![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to login.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 42BSD / bin|
Return to login.c CVS log | Up to [CSRG BSD Unix] / 42BSD / bin |
1.1 ! root 1: #ifndef lint ! 2: static char *sccsid = "@(#)login.c 4.33 (Berkeley) 83/09/02"; ! 3: #endif ! 4: ! 5: /* ! 6: * login [ name ] ! 7: * login -r hostname (for rlogind) ! 8: * login -h hostname (for telnetd, etc.) ! 9: */ ! 10: ! 11: #include <sys/param.h> ! 12: #include <sys/quota.h> ! 13: #include <sys/stat.h> ! 14: #include <sys/time.h> ! 15: #include <sys/resource.h> ! 16: ! 17: #include <sgtty.h> ! 18: #include <utmp.h> ! 19: #include <signal.h> ! 20: #include <pwd.h> ! 21: #include <stdio.h> ! 22: #include <lastlog.h> ! 23: #include <errno.h> ! 24: ! 25: #define SCPYN(a, b) strncpy(a, b, sizeof(a)) ! 26: ! 27: #define NMAX sizeof(utmp.ut_name) ! 28: ! 29: #define FALSE 0 ! 30: #define TRUE -1 ! 31: ! 32: char nolog[] = "/etc/nologin"; ! 33: char qlog[] = ".hushlogin"; ! 34: char securetty[] = "/etc/securetty"; ! 35: char maildir[30] = "/usr/spool/mail/"; ! 36: char lastlog[] = "/usr/adm/lastlog"; ! 37: struct passwd nouser = {"", "nope", -1, -1, -1, "", "", "", "" }; ! 38: struct sgttyb ttyb; ! 39: struct utmp utmp; ! 40: char minusnam[16] = "-"; ! 41: /* ! 42: * This bounds the time given to login. We initialize it here ! 43: * so it can be patched on machines where it's too small. ! 44: */ ! 45: int timeout = 60; ! 46: ! 47: char homedir[64] = "HOME="; ! 48: char shell[64] = "SHELL="; ! 49: char term[64] = "TERM="; ! 50: char user[20] = "USER="; ! 51: ! 52: char *envinit[] = ! 53: { homedir, shell, "PATH=:/usr/ucb:/bin:/usr/bin", term, user, 0 }; ! 54: ! 55: struct passwd *pwd; ! 56: struct passwd *getpwnam(); ! 57: char *strcat(), *rindex(), *index(); ! 58: int setpwent(); ! 59: int timedout(); ! 60: char *ttyname(); ! 61: char *crypt(); ! 62: char *getpass(); ! 63: char *stypeof(); ! 64: extern char **environ; ! 65: extern int errno; ! 66: ! 67: struct tchars tc = { ! 68: CINTR, CQUIT, CSTART, CSTOP, CEOT, CBRK ! 69: }; ! 70: struct ltchars ltc = { ! 71: CSUSP, CDSUSP, CRPRNT, CFLUSH, CWERASE, CLNEXT ! 72: }; ! 73: ! 74: int rflag; ! 75: char rusername[NMAX+1], lusername[NMAX+1]; ! 76: char rpassword[NMAX+1]; ! 77: char name[NMAX+1]; ! 78: char *rhost; ! 79: ! 80: main(argc, argv) ! 81: char *argv[]; ! 82: { ! 83: register char *namep; ! 84: int t, f, c, i; ! 85: int invalid, quietlog; ! 86: FILE *nlfd; ! 87: char *ttyn; ! 88: int ldisc = 0, zero = 0; ! 89: ! 90: signal(SIGALRM, timedout); ! 91: alarm(timeout); ! 92: signal(SIGQUIT, SIG_IGN); ! 93: signal(SIGINT, SIG_IGN); ! 94: setpriority(PRIO_PROCESS, 0, 0); ! 95: quota(Q_SETUID, 0, 0, 0); ! 96: /* ! 97: * -r is used by rlogind to cause the autologin protocol; ! 98: * -h is used by other servers to pass the name of the ! 99: * remote host to login so that it may be placed in utmp and wtmp ! 100: */ ! 101: if (argc > 1) { ! 102: if (strcmp(argv[1], "-r") == 0) { ! 103: rflag = doremotelogin(argv[2]); ! 104: SCPYN(utmp.ut_host, argv[2]); ! 105: argc = 0; ! 106: } ! 107: if (strcmp(argv[1], "-h") == 0 && getuid() == 0) { ! 108: SCPYN(utmp.ut_host, argv[2]); ! 109: argc = 0; ! 110: } ! 111: } ! 112: ioctl(0, TIOCLSET, &zero); ! 113: ioctl(0, TIOCNXCL, 0); ! 114: ioctl(0, FIONBIO, &zero); ! 115: ioctl(0, FIOASYNC, &zero); ! 116: ioctl(0, TIOCGETP, &ttyb); ! 117: /* ! 118: * If talking to an rlogin process, ! 119: * propagate the terminal type and ! 120: * baud rate across the network. ! 121: */ ! 122: if (rflag) ! 123: doremoteterm(term, &ttyb); ! 124: ioctl(0, TIOCSLTC, <c); ! 125: ioctl(0, TIOCSETC, &tc); ! 126: ioctl(0, TIOCSETP, &ttyb); ! 127: for (t = getdtablesize(); t > 3; t--) ! 128: close(t); ! 129: ttyn = ttyname(0); ! 130: if (ttyn==(char *)0) ! 131: ttyn = "/dev/tty??"; ! 132: do { ! 133: ldisc = 0; ! 134: ioctl(0, TIOCSETD, &ldisc); ! 135: invalid = FALSE; ! 136: SCPYN(utmp.ut_name, ""); ! 137: /* ! 138: * Name specified, take it. ! 139: */ ! 140: if (argc > 1) { ! 141: SCPYN(utmp.ut_name, argv[1]); ! 142: argc = 0; ! 143: } ! 144: /* ! 145: * If remote login take given name, ! 146: * otherwise prompt user for something. ! 147: */ ! 148: if (rflag) { ! 149: SCPYN(utmp.ut_name, lusername); ! 150: /* autologin failed, prompt for passwd */ ! 151: if (rflag == -1) ! 152: rflag = 0; ! 153: } else ! 154: getloginname(&utmp); ! 155: if (!strcmp(pwd->pw_shell, "/bin/csh")) { ! 156: ldisc = NTTYDISC; ! 157: ioctl(0, TIOCSETD, &ldisc); ! 158: } ! 159: /* ! 160: * If no remote login authentication and ! 161: * a password exists for this user, prompt ! 162: * for one and verify it. ! 163: */ ! 164: if (!rflag && *pwd->pw_passwd != '\0') { ! 165: char *pp; ! 166: ! 167: setpriority(PRIO_PROCESS, 0, -4); ! 168: pp = getpass("Password:"); ! 169: namep = crypt(pp, pwd->pw_passwd); ! 170: setpriority(PRIO_PROCESS, 0, 0); ! 171: if (strcmp(namep, pwd->pw_passwd)) ! 172: invalid = TRUE; ! 173: } ! 174: /* ! 175: * If user not super-user, check for logins disabled. ! 176: */ ! 177: if (pwd->pw_uid != 0 && (nlfd = fopen(nolog, "r")) > 0) { ! 178: while ((c = getc(nlfd)) != EOF) ! 179: putchar(c); ! 180: fflush(stdout); ! 181: sleep(5); ! 182: exit(0); ! 183: } ! 184: /* ! 185: * If valid so far and root is logging in, ! 186: * see if root logins on this terminal are permitted. ! 187: */ ! 188: if (!invalid && pwd->pw_uid == 0 && ! 189: !rootterm(ttyn+sizeof("/dev/")-1)) { ! 190: logerr("ROOT LOGIN REFUSED %s", ! 191: ttyn+sizeof("/dev/")-1); ! 192: invalid = TRUE; ! 193: } ! 194: if (invalid) { ! 195: printf("Login incorrect\n"); ! 196: if (ttyn[sizeof("/dev/tty")-1] == 'd') ! 197: logerr("BADDIALUP %s %s", ! 198: ttyn+sizeof("/dev/")-1, utmp.ut_name); ! 199: } ! 200: if (*pwd->pw_shell == '\0') ! 201: pwd->pw_shell = "/bin/sh"; ! 202: i = strlen(pwd->pw_shell); ! 203: if (chdir(pwd->pw_dir) < 0 && !invalid ) { ! 204: if (chdir("/") < 0) { ! 205: printf("No directory!\n"); ! 206: invalid = TRUE; ! 207: } else { ! 208: printf("No directory! %s\n", ! 209: "Logging in with home=/"); ! 210: pwd->pw_dir = "/"; ! 211: } ! 212: } ! 213: /* ! 214: * Remote login invalid must have been because ! 215: * of a restriction of some sort, no extra chances. ! 216: */ ! 217: if (rflag && invalid) ! 218: exit(1); ! 219: } while (invalid); ! 220: /* committed to login turn off timeout */ ! 221: alarm(0); ! 222: ! 223: if (quota(Q_SETUID, pwd->pw_uid, 0, 0) < 0) { ! 224: if (errno == EUSERS) ! 225: printf("%s.\n%s.\n", ! 226: "Too many users logged on already", ! 227: "Try again later"); ! 228: else if (errno == EPROCLIM) ! 229: printf("You have too many processes running.\n"); ! 230: else ! 231: perror("setuid"); ! 232: sleep(5); ! 233: exit(0); ! 234: } ! 235: time(&utmp.ut_time); ! 236: t = ttyslot(); ! 237: if (t > 0 && (f = open("/etc/utmp", 1)) >= 0) { ! 238: lseek(f, (long)(t*sizeof(utmp)), 0); ! 239: SCPYN(utmp.ut_line, rindex(ttyn, '/')+1); ! 240: write(f, (char *)&utmp, sizeof(utmp)); ! 241: close(f); ! 242: } ! 243: if (t > 0 && (f = open("/usr/adm/wtmp", 1)) >= 0) { ! 244: lseek(f, 0L, 2); ! 245: write(f, (char *)&utmp, sizeof(utmp)); ! 246: close(f); ! 247: } ! 248: quietlog = access(qlog, 0) == 0; ! 249: if ((f = open(lastlog, 2)) >= 0) { ! 250: struct lastlog ll; ! 251: ! 252: lseek(f, (long)pwd->pw_uid * sizeof (struct lastlog), 0); ! 253: if (read(f, (char *) &ll, sizeof ll) == sizeof ll && ! 254: ll.ll_time != 0 && !quietlog) { ! 255: printf("Last login: %.*s ", ! 256: 24-5, (char *)ctime(&ll.ll_time)); ! 257: if (*ll.ll_host != '\0') ! 258: printf("from %.*s\n", ! 259: sizeof (ll.ll_host), ll.ll_host); ! 260: else ! 261: printf("on %.*s\n", ! 262: sizeof (ll.ll_line), ll.ll_line); ! 263: } ! 264: lseek(f, (long)pwd->pw_uid * sizeof (struct lastlog), 0); ! 265: time(&ll.ll_time); ! 266: SCPYN(ll.ll_line, rindex(ttyn, '/')+1); ! 267: SCPYN(ll.ll_host, utmp.ut_host); ! 268: write(f, (char *) &ll, sizeof ll); ! 269: close(f); ! 270: } ! 271: chown(ttyn, pwd->pw_uid, pwd->pw_gid); ! 272: chmod(ttyn, 0622); ! 273: setgid(pwd->pw_gid); ! 274: strncpy(name, utmp.ut_name, NMAX); ! 275: name[NMAX] = '\0'; ! 276: initgroups(name, pwd->pw_gid); ! 277: quota(Q_DOWARN, pwd->pw_uid, (dev_t)-1, 0); ! 278: setuid(pwd->pw_uid); ! 279: environ = envinit; ! 280: strncat(homedir, pwd->pw_dir, sizeof(homedir)-6); ! 281: strncat(shell, pwd->pw_shell, sizeof(shell)-7); ! 282: if (term[strlen("TERM=")] == 0) ! 283: strncat(term, stypeof(ttyn), sizeof(term)-6); ! 284: strncat(user, pwd->pw_name, sizeof(user)-6); ! 285: if ((namep = rindex(pwd->pw_shell, '/')) == NULL) ! 286: namep = pwd->pw_shell; ! 287: else ! 288: namep++; ! 289: strcat(minusnam, namep); ! 290: umask(022); ! 291: if (ttyn[sizeof("/dev/tty")-1] == 'd') ! 292: logerr("DIALUP %s %s", ! 293: ttyn+sizeof("/dev/")-1, pwd->pw_name); ! 294: if (!quietlog) { ! 295: showmotd(); ! 296: strcat(maildir, pwd->pw_name); ! 297: if (access(maildir,4)==0) { ! 298: struct stat statb; ! 299: stat(maildir, &statb); ! 300: if (statb.st_size) ! 301: printf("You have mail.\n"); ! 302: } ! 303: } ! 304: signal(SIGALRM, SIG_DFL); ! 305: signal(SIGQUIT, SIG_DFL); ! 306: signal(SIGINT, SIG_DFL); ! 307: signal(SIGTSTP, SIG_IGN); ! 308: execlp(pwd->pw_shell, minusnam, 0); ! 309: perror(pwd->pw_shell); ! 310: printf("No shell\n"); ! 311: exit(0); ! 312: } ! 313: ! 314: getloginname(up) ! 315: register struct utmp *up; ! 316: { ! 317: register char *namep; ! 318: char c; ! 319: ! 320: while (up->ut_name[0] == '\0') { ! 321: namep = up->ut_name; ! 322: printf("login: "); ! 323: while ((c = getchar()) != '\n') { ! 324: if (c == ' ') ! 325: c = '_'; ! 326: if (c == EOF) ! 327: exit(0); ! 328: if (namep < up->ut_name+NMAX) ! 329: *namep++ = c; ! 330: } ! 331: } ! 332: strncpy(lusername, up->ut_name, NMAX); ! 333: lusername[NMAX] = 0; ! 334: setpwent(); ! 335: if ((pwd = getpwnam(lusername)) == NULL) ! 336: pwd = &nouser; ! 337: endpwent(); ! 338: } ! 339: ! 340: timedout() ! 341: { ! 342: ! 343: printf("Login timed out after %d seconds\n", timeout); ! 344: exit(0); ! 345: } ! 346: ! 347: int stopmotd; ! 348: catch() ! 349: { ! 350: ! 351: signal(SIGINT, SIG_IGN); ! 352: stopmotd++; ! 353: } ! 354: ! 355: rootterm(tty) ! 356: char *tty; ! 357: { ! 358: register FILE *fd; ! 359: char buf[100]; ! 360: ! 361: if ((fd = fopen(securetty, "r")) == NULL) ! 362: return(1); ! 363: while (fgets(buf, sizeof buf, fd) != NULL) { ! 364: buf[strlen(buf)-1] = '\0'; ! 365: if (strcmp(tty, buf) == 0) { ! 366: fclose(fd); ! 367: return(1); ! 368: } ! 369: } ! 370: fclose(fd); ! 371: return(0); ! 372: } ! 373: ! 374: showmotd() ! 375: { ! 376: FILE *mf; ! 377: register c; ! 378: ! 379: signal(SIGINT, catch); ! 380: if ((mf = fopen("/etc/motd","r")) != NULL) { ! 381: while ((c = getc(mf)) != EOF && stopmotd == 0) ! 382: putchar(c); ! 383: fclose(mf); ! 384: } ! 385: signal(SIGINT, SIG_IGN); ! 386: } ! 387: ! 388: #undef UNKNOWN ! 389: #define UNKNOWN "su" ! 390: ! 391: char * ! 392: stypeof(ttyid) ! 393: char *ttyid; ! 394: { ! 395: static char typebuf[16]; ! 396: char buf[50]; ! 397: register FILE *f; ! 398: register char *p, *t, *q; ! 399: ! 400: if (ttyid == NULL) ! 401: return (UNKNOWN); ! 402: f = fopen("/etc/ttytype", "r"); ! 403: if (f == NULL) ! 404: return (UNKNOWN); ! 405: /* split off end of name */ ! 406: for (p = q = ttyid; *p != 0; p++) ! 407: if (*p == '/') ! 408: q = p + 1; ! 409: ! 410: /* scan the file */ ! 411: while (fgets(buf, sizeof buf, f) != NULL) { ! 412: for (t = buf; *t != ' ' && *t != '\t'; t++) ! 413: ; ! 414: *t++ = 0; ! 415: while (*t == ' ' || *t == '\t') ! 416: t++; ! 417: for (p = t; *p > ' '; p++) ! 418: ; ! 419: *p = 0; ! 420: if (strcmp(q,t) == 0) { ! 421: strcpy(typebuf, buf); ! 422: fclose(f); ! 423: return (typebuf); ! 424: } ! 425: } ! 426: fclose (f); ! 427: return (UNKNOWN); ! 428: } ! 429: ! 430: doremotelogin(host) ! 431: char *host; ! 432: { ! 433: FILE *hostf; ! 434: int first = 1; ! 435: ! 436: getstr(rusername, sizeof (rusername), "remuser"); ! 437: getstr(lusername, sizeof (lusername), "locuser"); ! 438: getstr(term+5, sizeof(term)-5, "Terminal type"); ! 439: if (getuid()) { ! 440: pwd = &nouser; ! 441: goto bad; ! 442: } ! 443: setpwent(); ! 444: pwd = getpwnam(lusername); ! 445: endpwent(); ! 446: if (pwd == NULL) { ! 447: pwd = &nouser; ! 448: goto bad; ! 449: } ! 450: hostf = pwd->pw_uid ? fopen("/etc/hosts.equiv", "r") : 0; ! 451: again: ! 452: if (hostf) { ! 453: char ahost[32]; ! 454: ! 455: while (fgets(ahost, sizeof (ahost), hostf)) { ! 456: char *user; ! 457: ! 458: if ((user = index(ahost, '\n')) != 0) ! 459: *user++ = '\0'; ! 460: if ((user = index(ahost, ' ')) != 0) ! 461: *user++ = '\0'; ! 462: if (!strcmp(host, ahost) && ! 463: !strcmp(rusername, user ? user : lusername)) { ! 464: fclose(hostf); ! 465: return (1); ! 466: } ! 467: } ! 468: fclose(hostf); ! 469: } ! 470: if (first == 1) { ! 471: char *rhosts = ".rhosts"; ! 472: struct stat sbuf; ! 473: ! 474: first = 0; ! 475: if (chdir(pwd->pw_dir) < 0) ! 476: goto again; ! 477: if (lstat(rhosts, &sbuf) < 0) ! 478: goto again; ! 479: if ((sbuf.st_mode & S_IFMT) == S_IFLNK) { ! 480: printf("login: .rhosts is a soft link.\r\n"); ! 481: goto bad; ! 482: } ! 483: hostf = fopen(rhosts, "r"); ! 484: fstat(fileno(hostf), &sbuf); ! 485: if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid) { ! 486: printf("login: Bad .rhosts ownership.\r\n"); ! 487: fclose(hostf); ! 488: goto bad; ! 489: } ! 490: goto again; ! 491: } ! 492: bad: ! 493: return (-1); ! 494: } ! 495: ! 496: getstr(buf, cnt, err) ! 497: char *buf; ! 498: int cnt; ! 499: char *err; ! 500: { ! 501: char c; ! 502: ! 503: do { ! 504: if (read(0, &c, 1) != 1) ! 505: exit(1); ! 506: if (--cnt < 0) { ! 507: printf("%s too long\r\n", err); ! 508: exit(1); ! 509: } ! 510: *buf++ = c; ! 511: } while (c != 0); ! 512: } ! 513: ! 514: char *speeds[] = ! 515: { "0", "50", "75", "110", "134", "150", "200", "300", ! 516: "600", "1200", "1800", "2400", "4800", "9600", "19200", "38400" }; ! 517: #define NSPEEDS (sizeof (speeds) / sizeof (speeds[0])) ! 518: ! 519: doremoteterm(term, tp) ! 520: char *term; ! 521: struct sgttyb *tp; ! 522: { ! 523: char *cp = index(term, '/'); ! 524: register int i; ! 525: ! 526: if (cp) { ! 527: *cp++ = 0; ! 528: for (i = 0; i < NSPEEDS; i++) ! 529: if (!strcmp(speeds[i], cp)) { ! 530: tp->sg_ispeed = tp->sg_ospeed = i; ! 531: break; ! 532: } ! 533: } ! 534: tp->sg_flags = ECHO|CRMOD|ANYP|XTABS; ! 535: } ! 536: ! 537: logerr(fmt, a1, a2, a3) ! 538: char *fmt, *a1, *a2, *a3; ! 539: { ! 540: #ifdef LOGERR ! 541: FILE *cons = fopen("/dev/console", "w"); ! 542: ! 543: if (cons != NULL) { ! 544: fprintf(cons, fmt, a1, a2, a3); ! 545: fprintf(cons, "\n\r"); ! 546: fclose(cons); ! 547: } ! 548: #endif ! 549: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.