]>
Commit | Line | Data |
---|---|---|
ef416fc2 | 1 | /* |
e07d4801 | 2 | * "$Id: usersys.c 8498 2009-04-13 17:03:15Z mike $" |
ef416fc2 | 3 | * |
5a6b583a | 4 | * User, system, and password routines for CUPS. |
ef416fc2 | 5 | * |
12f89d24 | 6 | * Copyright 2007-2012 by Apple Inc. |
ef416fc2 | 7 | * Copyright 1997-2006 by Easy Software Products. |
8 | * | |
9 | * These coded instructions, statements, and computer programs are the | |
bc44d920 | 10 | * property of Apple Inc. and are protected by Federal copyright |
11 | * law. Distribution and use rights are outlined in the file "LICENSE.txt" | |
12 | * which should have been included with this file. If this file is | |
13 | * file is missing or damaged, see the license at "http://www.cups.org/". | |
ef416fc2 | 14 | * |
15 | * This file is subject to the Apple OS-Developed Software exception. | |
16 | * | |
17 | * Contents: | |
18 | * | |
5a6b583a | 19 | * cupsEncryption() - Get the current encryption settings. |
b423cd4c | 20 | * cupsGetPassword() - Get a password from the user. |
5a6b583a MS |
21 | * cupsGetPassword2() - Get a password from the user using the advanced |
22 | * password callback. | |
23 | * cupsServer() - Return the hostname/address of the current | |
e07d4801 | 24 | * server. |
7cf5915e | 25 | * cupsSetClientCertCB() - Set the client certificate callback. |
b423cd4c | 26 | * cupsSetEncryption() - Set the encryption preference. |
27 | * cupsSetPasswordCB() - Set the password callback for CUPS. | |
f11a948a | 28 | * cupsSetPasswordCB2() - Set the advanced password callback for CUPS. |
5a6b583a | 29 | * cupsSetServer() - Set the default server name and port. |
7cf5915e | 30 | * cupsSetServerCertCB() - Set the server certificate callback. |
b423cd4c | 31 | * cupsSetUser() - Set the default user name. |
e07d4801 | 32 | * cupsUser() - Return the current user's name. |
b423cd4c | 33 | * _cupsGetPassword() - Get a password from the user. |
eac3a0a0 | 34 | * _cupsGSSServiceName() - Get the GSS (Kerberos) service name. |
e07d4801 MS |
35 | * _cupsSetDefaults() - Set the default server, port, and encryption. |
36 | * cups_read_client_conf() - Read a client.conf file. | |
ef416fc2 | 37 | */ |
38 | ||
39 | /* | |
40 | * Include necessary headers... | |
41 | */ | |
42 | ||
71e16022 | 43 | #include "cups-private.h" |
ef416fc2 | 44 | #include <stdlib.h> |
e00b005a | 45 | #include <sys/stat.h> |
ef416fc2 | 46 | #ifdef WIN32 |
47 | # include <windows.h> | |
5a6b583a MS |
48 | #else |
49 | # include <pwd.h> | |
dcb445bc | 50 | # include <termios.h> |
ef416fc2 | 51 | #endif /* WIN32 */ |
52 | ||
53 | ||
dcb445bc MS |
54 | /* |
55 | * Local constants... | |
56 | */ | |
57 | ||
58 | #define _CUPS_PASSCHAR '*' /* Character that is echoed for password */ | |
59 | ||
60 | ||
b423cd4c | 61 | /* |
62 | * Local functions... | |
63 | */ | |
64 | ||
e07d4801 MS |
65 | static void cups_read_client_conf(cups_file_t *fp, |
66 | _cups_globals_t *cg, | |
67 | const char *cups_encryption, | |
7cf5915e | 68 | const char *cups_server, |
3e7fe0ca | 69 | const char *cups_user, |
07ed0e9a MS |
70 | #ifdef HAVE_GSSAPI |
71 | const char *cups_gssservicename, | |
72 | #endif /* HAVE_GSSAPI */ | |
7cf5915e MS |
73 | const char *cups_anyroot, |
74 | const char *cups_expiredroot, | |
75 | const char *cups_expiredcerts); | |
b423cd4c | 76 | |
77 | ||
ef416fc2 | 78 | /* |
5a6b583a | 79 | * 'cupsEncryption()' - Get the current encryption settings. |
ef416fc2 | 80 | * |
81 | * The default encryption setting comes from the CUPS_ENCRYPTION | |
568fa3fa | 82 | * environment variable, then the ~/.cups/client.conf file, and finally the |
ef416fc2 | 83 | * /etc/cups/client.conf file. If not set, the default is |
5a738aea | 84 | * @code HTTP_ENCRYPT_IF_REQUESTED@. |
5a6b583a MS |
85 | * |
86 | * Note: The current encryption setting is tracked separately for each thread | |
87 | * in a program. Multi-threaded programs that override the setting via the | |
88 | * @link cupsSetEncryption@ function need to do so in each thread for the same | |
89 | * setting to be used. | |
ef416fc2 | 90 | */ |
91 | ||
92 | http_encryption_t /* O - Encryption settings */ | |
93 | cupsEncryption(void) | |
94 | { | |
ef416fc2 | 95 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
96 | ||
97 | ||
ef416fc2 | 98 | if (cg->encryption == (http_encryption_t)-1) |
e07d4801 | 99 | _cupsSetDefaults(); |
ef416fc2 | 100 | |
101 | return (cg->encryption); | |
102 | } | |
103 | ||
104 | ||
105 | /* | |
106 | * 'cupsGetPassword()' - Get a password from the user. | |
107 | * | |
5a738aea | 108 | * Uses the current password callback function. Returns @code NULL@ if the |
ecdc0628 | 109 | * user does not provide a password. |
5a6b583a MS |
110 | * |
111 | * Note: The current password callback function is tracked separately for each | |
112 | * thread in a program. Multi-threaded programs that override the setting via | |
113 | * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to | |
114 | * do so in each thread for the same function to be used. | |
ef416fc2 | 115 | */ |
116 | ||
117 | const char * /* O - Password */ | |
118 | cupsGetPassword(const char *prompt) /* I - Prompt string */ | |
119 | { | |
f11a948a MS |
120 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
121 | ||
122 | ||
123 | return ((cg->password_cb)(prompt, NULL, NULL, NULL, cg->password_data)); | |
124 | } | |
125 | ||
126 | ||
127 | /* | |
128 | * 'cupsGetPassword2()' - Get a password from the user using the advanced | |
5a6b583a | 129 | * password callback. |
f11a948a MS |
130 | * |
131 | * Uses the current password callback function. Returns @code NULL@ if the | |
132 | * user does not provide a password. | |
133 | * | |
5a6b583a MS |
134 | * Note: The current password callback function is tracked separately for each |
135 | * thread in a program. Multi-threaded programs that override the setting via | |
136 | * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to | |
137 | * do so in each thread for the same function to be used. | |
138 | * | |
f3c17241 | 139 | * @since CUPS 1.4/OS X 10.6@ |
f11a948a MS |
140 | */ |
141 | ||
142 | const char * /* O - Password */ | |
143 | cupsGetPassword2(const char *prompt, /* I - Prompt string */ | |
144 | http_t *http, /* I - Connection to server or @code CUPS_HTTP_DEFAULT@ */ | |
145 | const char *method, /* I - Request method ("GET", "POST", "PUT") */ | |
146 | const char *resource) /* I - Resource path */ | |
147 | { | |
148 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
149 | ||
150 | ||
151 | if (!http) | |
152 | http = _cupsConnect(); | |
153 | ||
154 | return ((cg->password_cb)(prompt, http, method, resource, cg->password_data)); | |
ef416fc2 | 155 | } |
156 | ||
157 | ||
ef416fc2 | 158 | /* |
5a6b583a MS |
159 | * 'cupsServer()' - Return the hostname/address of the current server. |
160 | * | |
161 | * The default server comes from the CUPS_SERVER environment variable, then the | |
162 | * ~/.cups/client.conf file, and finally the /etc/cups/client.conf file. If not | |
163 | * set, the default is the local system - either "localhost" or a domain socket | |
164 | * path. | |
ef416fc2 | 165 | * |
5a6b583a MS |
166 | * The returned value can be a fully-qualified hostname, a numeric IPv4 or IPv6 |
167 | * address, or a domain socket pathname. | |
168 | * | |
169 | * Note: The current server is tracked separately for each thread in a program. | |
170 | * Multi-threaded programs that override the server via the | |
171 | * @link cupsSetServer@ function need to do so in each thread for the same | |
172 | * server to be used. | |
ef416fc2 | 173 | */ |
174 | ||
175 | const char * /* O - Server name */ | |
176 | cupsServer(void) | |
177 | { | |
ef416fc2 | 178 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
179 | ||
180 | ||
ef416fc2 | 181 | if (!cg->server[0]) |
e07d4801 | 182 | _cupsSetDefaults(); |
ef416fc2 | 183 | |
e07d4801 MS |
184 | return (cg->server); |
185 | } | |
ef416fc2 | 186 | |
d09495fa | 187 | |
7cf5915e MS |
188 | /* |
189 | * 'cupsSetClientCertCB()' - Set the client certificate callback. | |
190 | * | |
191 | * Pass @code NULL@ to restore the default callback. | |
192 | * | |
193 | * Note: The current certificate callback is tracked separately for each thread | |
194 | * in a program. Multi-threaded programs that override the callback need to do | |
195 | * so in each thread for the same callback to be used. | |
196 | * | |
f3c17241 | 197 | * @since CUPS 1.5/OS X 10.7@ |
7cf5915e MS |
198 | */ |
199 | ||
200 | void | |
201 | cupsSetClientCertCB( | |
202 | cups_client_cert_cb_t cb, /* I - Callback function */ | |
203 | void *user_data) /* I - User data pointer */ | |
204 | { | |
205 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
206 | ||
207 | ||
208 | cg->client_cert_cb = cb; | |
209 | cg->client_cert_data = user_data; | |
210 | } | |
211 | ||
212 | ||
213 | /* | |
214 | * 'cupsSetCredentials()' - Set the default credentials to be used for SSL/TLS | |
215 | * connections. | |
216 | * | |
217 | * Note: The default credentials are tracked separately for each thread in a | |
218 | * program. Multi-threaded programs that override the setting need to do so in | |
219 | * each thread for the same setting to be used. | |
220 | * | |
f3c17241 | 221 | * @since CUPS 1.5/OS X 10.7@ |
7cf5915e MS |
222 | */ |
223 | ||
224 | int /* O - Status of call (0 = success) */ | |
225 | cupsSetCredentials( | |
226 | cups_array_t *credentials) /* I - Array of credentials */ | |
227 | { | |
228 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
229 | ||
230 | ||
231 | if (cupsArrayCount(credentials) < 1) | |
232 | return (-1); | |
233 | ||
234 | _httpFreeCredentials(cg->tls_credentials); | |
85dda01c | 235 | cg->tls_credentials = _httpCreateCredentials(credentials); |
7cf5915e MS |
236 | |
237 | return (cg->tls_credentials ? 0 : -1); | |
238 | } | |
239 | ||
240 | ||
e07d4801 MS |
241 | /* |
242 | * 'cupsSetEncryption()' - Set the encryption preference. | |
5a6b583a MS |
243 | * |
244 | * The default encryption setting comes from the CUPS_ENCRYPTION | |
245 | * environment variable, then the ~/.cups/client.conf file, and finally the | |
246 | * /etc/cups/client.conf file. If not set, the default is | |
247 | * @code HTTP_ENCRYPT_IF_REQUESTED@. | |
248 | * | |
249 | * Note: The current encryption setting is tracked separately for each thread | |
250 | * in a program. Multi-threaded programs that override the setting need to do | |
251 | * so in each thread for the same setting to be used. | |
e07d4801 | 252 | */ |
ef416fc2 | 253 | |
e07d4801 MS |
254 | void |
255 | cupsSetEncryption(http_encryption_t e) /* I - New encryption preference */ | |
256 | { | |
257 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
ef416fc2 | 258 | |
ef416fc2 | 259 | |
e07d4801 | 260 | cg->encryption = e; |
ef416fc2 | 261 | |
e07d4801 MS |
262 | if (cg->http) |
263 | httpEncryption(cg->http, e); | |
ef416fc2 | 264 | } |
265 | ||
266 | ||
267 | /* | |
268 | * 'cupsSetPasswordCB()' - Set the password callback for CUPS. | |
269 | * | |
5a6b583a MS |
270 | * Pass @code NULL@ to restore the default (console) password callback, which |
271 | * reads the password from the console. Programs should call either this | |
272 | * function or @link cupsSetPasswordCB2@, as only one callback can be registered | |
273 | * by a program per thread. | |
274 | * | |
275 | * Note: The current password callback is tracked separately for each thread | |
276 | * in a program. Multi-threaded programs that override the callback need to do | |
277 | * so in each thread for the same callback to be used. | |
ef416fc2 | 278 | */ |
279 | ||
280 | void | |
281 | cupsSetPasswordCB(cups_password_cb_t cb)/* I - Callback function */ | |
282 | { | |
283 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
284 | ||
285 | ||
f11a948a MS |
286 | if (cb == (cups_password_cb_t)0) |
287 | cg->password_cb = (cups_password_cb2_t)_cupsGetPassword; | |
288 | else | |
289 | cg->password_cb = (cups_password_cb2_t)cb; | |
290 | ||
291 | cg->password_data = NULL; | |
292 | } | |
293 | ||
294 | ||
295 | /* | |
296 | * 'cupsSetPasswordCB2()' - Set the advanced password callback for CUPS. | |
297 | * | |
5a6b583a MS |
298 | * Pass @code NULL@ to restore the default (console) password callback, which |
299 | * reads the password from the console. Programs should call either this | |
300 | * function or @link cupsSetPasswordCB2@, as only one callback can be registered | |
301 | * by a program per thread. | |
302 | * | |
303 | * Note: The current password callback is tracked separately for each thread | |
304 | * in a program. Multi-threaded programs that override the callback need to do | |
305 | * so in each thread for the same callback to be used. | |
f11a948a | 306 | * |
f3c17241 | 307 | * @since CUPS 1.4/OS X 10.6@ |
f11a948a MS |
308 | */ |
309 | ||
310 | void | |
311 | cupsSetPasswordCB2( | |
312 | cups_password_cb2_t cb, /* I - Callback function */ | |
313 | void *user_data) /* I - User data pointer */ | |
314 | { | |
315 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
316 | ||
317 | ||
318 | if (cb == (cups_password_cb2_t)0) | |
319 | cg->password_cb = (cups_password_cb2_t)_cupsGetPassword; | |
ef416fc2 | 320 | else |
321 | cg->password_cb = cb; | |
f11a948a MS |
322 | |
323 | cg->password_data = user_data; | |
ef416fc2 | 324 | } |
325 | ||
326 | ||
327 | /* | |
5a6b583a | 328 | * 'cupsSetServer()' - Set the default server name and port. |
ef416fc2 | 329 | * |
330 | * The "server" string can be a fully-qualified hostname, a numeric | |
5a6b583a MS |
331 | * IPv4 or IPv6 address, or a domain socket pathname. Hostnames and numeric IP |
332 | * addresses can be optionally followed by a colon and port number to override | |
333 | * the default port 631, e.g. "hostname:8631". Pass @code NULL@ to restore the | |
334 | * default server name and port. | |
335 | * | |
336 | * Note: The current server is tracked separately for each thread in a program. | |
337 | * Multi-threaded programs that override the server need to do so in each | |
338 | * thread for the same server to be used. | |
ef416fc2 | 339 | */ |
340 | ||
341 | void | |
342 | cupsSetServer(const char *server) /* I - Server name */ | |
343 | { | |
344 | char *port; /* Pointer to port */ | |
345 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
346 | ||
347 | ||
348 | if (server) | |
349 | { | |
350 | strlcpy(cg->server, server, sizeof(cg->server)); | |
351 | ||
352 | if (cg->server[0] != '/' && (port = strrchr(cg->server, ':')) != NULL && | |
353 | !strchr(port, ']') && isdigit(port[1] & 255)) | |
354 | { | |
355 | *port++ = '\0'; | |
356 | ||
e07d4801 | 357 | cg->ipp_port = atoi(port); |
ef416fc2 | 358 | } |
359 | ||
360 | if (cg->server[0] == '/') | |
361 | strcpy(cg->servername, "localhost"); | |
362 | else | |
363 | strlcpy(cg->servername, cg->server, sizeof(cg->servername)); | |
364 | } | |
365 | else | |
366 | { | |
367 | cg->server[0] = '\0'; | |
368 | cg->servername[0] = '\0'; | |
369 | } | |
5a738aea MS |
370 | |
371 | if (cg->http) | |
372 | { | |
373 | httpClose(cg->http); | |
374 | cg->http = NULL; | |
375 | } | |
ef416fc2 | 376 | } |
377 | ||
378 | ||
7cf5915e MS |
379 | /* |
380 | * 'cupsSetServerCertCB()' - Set the server certificate callback. | |
381 | * | |
382 | * Pass @code NULL@ to restore the default callback. | |
383 | * | |
384 | * Note: The current credentials callback is tracked separately for each thread | |
385 | * in a program. Multi-threaded programs that override the callback need to do | |
386 | * so in each thread for the same callback to be used. | |
387 | * | |
f3c17241 | 388 | * @since CUPS 1.5/OS X 10.7@ |
7cf5915e MS |
389 | */ |
390 | ||
391 | void | |
392 | cupsSetServerCertCB( | |
393 | cups_server_cert_cb_t cb, /* I - Callback function */ | |
394 | void *user_data) /* I - User data pointer */ | |
395 | { | |
396 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
397 | ||
398 | ||
399 | cg->server_cert_cb = cb; | |
400 | cg->server_cert_data = user_data; | |
401 | } | |
402 | ||
403 | ||
ef416fc2 | 404 | /* |
405 | * 'cupsSetUser()' - Set the default user name. | |
406 | * | |
5a738aea | 407 | * Pass @code NULL@ to restore the default user name. |
5a6b583a MS |
408 | * |
409 | * Note: The current user name is tracked separately for each thread in a | |
410 | * program. Multi-threaded programs that override the user name need to do so | |
411 | * in each thread for the same user name to be used. | |
ef416fc2 | 412 | */ |
413 | ||
414 | void | |
415 | cupsSetUser(const char *user) /* I - User name */ | |
416 | { | |
417 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
418 | ||
419 | ||
420 | if (user) | |
421 | strlcpy(cg->user, user, sizeof(cg->user)); | |
422 | else | |
423 | cg->user[0] = '\0'; | |
424 | } | |
425 | ||
426 | ||
ef416fc2 | 427 | /* |
428 | * 'cupsUser()' - Return the current user's name. | |
5a6b583a MS |
429 | * |
430 | * Note: The current user name is tracked separately for each thread in a | |
431 | * program. Multi-threaded programs that override the user name with the | |
432 | * @link cupsSetUser@ function need to do so in each thread for the same user | |
433 | * name to be used. | |
ef416fc2 | 434 | */ |
435 | ||
436 | const char * /* O - User name */ | |
437 | cupsUser(void) | |
438 | { | |
439 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
440 | ||
441 | ||
442 | if (!cg->user[0]) | |
3e7fe0ca | 443 | _cupsSetDefaults(); |
ef416fc2 | 444 | |
445 | return (cg->user); | |
446 | } | |
447 | ||
448 | ||
449 | /* | |
450 | * '_cupsGetPassword()' - Get a password from the user. | |
451 | */ | |
452 | ||
dcb445bc | 453 | const char * /* O - Password or @code NULL@ if none */ |
ef416fc2 | 454 | _cupsGetPassword(const char *prompt) /* I - Prompt string */ |
455 | { | |
5a6b583a | 456 | #ifdef WIN32 |
dcb445bc MS |
457 | HANDLE tty; /* Console handle */ |
458 | DWORD mode; /* Console mode */ | |
459 | char passch, /* Current key press */ | |
460 | *passptr, /* Pointer into password string */ | |
461 | *passend; /* End of password string */ | |
12f89d24 | 462 | DWORD passbytes; /* Bytes read */ |
dcb445bc MS |
463 | _cups_globals_t *cg = _cupsGlobals(); |
464 | /* Thread globals */ | |
465 | ||
466 | ||
5a6b583a | 467 | /* |
dcb445bc | 468 | * Disable input echo and set raw input... |
5a6b583a MS |
469 | */ |
470 | ||
dcb445bc MS |
471 | if ((tty = GetStdHandle(STD_INPUT_HANDLE)) == INVALID_HANDLE_VALUE) |
472 | return (NULL); | |
473 | ||
474 | if (!GetConsoleMode(tty, &mode)) | |
475 | return (NULL); | |
476 | ||
477 | if (!SetConsoleMode(tty, 0)) | |
478 | return (NULL); | |
479 | ||
480 | /* | |
481 | * Display the prompt... | |
482 | */ | |
483 | ||
484 | printf("%s ", prompt); | |
485 | fflush(stdout); | |
486 | ||
487 | /* | |
488 | * Read the password string from /dev/tty until we get interrupted or get a | |
489 | * carriage return or newline... | |
490 | */ | |
491 | ||
492 | passptr = cg->password; | |
493 | passend = cg->password + sizeof(cg->password) - 1; | |
494 | ||
12f89d24 | 495 | while (ReadFile(tty, &passch, 1, &passbytes, NULL)) |
dcb445bc MS |
496 | { |
497 | if (passch == 0x0A || passch == 0x0D) | |
498 | { | |
499 | /* | |
500 | * Enter/return... | |
501 | */ | |
502 | ||
503 | break; | |
504 | } | |
505 | else if (passch == 0x08 || passch == 0x7F) | |
506 | { | |
507 | /* | |
508 | * Backspace/delete (erase character)... | |
509 | */ | |
510 | ||
511 | if (passptr > cg->password) | |
512 | { | |
513 | passptr --; | |
514 | fputs("\010 \010", stdout); | |
515 | } | |
516 | else | |
517 | putchar(0x07); | |
518 | } | |
519 | else if (passch == 0x15) | |
520 | { | |
521 | /* | |
522 | * CTRL+U (erase line) | |
523 | */ | |
524 | ||
525 | if (passptr > cg->password) | |
526 | { | |
527 | while (passptr > cg->password) | |
528 | { | |
529 | passptr --; | |
530 | fputs("\010 \010", stdout); | |
531 | } | |
532 | } | |
533 | else | |
534 | putchar(0x07); | |
535 | } | |
536 | else if (passch == 0x03) | |
537 | { | |
538 | /* | |
539 | * CTRL+C... | |
540 | */ | |
541 | ||
542 | passptr = cg->password; | |
543 | break; | |
544 | } | |
545 | else if ((passch & 255) < 0x20 || passptr >= passend) | |
546 | putchar(0x07); | |
547 | else | |
548 | { | |
549 | *passptr++ = passch; | |
550 | putchar(_CUPS_PASSCHAR); | |
551 | } | |
552 | ||
553 | fflush(stdout); | |
554 | } | |
555 | ||
556 | putchar('\n'); | |
557 | fflush(stdout); | |
558 | ||
559 | /* | |
560 | * Cleanup... | |
561 | */ | |
562 | ||
563 | SetConsoleMode(tty, mode); | |
564 | ||
565 | /* | |
566 | * Return the proper value... | |
567 | */ | |
568 | ||
569 | if (passbytes == 1 && passptr > cg->password) | |
570 | { | |
571 | *passptr = '\0'; | |
572 | return (cg->password); | |
573 | } | |
574 | else | |
575 | { | |
576 | memset(cg->password, 0, sizeof(cg->password)); | |
577 | return (NULL); | |
578 | } | |
5a6b583a MS |
579 | |
580 | #else | |
dcb445bc MS |
581 | int tty; /* /dev/tty - never read from stdin */ |
582 | struct termios original, /* Original input mode */ | |
583 | noecho; /* No echo input mode */ | |
584 | char passch, /* Current key press */ | |
585 | *passptr, /* Pointer into password string */ | |
586 | *passend; /* End of password string */ | |
587 | ssize_t passbytes; /* Bytes read */ | |
588 | _cups_globals_t *cg = _cupsGlobals(); | |
589 | /* Thread globals */ | |
590 | ||
591 | ||
5a6b583a | 592 | /* |
dcb445bc | 593 | * Disable input echo and set raw input... |
5a6b583a MS |
594 | */ |
595 | ||
dcb445bc MS |
596 | if ((tty = open("/dev/tty", O_RDONLY)) < 0) |
597 | return (NULL); | |
598 | ||
599 | if (tcgetattr(tty, &original)) | |
600 | { | |
601 | close(tty); | |
602 | return (NULL); | |
603 | } | |
604 | ||
605 | noecho = original; | |
606 | noecho.c_lflag &= ~(ICANON | ECHO | ECHOE | ISIG); | |
7cf5915e | 607 | |
dcb445bc MS |
608 | if (tcsetattr(tty, TCSAFLUSH, &noecho)) |
609 | { | |
610 | close(tty); | |
7cf5915e | 611 | return (NULL); |
dcb445bc MS |
612 | } |
613 | ||
614 | /* | |
615 | * Display the prompt... | |
616 | */ | |
617 | ||
618 | printf("%s ", prompt); | |
619 | fflush(stdout); | |
620 | ||
621 | /* | |
622 | * Read the password string from /dev/tty until we get interrupted or get a | |
623 | * carriage return or newline... | |
624 | */ | |
625 | ||
626 | passptr = cg->password; | |
627 | passend = cg->password + sizeof(cg->password) - 1; | |
628 | ||
629 | while ((passbytes = read(tty, &passch, 1)) == 1) | |
630 | { | |
631 | if (passch == noecho.c_cc[VEOL] || passch == noecho.c_cc[VEOL2] || | |
632 | passch == 0x0A || passch == 0x0D) | |
633 | { | |
634 | /* | |
635 | * Enter/return... | |
636 | */ | |
637 | ||
638 | break; | |
639 | } | |
640 | else if (passch == noecho.c_cc[VERASE] || | |
641 | passch == 0x08 || passch == 0x7F) | |
642 | { | |
643 | /* | |
644 | * Backspace/delete (erase character)... | |
645 | */ | |
646 | ||
647 | if (passptr > cg->password) | |
648 | { | |
649 | passptr --; | |
650 | fputs("\010 \010", stdout); | |
651 | } | |
652 | else | |
653 | putchar(0x07); | |
654 | } | |
655 | else if (passch == noecho.c_cc[VKILL]) | |
656 | { | |
657 | /* | |
658 | * CTRL+U (erase line) | |
659 | */ | |
660 | ||
661 | if (passptr > cg->password) | |
662 | { | |
663 | while (passptr > cg->password) | |
664 | { | |
665 | passptr --; | |
666 | fputs("\010 \010", stdout); | |
667 | } | |
668 | } | |
669 | else | |
670 | putchar(0x07); | |
671 | } | |
672 | else if (passch == noecho.c_cc[VINTR] || passch == noecho.c_cc[VQUIT] || | |
673 | passch == noecho.c_cc[VEOF]) | |
674 | { | |
675 | /* | |
676 | * CTRL+C, CTRL+D, or CTRL+Z... | |
677 | */ | |
678 | ||
679 | passptr = cg->password; | |
680 | break; | |
681 | } | |
682 | else if ((passch & 255) < 0x20 || passptr >= passend) | |
683 | putchar(0x07); | |
684 | else | |
685 | { | |
686 | *passptr++ = passch; | |
687 | putchar(_CUPS_PASSCHAR); | |
688 | } | |
689 | ||
690 | fflush(stdout); | |
691 | } | |
692 | ||
693 | putchar('\n'); | |
694 | fflush(stdout); | |
695 | ||
696 | /* | |
697 | * Cleanup... | |
698 | */ | |
699 | ||
700 | tcsetattr(tty, TCSAFLUSH, &original); | |
701 | close(tty); | |
702 | ||
703 | /* | |
704 | * Return the proper value... | |
705 | */ | |
706 | ||
707 | if (passbytes == 1 && passptr > cg->password) | |
708 | { | |
709 | *passptr = '\0'; | |
710 | return (cg->password); | |
711 | } | |
7cf5915e | 712 | else |
dcb445bc MS |
713 | { |
714 | memset(cg->password, 0, sizeof(cg->password)); | |
715 | return (NULL); | |
716 | } | |
ef416fc2 | 717 | #endif /* WIN32 */ |
5a6b583a | 718 | } |
ef416fc2 | 719 | |
720 | ||
eac3a0a0 MS |
721 | #ifdef HAVE_GSSAPI |
722 | /* | |
723 | * '_cupsGSSServiceName()' - Get the GSS (Kerberos) service name. | |
724 | */ | |
725 | ||
726 | const char * | |
727 | _cupsGSSServiceName(void) | |
728 | { | |
729 | _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */ | |
730 | ||
731 | ||
732 | if (!cg->gss_service_name[0]) | |
733 | _cupsSetDefaults(); | |
734 | ||
735 | return (cg->gss_service_name); | |
736 | } | |
737 | #endif /* HAVE_GSSAPI */ | |
738 | ||
739 | ||
ef416fc2 | 740 | /* |
e07d4801 | 741 | * '_cupsSetDefaults()' - Set the default server, port, and encryption. |
b423cd4c | 742 | */ |
743 | ||
e07d4801 MS |
744 | void |
745 | _cupsSetDefaults(void) | |
b423cd4c | 746 | { |
747 | cups_file_t *fp; /* File */ | |
e07d4801 MS |
748 | const char *home, /* Home directory of user */ |
749 | *cups_encryption, /* CUPS_ENCRYPTION env var */ | |
7cf5915e | 750 | *cups_server, /* CUPS_SERVER env var */ |
3e7fe0ca | 751 | *cups_user, /* CUPS_USER/USER env var */ |
07ed0e9a MS |
752 | #ifdef HAVE_GSSAPI |
753 | *cups_gssservicename, /* CUPS_GSSSERVICENAME env var */ | |
754 | #endif /* HAVE_GSSAPI */ | |
7cf5915e MS |
755 | *cups_anyroot, /* CUPS_ANYROOT env var */ |
756 | *cups_expiredroot, /* CUPS_EXPIREDROOT env var */ | |
757 | *cups_expiredcerts; /* CUPS_EXPIREDCERTS env var */ | |
b423cd4c | 758 | char filename[1024]; /* Filename */ |
759 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
760 | ||
761 | ||
e07d4801 MS |
762 | DEBUG_puts("_cupsSetDefaults()"); |
763 | ||
764 | /* | |
765 | * First collect environment variables... | |
766 | */ | |
767 | ||
07ed0e9a MS |
768 | cups_encryption = getenv("CUPS_ENCRYPTION"); |
769 | cups_server = getenv("CUPS_SERVER"); | |
770 | #ifdef HAVE_GSSAPI | |
771 | cups_gssservicename = getenv("CUPS_GSSSERVICENAME"); | |
772 | #endif /* HAVE_GSSAPI */ | |
773 | cups_anyroot = getenv("CUPS_ANYROOT"); | |
774 | cups_expiredroot = getenv("CUPS_EXPIREDROOT"); | |
775 | cups_expiredcerts = getenv("CUPS_EXPIREDCERTS"); | |
e07d4801 | 776 | |
3e7fe0ca MS |
777 | if ((cups_user = getenv("CUPS_USER")) == NULL) |
778 | cups_user = getenv("USER"); | |
779 | ||
e07d4801 | 780 | /* |
10d09e33 MS |
781 | * Then, if needed, read the ~/.cups/client.conf or /etc/cups/client.conf |
782 | * files to get the default values... | |
e07d4801 MS |
783 | */ |
784 | ||
e07d4801 | 785 | if (cg->encryption == (http_encryption_t)-1 || !cg->server[0] || |
3e7fe0ca | 786 | !cg->user[0] || !cg->ipp_port) |
e07d4801 | 787 | { |
10d09e33 | 788 | if ((home = getenv("HOME")) != NULL) |
d09495fa | 789 | { |
10d09e33 MS |
790 | /* |
791 | * Look for ~/.cups/client.conf... | |
792 | */ | |
e07d4801 | 793 | |
10d09e33 MS |
794 | snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home); |
795 | fp = cupsFileOpen(filename, "r"); | |
796 | } | |
797 | else | |
798 | fp = NULL; | |
e07d4801 | 799 | |
10d09e33 | 800 | if (!fp) |
e07d4801 | 801 | { |
e07d4801 | 802 | /* |
10d09e33 | 803 | * Look for CUPS_SERVERROOT/client.conf... |
e07d4801 MS |
804 | */ |
805 | ||
10d09e33 MS |
806 | snprintf(filename, sizeof(filename), "%s/client.conf", |
807 | cg->cups_serverroot); | |
808 | fp = cupsFileOpen(filename, "r"); | |
e07d4801 MS |
809 | } |
810 | ||
10d09e33 MS |
811 | /* |
812 | * Read the configuration file and apply any environment variables; both | |
813 | * functions handle NULL cups_file_t pointers... | |
814 | */ | |
e07d4801 | 815 | |
3e7fe0ca | 816 | cups_read_client_conf(fp, cg, cups_encryption, cups_server, cups_user, |
07ed0e9a MS |
817 | #ifdef HAVE_GSSAPI |
818 | cups_gssservicename, | |
819 | #endif /* HAVE_GSSAPI */ | |
10d09e33 MS |
820 | cups_anyroot, cups_expiredroot, |
821 | cups_expiredcerts); | |
822 | cupsFileClose(fp); | |
e07d4801 MS |
823 | } |
824 | } | |
825 | ||
826 | ||
827 | /* | |
828 | * 'cups_read_client_conf()' - Read a client.conf file. | |
829 | */ | |
830 | ||
831 | static void | |
832 | cups_read_client_conf( | |
833 | cups_file_t *fp, /* I - File to read */ | |
834 | _cups_globals_t *cg, /* I - Global data */ | |
835 | const char *cups_encryption, /* I - CUPS_ENCRYPTION env var */ | |
7cf5915e | 836 | const char *cups_server, /* I - CUPS_SERVER env var */ |
3e7fe0ca | 837 | const char *cups_user, /* I - CUPS_USER env var */ |
07ed0e9a MS |
838 | #ifdef HAVE_GSSAPI |
839 | const char *cups_gssservicename, | |
840 | /* I - CUPS_GSSSERVICENAME env var */ | |
841 | #endif /* HAVE_GSSAPI */ | |
7cf5915e MS |
842 | const char *cups_anyroot, /* I - CUPS_ANYROOT env var */ |
843 | const char *cups_expiredroot, /* I - CUPS_EXPIREDROOT env var */ | |
844 | const char *cups_expiredcerts) /* I - CUPS_EXPIREDCERTS env var */ | |
e07d4801 MS |
845 | { |
846 | int linenum; /* Current line number */ | |
847 | char line[1024], /* Line from file */ | |
848 | *value, /* Pointer into line */ | |
849 | encryption[1024], /* Encryption value */ | |
85dda01c | 850 | #ifndef __APPLE__ |
7cf5915e | 851 | server_name[1024], /* ServerName value */ |
85dda01c | 852 | #endif /* !__APPLE__ */ |
3e7fe0ca | 853 | user[256], /* User value */ |
7cf5915e MS |
854 | any_root[1024], /* AllowAnyRoot value */ |
855 | expired_root[1024], /* AllowExpiredRoot value */ | |
856 | expired_certs[1024]; /* AllowExpiredCerts value */ | |
07ed0e9a MS |
857 | #ifdef HAVE_GSSAPI |
858 | char gss_service_name[32]; /* GSSServiceName value */ | |
859 | #endif /* HAVE_GSSAPI */ | |
e07d4801 MS |
860 | |
861 | ||
862 | /* | |
863 | * Read from the file... | |
864 | */ | |
865 | ||
866 | linenum = 0; | |
867 | while (cupsFileGetConf(fp, line, sizeof(line), &value, &linenum)) | |
868 | { | |
869 | if (!cups_encryption && cg->encryption == (http_encryption_t)-1 && | |
88f9aafc | 870 | !_cups_strcasecmp(line, "Encryption") && value) |
e07d4801 MS |
871 | { |
872 | strlcpy(encryption, value, sizeof(encryption)); | |
873 | cups_encryption = encryption; | |
874 | } | |
85dda01c MS |
875 | #ifndef __APPLE__ |
876 | /* | |
f3c17241 | 877 | * The Server directive is not supported on OS X due to app sandboxing |
85dda01c MS |
878 | * restrictions, i.e. not all apps request network access. |
879 | */ | |
e07d4801 | 880 | else if (!cups_server && (!cg->server[0] || !cg->ipp_port) && |
88f9aafc | 881 | !_cups_strcasecmp(line, "ServerName") && value) |
e07d4801 MS |
882 | { |
883 | strlcpy(server_name, value, sizeof(server_name)); | |
884 | cups_server = server_name; | |
885 | } | |
85dda01c | 886 | #endif /* !__APPLE__ */ |
3e7fe0ca MS |
887 | else if (!cups_user && !_cups_strcasecmp(line, "User") && value) |
888 | { | |
889 | strlcpy(user, value, sizeof(user)); | |
890 | cups_user = user; | |
891 | } | |
88f9aafc | 892 | else if (!cups_anyroot && !_cups_strcasecmp(line, "AllowAnyRoot") && value) |
7cf5915e MS |
893 | { |
894 | strlcpy(any_root, value, sizeof(any_root)); | |
895 | cups_anyroot = any_root; | |
896 | } | |
88f9aafc | 897 | else if (!cups_expiredroot && !_cups_strcasecmp(line, "AllowExpiredRoot") && |
7cf5915e MS |
898 | value) |
899 | { | |
900 | strlcpy(expired_root, value, sizeof(expired_root)); | |
901 | cups_expiredroot = expired_root; | |
902 | } | |
88f9aafc | 903 | else if (!cups_expiredcerts && !_cups_strcasecmp(line, "AllowExpiredCerts") && |
7cf5915e MS |
904 | value) |
905 | { | |
906 | strlcpy(expired_certs, value, sizeof(expired_certs)); | |
907 | cups_expiredcerts = expired_certs; | |
908 | } | |
07ed0e9a | 909 | #ifdef HAVE_GSSAPI |
88f9aafc | 910 | else if (!cups_gssservicename && !_cups_strcasecmp(line, "GSSServiceName") && |
07ed0e9a MS |
911 | value) |
912 | { | |
913 | strlcpy(gss_service_name, value, sizeof(gss_service_name)); | |
914 | cups_gssservicename = gss_service_name; | |
915 | } | |
916 | #endif /* HAVE_GSSAPI */ | |
e07d4801 MS |
917 | } |
918 | ||
919 | /* | |
920 | * Set values... | |
921 | */ | |
922 | ||
923 | if (cg->encryption == (http_encryption_t)-1 && cups_encryption) | |
924 | { | |
88f9aafc | 925 | if (!_cups_strcasecmp(cups_encryption, "never")) |
e07d4801 | 926 | cg->encryption = HTTP_ENCRYPT_NEVER; |
88f9aafc | 927 | else if (!_cups_strcasecmp(cups_encryption, "always")) |
e07d4801 | 928 | cg->encryption = HTTP_ENCRYPT_ALWAYS; |
88f9aafc | 929 | else if (!_cups_strcasecmp(cups_encryption, "required")) |
e07d4801 MS |
930 | cg->encryption = HTTP_ENCRYPT_REQUIRED; |
931 | else | |
932 | cg->encryption = HTTP_ENCRYPT_IF_REQUESTED; | |
b423cd4c | 933 | } |
934 | ||
e07d4801 MS |
935 | if ((!cg->server[0] || !cg->ipp_port) && cups_server) |
936 | { | |
937 | if (!cg->server[0]) | |
938 | { | |
939 | /* | |
940 | * Copy server name... | |
941 | */ | |
942 | ||
943 | strlcpy(cg->server, cups_server, sizeof(cg->server)); | |
944 | ||
945 | if (cg->server[0] != '/' && (value = strrchr(cg->server, ':')) != NULL && | |
946 | !strchr(value, ']') && isdigit(value[1] & 255)) | |
947 | *value++ = '\0'; | |
948 | else | |
949 | value = NULL; | |
950 | ||
951 | if (cg->server[0] == '/') | |
952 | strcpy(cg->servername, "localhost"); | |
953 | else | |
954 | strlcpy(cg->servername, cg->server, sizeof(cg->servername)); | |
955 | } | |
956 | else if (cups_server[0] != '/' && | |
957 | (value = strrchr(cups_server, ':')) != NULL && | |
958 | !strchr(value, ']') && isdigit(value[1] & 255)) | |
959 | value ++; | |
960 | else | |
961 | value = NULL; | |
962 | ||
963 | if (!cg->ipp_port && value) | |
964 | cg->ipp_port = atoi(value); | |
965 | } | |
7cf5915e | 966 | |
10d09e33 MS |
967 | if (!cg->server[0]) |
968 | { | |
969 | #ifdef CUPS_DEFAULT_DOMAINSOCKET | |
970 | /* | |
971 | * If we are compiled with domain socket support, only use the | |
972 | * domain socket if it exists and has the right permissions... | |
973 | */ | |
974 | ||
975 | struct stat sockinfo; /* Domain socket information */ | |
976 | ||
977 | if (!stat(CUPS_DEFAULT_DOMAINSOCKET, &sockinfo) && | |
978 | (sockinfo.st_mode & S_IRWXO) == S_IRWXO) | |
979 | cups_server = CUPS_DEFAULT_DOMAINSOCKET; | |
980 | else | |
981 | #endif /* CUPS_DEFAULT_DOMAINSOCKET */ | |
982 | cups_server = "localhost"; | |
983 | ||
984 | cupsSetServer(cups_server); | |
985 | } | |
986 | ||
987 | if (!cg->ipp_port) | |
988 | { | |
88f9aafc | 989 | const char *ipp_port; /* IPP_PORT environment variable */ |
10d09e33 MS |
990 | |
991 | if ((ipp_port = getenv("IPP_PORT")) != NULL) | |
992 | { | |
993 | if ((cg->ipp_port = atoi(ipp_port)) <= 0) | |
994 | cg->ipp_port = CUPS_DEFAULT_IPP_PORT; | |
995 | } | |
10d09e33 | 996 | else |
88f9aafc | 997 | cg->ipp_port = CUPS_DEFAULT_IPP_PORT; |
10d09e33 MS |
998 | } |
999 | ||
3e7fe0ca MS |
1000 | if (!cg->user[0]) |
1001 | { | |
1002 | if (cups_user) | |
1003 | strlcpy(cg->user, cups_user, sizeof(cg->user)); | |
1004 | else | |
1005 | { | |
1006 | #ifdef WIN32 | |
1007 | /* | |
1008 | * Get the current user name from the OS... | |
1009 | */ | |
1010 | ||
1011 | DWORD size; /* Size of string */ | |
1012 | ||
1013 | size = sizeof(cg->user); | |
1014 | if (!GetUserName(cg->user, &size)) | |
1015 | #else | |
1016 | /* | |
1017 | * Get the user name corresponding to the current UID... | |
1018 | */ | |
1019 | ||
1020 | struct passwd *pwd; /* User/password entry */ | |
1021 | ||
1022 | setpwent(); | |
1023 | if ((pwd = getpwuid(getuid())) != NULL) | |
1024 | { | |
1025 | /* | |
1026 | * Found a match! | |
1027 | */ | |
1028 | ||
1029 | strlcpy(cg->user, pwd->pw_name, sizeof(cg->user)); | |
1030 | } | |
1031 | else | |
1032 | #endif /* WIN32 */ | |
1033 | { | |
1034 | /* | |
1035 | * Use the default "unknown" user name... | |
1036 | */ | |
1037 | ||
1038 | strcpy(cg->user, "unknown"); | |
1039 | } | |
1040 | } | |
1041 | } | |
1042 | ||
07ed0e9a MS |
1043 | #ifdef HAVE_GSSAPI |
1044 | if (!cups_gssservicename) | |
1045 | cups_gssservicename = CUPS_DEFAULT_GSSSERVICENAME; | |
1046 | ||
1047 | strlcpy(cg->gss_service_name, cups_gssservicename, | |
1048 | sizeof(cg->gss_service_name)); | |
1049 | #endif /* HAVE_GSSAPI */ | |
1050 | ||
7cf5915e | 1051 | if (cups_anyroot) |
88f9aafc MS |
1052 | cg->any_root = !_cups_strcasecmp(cups_anyroot, "yes") || |
1053 | !_cups_strcasecmp(cups_anyroot, "on") || | |
1054 | !_cups_strcasecmp(cups_anyroot, "true"); | |
7cf5915e MS |
1055 | |
1056 | if (cups_expiredroot) | |
88f9aafc MS |
1057 | cg->expired_root = !_cups_strcasecmp(cups_expiredroot, "yes") || |
1058 | !_cups_strcasecmp(cups_expiredroot, "on") || | |
1059 | !_cups_strcasecmp(cups_expiredroot, "true"); | |
7cf5915e MS |
1060 | |
1061 | if (cups_expiredcerts) | |
88f9aafc MS |
1062 | cg->expired_certs = !_cups_strcasecmp(cups_expiredcerts, "yes") || |
1063 | !_cups_strcasecmp(cups_expiredcerts, "on") || | |
1064 | !_cups_strcasecmp(cups_expiredcerts, "true"); | |
b423cd4c | 1065 | } |
1066 | ||
1067 | ||
1068 | /* | |
e07d4801 | 1069 | * End of "$Id: usersys.c 8498 2009-04-13 17:03:15Z mike $". |
ef416fc2 | 1070 | */ |