NWDSCCODE nds_login( NWDSContextHandle ctx, const NWDSChar* objectName, const char *objectPassword) { NWCONN_HANDLE conn; NWObjectID objectID; NWObjectID pseudoID; nuint8 rndseed[4]; nuint8* serverPublicKey; NWDSCCODE err; size_t pwdLen; nuint8 pwdHash[16]; nuint8* privKey; size_t privKeyLen; nuint8 logindata[8]; NWDSCCODE grace_err; wchar_t unaliasedName[MAX_DN_CHARS + 1]; NWDSContextHandle wctx; err = __NWDSGenerateObjectKeyPairStep1(ctx, objectName, &conn, &objectID, &pseudoID, rndseed, &serverPublicKey); if (err) return err; err = NWDSDuplicateContextHandleInt(ctx, &wctx); if (err) { __NWDSGenerateObjectKeyPairStep3(conn, serverPublicKey); return err; } err = NWDSMapIDToName(wctx, conn, objectID, (NWDSChar*)unaliasedName); if (err) { NWDSFreeContext(wctx); __NWDSGenerateObjectKeyPairStep3(conn, serverPublicKey); return err; } /* compute key... */ pwdLen = strlen(objectPassword); /* BEWARE! other NWDS*Password functions do NOT uppercase password */ __NWDSHashPasswordUpper(objectPassword, pseudoID, pwdLen, pwdHash); grace_err = __NWDSGetPrivateKey(conn, serverPublicKey, rndseed, objectID, pwdHash, logindata, &privKey, &privKeyLen); __NWDSGenerateObjectKeyPairStep3(conn, serverPublicKey); if (!grace_err || grace_err == NWE_PASSWORD_EXPIRED) { err = NWDSSetKeys(wctx, logindata, unaliasedName, privKey, privKeyLen); memset(privKey, 0, privKeyLen); free(privKey); if (err) goto err_exit; } err = grace_err; err_exit: NWDSFreeContext(wctx); memset(logindata, 0, sizeof(logindata)); return err; }
int TrusteeRights (NWCONN_HANDLE ConnHandle, NWDIR_HANDLE DirHandle, pnstr8 Path, nuint16 NameSpace, pnstr8 TrusteeName, pnstr8 Rights) { nuint32 ObjectID; // Variable to hold the Object ID (converted from TrusteeName) nuint16 ObjectRights; // Holds the binary representation of the rights nuint16 FileFlag; // Specifies a file or folder NWDSCCODE res; // Holds NDS Api return codes nuint32 IterHandle; // Iterator handle for internal use by NDS Api nuint16 NumEntries; // Number of entries returned by NWIntScanForTrustees NWET_INFO TrusteeInfo; // Array of trustees and rights nstr8 DosPath [256]; // String to represent DOS path nstr8 Trustee [MAX_DN_CHARS + 1]; // String to hold trustee TrusteeRightsOp RightsOp; // Stores which operation were carrying out for if statements int i; // Used for iterating through trustee array // Get the short path name if ((res = GetShortPath (ConnHandle, DirHandle, Path, NameSpace, DosPath, 256, &FileFlag)) != 0) return ERR_FILE_INFO; ObjectRights = TR_NONE; // Work out which operation were doing - + indicate adding, - is revoking, REM is deleting, anything else is assign if (Rights [0] == '+') RightsOp = Add; else if (Rights [0] == '-') RightsOp = Revoke; else if (stricmp (Rights, "REM") == 0) RightsOp = Delete; else RightsOp = Set; // COnvert Trustee to an ObjectID if ((res = NWDSMapNameToID (NDSContext, ConnHandle, TrusteeName, &ObjectID)) != 0) return ERR_TRUSTEE_TO_NDS_OBJ; // If we're adding or revoking, we need to know the objects original rights if (RightsOp == Add || RightsOp == Revoke) { TrusteeInfo.sequenceNumber = 0L; IterHandle = 0; // Get rights for the path while (NWIntScanForTrustees (ConnHandle, 0, DosPath, &IterHandle, &NumEntries, &TrusteeInfo, 0) == 0) { for (i=0;i<20;i++) { // Scan for given trustee and obtain rights if (TrusteeInfo.trusteeList[i].objectID != 0L) { if ((res = NWDSMapIDToName (NDSContext, ConnHandle, TrusteeInfo.trusteeList[i].objectID, Trustee)) == 0) if (ObjectID == TrusteeInfo.trusteeList[i].objectID) ObjectRights = TrusteeInfo.trusteeList[i].objectRights; } } } } // If we are adding rights, we can simply OR the new rights with the old // which will be TR_NONE in the case of Set if (RightsOp == Add || RightsOp == Set) { for (i=0;i<strlen (Rights);i++) { if (Rights [i] == 'S' || Rights [i] == 's') ObjectRights = ObjectRights | TR_SUPERVISOR; if (Rights [i] == 'R' || Rights [i] == 'r') ObjectRights = ObjectRights | TR_READ; if (Rights [i] == 'W' || Rights [i] == 'w') ObjectRights = ObjectRights | TR_WRITE; if (Rights [i] == 'C' || Rights [i] == 'c') ObjectRights = ObjectRights | TR_CREATE; if (Rights [i] == 'E' || Rights [i] == 'e') ObjectRights = ObjectRights | TR_DELETE; if (Rights [i] == 'M' || Rights [i] == 'm') ObjectRights = ObjectRights | TR_MODIFY; if (Rights [i] == 'F' || Rights [i] == 'f') ObjectRights = ObjectRights | TR_FILE_SCAN; if (Rights [i] == 'A' || Rights [i] == 'a') ObjectRights = ObjectRights | TR_ACCESS_CTRL; } } // If we are revoking rights, we need to XOR the appropriate right with TR_ALL, and then AND it with the old rights if (RightsOp == Revoke) { for (i=0;i<strlen (Rights);i++) { if (Rights [i] == 'S' || Rights [i] == 's') ObjectRights = (TR_SUPERVISOR ^ TR_ALL) & ObjectRights; if (Rights [i] == 'R' || Rights [i] == 'r') ObjectRights = (TR_READ ^ TR_ALL) & ObjectRights; if (Rights [i] == 'W' || Rights [i] == 'w') ObjectRights = (TR_WRITE ^ TR_ALL) & ObjectRights; if (Rights [i] == 'C' || Rights [i] == 'c') ObjectRights = (TR_CREATE ^ TR_ALL) & ObjectRights; if (Rights [i] == 'E' || Rights [i] == 'e') ObjectRights = (TR_DELETE ^ TR_ALL) & ObjectRights; if (Rights [i] == 'M' || Rights [i] == 'm') ObjectRights = (TR_MODIFY ^ TR_ALL) & ObjectRights; if (Rights [i] == 'F' || Rights [i] == 'f') ObjectRights = (TR_FILE_SCAN ^ TR_ALL) & ObjectRights; if (Rights [i] == 'A' || Rights [i] == 'a') ObjectRights = (TR_ACCESS_CTRL ^ TR_ALL) & ObjectRights; } } // Call NWAddTrustee, unless we're deleting a trustee if (RightsOp != Delete) { if ((res = NWAddTrustee (ConnHandle, DirHandle, DosPath, ObjectID, ObjectRights)) != 0) return ERR_CANT_ASSIGN_RIGHTS; else return SUCCESS; } // Otherwise call NWDeleteTrustee else { if ((res = NWDeleteTrustee (ConnHandle, DirHandle, DosPath, ObjectID)) != 0) return ERR_CANT_ASSIGN_RIGHTS; else return SUCCESS; } }
int GetTrustees (NWCONN_HANDLE ConnHandle, NWDIR_HANDLE DirHandle, pnstr8 Path, nuint16 NameSpace, nuint16 SubDir, FILE* fh) { int i; // Used for iterating through trustee lists NW_ENTRY_INFO* EntryInfo; // Netware structure for file / folder info NW_ENTRY_INFO2* Children; // List of child files and folders NWET_INFO* TrusteeInfo; // Netware structure for holding a list of trustees nuint16 NumEntries; // Pointer to the number of entries returned by NDS Api functions SEARCH_SEQUENCE* Seq; // Sequence number used by NDS Api NWDSCCODE res; // Variable to store the result of functions - 0=Success nuint16 FileFlag; // Specifies a file or folder nuint32 IterHandle; // Iteration handle for NDS functions pnstr8 Trustee; // String to hold trustee name after its been converted from ObjectID pnstr8 IRights; // String represent the inherited rights filter pnstr8 Rights; // String to represent rights pnstr8 DosPath; // String to hold Path converted to Netware (DOS) notation NWDIR_HANDLE* TempDirHandle; // Temporary directory handle to use for getting subfolders pnstr8 NextPath; // String to hold the name of the subfolder EntryInfo = (NW_ENTRY_INFO*) malloc (sizeof (NW_ENTRY_INFO)); TrusteeInfo = (NWET_INFO*) malloc (sizeof (NWET_INFO)); Trustee = (pnstr8) malloc (sizeof (nstr8) * MAX_DN_CHARS+1); IRights = (pnstr8) malloc (sizeof (nstr8) * 10); Rights = (pnstr8) malloc (sizeof (nstr8) * 10); DosPath = (pnstr8) malloc (sizeof (nstr8) * 256); if (EntryInfo && TrusteeInfo && Trustee && IRights && Rights && DosPath) { // Find out whether Path is a file or folder, and get the inherited rights filter if ((res = NWGetNSEntryInfo (ConnHandle, DirHandle, Path, NW_NS_LONG, NW_NS_LONG, SA_ALL, IM_ATTRIBUTES | IM_RIGHTS | IM_NAME, EntryInfo)) != 0) printf ("NWGetNSEntryInfo returned: %d\n", res); // Print the inherited rights as a string - all the rights are ORed together to make an nuint16. if ((EntryInfo->inheritedRightsMask & TA_ALL) != TA_ALL) { strcpy (IRights, ""); if ((EntryInfo->inheritedRightsMask & TA_NONE) == TA_NONE) strcat (IRights, "S"); if ((EntryInfo->inheritedRightsMask & TA_READ) == TA_READ) strcat (IRights, "R"); if ((EntryInfo->inheritedRightsMask & TA_WRITE) == TA_WRITE) strcat (IRights, "W"); if ((EntryInfo->inheritedRightsMask & TA_CREATE) == TA_CREATE) strcat (IRights, "C"); if ((EntryInfo->inheritedRightsMask & TA_DELETE) == TA_DELETE) strcat (IRights, "E"); if ((EntryInfo->inheritedRightsMask & TA_MODIFY) == TA_MODIFY) strcat (IRights, "M"); if ((EntryInfo->inheritedRightsMask & TA_SEARCH) == TA_SEARCH) strcat (IRights, "F"); if ((EntryInfo->inheritedRightsMask & TA_OWNERSHIP) == TA_OWNERSHIP)strcat (IRights, "A"); // printf ("%s\t%s\t/F\n", Path, IRights); DisplayOutput (Path, IRights, "/F", SUCCESS, NULL); if (fh) fprintf (fh,"RIGHTS \"%s\" %s /F\n", Path, IRights); } // Get the short path name, as NWIntScanForTrustees will only work with the default name space if ((res = GetShortPath (ConnHandle, DirHandle, Path, NameSpace, DosPath, 256, &FileFlag)) != 0) { printf ("GetShortPath returned: %d\n", res); return 1; } IterHandle = 0; // Iteratively scan for trustees until there are no more while (NWIntScanForTrustees (ConnHandle, 0, DosPath, &IterHandle, &NumEntries, TrusteeInfo, 0) == 0) { // arrays of 20 trustees are returned for (i=0;i<20;i++) { // if an entry hasn't been populated, it is set to 0L if (TrusteeInfo->trusteeList[i].objectID != 0L) { // An object id is returned representing a trustee, so convert to a string if ((res = NWDSMapIDToName (NDSContext, ConnHandle, TrusteeInfo->trusteeList[i].objectID, Trustee)) != 0) printf ("NWDSMapIDToName returned: %d\n", res); else { // Convert the rights to a string, again rights are ORed together strcpy (Rights, ""); if ((TrusteeInfo->trusteeList[i].objectRights & TR_SUPERVISOR) == TR_SUPERVISOR) strcat (Rights, "S"); if ((TrusteeInfo->trusteeList[i].objectRights & TR_READ) == TR_READ) strcat (Rights, "R"); if ((TrusteeInfo->trusteeList[i].objectRights & TR_WRITE) == TR_WRITE) strcat (Rights, "W"); if ((TrusteeInfo->trusteeList[i].objectRights & TR_CREATE) == TR_CREATE) strcat (Rights, "C"); if ((TrusteeInfo->trusteeList[i].objectRights & TR_DELETE) == TR_DELETE) strcat (Rights, "E"); if ((TrusteeInfo->trusteeList[i].objectRights & TR_MODIFY) == TR_MODIFY) strcat (Rights, "M"); if ((TrusteeInfo->trusteeList[i].objectRights & TR_FILE_SCAN) == TR_FILE_SCAN) strcat (Rights, "F"); if ((TrusteeInfo->trusteeList[i].objectRights & TR_ACCESS_CTRL) == TR_ACCESS_CTRL) strcat (Rights, "A"); //printf ("%s\t%s\t/NAME=%s\n", Path, Rights, Trustee); DisplayOutput (Path, Rights, Trustee, SUCCESS, NULL); if (fh) fprintf (fh,"RIGHTS \"%s\" %s /NAME=\"%s\"\n", Path, Rights, Trustee); } } } } // If we're examining a directory, then scan files and folder within the directory // NOTE: all the variable assigned here are malloc'ed so that only the pointers go on the stack // in recursive calls. I changed this because I was getting some stack overflow problems // on large directory structure on NW5.1 // added a check to see if the NLM was exiting via the sig handler - if it is, stop processing and clean up if (((EntryInfo->attributes & A_DIRECTORY) == A_DIRECTORY) && (SubDir != 0) && (NlmExiting == FALSE)) { Children = (NW_ENTRY_INFO2*) malloc (sizeof (NW_ENTRY_INFO2)); Seq = (SEARCH_SEQUENCE*) malloc (sizeof (SEARCH_SEQUENCE)); TempDirHandle = (NWDIR_HANDLE*) malloc (sizeof (NWDIR_HANDLE)); if (Children && Seq && TempDirHandle) { if ((res = NWAllocTempNSDirHandle2 (ConnHandle, DirHandle, Path, NW_NS_LONG, TempDirHandle, NW_NS_LONG)) != 0) printf ("NWAllocTempNSDirHandle2 returned: %d\n", res); Seq->searchDirNumber = -1; while (NWScanNSEntryInfo2 (ConnHandle, *TempDirHandle, NW_NS_LONG, SA_ALL, Seq, "*" ,IM_NAME, Children) == 0) { if ((NextPath = (char*) malloc (sizeof (char) * (strlen (Children->entryName) + strlen (Path) + 2))) == NULL) printf ("Couldn't allocate memory\n"); else { strcpy (NextPath, Path); strcat (NextPath, "\\"); strcat (NextPath, Children->entryName); // Iterativly call GetTrustees on subfolders GetTrustees (ConnHandle, 0, NextPath, NameSpace, SubDir, fh); free (NextPath); } } NWDeallocateDirectoryHandle (ConnHandle, *TempDirHandle); } if (Children) free (Children); if (Seq) free (Seq); if (TempDirHandle) free (TempDirHandle); } } // cleanup if (EntryInfo) free (EntryInfo); if (TrusteeInfo) free (TrusteeInfo); if (Trustee) free (Trustee); if (IRights) free (IRights); if (Rights) free (Rights); if (DosPath) free (DosPath); return 0; }