[0001]
[0002]
[0003]
[0004]
[0005]
[0006]
[0007]
[0008]
[0009]
[0010]
[0011]
[0012]
[0013]
[0014]
[0015]
[0016]
[0017]
[0018]
[0019]
[0020]
[0021]
[0022]
[0023]
[0024]
[0025]
[0026]
[0027]
[0028]
[0029]
[0030]
[0031]
[0032]
[0033]
[0034]
[0035]
[0036]
[0037]
[0038]
[0039]
[0040]
[0041]
[0042]
[0043]
[0044]
[0045]
[0046]
[0047]
[0048]
[0049]
[0050]
[0051]
[0052]
[0053]
[0054]
[0055]
[0056]
[0057]
[0058]
[0059]
[0060]
[0061]
[0062]
[0063]
[0064]
[0065]
[0066]
[0067]
[0068]
[0069]
[0070]
[0071]
[0072]
[0073]
[0074]
[0075]
[0076]
[0077]
[0078]
[0079]
[0080]
[0081]
[0082]
[0083]
[0084]
[0085]
[0086]
[0087]
[0088]
[0089]
[0090]
[0091]
[0092]
[0093]
[0094]
[0095]
[0096]
[0097]
[0098]
[0099]
[0100]
[0101]
[0102]
[0103]
[0104]
[0105]
[0106]
[0107]
[0108]
[0109]
[0110]
[0111]
[0112]
[0113]
[0114]
[0115]
[0116]
[0117]
[0118]
[0119]
[0120]
[0121]
[0122]
[0123]
[0124]
[0125]
[0126]
[0127]
[0128]
[0129]
[0130]
[0131]
[0132]
[0133]
[0134]
[0135]
[0136]
[0137]
[0138]
[0139]
[0140]
[0141]
[0142]
[0143]
[0144]
[0145]
[0146]
[0147]
[0148]
[0149]
[0150]
[0151]
[0152]
[0153]
[0154]
[0155]
[0156]
[0157]
[0158]
[0159]
[0160]
[0161]
[0162]
[0163]
[0164]
[0165]
[0166]
[0167]
[0168]
[0169]
[0170]
[0171]
[0172]
[0173]
[0174]
[0175]
[0176]
[0177]
[0178]
[0179]
[0180]
[0181]
[0182]
[0183]
[0184]
[0185]
[0186]
[0187]
[0188]
[0189]
[0190]
[0191]
[0192]
[0193]
[0194]
[0195]
[0196]
[0197]
[0198]
[0199]
[0200]
[0201]
[0202]
[0203]
[0204]
[0205]
[0206]
[0207]
[0208]
[0209]
[0210]
[0211]
[0212]
[0213]
[0214]
[0215]
[0216]
[0217]
[0218]
[0219]
[0220]
[0221]
[0222]
[0223]
[0224]
[0225]
[0226]
[0227]
[0228]
[0229]
[0230]
[0231]
[0232]
[0233]
[0234]
[0235]
[0236]
[0237]
[0238]
[0239]
[0240]
[0241]
[0242]
[0243]
[0244]
[0245]
[0246]
[0247]
[0248]
[0249]
[0250]
[0251]
[0252]
[0253]
[0254]
[0255]
[0256]
[0257]
[0258]
[0259]
[0260]
[0261]
[0262]
[0263]
[0264]
[0265]
[0266]
[0267]
[0268]
[0269]
[0270]
[0271]
[0272]
[0273]
[0274]
[0275]
[0276]
[0277]
[0278]
[0279]
[0280]
[0281]
[0282]
[0283]
[0284]
[0285]
[0286]
[0287]
[0288]
[0289]
[0290]
[0291]
[0292]
[0293]
[0294]
[0295]
[0296]
[0297]
[0298]
[0299]
[0300]
[0301]
[0302]
[0303]
[0304]
[0305]
[0306]
[0307]
[0308]
[0309]
[0310]
[0311]
[0312]
[0313]
[0314]
[0315]
[0316]
[0317]
[0318]
[0319]
[0320]
[0321]
[0322]
[0323]
[0324]
[0325]
[0326]
[0327]
[0328]
[0329]
[0330]
[0331]
[0332]
[0333]
[0334]
[0335]
[0336]
[0337]
[0338]
[0339]
[0340]
[0341]
[0342]
[0343]
[0344]
[0345]
[0346]
[0347]
[0348]
[0349]
[0350]
[0351]
[0352]
[0353]
[0354]
[0355]
[0356]
[0357]
[0358]
[0359]
[0360]
[0361]
[0362]
[0363]
[0364]
[0365]
[0366]
[0367]
[0368]
[0369]
[0370]
[0371]
[0372]
[0373]
[0374]
[0375]
[0376]
[0377]
[0378]
[0379]
[0380]
[0381]
[0382]
[0383]
[0384]
[0385]
[0386]
[0387]
[0388]
[0389]
[0390]
[0391]
[0392]
[0393]
[0394]
[0395]
[0396]
[0397]
[0398]
[0399]
[0400]
[0401]
[0402]
[0403]
[0404]
[0405]
[0406]
[0407]
[0408]
[0409]
[0410]
[0411]
[0412]
[0413]
[0414]
[0415]
[0416]
[0417]
[0418]
[0419]
[0420]
[0421]
[0422]
[0423]
[0424]
[0425]
[0426]
[0427]
[0428]
[0429]
[0430]
[0431]
[0432]
[0433]
[0434]
[0435]
[0436]
[0437]
[0438]
[0439]
[0440]
[0441]
[0442]
[0443]
[0444]
[0445]
[0446]
[0447]
[0448]
[0449]
[0450]
[0451]
[0452]
[0453]
[0454]
[0455]
[0456]
[0457]
[0458]
[0459]
[0460]
[0461]
[0462]
[0463]
[0464]
[0465]
[0466]
[0467]
[0468]
[0469]
[0470]
[0471]
[0472]
[0473]
[0474]
[0475]
[0476]
[0477]
[0478]
[0479]
[0480]
[0481]
[0482]
[0483]
[0484]
[0485]
[0486]
[0487]
[0488]
[0489]
[0490]
[0491]
[0492]
[0493]
[0494]
[0495]
[0496]
[0497]
[0498]
[0499]
[0500]
[0501]
[0502]
[0503]
[0504]
[0505]
[0506]
[0507]
[0508]
[0509]
[0510]
[0511]
[0512]
[0513]
[0514]
[0515]
[0516]
[0517]
[0518]
[0519]
[0520]
[0521]
[0522]
[0523]
[0524]
[0525]
[0526]
[0527]
[0528]
[0529]
[0530]
[0531]
[0532]
[0533]
[0534]
[0535]
[0536]
[0537]
[0538]
[0539]
[0540]
[0541]
[0542]
[0543]
[0544]
[0545]
[0546]
[0547]
[0548]
[0549]
[0550]
[0551]
[0552]
[0553]
[0554]
[0555]
[0556]
[0557]
[0558]
[0559]
[0560]
[0561]
[0562]
[0563]
[0564]
[0565]
[0566]
[0567]
[0568]
[0569]
[0570]
[0571]
[0572]
[0573]
[0574]
[0575]
[0576]
[0577]
[0578]
[0579]
[0580]
[0581]
[0582]
[0583]
[0584]
[0585]
[0586]
[0587]
[0588]
[0589]
[0590]
[0591]
[0592]
[0593]
[0594]
[0595]
[0596]
[0597]
[0598]
[0599]
[0600]
[0601]
[0602]
[0603]
[0604]
[0605]
[0606]
[0607]
[0608]
[0609]
[0610]
[0611]
[0612]
[0613]
[0614]
[0615]
[0616]
[0617]
[0618]
[0619]
[0620]
[0621]
[0622]
[0623]
[0624]
[0625]
[0626]
[0627]
[0628]
[0629]
[0630]
[0631]
[0632]
[0633]
[0634]
[0635]
[0636]
[0637]
[0638]
[0639]
[0640]
[0641]
[0642]
[0643]
[0644]
[0645]
[0646]
[0647]
[0648]
[0649]
[0650]
[0651]
[0652]
[0653]
[0654]
[0655]
[0656]
[0657]
[0658]
[0659]
[0660]
[0661]
[0662]
[0663]
[0664]
[0665]
[0666]
[0667]
[0668]
[0669]
[0670]
[0671]
[0672]
[0673]
[0674]
[0675]
[0676]
[0677]
[0678]
[0679]
[0680]
[0681]
[0682]
[0683]
[0684]
[0685]
[0686]
[0687]
/*****************************************************************************/
/*
AuthHTA.c
THE GNU GENERAL PUBLIC LICENSE APPLIES DOUBLY TO ANYTHING TO DO WITH
AUTHENTICATION AND AUTHORIZATION!
This package is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License, or any later
version.
> This package is distributed in the hope that it will be useful,
> but WITHOUT ANY WARRANTY; without even the implied warranty of
> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
This module provides functions related to the authentication of usernames via
the WASD HTA databases (maintained via HTADMIN.C).
See AUTH.C for overall detail on the WASD authorization environment.
VERSION HISTORY
---------------
21-MAY-2021 MGD keep HTA record structure as-was (using unsigned longs)
and munge for access to 64 bit time
30-MAY-2007 MGD allow for CONNECT method (basically as a 'write' flag)
28-SEP-2003 MGD HTA database now "read [record] regardless of lock"
26-AUG-2003 MGD service directory located authorization databases
27-APR-2002 MGD use sys$setprv()
04-AUG-2001 MGD support module WATCHing
12-DEC-2000 MGD username size now HTA-specific, different to '->RemoteUser'
02-JAN-2000 MGD no significant modifications for ODS-5 (no NAM block)
28-AUG-1999 MGD unbundled from AUTH.C for v6.1
*/
/*****************************************************************************/
#ifdef WASD_VMS_V7
#undef _VMS__V6__SOURCE
#define _VMS__V6__SOURCE
#undef __VMS_VER
#define __VMS_VER 70000000
#undef __CRTL_VER
#define __CRTL_VER 70000000
#endif
/* standard C header files */
#include <ctype.h>
#include <errno.h>
#include <stdio.h>
#include <string.h>
/* VMS related header files */
#include <descrip.h>
#include <rms.h>
#include <rmsdef.h>
#include <ssdef.h>
#include <stsdef.h>
#include <uaidef.h>
/* not defined VAX C 3.2 <uaidef.h> (probably unnecessary now 11-MAY-2005) */
#ifndef UAI$C_PURDY_S
#define UAI$C_PURDY_S 3
#endif
/* application related header files */
#include "wasd.h"
#define WASD_MODULE "AUTHHTA"
#if WATCH_MOD
#define FI_NOLI WASD_MODULE, __LINE__
#else
/* in production let's keep the exact line to ourselves! */
#define FI_NOLI WASD_MODULE, 0
#endif
/********************/
/* external storage */
/********************/
extern int ServerPort;
extern int ToLowerCase[],
ToUpperCase[];
extern unsigned long SysPrvMask[];
extern char *AuthConfigHtaDirectory;
extern char ErrorSanityCheck[],
SoftwareID[];
extern ACCOUNTING_STRUCT *AccountingPtr;
extern CONFIG_STRUCT Config;
extern MSG_STRUCT Msgs;
extern WATCH_STRUCT Watch;
/****************************************************************************/
/*
Verify the request username/password and/or read capabilities from the on-disk
HTA (HTTPd) authorization database.
Returns a success status if user password authenticated,
AUTH_DENIED_BY_LOGIN if not authenticated, or other error status if a
genuine VMS error occurs (which should be reported where and when it occurs).
The digest is stored in both upper and lower case versions because clients
will have case-lock either on or off producing a digest of either upper or
lower case username and password. Keep digests of both so that provided one
or other case is used exclusively the digest thereof can still be matched
with one or other stored here :^)
*/
int AuthReadHtDatabase
(
REQUEST_STRUCT* rqptr,
char *DatabaseName,
BOOL AuthenticatePassword
)
{
static char Password [AUTH_MAX_PASSWORD_LENGTH+1],
UserName [AUTH_MAX_HTA_USERNAME_LENGTH+1];
static $DESCRIPTOR (PasswordDsc, Password);
static $DESCRIPTOR (UserNameDsc, UserName);
BOOL PasswordAuthenticated,
UserNameEnabled;
int status;
unsigned long HashedPwd [2];
unsigned long *BeginTimePtr;
char *cptr, *sptr, *zptr;
char A1HexDigest [33],
HexDigest [33];
AUTH_HTAREC AuthHtRecord;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_AUTH))
WatchThis (WATCHITM(rqptr), WATCH_MOD_AUTH,
"AuthReadHtDatabase() !&Z !&Z !UL",
DatabaseName, rqptr->RemoteUser, AuthenticatePassword);
/* flag that case-less username and password checks were performed */
rqptr->rqAuth.CaseLess = true;
/* set the capabilities to zero before we do anything else! */
rqptr->rqAuth.UserCan = 0;
/* to uppercase! */
zptr = (sptr = UserName) + sizeof(UserName)-1;
for (cptr = rqptr->RemoteUser;
*cptr && sptr < zptr;
*sptr++ = TOUP(*cptr++));
*sptr = '\0';
UserNameDsc.dsc$w_length = sptr - UserName;
/* look for the record, leave the database file open if found */
status = AuthHtDatabaseAccess (rqptr, true, DatabaseName,
UserName, &AuthHtRecord, NULL, NULL);
if (status == RMS$_EOF)
{
if (WATCHING (rqptr, WATCH_AUTH))
WatchThis (WATCHITM(rqptr), WATCH_AUTH,
"FAIL !AZ!AZ username", DatabaseName,
AuthSourceString (DatabaseName, AUTH_SOURCE_HTA));
/* close the database */
AuthHtDatabaseAccess (NULL, false, NULL, NULL, NULL, NULL, NULL);
if (AuthenticatePassword)
return (AUTH_DENIED_BY_LOGIN);
else
return (AUTH_DENIED_BY_GROUP);
}
if (VMSnok (status))
{
rqptr->rqResponse.ErrorTextPtr = MsgFor(rqptr,MSG_AUTH_DATABASE);
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
return (status);
}
/****************/
/* record found */
/****************/
PasswordAuthenticated = false;
if (AuthHtRecord.Flags & AUTH_FLAG_ENABLED)
{
UserNameEnabled = true;
if (AuthenticatePassword &&
AuthHtRecord.HashedPwd[0] && AuthHtRecord.HashedPwd[1])
{
if (rqptr->rqAuth.Scheme == AUTH_SCHEME_BASIC)
{
/* to uppercase! */
zptr = (sptr = Password) + sizeof(Password)-1;
for (cptr = rqptr->RemoteUserPassword;
*cptr && sptr < zptr;
*sptr++ = TOUP(*cptr++));
*sptr = '\0';
PasswordDsc.dsc$w_length = sptr - Password;
status = sys$hash_password (&PasswordDsc, UAI$C_PURDY_S, 0,
&UserNameDsc, &HashedPwd);
if (VMSnok (status))
{
/* ensure the currently open database is closed */
AuthHtDatabaseAccess (NULL, false, NULL, NULL,
NULL, NULL, NULL);
rqptr->rqResponse.ErrorTextPtr = MsgFor(rqptr,MSG_AUTH_USER);
ErrorVmsStatus (rqptr, status, FI_LI);
return (status);
}
if (WATCHPNT(rqptr) &&
WATCH_MODULE(WATCH_MOD_AUTH))
WatchThis (WATCHITM(rqptr), WATCH_MOD_AUTH, "!8XL!8XL !8XL!8XL",
HashedPwd[1], HashedPwd[0],
AuthHtRecord.HashedPwd[1],
AuthHtRecord.HashedPwd[0]);
if (HashedPwd[0] == AuthHtRecord.HashedPwd[0] &&
HashedPwd[1] == AuthHtRecord.HashedPwd[1])
PasswordAuthenticated = true;
}
else
if (rqptr->rqAuth.Scheme == AUTH_SCHEME_DIGEST)
{
DigestHexString (AuthHtRecord.A1DigestLoCase, 16, A1HexDigest);
DigestResponse (A1HexDigest,
rqptr->rqAuth.DigestNoncePtr,
rqptr->rqHeader.MethodName,
rqptr->rqAuth.DigestUriPtr,
HexDigest);
if (WATCHPNT(rqptr) &&
WATCH_MODULE(WATCH_MOD_AUTH))
{
WatchDataDump (AuthHtRecord.A1DigestLoCase, 16);
WatchThis (WATCHITM(rqptr), WATCH_MOD_AUTH, "!&Z !&Z",
rqptr->rqAuth.DigestResponsePtr, HexDigest);
}
if (!strcmp (rqptr->rqAuth.DigestResponsePtr, HexDigest))
PasswordAuthenticated = true;
else
{
DigestHexString (AuthHtRecord.A1DigestUpCase, 16, A1HexDigest);
DigestResponse (A1HexDigest,
rqptr->rqAuth.DigestNoncePtr,
rqptr->rqHeader.MethodName,
rqptr->rqAuth.DigestUriPtr,
HexDigest);
if (WATCHPNT(rqptr) &&
WATCH_MODULE(WATCH_MOD_AUTH))
{
WatchDataDump (AuthHtRecord.A1DigestUpCase, 16);
WatchThis (WATCHITM(rqptr), WATCH_MOD_AUTH, "!&Z !&Z",
rqptr->rqAuth.DigestResponsePtr, HexDigest);
}
if (!strcmp (rqptr->rqAuth.DigestResponsePtr, HexDigest))
PasswordAuthenticated = true;
}
}
if (!PasswordAuthenticated)
if (WATCHING (rqptr, WATCH_AUTH))
WatchThis (WATCHITM(rqptr), WATCH_AUTH,
"FAIL !AZ!AZ password", DatabaseName,
AuthSourceString (DatabaseName, AUTH_SOURCE_HTA));
if (WATCHMOD (rqptr, WATCH_MOD_AUTH))
WatchThis (WATCHITM(rqptr), WATCH_MOD_AUTH, "AUTHENTICATED");
}
if (!AuthenticatePassword || PasswordAuthenticated)
{
/* set the appropriate authorization flags */
if (AuthHtRecord.Flags & AUTH_FLAG_CONNECT)
rqptr->rqAuth.UserCan |= HTTP_METHOD_CONNECT;
if (AuthHtRecord.Flags & AUTH_FLAG_DELETE)
rqptr->rqAuth.UserCan |= HTTP_METHOD_DELETE;
if (AuthHtRecord.Flags & AUTH_FLAG_GET)
rqptr->rqAuth.UserCan |= HTTP_METHOD_GET | HTTP_METHOD_HEAD;
if (AuthHtRecord.Flags & AUTH_FLAG_HEAD)
rqptr->rqAuth.UserCan |= HTTP_METHOD_HEAD;
if (AuthHtRecord.Flags & AUTH_FLAG_POST)
rqptr->rqAuth.UserCan |= HTTP_METHOD_POST;
if (AuthHtRecord.Flags & AUTH_FLAG_PUT)
rqptr->rqAuth.UserCan |= HTTP_METHOD_PUT;
if (AuthHtRecord.Flags & AUTH_FLAG_HTTPS_ONLY)
rqptr->rqAuth.HttpsOnly = true;
else
rqptr->rqAuth.HttpsOnly = false;
}
}
BeginTimePtr = &rqptr->rqTime.BeginTime64;
if (UserNameEnabled && (!AuthenticatePassword || PasswordAuthenticated))
{
AuthHtRecord.AccessCount++;
AuthHtRecord.LastAccessTime64[0] = BeginTimePtr[0];
AuthHtRecord.LastAccessTime64[1] = BeginTimePtr[1];
}
else
{
AuthHtRecord.FailureCount++;
AuthHtRecord.LastFailureTime64[0] = BeginTimePtr[0];
AuthHtRecord.LastFailureTime64[1] = BeginTimePtr[1];
}
/* update the record, close the database file */
status = AuthHtDatabaseAccess (NULL, false, NULL, NULL,
NULL, NULL, &AuthHtRecord);
if (VMSnok (status))
{
rqptr->rqResponse.ErrorTextPtr = MsgFor(rqptr,MSG_AUTH_DATABASE);
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
return (status);
}
if (!AuthenticatePassword || PasswordAuthenticated)
{
if (AuthenticatePassword)
{
int Length;
char *cptr, *sptr;
Length = 0;
if (AuthHtRecord.FullName[0])
Length += strlen(AuthHtRecord.FullName);
if (AuthHtRecord.Email[0])
{
if (Length) Length++;
Length += strlen(AuthHtRecord.Email);
}
if (AuthHtRecord.Contact[0])
{
if (Length) Length++;
Length += strlen(AuthHtRecord.Contact);
}
if (Length)
{
rqptr->rqAuth.UserDetailsLength = Length;
rqptr->rqAuth.UserDetailsPtr = sptr =
VmGetHeap (rqptr, rqptr->rqAuth.UserDetailsLength+1);
if (AuthHtRecord.FullName[0])
for (cptr = AuthHtRecord.FullName; *cptr; *sptr++ = *cptr++);
if (AuthHtRecord.Email[0])
{
if (sptr > rqptr->rqAuth.UserDetailsPtr) *sptr++ = '\n';
for (cptr = AuthHtRecord.Email; *cptr; *sptr++ = *cptr++);
}
if (AuthHtRecord.Contact[0])
{
if (sptr > rqptr->rqAuth.UserDetailsPtr) *sptr++ = '\n';
for (cptr = AuthHtRecord.Contact; *cptr; *sptr++ = *cptr++);
}
*sptr = '\0';
}
}
return (SS$_NORMAL);
}
else
if (AuthenticatePassword)
return (AUTH_DENIED_BY_LOGIN);
else
return (AUTH_DENIED_BY_GROUP);
}
/****************************************************************************/
/*
Locate a specified user record in a specified on-disk database. Either return
that record if found or if an update record supplied, update it! Can return any
RMS or VMS error status code. Returns SS$_NORMAL is operation (read, add or
update) completed successfully. Returns AUTH_DENIED_BY_LOGIN if the record
could not be found. Returns SS$_INCOMPAT if the database file version is
incorrect.
THE DATABASE FILE IS ALWAYS CLOSED ON AN ERROR CONDITION.
'LeaveFileOpen' will leave the database file open with the current record
context ready for update, or for locating another user record. This function
is not reentrant and therefore this context is valid ONLY within the one AST.
Call with 'DatabaseName' and 'UserName' non-NULL and all other pointers set to
NULL to check whether the user name has a record in the database.
*/
int AuthHtDatabaseAccess
(
REQUEST_STRUCT* rqptr,
BOOL LeaveFileOpen,
char *DatabaseName,
char *UserName,
AUTH_HTAREC *AuthHtRecordReadPtr,
AUTH_HTAREC *AuthHtRecordAddPtr,
AUTH_HTAREC *AuthHtRecordUpdatePtr
)
{
static struct FAB AuthFileFab;
static struct RAB AuthFileRab;
int status,
AuthFileNameLength,
UserNameLength;
char *cptr, *sptr, *zptr;
char AuthFileName [256];
AUTH_HTAREC *AuthHtRecordPtr;
AUTH_HTAREC AuthHtRecord;
/*********/
/* begin */
/*********/
if (WATCH_MODULE(WATCH_MOD_AUTH))
WatchThis (WATCHALL, WATCH_MOD_AUTH,
"AuthHtDatabaseAccess() !&X !&B !&Z !&Z !&X !&X !&X",
rqptr, LeaveFileOpen, DatabaseName, UserName,
AuthHtRecordReadPtr, AuthHtRecordAddPtr,
AuthHtRecordUpdatePtr);
if (!AuthHtRecordReadPtr && !AuthHtRecordAddPtr && !AuthHtRecordUpdatePtr)
{
/************************/
/* force database close */
/************************/
sys$close (&AuthFileFab, 0, 0);
return (SS$_NORMAL);
}
if (!UserName && AuthHtRecordUpdatePtr)
{
/*********************************/
/* update previously read record */
/*********************************/
AuthFileRab.rab$l_rbf = AuthHtRecordUpdatePtr;
AuthFileRab.rab$w_rsz = sizeof(AUTH_HTAREC);
status = sys$update (&AuthFileRab, 0, 0);
if (VMSok (status))
{
/* update completed successfully */
if (!LeaveFileOpen) sys$close (&AuthFileFab, 0, 0);
return (SS$_NORMAL);
}
/* update error */
sys$close (&AuthFileFab, 0, 0);
return (status);
}
if (!DatabaseName)
{
/*****************************************/
/* locate within currently open database */
/*****************************************/
if (VMSnok (status = sys$rewind (&AuthFileRab, 0, 0)))
{
sys$close (&AuthFileFab, 0, 0);
return (status);
}
}
else
{
/**********************************/
/* open currently closed database */
/**********************************/
if (rqptr->rqAuth.PathParameterPtr &&
rqptr->rqAuth.PathParameterPtr[0])
{
if ((cptr = strstr (rqptr->rqAuth.PathParameterPtr, "/directory=")) ||
(cptr = strstr (rqptr->rqAuth.PathParameterPtr, "/DIRECTORY=")))
cptr += 11;
else
cptr = NULL;
}
else
if (rqptr->rqAuth.DirectoryPtr)
cptr = rqptr->rqAuth.DirectoryPtr;
else
if (rqptr->ConfigDirectory[0])
cptr = rqptr->ConfigDirectory;
else
cptr = AuthConfigHtaDirectory;
/* just a safeguard against the service directory not being configured */
if (!*cptr) cptr = AUTH_DIR_NOT_CONFIGURED;
zptr = (sptr = AuthFileName) + sizeof(AuthFileName)-1;
while (*cptr && sptr < zptr) *sptr++ = *cptr++;
for (cptr = DatabaseName; *cptr && sptr < zptr; *sptr++ = *cptr++);
for (cptr = HTA_FILE_TYPE; *cptr && sptr < zptr; *sptr++ = *cptr++);
*sptr = '\0';
AuthFileNameLength = sptr - AuthFileName;
if (WATCHING (rqptr, WATCH_AUTH))
WatchThis (WATCHITM(rqptr), WATCH_AUTH, "FILE !AZ", AuthFileName);
AuthFileFab = cc$rms_fab;
/* if a read-only operation without file left open then read-only! */
if (!LeaveFileOpen && !AuthHtRecordAddPtr && !AuthHtRecordUpdatePtr)
AuthFileFab.fab$b_fac = FAB$M_GET;
else
AuthFileFab.fab$b_fac = FAB$M_GET | FAB$M_PUT | FAB$M_UPD;
AuthFileFab.fab$l_fna = AuthFileName;
AuthFileFab.fab$b_fns = AuthFileNameLength;
AuthFileFab.fab$b_shr = FAB$M_SHRGET | FAB$M_SHRPUT | FAB$M_SHRUPD;
/* turn on SYSPRV to allow access to authentication database file */
sys$setprv (1, &SysPrvMask, 0, 0);
status = sys$open (&AuthFileFab, 0, 0);
sys$setprv (0, &SysPrvMask, 0, 0);
/* status from sys$open() */
if (VMSnok (status)) return (status);
AuthFileRab = cc$rms_rab;
AuthFileRab.rab$l_fab = &AuthFileFab;
/* 2 buffers of sixty-four blocks (records) each */
AuthFileRab.rab$b_mbc = 64;
AuthFileRab.rab$b_mbf = 2;
/* read-ahead and read regardless of lock options */
AuthFileRab.rab$l_rop = RAB$M_RAH | RAB$M_RRL;
if (VMSnok (status = sys$connect (&AuthFileRab, 0, 0)))
{
sys$close (&AuthFileFab, 0, 0);
return (status);
}
}
/*****************/
/* locate record */
/*****************/
/* for add and update read into the scratch record */
if (!AuthHtRecordReadPtr)
AuthFileRab.rab$l_ubf = AuthHtRecordPtr = &AuthHtRecord;
else
AuthFileRab.rab$l_ubf = AuthHtRecordPtr = AuthHtRecordReadPtr;
AuthFileRab.rab$w_usz = sizeof(AUTH_HTAREC);
if (UserName) UserNameLength = strlen(UserName);
while (VMSok (status = sys$get (&AuthFileRab, 0, 0)))
{
/* check the version of the authorization database */
if (AuthHtRecordPtr->DatabaseVersion &&
AuthHtRecordPtr->DatabaseVersion != AUTH_HTA_VERSION)
{
status = SS$_INCOMPAT & 0xfffffffe;
break;
}
/* if deleted record (all set to zeroes) continue */
if (!AuthHtRecordAddPtr && !AuthHtRecordPtr->UserNameLength) continue;
/* if adding a record then use the first deleted one found */
if (AuthHtRecordAddPtr && !AuthHtRecordPtr->UserNameLength) break;
if (UserNameLength != AuthHtRecordPtr->UserNameLength) continue;
cptr = AuthHtRecordPtr->UserName;
sptr = UserName;
while (*cptr && *sptr && TOLO(*cptr) == TOLO(*sptr))
{ cptr++; sptr++; }
if (*cptr || *sptr) continue;
break;
}
if (!AuthHtRecordUpdatePtr && !AuthHtRecordAddPtr)
{
/***************/
/* read record */
/***************/
if (VMSok (status))
{
/* record found */
if (!LeaveFileOpen) sys$close (&AuthFileFab, 0, 0);
return (SS$_NORMAL);
}
if (status == RMS$_EOF)
{
/* user record not found */
if (!LeaveFileOpen) sys$close (&AuthFileFab, 0, 0);
return (status);
}
/* RMS error */
sys$close (&AuthFileFab);
return (status);
}
if (AuthHtRecordUpdatePtr)
{
/*****************/
/* update record */
/*****************/
if (VMSnok (status))
{
if (status == RMS$_EOF)
{
/* user record not found */
if (!LeaveFileOpen) sys$close (&AuthFileFab, 0, 0);
return (status);
}
/* RMS error */
sys$close (&AuthFileFab, 0, 0);
return (status);
}
AuthFileRab.rab$l_rbf = AuthHtRecordUpdatePtr;
AuthFileRab.rab$w_rsz = sizeof(AUTH_HTAREC);
status = sys$update (&AuthFileRab, 0, 0);
if (VMSok (status))
{
/* update completed successfully */
if (!LeaveFileOpen) sys$close (&AuthFileFab, 0, 0);
return (SS$_NORMAL);
}
/* RMS error */
sys$close (&AuthFileFab, 0, 0);
return (status);
}
if (AuthHtRecordAddPtr)
{
/****************/
/* add a record */
/****************/
if (VMSnok (status) && status != RMS$_EOF)
{
/* RMS error */
sys$close (&AuthFileFab, 0, 0);
return (status);
}
AuthFileRab.rab$l_rbf = AuthHtRecordAddPtr;
AuthFileRab.rab$w_rsz = sizeof(AUTH_HTAREC);
/* if reached end-of-file then add a record, else update zeroed one */
if (status == RMS$_EOF)
status = sys$put (&AuthFileRab, 0, 0);
else
status = sys$update (&AuthFileRab, 0, 0);
if (VMSok (status))
{
/* put or update completed successfully */
if (!LeaveFileOpen) sys$close (&AuthFileFab, 0, 0);
return (SS$_NORMAL);
}
/* RMS error */
sys$close (&AuthFileFab, 0, 0);
return (status);
}
/* sanity check error, should never get here */
return (SS$_BUGCHECK);
}
/****************************************************************************/