sshlogin.c revision 76607
1/* 2 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * All rights reserved 5 * This file performs some of the things login(1) normally does. We cannot 6 * easily use something like login -p -h host -f user, because there are 7 * several different logins around, and it is hard to determined what kind of 8 * login the current system has. Also, we want to be able to execute commands 9 * on a tty. 10 * 11 * As far as I am concerned, the code I have written for this software 12 * can be used freely for any purpose. Any derived versions of this 13 * software must be clearly marked as such, and if the derived work is 14 * incompatible with the protocol description in the RFC file, it must be 15 * called by a name other than "ssh" or "Secure Shell". 16 * 17 * Copyright (c) 1999 Theo de Raadt. All rights reserved. 18 * Copyright (c) 1999 Markus Friedl. All rights reserved. 19 * 20 * Redistribution and use in source and binary forms, with or without 21 * modification, are permitted provided that the following conditions 22 * are met: 23 * 1. Redistributions of source code must retain the above copyright 24 * notice, this list of conditions and the following disclaimer. 25 * 2. Redistributions in binary form must reproduce the above copyright 26 * notice, this list of conditions and the following disclaimer in the 27 * documentation and/or other materials provided with the distribution. 28 * 29 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 30 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 31 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 32 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 33 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 34 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 35 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 36 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 37 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 38 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 39 */ 40 41#include "includes.h" 42RCSID("$OpenBSD: sshlogin.c,v 1.2 2001/03/24 16:43:27 stevesk Exp $"); 43RCSID("$FreeBSD: head/crypto/openssh/sshlogin.c 76607 2001-05-15 01:50:40Z green $"); 44 45#include <libutil.h> 46#include <utmp.h> 47#include "sshlogin.h" 48#include "log.h" 49 50/* 51 * Returns the time when the user last logged in. Returns 0 if the 52 * information is not available. This must be called before record_login. 53 * The host the user logged in from will be returned in buf. 54 */ 55 56u_long 57get_last_login_time(uid_t uid, const char *logname, 58 char *buf, u_int bufsize) 59{ 60 struct lastlog ll; 61 char *lastlog; 62 int fd; 63 64 lastlog = _PATH_LASTLOG; 65 buf[0] = '\0'; 66 67 fd = open(lastlog, O_RDONLY); 68 if (fd < 0) 69 return 0; 70 lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET); 71 if (read(fd, &ll, sizeof(ll)) != sizeof(ll)) { 72 close(fd); 73 return 0; 74 } 75 close(fd); 76 if (bufsize > sizeof(ll.ll_host) + 1) 77 bufsize = sizeof(ll.ll_host) + 1; 78 strncpy(buf, ll.ll_host, bufsize - 1); 79 buf[bufsize - 1] = 0; 80 return ll.ll_time; 81} 82 83/* 84 * Records that the user has logged in. I these parts of operating systems 85 * were more standardized. 86 */ 87 88void 89record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid, 90 const char *host, struct sockaddr * addr) 91{ 92 int fd; 93 struct lastlog ll; 94 char *lastlog; 95 struct utmp u; 96 97 /* Construct an utmp/wtmp entry. */ 98 memset(&u, 0, sizeof(u)); 99 strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line)); 100 u.ut_time = time(NULL); 101 strncpy(u.ut_name, user, sizeof(u.ut_name)); 102 realhostname_sa(u.ut_host, sizeof(u.ut_host), addr, addr->sa_len); 103 104 login(&u); 105 lastlog = _PATH_LASTLOG; 106 107 /* Update lastlog unless actually recording a logout. */ 108 if (strcmp(user, "") != 0) { 109 /* 110 * It is safer to bzero the lastlog structure first because 111 * some systems might have some extra fields in it (e.g. SGI) 112 */ 113 memset(&ll, 0, sizeof(ll)); 114 115 /* Update lastlog. */ 116 ll.ll_time = time(NULL); 117 strncpy(ll.ll_line, ttyname + 5, sizeof(ll.ll_line)); 118 strncpy(ll.ll_host, host, sizeof(ll.ll_host)); 119 fd = open(lastlog, O_RDWR); 120 if (fd >= 0) { 121 lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET); 122 if (write(fd, &ll, sizeof(ll)) != sizeof(ll)) 123 log("Could not write %.100s: %.100s", lastlog, strerror(errno)); 124 close(fd); 125 } 126 } 127} 128 129/* Records that the user has logged out. */ 130 131void 132record_logout(pid_t pid, const char *ttyname) 133{ 134 const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */ 135 if (logout(line)) 136 logwtmp(line, "", ""); 137} 138