Home | History | Annotate | Download | only in login
History log of /src/usr.bin/login/login.c
RevisionDateAuthorComments
 1.105  12-Nov-2014  aymeric Remove the syslogging of a dial out login warning based on the tty name, because
the test is sloppy and doesn't correspond to the current naming anyway.
OK gdt@
PR#377 can remain closed.
 1.104  16-Mar-2014  dholland branches: 1.104.4;
Fix gcc48 build without Kerberos.

While here, rectify related bug where if gethostname() failed, login
would null-terminate uninitialized stack trash and cheerfully pass it
on to kerberos. In this case, revert to "amnesiac" instead.
 1.103  29-Apr-2012  wiz branches: 1.103.2;
Add some noreturn attributes for clang.
 1.102  23-Apr-2012  christos don't abuse the instance variable
 1.101  23-Apr-2012  christos make kerberos work again:
1. make notickets external
2. don't use the tty as part of the credential cache, since pts/1 will not work.
3. Attempt to use the newer functions, but punt for now since it does not work yet.
 1.100  23-Apr-2012  christos fix the USE_KERBEROS=no USE_PAM=no build.
 1.99  22-Apr-2012  christos make krb5 compile again. XXX: one function left that is deprecated, what's
the new equivalent?
 1.98  31-Aug-2011  plunky branches: 1.98.2; 1.98.4;
NULL does not need a cast
 1.97  29-Dec-2009  christos PR/42540: Ed Ravin: /usr/bin/login does not log normal logins, and does not
log ip addresses.
- Factor out the common code in login.c and login_pam.c into common.c
- Always log a login event
- Check passed in sockaddr against the one from getpeername(2).
 1.96  21-Jul-2008  lukem Remove the \n and tabs from the __COPYRIGHT() strings.
Tweak to use a consistent format.
 1.95  09-May-2007  christos branches: 1.95.12;
PR/36294: De Zeurkous: login(1) -- inconsistent exit behavior on EOF
- Always EXIT_FAILURE when login fails.
- Cleanup fork code in krb5 (old login).
 1.94  17-Jan-2007  hubertf Remove duplicate #includes
From Slava Semushin <slava.semushin@gmail.com>, via private mail
 1.93  07-Jan-2007  isaki Correct indent. It's important around many #ifdefs.
 1.92  20-May-2006  mrg s/0/NULL/ for execl*'s last argument.
 1.91  06-Apr-2006  simonb branches: 1.91.2;
Use TABs instead of spaces.
 1.90  26-Mar-2006  hubertf Remove unused variable 'salt'
Found by code inspection in one of my classes, not via Coverity :)

OK'd by christos
 1.89  23-Mar-2006  wiz Get rid of more Kerberos 4 code.
 1.88  08-Mar-2006  jnemeth PR/23616: Christian Biere: login might not back-off as expected
 1.87  06-Mar-2006  jnemeth PR/31059: Zafer Aydogan: login too verbose

Don't display a different message for root login on insecure terminal.

Approved by christos@.
 1.86  19-Feb-2006  christos PR/32873: Johan Veenhuizen: login(1) does not initialize lastlogx struct
properly
 1.85  19-Feb-2006  christos PR/32870: Johan Veenhuizen: login(1) does not obey .hushlogin
 1.84  29-Mar-2005  jmmv Add a colon before %m in calls to syslog(3) for consistency with other
messages in this same file and in many other tools.
 1.83  20-Mar-2005  tron Make S/Key prompt compliant with RFC 2289. Patch supplied by Dave Huang
in PR bin/23167.
 1.82  28-Feb-2005  christos branches: 1.82.2;
- use F_CLOSEM instead of walking the fd list
- determine pty name properly for ptyfs ptys
- use setproctitle(NULL) to kill our args
 1.81  20-Jan-2005  xtraeme Kill __P(), ANSIfy, remove main() prototype, whitespace; WARNS=2
 1.80  12-Jan-2005  xtraeme Kill __P() and ANSIfy, ok christos.
 1.79  14-Nov-2004  christos Add a -a option to pass the host address of the host we logged in from in
addition to the host name. This option is needed by programs suchs as
telnetd, because at the point they invoke login, they already have opened
a pty, and the stdin of login is no longer the socket connected to the
remote host. In addition don't chop the hostname up to the first dot if
the domain matches. These practices are 70's fashion and they only serve
to lose information. These days we have long enough fields in utmpx and
wtmpx to store the full names.
 1.78  13-Jul-2004  wiz Use getprogname(); add -F to usage. From Kouichirou Hiratsuka in PR 26222.
 1.77  05-Jan-2004  lukem branches: 1.77.2; 1.77.4; 1.77.6;
Generate the copyright string from sys/conf/copyright rather than
replicating it here. Idea from Simon Burge.
 1.76  01-Jan-2004  mycroft Welcome to 2004!
 1.75  16-Oct-2003  itojun snprintf() terminates string with \0, so there's no need for "sizeof(x)-1".
 1.74  26-Aug-2003  wiz Make getlastlogx have the pathname to the lastlogx database as first
argument, to be consistent with updlastlogx.

Approved by christos, reviewed by kleink.

[The lastlogxname function should not be used any longer.]
 1.73  07-Aug-2003  agc Move UCB-licensed code from 4-clause to 3-clause licence.

Patches provided by Joel Baker in PR 22365, verified by myself.
 1.72  01-Jan-2003  mycroft Update copyright notice.
 1.71  16-Nov-2002  itojun use strlcpy
 1.70  25-Sep-2002  itojun disallow users from alter log file entries by using "login foo".
from xs@kittenz.org
 1.69  20-Sep-2002  itojun make sure to use %s on printf format string. xs@kittenz.org
 1.68  30-Jul-2002  itojun remove debugging message leftover
 1.67  27-Jul-2002  christos make this compile without SUPPORT_UTMPX
 1.66  27-Jul-2002  christos Factor out the utmp/wtmp/lastlog updating and add utmpx/wtmpx/lastlogx updating.
Both are turned on for now.
 1.65  01-Jan-2002  perry branches: 1.65.2;
Happy New Year!
 1.64  16-Jan-2001  cgd comment or delete text after CPP directives.
 1.63  10-Jan-2001  lukem LOG_ODELAY is deprecated. use LOG_ERR for fatal errors
 1.62  01-Jan-2001  thorpej Happy new year!
 1.61  02-Aug-2000  thorpej Don't syslog that krb5_init_context() failed if it failed due
to Kerberos not being configured on the system.
 1.60  02-Aug-2000  thorpej If neither Kerberos IV or Kerberos V are configured, don't
issue "Warning: no Kerberos tickets issued."
 1.59  28-Jul-2000  thorpej skey_keyinfo() returns const.
 1.58  02-Jun-2000  aidan branches: 1.58.2;
Backout login_get_kconf function, because it breaks crypto-intl builds.
Keep the variables for setting default behaviour with krb4 and krb5
compiled in, even though they act like constants, to facilitate adding
another preference mechanism later.
 1.57  30-May-2000  aidan Allow krb5 and krb4 to be compiled in to the same login binary at once,
krb5 can request a forwardable TGT,
can get both krb4 and krb5 tickets, if explicitely configured to do so
by the krb5.conf.
 1.56  07-Mar-2000  enami branches: 1.56.2;
- For root, if ignorenologin is set in login.conf, don't call
checknologin (previously, checknologin is called if ignorenologin is set).
- For non-root user, make ignorenologin take effect.
 1.55  07-Mar-2000  enami Cosmetic changes.
 1.54  14-Feb-2000  aidan Move include/kerberosIV/com_err.h to include/com_err.h.
 1.53  04-Feb-2000  mjl Add login_getpwclass to libutil as convenience function for
programs originally for FreeBSD.
Add parsing of "setenv" parameter which can be used to set
up an initial environment on login.
 1.52  22-Jan-2000  mjl Removed some fallback cases since that is now done in libutil.
 1.51  13-Jan-2000  mjl Clean up changes a bit.
 1.50  13-Jan-2000  mjl Re-enable login_cap processing, now that a non-existing login.conf
won't make it crash. Also make it less noisy in that case.
 1.49  13-Jan-2000  mjl Ack. Disable login caps, until problems are fixed.
 1.48  13-Jan-2000  mjl Add login.conf capability setting.
 1.47  07-Jan-2000  billc copyright year change (thanks cgd) so we emit , 2000 now.
 1.46  05-Dec-1999  aidan Made login continue without kerberos when there is no krb5.conf present
(and KERBEROS5 is defined).
 1.45  25-Aug-1999  christos branches: 1.45.4;
make this compile....
 1.44  12-Jul-1999  aidan Kerberos5 changes to login -- now supports forwarded TGTs.
 1.43  15-Jun-1999  christos Don't declare login here. It is declared in <util.h>
 1.42  11-Jan-1999  kim branches: 1.42.2;
Show year of last login.
 1.41  06-Jan-1999  lukem add copyright 1999
 1.40  25-Aug-1998  ross Add { and } to shut up egcs. Reformat the more questionable code.
 1.39  26-Jul-1998  mycroft const poisoning.
 1.38  11-Jul-1998  mrg do _NOT_ use system(3) in setuid programs. KNF.
 1.37  06-Jul-1998  mrg - use an array MAXHOSTNAMELEN+1 size to hold hostnames
- ensure hostname from gethostname() is nul-terminated in all cases
- minor KNF
- use MAXHOSTNAMELEN over various other values/defines
- be safe will buffers that hold hostnames
 1.36  02-Apr-1998  kleink Need <time.h> for ctime() and time() prototypes.
 1.35  16-Jan-1998  hubertf Also save groups before chdir($HOME). This fixes a problem pointed
out by Bernd Ernesti with /home/lusers/joe (being uid joe, gid lusers),
with /home/lusers mode 750 and owner root:lusers.
 1.34  07-Jan-1998  thorpej Happy new year!
 1.33  05-Dec-1997  hubertf Give up special privileges before chdir($HOME) and access(.hushlogin),
fixing PR 4636 by myself with some help from Jason Thorpe.
 1.32  07-Nov-1997  mrg print TNF copyright, like the kernel does.
 1.31  12-Oct-1997  mycroft branches: 1.31.2;
Undo part of the previous; don't allow logins if we've passed pw_change.
The semantics of this are not well documented. *sigh*
 1.30  12-Oct-1997  mycroft Refuse login only when we've past pw_expire, not pw_change. Check pw_expire
first.
 1.29  12-Oct-1997  mycroft Several things:
* Change the semantics of the `-s' option somewhat. If specified, allow
either Kerberos or S/Key login, but not a plain password.
* Eliminate the special `s/key' password; just type it at the prompt.
* Remove the root instance special case. This is a serious security hole
waiting to happen, and no other system works this way.
* Don't force a password change if Kerberos was used. Also, don't call
/bin/passwd at all if the password change isn't required.
 1.28  12-Oct-1997  mycroft If we compile without SKEY, abort if a -s option is used, rather than silently
failing to enforce it.
 1.27  12-Oct-1997  mycroft Fix uninitialized variable.
 1.26  25-Aug-1997  kleink Lseek(2) usage cleanup: the use of L_SET/L_INCR/L_XTND is deprecated,
use SEEK_SET/SEEK_CUR/SEEK_END instead.
 1.25  19-Aug-1997  mycroft Various changes to keep up with krb5, mostly addition of the kcontext
structure. From PR 3826, by Chris Jones.
 1.24  16-Aug-1997  lukem * add functionality to `force password change at next login'. to use,
set the pw_change field of the user to -1 (defined in <pwd.h> as
_PASSWORD_CHGNOW). based on [bin/936] by Simon Gerraty <sjg@quick.com.au>
* clean up for WARNS?=1
 1.23  11-Jul-1997  mikel add comparisons to NULL implicit in my last changes
compare result of getopt() to -1, not EOF
 1.22  29-Jun-1997  lukem Don't leak some information (``you have no s/key'').

Only information leaks now are:
* if '-s -s' is used (only allow s/key users, and force s/key use),
then "login incorrect" will be given if a non-s/key user (or
non-existant user) attempts to login; no password will be prompted
for.
XXX: maybe this should be fixed, but further analysis is required.
* an s/key user will be reminded in the "Password" prompt that they
have an s/key. Therefore it would be possible to determine if a user
is active on the machine if they have an s/key.
XXX: maybe an option is required to control this behaviour
 1.21  27-Jun-1997  lukem use _PASSWORD_WARNDAYS from <pwd.h>
 1.20  25-Jun-1997  lukem Apply [bin/3270] from Simon J. Gerraty <sjg@quick.com.au>, with fixes by me:
* if the user has an s/key, provide a reminder in the password prompt
* if '-s' is given once, force a user that has an s/key to use it
* if '-s' is given more than once, only permit s/key logins
 1.19  23-Jun-1997  veego Move stdio.h before skey.h to get the FILE struct.
 1.18  23-Jun-1997  mikel include <skey.h> for skey function prototypes, add parens for gcc -Wall
 1.17  11-Feb-1997  mrg remove dangerous sprintf calls.
 1.16  20-Dec-1996  sommerfe Longer login name support: use MAXLOGNAME, not UT_NAMESIZE
 1.15  14-Nov-1996  gwr After the chown(ttyn, ...), call ttyaction(ttyn, "login", pwd->pw_name)
 1.14  18-Sep-1996  explorer Don't display skey error on s/key logins... This gives attackers some
information
 1.13  15-May-1996  jtc Updated to use <util.h>.
From Greg Hudson <ghudson@MIT.EDU>.
 1.12  23-Dec-1994  jtc Merged with 4.4lite.
Changed to conform to NetBSD's new RCS Id convention.
 1.11  03-Aug-1994  deraadt pr#377: dialup line hack is silly
 1.10  25-Jul-1994  brezak Add support for Kerberos5 authentication.
 1.9  24-May-1994  deraadt add s/key support
 1.8  02-Dec-1993  mycroft Oops. Fix typo.
 1.7  02-Dec-1993  mycroft Make sure we check the tty `secure' status even if root has no password.
Suggested by Havard Eidnes <Havard.Eidnes@runit.sintef.no>, but reimplemented
due to bugs in his patch.
Also, don't display `root login refused ...' if the password was mistyped.
 1.6  01-Aug-1993  mycroft Add RCS identifiers.
 1.5  26-Apr-1993  cgd update to new version from uunet
 1.4  26-Apr-1993  cgd changed to use new libcrypt scheme.
 1.3  19-Apr-1993  mycroft Cleanup for GCC 2 and make copyright notice look better.
 1.2  03-Apr-1993  cgd fixed wfj's trampling on UCB copyright notices.
 1.1  21-Mar-1993  cgd branches: 1.1.1;
Initial revision
 1.1.1.2  23-Dec-1994  jtc imported from 44lite
 1.1.1.1  21-Mar-1993  cgd initial import of 386bsd-0.1 sources
 1.31.2.4  07-Feb-1998  mellon Pull up 1.35 (hubertf)
 1.31.2.3  29-Jan-1998  mellon Pull up 1.34 (thorpej) (not requested, but probably needed)
 1.31.2.2  29-Jan-1998  mellon Pull up 1.33 (hubertf)
 1.31.2.1  07-Nov-1997  mrg pull up from trunk: print TNF copyright, like the kernel does.
 1.42.2.1  16-Jan-2000  he Pull up revision 1.47 (requested by cgd):
Update the copyright notice to include 2000.
 1.45.4.1  27-Dec-1999  wrstuden Pull up to last week's -current.
 1.56.2.1  23-Jun-2000  minoura Sync w/ netbsd-1-5-base.
 1.58.2.2  06-Aug-2000  thorpej Pull up rev. 1.61:
Don't syslog that krb5_init_context() failed if it failed due
to Kerberos not being configured on the system.
 1.58.2.1  02-Aug-2000  thorpej Update from trunk (approved by jhawk):
If neither Kerberos IV or Kerberos V are configured, don't
issue "Warning: no Kerberos tickets issued."
 1.65.2.1  02-Jun-2003  tron Pull up revision 1.72 (requested by fair):
Update copyright notice.
 1.77.6.1  17-Mar-2006  riz Pull up following revision(s) (requested by jnemeth in ticket #10356):
usr.bin/login/login.c: revision 1.87 via patch
login(1): PR/31059: don't issue different message for root login on
insecure terminal.
 1.77.4.2  17-Mar-2006  riz Pull up following revision(s) (requested by jnemeth in ticket #10358):
usr.bin/login/login.c: revision 1.88
PR/23616: Christian Biere: login might not back-off as expected
 1.77.4.1  17-Mar-2006  riz Pull up following revision(s) (requested by jnemeth in ticket #10356):
usr.bin/login/login.c: revision 1.87 via patch
login(1): PR/31059: don't issue different message for root login on
insecure terminal.
 1.77.2.1  17-Mar-2006  riz Pull up following revision(s) (requested by jnemeth in ticket #10356):
usr.bin/login/login.c: revision 1.87 via patch
login(1): PR/31059: don't issue different message for root login on
insecure terminal.
 1.82.2.4  10-Mar-2006  tron Pull up following revision(s) (requested by jnemeth in ticket #1200):
usr.bin/login/login.c: revision 1.88
PR/23616: Christian Biere: login might not back-off as expected
 1.82.2.3  09-Mar-2006  tron Pull up following revision(s) (requested by jnemeth in ticket #1198):
usr.bin/login/login.c: revision 1.87
PR/31059: Zafer Aydogan: login too verbose
Don't display a different message for root login on insecure terminal.
Approved by christos@.
 1.82.2.2  30-Mar-2005  tron branches: 1.82.2.2.2;
Pull up revision 1.84 (requested by jmmv in ticket #77):
Add a colon before %m in calls to syslog(3) for consistency with other
messages in this same file and in many other tools.
 1.82.2.1  21-Mar-2005  jwise Pull up revision 1.83 (requested by tron in [pullup-3 #28]):

Make S/Key prompt compliant with RFC 2289. Patch supplied by Dave Huang
in PR bin/23167.
 1.82.2.2.2.2  10-Mar-2006  tron Pull up following revision(s) (requested by jnemeth in ticket #1200):
usr.bin/login/login.c: revision 1.88
PR/23616: Christian Biere: login might not back-off as expected
 1.82.2.2.2.1  09-Mar-2006  tron Pull up following revision(s) (requested by jnemeth in ticket #1198):
usr.bin/login/login.c: revision 1.87
PR/31059: Zafer Aydogan: login too verbose
Don't display a different message for root login on insecure terminal.
Approved by christos@.
 1.91.2.1  19-Jun-2006  chap Sync with head.
 1.95.12.1  18-Sep-2008  wrstuden Sync with wrstuden-revivesa-base-2.
 1.98.4.1  07-May-2012  riz Pull up following revision(s) (requested by christos in ticket #215):
usr.bin/login/login.c: revision 1.100
usr.bin/login/login.c: revision 1.101
usr.bin/login/login.c: revision 1.102
usr.bin/login/common.c: revision 1.4
usr.bin/login/common.h: revision 1.2
usr.bin/login/k5login.c: revision 1.28
usr.bin/login/k5login.c: revision 1.29
usr.bin/login/login.c: revision 1.99
usr.bin/login/login_pam.c: revision 1.21
usr.bin/login/Makefile: revision 1.53
usr.bin/login/Makefile: revision 1.54
usr.bin/login/Makefile: revision 1.55
usr.bin/login/k5login.c: revision 1.30
usr.bin/login/k5login.c: revision 1.31
usr.bin/login/k5login.c: revision 1.32
usr.bin/login/k5login.c: revision 1.33
make krb5 compile again. XXX: one function left that is deprecated, what's
the new equivalent?
centralize error function processing.
fix the USE_KERBEROS=no USE_PAM=no build.
remove obsolete comment.
make kerberos work again:
1. make notickets external
2. don't use the tty as part of the credential cache, since pts/1 will not work.
3. Attempt to use the newer functions, but punt for now since it does not work
yet.
don't abuse the instance variable
move more of the compat code in the compat block.
last commit before I nuke the old code.
no more KRB5_DEPRECATED
 1.98.2.2  22-May-2014  yamt sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
 1.98.2.1  23-May-2012  yamt sync with head.
 1.103.2.1  20-Aug-2014  tls Rebase to HEAD as of a few days ago.
 1.104.4.1  11-Feb-2015  snj Pull up following revision(s) (requested by aymeric in ticket #506):
usr.bin/login/login.c: revision 1.105
usr.bin/login/login_pam.c: revision 1.24
Remove the syslogging of a dial out login warning based on the tty name, because
the test is sloppy and doesn't correspond to the current naming anyway.
OK gdt@
PR#377 can remain closed.

RSS XML Feed