xref: /openbsd/usr.bin/login/failedlogin.c (revision 07ea8d15) 
1 /*	$OpenBSD: failedlogin.c,v 1.2 1996/12/04 04:04:41 millert Exp $	*/
2 
3 /*
4  * Copyright (c) 1996 Todd C. Miller <Todd.Miller@courtesan.com>
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. All advertising materials mentioning features or use of this software
16  *    must display the following acknowledgement:
17  *	This product includes software developed by Todd C. Miller.
18  * 4. The name of the author may not be used to endorse or promote products
19  *    derived from this software without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
22  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
23  * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
24  * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
25  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
26  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
27  * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
28  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
29  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
30  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31  */
32 
33 #ifndef lint
34 static char rcsid[] = "$OpenBSD: failedlogin.c,v 1.2 1996/12/04 04:04:41 millert Exp $";
35 #endif /* not lint */
36 
37 /*
38  * failedlogin.c
39  *	Log to failedlogin file and read from it, reporting the number of
40  *	failed logins since the last good login and when/from where
41  *	the last failed login was.
42  */
43 
44 #include <sys/file.h>
45 #include <sys/param.h>
46 #include <sys/stat.h>
47 #include <sys/time.h>
48 
49 #include <stdio.h>
50 #include <string.h>
51 #include <unistd.h>
52 #include <utmp.h>
53 
54 #include "pathnames.h"
55 
56 struct badlogin {
57 	char	bl_line[UT_LINESIZE];	/* tty used */
58 	char	bl_name[UT_NAMESIZE];	/* remote username */
59 	char	bl_host[UT_HOSTSIZE];	/* remote host */
60 	time_t	bl_time;		/* time of the login attempt */
61 	size_t	count;			/* number of bad logins */
62 };
63 
64 /*
65  * Log a bad login to the failedlogin file.
66  */
67 void
68 log_failedlogin(uid, host, name, tty)
69 	uid_t uid;
70 	char *host, *name, *tty;
71 {
72 	struct badlogin failedlogin;
73 	int fd;
74 
75 	/* Add O_CREAT if you want to create failedlogin if it doesn't exist */
76 	if ((fd = open(_PATH_FAILEDLOGIN, O_RDWR, S_IREAD|S_IWRITE)) >= 0) {
77 		(void)lseek(fd, (off_t)uid * sizeof(failedlogin), L_SET);
78 
79 		/* Read in last bad login so can get the count */
80 		if (read(fd, (char *)&failedlogin, sizeof(failedlogin)) !=
81 			sizeof(failedlogin) || failedlogin.bl_time == 0)
82 			memset((void *)&failedlogin, 0, sizeof(failedlogin));
83 
84 		(void)lseek(fd, (off_t)uid * sizeof(failedlogin), L_SET);
85 		/* Increment count of bad logins */
86 		++failedlogin.count;
87 		(void)time(&failedlogin.bl_time);
88 		strncpy(failedlogin.bl_line, tty, sizeof(failedlogin.bl_line));
89 		if (host)
90 			strncpy(failedlogin.bl_host, host, sizeof(failedlogin.bl_host));
91 		else
92 			*failedlogin.bl_host = '\0';	/* NULL host field */
93 		if (name)
94 			strncpy(failedlogin.bl_name, name, sizeof(failedlogin.bl_name));
95 		else
96 			*failedlogin.bl_name = '\0';	/* NULL name field */
97 		(void)write(fd, (char *)&failedlogin, sizeof(failedlogin));
98 		(void)close(fd);
99 	}
100 }
101 
102 /*
103  * Check the failedlogin file and report about the number of unsuccessful
104  * logins and info about the last one in lastlogin style.
105  * NOTE: zeros the count field since this is assumed to be called after the
106  * user has been validated.
107  */
108 int
109 check_failedlogin(uid)
110 	uid_t uid;
111 {
112 	int fd;
113 	struct badlogin failedlogin;
114 	int was_bad = 0;
115 
116 	(void)memset((void *)&failedlogin, 0, sizeof(failedlogin));
117 
118 	if ((fd = open(_PATH_FAILEDLOGIN, O_RDWR, 0)) >= 0) {
119 		(void)lseek(fd, (off_t)uid * sizeof(failedlogin), L_SET);
120 		if (read(fd, (char *)&failedlogin, sizeof(failedlogin)) ==
121 		    sizeof(failedlogin) && failedlogin.count > 0 ) {
122 			/* There was a bad login */
123 			was_bad = 1;
124 			if (failedlogin.count > 1)
125 				(void)printf("There have been %u unsuccessful login attempts to your account.\n",
126 					failedlogin.count);
127 			(void)printf("Last unsucessful login: %.*s", 24-5,
128 				(char *)ctime(&failedlogin.bl_time));
129 			(void)printf(" on %.*s",
130 			    (int)sizeof(failedlogin.bl_line),
131 			    failedlogin.bl_line);
132 			if (*failedlogin.bl_host != '\0')
133 				if (*failedlogin.bl_name != '\0')
134 					(void)printf(" from %.*s@%.*s",
135 					    (int)sizeof(failedlogin.bl_name),
136 					    failedlogin.bl_name,
137 					    (int)sizeof(failedlogin.bl_host),
138 					    failedlogin.bl_host);
139 				else
140 					(void)printf(" from %.*s",
141 					    (int)sizeof(failedlogin.bl_host),
142 					    failedlogin.bl_host);
143 			(void)putchar('\n');
144 
145 			/* Reset since this is a good login and write record */
146 			failedlogin.count = 0;
147 			(void)lseek(fd, (off_t)uid * sizeof(failedlogin), L_SET);
148 			(void)write(fd, (char *)&failedlogin, sizeof(failedlogin));
149 		}
150 		(void)close(fd);
151 	}
152 	return(was_bad);
153 }
154