]> git.ipfire.org Git - thirdparty/cups.git/blob - scheduler/policy.c
projects / thirdparty / cups.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge changes from CUPS 1.5svn-r9037.
[thirdparty/cups.git] / scheduler / policy.c
1 /*
2 * "$Id: policy.c 7673 2008-06-18 22:31:26Z mike $"
3 *
4 * Policy routines for the Common UNIX Printing System (CUPS).
5 *
6 * Copyright 2007-2008 by Apple Inc.
7 * Copyright 1997-2006 by Easy Software Products, all rights reserved.
8 *
9 * These coded instructions, statements, and computer programs are the
10 * property of Apple Inc. and are protected by Federal copyright
11 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 * which should have been included with this file. If this file is
13 * file is missing or damaged, see the license at "http://www.cups.org/".
14 *
15 * Contents:
16 *
17 * cupsdAddPolicy() - Add a policy to the system.
18 * cupsdAddPolicyOp() - Add an operation to a policy.
19 * cupsdCheckPolicy() - Check the IPP operation and username against
20 * a policy.
21 * cupsdDeleteAllPolicies() - Delete all policies in memory.
22 * cupsdFindPolicy() - Find a named policy.
23 * cupsdFindPolicyOp() - Find a policy operation.
24 */
25
26 /*
27 * Include necessary headers...
28 */
29
30 #include "cupsd.h"
31
32
33 /*
34 * Local functions...
35 */
36
37 static int compare_ops(cupsd_location_t *a, cupsd_location_t *b);
38 static int compare_policies(cupsd_policy_t *a, cupsd_policy_t *b);
39 static int hash_op(cupsd_location_t *op);
40
41
42 /*
43 * 'AddPolicy()' - Add a policy to the system.
44 */
45
46 cupsd_policy_t * /* O - Policy */
47 cupsdAddPolicy(const char *policy) /* I - Name of policy */
48 {
49 cupsd_policy_t *temp; /* Pointer to policy */
50
51
52 if (!policy)
53 return (NULL);
54
55 if (!Policies)
56 Policies = cupsArrayNew((cups_array_func_t)compare_policies, NULL);
57
58 if (!Policies)
59 return (NULL);
60
61 if ((temp = calloc(1, sizeof(cupsd_policy_t))) != NULL)
62 {
63 cupsdSetString(&temp->name, policy);
64 cupsArrayAdd(Policies, temp);
65 }
66
67 return (temp);
68 }
69
70
71 /*
72 * 'cupsdAddPolicyOp()' - Add an operation to a policy.
73 */
74
75 cupsd_location_t * /* O - New policy operation */
76 cupsdAddPolicyOp(cupsd_policy_t *p, /* I - Policy */
77 cupsd_location_t *po, /* I - Policy operation to copy */
78 ipp_op_t op) /* I - IPP operation code */
79 {
80 int i; /* Looping var */
81 cupsd_location_t *temp; /* New policy operation */
82 char name[1024]; /* Interface name */
83
84
85 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdAddPolicyOp(p=%p, po=%p, op=%x(%s))",
86 p, po, op, ippOpString(op));
87
88 if (!p)
89 return (NULL);
90
91 if (!p->ops)
92 p->ops = cupsArrayNew2((cups_array_func_t)compare_ops, NULL,
93 (cups_ahash_func_t)hash_op, 128);
94
95 if (!p->ops)
96 return (NULL);
97
98 if ((temp = calloc(1, sizeof(cupsd_location_t))) != NULL)
99 {
100 temp->op = op;
101 temp->limit = CUPSD_AUTH_LIMIT_IPP;
102
103 cupsArrayAdd(p->ops, temp);
104
105 if (po)
106 {
107 /*
108 * Copy the specified policy to the new one...
109 */
110
111 temp->order_type = po->order_type;
112 temp->type = po->type;
113 temp->level = po->level;
114 temp->satisfy = po->satisfy;
115 temp->encryption = po->encryption;
116
117 for (i = 0; i < po->num_names; i ++)
118 cupsdAddName(temp, po->names[i]);
119
120 for (i = 0; i < po->num_allow; i ++)
121 switch (po->allow[i].type)
122 {
123 case CUPSD_AUTH_IP :
124 cupsdAllowIP(temp, po->allow[i].mask.ip.address,
125 po->allow[i].mask.ip.netmask);
126 break;
127
128 case CUPSD_AUTH_INTERFACE :
129 snprintf(name, sizeof(name), "@IF(%s)",
130 po->allow[i].mask.name.name);
131 cupsdAllowHost(temp, name);
132 break;
133
134 default :
135 cupsdAllowHost(temp, po->allow[i].mask.name.name);
136 break;
137 }
138
139 for (i = 0; i < po->num_deny; i ++)
140 switch (po->deny[i].type)
141 {
142 case CUPSD_AUTH_IP :
143 cupsdDenyIP(temp, po->deny[i].mask.ip.address,
144 po->deny[i].mask.ip.netmask);
145 break;
146
147 case CUPSD_AUTH_INTERFACE :
148 snprintf(name, sizeof(name), "@IF(%s)",
149 po->deny[i].mask.name.name);
150 cupsdDenyHost(temp, name);
151 break;
152
153 default :
154 cupsdDenyHost(temp, po->deny[i].mask.name.name);
155 break;
156 }
157 }
158 }
159
160 return (temp);
161 }
162
163
164 /*
165 * 'cupsdCheckPolicy()' - Check the IPP operation and username against a policy.
166 */
167
168 http_status_t /* I - 1 if OK, 0 otherwise */
169 cupsdCheckPolicy(cupsd_policy_t *p, /* I - Policy */
170 cupsd_client_t *con, /* I - Client connection */
171 const char *owner) /* I - Owner of object */
172 {
173 cupsd_location_t *po; /* Current policy operation */
174
175
176 /*
177 * Range check...
178 */
179
180 if (!p || !con)
181 {
182 cupsdLogMessage(CUPSD_LOG_CRIT, "cupsdCheckPolicy: p=%p, con=%p!", p, con);
183
184 return ((http_status_t)0);
185 }
186
187 /*
188 * Find a match for the operation...
189 */
190
191 if ((po = cupsdFindPolicyOp(p, con->request->request.op.operation_id)) == NULL)
192 {
193 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCheckPolicy: No matching operation, returning 0!");
194 return ((http_status_t)0);
195 }
196
197 con->best = po;
198
199 /*
200 * Return the status of the check...
201 */
202
203 return (cupsdIsAuthorized(con, owner));
204 }
205
206
207 /*
208 * 'cupsdDeleteAllPolicies()' - Delete all policies in memory.
209 */
210
211 void
212 cupsdDeleteAllPolicies(void)
213 {
214 cupsd_policy_t *p; /* Current policy */
215 cupsd_location_t *po; /* Current policy op */
216 cupsd_printer_t *printer; /* Current printer */
217
218
219 if (!Policies)
220 return;
221
222 /*
223 * First clear the policy pointers for all printers...
224 */
225
226 for (printer = (cupsd_printer_t *)cupsArrayFirst(Printers);
227 printer;
228 printer = (cupsd_printer_t *)cupsArrayNext(Printers))
229 printer->op_policy_ptr = NULL;
230
231 /*
232 * Then free all of the policies...
233 */
234
235 for (p = (cupsd_policy_t *)cupsArrayFirst(Policies);
236 p;
237 p = (cupsd_policy_t *)cupsArrayNext(Policies))
238 {
239 for (po = (cupsd_location_t *)cupsArrayFirst(p->ops);
240 po;
241 po = (cupsd_location_t *)cupsArrayNext(p->ops))
242 cupsdDeleteLocation(po);
243
244 cupsArrayDelete(p->ops);
245 cupsdClearString(&p->name);
246 free(p);
247 }
248
249 cupsArrayDelete(Policies);
250
251 Policies = NULL;
252 }
253
254
255 /*
256 * 'cupsdFindPolicy()' - Find a named policy.
257 */
258
259 cupsd_policy_t * /* O - Policy */
260 cupsdFindPolicy(const char *policy) /* I - Name of policy */
261 {
262 cupsd_policy_t key; /* Search key */
263
264
265 /*
266 * Range check...
267 */
268
269 if (!policy)
270 return (NULL);
271
272 /*
273 * Look it up...
274 */
275
276 key.name = (char *)policy;
277 return ((cupsd_policy_t *)cupsArrayFind(Policies, &key));
278 }
279
280
281 /*
282 * 'cupsdFindPolicyOp()' - Find a policy operation.
283 */
284
285 cupsd_location_t * /* O - Policy operation */
286 cupsdFindPolicyOp(cupsd_policy_t *p, /* I - Policy */
287 ipp_op_t op) /* I - IPP operation */
288 {
289 cupsd_location_t key, /* Search key... */
290 *po; /* Current policy operation */
291
292
293 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdFindPolicyOp(p=%p, op=%x(%s))",
294 p, op, ippOpString(op));
295
296 /*
297 * Range check...
298 */
299
300 if (!p)
301 return (NULL);
302
303 /*
304 * Check the operation against the available policies...
305 */
306
307 key.op = op;
308 if ((po = (cupsd_location_t *)cupsArrayFind(p->ops, &key)) != NULL)
309 {
310 cupsdLogMessage(CUPSD_LOG_DEBUG2,
311 "cupsdFindPolicyOp: Found exact match...");
312 return (po);
313 }
314
315 key.op = IPP_ANY_OPERATION;
316 if ((po = (cupsd_location_t *)cupsArrayFind(p->ops, &key)) != NULL)
317 {
318 cupsdLogMessage(CUPSD_LOG_DEBUG2,
319 "cupsdFindPolicyOp: Found wildcard match...");
320 return (po);
321 }
322
323 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdFindPolicyOp: No match found!");
324
325 return (NULL);
326 }
327
328
329 /*
330 * 'compare_ops()' - Compare two operations.
331 */
332
333 static int /* O - Result of comparison */
334 compare_ops(cupsd_location_t *a, /* I - First operation */
335 cupsd_location_t *b) /* I - Second operation */
336 {
337 return (a->op - b->op);
338 }
339
340
341 /*
342 * 'compare_policies()' - Compare two policies.
343 */
344
345 static int /* O - Result of comparison */
346 compare_policies(cupsd_policy_t *a, /* I - First policy */
347 cupsd_policy_t *b) /* I - Second policy */
348 {
349 return (strcasecmp(a->name, b->name));
350 }
351
352
353 /*
354 * 'hash_op()' - Generate a lookup hash for the operation.
355 */
356
357 static int /* O - Hash value */
358 hash_op(cupsd_location_t *op) /* I - Operation */
359 {
360 return (((op->op >> 6) & 0x40) | (op->op & 0x3f));
361 }
362
363
364 /*
365 * End of "$Id: policy.c 7673 2008-06-18 22:31:26Z mike $".
366 */
Unnamed repository; edit this file 'description' to name the repository.