X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=scheduler%2Fconf.c;h=4320ce660af97fd6456e4444595f571fc1e6d617;hb=781996c9136ff4ec23b858a3611c21698a6bb317;hp=2e5354100e88e20c34ae77c69d4886f0e9d41263;hpb=d318937fb983db534e12f450557ccde3db4dad31;p=thirdparty%2Fcups.git

diff --git a/scheduler/conf.c b/scheduler/conf.c
index 2e5354100..4320ce660 100644
--- a/scheduler/conf.c
+++ b/scheduler/conf.c
@@ -89,6 +89,12 @@ static cupsd_var_t	variables[] =
   { "AccessLog",		&AccessLog,		CUPSD_VARTYPE_STRING },
   { "AutoPurgeJobs", 		&JobAutoPurge,		CUPSD_VARTYPE_BOOLEAN },
   { "BrowseInterval",		&BrowseInterval,	CUPSD_VARTYPE_INTEGER },
+#ifdef HAVE_LDAP
+  { "BrowseLDAPBindDN",		&BrowseLDAPBindDN,	CUPSD_VARTYPE_STRING },
+  { "BrowseLDAPDN",		&BrowseLDAPDN,		CUPSD_VARTYPE_STRING },
+  { "BrowseLDAPPassword",	&BrowseLDAPPassword,	CUPSD_VARTYPE_STRING },
+  { "BrowseLDAPServer",		&BrowseLDAPServer,	CUPSD_VARTYPE_STRING },
+#endif /* HAVE_LDAP */
   { "BrowseLocalOptions",	&BrowseLocalOptions,	CUPSD_VARTYPE_STRING },
   { "BrowsePort",		&BrowsePort,		CUPSD_VARTYPE_INTEGER },
   { "BrowseRemoteOptions",	&BrowseRemoteOptions,	CUPSD_VARTYPE_STRING },
@@ -146,7 +152,6 @@ static cupsd_var_t	variables[] =
   { "RemoteRoot",		&RemoteRoot,		CUPSD_VARTYPE_STRING },
   { "RequestRoot",		&RequestRoot,		CUPSD_VARTYPE_STRING },
   { "RIPCache",			&RIPCache,		CUPSD_VARTYPE_STRING },
-  { "RunAsUser", 		&RunAsUser,		CUPSD_VARTYPE_BOOLEAN },
   { "RootCertDuration",		&RootCertDuration,	CUPSD_VARTYPE_INTEGER },
   { "ServerAdmin",		&ServerAdmin,		CUPSD_VARTYPE_STRING },
   { "ServerBin",		&ServerBin,		CUPSD_VARTYPE_STRING },
@@ -216,6 +221,9 @@ cupsdReadConfiguration(void)
   struct group	*group;			/* Default group */
   char		*old_serverroot,	/* Old ServerRoot */
 		*old_requestroot;	/* Old RequestRoot */
+  const char	*tmpdir;		/* TMPDIR environment variable */
+  struct stat	tmpinfo;		/* Temporary directory info */
+
 
  /*
   * Save the old root paths...
@@ -277,7 +285,7 @@ cupsdReadConfiguration(void)
   cupsdSetString(&PrintcapGUI, "/usr/bin/glpoptions");
   cupsdSetString(&FontPath, CUPS_FONTPATH);
   cupsdSetString(&RemoteRoot, "remroot");
-  cupsdSetString(&ServerHeader, "CUPS/1.1");
+  cupsdSetString(&ServerHeader, "CUPS/1.2");
   cupsdSetString(&StateDir, CUPS_STATEDIR);
 
   strlcpy(temp, ConfigurationFile, sizeof(temp));
@@ -309,10 +317,7 @@ cupsdReadConfiguration(void)
 
   cupsdSetString(&RIPCache, "8m");
 
-  if (getenv("TMPDIR") == NULL)
-    cupsdSetString(&TempDir, CUPS_REQUESTS "/tmp");
-  else
-    cupsdSetString(&TempDir, getenv("TMPDIR"));
+  cupsdSetString(&TempDir, NULL);
 
  /*
   * Find the default user...
@@ -357,6 +362,9 @@ cupsdReadConfiguration(void)
 
   ConfigFilePerm        = CUPS_DEFAULT_CONFIG_FILE_PERM;
   DefaultAuthType       = AUTH_BASIC;
+#ifdef HAVE_SSL
+  DefaultEncryption     = HTTP_ENCRYPT_REQUIRED;
+#endif /* HAVE_SSL */
   JobRetryLimit         = 5;
   JobRetryInterval      = 300;
   FileDevice            = FALSE;
@@ -379,7 +387,6 @@ cupsdReadConfiguration(void)
   MaxRequestSize        = 0;
   ReloadTimeout	        = 60;
   RootCertDuration      = 300;
-  RunAsUser             = FALSE;
   Timeout               = DEFAULT_TIMEOUT;
   NumSystemGroups       = 0;
 
@@ -395,6 +402,13 @@ cupsdReadConfiguration(void)
   cupsdClearString(&BrowseLocalOptions);
   cupsdClearString(&BrowseRemoteOptions);
 
+#ifdef HAVE_LDAP
+  cupsdClearString(&BrowseLDAPBindDN);
+  cupsdClearString(&BrowseLDAPDN);
+  cupsdClearString(&BrowseLDAPPassword);
+  cupsdClearString(&BrowseLDAPServer);
+#endif /* HAVE_LDAP */
+
   JobHistory          = DEFAULT_HISTORY;
   JobFiles            = DEFAULT_FILES;
   JobAutoPurge        = 0;
@@ -433,10 +447,7 @@ cupsdReadConfiguration(void)
   if (!status)
     return (0);
 
-  if (RunAsUser)
-    RunUser = User;
-  else
-    RunUser = getuid();
+  RunUser = getuid();
 
  /*
   * Use the default system group if none was supplied in cupsd.conf...
@@ -600,7 +611,7 @@ cupsdReadConfiguration(void)
   */
 
   check_permissions(CacheDir, NULL, 0775, RunUser, Group, 1, 1);
-  check_permissions(CacheDir, "ppd", 0755, RunUser, Group, 1, 1);
+/*  check_permissions(CacheDir, "ppd", 0755, RunUser, Group, 1, 1);*/
 
   check_permissions(StateDir, NULL, 0755, RunUser, Group, 1, 1);
   check_permissions(StateDir, "certs", RunUser ? 0711 : 0511, User,
@@ -615,6 +626,41 @@ cupsdReadConfiguration(void)
   check_permissions(ServerRoot, "printers.conf", 0600, RunUser, Group, 0, 0);
   check_permissions(ServerRoot, "passwd.md5", 0600, User, Group, 0, 0);
 
+ /*
+  * Update TempDir to the default if it hasn't been set already...
+  */
+
+  if (!TempDir)
+  {
+    if ((tmpdir = getenv("TMPDIR")) != NULL)
+    {
+     /*
+      * TMPDIR is defined, see if it is OK for us to use...
+      */
+
+      if (stat(tmpdir, &tmpinfo))
+        cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to access TMPDIR (%s): %s",
+	                tmpdir, strerror(errno));
+      else if (!S_ISDIR(tmpinfo.st_mode))
+        cupsdLogMessage(CUPSD_LOG_ERROR, "TMPDIR (%s) is not a directory!",
+	                tmpdir);
+      else if ((tmpinfo.st_uid != User || !(tmpinfo.st_mode & S_IWUSR)) &&
+               (tmpinfo.st_gid != Group || !(tmpinfo.st_mode & S_IWGRP)) &&
+	       !(tmpinfo.st_mode & S_IWOTH))
+        cupsdLogMessage(CUPSD_LOG_ERROR,
+	                "TMPDIR (%s) has the wrong permissions!", tmpdir);
+      else
+        cupsdSetString(&TempDir, tmpdir);
+
+      if (!TempDir)
+        cupsdLogMessage(CUPSD_LOG_INFO, "Using default TempDir of %s/tmp...",
+	                RequestRoot);
+    }
+
+    if (!TempDir)
+      cupsdSetStringf(&TempDir, "%s/tmp", RequestRoot);
+  }
+
  /*
   * Make sure the request and temporary directories have the right
   * permissions...
@@ -1102,7 +1148,7 @@ check_permissions(const char *filename,	/* I - File/directory name */
     }
   }
 
-  if (dir_created || (fileinfo.st_mode & 0777) != mode)
+  if (dir_created || (fileinfo.st_mode & 07777) != mode)
   {
     cupsdLogMessage(CUPSD_LOG_WARN, "Repairing access permissions of \"%s\"", filename);
 
@@ -2624,6 +2670,28 @@ read_configuration(cups_file_t *fp)	/* I - File to read from */
 	return (0);
       }
     }
+#ifdef HAVE_SSL
+    else if (!strcasecmp(line, "DefaultEncryption"))
+    {
+     /*
+      * DefaultEncryption {Never,IfRequested,Required}
+      */
+
+      if (!value || !strcasecmp(value, "never"))
+	DefaultEncryption = HTTP_ENCRYPT_NEVER;
+      else if (!strcasecmp(value, "required"))
+	DefaultEncryption = HTTP_ENCRYPT_REQUIRED;
+      else if (!strcasecmp(value, "ifrequested"))
+	DefaultEncryption = HTTP_ENCRYPT_IF_REQUESTED;
+      else
+      {
+	cupsdLogMessage(CUPSD_LOG_WARN,
+	                "Unknown default encryption %s on line %d.",
+	                value, linenum);
+	return (0);
+      }
+    }
+#endif /* HAVE_SSL */
     else if (!strcasecmp(line, "User"))
     {
      /*
@@ -2779,7 +2847,7 @@ read_configuration(cups_file_t *fp)	/* I - File to read from */
       else if (!strcasecmp(value, "Major"))
 	cupsdSetString(&ServerHeader, "CUPS/1");
       else if (!strcasecmp(value, "Minor"))
-	cupsdSetString(&ServerHeader, "CUPS/1.1");
+	cupsdSetString(&ServerHeader, "CUPS/1.2");
       else if (!strcasecmp(value, "Minimal"))
 	cupsdSetString(&ServerHeader, CUPS_MINIMAL);
       else if (!strcasecmp(value, "OS"))