[0001]
[0002]
[0003]
[0004]
[0005]
[0006]
[0007]
[0008]
[0009]
[0010]
[0011]
[0012]
[0013]
[0014]
[0015]
[0016]
[0017]
[0018]
[0019]
[0020]
[0021]
[0022]
[0023]
[0024]
[0025]
[0026]
[0027]
[0028]
[0029]
[0030]
[0031]
[0032]
[0033]
[0034]
[0035]
[0036]
[0037]
[0038]
[0039]
[0040]
[0041]
[0042]
[0043]
[0044]
[0045]
[0046]
[0047]
[0048]
[0049]
[0050]
[0051]
[0052]
[0053]
[0054]
[0055]
[0056]
[0057]
[0058]
[0059]
[0060]
[0061]
[0062]
[0063]
[0064]
[0065]
[0066]
[0067]
[0068]
[0069]
[0070]
[0071]
[0072]
[0073]
[0074]
[0075]
[0076]
[0077]
[0078]
[0079]
[0080]
[0081]
[0082]
[0083]
[0084]
[0085]
[0086]
[0087]
[0088]
[0089]
[0090]
[0091]
[0092]
[0093]
[0094]
[0095]
[0096]
[0097]
[0098]
[0099]
[0100]
[0101]
[0102]
[0103]
[0104]
[0105]
[0106]
[0107]
[0108]
[0109]
[0110]
[0111]
[0112]
[0113]
[0114]
[0115]
[0116]
[0117]
[0118]
[0119]
[0120]
[0121]
[0122]
[0123]
[0124]
[0125]
[0126]
[0127]
[0128]
[0129]
[0130]
[0131]
[0132]
[0133]
[0134]
[0135]
[0136]
[0137]
[0138]
[0139]
[0140]
[0141]
[0142]
[0143]
[0144]
[0145]
[0146]
[0147]
[0148]
[0149]
[0150]
[0151]
[0152]
[0153]
[0154]
[0155]
[0156]
[0157]
[0158]
[0159]
[0160]
[0161]
[0162]
[0163]
[0164]
[0165]
[0166]
[0167]
[0168]
[0169]
[0170]
[0171]
[0172]
[0173]
[0174]
[0175]
[0176]
[0177]
[0178]
[0179]
[0180]
[0181]
[0182]
[0183]
[0184]
[0185]
[0186]
[0187]
[0188]
[0189]
[0190]
[0191]
[0192]
[0193]
[0194]
[0195]
[0196]
[0197]
[0198]
[0199]
[0200]
[0201]
[0202]
[0203]
[0204]
[0205]
[0206]
[0207]
[0208]
[0209]
[0210]
[0211]
[0212]
[0213]
[0214]
[0215]
[0216]
[0217]
[0218]
[0219]
[0220]
[0221]
[0222]
[0223]
[0224]
[0225]
[0226]
[0227]
[0228]
[0229]
[0230]
[0231]
[0232]
[0233]
[0234]
[0235]
[0236]
[0237]
[0238]
[0239]
[0240]
[0241]
[0242]
[0243]
[0244]
[0245]
[0246]
[0247]
[0248]
[0249]
[0250]
[0251]
[0252]
[0253]
[0254]
[0255]
[0256]
[0257]
[0258]
[0259]
[0260]
[0261]
[0262]
[0263]
[0264]
[0265]
[0266]
[0267]
[0268]
[0269]
[0270]
[0271]
[0272]
[0273]
[0274]
[0275]
[0276]
[0277]
[0278]
[0279]
[0280]
[0281]
[0282]
[0283]
[0284]
[0285]
[0286]
[0287]
[0288]
[0289]
[0290]
[0291]
[0292]
[0293]
[0294]
[0295]
[0296]
[0297]
[0298]
[0299]
[0300]
[0301]
[0302]
[0303]
[0304]
[0305]
[0306]
[0307]
[0308]
[0309]
[0310]
[0311]
[0312]
[0313]
[0314]
[0315]
[0316]
[0317]
[0318]
[0319]
[0320]
[0321]
[0322]
[0323]
[0324]
[0325]
[0326]
[0327]
[0328]
[0329]
[0330]
[0331]
[0332]
[0333]
[0334]
[0335]
[0336]
[0337]
[0338]
[0339]
[0340]
[0341]
[0342]
[0343]
[0344]
[0345]
[0346]
[0347]
[0348]
[0349]
[0350]
[0351]
[0352]
[0353]
[0354]
[0355]
[0356]
[0357]
[0358]
[0359]
[0360]
[0361]
[0362]
[0363]
[0364]
[0365]
[0366]
[0367]
[0368]
[0369]
[0370]
[0371]
[0372]
[0373]
[0374]
[0375]
[0376]
[0377]
[0378]
[0379]
[0380]
[0381]
[0382]
[0383]
[0384]
[0385]
[0386]
[0387]
[0388]
[0389]
[0390]
[0391]
[0392]
[0393]
[0394]
[0395]
[0396]
[0397]
[0398]
[0399]
[0400]
[0401]
[0402]
[0403]
[0404]
[0405]
[0406]
[0407]
[0408]
[0409]
[0410]
[0411]
[0412]
[0413]
[0414]
[0415]
[0416]
[0417]
[0418]
[0419]
[0420]
[0421]
[0422]
[0423]
[0424]
[0425]
[0426]
[0427]
[0428]
[0429]
[0430]
[0431]
[0432]
[0433]
[0434]
[0435]
[0436]
[0437]
[0438]
[0439]
[0440]
[0441]
[0442]
[0443]
[0444]
[0445]
[0446]
[0447]
[0448]
[0449]
[0450]
[0451]
[0452]
[0453]
[0454]
[0455]
[0456]
[0457]
[0458]
[0459]
[0460]
[0461]
[0462]
[0463]
[0464]
[0465]
[0466]
[0467]
[0468]
[0469]
[0470]
[0471]
[0472]
[0473]
[0474]
[0475]
[0476]
[0477]
[0478]
[0479]
[0480]
[0481]
[0482]
[0483]
[0484]
[0485]
[0486]
[0487]
[0488]
[0489]
[0490]
[0491]
[0492]
[0493]
[0494]
[0495]
[0496]
[0497]
[0498]
[0499]
[0500]
[0501]
[0502]
[0503]
[0504]
[0505]
[0506]
[0507]
[0508]
[0509]
[0510]
[0511]
[0512]
[0513]
[0514]
[0515]
[0516]
[0517]
[0518]
[0519]
[0520]
[0521]
[0522]
[0523]
[0524]
[0525]
[0526]
[0527]
[0528]
[0529]
[0530]
[0531]
[0532]
[0533]
[0534]
[0535]
[0536]
[0537]
[0538]
[0539]
[0540]
[0541]
[0542]
[0543]
[0544]
[0545]
[0546]
[0547]
[0548]
[0549]
[0550]
[0551]
[0552]
[0553]
[0554]
[0555]
[0556]
[0557]
[0558]
[0559]
[0560]
[0561]
[0562]
[0563]
[0564]
[0565]
[0566]
[0567]
[0568]
[0569]
[0570]
[0571]
[0572]
[0573]
[0574]
[0575]
[0576]
[0577]
[0578]
[0579]
[0580]
[0581]
[0582]
[0583]
[0584]
[0585]
[0586]
[0587]
[0588]
[0589]
[0590]
[0591]
[0592]
[0593]
[0594]
[0595]
[0596]
[0597]
[0598]
[0599]
[0600]
[0601]
[0602]
[0603]
[0604]
[0605]
[0606]
[0607]
[0608]
[0609]
[0610]
[0611]
[0612]
[0613]
[0614]
[0615]
[0616]
[0617]
[0618]
[0619]
[0620]
[0621]
[0622]
[0623]
[0624]
[0625]
[0626]
[0627]
[0628]
[0629]
[0630]
[0631]
[0632]
[0633]
[0634]
[0635]
[0636]
[0637]
[0638]
[0639]
[0640]
[0641]
[0642]
[0643]
[0644]
[0645]
[0646]
[0647]
[0648]
[0649]
[0650]
[0651]
[0652]
[0653]
[0654]
[0655]
[0656]
[0657]
[0658]
[0659]
[0660]
[0661]
[0662]
[0663]
[0664]
[0665]
[0666]
[0667]
[0668]
[0669]
[0670]
[0671]
[0672]
[0673]
[0674]
[0675]
[0676]
[0677]
[0678]
[0679]
[0680]
[0681]
[0682]
[0683]
[0684]
[0685]
[0686]
[0687]
[0688]
[0689]
[0690]
[0691]
[0692]
[0693]
[0694]
[0695]
[0696]
[0697]
[0698]
[0699]
[0700]
[0701]
[0702]
[0703]
[0704]
[0705]
[0706]
[0707]
[0708]
[0709]
[0710]
[0711]
[0712]
[0713]
[0714]
[0715]
[0716]
[0717]
[0718]
[0719]
[0720]
[0721]
[0722]
[0723]
[0724]
[0725]
[0726]
[0727]
[0728]
[0729]
[0730]
[0731]
[0732]
[0733]
[0734]
[0735]
[0736]
[0737]
[0738]
[0739]
[0740]
[0741]
[0742]
[0743]
[0744]
[0745]
[0746]
[0747]
[0748]
[0749]
[0750]
[0751]
[0752]
[0753]
[0754]
[0755]
[0756]
[0757]
[0758]
[0759]
[0760]
[0761]
[0762]
[0763]
[0764]
[0765]
[0766]
[0767]
[0768]
[0769]
[0770]
[0771]
[0772]
[0773]
[0774]
[0775]
[0776]
[0777]
[0778]
[0779]
[0780]
[0781]
[0782]
[0783]
[0784]
[0785]
[0786]
[0787]
[0788]
[0789]
[0790]
[0791]
[0792]
[0793]
[0794]
[0795]
[0796]
[0797]
[0798]
[0799]
[0800]
[0801]
[0802]
[0803]
[0804]
[0805]
[0806]
[0807]
[0808]
[0809]
[0810]
[0811]
[0812]
[0813]
[0814]
[0815]
[0816]
[0817]
[0818]
[0819]
[0820]
[0821]
[0822]
[0823]
[0824]
[0825]
[0826]
[0827]
[0828]
[0829]
[0830]
[0831]
[0832]
[0833]
[0834]
[0835]
[0836]
[0837]
[0838]
[0839]
[0840]
[0841]
[0842]
[0843]
[0844]
[0845]
[0846]
[0847]
[0848]
[0849]
[0850]
[0851]
[0852]
[0853]
[0854]
[0855]
[0856]
[0857]
[0858]
[0859]
[0860]
[0861]
[0862]
[0863]
[0864]
[0865]
[0866]
[0867]
[0868]
[0869]
[0870]
[0871]
[0872]
[0873]
[0874]
[0875]
[0876]
[0877]
[0878]
[0879]
[0880]
[0881]
[0882]
[0883]
[0884]
[0885]
[0886]
[0887]
[0888]
[0889]
[0890]
[0891]
[0892]
[0893]
[0894]
[0895]
[0896]
[0897]
[0898]
[0899]
[0900]
[0901]
[0902]
[0903]
[0904]
[0905]
[0906]
[0907]
[0908]
[0909]
[0910]
[0911]
[0912]
[0913]
[0914]
[0915]
[0916]
[0917]
[0918]
[0919]
[0920]
[0921]
[0922]
[0923]
[0924]
[0925]
[0926]
[0927]
[0928]
[0929]
[0930]
[0931]
[0932]
[0933]
[0934]
[0935]
[0936]
[0937]
[0938]
[0939]
[0940]
[0941]
[0942]
[0943]
[0944]
[0945]
[0946]
[0947]
[0948]
[0949]
[0950]
[0951]
[0952]
[0953]
[0954]
[0955]
[0956]
[0957]
[0958]
[0959]
[0960]
[0961]
[0962]
[0963]
[0964]
[0965]
[0966]
[0967]
[0968]
[0969]
[0970]
[0971]
[0972]
[0973]
[0974]
[0975]
[0976]
[0977]
[0978]
[0979]
[0980]
[0981]
[0982]
[0983]
[0984]
[0985]
[0986]
[0987]
[0988]
[0989]
[0990]
[0991]
[0992]
[0993]
[0994]
[0995]
[0996]
[0997]
[0998]
[0999]
[1000]
[1001]
[1002]
[1003]
[1004]
[1005]
[1006]
[1007]
[1008]
[1009]
[1010]
[1011]
[1012]
[1013]
[1014]
[1015]
[1016]
[1017]
[1018]
[1019]
[1020]
[1021]
[1022]
[1023]
[1024]
[1025]
[1026]
[1027]
[1028]
[1029]
[1030]
[1031]
[1032]
[1033]
[1034]
[1035]
[1036]
[1037]
[1038]
[1039]
[1040]
[1041]
[1042]
[1043]
[1044]
[1045]
[1046]
[1047]
[1048]
[1049]
[1050]
[1051]
[1052]
[1053]
[1054]
[1055]
[1056]
[1057]
[1058]
[1059]
[1060]
[1061]
[1062]
[1063]
[1064]
[1065]
[1066]
[1067]
[1068]
[1069]
[1070]
[1071]
[1072]
[1073]
[1074]
[1075]
[1076]
[1077]
[1078]
[1079]
[1080]
[1081]
[1082]
[1083]
[1084]
[1085]
[1086]
[1087]
[1088]
[1089]
[1090]
[1091]
[1092]
[1093]
[1094]
[1095]
[1096]
[1097]
[1098]
[1099]
[1100]
[1101]
[1102]
[1103]
[1104]
[1105]
[1106]
[1107]
[1108]
[1109]
[1110]
[1111]
[1112]
[1113]
[1114]
[1115]
[1116]
[1117]
[1118]
[1119]
[1120]
[1121]
[1122]
[1123]
[1124]
[1125]
[1126]
[1127]
[1128]
[1129]
[1130]
[1131]
[1132]
[1133]
[1134]
[1135]
[1136]
[1137]
[1138]
[1139]
[1140]
[1141]
[1142]
[1143]
[1144]
[1145]
[1146]
[1147]
[1148]
[1149]
[1150]
[1151]
[1152]
[1153]
[1154]
[1155]
[1156]
[1157]
[1158]
[1159]
[1160]
[1161]
[1162]
[1163]
[1164]
[1165]
[1166]
[1167]
[1168]
[1169]
[1170]
[1171]
[1172]
[1173]
[1174]
[1175]
[1176]
[1177]
[1178]
[1179]
[1180]
[1181]
[1182]
[1183]
[1184]
[1185]
[1186]
[1187]
[1188]
[1189]
[1190]
[1191]
[1192]
[1193]
[1194]
[1195]
[1196]
[1197]
[1198]
[1199]
[1200]
[1201]
[1202]
[1203]
[1204]
[1205]
[1206]
[1207]
[1208]
[1209]
[1210]
[1211]
[1212]
[1213]
[1214]
[1215]
[1216]
[1217]
[1218]
[1219]
[1220]
[1221]
[1222]
[1223]
[1224]
[1225]
[1226]
[1227]
[1228]
[1229]
[1230]
[1231]
[1232]
[1233]
[1234]
[1235]
[1236]
[1237]
[1238]
[1239]
[1240]
[1241]
[1242]
[1243]
[1244]
[1245]
[1246]
[1247]
[1248]
[1249]
[1250]
[1251]
[1252]
[1253]
[1254]
[1255]
[1256]
[1257]
[1258]
[1259]
[1260]
[1261]
[1262]
[1263]
[1264]
[1265]
[1266]
[1267]
[1268]
[1269]
[1270]
[1271]
[1272]
[1273]
[1274]
[1275]
[1276]
[1277]
[1278]
[1279]
[1280]
[1281]
[1282]
[1283]
[1284]
[1285]
[1286]
[1287]
[1288]
[1289]
[1290]
[1291]
[1292]
[1293]
[1294]
[1295]
[1296]
[1297]
[1298]
[1299]
[1300]
[1301]
[1302]
[1303]
[1304]
[1305]
[1306]
[1307]
[1308]
[1309]
[1310]
[1311]
[1312]
[1313]
[1314]
[1315]
[1316]
[1317]
[1318]
[1319]
[1320]
[1321]
[1322]
[1323]
[1324]
[1325]
[1326]
[1327]
[1328]
[1329]
[1330]
[1331]
[1332]
[1333]
[1334]
[1335]
[1336]
[1337]
[1338]
[1339]
[1340]
[1341]
[1342]
[1343]
[1344]
[1345]
[1346]
[1347]
[1348]
[1349]
[1350]
[1351]
[1352]
[1353]
[1354]
[1355]
[1356]
[1357]
[1358]
[1359]
[1360]
[1361]
[1362]
[1363]
[1364]
[1365]
[1366]
[1367]
[1368]
[1369]
[1370]
[1371]
[1372]
[1373]
[1374]
[1375]
[1376]
[1377]
[1378]
[1379]
[1380]
[1381]
[1382]
[1383]
[1384]
[1385]
[1386]
[1387]
[1388]
[1389]
[1390]
[1391]
[1392]
[1393]
[1394]
[1395]
[1396]
[1397]
[1398]
[1399]
[1400]
[1401]
[1402]
[1403]
[1404]
[1405]
[1406]
[1407]
[1408]
[1409]
[1410]
[1411]
[1412]
[1413]
[1414]
[1415]
[1416]
[1417]
[1418]
[1419]
[1420]
[1421]
[1422]
[1423]
[1424]
[1425]
[1426]
[1427]
[1428]
[1429]
[1430]
[1431]
[1432]
[1433]
[1434]
[1435]
[1436]
[1437]
[1438]
[1439]
[1440]
[1441]
[1442]
[1443]
[1444]
[1445]
[1446]
[1447]
[1448]
[1449]
[1450]
[1451]
[1452]
[1453]
[1454]
[1455]
[1456]
[1457]
[1458]
[1459]
[1460]
[1461]
[1462]
[1463]
[1464]
[1465]
[1466]
[1467]
[1468]
[1469]
[1470]
[1471]
[1472]
[1473]
[1474]
[1475]
[1476]
[1477]
[1478]
[1479]
[1480]
[1481]
[1482]
[1483]
[1484]
[1485]
[1486]
[1487]
[1488]
[1489]
[1490]
[1491]
[1492]
[1493]
[1494]
[1495]
[1496]
[1497]
[1498]
[1499]
[1500]
[1501]
[1502]
[1503]
[1504]
[1505]
[1506]
[1507]
[1508]
[1509]
[1510]
[1511]
[1512]
[1513]
[1514]
[1515]
[1516]
[1517]
[1518]
[1519]
[1520]
[1521]
[1522]
[1523]
[1524]
[1525]
[1526]
[1527]
[1528]
[1529]
[1530]
[1531]
[1532]
[1533]
[1534]
[1535]
[1536]
[1537]
[1538]
[1539]
[1540]
[1541]
[1542]
[1543]
[1544]
[1545]
[1546]
[1547]
[1548]
[1549]
[1550]
[1551]
[1552]
[1553]
[1554]
[1555]
[1556]
[1557]
[1558]
[1559]
[1560]
[1561]
[1562]
[1563]
[1564]
[1565]
[1566]
[1567]
[1568]
[1569]
[1570]
[1571]
[1572]
[1573]
[1574]
[1575]
[1576]
[1577]
[1578]
[1579]
[1580]
[1581]
[1582]
[1583]
[1584]
[1585]
[1586]
[1587]
[1588]
[1589]
[1590]
[1591]
[1592]
[1593]
[1594]
[1595]
[1596]
[1597]
[1598]
[1599]
[1600]
[1601]
[1602]
[1603]
[1604]
[1605]
[1606]
[1607]
[1608]
[1609]
[1610]
[1611]
[1612]
[1613]
[1614]
[1615]
[1616]
[1617]
[1618]
[1619]
[1620]
[1621]
[1622]
[1623]
[1624]
[1625]
[1626]
[1627]
[1628]
[1629]
[1630]
[1631]
[1632]
[1633]
[1634]
[1635]
[1636]
[1637]
[1638]
[1639]
[1640]
[1641]
[1642]
[1643]
[1644]
[1645]
[1646]
[1647]
[1648]
[1649]
[1650]
[1651]
[1652]
[1653]
[1654]
[1655]
[1656]
[1657]
[1658]
[1659]
[1660]
[1661]
[1662]
[1663]
[1664]
[1665]
[1666]
[1667]
[1668]
[1669]
[1670]
[1671]
[1672]
[1673]
[1674]
[1675]
[1676]
[1677]
[1678]
[1679]
[1680]
[1681]
[1682]
[1683]
[1684]
[1685]
[1686]
[1687]
[1688]
[1689]
[1690]
[1691]
[1692]
[1693]
[1694]
[1695]
[1696]
[1697]
[1698]
[1699]
[1700]
[1701]
[1702]
[1703]
[1704]
[1705]
[1706]
[1707]
[1708]
[1709]
[1710]
[1711]
[1712]
[1713]
[1714]
[1715]
[1716]
[1717]
[1718]
[1719]
[1720]
[1721]
[1722]
[1723]
[1724]
[1725]
[1726]
[1727]
[1728]
[1729]
[1730]
[1731]
[1732]
[1733]
[1734]
[1735]
[1736]
[1737]
[1738]
[1739]
[1740]
[1741]
[1742]
[1743]
[1744]
[1745]
[1746]
[1747]
[1748]
[1749]
[1750]
[1751]
[1752]
[1753]
[1754]
[1755]
[1756]
[1757]
[1758]
[1759]
[1760]
[1761]
[1762]
[1763]
[1764]
[1765]
[1766]
[1767]
[1768]
[1769]
[1770]
[1771]
[1772]
[1773]
[1774]
[1775]
[1776]
[1777]
[1778]
[1779]
[1780]
[1781]
[1782]
[1783]
[1784]
[1785]
[1786]
[1787]
[1788]
[1789]
[1790]
[1791]
[1792]
[1793]
[1794]
[1795]
[1796]
[1797]
[1798]
[1799]
[1800]
[1801]
[1802]
[1803]
[1804]
[1805]
[1806]
[1807]
[1808]
[1809]
[1810]
[1811]
[1812]
[1813]
[1814]
[1815]
[1816]
[1817]
[1818]
[1819]
[1820]
[1821]
[1822]
[1823]
[1824]
[1825]
[1826]
[1827]
[1828]
[1829]
[1830]
[1831]
[1832]
[1833]
[1834]
[1835]
[1836]
[1837]
[1838]
[1839]
[1840]
[1841]
[1842]
[1843]
[1844]
[1845]
[1846]
[1847]
[1848]
[1849]
[1850]
[1851]
[1852]
[1853]
[1854]
[1855]
[1856]
[1857]
[1858]
[1859]
[1860]
[1861]
[1862]
[1863]
[1864]
[1865]
[1866]
[1867]
[1868]
[1869]
[1870]
[1871]
[1872]
[1873]
[1874]
[1875]
[1876]
[1877]
[1878]
[1879]
[1880]
[1881]
[1882]
[1883]
[1884]
[1885]
[1886]
[1887]
[1888]
[1889]
[1890]
[1891]
[1892]
[1893]
[1894]
[1895]
[1896]
[1897]
[1898]
[1899]
[1900]
[1901]
[1902]
[1903]
[1904]
[1905]
[1906]
[1907]
[1908]
[1909]
[1910]
[1911]
[1912]
[1913]
[1914]
[1915]
[1916]
[1917]
[1918]
[1919]
[1920]
[1921]
[1922]
[1923]
[1924]
[1925]
[1926]
[1927]
[1928]
[1929]
[1930]
[1931]
[1932]
[1933]
[1934]
[1935]
[1936]
[1937]
[1938]
[1939]
[1940]
[1941]
[1942]
[1943]
[1944]
[1945]
[1946]
[1947]
[1948]
[1949]
[1950]
[1951]
[1952]
[1953]
[1954]
[1955]
[1956]
[1957]
[1958]
[1959]
[1960]
[1961]
[1962]
[1963]
[1964]
[1965]
[1966]
[1967]
[1968]
[1969]
[1970]
[1971]
[1972]
[1973]
[1974]
[1975]
[1976]
[1977]
[1978]
[1979]
[1980]
[1981]
[1982]
[1983]
[1984]
[1985]
[1986]
[1987]
[1988]
[1989]
[1990]
[1991]
[1992]
[1993]
[1994]
[1995]
[1996]
[1997]
[1998]
[1999]
[2000]
[2001]
[2002]
[2003]
[2004]
[2005]
[2006]
[2007]
[2008]
[2009]
[2010]
[2011]
[2012]
[2013]
[2014]
[2015]
[2016]
[2017]
[2018]
[2019]
[2020]
[2021]
[2022]
[2023]
[2024]
[2025]
[2026]
[2027]
[2028]
[2029]
[2030]
[2031]
[2032]
[2033]
[2034]
[2035]
[2036]
[2037]
[2038]
[2039]
[2040]
[2041]
[2042]
[2043]
[2044]
[2045]
[2046]
[2047]
[2048]
[2049]
[2050]
[2051]
[2052]
[2053]
[2054]
[2055]
[2056]
[2057]
[2058]
[2059]
[2060]
[2061]
[2062]
[2063]
[2064]
[2065]
[2066]
[2067]
[2068]
[2069]
[2070]
[2071]
[2072]
[2073]
[2074]
[2075]
[2076]
[2077]
[2078]
[2079]
[2080]
[2081]
[2082]
[2083]
[2084]
[2085]
[2086]
[2087]
[2088]
[2089]
[2090]
[2091]
[2092]
[2093]
[2094]
[2095]
[2096]
[2097]
[2098]
[2099]
[2100]
[2101]
[2102]
[2103]
[2104]
[2105]
[2106]
[2107]
[2108]
[2109]
[2110]
[2111]
[2112]
[2113]
[2114]
[2115]
[2116]
[2117]
[2118]
[2119]
[2120]
[2121]
[2122]
[2123]
[2124]
[2125]
[2126]
[2127]
[2128]
[2129]
[2130]
[2131]
[2132]
[2133]
[2134]
[2135]
[2136]
[2137]
[2138]
[2139]
[2140]
[2141]
[2142]
[2143]
[2144]
[2145]
[2146]
[2147]
[2148]
[2149]
[2150]
[2151]
[2152]
[2153]
[2154]
[2155]
[2156]
[2157]
[2158]
[2159]
[2160]
[2161]
[2162]
[2163]
[2164]
[2165]
[2166]
[2167]
[2168]
[2169]
[2170]
[2171]
[2172]
[2173]
[2174]
[2175]
[2176]
[2177]
[2178]
[2179]
[2180]
[2181]
[2182]
[2183]
[2184]
[2185]
[2186]
[2187]
[2188]
[2189]
[2190]
[2191]
[2192]
[2193]
[2194]
[2195]
[2196]
[2197]
[2198]
[2199]
[2200]
[2201]
[2202]
[2203]
[2204]
[2205]
[2206]
[2207]
[2208]
[2209]
[2210]
[2211]
[2212]
[2213]
[2214]
[2215]
[2216]
[2217]
[2218]
[2219]
[2220]
[2221]
[2222]
[2223]
[2224]
[2225]
[2226]
[2227]
[2228]
[2229]
[2230]
[2231]
[2232]
[2233]
[2234]
[2235]
[2236]
[2237]
[2238]
[2239]
[2240]
[2241]
[2242]
[2243]
[2244]
[2245]
[2246]
[2247]
[2248]
[2249]
[2250]
[2251]
[2252]
[2253]
[2254]
[2255]
[2256]
[2257]
[2258]
[2259]
[2260]
[2261]
[2262]
[2263]
[2264]
[2265]
[2266]
[2267]
[2268]
[2269]
[2270]
[2271]
[2272]
[2273]
[2274]
[2275]
[2276]
[2277]
[2278]
[2279]
[2280]
[2281]
[2282]
[2283]
[2284]
[2285]
[2286]
[2287]
[2288]
[2289]
[2290]
[2291]
[2292]
[2293]
[2294]
[2295]
[2296]
[2297]
[2298]
[2299]
[2300]
[2301]
[2302]
[2303]
[2304]
[2305]
[2306]
[2307]
[2308]
[2309]
[2310]
[2311]
[2312]
[2313]
[2314]
[2315]
[2316]
[2317]
[2318]
[2319]
[2320]
[2321]
[2322]
[2323]
[2324]
[2325]
[2326]
[2327]
[2328]
[2329]
[2330]
[2331]
[2332]
[2333]
[2334]
[2335]
[2336]
[2337]
[2338]
[2339]
[2340]
[2341]
[2342]
[2343]
[2344]
[2345]
[2346]
[2347]
[2348]
[2349]
[2350]
[2351]
[2352]
[2353]
[2354]
[2355]
[2356]
[2357]
[2358]
[2359]
[2360]
[2361]
[2362]
[2363]
[2364]
[2365]
[2366]
[2367]
[2368]
[2369]
[2370]
[2371]
[2372]
[2373]
[2374]
[2375]
[2376]
[2377]
[2378]
[2379]
[2380]
[2381]
[2382]
[2383]
[2384]
/*****************************************************************************/
/*
sechan.c
WASD's SEcurity .CH Army kNife :^)
Guide to pronounciation: 'ch' as in "machine" making it something like
"seshun" or "session". If only I could have found a way to integrate an
additional 'u' into the name it could have become a Chinese utility rather than
a Suisse one. (Hey, this is fairly dry work, I've got to get some amusement
somehow :^)
$ SECHAN == "$HT_EXE:SECHAN"
This very specialized utility is designed to provide some very specific
functionality required for securing the WASD package and directory tree. It is
done using C code for efficiency and so that files with a special IGNORE_THIS
ACE in an ACL will not be changed. This allows package security to be reset at
any stage without affecting site specific components of it. It requires an
account with SYSPRV. Control-T will provide a progress indicator.
When first used this utility will create the following rights identifiers if
they don't already exist.
WASD_HTTP_SERVER granted to the HTTPd server account
WASD_HTTP_NOBODY granted to the HTTPd scripting account
WASD_IGNORE_THIS used in an ACL to cause SECHAN to ignore a file
PACKAGE SECURITY FUNCTIONALITY
------------------------------
This sets file ownership, protection and required ACLs for the WASD package
directory tree. It only sets WASD package directories. Any other top-level
directory found in the tree is ignored (by default). Each directory in the
package gets it's own, specialized ACL (if required).
$ SECHAN /PACKAGE
The above usage will result in the entire WASD_ROOT:[000000...] tree being
traversed and the standard WASD package security settings (re)applied. To
apply standard settings to only part of the tree provide a file specification
as in the following example. If using this functionality it's also necessary
to explicitly apply it to the parent directory as well.
$ SECHAN /PACKAGE WASD_ROOT:[CGI-BIN]
$ SECHAN /PACKAGE WASD_ROOT:[000000]CGI-BIN.DIR
Security settings appropriate to that portion will be applied.
With the scripting directories ([CGI-BIN], [AXP-BIN/[VAX-BIN]) the /NOSCRIPT
qualifier causes a SYSTEM identifier to be used instead of WASD_HTTP_NOBODY on
the script files. This means all files in these directories are unavailable to
the scripting account until explicitly made so by modifying the ACE.
To set some other (non-package) directory to the same security settings as a
known package directory use the /ASIF= qualifier. The setting will be made as
if it was that package directory. Note that using this facility the parent
directory must be explicitly set (sorry, you are getting this for $0 :^).
$ SECHAN /ASIF=DOC WEB:[LOCAL.DOC]*.*
$ SECHAN /ASIF=DOC WEB:[LOCAL]DOC.DIR
$ SECHAN /ASIF=CGI-BIN WEB:[LOCAL.SCRIPTS]*.*
$ SECHAN /ASIF=CGI-BIN WEB:[LOCAL]SCRIPTS.DIR
SETTING FILES TO BE IGNORED
---------------------------
The SECHAN utility ignores files that have an ACL with an ACE containing the
rights identifier WASD_IGNORE_THIS. An ACE containing this can be added to a
file manually or to a file or files (with a wildcard specification) by using
this utility as shown in the following example.
$ SECHAN /IGNORE WASD_ROOT:[CGI-BIN]LOCAL_SCRIPT.COM
$ SECHAN /IGNORE WASD_ROOT:[AXP-BIN]LOCAL_*.EXE
To remove this setting the /NOIGNORE qualifier may be applied (this does not
affect any other parts of the ACL, if any). Alternatively the ACL can be
edited or otherwise directly modified to remove the relevant ACE.
$ SECHAN /NOIGNORE WASD_ROOT:[CGI-BIN]LOCAL_SCRIPT.COM
$ SECHAN /NOIGNORE WASD_ROOT:[AXP-BIN]LOCAL_*.EXE
The /ALL qualifier causes the utility to ignore the WASD_IGNORE_THIS ACE and
process the file anyway, overriding this protection mechanism. Use with
caution, it could undo all your /IGNORE settings!
The /FIND qualifier may be used with a file specification to locate and list
all files containing one of these IGNORE ACEs. The /FIND=NOIGNORE can be used
to list all those that do not contain this.
$ SECHAN /FIND WASD_ROOT:[000000...]*.*
CHANGING ACCESS
---------------
It is possible to add an ACE to allow either the server or nobody access (or
both for that matter) read or write access to particular files.
$ SECHAN /READ /SERVER WEB:[DATA]*.TXT
$ SECHAN /WRITE /NOBODY WEB:[DATA]*.DAT
It is also possible to specify an identifier name to have the /READ or /WRITE
ACE applied for.
$ SECHAN /READ /PERMIT=HTTPD WEB:[DOCUMENTS]*.*
$ SECHAN /WRITE /PERMIT=SCRIPTING WEB:[SCRATCH]*.*
And the converse; with /NOPERMIT removing previously applied ACEs.
$ SECHAN /READ /NOPERMIT=HTTPD WEB:[DOCUMENTS]*.*
$ SECHAN /WRITE /NONE /NOPERMIT=SCRIPTING WEB:[SCRATCH]*.*
It also possible to to use the utility to apply the CONTROL ACE used by the
server for UPDate PUT's and POSTs for SYSUAF and /PROFILEd requests. This can
only be applied to the parent directory.
$ SECHAN /CONTROL WASD_ROOT:[000000]LOCAL.DIR
OTHER FUNCTIONALITY
-------------------
The utility will continue to honour the IGNORE_THIS ACE when using other
security related functionality. The /ACL= qualifier allows specific Access
Control List to be set. The /OWNER= qualifier allows file ownership to be set.
The /WORLD and /NOWORLD alternately allow world read permission and not
respectively. If any of these are not specified they are not changed on the
target file(s).
$ SECHAN WEB:[LOCAL]*.* /ACL=(IDENT=*,ACCESS=READ) /OWNER=WEB
$ SECHAN WEB:[LOCAL]*.* /OWNER=WEB /WORLD
$ SECHAN WEB:[LOCAL]*.* /ACL=(IDENT=WEB_USER,ACCESS=READ) /NOWORLD
Of course this utility has far less functionality to SET SECURITY and should
not be considering even the palest imitation.
GETUAI FUNCTIONALITY
--------------------
Gets the user device and directory from the UAF and assigns global symbols
containing the contents in various formats. This is intended for use during
WASD package installation and update.
SECHAN_DEFDEV default device (e.g. (DKA0:)
SECHAN_DEFDIR default directory (e.g. [DANIEL])
SECHAN_HOME concatentation of above (e.g. DKA0:[DANIEL])
SECHAN_HOME_DIR home area directory file name (e.g. DKA0:[000000]DANIEL.DIR)
SECHAN_UIC account UIC in standard [nnn,nnn] format
SECHAN_VERSION software ID for utility
To get UAI information provide a <username> parameter. To delete symbols
containing the information provide no parameter.
$ SECHAN = "$HT_EXE:SECHAN"
$ SECHAN /GETUAI DANIEL
$ SHOW SYM $STATUS
$STATUS == "%X00000001"
$ SHOW SYMBOL SECHAN_*
SECHAN_DEFDEV == "DKA100:"
SECHAN_DEFDIR == "[USER.DANIEL]"
SECHAN_HOME == "DKA0:[USER.DANIEL]"
SECHAN_HOME_DIR == "DKA0:[USER]DANIEL.DIR"
SECHAN_UIC == "[100,1]"
SECHAN_VERSION == "SECHAN AXP-1.0.0"
$ SECHAN /GETUAI
$ SHOW SYM $STATUS
$STATUS == "%X00000001"
$ SHOW SYMBOL SECHAN_*
%DCL-W-UNDSYM, undefined symbol - check validity and spelling
$ SECHAN /GETUAI DOESNOTEXIST
$ SHOW SYM $STATUS
$STATUS == "%X100182B2"
$ SHOW SYMBOL SECHAN_*
%DCL-W-UNDSYM, undefined symbol - check validity and spelling
If the UAF record (username) does not exist the utility exits quietly with a
%X100182B2 status (inhibited RNF) and leaves no symbols.
QUALIFIERS
----------
/ACL= apply the specified ACL to the file specification
/ALL do not ignore those files with the IGNORE ACL applied
/ASIF= the specified directory (e.g. /ASIF=SRC or /ASIF=CGI-BIN)
/CONTROL place a server CONTROL ACE on that directory (for UPDate)
/DBUG enable all if(Debug)s
/DELETE delete all ACLs from the file specification
/EXCEPTIONAL apply security settings only to files in 'FileSecurity'
/FIND= find all IGNORE files (default)
/GETUAI get the parameter usernames UAI information into symbols
/IDENTIFIERS check for and create rights identifiers if necessary
/IGNORE add an IGNORE ACE to this file specification
/LOG output the name of each file before it's modified
/NOBODY apply the /READ or /WRITE for the nobody (scripting) account
/NOIGNORE remove (all) IGNORE ACE from this file specification
/NONE add a general ACCESS=NONE ACE
/NOSCRIPT make scripting directories available only to SYSTEM account
/OWNER= sets the file ownership to the specified username
/PACKAGE apply the default WASD package security profile
/PERMIT= identifier to apply /READ /WRITE ACEs for
/NOPERMIT= identifier to delete /READ /WRITE ACEs for
/PROGRESS progress stamp every 100 files
/READ place a server READ ACE on that directory (for UPDate)
/SERVER (default) apply the /READ or /WRITE for the server account
/VERSION software and copyright info, creates symbol SECHAN_VERSION
/WORLD allow world read access
/NOWORLD deny world read access
/WRITE place a server READ+WRITE ACE on that directory (for UPDate)
BUILD DETAILS
-------------
Compile then link:
$ @BUILD_SECHAN
To just link:
$ @BUILD_SECHAN LINK
COPYRIGHT
---------
Copyright (C) 2002-2021 Mark G.Daniel
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
VERSION HISTORY (update SOFTWAREVN as well)
---------------
22-SEP-2020 MGD v1.2.4, allow for [X86_64], and [X86_64-BIN]
13-APR-2020 MGD v1.2.3, allow for [WASDOC]
28-MAY-2016 MGD v1.2.2, HtRootDir() allow for non-"WASD_ROOT.DIR"
07-NOV-2009 MGD v1.2.1, WASD v10 [000000]WASD_FILE_DEV.COM
22-JAN-2005 MGD v1.2.0, /PERMIT=<ident> to apply /READ /WRITE ACEs against
/NOPERMIT=<ident> to remove /READ /WRITE ACEs
/NONE adds a no-general-access ACE to the file
/VERSION now creates SECHAN_VERSION global symbol
23-DEC-2003 MGD v1.1.0, support IA64 exe directories (a la Alpha and VAX)
minor conditional mods to support IA64
15-FEB-2003 MGD v1.0.3, ensure WASD_ROOT.DIR has security set,
continue if 'exceptional files' directory not found
30-DEC-2002 MGD v1.0.2, bugfix; only enable control-T when interactive
05-DEC-2002 MGD v1.0.1, bugfix; fab$l_fna used incorrect string
16-NOV-2002 MGD v1.0.0, initial development
*/
/*****************************************************************************/
#define SOFTWAREVN "1.2.4"
#define SOFTWARENM "SECHAN"
#ifdef __ALPHA
# define SOFTWAREID SOFTWARENM " AXP-" SOFTWAREVN
#endif
#ifdef __ia64
# define SOFTWAREID SOFTWARENM " IA64-" SOFTWAREVN
#endif
#ifdef __VAX
# error VAX no longer implemented
#endif
#ifdef __x86_64
# define SOFTWAREID SOFTWARENM " X86-" SOFTWAREVN
#endif
/* standard C header files */
#include <ctype.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
/* VMS related header files */
#include <descrip.h>
#include <iodef.h>
#include <jpidef.h>
#include <libclidef.h>
#include <lnmdef.h>
#include <prvdef.h>
#include <rms.h>
#include <ssdef.h>
#include <stsdef.h>
#include <syidef.h>
#include <uaidef.h>
#define ACE$M_READ 1
#define ACE$M_WRITE 2
#define ACE$M_DELETE 8
#define ACE$M_CONTROL 16
#define OSS$M_WLOCK 1
#define OSS$M_RELCTX 2
#define OSS$M_LOCAL 4
#define OSS$_ACL_ADD_ENTRY 3
#define OSS$_ACL_DELETE_ENTRY 4
#define OSS$_ACL_DELETE_ALL 6
#define OSS$_ACL_FIND_NEXT 8
#define OSS$_ACL_POSITION_TOP 14
#define OSS$_ACL_POSITION_BOTTOM 15
#define OSS$_ACL_READ_ENTRY 16
#define OSS$_OWNER 21
#define OSS$_PROTECTION 22
#define PSL$C_USER 3
#define CLI$_INSFPRM 229448
/* application header files */
#include "enamel.h"
#define BOOL int
#define true 1
#define false 0
#define VMSok(x) ((x) & STS$M_SUCCESS)
#define VMSnok(x) !(((x) & STS$M_SUCCESS))
#ifndef NO_ODS_EXTENDED
# define ODS_EXTENDED 1
/* this is smaller than the technical maximum, but still quite large! */
# define ODS_MAX_FILE_NAME_LENGTH 511
# define ODS_MAX_FILESYS_NAME_LENGTH 264
#endif
#define ODS2_MAX_FILE_NAME_LENGTH 255
#ifndef ODS_MAX_FILE_NAME_LENGTH
# define ODS_MAX_FILE_NAME_LENGTH ODS2_MAX_FILE_NAME_LENGTH
#endif
#if ODS_MAX_FILE_NAME_LENGTH < ODS2_MAX_FILE_NAME_LENGTH
# define ODS_MAX_FILE_NAME_LENGTH ODS2_MAX_FILE_NAME_LENGTH
#endif
char CopyrightInfo [] =
"Copyright (C) 2002-2021 Mark G.Daniel\n\
This program, comes with ABSOLUTELY NO WARRANTY.\n\
This is free software, and you are welcome to redistribute it\n\
under the conditions of the GNU GENERAL PUBLIC LICENSE, version 2.\n";
/***************/
/* some macros */
/***************/
#define FILE_DIR 1
#define FILE_WWW 2
#define WASD_HTTP_SERVER "WASD_HTTP_SERVER"
#define WASD_HTTP_NOBODY "WASD_HTTP_NOBODY"
#define WASD_IGNORE_THIS "WASD_IGNORE_THIS"
#define ACE_IGNORE_THIS "(IDENT=WASD_IGNORE_THIS,ACCESS=NONE)"
/* only used for controlling /PROFILE access to directory contents */
#define ACE_SERVER_CONTROL "(IDENT=WASD_HTTP_SERVER,ACCESS=CONTROL)"
#define ACE_ACCOUNT_READ_DIR \
"((IDENT=%s,ACCESS=R+E),\
(IDENT=%s,OPTIONS=DEFAULT,ACCESS=R+E))"
#define ACE_ACCOUNT_READ_FILE "(IDENT=%s,ACCESS=R+E)"
#define ACE_ACCOUNT_WRITE_DIR \
"((IDENT=%s,ACCESS=R+W+E),\
(IDENT=%s,OPTIONS=DEFAULT,ACCESS=R+W+E+D))"
#define ACE_ACCOUNT_WRITE_FILE "(IDENT=%s,ACCESS=R+W+E+D)"
/****************************/
/* package security profile */
/****************************/
#define IFSCRIPT 1
#define NOSCRIPT 2
#define ACCESS_WORLD 0xaa00 /* s:rwed,o:rwed,g:re,w:re */
#define ACCESS_NOWORLD 0xff00 /* s:rwed,o:rwed,g,w */
#define ACL_DEFAULT_WORLD \
"(DEFAULT_PROTECTION,S:RWED,O:RWED,G:RE,W:RE)"
#define ACL_NONE_DIR \
"((IDENT=*,ACCESS=NONE),\
(IDENT=*,OPTIONS=DEFAULT,ACCESS=NONE),\
(DEFAULT_PROTECTION,S:RWED,O:RWED,G,W))"
#define ACL_NONE_FILE \
"(IDENT=*,ACCESS=NONE)"
/*
Environments such as Java require the scripting account to have read access to
the directory in which (in that case) the class files are provided.
*/
#define ACL_BIN_DIR \
"((IDENT=WASD_HTTP_SERVER,ACCESS=E),\
(IDENT=WASD_HTTP_NOBODY,ACCESS=R+E),\
(IDENT=*,ACCESS=NONE),\
(IDENT=WASD_HTTP_NOBODY,OPTIONS=DEFAULT,ACCESS=R+E),\
(IDENT=*,OPTIONS=DEFAULT,ACCESS=NONE),\
(DEFAULT_PROTECTION,S:RWED,O:RWED,G,W))"
#define ACL_BIN_FILE \
"((IDENT=WASD_HTTP_NOBODY,ACCESS=R+E),(IDENT=*,ACCESS=NONE))"
#define ACL_BIN_NOSCRIPT_DIR \
"((IDENT=WASD_HTTP_SERVER,ACCESS=E),\
(IDENT=WASD_HTTP_NOBODY,ACCESS=R+E),\
(IDENT=*,ACCESS=NONE),\
(IDENT=SYSTEM,OPTIONS=DEFAULT,ACCESS=R+E),\
(IDENT=*,OPTIONS=DEFAULT,ACCESS=NONE),\
(DEFAULT_PROTECTION,S:RWED,O:RWED,G,W))"
#define ACL_BIN_NOSCRIPT_FILE \
"((IDENT=SYSTEM,ACCESS=R+E),(IDENT=*,ACCESS=NONE))"
#define ACL_SERVER_READ_DIR \
"((IDENT=WASD_HTTP_SERVER,ACCESS=R+E),\
(IDENT=*,ACCESS=NONE),\
(IDENT=WASD_HTTP_SERVER,OPTIONS=DEFAULT,ACCESS=R+E),\
(IDENT=*,OPTIONS=DEFAULT,ACCESS=NONE),\
(DEFAULT_PROTECTION,S:RWED,O:RWED,G,W))"
#define ACL_SERVER_READ_FILE \
"((IDENT=WASD_HTTP_SERVER,ACCESS=R+E),(IDENT=*,ACCESS=NONE))"
#define ACL_SERVER_WRITE_DIR \
"((IDENT=WASD_HTTP_SERVER,ACCESS=R+W+E),\
(IDENT=*,ACCESS=NONE),\
(IDENT=WASD_HTTP_SERVER,OPTIONS=DEFAULT,ACCESS=R+W+E+D),\
(IDENT=*,OPTIONS=DEFAULT,ACCESS=NONE),\
(DEFAULT_PROTECTION,S:RWED,O:RWED,G,W))"
#define ACL_SERVER_WRITE_FILE \
"((IDENT=WASD_HTTP_SERVER,ACCESS=R+W+E+D),(IDENT=*,ACCESS=NONE))"
#define ACL_NOBODY_READ_FILE \
"((IDENT=WASD_HTTP_NOBODY,ACCESS=R+E),(IDENT=*,ACCESS=NONE))"
#define ACL_NOBODY_WRITE_DIR \
"((IDENT=WASD_HTTP_NOBODY,ACCESS=R+W+E),\
(IDENT=*,ACCESS=NONE),\
(IDENT=WASD_HTTP_NOBODY,OPTIONS=DEFAULT,ACCESS=R+W+E+D),\
(IDENT=*,OPTIONS=DEFAULT,ACCESS=NONE),\
(DEFAULT_PROTECTION,S:RWED,O:RWED,G,W))"
#define ACL_NOBODY_WRITE_FILE \
"((IDENT=WASD_HTTP_NOBODY,ACCESS=R+W+E+D),(IDENT=*,ACCESS=NONE))"
#define ACL_SCRATCH_DIR \
"((IDENT=WASD_HTTP_SERVER,ACCESS=R+E),\
(IDENT=WASD_HTTP_NOBODY,ACCESS=R+W+E),\
(IDENT=*,ACCESS=NONE),\
(IDENT=WASD_HTTP_SERVER,OPTIONS=DEFAULT,ACCESS=R),\
(IDENT=WASD_HTTP_NOBODY,OPTIONS=DEFAULT,ACCESS=R+W+E+D),\
(IDENT=*,OPTIONS=DEFAULT,ACCESS=NONE),\
(DEFAULT_PROTECTION,S:RWED,O:RWED,G,W))"
#define ACL_SCRATCH_FILE \
"((IDENT=WASD_HTTP_SERVER,ACCESS=R),\
(IDENT=WASD_HTTP_NOBODY,ACCESS=R+W+E+D),\
(IDENT=*,ACCESS=NONE))"
#define ACL_HTTP$SERVER_LOGIN \
"((IDENT=WASD_HTTP_SERVER,ACCESS=R+E),(IDENT=*,ACCESS=NONE))"
#define ACL_HTTP$NOBODY_LOGIN \
"((IDENT=WASD_HTTP_NOBODY,ACCESS=R+E),(IDENT=*,ACCESS=NONE))"
struct PackageStruct
{
char *DirectoryName,
*DirectoryFileAcl,
*DirectoryContentsAcl;
unsigned short Protection;
int WwwHidden,
ScriptBin;
};
/* all of the package-recognized directories */
struct PackageStruct PackageSecurity [] =
{
/* zeroth element is a sentinal */
{ "", NULL, NULL, 0, 0, 0 },
/* top-level directories (both pre and post 8.1) */
{ "000000", NULL, NULL, ACCESS_WORLD, 0, 0 },
{ "AXP-BIN", ACL_BIN_DIR, ACL_BIN_FILE, ACCESS_NOWORLD, 1, IFSCRIPT },
{ "AXP-BIN", ACL_BIN_NOSCRIPT_DIR, ACL_BIN_NOSCRIPT_FILE, ACCESS_NOWORLD, 1, NOSCRIPT },
{ "AXP", ACL_NONE_DIR, ACL_NONE_FILE, ACCESS_NOWORLD, 1, 0 },
{ "CGI-BIN", ACL_BIN_DIR, ACL_BIN_FILE, ACCESS_NOWORLD, 1, IFSCRIPT },
{ "CGI-BIN", ACL_BIN_NOSCRIPT_DIR, ACL_BIN_NOSCRIPT_FILE, ACCESS_NOWORLD, 1, NOSCRIPT },
{ "DOC", ACL_DEFAULT_WORLD, NULL, ACCESS_WORLD, 0, 0 },
{ "EXAMPLE", ACL_DEFAULT_WORLD, NULL, ACCESS_WORLD, 0, 0 },
{ "EXERCISE", ACL_DEFAULT_WORLD, NULL, ACCESS_WORLD, 0, 0 },
{ "HTTP$NOBODY", ACL_NOBODY_WRITE_DIR, ACL_NOBODY_WRITE_FILE, ACCESS_NOWORLD, 1, 0 },
{ "HTTP$SERVER", ACL_SERVER_WRITE_DIR, ACL_SERVER_WRITE_FILE, ACCESS_NOWORLD, 1, 0 },
{ "IA64-BIN", ACL_BIN_DIR, ACL_BIN_FILE, ACCESS_NOWORLD, 1, IFSCRIPT },
{ "IA64-BIN", ACL_BIN_NOSCRIPT_DIR, ACL_BIN_NOSCRIPT_FILE, ACCESS_NOWORLD, 1, NOSCRIPT },
{ "IA64", ACL_NONE_DIR, ACL_NONE_FILE, ACCESS_NOWORLD, 1, 0 },
{ "INSTALL", ACL_DEFAULT_WORLD, NULL, ACCESS_WORLD, 0, 0 },
{ "JAVA", ACL_NONE_DIR, ACL_NONE_FILE, ACCESS_NOWORLD, 1, 0 },
{ "LOCAL", ACL_NONE_DIR, ACL_NONE_FILE, ACCESS_NOWORLD, 1, 0 },
{ "LOG", ACL_NONE_DIR, ACL_NONE_FILE, ACCESS_NOWORLD, 1, 0 },
{ "LOG_SERVER", ACL_SERVER_WRITE_DIR, ACL_SERVER_WRITE_FILE, ACCESS_NOWORLD, 1, 0 },
{ "RUNTIME", ACL_DEFAULT_WORLD, ACL_DEFAULT_WORLD, ACCESS_WORLD, 0, 0 },
{ "SCRATCH", ACL_SCRATCH_DIR, ACL_SCRATCH_FILE, ACCESS_NOWORLD, 1, 0 },
{ "SCRIPT", ACL_NONE_DIR, ACL_NONE_FILE, ACCESS_NOWORLD, 1, 0 },
{ "SCRIPT_LOCAL", ACL_NONE_DIR, ACL_NONE_FILE, ACCESS_NOWORLD, 1, 0 },
{ "SRC", ACL_DEFAULT_WORLD, NULL, ACCESS_WORLD, 0, 0 },
{ "STARTUP", ACL_SERVER_READ_DIR, ACL_SERVER_READ_FILE, ACCESS_NOWORLD, 1, 0 },
{ "VAX-BIN", ACL_BIN_DIR, ACL_BIN_FILE, ACCESS_NOWORLD, 1, IFSCRIPT },
{ "VAX-BIN", ACL_BIN_NOSCRIPT_DIR, ACL_BIN_NOSCRIPT_FILE, ACCESS_NOWORLD, 1, NOSCRIPT },
{ "VAX", ACL_NONE_DIR, ACL_NONE_FILE, ACCESS_NOWORLD, 1, 0 },
{ "WASDOC", ACL_DEFAULT_WORLD, NULL, ACCESS_WORLD, 0, 0 },
{ "X86_64-BIN", ACL_BIN_DIR, ACL_BIN_FILE, ACCESS_NOWORLD, 1, IFSCRIPT },
{ "X86_64-BIN", ACL_BIN_NOSCRIPT_DIR, ACL_BIN_NOSCRIPT_FILE, ACCESS_NOWORLD, 1, NOSCRIPT },
{ "X86_64", ACL_NONE_DIR, ACL_NONE_FILE, ACCESS_NOWORLD, 1, 0 },
/* the following are not real directories, just programming conveniences */
{ "SERVER-LOGIN.COM", NULL, ACL_SERVER_READ_FILE, ACCESS_NOWORLD, 1, 0 },
{ "NOBODY-LOGIN.COM", NULL, ACL_NOBODY_READ_FILE, ACCESS_NOWORLD, 1, 0 },
/* sentinal */
{ NULL, NULL, NULL, 0, 0, 0 }
};
struct FileStruct
{
char *FileSpec,
*AsIf;
};
/* those files that explicitly need settings contrary to the above */
struct FileStruct FileSecurity [] =
{
{ "WASD_ROOT:[000000]*.COM;*", "LOCAL" },
{ "WASD_ROOT:[000000]WASD_FILE_DEV.COM;*", "DOC" },
{ "WASD_ROOT:[HTTP$SERVER]LOGIN.COM;*", "SERVER-LOGIN.COM" },
{ "WASD_ROOT:[HTTP$NOBODY]LOGIN.COM;*", "NOBODY-LOGIN.COM" },
{ "WASD_ROOT:[AXP]HTTPD.EXE;*", "STARTUP" },
{ "WASD_ROOT:[AXP]HTTPD_SSL.EXE;*", "STARTUP" },
{ "WASD_ROOT:[VAX]HTTPD.EXE;*", "STARTUP" },
{ "WASD_ROOT:[VAX]HTTPD_SSL.EXE;*", "STARTUP" },
{ NULL, NULL }
};
/******************/
/* global storage */
/******************/
BOOL CliAllFiles,
CliCheck,
CliDelete,
CliExceptionalFiles,
CliGetUai,
CliIdentifiers,
CliLog,
CliNoneAce,
CliNoPermit,
CliNoScript,
CliPackage,
CliProgress,
CliPermitControl,
CliSetIgnore,
CliSetNoIgnore,
CliSetNobody,
CliPermitRead,
CliSetServer,
CliPermitWrite,
CliWorldAccess,
CliNoWorldAccess,
Debug,
OdsExtended,
WholePackage;
int ProgressCount;
unsigned long AccessMode = PSL$C_USER,
OssRelCtx = OSS$M_RELCTX;
unsigned long SysPrvMask [2] = { PRV$M_SYSPRV, 0 };
unsigned long HttpServerId,
HttpNobodyId,
IgnoreId,
OwnerUic,
PermitId;
char *CliAclPtr,
*CliAsIfPtr,
*CliFindPtr,
*CliOwnerPtr,
*CliParam1Ptr,
*CliPermitPtr,
*ControlTFileNamePtr;
char Utility [] = "SECHAN";
$DESCRIPTOR (ClassNameDsc, "FILE");
/**************/
/* prototypes */
/**************/
void ControlT (char);
int DeleteGlobalSymbol (char*);
int SetNoPermit (char*, int, unsigned long, unsigned long);
int GetIdent (char*, unsigned long*, BOOL);
int GetParameters ();
int GetVmsVersion ();
int GetUai (char*);
char *HtRootDir ();
int SetGlobalSymbol (char*, char*);
int FindFiles (char*);
int SetCheckIgnore (char*, int);
int SetSecurity (char*, int, BOOL, unsigned long, unsigned short, char*);
int SetPackage (char*, int, int);
BOOL strsame (char*, char*, int);
int lib$get_foreign (__unknown_params);
int lib$delete_symbol (__unknown_params);
int lib$get_symbol (__unknown_params);
int lib$set_symbol (__unknown_params);
int sys$add_ident (__unknown_params);
int sys$asctoid (__unknown_params);
int sys$assign (__unknown_params);
int sys$fao (__unknown_params);
int sys$getjpiw (__unknown_params);
int sys$getsyiw (__unknown_params);
int sys$get_security (__unknown_params);
int sys$getuai (__unknown_params);
int sys$parse (__unknown_params);
int sys$parse_acl (__unknown_params);
int sys$setprv (__unknown_params);
int sys$trnlnm (__unknown_params);
int sys$qiow (__unknown_params);
int sys$set_security (__unknown_params);
int sys$search (__unknown_params);
/*****************************************************************************/
/*
*/
main
(
int argc,
char *argv[]
)
{
int idx, status,
CreateIdentCount;
/*********/
/* begin */
/*********/
if (getenv ("SECHAN$DBUG")) Debug = true;
/* need this for most of what we're about to do */
status = sys$setprv (1, &SysPrvMask, 0, 0);
if (VMSnok (status)) exit (status);
if (status == SS$_NOTALLPRIV) exit (SS$_NOSYSPRV);
GetParameters ();
if (CliGetUai) exit (GetUai (CliParam1Ptr));
if (CliIdentifiers)
{
/* just check for and create the rights identifiers if necesary */
CreateIdentCount = 0;
status = GetIdent (WASD_HTTP_SERVER, &HttpServerId, false);
if (VMSnok (status)) CreateIdentCount++;
status = GetIdent (WASD_HTTP_NOBODY, &HttpNobodyId, false);
if (VMSnok (status)) CreateIdentCount++;
status = GetIdent (WASD_IGNORE_THIS, &IgnoreId, false);
if (VMSnok (status)) CreateIdentCount++;
if (!CreateIdentCount) return (SS$_NORMAL);
}
GetIdent (WASD_HTTP_SERVER, &HttpServerId, true);
GetIdent (WASD_HTTP_NOBODY, &HttpNobodyId, true);
GetIdent (WASD_IGNORE_THIS, &IgnoreId, true);
if (CliPermitPtr && CliPermitPtr[0])
GetIdent (CliPermitPtr, &PermitId, true);
if (CliIdentifiers)
{
/* this just makes install/update procedures look a little neater */
if (CreateIdentCount) fputs ("\n", stdout);
exit (SS$_NORMAL);
}
if ((CliPackage || CliFindPtr) && !CliParam1Ptr)
{
if (CliPackage) WholePackage = true;
CliParam1Ptr = "WASD_ROOT:[000000...]*.*;*";
}
/* package is always owned by SYSTEM! (at least to start with) */
if (CliPackage) CliOwnerPtr = "SYSTEM";
if (CliOwnerPtr && CliOwnerPtr[0])
{
status = GetIdent (CliOwnerPtr, &OwnerUic, false);
if (VMSnok (status)) exit (status);
}
if (CliAsIfPtr || CliExceptionalFiles) CliPackage = true;
if (!CliParam1Ptr) exit (CLI$_INSFPRM);
ControlT (0);
if (!CliExceptionalFiles)
if (VMSnok (status = FindFiles (CliParam1Ptr)))
exit (status);
if (WholePackage || CliExceptionalFiles)
{
/* start with WASD_ROOT.DIR itself */
CliAsIfPtr = "DOC";
FindFiles (HtRootDir());
/* explicitly set these file specifications */
for (idx = 0; FileSecurity[idx].FileSpec; idx++)
{
CliAsIfPtr = FileSecurity[idx].AsIf;
FindFiles (FileSecurity[idx].FileSpec);
}
/* special case (otherwise overridden by logic in SetPackage()) */
FindFiles ("WASD_ROOT:[*].WWW_*;*");
}
if (CliProgress && ProgressCount > 100)
fprintf (stdout, " (%d)\n", ProgressCount);
exit (SS$_NORMAL);
}
/*****************************************************************************/
/*
Search for files matching the specification and then apply whatever has been
requested via the command line.
*/
int FindFiles (char *FileSpec)
{
int idx, status,
ExpFileNameLength,
SpecialFile,
ResFileNameLength;
unsigned long Context;
char ExpFileName [ODS_MAX_FILE_NAME_LENGTH+1],
ResFileName [ODS_MAX_FILE_NAME_LENGTH+1],
AceBuffer [256];
char *cptr;
struct FAB SearchFab;
struct NAM SearchNam;
#ifdef ODS_EXTENDED
struct NAML SearchNaml;
#endif /* ODS_EXTENDED */
/*********/
/* begin */
/*********/
if (Debug) fprintf (stdout, "FindFiles() |%s|\n", FileSpec);
#ifdef ODS_EXTENDED
OdsExtended = (GetVmsVersion() >= 72);
ENAMEL_NAML_SANITY_CHECK
#endif /* ODS_EXTENDED */
SearchFab = cc$rms_fab;
SearchFab.fab$l_dna = "*.*;0";
SearchFab.fab$b_dns = 5;
#ifdef ODS_EXTENDED
if (OdsExtended)
{
SearchFab.fab$l_fna = (char*)-1;
SearchFab.fab$b_fns = 0;
SearchFab.fab$l_nam = (struct namdef*)&SearchNaml;
ENAMEL_RMS_NAML(SearchNaml)
SearchNaml.naml$l_long_filename = FileSpec;
SearchNaml.naml$l_long_filename_size = strlen(FileSpec);
SearchNaml.naml$l_long_expand = ExpFileName;
SearchNaml.naml$l_long_expand_alloc = sizeof(ExpFileName)-1;
SearchNaml.naml$l_long_result = ResFileName;
SearchNaml.naml$l_long_result_alloc = sizeof(ResFileName)-1;
}
else
#endif /* ODS_EXTENDED */
{
SearchFab.fab$l_fna = FileSpec;
SearchFab.fab$b_fns = strlen(FileSpec);
SearchFab.fab$l_nam = &SearchNam;
SearchNam = cc$rms_nam;
SearchNam.nam$l_esa = ExpFileName;
SearchNam.nam$b_ess = ODS2_MAX_FILE_NAME_LENGTH;
SearchNam.nam$l_rsa = ResFileName;
SearchNam.nam$b_rss = ODS2_MAX_FILE_NAME_LENGTH;
}
if (VMSnok (status = sys$parse (&SearchFab, 0, 0)))
return (status);
#ifdef ODS_EXTENDED
if (OdsExtended)
{
SearchNaml.naml$l_long_ver[SearchNaml.naml$l_long_ver_size] = '\0';
ExpFileNameLength = (SearchNaml.naml$l_long_ver - ExpFileName) +
SearchNaml.naml$l_long_ver_size;
}
else
#endif /* ODS_EXTENDED */
{
SearchNam.nam$l_ver[SearchNam.nam$b_ver] = '\0';
ExpFileNameLength = (SearchNam.nam$l_ver - ExpFileName) +
SearchNam.nam$b_ver;
}
if (Debug)
fprintf (stdout, "ExpFileName %d |%s|\n",
ExpFileNameLength, ExpFileName);
ControlTFileNamePtr = ResFileName;
while (VMSok (status = sys$search (&SearchFab, 0, 0)))
{
SpecialFile = 0;
#ifdef ODS_EXTENDED
if (OdsExtended)
{
SearchNaml.naml$l_long_ver[SearchNaml.naml$l_long_ver_size] = '\0';
ResFileNameLength = (SearchNaml.naml$l_long_ver - ResFileName) +
SearchNaml.naml$l_long_ver_size;
if (strsame (SearchNaml.naml$l_long_type, ".DIR;", 5))
SpecialFile = FILE_DIR;
else
if (SearchNaml.naml$l_long_name == SearchNaml.naml$l_long_type &&
strsame (SearchNaml.naml$l_long_type, ".WWW_", 5))
SpecialFile = FILE_WWW;
}
else
#endif /* ODS_EXTENDED */
{
SearchNam.nam$l_ver[SearchNam.nam$b_ver] = '\0';
ResFileNameLength = (SearchNam.nam$l_ver - ResFileName) +
SearchNam.nam$b_ver;
if (strsame (SearchNam.nam$l_type, ".DIR;", 5))
SpecialFile = FILE_DIR;
else
if (SearchNam.nam$l_name == SearchNam.nam$l_type &&
strsame (SearchNam.nam$l_type, ".WWW_", 5))
SpecialFile = FILE_WWW;
}
if (Debug)
fprintf (stdout, "ResFileName %d %d |%s|\n",
SpecialFile, ResFileNameLength, ResFileName);
ProgressCount++;
if (CliProgress)
{
if (!(ProgressCount % 25) && ProgressCount >= 100)
{
if (ProgressCount == 100)
fprintf (stdout, "PROGRESS: 100");
else
if (!(ProgressCount % 100))
fprintf (stdout, "%d", ProgressCount);
else
fprintf (stdout, ".");
}
}
if (CliFindPtr)
{
/* searching for files with/without the IGNORE ACL */
status = SetCheckIgnore (ResFileName, ResFileNameLength);
if (Debug) fprintf (stdout, "SetCheckIgnore() %%X%08.08X\n", status);
if (!*CliFindPtr || *CliFindPtr == 'I')
if (VMSok (status))
fprintf (stdout, "%s\n", ResFileName);
else
continue;
else
if (VMSok (status))
continue;
else
fprintf (stdout, "%s\n", ResFileName);
continue;
}
if (CliDelete || CliPackage || CliAclPtr)
{
/* delete any existing ACL */
SetSecurity (ResFileName, ResFileNameLength, true, 0, 0, 0);
}
if (CliNoPermit)
{
/* remove the permission ACE */
if (CliPermitRead)
SetNoPermit (ResFileName, ResFileNameLength, PermitId,
ACE$M_READ);
else
if (CliPermitWrite)
SetNoPermit (ResFileName, ResFileNameLength, PermitId,
ACE$M_READ | ACE$M_WRITE | ACE$M_DELETE);
else
if (CliPermitControl)
SetNoPermit (ResFileName, ResFileNameLength, HttpServerId,
ACE$M_CONTROL);
}
if (CliPermitControl)
{
if (SpecialFile != FILE_DIR)
{
fprintf (stdout, "%%%s-E-CONTROL, only on directory files\n",
Utility);
exit (SS$_BADPARAM | STS$M_INHIB_MSG);
}
SetSecurity (ResFileName, ResFileNameLength,
false, 0, 0, ACE_SERVER_CONTROL);
}
if (CliPermitRead)
{
if (CliPermitPtr && CliPermitPtr[0])
cptr = CliPermitPtr;
else
if (CliSetNobody)
cptr = "WASD_HTTP_NOBODY";
else
cptr = "WASD_HTTP_SERVER";
if (SpecialFile == FILE_DIR)
sprintf (AceBuffer, ACE_ACCOUNT_READ_DIR, cptr, cptr);
else
sprintf (AceBuffer, ACE_ACCOUNT_READ_FILE, cptr);
SetSecurity (ResFileName, ResFileNameLength, false, 0, 0, AceBuffer);
}
if (CliPermitWrite)
{
if (CliPermitPtr && CliPermitPtr[0])
cptr = CliPermitPtr;
else
if (CliSetNobody)
cptr = "WASD_HTTP_NOBODY";
else
cptr = "WASD_HTTP_SERVER";
if (SpecialFile == FILE_DIR)
sprintf (AceBuffer, ACE_ACCOUNT_WRITE_DIR, cptr, cptr);
else
sprintf (AceBuffer, ACE_ACCOUNT_WRITE_FILE, cptr);
SetSecurity (ResFileName, ResFileNameLength, false, 0, 0, AceBuffer);
}
if (CliNoneAce)
{
if (SpecialFile == FILE_DIR)
SetSecurity (ResFileName, ResFileNameLength,
false, 0, 0, ACL_NONE_DIR);
else
SetSecurity (ResFileName, ResFileNameLength,
false, 0, 0, ACL_NONE_FILE);
}
if (CliSetIgnore || CliSetNoIgnore)
{
SetCheckIgnore (ResFileName, ResFileNameLength);
continue;
}
if (!CliAllFiles)
{
/* check if this file should be ignored */
status = SetCheckIgnore (ResFileName, ResFileNameLength);
if (Debug) fprintf (stdout, "SetCheckIgnore() %%X%08.08X\n", status);
if (VMSok (status)) continue;
}
if (CliPackage)
SetPackage (ResFileName, ResFileNameLength, SpecialFile);
else
if (CliWorldAccess)
SetSecurity (ResFileName, ResFileNameLength,
false, OwnerUic, ACCESS_WORLD, CliAclPtr);
else
if (CliNoWorldAccess)
SetSecurity (ResFileName, ResFileNameLength,
false, OwnerUic, ACCESS_NOWORLD, CliAclPtr);
else
SetSecurity (ResFileName, ResFileNameLength,
false, OwnerUic, 0, CliAclPtr);
}
if (Debug) fprintf (stdout, "sys$search() %%X%08.08X\n", status);
ControlTFileNamePtr = NULL;
if (status == RMS$_NMF) status = SS$_NORMAL;
return (status);
}
/*****************************************************************************/
/*
*/
int SetNoPermit
(
char *FileName,
int FileNameLength,
unsigned long PermitIdent,
unsigned long AceReadWrite
)
{
static unsigned short Length;
static unsigned char AclReadEntry [256];
static char AceBinary [256];
static $DESCRIPTOR (AceBinaryDsc, AceBinary);
static $DESCRIPTOR (AceStringDsc, "");
static $DESCRIPTOR (FileNameDsc, "");
static struct {
unsigned short buf_len;
unsigned short item;
unsigned char *buf_addr;
unsigned short *short_ret_len;
}
GetSecFindNextItems [] =
{
{ 0, OSS$_ACL_FIND_NEXT, 0, 0 },
{0,0,0,0}
},
GetSecPositionTopItems [] =
{
{ 0, OSS$_ACL_POSITION_TOP, 0, 0 },
{0,0,0,0}
},
GetSecReadEntryItems [] =
{
{ sizeof(AclReadEntry), OSS$_ACL_READ_ENTRY, AclReadEntry, &Length },
{0,0,0,0}
},
OssAclDeleteEntryItems [] =
{
{ 0, OSS$_ACL_DELETE_ENTRY, 0, 0 },
{0,0,0,0}
};
int status;
unsigned short ErrorPos;
unsigned long AceAccess,
AceFlags,
AceIdent,
AceLength,
AceReserved,
AceType,
Context;
unsigned char *aptr;
/*********/
/* begin */
/*********/
if (Debug)
fprintf (stdout, "SetNoPermit() %d |%s| %08.08X %08.08X\n",
FileNameLength, FileName, PermitIdent, AceReadWrite);
if (!FileNameLength) FileNameLength = strlen(FileName);
FileNameDsc.dsc$a_pointer = FileName;
FileNameDsc.dsc$w_length = FileNameLength;
Context = 0;
for (;;)
{
status = sys$get_security (&ClassNameDsc, &FileNameDsc, 0, OSS$M_WLOCK,
&GetSecFindNextItems, &Context, &AccessMode);
if (Debug) fprintf (stdout, "FIND_NEXT %%X%08.08X\n", status);
if (VMSnok (status)) break;
status = sys$get_security (0, 0, 0, 0,
&GetSecReadEntryItems, &Context, &AccessMode);
if (Debug)
fprintf (stdout, "READ_ENTRY %%X%08.08X %d\n",
status, AclReadEntry[0]);
if (VMSnok (status)) break;
aptr = AclReadEntry;
AceLength = *aptr++;
AceType = *aptr++;
AceFlags = *(unsigned short*)aptr;
aptr += 2;
AceAccess = *(unsigned long*)aptr;
aptr += 4;
AceReserved = AceFlags & 0x000f;
aptr += AceReserved * 4;
AceIdent = *(unsigned long*)aptr;
if (Debug)
fprintf (stdout,
"AceLength:%d AceType:%d AceFlags:%d \
AceAccess:%08.08X AceReserved:%d AceIdent:%08.08X\n",
AceLength, AceType, AceFlags,
AceAccess, AceReserved, AceIdent);
if (AceIdent != PermitIdent) continue;
if (AceAccess != AceReadWrite) continue;
status = sys$set_security (0, 0, 0, 0, &OssAclDeleteEntryItems,
&Context, &AccessMode);
if (Debug) fprintf (stdout, "sys$set_security() %%X%08.08X\n", status);
if (VMSnok (status))
{
fprintf (stdout, "%%%s-E-DELACLENTRY, %s\n", Utility, FileName);
exit (status);
}
status = sys$set_security (0, 0, 0, 0, &GetSecPositionTopItems,
&Context, &AccessMode);
if (Debug) fprintf (stdout, "sys$set_security() %%X%08.08X\n", status);
if (VMSnok (status))
{
fprintf (stdout, "%%%s-E-POSITIONTOP, %s\n", Utility, FileName);
exit (status);
}
}
/* release the context */
sys$get_security (0, 0, 0, OssRelCtx, 0, &Context, &AccessMode);
return (status);
}
/*****************************************************************************/
/*
This function sets the supplied file name's security (ownership, file
protection and optionally an ACL) according to package requirements stored in
the array 'PackageSecurity'. It gets the leading directory name from the file
name. It then compares this to the name stored in 'PrevDirectory' (if any).
If they match then it just uses the previous directory security information to
set the security for this file. If they don't then we must have changed
directories and it searches the 'PackageSecurity' array for a directory name
that matches that leading directory name from the file name. If it finds one
that matches it uses the associated security information to set the security on
the supplied file name. If none matches then it considers this is not a
package directory and makes no changes to any files within it.
*/
int SetPackage
(
char *FileName,
int FileNameLength,
int SpecialFile
)
{
static char PrevIndex;
static char PrevDirectory [64];
int cnt, idx, status;
char *cptr, *sptr, *tptr, *zptr;
char Scratch [256];
FILE *fptr;
/*********/
/* begin */
/*********/
if (Debug)
fprintf (stdout, "SetPackage() %d |%s|%s|\n",
SpecialFile, FileName, PrevDirectory);
if (CliAsIfPtr)
{
if (!(idx = PrevIndex) || WholePackage || CliExceptionalFiles)
{
for (idx = 0; PackageSecurity[idx].DirectoryName; idx++)
if (strsame (PackageSecurity[idx].DirectoryName, CliAsIfPtr, -1))
break;
PrevIndex = idx;
if (Debug)
fprintf (stdout, "%d |%s|\n",
idx, PackageSecurity[idx].DirectoryName);
/* if not a known package directory name */
if (!PackageSecurity[idx].DirectoryName)
{
fprintf (stdout, "%%%s-E-ASIF, unknown name\n \\%s\\\n",
Utility, CliAsIfPtr);
exit (SS$_BADPARAM | STS$M_INHIB_MSG);
}
}
}
else
{
for (cptr = FileName; *cptr && *cptr != ':'; cptr++);
if (*(unsigned short*)cptr == ':[') cptr += 2;
if (!memcmp (cptr, "000000.", 7)) cptr += 7;
tptr = cptr;
sptr = PrevDirectory;
while (*sptr && *cptr && *cptr != '.' && *cptr != ']' &&
toupper(*cptr) == toupper(*sptr))
{
cptr++;
sptr++;
}
/* if they are the same */
if (!*sptr && (*cptr == '.' || *cptr == ']'))
idx = PrevIndex;
else
idx = 0;
if (Debug)
fprintf (stdout, "SAME %d |%s|\n",
idx, PackageSecurity[idx].DirectoryName);
}
if (!idx)
{
for (idx = 0; sptr = PackageSecurity[idx].DirectoryName; idx++)
{
if (PackageSecurity[idx].ScriptBin == IFSCRIPT && CliNoScript)
continue;
if (PackageSecurity[idx].ScriptBin == NOSCRIPT && !CliNoScript)
continue;
cptr = tptr;
while (*sptr && *cptr && *cptr != '.' && *cptr != ']' &&
toupper(*cptr) == toupper(*sptr))
{
cptr++;
sptr++;
}
/* if they are the same */
if (!*sptr && (*cptr == '.' || *cptr == ']')) break;
}
PrevIndex = idx;
if (Debug)
fprintf (stdout, "NEW %d |%s|\n",
idx, PackageSecurity[idx].DirectoryName);
/* store the current directory */
zptr = (sptr = PrevDirectory) + sizeof(PrevDirectory)-1;
cptr = tptr;
while (*cptr && *cptr != '.' && *cptr != ']' && sptr < zptr)
*sptr++ = *cptr++;
*sptr = '\0';
}
/* if not a known package directory name */
if (!PackageSecurity[idx].DirectoryName) return (SS$_NORMAL);
if (SpecialFile == FILE_WWW)
{
/* the likes of .WWW_HIDDEN */
SetSecurity (FileName, FileNameLength,
false, OwnerUic, ACCESS_NOWORLD,
PackageSecurity[idx].DirectoryFileAcl ? ACL_NONE_FILE : 0);
return (SS$_NORMAL);
}
if (SpecialFile == FILE_DIR)
{
for (cnt = 0; PackageSecurity[cnt].DirectoryName; cnt++)
{
if (PackageSecurity[cnt].ScriptBin == IFSCRIPT && CliNoScript)
continue;
if (PackageSecurity[cnt].ScriptBin == NOSCRIPT && !CliNoScript)
continue;
sprintf (Scratch, "WASD_ROOT:[000000]%s.DIR;1",
PackageSecurity[cnt].DirectoryName);
if (strsame (Scratch, FileName, -1)) break;
}
if (PackageSecurity[cnt].DirectoryName)
{
/* recognised top-level package directory file */
SetSecurity (Scratch, 0,
false, OwnerUic,
PackageSecurity[cnt].Protection,
PackageSecurity[cnt].DirectoryFileAcl);
if (PackageSecurity[cnt].WwwHidden)
{
sprintf (Scratch, "WASD_ROOT:[%s].WWW_HIDDEN;",
PackageSecurity[cnt].DirectoryName);
fptr = fopen (Scratch, "r");
if (!fptr) fptr = fopen (Scratch, "w");
if (!fptr) exit (vaxc$errno);
fclose (fptr);
}
return (SS$_NORMAL);
}
}
SetSecurity (FileName, FileNameLength,
false, OwnerUic,
PackageSecurity[idx].Protection,
SpecialFile == FILE_DIR
? PackageSecurity[idx].DirectoryFileAcl
: PackageSecurity[idx].DirectoryContentsAcl);
return (SS$_NORMAL);
}
/*****************************************************************************/
/*
Apply the supplied security settings (owner, protection, ACL) to the specified
file. Any or all of these can be supplied. Qualifiers used on the command
line are used to determine behaviour.
*/
int SetSecurity
(
char *FileName,
BOOL FileNameLength,
int DeleteAcl,
unsigned long OwnerUic,
unsigned short ProtectionMask,
char *AclString
)
{
static unsigned short Length,
OssProtection;
static unsigned long OssOwner;
static char AceBinary [256];
static $DESCRIPTOR (FileNameDsc, "");
static $DESCRIPTOR (AceBinaryDsc, AceBinary);
static $DESCRIPTOR (AceStringDsc, "");
static struct {
unsigned short buf_len;
unsigned short item;
unsigned char *buf_addr;
unsigned long *long_ret_len;
}
OssPositionBottomItems [] =
{
{ 0, OSS$_ACL_POSITION_BOTTOM, 0, 0 },
{0,0,0,0}
},
OssDeleteAllItems [] =
{
{ 0, OSS$_ACL_DELETE_ALL, 0, 0 },
{0,0,0,0}
},
OssOwnerItems [] =
{
{ sizeof(OssOwner), OSS$_OWNER, (unsigned char*)&OssOwner, 0 },
{0,0,0,0}
},
OssProtectionItems [] =
{
{ sizeof(OssProtection), OSS$_PROTECTION,
(unsigned char*)&OssProtection, 0 },
{0,0,0,0}
},
OssAclAddEntryItems [] =
{
{ 0, OSS$_ACL_ADD_ENTRY, (unsigned char*)AceBinary, 0 },
{0,0,0,0}
};
int status;
unsigned long Context;
unsigned short ErrorPos;
char *cptr;
/*********/
/* begin */
/*********/
if (Debug)
fprintf (stdout, "SetSecurity() %d |%s| %d %08.08X %04.04X |%s|\n",
FileNameLength, FileName,
DeleteAcl, OwnerUic, ProtectionMask,
AclString ? AclString : "(null)");
if (!FileNameLength) FileNameLength = strlen(FileName);
FileNameDsc.dsc$a_pointer = FileName;
FileNameDsc.dsc$w_length = FileNameLength;
if (CliCheck)
{
fprintf (stdout, "SET SECURITY %s %08.08X %04.04X%s%s\n",
FileName, OwnerUic, ProtectionMask,
AclString ? " /ACL=" : "", AclString);
return (SS$_NORMAL);
}
if (CliLog) fprintf (stdout, "%s\n", FileName);
Context = 0;
if (OwnerUic)
{
/* set ownership */
OssOwner = OwnerUic;
status = sys$set_security (&ClassNameDsc, &FileNameDsc, 0, 0,
&OssOwnerItems, &Context, &AccessMode);
if (Debug) fprintf (stdout, "sys$set_security() %%X%08.08X\n", status);
if (VMSnok (status))
{
fprintf (stdout, "%%%s-E-OWNER, %s\n", Utility, FileName);
exit (status);
}
}
if (ProtectionMask)
{
/* set protection */
OssProtection = ProtectionMask;
status = sys$set_security (&ClassNameDsc, &FileNameDsc, 0, 0,
&OssProtectionItems, &Context, &AccessMode);
if (Debug) fprintf (stdout, "sys$set_security() %%X%08.08X\n", status);
if (VMSnok (status))
{
fprintf (stdout, "%%%s-E-PROTECTION, %s\n", Utility, FileName);
exit (status);
}
}
if (DeleteAcl)
{
/* delete current ACL */
status = sys$set_security (&ClassNameDsc, &FileNameDsc, 0, 0,
&OssDeleteAllItems, &Context, &AccessMode);
if (Debug) fprintf (stdout, "sys$set_security() %%X%08.08X\n", status);
if (VMSnok (status))
{
fprintf (stdout, "%%%s-E-DELACL, %s\n", Utility, FileName);
exit (status);
}
}
if (!AclString || !AclString[0])
{
/* release the context */
sys$get_security (0, 0, 0, OssRelCtx, 0, &Context, &AccessMode);
return (status);
}
status = sys$set_security (&ClassNameDsc, &FileNameDsc, 0, 0,
&OssPositionBottomItems, &Context, &AccessMode);
if (Debug) fprintf (stdout, "sys$set_security() %%X%08.08X\n", status);
if (VMSnok (status))
{
fprintf (stdout, "%%%s-E-POSITIONBOTTOM, %s\n", Utility, FileName);
exit (status);
}
cptr = AclString;
while (*cptr)
{
/* parse and add the ACE */
while (*cptr && *cptr != '(') cptr++;
while (*(unsigned short*)cptr == '((') cptr++;
AceStringDsc.dsc$a_pointer = cptr;
while (*cptr && *cptr != ')') cptr++;
if (*cptr) cptr++;
AceStringDsc.dsc$w_length = cptr - AceStringDsc.dsc$a_pointer;
while (*cptr == ')') cptr++;
if (Debug)
fprintf (stdout, "|%*.*s|\n",
AceStringDsc.dsc$w_length, AceStringDsc.dsc$w_length,
AceStringDsc.dsc$a_pointer);
status = sys$parse_acl (&AceStringDsc, &AceBinaryDsc, &ErrorPos, 0, 0);
if (Debug) fprintf (stdout, "sys$parse_acl() %%X%08.08X\n", status);
if (VMSnok (status))
{
fprintf (stdout, "%%%s-E-PARSEACL, %*.*s\n",
Utility,
AceStringDsc.dsc$w_length, AceStringDsc.dsc$w_length,
AceStringDsc.dsc$a_pointer);
exit (status);
}
OssAclAddEntryItems[0].buf_len = AceBinary[0];
status = sys$set_security (&ClassNameDsc, &FileNameDsc, 0, 0,
&OssAclAddEntryItems, &Context, &AccessMode);
if (Debug) fprintf (stdout, "sys$set_security() %%X%08.08X\n", status);
if (VMSnok (status))
{
fprintf (stdout, "%%%s-E-ADDACLENTRY, %s\n", Utility, FileName);
exit (status);
}
}
/* release the context */
sys$get_security (0, 0, 0, OssRelCtx, 0, &Context, &AccessMode);
return (status);
}
/*****************************************************************************/
/*
This function can check for a WASD_IGNORE_THIS ACE, can add one if not present,
and can delete any that are present. Returns an appropriate VMS status.
*/
int SetCheckIgnore
(
char *FileName,
int FileNameLength
)
{
static unsigned short Length;
static unsigned char AclReadEntry [256];
static char AceBinary [256];
static $DESCRIPTOR (AceBinaryDsc, AceBinary);
static $DESCRIPTOR (AceStringDsc, "");
static $DESCRIPTOR (FileNameDsc, "");
static struct {
unsigned short buf_len;
unsigned short item;
unsigned char *buf_addr;
unsigned short *short_ret_len;
}
GetSecFindNextItems [] =
{
{ 0, OSS$_ACL_FIND_NEXT, 0, 0 },
{0,0,0,0}
},
GetSecReadEntryItems [] =
{
{ sizeof(AclReadEntry), OSS$_ACL_READ_ENTRY, AclReadEntry, &Length },
{0,0,0,0}
},
OssAclAddEntryItems [] =
{
{ 0, OSS$_ACL_ADD_ENTRY, (unsigned char*)AceBinary, 0 },
{0,0,0,0}
},
OssAclDeleteEntryItems [] =
{
{ 0, OSS$_ACL_DELETE_ENTRY, 0, 0 },
{0,0,0,0}
};
int status;
unsigned short ErrorPos;
unsigned long AceAccess,
AceFlags,
AceIdent,
AceLength,
AceReserved,
AceType,
Context,
OssWriteLock;
unsigned char *aptr;
/*********/
/* begin */
/*********/
if (Debug)
fprintf (stdout, "SetCheckIgnore() %d |%s|\n", FileNameLength, FileName);
if (!FileNameLength) FileNameLength = strlen(FileName);
FileNameDsc.dsc$a_pointer = FileName;
FileNameDsc.dsc$w_length = FileNameLength;
if (CliSetIgnore || CliSetNoIgnore)
OssWriteLock = OSS$M_WLOCK;
else
OssWriteLock = 0;
Context = 0;
for (;;)
{
status = sys$get_security (&ClassNameDsc, &FileNameDsc, 0, OssWriteLock,
&GetSecFindNextItems, &Context, &AccessMode);
if (Debug) fprintf (stdout, "FIND_NEXT %%X%08.08X\n", status);
if (VMSnok (status)) break;
status = sys$get_security (0, 0, 0, 0,
&GetSecReadEntryItems, &Context, &AccessMode);
if (Debug)
fprintf (stdout, "READ_ENTRY %%X%08.08X %d\n",
status, AclReadEntry[0]);
if (VMSnok (status)) break;
aptr = AclReadEntry;
AceLength = *aptr++;
AceType = *aptr++;
AceFlags = *(unsigned short*)aptr;
aptr += 2;
AceAccess = *(unsigned long*)aptr;
aptr += 4;
AceReserved = AceFlags & 0x000f;
aptr += AceReserved * 4;
AceIdent = *(unsigned long*)aptr;
if (Debug)
fprintf (stdout,
"AceLength:%d AceType:%d AceFlags:%d AceAccess:%d AceReserved:%d AceIdent:%08.08X\n",
AceLength, AceType, AceFlags,
AceAccess, AceReserved, AceIdent);
if (AceIdent != IgnoreId) continue;
/**************/
/* found one! */
/**************/
if (CliSetNoIgnore)
{
/******************/
/* delete the ACE */
/******************/
status = sys$set_security (0, 0, 0, 0, &OssAclDeleteEntryItems,
&Context, &AccessMode);
if (Debug) fprintf (stdout, "sys$set_security() %%X%08.08X\n", status);
if (VMSnok (status))
{
fprintf (stdout, "%%%s-E-DELACLENTRY, %s\n", Utility, FileName);
exit (status);
}
/* shouldn't be more that one of these, but check anyway */
continue;
}
/***************/
/* ignore file */
/***************/
status = SS$_NORMAL;
break;
}
/* if there was a matching ACE, or we're not setting such an ACE */
if (VMSok(status) || !CliSetIgnore)
{
/* release the context */
sys$get_security (0, 0, 0, OssRelCtx, 0, &Context, &AccessMode);
return (status);
}
/***********************/
/* add an 'ignore' ACE */
/***********************/
if (!AceStringDsc.dsc$w_length)
{
AceStringDsc.dsc$a_pointer = ACE_IGNORE_THIS;
AceStringDsc.dsc$w_length = strlen(AceStringDsc.dsc$a_pointer);
status = sys$parse_acl (&AceStringDsc, &AceBinaryDsc, &ErrorPos, 0, 0);
if (Debug) fprintf (stdout, "sys$parse_acl() %%X%08.08X\n", status);
if (VMSnok (status))
{
fprintf (stdout, "%%%s-E-PARSEACL, %*.*s\n", Utility,
AceStringDsc.dsc$w_length, AceStringDsc.dsc$w_length,
AceStringDsc.dsc$a_pointer);
exit (status);
}
OssAclAddEntryItems[0].buf_len = AceBinary[0];
}
status = sys$set_security (&ClassNameDsc, &FileNameDsc, 0, 0,
&OssAclAddEntryItems, &Context, &AccessMode);
if (Debug) fprintf (stdout, "sys$set_security() %%X%08.08X\n", status);
if (VMSnok (status))
{
fprintf (stdout, "%%%s-E-ADDACLENTRY, %s\n", Utility, FileName);
exit (status);
}
/* release the context */
sys$get_security (0, 0, 0, OssRelCtx, 0, &Context, &AccessMode);
return (status);
}
/*****************************************************************************/
/*
Get the value of right identifier 'IdentName' into the storage pointed to
'IdentValuePtr'. If the identifier does not currently exist then create it.
*/
int GetIdent
(
char *IdentName,
unsigned long *IdentValuePtr,
BOOL CreateIfNeeded
)
{
static unsigned short Length;
static unsigned long IgnoreId;
static $DESCRIPTOR (IdentNameDsc, "");
int status;
/*********/
/* begin */
/*********/
if (Debug) fprintf (stdout, "GetIdent() |%s|\n", IdentName);
IdentNameDsc.dsc$a_pointer = IdentName;
IdentNameDsc.dsc$w_length = strlen(IdentName);
status = sys$asctoid (&IdentNameDsc, IdentValuePtr, 0);
if (Debug)
fprintf (stdout, "sys$asctoid() %%X%08.08X %08.08X\n",
status, *IdentValuePtr);
if (VMSok (status) || !CreateIfNeeded) return (status);
status = sys$add_ident (&IdentNameDsc, 0, 0, IdentValuePtr);
if (Debug) fprintf (stdout, "sys$add_ident() %%X%08.08X\n", status);
if (VMSok (status))
{
fprintf (stdout,
"%%%s-I-RDBADDMSG, identifier %s value %08.08X added to rights database\n",
Utility, IdentName, *IdentValuePtr);
return (status);
}
fprintf (stdout,
"%%%s-E-RDBADDERRU, unable to add %s to rights database\n",
Utility, IdentName);
exit (status);
}
/*****************************************************************************/
/*
For the specified username get various UAI fields from the SYSUAF and create
global symbols containing this content. Intended as utility function during
package installation and security profiling.
*/
int GetUai (char *UserName)
{
static unsigned long Context = -1;
static unsigned long UaiUic;
static char UaiDefDev [31+1],
UaiDefDir [63+1];
static struct {
short BufferLength;
short ItemCode;
void *BufferPtr;
void *LengthPtr;
} UaiItems [] =
{
{ sizeof(UaiUic), UAI$_UIC, &UaiUic, 0 },
{ sizeof(UaiDefDev), UAI$_DEFDEV, &UaiDefDev, 0 },
{ sizeof(UaiDefDir), UAI$_DEFDIR, &UaiDefDir, 0 },
{ 0, 0, 0, 0 }
};
int cnt, status;
char *cptr, *sptr, *tptr, *zptr;
char UserHome [96],
UserHomeDir [128],
UserUic [16];
$DESCRIPTOR (UserNameDsc, "");
$DESCRIPTOR (UserUicDsc, UserUic);
$DESCRIPTOR (UserUicFaoDsc, "!%U\0");
/*********/
/* begin */
/*********/
if (Debug) fprintf (stdout, "GetUai() |%s|\n", UserName);
DeleteGlobalSymbol ("SECHAN_DEFDEV");
DeleteGlobalSymbol ("SECHAN_DEFDIR");
DeleteGlobalSymbol ("SECHAN_HOME");
DeleteGlobalSymbol ("SECHAN_HOME_DIR");
DeleteGlobalSymbol ("SECHAN_UIC");
DeleteGlobalSymbol ("SECHAN_VERSION");
if (!UserName || !UserName[0]) return (SS$_NORMAL);
for (cptr = UserName; *cptr; cptr++) *cptr = toupper(*cptr);
UserNameDsc.dsc$w_length = cptr - UserName;
UserNameDsc.dsc$a_pointer = UserName;
status = sys$getuai (0, &Context, &UserNameDsc, &UaiItems, 0, 0, 0);
if (VMSnok(status)) exit (status | STS$M_INHIB_MSG);
/* generate a DKA100:[USER.DANIEL] from DKA100: and [USER.DANIEL] */
zptr = (sptr = UserHome) + sizeof(UserHome);
cnt = UaiDefDev[0];
for (cptr = UaiDefDev+1; cnt && sptr < zptr; cnt--) *sptr++ = *cptr++;
*cptr = '\0';
cnt = UaiDefDir[0];
for (cptr = UaiDefDir+1; cnt && sptr < zptr; cnt--) *sptr++ = *cptr++;
if (sptr >= zptr) exit (SS$_RESULTOVF);
*sptr = *cptr = '\0';
if (Debug) fprintf (stdout, "UserHome |%s|\n", UserHome);
/* generate a DKA100:[USER]DANIEL.DIR from DKA100:[USER.DANIEL] */
zptr = (sptr = UserHomeDir) + sizeof(UserHomeDir);
cnt = 0;
for (cptr = UserHome; *cptr; cptr++)
if (*cptr == '.') cnt++;
cptr = UserHome;
while (*cptr && *cptr != ':' && sptr < zptr) *sptr++ = *cptr++;
if (*cptr && sptr < zptr) *sptr++ = *cptr++;
if (*cptr && sptr < zptr) *sptr++ = *cptr++;
if (cnt)
{
while (cnt--)
{
while (*cptr && *cptr != '.' && sptr < zptr) *sptr++ = *cptr++;
if (*cptr) cptr++;
if (sptr < zptr) *sptr++ = ']';
while (*cptr && *cptr != ']' && sptr < zptr) *sptr++ = *cptr++;
}
}
else
{
tptr = "000000]";
while (*tptr && sptr < zptr) *sptr++ = *tptr++;
while (*cptr && *cptr != ']' && sptr < zptr) *sptr++ = *cptr++;
}
tptr = ".DIR";
while (*tptr && sptr < zptr) *sptr++ = *tptr++;
if (sptr >= zptr) exit (SS$_RESULTOVF);
*sptr = '\0';
if (Debug) fprintf (stdout, "UserHomeDir |%s|\n", UserHomeDir);
status = sys$fao (&UserUicFaoDsc, NULL, &UserUicDsc, UaiUic);
if (VMSnok(status)) exit (status);
status = SetGlobalSymbol ("SECHAN_DEFDEV", UaiDefDev+1);
if (VMSnok(status)) exit (status);
status = SetGlobalSymbol ("SECHAN_DEFDIR", UaiDefDir+1);
if (VMSnok(status)) exit (status);
status = SetGlobalSymbol ("SECHAN_HOME", UserHome);
if (VMSnok(status)) exit (status);
status = SetGlobalSymbol ("SECHAN_HOME_DIR", UserHomeDir);
if (VMSnok(status)) exit (status);
status = SetGlobalSymbol ("SECHAN_UIC", UserUic);
if (VMSnok(status)) exit (status);
status = SetGlobalSymbol ("SECHAN_VERSION", SOFTWAREID);
if (VMSnok(status)) exit (status);
return (SS$_NORMAL);
}
/*****************************************************************************/
/*
Provide a progress line when Control-T is pressed.
*/
void ControlT (char ch)
{
static unsigned short SysOutChan;
static unsigned long ControlTMask [2] = { 0, 0x00100000 };
static $DESCRIPTOR (SysOutputDsc, "SYS$OUTPUT");
static long Pid = -1;
static unsigned long JpiMode;
static struct
{
unsigned short buf_len;
unsigned short item;
void *buf_addr;
void *ret_len;
}
JpiItems [] =
{
{ sizeof(JpiMode), JPI$_MODE, &JpiMode, 0 },
{0,0,0,0}
};
int status;
/*********/
/* begin */
/*********/
if (Debug) fprintf (stdout, "ControlT() %d\n", ch);
if (ch)
{
if (ControlTFileNamePtr)
fprintf (stdout, "%d %s\n", ProgressCount, ControlTFileNamePtr);
return;
}
status = sys$getjpiw (0, &Pid, 0, &JpiItems, 0, 0, 0);
if (VMSnok (status)) exit (status);
if (JpiMode != JPI$K_INTERACTIVE) return;
status = sys$assign (&SysOutputDsc, &SysOutChan, 0, 0);
if (VMSnok(status)) exit (status);
status = sys$qiow (0, SysOutChan, IO$_SETMODE | IO$M_OUTBAND,
0, 0, 0, &ControlT, &ControlTMask, 3, 0, 0, 0);
if (VMSnok(status)) exit (status);
}
/*****************************************************************************/
/*
Get "command-line" parameters, whether from the command-line or from a
configuration symbol or logical containing the equivalent.
*/
GetParameters ()
{
static char CommandLine [256];
static unsigned long Flags = 0;
register char *aptr, *cptr, *clptr, *sptr;
int status;
unsigned short Length;
char ch;
$DESCRIPTOR (CommandLineDsc, CommandLine);
/*********/
/* begin */
/*********/
if (Debug) fprintf (stdout, "GetParameters()\n");
if (!(clptr = getenv ("SECHAN$PARAM")))
{
/* get the entire command line following the verb */
if (VMSnok (status =
lib$get_foreign (&CommandLineDsc, 0, &Length, &Flags)))
exit (status);
(clptr = CommandLine)[Length] = '\0';
}
aptr = NULL;
ch = *clptr;
for (;;)
{
if (aptr && *aptr == '/') *aptr = '\0';
if (!ch) break;
*clptr = ch;
if (Debug) fprintf (stdout, "clptr |%s|\n", clptr);
while (*clptr && isspace(*clptr)) *clptr++ = '\0';
aptr = clptr;
if (*clptr == '/') clptr++;
while (*clptr && !isspace (*clptr) && *clptr != '/')
{
if (*clptr != '\"')
{
clptr++;
continue;
}
cptr = clptr;
clptr++;
while (*clptr)
{
if (*clptr == '\"')
if (*(clptr+1) == '\"')
clptr++;
else
break;
*cptr++ = *clptr++;
}
*cptr = '\0';
if (*clptr) clptr++;
}
ch = *clptr;
if (*clptr) *clptr = '\0';
if (Debug) fprintf (stdout, "aptr |%s|\n", aptr);
if (!*aptr) continue;
if (strsame (aptr, "/ACL=", 4))
{
for (cptr = aptr; *cptr && *cptr != '='; cptr++);
if (*cptr) cptr++;
CliAclPtr = cptr;
continue;
}
if (strsame (aptr, "/ALL", 4))
{
CliAllFiles = true;
continue;
}
if (strsame (aptr, "/ASIF=", 4))
{
for (cptr = aptr; *cptr && *cptr != '='; cptr++);
if (*cptr) cptr++;
CliAsIfPtr = cptr;
continue;
}
if (strsame (aptr, "/CHECK", -1))
{
CliCheck = true;
continue;
}
if (strsame (aptr, "/CONTROL", 4))
{
CliPermitControl = true;
CliPermitRead = false;
CliPermitWrite = false;
continue;
}
if (strsame (aptr, "/DBUG", -1))
{
Debug = true;
continue;
}
if (strsame (aptr, "/DELETE", 4))
{
CliDelete = true;
continue;
}
if (strsame (aptr, "/EXCEPTIONAL", 4))
{
CliExceptionalFiles = CliPackage = true;
continue;
}
if (strsame (aptr, "/FIND=", 4))
{
for (cptr = aptr; *cptr && *cptr != '='; cptr++);
if (*cptr) cptr++;
CliFindPtr = cptr;
continue;
}
if (strsame (aptr, "/GETUAI", 4))
{
CliGetUai = true;
continue;
}
if (strsame (aptr, "/IDENTIFIERS", 4))
{
CliIdentifiers = true;
continue;
}
if (strsame (aptr, "/LOG", -1))
{
CliLog = true;
continue;
}
if (strsame (aptr, "/IGNORE", 4))
{
CliSetIgnore = true;
CliSetNoIgnore = false;
continue;
}
if (strsame (aptr, "/NOIGNORE", 6))
{
CliSetNoIgnore = true;
CliSetIgnore = false;
continue;
}
if (strsame (aptr, "/NOBODY", 4))
{
CliSetNobody = true;
CliSetServer = false;
continue;
}
if (strsame (aptr, "/NONE", 5))
{
CliNoneAce = true;
continue;
}
if (strsame (aptr, "/NOSCRIPT", 6))
{
CliNoScript = true;
continue;
}
if (strsame (aptr, "/OWNER=", 4))
{
for (cptr = aptr; *cptr && *cptr != '='; cptr++);
if (*cptr) cptr++;
CliOwnerPtr = cptr;
continue;
}
if (strsame (aptr, "/PACKAGE", 4))
{
CliPackage = true;
continue;
}
if (strsame (aptr, "/PERMIT=", 4))
{
for (cptr = aptr; *cptr && *cptr != '='; cptr++);
if (*cptr) cptr++;
CliPermitPtr = cptr;
continue;
}
if (strsame (aptr, "/NOPERMIT=", 6))
{
for (cptr = aptr; *cptr && *cptr != '='; cptr++);
if (*cptr) cptr++;
CliPermitPtr = cptr;
CliNoPermit = true;
continue;
}
if (strsame (aptr, "/PROGRESS", 4))
{
CliProgress = true;
continue;
}
if (strsame (aptr, "/READ", 4))
{
CliPermitRead = true;
CliPermitWrite = false;
CliPermitControl = false;
continue;
}
if (strsame (aptr, "/SERVER", 4))
{
CliSetServer = true;
CliSetNobody = false;
continue;
}
if (strsame (aptr, "/WRITE", 4))
{
CliPermitWrite = true;
CliPermitRead = false;
CliPermitControl = false;
continue;
}
if (strsame (aptr, "/VERSION", 4))
{
fprintf (stdout, "%%%s-I-SOFTWAREID, %s\n%s",
Utility, SOFTWAREID, CopyrightInfo);
status = SetGlobalSymbol ("SECHAN_VERSION", SOFTWAREVN);
if (VMSnok(status)) exit (status);
exit (SS$_NORMAL);
}
if (strsame (aptr, "/WORLD", 4))
{
CliWorldAccess = true;
continue;
}
if (strsame (aptr, "/NOWORLD", 6))
{
CliNoWorldAccess = true;
continue;
}
if (*aptr == '/')
{
fprintf (stdout, "%%%s-E-IVQUAL, unrecognized qualifier\n \\%s\\\n",
Utility, aptr+1);
exit (STS$K_ERROR | STS$M_INHIB_MSG);
}
if (!CliParam1Ptr)
{
CliParam1Ptr = aptr;
continue;
}
fprintf (stdout, "%%%s-E-MAXPARM, too many parameters\n \\%s\\\n",
Utility, aptr);
exit (STS$K_ERROR | STS$M_INHIB_MSG);
}
}
/*****************************************************************************/
/*
Translate the logical name WASD_ROOT, generate a parent directory, append the
string WASD_ROOT.DIR, and return a pointer to the resultant file specification.
*/
char* HtRootDir ()
{
static unsigned short Length;
static char LogicalValue [256+9];
static $DESCRIPTOR (LogicalNameDsc, "WASD_ROOT");
static $DESCRIPTOR (LnmFileDevDsc, "LNM$FILE_DEV");
static struct {
short int buf_len;
short int item;
void *buf_addr;
unsigned short *ret_len;
} LnmItems [] =
{
{ sizeof(LogicalValue)-1, LNM$_STRING, LogicalValue, &Length },
{ 0,0,0,0 }
};
int status;
char *cptr, *sptr;
/*********/
/* begin */
/*********/
if (Debug) fprintf (stdout, "HtRootDir()\n");
status = sys$trnlnm (0, &LnmFileDevDsc, &LogicalNameDsc, 0, &LnmItems);
if (Debug) fprintf (stdout, "sys$trnlnm() %%X%08.08X\n", status);
if (VMSnok (status)) return (NULL);
LogicalValue[Length] = '\0';
if (Debug) fprintf (stdout, "|%s|\n", LogicalValue);
sptr = (cptr = LogicalValue + Length) + 9;
*sptr-- = '\0';
*sptr-- = 'R';
*sptr-- = 'I';
*sptr-- = 'D';
*sptr-- = '.';
while (cptr > LogicalValue && *cptr != ']') cptr--;
if (cptr > LogicalValue && *cptr == ']') cptr--;
if (cptr > LogicalValue && *cptr == '.') cptr--;
while (cptr > LogicalValue && *cptr != '[' && *cptr != '.')
*sptr-- = *cptr--;
if (*cptr == '[')
memcpy (cptr, "[000000]", 8);
else
if (*cptr == '.')
{
sptr++;
*cptr++ = ']';
while (*sptr) *cptr++ = *sptr++;
*cptr = '\0';
}
else
exit (SS$_BUGCHECK);
return (LogicalValue);
}
/****************************************************************************/
/*
Delete a global symbol.
*/
int DeleteGlobalSymbol (char *Name)
{
static int GlobalSymbol = LIB$K_CLI_GLOBAL_SYM;
static $DESCRIPTOR (NameDsc, "");
int status;
/*********/
/* begin */
/*********/
if (Debug) fprintf (stdout, "DeleteGlobalSymbol() |%s|\n", Name);
NameDsc.dsc$a_pointer = Name;
NameDsc.dsc$w_length = strlen(Name);
status = lib$delete_symbol (&NameDsc, &GlobalSymbol);
return (status);
}
/****************************************************************************/
/*
Assign a global symbol.
*/
int SetGlobalSymbol
(
char *Name,
char *String
)
{
static int GlobalSymbol = LIB$K_CLI_GLOBAL_SYM;
static $DESCRIPTOR (NameDsc, "");
static $DESCRIPTOR (ValueDsc, "");
int status;
/*********/
/* begin */
/*********/
if (Debug) fprintf (stdout, "SetGlobalSymbol() |%s|%s|\n", Name, String);
NameDsc.dsc$a_pointer = Name;
NameDsc.dsc$w_length = strlen(Name);
ValueDsc.dsc$a_pointer = String;
ValueDsc.dsc$w_length = strlen(String);
status = lib$set_symbol (&NameDsc, &ValueDsc, &GlobalSymbol);
return (status);
}
/****************************************************************************/
/*
Return an integer reflecting the major and minor version of VMS (e.g. 60, 61,
62, 70, 71, 72, etc.)
*/
#ifdef ODS_EXTENDED
int GetVmsVersion ()
{
static char SyiVersion [16];
static struct {
short int buf_len;
short int item;
void *buf_addr;
unsigned short *ret_len;
}
SyiItems [] =
{
{ 8, SYI$_VERSION, &SyiVersion, 0 },
{ 0,0,0,0 }
};
int status,
version;
/*********/
/* begin */
/*********/
if (Debug) fprintf (stdout, "GetVmsVersion()\n");
if (VMSnok (status = sys$getsyiw (0, 0, 0, &SyiItems, 0, 0, 0)))
exit (status);
SyiVersion[8] = '\0';
version = ((SyiVersion[1]-48) * 10) + (SyiVersion[3]-48);
if (Debug) fprintf (stdout, "|%s| %d\n", SyiVersion, version);
return (version);
}
#endif /* ODS_EXTENDED */
/****************************************************************************/
/*
Does a case-insensitive, character-by-character string compare and returns
true if two strings are the same, or false if not. If a maximum number of
characters are specified only those will be compared, if the entire strings
should be compared then specify the number of characters as 0.
*/
BOOL strsame
(
char *sptr1,
char *sptr2,
int count
)
{
/*********/
/* begin */
/*********/
if (Debug) fprintf (stdout, "strsame() |%s|%s| %d\n", sptr1, sptr2, count);
while (*sptr1 && *sptr2)
{
if (toupper (*sptr1++) != toupper (*sptr2++)) return (false);
if (count)
if (!--count) return (true);
}
if (*sptr1 || *sptr2)
return (false);
else
return (true);
}
/*****************************************************************************/