Jason Aller Floppy Collection

home *** CD-ROM | disk | FTP | other *** search

/ Jason Aller Floppy Collection / 125.img / PRO-C4.ZIP / BENCH1.ZIP / BENCH / LOGINMOD.C < prev next >

Wrap

C/C++ Source or Header | 1990-05-28 | 19.8 KB | 1,032 lines

/* ---( bench/loginmod.c )------------------------ */ /* Pro-C - Copyright (C) 1988, 1989 Vestronix Inc. */ /* Modification to this source is not supported */ /* by Vestronix Inc. */ /* All Rights Reserved */ /* ----------------------------------------------- */ /* Written JZ Jan-87 */ /* Modified Nig 30-Jan-90 */ /* ----------------------------------------------- */ /* %W% (%H% %T%) */ /* * Modifications * * 30-Jan-90 Nig - Rearranged the Change Password setup */ #include <stdio.h> #include <bench.h> #include <errno.h> #include <proc.io> #include <fileio.h> #include <dllist.h> #include <field.h> #include <passwd.h> # include <time.h> # define TRUE 1 # define FALSE 0 # define MYVER "2.0" # define MAXLOCKTRYS 10 /* * GLOBAL DEFINES */ #define USER 0 #define MODULE 1 PERMS pperms[] = { { 'a', PERM_ADD }, { 'c', PERM_CHANGE }, { 'd', PERM_DELETE }, { 'i', PERM_INQUIRE }, { 0, 0 } }; extern int ichar; /* Global INPUT_W Return Value - 0 for CR */ static int keymatch = USER; int uhand; int mhand; USER_ENT tmpuser; MOD_ENT tmpmod; USER_ENT *tmpuptr; MOD_ENT *tmpmptr; char buffer[80]; char pwdfile[128]; char pwdtmpf[128]; char pswdfile_path[128]; int tempfd; char userfield_mask[] = "xxxxxxxxxxxxxx"; FIELD userfield = { 0, 0, 1, NULL, userfield_mask, 0, NAMELEN, F_TEXT, REVVID, NORMAL, BLANK_FIELD, NULL, text_input, NULL, NULL }; char modfield_mask[] = "BQQQQQQQQQQQQQ"; FIELD modfield = { 0, 0, 1, NULL, modfield_mask, 0, MODLEN, F_TEXT, REVVID, NORMAL, BLANK_FIELD, NULL, text_input, NULL, NULL }; char pwdfield_mask[] = "!!!!!!!!"; FIELD pwdfield = { 0, 0, 1, NULL, pwdfield_mask, 0, PWDLEN, F_TEXT, REVVID, NORMAL, BLANK_FIELD, NULL, text_input, NULL, NULL }; unsigned int checkperms(prjname, argc, argv, user, password) char *prjname; int argc; char *argv[]; char *user; char *password; { unsigned int newperms = PERM_INIT; char *module; int retry; int chgflag = FALSE; int i,j; setvars(prjname); module = basename(argv[0]); /* Figure out module name from argv[0] */ /* * Input user info if not already passed to program * * -cp indicates the user wants to change his password */ if ((argc == 1) || ((argc == 2) && (!strcmp("-cp", argv[1])))) { if (argc == 2) chgflag = TRUE; input_pwd(user, password); } else { strcpy(user, argv[1]); strcpy(password, argv[2]); decrypt(password, PASSKEY); } if (chgflag) { newperms = readfile(); if (newperms == PERM_NOTMPFILE || newperms == PERM_LOCKED) { errmsg("Password change cannot be made now. Try again later."); chgflag = FALSE; newperms = PERM_INIT; } } do { newperms = passwd(pwdfile, user, password, module); retry = FALSE; /* validate user's password and determine perms in this module */ if (chgflag) /* use list operations */ { strcpy(tmpuser.user, user); strcpy(tmpuser.pwd, password); if ((newperms == PERM_INIT) && (tmpuptr = (USER_ENT *)dll_find(uhand, &tmpuser))) { if (!strcmp(tmpuser.pwd, tmpuptr->pwd)) { newperms = PERM_EXISTS; strcpy(tmpmod.mod, module); for (tmpmptr = (MOD_ENT *)dll_find(mhand, &tmpmod); tmpmptr != (MOD_ENT *)0 && (!strcmp(tmpmptr->mod, tmpmod.mod)); tmpmptr = (MOD_ENT *)dll_next(mhand)) { if (!strcmp(tmpuser.user, tmpmptr->user)) { for (j = 0; tmpmptr->perm[j]; j++) { for (i = 0; pperms[i].code; i++) if (pperms[i].code == tmpmptr->perm[j]) newperms |= pperms[i].perms; } } } } } } switch (newperms) { case PERM_NOFILE: if (chgflag) { unlink(pwdtmpf); close(tempfd); } case PERM_NOACC: errmsg("Password file \"%s\" is not readable! See system administrator.", pwdfile); break; case PERM_INVFILE: errmsg("Password file \"%s\" is invalid. See system administrator.", pwdfile); break; default: if (newperms <= PERM_NONE) { if ((retry = warning(99, "Incorrect Login.\nTry Again ?"))) input_pwd(user, password); else { if (chgflag) { unlink(pwdtmpf); close(tempfd); } } } } } while (retry); if (chgflag) { chg_win(tmpuser.user, tmpuser.pwd); dll_del(uhand); dll_add(uhand, &tmpuser, ADD_SORT); writefile(); strcpy(password, tmpuser.pwd); decrypt(password, PASSKEY); } encrypt(password, PASSKEY); return(newperms); } /* Remove the . extension from a filename */ char *basename(name) char *name; { int i,j; int len = strlen(name); buffer[79]=0; for (i = len, j = 79; ((i > 0) && (j > 0)); i--, j--) { if (name[i - 1] == '/' || name[i - 1] == '\\' || name[i - 1] == ':') break; if (name[i - 1] == '.') buffer[j - 1] = 0; else buffer[j - 1] = name[i - 1]; } #ifdef MSDOS strlwr(buffer + j); #endif return(buffer + j); } /* Create a window to input user name and password */ void input_pwd(user, password) char *user; char *password; { create_w(8, 20, 8, 40); border_w(0, NORMAL); disp_w(2, 3, NORMAL, "This Module Is Password Protected."); disp_w(3, 3, NORMAL, "Please Enter Your Password Below."); disp_w(5, 3, NORMAL, "User Name:"); disp_w(6, 3, NORMAL, "Password:"); userfield.frow = 5; userfield.fcol = 20; userfield.fhelp= 12; userfield.fbuff = tmpuser.user; *userfield.fbuff = 0; input_wx(&userfield, K_ESC, 0); if (ichar == K_ESC) { *user = '\0'; delete_w(); return; } strcpy(user, userfield.fbuff); pwdfield.frow = 6; pwdfield.fcol = 20; pwdfield.fhelp = 13; pwdfield.fbuff = password; *pwdfield.fbuff = 0; input_wx(&pwdfield, 0); delete_w(); } /* * Create window to input new password */ void chg_win(user, password) char *user; char *password; { char password2[PWDARLEN]; int conspwd = FALSE; create_w(10, 19, 6, 44); border_w(0, NORMAL); disp_w(2, 3, NORMAL, "Input New Password for"); disp_w(2, 26, NORMAL, user); disp_w(4, 3, NORMAL, "Password:"); disp_w(5, 3, NORMAL, "Password:"); /* * Input 2 passwords until they are consistent. Passwords are not * shown on the screen. */ while (ichar != K_ESC && !conspwd) { pwdfield.frow = 4; pwdfield.fcol = 20; pwdfield.fhelp = 14; pwdfield.fbuff = password; *password = 0; while (!*password) input_wx(&pwdfield, K_ESC, 0); if (ichar != K_ESC) { encrypt(password, PASSKEY); pwdfield.frow = 5; pwdfield.fcol = 20; pwdfield.fhelp = 1; pwdfield.fbuff = password2; *password2 = 0; while (!*password2) input_wx(&pwdfield, K_ESC, 0); encrypt(password2, PASSKEY); } if (ichar != K_ESC) { conspwd = (!bytecmp(password, password2, PWDLEN)); if (!conspwd) errmsg("Passwords were not consistent. Please re-enter."); } } delete_w(); } /* * Parse through password file to validate user and password and obtain * the user's coded permissions in module */ unsigned int passwd(file, user, pswd, module) char *file; char *user; char *pswd; char *module; { FILE *fp; unsigned int perms = PERM_INIT; char *ptr; int c; int pswd_ok = FALSE; if (!access(file, 04)) { if (fp = fopen(file, "r")) { if (validfile(fp)) { for (;;) { /* investigate the first non-space on the line */ c = eatspace(fp); /* end of file */ if (c == EOF && feof(fp)) break; /* is this a comment or empty line ? */ if (c == '#' || c == '\n') eatline(fp); /* should be a good line */ else { ptr = parsename(fp); switch (strlen(ptr) == 1 && eatspace(fp) == ':' ? ptr[0] : '#') { case '0': if (pswd_ok) eatline(fp); else pswd_ok = parseuser(fp, user, pswd); break; case '1': if (pswd_ok) perms |= parseperms(fp, user, module); else eatline(fp); break; default: eatline(fp); break; } } } if (!pswd_ok) perms |= PERM_NONE; } else perms = PERM_INVFILE; fclose(fp); } else perms = PERM_NOACC; } else { if (errno == ENOENT) perms = PERM_NOFILE; else perms = PERM_NOACC; } return(perms); } /* * Parse the string in the filestream only allowing name characters * ie. only alpha, numeric, or '_' characters allowed * Returns pointer to static buffer where name is stored. */ char *parsename(fp) FILE *fp; { int len, c; eatspace(fp); len = 0; c = getc(fp); while ( isalnum(c) || c == '_') { if (len < sizeof(buffer) - 1) buffer[len++] = (char) c; c = getc(fp); } buffer[len] = 0; if (c != EOF || !feof(fp)) ungetc(c, fp); return(buffer); } /* * Parse the password in the filestream */ char *parsepwd(fp) FILE *fp; { int len; for( len = 0; len < PWDLEN; buffer[len++] = getc(fp) ); return(buffer); } /* * Parse the string in the filestream up to the next ':', newline or * end-of-file. Returns pointer to static buffer in which string is * stored. */ char *parsestr(fp) FILE *fp; { int len, pos, c; eatspace(fp); len = pos = 0; while ((c = getc(fp)), (c != ':' && c != '\n' && (c != EOF || !feof(fp)))) if (len < sizeof(buffer) - 1) { buffer[len++] = (char) c; if (c != ' ' && c != '\t') pos = len; } buffer[pos] = 0; if (c != EOF || !feof(fp)) ungetc(c, fp); return(buffer); } /* * Advance the filestream pointer to the next non-space character */ int eatspace(fp) FILE *fp; { int c; while ((c = getc(fp)) == ' ' || c == '\t') ; if (c != EOF || !feof(fp)) ungetc(c, fp); return(c); } /* * Advance the filestream pointer to the next line */ int eatline(fp) FILE *fp; { int c; while ((c = getc(fp)), c != '\n' && (c != EOF || !feof(fp))) ; return(c); } /* * Parse a user line in the password file returning TRUE if the input * user and password match those in the password file line. */ int parseuser(fp, user, pswd) FILE *fp; char *user; char *pswd; { char *tmp; char pout[PWDARLEN]; int pswd_ok = FALSE; getc(fp); tmp = parsename(fp); if (tmp && *tmp && eatspace(fp) == ':' && !strcmp(user, tmp)) { getc(fp); tmp = parsepwd(fp); decrypt(tmp, PASSKEY); strcpy(pout, tmp); if (tmp && *tmp) pswd_ok = (strcmp(pswd, pout) == 0); getc(fp); tmp = parsestr(fp); } eatline(fp); return(pswd_ok); } /* * Parse a module line in the password file. * If the user and module given match those found in the line, the coded * permissions are returned. Otherwise, the code for PERM_EXISTS is * returned. */ unsigned int parseperms(fp, user, module) FILE *fp; char *user; char *module; { char *tmp, *ptr; int c, i; unsigned int tmpperms, perms = PERM_EXISTS; getc(fp); tmp = parsename(fp); /* Only continue if modules match */ if (tmp && *tmp && eatspace(fp) == ':' && !strcmp(module, tmp)) { getc(fp); tmp = parsestr(fp); if (tmp && *tmp && eatspace(fp) == ':') { getc(fp); tmpperms = PERM_EXISTS; /* Read in perms, convert them to an int, and store for later */ for (ptr = tmp; *ptr; ptr++) { c = *ptr; c = isupper(c) ? tolower(c) : c; for (i = 0; pperms[i].code; i++) if (pperms[i].code == (char) c) tmpperms |= pperms[i].perms; } for (;;) /* Parse through all associated users */ { tmp = parsename(fp); if (!tmp || !*tmp) break; else if (!strcmp(user, tmp)) /* Continue only if user names match */ { perms = tmpperms; break; } if (eatspace(fp) == ',') getc(fp); else break; } } } eatline(fp); return(perms); } /* * Read the password file into 2 lists - a user list and a module list */ int readfile() { FILE *fp; int c; char *ptr; int stat = PERM_INIT; int i; tempfd = TCRT_FILE(pwdtmpf); for (i = 0; i < MAXLOCKTRYS && tempfd < 0 && errno == EEXIST; i++) tempfd = TCRT_FILE(pwdtmpf); if (tempfd < 0) { if (errno == EEXIST) stat = PERM_LOCKED; else stat = PERM_NOTMPFILE; } else { if (!access(pwdfile, 06)) { if (fp = fopen(pwdfile, "r")) { if (validfile(fp)) { zerorec(tmpuser.user, NAMEARLEN); zerorec(tmpuser.pwd, PWDARLEN); zerorec(tmpmod.mod, MODARLEN); zerorec(tmpmod.perm, PERMARLEN); zerorec(tmpmod.user, NAMEARLEN); uhand = dll_open(usercmp, sizeof(USER_ENT)); mhand = dll_open(modcmp, sizeof(MOD_ENT)); for (;;) { /* investigate the first non-space on the line */ c = eatspace(fp); /* end of file */ if (c == EOF && feof(fp)) break; /* is this a comment or empty line ? */ if (c == '#' || c == '\n') eatline(fp); /* should be a good line */ else { ptr = parsename(fp); switch (strlen(ptr) == 1 && eatspace(fp) == ':' ? ptr[0] : '#') { case '0': getc(fp); strcpy(tmpuser.user, parsename(fp)); if (strlen(tmpuser.user) && eatspace(fp) == ':') { getc(fp); strcpy(tmpuser.pwd, parsepwd(fp)); if (strlen(tmpuser.pwd)) dll_add(uhand, &tmpuser, ADD_SORT); } eatline(fp); break; case '1': getc(fp); strcpy(tmpmod.mod, parsename(fp)); if (strlen(tmpmod.mod) && eatspace(fp) == ':') { getc(fp); strcpy(tmpmod.perm, parsename(fp)); if (strlen(tmpmod.perm) && eatspace(fp) == ':') { getc(fp); strcpy(tmpmod.user, parsename(fp)); if (strlen(tmpmod.user)) { tmpmod.writeflag = FALSE; dll_add(mhand, &tmpmod, ADD_SORT); while (eatspace(fp) == ',') { getc(fp); strcpy(tmpmod.user, parsename(fp)); if (strlen(tmpmod.user)) { tmpmod.writeflag = FALSE; dll_add(mhand, &tmpmod, ADD_SORT); } } } } } eatline(fp); break; } } } } else stat = PERM_INVFILE; fclose(fp); } else stat = PERM_NOACC; } else { if (errno == ENOENT) stat = PERM_NOFILE; else stat = PERM_NOACC; } if (stat != PERM_INIT && stat != PERM_NOFILE) { unlink(pwdtmpf); close(tempfd); } } return(stat); } /* * Determines whether the password file is valid - based on a CRC check */ int validfile(fp) FILE *fp; { #ifdef CRC int c; char *crcstr; long oldcrc; long newcrc; int valid = FALSE; long datstart = 0L; /* * Read the header information and ignore it for the crc check. * The old crc is found on the first line that isn't a comment. */ crcstr = alloc(sizeof(long) + 1); /* investigate the first non-space on the line */ c = eatspace(fp); /* is this a comment or empty line ? */ while (c == '#' || c == '\n') { eatline(fp); c = eatspace(fp); } /* end of file */ if (c == EOF && feof(fp)) valid = FALSE; else { /* should be a good line - contains the old crc */ strcpy(crcstr, parsestr(fp)); datstart = ftell(fp); oldcrc = atol(crcstr); /* * The crc calculation ignores the header since it is composed of * comments but takes the remainder of the file into account. */ newcrc = crc_calc(fp); if (oldcrc == newcrc) valid = TRUE; fflush(fp); rewind(fp); fseek(fp, datstart, 0); } return(valid); #else return(TRUE); #endif } /* * Write out the password file */ int writefile() { FILE *fp; int stat = IOGOOD; if (fp = fdopen(tempfd, "r+")) { #ifdef CRC writelist(fp); fflush(fp); rewind(fp); #endif writehdr(fp); writelist(fp); fclose(fp); unlink(pwdfile); renfile(pwdtmpf, pwdfile); chmod(pwdfile, 0666); } else { errmsg("Couldn't open file for writing."); stat = IOERROR; } return(stat); } /* * Write the lists into the password file */ void writelist(fp) FILE *fp; { fprintf(fp, "\n# Users: <0>:<user-name>:<password>\n\n"); writeusers(fp); fprintf(fp, "\n# Modules: <1>:<module-name>:<permissions>:[<name>[,<name>[...]]]\n\n"); writemods(fp); } /* * Write the password file header */ void writehdr(fp) FILE *fp; { unsigned long crc; unsigned long curtime; #ifdef CRC crc = crc_calc(fp); fflush(fp); rewind(fp); #endif fprintf(fp, "# Version %s\n", MYVER); time(&curtime); fprintf(fp, "# Last Modified: %s\n", asctime(localtime(&curtime))); #ifdef CRC l_to_a(buffer, crc, 10); fprintf(fp, "%s\n\n", buffer); #endif } /* * Write out the user list */ void writeusers(fp) FILE *fp; { for (tmpuptr = (USER_ENT *)dll_seek(uhand, 0, SEEK_SET); tmpuptr != (USER_ENT *)0; tmpuptr = (USER_ENT *)dll_next(uhand)) { fprintf(fp, "0:%s:%s\n", tmpuptr->user, tmpuptr->pwd); } } /* * Write out the module list */ void writemods(fp) FILE *fp; { MOD_ENT *curwrptr; struct dll_entry *curpos; for (curwrptr = (MOD_ENT *)dll_seek(mhand, 0, SEEK_SET); curwrptr != (MOD_ENT *)0; curwrptr = (MOD_ENT *)dll_next(mhand)) { curwrptr->writeflag = FALSE; } /* * Write multiple users with the same perms in a module on the same line */ for (curwrptr = (MOD_ENT *)dll_seek(mhand, 0, SEEK_SET); curwrptr != (MOD_ENT *)0; curwrptr = (MOD_ENT *)dll_next(mhand)) { if (curwrptr->writeflag == FALSE) { fprintf(fp, "1:%s:%s:%s", curwrptr->mod, curwrptr->perm, curwrptr->user); curwrptr->writeflag = TRUE; curpos = dll_getpos(mhand); tmpmptr = (MOD_ENT *)dll_next(mhand); while (tmpmptr != NULL && (!strcmp(tmpmptr->mod, curwrptr->mod))) { if (!cmpperms(curwrptr->perm, tmpmptr->perm)) { tmpmptr->writeflag = TRUE; fprintf(fp, ",%s", tmpmptr->user); } tmpmptr = (MOD_ENT *)dll_next(mhand); } dll_setpos(mhand, curpos); putc('\n', fp); fflush(fp); } } } void setvars(prjname) char *prjname; { search_path(prjname, pswdfile_path, ".pas"); strcpy(pwdfile, pswdfile_path); /* Build name of password file */ strcat(pwdfile, ".pas"); strcpy(pwdtmpf, pswdfile_path); /* Build name of temporary password file */ strcat(pwdtmpf, ".tmp"); } /* * User list compare function */ int usercmp(u1, u2) USER_ENT *u1, *u2; { return(strcmp(u1->user, u2->user)); } /* * Module list compare function */ int modcmp(m1, m2) MOD_ENT *m1, *m2; { return(strcmp(m1->mod, m2->mod)); } /* * compare perms - strings are equivalent as long as the same perms * occur in each string regardless of their order */ int cmpperms(perm1, perm2) char *perm1; char *perm2; { char *pos1; char *pos2; int pfound = FALSE; int match = FALSE; pos1 = perm1; pos2 = perm2; if (strlen(perm1) == strlen(perm2)) { if (!strcmp(perm1, perm2)) match = TRUE; else { /* check that every perm found in the first string also occurs * in the second string */ while (*pos1) { while (!pfound && *pos2) { if (*pos1 == *pos2) pfound = TRUE; pos2++; } if (!pfound) break; else pfound = FALSE; pos1++; pos2 = perm2; } if (!(*pos1)) match = TRUE; } } return(!match); }