[0001]
[0002]
[0003]
[0004]
[0005]
[0006]
[0007]
[0008]
[0009]
[0010]
[0011]
[0012]
[0013]
[0014]
[0015]
[0016]
[0017]
[0018]
[0019]
[0020]
[0021]
[0022]
[0023]
[0024]
[0025]
[0026]
[0027]
[0028]
[0029]
[0030]
[0031]
[0032]
[0033]
[0034]
[0035]
[0036]
[0037]
[0038]
[0039]
[0040]
[0041]
[0042]
[0043]
[0044]
[0045]
[0046]
[0047]
[0048]
[0049]
[0050]
[0051]
[0052]
[0053]
[0054]
[0055]
[0056]
[0057]
[0058]
[0059]
[0060]
[0061]
[0062]
[0063]
[0064]
[0065]
[0066]
[0067]
[0068]
[0069]
[0070]
[0071]
[0072]
[0073]
[0074]
[0075]
[0076]
[0077]
[0078]
[0079]
[0080]
[0081]
[0082]
[0083]
[0084]
[0085]
[0086]
[0087]
[0088]
[0089]
[0090]
[0091]
[0092]
[0093]
[0094]
[0095]
[0096]
[0097]
[0098]
[0099]
[0100]
[0101]
[0102]
[0103]
[0104]
[0105]
[0106]
[0107]
[0108]
[0109]
[0110]
[0111]
[0112]
[0113]
[0114]
[0115]
[0116]
[0117]
[0118]
[0119]
[0120]
[0121]
[0122]
[0123]
[0124]
[0125]
[0126]
[0127]
[0128]
[0129]
[0130]
[0131]
[0132]
[0133]
[0134]
[0135]
[0136]
[0137]
[0138]
[0139]
[0140]
[0141]
[0142]
[0143]
[0144]
[0145]
[0146]
[0147]
[0148]
[0149]
[0150]
[0151]
[0152]
[0153]
[0154]
[0155]
[0156]
[0157]
[0158]
[0159]
[0160]
[0161]
[0162]
[0163]
[0164]
[0165]
[0166]
[0167]
[0168]
[0169]
[0170]
[0171]
[0172]
[0173]
[0174]
[0175]
[0176]
[0177]
[0178]
[0179]
[0180]
[0181]
[0182]
[0183]
[0184]
[0185]
[0186]
[0187]
[0188]
[0189]
[0190]
[0191]
[0192]
[0193]
[0194]
[0195]
[0196]
[0197]
[0198]
[0199]
[0200]
[0201]
[0202]
[0203]
[0204]
[0205]
[0206]
[0207]
[0208]
[0209]
[0210]
[0211]
[0212]
[0213]
[0214]
[0215]
[0216]
[0217]
[0218]
[0219]
[0220]
[0221]
[0222]
[0223]
[0224]
[0225]
[0226]
[0227]
[0228]
[0229]
[0230]
[0231]
[0232]
[0233]
[0234]
[0235]
[0236]
[0237]
[0238]
[0239]
[0240]
[0241]
[0242]
[0243]
[0244]
[0245]
[0246]
[0247]
[0248]
[0249]
[0250]
[0251]
[0252]
[0253]
[0254]
[0255]
[0256]
[0257]
[0258]
[0259]
[0260]
[0261]
[0262]
[0263]
[0264]
[0265]
[0266]
[0267]
[0268]
[0269]
[0270]
[0271]
[0272]
[0273]
[0274]
[0275]
[0276]
[0277]
[0278]
[0279]
[0280]
[0281]
[0282]
[0283]
[0284]
[0285]
[0286]
[0287]
[0288]
[0289]
[0290]
[0291]
[0292]
[0293]
[0294]
[0295]
[0296]
[0297]
[0298]
[0299]
[0300]
[0301]
[0302]
[0303]
[0304]
[0305]
[0306]
[0307]
[0308]
[0309]
[0310]
[0311]
[0312]
[0313]
[0314]
[0315]
[0316]
[0317]
[0318]
[0319]
[0320]
[0321]
[0322]
[0323]
[0324]
[0325]
[0326]
[0327]
[0328]
[0329]
[0330]
[0331]
[0332]
[0333]
[0334]
[0335]
[0336]
[0337]
[0338]
[0339]
[0340]
[0341]
[0342]
[0343]
[0344]
[0345]
[0346]
[0347]
[0348]
[0349]
[0350]
[0351]
[0352]
[0353]
[0354]
[0355]
[0356]
[0357]
[0358]
[0359]
[0360]
[0361]
[0362]
[0363]
[0364]
[0365]
[0366]
[0367]
[0368]
[0369]
[0370]
[0371]
[0372]
[0373]
[0374]
[0375]
[0376]
[0377]
[0378]
[0379]
[0380]
[0381]
[0382]
[0383]
[0384]
[0385]
[0386]
[0387]
[0388]
[0389]
[0390]
[0391]
[0392]
[0393]
[0394]
[0395]
[0396]
[0397]
[0398]
[0399]
[0400]
[0401]
[0402]
[0403]
[0404]
[0405]
[0406]
[0407]
[0408]
[0409]
[0410]
[0411]
[0412]
[0413]
[0414]
[0415]
[0416]
[0417]
[0418]
[0419]
[0420]
[0421]
[0422]
[0423]
[0424]
[0425]
[0426]
[0427]
[0428]
[0429]
[0430]
[0431]
[0432]
[0433]
[0434]
[0435]
[0436]
[0437]
[0438]
[0439]
[0440]
[0441]
[0442]
[0443]
[0444]
[0445]
[0446]
[0447]
[0448]
[0449]
[0450]
[0451]
[0452]
[0453]
[0454]
[0455]
[0456]
[0457]
[0458]
[0459]
[0460]
[0461]
[0462]
[0463]
[0464]
[0465]
[0466]
[0467]
[0468]
[0469]
[0470]
[0471]
[0472]
[0473]
[0474]
[0475]
[0476]
[0477]
[0478]
[0479]
[0480]
[0481]
[0482]
[0483]
[0484]
[0485]
[0486]
[0487]
[0488]
[0489]
[0490]
[0491]
[0492]
[0493]
[0494]
[0495]
[0496]
[0497]
[0498]
[0499]
[0500]
[0501]
[0502]
[0503]
[0504]
[0505]
[0506]
[0507]
[0508]
[0509]
[0510]
[0511]
[0512]
[0513]
[0514]
[0515]
[0516]
[0517]
[0518]
[0519]
[0520]
[0521]
[0522]
[0523]
[0524]
[0525]
[0526]
[0527]
[0528]
[0529]
[0530]
[0531]
[0532]
[0533]
[0534]
[0535]
[0536]
[0537]
[0538]
[0539]
[0540]
[0541]
[0542]
[0543]
[0544]
[0545]
[0546]
[0547]
[0548]
[0549]
[0550]
[0551]
[0552]
[0553]
[0554]
[0555]
[0556]
[0557]
[0558]
[0559]
[0560]
[0561]
[0562]
[0563]
[0564]
[0565]
[0566]
[0567]
[0568]
[0569]
[0570]
[0571]
[0572]
[0573]
[0574]
[0575]
[0576]
[0577]
[0578]
[0579]
[0580]
[0581]
[0582]
[0583]
[0584]
[0585]
[0586]
[0587]
[0588]
[0589]
[0590]
[0591]
[0592]
[0593]
[0594]
[0595]
[0596]
[0597]
[0598]
[0599]
[0600]
[0601]
[0602]
[0603]
[0604]
[0605]
[0606]
[0607]
[0608]
[0609]
[0610]
[0611]
[0612]
[0613]
[0614]
[0615]
[0616]
[0617]
[0618]
[0619]
[0620]
[0621]
[0622]
[0623]
[0624]
[0625]
[0626]
[0627]
[0628]
[0629]
[0630]
[0631]
[0632]
[0633]
[0634]
[0635]
[0636]
[0637]
[0638]
[0639]
[0640]
[0641]
[0642]
[0643]
[0644]
[0645]
[0646]
[0647]
[0648]
[0649]
[0650]
[0651]
[0652]
[0653]
[0654]
[0655]
[0656]
[0657]
[0658]
[0659]
[0660]
[0661]
[0662]
[0663]
[0664]
[0665]
[0666]
[0667]
[0668]
[0669]
[0670]
[0671]
[0672]
[0673]
[0674]
[0675]
[0676]
[0677]
[0678]
[0679]
[0680]
[0681]
[0682]
[0683]
[0684]
[0685]
[0686]
[0687]
[0688]
[0689]
[0690]
[0691]
[0692]
[0693]
[0694]
[0695]
[0696]
[0697]
[0698]
[0699]
[0700]
[0701]
[0702]
[0703]
[0704]
[0705]
[0706]
[0707]
[0708]
[0709]
[0710]
[0711]
[0712]
[0713]
[0714]
[0715]
[0716]
[0717]
[0718]
[0719]
[0720]
[0721]
[0722]
[0723]
[0724]
[0725]
[0726]
[0727]
[0728]
[0729]
[0730]
[0731]
[0732]
[0733]
[0734]
[0735]
[0736]
[0737]
[0738]
[0739]
[0740]
[0741]
[0742]
[0743]
[0744]
[0745]
[0746]
[0747]
[0748]
[0749]
[0750]
[0751]
[0752]
[0753]
[0754]
[0755]
[0756]
[0757]
[0758]
[0759]
[0760]
[0761]
[0762]
[0763]
[0764]
[0765]
[0766]
[0767]
[0768]
[0769]
[0770]
[0771]
[0772]
[0773]
[0774]
[0775]
[0776]
[0777]
[0778]
[0779]
[0780]
[0781]
[0782]
[0783]
[0784]
[0785]
[0786]
[0787]
[0788]
[0789]
[0790]
[0791]
[0792]
[0793]
[0794]
[0795]
[0796]
[0797]
[0798]
[0799]
[0800]
[0801]
[0802]
[0803]
[0804]
[0805]
[0806]
[0807]
[0808]
[0809]
[0810]
[0811]
[0812]
[0813]
[0814]
[0815]
[0816]
[0817]
[0818]
[0819]
[0820]
[0821]
[0822]
[0823]
[0824]
[0825]
[0826]
[0827]
[0828]
[0829]
[0830]
[0831]
[0832]
[0833]
[0834]
[0835]
[0836]
[0837]
[0838]
[0839]
[0840]
[0841]
[0842]
[0843]
[0844]
[0845]
[0846]
[0847]
[0848]
[0849]
[0850]
[0851]
[0852]
[0853]
[0854]
[0855]
[0856]
[0857]
[0858]
[0859]
[0860]
[0861]
[0862]
[0863]
[0864]
[0865]
[0866]
[0867]
[0868]
[0869]
[0870]
[0871]
[0872]
[0873]
[0874]
[0875]
[0876]
[0877]
[0878]
[0879]
[0880]
[0881]
[0882]
[0883]
[0884]
[0885]
[0886]
[0887]
[0888]
[0889]
[0890]
[0891]
[0892]
[0893]
[0894]
[0895]
[0896]
[0897]
[0898]
[0899]
[0900]
[0901]
[0902]
[0903]
[0904]
[0905]
[0906]
[0907]
[0908]
[0909]
[0910]
[0911]
[0912]
[0913]
[0914]
[0915]
[0916]
[0917]
[0918]
[0919]
[0920]
[0921]
[0922]
[0923]
[0924]
[0925]
[0926]
[0927]
[0928]
[0929]
[0930]
[0931]
[0932]
[0933]
[0934]
[0935]
[0936]
[0937]
[0938]
[0939]
[0940]
[0941]
[0942]
[0943]
[0944]
[0945]
[0946]
[0947]
[0948]
[0949]
[0950]
[0951]
[0952]
[0953]
[0954]
[0955]
[0956]
[0957]
[0958]
[0959]
[0960]
[0961]
[0962]
[0963]
[0964]
[0965]
[0966]
[0967]
[0968]
[0969]
[0970]
[0971]
[0972]
[0973]
[0974]
[0975]
[0976]
[0977]
[0978]
[0979]
[0980]
[0981]
[0982]
[0983]
[0984]
[0985]
[0986]
[0987]
[0988]
[0989]
[0990]
[0991]
[0992]
[0993]
[0994]
[0995]
[0996]
[0997]
[0998]
[0999]
[1000]
[1001]
[1002]
[1003]
[1004]
[1005]
[1006]
[1007]
[1008]
[1009]
[1010]
[1011]
[1012]
[1013]
[1014]
[1015]
[1016]
[1017]
[1018]
[1019]
[1020]
[1021]
[1022]
[1023]
[1024]
[1025]
[1026]
[1027]
[1028]
[1029]
[1030]
[1031]
[1032]
[1033]
[1034]
[1035]
[1036]
[1037]
[1038]
[1039]
[1040]
[1041]
[1042]
[1043]
[1044]
[1045]
[1046]
[1047]
[1048]
[1049]
[1050]
[1051]
[1052]
[1053]
[1054]
[1055]
[1056]
[1057]
[1058]
[1059]
[1060]
[1061]
[1062]
[1063]
[1064]
[1065]
[1066]
[1067]
[1068]
[1069]
[1070]
[1071]
[1072]
[1073]
[1074]
[1075]
[1076]
[1077]
[1078]
[1079]
[1080]
[1081]
[1082]
[1083]
[1084]
[1085]
[1086]
[1087]
[1088]
[1089]
[1090]
[1091]
[1092]
[1093]
[1094]
[1095]
[1096]
[1097]
[1098]
[1099]
[1100]
[1101]
[1102]
[1103]
[1104]
[1105]
[1106]
[1107]
[1108]
[1109]
[1110]
[1111]
[1112]
[1113]
[1114]
[1115]
[1116]
[1117]
[1118]
[1119]
[1120]
[1121]
[1122]
[1123]
[1124]
[1125]
[1126]
[1127]
[1128]
[1129]
[1130]
[1131]
[1132]
[1133]
[1134]
[1135]
[1136]
[1137]
[1138]
[1139]
[1140]
[1141]
[1142]
[1143]
[1144]
[1145]
[1146]
[1147]
[1148]
[1149]
[1150]
[1151]
[1152]
[1153]
[1154]
[1155]
[1156]
[1157]
[1158]
[1159]
[1160]
[1161]
[1162]
[1163]
[1164]
[1165]
[1166]
[1167]
[1168]
[1169]
[1170]
[1171]
[1172]
[1173]
[1174]
[1175]
[1176]
[1177]
[1178]
[1179]
[1180]
[1181]
[1182]
[1183]
[1184]
[1185]
[1186]
[1187]
[1188]
[1189]
[1190]
[1191]
[1192]
[1193]
[1194]
[1195]
[1196]
[1197]
[1198]
[1199]
[1200]
[1201]
[1202]
[1203]
[1204]
[1205]
[1206]
[1207]
[1208]
[1209]
[1210]
[1211]
[1212]
[1213]
[1214]
[1215]
[1216]
[1217]
[1218]
[1219]
[1220]
[1221]
[1222]
[1223]
[1224]
[1225]
[1226]
[1227]
[1228]
[1229]
[1230]
[1231]
[1232]
[1233]
[1234]
[1235]
[1236]
[1237]
[1238]
[1239]
[1240]
[1241]
[1242]
[1243]
[1244]
[1245]
[1246]
[1247]
[1248]
[1249]
[1250]
[1251]
[1252]
[1253]
[1254]
[1255]
[1256]
[1257]
[1258]
[1259]
[1260]
[1261]
[1262]
[1263]
[1264]
[1265]
[1266]
[1267]
[1268]
[1269]
[1270]
[1271]
[1272]
[1273]
[1274]
[1275]
[1276]
[1277]
[1278]
[1279]
[1280]
[1281]
[1282]
[1283]
[1284]
[1285]
[1286]
[1287]
[1288]
[1289]
[1290]
[1291]
[1292]
[1293]
[1294]
[1295]
[1296]
[1297]
[1298]
[1299]
[1300]
[1301]
[1302]
[1303]
[1304]
[1305]
[1306]
[1307]
[1308]
[1309]
[1310]
[1311]
[1312]
[1313]
[1314]
[1315]
[1316]
[1317]
[1318]
[1319]
[1320]
[1321]
[1322]
[1323]
[1324]
[1325]
[1326]
[1327]
[1328]
[1329]
[1330]
[1331]
[1332]
[1333]
[1334]
[1335]
[1336]
[1337]
[1338]
[1339]
[1340]
[1341]
[1342]
[1343]
[1344]
[1345]
[1346]
[1347]
[1348]
[1349]
[1350]
[1351]
[1352]
[1353]
[1354]
[1355]
[1356]
[1357]
[1358]
[1359]
[1360]
[1361]
[1362]
[1363]
[1364]
[1365]
[1366]
[1367]
[1368]
[1369]
[1370]
[1371]
[1372]
[1373]
[1374]
[1375]
[1376]
[1377]
[1378]
[1379]
[1380]
[1381]
[1382]
[1383]
[1384]
[1385]
[1386]
[1387]
[1388]
[1389]
[1390]
[1391]
[1392]
[1393]
[1394]
[1395]
[1396]
[1397]
[1398]
[1399]
[1400]
[1401]
[1402]
[1403]
[1404]
[1405]
[1406]
[1407]
[1408]
[1409]
[1410]
[1411]
[1412]
[1413]
[1414]
[1415]
[1416]
[1417]
[1418]
[1419]
[1420]
[1421]
[1422]
[1423]
[1424]
[1425]
[1426]
[1427]
[1428]
[1429]
[1430]
[1431]
[1432]
[1433]
[1434]
[1435]
[1436]
[1437]
[1438]
[1439]
[1440]
[1441]
[1442]
[1443]
[1444]
[1445]
[1446]
[1447]
[1448]
[1449]
[1450]
[1451]
[1452]
[1453]
[1454]
[1455]
[1456]
[1457]
[1458]
[1459]
[1460]
[1461]
[1462]
[1463]
[1464]
[1465]
[1466]
[1467]
[1468]
[1469]
[1470]
[1471]
[1472]
[1473]
[1474]
[1475]
[1476]
[1477]
[1478]
[1479]
[1480]
[1481]
[1482]
[1483]
[1484]
[1485]
[1486]
[1487]
[1488]
[1489]
[1490]
[1491]
[1492]
[1493]
[1494]
[1495]
[1496]
[1497]
[1498]
[1499]
[1500]
[1501]
[1502]
[1503]
[1504]
[1505]
[1506]
[1507]
[1508]
[1509]
[1510]
[1511]
[1512]
[1513]
[1514]
[1515]
[1516]
[1517]
[1518]
[1519]
[1520]
[1521]
[1522]
[1523]
[1524]
[1525]
[1526]
[1527]
[1528]
[1529]
[1530]
[1531]
[1532]
[1533]
[1534]
[1535]
[1536]
[1537]
[1538]
[1539]
[1540]
[1541]
[1542]
[1543]
[1544]
[1545]
[1546]
[1547]
[1548]
[1549]
[1550]
[1551]
[1552]
[1553]
[1554]
[1555]
[1556]
[1557]
[1558]
[1559]
[1560]
[1561]
[1562]
[1563]
[1564]
[1565]
[1566]
[1567]
[1568]
[1569]
[1570]
[1571]
[1572]
[1573]
[1574]
[1575]
[1576]
[1577]
[1578]
[1579]
[1580]
[1581]
[1582]
[1583]
[1584]
[1585]
[1586]
[1587]
[1588]
[1589]
[1590]
[1591]
[1592]
[1593]
[1594]
[1595]
[1596]
[1597]
[1598]
[1599]
[1600]
[1601]
[1602]
[1603]
[1604]
[1605]
[1606]
[1607]
[1608]
[1609]
[1610]
[1611]
[1612]
[1613]
[1614]
[1615]
[1616]
[1617]
[1618]
[1619]
[1620]
[1621]
[1622]
[1623]
[1624]
[1625]
[1626]
[1627]
[1628]
[1629]
[1630]
[1631]
[1632]
[1633]
[1634]
[1635]
[1636]
[1637]
[1638]
[1639]
[1640]
[1641]
[1642]
[1643]
[1644]
[1645]
[1646]
[1647]
[1648]
[1649]
[1650]
[1651]
[1652]
[1653]
[1654]
[1655]
[1656]
[1657]
[1658]
[1659]
[1660]
[1661]
[1662]
[1663]
[1664]
[1665]
[1666]
[1667]
[1668]
[1669]
[1670]
[1671]
[1672]
[1673]
[1674]
[1675]
[1676]
[1677]
[1678]
[1679]
[1680]
[1681]
[1682]
[1683]
[1684]
[1685]
[1686]
[1687]
[1688]
[1689]
[1690]
[1691]
[1692]
[1693]
[1694]
[1695]
[1696]
[1697]
[1698]
[1699]
[1700]
[1701]
[1702]
[1703]
[1704]
[1705]
[1706]
[1707]
[1708]
[1709]
[1710]
[1711]
[1712]
[1713]
[1714]
[1715]
[1716]
[1717]
[1718]
[1719]
[1720]
[1721]
[1722]
[1723]
[1724]
[1725]
[1726]
[1727]
[1728]
[1729]
[1730]
[1731]
[1732]
[1733]
[1734]
[1735]
[1736]
[1737]
[1738]
[1739]
[1740]
[1741]
[1742]
[1743]
[1744]
[1745]
[1746]
[1747]
[1748]
[1749]
[1750]
[1751]
[1752]
[1753]
[1754]
[1755]
[1756]
[1757]
[1758]
[1759]
[1760]
[1761]
[1762]
[1763]
[1764]
[1765]
[1766]
[1767]
[1768]
[1769]
[1770]
[1771]
[1772]
[1773]
[1774]
[1775]
[1776]
[1777]
[1778]
[1779]
[1780]
[1781]
[1782]
[1783]
[1784]
[1785]
[1786]
[1787]
[1788]
[1789]
[1790]
[1791]
[1792]
[1793]
[1794]
[1795]
[1796]
[1797]
[1798]
[1799]
[1800]
[1801]
[1802]
[1803]
[1804]
[1805]
[1806]
[1807]
[1808]
[1809]
[1810]
[1811]
[1812]
[1813]
[1814]
[1815]
[1816]
[1817]
[1818]
[1819]
[1820]
[1821]
[1822]
[1823]
[1824]
[1825]
[1826]
[1827]
[1828]
[1829]
[1830]
[1831]
[1832]
[1833]
[1834]
[1835]
[1836]
[1837]
[1838]
[1839]
[1840]
[1841]
[1842]
[1843]
[1844]
[1845]
[1846]
[1847]
[1848]
[1849]
[1850]
[1851]
[1852]
[1853]
[1854]
[1855]
[1856]
[1857]
[1858]
[1859]
[1860]
[1861]
[1862]
[1863]
[1864]
[1865]
[1866]
[1867]
[1868]
[1869]
[1870]
[1871]
[1872]
[1873]
[1874]
[1875]
[1876]
[1877]
[1878]
[1879]
[1880]
[1881]
[1882]
[1883]
[1884]
[1885]
[1886]
[1887]
[1888]
[1889]
[1890]
[1891]
[1892]
[1893]
[1894]
[1895]
[1896]
[1897]
[1898]
[1899]
[1900]
[1901]
[1902]
[1903]
[1904]
[1905]
[1906]
[1907]
[1908]
[1909]
[1910]
[1911]
[1912]
[1913]
[1914]
[1915]
[1916]
[1917]
[1918]
[1919]
[1920]
[1921]
[1922]
[1923]
[1924]
[1925]
[1926]
[1927]
[1928]
[1929]
[1930]
[1931]
[1932]
[1933]
[1934]
[1935]
[1936]
[1937]
[1938]
[1939]
[1940]
[1941]
[1942]
[1943]
[1944]
[1945]
[1946]
[1947]
[1948]
[1949]
[1950]
[1951]
[1952]
[1953]
[1954]
[1955]
[1956]
[1957]
[1958]
[1959]
[1960]
[1961]
[1962]
[1963]
[1964]
[1965]
[1966]
[1967]
[1968]
[1969]
[1970]
[1971]
[1972]
[1973]
[1974]
[1975]
[1976]
[1977]
[1978]
[1979]
[1980]
[1981]
[1982]
[1983]
[1984]
[1985]
[1986]
[1987]
[1988]
[1989]
[1990]
[1991]
[1992]
[1993]
[1994]
[1995]
[1996]
[1997]
[1998]
[1999]
[2000]
[2001]
[2002]
[2003]
[2004]
[2005]
[2006]
[2007]
[2008]
[2009]
[2010]
[2011]
[2012]
[2013]
[2014]
[2015]
[2016]
[2017]
[2018]
[2019]
[2020]
[2021]
[2022]
[2023]
[2024]
[2025]
[2026]
[2027]
[2028]
[2029]
[2030]
[2031]
[2032]
[2033]
[2034]
[2035]
[2036]
[2037]
[2038]
[2039]
[2040]
[2041]
[2042]
[2043]
[2044]
[2045]
[2046]
[2047]
[2048]
[2049]
[2050]
[2051]
[2052]
[2053]
[2054]
[2055]
[2056]
[2057]
[2058]
[2059]
[2060]
[2061]
[2062]
[2063]
[2064]
[2065]
[2066]
[2067]
[2068]
[2069]
[2070]
[2071]
[2072]
[2073]
[2074]
[2075]
[2076]
[2077]
[2078]
[2079]
[2080]
[2081]
[2082]
[2083]
[2084]
[2085]
[2086]
[2087]
[2088]
[2089]
[2090]
[2091]
[2092]
[2093]
[2094]
[2095]
[2096]
[2097]
[2098]
[2099]
[2100]
[2101]
[2102]
[2103]
[2104]
[2105]
[2106]
[2107]
[2108]
[2109]
[2110]
[2111]
[2112]
[2113]
[2114]
[2115]
[2116]
[2117]
[2118]
[2119]
[2120]
[2121]
[2122]
[2123]
[2124]
[2125]
[2126]
[2127]
[2128]
[2129]
[2130]
[2131]
[2132]
[2133]
[2134]
[2135]
[2136]
[2137]
[2138]
[2139]
[2140]
[2141]
[2142]
[2143]
[2144]
[2145]
[2146]
[2147]
[2148]
[2149]
[2150]
[2151]
[2152]
[2153]
[2154]
[2155]
[2156]
[2157]
[2158]
[2159]
[2160]
[2161]
[2162]
[2163]
[2164]
[2165]
[2166]
[2167]
[2168]
[2169]
[2170]
[2171]
[2172]
[2173]
[2174]
[2175]
[2176]
[2177]
[2178]
[2179]
[2180]
[2181]
[2182]
[2183]
[2184]
[2185]
[2186]
[2187]
[2188]
[2189]
[2190]
[2191]
[2192]
[2193]
[2194]
[2195]
[2196]
[2197]
[2198]
[2199]
[2200]
[2201]
[2202]
[2203]
[2204]
[2205]
[2206]
[2207]
[2208]
[2209]
[2210]
[2211]
[2212]
[2213]
[2214]
[2215]
[2216]
[2217]
[2218]
[2219]
[2220]
[2221]
[2222]
[2223]
[2224]
[2225]
[2226]
[2227]
[2228]
[2229]
[2230]
[2231]
[2232]
[2233]
[2234]
[2235]
[2236]
[2237]
[2238]
[2239]
[2240]
[2241]
[2242]
[2243]
[2244]
[2245]
[2246]
[2247]
[2248]
[2249]
[2250]
[2251]
[2252]
[2253]
[2254]
[2255]
[2256]
[2257]
[2258]
[2259]
[2260]
[2261]
[2262]
[2263]
[2264]
[2265]
[2266]
[2267]
[2268]
[2269]
[2270]
[2271]
[2272]
[2273]
[2274]
[2275]
[2276]
[2277]
[2278]
[2279]
[2280]
[2281]
[2282]
[2283]
[2284]
[2285]
[2286]
[2287]
[2288]
[2289]
[2290]
[2291]
[2292]
[2293]
[2294]
[2295]
[2296]
[2297]
[2298]
[2299]
[2300]
[2301]
[2302]
[2303]
[2304]
[2305]
[2306]
[2307]
[2308]
[2309]
[2310]
[2311]
[2312]
[2313]
[2314]
[2315]
[2316]
[2317]
[2318]
[2319]
[2320]
[2321]
[2322]
[2323]
[2324]
[2325]
[2326]
[2327]
[2328]
[2329]
[2330]
[2331]
[2332]
[2333]
[2334]
[2335]
[2336]
[2337]
[2338]
[2339]
[2340]
[2341]
[2342]
[2343]
[2344]
[2345]
[2346]
[2347]
[2348]
[2349]
[2350]
[2351]
[2352]
[2353]
[2354]
[2355]
[2356]
[2357]
[2358]
[2359]
[2360]
[2361]
[2362]
[2363]
[2364]
[2365]
[2366]
[2367]
[2368]
[2369]
[2370]
[2371]
[2372]
[2373]
[2374]
[2375]
[2376]
[2377]
[2378]
[2379]
[2380]
[2381]
[2382]
[2383]
[2384]
[2385]
[2386]
[2387]
[2388]
[2389]
[2390]
[2391]
[2392]
[2393]
[2394]
[2395]
[2396]
[2397]
[2398]
[2399]
[2400]
[2401]
[2402]
[2403]
[2404]
[2405]
[2406]
[2407]
[2408]
[2409]
[2410]
[2411]
[2412]
[2413]
[2414]
[2415]
[2416]
[2417]
[2418]
[2419]
[2420]
[2421]
[2422]
[2423]
[2424]
[2425]
[2426]
[2427]
[2428]
[2429]
[2430]
[2431]
[2432]
[2433]
[2434]
[2435]
[2436]
[2437]
[2438]
[2439]
[2440]
[2441]
[2442]
[2443]
[2444]
[2445]
[2446]
[2447]
[2448]
[2449]
[2450]
[2451]
[2452]
[2453]
[2454]
[2455]
[2456]
[2457]
[2458]
[2459]
[2460]
[2461]
[2462]
[2463]
[2464]
[2465]
[2466]
[2467]
[2468]
[2469]
[2470]
[2471]
[2472]
[2473]
[2474]
[2475]
[2476]
[2477]
[2478]
[2479]
[2480]
[2481]
[2482]
[2483]
[2484]
[2485]
[2486]
[2487]
[2488]
[2489]
[2490]
[2491]
[2492]
[2493]
[2494]
[2495]
[2496]
[2497]
[2498]
[2499]
[2500]
[2501]
[2502]
[2503]
[2504]
[2505]
[2506]
[2507]
[2508]
[2509]
[2510]
[2511]
[2512]
[2513]
[2514]
[2515]
[2516]
[2517]
[2518]
[2519]
[2520]
[2521]
[2522]
[2523]
[2524]
[2525]
[2526]
[2527]
[2528]
[2529]
[2530]
[2531]
[2532]
[2533]
[2534]
[2535]
[2536]
[2537]
[2538]
[2539]
[2540]
[2541]
[2542]
[2543]
[2544]
[2545]
[2546]
[2547]
[2548]
[2549]
[2550]
[2551]
[2552]
[2553]
[2554]
[2555]
[2556]
[2557]
[2558]
[2559]
[2560]
[2561]
[2562]
[2563]
[2564]
[2565]
[2566]
[2567]
[2568]
[2569]
[2570]
[2571]
[2572]
[2573]
[2574]
[2575]
[2576]
[2577]
[2578]
[2579]
[2580]
[2581]
[2582]
[2583]
[2584]
[2585]
[2586]
[2587]
[2588]
[2589]
[2590]
[2591]
[2592]
[2593]
[2594]
[2595]
[2596]
[2597]
[2598]
[2599]
[2600]
[2601]
[2602]
[2603]
[2604]
[2605]
[2606]
[2607]
[2608]
[2609]
[2610]
[2611]
[2612]
[2613]
[2614]
[2615]
[2616]
[2617]
[2618]
[2619]
[2620]
[2621]
[2622]
[2623]
[2624]
[2625]
[2626]
[2627]
[2628]
[2629]
[2630]
[2631]
[2632]
[2633]
[2634]
[2635]
[2636]
[2637]
[2638]
[2639]
[2640]
[2641]
[2642]
[2643]
[2644]
[2645]
[2646]
[2647]
[2648]
[2649]
[2650]
[2651]
[2652]
[2653]
[2654]
[2655]
[2656]
[2657]
[2658]
[2659]
[2660]
[2661]
[2662]
[2663]
[2664]
[2665]
[2666]
[2667]
[2668]
[2669]
[2670]
[2671]
[2672]
[2673]
[2674]
[2675]
[2676]
[2677]
[2678]
[2679]
[2680]
[2681]
[2682]
[2683]
[2684]
[2685]
[2686]
[2687]
[2688]
[2689]
[2690]
[2691]
[2692]
[2693]
[2694]
[2695]
[2696]
[2697]
[2698]
[2699]
[2700]
[2701]
[2702]
[2703]
[2704]
[2705]
[2706]
[2707]
[2708]
[2709]
[2710]
[2711]
[2712]
[2713]
[2714]
[2715]
[2716]
[2717]
[2718]
[2719]
[2720]
[2721]
[2722]
[2723]
[2724]
[2725]
[2726]
[2727]
[2728]
[2729]
[2730]
[2731]
[2732]
[2733]
[2734]
[2735]
[2736]
[2737]
[2738]
[2739]
[2740]
[2741]
[2742]
[2743]
[2744]
[2745]
[2746]
[2747]
[2748]
[2749]
[2750]
[2751]
[2752]
[2753]
[2754]
[2755]
[2756]
[2757]
[2758]
[2759]
[2760]
[2761]
[2762]
[2763]
[2764]
[2765]
[2766]
[2767]
[2768]
[2769]
[2770]
[2771]
[2772]
[2773]
[2774]
[2775]
[2776]
[2777]
[2778]
[2779]
[2780]
[2781]
[2782]
[2783]
[2784]
[2785]
[2786]
[2787]
[2788]
[2789]
[2790]
[2791]
[2792]
[2793]
[2794]
[2795]
[2796]
[2797]
[2798]
[2799]
[2800]
[2801]
[2802]
[2803]
[2804]
[2805]
[2806]
[2807]
[2808]
[2809]
[2810]
[2811]
[2812]
[2813]
[2814]
[2815]
[2816]
[2817]
[2818]
[2819]
[2820]
[2821]
[2822]
[2823]
[2824]
[2825]
[2826]
[2827]
[2828]
[2829]
[2830]
[2831]
[2832]
[2833]
[2834]
[2835]
[2836]
[2837]
[2838]
[2839]
[2840]
[2841]
[2842]
[2843]
[2844]
[2845]
[2846]
[2847]
[2848]
[2849]
[2850]
[2851]
[2852]
[2853]
[2854]
[2855]
[2856]
[2857]
[2858]
[2859]
[2860]
[2861]
[2862]
[2863]
[2864]
[2865]
[2866]
[2867]
[2868]
[2869]
[2870]
[2871]
[2872]
[2873]
[2874]
[2875]
[2876]
[2877]
[2878]
[2879]
[2880]
[2881]
[2882]
[2883]
[2884]
[2885]
[2886]
[2887]
[2888]
[2889]
[2890]
[2891]
[2892]
[2893]
[2894]
[2895]
[2896]
[2897]
[2898]
[2899]
[2900]
[2901]
[2902]
[2903]
[2904]
[2905]
[2906]
[2907]
[2908]
[2909]
[2910]
[2911]
[2912]
[2913]
[2914]
[2915]
[2916]
[2917]
[2918]
[2919]
[2920]
[2921]
[2922]
[2923]
[2924]
[2925]
[2926]
[2927]
[2928]
[2929]
[2930]
[2931]
[2932]
[2933]
[2934]
[2935]
[2936]
[2937]
[2938]
[2939]
[2940]
[2941]
[2942]
[2943]
[2944]
[2945]
[2946]
[2947]
[2948]
[2949]
[2950]
[2951]
[2952]
[2953]
[2954]
[2955]
[2956]
[2957]
[2958]
[2959]
[2960]
[2961]
[2962]
[2963]
[2964]
[2965]
[2966]
[2967]
[2968]
[2969]
[2970]
[2971]
[2972]
[2973]
[2974]
[2975]
[2976]
[2977]
[2978]
[2979]
[2980]
[2981]
[2982]
[2983]
[2984]
[2985]
[2986]
[2987]
[2988]
[2989]
[2990]
[2991]
[2992]
[2993]
[2994]
[2995]
[2996]
[2997]
[2998]
[2999]
[3000]
[3001]
[3002]
[3003]
[3004]
[3005]
[3006]
[3007]
[3008]
[3009]
[3010]
[3011]
[3012]
[3013]
[3014]
[3015]
[3016]
[3017]
[3018]
[3019]
[3020]
[3021]
[3022]
[3023]
[3024]
[3025]
[3026]
[3027]
[3028]
[3029]
[3030]
[3031]
[3032]
[3033]
[3034]
[3035]
[3036]
[3037]
[3038]
[3039]
[3040]
[3041]
[3042]
[3043]
[3044]
[3045]
[3046]
[3047]
[3048]
[3049]
[3050]
[3051]
[3052]
[3053]
[3054]
[3055]
[3056]
[3057]
[3058]
[3059]
[3060]
[3061]
[3062]
[3063]
[3064]
[3065]
[3066]
[3067]
[3068]
[3069]
[3070]
[3071]
[3072]
[3073]
[3074]
[3075]
[3076]
[3077]
[3078]
[3079]
[3080]
[3081]
[3082]
[3083]
[3084]
[3085]
[3086]
[3087]
[3088]
[3089]
[3090]
[3091]
[3092]
[3093]
[3094]
[3095]
[3096]
[3097]
[3098]
[3099]
[3100]
[3101]
[3102]
[3103]
[3104]
[3105]
[3106]
[3107]
[3108]
[3109]
[3110]
[3111]
[3112]
[3113]
[3114]
[3115]
[3116]
[3117]
[3118]
[3119]
[3120]
[3121]
[3122]
[3123]
[3124]
[3125]
[3126]
[3127]
[3128]
[3129]
[3130]
[3131]
[3132]
[3133]
[3134]
[3135]
[3136]
[3137]
[3138]
[3139]
[3140]
[3141]
[3142]
[3143]
[3144]
[3145]
[3146]
[3147]
[3148]
[3149]
[3150]
[3151]
[3152]
[3153]
[3154]
[3155]
[3156]
[3157]
[3158]
[3159]
[3160]
[3161]
[3162]
[3163]
[3164]
[3165]
[3166]
[3167]
[3168]
[3169]
[3170]
[3171]
[3172]
[3173]
[3174]
[3175]
[3176]
[3177]
[3178]
[3179]
[3180]
[3181]
[3182]
[3183]
[3184]
[3185]
[3186]
[3187]
[3188]
[3189]
[3190]
[3191]
[3192]
[3193]
[3194]
[3195]
[3196]
[3197]
[3198]
[3199]
[3200]
[3201]
[3202]
[3203]
[3204]
[3205]
[3206]
[3207]
[3208]
[3209]
[3210]
[3211]
[3212]
[3213]
[3214]
[3215]
[3216]
[3217]
[3218]
[3219]
[3220]
[3221]
[3222]
[3223]
[3224]
[3225]
[3226]
[3227]
[3228]
[3229]
[3230]
[3231]
[3232]
[3233]
[3234]
[3235]
[3236]
[3237]
[3238]
[3239]
[3240]
[3241]
[3242]
[3243]
[3244]
[3245]
[3246]
[3247]
[3248]
[3249]
[3250]
[3251]
[3252]
[3253]
[3254]
[3255]
[3256]
[3257]
[3258]
[3259]
[3260]
[3261]
[3262]
[3263]
[3264]
[3265]
[3266]
[3267]
[3268]
[3269]
[3270]
[3271]
[3272]
[3273]
[3274]
[3275]
[3276]
[3277]
[3278]
[3279]
[3280]
[3281]
[3282]
[3283]
[3284]
[3285]
[3286]
[3287]
[3288]
[3289]
[3290]
[3291]
[3292]
[3293]
[3294]
[3295]
[3296]
[3297]
[3298]
[3299]
[3300]
[3301]
[3302]
[3303]
[3304]
[3305]
[3306]
[3307]
[3308]
[3309]
[3310]
[3311]
[3312]
[3313]
[3314]
[3315]
[3316]
[3317]
[3318]
[3319]
[3320]
[3321]
[3322]
[3323]
[3324]
[3325]
[3326]
[3327]
[3328]
[3329]
[3330]
[3331]
[3332]
[3333]
[3334]
[3335]
[3336]
[3337]
[3338]
[3339]
[3340]
[3341]
[3342]
[3343]
[3344]
[3345]
[3346]
[3347]
[3348]
[3349]
[3350]
[3351]
[3352]
[3353]
[3354]
[3355]
[3356]
[3357]
[3358]
[3359]
[3360]
[3361]
[3362]
[3363]
[3364]
[3365]
[3366]
[3367]
[3368]
[3369]
[3370]
[3371]
[3372]
[3373]
[3374]
[3375]
[3376]
[3377]
[3378]
[3379]
[3380]
[3381]
[3382]
[3383]
[3384]
[3385]
[3386]
[3387]
[3388]
[3389]
[3390]
[3391]
[3392]
[3393]
[3394]
[3395]
[3396]
[3397]
[3398]
[3399]
[3400]
[3401]
[3402]
[3403]
[3404]
[3405]
[3406]
[3407]
[3408]
[3409]
[3410]
[3411]
[3412]
[3413]
[3414]
[3415]
[3416]
[3417]
[3418]
[3419]
[3420]
[3421]
[3422]
[3423]
[3424]
[3425]
[3426]
[3427]
[3428]
[3429]
[3430]
[3431]
[3432]
[3433]
[3434]
[3435]
[3436]
[3437]
[3438]
[3439]
[3440]
[3441]
[3442]
[3443]
[3444]
[3445]
[3446]
[3447]
[3448]
[3449]
[3450]
[3451]
[3452]
[3453]
[3454]
[3455]
[3456]
[3457]
[3458]
[3459]
[3460]
[3461]
[3462]
[3463]
[3464]
[3465]
[3466]
[3467]
[3468]
[3469]
[3470]
[3471]
[3472]
[3473]
[3474]
[3475]
[3476]
[3477]
[3478]
[3479]
[3480]
[3481]
[3482]
[3483]
[3484]
[3485]
[3486]
[3487]
[3488]
[3489]
[3490]
[3491]
[3492]
[3493]
[3494]
[3495]
[3496]
[3497]
[3498]
[3499]
[3500]
[3501]
[3502]
[3503]
[3504]
[3505]
[3506]
[3507]
[3508]
[3509]
[3510]
[3511]
[3512]
[3513]
[3514]
[3515]
[3516]
[3517]
[3518]
[3519]
[3520]
[3521]
[3522]
[3523]
[3524]
[3525]
[3526]
[3527]
[3528]
[3529]
[3530]
[3531]
[3532]
[3533]
[3534]
[3535]
[3536]
[3537]
[3538]
[3539]
[3540]
[3541]
[3542]
[3543]
[3544]
[3545]
[3546]
[3547]
[3548]
[3549]
[3550]
[3551]
[3552]
[3553]
[3554]
[3555]
[3556]
[3557]
[3558]
[3559]
[3560]
[3561]
[3562]
[3563]
[3564]
[3565]
[3566]
[3567]
[3568]
[3569]
[3570]
[3571]
[3572]
[3573]
[3574]
[3575]
[3576]
[3577]
[3578]
[3579]
[3580]
[3581]
[3582]
[3583]
[3584]
[3585]
[3586]
[3587]
[3588]
[3589]
[3590]
[3591]
[3592]
[3593]
[3594]
[3595]
[3596]
[3597]
[3598]
[3599]
[3600]
[3601]
[3602]
[3603]
[3604]
[3605]
[3606]
[3607]
[3608]
[3609]
[3610]
[3611]
[3612]
[3613]
[3614]
[3615]
[3616]
[3617]
[3618]
[3619]
[3620]
[3621]
[3622]
[3623]
[3624]
[3625]
[3626]
[3627]
[3628]
[3629]
[3630]
[3631]
[3632]
[3633]
[3634]
[3635]
[3636]
[3637]
[3638]
[3639]
[3640]
[3641]
[3642]
[3643]
[3644]
[3645]
[3646]
[3647]
[3648]
[3649]
[3650]
[3651]
[3652]
[3653]
[3654]
[3655]
[3656]
[3657]
[3658]
[3659]
[3660]
[3661]
[3662]
[3663]
[3664]
[3665]
[3666]
[3667]
[3668]
[3669]
[3670]
[3671]
[3672]
[3673]
[3674]
[3675]
[3676]
[3677]
[3678]
[3679]
[3680]
[3681]
[3682]
[3683]
[3684]
[3685]
[3686]
[3687]
[3688]
[3689]
[3690]
[3691]
[3692]
[3693]
[3694]
[3695]
[3696]
[3697]
[3698]
[3699]
[3700]
[3701]
[3702]
[3703]
[3704]
[3705]
[3706]
[3707]
[3708]
[3709]
[3710]
[3711]
[3712]
[3713]
[3714]
[3715]
[3716]
[3717]
[3718]
[3719]
[3720]
[3721]
[3722]
[3723]
[3724]
[3725]
[3726]
[3727]
[3728]
[3729]
[3730]
[3731]
[3732]
[3733]
[3734]
[3735]
[3736]
[3737]
[3738]
[3739]
[3740]
[3741]
[3742]
[3743]
[3744]
[3745]
[3746]
[3747]
[3748]
[3749]
[3750]
[3751]
[3752]
[3753]
[3754]
[3755]
[3756]
[3757]
[3758]
[3759]
[3760]
[3761]
[3762]
[3763]
[3764]
[3765]
[3766]
[3767]
[3768]
[3769]
[3770]
[3771]
[3772]
[3773]
[3774]
[3775]
/*****************************************************************************
/*
HTAdmin.c
Administer the user authentication (HTA) and User List (HTL) Databases.
(This is primarly for HTA admin, but contains some lesser HTL support).
Change an authenticated username's SYSUAF password.
VERSION HISTORY
---------------
25-MAY-2021 MGD bugfix; revert to ulong[2]s!
28-APR-2018 MGD refactor Admin..() AST delivery
28-AUG-2012 MGD bugfix; HTAdminModifyUser() use database name for digest
23-AUG-2009 MGD WasdCss[] and some refinements
24-NOV-2007 MGD force ACME on VMS V7.3 and later
30-MAY-2007 MGD allow for CONNECT method (basically as a 'write' flag)
31-JUL-2005 MGD refine data provided with HTA modifications
11-JUN-2005 MGD HTAdminChangePasswordForm() allow site local instructions
23-MAR-2004 MGD unbundle SYSUAF password change from HTAdminChangePassword()
into AuthVmsChangePassword() and incorporate ACME password
change using AuthAcmeChangePassword().
26-AUG-2003 MGD service directory located authorization databases
01-MAR-2003 MGD set html= change authentication header and footer
14-FEB-2003 MGD check for form URL encoding (only that is acceptable)
05-FEB-2003 MGD HTAdminPasswordChange() check for VMS group write,
bugfix; HTAdminPasswordChange() cache reset realm
26-JAN-2003 MGD enable SYSPRV in HTAdminDatabaseSearch() and in
HTAdminDatabaseCreate()
27-APR-2002 MGD use sys$setprv()
02-FEB-2002 MGD rework POSTed query due to request body processing changes
04-AUG-2001 MGD support module WATCHing
24-JUN-2001 MGD bugfix; HtAdminBegin() authorization required rundown
15-FEB-2001 MGD bugfix; HTAdminPasswordChange() call to FaoToOpcom()
22-DEC-2000 MGD support HTL admin,
bugfix; cache purge keyword incorrect on menu
12-DEC-2000 MGD username size now HTA-specific, different to '->RemoteUser'
(needed to support 'effective usernames' for X.509 authent)
28-MAR-2000 MGD bugfix; SYSUAF password change username and password
both need to be upper case!
04-MAR-2000 MGD use FaolToNet(), et.al.
05-FEB-2000 MGD change HTA database type from ".HTA" to ".$HTA"
(due to potential conflict with Microsoft HTA technology)
03-JAN-2000 MGD support ODS-2 and ODS-5 using ODS module
29-SEP-1999 MGD 'AuthPolicySysUafRelaxed' control password change
20-FEB-1999 MGD password change refinements
16-JUL-1998 MGD "https:" only flag,
extend HTAdminPasswordChange() to VMS (SYSUAF)
09-AUG-1997 MGD message database
01-FEB-1997 MGD new for HTTPd version 4
*/
/*****************************************************************************/
#ifdef WASD_VMS_V7
#undef _VMS__V6__SOURCE
#define _VMS__V6__SOURCE
#undef __VMS_VER
#define __VMS_VER 70000000
#undef __CRTL_VER
#define __CRTL_VER 70000000
#endif
/* standard C header files */
#include <ctype.h>
#include <stdarg.h>
#include <stdio.h>
#include <string.h>
/* VMS related header files */
#include <descrip.h>
#include <jpidef.h>
#include <libdef.h>
#include <libdtdef.h>
#include <ssdef.h>
#include <stsdef.h>
#include <uaidef.h>
/* application related header files */
#include "wasd.h"
#define WASD_MODULE "HTADMIN"
/***********************/
/* module requirements */
/***********************/
#define DatabaseListSize 8
#define UserNameListSize 7
/******************/
/* global storage */
/******************/
char ErrorHTAdminAction [] = "Unknown action.",
ErrorHTAdminDatabase [] = "authentication database.",
ErrorHTAdminDatabaseEnter [] = "Enter a database name.",
ErrorHTAdminDatabaseExists [] = "Database already exists.",
ErrorHTAdminDatabaseNBG [] =
"Database name may contain only A..Z, 0..9, _ and - characters.",
ErrorHTAdminDatabaseSelect[] = "Select a database.",
ErrorHTAdminInsufficient [] = "Insufficient parameters.",
ErrorHTAdminList [] = "authentication list.",
ErrorHTAdminListEnter [] = "Enter a list name.",
ErrorHTAdminListSelect[] = "Select from list.",
ErrorHTAdminParameter [] = "Parameter out-of-range.",
ErrorHTAdminPurgeCache [] = "purging authentication cache",
ErrorHTAdminQuery [] = "Unknown query component.",
ErrorHTAdminUserNotFound [] = "Username not found in database.",
ErrorHTAdminUserEnter [] = "Enter a username.",
ErrorHTAdminUserExists [] = "Username already exists.",
ErrorHTAdminUserNBG [] =
"Username may contain only A..Z, 0..9, _ and - characters.",
ErrorHTAdminUserSelect [] = "Select a username.",
ErrorHTAdminVerify [] = "Password verification failure.";
/********************/
/* external storage */
/********************/
extern BOOL AuthConfigACME,
AuthSysUafEnabled,
AuthPolicySysUafRelaxed;
extern int OpcomMessages;
extern int64 HttpdTime64;
extern int ToLowerCase[],
ToUpperCase[];
extern unsigned long SysPrvMask[];
extern char *DayName[];
extern char ErrorSanityCheck[],
ServerHostPort[],
SoftwareID[];
extern ACCOUNTING_STRUCT *AccountingPtr;
extern CONFIG_STRUCT Config;
extern MSG_STRUCT Msgs;
extern WATCH_STRUCT Watch;
/*****************************************************************************/
/*
CAUTION!! This function is called directly by AdminBegin() when all three
call parameters are valid, and then again as an AST by BodyRead() when ONLY THE
FIRST PARAMETER IS VALID. Buffer any additional parameters for this
contingency!
*/
HTAdminBegin (REQUEST_STRUCT *rqptr)
{
static $DESCRIPTOR (LocationDatabaseFaoDsc, "!AZ!AZ?do=!AZ\0");
static $DESCRIPTOR (LocationListFaoDsc, "!AZ!AZ!AZ!AZ\0");
BOOL ForceUpperCase;
int status;
unsigned long FaoVector [32];
unsigned short Length;
char *cptr, *sptr, *qptr, *zptr;
char Access [32],
DoThis [256],
AsDatabaseName [AUTH_MAX_REALM_GROUP_LENGTH+1],
AsUserName [AUTH_MAX_HTA_USERNAME_LENGTH+1],
Contact [AUTH_MAX_CONTACT_LENGTH+1],
DatabaseName [AUTH_MAX_REALM_GROUP_LENGTH+1],
Email [AUTH_MAX_EMAIL_LENGTH+1],
Enabled [32],
FieldName [32],
FieldValue [256],
FullName [AUTH_MAX_FULLNAME_LENGTH+1],
HttpsOnly [32],
Location [512],
PasswordCurrent [AUTH_MAX_PASSWORD_LENGTH+1],
PasswordGenerate [16],
PasswordNew [AUTH_MAX_PASSWORD_LENGTH+1],
PasswordVerify [AUTH_MAX_PASSWORD_LENGTH+1],
UserName [AUTH_MAX_HTA_USERNAME_LENGTH+1];
HTADMIN_TASK *tkptr;
$DESCRIPTOR (LocationDsc, Location);
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminBegin()");
if (!rqptr->RemoteUser[0])
{
rqptr->rqResponse.HttpStatus = 403;
ErrorGeneral (rqptr, MsgFor(rqptr,MSG_AUTH_REQUIRED), FI_LI);
AdminEnd (rqptr);
return;
}
if (!rqptr->AdminTaskPtr)
rqptr->AdminTaskPtr = VmGetHeap (rqptr, sizeof(ADMIN_TASK));
if (!(tkptr = rqptr->HTAdminTaskPtr))
{
/* set up the task structure (only ever one per request!) */
rqptr->HTAdminTaskPtr = tkptr = (HTADMIN_TASK*)
VmGetHeap (rqptr, sizeof(HTADMIN_TASK));
OdsStructInit (&tkptr->SearchOds, false);
if (!rqptr->AccountingDone++)
InstanceGblSecIncrLong (&AccountingPtr->DoServerAdminCount);
}
/* if there is a request body this will called be again as an AST */
if (rqptr->rqHeader.Method == HTTP_METHOD_POST &&
!rqptr->rqBody.DataPtr)
{
/* read all the request body (special case) then AST back */
BodyReadBegin (rqptr, &HTAdminBegin, &BodyProcessReadAll);
return;
}
/* must be after task allocation as function may be called as an AST */
if (ERROR_REPORTED (rqptr))
{
/* previous error, cause threaded processing to unravel */
AdminEnd (rqptr);
return;
}
if (WATCHPNT(rqptr) &&
WATCH_CATEGORY(WATCH_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_RESPONSE,
"HTADMIN !AZ", rqptr->rqHeader.PathInfoPtr);
/**********************/
/* parse query string */
/**********************/
DoThis[0] = Access[0] = AsDatabaseName[0] = DatabaseName[0] =
AsUserName[0] = Contact[0] = Email[0] = Enabled[0] = HttpsOnly[0] =
PasswordCurrent[0] = PasswordGenerate[0] = PasswordNew[0] =
PasswordVerify[0] = UserName[0] = '\0';
if (rqptr->rqHeader.ContentTypePtr &&
!ConfigSameContentType (rqptr->rqHeader.ContentTypePtr,
"application/x-www-form-urlencoded", -1))
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, MsgFor(rqptr,MSG_REQUEST_URL_FORM), FI_LI);
HTAdminEnd (rqptr);
return;
}
if (rqptr->rqHeader.Method == HTTP_METHOD_POST)
qptr = rqptr->rqBody.DataPtr;
else
if (rqptr->rqHeader.QueryStringLength)
qptr = rqptr->rqHeader.QueryStringPtr;
else
qptr = "";
while (*qptr)
{
status = StringParseQuery (&qptr, FieldName, sizeof(FieldName),
FieldValue, sizeof(FieldValue));
if (VMSnok (status))
{
/* error occured */
if (status == SS$_IVCHAR) rqptr->rqResponse.HttpStatus = 400;
rqptr->rqResponse.ErrorTextPtr = "parsing query string";
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
/********************/
/* get field values */
/********************/
ForceUpperCase = false;
sptr = NULL;
if (strsame (FieldName, "acc", -1))
zptr = (sptr = Access) + sizeof(Access);
else
if (strsame (FieldName, "add", -1))
zptr = (sptr = AsDatabaseName) + sizeof(AsDatabaseName);
else
if (ForceUpperCase = strsame (FieldName, "anm", -1))
zptr = (sptr = AsUserName) + sizeof(AsUserName);
else
if (strsame (FieldName, "con", -1))
zptr = (sptr = Contact) + sizeof(Contact);
else
if (strsame (FieldName, "cxr", -1))
{
/* 'cxr' can be generated from an UPD edit window */
strcpy (DoThis, "htledit");
/* just fill any old field value, doesn't matter */
zptr = (sptr = Contact) + sizeof(Contact);
}
else
if (strsame (FieldName, "dat", -1))
zptr = (sptr = DatabaseName) + sizeof(DatabaseName);
else
if (strsame (FieldName, "do", -1))
zptr = (sptr = DoThis) + sizeof(DoThis);
else
if (strsame (FieldName, "eml", -1))
zptr = (sptr = Email) + sizeof(Email);
else
if (strsame (FieldName, "ena", -1))
zptr = (sptr = Enabled) + sizeof(Enabled);
else
if (strsame (FieldName, "fnm", -1))
zptr = (sptr = FullName) + sizeof(FullName);
else
if (strsame (FieldName, "hts", -1))
zptr = (sptr = HttpsOnly) + sizeof(HttpsOnly);
else
if (ForceUpperCase = strsame (FieldName, "pwc", -1))
zptr = (sptr = PasswordCurrent) + sizeof(PasswordCurrent);
else
if (strsame (FieldName, "pwd", -1))
zptr = (sptr = PasswordGenerate) + sizeof(PasswordGenerate);
else
if (strsame (FieldName, "pin", -1))
zptr = (sptr = PasswordGenerate+3) + sizeof(PasswordGenerate)-3;
else
if (ForceUpperCase = strsame (FieldName, "pwn", -1))
zptr = (sptr = PasswordNew) + sizeof(PasswordNew);
else
if (ForceUpperCase = strsame (FieldName, "pwv", -1))
zptr = (sptr = PasswordVerify) + sizeof(PasswordVerify);
else
if (ForceUpperCase = strsame (FieldName, "unm", -1))
zptr = (sptr = UserName) + sizeof(UserName);
if (sptr)
{
cptr = FieldValue;
if (ForceUpperCase)
while (*cptr && sptr < zptr) *sptr++ = TOUP(*cptr++);
else
while (*cptr && sptr < zptr) *sptr++ = *cptr++;
if (sptr >= zptr)
{
ErrorGeneralOverflow (rqptr, FI_LI);
HTAdminEnd (rqptr);
return;
}
*sptr = '\0';
}
else
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminQuery, FI_LI);
HTAdminEnd (rqptr);
return;
}
}
/*****************/
/* special cases */
/*****************/
if (strsame (rqptr->rqHeader.PathInfoPtr, ADMIN_REVISE_HTA,
sizeof(ADMIN_REVISE_HTA)-1))
{
tkptr->HtListAdmin = false;
tkptr->AdminDescriptionPtr = "Administer HTA Database";
}
else
if (strsame (rqptr->rqHeader.PathInfoPtr, ADMIN_VS_REVISE_HTA,
sizeof(ADMIN_VS_REVISE_HTA)-1))
{
tkptr->HtListAdmin = false;
tkptr->AdminDescriptionPtr = "Administer Service HTA Database";
}
else
if (strsame (rqptr->rqHeader.PathInfoPtr, ADMIN_REVISE_HTL,
sizeof(ADMIN_REVISE_HTL)-1))
{
if (!DatabaseName[0])
{
cptr = rqptr->rqHeader.PathInfoPtr + sizeof(ADMIN_REVISE_HTL)-1;
zptr = (sptr = DatabaseName) + sizeof(DatabaseName)-1;
while (*cptr && sptr < zptr) *sptr++ = *cptr++;
*sptr = '\0';
}
tkptr->HtListAdmin = true;
tkptr->AdminDescriptionPtr = "Administer HTList";
}
else
if (strsame (rqptr->rqHeader.PathInfoPtr, ADMIN_VS_REVISE_HTL,
sizeof(ADMIN_VS_REVISE_HTL)-1))
{
if (!DatabaseName[0])
{
cptr = rqptr->rqHeader.PathInfoPtr + sizeof(ADMIN_VS_REVISE_HTL)-1;
zptr = (sptr = DatabaseName) + sizeof(DatabaseName)-1;
while (*cptr && sptr < zptr) *sptr++ = *cptr++;
*sptr = '\0';
}
tkptr->HtListAdmin = true;
tkptr->AdminDescriptionPtr = "Administer Service HTList";
}
else
if (strsame (rqptr->rqHeader.RequestUriPtr, INTERNAL_PASSWORD_CHANGE,
sizeof(INTERNAL_PASSWORD_CHANGE)-1))
{
if (rqptr->rqHeader.Method == HTTP_METHOD_POST)
HTAdminChangePassword (rqptr, PasswordCurrent,
PasswordNew, PasswordVerify);
else
HTAdminChangePasswordForm (rqptr);
return;
}
/****************************/
/* administration functions */
/****************************/
status = SS$_NORMAL;
Location[0] = '\0';
/* NOTE: these are the upper-case versions of the action keywords */
if (!strcmp (DoThis, "HTALISTB") ||
!strcmp (DoThis, "HTALISTF") ||
!strcmp (DoThis, "HTAACCESS") ||
!strcmp (DoThis, "HTADELETE") ||
!strcmp (DoThis, "HTARESET") ||
!strcmp (DoThis, "HTLDELETE"))
{
if (!DatabaseName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminDatabaseSelect, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* force action to lower-case so it's not detected here again! */
for (cptr = DoThis; *cptr; cptr++) *cptr = TOLO(*cptr);
status = sys$fao (&LocationDatabaseFaoDsc, &Length, &LocationDsc,
rqptr->rqHeader.PathInfoPtr, DatabaseName, DoThis);
}
else
if (!strcmp (DoThis, "HTACREATE"))
{
if (!AsDatabaseName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminDatabaseEnter, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* force action to lower-case so it's not detected here again! */
for (cptr = DoThis; *cptr; cptr++) *cptr = TOLO(*cptr);
status = sys$fao (&LocationDatabaseFaoDsc, &Length, &LocationDsc,
rqptr->rqHeader.PathInfoPtr, AsDatabaseName, DoThis);
}
else
if (strsame (DoThis, "HTLCREATE", -1))
{
if (islower(DoThis[0]))
{
/* begin editing the file */
UpdBegin (rqptr, AdminEnd);
return;
}
if (!AsDatabaseName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminListEnter, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* force action to lower-case so it's not detected here again! */
for (cptr = DoThis; *cptr; cptr++) *cptr = TOLO(*cptr);
status = sys$fao (&LocationListFaoDsc, &Length, &LocationDsc,
rqptr->rqHeader.PathInfoPtr, AsDatabaseName,
"?do=", DoThis);
}
else
if (strsame (DoThis, "HTLEDIT", -1))
{
if (islower(DoThis[0]))
{
/* begin editing the file */
UpdBegin (rqptr, AdminEnd);
return;
}
if (!DatabaseName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminListSelect, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* force action to lower-case so it's not detected here again! */
for (cptr = DoThis; *cptr; cptr++) *cptr = TOLO(*cptr);
status = sys$fao (&LocationListFaoDsc, &Length, &LocationDsc,
rqptr->rqHeader.PathInfoPtr, DatabaseName,
"?do=", DoThis);
}
else
if (strsame (DoThis, "HTLLIST", -1))
{
if (!DatabaseName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminListSelect, FI_LI);
HTAdminEnd (rqptr);
return;
}
status = sys$fao (&LocationListFaoDsc, &Length, &LocationDsc,
rqptr->rqHeader.PathInfoPtr, DatabaseName, "", "");
}
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
if (Location[0])
{
/* initial redirection to get file name after path */
ResponseLocation (rqptr, Location, Length);
HTAdminEnd (rqptr);
return;
}
zptr = (sptr = DatabaseName) + sizeof(DatabaseName);
cptr = rqptr->rqHeader.PathInfoPtr + rqptr->rqHeader.PathInfoLength;
while (cptr > rqptr->rqHeader.PathInfoPtr && *cptr != '/') cptr--;
if (*cptr == '/')
{
cptr++;
while (*cptr && *cptr != '/' && sptr < zptr) *sptr++ = TOUP(*cptr++);
if (sptr >= zptr)
{
ErrorGeneralOverflow (rqptr, FI_LI);
HTAdminEnd (rqptr);
return;
}
*sptr = '\0';
}
else
DatabaseName[0] = '\0';
if (DatabaseName[0])
{
for (cptr = DatabaseName; *cptr; cptr++)
{
if (isalnum(*cptr) || *cptr == '_' || *cptr == '-') continue;
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminDatabaseNBG, FI_LI);
HTAdminEnd (rqptr);
return;
}
}
/* NOTE: these are the lower-case versions of the action keywords */
for (cptr = DoThis; *cptr; cptr++) *cptr = TOLO(*cptr);
if (tkptr->HtListAdmin)
{
/******************/
/* HTL list admin */
/******************/
if (rqptr->rqHeader.Method == HTTP_METHOD_POST)
{
/***************/
/* POST method */
/***************/
if (!strcmp (DoThis, "htldelete"))
HTAdminDatabaseDelete (rqptr, DatabaseName);
else
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminAction, FI_LI);
HTAdminEnd (rqptr);
return;
}
}
else
{
/**************/
/* GET method */
/**************/
if (!strcmp (DoThis, "htldelete"))
HTAdminDatabaseDeleteForm (rqptr, DatabaseName);
else
if (!strcmp (DoThis, "purge"))
HTAdminCachePurge (rqptr);
else
if (!DatabaseName[0])
HTAdminDatabaseBegin (rqptr);
else
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminAction, FI_LI);
HTAdminEnd (rqptr);
return;
}
}
}
else
if (DoThis[0])
{
/**********************/
/* HTA database admin */
/**********************/
if (UserName[0] || AsUserName[0])
{
if (!strcmp (DoThis, "add"))
cptr = AsUserName;
else
cptr = UserName;
for ( /* above */ ; *cptr; cptr++)
{
if (isalnum(*cptr) || *cptr == '_' || *cptr == '-') continue;
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminUserNBG, FI_LI);
HTAdminEnd (rqptr);
return;
}
}
if (!strcmp (DoThis, "view") ||
!strcmp (DoThis, "modify") ||
!strcmp (DoThis, "delete"))
{
if (!UserName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminUserSelect, FI_LI);
HTAdminEnd (rqptr);
return;
}
}
else
if (!strcmp (DoThis, "add"))
{
if (!AsUserName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminUserEnter, FI_LI);
HTAdminEnd (rqptr);
return;
}
}
if (rqptr->rqHeader.Method == HTTP_METHOD_POST)
{
/***************/
/* POST method */
/***************/
if (!strcmp (DoThis, "add"))
HTAdminModifyUser (rqptr, true, DatabaseName,
AsUserName, FullName, Contact, Email, Enabled,
Access, HttpsOnly, PasswordNew, PasswordVerify,
PasswordGenerate);
else
if (!strcmp (DoThis, "modify"))
HTAdminModifyUser (rqptr, false, DatabaseName,
UserName, FullName, Contact, Email, Enabled,
Access, HttpsOnly, PasswordNew, PasswordVerify,
PasswordGenerate);
else
if (!strcmp (DoThis, "htacreate"))
HTAdminDatabaseCreate (rqptr, DatabaseName);
else
if (!strcmp (DoThis, "htadelete"))
HTAdminDatabaseDelete (rqptr, DatabaseName);
else
if (!strcmp (DoThis, "htldelete"))
HTAdminDatabaseDelete (rqptr, DatabaseName);
else
if (!strcmp (DoThis, "userdelete"))
HTAdminUserDelete (rqptr, DatabaseName, UserName);
else
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminAction, FI_LI);
HTAdminEnd (rqptr);
return;
}
}
else
{
/**************/
/* GET method */
/**************/
if (!strcmp (DoThis, "view"))
HTAdminUserView (rqptr, DatabaseName, UserName);
else
if (!strcmp (DoThis, "modify"))
HTAdminModifyUserForm (rqptr, false, DatabaseName, UserName);
else
if (!strcmp (DoThis, "add"))
HTAdminModifyUserForm (rqptr, true, DatabaseName, AsUserName);
else
if (!strcmp (DoThis, "delete"))
HTAdminUserDeleteForm (rqptr, DatabaseName, UserName);
else
if (!strcmp (DoThis, "purge"))
HTAdminCachePurge (rqptr);
else
if (!strcmp (DoThis, "htalistb"))
{
tkptr->BriefList = true;
HTAdminListUsersBegin (rqptr, DatabaseName);
}
else
if (!strcmp (DoThis, "htalistf"))
{
tkptr->BriefList = false;
HTAdminListUsersBegin (rqptr, DatabaseName);
}
else
if (!strcmp (DoThis, "htaaccess"))
HTAdminDatabaseUsersBegin (rqptr, DatabaseName);
else
if (!strcmp (DoThis, "htacreate"))
HTAdminDatabaseCreateForm (rqptr, DatabaseName);
else
if (!strcmp (DoThis, "htadelete"))
HTAdminDatabaseDeleteForm (rqptr, DatabaseName);
else
if (!strcmp (DoThis, "htldelete"))
HTAdminDatabaseDeleteForm (rqptr, DatabaseName);
else
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminAction, FI_LI);
HTAdminEnd (rqptr);
return;
}
}
}
else
if (DatabaseName[0])
HTAdminDatabaseUsersBegin (rqptr, DatabaseName);
else
HTAdminDatabaseBegin (rqptr);
}
/*****************************************************************************/
/*
*/
HTAdminEnd (REQUEST_STRUCT *rqptr)
{
int status;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminEnd()");
tkptr = rqptr->HTAdminTaskPtr;
/* ensure parse internal data structures are released */
OdsParseRelease (&tkptr->SearchOds);
if (tkptr->FileOds.Fab.fab$w_ifi) OdsClose (&tkptr->FileOds, NULL, 0);
rqptr->HTAdminTaskPtr = NULL;
AdminEnd (rqptr);
}
/*****************************************************************************/
/*
Form for a user to change their own realm password.
*/
HTAdminChangePasswordForm (REQUEST_STRUCT *rqptr)
{
static char ResponseFao [] =
"!AZ\
<html>\n\
<head>\n\
!AZ\
!AZ\
!&@\
<title>!AZ</title>\n\
</head>\n\
!&@\
!&@\
<div class=\"wasd\">\n\
<h2>!AZ</h2>\n\
!&@\
<p><form method=\"POST\" action=\"!AZ\">\n\
<table class=\"ctgry\">\n\
<tr><th class=\"ctttl\">!AZ.\'!&;AZ\'@!AZ!&@</th></tr>\n\
<tr><td>\n\
!&@\
<table class=\"lftlft\">\n\
<tr><th class=\"targht\">!AZ:</th>\
<td><input type=\"password\" size=\"!UL\" \
maxlength=\"!UL\" name=\"pwc\"></td></tr>\n\
<tr><th class=\"targht\">!AZ:</th>\
<td><input type=\"password\" size=\"!UL\" \
maxlength=\"!UL\" name=\"pwn\"></td></tr>\n\
<tr><th class=\"targht\">!AZ:</th>\
<td><input type=\"password\" size=\"!UL\" \
maxlength=\"!UL\" name=\"pwv\"></td></tr>\n\
<tr><td colspan=\"2\"><input type=\"submit\" value=\" !AZ \">\n\
<input type=reset value=\" !AZ \"></td></tr>\n\
</table>\n\
</table>\n\
</form>\n\
!&@\
</div>\n\
</body>\n\
</html>\n";
int cnt, status;
unsigned long *vecptr;
unsigned long FaoVector [64];
char *cptr, *SitePtr;
char Scratch [1024];
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminChangePasswordForm()");
rqptr->rqResponse.PreExpired = PRE_EXPIRE_ADMIN;
ResponseHeader200 (rqptr, "text/html", NULL);
strzcpy (cptr = Scratch,
MsgFor(rqptr,MSG_HTADMIN_PWD_CHANGE),
sizeof(Scratch));
/* let's see if there are any site local instructions */
for (cnt = 7; cnt && *cptr; cnt--)
{
while (*cptr && *cptr != '|') cptr++;
if (*cptr) cptr++;
}
SitePtr = cptr;
cptr = Scratch;
vecptr = FaoVector;
*vecptr++ = WASD_DOCTYPE;
*vecptr++ = HtmlMetaInfo (rqptr, NULL);
*vecptr++ = AdminWasdCss ();
if (rqptr->rqPathSet.StyleSheetPtr)
{
*vecptr++ = "<link rel=\"stylesheet\" type=\"text/css\" href=\"!AZ\">\n";
*vecptr++ = rqptr->rqPathSet.StyleSheetPtr;
}
else
*vecptr++ = "";
/* "Change Authentication" (title) */
if (*cptr)
*vecptr++ = cptr;
else
*vecptr++ = "Change Authentication";
if (rqptr->rqPathSet.HtmlBodyTagPtr)
{
if (rqptr->rqPathSet.HtmlBodyTagPtr[0] == '<')
*vecptr++ = "!AZ\n";
else
*vecptr++ = "<body!&+AZ>\n";
*vecptr++ = rqptr->rqPathSet.HtmlBodyTagPtr;
}
else
if (rqptr->ServicePtr->BodyTag[0])
{
*vecptr++ = "!AZ\n";
*vecptr++ = rqptr->ServicePtr->BodyTag;
}
else
{
*vecptr++ = "!AZ\n";
*vecptr++ = REPORT_BODY_TAG;
}
if (rqptr->rqPathSet.HtmlHeaderPtr ||
rqptr->rqPathSet.HtmlHeaderTagPtr)
{
if (rqptr->rqPathSet.HtmlHeaderTagPtr &&
rqptr->rqPathSet.HtmlHeaderTagPtr[0] == '<')
{
*vecptr++ = "!AZ\n!&@";
*vecptr++ = rqptr->rqPathSet.HtmlHeaderTagPtr;
}
else
{
*vecptr++ = "<table class=\"rghtlft\"><tr><td!&+AZ>\n!&@";
*vecptr++ = rqptr->rqPathSet.HtmlHeaderTagPtr;
}
*vecptr++ = "!AZ\n<p>";
*vecptr++ = rqptr->rqPathSet.HtmlHeaderPtr;
}
else
*vecptr++ = "";
/* "Change Authentication" (heading) */
if (*cptr)
*vecptr++ = cptr;
else
*vecptr++ = "Change Authentication";
/* scan to "(password is expired)" */
while (*cptr && *cptr != '|') cptr++;
if (*cptr) *cptr++ = '\0';
if (rqptr->rqPathSet.HtmlHeaderPtr ||
rqptr->rqPathSet.HtmlHeaderTagPtr)
*vecptr++ = "</td></tr></table>\n";
else
*vecptr++ = "";
*vecptr++ = rqptr->rqHeader.PathInfoPtr;
*vecptr++ = rqptr->RemoteUser;
*vecptr++ = rqptr->rqAuth.RealmDescrPtr;
/* the user is dealing with the host/port they specified */
*vecptr++ = rqptr->ServicePtr->ServerHostPort;
if (rqptr->rqAuth.SysUafPwdExpired)
{
*vecptr++ = " <i>!AZ</i>";
if (*cptr)
*vecptr++ = cptr;
else
*vecptr++ = "(password is expired)";
}
else
*vecptr++ = "";
if (*SitePtr)
{
*vecptr++ =
"<table class=\"rghtlft\">\n\
<tr><td>!AZ</td></tr>\n\
</table>\n";
*vecptr++ = SitePtr;
}
else
*vecptr++ = "";
/* scan to "Current" */
while (*cptr && *cptr != '|') cptr++;
if (*cptr) *cptr++ = '\0';
/* "Current" */
if (*cptr)
*vecptr++ = cptr;
else
*vecptr++ = "Current";
/* skip to "New" */
while (*cptr && *cptr != '|') cptr++;
if (*cptr) *cptr++ = '\0';
*vecptr++ = AUTH_MAX_PASSWORD_LENGTH;
*vecptr++ = AUTH_MAX_PASSWORD_LENGTH;
/* "New" */
if (*cptr)
*vecptr++ = cptr;
else
*vecptr++ = "New";
/* skip to "Verify" */
while (*cptr && *cptr != '|') cptr++;
if (*cptr) *cptr++ = '\0';
*vecptr++ = AUTH_MAX_PASSWORD_LENGTH;
*vecptr++ = AUTH_MAX_PASSWORD_LENGTH;
/* "Verify" */
if (*cptr)
*vecptr++ = cptr;
else
*vecptr++ = "Verify";
/* skip to "Change" */
while (*cptr && *cptr != '|') cptr++;
if (*cptr) *cptr++ = '\0';
*vecptr++ = AUTH_MAX_PASSWORD_LENGTH;
*vecptr++ = AUTH_MAX_PASSWORD_LENGTH;
/* "Change" */
if (*cptr)
*vecptr++ = cptr;
else
*vecptr++ = "Change";
/* skip to "Reset" */
while (*cptr && *cptr != '|') cptr++;
if (*cptr) *cptr++ = '\0';
/* "Reset" */
if (*cptr)
*vecptr++ = cptr;
else
*vecptr++ = "Reset";
/* skip to site local instructions (if any) */
while (*cptr && *cptr != '|') cptr++;
if (*cptr) *cptr++ = '\0';
if (rqptr->rqPathSet.HtmlFooterPtr ||
rqptr->rqPathSet.HtmlFooterTagPtr)
{
if (rqptr->rqPathSet.HtmlFooterTagPtr &&
rqptr->rqPathSet.HtmlFooterTagPtr[0] == '<')
*vecptr++ = "<p>!AZ\n!&@";
else
*vecptr++ = "<p><table class=\"rghtlft\"><tr><td!&+AZ>\n!&@";
*vecptr++ = rqptr->rqPathSet.HtmlFooterTagPtr;
*vecptr++ = "!AZ\n</td></tr></table>";
*vecptr++ = rqptr->rqPathSet.HtmlFooterPtr;
}
else
*vecptr++ = "";
status = FaolToNet (rqptr, ResponseFao, &FaoVector);
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
Changes a user's password in the on-disk HTA database or the SYSUAF database
(if realm is VMS). User determined by 'rqptr->RemoteUser', database by
'rqptr->rqAuth.RealmPtr'. The authorization cache is then searched for all
entries for the username and that realm and the password reset forcing it to be
revalidated the next time it is accessed. The form this request is generated by
comes from AdminPasswordChangeForm().
If the realm is VMS there _must_ be a group, as well as the realm associated
with change path. This will normally be a site-chosen VMS rights identifier
that allows that particular account to modify it's password in such a manner.
NOTE: The SYSUAF password change facility makes minor integrity checks on the
supplied password (length and characters contained) but does not enforce any
local password policy that may be in place.
The password change facility is in the HTADMIN.C module largely for historical
reasons. Thisfunction contains the code for the $HTA database change but
SYSUAF and ACME password change is farmed out to fucntions in the respective
modules.
*/
HTAdminChangePassword
(
REQUEST_STRUCT *rqptr,
char *PasswordCurrent,
char *PasswordNew,
char *PasswordVerify
)
{
int status;
unsigned long HashedPwd [2];
unsigned long *BinTimePtr;
unsigned char A1DigestLoCase [16],
A1DigestUpCase [16];
AUTH_HTAREC AuthHtRecord;
AUTH_CREC AuthCacheRecord;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminPasswordChange()");
if (!(PasswordCurrent[0] && PasswordNew[0] && PasswordVerify[0]))
{
rqptr->rqResponse.HttpStatus = 403;
ErrorGeneral (rqptr, MsgFor(rqptr,MSG_HTADMIN_PWD_INCOMPLETE), FI_LI);
HTAdminEnd (rqptr);
return;
}
if (!strsame (PasswordNew, PasswordVerify, -1))
{
rqptr->rqResponse.HttpStatus = 403;
ErrorGeneral (rqptr, MsgFor(rqptr,MSG_HTADMIN_PWD_VERIFY), FI_LI);
HTAdminEnd (rqptr);
return;
}
if (strsame (PasswordCurrent, PasswordNew, -1))
{
rqptr->rqResponse.HttpStatus = 403;
ErrorGeneral (rqptr, MsgFor(rqptr,MSG_HTADMIN_PWD_IDENTICAL), FI_LI);
HTAdminEnd (rqptr);
return;
}
if (strlen (PasswordNew) < AUTH_MIN_PASSWORD)
{
/* password's too short */
rqptr->rqResponse.HttpStatus = 403;
ErrorGeneral (rqptr, MsgFor(rqptr,MSG_HTADMIN_PWD_ERROR), FI_LI);
HTAdminEnd (rqptr);
return;
}
/* check the correct current password has been supplied */
if (!strsame (PasswordCurrent, rqptr->RemoteUserPassword, -1))
{
rqptr->rqResponse.HttpStatus = 403;
ErrorGeneral (rqptr, MsgFor(rqptr,MSG_HTADMIN_PWD_INCORRECT), FI_LI);
HTAdminEnd (rqptr);
return;
}
if (rqptr->rqAuth.SourceRealm == AUTH_SOURCE_VMS ||
rqptr->rqAuth.SourceRealm == AUTH_SOURCE_ID ||
rqptr->rqAuth.SourceRealm == AUTH_SOURCE_WASD_ID)
{
/*********************/
/* update the SYSUAF */
/*********************/
if (!AuthSysUafEnabled)
{
rqptr->rqResponse.HttpStatus = 403;
ErrorGeneral (rqptr, MsgFor(rqptr,MSG_GENERAL_DISABLED), FI_LI);
HTAdminChangePasswordEnd (rqptr);
return;
}
if (AuthConfigACME)
AuthAcmeChangePassword (rqptr, PasswordCurrent, PasswordNew);
else
AuthVmsChangePassword (rqptr, PasswordNew);
return;
}
if (rqptr->rqAuth.SourceRealm == AUTH_SOURCE_ACME)
{
/*******************/
/* update via ACME */
/*******************/
if (!AuthConfigACME)
{
rqptr->rqResponse.HttpStatus = 403;
ErrorGeneral (rqptr, MsgFor(rqptr,MSG_GENERAL_DISABLED), FI_LI);
HTAdminChangePasswordEnd (rqptr);
return;
}
AuthAcmeChangePassword (rqptr, PasswordCurrent, PasswordNew);
return;
}
/***************************/
/* update the HTA database */
/***************************/
if (WATCHING (rqptr, WATCH_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_RESPONSE, "CHANGE HTA password");
if (VMSnok (status =
AuthGenerateHashPassword (rqptr->RemoteUser, PasswordNew,
&HashedPwd)))
{
rqptr->rqResponse.ErrorTextPtr = MsgFor(rqptr,MSG_HTADMIN_PWD_ERROR);
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
if (VMSnok (status =
AuthGenerateDigestPassword (rqptr->rqAuth.RealmDescrPtr,
rqptr->RemoteUser,
PasswordNew, &A1DigestLoCase,
&A1DigestUpCase)))
{
rqptr->rqResponse.ErrorTextPtr = MsgFor(rqptr,MSG_HTADMIN_PWD_ERROR);
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* look for the record, leave the database file open if found */
status = AuthHtDatabaseAccess (rqptr, true,
rqptr->rqAuth.RealmPtr,
rqptr->RemoteUser,
&AuthHtRecord, NULL, NULL);
if (status == RMS$_EOF)
{
rqptr->rqResponse.HttpStatus = 404;
rqptr->rqResponse.ErrorTextPtr =
MsgFor(rqptr,MSG_HTADMIN_PWD_NOT_FOUND);
HTAdminEnd (rqptr);
return;
}
if (VMSnok (status))
{
rqptr->rqResponse.ErrorTextPtr = MsgFor(rqptr,MSG_HTADMIN_DATABASE);
rqptr->rqResponse.ErrorOtherTextPtr = rqptr->rqAuth.RealmPtr;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
memcpy (&AuthHtRecord.HashedPwd, &HashedPwd, 8);
memcpy (&AuthHtRecord.A1DigestLoCase, &A1DigestLoCase, 16);
memcpy (&AuthHtRecord.A1DigestUpCase, &A1DigestUpCase, 16);
BinTimePtr = &rqptr->rqTime.BeginTime64;
AuthHtRecord.LastChangeTime64[0] = BinTimePtr[0];
AuthHtRecord.LastChangeTime64[1] = BinTimePtr[1];
AuthHtRecord.ChangeCount++;
/* update the record, close the database file */
status = AuthHtDatabaseAccess (NULL, false, NULL, NULL,
NULL, NULL, &AuthHtRecord);
if (VMSnok (status))
{
rqptr->rqResponse.ErrorTextPtr = MsgFor(rqptr,MSG_HTADMIN_DATABASE);
rqptr->rqResponse.ErrorOtherTextPtr = rqptr->rqAuth.RealmPtr;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
HTAdminChangePasswordEnd (rqptr);
}
/*****************************************************************************/
/*
This can be called from HTAdminChangePassword() and AuthAcmeChangePassword().
*/
HTAdminChangePasswordEnd (REQUEST_STRUCT *rqptr)
{
int status;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminChangePasswordEnd()");
if (rqptr->rqResponse.ErrorReportPtr)
{
/* an error has been reported at some stage */
SysDclAst (&HTAdminEnd, rqptr);
return;
}
/* report this to the log */
FaoToStdout (
"%HTTPD-I-PASSWORD, !20%D, modified\n\
-PASSWORD-I-SERVICE, !AZ//!AZ\n\
-PASSWORD-I-CLIENT, !AZ\n\
-PASSWORD-I-USERNAME, \"!AZ\" in \"!AZ\"\n",
0, rqptr->ServicePtr->RequestSchemeNamePtr,
rqptr->ServicePtr->ServerHostPort, ClientHostString(rqptr),
rqptr->RemoteUser, rqptr->rqAuth.RealmDescrPtr);
/* and to the operator log if so enabled */
if (OpcomMessages & OPCOM_AUTHORIZATION)
FaoToOpcom (
"%HTTPD-I-PASSWORD, modified\r\n\
-PASSWORD-I-SERVICE, !AZ//!AZ\r\n\
-PASSWORD-I-CLIENT, !AZ\r\n\
-PASSWORD-I-USERNAME, \"!AZ\" in \"!AZ\"",
rqptr->ServicePtr->RequestSchemeNamePtr,
rqptr->ServicePtr->ServerHostPort, ClientHostString(rqptr),
rqptr->RemoteUser, rqptr->rqAuth.RealmDescrPtr);
status = AuthCacheReset (rqptr, rqptr->rqAuth.RealmPtr, rqptr->RemoteUser);
if (VMSnok (status)) return;
rqptr->rqResponse.PreExpired = PRE_EXPIRE_ADMIN;
/* the user is dealing with the host/port they specified, not the base */
ReportSuccess (rqptr, MsgFor(rqptr,MSG_HTADMIN_PWD_BEEN_CHANGED),
"!AZ.\'!&;AZ\'@!AZ", rqptr->RemoteUser,
rqptr->rqAuth.RealmDescrPtr,
rqptr->ServicePtr->ServerHostPort);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
Begin a page providing a list of HTA Databases in a form for administering
them. Set up search for authentication Database files.
*/
HTAdminDatabaseBegin (REQUEST_STRUCT *rqptr)
{
static char ResponseFao [] =
"<form method=\"GET\" action=\"!AZ\">\n\
<table class=\"ctgry\">\n\
<tr><th class=\"ctttl\">!AZ</th></tr>\n\
<tr><td>\n\
<table class=\"rghtlft\">\n\
<tr><td>\n\
<select size=\"!UL\" name=\"dat\">\n";
int status;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminDatabaseBegin()");
tkptr = rqptr->HTAdminTaskPtr;
OdsParse (&tkptr->SearchOds,
rqptr->ParseOds.ExpFileName, rqptr->ParseOds.ExpFileNameLength,
"*", 1, 0, NULL, rqptr);
if (VMSnok (status = tkptr->SearchOds.Fab.fab$l_sts))
{
rqptr->rqResponse.ErrorTextPtr = rqptr->rqHeader.PathInfoPtr;
rqptr->rqResponse.ErrorOtherTextPtr = rqptr->ParseOds.ExpFileName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
tkptr->FileCount = 0;
HTAdminPageTitle (rqptr, tkptr->AdminDescriptionPtr, ResponseFao,
rqptr->ScriptName,
tkptr->HtListAdmin ? "List" : "Database",
DatabaseListSize);
SysDclAst (&HTAdminDatabaseSearch, rqptr);
}
/*****************************************************************************/
/*
(AST) function to invoke another sys$search() call when listing authentication
Databases.
*/
HTAdminDatabaseSearch (REQUEST_STRUCT *rqptr)
{
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminDatabaseSearch() !&F", &HTAdminDatabaseSearch);
/* turn on SYSPRV to allow the directory to be searched */
sys$setprv (1, &SysPrvMask, 0, 0);
OdsSearch (&rqptr->HTAdminTaskPtr->SearchOds,
&HTAdminDatabaseSearchAst, rqptr);
sys$setprv (0, &SysPrvMask, 0, 0);
}
/*****************************************************************************/
/*
AST completion routine called each time sys$search() completes. It will
either point to another file name found or have "no more files found" status
(or an error!).
*/
HTAdminDatabaseSearchAst (REQUEST_STRUCT *rqptr)
{
int status;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminDatabaseSearchAst() !&F sts:!&X stv:!&X",
&HTAdminDatabaseSearchAst,
rqptr->HTAdminTaskPtr->SearchOds.Fab.fab$l_sts,
rqptr->HTAdminTaskPtr->SearchOds.Fab.fab$l_stv);
tkptr = rqptr->HTAdminTaskPtr;
if (VMSnok (status = tkptr->SearchOds.Fab.fab$l_sts))
{
if (status == RMS$_FNF || status == RMS$_NMF)
{
/* end of search */
tkptr->SearchOds.ParseInUse = false;
HTAdminDatabaseEnd (rqptr);
return;
}
/* sys$search() error */
rqptr->rqResponse.ErrorTextPtr = MapVmsPath (tkptr->AuthFileSpec, rqptr);
rqptr->rqResponse.ErrorOtherTextPtr = tkptr->AuthFileSpec;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* terminate following the last character in the version number */
tkptr->SearchOds.NamVersionPtr[tkptr->SearchOds.NamVersionLength] = '\0';
tkptr->FileCount++;
status = FaoToNet (rqptr, "<option value=\"!#&;AZ\">!#&;AZ\n",
tkptr->SearchOds.NamNameLength,
tkptr->SearchOds.NamNamePtr,
tkptr->SearchOds.NamNameLength,
tkptr->SearchOds.NamNamePtr);
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
SysDclAst (&HTAdminDatabaseSearch, rqptr);
}
/*****************************************************************************/
/*
End authentication Database file search. Conclude form's HTML.
*/
HTAdminDatabaseEnd (REQUEST_STRUCT *rqptr)
{
static char HtaEndPageFao [] =
"</select>\n\
</td><td>\n\
<input type=\"radio\" name=\"do\" value=\"HTAACCESS\" checked>access<sup>1</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"HTALISTB\">list/brief<sup>1</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"HTALISTF\">list/full<sup>1</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"HTACREATE\">create<sup>2</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"HTADELETE\">delete<sup>1</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"purge\">purge cache\n\
<p><input type=\"submit\" value=\" Do \">\n\
<input type=reset value=\" Reset \">\n\
</td></tr>\n\
<tr><td colspan=\"2\">\n\
<sup>1.</sup> !AZ\n\
<br><sup>2.</sup> enter name <input type=\"text\" name=\"add\" size=\"20\">\n\
</td></tr>\n\
</table>\n\
\
</tr>\n\
</table>\n\
</form>\n\
\
</div>\n\
</body>\n\
</html>\n";
static char HtlEndPageFao [] =
"</select>\n\
</td><td>\n\
<input type=\"radio\" name=\"do\" value=\"HTLEDIT\" checked>edit<sup>1</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"HTLLIST\">list<sup>1</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"HTLCREATE\">create<sup>2</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"HTLDELETE\">delete<sup>1</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"purge\">purge cache\n\
<p><input type=\"submit\" value=\" Do \">\n\
<input type=reset value=\" Reset \">\n\
</td></tr>\n\
<tr><td colspan=\"2\">\n\
<sup>1.</sup> !AZ\n\
<br><sup>2.</sup> enter name <input type=\"text\" name=\"add\" size=\"20\">\n\
</td></tr>\n\
</table>\n\
\
</tr>\n\
</table>\n\
</form>\n\
\
</div>\n\
</body>\n\
</html>\n";
int status;
unsigned long *vecptr;
unsigned long FaoVector [32];
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminDatabaseEnd()");
tkptr = rqptr->HTAdminTaskPtr;
vecptr = FaoVector;
if (tkptr->FileCount)
*vecptr++ = "select from list";
else
*vecptr++ = "<i>none available</i>";
if (tkptr->HtListAdmin)
status = FaolToNet (rqptr, HtlEndPageFao, &FaoVector);
else
status = FaolToNet (rqptr, HtaEndPageFao, &FaoVector);
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
*/
HTAdminDatabaseUsersBegin
(
REQUEST_STRUCT *rqptr,
char *DatabaseName
)
{
static char ResponseFao [] =
"<form method=\"GET\" action=\"!AZ\">\n\
<table class=\"ctgry\">\n\
<tr><th class=\"ctttl\">Users in !AZ</th></tr>\n\
<tr><td>\n\
<table class=\"lftlft\">\n\
<tr><td>\n\
<select size=\"!UL\" name=\"unm\">\n";
int status;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminDatabaseUsersBegin() !&Z", DatabaseName);
tkptr = rqptr->HTAdminTaskPtr;
if (VMSnok (HTAdminOpenDatabaseForRead (rqptr, DatabaseName))) return;
/**************/
/* begin page */
/**************/
tkptr->RecordCount = tkptr->UserCount = 0;
HTAdminPageTitle (rqptr, tkptr->AdminDescriptionPtr, ResponseFao,
rqptr->rqHeader.PathInfoPtr,
DatabaseName,
UserNameListSize);
SysDclAst (&HTAdminDatabaseUsersNext, rqptr);
}
/*****************************************************************************/
/*
Queue a read of the next record from the file. When the read completes call
HTAdminDatabaseUsersNextAst() function.
*/
HTAdminDatabaseUsersNext (REQUEST_STRUCT *rqptr)
{
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminDatabaseUsersNext() !&F", &HTAdminDatabaseUsersNext);
/* asynchronous get service */
rqptr->HTAdminTaskPtr->FileOds.Rab.rab$l_rop |= RAB$M_ASY;
sys$get (&rqptr->HTAdminTaskPtr->FileOds.Rab,
&HTAdminDatabaseUsersNextAst,
&HTAdminDatabaseUsersNextAst);
}
/*****************************************************************************/
/*
A user record has been read from the authentication Database.
*/
HTAdminDatabaseUsersNextAst (struct RAB *RabPtr)
{
int cnt, status;
char *cptr, *sptr;
REQUEST_STRUCT *rqptr;
char Buffer [128];
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
rqptr = RabPtr->rab$l_ctx;
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminDatabaseUsersNextAst() !&F sts:!&X stv:!&X !UL",
&HTAdminDatabaseUsersNextAst,
RabPtr->rab$l_sts, RabPtr->rab$l_stv, RabPtr->rab$w_rsz);
tkptr = rqptr->HTAdminTaskPtr;
if (VMSnok (tkptr->FileOds.Rab.rab$l_sts))
{
if (tkptr->FileOds.Rab.rab$l_sts == RMS$_EOF)
{
OdsClose (&tkptr->FileOds, NULL, 0);
HTAdminDatabaseUsersList (rqptr);
return;
}
rqptr->rqResponse.ErrorTextPtr = MapVmsPath (tkptr->AuthFileName, rqptr);
rqptr->rqResponse.ErrorOtherTextPtr = tkptr->AuthFileName;
ErrorVmsStatus (rqptr, tkptr->FileOds.Rab.rab$l_sts, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* check the version of the authorization database */
if (tkptr->AuthHtRecord.DatabaseVersion &&
tkptr->AuthHtRecord.DatabaseVersion != AUTH_HTA_VERSION)
{
rqptr->rqResponse.ErrorTextPtr = MapVmsPath (tkptr->AuthFileName, rqptr);
rqptr->rqResponse.ErrorOtherTextPtr = tkptr->AuthFileName;
ErrorVmsStatus (rqptr, SS$_INCOMPAT & 0xfffffffe, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* if the record has been removed (by zeroing) then ignore */
if (!tkptr->AuthHtRecord.UserNameLength)
{
HTAdminDatabaseUsersNext (rqptr);
return;
}
tkptr->UserCount++;
if ((tkptr->UserCount * sizeof(tkptr->AuthHtRecord.UserName)) >
tkptr->UserListLength)
{
/* need more (or some) list space */
tkptr->UserListLength += 32 * sizeof(tkptr->AuthHtRecord.UserName);
tkptr->UserListPtr = VmReallocHeap (rqptr, tkptr->UserListPtr,
tkptr->UserListLength, FI_LI);
}
/* copy username including name terminating null */
memcpy (tkptr->UserListPtr +
((tkptr->UserCount - 1) * sizeof(tkptr->AuthHtRecord.UserName)),
tkptr->AuthHtRecord.UserName,
sizeof(tkptr->AuthHtRecord.UserName));
HTAdminDatabaseUsersNext (rqptr);
}
/*****************************************************************************/
/*
Humble bubble sort I'm afraid :^( Gives the illusion that the database is
ordered (apart from that of entry sequence :^), although does provide the
advantage of viewing an ordered list. It formats them as part of HTML
selection list.
*/
HTAdminDatabaseUsersList (REQUEST_STRUCT *rqptr)
{
int idx1, idx2, size, status,
UserCount;
char *cptr1, *cptr2;
HTADMIN_TASK *tkptr;
char UserName [AUTH_MAX_HTA_USERNAME_LENGTH+1];
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminDatabaseUsersList() !UL !UL",
rqptr->HTAdminTaskPtr->UserListCount,
rqptr->HTAdminTaskPtr->UserCount);
tkptr = rqptr->HTAdminTaskPtr;
size = AUTH_MAX_HTA_USERNAME_LENGTH+1;
if (!tkptr->UserCount)
{
HTAdminDatabaseUsersEnd (rqptr);
return;
}
/********/
/* sort */
/********/
for (idx1 = 0; idx1 < tkptr->UserCount-1; idx1++)
{
for (idx2 = idx1+1; idx2 < tkptr->UserCount; idx2++)
{
cptr1 = tkptr->UserListPtr + (idx1 * size);
cptr2 = tkptr->UserListPtr + (idx2 * size);
if (strcmp (cptr1, cptr2) <= 0) continue;
memcpy (UserName, cptr1, size);
memcpy (cptr1, cptr2, size);
memcpy (cptr2, UserName, size);
}
}
/*************************/
/* create selection list */
/*************************/
cptr1 = tkptr->UserListPtr;
for (UserCount = 0; UserCount < tkptr->UserCount; UserCount++)
{
status = FaoToNet (rqptr, "<option value=\"!&;AZ\">!&;AZ\n",
cptr1, cptr1);
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
cptr1 += AUTH_MAX_HTA_USERNAME_LENGTH+1;
}
HTAdminDatabaseUsersEnd (rqptr);
}
/*****************************************************************************/
/*
End user names in authentication Database.
*/
HTAdminDatabaseUsersEnd (REQUEST_STRUCT *rqptr)
{
static char EndPageFao [] =
"</select>\n\
</td><td>\n\
<input type=\"radio\" name=\"do\" value=\"view\" checked>view<sup>1</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"modify\">modify<sup>1</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"add\">add<sup>2</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"delete\">delete<sup>1</sup>\n\
<br><input type=\"radio\" name=\"do\" value=\"purge\">purge cache\n\
<p><input type=\"submit\" value=\" Do \">\n\
<input type=reset value=\" Reset \">\n\
</td></tr>\n\
<tr><td colspan=\"2\">\n\
<sup>1.</sup> !AZ\n\
<br><sup>2.</sup> enter name <input type=\"text\" name=\"add\" size=\"20\">\n\
</td></tr>\n\
</table>\n\
\
</tr>\n\
</table>\n\
</form>\n\
\
</div>\n\
</body>\n\
</html>\n";
int status;
unsigned long *vecptr;
unsigned long FaoVector [32];
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminDatabaseUsersEnd()");
tkptr = rqptr->HTAdminTaskPtr;
vecptr = FaoVector;
if (tkptr->UserCount)
*vecptr++ = "select from list";
else
*vecptr++ = "<i>none available</i>";
status = FaolToNet (rqptr, EndPageFao, &FaoVector);
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
*/
HTAdminListUsersBegin
(
REQUEST_STRUCT *rqptr,
char *DatabaseName
)
{
static char ResponseFao [] =
"<table class=\"ctgry\">\n\
<tr><th class=\"ctttl\" colspan=\"!UL\">Users in !AZ</th></tr>\n\
<tr><td>\n\
<table class=\"lftlft\">\n\
!AZ";
static char BriefHeading [] =
"<tr>\
<th></th>\
<th class=\"sbttl\">Username</th>\
<th class=\"sbttl\">Full Name</th>\
<th class=\"sbttl\">Access</th>\
<th class=\"sbttl\">Added</th>\
<th class=\"sbttl\">Accessed</th></tr>\n\
</tr>\n";
static char FullHeading [] =
"<tr>\
<th></th>\
<th class=\"sbttl\">Username</th>\
<th class=\"sbttl\">Details<br>Last</th>\
<th class=\"sbttl\">Access<br>Failure</th>\
<th class=\"sbttl\">Added<br>Changed</th></tr>\n\
</tr>\n";
int status;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminListUsersBegin() !&Z", DatabaseName);
tkptr = rqptr->HTAdminTaskPtr;
if (VMSnok (HTAdminOpenDatabaseForRead (rqptr, DatabaseName))) return;
/**************/
/* begin page */
/**************/
tkptr->RecordCount = tkptr->UserCount = 0;
HTAdminPageTitle (rqptr, tkptr->AdminDescriptionPtr, ResponseFao,
tkptr->BriefList ? 6 : 7,
DatabaseName,
tkptr->BriefList ? BriefHeading : FullHeading);
SysDclAst (&HTAdminListUsersNext, rqptr);
}
/*****************************************************************************/
/*
Queue a read of the next record from the file. When the read completes call
HTAdminListUsersNextAst() function.
*/
HTAdminListUsersNext (REQUEST_STRUCT *rqptr)
{
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminListUsersNext() !&F", &HTAdminListUsersNext);
/* asynchronous get service */
rqptr->HTAdminTaskPtr->FileOds.Rab.rab$l_rop |= RAB$M_ASY;
sys$get (&rqptr->HTAdminTaskPtr->FileOds.Rab,
&HTAdminListUsersNextAst,
&HTAdminListUsersNextAst);
}
/*****************************************************************************/
/*
A user record has been read from the authentication Database.
*/
HTAdminListUsersNextAst (struct RAB *RabPtr)
{
int cnt, status;
char *cptr, *sptr;
REQUEST_STRUCT *rqptr;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
rqptr = RabPtr->rab$l_ctx;
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminListUsersNextAst() !&F sts:!&X stv:!&X !UL",
&HTAdminListUsersNextAst,
RabPtr->rab$l_sts, RabPtr->rab$l_stv, RabPtr->rab$w_rsz);
tkptr = rqptr->HTAdminTaskPtr;
if (VMSnok (tkptr->FileOds.Rab.rab$l_sts))
{
if (tkptr->FileOds.Rab.rab$l_sts == RMS$_EOF)
{
OdsClose (&tkptr->FileOds, NULL, 0);
HTAdminListUsersListSort (rqptr);
return;
}
rqptr->rqResponse.ErrorTextPtr = MapVmsPath (tkptr->AuthFileName, rqptr);
rqptr->rqResponse.ErrorOtherTextPtr = tkptr->AuthFileName;
ErrorVmsStatus (rqptr, tkptr->FileOds.Rab.rab$l_sts, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* check the version of the authorization database */
if (tkptr->AuthHtRecord.DatabaseVersion &&
tkptr->AuthHtRecord.DatabaseVersion != AUTH_HTA_VERSION)
{
rqptr->rqResponse.ErrorTextPtr = MapVmsPath (tkptr->AuthFileName, rqptr);
rqptr->rqResponse.ErrorOtherTextPtr = tkptr->AuthFileName;
ErrorVmsStatus (rqptr, SS$_INCOMPAT & 0xfffffffe, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* if the record has been removed (by zeroing) then ignore */
if (!tkptr->AuthHtRecord.UserNameLength)
{
HTAdminListUsersNext (rqptr);
return;
}
tkptr->UserCount++;
if ((tkptr->UserCount * sizeof(AUTH_HTAREC)) >
tkptr->UserListLength)
{
/* need more (or some) list space */
tkptr->UserListLength += 32 * sizeof(AUTH_HTAREC);
tkptr->UserListPtr = VmReallocHeap (rqptr, tkptr->UserListPtr,
tkptr->UserListLength, FI_LI);
}
/* copy the entire user record into the list */
memcpy (tkptr->UserListPtr +
((tkptr->UserCount - 1) * sizeof(AUTH_HTAREC)),
&tkptr->AuthHtRecord, sizeof(AUTH_HTAREC));
HTAdminListUsersNext (rqptr);
}
/*****************************************************************************/
/*
Humble bubble sort I'm afraid :^( Gives the illusion that the database is
ordered (apart from that of entry sequence :^), although does provide the
advantage of viewing an ordered list. Bit more expensive this one, copying
aroung 512 byte records. I'll improve it someday, sigh :^(
*/
HTAdminListUsersListSort (REQUEST_STRUCT *rqptr)
{
int idx1, idx2, size;
char *cptr1, *cptr2;
AUTH_HTAREC *rptr1, *rptr2;
AUTH_HTAREC AuthHtRecord;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminListUsersListSort()");
tkptr = rqptr->HTAdminTaskPtr;
if (!tkptr->UserCount)
{
HTAdminListUsersEnd (rqptr);
return;
}
size = sizeof(AUTH_HTAREC);
for (idx1 = 0; idx1 < tkptr->UserCount-1; idx1++)
{
for (idx2 = idx1+1; idx2 < tkptr->UserCount; idx2++)
{
rptr1 = &((AUTH_HTAREC*)tkptr->UserListPtr)[idx1];
rptr2 = &((AUTH_HTAREC*)tkptr->UserListPtr)[idx2];
if (strcmp (rptr1->UserName, rptr2->UserName) <= 0) continue;
memcpy (&AuthHtRecord, (char*)rptr1, size);
memcpy ((char*)rptr1, (char*)rptr2, size);
memcpy ((char*)rptr2, &AuthHtRecord, size);
}
}
tkptr->UserListCount = 0;
HTAdminListUsersList (rqptr);
}
/*****************************************************************************/
/*
This function is called for each username in the sorted list. It reads them
sequentially, formats them as part of HTML table, then buffers the output,
ASTing back to this function for the next.
*/
HTAdminListUsersList (REQUEST_STRUCT *rqptr)
{
static char BriefFao [] =
"<tr>\
<th>!3ZL</th>\
<th>!AZ!&;AZ!AZ</th>\
<td>!&;AZ</td>\
<td>!AZ!AZ</td>\n\
<td>!17%D</td>\
<td>!17%D (!UL)</td>\
</tr>\n";
static char FullFao [] =
"<tr>\
<th>!3ZL</th>\
<th>!AZ!&;AZ!AZ</th>\
<td>!&;AZ</td>\
<td>!AZ!AZ</td>\
<td>!17%D</td>\
</tr>\n\
<tr class=\"hlght\"><td colspan=\"2\"></td>\
<td colspan=\"3\" style=\"white-space:pre;\">!&;AZ</td></tr>\n\
<tr><td colspan=\"2\"></td>\
<td colspan=\"3\">!&@</td></tr>\n\
<tr class=\"hlght\"><td colspan=\"2\"></td>\
<td>!17%D (!UL)</td>\
<td>!17%D (!UL)</td>\
<td>!17%D (!UL</td>\
</tr>\n";
int status;
unsigned long *vecptr;
unsigned long FaoVector [32];
char *CanStringPtr;
AUTH_HTAREC *rptr;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminListUsersList() !UL !UL",
rqptr->HTAdminTaskPtr->UserListCount,
rqptr->HTAdminTaskPtr->UserCount);
tkptr = rqptr->HTAdminTaskPtr;
if (tkptr->UserListCount >= tkptr->UserCount)
{
HTAdminListUsersEnd (rqptr);
return;
}
rptr = &((AUTH_HTAREC*)tkptr->UserListPtr)[tkptr->UserListCount];
if (!(CanStringPtr = HTAdminCanString (rqptr, rptr->Flags, true)))
{
HTAdminEnd (rqptr);
return;
}
tkptr->UserListCount++;
vecptr = FaoVector;
*vecptr++ = tkptr->UserListCount;
if (rptr->Flags & AUTH_FLAG_ENABLED)
*vecptr++ = "";
else
*vecptr++ = "<strike>";
*vecptr++ = rptr->UserName;
if (rptr->Flags & AUTH_FLAG_ENABLED)
*vecptr++ = "";
else
*vecptr++ = "</strike>";
*vecptr++ = rptr->FullName;
*vecptr++ = CanStringPtr;
if (rptr->Flags & AUTH_FLAG_HTTPS_ONLY)
*vecptr++ = " (SSL-only)";
else
*vecptr++ = "";
if (tkptr->BriefList)
{
*vecptr++ = &rptr->AddedTime64;
*vecptr++ = &rptr->LastAccessTime64;
*vecptr++ = rptr->AccessCount;
}
else
{
*vecptr++ = &rptr->AddedTime64;
*vecptr++ = rptr->Contact;
if (rptr->Email[0])
{
*vecptr++ = "<a href=\"mailto:!AZ\">!AZ</a>";
*vecptr++ = rptr->Email;
*vecptr++ = rptr->Email;
}
else
if (rptr->Email[0] || rptr->Contact[0])
*vecptr++ = "";
else
*vecptr++ = "(no contact or email)";
*vecptr++ = &rptr->LastAccessTime64;
*vecptr++ = rptr->AccessCount;
*vecptr++ = &rptr->LastFailureTime64;
*vecptr++ = rptr->FailureCount;
*vecptr++ = &rptr->LastChangeTime64;
*vecptr++ = rptr->ChangeCount;
}
if (tkptr->BriefList)
status = FaolToNet (rqptr, BriefFao, &FaoVector);
else
status = FaolToNet (rqptr, FullFao, &FaoVector);
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
SysDclAst (&HTAdminListUsersList, rqptr);
}
/*****************************************************************************/
/*
End list user information in authentication Database.
*/
HTAdminListUsersEnd (REQUEST_STRUCT *rqptr)
{
static char NotNoneFao [] =
"<tr><th>!3ZL</th>\
<td colspan=!UL " ADMIN_REPORT_ALTHI "><i>empty</i></td></tr>\n\
</table>\n\
</td></tr>\n\
</table>\n\
\
</div>\n\
</body>\n\
</html>\n";
static char EndPageFao [] =
"</table>\n\
</td></tr>\n\
</table>\n\
\
</div>\n\
</body>\n\
</html>\n";
int status;
unsigned long *vecptr;
unsigned long FaoVector [32];
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminListUsersEnd()");
tkptr = rqptr->HTAdminTaskPtr;
vecptr = FaoVector;
*vecptr++ = 0;
if (tkptr->BriefList)
*vecptr++ = 5;
else
*vecptr++ = 4;
if (tkptr->UserCount)
status = FaolToNet (rqptr, EndPageFao, &FaoVector);
else
status = FaolToNet (rqptr, NotNoneFao, &FaoVector);
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
Display an authentication database record.
*/
HTAdminUserView
(
REQUEST_STRUCT *rqptr,
char *DatabaseName,
char *UserName
)
{
static char ResponseFao [] =
"!20&W\n\
\
<P><table class=\"ctgry\">\n\
<tr><th class=\"ctttl\" colspan=\"4\">User !&;AZ in !AZ!AZ</th></tr>\n\
<tr><td>\n\
<table class=\"rghtlft\">\n\
<tr><th>Full Name:</th><td colspan=\"3\">!&;AZ</td></tr>\n\
<tr><th>Contact:</th><td colspan=\"3\" style=\"white-space:pre;\">!&;AZ</td></tr>\n\
<tr><th>E-mail:</th><td colspan=\"3\">!&@</td></tr>\n\
<tr><th>Access:</th><td colspan=\"3\">!AZ!AZ</td></tr>\n\
<tr><th>Password:</th><td>!AZ</td><td></td><td></td></tr>\n\
<tr><th>Added:</th><td colspan=\"2\">!20&W</td></tr>\n\
<tr><th>Changed:</th><td colspan=\"2\">!20&W</td><td>!UL</td></tr>\n\
<tr><th>Accessed:</th><td colspan=\"2\">!20&W</td><td>!UL</td></tr>\n\
<tr><th>Failed:</th><td colspan=\"2\">!20&W</td><td>!UL</td></tr>\n\
</table>\n\
</td></tr>\n\
</table>\n\
\
</div>\n\
</body>\n\
</html>\n";
int status;
unsigned long *vecptr;
unsigned long FaoVector [32];
char *CanStringPtr;
HTADMIN_TASK *tkptr;
AUTH_HTAREC AuthHtRecord;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminUserView()");
tkptr = rqptr->HTAdminTaskPtr;
if (!DatabaseName || !UserName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminInsufficient, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* look for the record, close the database file immediately */
status = AuthHtDatabaseAccess (rqptr, false, DatabaseName,
UserName, &AuthHtRecord, NULL, NULL);
if (status == RMS$_EOF)
{
rqptr->rqResponse.HttpStatus = 404;
ErrorGeneral (rqptr, ErrorHTAdminUserNotFound, FI_LI);
HTAdminEnd (rqptr);
return;
}
if (VMSnok (status))
{
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminDatabase;
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
if (!(CanStringPtr = HTAdminCanString (rqptr, AuthHtRecord.Flags, false)))
{
HTAdminEnd (rqptr);
return;
}
/**************/
/* begin page */
/**************/
HTAdminPageTitle (rqptr, tkptr->AdminDescriptionPtr);
vecptr = FaoVector;
*vecptr++ = &rqptr->rqTime.BeginTime64;
*vecptr++ = AuthHtRecord.UserName;
*vecptr++ = DatabaseName;
if (AuthHtRecord.Flags & AUTH_FLAG_ENABLED)
*vecptr++ = "";
else
*vecptr++ = "<font color=\"#ff0000\"> is DISABLED</font>";
*vecptr++ = AuthHtRecord.FullName;
*vecptr++ = AuthHtRecord.Contact;
if (AuthHtRecord.Email[0])
{
*vecptr++ = "<a href=\"mailto:!&;AZ\">!&;AZ</a>";
*vecptr++ = AuthHtRecord.Email;
*vecptr++ = AuthHtRecord.Email;
}
else
*vecptr++ = "";
*vecptr++ = CanStringPtr;
if (AuthHtRecord.Flags & AUTH_FLAG_HTTPS_ONLY)
*vecptr++ = " (SSL-only)";
else
*vecptr++ = "";
if (AuthHtRecord.HashedPwd)
*vecptr++ = "********";
else
*vecptr++ = "";
*vecptr++ = &AuthHtRecord.AddedTime64;
*vecptr++ = &AuthHtRecord.LastChangeTime64;
*vecptr++ = AuthHtRecord.ChangeCount;
*vecptr++ = &AuthHtRecord.LastAccessTime64;
*vecptr++ = AuthHtRecord.AccessCount;
*vecptr++ = &AuthHtRecord.LastFailureTime64;
*vecptr++ = AuthHtRecord.FailureCount;
status = FaolToNet (rqptr, ResponseFao, &FaoVector);
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
Form for modify or add an authentication database record.
*/
HTAdminModifyUserForm
(
REQUEST_STRUCT *rqptr,
BOOL AddUser,
char *DatabaseName,
char *UserName
)
{
static char ResponseFao [] =
"<form method=\"POST\" action=\"!AZ\">\n\
<input type=\"hidden\" name=\"do\" value=\"!AZ\">\n\
<input type=\"hidden\" name=\"!AZ\" value=\"!AZ\">\n\
<table class=\"ctgry\">\n\
<tr><th class=\"ctttl\" colspan=\"2\">!AZ !AZ !AZin !AZ</th></tr>\n\
<tr><td colspan=\"2\">\n\
\
<table class=\"rghtlft\">\n\
<tr><th>Full Name:</th>\
<td><input type=\"text\" name=\"fnm\" size=\"!UL\" maxlength=\"!UL\" \
value=\"!&;AZ\"></td></tr>\n\
<tr><th>Contact:</th>\
<td><textarea name=\"con\" cols=\"!UL\" rows=\"!UL\">!&;AZ\
</textarea></td></tr>\n\
<tr><th>E-mail:</th>\
<td><input type=\"text\" name=\"eml\" size=\"!UL\" maxlength=\"!UL\" \
value=\"!&;AZ\"></td></tr>\n\
<tr><th>Enabled:</th><td>\n\
<input type=\"radio\" name=\"ena\" value=\"yes\"!AZ>yes\n\
<input type=\"radio\" name=\"ena\" value=\"no\"!AZ>no\n\
</td></tr>\n\
<tr><th>Access:</th><td>\n\
<input type=\"radio\" name=\"acc\" value=\"r\"!AZ>read-only\n\
<input type=\"radio\" name=\"acc\" value=\"r+w\"!AZ>read <b>& write</b>\n\
<input type=\"radio\" name=\"acc\" value=\"w\"!AZ>write-only\n\
</td></tr>\n\
<tr><th>SSL Only:</th><td>\n\
<input type=\"radio\" name=\"hts\" value=\"yes\"!AZ>yes\n\
<input type=\"radio\" name=\"hts\" value=\"no\"!AZ>no\n\
</td></tr>\n\
<tr><th>Password:</th>\
<td><input type=\"password\" name=\"pwn\" size=\"!UL\" maxlength=\"!UL\">\
<input type=\"checkbox\" name=\"pwd\" value=\"pwd\">generate\
<input type=\"checkbox\" name=\"pin\" value=\"pin\">PIN\
</td></tr>\n\
<tr><th>Verify:</th>\
<td><input type=\"password\" name=\"pwv\" size=\"!UL\" maxlength=\"!UL\"></td></tr>\n\
\
<tr><td></td><td>\
<input type=\"submit\" value=\" !AZ \">\n\
<input type=reset value=\" Reset \"></td></tr>\n\
</td></tr>\n\
</table>\n\
</td></tr>\n\
</table>\n\
</form>\n\
\
</div>\n\
</body>\n\
</html>\n";
BOOL AlreadyExists;
int status;
unsigned long *vecptr;
unsigned short Length;
unsigned long FaoVector [64];
AUTH_HTAREC AuthHtRecord;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminModifyUserForm()");
tkptr = rqptr->HTAdminTaskPtr;
if (!DatabaseName[0] || !UserName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminInsufficient, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* look for the record, close the database file immediately */
if (AddUser)
{
status = AuthHtDatabaseAccess (rqptr, false, DatabaseName,
UserName, &AuthHtRecord, NULL, NULL);
if (VMSok (status))
AlreadyExists = true;
else
AlreadyExists = false;
if (status == RMS$_EOF) status = SS$_NORMAL;
}
else
{
status = AuthHtDatabaseAccess (rqptr, false, DatabaseName,
UserName, &AuthHtRecord, NULL, NULL);
if (status == RMS$_EOF)
{
rqptr->rqResponse.HttpStatus = 404;
ErrorGeneral (rqptr, ErrorHTAdminUserNotFound, FI_LI);
HTAdminEnd (rqptr);
return;
}
AlreadyExists = false;
}
if (VMSnok (status))
{
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminDatabase;
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
if (AddUser && !AlreadyExists)
memset (&AuthHtRecord, 0, sizeof(AUTH_HTAREC));
/**************/
/* begin page */
/**************/
HTAdminPageTitle (rqptr, tkptr->AdminDescriptionPtr);
vecptr = FaoVector;
*vecptr++ = rqptr->rqHeader.PathInfoPtr;
if (AddUser && !AlreadyExists)
{
*vecptr++ = "add";
*vecptr++ = "anm";
*vecptr++ = UserName;
*vecptr++ = "<font color=\"#ff0000\">New User</font>";
*vecptr++ = UserName;
*vecptr++ = "";
*vecptr++ = DatabaseName;
}
else
{
*vecptr++ = "modify";
*vecptr++ = "unm";
*vecptr++ = UserName;
*vecptr++ = "User";
*vecptr++ = UserName;
if (AlreadyExists)
*vecptr++ =
"<span style=\"color:#ff0000;\">ALREADY EXISTS</span>";
else
*vecptr++ = "";
*vecptr++ = DatabaseName;
}
*vecptr++ = AUTH_MAX_FULLNAME_LENGTH;
*vecptr++ = AUTH_MAX_FULLNAME_LENGTH;
*vecptr++ = AuthHtRecord.FullName;
*vecptr++ = 40;
*vecptr++ = 3;
*vecptr++ = AuthHtRecord.Contact;
*vecptr++ = 40;
*vecptr++ = 40;
*vecptr++ = AuthHtRecord.Email;
if ((AuthHtRecord.Flags & AUTH_FLAG_ENABLED) ||
(AddUser && !AlreadyExists))
{
*vecptr++ = " CHECKED";
*vecptr++ = "";
}
else
{
*vecptr++ = "";
*vecptr++ = " CHECKED";
}
if ((AuthHtRecord.Flags & AUTH_FLAG_DELETE ||
AuthHtRecord.Flags & AUTH_FLAG_POST ||
AuthHtRecord.Flags & AUTH_FLAG_PUT) &&
AuthHtRecord.Flags & AUTH_FLAG_GET)
{
*vecptr++ = "";
*vecptr++ = " CHECKED";
*vecptr++ = "";
}
else
if (!AuthHtRecord.Flags & AUTH_FLAG_GET)
{
*vecptr++ = " CHECKED";
*vecptr++ = "";
*vecptr++ = "";
}
else
{
*vecptr++ = " CHECKED";
*vecptr++ = "";
*vecptr++ = "";
}
if (AuthHtRecord.Flags & AUTH_FLAG_HTTPS_ONLY)
{
*vecptr++ = " CHECKED";
*vecptr++ = "";
}
else
{
*vecptr++ = "";
*vecptr++ = " CHECKED";
}
*vecptr++ = AUTH_MAX_PASSWORD_LENGTH;
*vecptr++ = AUTH_MAX_PASSWORD_LENGTH;
*vecptr++ = AUTH_MAX_PASSWORD_LENGTH;
*vecptr++ = AUTH_MAX_PASSWORD_LENGTH;
if (AddUser && !AlreadyExists)
*vecptr++ = "Add";
else
*vecptr++ = "Modify";
status = FaolToNet (rqptr, ResponseFao, &FaoVector);
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
Change the contents of the user's database record.
*/
HTAdminModifyUser
(
REQUEST_STRUCT *rqptr,
BOOL AddUser,
char *DatabaseName,
char *UserName,
char *FullName,
char *Contact,
char *Email,
char *Enabled,
char *Access,
char *HttpsOnly,
char *PasswordNew,
char *PasswordVerify,
char *GeneratePassword
)
{
static $DESCRIPTOR (PasswordPinFaoDsc, "!4ZL\0");
int cnt, status;
char *cptr, *sptr;
unsigned long HashedPwd [2];
unsigned long *BinTimePtr;
unsigned char A1DigestLoCase [16],
A1DigestUpCase [16],
PasswordScratch [16];
MD5_HASH Md5Hash;
AUTH_HTAREC AuthHtRecord;
AUTH_CREC AuthCacheRecord;
$DESCRIPTOR (PasswordScratchDsc, PasswordScratch);
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminModifyUser()");
if (!DatabaseName[0] || !UserName[0] || !FullName[0] ||
!Enabled[0] || !Access[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminInsufficient, FI_LI);
HTAdminEnd (rqptr);
return;
}
if ((TOUP(Enabled[0]) != 'Y' && TOUP(Enabled[0]) != 'N') ||
(!strsame(Access, "r", -1) && !strsame(Access, "r+w", -1) &&
!strsame(Access, "w", -1)))
{
rqptr->rqResponse.HttpStatus = 403;
ErrorGeneral (rqptr, ErrorHTAdminParameter, FI_LI);
HTAdminEnd (rqptr);
return;
}
if (GeneratePassword[0])
{
if (strsame (GeneratePassword, "pwdpin", -1))
{
/* generate a four digit PIN */
sys$fao (&PasswordPinFaoDsc, 0, &PasswordScratchDsc,
HttpdTime64 / 1000 % 10000);
}
else
{
/* generate a six alpha-numeric character password */
Md5Digest (&HttpdTime64, sizeof(Md5Hash), &Md5Hash);
cptr = (char*)&Md5Hash;
sptr = PasswordScratch;
cnt = 0;
while (cnt < 6)
{
if (cptr > (char*)&Md5Hash + sizeof(Md5Hash))
{
Md5Digest (&Md5Hash, sizeof(Md5Hash), &Md5Hash);
cptr = (char*)&Md5Hash;
}
*cptr = TOLO(*cptr);
if (cnt == 5)
{
/* digit required */
if (*cptr >= '0' && *cptr <= '9')
{
*sptr++ = *cptr;
cnt++;
}
}
else
if (*cptr == 'a' || *cptr == 'e' || *cptr == 'i' ||
*cptr == 'o' || *cptr == 'u' || *cptr == 'y')
{
if (cnt % 2)
{
/* vowel required */
*sptr++ = *cptr;
cnt++;
}
}
else
if (*cptr >= 'a' && *cptr <= 'z' &&
*cptr != 'a' && *cptr != 'e' && *cptr != 'i' &&
*cptr != 'o' && *cptr != 'u' && *cptr != 'y')
{
if (!(cnt % 2))
{
/* consonant required */
*sptr++ = *cptr;
cnt++;
}
}
cptr++;
}
*sptr = '\0';
}
PasswordNew = PasswordVerify = PasswordScratch;
}
if (!strsame (PasswordNew, PasswordVerify, -1))
{
rqptr->rqResponse.HttpStatus = 403;
ErrorGeneral (rqptr, MsgFor(rqptr,MSG_HTADMIN_PWD_INCORRECT), FI_LI);
HTAdminEnd (rqptr);
return;
}
if (PasswordNew[0])
{
if (VMSnok (status =
AuthGenerateHashPassword (UserName, PasswordNew, &HashedPwd)))
{
rqptr->rqResponse.ErrorTextPtr = "password hash";
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
if (VMSnok (status =
AuthGenerateDigestPassword (DatabaseName, UserName, PasswordNew,
&A1DigestLoCase, &A1DigestUpCase)))
{
rqptr->rqResponse.ErrorTextPtr = "password digest";
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
}
/***********************/
/* update the database */
/***********************/
/* look for the record, leave the database file open if found */
status = AuthHtDatabaseAccess (rqptr, true, DatabaseName,
UserName, &AuthHtRecord, NULL, NULL);
if (AddUser)
{
if (VMSok (status))
{
/* ensure the database is closed */
AuthHtDatabaseAccess (NULL, false, NULL, NULL, NULL, NULL, NULL);
rqptr->rqResponse.HttpStatus = 404;
ErrorGeneral (rqptr, ErrorHTAdminUserExists, FI_LI);
HTAdminEnd (rqptr);
return;
}
if (status == RMS$_EOF) status = SS$_NORMAL;
memset (&AuthHtRecord, 0, sizeof(AUTH_HTAREC));
}
else
{
if (status == RMS$_EOF)
{
/* ensure the database is closed */
AuthHtDatabaseAccess (NULL, false, NULL, NULL, NULL, NULL, NULL);
rqptr->rqResponse.HttpStatus = 404;
ErrorGeneral (rqptr, ErrorHTAdminUserNotFound, FI_LI);
HTAdminEnd (rqptr);
return;
}
}
if (VMSnok (status))
{
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminDatabase;
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
memcpy (&AuthHtRecord.UserName, UserName, sizeof(AuthHtRecord.UserName));
AuthHtRecord.UserNameLength = strlen(UserName);
memcpy (&AuthHtRecord.FullName, FullName, sizeof(AuthHtRecord.FullName));
memcpy (&AuthHtRecord.Contact, Contact, sizeof(AuthHtRecord.Contact));
memcpy (&AuthHtRecord.Email, Email, sizeof(AuthHtRecord.Email));
if (AddUser)
{
BinTimePtr = &rqptr->rqTime.BeginTime64;
AuthHtRecord.AddedTime64[0] = BinTimePtr[0];
AuthHtRecord.AddedTime64[1] = BinTimePtr[1];
AuthHtRecord.DatabaseVersion = AUTH_HTA_VERSION;
}
else
{
BinTimePtr = &rqptr->rqTime.BeginTime64;
AuthHtRecord.LastChangeTime64[0] = BinTimePtr[0];
AuthHtRecord.LastChangeTime64[1] = BinTimePtr[1];
AuthHtRecord.ChangeCount++;
}
if (PasswordNew[0])
{
memcpy (&AuthHtRecord.HashedPwd, &HashedPwd, 8);
memcpy (&AuthHtRecord.A1DigestLoCase, &A1DigestLoCase, 16);
memcpy (&AuthHtRecord.A1DigestUpCase, &A1DigestUpCase, 16);
}
if (TOUP(Enabled[0]) == 'Y')
AuthHtRecord.Flags |= AUTH_FLAG_ENABLED;
else
AuthHtRecord.Flags &= ~AUTH_FLAG_ENABLED;
if (TOUP(HttpsOnly[0]) == 'Y')
AuthHtRecord.Flags |= AUTH_FLAG_HTTPS_ONLY;
else
AuthHtRecord.Flags &= ~AUTH_FLAG_HTTPS_ONLY;
/* reset all the method bits to zero */
AuthHtRecord.Flags &= ~(AUTH_FLAG_CONNECT | AUTH_FLAG_DELETE |
AUTH_FLAG_GET | AUTH_FLAG_HEAD |
AUTH_FLAG_POST | AUTH_FLAG_PUT);
/* now set the relevant method bits on */
if (strsame (Access, "r", -1))
AuthHtRecord.Flags |= (AUTH_FLAG_GET | AUTH_FLAG_HEAD);
else
if (strsame (Access, "r+w", -1))
AuthHtRecord.Flags |= (AUTH_FLAG_CONNECT | AUTH_FLAG_DELETE |
AUTH_FLAG_GET | AUTH_FLAG_HEAD |
AUTH_FLAG_POST | AUTH_FLAG_PUT);
else
if (strsame (Access, "w", -1))
AuthHtRecord.Flags |= (AUTH_FLAG_CONNECT | AUTH_FLAG_DELETE |
AUTH_FLAG_POST | AUTH_FLAG_PUT);
/* add/update the record, close the database file */
if (AddUser)
status = AuthHtDatabaseAccess (NULL, false, NULL, NULL,
NULL, &AuthHtRecord, NULL);
else
status = AuthHtDatabaseAccess (NULL, false, NULL, NULL,
NULL, NULL, &AuthHtRecord);
if (VMSnok (status))
{
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminDatabase;
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
/**************/
/* successful */
/**************/
if (AddUser)
FaoToStdout (
"%HTTPD-I-AUTHTA, !20%D, add record\n\
-AUTHTA-I-BY, \"!AZ\" in \"!AZ\" at !AZ\n\
-AUTHTA-I-RECORD, \"!AZ\" to \"!AZ\"\n",
0, rqptr->RemoteUser, rqptr->rqAuth.RealmDescrPtr,
ClientHostString(rqptr), UserName, DatabaseName);
else
FaoToStdout (
"%HTTPD-I-AUTHTA, !20%D, modify record\n\
-AUTHTA-I-BY, \"!AZ\" in \"!AZ\" at !AZ\n\
-AUTHTA-I-RECORD, \"!AZ\" in \"!AZ\"\n",
0, rqptr->RemoteUser, rqptr->rqAuth.RealmDescrPtr,
ClientHostString(rqptr), UserName, DatabaseName);
/* reset relevant entries in the cache */
if (VMSnok (AuthCacheReset (rqptr, DatabaseName, UserName))) return;
rqptr->rqResponse.PreExpired = PRE_EXPIRE_ADMIN;
if (GeneratePassword[0])
ReportSuccess (rqptr,
"Record for !&;AZ in !AZ at !AZ !AZ, \
generated password "<font size=\"+1\"><tt>!AZ</tt></font>".",
UserName, DatabaseName, ServerHostPort,
AddUser ? "added" : "modified", PasswordScratch);
else
ReportSuccess (rqptr, "Record for !&;AZ in !AZ at !AZ !AZ.",
UserName, DatabaseName, ServerHostPort,
AddUser ? "added" : "modified");
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
*/
HTAdminUserDeleteForm
(
REQUEST_STRUCT *rqptr,
char *DatabaseName,
char *UserName
)
{
static char ResponseFao [] =
"<form method=\"POST\" action=\"!AZ\">\n\
<input type=\"hidden\" name=\"do\" value=\"userdelete\">\n\
<input type=\"hidden\" name=\"unm\" value=\"!&;AZ\">\n\
<p><table class=\"ctgry\">\n\
<tr><td>\n\
<b>User:</b> !AZ <b>in</b> !AZ \
<input type=\"submit\" value=\" Delete !! \">\n\
<br>\n\
<table class=\"rghtlft\">\n\
<tr><th>Full Name:</th><td>!&;AZ</td></tr>\n\
<tr><th>Contact:</th>\
<td style=\"white-space:pre;\">!&;AZ!&;AZ</td></tr>\n\
</table>\n\
</td></tr>\n\
</table>\n\
</form>\n\
\
</div>\n\
</body>\n\
</html>\n";
int status;
unsigned long *vecptr;
unsigned long FaoVector [32];
AUTH_HTAREC AuthHtRecord;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminUserDeleteForm()");
tkptr = rqptr->HTAdminTaskPtr;
if (!DatabaseName[0] || !UserName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminInsufficient, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* look for the record, close the database file immediately */
status = AuthHtDatabaseAccess (rqptr, false, DatabaseName,
UserName, &AuthHtRecord, NULL, NULL);
if (status == RMS$_EOF)
{
rqptr->rqResponse.HttpStatus = 404;
ErrorGeneral (rqptr, ErrorHTAdminUserNotFound, FI_LI);
HTAdminEnd (rqptr);
return;
}
if (VMSnok (status))
{
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminDatabase;
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
/**************/
/* begin page */
/**************/
HTAdminPageTitle (rqptr, tkptr->AdminDescriptionPtr);
vecptr = FaoVector;
*vecptr++ = rqptr->rqHeader.PathInfoPtr;
*vecptr++ = AuthHtRecord.UserName;
*vecptr++ = AuthHtRecord.UserName;
*vecptr++ = DatabaseName;
*vecptr++ = AuthHtRecord.FullName;
if (AuthHtRecord.Contact[0] || AuthHtRecord.Email[0])
{
*vecptr++ = AuthHtRecord.Contact;
*vecptr++ = AuthHtRecord.Email;
}
else
{
*vecptr++ = "(none)";
*vecptr++ = "";
}
status = FaolToNet (rqptr, ResponseFao, &FaoVector);
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
*/
HTAdminUserDelete
(
REQUEST_STRUCT *rqptr,
char *DatabaseName,
char *UserName
)
{
int status;
AUTH_HTAREC AuthHtRecord;
AUTH_CREC AuthCacheRecord;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminUserDelete()");
if (!DatabaseName[0] || !UserName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminInsufficient, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* look for the record, leave the database file open if found */
status = AuthHtDatabaseAccess (rqptr, true, DatabaseName,
UserName, &AuthHtRecord, NULL, NULL);
if (status == RMS$_EOF)
{
/* ensure the database is closed */
AuthHtDatabaseAccess (NULL, false, NULL, NULL, NULL, NULL, NULL);
rqptr->rqResponse.HttpStatus = 404;
ErrorGeneral (rqptr, ErrorHTAdminUserNotFound, FI_LI);
HTAdminEnd (rqptr);
return;
}
if (VMSnok (status))
{
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminDatabase;
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
memset (&AuthHtRecord, 0, sizeof(AUTH_HTAREC));
/* update the now zeroed record */
status = AuthHtDatabaseAccess (NULL, false, NULL, NULL,
NULL, NULL, &AuthHtRecord);
if (VMSnok (status))
{
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminDatabase;
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
/**************/
/* successful */
/**************/
FaoToStdout (
"%HTTPD-I-AUTHTA, !20%D, delete record\n\
-AUTHTA-I-BY, \"!AZ\" in \"!AZ\" at !AZ\n\
-AUTHTA-I-RECORD, \"!AZ\" from \"!AZ\"\n",
0, rqptr->RemoteUser, rqptr->rqAuth.RealmDescrPtr,
ClientHostString(rqptr), UserName, DatabaseName);
/* reset relevant entries in the cache */
if (VMSnok (AuthCacheReset (rqptr, DatabaseName, UserName)))
return;
rqptr->rqResponse.PreExpired = PRE_EXPIRE_ADMIN;
ReportSuccess (rqptr,
"<font color=\"#ff0000\">Deleted</font> record for !&;AZ in !AZ at !AZ.",
UserName, DatabaseName, ServerHostPort);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
Reset an entry in the authentication cache. The cache is searched for all
entries for the username and realm with the failure count and password reset
forcing it to be revalidated the next time it is accessed.
*/
HTAdminCachePurge (REQUEST_STRUCT *rqptr)
{
int status;
char *cptr;
AUTH_CREC AuthCacheRecord;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminCachePurge()");
/* purge the entire cache */
if (VMSnok (status = AuthCachePurge (false)))
{
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminPurgeCache;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* report this to the log */
FaoToStdout (
"%HTTPD-I-AUTHCACHE, !20%D, purge\n\
-AUTHCACHE-I-BY, \"!AZ\" in \"!AZ\" at !AZ\n",
0, rqptr->RemoteUser, rqptr->rqAuth.RealmDescrPtr,
ClientHostString(rqptr));
rqptr->rqResponse.PreExpired = PRE_EXPIRE_ADMIN;
ReportSuccess (rqptr, "Purge of !AZ authorization cache.", ServerHostPort);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
Set string text according to capability bits in on-disk HTA database. These
may be different to the bits in the authorization capability vector, reported
by AuthCanString().
*/
char* HTAdminCanString
(
REQUEST_STRUCT *rqptr,
unsigned long CanFlags,
BOOL Brief
)
{
static $DESCRIPTOR (CanBriefFaoDsc, "!AZ\0");
static $DESCRIPTOR (CanFullFaoDsc, "!AZ!AZ!AZ!AZ!AZ!AZ!AZ!AZ!AZ\0");
static char Buffer [128];
static $DESCRIPTOR (BufferDsc, Buffer);
int status;
unsigned long *vecptr;
unsigned long FaoVector [32];
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN, "HTAdminCanString()");
vecptr = FaoVector;
if ((CanFlags & AUTH_FLAG_CONNECT ||
CanFlags & AUTH_FLAG_DELETE ||
CanFlags & AUTH_FLAG_POST ||
CanFlags & AUTH_FLAG_PUT) &&
CanFlags & AUTH_FLAG_GET)
*vecptr++ = "read <b>+ write</b>";
else
if ((CanFlags & AUTH_FLAG_CONNECT ||
CanFlags & AUTH_FLAG_DELETE ||
CanFlags & AUTH_FLAG_POST ||
CanFlags & AUTH_FLAG_PUT))
*vecptr++ = "write-only";
else
if (CanFlags & AUTH_FLAG_GET)
*vecptr++ = "read-only";
else
*vecptr++ = "<i>none!</i>";
if (Brief)
status = sys$faol (&CanBriefFaoDsc, 0, &BufferDsc, &FaoVector);
else
{
if (CanFlags & AUTH_FLAG_CONNECT ||
CanFlags & AUTH_FLAG_DELETE ||
CanFlags & AUTH_FLAG_GET ||
CanFlags & AUTH_FLAG_HEAD ||
CanFlags & AUTH_FLAG_POST ||
CanFlags & AUTH_FLAG_PUT)
*vecptr++ = " (<span style=\"font-size:90%;\"> ";
else
*vecptr++ = "";
if (CanFlags & AUTH_FLAG_CONNECT)
*vecptr++ = " CONNECT";
else
*vecptr++ = "";
if (CanFlags & AUTH_FLAG_DELETE)
*vecptr++ = " DELETE";
else
*vecptr++ = "";
if (CanFlags & AUTH_FLAG_GET)
*vecptr++ = " GET";
else
*vecptr++ = "";
if (CanFlags & AUTH_FLAG_HEAD)
*vecptr++ = " HEAD";
else
*vecptr++ = "";
if (CanFlags & AUTH_FLAG_POST)
*vecptr++ = " POST";
else
*vecptr++ = "";
if (CanFlags & AUTH_FLAG_PUT)
*vecptr++ = " PUT";
else
*vecptr++ = "";
if (CanFlags & AUTH_FLAG_CONNECT ||
CanFlags & AUTH_FLAG_DELETE ||
CanFlags & AUTH_FLAG_GET ||
CanFlags & AUTH_FLAG_HEAD ||
CanFlags & AUTH_FLAG_POST ||
CanFlags & AUTH_FLAG_PUT)
*vecptr++ = " </span>)";
else
*vecptr++ = "";
status = sys$faol (&CanFullFaoDsc, 0, &BufferDsc, &FaoVector);
}
if (VMSnok (status) || status == SS$_BUFFEROVF)
{
rqptr->rqResponse.ErrorTextPtr = "sys$faol()";
ErrorVmsStatus (rqptr, status, FI_LI);
return (NULL);
}
return (Buffer);
}
/*****************************************************************************/
/*
*/
HTAdminDatabaseCreateForm
(
REQUEST_STRUCT *rqptr,
char *DatabaseName
)
{
static char ResponseFao [] =
"<form method=\"POST\" action=\"!AZ\">\n\
<input type=\"hidden\" name=\"do\" value=\"htacreate\">\n\
<p><table class=\"ctgry\">\n\
<tr><td>\n\
<b>Database:</b> !AZ \
<input type=\"submit\" value=\" Create \">\n\
</td></tr>\n\
</table>\n\
</form>\n\
\
</div>\n\
</body>\n\
</html>\n";
int status;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminDatabaseCreateForm()");
tkptr = rqptr->HTAdminTaskPtr;
if (!DatabaseName)
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminInsufficient, FI_LI);
HTAdminEnd (rqptr);
return;
}
HTAdminPageTitle (rqptr, tkptr->AdminDescriptionPtr, ResponseFao,
rqptr->rqHeader.PathInfoPtr,
DatabaseName);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
*/
HTAdminDatabaseCreate
(
REQUEST_STRUCT *rqptr,
char *DatabaseName,
char *UserName
)
{
int status,
FileNameLength;
char *cptr, *sptr, *zptr;
AUTH_HTAREC AuthHtRecord;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminDatabaseCreate() !&Z", DatabaseName);
tkptr = rqptr->HTAdminTaskPtr;
if (!DatabaseName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminInsufficient, FI_LI);
HTAdminEnd (rqptr);
return;
}
zptr = (sptr = tkptr->AuthFileName) + sizeof(tkptr->AuthFileName)-1;
for (cptr = rqptr->ParseOds.NamDevicePtr;
cptr < rqptr->ParseOds.NamNamePtr && sptr < zptr;
*sptr++ = *cptr++);
for (cptr = DatabaseName; *cptr && sptr < zptr; *sptr++ = *cptr++);
for (cptr = HTA_FILE_TYPE; *cptr && sptr < zptr; *sptr++ = *cptr++);
*sptr = '\0';
FileNameLength = sptr - tkptr->AuthFileName;
/* use SYSPRV to allow parse/search */
sys$setprv (1, &SysPrvMask, 0, 0);
OdsParse (&tkptr->FileOds,
tkptr->AuthFileName, FileNameLength, NULL, 0,
0, NULL, rqptr);
if (VMSok (status = tkptr->FileOds.Fab.fab$l_sts))
{
OdsSearch (&tkptr->FileOds, NULL, rqptr);
status = tkptr->FileOds.Fab.fab$l_sts;
}
sys$setprv (0, &SysPrvMask, 0, 0);
if (VMSnok (status) && status != RMS$_FNF)
{
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminDatabase;
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
else
if (VMSok (status))
{
/* ensure parse internal data structures are released */
OdsParseRelease (&tkptr->FileOds);
rqptr->rqResponse.HttpStatus = 409;
ErrorGeneral (rqptr, ErrorHTAdminDatabaseExists, FI_LI);
HTAdminEnd (rqptr);
return;
}
/* OK, now carefully adjust some of the data in the RMS structures */
tkptr->FileOds.Fab.fab$l_fop = FAB$M_SQO;
tkptr->FileOds.Fab.fab$w_mrs = sizeof(AUTH_HTAREC);
tkptr->FileOds.Fab.fab$b_rfm = FAB$C_FIX;
tkptr->FileOds.Fab.fab$l_xab = &tkptr->FileOds.XabPro;
tkptr->FileOds.XabPro = cc$rms_xabpro;
/* ownded by SYSTEM ([1,4]) */
tkptr->FileOds.XabPro.xab$w_grp = 1;
tkptr->FileOds.XabPro.xab$w_mbm = 4;
tkptr->FileOds.XabPro.xab$l_nxt = 0;
/* w:,g:,o:rwed,s:rwed */
tkptr->FileOds.XabPro.xab$w_pro = 0xff00;
/* use SYSPRV to ensure creation of database file */
sys$setprv (1, &SysPrvMask, 0, 0);
status = sys$create (&tkptr->FileOds.Fab, 0, 0);
sys$setprv (0, &SysPrvMask, 0, 0);
/* sys$create() status */
if (VMSnok (status))
{
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminDatabase;
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, tkptr->FileOds.Fab.fab$l_stv, FI_LI);
HTAdminEnd (rqptr);
return;
}
OdsClose (&tkptr->FileOds, NULL, 0);
if (VMSnok (status = tkptr->FileOds.Fab.fab$l_sts))
{
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminDatabase;
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
/**************/
/* successful */
/**************/
FaoToStdout (
"%HTTPD-I-AUTHTA, !20%D, create database\n\
-AUTHTA-I-BY, \"!AZ\" in \"!AZ\" at !AZ\n\
-AUTHTA-I-DATABASE, \"!AZ\"\n",
0, rqptr->RemoteUser, rqptr->rqAuth.RealmDescrPtr,
ClientHostString(rqptr), DatabaseName);
rqptr->rqResponse.PreExpired = PRE_EXPIRE_ADMIN;
ReportSuccess (rqptr, "Created !AZdatabase !AZ at !AZ",
tkptr->FileOds.Nam_fnb & NAM$M_LOWVER ?
"<font color=\"#ff0000\">new version</font> of " : "",
DatabaseName, ServerHostPort);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
*/
HTAdminDatabaseDeleteForm
(
REQUEST_STRUCT *rqptr,
char *DatabaseName
)
{
static char ResponseFao [] =
"<form method=\"POST\" action=\"!AZ!AZ\">\n\
<input type=\"hidden\" name=\"do\" value=\"!AZ\">\n\
<p><table class=\"ctgry\">\n\
<tr><td>\n\
<b>!AZ:</b> !AZ \
<input type=\"submit\" value=\" Delete !! \">\n\
</td></tr>\n\
</table>\n\
</form>\n\
\
</div>\n\
</body>\n\
</html>\n";
int status;
unsigned long *vecptr;
unsigned long FaoVector [32];
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminDatabaseDeleteForm()");
tkptr = rqptr->HTAdminTaskPtr;
if (!DatabaseName)
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminInsufficient, FI_LI);
HTAdminEnd (rqptr);
return;
}
HTAdminPageTitle (rqptr, tkptr->AdminDescriptionPtr);
vecptr = FaoVector;
*vecptr++ = rqptr->rqHeader.PathInfoPtr;
if (tkptr->HtListAdmin)
{
/* use a version to induce the PUT module to delete the file */
*vecptr++ = ";*";
*vecptr++ = "htldelete";
*vecptr++ = "List";
}
else
{
/* the HTADMIN module will delete this for us */
*vecptr++ = "";
*vecptr++ = "htadelete";
*vecptr++ = "Database";
}
*vecptr++ = DatabaseName;
status = FaolToNet (rqptr, ResponseFao, &FaoVector);
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
*/
HTAdminDatabaseDelete
(
REQUEST_STRUCT *rqptr,
char *DatabaseName,
char *UserName
)
{
int status,
FileNameLength,
EraseCount;
char *cptr, *sptr, *zptr;
HTADMIN_TASK *tkptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminDatabaseDelete() !&Z", DatabaseName);
tkptr = rqptr->HTAdminTaskPtr;
if (!DatabaseName[0])
{
rqptr->rqResponse.HttpStatus = 400;
ErrorGeneral (rqptr, ErrorHTAdminInsufficient, FI_LI);
HTAdminEnd (rqptr);
return;
}
zptr = (sptr = tkptr->AuthFileName) + sizeof(tkptr->AuthFileName)-1;
for (cptr = rqptr->ParseOds.NamDevicePtr;
cptr < rqptr->ParseOds.NamNamePtr && sptr < zptr;
*sptr++ = *cptr++);
for (cptr = DatabaseName; *cptr && sptr < zptr; *sptr++ = *cptr++);
for (cptr = HTA_FILE_TYPE; *cptr && sptr < zptr; *sptr++ = *cptr++);
*sptr = '\0';
FileNameLength = sptr - tkptr->AuthFileName;
OdsParse (&tkptr->FileOds,
tkptr->AuthFileName, FileNameLength, NULL, 0,
0, NULL, rqptr);
if (VMSok (status = tkptr->FileOds.Fab.fab$l_sts))
{
tkptr->FileOds.NamVersionPtr[0] = '\0';
/* turn on SYSPRV to allow deletion of database file */
sys$setprv (1, &SysPrvMask, 0, 0);
EraseCount = 0;
while (VMSok (status = sys$erase (&tkptr->FileOds.Fab, 0, 0)))
EraseCount++;
if (status == RMS$_FNF && EraseCount) status = SS$_NORMAL;
sys$setprv (0, &SysPrvMask, 0, 0);
}
/* ensure parse internal data structures are released */
OdsParseRelease (&tkptr->FileOds);
if (VMSnok (status))
{
if (tkptr->HtListAdmin)
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminList;
else
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminDatabase;
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return;
}
/**************/
/* successful */
/**************/
FaoToStdout (
"%HTTPD-I-AUTHTA, !20%D, delete database\n\
-AUTHTA-I-BY, \"!AZ\" in \"!AZ\" at !AZ\n\
-AUTHTA-I-DATABASE, \"!AZ\"\n",
0, rqptr->RemoteUser, rqptr->rqAuth.RealmDescrPtr,
ClientHostString(rqptr), DatabaseName);
/* reset relevant entries in the cache */
if (VMSnok (AuthCacheReset (rqptr, DatabaseName, ""))) return;
rqptr->rqResponse.PreExpired = PRE_EXPIRE_ADMIN;
ReportSuccess (rqptr,
"<font color=\"#ff0000\">Deleted</font> !AZ !AZ at !AZ.",
tkptr->HtListAdmin ? "list" : "database",
DatabaseName, ServerHostPort);
SysDclAst (&HTAdminEnd, rqptr);
}
/*****************************************************************************/
/*
*/
HTAdminOpenDatabaseForRead
(
REQUEST_STRUCT *rqptr,
char *DatabaseName
)
{
int status,
FileNameLength;
char *cptr, *sptr, *zptr;
HTADMIN_TASK *tkptr;
$DESCRIPTOR (AuthFileNameDsc, "");
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_HTADMIN))
WatchThis (WATCHITM(rqptr), WATCH_MOD_HTADMIN,
"HTAdminOpenDatabaseForRead() !&Z", DatabaseName);
tkptr = rqptr->HTAdminTaskPtr;
zptr = (sptr = tkptr->AuthFileName) + sizeof(tkptr->AuthFileName)-1;
for (cptr = rqptr->ParseOds.NamDevicePtr;
cptr < rqptr->ParseOds.NamNamePtr && sptr < zptr;
*sptr++ = *cptr++);
for (cptr = DatabaseName; *cptr && sptr < zptr; *sptr++ = *cptr++);
for (cptr = HTA_FILE_TYPE; *cptr && sptr < zptr; *sptr++ = *cptr++);
*sptr = '\0';
FileNameLength = sptr - tkptr->AuthFileName;
/* turn on SYSPRV to allow access to authentication Database file */
sys$setprv (1, &SysPrvMask, 0, 0);
OdsOpen (&tkptr->FileOds, tkptr->AuthFileName, FileNameLength, NULL, 0, 0,
FAB$M_GET, FAB$M_SHRGET | FAB$M_SHRPUT | FAB$M_SHRUPD,
NULL, rqptr);
sys$setprv (0, &SysPrvMask, 0, 0);
if (VMSnok (status = tkptr->FileOds.Fab.fab$l_sts))
{
rqptr->rqResponse.ErrorTextPtr = ErrorHTAdminDatabase;
rqptr->rqResponse.ErrorOtherTextPtr = DatabaseName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return (status);
}
tkptr->FileOds.Rab = cc$rms_rab;
tkptr->FileOds.Rab.rab$l_ctx = rqptr;
tkptr->FileOds.Rab.rab$l_fab = &tkptr->FileOds.Fab;
/* 2 buffers of sixty-four blocks (records) each */
tkptr->FileOds.Rab.rab$b_mbc = 64;
tkptr->FileOds.Rab.rab$b_mbf = 2;
/* read ahead performance option */
tkptr->FileOds.Rab.rab$l_rop = RAB$M_RAH;
tkptr->FileOds.Rab.rab$l_ubf = &tkptr->AuthHtRecord;
tkptr->FileOds.Rab.rab$w_usz = sizeof(AUTH_HTAREC);
if (VMSnok (status = sys$connect (&tkptr->FileOds.Rab, 0, 0)))
{
rqptr->rqResponse.ErrorTextPtr = MapVmsPath (tkptr->AuthFileName, rqptr);
rqptr->rqResponse.ErrorOtherTextPtr = tkptr->AuthFileName;
ErrorVmsStatus (rqptr, status, FI_LI);
HTAdminEnd (rqptr);
return (status);
}
return (status);
}
/*****************************************************************************/
/*
Provide HT administration page titles. Will accept a small number of variable
arguments to provide text following the titles themselves.
*/
int HTAdminPageTitle
(
REQUEST_STRUCT *rqptr,
char *Title,
...
)
{
static char PageTitleFao [] =
"!AZ\
<html>\n\
<head>\n\
!AZ\
!AZ\
!&@\
<title>WASD !AZ ... !AZ</title>\n\
</head>\n\
!AZ\n\
<div class=\"wasd\">\n\
<h2>WASD !AZ</h2>\n\
<h3>!AZ</h3>\n\
!&@";
int argcnt, status;
unsigned long *vecptr;
unsigned long FaoVector [32+16];
va_list argptr;
/*********/
/* begin */
/*********/
va_count (argcnt);
if (WATCHMOD (rqptr, WATCH_MOD__OTHER))
WatchThis (WATCHITM(rqptr), WATCH_MOD__OTHER,
"HTAdminPageTitle() !UL !&Z", argcnt, Title);
if (argcnt > 32+4)
{
ErrorNoticed (rqptr, SS$_OVRMAXARG, NULL, FI_LI);
return (SS$_OVRMAXARG);
}
vecptr = FaoVector;
*vecptr++ = WASD_DOCTYPE;
*vecptr++ = HtmlMetaInfo (rqptr, NULL);
*vecptr++ = AdminWasdCss ();
if (rqptr->rqPathSet.StyleSheetPtr)
{
*vecptr++ = "<link rel=\"stylesheet\" type=\"text/css\" href=\"!AZ\">\n";
*vecptr++ = rqptr->rqPathSet.StyleSheetPtr;
}
else
*vecptr++ = "";
*vecptr++ = ServerHostPort;
*vecptr++ = Title;
*vecptr++ = ADMIN_BODY_TAG;
*vecptr++ = ServerHostPort;
*vecptr++ = Title;
if (argcnt > 2)
{
va_start (argptr, Title);
for (argcnt -= 2; argcnt; argcnt--)
*vecptr++ = va_arg (argptr, unsigned long);
va_end (argptr);
}
else
*vecptr++ = "";
rqptr->rqResponse.PreExpired = PRE_EXPIRE_ADMIN;
ResponseHeader200 (rqptr, "text/html", NULL);
status = FaolToNet (rqptr, PageTitleFao, &FaoVector);
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
return (status);
}
/****************************************************************************/