summaryrefslogtreecommitdiffstats
path: root/lib/failure.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-26 16:18:37 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-26 16:18:37 +0000
commitb6b00dd55e035bfbe311a527b567962ffa77ee43 (patch)
treecafc4d13785448e5a78bd40a51697ee07f07ac12 /lib/failure.c
parentAdding debian version 1:4.13+dfsg1-5. (diff)
downloadshadow-b6b00dd55e035bfbe311a527b567962ffa77ee43.tar.xz
shadow-b6b00dd55e035bfbe311a527b567962ffa77ee43.zip
Merging upstream version 1:4.15.2.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--lib/failure.c (renamed from libmisc/failure.c)126
1 files changed, 49 insertions, 77 deletions
diff --git a/libmisc/failure.c b/lib/failure.c
index 1aab299..e42e710 100644
--- a/libmisc/failure.c
+++ b/lib/failure.c
@@ -14,10 +14,16 @@
#include <fcntl.h>
#include <stdio.h>
#include <unistd.h>
+
#include "defines.h"
#include "faillog.h"
-#include "getdef.h"
#include "failure.h"
+#include "memzero.h"
+#include "prototypes.h"
+#include "string/strftime.h"
+#include "string/strtcpy.h"
+
+
#define YEAR (365L*DAY)
/*
* failure - make failure entry
@@ -41,7 +47,7 @@ void failure (uid_t uid, const char *tty, struct faillog *fl)
fd = open (FAILLOG_FILE, O_RDWR);
if (fd < 0) {
SYSLOG ((LOG_WARN,
- "Can't write faillog entry for UID %lu in %s.",
+ "Can't write faillog entry for UID %lu in %s: %m",
(unsigned long) uid, FAILLOG_FILE));
return;
}
@@ -53,7 +59,7 @@ void failure (uid_t uid, const char *tty, struct faillog *fl)
*/
if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
- || (read (fd, (char *) fl, sizeof *fl) != (ssize_t) sizeof *fl)) {
+ || (read (fd, fl, sizeof *fl) != (ssize_t) sizeof *fl)) {
/* This is not necessarily a failure. The file is
* initially zero length.
*
@@ -75,7 +81,7 @@ void failure (uid_t uid, const char *tty, struct faillog *fl)
fl->fail_cnt++;
}
- strncpy (fl->fail_line, tty, sizeof (fl->fail_line) - 1);
+ STRTCPY(fl->fail_line, tty);
(void) time (&fl->fail_time);
/*
@@ -86,13 +92,26 @@ void failure (uid_t uid, const char *tty, struct faillog *fl)
*/
if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
- || (write (fd, (char *) fl, sizeof *fl) != (ssize_t) sizeof *fl)
- || (close (fd) != 0)) {
- SYSLOG ((LOG_WARN,
- "Can't write faillog entry for UID %lu in %s.",
- (unsigned long) uid, FAILLOG_FILE));
+ || (write_full(fd, fl, sizeof *fl) == -1)) {
+ goto err_write;
+ }
+
+ if (close (fd) != 0 && errno != EINTR) {
+ goto err_close;
+ }
+
+ return;
+
+err_write:
+ {
+ int saved_errno = errno;
(void) close (fd);
+ errno = saved_errno;
}
+err_close:
+ SYSLOG ((LOG_WARN,
+ "Can't write faillog entry for UID %lu to %s: %m",
+ (unsigned long) uid, FAILLOG_FILE));
}
static bool too_many_failures (const struct faillog *fl)
@@ -144,7 +163,7 @@ int failcheck (uid_t uid, struct faillog *fl, bool failed)
fd = open (FAILLOG_FILE, failed?O_RDONLY:O_RDWR);
if (fd < 0) {
SYSLOG ((LOG_WARN,
- "Can't open the faillog file (%s) to check UID %lu. "
+ "Can't open the faillog file (%s) to check UID %lu: %m; "
"User access authorized.",
FAILLOG_FILE, (unsigned long) uid));
return 1;
@@ -163,7 +182,7 @@ int failcheck (uid_t uid, struct faillog *fl, bool failed)
*/
if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
- || (read (fd, (char *) fl, sizeof *fl) != (ssize_t) sizeof *fl)) {
+ || (read (fd, fl, sizeof *fl) != (ssize_t) sizeof *fl)) {
(void) close (fd);
return 1;
}
@@ -185,18 +204,30 @@ int failcheck (uid_t uid, struct faillog *fl, bool failed)
fail.fail_cnt = 0;
if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
- || (write (fd, (const void *) &fail, sizeof fail) != (ssize_t) sizeof fail)
- || (close (fd) != 0)) {
- SYSLOG ((LOG_WARN,
- "Can't reset faillog entry for UID %lu in %s.",
- (unsigned long) uid, FAILLOG_FILE));
- (void) close (fd);
+ || (write_full(fd, &fail, sizeof fail) == -1)) {
+ goto err_write;
+ }
+
+ if (close (fd) != 0 && errno != EINTR) {
+ goto err_close;
}
} else {
(void) close (fd);
}
return 1;
+
+err_write:
+ {
+ int saved_errno = errno;
+ (void) close (fd);
+ errno = saved_errno;
+ }
+err_close:
+ SYSLOG ((LOG_WARN,
+ "Can't reset faillog entry for UID %lu in %s: %m",
+ (unsigned long) uid, FAILLOG_FILE));
+ return 1;
}
/*
@@ -223,7 +254,7 @@ void failprint (const struct faillog *fail)
/*
* Print all information we have.
*/
- (void) strftime (lasttimeb, sizeof lasttimeb, "%c", tp);
+ STRFTIME(lasttimeb, "%c", tp);
/*@-formatconst@*/
(void) printf (ngettext ("%d failure since last login.\n"
@@ -234,62 +265,3 @@ void failprint (const struct faillog *fail)
fail->fail_cnt, lasttime, fail->fail_line);
/*@=formatconst@*/
}
-
-/*
- * failtmp - update the cumulative failure log
- *
- * failtmp updates the (struct utmp) formatted failure log which
- * maintains a record of all login failures.
- */
-
-void failtmp (const char *username,
-#ifdef USE_UTMPX
- const struct utmpx *failent
-#else /* !USE_UTMPX */
- const struct utmp *failent
-#endif /* !USE_UTMPX */
- )
-{
- const char *ftmp;
- int fd;
-
- /*
- * Get the name of the failure file. If no file has been defined
- * in login.defs, don't do this.
- */
-
- ftmp = getdef_str ("FTMP_FILE");
- if (NULL == ftmp) {
- return;
- }
-
- /*
- * Open the file for append. It must already exist for this
- * feature to be used.
- */
-
- if (access (ftmp, F_OK) != 0) {
- return;
- }
-
- fd = open (ftmp, O_WRONLY | O_APPEND);
- if (-1 == fd) {
- SYSLOG ((LOG_WARN,
- "Can't append failure of user %s to %s.",
- username, ftmp));
- return;
- }
-
- /*
- * Append the new failure record and close the log file.
- */
-
- if ( (write (fd, (const void *) failent, sizeof *failent) != (ssize_t) sizeof *failent)
- || (close (fd) != 0)) {
- SYSLOG ((LOG_WARN,
- "Can't append failure of user %s to %s.",
- username, ftmp));
- (void) close (fd);
- }
-}
-