2 * Authorization definitions for the CUPS scheduler.
4 * Copyright 2007-2014 by Apple Inc.
5 * Copyright 1997-2006 by Easy Software Products, all rights reserved.
7 * Licensed under Apache License v2.0. See the file "LICENSE" for more information.
11 * Include necessary headers...
18 * HTTP authorization types and levels...
21 #define CUPSD_AUTH_DEFAULT -1 /* Use DefaultAuthType */
22 #define CUPSD_AUTH_NONE 0 /* No authentication */
23 #define CUPSD_AUTH_BASIC 1 /* Basic authentication */
24 #define CUPSD_AUTH_NEGOTIATE 2 /* Kerberos authentication */
25 #define CUPSD_AUTH_AUTO 3 /* Kerberos or Basic, depending on configuration of server */
27 #define CUPSD_AUTH_ANON 0 /* Anonymous access */
28 #define CUPSD_AUTH_USER 1 /* Must have a valid username/password */
29 #define CUPSD_AUTH_GROUP 2 /* Must also be in a named group */
31 #define CUPSD_AUTH_ALLOW 0 /* Allow access */
32 #define CUPSD_AUTH_DENY 1 /* Deny access */
34 #define CUPSD_AUTH_NAME 0 /* Authorize host by name */
35 #define CUPSD_AUTH_IP 1 /* Authorize host by IP */
36 #define CUPSD_AUTH_INTERFACE 2 /* Authorize host by interface */
38 #define CUPSD_AUTH_SATISFY_ALL 0 /* Satisfy both address and auth */
39 #define CUPSD_AUTH_SATISFY_ANY 1 /* Satisfy either address or auth */
41 #define CUPSD_AUTH_LIMIT_DELETE 1 /* Limit DELETE requests */
42 #define CUPSD_AUTH_LIMIT_GET 2 /* Limit GET requests */
43 #define CUPSD_AUTH_LIMIT_HEAD 4 /* Limit HEAD requests */
44 #define CUPSD_AUTH_LIMIT_OPTIONS 8 /* Limit OPTIONS requests */
45 #define CUPSD_AUTH_LIMIT_POST 16 /* Limit POST requests */
46 #define CUPSD_AUTH_LIMIT_PUT 32 /* Limit PUT requests */
47 #define CUPSD_AUTH_LIMIT_TRACE 64 /* Limit TRACE requests */
48 #define CUPSD_AUTH_LIMIT_ALL 127 /* Limit all requests */
49 #define CUPSD_AUTH_LIMIT_IPP 128 /* Limit IPP requests */
51 #define IPP_ANY_OPERATION (ipp_op_t)0
52 /* Any IPP operation */
53 #define IPP_BAD_OPERATION (ipp_op_t)-1
54 /* No IPP operation */
58 * HTTP access control structures...
63 unsigned address
[4], /* IP address */
64 netmask
[4]; /* IP netmask */
69 size_t length
; /* Length of name */
70 char *name
; /* Name string */
75 int type
; /* Mask type */
78 cupsd_namemask_t name
; /* Host/Domain name */
79 cupsd_ipmask_t ip
; /* IP address/network */
80 } mask
; /* Mask data */
85 char *location
; /* Location of resource */
86 size_t length
; /* Length of location string */
87 ipp_op_t op
; /* IPP operation */
88 int limit
, /* Limit for these types of requests */
89 order_type
, /* Allow or Deny */
90 type
, /* Type of authentication */
91 level
, /* Access level required */
92 satisfy
; /* Satisfy any or all limits? */
93 cups_array_t
*names
, /* User or group names */
94 *allow
, /* Allow lines */
95 *deny
; /* Deny lines */
96 http_encryption_t encryption
; /* To encrypt or not to encrypt... */
99 typedef struct cupsd_client_s cupsd_client_t
;
106 VAR cups_array_t
*Locations
VALUE(NULL
);
107 /* Authorization locations */
109 VAR http_encryption_t DefaultEncryption
VALUE(HTTP_ENCRYPT_REQUIRED
);
110 /* Default encryption for authentication */
111 #endif /* HAVE_SSL */
118 extern int cupsdAddIPMask(cups_array_t
**masks
,
119 const unsigned address
[4],
120 const unsigned netmask
[4]);
121 extern void cupsdAddLocation(cupsd_location_t
*loc
);
122 extern void cupsdAddName(cupsd_location_t
*loc
, char *name
);
123 extern int cupsdAddNameMask(cups_array_t
**masks
, char *name
);
124 extern void cupsdAuthorize(cupsd_client_t
*con
);
125 extern int cupsdCheckAccess(unsigned ip
[4], const char *name
, size_t namelen
, cupsd_location_t
*loc
);
126 extern int cupsdCheckAuth(unsigned ip
[4], const char *name
, size_t namelen
, cups_array_t
*masks
);
127 extern int cupsdCheckGroup(const char *username
,
129 const char *groupname
);
130 extern cupsd_location_t
*cupsdCopyLocation(cupsd_location_t
*loc
);
131 extern void cupsdDeleteAllLocations(void);
132 extern cupsd_location_t
*cupsdFindBest(const char *path
, http_state_t state
);
133 extern cupsd_location_t
*cupsdFindLocation(const char *location
);
134 extern void cupsdFreeLocation(cupsd_location_t
*loc
);
135 extern http_status_t
cupsdIsAuthorized(cupsd_client_t
*con
, const char *owner
);
136 extern cupsd_location_t
*cupsdNewLocation(const char *location
);