-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathutmp_rd.c
225 lines (182 loc) · 5.27 KB
/
utmp_rd.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
/* utmp_rd.c
*
* routines that read utmp files
*
*/
#include "config.h"
#include <stdio.h>
#ifdef HAVE_STRING_H
#include <string.h>
#endif
#include <ctype.h>
#include <sys/types.h>
#ifdef TIME_WITH_SYS_TIME
# include <sys/time.h>
# include <time.h>
#else
# ifdef HAVE_SYS_TIME_H
# include <sys/time.h>
# else
# include <time.h>
# endif
#endif
#include "common.h"
#include "files.h"
#include "file_rd.h"
#include "utmp_rd.h"
/* globals */
static struct file_rd_info *utmp_info = NULL;
#define BUFFERED_RECS 256
/* Set up utmp handling routines */
void utmp_init(int backwards)
{
utmp_info = file_reader_init(sizeof (struct utmp), BUFFERED_RECS,
backwards);
}
/* Add a utmp/wtmp file to the list of files to process */
void add_utmp_file(char *name)
{
file_reader_add_file(utmp_info, name);
}
/* Do a buffered read of the file and return the next record in REC.
Return 0 if no more entries. */
struct utmp *utmp_get_entry(void)
{
return (struct utmp *)file_reader_get_entry(utmp_info);
}
void print_utmp_record(struct utmp *rec, FILE *out)
{
if (rec)
{
fprintf (out, "%-*.*s|%-*.*s|",
NAME_LEN, NAME_LEN, rec->ut_name,
TTY_LEN, TTY_LEN, rec->ut_line);
#ifdef HAVE_STRUCT_UTMP_UT_TYPE
fprintf (out, "%1d|", rec->ut_type);
#endif
#ifdef HAVE_STRUCT_UTMP_UT_ID
{
int i;
for (i = 0; i < ID_LEN; i++)
{
char c = rec->ut_id[i];
if (c == '\0')
{
fprintf (out, "%-*.*s", ID_LEN - i, ID_LEN - i, "");
break;
}
else if (! isprint (c))
{
fputc ('?', out);
}
else
{
fputc (c, out);
}
}
fputc ('|', out);
}
#endif
#ifdef HAVE_STRUCT_UTMP_UT_PID
fprintf (out, "%5d|", rec->ut_pid);
#endif
#ifdef HAVE_STRUCT_UTMP_UT_ADDR
{
struct in_addr a;
a.s_addr = rec->ut_addr;
fprintf (out, "%-15.15s|",
(rec->ut_addr) ? inet_ntoa (a) : "");
}
#endif
#ifdef HAVE_STRUCT_UTMP_UT_HOST
fprintf (out, "%-*.*s|", HOST_LEN, HOST_LEN, rec->ut_host);
#endif
time_t tmp_time = rec->ut_time;
fputs (ctime (&tmp_time), out);
}
}
void utmp_print_file_and_line(FILE *out)
{
file_reader_print_file_and_line(out, utmp_info);
}
#ifdef HAVE_STRUCT_UTMP_UT_TYPE
/* Some machines have a combination of bsd and sysv stuff writing to
their /etc/wtmp file. If we can handle ut_type fields, let's do
it. Munge BSD-style records into to real sysv records (with
UT_TYPE set correctly) so we don't have to have so many special
cases for them in our processing loop. Return non-zero if the
field was modified. */
int fix_ut_type_field(struct utmp *rec)
{
int mods = 0;
/* Munge the various BSD-type records. */
if (rec->ut_line[0] == OLD_TIME_CHAR)
mods = 1, rec->ut_type = OLD_TIME;
else if (rec->ut_line[0] == NEW_TIME_CHAR)
mods = 1, rec->ut_type = NEW_TIME;
else if (rec->ut_line[0] == BOOT_TIME_CHAR)
{
if ((strncmp (rec->ut_name, "reboot", NAME_LEN) == 0)
&& (rec->ut_type != BOOT_TIME))
mods = 1, rec->ut_type = BOOT_TIME;
#ifdef RUN_LVL
else if ((strncmp (rec->ut_name, "shutdown", NAME_LEN) == 0)
&& (rec->ut_type != RUN_LVL))
mods = 1, rec->ut_type = RUN_LVL;
#else
/* If we don't have RUN_LVL, set the type to BOOT_TIME and the
bsd side will catch it. */
else if ((strncmp (rec->ut_name, "shutdown", NAME_LEN) == 0)
&& (rec->ut_type != BOOT_TIME))
mods = 1, rec->ut_type = BOOT_TIME;
#endif
}
/* Munge screwed-up sysv records. */
#ifdef RUN_LVL
if ((rec->ut_type == RUN_LVL)
&& (strncmp (rec->ut_name, "reboot", NAME_LEN) == 0)
&& (rec->ut_type != BOOT_TIME))
mods = 1, rec->ut_type = BOOT_TIME;
if ((rec->ut_type == BOOT_TIME)
&& (strncmp (rec->ut_name, "shutdown", NAME_LEN) == 0)
&& (rec->ut_type != RUN_LVL))
mods = 1, rec->ut_type = RUN_LVL;
#endif
#if defined (USER_PROCESS) && defined (DEAD_PROCESS)
if ((rec->ut_type == USER_PROCESS)
&& (rec->ut_name[0] == '\0'))
mods = 1, rec->ut_type = DEAD_PROCESS;
#endif
/* Often EMPTY or UT_UNKNOWN is 0, so we might modify some of those
records here. The chances of finding a real record with UT_TYPE
== 0 are low, however. We're trying to catch records that were
written that don't have UT_TYPE set correctly... */
#if defined (USER_PROCESS) && defined (DEAD_PROCESS)
if ((rec->ut_type < 1) || (rec->ut_type > UTMAXTYPE))
{
if (rec->ut_line[0] != '\0')
{
if (rec->ut_name[0] != '\0')
mods = 1, rec->ut_type = USER_PROCESS;
else
mods = 1, rec->ut_type = DEAD_PROCESS;
}
}
#endif
return mods;
}
#endif
/* If a record is obviously bad, return non-zero. */
int bad_utmp_record(struct utmp *rec)
{
#ifndef HAVE_STRUCT_UTMP_UT_TYPE
/* If we have UT_TYPE, all bets are off, since all of these tests
might be valid for one record type or another. We can only do
this for bsd-ish records. */
if ((rec->ut_line[0] == '\0')
&& (rec->ut_line[0] == '\0')
&& (rec->ut_time == 0))
return 1;
#endif
return 0;
}