As noted in Table 2-34, several of the built-in registered procedures parallel Server-Library and DB-Library routines that create, delete, and execute registered procedures. These procedures make it possible to implement a security system for registered procedures by installing a callback handler that executes whenever a registered procedure is about to execute. When a client application executes a system registered procedure or one of the parallel Client-Library or DB-Library routines, the callback handler executes. If it returns SRV_S_INHIBIT, the registered procedure does not execute.
For example, to prevent clients other than “sa” from executing a procedure named “reinitialize”, the registered procedure callback handler could contain the following code:
/*
** Stop users other than “sa” from executing the “reinitialize”
** registered procedure.
**
** Parameters:
** spp - Handle to the current client connection.
**
** Returns:
** CS_TRUE Allow the user to execute
** CS_FALSE Disallow execution.
*/
CS_BOOL rpc_permission(spp)
SRVPROC *spp;
{
CS_INT ulen; /* User name length */
CS_INT rlen; /* RPC name length */
CS_CHAR *rname; /* Pointer to the RPC name */
CS_CHAR user[256]; /* Buffer for the user name */
/*
** Get the name of the rpc command
*/
if ((rname = srv_rpcname(spp, &rlen)) == (CS_CHAR *)NULL)
{
return (CS_FALSE);
}
/*
** Get the user name.
*/
if (srv_thread_props(spp, CS_GET, SRV_T_USER,
(CS_VOID *)user,CS_SIZEOF(user), &ulen) == CS_FAIL)
{
return (CS_FALSE);
}
/*
** If either the user name or the rpc name is NULL,
** indicate an error.
*/
if (rlen <= 0 || ulen <= 0)
{
error (“API error”);
return (CS_FALSE);
}
/* Null terminate the user name buffer */
user[ulen] == ‘\0’;
/*
** Compare the RPC name and User name for permission.
*/
if ((strcmp(rname, “reinitialize”) == 0) &&
(strcmp(user, “sa”) == 0))
{
return (CS_TRUE);
}
return (CS_FALSE);
}
