[0001]
[0002]
[0003]
[0004]
[0005]
[0006]
[0007]
[0008]
[0009]
[0010]
[0011]
[0012]
[0013]
[0014]
[0015]
[0016]
[0017]
[0018]
[0019]
[0020]
[0021]
[0022]
[0023]
[0024]
[0025]
[0026]
[0027]
[0028]
[0029]
[0030]
[0031]
[0032]
[0033]
[0034]
[0035]
[0036]
[0037]
[0038]
[0039]
[0040]
[0041]
[0042]
[0043]
[0044]
[0045]
[0046]
[0047]
[0048]
[0049]
[0050]
[0051]
[0052]
[0053]
[0054]
[0055]
[0056]
[0057]
[0058]
[0059]
[0060]
[0061]
[0062]
[0063]
[0064]
[0065]
[0066]
[0067]
[0068]
[0069]
[0070]
[0071]
[0072]
[0073]
[0074]
[0075]
[0076]
[0077]
[0078]
[0079]
[0080]
[0081]
[0082]
[0083]
[0084]
[0085]
[0086]
[0087]
[0088]
[0089]
[0090]
[0091]
[0092]
[0093]
[0094]
[0095]
[0096]
[0097]
[0098]
[0099]
[0100]
[0101]
[0102]
[0103]
[0104]
[0105]
[0106]
[0107]
[0108]
[0109]
[0110]
[0111]
[0112]
[0113]
[0114]
[0115]
[0116]
[0117]
[0118]
[0119]
[0120]
[0121]
[0122]
[0123]
[0124]
[0125]
[0126]
[0127]
[0128]
[0129]
[0130]
[0131]
[0132]
[0133]
[0134]
[0135]
[0136]
[0137]
[0138]
[0139]
[0140]
[0141]
[0142]
[0143]
[0144]
[0145]
[0146]
[0147]
[0148]
[0149]
[0150]
[0151]
[0152]
[0153]
[0154]
[0155]
[0156]
[0157]
[0158]
[0159]
[0160]
[0161]
[0162]
[0163]
[0164]
[0165]
[0166]
[0167]
[0168]
[0169]
[0170]
[0171]
[0172]
[0173]
[0174]
[0175]
[0176]
[0177]
[0178]
[0179]
[0180]
[0181]
[0182]
[0183]
[0184]
[0185]
[0186]
[0187]
[0188]
[0189]
[0190]
[0191]
[0192]
[0193]
[0194]
[0195]
[0196]
[0197]
[0198]
[0199]
[0200]
[0201]
[0202]
[0203]
[0204]
[0205]
[0206]
[0207]
[0208]
[0209]
[0210]
[0211]
[0212]
[0213]
[0214]
[0215]
[0216]
[0217]
[0218]
[0219]
[0220]
[0221]
[0222]
[0223]
[0224]
[0225]
[0226]
[0227]
[0228]
[0229]
[0230]
[0231]
[0232]
[0233]
[0234]
[0235]
[0236]
[0237]
[0238]
[0239]
[0240]
[0241]
[0242]
[0243]
[0244]
[0245]
[0246]
[0247]
[0248]
[0249]
[0250]
[0251]
[0252]
[0253]
[0254]
[0255]
[0256]
[0257]
[0258]
[0259]
[0260]
[0261]
[0262]
[0263]
[0264]
[0265]
[0266]
[0267]
[0268]
[0269]
[0270]
[0271]
[0272]
[0273]
[0274]
[0275]
[0276]
[0277]
[0278]
[0279]
[0280]
[0281]
[0282]
[0283]
[0284]
[0285]
[0286]
[0287]
[0288]
[0289]
[0290]
[0291]
[0292]
[0293]
[0294]
[0295]
[0296]
[0297]
[0298]
[0299]
[0300]
[0301]
[0302]
[0303]
[0304]
[0305]
[0306]
[0307]
[0308]
[0309]
[0310]
[0311]
[0312]
[0313]
[0314]
[0315]
[0316]
[0317]
[0318]
[0319]
[0320]
[0321]
[0322]
[0323]
[0324]
[0325]
[0326]
[0327]
[0328]
[0329]
[0330]
[0331]
[0332]
[0333]
[0334]
[0335]
[0336]
[0337]
[0338]
[0339]
[0340]
[0341]
[0342]
[0343]
[0344]
[0345]
[0346]
[0347]
[0348]
[0349]
[0350]
[0351]
[0352]
[0353]
[0354]
[0355]
[0356]
[0357]
[0358]
[0359]
[0360]
[0361]
[0362]
[0363]
[0364]
[0365]
[0366]
[0367]
[0368]
[0369]
[0370]
[0371]
[0372]
[0373]
[0374]
[0375]
[0376]
[0377]
[0378]
[0379]
[0380]
[0381]
[0382]
[0383]
[0384]
/*****************************************************************************/
/*
MapUser.c
Gets the username's home file specification for use in /~ mappings.
VERSION HISTORY
---------------
07-OCT-2004 MGD unbundled from MAPURL.C
*/
/*****************************************************************************/
#ifdef WASD_VMS_V7
#undef _VMS__V6__SOURCE
#define _VMS__V6__SOURCE
#undef __VMS_VER
#undef __VMS_VER
#undef __CRTL_VER
#define __CRTL_VER 70000000
#endif
/* standard C header files */
#include <ctype.h>
#include <errno.h>
#include <stdio.h>
#include <string.h>
/* VMS related header files */
#include <devdef.h>
#include <dvidef.h>
#include <prvdef.h>
#include <ssdef.h>
#include <stsdef.h>
#include <uaidef.h>
#include "wasd.h"
#define WASD_MODULE "MAPUSER"
/******************/
/* global storage */
/******************/
#define MAPURL_DEFAULT_USER_CACHE_SIZE 32
LIST_HEAD MapUrlUserNameCacheList;
int MapUrlUserNameCacheCount,
MapUrlUserNameCacheEntries;
/********************/
/* external storage */
/********************/
extern BOOL AuthPolicySysUafRelaxed,
OdsExtended;
extern unsigned long SysPrvMask[];
extern int ToLowerCase[],
ToUpperCase[];
extern CONFIG_STRUCT Config;
extern WATCH_STRUCT Watch;
/*****************************************************************************/
/*
Get the path representing the username default device/directory. This can be
retrieved from a cache, or retrieved from directly from the SYSUAF and the
cache subsequently updated. The 'MAPURL_USER_RULE_FORBIDDEN_MSG' used to
return a user-access-denied to the calling routine, is designed to mask the
actual reason for denial. This is done to help prevent the leakage of user
account information by being able to differentiate between accounts that exist
and those that don't, by looking at the message. RequestExecute() checks for
this message and converts it into a "directory not found" message, the same as
that generated if a user does not have a [.WWW] subdirectory in the home area.
*/
char* MapUserName
(
REQUEST_STRUCT* rqptr,
char *UserNamePtr,
int *PathOdsPtr
)
{
/* UAI flags that disallow SYSUAF-controlled account access */
static unsigned long DisallowVmsFlags =
UAI$M_DISACNT | UAI$M_PWD_EXPIRED | UAI$M_PWD2_EXPIRED |
UAI$M_CAPTIVE | UAI$M_RESTRICTED;
static unsigned long Context = -1;
static unsigned long UaiFlags;
static unsigned long UaiPriv [2];
static char UaiDefDev [MAPURL_USER_DEFDEV_SIZE+1],
UaiDefDir [MAPURL_USER_DEFDIR_SIZE+1],
UserName [MAPURL_USER_NAME_SIZE+1],
UserPath [MAPURL_USER_PATH_SIZE+1];
static $DESCRIPTOR (UserNameDsc, UserName);
static struct {
short BufferLength;
short ItemCode;
void *BufferPtr;
void *LengthPtr;
} UaiItems [] =
{
{ sizeof(UaiFlags), UAI$_FLAGS, &UaiFlags, 0 },
{ sizeof(UaiPriv), UAI$_PRIV, &UaiPriv, 0 },
{ sizeof(UaiDefDev), UAI$_DEFDEV, &UaiDefDev, 0 },
{ sizeof(UaiDefDir), UAI$_DEFDIR, &UaiDefDir, 0 },
{ 0,0,0,0 }
};
int status,
PathOds;
char *cptr, *sptr, *zptr;
char UserDefault [MAPURL_USER_DEFDEV_SIZE+MAPURL_USER_DEFDIR_SIZE+1];
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_MAPURL))
WatchThis (WATCHITM(rqptr), WATCH_MOD_MAPURL,
"MapUserName() !&Z", UserNamePtr);
zptr = (sptr = UserName) + sizeof(UserName);
for (cptr = UserNamePtr;
*cptr && *cptr != '/' && sptr < zptr;
*sptr++ = TOUP(*cptr++));
if (sptr >= zptr) return (MAPURL_USER_RULE_FORBIDDEN_MSG);
*sptr = '\0';
UserNameDsc.dsc$w_length = sptr - UserName;
/* look for it, and if found, return it from the cache */
if ((cptr = MapUserNameCache (rqptr, UserName, NULL, PathOdsPtr)))
return (cptr);
/***************************************/
/* get the information from the SYSUAF */
/***************************************/
/* turn on SYSPRV to allow access to SYSUAF records */
sys$setprv (1, &SysPrvMask, 0, 0);
status = sys$getuai (0, &Context, &UserNameDsc, &UaiItems, 0, 0, 0);
sys$setprv (0, &SysPrvMask, 0, 0);
if (VMSnok (status))
{
if (status == RMS$_RNF)
{
if (WATCHPNT(rqptr) &&
WATCH_CATEGORY(WATCH_MAPPING))
WatchThis (WATCHITM(rqptr), WATCH_MAPPING,
"USER fail !AZ unknown", UserName);
return (MAPURL_USER_RULE_FORBIDDEN_MSG);
}
if (WATCHPNT(rqptr) &&
WATCH_CATEGORY(WATCH_MAPPING))
WatchThis (WATCHITM(rqptr), WATCH_MAPPING,
"USER sys$getuai() !&S", status);
return (MAPURL_USER_RULE_FORBIDDEN_MSG);
}
/* automatically disallow if any of these flags are set! */
if (UaiFlags & DisallowVmsFlags)
{
if (WATCHPNT(rqptr) &&
WATCH_CATEGORY(WATCH_MAPPING))
WatchThis (WATCHITM(rqptr), WATCH_MAPPING,
"USER !AZ fail SYSUAF flags", UserName);
return (MAPURL_USER_RULE_FORBIDDEN_MSG);
}
if (!AuthPolicySysUafRelaxed && (UaiPriv[0] & PRV$M_SYSPRV))
{
/* not allowing all accounts, exclude those with extended privileges */
if (WATCHPNT(rqptr) &&
WATCH_CATEGORY(WATCH_MAPPING))
WatchThis (WATCHITM(rqptr), WATCH_MAPPING,
"USER !AZ fail SYSUAF privileges", UserName);
return (MAPURL_USER_RULE_FORBIDDEN_MSG);
}
zptr = (sptr = UserDefault) + sizeof(UserDefault);
for (cptr = UaiDefDev+1; UaiDefDev[0] && sptr < zptr; UaiDefDev[0]--)
*sptr++ = *cptr++;
for (cptr = UaiDefDir+1; UaiDefDir[0] && sptr < zptr; UaiDefDir[0]--)
*sptr++ = *cptr++;
if (sptr >= zptr)
return (MAPURL_USER_RULE_FORBIDDEN_MSG);
*sptr = '\0';
#ifdef ODS_EXTENDED
if (OdsExtended)
{
/* on-disk-structure of user area */
PathOds = OdsVolumeStructure (UserDefault);
if (PathOds && (PathOds != MAPURL_PATH_ODS_2 &&
PathOds != MAPURL_PATH_ODS_5))
{
if (WATCHING (rqptr, WATCH_MAPPING))
WatchThis (WATCHITM(rqptr), WATCH_MAPPING,
"USER !AZ !AZ ODS-? %X8XL %!&M",
UserName, UserDefault, PathOds, PathOds);
return (MAPURL_USER_RULE_FORBIDDEN_MSG);
}
}
else
#endif /* ODS_EXTENDED */
PathOds = 0;
/* generate a URL-style version of the VMS specification */
MapOdsVmsToUrl (UserPath, UserDefault, sizeof(UserPath), true, PathOds);
if (WATCHPNT(rqptr) &&
WATCH_CATEGORY(WATCH_MAPPING))
WatchThis (WATCHITM(rqptr), WATCH_MAPPING,
"USER !AZ !AZ !AZ ODS-!UL",
UserName, UserDefault, UserPath, PathOds);
/* trim trailing slash */
for (cptr = UserPath; *cptr && !SAME2(cptr,'/\0'); cptr++);
*cptr = '\0';
/* update it in the cache */
MapUserNameCache (rqptr, UserName, UserPath, &PathOds);
/* if required return the path's on-disk-structure */
if (PathOdsPtr) *PathOdsPtr = PathOds;
return (UserPath);
}
/*****************************************************************************/
/*
Keep a linked-list of cache entries. If 'UserName' and 'UserPath' are NULL
then the list is reset (this happen on mapping rule reload). If 'UserName' is
non-NULL and 'UserPath' is NULL the list is searched for a matching username
and the associated path string returned. If 'UserName' and 'UserPath' are
non-NULL add/update a cache entry. If the list has reached maximum size reuse
the last entry, otherwise create a new entry. Move/add the entry to the head
of the list. It's therefore a first-in/first-out queue. Cache contents remain
current until demands on space (due to new entries) cycles through the maximum
available entries. To explicitly flush the contents reload the rules.
*/
char* MapUserNameCache
(
REQUEST_STRUCT* rqptr,
char *UserName,
char *UserPath,
int *PathOdsPtr
)
{
LIST_ENTRY *leptr;
MAP_URL_USER_ENTRY *ucptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_MAPURL))
WatchThis (WATCHITM(rqptr), WATCH_MOD_MAPURL,
"MapUserNameCache() !&Z !&Z !&X",
UserName, UserPath, PathOdsPtr);
if (!UserName && !UserPath)
{
/***************/
/* reset cache */
/***************/
MapUrlUserNameCacheEntries = Config.cfMisc.MapUserNameCacheEntries;
if (!MapUrlUserNameCacheEntries)
MapUrlUserNameCacheEntries = MAPURL_DEFAULT_USER_CACHE_SIZE;
MapUrlUserNameCacheCount = 0;
/* empty the list */
leptr = MapUrlUserNameCacheList.HeadPtr;
MapUrlUserNameCacheList.HeadPtr = MapUrlUserNameCacheList.TailPtr = NULL;
MapUrlUserNameCacheList.EntryCount = 0;
while (leptr)
{
ucptr = (MAP_URL_USER_ENTRY*)leptr;
leptr = leptr->NextPtr;
VmFree (ucptr, FI_LI);
}
return (NULL);
}
if (!UserPath)
{
/****************/
/* search cache */
/****************/
/* process the cache entry list from most to least recent */
for (leptr = MapUrlUserNameCacheList.HeadPtr;
leptr;
leptr = leptr->NextPtr)
{
ucptr = (MAP_URL_USER_ENTRY*)leptr;
/* if this one has been reset there won't be any more down the list */
if (!ucptr->UserName[0]) break;
/* compare the first two characters (at least one and a null) */
if (!MATCH4(ucptr->UserName, UserName)) continue;
/* full string comparison */
if (strcmp (ucptr->UserName, UserName)) continue;
/*************/
/* cache hit */
/*************/
if ((void*)MapUrlUserNameCacheList.HeadPtr != (void*)ucptr)
{
/* move it to the head of the list */
ListRemove (&MapUrlUserNameCacheList, ucptr);
ListAddHead (&MapUrlUserNameCacheList, ucptr, LIST_ENTRY_TYPE_USER);
}
ucptr->HitCount++;
ucptr->LastTime64 = rqptr->rqTime.BeginTime64;
if (WATCHING (rqptr, WATCH_MAPPING))
WatchThis (WATCHITM(rqptr), WATCH_MAPPING,
"USER !AZ cache !AZ/ ODS-!UL !UL hits",
ucptr->UserName, ucptr->UserPath,
ucptr->PathOds, ucptr->HitCount);
if (PathOdsPtr) *PathOdsPtr = ucptr->PathOds;
return (ucptr->UserPath);
}
/* not found */
return (NULL);
}
/****************/
/* update cache */
/****************/
if (MapUrlUserNameCacheCount < MapUrlUserNameCacheEntries)
{
/* allocate memory for a new entry */
ucptr = VmGet (sizeof (MAP_URL_USER_ENTRY));
MapUrlUserNameCacheCount++;
}
else
{
/* reuse the tail entry (least recent) */
ucptr = MapUrlUserNameCacheList.TailPtr;
ucptr->ReuseCount++;
ListRemove (&MapUrlUserNameCacheList, ucptr);
}
/* add entry to the head of the user cache list (most recent) */
ListAddHead (&MapUrlUserNameCacheList, ucptr, LIST_ENTRY_TYPE_USER);
strncpy (ucptr->UserName, UserName, sizeof(ucptr->UserName));
strncpy (ucptr->UserPath, UserPath, sizeof(ucptr->UserPath));
ucptr->UserName[sizeof(ucptr->UserName)-1] =
ucptr->UserPath[sizeof(ucptr->UserPath)-1] = '\0';
ucptr->HitCount = 1;
ucptr->LastTime64 = rqptr->rqTime.BeginTime64;
#ifdef ODS_EXTENDED
if (PathOdsPtr) ucptr->PathOds = *PathOdsPtr;
#else /* ODS_EXTENDED */
if (PathOdsPtr) ucptr->PathOds = 0;
#endif /* ODS_EXTENDED */
return (UserPath);
}
/*****************************************************************************/