]> git.ipfire.org Git - thirdparty/cups.git/blame - cups/usersys.c
projects / thirdparty / cups.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
The "snmp" option did not work with the network backends (STR #4422)
[thirdparty/cups.git] / cups / usersys.c
CommitLineData
ef416fc2 1/*
f2d18633 2 * "$Id$"
ef416fc2 3 *
83bc2aac
MS		 4 * User, system, and password routines for CUPS.
5 *
7e86f2f6 6 * Copyright 2007-2014 by Apple Inc.
83bc2aac
MS		 7 * Copyright 1997-2006 by Easy Software Products.
8 *
9 * These coded instructions, statements, and computer programs are the
10 * property of Apple Inc. and are protected by Federal copyright
11 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 * which should have been included with this file. If this file is
13 * file is missing or damaged, see the license at "http://www.cups.org/".
14 *
15 * This file is subject to the Apple OS-Developed Software exception.
ef416fc2 16 */
17
18/*
19 * Include necessary headers...
20 */
21
71e16022 22#include "cups-private.h"
ef416fc2 23#include <stdlib.h>
e00b005a 24#include <sys/stat.h>
ef416fc2 25#ifdef WIN32
26# include <windows.h>
5a6b583a
MS		 27#else
28# include <pwd.h>
dcb445bc 29# include <termios.h>
db8b865d 30# include <sys/utsname.h>
ef416fc2 31#endif /* WIN32 */
32
33
dcb445bc
MS		 34/*
35 * Local constants...
36 */
37
38#define _CUPS_PASSCHAR '*' /* Character that is echoed for password */
39
40
b423cd4c 41/*
42 * Local functions...
43 */
44
e07d4801
MS		 45static void cups_read_client_conf(cups_file_t *fp,
46 _cups_globals_t *cg,
47 const char *cups_encryption,
7cf5915e 48 const char *cups_server,
3e7fe0ca 49 const char *cups_user,
07ed0e9a
MS		 50#ifdef HAVE_GSSAPI
51 const char *cups_gssservicename,
52#endif /* HAVE_GSSAPI */
7cf5915e 53 const char *cups_anyroot,
f51f3773
MS		 54 const char *cups_expiredcerts,
55 const char *cups_validatecerts);
b423cd4c 56
57
ef416fc2 58/*
5a6b583a 59 * 'cupsEncryption()' - Get the current encryption settings.
ef416fc2 60 *
61 * The default encryption setting comes from the CUPS_ENCRYPTION
568fa3fa 62 * environment variable, then the ~/.cups/client.conf file, and finally the
ef416fc2 63 * /etc/cups/client.conf file. If not set, the default is
cb7f98ee 64 * @code HTTP_ENCRYPTION_IF_REQUESTED@.
5a6b583a
MS		 65 *
66 * Note: The current encryption setting is tracked separately for each thread
67 * in a program. Multi-threaded programs that override the setting via the
68 * @link cupsSetEncryption@ function need to do so in each thread for the same
69 * setting to be used.
ef416fc2 70 */
71
72http_encryption_t /* O - Encryption settings */
73cupsEncryption(void)
74{
ef416fc2 75 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
76
77
ef416fc2 78 if (cg->encryption == (http_encryption_t)-1)
e07d4801 79 _cupsSetDefaults();
ef416fc2 80
81 return (cg->encryption);
82}
83
84
85/*
86 * 'cupsGetPassword()' - Get a password from the user.
87 *
5a738aea 88 * Uses the current password callback function. Returns @code NULL@ if the
ecdc0628 89 * user does not provide a password.
5a6b583a
MS		 90 *
91 * Note: The current password callback function is tracked separately for each
92 * thread in a program. Multi-threaded programs that override the setting via
93 * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to
94 * do so in each thread for the same function to be used.
ef416fc2 95 */
96
97const char * /* O - Password */
98cupsGetPassword(const char *prompt) /* I - Prompt string */
99{
f11a948a
MS		 100 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
101
102
103 return ((cg->password_cb)(prompt, NULL, NULL, NULL, cg->password_data));
104}
105
106
107/*
108 * 'cupsGetPassword2()' - Get a password from the user using the advanced
5a6b583a 109 * password callback.
f11a948a
MS		 110 *
111 * Uses the current password callback function. Returns @code NULL@ if the
112 * user does not provide a password.
113 *
5a6b583a
MS		 114 * Note: The current password callback function is tracked separately for each
115 * thread in a program. Multi-threaded programs that override the setting via
116 * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to
117 * do so in each thread for the same function to be used.
118 *
f3c17241 119 * @since CUPS 1.4/OS X 10.6@
f11a948a
MS		 120 */
121
122const char * /* O - Password */
123cupsGetPassword2(const char *prompt, /* I - Prompt string */
124 http_t *http, /* I - Connection to server or @code CUPS_HTTP_DEFAULT@ */
125 const char *method, /* I - Request method ("GET", "POST", "PUT") */
126 const char *resource) /* I - Resource path */
127{
128 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
129
130
131 if (!http)
132 http = _cupsConnect();
133
134 return ((cg->password_cb)(prompt, http, method, resource, cg->password_data));
ef416fc2 135}
136
137
ef416fc2 138/*
5a6b583a
MS		 139 * 'cupsServer()' - Return the hostname/address of the current server.
140 *
141 * The default server comes from the CUPS_SERVER environment variable, then the
142 * ~/.cups/client.conf file, and finally the /etc/cups/client.conf file. If not
143 * set, the default is the local system - either "localhost" or a domain socket
144 * path.
ef416fc2 145 *
5a6b583a
MS		 146 * The returned value can be a fully-qualified hostname, a numeric IPv4 or IPv6
147 * address, or a domain socket pathname.
148 *
149 * Note: The current server is tracked separately for each thread in a program.
150 * Multi-threaded programs that override the server via the
151 * @link cupsSetServer@ function need to do so in each thread for the same
152 * server to be used.
ef416fc2 153 */
154
155const char * /* O - Server name */
156cupsServer(void)
157{
ef416fc2 158 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
159
160
ef416fc2 161 if (!cg->server[0])
e07d4801 162 _cupsSetDefaults();
ef416fc2 163
e07d4801
MS		 164 return (cg->server);
165}
ef416fc2 166
d09495fa 167
7cf5915e
MS		 168/*
169 * 'cupsSetClientCertCB()' - Set the client certificate callback.
170 *
171 * Pass @code NULL@ to restore the default callback.
172 *
173 * Note: The current certificate callback is tracked separately for each thread
174 * in a program. Multi-threaded programs that override the callback need to do
175 * so in each thread for the same callback to be used.
176 *
f3c17241 177 * @since CUPS 1.5/OS X 10.7@
7cf5915e
MS		 178 */
179
180void
181cupsSetClientCertCB(
182 cups_client_cert_cb_t cb, /* I - Callback function */
183 void *user_data) /* I - User data pointer */
184{
185 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
186
187
188 cg->client_cert_cb = cb;
189 cg->client_cert_data = user_data;
190}
191
192
193/*
194 * 'cupsSetCredentials()' - Set the default credentials to be used for SSL/TLS
195 * connections.
196 *
197 * Note: The default credentials are tracked separately for each thread in a
198 * program. Multi-threaded programs that override the setting need to do so in
199 * each thread for the same setting to be used.
200 *
f3c17241 201 * @since CUPS 1.5/OS X 10.7@
7cf5915e
MS		 202 */
203
204int /* O - Status of call (0 = success) */
205cupsSetCredentials(
206 cups_array_t *credentials) /* I - Array of credentials */
207{
208 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
209
210
211 if (cupsArrayCount(credentials) < 1)
212 return (-1);
213
214 _httpFreeCredentials(cg->tls_credentials);
85dda01c 215 cg->tls_credentials = _httpCreateCredentials(credentials);
7cf5915e
MS		 216
217 return (cg->tls_credentials ? 0 : -1);
218}
219
220
e07d4801
MS		 221/*
222 * 'cupsSetEncryption()' - Set the encryption preference.
5a6b583a
MS		 223 *
224 * The default encryption setting comes from the CUPS_ENCRYPTION
225 * environment variable, then the ~/.cups/client.conf file, and finally the
226 * /etc/cups/client.conf file. If not set, the default is
cb7f98ee 227 * @code HTTP_ENCRYPTION_IF_REQUESTED@.
5a6b583a
MS		 228 *
229 * Note: The current encryption setting is tracked separately for each thread
230 * in a program. Multi-threaded programs that override the setting need to do
231 * so in each thread for the same setting to be used.
e07d4801 232 */
ef416fc2 233
e07d4801
MS		 234void
235cupsSetEncryption(http_encryption_t e) /* I - New encryption preference */
236{
237 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
ef416fc2 238
ef416fc2 239
e07d4801 240 cg->encryption = e;
ef416fc2 241
e07d4801
MS		 242 if (cg->http)
243 httpEncryption(cg->http, e);
ef416fc2 244}
245
246
247/*
248 * 'cupsSetPasswordCB()' - Set the password callback for CUPS.
249 *
5a6b583a
MS		 250 * Pass @code NULL@ to restore the default (console) password callback, which
251 * reads the password from the console. Programs should call either this
252 * function or @link cupsSetPasswordCB2@, as only one callback can be registered
253 * by a program per thread.
254 *
255 * Note: The current password callback is tracked separately for each thread
256 * in a program. Multi-threaded programs that override the callback need to do
257 * so in each thread for the same callback to be used.
ef416fc2 258 */
259
260void
261cupsSetPasswordCB(cups_password_cb_t cb)/* I - Callback function */
262{
263 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
264
265
f11a948a
MS		 266 if (cb == (cups_password_cb_t)0)
267 cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
268 else
269 cg->password_cb = (cups_password_cb2_t)cb;
270
271 cg->password_data = NULL;
272}
273
274
275/*
276 * 'cupsSetPasswordCB2()' - Set the advanced password callback for CUPS.
277 *
5a6b583a
MS		 278 * Pass @code NULL@ to restore the default (console) password callback, which
279 * reads the password from the console. Programs should call either this
280 * function or @link cupsSetPasswordCB2@, as only one callback can be registered
281 * by a program per thread.
282 *
283 * Note: The current password callback is tracked separately for each thread
284 * in a program. Multi-threaded programs that override the callback need to do
285 * so in each thread for the same callback to be used.
f11a948a 286 *
f3c17241 287 * @since CUPS 1.4/OS X 10.6@
f11a948a
MS		 288 */
289
290void
291cupsSetPasswordCB2(
292 cups_password_cb2_t cb, /* I - Callback function */
293 void *user_data) /* I - User data pointer */
294{
295 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
296
297
298 if (cb == (cups_password_cb2_t)0)
299 cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
ef416fc2 300 else
301 cg->password_cb = cb;
f11a948a
MS		 302
303 cg->password_data = user_data;
ef416fc2 304}
305
306
307/*
5a6b583a 308 * 'cupsSetServer()' - Set the default server name and port.
ef416fc2 309 *
310 * The "server" string can be a fully-qualified hostname, a numeric
5a6b583a
MS		 311 * IPv4 or IPv6 address, or a domain socket pathname. Hostnames and numeric IP
312 * addresses can be optionally followed by a colon and port number to override
313 * the default port 631, e.g. "hostname:8631". Pass @code NULL@ to restore the
314 * default server name and port.
315 *
316 * Note: The current server is tracked separately for each thread in a program.
317 * Multi-threaded programs that override the server need to do so in each
318 * thread for the same server to be used.
ef416fc2 319 */
320
321void
322cupsSetServer(const char *server) /* I - Server name */
323{
0cb67df3
MS		 324 char *options, /* Options */
325 *port; /* Pointer to port */
ef416fc2 326 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
327
328
329 if (server)
330 {
331 strlcpy(cg->server, server, sizeof(cg->server));
332
0cb67df3
MS		 333 if (cg->server[0] != '/' && (options = strrchr(cg->server, '/')) != NULL)
334 {
335 *options++ = '\0';
336
337 if (!strcmp(options, "version=1.0"))
338 cg->server_version = 10;
339 else if (!strcmp(options, "version=1.1"))
340 cg->server_version = 11;
341 else if (!strcmp(options, "version=2.0"))
342 cg->server_version = 20;
343 else if (!strcmp(options, "version=2.1"))
344 cg->server_version = 21;
345 else if (!strcmp(options, "version=2.2"))
346 cg->server_version = 22;
347 }
567f49cb
MS		 348 else
349 cg->server_version = 20;
0cb67df3 350
ef416fc2 351 if (cg->server[0] != '/' && (port = strrchr(cg->server, ':')) != NULL &&
352 !strchr(port, ']') && isdigit(port[1] & 255))
353 {
354 *port++ = '\0';
355
e07d4801 356 cg->ipp_port = atoi(port);
ef416fc2 357 }
358
359 if (cg->server[0] == '/')
5a9febac 360 strlcpy(cg->servername, "localhost", sizeof(cg->servername));
ef416fc2 361 else
362 strlcpy(cg->servername, cg->server, sizeof(cg->servername));
363 }
364 else
365 {
0cb67df3
MS		 366 cg->server[0] = '\0';
367 cg->servername[0] = '\0';
368 cg->server_version = 20;
ef416fc2 369 }
5a738aea
MS		 370
371 if (cg->http)
372 {
373 httpClose(cg->http);
374 cg->http = NULL;
375 }
ef416fc2 376}
377
378
7cf5915e
MS		 379/*
380 * 'cupsSetServerCertCB()' - Set the server certificate callback.
381 *
382 * Pass @code NULL@ to restore the default callback.
383 *
384 * Note: The current credentials callback is tracked separately for each thread
385 * in a program. Multi-threaded programs that override the callback need to do
386 * so in each thread for the same callback to be used.
387 *
f3c17241 388 * @since CUPS 1.5/OS X 10.7@
7cf5915e
MS		 389 */
390
391void
392cupsSetServerCertCB(
393 cups_server_cert_cb_t cb, /* I - Callback function */
394 void *user_data) /* I - User data pointer */
395{
396 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
397
398
399 cg->server_cert_cb = cb;
400 cg->server_cert_data = user_data;
401}
402
403
ef416fc2 404/*
405 * 'cupsSetUser()' - Set the default user name.
406 *
5a738aea 407 * Pass @code NULL@ to restore the default user name.
5a6b583a
MS		 408 *
409 * Note: The current user name is tracked separately for each thread in a
410 * program. Multi-threaded programs that override the user name need to do so
411 * in each thread for the same user name to be used.
ef416fc2 412 */
413
414void
415cupsSetUser(const char *user) /* I - User name */
416{
417 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
418
419
420 if (user)
421 strlcpy(cg->user, user, sizeof(cg->user));
422 else
423 cg->user[0] = '\0';
424}
425
426
db8b865d
MS		 427/*
428 * 'cupsSetUserAgent()' - Set the default HTTP User-Agent string.
429 *
430 * Setting the string to NULL forces the default value containing the CUPS
431 * version, IPP version, and operating system version and architecture.
432 *
9c0e8e5d 433 * @since CUPS 1.7/OS X 10.9@
db8b865d
MS		 434 */
435
436void
437cupsSetUserAgent(const char *user_agent)/* I - User-Agent string or @code NULL@ */
438{
439 _cups_globals_t *cg = _cupsGlobals();
440 /* Thread globals */
441#ifdef WIN32
442 SYSTEM_INFO sysinfo; /* System information */
443 OSVERSIONINFO version; /* OS version info */
444#else
445 struct utsname name; /* uname info */
446#endif /* WIN32 */
447
448
449 if (user_agent)
450 {
451 strlcpy(cg->user_agent, user_agent, sizeof(cg->user_agent));
452 return;
453 }
454
455#ifdef WIN32
456 version.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
457 GetVersionEx(&version);
458 GetNativeSystemInfo(&sysinfo);
459
460 snprintf(cg->user_agent, sizeof(cg->user_agent),
461 CUPS_MINIMAL " (Windows %d.%d; %s) IPP/2.0",
462 version.dwMajorVersion, version.dwMinorVersion,
463 sysinfo.wProcessorArchitecture
464 == PROCESSOR_ARCHITECTURE_AMD64 ? "amd64" :
465 sysinfo.wProcessorArchitecture
466 == PROCESSOR_ARCHITECTURE_ARM ? "arm" :
467 sysinfo.wProcessorArchitecture
468 == PROCESSOR_ARCHITECTURE_IA64 ? "ia64" :
469 sysinfo.wProcessorArchitecture
470 == PROCESSOR_ARCHITECTURE_INTEL ? "intel" :
471 "unknown");
472
473#else
474 uname(&name);
475
476 snprintf(cg->user_agent, sizeof(cg->user_agent),
477 CUPS_MINIMAL " (%s %s; %s) IPP/2.0",
478 name.sysname, name.release, name.machine);
479#endif /* WIN32 */
480}
481
482
ef416fc2 483/*
484 * 'cupsUser()' - Return the current user's name.
5a6b583a
MS		 485 *
486 * Note: The current user name is tracked separately for each thread in a
487 * program. Multi-threaded programs that override the user name with the
488 * @link cupsSetUser@ function need to do so in each thread for the same user
489 * name to be used.
ef416fc2 490 */
491
492const char * /* O - User name */
493cupsUser(void)
494{
495 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
496
497
498 if (!cg->user[0])
3e7fe0ca 499 _cupsSetDefaults();
ef416fc2 500
501 return (cg->user);
502}
503
504
db8b865d
MS		 505/*
506 * 'cupsUserAgent()' - Return the default HTTP User-Agent string.
507 *
9c0e8e5d 508 * @since CUPS 1.7/OS X 10.9@
db8b865d
MS		 509 */
510
511const char * /* O - User-Agent string */
512cupsUserAgent(void)
513{
514 _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */
515
516
517 if (!cg->user_agent[0])
518 cupsSetUserAgent(NULL);
519
520 return (cg->user_agent);
521}
522
523
ef416fc2 524/*
525 * '_cupsGetPassword()' - Get a password from the user.
526 */
527
dcb445bc 528const char * /* O - Password or @code NULL@ if none */
ef416fc2 529_cupsGetPassword(const char *prompt) /* I - Prompt string */
530{
5a6b583a 531#ifdef WIN32
dcb445bc
MS		 532 HANDLE tty; /* Console handle */
533 DWORD mode; /* Console mode */
534 char passch, /* Current key press */
535 *passptr, /* Pointer into password string */
536 *passend; /* End of password string */
12f89d24 537 DWORD passbytes; /* Bytes read */
dcb445bc
MS		 538 _cups_globals_t *cg = _cupsGlobals();
539 /* Thread globals */
540
541
5a6b583a 542 /*
dcb445bc 543 * Disable input echo and set raw input...
5a6b583a
MS		 544 */
545
dcb445bc
MS		 546 if ((tty = GetStdHandle(STD_INPUT_HANDLE)) == INVALID_HANDLE_VALUE)
547 return (NULL);
548
549 if (!GetConsoleMode(tty, &mode))
550 return (NULL);
551
552 if (!SetConsoleMode(tty, 0))
553 return (NULL);
554
555 /*
556 * Display the prompt...
557 */
558
559 printf("%s ", prompt);
560 fflush(stdout);
561
562 /*
563 * Read the password string from /dev/tty until we get interrupted or get a
564 * carriage return or newline...
565 */
566
567 passptr = cg->password;
568 passend = cg->password + sizeof(cg->password) - 1;
569
12f89d24 570 while (ReadFile(tty, &passch, 1, &passbytes, NULL))
dcb445bc
MS		 571 {
572 if (passch == 0x0A || passch == 0x0D)
573 {
574 /*
575 * Enter/return...
576 */
577
578 break;
579 }
580 else if (passch == 0x08 || passch == 0x7F)
581 {
582 /*
583 * Backspace/delete (erase character)...
584 */
585
586 if (passptr > cg->password)
587 {
588 passptr --;
589 fputs("\010 \010", stdout);
590 }
591 else
592 putchar(0x07);
593 }
594 else if (passch == 0x15)
595 {
596 /*
597 * CTRL+U (erase line)
598 */
599
600 if (passptr > cg->password)
601 {
602 while (passptr > cg->password)
603 {
604 passptr --;
605 fputs("\010 \010", stdout);
606 }
607 }
608 else
609 putchar(0x07);
610 }
611 else if (passch == 0x03)
612 {
613 /*
614 * CTRL+C...
615 */
616
617 passptr = cg->password;
618 break;
619 }
620 else if ((passch & 255) < 0x20 || passptr >= passend)
621 putchar(0x07);
622 else
623 {
624 *passptr++ = passch;
625 putchar(_CUPS_PASSCHAR);
626 }
627
628 fflush(stdout);
629 }
630
631 putchar('\n');
632 fflush(stdout);
633
634 /*
635 * Cleanup...
636 */
637
638 SetConsoleMode(tty, mode);
639
640 /*
641 * Return the proper value...
642 */
643
644 if (passbytes == 1 && passptr > cg->password)
645 {
646 *passptr = '\0';
647 return (cg->password);
648 }
649 else
650 {
651 memset(cg->password, 0, sizeof(cg->password));
652 return (NULL);
653 }
5a6b583a
MS		 654
655#else
dcb445bc
MS		 656 int tty; /* /dev/tty - never read from stdin */
657 struct termios original, /* Original input mode */
658 noecho; /* No echo input mode */
659 char passch, /* Current key press */
660 *passptr, /* Pointer into password string */
661 *passend; /* End of password string */
662 ssize_t passbytes; /* Bytes read */
663 _cups_globals_t *cg = _cupsGlobals();
664 /* Thread globals */
665
666
5a6b583a 667 /*
dcb445bc 668 * Disable input echo and set raw input...
5a6b583a
MS		 669 */
670
dcb445bc
MS		 671 if ((tty = open("/dev/tty", O_RDONLY)) < 0)
672 return (NULL);
673
674 if (tcgetattr(tty, &original))
675 {
676 close(tty);
677 return (NULL);
678 }
679
680 noecho = original;
7e86f2f6 681 noecho.c_lflag &= (tcflag_t)~(ICANON | ECHO | ECHOE | ISIG);
7cf5915e 682
dcb445bc
MS		 683 if (tcsetattr(tty, TCSAFLUSH, &noecho))
684 {
685 close(tty);
7cf5915e 686 return (NULL);
dcb445bc
MS		 687 }
688
689 /*
690 * Display the prompt...
691 */
692
693 printf("%s ", prompt);
694 fflush(stdout);
695
696 /*
697 * Read the password string from /dev/tty until we get interrupted or get a
698 * carriage return or newline...
699 */
700
701 passptr = cg->password;
702 passend = cg->password + sizeof(cg->password) - 1;
703
704 while ((passbytes = read(tty, &passch, 1)) == 1)
705 {
8dd318e5
MS		 706 if (passch == noecho.c_cc[VEOL] ||
707# ifdef VEOL2
708 passch == noecho.c_cc[VEOL2] ||
709# endif /* VEOL2 */
dcb445bc
MS		 710 passch == 0x0A || passch == 0x0D)
711 {
712 /*
713 * Enter/return...
714 */
715
716 break;
717 }
718 else if (passch == noecho.c_cc[VERASE] ||
719 passch == 0x08 || passch == 0x7F)
720 {
721 /*
722 * Backspace/delete (erase character)...
723 */
724
725 if (passptr > cg->password)
726 {
727 passptr --;
728 fputs("\010 \010", stdout);
729 }
730 else
731 putchar(0x07);
732 }
733 else if (passch == noecho.c_cc[VKILL])
734 {
735 /*
736 * CTRL+U (erase line)
737 */
738
739 if (passptr > cg->password)
740 {
741 while (passptr > cg->password)
742 {
743 passptr --;
744 fputs("\010 \010", stdout);
745 }
746 }
747 else
748 putchar(0x07);
749 }
750 else if (passch == noecho.c_cc[VINTR] || passch == noecho.c_cc[VQUIT] ||
751 passch == noecho.c_cc[VEOF])
752 {
753 /*
754 * CTRL+C, CTRL+D, or CTRL+Z...
755 */
756
757 passptr = cg->password;
758 break;
759 }
760 else if ((passch & 255) < 0x20 || passptr >= passend)
761 putchar(0x07);
762 else
763 {
764 *passptr++ = passch;
765 putchar(_CUPS_PASSCHAR);
766 }
767
768 fflush(stdout);
769 }
770
771 putchar('\n');
772 fflush(stdout);
773
774 /*
775 * Cleanup...
776 */
777
778 tcsetattr(tty, TCSAFLUSH, &original);
779 close(tty);
780
781 /*
782 * Return the proper value...
783 */
784
785 if (passbytes == 1 && passptr > cg->password)
786 {
787 *passptr = '\0';
788 return (cg->password);
789 }
7cf5915e 790 else
dcb445bc
MS		 791 {
792 memset(cg->password, 0, sizeof(cg->password));
793 return (NULL);
794 }
ef416fc2 795#endif /* WIN32 */
5a6b583a 796}
ef416fc2 797
798
eac3a0a0
MS		 799#ifdef HAVE_GSSAPI
800/*
801 * '_cupsGSSServiceName()' - Get the GSS (Kerberos) service name.
802 */
803
804const char *
805_cupsGSSServiceName(void)
806{
807 _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */
808
809
810 if (!cg->gss_service_name[0])
811 _cupsSetDefaults();
812
813 return (cg->gss_service_name);
814}
815#endif /* HAVE_GSSAPI */
816
817
ef416fc2 818/*
e07d4801 819 * '_cupsSetDefaults()' - Set the default server, port, and encryption.
b423cd4c 820 */
821
e07d4801
MS		 822void
823_cupsSetDefaults(void)
b423cd4c 824{
825 cups_file_t *fp; /* File */
e07d4801
MS		 826 const char *home, /* Home directory of user */
827 *cups_encryption, /* CUPS_ENCRYPTION env var */
7cf5915e 828 *cups_server, /* CUPS_SERVER env var */
3e7fe0ca 829 *cups_user, /* CUPS_USER/USER env var */
07ed0e9a
MS		 830#ifdef HAVE_GSSAPI
831 *cups_gssservicename, /* CUPS_GSSSERVICENAME env var */
832#endif /* HAVE_GSSAPI */
7cf5915e 833 *cups_anyroot, /* CUPS_ANYROOT env var */
f51f3773
MS		 834 *cups_expiredcerts, /* CUPS_EXPIREDCERTS env var */
835 *cups_validatecerts; /* CUPS_VALIDATECERTS env var */
b423cd4c 836 char filename[1024]; /* Filename */
837 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
838
839
e07d4801
MS		 840 DEBUG_puts("_cupsSetDefaults()");
841
842 /*
843 * First collect environment variables...
844 */
845
07ed0e9a
MS		 846 cups_encryption = getenv("CUPS_ENCRYPTION");
847 cups_server = getenv("CUPS_SERVER");
848#ifdef HAVE_GSSAPI
849 cups_gssservicename = getenv("CUPS_GSSSERVICENAME");
850#endif /* HAVE_GSSAPI */
851 cups_anyroot = getenv("CUPS_ANYROOT");
07ed0e9a 852 cups_expiredcerts = getenv("CUPS_EXPIREDCERTS");
f51f3773 853 cups_validatecerts = getenv("CUPS_VALIDATECERTS");
e07d4801 854
3e7fe0ca 855 if ((cups_user = getenv("CUPS_USER")) == NULL)
4541d836
MS		 856 {
857 /*
858 * Try the USER environment variable...
859 */
860
861 if ((cups_user = getenv("USER")) != NULL)
862 {
863 /*
864 * Validate USER matches the current UID, otherwise don't allow it to
865 * override things... This makes sure that printing after doing su or
866 * sudo records the correct username.
867 */
868
869 struct passwd *pw; /* Account information */
870
871 if ((pw = getpwnam(cups_user)) == NULL || pw->pw_uid != getuid())
872 cups_user = NULL;
873 }
874 }
3e7fe0ca 875
e07d4801 876 /*
10d09e33
MS		 877 * Then, if needed, read the ~/.cups/client.conf or /etc/cups/client.conf
878 * files to get the default values...
e07d4801
MS		 879 */
880
e07d4801 881 if (cg->encryption == (http_encryption_t)-1 || !cg->server[0] ||
3e7fe0ca 882 !cg->user[0] || !cg->ipp_port)
e07d4801 883 {
83bc2aac
MS		 884# ifdef HAVE_GETEUID
885 if ((geteuid() == getuid() || !getuid()) && getegid() == getgid() && (home = getenv("HOME")) != NULL)
886# elif !defined(WIN32)
887 if (getuid() && (home = getenv("HOME")) != NULL)
888# else
10d09e33 889 if ((home = getenv("HOME")) != NULL)
83bc2aac 890# endif /* HAVE_GETEUID */
d09495fa 891 {
10d09e33
MS		 892 /*
893 * Look for ~/.cups/client.conf...
894 */
e07d4801 895
10d09e33
MS		 896 snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home);
897 fp = cupsFileOpen(filename, "r");
898 }
899 else
900 fp = NULL;
e07d4801 901
10d09e33 902 if (!fp)
e07d4801 903 {
e07d4801 904 /*
10d09e33 905 * Look for CUPS_SERVERROOT/client.conf...
e07d4801
MS		 906 */
907
10d09e33
MS		 908 snprintf(filename, sizeof(filename), "%s/client.conf",
909 cg->cups_serverroot);
910 fp = cupsFileOpen(filename, "r");
e07d4801
MS		 911 }
912
10d09e33
MS		 913 /*
914 * Read the configuration file and apply any environment variables; both
915 * functions handle NULL cups_file_t pointers...
916 */
e07d4801 917
3e7fe0ca 918 cups_read_client_conf(fp, cg, cups_encryption, cups_server, cups_user,
07ed0e9a
MS		 919#ifdef HAVE_GSSAPI
920 cups_gssservicename,
921#endif /* HAVE_GSSAPI */
f51f3773 922 cups_anyroot, cups_expiredcerts, cups_validatecerts);
10d09e33 923 cupsFileClose(fp);
e07d4801
MS		 924 }
925}
926
927
928/*
929 * 'cups_read_client_conf()' - Read a client.conf file.
930 */
931
932static void
933cups_read_client_conf(
934 cups_file_t *fp, /* I - File to read */
935 _cups_globals_t *cg, /* I - Global data */
936 const char *cups_encryption, /* I - CUPS_ENCRYPTION env var */
7cf5915e 937 const char *cups_server, /* I - CUPS_SERVER env var */
3e7fe0ca 938 const char *cups_user, /* I - CUPS_USER env var */
07ed0e9a
MS		 939#ifdef HAVE_GSSAPI
940 const char *cups_gssservicename,
941 /* I - CUPS_GSSSERVICENAME env var */
942#endif /* HAVE_GSSAPI */
7cf5915e 943 const char *cups_anyroot, /* I - CUPS_ANYROOT env var */
f51f3773
MS		 944 const char *cups_expiredcerts, /* I - CUPS_EXPIREDCERTS env var */
945 const char *cups_validatecerts)/* I - CUPS_VALIDATECERTS env var */
e07d4801
MS		 946{
947 int linenum; /* Current line number */
948 char line[1024], /* Line from file */
949 *value, /* Pointer into line */
950 encryption[1024], /* Encryption value */
85dda01c 951#ifndef __APPLE__
7cf5915e 952 server_name[1024], /* ServerName value */
85dda01c 953#endif /* !__APPLE__ */
3e7fe0ca 954 user[256], /* User value */
7cf5915e 955 any_root[1024], /* AllowAnyRoot value */
f51f3773
MS		 956 expired_certs[1024], /* AllowExpiredCerts value */
957 validate_certs[1024]; /* ValidateCerts value */
07ed0e9a
MS		 958#ifdef HAVE_GSSAPI
959 char gss_service_name[32]; /* GSSServiceName value */
960#endif /* HAVE_GSSAPI */
e07d4801
MS		 961
962
963 /*
964 * Read from the file...
965 */
966
967 linenum = 0;
968 while (cupsFileGetConf(fp, line, sizeof(line), &value, &linenum))
969 {
970 if (!cups_encryption && cg->encryption == (http_encryption_t)-1 &&
88f9aafc 971 !_cups_strcasecmp(line, "Encryption") && value)
e07d4801
MS		 972 {
973 strlcpy(encryption, value, sizeof(encryption));
974 cups_encryption = encryption;
975 }
85dda01c
MS		 976#ifndef __APPLE__
977 /*
f3c17241 978 * The Server directive is not supported on OS X due to app sandboxing
85dda01c
MS		 979 * restrictions, i.e. not all apps request network access.
980 */
e07d4801 981 else if (!cups_server && (!cg->server[0] || !cg->ipp_port) &&
88f9aafc 982 !_cups_strcasecmp(line, "ServerName") && value)
e07d4801
MS		 983 {
984 strlcpy(server_name, value, sizeof(server_name));
985 cups_server = server_name;
986 }
85dda01c 987#endif /* !__APPLE__ */
3e7fe0ca
MS		 988 else if (!cups_user && !_cups_strcasecmp(line, "User") && value)
989 {
990 strlcpy(user, value, sizeof(user));
991 cups_user = user;
992 }
88f9aafc 993 else if (!cups_anyroot && !_cups_strcasecmp(line, "AllowAnyRoot") && value)
7cf5915e
MS		 994 {
995 strlcpy(any_root, value, sizeof(any_root));
996 cups_anyroot = any_root;
997 }
88f9aafc 998 else if (!cups_expiredcerts && !_cups_strcasecmp(line, "AllowExpiredCerts") &&
7cf5915e
MS		 999 value)
1000 {
1001 strlcpy(expired_certs, value, sizeof(expired_certs));
1002 cups_expiredcerts = expired_certs;
1003 }
f51f3773
MS		 1004 else if (!cups_validatecerts && !_cups_strcasecmp(line, "ValidateCerts") && value)
1005 {
1006 strlcpy(validate_certs, value, sizeof(validate_certs));
1007 cups_validatecerts = validate_certs;
1008 }
07ed0e9a 1009#ifdef HAVE_GSSAPI
88f9aafc 1010 else if (!cups_gssservicename && !_cups_strcasecmp(line, "GSSServiceName") &&
07ed0e9a
MS		 1011 value)
1012 {
1013 strlcpy(gss_service_name, value, sizeof(gss_service_name));
1014 cups_gssservicename = gss_service_name;
1015 }
1016#endif /* HAVE_GSSAPI */
e07d4801
MS		 1017 }
1018
1019 /*
1020 * Set values...
1021 */
1022
1023 if (cg->encryption == (http_encryption_t)-1 && cups_encryption)
1024 {
88f9aafc 1025 if (!_cups_strcasecmp(cups_encryption, "never"))
cb7f98ee 1026 cg->encryption = HTTP_ENCRYPTION_NEVER;
88f9aafc 1027 else if (!_cups_strcasecmp(cups_encryption, "always"))
cb7f98ee 1028 cg->encryption = HTTP_ENCRYPTION_ALWAYS;
88f9aafc 1029 else if (!_cups_strcasecmp(cups_encryption, "required"))
cb7f98ee 1030 cg->encryption = HTTP_ENCRYPTION_REQUIRED;
e07d4801 1031 else
cb7f98ee 1032 cg->encryption = HTTP_ENCRYPTION_IF_REQUESTED;
b423cd4c 1033 }
1034
e07d4801 1035 if ((!cg->server[0] || !cg->ipp_port) && cups_server)
6961465f 1036 cupsSetServer(cups_server);
7cf5915e 1037
10d09e33
MS		 1038 if (!cg->server[0])
1039 {
1040#ifdef CUPS_DEFAULT_DOMAINSOCKET
1041 /*
1042 * If we are compiled with domain socket support, only use the
1043 * domain socket if it exists and has the right permissions...
1044 */
1045
1046 struct stat sockinfo; /* Domain socket information */
1047
1048 if (!stat(CUPS_DEFAULT_DOMAINSOCKET, &sockinfo) &&
1049 (sockinfo.st_mode & S_IRWXO) == S_IRWXO)
1050 cups_server = CUPS_DEFAULT_DOMAINSOCKET;
1051 else
1052#endif /* CUPS_DEFAULT_DOMAINSOCKET */
1053 cups_server = "localhost";
1054
1055 cupsSetServer(cups_server);
1056 }
1057
1058 if (!cg->ipp_port)
1059 {
88f9aafc 1060 const char *ipp_port; /* IPP_PORT environment variable */
10d09e33
MS		 1061
1062 if ((ipp_port = getenv("IPP_PORT")) != NULL)
1063 {
1064 if ((cg->ipp_port = atoi(ipp_port)) <= 0)
1065 cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
1066 }
10d09e33 1067 else
88f9aafc 1068 cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
10d09e33
MS		 1069 }
1070
3e7fe0ca
MS		 1071 if (!cg->user[0])
1072 {
1073 if (cups_user)
1074 strlcpy(cg->user, cups_user, sizeof(cg->user));
1075 else
1076 {
1077#ifdef WIN32
1078 /*
1079 * Get the current user name from the OS...
1080 */
1081
1082 DWORD size; /* Size of string */
1083
1084 size = sizeof(cg->user);
1085 if (!GetUserName(cg->user, &size))
1086#else
1087 /*
1088 * Get the user name corresponding to the current UID...
1089 */
1090
1091 struct passwd *pwd; /* User/password entry */
1092
1093 setpwent();
1094 if ((pwd = getpwuid(getuid())) != NULL)
1095 {
1096 /*
1097 * Found a match!
1098 */
1099
1100 strlcpy(cg->user, pwd->pw_name, sizeof(cg->user));
1101 }
1102 else
1103#endif /* WIN32 */
1104 {
1105 /*
1106 * Use the default "unknown" user name...
1107 */
1108
5a9febac 1109 strlcpy(cg->user, "unknown", sizeof(cg->user));
3e7fe0ca
MS		 1110 }
1111 }
1112 }
1113
07ed0e9a
MS		 1114#ifdef HAVE_GSSAPI
1115 if (!cups_gssservicename)
1116 cups_gssservicename = CUPS_DEFAULT_GSSSERVICENAME;
1117
1118 strlcpy(cg->gss_service_name, cups_gssservicename,
1119 sizeof(cg->gss_service_name));
1120#endif /* HAVE_GSSAPI */
1121
7cf5915e 1122 if (cups_anyroot)
88f9aafc
MS		 1123 cg->any_root = !_cups_strcasecmp(cups_anyroot, "yes") ||
1124 !_cups_strcasecmp(cups_anyroot, "on") ||
1125 !_cups_strcasecmp(cups_anyroot, "true");
7cf5915e 1126
7cf5915e 1127 if (cups_expiredcerts)
88f9aafc
MS		 1128 cg->expired_certs = !_cups_strcasecmp(cups_expiredcerts, "yes") ||
1129 !_cups_strcasecmp(cups_expiredcerts, "on") ||
1130 !_cups_strcasecmp(cups_expiredcerts, "true");
f51f3773
MS		 1131
1132 if (cups_validatecerts)
1133 cg->validate_certs = !_cups_strcasecmp(cups_validatecerts, "yes") ||
1134 !_cups_strcasecmp(cups_validatecerts, "on") ||
1135 !_cups_strcasecmp(cups_validatecerts, "true");
b423cd4c 1136}
1137
1138
1139/*
f2d18633 1140 * End of "$Id$".
ef416fc2 1141 */
Unnamed repository; edit this file 'description' to name the repository.