bool
ask_for_conditional(WINDOW *askW,char edCAns)
{
char cond_exp ;
cond_exp = EOS;
if (conditional_str == NULL)
conditional_str = SEP_MEalloc(SEP_ME_TAG_NODEL, TEST_LINE+1, TRUE,
(STATUS *) NULL);
if (conditional_old == NULL)
conditional_old = SEP_MEalloc(SEP_ME_TAG_NODEL, TEST_LINE+1, TRUE,
(STATUS *) NULL);
if (conditional_prompt == NULL)
conditional_prompt = SEP_MEalloc(SEP_ME_TAG_NODEL, TEST_LINE+1, TRUE,
(STATUS *) NULL);
if ((*conditional_str == EOS) && (SEP_IF_EXPRESSION != NULL) &&
(*SEP_IF_EXPRESSION != EOS))
STcopy(SEP_IF_EXPRESSION, conditional_str);
STcopy(conditional_str, conditional_old);
#ifdef NT_GENERIC
STprintf(conditional_prompt,ERx(" IF (%s) >"),conditional_str);
#else
STprintf(conditional_prompt,ERx("%s%s%s%s%s IF (%s) >%s"),REG_CHAR,
ATTR_OFF, PROMPT_POS, DEL_EOL, REV_VIDEO, conditional_str,
ATTR_OFF);
#endif
if (edCAns == EOS)
get_string(askW, conditional_prompt, conditional_str);
if ((conditional_str == NULL) || (*conditional_str == EOS))
{
if (*conditional_old == EOS)
{
if (edCAns == EOS)
put_message(askW,
ERx("No conditional expression for this Canon."));
return (FALSE);
}
else
{
STcopy(conditional_old, conditional_str);
}
}
else if (STskipblank(conditional_str, STlength(conditional_str)) == NULL)
{
*conditional_str = EOS;
*conditional_old = EOS;
if (edCAns == EOS)
put_message(askW, ERx("No conditional expression for this Canon."));
return (FALSE);
}
STpolycat(3, ERx(" IF ("), conditional_str, ERx(") "), conditional_prompt);
return (TRUE);
}
bool
ascs_chk_priv( char *user_name, char *priv_name )
{
char pmsym[128], userbuf[DB_OWN_MAXNAME+1], *value, *valueptr ;
char *strbuf = 0;
int priv_len;
/*
** privileges entries are of the form
** ii.<host>.*.privilege.<user>: SERVER_CONTROL,NET_ADMIN,...
**
** Currently known privs are: SERVER_CONTROL,NET_ADMIN,
** MONITOR,TRUSTED
*/
STlcopy( user_name, userbuf, DB_OWN_MAXNAME );
STtrmwhite( userbuf );
STprintf(pmsym, "$.$.privileges.user.%s", userbuf);
/* check to see if entry for given user */
/* Assumes PMinit() and PMload() have already been called */
if( PMget(pmsym, &value) != OK )
return FALSE;
valueptr = value ;
priv_len = STlength(priv_name) ;
/*
** STindex the PM value string and compare each individual string
** with priv_name
*/
while ( *valueptr != EOS && (strbuf=STindex(valueptr, "," , 0)))
{
if (!STscompare(valueptr, priv_len, priv_name, priv_len))
return TRUE ;
/* skip blank characters after the ','*/
valueptr = STskipblank(strbuf+1, 10);
}
/* we're now at the last or only (or NULL) word in the string */
if ( *valueptr != EOS &&
!STscompare(valueptr, priv_len, priv_name, priv_len))
return TRUE ;
return FALSE;
}
void
main(int argc, char *argv[])
{
char buf[ 4096 ];
LPSTR lpCmdLine;
char *startquote;
char *endquote;
STprintf(buf, ERx( "iiabf abf" ));
lpCmdLine = GetCommandLine();
/*
** The current executable could have been invoked with the
** executable name in quotes. If that is the case, skip
** over the quotes before looking for the arguments.
*/
lpCmdLine = STskipblank( lpCmdLine, STlength(lpCmdLine) );
if ( *lpCmdLine == '"' )
{
startquote = lpCmdLine;
CMnext( startquote );
if ( (endquote = STindex( startquote, "\"", 0 )) != NULL )
{
CMnext( endquote );
lpCmdLine = endquote;
}
}
if ( lpCmdLine = STindex(lpCmdLine, " ", 0) )
STcat(buf, lpCmdLine);
if ( execute(buf) != OK )
PCexit(FAIL);
PCexit(OK);
}
/*{
** Name: xffileinput - get input files
**
** Description:
** This routine will make input from the command line, transparent
** from input from a file name. This will be done by reading
** the input file and building an argv,argc parameter from the
** file specification.
**
**
** Inputs:
** paramfile Name of the parameter file
** which is passed in
** to this routine.
** argv ptr to command line parameters
** which may point to a file name
** containing input specifications
** argc ptr to number of command line parameters
**
** Outputs:
** argv ptr to command line parameters
** which may have been created from
** an input file specification
** argc ptr to number of command line parameters
**
** Returns:
** OK : if successful.
** FAIL: if failed
** Exceptions:
** none
**
** Side Effects:
** none
**
** History:
** 31-oct-01 (gupsh01)
** Created.(Based on fileinput:opqutils.sc.)
**
*/
STATUS
xffileinput(
char *paramfile,
char ***argv,
i4 *argc)
{
FILE *inf;
STATUS stat = FAIL;
LOCATION inf_loc;
/* create argv and argc to simulate a "long" command input line */
/* open the file containing the specifications */
inf = NULL;
if (
((stat =LOfroms(PATH & FILENAME, paramfile, &inf_loc)) != OK)
||
((stat = SIopen(&inf_loc, "r", &inf)) != OK)
||
(inf == NULL)
)
{ /* report error dereferencing or opening file */
char buf[ER_MAX_LEN];
if ((ERreport(stat, buf)) != OK) buf[0] = '\0';
IIUGerr(E_XF0007_Cannot_open_param, UG_ERR_ERROR, 1, paramfile);
return (FAIL);
}
{
char buf[XF_MAXBUFLEN]; /* buffer used to read lines
** from the command file */
/* ptr to current parameter to be copied from temp buffer */
char **targv=(char **)NULL;
i4 targc ;/* number of parameters
** which have been copied */
SIZE_TYPE len; /* size of dyn.mem. to be allocated. */
i4 argcount = XF_MAXARGLEN;
/* get room for maxarglen args */
len = XF_MAXARGLEN * sizeof(char *);
targv = (char **)NULL;
targv = (char **)XF_REQMEM(len, FALSE);
targc = 1;
buf[XF_MAXBUFLEN-1]= 0;
while ((stat = SIgetrec((PTR)&buf[0], (i4)(XF_MAXBUFLEN-1), inf))
== OK)
{
char *cp = &buf[0];
do
{
if (targc >= argcount)
{
i4 i;
char **targv1 = NULL;
/* Allocate another vector,
** twice the size of the prev. */
targv = (char **)XF_REQMEM((i4)
(argcount * 2 * sizeof(char *)), FALSE);
/* Copy previous into current. */
for (i = 0; i < argcount; i++)
targv1[i] = targv[i];
targv = targv1;
argcount += argcount;
}
{
char *tp = (char *) NULL;
i4 arglen = STlength(cp);
tp = (char *)XF_REQMEM (arglen, FALSE);
targv[targc++] = tp;
{
i4 len = STlength(cp);
cp[len - 1] = EOS;
STskipblank(cp,(len -1));
STtrmwhite(cp);
STcopy(cp, tp);
cp = &cp[len - 1];
}
}
}
while (*cp);
}
if (stat != ENDFILE)
{
/* report error unable to read line from the file */
char buf[ER_MAX_LEN];
if ((ERreport(stat, buf)) != OK) buf[0] = '\0';
IIUGerr(E_XF0008_Cannot_read_param, UG_ERR_ERROR, 1, paramfile);
return (FAIL);
}
*argv = targv;
*argc = targc;
}
/* Close input file */
stat = SIclose(inf);
if (stat != OK)
{ /* report error closing file */
char buf[ER_MAX_LEN];
if ((ERreport(stat, buf)) != OK) buf[0] = '\0';
IIUGerr(E_XF0025_Cannot_close_param, UG_ERR_ERROR, 1, paramfile);
return (FAIL);
}
return OK;
}
DB_STATUS
qeu_csecalarm(
QEF_CB *qef_cb,
QEUQ_CB *qeuq_cb)
{
DB_IIQRYTEXT *qtuple; /* Alarm text */
DB_SECALARM *atuple; /* New alarm tuple */
DB_SECALARM atuple_temp; /* Tuple to check for uniqueness */
DB_STATUS status, local_status;
i4 error=0;
bool transtarted = FALSE;
bool tbl_opened = FALSE;
i4 i; /* Querytext tuple counter */
QEF_DATA *next; /* and data pointer */
QEU_CB tranqeu;
QEU_CB qeu;
QEU_QUAL_PARAMS qparams;
DB_QRY_ID qryid; /* Ids for query text */
QEF_DATA qef_data;
bool loop=FALSE;
QEF_RCB qef_rcb;
i4 number;
DMR_ATTR_ENTRY akey_array[3];
DMR_ATTR_ENTRY *akey_ptr_array[3];
DMT_CHAR_ENTRY char_spec; /* DMT_ALTER specification */
DMT_CB dmt_cb;
DB_ERROR e_error;
SXF_ACCESS access;
SXF_EVENT evtype;
DB_OWN_NAME objowner;
do
{
MEfill(sizeof(objowner),' ',(PTR)&objowner);
/* Validate CB and parameters */
if (qeuq_cb->qeuq_type != QEUQCB_CB ||
qeuq_cb->qeuq_length != sizeof(QEUQ_CB))
{
status = E_DB_ERROR;
error = E_QE0017_BAD_CB;
break;
}
if ( qeuq_cb->qeuq_cq == 0 || qeuq_cb->qeuq_qry_tup == NULL
|| ( qeuq_cb->qeuq_uld_tup == NULL)
|| (qeuq_cb->qeuq_db_id == NULL)
|| (qeuq_cb->qeuq_d_id == 0))
{
status = E_DB_ERROR;
error = E_QE0018_BAD_PARAM_IN_CB;
break;
}
qef_rcb.qef_cb = qef_cb;
qef_rcb.qef_db_id = qeuq_cb->qeuq_db_id;
qef_cb->qef_dbid = qeuq_cb->qeuq_db_id;
/*
** Check to see if transaction is in progress, if so set a local
** transaction, otherwise we'll use the user's transaction.
*/
if (qef_cb->qef_stat == QEF_NOTRAN)
{
tranqeu.qeu_type = QEUCB_CB;
tranqeu.qeu_length = sizeof(QEUCB_CB);
tranqeu.qeu_db_id = qeuq_cb->qeuq_db_id;
tranqeu.qeu_d_id = qeuq_cb->qeuq_d_id;
tranqeu.qeu_flag = 0;
tranqeu.qeu_mask = 0;
status = qeu_btran(qef_cb, &tranqeu);
if (status != E_DB_OK)
{
error = tranqeu.error.err_code;
break;
}
transtarted = TRUE;
}
/* Escalate the transaction to MST */
if (qef_cb->qef_auto == QEF_OFF)
qef_cb->qef_stat = QEF_MSTRAN;
atuple = (DB_SECALARM *)qeuq_cb->qeuq_uld_tup->dt_data;
/* For database alarms, make sure the database exists */
if(atuple->dba_objtype==DBOB_DATABASE &&
!(atuple->dba_flags&DBA_ALL_DBS))
{
status=qeu_db_exists(qef_cb, qeuq_cb,
(DB_DB_NAME *)&atuple->dba_objname, SXF_A_CONTROL, &objowner);
if(status==E_DB_ERROR)
{
/* Error checking database name */
break;
}
else if (status==E_DB_WARN)
{
/* Database not found */
status=E_DB_ERROR;
/* E_US2474_9332_ALARM_NO_DB */
(VOID)qef_error(9332, 0L, E_DB_ERROR,
&error, &qeuq_cb->error, 1,
qec_trimwhite(sizeof(atuple->dba_objname),
(char *)&atuple->dba_objname),
(PTR)&atuple->dba_objname);
break;
}
}
else if(atuple->dba_objtype==DBOB_TABLE)
{
/*
** Alter the table relstat to flag alarms exist. This validates that
** the table exists and ensures that we get an exclusive lock on it.
*/
char_spec.char_id = DMT_C_ALARM; /* create alarm code */
char_spec.char_value = DMT_C_ON;
MEfill(sizeof(DMT_CB), 0, (PTR) &dmt_cb);
dmt_cb.dmt_flags_mask = 0;
dmt_cb.dmt_db_id = qeuq_cb->qeuq_db_id;
dmt_cb.dmt_char_array.data_in_size = sizeof(DMT_CHAR_ENTRY);
dmt_cb.dmt_char_array.data_address = (PTR)&char_spec;
dmt_cb.length = sizeof(DMT_CB);
dmt_cb.type = DMT_TABLE_CB;
dmt_cb.dmt_id.db_tab_base = atuple->dba_objid.db_tab_base;
dmt_cb.dmt_id.db_tab_index = atuple->dba_objid.db_tab_index;
dmt_cb.dmt_tran_id = qef_cb->qef_dmt_id;
status = dmf_call(DMT_ALTER, &dmt_cb);
if (status != E_DB_OK)
{
error = dmt_cb.error.err_code;
break;
}
}
/* Get a unique query id */
TMnow((SYSTIME *)&qryid);
atuple->dba_txtid.db_qry_high_time = qryid.db_qry_high_time;
atuple->dba_txtid.db_qry_low_time = qryid.db_qry_low_time;
/* Get a unique alarm id */
status = qea_reserveID(&atuple->dba_alarmid,
qef_cb, &qef_rcb.error);
if (status != E_DB_OK)
{
error = qef_rcb.error.err_code;
break;
}
/*
** Generate an alarm name if needed, all blanks indicates no
** name specified. This is required for uniqueness check below.
*/
if(!STskipblank( (char*)&atuple->dba_alarmname,
sizeof(atuple->dba_alarmname)))
{
status=qeu_gen_alarm_name(
atuple->dba_objtype,
(char*)&atuple->dba_objname,
&qef_rcb,
&atuple->dba_alarmid,
(char*)&atuple->dba_alarmname,
&error);
if(status!=E_DB_OK)
break;
}
/* Validate that the alarm name is unique */
qeu.qeu_type = QEUCB_CB;
qeu.qeu_length = sizeof(QEUCB_CB);
qeu.qeu_tab_id.db_tab_base = DM_B_IISECALARM_TAB_ID;
qeu.qeu_tab_id.db_tab_index = DM_I_IISECALARM_TAB_ID;
qeu.qeu_db_id = qeuq_cb->qeuq_db_id;
qeu.qeu_lk_mode = DMT_IX;
qeu.qeu_flag = DMT_U_DIRECT;
qeu.qeu_access_mode = DMT_A_WRITE;
qeu.qeu_mask = 0;
status = qeu_open(qef_cb, &qeu);
if (status != E_DB_OK)
{
error = qeu.error.err_code;
break;
}
tbl_opened = TRUE;
atuple->dba_alarmno=0;
/* Retrieve the same named alarm - if not there then ok */
qeu.qeu_count = 1;
qeu.qeu_tup_length = sizeof(DB_SECALARM);
qeu.qeu_output = &qef_data;
qef_data.dt_next = NULL;
qef_data.dt_size = sizeof(DB_SECALARM);
qef_data.dt_data = (PTR)&atuple_temp;
qeu.qeu_getnext = QEU_REPO;
qeu.qeu_klen = 0; /* Not keyed */
qparams.qeu_qparms[0] = (PTR) atuple; /* What we're looking for */
qeu.qeu_qual = qeu_qalarm_by_name;
qeu.qeu_qarg = &qparams;
status = qeu_get(qef_cb, &qeu);
if (status == E_DB_OK) /* Found the same alarm! */
{
(VOID)qef_error(E_US2472_9330_ALARM_EXISTS, 0L, E_DB_ERROR,
&error, &qeuq_cb->error, 1,
qec_trimwhite(sizeof(atuple->dba_alarmname),
(char *)&atuple->dba_alarmname),
(PTR)&atuple->dba_alarmname);
error = E_QE0025_USER_ERROR;
break;
}
if (qeu.error.err_code != E_QE0015_NO_MORE_ROWS)
{
/* Some other error */
error = qeu.error.err_code;
break;
}
status = qeu_close(qef_cb, &qeu);
if (status != E_DB_OK)
{
error = qeu.error.err_code;
break;
}
tbl_opened=FALSE;
/*
** Generate a unique alarm number. This is primarily for
** backwards compatibility with "anonymous" alarms which had
** to be dropped by number, not name.
*/
status = qeu_open(qef_cb, &qeu);
if (status != E_DB_OK)
{
error = qeu.error.err_code;
break;
}
tbl_opened = TRUE;
qeu.qeu_count = 1;
qeu.qeu_tup_length = sizeof(DB_SECALARM);
qeu.qeu_input = &qef_data;
qeu.qeu_output = &qef_data;
qef_data.dt_next = 0;
qef_data.dt_size = sizeof(DB_SECALARM);
qef_data.dt_data = (PTR) &atuple_temp;
qeu.qeu_getnext = QEU_REPO;
qeu.qeu_klen = 3;
qeu.qeu_key = akey_ptr_array;
akey_ptr_array[0] = &akey_array[0];
akey_ptr_array[1] = &akey_array[1];
akey_ptr_array[2] = &akey_array[2];
akey_ptr_array[0]->attr_number = DM_1_IISECALARM_KEY;
akey_ptr_array[0]->attr_operator = DMR_OP_EQ;
akey_ptr_array[0]->attr_value = (char*) &atuple->dba_objtype;
akey_ptr_array[1]->attr_number = DM_2_IISECALARM_KEY;
akey_ptr_array[1]->attr_operator = DMR_OP_EQ;
akey_ptr_array[1]->attr_value = (char*) &atuple->dba_objid.db_tab_base;
akey_ptr_array[2]->attr_number = DM_3_IISECALARM_KEY;
akey_ptr_array[2]->attr_operator = DMR_OP_EQ;
akey_ptr_array[2]->attr_value = (char*) &atuple->dba_objid.db_tab_index;
qeu.qeu_qual = 0;
qeu.qeu_qarg = 0;
/*
** Get all alarm tuples for this object
** and determine the next alarm number.
*/
status = E_DB_OK;
number = 0;
while (status == E_DB_OK)
{
status = qeu_get(qef_cb, &qeu);
if (status != E_DB_OK)
{
error = qeu.error.err_code;
break;
}
qeu.qeu_getnext = QEU_NOREPO;
qeu.qeu_klen = 0;
if (atuple_temp.dba_alarmno > number)
number = atuple_temp.dba_alarmno;
}
if (error != E_QE0015_NO_MORE_ROWS)
break;
/*
** We have to add 1 to derive the next alarm number.
*/
atuple->dba_alarmno=number+1;
/* Save the alarm tuple */
status = E_DB_OK;
/* Insert single alarm tuple */
qeu.qeu_count = 1;
qeu.qeu_tup_length = sizeof(DB_SECALARM);
qeu.qeu_input = qeuq_cb->qeuq_uld_tup;
status = qeu_append(qef_cb, &qeu);
if (status != E_DB_OK)
{
error = qeu.error.err_code;
break;
}
status = qeu_close(qef_cb, &qeu);
if (status != E_DB_OK)
{
error = qeu.error.err_code;
break;
}
tbl_opened = FALSE;
/* Update all query text tuples with query id - validate list */
next = qeuq_cb->qeuq_qry_tup;
for (i = 0; i < qeuq_cb->qeuq_cq; i++)
{
qtuple = (DB_IIQRYTEXT *)next->dt_data;
next = next->dt_next;
qtuple->dbq_txtid.db_qry_high_time = qryid.db_qry_high_time;
qtuple->dbq_txtid.db_qry_low_time = qryid.db_qry_low_time;
if (i < (qeuq_cb->qeuq_cq -1) && next == NULL)
{
error = E_QE0018_BAD_PARAM_IN_CB;
status = E_DB_ERROR;
break;
}
} /* for all query text tuples */
if (status != E_DB_OK)
break;
/* Insert all query text tuples */
qeu.qeu_tab_id.db_tab_base = DM_B_QRYTEXT_TAB_ID;
qeu.qeu_tab_id.db_tab_index = 0L;
status = qeu_open(qef_cb, &qeu);
if (status != E_DB_OK)
{
error = qeu.error.err_code;
break;
}
tbl_opened = TRUE;
qeu.qeu_count = qeuq_cb->qeuq_cq;
qeu.qeu_tup_length = sizeof(DB_IIQRYTEXT);
qeu.qeu_input = qeuq_cb->qeuq_qry_tup;
status = qeu_append(qef_cb, &qeu);
if (status != E_DB_OK)
{
error = qeu.error.err_code;
break;
}
status = qeu_close(qef_cb, &qeu);
if (status != E_DB_OK)
{
error = qeu.error.err_code;
break;
}
tbl_opened = FALSE;
if (transtarted) /* If we started a transaction */
{
status = qeu_etran(qef_cb, &tranqeu);
if (status != E_DB_OK)
{
error = tranqeu.error.err_code;
break;
}
}
}
while(loop);
/* call qef_error to handle error messages */
if(error)
(VOID) qef_error(error, 0L, status, &error, &qeuq_cb->error, 0);
/* Close off all the tables. */
local_status = E_DB_OK;
if (tbl_opened) /* If system table opened, close it */
{
local_status = qeu_close(qef_cb, &qeu);
if (local_status != E_DB_OK)
{
(VOID) qef_error(qeu.error.err_code, 0L, local_status, &error,
&qeuq_cb->error, 0);
if (local_status > status)
status = local_status;
}
}
if (transtarted) /* If we started a transaction */
{
local_status = qeu_atran(qef_cb, &tranqeu);
if (local_status != E_DB_OK)
{
(VOID) qef_error(tranqeu.error.err_code, 0L, local_status,
&error, &qeuq_cb->error, 0);
if (local_status > status)
status = local_status;
}
}
if ( Qef_s_cb->qef_state & QEF_S_C2SECURE )
{
if(atuple->dba_objtype==DBOB_DATABASE)
{
evtype=SXF_E_DATABASE;
}
else
{
evtype=SXF_E_TABLE;
}
/*
** Creating an alarm is a control operation on the base object
** (database/table)
*/
if(status==E_DB_OK)
access=(SXF_A_CONTROL|SXF_A_SUCCESS);
else
access=(SXF_A_CONTROL|SXF_A_FAIL);
if(qeu_secaudit(FALSE, qef_cb->qef_ses_id,
(char *)&atuple->dba_objname,
&objowner,
sizeof(atuple->dba_objname),
evtype,
I_SX202D_ALARM_CREATE,
access,
&e_error)!=E_DB_OK)
{
error = e_error.err_code;
status=E_DB_ERROR;
}
}
/*
** Log QEF create error
*/
if(status!=E_DB_OK)
{
(VOID) qef_error(E_QE028B_CREATE_ALARM_ERR, 0L, local_status,
&error, &qeuq_cb->error, 0);
qeuq_cb->error.err_code= E_QE0025_USER_ERROR;
}
return (status);
} /* qeu_csecalarm */
/*{
** Name: psy_agroup - Add members to group
**
** INTERNAL PSF call format: status = psy_agroup(&psy_cb, sess_cb);
**
** Description:
** This procedures adds members to an existing group identifier.
** If the group does not exist, the statement is aborted.
** If the group does exist, all specified members are added to
** iiusergroup. If a member already exists, a warning is issued,
** but the statement is not aborted.
** This procedure is called for SQL language only.
**
** Inputs:
** psy_cb
** .psy_tblq head of group queue
** .psy_usrq head of member queue
** sess_cb Pointer to session control block
** (Can be NULL)
**
** Outputs:
** psy_cb
** .psy_error Filled in if error happens
** Returns:
** E_DB_OK Function completed normally.
** E_DB_INFO One or more members were rejected.
** E_DB_WARN One or more groups were rejected.
** E_DB_ERROR Function failed; non-catastrophic error
** Exceptions:
** none
**
** Side Effects:
** Stores tuples in iiusergroup.
**
** History:
** 12-mar-89 (ralph)
** written
** 20-may-89 (ralph)
** Allow multiple groups to be specified.
** 12-mar-90 (andre)
** set rdr_2types_mask to 0.
** 22-may-90 (teg)
** init rdr_instr to RDF_NO_INSTR
*/
DB_STATUS
psy_agroup(
PSY_CB *psy_cb,
PSS_SESBLK *sess_cb)
{
DB_STATUS status, stat;
RDF_CB rdf_cb;
register RDR_RB *rdf_rb = &rdf_cb.rdf_rb;
DB_USERGROUP ugtuple;
register DB_USERGROUP *ugtup = &ugtuple;
PSY_TBL *psy_tbl;
PSY_USR *psy_usr;
/* This code is called for SQL only */
/*
** Fill in the part of RDF request block that will be constant.
*/
pst_rdfcb_init(&rdf_cb, sess_cb);
rdf_rb->rdr_update_op = RDR_APPEND;
rdf_rb->rdr_status = DB_SQL;
rdf_rb->rdr_types_mask = RDR_GROUP;
rdf_rb->rdr_qrytuple = (PTR) ugtup;
rdf_rb->rdr_qtuple_count = 1;
MEfill(sizeof(ugtup->dbug_reserve),
(u_char)' ',
(PTR)ugtup->dbug_reserve);
status = E_DB_OK;
for (psy_tbl = (PSY_TBL *) psy_cb->psy_tblq.q_next;
psy_tbl != (PSY_TBL *) &psy_cb->psy_tblq;
psy_tbl = (PSY_TBL *) psy_tbl->queue.q_next
)
{
if (STskipblank((char *)&psy_tbl->psy_tabnm,
(i4)sizeof(psy_tbl->psy_tabnm)) == NULL)
continue;
/* STRUCT_ASSIGN_MACRO(psy_tbl->psy_tabnm,
ugtup->dbug_group); */
MEcopy((PTR)&psy_tbl->psy_tabnm,
sizeof(ugtup->dbug_group),
(PTR)&ugtup->dbug_group);
stat = E_DB_OK;
for (psy_usr = (PSY_USR *) psy_cb->psy_usrq.q_next; /* Each user */
psy_usr != (PSY_USR *) &psy_cb->psy_usrq;
psy_usr = (PSY_USR *) psy_usr->queue.q_next
)
{
STRUCT_ASSIGN_MACRO(psy_usr->psy_usrnm, ugtup->dbug_member);
stat = rdf_call(RDF_UPDATE, (PTR) &rdf_cb);
status = (stat > status) ? stat : status;
if (stat > E_DB_INFO)
break;
}
if (DB_FAILURE_MACRO(status))
break;
}
if (DB_FAILURE_MACRO(status))
(VOID) psf_rdf_error(RDF_UPDATE, &rdf_cb.rdf_error,
&psy_cb->psy_error);
return (status);
}
DB_STATUS
psy_calarm(
PSY_CB *psy_cb,
PSS_SESBLK *sess_cb)
{
RDF_CB rdf_cb;
RDR_RB *rdf_rb = &rdf_cb.rdf_rb;
i4 textlen; /* Length of query text */
QSF_RCB qsf_rb;
DB_STATUS status, loc_status;
i4 err_code;
DB_SECALARM *alarm= &psy_cb->psy_tuple.psy_alarm;
/* Fill in QSF request to lock text */
qsf_rb.qsf_type = QSFRB_CB;
qsf_rb.qsf_ascii_id = QSFRB_ASCII_ID;
qsf_rb.qsf_length = sizeof(qsf_rb);
qsf_rb.qsf_owner = (PTR)DB_PSF_ID;
qsf_rb.qsf_sid = sess_cb->pss_sessid;
/* Initialize RDF_CB */
pst_rdfcb_init(&rdf_cb, sess_cb);
rdf_rb->rdr_types_mask = RDR_SECALM; /* Alarm definition */
rdf_rb->rdr_update_op = RDR_APPEND;
rdf_rb->rdr_qrytuple = (PTR)&psy_cb->psy_tuple.psy_alarm; /* Alarm tuple */
/*
** Get the query text from QSF. QSF has stored the text
** as a {nat, string} pair - maybe not be aligned.
*/
STRUCT_ASSIGN_MACRO(psy_cb->psy_qrytext, qsf_rb.qsf_obj_id);
status = qsf_call(QSO_INFO, &qsf_rb);
if (status != E_DB_OK)
{
psf_error(E_PS0D19_QSF_INFO, qsf_rb.qsf_error.err_code,
PSF_INTERR, &err_code, &psy_cb->psy_error, 0);
goto cleanup;
}
MEcopy((PTR)qsf_rb.qsf_root, sizeof(i4), (PTR)&textlen);
rdf_rb->rdr_l_querytext = textlen;
rdf_rb->rdr_querytext = ((char *)qsf_rb.qsf_root) + sizeof(i4);
rdf_rb->rdr_tabid.db_tab_base=alarm->dba_objid.db_tab_base;
/*
** Check type of alarm, and handle accordingly.
** Main difference is where/how subjects are handled:
** - Named alarms have a single subject, which has already been
** resolved in psl. Alarms to public are handled here also
** - Anonymous alarms (old style) may have multiple subjects. These
** operate much like permits, and are split into several alarms, one
** for each subject.
*/
if(STskipblank((char*)&alarm->dba_alarmname,
sizeof(alarm->dba_alarmname)) ==NULL &&
(alarm->dba_subjtype==DBGR_USER ||
alarm->dba_subjtype==DBGR_APLID ||
alarm->dba_subjtype==DBGR_GROUP)
)
{
PSY_USR *psy_usr;
u_char *subj_name;
i4 subj_name_len;
u_char delim_subj_name[DB_MAX_DELIMID];
/*
** Anonymous alarms.
** We loop over each subject, updating the query text for
** each subject and creating the alarm.
*/
psy_usr = (PSY_USR *) psy_cb->psy_usrq.q_next;
do
{
subj_name = (u_char *) &psy_usr->psy_usrnm;
subj_name_len =
(i4) psf_trmwhite(sizeof(psy_usr->psy_usrnm),
(char *) subj_name);
if (~psy_usr->psy_usr_flags & PSY_REGID_USRSPEC)
{
status = psl_norm_id_2_delim_id(&subj_name,
&subj_name_len, delim_subj_name,
&psy_cb->psy_error);
if (DB_FAILURE_MACRO(status))
return status;
}
if (subj_name_len < DB_MAX_DELIMID)
subj_name[ subj_name_len ] = EOS;
STmove((char*)subj_name, ' ', DB_MAX_DELIMID,
rdf_rb->rdr_querytext + psy_cb->psy_noncol_grantee_off);
STmove((char*)subj_name, ' ', sizeof(alarm->dba_subjname),
(char*)&alarm->dba_subjname);
/* Reset alarm name in case filled in by RDF/QEF */
MEfill(sizeof(alarm->dba_alarmname), ' ',
(PTR)&alarm->dba_alarmname);
/* Create a new alarm in iisecalarm */
status = rdf_call(RDF_UPDATE, (PTR) &rdf_cb);
if (status != E_DB_OK)
{
if ( rdf_cb.rdf_error.err_code == E_RD0002_UNKNOWN_TBL)
{
psf_error(E_PS0903_TAB_NOTFOUND, 0L, PSF_USERERR, &err_code,
&psy_cb->psy_error, 1,
psf_trmwhite(sizeof(psy_cb->psy_tabname[0]),
(char *) &psy_cb->psy_tabname[0]),
&psy_cb->psy_tabname[0]);
}
else
{
_VOID_ psf_rdf_error(RDF_UPDATE, &rdf_cb.rdf_error,
&psy_cb->psy_error);
}
goto cleanup;
} /* If RDF error */
/* Next subject */
psy_usr = (PSY_USR *) psy_usr->queue.q_next;
} while (psy_usr != (PSY_USR *) &psy_cb->psy_usrq);
}
else
{
/* Named alarms */
/* Create a new alarm in iisecalarm */
status = rdf_call(RDF_UPDATE, (PTR) &rdf_cb);
if (status != E_DB_OK)
{
if ( rdf_cb.rdf_error.err_code == E_RD0002_UNKNOWN_TBL)
{
psf_error(E_PS0903_TAB_NOTFOUND, 0L, PSF_USERERR, &err_code,
&psy_cb->psy_error, 1,
psf_trmwhite(sizeof(psy_cb->psy_tabname[0]),
(char *) &psy_cb->psy_tabname[0]),
&psy_cb->psy_tabname[0]);
}
else
{
_VOID_ psf_rdf_error(RDF_UPDATE, &rdf_cb.rdf_error,
&psy_cb->psy_error);
}
goto cleanup;
} /* If RDF error */
}
cleanup:
qsf_rb.qsf_lk_state = QSO_EXLOCK;
/* Destroy query text - lock it first */
STRUCT_ASSIGN_MACRO(psy_cb->psy_qrytext, qsf_rb.qsf_obj_id);
loc_status = qsf_call(QSO_LOCK, &qsf_rb);
if (loc_status != E_DB_OK)
{
psf_error(E_PS0D18_QSF_LOCK, qsf_rb.qsf_error.err_code,
PSF_INTERR, &err_code, &psy_cb->psy_error, 0);
if (loc_status > status)
status = loc_status;
}
loc_status = qsf_call(QSO_DESTROY, &qsf_rb);
if (loc_status != E_DB_OK)
{
psf_error(E_PS0D1A_QSF_DESTROY, qsf_rb.qsf_error.err_code,
PSF_INTERR, &err_code, &psy_cb->psy_error, 0);
if (loc_status > status)
status = loc_status;
}
/* Invalidate tableinfo from RDF cache if table object */
if(psy_cb->psy_gtype==DBOB_TABLE)
{
pst_rdfcb_init(&rdf_cb, sess_cb);
STRUCT_ASSIGN_MACRO(alarm->dba_objid, rdf_rb->rdr_tabid);
loc_status = rdf_call(RDF_INVALIDATE, (PTR) &rdf_cb);
if (DB_FAILURE_MACRO(loc_status))
{
(VOID) psf_rdf_error(RDF_INVALIDATE, &rdf_cb.rdf_error,
&psy_cb->psy_error);
if (loc_status > status)
status = loc_status;
}
}
return (status);
} /* psy_calarm */
/*{
** Name: scu_xencode - encrypt a character string
**
** Description:
** This function uses CI routines to encrypt a character string.
** Since the character string is used to generate the key schedule,
** the encryption is essentially one-way (you'd need to know the
** password to decode the password....) This routine was designed
** to encrypt application_id passwords.
**
** Inputs:
** SCU_XENCODE the opcode to scf_call()
** scf_cb control block in which is specified
** .scf_ptr_union.scf_xpassword
** pointer to buffer to be encrypted
** .scf_nbr_union.scf_xpasskey
** pointer to seed for key schedule
** .scf_len_union.scf_xpwdlen
** length of password and key seed
**
** Outputs:
** scf_cb the same control block
** .error the error control area
** .err_code E_SC_OK or ...
** E_SC0261_XENCODE_BAD_PARM
** E_SC0262_XENCODE_BAD_RESULT
** Returns:
** E_DB_{OK, WARNING, ERROR, FATAL}
** Exceptions:
** none
**
** Side Effects:
** none
**
** History:
** 24-mar-89 (ralph)
** Written for terminator
** 20-may-89 (ralph)
** Changed encryption to use separate key
** 06-jun-89 (ralph)
** Fixed unix compile problems
** 06-may-1993 (ralph)
** DELIM_IDENT:
** Translate key seed to lower case prior to encryption.
** 2-Jul-1993 (daveb)
** prototyped.
** 14-jul-93 (ed)
** replacing <dbms.h> by <gl.h> <sl.h> <iicommon.h> <dbdbms.h>
** 12-Sep-2007 (drivi01)
** Modified scu_xencode function to fix numerous bugs.
** The buffers for password manipulation shouldn't exceed
** the size of scb_xpassword field in SCF control block,
** otherwise the data will be truncated.
*/
DB_STATUS
scu_xencode(SCF_CB *scf_cb, SCD_SCB *scb )
{
STATUS status;
CI_KS KS;
char inbuffer[DB_PASSWORD_LENGTH+1];
char outbuffer[DB_PASSWORD_LENGTH+1];
char keybuffer[DB_PASSWORD_LENGTH];
u_i2 i2_size;
i4 longnat_size;
i4 nat_size;
char *char_ptr;
#define PASSINIT "hjodvwHOJHOJhodh498032&*&*#)$&*jpkshghjlg58925fjkdjkpg"
status = E_DB_OK;
CLRDBERR(&scf_cb->scf_error);
/* Ensure input parameter is okay */
if ((scf_cb->scf_len_union.scf_xpwdlen <= 0) ||
(scf_cb->scf_len_union.scf_xpwdlen >= sizeof(inbuffer)) ||
(scf_cb->scf_nbr_union.scf_xpasskey == NULL) ||
(scf_cb->scf_ptr_union.scf_xpassword == NULL))
{
sc0ePut(NULL, E_SC0261_XENCODE_BAD_PARM, NULL, 0);
SETDBERR(&scf_cb->scf_error, 0, E_SC0261_XENCODE_BAD_PARM);
return(E_DB_ERROR);
}
/* Copy string to input buffer */
MEmove(scf_cb->scf_len_union.scf_xpwdlen,
(PTR)scf_cb->scf_ptr_union.scf_xpassword,
(char)'\0',
sizeof(inbuffer),
(PTR)inbuffer);
/* Copy key to key buffer */
MEmove(scf_cb->scf_len_union.scf_xpwdlen,
(PTR)scf_cb->scf_nbr_union.scf_xpasskey,
(char)'?',
sizeof(keybuffer),
(PTR)keybuffer);
/* Fold the key to lower case */
for (nat_size = sizeof(keybuffer), char_ptr = keybuffer;
nat_size > 0;
nat_size = CMbytedec(nat_size, char_ptr), char_ptr = CMnext(char_ptr))
{
CMtolower(char_ptr, char_ptr);
}
/* Remove white space from input string */
nat_size = STzapblank(inbuffer, outbuffer);
/* Check size */
if ((nat_size <= 0) ||
(nat_size > sizeof(outbuffer)-1))
{
sc0ePut(NULL, E_SC0261_XENCODE_BAD_PARM, NULL, 0);
SETDBERR(&scf_cb->scf_error, 0, E_SC0261_XENCODE_BAD_PARM);
return(E_DB_ERROR);
}
/* Initialize input buffer to "garbage" */
MEmove(sizeof(PASSINIT), (PTR)PASSINIT, (char)'?',
sizeof(inbuffer), (PTR)inbuffer);
/* Normalize the string back into input buffer */
MEcopy((PTR)outbuffer, nat_size, (PTR)inbuffer);
/* Reset output buffer to blanks */
MEfill(sizeof(outbuffer),
(u_char)' ',
(PTR)outbuffer);
/*
** First, encrypt the key seed using the string to encode.
** Then, encrypt the string using the encrypted seed.
** This is done to prevent two roles with the same password
** from having the same encrypted value.
** Note that this makes the encryption one-way, since
** the password must be provided to decrypt the password!
*/
/* Generate the key schedule to encrypt the key seed */
(VOID)CIsetkey((PTR)inbuffer, KS);
/* Encrypt the key seed */
longnat_size = DB_PASSWORD_LENGTH;
(VOID)CIencode((PTR)keybuffer, longnat_size, KS, (PTR)outbuffer);
/* Generate the second key schedule */
(VOID)CIsetkey((PTR)keybuffer, KS);
/* Encode the string */
longnat_size = DB_PASSWORD_LENGTH;
(VOID)CIencode((PTR)inbuffer, longnat_size, KS, (PTR)outbuffer);
/* Make sure it was really encoded */
if ((char *)STskipblank(outbuffer, (i4)sizeof(outbuffer))
!= NULL)
{
/* It was; copy result to caller's area */
i2_size = scf_cb->scf_len_union.scf_xpwdlen;
MEmove(sizeof(outbuffer), (PTR)outbuffer, (char)' ',
i2_size, (PTR)scf_cb->scf_ptr_union.scf_xpassword);
}
else
{
/* The encryption did not work; return an error */
sc0ePut(NULL, E_SC0262_XENCODE_BAD_RESULT, NULL, 0);
SETDBERR(&scf_cb->scf_error, 0, E_SC0262_XENCODE_BAD_RESULT);
status = E_DB_ERROR;
}
return(status);
}
/*
** Name: makeutable - make unicode collation element table
**
** Descrription:
** Reads input collation element text file and compiles a table.
** also reads the Unicode character database and adds attributes for
** each character found. Currently we only take note of canonical
** decomposition for normalization.
**
** Inputs:
** desfile - collation element description file
**
** Outputs:
** None
**
** Returns:
** utbl - collation element table
**
** History:
** 14-mar-2001 (stephenb)
** Created
** 5-apr-2001 (stephenb)
** Add code to read unciode character database.
** 17-may-2001 (stephenb)
** Read in combining class from character database.
** 24-dec-2001 (somsa01)
** Modified such that the varsize which is placed in the Unicode
** table is now a SIZE_TYPE rather than an i4.
** 12-dec-2001 (devjo01)
** Make sure 1st overflow entry is properly aligned.
** Add messages to report if files cannot be opened.
** 17-jul-2001 (gupsh01)
** Modified the placing of the decomposition enty to
** decomp structure in the file, to be the first entry.
** 04-Mar-2005 (hanje04)
** Add support for reverse hybrid builds, i.e. 64bit exe needs to
** call 32bit version.
** 17-May-2007 (gupsh01)
** Added support for reverse sorting of the accented characters.
** This is done to support @backwards tag in custom collation file.
** 08-Aug-2007 (kiria01) b118917
** Detect lines relating to conditional special caseing and ignore them.
** 08-Aug-2007 (gupsh01)
** Fixed the typo for CASE_IGNORABLE setting. Also fixed the
** handling of Final_Sigma in the special_casing.txt.
** 08-Aug-2007 (gupsh01)
** Fixed the decomposition mapping which were not being set for
** composite characters.
** 24-Nov-2008 (gupsh01)
** When alloating the memory for recombination table make sure
** we initialize the buffer.
*/
static ADUUCETAB *
makeutable(
char *desfile)
{
char buf[MAX_UCOL_REC];
FILE *fp;
FILE *dfp;
LOCATION loc;
char table_vers[MAX_UVERS] = "";
i4 lno = 0;
char *recptr;
char *separator;
ADUUCETAB *tab = &w.utab;
i4 num_rvals = 0;
ADUUCETAB *epointer = (ADUUCETAB *)w.buff; /* entries first */
/* then instructions */
char *ipointer;
SIZE_TYPE *varsize;
char *tptr;
ADU_UCEFILE *rrec = NULL;
ADU_UCEFILE *cerec = NULL;
char csval[7];
char svalue[21];
char *ceptr;
char *comment;
u_i4 cval;
i4 numce;
bool combent;
i4 i;
/* Stuff to track the size of the recomb_tbl entries */
u_i2 **recomb_def2d;
u_i2 *recomb_def1d;
char *recombtbl;
char *tracker;
SIZE_TYPE *recomb_tbl_size;
i4 tr = 0;
i4 j = 0;
STATUS stat;
i4 rcbufsz;
char *tempbuf;
i4 current_bytes;
char *upperval;
char *lowerval;
char *titleval;
char *endval;
i4 bts = 0;
i4 lcnt = 0;
i4 tcnt = 0;
i4 ucnt = 0;
i4 row = 0;
i4 col = 0;
bool backward_set = FALSE;
/* open file */
STcopy(desfile, buf);
LOfroms(FILENAME, buf, &loc);
if (SIopen(&loc, "r", &fp) != OK)
{
SIprintf("aducompile: Unable to open input file \"%s\".\n",
loc.string );
return NULL;
}
varsize = (SIZE_TYPE *)(w.buff + ENTRY_SIZE);
recomb_tbl_size = (SIZE_TYPE *)(varsize + 1);
ipointer = (char*)(recomb_tbl_size + 1);
ipointer = ME_ALIGN_MACRO(ipointer, sizeof(PTR));
/* this is a sparse table, make sure we initialize it */
MEfill(INSTRUCTION_SIZE + ENTRY_SIZE, 0, w.buff);
*varsize = 0;
/* read data */
while (SIgetrec(buf, sizeof(buf), fp) != ENDFILE)
{
lno++;
if (buf[0] == '#')
/* comment line */
continue;
(VOID)STtrmwhite(buf);
if (STcompare(buf, "") == 0)
/* blank line */
continue;
/* should first find version */
if (table_vers[0] == EOS)
{
if (STbcompare(buf, 8, "@version", 8, TRUE) == 0)
{
/* we don't parse the version string, maybe we should */
STlcopy(buf+9, table_vers, MAX_UVERS);
continue;
}
else
{
SIprintf("Syntax error on line %d, version line must be first \
non-comment line in the file, ignored\n", lno);
continue;
}
}
/* then alternate weights (optional), currently un-supported */
if (STbcompare(buf, 10, "@alternate", 10, TRUE) == 0)
{
SIprintf("Syntax error on line %d, alternate weights are not \
currently supported, ignored\n", lno);
continue;
}
/* now backwards lines (also not currently supported) */
if (STbcompare(buf, 10, "@backwards", 10, TRUE) == 0)
{
backward_set = TRUE;
continue;
}
/* and rearrange lines */
if (STbcompare(buf, 10, "@rearrange", 10, TRUE) == 0)
{
bool strend = FALSE;
u_i4 rval;
for (recptr = buf + 10;;)
{
/* skip blanks */
if ((recptr = STskipblank(recptr, STlength(recptr))) == NULL)
{
/* blank string, ignore */
SIprintf("Syntax error on line %d, no characters in \
rearrange list, ignoring\n", lno);
strend = TRUE;
break;
}
/* find next comma separator */
if ((separator = STindex(recptr, ",", 0)) == NULL)
{
strend = TRUE;
separator = recptr + 4;
}
if (separator - recptr != 4)
{
SIprintf("Syntax error on line %d, characters in a rearrange\
line must be a comma separated list of 4 digit hex values, ABORTING\n", lno);
tab = NULL;
break;
}
/*{
** Name: psy_auser - Alter user
**
** INTERNAL PSF call format: status = psy_auser(&psy_cb, sess_cb);
**
** Description:
** This procedure alters an iiuser tuple. If the
** user does not exist, the statement is aborted.
** If the user does exist, the associated
** iiuser tuple is replaced.
** This procedure is called for SQL language only.
**
** Inputs:
** psy_cb
** .psy_usrq user list
** sess_cb Pointer to session control block
** (Can be NULL)
**
** Outputs:
** psy_cb
** .psy_error Filled in if error happens
** Returns:
** E_DB_OK Function completed normally.
** E_DB_WARN Function completed with warning(s);
** E_DB_ERROR Function failed; non-catastrophic error
** E_DB_SEVERE Function failed; catastrophic error
** Exceptions:
** none
**
** Side Effects:
** Replaces tuples in iiuser.
**
** History:
** 04-sep-89 (ralph)
** written
** 16-jan-90 (ralph)
** add support for user passwords
** 12-mar-90 (andre)
** set rdr_2types_mask to 0.
** 22-may-90 (teg)
** init rdr_instr to RDF_NO_INSTR
** 08-aug-90 (ralph)
** add support for oldpassword (as in ALTER USER OLDPASSWORD = '******')
** 12-apr-95 (forky01)
** Apply default privs when only privs specified to allow backward
** compatibility to fix Secure 2.0 code.
** 28-jul-2003 (gupsh01)
** Added check for case when noprivileges have been added and
** nodefault_privileges is not specified, with a profile in alter
** user statement.
*/
DB_STATUS
psy_auser(
PSY_CB *psy_cb,
PSS_SESBLK *sess_cb)
{
DB_STATUS status, stat;
RDF_CB rdf_cb;
i4 err_code;
register RDR_RB *rdf_rb = &rdf_cb.rdf_rb;
struct
{
DU_USER ustuple;
DU_USER ustuple2;
} usparam;
register DU_USER *ustup = &usparam.ustuple;
register DU_USER *ustup2 = &usparam.ustuple2;
PSY_USR *psy_usr;
bool encrypt;
bool encrypt2;
SCF_CB scf_cb;
SCF_CB scf_cb2;
DB_DATA_VALUE db_data;
DB_DATE dateval;
/* This code is called for SQL only */
/*
** Fill in the part of RDF request block that will be constant.
*/
pst_rdfcb_init(&rdf_cb, sess_cb);
rdf_rb->rdr_update_op = RDR_REPLACE;
rdf_rb->rdr_status = DB_SQL;
rdf_rb->rdr_types_mask = RDR_USER;
rdf_rb->rdr_qrytuple = (PTR) ustup;
rdf_rb->rdr_qtuple_count = 1;
ustup->du_gid = 0;
ustup->du_mid = 0;
ustup->du_flagsmask = 0;
/* User profile */
if(psy_cb->psy_usflag& PSY_USRPROFILE)
{
MECOPY_CONST_MACRO((PTR)&psy_cb->psy_usprofile,
sizeof(psy_cb->psy_usprofile),
(PTR)&ustup->du_profile);
ustup->du_flagsmask|= DU_UHASPROFILE;
}
else
{
MEfill(sizeof(ustup->du_profile),
(u_char)' ',
(PTR)&ustup->du_profile);
}
if ((psy_cb->psy_usflag& PSY_USRPROFILE) &&
(psy_cb->psy_usflag& PSY_USRPRIVS) &&
(psy_cb->psy_usflag& PSY_UNOPRIVS) &&
!(psy_cb->psy_usflag & PSY_UNODEFPRIV))
{
/* If alter user has PSY_UNOPRIVS specified and
** we have provided a profile for this user
** but we have not set the nodefault_privileges
** specified, We should return an error. profile
** may have default_privileges, which will be
** inherited by the user with noprivileges.
*/
err_code = E_US1968_6504_UNOPRIV_WDEFAULT;
(VOID) psf_error( E_US1968_6504_UNOPRIV_WDEFAULT, 0L,
PSF_USERERR, &err_code, &psy_cb->psy_error, 0);
status = E_DB_ERROR;
return(status);
}
if(psy_cb->psy_usflag& PSY_USRDEFPRIV)
{
ustup->du_defpriv = psy_cb->psy_usdefprivs;
ustup->du_flagsmask|= DU_UDEFPRIV;
/* Add default=all indicator */
if(psy_cb->psy_usflag & PSY_USRDEFALL)
ustup->du_flagsmask|=DU_UDEFALL;
/* set value of nodefault_privileges flag */
if (psy_cb->psy_usflag & PSY_UNODEFPRIV)
ustup->du_flagsmask|= DU_UNODEFPRIV;
}
else
{
/*
** If no default specified use all privileges
*/
if (psy_cb->psy_usflag & PSY_USRPRIVS)
ustup->du_defpriv = (i4)psy_cb->psy_usprivs;
else
ustup->du_defpriv = 0;
}
/*
** Expiration date, may be empty
*/
if(psy_cb->psy_usflag& PSY_USREXPDATE)
{
/*
** Date already formatted earlier
*/
MECOPY_CONST_MACRO((PTR)&psy_cb->psy_date, sizeof(DB_DATE),
(PTR)&ustup->du_expdate);
ustup->du_flagsmask|= DU_UEXPDATE;
}
else
{
/*
** Initialize to the empty date
*/
db_data.db_datatype = DB_DTE_TYPE;
db_data.db_prec = 0;
db_data.db_length = DB_DTE_LEN;
db_data.db_data = (PTR)&ustup->du_expdate;
status = adc_getempty(sess_cb->pss_adfcb, &db_data);
if(status)
return status;
}
/*
** Check if adding, deleting, or setting privileges
*/
ustup->du_status = (i4) psy_cb->psy_usprivs;
if (psy_cb->psy_usflag & PSY_USRAPRIVS)
ustup->du_flagsmask |= DU_UAPRIV;
else if (psy_cb->psy_usflag & PSY_USRDPRIVS)
ustup->du_flagsmask |= DU_UDPRIV;
else if (psy_cb->psy_usflag & PSY_USRPRIVS)
ustup->du_flagsmask |= DU_UPRIV;
else
ustup->du_status = 0;
/*
** Check if updating security audit options
*/
if (psy_cb->psy_usflag & PSY_USRSECAUDIT)
{
if(psy_cb->psy_ussecaudit & PSY_USAU_ALL_EVENTS)
ustup->du_flagsmask |= DU_UALLEVENTS;
else
ustup->du_flagsmask |= DU_UDEFEVENTS;
if (psy_cb->psy_ussecaudit & PSY_USAU_QRYTEXT)
ustup->du_flagsmask |= DU_UQRYTEXT;
else
ustup->du_flagsmask |= DU_UNOQRYTEXT;
}
if (psy_cb->psy_usflag & PSY_USRDEFGRP)
{
MEcopy((PTR)&psy_cb->psy_usgroup,
sizeof(ustup->du_group),
(PTR)&ustup->du_group);
ustup->du_flagsmask|= DU_UGROUP;
}
else
{
MEfill(sizeof(ustup->du_group),
(u_char)' ',
(PTR)&ustup->du_group);
}
encrypt = (STskipblank((char *)&psy_cb->psy_apass,
(i4)sizeof(psy_cb->psy_apass))
!= NULL);
if (encrypt)
{
scf_cb.scf_length = sizeof (SCF_CB);
scf_cb.scf_type = SCF_CB_TYPE;
scf_cb.scf_facility = DB_PSF_ID;
scf_cb.scf_session = sess_cb->pss_sessid;
scf_cb.scf_nbr_union.scf_xpasskey =
(PTR)&ustup->du_name;
scf_cb.scf_ptr_union.scf_xpassword =
(PTR)&ustup->du_pass;
scf_cb.scf_len_union.scf_xpwdlen =
sizeof(ustup->du_pass);
}
else
STRUCT_ASSIGN_MACRO(psy_cb->psy_apass, ustup->du_pass);
if (psy_cb->psy_usflag & PSY_USRPASS)
{
ustup->du_flagsmask|= DU_UPASS;
if (psy_cb->psy_usflag & PSY_USREXTPASS)
ustup->du_flagsmask |= DU_UEXTPASS;
}
else
{
MEfill(sizeof(ustup->du_pass),
(u_char)' ',
(PTR)&ustup->du_pass);
}
encrypt2 = (STskipblank((char *)&psy_cb->psy_bpass,
(i4)sizeof(psy_cb->psy_bpass))
!= NULL);
if (encrypt2)
{
scf_cb2.scf_length = sizeof (SCF_CB);
scf_cb2.scf_type = SCF_CB_TYPE;
scf_cb2.scf_facility = DB_PSF_ID;
scf_cb2.scf_session = sess_cb->pss_sessid;
scf_cb2.scf_nbr_union.scf_xpasskey =
(PTR)&ustup->du_name;
scf_cb2.scf_ptr_union.scf_xpassword =
(PTR)&ustup2->du_pass;
scf_cb2.scf_len_union.scf_xpwdlen =
sizeof(ustup2->du_pass);
}
else
STRUCT_ASSIGN_MACRO(psy_cb->psy_bpass, ustup2->du_pass);
if (psy_cb->psy_usflag & PSY_USROLDPASS)
ustup->du_flagsmask|= DU_UOLDPASS;
else
{
MEfill(sizeof(ustup2->du_pass),
(u_char)' ',
(PTR)&ustup2->du_pass);
}
status = E_DB_OK;
for (psy_usr = (PSY_USR *) psy_cb->psy_usrq.q_next;
psy_usr != (PSY_USR *) &psy_cb->psy_usrq;
psy_usr = (PSY_USR *) psy_usr->queue.q_next
)
{
/* STRUCT_ASSIGN_MACRO(psy_usr->psy_usrnm,
ustup->du_name); */
MEcopy((PTR)&psy_usr->psy_usrnm,
sizeof(ustup->du_name),
(PTR)&ustup->du_name);
/* Encrypt the password if nonblank and not already hex value */
if (encrypt)
{
STRUCT_ASSIGN_MACRO(psy_cb->psy_apass, ustup->du_pass);
if(!(psy_cb->psy_usflag & PSY_HEXPASS))
{
status = scf_call(SCU_XENCODE, &scf_cb);
if (status != E_DB_OK)
{
err_code = scf_cb.scf_error.err_code;
(VOID) psf_error(E_PS0D43_XENCODE_ERROR, 0L,
PSF_INTERR, &err_code, &psy_cb->psy_error, 0);
status = (status > E_DB_SEVERE) ? status : E_DB_SEVERE;
return(status);
}
}
}
if (encrypt2)
{
STRUCT_ASSIGN_MACRO(psy_cb->psy_bpass, ustup2->du_pass);
status = scf_call(SCU_XENCODE, &scf_cb2);
if (status != E_DB_OK)
{
err_code = scf_cb2.scf_error.err_code;
(VOID) psf_error(E_PS0D43_XENCODE_ERROR, 0L,
PSF_INTERR, &err_code, &psy_cb->psy_error, 0);
status = (status > E_DB_SEVERE) ? status : E_DB_SEVERE;
return(status);
}
}
stat = rdf_call(RDF_UPDATE, (PTR) &rdf_cb);
status = (stat > status) ? stat : status;
if (DB_FAILURE_MACRO(stat))
break;
}
if (DB_FAILURE_MACRO(status))
(VOID) psf_rdf_error(RDF_UPDATE, &rdf_cb.rdf_error,
&psy_cb->psy_error);
return (status);
}
/*{
** Name: psy_user - Dispatch user qrymod routines
**
** INTERNAL PSF call format: status = psy_user(&psy_cb, sess_cb);
** EXTERNAL call format: status = psy_call (PSY_USER,&psy_cb, sess_cb);
**
** Description:
** This procedure checks the psy_usflag field of the PSY_CB
** to determine which qrymod processing routine to call:
** PSY_CUSER results in call to psy_cuser()
** PSY_AUSER results in call to psy_auser()
** PSY_KUSER results in call to psy_kuser()
**
** This procedure is called for SQL language only.
**
** Inputs:
** psy_cb
** .psy_usflag user operation
** sess_cb Pointer to session control block
** (Can be NULL)
**
** Outputs:
** psy_cb
** .psy_error Filled in if error happens
** Returns:
** E_DB_OK Function completed normally.
** E_DB_WARN Function completed with warning(s);
** E_DB_ERROR Function failed; non-catastrophic error
** E_DB_SEVERE Function failed; catastrophic error
** Exceptions:
** none
**
** Side Effects:
** None.
**
** History:
** 04-sep-89 (ralph)
** written
** 30-oct-89 (ralph)
** call qeu_audit() only if failure due to authorization check
** 11-apr-90 (jennifer)
** bug 20746 - Fix initialization of access and msgid.
** 09-dec-1992 (pholman)
** C2: change obsolete qeu_audit to be psy_secaudit.
** 06-apr-1993 (smc)
** Cast parameters to match prototypes.
** 17-jun-93 (andre)
** changed interface of psy_secaudit() to accept PSS_SESBLK
** 12-jul-93 (robf)
** check if user passwords are allowed
** 2-feb-94 (robf)
** Don't check for passwords allowed with PROFILE statements,
** profiles don't have passwords.
** 26-Oct-2004 (schka24)
** Restore security check accidently deleted with B1.
*/
DB_STATUS
psy_user(
PSY_CB *psy_cb,
PSS_SESBLK *sess_cb)
{
DB_STATUS status, local_status;
DB_ERROR e_error;
i4 err_code;
char dbname[DB_DB_MAXNAME];
SCF_CB scf_cb;
SCF_SCI sci_list[1];
i4 access = 0;
i4 msgid;
PSY_USR *psy_usr = (PSY_USR *)psy_cb->psy_usrq.q_next;
bool sensitive = FALSE;
bool leave_loop = TRUE;
/* This code is called for SQL only */
/* Make sure session is authorized and connected to iidbdb */
do
{
/* Ensure we're authorized to issue CREATE/ALTER/DROP USER */
if (((psy_cb->psy_usflag & ~(PSY_AUSER | PSY_USRPASS | PSY_USROLDPASS))
||
(!(psy_cb->psy_usflag & PSY_USRPASS))
||
(psy_cb->psy_usflag & (PSY_USREXPDATE|PSY_USRDEFPRIV))
||
(STskipblank
((char *)&psy_cb->psy_apass,sizeof(psy_cb->psy_apass)) == NULL)
) && (!(sess_cb->pss_ustat & DU_UMAINTAIN_USER)))
sensitive = TRUE;
/* Now ALTER_AUDIT clauses - SECURITY_AUDIT */
if((psy_cb->psy_usflag & PSY_USRSECAUDIT) &&
!(sess_cb->pss_ustat & DU_UALTER_AUDIT))
sensitive = TRUE;
/* Alter priv with SECURITY, and don't have SECURITY, is sensitive */
if ( (psy_cb->psy_usflag & (PSY_USRPRIVS|PSY_USRAPRIVS|PSY_USRDPRIVS))
&& (psy_cb->psy_usprivs & DU_USECURITY)
&& ! (sess_cb->pss_ustat & DU_USECURITY) )
sensitive = TRUE;
if(((psy_cb->psy_usflag & (PSY_APROFILE|PSY_DPROFILE|PSY_CPROFILE)))
&& !(sess_cb->pss_ustat & DU_UMAINTAIN_USER))
{
/*
** Creating profiles is a privileged operation
*/
sensitive=TRUE;
}
if (sensitive)
{
/* User is not authorized to perform the requested function */
if ( Psf_srvblk->psf_capabilities & PSF_C_C2SECURE )
{
if ((psy_cb->psy_usflag & (PSY_CUSER | PSY_AUSER | PSY_KUSER))
== PSY_CUSER)
{
access = SXF_A_FAIL | SXF_A_CREATE;
msgid = I_SX200C_USER_CREATE;
}
else if ((psy_cb->psy_usflag & (PSY_CUSER | PSY_AUSER | PSY_KUSER))
== PSY_AUSER)
{
access = SXF_A_FAIL | SXF_A_ALTER;
msgid = I_SX2023_USER_ALTER;
}
else if ((psy_cb->psy_usflag & (PSY_CUSER | PSY_AUSER | PSY_KUSER))
== PSY_KUSER)
{
access = SXF_A_FAIL | SXF_A_DROP;
msgid = I_SX200D_USER_DROP;
}
else if ((psy_cb->psy_usflag & (PSY_CPROFILE | PSY_APROFILE | PSY_DPROFILE))
== PSY_CPROFILE)
{
access = SXF_A_FAIL | SXF_A_CREATE;
msgid = I_SX272E_CREATE_PROFILE;
}
else if ((psy_cb->psy_usflag & (PSY_CPROFILE | PSY_APROFILE | PSY_DPROFILE))
== PSY_APROFILE)
{
access = SXF_A_FAIL | SXF_A_ALTER;
msgid = I_SX272F_ALTER_PROFILE;
}
else if ((psy_cb->psy_usflag & (PSY_CPROFILE | PSY_APROFILE | PSY_DPROFILE))
== PSY_DPROFILE)
{
access = SXF_A_FAIL | SXF_A_DROP;
msgid = I_SX2730_DROP_PROFILE;
}
local_status = psy_secaudit(FALSE, sess_cb,
(char *)&psy_usr->psy_usrnm,
(DB_OWN_NAME *)NULL,
sizeof(DB_OWN_NAME), SXF_E_SECURITY,
msgid, access,
&e_error);
}
if (psy_cb->psy_usflag & PSY_AUSER)
{
err_code = E_US18D5_6357_FORM_NOT_AUTH;
(VOID) psf_error(E_US18D5_6357_FORM_NOT_AUTH, 0L,
PSF_USERERR, &err_code, &psy_cb->psy_error, 1,
sizeof("ALTER USER/PROFILE")-1,
"ALTER USER/PROFILE");
}
else
{
err_code = E_US18D3_6355_NOT_AUTH;
(VOID) psf_error(E_US18D3_6355_NOT_AUTH, 0L,
PSF_USERERR, &err_code, &psy_cb->psy_error, 1,
sizeof("CREATE/DROP USER/PROFILE")-1,
"CREATE/DROP USER/PROFILE");
}
status = E_DB_ERROR;
break;
}
/* Ensure we're connected to the iidbdb database */
scf_cb.scf_length = sizeof (SCF_CB);
scf_cb.scf_type = SCF_CB_TYPE;
scf_cb.scf_facility = DB_PSF_ID;
scf_cb.scf_session = sess_cb->pss_sessid;
scf_cb.scf_ptr_union.scf_sci = (SCI_LIST *) sci_list;
scf_cb.scf_len_union.scf_ilength = 1;
sci_list[0].sci_code = SCI_DBNAME;
sci_list[0].sci_length = sizeof(dbname);
sci_list[0].sci_aresult = (char *) dbname;
sci_list[0].sci_rlength = NULL;
status = scf_call(SCU_INFORMATION, &scf_cb);
if (status != E_DB_OK)
{
err_code = scf_cb.scf_error.err_code;
(VOID) psf_error(E_PS0D13_SCU_INFO_ERR, 0L,
PSF_INTERR, &err_code, &psy_cb->psy_error, 0);
status = (status > E_DB_SEVERE) ? status : E_DB_SEVERE;
return(status);
}
if (MEcmp((PTR)dbname, (PTR)DB_DBDB_NAME, sizeof(dbname)))
{
/* Session not connected to iidbdb */
err_code = E_US18D4_6356_NOT_DBDB;
(VOID) psf_error(E_US18D4_6356_NOT_DBDB, 0L,
PSF_USERERR, &err_code, &psy_cb->psy_error, 1,
sizeof("CREATE/ALTER/DROP USER/PROFILE")-1,
"CREATE/ALTER/DROP USER/PROFILE");
status = E_DB_ERROR;
break;
}
/*
** Check if passwords are allowed.
*/
if((sess_cb->pss_ses_flag & PSS_PASSWORD_NONE)
&& !(psy_cb->psy_usflag & (
PSY_KUSER|
PSY_DPROFILE|PSY_APROFILE|PSY_CPROFILE))
&& STskipblank((char *)&psy_cb->psy_apass,
(i4)sizeof(psy_cb->psy_apass)) != NULL)
{
err_code=E_US18E7_6375;
(VOID) psf_error(E_US18E7_6375, 0L,
PSF_USERERR, &err_code, &psy_cb->psy_error, 1,
sizeof("CREATE/ALTER USER WITH PASSWORD")-1,
"CREATE/ALTER USER WITH PASSWORD");
status = E_DB_ERROR;
break;
}
break;
/* leave_loop has already been set to TRUE */
} while (!leave_loop);
/* Select the proper routine to process this request */
if (status == E_DB_OK)
switch (psy_cb->psy_usflag & (PSY_CUSER | PSY_AUSER | PSY_KUSER|
PSY_CPROFILE | PSY_APROFILE | PSY_DPROFILE))
{
case PSY_CUSER:
status = psy_cuser(psy_cb, sess_cb);
break;
case PSY_AUSER:
status = psy_auser(psy_cb, sess_cb);
break;
case PSY_KUSER:
status = psy_kuser(psy_cb, sess_cb);
break;
case PSY_CPROFILE:
status = psy_cprofile(psy_cb, sess_cb);
break;
case PSY_APROFILE:
status = psy_aprofile(psy_cb, sess_cb);
break;
case PSY_DPROFILE:
status = psy_kprofile(psy_cb, sess_cb);
break;
default:
status = E_DB_SEVERE;
err_code = E_PS0D46_INVALID_USER_OP;
(VOID) psf_error(E_PS0D46_INVALID_USER_OP, 0L,
PSF_INTERR, &err_code, &psy_cb->psy_error, 0);
break;
}
return (status);
}
