When sshd tries to read beyond the end of lastlog, e.g. when logging to a high-uid user that has never logged in yet, atomicio() returns 0 and lastlog_get_entry() generates a bogus error message for errno==0 (e.g. "lastlog_get_entry: Error reading from /var/log/lastlog: Success"). The following patch prevents it. Also, I made an attempt to report partial reads in a proper way. diff -urN openssh-3.0.2p1.old/loginrec.c openssh-3.0.2p1/loginrec.c --- openssh-3.0.2p1.old/loginrec.c Tue Oct 30 03:50:40 2001 +++ openssh-3.0.2p1/loginrec.c Tue Feb 12 23:16:43 2002 @@ -1486,15 +1486,23 @@ lastlog_get_entry(struct logininfo *li) { struct lastlog last; - int fd; + int fd, r; if (!lastlog_openseek(li, &fd, O_RDONLY)) return 0; - if (atomicio(read, fd, &last, sizeof(last)) != sizeof(last)) { + r = atomicio(read, fd, &last, sizeof(last)); + if (r == 0) { + /* no recorded login */ + memset(&last, '\0', sizeof(last)); + } else if (r != sizeof(last)) { close(fd); - log("lastlog_get_entry: Error reading from %s: %s", - LASTLOG_FILE, strerror(errno)); + if (r == -1) + log("lastlog_get_entry: Error reading from %s: %s", + LASTLOG_FILE, strerror(errno)); + else + log("lastlog_get_entry: Error reading from %s: read %d bytes, expected %d", + LASTLOG_FILE, r, sizeof(last)); return 0; }
Similar fix applied - thanks.
*** Bug 492 has been marked as a duplicate of this bug. ***
Mass change of RESOLVED bugs to CLOSED