-/* $OpenBSD: failedlogin.c,v 1.1 1996/11/09 20:17:15 millert Exp $ */
+/* $OpenBSD: failedlogin.c,v 1.2 1996/12/04 04:04:41 millert Exp $ */
/*
* Copyright (c) 1996 Todd C. Miller <Todd.Miller@courtesan.com>
*/
#ifndef lint
-static char rcsid[] = "$OpenBSD: failedlogin.c,v 1.1 1996/11/09 20:17:15 millert Exp $";
+static char rcsid[] = "$OpenBSD: failedlogin.c,v 1.2 1996/12/04 04:04:41 millert Exp $";
#endif /* not lint */
/*
#include "pathnames.h"
struct badlogin {
- size_t count; /* number of bad logins */
- time_t bl_time; /* time of the login attempt */
char bl_line[UT_LINESIZE]; /* tty used */
+ char bl_name[UT_NAMESIZE]; /* remote username */
char bl_host[UT_HOSTSIZE]; /* remote host */
+ time_t bl_time; /* time of the login attempt */
+ size_t count; /* number of bad logins */
};
/*
* Log a bad login to the failedlogin file.
*/
void
-log_failedlogin(uid, host, tty)
+log_failedlogin(uid, host, name, tty)
uid_t uid;
- char *host, *tty;
+ char *host, *name, *tty;
{
struct badlogin failedlogin;
int fd;
strncpy(failedlogin.bl_host, host, sizeof(failedlogin.bl_host));
else
*failedlogin.bl_host = '\0'; /* NULL host field */
+ if (name)
+ strncpy(failedlogin.bl_name, name, sizeof(failedlogin.bl_name));
+ else
+ *failedlogin.bl_name = '\0'; /* NULL name field */
(void)write(fd, (char *)&failedlogin, sizeof(failedlogin));
(void)close(fd);
}
(int)sizeof(failedlogin.bl_line),
failedlogin.bl_line);
if (*failedlogin.bl_host != '\0')
- (void)printf(" from %.*s",
- (int)sizeof(failedlogin.bl_host),
- failedlogin.bl_host);
+ if (*failedlogin.bl_name != '\0')
+ (void)printf(" from %.*s@%.*s",
+ (int)sizeof(failedlogin.bl_name),
+ failedlogin.bl_name,
+ (int)sizeof(failedlogin.bl_host),
+ failedlogin.bl_host);
+ else
+ (void)printf(" from %.*s",
+ (int)sizeof(failedlogin.bl_host),
+ failedlogin.bl_host);
(void)putchar('\n');
/* Reset since this is a good login and write record */
-/* $OpenBSD: login.c,v 1.13 1996/11/09 20:17:17 millert Exp $ */
+/* $OpenBSD: login.c,v 1.14 1996/12/04 04:04:41 millert Exp $ */
/* $NetBSD: login.c,v 1.13 1996/05/15 23:50:16 jtc Exp $ */
/*-
#if 0
static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94";
#endif
-static char rcsid[] = "$OpenBSD: login.c,v 1.13 1996/11/09 20:17:17 millert Exp $";
+static char rcsid[] = "$OpenBSD: login.c,v 1.14 1996/12/04 04:04:41 millert Exp $";
#endif /* not lint */
/*
extern void login __P((struct utmp *));
extern int check_failedlogin __P((uid_t));
-extern void log_failedlogin __P((uid_t, char *, char *));
+extern void log_failedlogin __P((uid_t, char *, char *, char *));
#define TTYGRPNAME "tty" /* name of group to own ttys */
struct passwd *pwd;
int failures;
-char term[64], *envinit[1], *hostname, *tty, *username = NULL;
+char term[64], *envinit[1], *hostname, *tty;
+char *username = NULL, *rusername = NULL;
int
main(argc, argv)
struct stat st;
struct timeval tp;
struct utmp utmp;
- int ask, ch, cnt, fflag, hflag, pflag, quietlog, rootlogin, rval;
+ int ask, ch, cnt, fflag, hflag, pflag, uflag, quietlog, rootlogin, rval;
uid_t uid;
char *domain, *p, *salt, *ttyn;
char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10];
fflag = hflag = pflag = 0;
uid = getuid();
- while ((ch = getopt(argc, argv, "fh:p")) != EOF)
+ while ((ch = getopt(argc, argv, "fh:u:p")) != EOF)
switch (ch) {
case 'f':
fflag = 1;
case 'p':
pflag = 1;
break;
+ case 'u':
+ if (uid)
+ errx(1, "-u option: %s", strerror(EPERM));
+ uflag = 1;
+ rusername = optarg;
+ break;
case '?':
default:
if (!uid)
pwd->pw_name);
if (hostname)
syslog(LOG_NOTICE,
- "LOGIN %s REFUSED FROM %s ON TTY %s",
- pwd->pw_name, hostname, tty);
+ "LOGIN %s REFUSED FROM %s%s%s ON TTY %s",
+ pwd->pw_name, rusername ? rusername : "",
+ rusername ? "@" : "", hostname, tty);
else
syslog(LOG_NOTICE,
"LOGIN %s REFUSED ON TTY %s",
(void)printf("Login incorrect\n");
failures++;
if (pwd)
- log_failedlogin(pwd->pw_uid, hostname, tty);
+ log_failedlogin(pwd->pw_uid, hostname, rusername, tty);
/* we allow 10 tries, but after 3 we start backing off */
if (++cnt > 3) {
if (cnt >= 10) {
(void)setenv("LOGNAME", pwd->pw_name, 1);
(void)setenv("USER", pwd->pw_name, 1);
(void)setenv("PATH", _PATH_DEFPATH, 0);
+ if (hostname)
+ (void)setenv("REMOTEHOST", hostname, 1);
+ if (rusername)
+ (void)setenv("REMOTEUSER", rusername, 1);
#ifdef KERBEROS
if (krbtkfile_env)
(void)setenv("KRBTKFILE", krbtkfile_env, 1);
/* If fflag is on, assume caller/authenticator has logged root login. */
if (rootlogin && fflag == 0)
if (hostname)
- syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s",
- username, tty, hostname);
+ syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s%s%s",
+ username, tty, rusername ? rusername : "",
+ rusername ? "@" : "", hostname);
else
syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", username, tty);
ll.ll_time != 0) {
(void)printf("Last login: %.*s ",
24-5, (char *)ctime(&ll.ll_time));
+ (void)printf("on %.*s",
+ (int)sizeof(ll.ll_line),
+ ll.ll_line);
if (*ll.ll_host != '\0')
- (void)printf("from %.*s\n",
+ (void)printf(" from %.*s",
(int)sizeof(ll.ll_host),
ll.ll_host);
- else
- (void)printf("on %.*s\n",
- (int)sizeof(ll.ll_line),
- ll.ll_line);
+ (void)putchar('\n');
}
(void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET);
}
if (failures == 0)
return;
if (hostname) {
- syslog(LOG_NOTICE, "%d LOGIN FAILURE%s FROM %s",
- failures, failures > 1 ? "S" : "", hostname);
+ syslog(LOG_NOTICE, "%d LOGIN FAILURE%s FROM %s%s%s",
+ failures, failures > 1 ? "S" : "",
+ rusername ? rusername : "", rusername ? "@" : "", hostname);
syslog(LOG_AUTHPRIV|LOG_NOTICE,
- "%d LOGIN FAILURE%s FROM %s, %s",
- failures, failures > 1 ? "S" : "", hostname, name);
+ "%d LOGIN FAILURE%s FROM %s%s%s, %s",
+ failures, failures > 1 ? "S" : "",
+ rusername ? rusername : "", rusername ? "@" : "",
+ hostname, name);
} else {
syslog(LOG_NOTICE, "%d LOGIN FAILURE%s ON %s",
failures, failures > 1 ? "S" : "", tty);
projects / openbsd / commitdiff