]>
Commit | Line | Data |
---|---|---|
824bac0b | 1 | /* |
c9d3f842 | 2 | * "$Id$" |
824bac0b | 3 | * |
fd8b1cf8 | 4 | * Authorization definitions for the Common UNIX Printing System (CUPS) |
5 | * scheduler. | |
824bac0b | 6 | * |
c9d3f842 | 7 | * Copyright 1997-2005 by Easy Software Products, all rights reserved. |
824bac0b | 8 | * |
9 | * These coded instructions, statements, and computer programs are the | |
10 | * property of Easy Software Products and are protected by Federal | |
11 | * copyright law. Distribution and use rights are outlined in the file | |
12 | * "LICENSE.txt" which should have been included with this file. If this | |
13 | * file is missing or damaged please contact Easy Software Products | |
14 | * at: | |
15 | * | |
16 | * Attn: CUPS Licensing Information | |
17 | * Easy Software Products | |
8784b6a6 | 18 | * 44141 Airport View Drive, Suite 204 |
bcd9e019 | 19 | * Hollywood, Maryland 20636 USA |
824bac0b | 20 | * |
9639c4de | 21 | * Voice: (301) 373-9600 |
824bac0b | 22 | * EMail: cups-info@cups.org |
23 | * WWW: http://www.cups.org | |
824bac0b | 24 | */ |
25 | ||
9d0c9f28 | 26 | /* |
27 | * Include necessary headers... | |
28 | */ | |
29 | ||
30 | #include <pwd.h> | |
31 | ||
32 | ||
824bac0b | 33 | /* |
fd8b1cf8 | 34 | * HTTP authorization types and levels... |
35 | */ | |
36 | ||
7ebf3a09 | 37 | #define AUTH_NONE 0 /* No authentication */ |
38 | #define AUTH_BASIC 1 /* Basic authentication */ | |
39 | #define AUTH_DIGEST 2 /* Digest authentication */ | |
753453e4 | 40 | #define AUTH_BASICDIGEST 3 /* Basic authentication w/passwd.md5 */ |
7ebf3a09 | 41 | |
fd8b1cf8 | 42 | #define AUTH_ANON 0 /* Anonymous access */ |
43 | #define AUTH_USER 1 /* Must have a valid username/password */ | |
44 | #define AUTH_GROUP 2 /* Must also be in a named group */ | |
45 | ||
46 | #define AUTH_ALLOW 0 /* Allow access */ | |
47 | #define AUTH_DENY 1 /* Deny access */ | |
48 | ||
49 | #define AUTH_NAME 0 /* Authorize host by name */ | |
50 | #define AUTH_IP 1 /* Authorize host by IP */ | |
20264b99 | 51 | #define AUTH_INTERFACE 2 /* Authorize host by interface */ |
fd8b1cf8 | 52 | |
89db771d | 53 | #define AUTH_SATISFY_ALL 0 /* Satisfy both address and auth */ |
46490d9d | 54 | #define AUTH_SATISFY_ANY 1 /* Satisfy either address or auth */ |
46490d9d | 55 | |
56 | #define AUTH_LIMIT_DELETE 1 /* Limit DELETE requests */ | |
57 | #define AUTH_LIMIT_GET 2 /* Limit GET requests */ | |
58 | #define AUTH_LIMIT_HEAD 4 /* Limit HEAD requests */ | |
59 | #define AUTH_LIMIT_OPTIONS 8 /* Limit OPTIONS requests */ | |
60 | #define AUTH_LIMIT_POST 16 /* Limit POST requests */ | |
61 | #define AUTH_LIMIT_PUT 32 /* Limit PUT requests */ | |
62 | #define AUTH_LIMIT_TRACE 64 /* Limit TRACE requests */ | |
63 | #define AUTH_LIMIT_ALL 127 /* Limit all requests */ | |
64 | ||
fd8b1cf8 | 65 | |
66 | /* | |
03081fd2 | 67 | * HTTP access control structures... |
fd8b1cf8 | 68 | */ |
69 | ||
70 | typedef struct | |
71 | { | |
99de6da0 | 72 | unsigned address[4], /* IP address */ |
73 | netmask[4]; /* IP netmask */ | |
fd8b1cf8 | 74 | } ipmask_t; |
75 | ||
76 | typedef struct | |
77 | { | |
78 | int length; /* Length of name */ | |
79 | char *name; /* Name string */ | |
80 | } namemask_t; | |
81 | ||
82 | typedef struct | |
83 | { | |
84 | int type; /* Mask type */ | |
85 | union | |
86 | { | |
87 | namemask_t name; /* Host/Domain name */ | |
88 | ipmask_t ip; /* IP address/network */ | |
89 | } mask; /* Mask data */ | |
42d48bd2 | 90 | } authmask_t; |
fd8b1cf8 | 91 | |
92 | typedef struct | |
93 | { | |
a74b005d | 94 | char location[HTTP_MAX_URI]; /* Location of resource */ |
46490d9d | 95 | int limit, /* Limit for these types of requests */ |
96 | length, /* Length of location string */ | |
fd8b1cf8 | 97 | order_type, /* Allow or Deny */ |
7ebf3a09 | 98 | type, /* Type of authentication */ |
46490d9d | 99 | level, /* Access level required */ |
100 | satisfy; /* Satisfy any or all limits? */ | |
101 | int num_names; /* Number of names */ | |
102 | char **names; /* User or group names */ | |
fd8b1cf8 | 103 | int num_allow; /* Number of Allow lines */ |
42d48bd2 | 104 | authmask_t *allow; /* Allow lines */ |
fd8b1cf8 | 105 | int num_deny; /* Number of Deny lines */ |
42d48bd2 | 106 | authmask_t *deny; /* Deny lines */ |
a75c006a | 107 | http_encryption_t encryption; /* To encrypt or not to encrypt... */ |
fd8b1cf8 | 108 | } location_t; |
109 | ||
110 | ||
111 | /* | |
112 | * Globals... | |
113 | */ | |
114 | ||
b38d93df | 115 | VAR int DefaultAuthType VALUE(AUTH_BASIC); |
fd8b1cf8 | 116 | VAR int NumLocations VALUE(0); |
117 | /* Number of authorization locations */ | |
118 | VAR location_t *Locations VALUE(NULL); | |
119 | /* Authorization locations */ | |
120 | ||
121 | ||
122 | /* | |
123 | * Prototypes... | |
824bac0b | 124 | */ |
125 | ||
e4f4eb8e | 126 | extern location_t *AddLocation(const char *location); |
46490d9d | 127 | extern void AddName(location_t *loc, char *name); |
fd8b1cf8 | 128 | extern void AllowHost(location_t *loc, char *name); |
99de6da0 | 129 | extern void AllowIP(location_t *loc, unsigned address[4], |
130 | unsigned netmask[4]); | |
131 | extern int CheckAuth(unsigned ip[4], char *name, int namelen, | |
e5ebb675 | 132 | int num_masks, authmask_t *masks); |
9d0c9f28 | 133 | extern int cupsdCheckGroup(const char *username, |
134 | struct passwd *user, | |
135 | const char *groupname); | |
89db771d | 136 | extern location_t *CopyLocation(location_t **loc); |
fd8b1cf8 | 137 | extern void DeleteAllLocations(void); |
138 | extern void DenyHost(location_t *loc, char *name); | |
99de6da0 | 139 | extern void DenyIP(location_t *loc, unsigned address[4], |
140 | unsigned netmask[4]); | |
7db52463 | 141 | extern location_t *FindBest(const char *path, http_state_t state); |
e4f4eb8e | 142 | extern location_t *FindLocation(const char *location); |
19e7b382 | 143 | extern char *GetMD5Passwd(const char *username, const char *group, |
144 | char passwd[33]); | |
a74b005d | 145 | extern http_status_t IsAuthorized(client_t *con); |
824bac0b | 146 | |
147 | ||
148 | /* | |
c9d3f842 | 149 | * End of "$Id$". |
824bac0b | 150 | */ |