This function is used to get the child of the current login process of a
user connected over ssh. However, it's actually completely unnecessary,
as the login process, given in the utmp file, is all we need, yes, it's
owned by root, but the daemon should be owned by root as well, so we can
simply hang-up the login process, the exact same way we would do to a
normal terminal session, the other users of sshd will not be affected.
The function getdisc doesn't seem to serve any purpose when it comes to
checking user idle time, by the time it's called, the part of check_idle
which checks access time to the terminal will have already finished, and
there is no reason that a check for idle time on a terminal should act
any differently based on the line discipline. Since the function serves
no purpose, and the call and check of it's result seems like it only
introduces a potential bug, and has no reason to be there, the function
has been removed, as well as the code in chk_timeout which calls it.
NOTE: at this point, the function didn't even check the line discipline,
i gutted it so it would only return the constant N_TTY, i was planning
on rewriting the function to get the terminal line discipline in a more
portable way, since the original way wasn't, but ultimately decided it
didn't even need to exist in the first place.
The tty variable is a char pointer equal to dev, it's pointee does not
change during the function, nor does the pointer itself change, it's
always simply equal to the argument dev, therefore, this pointer is, ...
pointless (ba dum tss!)
ACTIVE is a bit of a misnomer here, when what the constant is meant to
represent is whether the user is allowed to login, or contiue being
logged in, so it's been replaced with a more appropriate name.
At the beginning of the check_idle function, the username in the utmp
entry currently being checked is used to loop through the config file
and check if the user is mentioned in the config line at all. This is
completely unnecessary, as the needed check is done later anyways when
chk_timeout is called, it might give a slight performance boost to
prevent some of the xsession checks that happen before the chk_timeout
call, but slow code is probably better than repeating code.
In check_idle there is an sprintf call which copies an error message to
the global variable errmsg, after which, absolutely nothing was done
with the variable. From a piece of commented out code underneath, one
can tell that this line used to have a purpose, as it was used in a
bailout call, where it gets printed to the syslog. This call is deleted
and now the errmsg string is simply written to and then never used.
Now the line has been modified so the error message gets written to the
syslog, removing the need for the errmsg variable.
Since the ut_line field is not guarranteed to be null terminated, in
order to get a proper null terminated string, dev is required to have an
extra byte at the end.
The username and hostname in a utmp entry is not guarranteed to be NUL
terminated. Specifically, if a user's name is exactly UT_NAMESIZE (32 on
most systems today), the last character will not in fact be NUL. This
creates a problem in the line 866 for example, where strncpy is used to
copy all but the last byte of the utmp username in user. This will cause
an error in the specific case where strlen(utmpp->ut_user) =
UT_NAMESIZE.
The solution is to simply make user and host one byte longer, thereby
letting them have a place for the terminating NUL, after this, they can
be treated as regular strings without any error or extra precaution.
Since most of the #ifdef hacks are meant to facilitate the use of the
daemon under older versions of SunOS which didn't have many of the utmp
library functions and facilities most modern Unices have, and since they
significantly hamper the readability of the code, they have been
removed. For portabilities sake, further changes will have to be made
anyways, many modern systems, such as newer versions of FreeBSD, don't
support utmp anymore, and require use of utmpx instead. The program will
have to be changed accordingly.
The getdisc() function has been almost entirely stripped, and now is
just a stub that always returns N_TTY. This will have to be changed
quickly, so that the function returns the actual tty discipline, but
works in most cases.
Changed the startup in the main function to loop through all file
descriptors from getrlimit(RLIMIT_NOFILE) down to 0, and close them all
to make sure none are left opened by the parent process.
In order to start a daemon, a second call for fork() after changing
session ID is usually required, in order to prevent acquiring a
controlling tty when it eventually writes to one.
The variable ut_list_p, is used in two seperate functions, read_wtmp()
and free_wtmp(), it's state isn't preserved, nor is it important,
therefore it's cleaner to simply use two local variables in each
function, rather than one global variable, used across both.
The string array *messages[] in the config_ent structure, which is used
to store configuration data during runtime, has been shortened to have 4
strings, rather than 10, this is due to the fact that it's only used
with indeces IDLEMSG, SESSMSG, DAYMSG and NOLOGINMSG, or a variable with
one of these as a value. These indeces are all symbolic constants with
values 0 through 3, so only 4 members in the array are needed.
At the start of the check_idle() function, there is an unnecessary local
declaration of time(2), which is already declared at the start of the
program. It has been removed.
There were two lines in the check_idle() function, which were meant to
test if a given user has been found in a given line of the configuration
file. Rather than using the chkmatch function, to test for a match, and
any potential expansions, these two lines, comprising an if statement,
simply checked if the USER pattern matched the given username as a
string, or if it was simply a *.
This means that if a function was checking the user kappa, it would
match him for the USERS field "kappa" or "*", but not "ka*", this is not
the behaviour documented in the timeouts(5) manpage, which explicitly
states the expansion for the USERS field in the config, will be done in
the exact same way as the TTYS field.
There are three string literals in the code where rather than having the
usual \a escape sequence to represent an alert character, the literal
character was inserted, this makes it impractical to edit the lines in
most text editors. So they have been replaced with the more typical
escape sequence.
The entire source code of timeoutd.c has been passed through GNU indent,
in order to amend the inconsistencies, it uses the K&R C style, but
modified, so that tabs are replaced with 4 spaces, close to what a lot
of the code was already using. (Blasphemy, i know) Also the maximum line
length is 100 chars, apart from long strings, which don't get cut as a
result.
Several lines in the code either have whitespace where tabs are
expected, the converse, or trailing whitespace before a newline. All
of these have been removed or replaced.
The file dump_wtmp.c is not a part of the timeoutd program itself, but a
seperate diagnostic tool, which, if it must be used at all, belongs in a
seperate package. I've decided to simply remove it from this repository.
It's name is also a misnomer, as it's programed to actually dump the
utmp file, not the wtmp file. It also only dumps records written on the
current date, and only some of the fields. It seemed that fixing the
program would require more effort that it's worth, as I'm currently not
using the program for any diagnostic purpose, and there are now better
replacements for it, such as the Linux package utmpdump. Therefore, I
decided to remove it and cease working on it.
The VERSION file didn't seem to be too useful, as the version of the
program is stated elsewhere, the VERSION file is actually out of date
with the version in the timeoutd.c file, and the particular version of
the software doesn't even matter currently.
Therefore, both files have been deleted.
There are several lines in the code which cause GCC to warn the user
about undefined behaviour. Most of these are potential buffer overflow
problems. Which come from either overwriting a buffer which may be too
small for a given input, or writing to, or from, a string not guaranteed
to be null-terminated, such as any of the char[] fields in a utmp
struct. Almost all come from an improper usage of strcmp or strncmp or
similar.
The README file mentions the wrong pathnames in its installation,
instructing the user to install the binary in "/usr/etc", rather than
the "/usr/sbin" directory, for example. It also has a typo at the very
end. These errors have been fixed.
The Makefile for the project was unable to properly build. It didn't
call an X11 library which was needed for the program to link, but called
various libraries which weren't necessary. It also didn't install the
/etc/timeouts config file, didn't have an uninstall option, and it's
install would fail, due to the fact that it used non-existent
directories as install destinations, and broken user and group settings
for the files.
All of the afformentioned problems have been mended in this commit. It's
likely that all of the problems which actually broke the program were
due to a difference in Unix systems of the early 90s compared to 2020.
It's likely the X11 libraries were reorganised, and the users and groups
in the install command have been obsoleted.
