Annotation of src/usr.bin/ssh/sshlogin.c, Revision 1.3
1.1 djm 1: /*
2: * Author: Tatu Ylonen <ylo@cs.hut.fi>
3: * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4: * All rights reserved
5: * This file performs some of the things login(1) normally does. We cannot
6: * easily use something like login -p -h host -f user, because there are
7: * several different logins around, and it is hard to determined what kind of
8: * login the current system has. Also, we want to be able to execute commands
9: * on a tty.
10: *
11: * As far as I am concerned, the code I have written for this software
12: * can be used freely for any purpose. Any derived versions of this
13: * software must be clearly marked as such, and if the derived work is
14: * incompatible with the protocol description in the RFC file, it must be
15: * called by a name other than "ssh" or "Secure Shell".
16: *
17: * Copyright (c) 1999 Theo de Raadt. All rights reserved.
18: * Copyright (c) 1999 Markus Friedl. All rights reserved.
19: *
20: * Redistribution and use in source and binary forms, with or without
21: * modification, are permitted provided that the following conditions
22: * are met:
23: * 1. Redistributions of source code must retain the above copyright
24: * notice, this list of conditions and the following disclaimer.
25: * 2. Redistributions in binary form must reproduce the above copyright
26: * notice, this list of conditions and the following disclaimer in the
27: * documentation and/or other materials provided with the distribution.
28: *
29: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
30: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
31: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
32: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
33: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
34: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
35: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
36: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
37: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39: */
40:
41: #include "includes.h"
1.3 ! deraadt 42: RCSID("$OpenBSD: sshlogin.c,v 1.2 2001/03/24 16:43:27 stevesk Exp $");
1.1 djm 43:
44: #include <util.h>
45: #include <utmp.h>
46: #include "sshlogin.h"
47: #include "log.h"
48:
49: /*
50: * Returns the time when the user last logged in. Returns 0 if the
51: * information is not available. This must be called before record_login.
52: * The host the user logged in from will be returned in buf.
53: */
54:
55: u_long
56: get_last_login_time(uid_t uid, const char *logname,
57: char *buf, u_int bufsize)
58: {
59: struct lastlog ll;
60: char *lastlog;
61: int fd;
62:
63: lastlog = _PATH_LASTLOG;
64: buf[0] = '\0';
65:
66: fd = open(lastlog, O_RDONLY);
67: if (fd < 0)
68: return 0;
69: lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET);
70: if (read(fd, &ll, sizeof(ll)) != sizeof(ll)) {
71: close(fd);
72: return 0;
73: }
74: close(fd);
75: if (bufsize > sizeof(ll.ll_host) + 1)
76: bufsize = sizeof(ll.ll_host) + 1;
77: strncpy(buf, ll.ll_host, bufsize - 1);
78: buf[bufsize - 1] = 0;
79: return ll.ll_time;
80: }
81:
82: /*
83: * Records that the user has logged in. I these parts of operating systems
84: * were more standardized.
85: */
86:
87: void
88: record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid,
1.3 ! deraadt 89: const char *host, struct sockaddr * addr)
1.1 djm 90: {
91: int fd;
92: struct lastlog ll;
93: char *lastlog;
94: struct utmp u;
95:
96: /* Construct an utmp/wtmp entry. */
97: memset(&u, 0, sizeof(u));
98: strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line));
99: u.ut_time = time(NULL);
100: strncpy(u.ut_name, user, sizeof(u.ut_name));
101: strncpy(u.ut_host, host, sizeof(u.ut_host));
102:
103: login(&u);
104: lastlog = _PATH_LASTLOG;
105:
106: /* Update lastlog unless actually recording a logout. */
107: if (strcmp(user, "") != 0) {
108: /*
109: * It is safer to bzero the lastlog structure first because
110: * some systems might have some extra fields in it (e.g. SGI)
111: */
112: memset(&ll, 0, sizeof(ll));
113:
114: /* Update lastlog. */
115: ll.ll_time = time(NULL);
116: strncpy(ll.ll_line, ttyname + 5, sizeof(ll.ll_line));
117: strncpy(ll.ll_host, host, sizeof(ll.ll_host));
118: fd = open(lastlog, O_RDWR);
119: if (fd >= 0) {
120: lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET);
121: if (write(fd, &ll, sizeof(ll)) != sizeof(ll))
122: log("Could not write %.100s: %.100s", lastlog, strerror(errno));
123: close(fd);
124: }
125: }
126: }
127:
128: /* Records that the user has logged out. */
129:
130: void
131: record_logout(pid_t pid, const char *ttyname)
132: {
133: const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */
134: if (logout(line))
135: logwtmp(line, "", "");
136: }