Logo  

Home - Old Man Programmer

Displaying projects/sac/wcat.c

/* $Copyright: $
 * Copyright (c) 2001 by Steve Baker (ice@mama.indstate.edu)
 * All Rights reserved
 *
 * This software is provided as is without any express or implied
 * warranties, including, without limitation, the implied warranties
 * of merchant-ability and fitness for a particular purpose.
 */
#ifdef SOLARIS
#include <utmpx.h>
#else
#include <utmp.h>
#endif
#include <stdlib.h>
#include <ctype.h>
#include <sys/types.h>
#include <sys/time.h>
#include <time.h>
#include <stdio.h>
#include <unistd.h>
#include <fcntl.h>
#include <errno.h>

#ifdef SOLARIS
#define UT_NAMESIZE	32
#define UT_LINESIZE	32
#define UT_HOSTSIZE	257
#define UT_UNKNOWN	0
#define utmp	utmpx
#define ut_time	ut_tv.tv_sec
#endif

extern int errno;

static char *version = "$Version: $ wcat v1.0 (c) 2001 by Steve Baker $";

#ifdef SOLARIS
#define _PATH_WTMP WTMPX_FILE
#else
#ifndef _PATH_WTMP
#define _PATH_WTMP  "/var/log/wtmp"
#endif
#endif

enum { FALSE=0, TRUE=1 };

struct tacacs3_utmp {
  char ut_line[8];
  char ut_user[8];
  char ut_host[16];
  time_t ut_tactime;
};

struct tacacs4_utmp {
  char ut_line[8];
  char ut_user[8];
  char ut_host[16];
  time_t ut_tactime;
  char ut_comment[16];
};

void usage(), doit(), doit_tacacs3(), doit_tacacs4();
time_t getsacdate(), churn_time();

char dflg = FALSE, useaddr = FALSE;
char *start = NULL, *end = NULL, *back = NULL;
time_t sd = 0, ed = 0, backtime = 0, curtime= 0;
int fd;

/*
 * wcat [-w wtmp] [-adX[3|4]] [-s start] [-e end] [-b hours:minutes:seconds]
 *      [--help] [--version]
 */
int main(int argc, char **argv)
{
  char *file = _PATH_WTMP, tacacs3 = FALSE, tacacs4 = FALSE;
  int i, j, n;

  for(n=i=1;i<argc;i=n) {
    n++;
    if (argv[i][0] == '-') {
      for(j=1;argv[i][j];j++) {
	switch (argv[i][j]) {
	  case 'w':
	    file = argv[n++];
	    break;
	  case 'X':
	    if (argv[i][j+1] == '4') {
	      j++;
	      tacacs4 = TRUE;
	    } else if (argv[i][j+1] == '3') {
	      j++;
	      tacacs3 = TRUE;
	    } else tacacs3 = TRUE;
	    break;
	  case 'b':
	    back = argv[n++];
	    break;
	  case 's':
	    start = argv[n++];
	    break;
	  case 'e':
	    end = argv[n++];
	    break;
	  case 'd':
	    dflg = TRUE;
	    break;
	  case 'a':
	    useaddr = TRUE;
	    break;
	  case '-':
	    if (j == 1) {
	      if (!strcmp("--help",argv[i])) usage(4);
	      if (!strcmp("--version",argv[i])) usage(5);
	    }
	  default:
	    usage(1);
	}
      }
    } else {
    }
  }

  if (start) {
    if (isdigit(start[0])) {
      sd = getsacdate(start);
    } else usage(2);
  }
  if (end) {
    if (isdigit(end[0])) {
      ed = getsacdate(end) + 86399;
    } else usage(2);
  }
  if (back) backtime = (curtime=time(0)) - churn_time(back);

  if (!strcmp(file,"-")) fd = 0;
  else fd = open(file,O_RDONLY);

  if (tacacs4) doit_tacacs4();
  else if (tacacs3) doit_tacacs3();
  else doit();
  close(fd);
  exit(0);
}

void doit()
{
  signed int n, m;
  struct utmp u;
  void *ut = &u;

  while (1) {
    for(n=m=read(fd,ut,sizeof(struct utmp));n < (int)sizeof(struct utmp);n+=m=read(fd,ut+n,sizeof(struct utmp)-n)) {
      if (m < 0) {
	perror("rawtmp");
	return;
      }
      if (!m) return;
    }
    if (back && u.ut_time < backtime) continue;
    if (start && u.ut_time < sd) continue;
    if (end && u.ut_time > ed) continue;
    write(1,ut,sizeof(struct utmp));
  }
}

void doit_tacacs3()
{
  struct tacacs3_utmp u;
  void *ut = &u;
  int n, m;

  while (1) {
    for(n=m=read(fd,ut,sizeof(struct tacacs3_utmp));n < (int)sizeof(struct tacacs3_utmp);n+=m=read(fd,ut+n,sizeof(struct tacacs3_utmp)-n)) {
      if (m < 0) {
	perror("rawtmp");
	return;
      }
      if (!m) return;
    }
    if (back && u.ut_tactime < backtime) continue;
    if (start && u.ut_tactime < sd) continue;
    if (end && u.ut_tactime > ed) continue;
    write(1,ut,sizeof(struct tacacs3_utmp));
  }
}

void doit_tacacs4()
{
  struct tacacs4_utmp u;
  void *ut = &u;
  int n, m;

  while (1) {
    for(n=m=read(fd,ut,sizeof(struct tacacs4_utmp));n < (int)sizeof(struct tacacs4_utmp);n+=m=read(fd,ut+n,sizeof(struct tacacs4_utmp)-n)) {
      if (m < 0) {
	perror("rawtmp");
	return;
      }
      if (!m) return;
    }
    if (back && u.ut_tactime < backtime) continue;
    if (start && u.ut_tactime < sd) continue;
    if (end && u.ut_tactime > ed) continue;
    write(1,ut,sizeof(struct tacacs4_utmp));
  }
}


/*
 * Turn "mm/dd/yy" into time in seconds.
 */
time_t getsacdate(s)
char *s;
{
  struct tm tm;
  int y;
  time_t t;

/*
 * <puke>
 * Need a real date parser that can handle different formats and separators
 */
  if (!isdigit(s[0]) || !isdigit(s[1]) || isdigit(s[2])) usage(2);
  if (!isdigit(s[3]) || !isdigit(s[4]) || isdigit(s[5])) usage(2);
  if (!isdigit(s[6]) || !isdigit(s[7]) || s[8]) usage(2);

  tm.tm_mon = atoi(s) -1;
  tm.tm_mday = atoi(s+3);
  y = atoi(s+6);
  tm.tm_year = (y < 70? 100 + y : y);
  tm.tm_isdst = tm.tm_hour = tm.tm_min = tm.tm_sec = 0;

  t = mktime(&tm);
  if (t == (time_t)(-1)) usage(2);
  return t;
}

time_t churn_time(s)
char *s;
{
  time_t t = 0, mult=3600;
  u_char nbuf[20], p;

  for(p=0;*s;s++) {
    if (*s == ':') {
      nbuf[p] = (u_char)0;
      t += atoi(nbuf) * mult;
      p = 0;
      if (mult > 1) mult /= 60;
      else usage(3);
    } else if (isdigit(*s)) {
      if (p < 15) nbuf[p++] = (u_char)*s;
      else usage(3);
    } else usage(3);
  }
  nbuf[p] = (u_char)0;
  t += atoi(nbuf) * mult;

  return t;
}

void usage(n)
int n;
{
  switch (n) {
    case 1:
      fprintf(stderr,"usage: wcat [-w wtmp|-] [-adX[3|4]] [-s start] [-e end] [-b H[:M[:S]]]\n       [--help] [--version]\n");
      break;
    case 2:
      fprintf(stderr,"wcat: Invalid date.  Format: mm/dd/yy\n");
      break;
    case 3:
      fprintf(stderr,"wcat: Invalid time.  Format: hours[:minutes[:seconds]]\n");
      break;
    case 4:
      fprintf(stderr,"usage: wcat [-w wtmp|-] [-adX[3|4]] [-s start] [-e end] [-b H[:M[:S]]]\n       [--help] [--version]\n");
      fprintf(stderr,"    -w wtmp|-   Read alternate wtmp file.\n");
      fprintf(stderr,"    -X[3]       Read tacacs 3.x wtmp format.\n");
      fprintf(stderr,"    -X4         Read tacacs 4.0 wtmp format.\n");
      fprintf(stderr,"    -d          Output time in MMM DD HH:MM:SS date format.\n");
      fprintf(stderr,"    -a          Print contents of ut_addr (if it exists) instead of ut_host.\n");
      fprintf(stderr,"    -s start    Display accounting info from `start'.\n");
      fprintf(stderr,"    -e end      Display accounting info up to `end'.\n");
      fprintf(stderr,"    -b H:M:S    Show accounting info from the last few hours/minutes/seconds.\n");
      fprintf(stderr,"    --help      Print this help message.\n");
      fprintf(stderr,"    --version   Print the version of rawtmp.\n");
      break;
    case 5:
      {
        char *v = version+12;
	printf("%.*s\n",(int)strlen(v)-1,v);
	exit(0);
      }
  }
  exit(1);
}