Attachment 287 Details for Bug 463 – Generate loginmsg as part of login recording (against OpenBSD -current)

[patch] Generate loginmsg as part of login recording (against OpenBSD -current)

openbsd-loginmsg.patch (text/plain), 9.18 KB, created by Darren Tucker on 2003-05-10 19:34:29 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Darren Tucker

Created: 2003-05-10 19:34:29 AEST

Size: 9.18 KB

patch

obsolete

>Index: monitor.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/monitor.c,v
>retrieving revision 1.38
>diff -u -r1.38 monitor.c
>--- monitor.c	2003/04/08 20:21:28	1.38
>+++ monitor.c	2003/05/10 09:25:04
>@@ -110,6 +110,7 @@
> int mm_answer_pty(int, Buffer *);
> int mm_answer_pty_cleanup(int, Buffer *);
> int mm_answer_term(int, Buffer *);
>+int mm_answer_getloginmsg(int, Buffer *);
> int mm_answer_rsa_keyallowed(int, Buffer *);
> int mm_answer_rsa_challenge(int, Buffer *);
> int mm_answer_rsa_response(int, Buffer *);
>@@ -176,6 +177,7 @@
>     {MONITOR_REQ_PTY, 0, mm_answer_pty},
>     {MONITOR_REQ_PTYCLEANUP, 0, mm_answer_pty_cleanup},
>     {MONITOR_REQ_TERM, 0, mm_answer_term},
>+    {MONITOR_REQ_LOGINMSG, 0, mm_answer_getloginmsg},
>     {0, 0, NULL}
> };
> 
>@@ -209,6 +211,7 @@
>     {MONITOR_REQ_PTY, MON_ONCE, mm_answer_pty},
>     {MONITOR_REQ_PTYCLEANUP, MON_ONCE, mm_answer_pty_cleanup},
>     {MONITOR_REQ_TERM, 0, mm_answer_term},
>+    {MONITOR_REQ_LOGINMSG, 0, mm_answer_getloginmsg},
>     {0, 0, NULL}
> };
> 
>@@ -314,6 +317,7 @@
> 	if (!no_pty_flag) {
> 		monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1);
> 		monitor_permit(mon_dispatch, MONITOR_REQ_PTYCLEANUP, 1);
>+		monitor_permit(mon_dispatch, MONITOR_REQ_LOGINMSG, 1);
> 	}
> 
> 	for (;;)
>@@ -1068,6 +1072,22 @@
> 		mm_session_close(s);
> 	buffer_put_int(m, 0);
> 	mm_request_send(socket, MONITOR_ANS_PTY, m);
>+	return (0);
>+}
>+
>+int
>+mm_answer_getloginmsg(int socket, Buffer *m)
>+{
>+	char *msg;
>+
>+	debug3("%s entering", __func__);
>+
>+	/* retrieve stored login message */
>+	msg = get_loginmsg();
>+
>+	buffer_clear(m);
>+	buffer_put_string(m, msg, strlen(msg));
>+	mm_request_send(socket, MONITOR_ANS_LOGINMSG, m);
> 	return (0);
> }
> 
>Index: monitor.h
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/monitor.h,v
>retrieving revision 1.8
>diff -u -r1.8 monitor.h
>--- monitor.h	2002/09/26 11:38:43	1.8
>+++ monitor.h	2003/05/10 09:25:04
>@@ -44,6 +44,7 @@
> 	MONITOR_REQ_KEYEXPORT,
> 	MONITOR_REQ_PTY, MONITOR_ANS_PTY,
> 	MONITOR_REQ_PTYCLEANUP,
>+	MONITOR_REQ_LOGINMSG, MONITOR_ANS_LOGINMSG,
> 	MONITOR_REQ_SESSKEY, MONITOR_ANS_SESSKEY,
> 	MONITOR_REQ_SESSID,
> 	MONITOR_REQ_RSAKEYALLOWED, MONITOR_ANS_RSAKEYALLOWED,
>Index: monitor_wrap.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/monitor_wrap.c,v
>retrieving revision 1.26
>diff -u -r1.26 monitor_wrap.c
>--- monitor_wrap.c	2003/04/07 08:29:57	1.26
>+++ monitor_wrap.c	2003/05/10 09:25:05
>@@ -660,6 +660,25 @@
> 	s->ttyfd = -1;
> }
> 
>+char *
>+mm_get_loginmsg(void)
>+{
>+	Buffer m;
>+	char *msg;
>+
>+	debug3("%s entering", __func__);
>+
>+	buffer_init(&m);
>+	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_LOGINMSG, &m);
>+
>+	debug3("%s waiting for MONITOR_ANS_LOGINMSG", __func__);
>+	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_LOGINMSG, &m);
>+	msg = buffer_get_string(&m, NULL);
>+	buffer_free(&m);
>+
>+	return(msg);
>+}
>+
> /* Request process termination */
> 
> void
>Index: monitor_wrap.h
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/monitor_wrap.h,v
>retrieving revision 1.8
>diff -u -r1.8 monitor_wrap.h
>--- monitor_wrap.h	2002/09/26 11:38:43	1.8
>+++ monitor_wrap.h	2003/05/10 09:25:05
>@@ -58,6 +58,7 @@
> void mm_terminate(void);
> int mm_pty_allocate(int *, int *, char *, int);
> void mm_session_pty_cleanup2(void *);
>+char *mm_get_loginmsg(void);
> 
> /* SSHv1 interfaces */
> void mm_ssh1_session_id(u_char *);
>Index: session.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/session.c,v
>retrieving revision 1.155
>diff -u -r1.155 session.c
>--- session.c	2003/04/08 20:21:29	1.155
>+++ session.c	2003/05/10 09:25:05
>@@ -86,6 +86,7 @@
> extern u_int utmp_len;
> extern int startup_pipe;
> extern void destroy_sensitive_data(void);
>+extern Buffer loginmsg;
> 
> /* original command from peer. */
> const char *original_command = NULL;
>@@ -638,7 +639,6 @@
> void
> do_login(Session *s, const char *command)
> {
>-	char *time_string;
> 	socklen_t fromlen;
> 	struct sockaddr_storage from;
> 	struct passwd * pw = s->pw;
>@@ -668,16 +668,8 @@
> 	if (check_quietlogin(s, command))
> 		return;
> 
>-	if (options.print_lastlog && s->last_login_time != 0) {
>-		time_string = ctime(&s->last_login_time);
>-		if (strchr(time_string, '\n'))
>-			*strchr(time_string, '\n') = 0;
>-		if (strcmp(s->hostname, "") == 0)
>-			printf("Last login: %s\r\n", time_string);
>-		else
>-			printf("Last login: %s from %s\r\n", time_string,
>-			    s->hostname);
>-	}
>+	/* print login messages */
>+	printf("%s", get_loginmsg());
> 
> 	do_motd();
> }
>@@ -1370,12 +1362,6 @@
> 		packet_disconnect("Protocol error: you already have a pty.");
> 		return 0;
> 	}
>-	/* Get the time and hostname when the user last logged in. */
>-	if (options.print_lastlog) {
>-		s->hostname[0] = '\0';
>-		s->last_login_time = get_last_login_time(s->pw->pw_uid,
>-		    s->pw->pw_name, s->hostname, sizeof(s->hostname));
>-	}
> 
> 	s->term = packet_get_string(&len);
> 
>@@ -1406,6 +1392,15 @@
> 		return 0;
> 	}
> 	debug("session_pty_req: session %d alloc %s", s->self, s->tty);
>+
>+	/* copy loginmsg from monitor to display after fork */
>+	if (use_privsep) {
>+		char *msg;
>+
>+		msg = PRIVSEP(get_loginmsg());
>+		buffer_clear(&loginmsg);
>+		buffer_append(&loginmsg, msg, strlen(msg));
>+	}
> 
> 	/* for SSH1 the tty modes length is not given */
> 	if (!compat20)
>Index: session.h
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/session.h,v
>retrieving revision 1.19
>diff -u -r1.19 session.h
>--- session.h	2002/06/30 21:59:45	1.19
>+++ session.h	2003/05/10 09:25:05
>@@ -39,9 +39,6 @@
> 	int	ptyfd, ttyfd, ptymaster;
> 	u_int	row, col, xpixel, ypixel;
> 	char	tty[TTYSZ];
>-	/* last login */
>-	char	hostname[MAXHOSTNAMELEN];
>-	time_t	last_login_time;
> 	/* X11 */
> 	u_int	display_number;
> 	char	*display;
>Index: sshd.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/sshd.c,v
>retrieving revision 1.265
>diff -u -r1.265 sshd.c
>--- sshd.c	2003/04/14 14:17:50	1.265
>+++ sshd.c	2003/05/10 09:25:06
>@@ -192,6 +192,9 @@
> int use_privsep;
> struct monitor *pmonitor;
> 
>+/* message to be displayed after login */
>+Buffer loginmsg;
>+
> /* Prototypes for various functions defined later in this file. */
> void destroy_sensitive_data(void);
> void demote_sensitive_data(void);
>@@ -1439,6 +1442,9 @@
> 	if (use_privsep)
> 		if ((authctxt = privsep_preauth()) != NULL)
> 			goto authenticated;
>+
>+	/* prepare buffer to collect authentication messages */
>+	buffer_init(&loginmsg);
> 
> 	/* perform the key exchange */
> 	/* authenticate user and start session */
>Index: sshlogin.c
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/sshlogin.c,v
>retrieving revision 1.6
>diff -u -r1.6 sshlogin.c
>--- sshlogin.c	2003/04/08 20:21:29	1.6
>+++ sshlogin.c	2003/05/10 09:25:06
>@@ -45,7 +45,12 @@
> #include <utmp.h>
> #include "sshlogin.h"
> #include "log.h"
>+#include "buffer.h"
>+#include "servconf.h"
> 
>+extern Buffer loginmsg;
>+extern ServerOptions options;
>+
> /*
>  * Returns the time when the user last logged in.  Returns 0 if the
>  * information is not available.  This must be called before record_login.
>@@ -78,9 +83,47 @@
> 	return ll.ll_time;
> }
> 
>+/*
>+ * Retrieves loginmsg.  Returns empty string if no message exists.
>+ */
>+char *
>+get_loginmsg(void)
>+{
>+	buffer_append(&loginmsg, "", 1);   /* null terminate string */
>+	return(buffer_ptr(&loginmsg));
>+}
>+
>+/*
>+ * Generate and store last login message.  This must be done before
>+ * login_login() is called and lastlog is updated.
>+ */
>+void
>+store_lastlog_message(const char *user, uid_t uid)
>+{
>+	char *time_string, hostname[MAXHOSTNAMELEN], buf[512];
>+	time_t last_login_time;
>+
>+	hostname[0] = '\0';
>+	last_login_time = get_last_login_time(uid, user, hostname,
>+	    sizeof(hostname));
>+
>+	if (options.print_lastlog && last_login_time != 0) {
>+		time_string = ctime(&last_login_time);
>+		if (strchr(time_string, '\n'))
>+                        *strchr(time_string, '\n') = 0;
>+                if (strcmp(hostname, "") == 0)
>+			snprintf(buf, sizeof(buf), "Last login: %s\r\n",
>+			    time_string);
>+                else
>+			snprintf(buf, sizeof(buf), "Last login: %s from %s\r\n",
>+			    time_string, hostname);
>+		buffer_append(&loginmsg, buf, strlen(buf));
>+	}
>+}
>+
> /*
>- * Records that the user has logged in.  I these parts of operating systems
>- * were more standardized.
>+ * Records that the user has logged in.  I wish these parts of operating
>+ * systems were more standardized.
>  */
> void
> record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid,
>@@ -90,6 +133,9 @@
> 	struct lastlog ll;
> 	char *lastlog;
> 	struct utmp u;
>+
>+	/* save previous login details before writing new */
>+	store_lastlog_message(user, uid);
> 
> 	/* Construct an utmp/wtmp entry. */
> 	memset(&u, 0, sizeof(u));
>Index: sshlogin.h
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/sshlogin.h,v
>retrieving revision 1.4
>diff -u -r1.4 sshlogin.h
>--- sshlogin.h	2002/08/29 15:57:25	1.4
>+++ sshlogin.h	2003/05/10 09:25:06
>@@ -19,5 +19,6 @@
>     const char *, struct sockaddr *, socklen_t);
> void	 record_logout(pid_t, const char *);
> u_long	 get_last_login_time(uid_t, const char *, char *, u_int);
>+char	*get_loginmsg(void);
> 
> #endif

Actions: View | Diff

Attachments on bug 463: 235 | 287 | 288 | 676 | 677