]> git.ipfire.org Git - thirdparty/cups.git/blob - cups/http-private.h
projects / thirdparty / cups.git / blob
? search:


7156bf86909c8bd7a252117da013dc868ccbc07e
[thirdparty/cups.git] / cups / http-private.h
1 /*
2 * "$Id: http-private.h 12243 2014-11-12 12:12:59Z msweet $"
3 *
4 * Private HTTP definitions for CUPS.
5 *
6 * Copyright 2007-2014 by Apple Inc.
7 * Copyright 1997-2007 by Easy Software Products, all rights reserved.
8 *
9 * These coded instructions, statements, and computer programs are the
10 * property of Apple Inc. and are protected by Federal copyright
11 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 * which should have been included with this file. If this file is
13 * file is missing or damaged, see the license at "http://www.cups.org/".
14 *
15 * This file is subject to the Apple OS-Developed Software exception.
16 */
17
18 #ifndef _CUPS_HTTP_PRIVATE_H_
19 # define _CUPS_HTTP_PRIVATE_H_
20
21 /*
22 * Include necessary headers...
23 */
24
25 # include "config.h"
26 # include <cups/language.h>
27 # include <stddef.h>
28 # include <stdlib.h>
29
30 # ifdef __sun
31 # include <sys/select.h>
32 # endif /* __sun */
33
34 # include <limits.h>
35 # ifdef WIN32
36 # include <io.h>
37 # include <winsock2.h>
38 # define CUPS_SOCAST (const char *)
39 # else
40 # include <unistd.h>
41 # include <fcntl.h>
42 # include <sys/socket.h>
43 # define CUPS_SOCAST
44 # endif /* WIN32 */
45
46 # ifdef HAVE_GSSAPI
47 # ifdef HAVE_GSS_GSSAPI_H
48 # include <GSS/gssapi.h>
49 # elif defined(HAVE_GSSAPI_GSSAPI_H)
50 # include <gssapi/gssapi.h>
51 # elif defined(HAVE_GSSAPI_H)
52 # include <gssapi.h>
53 # endif /* HAVE_GSS_GSSAPI_H */
54 # ifndef HAVE_GSS_C_NT_HOSTBASED_SERVICE
55 # define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name
56 # endif /* !HAVE_GSS_C_NT_HOSTBASED_SERVICE */
57 # endif /* HAVE_GSSAPI */
58
59 # ifdef HAVE_AUTHORIZATION_H
60 # include <Security/Authorization.h>
61 # endif /* HAVE_AUTHORIZATION_H */
62
63 # if defined(__APPLE__) && !defined(_SOCKLEN_T)
64 /*
65 * MacOS X 10.2.x does not define socklen_t, and in fact uses an int instead of
66 * unsigned type for length values...
67 */
68
69 typedef int socklen_t;
70 # endif /* __APPLE__ && !_SOCKLEN_T */
71
72 # include <cups/http.h>
73 # include "md5-private.h"
74 # include "ipp-private.h"
75
76 # ifdef HAVE_GNUTLS
77 # include <gnutls/gnutls.h>
78 # include <gnutls/x509.h>
79 # elif defined(HAVE_CDSASSL)
80 # include <CoreFoundation/CoreFoundation.h>
81 # include <Security/Security.h>
82 # include <Security/SecureTransport.h>
83 # ifdef HAVE_SECURETRANSPORTPRIV_H
84 # include <Security/SecureTransportPriv.h>
85 # endif /* HAVE_SECURETRANSPORTPRIV_H */
86 # ifdef HAVE_SECITEM_H
87 # include <Security/SecItem.h>
88 # endif /* HAVE_SECITEM_H */
89 # ifdef HAVE_SECBASEPRIV_H
90 # include <Security/SecBasePriv.h>
91 # endif /* HAVE_SECBASEPRIV_H */
92 # ifdef HAVE_SECCERTIFICATE_H
93 # include <Security/SecCertificate.h>
94 # include <Security/SecIdentity.h>
95 # endif /* HAVE_SECCERTIFICATE_H */
96 # ifdef HAVE_SECCERTIFICATEPRIV_H
97 # include <Security/SecCertificatePriv.h>
98 # else
99 # ifdef __cplusplus
100 extern "C" {
101 # endif /* __cplusplus */
102 extern SecCertificateRef SecCertificateCreateWithBytes(CFAllocatorRef allocator, const UInt8 *bytes, CFIndex length);
103 extern bool SecCertificateIsValid(SecCertificateRef certificate, CFAbsoluteTime verifyTime);
104 extern CFAbsoluteTime SecCertificateNotValidAfter(SecCertificateRef certificate);
105 # ifdef __cplusplus
106 }
107 # endif /* __cplusplus */
108 # endif /* HAVE_SECCERTIFICATEPRIV_H */
109 # ifdef HAVE_SECITEMPRIV_H
110 # include <Security/SecItemPriv.h>
111 # endif /* HAVE_SECITEMPRIV_H */
112 # ifdef HAVE_SECIDENTITYSEARCHPRIV_H
113 # include <Security/SecIdentitySearchPriv.h>
114 # endif /* HAVE_SECIDENTITYSEARCHPRIV_H */
115 # ifdef HAVE_SECPOLICYPRIV_H
116 # include <Security/SecPolicyPriv.h>
117 # endif /* HAVE_SECPOLICYPRIV_H */
118 # elif defined(HAVE_SSPISSL)
119 # include <wincrypt.h>
120 # include <wintrust.h>
121 # include <schannel.h>
122 # define SECURITY_WIN32
123 # include <security.h>
124 # include <sspi.h>
125 # endif /* HAVE_GNUTLS */
126
127 # ifndef WIN32
128 # include <net/if.h>
129 # ifdef HAVE_GETIFADDRS
130 # include <ifaddrs.h>
131 # else
132 # include <sys/ioctl.h>
133 # ifdef HAVE_SYS_SOCKIO_H
134 # include <sys/sockio.h>
135 # endif /* HAVE_SYS_SOCKIO_H */
136 # endif /* HAVE_GETIFADDRS */
137 # endif /* !WIN32 */
138
139 # ifdef HAVE_LIBZ
140 # include <zlib.h>
141 # endif /* HAVE_LIBZ */
142
143
144 /*
145 * C++ magic...
146 */
147
148 # ifdef __cplusplus
149 extern "C" {
150 # endif /* __cplusplus */
151
152
153 /*
154 * Constants...
155 */
156
157
158 #define _HTTP_MAX_SBUFFER 65536 /* Size of (de)compression buffer */
159 #define _HTTP_RESOLVE_DEFAULT 0 /* Just resolve with default options */
160 #define _HTTP_RESOLVE_STDERR 1 /* Log resolve progress to stderr */
161 #define _HTTP_RESOLVE_FQDN 2 /* Resolve to a FQDN */
162 #define _HTTP_RESOLVE_FAXOUT 4 /* Resolve FaxOut service? */
163
164 #define _HTTP_TLS_ALLOW_RC4 1 /* Allow RC4 cipher suites */
165 #define _HTTP_TLS_ALLOW_SSL3 2 /* Allow SSL 3.0 */
166
167
168 /*
169 * Types and functions for SSL support...
170 */
171
172 # ifdef HAVE_GNUTLS
173 /*
174 * The GNU TLS library is more of a "bare metal" SSL/TLS library...
175 */
176
177 typedef gnutls_session_t http_tls_t;
178 typedef gnutls_certificate_credentials_t *http_tls_credentials_t;
179
180 # elif defined(HAVE_CDSASSL)
181 /*
182 * Darwin's Security framework provides its own SSL/TLS context structure
183 * for its IO and protocol management...
184 */
185
186 # if !defined(HAVE_SECBASEPRIV_H) && defined(HAVE_CSSMERRORSTRING) /* Declare prototype for function in that header... */
187 extern const char *cssmErrorString(int error);
188 # endif /* !HAVE_SECBASEPRIV_H && HAVE_CSSMERRORSTRING */
189 # ifndef HAVE_SECITEMPRIV_H /* Declare constants from that header... */
190 extern const CFTypeRef kSecClassCertificate;
191 extern const CFTypeRef kSecClassIdentity;
192 # endif /* !HAVE_SECITEMPRIV_H */
193 # if !defined(HAVE_SECIDENTITYSEARCHPRIV_H) && defined(HAVE_SECIDENTITYSEARCHCREATEWITHPOLICY) /* Declare prototype for function in that header... */
194 extern OSStatus SecIdentitySearchCreateWithPolicy(SecPolicyRef policy,
195 CFStringRef idString, CSSM_KEYUSE keyUsage,
196 CFTypeRef keychainOrArray,
197 Boolean returnOnlyValidIdentities,
198 SecIdentitySearchRef* searchRef);
199 # endif /* !HAVE_SECIDENTITYSEARCHPRIV_H && HAVE_SECIDENTITYSEARCHCREATEWITHPOLICY */
200 # if !defined(HAVE_SECPOLICYPRIV_H) && defined(HAVE_SECPOLICYSETVALUE) /* Declare prototype for function in that header... */
201 extern OSStatus SecPolicySetValue(SecPolicyRef policyRef,
202 const CSSM_DATA *value);
203 # endif /* !HAVE_SECPOLICYPRIV_H && HAVE_SECPOLICYSETVALUE */
204
205 typedef SSLContextRef http_tls_t;
206 typedef CFArrayRef http_tls_credentials_t;
207
208 # elif defined(HAVE_SSPISSL)
209 /*
210 * Windows' SSPI library gets a CUPS wrapper...
211 */
212
213 typedef struct _http_sspi_s /**** SSPI/SSL data structure ****/
214 {
215 CredHandle creds; /* Credentials */
216 CtxtHandle context; /* SSL context */
217 BOOL contextInitialized; /* Is context init'd? */
218 SecPkgContext_StreamSizes streamSizes;/* SSL data stream sizes */
219 BYTE *decryptBuffer; /* Data pre-decryption*/
220 size_t decryptBufferLength; /* Length of decrypt buffer */
221 size_t decryptBufferUsed; /* Bytes used in buffer */
222 BYTE *readBuffer; /* Data post-decryption */
223 int readBufferLength; /* Length of read buffer */
224 int readBufferUsed; /* Bytes used in buffer */
225 BYTE *writeBuffer; /* Data pre-encryption */
226 int writeBufferLength; /* Length of write buffer */
227 PCCERT_CONTEXT localCert, /* Local certificate */
228 remoteCert; /* Remote (peer's) certificate */
229 char error[256]; /* Most recent error message */
230 } _http_sspi_t;
231 typedef _http_sspi_t *http_tls_t;
232 typedef PCCERT_CONTEXT http_tls_credentials_t;
233
234 # else
235 /*
236 * Otherwise define stub types since we have no SSL support...
237 */
238
239 typedef void *http_tls_t;
240 typedef void *http_tls_credentials_t;
241 # endif /* HAVE_GNUTLS */
242
243 typedef enum _http_coding_e /**** HTTP content coding enumeration ****/
244 {
245 _HTTP_CODING_IDENTITY, /* No content coding */
246 _HTTP_CODING_GZIP, /* LZ77+gzip decompression */
247 _HTTP_CODING_DEFLATE, /* LZ77+zlib compression */
248 _HTTP_CODING_GUNZIP, /* LZ77+gzip decompression */
249 _HTTP_CODING_INFLATE /* LZ77+zlib decompression */
250 } _http_coding_t;
251
252 typedef enum _http_mode_e /**** HTTP mode enumeration ****/
253 {
254 _HTTP_MODE_CLIENT, /* Client connected to server */
255 _HTTP_MODE_SERVER /* Server connected (accepted) from client */
256 } _http_mode_t;
257
258 # ifndef _HTTP_NO_PRIVATE
259 struct _http_s /**** HTTP connection structure ****/
260 {
261 int fd; /* File descriptor for this socket */
262 int blocking; /* To block or not to block */
263 int error; /* Last error on read */
264 time_t activity; /* Time since last read/write */
265 http_state_t state; /* State of client */
266 http_status_t status; /* Status of last request */
267 http_version_t version; /* Protocol version */
268 http_keepalive_t keep_alive; /* Keep-alive supported? */
269 struct sockaddr_in _hostaddr; /* Address of connected host (deprecated) */
270 char hostname[HTTP_MAX_HOST],
271 /* Name of connected host */
272 fields[HTTP_FIELD_ACCEPT_ENCODING][HTTP_MAX_VALUE];
273 /* Field values up to Accept-Encoding */
274 char *data; /* Pointer to data buffer */
275 http_encoding_t data_encoding; /* Chunked or not */
276 int _data_remaining;/* Number of bytes left (deprecated) */
277 int used; /* Number of bytes used in buffer */
278 char buffer[HTTP_MAX_BUFFER];
279 /* Buffer for incoming data */
280 int _auth_type; /* Authentication in use (deprecated) */
281 _cups_md5_state_t md5_state; /* MD5 state */
282 char nonce[HTTP_MAX_VALUE];
283 /* Nonce value */
284 int nonce_count; /* Nonce count */
285 http_tls_t tls; /* TLS state information */
286 http_encryption_t encryption; /* Encryption requirements */
287
288 /**** New in CUPS 1.1.19 ****/
289 fd_set *input_set; /* select() set for httpWait() (deprecated) */
290 http_status_t expect; /* Expect: header */
291 char *cookie; /* Cookie value(s) */
292
293 /**** New in CUPS 1.1.20 ****/
294 char _authstring[HTTP_MAX_VALUE],
295 /* Current Authorization value (deprecated) */
296 userpass[HTTP_MAX_VALUE];
297 /* Username:password string */
298 int digest_tries; /* Number of tries for digest auth */
299
300 /**** New in CUPS 1.2 ****/
301 off_t data_remaining; /* Number of bytes left */
302 http_addr_t *hostaddr; /* Current host address and port */
303 http_addrlist_t *addrlist; /* List of valid addresses */
304 char wbuffer[HTTP_MAX_BUFFER];
305 /* Buffer for outgoing data */
306 int wused; /* Write buffer bytes used */
307
308 /**** New in CUPS 1.3 ****/
309 char *field_authorization;
310 /* Authorization field */
311 char *authstring; /* Current Authorization field */
312 # ifdef HAVE_GSSAPI
313 gss_OID gssmech; /* Authentication mechanism */
314 gss_ctx_id_t gssctx; /* Authentication context */
315 gss_name_t gssname; /* Authentication server name */
316 # endif /* HAVE_GSSAPI */
317 # ifdef HAVE_AUTHORIZATION_H
318 AuthorizationRef auth_ref; /* Authorization ref */
319 # endif /* HAVE_AUTHORIZATION_H */
320
321 /**** New in CUPS 1.5 ****/
322 http_tls_credentials_t tls_credentials;
323 /* TLS credentials */
324 http_timeout_cb_t timeout_cb; /* Timeout callback */
325 void *timeout_data; /* User data pointer */
326 double timeout_value; /* Timeout in seconds */
327 int wait_value; /* httpWait value for timeout */
328 # ifdef HAVE_GSSAPI
329 char gsshost[256]; /* Hostname for Kerberos */
330 # endif /* HAVE_GSSAPI */
331
332 /**** New in CUPS 1.7 ****/
333 int tls_upgrade; /* Non-zero if we are doing an upgrade */
334 _http_mode_t mode; /* _HTTP_MODE_CLIENT or _HTTP_MODE_SERVER */
335 char *accept_encoding,
336 /* Accept-Encoding field */
337 *allow, /* Allow field */
338 *server, /* Server field */
339 *default_accept_encoding,
340 *default_server,
341 *default_user_agent;
342 /* Default field values */
343 # ifdef HAVE_LIBZ
344 _http_coding_t coding; /* _HTTP_CODING_xxx */
345 z_stream stream; /* (De)compression stream */
346 Bytef *sbuffer; /* (De)compression buffer */
347 # endif /* HAVE_LIBZ */
348 };
349 # endif /* !_HTTP_NO_PRIVATE */
350
351
352 /*
353 * Some OS's don't have hstrerror(), most notably Solaris...
354 */
355
356 # ifndef HAVE_HSTRERROR
357 extern const char *_cups_hstrerror(int error);
358 # define hstrerror _cups_hstrerror
359 # endif /* !HAVE_HSTRERROR */
360
361
362 /*
363 * Some OS's don't have getifaddrs() and freeifaddrs()...
364 */
365
366 # if !defined(WIN32) && !defined(HAVE_GETIFADDRS)
367 # ifdef ifa_dstaddr
368 # undef ifa_dstaddr
369 # endif /* ifa_dstaddr */
370 # ifndef ifr_netmask
371 # define ifr_netmask ifr_addr
372 # endif /* !ifr_netmask */
373
374 struct ifaddrs /**** Interface Structure ****/
375 {
376 struct ifaddrs *ifa_next; /* Next interface in list */
377 char *ifa_name; /* Name of interface */
378 unsigned int ifa_flags; /* Flags (up, point-to-point, etc.) */
379 struct sockaddr *ifa_addr, /* Network address */
380 *ifa_netmask; /* Address mask */
381 union
382 {
383 struct sockaddr *ifu_broadaddr; /* Broadcast address of this interface. */
384 struct sockaddr *ifu_dstaddr; /* Point-to-point destination address. */
385 } ifa_ifu;
386
387 void *ifa_data; /* Interface statistics */
388 };
389
390 # ifndef ifa_broadaddr
391 # define ifa_broadaddr ifa_ifu.ifu_broadaddr
392 # endif /* !ifa_broadaddr */
393 # ifndef ifa_dstaddr
394 # define ifa_dstaddr ifa_ifu.ifu_dstaddr
395 # endif /* !ifa_dstaddr */
396
397 extern int _cups_getifaddrs(struct ifaddrs **addrs);
398 # define getifaddrs _cups_getifaddrs
399 extern void _cups_freeifaddrs(struct ifaddrs *addrs);
400 # define freeifaddrs _cups_freeifaddrs
401 # endif /* !WIN32 && !HAVE_GETIFADDRS */
402
403
404 /*
405 * Prototypes...
406 */
407
408 extern void _httpAddrSetPort(http_addr_t *addr, int port);
409 extern http_tls_credentials_t
410 _httpCreateCredentials(cups_array_t *credentials);
411 extern char *_httpDecodeURI(char *dst, const char *src,
412 size_t dstsize);
413 extern void _httpDisconnect(http_t *http);
414 extern char *_httpEncodeURI(char *dst, const char *src,
415 size_t dstsize);
416 extern void _httpFreeCredentials(http_tls_credentials_t credentials);
417 extern const char *_httpResolveURI(const char *uri, char *resolved_uri,
418 size_t resolved_size, int options,
419 int (*cb)(void *context),
420 void *context);
421 extern const char *_httpStatus(cups_lang_t *lang, http_status_t status);
422 extern void _httpTLSInitialize(void);
423 extern size_t _httpTLSPending(http_t *http);
424 extern int _httpTLSRead(http_t *http, char *buf, int len);
425 extern int _httpTLSSetCredentials(http_t *http);
426 extern void _httpTLSSetOptions(int options);
427 extern int _httpTLSStart(http_t *http);
428 extern void _httpTLSStop(http_t *http);
429 extern int _httpTLSWrite(http_t *http, const char *buf, int len);
430 extern int _httpUpdate(http_t *http, http_status_t *status);
431 extern int _httpWait(http_t *http, int msec, int usessl);
432
433
434 /*
435 * C++ magic...
436 */
437
438 # ifdef __cplusplus
439 }
440 # endif /* __cplusplus */
441
442 #endif /* !_CUPS_HTTP_PRIVATE_H_ */
443
444 /*
445 * End of "$Id: http-private.h 12243 2014-11-12 12:12:59Z msweet $".
446 */
Unnamed repository; edit this file 'description' to name the repository.