Annotation of src/usr.bin/ssh/sshlogin.c, Revision 1.4
1.1 djm 1: /*
2: * Author: Tatu Ylonen <ylo@cs.hut.fi>
3: * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4: * All rights reserved
5: * This file performs some of the things login(1) normally does. We cannot
6: * easily use something like login -p -h host -f user, because there are
7: * several different logins around, and it is hard to determined what kind of
8: * login the current system has. Also, we want to be able to execute commands
9: * on a tty.
10: *
11: * As far as I am concerned, the code I have written for this software
12: * can be used freely for any purpose. Any derived versions of this
13: * software must be clearly marked as such, and if the derived work is
14: * incompatible with the protocol description in the RFC file, it must be
15: * called by a name other than "ssh" or "Secure Shell".
16: *
17: * Copyright (c) 1999 Theo de Raadt. All rights reserved.
18: * Copyright (c) 1999 Markus Friedl. All rights reserved.
19: *
20: * Redistribution and use in source and binary forms, with or without
21: * modification, are permitted provided that the following conditions
22: * are met:
23: * 1. Redistributions of source code must retain the above copyright
24: * notice, this list of conditions and the following disclaimer.
25: * 2. Redistributions in binary form must reproduce the above copyright
26: * notice, this list of conditions and the following disclaimer in the
27: * documentation and/or other materials provided with the distribution.
28: *
29: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
30: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
31: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
32: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
33: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
34: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
35: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
36: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
37: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39: */
40:
41: #include "includes.h"
1.4 ! deraadt 42: RCSID("$OpenBSD: sshlogin.c,v 1.3 2001/12/19 07:18:56 deraadt Exp $");
1.1 djm 43:
44: #include <util.h>
45: #include <utmp.h>
46: #include "sshlogin.h"
47: #include "log.h"
48:
49: /*
50: * Returns the time when the user last logged in. Returns 0 if the
51: * information is not available. This must be called before record_login.
52: * The host the user logged in from will be returned in buf.
53: */
54: u_long
55: get_last_login_time(uid_t uid, const char *logname,
1.4 ! deraadt 56: char *buf, u_int bufsize)
1.1 djm 57: {
58: struct lastlog ll;
59: char *lastlog;
60: int fd;
61:
62: lastlog = _PATH_LASTLOG;
63: buf[0] = '\0';
64:
65: fd = open(lastlog, O_RDONLY);
66: if (fd < 0)
67: return 0;
68: lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET);
69: if (read(fd, &ll, sizeof(ll)) != sizeof(ll)) {
70: close(fd);
71: return 0;
72: }
73: close(fd);
74: if (bufsize > sizeof(ll.ll_host) + 1)
75: bufsize = sizeof(ll.ll_host) + 1;
76: strncpy(buf, ll.ll_host, bufsize - 1);
77: buf[bufsize - 1] = 0;
78: return ll.ll_time;
79: }
80:
81: /*
82: * Records that the user has logged in. I these parts of operating systems
83: * were more standardized.
84: */
85: void
86: record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid,
1.4 ! deraadt 87: const char *host, struct sockaddr * addr)
1.1 djm 88: {
89: int fd;
90: struct lastlog ll;
91: char *lastlog;
92: struct utmp u;
93:
94: /* Construct an utmp/wtmp entry. */
95: memset(&u, 0, sizeof(u));
96: strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line));
97: u.ut_time = time(NULL);
98: strncpy(u.ut_name, user, sizeof(u.ut_name));
99: strncpy(u.ut_host, host, sizeof(u.ut_host));
100:
101: login(&u);
102: lastlog = _PATH_LASTLOG;
103:
104: /* Update lastlog unless actually recording a logout. */
105: if (strcmp(user, "") != 0) {
106: /*
107: * It is safer to bzero the lastlog structure first because
108: * some systems might have some extra fields in it (e.g. SGI)
109: */
110: memset(&ll, 0, sizeof(ll));
111:
112: /* Update lastlog. */
113: ll.ll_time = time(NULL);
114: strncpy(ll.ll_line, ttyname + 5, sizeof(ll.ll_line));
115: strncpy(ll.ll_host, host, sizeof(ll.ll_host));
116: fd = open(lastlog, O_RDWR);
117: if (fd >= 0) {
118: lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET);
119: if (write(fd, &ll, sizeof(ll)) != sizeof(ll))
120: log("Could not write %.100s: %.100s", lastlog, strerror(errno));
121: close(fd);
122: }
123: }
124: }
125:
126: /* Records that the user has logged out. */
127: void
128: record_logout(pid_t pid, const char *ttyname)
129: {
130: const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */
131: if (logout(line))
132: logwtmp(line, "", "");
133: }