sshlogin.c revision 296633
1184299Snwhitehorn/* $OpenBSD: sshlogin.c,v 1.32 2015/12/26 20:51:35 guenther Exp $ */ 2184299Snwhitehorn/* 3184299Snwhitehorn * Author: Tatu Ylonen <ylo@cs.hut.fi> 4184299Snwhitehorn * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5184299Snwhitehorn * All rights reserved 6184299Snwhitehorn * This file performs some of the things login(1) normally does. We cannot 7184299Snwhitehorn * easily use something like login -p -h host -f user, because there are 8184299Snwhitehorn * several different logins around, and it is hard to determined what kind of 9184299Snwhitehorn * login the current system has. Also, we want to be able to execute commands 10184299Snwhitehorn * on a tty. 11184299Snwhitehorn * 12184299Snwhitehorn * As far as I am concerned, the code I have written for this software 13184299Snwhitehorn * can be used freely for any purpose. Any derived versions of this 14184299Snwhitehorn * software must be clearly marked as such, and if the derived work is 15184299Snwhitehorn * incompatible with the protocol description in the RFC file, it must be 16184299Snwhitehorn * called by a name other than "ssh" or "Secure Shell". 17184299Snwhitehorn * 18184299Snwhitehorn * Copyright (c) 1999 Theo de Raadt. All rights reserved. 19184299Snwhitehorn * Copyright (c) 1999 Markus Friedl. All rights reserved. 20184299Snwhitehorn * 21184299Snwhitehorn * Redistribution and use in source and binary forms, with or without 22184299Snwhitehorn * modification, are permitted provided that the following conditions 23184299Snwhitehorn * are met: 24184299Snwhitehorn * 1. Redistributions of source code must retain the above copyright 25184299Snwhitehorn * notice, this list of conditions and the following disclaimer. 26184299Snwhitehorn * 2. Redistributions in binary form must reproduce the above copyright 27184299Snwhitehorn * notice, this list of conditions and the following disclaimer in the 28184299Snwhitehorn * documentation and/or other materials provided with the distribution. 29184299Snwhitehorn * 30184299Snwhitehorn * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 31184299Snwhitehorn * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 32184299Snwhitehorn * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 33184299Snwhitehorn * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 34184299Snwhitehorn * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 35184299Snwhitehorn * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 36184299Snwhitehorn * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 37184299Snwhitehorn * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 38184299Snwhitehorn * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 39184299Snwhitehorn * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 40184299Snwhitehorn */ 41184299Snwhitehorn 42184299Snwhitehorn#include "includes.h" 43184299Snwhitehorn 44184299Snwhitehorn#include <sys/types.h> 45184299Snwhitehorn#include <sys/socket.h> 46184299Snwhitehorn 47184299Snwhitehorn#include <netinet/in.h> 48184299Snwhitehorn 49184299Snwhitehorn#include <errno.h> 50184299Snwhitehorn#include <fcntl.h> 51184299Snwhitehorn#include <stdarg.h> 52184299Snwhitehorn#include <stdio.h> 53184299Snwhitehorn#include <string.h> 54184299Snwhitehorn#include <time.h> 55184299Snwhitehorn#include <unistd.h> 56184299Snwhitehorn#include <limits.h> 57184299Snwhitehorn 58184299Snwhitehorn#include "loginrec.h" 59#include "log.h" 60#include "buffer.h" 61#include "misc.h" 62#include "servconf.h" 63 64extern Buffer loginmsg; 65extern ServerOptions options; 66 67/* 68 * Returns the time when the user last logged in. Returns 0 if the 69 * information is not available. This must be called before record_login. 70 * The host the user logged in from will be returned in buf. 71 */ 72time_t 73get_last_login_time(uid_t uid, const char *logname, 74 char *buf, size_t bufsize) 75{ 76 struct logininfo li; 77 78 login_get_lastlog(&li, uid); 79 strlcpy(buf, li.hostname, bufsize); 80 return (time_t)li.tv_sec; 81} 82 83/* 84 * Generate and store last login message. This must be done before 85 * login_login() is called and lastlog is updated. 86 */ 87static void 88store_lastlog_message(const char *user, uid_t uid) 89{ 90#ifndef NO_SSH_LASTLOG 91 char *time_string, hostname[HOST_NAME_MAX+1] = "", buf[512]; 92 time_t last_login_time; 93 94 if (!options.print_lastlog) 95 return; 96 97# ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG 98 time_string = sys_auth_get_lastlogin_msg(user, uid); 99 if (time_string != NULL) { 100 buffer_append(&loginmsg, time_string, strlen(time_string)); 101 free(time_string); 102 } 103# else 104 last_login_time = get_last_login_time(uid, user, hostname, 105 sizeof(hostname)); 106 107 if (last_login_time != 0) { 108 time_string = ctime(&last_login_time); 109 time_string[strcspn(time_string, "\n")] = '\0'; 110 if (strcmp(hostname, "") == 0) 111 snprintf(buf, sizeof(buf), "Last login: %s\r\n", 112 time_string); 113 else 114 snprintf(buf, sizeof(buf), "Last login: %s from %s\r\n", 115 time_string, hostname); 116 buffer_append(&loginmsg, buf, strlen(buf)); 117 } 118# endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */ 119#endif /* NO_SSH_LASTLOG */ 120} 121 122/* 123 * Records that the user has logged in. I wish these parts of operating 124 * systems were more standardized. 125 */ 126void 127record_login(pid_t pid, const char *tty, const char *user, uid_t uid, 128 const char *host, struct sockaddr *addr, socklen_t addrlen) 129{ 130 struct logininfo *li; 131 132 /* save previous login details before writing new */ 133 store_lastlog_message(user, uid); 134 135 li = login_alloc_entry(pid, user, host, tty); 136 login_set_addr(li, addr, addrlen); 137 login_login(li); 138 login_free_entry(li); 139} 140 141#ifdef LOGIN_NEEDS_UTMPX 142void 143record_utmp_only(pid_t pid, const char *ttyname, const char *user, 144 const char *host, struct sockaddr *addr, socklen_t addrlen) 145{ 146 struct logininfo *li; 147 148 li = login_alloc_entry(pid, user, host, ttyname); 149 login_set_addr(li, addr, addrlen); 150 login_utmp_only(li); 151 login_free_entry(li); 152} 153#endif 154 155/* Records that the user has logged out. */ 156void 157record_logout(pid_t pid, const char *tty, const char *user) 158{ 159 struct logininfo *li; 160 161 li = login_alloc_entry(pid, user, NULL, tty); 162 login_logout(li); 163 login_free_entry(li); 164} 165