scheduler/auth.h

   1 /*
   2  * "$Id: auth.h,v 1.16.2.7 2003/01/07 18:27:15 mike Exp $"
   3  *
   4  *   Authorization definitions for the Common UNIX Printing System (CUPS)
   5  *   scheduler.
   6  *
   7  *   Copyright 1997-2003 by Easy Software Products, all rights reserved.
   8  *
   9  *   These coded instructions, statements, and computer programs are the
  10  *   property of Easy Software Products and are protected by Federal
  11  *   copyright law.  Distribution and use rights are outlined in the file
  12  *   "LICENSE.txt" which should have been included with this file.  If this
  13  *   file is missing or damaged please contact Easy Software Products
  14  *   at:
  15  *
  16  *       Attn: CUPS Licensing Information
  17  *       Easy Software Products
  18  *       44141 Airport View Drive, Suite 204
  19  *       Hollywood, Maryland 20636-3111 USA
  20  *
  21  *       Voice: (301) 373-9603
  22  *       EMail: cups-info@cups.org
  23  *         WWW: http://www.cups.org
  24  */
  25
  26 /*
  27  * HTTP authorization types and levels...
  28  */
  29
  30 #define AUTH_NONE               0       /* No authentication */
  31 #define AUTH_BASIC              1       /* Basic authentication */
  32 #define AUTH_DIGEST             2       /* Digest authentication */
  33 #define AUTH_BASICDIGEST        3       /* Basic authentication w/passwd.md5 */
  34
  35 #define AUTH_ANON               0       /* Anonymous access */
  36 #define AUTH_USER               1       /* Must have a valid username/password */
  37 #define AUTH_GROUP              2       /* Must also be in a named group */
  38
  39 #define AUTH_ALLOW              0       /* Allow access */
  40 #define AUTH_DENY               1       /* Deny access */
  41
  42 #define AUTH_NAME               0       /* Authorize host by name */
  43 #define AUTH_IP                 1       /* Authorize host by IP */
  44 #define AUTH_INTERFACE          2       /* Authorize host by interface */
  45
  46 #define AUTH_SATISFY_ALL        0       /* Satisfy both address and auth */
  47 #define AUTH_SATISFY_ANY        1       /* Satisfy either address or auth */
  48
  49 #define AUTH_LIMIT_DELETE       1       /* Limit DELETE requests */
  50 #define AUTH_LIMIT_GET          2       /* Limit GET requests */
  51 #define AUTH_LIMIT_HEAD         4       /* Limit HEAD requests */
  52 #define AUTH_LIMIT_OPTIONS      8       /* Limit OPTIONS requests */
  53 #define AUTH_LIMIT_POST         16      /* Limit POST requests */
  54 #define AUTH_LIMIT_PUT          32      /* Limit PUT requests */
  55 #define AUTH_LIMIT_TRACE        64      /* Limit TRACE requests */
  56 #define AUTH_LIMIT_ALL          127     /* Limit all requests */
  57
  58
  59 /*
  60  * HTTP access control structures...
  61  */
  62
  63 typedef struct
  64 {
  65   unsigned      address[4],             /* IP address */
  66                 netmask[4];             /* IP netmask */
  67 } ipmask_t;
  68
  69 typedef struct
  70 {
  71   int           length;                 /* Length of name */
  72   char          *name;                  /* Name string */
  73 } namemask_t;
  74
  75 typedef struct
  76 {
  77   int           type;                   /* Mask type */
  78   union
  79   {
  80     namemask_t  name;                   /* Host/Domain name */
  81     ipmask_t    ip;                     /* IP address/network */
  82   }             mask;                   /* Mask data */
  83 } authmask_t;
  84
  85 typedef struct
  86 {
  87   char          location[HTTP_MAX_URI]; /* Location of resource */
  88   int           limit,                  /* Limit for these types of requests */
  89                 length,                 /* Length of location string */
  90                 order_type,             /* Allow or Deny */
  91                 type,                   /* Type of authentication */
  92                 level,                  /* Access level required */
  93                 satisfy;                /* Satisfy any or all limits? */
  94   int           num_names;              /* Number of names */
  95   char          **names;                /* User or group names */
  96   int           num_allow;              /* Number of Allow lines */
  97   authmask_t    *allow;                 /* Allow lines */
  98   int           num_deny;               /* Number of Deny lines */
  99   authmask_t    *deny;                  /* Deny lines */
 100   http_encryption_t encryption;         /* To encrypt or not to encrypt... */
 101 } location_t;
 102
 103
 104 /*
 105  * Globals...
 106  */
 107
 108 VAR int                 NumLocations    VALUE(0);
 109                                         /* Number of authorization locations */
 110 VAR location_t          *Locations      VALUE(NULL);
 111                                         /* Authorization locations */
 112
 113
 114 /*
 115  * Prototypes...
 116  */
 117
 118 extern location_t       *AddLocation(const char *location);
 119 extern void             AddName(location_t *loc, char *name);
 120 extern void             AllowHost(location_t *loc, char *name);
 121 extern void             AllowIP(location_t *loc, unsigned address[4],
 122                                 unsigned netmask[4]);
 123 extern int              CheckAuth(unsigned ip[4], char *name, int namelen,
 124                                   int num_masks, authmask_t *masks);
 125 extern location_t       *CopyLocation(location_t **loc);
 126 extern void             DeleteAllLocations(void);
 127 extern void             DenyHost(location_t *loc, char *name);
 128 extern void             DenyIP(location_t *loc, unsigned address[4],
 129                                unsigned netmask[4]);
 130 extern location_t       *FindBest(const char *path, http_state_t state);
 131 extern location_t       *FindLocation(const char *location);
 132 extern char             *GetMD5Passwd(const char *username, const char *group,
 133                                       char passwd[33]);
 134 extern http_status_t    IsAuthorized(client_t *con);
 135
 136
 137 /*
 138  * End of "$Id: auth.h,v 1.16.2.7 2003/01/07 18:27:15 mike Exp $".
 139  */