]> git.ipfire.org Git - thirdparty/cups.git/blame - cups/usersys.c
projects / thirdparty / cups.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Remove all of the Subversion keywords from various source files.
[thirdparty/cups.git] / cups / usersys.c
CommitLineData
ef416fc2 1/*
83bc2aac
MS		 2 * User, system, and password routines for CUPS.
3 *
3abb875b 4 * Copyright 2007-2015 by Apple Inc.
83bc2aac
MS		 5 * Copyright 1997-2006 by Easy Software Products.
6 *
7 * These coded instructions, statements, and computer programs are the
8 * property of Apple Inc. and are protected by Federal copyright
9 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
10 * which should have been included with this file. If this file is
11 * file is missing or damaged, see the license at "http://www.cups.org/".
12 *
13 * This file is subject to the Apple OS-Developed Software exception.
ef416fc2 14 */
15
16/*
17 * Include necessary headers...
18 */
19
71e16022 20#include "cups-private.h"
ef416fc2 21#include <stdlib.h>
e00b005a 22#include <sys/stat.h>
ef416fc2 23#ifdef WIN32
24# include <windows.h>
5a6b583a
MS		 25#else
26# include <pwd.h>
dcb445bc 27# include <termios.h>
db8b865d 28# include <sys/utsname.h>
ef416fc2 29#endif /* WIN32 */
30
31
dcb445bc
MS		 32/*
33 * Local constants...
34 */
35
36#define _CUPS_PASSCHAR '*' /* Character that is echoed for password */
37
38
3abb875b
MS		 39/*
40 * Local types...
41 */
42
43typedef struct _cups_client_conf_s /**** client.conf config data ****/
44{
45#ifdef HAVE_SSL
46 int ssl_options; /* SSLOptions values */
47#endif /* HAVE_SSL */
48 int any_root, /* Allow any (e.g., self-signed) root */
49 expired_certs, /* Allow expired certs */
50 validate_certs; /* Validate certificates */
51 http_encryption_t encryption; /* Encryption setting */
52 char user[65], /* User name */
53 server_name[256];
54 /* Server hostname */
55#ifdef HAVE_GSSAPI
56 char gss_service_name[32];
57 /* Kerberos service name */
58#endif /* HAVE_GSSAPI */
59} _cups_client_conf_t;
60
61
b423cd4c 62/*
63 * Local functions...
64 */
65
3abb875b
MS		 66static void cups_finalize_client_conf(_cups_client_conf_t *cc);
67static void cups_init_client_conf(_cups_client_conf_t *cc);
68static void cups_read_client_conf(cups_file_t *fp, _cups_client_conf_t *cc);
4b9daaf4 69static void cups_set_default_ipp_port(_cups_globals_t *cg);
3abb875b 70static void cups_set_encryption(_cups_client_conf_t *cc, const char *value);
07ed0e9a 71#ifdef HAVE_GSSAPI
3abb875b 72static void cups_set_gss_service_name(_cups_client_conf_t *cc, const char *value);
07ed0e9a 73#endif /* HAVE_GSSAPI */
3abb875b
MS		 74static void cups_set_server_name(_cups_client_conf_t *cc, const char *value);
75#ifdef HAVE_SSL
76static void cups_set_ssl_options(_cups_client_conf_t *cc, const char *value);
77#endif /* HAVE_SSL */
78static void cups_set_user(_cups_client_conf_t *cc, const char *value);
b423cd4c 79
80
ef416fc2 81/*
5a6b583a 82 * 'cupsEncryption()' - Get the current encryption settings.
ef416fc2 83 *
84 * The default encryption setting comes from the CUPS_ENCRYPTION
568fa3fa 85 * environment variable, then the ~/.cups/client.conf file, and finally the
ef416fc2 86 * /etc/cups/client.conf file. If not set, the default is
cb7f98ee 87 * @code HTTP_ENCRYPTION_IF_REQUESTED@.
5a6b583a
MS		 88 *
89 * Note: The current encryption setting is tracked separately for each thread
90 * in a program. Multi-threaded programs that override the setting via the
91 * @link cupsSetEncryption@ function need to do so in each thread for the same
92 * setting to be used.
ef416fc2 93 */
94
95http_encryption_t /* O - Encryption settings */
96cupsEncryption(void)
97{
ef416fc2 98 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
99
100
ef416fc2 101 if (cg->encryption == (http_encryption_t)-1)
e07d4801 102 _cupsSetDefaults();
ef416fc2 103
104 return (cg->encryption);
105}
106
107
108/*
109 * 'cupsGetPassword()' - Get a password from the user.
110 *
5a738aea 111 * Uses the current password callback function. Returns @code NULL@ if the
ecdc0628 112 * user does not provide a password.
5a6b583a
MS		 113 *
114 * Note: The current password callback function is tracked separately for each
115 * thread in a program. Multi-threaded programs that override the setting via
116 * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to
117 * do so in each thread for the same function to be used.
ef416fc2 118 */
119
120const char * /* O - Password */
121cupsGetPassword(const char *prompt) /* I - Prompt string */
122{
f11a948a
MS		 123 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
124
125
126 return ((cg->password_cb)(prompt, NULL, NULL, NULL, cg->password_data));
127}
128
129
130/*
131 * 'cupsGetPassword2()' - Get a password from the user using the advanced
5a6b583a 132 * password callback.
f11a948a
MS		 133 *
134 * Uses the current password callback function. Returns @code NULL@ if the
135 * user does not provide a password.
136 *
5a6b583a
MS		 137 * Note: The current password callback function is tracked separately for each
138 * thread in a program. Multi-threaded programs that override the setting via
139 * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to
140 * do so in each thread for the same function to be used.
141 *
f3c17241 142 * @since CUPS 1.4/OS X 10.6@
f11a948a
MS		 143 */
144
145const char * /* O - Password */
146cupsGetPassword2(const char *prompt, /* I - Prompt string */
147 http_t *http, /* I - Connection to server or @code CUPS_HTTP_DEFAULT@ */
148 const char *method, /* I - Request method ("GET", "POST", "PUT") */
149 const char *resource) /* I - Resource path */
150{
151 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
152
153
154 if (!http)
155 http = _cupsConnect();
156
157 return ((cg->password_cb)(prompt, http, method, resource, cg->password_data));
ef416fc2 158}
159
160
ef416fc2 161/*
5a6b583a
MS		 162 * 'cupsServer()' - Return the hostname/address of the current server.
163 *
164 * The default server comes from the CUPS_SERVER environment variable, then the
165 * ~/.cups/client.conf file, and finally the /etc/cups/client.conf file. If not
166 * set, the default is the local system - either "localhost" or a domain socket
167 * path.
ef416fc2 168 *
5a6b583a
MS		 169 * The returned value can be a fully-qualified hostname, a numeric IPv4 or IPv6
170 * address, or a domain socket pathname.
171 *
172 * Note: The current server is tracked separately for each thread in a program.
173 * Multi-threaded programs that override the server via the
174 * @link cupsSetServer@ function need to do so in each thread for the same
175 * server to be used.
ef416fc2 176 */
177
178const char * /* O - Server name */
179cupsServer(void)
180{
ef416fc2 181 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
182
183
ef416fc2 184 if (!cg->server[0])
e07d4801 185 _cupsSetDefaults();
ef416fc2 186
e07d4801
MS		 187 return (cg->server);
188}
ef416fc2 189
d09495fa 190
7cf5915e
MS		 191/*
192 * 'cupsSetClientCertCB()' - Set the client certificate callback.
193 *
194 * Pass @code NULL@ to restore the default callback.
195 *
196 * Note: The current certificate callback is tracked separately for each thread
197 * in a program. Multi-threaded programs that override the callback need to do
198 * so in each thread for the same callback to be used.
199 *
f3c17241 200 * @since CUPS 1.5/OS X 10.7@
7cf5915e
MS		 201 */
202
203void
204cupsSetClientCertCB(
205 cups_client_cert_cb_t cb, /* I - Callback function */
206 void *user_data) /* I - User data pointer */
207{
208 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
209
210
211 cg->client_cert_cb = cb;
212 cg->client_cert_data = user_data;
213}
214
215
216/*
217 * 'cupsSetCredentials()' - Set the default credentials to be used for SSL/TLS
218 * connections.
219 *
220 * Note: The default credentials are tracked separately for each thread in a
221 * program. Multi-threaded programs that override the setting need to do so in
222 * each thread for the same setting to be used.
223 *
f3c17241 224 * @since CUPS 1.5/OS X 10.7@
7cf5915e
MS		 225 */
226
227int /* O - Status of call (0 = success) */
228cupsSetCredentials(
229 cups_array_t *credentials) /* I - Array of credentials */
230{
231 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
232
233
234 if (cupsArrayCount(credentials) < 1)
235 return (-1);
236
7d5824d6 237#ifdef HAVE_SSL
7cf5915e 238 _httpFreeCredentials(cg->tls_credentials);
85dda01c 239 cg->tls_credentials = _httpCreateCredentials(credentials);
7d5824d6 240#endif /* HAVE_SSL */
7cf5915e
MS		 241
242 return (cg->tls_credentials ? 0 : -1);
243}
244
245
e07d4801
MS		 246/*
247 * 'cupsSetEncryption()' - Set the encryption preference.
5a6b583a
MS		 248 *
249 * The default encryption setting comes from the CUPS_ENCRYPTION
250 * environment variable, then the ~/.cups/client.conf file, and finally the
251 * /etc/cups/client.conf file. If not set, the default is
cb7f98ee 252 * @code HTTP_ENCRYPTION_IF_REQUESTED@.
5a6b583a
MS		 253 *
254 * Note: The current encryption setting is tracked separately for each thread
255 * in a program. Multi-threaded programs that override the setting need to do
256 * so in each thread for the same setting to be used.
e07d4801 257 */
ef416fc2 258
e07d4801
MS		 259void
260cupsSetEncryption(http_encryption_t e) /* I - New encryption preference */
261{
262 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
ef416fc2 263
ef416fc2 264
e07d4801 265 cg->encryption = e;
ef416fc2 266
e07d4801
MS		 267 if (cg->http)
268 httpEncryption(cg->http, e);
ef416fc2 269}
270
271
272/*
273 * 'cupsSetPasswordCB()' - Set the password callback for CUPS.
274 *
5a6b583a
MS		 275 * Pass @code NULL@ to restore the default (console) password callback, which
276 * reads the password from the console. Programs should call either this
277 * function or @link cupsSetPasswordCB2@, as only one callback can be registered
278 * by a program per thread.
279 *
280 * Note: The current password callback is tracked separately for each thread
281 * in a program. Multi-threaded programs that override the callback need to do
282 * so in each thread for the same callback to be used.
ef416fc2 283 */
284
285void
286cupsSetPasswordCB(cups_password_cb_t cb)/* I - Callback function */
287{
288 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
289
290
f11a948a
MS		 291 if (cb == (cups_password_cb_t)0)
292 cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
293 else
294 cg->password_cb = (cups_password_cb2_t)cb;
295
296 cg->password_data = NULL;
297}
298
299
300/*
301 * 'cupsSetPasswordCB2()' - Set the advanced password callback for CUPS.
302 *
5a6b583a
MS		 303 * Pass @code NULL@ to restore the default (console) password callback, which
304 * reads the password from the console. Programs should call either this
305 * function or @link cupsSetPasswordCB2@, as only one callback can be registered
306 * by a program per thread.
307 *
308 * Note: The current password callback is tracked separately for each thread
309 * in a program. Multi-threaded programs that override the callback need to do
310 * so in each thread for the same callback to be used.
f11a948a 311 *
f3c17241 312 * @since CUPS 1.4/OS X 10.6@
f11a948a
MS		 313 */
314
315void
316cupsSetPasswordCB2(
317 cups_password_cb2_t cb, /* I - Callback function */
318 void *user_data) /* I - User data pointer */
319{
320 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
321
322
323 if (cb == (cups_password_cb2_t)0)
324 cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
ef416fc2 325 else
326 cg->password_cb = cb;
f11a948a
MS		 327
328 cg->password_data = user_data;
ef416fc2 329}
330
331
332/*
5a6b583a 333 * 'cupsSetServer()' - Set the default server name and port.
ef416fc2 334 *
335 * The "server" string can be a fully-qualified hostname, a numeric
5a6b583a
MS		 336 * IPv4 or IPv6 address, or a domain socket pathname. Hostnames and numeric IP
337 * addresses can be optionally followed by a colon and port number to override
338 * the default port 631, e.g. "hostname:8631". Pass @code NULL@ to restore the
339 * default server name and port.
340 *
341 * Note: The current server is tracked separately for each thread in a program.
342 * Multi-threaded programs that override the server need to do so in each
343 * thread for the same server to be used.
ef416fc2 344 */
345
346void
347cupsSetServer(const char *server) /* I - Server name */
348{
0cb67df3
MS		 349 char *options, /* Options */
350 *port; /* Pointer to port */
ef416fc2 351 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
352
353
354 if (server)
355 {
356 strlcpy(cg->server, server, sizeof(cg->server));
357
0cb67df3
MS		 358 if (cg->server[0] != '/' && (options = strrchr(cg->server, '/')) != NULL)
359 {
360 *options++ = '\0';
361
362 if (!strcmp(options, "version=1.0"))
363 cg->server_version = 10;
364 else if (!strcmp(options, "version=1.1"))
365 cg->server_version = 11;
366 else if (!strcmp(options, "version=2.0"))
367 cg->server_version = 20;
368 else if (!strcmp(options, "version=2.1"))
369 cg->server_version = 21;
370 else if (!strcmp(options, "version=2.2"))
371 cg->server_version = 22;
372 }
567f49cb
MS		 373 else
374 cg->server_version = 20;
0cb67df3 375
ef416fc2 376 if (cg->server[0] != '/' && (port = strrchr(cg->server, ':')) != NULL &&
377 !strchr(port, ']') && isdigit(port[1] & 255))
378 {
379 *port++ = '\0';
380
e07d4801 381 cg->ipp_port = atoi(port);
ef416fc2 382 }
383
4b9daaf4
MS		 384 if (!cg->ipp_port)
385 cups_set_default_ipp_port(cg);
386
ef416fc2 387 if (cg->server[0] == '/')
5a9febac 388 strlcpy(cg->servername, "localhost", sizeof(cg->servername));
ef416fc2 389 else
390 strlcpy(cg->servername, cg->server, sizeof(cg->servername));
391 }
392 else
393 {
0cb67df3
MS		 394 cg->server[0] = '\0';
395 cg->servername[0] = '\0';
396 cg->server_version = 20;
4b9daaf4 397 cg->ipp_port = 0;
ef416fc2 398 }
5a738aea
MS		 399
400 if (cg->http)
401 {
402 httpClose(cg->http);
403 cg->http = NULL;
404 }
ef416fc2 405}
406
407
7cf5915e
MS		 408/*
409 * 'cupsSetServerCertCB()' - Set the server certificate callback.
410 *
411 * Pass @code NULL@ to restore the default callback.
412 *
413 * Note: The current credentials callback is tracked separately for each thread
414 * in a program. Multi-threaded programs that override the callback need to do
415 * so in each thread for the same callback to be used.
416 *
f3c17241 417 * @since CUPS 1.5/OS X 10.7@
7cf5915e
MS		 418 */
419
420void
421cupsSetServerCertCB(
422 cups_server_cert_cb_t cb, /* I - Callback function */
423 void *user_data) /* I - User data pointer */
424{
425 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
426
427
428 cg->server_cert_cb = cb;
429 cg->server_cert_data = user_data;
430}
431
432
ef416fc2 433/*
434 * 'cupsSetUser()' - Set the default user name.
435 *
5a738aea 436 * Pass @code NULL@ to restore the default user name.
5a6b583a
MS		 437 *
438 * Note: The current user name is tracked separately for each thread in a
439 * program. Multi-threaded programs that override the user name need to do so
440 * in each thread for the same user name to be used.
ef416fc2 441 */
442
443void
444cupsSetUser(const char *user) /* I - User name */
445{
446 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
447
448
449 if (user)
450 strlcpy(cg->user, user, sizeof(cg->user));
451 else
452 cg->user[0] = '\0';
453}
454
455
db8b865d
MS		 456/*
457 * 'cupsSetUserAgent()' - Set the default HTTP User-Agent string.
458 *
459 * Setting the string to NULL forces the default value containing the CUPS
460 * version, IPP version, and operating system version and architecture.
461 *
9c0e8e5d 462 * @since CUPS 1.7/OS X 10.9@
db8b865d
MS		 463 */
464
465void
466cupsSetUserAgent(const char *user_agent)/* I - User-Agent string or @code NULL@ */
467{
468 _cups_globals_t *cg = _cupsGlobals();
469 /* Thread globals */
470#ifdef WIN32
471 SYSTEM_INFO sysinfo; /* System information */
472 OSVERSIONINFO version; /* OS version info */
473#else
474 struct utsname name; /* uname info */
475#endif /* WIN32 */
476
477
478 if (user_agent)
479 {
480 strlcpy(cg->user_agent, user_agent, sizeof(cg->user_agent));
481 return;
482 }
483
484#ifdef WIN32
485 version.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
486 GetVersionEx(&version);
487 GetNativeSystemInfo(&sysinfo);
488
489 snprintf(cg->user_agent, sizeof(cg->user_agent),
490 CUPS_MINIMAL " (Windows %d.%d; %s) IPP/2.0",
491 version.dwMajorVersion, version.dwMinorVersion,
492 sysinfo.wProcessorArchitecture
493 == PROCESSOR_ARCHITECTURE_AMD64 ? "amd64" :
494 sysinfo.wProcessorArchitecture
495 == PROCESSOR_ARCHITECTURE_ARM ? "arm" :
496 sysinfo.wProcessorArchitecture
497 == PROCESSOR_ARCHITECTURE_IA64 ? "ia64" :
498 sysinfo.wProcessorArchitecture
499 == PROCESSOR_ARCHITECTURE_INTEL ? "intel" :
500 "unknown");
501
502#else
503 uname(&name);
504
505 snprintf(cg->user_agent, sizeof(cg->user_agent),
506 CUPS_MINIMAL " (%s %s; %s) IPP/2.0",
507 name.sysname, name.release, name.machine);
508#endif /* WIN32 */
509}
510
511
ef416fc2 512/*
513 * 'cupsUser()' - Return the current user's name.
5a6b583a
MS		 514 *
515 * Note: The current user name is tracked separately for each thread in a
516 * program. Multi-threaded programs that override the user name with the
517 * @link cupsSetUser@ function need to do so in each thread for the same user
518 * name to be used.
ef416fc2 519 */
520
521const char * /* O - User name */
522cupsUser(void)
523{
524 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
525
526
527 if (!cg->user[0])
3e7fe0ca 528 _cupsSetDefaults();
ef416fc2 529
530 return (cg->user);
531}
532
533
db8b865d
MS		 534/*
535 * 'cupsUserAgent()' - Return the default HTTP User-Agent string.
536 *
9c0e8e5d 537 * @since CUPS 1.7/OS X 10.9@
db8b865d
MS		 538 */
539
540const char * /* O - User-Agent string */
541cupsUserAgent(void)
542{
543 _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */
544
545
546 if (!cg->user_agent[0])
547 cupsSetUserAgent(NULL);
548
549 return (cg->user_agent);
550}
551
552
ef416fc2 553/*
554 * '_cupsGetPassword()' - Get a password from the user.
555 */
556
dcb445bc 557const char * /* O - Password or @code NULL@ if none */
ef416fc2 558_cupsGetPassword(const char *prompt) /* I - Prompt string */
559{
5a6b583a 560#ifdef WIN32
dcb445bc
MS		 561 HANDLE tty; /* Console handle */
562 DWORD mode; /* Console mode */
563 char passch, /* Current key press */
564 *passptr, /* Pointer into password string */
565 *passend; /* End of password string */
12f89d24 566 DWORD passbytes; /* Bytes read */
dcb445bc
MS		 567 _cups_globals_t *cg = _cupsGlobals();
568 /* Thread globals */
569
570
5a6b583a 571 /*
dcb445bc 572 * Disable input echo and set raw input...
5a6b583a
MS		 573 */
574
dcb445bc
MS		 575 if ((tty = GetStdHandle(STD_INPUT_HANDLE)) == INVALID_HANDLE_VALUE)
576 return (NULL);
577
578 if (!GetConsoleMode(tty, &mode))
579 return (NULL);
580
581 if (!SetConsoleMode(tty, 0))
582 return (NULL);
583
584 /*
585 * Display the prompt...
586 */
587
588 printf("%s ", prompt);
589 fflush(stdout);
590
591 /*
592 * Read the password string from /dev/tty until we get interrupted or get a
593 * carriage return or newline...
594 */
595
596 passptr = cg->password;
597 passend = cg->password + sizeof(cg->password) - 1;
598
12f89d24 599 while (ReadFile(tty, &passch, 1, &passbytes, NULL))
dcb445bc
MS		 600 {
601 if (passch == 0x0A || passch == 0x0D)
602 {
603 /*
604 * Enter/return...
605 */
606
607 break;
608 }
609 else if (passch == 0x08 || passch == 0x7F)
610 {
611 /*
612 * Backspace/delete (erase character)...
613 */
614
615 if (passptr > cg->password)
616 {
617 passptr --;
618 fputs("\010 \010", stdout);
619 }
620 else
621 putchar(0x07);
622 }
623 else if (passch == 0x15)
624 {
625 /*
626 * CTRL+U (erase line)
627 */
628
629 if (passptr > cg->password)
630 {
631 while (passptr > cg->password)
632 {
633 passptr --;
634 fputs("\010 \010", stdout);
635 }
636 }
637 else
638 putchar(0x07);
639 }
640 else if (passch == 0x03)
641 {
642 /*
643 * CTRL+C...
644 */
645
646 passptr = cg->password;
647 break;
648 }
649 else if ((passch & 255) < 0x20 || passptr >= passend)
650 putchar(0x07);
651 else
652 {
653 *passptr++ = passch;
654 putchar(_CUPS_PASSCHAR);
655 }
656
657 fflush(stdout);
658 }
659
660 putchar('\n');
661 fflush(stdout);
662
663 /*
664 * Cleanup...
665 */
666
667 SetConsoleMode(tty, mode);
668
669 /*
670 * Return the proper value...
671 */
672
673 if (passbytes == 1 && passptr > cg->password)
674 {
675 *passptr = '\0';
676 return (cg->password);
677 }
678 else
679 {
680 memset(cg->password, 0, sizeof(cg->password));
681 return (NULL);
682 }
5a6b583a
MS		 683
684#else
dcb445bc
MS		 685 int tty; /* /dev/tty - never read from stdin */
686 struct termios original, /* Original input mode */
687 noecho; /* No echo input mode */
688 char passch, /* Current key press */
689 *passptr, /* Pointer into password string */
690 *passend; /* End of password string */
691 ssize_t passbytes; /* Bytes read */
692 _cups_globals_t *cg = _cupsGlobals();
693 /* Thread globals */
694
695
5a6b583a 696 /*
dcb445bc 697 * Disable input echo and set raw input...
5a6b583a
MS		 698 */
699
dcb445bc
MS		 700 if ((tty = open("/dev/tty", O_RDONLY)) < 0)
701 return (NULL);
702
703 if (tcgetattr(tty, &original))
704 {
705 close(tty);
706 return (NULL);
707 }
708
709 noecho = original;
7e86f2f6 710 noecho.c_lflag &= (tcflag_t)~(ICANON | ECHO | ECHOE | ISIG);
a8db9df8
MS		 711 noecho.c_cc[VMIN] = 1;
712 noecho.c_cc[VTIME] = 0;
7cf5915e 713
dcb445bc
MS		 714 if (tcsetattr(tty, TCSAFLUSH, &noecho))
715 {
716 close(tty);
7cf5915e 717 return (NULL);
dcb445bc
MS		 718 }
719
720 /*
721 * Display the prompt...
722 */
723
724 printf("%s ", prompt);
725 fflush(stdout);
726
727 /*
728 * Read the password string from /dev/tty until we get interrupted or get a
729 * carriage return or newline...
730 */
731
732 passptr = cg->password;
733 passend = cg->password + sizeof(cg->password) - 1;
734
735 while ((passbytes = read(tty, &passch, 1)) == 1)
736 {
8dd318e5
MS		 737 if (passch == noecho.c_cc[VEOL] ||
738# ifdef VEOL2
739 passch == noecho.c_cc[VEOL2] ||
740# endif /* VEOL2 */
dcb445bc
MS		 741 passch == 0x0A || passch == 0x0D)
742 {
743 /*
744 * Enter/return...
745 */
746
747 break;
748 }
749 else if (passch == noecho.c_cc[VERASE] ||
750 passch == 0x08 || passch == 0x7F)
751 {
752 /*
753 * Backspace/delete (erase character)...
754 */
755
756 if (passptr > cg->password)
757 {
758 passptr --;
759 fputs("\010 \010", stdout);
760 }
761 else
762 putchar(0x07);
763 }
764 else if (passch == noecho.c_cc[VKILL])
765 {
766 /*
767 * CTRL+U (erase line)
768 */
769
770 if (passptr > cg->password)
771 {
772 while (passptr > cg->password)
773 {
774 passptr --;
775 fputs("\010 \010", stdout);
776 }
777 }
778 else
779 putchar(0x07);
780 }
781 else if (passch == noecho.c_cc[VINTR] || passch == noecho.c_cc[VQUIT] ||
782 passch == noecho.c_cc[VEOF])
783 {
784 /*
785 * CTRL+C, CTRL+D, or CTRL+Z...
786 */
787
788 passptr = cg->password;
789 break;
790 }
791 else if ((passch & 255) < 0x20 || passptr >= passend)
792 putchar(0x07);
793 else
794 {
795 *passptr++ = passch;
796 putchar(_CUPS_PASSCHAR);
797 }
798
799 fflush(stdout);
800 }
801
802 putchar('\n');
803 fflush(stdout);
804
805 /*
806 * Cleanup...
807 */
808
809 tcsetattr(tty, TCSAFLUSH, &original);
810 close(tty);
811
812 /*
813 * Return the proper value...
814 */
815
816 if (passbytes == 1 && passptr > cg->password)
817 {
818 *passptr = '\0';
819 return (cg->password);
820 }
7cf5915e 821 else
dcb445bc
MS		 822 {
823 memset(cg->password, 0, sizeof(cg->password));
824 return (NULL);
825 }
ef416fc2 826#endif /* WIN32 */
5a6b583a 827}
ef416fc2 828
829
eac3a0a0
MS		 830#ifdef HAVE_GSSAPI
831/*
832 * '_cupsGSSServiceName()' - Get the GSS (Kerberos) service name.
833 */
834
835const char *
836_cupsGSSServiceName(void)
837{
838 _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */
839
840
841 if (!cg->gss_service_name[0])
842 _cupsSetDefaults();
843
844 return (cg->gss_service_name);
845}
846#endif /* HAVE_GSSAPI */
847
848
ef416fc2 849/*
e07d4801 850 * '_cupsSetDefaults()' - Set the default server, port, and encryption.
b423cd4c 851 */
852
e07d4801
MS		 853void
854_cupsSetDefaults(void)
b423cd4c 855{
856 cups_file_t *fp; /* File */
3abb875b 857 const char *home; /* Home directory of user */
b423cd4c 858 char filename[1024]; /* Filename */
3abb875b 859 _cups_client_conf_t cc; /* client.conf values */
b423cd4c 860 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
861
862
e07d4801
MS		 863 DEBUG_puts("_cupsSetDefaults()");
864
865 /*
3abb875b
MS		 866 * Load initial client.conf values...
867 */
868
869 cups_init_client_conf(&cc);
870
871 /*
872 * Read the /etc/cups/client.conf and ~/.cups/client.conf files, if
873 * present.
874 */
875
876 snprintf(filename, sizeof(filename), "%s/client.conf", cg->cups_serverroot);
877 if ((fp = cupsFileOpen(filename, "r")) != NULL)
878 {
879 cups_read_client_conf(fp, &cc);
880 cupsFileClose(fp);
881 }
882
883# ifdef HAVE_GETEUID
884 if ((geteuid() == getuid() || !getuid()) && getegid() == getgid() && (home = getenv("HOME")) != NULL)
885# elif !defined(WIN32)
886 if (getuid() && (home = getenv("HOME")) != NULL)
887# else
888 if ((home = getenv("HOME")) != NULL)
889# endif /* HAVE_GETEUID */
890 {
891 /*
892 * Look for ~/.cups/client.conf...
893 */
894
895 snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home);
896 if ((fp = cupsFileOpen(filename, "r")) != NULL)
897 {
898 cups_read_client_conf(fp, &cc);
899 cupsFileClose(fp);
900 }
901 }
902
903 /*
904 * Finalize things so every client.conf value is set...
e07d4801
MS		 905 */
906
3abb875b
MS		 907 cups_finalize_client_conf(&cc);
908
909 if (cg->encryption == (http_encryption_t)-1)
910 cg->encryption = cc.encryption;
911
912 if (!cg->server[0] || !cg->ipp_port)
913 cupsSetServer(cc.server_name);
914
915 if (!cg->ipp_port)
4b9daaf4 916 cups_set_default_ipp_port(cg);
3abb875b
MS		 917
918 if (!cg->user[0])
919 strlcpy(cg->user, cc.user, sizeof(cg->user));
920
921#ifdef HAVE_GSSAPI
922 if (!cg->gss_service_name[0])
923 strlcpy(cg->gss_service_name, cc.gss_service_name, sizeof(cg->gss_service_name));
924#endif /* HAVE_GSSAPI */
925
926 if (cg->any_root < 0)
927 cg->any_root = cc.any_root;
928
929 if (cg->expired_certs < 0)
930 cg->expired_certs = cc.expired_certs;
931
932 if (cg->validate_certs < 0)
933 cg->validate_certs = cc.validate_certs;
934
935#ifdef HAVE_SSL
936 _httpTLSSetOptions(cc.ssl_options);
937#endif /* HAVE_SSL */
938}
939
940
941/*
942 * 'cups_boolean_value()' - Convert a string to a boolean value.
943 */
944
945static int /* O - Boolean value */
946cups_boolean_value(const char *value) /* I - String value */
947{
948 return (!_cups_strcasecmp(value, "yes") || !_cups_strcasecmp(value, "on") || !_cups_strcasecmp(value, "true"));
949}
950
951
952/*
953 * 'cups_finalize_client_conf()' - Finalize client.conf values.
954 */
955
956static void
957cups_finalize_client_conf(
958 _cups_client_conf_t *cc) /* I - client.conf values */
959{
960 const char *value; /* Environment variable */
961
962
963 if ((value = getenv("CUPS_ANYROOT")) != NULL)
964 cc->any_root = cups_boolean_value(value);
965
966 if ((value = getenv("CUPS_ENCRYPTION")) != NULL)
967 cups_set_encryption(cc, value);
968
969 if ((value = getenv("CUPS_EXPIREDCERTS")) != NULL)
970 cc->expired_certs = cups_boolean_value(value);
971
07ed0e9a 972#ifdef HAVE_GSSAPI
3abb875b
MS		 973 if ((value = getenv("CUPS_GSSSERVICENAME")) != NULL)
974 cups_set_gss_service_name(cc, value);
07ed0e9a 975#endif /* HAVE_GSSAPI */
3abb875b
MS		 976
977 if ((value = getenv("CUPS_SERVER")) != NULL)
978 cups_set_server_name(cc, value);
979
980 if ((value = getenv("CUPS_USER")) != NULL)
981 cups_set_user(cc, value);
982
983 if ((value = getenv("CUPS_VALIDATECERTS")) != NULL)
984 cc->validate_certs = cups_boolean_value(value);
e07d4801
MS		 985
986 /*
3abb875b 987 * Then apply defaults for those values that haven't been set...
e07d4801
MS		 988 */
989
3abb875b
MS		 990 if (cc->any_root < 0)
991 cc->any_root = 1;
992
993 if (cc->encryption == (http_encryption_t)-1)
994 cc->encryption = HTTP_ENCRYPTION_IF_REQUESTED;
995
996 if (cc->expired_certs < 0)
997 cc->expired_certs = 1;
998
999#ifdef HAVE_GSSAPI
1000 if (!cc->gss_service_name[0])
1001 cups_set_gss_service_name(cc, CUPS_DEFAULT_GSSSERVICENAME);
1002#endif /* HAVE_GSSAPI */
1003
1004 if (!cc->server_name[0])
e07d4801 1005 {
3abb875b 1006#ifdef CUPS_DEFAULT_DOMAINSOCKET
63aefcd5 1007 /*
3abb875b
MS		 1008 * If we are compiled with domain socket support, only use the
1009 * domain socket if it exists and has the right permissions...
63aefcd5
MS		 1010 */
1011
89b7fd55 1012 if (!access(CUPS_DEFAULT_DOMAINSOCKET, R_OK))
3abb875b
MS		 1013 cups_set_server_name(cc, CUPS_DEFAULT_DOMAINSOCKET);
1014 else
1015#endif /* CUPS_DEFAULT_DOMAINSOCKET */
1016 cups_set_server_name(cc, "localhost");
1017 }
63aefcd5 1018
3abb875b
MS		 1019 if (!cc->user[0])
1020 {
1021#ifdef WIN32
63aefcd5 1022 /*
3abb875b 1023 * Get the current user name from the OS...
63aefcd5
MS		 1024 */
1025
3abb875b 1026 DWORD size; /* Size of string */
63aefcd5 1027
3abb875b
MS		 1028 size = sizeof(cc->user);
1029 if (!GetUserName(cc->user, &size))
1030#else
63aefcd5 1031 /*
3abb875b 1032 * Try the USER environment variable as the default username...
63aefcd5
MS		 1033 */
1034
3abb875b
MS		 1035 const char *envuser = getenv("USER");
1036 /* Default username */
1037 struct passwd *pw = NULL; /* Account information */
1038
1039 if (envuser)
d09495fa 1040 {
10d09e33 1041 /*
3abb875b
MS		 1042 * Validate USER matches the current UID, otherwise don't allow it to
1043 * override things... This makes sure that printing after doing su
1044 * or sudo records the correct username.
10d09e33 1045 */
e07d4801 1046
3abb875b
MS		 1047 if ((pw = getpwnam(envuser)) != NULL && pw->pw_uid != getuid())
1048 pw = NULL;
1049 }
1050
1051 if (!pw)
1052 pw = getpwuid(getuid());
e07d4801 1053
3abb875b
MS		 1054 if (pw)
1055 strlcpy(cc->user, pw->pw_name, sizeof(cc->user));
1056 else
1057#endif /* WIN32 */
1058 {
e07d4801 1059 /*
3abb875b 1060 * Use the default "unknown" user name...
e07d4801
MS		 1061 */
1062
3abb875b 1063 strlcpy(cc->user, "unknown", sizeof(cc->user));
63aefcd5 1064 }
e07d4801 1065 }
3abb875b
MS		 1066
1067 if (cc->validate_certs < 0)
1068 cc->validate_certs = 0;
1069}
1070
1071
1072/*
1073 * 'cups_init_client_conf()' - Initialize client.conf values.
1074 */
1075
1076static void
1077cups_init_client_conf(
1078 _cups_client_conf_t *cc) /* I - client.conf values */
1079{
1080 /*
1081 * Clear all values to "not set"...
1082 */
1083
1084 memset(cc, 0, sizeof(_cups_client_conf_t));
1085
1086 cc->encryption = (http_encryption_t)-1;
1087 cc->any_root = -1;
1088 cc->expired_certs = -1;
1089 cc->validate_certs = -1;
e07d4801
MS		 1090}
1091
1092
1093/*
1094 * 'cups_read_client_conf()' - Read a client.conf file.
1095 */
1096
1097static void
1098cups_read_client_conf(
3abb875b
MS		 1099 cups_file_t *fp, /* I - File to read */
1100 _cups_client_conf_t *cc) /* I - client.conf values */
e07d4801
MS		 1101{
1102 int linenum; /* Current line number */
1103 char line[1024], /* Line from file */
3abb875b 1104 *value; /* Pointer into line */
e07d4801
MS		 1105
1106
1107 /*
1108 * Read from the file...
1109 */
1110
1111 linenum = 0;
1112 while (cupsFileGetConf(fp, line, sizeof(line), &value, &linenum))
1113 {
3abb875b
MS		 1114 if (!_cups_strcasecmp(line, "Encryption") && value)
1115 cups_set_encryption(cc, value);
85dda01c
MS		 1116#ifndef __APPLE__
1117 /*
3abb875b
MS		 1118 * The ServerName directive is not supported on OS X due to app
1119 * sandboxing restrictions, i.e. not all apps request network access.
85dda01c 1120 */
3abb875b
MS		 1121 else if (!_cups_strcasecmp(line, "ServerName") && value)
1122 cups_set_server_name(cc, value);
85dda01c 1123#endif /* !__APPLE__ */
3abb875b
MS		 1124 else if (!_cups_strcasecmp(line, "User") && value)
1125 cups_set_user(cc, value);
1126 else if (!_cups_strcasecmp(line, "AllowAnyRoot") && value)
1127 cc->any_root = cups_boolean_value(value);
1128 else if (!_cups_strcasecmp(line, "AllowExpiredCerts") &&
7cf5915e 1129 value)
3abb875b
MS		 1130 cc->expired_certs = cups_boolean_value(value);
1131 else if (!_cups_strcasecmp(line, "ValidateCerts") && value)
1132 cc->validate_certs = cups_boolean_value(value);
07ed0e9a 1133#ifdef HAVE_GSSAPI
3abb875b
MS		 1134 else if (!_cups_strcasecmp(line, "GSSServiceName") && value)
1135 cups_set_gss_service_name(cc, value);
07ed0e9a 1136#endif /* HAVE_GSSAPI */
22ebb7d0 1137#ifdef HAVE_SSL
3abb875b
MS		 1138 else if (!_cups_strcasecmp(line, "SSLOptions") && value)
1139 cups_set_ssl_options(cc, value);
1140#endif /* HAVE_SSL */
1141 }
1142}
63aefcd5 1143
63aefcd5 1144
4b9daaf4
MS		 1145/*
1146 * 'cups_set_default_ipp_port()' - Set the default IPP port value.
1147 */
1148
1149static void
1150cups_set_default_ipp_port(
1151 _cups_globals_t *cg) /* I - Global data */
1152{
1153 const char *ipp_port; /* IPP_PORT environment variable */
1154
1155
1156 if ((ipp_port = getenv("IPP_PORT")) != NULL)
1157 {
1158 if ((cg->ipp_port = atoi(ipp_port)) <= 0)
1159 cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
1160 }
1161 else
1162 cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
1163}
1164
3abb875b
MS		 1165/*
1166 * 'cups_set_encryption()' - Set the Encryption value.
1167 */
63aefcd5 1168
3abb875b
MS		 1169static void
1170cups_set_encryption(
1171 _cups_client_conf_t *cc, /* I - client.conf values */
1172 const char *value) /* I - Value */
1173{
1174 if (!_cups_strcasecmp(value, "never"))
1175 cc->encryption = HTTP_ENCRYPTION_NEVER;
1176 else if (!_cups_strcasecmp(value, "always"))
1177 cc->encryption = HTTP_ENCRYPTION_ALWAYS;
1178 else if (!_cups_strcasecmp(value, "required"))
1179 cc->encryption = HTTP_ENCRYPTION_REQUIRED;
1180 else
1181 cc->encryption = HTTP_ENCRYPTION_IF_REQUESTED;
1182}
e07d4801 1183
e07d4801 1184
3abb875b
MS		 1185/*
1186 * 'cups_set_gss_service_name()' - Set the GSSServiceName value.
1187 */
b423cd4c 1188
3abb875b
MS		 1189#ifdef HAVE_GSSAPI
1190static void
1191cups_set_gss_service_name(
1192 _cups_client_conf_t *cc, /* I - client.conf values */
1193 const char *value) /* I - Value */
1194{
1195 strlcpy(cc->gss_service_name, value, sizeof(cc->gss_service_name));
1196}
1197#endif /* HAVE_GSSAPI */
7cf5915e 1198
10d09e33 1199
3abb875b
MS		 1200/*
1201 * 'cups_set_server_name()' - Set the ServerName value.
1202 */
10d09e33 1203
3abb875b
MS		 1204static void
1205cups_set_server_name(
1206 _cups_client_conf_t *cc, /* I - client.conf values */
1207 const char *value) /* I - Value */
1208{
1209 strlcpy(cc->server_name, value, sizeof(cc->server_name));
1210}
10d09e33 1211
10d09e33 1212
3abb875b
MS		 1213/*
1214 * 'cups_set_ssl_options()' - Set the SSLOptions value.
1215 */
10d09e33 1216
3abb875b
MS		 1217#ifdef HAVE_SSL
1218static void
1219cups_set_ssl_options(
1220 _cups_client_conf_t *cc, /* I - client.conf values */
1221 const char *value) /* I - Value */
1222{
1223 /*
ee6226a5 1224 * SSLOptions [AllowRC4] [AllowSSL3] [AllowDH] [DenyTLS1.0] [None]
3abb875b 1225 */
10d09e33 1226
ee6226a5 1227 int options = _HTTP_TLS_NONE; /* SSL/TLS options */
3abb875b
MS		 1228 char temp[256], /* Copy of value */
1229 *start, /* Start of option */
1230 *end; /* End of option */
3e7fe0ca 1231
3e7fe0ca 1232
3abb875b 1233 strlcpy(temp, value, sizeof(temp));
3e7fe0ca 1234
3abb875b
MS		 1235 for (start = temp; *start; start = end)
1236 {
a8db9df8 1237 /*
3abb875b
MS		 1238 * Find end of keyword...
1239 */
3e7fe0ca 1240
3abb875b
MS		 1241 end = start;
1242 while (*end && !_cups_isspace(*end))
1243 end ++;
93e3d3f5 1244
3abb875b
MS		 1245 if (*end)
1246 *end++ = '\0';
93e3d3f5 1247
3abb875b
MS		 1248 /*
1249 * Compare...
1250 */
3e7fe0ca 1251
3abb875b
MS		 1252 if (!_cups_strcasecmp(start, "AllowRC4"))
1253 options |= _HTTP_TLS_ALLOW_RC4;
1254 else if (!_cups_strcasecmp(start, "AllowSSL3"))
1255 options |= _HTTP_TLS_ALLOW_SSL3;
ee6226a5
MS		 1256 else if (!_cups_strcasecmp(start, "AllowDH"))
1257 options |= _HTTP_TLS_ALLOW_DH;
1258 else if (!_cups_strcasecmp(start, "DenyTLS1.0"))
1259 options |= _HTTP_TLS_DENY_TLS10;
3abb875b 1260 else if (!_cups_strcasecmp(start, "None"))
ee6226a5 1261 options = _HTTP_TLS_NONE;
3e7fe0ca
MS		 1262 }
1263
3abb875b 1264 cc->ssl_options = options;
b37d45d9 1265
807315e6 1266 DEBUG_printf(("4cups_set_ssl_options(cc=%p, value=\"%s\") options=%x", (void *)cc, value, options));
3abb875b
MS		 1267}
1268#endif /* HAVE_SSL */
07ed0e9a 1269
7cf5915e 1270
3abb875b
MS		 1271/*
1272 * 'cups_set_user()' - Set the User value.
1273 */
f51f3773 1274
3abb875b
MS		 1275static void
1276cups_set_user(
1277 _cups_client_conf_t *cc, /* I - client.conf values */
1278 const char *value) /* I - Value */
1279{
1280 strlcpy(cc->user, value, sizeof(cc->user));
b423cd4c 1281}
Unnamed repository; edit this file 'description' to name the repository.