sshlogin.c revision 296633 
1184299Snwhitehorn/* $OpenBSD: sshlogin.c,v 1.32 2015/12/26 20:51:35 guenther Exp $ */
2184299Snwhitehorn/*
3184299Snwhitehorn * Author: Tatu Ylonen <ylo@cs.hut.fi>
4184299Snwhitehorn * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5184299Snwhitehorn *                    All rights reserved
6184299Snwhitehorn * This file performs some of the things login(1) normally does.  We cannot
7184299Snwhitehorn * easily use something like login -p -h host -f user, because there are
8184299Snwhitehorn * several different logins around, and it is hard to determined what kind of
9184299Snwhitehorn * login the current system has.  Also, we want to be able to execute commands
10184299Snwhitehorn * on a tty.
11184299Snwhitehorn *
12184299Snwhitehorn * As far as I am concerned, the code I have written for this software
13184299Snwhitehorn * can be used freely for any purpose.  Any derived versions of this
14184299Snwhitehorn * software must be clearly marked as such, and if the derived work is
15184299Snwhitehorn * incompatible with the protocol description in the RFC file, it must be
16184299Snwhitehorn * called by a name other than "ssh" or "Secure Shell".
17184299Snwhitehorn *
18184299Snwhitehorn * Copyright (c) 1999 Theo de Raadt.  All rights reserved.
19184299Snwhitehorn * Copyright (c) 1999 Markus Friedl.  All rights reserved.
20184299Snwhitehorn *
21184299Snwhitehorn * Redistribution and use in source and binary forms, with or without
22184299Snwhitehorn * modification, are permitted provided that the following conditions
23184299Snwhitehorn * are met:
24184299Snwhitehorn * 1. Redistributions of source code must retain the above copyright
25184299Snwhitehorn *    notice, this list of conditions and the following disclaimer.
26184299Snwhitehorn * 2. Redistributions in binary form must reproduce the above copyright
27184299Snwhitehorn *    notice, this list of conditions and the following disclaimer in the
28184299Snwhitehorn *    documentation and/or other materials provided with the distribution.
29184299Snwhitehorn *
30184299Snwhitehorn * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
31184299Snwhitehorn * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
32184299Snwhitehorn * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
33184299Snwhitehorn * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
34184299Snwhitehorn * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
35184299Snwhitehorn * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
36184299Snwhitehorn * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
37184299Snwhitehorn * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
38184299Snwhitehorn * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
39184299Snwhitehorn * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
40184299Snwhitehorn */
41184299Snwhitehorn
42184299Snwhitehorn#include "includes.h"
43184299Snwhitehorn
44184299Snwhitehorn#include <sys/types.h>
45184299Snwhitehorn#include <sys/socket.h>
46184299Snwhitehorn
47184299Snwhitehorn#include <netinet/in.h>
48184299Snwhitehorn
49184299Snwhitehorn#include <errno.h>
50184299Snwhitehorn#include <fcntl.h>
51184299Snwhitehorn#include <stdarg.h>
52184299Snwhitehorn#include <stdio.h>
53184299Snwhitehorn#include <string.h>
54184299Snwhitehorn#include <time.h>
55184299Snwhitehorn#include <unistd.h>
56184299Snwhitehorn#include <limits.h>
57184299Snwhitehorn
58184299Snwhitehorn#include "loginrec.h"
59#include "log.h"
60#include "buffer.h"
61#include "misc.h"
62#include "servconf.h"
63
64extern Buffer loginmsg;
65extern ServerOptions options;
66
67/*
68 * Returns the time when the user last logged in.  Returns 0 if the
69 * information is not available.  This must be called before record_login.
70 * The host the user logged in from will be returned in buf.
71 */
72time_t
73get_last_login_time(uid_t uid, const char *logname,
74    char *buf, size_t bufsize)
75{
76	struct logininfo li;
77
78	login_get_lastlog(&li, uid);
79	strlcpy(buf, li.hostname, bufsize);
80	return (time_t)li.tv_sec;
81}
82
83/*
84 * Generate and store last login message.  This must be done before
85 * login_login() is called and lastlog is updated.
86 */
87static void
88store_lastlog_message(const char *user, uid_t uid)
89{
90#ifndef NO_SSH_LASTLOG
91	char *time_string, hostname[HOST_NAME_MAX+1] = "", buf[512];
92	time_t last_login_time;
93
94	if (!options.print_lastlog)
95		return;
96
97# ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG
98	time_string = sys_auth_get_lastlogin_msg(user, uid);
99	if (time_string != NULL) {
100		buffer_append(&loginmsg, time_string, strlen(time_string));
101		free(time_string);
102	}
103# else
104	last_login_time = get_last_login_time(uid, user, hostname,
105	    sizeof(hostname));
106
107	if (last_login_time != 0) {
108		time_string = ctime(&last_login_time);
109		time_string[strcspn(time_string, "\n")] = '\0';
110		if (strcmp(hostname, "") == 0)
111			snprintf(buf, sizeof(buf), "Last login: %s\r\n",
112			    time_string);
113		else
114			snprintf(buf, sizeof(buf), "Last login: %s from %s\r\n",
115			    time_string, hostname);
116		buffer_append(&loginmsg, buf, strlen(buf));
117	}
118# endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */
119#endif /* NO_SSH_LASTLOG */
120}
121
122/*
123 * Records that the user has logged in.  I wish these parts of operating
124 * systems were more standardized.
125 */
126void
127record_login(pid_t pid, const char *tty, const char *user, uid_t uid,
128    const char *host, struct sockaddr *addr, socklen_t addrlen)
129{
130	struct logininfo *li;
131
132	/* save previous login details before writing new */
133	store_lastlog_message(user, uid);
134
135	li = login_alloc_entry(pid, user, host, tty);
136	login_set_addr(li, addr, addrlen);
137	login_login(li);
138	login_free_entry(li);
139}
140
141#ifdef LOGIN_NEEDS_UTMPX
142void
143record_utmp_only(pid_t pid, const char *ttyname, const char *user,
144		 const char *host, struct sockaddr *addr, socklen_t addrlen)
145{
146	struct logininfo *li;
147
148	li = login_alloc_entry(pid, user, host, ttyname);
149	login_set_addr(li, addr, addrlen);
150	login_utmp_only(li);
151	login_free_entry(li);
152}
153#endif
154
155/* Records that the user has logged out. */
156void
157record_logout(pid_t pid, const char *tty, const char *user)
158{
159	struct logininfo *li;
160
161	li = login_alloc_entry(pid, user, NULL, tty);
162	login_logout(li);
163	login_free_entry(li);
164}
165