]>
Commit | Line | Data |
---|---|---|
ef416fc2 | 1 | /* |
83bc2aac MS |
2 | * User, system, and password routines for CUPS. |
3 | * | |
3c2cb822 | 4 | * Copyright 2007-2019 by Apple Inc. |
83bc2aac MS |
5 | * Copyright 1997-2006 by Easy Software Products. |
6 | * | |
3c2cb822 MS |
7 | * Licensed under Apache License v2.0. See the file "LICENSE" for more |
8 | * information. | |
ef416fc2 | 9 | */ |
10 | ||
11 | /* | |
12 | * Include necessary headers... | |
13 | */ | |
14 | ||
71e16022 | 15 | #include "cups-private.h" |
fb863569 | 16 | #include "debug-internal.h" |
ef416fc2 | 17 | #include <stdlib.h> |
e00b005a | 18 | #include <sys/stat.h> |
19dc16f7 | 19 | #ifdef _WIN32 |
ef416fc2 | 20 | # include <windows.h> |
5a6b583a MS |
21 | #else |
22 | # include <pwd.h> | |
dcb445bc | 23 | # include <termios.h> |
db8b865d | 24 | # include <sys/utsname.h> |
19dc16f7 | 25 | #endif /* _WIN32 */ |
588c2205 MS |
26 | #ifdef __APPLE__ |
27 | # include <sys/sysctl.h> | |
28 | #endif /* __APPLE__ */ | |
ef416fc2 | 29 | |
30 | ||
dcb445bc MS |
31 | /* |
32 | * Local constants... | |
33 | */ | |
34 | ||
08d56b1f | 35 | #ifdef __APPLE__ |
3c2cb822 | 36 | # if TARGET_OS_OSX |
588c2205 MS |
37 | # define kCUPSPrintingPrefs CFSTR("org.cups.PrintingPrefs") |
38 | # define kPREFIX "" | |
3c2cb822 MS |
39 | # else |
40 | # define kCUPSPrintingPrefs CFSTR(".GlobalPreferences") | |
41 | # define kPREFIX "AirPrint" | |
42 | # endif /* TARGET_OS_OSX */ | |
59cd12c6 | 43 | # define kUserAgentTokensKey CFSTR(kPREFIX "UserAgentTokens") |
588c2205 MS |
44 | # define kAllowAnyRootKey CFSTR(kPREFIX "AllowAnyRoot") |
45 | # define kAllowExpiredCertsKey CFSTR(kPREFIX "AllowExpiredCerts") | |
46 | # define kEncryptionKey CFSTR(kPREFIX "Encryption") | |
47 | # define kGSSServiceNameKey CFSTR(kPREFIX "GSSServiceName") | |
48 | # define kSSLOptionsKey CFSTR(kPREFIX "SSLOptions") | |
49 | # define kTrustOnFirstUseKey CFSTR(kPREFIX "TrustOnFirstUse") | |
50 | # define kValidateCertsKey CFSTR(kPREFIX "ValidateCerts") | |
51 | /* Deprecated */ | |
52 | # define kAllowRC4 CFSTR(kPREFIX "AllowRC4") | |
53 | # define kAllowSSL3 CFSTR(kPREFIX "AllowSSL3") | |
54 | # define kAllowDH CFSTR(kPREFIX "AllowDH") | |
08d56b1f MS |
55 | #endif /* __APPLE__ */ |
56 | ||
dcb445bc MS |
57 | #define _CUPS_PASSCHAR '*' /* Character that is echoed for password */ |
58 | ||
59 | ||
3abb875b MS |
60 | /* |
61 | * Local types... | |
62 | */ | |
63 | ||
64 | typedef struct _cups_client_conf_s /**** client.conf config data ****/ | |
65 | { | |
59cd12c6 | 66 | _cups_uatokens_t uatokens; /* UserAgentTokens values */ |
3abb875b | 67 | #ifdef HAVE_SSL |
8f1fbdec MS |
68 | int ssl_options, /* SSLOptions values */ |
69 | ssl_min_version,/* Minimum SSL/TLS version */ | |
70 | ssl_max_version;/* Maximum SSL/TLS version */ | |
3abb875b | 71 | #endif /* HAVE_SSL */ |
08d56b1f MS |
72 | int trust_first, /* Trust on first use? */ |
73 | any_root, /* Allow any (e.g., self-signed) root */ | |
3abb875b MS |
74 | expired_certs, /* Allow expired certs */ |
75 | validate_certs; /* Validate certificates */ | |
76 | http_encryption_t encryption; /* Encryption setting */ | |
77 | char user[65], /* User name */ | |
78 | server_name[256]; | |
79 | /* Server hostname */ | |
80 | #ifdef HAVE_GSSAPI | |
81 | char gss_service_name[32]; | |
82 | /* Kerberos service name */ | |
83 | #endif /* HAVE_GSSAPI */ | |
84 | } _cups_client_conf_t; | |
85 | ||
86 | ||
b423cd4c | 87 | /* |
88 | * Local functions... | |
89 | */ | |
90 | ||
08d56b1f MS |
91 | #ifdef __APPLE__ |
92 | static int cups_apple_get_boolean(CFStringRef key, int *value); | |
93 | static int cups_apple_get_string(CFStringRef key, char *value, size_t valsize); | |
94 | #endif /* __APPLE__ */ | |
95 | static int cups_boolean_value(const char *value); | |
3abb875b MS |
96 | static void cups_finalize_client_conf(_cups_client_conf_t *cc); |
97 | static void cups_init_client_conf(_cups_client_conf_t *cc); | |
98 | static void cups_read_client_conf(cups_file_t *fp, _cups_client_conf_t *cc); | |
4b9daaf4 | 99 | static void cups_set_default_ipp_port(_cups_globals_t *cg); |
3abb875b | 100 | static void cups_set_encryption(_cups_client_conf_t *cc, const char *value); |
07ed0e9a | 101 | #ifdef HAVE_GSSAPI |
3abb875b | 102 | static void cups_set_gss_service_name(_cups_client_conf_t *cc, const char *value); |
07ed0e9a | 103 | #endif /* HAVE_GSSAPI */ |
3abb875b MS |
104 | static void cups_set_server_name(_cups_client_conf_t *cc, const char *value); |
105 | #ifdef HAVE_SSL | |
106 | static void cups_set_ssl_options(_cups_client_conf_t *cc, const char *value); | |
107 | #endif /* HAVE_SSL */ | |
59cd12c6 | 108 | static void cups_set_uatokens(_cups_client_conf_t *cc, const char *value); |
3abb875b | 109 | static void cups_set_user(_cups_client_conf_t *cc, const char *value); |
b423cd4c | 110 | |
111 | ||
ef416fc2 | 112 | /* |
5a6b583a | 113 | * 'cupsEncryption()' - Get the current encryption settings. |
ef416fc2 | 114 | * |
115 | * The default encryption setting comes from the CUPS_ENCRYPTION | |
568fa3fa | 116 | * environment variable, then the ~/.cups/client.conf file, and finally the |
ef416fc2 | 117 | * /etc/cups/client.conf file. If not set, the default is |
cb7f98ee | 118 | * @code HTTP_ENCRYPTION_IF_REQUESTED@. |
5a6b583a MS |
119 | * |
120 | * Note: The current encryption setting is tracked separately for each thread | |
121 | * in a program. Multi-threaded programs that override the setting via the | |
122 | * @link cupsSetEncryption@ function need to do so in each thread for the same | |
123 | * setting to be used. | |
ef416fc2 | 124 | */ |
125 | ||
126 | http_encryption_t /* O - Encryption settings */ | |
127 | cupsEncryption(void) | |
128 | { | |
ef416fc2 | 129 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
130 | ||
131 | ||
ef416fc2 | 132 | if (cg->encryption == (http_encryption_t)-1) |
e07d4801 | 133 | _cupsSetDefaults(); |
ef416fc2 | 134 | |
135 | return (cg->encryption); | |
136 | } | |
137 | ||
138 | ||
139 | /* | |
140 | * 'cupsGetPassword()' - Get a password from the user. | |
141 | * | |
5a738aea | 142 | * Uses the current password callback function. Returns @code NULL@ if the |
ecdc0628 | 143 | * user does not provide a password. |
5a6b583a MS |
144 | * |
145 | * Note: The current password callback function is tracked separately for each | |
146 | * thread in a program. Multi-threaded programs that override the setting via | |
147 | * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to | |
148 | * do so in each thread for the same function to be used. | |
53af7f21 MS |
149 | * |
150 | * @exclude all@ | |
ef416fc2 | 151 | */ |
152 | ||
153 | const char * /* O - Password */ | |
154 | cupsGetPassword(const char *prompt) /* I - Prompt string */ | |
155 | { | |
f11a948a MS |
156 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
157 | ||
158 | ||
159 | return ((cg->password_cb)(prompt, NULL, NULL, NULL, cg->password_data)); | |
160 | } | |
161 | ||
162 | ||
163 | /* | |
98d88c8d | 164 | * 'cupsGetPassword2()' - Get a password from the user using the current |
5a6b583a | 165 | * password callback. |
f11a948a MS |
166 | * |
167 | * Uses the current password callback function. Returns @code NULL@ if the | |
168 | * user does not provide a password. | |
169 | * | |
5a6b583a MS |
170 | * Note: The current password callback function is tracked separately for each |
171 | * thread in a program. Multi-threaded programs that override the setting via | |
98d88c8d MS |
172 | * the @link cupsSetPasswordCB2@ function need to do so in each thread for the |
173 | * same function to be used. | |
5a6b583a | 174 | * |
8072030b | 175 | * @since CUPS 1.4/macOS 10.6@ |
f11a948a MS |
176 | */ |
177 | ||
178 | const char * /* O - Password */ | |
179 | cupsGetPassword2(const char *prompt, /* I - Prompt string */ | |
180 | http_t *http, /* I - Connection to server or @code CUPS_HTTP_DEFAULT@ */ | |
181 | const char *method, /* I - Request method ("GET", "POST", "PUT") */ | |
182 | const char *resource) /* I - Resource path */ | |
183 | { | |
184 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
185 | ||
186 | ||
187 | if (!http) | |
188 | http = _cupsConnect(); | |
189 | ||
190 | return ((cg->password_cb)(prompt, http, method, resource, cg->password_data)); | |
ef416fc2 | 191 | } |
192 | ||
193 | ||
ef416fc2 | 194 | /* |
5a6b583a MS |
195 | * 'cupsServer()' - Return the hostname/address of the current server. |
196 | * | |
197 | * The default server comes from the CUPS_SERVER environment variable, then the | |
198 | * ~/.cups/client.conf file, and finally the /etc/cups/client.conf file. If not | |
199 | * set, the default is the local system - either "localhost" or a domain socket | |
200 | * path. | |
ef416fc2 | 201 | * |
5a6b583a MS |
202 | * The returned value can be a fully-qualified hostname, a numeric IPv4 or IPv6 |
203 | * address, or a domain socket pathname. | |
204 | * | |
205 | * Note: The current server is tracked separately for each thread in a program. | |
206 | * Multi-threaded programs that override the server via the | |
207 | * @link cupsSetServer@ function need to do so in each thread for the same | |
208 | * server to be used. | |
ef416fc2 | 209 | */ |
210 | ||
211 | const char * /* O - Server name */ | |
212 | cupsServer(void) | |
213 | { | |
ef416fc2 | 214 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
215 | ||
216 | ||
ef416fc2 | 217 | if (!cg->server[0]) |
e07d4801 | 218 | _cupsSetDefaults(); |
ef416fc2 | 219 | |
e07d4801 MS |
220 | return (cg->server); |
221 | } | |
ef416fc2 | 222 | |
d09495fa | 223 | |
7cf5915e MS |
224 | /* |
225 | * 'cupsSetClientCertCB()' - Set the client certificate callback. | |
226 | * | |
227 | * Pass @code NULL@ to restore the default callback. | |
228 | * | |
229 | * Note: The current certificate callback is tracked separately for each thread | |
230 | * in a program. Multi-threaded programs that override the callback need to do | |
231 | * so in each thread for the same callback to be used. | |
232 | * | |
8072030b | 233 | * @since CUPS 1.5/macOS 10.7@ |
7cf5915e MS |
234 | */ |
235 | ||
236 | void | |
237 | cupsSetClientCertCB( | |
238 | cups_client_cert_cb_t cb, /* I - Callback function */ | |
239 | void *user_data) /* I - User data pointer */ | |
240 | { | |
241 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
242 | ||
243 | ||
244 | cg->client_cert_cb = cb; | |
245 | cg->client_cert_data = user_data; | |
246 | } | |
247 | ||
248 | ||
249 | /* | |
250 | * 'cupsSetCredentials()' - Set the default credentials to be used for SSL/TLS | |
251 | * connections. | |
252 | * | |
253 | * Note: The default credentials are tracked separately for each thread in a | |
254 | * program. Multi-threaded programs that override the setting need to do so in | |
255 | * each thread for the same setting to be used. | |
256 | * | |
8072030b | 257 | * @since CUPS 1.5/macOS 10.7@ |
7cf5915e MS |
258 | */ |
259 | ||
260 | int /* O - Status of call (0 = success) */ | |
261 | cupsSetCredentials( | |
262 | cups_array_t *credentials) /* I - Array of credentials */ | |
263 | { | |
264 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
265 | ||
266 | ||
267 | if (cupsArrayCount(credentials) < 1) | |
268 | return (-1); | |
269 | ||
7d5824d6 | 270 | #ifdef HAVE_SSL |
7cf5915e | 271 | _httpFreeCredentials(cg->tls_credentials); |
85dda01c | 272 | cg->tls_credentials = _httpCreateCredentials(credentials); |
7d5824d6 | 273 | #endif /* HAVE_SSL */ |
7cf5915e MS |
274 | |
275 | return (cg->tls_credentials ? 0 : -1); | |
276 | } | |
277 | ||
278 | ||
e07d4801 MS |
279 | /* |
280 | * 'cupsSetEncryption()' - Set the encryption preference. | |
5a6b583a MS |
281 | * |
282 | * The default encryption setting comes from the CUPS_ENCRYPTION | |
283 | * environment variable, then the ~/.cups/client.conf file, and finally the | |
284 | * /etc/cups/client.conf file. If not set, the default is | |
cb7f98ee | 285 | * @code HTTP_ENCRYPTION_IF_REQUESTED@. |
5a6b583a MS |
286 | * |
287 | * Note: The current encryption setting is tracked separately for each thread | |
288 | * in a program. Multi-threaded programs that override the setting need to do | |
289 | * so in each thread for the same setting to be used. | |
e07d4801 | 290 | */ |
ef416fc2 | 291 | |
e07d4801 MS |
292 | void |
293 | cupsSetEncryption(http_encryption_t e) /* I - New encryption preference */ | |
294 | { | |
295 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
ef416fc2 | 296 | |
ef416fc2 | 297 | |
e07d4801 | 298 | cg->encryption = e; |
ef416fc2 | 299 | |
e07d4801 MS |
300 | if (cg->http) |
301 | httpEncryption(cg->http, e); | |
ef416fc2 | 302 | } |
303 | ||
304 | ||
305 | /* | |
306 | * 'cupsSetPasswordCB()' - Set the password callback for CUPS. | |
307 | * | |
5a6b583a MS |
308 | * Pass @code NULL@ to restore the default (console) password callback, which |
309 | * reads the password from the console. Programs should call either this | |
310 | * function or @link cupsSetPasswordCB2@, as only one callback can be registered | |
311 | * by a program per thread. | |
312 | * | |
313 | * Note: The current password callback is tracked separately for each thread | |
314 | * in a program. Multi-threaded programs that override the callback need to do | |
315 | * so in each thread for the same callback to be used. | |
53af7f21 MS |
316 | * |
317 | * @exclude all@ | |
ef416fc2 | 318 | */ |
319 | ||
320 | void | |
321 | cupsSetPasswordCB(cups_password_cb_t cb)/* I - Callback function */ | |
322 | { | |
323 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
324 | ||
325 | ||
f11a948a MS |
326 | if (cb == (cups_password_cb_t)0) |
327 | cg->password_cb = (cups_password_cb2_t)_cupsGetPassword; | |
328 | else | |
329 | cg->password_cb = (cups_password_cb2_t)cb; | |
330 | ||
331 | cg->password_data = NULL; | |
332 | } | |
333 | ||
334 | ||
335 | /* | |
336 | * 'cupsSetPasswordCB2()' - Set the advanced password callback for CUPS. | |
337 | * | |
5a6b583a MS |
338 | * Pass @code NULL@ to restore the default (console) password callback, which |
339 | * reads the password from the console. Programs should call either this | |
340 | * function or @link cupsSetPasswordCB2@, as only one callback can be registered | |
341 | * by a program per thread. | |
342 | * | |
343 | * Note: The current password callback is tracked separately for each thread | |
344 | * in a program. Multi-threaded programs that override the callback need to do | |
345 | * so in each thread for the same callback to be used. | |
f11a948a | 346 | * |
8072030b | 347 | * @since CUPS 1.4/macOS 10.6@ |
f11a948a MS |
348 | */ |
349 | ||
350 | void | |
351 | cupsSetPasswordCB2( | |
352 | cups_password_cb2_t cb, /* I - Callback function */ | |
353 | void *user_data) /* I - User data pointer */ | |
354 | { | |
355 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
356 | ||
357 | ||
358 | if (cb == (cups_password_cb2_t)0) | |
359 | cg->password_cb = (cups_password_cb2_t)_cupsGetPassword; | |
ef416fc2 | 360 | else |
361 | cg->password_cb = cb; | |
f11a948a MS |
362 | |
363 | cg->password_data = user_data; | |
ef416fc2 | 364 | } |
365 | ||
366 | ||
367 | /* | |
5a6b583a | 368 | * 'cupsSetServer()' - Set the default server name and port. |
ef416fc2 | 369 | * |
370 | * The "server" string can be a fully-qualified hostname, a numeric | |
5a6b583a MS |
371 | * IPv4 or IPv6 address, or a domain socket pathname. Hostnames and numeric IP |
372 | * addresses can be optionally followed by a colon and port number to override | |
373 | * the default port 631, e.g. "hostname:8631". Pass @code NULL@ to restore the | |
374 | * default server name and port. | |
375 | * | |
376 | * Note: The current server is tracked separately for each thread in a program. | |
377 | * Multi-threaded programs that override the server need to do so in each | |
378 | * thread for the same server to be used. | |
ef416fc2 | 379 | */ |
380 | ||
381 | void | |
382 | cupsSetServer(const char *server) /* I - Server name */ | |
383 | { | |
0cb67df3 MS |
384 | char *options, /* Options */ |
385 | *port; /* Pointer to port */ | |
ef416fc2 | 386 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
387 | ||
388 | ||
389 | if (server) | |
390 | { | |
391 | strlcpy(cg->server, server, sizeof(cg->server)); | |
392 | ||
0cb67df3 MS |
393 | if (cg->server[0] != '/' && (options = strrchr(cg->server, '/')) != NULL) |
394 | { | |
395 | *options++ = '\0'; | |
396 | ||
397 | if (!strcmp(options, "version=1.0")) | |
398 | cg->server_version = 10; | |
399 | else if (!strcmp(options, "version=1.1")) | |
400 | cg->server_version = 11; | |
401 | else if (!strcmp(options, "version=2.0")) | |
402 | cg->server_version = 20; | |
403 | else if (!strcmp(options, "version=2.1")) | |
404 | cg->server_version = 21; | |
405 | else if (!strcmp(options, "version=2.2")) | |
406 | cg->server_version = 22; | |
407 | } | |
567f49cb MS |
408 | else |
409 | cg->server_version = 20; | |
0cb67df3 | 410 | |
ef416fc2 | 411 | if (cg->server[0] != '/' && (port = strrchr(cg->server, ':')) != NULL && |
412 | !strchr(port, ']') && isdigit(port[1] & 255)) | |
413 | { | |
414 | *port++ = '\0'; | |
415 | ||
e07d4801 | 416 | cg->ipp_port = atoi(port); |
ef416fc2 | 417 | } |
418 | ||
4b9daaf4 MS |
419 | if (!cg->ipp_port) |
420 | cups_set_default_ipp_port(cg); | |
421 | ||
ef416fc2 | 422 | if (cg->server[0] == '/') |
5a9febac | 423 | strlcpy(cg->servername, "localhost", sizeof(cg->servername)); |
ef416fc2 | 424 | else |
425 | strlcpy(cg->servername, cg->server, sizeof(cg->servername)); | |
426 | } | |
427 | else | |
428 | { | |
0cb67df3 MS |
429 | cg->server[0] = '\0'; |
430 | cg->servername[0] = '\0'; | |
431 | cg->server_version = 20; | |
4b9daaf4 | 432 | cg->ipp_port = 0; |
ef416fc2 | 433 | } |
5a738aea MS |
434 | |
435 | if (cg->http) | |
436 | { | |
437 | httpClose(cg->http); | |
438 | cg->http = NULL; | |
439 | } | |
ef416fc2 | 440 | } |
441 | ||
442 | ||
7cf5915e MS |
443 | /* |
444 | * 'cupsSetServerCertCB()' - Set the server certificate callback. | |
445 | * | |
446 | * Pass @code NULL@ to restore the default callback. | |
447 | * | |
448 | * Note: The current credentials callback is tracked separately for each thread | |
449 | * in a program. Multi-threaded programs that override the callback need to do | |
450 | * so in each thread for the same callback to be used. | |
451 | * | |
8072030b | 452 | * @since CUPS 1.5/macOS 10.7@ |
7cf5915e MS |
453 | */ |
454 | ||
455 | void | |
456 | cupsSetServerCertCB( | |
457 | cups_server_cert_cb_t cb, /* I - Callback function */ | |
458 | void *user_data) /* I - User data pointer */ | |
459 | { | |
460 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
461 | ||
462 | ||
463 | cg->server_cert_cb = cb; | |
464 | cg->server_cert_data = user_data; | |
465 | } | |
466 | ||
467 | ||
ef416fc2 | 468 | /* |
469 | * 'cupsSetUser()' - Set the default user name. | |
470 | * | |
5a738aea | 471 | * Pass @code NULL@ to restore the default user name. |
5a6b583a MS |
472 | * |
473 | * Note: The current user name is tracked separately for each thread in a | |
474 | * program. Multi-threaded programs that override the user name need to do so | |
475 | * in each thread for the same user name to be used. | |
ef416fc2 | 476 | */ |
477 | ||
478 | void | |
479 | cupsSetUser(const char *user) /* I - User name */ | |
480 | { | |
481 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
482 | ||
483 | ||
484 | if (user) | |
485 | strlcpy(cg->user, user, sizeof(cg->user)); | |
486 | else | |
487 | cg->user[0] = '\0'; | |
488 | } | |
489 | ||
490 | ||
db8b865d MS |
491 | /* |
492 | * 'cupsSetUserAgent()' - Set the default HTTP User-Agent string. | |
493 | * | |
494 | * Setting the string to NULL forces the default value containing the CUPS | |
495 | * version, IPP version, and operating system version and architecture. | |
496 | * | |
8072030b | 497 | * @since CUPS 1.7/macOS 10.9@ |
db8b865d MS |
498 | */ |
499 | ||
500 | void | |
501 | cupsSetUserAgent(const char *user_agent)/* I - User-Agent string or @code NULL@ */ | |
502 | { | |
503 | _cups_globals_t *cg = _cupsGlobals(); | |
504 | /* Thread globals */ | |
19dc16f7 | 505 | #ifdef _WIN32 |
db8b865d | 506 | SYSTEM_INFO sysinfo; /* System information */ |
104c5283 | 507 | OSVERSIONINFOA version; /* OS version info */ |
588c2205 MS |
508 | const char *machine; /* Hardware/machine name */ |
509 | #elif defined(__APPLE__) | |
510 | struct utsname name; /* uname info */ | |
511 | char version[256]; /* macOS/iOS version */ | |
512 | size_t len; /* Length of value */ | |
db8b865d MS |
513 | #else |
514 | struct utsname name; /* uname info */ | |
19dc16f7 | 515 | #endif /* _WIN32 */ |
db8b865d MS |
516 | |
517 | ||
518 | if (user_agent) | |
519 | { | |
520 | strlcpy(cg->user_agent, user_agent, sizeof(cg->user_agent)); | |
521 | return; | |
522 | } | |
523 | ||
59cd12c6 MS |
524 | if (cg->uatokens < _CUPS_UATOKENS_OS) |
525 | { | |
526 | switch (cg->uatokens) | |
527 | { | |
528 | default : | |
529 | case _CUPS_UATOKENS_NONE : | |
530 | cg->user_agent[0] = '\0'; | |
531 | break; | |
532 | case _CUPS_UATOKENS_PRODUCT_ONLY : | |
533 | strlcpy(cg->user_agent, "CUPS IPP", sizeof(cg->user_agent)); | |
534 | break; | |
535 | case _CUPS_UATOKENS_MAJOR : | |
536 | snprintf(cg->user_agent, sizeof(cg->user_agent), "CUPS/%d IPP/2", CUPS_VERSION_MAJOR); | |
537 | break; | |
538 | case _CUPS_UATOKENS_MINOR : | |
539 | snprintf(cg->user_agent, sizeof(cg->user_agent), "CUPS/%d.%d IPP/2.1", CUPS_VERSION_MAJOR, CUPS_VERSION_MINOR); | |
540 | break; | |
541 | case _CUPS_UATOKENS_MINIMAL : | |
542 | strlcpy(cg->user_agent, CUPS_MINIMAL " IPP/2.1", sizeof(cg->user_agent)); | |
543 | break; | |
544 | } | |
545 | } | |
546 | ||
19dc16f7 | 547 | #ifdef _WIN32 |
588c2205 MS |
548 | /* |
549 | * Gather Windows version information for the User-Agent string... | |
550 | */ | |
551 | ||
db8b865d | 552 | version.dwOSVersionInfoSize = sizeof(OSVERSIONINFO); |
86206ccf | 553 | GetVersionExA(&version); |
db8b865d MS |
554 | GetNativeSystemInfo(&sysinfo); |
555 | ||
588c2205 MS |
556 | switch (sysinfo.wProcessorArchitecture) |
557 | { | |
558 | case PROCESSOR_ARCHITECTURE_AMD64 : | |
559 | machine = "amd64"; | |
560 | break; | |
561 | ||
562 | case PROCESSOR_ARCHITECTURE_ARM : | |
563 | machine = "arm"; | |
564 | break; | |
565 | ||
566 | case PROCESSOR_ARCHITECTURE_IA64 : | |
567 | machine = "ia64"; | |
568 | break; | |
569 | ||
570 | case PROCESSOR_ARCHITECTURE_INTEL : | |
571 | machine = "intel"; | |
572 | break; | |
573 | ||
574 | default : | |
575 | machine = "unknown"; | |
576 | break; | |
577 | } | |
578 | ||
59cd12c6 MS |
579 | if (cg->uatokens == _CUPS_UATOKENS_OS) |
580 | snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (Windows %d.%d) IPP/2.0", version.dwMajorVersion, version.dwMinorVersion); | |
581 | else | |
582 | snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (Windows %d.%d; %s) IPP/2.0", version.dwMajorVersion, version.dwMinorVersion, machine); | |
588c2205 MS |
583 | |
584 | #elif defined(__APPLE__) | |
585 | /* | |
586 | * Gather macOS/iOS version information for the User-Agent string... | |
587 | */ | |
588 | ||
589 | uname(&name); | |
590 | ||
591 | len = sizeof(version) - 1; | |
592 | if (!sysctlbyname("kern.osproductversion", version, &len, NULL, 0)) | |
593 | version[len] = '\0'; | |
594 | else | |
595 | strlcpy(version, "unknown", sizeof(version)); | |
596 | ||
3c2cb822 | 597 | # if TARGET_OS_OSX |
59cd12c6 MS |
598 | if (cg->uatokens == _CUPS_UATOKENS_OS) |
599 | snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (macOS %s) IPP/2.0", version); | |
600 | else | |
601 | snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (macOS %s; %s) IPP/2.0", version, name.machine); | |
602 | ||
3c2cb822 | 603 | # else |
59cd12c6 MS |
604 | if (cg->uatokens == _CUPS_UATOKENS_OS) |
605 | snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (iOS %s) IPP/2.0", version); | |
606 | else | |
607 | snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (iOS %s; %s) IPP/2.0", version, name.machine); | |
3c2cb822 | 608 | # endif /* TARGET_OS_OSX */ |
db8b865d MS |
609 | |
610 | #else | |
588c2205 MS |
611 | /* |
612 | * Gather generic UNIX version information for the User-Agent string... | |
613 | */ | |
614 | ||
db8b865d MS |
615 | uname(&name); |
616 | ||
59cd12c6 MS |
617 | if (cg->uatokens == _CUPS_UATOKENS_OS) |
618 | snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (%s %s) IPP/2.0", name.sysname, name.release); | |
619 | else | |
620 | snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (%s %s; %s) IPP/2.0", name.sysname, name.release, name.machine); | |
19dc16f7 | 621 | #endif /* _WIN32 */ |
db8b865d MS |
622 | } |
623 | ||
624 | ||
ef416fc2 | 625 | /* |
626 | * 'cupsUser()' - Return the current user's name. | |
5a6b583a MS |
627 | * |
628 | * Note: The current user name is tracked separately for each thread in a | |
629 | * program. Multi-threaded programs that override the user name with the | |
630 | * @link cupsSetUser@ function need to do so in each thread for the same user | |
631 | * name to be used. | |
ef416fc2 | 632 | */ |
633 | ||
634 | const char * /* O - User name */ | |
635 | cupsUser(void) | |
636 | { | |
637 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
638 | ||
639 | ||
640 | if (!cg->user[0]) | |
3e7fe0ca | 641 | _cupsSetDefaults(); |
ef416fc2 | 642 | |
643 | return (cg->user); | |
644 | } | |
645 | ||
646 | ||
db8b865d MS |
647 | /* |
648 | * 'cupsUserAgent()' - Return the default HTTP User-Agent string. | |
649 | * | |
8072030b | 650 | * @since CUPS 1.7/macOS 10.9@ |
db8b865d MS |
651 | */ |
652 | ||
653 | const char * /* O - User-Agent string */ | |
654 | cupsUserAgent(void) | |
655 | { | |
656 | _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */ | |
657 | ||
658 | ||
659 | if (!cg->user_agent[0]) | |
660 | cupsSetUserAgent(NULL); | |
661 | ||
662 | return (cg->user_agent); | |
663 | } | |
664 | ||
665 | ||
ef416fc2 | 666 | /* |
667 | * '_cupsGetPassword()' - Get a password from the user. | |
668 | */ | |
669 | ||
dcb445bc | 670 | const char * /* O - Password or @code NULL@ if none */ |
ef416fc2 | 671 | _cupsGetPassword(const char *prompt) /* I - Prompt string */ |
672 | { | |
19dc16f7 | 673 | #ifdef _WIN32 |
dcb445bc MS |
674 | HANDLE tty; /* Console handle */ |
675 | DWORD mode; /* Console mode */ | |
676 | char passch, /* Current key press */ | |
677 | *passptr, /* Pointer into password string */ | |
678 | *passend; /* End of password string */ | |
12f89d24 | 679 | DWORD passbytes; /* Bytes read */ |
dcb445bc MS |
680 | _cups_globals_t *cg = _cupsGlobals(); |
681 | /* Thread globals */ | |
682 | ||
683 | ||
5a6b583a | 684 | /* |
dcb445bc | 685 | * Disable input echo and set raw input... |
5a6b583a MS |
686 | */ |
687 | ||
dcb445bc MS |
688 | if ((tty = GetStdHandle(STD_INPUT_HANDLE)) == INVALID_HANDLE_VALUE) |
689 | return (NULL); | |
690 | ||
691 | if (!GetConsoleMode(tty, &mode)) | |
692 | return (NULL); | |
693 | ||
694 | if (!SetConsoleMode(tty, 0)) | |
695 | return (NULL); | |
696 | ||
697 | /* | |
698 | * Display the prompt... | |
699 | */ | |
700 | ||
701 | printf("%s ", prompt); | |
702 | fflush(stdout); | |
703 | ||
704 | /* | |
705 | * Read the password string from /dev/tty until we get interrupted or get a | |
706 | * carriage return or newline... | |
707 | */ | |
708 | ||
709 | passptr = cg->password; | |
710 | passend = cg->password + sizeof(cg->password) - 1; | |
711 | ||
12f89d24 | 712 | while (ReadFile(tty, &passch, 1, &passbytes, NULL)) |
dcb445bc MS |
713 | { |
714 | if (passch == 0x0A || passch == 0x0D) | |
715 | { | |
716 | /* | |
717 | * Enter/return... | |
718 | */ | |
719 | ||
720 | break; | |
721 | } | |
722 | else if (passch == 0x08 || passch == 0x7F) | |
723 | { | |
724 | /* | |
725 | * Backspace/delete (erase character)... | |
726 | */ | |
727 | ||
728 | if (passptr > cg->password) | |
729 | { | |
730 | passptr --; | |
731 | fputs("\010 \010", stdout); | |
732 | } | |
733 | else | |
734 | putchar(0x07); | |
735 | } | |
736 | else if (passch == 0x15) | |
737 | { | |
738 | /* | |
739 | * CTRL+U (erase line) | |
740 | */ | |
741 | ||
742 | if (passptr > cg->password) | |
743 | { | |
744 | while (passptr > cg->password) | |
745 | { | |
746 | passptr --; | |
747 | fputs("\010 \010", stdout); | |
748 | } | |
749 | } | |
750 | else | |
751 | putchar(0x07); | |
752 | } | |
753 | else if (passch == 0x03) | |
754 | { | |
755 | /* | |
756 | * CTRL+C... | |
757 | */ | |
758 | ||
759 | passptr = cg->password; | |
760 | break; | |
761 | } | |
762 | else if ((passch & 255) < 0x20 || passptr >= passend) | |
763 | putchar(0x07); | |
764 | else | |
765 | { | |
766 | *passptr++ = passch; | |
767 | putchar(_CUPS_PASSCHAR); | |
768 | } | |
769 | ||
770 | fflush(stdout); | |
771 | } | |
772 | ||
773 | putchar('\n'); | |
774 | fflush(stdout); | |
775 | ||
776 | /* | |
777 | * Cleanup... | |
778 | */ | |
779 | ||
780 | SetConsoleMode(tty, mode); | |
781 | ||
782 | /* | |
783 | * Return the proper value... | |
784 | */ | |
785 | ||
786 | if (passbytes == 1 && passptr > cg->password) | |
787 | { | |
788 | *passptr = '\0'; | |
789 | return (cg->password); | |
790 | } | |
791 | else | |
792 | { | |
793 | memset(cg->password, 0, sizeof(cg->password)); | |
794 | return (NULL); | |
795 | } | |
5a6b583a MS |
796 | |
797 | #else | |
dcb445bc MS |
798 | int tty; /* /dev/tty - never read from stdin */ |
799 | struct termios original, /* Original input mode */ | |
800 | noecho; /* No echo input mode */ | |
801 | char passch, /* Current key press */ | |
802 | *passptr, /* Pointer into password string */ | |
803 | *passend; /* End of password string */ | |
804 | ssize_t passbytes; /* Bytes read */ | |
805 | _cups_globals_t *cg = _cupsGlobals(); | |
806 | /* Thread globals */ | |
807 | ||
808 | ||
5a6b583a | 809 | /* |
dcb445bc | 810 | * Disable input echo and set raw input... |
5a6b583a MS |
811 | */ |
812 | ||
dcb445bc MS |
813 | if ((tty = open("/dev/tty", O_RDONLY)) < 0) |
814 | return (NULL); | |
815 | ||
816 | if (tcgetattr(tty, &original)) | |
817 | { | |
818 | close(tty); | |
819 | return (NULL); | |
820 | } | |
821 | ||
822 | noecho = original; | |
7e86f2f6 | 823 | noecho.c_lflag &= (tcflag_t)~(ICANON | ECHO | ECHOE | ISIG); |
a8db9df8 MS |
824 | noecho.c_cc[VMIN] = 1; |
825 | noecho.c_cc[VTIME] = 0; | |
7cf5915e | 826 | |
dcb445bc MS |
827 | if (tcsetattr(tty, TCSAFLUSH, &noecho)) |
828 | { | |
829 | close(tty); | |
7cf5915e | 830 | return (NULL); |
dcb445bc MS |
831 | } |
832 | ||
833 | /* | |
834 | * Display the prompt... | |
835 | */ | |
836 | ||
837 | printf("%s ", prompt); | |
838 | fflush(stdout); | |
839 | ||
840 | /* | |
841 | * Read the password string from /dev/tty until we get interrupted or get a | |
842 | * carriage return or newline... | |
843 | */ | |
844 | ||
845 | passptr = cg->password; | |
846 | passend = cg->password + sizeof(cg->password) - 1; | |
847 | ||
848 | while ((passbytes = read(tty, &passch, 1)) == 1) | |
849 | { | |
8dd318e5 MS |
850 | if (passch == noecho.c_cc[VEOL] || |
851 | # ifdef VEOL2 | |
852 | passch == noecho.c_cc[VEOL2] || | |
853 | # endif /* VEOL2 */ | |
dcb445bc MS |
854 | passch == 0x0A || passch == 0x0D) |
855 | { | |
856 | /* | |
857 | * Enter/return... | |
858 | */ | |
859 | ||
860 | break; | |
861 | } | |
862 | else if (passch == noecho.c_cc[VERASE] || | |
863 | passch == 0x08 || passch == 0x7F) | |
864 | { | |
865 | /* | |
866 | * Backspace/delete (erase character)... | |
867 | */ | |
868 | ||
869 | if (passptr > cg->password) | |
870 | { | |
871 | passptr --; | |
872 | fputs("\010 \010", stdout); | |
873 | } | |
874 | else | |
875 | putchar(0x07); | |
876 | } | |
877 | else if (passch == noecho.c_cc[VKILL]) | |
878 | { | |
879 | /* | |
880 | * CTRL+U (erase line) | |
881 | */ | |
882 | ||
883 | if (passptr > cg->password) | |
884 | { | |
885 | while (passptr > cg->password) | |
886 | { | |
887 | passptr --; | |
888 | fputs("\010 \010", stdout); | |
889 | } | |
890 | } | |
891 | else | |
892 | putchar(0x07); | |
893 | } | |
894 | else if (passch == noecho.c_cc[VINTR] || passch == noecho.c_cc[VQUIT] || | |
895 | passch == noecho.c_cc[VEOF]) | |
896 | { | |
897 | /* | |
898 | * CTRL+C, CTRL+D, or CTRL+Z... | |
899 | */ | |
900 | ||
901 | passptr = cg->password; | |
902 | break; | |
903 | } | |
904 | else if ((passch & 255) < 0x20 || passptr >= passend) | |
905 | putchar(0x07); | |
906 | else | |
907 | { | |
908 | *passptr++ = passch; | |
909 | putchar(_CUPS_PASSCHAR); | |
910 | } | |
911 | ||
912 | fflush(stdout); | |
913 | } | |
914 | ||
915 | putchar('\n'); | |
916 | fflush(stdout); | |
917 | ||
918 | /* | |
919 | * Cleanup... | |
920 | */ | |
921 | ||
922 | tcsetattr(tty, TCSAFLUSH, &original); | |
923 | close(tty); | |
924 | ||
925 | /* | |
926 | * Return the proper value... | |
927 | */ | |
928 | ||
929 | if (passbytes == 1 && passptr > cg->password) | |
930 | { | |
931 | *passptr = '\0'; | |
932 | return (cg->password); | |
933 | } | |
7cf5915e | 934 | else |
dcb445bc MS |
935 | { |
936 | memset(cg->password, 0, sizeof(cg->password)); | |
937 | return (NULL); | |
938 | } | |
19dc16f7 | 939 | #endif /* _WIN32 */ |
5a6b583a | 940 | } |
ef416fc2 | 941 | |
942 | ||
eac3a0a0 MS |
943 | #ifdef HAVE_GSSAPI |
944 | /* | |
945 | * '_cupsGSSServiceName()' - Get the GSS (Kerberos) service name. | |
946 | */ | |
947 | ||
948 | const char * | |
949 | _cupsGSSServiceName(void) | |
950 | { | |
951 | _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */ | |
952 | ||
953 | ||
954 | if (!cg->gss_service_name[0]) | |
955 | _cupsSetDefaults(); | |
956 | ||
957 | return (cg->gss_service_name); | |
958 | } | |
959 | #endif /* HAVE_GSSAPI */ | |
960 | ||
961 | ||
ef416fc2 | 962 | /* |
e07d4801 | 963 | * '_cupsSetDefaults()' - Set the default server, port, and encryption. |
b423cd4c | 964 | */ |
965 | ||
e07d4801 MS |
966 | void |
967 | _cupsSetDefaults(void) | |
b423cd4c | 968 | { |
969 | cups_file_t *fp; /* File */ | |
3abb875b | 970 | const char *home; /* Home directory of user */ |
b423cd4c | 971 | char filename[1024]; /* Filename */ |
3abb875b | 972 | _cups_client_conf_t cc; /* client.conf values */ |
b423cd4c | 973 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
974 | ||
975 | ||
e07d4801 MS |
976 | DEBUG_puts("_cupsSetDefaults()"); |
977 | ||
978 | /* | |
3abb875b MS |
979 | * Load initial client.conf values... |
980 | */ | |
981 | ||
982 | cups_init_client_conf(&cc); | |
983 | ||
984 | /* | |
985 | * Read the /etc/cups/client.conf and ~/.cups/client.conf files, if | |
986 | * present. | |
987 | */ | |
988 | ||
989 | snprintf(filename, sizeof(filename), "%s/client.conf", cg->cups_serverroot); | |
990 | if ((fp = cupsFileOpen(filename, "r")) != NULL) | |
991 | { | |
992 | cups_read_client_conf(fp, &cc); | |
993 | cupsFileClose(fp); | |
994 | } | |
995 | ||
996 | # ifdef HAVE_GETEUID | |
997 | if ((geteuid() == getuid() || !getuid()) && getegid() == getgid() && (home = getenv("HOME")) != NULL) | |
19dc16f7 | 998 | # elif !defined(_WIN32) |
3abb875b MS |
999 | if (getuid() && (home = getenv("HOME")) != NULL) |
1000 | # else | |
1001 | if ((home = getenv("HOME")) != NULL) | |
1002 | # endif /* HAVE_GETEUID */ | |
1003 | { | |
1004 | /* | |
1005 | * Look for ~/.cups/client.conf... | |
1006 | */ | |
1007 | ||
1008 | snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home); | |
1009 | if ((fp = cupsFileOpen(filename, "r")) != NULL) | |
1010 | { | |
1011 | cups_read_client_conf(fp, &cc); | |
1012 | cupsFileClose(fp); | |
1013 | } | |
1014 | } | |
1015 | ||
1016 | /* | |
1017 | * Finalize things so every client.conf value is set... | |
e07d4801 MS |
1018 | */ |
1019 | ||
3abb875b MS |
1020 | cups_finalize_client_conf(&cc); |
1021 | ||
59cd12c6 MS |
1022 | cg->uatokens = cc.uatokens; |
1023 | ||
3abb875b MS |
1024 | if (cg->encryption == (http_encryption_t)-1) |
1025 | cg->encryption = cc.encryption; | |
1026 | ||
1027 | if (!cg->server[0] || !cg->ipp_port) | |
1028 | cupsSetServer(cc.server_name); | |
1029 | ||
1030 | if (!cg->ipp_port) | |
4b9daaf4 | 1031 | cups_set_default_ipp_port(cg); |
3abb875b MS |
1032 | |
1033 | if (!cg->user[0]) | |
1034 | strlcpy(cg->user, cc.user, sizeof(cg->user)); | |
1035 | ||
1036 | #ifdef HAVE_GSSAPI | |
1037 | if (!cg->gss_service_name[0]) | |
1038 | strlcpy(cg->gss_service_name, cc.gss_service_name, sizeof(cg->gss_service_name)); | |
1039 | #endif /* HAVE_GSSAPI */ | |
1040 | ||
08d56b1f MS |
1041 | if (cg->trust_first < 0) |
1042 | cg->trust_first = cc.trust_first; | |
1043 | ||
3abb875b MS |
1044 | if (cg->any_root < 0) |
1045 | cg->any_root = cc.any_root; | |
1046 | ||
1047 | if (cg->expired_certs < 0) | |
1048 | cg->expired_certs = cc.expired_certs; | |
1049 | ||
1050 | if (cg->validate_certs < 0) | |
1051 | cg->validate_certs = cc.validate_certs; | |
1052 | ||
1053 | #ifdef HAVE_SSL | |
8f1fbdec | 1054 | _httpTLSSetOptions(cc.ssl_options | _HTTP_TLS_SET_DEFAULT, cc.ssl_min_version, cc.ssl_max_version); |
3abb875b MS |
1055 | #endif /* HAVE_SSL */ |
1056 | } | |
1057 | ||
1058 | ||
08d56b1f MS |
1059 | #ifdef __APPLE__ |
1060 | /* | |
1061 | * 'cups_apple_get_boolean()' - Get a boolean setting from the CUPS preferences. | |
1062 | */ | |
1063 | ||
1064 | static int /* O - 1 if set, 0 otherwise */ | |
1065 | cups_apple_get_boolean( | |
1066 | CFStringRef key, /* I - Key (name) */ | |
1067 | int *value) /* O - Boolean value */ | |
1068 | { | |
1069 | Boolean bval, /* Preference value */ | |
1070 | bval_set; /* Value is set? */ | |
1071 | ||
1072 | ||
1073 | bval = CFPreferencesGetAppBooleanValue(key, kCUPSPrintingPrefs, &bval_set); | |
1074 | ||
1075 | if (bval_set) | |
1076 | *value = (int)bval; | |
1077 | ||
1078 | return ((int)bval_set); | |
1079 | } | |
1080 | ||
1081 | ||
1082 | /* | |
1083 | * 'cups_apple_get_string()' - Get a string setting from the CUPS preferences. | |
1084 | */ | |
1085 | ||
1086 | static int /* O - 1 if set, 0 otherwise */ | |
1087 | cups_apple_get_string( | |
1088 | CFStringRef key, /* I - Key (name) */ | |
1089 | char *value, /* O - String value */ | |
1090 | size_t valsize) /* I - Size of value buffer */ | |
1091 | { | |
1092 | CFStringRef sval; /* String value */ | |
1093 | ||
1094 | ||
1095 | if ((sval = CFPreferencesCopyAppValue(key, kCUPSPrintingPrefs)) != NULL) | |
1096 | { | |
1097 | Boolean result = CFStringGetCString(sval, value, (CFIndex)valsize, kCFStringEncodingUTF8); | |
1098 | ||
1099 | CFRelease(sval); | |
1100 | ||
1101 | if (result) | |
1102 | return (1); | |
1103 | } | |
1104 | ||
1105 | return (0); | |
1106 | } | |
1107 | #endif /* __APPLE__ */ | |
1108 | ||
1109 | ||
3abb875b MS |
1110 | /* |
1111 | * 'cups_boolean_value()' - Convert a string to a boolean value. | |
1112 | */ | |
1113 | ||
1114 | static int /* O - Boolean value */ | |
1115 | cups_boolean_value(const char *value) /* I - String value */ | |
1116 | { | |
1117 | return (!_cups_strcasecmp(value, "yes") || !_cups_strcasecmp(value, "on") || !_cups_strcasecmp(value, "true")); | |
1118 | } | |
1119 | ||
1120 | ||
1121 | /* | |
1122 | * 'cups_finalize_client_conf()' - Finalize client.conf values. | |
1123 | */ | |
1124 | ||
1125 | static void | |
1126 | cups_finalize_client_conf( | |
1127 | _cups_client_conf_t *cc) /* I - client.conf values */ | |
1128 | { | |
1129 | const char *value; /* Environment variable */ | |
1130 | ||
1131 | ||
08d56b1f MS |
1132 | if ((value = getenv("CUPS_TRUSTFIRST")) != NULL) |
1133 | cc->trust_first = cups_boolean_value(value); | |
1134 | ||
3abb875b MS |
1135 | if ((value = getenv("CUPS_ANYROOT")) != NULL) |
1136 | cc->any_root = cups_boolean_value(value); | |
1137 | ||
1138 | if ((value = getenv("CUPS_ENCRYPTION")) != NULL) | |
1139 | cups_set_encryption(cc, value); | |
1140 | ||
1141 | if ((value = getenv("CUPS_EXPIREDCERTS")) != NULL) | |
1142 | cc->expired_certs = cups_boolean_value(value); | |
1143 | ||
07ed0e9a | 1144 | #ifdef HAVE_GSSAPI |
3abb875b MS |
1145 | if ((value = getenv("CUPS_GSSSERVICENAME")) != NULL) |
1146 | cups_set_gss_service_name(cc, value); | |
07ed0e9a | 1147 | #endif /* HAVE_GSSAPI */ |
3abb875b MS |
1148 | |
1149 | if ((value = getenv("CUPS_SERVER")) != NULL) | |
1150 | cups_set_server_name(cc, value); | |
1151 | ||
1152 | if ((value = getenv("CUPS_USER")) != NULL) | |
1153 | cups_set_user(cc, value); | |
1154 | ||
1155 | if ((value = getenv("CUPS_VALIDATECERTS")) != NULL) | |
1156 | cc->validate_certs = cups_boolean_value(value); | |
e07d4801 MS |
1157 | |
1158 | /* | |
3abb875b | 1159 | * Then apply defaults for those values that haven't been set... |
e07d4801 MS |
1160 | */ |
1161 | ||
08d56b1f MS |
1162 | if (cc->trust_first < 0) |
1163 | cc->trust_first = 1; | |
1164 | ||
3abb875b MS |
1165 | if (cc->any_root < 0) |
1166 | cc->any_root = 1; | |
1167 | ||
1168 | if (cc->encryption == (http_encryption_t)-1) | |
1169 | cc->encryption = HTTP_ENCRYPTION_IF_REQUESTED; | |
1170 | ||
1171 | if (cc->expired_certs < 0) | |
08d56b1f | 1172 | cc->expired_certs = 0; |
3abb875b MS |
1173 | |
1174 | #ifdef HAVE_GSSAPI | |
1175 | if (!cc->gss_service_name[0]) | |
1176 | cups_set_gss_service_name(cc, CUPS_DEFAULT_GSSSERVICENAME); | |
1177 | #endif /* HAVE_GSSAPI */ | |
1178 | ||
1179 | if (!cc->server_name[0]) | |
e07d4801 | 1180 | { |
63aefcd5 | 1181 | /* |
3abb875b MS |
1182 | * If we are compiled with domain socket support, only use the |
1183 | * domain socket if it exists and has the right permissions... | |
63aefcd5 MS |
1184 | */ |
1185 | ||
9e24f768 MS |
1186 | #if defined(__APPLE__) && !TARGET_OS_OSX |
1187 | cups_set_server_name(cc, "/private/var/run/printd"); | |
1188 | ||
1189 | #else | |
1190 | # ifdef CUPS_DEFAULT_DOMAINSOCKET | |
89b7fd55 | 1191 | if (!access(CUPS_DEFAULT_DOMAINSOCKET, R_OK)) |
3abb875b MS |
1192 | cups_set_server_name(cc, CUPS_DEFAULT_DOMAINSOCKET); |
1193 | else | |
9e24f768 MS |
1194 | # endif /* CUPS_DEFAULT_DOMAINSOCKET */ |
1195 | cups_set_server_name(cc, "localhost"); | |
1196 | #endif /* __APPLE__ && !TARGET_OS_OSX */ | |
3abb875b | 1197 | } |
63aefcd5 | 1198 | |
3abb875b MS |
1199 | if (!cc->user[0]) |
1200 | { | |
19dc16f7 | 1201 | #ifdef _WIN32 |
63aefcd5 | 1202 | /* |
3abb875b | 1203 | * Get the current user name from the OS... |
63aefcd5 MS |
1204 | */ |
1205 | ||
3abb875b | 1206 | DWORD size; /* Size of string */ |
63aefcd5 | 1207 | |
3abb875b | 1208 | size = sizeof(cc->user); |
86206ccf | 1209 | if (!GetUserNameA(cc->user, &size)) |
3abb875b | 1210 | #else |
63aefcd5 | 1211 | /* |
3abb875b | 1212 | * Try the USER environment variable as the default username... |
63aefcd5 MS |
1213 | */ |
1214 | ||
3abb875b MS |
1215 | const char *envuser = getenv("USER"); |
1216 | /* Default username */ | |
1217 | struct passwd *pw = NULL; /* Account information */ | |
1218 | ||
1219 | if (envuser) | |
d09495fa | 1220 | { |
10d09e33 | 1221 | /* |
3abb875b MS |
1222 | * Validate USER matches the current UID, otherwise don't allow it to |
1223 | * override things... This makes sure that printing after doing su | |
1224 | * or sudo records the correct username. | |
10d09e33 | 1225 | */ |
e07d4801 | 1226 | |
3abb875b MS |
1227 | if ((pw = getpwnam(envuser)) != NULL && pw->pw_uid != getuid()) |
1228 | pw = NULL; | |
1229 | } | |
1230 | ||
1231 | if (!pw) | |
1232 | pw = getpwuid(getuid()); | |
e07d4801 | 1233 | |
3abb875b MS |
1234 | if (pw) |
1235 | strlcpy(cc->user, pw->pw_name, sizeof(cc->user)); | |
1236 | else | |
19dc16f7 | 1237 | #endif /* _WIN32 */ |
3abb875b | 1238 | { |
e07d4801 | 1239 | /* |
3abb875b | 1240 | * Use the default "unknown" user name... |
e07d4801 MS |
1241 | */ |
1242 | ||
3abb875b | 1243 | strlcpy(cc->user, "unknown", sizeof(cc->user)); |
63aefcd5 | 1244 | } |
e07d4801 | 1245 | } |
3abb875b MS |
1246 | |
1247 | if (cc->validate_certs < 0) | |
1248 | cc->validate_certs = 0; | |
1249 | } | |
1250 | ||
1251 | ||
1252 | /* | |
1253 | * 'cups_init_client_conf()' - Initialize client.conf values. | |
1254 | */ | |
1255 | ||
1256 | static void | |
1257 | cups_init_client_conf( | |
1258 | _cups_client_conf_t *cc) /* I - client.conf values */ | |
1259 | { | |
1260 | /* | |
1261 | * Clear all values to "not set"... | |
1262 | */ | |
1263 | ||
1264 | memset(cc, 0, sizeof(_cups_client_conf_t)); | |
1265 | ||
59cd12c6 MS |
1266 | cc->uatokens = _CUPS_UATOKENS_MINIMAL; |
1267 | ||
3c2cb822 | 1268 | #if defined(__APPLE__) && !TARGET_OS_OSX |
588c2205 | 1269 | cups_set_user(cc, "mobile"); |
3c2cb822 | 1270 | #endif /* __APPLE__ && !TARGET_OS_OSX */ |
588c2205 | 1271 | |
60da78ba | 1272 | #ifdef HAVE_SSL |
c88f441f MS |
1273 | cc->ssl_min_version = _HTTP_TLS_1_0; |
1274 | cc->ssl_max_version = _HTTP_TLS_MAX; | |
60da78ba | 1275 | #endif /* HAVE_SSL */ |
c88f441f MS |
1276 | cc->encryption = (http_encryption_t)-1; |
1277 | cc->trust_first = -1; | |
1278 | cc->any_root = -1; | |
1279 | cc->expired_certs = -1; | |
1280 | cc->validate_certs = -1; | |
08d56b1f MS |
1281 | |
1282 | /* | |
1283 | * Load settings from the org.cups.PrintingPrefs plist (which trump | |
1284 | * everything...) | |
1285 | */ | |
1286 | ||
59cd12c6 | 1287 | #if defined(__APPLE__) |
08d56b1f | 1288 | char sval[1024]; /* String value */ |
59cd12c6 | 1289 | # ifdef HAVE_SSL |
08d56b1f MS |
1290 | int bval; /* Boolean value */ |
1291 | ||
1292 | if (cups_apple_get_boolean(kAllowAnyRootKey, &bval)) | |
1293 | cc->any_root = bval; | |
1294 | ||
1295 | if (cups_apple_get_boolean(kAllowExpiredCertsKey, &bval)) | |
1296 | cc->expired_certs = bval; | |
1297 | ||
1298 | if (cups_apple_get_string(kEncryptionKey, sval, sizeof(sval))) | |
1299 | cups_set_encryption(cc, sval); | |
1300 | ||
1301 | if (cups_apple_get_string(kSSLOptionsKey, sval, sizeof(sval))) | |
588c2205 | 1302 | { |
08d56b1f | 1303 | cups_set_ssl_options(cc, sval); |
588c2205 MS |
1304 | } |
1305 | else | |
1306 | { | |
1307 | sval[0] = '\0'; | |
1308 | ||
1309 | if (cups_apple_get_boolean(kAllowRC4, &bval) && bval) | |
1310 | strlcat(sval, " AllowRC4", sizeof(sval)); | |
1311 | if (cups_apple_get_boolean(kAllowSSL3, &bval) && bval) | |
1312 | strlcat(sval, " AllowSSL3", sizeof(sval)); | |
1313 | if (cups_apple_get_boolean(kAllowDH, &bval) && bval) | |
1314 | strlcat(sval, " AllowDH", sizeof(sval)); | |
1315 | ||
1316 | if (sval[0]) | |
1317 | cups_set_ssl_options(cc, sval); | |
1318 | } | |
08d56b1f MS |
1319 | |
1320 | if (cups_apple_get_boolean(kTrustOnFirstUseKey, &bval)) | |
1321 | cc->trust_first = bval; | |
1322 | ||
1323 | if (cups_apple_get_boolean(kValidateCertsKey, &bval)) | |
1324 | cc->validate_certs = bval; | |
59cd12c6 MS |
1325 | # endif /* HAVE_SSL */ |
1326 | ||
1327 | if (cups_apple_get_string(kUserAgentTokensKey, sval, sizeof(sval))) | |
1328 | { | |
1329 | cups_set_uatokens(cc, sval); | |
1330 | } | |
1331 | #endif /* __APPLE__ */ | |
e07d4801 MS |
1332 | } |
1333 | ||
1334 | ||
1335 | /* | |
1336 | * 'cups_read_client_conf()' - Read a client.conf file. | |
1337 | */ | |
1338 | ||
1339 | static void | |
1340 | cups_read_client_conf( | |
3abb875b MS |
1341 | cups_file_t *fp, /* I - File to read */ |
1342 | _cups_client_conf_t *cc) /* I - client.conf values */ | |
e07d4801 MS |
1343 | { |
1344 | int linenum; /* Current line number */ | |
1345 | char line[1024], /* Line from file */ | |
3abb875b | 1346 | *value; /* Pointer into line */ |
e07d4801 MS |
1347 | |
1348 | ||
1349 | /* | |
1350 | * Read from the file... | |
1351 | */ | |
1352 | ||
1353 | linenum = 0; | |
1354 | while (cupsFileGetConf(fp, line, sizeof(line), &value, &linenum)) | |
1355 | { | |
3abb875b MS |
1356 | if (!_cups_strcasecmp(line, "Encryption") && value) |
1357 | cups_set_encryption(cc, value); | |
85dda01c MS |
1358 | #ifndef __APPLE__ |
1359 | /* | |
8072030b | 1360 | * The ServerName directive is not supported on macOS due to app |
3abb875b | 1361 | * sandboxing restrictions, i.e. not all apps request network access. |
85dda01c | 1362 | */ |
3abb875b MS |
1363 | else if (!_cups_strcasecmp(line, "ServerName") && value) |
1364 | cups_set_server_name(cc, value); | |
85dda01c | 1365 | #endif /* !__APPLE__ */ |
3abb875b MS |
1366 | else if (!_cups_strcasecmp(line, "User") && value) |
1367 | cups_set_user(cc, value); | |
59cd12c6 MS |
1368 | else if (!_cups_strcasecmp(line, "UserAgentTokens") && value) |
1369 | cups_set_uatokens(cc, value); | |
08d56b1f MS |
1370 | else if (!_cups_strcasecmp(line, "TrustOnFirstUse") && value) |
1371 | cc->trust_first = cups_boolean_value(value); | |
3abb875b MS |
1372 | else if (!_cups_strcasecmp(line, "AllowAnyRoot") && value) |
1373 | cc->any_root = cups_boolean_value(value); | |
1374 | else if (!_cups_strcasecmp(line, "AllowExpiredCerts") && | |
7cf5915e | 1375 | value) |
3abb875b MS |
1376 | cc->expired_certs = cups_boolean_value(value); |
1377 | else if (!_cups_strcasecmp(line, "ValidateCerts") && value) | |
1378 | cc->validate_certs = cups_boolean_value(value); | |
07ed0e9a | 1379 | #ifdef HAVE_GSSAPI |
3abb875b MS |
1380 | else if (!_cups_strcasecmp(line, "GSSServiceName") && value) |
1381 | cups_set_gss_service_name(cc, value); | |
07ed0e9a | 1382 | #endif /* HAVE_GSSAPI */ |
22ebb7d0 | 1383 | #ifdef HAVE_SSL |
3abb875b MS |
1384 | else if (!_cups_strcasecmp(line, "SSLOptions") && value) |
1385 | cups_set_ssl_options(cc, value); | |
1386 | #endif /* HAVE_SSL */ | |
1387 | } | |
1388 | } | |
63aefcd5 | 1389 | |
63aefcd5 | 1390 | |
4b9daaf4 MS |
1391 | /* |
1392 | * 'cups_set_default_ipp_port()' - Set the default IPP port value. | |
1393 | */ | |
1394 | ||
1395 | static void | |
1396 | cups_set_default_ipp_port( | |
1397 | _cups_globals_t *cg) /* I - Global data */ | |
1398 | { | |
1399 | const char *ipp_port; /* IPP_PORT environment variable */ | |
1400 | ||
1401 | ||
1402 | if ((ipp_port = getenv("IPP_PORT")) != NULL) | |
1403 | { | |
1404 | if ((cg->ipp_port = atoi(ipp_port)) <= 0) | |
1405 | cg->ipp_port = CUPS_DEFAULT_IPP_PORT; | |
1406 | } | |
1407 | else | |
1408 | cg->ipp_port = CUPS_DEFAULT_IPP_PORT; | |
1409 | } | |
1410 | ||
3abb875b MS |
1411 | /* |
1412 | * 'cups_set_encryption()' - Set the Encryption value. | |
1413 | */ | |
63aefcd5 | 1414 | |
3abb875b MS |
1415 | static void |
1416 | cups_set_encryption( | |
1417 | _cups_client_conf_t *cc, /* I - client.conf values */ | |
1418 | const char *value) /* I - Value */ | |
1419 | { | |
1420 | if (!_cups_strcasecmp(value, "never")) | |
1421 | cc->encryption = HTTP_ENCRYPTION_NEVER; | |
1422 | else if (!_cups_strcasecmp(value, "always")) | |
1423 | cc->encryption = HTTP_ENCRYPTION_ALWAYS; | |
1424 | else if (!_cups_strcasecmp(value, "required")) | |
1425 | cc->encryption = HTTP_ENCRYPTION_REQUIRED; | |
1426 | else | |
1427 | cc->encryption = HTTP_ENCRYPTION_IF_REQUESTED; | |
1428 | } | |
e07d4801 | 1429 | |
e07d4801 | 1430 | |
3abb875b MS |
1431 | /* |
1432 | * 'cups_set_gss_service_name()' - Set the GSSServiceName value. | |
1433 | */ | |
b423cd4c | 1434 | |
3abb875b MS |
1435 | #ifdef HAVE_GSSAPI |
1436 | static void | |
1437 | cups_set_gss_service_name( | |
1438 | _cups_client_conf_t *cc, /* I - client.conf values */ | |
1439 | const char *value) /* I - Value */ | |
1440 | { | |
1441 | strlcpy(cc->gss_service_name, value, sizeof(cc->gss_service_name)); | |
1442 | } | |
1443 | #endif /* HAVE_GSSAPI */ | |
7cf5915e | 1444 | |
10d09e33 | 1445 | |
3abb875b MS |
1446 | /* |
1447 | * 'cups_set_server_name()' - Set the ServerName value. | |
1448 | */ | |
10d09e33 | 1449 | |
3abb875b MS |
1450 | static void |
1451 | cups_set_server_name( | |
1452 | _cups_client_conf_t *cc, /* I - client.conf values */ | |
1453 | const char *value) /* I - Value */ | |
1454 | { | |
1455 | strlcpy(cc->server_name, value, sizeof(cc->server_name)); | |
1456 | } | |
10d09e33 | 1457 | |
10d09e33 | 1458 | |
3abb875b MS |
1459 | /* |
1460 | * 'cups_set_ssl_options()' - Set the SSLOptions value. | |
1461 | */ | |
10d09e33 | 1462 | |
3abb875b MS |
1463 | #ifdef HAVE_SSL |
1464 | static void | |
1465 | cups_set_ssl_options( | |
1466 | _cups_client_conf_t *cc, /* I - client.conf values */ | |
1467 | const char *value) /* I - Value */ | |
1468 | { | |
1469 | /* | |
ee6226a5 | 1470 | * SSLOptions [AllowRC4] [AllowSSL3] [AllowDH] [DenyTLS1.0] [None] |
3abb875b | 1471 | */ |
10d09e33 | 1472 | |
8f1fbdec MS |
1473 | int options = _HTTP_TLS_NONE, /* SSL/TLS options */ |
1474 | min_version = _HTTP_TLS_1_0, /* Minimum SSL/TLS version */ | |
1475 | max_version = _HTTP_TLS_MAX; /* Maximum SSL/TLS version */ | |
3abb875b MS |
1476 | char temp[256], /* Copy of value */ |
1477 | *start, /* Start of option */ | |
1478 | *end; /* End of option */ | |
3e7fe0ca | 1479 | |
3e7fe0ca | 1480 | |
3abb875b | 1481 | strlcpy(temp, value, sizeof(temp)); |
3e7fe0ca | 1482 | |
3abb875b MS |
1483 | for (start = temp; *start; start = end) |
1484 | { | |
a8db9df8 | 1485 | /* |
3abb875b MS |
1486 | * Find end of keyword... |
1487 | */ | |
3e7fe0ca | 1488 | |
3abb875b MS |
1489 | end = start; |
1490 | while (*end && !_cups_isspace(*end)) | |
1491 | end ++; | |
93e3d3f5 | 1492 | |
3abb875b MS |
1493 | if (*end) |
1494 | *end++ = '\0'; | |
93e3d3f5 | 1495 | |
3abb875b MS |
1496 | /* |
1497 | * Compare... | |
1498 | */ | |
3e7fe0ca | 1499 | |
3abb875b MS |
1500 | if (!_cups_strcasecmp(start, "AllowRC4")) |
1501 | options |= _HTTP_TLS_ALLOW_RC4; | |
1502 | else if (!_cups_strcasecmp(start, "AllowSSL3")) | |
8f1fbdec | 1503 | min_version = _HTTP_TLS_SSL3; |
ee6226a5 MS |
1504 | else if (!_cups_strcasecmp(start, "AllowDH")) |
1505 | options |= _HTTP_TLS_ALLOW_DH; | |
f2e87147 MS |
1506 | else if (!_cups_strcasecmp(start, "DenyCBC")) |
1507 | options |= _HTTP_TLS_DENY_CBC; | |
ee6226a5 | 1508 | else if (!_cups_strcasecmp(start, "DenyTLS1.0")) |
8f1fbdec MS |
1509 | min_version = _HTTP_TLS_1_1; |
1510 | else if (!_cups_strcasecmp(start, "MaxTLS1.0")) | |
1511 | max_version = _HTTP_TLS_1_0; | |
1512 | else if (!_cups_strcasecmp(start, "MaxTLS1.1")) | |
1513 | max_version = _HTTP_TLS_1_1; | |
1514 | else if (!_cups_strcasecmp(start, "MaxTLS1.2")) | |
1515 | max_version = _HTTP_TLS_1_2; | |
1516 | else if (!_cups_strcasecmp(start, "MaxTLS1.3")) | |
1517 | max_version = _HTTP_TLS_1_3; | |
1518 | else if (!_cups_strcasecmp(start, "MinTLS1.0")) | |
1519 | min_version = _HTTP_TLS_1_0; | |
1520 | else if (!_cups_strcasecmp(start, "MinTLS1.1")) | |
1521 | min_version = _HTTP_TLS_1_1; | |
1522 | else if (!_cups_strcasecmp(start, "MinTLS1.2")) | |
1523 | min_version = _HTTP_TLS_1_2; | |
1524 | else if (!_cups_strcasecmp(start, "MinTLS1.3")) | |
1525 | min_version = _HTTP_TLS_1_3; | |
3abb875b | 1526 | else if (!_cups_strcasecmp(start, "None")) |
ee6226a5 | 1527 | options = _HTTP_TLS_NONE; |
3e7fe0ca MS |
1528 | } |
1529 | ||
8f1fbdec MS |
1530 | cc->ssl_options = options; |
1531 | cc->ssl_max_version = max_version; | |
1532 | cc->ssl_min_version = min_version; | |
b37d45d9 | 1533 | |
8f1fbdec | 1534 | DEBUG_printf(("4cups_set_ssl_options(cc=%p, value=\"%s\") options=%x, min_version=%d, max_version=%d", (void *)cc, value, options, min_version, max_version)); |
3abb875b MS |
1535 | } |
1536 | #endif /* HAVE_SSL */ | |
07ed0e9a | 1537 | |
7cf5915e | 1538 | |
59cd12c6 MS |
1539 | /* |
1540 | * 'cups_set_uatokens()' - Set the UserAgentTokens value. | |
1541 | */ | |
1542 | ||
1543 | static void | |
1544 | cups_set_uatokens( | |
1545 | _cups_client_conf_t *cc, /* I - client.conf values */ | |
1546 | const char *value) /* I - Value */ | |
1547 | { | |
1548 | int i; /* Looping var */ | |
1549 | static const char * const uatokens[] =/* UserAgentTokens values */ | |
1550 | { | |
1551 | "NONE", | |
1552 | "PRODUCTONLY", | |
1553 | "MAJOR", | |
1554 | "MINOR", | |
1555 | "MINIMAL", | |
1556 | "OS", | |
1557 | "FULL" | |
1558 | }; | |
1559 | ||
1560 | for (i = 0; i < (int)(sizeof(uatokens) / sizeof(uatokens[0])); i ++) | |
1561 | { | |
1562 | if (!_cups_strcasecmp(value, uatokens[i])) | |
1563 | { | |
1564 | cc->uatokens = (_cups_uatokens_t)i; | |
1565 | return; | |
1566 | } | |
1567 | } | |
1568 | } | |
1569 | ||
1570 | ||
3abb875b MS |
1571 | /* |
1572 | * 'cups_set_user()' - Set the User value. | |
1573 | */ | |
f51f3773 | 1574 | |
3abb875b MS |
1575 | static void |
1576 | cups_set_user( | |
1577 | _cups_client_conf_t *cc, /* I - client.conf values */ | |
1578 | const char *value) /* I - Value */ | |
1579 | { | |
1580 | strlcpy(cc->user, value, sizeof(cc->user)); | |
b423cd4c | 1581 | } |