/*
* Log failed login attempts in _PATH_BTMP if that exists.
*/
static void log_btmp(struct passwd const* pw) {
struct utmp ut;
struct timeval tv;
const char* tty_name, *tty_num;
memset(&ut, 0, sizeof(ut));
strncpy(ut.ut_user,
pw && pw->pw_name ? pw->pw_name : "(unknown)",
sizeof(ut.ut_user));
get_terminal_name(STDERR_FILENO, NULL, &tty_name, &tty_num);
if (tty_num) {
xstrncpy(ut.ut_id, tty_num, sizeof(ut.ut_id));
}
if (tty_name) {
xstrncpy(ut.ut_line, tty_name, sizeof(ut.ut_line));
}
#if defined(_HAVE_UT_TV) /* in <utmpbits.h> included by <utmp.h> */
gettimeofday(&tv, NULL);
ut.ut_tv.tv_sec = tv.tv_sec;
ut.ut_tv.tv_usec = tv.tv_usec;
#else
{
time_t t;
time(&t);
ut.ut_time = t; /* ut_time is not always a time_t */
}
#endif
ut.ut_type = LOGIN_PROCESS; /* XXX doesn't matter */
ut.ut_pid = getpid();
updwtmp(_PATH_BTMP, &ut);
}
static void
log_syslog(struct passwd const* pw, bool successful) {
const char* new_user, *old_user, *tty;
new_user = pw->pw_name;
/* The utmp entry (via getlogin) is probably the best way to identify
the user, especially if someone su's from a su-shell. */
old_user = getlogin ();
if (!old_user) {
/* getlogin can fail -- usually due to lack of utmp entry.
Resort to getpwuid. */
struct passwd* pwd = current_getpwuid();
old_user = pwd ? pwd->pw_name : "";
}
if (get_terminal_name(STDERR_FILENO, NULL, &tty, NULL) != 0 || !tty) {
tty = "none";
}
openlog (program_invocation_short_name, 0 , LOG_AUTH);
syslog (LOG_NOTICE, "%s(to %s) %s on %s",
successful ? "" :
su_mode == RUNUSER_MODE ? "FAILED RUNUSER " : "FAILED SU ",
new_user, old_user, tty);
closelog ();
}
static void init_tty(struct su_context *su)
{
su->isterm = isatty(STDIN_FILENO) ? 1 : 0;
DBG(TTY, ul_debug("initialize [is-term=%s]", su->isterm ? "true" : "false"));
if (su->isterm)
get_terminal_name(NULL, &su->tty_name, &su->tty_number);
}
static void
free_itrm(struct itrm *itrm)
{
if (!itrm) return;
if (!itrm->remote) {
if (itrm->orig_title && *itrm->orig_title) {
set_window_title(itrm->orig_title, itrm->title_codepage);
} else if (itrm->touched_title) {
/* Set the window title to the value of $TERM if X11
* wasn't compiled in. Should hopefully make at least
* half the users happy. (debian bug #312955) */
unsigned char title[MAX_TERM_LEN];
get_terminal_name(title);
if (*title)
set_window_title(title,
get_cp_index("US-ASCII"));
}
unhandle_terminal_resize(itrm->in.ctl);
#ifdef CONFIG_MOUSE
disable_mouse();
#endif
send_done_sequence(itrm->out.std, itrm->altscreen);
tcsetattr(itrm->in.ctl, TCSANOW, &itrm->t);
}
mem_free_set(&itrm->orig_title, NULL);
/* elinks -remote may not have a valid stdin if not run from a tty (bug 938) */
if (!itrm->remote || itrm->in.std >= 0) clear_handlers(itrm->in.std);
clear_handlers(itrm->in.sock);
clear_handlers(itrm->out.std);
clear_handlers(itrm->out.sock);
kill_timer(&itrm->timer);
if (itrm == ditrm) ditrm = NULL;
mem_free_if(itrm->out.queue.data);
mem_free_if(itrm->in.queue.data);
mem_free(itrm);
}
/*
* Reads the currect terminal path and initializes cxt->tty_* variables.
*/
static void init_tty(struct login_context *cxt)
{
struct stat st;
struct termios tt, ttt;
cxt->tty_mode = (mode_t) getlogindefs_num("TTYPERM", TTY_MODE);
get_terminal_name(0, &cxt->tty_path, &cxt->tty_name, &cxt->tty_number);
/*
* In case login is suid it was possible to use a hardlink as stdin
* and exploit races for a local root exploit. (Wojciech Purczynski).
*
* More precisely, the problem is ttyn := ttyname(0); ...; chown(ttyn);
* here ttyname() might return "/tmp/x", a hardlink to a pseudotty.
* All of this is a problem only when login is suid, which it isn't.
*/
if (!cxt->tty_path || !*cxt->tty_path ||
lstat(cxt->tty_path, &st) != 0 || !S_ISCHR(st.st_mode) ||
(st.st_nlink > 1 && strncmp(cxt->tty_path, "/dev/", 5)) ||
access(cxt->tty_path, R_OK | W_OK) != 0) {
syslog(LOG_ERR, _("FATAL: bad tty"));
sleepexit(EXIT_FAILURE);
}
#ifdef LOGIN_CHOWN_VCS
if (cxt->tty_number) {
/* find names of Virtual Console devices, for later mode change */
snprintf(cxt->vcsn, sizeof(cxt->vcsn), "/dev/vcs%s", cxt->tty_number);
snprintf(cxt->vcsan, sizeof(cxt->vcsan), "/dev/vcsa%s", cxt->tty_number);
}
#endif
tcgetattr(0, &tt);
ttt = tt;
ttt.c_cflag &= ~HUPCL;
if ((fchown(0, 0, 0) || fchmod(0, cxt->tty_mode)) && errno != EROFS) {
syslog(LOG_ERR, _("FATAL: %s: change permissions failed: %m"),
cxt->tty_path);
sleepexit(EXIT_FAILURE);
}
/* Kill processes left on this tty */
tcsetattr(0, TCSANOW, &ttt);
/*
* Let's close file decriptors before vhangup
* https://lkml.org/lkml/2012/6/5/145
*/
close(STDIN_FILENO);
close(STDOUT_FILENO);
close(STDERR_FILENO);
signal(SIGHUP, SIG_IGN); /* so vhangup() wont kill us */
vhangup();
signal(SIGHUP, SIG_DFL);
/* open stdin,stdout,stderr to the tty */
open_tty(cxt->tty_path);
/* restore tty modes */
tcsetattr(0, TCSAFLUSH, &tt);
}
/** Construct the struct itrm of this process, make ::ditrm point to it,
* set up select() handlers, and send the initial interlink packet.
*
* The first five parameters are file descriptors that this function
* saves in submembers of struct itrm, and for which this function may
* set select() handlers. Please see the definitions of struct
* itrm_in and struct itrm_out for further explanations.
*
* @param std_in itrm_in.std: read tty device (or pipe)
* @param std_out itrm_out.std: write tty device (or pipe)
* @param sock_in itrm_in.sock
* - If master: == @a std_out (masterhood flag)
* - If slave: read socket from master
* @param sock_out itrm_out.sock
* - If master: write pipe to same process
* - If slave: write socket to master
* @param ctl_in itrm_in.ctl: control tty device
*
* The remaining three parameters control the initial interlink packet.
*
* @param init_string A string to be passed to the master process. Need
* not be null-terminated. If @a remote == 0, this is
* a URI. Otherwise, this is a remote command.
* @param init_len The length of init_string, in bytes.
* @param remote = 0 if asking the master to start a new session
* and display it via this process. Otherwise,
* enum ::remote_session_flags. */
void
handle_trm(int std_in, int std_out, int sock_in, int sock_out, int ctl_in,
void *init_string, int init_len, int remote)
{
struct itrm *itrm;
struct terminal_info info;
struct interlink_event_size *size = &info.event.info.size;
unsigned char *ts;
memset(&info, 0, sizeof(info));
get_terminal_size(ctl_in, &size->width, &size->height);
info.event.ev = EVENT_INIT;
info.system_env = get_system_env();
info.length = init_len;
if (remote) {
info.session_info = remote;
info.magic = INTERLINK_REMOTE_MAGIC;
} else {
info.session_info = get_cmd_opt_int("base-session");
info.magic = INTERLINK_NORMAL_MAGIC;
}
itrm = mem_calloc(1, sizeof(*itrm));
if (!itrm) return;
itrm->in.queue.data = mem_calloc(1, ITRM_IN_QUEUE_SIZE);
if (!itrm->in.queue.data) {
mem_free(itrm);
return;
}
ditrm = itrm;
itrm->in.std = std_in;
itrm->out.std = std_out;
itrm->in.sock = sock_in;
itrm->out.sock = sock_out;
itrm->in.ctl = ctl_in;
itrm->timer = TIMER_ID_UNDEF;
itrm->remote = !!remote;
/* If the master does not tell which charset it's using in
* this terminal, assume it's some ISO 8859. Because that's
* what older versions of ELinks did. */
itrm->title_codepage = get_cp_index("ISO-8859-1");
/* FIXME: Combination altscreen + xwin does not work as it should,
* mouse clicks are reportedly partially ignored. */
if (info.system_env & (ENV_SCREEN | ENV_XWIN))
itrm->altscreen = 1;
if (!remote) {
if (ctl_in >= 0) setraw(itrm, 1);
send_init_sequence(std_out, itrm->altscreen);
handle_terminal_resize(ctl_in, resize_terminal);
#ifdef CONFIG_MOUSE
enable_mouse();
#endif
handle_itrm_stdin(itrm);
} else {
/* elinks -remote may not have a valid stdin if not run from a tty (bug 938) */
if (std_in >= 0) handle_itrm_stdin(itrm);
}
if (sock_in != std_out)
set_handlers(sock_in, (select_handler_T) in_sock,
NULL, (select_handler_T) free_itrm, itrm);
get_terminal_name(info.name);
ts = get_cwd();
if (ts) {
memcpy(info.cwd, ts, int_min(strlen(ts), MAX_CWD_LEN));
mem_free(ts);
}
itrm_queue_event(itrm, (char *) &info, TERMINAL_INFO_SIZE);
itrm_queue_event(itrm, (char *) init_string, init_len);
}