]>
Commit | Line | Data |
---|---|---|
ef416fc2 | 1 | /* |
e07d4801 | 2 | * "$Id: usersys.c 8498 2009-04-13 17:03:15Z mike $" |
ef416fc2 | 3 | * |
5a6b583a | 4 | * User, system, and password routines for CUPS. |
ef416fc2 | 5 | * |
12f89d24 | 6 | * Copyright 2007-2012 by Apple Inc. |
ef416fc2 | 7 | * Copyright 1997-2006 by Easy Software Products. |
8 | * | |
9 | * These coded instructions, statements, and computer programs are the | |
bc44d920 | 10 | * property of Apple Inc. and are protected by Federal copyright |
11 | * law. Distribution and use rights are outlined in the file "LICENSE.txt" | |
12 | * which should have been included with this file. If this file is | |
13 | * file is missing or damaged, see the license at "http://www.cups.org/". | |
ef416fc2 | 14 | * |
15 | * This file is subject to the Apple OS-Developed Software exception. | |
16 | * | |
17 | * Contents: | |
18 | * | |
5a6b583a | 19 | * cupsEncryption() - Get the current encryption settings. |
b423cd4c | 20 | * cupsGetPassword() - Get a password from the user. |
5a6b583a MS |
21 | * cupsGetPassword2() - Get a password from the user using the advanced |
22 | * password callback. | |
23 | * cupsServer() - Return the hostname/address of the current | |
e07d4801 | 24 | * server. |
7cf5915e | 25 | * cupsSetClientCertCB() - Set the client certificate callback. |
b423cd4c | 26 | * cupsSetEncryption() - Set the encryption preference. |
27 | * cupsSetPasswordCB() - Set the password callback for CUPS. | |
f11a948a | 28 | * cupsSetPasswordCB2() - Set the advanced password callback for CUPS. |
5a6b583a | 29 | * cupsSetServer() - Set the default server name and port. |
7cf5915e | 30 | * cupsSetServerCertCB() - Set the server certificate callback. |
b423cd4c | 31 | * cupsSetUser() - Set the default user name. |
e07d4801 | 32 | * cupsUser() - Return the current user's name. |
b423cd4c | 33 | * _cupsGetPassword() - Get a password from the user. |
eac3a0a0 | 34 | * _cupsGSSServiceName() - Get the GSS (Kerberos) service name. |
e07d4801 MS |
35 | * _cupsSetDefaults() - Set the default server, port, and encryption. |
36 | * cups_read_client_conf() - Read a client.conf file. | |
ef416fc2 | 37 | */ |
38 | ||
39 | /* | |
40 | * Include necessary headers... | |
41 | */ | |
42 | ||
71e16022 | 43 | #include "cups-private.h" |
ef416fc2 | 44 | #include <stdlib.h> |
e00b005a | 45 | #include <sys/stat.h> |
ef416fc2 | 46 | #ifdef WIN32 |
47 | # include <windows.h> | |
5a6b583a MS |
48 | #else |
49 | # include <pwd.h> | |
dcb445bc | 50 | # include <termios.h> |
ef416fc2 | 51 | #endif /* WIN32 */ |
52 | ||
53 | ||
dcb445bc MS |
54 | /* |
55 | * Local constants... | |
56 | */ | |
57 | ||
58 | #define _CUPS_PASSCHAR '*' /* Character that is echoed for password */ | |
59 | ||
60 | ||
b423cd4c | 61 | /* |
62 | * Local functions... | |
63 | */ | |
64 | ||
e07d4801 MS |
65 | static void cups_read_client_conf(cups_file_t *fp, |
66 | _cups_globals_t *cg, | |
67 | const char *cups_encryption, | |
7cf5915e | 68 | const char *cups_server, |
3e7fe0ca | 69 | const char *cups_user, |
07ed0e9a MS |
70 | #ifdef HAVE_GSSAPI |
71 | const char *cups_gssservicename, | |
72 | #endif /* HAVE_GSSAPI */ | |
7cf5915e MS |
73 | const char *cups_anyroot, |
74 | const char *cups_expiredroot, | |
75 | const char *cups_expiredcerts); | |
b423cd4c | 76 | |
77 | ||
ef416fc2 | 78 | /* |
5a6b583a | 79 | * 'cupsEncryption()' - Get the current encryption settings. |
ef416fc2 | 80 | * |
81 | * The default encryption setting comes from the CUPS_ENCRYPTION | |
568fa3fa | 82 | * environment variable, then the ~/.cups/client.conf file, and finally the |
ef416fc2 | 83 | * /etc/cups/client.conf file. If not set, the default is |
5a738aea | 84 | * @code HTTP_ENCRYPT_IF_REQUESTED@. |
5a6b583a MS |
85 | * |
86 | * Note: The current encryption setting is tracked separately for each thread | |
87 | * in a program. Multi-threaded programs that override the setting via the | |
88 | * @link cupsSetEncryption@ function need to do so in each thread for the same | |
89 | * setting to be used. | |
ef416fc2 | 90 | */ |
91 | ||
92 | http_encryption_t /* O - Encryption settings */ | |
93 | cupsEncryption(void) | |
94 | { | |
ef416fc2 | 95 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
96 | ||
97 | ||
ef416fc2 | 98 | if (cg->encryption == (http_encryption_t)-1) |
e07d4801 | 99 | _cupsSetDefaults(); |
ef416fc2 | 100 | |
101 | return (cg->encryption); | |
102 | } | |
103 | ||
104 | ||
105 | /* | |
106 | * 'cupsGetPassword()' - Get a password from the user. | |
107 | * | |
5a738aea | 108 | * Uses the current password callback function. Returns @code NULL@ if the |
ecdc0628 | 109 | * user does not provide a password. |
5a6b583a MS |
110 | * |
111 | * Note: The current password callback function is tracked separately for each | |
112 | * thread in a program. Multi-threaded programs that override the setting via | |
113 | * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to | |
114 | * do so in each thread for the same function to be used. | |
ef416fc2 | 115 | */ |
116 | ||
117 | const char * /* O - Password */ | |
118 | cupsGetPassword(const char *prompt) /* I - Prompt string */ | |
119 | { | |
f11a948a MS |
120 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
121 | ||
122 | ||
123 | return ((cg->password_cb)(prompt, NULL, NULL, NULL, cg->password_data)); | |
124 | } | |
125 | ||
126 | ||
127 | /* | |
128 | * 'cupsGetPassword2()' - Get a password from the user using the advanced | |
5a6b583a | 129 | * password callback. |
f11a948a MS |
130 | * |
131 | * Uses the current password callback function. Returns @code NULL@ if the | |
132 | * user does not provide a password. | |
133 | * | |
5a6b583a MS |
134 | * Note: The current password callback function is tracked separately for each |
135 | * thread in a program. Multi-threaded programs that override the setting via | |
136 | * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to | |
137 | * do so in each thread for the same function to be used. | |
138 | * | |
f3c17241 | 139 | * @since CUPS 1.4/OS X 10.6@ |
f11a948a MS |
140 | */ |
141 | ||
142 | const char * /* O - Password */ | |
143 | cupsGetPassword2(const char *prompt, /* I - Prompt string */ | |
144 | http_t *http, /* I - Connection to server or @code CUPS_HTTP_DEFAULT@ */ | |
145 | const char *method, /* I - Request method ("GET", "POST", "PUT") */ | |
146 | const char *resource) /* I - Resource path */ | |
147 | { | |
148 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
149 | ||
150 | ||
151 | if (!http) | |
152 | http = _cupsConnect(); | |
153 | ||
154 | return ((cg->password_cb)(prompt, http, method, resource, cg->password_data)); | |
ef416fc2 | 155 | } |
156 | ||
157 | ||
ef416fc2 | 158 | /* |
5a6b583a MS |
159 | * 'cupsServer()' - Return the hostname/address of the current server. |
160 | * | |
161 | * The default server comes from the CUPS_SERVER environment variable, then the | |
162 | * ~/.cups/client.conf file, and finally the /etc/cups/client.conf file. If not | |
163 | * set, the default is the local system - either "localhost" or a domain socket | |
164 | * path. | |
ef416fc2 | 165 | * |
5a6b583a MS |
166 | * The returned value can be a fully-qualified hostname, a numeric IPv4 or IPv6 |
167 | * address, or a domain socket pathname. | |
168 | * | |
169 | * Note: The current server is tracked separately for each thread in a program. | |
170 | * Multi-threaded programs that override the server via the | |
171 | * @link cupsSetServer@ function need to do so in each thread for the same | |
172 | * server to be used. | |
ef416fc2 | 173 | */ |
174 | ||
175 | const char * /* O - Server name */ | |
176 | cupsServer(void) | |
177 | { | |
ef416fc2 | 178 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
179 | ||
180 | ||
ef416fc2 | 181 | if (!cg->server[0]) |
e07d4801 | 182 | _cupsSetDefaults(); |
ef416fc2 | 183 | |
e07d4801 MS |
184 | return (cg->server); |
185 | } | |
ef416fc2 | 186 | |
d09495fa | 187 | |
7cf5915e MS |
188 | /* |
189 | * 'cupsSetClientCertCB()' - Set the client certificate callback. | |
190 | * | |
191 | * Pass @code NULL@ to restore the default callback. | |
192 | * | |
193 | * Note: The current certificate callback is tracked separately for each thread | |
194 | * in a program. Multi-threaded programs that override the callback need to do | |
195 | * so in each thread for the same callback to be used. | |
196 | * | |
f3c17241 | 197 | * @since CUPS 1.5/OS X 10.7@ |
7cf5915e MS |
198 | */ |
199 | ||
200 | void | |
201 | cupsSetClientCertCB( | |
202 | cups_client_cert_cb_t cb, /* I - Callback function */ | |
203 | void *user_data) /* I - User data pointer */ | |
204 | { | |
205 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
206 | ||
207 | ||
208 | cg->client_cert_cb = cb; | |
209 | cg->client_cert_data = user_data; | |
210 | } | |
211 | ||
212 | ||
213 | /* | |
214 | * 'cupsSetCredentials()' - Set the default credentials to be used for SSL/TLS | |
215 | * connections. | |
216 | * | |
217 | * Note: The default credentials are tracked separately for each thread in a | |
218 | * program. Multi-threaded programs that override the setting need to do so in | |
219 | * each thread for the same setting to be used. | |
220 | * | |
f3c17241 | 221 | * @since CUPS 1.5/OS X 10.7@ |
7cf5915e MS |
222 | */ |
223 | ||
224 | int /* O - Status of call (0 = success) */ | |
225 | cupsSetCredentials( | |
226 | cups_array_t *credentials) /* I - Array of credentials */ | |
227 | { | |
228 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
229 | ||
230 | ||
231 | if (cupsArrayCount(credentials) < 1) | |
232 | return (-1); | |
233 | ||
234 | _httpFreeCredentials(cg->tls_credentials); | |
85dda01c | 235 | cg->tls_credentials = _httpCreateCredentials(credentials); |
7cf5915e MS |
236 | |
237 | return (cg->tls_credentials ? 0 : -1); | |
238 | } | |
239 | ||
240 | ||
e07d4801 MS |
241 | /* |
242 | * 'cupsSetEncryption()' - Set the encryption preference. | |
5a6b583a MS |
243 | * |
244 | * The default encryption setting comes from the CUPS_ENCRYPTION | |
245 | * environment variable, then the ~/.cups/client.conf file, and finally the | |
246 | * /etc/cups/client.conf file. If not set, the default is | |
247 | * @code HTTP_ENCRYPT_IF_REQUESTED@. | |
248 | * | |
249 | * Note: The current encryption setting is tracked separately for each thread | |
250 | * in a program. Multi-threaded programs that override the setting need to do | |
251 | * so in each thread for the same setting to be used. | |
e07d4801 | 252 | */ |
ef416fc2 | 253 | |
e07d4801 MS |
254 | void |
255 | cupsSetEncryption(http_encryption_t e) /* I - New encryption preference */ | |
256 | { | |
257 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
ef416fc2 | 258 | |
ef416fc2 | 259 | |
e07d4801 | 260 | cg->encryption = e; |
ef416fc2 | 261 | |
e07d4801 MS |
262 | if (cg->http) |
263 | httpEncryption(cg->http, e); | |
ef416fc2 | 264 | } |
265 | ||
266 | ||
267 | /* | |
268 | * 'cupsSetPasswordCB()' - Set the password callback for CUPS. | |
269 | * | |
5a6b583a MS |
270 | * Pass @code NULL@ to restore the default (console) password callback, which |
271 | * reads the password from the console. Programs should call either this | |
272 | * function or @link cupsSetPasswordCB2@, as only one callback can be registered | |
273 | * by a program per thread. | |
274 | * | |
275 | * Note: The current password callback is tracked separately for each thread | |
276 | * in a program. Multi-threaded programs that override the callback need to do | |
277 | * so in each thread for the same callback to be used. | |
ef416fc2 | 278 | */ |
279 | ||
280 | void | |
281 | cupsSetPasswordCB(cups_password_cb_t cb)/* I - Callback function */ | |
282 | { | |
283 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
284 | ||
285 | ||
f11a948a MS |
286 | if (cb == (cups_password_cb_t)0) |
287 | cg->password_cb = (cups_password_cb2_t)_cupsGetPassword; | |
288 | else | |
289 | cg->password_cb = (cups_password_cb2_t)cb; | |
290 | ||
291 | cg->password_data = NULL; | |
292 | } | |
293 | ||
294 | ||
295 | /* | |
296 | * 'cupsSetPasswordCB2()' - Set the advanced password callback for CUPS. | |
297 | * | |
5a6b583a MS |
298 | * Pass @code NULL@ to restore the default (console) password callback, which |
299 | * reads the password from the console. Programs should call either this | |
300 | * function or @link cupsSetPasswordCB2@, as only one callback can be registered | |
301 | * by a program per thread. | |
302 | * | |
303 | * Note: The current password callback is tracked separately for each thread | |
304 | * in a program. Multi-threaded programs that override the callback need to do | |
305 | * so in each thread for the same callback to be used. | |
f11a948a | 306 | * |
f3c17241 | 307 | * @since CUPS 1.4/OS X 10.6@ |
f11a948a MS |
308 | */ |
309 | ||
310 | void | |
311 | cupsSetPasswordCB2( | |
312 | cups_password_cb2_t cb, /* I - Callback function */ | |
313 | void *user_data) /* I - User data pointer */ | |
314 | { | |
315 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
316 | ||
317 | ||
318 | if (cb == (cups_password_cb2_t)0) | |
319 | cg->password_cb = (cups_password_cb2_t)_cupsGetPassword; | |
ef416fc2 | 320 | else |
321 | cg->password_cb = cb; | |
f11a948a MS |
322 | |
323 | cg->password_data = user_data; | |
ef416fc2 | 324 | } |
325 | ||
326 | ||
327 | /* | |
5a6b583a | 328 | * 'cupsSetServer()' - Set the default server name and port. |
ef416fc2 | 329 | * |
330 | * The "server" string can be a fully-qualified hostname, a numeric | |
5a6b583a MS |
331 | * IPv4 or IPv6 address, or a domain socket pathname. Hostnames and numeric IP |
332 | * addresses can be optionally followed by a colon and port number to override | |
333 | * the default port 631, e.g. "hostname:8631". Pass @code NULL@ to restore the | |
334 | * default server name and port. | |
335 | * | |
336 | * Note: The current server is tracked separately for each thread in a program. | |
337 | * Multi-threaded programs that override the server need to do so in each | |
338 | * thread for the same server to be used. | |
ef416fc2 | 339 | */ |
340 | ||
341 | void | |
342 | cupsSetServer(const char *server) /* I - Server name */ | |
343 | { | |
0cb67df3 MS |
344 | char *options, /* Options */ |
345 | *port; /* Pointer to port */ | |
ef416fc2 | 346 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
347 | ||
348 | ||
349 | if (server) | |
350 | { | |
351 | strlcpy(cg->server, server, sizeof(cg->server)); | |
352 | ||
0cb67df3 MS |
353 | if (cg->server[0] != '/' && (options = strrchr(cg->server, '/')) != NULL) |
354 | { | |
355 | *options++ = '\0'; | |
356 | ||
357 | if (!strcmp(options, "version=1.0")) | |
358 | cg->server_version = 10; | |
359 | else if (!strcmp(options, "version=1.1")) | |
360 | cg->server_version = 11; | |
361 | else if (!strcmp(options, "version=2.0")) | |
362 | cg->server_version = 20; | |
363 | else if (!strcmp(options, "version=2.1")) | |
364 | cg->server_version = 21; | |
365 | else if (!strcmp(options, "version=2.2")) | |
366 | cg->server_version = 22; | |
367 | } | |
368 | ||
ef416fc2 | 369 | if (cg->server[0] != '/' && (port = strrchr(cg->server, ':')) != NULL && |
370 | !strchr(port, ']') && isdigit(port[1] & 255)) | |
371 | { | |
372 | *port++ = '\0'; | |
373 | ||
e07d4801 | 374 | cg->ipp_port = atoi(port); |
ef416fc2 | 375 | } |
376 | ||
377 | if (cg->server[0] == '/') | |
5a9febac | 378 | strlcpy(cg->servername, "localhost", sizeof(cg->servername)); |
ef416fc2 | 379 | else |
380 | strlcpy(cg->servername, cg->server, sizeof(cg->servername)); | |
381 | } | |
382 | else | |
383 | { | |
0cb67df3 MS |
384 | cg->server[0] = '\0'; |
385 | cg->servername[0] = '\0'; | |
386 | cg->server_version = 20; | |
ef416fc2 | 387 | } |
5a738aea MS |
388 | |
389 | if (cg->http) | |
390 | { | |
391 | httpClose(cg->http); | |
392 | cg->http = NULL; | |
393 | } | |
ef416fc2 | 394 | } |
395 | ||
396 | ||
7cf5915e MS |
397 | /* |
398 | * 'cupsSetServerCertCB()' - Set the server certificate callback. | |
399 | * | |
400 | * Pass @code NULL@ to restore the default callback. | |
401 | * | |
402 | * Note: The current credentials callback is tracked separately for each thread | |
403 | * in a program. Multi-threaded programs that override the callback need to do | |
404 | * so in each thread for the same callback to be used. | |
405 | * | |
f3c17241 | 406 | * @since CUPS 1.5/OS X 10.7@ |
7cf5915e MS |
407 | */ |
408 | ||
409 | void | |
410 | cupsSetServerCertCB( | |
411 | cups_server_cert_cb_t cb, /* I - Callback function */ | |
412 | void *user_data) /* I - User data pointer */ | |
413 | { | |
414 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
415 | ||
416 | ||
417 | cg->server_cert_cb = cb; | |
418 | cg->server_cert_data = user_data; | |
419 | } | |
420 | ||
421 | ||
ef416fc2 | 422 | /* |
423 | * 'cupsSetUser()' - Set the default user name. | |
424 | * | |
5a738aea | 425 | * Pass @code NULL@ to restore the default user name. |
5a6b583a MS |
426 | * |
427 | * Note: The current user name is tracked separately for each thread in a | |
428 | * program. Multi-threaded programs that override the user name need to do so | |
429 | * in each thread for the same user name to be used. | |
ef416fc2 | 430 | */ |
431 | ||
432 | void | |
433 | cupsSetUser(const char *user) /* I - User name */ | |
434 | { | |
435 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
436 | ||
437 | ||
438 | if (user) | |
439 | strlcpy(cg->user, user, sizeof(cg->user)); | |
440 | else | |
441 | cg->user[0] = '\0'; | |
442 | } | |
443 | ||
444 | ||
ef416fc2 | 445 | /* |
446 | * 'cupsUser()' - Return the current user's name. | |
5a6b583a MS |
447 | * |
448 | * Note: The current user name is tracked separately for each thread in a | |
449 | * program. Multi-threaded programs that override the user name with the | |
450 | * @link cupsSetUser@ function need to do so in each thread for the same user | |
451 | * name to be used. | |
ef416fc2 | 452 | */ |
453 | ||
454 | const char * /* O - User name */ | |
455 | cupsUser(void) | |
456 | { | |
457 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
458 | ||
459 | ||
460 | if (!cg->user[0]) | |
3e7fe0ca | 461 | _cupsSetDefaults(); |
ef416fc2 | 462 | |
463 | return (cg->user); | |
464 | } | |
465 | ||
466 | ||
467 | /* | |
468 | * '_cupsGetPassword()' - Get a password from the user. | |
469 | */ | |
470 | ||
dcb445bc | 471 | const char * /* O - Password or @code NULL@ if none */ |
ef416fc2 | 472 | _cupsGetPassword(const char *prompt) /* I - Prompt string */ |
473 | { | |
5a6b583a | 474 | #ifdef WIN32 |
dcb445bc MS |
475 | HANDLE tty; /* Console handle */ |
476 | DWORD mode; /* Console mode */ | |
477 | char passch, /* Current key press */ | |
478 | *passptr, /* Pointer into password string */ | |
479 | *passend; /* End of password string */ | |
12f89d24 | 480 | DWORD passbytes; /* Bytes read */ |
dcb445bc MS |
481 | _cups_globals_t *cg = _cupsGlobals(); |
482 | /* Thread globals */ | |
483 | ||
484 | ||
5a6b583a | 485 | /* |
dcb445bc | 486 | * Disable input echo and set raw input... |
5a6b583a MS |
487 | */ |
488 | ||
dcb445bc MS |
489 | if ((tty = GetStdHandle(STD_INPUT_HANDLE)) == INVALID_HANDLE_VALUE) |
490 | return (NULL); | |
491 | ||
492 | if (!GetConsoleMode(tty, &mode)) | |
493 | return (NULL); | |
494 | ||
495 | if (!SetConsoleMode(tty, 0)) | |
496 | return (NULL); | |
497 | ||
498 | /* | |
499 | * Display the prompt... | |
500 | */ | |
501 | ||
502 | printf("%s ", prompt); | |
503 | fflush(stdout); | |
504 | ||
505 | /* | |
506 | * Read the password string from /dev/tty until we get interrupted or get a | |
507 | * carriage return or newline... | |
508 | */ | |
509 | ||
510 | passptr = cg->password; | |
511 | passend = cg->password + sizeof(cg->password) - 1; | |
512 | ||
12f89d24 | 513 | while (ReadFile(tty, &passch, 1, &passbytes, NULL)) |
dcb445bc MS |
514 | { |
515 | if (passch == 0x0A || passch == 0x0D) | |
516 | { | |
517 | /* | |
518 | * Enter/return... | |
519 | */ | |
520 | ||
521 | break; | |
522 | } | |
523 | else if (passch == 0x08 || passch == 0x7F) | |
524 | { | |
525 | /* | |
526 | * Backspace/delete (erase character)... | |
527 | */ | |
528 | ||
529 | if (passptr > cg->password) | |
530 | { | |
531 | passptr --; | |
532 | fputs("\010 \010", stdout); | |
533 | } | |
534 | else | |
535 | putchar(0x07); | |
536 | } | |
537 | else if (passch == 0x15) | |
538 | { | |
539 | /* | |
540 | * CTRL+U (erase line) | |
541 | */ | |
542 | ||
543 | if (passptr > cg->password) | |
544 | { | |
545 | while (passptr > cg->password) | |
546 | { | |
547 | passptr --; | |
548 | fputs("\010 \010", stdout); | |
549 | } | |
550 | } | |
551 | else | |
552 | putchar(0x07); | |
553 | } | |
554 | else if (passch == 0x03) | |
555 | { | |
556 | /* | |
557 | * CTRL+C... | |
558 | */ | |
559 | ||
560 | passptr = cg->password; | |
561 | break; | |
562 | } | |
563 | else if ((passch & 255) < 0x20 || passptr >= passend) | |
564 | putchar(0x07); | |
565 | else | |
566 | { | |
567 | *passptr++ = passch; | |
568 | putchar(_CUPS_PASSCHAR); | |
569 | } | |
570 | ||
571 | fflush(stdout); | |
572 | } | |
573 | ||
574 | putchar('\n'); | |
575 | fflush(stdout); | |
576 | ||
577 | /* | |
578 | * Cleanup... | |
579 | */ | |
580 | ||
581 | SetConsoleMode(tty, mode); | |
582 | ||
583 | /* | |
584 | * Return the proper value... | |
585 | */ | |
586 | ||
587 | if (passbytes == 1 && passptr > cg->password) | |
588 | { | |
589 | *passptr = '\0'; | |
590 | return (cg->password); | |
591 | } | |
592 | else | |
593 | { | |
594 | memset(cg->password, 0, sizeof(cg->password)); | |
595 | return (NULL); | |
596 | } | |
5a6b583a MS |
597 | |
598 | #else | |
dcb445bc MS |
599 | int tty; /* /dev/tty - never read from stdin */ |
600 | struct termios original, /* Original input mode */ | |
601 | noecho; /* No echo input mode */ | |
602 | char passch, /* Current key press */ | |
603 | *passptr, /* Pointer into password string */ | |
604 | *passend; /* End of password string */ | |
605 | ssize_t passbytes; /* Bytes read */ | |
606 | _cups_globals_t *cg = _cupsGlobals(); | |
607 | /* Thread globals */ | |
608 | ||
609 | ||
5a6b583a | 610 | /* |
dcb445bc | 611 | * Disable input echo and set raw input... |
5a6b583a MS |
612 | */ |
613 | ||
dcb445bc MS |
614 | if ((tty = open("/dev/tty", O_RDONLY)) < 0) |
615 | return (NULL); | |
616 | ||
617 | if (tcgetattr(tty, &original)) | |
618 | { | |
619 | close(tty); | |
620 | return (NULL); | |
621 | } | |
622 | ||
623 | noecho = original; | |
624 | noecho.c_lflag &= ~(ICANON | ECHO | ECHOE | ISIG); | |
7cf5915e | 625 | |
dcb445bc MS |
626 | if (tcsetattr(tty, TCSAFLUSH, &noecho)) |
627 | { | |
628 | close(tty); | |
7cf5915e | 629 | return (NULL); |
dcb445bc MS |
630 | } |
631 | ||
632 | /* | |
633 | * Display the prompt... | |
634 | */ | |
635 | ||
636 | printf("%s ", prompt); | |
637 | fflush(stdout); | |
638 | ||
639 | /* | |
640 | * Read the password string from /dev/tty until we get interrupted or get a | |
641 | * carriage return or newline... | |
642 | */ | |
643 | ||
644 | passptr = cg->password; | |
645 | passend = cg->password + sizeof(cg->password) - 1; | |
646 | ||
647 | while ((passbytes = read(tty, &passch, 1)) == 1) | |
648 | { | |
649 | if (passch == noecho.c_cc[VEOL] || passch == noecho.c_cc[VEOL2] || | |
650 | passch == 0x0A || passch == 0x0D) | |
651 | { | |
652 | /* | |
653 | * Enter/return... | |
654 | */ | |
655 | ||
656 | break; | |
657 | } | |
658 | else if (passch == noecho.c_cc[VERASE] || | |
659 | passch == 0x08 || passch == 0x7F) | |
660 | { | |
661 | /* | |
662 | * Backspace/delete (erase character)... | |
663 | */ | |
664 | ||
665 | if (passptr > cg->password) | |
666 | { | |
667 | passptr --; | |
668 | fputs("\010 \010", stdout); | |
669 | } | |
670 | else | |
671 | putchar(0x07); | |
672 | } | |
673 | else if (passch == noecho.c_cc[VKILL]) | |
674 | { | |
675 | /* | |
676 | * CTRL+U (erase line) | |
677 | */ | |
678 | ||
679 | if (passptr > cg->password) | |
680 | { | |
681 | while (passptr > cg->password) | |
682 | { | |
683 | passptr --; | |
684 | fputs("\010 \010", stdout); | |
685 | } | |
686 | } | |
687 | else | |
688 | putchar(0x07); | |
689 | } | |
690 | else if (passch == noecho.c_cc[VINTR] || passch == noecho.c_cc[VQUIT] || | |
691 | passch == noecho.c_cc[VEOF]) | |
692 | { | |
693 | /* | |
694 | * CTRL+C, CTRL+D, or CTRL+Z... | |
695 | */ | |
696 | ||
697 | passptr = cg->password; | |
698 | break; | |
699 | } | |
700 | else if ((passch & 255) < 0x20 || passptr >= passend) | |
701 | putchar(0x07); | |
702 | else | |
703 | { | |
704 | *passptr++ = passch; | |
705 | putchar(_CUPS_PASSCHAR); | |
706 | } | |
707 | ||
708 | fflush(stdout); | |
709 | } | |
710 | ||
711 | putchar('\n'); | |
712 | fflush(stdout); | |
713 | ||
714 | /* | |
715 | * Cleanup... | |
716 | */ | |
717 | ||
718 | tcsetattr(tty, TCSAFLUSH, &original); | |
719 | close(tty); | |
720 | ||
721 | /* | |
722 | * Return the proper value... | |
723 | */ | |
724 | ||
725 | if (passbytes == 1 && passptr > cg->password) | |
726 | { | |
727 | *passptr = '\0'; | |
728 | return (cg->password); | |
729 | } | |
7cf5915e | 730 | else |
dcb445bc MS |
731 | { |
732 | memset(cg->password, 0, sizeof(cg->password)); | |
733 | return (NULL); | |
734 | } | |
ef416fc2 | 735 | #endif /* WIN32 */ |
5a6b583a | 736 | } |
ef416fc2 | 737 | |
738 | ||
eac3a0a0 MS |
739 | #ifdef HAVE_GSSAPI |
740 | /* | |
741 | * '_cupsGSSServiceName()' - Get the GSS (Kerberos) service name. | |
742 | */ | |
743 | ||
744 | const char * | |
745 | _cupsGSSServiceName(void) | |
746 | { | |
747 | _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */ | |
748 | ||
749 | ||
750 | if (!cg->gss_service_name[0]) | |
751 | _cupsSetDefaults(); | |
752 | ||
753 | return (cg->gss_service_name); | |
754 | } | |
755 | #endif /* HAVE_GSSAPI */ | |
756 | ||
757 | ||
ef416fc2 | 758 | /* |
e07d4801 | 759 | * '_cupsSetDefaults()' - Set the default server, port, and encryption. |
b423cd4c | 760 | */ |
761 | ||
e07d4801 MS |
762 | void |
763 | _cupsSetDefaults(void) | |
b423cd4c | 764 | { |
765 | cups_file_t *fp; /* File */ | |
e07d4801 MS |
766 | const char *home, /* Home directory of user */ |
767 | *cups_encryption, /* CUPS_ENCRYPTION env var */ | |
7cf5915e | 768 | *cups_server, /* CUPS_SERVER env var */ |
3e7fe0ca | 769 | *cups_user, /* CUPS_USER/USER env var */ |
07ed0e9a MS |
770 | #ifdef HAVE_GSSAPI |
771 | *cups_gssservicename, /* CUPS_GSSSERVICENAME env var */ | |
772 | #endif /* HAVE_GSSAPI */ | |
7cf5915e MS |
773 | *cups_anyroot, /* CUPS_ANYROOT env var */ |
774 | *cups_expiredroot, /* CUPS_EXPIREDROOT env var */ | |
775 | *cups_expiredcerts; /* CUPS_EXPIREDCERTS env var */ | |
b423cd4c | 776 | char filename[1024]; /* Filename */ |
777 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
778 | ||
779 | ||
e07d4801 MS |
780 | DEBUG_puts("_cupsSetDefaults()"); |
781 | ||
782 | /* | |
783 | * First collect environment variables... | |
784 | */ | |
785 | ||
07ed0e9a MS |
786 | cups_encryption = getenv("CUPS_ENCRYPTION"); |
787 | cups_server = getenv("CUPS_SERVER"); | |
788 | #ifdef HAVE_GSSAPI | |
789 | cups_gssservicename = getenv("CUPS_GSSSERVICENAME"); | |
790 | #endif /* HAVE_GSSAPI */ | |
791 | cups_anyroot = getenv("CUPS_ANYROOT"); | |
792 | cups_expiredroot = getenv("CUPS_EXPIREDROOT"); | |
793 | cups_expiredcerts = getenv("CUPS_EXPIREDCERTS"); | |
e07d4801 | 794 | |
3e7fe0ca MS |
795 | if ((cups_user = getenv("CUPS_USER")) == NULL) |
796 | cups_user = getenv("USER"); | |
797 | ||
e07d4801 | 798 | /* |
10d09e33 MS |
799 | * Then, if needed, read the ~/.cups/client.conf or /etc/cups/client.conf |
800 | * files to get the default values... | |
e07d4801 MS |
801 | */ |
802 | ||
e07d4801 | 803 | if (cg->encryption == (http_encryption_t)-1 || !cg->server[0] || |
3e7fe0ca | 804 | !cg->user[0] || !cg->ipp_port) |
e07d4801 | 805 | { |
10d09e33 | 806 | if ((home = getenv("HOME")) != NULL) |
d09495fa | 807 | { |
10d09e33 MS |
808 | /* |
809 | * Look for ~/.cups/client.conf... | |
810 | */ | |
e07d4801 | 811 | |
10d09e33 MS |
812 | snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home); |
813 | fp = cupsFileOpen(filename, "r"); | |
814 | } | |
815 | else | |
816 | fp = NULL; | |
e07d4801 | 817 | |
10d09e33 | 818 | if (!fp) |
e07d4801 | 819 | { |
e07d4801 | 820 | /* |
10d09e33 | 821 | * Look for CUPS_SERVERROOT/client.conf... |
e07d4801 MS |
822 | */ |
823 | ||
10d09e33 MS |
824 | snprintf(filename, sizeof(filename), "%s/client.conf", |
825 | cg->cups_serverroot); | |
826 | fp = cupsFileOpen(filename, "r"); | |
e07d4801 MS |
827 | } |
828 | ||
10d09e33 MS |
829 | /* |
830 | * Read the configuration file and apply any environment variables; both | |
831 | * functions handle NULL cups_file_t pointers... | |
832 | */ | |
e07d4801 | 833 | |
3e7fe0ca | 834 | cups_read_client_conf(fp, cg, cups_encryption, cups_server, cups_user, |
07ed0e9a MS |
835 | #ifdef HAVE_GSSAPI |
836 | cups_gssservicename, | |
837 | #endif /* HAVE_GSSAPI */ | |
10d09e33 MS |
838 | cups_anyroot, cups_expiredroot, |
839 | cups_expiredcerts); | |
840 | cupsFileClose(fp); | |
e07d4801 MS |
841 | } |
842 | } | |
843 | ||
844 | ||
845 | /* | |
846 | * 'cups_read_client_conf()' - Read a client.conf file. | |
847 | */ | |
848 | ||
849 | static void | |
850 | cups_read_client_conf( | |
851 | cups_file_t *fp, /* I - File to read */ | |
852 | _cups_globals_t *cg, /* I - Global data */ | |
853 | const char *cups_encryption, /* I - CUPS_ENCRYPTION env var */ | |
7cf5915e | 854 | const char *cups_server, /* I - CUPS_SERVER env var */ |
3e7fe0ca | 855 | const char *cups_user, /* I - CUPS_USER env var */ |
07ed0e9a MS |
856 | #ifdef HAVE_GSSAPI |
857 | const char *cups_gssservicename, | |
858 | /* I - CUPS_GSSSERVICENAME env var */ | |
859 | #endif /* HAVE_GSSAPI */ | |
7cf5915e MS |
860 | const char *cups_anyroot, /* I - CUPS_ANYROOT env var */ |
861 | const char *cups_expiredroot, /* I - CUPS_EXPIREDROOT env var */ | |
862 | const char *cups_expiredcerts) /* I - CUPS_EXPIREDCERTS env var */ | |
e07d4801 MS |
863 | { |
864 | int linenum; /* Current line number */ | |
865 | char line[1024], /* Line from file */ | |
866 | *value, /* Pointer into line */ | |
867 | encryption[1024], /* Encryption value */ | |
85dda01c | 868 | #ifndef __APPLE__ |
7cf5915e | 869 | server_name[1024], /* ServerName value */ |
85dda01c | 870 | #endif /* !__APPLE__ */ |
3e7fe0ca | 871 | user[256], /* User value */ |
7cf5915e MS |
872 | any_root[1024], /* AllowAnyRoot value */ |
873 | expired_root[1024], /* AllowExpiredRoot value */ | |
874 | expired_certs[1024]; /* AllowExpiredCerts value */ | |
07ed0e9a MS |
875 | #ifdef HAVE_GSSAPI |
876 | char gss_service_name[32]; /* GSSServiceName value */ | |
877 | #endif /* HAVE_GSSAPI */ | |
e07d4801 MS |
878 | |
879 | ||
880 | /* | |
881 | * Read from the file... | |
882 | */ | |
883 | ||
884 | linenum = 0; | |
885 | while (cupsFileGetConf(fp, line, sizeof(line), &value, &linenum)) | |
886 | { | |
887 | if (!cups_encryption && cg->encryption == (http_encryption_t)-1 && | |
88f9aafc | 888 | !_cups_strcasecmp(line, "Encryption") && value) |
e07d4801 MS |
889 | { |
890 | strlcpy(encryption, value, sizeof(encryption)); | |
891 | cups_encryption = encryption; | |
892 | } | |
85dda01c MS |
893 | #ifndef __APPLE__ |
894 | /* | |
f3c17241 | 895 | * The Server directive is not supported on OS X due to app sandboxing |
85dda01c MS |
896 | * restrictions, i.e. not all apps request network access. |
897 | */ | |
e07d4801 | 898 | else if (!cups_server && (!cg->server[0] || !cg->ipp_port) && |
88f9aafc | 899 | !_cups_strcasecmp(line, "ServerName") && value) |
e07d4801 MS |
900 | { |
901 | strlcpy(server_name, value, sizeof(server_name)); | |
902 | cups_server = server_name; | |
903 | } | |
85dda01c | 904 | #endif /* !__APPLE__ */ |
3e7fe0ca MS |
905 | else if (!cups_user && !_cups_strcasecmp(line, "User") && value) |
906 | { | |
907 | strlcpy(user, value, sizeof(user)); | |
908 | cups_user = user; | |
909 | } | |
88f9aafc | 910 | else if (!cups_anyroot && !_cups_strcasecmp(line, "AllowAnyRoot") && value) |
7cf5915e MS |
911 | { |
912 | strlcpy(any_root, value, sizeof(any_root)); | |
913 | cups_anyroot = any_root; | |
914 | } | |
88f9aafc | 915 | else if (!cups_expiredroot && !_cups_strcasecmp(line, "AllowExpiredRoot") && |
7cf5915e MS |
916 | value) |
917 | { | |
918 | strlcpy(expired_root, value, sizeof(expired_root)); | |
919 | cups_expiredroot = expired_root; | |
920 | } | |
88f9aafc | 921 | else if (!cups_expiredcerts && !_cups_strcasecmp(line, "AllowExpiredCerts") && |
7cf5915e MS |
922 | value) |
923 | { | |
924 | strlcpy(expired_certs, value, sizeof(expired_certs)); | |
925 | cups_expiredcerts = expired_certs; | |
926 | } | |
07ed0e9a | 927 | #ifdef HAVE_GSSAPI |
88f9aafc | 928 | else if (!cups_gssservicename && !_cups_strcasecmp(line, "GSSServiceName") && |
07ed0e9a MS |
929 | value) |
930 | { | |
931 | strlcpy(gss_service_name, value, sizeof(gss_service_name)); | |
932 | cups_gssservicename = gss_service_name; | |
933 | } | |
934 | #endif /* HAVE_GSSAPI */ | |
e07d4801 MS |
935 | } |
936 | ||
937 | /* | |
938 | * Set values... | |
939 | */ | |
940 | ||
941 | if (cg->encryption == (http_encryption_t)-1 && cups_encryption) | |
942 | { | |
88f9aafc | 943 | if (!_cups_strcasecmp(cups_encryption, "never")) |
e07d4801 | 944 | cg->encryption = HTTP_ENCRYPT_NEVER; |
88f9aafc | 945 | else if (!_cups_strcasecmp(cups_encryption, "always")) |
e07d4801 | 946 | cg->encryption = HTTP_ENCRYPT_ALWAYS; |
88f9aafc | 947 | else if (!_cups_strcasecmp(cups_encryption, "required")) |
e07d4801 MS |
948 | cg->encryption = HTTP_ENCRYPT_REQUIRED; |
949 | else | |
950 | cg->encryption = HTTP_ENCRYPT_IF_REQUESTED; | |
b423cd4c | 951 | } |
952 | ||
e07d4801 MS |
953 | if ((!cg->server[0] || !cg->ipp_port) && cups_server) |
954 | { | |
955 | if (!cg->server[0]) | |
956 | { | |
957 | /* | |
958 | * Copy server name... | |
959 | */ | |
960 | ||
961 | strlcpy(cg->server, cups_server, sizeof(cg->server)); | |
962 | ||
963 | if (cg->server[0] != '/' && (value = strrchr(cg->server, ':')) != NULL && | |
964 | !strchr(value, ']') && isdigit(value[1] & 255)) | |
965 | *value++ = '\0'; | |
966 | else | |
967 | value = NULL; | |
968 | ||
969 | if (cg->server[0] == '/') | |
5a9febac | 970 | strlcpy(cg->servername, "localhost", sizeof(cg->servername)); |
e07d4801 MS |
971 | else |
972 | strlcpy(cg->servername, cg->server, sizeof(cg->servername)); | |
973 | } | |
974 | else if (cups_server[0] != '/' && | |
975 | (value = strrchr(cups_server, ':')) != NULL && | |
976 | !strchr(value, ']') && isdigit(value[1] & 255)) | |
977 | value ++; | |
978 | else | |
979 | value = NULL; | |
980 | ||
981 | if (!cg->ipp_port && value) | |
982 | cg->ipp_port = atoi(value); | |
983 | } | |
7cf5915e | 984 | |
10d09e33 MS |
985 | if (!cg->server[0]) |
986 | { | |
987 | #ifdef CUPS_DEFAULT_DOMAINSOCKET | |
988 | /* | |
989 | * If we are compiled with domain socket support, only use the | |
990 | * domain socket if it exists and has the right permissions... | |
991 | */ | |
992 | ||
993 | struct stat sockinfo; /* Domain socket information */ | |
994 | ||
995 | if (!stat(CUPS_DEFAULT_DOMAINSOCKET, &sockinfo) && | |
996 | (sockinfo.st_mode & S_IRWXO) == S_IRWXO) | |
997 | cups_server = CUPS_DEFAULT_DOMAINSOCKET; | |
998 | else | |
999 | #endif /* CUPS_DEFAULT_DOMAINSOCKET */ | |
1000 | cups_server = "localhost"; | |
1001 | ||
1002 | cupsSetServer(cups_server); | |
1003 | } | |
1004 | ||
1005 | if (!cg->ipp_port) | |
1006 | { | |
88f9aafc | 1007 | const char *ipp_port; /* IPP_PORT environment variable */ |
10d09e33 MS |
1008 | |
1009 | if ((ipp_port = getenv("IPP_PORT")) != NULL) | |
1010 | { | |
1011 | if ((cg->ipp_port = atoi(ipp_port)) <= 0) | |
1012 | cg->ipp_port = CUPS_DEFAULT_IPP_PORT; | |
1013 | } | |
10d09e33 | 1014 | else |
88f9aafc | 1015 | cg->ipp_port = CUPS_DEFAULT_IPP_PORT; |
10d09e33 MS |
1016 | } |
1017 | ||
3e7fe0ca MS |
1018 | if (!cg->user[0]) |
1019 | { | |
1020 | if (cups_user) | |
1021 | strlcpy(cg->user, cups_user, sizeof(cg->user)); | |
1022 | else | |
1023 | { | |
1024 | #ifdef WIN32 | |
1025 | /* | |
1026 | * Get the current user name from the OS... | |
1027 | */ | |
1028 | ||
1029 | DWORD size; /* Size of string */ | |
1030 | ||
1031 | size = sizeof(cg->user); | |
1032 | if (!GetUserName(cg->user, &size)) | |
1033 | #else | |
1034 | /* | |
1035 | * Get the user name corresponding to the current UID... | |
1036 | */ | |
1037 | ||
1038 | struct passwd *pwd; /* User/password entry */ | |
1039 | ||
1040 | setpwent(); | |
1041 | if ((pwd = getpwuid(getuid())) != NULL) | |
1042 | { | |
1043 | /* | |
1044 | * Found a match! | |
1045 | */ | |
1046 | ||
1047 | strlcpy(cg->user, pwd->pw_name, sizeof(cg->user)); | |
1048 | } | |
1049 | else | |
1050 | #endif /* WIN32 */ | |
1051 | { | |
1052 | /* | |
1053 | * Use the default "unknown" user name... | |
1054 | */ | |
1055 | ||
5a9febac | 1056 | strlcpy(cg->user, "unknown", sizeof(cg->user)); |
3e7fe0ca MS |
1057 | } |
1058 | } | |
1059 | } | |
1060 | ||
07ed0e9a MS |
1061 | #ifdef HAVE_GSSAPI |
1062 | if (!cups_gssservicename) | |
1063 | cups_gssservicename = CUPS_DEFAULT_GSSSERVICENAME; | |
1064 | ||
1065 | strlcpy(cg->gss_service_name, cups_gssservicename, | |
1066 | sizeof(cg->gss_service_name)); | |
1067 | #endif /* HAVE_GSSAPI */ | |
1068 | ||
7cf5915e | 1069 | if (cups_anyroot) |
88f9aafc MS |
1070 | cg->any_root = !_cups_strcasecmp(cups_anyroot, "yes") || |
1071 | !_cups_strcasecmp(cups_anyroot, "on") || | |
1072 | !_cups_strcasecmp(cups_anyroot, "true"); | |
7cf5915e MS |
1073 | |
1074 | if (cups_expiredroot) | |
88f9aafc MS |
1075 | cg->expired_root = !_cups_strcasecmp(cups_expiredroot, "yes") || |
1076 | !_cups_strcasecmp(cups_expiredroot, "on") || | |
1077 | !_cups_strcasecmp(cups_expiredroot, "true"); | |
7cf5915e MS |
1078 | |
1079 | if (cups_expiredcerts) | |
88f9aafc MS |
1080 | cg->expired_certs = !_cups_strcasecmp(cups_expiredcerts, "yes") || |
1081 | !_cups_strcasecmp(cups_expiredcerts, "on") || | |
1082 | !_cups_strcasecmp(cups_expiredcerts, "true"); | |
b423cd4c | 1083 | } |
1084 | ||
1085 | ||
1086 | /* | |
e07d4801 | 1087 | * End of "$Id: usersys.c 8498 2009-04-13 17:03:15Z mike $". |
ef416fc2 | 1088 | */ |