Merge changes from CUPS 1.6svn-r10510.

[thirdparty/cups.git] / scheduler / conf.c
diff --git a/scheduler/conf.c b/scheduler/conf.c

index b11d337e8599a3485234e1ae65c75fbe56cd9a9e..a7ec4151c91dc774bb652c64098bf243b74cb373 100644 (file)
--- a/scheduler/conf.c
+++ b/scheduler/conf.c
@@ -3,7 +3,7 @@
   *
   *   Configuration routines for the CUPS scheduler.
   *
- *   Copyright 2007-2011 by Apple Inc.
+ *   Copyright 2007-2012 by Apple Inc.
   *   Copyright 1997-2007 by Easy Software Products, all rights reserved.
   *
   *   These coded instructions, statements, and computer programs are the
@@ -17,6 +17,7 @@
   *   cupsdAddAlias()          - Add a host alias.
   *   cupsdCheckPermissions()  - Fix the mode and ownership of a file or
   *                              directory.
+ *   cupsdDefaultAuthType()   - Get the default AuthType.
   *   cupsdFreeAliases()       - Free all of the alias entries.
   *   cupsdReadConfiguration() - Read the cupsd.conf file.
   *   get_address()            - Get an address + port number from a line.
@@ -64,6 +65,7 @@
  typedef enum
  {
    CUPSD_VARTYPE_INTEGER,               /* Integer option */
+  CUPSD_VARTYPE_TIME,                  /* Time interval option */
    CUPSD_VARTYPE_STRING,                        /* String option */
    CUPSD_VARTYPE_BOOLEAN,               /* Boolean option */
    CUPSD_VARTYPE_PATHNAME               /* File/directory name option */
@@ -71,7 +73,7 @@ typedef enum
  
  typedef struct
  {
-  char                 *name;          /* Name of variable */
+  const char           *name;          /* Name of variable */
    void                 *ptr;           /* Pointer to variable */
    cupsd_vartype_t      type;           /* Type (int, string, address) */
  } cupsd_var_t;
@@ -81,28 +83,15 @@ typedef struct
   * Local globals...
   */
  
+static int                     default_auth_type       = CUPSD_AUTH_AUTO;
+                                       /* Default AuthType, if not specified */
  static const cupsd_var_t       variables[] =
  {
    { "AccessLog",               &AccessLog,             CUPSD_VARTYPE_STRING },
    { "AutoPurgeJobs",           &JobAutoPurge,          CUPSD_VARTYPE_BOOLEAN },
  #ifdef HAVE_DNSSD
-  { "BrowseDNSSDRegType",      &DNSSDRegType,          CUPSD_VARTYPE_STRING },
+  { "BrowseDNSSDSubTypes",     &DNSSDSubTypes,         CUPSD_VARTYPE_STRING },
  #endif /* HAVE_DNSSD */
-  { "BrowseInterval",          &BrowseInterval,        CUPSD_VARTYPE_INTEGER },
-#ifdef HAVE_LDAP
-  { "BrowseLDAPBindDN",                &BrowseLDAPBindDN,      CUPSD_VARTYPE_STRING },
-#  ifdef HAVE_LDAP_SSL
-  { "BrowseLDAPCACertFile",    &BrowseLDAPCACertFile,  CUPSD_VARTYPE_PATHNAME },
-#  endif /* HAVE_LDAP_SSL */
-  { "BrowseLDAPDN",            &BrowseLDAPDN,          CUPSD_VARTYPE_STRING },
-  { "BrowseLDAPPassword",      &BrowseLDAPPassword,    CUPSD_VARTYPE_STRING },
-  { "BrowseLDAPServer",                &BrowseLDAPServer,      CUPSD_VARTYPE_STRING },
-#endif /* HAVE_LDAP */
-  { "BrowseLocalOptions",      &BrowseLocalOptions,    CUPSD_VARTYPE_STRING },
-  { "BrowsePort",              &BrowsePort,            CUPSD_VARTYPE_INTEGER },
-  { "BrowseRemoteOptions",     &BrowseRemoteOptions,   CUPSD_VARTYPE_STRING },
-  { "BrowseShortNames",                &BrowseShortNames,      CUPSD_VARTYPE_BOOLEAN },
-  { "BrowseTimeout",           &BrowseTimeout,         CUPSD_VARTYPE_INTEGER },
    { "BrowseWebIF",             &BrowseWebIF,           CUPSD_VARTYPE_BOOLEAN },
    { "Browsing",                        &Browsing,              CUPSD_VARTYPE_BOOLEAN },
    { "CacheDir",                        &CacheDir,              CUPSD_VARTYPE_STRING },
@@ -111,11 +100,11 @@ static const cupsd_var_t  variables[] =
    { "ConfigFilePerm",          &ConfigFilePerm,        CUPSD_VARTYPE_INTEGER },
    { "DataDir",                 &DataDir,               CUPSD_VARTYPE_STRING },
    { "DefaultLanguage",         &DefaultLanguage,       CUPSD_VARTYPE_STRING },
-  { "DefaultLeaseDuration",    &DefaultLeaseDuration,  CUPSD_VARTYPE_INTEGER },
+  { "DefaultLeaseDuration",    &DefaultLeaseDuration,  CUPSD_VARTYPE_TIME },
    { "DefaultPaperSize",                &DefaultPaperSize,      CUPSD_VARTYPE_STRING },
    { "DefaultPolicy",           &DefaultPolicy,         CUPSD_VARTYPE_STRING },
    { "DefaultShared",           &DefaultShared,         CUPSD_VARTYPE_BOOLEAN },
-  { "DirtyCleanInterval",      &DirtyCleanInterval,    CUPSD_VARTYPE_INTEGER },
+  { "DirtyCleanInterval",      &DirtyCleanInterval,    CUPSD_VARTYPE_TIME },
    { "DocumentRoot",            &DocumentRoot,          CUPSD_VARTYPE_STRING },
    { "ErrorLog",                        &ErrorLog,              CUPSD_VARTYPE_STRING },
    { "ErrorPolicy",             &ErrorPolicy,           CUPSD_VARTYPE_STRING },
@@ -123,16 +112,16 @@ static const cupsd_var_t  variables[] =
    { "FilterLimit",             &FilterLimit,           CUPSD_VARTYPE_INTEGER },
    { "FilterNice",              &FilterNice,            CUPSD_VARTYPE_INTEGER },
    { "FontPath",                        &FontPath,              CUPSD_VARTYPE_STRING },
-  { "HideImplicitMembers",     &HideImplicitMembers,   CUPSD_VARTYPE_BOOLEAN },
-  { "ImplicitClasses",         &ImplicitClasses,       CUPSD_VARTYPE_BOOLEAN },
-  { "ImplicitAnyClasses",      &ImplicitAnyClasses,    CUPSD_VARTYPE_BOOLEAN },
-  { "JobKillDelay",            &JobKillDelay,          CUPSD_VARTYPE_INTEGER },
+#ifdef HAVE_GSSAPI
+  { "GSSServiceName",          &GSSServiceName,        CUPSD_VARTYPE_STRING },
+#endif /* HAVE_GSSAPI */
+  { "JobKillDelay",            &JobKillDelay,          CUPSD_VARTYPE_TIME },
    { "JobRetryLimit",           &JobRetryLimit,         CUPSD_VARTYPE_INTEGER },
-  { "JobRetryInterval",                &JobRetryInterval,      CUPSD_VARTYPE_INTEGER },
-  { "KeepAliveTimeout",                &KeepAliveTimeout,      CUPSD_VARTYPE_INTEGER },
+  { "JobRetryInterval",                &JobRetryInterval,      CUPSD_VARTYPE_TIME },
+  { "KeepAliveTimeout",                &KeepAliveTimeout,      CUPSD_VARTYPE_TIME },
    { "KeepAlive",               &KeepAlive,             CUPSD_VARTYPE_BOOLEAN },
  #ifdef HAVE_LAUNCHD
-  { "LaunchdTimeout",          &LaunchdTimeout,        CUPSD_VARTYPE_INTEGER },
+  { "LaunchdTimeout",          &LaunchdTimeout,        CUPSD_VARTYPE_TIME },
  #endif /* HAVE_LAUNCHD */
    { "LimitRequestBody",                &MaxRequestSize,        CUPSD_VARTYPE_INTEGER },
    { "ListenBackLog",           &ListenBackLog,         CUPSD_VARTYPE_INTEGER },
@@ -144,28 +133,30 @@ static const cupsd_var_t  variables[] =
    { "MaxClientsPerHost",       &MaxClientsPerHost,     CUPSD_VARTYPE_INTEGER },
    { "MaxCopies",               &MaxCopies,             CUPSD_VARTYPE_INTEGER },
    { "MaxEvents",               &MaxEvents,             CUPSD_VARTYPE_INTEGER },
+  { "MaxHoldTime",             &MaxHoldTime,           CUPSD_VARTYPE_TIME },
    { "MaxJobs",                 &MaxJobs,               CUPSD_VARTYPE_INTEGER },
    { "MaxJobsPerPrinter",       &MaxJobsPerPrinter,     CUPSD_VARTYPE_INTEGER },
    { "MaxJobsPerUser",          &MaxJobsPerUser,        CUPSD_VARTYPE_INTEGER },
-  { "MaxLeaseDuration",                &MaxLeaseDuration,      CUPSD_VARTYPE_INTEGER },
+  { "MaxJobTime",              &MaxJobTime,            CUPSD_VARTYPE_INTEGER },
+  { "MaxLeaseDuration",                &MaxLeaseDuration,      CUPSD_VARTYPE_TIME },
    { "MaxLogSize",              &MaxLogSize,            CUPSD_VARTYPE_INTEGER },
    { "MaxRequestSize",          &MaxRequestSize,        CUPSD_VARTYPE_INTEGER },
    { "MaxSubscriptions",                &MaxSubscriptions,      CUPSD_VARTYPE_INTEGER },
    { "MaxSubscriptionsPerJob",  &MaxSubscriptionsPerJob,        CUPSD_VARTYPE_INTEGER },
    { "MaxSubscriptionsPerPrinter",&MaxSubscriptionsPerPrinter,  CUPSD_VARTYPE_INTEGER },
    { "MaxSubscriptionsPerUser", &MaxSubscriptionsPerUser,       CUPSD_VARTYPE_INTEGER },
-  { "MultipleOperationTimeout",        &MultipleOperationTimeout,      CUPSD_VARTYPE_INTEGER },
+  { "MultipleOperationTimeout",        &MultipleOperationTimeout,      CUPSD_VARTYPE_TIME },
    { "PageLog",                 &PageLog,               CUPSD_VARTYPE_STRING },
    { "PageLogFormat",           &PageLogFormat,         CUPSD_VARTYPE_STRING },
-  { "PreserveJobFiles",                &JobFiles,              CUPSD_VARTYPE_BOOLEAN },
-  { "PreserveJobHistory",      &JobHistory,            CUPSD_VARTYPE_BOOLEAN },
+  { "PreserveJobFiles",                &JobFiles,              CUPSD_VARTYPE_TIME },
+  { "PreserveJobHistory",      &JobHistory,            CUPSD_VARTYPE_TIME },
    { "Printcap",                        &Printcap,              CUPSD_VARTYPE_STRING },
    { "PrintcapGUI",             &PrintcapGUI,           CUPSD_VARTYPE_STRING },
-  { "ReloadTimeout",           &ReloadTimeout,         CUPSD_VARTYPE_INTEGER },
+  { "ReloadTimeout",           &ReloadTimeout,         CUPSD_VARTYPE_TIME },
    { "RemoteRoot",              &RemoteRoot,            CUPSD_VARTYPE_STRING },
    { "RequestRoot",             &RequestRoot,           CUPSD_VARTYPE_STRING },
    { "RIPCache",                        &RIPCache,              CUPSD_VARTYPE_STRING },
-  { "RootCertDuration",                &RootCertDuration,      CUPSD_VARTYPE_INTEGER },
+  { "RootCertDuration",                &RootCertDuration,      CUPSD_VARTYPE_TIME },
    { "ServerAdmin",             &ServerAdmin,           CUPSD_VARTYPE_STRING },
    { "ServerBin",               &ServerBin,             CUPSD_VARTYPE_PATHNAME },
  #ifdef HAVE_SSL
@@ -178,12 +169,12 @@ static const cupsd_var_t  variables[] =
    { "ServerRoot",              &ServerRoot,            CUPSD_VARTYPE_PATHNAME },
    { "SMBConfigFile",           &SMBConfigFile,         CUPSD_VARTYPE_STRING },
    { "StateDir",                        &StateDir,              CUPSD_VARTYPE_STRING },
+  { "StrictConformance",       &StrictConformance,     CUPSD_VARTYPE_BOOLEAN },
  #ifdef HAVE_AUTHORIZATION_H
    { "SystemGroupAuthKey",      &SystemGroupAuthKey,    CUPSD_VARTYPE_STRING },
  #endif /* HAVE_AUTHORIZATION_H */
    { "TempDir",                 &TempDir,               CUPSD_VARTYPE_PATHNAME },
-  { "Timeout",                 &Timeout,               CUPSD_VARTYPE_INTEGER },
-  { "UseNetworkDefault",       &UseNetworkDefault,     CUPSD_VARTYPE_BOOLEAN },
+  { "Timeout",                 &Timeout,               CUPSD_VARTYPE_TIME },
    { "WebInterface",            &WebInterface,          CUPSD_VARTYPE_BOOLEAN }
  };
  #define NUM_VARS       (sizeof(variables) / sizeof(variables[0]))
@@ -393,6 +384,118 @@ cupsdCheckPermissions(
  }
  
  
+/*
+ * 'cupsdDefaultAuthType()' - Get the default AuthType.
+ *
+ * When the default_auth_type is "auto", this function tries to get the GSS
+ * credentials for the server.  If that succeeds we use Kerberos authentication,
+ * otherwise we do a fallback to Basic authentication against the local user
+ * accounts.
+ */
+
+int                                    /* O - Default AuthType value */
+cupsdDefaultAuthType(void)
+{
+#ifdef HAVE_GSSAPI
+  OM_uint32    major_status,           /* Major status code */
+               minor_status;           /* Minor status code */
+  gss_name_t   server_name;            /* Server name */
+  gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
+                                       /* Service name token */
+  char         buf[1024];              /* Service name buffer */
+#endif /* HAVE_GSSAPI */
+
+
+ /*
+  * If we have already determined the correct default AuthType, use it...
+  */
+
+  if (default_auth_type != CUPSD_AUTH_AUTO)
+    return (default_auth_type);
+
+#ifdef HAVE_GSSAPI
+#  ifdef __APPLE__
+ /*
+  * If the weak-linked GSSAPI/Kerberos library is not present, don't try
+  * to use it...
+  */
+
+  if (gss_init_sec_context == NULL)
+    return (default_auth_type = CUPSD_AUTH_BASIC);
+#  endif /* __APPLE__ */
+
+ /*
+  * Try to obtain the server's GSS credentials (GSSServiceName@servername).  If
+  * that fails we must use Basic...
+  */
+
+  snprintf(buf, sizeof(buf), "%s@%s", GSSServiceName, ServerName);
+
+  token.value  = buf;
+  token.length = strlen(buf);
+  server_name  = GSS_C_NO_NAME;
+  major_status = gss_import_name(&minor_status, &token,
+                                GSS_C_NT_HOSTBASED_SERVICE,
+                                &server_name);
+
+  memset(&token, 0, sizeof(token));
+
+  if (GSS_ERROR(major_status))
+  {
+    cupsdLogGSSMessage(CUPSD_LOG_DEBUG, major_status, minor_status,
+                      "cupsdDefaultAuthType: gss_import_name(%s) failed", buf);
+    return (default_auth_type = CUPSD_AUTH_BASIC);
+  }
+
+  major_status = gss_display_name(&minor_status, server_name, &token, NULL);
+
+  if (GSS_ERROR(major_status))
+  {
+    cupsdLogGSSMessage(CUPSD_LOG_DEBUG, major_status, minor_status,
+                       "cupsdDefaultAuthType: gss_display_name(%s) failed",
+                       buf);
+    return (default_auth_type = CUPSD_AUTH_BASIC);
+  }
+
+  cupsdLogMessage(CUPSD_LOG_DEBUG,
+                  "cupsdDefaultAuthType: Attempting to acquire Kerberos "
+                  "credentials for %s...", (char *)token.value);
+
+  ServerCreds  = GSS_C_NO_CREDENTIAL;
+  major_status = gss_acquire_cred(&minor_status, server_name, GSS_C_INDEFINITE,
+                                 GSS_C_NO_OID_SET, GSS_C_ACCEPT,
+                                 &ServerCreds, NULL, NULL);
+  if (GSS_ERROR(major_status))
+  {
+    cupsdLogGSSMessage(CUPSD_LOG_DEBUG, major_status, minor_status,
+                       "cupsdDefaultAuthType: gss_acquire_cred(%s) failed",
+                       (char *)token.value);
+    gss_release_name(&minor_status, &server_name);
+    gss_release_buffer(&minor_status, &token);
+    return (default_auth_type = CUPSD_AUTH_BASIC);
+  }
+
+  cupsdLogMessage(CUPSD_LOG_DEBUG,
+                  "cupsdDefaultAuthType: Kerberos credentials acquired "
+                  "successfully for %s.", (char *)token.value);
+
+  gss_release_name(&minor_status, &server_name);
+  gss_release_buffer(&minor_status, &token);
+
+  HaveServerCreds = 1;
+
+  return (default_auth_type = CUPSD_AUTH_NEGOTIATE);
+
+#else
+ /*
+  * No Kerberos support compiled in so just use Basic all the time...
+  */
+
+  return (default_auth_type = CUPSD_AUTH_BASIC);
+#endif /* HAVE_GSSAPI */
+}
+
+
  /*
   * 'cupsdFreeAliases()' - Free all of the alias entries.
   */
@@ -451,31 +554,6 @@ cupsdReadConfiguration(void)
  
    cupsdDeleteAllLocations();
  
-  if (NumBrowsers > 0)
-  {
-    free(Browsers);
-    Browsers = NULL;
-
-    NumBrowsers = 0;
-  }
-
-  if (NumPolled > 0)
-  {
-    free(Polled);
-
-    NumPolled = 0;
-  }
-
-  if (NumRelays > 0)
-  {
-    for (i = 0; i < NumRelays; i ++)
-      cupsArrayDelete(Relays[i].from);
-
-    free(Relays);
-
-    NumRelays = 0;
-  }
-
    cupsdDeleteAllListeners();
  
    old_remote_port = RemotePort;
@@ -496,7 +574,7 @@ cupsdReadConfiguration(void)
    cupsdSetString(&DataDir, CUPS_DATADIR);
    cupsdSetString(&DocumentRoot, CUPS_DOCROOT);
    cupsdSetString(&AccessLog, CUPS_LOGDIR "/access_log");
-  cupsdSetString(&ErrorLog, CUPS_LOGDIR "/error_log");
+  cupsdClearString(&ErrorLog);
    cupsdSetString(&PageLog, CUPS_LOGDIR "/page_log");
    cupsdSetString(&PageLogFormat,
                   "%p %u %j %T %P %C %{job-billing} "
@@ -505,7 +583,8 @@ cupsdReadConfiguration(void)
    cupsdSetString(&PrintcapGUI, "/usr/bin/glpoptions");
    cupsdSetString(&FontPath, CUPS_FONTPATH);
    cupsdSetString(&RemoteRoot, "remroot");
-  cupsdSetString(&ServerHeader, "CUPS/1.4");
+  cupsdSetStringf(&ServerHeader, "CUPS/%d.%d", CUPS_VERSION_MAJOR,
+                  CUPS_VERSION_MINOR);
    cupsdSetString(&StateDir, CUPS_STATEDIR);
  
    if (!strcmp(CUPS_DEFAULT_PRINTCAP, "/etc/printers.conf"))
@@ -547,6 +626,21 @@ cupsdReadConfiguration(void)
  
    cupsdSetString(&TempDir, NULL);
  
+#ifdef HAVE_GSSAPI
+  cupsdSetString(&GSSServiceName, CUPS_DEFAULT_GSSSERVICENAME);
+
+  if (HaveServerCreds)
+  {
+    OM_uint32  minor_status;           /* Minor status code */
+
+    gss_release_cred(&minor_status, &ServerCreds);
+
+    HaveServerCreds = 0;
+  }
+
+  ServerCreds = GSS_C_NO_CREDENTIAL;
+#endif /* HAVE_GSSAPI */
+
   /*
    * Find the default user...
    */
@@ -603,7 +697,7 @@ cupsdReadConfiguration(void)
    AccessLogLevel           = CUPSD_ACCESSLOG_ACTIONS;
    ConfigFilePerm           = CUPS_DEFAULT_CONFIG_FILE_PERM;
    FatalErrors              = parse_fatal_errors(CUPS_DEFAULT_FATAL_ERRORS);
-  DefaultAuthType          = CUPSD_AUTH_BASIC;
+  default_auth_type          = CUPSD_AUTH_BASIC;
  #ifdef HAVE_SSL
    DefaultEncryption        = HTTP_ENCRYPT_REQUIRED;
    SSLOptions               = CUPSD_SSL_NONE;
@@ -617,9 +711,6 @@ cupsdReadConfiguration(void)
    FilterLimit              = 0;
    FilterNice               = 0;
    HostNameLookups          = FALSE;
-  ImplicitClasses          = CUPS_DEFAULT_IMPLICIT_CLASSES;
-  ImplicitAnyClasses       = FALSE;
-  HideImplicitMembers      = TRUE;
    KeepAlive                = TRUE;
    KeepAliveTimeout         = DEFAULT_KEEPALIVE;
    ListenBackLog            = SOMAXCONN;
@@ -632,51 +723,36 @@ cupsdReadConfiguration(void)
    MaxLogSize               = 1024 * 1024;
    MaxRequestSize           = 0;
    MultipleOperationTimeout = DEFAULT_TIMEOUT;
+  NumSystemGroups          = 0;
    ReloadTimeout                   = DEFAULT_KEEPALIVE;
    RootCertDuration         = 300;
+  StrictConformance        = FALSE;
    Timeout                  = DEFAULT_TIMEOUT;
-  NumSystemGroups          = 0;
    WebInterface             = CUPS_DEFAULT_WEBIF;
  
-  BrowseInterval           = DEFAULT_INTERVAL;
-  BrowsePort               = ippPort();
    BrowseLocalProtocols     = parse_protocols(CUPS_DEFAULT_BROWSE_LOCAL_PROTOCOLS);
-  BrowseRemoteProtocols    = parse_protocols(CUPS_DEFAULT_BROWSE_REMOTE_PROTOCOLS);
-  BrowseShortNames         = CUPS_DEFAULT_BROWSE_SHORT_NAMES;
-  BrowseTimeout            = DEFAULT_TIMEOUT;
    BrowseWebIF              = FALSE;
    Browsing                 = CUPS_DEFAULT_BROWSING;
    DefaultShared            = CUPS_DEFAULT_DEFAULT_SHARED;
  
  #ifdef HAVE_DNSSD
-  cupsdSetString(&DNSSDRegType, "_ipp._tcp,_cups");
+  cupsdSetString(&DNSSDSubTypes, "_cups,_print");
  #endif /* HAVE_DNSSD */
  
    cupsdSetString(&LPDConfigFile, CUPS_DEFAULT_LPD_CONFIG_FILE);
    cupsdSetString(&SMBConfigFile, CUPS_DEFAULT_SMB_CONFIG_FILE);
  
-  cupsdClearString(&BrowseLocalOptions);
-  cupsdClearString(&BrowseRemoteOptions);
-
    cupsdSetString(&ErrorPolicy, "stop-printer");
  
-#ifdef HAVE_LDAP
-  cupsdClearString(&BrowseLDAPBindDN);
-  cupsdClearString(&BrowseLDAPDN);
-  cupsdClearString(&BrowseLDAPPassword);
-  cupsdClearString(&BrowseLDAPServer);
-#  ifdef HAVE_LDAP_SSL
-  cupsdClearString(&BrowseLDAPCACertFile);
-#  endif /* HAVE_LDAP_SSL */
-#endif /* HAVE_LDAP */
-
    JobHistory          = DEFAULT_HISTORY;
    JobFiles            = DEFAULT_FILES;
    JobAutoPurge        = 0;
+  MaxHoldTime         = 0;
    MaxJobs             = 500;
    MaxActiveJobs       = 0;
    MaxJobsPerUser      = 0;
    MaxJobsPerPrinter   = 0;
+  MaxJobTime          = 3 * 60 * 60;   /* 3 hours */
    MaxCopies           = CUPS_DEFAULT_MAX_COPIES;
  
    cupsdDeleteAllPolicies();
@@ -694,7 +770,7 @@ cupsdReadConfiguration(void)
    MaxLeaseDuration           = 0;
  
  #ifdef HAVE_LAUNCHD
-  LaunchdTimeout = DEFAULT_TIMEOUT + 10;
+  LaunchdTimeout = 10;
  #endif /* HAVE_LAUNCHD */
  
   /*
@@ -717,6 +793,9 @@ cupsdReadConfiguration(void)
    if (!status)
      return (0);
  
+  if (!ErrorLog)
+    cupsdSetString(&ErrorLog, CUPS_LOGDIR "/error_log");
+
    RunUser = getuid();
  
    cupsdLogMessage(CUPSD_LOG_INFO, "Remote access is %s.",
@@ -759,7 +838,7 @@ cupsdReadConfiguration(void)
  
        if ((host = gethostbyname(temp)) != NULL)
        {
-        if (strcasecmp(temp, host->h_name))
+        if (_cups_strcasecmp(temp, host->h_name))
          {
           cupsdSetString(&ServerName, host->h_name);
           cupsdAddAlias(ServerAlias, host->h_name);
@@ -770,7 +849,7 @@ cupsdReadConfiguration(void)
          if (host->h_aliases)
         {
            for (i = 0; host->h_aliases[i]; i ++)
-           if (strcasecmp(temp, host->h_aliases[i]))
+           if (_cups_strcasecmp(temp, host->h_aliases[i]))
             {
               cupsdAddAlias(ServerAlias, host->h_aliases[i]);
               cupsdLogMessage(CUPSD_LOG_DEBUG, "Added auto ServerAlias %s",
@@ -828,12 +907,6 @@ cupsdReadConfiguration(void)
      }
    }
  
- /*
-  * Get the access control list for browsing...
-  */
-
-  BrowseACL = cupsdFindLocation("CUPS_INTERNAL_BROWSE_ACL");
-
   /*
    * Open the system log for cupsd if necessary...
    */
@@ -1012,7 +1085,12 @@ cupsdReadConfiguration(void)
  
    if (!TempDir)
    {
+#ifdef __APPLE__
+    if ((tmpdir = getenv("TMPDIR")) != NULL &&
+        strncmp(tmpdir, "/private/tmp", 12))
+#else
      if ((tmpdir = getenv("TMPDIR")) != NULL)
+#endif /* __APPLE__ */
      {
       /*
        * TMPDIR is defined, see if it is OK for us to use...
@@ -1078,13 +1156,13 @@ cupsdReadConfiguration(void)
      else
  #endif /* HAVE_LIBPAPER */
      if (!DefaultLanguage ||
-        !strcasecmp(DefaultLanguage, "C") ||
-        !strcasecmp(DefaultLanguage, "POSIX") ||
-       !strcasecmp(DefaultLanguage, "en") ||
-       !strncasecmp(DefaultLanguage, "en.", 3) ||
-       !strncasecmp(DefaultLanguage, "en_US", 5) ||
-       !strncasecmp(DefaultLanguage, "en_CA", 5) ||
-       !strncasecmp(DefaultLanguage, "fr_CA", 5))
+        !_cups_strcasecmp(DefaultLanguage, "C") ||
+        !_cups_strcasecmp(DefaultLanguage, "POSIX") ||
+       !_cups_strcasecmp(DefaultLanguage, "en") ||
+       !_cups_strncasecmp(DefaultLanguage, "en.", 3) ||
+       !_cups_strncasecmp(DefaultLanguage, "en_US", 5) ||
+       !_cups_strncasecmp(DefaultLanguage, "en_CA", 5) ||
+       !_cups_strncasecmp(DefaultLanguage, "fr_CA", 5))
      {
       /*
        * These are the only locales that will default to "letter" size...
@@ -1100,7 +1178,7 @@ cupsdReadConfiguration(void)
    * Update classification setting as needed...
    */
  
-  if (Classification && !strcasecmp(Classification, "none"))
+  if (Classification && !_cups_strcasecmp(Classification, "none"))
      cupsdClearString(&Classification);
  
    if (Classification)
@@ -1146,24 +1224,6 @@ cupsdReadConfiguration(void)
                    "Allowing up to %d client connections per host.",
                    MaxClientsPerHost);
  
- /*
-  * Make sure that BrowseTimeout is at least twice the interval...
-  */
-
-  if (BrowseTimeout < (2 * BrowseInterval) || BrowseTimeout <= 0)
-  {
-    cupsdLogMessage(CUPSD_LOG_ALERT, "Invalid BrowseTimeout value %d.",
-                    BrowseTimeout);
-
-    if (BrowseInterval)
-      BrowseTimeout = BrowseInterval * 2;
-    else
-      BrowseTimeout = DEFAULT_TIMEOUT;
-
-    cupsdLogMessage(CUPSD_LOG_ALERT, "Reset BrowseTimeout to %d.",
-                    BrowseTimeout);
-  }
-
   /*
    * Update the default policy, as needed...
    */
@@ -1468,7 +1528,6 @@ cupsdReadConfiguration(void)
  
      cupsdLoadAllPrinters();
      cupsdLoadAllClasses();
-    cupsdLoadRemoteCache();
  
      cupsdCreateCommonData();
  
@@ -1501,6 +1560,12 @@ cupsdReadConfiguration(void)
  
      cupsdCreateCommonData();
  
+   /*
+    * Update all jobs as needed...
+    */
+
+    cupsdUpdateJobs();
+
     /*
      * Update all printers as needed...
      */
@@ -1639,7 +1704,7 @@ get_addr_and_mask(const char *value,      /* I - String from config file */
    if (*value == '[')
    {
     /*
-    * Parse hexadecimal IPv6 address...
+    * Parse hexadecimal IPv6/IPv4 address...
      */
  
      family  = AF_INET6;
@@ -1654,13 +1719,56 @@ get_addr_and_mask(const char *value,    /* I - String from config file */
              ptr2;
              ptr2 = strchr(ptr2 + 1, ':'), j ++);
  
-        i = 7 - j;
-       ptr ++;
+        i = 6 - j;
+       ptr += 2;
+      }
+      else if (isdigit(*ptr & 255) && strchr(ptr + 1, '.') && i >= 6)
+      {
+       /*
+        * Read IPv4 dotted quad...
+        */
+
+       unsigned val[4] = { 0, 0, 0, 0 };
+                                       /* IPv4 address values */
+
+       ipcount = sscanf(ptr, "%u.%u.%u.%u", val + 0, val + 1, val + 2,
+                        val + 3);
+
+       /*
+       * Range check the IP numbers...
+       */
+
+       for (i = 0; i < ipcount; i ++)
+         if (val[i] > 255)
+           return (0);
+
+       /*
+       * Merge everything into a 32-bit IPv4 address in ip[3]...
+       */
+
+       ip[3] = (((((val[0] << 8) | val[1]) << 8) | val[2]) << 8) | val[3];
+
+       if (ipcount < 4)
+         mask[3] = (0xffffffff << (32 - 8 * ipcount)) & 0xffffffff;
+
+       /*
+        * If the leading words are all 0's then this is an IPv4 address...
+        */
+
+        if (!val[0] && !val[1] && !val[2])
+         family  = AF_INET;
+
+        while (isdigit(*ptr & 255) || *ptr == '.')
+          ptr ++;
+       break;
        }
        else if (isxdigit(*ptr & 255))
        {
          ipval = strtoul(ptr, (char **)&ptr, 16);
  
+       if (*ptr == ':' && ptr[1] != ':')
+         ptr ++;
+
         if (ipval > 0xffff)
           return (0);
  
@@ -1671,9 +1779,6 @@ get_addr_and_mask(const char *value,      /* I - String from config file */
        }
        else
          return (0);
-
-      while (*ptr == ':')
-        ptr ++;
      }
  
      if (*ptr != ']')
@@ -1691,7 +1796,7 @@ get_addr_and_mask(const char *value,      /* I - String from config file */
      * Parse dotted-decimal IPv4 address...
      */
  
-    unsigned val[4];                   /* IPv4 address values */
+    unsigned val[4] = { 0, 0, 0, 0 };  /* IPv4 address values */
  
  
      family  = AF_INET;
@@ -1705,14 +1810,6 @@ get_addr_and_mask(const char *value,     /* I - String from config file */
        if (val[i] > 255)
          return (0);
  
-   /*
-    * Make sure the trailing values are zeroed, as some C libraries like
-    * glibc apparently like to fill the unused arguments with garbage...
-    */
-
-    for (i = ipcount; i < 4; i ++)
-      val[i] = 0;
-
     /*
      * Merge everything into a 32-bit IPv4 address in ip[3]...
      */
@@ -1740,7 +1837,8 @@ get_addr_and_mask(const char *value,      /* I - String from config file */
        if (family != AF_INET)
          return (0);
  
-      if (sscanf(maskval, "%u.%u.%u.%u", mask + 0, mask + 1, mask + 2, mask + 3) != 4)
+      if (sscanf(maskval, "%u.%u.%u.%u", mask + 0, mask + 1, mask + 2,
+                 mask + 3) != 4)
          return (0);
  
        mask[3] |= ((((mask[0] << 8) | mask[1]) << 8) | mask[2]) << 8;
@@ -1855,15 +1953,15 @@ parse_aaa(cupsd_location_t *loc,        /* I - Location */
                 mask[4];                /* IP netmask components */
  
  
-  if (!strcasecmp(line, "Encryption"))
+  if (!_cups_strcasecmp(line, "Encryption"))
    {
     /*
      * "Encryption xxx" - set required encryption level...
      */
  
-    if (!strcasecmp(value, "never"))
+    if (!_cups_strcasecmp(value, "never"))
        loc->encryption = HTTP_ENCRYPT_NEVER;
-    else if (!strcasecmp(value, "always"))
+    else if (!_cups_strcasecmp(value, "always"))
      {
        cupsdLogMessage(CUPSD_LOG_ERROR,
                        "Encryption value \"%s\" on line %d is invalid in this "
@@ -1871,9 +1969,9 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
  
        loc->encryption = HTTP_ENCRYPT_REQUIRED;
      }
-    else if (!strcasecmp(value, "required"))
+    else if (!_cups_strcasecmp(value, "required"))
        loc->encryption = HTTP_ENCRYPT_REQUIRED;
-    else if (!strcasecmp(value, "ifrequested"))
+    else if (!_cups_strcasecmp(value, "ifrequested"))
        loc->encryption = HTTP_ENCRYPT_IF_REQUESTED;
      else
      {
@@ -1882,15 +1980,15 @@ parse_aaa(cupsd_location_t *loc,        /* I - Location */
        return (0);
      }
    }
-  else if (!strcasecmp(line, "Order"))
+  else if (!_cups_strcasecmp(line, "Order"))
    {
     /*
      * "Order Deny,Allow" or "Order Allow,Deny"...
      */
  
-    if (!strncasecmp(value, "deny", 4))
+    if (!_cups_strncasecmp(value, "deny", 4))
        loc->order_type = CUPSD_AUTH_ALLOW;
-    else if (!strncasecmp(value, "allow", 5))
+    else if (!_cups_strncasecmp(value, "allow", 5))
        loc->order_type = CUPSD_AUTH_DENY;
      else
      {
@@ -1899,7 +1997,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
        return (0);
      }
    }
-  else if (!strcasecmp(line, "Allow") || !strcasecmp(line, "Deny"))
+  else if (!_cups_strcasecmp(line, "Allow") || !_cups_strcasecmp(line, "Deny"))
    {
     /*
      * Allow [From] host/ip...
@@ -1908,7 +2006,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
  
      while (*value)
      {
-      if (!strncasecmp(value, "from", 4))
+      if (!_cups_strncasecmp(value, "from", 4))
        {
         /*
         * Strip leading "from"...
@@ -1916,7 +2014,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
  
         value += 4;
  
-       while (isspace(*value & 255))
+       while (_cups_isspace(*value))
           value ++;
  
          if (!*value)
@@ -1927,9 +2025,9 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
        * Find the end of the value...
        */
  
-      for (valptr = value; *valptr && !isspace(*valptr & 255); valptr ++);
+      for (valptr = value; *valptr && !_cups_isspace(*valptr); valptr ++);
  
-      while (isspace(*valptr & 255))
+      while (_cups_isspace(*valptr))
          *valptr++ = '\0';
  
       /*
@@ -1948,24 +2046,24 @@ parse_aaa(cupsd_location_t *loc,        /* I - Location */
        *    nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
        */
  
-      if (!strcasecmp(value, "all"))
+      if (!_cups_strcasecmp(value, "all"))
        {
         /*
         * All hosts...
         */
  
-       if (!strcasecmp(line, "Allow"))
+       if (!_cups_strcasecmp(line, "Allow"))
           cupsdAddIPMask(&(loc->allow), zeros, zeros);
         else
           cupsdAddIPMask(&(loc->deny), zeros, zeros);
        }
-      else if (!strcasecmp(value, "none"))
+      else if (!_cups_strcasecmp(value, "none"))
        {
         /*
         * No hosts...
         */
  
-       if (!strcasecmp(line, "Allow"))
+       if (!_cups_strcasecmp(line, "Allow"))
           cupsdAddIPMask(&(loc->allow), ones, zeros);
         else
           cupsdAddIPMask(&(loc->deny), ones, zeros);
@@ -1984,7 +2082,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
         if (value[0] == '*')
           value ++;
  
-       if (!strcasecmp(line, "Allow"))
+       if (!_cups_strcasecmp(line, "Allow"))
           cupsdAddNameMask(&(loc->allow), value);
         else
           cupsdAddNameMask(&(loc->deny), value);
@@ -2002,7 +2100,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
           return (0);
         }
  
-       if (!strcasecmp(line, "Allow"))
+       if (!_cups_strcasecmp(line, "Allow"))
           cupsdAddIPMask(&(loc->allow), ip, mask);
         else
           cupsdAddIPMask(&(loc->deny), ip, mask);
@@ -2015,39 +2113,39 @@ parse_aaa(cupsd_location_t *loc,        /* I - Location */
        value = valptr;
      }
    }
-  else if (!strcasecmp(line, "AuthType"))
+  else if (!_cups_strcasecmp(line, "AuthType"))
    {
     /*
      * AuthType {none,basic,digest,basicdigest,negotiate,default}
      */
  
-    if (!strcasecmp(value, "none"))
+    if (!_cups_strcasecmp(value, "none"))
      {
        loc->type  = CUPSD_AUTH_NONE;
        loc->level = CUPSD_AUTH_ANON;
      }
-    else if (!strcasecmp(value, "basic"))
+    else if (!_cups_strcasecmp(value, "basic"))
      {
        loc->type = CUPSD_AUTH_BASIC;
  
        if (loc->level == CUPSD_AUTH_ANON)
         loc->level = CUPSD_AUTH_USER;
      }
-    else if (!strcasecmp(value, "digest"))
+    else if (!_cups_strcasecmp(value, "digest"))
      {
        loc->type = CUPSD_AUTH_DIGEST;
  
        if (loc->level == CUPSD_AUTH_ANON)
         loc->level = CUPSD_AUTH_USER;
      }
-    else if (!strcasecmp(value, "basicdigest"))
+    else if (!_cups_strcasecmp(value, "basicdigest"))
      {
        loc->type = CUPSD_AUTH_BASICDIGEST;
  
        if (loc->level == CUPSD_AUTH_ANON)
         loc->level = CUPSD_AUTH_USER;
      }
-    else if (!strcasecmp(value, "default"))
+    else if (!_cups_strcasecmp(value, "default"))
      {
        loc->type = CUPSD_AUTH_DEFAULT;
  
@@ -2055,7 +2153,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
         loc->level = CUPSD_AUTH_USER;
      }
  #ifdef HAVE_GSSAPI
-    else if (!strcasecmp(value, "negotiate"))
+    else if (!_cups_strcasecmp(value, "negotiate"))
      {
        loc->type = CUPSD_AUTH_NEGOTIATE;
  
@@ -2071,13 +2169,13 @@ parse_aaa(cupsd_location_t *loc,        /* I - Location */
        return (0);
      }
    }
-  else if (!strcasecmp(line, "AuthClass"))
+  else if (!_cups_strcasecmp(line, "AuthClass"))
    {
     /*
      * AuthClass anonymous, user, system, group
      */
  
-    if (!strcasecmp(value, "anonymous"))
+    if (!_cups_strcasecmp(value, "anonymous"))
      {
        loc->type  = CUPSD_AUTH_NONE;
        loc->level = CUPSD_AUTH_ANON;
@@ -2087,7 +2185,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
                       "it from line %d.",
                       value, linenum);
      }
-    else if (!strcasecmp(value, "user"))
+    else if (!_cups_strcasecmp(value, "user"))
      {
        loc->level = CUPSD_AUTH_USER;
  
@@ -2096,7 +2194,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
                       "\"Require valid-user\" on line %d.",
                       value, linenum);
      }
-    else if (!strcasecmp(value, "group"))
+    else if (!_cups_strcasecmp(value, "group"))
      {
        loc->level = CUPSD_AUTH_GROUP;
  
@@ -2105,7 +2203,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
                       "\"Require user @groupname\" on line %d.",
                       value, linenum);
      }
-    else if (!strcasecmp(value, "system"))
+    else if (!_cups_strcasecmp(value, "system"))
      {
        loc->level = CUPSD_AUTH_GROUP;
  
@@ -2124,7 +2222,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
        return (0);
      }
    }
-  else if (!strcasecmp(line, "AuthGroupName"))
+  else if (!_cups_strcasecmp(line, "AuthGroupName"))
    {
      cupsdAddName(loc, value);
  
@@ -2133,7 +2231,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
                     "using \"Require user @%s\" on line %d.",
                     value, value, linenum);
    }
-  else if (!strcasecmp(line, "Require"))
+  else if (!_cups_strcasecmp(line, "Require"))
    {
     /*
      * Apache synonym for AuthClass and AuthGroupName...
@@ -2145,15 +2243,15 @@ parse_aaa(cupsd_location_t *loc,        /* I - Location */
      *     Require user names
      */
  
-    for (valptr = value; !isspace(*valptr & 255) && *valptr; valptr ++);
+    for (valptr = value; !_cups_isspace(*valptr) && *valptr; valptr ++);
  
      if (*valptr)
        *valptr++ = '\0';
  
-    if (!strcasecmp(value, "valid-user") ||
-        !strcasecmp(value, "user"))
+    if (!_cups_strcasecmp(value, "valid-user") ||
+        !_cups_strcasecmp(value, "user"))
        loc->level = CUPSD_AUTH_USER;
-    else if (!strcasecmp(value, "group"))
+    else if (!_cups_strcasecmp(value, "group"))
        loc->level = CUPSD_AUTH_GROUP;
      else
      {
@@ -2168,7 +2266,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
  
      for (value = valptr; *value;)
      {
-      while (isspace(*value & 255))
+      while (_cups_isspace(*value))
         value ++;
  
  #ifdef HAVE_AUTHORIZATION_H
@@ -2201,7 +2299,7 @@ parse_aaa(cupsd_location_t *loc,  /* I - Location */
         * Grab literal name.
         */
  
-        for (valptr = value; !isspace(*valptr & 255) && *valptr; valptr ++);
+        for (valptr = value; !_cups_isspace(*valptr) && *valptr; valptr ++);
        }
  
        if (*valptr)
@@ -2209,14 +2307,14 @@ parse_aaa(cupsd_location_t *loc,        /* I - Location */
  
        cupsdAddName(loc, value);
  
-      for (value = valptr; isspace(*value & 255); value ++);
+      for (value = valptr; _cups_isspace(*value); value ++);
      }
    }
-  else if (!strcasecmp(line, "Satisfy"))
+  else if (!_cups_strcasecmp(line, "Satisfy"))
    {
-    if (!strcasecmp(value, "all"))
+    if (!_cups_strcasecmp(value, "all"))
        loc->satisfy = CUPSD_AUTH_SATISFY_ALL;
-    else if (!strcasecmp(value, "any"))
+    else if (!_cups_strcasecmp(value, "any"))
        loc->satisfy = CUPSD_AUTH_SATISFY_ANY;
      else
      {
@@ -2267,7 +2365,7 @@ parse_fatal_errors(const char *s) /* I - FatalErrors string */
      */
  
      for (valend = valstart; *valend; valend ++)
-      if (isspace(*valend & 255) || *valend == ',')
+      if (_cups_isspace(*valend) || *valend == ',')
         break;
  
      if (*valend)
@@ -2277,34 +2375,34 @@ parse_fatal_errors(const char *s)       /* I - FatalErrors string */
      * Add the error to the bitmask...
      */
  
-    if (!strcasecmp(valstart, "all"))
+    if (!_cups_strcasecmp(valstart, "all"))
        fatal = CUPSD_FATAL_ALL;
-    else if (!strcasecmp(valstart, "browse"))
+    else if (!_cups_strcasecmp(valstart, "browse"))
        fatal |= CUPSD_FATAL_BROWSE;
-    else if (!strcasecmp(valstart, "-browse"))
+    else if (!_cups_strcasecmp(valstart, "-browse"))
        fatal &= ~CUPSD_FATAL_BROWSE;
-    else if (!strcasecmp(valstart, "config"))
+    else if (!_cups_strcasecmp(valstart, "config"))
        fatal |= CUPSD_FATAL_CONFIG;
-    else if (!strcasecmp(valstart, "-config"))
+    else if (!_cups_strcasecmp(valstart, "-config"))
        fatal &= ~CUPSD_FATAL_CONFIG;
-    else if (!strcasecmp(valstart, "listen"))
+    else if (!_cups_strcasecmp(valstart, "listen"))
        fatal |= CUPSD_FATAL_LISTEN;
-    else if (!strcasecmp(valstart, "-listen"))
+    else if (!_cups_strcasecmp(valstart, "-listen"))
        fatal &= ~CUPSD_FATAL_LISTEN;
-    else if (!strcasecmp(valstart, "log"))
+    else if (!_cups_strcasecmp(valstart, "log"))
        fatal |= CUPSD_FATAL_LOG;
-    else if (!strcasecmp(valstart, "-log"))
+    else if (!_cups_strcasecmp(valstart, "-log"))
        fatal &= ~CUPSD_FATAL_LOG;
-    else if (!strcasecmp(valstart, "permissions"))
+    else if (!_cups_strcasecmp(valstart, "permissions"))
        fatal |= CUPSD_FATAL_PERMISSIONS;
-    else if (!strcasecmp(valstart, "-permissions"))
+    else if (!_cups_strcasecmp(valstart, "-permissions"))
        fatal &= ~CUPSD_FATAL_PERMISSIONS;
-    else if (strcasecmp(valstart, "none"))
+    else if (_cups_strcasecmp(valstart, "none"))
        cupsdLogMessage(CUPSD_LOG_ERROR,
                        "Unknown FatalErrors kind \"%s\" ignored.", valstart);
  
      for (valstart = valend; *valstart; valstart ++)
-      if (!isspace(*valstart & 255) || *valstart != ',')
+      if (!_cups_isspace(*valstart) || *valstart != ',')
         break;
    }
  
@@ -2357,7 +2455,7 @@ parse_groups(const char *s)               /* I - Space-delimited groups */
        */
  
        for (valend = valstart; *valend; valend ++)
-       if (isspace(*valend) || *valend == ',')
+       if (_cups_isspace(*valend) || *valend == ',')
           break;
      }
  
@@ -2379,7 +2477,7 @@ parse_groups(const char *s)               /* I - Space-delimited groups */
  
      valstart = valend;
  
-    while (*valstart == ',' || isspace(*valstart))
+    while (*valstart == ',' || _cups_isspace(*valstart))
        valstart ++;
    }
  
@@ -2422,7 +2520,7 @@ parse_protocols(const char *s)            /* I - Space-delimited protocols */
      */
  
      for (valend = valstart; *valend; valend ++)
-      if (isspace(*valend & 255) || *valend == ',')
+      if (_cups_isspace(*valend) || *valend == ',')
         break;
  
      if (*valend)
@@ -2432,28 +2530,18 @@ parse_protocols(const char *s)          /* I - Space-delimited protocols */
      * Add the protocol to the bitmask...
      */
  
-    if (!strcasecmp(valstart, "cups"))
-      protocols |= BROWSE_CUPS;
-    else if (!strcasecmp(valstart, "slp"))
-      protocols |= BROWSE_SLP;
-    else if (!strcasecmp(valstart, "ldap"))
-      protocols |= BROWSE_LDAP;
-    else if (!strcasecmp(valstart, "dnssd") ||
-             !strcasecmp(valstart, "dns-sd") ||
-             !strcasecmp(valstart, "bonjour"))
+    if (!_cups_strcasecmp(valstart, "dnssd") ||
+       !_cups_strcasecmp(valstart, "dns-sd") ||
+       !_cups_strcasecmp(valstart, "bonjour"))
        protocols |= BROWSE_DNSSD;
-    else if (!strcasecmp(valstart, "lpd"))
-      protocols |= BROWSE_LPD;
-    else if (!strcasecmp(valstart, "smb"))
-      protocols |= BROWSE_SMB;
-    else if (!strcasecmp(valstart, "all"))
+    else if (!_cups_strcasecmp(valstart, "all"))
        protocols |= BROWSE_ALL;
-    else if (strcasecmp(valstart, "none"))
+    else if (_cups_strcasecmp(valstart, "none"))
        cupsdLogMessage(CUPSD_LOG_ERROR,
                        "Unknown browse protocol \"%s\" ignored.", valstart);
  
      for (valstart = valend; *valstart; valstart ++)
-      if (!isspace(*valstart & 255) || *valstart != ',')
+      if (!_cups_isspace(*valstart) || *valstart != ',')
         break;
    }
  
@@ -2474,18 +2562,12 @@ read_configuration(cups_file_t *fp)     /* I - File to read from */
                                         /* Line from file */
                         temp[HTTP_MAX_BUFFER],
                                         /* Temporary buffer for value */
-                       *ptr,           /* Pointer into line/temp */
                         *value,         /* Pointer to value */
                         *valueptr;      /* Pointer into value */
    int                  valuelen;       /* Length of value */
    cupsd_var_t const    *var;           /* Current variable */
    http_addrlist_t      *addrlist,      /* Address list */
                         *addr;          /* Current address */
-  unsigned             ip[4],          /* Address value */
-                       mask[4];        /* Netmask value */
-  cupsd_dirsvc_relay_t *relay;         /* Relay data */
-  cupsd_dirsvc_poll_t  *pollp;         /* Polling data */
-  cupsd_location_t     *location;      /* Browse location */
    cups_file_t          *incfile;       /* Include file */
    char                 incname[1024];  /* Include filename */
    struct group         *group;         /* Group */
@@ -2503,7 +2585,7 @@ read_configuration(cups_file_t *fp)       /* I - File to read from */
      * Decode the directive...
      */
  
-    if (!strcasecmp(line, "Include") && value)
+    if (!_cups_strcasecmp(line, "Include") && value)
      {
       /*
        * Include filename
@@ -2524,7 +2606,7 @@ read_configuration(cups_file_t *fp)       /* I - File to read from */
         cupsFileClose(incfile);
        }
      }
-    else if (!strcasecmp(line, "<Location") && value)
+    else if (!_cups_strcasecmp(line, "<Location") && value)
      {
       /*
        * <Location path>
@@ -2534,7 +2616,7 @@ read_configuration(cups_file_t *fp)       /* I - File to read from */
        if (linenum == 0)
         return (0);
      }
-    else if (!strcasecmp(line, "<Policy") && value)
+    else if (!_cups_strcasecmp(line, "<Policy") && value)
      {
       /*
        * <Policy name>
@@ -2544,27 +2626,27 @@ read_configuration(cups_file_t *fp)     /* I - File to read from */
        if (linenum == 0)
         return (0);
      }
-    else if (!strcasecmp(line, "FatalErrors"))
+    else if (!_cups_strcasecmp(line, "FatalErrors"))
        FatalErrors = parse_fatal_errors(value);
-    else if (!strcasecmp(line, "FaxRetryInterval") && value)
+    else if (!_cups_strcasecmp(line, "FaxRetryInterval") && value)
      {
        JobRetryInterval = atoi(value);
        cupsdLogMessage(CUPSD_LOG_WARN,
                       "FaxRetryInterval is deprecated; use "
                       "JobRetryInterval on line %d.", linenum);
      }
-    else if (!strcasecmp(line, "FaxRetryLimit") && value)
+    else if (!_cups_strcasecmp(line, "FaxRetryLimit") && value)
      {
        JobRetryLimit = atoi(value);
        cupsdLogMessage(CUPSD_LOG_WARN,
                       "FaxRetryLimit is deprecated; use "
                       "JobRetryLimit on line %d.", linenum);
      }
-    else if (!strcasecmp(line, "Port") || !strcasecmp(line, "Listen")
+    else if ((!_cups_strcasecmp(line, "Port") || !_cups_strcasecmp(line, "Listen")
  #ifdef HAVE_SSL
-             || !strcasecmp(line, "SSLPort") || !strcasecmp(line, "SSLListen")
+             || !_cups_strcasecmp(line, "SSLPort") || !_cups_strcasecmp(line, "SSLListen")
  #endif /* HAVE_SSL */
-            )
+            ) && value)
      {
       /*
        * Add listening address(es) to the list...
@@ -2644,7 +2726,7 @@ read_configuration(cups_file_t *fp)       /* I - File to read from */
         lis->fd = -1;
  
  #ifdef HAVE_SSL
-        if (!strcasecmp(line, "SSLPort") || !strcasecmp(line, "SSLListen"))
+        if (!_cups_strcasecmp(line, "SSLPort") || !_cups_strcasecmp(line, "SSLListen"))
            lis->encryption = HTTP_ENCRYPT_ALWAYS;
  #endif /* HAVE_SSL */
  
@@ -2669,117 +2751,12 @@ read_configuration(cups_file_t *fp)    /* I - File to read from */
  
        httpAddrFreeList(addrlist);
      }
-    else if (!strcasecmp(line, "BrowseAddress") && value)
-    {
-     /*
-      * Add a browse address to the list...
-      */
-
-      cupsd_dirsvc_addr_t      *dira;  /* New browse address array */
-
-
-      if (NumBrowsers == 0)
-        dira = malloc(sizeof(cupsd_dirsvc_addr_t));
-      else
-        dira = realloc(Browsers, (NumBrowsers + 1) * sizeof(cupsd_dirsvc_addr_t));
-
-      if (!dira)
-      {
-        cupsdLogMessage(CUPSD_LOG_ERROR,
-                       "Unable to allocate BrowseAddress at line %d - %s.",
-                       linenum, strerror(errno));
-        continue;
-      }
-
-      Browsers = dira;
-      dira     += NumBrowsers;
-
-      memset(dira, 0, sizeof(cupsd_dirsvc_addr_t));
-
-      if (!strcasecmp(value, "@LOCAL"))
-      {
-       /*
-       * Send browse data to all local interfaces...
-       */
-
-       strcpy(dira->iface, "*");
-       NumBrowsers ++;
-      }
-      else if (!strncasecmp(value, "@IF(", 4))
-      {
-       /*
-       * Send browse data to the named interface...
-       */
-
-       strlcpy(dira->iface, value + 4, sizeof(Browsers[0].iface));
-
-        ptr = dira->iface + strlen(dira->iface) - 1;
-        if (*ptr == ')')
-         *ptr = '\0';
-
-       NumBrowsers ++;
-      }
-      else if ((addrlist = get_address(value, BrowsePort)) != NULL)
-      {
-       /*
-        * Only IPv4 addresses are supported...
-        */
-
-       for (addr = addrlist; addr; addr = addr->next)
-         if (_httpAddrFamily(&(addr->addr)) == AF_INET)
-           break;
-
-       if (addr)
-       {
-         memcpy(&(dira->to), &(addrlist->addr), sizeof(dira->to));
-         httpAddrString(&(dira->to), temp, sizeof(temp));
-
-         cupsdLogMessage(CUPSD_LOG_INFO,
-                         "Sending browsing info to %s:%d (IPv4)",
-                         temp, _httpAddrPort(&(dira->to)));
-
-         NumBrowsers ++;
-       }
-       else
-         cupsdLogMessage(CUPSD_LOG_ERROR, "Bad BrowseAddress %s at line %d.",
-                         value, linenum);
-
-       httpAddrFreeList(addrlist);
-      }
-      else
-        cupsdLogMessage(CUPSD_LOG_ERROR, "Bad BrowseAddress %s at line %d.",
-                       value, linenum);
-    }
-    else if (!strcasecmp(line, "BrowseOrder") && value)
-    {
-     /*
-      * "BrowseOrder Deny,Allow" or "BrowseOrder Allow,Deny"...
-      */
-
-      if ((location = cupsdFindLocation("CUPS_INTERNAL_BROWSE_ACL")) == NULL)
-        if ((location = cupsdNewLocation("CUPS_INTERNAL_BROWSE_ACL")) != NULL)
-         cupsdAddLocation(location);
-
-      if (location == NULL)
-        cupsdLogMessage(CUPSD_LOG_ERROR,
-                       "Unable to initialize browse access control list.");
-      else if (!strncasecmp(value, "deny", 4))
-        location->order_type = CUPSD_AUTH_ALLOW;
-      else if (!strncasecmp(value, "allow", 5))
-        location->order_type = CUPSD_AUTH_DENY;
-      else
-        cupsdLogMessage(CUPSD_LOG_ERROR,
-                       "Unknown BrowseOrder value %s on line %d.",
-                       value, linenum);
-    }
-    else if (!strcasecmp(line, "BrowseProtocols") ||
-             !strcasecmp(line, "BrowseLocalProtocols") ||
-             !strcasecmp(line, "BrowseRemoteProtocols"))
+    else if (!_cups_strcasecmp(line, "BrowseProtocols") ||
+             !_cups_strcasecmp(line, "BrowseLocalProtocols"))
      {
       /*
        * "BrowseProtocols name [... name]"
        * "BrowseLocalProtocols name [... name]"
-      * "BrowseRemoteProtocols name [... name]"
        */
  
        int protocols = parse_protocols(value);
@@ -2792,386 +2769,28 @@ read_configuration(cups_file_t *fp)    /* I - File to read from */
          break;
        }
  
-      if (strcasecmp(line, "BrowseLocalProtocols"))
-        BrowseRemoteProtocols = protocols;
-      if (strcasecmp(line, "BrowseRemoteProtocols"))
-        BrowseLocalProtocols = protocols;
-    }
-    else if ((!strcasecmp(line, "BrowseAllow") ||
-              !strcasecmp(line, "BrowseDeny")) && value)
-    {
-     /*
-      * BrowseAllow [From] host/ip...
-      * BrowseDeny [From] host/ip...
-      */
-
-      if ((location = cupsdFindLocation("CUPS_INTERNAL_BROWSE_ACL")) == NULL)
-        if ((location = cupsdNewLocation("CUPS_INTERNAL_BROWSE_ACL")) != NULL)
-         cupsdAddLocation(location);
-
-
-      if (location == NULL)
-        cupsdLogMessage(CUPSD_LOG_ERROR,
-                       "Unable to initialize browse access control list.");
-      else
-      {
-       if (!strncasecmp(value, "from", 4))
-       {
-        /*
-         * Skip leading "from"...
-         */
-
-         value += 4;
-       }
-
-       while (*value)
-       {
-        /*
-         * Skip leading whitespace...
-         */
-
-         while (isspace(*value & 255))
-           value ++;
-
-         if (!*value)
-           break;
-
-        /*
-         * Find the end of the value...
-         */
-
-         for (valueptr = value;
-              *valueptr && !isspace(*valueptr & 255);
-              valueptr ++);
-
-         while (isspace(*valueptr & 255))
-           *valueptr++ = '\0';
-
-        /*
-         * Figure out what form the allow/deny address takes:
-         *
-         *    All
-         *    None
-         *    *.domain.com
-         *    .domain.com
-         *    host.domain.com
-         *    nnn.*
-         *    nnn.nnn.*
-         *    nnn.nnn.nnn.*
-         *    nnn.nnn.nnn.nnn
-         *    nnn.nnn.nnn.nnn/mm
-         *    nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
-         */
-
-         if (!strcasecmp(value, "all"))
-         {
-          /*
-           * All hosts...
-           */
-
-           if (!strcasecmp(line, "BrowseAllow"))
-             cupsdAddIPMask(&(location->allow), zeros, zeros);
-           else
-             cupsdAddIPMask(&(location->deny), zeros, zeros);
-         }
-         else if (!strcasecmp(value, "none"))
-         {
-          /*
-           * No hosts...
-           */
-
-           if (!strcasecmp(line, "BrowseAllow"))
-             cupsdAddIPMask(&(location->allow), ones, zeros);
-           else
-             cupsdAddIPMask(&(location->deny), ones, zeros);
-         }
-#ifdef AF_INET6
-         else if (value[0] == '*' || value[0] == '.' ||
-                  (!isdigit(value[0] & 255) && value[0] != '['))
-#else
-         else if (value[0] == '*' || value[0] == '.' ||
-                  !isdigit(value[0] & 255))
-#endif /* AF_INET6 */
-         {
-          /*
-           * Host or domain name...
-           */
-
-           if (!strcasecmp(line, "BrowseAllow"))
-             cupsdAddNameMask(&(location->allow), value);
-           else
-             cupsdAddNameMask(&(location->deny), value);
-         }
-         else
-         {
-          /*
-           * One of many IP address forms...
-           */
-
-           if (!get_addr_and_mask(value, ip, mask))
-           {
-             cupsdLogMessage(CUPSD_LOG_ERROR, "Bad netmask value %s on line %d.",
-                             value, linenum);
-             break;
-           }
-
-           if (!strcasecmp(line, "BrowseAllow"))
-             cupsdAddIPMask(&(location->allow), ip, mask);
-           else
-             cupsdAddIPMask(&(location->deny), ip, mask);
-         }
-
-        /*
-         * Advance to next value...
-         */
-
-         value = valueptr;
-       }
-      }
-    }
-    else if (!strcasecmp(line, "BrowseRelay") && value)
-    {
-     /*
-      * BrowseRelay [from] source [to] destination
-      */
-
-      if (NumRelays == 0)
-        relay = malloc(sizeof(cupsd_dirsvc_relay_t));
-      else
-        relay = realloc(Relays, (NumRelays + 1) * sizeof(cupsd_dirsvc_relay_t));
-
-      if (!relay)
-      {
-        cupsdLogMessage(CUPSD_LOG_ERROR,
-                       "Unable to allocate BrowseRelay at line %d - %s.",
-                       linenum, strerror(errno));
-        continue;
-      }
-
-      Relays = relay;
-      relay  += NumRelays;
-
-      memset(relay, 0, sizeof(cupsd_dirsvc_relay_t));
-
-      if (!strncasecmp(value, "from ", 5))
-      {
-       /*
-       * Skip leading "from"...
-       */
-
-       value += 5;
-
-       /*
-        * Skip leading whitespace...
-       */
-
-       while (isspace(*value))
-         value ++;
-      }
-
-     /*
-      * Find the end of the from value...
-      */
-
-      for (valueptr = value;
-          *valueptr && !isspace(*valueptr & 255);
-          valueptr ++);
-
-      while (isspace(*valueptr & 255))
-       *valueptr++ = '\0';
-
-     /*
-      * Figure out what form the from address takes:
-      *
-      *    *.domain.com
-      *    .domain.com
-      *    host.domain.com
-      *    nnn.*
-      *    nnn.nnn.*
-      *    nnn.nnn.nnn.*
-      *    nnn.nnn.nnn.nnn
-      *    nnn.nnn.nnn.nnn/mm
-      *    nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
-      */
-
-#ifdef AF_INET6
-      if (value[0] == '*' || value[0] == '.' ||
-          (!isdigit(value[0] & 255) && value[0] != '['))
-#else
-      if (value[0] == '*' || value[0] == '.' || !isdigit(value[0] & 255))
-#endif /* AF_INET6 */
-      {
-       /*
-        * Host or domain name...
-       */
-
-        if (!cupsdAddNameMask(&(relay->from), value))
-       {
-         cupsdLogMessage(CUPSD_LOG_ERROR,
-                         "Unable to allocate BrowseRelay name at line %d - %s.",
-                         linenum, strerror(errno));
-         continue;
-       }
-      }
-      else
-      {
-       /*
-        * One of many IP address forms...
-       */
-
-        if (!get_addr_and_mask(value, ip, mask))
-       {
-          cupsdLogMessage(CUPSD_LOG_ERROR, "Bad netmask value %s on line %d.",
-                         value, linenum);
-         break;
-       }
-
-        if (!cupsdAddIPMask(&(relay->from), ip, mask))
-       {
-         cupsdLogMessage(CUPSD_LOG_ERROR,
-                         "Unable to allocate BrowseRelay IP at line %d - %s.",
-                         linenum, strerror(errno));
-         continue;
-       }
-      }
-
-     /*
-      * Get "to" address and port...
-      */
-
-      if (!strncasecmp(valueptr, "to ", 3))
-      {
-       /*
-        * Strip leading "to"...
-       */
-
-       valueptr += 3;
-
-       while (isspace(*valueptr))
-         valueptr ++;
-      }
-
-      if ((addrlist = get_address(valueptr, BrowsePort)) != NULL)
-      {
-       /*
-        * Only IPv4 addresses are supported...
-        */
-
-       for (addr = addrlist; addr; addr = addr->next)
-         if (addr->addr.addr.sa_family == AF_INET)
-           break;
-
-       if (addr)
-       {
-         memcpy(&(relay->to), &(addrlist->addr), sizeof(relay->to));
-
-         httpAddrString(&(relay->to), temp, sizeof(temp));
-
-         cupsdLogMessage(CUPSD_LOG_INFO, "Relaying from %s to %s:%d (IPv4)",
-                         value, temp, _httpAddrPort(&(relay->to)));
-
-         NumRelays ++;
-       }
-       else
-       {
-         cupsArrayDelete(relay->from);
-         relay->from = NULL;
-
-         cupsdLogMessage(CUPSD_LOG_ERROR, "Bad relay address %s at line %d.",
-                         valueptr, linenum);
-       }
-
-       httpAddrFreeList(addrlist);
-      }
-      else
-      {
-       cupsArrayDelete(relay->from);
-       relay->from = NULL;
-
-        cupsdLogMessage(CUPSD_LOG_ERROR, "Bad relay address %s at line %d.",
-                       valueptr, linenum);
-      }
+      BrowseLocalProtocols = protocols;
      }
-    else if (!strcasecmp(line, "BrowsePoll") && value)
+    else if (!_cups_strcasecmp(line, "default_auth_type") && value)
      {
       /*
-      * BrowsePoll address[:port]
-      */
-
-      char             *portname;      /* Port name */
-      int              portnum;        /* Port number */
-      struct servent   *service;       /* Service */
-
-
-     /*
-      * Extract the port name from the address...
+      * default_auth_type {basic,digest,basicdigest,negotiate}
        */
  
-      if ((portname = strrchr(value, ':')) != NULL && !strchr(portname, ']'))
-      {
-        *portname++ = '\0';
-
-        if (isdigit(*portname & 255))
-         portnum = atoi(portname);
-       else if ((service = getservbyname(portname, NULL)) != NULL)
-         portnum = ntohs(service->s_port);
-       else
-       {
-         cupsdLogMessage(CUPSD_LOG_ERROR, "Lookup of service \"%s\" failed.",
-                         portname);
-          continue;
-       }
-      }
-      else
-        portnum = ippPort();
-
-     /*
-      * Add the poll entry...
-      */
-
-      if (NumPolled == 0)
-        pollp = malloc(sizeof(cupsd_dirsvc_poll_t));
-      else
-        pollp = realloc(Polled, (NumPolled + 1) * sizeof(cupsd_dirsvc_poll_t));
-
-      if (!pollp)
-      {
-        cupsdLogMessage(CUPSD_LOG_ERROR,
-                       "Unable to allocate BrowsePoll at line %d - %s.",
-                       linenum, strerror(errno));
-        continue;
-      }
-
-      Polled = pollp;
-      pollp   += NumPolled;
-
-      NumPolled ++;
-      memset(pollp, 0, sizeof(cupsd_dirsvc_poll_t));
-
-      strlcpy(pollp->hostname, value, sizeof(pollp->hostname));
-      pollp->port = portnum;
-
-      cupsdLogMessage(CUPSD_LOG_INFO, "Polling %s:%d", pollp->hostname,
-                     pollp->port);
-    }
-    else if (!strcasecmp(line, "DefaultAuthType") && value)
-    {
-     /*
-      * DefaultAuthType {basic,digest,basicdigest,negotiate}
-      */
-
-      if (!strcasecmp(value, "none"))
-       DefaultAuthType = CUPSD_AUTH_NONE;
-      else if (!strcasecmp(value, "basic"))
-       DefaultAuthType = CUPSD_AUTH_BASIC;
-      else if (!strcasecmp(value, "digest"))
-       DefaultAuthType = CUPSD_AUTH_DIGEST;
-      else if (!strcasecmp(value, "basicdigest"))
-       DefaultAuthType = CUPSD_AUTH_BASICDIGEST;
+      if (!_cups_strcasecmp(value, "none"))
+       default_auth_type = CUPSD_AUTH_NONE;
+      else if (!_cups_strcasecmp(value, "basic"))
+       default_auth_type = CUPSD_AUTH_BASIC;
+      else if (!_cups_strcasecmp(value, "digest"))
+       default_auth_type = CUPSD_AUTH_DIGEST;
+      else if (!_cups_strcasecmp(value, "basicdigest"))
+       default_auth_type = CUPSD_AUTH_BASICDIGEST;
  #ifdef HAVE_GSSAPI
-      else if (!strcasecmp(value, "negotiate"))
-        DefaultAuthType = CUPSD_AUTH_NEGOTIATE;
+      else if (!_cups_strcasecmp(value, "negotiate"))
+        default_auth_type = CUPSD_AUTH_NEGOTIATE;
  #endif /* HAVE_GSSAPI */
+      else if (!_cups_strcasecmp(value, "auto"))
+        default_auth_type = CUPSD_AUTH_AUTO;
        else
        {
         cupsdLogMessage(CUPSD_LOG_WARN,
@@ -3182,17 +2801,17 @@ read_configuration(cups_file_t *fp)     /* I - File to read from */
        }
      }
  #ifdef HAVE_SSL
-    else if (!strcasecmp(line, "DefaultEncryption"))
+    else if (!_cups_strcasecmp(line, "DefaultEncryption"))
      {
       /*
        * DefaultEncryption {Never,IfRequested,Required}
        */
  
-      if (!value || !strcasecmp(value, "never"))
+      if (!value || !_cups_strcasecmp(value, "never"))
         DefaultEncryption = HTTP_ENCRYPT_NEVER;
-      else if (!strcasecmp(value, "required"))
+      else if (!_cups_strcasecmp(value, "required"))
         DefaultEncryption = HTTP_ENCRYPT_REQUIRED;
-      else if (!strcasecmp(value, "ifrequested"))
+      else if (!_cups_strcasecmp(value, "ifrequested"))
         DefaultEncryption = HTTP_ENCRYPT_IF_REQUESTED;
        else
        {
@@ -3204,7 +2823,7 @@ read_configuration(cups_file_t *fp)       /* I - File to read from */
        }
      }
  #endif /* HAVE_SSL */
-    else if (!strcasecmp(line, "User") && value)
+    else if (!_cups_strcasecmp(line, "User") && value)
      {
       /*
        * User ID to run as...
@@ -3247,7 +2866,7 @@ read_configuration(cups_file_t *fp)       /* I - File to read from */
                           value, linenum);
        }
      }
-    else if (!strcasecmp(line, "Group") && value)
+    else if (!_cups_strcasecmp(line, "Group") && value)
      {
       /*
        * Group ID to run as...
@@ -3268,7 +2887,7 @@ read_configuration(cups_file_t *fp)       /* I - File to read from */
                           value, linenum);
        }
      }
-    else if (!strcasecmp(line, "SystemGroup") && value)
+    else if (!_cups_strcasecmp(line, "SystemGroup") && value)
      {
       /*
        * SystemGroup (admin) group(s)...
@@ -3279,101 +2898,101 @@ read_configuration(cups_file_t *fp)   /* I - File to read from */
                         "Unknown SystemGroup \"%s\" on line %d, ignoring.",
                         value, linenum);
      }
-    else if (!strcasecmp(line, "HostNameLookups") && value)
+    else if (!_cups_strcasecmp(line, "HostNameLookups") && value)
      {
       /*
        * Do hostname lookups?
        */
  
-      if (!strcasecmp(value, "off") || !strcasecmp(value, "no") ||
-          !strcasecmp(value, "false"))
+      if (!_cups_strcasecmp(value, "off") || !_cups_strcasecmp(value, "no") ||
+          !_cups_strcasecmp(value, "false"))
          HostNameLookups = 0;
-      else if (!strcasecmp(value, "on") || !strcasecmp(value, "yes") ||
-          !strcasecmp(value, "true"))
+      else if (!_cups_strcasecmp(value, "on") || !_cups_strcasecmp(value, "yes") ||
+          !_cups_strcasecmp(value, "true"))
          HostNameLookups = 1;
-      else if (!strcasecmp(value, "double"))
+      else if (!_cups_strcasecmp(value, "double"))
          HostNameLookups = 2;
        else
         cupsdLogMessage(CUPSD_LOG_WARN, "Unknown HostNameLookups %s on line %d.",
                         value, linenum);
      }
-    else if (!strcasecmp(line, "AccessLogLevel") && value)
+    else if (!_cups_strcasecmp(line, "AccessLogLevel") && value)
      {
       /*
        * Amount of logging to do to access log...
        */
  
-      if (!strcasecmp(value, "all"))
+      if (!_cups_strcasecmp(value, "all"))
          AccessLogLevel = CUPSD_ACCESSLOG_ALL;
-      else if (!strcasecmp(value, "actions"))
+      else if (!_cups_strcasecmp(value, "actions"))
          AccessLogLevel = CUPSD_ACCESSLOG_ACTIONS;
-      else if (!strcasecmp(value, "config"))
+      else if (!_cups_strcasecmp(value, "config"))
          AccessLogLevel = CUPSD_ACCESSLOG_CONFIG;
        else
          cupsdLogMessage(CUPSD_LOG_WARN, "Unknown AccessLogLevel %s on line %d.",
                         value, linenum);
      }
-    else if (!strcasecmp(line, "LogLevel") && value)
+    else if (!_cups_strcasecmp(line, "LogLevel") && value)
      {
       /*
        * Amount of logging to do to error log...
        */
  
-      if (!strcasecmp(value, "debug2"))
+      if (!_cups_strcasecmp(value, "debug2"))
          LogLevel = CUPSD_LOG_DEBUG2;
-      else if (!strcasecmp(value, "debug"))
+      else if (!_cups_strcasecmp(value, "debug"))
          LogLevel = CUPSD_LOG_DEBUG;
-      else if (!strcasecmp(value, "info"))
+      else if (!_cups_strcasecmp(value, "info"))
          LogLevel = CUPSD_LOG_INFO;
-      else if (!strcasecmp(value, "notice"))
+      else if (!_cups_strcasecmp(value, "notice"))
          LogLevel = CUPSD_LOG_NOTICE;
-      else if (!strcasecmp(value, "warn"))
+      else if (!_cups_strcasecmp(value, "warn"))
          LogLevel = CUPSD_LOG_WARN;
-      else if (!strcasecmp(value, "error"))
+      else if (!_cups_strcasecmp(value, "error"))
          LogLevel = CUPSD_LOG_ERROR;
-      else if (!strcasecmp(value, "crit"))
+      else if (!_cups_strcasecmp(value, "crit"))
          LogLevel = CUPSD_LOG_CRIT;
-      else if (!strcasecmp(value, "alert"))
+      else if (!_cups_strcasecmp(value, "alert"))
          LogLevel = CUPSD_LOG_ALERT;
-      else if (!strcasecmp(value, "emerg"))
+      else if (!_cups_strcasecmp(value, "emerg"))
          LogLevel = CUPSD_LOG_EMERG;
-      else if (!strcasecmp(value, "none"))
+      else if (!_cups_strcasecmp(value, "none"))
          LogLevel = CUPSD_LOG_NONE;
        else
          cupsdLogMessage(CUPSD_LOG_WARN, "Unknown LogLevel %s on line %d.",
                         value, linenum);
      }
-    else if (!strcasecmp(line, "LogTimeFormat") && value)
+    else if (!_cups_strcasecmp(line, "LogTimeFormat") && value)
      {
       /*
        * Amount of logging to do to error log...
        */
  
-      if (!strcasecmp(value, "standard"))
+      if (!_cups_strcasecmp(value, "standard"))
          LogTimeFormat = CUPSD_TIME_STANDARD;
-      else if (!strcasecmp(value, "usecs"))
+      else if (!_cups_strcasecmp(value, "usecs"))
          LogTimeFormat = CUPSD_TIME_USECS;
        else
          cupsdLogMessage(CUPSD_LOG_WARN, "Unknown LogTimeFormat %s on line %d.",
                         value, linenum);
      }
-    else if (!strcasecmp(line, "PrintcapFormat") && value)
+    else if (!_cups_strcasecmp(line, "PrintcapFormat") && value)
      {
       /*
        * Format of printcap file?
        */
  
-      if (!strcasecmp(value, "bsd"))
+      if (!_cups_strcasecmp(value, "bsd"))
          PrintcapFormat = PRINTCAP_BSD;
-      else if (!strcasecmp(value, "plist"))
+      else if (!_cups_strcasecmp(value, "plist"))
          PrintcapFormat = PRINTCAP_PLIST;
-      else if (!strcasecmp(value, "solaris"))
+      else if (!_cups_strcasecmp(value, "solaris"))
          PrintcapFormat = PRINTCAP_SOLARIS;
        else
         cupsdLogMessage(CUPSD_LOG_WARN, "Unknown PrintcapFormat %s on line %d.",
                         value, linenum);
      }
-    else if (!strcasecmp(line, "ServerTokens") && value)
+    else if (!_cups_strcasecmp(line, "ServerTokens") && value)
      {
       /*
        * Set the string used for the Server header...
@@ -3384,26 +3003,27 @@ read_configuration(cups_file_t *fp)     /* I - File to read from */
  
        uname(&plat);
  
-      if (!strcasecmp(value, "ProductOnly"))
+      if (!_cups_strcasecmp(value, "ProductOnly"))
         cupsdSetString(&ServerHeader, "CUPS");
-      else if (!strcasecmp(value, "Major"))
-       cupsdSetString(&ServerHeader, "CUPS/1");
-      else if (!strcasecmp(value, "Minor"))
-       cupsdSetString(&ServerHeader, "CUPS/1.4");
-      else if (!strcasecmp(value, "Minimal"))
+      else if (!_cups_strcasecmp(value, "Major"))
+       cupsdSetStringf(&ServerHeader, "CUPS/%d", CUPS_VERSION_MAJOR);
+      else if (!_cups_strcasecmp(value, "Minor"))
+       cupsdSetStringf(&ServerHeader, "CUPS/%d.%d", CUPS_VERSION_MAJOR,
+                       CUPS_VERSION_MINOR);
+      else if (!_cups_strcasecmp(value, "Minimal"))
         cupsdSetString(&ServerHeader, CUPS_MINIMAL);
-      else if (!strcasecmp(value, "OS"))
+      else if (!_cups_strcasecmp(value, "OS"))
         cupsdSetStringf(&ServerHeader, CUPS_MINIMAL " (%s)", plat.sysname);
-      else if (!strcasecmp(value, "Full"))
-       cupsdSetStringf(&ServerHeader, CUPS_MINIMAL " (%s) IPP/1.1",
+      else if (!_cups_strcasecmp(value, "Full"))
+       cupsdSetStringf(&ServerHeader, CUPS_MINIMAL " (%s) IPP/2.1",
                         plat.sysname);
-      else if (!strcasecmp(value, "None"))
+      else if (!_cups_strcasecmp(value, "None"))
         cupsdClearString(&ServerHeader);
        else
         cupsdLogMessage(CUPSD_LOG_WARN, "Unknown ServerTokens %s on line %d.",
                          value, linenum);
      }
-    else if (!strcasecmp(line, "PassEnv") && value)
+    else if (!_cups_strcasecmp(line, "PassEnv") && value)
      {
       /*
        * PassEnv variable [... variable]
@@ -3412,7 +3032,7 @@ read_configuration(cups_file_t *fp)       /* I - File to read from */
        for (; *value;)
        {
          for (valuelen = 0; value[valuelen]; valuelen ++)
-         if (isspace(value[valuelen]) || value[valuelen] == ',')
+         if (_cups_isspace(value[valuelen]) || value[valuelen] == ',')
             break;
  
          if (value[valuelen])
@@ -3424,18 +3044,39 @@ read_configuration(cups_file_t *fp)     /* I - File to read from */
          cupsdSetEnv(value, NULL);
  
          for (value += valuelen; *value; value ++)
-         if (!isspace(*value) || *value != ',')
+         if (!_cups_isspace(*value) || *value != ',')
             break;
        }
      }
-    else if (!strcasecmp(line, "ServerAlias") && value)
+    else if (!_cups_strcasecmp(line, "ServerAlias") && value)
      {
+     /*
+      * ServerAlias name [... name]
+      */
+
        if (!ServerAlias)
          ServerAlias = cupsArrayNew(NULL, NULL);
  
-      cupsdAddAlias(ServerAlias, value);
+      for (; *value;)
+      {
+        for (valuelen = 0; value[valuelen]; valuelen ++)
+         if (_cups_isspace(value[valuelen]) || value[valuelen] == ',')
+           break;
+
+        if (value[valuelen])
+        {
+         value[valuelen] = '\0';
+         valuelen ++;
+       }
+
+       cupsdAddAlias(ServerAlias, value);
+
+        for (value += valuelen; *value; value ++)
+         if (!_cups_isspace(*value) || *value != ',')
+           break;
+      }
      }
-    else if (!strcasecmp(line, "SetEnv") && value)
+    else if (!_cups_strcasecmp(line, "SetEnv") && value)
      {
       /*
        * SetEnv variable value
@@ -3460,15 +3101,15 @@ read_configuration(cups_file_t *fp)     /* I - File to read from */
                         linenum);
      }
  #ifdef HAVE_SSL
-    else if (!strcasecmp(line, "SSLOptions"))
+    else if (!_cups_strcasecmp(line, "SSLOptions"))
      {
       /*
        * SSLOptions options
        */
  
-      if (!value || !strcasecmp(value, "none"))
+      if (!value || !_cups_strcasecmp(value, "none"))
          SSLOptions = CUPSD_SSL_NONE;
-      else if (!strcasecmp(value, "noemptyfragments"))
+      else if (!_cups_strcasecmp(value, "noemptyfragments"))
          SSLOptions = CUPSD_SSL_NOEMPTY;
        else
          cupsdLogMessage(CUPSD_LOG_ERROR,
@@ -3483,7 +3124,7 @@ read_configuration(cups_file_t *fp)       /* I - File to read from */
        */
  
        for (i = NUM_VARS, var = variables; i > 0; i --, var ++)
-        if (!strcasecmp(line, var->name))
+        if (!_cups_strcasecmp(line, var->name))
           break;
  
        if (i == 0)
@@ -3508,12 +3149,15 @@ read_configuration(cups_file_t *fp)     /* I - File to read from */
               cupsdLogMessage(CUPSD_LOG_ERROR,
                               "Missing integer value for %s on line %d.",
                               line, linenum);
+           else if (!isdigit(*value & 255))
+             cupsdLogMessage(CUPSD_LOG_ERROR,
+                             "Bad integer value for %s on line %d.",
+                             line, linenum);
             else
             {
               int       n;              /* Number */
               char      *units;         /* Units */
  
-
                n = strtol(value, &units, 0);
  
               if (units && *units)
@@ -3526,6 +3170,13 @@ read_configuration(cups_file_t *fp)      /* I - File to read from */
                   n *= 1024;
                 else if (tolower(units[0] & 255) == 't')
                   n *= 262144;
+               else
+               {
+                 cupsdLogMessage(CUPSD_LOG_ERROR,
+                                 "Unknown integer value for %s on line %d.",
+                                 line, linenum);
+                 break;
+               }
               }
  
                if (n < 0)
@@ -3537,22 +3188,77 @@ read_configuration(cups_file_t *fp)     /* I - File to read from */
             }
             break;
  
+        case CUPSD_VARTYPE_TIME :
+           if (!value)
+             cupsdLogMessage(CUPSD_LOG_ERROR,
+                             "Missing time interval value for %s on line %d.",
+                             line, linenum);
+           else if (!_cups_strncasecmp(line, "PreserveJob", 11) &&
+                    (!_cups_strcasecmp(value, "true") ||
+                     !_cups_strcasecmp(value, "on") ||
+                     !_cups_strcasecmp(value, "enabled") ||
+                     !_cups_strcasecmp(value, "yes")))
+             *((int *)var->ptr) = INT_MAX;
+           else if (!_cups_strcasecmp(value, "false") ||
+                    !_cups_strcasecmp(value, "off") ||
+                    !_cups_strcasecmp(value, "disabled") ||
+                    !_cups_strcasecmp(value, "no"))
+             *((int *)var->ptr) = 0;
+           else if (!isdigit(*value & 255))
+             cupsdLogMessage(CUPSD_LOG_ERROR,
+                             "Unknown time interval value for %s on line %d.",
+                             line, linenum);
+           else
+           {
+             double    n;              /* Number */
+             char      *units;         /* Units */
+
+              n = strtod(value, &units);
+
+             if (units && *units)
+             {
+               if (tolower(units[0] & 255) == 'w')
+                 n *= 7 * 24 * 60 * 60;
+               else if (tolower(units[0] & 255) == 'd')
+                 n *= 24 * 60 * 60;
+               else if (tolower(units[0] & 255) == 'h')
+                 n *= 60 * 60;
+               else if (tolower(units[0] & 255) == 'm')
+                 n *= 60;
+               else
+               {
+                 cupsdLogMessage(CUPSD_LOG_ERROR,
+                                 "Unknown time interval value for %s on line "
+                                 "%d.", line, linenum);
+                 break;
+               }
+             }
+
+              if (n < 0.0 || n > INT_MAX)
+               cupsdLogMessage(CUPSD_LOG_ERROR,
+                               "Bad time value for %s on line %d.",
+                               line, linenum);
+             else
+               *((int *)var->ptr) = (int)n;
+           }
+           break;
+
         case CUPSD_VARTYPE_BOOLEAN :
             if (!value)
               cupsdLogMessage(CUPSD_LOG_ERROR,
                               "Missing boolean value for %s on line %d.",
                               line, linenum);
-            else if (!strcasecmp(value, "true") ||
-                    !strcasecmp(value, "on") ||
-                    !strcasecmp(value, "enabled") ||
-                    !strcasecmp(value, "yes") ||
+            else if (!_cups_strcasecmp(value, "true") ||
+                    !_cups_strcasecmp(value, "on") ||
+                    !_cups_strcasecmp(value, "enabled") ||
+                    !_cups_strcasecmp(value, "yes") ||
                      atoi(value) != 0)
                *((int *)var->ptr) = TRUE;
-           else if (!strcasecmp(value, "false") ||
-                    !strcasecmp(value, "off") ||
-                    !strcasecmp(value, "disabled") ||
-                    !strcasecmp(value, "no") ||
-                    !strcasecmp(value, "0"))
+           else if (!_cups_strcasecmp(value, "false") ||
+                    !_cups_strcasecmp(value, "off") ||
+                    !_cups_strcasecmp(value, "disabled") ||
+                    !_cups_strcasecmp(value, "no") ||
+                    !_cups_strcasecmp(value, "0"))
                *((int *)var->ptr) = FALSE;
             else
                cupsdLogMessage(CUPSD_LOG_ERROR,
@@ -3630,10 +3336,10 @@ read_location(cups_file_t *fp,          /* I - Configuration file */
      * Decode the directive...
      */
  
-    if (!strcasecmp(line, "</Location>"))
+    if (!_cups_strcasecmp(line, "</Location>"))
        return (linenum);
-    else if (!strcasecmp(line, "<Limit") ||
-             !strcasecmp(line, "<LimitExcept"))
+    else if (!_cups_strcasecmp(line, "<Limit") ||
+             !_cups_strcasecmp(line, "<LimitExcept"))
      {
        if (!value)
        {
@@ -3678,14 +3384,20 @@ read_location(cups_file_t *fp,          /* I - Configuration file */
          for (value = valptr; isspace(*value & 255); value ++);
        }
  
-      if (!strcasecmp(line, "<LimitExcept"))
+      if (!_cups_strcasecmp(line, "<LimitExcept"))
          loc->limit = CUPSD_AUTH_LIMIT_ALL ^ loc->limit;
  
        parent->limit &= ~loc->limit;
      }
-    else if (!strcasecmp(line, "</Limit>") ||
-             !strcasecmp(line, "</LimitExcept>"))
+    else if (!_cups_strcasecmp(line, "</Limit>") ||
+             !_cups_strcasecmp(line, "</LimitExcept>"))
        loc = parent;
+    else if (!value)
+    {
+      cupsdLogMessage(CUPSD_LOG_ERROR, "Missing value on line %d.", linenum);
+      if (FatalErrors & CUPSD_FATAL_CONFIG)
+       return (0);
+    }
      else if (!parse_aaa(loc, line, value, linenum))
      {
        cupsdLogMessage(CUPSD_LOG_ERROR,
@@ -3747,7 +3459,7 @@ read_policy(cups_file_t *fp,              /* I - Configuration file */
      * Decode the directive...
      */
  
-    if (!strcasecmp(line, "</Policy>"))
+    if (!_cups_strcasecmp(line, "</Policy>"))
      {
        if (op)
          cupsdLogMessage(CUPSD_LOG_WARN,
@@ -3758,7 +3470,7 @@ read_policy(cups_file_t *fp,              /* I - Configuration file */
  
        return (linenum);
      }
-    else if (!strcasecmp(line, "<Limit") && !op)
+    else if (!_cups_strcasecmp(line, "<Limit") && !op)
      {
        if (!value)
        {
@@ -3784,7 +3496,7 @@ read_policy(cups_file_t *fp,              /* I - Configuration file */
  
          if (num_ops < (int)(sizeof(ops) / sizeof(ops[0])))
         {
-         if (!strcasecmp(value, "All"))
+         if (!_cups_strcasecmp(value, "All"))
             ops[num_ops] = IPP_ANY_OPERATION;
           else if ((ops[num_ops] = ippOpValue(value)) == IPP_BAD_OPERATION)
             cupsdLogMessage(CUPSD_LOG_ERROR,
@@ -3817,7 +3529,7 @@ read_policy(cups_file_t *fp,              /* I - Configuration file */
  
        op = cupsdAddPolicyOp(pol, NULL, ops[0]);
      }
-    else if (!strcasecmp(line, "</Limit>") && op)
+    else if (!_cups_strcasecmp(line, "</Limit>") && op)
      {
       /*
        * Finish the current operation limit...
@@ -3835,10 +3547,16 @@ read_policy(cups_file_t *fp,            /* I - Configuration file */
  
        op = NULL;
      }
-    else if (!strcasecmp(line, "JobPrivateAccess") ||
-            !strcasecmp(line, "JobPrivateValues") ||
-            !strcasecmp(line, "SubscriptionPrivateAccess") ||
-            !strcasecmp(line, "SubscriptionPrivateValues"))
+    else if (!value)
+    {
+      cupsdLogMessage(CUPSD_LOG_ERROR, "Missing value on line %d.", linenum);
+      if (FatalErrors & CUPSD_FATAL_CONFIG)
+       return (0);
+    }
+    else if (!_cups_strcasecmp(line, "JobPrivateAccess") ||
+            !_cups_strcasecmp(line, "JobPrivateValues") ||
+            !_cups_strcasecmp(line, "SubscriptionPrivateAccess") ||
+            !_cups_strcasecmp(line, "SubscriptionPrivateValues"))
      {
        if (op)
        {
@@ -3869,13 +3587,13 @@ read_policy(cups_file_t *fp,            /* I - Configuration file */
           * Save it appropriately...
           */
  
-         if (!strcasecmp(line, "JobPrivateAccess"))
+         if (!_cups_strcasecmp(line, "JobPrivateAccess"))
           {
            /*
             * JobPrivateAccess {all|default|user/group list|@@ACL}
             */
  
-            if (!strcasecmp(value, "default"))
+            if (!_cups_strcasecmp(value, "default"))
             {
               cupsdAddString(&(pol->job_access), "@OWNER");
               cupsdAddString(&(pol->job_access), "@SYSTEM");
@@ -3883,28 +3601,29 @@ read_policy(cups_file_t *fp,            /* I - Configuration file */
             else
               cupsdAddString(&(pol->job_access), value);
           }
-         else if (!strcasecmp(line, "JobPrivateValues"))
+         else if (!_cups_strcasecmp(line, "JobPrivateValues"))
           {
            /*
             * JobPrivateValues {all|none|default|attribute list}
             */
  
-           if (!strcasecmp(value, "default"))
+           if (!_cups_strcasecmp(value, "default"))
             {
               cupsdAddString(&(pol->job_attrs), "job-name");
               cupsdAddString(&(pol->job_attrs), "job-originating-host-name");
               cupsdAddString(&(pol->job_attrs), "job-originating-user-name");
+             cupsdAddString(&(pol->job_attrs), "phone");
             }
             else
               cupsdAddString(&(pol->job_attrs), value);
           }
-         else if (!strcasecmp(line, "SubscriptionPrivateAccess"))
+         else if (!_cups_strcasecmp(line, "SubscriptionPrivateAccess"))
           {
            /*
             * SubscriptionPrivateAccess {all|default|user/group list|@@ACL}
             */
  
-            if (!strcasecmp(value, "default"))
+            if (!_cups_strcasecmp(value, "default"))
             {
               cupsdAddString(&(pol->sub_access), "@OWNER");
               cupsdAddString(&(pol->sub_access), "@SYSTEM");
@@ -3912,13 +3631,13 @@ read_policy(cups_file_t *fp,            /* I - Configuration file */
             else
               cupsdAddString(&(pol->sub_access), value);
           }
-         else /* if (!strcasecmp(line, "SubscriptionPrivateValues")) */
+         else /* if (!_cups_strcasecmp(line, "SubscriptionPrivateValues")) */
           {
            /*
             * SubscriptionPrivateValues {all|none|default|attribute list}
             */
  
-           if (!strcasecmp(value, "default"))
+           if (!_cups_strcasecmp(value, "default"))
             {
               cupsdAddString(&(pol->sub_attrs), "notify-events");
               cupsdAddString(&(pol->sub_attrs), "notify-pull-method");
@@ -4118,6 +3837,7 @@ set_policy_defaults(cupsd_policy_t *pol)/* I - Policy */
      cupsdAddString(&(pol->job_attrs), "job-name");
      cupsdAddString(&(pol->job_attrs), "job-originating-host-name");
      cupsdAddString(&(pol->job_attrs), "job-originating-user-name");
+    cupsdAddString(&(pol->job_attrs), "phone");
    }
  
    if (!pol->sub_access)