|
Lines 25-30
Link Here
|
| 25 |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
25 |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 26 |
*/ |
26 |
*/ |
| 27 |
|
27 |
|
|
|
28 |
/* |
| 29 |
* The btmp logging code is derived from login.c from util-linux and is under |
| 30 |
* the the following license: |
| 31 |
* |
| 32 |
* Copyright (c) 1980, 1987, 1988 The Regents of the University of California. |
| 33 |
* All rights reserved. |
| 34 |
* |
| 35 |
* Redistribution and use in source and binary forms are permitted |
| 36 |
* provided that the above copyright notice and this paragraph are |
| 37 |
* duplicated in all such forms and that any documentation, |
| 38 |
* advertising materials, and other materials related to such |
| 39 |
* distribution and use acknowledge that the software was developed |
| 40 |
* by the University of California, Berkeley. The name of the |
| 41 |
* University may not be used to endorse or promote products derived |
| 42 |
* from this software without specific prior written permission. |
| 43 |
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR |
| 44 |
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED |
| 45 |
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. |
| 46 |
*/ |
| 47 |
|
| 48 |
|
| 28 |
/** |
49 |
/** |
| 29 |
** loginrec.c: platform-independent login recording and lastlog retrieval |
50 |
** loginrec.c: platform-independent login recording and lastlog retrieval |
| 30 |
**/ |
51 |
**/ |
|
Lines 131-136
Link Here
|
| 131 |
#include "loginrec.h" |
152 |
#include "loginrec.h" |
| 132 |
#include "log.h" |
153 |
#include "log.h" |
| 133 |
#include "atomicio.h" |
154 |
#include "atomicio.h" |
|
|
155 |
#include "packet.h" |
| 134 |
|
156 |
|
| 135 |
#ifdef HAVE_UTIL_H |
157 |
#ifdef HAVE_UTIL_H |
| 136 |
# include <util.h> |
158 |
# include <util.h> |
|
Lines 1563-1565
lastlog_get_entry(struct logininfo *li)
Link Here
|
| 1563 |
return (0); |
1585 |
return (0); |
| 1564 |
} |
1586 |
} |
| 1565 |
#endif /* USE_LASTLOG */ |
1587 |
#endif /* USE_LASTLOG */ |
|
|
1588 |
|
| 1589 |
#ifdef USE_BTMP |
| 1590 |
/* |
| 1591 |
* Logs failed login attempts in _PATH_BTMP if that exists. |
| 1592 |
* The most common login failure is to give password instead of username. |
| 1593 |
* So the _PATH_BTMP file checked for the correct permission, so that |
| 1594 |
* only root can read it. |
| 1595 |
*/ |
| 1596 |
|
| 1597 |
void |
| 1598 |
record_failed_login(const char *username, const char *hostname, |
| 1599 |
const char *ttyn) |
| 1600 |
{ |
| 1601 |
int fd; |
| 1602 |
struct utmp ut; |
| 1603 |
struct sockaddr_storage from; |
| 1604 |
size_t fromlen = sizeof(from); |
| 1605 |
struct sockaddr_in *a4; |
| 1606 |
struct sockaddr_in6 *a6; |
| 1607 |
time_t t; |
| 1608 |
struct stat fst; |
| 1609 |
|
| 1610 |
if (geteuid() != 0) |
| 1611 |
return; |
| 1612 |
if ((fd = open(_PATH_BTMP, O_WRONLY | O_APPEND)) < 0) { |
| 1613 |
debug("Unable to open the btmp file %s: %s", _PATH_BTMP, |
| 1614 |
strerror(errno)); |
| 1615 |
return; |
| 1616 |
} |
| 1617 |
if (fstat(fd, &fst) < 0) { |
| 1618 |
logit("%s: fstat of %s failed: %s", __func__, _PATH_BTMP, |
| 1619 |
strerror(errno)); |
| 1620 |
goto out; |
| 1621 |
} |
| 1622 |
if((fst.st_mode & (S_IRWXG | S_IRWXO)) || (fst.st_uid != 0)){ |
| 1623 |
logit("Excess permission or bad ownership on file %s", |
| 1624 |
_PATH_BTMP); |
| 1625 |
goto out; |
| 1626 |
} |
| 1627 |
|
| 1628 |
memset(&ut, 0, sizeof(ut)); |
| 1629 |
/* strncpy because we don't necessarily want nul termination */ |
| 1630 |
strncpy(ut.ut_user, username, sizeof(ut.ut_user)); |
| 1631 |
strlcpy(ut.ut_line, "ssh:notty", sizeof(ut.ut_line)); |
| 1632 |
|
| 1633 |
time(&t); |
| 1634 |
ut.ut_time = t; /* ut_time is not always a time_t */ |
| 1635 |
ut.ut_type = LOGIN_PROCESS; |
| 1636 |
ut.ut_pid = getpid(); |
| 1637 |
|
| 1638 |
/* strncpy because we don't necessarily want nul termination */ |
| 1639 |
strncpy(ut.ut_host, hostname, sizeof(ut.ut_host)); |
| 1640 |
|
| 1641 |
if (packet_connection_is_on_socket() && |
| 1642 |
getpeername(packet_get_connection_in(), |
| 1643 |
(struct sockaddr *)&from, &fromlen) == 0) { |
| 1644 |
if (from.ss_family == AF_INET) { |
| 1645 |
a4 = (struct sockaddr_in *)&from; |
| 1646 |
memcpy(&ut.ut_addr, &(a4->sin_addr), |
| 1647 |
MIN_SIZEOF(ut.ut_addr, a4->sin_addr)); |
| 1648 |
} |
| 1649 |
#ifdef HAVE_ADDR_V6_IN_UTMP |
| 1650 |
if (from.ss_family == AF_INET6) { |
| 1651 |
a6 = (struct sockaddr_in6 *)&from; |
| 1652 |
memcpy(&ut.ut_addr_v6, &(a6->sin6_addr), |
| 1653 |
MIN_SIZEOF(ut.ut_addr_v6, a6->sin6_addr)); |
| 1654 |
} |
| 1655 |
#endif |
| 1656 |
} |
| 1657 |
|
| 1658 |
if (atomicio(vwrite, fd, &ut, sizeof(ut)) != sizeof(ut)) |
| 1659 |
error("Failed to write to %s: %s", _PATH_BTMP, |
| 1660 |
strerror(errno)); |
| 1661 |
|
| 1662 |
out: |
| 1663 |
close(fd); |
| 1664 |
} |
| 1665 |
#endif /* USE_BTMP */ |