NWDSCCODE nds_login(
NWDSContextHandle ctx,
const NWDSChar* objectName,
const char *objectPassword) {
NWCONN_HANDLE conn;
NWObjectID objectID;
NWObjectID pseudoID;
nuint8 rndseed[4];
nuint8* serverPublicKey;
NWDSCCODE err;
size_t pwdLen;
nuint8 pwdHash[16];
nuint8* privKey;
size_t privKeyLen;
nuint8 logindata[8];
NWDSCCODE grace_err;
wchar_t unaliasedName[MAX_DN_CHARS + 1];
NWDSContextHandle wctx;
err = __NWDSGenerateObjectKeyPairStep1(ctx, objectName,
&conn, &objectID, &pseudoID, rndseed,
&serverPublicKey);
if (err)
return err;
err = NWDSDuplicateContextHandleInt(ctx, &wctx);
if (err) {
__NWDSGenerateObjectKeyPairStep3(conn, serverPublicKey);
return err;
}
err = NWDSMapIDToName(wctx, conn, objectID, (NWDSChar*)unaliasedName);
if (err) {
NWDSFreeContext(wctx);
__NWDSGenerateObjectKeyPairStep3(conn, serverPublicKey);
return err;
}
/* compute key... */
pwdLen = strlen(objectPassword);
/* BEWARE! other NWDS*Password functions do NOT uppercase password */
__NWDSHashPasswordUpper(objectPassword, pseudoID, pwdLen, pwdHash);
grace_err = __NWDSGetPrivateKey(conn, serverPublicKey,
rndseed, objectID, pwdHash, logindata, &privKey, &privKeyLen);
__NWDSGenerateObjectKeyPairStep3(conn, serverPublicKey);
if (!grace_err || grace_err == NWE_PASSWORD_EXPIRED) {
err = NWDSSetKeys(wctx, logindata, unaliasedName, privKey, privKeyLen);
memset(privKey, 0, privKeyLen);
free(privKey);
if (err)
goto err_exit;
}
err = grace_err;
err_exit:
NWDSFreeContext(wctx);
memset(logindata, 0, sizeof(logindata));
return err;
}
int TrusteeRights (NWCONN_HANDLE ConnHandle, NWDIR_HANDLE DirHandle, pnstr8 Path, nuint16 NameSpace, pnstr8 TrusteeName, pnstr8 Rights)
{
nuint32 ObjectID; // Variable to hold the Object ID (converted from TrusteeName)
nuint16 ObjectRights; // Holds the binary representation of the rights
nuint16 FileFlag; // Specifies a file or folder
NWDSCCODE res; // Holds NDS Api return codes
nuint32 IterHandle; // Iterator handle for internal use by NDS Api
nuint16 NumEntries; // Number of entries returned by NWIntScanForTrustees
NWET_INFO TrusteeInfo; // Array of trustees and rights
nstr8 DosPath [256]; // String to represent DOS path
nstr8 Trustee [MAX_DN_CHARS + 1]; // String to hold trustee
TrusteeRightsOp RightsOp; // Stores which operation were carrying out for if statements
int i; // Used for iterating through trustee array
// Get the short path name
if ((res = GetShortPath (ConnHandle, DirHandle, Path, NameSpace, DosPath, 256, &FileFlag)) != 0)
return ERR_FILE_INFO;
ObjectRights = TR_NONE;
// Work out which operation were doing - + indicate adding, - is revoking, REM is deleting, anything else is assign
if (Rights [0] == '+')
RightsOp = Add;
else if (Rights [0] == '-')
RightsOp = Revoke;
else if (stricmp (Rights, "REM") == 0)
RightsOp = Delete;
else
RightsOp = Set;
// COnvert Trustee to an ObjectID
if ((res = NWDSMapNameToID (NDSContext, ConnHandle, TrusteeName, &ObjectID)) != 0)
return ERR_TRUSTEE_TO_NDS_OBJ;
// If we're adding or revoking, we need to know the objects original rights
if (RightsOp == Add || RightsOp == Revoke)
{
TrusteeInfo.sequenceNumber = 0L;
IterHandle = 0;
// Get rights for the path
while (NWIntScanForTrustees (ConnHandle, 0, DosPath, &IterHandle, &NumEntries, &TrusteeInfo, 0) == 0)
{
for (i=0;i<20;i++)
{
// Scan for given trustee and obtain rights
if (TrusteeInfo.trusteeList[i].objectID != 0L)
{
if ((res = NWDSMapIDToName (NDSContext, ConnHandle, TrusteeInfo.trusteeList[i].objectID, Trustee)) == 0)
if (ObjectID == TrusteeInfo.trusteeList[i].objectID) ObjectRights = TrusteeInfo.trusteeList[i].objectRights;
}
}
}
}
// If we are adding rights, we can simply OR the new rights with the old
// which will be TR_NONE in the case of Set
if (RightsOp == Add || RightsOp == Set)
{
for (i=0;i<strlen (Rights);i++)
{
if (Rights [i] == 'S' || Rights [i] == 's') ObjectRights = ObjectRights | TR_SUPERVISOR;
if (Rights [i] == 'R' || Rights [i] == 'r') ObjectRights = ObjectRights | TR_READ;
if (Rights [i] == 'W' || Rights [i] == 'w') ObjectRights = ObjectRights | TR_WRITE;
if (Rights [i] == 'C' || Rights [i] == 'c') ObjectRights = ObjectRights | TR_CREATE;
if (Rights [i] == 'E' || Rights [i] == 'e') ObjectRights = ObjectRights | TR_DELETE;
if (Rights [i] == 'M' || Rights [i] == 'm') ObjectRights = ObjectRights | TR_MODIFY;
if (Rights [i] == 'F' || Rights [i] == 'f') ObjectRights = ObjectRights | TR_FILE_SCAN;
if (Rights [i] == 'A' || Rights [i] == 'a') ObjectRights = ObjectRights | TR_ACCESS_CTRL;
}
}
// If we are revoking rights, we need to XOR the appropriate right with TR_ALL, and then AND it with the old rights
if (RightsOp == Revoke)
{
for (i=0;i<strlen (Rights);i++)
{
if (Rights [i] == 'S' || Rights [i] == 's') ObjectRights = (TR_SUPERVISOR ^ TR_ALL) & ObjectRights;
if (Rights [i] == 'R' || Rights [i] == 'r') ObjectRights = (TR_READ ^ TR_ALL) & ObjectRights;
if (Rights [i] == 'W' || Rights [i] == 'w') ObjectRights = (TR_WRITE ^ TR_ALL) & ObjectRights;
if (Rights [i] == 'C' || Rights [i] == 'c') ObjectRights = (TR_CREATE ^ TR_ALL) & ObjectRights;
if (Rights [i] == 'E' || Rights [i] == 'e') ObjectRights = (TR_DELETE ^ TR_ALL) & ObjectRights;
if (Rights [i] == 'M' || Rights [i] == 'm') ObjectRights = (TR_MODIFY ^ TR_ALL) & ObjectRights;
if (Rights [i] == 'F' || Rights [i] == 'f') ObjectRights = (TR_FILE_SCAN ^ TR_ALL) & ObjectRights;
if (Rights [i] == 'A' || Rights [i] == 'a') ObjectRights = (TR_ACCESS_CTRL ^ TR_ALL) & ObjectRights;
}
}
// Call NWAddTrustee, unless we're deleting a trustee
if (RightsOp != Delete)
{
if ((res = NWAddTrustee (ConnHandle, DirHandle, DosPath, ObjectID, ObjectRights)) != 0)
return ERR_CANT_ASSIGN_RIGHTS;
else
return SUCCESS;
}
// Otherwise call NWDeleteTrustee
else
{
if ((res = NWDeleteTrustee (ConnHandle, DirHandle, DosPath, ObjectID)) != 0)
return ERR_CANT_ASSIGN_RIGHTS;
else
return SUCCESS;
}
}
int GetTrustees (NWCONN_HANDLE ConnHandle, NWDIR_HANDLE DirHandle, pnstr8 Path, nuint16 NameSpace, nuint16 SubDir, FILE* fh)
{
int i; // Used for iterating through trustee lists
NW_ENTRY_INFO* EntryInfo; // Netware structure for file / folder info
NW_ENTRY_INFO2* Children; // List of child files and folders
NWET_INFO* TrusteeInfo; // Netware structure for holding a list of trustees
nuint16 NumEntries; // Pointer to the number of entries returned by NDS Api functions
SEARCH_SEQUENCE* Seq; // Sequence number used by NDS Api
NWDSCCODE res; // Variable to store the result of functions - 0=Success
nuint16 FileFlag; // Specifies a file or folder
nuint32 IterHandle; // Iteration handle for NDS functions
pnstr8 Trustee; // String to hold trustee name after its been converted from ObjectID
pnstr8 IRights; // String represent the inherited rights filter
pnstr8 Rights; // String to represent rights
pnstr8 DosPath; // String to hold Path converted to Netware (DOS) notation
NWDIR_HANDLE* TempDirHandle; // Temporary directory handle to use for getting subfolders
pnstr8 NextPath; // String to hold the name of the subfolder
EntryInfo = (NW_ENTRY_INFO*) malloc (sizeof (NW_ENTRY_INFO));
TrusteeInfo = (NWET_INFO*) malloc (sizeof (NWET_INFO));
Trustee = (pnstr8) malloc (sizeof (nstr8) * MAX_DN_CHARS+1);
IRights = (pnstr8) malloc (sizeof (nstr8) * 10);
Rights = (pnstr8) malloc (sizeof (nstr8) * 10);
DosPath = (pnstr8) malloc (sizeof (nstr8) * 256);
if (EntryInfo && TrusteeInfo && Trustee && IRights && Rights && DosPath)
{
// Find out whether Path is a file or folder, and get the inherited rights filter
if ((res = NWGetNSEntryInfo (ConnHandle, DirHandle, Path, NW_NS_LONG, NW_NS_LONG, SA_ALL, IM_ATTRIBUTES | IM_RIGHTS | IM_NAME, EntryInfo)) != 0)
printf ("NWGetNSEntryInfo returned: %d\n", res);
// Print the inherited rights as a string - all the rights are ORed together to make an nuint16.
if ((EntryInfo->inheritedRightsMask & TA_ALL) != TA_ALL)
{
strcpy (IRights, "");
if ((EntryInfo->inheritedRightsMask & TA_NONE) == TA_NONE) strcat (IRights, "S");
if ((EntryInfo->inheritedRightsMask & TA_READ) == TA_READ) strcat (IRights, "R");
if ((EntryInfo->inheritedRightsMask & TA_WRITE) == TA_WRITE) strcat (IRights, "W");
if ((EntryInfo->inheritedRightsMask & TA_CREATE) == TA_CREATE) strcat (IRights, "C");
if ((EntryInfo->inheritedRightsMask & TA_DELETE) == TA_DELETE) strcat (IRights, "E");
if ((EntryInfo->inheritedRightsMask & TA_MODIFY) == TA_MODIFY) strcat (IRights, "M");
if ((EntryInfo->inheritedRightsMask & TA_SEARCH) == TA_SEARCH) strcat (IRights, "F");
if ((EntryInfo->inheritedRightsMask & TA_OWNERSHIP) == TA_OWNERSHIP)strcat (IRights, "A");
// printf ("%s\t%s\t/F\n", Path, IRights);
DisplayOutput (Path, IRights, "/F", SUCCESS, NULL);
if (fh)
fprintf (fh,"RIGHTS \"%s\" %s /F\n", Path, IRights);
}
// Get the short path name, as NWIntScanForTrustees will only work with the default name space
if ((res = GetShortPath (ConnHandle, DirHandle, Path, NameSpace, DosPath, 256, &FileFlag)) != 0)
{
printf ("GetShortPath returned: %d\n", res);
return 1;
}
IterHandle = 0;
// Iteratively scan for trustees until there are no more
while (NWIntScanForTrustees (ConnHandle, 0, DosPath, &IterHandle, &NumEntries, TrusteeInfo, 0) == 0)
{
// arrays of 20 trustees are returned
for (i=0;i<20;i++)
{
// if an entry hasn't been populated, it is set to 0L
if (TrusteeInfo->trusteeList[i].objectID != 0L)
{
// An object id is returned representing a trustee, so convert to a string
if ((res = NWDSMapIDToName (NDSContext, ConnHandle, TrusteeInfo->trusteeList[i].objectID, Trustee)) != 0)
printf ("NWDSMapIDToName returned: %d\n", res);
else
{
// Convert the rights to a string, again rights are ORed together
strcpy (Rights, "");
if ((TrusteeInfo->trusteeList[i].objectRights & TR_SUPERVISOR) == TR_SUPERVISOR) strcat (Rights, "S");
if ((TrusteeInfo->trusteeList[i].objectRights & TR_READ) == TR_READ) strcat (Rights, "R");
if ((TrusteeInfo->trusteeList[i].objectRights & TR_WRITE) == TR_WRITE) strcat (Rights, "W");
if ((TrusteeInfo->trusteeList[i].objectRights & TR_CREATE) == TR_CREATE) strcat (Rights, "C");
if ((TrusteeInfo->trusteeList[i].objectRights & TR_DELETE) == TR_DELETE) strcat (Rights, "E");
if ((TrusteeInfo->trusteeList[i].objectRights & TR_MODIFY) == TR_MODIFY) strcat (Rights, "M");
if ((TrusteeInfo->trusteeList[i].objectRights & TR_FILE_SCAN) == TR_FILE_SCAN) strcat (Rights, "F");
if ((TrusteeInfo->trusteeList[i].objectRights & TR_ACCESS_CTRL) == TR_ACCESS_CTRL) strcat (Rights, "A");
//printf ("%s\t%s\t/NAME=%s\n", Path, Rights, Trustee);
DisplayOutput (Path, Rights, Trustee, SUCCESS, NULL);
if (fh)
fprintf (fh,"RIGHTS \"%s\" %s /NAME=\"%s\"\n", Path, Rights, Trustee);
}
}
}
}
// If we're examining a directory, then scan files and folder within the directory
// NOTE: all the variable assigned here are malloc'ed so that only the pointers go on the stack
// in recursive calls. I changed this because I was getting some stack overflow problems
// on large directory structure on NW5.1
// added a check to see if the NLM was exiting via the sig handler - if it is, stop processing and clean up
if (((EntryInfo->attributes & A_DIRECTORY) == A_DIRECTORY) && (SubDir != 0) && (NlmExiting == FALSE))
{
Children = (NW_ENTRY_INFO2*) malloc (sizeof (NW_ENTRY_INFO2));
Seq = (SEARCH_SEQUENCE*) malloc (sizeof (SEARCH_SEQUENCE));
TempDirHandle = (NWDIR_HANDLE*) malloc (sizeof (NWDIR_HANDLE));
if (Children && Seq && TempDirHandle)
{
if ((res = NWAllocTempNSDirHandle2 (ConnHandle, DirHandle, Path, NW_NS_LONG, TempDirHandle, NW_NS_LONG)) != 0)
printf ("NWAllocTempNSDirHandle2 returned: %d\n", res);
Seq->searchDirNumber = -1;
while (NWScanNSEntryInfo2 (ConnHandle, *TempDirHandle, NW_NS_LONG, SA_ALL, Seq, "*" ,IM_NAME, Children) == 0)
{
if ((NextPath = (char*) malloc (sizeof (char) * (strlen (Children->entryName) + strlen (Path) + 2))) == NULL)
printf ("Couldn't allocate memory\n");
else
{
strcpy (NextPath, Path);
strcat (NextPath, "\\");
strcat (NextPath, Children->entryName);
// Iterativly call GetTrustees on subfolders
GetTrustees (ConnHandle, 0, NextPath, NameSpace, SubDir, fh);
free (NextPath);
}
}
NWDeallocateDirectoryHandle (ConnHandle, *TempDirHandle);
}
if (Children) free (Children);
if (Seq) free (Seq);
if (TempDirHandle) free (TempDirHandle);
}
}
// cleanup
if (EntryInfo) free (EntryInfo);
if (TrusteeInfo) free (TrusteeInfo);
if (Trustee) free (Trustee);
if (IRights) free (IRights);
if (Rights) free (Rights);
if (DosPath) free (DosPath);
return 0;
}
