sshlogin.c revision 76607 
1/*
2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 *                    All rights reserved
5 * This file performs some of the things login(1) normally does.  We cannot
6 * easily use something like login -p -h host -f user, because there are
7 * several different logins around, and it is hard to determined what kind of
8 * login the current system has.  Also, we want to be able to execute commands
9 * on a tty.
10 *
11 * As far as I am concerned, the code I have written for this software
12 * can be used freely for any purpose.  Any derived versions of this
13 * software must be clearly marked as such, and if the derived work is
14 * incompatible with the protocol description in the RFC file, it must be
15 * called by a name other than "ssh" or "Secure Shell".
16 *
17 * Copyright (c) 1999 Theo de Raadt.  All rights reserved.
18 * Copyright (c) 1999 Markus Friedl.  All rights reserved.
19 *
20 * Redistribution and use in source and binary forms, with or without
21 * modification, are permitted provided that the following conditions
22 * are met:
23 * 1. Redistributions of source code must retain the above copyright
24 *    notice, this list of conditions and the following disclaimer.
25 * 2. Redistributions in binary form must reproduce the above copyright
26 *    notice, this list of conditions and the following disclaimer in the
27 *    documentation and/or other materials provided with the distribution.
28 *
29 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
30 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
31 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
32 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
33 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
34 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
35 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
36 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
37 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 */
40
41#include "includes.h"
42RCSID("$OpenBSD: sshlogin.c,v 1.2 2001/03/24 16:43:27 stevesk Exp $");
43RCSID("$FreeBSD: head/crypto/openssh/sshlogin.c 76607 2001-05-15 01:50:40Z green $");
44
45#include <libutil.h>
46#include <utmp.h>
47#include "sshlogin.h"
48#include "log.h"
49
50/*
51 * Returns the time when the user last logged in.  Returns 0 if the
52 * information is not available.  This must be called before record_login.
53 * The host the user logged in from will be returned in buf.
54 */
55
56u_long
57get_last_login_time(uid_t uid, const char *logname,
58		    char *buf, u_int bufsize)
59{
60	struct lastlog ll;
61	char *lastlog;
62	int fd;
63
64	lastlog = _PATH_LASTLOG;
65	buf[0] = '\0';
66
67	fd = open(lastlog, O_RDONLY);
68	if (fd < 0)
69		return 0;
70	lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET);
71	if (read(fd, &ll, sizeof(ll)) != sizeof(ll)) {
72		close(fd);
73		return 0;
74	}
75	close(fd);
76	if (bufsize > sizeof(ll.ll_host) + 1)
77		bufsize = sizeof(ll.ll_host) + 1;
78	strncpy(buf, ll.ll_host, bufsize - 1);
79	buf[bufsize - 1] = 0;
80	return ll.ll_time;
81}
82
83/*
84 * Records that the user has logged in.  I these parts of operating systems
85 * were more standardized.
86 */
87
88void
89record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid,
90	     const char *host, struct sockaddr * addr)
91{
92	int fd;
93	struct lastlog ll;
94	char *lastlog;
95	struct utmp u;
96
97	/* Construct an utmp/wtmp entry. */
98	memset(&u, 0, sizeof(u));
99	strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line));
100	u.ut_time = time(NULL);
101	strncpy(u.ut_name, user, sizeof(u.ut_name));
102	realhostname_sa(u.ut_host, sizeof(u.ut_host), addr, addr->sa_len);
103
104	login(&u);
105	lastlog = _PATH_LASTLOG;
106
107	/* Update lastlog unless actually recording a logout. */
108	if (strcmp(user, "") != 0) {
109		/*
110		 * It is safer to bzero the lastlog structure first because
111		 * some systems might have some extra fields in it (e.g. SGI)
112		 */
113		memset(&ll, 0, sizeof(ll));
114
115		/* Update lastlog. */
116		ll.ll_time = time(NULL);
117		strncpy(ll.ll_line, ttyname + 5, sizeof(ll.ll_line));
118		strncpy(ll.ll_host, host, sizeof(ll.ll_host));
119		fd = open(lastlog, O_RDWR);
120		if (fd >= 0) {
121			lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET);
122			if (write(fd, &ll, sizeof(ll)) != sizeof(ll))
123				log("Could not write %.100s: %.100s", lastlog, strerror(errno));
124			close(fd);
125		}
126	}
127}
128
129/* Records that the user has logged out. */
130
131void
132record_logout(pid_t pid, const char *ttyname)
133{
134	const char *line = ttyname + 5;	/* /dev/ttyq8 -> ttyq8 */
135	if (logout(line))
136		logwtmp(line, "", "");
137}
138