]> git.ipfire.org Git - thirdparty/cups.git/blame - cups/usersys.c
projects / thirdparty / cups.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge changes from CUPS 1.7svn-r10814.
[thirdparty/cups.git] / cups / usersys.c
CommitLineData
ef416fc2 1/*
e07d4801 2 * "$Id: usersys.c 8498 2009-04-13 17:03:15Z mike $"
ef416fc2 3 *
5a6b583a 4 * User, system, and password routines for CUPS.
ef416fc2 5 *
12f89d24 6 * Copyright 2007-2012 by Apple Inc.
ef416fc2 7 * Copyright 1997-2006 by Easy Software Products.
8 *
9 * These coded instructions, statements, and computer programs are the
bc44d920 10 * property of Apple Inc. and are protected by Federal copyright
11 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 * which should have been included with this file. If this file is
13 * file is missing or damaged, see the license at "http://www.cups.org/".
ef416fc2 14 *
15 * This file is subject to the Apple OS-Developed Software exception.
16 *
17 * Contents:
18 *
5a6b583a 19 * cupsEncryption() - Get the current encryption settings.
b423cd4c 20 * cupsGetPassword() - Get a password from the user.
5a6b583a
MS		 21 * cupsGetPassword2() - Get a password from the user using the advanced
22 * password callback.
23 * cupsServer() - Return the hostname/address of the current
e07d4801 24 * server.
7cf5915e 25 * cupsSetClientCertCB() - Set the client certificate callback.
b423cd4c 26 * cupsSetEncryption() - Set the encryption preference.
27 * cupsSetPasswordCB() - Set the password callback for CUPS.
f11a948a 28 * cupsSetPasswordCB2() - Set the advanced password callback for CUPS.
5a6b583a 29 * cupsSetServer() - Set the default server name and port.
7cf5915e 30 * cupsSetServerCertCB() - Set the server certificate callback.
b423cd4c 31 * cupsSetUser() - Set the default user name.
e07d4801 32 * cupsUser() - Return the current user's name.
b423cd4c 33 * _cupsGetPassword() - Get a password from the user.
eac3a0a0 34 * _cupsGSSServiceName() - Get the GSS (Kerberos) service name.
e07d4801
MS		 35 * _cupsSetDefaults() - Set the default server, port, and encryption.
36 * cups_read_client_conf() - Read a client.conf file.
ef416fc2 37 */
38
39/*
40 * Include necessary headers...
41 */
42
71e16022 43#include "cups-private.h"
ef416fc2 44#include <stdlib.h>
e00b005a 45#include <sys/stat.h>
ef416fc2 46#ifdef WIN32
47# include <windows.h>
5a6b583a
MS		 48#else
49# include <pwd.h>
dcb445bc 50# include <termios.h>
ef416fc2 51#endif /* WIN32 */
52
53
dcb445bc
MS		 54/*
55 * Local constants...
56 */
57
58#define _CUPS_PASSCHAR '*' /* Character that is echoed for password */
59
60
b423cd4c 61/*
62 * Local functions...
63 */
64
e07d4801
MS		 65static void cups_read_client_conf(cups_file_t *fp,
66 _cups_globals_t *cg,
67 const char *cups_encryption,
7cf5915e 68 const char *cups_server,
3e7fe0ca 69 const char *cups_user,
07ed0e9a
MS		 70#ifdef HAVE_GSSAPI
71 const char *cups_gssservicename,
72#endif /* HAVE_GSSAPI */
7cf5915e
MS		 73 const char *cups_anyroot,
74 const char *cups_expiredroot,
75 const char *cups_expiredcerts);
b423cd4c 76
77
ef416fc2 78/*
5a6b583a 79 * 'cupsEncryption()' - Get the current encryption settings.
ef416fc2 80 *
81 * The default encryption setting comes from the CUPS_ENCRYPTION
568fa3fa 82 * environment variable, then the ~/.cups/client.conf file, and finally the
ef416fc2 83 * /etc/cups/client.conf file. If not set, the default is
5a738aea 84 * @code HTTP_ENCRYPT_IF_REQUESTED@.
5a6b583a
MS		 85 *
86 * Note: The current encryption setting is tracked separately for each thread
87 * in a program. Multi-threaded programs that override the setting via the
88 * @link cupsSetEncryption@ function need to do so in each thread for the same
89 * setting to be used.
ef416fc2 90 */
91
92http_encryption_t /* O - Encryption settings */
93cupsEncryption(void)
94{
ef416fc2 95 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
96
97
ef416fc2 98 if (cg->encryption == (http_encryption_t)-1)
e07d4801 99 _cupsSetDefaults();
ef416fc2 100
101 return (cg->encryption);
102}
103
104
105/*
106 * 'cupsGetPassword()' - Get a password from the user.
107 *
5a738aea 108 * Uses the current password callback function. Returns @code NULL@ if the
ecdc0628 109 * user does not provide a password.
5a6b583a
MS		 110 *
111 * Note: The current password callback function is tracked separately for each
112 * thread in a program. Multi-threaded programs that override the setting via
113 * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to
114 * do so in each thread for the same function to be used.
ef416fc2 115 */
116
117const char * /* O - Password */
118cupsGetPassword(const char *prompt) /* I - Prompt string */
119{
f11a948a
MS		 120 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
121
122
123 return ((cg->password_cb)(prompt, NULL, NULL, NULL, cg->password_data));
124}
125
126
127/*
128 * 'cupsGetPassword2()' - Get a password from the user using the advanced
5a6b583a 129 * password callback.
f11a948a
MS		 130 *
131 * Uses the current password callback function. Returns @code NULL@ if the
132 * user does not provide a password.
133 *
5a6b583a
MS		 134 * Note: The current password callback function is tracked separately for each
135 * thread in a program. Multi-threaded programs that override the setting via
136 * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to
137 * do so in each thread for the same function to be used.
138 *
f3c17241 139 * @since CUPS 1.4/OS X 10.6@
f11a948a
MS		 140 */
141
142const char * /* O - Password */
143cupsGetPassword2(const char *prompt, /* I - Prompt string */
144 http_t *http, /* I - Connection to server or @code CUPS_HTTP_DEFAULT@ */
145 const char *method, /* I - Request method ("GET", "POST", "PUT") */
146 const char *resource) /* I - Resource path */
147{
148 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
149
150
151 if (!http)
152 http = _cupsConnect();
153
154 return ((cg->password_cb)(prompt, http, method, resource, cg->password_data));
ef416fc2 155}
156
157
ef416fc2 158/*
5a6b583a
MS		 159 * 'cupsServer()' - Return the hostname/address of the current server.
160 *
161 * The default server comes from the CUPS_SERVER environment variable, then the
162 * ~/.cups/client.conf file, and finally the /etc/cups/client.conf file. If not
163 * set, the default is the local system - either "localhost" or a domain socket
164 * path.
ef416fc2 165 *
5a6b583a
MS		 166 * The returned value can be a fully-qualified hostname, a numeric IPv4 or IPv6
167 * address, or a domain socket pathname.
168 *
169 * Note: The current server is tracked separately for each thread in a program.
170 * Multi-threaded programs that override the server via the
171 * @link cupsSetServer@ function need to do so in each thread for the same
172 * server to be used.
ef416fc2 173 */
174
175const char * /* O - Server name */
176cupsServer(void)
177{
ef416fc2 178 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
179
180
ef416fc2 181 if (!cg->server[0])
e07d4801 182 _cupsSetDefaults();
ef416fc2 183
e07d4801
MS		 184 return (cg->server);
185}
ef416fc2 186
d09495fa 187
7cf5915e
MS		 188/*
189 * 'cupsSetClientCertCB()' - Set the client certificate callback.
190 *
191 * Pass @code NULL@ to restore the default callback.
192 *
193 * Note: The current certificate callback is tracked separately for each thread
194 * in a program. Multi-threaded programs that override the callback need to do
195 * so in each thread for the same callback to be used.
196 *
f3c17241 197 * @since CUPS 1.5/OS X 10.7@
7cf5915e
MS		 198 */
199
200void
201cupsSetClientCertCB(
202 cups_client_cert_cb_t cb, /* I - Callback function */
203 void *user_data) /* I - User data pointer */
204{
205 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
206
207
208 cg->client_cert_cb = cb;
209 cg->client_cert_data = user_data;
210}
211
212
213/*
214 * 'cupsSetCredentials()' - Set the default credentials to be used for SSL/TLS
215 * connections.
216 *
217 * Note: The default credentials are tracked separately for each thread in a
218 * program. Multi-threaded programs that override the setting need to do so in
219 * each thread for the same setting to be used.
220 *
f3c17241 221 * @since CUPS 1.5/OS X 10.7@
7cf5915e
MS		 222 */
223
224int /* O - Status of call (0 = success) */
225cupsSetCredentials(
226 cups_array_t *credentials) /* I - Array of credentials */
227{
228 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
229
230
231 if (cupsArrayCount(credentials) < 1)
232 return (-1);
233
234 _httpFreeCredentials(cg->tls_credentials);
85dda01c 235 cg->tls_credentials = _httpCreateCredentials(credentials);
7cf5915e
MS		 236
237 return (cg->tls_credentials ? 0 : -1);
238}
239
240
e07d4801
MS		 241/*
242 * 'cupsSetEncryption()' - Set the encryption preference.
5a6b583a
MS		 243 *
244 * The default encryption setting comes from the CUPS_ENCRYPTION
245 * environment variable, then the ~/.cups/client.conf file, and finally the
246 * /etc/cups/client.conf file. If not set, the default is
247 * @code HTTP_ENCRYPT_IF_REQUESTED@.
248 *
249 * Note: The current encryption setting is tracked separately for each thread
250 * in a program. Multi-threaded programs that override the setting need to do
251 * so in each thread for the same setting to be used.
e07d4801 252 */
ef416fc2 253
e07d4801
MS		 254void
255cupsSetEncryption(http_encryption_t e) /* I - New encryption preference */
256{
257 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
ef416fc2 258
ef416fc2 259
e07d4801 260 cg->encryption = e;
ef416fc2 261
e07d4801
MS		 262 if (cg->http)
263 httpEncryption(cg->http, e);
ef416fc2 264}
265
266
267/*
268 * 'cupsSetPasswordCB()' - Set the password callback for CUPS.
269 *
5a6b583a
MS		 270 * Pass @code NULL@ to restore the default (console) password callback, which
271 * reads the password from the console. Programs should call either this
272 * function or @link cupsSetPasswordCB2@, as only one callback can be registered
273 * by a program per thread.
274 *
275 * Note: The current password callback is tracked separately for each thread
276 * in a program. Multi-threaded programs that override the callback need to do
277 * so in each thread for the same callback to be used.
ef416fc2 278 */
279
280void
281cupsSetPasswordCB(cups_password_cb_t cb)/* I - Callback function */
282{
283 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
284
285
f11a948a
MS		 286 if (cb == (cups_password_cb_t)0)
287 cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
288 else
289 cg->password_cb = (cups_password_cb2_t)cb;
290
291 cg->password_data = NULL;
292}
293
294
295/*
296 * 'cupsSetPasswordCB2()' - Set the advanced password callback for CUPS.
297 *
5a6b583a
MS		 298 * Pass @code NULL@ to restore the default (console) password callback, which
299 * reads the password from the console. Programs should call either this
300 * function or @link cupsSetPasswordCB2@, as only one callback can be registered
301 * by a program per thread.
302 *
303 * Note: The current password callback is tracked separately for each thread
304 * in a program. Multi-threaded programs that override the callback need to do
305 * so in each thread for the same callback to be used.
f11a948a 306 *
f3c17241 307 * @since CUPS 1.4/OS X 10.6@
f11a948a
MS		 308 */
309
310void
311cupsSetPasswordCB2(
312 cups_password_cb2_t cb, /* I - Callback function */
313 void *user_data) /* I - User data pointer */
314{
315 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
316
317
318 if (cb == (cups_password_cb2_t)0)
319 cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
ef416fc2 320 else
321 cg->password_cb = cb;
f11a948a
MS		 322
323 cg->password_data = user_data;
ef416fc2 324}
325
326
327/*
5a6b583a 328 * 'cupsSetServer()' - Set the default server name and port.
ef416fc2 329 *
330 * The "server" string can be a fully-qualified hostname, a numeric
5a6b583a
MS		 331 * IPv4 or IPv6 address, or a domain socket pathname. Hostnames and numeric IP
332 * addresses can be optionally followed by a colon and port number to override
333 * the default port 631, e.g. "hostname:8631". Pass @code NULL@ to restore the
334 * default server name and port.
335 *
336 * Note: The current server is tracked separately for each thread in a program.
337 * Multi-threaded programs that override the server need to do so in each
338 * thread for the same server to be used.
ef416fc2 339 */
340
341void
342cupsSetServer(const char *server) /* I - Server name */
343{
0cb67df3
MS		 344 char *options, /* Options */
345 *port; /* Pointer to port */
ef416fc2 346 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
347
348
349 if (server)
350 {
351 strlcpy(cg->server, server, sizeof(cg->server));
352
0cb67df3
MS		 353 if (cg->server[0] != '/' && (options = strrchr(cg->server, '/')) != NULL)
354 {
355 *options++ = '\0';
356
357 if (!strcmp(options, "version=1.0"))
358 cg->server_version = 10;
359 else if (!strcmp(options, "version=1.1"))
360 cg->server_version = 11;
361 else if (!strcmp(options, "version=2.0"))
362 cg->server_version = 20;
363 else if (!strcmp(options, "version=2.1"))
364 cg->server_version = 21;
365 else if (!strcmp(options, "version=2.2"))
366 cg->server_version = 22;
367 }
368
ef416fc2 369 if (cg->server[0] != '/' && (port = strrchr(cg->server, ':')) != NULL &&
370 !strchr(port, ']') && isdigit(port[1] & 255))
371 {
372 *port++ = '\0';
373
e07d4801 374 cg->ipp_port = atoi(port);
ef416fc2 375 }
376
377 if (cg->server[0] == '/')
5a9febac 378 strlcpy(cg->servername, "localhost", sizeof(cg->servername));
ef416fc2 379 else
380 strlcpy(cg->servername, cg->server, sizeof(cg->servername));
381 }
382 else
383 {
0cb67df3
MS		 384 cg->server[0] = '\0';
385 cg->servername[0] = '\0';
386 cg->server_version = 20;
ef416fc2 387 }
5a738aea
MS		 388
389 if (cg->http)
390 {
391 httpClose(cg->http);
392 cg->http = NULL;
393 }
ef416fc2 394}
395
396
7cf5915e
MS		 397/*
398 * 'cupsSetServerCertCB()' - Set the server certificate callback.
399 *
400 * Pass @code NULL@ to restore the default callback.
401 *
402 * Note: The current credentials callback is tracked separately for each thread
403 * in a program. Multi-threaded programs that override the callback need to do
404 * so in each thread for the same callback to be used.
405 *
f3c17241 406 * @since CUPS 1.5/OS X 10.7@
7cf5915e
MS		 407 */
408
409void
410cupsSetServerCertCB(
411 cups_server_cert_cb_t cb, /* I - Callback function */
412 void *user_data) /* I - User data pointer */
413{
414 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
415
416
417 cg->server_cert_cb = cb;
418 cg->server_cert_data = user_data;
419}
420
421
ef416fc2 422/*
423 * 'cupsSetUser()' - Set the default user name.
424 *
5a738aea 425 * Pass @code NULL@ to restore the default user name.
5a6b583a
MS		 426 *
427 * Note: The current user name is tracked separately for each thread in a
428 * program. Multi-threaded programs that override the user name need to do so
429 * in each thread for the same user name to be used.
ef416fc2 430 */
431
432void
433cupsSetUser(const char *user) /* I - User name */
434{
435 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
436
437
438 if (user)
439 strlcpy(cg->user, user, sizeof(cg->user));
440 else
441 cg->user[0] = '\0';
442}
443
444
ef416fc2 445/*
446 * 'cupsUser()' - Return the current user's name.
5a6b583a
MS		 447 *
448 * Note: The current user name is tracked separately for each thread in a
449 * program. Multi-threaded programs that override the user name with the
450 * @link cupsSetUser@ function need to do so in each thread for the same user
451 * name to be used.
ef416fc2 452 */
453
454const char * /* O - User name */
455cupsUser(void)
456{
457 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
458
459
460 if (!cg->user[0])
3e7fe0ca 461 _cupsSetDefaults();
ef416fc2 462
463 return (cg->user);
464}
465
466
467/*
468 * '_cupsGetPassword()' - Get a password from the user.
469 */
470
dcb445bc 471const char * /* O - Password or @code NULL@ if none */
ef416fc2 472_cupsGetPassword(const char *prompt) /* I - Prompt string */
473{
5a6b583a 474#ifdef WIN32
dcb445bc
MS		 475 HANDLE tty; /* Console handle */
476 DWORD mode; /* Console mode */
477 char passch, /* Current key press */
478 *passptr, /* Pointer into password string */
479 *passend; /* End of password string */
12f89d24 480 DWORD passbytes; /* Bytes read */
dcb445bc
MS		 481 _cups_globals_t *cg = _cupsGlobals();
482 /* Thread globals */
483
484
5a6b583a 485 /*
dcb445bc 486 * Disable input echo and set raw input...
5a6b583a
MS		 487 */
488
dcb445bc
MS		 489 if ((tty = GetStdHandle(STD_INPUT_HANDLE)) == INVALID_HANDLE_VALUE)
490 return (NULL);
491
492 if (!GetConsoleMode(tty, &mode))
493 return (NULL);
494
495 if (!SetConsoleMode(tty, 0))
496 return (NULL);
497
498 /*
499 * Display the prompt...
500 */
501
502 printf("%s ", prompt);
503 fflush(stdout);
504
505 /*
506 * Read the password string from /dev/tty until we get interrupted or get a
507 * carriage return or newline...
508 */
509
510 passptr = cg->password;
511 passend = cg->password + sizeof(cg->password) - 1;
512
12f89d24 513 while (ReadFile(tty, &passch, 1, &passbytes, NULL))
dcb445bc
MS		 514 {
515 if (passch == 0x0A || passch == 0x0D)
516 {
517 /*
518 * Enter/return...
519 */
520
521 break;
522 }
523 else if (passch == 0x08 || passch == 0x7F)
524 {
525 /*
526 * Backspace/delete (erase character)...
527 */
528
529 if (passptr > cg->password)
530 {
531 passptr --;
532 fputs("\010 \010", stdout);
533 }
534 else
535 putchar(0x07);
536 }
537 else if (passch == 0x15)
538 {
539 /*
540 * CTRL+U (erase line)
541 */
542
543 if (passptr > cg->password)
544 {
545 while (passptr > cg->password)
546 {
547 passptr --;
548 fputs("\010 \010", stdout);
549 }
550 }
551 else
552 putchar(0x07);
553 }
554 else if (passch == 0x03)
555 {
556 /*
557 * CTRL+C...
558 */
559
560 passptr = cg->password;
561 break;
562 }
563 else if ((passch & 255) < 0x20 || passptr >= passend)
564 putchar(0x07);
565 else
566 {
567 *passptr++ = passch;
568 putchar(_CUPS_PASSCHAR);
569 }
570
571 fflush(stdout);
572 }
573
574 putchar('\n');
575 fflush(stdout);
576
577 /*
578 * Cleanup...
579 */
580
581 SetConsoleMode(tty, mode);
582
583 /*
584 * Return the proper value...
585 */
586
587 if (passbytes == 1 && passptr > cg->password)
588 {
589 *passptr = '\0';
590 return (cg->password);
591 }
592 else
593 {
594 memset(cg->password, 0, sizeof(cg->password));
595 return (NULL);
596 }
5a6b583a
MS		 597
598#else
dcb445bc
MS		 599 int tty; /* /dev/tty - never read from stdin */
600 struct termios original, /* Original input mode */
601 noecho; /* No echo input mode */
602 char passch, /* Current key press */
603 *passptr, /* Pointer into password string */
604 *passend; /* End of password string */
605 ssize_t passbytes; /* Bytes read */
606 _cups_globals_t *cg = _cupsGlobals();
607 /* Thread globals */
608
609
5a6b583a 610 /*
dcb445bc 611 * Disable input echo and set raw input...
5a6b583a
MS		 612 */
613
dcb445bc
MS		 614 if ((tty = open("/dev/tty", O_RDONLY)) < 0)
615 return (NULL);
616
617 if (tcgetattr(tty, &original))
618 {
619 close(tty);
620 return (NULL);
621 }
622
623 noecho = original;
624 noecho.c_lflag &= ~(ICANON | ECHO | ECHOE | ISIG);
7cf5915e 625
dcb445bc
MS		 626 if (tcsetattr(tty, TCSAFLUSH, &noecho))
627 {
628 close(tty);
7cf5915e 629 return (NULL);
dcb445bc
MS		 630 }
631
632 /*
633 * Display the prompt...
634 */
635
636 printf("%s ", prompt);
637 fflush(stdout);
638
639 /*
640 * Read the password string from /dev/tty until we get interrupted or get a
641 * carriage return or newline...
642 */
643
644 passptr = cg->password;
645 passend = cg->password + sizeof(cg->password) - 1;
646
647 while ((passbytes = read(tty, &passch, 1)) == 1)
648 {
649 if (passch == noecho.c_cc[VEOL] || passch == noecho.c_cc[VEOL2] ||
650 passch == 0x0A || passch == 0x0D)
651 {
652 /*
653 * Enter/return...
654 */
655
656 break;
657 }
658 else if (passch == noecho.c_cc[VERASE] ||
659 passch == 0x08 || passch == 0x7F)
660 {
661 /*
662 * Backspace/delete (erase character)...
663 */
664
665 if (passptr > cg->password)
666 {
667 passptr --;
668 fputs("\010 \010", stdout);
669 }
670 else
671 putchar(0x07);
672 }
673 else if (passch == noecho.c_cc[VKILL])
674 {
675 /*
676 * CTRL+U (erase line)
677 */
678
679 if (passptr > cg->password)
680 {
681 while (passptr > cg->password)
682 {
683 passptr --;
684 fputs("\010 \010", stdout);
685 }
686 }
687 else
688 putchar(0x07);
689 }
690 else if (passch == noecho.c_cc[VINTR] || passch == noecho.c_cc[VQUIT] ||
691 passch == noecho.c_cc[VEOF])
692 {
693 /*
694 * CTRL+C, CTRL+D, or CTRL+Z...
695 */
696
697 passptr = cg->password;
698 break;
699 }
700 else if ((passch & 255) < 0x20 || passptr >= passend)
701 putchar(0x07);
702 else
703 {
704 *passptr++ = passch;
705 putchar(_CUPS_PASSCHAR);
706 }
707
708 fflush(stdout);
709 }
710
711 putchar('\n');
712 fflush(stdout);
713
714 /*
715 * Cleanup...
716 */
717
718 tcsetattr(tty, TCSAFLUSH, &original);
719 close(tty);
720
721 /*
722 * Return the proper value...
723 */
724
725 if (passbytes == 1 && passptr > cg->password)
726 {
727 *passptr = '\0';
728 return (cg->password);
729 }
7cf5915e 730 else
dcb445bc
MS		 731 {
732 memset(cg->password, 0, sizeof(cg->password));
733 return (NULL);
734 }
ef416fc2 735#endif /* WIN32 */
5a6b583a 736}
ef416fc2 737
738
eac3a0a0
MS		 739#ifdef HAVE_GSSAPI
740/*
741 * '_cupsGSSServiceName()' - Get the GSS (Kerberos) service name.
742 */
743
744const char *
745_cupsGSSServiceName(void)
746{
747 _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */
748
749
750 if (!cg->gss_service_name[0])
751 _cupsSetDefaults();
752
753 return (cg->gss_service_name);
754}
755#endif /* HAVE_GSSAPI */
756
757
ef416fc2 758/*
e07d4801 759 * '_cupsSetDefaults()' - Set the default server, port, and encryption.
b423cd4c 760 */
761
e07d4801
MS		 762void
763_cupsSetDefaults(void)
b423cd4c 764{
765 cups_file_t *fp; /* File */
e07d4801
MS		 766 const char *home, /* Home directory of user */
767 *cups_encryption, /* CUPS_ENCRYPTION env var */
7cf5915e 768 *cups_server, /* CUPS_SERVER env var */
3e7fe0ca 769 *cups_user, /* CUPS_USER/USER env var */
07ed0e9a
MS		 770#ifdef HAVE_GSSAPI
771 *cups_gssservicename, /* CUPS_GSSSERVICENAME env var */
772#endif /* HAVE_GSSAPI */
7cf5915e
MS		 773 *cups_anyroot, /* CUPS_ANYROOT env var */
774 *cups_expiredroot, /* CUPS_EXPIREDROOT env var */
775 *cups_expiredcerts; /* CUPS_EXPIREDCERTS env var */
b423cd4c 776 char filename[1024]; /* Filename */
777 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
778
779
e07d4801
MS		 780 DEBUG_puts("_cupsSetDefaults()");
781
782 /*
783 * First collect environment variables...
784 */
785
07ed0e9a
MS		 786 cups_encryption = getenv("CUPS_ENCRYPTION");
787 cups_server = getenv("CUPS_SERVER");
788#ifdef HAVE_GSSAPI
789 cups_gssservicename = getenv("CUPS_GSSSERVICENAME");
790#endif /* HAVE_GSSAPI */
791 cups_anyroot = getenv("CUPS_ANYROOT");
792 cups_expiredroot = getenv("CUPS_EXPIREDROOT");
793 cups_expiredcerts = getenv("CUPS_EXPIREDCERTS");
e07d4801 794
3e7fe0ca
MS		 795 if ((cups_user = getenv("CUPS_USER")) == NULL)
796 cups_user = getenv("USER");
797
e07d4801 798 /*
10d09e33
MS		 799 * Then, if needed, read the ~/.cups/client.conf or /etc/cups/client.conf
800 * files to get the default values...
e07d4801
MS		 801 */
802
e07d4801 803 if (cg->encryption == (http_encryption_t)-1 || !cg->server[0] ||
3e7fe0ca 804 !cg->user[0] || !cg->ipp_port)
e07d4801 805 {
10d09e33 806 if ((home = getenv("HOME")) != NULL)
d09495fa 807 {
10d09e33
MS		 808 /*
809 * Look for ~/.cups/client.conf...
810 */
e07d4801 811
10d09e33
MS		 812 snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home);
813 fp = cupsFileOpen(filename, "r");
814 }
815 else
816 fp = NULL;
e07d4801 817
10d09e33 818 if (!fp)
e07d4801 819 {
e07d4801 820 /*
10d09e33 821 * Look for CUPS_SERVERROOT/client.conf...
e07d4801
MS		 822 */
823
10d09e33
MS		 824 snprintf(filename, sizeof(filename), "%s/client.conf",
825 cg->cups_serverroot);
826 fp = cupsFileOpen(filename, "r");
e07d4801
MS		 827 }
828
10d09e33
MS		 829 /*
830 * Read the configuration file and apply any environment variables; both
831 * functions handle NULL cups_file_t pointers...
832 */
e07d4801 833
3e7fe0ca 834 cups_read_client_conf(fp, cg, cups_encryption, cups_server, cups_user,
07ed0e9a
MS		 835#ifdef HAVE_GSSAPI
836 cups_gssservicename,
837#endif /* HAVE_GSSAPI */
10d09e33
MS		 838 cups_anyroot, cups_expiredroot,
839 cups_expiredcerts);
840 cupsFileClose(fp);
e07d4801
MS		 841 }
842}
843
844
845/*
846 * 'cups_read_client_conf()' - Read a client.conf file.
847 */
848
849static void
850cups_read_client_conf(
851 cups_file_t *fp, /* I - File to read */
852 _cups_globals_t *cg, /* I - Global data */
853 const char *cups_encryption, /* I - CUPS_ENCRYPTION env var */
7cf5915e 854 const char *cups_server, /* I - CUPS_SERVER env var */
3e7fe0ca 855 const char *cups_user, /* I - CUPS_USER env var */
07ed0e9a
MS		 856#ifdef HAVE_GSSAPI
857 const char *cups_gssservicename,
858 /* I - CUPS_GSSSERVICENAME env var */
859#endif /* HAVE_GSSAPI */
7cf5915e
MS		 860 const char *cups_anyroot, /* I - CUPS_ANYROOT env var */
861 const char *cups_expiredroot, /* I - CUPS_EXPIREDROOT env var */
862 const char *cups_expiredcerts) /* I - CUPS_EXPIREDCERTS env var */
e07d4801
MS		 863{
864 int linenum; /* Current line number */
865 char line[1024], /* Line from file */
866 *value, /* Pointer into line */
867 encryption[1024], /* Encryption value */
85dda01c 868#ifndef __APPLE__
7cf5915e 869 server_name[1024], /* ServerName value */
85dda01c 870#endif /* !__APPLE__ */
3e7fe0ca 871 user[256], /* User value */
7cf5915e
MS		 872 any_root[1024], /* AllowAnyRoot value */
873 expired_root[1024], /* AllowExpiredRoot value */
874 expired_certs[1024]; /* AllowExpiredCerts value */
07ed0e9a
MS		 875#ifdef HAVE_GSSAPI
876 char gss_service_name[32]; /* GSSServiceName value */
877#endif /* HAVE_GSSAPI */
e07d4801
MS		 878
879
880 /*
881 * Read from the file...
882 */
883
884 linenum = 0;
885 while (cupsFileGetConf(fp, line, sizeof(line), &value, &linenum))
886 {
887 if (!cups_encryption && cg->encryption == (http_encryption_t)-1 &&
88f9aafc 888 !_cups_strcasecmp(line, "Encryption") && value)
e07d4801
MS		 889 {
890 strlcpy(encryption, value, sizeof(encryption));
891 cups_encryption = encryption;
892 }
85dda01c
MS		 893#ifndef __APPLE__
894 /*
f3c17241 895 * The Server directive is not supported on OS X due to app sandboxing
85dda01c
MS		 896 * restrictions, i.e. not all apps request network access.
897 */
e07d4801 898 else if (!cups_server && (!cg->server[0] || !cg->ipp_port) &&
88f9aafc 899 !_cups_strcasecmp(line, "ServerName") && value)
e07d4801
MS		 900 {
901 strlcpy(server_name, value, sizeof(server_name));
902 cups_server = server_name;
903 }
85dda01c 904#endif /* !__APPLE__ */
3e7fe0ca
MS		 905 else if (!cups_user && !_cups_strcasecmp(line, "User") && value)
906 {
907 strlcpy(user, value, sizeof(user));
908 cups_user = user;
909 }
88f9aafc 910 else if (!cups_anyroot && !_cups_strcasecmp(line, "AllowAnyRoot") && value)
7cf5915e
MS		 911 {
912 strlcpy(any_root, value, sizeof(any_root));
913 cups_anyroot = any_root;
914 }
88f9aafc 915 else if (!cups_expiredroot && !_cups_strcasecmp(line, "AllowExpiredRoot") &&
7cf5915e
MS		 916 value)
917 {
918 strlcpy(expired_root, value, sizeof(expired_root));
919 cups_expiredroot = expired_root;
920 }
88f9aafc 921 else if (!cups_expiredcerts && !_cups_strcasecmp(line, "AllowExpiredCerts") &&
7cf5915e
MS		 922 value)
923 {
924 strlcpy(expired_certs, value, sizeof(expired_certs));
925 cups_expiredcerts = expired_certs;
926 }
07ed0e9a 927#ifdef HAVE_GSSAPI
88f9aafc 928 else if (!cups_gssservicename && !_cups_strcasecmp(line, "GSSServiceName") &&
07ed0e9a
MS		 929 value)
930 {
931 strlcpy(gss_service_name, value, sizeof(gss_service_name));
932 cups_gssservicename = gss_service_name;
933 }
934#endif /* HAVE_GSSAPI */
e07d4801
MS		 935 }
936
937 /*
938 * Set values...
939 */
940
941 if (cg->encryption == (http_encryption_t)-1 && cups_encryption)
942 {
88f9aafc 943 if (!_cups_strcasecmp(cups_encryption, "never"))
e07d4801 944 cg->encryption = HTTP_ENCRYPT_NEVER;
88f9aafc 945 else if (!_cups_strcasecmp(cups_encryption, "always"))
e07d4801 946 cg->encryption = HTTP_ENCRYPT_ALWAYS;
88f9aafc 947 else if (!_cups_strcasecmp(cups_encryption, "required"))
e07d4801
MS		 948 cg->encryption = HTTP_ENCRYPT_REQUIRED;
949 else
950 cg->encryption = HTTP_ENCRYPT_IF_REQUESTED;
b423cd4c 951 }
952
e07d4801
MS		 953 if ((!cg->server[0] || !cg->ipp_port) && cups_server)
954 {
955 if (!cg->server[0])
956 {
957 /*
958 * Copy server name...
959 */
960
961 strlcpy(cg->server, cups_server, sizeof(cg->server));
962
963 if (cg->server[0] != '/' && (value = strrchr(cg->server, ':')) != NULL &&
964 !strchr(value, ']') && isdigit(value[1] & 255))
965 *value++ = '\0';
966 else
967 value = NULL;
968
969 if (cg->server[0] == '/')
5a9febac 970 strlcpy(cg->servername, "localhost", sizeof(cg->servername));
e07d4801
MS		 971 else
972 strlcpy(cg->servername, cg->server, sizeof(cg->servername));
973 }
974 else if (cups_server[0] != '/' &&
975 (value = strrchr(cups_server, ':')) != NULL &&
976 !strchr(value, ']') && isdigit(value[1] & 255))
977 value ++;
978 else
979 value = NULL;
980
981 if (!cg->ipp_port && value)
982 cg->ipp_port = atoi(value);
983 }
7cf5915e 984
10d09e33
MS		 985 if (!cg->server[0])
986 {
987#ifdef CUPS_DEFAULT_DOMAINSOCKET
988 /*
989 * If we are compiled with domain socket support, only use the
990 * domain socket if it exists and has the right permissions...
991 */
992
993 struct stat sockinfo; /* Domain socket information */
994
995 if (!stat(CUPS_DEFAULT_DOMAINSOCKET, &sockinfo) &&
996 (sockinfo.st_mode & S_IRWXO) == S_IRWXO)
997 cups_server = CUPS_DEFAULT_DOMAINSOCKET;
998 else
999#endif /* CUPS_DEFAULT_DOMAINSOCKET */
1000 cups_server = "localhost";
1001
1002 cupsSetServer(cups_server);
1003 }
1004
1005 if (!cg->ipp_port)
1006 {
88f9aafc 1007 const char *ipp_port; /* IPP_PORT environment variable */
10d09e33
MS		 1008
1009 if ((ipp_port = getenv("IPP_PORT")) != NULL)
1010 {
1011 if ((cg->ipp_port = atoi(ipp_port)) <= 0)
1012 cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
1013 }
10d09e33 1014 else
88f9aafc 1015 cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
10d09e33
MS		 1016 }
1017
3e7fe0ca
MS		 1018 if (!cg->user[0])
1019 {
1020 if (cups_user)
1021 strlcpy(cg->user, cups_user, sizeof(cg->user));
1022 else
1023 {
1024#ifdef WIN32
1025 /*
1026 * Get the current user name from the OS...
1027 */
1028
1029 DWORD size; /* Size of string */
1030
1031 size = sizeof(cg->user);
1032 if (!GetUserName(cg->user, &size))
1033#else
1034 /*
1035 * Get the user name corresponding to the current UID...
1036 */
1037
1038 struct passwd *pwd; /* User/password entry */
1039
1040 setpwent();
1041 if ((pwd = getpwuid(getuid())) != NULL)
1042 {
1043 /*
1044 * Found a match!
1045 */
1046
1047 strlcpy(cg->user, pwd->pw_name, sizeof(cg->user));
1048 }
1049 else
1050#endif /* WIN32 */
1051 {
1052 /*
1053 * Use the default "unknown" user name...
1054 */
1055
5a9febac 1056 strlcpy(cg->user, "unknown", sizeof(cg->user));
3e7fe0ca
MS		 1057 }
1058 }
1059 }
1060
07ed0e9a
MS		 1061#ifdef HAVE_GSSAPI
1062 if (!cups_gssservicename)
1063 cups_gssservicename = CUPS_DEFAULT_GSSSERVICENAME;
1064
1065 strlcpy(cg->gss_service_name, cups_gssservicename,
1066 sizeof(cg->gss_service_name));
1067#endif /* HAVE_GSSAPI */
1068
7cf5915e 1069 if (cups_anyroot)
88f9aafc
MS		 1070 cg->any_root = !_cups_strcasecmp(cups_anyroot, "yes") ||
1071 !_cups_strcasecmp(cups_anyroot, "on") ||
1072 !_cups_strcasecmp(cups_anyroot, "true");
7cf5915e
MS		 1073
1074 if (cups_expiredroot)
88f9aafc
MS		 1075 cg->expired_root = !_cups_strcasecmp(cups_expiredroot, "yes") ||
1076 !_cups_strcasecmp(cups_expiredroot, "on") ||
1077 !_cups_strcasecmp(cups_expiredroot, "true");
7cf5915e
MS		 1078
1079 if (cups_expiredcerts)
88f9aafc
MS		 1080 cg->expired_certs = !_cups_strcasecmp(cups_expiredcerts, "yes") ||
1081 !_cups_strcasecmp(cups_expiredcerts, "on") ||
1082 !_cups_strcasecmp(cups_expiredcerts, "true");
b423cd4c 1083}
1084
1085
1086/*
e07d4801 1087 * End of "$Id: usersys.c 8498 2009-04-13 17:03:15Z mike $".
ef416fc2 1088 */
Unnamed repository; edit this file 'description' to name the repository.