--********************************************************************************************************************
-- Created: 30-Mar-2010 17:32:32 by OpenVMS SDL EV3-3      
-- Source:  28-MAR-2005 09:55:56 $1$DGA7274:[LIB_ADA.LIS]C2DEF.SDL;1 
--********************************************************************************************************************
with SYSTEM; use SYSTEM;
with STARLET; use STARLET;
with CONDITION_HANDLING; use CONDITION_HANDLING;
 
package C2DEF is
 
--  module $C2DEF
 
--+
-- C2 - C2 Subset Definitions
--
-- This structures maps the bits in the SECURITY_POLICY SYSGEN parameter that
-- are used to enable or remove features that have not been formally evaluated
-- by the NCSC under our C2/B1 VMS/SEVMS evaluation.
--
---
 
    C2_M_ALLOW_DISPLAY_POSTSCRIPT	: constant := 16#00000001#;
    C2_M_ALLOW_MULTIPLE_DECW_USERS	: constant := 16#00000002#;
    C2_M_ALLOW_ALTERNATE_TRANSPORTS	: constant := 16#00000004#;
    C2_M_ALLOW_SPAN_JOB_TREES	: constant := 16#00000008#;
    C2_M_LOCAL_UPDATE		: constant := 16#00000010#;
    C2_M_LOCAL_PROFILE		: constant := 16#00000020#;
    C2_M_ALLOW_CAPTIVE_SPAWN	: constant := 16#00000040#;
    C2_M_COMPRESS_MAC_STRINGS	: constant := 16#00000080#;
    C2_M_UPPERCASE_INPUT	: constant := 16#00000100#;
    C2_M_GUARD_PASSWORDS	: constant := 16#00000200#;
    C2_M_DOI_AUTHORIZATION_ONLY	: constant := 16#00000400#;
    C2_M_IGNORE_EXTAUTH		: constant := 16#00000800#;
    C2_M_INTRUSIONS_ARE_LOCAL	: constant := 16#00001000#;
    C2_M_USE_POSIX_UIDGID	: constant := 16#00002000#;
    C2_M_ALLOW_SYMLINK_ACCESS	: constant := 16#00004000#;
    C2_S_SECPOLDEF		: constant := 4;
 
    type C2_SECURITY_POLICY_TYPE is
	record
	    ALLOW_DISPLAY_POSTSCRIPT	: BOOLEAN;			--  allow display postscript extensions
	    ALLOW_MULTIPLE_DECW_USERS	: BOOLEAN;			--  allow multiple username to connect to DECW$SERVER
	    ALLOW_ALTERNATE_TRANSPORTS	: BOOLEAN;			--  allow unevaluated transports
	    ALLOW_SPAN_JOB_TREES	: BOOLEAN;			--  allow $SIGPRC to span job trees
									--  The following bits control profile management for cluster object
									--  when the object server is unavailable.  Setting these bits will
									--  allow these objects to have inconsistent profiles within a security
									--  domain (cluster).
	    LOCAL_UPDATE	: BOOLEAN;				--  allow local profile changes
	    LOCAL_PROFILE	: BOOLEAN;				--  allow local object creation
	    ALLOW_CAPTIVE_SPAWN	: BOOLEAN;				--  allow SPAWN or LIB$SPAWN in CAPTIVE accounts
	    COMPRESS_MAC_STRINGS	: BOOLEAN;			--  compress MAC category strings (SEVMS)
	    UPPERCASE_INPUT	: BOOLEAN;				--  as prior to VMS V7.1
	    GUARD_PASSWORDS	: BOOLEAN;				--  ACMEs shall not share
	    DOI_AUTHORIZATION_ONLY	: BOOLEAN;			--  prevent feature mixing
	    IGNORE_EXTAUTH	: BOOLEAN;				--  ignore user-specific EXTAUTH and VMSAUTH restrictions
	    INTRUSIONS_ARE_LOCAL	: BOOLEAN;			--  consider local intrusions only when set
	    USE_POSIX_UIDGID	: BOOLEAN;				--  perform UID/GID lookup in tcpip proxy database
	    ALLOW_SYMLINK_ACCESS	: BOOLEAN;			--  execute access permits read-attributes on FN and/or backlink
	    FILLER_1	: UNSIGNED_17;
	end record;
 
	    for C2_SECURITY_POLICY_TYPE use 
		record
		    ALLOW_DISPLAY_POSTSCRIPT	at 0 range 0 .. 0;
		    ALLOW_MULTIPLE_DECW_USERS	at 0 range 1 .. 1;
		    ALLOW_ALTERNATE_TRANSPORTS	at 0 range 2 .. 2;
		    ALLOW_SPAN_JOB_TREES	at 0 range 3 .. 3;
		    LOCAL_UPDATE	at 0 range 4 .. 4;
		    LOCAL_PROFILE	at 0 range 5 .. 5;
		    ALLOW_CAPTIVE_SPAWN	at 0 range 6 .. 6;
		    COMPRESS_MAC_STRINGS	at 0 range 7 .. 7;
		    UPPERCASE_INPUT	at 1 range 0 .. 0;
		    GUARD_PASSWORDS	at 1 range 1 .. 1;
		    DOI_AUTHORIZATION_ONLY	at 1 range 2 .. 2;
		    IGNORE_EXTAUTH	at 1 range 3 .. 3;
		    INTRUSIONS_ARE_LOCAL	at 1 range 4 .. 4;
		    USE_POSIX_UIDGID	at 1 range 5 .. 5;
		    ALLOW_SYMLINK_ACCESS	at 1 range 6 .. 6;
		    FILLER_1	at 1 range 7 .. 23;
		end record;
	    for C2_SECURITY_POLICY_TYPE'SIZE use 32;
 
    C2_SECURITY_POLICY_TYPE_INIT : constant C2_SECURITY_POLICY_TYPE := 
	    (ALLOW_DISPLAY_POSTSCRIPT	=> FALSE,
	    ALLOW_MULTIPLE_DECW_USERS	=> FALSE,
	    ALLOW_ALTERNATE_TRANSPORTS	=> FALSE,
	    ALLOW_SPAN_JOB_TREES	=> FALSE,
	    LOCAL_UPDATE	=> FALSE,
	    LOCAL_PROFILE	=> FALSE,
	    ALLOW_CAPTIVE_SPAWN	=> FALSE,
	    COMPRESS_MAC_STRINGS	=> FALSE,
	    UPPERCASE_INPUT	=> FALSE,
	    GUARD_PASSWORDS	=> FALSE,
	    DOI_AUTHORIZATION_ONLY	=> FALSE,
	    IGNORE_EXTAUTH	=> FALSE,
	    INTRUSIONS_ARE_LOCAL	=> FALSE,
	    USE_POSIX_UIDGID	=> FALSE,
	    ALLOW_SYMLINK_ACCESS	=> FALSE,
	    FILLER_1	=> 0);
 
    type C2_SECPOL_TYPE is
	record
	    SECURITY_POLICY	: C2_SECURITY_POLICY_TYPE;
	end record;
 
	    for C2_SECPOL_TYPE use 
		record
		    SECURITY_POLICY	at 0 range 0 .. 31;
		end record;
	    for C2_SECPOL_TYPE'SIZE use 32;
 
    C2_SECPOL_TYPE_INIT : constant C2_SECPOL_TYPE := 
	    (
	    SECURITY_POLICY	=> C2_SECURITY_POLICY_TYPE_INIT
	    );
 
end C2DEF;