1 /* $OpenBSD: sshlogin.c,v 1.31 2015/01/20 23:14:00 deraadt Exp $ */
2 /*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * All rights reserved
6 * This file performs some of the things login(1) normally does. We cannot
7 * easily use something like login -p -h host -f user, because there are
8 * several different logins around, and it is hard to determined what kind of
9 * login the current system has. Also, we want to be able to execute commands
10 * on a tty.
11 *
12 * As far as I am concerned, the code I have written for this software
13 * can be used freely for any purpose. Any derived versions of this
14 * software must be clearly marked as such, and if the derived work is
15 * incompatible with the protocol description in the RFC file, it must be
16 * called by a name other than "ssh" or "Secure Shell".
17 *
18 * Copyright (c) 1999 Theo de Raadt. All rights reserved.
19 * Copyright (c) 1999 Markus Friedl. All rights reserved.
20 *
21 * Redistribution and use in source and binary forms, with or without
22 * modification, are permitted provided that the following conditions
23 * are met:
24 * 1. Redistributions of source code must retain the above copyright
25 * notice, this list of conditions and the following disclaimer.
26 * 2. Redistributions in binary form must reproduce the above copyright
27 * notice, this list of conditions and the following disclaimer in the
28 * documentation and/or other materials provided with the distribution.
29 *
30 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
31 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
32 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
33 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
34 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
35 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
36 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
37 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
38 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
39 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
40 */
41
42 #include "includes.h"
43
44 #include <sys/types.h>
45 #include <sys/socket.h>
46
47 #include <netinet/in.h>
48
49 #include <errno.h>
50 #include <fcntl.h>
51 #include <stdarg.h>
52 #include <stdio.h>
53 #include <string.h>
54 #include <time.h>
55 #include <unistd.h>
56 #include <limits.h>
57
58 #include "loginrec.h"
59 #include "log.h"
60 #include "buffer.h"
61 #include "misc.h"
62 #include "servconf.h"
63
64 extern Buffer loginmsg;
65 extern ServerOptions options;
66
67 /*
68 * Returns the time when the user last logged in. Returns 0 if the
69 * information is not available. This must be called before record_login.
70 * The host the user logged in from will be returned in buf.
71 */
72 time_t
get_last_login_time(uid_t uid,const char * logname,char * buf,size_t bufsize)73 get_last_login_time(uid_t uid, const char *logname,
74 char *buf, size_t bufsize)
75 {
76 struct logininfo li;
77
78 login_get_lastlog(&li, uid);
79 strlcpy(buf, li.hostname, bufsize);
80 return (time_t)li.tv_sec;
81 }
82
83 /*
84 * Generate and store last login message. This must be done before
85 * login_login() is called and lastlog is updated.
86 */
87 static void
store_lastlog_message(const char * user,uid_t uid)88 store_lastlog_message(const char *user, uid_t uid)
89 {
90 #ifndef NO_SSH_LASTLOG
91 char *time_string, hostname[HOST_NAME_MAX+1] = "", buf[512];
92 time_t last_login_time;
93
94 if (!options.print_lastlog)
95 return;
96
97 # ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG
98 time_string = sys_auth_get_lastlogin_msg(user, uid);
99 if (time_string != NULL) {
100 buffer_append(&loginmsg, time_string, strlen(time_string));
101 free(time_string);
102 }
103 # else
104 last_login_time = get_last_login_time(uid, user, hostname,
105 sizeof(hostname));
106
107 if (last_login_time != 0) {
108 time_string = ctime(&last_login_time);
109 time_string[strcspn(time_string, "\n")] = '\0';
110 if (strcmp(hostname, "") == 0)
111 snprintf(buf, sizeof(buf), "Last login: %s\r\n",
112 time_string);
113 else
114 snprintf(buf, sizeof(buf), "Last login: %s from %s\r\n",
115 time_string, hostname);
116 buffer_append(&loginmsg, buf, strlen(buf));
117 }
118 # endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */
119 #endif /* NO_SSH_LASTLOG */
120 }
121
122 /*
123 * Records that the user has logged in. I wish these parts of operating
124 * systems were more standardized.
125 */
126 void
record_login(pid_t pid,const char * tty,const char * user,uid_t uid,const char * host,struct sockaddr * addr,socklen_t addrlen)127 record_login(pid_t pid, const char *tty, const char *user, uid_t uid,
128 const char *host, struct sockaddr *addr, socklen_t addrlen)
129 {
130 struct logininfo *li;
131
132 /* save previous login details before writing new */
133 store_lastlog_message(user, uid);
134
135 li = login_alloc_entry(pid, user, host, tty);
136 login_set_addr(li, addr, addrlen);
137 login_login(li);
138 login_free_entry(li);
139 }
140
141 #ifdef LOGIN_NEEDS_UTMPX
142 void
record_utmp_only(pid_t pid,const char * ttyname,const char * user,const char * host,struct sockaddr * addr,socklen_t addrlen)143 record_utmp_only(pid_t pid, const char *ttyname, const char *user,
144 const char *host, struct sockaddr *addr, socklen_t addrlen)
145 {
146 struct logininfo *li;
147
148 li = login_alloc_entry(pid, user, host, ttyname);
149 login_set_addr(li, addr, addrlen);
150 login_utmp_only(li);
151 login_free_entry(li);
152 }
153 #endif
154
155 /* Records that the user has logged out. */
156 void
record_logout(pid_t pid,const char * tty,const char * user)157 record_logout(pid_t pid, const char *tty, const char *user)
158 {
159 struct logininfo *li;
160
161 li = login_alloc_entry(pid, user, NULL, tty);
162 login_logout(li);
163 login_free_entry(li);
164 }
165