--- qmailadmin.c 2011-02-22 22:45:48.000000000 +0800 +++ qmailadmin.c.new 2015-05-11 12:06:58.984316573 +0800 @@ -22,6 +22,7 @@ #include #include #include +#include #include #include #include @@ -109,6 +110,33 @@ char RealDir[156]; char Lang[40]; +static void +log_auth(char *msg) +{ + FILE *fp = NULL; + if ((fp = fopen("/var/log/qma-auth.log", "a")) == NULL) { + exit(-1); + } + + const char *ip_addr = getenv("REMOTE_ADDR"); + if (!ip_addr) + ip_addr = "127.0.0.1"; + + time_t tv; + struct tm tm; + char time_buf[64]; + + time(&tv); + localtime_r(&tv, &tm); + strftime(time_buf, sizeof(time_buf) - 2, "%Y/%m/%d %H:%M:%S", &tm); + + fprintf(fp, "%s user:%s@%s ip:%s auth:%s\n", time_buf, Username, Domain, ip_addr, msg); + + if (fclose(fp) != 0) { + exit(-1); + } +} + void qmailadmin_suid (gid_t Gid, uid_t Uid) { if ( geteuid() == 0 ) { @@ -195,6 +223,11 @@ if (*Username && (*Password == '\0') && (*Password1 || *Password2)) { /* username entered, but no password */ snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[198]); + + char log_buf[3 * MAX_BUFF]; + memset(log_buf, 0x0, sizeof(log_buf)); + snprintf(log_buf, sizeof(log_buf) - 2, "failed [%s@%s]", Newu, Domain); + log_auth(log_buf); } else if (*Username && *Password) { /* attempt to authenticate user */ vget_assign (Domain, RealDir, sizeof(RealDir), &Uid, &Gid); @@ -208,6 +241,11 @@ if ( *Domain == '\0' ) { snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[198]); + + char log_buf[3 * MAX_BUFF]; + memset(log_buf, 0x0, sizeof(log_buf)); + snprintf(log_buf, sizeof(log_buf) - 2, "failed [%s@%s]", Newu, Domain); + log_auth(log_buf); } else { chdir(RealDir); load_limits(); @@ -215,6 +253,11 @@ pw = vauth_user( User, Domain, Password, "" ); if ( pw == NULL ) { snprintf (StatusMessage, sizeof(StatusMessage), "%s", html_text[198]); + + char log_buf[3 * MAX_BUFF]; + memset(log_buf, 0x0, sizeof(log_buf)); + snprintf(log_buf, sizeof(log_buf) - 2, "failed [%s@%s]", Newu, Domain); + log_auth(log_buf); } else if (pw->pw_flags & NO_PASSWD_CHNG) { strcpy (StatusMessage, "You don't have permission to change your password."); } else if (strcmp (Password1, Password2) != 0) { @@ -264,6 +307,12 @@ pw = vauth_user( Username, Domain, Password, "" ); if ( pw == NULL ) { snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", html_text[198]); + + char log_buf[3 * MAX_BUFF]; + memset(log_buf, 0x0, sizeof(log_buf)); + snprintf(log_buf, sizeof(log_buf) - 2, "failed [%s@%s]", Newu, Domain); + log_auth(log_buf); + show_login(); vclose(); exit(0);