Exemplo n.º 1
0
STATUS
CS_scb_index(i4 msg,
	     PTR cdata,
	     i4  linstance,
	     char *instance, 
	     PTR *instdata )
{
    STATUS stat = OK;
    PTR ptr;

# ifdef OS_THREADS_USED
    CS_synch_lock( &Cs_srv_block.cs_scb_mutex );
# endif /* OS_THREADS_USED */
    switch( msg )
    {
    case MO_GET:
	if( OK == (stat = CS_get_block( instance,
				       Cs_srv_block.cs_scb_ptree,
				       &ptr ) ) )
	    *instdata = (PTR) CS_find_scb((CS_SID) ptr);
	break;

    case MO_GETNEXT:
	if( OK == ( stat = CS_nxt_block( instance,
					Cs_srv_block.cs_scb_ptree,
					&ptr ) ) )
	{
	    *instdata = (PTR) CS_find_scb((CS_SID) ptr);
	    stat = MOptrout( MO_INSTANCE_TRUNCATED,
			      ptr,
			      linstance,
			      instance );
	}
	break;

    default:
	stat = MO_BAD_MSG;
	break;
    }
# ifdef OS_THREADS_USED
    CS_synch_unlock( &Cs_srv_block.cs_scb_mutex );
# endif /* OS_THREADS_USED */
    return( stat );
}
Exemplo n.º 2
0
STATUS
CS_scb_index(i4 msg,
	     PTR cdata,
	     i4 linstance,
	     char *instance, 
	     PTR *instdata )
{
    STATUS stat = OK;
    PTR ptr;

    switch( msg )
    {
    case MO_GET:
	if( OK == (stat = CS_get_block( instance,
				       Cs_srv_block.cs_scb_ptree,
				       &ptr ) ) )
	    *instdata = (PTR) CS_find_scb((CS_SID) ptr);
	break;

    case MO_GETNEXT:
	if( OK == ( stat = CS_nxt_block( instance,
					Cs_srv_block.cs_scb_ptree,
					&ptr ) ) )
	{
            *instdata = (PTR) CS_find_scb((CS_SID) ptr);
            stat = MOptrout( MO_INSTANCE_TRUNCATED,
                              ptr,
			      linstance,
			      instance );
	}
	break;

    default:
	stat = MO_BAD_MSG;
	break;
    }
    return( stat );
}
Exemplo n.º 3
0
STATUS
CS_mod_session(char *uns_decimal_session, CS_SCB ** scbp)
{
	u_i4            scb_as_ulong;
	CS_SCB         *an_scb;
	CS_SCB         *scan_scb;
	STATUS          stat;
	CS_SCB         *this_scb;
        bool           blFound = FALSE;

	CSget_scb(&this_scb);
	CS_str_to_uns(uns_decimal_session, &scb_as_ulong);
	an_scb = (CS_SCB *) scb_as_ulong;

	for (scan_scb = Cs_srv_block.cs_known_list->cs_next;
	     scan_scb && scan_scb != Cs_srv_block.cs_known_list;
	     scan_scb = scan_scb->cs_next) {
		if (scan_scb == an_scb)
                {
                        blFound = TRUE;
			break;
                }
	}

	if ((!blFound) && ((an_scb = CS_find_scb(an_scb)) == 0)) {
		/* FIXME -- real error status */
		/* "Invalid session id" */

		stat = MO_NO_INSTANCE;
	} else if ((MEcmp(an_scb->cs_username, this_scb->cs_username,
			  sizeof(an_scb->cs_username)))) {
		/* FIXME -- better error */
		/* "Superuser or owner status required to modify sessions" */

		stat = MO_NO_WRITE;
	} else {
		*scbp = an_scb;
		stat = OK;
	}
	return (stat);
}
Exemplo n.º 4
0
static STATUS
CS_mod_session( char *uns_decimal_session, CS_SCB **scbp )
{
    u_i4 scb_as_ulong;
    CS_SID an_sid;
    CS_SCB *an_scb;
    STATUS stat;
    CS_SCB *this_scb;
    
    CSget_scb(&this_scb);

    CS_str_to_uns( uns_decimal_session, &scb_as_ulong );
    an_sid = (CS_SID)scb_as_ulong;
    
    an_scb = CS_find_scb(an_sid);

    if (an_scb == NULL)
    {
	/* FIXME -- real error status */
	/* "Invalid session id" */

	stat = MO_NO_INSTANCE;
    }
    else if ((MEcmp(an_scb->cs_username, this_scb->cs_username,
		    sizeof(an_scb->cs_username))))
    {
	/* FIXME -- better error */
	/* "Superuser or owner status required to modify sessions" */

	stat = MO_NO_WRITE;
    }
    else
    {
	*scbp = an_scb;
	stat = OK;
    }
    return( stat );
}
Exemplo n.º 5
0
/*{
** Name: GM_gcmsend	- make GCa_call for GCM request.
**
** Description:
**	Makes the call...
**
** Re-entrancy:
**	yes.
**
** Inputs:
**	conn		the connect block with the prepared message to send.
**
** Outputs:
**	conn
**
** Returns:
**	E_DB_OK
**	E_DB_ERROR
**
** History:
**	8-oct-92 (daveb)
**	    created.
**	12-Nov-1992 (daveb)
**	    Need GCA_ALT_EXIT for our completiong routien to be seen.
**	    Add fs_parms var to simplify debugging.
**	14-Nov-1992 (daveb)
**	    take *cl_stat to fill in.
**	20-Nov-1992 (daveb)
**	    Put in more TRdisplay error logging, to fix later.
**	2-Dec-1992 (daveb)
**	    Check for server failed in quick abort case.  Trying to avoid
**	    lots of errors re-connectiong to non-gcm servers.
**	08-sep-93 (swm)
**	    Changed sid type from i4 to CS_SID to match recent CL
**	    interface revision.
**	20-jul-95 (canor01)
**	    pass the SCB to IIGCa_call() instead of the SID
*/
static DB_STATUS
GM_gcmsend( GM_CONN_BLK *conn, STATUS *cl_stat )
{
    DB_STATUS	db_stat;
    CS_SID	sid;
    i4		resume = 0;
    STATUS	local_status;
    GCA_FS_PARMS	*fs_parms = &conn->conn_fs_parms;
    GM_PLACE_BLK	*place = conn->conn_place;

    conn->conn_state = GM_CONN_GCM_WORKING;
    CSget_sid(&sid);
    
    GM_incr( &GM_globals.gwm_stat_sem, &GM_globals.gwm_gcm_sends );

    if( place->place_type == GM_PLACE_SRVR &&
       ((place->place_srvr.srvr_flags & GCA_RG_MIB_MASK) == 0 ||
       place->place_srvr.srvr_state == GM_SRVR_FAILED ))
    {
	/* nothing can be had from this server.  We did a lot of
	   setup work for nothing. FIXME -- move this test higher up? */

	conn->conn_rsb->response.err_element = 0;
	conn->conn_rsb->response.status = *cl_stat = MO_NO_INSTANCE;
	conn->conn_state = GM_CONN_EMPTIED;
	return( E_DB_ERROR );
    }

    do
    {
	*cl_stat = IIGCa_call(GCA_FASTSELECT,
			      (GCA_PARMLIST *)fs_parms,
			      GCA_ASYNC_FLAG | GCA_ALT_EXIT | resume,
			      (PTR)CS_find_scb(sid),
			      (i4) -1,
			      &local_status );
	
	if (*cl_stat != OK)
	{
	    /* "GWM Internal error:  Error making gcm send to %0c" */
	    GM_1error( (GWX_RCB *)0, E_GW8042_GCA_CALL, GM_ERR_INTERNAL,
		      0, (PTR)conn->conn_rsb->request.place );
	    GM_error( *cl_stat );
	    conn->conn_state = GM_CONN_ERROR;
	}
	else
	{
	    /* wait for completion routine to wake us */

	    *cl_stat = CSsuspend(CS_BIO_MASK, 0, 0);
	    if (*cl_stat != OK)
	    {
		/* "GWM Internal error:  CSsuspend problem" */
		GM_error( E_GW8043_CS_SUSPEND );
		GM_error( *cl_stat );
		conn->conn_state = GM_CONN_ERROR;
	    }
	    else		/* completion handler called */
	    {
		switch ( *cl_stat = conn->conn_fs_parms.gca_status )
		{
		case OK:

		    resume = 0;
		    conn->conn_state = GM_CONN_GCM_DONE;
		    break;
		    
		case E_GCFFFE_INCOMPLETE:

		    GM_incr( &GM_globals.gwm_stat_sem,
			    &GM_globals.gwm_gcm_reissues );
		    resume = GCA_RESUME;
		    break;

		case E_GC0032_NO_PEER:

		    resume = 0;

		    /* "GWM Internal error:  Got 'no peer' to %0c (%1c %2x)" */
		    GM_3error( (GWX_RCB *)0, E_GW8044_NO_PEER,
			      GM_ERR_INTERNAL,
			      0, place->place_key,
			      0, place->place_srvr.srvr_class,
			      sizeof(place->place_srvr.srvr_flags),
			      (PTR)&place->place_srvr.srvr_flags );
		    GM_error( *cl_stat );
		    conn->conn_state = GM_CONN_ERROR;
		    break;

		default:

		    resume = 0;

		    /* "GWM Internal error:
		       GCM completion error to %0c (%1c %2x)" */
		    GM_3error( (GWX_RCB *)0, E_GW8045_GCA_COMPLETION,
			      GM_ERR_INTERNAL,
			      0, (PTR)place->place_key,
			      0, (PTR)place->place_srvr.srvr_class,
			      sizeof(place->place_srvr.srvr_flags),
			      (PTR)&place->place_srvr.srvr_flags );
		    GM_error( *cl_stat );
		    conn->conn_state = GM_CONN_ERROR;
		    place->place_srvr.srvr_state = GM_SRVR_FAILED;
		    break;
		}
	    }
	}
    } while( resume != 0 );
    
    db_stat = (*cl_stat == OK) ? E_DB_OK : E_DB_ERROR;

    return( db_stat );
}
Exemplo n.º 6
0
/*
** Name: scs_check_external_password 
**
** Description:
**	Check the external password for a role
**
** Inputs:
**	scb 		- SCB
**
** 	authname 	- Role/User name being checked
**
**	password 	- Role/User password
**
**	auth_role	- TRUE if authenticating a role
**
** Returns:
**	E_DB_OK - Access is allowed
**
**	E_DB_WARN - Access is denied
**
**	E_DB_ERROR - Failure determining access
**
** History:
**	9-mar-94 (robf)
**		Created
**	11-mar-94 (robf)
**           Distinguish between access disallowed and some other
**	     error. Add SCF activity in case auth. server take a while
**	15-mar-94 (robf)
**	     Rework to allow for user or role authentication, add
**	     parameter auth_role. Make routine external, 
**	     name scs_check_external_password, and move to scseauth.c
**      22-mar-1996 (stial01)
**          Cast length passed to sc0m_allocate to i4.
**	16-jul-96 (stephenb)
**	    Add effective user to parameter list and pass to authentication
**	    server (fix primarily for ICE authentication, but useful 
**	    information for the user anyway).
**	16-Nov-1998 (jenjo02)
**	    When suspending on BIO read, use CS_BIOR_MASK.
*/
DB_STATUS
scs_check_external_password (
	SCD_SCB *scb, 
	DB_OWN_NAME *authname, 
	DB_OWN_NAME *e_authname,
	DB_PASSWORD *password,
	bool	    auth_role
)
{
    DB_STATUS 	status = E_DB_WARN;
    STATUS    	cl_stat;
    STATUS    	local_status;
    char 	pmname[64];
    char 	*pmvalue;
    char  	target[64];
    GCA_FS_PARMS fs_parms; 
    SCS_REBUFF   *re_buff = NULL;
    char	 *work_buff;
    i4		 resume = 0;
    CS_SID	 sid;
    PTR		 save_data_area;
    char	 *q;
    char	 *gcmvalue;
    i4	 	 error_index;
    i4	 error_status;
    char	 *act_string;
    char	 blank_string[32] = "";

    for (;;)
    {
	
	if (auth_role)
		act_string = "Validating external role password";
	else
		act_string = "Validating external user password";

	MEcopy((PTR)act_string, STlength(act_string),
				scb->scb_sscb.sscb_ics.ics_act1);
	scb->scb_sscb.sscb_ics.ics_l_act1 = (i4)STlength(act_string);
	/*
	** Find the authentication mechanism for this role
	*/
	if (auth_role)
	{
	    STprintf(pmname, "ii.$.secure.role_auth.%*s",
		scs_trimwhite(sizeof(*authname),
			(char*)authname), 
		(char*)authname);
	}
	else
	{
	    STprintf(pmname, "ii.$.secure.user_auth.%*s",
		scs_trimwhite(sizeof(*authname),
			(char*)authname), 
		(char*)authname);
	}
	cl_stat = PMget(pmname, &pmvalue);
	if (cl_stat != OK)
	{
	        sc0e_put(E_SC035A_EXTPWD_NO_AUTH_MECH, 0, 1,
		         scs_trimwhite(sizeof(*authname),
			      (char*)authname),
			(PTR)authname,
			0, (PTR)0,
			0, (PTR)0,
			0, (PTR)0,
			0, (PTR)0,
			0, (PTR)0 );
		status = E_DB_ERROR;
		break;
	}
	/*
	** Now we know the target mechanism, set up target destination
	**
	** Legal values are either 'value' which maps to value/authsvr
	** or @value which is sent untranslated. 
	*/
	if (*pmvalue != '@')
		STprintf(target,"%s/authsvr",pmvalue);
	else
		STprintf(target,"%s", pmvalue+1);
	/*
	** Allocate buffer for processing the request
	*/
        status = sc0m_allocate(SCU_MZERO_MASK,
		    (i4)sizeof(SCS_REBUFF),
		    DB_SCF_ID,
		    (PTR)SCS_MEM,
		    SCRE_TAG,
		    (PTR*)&re_buff);
        if (status != E_DB_OK)
        {
		/* sc0m_allocate puts error codes in return status */
		sc0e_0_put(status, 0);
		status = E_DB_ERROR;
		break;
    	}
	work_buff = re_buff->work_buff;
	gcmvalue = re_buff->gcmvalue;

	CSget_sid(&sid);

	save_data_area = work_buff;
	/*
	** Build the fastselect request
	*/
	fs_parms.gca_user_name = NULL;
	fs_parms.gca_password = NULL;
	fs_parms.gca_account_name = NULL;
	fs_parms.gca_completion = cep_complete;
	fs_parms.gca_closure = NULL;
	fs_parms.gca_peer_protocol = GCA_PROTOCOL_LEVEL_61;
	fs_parms.gca_partner_name = target;
	fs_parms.gca_modifiers = GCA_RQ_GCM;
	fs_parms.gca_buffer = work_buff;
	fs_parms.gca_b_length = RQ_BUFF_SIZE;
	fs_parms.gca_message_type = GCM_SET;

	q = save_data_area;
	q += sizeof(i4);	/* Past error_status */
	q += sizeof(i4);	/* Past error_index */
	q += sizeof(i4);	/* Past future[0] */
	q += sizeof(i4);	/* Past future[1] */
	q += gcm_put_int(q, -1);/* Client perms */
	q += gcm_put_int(q, 1); /* Row count */
	q += gcm_put_int(q, 1); /* Element count */
	if (auth_role)
	    q += gcm_put_str(q, "exp.scf.auth_server.role_authenticate"); /* Class id */
	else
	    q += gcm_put_str(q, "exp.scf.auth_server.user_authenticate"); /* Class id */
	q += gcm_put_str(q, "0"); 		  /* Instance */
	/*
	** Now build the value.
	** This consists of:
	** Role:
	**  flag 	 - 4 byte integer, currently 0
	**  real user 	 - 32 byte blank-padded
	**  effective user - 32 byte blank-padded
	**  role         - 32 byte blank-padded
	**  password     - 24 byte blank-padded
	** User:
	**  flag 	 - 4 byte integer, currently 1
	**  real user 	 - 32 byte blank-padded
	**  effective user - 32 byte blank-padded
	**  password     - 24 byte blank-padded
	** These are all padded into a single GCM value.
	** Note: This assumes no NULL values in any of the fields.
	*/
	if (auth_role)
	{
	    STprintf(gcmvalue,"%-4.4s%32.32s%32.32s%32.32s%-24.24s",
		"0",
		(char*)&scb->scb_sscb.sscb_ics.ics_rusername,
		e_authname ? (char*)e_authname : blank_string,
		(char*)authname,
		(char*)password);
	}
	else
	{
	    STprintf(gcmvalue,"%-4.4s%32.32s%32.32s%-24.24s",
		"1",
		(char*)authname,
		e_authname ? (char*)e_authname : blank_string,
		(char*)password);
	}
	q += gcm_put_str(q, gcmvalue );	  	  /* Value */
	fs_parms.gca_msg_length = (i4)(q - save_data_area);
	break;
    }

    /*
    ** Now do the fastselect
    */
    resume = 0;
    if (status == E_DB_OK)
    do 
    {

	cl_stat = IIGCa_call(GCA_FASTSELECT,
			(GCA_PARMLIST *)&fs_parms,
			GCA_ASYNC_FLAG | GCA_ALT_EXIT | resume,
			(PTR)CS_find_scb(sid),
			(i4) -1,
			&local_status);
        if (cl_stat != OK)
        {
	    sc0e_0_put(cl_stat, 0);
	    sc0e_0_put(E_SC0357_EXTPWD_GCA_FASTSELECT, 0);
	    status = E_DB_ERROR;
	    break;
        }
        else
        {
            /* wait for completion routine to wake us */
            cl_stat = CSsuspend(CS_BIOR_MASK, 0, 0);
            if (cl_stat != OK)
            {
	        sc0e_0_put(cl_stat, 0);
	        sc0e_0_put(E_SC0356_EXTPWD_GCA_CSSUSPEND, 0);
	        status = E_DB_ERROR;
		resume = 0;
		break;
            }
            else                /* completion handler called */
            {
                switch ( cl_stat = fs_parms.gca_status )
                {
                case OK:

                    resume = 0;
                    break;

                case E_GCFFFE_INCOMPLETE:

                    resume = GCA_RESUME;
                    break;

                case E_GC0032_NO_PEER:
		case E_GC0138_GCN_NO_SERVER:
		case E_GC0139_GCN_NO_DBMS:

                    resume = 0;

		    sc0e_put(E_SC0355_EXTPWD_GCA_NOPEER, 0, 2,
				 scs_trimwhite(sizeof(*authname),
				      (char*)authname),
				(PTR)authname,
				(i4)STlength(target),
				(PTR)target,
		     		0, (PTR)0,
		     		0, (PTR)0,
		     		0, (PTR)0,
		     		0, (PTR)0 );
		    status = E_DB_ERROR;
                    break;

                default:

                    resume = 0;

	       	    sc0e_0_put(cl_stat, 0);
		    sc0e_0_put(E_SC0354_EXTPWD_GCA_COMPLETION, 0);
		    status = E_DB_ERROR;
                    break;
                }
            }
        }
    } while( resume != 0 );
    /*
    ** Check if select worked OK, if not skip to the end
    */
    if (status == E_DB_OK)
    {
	/*
	** Got result of fastselect, so unpack and see what happened
	*/
	q = save_data_area;
	q += gcm_get_int(q, &error_status);
	q += gcm_get_int(q, &error_index);
	if (error_status != 0)
	{
	   if (error_index == -1)
	   {
	       	sc0e_0_put(error_status, 0);
		sc0e_0_put(E_SC0359_EXTPWD_GCM_ERROR, 0);
	        status = E_DB_ERROR;
	   }
	   else
	   {
		/* Access is denied */
		status = E_DB_WARN;
	    }
	}
	else
	{
		/* Access is allowed */
		status = E_DB_OK;
	}
    }

    /* Reset activity */
    scb->scb_sscb.sscb_ics.ics_l_act1 = 0;

    /*
    ** Free buffer if allocated
    */
    if (re_buff)
    {
	if (sc0m_deallocate(0, (PTR *) &re_buff) != E_DB_OK)
	{
	    sc0e_0_put(status, 0);
	}
    }
    return(status);
}