UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 1 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (1) 1 #module UAF_XXXUAI "X-1" 2 3 /* 4 **++ 5 ** FACILITY: Authorization record maintenance utility 6 ** 7 ** MODULE DESCRIPTION: 8 ** 9 ** This routine contains the routines needed to support the 10 ** creation and deletion of authorization records. 11 ** 12 ** AUTHORS: L. Mark Pilant CREATION DATE: 12-Oct-1993 13 ** 14 ** MODIFICATION HISTORY: 15 ** 16 ** 17 **-- 18 */ 19 20 /* 21 ** 22 ** INCLUDE FILES 23 ** 24 */ 25 26 #include 83 84 #include descrip 517 #include fab 837 #include rab 1074 #include rmsdef 1680 #include string 1726 1727 #include "uaf_header" 3147 3148 #pragma noinline (OPEN_UAF) 3149 #pragma noinline (SYS$CREUAI) 3150 #pragma noinline (SYS$DELUAI) 3151 3152 /* Define the macro used to insure the authorization file is closed as 3153 ** necessary prior to returning an error to the caller. */ 3154 3155 #define RETURN_ERROR(_error_code) \ 3156 { \ 3157 if (close_file != 0) sys$close (&local_uaf_fab); \ 3158 return _error_code; \ 3159 } \ 3160 3161 unsigned int OPEN_UAF (ifi, isi) 3162 3163 unsigned short int *ifi; 3164 unsigned short int *isi; 3165 { 3166 1 /* 3167 1 **++ UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 2 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (1) 3168 1 ** FUNCTIONAL DESCRIPTION: 3169 1 ** 3170 1 ** This routine is calles to open the system authorization file for 3171 1 ** use by the $CREUAI and $DELUAI routines. (This parallels the 3172 1 ** code in [LOADSS]SYSUAISRV.B32.) 3173 1 ** 3174 1 ** FORMAL PARAMETERS: 3175 1 ** 3176 1 ** IFI - Address of a cell to contain the IFI of the file 3177 1 ** ISI - Address of a cell to contain the ISI of the file 3178 1 ** 3179 1 ** RETURN VALUE: 3180 1 ** 3181 1 ** Status of the RMS $OPEN. 3182 1 ** 3183 1 ** SIDE EFFECTS: 3184 1 ** 3185 1 ** None 3186 1 ** 3187 1 **-- 3188 1 */ 3189 1 3190 1 /* Global references. */ 3191 1 3192 1 globalref char *default_sysuaf_file_name; /* Authorization file default file name */ 3193 1 globalref char *default_sysuaf_file_type; /* Authorization file default file type */ 3194 1 globalref char *default_sysuaf_file_spec; /* Authorization filed default spec */ 3195 1 3196 1 /* Local storage. */ 3197 1 3198 1 unsigned int status; /* Routine exit status */ 3199 1 struct FAB uaf_fab; /* Authorization file FAB */ 3200 1 struct RAB uaf_rab; /* Authorization file RAB */ 3201 1 3202 1 /* Clear out the IFI and ISI arguments to indicate nothing was accessed. */ 3203 1 3204 1 *ifi = 0; 3205 1 *isi = 0; 3206 1 3207 1 /* Initialize the RMS data structures needed to open the user authorization file. */ 3208 1 3209 1 /* Authorization File Access Block. */ 3210 1 3211 1 uaf_fab = cc$rms_fab; /* Prototype information */ 3212 1 uaf_fab.fab$b_fac = FAB$M_GET | FAB$M_PUT | FAB$M_DEL | FAB$M_UPD; 3213 1 uaf_fab.fab$b_shr = FAB$M_GET | FAB$M_PUT | FAB$M_DEL | FAB$M_UPD; 3214 1 3215 1 /* If the SYSUAF_LOGICAL symbol is defined, set up the FAB to allow 3216 1 ** the authorization file to be accessed via the appropriate logical 3217 1 ** name. Otherwise, set up the FAB to allow the authorization file 3218 1 ** to be accessed via a full file specification. */ 3219 1 3220 1 #ifdef SYSUAF_LOGICAL 3221 1 uaf_fab.fab$l_fna = default_sysuaf_file_name; /* For the logical name */ 3222 1 uaf_fab.fab$b_fns = strlen (default_sysuaf_file_name); 3223 1 uaf_fab.fab$l_dna = default_sysuaf_file_type; 3224 1 uaf_fab.fab$b_dns = strlen (default_sysuaf_file_type); UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 3 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (1) 3225 1 3226 1 /* Since it is possible for the authorization file to be access via a 3227 1 ** logical name, insure only exec mode logical name translations are 3228 1 ** allowed. This also means the $xxxUAI routines in this module will 3229 1 ** open the file in the same way as the $GETUAI and $SETUAI services. */ 3230 1 3231 1 uaf_fab.fab$v_lnm_mode = PSL$C_EXEC; 3232 1 #else 3233 X uaf_fab.fab$l_fna = default_sysuaf_file_spec; /* For a file spec */ 3234 X uaf_fab.fab$b_fns = strlen (default_sysuaf_file_spec); 3235 1 #endif /* SYSUAF_LOGICAL */ 3236 1 3237 1 /* Authorization file Record Access Block. */ 3238 1 3239 1 uaf_rab = cc$rms_rab; /* Prototype information */ 3240 1 uaf_rab.rab$l_fab = &uaf_fab; 3241 1 uaf_rab.rab$b_rac = RAB$C_KEY; 3242 1 uaf_rab.rab$l_rop = RAB$M_WAT; 3243 1 3244 1 /* Open the authorization file, and return any errors. */ 3245 1 3246 1 CHECK_RETURN (SYS$OPEN (&uaf_fab)); 3247 1 3248 1 /* Connect up a record stream to the authorization file. */ 3249 1 3250 1 CHECK_RETURN (SYS$CONNECT (&uaf_rab)); 3251 1 3252 1 /* Since the file was successfully opened, save the RMS IFI and 3253 1 ** ISI for later. */ 3254 1 3255 1 *ifi = uaf_fab.fab$w_ifi; 3256 1 *isi = uaf_rab.rab$w_isi; 3257 1 3258 1 return SS$_NORMAL; 3259 1 } 3260 UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 4 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (2) 3261 extern unsigned int SYS$CREUAI (null1, context, user_name, itmlst, null3, null4, null5) 3262 3263 unsigned int null1; 3264 unsigned short int (*context)[]; 3265 struct dsc$descriptor *user_name; 3266 struct ITMDEF (*itmlst)[]; 3267 unsigned int null3; 3268 unsigned int null4; 3269 unsigned int null5; 3270 { 3271 1 /* 3272 1 ** FUNCTIONAL DESCRIPTION: 3273 1 ** 3274 1 ** This routine is used to create a user authorization entry. 3275 1 ** 3276 1 ** NOTE 3277 1 ** 3278 1 ** This routine is not expected to be used outside the DECwindows 3279 1 ** Authorize utility environment. As such, it does not do the all 3280 1 ** the necessary argument probing to be secure. Although this could 3281 1 ** be added at a later time. 3282 1 ** 3283 1 ** NOTE 3284 1 ** 3285 1 ** FORMAL PARAMETERS: 3286 1 ** 3287 1 ** NULL1: Unused parameter 3288 1 ** CONTEXT: Address of a context longword 3289 1 ** USER_NAME: Address of the username descriptor 3290 1 ** ITMLST: Address of a list of item descriptors 3291 1 ** NULL3: Unused parameter 3292 1 ** NULL4: Unused parameter 3293 1 ** NULL5: Unused parameter 3294 1 ** 3295 1 ** 3296 1 ** RETURN VALUE: 3297 1 ** 3298 1 ** 1 if the record successfully added 3299 1 ** error code otherwise (various RMS and system error codes) 3300 1 ** 3301 1 ** SIDE EFFECTS: 3302 1 ** 3303 1 ** None 3304 1 ** 3305 1 **-- 3306 1 */ 3307 1 3308 1 /* Global references. */ 3309 1 3310 1 globalref struct ITMTABDEF uai_itm_tab[]; /* $xxxUAI item code information table */ 3311 1 3312 1 /* Local storage. */ 3313 1 3314 1 unsigned short int close_file; /* Set to close file on exit */ 3315 1 unsigned char encrypt_algorithm; /* Password encryption algorithm */ 3316 1 unsigned int hashed_pwd[2]; /* Hashed password */ UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 5 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (2) 3317 1 int index; /* General index */ 3318 1 short int item_code; /* Item list entry item code */ 3319 1 short int item_size; /* Item list entry item entry size */ 3320 1 unsigned char *item_addr; /* Item list entry item info pointer */ 3321 1 struct FAB local_uaf_fab; /* Local authorization file FAB */ 3322 1 struct RAB local_uaf_rab; /* Local authorization file RAB */ 3323 1 char local_username[MAX_USERNAME]; /* Local username */ 3324 1 struct dsc$descriptor local_username_desc; /* Local username descriptor */ 3325 1 struct dsc$descriptor password_desc; /* Local password descriptor */ 3326 1 unsigned int status; /* Routine exit status */ 3327 1 short int uaf_field_size; /* Size of UAF field (from table) */ 3328 1 unsigned short int uaf_ifi; /* UAF (RMS) IFI */ 3329 1 unsigned short int uaf_isi; /* UAF (RMS) ISI */ 3330 1 struct UAFDEF uaf_record; /* Storage for authorization file record */ 3331 1 unsigned char *uaf_record_byte_stream; /* UAF record as a byte stream */ 3332 1 char *username_text; /* Supplied username text */ 3333 1 3334 1 /* Initialize needed storage */ 3335 1 3336 1 memset (hashed_pwd, 0, sizeof hashed_pwd); 3337 1 memset (&local_username_desc, 0, sizeof local_username_desc); 3338 1 memset (&password_desc, 0, sizeof password_desc); 3339 1 3340 1 close_file = -1; 3341 1 uaf_ifi = -1; 3342 1 uaf_isi = -1; 3343 1 3344 1 /* Copy the supplied username to local storage, blank filling in the process. */ 3345 1 3346 1 if (user_name != 0) 3347 1 { 3348 2 username_text = user_name->dsc$a_pointer; 3349 2 3350 2 /* Convert each character in the username string to upper case and blank 3351 2 ** fill any unused portion of the local username storage. */ 3352 2 3353 2 for (index = 0; index < sizeof local_username; ++index) 3354 2 { 3355 3 if (index >= user_name->dsc$w_length) 3356 3 local_username[index] = ' '; 3357 3 else 3358 3 local_username[index] = toupper (username_text[index]); 3359 3 } 3360 2 } 3361 1 else return SS$_INSFARG; 3362 1 3363 1 local_username_desc.dsc$w_length = sizeof local_username; 3364 1 local_username_desc.dsc$a_pointer = local_username; 3365 1 3366 1 /* If a context parameter was supplied, get it. */ 3367 1 3368 1 if (context != 0) 3369 1 { 3370 2 uaf_ifi = (*context)[0]; 3371 2 uaf_isi = (*context)[1]; 3372 2 } 3373 1 UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 6 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (2) 3374 1 /* If the UAF has not already been opened, as indicated by a -1 value for the 3375 1 ** UAF IFI, attempt to open it now. This is done without privileges (at the 3376 1 ** moment) to allow normal file accessing protection processing to apply. */ 3377 1 3378 1 if (uaf_ifi == 0xFFFF) 3379 1 CHECK_RETURN (OPEN_UAF (&uaf_ifi, &uaf_isi)) 3380 1 else close_file = 0; /* Note file is not to be closed */ 3381 1 3382 1 /* Since the authorization file is now known to be open, fabricate the needed 3383 1 ** RMS data structured to allow the authorization records to be created. */ 3384 1 3385 1 memset (&local_uaf_fab, 0, sizeof local_uaf_fab); 3386 1 memset (&local_uaf_rab, 0, sizeof local_uaf_rab); 3387 1 3388 1 local_uaf_fab.fab$b_bid = FAB$C_BID; 3389 1 local_uaf_fab.fab$b_bid = FAB$C_BID; 3390 1 local_uaf_fab.fab$b_bln = FAB$C_BLN; 3391 1 local_uaf_fab.fab$w_ifi = uaf_ifi; 3392 1 3393 1 local_uaf_rab.rab$b_bid = RAB$C_BID; 3394 1 local_uaf_rab.rab$b_bln = RAB$C_BLN; 3395 1 local_uaf_rab.rab$w_isi = uaf_isi; 3396 1 local_uaf_rab.rab$b_rac = RAB$C_KEY; 3397 1 3398 1 /* Clear out the authorization record being built. */ 3399 1 3400 1 memset (&uaf_record, 0, sizeof uaf_record); 3401 1 3402 1 /* Set up the version and record type in the new record. */ 3403 1 3404 1 uaf_record.UAF$B_VERSION = UAF$C_VERSION1; 3405 1 uaf_record.UAF$B_RTYPE = UAF$C_USER_ID; 3406 1 3407 1 /* Move over the username to the new authorization record. */ 3408 1 3409 1 memmove (uaf_record.UAF$r_fill_0.UAF$T_USERNAME, local_username, sizeof local_username); 3410 1 3411 1 /* Fill in the information in the local authorization record from the information 3412 1 ** supplied in the item list. */ 3413 1 3414 1 for (index = 0; (*itmlst)[index].itm$w_itmcod != 0; ++index) 3415 1 { 3416 2 3417 2 /* Get the necessary information for the current item from the item list. */ 3418 2 3419 2 item_code = (*itmlst)[index].itm$w_itmcod; 3420 2 item_size = (*itmlst)[index].itm$w_bufsiz; 3421 2 item_addr = (*itmlst)[index].itm$l_bufadr; 3422 2 3423 2 /* Range check the item code supplied. */ 3424 2 3425 2 if (item_code <= 0 || item_code >= UAI$_MAX_ITEM_CODE) RETURN_ERROR (SS$_BADPARAM); 3426 2 3427 2 /* Validate the size of the item list entry. */ 3428 2 3429 2 if ((TRUE ((uai_itm_tab)[item_code].uaf$r_fill_0.uaf$r_fill_1.uaf$v_itm_flg_var) && 3430 2 item_size > (uai_itm_tab)[item_code].uaf$w_itm_ent_size) || UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 7 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (2) 3431 2 (FALSE ((uai_itm_tab)[item_code].uaf$r_fill_0.uaf$r_fill_1.uaf$v_itm_flg_var) && 3432 2 item_size != (uai_itm_tab)[item_code].uaf$w_itm_ent_size)) 3433 2 RETURN_ERROR (SS$_BADPARAM); 3434 2 3435 2 /* Note how big the field in the authorization record is. In the usual case, 3436 2 ** this is used with the (above) FILL to copy the information supplied by the 3437 2 ** caller in the item list. */ 3438 2 3439 2 uaf_field_size = uai_itm_tab[item_code].uaf$w_itm_ent_size; 3440 2 3441 2 /* If a plaintext password is specified, encrypt it. */ 3442 2 3443 2 if ((item_code == UAI$_PASSWORD) || (item_code == UAI$_PASSWORD2)) 3444 2 { 3445 3 3446 3 /* It is worth noting that the cleartext password will be encrypted using the 3447 3 ** current algorithm if the UAF$B_ENCRYPTx field has not been set in the record. 3448 3 ** This means the algorithm and encryption fields are order sensitive in the 3449 3 ** supplied item list. */ 3450 3 3451 3 /* Set the appropriate password encyption algorithm. */ 3452 3 3453 3 if (item_code == UAI$_PASSWORD) 3454 3 encrypt_algorithm = uaf_record.UAF$B_ENCRYPT; 3455 3 else encrypt_algorithm = uaf_record.UAF$B_ENCRYPT2; 3456 3 3457 3 /* If the encryption algorithm code is within the reserved to Digital range 3458 3 ** but is not the latest, upgrade it. Also note the change in the authorization 3459 3 ** record. */ 3460 3 3461 3 3462 3 if (encrypt_algorithm < UAF$C_CURRENT_ALGORITHM) 3463 3 { 3464 4 encrypt_algorithm = UAF$C_CURRENT_ALGORITHM; 3465 4 if (item_code == UAI$_PASSWORD) /* Choose primary or secondary algorithm */ 3466 4 uaf_record.UAF$B_ENCRYPT = encrypt_algorithm; 3467 4 else uaf_record.UAF$B_ENCRYPT2 = encrypt_algorithm; 3468 4 } 3469 3 3470 3 /* If there is a non-null password given, hash it. */ 3471 3 3472 3 if (item_size > 0) 3473 3 { 3474 4 password_desc.dsc$w_length = item_size; 3475 4 password_desc.dsc$a_pointer = item_addr; 3476 4 status = SYS$HASH_PASSWORD (&password_desc, 3477 4 encrypt_algorithm, 3478 4 uaf_record.UAF$W_SALT, 3479 4 &local_username_desc, 3480 4 hashed_pwd); 3481 4 if (FALSE (status)) RETURN_ERROR (status); 3482 4 if (item_code == UAI$_PASSWORD) 3483 4 memmove (&uaf_record.UAF$r_fill_4.UAF$Q_PWD, hashed_pwd, sizeof uaf_record.UAF$r_fill_4.UAF$Q_PWD); 3484 4 else memmove (&uaf_record.UAF$Q_PWD2, hashed_pwd, sizeof uaf_record.UAF$Q_PWD2); 3485 4 } 3486 3 3487 3 /* Since the plaintext password has been hashed, modify the item information UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 8 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (2) 3488 3 ** to point to the internal storage (for this routine) rather than the 3489 3 ** caller supplied storage. */ 3490 3 3491 3 item_addr = hashed_pwd; 3492 3 item_size = sizeof hashed_pwd; 3493 3 uaf_field_size = uai_itm_tab[UAI$_PWD].uaf$w_itm_ent_size; 3494 3 3495 3 /* Mark the appropriate password as pre-expired. */ 3496 3 3497 3 /* if ((item_code == UAI$_PWD) || (item_code == UAI$_PASSWORD)) 3498 3 ** memset (local_uaf_record.UAF$Q_PWD_DATE, 0xff, sizeof uaf_record.UAF$Q_PWD_DATE); 3499 3 ** if ((.item_code == UAI$_PWD2) || (item_code == UAI$_PASSWORD2)) 3500 3 ** memset (local_uaf_record.UAF$Q_PWD2_DATE, 0xff, sizeof uaf_record.UAF$Q_PWD2_DATE); 3501 3 */ 3502 3 } 3503 2 3504 2 /* Copy the supplied information to the authorization record currently being 3505 2 ** built, if necessary. */ 3506 2 3507 2 if (FALSE ((uai_itm_tab)[item_code].uaf$r_fill_0.uaf$r_fill_1.uaf$v_itm_flg_nop) && 3508 2 uaf_field_size != 0) 3509 2 { 3510 3 3511 3 /* Make the UAF record available as a byte stream for the offsets from the UAI 3512 3 ** item table. This could be done with casting, but copying pointers around is 3513 3 ** easier. */ 3514 3 3515 3 uaf_record_byte_stream = &uaf_record; 3516 3 3517 3 /* Preset with the fill character if necessary. Since the buffer is set to zero 3518 3 ** to begin with, it is only necessary to fill if the fill character is something 3519 3 ** other than zero. */ 3520 3 3521 3 if (TRUE ((uai_itm_tab)[item_code].uaf$r_fill_0.uaf$r_fill_1.uaf$v_itm_flg_spfill)) 3522 3 memset (&uaf_record_byte_stream[uai_itm_tab[item_code].uaf$w_itm_ent_base], ' ', uaf_field_size); 3523 3 3524 3 /* Move the supplied information */ 3525 3 3526 3 memmove (&uaf_record_byte_stream[uai_itm_tab[item_code].uaf$w_itm_ent_base], item_addr, item_size); 3527 3 } 3528 2 } 3529 1 3530 1 /* Now that all the information has been added to the authorization record, write 3531 1 ** it out to the authorization file. */ 3532 1 3533 1 local_uaf_rab.rab$w_rsz = UAF$C_FIXED; 3534 1 local_uaf_rab.rab$l_rbf = &uaf_record; 3535 1 status = SYS$PUT (&local_uaf_rab); 3536 1 SYS$RELEASE (&local_uaf_rab); /* Release for future use. */ 3537 1 3538 1 /* Since the operation has been completed successfully, see if it is necessary 3539 1 ** to return the RMS context. */ 3540 1 3541 1 if (context != 0) 3542 1 { 3543 2 (*context)[0] = uaf_ifi; 3544 2 (*context)[1] = uaf_isi; UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 9 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (2) 3545 2 } 3546 1 3547 1 /* Return with the status from the $PUT. Using the macro will insure the file is 3548 1 ** closed if it is necessary. */ 3549 1 3550 1 RETURN_ERROR (status); 3551 1 } 3552 UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 10 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (3) 3553 extern unsigned int SYS$DELUAI (null1, context, user_name, itmlst, null3, null4, null5) 3554 3555 unsigned int null1; 3556 unsigned short int (*context)[]; 3557 struct dsc$descriptor *user_name; 3558 struct ITMDEF (*itmlst)[]; 3559 unsigned int null3; 3560 unsigned int null4; 3561 unsigned int null5; 3562 { 3563 1 /* 3564 1 ** FUNCTIONAL DESCRIPTION: 3565 1 ** 3566 1 ** This routine is used to delete a user authorization entry. If an item 3567 1 ** list is supplied, a call to $GETUAI is done prior to the deletion to 3568 1 ** allow the existing information to be returned. 3569 1 ** 3570 1 ** NOTE 3571 1 ** 3572 1 ** This routine is not expected to be used outside the DECwindows 3573 1 ** the necessary argument probing to be secure. Although this could 3574 1 ** be added at a later time. 3575 1 ** 3576 1 ** NOTE 3577 1 ** 3578 1 ** FORMAL PARAMETERS: 3579 1 ** 3580 1 ** NULL1: Unused parameter 3581 1 ** CONTEXT: Address of a context longword 3582 1 ** USER_NAME: Address of the username descriptor 3583 1 ** ITMLST: Address of a list of item descriptors (to be returned) 3584 1 ** NULL3: Unused parameter 3585 1 ** NULL4: Unused parameter 3586 1 ** NULL5: Unused parameter 3587 1 ** 3588 1 ** RETURN VALUE: 3589 1 ** 3590 1 ** 1 if the record successfully added 3591 1 ** error code otherwise (various RMS and system error codes) 3592 1 ** 3593 1 ** SIDE EFFECTS: 3594 1 ** 3595 1 ** None 3596 1 ** 3597 1 */ 3598 1 3599 1 /* Local storage. */ 3600 1 3601 1 unsigned short int close_file; /* Set to close file on exit */ 3602 1 int index; /* General index */ 3603 1 unsigned short int local_context[2]; /* Local copy of UAI context */ 3604 1 struct FAB local_uaf_fab; /* Local authorization file FAB */ 3605 1 struct RAB local_uaf_rab; /* Local authorization file RAB */ 3606 1 char local_username[MAX_USERNAME]; /* Local username */ 3607 1 struct dsc$descriptor local_username_desc; /* Local username descriptor */ 3608 1 unsigned int status; /* Routine exit status */ UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 11 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (3) 3609 1 unsigned short int uaf_ifi; /* UAF (RMS) IFI */ 3610 1 unsigned short int uaf_isi; /* UAF (RMS) ISI */ 3611 1 char *username_text; /* Supplied username text */ 3612 1 3613 1 /* Initialize needed storage */ 3614 1 3615 1 memset (&local_username_desc, 0, sizeof local_username_desc); 3616 1 3617 1 close_file = -1; 3618 1 uaf_ifi = -1; 3619 1 uaf_isi = -1; 3620 1 3621 1 /* Copy the supplied username to local storage, blank filling in the process. */ 3622 1 3623 1 if (user_name != 0) 3624 1 { 3625 2 username_text = user_name->dsc$a_pointer; 3626 2 3627 2 /* Convert each character in the username string to upper case and blank 3628 2 ** fill any unused portion of the local username storage. */ 3629 2 3630 2 for (index = 0; index < sizeof local_username; ++index) 3631 2 { 3632 3 if (index >= user_name->dsc$w_length) 3633 3 local_username[index] = ' '; 3634 3 else 3635 3 local_username[index] = toupper (username_text[index]); 3636 3 } 3637 2 } 3638 1 else return SS$_INSFARG; 3639 1 3640 1 local_username_desc.dsc$w_length = sizeof local_username; 3641 1 local_username_desc.dsc$a_pointer = local_username; 3642 1 3643 1 /* If a context parameter was supplied, get it. */ 3644 1 3645 1 if (context != 0) 3646 1 { 3647 2 uaf_ifi = (*context)[0]; 3648 2 uaf_isi = (*context)[1]; 3649 2 } 3650 1 3651 1 /* If the UAF has not already been opened, as indicated by a -1 value for the 3652 1 ** UAF IFI, attempt to open it now. This is done without privileges (at the 3653 1 ** moment) to allow normal file accessing protection processing to apply. */ 3654 1 3655 1 if (uaf_ifi == 0xFFFF) 3656 1 CHECK_RETURN (OPEN_UAF (&uaf_ifi, &uaf_isi)) 3657 1 else close_file = 0; /* Note file is not to be closed */ 3658 1 3659 1 /* Since the authorization file is now known to be open, fabricate the needed 3660 1 ** RMS data structured to allow the authorization records to be created. */ 3661 1 3662 1 memset (&local_uaf_fab, 0, sizeof local_uaf_fab); 3663 1 memset (&local_uaf_rab, 0, sizeof local_uaf_rab); 3664 1 3665 1 local_uaf_fab.fab$b_bid = FAB$C_BID; UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 12 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (3) 3666 1 local_uaf_fab.fab$b_bid = FAB$C_BID; 3667 1 local_uaf_fab.fab$b_bln = FAB$C_BLN; 3668 1 local_uaf_fab.fab$w_ifi = uaf_ifi; 3669 1 3670 1 local_uaf_rab.rab$b_bid = RAB$C_BID; 3671 1 local_uaf_rab.rab$b_bln = RAB$C_BLN; 3672 1 local_uaf_rab.rab$w_isi = uaf_isi; 3673 1 local_uaf_rab.rab$b_rac = RAB$C_KEY; 3674 1 3675 1 /* If an item list is supplied, call $GETUAI to get the existing infomation. 3676 1 ** Otherwise locate the record to be deleted. */ 3677 1 3678 1 if (itmlst != 0) 3679 1 { 3680 2 3681 2 /* Make sure the context information is in a form $GETUAI can use. */ 3682 2 3683 2 local_context[0] = uaf_ifi; 3684 2 local_context[1] = uaf_isi; 3685 2 3686 2 /* Get the information requested. */ 3687 2 3688 2 status = SYS$GETUAI (NULL, 3689 2 #ifdef NONSHARED_UAI_CONTEXT 3690 2 NULL, 3691 2 #else 3692 X &local_context, 3693 2 #endif /* NONSHARED_UAI_CONTEXT */ 3694 2 &local_username_desc, 3695 2 itmlst, 3696 2 NULL, 3697 2 NULL, 3698 2 NULL); 3699 2 3700 2 /* If the $GETUAI fails, bail out now. */ 3701 2 3702 2 if (FALSE (status)) RETURN_ERROR (status); 3703 2 } 3704 1 3705 1 /* If the record position has not been set (or kept) by $GETUAI, it will be 3706 1 ** necessary to set the record position using $FIND. The following situations 3707 1 ** require an explicit $FIND: 3708 1 ** 3709 1 ** 1) On a Version 5.x system, the context parameter is not used in the 3710 1 ** call to $GETUAI, thus the record position is not known outside the 3711 1 ** call to $GETUAI. 3712 1 ** 3713 1 ** 2) On a Version 6.x system where an item list has not been supplied to 3714 1 ** this routine. 3715 1 ** 3716 1 ** In other words, if this is a Version 5.x system do the $FIND regardless; 3717 1 ** if this is a Verison 6.x system only do the $FIND if no item list was 3718 1 ** supplied. */ 3719 1 3720 1 #ifndef NONSHARED_UAI_CONTEXT 3721 X if (itmlst == 0) 3722 X { UAF_XXXUAI 22-NOV-1993 11:29:49 VAX C V3.2-044 Page 13 X-1 3-NOV-1993 11:25:47 [PILANT.HACK.DWAUTH.BL2]UAF_XXXUAI.C;55 (3) 3723 1 #endif /* NONSHARED_UAI_CONTEXT */ 3724 1 3725 1 local_uaf_rab.rab$l_kbf = local_username_desc.dsc$a_pointer; 3726 1 local_uaf_rab.rab$b_ksz = local_username_desc.dsc$w_length; 3727 1 3728 1 status = SYS$FIND (&local_uaf_rab); 3729 1 if (FALSE (status)) RETURN_ERROR (status); 3730 1 3731 1 #ifndef NONSHARED_UAI_CONTEXT 3732 X } 3733 1 #endif /* NONSHARED_UAI_CONTEXT */ 3734 1 3735 1 /* Now that the record position has been set, delete the record. */ 3736 1 3737 1 status = SYS$DELETE (&local_uaf_rab); 3738 1 3739 1 /* Since the operation has been completed successfully, see if it is necessary 3740 1 ** to return the RMS context. */ 3741 1 3742 1 if (context != 0) 3743 1 { 3744 2 (*context)[0] = uaf_ifi; 3745 2 (*context)[1] = uaf_isi; 3746 2 } 3747 1 3748 1 /* Return with the status from the $DELETE. Using the macro will insure the 3749 1 ** file is closed if it is necessary. */ 3750 1 3751 1 RETURN_ERROR (status); 3752 1 } Command Line ------------ CC/LIST=UAF_XXXUAI/OBJECT=UAF_XXXUAI UAF_XXXUAI