1 /* $OpenBSD: sshlogin.c,v 1.35 2020/10/18 11:32:02 djm Exp $ */ 2 /* 3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * This file performs some of the things login(1) normally does. We cannot 7 * easily use something like login -p -h host -f user, because there are 8 * several different logins around, and it is hard to determined what kind of 9 * login the current system has. Also, we want to be able to execute commands 10 * on a tty. 11 * 12 * As far as I am concerned, the code I have written for this software 13 * can be used freely for any purpose. Any derived versions of this 14 * software must be clearly marked as such, and if the derived work is 15 * incompatible with the protocol description in the RFC file, it must be 16 * called by a name other than "ssh" or "Secure Shell". 17 * 18 * Copyright (c) 1999 Theo de Raadt. All rights reserved. 19 * Copyright (c) 1999 Markus Friedl. All rights reserved. 20 * 21 * Redistribution and use in source and binary forms, with or without 22 * modification, are permitted provided that the following conditions 23 * are met: 24 * 1. Redistributions of source code must retain the above copyright 25 * notice, this list of conditions and the following disclaimer. 26 * 2. Redistributions in binary form must reproduce the above copyright 27 * notice, this list of conditions and the following disclaimer in the 28 * documentation and/or other materials provided with the distribution. 29 * 30 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 31 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 32 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 33 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 34 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 35 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 36 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 37 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 38 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 39 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 40 */ 41 42 #include "includes.h" 43 44 #include <sys/types.h> 45 #include <sys/socket.h> 46 47 #include <netinet/in.h> 48 49 #include <errno.h> 50 #include <fcntl.h> 51 #include <stdarg.h> 52 #include <stdio.h> 53 #include <stdlib.h> 54 #include <string.h> 55 #include <time.h> 56 #include <unistd.h> 57 #include <limits.h> 58 59 #include "sshlogin.h" 60 #include "ssherr.h" 61 #include "loginrec.h" 62 #include "log.h" 63 #include "sshbuf.h" 64 #include "misc.h" 65 #include "servconf.h" 66 67 extern struct sshbuf *loginmsg; 68 extern ServerOptions options; 69 70 /* 71 * Returns the time when the user last logged in. Returns 0 if the 72 * information is not available. This must be called before record_login. 73 * The host the user logged in from will be returned in buf. 74 */ 75 time_t 76 get_last_login_time(uid_t uid, const char *logname, 77 char *buf, size_t bufsize) 78 { 79 struct logininfo li; 80 81 login_get_lastlog(&li, uid); 82 strlcpy(buf, li.hostname, bufsize); 83 return (time_t)li.tv_sec; 84 } 85 86 /* 87 * Generate and store last login message. This must be done before 88 * login_login() is called and lastlog is updated. 89 */ 90 static void 91 store_lastlog_message(const char *user, uid_t uid) 92 { 93 #ifndef NO_SSH_LASTLOG 94 # ifndef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG 95 char hostname[HOST_NAME_MAX+1] = ""; 96 time_t last_login_time; 97 # endif 98 char *time_string; 99 int r; 100 101 if (!options.print_lastlog) 102 return; 103 104 # ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG 105 time_string = sys_auth_get_lastlogin_msg(user, uid); 106 if (time_string != NULL) { 107 if ((r = sshbuf_put(loginmsg, 108 time_string, strlen(time_string))) != 0) 109 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 110 free(time_string); 111 } 112 # else 113 last_login_time = get_last_login_time(uid, user, hostname, 114 sizeof(hostname)); 115 116 if (last_login_time != 0) { 117 time_string = ctime(&last_login_time); 118 time_string[strcspn(time_string, "\n")] = '\0'; 119 if (strcmp(hostname, "") == 0) 120 r = sshbuf_putf(loginmsg, "Last login: %s\r\n", 121 time_string); 122 else 123 r = sshbuf_putf(loginmsg, "Last login: %s from %s\r\n", 124 time_string, hostname); 125 if (r != 0) 126 fatal_fr(r, "sshbuf_putf"); 127 } 128 # endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */ 129 #endif /* NO_SSH_LASTLOG */ 130 } 131 132 /* 133 * Records that the user has logged in. I wish these parts of operating 134 * systems were more standardized. 135 */ 136 void 137 record_login(pid_t pid, const char *tty, const char *user, uid_t uid, 138 const char *host, struct sockaddr *addr, socklen_t addrlen) 139 { 140 struct logininfo *li; 141 142 /* save previous login details before writing new */ 143 store_lastlog_message(user, uid); 144 145 li = login_alloc_entry(pid, user, host, tty); 146 login_set_addr(li, addr, addrlen); 147 login_login(li); 148 login_free_entry(li); 149 } 150 151 #ifdef LOGIN_NEEDS_UTMPX 152 void 153 record_utmp_only(pid_t pid, const char *ttyname, const char *user, 154 const char *host, struct sockaddr *addr, socklen_t addrlen) 155 { 156 struct logininfo *li; 157 158 li = login_alloc_entry(pid, user, host, ttyname); 159 login_set_addr(li, addr, addrlen); 160 login_utmp_only(li); 161 login_free_entry(li); 162 } 163 #endif 164 165 /* Records that the user has logged out. */ 166 void 167 record_logout(pid_t pid, const char *tty, const char *user) 168 { 169 struct logininfo *li; 170 171 li = login_alloc_entry(pid, user, NULL, tty); 172 login_logout(li); 173 login_free_entry(li); 174 } 175