// TODO: @student : extend the protocol.
	//                  so the receiver can split the package into name and content
	void ClientChatNetPackageDispatcher::dispatchPacket(unsigned char packetIdentifier, NativePacket* nativePacket )
	{
		NetMessageIDTypes eNetMessageID(static_cast<NetMessageIDTypes>(packetIdentifier));
		const bool validMessageId((eNetMessageID > NETMSG_ID_START) && (eNetMessageID < NETMSG_ID_END));
		if(validMessageId == false)	{
			return;
		}

		switch(eNetMessageID)	{
		case NETMSG_ID_CHATLINE:
			{
				const char* message = (const char*)nativePacket->data;
				// skip the packet identifier
				message++;
				if(isEmptyString(message) == true)	{
					getPeer()->log(ELogType_Error, "received an empty chat message");
				}
				else	{
					// TODO: @student : split the packet ...
					ChatMessage chatMessage("---", message);
					addChatMessage(chatMessage);
				}
			}
			break;
		case NETMSG_ID_JSONOBJECT:
			{
				// TODO: @student : this might not be enough ...
				const char* message = (const char*)nativePacket->data;
				// skip the packet identifier
				message++;
				if(isEmptyString(message) == true)	{
					getPeer()->log(ELogType_Error, "received an empty chat message");
				}
				else	{
					SLAString json(message);
					getPeer()->log(ELogType_Info, "received json %s", json.c_str());
					CCDictionary* dictionary = CCJSONConverter::dictionaryFrom(json.c_str());
					getPeer()->log(ELogType_Info, dictionary);
					// DONE: @student : read the relevant dictionary members and pass them to the chat message
					
					CCObject *aMessage = dictionary->objectForKey("message");
					CCDictionary *messDictionary = dynamic_cast<CCDictionary*>(aMessage);
					const CCString *aSender = messDictionary->valueForKey("sender");
					const CCString *aContent = messDictionary->valueForKey("content");
					
					ChatMessage chatMessage(aSender->getCString(), aContent->getCString());
					addChatMessage(chatMessage);
				}
			}
			break;
		default:
			break;
		}
	}
Beispiel #2
0
static void set_label_width_callback(gpointer key, gpointer value, gpointer user_data){
    WidgetAlignment *wAlignment=(WidgetAlignment *) user_data;
    if (!isEmptyString(wAlignment->pageName)){
	if (isEmptyString(value) || strcmp(wAlignment->pageName,value)!=0)
	    return;
    }
    gchar *keyStr=(gchar *) keyStr;
    GtkWidget *widget=maker_dialog_get_widget(wAlignment->self,key,"label");
    gtk_widget_set_size_request(widget, wAlignment->currentMaxWidth,-1);
    gtk_misc_set_alignment (GTK_MISC(widget),wAlignment->xalign,wAlignment->yalign);
}
Beispiel #3
0
static void caculate_max_label_width_callback(gpointer key, gpointer value, gpointer user_data){
    WidgetAlignment *wAlignment=(WidgetAlignment *) user_data;
    if (!isEmptyString(wAlignment->pageName)){
	if (isEmptyString(value) || strcmp(wAlignment->pageName,value)!=0)
	    return;
    }
    gchar *keyStr=(gchar *) keyStr;

    GtkWidget *widget=maker_dialog_get_widget(wAlignment->self,key,"label");
    GtkRequisition requisition;
    gtk_widget_size_request (widget,&requisition);
    wAlignment->currentMaxWidth=MAX(wAlignment->currentMaxWidth, requisition.width);
}
//Create using given key filespecs
//Caller must release when no longer needed
IDigitalSignatureManager * createDigitalSignatureManagerInstanceFromFiles(const char * pubKeyFileName, const char *privKeyFileName, const char * passPhrase)
{
#if defined(_USE_OPENSSL) && !defined(_WIN32)
    Owned<CLoadedKey> pubKey, privKey;
    Owned<IMultiException> exceptions;
    if (!isEmptyString(pubKeyFileName))
    {
        try
        {
            pubKey.setown(loadPublicKeyFromFile(pubKeyFileName, passPhrase));
        }
        catch (IException * e)
        {
            if (!exceptions)
                exceptions.setown(makeMultiException("createDigitalSignatureManagerInstanceFromFiles"));

            exceptions->append(* makeWrappedExceptionV(e, -1, "createDigitalSignatureManagerInstanceFromFiles:Cannot load public key file"));
            e->Release();
        }
    }

    if (!isEmptyString(privKeyFileName))
    {
        try
        {
            privKey.setown(loadPrivateKeyFromFile(privKeyFileName, passPhrase));
        }
        catch (IException * e)
        {
            if (!exceptions)
                exceptions.setown(makeMultiException("createDigitalSignatureManagerInstanceFromFiles"));

            exceptions->append(* makeWrappedExceptionV(e, -1, "createDigitalSignatureManagerInstanceFromFiles:Cannot load private key file"));
            e->Release();
        }
    }

    // NB: allow it continue if 1 of the keys successfully loaded.
    if (exceptions && exceptions->ordinality())
    {
        if (!pubKey && !privKey)
            throw exceptions.getClear();
        else
            EXCLOG(exceptions, nullptr);
    }

    return new CDigitalSignatureManager(pubKey, privKey);
#else
    return nullptr;
#endif
}
Beispiel #5
0
static GString *xml_tags_to_string(const gchar *tagName, XmlTagsType type,
	const gchar *attribute, const gchar *value,gint indentLevel){
    GString *strBuf=g_string_new(NULL);
    append_indent_space(strBuf,indentLevel);

    if(type!=XML_TAG_TYPE_NO_TAG){
	g_string_append_printf(strBuf,"<%s%s%s%s%s>",
		(type==XML_TAG_TYPE_END_ONLY) ? "/": "",
		(!isEmptyString(tagName))? tagName : "",
		(!isEmptyString(attribute)) ? " ":"",  (!isEmptyString(attribute))? attribute : "",
		(type==XML_TAG_TYPE_EMPTY) ? "/": ""
	);
    }
    if (type==XML_TAG_TYPE_EMPTY)
	return strBuf;
    if (type==XML_TAG_TYPE_BEGIN_ONLY)
	return strBuf;
    if (type==XML_TAG_TYPE_END_ONLY)
	return strBuf;

    if (type==XML_TAG_TYPE_LONG){
	g_string_append_c(strBuf,'\n');
    }

    if (value){
	if (type==XML_TAG_TYPE_LONG || type==XML_TAG_TYPE_NO_TAG){
	    append_indent_space(strBuf,indentLevel+1);
	    int i, valueLen=strlen(value);
	    for(i=0;i<valueLen;i++){
		g_string_append_c(strBuf,value[i]);
		if (value[i]=='\n'){
		    append_indent_space(strBuf,indentLevel+1);
		}
	    }
	    g_string_append_c(strBuf,'\n');
	    if (type==XML_TAG_TYPE_LONG){
		append_indent_space(strBuf,indentLevel);
	    }
	}else{
	    g_string_append(strBuf,value);
	}
    }

    if (type==XML_TAG_TYPE_LONG || type==XML_TAG_TYPE_SHORT){
	g_string_append_printf(strBuf,"</%s>",tagName);
    }
    return strBuf;
}
	bool CCControlBase::initWithBackGroundSprite( const char* backgroundSpriteName )	{
		CCScale9Sprite* backgroundSprite(nullptr);
		if(isEmptyString(backgroundSpriteName) == false)	{
			backgroundSprite = CCScale9Sprite::create(backgroundSpriteName);
		}
		return initWithBackGroundSprite(backgroundSprite);
	}
	// TODO: @student : extend the protocol.
	//                  so the receiver can split the package into name and content
	void ServerChatNetPackageDispatcher::dispatchPacket(unsigned char packetIdentifier, NativePacket* nativePacket )
	{
		NetMessageIDTypes eNetMessageID(static_cast<NetMessageIDTypes>(packetIdentifier));
		const bool validMessageId((eNetMessageID > NETMSG_ID_START) && (eNetMessageID < NETMSG_ID_END));
		if(validMessageId == false)	{
			return;
		}
		switch(eNetMessageID)	{
		case NETMSG_ID_CHATLINE:
			{
				const char* message = (const char*)nativePacket->data;
				// skip the packet identifier
				message++;
				if(isEmptyString(message) == true)	{
					getPeer()->log(ELogType_Error, "received an empty chat message");
				}
				else	{
					// TODO: split the packet ...
					ChatMessage chatMessage("---", message);
					addChatMessage(chatMessage);

					// now broadcast this message to everyone else connected to this peer
					// except for the sender
					getPeer()->accessRakNetPeer()->Send((const char*)nativePacket->data, nativePacket->length, 
						HIGH_PRIORITY, RELIABLE_ORDERED, 0, nativePacket->systemAddress, true);
				}
			}

			break;
		default:
			break;
		}
	}
const char* CWSESPControlEx::setSessionXPath(bool allSessions, const char* id, const char* userID, const char* fromIP, StringBuffer& xPath)
{
    if (allSessions)
    {
        xPath.set("*");
        return xPath.str();
    }

    if (!isEmptyString(userID))
        xPath.setf("%s*[%s='%s']", PathSessionSession, PropSessionUserID, userID);
    else if (!isEmptyString(fromIP))
        xPath.setf("%s*[%s='%s']", PathSessionSession, PropSessionNetworkAddress, fromIP);
    else if (!isEmptyString(id))
        xPath.setf("%s*[%s='%s']", PathSessionSession, PropSessionExternalID, id);
    else
        xPath.set("*");
    return xPath.str();
}
Beispiel #9
0
    bool enableScopeScans(IUserDescriptor *udesc, bool enable, int * err)
    {
        bool superUser;
        StringBuffer username;
        StringBuffer password;
        udesc->getUserName(username);
        udesc->getPassword(password);
        Owned<ISecUser> user = ldapsecurity->createUser(username);

        //Check user's digital signature, if present
        bool authenticated = false;
        if (!isEmptyString(udesc->querySignature()))
        {
            if (nullptr == pDSM)
                pDSM = queryDigitalSignatureManagerInstanceFromEnv();
            if (pDSM && pDSM->isDigiVerifierConfigured())
            {
                StringBuffer b64Signature(udesc->querySignature());
                if (!pDSM->digiVerify(username, b64Signature))//digital signature valid?
                {
                    ERRLOG("LDAP: enableScopeScans(%s) : Invalid user digital signature", username.str());
                    *err = -1;
                    return false;
                }
                else
                    authenticated = true;
            }
        }

        if (!authenticated)
        {
            user->credentials().setPassword(password);
            if (!ldapsecurity->authenticateUser(*user, &superUser) || !superUser)
            {
                *err = -1;
                return false;
            }
        }

        unsigned flags = getLDAPflags();
        if (enable)
        {
            DBGLOG("Scope Scans Enabled by user %s",username.str());
            flags |= (unsigned)DLF_SCOPESCANS;
        }
        else
        {
            DBGLOG("Scope Scans Disabled by user %s",username.str());
            flags &= ~(unsigned)DLF_SCOPESCANS;
        }
        setLDAPflags(flags);
        *err = 0;
        return true;
    }
static void createDigitalSignatureManagerInstance(IDigitalSignatureManager * * ppDSM)
{
    const char * pubKey = nullptr, *privKey = nullptr, *passPhrase = nullptr;
    queryHPCCPKIKeyFiles(nullptr, &pubKey, &privKey, &passPhrase);
    StringBuffer passPhraseDec;
    if (!isEmptyString(passPhrase))
    {
        decrypt(passPhraseDec, passPhrase);
        passPhrase = passPhraseDec.str();
    }
    *ppDSM = createDigitalSignatureManagerInstanceFromFiles(pubKey, privKey, passPhrase);
}
Beispiel #11
0
bool CODEExporterXPPAUT::exportSingleODE(const CModelEntity* mentity, std::string & equation, std::string & comments)
{
  std::ostringstream odeKey;

  if (!isEmptyString(comments)) ode << "#" << comments << std::endl;

  odeKey << "ode_" << mentity->getKey();

  if (!exportSingleObject(ode, NameMap[odeKey.str()], equation, comments)) return false;

  return true;
}
//For every ECLWatchVisible dropzones, read: dropZoneName, directory, and, if available, computer.
//For every Servers/Server in ECLWatchVisible dropzones, read: directory,
// server name, and hostname(or IP). Create dropzone("@name", "@directory", "@computer",
// "@netAddress", "@linux", "@sourceNode") tree into pSoftware.
void CFileSpraySoapBindingEx::appendDropZones(double clientVersion, IConstEnvironment* env, const char* dfuwuidSourcePartIP, IPropertyTree* softwareTree)
{
    Owned<IConstDropZoneInfoIterator> dropZoneItr = env->getDropZoneIterator();
    ForEach(*dropZoneItr)
    {
        IConstDropZoneInfo& dropZoneInfo = dropZoneItr->query();
        if (!dropZoneInfo.isECLWatchVisible()) //This code is used by ECLWatch. So, skip the DZs not for ECLWatch.
            continue;

        SCMStringBuffer dropZoneName, directory, computerName;
        dropZoneInfo.getName(dropZoneName);
        dropZoneInfo.getDirectory(directory);
        if (!dropZoneName.length() || !directory.length())
            continue;

        bool isLinux = getPathSepChar(directory.str()) == '/' ? true : false;
        Owned<IConstDropZoneServerInfoIterator> dropZoneServerItr = dropZoneInfo.getServers();
        ForEach(*dropZoneServerItr)
        {
            IConstDropZoneServerInfo& dropZoneServer = dropZoneServerItr->query();

            StringBuffer name, server, networkAddress;
            dropZoneServer.getName(name);
            dropZoneServer.getServer(server);
            if (name.isEmpty() || server.isEmpty())
                continue;

            IPropertyTree* dropZone = softwareTree->addPropTree("DropZone", createPTree());
            dropZone->setProp("@name", dropZoneName.str());
            dropZone->setProp("@computer", name.str());
            dropZone->setProp("@directory", directory.str());
            if (isLinux)
                dropZone->setProp("@linux", "true");

            IpAddress ipAddr;
            ipAddr.ipset(server.str());
            ipAddr.getIpText(networkAddress);
            if (!ipAddr.isNull())
            {
                dropZone->addProp("@netAddress", networkAddress);

                if (!isEmptyString(dfuwuidSourcePartIP))
                {
                    IpAddress ip(dfuwuidSourcePartIP);
                    if (ip.ipequals(ipAddr))
                        dropZone->addProp("@sourceNode", "1");
                }
            }
        }
    }
}
bool CLoggingManager::updateLog(IEspContext* espContext, const char* option, IPropertyTree* userContext, IPropertyTree* userRequest,
    const char* backEndReq, const char* backEndResp, const char* userResp, const char* logDatasets, StringBuffer& status)
{
    if (!initialized)
        throw MakeStringException(-1,"LoggingManager not initialized");

    bool bRet = false;
    try
    {
        Owned<IPropertyTree> espContextTree;
        if (espContext)
        {
            espContextTree.setown(createPTree("ESPContext"));

            short port;
            StringBuffer sourceIP, peerStr;
            const char* esdlBindingID = espContext->queryESDLBindingID();
            espContext->getServAddress(sourceIP, port);
            espContextTree->addProp("SourceIP", sourceIP.str());
            espContext->getPeer(peerStr);
            espContextTree->addProp("Peer", peerStr.str());
            if (!isEmptyString(esdlBindingID))
                espContextTree->addProp("ESDLBindingID", esdlBindingID);
            //More information in espContext may be added to the espContextTree later.

            const char* userId = espContext->queryUserId();
            if (userId && *userId)
                espContextTree->addProp("UserName", userId);

            espContextTree->addProp("ResponseTime", VStringBuffer("%.4f", (msTick()-espContext->queryCreationTime())/1000.0));
        }
        Owned<IEspUpdateLogRequestWrap> req =  new CUpdateLogRequestWrap(nullptr, option, espContextTree.getClear(), LINK(userContext), LINK(userRequest),
            backEndReq, backEndResp, userResp, logDatasets);
        Owned<IEspUpdateLogResponse> resp =  createUpdateLogResponse();
        bRet = updateLog(espContext, *req, *resp, status);
    }
    catch (IException* e)
    {
        status.set("Failed to update log: ");
        e->errorMessage(status);
        ERRLOG("%s", status.str());
        e->Release();
    }
    return bRet;
}
unsigned CLoggingManager::serializeLogRequestContent(IEspUpdateLogRequestWrap* request, const char* GUID, StringBuffer& logData)
{
    appendXMLTag(logData, LOGREQUEST_GUID, GUID);

    const char* option = request->getOption();
    if (!isEmptyString(option))
        appendXMLTag(logData, LOGREQUEST_OPTION, option);

    appendXMLOpenTag(logData, LOGREQUEST);

    const char* logRequest = request->getUpdateLogRequest();
    MemoryBuffer memBuf;
    LZWCompress(logRequest, strlen(logRequest), memBuf, 0x100);
    JBASE64_Encode(memBuf.toByteArray(), memBuf.length(), logData);

    appendXMLCloseTag(logData, LOGREQUEST);

    return logData.length();
}
Beispiel #15
0
bool ESPMemCached::init(const char * _options)
{
    CriticalBlock block(cacheCrit);

    if (initialized)
        return initialized;

    if (!isEmptyString(_options))
        options.set(_options);
    else
        options.set("--SERVER=127.0.0.1");
    pool = memcached_pool(options.get(), options.length());
    assertPool();

    setPoolSettings();
    connect();
    if (connection)
        initialized = checkServersUp();
    return initialized;
}
Beispiel #16
0
// change literal of a cacheable query into ConstantParameter
ItemExpr* ConstValue::normalizeForCache(CacheWA& cwa, BindWA& bindWA)
{
  // skip system supplied or empty string literals
  if (isSystemSupplied_ || isEmptyString()) { 
    return this; 
  }
  if (nodeIsNormalizedForCache()) { 
    return this; 
  }
  // for now, do not parameterize NULLs because they can cause false 
  // constraint violations, eg, fullstack/TEST005 
  //   create table t005t2(a int, b int not null, c char(10) not null,
  //                       d int, primary key (c) );
  //   insert into t005t2 values (NULL,7,'?-7-?',NULL);
  // gets "ERROR[8421] NULL cannot be assigned to a NOT NULL column."
  if (isNull()) { 
    return this; 
  }

  NAHeap* heap = cwa.wHeap();
  // quantize length of strings only in after parse case
  ConstantParameter* result = new(heap) ConstantParameter
    (*this, heap, cwa.getPhase() == CmpMain::PARSE);
  if (result) {
    // "after-parser" ConstantParameters will undergo complete binding, so
    // addConstParam does not have to bind "after-parser" ConstantParameters
    cwa.addConstParam(result, bindWA);
    result->markAsNormalizedForCache();
  }
  // do not mark this ConstValue as normalizedForCache because it may
  // be "shared" and may need to be replaced into a ConstantParameter
  // again in another referencing expression context. For example, the
  // binder visits the case operand "3" more than once in
  //   insert into t values(case 3 when 4 then 0 when 3 then 1 end)

  return result;
}
    bool compile(const char *wuid, const char *target, const char *targetCluster)
    {
        Owned<IConstWUQuery> query = workunit->getQuery();
        if (!query)
        {
            reportError("Workunit does not contain a query", 2);
            return false;
        }

        addTimeStamp(workunit, SSTglobal, NULL, StWhenCompiled);

        SCMStringBuffer mainDefinition;
        SCMStringBuffer eclQuery;
        query->getQueryText(eclQuery);
        query->getQueryMainDefinition(mainDefinition);

        StringBuffer eclccProgName;
        splitDirTail(queryCurrentProcessPath(), eclccProgName);
        eclccProgName.append("eclcc");
        StringBuffer eclccCmd(" -shared");
        if (eclQuery.length())
            eclccCmd.append(" -");
        if (mainDefinition.length())
            eclccCmd.append(" -main ").append(mainDefinition);
        eclccCmd.append(" --timings --xml");
        eclccCmd.append(" --nostdinc");
        if (globals->getPropBool("@enableEclccDali", true))
        {
            const char *daliServers = globals->queryProp("@daliServers");
            if (!daliServers)
                daliServers = ".";
            eclccCmd.appendf(" -dfs=%s", daliServers);
            const char *wuScope = workunit->queryWuScope();
            if (!isEmptyString(wuScope))
                eclccCmd.appendf(" -scope=%s", wuScope);
            eclccCmd.appendf(" -cluster=%s", targetCluster);
            SCMStringBuffer token;
            workunit->getSecurityToken(token);
            if (token.length())
                eclccCmd.appendf(" -wuid=%s -token=%s", workunit->queryWuid(), token.str());
        }
        Owned<IPipeProcess> pipe = createPipeProcess();
        pipe->setenv("ECLCCSERVER_THREAD_INDEX", idxStr.str());
        Owned<IPropertyTreeIterator> options = globals->getElements("./Option");
        ForEach(*options)
        {
            IPropertyTree &option = options->query();
            const char *name = option.queryProp("@name");
            const char *value = option.queryProp("@value");
            const char *cluster = option.queryProp("@cluster");                // if cluster is set it's specific to a particular target
            if (name && (cluster==NULL || cluster[0]==0 || strcmp(cluster, targetCluster)==0))
                processOption(name, value, eclccCmd, eclccProgName, *pipe, false);
        }
        eclccCmd.appendf(" -o%s", wuid);
        eclccCmd.appendf(" -platform=%s", target);
        eclccCmd.appendf(" --component=%s", queryStatisticsComponentName());

        Owned<IStringIterator> debugValues = &workunit->getDebugValues();
        ForEach (*debugValues)
        {
            SCMStringBuffer debugStr, valueStr;
            debugValues->str(debugStr);
            workunit->getDebugValue(debugStr.str(), valueStr);
            processOption(debugStr.str(), valueStr.str(), eclccCmd, eclccProgName, *pipe, true);
        }
        if (workunit->getResultLimit())
        {
            eclccCmd.appendf(" -fapplyInstantEclTransformations=1 -fapplyInstantEclTransformationsLimit=%u", workunit->getResultLimit());
        }
        try
        {
            cycle_t startCycles = get_cycles_now();
            Owned<ErrorReader> errorReader = new ErrorReader(pipe, this);
            Owned<AbortWaiter> abortWaiter = new AbortWaiter(pipe, workunit);
            eclccCmd.insert(0, eclccProgName);
            if (!pipe->run(eclccProgName, eclccCmd, ".", true, false, true, 0, true))
                throw makeStringExceptionV(999, "Failed to run eclcc command %s", eclccCmd.str());
            errorReader->start();
            abortWaiter->start();
            try
            {
                pipe->write(eclQuery.s.length(), eclQuery.s.str());
                pipe->closeInput();
            }
            catch (IException *e)
            {
                reportError(e);
                e->Release();
            }
            unsigned retcode = pipe->wait();
            errorReader->join();
            abortWaiter->stop();
            if (retcode == 0)
            {
                StringBuffer realdllname, dllurl;
                realdllname.append(SharedObjectPrefix).append(wuid).append(SharedObjectExtension);

                StringBuffer realdllfilename(dllPath);
                realdllfilename.append(SharedObjectPrefix).append(wuid).append(SharedObjectExtension);

                StringBuffer wuXML;
                if (!getWorkunitXMLFromFile(realdllfilename, wuXML))
                    throw makeStringException(999, "Failed to extract workunit from query dll");

                Owned<ILocalWorkUnit> embeddedWU = createLocalWorkUnit(wuXML);
                queryExtendedWU(workunit)->copyWorkUnit(embeddedWU, false, true);
                workunit->setIsClone(false);
                const char *jobname = embeddedWU->queryJobName();
                if (jobname && *jobname) //let ECL win naming job during initial compile
                    workunit->setJobName(jobname);
                if (!workunit->getDebugValueBool("obfuscateOutput", false))
                {
                    Owned<IWUQuery> query = workunit->updateQuery();
                    query->setQueryText(eclQuery.s.str());
                }

                createUNCFilename(realdllfilename.str(), dllurl);
                unsigned crc = crc_file(realdllfilename.str());

                Owned<IWUQuery> query = workunit->updateQuery();
                associateLocalFile(query, FileTypeDll, realdllfilename, "Workunit DLL", crc);
                queryDllServer().registerDll(realdllname.str(), "Workunit DLL", dllurl.str());

                cycle_t elapsedCycles = get_cycles_now() - startCycles;
                updateWorkunitTimeStat(workunit, SSTcompilestage, "compile", StTimeElapsed, NULL, cycle_to_nanosec(elapsedCycles));

                workunit->commit();
                return true;
            }
        }
        catch (IException * e)
        {
            reportError(e);
            e->Release();
        }
        return false;
    }
Beispiel #18
0
    SecAccessFlags getPermissions(const char *key,const char *obj,IUserDescriptor *udesc,unsigned auditflags,const char * reqSignature, CDateTime * reqUTCTimestamp)
    {
        if (!ldapsecurity||((getLDAPflags()&DLF_ENABLED)==0)) 
            return SecAccess_Full;
        StringBuffer username;
        StringBuffer password;
        if (udesc) 
        {
            udesc->getUserName(username);
            udesc->getPassword(password);
        }
        else
        {
            WARNLOG("NULL UserDescriptor in daldap.cpp getPermissions('%s')",key ? key : "NULL");
        }

        if (0 == username.length())
        {
            username.append(filesdefaultuser);
            decrypt(password, filesdefaultpassword);
        }

        Owned<ISecUser> user = ldapsecurity->createUser(username);
        user->credentials().setPassword(password);

        bool authenticated = false;

        //Check that the digital signature provided by the caller (signature of
        //caller's "scope;username;timeStamp") matches what we expect it to be
        if (!isEmptyString(reqSignature))
        {
            if (nullptr == pDSM)
                pDSM = queryDigitalSignatureManagerInstanceFromEnv();
            if (pDSM && pDSM->isDigiVerifierConfigured())
            {
                StringBuffer requestTimestamp;
                reqUTCTimestamp->getString(requestTimestamp, false);//extract timestamp string from Dali request

                CDateTime now;
                now.setNow();
                if (now.compare(*reqUTCTimestamp) < 0)//timestamp from the future?
                {
                    ERRLOG("LDAP: getPermissions(%s) scope=%s user=%s Request digital signature timestamp %s from the future",key?key:"NULL",obj?obj:"NULL",username.str(), requestTimestamp.str());
                    return SecAccess_None;//deny
                }

                CDateTime expiry;
                expiry.set(now);
                expiry.adjustTime(requestSignatureExpiryMinutes);//compute expiration timestamp

                if (expiry.compare(*reqUTCTimestamp) < 0)//timestamp too far in the past?
                {
                    ERRLOG("LDAP: getPermissions(%s) scope=%s user=%s Expired request digital signature timestamp %s",key?key:"NULL",obj?obj:"NULL",username.str(), requestTimestamp.str());
                    return SecAccess_None;//deny
                }

                VStringBuffer expectedStr("%s;%s;%s", obj, username.str(), requestTimestamp.str());
                StringBuffer b64Signature(reqSignature);// signature of scope;user;timestamp

                if (!pDSM->digiVerify(expectedStr, b64Signature))//does the digital signature match what we expect?
                {
                    ERRLOG("LDAP: getPermissions(%s) scope=%s user=%s fails digital signature verification",key?key:"NULL",obj?obj:"NULL",username.str());
                    return SecAccess_None;//deny
                }

                authenticated = true;//Digital signature verified
            }
            else
                ERRLOG("LDAP: getPermissions(%s) scope=%s user=%s digital signature support not available",key?key:"NULL",obj?obj:"NULL",username.str());
        }

        if (!authenticated && !ldapsecurity->authenticateUser(*user, NULL))
        {
            ERRLOG("LDAP: getPermissions(%s) scope=%s user=%s fails LDAP authentication",key?key:"NULL",obj?obj:"NULL",username.str());
            return SecAccess_None;//deny
        }

        bool filescope = stricmp(key,"Scope")==0;
        bool wuscope = stricmp(key,"workunit")==0;

        if (filescope || wuscope) {
            SecAccessFlags perm = SecAccess_None;
            unsigned start = msTick();
            if (filescope)
                perm=ldapsecurity->authorizeFileScope(*user, obj);
            else if (wuscope)
                perm=ldapsecurity->authorizeWorkunitScope(*user, obj);
            if (perm == SecAccess_Unavailable)
                perm = SecAccess_None;

            unsigned taken = msTick()-start;
#ifndef _DEBUG
            if (taken>100) 
#endif
            {
                PROGLOG("LDAP: getPermissions(%s) scope=%s user=%s returns %d in %d ms",key?key:"NULL",obj?obj:"NULL",username.str(),perm,taken);
            }
            if (auditflags&DALI_LDAP_AUDIT_REPORT) {
                StringBuffer auditstr;
                if ((auditflags&DALI_LDAP_READ_WANTED)&&!HASREADPERMISSION(perm)) 
                    auditstr.append("Lookup Access Denied");
                else if ((auditflags&DALI_LDAP_WRITE_WANTED)&&!HASWRITEPERMISSION(perm)) 
                    auditstr.append("Create Access Denied");
                if (auditstr.length()) {
                    auditstr.append(":\n\tProcess:\tdaserver");
                    auditstr.appendf("\n\tUser:\t%s",username.str());
                    auditstr.appendf("\n\tScope:\t%s\n",obj?obj:"");
                    SYSLOG(AUDIT_TYPE_ACCESS_FAILURE,auditstr.str());
                }
            }
            return perm;
        }
        return SecAccess_Full;
    }
Bool
ccsIniGetList (IniDictionary       *dictionary,
   	       const char          *section,
	       const char          *entry,
	       CCSSettingValueList *value,
	       CCSSetting          *parent)
{
    CCSSettingValueList list = NULL;
    char                *valueString, *valueStart, *valString;
    char                *token;
    int                 nItems = 1, i = 0, len;

    valString = getIniString (dictionary, section, entry);
    if (!valString)
	return FALSE;

    if (isEmptyString (valString))
    {
	*value = NULL;
	return TRUE;
    }

    valueString = strdup (valString);
    valueStart = valueString;

    /* remove trailing semicolon that we added to be able to differentiate
       between an empty list and a list with one empty item */
    len = strlen (valueString);
    if (valueString[len - 1] == ';')
	valueString[len - 1] = 0;

    token = strchr (valueString, ';');
    while (token)
    {
	token = strchr (token + 1, ';');
	nItems++;
    }

    token = strsep (&valueString, ";");
    switch (parent->info.forList.listType)
    {
    case TypeString:
    case TypeMatch:
	{
	    char **array = malloc (nItems * sizeof (char*));
	    if (!array)
		break;

	    while (token)
	    {
		array[i++] = strdup (token);
		token = strsep (&valueString, ";");
	    }

	    list = ccsGetValueListFromStringArray (array, nItems, parent);

	    for (i = 0; i < nItems; i++)
		free (array[i]);

	    free (array);
	}
	break;
    case TypeColor:
	{
	    CCSSettingColorValue *array;
	    array = malloc (nItems * sizeof (CCSSettingColorValue));
	    if (!array)
		break;

	    while (token)
	    {
		memset (&array[i], 0, sizeof (CCSSettingColorValue));
		ccsStringToColor (token, &array[i]);
		token = strsep (&valueString, ";");
		i++;
	    }

	    list = ccsGetValueListFromColorArray (array, nItems, parent);
	    free (array);
	}
	break;
    case TypeBool:
	{
	    Bool *array = malloc (nItems * sizeof (Bool));
	    Bool isTrue;
	    if (!array)
		break;

	    while (token)
	    {
		isTrue = (token[0] == 'y' || token[0] == 'Y' || 
			  token[0] == '1' ||
			  token[0] == 't' || token[0] == 'T');
		array[i++] = isTrue;
		token = strsep (&valueString, ";");
	    }

	    list = ccsGetValueListFromBoolArray (array, nItems, parent);
	    free (array);
	}
	break;
    case TypeInt:
	{
	    int *array = malloc (nItems * sizeof (int));
	    if (!array)
		break;

	    while (token)
	    {
		array[i++] = strtoul (token, NULL, 10);
		token = strsep (&valueString, ";");
	    }

	    list = ccsGetValueListFromIntArray (array, nItems, parent);
	    free (array);
	}
	break;
    case TypeFloat:
	{
	    float *array = malloc (nItems * sizeof (float));
	    if (!array)
		break;

	    while (token)
	    {
		array[i++] = strtod (token, NULL);
		token = strsep (&valueString, ";");
	    }

	    list = ccsGetValueListFromFloatArray (array, nItems, parent);
	    free (array);
	}
	break;
    case TypeKey:
	{
	    CCSSettingValue *val = NULL;
	    list = NULL;

	    while (token)
	    {
		val = malloc (sizeof (CCSSettingValue));
		if (!val)
		    break;
		if (ccsStringToKeyBinding (token, &val->value.asKey))
		    list = ccsSettingValueListAppend (list, val);
		else
		    free (val);
		token = strsep (&valueString, ";");
	    }
	}
	break;
    case TypeButton:
	{
	    CCSSettingValue *val = NULL;
	    list = NULL;

	    while (token)
	    {
		val = malloc (sizeof (CCSSettingValue));
		if (!val)
		    break;
		if (ccsStringToButtonBinding (token, &val->value.asButton))
		    list = ccsSettingValueListAppend (list, val);
		else
		    free (val);
		token = strsep (&valueString, ";");
	    }
	}
	break;
    case TypeEdge:
	{
	    CCSSettingValue *val = NULL;
	    list = NULL;

	    while (token)
	    {
		val = malloc (sizeof (CCSSettingValue));
		if (!val)
		    break;
		val->value.asEdge = ccsStringToEdges (token);
		list = ccsSettingValueListAppend (list, val);
		token = strsep (&valueString, ";");
	    }
	}
	break;
    case TypeBell:
	{
	    CCSSettingValue *val = NULL;
	    list = NULL;
	    Bool isTrue;

	    while (token)
	    {
		val = malloc (sizeof (CCSSettingValue));
		if (!val)
		    break;

		isTrue = (token[0] == 'y' || token[0] == 'Y' || 
			  token[0] == '1' ||
			  token[0] == 't' || token[0] == 'T');
		
		val->value.asBell = isTrue;
		list = ccsSettingValueListAppend (list, val);
		token = strsep (&valueString, ";");
	    }
	}
	break;
    default:
	break;
    }

    *value = list;
    free (valueStart);

    return TRUE;
}