static void copy_gecos(const struct passwd *w, char *name, size_t sz) { char *src, *dst; size_t len, nlen; nlen = strlen(w->pw_name); /* Traditionally GECOS field had office phone numbers etc, separated * with commas. Also & stands for capitalized form of the login name. */ for (len = 0, dst = name, src = get_gecos(w); len < sz; src++) { int ch = *src; if (ch != '&') { *dst++ = ch; if (ch == 0 || ch == ',') break; len++; continue; } if (len + nlen < sz) { /* Sorry, Mr. McDonald... */ *dst++ = toupper(*w->pw_name); memcpy(dst, w->pw_name + 1, nlen - 1); dst += nlen - 1; len += nlen; } } if (len < sz) name[len] = 0; else die("Your parents must have hated you!"); }
static void copy_gecos(const struct passwd *w, struct strbuf *name) { char *src; /* Traditionally GECOS field had office phone numbers etc, separated * with commas. Also & stands for capitalized form of the login name. */ for (src = get_gecos(w); *src && *src != ','; src++) { int ch = *src; if (ch != '&') strbuf_addch(name, ch); else { /* Sorry, Mr. McDonald... */ strbuf_addch(name, toupper(*w->pw_name)); strbuf_addstr(name, w->pw_name + 1); } } }
static char *rewrite_from(const char *oldfrom, const char *newuser, const char *newhost, const char *newname) { struct rfc822t *rfct; struct rfc822a *rfca; struct rfc822t *usert, *hostt, *namet; struct rfc822token attoken, **tp; char *p; const char *q; char *gecosname=0; if (!oldfrom) { char *p=courier_malloc( (newuser ? strlen(newuser):0)+ (newhost ? strlen(newhost):0)+4); strcpy(p, "<"); if (newuser) strcat(p, newuser); if (newuser && newhost) strcat(strcat(p, "@"), newhost); strcat(p, ">"); if (newname) { char *q, *r; namet=tokenize_name(newname); q=rfc822_gettok(namet->tokens); rfc822t_free(namet); r=courier_malloc(strlen(p)+strlen(q)+2); strcat(strcat(strcpy(r, q), " "), p); free(p); p=r; free(q); } return (p); } if ((rfct=rfc822t_alloc_new(oldfrom, NULL, NULL)) == 0 || (rfca=rfc822a_alloc(rfct)) == 0) { clog_msg_errno(); return(0); } if ((q=env("MAILNAME")) || (q=env("NAME"))) newname=q; if (!newname && rfca->naddrs == 0) newname=gecosname=get_gecos(); if ((rfca->naddrs == 0 || rfca->addrs[0].tokens == 0) && newuser == 0) { struct passwd *pw=mypwd(); if (pw) newuser=pw->pw_name; } namet=newname ? tokenize_name(newname):0; usert=newuser ? rw_rewrite_tokenize(newuser):0; hostt=newhost ? rw_rewrite_tokenize(newhost):0; if (rfca->naddrs == 0 || rfca->addrs[0].tokens == 0) { struct rfc822addr a; struct rfc822a fakea; if (hostt) { struct rfc822token *t; attoken.token='@'; attoken.next=hostt->tokens; attoken.ptr=0; attoken.len=0; for (t=usert->tokens; t->next; t=t->next) ; t->next=&attoken; } fakea.naddrs=1; fakea.addrs= &a; if (!namet) namet=tokenize_name(""); if (!usert) usert=rw_rewrite_tokenize(""); a.name=namet->tokens; a.tokens=usert->tokens; p=rfc822_getaddrs(&fakea); } else { struct rfc822token *t, *u; rfca->naddrs=1; if (usert) { for (t=rfca->addrs[0].tokens; t; t=t->next) if (t->token == '@') break; for (u=usert->tokens; u->next; u=u->next) ; u->next=t; rfca->addrs[0].tokens=usert->tokens;; } if (hostt && rfca->addrs[0].tokens) { for (tp= &rfca->addrs[0].tokens; *tp; tp= &(*tp)->next) if ( (*tp)->token == '@') break; *tp=&attoken; attoken.token='@'; attoken.next=hostt->tokens; attoken.ptr=0; attoken.len=0; } if (namet) rfca->addrs[0].name=namet->tokens; p=rfc822_getaddrs(rfca); } if (!p) clog_msg_errno(); if (usert) rfc822t_free(usert); if (hostt) rfc822t_free(hostt); if (namet) rfc822t_free(namet); rfc822t_free(rfct); rfc822a_free(rfca); if (gecosname) free(gecosname); return (p); }
static void rewrite_headers(const char *From) { int seen_from=0; char headerbuf[5000]; int c, i; const char *mailuser, *mailuser2, *mailhost; char *p; char *pfrom=From ? strcpy(courier_malloc(strlen(From)+1), From):0; if ((mailuser=env("MAILUSER")) == 0 && (mailuser=env("LOGNAME")) == 0) mailuser=env("USER"); mailuser2=env("MAILUSER"); mailhost=env("MAILHOST"); while (fgets(headerbuf, sizeof(headerbuf), stdin)) { char *p=strchr(headerbuf, '\n'); if (p) { *p=0; if (p == headerbuf || strcmp(headerbuf, "\r") == 0) break; } #if HAVE_STRNCASECMP if (strncasecmp(headerbuf, "from:", 5)) #else if (strnicmp(headerbuf, "from:", 5)) #endif { fprintf(submit_to, "%s", headerbuf); if (!p) while ((c=getchar()) != EOF && c != '\n') putc(c, submit_to); putc('\n', submit_to); continue; } if (!p) while ((c=getchar()) != EOF && c != '\n') ; /* I don't care */ if (seen_from) continue; /* Screwit */ seen_from=1; i=strlen(headerbuf); for (;;) { c=getchar(); if (c != EOF) ungetc(c, stdin); if (c == EOF || c == '\r' || c == '\n') break; if (!isspace((int)(unsigned char)c)) break; while ((c=getchar()) != EOF && c != '\n') { if (i < sizeof(headerbuf)-1) headerbuf[i++]=c; } headerbuf[i]=0; } p=rewrite_from(headerbuf+5, mailuser2, mailhost, pfrom); fprintf(submit_to, "From: %s\n", p); free(p); } if (!seen_from) { if (!mailuser) { struct passwd *pw=mypwd(); mailuser=pw ? pw->pw_name:"nobody"; } if (!pfrom) { if ( !(From=env("MAILNAME")) && !(From=env("NAME"))) { pfrom=get_gecos(); } else pfrom=strcpy(courier_malloc(strlen(From)+1), From); } p=rewrite_from(NULL, mailuser, mailhost, pfrom); fprintf(submit_to, "From: %s\n", p); free(p); } putc('\n', submit_to); if (pfrom) free(pfrom); }
void auth_log(Authctxt *authctxt, int authenticated, char *method, char *info) { void (*authlog) (const char *fmt,...) = verbose; void (*final_authlog) (const char *fmt,...) = logit_notice; char *authmsg; char *gecos = NULL; int is_none_first_failure = 0; if (use_privsep && !mm_is_monitor() && !authctxt->postponed) return; /* * Avoid unhelpful messages about "Failed none", which happen * because the infrastructure always first tries to see if * logging in with an empty password will work. */ if (authenticated == 0 && !(authctxt->postponed) && authctxt->failures == 0 && strcmp(method, "none") == 0) { is_none_first_failure = 1; authlog = debug; final_authlog = debug; } /* Raise logging level */ else if (authenticated == 1 || !authctxt->valid || authctxt->failures >= AUTH_FAIL_LOG || strcmp(method, "password") == 0) authlog = logit; if (authctxt->postponed) authmsg = "Postponed"; else authmsg = authenticated ? "Accepted" : "Failed"; if (authctxt->valid || aaa_log_unknown_usernames_flag) { (*authlog)("%s %s for %s%.100s from %.200s port %d%s", authmsg, method, authctxt->valid ? "" : "unknown user ", authctxt->user, get_remote_ipaddr(), get_remote_port(), info); } else { debug("%s %s for %s%.100s from %.200s port %d%s", authmsg, method, authctxt->valid ? "" : "unknown user ", authctxt->user, get_remote_ipaddr(), get_remote_port(), info); (*authlog)("%s %s for unknown user from %.200s port %d%s", authmsg, method, get_remote_ipaddr(), get_remote_port(), info); } if (!(authctxt->postponed)) { gecos = get_gecos(authctxt->user); if (authenticated) { (*final_authlog)("%s %s%s logged in via%s from %s", authctxt->valid ? "User" : "Unknown user", authctxt->user, gecos ? gecos : "", info, get_remote_ipaddr()); } else { if (authctxt->valid || aaa_log_unknown_usernames_flag) { (*final_authlog)("%s %s%s failed to login via%s from %s", authctxt->valid ? "User" : "Unknown user", authctxt->user, gecos ? gecos : "", info, get_remote_ipaddr()); } else { debug("%s %s%s failed to login via%s from %s", authctxt->valid ? "User" : "Unknown user", authctxt->user, gecos ? gecos : "", info, get_remote_ipaddr()); (*final_authlog)("Unknown user failed to login via%s from %s", info, get_remote_ipaddr()); } } if (gecos) { free(gecos); } } #ifdef CUSTOM_FAILED_LOGIN if (authenticated == 0 && !authctxt->postponed && !is_none_first_failure && (strcmp(method, "password") == 0 || strncmp(method, "keyboard-interactive", 20) == 0 || strcmp(method, "challenge-response") == 0)) record_failed_login(authctxt->user, get_canonical_hostname(options.use_dns), "ssh"); #endif }