usr.bin/ssh/sshlogin.c at jcs · jcs.org/openbsd-src

jcs.org / openbsd-src
fork atom
jcs's openbsd hax
openbsd
fork atom
openbsd-src / usr.bin / ssh / sshlogin.c
at jcs 198 lines 5.9 kB view raw
wrap content
jsg remove duplicate includes; ok dtucker@ 7w ago
5bc91341
  1/* $OpenBSD: sshlogin.c,v 1.37 2026/02/16 23:47:06 jsg Exp $ */
  2/*
  3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
  4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  5 *                    All rights reserved
  6 * This file performs some of the things login(1) normally does.  We cannot
  7 * easily use something like login -p -h host -f user, because there are
  8 * several different logins around, and it is hard to determined what kind of
  9 * login the current system has.  Also, we want to be able to execute commands
 10 * on a tty.
 11 *
 12 * As far as I am concerned, the code I have written for this software
 13 * can be used freely for any purpose.  Any derived versions of this
 14 * software must be clearly marked as such, and if the derived work is
 15 * incompatible with the protocol description in the RFC file, it must be
 16 * called by a name other than "ssh" or "Secure Shell".
 17 *
 18 * Copyright (c) 1999 Theo de Raadt.  All rights reserved.
 19 * Copyright (c) 1999 Markus Friedl.  All rights reserved.
 20 *
 21 * Redistribution and use in source and binary forms, with or without
 22 * modification, are permitted provided that the following conditions
 23 * are met:
 24 * 1. Redistributions of source code must retain the above copyright
 25 *    notice, this list of conditions and the following disclaimer.
 26 * 2. Redistributions in binary form must reproduce the above copyright
 27 *    notice, this list of conditions and the following disclaimer in the
 28 *    documentation and/or other materials provided with the distribution.
 29 *
 30 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 31 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 32 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 33 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 34 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 35 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 36 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 37 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 38 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 39 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 40 */
 41
 42#include <sys/types.h>
 43#include <sys/socket.h>
 44
 45#include <errno.h>
 46#include <fcntl.h>
 47#include <stdarg.h>
 48#include <stdio.h>
 49#include <stdlib.h>
 50#include <string.h>
 51#include <time.h>
 52#include <unistd.h>
 53#include <util.h>
 54#include <utmp.h>
 55#include <limits.h>
 56
 57#include "sshlogin.h"
 58#include "ssherr.h"
 59#include "log.h"
 60#include "sshbuf.h"
 61#include "misc.h"
 62#include "servconf.h"
 63
 64extern struct sshbuf *loginmsg;
 65extern ServerOptions options;
 66
 67/*
 68 * Returns the time when the user last logged in.  Returns 0 if the
 69 * information is not available.  This must be called before record_login.
 70 * The host the user logged in from will be returned in buf.
 71 */
 72time_t
 73get_last_login_time(uid_t uid, const char *logname,
 74    char *buf, size_t bufsize)
 75{
 76	struct lastlog ll;
 77	char *lastlog;
 78	int fd;
 79	off_t pos, r;
 80
 81	lastlog = _PATH_LASTLOG;
 82	buf[0] = '\0';
 83
 84	fd = open(lastlog, O_RDONLY);
 85	if (fd == -1)
 86		return 0;
 87
 88	pos = (off_t)uid * sizeof(ll);
 89	r = lseek(fd, pos, SEEK_SET);
 90	if (r == -1) {
 91		error_f("lseek: %s", strerror(errno));
 92		close(fd);
 93		return (0);
 94	}
 95	if (r != pos) {
 96		debug_f("truncated lastlog");
 97		close(fd);
 98		return (0);
 99	}
100	if (read(fd, &ll, sizeof(ll)) != sizeof(ll)) {
101		close(fd);
102		return 0;
103	}
104	close(fd);
105	if (bufsize > sizeof(ll.ll_host) + 1)
106		bufsize = sizeof(ll.ll_host) + 1;
107	strncpy(buf, ll.ll_host, bufsize - 1);
108	buf[bufsize - 1] = '\0';
109	return (time_t)ll.ll_time;
110}
111
112/*
113 * Generate and store last login message.  This must be done before
114 * login_login() is called and lastlog is updated.
115 */
116static void
117store_lastlog_message(const char *user, uid_t uid)
118{
119	char *time_string, hostname[HOST_NAME_MAX+1] = "";
120	time_t last_login_time;
121	int r;
122
123	if (!options.print_lastlog)
124		return;
125
126	last_login_time = get_last_login_time(uid, user, hostname,
127	    sizeof(hostname));
128
129	if (last_login_time != 0) {
130		time_string = ctime(&last_login_time);
131		time_string[strcspn(time_string, "\n")] = '\0';
132		if (strcmp(hostname, "") == 0)
133			r = sshbuf_putf(loginmsg, "Last login: %s\r\n",
134			    time_string);
135		else
136			r = sshbuf_putf(loginmsg, "Last login: %s from %s\r\n",
137			    time_string, hostname);
138		if (r != 0)
139			fatal_fr(r, "sshbuf_putf");
140	}
141}
142
143/*
144 * Records that the user has logged in.  I wish these parts of operating
145 * systems were more standardized.
146 */
147void
148record_login(pid_t pid, const char *tty, const char *user, uid_t uid,
149    const char *host, struct sockaddr *addr, socklen_t addrlen)
150{
151	int fd;
152	struct lastlog ll;
153	char *lastlog;
154	struct utmp u;
155
156	/* save previous login details before writing new */
157	store_lastlog_message(user, uid);
158
159	/* Construct an utmp/wtmp entry. */
160	memset(&u, 0, sizeof(u));
161	strncpy(u.ut_line, tty + 5, sizeof(u.ut_line));
162	u.ut_time = time(NULL);
163	strncpy(u.ut_name, user, sizeof(u.ut_name));
164	strncpy(u.ut_host, host, sizeof(u.ut_host));
165
166	login(&u);
167	lastlog = _PATH_LASTLOG;
168
169	/* Update lastlog unless actually recording a logout. */
170	if (strcmp(user, "") != 0) {
171		/*
172		 * It is safer to memset the lastlog structure first because
173		 * some systems might have some extra fields in it (e.g. SGI)
174		 */
175		memset(&ll, 0, sizeof(ll));
176
177		/* Update lastlog. */
178		ll.ll_time = time(NULL);
179		strncpy(ll.ll_line, tty + 5, sizeof(ll.ll_line));
180		strncpy(ll.ll_host, host, sizeof(ll.ll_host));
181		fd = open(lastlog, O_RDWR);
182		if (fd >= 0) {
183			lseek(fd, (off_t)uid * sizeof(ll), SEEK_SET);
184			if (write(fd, &ll, sizeof(ll)) != sizeof(ll))
185				logit("Could not write %.100s: %.100s", lastlog, strerror(errno));
186			close(fd);
187		}
188	}
189}
190
191/* Records that the user has logged out. */
192void
193record_logout(pid_t pid, const char *tty)
194{
195	const char *line = tty + 5;	/* /dev/ttyq8 -> ttyq8 */
196	if (logout(line))
197		logwtmp(line, "", "");
198}