PC World 2003 February

home *** CD-ROM | disk | FTP | other *** search

/ PC World 2003 February / PCWorld_2003-02_cd.bin / Komunik / sambar / sambar53b3.exe / samples / source / LOGIN.C < prev next >

Wrap

C/C++ Source or Header | 2002-09-27 | 57.3 KB | 2,319 lines

/* ** LOGIN ** ** HTTP Wrapper for the Login/Logout/Profile Management Library ** ** Confidential Property of Tod Sambar ** (c) Copyright Tod Sambar 1996-1997 ** All rights reserved. ** ** ** Public Functions: ** ** login_init ** user_login ** user_logout ** user_profile ** user_add ** user_delete ** user_update ** user_passwd ** user_list ** user_select ** user_maillist ** user_mailbox ** group_add ** group_delete ** group_list ** group_select ** ftp_connect ** mail_connect ** telnet_connect ** ** ** History: ** Chg# Date Description Resp ** ---- ------- ------------------------------------------------------- ---- ** 27JAN96 Created sambar ** 29MAR97 Added user list and update functions sambar ** 30MAR97 Added FTP connection security sambar ** 10OCT97 Added user password interface sambar ** 14NOV97 Added group management sambar ** 28OCT98 Added MAIL connection security sambar */ #include <stdio.h> #include <stdlib.h> #include <memory.h> #include <string.h> #include <login.h> #ifndef WIN32 #include <string.h> #else #include <direct.h> #endif /* WIN32 */ /* ** Login RPC Commands */ typedef struct login__rpcs { SA_CHAR *name; SA_RPCPARAM *params; SA_INT numparams; SA_INT auth; SA_VOID *func; SA_CHAR *descr; } LOGIN__RPCS; static SA_RPCPARAM adduserp [] = { { "username", 1, "User login." }, { "password", 0, "User password." }, { "group", 0, "User group." }, { "name", 0, "User name." }, { "dir", 0, "Ftp/Document Manager directory of the user." }, { "makedir", 0, "Create the user directory." }, { "ftpprivs", 1, "Upload priviledges of the user." }, { "ftpmax", 1, "FTP/Document Manager maximum upload (MB)." }, { "mbox", 0, "Create a mailbox for the user." } }; static SA_RPCPARAM upduserp [] = { { "username", 1, "User login." }, { "password", 0, "User password." }, { "group", 0, "User group." }, { "name", 0, "User name." }, { "dir", 0, "Ftp/Document Manager directory of the user." }, { "makedir", 0, "Create the user directory." }, { "ftpprivs", 1, "Upload priviledges of the user." }, { "ftpmax", 1, "FTP/Document Manager maximum upload (MB)." }, { "mbox", 0, "Create a mailbox for the user." } }; static SA_RPCPARAM deluserp [] = { { "username", 1, "User login." } }; static SA_RPCPARAM userpropp [] = { { "username", 1, "User login." }, { "prop", 1, "User property: group,password,name,dir,ftpprivs,ftpmax" } }; static SA_RPCPARAM selectuserp [] = { { "username", 0, "User login." }, }; static SA_RPCPARAM addgroupp [] = { { "groupname", 1, "Symbolic name of the group." } }; static SA_RPCPARAM delgroupp [] = { { "groupname", 1, "Symbolic name of the group." } }; static SA_RPCPARAM selectgroupp [] = { { "username", 0, "User to test against group list." } }; static SA_RPCPARAM userpasswdp [] = { { "username", 1, "User login." }, { "password", 0, "Existing password for the user." }, { "newpasswd", 0, "New password for the user." }, { "confpasswd", 0, "Confirm new password." } }; static SA_RPCPARAM usermboxp [] = { { "username", 1, "User login." }, { "action", 1, "Create/Delete user mailbox." } }; static LOGIN__RPCS login_rpcs [] = { { "adduser", adduserp, sizeof(adduserp)/sizeof(SA_RPCPARAM), SA_AUTHORIZATION_ADMIN, (SA_VOID *)user_add, "Add a user to the system." }, { "upduser", upduserp, sizeof(upduserp)/sizeof(SA_RPCPARAM), SA_AUTHORIZATION_ADMIN, (SA_VOID *)user_update, "Update a user." }, { "deluser", deluserp, sizeof(deluserp)/sizeof(SA_RPCPARAM), SA_AUTHORIZATION_ADMIN, (SA_VOID *)user_delete, "Delete a user from the system." }, { "userprop", userpropp, sizeof(userpropp)/sizeof(SA_RPCPARAM), SA_AUTHORIZATION_ADMIN, (SA_VOID *)user_prop, "Get a single user attribute for display." }, { "listusers", NULL, 0, SA_AUTHORIZATION_ADMIN, (SA_VOID *)user_list, "List users for update/delete." }, { "selectuser", selectuserp,sizeof(selectuserp)/sizeof(SA_RPCPARAM), SA_AUTHORIZATION_ADMIN, (SA_VOID *)user_select, "List users for selection in a pick list." }, { "mailusers", NULL, 0, SA_AUTHORIZATION_ADMIN, (SA_VOID *)user_maillist, "List mail users for update/delete." }, { "usermbox", usermboxp, sizeof(usermboxp)/sizeof(SA_RPCPARAM), SA_AUTHORIZATION_ADMIN, (SA_VOID *)user_mailbox, "Create/Delete a user mailbox." }, { "addgroup", addgroupp, sizeof(addgroupp)/sizeof(SA_RPCPARAM), SA_AUTHORIZATION_ADMIN, (SA_VOID *)group_add, "Add a group to the system." }, { "delgroup", delgroupp, sizeof(delgroupp)/sizeof(SA_RPCPARAM), SA_AUTHORIZATION_ADMIN, (SA_VOID *)group_delete, "Delete a group from the system." }, { "listgroups", NULL, 0, SA_AUTHORIZATION_ADMIN, (SA_VOID *)group_list, "List groups for delete." }, { "selectgroup",selectgroupp, sizeof(selectgroupp)/sizeof(SA_RPCPARAM), SA_AUTHORIZATION_ADMIN, (SA_VOID *)group_select, "List groups for selection in a pick list." }, { "userpasswd", userpasswdp, sizeof(userpasswdp)/sizeof(SA_RPCPARAM), SA_AUTHORIZATION_ALL, (SA_VOID *)user_passwd, "Interface to allow users to change their password." } }; /* ** Local Prototypes */ static SA_BOOL user__inlist(SA_CHAR *list, SA_INT listlen, SA_CHAR *value, SA_INT valuelen); /* ** LOGIN_INIT ** ** Initialize the Login/Logout/Profile Interfaces for use by the ** Sambar Server plugins. ** ** ** Parameters: ** sactx Sambar Server context ** ** Returns: ** SA_SUCCEED | SA_FAIL */ SA_RETCODE SA_PUBLIC login_init(sactx) SA_CTX *sactx; { int i; /* Register the User RPCs with the server */ for (i = 0; i < sizeof(login_rpcs) / sizeof(LOGIN__RPCS); i++) { if (sa_cmd_init(sactx, login_rpcs[i].name, login_rpcs[i].params, login_rpcs[i].numparams, login_rpcs[i].auth, login_rpcs[i].descr, (SA_RPCFUNC)login_rpcs[i].func) != SA_SUCCEED) { sa_log2(sactx, SA_LOG_ERROR, "Unable to initialize User Management RPCs"); return (SA_FAIL); } } sa_log2(sactx, SA_LOG_TRACE, "Login/Logout/Profile Management Initialized"); return (SA_SUCCEED); } /* ** USER_LOGIN ** ** Login a user. Verify the username/password against the Sambar Server ** password interfaces. Store some profile information for use. ** ** Parameters: ** sactx Sambar Server Application context to release. ** saconn Sambar Server User Connection handle. ** username Name of the user logging in. ** usernamelen Length of the user name ** password Password of the user logging in. ** passwordlen Length of the password. ** infop Error return code ** ** Return Values: ** SA_SUCCESS | SA_FAIL */ SA_RETCODE SA_PUBLIC user_login(sactx, saconn, username, usernamelen, password, passwordlen, infop) SA_CTX *sactx; SA_CONN *saconn; SA_CHAR *username; SA_INT usernamelen; SA_CHAR *password; SA_INT passwordlen; SA_INT *infop; { SA_INT len; SA_INT namelen; SA_BOOL ntauth; SA_BOOL sqlauth; SA_BOOL radiusauth; SA_BOOL status; SA_BOOL usepasswd; SA_PASSWD passwd; LOGIN_PROFILE *profile; SA_CHAR name[62]; SA_CHAR buffer[512]; ntauth = 0; if (sa_ctx_props(sactx, SA_GET, SA_CTXPROP_NTAUTH, name, 30, (SA_INT *)NULL) == SA_SUCCEED) { if (stricmp(name, "true") == 0) ntauth = 1; } radiusauth = 0; if (sa_ctx_props(sactx, SA_GET, SA_CTXPROP_RADIUSAUTH, name, 30, (SA_INT *)NULL) == SA_SUCCEED) { if (stricmp(name, "true") == 0) radiusauth = 1; } sqlauth = 0; if (sa_ctx_props(sactx, SA_GET, SA_CTXPROP_SQLAUTH, name, 30, (SA_INT *)NULL) == SA_SUCCEED) { if (stricmp(name, "true") == 0) sqlauth = 1; } if (usernamelen == 0) { *infop = SA_E_INVALIDLOGIN; return (SA_FAIL); } usepasswd = 0; if ((ntauth) || (radiusauth)) { if ((sa_passwd_verify(sactx, username, usernamelen, password, passwordlen, &status) != SA_SUCCEED) || (!status)) { (SA_VOID)sa_conn_props(saconn, SA_GET, SA_CONNPROP_HOST, name, 60, &namelen); name[namelen] = '\0'; sprintf(buffer, "%sLogin for user '%s' failed - bad password [host %s]", (radiusauth ? "Radius " : (ntauth ? "NT " : "")), username, name); sa_log2(sactx, SA_LOG_WARN, buffer); *infop = SA_E_INVALIDLOGIN; return (SA_FAIL); } /* Lookup the config/password entry for overrides. */ if (sa_passwd_lookup(sactx, username, usernamelen, &passwd) == SA_SUCCEED) { usepasswd = 1; } } else if (sqlauth) { usepasswd = 1; if (sa_passwd_sqlauth(sactx, saconn, username, usernamelen, password, passwordlen, &passwd) != SA_SUCCEED) { (SA_VOID)sa_conn_props(saconn, SA_GET, SA_CONNPROP_HOST, name, 60, &namelen); name[namelen] = '\0'; sprintf(buffer, "SQL Login for user '%s' failed [host %s]", username, name); sa_log2(sactx, SA_LOG_WARN, buffer); *infop = SA_E_INVALIDLOGIN; return (SA_FAIL); } } else { usepasswd = 1; if (sa_passwd_lookup(sactx, username, usernamelen, &passwd) != SA_SUCCEED) { (SA_VOID)sa_conn_props(saconn, SA_GET, SA_CONNPROP_HOST, name, 60, &namelen); name[namelen] = '\0'; sprintf(buffer, "Login for user '%s' failed [host %s]", username, name); sa_log2(sactx, SA_LOG_WARN, buffer); *infop = SA_E_INVALIDLOGIN; return (SA_FAIL); } /* Verify the passwords are the same */ if ((passwd.passwordlen != passwordlen) || (strncmp(passwd.password, password, passwordlen) != 0)) { (SA_VOID)sa_conn_props(saconn, SA_GET, SA_CONNPROP_HOST, name, 60, &namelen); name[namelen] = '\0'; sprintf(buffer, "Login for user '%s' failed - bad password [host %s]", username, name); sa_log2(sactx, SA_LOG_WARN, buffer); *infop = SA_E_INVALIDLOGIN; return (SA_FAIL); } } /* Allocate and populate a user profile structure */ profile = (LOGIN_PROFILE *)malloc(sizeof(LOGIN_PROFILE)); if (profile == (LOGIN_PROFILE *)NULL) { sprintf(buffer, "Login for user '%s' failed - no memory", username); sa_log2(sactx, SA_LOG_WARN, buffer); *infop = SA_E_INVALIDLOGIN; return (SA_FAIL); } memset(profile, 0, sizeof(LOGIN_PROFILE)); memcpy(profile->name, username, usernamelen); profile->name[usernamelen] = '\0'; memcpy(profile->username, username, usernamelen); profile->username[usernamelen] = '\0'; strcpy(profile->dir, "/"); strcpy(profile->group, SA_DEFAULT_GROUP); profile->privs = SA_PRIV_NOACCESS; if (usepasswd) { profile->privs = passwd.privs; if (passwd.namelen > 0) { memcpy(profile->name, passwd.name, passwd.namelen); profile->name[passwd.namelen] = '\0'; } if (passwd.grouplen > 0) { memcpy(profile->group, passwd.group, passwd.grouplen); profile->group[passwd.grouplen] = '\0'; } if (passwd.dirlen > 0) { if (sa_conn_maptourl(saconn, passwd.dir, profile->dir) != SA_SUCCEED) { strcpy(profile->dir, passwd.dir); } /* Strip the trailing slash if found. */ len = strlen(profile->dir); if ((len > 1) && (profile->dir[len - 1] == '/')) profile->dir[len - 1] = '\0'; } } /* ** The DAVdir is the WebDAV/Document Manager root directory. ** If the user's profile directory is "below" the Document Directory ** we map the davdir to the Document Directory "root". */ if (sa_conn_maptodavdir(saconn, profile->dir, profile->davdir) != SA_SUCCEED) { strcpy(profile->davdir, profile->dir); } /* Load the internal server profile for the user */ (SA_VOID)sa_profile_init(sactx, username, usernamelen, &profile->data); /* Save the user's root directory for security restrictions */ if (sa_conn_props(saconn, SA_SET, SA_CONNPROP_ROOTDIR, profile->dir, SA_NULLTERM, (SA_INT *)NULL) != SA_SUCCEED) { (SA_VOID)free(profile); sa_log2(sactx, SA_LOG_ERROR, "sa_conn_key(SET, ROOTDIR) failed!"); return (SA_FAIL); } /* Save the user's upload priviledges for security restrictions */ if (sa_conn_props(saconn, SA_SET, SA_CONNPROP_PRIVS, (SA_BYTE *)&profile->privs, sizeof(SA_INT), (SA_INT *)NULL) != SA_SUCCEED) { (SA_VOID)free(profile); sa_log2(sactx, SA_LOG_ERROR, "sa_conn_key(SET, PRIVS) failed!"); return (SA_FAIL); } /* Save the user's group */ if (usepasswd) { if (sa_conn_props(saconn, SA_SET, SA_CONNPROP_GROUP, profile->group, SA_NULLTERM, (SA_INT *)NULL) != SA_SUCCEED) { (SA_VOID)free(profile); sa_log2(sactx, SA_LOG_ERROR, "sa_conn_key(SET, GROUP) failed!"); return (SA_FAIL); } } /* Save the user's profile handle with the user connection */ if (sa_conn_key(saconn, SA_SET, LOGIN_PROFILE_KEY, (SA_VOID **)profile) != SA_SUCCEED) { (SA_VOID)free(profile); sa_log2(sactx, SA_LOG_ERROR, "sa_conn_key(SET, LOGIN_PROFILE_KEY) failed!"); return (SA_FAIL); } #ifdef DEBUG (SA_VOID)sa_conn_props(saconn, SA_GET, SA_CONNPROP_HOST, name, 60, &namelen); name[namelen] = '\0'; sprintf(buffer, "%sUser '%s' logged in [host %s]", (radiusauth ? "Radius " : (sqlauth ? "SQL " : (ntauth ? "NT " : ""))), username, name); sa_log2(sactx, SA_LOG_TRACE, buffer); #endif return (SA_SUCCEED); } /* ** USER_LOGOUT ** ** Log out a user. Free profile resources. ** ** Parameters: ** sactx Sambar Server Application context to release. ** saconn Sambar Server User Connection handle. ** ** Return Values: ** SA_SUCCESS | SA_FAIL */ SA_RETCODE SA_PUBLIC user_logout(sactx, saconn) SA_CTX *sactx; SA_CONN *saconn; { SA_VOID *entry; LOGIN_PROFILE *profile; #ifdef DEBUG SA_CHAR buffer[512]; #endif /* Get the user's handle from the profile context */ if (sa_conn_key(saconn, SA_GET, LOGIN_PROFILE_KEY, (SA_VOID **)&profile) != SA_SUCCEED) { /* User never completed login */ return (SA_SUCCEED); } /* Clear the user's profile handle */ (SA_VOID)sa_conn_key(saconn, SA_CLEAR, LOGIN_PROFILE_KEY, &entry); #ifdef DEBUG sprintf(buffer, "User '%s' logged out.", profile->username); sa_log2(sactx, SA_LOG_TRACE, buffer); #endif if (profile->data != (SA_PROFILE *)NULL) { (SA_VOID)sa_profile_save(sactx, profile->data); (SA_VOID)sa_profile_exit(sactx, profile->data); } (void)free(profile); return (SA_SUCCEED); } /* ** USER_PROFILE ** ** Respond to a user profile request. ** ** Parameters: ** sactx Sambar Server Application context to release. ** saconn Sambar Server User Connection handle. ** buffer Profile attribute being queried. ** buflen Length of the profile attribute. ** data Buffer for the profile result ** Note: A maximum of 512 bytes may be written to the data buffer. ** ** Return Values: ** SA_SUCCESS | SA_FAIL */ SA_RETCODE SA_PUBLIC user_profile(sactx, saconn, action, name, namelen, datap) SA_CTX *sactx; SA_CONN *saconn; SA_INT action; SA_CHAR *name; SA_INT namelen; SA_VOID *datap; { LOGIN_PROFILE *profile; SA_CHAR tmp[512]; /* Get the user's profile handle */ if (sa_conn_key(saconn, SA_GET, LOGIN_PROFILE_KEY, (SA_VOID **)&profile) != SA_SUCCEED) { /* User never completed login */ return (SA_FAIL); } if (profile == (LOGIN_PROFILE *)NULL) { sa_log2(sactx, SA_LOG_ERROR, "user_profile: LOGIN_PROFILE_KEY returned NULL!"); return (SA_FAIL); } if (profile->data == (SA_PROFILE *)NULL) { sprintf(tmp, "user_profile: SA_PROFILE returned NULL for user %s!", profile->name); sa_log2(sactx, SA_LOG_ERROR, tmp); return (SA_FAIL); } /* ** Profile lookup */ if (action == SA_GET) { if ((namelen == 5) && (strncmp(name, "group", 5) == 0)) { *((SA_CHAR **)datap) = profile->group; } else if ((namelen == 4) && (strncmp(name, "name", 4) == 0)) { *((SA_CHAR **)datap) = profile->name; } else if ((namelen == 8) && (strncmp(name, "username", 8) == 0)) { *((SA_CHAR **)datap) = profile->username; } else if ((namelen == 3) && (strncmp(name, "dir", 3) == 0)) { *((SA_CHAR **)datap) = profile->dir; } else if ((namelen == 6) && (strncmp(name, "davdir", 6) == 0)) { *((SA_CHAR **)datap) = profile->davdir; } else { if (sa_profile_get(sactx, profile->data, name, namelen, (SA_CHAR **)datap) != SA_SUCCEED) { #ifdef DEBUG sprintf(tmp, "Profile attribute '%s' not found!", name); sa_log2(sactx, SA_LOG_WARN, tmp); #endif /* DEBUG */ return (SA_FAIL); } } } else { if (sa_profile_set(sactx, profile->data, name, namelen, (SA_CHAR *)datap) != SA_SUCCEED) { sprintf(tmp, "Profile attribute '%s' could not be set!", name); sa_log2(sactx, SA_LOG_WARN, tmp); return (SA_FAIL); } } return (SA_SUCCEED); } /* ** USER_ADD ** ** Add a new user ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Returns: ** SA_SUCCEED | SA_FAIL */ SA_RETCODE SA_PUBLIC user_add(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_INT mbox; SA_INT datalen; SA_INT makedir; SA_CHAR *data; SA_CHAR path[1024]; SA_PASSWD passwd; SA_PASSWD tmppasswd; memset(&passwd, 0, sizeof(SA_PASSWD)); mbox = 0; if (sa_param(sactx, saparams, "mbox", &data, &datalen) == SA_SUCCEED) { if ((datalen == 2) && (stricmp(data, "on") == 0)) mbox = 1; } if (sa_param(sactx, saparams, "password", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_add(): Expected parameter 'password'!"); return (SA_FAIL); } passwd.passwordlen = MIN(datalen, SA_MAX_NAME); if (passwd.passwordlen > 0) memcpy(passwd.password, data, passwd.passwordlen); if (sa_param(sactx, saparams, "group", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_add(): Expected parameter 'group'!"); return (SA_FAIL); } passwd.grouplen = MIN(datalen, SA_MAX_NAME); if (passwd.grouplen > 0) memcpy(passwd.group, data, passwd.grouplen); if (sa_param(sactx, saparams, "name", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_add(): Expected parameter 'name'!"); return (SA_FAIL); } passwd.namelen = MIN(datalen, SA_MAX_NAME); if (passwd.namelen > 0) memcpy(passwd.name, data, passwd.namelen); makedir = 0; if (sa_param(sactx, saparams, "makedir", &data, &datalen) == SA_SUCCEED) { if ((datalen == 4) && (strcmp(data, "true") == 0)) makedir = 1; } if (sa_param(sactx, saparams, "dir", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_add(): Expected parameter 'dir'!"); return (SA_FAIL); } passwd.dirlen = MIN(datalen, SA_MAX_NAME); if (passwd.dirlen > 0) memcpy(passwd.dir, data, passwd.dirlen); if (sa_param(sactx, saparams, "ftpprivs", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_add(): Expected parameter 'ftpprivs'!"); return (SA_FAIL); } if (datalen < 12) passwd.privs = atol(data); if (sa_param(sactx, saparams, "ftpmax", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_add(): Expected parameter 'ftpmax'!"); return (SA_FAIL); } if (datalen < 12) passwd.ftpmax = atol(data); if (passwd.ftpmax < 5) passwd.ftpmax = 0; if (sa_param(sactx, saparams, "username", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_add(): Expected parameter 'username'!"); return (SA_FAIL); } if ((datalen == 0) || (datalen > SA_MAX_NAME)) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_add(): 'username' field left NULL!"); return (SA_FAIL); } /* Does the user already exist? */ if (sa_passwd_lookup(sactx, data, datalen, &tmppasswd) == SA_SUCCEED) { *infop = SA_E_ALREADYDEFINED; return (SA_FAIL); } /* Create the user account. */ if (sa_passwd_add(sactx, data, datalen, &passwd) != SA_SUCCEED) { *infop = SA_E_INTERNALSYSTEM; sa_log2(sactx, SA_LOG_ERROR, "user_add(): sa_passwd_add() failed!"); return (SA_FAIL); } /* Create the user mailbox. */ if (mbox) { if (sa_mbox_create(sactx, data) != SA_SUCCEED) { *infop = SA_E_ALREADYDEFINED; sa_log2(sactx, SA_LOG_ERROR, "user_add(): sa_mbox_create() failed!"); return (SA_FAIL); } } /* Create the user directory */ if ((makedir) && (passwd.dirlen > 0)) { if (sa_get_userpath(sactx, saconn, passwd.dir, path, 1000) == SA_SUCCEED) { #ifdef WIN32 (void)mkdir(path); #else (void)mkdir(path, 733); #endif } } return (SA_SUCCEED); } /* ** USER_UPDATE ** ** Update an existing user ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Returns: ** SA_SUCCEED | SA_FAIL */ SA_RETCODE SA_PUBLIC user_update(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_INT mbox; SA_INT datalen; SA_INT makedir; SA_CHAR *data; SA_CHAR path[1024]; SA_PASSWD passwd; memset(&passwd, 0, sizeof(SA_PASSWD)); mbox = 0; if (sa_param(sactx, saparams, "mbox", &data, &datalen) == SA_SUCCEED) { if ((datalen == 2) && (stricmp(data, "on") == 0)) mbox = 1; } if (sa_param(sactx, saparams, "password", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_update(): Expected parameter 'password'!"); return (SA_FAIL); } passwd.passwordlen = MIN(datalen, SA_MAX_NAME); if (passwd.passwordlen > 0) memcpy(passwd.password, data, passwd.passwordlen); if (sa_param(sactx, saparams, "group", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_update(): Expected parameter 'group'!"); return (SA_FAIL); } passwd.grouplen = MIN(datalen, SA_MAX_NAME); if (passwd.grouplen > 0) memcpy(passwd.group, data, passwd.grouplen); if (sa_param(sactx, saparams, "name", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_update(): Expected parameter 'name'!"); return (SA_FAIL); } passwd.namelen = MIN(datalen, SA_MAX_NAME); if (passwd.namelen > 0) memcpy(passwd.name, data, passwd.namelen); makedir = 0; if (sa_param(sactx, saparams, "makedir", &data, &datalen) == SA_SUCCEED) { if ((datalen == 4) && (strcmp(data, "true") == 0)) makedir = 1; } if (sa_param(sactx, saparams, "dir", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_update(): Expected parameter 'dir'!"); return (SA_FAIL); } passwd.dirlen = MIN(datalen, SA_MAX_NAME); if (passwd.dirlen > 0) memcpy(passwd.dir, data, passwd.dirlen); if (sa_param(sactx, saparams, "ftpprivs", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_update(): Expected parameter 'ftpprivs'!"); return (SA_FAIL); } if (datalen < 12) passwd.privs = atol(data); if (sa_param(sactx, saparams, "ftpmax", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_update(): Expected parameter 'ftpmax'!"); return (SA_FAIL); } if (datalen < 12) passwd.ftpmax = atol(data); if (passwd.ftpmax < 5) passwd.ftpmax = 0; if (sa_param(sactx, saparams, "username", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_update(): Expected parameter 'username'!"); return (SA_FAIL); } if ((datalen == 0) || (datalen > SA_MAX_NAME)) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_update(): 'username' field left NULL!"); return (SA_FAIL); } if (sa_passwd_update(sactx, data, datalen, &passwd) != SA_SUCCEED) { *infop = SA_E_ALREADYDEFINED; sa_log2(sactx, SA_LOG_ERROR, "user_update(): sa_passwd_update() failed!"); return (SA_FAIL); } /* Create the user mailbox. */ if (mbox) { if (sa_mbox_create(sactx, data) != SA_SUCCEED) { *infop = SA_E_ALREADYDEFINED; sa_log2(sactx, SA_LOG_ERROR, "user_update(): sa_mbox_create() failed!"); return (SA_FAIL); } } /* Create the user directory */ if ((makedir) && (passwd.dirlen > 0)) { if (sa_get_userpath(sactx, saconn, passwd.dir, path, 1000) == SA_SUCCEED) { #ifdef WIN32 (void)mkdir(path); #else (void)mkdir(path, 733); #endif } } return (SA_SUCCEED); } /* ** USER_DELETE ** ** Delete an existing user ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Returns: ** SA_SUCCEED | SA_FAIL */ SA_RETCODE SA_PUBLIC user_delete(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_INT datalen; SA_INT sysadminlen; SA_CHAR *data; SA_CHAR sysadmin[1024]; /* Get the sysadmin user (disallow deletes) */ if (sa_ctx_props(sactx, SA_GET, SA_CTXPROP_SYSADMIN, (SA_BYTE *)sysadmin, 1000, &sysadminlen) != SA_SUCCEED) { sa_log2(sactx, SA_LOG_ERROR, "user_delete(): failure retrieving system admin user!"); return (SA_FAIL); } if (sa_param(sactx, saparams, "username", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_delete(): Expected parameter 'username'!"); return (SA_FAIL); } if ((datalen == 0) || (datalen > SA_MAX_NAME)) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_delete(): 'username' field left NULL!"); return (SA_FAIL); } /* Don't allow the deletion of the system administrator */ if (!user__inlist(data, datalen, sysadmin, sysadminlen)) { (SA_VOID)sa_passwd_delete(sactx, data, datalen); (SA_VOID)sa_mbox_delete(sactx, data); (SA_VOID)sa_mlist_delete(sactx, data); } return (SA_SUCCEED); } /* ** USER_SELECT ** ** List all users for selection. ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Returns: ** SA_SUCCEED | SA_FAIL ** ** Notes: ** This list is truncated at 500 names. */ SA_RETCODE SA_PUBLIC user_select(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_INT i; SA_BOOL selected; SA_INT usernamelen; SA_INT numusers; SA_CHAR *username; SA_USER users[500]; SA_CHAR buffer[512]; /* If a username is provided make it SELECTED in the OPTION list */ (SA_VOID)sa_param(sactx, saparams, "username", &username, &usernamelen); if (sa_passwd_list(sactx, users, 500, &numusers) != SA_SUCCEED) { sa_log2(sactx, SA_LOG_ERROR, "user_select(): failure retrieving names list!"); return (SA_FAIL); } /* Display the list of users. */ for (i = 0; i < numusers; i++) { selected = 0; if ((users[i].usernamelen == usernamelen) && (memcmp(username, users[i].username, usernamelen) == 0)) { selected = 1; } sprintf(buffer, "<OPTION %s>%s\n", (selected ? "SELECTED" : ""), users[i].username); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } return (SA_SUCCEED); } /* ** USER_LIST ** ** List all users for delete or update. ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Returns: ** SA_SUCCEED | SA_FAIL ** ** Notes: ** This list is truncated at 500 names. ** List users by group... */ SA_RETCODE SA_PUBLIC user_list(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_INT i; SA_INT j; SA_INT sysadminlen; SA_INT numusers; SA_INT numgroups; SA_GROUP groups[100]; SA_USER users[500]; SA_CHAR sysadmin[1024]; SA_CHAR buffer[512]; /* Get the sysadmin user (disallow deletes) */ if (sa_ctx_props(sactx, SA_GET, SA_CTXPROP_SYSADMIN, (SA_BYTE *)sysadmin, 1000, &sysadminlen) != SA_SUCCEED) { sa_log2(sactx, SA_LOG_ERROR, "user_list(): failure retrieving system admin user!"); return (SA_FAIL); } if (sa_passwd_list(sactx, users, 500, &numusers) != SA_SUCCEED) { sa_log2(sactx, SA_LOG_ERROR, "user_list(): failure retrieving names list!"); return (SA_FAIL); } if (sa_group_list(sactx, groups, 100, &numgroups) != SA_SUCCEED) { sa_log2(sactx, SA_LOG_ERROR, "user_list(): failure retrieving groups list!"); return (SA_FAIL); } /* ** Display the users by "group". ** Zero the usernamelen after displaying so we can put the rest in ** the "other" list. */ for (j = 0; j < numgroups; j++) { sprintf(buffer, "%s<BLOCKQUOTE>\n", groups[j].name); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); /* Display the users in that group. */ for (i = 0; i < numusers; i++) { if ((users[i].usernamelen > 0) && (users[i].grouplen == groups[j].namelen) && (memcmp(users[i].group, groups[j].name, users[i].grouplen)==0)) { /* Make sure we don't display the user twice. */ users[i].usernamelen = 0; if (!user__inlist(users[i].username, users[i].usernamelen, sysadmin, sysadminlen)) { sprintf(buffer, "<A HREF=\"/session/deluser?username=%s&RCpage=/sysadmin/usermgmt/userlist.stm\" onClick=\"return confirmDelete()\"><IMG border=0 HEIGHT=20 WIDTH=20 SRC=\"/sysimage/system/trash.gif\"></A>\n", users[i].username); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } sprintf(buffer, "<A HREF=\"/sysadmin/usermgmt/upduser.stm?RCSusername=%s\" TARGET=body><IMG border=0 HEIGHT=20 WIDTH=20 SRC=\"/sysimage/system/info.gif\"> %s</A> \n", users[i].username, users[i].username); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } } if (sa_conn_send(saconn, "</BLOCKQUOTE>", SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } /* Display the "other" group */ sprintf(buffer, "%s<BLOCKQUOTE>\n", SA_DEFAULT_GROUP); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); /* Display the users in that group. */ for (i = 0; i < numusers; i++) { /* Display all users not in any other group. */ if (users[i].usernamelen > 0) { if (!user__inlist(users[i].username, users[i].usernamelen, sysadmin, sysadminlen)) { sprintf(buffer, "<A HREF=\"/session/deluser?username=%s&RCpage=/sysadmin/usermgmt/userlist.stm\" onClick=\"return confirmDelete()\"><IMG border=0 HEIGHT=15 WIDTH=15 SRC=\"/sysimage/system/trash.gif\"></A>\n", users[i].username); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } sprintf(buffer, "<A HREF=\"/sysadmin/usermgmt/upduser.stm?RCSusername=%s\" TARGET=body><IMG border=0 HEIGHT=15 WIDTH=15 SRC=\"/sysimage/system/info.gif\"> %s</A> \n", users[i].username, users[i].username); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } } if (sa_conn_send(saconn, "</BLOCKQUOTE>\n", SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); return (SA_SUCCEED); } /* ** USER_PASSWD ** ** Update a user' password. ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Returns: ** SA_SUCCEED | SA_FAIL */ SA_RETCODE SA_PUBLIC user_passwd(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_INT datalen; SA_INT passwordlen; SA_INT usernamelen; SA_CHAR *data; SA_CHAR *password; SA_CHAR *username; SA_PASSWD passwd; /* What username is being updated? */ if (sa_param(sactx, saparams, "username", &username, &usernamelen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_passwd(): Expected parameter 'username'!"); return (SA_FAIL); } if ((usernamelen == 0) || (usernamelen > SA_MAX_NAME)) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_update(): 'username' field left NULL!"); return (SA_FAIL); } /* Lookup the username provided for update. */ if (sa_passwd_lookup(sactx, username, usernamelen, &passwd) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_ERROR, "user_passwd(): sa_passwd_lookup() failed!"); return (SA_FAIL); } /* Make sure that the password is valid. */ if (sa_param(sactx, saparams, "password", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_passwd(): Expected parameter 'password'!"); return (SA_FAIL); } /* Compare with the existing password. */ if (datalen != passwd.passwordlen) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_passwd(): Invalid password provided."); return (SA_FAIL); } if (datalen > 0) { if (memcmp(passwd.password, data, datalen) != 0) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_passwd(): Invalid password provided."); return (SA_FAIL); } } /* Get the new password. */ if (sa_param(sactx, saparams, "newpasswd", &password, &passwordlen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_passwd(): Expected parameter 'newpasswd'!"); return (SA_FAIL); } /* Confirm the new password. */ if (sa_param(sactx, saparams, "confpasswd", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_passwd(): Expected parameter 'confpasswd'!"); return (SA_FAIL); } /* Does the new password and confirm password match? */ if ((passwordlen > 0) && (datalen > 0)) { if ((passwordlen != datalen) || (memcmp(password, data, datalen) != 0)) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_passwd(): New & confirmation password do not match!"); return (SA_FAIL); } } passwd.passwordlen = MIN(datalen, SA_MAX_NAME); if (passwd.passwordlen > 0) memcpy(passwd.password, data, passwd.passwordlen); if (sa_passwd_update(sactx, username, usernamelen, &passwd) != SA_SUCCEED) { sa_log2(sactx, SA_LOG_ERROR, "user_passwd(): sa_passwd_update() failed!"); return (SA_FAIL); } return (SA_SUCCEED); } /* ** USER_PROP ** ** Lookup and return a single user property. ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Return Values: ** SA_SUCCESS | SA_FAIL */ SA_RETCODE SA_PUBLIC user_prop(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_PASSWD passwd; SA_INT userlen; SA_CHAR *user; SA_INT proplen; SA_CHAR *prop; SA_CHAR buffer[512]; /* Get the page to direct to for user update */ if (sa_param(sactx, saparams, "username", &user, &userlen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_prop(): Expected parameter 'username'!"); return (SA_FAIL); } if ((userlen == 0) || (userlen > SA_MAX_NAME)) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_prop(): 'username' field left NULL!"); return (SA_FAIL); } /* Get the property being looked up. */ if (sa_param(sactx, saparams, "prop", &prop, &proplen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_prop(): Expected parameter 'prop'!"); return (SA_FAIL); } if ((proplen == 0) || (proplen > SA_MAX_NAME)) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_prop(): 'prop' field left NULL!"); return (SA_FAIL); } if (sa_passwd_lookup(sactx, user, userlen, &passwd) != SA_SUCCEED) { sprintf(buffer, "User lookup for '%s' failed.", user); sa_log2(sactx, SA_LOG_WARN, buffer); *infop = SA_E_INVALIDDATA; return (SA_FAIL); } /* Lookup and return the appropriate property */ if (strcmp(prop, "group") == 0) { if (sa_conn_send(saconn, passwd.group, passwd.grouplen) != SA_SUCCEED) return (SA_FAIL); } else if (strcmp(prop, "password") == 0) { if (sa_conn_send(saconn, passwd.password, passwd.passwordlen) != SA_SUCCEED) { return (SA_FAIL); } } else if (strcmp(prop, "name") == 0) { if (sa_conn_send(saconn, passwd.name, passwd.namelen) != SA_SUCCEED) return (SA_FAIL); } else if (strcmp(prop, "dir") == 0) { if (sa_conn_send(saconn, passwd.dir, passwd.dirlen) != SA_SUCCEED) return (SA_FAIL); } else if (strcmp(prop, "ftpprivs") == 0) { if (sa_param(sactx, saparams, "checked", &prop, &proplen) == SA_SUCCEED) { int tmp; tmp = 0; if (proplen > 0) tmp = atoi(prop); if (tmp == passwd.privs) { if (sa_conn_send(saconn, "CHECKED", SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } } else { sprintf(buffer, "%ld", passwd.privs); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } } else if (strcmp(prop, "ftpmax") == 0) { if (passwd.ftpmax < 5) passwd.ftpmax = 0; sprintf(buffer, "%ld", passwd.ftpmax); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } else if (strcmp(prop, "mbox") == 0) { if (sa_mbox_exists(sactx, user)) strcpy(buffer, "CHECKED"); else strcpy(buffer, ""); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } else { sprintf(buffer, "User lookup for property '%s' failed.", prop); sa_log2(sactx, SA_LOG_WARN, buffer); *infop = SA_E_INVALIDDATA; return (SA_FAIL); } return (SA_SUCCEED); } /* ** USER_MAILLIST ** ** List all mail users for delete or update. ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Returns: ** SA_SUCCEED | SA_FAIL ** ** Notes: ** This list is truncated at 500 names. */ SA_RETCODE SA_PUBLIC user_maillist(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_INT i; SA_INT numusers; SA_USER users[500]; SA_CHAR buffer[512]; SA_MBOXINFO info; if (sa_passwd_list(sactx, users, 500, &numusers) != SA_SUCCEED) { sa_log2(sactx, SA_LOG_ERROR, "user_list(): failure retrieving names list!"); return (SA_FAIL); } if (sa_conn_send(saconn, "<TABLE BORDER=0 CELLPADDING=2>\n", SA_NULLTERM) != SA_SUCCEED) { return (SA_FAIL); } if (sa_conn_send(saconn, "<TR nowrap><TH>User</TH><TH>Mailbox</TH><TH>Folders</TH><TH nowrap>Read / Unread</TH><TH>Digest</TH></TR>\n", SA_NULLTERM) != SA_SUCCEED) { return (SA_FAIL); } /* ** Display the mail users */ for (i = 0; i < numusers; i++) { sprintf(buffer, "<TR nowrap><TD>%s </TD><TD>", users[i].username); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); if (sa_mbox_exists(sactx, users[i].username)) { sprintf(buffer, "<A HREF=\"/session/usermbox?action=delete&username=%s&RCpage=/sysadmin/mail/users.stm\">Delete</A></TD>", users[i].username); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); (void)sa_mbox_info(sactx, users[i].username, &info); sprintf(buffer, "<TD>%d</TD><TD nowrap>", info.folders); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); if (info.readsize == 0) strcpy(buffer, "0 bytes"); else if (info.readsize < 1024) strcpy(buffer, "1 KB"); else if (info.readsize < 1024 * 1024) sprintf(buffer, "%d KB", (int)(info.readsize / 1024)); else sprintf(buffer, "%d MB", (int)(info.readsize/(1024*1024))); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); if (info.unreadsize == 0) strcpy(buffer, " / 0 bytes"); else if (info.unreadsize < 1024) strcpy(buffer, " / 1 KB"); else if (info.unreadsize < 1024 * 1024) sprintf(buffer," / %d KB",(int)(info.readsize / 1024)); else sprintf(buffer," / %d MB",(int)(info.readsize/(1024*1024))); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); if (sa_conn_send(saconn, "</TD><TD>", SA_NULLTERM) != SA_SUCCEED) { return (SA_FAIL); } sprintf(buffer, "<A HREF=\"/sysadmin/mail/digest.stm?username=%s\">Generate</A>", users[i].username); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } else { sprintf(buffer, "<A HREF=\"/session/usermbox?action=create&username=%s&RCpage=/sysadmin/mail/users.stm\">Create</A></TD><TD>", users[i].username); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } if (sa_conn_send(saconn, "</TD></TR>\n", SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } if (sa_conn_send(saconn, "</TABLE>\n", SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); return (SA_SUCCEED); } /* ** USER_MBOX ** ** Update an user mailbox ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Returns: ** SA_SUCCEED | SA_FAIL */ SA_RETCODE SA_PUBLIC user_mailbox(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_BOOL create; SA_INT datalen; SA_CHAR *data; SA_PASSWD passwd; if (sa_param(sactx, saparams, "action", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_mailbox(): Expected parameter 'action'!"); return (SA_FAIL); } if (stricmp(data, "create") == 0) { create = 1; } else if (stricmp(data, "delete") == 0) { create = 0; } else { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_mailbox(): Parameter 'action' not create/delete!"); return (SA_FAIL); } if ((sa_param(sactx, saparams, "username", &data, &datalen) != SA_SUCCEED) || (datalen == 0) || (datalen > SA_MAX_NAME)) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "user_mailbox(): Expected parameter 'username'!"); return (SA_FAIL); } /* Verify the user account exists. */ if (sa_passwd_lookup(sactx, data, datalen, &passwd) == SA_SUCCEED) { /* Create the user mailbox. */ if (create) { if (sa_mbox_create(sactx, data) != SA_SUCCEED) { sa_log2(sactx, SA_LOG_ERROR, "user_mailbox(): sa_mbox_create() failed!"); } } else { if (sa_mbox_delete(sactx, data) != SA_SUCCEED) { sa_log2(sactx, SA_LOG_ERROR, "user_mailbox(): sa_mbox_delete() failed!"); } } } else { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_ERROR, "user_mailbox(): Failure creating user mailbox; no login found!"); return (SA_FAIL); } return (SA_SUCCEED); } /* ** FTP_CONNECT ** ** Process an FTP Connect request. Verify the username/password against ** the Sambar Server password interfaces and return the root directory ** and priviledges. ** ** Parameters: ** sactx Sambar Server Application context to release. ** saconn Sambar Server User Connection handle. ** username Name of the user logging in. ** usernamelen Length of the user name ** password Password of the user logging in. ** passwordlen Length of the password. ** ftpresp FTP response structure. ** ** Return Values: ** SA_SUCCESS Login Accepted. ** SA_FAIL Login Denied. */ SA_RETCODE SA_PUBLIC ftp_connect(sactx, name, namelen, password, passwordlen, ftpresp) SA_CTX *sactx; SA_CHAR *name; SA_INT namelen; SA_CHAR *password; SA_INT passwordlen; SA_FTP *ftpresp; { SA_BOOL ntauth; SA_BOOL sqlauth; SA_BOOL radiusauth; SA_BOOL usepasswd; SA_BOOL status; SA_PASSWD passwd; SA_CHAR buffer[512]; ntauth = 0; if (sa_ctx_props(sactx, SA_GET, SA_CTXPROP_NTAUTH, buffer, 30, (SA_INT *)NULL) == SA_SUCCEED) { if (stricmp(buffer, "true") == 0) ntauth = 1; } radiusauth = 0; if (sa_ctx_props(sactx, SA_GET, SA_CTXPROP_RADIUSAUTH, buffer, 30, (SA_INT *)NULL) == SA_SUCCEED) { if (stricmp(buffer, "true") == 0) radiusauth = 1; } sqlauth = 0; if (sa_ctx_props(sactx, SA_GET, SA_CTXPROP_SQLAUTH, buffer, 30, (SA_INT *)NULL) == SA_SUCCEED) { if (stricmp(buffer, "true") == 0) sqlauth = 1; } usepasswd = 0; if ((ntauth) || (radiusauth)) { if ((sa_passwd_verify(sactx, name, namelen, password, passwordlen, &status) != SA_SUCCEED) || (!status)) { sprintf(buffer, "%sFTP login for user '%s' failed - bad password", (radiusauth ? "Radius " : (ntauth ? "NT " : "")), name); sa_log2(sactx, SA_LOG_WARN, buffer); return (SA_FAIL); } ftpresp->privs = SA_PRIV_READONLY; ftpresp->ftpmax = 0; if (sa_ctx_props(sactx, SA_GET, SA_CTXPROP_DOCSDIR, ftpresp->dir, SA_MAX_NAME, &ftpresp->dirlen) != SA_SUCCEED) { #ifdef WIN32 strcpy(ftpresp->dir, "c:/temp"); #else strcpy(ftpresp->dir, "/tmp"); #endif ftpresp->dirlen = strlen(ftpresp->dir); } if (sa_passwd_lookup(sactx, name, namelen, &passwd) == SA_SUCCEED) usepasswd = 1; } else if (sqlauth) { usepasswd = 1; if (sa_passwd_sqlauth(sactx, (SA_CONN *)NULL, name, namelen, password, passwordlen, &passwd) != SA_SUCCEED) { sprintf(buffer, "SQL FTP login for user '%s' failed.", name); sa_log2(sactx, SA_LOG_WARN, buffer); return (SA_FAIL); } } else { usepasswd = 1; if (sa_passwd_lookup(sactx, name, namelen, &passwd) != SA_SUCCEED) { sprintf(buffer, "FTP login for user '%s' failed.", name); sa_log2(sactx, SA_LOG_WARN, buffer); return (SA_FAIL); } /* Verify the passwords are the same */ if ((passwd.passwordlen != passwordlen) || (strncmp(passwd.password, password, passwordlen) != 0)) { /* Special case for anonymous user - NULL password match OK */ if ((namelen != 9) || (strncmp(name, "anonymous", 9) != 0)) { sprintf(buffer, "FTP login for user '%s' failed - bad password", name); sa_log2(sactx, SA_LOG_WARN, buffer); return (SA_FAIL); } } } if (usepasswd) { /* Return the directory and access priviledges */ ftpresp->privs = passwd.privs; ftpresp->ftpmax = passwd.ftpmax; ftpresp->dirlen = passwd.dirlen; if (ftpresp->dirlen > 0) strncpy(ftpresp->dir, passwd.dir, ftpresp->dirlen); ftpresp->dir[ftpresp->dirlen] = '\0'; ftpresp->grouplen = passwd.grouplen; if (ftpresp->grouplen > 0) strncpy(ftpresp->group, passwd.group, ftpresp->grouplen); ftpresp->group[ftpresp->grouplen] = '\0'; } #ifdef DEBUG sprintf(buffer, "%sFTP User '%s' logged in.", (radiusauth ? "Radius " : (sqlauth ? "SQL " : (ntauth ? "NT " : ""))), name); sa_log2(sactx, SA_LOG_TRACE, buffer); #endif return (SA_SUCCEED); } /* ** MAIL_CONNECT ** ** Process an MAIL Connect request. Verify the username/password against ** the Sambar Server password interfaces. ** ** Parameters: ** sactx Sambar Server Application context to release. ** saconn Sambar Server User Connection handle. ** username Name of the user logging in. ** usernamelen Length of the user name ** password Password of the user logging in. ** passwordlen Length of the password. ** ** Return Values: ** SA_SUCCESS Login Accepted. ** SA_FAIL Login Denied. */ SA_RETCODE SA_PUBLIC mail_connect(sactx, name, namelen, password, passwordlen) SA_CTX *sactx; SA_CHAR *name; SA_INT namelen; SA_CHAR *password; SA_INT passwordlen; { SA_BOOL status; SA_CHAR buffer[512]; if ((sa_passwd_verify(sactx, name, namelen, password, passwordlen, &status) != SA_SUCCEED) || (!status)) { sprintf(buffer, "MAIL login for user '%s' failed - bad password.", name); sa_log2(sactx, SA_LOG_WARN, buffer); return (SA_FAIL); } #ifdef DEBUG sprintf(buffer, "MAIL User '%s' logged in.", name); sa_log2(sactx, SA_LOG_TRACE, buffer); #endif return (SA_SUCCEED); } /* ** TELNET_CONNECT ** ** Process an Telnet Connect request. Verify the username/password against ** the Sambar Server password interfaces. ** ** Parameters: ** sactx Sambar Server Application context to release. ** saconn Sambar Server User Connection handle. ** username Name of the user logging in. ** usernamelen Length of the user name ** password Password of the user logging in. ** passwordlen Length of the password. ** ** Return Values: ** SA_SUCCESS Login Accepted. ** SA_FAIL Login Denied. */ SA_RETCODE SA_PUBLIC telnet_connect(sactx, name, namelen, password, passwordlen) SA_CTX *sactx; SA_CHAR *name; SA_INT namelen; SA_CHAR *password; SA_INT passwordlen; { SA_BOOL status; SA_CHAR buffer[512]; if ((sa_passwd_verify(sactx, name, namelen, password, passwordlen, &status) != SA_SUCCEED) || (!status)) { sprintf(buffer, "Telnet login for user '%s' failed - bad password.", name); sa_log2(sactx, SA_LOG_WARN, buffer); return (SA_FAIL); } #ifdef DEBUG sprintf(buffer, "Telnet User '%s' logged in.", name); sa_log2(sactx, SA_LOG_TRACE, buffer); #endif return (SA_SUCCEED); } /* ** GROUP_ADD ** ** Add a new group ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Returns: ** SA_SUCCEED | SA_FAIL */ SA_RETCODE SA_PUBLIC group_add(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_CHAR *data; SA_INT datalen; if (sa_param(sactx, saparams, "groupname", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "group_add(): Expected parameter 'groupname'!"); return (SA_FAIL); } if ((datalen == 0) || (datalen > SA_MAX_NAME)) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "group_add(): 'name' field left NULL!"); return (SA_FAIL); } /* Can't create the group "other" */ if ((datalen == 5) && (memcmp(data, SA_DEFAULT_GROUP, strlen(SA_DEFAULT_GROUP)) == 0)) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "group_add(): 'other' group already exists!"); return (SA_FAIL); } if (sa_group_add(sactx, data, datalen) != SA_SUCCEED) { *infop = SA_E_ALREADYDEFINED; sa_log2(sactx, SA_LOG_ERROR, "group_add(): sa_group_add() failed (already defined?)"); return (SA_FAIL); } return (SA_SUCCEED); } /* ** GROUP_DELETE ** ** Delete an existing group ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Returns: ** SA_SUCCEED | SA_FAIL ** ** Notes: ** No users can belong to the group. */ SA_RETCODE SA_PUBLIC group_delete(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_INT datalen; SA_CHAR *data; if (sa_param(sactx, saparams, "groupname", &data, &datalen) != SA_SUCCEED) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "group_delete(): Expected parameter 'groupname'!"); return (SA_FAIL); } if ((datalen == 0) || (datalen > SA_MAX_NAME)) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "group_delete(): 'groupname' field left NULL!"); return (SA_FAIL); } /* Can't delete the group "other" */ if ((datalen == 5) && (memcmp(data, SA_DEFAULT_GROUP, strlen(SA_DEFAULT_GROUP)) == 0)) { *infop = SA_E_INVALIDDATA; sa_log2(sactx, SA_LOG_WARN, "group_delete(): 'other' group cannot be deleted!"); return (SA_FAIL); } /* Should only be allowed to do this if the group has no users. */ (SA_VOID)sa_group_delete(sactx, data, datalen); return (SA_SUCCEED); } /* ** GROUP_SELECT ** ** List all groups for selection. ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Returns: ** SA_SUCCEED | SA_FAIL ** ** Notes: ** This list is truncated at 100 names. ** The group other always exists and is used for users with unrecognized ** group names. */ SA_RETCODE SA_PUBLIC group_select(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_INT i; SA_BOOL found; SA_BOOL selected; SA_INT grouplen; SA_INT userlen; SA_INT numgroups; SA_CHAR *user; SA_PASSWD passwd; SA_CHAR group[SA_MAX_NAME + 1]; SA_GROUP groups[100]; SA_CHAR buffer[512]; /* If a name is provided make it SELECTED in the OPTION list */ userlen = 0; grouplen = 0; (SA_VOID)sa_param(sactx, saparams, "username", &user, &userlen); if ((userlen > 0) && (userlen < SA_MAX_NAME)) { if (sa_passwd_lookup(sactx, user, userlen, &passwd) != SA_SUCCEED) { sprintf(buffer, "User lookup for '%s' failed.", user); sa_log2(sactx, SA_LOG_WARN, buffer); *infop = SA_E_INVALIDDATA; return (SA_FAIL); } grouplen = passwd.grouplen; if (grouplen > 0) memcpy(group, passwd.group, grouplen); } if (sa_group_list(sactx, groups, 100, &numgroups) != SA_SUCCEED) { sa_log2(sactx, SA_LOG_ERROR, "group_select(): failure retrieving groups list!"); return (SA_FAIL); } /* We could sort the names alphabetically at this point... */ /* Display the list of groups. */ found = 0; for (i = 0; i < numgroups; i++) { selected = 0; if ((grouplen > 0) && (groups[i].namelen == grouplen) && (memcmp(group, groups[i].name, grouplen) == 0)) { selected = 1; found = 1; } sprintf(buffer, "<OPTION %s>%s\n", (selected ? "SELECTED" : ""), groups[i].name); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } /* The group "other" always exists. */ sprintf(buffer, "<OPTION %s>%s\n", (found ? "" : "SELECTED"), SA_DEFAULT_GROUP); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); return (SA_SUCCEED); } /* ** GROUP_LIST ** ** List all groups for delete. ** ** Parameters: ** sactx Sambar Server context ** saconn Sambar Server connection ** saparams RPC Parameters ** infop Error parameters ** ** Returns: ** SA_SUCCEED | SA_FAIL ** ** Notes: ** This list is truncated at 100 names. ** The group "other" always exists and is the default group. */ SA_RETCODE SA_PUBLIC group_list(sactx, saconn, saparams, infop) SA_CTX *sactx; SA_CONN *saconn; SA_PARAMS *saparams; SA_INT *infop; { SA_INT i; SA_INT numgroups; SA_GROUP groups[100]; SA_CHAR buffer[512]; if (sa_group_list(sactx, groups, 100, &numgroups) != SA_SUCCEED) { sa_log2(sactx, SA_LOG_ERROR, "group_list(): failure retrieving groups list!"); return (SA_FAIL); } /* We could sort the list alphabetically at this point. */ /* Display the list of groups. */ for (i = 0; i < numgroups; i++) { sprintf(buffer, "<A TARGET=_top HREF=\"/session/delgroup?groupname=%s&RCpage=/sysadmin/usermgmt/users.htm\" onClick=\"return confirmDelete()\"><IMG border=0 HEIGHT=20 WIDTH=20 SRC=\"/sysimage/system/trash.gif\"></A> %s \n", groups[i].name, groups[i].name); if (sa_conn_send(saconn, buffer, SA_NULLTERM) != SA_SUCCEED) return (SA_FAIL); } return (SA_SUCCEED); } /* ** USER__INLIST ** ** Determine if the string is in the space separated list of values. ** ** Parameters: ** list The space-spearated list to examine. ** listlen The length of the list. ** value The value to examine. ** valuelen The length of the value string. ** ** Returns: ** SA_TRUE | SA_FALSE */ static SA_BOOL user__inlist(list, listlen, value, valuelen) SA_CHAR *list; SA_INT listlen; SA_CHAR *value; SA_INT valuelen; { SA_INT pos; SA_INT head; if (listlen == SA_NULLTERM) listlen = strlen(list); if (valuelen == SA_NULLTERM) valuelen = strlen(value); if ((listlen == 0) || (valuelen == 0)) return (0); /* ** See if the value is in the list. */ pos = 0; while (pos < listlen) { if ((list[pos] != ' ') && (list[pos] != ',')) { head = pos; while ((pos < listlen) && (list[pos] != ' ') && (list[pos] != ',')) pos++; if (pos - head != valuelen) { pos++; continue; } /* ** Determine if the index suffix matches */ if (memcmp(&list[head], value, valuelen) == 0) return (1); } pos++; } return (0); }