmp)), SEEK_CUR) == -1) {
1243 /* We've found the start of the file, so quit */
1249 /* We found an entry. Tidy up and return */
1253 # endif /* USE_WTMP */
1257 ** Low-level wtmpx functions
1262 * Write a wtmpx entry direct to the end of the file
1263 * This is a slight modification of code in OpenBSD's logwtmp.c
1266 wtmpx_write(struct logininfo *li, struct utmpx *utx)
1268 #ifndef HAVE_UPDWTMPX
1272 if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
1273 logit("%s: problem opening %s: %s", __func__,
1274 WTMPX_FILE, strerror(errno));
1278 if (fstat(fd, &buf) == 0)
1279 if (atomicio(vwrite, fd, utx, sizeof(*utx)) != sizeof(*utx)) {
1280 ftruncate(fd, buf.st_size);
1281 logit("%s: problem writing %s: %s", __func__,
1282 WTMPX_FILE, strerror(errno));
1289 updwtmpx(WTMPX_FILE, utx);
1296 wtmpx_perform_login(struct logininfo *li)
1300 construct_utmpx(li, &utx);
1301 return (wtmpx_write(li, &utx));
1306 wtmpx_perform_logout(struct logininfo *li)
1310 construct_utmpx(li, &utx);
1311 return (wtmpx_write(li, &utx));
1316 wtmpx_write_entry(struct logininfo *li)
1320 return (wtmpx_perform_login(li));
1322 return (wtmpx_perform_logout(li));
1324 logit("%s: invalid type field", __func__);
1329 /* Please see the notes above wtmp_islogin() for information about the
1330 next two functions */
1332 /* Return true if this wtmpx entry indicates a login */
1334 wtmpx_islogin(struct logininfo *li, struct utmpx *utx)
1336 if (strncmp(li->username, utx->ut_user,
1337 MIN_SIZEOF(li->username, utx->ut_user)) == 0 ) {
1338 # ifdef HAVE_TYPE_IN_UTMPX
1339 if (utx->ut_type == USER_PROCESS)
1350 wtmpx_get_entry(struct logininfo *li)
1356 /* Clear the time entries */
1357 li->tv_sec = li->tv_usec = 0;
1359 if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) {
1360 logit("%s: problem opening %s: %s", __func__,
1361 WTMPX_FILE, strerror(errno));
1364 if (fstat(fd, &st) != 0) {
1365 logit("%s: couldn't stat %s: %s", __func__,
1366 WTMPX_FILE, strerror(errno));
1371 /* Seek to the start of the last struct utmpx */
1372 if (lseek(fd, -(off_t)sizeof(struct utmpx), SEEK_END) == -1 ) {
1373 /* probably a newly rotated wtmpx file */
1379 if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) {
1380 logit("%s: read of %s failed: %s", __func__,
1381 WTMPX_FILE, strerror(errno));
1386 * Logouts are recorded as a blank username on a particular
1387 * line. So, we just need to find the username in struct utmpx
1389 if (wtmpx_islogin(li, &utx)) {
1391 # if defined(HAVE_TV_IN_UTMPX)
1392 li->tv_sec = utx.ut_tv.tv_sec;
1393 # elif defined(HAVE_TIME_IN_UTMPX)
1394 li->tv_sec = utx.ut_time;
1396 line_fullname(li->line, utx.ut_line, sizeof(li->line));
1397 # if defined(HAVE_HOST_IN_UTMPX)
1398 strlcpy(li->hostname, utx.ut_host,
1399 MIN_SIZEOF(li->hostname, utx.ut_host));
1403 if (lseek(fd, -(off_t)(2 * sizeof(struct utmpx)), SEEK_CUR) == -1) {
1412 #endif /* USE_WTMPX */
1415 ** Low-level libutil login() functions
1420 syslogin_perform_login(struct logininfo *li)
1424 ut = xmalloc(sizeof(*ut));
1425 construct_utmp(li, ut);
1433 syslogin_perform_logout(struct logininfo *li)
1436 char line[UT_LINESIZE];
1438 (void)line_stripname(line, li->line, sizeof(line));
1441 logit("%s: logout() returned an error", __func__);
1442 # ifdef HAVE_LOGWTMP
1444 logwtmp(line, "", "");
1446 /* FIXME: (ATL - if the need arises) What to do if we have
1447 * login, but no logout? what if logout but no logwtmp? All
1448 * routines are in libutil so they should all be there,
1455 syslogin_write_entry(struct logininfo *li)
1459 return (syslogin_perform_login(li));
1461 return (syslogin_perform_logout(li));
1463 logit("%s: Invalid type field", __func__);
1467 #endif /* USE_LOGIN */
1469 /* end of file log-syslogin.c */
1472 ** Low-level lastlog functions
1477 #if !defined(LASTLOG_WRITE_PUTUTXLINE) || !defined(HAVE_GETLASTLOGXBYNAME)
1478 /* open the file (using filemode) and seek to the login entry */
1480 lastlog_openseek(struct logininfo *li, int *fd, int filemode)
1483 char lastlog_file[1024];
1486 if (stat(LASTLOG_FILE, &st) != 0) {
1487 logit("%s: Couldn't stat %s: %s", __func__,
1488 LASTLOG_FILE, strerror(errno));
1491 if (S_ISDIR(st.st_mode)) {
1492 snprintf(lastlog_file, sizeof(lastlog_file), "%s/%s",
1493 LASTLOG_FILE, li->username);
1494 } else if (S_ISREG(st.st_mode)) {
1495 strlcpy(lastlog_file, LASTLOG_FILE, sizeof(lastlog_file));
1497 logit("%s: %.100s is not a file or directory!", __func__,
1502 *fd = open(lastlog_file, filemode, 0600);
1504 debug("%s: Couldn't open %s: %s", __func__,
1505 lastlog_file, strerror(errno));
1509 if (S_ISREG(st.st_mode)) {
1510 /* find this uid's offset in the lastlog file */
1511 offset = (off_t) ((u_long)li->uid * sizeof(struct lastlog));
1513 if (lseek(*fd, offset, SEEK_SET) != offset) {
1514 logit("%s: %s->lseek(): %s", __func__,
1515 lastlog_file, strerror(errno));
1523 #endif /* !LASTLOG_WRITE_PUTUTXLINE || !HAVE_GETLASTLOGXBYNAME */
1525 #ifdef LASTLOG_WRITE_PUTUTXLINE
1527 lastlog_write_entry(struct logininfo *li)
1531 return 1; /* lastlog written by pututxline */
1533 logit("lastlog_write_entry: Invalid type field");
1537 #else /* LASTLOG_WRITE_PUTUTXLINE */
1539 lastlog_write_entry(struct logininfo *li)
1541 struct lastlog last;
1546 /* create our struct lastlog */
1547 memset(&last, '\0', sizeof(last));
1548 line_stripname(last.ll_line, li->line, sizeof(last.ll_line));
1549 strlcpy(last.ll_host, li->hostname,
1550 MIN_SIZEOF(last.ll_host, li->hostname));
1551 last.ll_time = li->tv_sec;
1553 if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT))
1556 /* write the entry */
1557 if (atomicio(vwrite, fd, &last, sizeof(last)) != sizeof(last)) {
1559 logit("%s: Error writing to %s: %s", __func__,
1560 LASTLOG_FILE, strerror(errno));
1567 logit("%s: Invalid type field", __func__);
1571 #endif /* LASTLOG_WRITE_PUTUTXLINE */
1573 #ifdef HAVE_GETLASTLOGXBYNAME
1575 lastlog_get_entry(struct logininfo *li)
1577 struct lastlogx l, *ll;
1579 if ((ll = getlastlogxbyname(li->username, &l)) == NULL) {
1580 memset(&l, '\0', sizeof(l));
1583 line_fullname(li->line, ll->ll_line, sizeof(li->line));
1584 strlcpy(li->hostname, ll->ll_host,
1585 MIN_SIZEOF(li->hostname, ll->ll_host));
1586 li->tv_sec = ll->ll_tv.tv_sec;
1587 li->tv_usec = ll->ll_tv.tv_usec;
1590 #else /* HAVE_GETLASTLOGXBYNAME */
1592 lastlog_get_entry(struct logininfo *li)
1594 struct lastlog last;
1597 if (!lastlog_openseek(li, &fd, O_RDONLY))
1600 ret = atomicio(read, fd, &last, sizeof(last));
1605 memset(&last, '\0', sizeof(last));
1608 line_fullname(li->line, last.ll_line, sizeof(li->line));
1609 strlcpy(li->hostname, last.ll_host,
1610 MIN_SIZEOF(li->hostname, last.ll_host));
1611 li->tv_sec = last.ll_time;
1614 error("%s: Error reading from %s: %s", __func__,
1615 LASTLOG_FILE, strerror(errno));
1618 error("%s: Error reading from %s: Expecting %d, got %d",
1619 __func__, LASTLOG_FILE, (int)sizeof(last), ret);
1626 #endif /* HAVE_GETLASTLOGXBYNAME */
1627 #endif /* USE_LASTLOG */
1629 #if defined(USE_UTMPX) && defined(HAVE_SETUTXDB) && \
1630 defined(UTXDB_LASTLOGIN) && defined(HAVE_GETUTXUSER)
1632 utmpx_get_entry(struct logininfo *li)
1636 if (setutxdb(UTXDB_LASTLOGIN, NULL) != 0)
1638 utx = getutxuser(li->username);
1644 line_fullname(li->line, utx->ut_line,
1645 MIN_SIZEOF(li->line, utx->ut_line));
1646 strlcpy(li->hostname, utx->ut_host,
1647 MIN_SIZEOF(li->hostname, utx->ut_host));
1648 li->tv_sec = utx->ut_tv.tv_sec;
1649 li->tv_usec = utx->ut_tv.tv_usec;
1653 #endif /* USE_UTMPX && HAVE_SETUTXDB && UTXDB_LASTLOGIN && HAVE_GETUTXUSER */
1657 * Logs failed login attempts in _PATH_BTMP if that exists.
1658 * The most common login failure is to give password instead of username.
1659 * So the _PATH_BTMP file checked for the correct permission, so that
1660 * only root can read it.
1664 record_failed_login(const char *username, const char *hostname,
1669 struct sockaddr_storage from;
1670 socklen_t fromlen = sizeof(from);
1671 struct sockaddr_in *a4;
1672 struct sockaddr_in6 *a6;
1678 if ((fd = open(_PATH_BTMP, O_WRONLY | O_APPEND)) < 0) {
1679 debug("Unable to open the btmp file %s: %s", _PATH_BTMP,
1683 if (fstat(fd, &fst) < 0) {
1684 logit("%s: fstat of %s failed: %s", __func__, _PATH_BTMP,
1688 if((fst.st_mode & (S_IXGRP | S_IRWXO)) || (fst.st_uid != 0)){
1689 logit("Excess permission or bad ownership on file %s",
1694 memset(&ut, 0, sizeof(ut));
1695 /* strncpy because we don't necessarily want nul termination */
1696 strncpy(ut.ut_user, username, sizeof(ut.ut_user));
1697 strlcpy(ut.ut_line, "ssh:notty", sizeof(ut.ut_line));
1700 ut.ut_time = t; /* ut_time is not always a time_t */
1701 ut.ut_type = LOGIN_PROCESS;
1702 ut.ut_pid = getpid();
1704 /* strncpy because we don't necessarily want nul termination */
1705 strncpy(ut.ut_host, hostname, sizeof(ut.ut_host));
1707 if (packet_connection_is_on_socket() &&
1708 getpeername(packet_get_connection_in(),
1709 (struct sockaddr *)&from, &fromlen) == 0) {
1710 ipv64_normalise_mapped(&from, &fromlen);
1711 if (from.ss_family == AF_INET) {
1712 a4 = (struct sockaddr_in *)&from;
1713 memcpy(&ut.ut_addr, &(a4->sin_addr),
1714 MIN_SIZEOF(ut.ut_addr, a4->sin_addr));
1716 #ifdef HAVE_ADDR_V6_IN_UTMP
1717 if (from.ss_family == AF_INET6) {
1718 a6 = (struct sockaddr_in6 *)&from;
1719 memcpy(&ut.ut_addr_v6, &(a6->sin6_addr),
1720 MIN_SIZEOF(ut.ut_addr_v6, a6->sin6_addr));
1725 if (atomicio(vwrite, fd, &ut, sizeof(ut)) != sizeof(ut))
1726 error("Failed to write to %s: %s", _PATH_BTMP,
1732 #endif /* USE_BTMP */