]>
Commit | Line | Data |
---|---|---|
dd88778b | 1 | /* |
c9d3f842 | 2 | * "$Id$" |
dd88778b | 3 | * |
3d94661a | 4 | * Private HTTP definitions for CUPS. |
dd88778b | 5 | * |
97d5667d | 6 | * Copyright 2007-2011 by Apple Inc. |
d220c7b8 | 7 | * Copyright 1997-2007 by Easy Software Products, all rights reserved. |
dd88778b | 8 | * |
9 | * These coded instructions, statements, and computer programs are the | |
4e8d321f | 10 | * property of Apple Inc. and are protected by Federal copyright |
11 | * law. Distribution and use rights are outlined in the file "LICENSE.txt" | |
12 | * which should have been included with this file. If this file is | |
13 | * file is missing or damaged, see the license at "http://www.cups.org/". | |
dd88778b | 14 | * |
15 | * This file is subject to the Apple OS-Developed Software exception. | |
16 | */ | |
17 | ||
18 | #ifndef _CUPS_HTTP_PRIVATE_H_ | |
19 | # define _CUPS_HTTP_PRIVATE_H_ | |
20 | ||
21 | /* | |
22 | * Include necessary headers... | |
23 | */ | |
24 | ||
3d94661a | 25 | # include "config.h" |
e7b6dd76 | 26 | # include <stddef.h> |
425577ed | 27 | # include <stdlib.h> |
086c584d | 28 | |
0a0621ae | 29 | # ifdef __sun |
0a0621ae | 30 | # include <sys/select.h> |
31 | # endif /* __sun */ | |
32 | ||
1a59b1c1 | 33 | # include <limits.h> |
34 | # ifdef WIN32 | |
35 | # include <io.h> | |
36 | # include <winsock2.h> | |
37 | # else | |
38 | # include <unistd.h> | |
39 | # include <fcntl.h> | |
40 | # include <sys/socket.h> | |
41 | # define closesocket(f) close(f) | |
42 | # endif /* WIN32 */ | |
43 | ||
cf94bcb1 | 44 | # ifdef HAVE_GSSAPI |
ec6e3e5a | 45 | # ifdef HAVE_GSS_GSSAPI_H |
46 | # include <GSS/gssapi.h> | |
47 | # ifdef HAVE_GSSAPI_GENERIC_H | |
48 | # include <GSS/gssapi_generic.h> | |
49 | # endif /* HAVE_GSSAPI_GENERIC_H */ | |
50 | # ifdef HAVE_GSSAPI_KRB5_H | |
51 | # include <GSS/gssapi_krb5.h> | |
52 | # endif /* HAVE_GSSAPI_KRB5_H */ | |
53 | # elif defined(HAVE_GSSAPI_GSSAPI_H) | |
cf94bcb1 | 54 | # include <gssapi/gssapi.h> |
ec6e3e5a | 55 | # ifdef HAVE_GSSAPI_GENERIC_H |
56 | # include <gssapi/gssapi_generic.h> | |
57 | # endif /* HAVE_GSSAPI_GENERIC_H */ | |
58 | # ifdef HAVE_GSSAPI_KRB5_H | |
59 | # include <gssapi/gssapi_krb5.h> | |
60 | # endif /* HAVE_GSSAPI_KRB5_H */ | |
61 | # elif defined(HAVE_GSSAPI_H) | |
cf94bcb1 | 62 | # include <gssapi.h> |
ec6e3e5a | 63 | # endif /* HAVE_GSS_GSSAPI_H */ |
8b3c3ab7 | 64 | # ifndef HAVE_GSS_C_NT_HOSTBASED_SERVICE |
65 | # define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name | |
66 | # endif /* !HAVE_GSS_C_NT_HOSTBASED_SERVICE */ | |
3b14922f | 67 | # ifdef HAVE_KRB5_H |
68 | # include <krb5.h> | |
69 | # endif /* HAVE_KRB5_H */ | |
cf94bcb1 | 70 | # endif /* HAVE_GSSAPI */ |
71 | ||
f39a71fd | 72 | # ifdef HAVE_AUTHORIZATION_H |
73 | # include <Security/Authorization.h> | |
74 | # endif /* HAVE_AUTHORIZATION_H */ | |
75 | ||
d2283ea4 | 76 | # if defined(__sgi) || (defined(__APPLE__) && !defined(_SOCKLEN_T)) |
bdb1331d | 77 | /* |
d2283ea4 | 78 | * IRIX and MacOS X 10.2.x do not define socklen_t, and in fact use an int instead of |
bdb1331d | 79 | * unsigned type for length values... |
80 | */ | |
81 | ||
82 | typedef int socklen_t; | |
d2283ea4 | 83 | # endif /* __sgi || (__APPLE__ && !_SOCKLEN_T) */ |
bdb1331d | 84 | |
3d94661a | 85 | # include <cups/http.h> |
86 | # include "md5-private.h" | |
b0a98a63 | 87 | # include "ipp-private.h" |
0a0621ae | 88 | |
b1d20b15 | 89 | # if defined HAVE_LIBSSL |
90 | # include <openssl/err.h> | |
91 | # include <openssl/rand.h> | |
92 | # include <openssl/ssl.h> | |
93 | # elif defined HAVE_GNUTLS | |
94 | # include <gnutls/gnutls.h> | |
95 | # include <gnutls/x509.h> | |
96 | # include <gcrypt.h> | |
97 | # elif defined(HAVE_CDSASSL) | |
98 | # include <CoreFoundation/CoreFoundation.h> | |
99 | # include <Security/Security.h> | |
100 | # include <Security/SecureTransport.h> | |
d4017d8c | 101 | # ifdef HAVE_SECURETRANSPORTPRIV_H |
102 | # include <Security/SecureTransportPriv.h> | |
103 | # endif /* HAVE_SECURETRANSPORTPRIV_H */ | |
b1d20b15 | 104 | # ifdef HAVE_SECITEM_H |
105 | # include <Security/SecItem.h> | |
106 | # endif /* HAVE_SECITEM_H */ | |
107 | # ifdef HAVE_SECBASEPRIV_H | |
108 | # include <Security/SecBasePriv.h> | |
109 | # endif /* HAVE_SECBASEPRIV_H */ | |
110 | # ifdef HAVE_SECCERTIFICATE_H | |
111 | # include <Security/SecCertificate.h> | |
112 | # include <Security/SecIdentity.h> | |
113 | # endif /* HAVE_SECCERTIFICATE_H */ | |
114 | # ifdef HAVE_SECITEMPRIV_H | |
115 | # include <Security/SecItemPriv.h> | |
116 | # endif /* HAVE_SECITEMPRIV_H */ | |
117 | # ifdef HAVE_SECIDENTITYSEARCHPRIV_H | |
118 | # include <Security/SecIdentitySearchPriv.h> | |
119 | # endif /* HAVE_SECIDENTITYSEARCHPRIV_H */ | |
120 | # ifdef HAVE_SECPOLICYPRIV_H | |
121 | # include <Security/SecPolicyPriv.h> | |
122 | # endif /* HAVE_SECPOLICYPRIV_H */ | |
123 | # elif defined(HAVE_SSPISSL) | |
124 | # include "sspi-private.h" | |
125 | # endif /* HAVE_LIBSSL */ | |
126 | ||
127 | # ifndef WIN32 | |
128 | # include <net/if.h> | |
129 | # ifdef HAVE_GETIFADDRS | |
130 | # include <ifaddrs.h> | |
131 | # else | |
132 | # include <sys/ioctl.h> | |
133 | # ifdef HAVE_SYS_SOCKIO_H | |
134 | # include <sys/sockio.h> | |
135 | # endif /* HAVE_SYS_SOCKIO_H */ | |
136 | # endif /* HAVE_GETIFADDRS */ | |
137 | # endif /* !WIN32 */ | |
138 | ||
139 | ||
140 | /* | |
141 | * C++ magic... | |
142 | */ | |
143 | ||
144 | # ifdef __cplusplus | |
145 | extern "C" { | |
146 | # endif /* __cplusplus */ | |
147 | ||
148 | ||
1c4d0a47 | 149 | /* |
150 | * Constants... | |
151 | */ | |
152 | ||
153 | ||
154 | #define _HTTP_RESOLVE_DEFAULT 0 /* Just resolve with default options */ | |
155 | #define _HTTP_RESOLVE_STDERR 1 /* Log resolve progress to stderr */ | |
156 | #define _HTTP_RESOLVE_FQDN 2 /* Resolve to a FQDN */ | |
157 | ||
158 | ||
b1d20b15 | 159 | /* |
160 | * Types and functions for SSL support... | |
161 | */ | |
162 | ||
dd88778b | 163 | # if defined HAVE_LIBSSL |
164 | /* | |
165 | * The OpenSSL library provides its own SSL/TLS context structure for its | |
38cf3b08 | 166 | * IO and protocol management. However, we need to provide our own BIO |
167 | * (basic IO) implementation to do timeouts... | |
dd88778b | 168 | */ |
169 | ||
b9738d7c | 170 | typedef SSL *http_tls_t; |
171 | typedef void *http_tls_credentials_t; | |
dd88778b | 172 | |
38cf3b08 | 173 | extern BIO_METHOD *_httpBIOMethods(void); |
174 | ||
dd88778b | 175 | # elif defined HAVE_GNUTLS |
176 | /* | |
177 | * The GNU TLS library is more of a "bare metal" SSL/TLS library... | |
178 | */ | |
dd88778b | 179 | |
b9738d7c | 180 | typedef gnutls_session http_tls_t; |
181 | typedef void *http_tls_credentials_t; | |
dd88778b | 182 | |
d774b661 | 183 | extern ssize_t _httpReadGNUTLS(gnutls_transport_ptr ptr, void *data, |
184 | size_t length); | |
185 | extern ssize_t _httpWriteGNUTLS(gnutls_transport_ptr ptr, const void *data, | |
186 | size_t length); | |
187 | ||
dcfcaeac | 188 | # elif defined(HAVE_CDSASSL) |
189 | /* | |
190 | * Darwin's Security framework provides its own SSL/TLS context structure | |
191 | * for its IO and protocol management... | |
192 | */ | |
193 | ||
b1d20b15 | 194 | # if !defined(HAVE_SECBASEPRIV_H) && defined(HAVE_CSSMERRORSTRING) /* Declare prototype for function in that header... */ |
b9738d7c | 195 | extern const char *cssmErrorString(int error); |
b1d20b15 | 196 | # endif /* !HAVE_SECBASEPRIV_H && HAVE_CSSMERRORSTRING */ |
197 | # ifndef HAVE_SECITEMPRIV_H /* Declare constants from that header... */ | |
b9738d7c | 198 | extern const CFTypeRef kSecClassCertificate; |
199 | extern const CFTypeRef kSecClassIdentity; | |
b1d20b15 | 200 | # endif /* !HAVE_SECITEMPRIV_H */ |
201 | # if !defined(HAVE_SECIDENTITYSEARCHPRIV_H) && defined(HAVE_SECIDENTITYSEARCHCREATEWITHPOLICY) /* Declare prototype for function in that header... */ | |
b9738d7c | 202 | extern OSStatus SecIdentitySearchCreateWithPolicy(SecPolicyRef policy, |
203 | CFStringRef idString, CSSM_KEYUSE keyUsage, | |
204 | CFTypeRef keychainOrArray, | |
205 | Boolean returnOnlyValidIdentities, | |
206 | SecIdentitySearchRef* searchRef); | |
b1d20b15 | 207 | # endif /* !HAVE_SECIDENTITYSEARCHPRIV_H && HAVE_SECIDENTITYSEARCHCREATEWITHPOLICY */ |
208 | # if !defined(HAVE_SECPOLICYPRIV_H) && defined(HAVE_SECPOLICYSETVALUE) /* Declare prototype for function in that header... */ | |
b9738d7c | 209 | extern OSStatus SecPolicySetValue(SecPolicyRef policyRef, |
210 | const CSSM_DATA *value); | |
b1d20b15 | 211 | # endif /* !HAVE_SECPOLICYPRIV_H && HAVE_SECPOLICYSETVALUE */ |
b9738d7c | 212 | |
213 | typedef SSLContextRef http_tls_t; | |
214 | typedef CFArrayRef http_tls_credentials_t; | |
dcfcaeac | 215 | |
fe3f3c8c | 216 | extern OSStatus _httpReadCDSA(SSLConnectionRef connection, void *data, |
217 | size_t *dataLength); | |
218 | extern OSStatus _httpWriteCDSA(SSLConnectionRef connection, const void *data, | |
219 | size_t *dataLength); | |
6875feac | 220 | |
221 | # elif defined(HAVE_SSPISSL) | |
b1d20b15 | 222 | /* |
223 | * Windows' SSPI library gets a CUPS wrapper... | |
224 | */ | |
225 | ||
b9738d7c | 226 | typedef _sspi_struct_t * http_tls_t; |
227 | typedef void *http_tls_credentials_t; | |
b1d20b15 | 228 | |
b9738d7c | 229 | # else |
b1d20b15 | 230 | /* |
231 | * Otherwise define stub types since we have no SSL support... | |
232 | */ | |
233 | ||
b9738d7c | 234 | typedef void *http_tls_t; |
97d5667d | 235 | typedef void *http_tls_credentials_t; |
dd88778b | 236 | # endif /* HAVE_LIBSSL */ |
2d417cb3 | 237 | |
a3aff7d2 | 238 | typedef int (*_http_timeout_cb_t)(http_t *http, void *user_data); |
239 | ||
72510b94 | 240 | struct _http_s /**** HTTP connection structure. ****/ |
241 | { | |
242 | int fd; /* File descriptor for this socket */ | |
243 | int blocking; /* To block or not to block */ | |
244 | int error; /* Last error on read */ | |
245 | time_t activity; /* Time since last read/write */ | |
246 | http_state_t state; /* State of client */ | |
247 | http_status_t status; /* Status of last request */ | |
248 | http_version_t version; /* Protocol version */ | |
249 | http_keepalive_t keep_alive; /* Keep-alive supported? */ | |
250 | struct sockaddr_in _hostaddr; /* Address of connected host @deprecated@ */ | |
251 | char hostname[HTTP_MAX_HOST], | |
252 | /* Name of connected host */ | |
253 | fields[HTTP_FIELD_MAX][HTTP_MAX_VALUE]; | |
254 | /* Field values */ | |
255 | char *data; /* Pointer to data buffer */ | |
256 | http_encoding_t data_encoding; /* Chunked or not */ | |
257 | int _data_remaining;/* Number of bytes left @deprecated@ */ | |
258 | int used; /* Number of bytes used in buffer */ | |
259 | char buffer[HTTP_MAX_BUFFER]; | |
260 | /* Buffer for incoming data */ | |
261 | int auth_type; /* Authentication in use */ | |
262 | _cups_md5_state_t md5_state; /* MD5 state */ | |
263 | char nonce[HTTP_MAX_VALUE]; | |
264 | /* Nonce value */ | |
265 | int nonce_count; /* Nonce count */ | |
b9738d7c | 266 | http_tls_t tls; /* TLS state information */ |
72510b94 | 267 | http_encryption_t encryption; /* Encryption requirements */ |
268 | /**** New in CUPS 1.1.19 ****/ | |
9d4830a3 | 269 | fd_set *input_set; /* select() set for httpWait() @deprecated@ */ |
72510b94 | 270 | http_status_t expect; /* Expect: header @since CUPS 1.1.19@ */ |
271 | char *cookie; /* Cookie value(s) @since CUPS 1.1.19@ */ | |
272 | /**** New in CUPS 1.1.20 ****/ | |
cf94bcb1 | 273 | char _authstring[HTTP_MAX_VALUE], |
274 | /* Current Authentication value. @deprecated@ */ | |
72510b94 | 275 | userpass[HTTP_MAX_VALUE]; |
276 | /* Username:password string @since CUPS 1.1.20@ */ | |
277 | int digest_tries; /* Number of tries for digest auth @since CUPS 1.1.20@ */ | |
278 | /**** New in CUPS 1.2 ****/ | |
279 | off_t data_remaining; /* Number of bytes left @since CUPS 1.2@ */ | |
280 | http_addr_t *hostaddr; /* Current host address and port @since CUPS 1.2@ */ | |
281 | http_addrlist_t *addrlist; /* List of valid addresses @since CUPS 1.2@ */ | |
282 | char wbuffer[HTTP_MAX_BUFFER]; | |
283 | /* Buffer for outgoing data */ | |
284 | int wused; /* Write buffer bytes used @since CUPS 1.2@ */ | |
cf94bcb1 | 285 | /**** New in CUPS 1.3 ****/ |
286 | char *field_authorization; | |
287 | /* Authorization field @since CUPS 1.3@ */ | |
288 | char *authstring; /* Current authorization field @since CUPS 1.3 */ | |
289 | # ifdef HAVE_GSSAPI | |
290 | gss_OID gssmech; /* Authentication mechanism @since CUPS 1.3@ */ | |
291 | gss_ctx_id_t gssctx; /* Authentication context @since CUPS 1.3@ */ | |
292 | gss_name_t gssname; /* Authentication server name @since CUPS 1.3@ */ | |
293 | # endif /* HAVE_GSSAPI */ | |
f39a71fd | 294 | # ifdef HAVE_AUTHORIZATION_H |
a3aff7d2 | 295 | AuthorizationRef auth_ref; /* Authorization ref @since CUPS 1.3@ */ |
f39a71fd | 296 | # endif /* HAVE_AUTHORIZATION_H */ |
b9738d7c | 297 | /**** New in CUPS 1.5 ****/ |
298 | http_tls_credentials_t tls_credentials; | |
a1a2e89a | 299 | /* TLS credentials @since CUPS 1.5/Mac OS X 10.7@ */ |
300 | _http_timeout_cb_t timeout_cb; /* Timeout callback @since CUPS 1.5/Mac OS X 10.7@ */ | |
301 | void *timeout_data; /* User data pointer @since CUPS 1.5/Mac OS X 10.7@ */ | |
a3aff7d2 | 302 | struct timeval timeout_value; /* Timeout in seconds */ |
ec6e3e5a | 303 | # ifdef HAVE_GSSAPI |
304 | char gsshost[256]; /* Hostname for Kerberos */ | |
305 | # endif /* HAVE_GSSAPI */ | |
72510b94 | 306 | }; |
307 | ||
308 | ||
2d417cb3 | 309 | /* |
310 | * Some OS's don't have hstrerror(), most notably Solaris... | |
311 | */ | |
312 | ||
313 | # ifndef HAVE_HSTRERROR | |
2625096f | 314 | extern const char *_cups_hstrerror(int error); |
315 | # define hstrerror _cups_hstrerror | |
1159efaa | 316 | # elif defined(_AIX) || defined(__osf__) |
2d417cb3 | 317 | /* |
1159efaa | 318 | * AIX and Tru64 UNIX don't provide a prototype but do provide the function... |
2d417cb3 | 319 | */ |
320 | extern const char *hstrerror(int error); | |
321 | # endif /* !HAVE_HSTRERROR */ | |
322 | ||
846f45a0 | 323 | |
324 | /* | |
325 | * Some OS's don't have getifaddrs() and freeifaddrs()... | |
326 | */ | |
327 | ||
b1d20b15 | 328 | # if !defined(WIN32) && !defined(HAVE_GETIFADDRS) |
329 | # ifdef ifa_dstaddr | |
330 | # undef ifa_dstaddr | |
331 | # endif /* ifa_dstaddr */ | |
332 | # ifndef ifr_netmask | |
333 | # define ifr_netmask ifr_addr | |
334 | # endif /* !ifr_netmask */ | |
846f45a0 | 335 | |
336 | struct ifaddrs /**** Interface Structure ****/ | |
337 | { | |
338 | struct ifaddrs *ifa_next; /* Next interface in list */ | |
339 | char *ifa_name; /* Name of interface */ | |
340 | unsigned int ifa_flags; /* Flags (up, point-to-point, etc.) */ | |
341 | struct sockaddr *ifa_addr, /* Network address */ | |
7671e38d | 342 | *ifa_netmask; /* Address mask */ |
343 | union | |
344 | { | |
345 | struct sockaddr *ifu_broadaddr; /* Broadcast address of this interface. */ | |
346 | struct sockaddr *ifu_dstaddr; /* Point-to-point destination address. */ | |
347 | } ifa_ifu; | |
348 | ||
846f45a0 | 349 | void *ifa_data; /* Interface statistics */ |
350 | }; | |
351 | ||
b1d20b15 | 352 | # ifndef ifa_broadaddr |
353 | # define ifa_broadaddr ifa_ifu.ifu_broadaddr | |
354 | # endif /* !ifa_broadaddr */ | |
355 | # ifndef ifa_dstaddr | |
356 | # define ifa_dstaddr ifa_ifu.ifu_dstaddr | |
357 | # endif /* !ifa_dstaddr */ | |
7671e38d | 358 | |
425577ed | 359 | extern int _cups_getifaddrs(struct ifaddrs **addrs); |
b1d20b15 | 360 | # define getifaddrs _cups_getifaddrs |
425577ed | 361 | extern void _cups_freeifaddrs(struct ifaddrs *addrs); |
b1d20b15 | 362 | # define freeifaddrs _cups_freeifaddrs |
363 | # endif /* !WIN32 && !HAVE_GETIFADDRS */ | |
364 | ||
846f45a0 | 365 | |
96fa6605 | 366 | /* |
bb235d9a | 367 | * Prototypes... |
96fa6605 | 368 | */ |
369 | ||
f0aa54a1 | 370 | #define _httpAddrFamily(addrp) (addrp)->addr.sa_family |
bb235d9a | 371 | extern int _httpAddrPort(http_addr_t *addr); |
f0aa54a1 | 372 | extern void _httpAddrSetPort(http_addr_t *addr, int port); |
fc4935ca | 373 | extern char *_httpAssembleUUID(const char *server, int port, |
374 | const char *name, int number, | |
375 | char *buffer, size_t bufsize); | |
b9738d7c | 376 | extern http_tls_credentials_t |
377 | _httpConvertCredentials(cups_array_t *credentials); | |
9217ee14 | 378 | extern http_t *_httpCreate(const char *host, int port, |
cce0044f | 379 | http_addrlist_t *addrlist, |
380 | http_encryption_t encryption, | |
16f98e36 | 381 | int family); |
e491fdbc | 382 | extern char *_httpDecodeURI(char *dst, const char *src, |
383 | size_t dstsize); | |
fa7e8544 | 384 | extern void _httpDisconnect(http_t *http); |
012d7a28 | 385 | extern char *_httpEncodeURI(char *dst, const char *src, |
386 | size_t dstsize); | |
b9738d7c | 387 | extern void _httpFreeCredentials(http_tls_credentials_t credentials); |
fa7e8544 | 388 | extern ssize_t _httpPeek(http_t *http, char *buffer, size_t length); |
012d7a28 | 389 | extern const char *_httpResolveURI(const char *uri, char *resolved_uri, |
1c4d0a47 | 390 | size_t resolved_size, int options, |
71fa6b56 | 391 | int (*cb)(void *context), |
392 | void *context); | |
a3aff7d2 | 393 | extern void _httpSetTimeout(http_t *http, double timeout, |
394 | _http_timeout_cb_t cb, void *user_data); | |
205bf9e8 | 395 | extern int _httpUpdate(http_t *http, http_status_t *status); |
da97a504 | 396 | extern int _httpWait(http_t *http, int msec, int usessl); |
fa7e8544 | 397 | |
398 | ||
b1d20b15 | 399 | /* |
400 | * C++ magic... | |
401 | */ | |
402 | ||
403 | # ifdef __cplusplus | |
404 | } | |
405 | # endif /* __cplusplus */ | |
406 | ||
dd88778b | 407 | #endif /* !_CUPS_HTTP_PRIVATE_H_ */ |
408 | ||
409 | /* | |
c9d3f842 | 410 | * End of "$Id$". |
dd88778b | 411 | */ |