diff options
Diffstat (limited to 'crypto/heimdal/appl/login')
| -rw-r--r-- | crypto/heimdal/appl/login/ChangeLog | 162 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/Makefile.am | 34 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/Makefile.in | 645 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/conf.c | 55 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/login.c | 730 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/login_access.c | 261 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/login_locl.h | 128 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/login_protos.h | 67 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/osfc2.c | 79 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/read_string.c | 127 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/shadow.c | 95 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/stty_default.c | 100 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/tty.c | 70 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/utmp_login.c | 120 | ||||
| -rw-r--r-- | crypto/heimdal/appl/login/utmpx_login.c | 89 |
15 files changed, 2762 insertions, 0 deletions
diff --git a/crypto/heimdal/appl/login/ChangeLog b/crypto/heimdal/appl/login/ChangeLog new file mode 100644 index 0000000..a751cae --- /dev/null +++ b/crypto/heimdal/appl/login/ChangeLog @@ -0,0 +1,162 @@ +1999-11-09 Johan Danielsson <joda@pdc.kth.se> + + * conf.c: remove case for not having cgetent, since it's in roken + +1999-11-05 Assar Westerlund <assar@sics.se> + + * login.c (do_login): conditionalize shadow stuff on getspnam + +1999-10-30 Assar Westerlund <assar@sics.se> + + * Makefile.am (login_DEPENDENCIES): remove, it's not entirely + correct and was causing problems with non-GNU make + +1999-10-28 Assar Westerlund <assar@sics.se> + + * login.c (start_logout_proceess): don't examine `prog' before + setting it. + +1999-10-27 Assar Westerlund <assar@sics.se> + + * login.c (do_login): chown and chmod the tty. some clean-up. + +1999-10-03 Assar Westerlund <assar@sics.se> + + * login.c (krb5_start_session): correct the ccache to + krb524_convert_creds_kdc + +1999-09-28 Assar Westerlund <assar@sics.se> + + * login.c (krb5_verify): use krb5_verify_user_lrealm + +1999-09-01 Johan Danielsson <joda@pdc.kth.se> + + * login.c: SGI capability mumbo-jumbo + +1999-08-09 Johan Danielsson <joda@pdc.kth.se> + + * login.c (start_logout_process): call setproctitle + + * login_locl.h: declare struct spwd + + * login.c: add support for starting extra processes at login and + logout; always preserve TERM and TZ + + * conf.c: add configuration file support + +1999-08-07 Assar Westerlund <assar@sics.se> + + * shadow.c (check_shadow): check for a NULL sp + +1999-08-05 Assar Westerlund <assar@sics.se> + + * login.c (main): move down login incorrect to disallow account + guessing + +1999-08-04 Assar Westerlund <assar@sics.se> + + * utmpx_login.c (utmpx_login): fix for Solaris. From Miroslav + Ruda <ruda@ics.muni.cz> + + * login_locl.h: add <shadow.h> and some prototypes + + * login.c: fixes with v4 and shadow support. From Miroslav Ruda + <ruda@ics.muni.cz> + + * shadow.c: new file with functions for handling shadow passwords + + * Makefile.am: add shadow + +1999-07-22 Assar Westerlund <assar@sics.se> + + * login.c (main): generate a better tty name + +1999-05-25 Johan Danielsson <joda@pdc.kth.se> + + * login.c (do_login): set $SHELL + +1999-05-18 Assar Westerlund <assar@sics.se> + + * add login-access + +1999-05-11 Assar Westerlund <assar@sics.se> + + * login.c: copy the v5 ccache to a file after having done setuid + +1999-05-09 Assar Westerlund <assar@sics.se> + + * login.c (krb5_verify): check seteuid for errors + +Mon Apr 19 22:30:55 1999 Assar Westerlund <assar@sics.se> + + * login.c: conditionalize the kafs calls on KRB4 + + * Makefile.am (LDADD): add kafs + + * login.c: add support for getting afs tokens with v4 and v5 + +Sun Apr 18 14:12:28 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * login.c: check _PATH_NOLOGIN + + * login_locl.h: _PATH_NOLOGIN + +1999-04-11 Assar Westerlund <assar@sics.se> + + * login.c (main): use print_version + +Thu Apr 8 15:03:55 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * login.c: remove definition of KRB_VERIFY_USER et.al. (moved to + config.h) + + * login_locl.h: include udb.h, sys/resource.h, and sys/category.h + +Sat Mar 27 17:58:37 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: osfc2.c + + * login.c: magic for OSF C2, and Crays + + * login_locl.h: do_osfc2_magic proto + + * osfc2.c: bsd_locl -> login_locl + + * osfc2.c: OSF C2 magic + +Tue Mar 23 14:17:40 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * login_locl.h: _PATH_UTMP + +Sun Mar 21 15:02:31 1999 Johan Danielsson <joda@blubb.pdc.kth.se> + + * login.c: `-h' is host, not help + +Sat Mar 20 00:11:13 1999 Assar Westerlund <assar@sics.se> + + * login_locl.h: krb.h: add + + * login.c: static-size + (krb4_verify): add + +Thu Mar 18 11:36:10 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: include Makefile.am.common + +Thu Mar 11 17:53:36 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * utmpx_login.c: add some consts + + * utmp_login.c: add some consts + + * login.c: staticize + + * login_locl.h: add prototypes, and defaults for + _PATH_* + +Mon Mar 1 10:49:14 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * utmpx_login.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_* + + * utmp_login.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_* + diff --git a/crypto/heimdal/appl/login/Makefile.am b/crypto/heimdal/appl/login/Makefile.am new file mode 100644 index 0000000..22b4b62 --- /dev/null +++ b/crypto/heimdal/appl/login/Makefile.am @@ -0,0 +1,34 @@ +# $Id: Makefile.am,v 1.16 1999/10/30 08:51:45 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_krb4) + +bin_PROGRAMS = login + +login_SOURCES = \ + login.c \ + osfc2.c \ + read_string.c \ + utmp_login.c \ + utmpx_login.c \ + tty.c \ + stty_default.c \ + login_access.c \ + login_locl.h \ + login_proto.h \ + conf.c \ + shadow.c + +LDADD = $(LIB_kafs) \ + $(top_builddir)/lib/krb5/libkrb5.la \ + $(LIB_krb4) \ + $(top_builddir)/lib/des/libdes.la \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_roken) \ + $(LIB_security) + +$(srcdir)/login_protos.h: + cd $(srcdir); perl ../../cf/make-proto.pl -o login_protos.h $(login_SOURCES) || rm -f login_protos.h + +$(login_OBJECTS): $(srcdir)/login_protos.h diff --git a/crypto/heimdal/appl/login/Makefile.in b/crypto/heimdal/appl/login/Makefile.in new file mode 100644 index 0000000..10b75e8 --- /dev/null +++ b/crypto/heimdal/appl/login/Makefile.in @@ -0,0 +1,645 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.16 1999/10/30 08:51:45 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +bin_PROGRAMS = login + +login_SOURCES = login.c osfc2.c read_string.c utmp_login.c utmpx_login.c tty.c stty_default.c login_access.c login_locl.h login_proto.h conf.c shadow.c + + +LDADD = $(LIB_kafs) $(top_builddir)/lib/krb5/libkrb5.la $(LIB_krb4) $(top_builddir)/lib/des/libdes.la $(top_builddir)/lib/asn1/libasn1.la $(LIB_roken) $(LIB_security) + +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +bin_PROGRAMS = login$(EXEEXT) +PROGRAMS = $(bin_PROGRAMS) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +login_OBJECTS = login.$(OBJEXT) osfc2.$(OBJEXT) read_string.$(OBJEXT) \ +utmp_login.$(OBJEXT) utmpx_login.$(OBJEXT) tty.$(OBJEXT) \ +stty_default.$(OBJEXT) login_access.$(OBJEXT) conf.$(OBJEXT) \ +shadow.$(OBJEXT) +login_LDADD = $(LDADD) +@KRB4_TRUE@login_DEPENDENCIES = $(top_builddir)/lib/kafs/libkafs.la \ +@KRB4_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ +@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la +@KRB4_FALSE@login_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ +@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ +@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la +login_LDFLAGS = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +DIST_COMMON = ChangeLog Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +SOURCES = $(login_SOURCES) +OBJECTS = $(login_OBJECTS) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/login/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-binPROGRAMS: + +clean-binPROGRAMS: + -test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS) + +distclean-binPROGRAMS: + +maintainer-clean-binPROGRAMS: + +install-binPROGRAMS: $(bin_PROGRAMS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(bindir) + @list='$(bin_PROGRAMS)'; for p in $$list; do \ + if test -f $$p; then \ + echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ + $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + else :; fi; \ + done + +uninstall-binPROGRAMS: + @$(NORMAL_UNINSTALL) + list='$(bin_PROGRAMS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + done + +.c.o: + $(COMPILE) -c $< + +# FIXME: We should only use cygpath when building on Windows, +# and only if it is available. +.c.obj: + $(COMPILE) -c `cygpath -w $<` + +.s.o: + $(COMPILE) -c $< + +.S.o: + $(COMPILE) -c $< + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +.c.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.s.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.S.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +login$(EXEEXT): $(login_OBJECTS) $(login_DEPENDENCIES) + @rm -f login$(EXEEXT) + $(LINK) $(login_LDFLAGS) $(login_OBJECTS) $(login_LDADD) $(LIBS) + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = appl/login + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-binPROGRAMS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-binPROGRAMS +uninstall: uninstall-am +all-am: Makefile $(PROGRAMS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(bindir) + + +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-binPROGRAMS mostlyclean-compile \ + mostlyclean-libtool mostlyclean-tags \ + mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-binPROGRAMS clean-compile clean-libtool clean-tags \ + clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-binPROGRAMS distclean-compile distclean-libtool \ + distclean-tags distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-binPROGRAMS \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-tags maintainer-clean-generic \ + distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-binPROGRAMS distclean-binPROGRAMS clean-binPROGRAMS \ +maintainer-clean-binPROGRAMS uninstall-binPROGRAMS install-binPROGRAMS \ +mostlyclean-compile distclean-compile clean-compile \ +maintainer-clean-compile mostlyclean-libtool distclean-libtool \ +clean-libtool maintainer-clean-libtool tags mostlyclean-tags \ +distclean-tags clean-tags maintainer-clean-tags distdir info-am info \ +dvi-am dvi check-local check check-am installcheck-am installcheck \ +install-exec-am install-exec install-data-local install-data-am \ +install-data install-am install uninstall-am uninstall all-local \ +all-redirect all-am all installdirs mostlyclean-generic \ +distclean-generic clean-generic maintainer-clean-generic clean \ +mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +$(srcdir)/login_protos.h: + cd $(srcdir); perl ../../cf/make-proto.pl -o login_protos.h $(login_SOURCES) || rm -f login_protos.h + +$(login_OBJECTS): $(srcdir)/login_protos.h + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/appl/login/conf.c b/crypto/heimdal/appl/login/conf.c new file mode 100644 index 0000000..6a4b2a8 --- /dev/null +++ b/crypto/heimdal/appl/login/conf.c @@ -0,0 +1,55 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "login_locl.h" + +RCSID("$Id: conf.c,v 1.2 1999/11/09 18:05:49 joda Exp $"); + +static char *confbuf; + +static int +login_conf_init(void) +{ + char *files[] = { _PATH_LOGIN_CONF, NULL }; + return cgetent(&confbuf, files, "default"); +} + +char * +login_conf_get_string(const char *str) +{ + char *value; + if(login_conf_init() != 0) + return NULL; + if(cgetstr(confbuf, str, &value) < 0) + return NULL; + return value; +} diff --git a/crypto/heimdal/appl/login/login.c b/crypto/heimdal/appl/login/login.c new file mode 100644 index 0000000..a149449 --- /dev/null +++ b/crypto/heimdal/appl/login/login.c @@ -0,0 +1,730 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "login_locl.h" +#ifdef HAVE_CAPABILITY_H +#include <capability.h> +#endif +#ifdef HAVE_SYS_CAPABILITY_H +#include <sys/capability.h> +#endif + +RCSID("$Id: login.c,v 1.33 1999/12/02 17:04:55 joda Exp $"); + +/* + * the environment we will send to execle and the shell. + */ + +static char **env; +static int num_env; + +static void +extend_env(char *str) +{ + env = realloc(env, (num_env + 1) * sizeof(*env)); + if(env == NULL) + errx(1, "Out of memory!"); + env[num_env++] = str; +} + +static void +add_env(const char *var, const char *value) +{ + int i; + char *str; + asprintf(&str, "%s=%s", var, value); + if(str == NULL) + errx(1, "Out of memory!"); + for(i = 0; i < num_env; i++) + if(strncmp(env[i], var, strlen(var)) == 0 && + env[i][strlen(var)] == '='){ + free(env[i]); + env[i] = str; + return; + } + + extend_env(str); +} + +static void +copy_env(void) +{ + char **p; + for(p = environ; *p; p++) + extend_env(*p); +} + +static int +start_login_process(void) +{ + char *prog, *argv0; + prog = login_conf_get_string("login_program"); + if(prog == NULL) + return 0; + argv0 = strrchr(prog, '/'); + + if(argv0) + argv0++; + else + argv0 = prog; + + return simple_execle(prog, argv0, NULL, env); +} + +static int +start_logout_process(void) +{ + char *prog, *argv0; + pid_t pid; + + prog = login_conf_get_string("logout_program"); + if(prog == NULL) + return 0; + argv0 = strrchr(prog, '/'); + + if(argv0) + argv0++; + else + argv0 = prog; + + pid = fork(); + if(pid == 0) + return 0; + if(pid == -1) + err(1, "fork"); + /* wait for the real login process to exit */ +#ifdef HAVE_SETPROCTITLE + setproctitle("waitpid %d", pid); +#endif + while(1) { + int status; + int ret; + ret = waitpid(pid, &status, 0); + if(ret > 0) { + if(WIFEXITED(status) || WIFSIGNALED(status)) { + execle(prog, argv0, NULL, env); + err(1, "exec %s", prog); + } + } else if(ret < 0) + err(1, "waitpid"); + } +} + +static void +exec_shell(const char *shell, int fallback) +{ + char *sh; + const char *p; + + extend_env(NULL); + if(start_login_process() < 0) + warn("login process"); + start_logout_process(); + + p = strrchr(shell, '/'); + if(p) + p++; + else + p = shell; + asprintf(&sh, "-%s", p); + execle(shell, sh, NULL, env); + if(fallback){ + warnx("Can't exec %s, trying %s", + shell, _PATH_BSHELL); + execle(_PATH_BSHELL, "-sh", NULL, env); + err(1, "%s", _PATH_BSHELL); + } + err(1, "%s", shell); +} + +static enum { AUTH_KRB4, AUTH_KRB5 } auth; + +#ifdef KRB5 +static krb5_context context; +static krb5_ccache id, id2; + +static int +krb5_verify(struct passwd *pwd, const char *password) +{ + krb5_error_code ret; + krb5_principal princ; + + ret = krb5_init_context(&context); + if(ret) + return 1; + + ret = krb5_parse_name(context, pwd->pw_name, &princ); + if(ret){ + krb5_free_context(context); + return 1; + } + ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); + if(ret){ + krb5_free_principal(context, princ); + krb5_free_context(context); + return 1; + } + ret = krb5_verify_user_lrealm(context, + princ, + id, + password, + 1, + NULL); + krb5_free_principal(context, princ); + if (ret) + krb5_free_context (context); + return ret; +} + +static int +krb5_start_session (const struct passwd *pwd) +{ + krb5_error_code ret; + char residual[64]; + + /* copy credentials to file cache */ + snprintf(residual, sizeof(residual), "FILE:/tmp/krb5cc_%u", + (unsigned)pwd->pw_uid); + krb5_cc_resolve(context, residual, &id2); + ret = krb5_cc_copy_cache(context, id, id2); + if (ret == 0) + add_env("KRB5CCNAME", residual); + else { + krb5_cc_destroy (context, id2); + return ret; + } +#ifdef KRB4 + if (krb5_config_get_bool(context, NULL, + "libdefaults", + "krb4_get_tickets", + NULL)) { + CREDENTIALS c; + krb5_creds mcred, cred; + krb5_realm realm; + char krb4tkfile[MAXPATHLEN]; + + krb5_get_default_realm(context, &realm); + krb5_make_principal(context, &mcred.server, realm, + "krbtgt", + realm, + NULL); + free (realm); + ret = krb5_cc_retrieve_cred(context, id2, 0, &mcred, &cred); + if(ret == 0) { + ret = krb524_convert_creds_kdc(context, id2, &cred, &c); + if(ret == 0) { + snprintf(krb4tkfile,sizeof(krb4tkfile),"%s%d",TKT_ROOT, + getuid()); + krb_set_tkt_string(krb4tkfile); + tf_setup(&c, c.pname, c.pinst); + } + memset(&c, 0, sizeof(c)); + krb5_free_creds_contents(context, &cred); + } + krb5_free_principal(context, mcred.server); + } +#endif + krb5_cc_close(context, id2); + krb5_cc_destroy(context, id); + return 0; +} + +static void +krb5_finish (void) +{ + krb5_free_context(context); +} + +#ifdef KRB4 + +static int pag_set = 0; + +static void +krb5_get_afs_tokens (const struct passwd *pwd) +{ + char cell[64]; + char *pw_dir; + krb5_error_code ret; + + if (!k_hasafs ()) + return; + + ret = krb5_init_context(&context); + if(ret) + return; + ret = krb5_cc_default(context, &id2); + + if (ret == 0) { + pw_dir = pwd->pw_dir; + + if (!pag_set) { + k_setpag(); + pag_set = 1; + } + + if(k_afs_cell_of_file(pw_dir, cell, sizeof(cell)) == 0) + krb5_afslog_uid_home (context, id2, + cell, NULL, pwd->pw_uid, pwd->pw_dir); + krb5_afslog_uid_home (context, id2, NULL, NULL, + pwd->pw_uid, pwd->pw_dir); + krb5_cc_close (context, id2); + } + krb5_free_context (context); +} + +#endif /* KRB4 */ + +#endif /* KRB5 */ + +#ifdef KRB4 + +static int +krb4_verify(struct passwd *pwd, const char *password) +{ + char lrealm[REALM_SZ]; + int ret; + char ticket_file[MaxPathLen]; + + ret = krb_get_lrealm (lrealm, 1); + if (ret) + return 1; + + snprintf (ticket_file, sizeof(ticket_file), + "%s%u_%u", + TKT_ROOT, (unsigned)pwd->pw_uid, (unsigned)getpid()); + + krb_set_tkt_string (ticket_file); + + ret = krb_verify_user (pwd->pw_name, "", lrealm, (char *)password, + KRB_VERIFY_SECURE_FAIL, NULL); + if (ret) + return 1; + + if (chown (ticket_file, pwd->pw_uid, pwd->pw_gid) < 0) { + dest_tkt(); + return 1; + } + + add_env ("KRBTKFILE", ticket_file); + return 0; +} + +static void +krb4_get_afs_tokens (const struct passwd *pwd) +{ + char cell[64]; + char *pw_dir; + + if (!k_hasafs ()) + return; + + pw_dir = pwd->pw_dir; + + if (!pag_set) { + k_setpag(); + pag_set = 1; + } + + if(k_afs_cell_of_file(pw_dir, cell, sizeof(cell)) == 0) + krb_afslog_uid_home (cell, NULL, pwd->pw_uid, pwd->pw_dir); + + krb_afslog_uid_home (NULL, NULL, pwd->pw_uid, pwd->pw_dir); +} + +#endif /* KRB4 */ + +static int f_flag; +static int p_flag; +static int r_flag; +static int version_flag; +static int help_flag; +static char *remote_host; + +struct getargs args[] = { +#if 0 + { NULL, 'a' }, + { NULL, 'd' }, +#endif + { NULL, 'f', arg_flag, &f_flag, "pre-authenticated" }, + { NULL, 'h', arg_string, &remote_host, "remote host", "hostname" }, + { NULL, 'p', arg_flag, &p_flag, "don't purge environment" }, +#if 0 + { NULL, 'r', arg_flag, &r_flag, "rlogin protocol" }, +#endif + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag,&help_flag, } +}; + +int nargs = sizeof(args) / sizeof(args[0]); + +static void +update_utmp(const char *username, const char *hostname, + char *tty, char *ttyn) +{ + /* + * Update the utmp files, both BSD and SYSV style. + */ + if (utmpx_login(tty, username, hostname) != 0 && !f_flag) { + printf("No utmpx entry. You must exec \"login\" from the " + "lowest level shell.\n"); + exit(1); + } + utmp_login(ttyn, username, hostname); +} + +static void +checknologin(void) +{ + FILE *f; + char buf[1024]; + + f = fopen(_PATH_NOLOGIN, "r"); + if(f == NULL) + return; + while(fgets(buf, sizeof(buf), f)) + fputs(buf, stdout); + fclose(f); + exit(0); +} + +/* + * Actually log in the user. `pwd' contains all the relevant + * information about the user. `ttyn' is the complete name of the tty + * and `tty' the short name. + */ + +static void +do_login(const struct passwd *pwd, char *tty, char *ttyn) +{ +#ifdef HAVE_GETSPNAM + struct spwd *sp; +#endif + int rootlogin = (pwd->pw_uid == 0); + gid_t tty_gid; + struct group *gr; + const char *home_dir; + + if(!rootlogin) + checknologin(); + +#ifdef HAVE_GETSPNAM + sp = getspnam(pwd->pw_name); +#endif + + update_utmp(pwd->pw_name, remote_host ? remote_host : "", + tty, ttyn); + + gr = getgrnam ("tty"); + if (gr != NULL) + tty_gid = gr->gr_gid; + else + tty_gid = pwd->pw_gid; + + if (chown (ttyn, pwd->pw_uid, pwd->pw_gid) < 0) { + warn("chown %s", ttyn); + if (rootlogin == 0) + exit (1); + } + + if (chmod (ttyn, S_IRUSR | S_IWUSR | S_IWGRP) < 0) { + warn("chmod %s", ttyn); + if (rootlogin == 0) + exit (1); + } + +#ifdef HAVE_SETLOGIN + if(setlogin(pwd->pw_name)){ + warn("setlogin(%s)", pwd->pw_name); + if(rootlogin == 0) + exit(1); + } +#endif +#ifdef HAVE_INITGROUPS + if(initgroups(pwd->pw_name, pwd->pw_gid)){ + warn("initgroups(%s, %u)", pwd->pw_name, (unsigned)pwd->pw_gid); + if(rootlogin == 0) + exit(1); + } +#endif + if(setgid(pwd->pw_gid)){ + warn("setgid(%u)", (unsigned)pwd->pw_gid); + if(rootlogin == 0) + exit(1); + } + if(setuid(pwd->pw_uid)){ + warn("setuid(%u)", (unsigned)pwd->pw_uid); + if(rootlogin == 0) + exit(1); + } + /* all kinds of different magic */ + +#ifdef HAVE_GETSPNAM + check_shadow(pwd, sp); +#endif + + if(do_osfc2_magic(pwd->pw_uid)) + exit(1); +#if defined(HAVE_GETUDBNAM) && defined(HAVE_SETLIM) + { + struct udb *udb; + long t; + const long maxcpu = 46116860184; /* some random constant */ + udb = getudbnam(pwd->pw_name); + if(udb == UDB_NULL) + errx(1, "Failed to get UDB entry."); + t = udb->ue_pcpulim[UDBRC_INTER]; + if(t == 0 || t > maxcpu) + t = CPUUNLIM; + else + t *= 100 * CLOCKS_PER_SEC; + + if(limit(C_PROC, 0, L_CPU, t) < 0) + warn("limit C_PROC"); + + t = udb->ue_jcpulim[UDBRC_INTER]; + if(t == 0 || t > maxcpu) + t = CPUUNLIM; + else + t *= 100 * CLOCKS_PER_SEC; + + if(limit(C_JOBPROCS, 0, L_CPU, t) < 0) + warn("limit C_JOBPROCS"); + + nice(udb->ue_nice[UDBRC_INTER]); + } +#endif +#if defined(HAVE_SGI_GETCAPABILITYBYNAME) && defined(HAVE_CAP_SET_PROC) + /* XXX SGI capability hack IRIX 6.x (x >= 0?) has something + called capabilities, that allow you to give away + permissions (such as chown) to specific processes. From 6.5 + this is default on, and the default capability set seems to + not always be the empty set. The problem is that the + runtime linker refuses to do just about anything if the + process has *any* capabilities set, so we have to remove + them here (unless otherwise instructed by /etc/capability). + In IRIX < 6.5, these functions was called sgi_cap_setproc, + etc, but we ignore this fact (it works anyway). */ + { + struct user_cap *ucap = sgi_getcapabilitybyname(pwd->pw_name); + cap_t cap; + if(ucap == NULL) + cap = cap_from_text("all="); + else + cap = cap_from_text(ucap->ca_default); + if(cap == NULL) + err(1, "cap_from_text"); + if(cap_set_proc(cap) < 0) + err(1, "cap_set_proc"); + cap_free(cap); + free(ucap); + } +#endif + home_dir = pwd->pw_dir; + if (chdir(home_dir) < 0) { + fprintf(stderr, "No home directory \"%s\"!\n", pwd->pw_dir); + if (chdir("/")) + exit(0); + home_dir = "/"; + fprintf(stderr, "Logging in with home = \"/\".\n"); + } +#ifdef KRB5 + if (auth == AUTH_KRB5) { + krb5_start_session (pwd); + krb5_finish (); + } +#ifdef KRB4 + krb5_get_afs_tokens (pwd); +#endif /* KRB4 */ +#endif /* KRB5 */ + +#ifdef KRB4 + krb4_get_afs_tokens (pwd); +#endif /* KRB4 */ + + add_env("HOME", home_dir); + add_env("USER", pwd->pw_name); + add_env("LOGNAME", pwd->pw_name); + add_env("SHELL", pwd->pw_shell); + exec_shell(pwd->pw_shell, rootlogin); +} + +static int +check_password(struct passwd *pwd, const char *password) +{ + if(pwd->pw_passwd == NULL) + return 1; + if(pwd->pw_passwd[0] == '\0'){ +#ifdef ALLOW_NULL_PASSWORD + return password[0] != '\0'; +#else + return 1; +#endif + } + if(strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) == 0) + return 0; +#ifdef KRB5 + if(krb5_verify(pwd, password) == 0) { + auth = AUTH_KRB5; + return 0; + } +#endif +#ifdef KRB4 + if (krb4_verify (pwd, password) == 0) { + auth = AUTH_KRB4; + return 0; + } +#endif + return 1; +} + +static void +usage(int status) +{ + arg_printusage(args, nargs, NULL, "[username]"); + exit(status); +} + +int +main(int argc, char **argv) +{ + int max_tries = 5; + int try; + + char username[32]; + int optind = 0; + + int ask = 1; + + set_progname(argv[0]); + + openlog("login", LOG_ODELAY, LOG_AUTH); + + if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, + &optind)) + usage (1); + argc -= optind; + argv += optind; + + if(help_flag) + usage(0); + if (version_flag) { + print_version (NULL); + return 0; + } + + if (geteuid() != 0) + errx(1, "only root may use login, use su"); + + /* Default tty settings. */ + stty_default(); + + if(p_flag) + copy_env(); + else { + /* this set of variables is always preserved by BSD login */ + if(getenv("TERM")) + add_env("TERM", getenv("TERM")); + if(getenv("TZ")) + add_env("TZ", getenv("TZ")); + } + + if(*argv){ + if(strchr(*argv, '=') == NULL && strcmp(*argv, "-") != 0){ + strlcpy (username, *argv, sizeof(username)); + ask = 0; + } + } + /* XXX should we care about environment on the command line? */ + for(try = 0; try < max_tries; try++){ + struct passwd *pwd; + char password[128]; + int ret; + char ttname[32]; + char *tty, *ttyn; + + if(ask){ + f_flag = r_flag = 0; + ret = read_string("login: ", username, sizeof(username), 1); + if(ret == -3) + exit(0); + if(ret == -2) + continue; + } + pwd = k_getpwnam(username); +#ifdef ALLOW_NULL_PASSWORD + if (pwd != NULL && (pwd->pw_passwd[0] == '\0')) { + strcpy(password,""); + } + else +#endif + if(f_flag == 0) { + ret = read_string("Password: ", password, sizeof(password), 0); + if(ret == -3 || ret == -2) + continue; + } + + if(pwd == NULL){ + fprintf(stderr, "Login incorrect.\n"); + ask = 1; + continue; + } + + if(f_flag == 0 && check_password(pwd, password)){ + fprintf(stderr, "Login incorrect.\n"); + ask = 1; + continue; + } + ttyn = ttyname(STDIN_FILENO); + if(ttyn == NULL){ + snprintf(ttname, sizeof(ttname), "%s??", _PATH_TTY); + ttyn = ttname; + } + if (strncmp (ttyn, _PATH_DEV, strlen(_PATH_DEV)) == 0) + tty = ttyn + strlen(_PATH_DEV); + else + tty = ttyn; + + if (login_access (pwd, remote_host ? remote_host : tty) == 0) { + fprintf(stderr, "Permission denied\n"); + if (remote_host) + syslog(LOG_NOTICE, "%s LOGIN REFUSED FROM %s", + pwd->pw_name, remote_host); + else + syslog(LOG_NOTICE, "%s LOGIN REFUSED ON %s", + pwd->pw_name, tty); + exit (1); + } + do_login(pwd, tty, ttyn); + } + exit(1); +} diff --git a/crypto/heimdal/appl/login/login_access.c b/crypto/heimdal/appl/login/login_access.c new file mode 100644 index 0000000..86d691e --- /dev/null +++ b/crypto/heimdal/appl/login/login_access.c @@ -0,0 +1,261 @@ + /* + * This module implements a simple but effective form of login access + * control based on login names and on host (or domain) names, internet + * addresses (or network numbers), or on terminal line names in case of + * non-networked logins. Diagnostics are reported through syslog(3). + * + * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. + */ + +#include "login_locl.h" + +RCSID("$Id: login_access.c,v 1.1 1999/05/17 22:40:05 assar Exp $"); + + /* Delimiters for fields and for lists of users, ttys or hosts. */ + +static char fs[] = ":"; /* field separator */ +static char sep[] = ", \t"; /* list-element separator */ + + /* Constants to be used in assignments only, not in comparisons... */ + +#define YES 1 +#define NO 0 + + /* + * A structure to bundle up all login-related information to keep the + * functional interfaces as generic as possible. + */ +struct login_info { + struct passwd *user; + char *from; +}; + +static int list_match(char *list, struct login_info *item, + int (*match_fn)(char *, struct login_info *)); +static int user_match(char *tok, struct login_info *item); +static int from_match(char *tok, struct login_info *item); +static int string_match(char *tok, char *string); + +/* login_access - match username/group and host/tty with access control file */ + +int login_access(struct passwd *user, char *from) +{ + struct login_info item; + FILE *fp; + char line[BUFSIZ]; + char *perm; /* becomes permission field */ + char *users; /* becomes list of login names */ + char *froms; /* becomes list of terminals or hosts */ + int match = NO; + int end; + int lineno = 0; /* for diagnostics */ + char *foo; + + /* + * Bundle up the arguments to avoid unnecessary clumsiness lateron. + */ + item.user = user; + item.from = from; + + /* + * Process the table one line at a time and stop at the first match. + * Blank lines and lines that begin with a '#' character are ignored. + * Non-comment lines are broken at the ':' character. All fields are + * mandatory. The first field should be a "+" or "-" character. A + * non-existing table means no access control. + */ + + if ((fp = fopen(_PATH_LOGACCESS, "r")) != 0) { + while (!match && fgets(line, sizeof(line), fp)) { + lineno++; + if (line[end = strlen(line) - 1] != '\n') { + syslog(LOG_ERR, "%s: line %d: missing newline or line too long", + _PATH_LOGACCESS, lineno); + continue; + } + if (line[0] == '#') + continue; /* comment line */ + while (end > 0 && isspace((unsigned char)line[end - 1])) + end--; + line[end] = 0; /* strip trailing whitespace */ + if (line[0] == 0) /* skip blank lines */ + continue; + foo = NULL; + if (!(perm = strtok_r(line, fs, &foo)) + || !(users = strtok_r(NULL, fs, &foo)) + || !(froms = strtok_r(NULL, fs, &foo)) + || strtok_r(NULL, fs, &foo)) { + syslog(LOG_ERR, "%s: line %d: bad field count", + _PATH_LOGACCESS, + lineno); + continue; + } + if (perm[0] != '+' && perm[0] != '-') { + syslog(LOG_ERR, "%s: line %d: bad first field", + _PATH_LOGACCESS, + lineno); + continue; + } + match = (list_match(froms, &item, from_match) + && list_match(users, &item, user_match)); + } + fclose(fp); + } else if (errno != ENOENT) { + syslog(LOG_ERR, "cannot open %s: %m", _PATH_LOGACCESS); + } + return (match == 0 || (line[0] == '+')); +} + +/* list_match - match an item against a list of tokens with exceptions */ + +static int +list_match(char *list, + struct login_info *item, + int (*match_fn)(char *, struct login_info *)) +{ + char *tok; + int match = NO; + char *foo = NULL; + + /* + * Process tokens one at a time. We have exhausted all possible matches + * when we reach an "EXCEPT" token or the end of the list. If we do find + * a match, look for an "EXCEPT" list and recurse to determine whether + * the match is affected by any exceptions. + */ + + for (tok = strtok_r(list, sep, &foo); + tok != NULL; + tok = strtok_r(NULL, sep, &foo)) { + if (strcasecmp(tok, "EXCEPT") == 0) /* EXCEPT: give up */ + break; + if ((match = (*match_fn) (tok, item)) != 0) /* YES */ + break; + } + /* Process exceptions to matches. */ + + if (match != NO) { + while ((tok = strtok_r(NULL, sep, &foo)) && strcasecmp(tok, "EXCEPT")) + /* VOID */ ; + if (tok == 0 || list_match(NULL, item, match_fn) == NO) + return (match); + } + return (NO); +} + +/* myhostname - figure out local machine name */ + +static char *myhostname(void) +{ + static char name[MAXHOSTNAMELEN + 1] = ""; + + if (name[0] == 0) { + gethostname(name, sizeof(name)); + name[MAXHOSTNAMELEN] = 0; + } + return (name); +} + +/* netgroup_match - match group against machine or user */ + +static int netgroup_match(char *group, char *machine, char *user) +{ +#ifdef HAVE_YP_GET_DEFAULT_DOMAIN + static char *mydomain = 0; + + if (mydomain == 0) + yp_get_default_domain(&mydomain); + return (innetgr(group, machine, user, mydomain)); +#else + syslog(LOG_ERR, "NIS netgroup support not configured"); + return 0; +#endif +} + +/* user_match - match a username against one token */ + +static int user_match(char *tok, struct login_info *item) +{ + char *string = item->user->pw_name; + struct login_info fake_item; + struct group *group; + int i; + char *at; + + /* + * If a token has the magic value "ALL" the match always succeeds. + * Otherwise, return YES if the token fully matches the username, if the + * token is a group that contains the username, or if the token is the + * name of the user's primary group. + */ + + if ((at = strchr(tok + 1, '@')) != 0) { /* split user@host pattern */ + *at = 0; + fake_item.from = myhostname(); + return (user_match(tok, item) && from_match(at + 1, &fake_item)); + } else if (tok[0] == '@') { /* netgroup */ + return (netgroup_match(tok + 1, (char *) 0, string)); + } else if (string_match(tok, string)) { /* ALL or exact match */ + return (YES); + } else if ((group = getgrnam(tok)) != 0) { /* try group membership */ + if (item->user->pw_gid == group->gr_gid) + return (YES); + for (i = 0; group->gr_mem[i]; i++) + if (strcasecmp(string, group->gr_mem[i]) == 0) + return (YES); + } + return (NO); +} + +/* from_match - match a host or tty against a list of tokens */ + +static int from_match(char *tok, struct login_info *item) +{ + char *string = item->from; + int tok_len; + int str_len; + + /* + * If a token has the magic value "ALL" the match always succeeds. Return + * YES if the token fully matches the string. If the token is a domain + * name, return YES if it matches the last fields of the string. If the + * token has the magic value "LOCAL", return YES if the string does not + * contain a "." character. If the token is a network number, return YES + * if it matches the head of the string. + */ + + if (tok[0] == '@') { /* netgroup */ + return (netgroup_match(tok + 1, string, (char *) 0)); + } else if (string_match(tok, string)) { /* ALL or exact match */ + return (YES); + } else if (tok[0] == '.') { /* domain: match last fields */ + if ((str_len = strlen(string)) > (tok_len = strlen(tok)) + && strcasecmp(tok, string + str_len - tok_len) == 0) + return (YES); + } else if (strcasecmp(tok, "LOCAL") == 0) { /* local: no dots */ + if (strchr(string, '.') == 0) + return (YES); + } else if (tok[(tok_len = strlen(tok)) - 1] == '.' /* network */ + && strncmp(tok, string, tok_len) == 0) { + return (YES); + } + return (NO); +} + +/* string_match - match a string against one token */ + +static int string_match(char *tok, char *string) +{ + + /* + * If the token has the magic value "ALL" the match always succeeds. + * Otherwise, return YES if the token fully matches the string. + */ + + if (strcasecmp(tok, "ALL") == 0) { /* all: always matches */ + return (YES); + } else if (strcasecmp(tok, string) == 0) { /* try exact match */ + return (YES); + } + return (NO); +} diff --git a/crypto/heimdal/appl/login/login_locl.h b/crypto/heimdal/appl/login/login_locl.h new file mode 100644 index 0000000..2d2f7fd --- /dev/null +++ b/crypto/heimdal/appl/login/login_locl.h @@ -0,0 +1,128 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: login_locl.h,v 1.17 1999/12/02 17:04:55 joda Exp $ */ + +#ifndef __LOGIN_LOCL_H__ +#define __LOGIN_LOCL_H__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <unistd.h> +#include <syslog.h> +#include <signal.h> +#include <termios.h> +#include <err.h> +#include <pwd.h> +#include <roken.h> +#include <getarg.h> +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif +#ifdef HAVE_PATHS_H +#include <paths.h> +#endif +#ifdef HAVE_UTMP_H +#include <utmp.h> +#endif +#ifdef HAVE_UTMPX_H +#include <utmpx.h> +#endif +#ifdef HAVE_UDB_H +#include <udb.h> +#endif +#ifdef HAVE_SYS_RESOURCE_H +#include <sys/resource.h> +#endif +#ifdef HAVE_SYS_CATEGORY_H +#include <sys/category.h> +#endif +#ifdef HAVE_SYS_WAIT_H +#include <sys/wait.h> +#endif +#ifdef HAVE_SHADOW_H +#include <shadow.h> +#endif +#ifdef KRB4 +#include <krb.h> +#endif +#ifdef KRB5 +#include <krb5.h> +#endif +#include <kafs.h> + +#ifndef _PATH_BSHELL +#define _PATH_BSHELL "/bin/sh" +#endif +#ifndef _PATH_TTY +#define _PATH_TTY "/dev/tty" +#endif +#ifndef _PATH_DEV +#define _PATH_DEV "/dev/" +#endif +#ifndef _PATH_NOLOGIN +#define _PATH_NOLOGIN "/etc/nologin" +#endif +#ifndef _PATH_WTMP +#ifdef WTMP_FILE +#define _PATH_WTMP WTMP_FILE +#else +#define _PATH_WTMP "/var/adm/wtmp" +#endif +#endif +#ifndef _PATH_UTMP +#ifdef UTMP_FILE +#define _PATH_UTMP UTMP_FILE +#else +#define _PATH_UTMP "/var/adm/utmp" +#endif +#endif + +#ifndef _PATH_LOGACCESS +#define _PATH_LOGACCESS "/etc/login.access" +#endif /* _PATH_LOGACCESS */ + +#ifndef _PATH_LOGIN_CONF +#define _PATH_LOGIN_CONF "/etc/login.conf" +#endif /* _PATH_LOGIN_CONF */ + +struct spwd; + +#include "login_protos.h" + +#endif /* __LOGIN_LOCL_H__ */ diff --git a/crypto/heimdal/appl/login/login_protos.h b/crypto/heimdal/appl/login/login_protos.h new file mode 100644 index 0000000..173acc5 --- /dev/null +++ b/crypto/heimdal/appl/login/login_protos.h @@ -0,0 +1,67 @@ +/* This is a generated file */ +#ifndef __login_protos_h__ +#define __login_protos_h__ + +#ifdef __STDC__ +#include <stdarg.h> +#ifndef __P +#define __P(x) x +#endif +#else +#ifndef __P +#define __P(x) () +#endif +#endif + +void +check_shadow __P(( + const struct passwd *pw, + const struct spwd *sp)); + +char * +clean_ttyname __P((char *tty)); + +int +do_osfc2_magic __P((uid_t uid)); + +int +login_access __P(( + struct passwd *user, + char *from)); + +char * +login_conf_get_string __P((const char *str)); + +char * +make_id __P((char *tty)); + +void +prepare_utmp __P(( + struct utmp *utmp, + char *tty, + const char *username, + const char *hostname)); + +int +read_string __P(( + const char *prompt, + char *buf, + size_t len, + int echo)); + +void +stty_default __P((void)); + +void +utmp_login __P(( + char *tty, + const char *username, + const char *hostname)); + +int +utmpx_login __P(( + char *line, + const char *user, + const char *host)); + +#endif /* __login_protos_h__ */ diff --git a/crypto/heimdal/appl/login/osfc2.c b/crypto/heimdal/appl/login/osfc2.c new file mode 100644 index 0000000..5d4d087 --- /dev/null +++ b/crypto/heimdal/appl/login/osfc2.c @@ -0,0 +1,79 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "login_locl.h" +RCSID("$Id: osfc2.c,v 1.3 1999/12/02 17:04:56 joda Exp $"); + +int +do_osfc2_magic(uid_t uid) +{ +#ifdef HAVE_OSFC2 + struct es_passwd *epw; + char *argv[2]; + + /* fake */ + argv[0] = (char*)__progname; + argv[1] = NULL; + set_auth_parameters(1, argv); + + epw = getespwuid(uid); + if(epw == NULL) { + syslog(LOG_AUTHPRIV|LOG_NOTICE, + "getespwuid failed for %d", uid); + printf("Sorry.\n"); + return 1; + } + /* We don't check for auto-retired, foo-retired, + bar-retired, or any other kind of retired accounts + here; neither do we check for time-locked accounts, or + any other kind of serious C2 mumbo-jumbo. We do, + however, call setluid, since failing to do so is not + very good (take my word for it). */ + + if(!epw->uflg->fg_uid) { + syslog(LOG_AUTHPRIV|LOG_NOTICE, + "attempted login by %s (has no uid)", epw->ufld->fd_name); + printf("Sorry.\n"); + return 1; + } + setluid(epw->ufld->fd_uid); + if(getluid() != epw->ufld->fd_uid) { + syslog(LOG_AUTHPRIV|LOG_NOTICE, + "failed to set LUID for %s (%d)", + epw->ufld->fd_name, epw->ufld->fd_uid); + printf("Sorry.\n"); + return 1; + } +#endif /* HAVE_OSFC2 */ + return 0; +} diff --git a/crypto/heimdal/appl/login/read_string.c b/crypto/heimdal/appl/login/read_string.c new file mode 100644 index 0000000..2c4b66b --- /dev/null +++ b/crypto/heimdal/appl/login/read_string.c @@ -0,0 +1,127 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "login_locl.h" + +RCSID("$Id: read_string.c,v 1.3 1999/12/02 17:04:56 joda Exp $"); + +static sig_atomic_t intr_flag; + +static void +intr(int sig) +{ + intr_flag++; +} + +int +read_string(const char *prompt, char *buf, size_t len, int echo) +{ + struct sigaction sigs[47]; + struct sigaction sa; + FILE *tty; + int ret = 0; + int of = 0; + int i; + int c; + char *p; + + struct termios t_new, t_old; + + memset(&sa, 0, sizeof(sa)); + sa.sa_handler = intr; + sigemptyset(&sa.sa_mask); + sa.sa_flags = 0; + for(i = 0; i < sizeof(sigs) / sizeof(sigs[0]); i++) + sigaction(i, &sa, &sigs[i]); + + if((tty = fopen("/dev/tty", "r")) == NULL) + tty = stdin; + + fprintf(stderr, "%s", prompt); + fflush(stderr); + + if(echo == 0){ + tcgetattr(fileno(tty), &t_old); + memcpy(&t_new, &t_old, sizeof(t_new)); + t_new.c_lflag &= ~ECHO; + tcsetattr(fileno(tty), TCSANOW, &t_new); + } + intr_flag = 0; + p = buf; + while(intr_flag == 0){ + c = getc(tty); + if(c == EOF){ + if(!ferror(tty)) + ret = 1; + break; + } + if(c == '\n') + break; + if(of == 0) + *p++ = c; + of = (p == buf + len); + } + if(of) + p--; + *p = 0; + + if(echo == 0){ + printf("\n"); + tcsetattr(fileno(tty), TCSANOW, &t_old); + } + + if(tty != stdin) + fclose(tty); + + for(i = 0; i < sizeof(sigs) / sizeof(sigs[0]); i++) + sigaction(i, &sigs[i], NULL); + + if(ret) + return -3; + if(intr_flag) + return -2; + if(of) + return -1; + return 0; +} + + +#if 0 +int main() +{ + char s[128]; + int ret; + ret = read_string("foo: ", s, sizeof(s), 0); + printf("%d ->%s<-\n", ret, s); +} +#endif diff --git a/crypto/heimdal/appl/login/shadow.c b/crypto/heimdal/appl/login/shadow.c new file mode 100644 index 0000000..0923831 --- /dev/null +++ b/crypto/heimdal/appl/login/shadow.c @@ -0,0 +1,95 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "login_locl.h" + +RCSID("$Id: shadow.c,v 1.5 1999/12/02 17:04:56 joda Exp $"); + +#ifdef HAVE_SHADOW_H + +#ifndef _PATH_CHPASS +#define _PATH_CHPASS "/usr/bin/passwd" +#endif + +static int +change_passwd(const struct passwd *who) +{ + int status; + pid_t pid; + + switch (pid = fork()) { + case -1: + printf("fork /bin/passwd"); + exit(1); + case 0: + execlp(_PATH_CHPASS, "passwd", who->pw_name, (char *) 0); + exit(1); + default: + waitpid(pid, &status, 0); + return (status); + } +} + +void +check_shadow(const struct passwd *pw, const struct spwd *sp) +{ + long today; + + today = time(0)/(24L * 60 * 60); + + if (sp == NULL) + return; + + if (sp->sp_expire > 0) { + if (today >= sp->sp_expire) { + printf("Your account has expired.\n"); + sleep(1); + exit(0); + } else if (sp->sp_expire - today < 14) { + printf("Your account will expire in %d days.\n", + (int)(sp->sp_expire - today)); + } + } + + if (sp->sp_max > 0) { + if (today >= (sp->sp_lstchg + sp->sp_max)) { + printf("Your password has expired. Choose a new one.\n"); + change_passwd(pw); + } else if (sp->sp_warn > 0 + && (today > (sp->sp_lstchg + sp->sp_max - sp->sp_warn))) { + printf("Your password will expire in %d days.\n", + (int)(sp->sp_lstchg + sp->sp_max - today)); + } + } +} +#endif /* HAVE_SHADOW_H */ diff --git a/crypto/heimdal/appl/login/stty_default.c b/crypto/heimdal/appl/login/stty_default.c new file mode 100644 index 0000000..5e38566 --- /dev/null +++ b/crypto/heimdal/appl/login/stty_default.c @@ -0,0 +1,100 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "login_locl.h" + +RCSID("$Id: stty_default.c,v 1.8 1999/12/02 17:04:56 joda Exp $"); + +#include <termios.h> + +/* HP-UX 9.0 termios doesn't define these */ +#ifndef FLUSHO +#define FLUSHO 0 +#endif + +#ifndef XTABS +#define XTABS 0 +#endif + +#ifndef OXTABS +#define OXTABS XTABS +#endif + +/* Ultrix... */ +#ifndef ECHOPRT +#define ECHOPRT 0 +#endif + +#ifndef ECHOCTL +#define ECHOCTL 0 +#endif + +#ifndef ECHOKE +#define ECHOKE 0 +#endif + +#ifndef IMAXBEL +#define IMAXBEL 0 +#endif + +#define Ctl(x) ((x) ^ 0100) + +void +stty_default(void) +{ + struct termios termios; + + /* + * Finalize the terminal settings. Some systems default to 8 bits, + * others to 7, so we should leave that alone. + */ + tcgetattr(0, &termios); + + termios.c_iflag |= (BRKINT|IGNPAR|ICRNL|IXON|IMAXBEL); + termios.c_iflag &= ~IXANY; + + termios.c_lflag |= (ISIG|IEXTEN|ICANON|ECHO|ECHOE|ECHOK|ECHOCTL|ECHOKE); + termios.c_lflag &= ~(ECHOPRT|TOSTOP|FLUSHO); + + termios.c_oflag |= (OPOST|ONLCR); + termios.c_oflag &= ~OXTABS; + + termios.c_cc[VINTR] = Ctl('C'); + termios.c_cc[VERASE] = Ctl('H'); + termios.c_cc[VKILL] = Ctl('U'); + termios.c_cc[VEOF] = Ctl('D'); + + termios.c_cc[VSUSP] = Ctl('Z'); + + tcsetattr(0, TCSANOW, &termios); +} diff --git a/crypto/heimdal/appl/login/tty.c b/crypto/heimdal/appl/login/tty.c new file mode 100644 index 0000000..0ffea72 --- /dev/null +++ b/crypto/heimdal/appl/login/tty.c @@ -0,0 +1,70 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "login_locl.h" + +RCSID("$Id: tty.c,v 1.4 1999/12/02 17:04:56 joda Exp $"); + +/* + * Clean the tty name. Return a pointer to the cleaned version. + */ + +char * +clean_ttyname (char *tty) +{ + char *res = tty; + + if (strncmp (res, _PATH_DEV, strlen(_PATH_DEV)) == 0) + res += strlen(_PATH_DEV); + if (strncmp (res, "pty/", 4) == 0) + res += 4; + if (strncmp (res, "ptym/", 5) == 0) + res += 5; + return res; +} + +/* + * Generate a name usable as an `ut_id', typically without `tty'. + */ + +char * +make_id (char *tty) +{ + char *res = tty; + + if (strncmp (res, "pts/", 4) == 0) + res += 4; + if (strncmp (res, "tty", 3) == 0) + res += 3; + return res; +} diff --git a/crypto/heimdal/appl/login/utmp_login.c b/crypto/heimdal/appl/login/utmp_login.c new file mode 100644 index 0000000..b584326b --- /dev/null +++ b/crypto/heimdal/appl/login/utmp_login.c @@ -0,0 +1,120 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "login_locl.h" + +RCSID("$Id: utmp_login.c,v 1.17 1999/12/02 17:04:56 joda Exp $"); + +void +prepare_utmp (struct utmp *utmp, char *tty, + const char *username, const char *hostname) +{ + char *ttyx = clean_ttyname (tty); + + memset(utmp, 0, sizeof(*utmp)); + utmp->ut_time = time(NULL); + strncpy(utmp->ut_line, ttyx, sizeof(utmp->ut_line)); + strncpy(utmp->ut_name, username, sizeof(utmp->ut_name)); + +# ifdef HAVE_STRUCT_UTMP_UT_USER + strncpy(utmp->ut_user, username, sizeof(utmp->ut_user)); +# endif + +# ifdef HAVE_STRUCT_UTMP_UT_ADDR + if (hostname[0]) { + struct hostent *he; + if ((he = gethostbyname(hostname))) + memcpy(&utmp->ut_addr, he->h_addr_list[0], + sizeof(utmp->ut_addr)); + } +# endif + +# ifdef HAVE_STRUCT_UTMP_UT_HOST + strncpy(utmp->ut_host, hostname, sizeof(utmp->ut_host)); +# endif + +# ifdef HAVE_STRUCT_UTMP_UT_TYPE + utmp->ut_type = USER_PROCESS; +# endif + +# ifdef HAVE_STRUCT_UTMP_UT_PID + utmp->ut_pid = getpid(); +# endif + +# ifdef HAVE_STRUCT_UTMP_UT_ID + strncpy(utmp->ut_id, make_id(ttyx), sizeof(utmp->ut_id)); +# endif +} + +#ifdef HAVE_UTMPX_H +void utmp_login(char *tty, const char *username, const char *hostname) +{ + return; +} +#else + +/* update utmp and wtmp - the BSD way */ + +void utmp_login(char *tty, const char *username, const char *hostname) +{ + struct utmp utmp; + int fd; + + prepare_utmp (&utmp, tty, username, hostname); + +#ifdef HAVE_SETUTENT + utmpname(_PATH_UTMP); + setutent(); + pututline(&utmp); + endutent(); +#else + +#ifdef HAVE_TTYSLOT + { + int ttyno; + ttyno = ttyslot(); + if (ttyno > 0 && (fd = open(_PATH_UTMP, O_WRONLY, 0)) >= 0) { + lseek(fd, (long)(ttyno * sizeof(struct utmp)), SEEK_SET); + write(fd, &utmp, sizeof(struct utmp)); + close(fd); + } + } +#endif /* HAVE_TTYSLOT */ +#endif /* HAVE_SETUTENT */ + + if ((fd = open(_PATH_WTMP, O_WRONLY|O_APPEND, 0)) >= 0) { + write(fd, &utmp, sizeof(struct utmp)); + close(fd); + } +} +#endif /* !HAVE_UTMPX_H */ diff --git a/crypto/heimdal/appl/login/utmpx_login.c b/crypto/heimdal/appl/login/utmpx_login.c new file mode 100644 index 0000000..745d64c --- /dev/null +++ b/crypto/heimdal/appl/login/utmpx_login.c @@ -0,0 +1,89 @@ +/* Author: Wietse Venema <wietse@wzv.win.tue.nl> */ + +#include "login_locl.h" + +RCSID("$Id: utmpx_login.c,v 1.24 1999/08/04 17:03:15 assar Exp $"); + +/* utmpx_login - update utmp and wtmp after login */ + +#ifndef HAVE_UTMPX_H +int utmpx_login(char *line, const char *user, const char *host) { return 0; } +#else + +static void +utmpx_update(struct utmpx *ut, char *line, const char *user, const char *host) +{ + struct timeval tmp; + char *clean_tty = clean_ttyname(line); + + strncpy(ut->ut_line, clean_tty, sizeof(ut->ut_line)); +#ifdef HAVE_STRUCT_UTMPX_UT_ID + strncpy(ut->ut_id, make_id(clean_tty), sizeof(ut->ut_id)); +#endif + strncpy(ut->ut_user, user, sizeof(ut->ut_user)); + strncpy(ut->ut_host, host, sizeof(ut->ut_host)); +#ifdef HAVE_STRUCT_UTMPX_UT_SYSLEN + ut->ut_syslen = strlen(host) + 1; + if (ut->ut_syslen > sizeof(ut->ut_host)) + ut->ut_syslen = sizeof(ut->ut_host); +#endif + ut->ut_type = USER_PROCESS; + gettimeofday (&tmp, 0); + ut->ut_tv.tv_sec = tmp.tv_sec; + ut->ut_tv.tv_usec = tmp.tv_usec; + pututxline(ut); +#ifdef WTMPX_FILE + updwtmpx(WTMPX_FILE, ut); +#elif defined(WTMP_FILE) + { + struct utmp utmp; + int fd; + + prepare_utmp (&utmp, line, user, host); + if ((fd = open(_PATH_WTMP, O_WRONLY|O_APPEND, 0)) >= 0) { + write(fd, &utmp, sizeof(struct utmp)); + close(fd); + } + } +#endif +} + +int +utmpx_login(char *line, const char *user, const char *host) +{ + struct utmpx *ut, save_ut; + pid_t mypid = getpid(); + int ret = (-1); + + /* + * SYSV4 ttymon and login use tty port names with the "/dev/" prefix + * stripped off. Rlogind and telnetd, on the other hand, make utmpx + * entries with device names like /dev/pts/nnn. We therefore cannot use + * getutxline(). Return nonzero if no utmp entry was found with our own + * process ID for a login or user process. + */ + + while ((ut = getutxent())) { + /* Try to find a reusable entry */ + if (ut->ut_pid == mypid + && ( ut->ut_type == INIT_PROCESS + || ut->ut_type == LOGIN_PROCESS + || ut->ut_type == USER_PROCESS)) { + save_ut = *ut; + utmpx_update(&save_ut, line, user, host); + ret = 0; + break; + } + } + if (ret == -1) { + /* Grow utmpx file by one record. */ + struct utmpx newut; + memset(&newut, 0, sizeof(newut)); + newut.ut_pid = mypid; + utmpx_update(&newut, line, user, host); + ret = 0; + } + endutxent(); + return (ret); +} +#endif /* HAVE_UTMPX_H */ |
