]> git.ipfire.org Git - thirdparty/cups.git/blame - cups/usersys.c
projects / thirdparty / cups.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix typos in snprintf/vsnprintf emulation code.
[thirdparty/cups.git] / cups / usersys.c
CommitLineData
ef416fc2 1/*
83bc2aac
MS		 2 * User, system, and password routines for CUPS.
3 *
3c2cb822 4 * Copyright 2007-2019 by Apple Inc.
83bc2aac
MS		 5 * Copyright 1997-2006 by Easy Software Products.
6 *
3c2cb822
MS		 7 * Licensed under Apache License v2.0. See the file "LICENSE" for more
8 * information.
ef416fc2 9 */
10
11/*
12 * Include necessary headers...
13 */
14
71e16022 15#include "cups-private.h"
fb863569 16#include "debug-internal.h"
ef416fc2 17#include <stdlib.h>
e00b005a 18#include <sys/stat.h>
19dc16f7 19#ifdef _WIN32
ef416fc2 20# include <windows.h>
5a6b583a
MS		 21#else
22# include <pwd.h>
dcb445bc 23# include <termios.h>
db8b865d 24# include <sys/utsname.h>
19dc16f7 25#endif /* _WIN32 */
588c2205
MS		 26#ifdef __APPLE__
27# include <sys/sysctl.h>
28#endif /* __APPLE__ */
ef416fc2 29
30
dcb445bc
MS		 31/*
32 * Local constants...
33 */
34
08d56b1f 35#ifdef __APPLE__
3c2cb822 36# if TARGET_OS_OSX
588c2205
MS		 37# define kCUPSPrintingPrefs CFSTR("org.cups.PrintingPrefs")
38# define kPREFIX ""
3c2cb822
MS		 39# else
40# define kCUPSPrintingPrefs CFSTR(".GlobalPreferences")
41# define kPREFIX "AirPrint"
42# endif /* TARGET_OS_OSX */
59cd12c6 43# define kUserAgentTokensKey CFSTR(kPREFIX "UserAgentTokens")
588c2205
MS		 44# define kAllowAnyRootKey CFSTR(kPREFIX "AllowAnyRoot")
45# define kAllowExpiredCertsKey CFSTR(kPREFIX "AllowExpiredCerts")
46# define kEncryptionKey CFSTR(kPREFIX "Encryption")
47# define kGSSServiceNameKey CFSTR(kPREFIX "GSSServiceName")
48# define kSSLOptionsKey CFSTR(kPREFIX "SSLOptions")
49# define kTrustOnFirstUseKey CFSTR(kPREFIX "TrustOnFirstUse")
50# define kValidateCertsKey CFSTR(kPREFIX "ValidateCerts")
51/* Deprecated */
52# define kAllowRC4 CFSTR(kPREFIX "AllowRC4")
53# define kAllowSSL3 CFSTR(kPREFIX "AllowSSL3")
54# define kAllowDH CFSTR(kPREFIX "AllowDH")
08d56b1f
MS		 55#endif /* __APPLE__ */
56
dcb445bc
MS		 57#define _CUPS_PASSCHAR '*' /* Character that is echoed for password */
58
59
3abb875b
MS		 60/*
61 * Local types...
62 */
63
64typedef struct _cups_client_conf_s /**** client.conf config data ****/
65{
59cd12c6 66 _cups_uatokens_t uatokens; /* UserAgentTokens values */
3abb875b 67#ifdef HAVE_SSL
8f1fbdec
MS		 68 int ssl_options, /* SSLOptions values */
69 ssl_min_version,/* Minimum SSL/TLS version */
70 ssl_max_version;/* Maximum SSL/TLS version */
3abb875b 71#endif /* HAVE_SSL */
08d56b1f
MS		 72 int trust_first, /* Trust on first use? */
73 any_root, /* Allow any (e.g., self-signed) root */
3abb875b
MS		 74 expired_certs, /* Allow expired certs */
75 validate_certs; /* Validate certificates */
76 http_encryption_t encryption; /* Encryption setting */
77 char user[65], /* User name */
78 server_name[256];
79 /* Server hostname */
80#ifdef HAVE_GSSAPI
81 char gss_service_name[32];
82 /* Kerberos service name */
83#endif /* HAVE_GSSAPI */
84} _cups_client_conf_t;
85
86
b423cd4c 87/*
88 * Local functions...
89 */
90
08d56b1f
MS		 91#ifdef __APPLE__
92static int cups_apple_get_boolean(CFStringRef key, int *value);
93static int cups_apple_get_string(CFStringRef key, char *value, size_t valsize);
94#endif /* __APPLE__ */
95static int cups_boolean_value(const char *value);
3abb875b
MS		 96static void cups_finalize_client_conf(_cups_client_conf_t *cc);
97static void cups_init_client_conf(_cups_client_conf_t *cc);
98static void cups_read_client_conf(cups_file_t *fp, _cups_client_conf_t *cc);
4b9daaf4 99static void cups_set_default_ipp_port(_cups_globals_t *cg);
3abb875b 100static void cups_set_encryption(_cups_client_conf_t *cc, const char *value);
07ed0e9a 101#ifdef HAVE_GSSAPI
3abb875b 102static void cups_set_gss_service_name(_cups_client_conf_t *cc, const char *value);
07ed0e9a 103#endif /* HAVE_GSSAPI */
3abb875b
MS		 104static void cups_set_server_name(_cups_client_conf_t *cc, const char *value);
105#ifdef HAVE_SSL
106static void cups_set_ssl_options(_cups_client_conf_t *cc, const char *value);
107#endif /* HAVE_SSL */
59cd12c6 108static void cups_set_uatokens(_cups_client_conf_t *cc, const char *value);
3abb875b 109static void cups_set_user(_cups_client_conf_t *cc, const char *value);
b423cd4c 110
111
ef416fc2 112/*
5a6b583a 113 * 'cupsEncryption()' - Get the current encryption settings.
ef416fc2 114 *
115 * The default encryption setting comes from the CUPS_ENCRYPTION
568fa3fa 116 * environment variable, then the ~/.cups/client.conf file, and finally the
ef416fc2 117 * /etc/cups/client.conf file. If not set, the default is
cb7f98ee 118 * @code HTTP_ENCRYPTION_IF_REQUESTED@.
5a6b583a
MS		 119 *
120 * Note: The current encryption setting is tracked separately for each thread
121 * in a program. Multi-threaded programs that override the setting via the
122 * @link cupsSetEncryption@ function need to do so in each thread for the same
123 * setting to be used.
ef416fc2 124 */
125
126http_encryption_t /* O - Encryption settings */
127cupsEncryption(void)
128{
ef416fc2 129 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
130
131
ef416fc2 132 if (cg->encryption == (http_encryption_t)-1)
e07d4801 133 _cupsSetDefaults();
ef416fc2 134
135 return (cg->encryption);
136}
137
138
139/*
140 * 'cupsGetPassword()' - Get a password from the user.
141 *
5a738aea 142 * Uses the current password callback function. Returns @code NULL@ if the
ecdc0628 143 * user does not provide a password.
5a6b583a
MS		 144 *
145 * Note: The current password callback function is tracked separately for each
146 * thread in a program. Multi-threaded programs that override the setting via
147 * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to
148 * do so in each thread for the same function to be used.
53af7f21
MS		 149 *
150 * @exclude all@
ef416fc2 151 */
152
153const char * /* O - Password */
154cupsGetPassword(const char *prompt) /* I - Prompt string */
155{
f11a948a
MS		 156 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
157
158
159 return ((cg->password_cb)(prompt, NULL, NULL, NULL, cg->password_data));
160}
161
162
163/*
98d88c8d 164 * 'cupsGetPassword2()' - Get a password from the user using the current
5a6b583a 165 * password callback.
f11a948a
MS		 166 *
167 * Uses the current password callback function. Returns @code NULL@ if the
168 * user does not provide a password.
169 *
5a6b583a
MS		 170 * Note: The current password callback function is tracked separately for each
171 * thread in a program. Multi-threaded programs that override the setting via
98d88c8d
MS		 172 * the @link cupsSetPasswordCB2@ function need to do so in each thread for the
173 * same function to be used.
5a6b583a 174 *
8072030b 175 * @since CUPS 1.4/macOS 10.6@
f11a948a
MS		 176 */
177
178const char * /* O - Password */
179cupsGetPassword2(const char *prompt, /* I - Prompt string */
180 http_t *http, /* I - Connection to server or @code CUPS_HTTP_DEFAULT@ */
181 const char *method, /* I - Request method ("GET", "POST", "PUT") */
182 const char *resource) /* I - Resource path */
183{
184 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
185
186
187 if (!http)
188 http = _cupsConnect();
189
190 return ((cg->password_cb)(prompt, http, method, resource, cg->password_data));
ef416fc2 191}
192
193
ef416fc2 194/*
5a6b583a
MS		 195 * 'cupsServer()' - Return the hostname/address of the current server.
196 *
197 * The default server comes from the CUPS_SERVER environment variable, then the
198 * ~/.cups/client.conf file, and finally the /etc/cups/client.conf file. If not
199 * set, the default is the local system - either "localhost" or a domain socket
200 * path.
ef416fc2 201 *
5a6b583a
MS		 202 * The returned value can be a fully-qualified hostname, a numeric IPv4 or IPv6
203 * address, or a domain socket pathname.
204 *
205 * Note: The current server is tracked separately for each thread in a program.
206 * Multi-threaded programs that override the server via the
207 * @link cupsSetServer@ function need to do so in each thread for the same
208 * server to be used.
ef416fc2 209 */
210
211const char * /* O - Server name */
212cupsServer(void)
213{
ef416fc2 214 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
215
216
ef416fc2 217 if (!cg->server[0])
e07d4801 218 _cupsSetDefaults();
ef416fc2 219
e07d4801
MS		 220 return (cg->server);
221}
ef416fc2 222
d09495fa 223
7cf5915e
MS		 224/*
225 * 'cupsSetClientCertCB()' - Set the client certificate callback.
226 *
227 * Pass @code NULL@ to restore the default callback.
228 *
229 * Note: The current certificate callback is tracked separately for each thread
230 * in a program. Multi-threaded programs that override the callback need to do
231 * so in each thread for the same callback to be used.
232 *
8072030b 233 * @since CUPS 1.5/macOS 10.7@
7cf5915e
MS		 234 */
235
236void
237cupsSetClientCertCB(
238 cups_client_cert_cb_t cb, /* I - Callback function */
239 void *user_data) /* I - User data pointer */
240{
241 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
242
243
244 cg->client_cert_cb = cb;
245 cg->client_cert_data = user_data;
246}
247
248
249/*
250 * 'cupsSetCredentials()' - Set the default credentials to be used for SSL/TLS
251 * connections.
252 *
253 * Note: The default credentials are tracked separately for each thread in a
254 * program. Multi-threaded programs that override the setting need to do so in
255 * each thread for the same setting to be used.
256 *
8072030b 257 * @since CUPS 1.5/macOS 10.7@
7cf5915e
MS		 258 */
259
260int /* O - Status of call (0 = success) */
261cupsSetCredentials(
262 cups_array_t *credentials) /* I - Array of credentials */
263{
264 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
265
266
267 if (cupsArrayCount(credentials) < 1)
268 return (-1);
269
7d5824d6 270#ifdef HAVE_SSL
7cf5915e 271 _httpFreeCredentials(cg->tls_credentials);
85dda01c 272 cg->tls_credentials = _httpCreateCredentials(credentials);
7d5824d6 273#endif /* HAVE_SSL */
7cf5915e
MS		 274
275 return (cg->tls_credentials ? 0 : -1);
276}
277
278
e07d4801
MS		 279/*
280 * 'cupsSetEncryption()' - Set the encryption preference.
5a6b583a
MS		 281 *
282 * The default encryption setting comes from the CUPS_ENCRYPTION
283 * environment variable, then the ~/.cups/client.conf file, and finally the
284 * /etc/cups/client.conf file. If not set, the default is
cb7f98ee 285 * @code HTTP_ENCRYPTION_IF_REQUESTED@.
5a6b583a
MS		 286 *
287 * Note: The current encryption setting is tracked separately for each thread
288 * in a program. Multi-threaded programs that override the setting need to do
289 * so in each thread for the same setting to be used.
e07d4801 290 */
ef416fc2 291
e07d4801
MS		 292void
293cupsSetEncryption(http_encryption_t e) /* I - New encryption preference */
294{
295 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
ef416fc2 296
ef416fc2 297
e07d4801 298 cg->encryption = e;
ef416fc2 299
e07d4801
MS		 300 if (cg->http)
301 httpEncryption(cg->http, e);
ef416fc2 302}
303
304
305/*
306 * 'cupsSetPasswordCB()' - Set the password callback for CUPS.
307 *
5a6b583a
MS		 308 * Pass @code NULL@ to restore the default (console) password callback, which
309 * reads the password from the console. Programs should call either this
310 * function or @link cupsSetPasswordCB2@, as only one callback can be registered
311 * by a program per thread.
312 *
313 * Note: The current password callback is tracked separately for each thread
314 * in a program. Multi-threaded programs that override the callback need to do
315 * so in each thread for the same callback to be used.
53af7f21
MS		 316 *
317 * @exclude all@
ef416fc2 318 */
319
320void
321cupsSetPasswordCB(cups_password_cb_t cb)/* I - Callback function */
322{
323 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
324
325
f11a948a
MS		 326 if (cb == (cups_password_cb_t)0)
327 cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
328 else
329 cg->password_cb = (cups_password_cb2_t)cb;
330
331 cg->password_data = NULL;
332}
333
334
335/*
336 * 'cupsSetPasswordCB2()' - Set the advanced password callback for CUPS.
337 *
5a6b583a
MS		 338 * Pass @code NULL@ to restore the default (console) password callback, which
339 * reads the password from the console. Programs should call either this
340 * function or @link cupsSetPasswordCB2@, as only one callback can be registered
341 * by a program per thread.
342 *
343 * Note: The current password callback is tracked separately for each thread
344 * in a program. Multi-threaded programs that override the callback need to do
345 * so in each thread for the same callback to be used.
f11a948a 346 *
8072030b 347 * @since CUPS 1.4/macOS 10.6@
f11a948a
MS		 348 */
349
350void
351cupsSetPasswordCB2(
352 cups_password_cb2_t cb, /* I - Callback function */
353 void *user_data) /* I - User data pointer */
354{
355 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
356
357
358 if (cb == (cups_password_cb2_t)0)
359 cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
ef416fc2 360 else
361 cg->password_cb = cb;
f11a948a
MS		 362
363 cg->password_data = user_data;
ef416fc2 364}
365
366
367/*
5a6b583a 368 * 'cupsSetServer()' - Set the default server name and port.
ef416fc2 369 *
370 * The "server" string can be a fully-qualified hostname, a numeric
5a6b583a
MS		 371 * IPv4 or IPv6 address, or a domain socket pathname. Hostnames and numeric IP
372 * addresses can be optionally followed by a colon and port number to override
373 * the default port 631, e.g. "hostname:8631". Pass @code NULL@ to restore the
374 * default server name and port.
375 *
376 * Note: The current server is tracked separately for each thread in a program.
377 * Multi-threaded programs that override the server need to do so in each
378 * thread for the same server to be used.
ef416fc2 379 */
380
381void
382cupsSetServer(const char *server) /* I - Server name */
383{
0cb67df3
MS		 384 char *options, /* Options */
385 *port; /* Pointer to port */
ef416fc2 386 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
387
388
389 if (server)
390 {
391 strlcpy(cg->server, server, sizeof(cg->server));
392
0cb67df3
MS		 393 if (cg->server[0] != '/' && (options = strrchr(cg->server, '/')) != NULL)
394 {
395 *options++ = '\0';
396
397 if (!strcmp(options, "version=1.0"))
398 cg->server_version = 10;
399 else if (!strcmp(options, "version=1.1"))
400 cg->server_version = 11;
401 else if (!strcmp(options, "version=2.0"))
402 cg->server_version = 20;
403 else if (!strcmp(options, "version=2.1"))
404 cg->server_version = 21;
405 else if (!strcmp(options, "version=2.2"))
406 cg->server_version = 22;
407 }
567f49cb
MS		 408 else
409 cg->server_version = 20;
0cb67df3 410
ef416fc2 411 if (cg->server[0] != '/' && (port = strrchr(cg->server, ':')) != NULL &&
412 !strchr(port, ']') && isdigit(port[1] & 255))
413 {
414 *port++ = '\0';
415
e07d4801 416 cg->ipp_port = atoi(port);
ef416fc2 417 }
418
4b9daaf4
MS		 419 if (!cg->ipp_port)
420 cups_set_default_ipp_port(cg);
421
ef416fc2 422 if (cg->server[0] == '/')
5a9febac 423 strlcpy(cg->servername, "localhost", sizeof(cg->servername));
ef416fc2 424 else
425 strlcpy(cg->servername, cg->server, sizeof(cg->servername));
426 }
427 else
428 {
0cb67df3
MS		 429 cg->server[0] = '\0';
430 cg->servername[0] = '\0';
431 cg->server_version = 20;
4b9daaf4 432 cg->ipp_port = 0;
ef416fc2 433 }
5a738aea
MS		 434
435 if (cg->http)
436 {
437 httpClose(cg->http);
438 cg->http = NULL;
439 }
ef416fc2 440}
441
442
7cf5915e
MS		 443/*
444 * 'cupsSetServerCertCB()' - Set the server certificate callback.
445 *
446 * Pass @code NULL@ to restore the default callback.
447 *
448 * Note: The current credentials callback is tracked separately for each thread
449 * in a program. Multi-threaded programs that override the callback need to do
450 * so in each thread for the same callback to be used.
451 *
8072030b 452 * @since CUPS 1.5/macOS 10.7@
7cf5915e
MS		 453 */
454
455void
456cupsSetServerCertCB(
457 cups_server_cert_cb_t cb, /* I - Callback function */
458 void *user_data) /* I - User data pointer */
459{
460 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
461
462
463 cg->server_cert_cb = cb;
464 cg->server_cert_data = user_data;
465}
466
467
ef416fc2 468/*
469 * 'cupsSetUser()' - Set the default user name.
470 *
5a738aea 471 * Pass @code NULL@ to restore the default user name.
5a6b583a
MS		 472 *
473 * Note: The current user name is tracked separately for each thread in a
474 * program. Multi-threaded programs that override the user name need to do so
475 * in each thread for the same user name to be used.
ef416fc2 476 */
477
478void
479cupsSetUser(const char *user) /* I - User name */
480{
481 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
482
483
484 if (user)
485 strlcpy(cg->user, user, sizeof(cg->user));
486 else
487 cg->user[0] = '\0';
488}
489
490
db8b865d
MS		 491/*
492 * 'cupsSetUserAgent()' - Set the default HTTP User-Agent string.
493 *
494 * Setting the string to NULL forces the default value containing the CUPS
495 * version, IPP version, and operating system version and architecture.
496 *
8072030b 497 * @since CUPS 1.7/macOS 10.9@
db8b865d
MS		 498 */
499
500void
501cupsSetUserAgent(const char *user_agent)/* I - User-Agent string or @code NULL@ */
502{
503 _cups_globals_t *cg = _cupsGlobals();
504 /* Thread globals */
19dc16f7 505#ifdef _WIN32
db8b865d 506 SYSTEM_INFO sysinfo; /* System information */
104c5283 507 OSVERSIONINFOA version; /* OS version info */
588c2205
MS		 508 const char *machine; /* Hardware/machine name */
509#elif defined(__APPLE__)
510 struct utsname name; /* uname info */
511 char version[256]; /* macOS/iOS version */
512 size_t len; /* Length of value */
db8b865d
MS		 513#else
514 struct utsname name; /* uname info */
19dc16f7 515#endif /* _WIN32 */
db8b865d
MS		 516
517
518 if (user_agent)
519 {
520 strlcpy(cg->user_agent, user_agent, sizeof(cg->user_agent));
521 return;
522 }
523
59cd12c6
MS		 524 if (cg->uatokens < _CUPS_UATOKENS_OS)
525 {
526 switch (cg->uatokens)
527 {
528 default :
529 case _CUPS_UATOKENS_NONE :
530 cg->user_agent[0] = '\0';
531 break;
532 case _CUPS_UATOKENS_PRODUCT_ONLY :
533 strlcpy(cg->user_agent, "CUPS IPP", sizeof(cg->user_agent));
534 break;
535 case _CUPS_UATOKENS_MAJOR :
536 snprintf(cg->user_agent, sizeof(cg->user_agent), "CUPS/%d IPP/2", CUPS_VERSION_MAJOR);
537 break;
538 case _CUPS_UATOKENS_MINOR :
539 snprintf(cg->user_agent, sizeof(cg->user_agent), "CUPS/%d.%d IPP/2.1", CUPS_VERSION_MAJOR, CUPS_VERSION_MINOR);
540 break;
541 case _CUPS_UATOKENS_MINIMAL :
542 strlcpy(cg->user_agent, CUPS_MINIMAL " IPP/2.1", sizeof(cg->user_agent));
543 break;
544 }
545 }
546
19dc16f7 547#ifdef _WIN32
588c2205
MS		 548 /*
549 * Gather Windows version information for the User-Agent string...
550 */
551
db8b865d 552 version.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
86206ccf 553 GetVersionExA(&version);
db8b865d
MS		 554 GetNativeSystemInfo(&sysinfo);
555
588c2205
MS		 556 switch (sysinfo.wProcessorArchitecture)
557 {
558 case PROCESSOR_ARCHITECTURE_AMD64 :
559 machine = "amd64";
560 break;
561
562 case PROCESSOR_ARCHITECTURE_ARM :
563 machine = "arm";
564 break;
565
566 case PROCESSOR_ARCHITECTURE_IA64 :
567 machine = "ia64";
568 break;
569
570 case PROCESSOR_ARCHITECTURE_INTEL :
571 machine = "intel";
572 break;
573
574 default :
575 machine = "unknown";
576 break;
577 }
578
59cd12c6
MS		 579 if (cg->uatokens == _CUPS_UATOKENS_OS)
580 snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (Windows %d.%d) IPP/2.0", version.dwMajorVersion, version.dwMinorVersion);
581 else
582 snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (Windows %d.%d; %s) IPP/2.0", version.dwMajorVersion, version.dwMinorVersion, machine);
588c2205
MS		 583
584#elif defined(__APPLE__)
585 /*
586 * Gather macOS/iOS version information for the User-Agent string...
587 */
588
589 uname(&name);
590
591 len = sizeof(version) - 1;
592 if (!sysctlbyname("kern.osproductversion", version, &len, NULL, 0))
593 version[len] = '\0';
594 else
595 strlcpy(version, "unknown", sizeof(version));
596
3c2cb822 597# if TARGET_OS_OSX
59cd12c6
MS		 598 if (cg->uatokens == _CUPS_UATOKENS_OS)
599 snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (macOS %s) IPP/2.0", version);
600 else
601 snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (macOS %s; %s) IPP/2.0", version, name.machine);
602
3c2cb822 603# else
59cd12c6
MS		 604 if (cg->uatokens == _CUPS_UATOKENS_OS)
605 snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (iOS %s) IPP/2.0", version);
606 else
607 snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (iOS %s; %s) IPP/2.0", version, name.machine);
3c2cb822 608# endif /* TARGET_OS_OSX */
db8b865d
MS		 609
610#else
588c2205
MS		 611 /*
612 * Gather generic UNIX version information for the User-Agent string...
613 */
614
db8b865d
MS		 615 uname(&name);
616
59cd12c6
MS		 617 if (cg->uatokens == _CUPS_UATOKENS_OS)
618 snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (%s %s) IPP/2.0", name.sysname, name.release);
619 else
620 snprintf(cg->user_agent, sizeof(cg->user_agent), CUPS_MINIMAL " (%s %s; %s) IPP/2.0", name.sysname, name.release, name.machine);
19dc16f7 621#endif /* _WIN32 */
db8b865d
MS		 622}
623
624
ef416fc2 625/*
626 * 'cupsUser()' - Return the current user's name.
5a6b583a
MS		 627 *
628 * Note: The current user name is tracked separately for each thread in a
629 * program. Multi-threaded programs that override the user name with the
630 * @link cupsSetUser@ function need to do so in each thread for the same user
631 * name to be used.
ef416fc2 632 */
633
634const char * /* O - User name */
635cupsUser(void)
636{
637 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
638
639
640 if (!cg->user[0])
3e7fe0ca 641 _cupsSetDefaults();
ef416fc2 642
643 return (cg->user);
644}
645
646
db8b865d
MS		 647/*
648 * 'cupsUserAgent()' - Return the default HTTP User-Agent string.
649 *
8072030b 650 * @since CUPS 1.7/macOS 10.9@
db8b865d
MS		 651 */
652
653const char * /* O - User-Agent string */
654cupsUserAgent(void)
655{
656 _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */
657
658
659 if (!cg->user_agent[0])
660 cupsSetUserAgent(NULL);
661
662 return (cg->user_agent);
663}
664
665
ef416fc2 666/*
667 * '_cupsGetPassword()' - Get a password from the user.
668 */
669
dcb445bc 670const char * /* O - Password or @code NULL@ if none */
ef416fc2 671_cupsGetPassword(const char *prompt) /* I - Prompt string */
672{
19dc16f7 673#ifdef _WIN32
dcb445bc
MS		 674 HANDLE tty; /* Console handle */
675 DWORD mode; /* Console mode */
676 char passch, /* Current key press */
677 *passptr, /* Pointer into password string */
678 *passend; /* End of password string */
12f89d24 679 DWORD passbytes; /* Bytes read */
dcb445bc
MS		 680 _cups_globals_t *cg = _cupsGlobals();
681 /* Thread globals */
682
683
5a6b583a 684 /*
dcb445bc 685 * Disable input echo and set raw input...
5a6b583a
MS		 686 */
687
dcb445bc
MS		 688 if ((tty = GetStdHandle(STD_INPUT_HANDLE)) == INVALID_HANDLE_VALUE)
689 return (NULL);
690
691 if (!GetConsoleMode(tty, &mode))
692 return (NULL);
693
694 if (!SetConsoleMode(tty, 0))
695 return (NULL);
696
697 /*
698 * Display the prompt...
699 */
700
701 printf("%s ", prompt);
702 fflush(stdout);
703
704 /*
705 * Read the password string from /dev/tty until we get interrupted or get a
706 * carriage return or newline...
707 */
708
709 passptr = cg->password;
710 passend = cg->password + sizeof(cg->password) - 1;
711
12f89d24 712 while (ReadFile(tty, &passch, 1, &passbytes, NULL))
dcb445bc
MS		 713 {
714 if (passch == 0x0A || passch == 0x0D)
715 {
716 /*
717 * Enter/return...
718 */
719
720 break;
721 }
722 else if (passch == 0x08 || passch == 0x7F)
723 {
724 /*
725 * Backspace/delete (erase character)...
726 */
727
728 if (passptr > cg->password)
729 {
730 passptr --;
731 fputs("\010 \010", stdout);
732 }
733 else
734 putchar(0x07);
735 }
736 else if (passch == 0x15)
737 {
738 /*
739 * CTRL+U (erase line)
740 */
741
742 if (passptr > cg->password)
743 {
744 while (passptr > cg->password)
745 {
746 passptr --;
747 fputs("\010 \010", stdout);
748 }
749 }
750 else
751 putchar(0x07);
752 }
753 else if (passch == 0x03)
754 {
755 /*
756 * CTRL+C...
757 */
758
759 passptr = cg->password;
760 break;
761 }
762 else if ((passch & 255) < 0x20 || passptr >= passend)
763 putchar(0x07);
764 else
765 {
766 *passptr++ = passch;
767 putchar(_CUPS_PASSCHAR);
768 }
769
770 fflush(stdout);
771 }
772
773 putchar('\n');
774 fflush(stdout);
775
776 /*
777 * Cleanup...
778 */
779
780 SetConsoleMode(tty, mode);
781
782 /*
783 * Return the proper value...
784 */
785
786 if (passbytes == 1 && passptr > cg->password)
787 {
788 *passptr = '\0';
789 return (cg->password);
790 }
791 else
792 {
793 memset(cg->password, 0, sizeof(cg->password));
794 return (NULL);
795 }
5a6b583a
MS		 796
797#else
dcb445bc
MS		 798 int tty; /* /dev/tty - never read from stdin */
799 struct termios original, /* Original input mode */
800 noecho; /* No echo input mode */
801 char passch, /* Current key press */
802 *passptr, /* Pointer into password string */
803 *passend; /* End of password string */
804 ssize_t passbytes; /* Bytes read */
805 _cups_globals_t *cg = _cupsGlobals();
806 /* Thread globals */
807
808
5a6b583a 809 /*
dcb445bc 810 * Disable input echo and set raw input...
5a6b583a
MS		 811 */
812
dcb445bc
MS		 813 if ((tty = open("/dev/tty", O_RDONLY)) < 0)
814 return (NULL);
815
816 if (tcgetattr(tty, &original))
817 {
818 close(tty);
819 return (NULL);
820 }
821
822 noecho = original;
7e86f2f6 823 noecho.c_lflag &= (tcflag_t)~(ICANON | ECHO | ECHOE | ISIG);
a8db9df8
MS		 824 noecho.c_cc[VMIN] = 1;
825 noecho.c_cc[VTIME] = 0;
7cf5915e 826
dcb445bc
MS		 827 if (tcsetattr(tty, TCSAFLUSH, &noecho))
828 {
829 close(tty);
7cf5915e 830 return (NULL);
dcb445bc
MS		 831 }
832
833 /*
834 * Display the prompt...
835 */
836
837 printf("%s ", prompt);
838 fflush(stdout);
839
840 /*
841 * Read the password string from /dev/tty until we get interrupted or get a
842 * carriage return or newline...
843 */
844
845 passptr = cg->password;
846 passend = cg->password + sizeof(cg->password) - 1;
847
848 while ((passbytes = read(tty, &passch, 1)) == 1)
849 {
8dd318e5
MS		 850 if (passch == noecho.c_cc[VEOL] ||
851# ifdef VEOL2
852 passch == noecho.c_cc[VEOL2] ||
853# endif /* VEOL2 */
dcb445bc
MS		 854 passch == 0x0A || passch == 0x0D)
855 {
856 /*
857 * Enter/return...
858 */
859
860 break;
861 }
862 else if (passch == noecho.c_cc[VERASE] ||
863 passch == 0x08 || passch == 0x7F)
864 {
865 /*
866 * Backspace/delete (erase character)...
867 */
868
869 if (passptr > cg->password)
870 {
871 passptr --;
872 fputs("\010 \010", stdout);
873 }
874 else
875 putchar(0x07);
876 }
877 else if (passch == noecho.c_cc[VKILL])
878 {
879 /*
880 * CTRL+U (erase line)
881 */
882
883 if (passptr > cg->password)
884 {
885 while (passptr > cg->password)
886 {
887 passptr --;
888 fputs("\010 \010", stdout);
889 }
890 }
891 else
892 putchar(0x07);
893 }
894 else if (passch == noecho.c_cc[VINTR] || passch == noecho.c_cc[VQUIT] ||
895 passch == noecho.c_cc[VEOF])
896 {
897 /*
898 * CTRL+C, CTRL+D, or CTRL+Z...
899 */
900
901 passptr = cg->password;
902 break;
903 }
904 else if ((passch & 255) < 0x20 || passptr >= passend)
905 putchar(0x07);
906 else
907 {
908 *passptr++ = passch;
909 putchar(_CUPS_PASSCHAR);
910 }
911
912 fflush(stdout);
913 }
914
915 putchar('\n');
916 fflush(stdout);
917
918 /*
919 * Cleanup...
920 */
921
922 tcsetattr(tty, TCSAFLUSH, &original);
923 close(tty);
924
925 /*
926 * Return the proper value...
927 */
928
929 if (passbytes == 1 && passptr > cg->password)
930 {
931 *passptr = '\0';
932 return (cg->password);
933 }
7cf5915e 934 else
dcb445bc
MS		 935 {
936 memset(cg->password, 0, sizeof(cg->password));
937 return (NULL);
938 }
19dc16f7 939#endif /* _WIN32 */
5a6b583a 940}
ef416fc2 941
942
eac3a0a0
MS		 943#ifdef HAVE_GSSAPI
944/*
945 * '_cupsGSSServiceName()' - Get the GSS (Kerberos) service name.
946 */
947
948const char *
949_cupsGSSServiceName(void)
950{
951 _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */
952
953
954 if (!cg->gss_service_name[0])
955 _cupsSetDefaults();
956
957 return (cg->gss_service_name);
958}
959#endif /* HAVE_GSSAPI */
960
961
ef416fc2 962/*
e07d4801 963 * '_cupsSetDefaults()' - Set the default server, port, and encryption.
b423cd4c 964 */
965
e07d4801
MS		 966void
967_cupsSetDefaults(void)
b423cd4c 968{
969 cups_file_t *fp; /* File */
3abb875b 970 const char *home; /* Home directory of user */
b423cd4c 971 char filename[1024]; /* Filename */
3abb875b 972 _cups_client_conf_t cc; /* client.conf values */
b423cd4c 973 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
974
975
e07d4801
MS		 976 DEBUG_puts("_cupsSetDefaults()");
977
978 /*
3abb875b
MS		 979 * Load initial client.conf values...
980 */
981
982 cups_init_client_conf(&cc);
983
984 /*
985 * Read the /etc/cups/client.conf and ~/.cups/client.conf files, if
986 * present.
987 */
988
989 snprintf(filename, sizeof(filename), "%s/client.conf", cg->cups_serverroot);
990 if ((fp = cupsFileOpen(filename, "r")) != NULL)
991 {
992 cups_read_client_conf(fp, &cc);
993 cupsFileClose(fp);
994 }
995
996# ifdef HAVE_GETEUID
997 if ((geteuid() == getuid() || !getuid()) && getegid() == getgid() && (home = getenv("HOME")) != NULL)
19dc16f7 998# elif !defined(_WIN32)
3abb875b
MS		 999 if (getuid() && (home = getenv("HOME")) != NULL)
1000# else
1001 if ((home = getenv("HOME")) != NULL)
1002# endif /* HAVE_GETEUID */
1003 {
1004 /*
1005 * Look for ~/.cups/client.conf...
1006 */
1007
1008 snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home);
1009 if ((fp = cupsFileOpen(filename, "r")) != NULL)
1010 {
1011 cups_read_client_conf(fp, &cc);
1012 cupsFileClose(fp);
1013 }
1014 }
1015
1016 /*
1017 * Finalize things so every client.conf value is set...
e07d4801
MS		 1018 */
1019
3abb875b
MS		 1020 cups_finalize_client_conf(&cc);
1021
59cd12c6
MS		 1022 cg->uatokens = cc.uatokens;
1023
3abb875b
MS		 1024 if (cg->encryption == (http_encryption_t)-1)
1025 cg->encryption = cc.encryption;
1026
1027 if (!cg->server[0] || !cg->ipp_port)
1028 cupsSetServer(cc.server_name);
1029
1030 if (!cg->ipp_port)
4b9daaf4 1031 cups_set_default_ipp_port(cg);
3abb875b
MS		 1032
1033 if (!cg->user[0])
1034 strlcpy(cg->user, cc.user, sizeof(cg->user));
1035
1036#ifdef HAVE_GSSAPI
1037 if (!cg->gss_service_name[0])
1038 strlcpy(cg->gss_service_name, cc.gss_service_name, sizeof(cg->gss_service_name));
1039#endif /* HAVE_GSSAPI */
1040
08d56b1f
MS		 1041 if (cg->trust_first < 0)
1042 cg->trust_first = cc.trust_first;
1043
3abb875b
MS		 1044 if (cg->any_root < 0)
1045 cg->any_root = cc.any_root;
1046
1047 if (cg->expired_certs < 0)
1048 cg->expired_certs = cc.expired_certs;
1049
1050 if (cg->validate_certs < 0)
1051 cg->validate_certs = cc.validate_certs;
1052
1053#ifdef HAVE_SSL
8f1fbdec 1054 _httpTLSSetOptions(cc.ssl_options | _HTTP_TLS_SET_DEFAULT, cc.ssl_min_version, cc.ssl_max_version);
3abb875b
MS		 1055#endif /* HAVE_SSL */
1056}
1057
1058
08d56b1f
MS		 1059#ifdef __APPLE__
1060/*
1061 * 'cups_apple_get_boolean()' - Get a boolean setting from the CUPS preferences.
1062 */
1063
1064static int /* O - 1 if set, 0 otherwise */
1065cups_apple_get_boolean(
1066 CFStringRef key, /* I - Key (name) */
1067 int *value) /* O - Boolean value */
1068{
1069 Boolean bval, /* Preference value */
1070 bval_set; /* Value is set? */
1071
1072
1073 bval = CFPreferencesGetAppBooleanValue(key, kCUPSPrintingPrefs, &bval_set);
1074
1075 if (bval_set)
1076 *value = (int)bval;
1077
1078 return ((int)bval_set);
1079}
1080
1081
1082/*
1083 * 'cups_apple_get_string()' - Get a string setting from the CUPS preferences.
1084 */
1085
1086static int /* O - 1 if set, 0 otherwise */
1087cups_apple_get_string(
1088 CFStringRef key, /* I - Key (name) */
1089 char *value, /* O - String value */
1090 size_t valsize) /* I - Size of value buffer */
1091{
1092 CFStringRef sval; /* String value */
1093
1094
1095 if ((sval = CFPreferencesCopyAppValue(key, kCUPSPrintingPrefs)) != NULL)
1096 {
1097 Boolean result = CFStringGetCString(sval, value, (CFIndex)valsize, kCFStringEncodingUTF8);
1098
1099 CFRelease(sval);
1100
1101 if (result)
1102 return (1);
1103 }
1104
1105 return (0);
1106}
1107#endif /* __APPLE__ */
1108
1109
3abb875b
MS		 1110/*
1111 * 'cups_boolean_value()' - Convert a string to a boolean value.
1112 */
1113
1114static int /* O - Boolean value */
1115cups_boolean_value(const char *value) /* I - String value */
1116{
1117 return (!_cups_strcasecmp(value, "yes") || !_cups_strcasecmp(value, "on") || !_cups_strcasecmp(value, "true"));
1118}
1119
1120
1121/*
1122 * 'cups_finalize_client_conf()' - Finalize client.conf values.
1123 */
1124
1125static void
1126cups_finalize_client_conf(
1127 _cups_client_conf_t *cc) /* I - client.conf values */
1128{
1129 const char *value; /* Environment variable */
1130
1131
08d56b1f
MS		 1132 if ((value = getenv("CUPS_TRUSTFIRST")) != NULL)
1133 cc->trust_first = cups_boolean_value(value);
1134
3abb875b
MS		 1135 if ((value = getenv("CUPS_ANYROOT")) != NULL)
1136 cc->any_root = cups_boolean_value(value);
1137
1138 if ((value = getenv("CUPS_ENCRYPTION")) != NULL)
1139 cups_set_encryption(cc, value);
1140
1141 if ((value = getenv("CUPS_EXPIREDCERTS")) != NULL)
1142 cc->expired_certs = cups_boolean_value(value);
1143
07ed0e9a 1144#ifdef HAVE_GSSAPI
3abb875b
MS		 1145 if ((value = getenv("CUPS_GSSSERVICENAME")) != NULL)
1146 cups_set_gss_service_name(cc, value);
07ed0e9a 1147#endif /* HAVE_GSSAPI */
3abb875b
MS		 1148
1149 if ((value = getenv("CUPS_SERVER")) != NULL)
1150 cups_set_server_name(cc, value);
1151
1152 if ((value = getenv("CUPS_USER")) != NULL)
1153 cups_set_user(cc, value);
1154
1155 if ((value = getenv("CUPS_VALIDATECERTS")) != NULL)
1156 cc->validate_certs = cups_boolean_value(value);
e07d4801
MS		 1157
1158 /*
3abb875b 1159 * Then apply defaults for those values that haven't been set...
e07d4801
MS		 1160 */
1161
08d56b1f
MS		 1162 if (cc->trust_first < 0)
1163 cc->trust_first = 1;
1164
3abb875b
MS		 1165 if (cc->any_root < 0)
1166 cc->any_root = 1;
1167
1168 if (cc->encryption == (http_encryption_t)-1)
1169 cc->encryption = HTTP_ENCRYPTION_IF_REQUESTED;
1170
1171 if (cc->expired_certs < 0)
08d56b1f 1172 cc->expired_certs = 0;
3abb875b
MS		 1173
1174#ifdef HAVE_GSSAPI
1175 if (!cc->gss_service_name[0])
1176 cups_set_gss_service_name(cc, CUPS_DEFAULT_GSSSERVICENAME);
1177#endif /* HAVE_GSSAPI */
1178
1179 if (!cc->server_name[0])
e07d4801 1180 {
63aefcd5 1181 /*
3abb875b
MS		 1182 * If we are compiled with domain socket support, only use the
1183 * domain socket if it exists and has the right permissions...
63aefcd5
MS		 1184 */
1185
9e24f768
MS		 1186#if defined(__APPLE__) && !TARGET_OS_OSX
1187 cups_set_server_name(cc, "/private/var/run/printd");
1188
1189#else
1190# ifdef CUPS_DEFAULT_DOMAINSOCKET
89b7fd55 1191 if (!access(CUPS_DEFAULT_DOMAINSOCKET, R_OK))
3abb875b
MS		 1192 cups_set_server_name(cc, CUPS_DEFAULT_DOMAINSOCKET);
1193 else
9e24f768
MS		 1194# endif /* CUPS_DEFAULT_DOMAINSOCKET */
1195 cups_set_server_name(cc, "localhost");
1196#endif /* __APPLE__ && !TARGET_OS_OSX */
3abb875b 1197 }
63aefcd5 1198
3abb875b
MS		 1199 if (!cc->user[0])
1200 {
19dc16f7 1201#ifdef _WIN32
63aefcd5 1202 /*
3abb875b 1203 * Get the current user name from the OS...
63aefcd5
MS		 1204 */
1205
3abb875b 1206 DWORD size; /* Size of string */
63aefcd5 1207
3abb875b 1208 size = sizeof(cc->user);
86206ccf 1209 if (!GetUserNameA(cc->user, &size))
3abb875b 1210#else
63aefcd5 1211 /*
3abb875b 1212 * Try the USER environment variable as the default username...
63aefcd5
MS		 1213 */
1214
3abb875b
MS		 1215 const char *envuser = getenv("USER");
1216 /* Default username */
1217 struct passwd *pw = NULL; /* Account information */
1218
1219 if (envuser)
d09495fa 1220 {
10d09e33 1221 /*
3abb875b
MS		 1222 * Validate USER matches the current UID, otherwise don't allow it to
1223 * override things... This makes sure that printing after doing su
1224 * or sudo records the correct username.
10d09e33 1225 */
e07d4801 1226
3abb875b
MS		 1227 if ((pw = getpwnam(envuser)) != NULL && pw->pw_uid != getuid())
1228 pw = NULL;
1229 }
1230
1231 if (!pw)
1232 pw = getpwuid(getuid());
e07d4801 1233
3abb875b
MS		 1234 if (pw)
1235 strlcpy(cc->user, pw->pw_name, sizeof(cc->user));
1236 else
19dc16f7 1237#endif /* _WIN32 */
3abb875b 1238 {
e07d4801 1239 /*
3abb875b 1240 * Use the default "unknown" user name...
e07d4801
MS		 1241 */
1242
3abb875b 1243 strlcpy(cc->user, "unknown", sizeof(cc->user));
63aefcd5 1244 }
e07d4801 1245 }
3abb875b
MS		 1246
1247 if (cc->validate_certs < 0)
1248 cc->validate_certs = 0;
1249}
1250
1251
1252/*
1253 * 'cups_init_client_conf()' - Initialize client.conf values.
1254 */
1255
1256static void
1257cups_init_client_conf(
1258 _cups_client_conf_t *cc) /* I - client.conf values */
1259{
1260 /*
1261 * Clear all values to "not set"...
1262 */
1263
1264 memset(cc, 0, sizeof(_cups_client_conf_t));
1265
59cd12c6
MS		 1266 cc->uatokens = _CUPS_UATOKENS_MINIMAL;
1267
3c2cb822 1268#if defined(__APPLE__) && !TARGET_OS_OSX
588c2205 1269 cups_set_user(cc, "mobile");
3c2cb822 1270#endif /* __APPLE__ && !TARGET_OS_OSX */
588c2205 1271
60da78ba 1272#ifdef HAVE_SSL
c88f441f
MS		 1273 cc->ssl_min_version = _HTTP_TLS_1_0;
1274 cc->ssl_max_version = _HTTP_TLS_MAX;
60da78ba 1275#endif /* HAVE_SSL */
c88f441f
MS		 1276 cc->encryption = (http_encryption_t)-1;
1277 cc->trust_first = -1;
1278 cc->any_root = -1;
1279 cc->expired_certs = -1;
1280 cc->validate_certs = -1;
08d56b1f
MS		 1281
1282 /*
1283 * Load settings from the org.cups.PrintingPrefs plist (which trump
1284 * everything...)
1285 */
1286
59cd12c6 1287#if defined(__APPLE__)
08d56b1f 1288 char sval[1024]; /* String value */
59cd12c6 1289# ifdef HAVE_SSL
08d56b1f
MS		 1290 int bval; /* Boolean value */
1291
1292 if (cups_apple_get_boolean(kAllowAnyRootKey, &bval))
1293 cc->any_root = bval;
1294
1295 if (cups_apple_get_boolean(kAllowExpiredCertsKey, &bval))
1296 cc->expired_certs = bval;
1297
1298 if (cups_apple_get_string(kEncryptionKey, sval, sizeof(sval)))
1299 cups_set_encryption(cc, sval);
1300
1301 if (cups_apple_get_string(kSSLOptionsKey, sval, sizeof(sval)))
588c2205 1302 {
08d56b1f 1303 cups_set_ssl_options(cc, sval);
588c2205
MS		 1304 }
1305 else
1306 {
1307 sval[0] = '\0';
1308
1309 if (cups_apple_get_boolean(kAllowRC4, &bval) && bval)
1310 strlcat(sval, " AllowRC4", sizeof(sval));
1311 if (cups_apple_get_boolean(kAllowSSL3, &bval) && bval)
1312 strlcat(sval, " AllowSSL3", sizeof(sval));
1313 if (cups_apple_get_boolean(kAllowDH, &bval) && bval)
1314 strlcat(sval, " AllowDH", sizeof(sval));
1315
1316 if (sval[0])
1317 cups_set_ssl_options(cc, sval);
1318 }
08d56b1f
MS		 1319
1320 if (cups_apple_get_boolean(kTrustOnFirstUseKey, &bval))
1321 cc->trust_first = bval;
1322
1323 if (cups_apple_get_boolean(kValidateCertsKey, &bval))
1324 cc->validate_certs = bval;
59cd12c6
MS		 1325# endif /* HAVE_SSL */
1326
1327 if (cups_apple_get_string(kUserAgentTokensKey, sval, sizeof(sval)))
1328 {
1329 cups_set_uatokens(cc, sval);
1330 }
1331#endif /* __APPLE__ */
e07d4801
MS		 1332}
1333
1334
1335/*
1336 * 'cups_read_client_conf()' - Read a client.conf file.
1337 */
1338
1339static void
1340cups_read_client_conf(
3abb875b
MS		 1341 cups_file_t *fp, /* I - File to read */
1342 _cups_client_conf_t *cc) /* I - client.conf values */
e07d4801
MS		 1343{
1344 int linenum; /* Current line number */
1345 char line[1024], /* Line from file */
3abb875b 1346 *value; /* Pointer into line */
e07d4801
MS		 1347
1348
1349 /*
1350 * Read from the file...
1351 */
1352
1353 linenum = 0;
1354 while (cupsFileGetConf(fp, line, sizeof(line), &value, &linenum))
1355 {
3abb875b
MS		 1356 if (!_cups_strcasecmp(line, "Encryption") && value)
1357 cups_set_encryption(cc, value);
85dda01c
MS		 1358#ifndef __APPLE__
1359 /*
8072030b 1360 * The ServerName directive is not supported on macOS due to app
3abb875b 1361 * sandboxing restrictions, i.e. not all apps request network access.
85dda01c 1362 */
3abb875b
MS		 1363 else if (!_cups_strcasecmp(line, "ServerName") && value)
1364 cups_set_server_name(cc, value);
85dda01c 1365#endif /* !__APPLE__ */
3abb875b
MS		 1366 else if (!_cups_strcasecmp(line, "User") && value)
1367 cups_set_user(cc, value);
59cd12c6
MS		 1368 else if (!_cups_strcasecmp(line, "UserAgentTokens") && value)
1369 cups_set_uatokens(cc, value);
08d56b1f
MS		 1370 else if (!_cups_strcasecmp(line, "TrustOnFirstUse") && value)
1371 cc->trust_first = cups_boolean_value(value);
3abb875b
MS		 1372 else if (!_cups_strcasecmp(line, "AllowAnyRoot") && value)
1373 cc->any_root = cups_boolean_value(value);
1374 else if (!_cups_strcasecmp(line, "AllowExpiredCerts") &&
7cf5915e 1375 value)
3abb875b
MS		 1376 cc->expired_certs = cups_boolean_value(value);
1377 else if (!_cups_strcasecmp(line, "ValidateCerts") && value)
1378 cc->validate_certs = cups_boolean_value(value);
07ed0e9a 1379#ifdef HAVE_GSSAPI
3abb875b
MS		 1380 else if (!_cups_strcasecmp(line, "GSSServiceName") && value)
1381 cups_set_gss_service_name(cc, value);
07ed0e9a 1382#endif /* HAVE_GSSAPI */
22ebb7d0 1383#ifdef HAVE_SSL
3abb875b
MS		 1384 else if (!_cups_strcasecmp(line, "SSLOptions") && value)
1385 cups_set_ssl_options(cc, value);
1386#endif /* HAVE_SSL */
1387 }
1388}
63aefcd5 1389
63aefcd5 1390
4b9daaf4
MS		 1391/*
1392 * 'cups_set_default_ipp_port()' - Set the default IPP port value.
1393 */
1394
1395static void
1396cups_set_default_ipp_port(
1397 _cups_globals_t *cg) /* I - Global data */
1398{
1399 const char *ipp_port; /* IPP_PORT environment variable */
1400
1401
1402 if ((ipp_port = getenv("IPP_PORT")) != NULL)
1403 {
1404 if ((cg->ipp_port = atoi(ipp_port)) <= 0)
1405 cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
1406 }
1407 else
1408 cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
1409}
1410
3abb875b
MS		 1411/*
1412 * 'cups_set_encryption()' - Set the Encryption value.
1413 */
63aefcd5 1414
3abb875b
MS		 1415static void
1416cups_set_encryption(
1417 _cups_client_conf_t *cc, /* I - client.conf values */
1418 const char *value) /* I - Value */
1419{
1420 if (!_cups_strcasecmp(value, "never"))
1421 cc->encryption = HTTP_ENCRYPTION_NEVER;
1422 else if (!_cups_strcasecmp(value, "always"))
1423 cc->encryption = HTTP_ENCRYPTION_ALWAYS;
1424 else if (!_cups_strcasecmp(value, "required"))
1425 cc->encryption = HTTP_ENCRYPTION_REQUIRED;
1426 else
1427 cc->encryption = HTTP_ENCRYPTION_IF_REQUESTED;
1428}
e07d4801 1429
e07d4801 1430
3abb875b
MS		 1431/*
1432 * 'cups_set_gss_service_name()' - Set the GSSServiceName value.
1433 */
b423cd4c 1434
3abb875b
MS		 1435#ifdef HAVE_GSSAPI
1436static void
1437cups_set_gss_service_name(
1438 _cups_client_conf_t *cc, /* I - client.conf values */
1439 const char *value) /* I - Value */
1440{
1441 strlcpy(cc->gss_service_name, value, sizeof(cc->gss_service_name));
1442}
1443#endif /* HAVE_GSSAPI */
7cf5915e 1444
10d09e33 1445
3abb875b
MS		 1446/*
1447 * 'cups_set_server_name()' - Set the ServerName value.
1448 */
10d09e33 1449
3abb875b
MS		 1450static void
1451cups_set_server_name(
1452 _cups_client_conf_t *cc, /* I - client.conf values */
1453 const char *value) /* I - Value */
1454{
1455 strlcpy(cc->server_name, value, sizeof(cc->server_name));
1456}
10d09e33 1457
10d09e33 1458
3abb875b
MS		 1459/*
1460 * 'cups_set_ssl_options()' - Set the SSLOptions value.
1461 */
10d09e33 1462
3abb875b
MS		 1463#ifdef HAVE_SSL
1464static void
1465cups_set_ssl_options(
1466 _cups_client_conf_t *cc, /* I - client.conf values */
1467 const char *value) /* I - Value */
1468{
1469 /*
ee6226a5 1470 * SSLOptions [AllowRC4] [AllowSSL3] [AllowDH] [DenyTLS1.0] [None]
3abb875b 1471 */
10d09e33 1472
8f1fbdec
MS		 1473 int options = _HTTP_TLS_NONE, /* SSL/TLS options */
1474 min_version = _HTTP_TLS_1_0, /* Minimum SSL/TLS version */
1475 max_version = _HTTP_TLS_MAX; /* Maximum SSL/TLS version */
3abb875b
MS		 1476 char temp[256], /* Copy of value */
1477 *start, /* Start of option */
1478 *end; /* End of option */
3e7fe0ca 1479
3e7fe0ca 1480
3abb875b 1481 strlcpy(temp, value, sizeof(temp));
3e7fe0ca 1482
3abb875b
MS		 1483 for (start = temp; *start; start = end)
1484 {
a8db9df8 1485 /*
3abb875b
MS		 1486 * Find end of keyword...
1487 */
3e7fe0ca 1488
3abb875b
MS		 1489 end = start;
1490 while (*end && !_cups_isspace(*end))
1491 end ++;
93e3d3f5 1492
3abb875b
MS		 1493 if (*end)
1494 *end++ = '\0';
93e3d3f5 1495
3abb875b
MS		 1496 /*
1497 * Compare...
1498 */
3e7fe0ca 1499
3abb875b
MS		 1500 if (!_cups_strcasecmp(start, "AllowRC4"))
1501 options |= _HTTP_TLS_ALLOW_RC4;
1502 else if (!_cups_strcasecmp(start, "AllowSSL3"))
8f1fbdec 1503 min_version = _HTTP_TLS_SSL3;
ee6226a5
MS		 1504 else if (!_cups_strcasecmp(start, "AllowDH"))
1505 options |= _HTTP_TLS_ALLOW_DH;
f2e87147
MS		 1506 else if (!_cups_strcasecmp(start, "DenyCBC"))
1507 options |= _HTTP_TLS_DENY_CBC;
ee6226a5 1508 else if (!_cups_strcasecmp(start, "DenyTLS1.0"))
8f1fbdec
MS		 1509 min_version = _HTTP_TLS_1_1;
1510 else if (!_cups_strcasecmp(start, "MaxTLS1.0"))
1511 max_version = _HTTP_TLS_1_0;
1512 else if (!_cups_strcasecmp(start, "MaxTLS1.1"))
1513 max_version = _HTTP_TLS_1_1;
1514 else if (!_cups_strcasecmp(start, "MaxTLS1.2"))
1515 max_version = _HTTP_TLS_1_2;
1516 else if (!_cups_strcasecmp(start, "MaxTLS1.3"))
1517 max_version = _HTTP_TLS_1_3;
1518 else if (!_cups_strcasecmp(start, "MinTLS1.0"))
1519 min_version = _HTTP_TLS_1_0;
1520 else if (!_cups_strcasecmp(start, "MinTLS1.1"))
1521 min_version = _HTTP_TLS_1_1;
1522 else if (!_cups_strcasecmp(start, "MinTLS1.2"))
1523 min_version = _HTTP_TLS_1_2;
1524 else if (!_cups_strcasecmp(start, "MinTLS1.3"))
1525 min_version = _HTTP_TLS_1_3;
3abb875b 1526 else if (!_cups_strcasecmp(start, "None"))
ee6226a5 1527 options = _HTTP_TLS_NONE;
3e7fe0ca
MS		 1528 }
1529
8f1fbdec
MS		 1530 cc->ssl_options = options;
1531 cc->ssl_max_version = max_version;
1532 cc->ssl_min_version = min_version;
b37d45d9 1533
8f1fbdec 1534 DEBUG_printf(("4cups_set_ssl_options(cc=%p, value=\"%s\") options=%x, min_version=%d, max_version=%d", (void *)cc, value, options, min_version, max_version));
3abb875b
MS		 1535}
1536#endif /* HAVE_SSL */
07ed0e9a 1537
7cf5915e 1538
59cd12c6
MS		 1539/*
1540 * 'cups_set_uatokens()' - Set the UserAgentTokens value.
1541 */
1542
1543static void
1544cups_set_uatokens(
1545 _cups_client_conf_t *cc, /* I - client.conf values */
1546 const char *value) /* I - Value */
1547{
1548 int i; /* Looping var */
1549 static const char * const uatokens[] =/* UserAgentTokens values */
1550 {
1551 "NONE",
1552 "PRODUCTONLY",
1553 "MAJOR",
1554 "MINOR",
1555 "MINIMAL",
1556 "OS",
1557 "FULL"
1558 };
1559
1560 for (i = 0; i < (int)(sizeof(uatokens) / sizeof(uatokens[0])); i ++)
1561 {
1562 if (!_cups_strcasecmp(value, uatokens[i]))
1563 {
1564 cc->uatokens = (_cups_uatokens_t)i;
1565 return;
1566 }
1567 }
1568}
1569
1570
3abb875b
MS		 1571/*
1572 * 'cups_set_user()' - Set the User value.
1573 */
f51f3773 1574
3abb875b
MS		 1575static void
1576cups_set_user(
1577 _cups_client_conf_t *cc, /* I - client.conf values */
1578 const char *value) /* I - Value */
1579{
1580 strlcpy(cc->user, value, sizeof(cc->user));
b423cd4c 1581}
Unnamed repository; edit this file 'description' to name the repository.