[23740] | 1 | /* $Id: qaccess.pc,v 2.36 2008-08-29 14:50:07 zacheiss Exp $ |
---|
[23095] | 2 | * |
---|
| 3 | * Check access to queries |
---|
| 4 | * |
---|
| 5 | * Copyright (C) 1987-1998 by the Massachusetts Institute of Technology |
---|
| 6 | * For copying and distribution information, please see the file |
---|
| 7 | * <mit-copyright.h>. |
---|
| 8 | */ |
---|
| 9 | |
---|
| 10 | #include <mit-copyright.h> |
---|
| 11 | #include "mr_server.h" |
---|
| 12 | #include "qrtn.h" |
---|
| 13 | #include "query.h" |
---|
| 14 | |
---|
| 15 | #include <ctype.h> |
---|
| 16 | #include <stdlib.h> |
---|
| 17 | #include <netdb.h> |
---|
| 18 | #include <sys/types.h> |
---|
| 19 | #include <netinet/in.h> |
---|
| 20 | #include <arpa/nameser.h> |
---|
| 21 | |
---|
| 22 | EXEC SQL INCLUDE sqlca; |
---|
| 23 | |
---|
[23740] | 24 | RCSID("$Header: /afs/athena.mit.edu/astaff/project/moiradev/repository/moira/server/qaccess.pc,v 2.36 2008-08-29 14:50:07 zacheiss Exp $"); |
---|
[23095] | 25 | |
---|
| 26 | extern char *whoami; |
---|
| 27 | extern int dbms_errno, mr_errcode; |
---|
| 28 | |
---|
| 29 | EXEC SQL WHENEVER SQLERROR DO dbmserr(); |
---|
| 30 | |
---|
| 31 | |
---|
| 32 | /* Specialized Access Routines */ |
---|
| 33 | |
---|
| 34 | /* access_user - verify that client name equals specified login name |
---|
| 35 | * |
---|
| 36 | * - since field validation routines are called first, a users_id is |
---|
| 37 | * now in argv[0] instead of the login name. |
---|
| 38 | */ |
---|
| 39 | |
---|
| 40 | int access_user(struct query *q, char *argv[], client *cl) |
---|
| 41 | { |
---|
| 42 | if (cl->users_id != *(int *)argv[0]) |
---|
| 43 | return MR_PERM; |
---|
| 44 | else |
---|
| 45 | return MR_SUCCESS; |
---|
| 46 | } |
---|
| 47 | |
---|
| 48 | int access_update_user(struct query *q, char *argv[], client *cl) |
---|
| 49 | { |
---|
| 50 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 51 | int users_id, unix_uid, status, comments, secure; |
---|
| 52 | char login[USERS_LOGIN_SIZE], shell[USERS_SHELL_SIZE]; |
---|
| 53 | char winconsoleshell[USERS_WINCONSOLESHELL_SIZE], last[USERS_LAST_SIZE]; |
---|
| 54 | char first[USERS_FIRST_SIZE], middle[USERS_MIDDLE_SIZE]; |
---|
| 55 | char clearid[USERS_CLEARID_SIZE], type[USERS_TYPE_SIZE]; |
---|
| 56 | char signature[USERS_SIGNATURE_SIZE]; |
---|
| 57 | EXEC SQL END DECLARE SECTION; |
---|
| 58 | |
---|
| 59 | /* The two fields we let users update themselves didn't appear until |
---|
| 60 | * version 11. |
---|
| 61 | */ |
---|
| 62 | if (q->version < 11) |
---|
| 63 | return MR_PERM; |
---|
| 64 | |
---|
| 65 | if (cl->users_id != *(int *)argv[0]) |
---|
| 66 | return MR_PERM; |
---|
| 67 | |
---|
| 68 | users_id = *(int *)argv[0]; |
---|
| 69 | |
---|
| 70 | EXEC SQL SELECT u.login, u.unix_uid, u.shell, u.winconsoleshell, u.last, |
---|
| 71 | u.first, u.middle, u.status, u.clearid, u.type, u.comments, u.signature, |
---|
| 72 | u.secure INTO :login, :unix_uid, :shell, :winconsoleshell, :last, :first, |
---|
| 73 | :middle, :status, :clearid, :type, :comments, :signature, :secure |
---|
| 74 | FROM USERS u WHERE u.users_id = :users_id; |
---|
| 75 | |
---|
| 76 | /* None of these things can have changed. */ |
---|
| 77 | if (strcmp(argv[1], strtrim(login)) || |
---|
| 78 | (unix_uid != atoi(argv[2])) || |
---|
| 79 | strcmp(argv[3], strtrim(shell)) || |
---|
| 80 | strcmp(argv[4], strtrim(winconsoleshell)) || |
---|
| 81 | strcmp(argv[5], strtrim(last)) || |
---|
| 82 | strcmp(argv[6], strtrim(first)) || |
---|
| 83 | strcmp(argv[7], strtrim(middle)) || |
---|
| 84 | (status != atoi(argv[8])) || |
---|
| 85 | strcmp(argv[9], strtrim(clearid)) || |
---|
| 86 | strcmp(argv[10], strtrim(type)) || |
---|
| 87 | (comments != *(int *)argv[11]) || |
---|
| 88 | strcmp(argv[12], strtrim(signature)) || |
---|
| 89 | (secure != atoi(argv[13]))) |
---|
| 90 | return MR_PERM; |
---|
| 91 | |
---|
| 92 | return MR_SUCCESS; |
---|
| 93 | } |
---|
| 94 | |
---|
| 95 | /* access_login - verify that client name equals specified login name |
---|
| 96 | * |
---|
| 97 | * argv[0...n] contain search info. q-> |
---|
| 98 | */ |
---|
| 99 | |
---|
| 100 | int access_login(struct query *q, char *argv[], client *cl) |
---|
| 101 | { |
---|
| 102 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 103 | int id; |
---|
| 104 | EXEC SQL END DECLARE SECTION; |
---|
| 105 | |
---|
| 106 | if (q->argc != 1) |
---|
| 107 | return MR_ARGS; |
---|
| 108 | |
---|
| 109 | if (!strcmp(q->shortname, "gual")) |
---|
| 110 | { |
---|
| 111 | EXEC SQL SELECT users_id INTO :id FROM users |
---|
| 112 | WHERE login = :argv[0] AND users_id != 0; |
---|
| 113 | } |
---|
| 114 | else if (!strcmp(q->shortname, "gubl")) |
---|
| 115 | { |
---|
| 116 | EXEC SQL SELECT users_id INTO :id FROM users u |
---|
| 117 | WHERE u.login = :argv[0] AND u.users_id != 0; |
---|
| 118 | } |
---|
| 119 | else if (!strcmp(q->shortname, "guau")) |
---|
| 120 | { |
---|
| 121 | EXEC SQL SELECT users_id INTO :id FROM users |
---|
| 122 | WHERE unix_uid = :argv[0] AND users_id != 0; |
---|
| 123 | } |
---|
| 124 | else if (!strcmp(q->shortname, "gubu")) |
---|
| 125 | { |
---|
| 126 | EXEC SQL SELECT users_id INTO :id FROM users u |
---|
| 127 | WHERE u.unix_uid = :argv[0] AND u.users_id != 0; |
---|
| 128 | } |
---|
| 129 | |
---|
| 130 | if (sqlca.sqlcode == SQL_NO_MATCH) |
---|
| 131 | return MR_NO_MATCH; /* ought to be MR_USER, but this is what |
---|
| 132 | gual returns, so we have to be consistent */ |
---|
| 133 | else if (sqlca.sqlerrd[2] != 1 || id != cl->users_id) |
---|
| 134 | return MR_PERM; |
---|
| 135 | else |
---|
| 136 | return MR_SUCCESS; |
---|
| 137 | } |
---|
| 138 | |
---|
| 139 | |
---|
| 140 | /* access_spob - check access for set_pobox */ |
---|
| 141 | |
---|
| 142 | int access_spob(struct query *q, char *argv[], client *cl) |
---|
| 143 | { |
---|
| 144 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 145 | int id; |
---|
| 146 | EXEC SQL END DECLARE SECTION; |
---|
| 147 | int status; |
---|
| 148 | |
---|
| 149 | if (!strcmp(argv[1], "IMAP")) |
---|
[23178] | 150 | { |
---|
| 151 | EXEC SQL SELECT owner INTO :id FROM filesys f |
---|
| 152 | WHERE f.label = :argv[2] AND f.type = 'IMAP' AND |
---|
| 153 | f.lockertype = 'USER'; |
---|
| 154 | if (cl->users_id != id) |
---|
| 155 | return MR_PERM; |
---|
| 156 | } |
---|
[23095] | 157 | |
---|
| 158 | /* Non-query owners can't forward mail to a POSTOFFICE or MAILHUB server, |
---|
| 159 | * nor to a nonresolving domain. |
---|
| 160 | */ |
---|
| 161 | if (!strcmp(argv[1], "SMTP") || !strcmp(argv[1], "SPLIT")) |
---|
| 162 | { |
---|
| 163 | status = check_mail_string(argv[2]); |
---|
| 164 | if (status) |
---|
| 165 | return status; |
---|
| 166 | } |
---|
[23178] | 167 | |
---|
[23095] | 168 | if (cl->users_id != *(int *)argv[0]) |
---|
| 169 | return MR_PERM; |
---|
| 170 | else |
---|
| 171 | return MR_SUCCESS; |
---|
| 172 | } |
---|
| 173 | |
---|
| 174 | |
---|
| 175 | /* access_list - check access for most list operations |
---|
| 176 | * |
---|
| 177 | * Inputs: argv[0] - list_id |
---|
| 178 | * q - query name |
---|
| 179 | * argv[2] - member ID (only for queries "amtl" and "dmfl") |
---|
| 180 | * argv[7] - group ID (only for query "ulis") |
---|
| 181 | * cl - client name |
---|
| 182 | * |
---|
| 183 | * - check that client is a member of the access control list |
---|
| 184 | * - OR, if the query is add_member_to_list or delete_member_from_list |
---|
| 185 | * and the list is public, allow access if client = member |
---|
| 186 | */ |
---|
| 187 | |
---|
| 188 | int access_list(struct query *q, char *argv[], client *cl) |
---|
| 189 | { |
---|
| 190 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 191 | int list_id, acl_id, flags, gid, users_id, member_id, member_acl_id; |
---|
| 192 | int memacl_id, mailman, mailman_id; |
---|
| 193 | char acl_type[LIST_ACL_TYPE_SIZE], name[LIST_NAME_SIZE], *newname; |
---|
| 194 | char member_acl_type[LIST_ACL_TYPE_SIZE], memacl_type[LIST_ACL_TYPE_SIZE]; |
---|
| 195 | EXEC SQL END DECLARE SECTION; |
---|
| 196 | int status, cnt; |
---|
| 197 | char *buf; |
---|
| 198 | |
---|
| 199 | list_id = *(int *)argv[0]; |
---|
| 200 | member_id = *(int *)argv[2]; |
---|
| 201 | EXEC SQL SELECT acl_id, acl_type, memacl_id, memacl_type, |
---|
| 202 | gid, publicflg, name, mailman, mailman_id |
---|
| 203 | INTO :acl_id, :acl_type, :memacl_id, :memacl_type, |
---|
| 204 | :gid, :flags, :name, :mailman, :mailman_id |
---|
| 205 | FROM list |
---|
| 206 | WHERE list_id = :list_id; |
---|
| 207 | |
---|
| 208 | if (sqlca.sqlerrd[2] != 1) |
---|
| 209 | return MR_INTERNAL; |
---|
| 210 | |
---|
| 211 | /* if update_list, don't allow them to change the GID or rename to a |
---|
| 212 | username other than their own */ |
---|
| 213 | if (!strcmp("ulis", q->shortname)) |
---|
| 214 | { |
---|
| 215 | if (!strcmp(argv[7], UNIQUE_GID)) |
---|
| 216 | { |
---|
| 217 | if (gid != -1) |
---|
| 218 | return MR_PERM; |
---|
| 219 | } |
---|
| 220 | else |
---|
| 221 | { |
---|
| 222 | if (gid != atoi(argv[7])) |
---|
| 223 | return MR_PERM; |
---|
| 224 | } |
---|
| 225 | |
---|
| 226 | newname = argv[1]; |
---|
| 227 | |
---|
| 228 | /* Check that it doesn't conflict with the Grouper namespace. */ |
---|
| 229 | if (strlen(newname) > 4 && isdigit(newname[2]) && |
---|
| 230 | isdigit(newname[3]) && newname[4] == '-') |
---|
| 231 | { |
---|
| 232 | if (!strncasecmp(newname, "fa", 2) || |
---|
| 233 | !strncasecmp(newname, "sp", 2) || |
---|
| 234 | !strncasecmp(newname, "su", 2) || |
---|
| 235 | !strncasecmp(newname, "ja", 2)) |
---|
| 236 | return MR_RESERVED; |
---|
| 237 | } |
---|
| 238 | |
---|
| 239 | /* Don't let anyone take owner-foo list names. They interact |
---|
| 240 | * weirdly with the aliases automatically generated by |
---|
| 241 | * mailhub.gen. |
---|
| 242 | */ |
---|
| 243 | if (!strncasecmp(newname, "owner-", 6)) |
---|
| 244 | return MR_RESERVED; |
---|
| 245 | |
---|
| 246 | EXEC SQL SELECT users_id INTO :users_id FROM users |
---|
| 247 | WHERE login = :newname; |
---|
| 248 | if ((sqlca.sqlcode != SQL_NO_MATCH) && strcmp(strtrim(name), newname) && |
---|
| 249 | (users_id != cl->users_id)) |
---|
| 250 | return MR_PERM; |
---|
| 251 | |
---|
| 252 | /* For modern enough clients, don't allow ordinary users to toggle |
---|
| 253 | * the mailman bit or change the server. |
---|
| 254 | */ |
---|
| 255 | if (q->version >= 10) |
---|
| 256 | { |
---|
| 257 | if (mailman != atoi(argv[9])) |
---|
| 258 | return MR_PERM; |
---|
| 259 | |
---|
| 260 | if (mailman_id != *(int *)argv[10]) |
---|
| 261 | return MR_PERM; |
---|
| 262 | } |
---|
| 263 | } |
---|
| 264 | |
---|
| 265 | /* Don't allow non-query owners to add STRINGs to lists if they end |
---|
| 266 | * in a domain that's MIT.EDU or one of the hosts that provide the |
---|
| 267 | * MAILHUB or POSTOFFICE services. |
---|
| 268 | */ |
---|
| 269 | if (!strcmp(q->shortname, "amtl") || !strcmp(q->shortname, "atml")) |
---|
| 270 | { |
---|
| 271 | if (!strcmp("STRING", argv[1])) |
---|
| 272 | { |
---|
| 273 | buf = malloc(0); |
---|
| 274 | status = id_to_name(*(int *)argv[2], STRINGS_TABLE, &buf); |
---|
| 275 | if (status) |
---|
| 276 | return status; |
---|
| 277 | |
---|
| 278 | status = check_mail_string(buf); |
---|
| 279 | free(buf); |
---|
| 280 | if (status) |
---|
| 281 | return status; |
---|
| 282 | } |
---|
| 283 | } |
---|
| 284 | |
---|
| 285 | /* check for client in access control list and return success right |
---|
| 286 | * away if it's there. */ |
---|
| 287 | if (find_member(acl_type, acl_id, cl)) |
---|
| 288 | return MR_SUCCESS; |
---|
| 289 | |
---|
| 290 | /* If not amtl, atml, or dmfl, we lose. */ |
---|
| 291 | if (strcmp(q->shortname, "amtl") && strcmp(q->shortname, "atml") && |
---|
| 292 | strcmp(q->shortname, "dmfl") && strcmp(q->shortname, "tmol")) |
---|
| 293 | return MR_PERM; |
---|
| 294 | |
---|
| 295 | if (find_member(memacl_type, memacl_id, cl)) |
---|
| 296 | return MR_SUCCESS; |
---|
| 297 | |
---|
[23178] | 298 | if (flags || q->type == MR_Q_DELETE) |
---|
[23095] | 299 | { |
---|
| 300 | if (!strcmp("USER", argv[1]) && *(int *)argv[2] == cl->users_id) |
---|
| 301 | return MR_SUCCESS; |
---|
| 302 | if (!strcmp("KERBEROS", argv[1]) && *(int *)argv[2] == -cl->client_id) |
---|
| 303 | return MR_SUCCESS; |
---|
| 304 | if (!strcmp("LIST", argv[1]) && !strcmp("dmfl", q->shortname)) |
---|
| 305 | { |
---|
| 306 | EXEC SQL SELECT acl_id, acl_type INTO :member_acl_id, |
---|
| 307 | :member_acl_type |
---|
| 308 | FROM list |
---|
| 309 | WHERE list_id = :member_id; |
---|
| 310 | |
---|
| 311 | if (find_member(member_acl_type, member_acl_id, cl)) |
---|
| 312 | return MR_SUCCESS; |
---|
| 313 | } |
---|
| 314 | } |
---|
| 315 | |
---|
| 316 | /* Otherwise fail. */ |
---|
| 317 | return MR_PERM; |
---|
| 318 | } |
---|
| 319 | |
---|
| 320 | |
---|
| 321 | /* access_visible_list - allow access to list only if it is not hidden, |
---|
| 322 | * or if the client is on the ACL |
---|
| 323 | * |
---|
| 324 | * Inputs: argv[0] - list_id |
---|
| 325 | * cl - client identifier |
---|
| 326 | */ |
---|
| 327 | |
---|
| 328 | int access_visible_list(struct query *q, char *argv[], client *cl) |
---|
| 329 | { |
---|
| 330 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 331 | int list_id, acl_id, memacl_id, flags ; |
---|
| 332 | char acl_type[LIST_ACL_TYPE_SIZE], memacl_type[LIST_ACL_TYPE_SIZE]; |
---|
| 333 | EXEC SQL END DECLARE SECTION; |
---|
| 334 | int status; |
---|
| 335 | |
---|
| 336 | list_id = *(int *)argv[0]; |
---|
| 337 | EXEC SQL SELECT hidden, acl_id, acl_type, memacl_id, memacl_type |
---|
| 338 | INTO :flags, :acl_id, :acl_type, :memacl_id, :memacl_type |
---|
| 339 | FROM list |
---|
| 340 | WHERE list_id = :list_id; |
---|
| 341 | if (sqlca.sqlerrd[2] != 1) |
---|
| 342 | return MR_INTERNAL; |
---|
| 343 | if (!flags) |
---|
| 344 | return MR_SUCCESS; |
---|
| 345 | |
---|
| 346 | /* check for client in access control list */ |
---|
| 347 | status = find_member(acl_type, acl_id, cl); |
---|
| 348 | if (!status) |
---|
| 349 | { |
---|
| 350 | status = find_member(memacl_type, memacl_id, cl); |
---|
| 351 | if (!status) |
---|
| 352 | return MR_PERM; |
---|
| 353 | } |
---|
| 354 | return MR_SUCCESS; |
---|
| 355 | } |
---|
| 356 | |
---|
| 357 | |
---|
| 358 | /* access_vis_list_by_name - allow access to list only if it is not hidden, |
---|
| 359 | * or if the client is on the ACL |
---|
| 360 | * |
---|
| 361 | * Inputs: argv[0] - list name |
---|
| 362 | * cl - client identifier |
---|
| 363 | */ |
---|
| 364 | |
---|
| 365 | int access_vis_list_by_name(struct query *q, char *argv[], client *cl) |
---|
| 366 | { |
---|
| 367 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 368 | int acl_id, memacl_id, flags, rowcount, list_id; |
---|
| 369 | char acl_type[LIST_ACL_TYPE_SIZE], memacl_type[LIST_ACL_TYPE_SIZE]; |
---|
| 370 | char *listname; |
---|
| 371 | EXEC SQL END DECLARE SECTION; |
---|
| 372 | int status; |
---|
| 373 | |
---|
| 374 | listname = argv[0]; |
---|
| 375 | EXEC SQL SELECT hidden, acl_id, acl_type, memacl_id, memacl_type, list_id |
---|
| 376 | INTO :flags, :acl_id, :acl_type, :memacl_id, :memacl_type, :list_id |
---|
| 377 | FROM list |
---|
| 378 | WHERE name = :listname; |
---|
| 379 | |
---|
| 380 | rowcount = sqlca.sqlerrd[2]; |
---|
| 381 | if (rowcount > 1) |
---|
| 382 | return MR_WILDCARD; |
---|
| 383 | if (rowcount == 0) |
---|
| 384 | return MR_NO_MATCH; |
---|
| 385 | if (!flags) |
---|
| 386 | return MR_SUCCESS; |
---|
| 387 | |
---|
| 388 | /* If the user is a member of the acl, memacl, or the list itself, |
---|
| 389 | * accept them. |
---|
| 390 | */ |
---|
| 391 | status = find_member(acl_type, acl_id, cl); |
---|
| 392 | if (!status) |
---|
| 393 | status = find_member(memacl_type, memacl_id, cl); |
---|
| 394 | if (!status) |
---|
| 395 | status = find_member("LIST", list_id, cl); |
---|
| 396 | if (!status) |
---|
| 397 | return MR_PERM; |
---|
| 398 | |
---|
| 399 | return MR_SUCCESS; |
---|
| 400 | } |
---|
| 401 | |
---|
| 402 | |
---|
| 403 | /* access_member - allow user to access member of type "USER" and name matches |
---|
| 404 | * username, or to access member of type "KERBEROS" and the principal matches |
---|
| 405 | * the user, or to access member of type "LIST" and list is one that user is |
---|
| 406 | * on the acl of, or the list is visible. Allow anyone to look up list |
---|
| 407 | * memberships of MACHINEs. |
---|
| 408 | */ |
---|
| 409 | |
---|
| 410 | int access_member(struct query *q, char *argv[], client *cl) |
---|
| 411 | { |
---|
| 412 | if (!strcmp(argv[0], "LIST") || !strcmp(argv[0], "RLIST")) |
---|
| 413 | return access_visible_list(q, &argv[1], cl); |
---|
| 414 | |
---|
| 415 | if (!strcmp(argv[0], "USER") || !strcmp(argv[0], "RUSER")) |
---|
| 416 | { |
---|
| 417 | if (cl->users_id == *(int *)argv[1]) |
---|
| 418 | return MR_SUCCESS; |
---|
| 419 | } |
---|
| 420 | |
---|
| 421 | if (!strcmp(argv[0], "KERBEROS") || !strcmp(argv[0], "RKERBEROS")) |
---|
| 422 | { |
---|
| 423 | if (cl->client_id == -*(int *)argv[1]) |
---|
| 424 | return MR_SUCCESS; |
---|
| 425 | } |
---|
| 426 | |
---|
| 427 | if (!strcmp(argv[0], "MACHINE") || !strcmp(argv[0], "RMACHINE")) |
---|
| 428 | return MR_SUCCESS; |
---|
| 429 | |
---|
| 430 | return MR_PERM; |
---|
| 431 | } |
---|
| 432 | |
---|
| 433 | |
---|
| 434 | /* access_qgli - special access routine for Qualified_get_lists. Allows |
---|
| 435 | * access iff argv[0] == "TRUE" and argv[2] == "FALSE". |
---|
| 436 | */ |
---|
| 437 | |
---|
| 438 | int access_qgli(struct query *q, char *argv[], client *cl) |
---|
| 439 | { |
---|
| 440 | if (!strcmp(argv[0], "TRUE") && !strcmp(argv[2], "FALSE")) |
---|
| 441 | return MR_SUCCESS; |
---|
| 442 | return MR_PERM; |
---|
| 443 | } |
---|
| 444 | |
---|
| 445 | |
---|
| 446 | /* access_service - allow access if user is on ACL of service. Don't |
---|
| 447 | * allow access if a wildcard is used. |
---|
| 448 | */ |
---|
| 449 | |
---|
| 450 | int access_service(struct query *q, char *argv[], client *cl) |
---|
| 451 | { |
---|
| 452 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 453 | int acl_id; |
---|
| 454 | char *name, acl_type[LIST_ACL_TYPE_SIZE]; |
---|
| 455 | EXEC SQL END DECLARE SECTION; |
---|
| 456 | int status; |
---|
| 457 | char *c; |
---|
| 458 | |
---|
| 459 | name = argv[0]; |
---|
| 460 | for (c = name; *c; c++) |
---|
| 461 | { |
---|
| 462 | if (islower(*c)) |
---|
| 463 | *c = toupper(*c); |
---|
| 464 | } |
---|
| 465 | EXEC SQL SELECT acl_id, acl_type INTO :acl_id, :acl_type FROM servers |
---|
| 466 | WHERE name = :name; |
---|
| 467 | if (sqlca.sqlerrd[2] > 1) |
---|
| 468 | return MR_PERM; |
---|
| 469 | |
---|
| 470 | /* check for client in access control list */ |
---|
| 471 | status = find_member(acl_type, acl_id, cl); |
---|
| 472 | if (!status) |
---|
| 473 | return MR_PERM; |
---|
| 474 | |
---|
| 475 | return MR_SUCCESS; |
---|
| 476 | } |
---|
| 477 | |
---|
| 478 | |
---|
| 479 | /* access_filesys - verify that client is owner or on owners list of filesystem |
---|
| 480 | * named by argv[0] |
---|
| 481 | */ |
---|
| 482 | |
---|
| 483 | int access_filesys(struct query *q, char *argv[], client *cl) |
---|
| 484 | { |
---|
| 485 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 486 | int users_id, list_id; |
---|
| 487 | char *name; |
---|
| 488 | EXEC SQL END DECLARE SECTION; |
---|
| 489 | int status; |
---|
| 490 | |
---|
| 491 | name = argv[0]; |
---|
| 492 | EXEC SQL SELECT owner, owners INTO :users_id, :list_id FROM filesys |
---|
| 493 | WHERE label = :name; |
---|
| 494 | |
---|
| 495 | if (sqlca.sqlerrd[2] != 1) |
---|
| 496 | return MR_PERM; |
---|
| 497 | if (users_id == cl->users_id) |
---|
| 498 | return MR_SUCCESS; |
---|
| 499 | status = find_member("LIST", list_id, cl); |
---|
| 500 | if (status) |
---|
| 501 | return MR_SUCCESS; |
---|
| 502 | else |
---|
| 503 | return MR_PERM; |
---|
| 504 | } |
---|
| 505 | |
---|
| 506 | |
---|
| 507 | /* access_host - successful if owner of host, or subnet containing host |
---|
| 508 | */ |
---|
| 509 | |
---|
| 510 | int access_host(struct query *q, char *argv[], client *cl) |
---|
| 511 | { |
---|
| 512 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 513 | int mid, sid, id, subnet_status; |
---|
| 514 | char mtype[MACHINE_OWNER_TYPE_SIZE], stype[SUBNET_OWNER_TYPE_SIZE]; |
---|
| 515 | char *account_number; |
---|
| 516 | EXEC SQL END DECLARE SECTION; |
---|
| 517 | int status, idx; |
---|
| 518 | |
---|
| 519 | if (q->version < 6) |
---|
| 520 | idx = 0; |
---|
| 521 | else if (q->version >= 6 && q->version < 8) |
---|
| 522 | idx = 1; |
---|
| 523 | else |
---|
| 524 | idx = 2; |
---|
| 525 | |
---|
[23178] | 526 | if (q->type == MR_Q_APPEND) |
---|
[23095] | 527 | { |
---|
| 528 | /* Non-query owner must set use to zero */ |
---|
| 529 | if (atoi(argv[6 + idx]) != 0) |
---|
| 530 | return MR_PERM; |
---|
| 531 | |
---|
| 532 | /* ... and start the hostname with a letter */ |
---|
| 533 | if (isdigit(argv[0][0])) |
---|
| 534 | return MR_BAD_CHAR; |
---|
| 535 | |
---|
| 536 | id = *(int *)argv[8 + idx]; |
---|
| 537 | EXEC SQL SELECT s.owner_type, s.owner_id, s.status |
---|
| 538 | INTO :stype, :sid, :subnet_status FROM subnet s |
---|
| 539 | WHERE s.snet_id = :id; |
---|
| 540 | mid = 0; |
---|
| 541 | |
---|
| 542 | /* Non query owner must provide valid billing information. */ |
---|
| 543 | if (q->version >= 8) |
---|
| 544 | { |
---|
| 545 | if (subnet_status == SNET_STATUS_BILLABLE) |
---|
| 546 | { |
---|
| 547 | account_number = argv[7]; |
---|
| 548 | EXEC SQL SELECT account_number FROM accountnumbers |
---|
| 549 | WHERE account_number = :account_number; |
---|
| 550 | if (sqlca.sqlcode == SQL_NO_MATCH) |
---|
| 551 | return MR_ACCOUNT_NUMBER; |
---|
| 552 | } |
---|
| 553 | } |
---|
| 554 | |
---|
| 555 | if (find_member(stype, sid, cl)) |
---|
| 556 | return MR_SUCCESS; |
---|
| 557 | else |
---|
| 558 | return MR_PERM; |
---|
| 559 | } |
---|
[23178] | 560 | else /* q-type == MR_Q_UPDATE */ |
---|
[23095] | 561 | { |
---|
| 562 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 563 | int status, acomment, use, ocomment, snid; |
---|
| 564 | char contact[MACHINE_CONTACT_SIZE], address[MACHINE_ADDRESS_SIZE]; |
---|
| 565 | char name[MACHINE_NAME_SIZE]; |
---|
| 566 | char billing_contact[MACHINE_BILLING_CONTACT_SIZE]; |
---|
| 567 | EXEC SQL END DECLARE SECTION; |
---|
| 568 | |
---|
| 569 | id = *(int *)argv[0]; |
---|
| 570 | EXEC SQL SELECT m.name, m.use, m.contact, m.billing_contact, m.status, |
---|
| 571 | m.address, m.owner_type, m.owner_id, m.acomment, m.ocomment, m.snet_id, |
---|
| 572 | s.owner_type, s.owner_id, s.status INTO :name, :use, :contact, |
---|
| 573 | :billing_contact, :status, :address, :mtype, :mid, :acomment, |
---|
| 574 | :ocomment, :snid, :stype, :sid, :subnet_status |
---|
| 575 | FROM machine m, subnet s |
---|
| 576 | WHERE m.mach_id = :id AND s.snet_id = m.snet_id; |
---|
| 577 | if (dbms_errno) |
---|
| 578 | return mr_errcode; |
---|
| 579 | |
---|
| 580 | /* Non query owner must provide valid billing information. */ |
---|
| 581 | if (q->version >= 8) |
---|
| 582 | { |
---|
| 583 | if ((subnet_status == SNET_STATUS_BILLABLE) && |
---|
| 584 | (atoi(argv[10]) != 3)) |
---|
| 585 | { |
---|
| 586 | account_number = argv[8]; |
---|
| 587 | EXEC SQL SELECT account_number FROM accountnumbers |
---|
| 588 | WHERE account_number = :account_number; |
---|
| 589 | if (sqlca.sqlcode == SQL_NO_MATCH) |
---|
| 590 | return MR_ACCOUNT_NUMBER; |
---|
| 591 | } |
---|
| 592 | } |
---|
| 593 | |
---|
| 594 | /* non-query-owner cannot change use or ocomment */ |
---|
| 595 | if ((use != atoi(argv[7 + idx])) || (ocomment != *(int *)argv[14 + idx])) |
---|
| 596 | return MR_PERM; |
---|
| 597 | |
---|
| 598 | /* or rename to start with digit */ |
---|
| 599 | if (isdigit(argv[1][0]) && strcmp(strtrim(name), argv[1])) |
---|
| 600 | return MR_BAD_CHAR; |
---|
| 601 | |
---|
| 602 | if (!find_member(stype, sid, cl)) |
---|
| 603 | { |
---|
| 604 | if (find_member(mtype, mid, cl)) |
---|
| 605 | { |
---|
| 606 | /* host owner also cannot change contact, status, address, |
---|
| 607 | owner, or acomment */ |
---|
| 608 | if (strcmp(argv[6], strtrim(contact)) || |
---|
| 609 | (status != atoi(argv[8 + idx])) || |
---|
| 610 | strcmp(argv[10 + idx], strtrim(address)) || |
---|
| 611 | strcmp(argv[11 + idx], strtrim(mtype)) || |
---|
| 612 | (mid != *(int *)argv[12 + idx]) || |
---|
| 613 | (acomment != *(int *)argv[13 + idx])) |
---|
| 614 | return MR_PERM; |
---|
| 615 | /* Billing contact field didn't appear until version 6 */ |
---|
| 616 | if (q->version >= 6) |
---|
| 617 | if (strcmp(argv[7], strtrim(billing_contact))) |
---|
| 618 | return MR_PERM; |
---|
| 619 | } |
---|
| 620 | else |
---|
| 621 | return MR_PERM; |
---|
| 622 | } |
---|
| 623 | |
---|
| 624 | /* If moving to a new subnet, make sure user is on acl there */ |
---|
| 625 | id = *(int *)argv[9 + idx]; |
---|
| 626 | if (id != snid) |
---|
| 627 | { |
---|
| 628 | EXEC SQL SELECT owner_type, owner_id INTO :stype, :sid |
---|
| 629 | FROM subnet WHERE snet_id=:id; |
---|
| 630 | if (!find_member(stype, sid, cl)) |
---|
| 631 | return MR_PERM; |
---|
| 632 | } |
---|
| 633 | |
---|
| 634 | return MR_SUCCESS; |
---|
| 635 | } |
---|
| 636 | } |
---|
| 637 | |
---|
| 638 | |
---|
| 639 | /* access_ahal - check for adding a host alias. |
---|
| 640 | * successful if host has less then 2 aliases and (client is owner of |
---|
| 641 | * host or subnet). |
---|
| 642 | * If deleting an alias, any owner will do. |
---|
| 643 | */ |
---|
| 644 | |
---|
| 645 | int access_ahal(struct query *q, char *argv[], client *cl) |
---|
| 646 | { |
---|
| 647 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 648 | int cnt, id, mid, sid; |
---|
| 649 | char mtype[MACHINE_OWNER_TYPE_SIZE], stype[SUBNET_OWNER_TYPE_SIZE]; |
---|
| 650 | EXEC SQL END DECLARE SECTION; |
---|
| 651 | int status; |
---|
| 652 | |
---|
[23178] | 653 | if (q->type == MR_Q_RETRIEVE) |
---|
[23095] | 654 | return MR_SUCCESS; |
---|
| 655 | |
---|
| 656 | id = *(int *)argv[1]; |
---|
| 657 | |
---|
[23178] | 658 | if (q->type == MR_Q_APPEND && isdigit(argv[0][0])) |
---|
[23095] | 659 | return MR_BAD_CHAR; |
---|
| 660 | |
---|
| 661 | EXEC SQL SELECT count(name) INTO :cnt from hostalias WHERE mach_id = :id; |
---|
| 662 | if (dbms_errno) |
---|
| 663 | return mr_errcode; |
---|
[23178] | 664 | /* if the type is MR_Q_APPEND, this is ahal and we need to make sure there |
---|
[23095] | 665 | * will be no more than 2 aliases. If it's not, it must be dhal and |
---|
| 666 | * any owner will do. |
---|
| 667 | */ |
---|
[23178] | 668 | if (q->type == MR_Q_APPEND && cnt >= 2) |
---|
[23095] | 669 | return MR_PERM; |
---|
| 670 | EXEC SQL SELECT m.owner_type, m.owner_id, s.owner_type, s.owner_id |
---|
| 671 | INTO :mtype, :mid, :stype, :sid FROM machine m, subnet s |
---|
| 672 | WHERE m.mach_id = :id and s.snet_id = m.snet_id; |
---|
| 673 | status = find_member(mtype, mid, cl); |
---|
| 674 | if (status) |
---|
| 675 | return MR_SUCCESS; |
---|
| 676 | status = find_member(stype, sid, cl); |
---|
| 677 | if (status) |
---|
| 678 | return MR_SUCCESS; |
---|
| 679 | else |
---|
| 680 | return MR_PERM; |
---|
| 681 | } |
---|
| 682 | |
---|
| 683 | |
---|
| 684 | /* access_snt - check for retrieving network structure |
---|
| 685 | */ |
---|
| 686 | |
---|
| 687 | int access_snt(struct query *q, char *argv[], client *cl) |
---|
| 688 | { |
---|
[23178] | 689 | if (q->type == MR_Q_RETRIEVE) |
---|
[23095] | 690 | return MR_SUCCESS; |
---|
| 691 | |
---|
| 692 | return MR_PERM; |
---|
| 693 | } |
---|
| 694 | |
---|
| 695 | |
---|
| 696 | /* access_printer */ |
---|
| 697 | int access_printer(struct query *q, char *argv[], client *cl) |
---|
| 698 | { |
---|
| 699 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 700 | char type[PRINTSERVERS_OWNER_TYPE_SIZE]; |
---|
| 701 | int id, mach_id; |
---|
| 702 | EXEC SQL END DECLARE SECTION; |
---|
| 703 | int status; |
---|
| 704 | |
---|
| 705 | mach_id = *(int *)argv[PRN_RM]; |
---|
| 706 | EXEC SQL SELECT owner_type, owner_id INTO :type, :id |
---|
| 707 | FROM printservers WHERE mach_id = :mach_id; |
---|
| 708 | if (sqlca.sqlcode) |
---|
| 709 | return MR_PERM; |
---|
| 710 | |
---|
| 711 | status = find_member(type, id, cl); |
---|
| 712 | if (status) |
---|
| 713 | return MR_SUCCESS; |
---|
| 714 | else |
---|
| 715 | return MR_PERM; |
---|
| 716 | } |
---|
| 717 | |
---|
| 718 | /* access_zephyr */ |
---|
| 719 | int access_zephyr(struct query *q, char *argv[], client *cl) |
---|
| 720 | { |
---|
| 721 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 722 | char type[ZEPHYR_OWNER_TYPE_SIZE]; |
---|
| 723 | char *class; |
---|
| 724 | int id; |
---|
| 725 | EXEC SQL END DECLARE SECTION; |
---|
| 726 | int status; |
---|
| 727 | |
---|
| 728 | class = argv[ZA_CLASS]; |
---|
| 729 | EXEC SQL SELECT owner_type, owner_id INTO :type, :id |
---|
| 730 | FROM zephyr WHERE class = :class; |
---|
| 731 | if (sqlca.sqlcode) |
---|
| 732 | return MR_PERM; |
---|
| 733 | |
---|
| 734 | status = find_member(type, id, cl); |
---|
| 735 | if (status) |
---|
| 736 | return MR_SUCCESS; |
---|
| 737 | else |
---|
| 738 | return MR_PERM; |
---|
| 739 | } |
---|
| 740 | |
---|
| 741 | /* access_container - check access for most container operations |
---|
| 742 | * |
---|
| 743 | * Inputs: argv[0] - cnt_id |
---|
| 744 | * q - query name |
---|
| 745 | * cl - client name |
---|
| 746 | * |
---|
| 747 | * - check if that client is a member of the access control list |
---|
| 748 | * - OR, if the query is add_machine_to_container or delete_machine_from_container |
---|
| 749 | * check if the client is a memeber of the mem_acl list |
---|
| 750 | * - if the query is update_container and the container is to be renamed and |
---|
| 751 | * it is a top-level container, only priviledged users can do it |
---|
| 752 | */ |
---|
| 753 | |
---|
| 754 | int access_container(struct query *q, char *argv[], client *cl) |
---|
| 755 | { |
---|
| 756 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 757 | int cnt_id, acl_id, memacl_id, mach_id, machine_owner_id, flag; |
---|
| 758 | char acl_type[CONTAINERS_ACL_TYPE_SIZE], memacl_type[CONTAINERS_ACL_TYPE_SIZE]; |
---|
| 759 | char name[CONTAINERS_NAME_SIZE], *newname; |
---|
| 760 | char machine_owner_type[MACHINE_OWNER_TYPE_SIZE]; |
---|
| 761 | EXEC SQL END DECLARE SECTION; |
---|
| 762 | int status; |
---|
| 763 | |
---|
| 764 | cnt_id = *(int *)argv[0]; |
---|
| 765 | |
---|
| 766 | /* if amcn or dmcn, container id is the second argument */ |
---|
| 767 | if (strcmp(q->shortname, "amcn") == 0 || strcmp(q->shortname, "dmcn") == 0) |
---|
| 768 | { |
---|
| 769 | mach_id = *(int *)argv[0]; |
---|
| 770 | cnt_id = *(int *)argv[1]; |
---|
| 771 | } |
---|
| 772 | |
---|
| 773 | EXEC SQL SELECT acl_id, acl_type, memacl_id, memacl_type, name, publicflg |
---|
| 774 | INTO :acl_id, :acl_type, :memacl_id, :memacl_type, :name, :flag |
---|
| 775 | FROM containers |
---|
| 776 | WHERE cnt_id = :cnt_id; |
---|
| 777 | |
---|
| 778 | if (sqlca.sqlerrd[2] != 1) |
---|
| 779 | return MR_INTERNAL; |
---|
| 780 | |
---|
| 781 | /* trim off the trailing spaces */ |
---|
| 782 | strcpy(name, strtrim(name)); |
---|
| 783 | |
---|
| 784 | /* Only dbadmin can rename containers. */ |
---|
| 785 | if (!strcmp(q->shortname, "ucon")) |
---|
| 786 | { |
---|
| 787 | newname = argv[1]; |
---|
| 788 | if (strcmp(name, newname)) |
---|
| 789 | return MR_PERM; |
---|
| 790 | } |
---|
| 791 | |
---|
| 792 | /* check for client in access control list and return success right |
---|
| 793 | * away if it's there. */ |
---|
| 794 | if (find_member(acl_type, acl_id, cl)) |
---|
| 795 | return MR_SUCCESS; |
---|
| 796 | |
---|
| 797 | /* If not amcn, dmcn, we lose. */ |
---|
| 798 | if (strcmp(q->shortname, "amcn") && strcmp(q->shortname, "dmcn")) |
---|
| 799 | return MR_PERM; |
---|
| 800 | |
---|
| 801 | if (find_member(memacl_type, memacl_id, cl)) |
---|
| 802 | return MR_SUCCESS; |
---|
| 803 | |
---|
| 804 | /* if the container is public or the query is delete, grant access if client |
---|
| 805 | * is on owner list */ |
---|
[23178] | 806 | if (flag || q->type == MR_Q_DELETE) |
---|
[23095] | 807 | { |
---|
| 808 | EXEC SQL SELECT owner_type, owner_id INTO :machine_owner_type, |
---|
| 809 | :machine_owner_id |
---|
| 810 | FROM machine |
---|
| 811 | WHERE mach_id = :mach_id; |
---|
| 812 | |
---|
| 813 | if (sqlca.sqlerrd[2] == 1 && strcmp("NONE", machine_owner_type) && |
---|
| 814 | find_member(machine_owner_type, machine_owner_id, cl)) |
---|
| 815 | return MR_SUCCESS; |
---|
| 816 | } |
---|
| 817 | /* Otherwise fail. */ |
---|
| 818 | return MR_PERM; |
---|
| 819 | } |
---|
| 820 | |
---|
| 821 | int check_mail_string(char *mailstring) |
---|
| 822 | { |
---|
| 823 | EXEC SQL BEGIN DECLARE SECTION; |
---|
| 824 | char mname[MACHINE_NAME_SIZE]; |
---|
| 825 | EXEC SQL END DECLARE SECTION; |
---|
| 826 | char *p, *host, *hostdomain; |
---|
| 827 | struct hostent *hp; |
---|
| 828 | struct mxentry *mxrecords = NULL; |
---|
| 829 | int index; |
---|
| 830 | |
---|
| 831 | p = strchr(mailstring, '@'); |
---|
| 832 | if (p) |
---|
| 833 | { |
---|
| 834 | host = strdup(++p); |
---|
| 835 | |
---|
| 836 | /* Replace .LOCAL at end of host with .MIT.EDU if needed. */ |
---|
| 837 | hostdomain = strrchr(host, '.'); |
---|
| 838 | if (hostdomain && !strcasecmp(hostdomain, ".LOCAL")) |
---|
| 839 | { |
---|
| 840 | index = hostdomain - host; |
---|
| 841 | host[index] = '\0'; |
---|
| 842 | host = realloc(host, strlen(host) + strlen(".MIT.EDU") + 1); |
---|
| 843 | strcat(host, ".MIT.EDU"); |
---|
| 844 | } |
---|
| 845 | |
---|
| 846 | hp = gethostbyname(host); |
---|
| 847 | if (hp) |
---|
| 848 | { |
---|
| 849 | host = realloc(host, strlen(hp->h_name) + 1); |
---|
| 850 | if (host) |
---|
| 851 | strcpy(host, hp->h_name); |
---|
| 852 | } |
---|
| 853 | else |
---|
| 854 | { |
---|
| 855 | /* Possibly a host with no A record but MX records. Check. */ |
---|
| 856 | mxrecords = getmxrecords(host); |
---|
| 857 | if (!mxrecords) |
---|
| 858 | return MR_BAD_MAIL_STRING; |
---|
| 859 | else |
---|
| 860 | return MR_SUCCESS; |
---|
| 861 | } |
---|
| 862 | |
---|
| 863 | if (!strcasecmp(host, "MIT.EDU")) |
---|
| 864 | { |
---|
| 865 | free(host); |
---|
| 866 | return MR_BAD_MAIL_STRING; |
---|
| 867 | } |
---|
| 868 | |
---|
| 869 | EXEC SQL DECLARE csr_listmem CURSOR FOR |
---|
| 870 | SELECT UNIQUE m.name FROM machine m, serverhosts sh |
---|
| 871 | WHERE m.mach_id = sh.mach_id |
---|
| 872 | AND (sh.service = 'MAILHUB' or sh.service = 'POSTOFFICE'); |
---|
| 873 | if (dbms_errno) |
---|
| 874 | { |
---|
| 875 | free(host); |
---|
| 876 | return mr_errcode; |
---|
| 877 | } |
---|
| 878 | EXEC SQL OPEN csr_listmem; |
---|
| 879 | if (dbms_errno) |
---|
| 880 | { |
---|
| 881 | free(host); |
---|
| 882 | return mr_errcode; |
---|
| 883 | } |
---|
| 884 | while (1) |
---|
| 885 | { |
---|
| 886 | EXEC SQL FETCH csr_listmem INTO :mname; |
---|
| 887 | if (sqlca.sqlcode) |
---|
| 888 | break; |
---|
| 889 | |
---|
| 890 | if (!strcasecmp(host, strtrim(mname))) |
---|
| 891 | { |
---|
| 892 | free(host); |
---|
| 893 | return MR_BAD_MAIL_STRING; |
---|
| 894 | } |
---|
| 895 | } |
---|
| 896 | free(host); |
---|
| 897 | } |
---|
| 898 | |
---|
| 899 | return MR_SUCCESS; |
---|
| 900 | } |
---|
| 901 | |
---|
| 902 | /* |
---|
| 903 | * This ought to be in the bind library. It's adapted from sendmail. |
---|
| 904 | */ |
---|
| 905 | |
---|
| 906 | /* |
---|
| 907 | * These are defined in RFC833. Some bind interface headers don't declare them. |
---|
| 908 | * Ghod help us if they're ever actually incompatible with what's in |
---|
| 909 | * the arpa/nameser.h header. |
---|
| 910 | */ |
---|
| 911 | #ifndef PACKETSZ |
---|
| 912 | #define PACKETSZ 512 /* maximum packet size */ |
---|
| 913 | #endif |
---|
| 914 | #ifndef HFIXEDSZ |
---|
| 915 | #define HFIXEDSZ 12 /* #/bytes of fixed data in header */ |
---|
| 916 | #endif |
---|
| 917 | #ifndef INT32SZ |
---|
| 918 | #define INT32SZ 4 /* for systems without 32-bit ints */ |
---|
| 919 | #endif |
---|
| 920 | #ifndef INT16SZ |
---|
| 921 | #define INT16SZ 2 /* for systems without 16-bit ints */ |
---|
| 922 | #endif |
---|
| 923 | |
---|
| 924 | /* minimum possible size of MX record in packet */ |
---|
| 925 | #define MIN_MX_SIZE 8 /* corresp to "a.com 0" w/ terminating space */ |
---|
| 926 | |
---|
| 927 | struct mxentry *getmxrecords(const char *name) |
---|
| 928 | { |
---|
| 929 | char answer[PACKETSZ], *eom, *cp, *bp; |
---|
| 930 | int n, ancount, qdcount, buflen, type, pref, ind; |
---|
| 931 | static struct mxentry pmx[(PACKETSZ - HFIXEDSZ) / MIN_MX_SIZE]; |
---|
| 932 | static char MXHostBuf[PACKETSZ - HFIXEDSZ]; |
---|
| 933 | HEADER *hp; |
---|
| 934 | |
---|
| 935 | pmx->name = (char *)NULL; |
---|
| 936 | pmx->pref = -1; |
---|
| 937 | n = res_search(name, C_IN,T_MX, (unsigned char *)&answer, sizeof(answer)); |
---|
| 938 | if (n == -1) |
---|
| 939 | return((struct mxentry *)NULL); |
---|
| 940 | if ((size_t)n > sizeof(answer)) |
---|
| 941 | n = sizeof(answer); |
---|
| 942 | |
---|
| 943 | hp = (HEADER *)&answer; |
---|
| 944 | cp = answer + HFIXEDSZ; |
---|
| 945 | eom = answer + n; |
---|
| 946 | h_errno = 0; |
---|
| 947 | for (qdcount = ntohs(hp->qdcount); qdcount--; cp += n + QFIXEDSZ) |
---|
| 948 | if ((n = dn_skipname((unsigned char *)cp, (unsigned char *)eom)) < 0) |
---|
| 949 | return((struct mxentry *)NULL); |
---|
| 950 | buflen = sizeof(MXHostBuf) - 1; |
---|
| 951 | bp = MXHostBuf; |
---|
| 952 | ind = 0; |
---|
| 953 | ancount = ntohs(hp->ancount); |
---|
| 954 | while (--ancount >= 0 && cp < eom) |
---|
| 955 | { |
---|
| 956 | if ((n = dn_expand((unsigned char *)answer, (unsigned char *)eom, |
---|
| 957 | (unsigned char *)cp, bp, buflen)) < 0) |
---|
| 958 | break; |
---|
| 959 | cp += n; |
---|
| 960 | GETSHORT(type, cp); |
---|
| 961 | cp += INT16SZ + INT32SZ; |
---|
| 962 | GETSHORT(n, cp); |
---|
| 963 | if (type != T_MX) |
---|
| 964 | { |
---|
| 965 | cp += n; |
---|
| 966 | continue; |
---|
| 967 | } |
---|
| 968 | GETSHORT(pref, cp); |
---|
| 969 | if ((n = dn_expand((unsigned char *)answer, (unsigned char *)eom, |
---|
| 970 | (unsigned char *)cp, bp, buflen)) < 0) |
---|
| 971 | break; |
---|
| 972 | cp += n; |
---|
| 973 | |
---|
| 974 | pmx[ind].name = bp; |
---|
| 975 | pmx[ind].pref = pref; |
---|
| 976 | ++ind; |
---|
| 977 | |
---|
| 978 | n = strlen((const char *)bp); |
---|
| 979 | bp += n; |
---|
| 980 | *bp++ = '\0'; |
---|
| 981 | |
---|
| 982 | buflen -= n + 1; |
---|
| 983 | } |
---|
| 984 | |
---|
| 985 | pmx[ind].name = (char *)NULL; |
---|
| 986 | pmx[ind].pref = -1; |
---|
| 987 | return(pmx); |
---|
| 988 | } |
---|