home *** CD-ROM | disk | FTP | other *** search
- .title k11lcl do things for site specific stuff
- .ident /1.2.01/
-
-
-
- .if ndf, K11INC
- .ift
- .include /IN:K11MAC.MAC/
- .endc
-
-
- .psect $code
-
-
- ; 18-Jan-84 11:27:39 Brian Nelson
- ; 22-Mar-84 15:46:51 BDN rewrite for tkb/onlpat patching
-
-
-
- .sbttl okuser
-
-
- ; input: 2(sp) address of an .asciz string containing the first
- ; three (3) characters of the current command name.
- ; output: nothing
- ;
- ; You have the option (see K11CDF.MAC for the $NAME macro) of either
- ; doing a MOV (SP)+,@SP and a RETURN (accepting the command) or of
- ; doing a CMP (SP)+,(SP)+ and a RETURN (rejecting the command).
- ;
-
-
-
-
-
- okuser::mov 2(sp) ,r0
- mov #clist ,r2 ; point to the protection byte
-
- 10$: tstb 1(r2) ; if the text is null, we are done
- beq 100$ ; bye
- tstb @r2 ; if the protection byte is null,
- beq 50$ ; then skip this entry
- cmpb 1(r2) ,@r0 ; check for a match on this entry
- bne 50$ ; no match
- cmpb 2(r2) ,1(r0) ; check byte number 2
- bne 50$ ; no match
- cmpb 3(r2) ,2(r0) ; check byte number 2
- bne 50$ ; no match
-
- call getuic ; get the ppn
- tst ...uic ; check based on the group number?
- beq 20$ ; no
- swab r0 ; yes, get group number over please
- cmpb r0 ,...uic+0 ; check it out now
- blos 30$ ; it's ok
- br 90$ ; it's not, exit with error
-
-
- 20$: tst ...uic+2 ; no, try checks based on programmer #
- beq 30$ ; no checks exit with success
- cmpb r0 ,...uic+2 ; check based on this now
- blos 30$ ; it's ok, exit
- br 90$ ; it's not ok, exit
-
- 30$: call getuic ; last check is to see if the command
- swab r0 ; itself is restricted based on group #
- cmpb r0 ,@r2 ; by checking the protection byte for a
- bhi 90$ ; group number match. if >, then error
- br 100$ ; it's ok, exit
-
- 50$: add #4 ,r2 ; point to the next table entry
- br 10$ ; next please
-
-
- 90$: print #rs ; a match, disallow the command
- cmp (sp)+ ,(sp)+
- return
- 100$: mov (sp)+ ,@sp
- return
-
-
- .save
- .psect $PDATA ,D
- rs: .asciz /Access not allowed to this command/<cr><lf>
- .even
- .restore
-
- global <getuic>
-
-
-
-
- .sbttl the list of commands to check
- .psect $pdata
-
-
- ; To enable checks, patch the first byte from 0 to 377.
- ; For example, to make the DIR command unavailable to
- ; non-priv users, patch ..$DIR byte offset 0 from 0 to
- ; 377 octal.
- ; Also, please note that the first check will be based
- ; on project (group) number as a check lower or same.
- ; If ...uic+0 = 0 then that check is skipped in favor
- ; of checking the programmer number in ...uic+2. If
- ; that is zero, then no checking will be done.
- ;
- ;
- ; As in:
- ;
- ;
- ; procedure check_commands
- ;
- ; i := 0 ;
- ; found_a_match := false ;
- ; while ( clist[i][1] <> 0 ) and not found_a_match
- ; do
- ; begin
- ; if clist[i][0] <> 0
- ; then
- ; found_a_match := cmd_name[0] = clist[i][1]
- ; and cmd_name[1] = clist[i][2]
- ; and cmd_name[2] = clist[i][3] ;
- ; i := succ(i) ;
- ; end ;
- ; bad_command := false ;
- ; if found_a_match
- ; then
- ; if (...uic <> 0 ) and ( group_number > ...uic )
- ; then bad_command := true
- ; else
- ; if (...uic+2 <> 0 ) and ( programmer_number > ...uic+2 )
- ; then bad_command := true ;
- ; if not bad_command
- ; then
- ; if ( group_number > clist[i][0]
- ; then bad_command := true
- ;
- ; end ;
- ;
- ;
-
- ...uic::.word 0 ; no checks on group number
- .word 0 ; no checks on user number
-
- clist:
- ..$bye::.ascii <000>/BYE/ ; BYE
- ..$com::.ascii <000>/COM/ ; COMMENT
- ..$con::.ascii <000>/CON/ ; CONNECT
- ..$cop::.ascii <000>/COP/ ; COPY
- ..$del::.ascii <000>/DEL/ ; DELETE
- ..$dir::.ascii <000>/DIR/ ; DIRECT
- ..$dis::.ascii <000>/DIS/ ; DISCONNECT
- ..$era::.ascii <000>/ERA/ ; ERASE
- ..$exi::.ascii <000>/EXI/ ; EXIT
- ..$fin::.ascii <000>/FIN/ ; FINISH
- ..$get::.ascii <000>/GET/ ; GET
- ..$han::.ascii <000>/HAN/ ; HANGUP
- ..$hel::.ascii <000>/HEL/ ; HELP
- ..$loc::.ascii <000>/LOC/ ; LOCAL
- ..$log::.ascii <000>/LOG/ ; LOGOUT
- ..$not::.ascii <000>/NOT/ ; NOTE
- ..$qui::.ascii <000>/QUI/ ; QUIT
- ..$rec::.ascii <000>/REC/ ; RECEIVE
- ..$rem::.ascii <000>/REM/ ; REMOTE
- ..$ren::.ascii <000>/REN/ ; RENAME
- ..$rdi::.ascii <000>/RDI/ ; REMOTE DIR
- ..$sen::.ascii <000>/SEN/ ; SEND
- ..$ser::.ascii <000>/SER/ ; SERVER
- ..$set::.ascii <000>/SET/ ; SET
- ..$sho::.ascii <000>/SHO/ ; SHOW
- ..$spa::.ascii <000>/SPA/ ; SPACE
- ..$sys::.ascii <000>/SYS/ ; SYSTEM
- ..$tak::.ascii <000>/TAK/ ; TAKE
- ..$tra::.ascii <000>/TRA/ ; TRANSMIT
- ..$typ::.ascii <000>/TYP/ ; TYPE
- ..$who::.ascii <000>/WHO/ ; WHO
- .byte 0,0,0,0
- .even
-
-
- .sbttl using onlpat for RSTS/E to patch this
-
-
- .if ne ,0
- .ift
-
-
- ! RSTS/E Kermit optional patches
- !
- ! Brian Nelson 30-Mar-84 09:47:07
- !
- !
- ! Example of patching RSTS/E Kermit to disable commands based
- ! on user programmer number. The effect of the following
- ! patches is to disallow any user with a programmer number
- ! greater than 127 (ie, 100,221) to access the commands
- ! DELETE ,DIRECTORY, ERASE and RENAME. If you would like to
- ! do this based on project number instead you can patch
- ! either ...UIC+0 to be the high cutoff point instead of
- ! patching ...UIC+2, or you can use different project numbers
- ! for each command by changing the '377' (which is in octal)
- ! to the desired cutoff point. To restict access to the DIR
- ! command to users with a project (group) number less than
- ! (10,*), you would patch ..$DIR byte offset zero from 0 to
- ! 10. (the '.' is needed to force ONLPAT to use a decimal
- ! interpretation of the number.
- !
- ! At this time the only other thing you may want to patch is
- ! location ..DIRP offset zero, which is by default 1. This
- ! value is checked against the user's project number by the
- ! DIRECTORY command. If the user's project number is greater
- ! than this number, the ppn (uic) field for the DIR command
- ! is zeroed, thus preventing that user from looking at the
- ! directory listing of ANY other account. The default is to
- ! restrict the use of ppn's for this command to [1,*] users
- ! only. The last patch here changes that to include [2,*].
- !
- !
- ! Keep user's with programmer numbers > 127 from using DIR, DEL, REN and ERA.
- !
- !
- File to patch?
- Base address? ...UIC+2
- Offset address? 0
- Base Offset Old New?
- ?????? 000000 000000 ? 127.
- ?????? 000002 041000 ? ^Z
- Offset address? ^Z
- Base address? ..$DEL
- Offset address? -1
- Base Offset Old New?
- ?????? 177777 120 ? <LF>
- ?????? 000000 000 ? 377
- ?????? 000001 104 ? ^Z
- Offset address? ^Z
- Base address? ..$DIR
- Offset address? -1
- Base Offset Old New?
- ?????? 177777 114 ? <LF>
- ?????? 000000 000 ? 377
- ?????? 000001 104 ? ^Z
- Offset address? ^Z
- Base address? ..$ERA
- Offset address? -1
- Base Offset Old New?
- ?????? 177777 123 ? <LF>
- ?????? 000000 000 ? 377
- ?????? 000001 105 ? ^Z
- Offset address? ^Z
- Base address? ..$REN
- Offset address? -1
- Base Offset Old New?
- ?????? 177777 115 ? <LF>
- ?????? 000000 000 ? 377
- ?????? 000001 122 ? ^Z
- Offset address? ^Z
- Base address? ..DIRP
- Offset address? 0
- Base Offset Old New?
- ?????? 000000 000001 ? 2
- ?????? 000002 ?????? ? ^C
-
-
- .endc
-
-
-
- .sbttl possibly throttle back non priv users speed
-
- .psect $pdata
-
- slowgr::.word 2 ; cutoff for group numbers
- slowdo::.word 0 ; if <> 0, then slow xfers down
- slowbd::.word 1200.
- .psect $code ; resume r/o code section
-
- throtl::save <r0,r1>
- tst slowdo ; really do this
- beq 100$ ; no
- tst pauset ; already a pause set ?
- bne 100$ ; yes, skip this please
- call getuic ; get the account number please
- swab r0 ; get group number in r0 please
- cmpb r0 ,slowgr ; ignore this user ?
- blos 100$ ; yes
- calls ttspeed ,<#ttname> ; get the current transfer rate
- tst r0 ; failure ?
- beq 100$ ; skip this in that case
- cmp r0 ,slowbd ; slow this user down ?
- blos 100$ ; no
- mov r0 ,r1 ; yes, compute delay in seconds
- clr r0 ; based on baud/(cutoff*4). Thus
- div slowbd ,r0 ; for 4800 baud, the delay would be
- asr r0 ; 1 second, reducing the effective
- asr r0 ; rate to 2400 baud
- tst r0 ; anything left?
- bne 10$ ; nothing ?
- inc r0 ; always compute something
- 10$: mov r0 ,pauset ; and save it
- 100$: unsave <r1,r0>
- return
-
- global <getuic ,ttname ,pauset>
-
-
- .end
-