]>
Commit | Line | Data |
---|---|---|
f27bd5ab | 1 | /* |
c9d3f842 | 2 | * "$Id$" |
f27bd5ab | 3 | * |
4 | * Policy routines for the Common UNIX Printing System (CUPS). | |
5 | * | |
4e8d321f | 6 | * Copyright 2007 by Apple Inc. |
dfd3d12a | 7 | * Copyright 1997-2006 by Easy Software Products, all rights reserved. |
f27bd5ab | 8 | * |
9 | * These coded instructions, statements, and computer programs are the | |
4e8d321f | 10 | * property of Apple Inc. and are protected by Federal copyright |
11 | * law. Distribution and use rights are outlined in the file "LICENSE.txt" | |
12 | * which should have been included with this file. If this file is | |
13 | * file is missing or damaged, see the license at "http://www.cups.org/". | |
f27bd5ab | 14 | * |
15 | * Contents: | |
16 | * | |
99baf768 | 17 | * cupsdAddPolicy() - Add a policy to the system. |
18 | * cupsdAddPolicyOp() - Add an operation to a policy. | |
19 | * cupsdCheckPolicy() - Check the IPP operation and username against | |
20 | * a policy. | |
21 | * cupsdDeleteAllPolicies() - Delete all policies in memory. | |
22 | * cupsdFindPolicy() - Find a named policy. | |
23 | * cupsdFindPolicyOp() - Find a policy operation. | |
f27bd5ab | 24 | */ |
25 | ||
26 | /* | |
27 | * Include necessary headers... | |
28 | */ | |
29 | ||
30 | #include "cupsd.h" | |
53ca8055 | 31 | |
f27bd5ab | 32 | |
33 | /* | |
34 | * 'AddPolicy()' - Add a policy to the system. | |
35 | */ | |
36 | ||
99baf768 | 37 | cupsd_policy_t * /* O - Policy */ |
38 | cupsdAddPolicy(const char *policy) /* I - Name of policy */ | |
f27bd5ab | 39 | { |
99baf768 | 40 | cupsd_policy_t *temp, /* Pointer to policy */ |
41 | **tempa; /* Pointer to policy array */ | |
53ca8055 | 42 | |
43 | ||
44 | if (policy == NULL) | |
45 | return (NULL); | |
46 | ||
47 | if (NumPolicies == 0) | |
99baf768 | 48 | tempa = malloc(sizeof(cupsd_policy_t *)); |
53ca8055 | 49 | else |
99baf768 | 50 | tempa = realloc(Policies, sizeof(cupsd_policy_t *) * (NumPolicies + 1)); |
53ca8055 | 51 | |
4b6bdd9f | 52 | if (tempa == NULL) |
53 | return (NULL); | |
54 | ||
55 | Policies = tempa; | |
56 | tempa += NumPolicies; | |
57 | ||
99baf768 | 58 | if ((temp = calloc(1, sizeof(cupsd_policy_t))) != NULL) |
53ca8055 | 59 | { |
4b6bdd9f | 60 | temp->name = strdup(policy); |
61 | *tempa = temp; | |
53ca8055 | 62 | |
4b6bdd9f | 63 | NumPolicies ++; |
53ca8055 | 64 | } |
65 | ||
66 | return (temp); | |
f27bd5ab | 67 | } |
68 | ||
69 | ||
70 | /* | |
99baf768 | 71 | * 'cupsdAddPolicyOp()' - Add an operation to a policy. |
f27bd5ab | 72 | */ |
73 | ||
f3e786fc | 74 | cupsd_location_t * /* O - New policy operation */ |
75 | cupsdAddPolicyOp(cupsd_policy_t *p, /* I - Policy */ | |
76 | cupsd_location_t *po, /* I - Policy operation to copy */ | |
77 | ipp_op_t op) /* I - IPP operation code */ | |
f27bd5ab | 78 | { |
f3e786fc | 79 | int i; /* Looping var */ |
80 | cupsd_location_t *temp, /* New policy operation */ | |
81 | **tempa; /* New policy operation array */ | |
82 | char name[1024]; /* Interface name */ | |
53ca8055 | 83 | |
84 | ||
f3e786fc | 85 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdAddPolicyOp(p=%p, po=%p, op=%x(%s))", |
86 | p, po, op, ippOpString(op)); | |
0051f336 | 87 | |
53ca8055 | 88 | if (p == NULL) |
89 | return (NULL); | |
90 | ||
91 | if (p->num_ops == 0) | |
589eb420 | 92 | tempa = malloc(sizeof(cupsd_location_t *)); |
53ca8055 | 93 | else |
589eb420 | 94 | tempa = realloc(p->ops, sizeof(cupsd_location_t *) * (p->num_ops + 1)); |
53ca8055 | 95 | |
4b6bdd9f | 96 | if (tempa == NULL) |
97 | return (NULL); | |
98 | ||
99 | p->ops = tempa; | |
100 | ||
589eb420 | 101 | if ((temp = calloc(1, sizeof(cupsd_location_t))) != NULL) |
53ca8055 | 102 | { |
4b6bdd9f | 103 | p->ops = tempa; |
104 | tempa[p->num_ops] = temp; | |
53ca8055 | 105 | p->num_ops ++; |
106 | ||
99baf768 | 107 | temp->op = op; |
108 | temp->limit = AUTH_LIMIT_IPP; | |
4b6bdd9f | 109 | |
110 | if (po) | |
111 | { | |
112 | /* | |
113 | * Copy the specified policy to the new one... | |
114 | */ | |
115 | ||
99baf768 | 116 | temp->order_type = po->order_type; |
0051f336 | 117 | temp->type = po->type; |
99baf768 | 118 | temp->level = po->level; |
119 | temp->satisfy = po->satisfy; | |
120 | temp->encryption = po->encryption; | |
121 | ||
4b6bdd9f | 122 | for (i = 0; i < po->num_names; i ++) |
589eb420 | 123 | cupsdAddName(temp, po->names[i]); |
99baf768 | 124 | |
125 | for (i = 0; i < po->num_allow; i ++) | |
126 | switch (po->allow[i].type) | |
127 | { | |
128 | case AUTH_IP : | |
589eb420 | 129 | cupsdAllowIP(temp, po->allow[i].mask.ip.address, |
99baf768 | 130 | po->allow[i].mask.ip.netmask); |
131 | break; | |
132 | ||
133 | case AUTH_INTERFACE : | |
134 | snprintf(name, sizeof(name), "@IF(%s)", | |
135 | po->allow[i].mask.name.name); | |
589eb420 | 136 | cupsdAllowHost(temp, name); |
99baf768 | 137 | break; |
138 | ||
139 | default : | |
589eb420 | 140 | cupsdAllowHost(temp, po->allow[i].mask.name.name); |
99baf768 | 141 | break; |
142 | } | |
143 | ||
144 | for (i = 0; i < po->num_deny; i ++) | |
145 | switch (po->deny[i].type) | |
146 | { | |
147 | case AUTH_IP : | |
589eb420 | 148 | cupsdDenyIP(temp, po->deny[i].mask.ip.address, |
99baf768 | 149 | po->deny[i].mask.ip.netmask); |
150 | break; | |
151 | ||
152 | case AUTH_INTERFACE : | |
153 | snprintf(name, sizeof(name), "@IF(%s)", | |
154 | po->deny[i].mask.name.name); | |
589eb420 | 155 | cupsdDenyHost(temp, name); |
99baf768 | 156 | break; |
157 | ||
158 | default : | |
589eb420 | 159 | cupsdDenyHost(temp, po->deny[i].mask.name.name); |
99baf768 | 160 | break; |
161 | } | |
4b6bdd9f | 162 | } |
53ca8055 | 163 | } |
164 | ||
165 | return (temp); | |
f27bd5ab | 166 | } |
167 | ||
168 | ||
169 | /* | |
99baf768 | 170 | * 'cupsdCheckPolicy()' - Check the IPP operation and username against a policy. |
f27bd5ab | 171 | */ |
172 | ||
5df46530 | 173 | http_status_t /* I - 1 if OK, 0 otherwise */ |
99baf768 | 174 | cupsdCheckPolicy(cupsd_policy_t *p, /* I - Policy */ |
f3e786fc | 175 | cupsd_client_t *con, /* I - Client connection */ |
99baf768 | 176 | const char *owner) /* I - Owner of object */ |
f27bd5ab | 177 | { |
f3e786fc | 178 | cupsd_location_t *po; /* Current policy operation */ |
53ca8055 | 179 | |
180 | ||
181 | /* | |
182 | * Range check... | |
183 | */ | |
184 | ||
bd5510a5 | 185 | if (!p || !con) |
fd09381d | 186 | { |
f3e786fc | 187 | cupsdLogMessage(CUPSD_LOG_CRIT, "cupsdCheckPolicy: p=%p, con=%p!", p, con); |
fd09381d | 188 | |
be5262d8 | 189 | return ((http_status_t)0); |
fd09381d | 190 | } |
53ca8055 | 191 | |
192 | /* | |
4b6bdd9f | 193 | * Find a match for the operation... |
53ca8055 | 194 | */ |
195 | ||
0051f336 | 196 | if ((po = cupsdFindPolicyOp(p, con->request->request.op.operation_id)) == NULL) |
5934328c | 197 | { |
f3e786fc | 198 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCheckPolicy: No matching operation, returning 0!"); |
be5262d8 | 199 | return ((http_status_t)0); |
5934328c | 200 | } |
4b6bdd9f | 201 | |
f32b1ead | 202 | con->best = po; |
53ca8055 | 203 | |
204 | /* | |
4b6bdd9f | 205 | * Return the status of the check... |
53ca8055 | 206 | */ |
207 | ||
5df46530 | 208 | return (cupsdIsAuthorized(con, owner)); |
f27bd5ab | 209 | } |
210 | ||
211 | ||
212 | /* | |
99baf768 | 213 | * 'cupsdDeleteAllPolicies()' - Delete all policies in memory. |
f27bd5ab | 214 | */ |
215 | ||
216 | void | |
99baf768 | 217 | cupsdDeleteAllPolicies(void) |
f27bd5ab | 218 | { |
99baf768 | 219 | int i, j; /* Looping vars */ |
220 | cupsd_policy_t **p; /* Current policy */ | |
f3e786fc | 221 | cupsd_location_t **po; /* Current policy op */ |
53ca8055 | 222 | |
223 | ||
224 | if (NumPolicies == 0) | |
225 | return; | |
226 | ||
227 | for (i = NumPolicies, p = Policies; i > 0; i --, p ++) | |
228 | { | |
4b6bdd9f | 229 | for (j = (*p)->num_ops, po = (*p)->ops; j > 0; j --, po ++) |
99baf768 | 230 | cupsdDeleteLocation(*po); |
53ca8055 | 231 | |
4b6bdd9f | 232 | if ((*p)->num_ops > 0) |
233 | free((*p)->ops); | |
234 | ||
235 | free(*p); | |
53ca8055 | 236 | } |
237 | ||
238 | free(Policies); | |
239 | ||
240 | NumPolicies = 0; | |
241 | Policies = NULL; | |
f27bd5ab | 242 | } |
243 | ||
244 | ||
245 | /* | |
99baf768 | 246 | * 'cupsdFindPolicy()' - Find a named policy. |
f27bd5ab | 247 | */ |
248 | ||
99baf768 | 249 | cupsd_policy_t * /* O - Policy */ |
250 | cupsdFindPolicy(const char *policy) /* I - Name of policy */ | |
f27bd5ab | 251 | { |
f32b1ead | 252 | int i; /* Looping var */ |
99baf768 | 253 | cupsd_policy_t **p; /* Current policy */ |
53ca8055 | 254 | |
255 | ||
256 | /* | |
257 | * Range check... | |
258 | */ | |
259 | ||
260 | if (policy == NULL) | |
261 | return (NULL); | |
262 | ||
263 | /* | |
264 | * Check the operation against the available policies... | |
265 | */ | |
266 | ||
267 | for (i = NumPolicies, p = Policies; i > 0; i --, p ++) | |
99baf768 | 268 | if (!strcasecmp(policy, (*p)->name)) |
4b6bdd9f | 269 | return (*p); |
53ca8055 | 270 | |
271 | return (NULL); | |
f27bd5ab | 272 | } |
273 | ||
274 | ||
275 | /* | |
99baf768 | 276 | * 'cupsdFindPolicyOp()' - Find a policy operation. |
f27bd5ab | 277 | */ |
278 | ||
f3e786fc | 279 | cupsd_location_t * /* O - Policy operation */ |
99baf768 | 280 | cupsdFindPolicyOp(cupsd_policy_t *p, /* I - Policy */ |
281 | ipp_op_t op) /* I - IPP operation */ | |
f27bd5ab | 282 | { |
f3e786fc | 283 | int i; /* Looping var */ |
284 | cupsd_location_t **po; /* Current policy operation */ | |
53ca8055 | 285 | |
286 | ||
f3e786fc | 287 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdFindPolicyOp(p=%p, op=%x(%s))\n", |
288 | p, op, ippOpString(op)); | |
a8c7842b | 289 | |
53ca8055 | 290 | /* |
291 | * Range check... | |
292 | */ | |
293 | ||
294 | if (p == NULL) | |
295 | return (NULL); | |
296 | ||
297 | /* | |
298 | * Check the operation against the available policies... | |
299 | */ | |
300 | ||
301 | for (i = p->num_ops, po = p->ops; i > 0; i --, po ++) | |
4b6bdd9f | 302 | if ((*po)->op == op) |
a8c7842b | 303 | { |
f3e786fc | 304 | cupsdLogMessage(CUPSD_LOG_DEBUG2, |
305 | "cupsdFindPolicyOp: Found exact match..."); | |
4b6bdd9f | 306 | return (*po); |
a8c7842b | 307 | } |
4b6bdd9f | 308 | |
309 | for (i = p->num_ops, po = p->ops; i > 0; i --, po ++) | |
310 | if ((*po)->op == IPP_ANY_OPERATION) | |
a8c7842b | 311 | { |
f3e786fc | 312 | cupsdLogMessage(CUPSD_LOG_DEBUG2, |
313 | "cupsdFindPolicyOp: Found wildcard match..."); | |
4b6bdd9f | 314 | return (*po); |
a8c7842b | 315 | } |
316 | ||
f3e786fc | 317 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdFindPolicyOp: No match found!"); |
53ca8055 | 318 | |
319 | return (NULL); | |
320 | } | |
321 | ||
322 | ||
4b6bdd9f | 323 | /* |
c9d3f842 | 324 | * End of "$Id$". |
f27bd5ab | 325 | */ |