]> git.ipfire.org Git - thirdparty/cups.git/blame - scheduler/client.c
projects / thirdparty / cups.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Update CGI documentation and add testable examples for CGI support (Issue #5940)
[thirdparty/cups.git] / scheduler / client.c
CommitLineData
ef416fc2 1/*
5ec1fd3d 2 * Client routines for the CUPS scheduler.
ef416fc2 3 *
630267c6 4 * Copyright © 2021 by OpenPrinting.
d03753f3 5 * Copyright © 2007-2021 by Apple Inc.
630267c6 6 * Copyright © 1997-2007 by Easy Software Products, all rights reserved.
f7deaa1a 7 *
5ec1fd3d
MS		 8 * This file contains Kerberos support code, copyright 2006 by
9 * Jelmer Vernooij.
ef416fc2 10 *
4feb1fe2
MS		 11 * Licensed under Apache License v2.0. See the file "LICENSE" for more
12 * information.
ef416fc2 13 */
14
15/*
16 * Include necessary headers...
17 */
18
5ec1fd3d 19#define _CUPS_NO_DEPRECATED
d21dc0ed 20#define _HTTP_NO_PRIVATE
ef416fc2 21#include "cupsd.h"
22
cb7f98ee
MS		 23#ifdef __APPLE__
24# include <libproc.h>
25#endif /* __APPLE__ */
749b1e90
MS		 26#ifdef HAVE_TCPD_H
27# include <tcpd.h>
28#endif /* HAVE_TCPD_H */
29
ef416fc2 30
31/*
32 * Local functions...
33 */
34
35static int check_if_modified(cupsd_client_t *con,
36 struct stat *filestats);
3dfe78b3
MS		 37static int compare_clients(cupsd_client_t *a, cupsd_client_t *b,
38 void *data);
d3d89474
MS		 39#ifdef HAVE_SSL
40static int cupsd_start_tls(cupsd_client_t *con, http_encryption_t e);
41#endif /* HAVE_SSL */
f7deaa1a 42static char *get_file(cupsd_client_t *con, struct stat *filestats,
07623986 43 char *filename, size_t len);
c41769ff 44static http_status_t install_cupsd_conf(cupsd_client_t *con);
e1d6a774 45static int is_cgi(cupsd_client_t *con, const char *filename,
46 struct stat *filestats, mime_type_t *type);
ef416fc2 47static int is_path_absolute(const char *path);
48static int pipe_command(cupsd_client_t *con, int infile, int *outfile,
49 char *command, char *options, int root);
e07d4801 50static int valid_host(cupsd_client_t *con);
a74454a7 51static int write_file(cupsd_client_t *con, http_status_t code,
52 char *filename, char *type,
53 struct stat *filestats);
f899b121 54static void write_pipe(cupsd_client_t *con);
ef416fc2 55
56
57/*
58 * 'cupsdAcceptClient()' - Accept a new client.
59 */
60
61void
62cupsdAcceptClient(cupsd_listener_t *lis)/* I - Listener socket */
63{
48bd1142 64 const char *hostname; /* Hostname of client */
996acce8 65 char name[256]; /* Hostname of client */
ef416fc2 66 int count; /* Count of connections on a host */
bd7854cb 67 cupsd_client_t *con, /* New client pointer */
68 *tempcon; /* Temporary client pointer */
ef416fc2 69 socklen_t addrlen; /* Length of address */
ef416fc2 70 http_addr_t temp; /* Temporary address variable */
71 static time_t last_dos = 0; /* Time of last DoS attack */
749b1e90
MS		 72#ifdef HAVE_TCPD_H
73 struct request_info wrap_req; /* TCP wrappers request information */
74#endif /* HAVE_TCPD_H */
ef416fc2 75
76
ffe32673 77 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdAcceptClient(lis=%p(%d)) Clients=%d", lis, lis->fd, cupsArrayCount(Clients));
ef416fc2 78
79 /*
80 * Make sure we don't have a full set of clients already...
81 */
82
bd7854cb 83 if (cupsArrayCount(Clients) == MaxClients)
ef416fc2 84 return;
85
e4e37194
MS		 86 cupsdSetBusyState(1);
87
ef416fc2 88 /*
89 * Get a pointer to the next available client...
90 */
91
bd7854cb 92 if (!Clients)
93 Clients = cupsArrayNew(NULL, NULL);
94
95 if (!Clients)
91c84a35
MS		 96 {
97 cupsdLogMessage(CUPSD_LOG_ERROR,
3dfe78b3
MS		 98 "Unable to allocate memory for clients array!");
99 cupsdPauseListening();
100 return;
101 }
102
103 if (!ActiveClients)
104 ActiveClients = cupsArrayNew((cups_array_func_t)compare_clients, NULL);
105
106 if (!ActiveClients)
107 {
108 cupsdLogMessage(CUPSD_LOG_ERROR,
109 "Unable to allocate memory for active clients array!");
91c84a35 110 cupsdPauseListening();
bd7854cb 111 return;
91c84a35 112 }
bd7854cb 113
91c84a35
MS		 114 if ((con = calloc(1, sizeof(cupsd_client_t))) == NULL)
115 {
116 cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to allocate memory for client!");
117 cupsdPauseListening();
118 return;
119 }
ef416fc2 120
ef416fc2 121 /*
122 * Accept the client and get the remote address...
123 */
124
996acce8
MS		 125 con->number = ++ LastClientNumber;
126 con->file = -1;
ef416fc2 127
996acce8 128 if ((con->http = httpAcceptConnection(lis->fd, 0)) == NULL)
ef416fc2 129 {
76cd9e37
MS		 130 if (errno == ENFILE || errno == EMFILE)
131 cupsdPauseListening();
132
ef416fc2 133 cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to accept client connection - %s.",
134 strerror(errno));
bd7854cb 135 free(con);
76cd9e37 136
ef416fc2 137 return;
138 }
139
22c9029b 140 /*
996acce8 141 * Save the connected address and port number...
22c9029b 142 */
ef416fc2 143
cd1a83ea
MS		 144 addrlen = sizeof(con->clientaddr);
145
146 if (getsockname(httpGetFd(con->http), (struct sockaddr *)&con->clientaddr, &addrlen) || addrlen == 0)
147 con->clientaddr = lis->address;
148
149 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Server address is \"%s\".", httpAddrString(&con->clientaddr, name, sizeof(name)));
ef416fc2 150
ef416fc2 151 /*
152 * Check the number of clients on the same address...
153 */
154
bd7854cb 155 for (count = 0, tempcon = (cupsd_client_t *)cupsArrayFirst(Clients);
156 tempcon;
157 tempcon = (cupsd_client_t *)cupsArrayNext(Clients))
996acce8 158 if (httpAddrEqual(httpGetAddress(tempcon->http), httpGetAddress(con->http)))
ef416fc2 159 {
160 count ++;
161 if (count >= MaxClientsPerHost)
162 break;
163 }
164
165 if (count >= MaxClientsPerHost)
166 {
167 if ((time(NULL) - last_dos) >= 60)
168 {
169 last_dos = time(NULL);
170 cupsdLogMessage(CUPSD_LOG_WARN,
bd7854cb 171 "Possible DoS attack - more than %d clients connecting "
996acce8 172 "from %s.",
749b1e90 173 MaxClientsPerHost,
996acce8 174 httpGetHostname(con->http, name, sizeof(name)));
ef416fc2 175 }
176
996acce8 177 httpClose(con->http);
bd7854cb 178 free(con);
ef416fc2 179 return;
180 }
181
182 /*
183 * Get the hostname or format the IP address as needed...
184 */
185
48bd1142
MS		 186 if (HostNameLookups)
187 hostname = httpResolveHostname(con->http, NULL, 0);
ef416fc2 188 else
48bd1142 189 hostname = httpGetHostname(con->http, NULL, 0);
ef416fc2 190
191 if (hostname == NULL && HostNameLookups == 2)
192 {
193 /*
194 * Can't have an unresolved IP address with double-lookups enabled...
195 */
196
996acce8 197 httpClose(con->http);
ef416fc2 198
996acce8 199 cupsdLogClient(con, CUPSD_LOG_WARN,
ef416fc2 200 "Name lookup failed - connection from %s closed!",
5ec1fd3d 201 httpGetHostname(con->http, NULL, 0));
bd7854cb 202
203 free(con);
ef416fc2 204 return;
205 }
206
207 if (HostNameLookups == 2)
208 {
209 /*
210 * Do double lookups as needed...
211 */
212
48bd1142
MS		 213 http_addrlist_t *addrlist, /* List of addresses */
214 *addr; /* Current address */
215
216 if ((addrlist = httpAddrGetList(hostname, AF_UNSPEC, NULL)) != NULL)
ef416fc2 217 {
218 /*
219 * See if the hostname maps to the same IP address...
220 */
221
222 for (addr = addrlist; addr; addr = addr->next)
5ec1fd3d 223 if (httpAddrEqual(httpGetAddress(con->http), &(addr->addr)))
ef416fc2 224 break;
225 }
226 else
227 addr = NULL;
228
229 httpAddrFreeList(addrlist);
230
231 if (!addr)
232 {
233 /*
234 * Can't have a hostname that doesn't resolve to the same IP address
235 * with double-lookups enabled...
236 */
237
996acce8 238 httpClose(con->http);
ef416fc2 239
996acce8 240 cupsdLogClient(con, CUPSD_LOG_WARN,
ef416fc2 241 "IP lookup failed - connection from %s closed!",
5ec1fd3d 242 httpGetHostname(con->http, NULL, 0));
bd7854cb 243 free(con);
ef416fc2 244 return;
245 }
246 }
247
749b1e90
MS		 248#ifdef HAVE_TCPD_H
249 /*
250 * See if the connection is denied by TCP wrappers...
251 */
252
996acce8
MS		 253 request_init(&wrap_req, RQ_DAEMON, "cupsd", RQ_FILE, httpGetFd(con->http),
254 NULL);
749b1e90
MS		 255 fromhost(&wrap_req);
256
257 if (!hosts_access(&wrap_req))
258 {
996acce8 259 httpClose(con->http);
749b1e90 260
996acce8 261 cupsdLogClient(con, CUPSD_LOG_WARN,
749b1e90 262 "Connection from %s refused by /etc/hosts.allow and "
5ec1fd3d 263 "/etc/hosts.deny rules.", httpGetHostname(con->http, NULL, 0));
749b1e90
MS		 264 free(con);
265 return;
266 }
267#endif /* HAVE_TCPD_H */
268
ef416fc2 269#ifdef AF_LOCAL
5ec1fd3d 270 if (httpAddrFamily(httpGetAddress(con->http)) == AF_LOCAL)
cb7f98ee
MS		 271 {
272# ifdef __APPLE__
273 socklen_t peersize; /* Size of peer credentials */
274 pid_t peerpid; /* Peer process ID */
996acce8 275 char peername[256]; /* Name of process */
cb7f98ee
MS		 276
277 peersize = sizeof(peerpid);
3e4dcdb9 278 if (!getsockopt(httpGetFd(con->http), SOL_LOCAL, LOCAL_PEERPID, &peerpid,
996acce8 279 &peersize))
cb7f98ee 280 {
3e4dcdb9 281 if (!proc_name((int)peerpid, peername, sizeof(peername)))
996acce8
MS		 282 cupsdLogClient(con, CUPSD_LOG_DEBUG,
283 "Accepted from %s (Domain ???[%d])",
5ec1fd3d 284 httpGetHostname(con->http, NULL, 0), (int)peerpid);
cb7f98ee 285 else
996acce8
MS		 286 cupsdLogClient(con, CUPSD_LOG_DEBUG,
287 "Accepted from %s (Domain %s[%d])",
3e4dcdb9 288 httpGetHostname(con->http, NULL, 0), peername, (int)peerpid);
cb7f98ee
MS		 289 }
290 else
291# endif /* __APPLE__ */
292
996acce8 293 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Accepted from %s (Domain)",
5ec1fd3d 294 httpGetHostname(con->http, NULL, 0));
cb7f98ee 295 }
ef416fc2 296 else
297#endif /* AF_LOCAL */
996acce8 298 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Accepted from %s:%d (IPv%d)",
5ec1fd3d
MS		 299 httpGetHostname(con->http, NULL, 0),
300 httpAddrPort(httpGetAddress(con->http)),
301 httpAddrFamily(httpGetAddress(con->http)) == AF_INET ? 4 : 6);
ef416fc2 302
303 /*
304 * Get the local address the client connected to...
305 */
306
307 addrlen = sizeof(temp);
996acce8 308 if (getsockname(httpGetFd(con->http), (struct sockaddr *)&temp, &addrlen))
ef416fc2 309 {
996acce8
MS		 310 cupsdLogClient(con, CUPSD_LOG_ERROR, "Unable to get local address - %s",
311 strerror(errno));
ef416fc2 312
5a9febac 313 strlcpy(con->servername, "localhost", sizeof(con->servername));
ef416fc2 314 con->serverport = LocalPort;
315 }
22c9029b 316#ifdef AF_LOCAL
5ec1fd3d 317 else if (httpAddrFamily(&temp) == AF_LOCAL)
22c9029b 318 {
5a9febac 319 strlcpy(con->servername, "localhost", sizeof(con->servername));
22c9029b
MS		 320 con->serverport = LocalPort;
321 }
322#endif /* AF_LOCAL */
ef416fc2 323 else
324 {
22c9029b
MS		 325 if (httpAddrLocalhost(&temp))
326 strlcpy(con->servername, "localhost", sizeof(con->servername));
6961465f 327 else if (HostNameLookups)
22c9029b 328 httpAddrLookup(&temp, con->servername, sizeof(con->servername));
ef416fc2 329 else
22c9029b 330 httpAddrString(&temp, con->servername, sizeof(con->servername));
b19ccc9e 331
a469f8a5 332 con->serverport = httpAddrPort(&(lis->address));
ef416fc2 333 }
334
dcb445bc
MS		 335 /*
336 * Add the connection to the array of active clients...
337 */
338
bd7854cb 339 cupsArrayAdd(Clients, con);
340
ef416fc2 341 /*
b9faaae1 342 * Add the socket to the server select.
ef416fc2 343 */
344
996acce8
MS		 345 cupsdAddSelect(httpGetFd(con->http), (cupsd_selfunc_t)cupsdReadClient, NULL,
346 con);
ef416fc2 347
996acce8 348 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Waiting for request.");
1bc82dd9 349
ef416fc2 350 /*
351 * Temporarily suspend accept()'s until we lose a client...
352 */
353
bd7854cb 354 if (cupsArrayCount(Clients) == MaxClients)
ef416fc2 355 cupsdPauseListening();
356
357#ifdef HAVE_SSL
358 /*
359 * See if we are connecting on a secure port...
360 */
361
5ec1fd3d 362 if (lis->encryption == HTTP_ENCRYPTION_ALWAYS)
ef416fc2 363 {
364 /*
365 * https connection; go secure...
366 */
367
d3d89474 368 if (cupsd_start_tls(con, HTTP_ENCRYPTION_ALWAYS))
411affcf 369 cupsdCloseClient(con);
ef416fc2 370 }
371 else
372 con->auto_ssl = 1;
373#endif /* HAVE_SSL */
374}
375
376
377/*
378 * 'cupsdCloseAllClients()' - Close all remote clients immediately.
379 */
380
381void
382cupsdCloseAllClients(void)
383{
bd7854cb 384 cupsd_client_t *con; /* Current client */
385
386
ffe32673 387 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCloseAllClients() Clients=%d", cupsArrayCount(Clients));
b9faaae1 388
bd7854cb 389 for (con = (cupsd_client_t *)cupsArrayFirst(Clients);
390 con;
391 con = (cupsd_client_t *)cupsArrayNext(Clients))
49d87452
MS		 392 if (cupsdCloseClient(con))
393 cupsdCloseClient(con);
ef416fc2 394}
395
396
397/*
398 * 'cupsdCloseClient()' - Close a remote client.
399 */
400
401int /* O - 1 if partial close, 0 if fully closed */
402cupsdCloseClient(cupsd_client_t *con) /* I - Client to close */
403{
404 int partial; /* Do partial close for SSL? */
ef416fc2 405
406
996acce8 407 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing connection.");
ef416fc2 408
409 /*
410 * Flush pending writes before closing...
411 */
412
996acce8 413 httpFlushWrite(con->http);
ef416fc2 414
415 partial = 0;
416
ef416fc2 417 if (con->pipe_pid != 0)
418 {
419 /*
420 * Stop any CGI process...
421 */
422
ef416fc2 423 cupsdEndProcess(con->pipe_pid, 1);
424 con->pipe_pid = 0;
425 }
426
427 if (con->file >= 0)
428 {
f7deaa1a 429 cupsdRemoveSelect(con->file);
ef416fc2 430
ef416fc2 431 close(con->file);
432 con->file = -1;
433 }
434
435 /*
436 * Close the socket and clear the file from the input set for select()...
437 */
438
996acce8 439 if (httpGetFd(con->http) >= 0)
ef416fc2 440 {
3dfe78b3 441 cupsArrayRemove(ActiveClients, con);
e4e37194 442 cupsdSetBusyState(0);
3dfe78b3 443
5ec1fd3d
MS		 444#ifdef HAVE_SSL
445 /*
446 * Shutdown encryption as needed...
447 */
448
449 if (httpIsEncrypted(con->http))
450 partial = 1;
451#endif /* HAVE_SSL */
452
ef416fc2 453 if (partial)
454 {
455 /*
456 * Only do a partial close so that the encrypted client gets everything.
457 */
458
5ec1fd3d 459 httpShutdown(con->http);
996acce8
MS		 460 cupsdAddSelect(httpGetFd(con->http), (cupsd_selfunc_t)cupsdReadClient,
461 NULL, con);
1bc82dd9 462
996acce8 463 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Waiting for socket close.");
ef416fc2 464 }
465 else
466 {
467 /*
468 * Shut the socket down fully...
469 */
470
996acce8
MS		 471 cupsdRemoveSelect(httpGetFd(con->http));
472 httpClose(con->http);
473 con->http = NULL;
ef416fc2 474 }
475 }
476
477 if (!partial)
478 {
479 /*
480 * Free memory...
481 */
482
5ec1fd3d
MS		 483 cupsdRemoveSelect(httpGetFd(con->http));
484
996acce8 485 httpClose(con->http);
ef416fc2 486
5e6c3df7
MS		 487 if (con->filename)
488 {
489 unlink(con->filename);
490 cupsdClearString(&con->filename);
491 }
492
ef416fc2 493 cupsdClearString(&con->command);
494 cupsdClearString(&con->options);
b86bc4cf 495 cupsdClearString(&con->query_string);
ef416fc2 496
497 if (con->request)
498 {
499 ippDelete(con->request);
500 con->request = NULL;
501 }
502
503 if (con->response)
504 {
505 ippDelete(con->response);
506 con->response = NULL;
507 }
508
509 if (con->language)
510 {
511 cupsLangFree(con->language);
512 con->language = NULL;
513 }
514
f7deaa1a 515#ifdef HAVE_AUTHORIZATION_H
516 if (con->authref)
517 {
518 AuthorizationFree(con->authref, kAuthorizationFlagDefaults);
519 con->authref = NULL;
520 }
521#endif /* HAVE_AUTHORIZATION_H */
522
ef416fc2 523 /*
524 * Re-enable new client connections if we are going back under the
525 * limit...
526 */
527
bd7854cb 528 if (cupsArrayCount(Clients) == MaxClients)
ef416fc2 529 cupsdResumeListening();
530
531 /*
532 * Compact the list of clients as necessary...
533 */
534
bd7854cb 535 cupsArrayRemove(Clients, con);
ef416fc2 536
bd7854cb 537 free(con);
ef416fc2 538 }
539
540 return (partial);
541}
542
543
ef416fc2 544/*
545 * 'cupsdReadClient()' - Read data from a client.
546 */
547
f7deaa1a 548void
ef416fc2 549cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */
550{
551 char line[32768], /* Line from client... */
ef416fc2 552 locale[64], /* Locale */
553 *ptr; /* Pointer into strings */
ef416fc2 554 http_status_t status; /* Transfer status */
555 ipp_state_t ipp_state; /* State of IPP transfer */
556 int bytes; /* Number of bytes to POST */
557 char *filename; /* Name of file for GET/HEAD */
558 char buf[1024]; /* Buffer for real filename */
559 struct stat filestats; /* File information */
560 mime_type_t *type; /* MIME type of file */
ef416fc2 561 static unsigned request_id = 0; /* Request ID for temp files */
562
563
5ec1fd3d 564 status = HTTP_STATUS_CONTINUE;
ef416fc2 565
ffe32673 566 cupsdLogClient(con, CUPSD_LOG_DEBUG2, "cupsdReadClient: error=%d, used=%d, state=%s, data_encoding=HTTP_ENCODING_%s, data_remaining=" CUPS_LLFMT ", request=%p(%s), file=%d", httpError(con->http), (int)httpGetReady(con->http), httpStateString(httpGetState(con->http)), httpIsChunked(con->http) ? "CHUNKED" : "LENGTH", CUPS_LLCAST httpGetRemaining(con->http), con->request, con->request ? ippStateString(ippGetState(con->request)) : "", con->file);
ef416fc2 567
2c030c7a
MS		 568 if (httpError(con->http) == EPIPE && !httpGetReady(con->http) && recv(httpGetFd(con->http), buf, 1, MSG_PEEK) < 1)
569 {
570 /*
571 * Connection closed...
572 */
573
574 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing on EOF.");
575 cupsdCloseClient(con);
576 return;
577 }
578
43dcaf3b
MS		 579 if (httpGetState(con->http) == HTTP_STATE_GET_SEND ||
580 httpGetState(con->http) == HTTP_STATE_POST_SEND ||
581 httpGetState(con->http) == HTTP_STATE_STATUS)
582 {
583 /*
584 * If we get called in the wrong state, then something went wrong with the
585 * connection and we need to shut it down...
586 */
587
ffe32673 588 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing on unexpected HTTP read state %s.", httpStateString(httpGetState(con->http)));
43dcaf3b
MS		 589 cupsdCloseClient(con);
590 return;
591 }
592
ef416fc2 593#ifdef HAVE_SSL
594 if (con->auto_ssl)
595 {
596 /*
597 * Automatically check for a SSL/TLS handshake...
598 */
599
600 con->auto_ssl = 0;
601
996acce8 602 if (recv(httpGetFd(con->http), buf, 1, MSG_PEEK) == 1 &&
ef416fc2 603 (!buf[0] || !strchr("DGHOPT", buf[0])))
604 {
605 /*
606 * Encrypt this connection...
607 */
608
ffe32673 609 cupsdLogClient(con, CUPSD_LOG_DEBUG2, "Saw first byte %02X, auto-negotiating SSL/TLS session.", buf[0] & 255);
ef416fc2 610
d3d89474 611 if (cupsd_start_tls(con, HTTP_ENCRYPTION_ALWAYS))
f7deaa1a 612 cupsdCloseClient(con);
411affcf 613
f7deaa1a 614 return;
ef416fc2 615 }
616 }
617#endif /* HAVE_SSL */
618
5ec1fd3d 619 switch (httpGetState(con->http))
ef416fc2 620 {
cb7f98ee 621 case HTTP_STATE_WAITING :
ef416fc2 622 /*
623 * See if we've received a request line...
624 */
625
d21dc0ed
MS		 626 con->operation = httpReadRequest(con->http, con->uri, sizeof(con->uri));
627 if (con->operation == HTTP_STATE_ERROR ||
628 con->operation == HTTP_STATE_UNKNOWN_METHOD ||
629 con->operation == HTTP_STATE_UNKNOWN_VERSION)
ef416fc2 630 {
d21dc0ed 631 if (httpError(con->http))
996acce8
MS		 632 cupsdLogClient(con, CUPSD_LOG_DEBUG,
633 "HTTP_STATE_WAITING Closing for error %d (%s)",
5ec1fd3d 634 httpError(con->http), strerror(httpError(con->http)));
f11a948a 635 else
996acce8 636 cupsdLogClient(con, CUPSD_LOG_DEBUG,
d21dc0ed
MS		 637 "HTTP_STATE_WAITING Closing on error: %s",
638 cupsLastErrorString());
f11a948a 639
f7deaa1a 640 cupsdCloseClient(con);
641 return;
ef416fc2 642 }
643
644 /*
645 * Ignore blank request lines...
646 */
647
d21dc0ed 648 if (con->operation == HTTP_STATE_WAITING)
ef416fc2 649 break;
650
651 /*
652 * Clear other state variables...
653 */
654
d21dc0ed
MS		 655 con->bytes = 0;
656 con->file = -1;
657 con->file_ready = 0;
658 con->pipe_pid = 0;
659 con->username[0] = '\0';
660 con->password[0] = '\0';
ef416fc2 661
662 cupsdClearString(&con->command);
663 cupsdClearString(&con->options);
b86bc4cf 664 cupsdClearString(&con->query_string);
ef416fc2 665
2abf387c 666 if (con->request)
667 {
668 ippDelete(con->request);
669 con->request = NULL;
670 }
671
672 if (con->response)
673 {
674 ippDelete(con->response);
675 con->response = NULL;
676 }
677
678 if (con->language)
ef416fc2 679 {
680 cupsLangFree(con->language);
681 con->language = NULL;
682 }
683
09a101d6 684#ifdef HAVE_GSSAPI
97c9a8d7 685 con->have_gss = 0;
07ed0e9a 686 con->gss_uid = 0;
09a101d6 687#endif /* HAVE_GSSAPI */
688
ef416fc2 689 /*
690 * Handle full URLs in the request line...
691 */
692
693 if (strcmp(con->uri, "*"))
694 {
e6013cfa 695 char scheme[HTTP_MAX_URI], /* Method/scheme */
ef416fc2 696 userpass[HTTP_MAX_URI], /* Username:password */
697 hostname[HTTP_MAX_URI], /* Hostname */
698 resource[HTTP_MAX_URI]; /* Resource path */
699 int port; /* Port number */
700
ef416fc2 701 /*
702 * Separate the URI into its components...
703 */
704
d21dc0ed
MS		 705 if (httpSeparateURI(HTTP_URI_CODING_MOST, con->uri,
706 scheme, sizeof(scheme),
707 userpass, sizeof(userpass),
708 hostname, sizeof(hostname), &port,
709 resource, sizeof(resource)) < HTTP_URI_STATUS_OK)
710 {
711 cupsdLogClient(con, CUPSD_LOG_ERROR, "Bad URI \"%s\" in request.",
712 con->uri);
713 cupsdSendError(con, HTTP_STATUS_METHOD_NOT_ALLOWED, CUPSD_AUTH_NONE);
714 cupsdCloseClient(con);
715 return;
716 }
ef416fc2 717
d21dc0ed 718 /*
ef416fc2 719 * Only allow URIs with the servername, localhost, or an IP
720 * address...
721 */
722
e6013cfa 723 if (strcmp(scheme, "file") &&
88f9aafc
MS		 724 _cups_strcasecmp(hostname, ServerName) &&
725 _cups_strcasecmp(hostname, "localhost") &&
d21dc0ed 726 !cupsArrayFind(ServerAlias, hostname) &&
e6013cfa 727 !isdigit(hostname[0]) && hostname[0] != '[')
ef416fc2 728 {
729 /*
730 * Nope, we don't do proxies...
731 */
732
996acce8
MS		 733 cupsdLogClient(con, CUPSD_LOG_ERROR, "Bad URI \"%s\" in request.",
734 con->uri);
5ec1fd3d 735 cupsdSendError(con, HTTP_STATUS_METHOD_NOT_ALLOWED, CUPSD_AUTH_NONE);
f7deaa1a 736 cupsdCloseClient(con);
737 return;
ef416fc2 738 }
739
740 /*
741 * Copy the resource portion back into the URI; both resource and
742 * con->uri are HTTP_MAX_URI bytes in size...
743 */
744
5a9febac 745 strlcpy(con->uri, resource, sizeof(con->uri));
ef416fc2 746 }
747
748 /*
749 * Process the request...
750 */
751
dfd5680b 752 gettimeofday(&(con->start), NULL);
ef416fc2 753
996acce8 754 cupsdLogClient(con, CUPSD_LOG_DEBUG, "%s %s HTTP/%d.%d",
a73ca01e 755 httpStateString(con->operation) + 11, con->uri,
d21dc0ed
MS		 756 httpGetVersion(con->http) / 100,
757 httpGetVersion(con->http) % 100);
ef416fc2 758
49d87452
MS		 759 if (!cupsArrayFind(ActiveClients, con))
760 {
761 cupsArrayAdd(ActiveClients, con);
e4e37194 762 cupsdSetBusyState(0);
49d87452 763 }
3dfe78b3 764
cb7f98ee
MS		 765 case HTTP_STATE_OPTIONS :
766 case HTTP_STATE_DELETE :
767 case HTTP_STATE_GET :
768 case HTTP_STATE_HEAD :
769 case HTTP_STATE_POST :
770 case HTTP_STATE_PUT :
771 case HTTP_STATE_TRACE :
ef416fc2 772 /*
773 * Parse incoming parameters until the status changes...
774 */
775
5ec1fd3d
MS		 776 while ((status = httpUpdate(con->http)) == HTTP_STATUS_CONTINUE)
777 if (!httpGetReady(con->http))
f7deaa1a 778 break;
ef416fc2 779
5ec1fd3d 780 if (status != HTTP_STATUS_OK && status != HTTP_STATUS_CONTINUE)
ef416fc2 781 {
5ec1fd3d 782 if (httpError(con->http) && httpError(con->http) != EPIPE)
996acce8
MS		 783 cupsdLogClient(con, CUPSD_LOG_DEBUG,
784 "Closing for error %d (%s) while reading headers.",
5ec1fd3d 785 httpError(con->http), strerror(httpError(con->http)));
f11a948a 786 else
996acce8
MS		 787 cupsdLogClient(con, CUPSD_LOG_DEBUG,
788 "Closing on EOF while reading headers.");
f11a948a 789
5ec1fd3d 790 cupsdSendError(con, HTTP_STATUS_BAD_REQUEST, CUPSD_AUTH_NONE);
f7deaa1a 791 cupsdCloseClient(con);
792 return;
ef416fc2 793 }
794 break;
795
796 default :
5ec1fd3d 797 if (!httpGetReady(con->http) && recv(httpGetFd(con->http), buf, 1, MSG_PEEK) < 1)
e6013cfa
MS		 798 {
799 /*
800 * Connection closed...
801 */
802
996acce8 803 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing on EOF.");
e6013cfa
MS		 804 cupsdCloseClient(con);
805 return;
806 }
ef416fc2 807 break; /* Anti-compiler-warning-code */
808 }
809
810 /*
811 * Handle new transfers...
812 */
813
884b7ed1 814 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Read: status=%d, state=%d", status, httpGetState(con->http));
dfc45c1b 815
5ec1fd3d 816 if (status == HTTP_STATUS_OK)
ef416fc2 817 {
4feb1fe2
MS		 818 /*
819 * Record whether the client is a web browser. "Mozilla" was the original
820 * and it seems that every web browser in existence now uses that as the
821 * prefix with additional information identifying *which* browser.
822 *
823 * Chrome (at least) has problems with multiple WWW-Authenticate values in
824 * a single header, so we only report Basic or Negotiate to web browsers and
825 * leave the multiple choices to the native CUPS client...
826 */
827
828 con->is_browser = !strncmp(httpGetField(con->http, HTTP_FIELD_USER_AGENT), "Mozilla/", 8);
829
5ec1fd3d 830 if (httpGetField(con->http, HTTP_FIELD_ACCEPT_LANGUAGE)[0])
ef416fc2 831 {
832 /*
833 * Figure out the locale from the Accept-Language and Content-Type
834 * fields...
835 */
836
5ec1fd3d 837 if ((ptr = strchr(httpGetField(con->http, HTTP_FIELD_ACCEPT_LANGUAGE),
f11a948a 838 ',')) != NULL)
ef416fc2 839 *ptr = '\0';
840
5ec1fd3d 841 if ((ptr = strchr(httpGetField(con->http, HTTP_FIELD_ACCEPT_LANGUAGE),
f11a948a 842 ';')) != NULL)
ef416fc2 843 *ptr = '\0';
844
5ec1fd3d 845 if ((ptr = strstr(httpGetField(con->http, HTTP_FIELD_CONTENT_TYPE),
f11a948a 846 "charset=")) != NULL)
ef416fc2 847 {
848 /*
849 * Combine language and charset, and trim any extra params in the
850 * content-type.
851 */
852
853 snprintf(locale, sizeof(locale), "%s.%s",
5ec1fd3d 854 httpGetField(con->http, HTTP_FIELD_ACCEPT_LANGUAGE), ptr + 8);
ef416fc2 855
856 if ((ptr = strchr(locale, ',')) != NULL)
857 *ptr = '\0';
858 }
859 else
f8b3a85b 860 snprintf(locale, sizeof(locale), "%s.UTF-8",
5ec1fd3d 861 httpGetField(con->http, HTTP_FIELD_ACCEPT_LANGUAGE));
d6ae789d 862
ef416fc2 863 con->language = cupsLangGet(locale);
864 }
865 else
866 con->language = cupsLangGet(DefaultLocale);
867
868 cupsdAuthorize(con);
869
5ec1fd3d 870 if (!_cups_strncasecmp(httpGetField(con->http, HTTP_FIELD_CONNECTION),
85dda01c 871 "Keep-Alive", 10) && KeepAlive)
5ec1fd3d
MS		 872 httpSetKeepAlive(con->http, HTTP_KEEPALIVE_ON);
873 else if (!_cups_strncasecmp(httpGetField(con->http, HTTP_FIELD_CONNECTION),
85dda01c 874 "close", 5))
5ec1fd3d 875 httpSetKeepAlive(con->http, HTTP_KEEPALIVE_OFF);
ef416fc2 876
5ec1fd3d
MS		 877 if (!httpGetField(con->http, HTTP_FIELD_HOST)[0] &&
878 httpGetVersion(con->http) >= HTTP_VERSION_1_1)
ef416fc2 879 {
880 /*
881 * HTTP/1.1 and higher require the "Host:" field...
882 */
883
5ec1fd3d 884 if (!cupsdSendError(con, HTTP_STATUS_BAD_REQUEST, CUPSD_AUTH_NONE))
f7deaa1a 885 {
996acce8 886 cupsdLogClient(con, CUPSD_LOG_ERROR, "Missing Host: field in request.");
f7deaa1a 887 cupsdCloseClient(con);
888 return;
889 }
ef416fc2 890 }
e07d4801 891 else if (!valid_host(con))
e6013cfa
MS		 892 {
893 /*
894 * Access to localhost must use "localhost" or the corresponding IPv4
895 * or IPv6 values in the Host: field.
896 */
897
996acce8
MS		 898 cupsdLogClient(con, CUPSD_LOG_ERROR,
899 "Request from \"%s\" using invalid Host: field \"%s\".",
5ec1fd3d 900 httpGetHostname(con->http, NULL, 0), httpGetField(con->http, HTTP_FIELD_HOST));
e6013cfa 901
5ec1fd3d 902 if (!cupsdSendError(con, HTTP_STATUS_BAD_REQUEST, CUPSD_AUTH_NONE))
e6013cfa
MS		 903 {
904 cupsdCloseClient(con);
905 return;
906 }
907 }
cb7f98ee 908 else if (con->operation == HTTP_STATE_OPTIONS)
ef416fc2 909 {
910 /*
911 * Do OPTIONS command...
912 */
913
5bd77a73 914 if (con->best && con->best->type != CUPSD_AUTH_NONE)
ef416fc2 915 {
a73ca01e
MS		 916 httpClearFields(con->http);
917
5ec1fd3d 918 if (!cupsdSendHeader(con, HTTP_STATUS_UNAUTHORIZED, NULL, CUPSD_AUTH_NONE))
f7deaa1a 919 {
920 cupsdCloseClient(con);
921 return;
922 }
ef416fc2 923 }
924
a80b2360 925 if (!_cups_strcasecmp(httpGetField(con->http, HTTP_FIELD_CONNECTION), "Upgrade") && strstr(httpGetField(con->http, HTTP_FIELD_UPGRADE), "TLS/") != NULL && !httpIsEncrypted(con->http))
ef416fc2 926 {
927#ifdef HAVE_SSL
928 /*
929 * Do encryption stuff...
930 */
931
a73ca01e 932 httpClearFields(con->http);
ef416fc2 933
e200616a
MS		 934 if (!cupsdSendHeader(con, HTTP_STATUS_SWITCHING_PROTOCOLS, NULL, CUPSD_AUTH_NONE))
935 {
936 cupsdCloseClient(con);
937 return;
938 }
e200616a 939
d3d89474 940 if (cupsd_start_tls(con, HTTP_ENCRYPTION_REQUIRED))
f7deaa1a 941 {
942 cupsdCloseClient(con);
943 return;
944 }
ef416fc2 945#else
7d5824d6 946 if (!cupsdSendError(con, HTTP_STATUS_NOT_IMPLEMENTED, CUPSD_AUTH_NONE))
f7deaa1a 947 {
948 cupsdCloseClient(con);
949 return;
950 }
ef416fc2 951#endif /* HAVE_SSL */
952 }
953
a73ca01e 954 httpClearFields(con->http);
e200616a
MS		 955 httpSetField(con->http, HTTP_FIELD_CONTENT_LENGTH, "0");
956
957 if (!cupsdSendHeader(con, HTTP_STATUS_OK, NULL, CUPSD_AUTH_NONE))
958 {
959 cupsdCloseClient(con);
960 return;
961 }
ef416fc2 962 }
963 else if (!is_path_absolute(con->uri))
964 {
965 /*
966 * Protect against malicious users!
967 */
968
996acce8
MS		 969 cupsdLogClient(con, CUPSD_LOG_ERROR,
970 "Request for non-absolute resource \"%s\".", con->uri);
bf3816c7 971
5ec1fd3d 972 if (!cupsdSendError(con, HTTP_STATUS_FORBIDDEN, CUPSD_AUTH_NONE))
f7deaa1a 973 {
974 cupsdCloseClient(con);
975 return;
976 }
ef416fc2 977 }
978 else
979 {
5ec1fd3d 980 if (!_cups_strcasecmp(httpGetField(con->http, HTTP_FIELD_CONNECTION),
d21dc0ed 981 "Upgrade") && !httpIsEncrypted(con->http))
ef416fc2 982 {
983#ifdef HAVE_SSL
984 /*
985 * Do encryption stuff...
986 */
987
a73ca01e 988 httpClearFields(con->http);
ef416fc2 989
e200616a
MS		 990 if (!cupsdSendHeader(con, HTTP_STATUS_SWITCHING_PROTOCOLS, NULL,
991 CUPSD_AUTH_NONE))
992 {
993 cupsdCloseClient(con);
994 return;
995 }
ef416fc2 996
d3d89474 997 if (cupsd_start_tls(con, HTTP_ENCRYPTION_REQUIRED))
f7deaa1a 998 {
999 cupsdCloseClient(con);
1000 return;
1001 }
ef416fc2 1002#else
7d5824d6 1003 if (!cupsdSendError(con, HTTP_STATUS_NOT_IMPLEMENTED, CUPSD_AUTH_NONE))
f7deaa1a 1004 {
1005 cupsdCloseClient(con);
1006 return;
1007 }
ef416fc2 1008#endif /* HAVE_SSL */
1009 }
1010
5ec1fd3d 1011 if ((status = cupsdIsAuthorized(con, NULL)) != HTTP_STATUS_OK)
ef416fc2 1012 {
5bd77a73 1013 cupsdSendError(con, status, CUPSD_AUTH_NONE);
f7deaa1a 1014 cupsdCloseClient(con);
1015 return;
ef416fc2 1016 }
1017
d21dc0ed 1018 if (httpGetExpect(con->http) &&
cb7f98ee 1019 (con->operation == HTTP_STATE_POST || con->operation == HTTP_STATE_PUT))
ef416fc2 1020 {
d21dc0ed 1021 if (httpGetExpect(con->http) == HTTP_STATUS_CONTINUE)
b423cd4c 1022 {
1023 /*
1024 * Send 100-continue header...
1025 */
1026
a73ca01e 1027 if (httpWriteResponse(con->http, HTTP_STATUS_CONTINUE))
f7deaa1a 1028 {
1029 cupsdCloseClient(con);
1030 return;
1031 }
b423cd4c 1032 }
1033 else
1034 {
1035 /*
1036 * Send 417-expectation-failed header...
1037 */
1038
a73ca01e 1039 httpClearFields(con->http);
e200616a
MS		 1040 httpSetField(con->http, HTTP_FIELD_CONTENT_LENGTH, "0");
1041
a73ca01e
MS		 1042 cupsdSendError(con, HTTP_STATUS_EXPECTATION_FAILED, CUPSD_AUTH_NONE);
1043 cupsdCloseClient(con);
1044 return;
b423cd4c 1045 }
ef416fc2 1046 }
1047
5ec1fd3d 1048 switch (httpGetState(con->http))
ef416fc2 1049 {
cb7f98ee 1050 case HTTP_STATE_GET_SEND :
dfc45c1b
MS		 1051 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Processing GET %s", con->uri);
1052
2fa1ba3c
MS		 1053 if ((filename = get_file(con, &filestats, buf, sizeof(buf))) != NULL)
1054 {
1055 type = mimeFileType(MimeDatabase, filename, NULL, NULL);
ef416fc2 1056
2fa1ba3c 1057 cupsdLogClient(con, CUPSD_LOG_DEBUG, "filename=\"%s\", type=%s/%s", filename, type ? type->super : "", type ? type->type : "");
ef416fc2 1058
2fa1ba3c 1059 if (is_cgi(con, filename, &filestats, type))
6961465f 1060 {
2fa1ba3c
MS		 1061 /*
1062 * Note: con->command and con->options were set by is_cgi()...
1063 */
6961465f 1064
2fa1ba3c 1065 if (!cupsdSendCommand(con, con->command, con->options, 0))
6961465f 1066 {
2fa1ba3c 1067 if (!cupsdSendError(con, HTTP_STATUS_NOT_FOUND, CUPSD_AUTH_NONE))
6961465f 1068 {
2fa1ba3c
MS		 1069 cupsdCloseClient(con);
1070 return;
6961465f 1071 }
2fa1ba3c
MS		 1072 }
1073 else
1074 cupsdLogRequest(con, HTTP_STATUS_OK);
6961465f 1075
2fa1ba3c
MS		 1076 if (httpGetVersion(con->http) <= HTTP_VERSION_1_0)
1077 httpSetKeepAlive(con->http, HTTP_KEEPALIVE_OFF);
1078 break;
6961465f 1079 }
db8b865d 1080
2fa1ba3c
MS		 1081 if (!check_if_modified(con, &filestats))
1082 {
1083 if (!cupsdSendError(con, HTTP_STATUS_NOT_MODIFIED, CUPSD_AUTH_NONE))
f7deaa1a 1084 {
1085 cupsdCloseClient(con);
1086 return;
1087 }
ef416fc2 1088 }
2fa1ba3c 1089 else
6961465f 1090 {
2fa1ba3c
MS		 1091 if (type == NULL)
1092 strlcpy(line, "text/plain", sizeof(line));
1093 else
1094 snprintf(line, sizeof(line), "%s/%s", type->super, type->type);
7cf5915e 1095
2fa1ba3c 1096 if (!write_file(con, HTTP_STATUS_OK, filename, line, &filestats))
7cf5915e
MS		 1097 {
1098 cupsdCloseClient(con);
1099 return;
1100 }
7cf5915e 1101 }
2fa1ba3c 1102 }
eff8c82f 1103 else if (!buf[0] && (!strncmp(con->uri, "/admin", 6) || !strncmp(con->uri, "/classes", 8) || !strncmp(con->uri, "/help", 5) || !strncmp(con->uri, "/jobs", 5) || !strncmp(con->uri, "/printers", 9)))
ef416fc2 1104 {
f07c0121
MS		 1105 if (!WebInterface)
1106 {
1107 /*
1108 * Web interface is disabled. Show an appropriate message...
1109 */
1110
1111 if (!cupsdSendError(con, HTTP_STATUS_CUPS_WEBIF_DISABLED, CUPSD_AUTH_NONE))
1112 {
1113 cupsdCloseClient(con);
1114 return;
1115 }
1116
1117 break;
1118 }
1119
ef416fc2 1120 /*
1121 * Send CGI output...
1122 */
1123
1124 if (!strncmp(con->uri, "/admin", 6))
1125 {
2fa1ba3c 1126 cupsdSetStringf(&con->command, "%s/cgi-bin/admin.cgi", ServerBin);
b423cd4c 1127 cupsdSetString(&con->options, strchr(con->uri + 6, '?'));
ef416fc2 1128 }
ef416fc2 1129 else if (!strncmp(con->uri, "/classes", 8))
1130 {
2fa1ba3c 1131 cupsdSetStringf(&con->command, "%s/cgi-bin/classes.cgi", ServerBin);
b423cd4c 1132 if (con->uri[8] && con->uri[9])
1133 cupsdSetString(&con->options, con->uri + 8);
1134 else
1135 cupsdSetString(&con->options, NULL);
ef416fc2 1136 }
1137 else if (!strncmp(con->uri, "/jobs", 5))
1138 {
2fa1ba3c 1139 cupsdSetStringf(&con->command, "%s/cgi-bin/jobs.cgi", ServerBin);
b423cd4c 1140 if (con->uri[5] && con->uri[6])
1141 cupsdSetString(&con->options, con->uri + 5);
1142 else
1143 cupsdSetString(&con->options, NULL);
ef416fc2 1144 }
eff8c82f
MS		 1145 else if (!strncmp(con->uri, "/printers", 9))
1146 {
1147 cupsdSetStringf(&con->command, "%s/cgi-bin/printers.cgi", ServerBin);
1148 if (con->uri[9] && con->uri[10])
1149 cupsdSetString(&con->options, con->uri + 9);
1150 else
1151 cupsdSetString(&con->options, NULL);
1152 }
ef416fc2 1153 else
1154 {
2fa1ba3c 1155 cupsdSetStringf(&con->command, "%s/cgi-bin/help.cgi", ServerBin);
b423cd4c 1156 if (con->uri[5] && con->uri[6])
1157 cupsdSetString(&con->options, con->uri + 5);
1158 else
1159 cupsdSetString(&con->options, NULL);
1160 }
ef416fc2 1161
1162 if (!cupsdSendCommand(con, con->command, con->options, 0))
1163 {
5ec1fd3d 1164 if (!cupsdSendError(con, HTTP_STATUS_NOT_FOUND, CUPSD_AUTH_NONE))
f7deaa1a 1165 {
1166 cupsdCloseClient(con);
1167 return;
1168 }
ef416fc2 1169 }
1170 else
5ec1fd3d 1171 cupsdLogRequest(con, HTTP_STATUS_OK);
ef416fc2 1172
d21dc0ed 1173 if (httpGetVersion(con->http) <= HTTP_VERSION_1_0)
5ec1fd3d 1174 httpSetKeepAlive(con->http, HTTP_KEEPALIVE_OFF);
ef416fc2 1175 }
2fa1ba3c 1176 else
ef416fc2 1177 {
2fa1ba3c 1178 if (!cupsdSendError(con, HTTP_STATUS_NOT_FOUND, CUPSD_AUTH_NONE))
f7deaa1a 1179 {
1180 cupsdCloseClient(con);
1181 return;
1182 }
ef416fc2 1183 }
1184 break;
1185
cb7f98ee 1186 case HTTP_STATE_POST_RECV :
ef416fc2 1187 /*
1188 * See if the POST request includes a Content-Length field, and if
1189 * so check the length against any limits that are set...
1190 */
1191
2fa1ba3c 1192 if (httpGetField(con->http, HTTP_FIELD_CONTENT_LENGTH)[0] && MaxRequestSize > 0 && httpGetLength2(con->http) > MaxRequestSize)
ef416fc2 1193 {
1194 /*
1195 * Request too large...
1196 */
1197
5ec1fd3d 1198 if (!cupsdSendError(con, HTTP_STATUS_REQUEST_TOO_LARGE, CUPSD_AUTH_NONE))
f7deaa1a 1199 {
1200 cupsdCloseClient(con);
1201 return;
1202 }
ef416fc2 1203
1204 break;
1205 }
d21dc0ed 1206 else if (httpGetLength2(con->http) < 0)
ef416fc2 1207 {
1208 /*
1209 * Negative content lengths are invalid!
1210 */
1211
5ec1fd3d 1212 if (!cupsdSendError(con, HTTP_STATUS_BAD_REQUEST, CUPSD_AUTH_NONE))
f7deaa1a 1213 {
1214 cupsdCloseClient(con);
1215 return;
1216 }
ef416fc2 1217
1218 break;
1219 }
1220
1221 /*
1222 * See what kind of POST request this is; for IPP requests the
1223 * content-type field will be "application/ipp"...
1224 */
1225
2fa1ba3c
MS		 1226 if (!strcmp(httpGetField(con->http, HTTP_FIELD_CONTENT_TYPE), "application/ipp"))
1227 {
ef416fc2 1228 con->request = ippNew();
2fa1ba3c
MS		 1229 break;
1230 }
229681c1
MS		 1231 else if (!WebInterface)
1232 {
1233 /*
1234 * Web interface is disabled. Show an appropriate message...
1235 */
1236
5ec1fd3d 1237 if (!cupsdSendError(con, HTTP_STATUS_CUPS_WEBIF_DISABLED, CUPSD_AUTH_NONE))
229681c1
MS		 1238 {
1239 cupsdCloseClient(con);
1240 return;
1241 }
1242
1243 break;
1244 }
2fa1ba3c
MS		 1245
1246 if ((filename = get_file(con, &filestats, buf, sizeof(buf))) != NULL)
1247 {
1248 /*
1249 * POST to a file...
1250 */
1251
1252 type = mimeFileType(MimeDatabase, filename, NULL, NULL);
1253
1254 if (!is_cgi(con, filename, &filestats, type))
1255 {
1256 /*
1257 * Only POST to CGI's...
1258 */
1259
1260 if (!cupsdSendError(con, HTTP_STATUS_UNAUTHORIZED, CUPSD_AUTH_NONE))
1261 {
1262 cupsdCloseClient(con);
1263 return;
1264 }
1265 }
1266 }
1267 else if (!strncmp(con->uri, "/admin", 6) || !strncmp(con->uri, "/printers", 9) || !strncmp(con->uri, "/classes", 8) || !strncmp(con->uri, "/help", 5) || !strncmp(con->uri, "/jobs", 5))
ef416fc2 1268 {
1269 /*
1270 * CGI request...
1271 */
1272
1273 if (!strncmp(con->uri, "/admin", 6))
1274 {
2fa1ba3c 1275 cupsdSetStringf(&con->command, "%s/cgi-bin/admin.cgi", ServerBin);
b423cd4c 1276 cupsdSetString(&con->options, strchr(con->uri + 6, '?'));
ef416fc2 1277 }
1278 else if (!strncmp(con->uri, "/printers", 9))
1279 {
2fa1ba3c 1280 cupsdSetStringf(&con->command, "%s/cgi-bin/printers.cgi", ServerBin);
b423cd4c 1281 if (con->uri[9] && con->uri[10])
1282 cupsdSetString(&con->options, con->uri + 9);
1283 else
1284 cupsdSetString(&con->options, NULL);
ef416fc2 1285 }
1286 else if (!strncmp(con->uri, "/classes", 8))
1287 {
2fa1ba3c 1288 cupsdSetStringf(&con->command, "%s/cgi-bin/classes.cgi", ServerBin);
b423cd4c 1289 if (con->uri[8] && con->uri[9])
1290 cupsdSetString(&con->options, con->uri + 8);
1291 else
1292 cupsdSetString(&con->options, NULL);
ef416fc2 1293 }
1294 else if (!strncmp(con->uri, "/jobs", 5))
1295 {
2fa1ba3c 1296 cupsdSetStringf(&con->command, "%s/cgi-bin/jobs.cgi", ServerBin);
b423cd4c 1297 if (con->uri[5] && con->uri[6])
1298 cupsdSetString(&con->options, con->uri + 5);
1299 else
1300 cupsdSetString(&con->options, NULL);
ef416fc2 1301 }
1302 else
1303 {
2fa1ba3c 1304 cupsdSetStringf(&con->command, "%s/cgi-bin/help.cgi", ServerBin);
b423cd4c 1305 if (con->uri[5] && con->uri[6])
1306 cupsdSetString(&con->options, con->uri + 5);
1307 else
1308 cupsdSetString(&con->options, NULL);
1309 }
ef416fc2 1310
d21dc0ed 1311 if (httpGetVersion(con->http) <= HTTP_VERSION_1_0)
5ec1fd3d 1312 httpSetKeepAlive(con->http, HTTP_KEEPALIVE_OFF);
ef416fc2 1313 }
1314 else
1315 {
2fa1ba3c 1316 if (!cupsdSendError(con, HTTP_STATUS_NOT_FOUND, CUPSD_AUTH_NONE))
ef416fc2 1317 {
2fa1ba3c
MS		 1318 cupsdCloseClient(con);
1319 return;
ef416fc2 1320 }
1321 }
1322 break;
1323
cb7f98ee 1324 case HTTP_STATE_PUT_RECV :
ef416fc2 1325 /*
1326 * Validate the resource name...
1327 */
1328
c41769ff 1329 if (strcmp(con->uri, "/admin/conf/cupsd.conf"))
ef416fc2 1330 {
1331 /*
c41769ff 1332 * PUT can only be done to the cupsd.conf file...
ef416fc2 1333 */
1334
2fa1ba3c 1335 cupsdLogClient(con, CUPSD_LOG_ERROR, "Disallowed PUT request for \"%s\".", con->uri);
bf3816c7 1336
5ec1fd3d 1337 if (!cupsdSendError(con, HTTP_STATUS_FORBIDDEN, CUPSD_AUTH_NONE))
f7deaa1a 1338 {
1339 cupsdCloseClient(con);
1340 return;
1341 }
ef416fc2 1342
1343 break;
1344 }
1345
1346 /*
1347 * See if the PUT request includes a Content-Length field, and if
1348 * so check the length against any limits that are set...
1349 */
1350
2fa1ba3c 1351 if (httpGetField(con->http, HTTP_FIELD_CONTENT_LENGTH)[0] && MaxRequestSize > 0 && httpGetLength2(con->http) > MaxRequestSize)
ef416fc2 1352 {
1353 /*
1354 * Request too large...
1355 */
1356
5ec1fd3d 1357 if (!cupsdSendError(con, HTTP_STATUS_REQUEST_TOO_LARGE, CUPSD_AUTH_NONE))
f7deaa1a 1358 {
1359 cupsdCloseClient(con);
1360 return;
1361 }
ef416fc2 1362
1363 break;
1364 }
d21dc0ed 1365 else if (httpGetLength2(con->http) < 0)
ef416fc2 1366 {
1367 /*
1368 * Negative content lengths are invalid!
1369 */
1370
5ec1fd3d 1371 if (!cupsdSendError(con, HTTP_STATUS_BAD_REQUEST, CUPSD_AUTH_NONE))
f7deaa1a 1372 {
1373 cupsdCloseClient(con);
1374 return;
1375 }
ef416fc2 1376
1377 break;
1378 }
1379
1380 /*
1381 * Open a temporary file to hold the request...
1382 */
1383
2fa1ba3c 1384 cupsdSetStringf(&con->filename, "%s/%08x", RequestRoot, request_id ++);
ef416fc2 1385 con->file = open(con->filename, O_WRONLY | O_CREAT | O_TRUNC, 0640);
1386
ef416fc2 1387 if (con->file < 0)
1388 {
2fa1ba3c 1389 cupsdLogClient(con, CUPSD_LOG_ERROR, "Unable to create request file \"%s\": %s", con->filename, strerror(errno));
a4924f6c 1390
5ec1fd3d 1391 if (!cupsdSendError(con, HTTP_STATUS_REQUEST_TOO_LARGE, CUPSD_AUTH_NONE))
f7deaa1a 1392 {
1393 cupsdCloseClient(con);
1394 return;
1395 }
ef416fc2 1396 }
1397
1398 fchmod(con->file, 0640);
1399 fchown(con->file, RunUser, Group);
1400 fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC);
1401 break;
1402
cb7f98ee
MS		 1403 case HTTP_STATE_DELETE :
1404 case HTTP_STATE_TRACE :
5ec1fd3d 1405 cupsdSendError(con, HTTP_STATUS_NOT_IMPLEMENTED, CUPSD_AUTH_NONE);
f7deaa1a 1406 cupsdCloseClient(con);
1407 return;
ef416fc2 1408
cb7f98ee 1409 case HTTP_STATE_HEAD :
2fa1ba3c
MS		 1410 if ((filename = get_file(con, &filestats, buf, sizeof(buf))) != NULL)
1411 {
1412 if (!check_if_modified(con, &filestats))
ef416fc2 1413 {
2fa1ba3c 1414 if (!cupsdSendError(con, HTTP_STATUS_NOT_MODIFIED, CUPSD_AUTH_NONE))
f7deaa1a 1415 {
1416 cupsdCloseClient(con);
1417 return;
1418 }
ef416fc2 1419
2fa1ba3c 1420 cupsdLogRequest(con, HTTP_STATUS_NOT_MODIFIED);
ef416fc2 1421 }
229681c1
MS		 1422 else
1423 {
2fa1ba3c
MS		 1424 /*
1425 * Serve a file...
1426 */
1427
1428 type = mimeFileType(MimeDatabase, filename, NULL, NULL);
1429 if (type == NULL)
1430 strlcpy(line, "text/plain", sizeof(line));
1431 else
1432 snprintf(line, sizeof(line), "%s/%s", type->super, type->type);
1433
1434 httpClearFields(con->http);
1435
1436 httpSetField(con->http, HTTP_FIELD_LAST_MODIFIED, httpGetDateString(filestats.st_mtime));
1437 httpSetLength(con->http, (size_t)filestats.st_size);
1438
1439 if (!cupsdSendHeader(con, HTTP_STATUS_OK, line, CUPSD_AUTH_NONE))
229681c1
MS		 1440 {
1441 cupsdCloseClient(con);
1442 return;
1443 }
1444
2fa1ba3c 1445 cupsdLogRequest(con, HTTP_STATUS_OK);
229681c1 1446 }
2fa1ba3c 1447 }
229681c1
MS		 1448 else if (!WebInterface)
1449 {
a73ca01e
MS		 1450 httpClearFields(con->http);
1451
5ec1fd3d 1452 if (!cupsdSendHeader(con, HTTP_STATUS_OK, NULL, CUPSD_AUTH_NONE))
229681c1
MS		 1453 {
1454 cupsdCloseClient(con);
1455 return;
1456 }
1457
e200616a 1458 cupsdLogRequest(con, HTTP_STATUS_OK);
229681c1
MS		 1459 break;
1460 }
ef416fc2 1461
eff8c82f 1462 if (!buf[0] && (!strncmp(con->uri, "/admin", 6) || !strncmp(con->uri, "/classes", 8) || !strncmp(con->uri, "/help", 5) || !strncmp(con->uri, "/jobs", 5) || !strncmp(con->uri, "/printers", 9)))
ef416fc2 1463 {
1464 /*
1465 * CGI output...
1466 */
1467
a73ca01e
MS		 1468 httpClearFields(con->http);
1469
5ec1fd3d 1470 if (!cupsdSendHeader(con, HTTP_STATUS_OK, "text/html", CUPSD_AUTH_NONE))
f7deaa1a 1471 {
1472 cupsdCloseClient(con);
1473 return;
1474 }
ef416fc2 1475
5ec1fd3d 1476 cupsdLogRequest(con, HTTP_STATUS_OK);
ef416fc2 1477 }
ef416fc2 1478 else
1479 {
a73ca01e
MS		 1480 httpClearFields(con->http);
1481
2fa1ba3c 1482 if (!cupsdSendHeader(con, HTTP_STATUS_NOT_FOUND, "text/html", CUPSD_AUTH_NONE))
f7deaa1a 1483 {
1484 cupsdCloseClient(con);
1485 return;
1486 }
ef416fc2 1487
2fa1ba3c 1488 cupsdLogRequest(con, HTTP_STATUS_NOT_FOUND);
ef416fc2 1489 }
ef416fc2 1490 break;
1491
1492 default :
1493 break; /* Anti-compiler-warning-code */
1494 }
1495 }
1496 }
1497
1498 /*
1499 * Handle any incoming data...
1500 */
1501
5ec1fd3d 1502 switch (httpGetState(con->http))
ef416fc2 1503 {
cb7f98ee 1504 case HTTP_STATE_PUT_RECV :
f7deaa1a 1505 do
ef416fc2 1506 {
996acce8 1507 if ((bytes = httpRead2(con->http, line, sizeof(line))) < 0)
f7deaa1a 1508 {
5ec1fd3d 1509 if (httpError(con->http) && httpError(con->http) != EPIPE)
996acce8
MS		 1510 cupsdLogClient(con, CUPSD_LOG_DEBUG,
1511 "HTTP_STATE_PUT_RECV Closing for error %d (%s)",
5ec1fd3d 1512 httpError(con->http), strerror(httpError(con->http)));
f11a948a 1513 else
996acce8
MS		 1514 cupsdLogClient(con, CUPSD_LOG_DEBUG,
1515 "HTTP_STATE_PUT_RECV Closing on EOF.");
f11a948a 1516
f7deaa1a 1517 cupsdCloseClient(con);
1518 return;
1519 }
1520 else if (bytes > 0)
1521 {
1522 con->bytes += bytes;
ef416fc2 1523
34c67f13
MS		 1524 if (MaxRequestSize > 0 && con->bytes > MaxRequestSize)
1525 {
1526 close(con->file);
1527 con->file = -1;
1528 unlink(con->filename);
1529 cupsdClearString(&con->filename);
1530
1531 if (!cupsdSendError(con, HTTP_STATUS_REQUEST_TOO_LARGE, CUPSD_AUTH_NONE))
1532 {
1533 cupsdCloseClient(con);
1534 return;
1535 }
1536 }
1537
7e86f2f6 1538 if (write(con->file, line, (size_t)bytes) < bytes)
f7deaa1a 1539 {
996acce8
MS		 1540 cupsdLogClient(con, CUPSD_LOG_ERROR,
1541 "Unable to write %d bytes to \"%s\": %s", bytes,
1542 con->filename, strerror(errno));
ef416fc2 1543
f7deaa1a 1544 close(con->file);
1545 con->file = -1;
1546 unlink(con->filename);
1547 cupsdClearString(&con->filename);
ef416fc2 1548
5ec1fd3d 1549 if (!cupsdSendError(con, HTTP_STATUS_REQUEST_TOO_LARGE, CUPSD_AUTH_NONE))
f7deaa1a 1550 {
1551 cupsdCloseClient(con);
1552 return;
1553 }
1554 }
ef416fc2 1555 }
a4708bb0
MS		 1556 else if (httpGetState(con->http) == HTTP_STATE_PUT_RECV)
1557 {
1558 cupsdCloseClient(con);
1559 return;
1560 }
f7deaa1a 1561 }
5ec1fd3d 1562 while (httpGetState(con->http) == HTTP_STATE_PUT_RECV && httpGetReady(con->http));
ef416fc2 1563
5ec1fd3d 1564 if (httpGetState(con->http) == HTTP_STATE_STATUS)
ef416fc2 1565 {
1566 /*
1567 * End of file, see how big it is...
1568 */
1569
1570 fstat(con->file, &filestats);
1571
ef416fc2 1572 close(con->file);
1573 con->file = -1;
1574
1575 if (filestats.st_size > MaxRequestSize &&
1576 MaxRequestSize > 0)
1577 {
1578 /*
1579 * Request is too big; remove it and send an error...
1580 */
1581
ef416fc2 1582 unlink(con->filename);
1583 cupsdClearString(&con->filename);
1584
5ec1fd3d 1585 if (!cupsdSendError(con, HTTP_STATUS_REQUEST_TOO_LARGE, CUPSD_AUTH_NONE))
f7deaa1a 1586 {
1587 cupsdCloseClient(con);
1588 return;
1589 }
ef416fc2 1590 }
1591
1592 /*
1593 * Install the configuration file...
1594 */
1595
c41769ff 1596 status = install_cupsd_conf(con);
ef416fc2 1597
1598 /*
1599 * Return the status to the client...
1600 */
1601
5bd77a73 1602 if (!cupsdSendError(con, status, CUPSD_AUTH_NONE))
f7deaa1a 1603 {
1604 cupsdCloseClient(con);
1605 return;
1606 }
ef416fc2 1607 }
1608 break;
1609
cb7f98ee 1610 case HTTP_STATE_POST_RECV :
f7deaa1a 1611 do
ef416fc2 1612 {
f11a948a 1613 if (con->request && con->file < 0)
ef416fc2 1614 {
f7deaa1a 1615 /*
1616 * Grab any request data from the connection...
1617 */
ef416fc2 1618
175bc798
MS		 1619 if (!httpWait(con->http, 0))
1620 return;
1621
5ec1fd3d 1622 if ((ipp_state = ippRead(con->http, con->request)) == IPP_STATE_ERROR)
ef416fc2 1623 {
996acce8
MS		 1624 cupsdLogClient(con, CUPSD_LOG_ERROR, "IPP read error: %s",
1625 cupsLastErrorString());
f7deaa1a 1626
5ec1fd3d 1627 cupsdSendError(con, HTTP_STATUS_BAD_REQUEST, CUPSD_AUTH_NONE);
f7deaa1a 1628 cupsdCloseClient(con);
1629 return;
ef416fc2 1630 }
5ec1fd3d 1631 else if (ipp_state != IPP_STATE_DATA)
f7deaa1a 1632 {
5ec1fd3d 1633 if (httpGetState(con->http) == HTTP_STATE_POST_SEND)
f7deaa1a 1634 {
5ec1fd3d 1635 cupsdSendError(con, HTTP_STATUS_BAD_REQUEST, CUPSD_AUTH_NONE);
f7deaa1a 1636 cupsdCloseClient(con);
1637 return;
1638 }
ef416fc2 1639
5ec1fd3d 1640 if (httpGetReady(con->http))
6961465f 1641 continue;
f7deaa1a 1642 break;
1643 }
1644 else
f11a948a 1645 {
996acce8
MS		 1646 cupsdLogClient(con, CUPSD_LOG_DEBUG, "%d.%d %s %d",
1647 con->request->request.op.version[0],
f11a948a
MS		 1648 con->request->request.op.version[1],
1649 ippOpString(con->request->request.op.operation_id),
1650 con->request->request.op.request_id);
7d5824d6 1651 con->bytes += (off_t)ippLength(con->request);
f11a948a 1652 }
f7deaa1a 1653 }
ef416fc2 1654
5ec1fd3d 1655 if (con->file < 0 && httpGetState(con->http) != HTTP_STATE_POST_SEND)
f7deaa1a 1656 {
1657 /*
1658 * Create a file as needed for the request data...
1659 */
ef416fc2 1660
f11a948a
MS		 1661 cupsdSetStringf(&con->filename, "%s/%08x", RequestRoot,
1662 request_id ++);
f7deaa1a 1663 con->file = open(con->filename, O_WRONLY | O_CREAT | O_TRUNC, 0640);
ef416fc2 1664
f7deaa1a 1665 if (con->file < 0)
1666 {
996acce8
MS		 1667 cupsdLogClient(con, CUPSD_LOG_ERROR,
1668 "Unable to create request file \"%s\": %s",
1669 con->filename, strerror(errno));
a4924f6c 1670
5ec1fd3d 1671 if (!cupsdSendError(con, HTTP_STATUS_REQUEST_TOO_LARGE, CUPSD_AUTH_NONE))
f7deaa1a 1672 {
1673 cupsdCloseClient(con);
1674 return;
1675 }
1676 }
ef416fc2 1677
f7deaa1a 1678 fchmod(con->file, 0640);
1679 fchown(con->file, RunUser, Group);
1680 fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC);
1681 }
ef416fc2 1682
5ec1fd3d 1683 if (httpGetState(con->http) != HTTP_STATE_POST_SEND)
ef416fc2 1684 {
996acce8 1685 if (!httpWait(con->http, 0))
cb7f98ee 1686 return;
996acce8 1687 else if ((bytes = httpRead2(con->http, line, sizeof(line))) < 0)
f7deaa1a 1688 {
5ec1fd3d 1689 if (httpError(con->http) && httpError(con->http) != EPIPE)
996acce8
MS		 1690 cupsdLogClient(con, CUPSD_LOG_DEBUG,
1691 "HTTP_STATE_POST_SEND Closing for error %d (%s)",
5ec1fd3d 1692 httpError(con->http), strerror(httpError(con->http)));
f11a948a 1693 else
996acce8
MS		 1694 cupsdLogClient(con, CUPSD_LOG_DEBUG,
1695 "HTTP_STATE_POST_SEND Closing on EOF.");
f11a948a 1696
f7deaa1a 1697 cupsdCloseClient(con);
1698 return;
1699 }
1700 else if (bytes > 0)
1701 {
1702 con->bytes += bytes;
ef416fc2 1703
34c67f13
MS		 1704 if (MaxRequestSize > 0 && con->bytes > MaxRequestSize)
1705 {
1706 close(con->file);
1707 con->file = -1;
1708 unlink(con->filename);
1709 cupsdClearString(&con->filename);
1710
1711 if (!cupsdSendError(con, HTTP_STATUS_REQUEST_TOO_LARGE, CUPSD_AUTH_NONE))
1712 {
1713 cupsdCloseClient(con);
1714 return;
1715 }
1716 }
1717
7e86f2f6 1718 if (write(con->file, line, (size_t)bytes) < bytes)
f7deaa1a 1719 {
996acce8
MS		 1720 cupsdLogClient(con, CUPSD_LOG_ERROR,
1721 "Unable to write %d bytes to \"%s\": %s",
1722 bytes, con->filename, strerror(errno));
ef416fc2 1723
f7deaa1a 1724 close(con->file);
1725 con->file = -1;
1726 unlink(con->filename);
1727 cupsdClearString(&con->filename);
ef416fc2 1728
5ec1fd3d 1729 if (!cupsdSendError(con, HTTP_STATUS_REQUEST_TOO_LARGE,
f11a948a 1730 CUPSD_AUTH_NONE))
f7deaa1a 1731 {
1732 cupsdCloseClient(con);
1733 return;
1734 }
1735 }
1736 }
5ec1fd3d 1737 else if (httpGetState(con->http) == HTTP_STATE_POST_RECV)
f7deaa1a 1738 return;
5ec1fd3d 1739 else if (httpGetState(con->http) != HTTP_STATE_POST_SEND)
f7deaa1a 1740 {
996acce8
MS		 1741 cupsdLogClient(con, CUPSD_LOG_DEBUG,
1742 "Closing on unexpected state %s.",
5ec1fd3d 1743 httpStateString(httpGetState(con->http)));
f7deaa1a 1744 cupsdCloseClient(con);
1745 return;
ef416fc2 1746 }
1747 }
f7deaa1a 1748 }
5ec1fd3d 1749 while (httpGetState(con->http) == HTTP_STATE_POST_RECV && httpGetReady(con->http));
ef416fc2 1750
5ec1fd3d 1751 if (httpGetState(con->http) == HTTP_STATE_POST_SEND)
ef416fc2 1752 {
1753 if (con->file >= 0)
1754 {
1755 fstat(con->file, &filestats);
1756
ef416fc2 1757 close(con->file);
1758 con->file = -1;
1759
1760 if (filestats.st_size > MaxRequestSize &&
1761 MaxRequestSize > 0)
1762 {
1763 /*
1764 * Request is too big; remove it and send an error...
1765 */
1766
ef416fc2 1767 unlink(con->filename);
1768 cupsdClearString(&con->filename);
1769
1770 if (con->request)
1771 {
1772 /*
1773 * Delete any IPP request data...
1774 */
1775
1776 ippDelete(con->request);
1777 con->request = NULL;
1778 }
1779
5ec1fd3d 1780 if (!cupsdSendError(con, HTTP_STATUS_REQUEST_TOO_LARGE, CUPSD_AUTH_NONE))
f7deaa1a 1781 {
1782 cupsdCloseClient(con);
1783 return;
1784 }
ef416fc2 1785 }
f8b3a85b
MS		 1786 else if (filestats.st_size == 0)
1787 {
1788 /*
1789 * Don't allow empty file...
1790 */
1791
1792 unlink(con->filename);
1793 cupsdClearString(&con->filename);
1794 }
ef416fc2 1795
1796 if (con->command)
1797 {
1798 if (!cupsdSendCommand(con, con->command, con->options, 0))
1799 {
5ec1fd3d 1800 if (!cupsdSendError(con, HTTP_STATUS_NOT_FOUND, CUPSD_AUTH_NONE))
f7deaa1a 1801 {
1802 cupsdCloseClient(con);
1803 return;
1804 }
ef416fc2 1805 }
1806 else
5ec1fd3d 1807 cupsdLogRequest(con, HTTP_STATUS_OK);
ef416fc2 1808 }
1809 }
1810
1811 if (con->request)
f7deaa1a 1812 {
1813 cupsdProcessIPPRequest(con);
bc44d920 1814
1815 if (con->filename)
1816 {
bc44d920 1817 unlink(con->filename);
1818 cupsdClearString(&con->filename);
1819 }
1820
f7deaa1a 1821 return;
1822 }
ef416fc2 1823 }
1824 break;
1825
1826 default :
1827 break; /* Anti-compiler-warning-code */
1828 }
1829
5ec1fd3d 1830 if (httpGetState(con->http) == HTTP_STATE_WAITING)
3dfe78b3 1831 {
5ec1fd3d 1832 if (!httpGetKeepAlive(con->http))
f11a948a 1833 {
996acce8
MS		 1834 cupsdLogClient(con, CUPSD_LOG_DEBUG,
1835 "Closing because Keep-Alive is disabled.");
3dfe78b3 1836 cupsdCloseClient(con);
f11a948a 1837 }
3dfe78b3
MS		 1838 else
1839 {
1840 cupsArrayRemove(ActiveClients, con);
e4e37194 1841 cupsdSetBusyState(0);
3dfe78b3
MS		 1842 }
1843 }
ef416fc2 1844}
1845
1846
1847/*
1848 * 'cupsdSendCommand()' - Send output from a command via HTTP.
1849 */
1850
1851int /* O - 1 on success, 0 on failure */
1852cupsdSendCommand(
1853 cupsd_client_t *con, /* I - Client connection */
1854 char *command, /* I - Command to run */
1855 char *options, /* I - Command-line options */
1856 int root) /* I - Run as root? */
1857{
1858 int fd; /* Standard input file descriptor */
1859
1860
1861 if (con->filename)
ed486911 1862 {
ef416fc2 1863 fd = open(con->filename, O_RDONLY);
ef416fc2 1864
ed486911 1865 if (fd < 0)
1866 {
996acce8
MS		 1867 cupsdLogClient(con, CUPSD_LOG_ERROR,
1868 "Unable to open \"%s\" for reading: %s",
1869 con->filename ? con->filename : "/dev/null",
1870 strerror(errno));
ed486911 1871 return (0);
1872 }
ef416fc2 1873
ed486911 1874 fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC);
1875 }
1876 else
1877 fd = -1;
ef416fc2 1878
e200616a
MS		 1879 con->pipe_pid = pipe_command(con, fd, &(con->file), command, options, root);
1880 con->pipe_status = HTTP_STATUS_OK;
ef416fc2 1881
a73ca01e
MS		 1882 httpClearFields(con->http);
1883
ed486911 1884 if (fd >= 0)
1885 close(fd);
ef416fc2 1886
996acce8
MS		 1887 cupsdLogClient(con, CUPSD_LOG_INFO, "Started \"%s\" (pid=%d, file=%d)",
1888 command, con->pipe_pid, con->file);
ef416fc2 1889
1890 if (con->pipe_pid == 0)
1891 return (0);
1892
1893 fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC);
1894
f899b121 1895 cupsdAddSelect(con->file, (cupsd_selfunc_t)write_pipe, NULL, con);
ef416fc2 1896
996acce8 1897 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Waiting for CGI data.");
1bc82dd9 1898
ef416fc2 1899 con->sent_header = 0;
1900 con->file_ready = 0;
1901 con->got_fields = 0;
68b10830 1902 con->header_used = 0;
ef416fc2 1903
1904 return (1);
1905}
1906
1907
1908/*
1909 * 'cupsdSendError()' - Send an error message via HTTP.
1910 */
1911
1912int /* O - 1 if successful, 0 otherwise */
1913cupsdSendError(cupsd_client_t *con, /* I - Connection */
f899b121 1914 http_status_t code, /* I - Error code */
1915 int auth_type)/* I - Authentication type */
ef416fc2 1916{
f7c0e880
MS		 1917 char location[HTTP_MAX_VALUE]; /* Location field */
1918
1919
ffe32673 1920 cupsdLogClient(con, CUPSD_LOG_DEBUG2, "cupsdSendError code=%d, auth_type=%d", code, auth_type);
b9faaae1 1921
4744bd90 1922#ifdef HAVE_SSL
1923 /*
1924 * Force client to upgrade for authentication if that is how the
1925 * server is configured...
1926 */
1927
5ec1fd3d
MS		 1928 if (code == HTTP_STATUS_UNAUTHORIZED &&
1929 DefaultEncryption == HTTP_ENCRYPTION_REQUIRED &&
1930 _cups_strcasecmp(httpGetHostname(con->http, NULL, 0), "localhost") &&
1931 !httpIsEncrypted(con->http))
4744bd90 1932 {
5ec1fd3d 1933 code = HTTP_STATUS_UPGRADE_REQUIRED;
4744bd90 1934 }
1935#endif /* HAVE_SSL */
1936
ef416fc2 1937 /*
1938 * Put the request in the access_log file...
1939 */
1940
1941 cupsdLogRequest(con, code);
1942
ef416fc2 1943 /*
1944 * To work around bugs in some proxies, don't use Keep-Alive for some
1945 * error messages...
f7deaa1a 1946 *
1947 * Kerberos authentication doesn't work without Keep-Alive, so
1948 * never disable it in that case.
ef416fc2 1949 */
1950
f7c0e880
MS		 1951 strlcpy(location, httpGetField(con->http, HTTP_FIELD_LOCATION), sizeof(location));
1952
a73ca01e 1953 httpClearFields(con->http);
2c030c7a 1954 httpClearCookie(con->http);
a73ca01e 1955
f7c0e880
MS		 1956 httpSetField(con->http, HTTP_FIELD_LOCATION, location);
1957
5ec1fd3d
MS		 1958 if (code >= HTTP_STATUS_BAD_REQUEST && con->type != CUPSD_AUTH_NEGOTIATE)
1959 httpSetKeepAlive(con->http, HTTP_KEEPALIVE_OFF);
ef416fc2 1960
d21dc0ed 1961 if (httpGetVersion(con->http) >= HTTP_VERSION_1_1 &&
5ec1fd3d 1962 httpGetKeepAlive(con->http) == HTTP_KEEPALIVE_OFF)
e200616a 1963 httpSetField(con->http, HTTP_FIELD_CONNECTION, "close");
ef416fc2 1964
5ec1fd3d 1965 if (code >= HTTP_STATUS_BAD_REQUEST)
ef416fc2 1966 {
1967 /*
1968 * Send a human-readable error message.
1969 */
1970
80ca4592 1971 char message[4096], /* Message for user */
1972 urltext[1024], /* URL redirection text */
1973 redirect[1024]; /* Redirection link */
ef416fc2 1974 const char *text; /* Status-specific text */
1975
80ca4592 1976
1977 redirect[0] = '\0';
1978
5ec1fd3d 1979 if (code == HTTP_STATUS_UNAUTHORIZED)
e923f65f 1980 {
ef416fc2 1981 text = _cupsLangString(con->language,
1982 _("Enter your username and password or the "
1983 "root username and password to access this "
f7deaa1a 1984 "page. If you are using Kerberos authentication, "
1985 "make sure you have a valid Kerberos ticket."));
e923f65f
MS		 1986 }
1987 else if (code == HTTP_STATUS_FORBIDDEN)
1988 {
1989 if (con->username[0])
1990 text = _cupsLangString(con->language, _("Your account does not have the necessary privileges."));
1991 else
1992 text = _cupsLangString(con->language, _("You cannot access this page."));
1993 }
5ec1fd3d 1994 else if (code == HTTP_STATUS_UPGRADE_REQUIRED)
80ca4592 1995 {
1996 text = urltext;
1997
7cc71486
MS		 1998 snprintf(urltext, sizeof(urltext), _cupsLangString(con->language, _("You must access this page using the URL https://%s:%d%s.")), con->servername, con->serverport, con->uri);
1999
2000 snprintf(redirect, sizeof(redirect), "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"3;URL=https://%s:%d%s\">\n", con->servername, con->serverport, con->uri);
80ca4592 2001 }
5ec1fd3d 2002 else if (code == HTTP_STATUS_CUPS_WEBIF_DISABLED)
229681c1
MS		 2003 text = _cupsLangString(con->language,
2004 _("The web interface is currently disabled. Run "
2005 "\"cupsctl WebInterface=yes\" to enable it."));
ef416fc2 2006 else
2007 text = "";
2008
2009 snprintf(message, sizeof(message),
745129be
MS		 2010 "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" "
2011 "\"http://www.w3.org/TR/html4/loose.dtd\">\n"
ef416fc2 2012 "<HTML>\n"
2013 "<HEAD>\n"
2014 "\t<META HTTP-EQUIV=\"Content-Type\" "
2015 "CONTENT=\"text/html; charset=utf-8\">\n"
229681c1 2016 "\t<TITLE>%s - " CUPS_SVERSION "</TITLE>\n"
ef416fc2 2017 "\t<LINK REL=\"STYLESHEET\" TYPE=\"text/css\" "
2018 "HREF=\"/cups.css\">\n"
80ca4592 2019 "%s"
ef416fc2 2020 "</HEAD>\n"
2021 "<BODY>\n"
229681c1 2022 "<H1>%s</H1>\n"
ef416fc2 2023 "<P>%s</P>\n"
2024 "</BODY>\n"
2025 "</HTML>\n",
41e6c1f1
MS		 2026 _httpStatus(con->language, code), redirect,
2027 _httpStatus(con->language, code), text);
ef416fc2 2028
43dcaf3b
MS		 2029 /*
2030 * Send an error message back to the client. If the error code is a
2031 * 400 or 500 series, make sure the message contains some text, too!
2032 */
2033
2034 size_t length = strlen(message); /* Length of message */
e200616a 2035
43dcaf3b 2036 httpSetLength(con->http, length);
e200616a
MS		 2037
2038 if (!cupsdSendHeader(con, code, "text/html", auth_type))
ef416fc2 2039 return (0);
ebeb3268 2040
43dcaf3b
MS		 2041 if (httpWrite2(con->http, message, length) < 0)
2042 return (0);
2043
2044 if (httpFlushWrite(con->http) < 0)
ef416fc2 2045 return (0);
2046 }
e200616a
MS		 2047 else
2048 {
2049 httpSetField(con->http, HTTP_FIELD_CONTENT_LENGTH, "0");
a469f8a5 2050
e200616a
MS		 2051 if (!cupsdSendHeader(con, code, NULL, auth_type))
2052 return (0);
2053 }
ef416fc2 2054
2055 return (1);
2056}
2057
2058
ef416fc2 2059/*
2060 * 'cupsdSendHeader()' - Send an HTTP request.
2061 */
2062
2063int /* O - 1 on success, 0 on failure */
f899b121 2064cupsdSendHeader(
2065 cupsd_client_t *con, /* I - Client to send to */
2066 http_status_t code, /* I - HTTP status code */
2067 char *type, /* I - MIME type of document */
2068 int auth_type) /* I - Type of authentication */
ef416fc2 2069{
5a738aea 2070 char auth_str[1024]; /* Authorization string */
f7deaa1a 2071
2072
f3211b6d
MS		 2073 cupsdLogClient(con, CUPSD_LOG_DEBUG, "cupsdSendHeader: code=%d, type=\"%s\", auth_type=%d", code, type, auth_type);
2074
4744bd90 2075 /*
2076 * Send the HTTP status header...
2077 */
2078
a73ca01e 2079 if (code == HTTP_STATUS_CUPS_WEBIF_DISABLED)
229681c1
MS		 2080 {
2081 /*
2082 * Treat our special "web interface is disabled" status as "200 OK" for web
2083 * browsers.
2084 */
2085
5ec1fd3d 2086 code = HTTP_STATUS_OK;
229681c1 2087 }
b423cd4c 2088
ef416fc2 2089 if (ServerHeader)
e200616a 2090 httpSetField(con->http, HTTP_FIELD_SERVER, ServerHeader);
5ec1fd3d
MS		 2091
2092 if (code == HTTP_STATUS_METHOD_NOT_ALLOWED)
e200616a 2093 httpSetField(con->http, HTTP_FIELD_ALLOW, "GET, HEAD, OPTIONS, POST, PUT");
ef416fc2 2094
5ec1fd3d 2095 if (code == HTTP_STATUS_UNAUTHORIZED)
ef416fc2 2096 {
5bd77a73 2097 if (auth_type == CUPSD_AUTH_NONE)
f899b121 2098 {
5bd77a73 2099 if (!con->best || con->best->type <= CUPSD_AUTH_NONE)
dcb445bc 2100 auth_type = cupsdDefaultAuthType();
f899b121 2101 else
2102 auth_type = con->best->type;
2103 }
f7deaa1a 2104
2105 auth_str[0] = '\0';
2106
e0660879 2107 if (auth_type == CUPSD_AUTH_BASIC)
e5fee178 2108 {
f7deaa1a 2109 strlcpy(auth_str, "Basic realm=\"CUPS\"", sizeof(auth_str));
e5fee178 2110 }
eac3a0a0 2111 else if (auth_type == CUPSD_AUTH_NEGOTIATE)
6961465f 2112 {
f7deaa1a 2113 strlcpy(auth_str, "Negotiate", sizeof(auth_str));
6961465f 2114 }
f7deaa1a 2115
064e50fb 2116 if (con->best && !con->is_browser && !_cups_strcasecmp(httpGetHostname(con->http, NULL, 0), "localhost"))
ef416fc2 2117 {
e07d4801 2118 /*
064e50fb 2119 * Add a "trc" (try root certification) parameter for local
e07d4801
MS		 2120 * requests when the request requires system group membership - then the
2121 * client knows the root certificate can/should be used.
2122 *
7ec11630
MS		 2123 * Also, for macOS we also look for @AUTHKEY and add an "AuthRef key=foo"
2124 * method as needed...
e07d4801
MS		 2125 */
2126
10d09e33
MS		 2127 char *name, /* Current user name */
2128 *auth_key; /* Auth key buffer */
f7deaa1a 2129 size_t auth_size; /* Size of remaining buffer */
7ec11630 2130 int need_local = 1; /* Do we need to list "Local" method? */
f7deaa1a 2131
f7deaa1a 2132 auth_key = auth_str + strlen(auth_str);
7e86f2f6 2133 auth_size = sizeof(auth_str) - (size_t)(auth_key - auth_str);
f7deaa1a 2134
7ec11630
MS		 2135#if defined(SO_PEERCRED) && defined(AF_LOCAL)
2136 if (httpAddrFamily(httpGetAddress(con->http)) == AF_LOCAL)
2137 {
2138 strlcpy(auth_key, ", PeerCred", auth_size);
2139 auth_key += 10;
2140 auth_size -= 10;
2141 }
2142#endif /* SO_PEERCRED && AF_LOCAL */
2143
10d09e33
MS		 2144 for (name = (char *)cupsArrayFirst(con->best->names);
2145 name;
2146 name = (char *)cupsArrayNext(con->best->names))
f7deaa1a 2147 {
91bc88eb
MS		 2148 cupsdLogClient(con, CUPSD_LOG_DEBUG2, "cupsdSendHeader: require \"%s\"", name);
2149
e07d4801 2150#ifdef HAVE_AUTHORIZATION_H
88f9aafc 2151 if (!_cups_strncasecmp(name, "@AUTHKEY(", 9))
f7deaa1a 2152 {
bf265b3a 2153 snprintf(auth_key, auth_size, ", AuthRef key=\"%s\", Local trc=\"y\"", name + 9);
7ec11630 2154 need_local = 0;
f7deaa1a 2155 /* end parenthesis is stripped in conf.c */
2156 break;
2157 }
e07d4801
MS		 2158 else
2159#endif /* HAVE_AUTHORIZATION_H */
88f9aafc 2160 if (!_cups_strcasecmp(name, "@SYSTEM"))
f7deaa1a 2161 {
e07d4801
MS		 2162#ifdef HAVE_AUTHORIZATION_H
2163 if (SystemGroupAuthKey)
bf265b3a 2164 snprintf(auth_key, auth_size, ", AuthRef key=\"%s\", Local trc=\"y\"", SystemGroupAuthKey);
e07d4801 2165 else
e07d4801 2166#endif /* HAVE_AUTHORIZATION_H */
bf265b3a 2167 strlcpy(auth_key, ", Local trc=\"y\"", auth_size);
7ec11630 2168 need_local = 0;
f7deaa1a 2169 break;
2170 }
2171 }
7ec11630
MS		 2172
2173 if (need_local)
91bc88eb 2174 strlcat(auth_key, ", Local", auth_size);
ef416fc2 2175 }
f7deaa1a 2176
bc44d920 2177 if (auth_str[0])
2178 {
996acce8 2179 cupsdLogClient(con, CUPSD_LOG_DEBUG, "WWW-Authenticate: %s", auth_str);
bc44d920 2180
e200616a 2181 httpSetField(con->http, HTTP_FIELD_WWW_AUTHENTICATE, auth_str);
bc44d920 2182 }
ef416fc2 2183 }
2184
e1d6a774 2185 if (con->language && strcmp(con->language->language, "C"))
e200616a 2186 httpSetField(con->http, HTTP_FIELD_CONTENT_LANGUAGE, con->language->language);
ef416fc2 2187
e1d6a774 2188 if (type)
ef416fc2 2189 {
2190 if (!strcmp(type, "text/html"))
e200616a
MS		 2191 httpSetField(con->http, HTTP_FIELD_CONTENT_TYPE, "text/html; charset=utf-8");
2192 else
2193 httpSetField(con->http, HTTP_FIELD_CONTENT_TYPE, type);
ef416fc2 2194 }
2195
e200616a 2196 return (!httpWriteResponse(con->http, code));
ef416fc2 2197}
2198
2199
2200/*
2201 * 'cupsdUpdateCGI()' - Read status messages from CGI scripts and programs.
2202 */
2203
2204void
2205cupsdUpdateCGI(void)
2206{
2207 char *ptr, /* Pointer to end of line in buffer */
2208 message[1024]; /* Pointer to message text */
2209 int loglevel; /* Log level for message */
2210
2211
2212 while ((ptr = cupsdStatBufUpdate(CGIStatusBuffer, &loglevel,
2213 message, sizeof(message))) != NULL)
f0ab5bff
MS		 2214 {
2215 if (loglevel == CUPSD_LOG_INFO)
2216 cupsdLogMessage(CUPSD_LOG_INFO, "%s", message);
2217
ef416fc2 2218 if (!strchr(CGIStatusBuffer->buffer, '\n'))
2219 break;
f0ab5bff 2220 }
ef416fc2 2221
d09495fa 2222 if (ptr == NULL && !CGIStatusBuffer->bufused)
ef416fc2 2223 {
2224 /*
2225 * Fatal error on pipe - should never happen!
2226 */
2227
2228 cupsdLogMessage(CUPSD_LOG_CRIT,
2229 "cupsdUpdateCGI: error reading from CGI error pipe - %s",
2230 strerror(errno));
2231 }
2232}
2233
2234
2235/*
2236 * 'cupsdWriteClient()' - Write data to a client as needed.
2237 */
2238
f7deaa1a 2239void
ef416fc2 2240cupsdWriteClient(cupsd_client_t *con) /* I - Client connection */
2241{
68b10830
MS		 2242 int bytes, /* Number of bytes written */
2243 field_col; /* Current column */
2244 char *bufptr, /* Pointer into buffer */
2245 *bufend; /* Pointer to end of buffer */
ef416fc2 2246 ipp_state_t ipp_state; /* IPP state value */
2247
2248
5ec1fd3d 2249 cupsdLogClient(con, CUPSD_LOG_DEBUG, "con->http=%p", con->http);
996acce8
MS		 2250 cupsdLogClient(con, CUPSD_LOG_DEBUG,
2251 "cupsdWriteClient "
2252 "error=%d, "
2253 "used=%d, "
2254 "state=%s, "
2255 "data_encoding=HTTP_ENCODING_%s, "
2256 "data_remaining=" CUPS_LLFMT ", "
2257 "response=%p(%s), "
2258 "pipe_pid=%d, "
2259 "file=%d",
5ec1fd3d
MS		 2260 httpError(con->http), (int)httpGetReady(con->http),
2261 httpStateString(httpGetState(con->http)),
d21dc0ed
MS		 2262 httpIsChunked(con->http) ? "CHUNKED" : "LENGTH",
2263 CUPS_LLCAST httpGetLength2(con->http),
996acce8 2264 con->response,
a73ca01e 2265 con->response ? ippStateString(ippGetState(con->request)) : "",
996acce8
MS		 2266 con->pipe_pid, con->file);
2267
5ec1fd3d
MS		 2268 if (httpGetState(con->http) != HTTP_STATE_GET_SEND &&
2269 httpGetState(con->http) != HTTP_STATE_POST_SEND)
8b116e60
MS		 2270 {
2271 /*
2272 * If we get called in the wrong state, then something went wrong with the
2273 * connection and we need to shut it down...
2274 */
2275
43dcaf3b 2276 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing on unexpected HTTP write state %s.",
5ec1fd3d 2277 httpStateString(httpGetState(con->http)));
8b116e60 2278 cupsdCloseClient(con);
f7deaa1a 2279 return;
8b116e60 2280 }
f7deaa1a 2281
2282 if (con->pipe_pid)
2283 {
2284 /*
2285 * Make sure we select on the CGI output...
2286 */
2287
f899b121 2288 cupsdAddSelect(con->file, (cupsd_selfunc_t)write_pipe, NULL, con);
f7deaa1a 2289
996acce8 2290 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Waiting for CGI data.");
1bc82dd9 2291
f7deaa1a 2292 if (!con->file_ready)
2293 {
2294 /*
2295 * Try again later when there is CGI output available...
2296 */
2297
996acce8 2298 cupsdRemoveSelect(httpGetFd(con->http));
f7deaa1a 2299 return;
2300 }
2301
2302 con->file_ready = 0;
2303 }
ef416fc2 2304
209cc9b6
MS		 2305 bytes = (ssize_t)(sizeof(con->header) - (size_t)con->header_used);
2306
1720786e 2307 if (!con->pipe_pid && bytes > (ssize_t)httpGetRemaining(con->http))
209cc9b6
MS		 2308 {
2309 /*
2310 * Limit GET bytes to original size of file (STR #3265)...
2311 */
2312
2313 bytes = (ssize_t)httpGetRemaining(con->http);
2314 }
2315
5ec1fd3d 2316 if (con->response && con->response->state != IPP_STATE_DATA)
ef416fc2 2317 {
d21dc0ed 2318 size_t wused = httpGetPending(con->http); /* Previous write buffer use */
94436c5a
MS		 2319
2320 do
2321 {
2322 /*
2323 * Write a single attribute or the IPP message header...
2324 */
2325
996acce8 2326 ipp_state = ippWrite(con->http, con->response);
94436c5a
MS		 2327
2328 /*
2329 * If the write buffer has been flushed, stop buffering up attributes...
2330 */
2331
d21dc0ed 2332 if (httpGetPending(con->http) <= wused)
94436c5a
MS		 2333 break;
2334 }
2335 while (ipp_state != IPP_STATE_DATA && ipp_state != IPP_STATE_ERROR);
2336
996acce8
MS		 2337 cupsdLogClient(con, CUPSD_LOG_DEBUG,
2338 "Writing IPP response, ipp_state=%s, old "
d21dc0ed
MS		 2339 "wused=" CUPS_LLFMT ", new wused=" CUPS_LLFMT,
2340 ippStateString(ipp_state),
2341 CUPS_LLCAST wused, CUPS_LLCAST httpGetPending(con->http));
2342
2343 if (httpGetPending(con->http) > 0)
996acce8 2344 httpFlushWrite(con->http);
94436c5a
MS		 2345
2346 bytes = ipp_state != IPP_STATE_ERROR &&
2347 (con->file >= 0 || ipp_state != IPP_STATE_DATA);
21f36711 2348
996acce8
MS		 2349 cupsdLogClient(con, CUPSD_LOG_DEBUG,
2350 "bytes=%d, http_state=%d, data_remaining=" CUPS_LLFMT,
5ec1fd3d 2351 (int)bytes, httpGetState(con->http),
d21dc0ed 2352 CUPS_LLCAST httpGetLength2(con->http));
ef416fc2 2353 }
209cc9b6 2354 else if ((bytes = read(con->file, con->header + con->header_used, (size_t)bytes)) > 0)
ef416fc2 2355 {
68b10830
MS		 2356 con->header_used += bytes;
2357
ef416fc2 2358 if (con->pipe_pid && !con->got_fields)
2359 {
2360 /*
2361 * Inspect the data for Content-Type and other fields.
2362 */
2363
68b10830
MS		 2364 for (bufptr = con->header, bufend = con->header + con->header_used,
2365 field_col = 0;
2366 !con->got_fields && bufptr < bufend;
2367 bufptr ++)
d1c13e16 2368 {
ef416fc2 2369 if (*bufptr == '\n')
2370 {
2371 /*
2372 * Send line to client...
2373 */
2374
68b10830 2375 if (bufptr > con->header && bufptr[-1] == '\r')
ef416fc2 2376 bufptr[-1] = '\0';
2377 *bufptr++ = '\0';
2378
996acce8 2379 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Script header: %s", con->header);
ef416fc2 2380
2381 if (!con->sent_header)
2382 {
2383 /*
2384 * Handle redirection and CGI status codes...
2385 */
2386
e200616a
MS		 2387 http_field_t field; /* HTTP field */
2388 char *value = strchr(con->header, ':');
2389 /* Value of field */
2390
2391 if (value)
d6ae789d 2392 {
e200616a
MS		 2393 *value++ = '\0';
2394 while (isspace(*value & 255))
2395 value ++;
2396 }
321d8d57 2397
e200616a 2398 field = httpFieldValue(con->header);
07725fee 2399
e200616a
MS		 2400 if (field != HTTP_FIELD_UNKNOWN && value)
2401 {
2402 httpSetField(con->http, field, value);
2403
2404 if (field == HTTP_FIELD_LOCATION)
2405 {
2406 con->pipe_status = HTTP_STATUS_SEE_OTHER;
2407 con->sent_header = 2;
2408 }
2409 else
2410 con->sent_header = 1;
d6ae789d 2411 }
e200616a 2412 else if (!_cups_strcasecmp(con->header, "Status") && value)
07725fee 2413 {
e200616a 2414 con->pipe_status = (http_status_t)atoi(value);
07725fee 2415 con->sent_header = 2;
2416 }
e200616a 2417 else if (!_cups_strcasecmp(con->header, "Set-Cookie") && value)
4744bd90 2418 {
e200616a
MS		 2419 httpSetCookie(con->http, value);
2420 con->sent_header = 1;
2421 }
ef416fc2 2422 }
2423
ef416fc2 2424 /*
2425 * Update buffer...
2426 */
2427
68b10830 2428 con->header_used -= bufptr - con->header;
d1c13e16 2429
68b10830 2430 if (con->header_used > 0)
07623986 2431 memmove(con->header, bufptr, (size_t)con->header_used);
d1c13e16 2432
68b10830 2433 bufptr = con->header - 1;
ef416fc2 2434
2435 /*
2436 * See if the line was empty...
2437 */
2438
68b10830 2439 if (field_col == 0)
d09495fa 2440 {
ef416fc2 2441 con->got_fields = 1;
d09495fa 2442
e200616a
MS		 2443 if (httpGetVersion(con->http) == HTTP_VERSION_1_1 &&
2444 !httpGetField(con->http, HTTP_FIELD_CONTENT_LENGTH)[0])
2445 httpSetLength(con->http, 0);
2446
f3211b6d
MS		 2447 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Sending status %d for CGI.", con->pipe_status);
2448
6abe9327 2449 if (con->pipe_status == HTTP_STATUS_OK)
07725fee 2450 {
6abe9327
MS		 2451 if (!cupsdSendHeader(con, con->pipe_status, NULL, CUPSD_AUTH_NONE))
2452 {
2453 cupsdCloseClient(con);
2454 return;
2455 }
2456 }
2457 else
2458 {
2459 if (!cupsdSendError(con, con->pipe_status, CUPSD_AUTH_NONE))
2460 {
2461 cupsdCloseClient(con);
2462 return;
2463 }
07725fee 2464 }
d09495fa 2465 }
ef416fc2 2466 else
68b10830 2467 field_col = 0;
ef416fc2 2468 }
2469 else if (*bufptr != '\r')
68b10830 2470 field_col ++;
d1c13e16 2471 }
ef416fc2 2472
68b10830 2473 if (!con->got_fields)
47879b8b 2474 return;
ef416fc2 2475 }
2476
68b10830 2477 if (con->header_used > 0)
ef416fc2 2478 {
7e86f2f6 2479 if (httpWrite2(con->http, con->header, (size_t)con->header_used) < 0)
4744bd90 2480 {
996acce8 2481 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing for error %d (%s)",
5ec1fd3d 2482 httpError(con->http), strerror(httpError(con->http)));
4744bd90 2483 cupsdCloseClient(con);
f7deaa1a 2484 return;
4744bd90 2485 }
ef416fc2 2486
d21dc0ed 2487 if (httpIsChunked(con->http))
996acce8 2488 httpFlushWrite(con->http);
ae71f5de 2489
68b10830 2490 con->bytes += con->header_used;
ef416fc2 2491
5ec1fd3d 2492 if (httpGetState(con->http) == HTTP_STATE_WAITING)
4744bd90 2493 bytes = 0;
68b10830
MS		 2494 else
2495 bytes = con->header_used;
2496
2497 con->header_used = 0;
4744bd90 2498 }
ef416fc2 2499 }
2500
8b116e60 2501 if (bytes <= 0 ||
5ec1fd3d
MS		 2502 (httpGetState(con->http) != HTTP_STATE_GET_SEND &&
2503 httpGetState(con->http) != HTTP_STATE_POST_SEND))
ef416fc2 2504 {
38e73f87 2505 if (!con->sent_header && con->pipe_pid)
5ec1fd3d 2506 cupsdSendError(con, HTTP_STATUS_SERVER_ERROR, CUPSD_AUTH_NONE);
94da7e34
MS		 2507 else
2508 {
5ec1fd3d 2509 cupsdLogRequest(con, HTTP_STATUS_OK);
ef416fc2 2510
f3211b6d 2511 if (httpIsChunked(con->http) && (!con->pipe_pid || con->sent_header > 0))
ef416fc2 2512 {
dfc45c1b
MS		 2513 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Sending 0-length chunk.");
2514
996acce8 2515 if (httpWrite2(con->http, "", 0) < 0)
94da7e34 2516 {
996acce8 2517 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing for error %d (%s)",
5ec1fd3d 2518 httpError(con->http), strerror(httpError(con->http)));
94da7e34
MS		 2519 cupsdCloseClient(con);
2520 return;
2521 }
ef416fc2 2522 }
dfc45c1b
MS		 2523
2524 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Flushing write buffer.");
2525 httpFlushWrite(con->http);
2526 cupsdLogClient(con, CUPSD_LOG_DEBUG, "New state is %s", httpStateString(httpGetState(con->http)));
ef416fc2 2527 }
2528
996acce8 2529 cupsdAddSelect(httpGetFd(con->http), (cupsd_selfunc_t)cupsdReadClient, NULL, con);
ef416fc2 2530
996acce8 2531 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Waiting for request.");
1bc82dd9 2532
ef416fc2 2533 if (con->file >= 0)
2534 {
f7deaa1a 2535 cupsdRemoveSelect(con->file);
ef416fc2 2536
2537 if (con->pipe_pid)
2538 cupsdEndProcess(con->pipe_pid, 0);
2539
ef416fc2 2540 close(con->file);
2541 con->file = -1;
2542 con->pipe_pid = 0;
2543 }
2544
2545 if (con->filename)
2546 {
ef416fc2 2547 unlink(con->filename);
2548 cupsdClearString(&con->filename);
2549 }
2550
2abf387c 2551 if (con->request)
ef416fc2 2552 {
2553 ippDelete(con->request);
2554 con->request = NULL;
2555 }
2556
2abf387c 2557 if (con->response)
ef416fc2 2558 {
2559 ippDelete(con->response);
2560 con->response = NULL;
2561 }
2562
2563 cupsdClearString(&con->command);
2564 cupsdClearString(&con->options);
b86bc4cf 2565 cupsdClearString(&con->query_string);
ef416fc2 2566
5ec1fd3d 2567 if (!httpGetKeepAlive(con->http))
ef416fc2 2568 {
996acce8
MS		 2569 cupsdLogClient(con, CUPSD_LOG_DEBUG,
2570 "Closing because Keep-Alive is disabled.");
ef416fc2 2571 cupsdCloseClient(con);
f7deaa1a 2572 return;
ef416fc2 2573 }
f11a948a
MS		 2574 else
2575 {
2576 cupsArrayRemove(ActiveClients, con);
e4e37194 2577 cupsdSetBusyState(0);
f11a948a 2578 }
ef416fc2 2579 }
f7deaa1a 2580}
ef416fc2 2581
f7deaa1a 2582
e1d6a774 2583/*
2584 * 'check_if_modified()' - Decode an "If-Modified-Since" line.
2585 */
2586
2587static int /* O - 1 if modified since */
2588check_if_modified(
2589 cupsd_client_t *con, /* I - Client connection */
2590 struct stat *filestats) /* I - File information */
2591{
5ec1fd3d 2592 const char *ptr; /* Pointer into field */
e1d6a774 2593 time_t date; /* Time/date value */
2594 off_t size; /* Size/length value */
2595
2596
2597 size = 0;
2598 date = 0;
5ec1fd3d 2599 ptr = httpGetField(con->http, HTTP_FIELD_IF_MODIFIED_SINCE);
e1d6a774 2600
2601 if (*ptr == '\0')
2602 return (1);
2603
ffe32673 2604 cupsdLogClient(con, CUPSD_LOG_DEBUG2, "check_if_modified: filestats=%p(" CUPS_LLFMT ", %d)) If-Modified-Since=\"%s\"", filestats, CUPS_LLCAST filestats->st_size, (int)filestats->st_mtime, ptr);
e1d6a774 2605
2606 while (*ptr != '\0')
2607 {
2608 while (isspace(*ptr) || *ptr == ';')
2609 ptr ++;
2610
88f9aafc 2611 if (_cups_strncasecmp(ptr, "length=", 7) == 0)
e1d6a774 2612 {
2613 ptr += 7;
2614 size = strtoll(ptr, NULL, 10);
2615
2616 while (isdigit(*ptr))
2617 ptr ++;
2618 }
2619 else if (isalpha(*ptr))
2620 {
2621 date = httpGetDateTime(ptr);
2622 while (*ptr != '\0' && *ptr != ';')
2623 ptr ++;
2624 }
e53920b9 2625 else
2626 ptr ++;
e1d6a774 2627 }
2628
e1d6a774 2629 return ((size != filestats->st_size && size != 0) ||
2630 (date < filestats->st_mtime && date != 0) ||
2631 (size == 0 && date == 0));
2632}
2633
2634
3dfe78b3
MS		 2635/*
2636 * 'compare_clients()' - Compare two client connections.
2637 */
2638
2639static int /* O - Result of comparison */
2640compare_clients(cupsd_client_t *a, /* I - First client */
2641 cupsd_client_t *b, /* I - Second client */
2642 void *data) /* I - User data (not used) */
2643{
2644 (void)data;
2645
2646 if (a == b)
2647 return (0);
2648 else if (a < b)
2649 return (-1);
2650 else
2651 return (1);
2652}
2653
2654
d3d89474
MS		 2655#ifdef HAVE_SSL
2656/*
2657 * 'cupsd_start_tls()' - Start encryption on a connection.
2658 */
2659
2660static int /* O - 0 on success, -1 on error */
2661cupsd_start_tls(cupsd_client_t *con, /* I - Client connection */
2662 http_encryption_t e) /* I - Encryption mode */
2663{
d3d89474
MS		 2664 if (httpEncryption(con->http, e))
2665 {
2666 cupsdLogClient(con, CUPSD_LOG_ERROR, "Unable to encrypt connection: %s",
2667 cupsLastErrorString());
2668 return (-1);
2669 }
2670
8719e9db 2671 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Connection now encrypted.");
d3d89474
MS		 2672 return (0);
2673}
2674#endif /* HAVE_SSL */
2675
2676
ef416fc2 2677/*
2678 * 'get_file()' - Get a filename and state info.
2679 */
2680
2681static char * /* O - Real filename */
2682get_file(cupsd_client_t *con, /* I - Client connection */
2683 struct stat *filestats, /* O - File information */
2684 char *filename, /* IO - Filename buffer */
07623986 2685 size_t len) /* I - Buffer length */
ef416fc2 2686{
2687 int status; /* Status of filesystem calls */
2688 char *ptr; /* Pointer info filename */
07623986 2689 size_t plen; /* Remaining length after pointer */
d8a60ef8
MS		 2690 char language[7], /* Language subdirectory, if any */
2691 dest[1024]; /* Destination name */
112fc3c0 2692 int perm_check = 1; /* Do permissions check? */
2fa1ba3c 2693 cupsd_printer_t *p; /* Printer */
ef416fc2 2694
2695
2696 /*
f7deaa1a 2697 * Figure out the real filename...
ef416fc2 2698 */
2699
eff8c82f 2700 filename[0] = '\0';
db1f069b
MS		 2701 language[0] = '\0';
2702
bd880c0c
MS		 2703 if (!strncmp(con->uri, "/help", 5) && (con->uri[5] == '/' || !con->uri[5]))
2704 {
2705 /*
2706 * All help files are served by the help.cgi program...
2707 */
2708
2709 return (NULL);
2710 }
2711 else if ((!strncmp(con->uri, "/ppd/", 5) || !strncmp(con->uri, "/printers/", 10) || !strncmp(con->uri, "/classes/", 9)) && !strcmp(con->uri + strlen(con->uri) - 4, ".ppd"))
112fc3c0 2712 {
2fa1ba3c
MS		 2713 strlcpy(dest, strchr(con->uri + 1, '/') + 1, sizeof(dest));
2714 dest[strlen(dest) - 4] = '\0'; /* Strip .ppd */
d8a60ef8 2715
2fa1ba3c 2716 if ((p = cupsdFindDest(dest)) == NULL)
d8a60ef8 2717 {
eff8c82f 2718 strlcpy(filename, "/", len);
2fa1ba3c 2719 cupsdLogClient(con, CUPSD_LOG_INFO, "No destination \"%s\" found.", dest);
d8a60ef8
MS		 2720 return (NULL);
2721 }
2722
2fa1ba3c 2723 if (p->type & CUPS_PRINTER_CLASS)
d8a60ef8 2724 {
2fa1ba3c 2725 int i; /* Looping var */
d8a60ef8 2726
2fa1ba3c
MS		 2727 for (i = 0; i < p->num_printers; i ++)
2728 {
2729 if (!(p->printers[i]->type & CUPS_PRINTER_CLASS))
2730 {
2731 snprintf(filename, len, "%s/ppd/%s.ppd", ServerRoot, p->printers[i]->name);
2732 if (!access(filename, 0))
2733 {
2734 p = p->printers[i];
2735 break;
2736 }
2737 }
2738 }
2739
2740 if (i >= p->num_printers)
2741 p = NULL;
2742 }
2743 else
2744 snprintf(filename, len, "%s/ppd/%s.ppd", ServerRoot, p->name);
112fc3c0
MS		 2745
2746 perm_check = 0;
2747 }
2fa1ba3c 2748 else if ((!strncmp(con->uri, "/icons/", 7) || !strncmp(con->uri, "/printers/", 10) || !strncmp(con->uri, "/classes/", 9)) && !strcmp(con->uri + strlen(con->uri) - 4, ".png"))
7cf5915e 2749 {
2fa1ba3c
MS		 2750 strlcpy(dest, strchr(con->uri + 1, '/') + 1, sizeof(dest));
2751 dest[strlen(dest) - 4] = '\0'; /* Strip .png */
d8a60ef8 2752
2fa1ba3c 2753 if ((p = cupsdFindDest(dest)) == NULL)
d8a60ef8 2754 {
eff8c82f 2755 strlcpy(filename, "/", len);
2fa1ba3c 2756 cupsdLogClient(con, CUPSD_LOG_INFO, "No destination \"%s\" found.", dest);
d8a60ef8
MS		 2757 return (NULL);
2758 }
2759
2fa1ba3c 2760 if (p->type & CUPS_PRINTER_CLASS)
d8a60ef8 2761 {
2fa1ba3c
MS		 2762 int i; /* Looping var */
2763
2764 for (i = 0; i < p->num_printers; i ++)
2765 {
2766 if (!(p->printers[i]->type & CUPS_PRINTER_CLASS))
2767 {
2768 snprintf(filename, len, "%s/images/%s.png", CacheDir, p->printers[i]->name);
2769 if (!access(filename, 0))
2770 {
2771 p = p->printers[i];
2772 break;
2773 }
2774 }
2775 }
2776
2777 if (i >= p->num_printers)
2778 p = NULL;
d8a60ef8 2779 }
2fa1ba3c
MS		 2780 else
2781 snprintf(filename, len, "%s/images/%s.png", CacheDir, p->name);
d8a60ef8 2782
7cf5915e
MS		 2783 if (access(filename, F_OK) < 0)
2784 snprintf(filename, len, "%s/images/generic.png", DocumentRoot);
112fc3c0
MS		 2785
2786 perm_check = 0;
7cf5915e 2787 }
064e50fb
MS		 2788 else if (!strcmp(con->uri, "/admin/conf/cupsd.conf"))
2789 {
2790 strlcpy(filename, ConfigurationFile, len);
2791
2792 perm_check = 0;
2793 }
2794 else if (!strncmp(con->uri, "/admin/log/", 11))
2795 {
2796 if (!strncmp(con->uri + 11, "access_log", 10) && AccessLog[0] == '/')
2797 strlcpy(filename, AccessLog, len);
2798 else if (!strncmp(con->uri + 11, "error_log", 9) && ErrorLog[0] == '/')
2799 strlcpy(filename, ErrorLog, len);
2800 else if (!strncmp(con->uri + 11, "page_log", 8) && PageLog[0] == '/')
2801 strlcpy(filename, PageLog, len);
2802 else
2803 return (NULL);
2804
2805 perm_check = 0;
2806 }
eff8c82f
MS		 2807 else if (!strncmp(con->uri, "/admin", 6) || !strncmp(con->uri, "/classes", 8) || !strncmp(con->uri, "/jobs", 5) || !strncmp(con->uri, "/printers", 9))
2808 {
2809 /*
2810 * Admin/class/job/printer pages are served by CGI...
2811 */
2812
2813 return (NULL);
2814 }
f7deaa1a 2815 else if (!strncmp(con->uri, "/rss/", 5) && !strchr(con->uri + 5, '/'))
2816 snprintf(filename, len, "%s/rss/%s", CacheDir, con->uri + 5);
2fa1ba3c
MS		 2817 else if (!strncmp(con->uri, "/strings/", 9) && !strcmp(con->uri + strlen(con->uri) - 8, ".strings"))
2818 {
2819 strlcpy(dest, con->uri + 9, sizeof(dest));
2820 dest[strlen(dest) - 8] = '\0';
2821
2822 if ((p = cupsdFindDest(dest)) == NULL)
2823 {
eff8c82f 2824 strlcpy(filename, "/", len);
2fa1ba3c
MS		 2825 cupsdLogClient(con, CUPSD_LOG_INFO, "No destination \"%s\" found.", dest);
2826 return (NULL);
2827 }
2828
2829 if (!p->strings)
2830 {
eff8c82f 2831 strlcpy(filename, "/", len);
2fa1ba3c
MS		 2832 cupsdLogClient(con, CUPSD_LOG_INFO, "No strings files for \"%s\".", dest);
2833 return (NULL);
2834 }
2835
2836 strlcpy(filename, p->strings, len);
2837
2838 perm_check = 0;
2839 }
d6ae789d 2840 else if (con->language)
db1f069b
MS		 2841 {
2842 snprintf(language, sizeof(language), "/%s", con->language->language);
2843 snprintf(filename, len, "%s%s%s", DocumentRoot, language, con->uri);
2844 }
ef416fc2 2845 else
2846 snprintf(filename, len, "%s%s", DocumentRoot, con->uri);
2847
2848 if ((ptr = strchr(filename, '?')) != NULL)
2849 *ptr = '\0';
2850
2851 /*
2852 * Grab the status for this language; if there isn't a language-specific file
2853 * then fallback to the default one...
2854 */
2855
9e92ab19 2856 if ((status = lstat(filename, filestats)) != 0 && language[0] &&
7cf5915e 2857 strncmp(con->uri, "/icons/", 7) &&
d6ae789d 2858 strncmp(con->uri, "/ppd/", 5) &&
7cf5915e 2859 strncmp(con->uri, "/rss/", 5) &&
2fa1ba3c 2860 strncmp(con->uri, "/strings/", 9) &&
d6ae789d 2861 strncmp(con->uri, "/admin/conf/", 12) &&
2862 strncmp(con->uri, "/admin/log/", 11))
ef416fc2 2863 {
2864 /*
d6ae789d 2865 * Drop the country code...
ef416fc2 2866 */
2867
db1f069b
MS		 2868 language[3] = '\0';
2869 snprintf(filename, len, "%s%s%s", DocumentRoot, language, con->uri);
d6ae789d 2870
2871 if ((ptr = strchr(filename, '?')) != NULL)
2872 *ptr = '\0';
2873
36618f45 2874 if ((status = lstat(filename, filestats)) != 0)
ef416fc2 2875 {
d6ae789d 2876 /*
2877 * Drop the language prefix and try the root directory...
2878 */
2879
db1f069b 2880 language[0] = '\0';
ef416fc2 2881 snprintf(filename, len, "%s%s", DocumentRoot, con->uri);
2882
2883 if ((ptr = strchr(filename, '?')) != NULL)
2884 *ptr = '\0';
2885
36618f45 2886 status = lstat(filename, filestats);
ef416fc2 2887 }
2888 }
2889
2890 /*
36618f45
MS		 2891 * If we've found a symlink, 404 the sucker to avoid disclosing information.
2892 */
2893
2894 if (!status && S_ISLNK(filestats->st_mode))
2895 {
2896 cupsdLogClient(con, CUPSD_LOG_INFO, "Symlinks such as \"%s\" are not allowed.", filename);
2897 return (NULL);
2898 }
2899
2900 /*
2901 * Similarly, if the file/directory does not have world read permissions, do
2902 * not allow access...
2903 */
2904
112fc3c0 2905 if (!status && perm_check && !(filestats->st_mode & S_IROTH))
36618f45
MS		 2906 {
2907 cupsdLogClient(con, CUPSD_LOG_INFO, "Files/directories such as \"%s\" must be world-readable.", filename);
2908 return (NULL);
2909 }
2910
2911 /*
2912 * If we've found a directory, get the index.html file instead...
ef416fc2 2913 */
2914
2915 if (!status && S_ISDIR(filestats->st_mode))
2916 {
db1f069b
MS		 2917 /*
2918 * Make sure the URI ends with a slash...
2919 */
ef416fc2 2920
db1f069b
MS		 2921 if (con->uri[strlen(con->uri) - 1] != '/')
2922 strlcat(con->uri, "/", sizeof(con->uri));
ef416fc2 2923
db1f069b
MS		 2924 /*
2925 * Find the directory index file, trying every language...
2926 */
ef416fc2 2927
db1f069b 2928 do
ef416fc2 2929 {
db1f069b
MS		 2930 if (status && language[0])
2931 {
2932 /*
2933 * Try a different language subset...
2934 */
2935
2936 if (language[3])
630267c6 2937 language[3] = '\0'; /* Strip country code */
db1f069b
MS		 2938 else
2939 language[0] = '\0'; /* Strip language */
2940 }
2941
2942 /*
2943 * Look for the index file...
2944 */
2945
2946 snprintf(filename, len, "%s%s%s", DocumentRoot, language, con->uri);
2947
2948 if ((ptr = strchr(filename, '?')) != NULL)
2949 *ptr = '\0';
2950
2951 ptr = filename + strlen(filename);
07623986 2952 plen = len - (size_t)(ptr - filename);
db1f069b
MS		 2953
2954 strlcpy(ptr, "index.html", plen);
9e92ab19 2955 status = lstat(filename, filestats);
db1f069b
MS		 2956 }
2957 while (status && language[0]);
9e92ab19
MS		 2958
2959 /*
2960 * If we've found a symlink, 404 the sucker to avoid disclosing information.
2961 */
2962
2963 if (!status && S_ISLNK(filestats->st_mode))
2964 {
2965 cupsdLogClient(con, CUPSD_LOG_INFO, "Symlinks such as \"%s\" are not allowed.", filename);
2966 return (NULL);
2967 }
2e667a52
MS		 2968
2969 /*
2970 * Similarly, if the file/directory does not have world read permissions, do
2971 * not allow access...
2972 */
2973
112fc3c0 2974 if (!status && perm_check && !(filestats->st_mode & S_IROTH))
2e667a52
MS		 2975 {
2976 cupsdLogClient(con, CUPSD_LOG_INFO, "Files/directories such as \"%s\" must be world-readable.", filename);
2977 return (NULL);
2978 }
ef416fc2 2979 }
2980
ffe32673 2981 cupsdLogClient(con, CUPSD_LOG_DEBUG2, "get_file: filestats=%p, filename=%p, len=" CUPS_LLFMT ", returning \"%s\".", filestats, filename, CUPS_LLCAST len, status ? "(null)" : filename);
ef416fc2 2982
ef416fc2 2983 if (status)
2984 return (NULL);
2985 else
2986 return (filename);
2987}
2988
2989
2990/*
c41769ff 2991 * 'install_cupsd_conf()' - Install a configuration file.
ef416fc2 2992 */
2993
2994static http_status_t /* O - Status */
c41769ff 2995install_cupsd_conf(cupsd_client_t *con) /* I - Connection */
ef416fc2 2996{
321d8d57 2997 char filename[1024]; /* Configuration filename */
ef416fc2 2998 cups_file_t *in, /* Input file */
2999 *out; /* Output file */
321d8d57
MS		 3000 char buffer[16384]; /* Copy buffer */
3001 ssize_t bytes; /* Number of bytes */
ef416fc2 3002
3003
3004 /*
321d8d57 3005 * Open the request file...
ef416fc2 3006 */
3007
321d8d57 3008 if ((in = cupsFileOpen(con->filename, "rb")) == NULL)
ef416fc2 3009 {
996acce8 3010 cupsdLogClient(con, CUPSD_LOG_ERROR, "Unable to open request file \"%s\": %s",
321d8d57 3011 con->filename, strerror(errno));
eb93498a 3012 goto server_error;
ef416fc2 3013 }
3014
3015 /*
321d8d57 3016 * Open the new config file...
ef416fc2 3017 */
3018
cb7f98ee 3019 if ((out = cupsdCreateConfFile(ConfigurationFile, ConfigFilePerm)) == NULL)
ef416fc2 3020 {
3021 cupsFileClose(in);
eb93498a 3022 goto server_error;
ef416fc2 3023 }
3024
996acce8 3025 cupsdLogClient(con, CUPSD_LOG_INFO, "Installing config file \"%s\"...",
cb7f98ee 3026 ConfigurationFile);
ef416fc2 3027
3028 /*
3029 * Copy from the request to the new config file...
3030 */
3031
3032 while ((bytes = cupsFileRead(in, buffer, sizeof(buffer))) > 0)
7e86f2f6 3033 if (cupsFileWrite(out, buffer, (size_t)bytes) < bytes)
ef416fc2 3034 {
996acce8 3035 cupsdLogClient(con, CUPSD_LOG_ERROR,
321d8d57 3036 "Unable to copy to config file \"%s\": %s",
cb7f98ee 3037 ConfigurationFile, strerror(errno));
ef416fc2 3038
3039 cupsFileClose(in);
3040 cupsFileClose(out);
321d8d57 3041
cb7f98ee
MS		 3042 snprintf(filename, sizeof(filename), "%s.N", ConfigurationFile);
3043 cupsdUnlinkOrRemoveFile(filename);
ef416fc2 3044
eb93498a 3045 goto server_error;
ef416fc2 3046 }
3047
3048 /*
3049 * Close the files...
3050 */
3051
3052 cupsFileClose(in);
ef416fc2 3053
cb7f98ee 3054 if (cupsdCloseCreatedConfFile(out, ConfigurationFile))
eb93498a 3055 goto server_error;
ef416fc2 3056
3057 /*
3058 * Remove the request file...
3059 */
3060
cb7f98ee 3061 cupsdUnlinkOrRemoveFile(con->filename);
ef416fc2 3062 cupsdClearString(&con->filename);
3063
ef416fc2 3064 /*
c41769ff 3065 * Set the NeedReload flag...
ef416fc2 3066 */
3067
c41769ff 3068 NeedReload = RELOAD_CUPSD;
ef416fc2 3069 ReloadTime = time(NULL);
3070
3071 /*
3072 * Return that the file was created successfully...
3073 */
3074
5ec1fd3d 3075 return (HTTP_STATUS_CREATED);
eb93498a
MS		 3076
3077 /*
3078 * Common exit for errors...
3079 */
3080
3081 server_error:
3082
3083 cupsdUnlinkOrRemoveFile(con->filename);
3084 cupsdClearString(&con->filename);
3085
3086 return (HTTP_STATUS_SERVER_ERROR);
ef416fc2 3087}
3088
3089
e1d6a774 3090/*
3091 * 'is_cgi()' - Is the resource a CGI script/program?
3092 */
3093
3094static int /* O - 1 = CGI, 0 = file */
3095is_cgi(cupsd_client_t *con, /* I - Client connection */
3096 const char *filename, /* I - Real filename */
3097 struct stat *filestats, /* I - File information */
3098 mime_type_t *type) /* I - MIME type */
3099{
3100 const char *options; /* Options on URL */
3101
3102
e1d6a774 3103 /*
3104 * Get the options, if any...
3105 */
3106
3107 if ((options = strchr(con->uri, '?')) != NULL)
a0f6818e
MS		 3108 {
3109 options ++;
3110 cupsdSetStringf(&(con->query_string), "QUERY_STRING=%s", options);
3111 }
b86bc4cf 3112
e1d6a774 3113 /*
3114 * Check for known types...
3115 */
3116
88f9aafc 3117 if (!type || _cups_strcasecmp(type->super, "application"))
e1d6a774 3118 {
ffe32673 3119 cupsdLogClient(con, CUPSD_LOG_DEBUG2, "is_cgi: filename=\"%s\", filestats=%p, type=%s/%s, returning 0.", filename, filestats, type ? type->super : "unknown", type ? type->type : "unknown");
e1d6a774 3120 return (0);
3121 }
3122
d03753f3 3123 if (!_cups_strcasecmp(type->type, "x-httpd-cgi") && (filestats->st_mode & 0111) && (getuid() || !(filestats->st_mode & 022)))
e1d6a774 3124 {
3125 /*
3126 * "application/x-httpd-cgi" is a CGI script.
3127 */
3128
3129 cupsdSetString(&con->command, filename);
3130
a0f6818e
MS		 3131 if (options)
3132 cupsdSetStringf(&con->options, " %s", options);
e1d6a774 3133
ffe32673 3134 cupsdLogClient(con, CUPSD_LOG_DEBUG2, "is_cgi: filename=\"%s\", filestats=%p, type=%s/%s, returning 1.", filename, filestats, type->super, type->type);
e1d6a774 3135 return (1);
3136 }
e1d6a774 3137
ffe32673 3138 cupsdLogClient(con, CUPSD_LOG_DEBUG2, "is_cgi: filename=\"%s\", filestats=%p, type=%s/%s, returning 0.", filename, filestats, type->super, type->type);
e1d6a774 3139 return (0);
3140}
3141
3142
ef416fc2 3143/*
3144 * 'is_path_absolute()' - Is a path absolute and free of relative elements (i.e. "..").
3145 */
3146
3147static int /* O - 0 if relative, 1 if absolute */
3148is_path_absolute(const char *path) /* I - Input path */
3149{
3150 /*
3151 * Check for a leading slash...
3152 */
3153
3154 if (path[0] != '/')
3155 return (0);
3156
12163006
MS		 3157 /*
3158 * Check for "<" or quotes in the path and reject since this is probably
3159 * someone trying to inject HTML...
3160 */
3161
3162 if (strchr(path, '<') != NULL || strchr(path, '\"') != NULL || strchr(path, '\'') != NULL)
3163 return (0);
3164
ef416fc2 3165 /*
3166 * Check for "/.." in the path...
3167 */
3168
3169 while ((path = strstr(path, "/..")) != NULL)
3170 {
3171 if (!path[3] || path[3] == '/')
3172 return (0);
3173
3174 path ++;
3175 }
3176
3177 /*
3178 * If we haven't found any relative paths, return 1 indicating an
3179 * absolute path...
3180 */
3181
3182 return (1);
3183}
3184
3185
3186/*
3187 * 'pipe_command()' - Pipe the output of a command to the remote client.
3188 */
3189
3190static int /* O - Process ID */
3191pipe_command(cupsd_client_t *con, /* I - Client connection */
3192 int infile, /* I - Standard input for command */
3193 int *outfile, /* O - Standard output for command */
3194 char *command, /* I - Command to run */
3195 char *options, /* I - Options for command */
3196 int root) /* I - Run as root? */
3197{
3198 int i; /* Looping var */
3199 int pid; /* Process ID */
b423cd4c 3200 char *commptr, /* Command string pointer */
3201 commch; /* Command string character */
ef416fc2 3202 char *uriptr; /* URI string pointer */
3203 int fds[2]; /* Pipe FDs */
3204 int argc; /* Number of arguments */
3205 int envc; /* Number of environment variables */
3206 char argbuf[10240], /* Argument buffer */
3207 *argv[100], /* Argument strings */
b94498cf 3208 *envp[MAX_ENV + 20]; /* Environment variables */
c7017ecc 3209 char auth_type[256], /* AUTH_TYPE environment variable */
b94498cf 3210 content_length[1024], /* CONTENT_LENGTH environment variable */
ef416fc2 3211 content_type[1024], /* CONTENT_TYPE environment variable */
3212 http_cookie[32768], /* HTTP_COOKIE environment variable */
f7deaa1a 3213 http_referer[1024], /* HTTP_REFERER environment variable */
ef416fc2 3214 http_user_agent[1024], /* HTTP_USER_AGENT environment variable */
3215 lang[1024], /* LANG environment variable */
b423cd4c 3216 path_info[1024], /* PATH_INFO environment variable */
ef416fc2 3217 remote_addr[1024], /* REMOTE_ADDR environment variable */
3218 remote_host[1024], /* REMOTE_HOST environment variable */
3219 remote_user[1024], /* REMOTE_USER environment variable */
b94498cf 3220 script_filename[1024], /* SCRIPT_FILENAME environment variable */
ef416fc2 3221 script_name[1024], /* SCRIPT_NAME environment variable */
3222 server_name[1024], /* SERVER_NAME environment variable */
3223 server_port[1024]; /* SERVER_PORT environment variable */
7dfedb92 3224 ipp_attribute_t *attr; /* attributes-natural-language attribute */
ef416fc2 3225
3226
3227 /*
3228 * Parse a copy of the options string, which is of the form:
3229 *
b423cd4c 3230 * argument+argument+argument
3231 * ?argument+argument+argument
3232 * param=value&param=value
3233 * ?param=value&param=value
3234 * /name?argument+argument+argument
3235 * /name?param=value&param=value
ef416fc2 3236 *
3237 * If the string contains an "=" character after the initial name,
3238 * then we treat it as a HTTP GET form request and make a copy of
3239 * the remaining string for the environment variable.
3240 *
3241 * The string is always parsed out as command-line arguments, to
3242 * be consistent with Apache...
3243 */
3244
ffe32673 3245 cupsdLogClient(con, CUPSD_LOG_DEBUG2, "pipe_command: infile=%d, outfile=%p, command=\"%s\", options=\"%s\", root=%d", infile, outfile, command, options ? options : "(null)", root);
ef416fc2 3246
b86bc4cf 3247 argv[0] = command;
ef416fc2 3248
b423cd4c 3249 if (options)
13713f49 3250 strlcpy(argbuf, options, sizeof(argbuf));
b423cd4c 3251 else
3252 argbuf[0] = '\0';
3253
3254 if (argbuf[0] == '/')
ef416fc2 3255 {
3256 /*
b423cd4c 3257 * Found some trailing path information, set PATH_INFO...
ef416fc2 3258 */
3259
b423cd4c 3260 if ((commptr = strchr(argbuf, '?')) == NULL)
3261 commptr = argbuf + strlen(argbuf);
ef416fc2 3262
b423cd4c 3263 commch = *commptr;
3264 *commptr = '\0';
3265 snprintf(path_info, sizeof(path_info), "PATH_INFO=%s", argbuf);
3266 *commptr = commch;
3267 }
3268 else
3269 {
3270 commptr = argbuf;
3271 path_info[0] = '\0';
b94498cf 3272
3273 if (*commptr == ' ')
3274 commptr ++;
b423cd4c 3275 }
ef416fc2 3276
cb7f98ee 3277 if (*commptr == '?' && con->operation == HTTP_STATE_GET && !con->query_string)
b423cd4c 3278 {
3279 commptr ++;
b86bc4cf 3280 cupsdSetStringf(&(con->query_string), "QUERY_STRING=%s", commptr);
b423cd4c 3281 }
ef416fc2 3282
b423cd4c 3283 argc = 1;
ef416fc2 3284
b423cd4c 3285 if (*commptr)
3286 {
3287 argv[argc ++] = commptr;
ef416fc2 3288
b423cd4c 3289 for (; *commptr && argc < 99; commptr ++)
3290 {
ef416fc2 3291 /*
b423cd4c 3292 * Break arguments whenever we see a + or space...
ef416fc2 3293 */
3294
b423cd4c 3295 if (*commptr == ' ' || *commptr == '+')
3296 {
3297 while (*commptr == ' ' || *commptr == '+')
3298 *commptr++ = '\0';
ef416fc2 3299
b423cd4c 3300 /*
3301 * If we don't have a blank string, save it as another argument...
3302 */
ef416fc2 3303
b423cd4c 3304 if (*commptr)
3305 {
3306 argv[argc] = commptr;
3307 argc ++;
3308 }
3309 else
3310 break;
3311 }
3312 else if (*commptr == '%' && isxdigit(commptr[1] & 255) &&
3313 isxdigit(commptr[2] & 255))
3314 {
3315 /*
3316 * Convert the %xx notation to the individual character.
3317 */
ef416fc2 3318
b423cd4c 3319 if (commptr[1] >= '0' && commptr[1] <= '9')
7e86f2f6 3320 *commptr = (char)((commptr[1] - '0') << 4);
b423cd4c 3321 else
7e86f2f6 3322 *commptr = (char)((tolower(commptr[1]) - 'a' + 10) << 4);
ef416fc2 3323
b423cd4c 3324 if (commptr[2] >= '0' && commptr[2] <= '9')
3325 *commptr |= commptr[2] - '0';
3326 else
3327 *commptr |= tolower(commptr[2]) - 'a' + 10;
ef416fc2 3328
b423cd4c 3329 _cups_strcpy(commptr + 1, commptr + 3);
ef416fc2 3330
b423cd4c 3331 /*
3332 * Check for a %00 and break if that is the case...
3333 */
ef416fc2 3334
b423cd4c 3335 if (!*commptr)
3336 break;
3337 }
ef416fc2 3338 }
3339 }
3340
3341 argv[argc] = NULL;
3342
ef416fc2 3343 /*
3344 * Setup the environment variables as needed...
3345 */
3346
b94498cf 3347 if (con->username[0])
3348 {
c7017ecc 3349 snprintf(auth_type, sizeof(auth_type), "AUTH_TYPE=%s",
996acce8 3350 httpGetField(con->http, HTTP_FIELD_AUTHORIZATION));
b94498cf 3351
3352 if ((uriptr = strchr(auth_type + 10, ' ')) != NULL)
3353 *uriptr = '\0';
3354 }
3355 else
3356 auth_type[0] = '\0';
3357
2793a478 3358 if (con->request && (attr = ippFindAttribute(con->request, "attributes-natural-language", IPP_TAG_LANGUAGE)) != NULL)
7dfedb92 3359 {
2793a478 3360 cups_lang_t *language = cupsLangGet(ippGetString(attr, 0, NULL));
7dfedb92 3361
2793a478
MS		 3362 snprintf(lang, sizeof(lang), "LANG=%s.UTF8", language->language);
3363 cupsLangFree(language);
7dfedb92
MS		 3364 }
3365 else if (con->language)
3366 snprintf(lang, sizeof(lang), "LANG=%s.UTF8", con->language->language);
ef416fc2 3367 else
5a9febac 3368 strlcpy(lang, "LANG=C", sizeof(lang));
ef416fc2 3369
5a9febac 3370 strlcpy(remote_addr, "REMOTE_ADDR=", sizeof(remote_addr));
5ec1fd3d 3371 httpAddrString(httpGetAddress(con->http), remote_addr + 12,
ef416fc2 3372 sizeof(remote_addr) - 12);
3373
3374 snprintf(remote_host, sizeof(remote_host), "REMOTE_HOST=%s",
5ec1fd3d 3375 httpGetHostname(con->http, NULL, 0));
ef416fc2 3376
3377 snprintf(script_name, sizeof(script_name), "SCRIPT_NAME=%s", con->uri);
3378 if ((uriptr = strchr(script_name, '?')) != NULL)
3379 *uriptr = '\0';
3380
b94498cf 3381 snprintf(script_filename, sizeof(script_filename), "SCRIPT_FILENAME=%s%s",
3382 DocumentRoot, script_name + 12);
3383
5629a813 3384 snprintf(server_port, sizeof(server_port), "SERVER_PORT=%d", con->serverport);
ef416fc2 3385
5ec1fd3d 3386 if (httpGetField(con->http, HTTP_FIELD_HOST)[0])
0268488e
MS		 3387 {
3388 char *nameptr; /* Pointer to ":port" */
3389
3390 snprintf(server_name, sizeof(server_name), "SERVER_NAME=%s",
5ec1fd3d 3391 httpGetField(con->http, HTTP_FIELD_HOST));
0268488e
MS		 3392 if ((nameptr = strrchr(server_name, ':')) != NULL && !strchr(nameptr, ']'))
3393 *nameptr = '\0'; /* Strip trailing ":port" */
3394 }
3395 else
3396 snprintf(server_name, sizeof(server_name), "SERVER_NAME=%s",
3397 con->servername);
ef416fc2 3398
3399 envc = cupsdLoadEnv(envp, (int)(sizeof(envp) / sizeof(envp[0])));
3400
b94498cf 3401 if (auth_type[0])
3402 envp[envc ++] = auth_type;
3403
ef416fc2 3404 envp[envc ++] = lang;
3405 envp[envc ++] = "REDIRECT_STATUS=1";
b94498cf 3406 envp[envc ++] = "GATEWAY_INTERFACE=CGI/1.1";
ef416fc2 3407 envp[envc ++] = server_name;
3408 envp[envc ++] = server_port;
3409 envp[envc ++] = remote_addr;
3410 envp[envc ++] = remote_host;
3411 envp[envc ++] = script_name;
b94498cf 3412 envp[envc ++] = script_filename;
ef416fc2 3413
b423cd4c 3414 if (path_info[0])
3415 envp[envc ++] = path_info;
3416
ef416fc2 3417 if (con->username[0])
3418 {
3419 snprintf(remote_user, sizeof(remote_user), "REMOTE_USER=%s", con->username);
3420
3421 envp[envc ++] = remote_user;
3422 }
3423
d21dc0ed 3424 if (httpGetVersion(con->http) == HTTP_VERSION_1_1)
ef416fc2 3425 envp[envc ++] = "SERVER_PROTOCOL=HTTP/1.1";
d21dc0ed 3426 else if (httpGetVersion(con->http) == HTTP_VERSION_1_0)
ef416fc2 3427 envp[envc ++] = "SERVER_PROTOCOL=HTTP/1.0";
3428 else
3429 envp[envc ++] = "SERVER_PROTOCOL=HTTP/0.9";
3430
d21dc0ed 3431 if (httpGetCookie(con->http))
ef416fc2 3432 {
3433 snprintf(http_cookie, sizeof(http_cookie), "HTTP_COOKIE=%s",
d21dc0ed 3434 httpGetCookie(con->http));
ef416fc2 3435 envp[envc ++] = http_cookie;
3436 }
3437
5ec1fd3d 3438 if (httpGetField(con->http, HTTP_FIELD_USER_AGENT)[0])
ef416fc2 3439 {
3440 snprintf(http_user_agent, sizeof(http_user_agent), "HTTP_USER_AGENT=%s",
5ec1fd3d 3441 httpGetField(con->http, HTTP_FIELD_USER_AGENT));
ef416fc2 3442 envp[envc ++] = http_user_agent;
3443 }
3444
5ec1fd3d 3445 if (httpGetField(con->http, HTTP_FIELD_REFERER)[0])
f7deaa1a 3446 {
3447 snprintf(http_referer, sizeof(http_referer), "HTTP_REFERER=%s",
5ec1fd3d 3448 httpGetField(con->http, HTTP_FIELD_REFERER));
f7deaa1a 3449 envp[envc ++] = http_referer;
3450 }
3451
cb7f98ee 3452 if (con->operation == HTTP_STATE_GET)
ef416fc2 3453 {
ef416fc2 3454 envp[envc ++] = "REQUEST_METHOD=GET";
3455
b86bc4cf 3456 if (con->query_string)
ef416fc2 3457 {
3458 /*
3459 * Add GET form variables after ?...
3460 */
3461
b86bc4cf 3462 envp[envc ++] = con->query_string;
ef416fc2 3463 }
3dfe78b3
MS		 3464 else
3465 envp[envc ++] = "QUERY_STRING=";
ef416fc2 3466 }
3467 else
3468 {
064e50fb 3469 snprintf(content_length, sizeof(content_length), "CONTENT_LENGTH=" CUPS_LLFMT, CUPS_LLCAST con->bytes);
ef416fc2 3470 snprintf(content_type, sizeof(content_type), "CONTENT_TYPE=%s",
5ec1fd3d 3471 httpGetField(con->http, HTTP_FIELD_CONTENT_TYPE));
ef416fc2 3472
3473 envp[envc ++] = "REQUEST_METHOD=POST";
3474 envp[envc ++] = content_length;
3475 envp[envc ++] = content_type;
3476 }
3477
3478 /*
3479 * Tell the CGI if we are using encryption...
3480 */
3481
d21dc0ed 3482 if (httpIsEncrypted(con->http))
ef416fc2 3483 envp[envc ++] = "HTTPS=ON";
3484
3485 /*
3486 * Terminate the environment array...
3487 */
3488
3489 envp[envc] = NULL;
3490
38e73f87 3491 if (LogLevel >= CUPSD_LOG_DEBUG)
ef416fc2 3492 {
3493 for (i = 0; i < argc; i ++)
38e73f87
MS		 3494 cupsdLogMessage(CUPSD_LOG_DEBUG,
3495 "[CGI] argv[%d] = \"%s\"", i, argv[i]);
ef416fc2 3496 for (i = 0; i < envc; i ++)
38e73f87
MS		 3497 cupsdLogMessage(CUPSD_LOG_DEBUG,
3498 "[CGI] envp[%d] = \"%s\"", i, envp[i]);
ef416fc2 3499 }
3500
3501 /*
3502 * Create a pipe for the output...
3503 */
3504
3505 if (cupsdOpenPipe(fds))
3506 {
38e73f87 3507 cupsdLogMessage(CUPSD_LOG_ERROR, "[CGI] Unable to create pipe for %s - %s",
ef416fc2 3508 argv[0], strerror(errno));
3509 return (0);
3510 }
3511
3512 /*
3513 * Then execute the command...
3514 */
3515
3516 if (cupsdStartProcess(command, argv, envp, infile, fds[1], CGIPipes[1],
38e73f87 3517 -1, -1, root, DefaultProfile, NULL, &pid) < 0)
ef416fc2 3518 {
3519 /*
3520 * Error - can't fork!
3521 */
3522
38e73f87 3523 cupsdLogMessage(CUPSD_LOG_ERROR, "[CGI] Unable to start %s - %s", argv[0],
ef416fc2 3524 strerror(errno));
3525
3526 cupsdClosePipe(fds);
3527 pid = 0;
3528 }
3529 else
3530 {
3531 /*
3532 * Fork successful - return the PID...
3533 */
3534
3535 if (con->username[0])
0fa6c7fa 3536 cupsdAddCert(pid, con->username, con->type);
ef416fc2 3537
38e73f87 3538 cupsdLogMessage(CUPSD_LOG_DEBUG, "[CGI] Started %s (PID %d)", command, pid);
ef416fc2 3539
3540 *outfile = fds[0];
3541 close(fds[1]);
3542 }
3543
ef416fc2 3544 return (pid);
3545}
3546
3547
e07d4801
MS		 3548/*
3549 * 'valid_host()' - Is the Host: field valid?
3550 */
3551
3552static int /* O - 1 if valid, 0 if not */
3553valid_host(cupsd_client_t *con) /* I - Client connection */
3554{
3555 cupsd_alias_t *a; /* Current alias */
3556 cupsd_netif_t *netif; /* Current network interface */
f2534050
MS		 3557 const char *end; /* End character */
3558 char *ptr; /* Pointer into host value */
e07d4801
MS		 3559
3560
f2534050
MS		 3561 /*
3562 * Copy the Host: header for later use...
3563 */
3564
5ec1fd3d 3565 strlcpy(con->clientname, httpGetField(con->http, HTTP_FIELD_HOST),
f2534050
MS		 3566 sizeof(con->clientname));
3567 if ((ptr = strrchr(con->clientname, ':')) != NULL && !strchr(ptr, ']'))
3568 {
3569 *ptr++ = '\0';
3570 con->clientport = atoi(ptr);
3571 }
3572 else
3573 con->clientport = con->serverport;
3574
3575 /*
3576 * Then validate...
3577 */
e07d4801 3578
5ec1fd3d 3579 if (httpAddrLocalhost(httpGetAddress(con->http)))
e07d4801
MS		 3580 {
3581 /*
3582 * Only allow "localhost" or the equivalent IPv4 or IPv6 numerical
3583 * addresses when accessing CUPS via the loopback interface...
3584 */
3585
f2534050
MS		 3586 return (!_cups_strcasecmp(con->clientname, "localhost") ||
3587 !_cups_strcasecmp(con->clientname, "localhost.") ||
f2534050
MS		 3588 !strcmp(con->clientname, "127.0.0.1") ||
3589 !strcmp(con->clientname, "[::1]"));
e07d4801
MS		 3590 }
3591
37e7e6e0 3592#if defined(HAVE_DNSSD) || defined(HAVE_AVAHI)
e07d4801
MS		 3593 /*
3594 * Check if the hostname is something.local (Bonjour); if so, allow it.
3595 */
3596
f2534050
MS		 3597 if ((end = strrchr(con->clientname, '.')) != NULL && end > con->clientname &&
3598 !end[1])
a29fd7dd
MS		 3599 {
3600 /*
3601 * "." on end, work back to second-to-last "."...
3602 */
f2534050
MS		 3603
3604 for (end --; end > con->clientname && *end != '.'; end --);
a29fd7dd
MS		 3605 }
3606
3607 if (end && (!_cups_strcasecmp(end, ".local") ||
f2534050 3608 !_cups_strcasecmp(end, ".local.")))
e07d4801 3609 return (1);
37e7e6e0 3610#endif /* HAVE_DNSSD || HAVE_AVAHI */
e07d4801
MS		 3611
3612 /*
3613 * Check if the hostname is an IP address...
3614 */
3615
f2534050 3616 if (isdigit(con->clientname[0] & 255) || con->clientname[0] == '[')
e07d4801
MS		 3617 {
3618 /*
3619 * Possible IPv4/IPv6 address...
3620 */
3621
e07d4801
MS		 3622 http_addrlist_t *addrlist; /* List of addresses */
3623
3624
f2534050 3625 if ((addrlist = httpAddrGetList(con->clientname, AF_UNSPEC, NULL)) != NULL)
e07d4801
MS		 3626 {
3627 /*
3628 * Good IPv4/IPv6 address...
3629 */
3630
3631 httpAddrFreeList(addrlist);
3632 return (1);
3633 }
3634 }
3635
3636 /*
3637 * Check for (alias) name matches...
3638 */
3639
3640 for (a = (cupsd_alias_t *)cupsArrayFirst(ServerAlias);
3641 a;
3642 a = (cupsd_alias_t *)cupsArrayNext(ServerAlias))
3643 {
3644 /*
3645 * "ServerAlias *" allows all host values through...
3646 */
3647
3648 if (!strcmp(a->name, "*"))
3649 return (1);
3650
f2534050 3651 if (!_cups_strncasecmp(con->clientname, a->name, a->namelen))
e07d4801
MS		 3652 {
3653 /*
f2534050 3654 * Prefix matches; check the character at the end - it must be "." or nul.
e07d4801
MS		 3655 */
3656
f2534050 3657 end = con->clientname + a->namelen;
e07d4801 3658
f2534050 3659 if (!*end || (*end == '.' && !end[1]))
e07d4801
MS		 3660 return (1);
3661 }
3662 }
3663
37e7e6e0 3664#if defined(HAVE_DNSSD) || defined(HAVE_AVAHI)
e07d4801
MS		 3665 for (a = (cupsd_alias_t *)cupsArrayFirst(DNSSDAlias);
3666 a;
3667 a = (cupsd_alias_t *)cupsArrayNext(DNSSDAlias))
3668 {
3669 /*
3670 * "ServerAlias *" allows all host values through...
3671 */
3672
3673 if (!strcmp(a->name, "*"))
3674 return (1);
3675
f2534050 3676 if (!_cups_strncasecmp(con->clientname, a->name, a->namelen))
e07d4801
MS		 3677 {
3678 /*
f2534050 3679 * Prefix matches; check the character at the end - it must be "." or nul.
e07d4801
MS		 3680 */
3681
f2534050 3682 end = con->clientname + a->namelen;
e07d4801 3683
f2534050 3684 if (!*end || (*end == '.' && !end[1]))
e07d4801
MS		 3685 return (1);
3686 }
3687 }
37e7e6e0 3688#endif /* HAVE_DNSSD || HAVE_AVAHI */
e07d4801
MS		 3689
3690 /*
3691 * Check for interface hostname matches...
3692 */
3693
3694 for (netif = (cupsd_netif_t *)cupsArrayFirst(NetIFList);
3695 netif;
3696 netif = (cupsd_netif_t *)cupsArrayNext(NetIFList))
3697 {
f2534050 3698 if (!_cups_strncasecmp(con->clientname, netif->hostname, netif->hostlen))
e07d4801
MS		 3699 {
3700 /*
f2534050 3701 * Prefix matches; check the character at the end - it must be "." or nul.
e07d4801
MS		 3702 */
3703
f2534050 3704 end = con->clientname + netif->hostlen;
e07d4801 3705
f2534050 3706 if (!*end || (*end == '.' && !end[1]))
e07d4801
MS		 3707 return (1);
3708 }
3709 }
3710
3711 return (0);
3712}
3713
3714
ef416fc2 3715/*
a74454a7 3716 * 'write_file()' - Send a file via HTTP.
e1d6a774 3717 */
3718
3719static int /* O - 0 on failure, 1 on success */
a74454a7 3720write_file(cupsd_client_t *con, /* I - Client connection */
3721 http_status_t code, /* I - HTTP status */
3722 char *filename, /* I - Filename */
3723 char *type, /* I - File type */
3724 struct stat *filestats) /* O - File information */
e1d6a774 3725{
3726 con->file = open(filename, O_RDONLY);
3727
ffe32673 3728 cupsdLogClient(con, CUPSD_LOG_DEBUG2, "write_file: code=%d, filename=\"%s\" (%d), type=\"%s\", filestats=%p.", code, filename, con->file, type ? type : "(null)", filestats);
e1d6a774 3729
3730 if (con->file < 0)
3731 return (0);
3732
3733 fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC);
3734
dfc45c1b
MS		 3735 con->pipe_pid = 0;
3736 con->sent_header = 1;
e1d6a774 3737
a73ca01e
MS		 3738 httpClearFields(con->http);
3739
7e86f2f6 3740 httpSetLength(con->http, (size_t)filestats->st_size);
e1d6a774 3741
e200616a
MS		 3742 httpSetField(con->http, HTTP_FIELD_LAST_MODIFIED,
3743 httpGetDateString(filestats->st_mtime));
e1d6a774 3744
e200616a 3745 if (!cupsdSendHeader(con, code, type, CUPSD_AUTH_NONE))
07725fee 3746 return (0);
d09495fa 3747
43dcaf3b 3748 cupsdAddSelect(httpGetFd(con->http), NULL, (cupsd_selfunc_t)cupsdWriteClient, con);
e1d6a774 3749
996acce8 3750 cupsdLogClient(con, CUPSD_LOG_DEBUG, "Sending file.");
1bc82dd9 3751
e1d6a774 3752 return (1);
3753}
3754
3755
3756/*
f899b121 3757 * 'write_pipe()' - Flag that data is available on the CGI pipe.
3758 */
3759
3760static void
3761write_pipe(cupsd_client_t *con) /* I - Client connection */
3762{
ffe32673 3763 cupsdLogClient(con, CUPSD_LOG_DEBUG2, "write_pipe: CGI output on fd %d.", con->file);
f899b121 3764
3765 con->file_ready = 1;
3766
3767 cupsdRemoveSelect(con->file);
996acce8 3768 cupsdAddSelect(httpGetFd(con->http), NULL, (cupsd_selfunc_t)cupsdWriteClient, con);
1bc82dd9 3769
996acce8 3770 cupsdLogClient(con, CUPSD_LOG_DEBUG, "CGI data ready to be sent.");
f899b121 3771}
Unnamed repository; edit this file 'description' to name the repository.