]>
Commit | Line | Data |
---|---|---|
ef416fc2 | 1 | /* |
e07d4801 | 2 | * "$Id: usersys.c 8498 2009-04-13 17:03:15Z mike $" |
ef416fc2 | 3 | * |
5a6b583a | 4 | * User, system, and password routines for CUPS. |
ef416fc2 | 5 | * |
07ed0e9a | 6 | * Copyright 2007-2011 by Apple Inc. |
ef416fc2 | 7 | * Copyright 1997-2006 by Easy Software Products. |
8 | * | |
9 | * These coded instructions, statements, and computer programs are the | |
bc44d920 | 10 | * property of Apple Inc. and are protected by Federal copyright |
11 | * law. Distribution and use rights are outlined in the file "LICENSE.txt" | |
12 | * which should have been included with this file. If this file is | |
13 | * file is missing or damaged, see the license at "http://www.cups.org/". | |
ef416fc2 | 14 | * |
15 | * This file is subject to the Apple OS-Developed Software exception. | |
16 | * | |
17 | * Contents: | |
18 | * | |
5a6b583a | 19 | * cupsEncryption() - Get the current encryption settings. |
b423cd4c | 20 | * cupsGetPassword() - Get a password from the user. |
5a6b583a MS |
21 | * cupsGetPassword2() - Get a password from the user using the advanced |
22 | * password callback. | |
23 | * cupsServer() - Return the hostname/address of the current | |
e07d4801 | 24 | * server. |
7cf5915e | 25 | * cupsSetClientCertCB() - Set the client certificate callback. |
b423cd4c | 26 | * cupsSetEncryption() - Set the encryption preference. |
27 | * cupsSetPasswordCB() - Set the password callback for CUPS. | |
f11a948a | 28 | * cupsSetPasswordCB2() - Set the advanced password callback for CUPS. |
5a6b583a | 29 | * cupsSetServer() - Set the default server name and port. |
7cf5915e | 30 | * cupsSetServerCertCB() - Set the server certificate callback. |
b423cd4c | 31 | * cupsSetUser() - Set the default user name. |
e07d4801 | 32 | * cupsUser() - Return the current user's name. |
b423cd4c | 33 | * _cupsGetPassword() - Get a password from the user. |
eac3a0a0 | 34 | * _cupsGSSServiceName() - Get the GSS (Kerberos) service name. |
e07d4801 MS |
35 | * _cupsSetDefaults() - Set the default server, port, and encryption. |
36 | * cups_read_client_conf() - Read a client.conf file. | |
ef416fc2 | 37 | */ |
38 | ||
39 | /* | |
40 | * Include necessary headers... | |
41 | */ | |
42 | ||
71e16022 | 43 | #include "cups-private.h" |
ef416fc2 | 44 | #include <stdlib.h> |
e00b005a | 45 | #include <sys/stat.h> |
ef416fc2 | 46 | #ifdef WIN32 |
47 | # include <windows.h> | |
5a6b583a MS |
48 | #else |
49 | # include <pwd.h> | |
dcb445bc | 50 | # include <termios.h> |
ef416fc2 | 51 | #endif /* WIN32 */ |
52 | ||
53 | ||
dcb445bc MS |
54 | /* |
55 | * Local constants... | |
56 | */ | |
57 | ||
58 | #define _CUPS_PASSCHAR '*' /* Character that is echoed for password */ | |
59 | ||
60 | ||
b423cd4c | 61 | /* |
62 | * Local functions... | |
63 | */ | |
64 | ||
e07d4801 MS |
65 | static void cups_read_client_conf(cups_file_t *fp, |
66 | _cups_globals_t *cg, | |
67 | const char *cups_encryption, | |
7cf5915e | 68 | const char *cups_server, |
07ed0e9a MS |
69 | #ifdef HAVE_GSSAPI |
70 | const char *cups_gssservicename, | |
71 | #endif /* HAVE_GSSAPI */ | |
7cf5915e MS |
72 | const char *cups_anyroot, |
73 | const char *cups_expiredroot, | |
74 | const char *cups_expiredcerts); | |
b423cd4c | 75 | |
76 | ||
ef416fc2 | 77 | /* |
5a6b583a | 78 | * 'cupsEncryption()' - Get the current encryption settings. |
ef416fc2 | 79 | * |
80 | * The default encryption setting comes from the CUPS_ENCRYPTION | |
568fa3fa | 81 | * environment variable, then the ~/.cups/client.conf file, and finally the |
ef416fc2 | 82 | * /etc/cups/client.conf file. If not set, the default is |
5a738aea | 83 | * @code HTTP_ENCRYPT_IF_REQUESTED@. |
5a6b583a MS |
84 | * |
85 | * Note: The current encryption setting is tracked separately for each thread | |
86 | * in a program. Multi-threaded programs that override the setting via the | |
87 | * @link cupsSetEncryption@ function need to do so in each thread for the same | |
88 | * setting to be used. | |
ef416fc2 | 89 | */ |
90 | ||
91 | http_encryption_t /* O - Encryption settings */ | |
92 | cupsEncryption(void) | |
93 | { | |
ef416fc2 | 94 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
95 | ||
96 | ||
ef416fc2 | 97 | if (cg->encryption == (http_encryption_t)-1) |
e07d4801 | 98 | _cupsSetDefaults(); |
ef416fc2 | 99 | |
100 | return (cg->encryption); | |
101 | } | |
102 | ||
103 | ||
104 | /* | |
105 | * 'cupsGetPassword()' - Get a password from the user. | |
106 | * | |
5a738aea | 107 | * Uses the current password callback function. Returns @code NULL@ if the |
ecdc0628 | 108 | * user does not provide a password. |
5a6b583a MS |
109 | * |
110 | * Note: The current password callback function is tracked separately for each | |
111 | * thread in a program. Multi-threaded programs that override the setting via | |
112 | * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to | |
113 | * do so in each thread for the same function to be used. | |
ef416fc2 | 114 | */ |
115 | ||
116 | const char * /* O - Password */ | |
117 | cupsGetPassword(const char *prompt) /* I - Prompt string */ | |
118 | { | |
f11a948a MS |
119 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
120 | ||
121 | ||
122 | return ((cg->password_cb)(prompt, NULL, NULL, NULL, cg->password_data)); | |
123 | } | |
124 | ||
125 | ||
126 | /* | |
127 | * 'cupsGetPassword2()' - Get a password from the user using the advanced | |
5a6b583a | 128 | * password callback. |
f11a948a MS |
129 | * |
130 | * Uses the current password callback function. Returns @code NULL@ if the | |
131 | * user does not provide a password. | |
132 | * | |
5a6b583a MS |
133 | * Note: The current password callback function is tracked separately for each |
134 | * thread in a program. Multi-threaded programs that override the setting via | |
135 | * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to | |
136 | * do so in each thread for the same function to be used. | |
137 | * | |
178cb736 | 138 | * @since CUPS 1.4/Mac OS X 10.6@ |
f11a948a MS |
139 | */ |
140 | ||
141 | const char * /* O - Password */ | |
142 | cupsGetPassword2(const char *prompt, /* I - Prompt string */ | |
143 | http_t *http, /* I - Connection to server or @code CUPS_HTTP_DEFAULT@ */ | |
144 | const char *method, /* I - Request method ("GET", "POST", "PUT") */ | |
145 | const char *resource) /* I - Resource path */ | |
146 | { | |
147 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
148 | ||
149 | ||
150 | if (!http) | |
151 | http = _cupsConnect(); | |
152 | ||
153 | return ((cg->password_cb)(prompt, http, method, resource, cg->password_data)); | |
ef416fc2 | 154 | } |
155 | ||
156 | ||
ef416fc2 | 157 | /* |
5a6b583a MS |
158 | * 'cupsServer()' - Return the hostname/address of the current server. |
159 | * | |
160 | * The default server comes from the CUPS_SERVER environment variable, then the | |
161 | * ~/.cups/client.conf file, and finally the /etc/cups/client.conf file. If not | |
162 | * set, the default is the local system - either "localhost" or a domain socket | |
163 | * path. | |
ef416fc2 | 164 | * |
5a6b583a MS |
165 | * The returned value can be a fully-qualified hostname, a numeric IPv4 or IPv6 |
166 | * address, or a domain socket pathname. | |
167 | * | |
168 | * Note: The current server is tracked separately for each thread in a program. | |
169 | * Multi-threaded programs that override the server via the | |
170 | * @link cupsSetServer@ function need to do so in each thread for the same | |
171 | * server to be used. | |
ef416fc2 | 172 | */ |
173 | ||
174 | const char * /* O - Server name */ | |
175 | cupsServer(void) | |
176 | { | |
ef416fc2 | 177 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
178 | ||
179 | ||
ef416fc2 | 180 | if (!cg->server[0]) |
e07d4801 | 181 | _cupsSetDefaults(); |
ef416fc2 | 182 | |
e07d4801 MS |
183 | return (cg->server); |
184 | } | |
ef416fc2 | 185 | |
d09495fa | 186 | |
7cf5915e MS |
187 | /* |
188 | * 'cupsSetClientCertCB()' - Set the client certificate callback. | |
189 | * | |
190 | * Pass @code NULL@ to restore the default callback. | |
191 | * | |
192 | * Note: The current certificate callback is tracked separately for each thread | |
193 | * in a program. Multi-threaded programs that override the callback need to do | |
194 | * so in each thread for the same callback to be used. | |
195 | * | |
321d8d57 | 196 | * @since CUPS 1.5/Mac OS X 10.7@ |
7cf5915e MS |
197 | */ |
198 | ||
199 | void | |
200 | cupsSetClientCertCB( | |
201 | cups_client_cert_cb_t cb, /* I - Callback function */ | |
202 | void *user_data) /* I - User data pointer */ | |
203 | { | |
204 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
205 | ||
206 | ||
207 | cg->client_cert_cb = cb; | |
208 | cg->client_cert_data = user_data; | |
209 | } | |
210 | ||
211 | ||
212 | /* | |
213 | * 'cupsSetCredentials()' - Set the default credentials to be used for SSL/TLS | |
214 | * connections. | |
215 | * | |
216 | * Note: The default credentials are tracked separately for each thread in a | |
217 | * program. Multi-threaded programs that override the setting need to do so in | |
218 | * each thread for the same setting to be used. | |
219 | * | |
321d8d57 | 220 | * @since CUPS 1.5/Mac OS X 10.7@ |
7cf5915e MS |
221 | */ |
222 | ||
223 | int /* O - Status of call (0 = success) */ | |
224 | cupsSetCredentials( | |
225 | cups_array_t *credentials) /* I - Array of credentials */ | |
226 | { | |
227 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
228 | ||
229 | ||
230 | if (cupsArrayCount(credentials) < 1) | |
231 | return (-1); | |
232 | ||
233 | _httpFreeCredentials(cg->tls_credentials); | |
85dda01c | 234 | cg->tls_credentials = _httpCreateCredentials(credentials); |
7cf5915e MS |
235 | |
236 | return (cg->tls_credentials ? 0 : -1); | |
237 | } | |
238 | ||
239 | ||
e07d4801 MS |
240 | /* |
241 | * 'cupsSetEncryption()' - Set the encryption preference. | |
5a6b583a MS |
242 | * |
243 | * The default encryption setting comes from the CUPS_ENCRYPTION | |
244 | * environment variable, then the ~/.cups/client.conf file, and finally the | |
245 | * /etc/cups/client.conf file. If not set, the default is | |
246 | * @code HTTP_ENCRYPT_IF_REQUESTED@. | |
247 | * | |
248 | * Note: The current encryption setting is tracked separately for each thread | |
249 | * in a program. Multi-threaded programs that override the setting need to do | |
250 | * so in each thread for the same setting to be used. | |
e07d4801 | 251 | */ |
ef416fc2 | 252 | |
e07d4801 MS |
253 | void |
254 | cupsSetEncryption(http_encryption_t e) /* I - New encryption preference */ | |
255 | { | |
256 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
ef416fc2 | 257 | |
ef416fc2 | 258 | |
e07d4801 | 259 | cg->encryption = e; |
ef416fc2 | 260 | |
e07d4801 MS |
261 | if (cg->http) |
262 | httpEncryption(cg->http, e); | |
ef416fc2 | 263 | } |
264 | ||
265 | ||
266 | /* | |
267 | * 'cupsSetPasswordCB()' - Set the password callback for CUPS. | |
268 | * | |
5a6b583a MS |
269 | * Pass @code NULL@ to restore the default (console) password callback, which |
270 | * reads the password from the console. Programs should call either this | |
271 | * function or @link cupsSetPasswordCB2@, as only one callback can be registered | |
272 | * by a program per thread. | |
273 | * | |
274 | * Note: The current password callback is tracked separately for each thread | |
275 | * in a program. Multi-threaded programs that override the callback need to do | |
276 | * so in each thread for the same callback to be used. | |
ef416fc2 | 277 | */ |
278 | ||
279 | void | |
280 | cupsSetPasswordCB(cups_password_cb_t cb)/* I - Callback function */ | |
281 | { | |
282 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
283 | ||
284 | ||
f11a948a MS |
285 | if (cb == (cups_password_cb_t)0) |
286 | cg->password_cb = (cups_password_cb2_t)_cupsGetPassword; | |
287 | else | |
288 | cg->password_cb = (cups_password_cb2_t)cb; | |
289 | ||
290 | cg->password_data = NULL; | |
291 | } | |
292 | ||
293 | ||
294 | /* | |
295 | * 'cupsSetPasswordCB2()' - Set the advanced password callback for CUPS. | |
296 | * | |
5a6b583a MS |
297 | * Pass @code NULL@ to restore the default (console) password callback, which |
298 | * reads the password from the console. Programs should call either this | |
299 | * function or @link cupsSetPasswordCB2@, as only one callback can be registered | |
300 | * by a program per thread. | |
301 | * | |
302 | * Note: The current password callback is tracked separately for each thread | |
303 | * in a program. Multi-threaded programs that override the callback need to do | |
304 | * so in each thread for the same callback to be used. | |
f11a948a | 305 | * |
178cb736 | 306 | * @since CUPS 1.4/Mac OS X 10.6@ |
f11a948a MS |
307 | */ |
308 | ||
309 | void | |
310 | cupsSetPasswordCB2( | |
311 | cups_password_cb2_t cb, /* I - Callback function */ | |
312 | void *user_data) /* I - User data pointer */ | |
313 | { | |
314 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
315 | ||
316 | ||
317 | if (cb == (cups_password_cb2_t)0) | |
318 | cg->password_cb = (cups_password_cb2_t)_cupsGetPassword; | |
ef416fc2 | 319 | else |
320 | cg->password_cb = cb; | |
f11a948a MS |
321 | |
322 | cg->password_data = user_data; | |
ef416fc2 | 323 | } |
324 | ||
325 | ||
326 | /* | |
5a6b583a | 327 | * 'cupsSetServer()' - Set the default server name and port. |
ef416fc2 | 328 | * |
329 | * The "server" string can be a fully-qualified hostname, a numeric | |
5a6b583a MS |
330 | * IPv4 or IPv6 address, or a domain socket pathname. Hostnames and numeric IP |
331 | * addresses can be optionally followed by a colon and port number to override | |
332 | * the default port 631, e.g. "hostname:8631". Pass @code NULL@ to restore the | |
333 | * default server name and port. | |
334 | * | |
335 | * Note: The current server is tracked separately for each thread in a program. | |
336 | * Multi-threaded programs that override the server need to do so in each | |
337 | * thread for the same server to be used. | |
ef416fc2 | 338 | */ |
339 | ||
340 | void | |
341 | cupsSetServer(const char *server) /* I - Server name */ | |
342 | { | |
343 | char *port; /* Pointer to port */ | |
344 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
345 | ||
346 | ||
347 | if (server) | |
348 | { | |
349 | strlcpy(cg->server, server, sizeof(cg->server)); | |
350 | ||
351 | if (cg->server[0] != '/' && (port = strrchr(cg->server, ':')) != NULL && | |
352 | !strchr(port, ']') && isdigit(port[1] & 255)) | |
353 | { | |
354 | *port++ = '\0'; | |
355 | ||
e07d4801 | 356 | cg->ipp_port = atoi(port); |
ef416fc2 | 357 | } |
358 | ||
359 | if (cg->server[0] == '/') | |
360 | strcpy(cg->servername, "localhost"); | |
361 | else | |
362 | strlcpy(cg->servername, cg->server, sizeof(cg->servername)); | |
363 | } | |
364 | else | |
365 | { | |
366 | cg->server[0] = '\0'; | |
367 | cg->servername[0] = '\0'; | |
368 | } | |
5a738aea MS |
369 | |
370 | if (cg->http) | |
371 | { | |
372 | httpClose(cg->http); | |
373 | cg->http = NULL; | |
374 | } | |
ef416fc2 | 375 | } |
376 | ||
377 | ||
7cf5915e MS |
378 | /* |
379 | * 'cupsSetServerCertCB()' - Set the server certificate callback. | |
380 | * | |
381 | * Pass @code NULL@ to restore the default callback. | |
382 | * | |
383 | * Note: The current credentials callback is tracked separately for each thread | |
384 | * in a program. Multi-threaded programs that override the callback need to do | |
385 | * so in each thread for the same callback to be used. | |
386 | * | |
321d8d57 | 387 | * @since CUPS 1.5/Mac OS X 10.7@ |
7cf5915e MS |
388 | */ |
389 | ||
390 | void | |
391 | cupsSetServerCertCB( | |
392 | cups_server_cert_cb_t cb, /* I - Callback function */ | |
393 | void *user_data) /* I - User data pointer */ | |
394 | { | |
395 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
396 | ||
397 | ||
398 | cg->server_cert_cb = cb; | |
399 | cg->server_cert_data = user_data; | |
400 | } | |
401 | ||
402 | ||
ef416fc2 | 403 | /* |
404 | * 'cupsSetUser()' - Set the default user name. | |
405 | * | |
5a738aea | 406 | * Pass @code NULL@ to restore the default user name. |
5a6b583a MS |
407 | * |
408 | * Note: The current user name is tracked separately for each thread in a | |
409 | * program. Multi-threaded programs that override the user name need to do so | |
410 | * in each thread for the same user name to be used. | |
ef416fc2 | 411 | */ |
412 | ||
413 | void | |
414 | cupsSetUser(const char *user) /* I - User name */ | |
415 | { | |
416 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
417 | ||
418 | ||
419 | if (user) | |
420 | strlcpy(cg->user, user, sizeof(cg->user)); | |
421 | else | |
422 | cg->user[0] = '\0'; | |
423 | } | |
424 | ||
425 | ||
ef416fc2 | 426 | /* |
427 | * 'cupsUser()' - Return the current user's name. | |
5a6b583a MS |
428 | * |
429 | * Note: The current user name is tracked separately for each thread in a | |
430 | * program. Multi-threaded programs that override the user name with the | |
431 | * @link cupsSetUser@ function need to do so in each thread for the same user | |
432 | * name to be used. | |
ef416fc2 | 433 | */ |
434 | ||
435 | const char * /* O - User name */ | |
436 | cupsUser(void) | |
437 | { | |
6d2f911b | 438 | const char *user; /* USER environment variable */ |
ef416fc2 | 439 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ |
440 | ||
441 | ||
442 | if (!cg->user[0]) | |
443 | { | |
5a6b583a MS |
444 | #ifdef WIN32 |
445 | /* | |
446 | * Get the current user name from the OS... | |
447 | */ | |
ef416fc2 | 448 | |
5a6b583a | 449 | DWORD size; /* Size of string */ |
ef416fc2 | 450 | |
451 | size = sizeof(cg->user); | |
452 | if (!GetUserName(cg->user, &size)) | |
ef416fc2 | 453 | #else |
ef416fc2 | 454 | /* |
5a6b583a | 455 | * Get the user name corresponding to the current UID... |
ef416fc2 | 456 | */ |
457 | ||
5a6b583a | 458 | struct passwd *pwd; /* User/password entry */ |
ef416fc2 | 459 | |
5a6b583a MS |
460 | setpwent(); |
461 | if ((pwd = getpwuid(getuid())) != NULL) | |
ef416fc2 | 462 | { |
463 | /* | |
5a6b583a | 464 | * Found a match! |
ef416fc2 | 465 | */ |
466 | ||
ef416fc2 | 467 | strlcpy(cg->user, pwd->pw_name, sizeof(cg->user)); |
468 | } | |
5a6b583a MS |
469 | else |
470 | #endif /* WIN32 */ | |
6d2f911b MS |
471 | if ((user = getenv("USER")) != NULL) |
472 | { | |
473 | /* | |
474 | * Use the username from the "USER" environment variable... | |
475 | */ | |
476 | strlcpy(cg->user, user, sizeof(cg->user)); | |
477 | } | |
478 | else | |
5a6b583a MS |
479 | { |
480 | /* | |
481 | * Use the default "unknown" user name... | |
482 | */ | |
6d2f911b | 483 | |
5a6b583a MS |
484 | strcpy(cg->user, "unknown"); |
485 | } | |
ef416fc2 | 486 | } |
487 | ||
488 | return (cg->user); | |
489 | } | |
490 | ||
491 | ||
492 | /* | |
493 | * '_cupsGetPassword()' - Get a password from the user. | |
494 | */ | |
495 | ||
dcb445bc | 496 | const char * /* O - Password or @code NULL@ if none */ |
ef416fc2 | 497 | _cupsGetPassword(const char *prompt) /* I - Prompt string */ |
498 | { | |
5a6b583a | 499 | #ifdef WIN32 |
dcb445bc MS |
500 | HANDLE tty; /* Console handle */ |
501 | DWORD mode; /* Console mode */ | |
502 | char passch, /* Current key press */ | |
503 | *passptr, /* Pointer into password string */ | |
504 | *passend; /* End of password string */ | |
505 | ssize_t passbytes; /* Bytes read */ | |
506 | _cups_globals_t *cg = _cupsGlobals(); | |
507 | /* Thread globals */ | |
508 | ||
509 | ||
5a6b583a | 510 | /* |
dcb445bc | 511 | * Disable input echo and set raw input... |
5a6b583a MS |
512 | */ |
513 | ||
dcb445bc MS |
514 | if ((tty = GetStdHandle(STD_INPUT_HANDLE)) == INVALID_HANDLE_VALUE) |
515 | return (NULL); | |
516 | ||
517 | if (!GetConsoleMode(tty, &mode)) | |
518 | return (NULL); | |
519 | ||
520 | if (!SetConsoleMode(tty, 0)) | |
521 | return (NULL); | |
522 | ||
523 | /* | |
524 | * Display the prompt... | |
525 | */ | |
526 | ||
527 | printf("%s ", prompt); | |
528 | fflush(stdout); | |
529 | ||
530 | /* | |
531 | * Read the password string from /dev/tty until we get interrupted or get a | |
532 | * carriage return or newline... | |
533 | */ | |
534 | ||
535 | passptr = cg->password; | |
536 | passend = cg->password + sizeof(cg->password) - 1; | |
537 | ||
538 | while ((passbytes = read(tty, &passch, 1)) == 1) | |
539 | { | |
540 | if (passch == 0x0A || passch == 0x0D) | |
541 | { | |
542 | /* | |
543 | * Enter/return... | |
544 | */ | |
545 | ||
546 | break; | |
547 | } | |
548 | else if (passch == 0x08 || passch == 0x7F) | |
549 | { | |
550 | /* | |
551 | * Backspace/delete (erase character)... | |
552 | */ | |
553 | ||
554 | if (passptr > cg->password) | |
555 | { | |
556 | passptr --; | |
557 | fputs("\010 \010", stdout); | |
558 | } | |
559 | else | |
560 | putchar(0x07); | |
561 | } | |
562 | else if (passch == 0x15) | |
563 | { | |
564 | /* | |
565 | * CTRL+U (erase line) | |
566 | */ | |
567 | ||
568 | if (passptr > cg->password) | |
569 | { | |
570 | while (passptr > cg->password) | |
571 | { | |
572 | passptr --; | |
573 | fputs("\010 \010", stdout); | |
574 | } | |
575 | } | |
576 | else | |
577 | putchar(0x07); | |
578 | } | |
579 | else if (passch == 0x03) | |
580 | { | |
581 | /* | |
582 | * CTRL+C... | |
583 | */ | |
584 | ||
585 | passptr = cg->password; | |
586 | break; | |
587 | } | |
588 | else if ((passch & 255) < 0x20 || passptr >= passend) | |
589 | putchar(0x07); | |
590 | else | |
591 | { | |
592 | *passptr++ = passch; | |
593 | putchar(_CUPS_PASSCHAR); | |
594 | } | |
595 | ||
596 | fflush(stdout); | |
597 | } | |
598 | ||
599 | putchar('\n'); | |
600 | fflush(stdout); | |
601 | ||
602 | /* | |
603 | * Cleanup... | |
604 | */ | |
605 | ||
606 | SetConsoleMode(tty, mode); | |
607 | ||
608 | /* | |
609 | * Return the proper value... | |
610 | */ | |
611 | ||
612 | if (passbytes == 1 && passptr > cg->password) | |
613 | { | |
614 | *passptr = '\0'; | |
615 | return (cg->password); | |
616 | } | |
617 | else | |
618 | { | |
619 | memset(cg->password, 0, sizeof(cg->password)); | |
620 | return (NULL); | |
621 | } | |
5a6b583a MS |
622 | |
623 | #else | |
dcb445bc MS |
624 | int tty; /* /dev/tty - never read from stdin */ |
625 | struct termios original, /* Original input mode */ | |
626 | noecho; /* No echo input mode */ | |
627 | char passch, /* Current key press */ | |
628 | *passptr, /* Pointer into password string */ | |
629 | *passend; /* End of password string */ | |
630 | ssize_t passbytes; /* Bytes read */ | |
631 | _cups_globals_t *cg = _cupsGlobals(); | |
632 | /* Thread globals */ | |
633 | ||
634 | ||
5a6b583a | 635 | /* |
dcb445bc | 636 | * Disable input echo and set raw input... |
5a6b583a MS |
637 | */ |
638 | ||
dcb445bc MS |
639 | if ((tty = open("/dev/tty", O_RDONLY)) < 0) |
640 | return (NULL); | |
641 | ||
642 | if (tcgetattr(tty, &original)) | |
643 | { | |
644 | close(tty); | |
645 | return (NULL); | |
646 | } | |
647 | ||
648 | noecho = original; | |
649 | noecho.c_lflag &= ~(ICANON | ECHO | ECHOE | ISIG); | |
7cf5915e | 650 | |
dcb445bc MS |
651 | if (tcsetattr(tty, TCSAFLUSH, &noecho)) |
652 | { | |
653 | close(tty); | |
7cf5915e | 654 | return (NULL); |
dcb445bc MS |
655 | } |
656 | ||
657 | /* | |
658 | * Display the prompt... | |
659 | */ | |
660 | ||
661 | printf("%s ", prompt); | |
662 | fflush(stdout); | |
663 | ||
664 | /* | |
665 | * Read the password string from /dev/tty until we get interrupted or get a | |
666 | * carriage return or newline... | |
667 | */ | |
668 | ||
669 | passptr = cg->password; | |
670 | passend = cg->password + sizeof(cg->password) - 1; | |
671 | ||
672 | while ((passbytes = read(tty, &passch, 1)) == 1) | |
673 | { | |
674 | if (passch == noecho.c_cc[VEOL] || passch == noecho.c_cc[VEOL2] || | |
675 | passch == 0x0A || passch == 0x0D) | |
676 | { | |
677 | /* | |
678 | * Enter/return... | |
679 | */ | |
680 | ||
681 | break; | |
682 | } | |
683 | else if (passch == noecho.c_cc[VERASE] || | |
684 | passch == 0x08 || passch == 0x7F) | |
685 | { | |
686 | /* | |
687 | * Backspace/delete (erase character)... | |
688 | */ | |
689 | ||
690 | if (passptr > cg->password) | |
691 | { | |
692 | passptr --; | |
693 | fputs("\010 \010", stdout); | |
694 | } | |
695 | else | |
696 | putchar(0x07); | |
697 | } | |
698 | else if (passch == noecho.c_cc[VKILL]) | |
699 | { | |
700 | /* | |
701 | * CTRL+U (erase line) | |
702 | */ | |
703 | ||
704 | if (passptr > cg->password) | |
705 | { | |
706 | while (passptr > cg->password) | |
707 | { | |
708 | passptr --; | |
709 | fputs("\010 \010", stdout); | |
710 | } | |
711 | } | |
712 | else | |
713 | putchar(0x07); | |
714 | } | |
715 | else if (passch == noecho.c_cc[VINTR] || passch == noecho.c_cc[VQUIT] || | |
716 | passch == noecho.c_cc[VEOF]) | |
717 | { | |
718 | /* | |
719 | * CTRL+C, CTRL+D, or CTRL+Z... | |
720 | */ | |
721 | ||
722 | passptr = cg->password; | |
723 | break; | |
724 | } | |
725 | else if ((passch & 255) < 0x20 || passptr >= passend) | |
726 | putchar(0x07); | |
727 | else | |
728 | { | |
729 | *passptr++ = passch; | |
730 | putchar(_CUPS_PASSCHAR); | |
731 | } | |
732 | ||
733 | fflush(stdout); | |
734 | } | |
735 | ||
736 | putchar('\n'); | |
737 | fflush(stdout); | |
738 | ||
739 | /* | |
740 | * Cleanup... | |
741 | */ | |
742 | ||
743 | tcsetattr(tty, TCSAFLUSH, &original); | |
744 | close(tty); | |
745 | ||
746 | /* | |
747 | * Return the proper value... | |
748 | */ | |
749 | ||
750 | if (passbytes == 1 && passptr > cg->password) | |
751 | { | |
752 | *passptr = '\0'; | |
753 | return (cg->password); | |
754 | } | |
7cf5915e | 755 | else |
dcb445bc MS |
756 | { |
757 | memset(cg->password, 0, sizeof(cg->password)); | |
758 | return (NULL); | |
759 | } | |
ef416fc2 | 760 | #endif /* WIN32 */ |
5a6b583a | 761 | } |
ef416fc2 | 762 | |
763 | ||
eac3a0a0 MS |
764 | #ifdef HAVE_GSSAPI |
765 | /* | |
766 | * '_cupsGSSServiceName()' - Get the GSS (Kerberos) service name. | |
767 | */ | |
768 | ||
769 | const char * | |
770 | _cupsGSSServiceName(void) | |
771 | { | |
772 | _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */ | |
773 | ||
774 | ||
775 | if (!cg->gss_service_name[0]) | |
776 | _cupsSetDefaults(); | |
777 | ||
778 | return (cg->gss_service_name); | |
779 | } | |
780 | #endif /* HAVE_GSSAPI */ | |
781 | ||
782 | ||
ef416fc2 | 783 | /* |
e07d4801 | 784 | * '_cupsSetDefaults()' - Set the default server, port, and encryption. |
b423cd4c | 785 | */ |
786 | ||
e07d4801 MS |
787 | void |
788 | _cupsSetDefaults(void) | |
b423cd4c | 789 | { |
790 | cups_file_t *fp; /* File */ | |
e07d4801 MS |
791 | const char *home, /* Home directory of user */ |
792 | *cups_encryption, /* CUPS_ENCRYPTION env var */ | |
7cf5915e | 793 | *cups_server, /* CUPS_SERVER env var */ |
07ed0e9a MS |
794 | #ifdef HAVE_GSSAPI |
795 | *cups_gssservicename, /* CUPS_GSSSERVICENAME env var */ | |
796 | #endif /* HAVE_GSSAPI */ | |
7cf5915e MS |
797 | *cups_anyroot, /* CUPS_ANYROOT env var */ |
798 | *cups_expiredroot, /* CUPS_EXPIREDROOT env var */ | |
799 | *cups_expiredcerts; /* CUPS_EXPIREDCERTS env var */ | |
b423cd4c | 800 | char filename[1024]; /* Filename */ |
801 | _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ | |
802 | ||
803 | ||
e07d4801 MS |
804 | DEBUG_puts("_cupsSetDefaults()"); |
805 | ||
806 | /* | |
807 | * First collect environment variables... | |
808 | */ | |
809 | ||
07ed0e9a MS |
810 | cups_encryption = getenv("CUPS_ENCRYPTION"); |
811 | cups_server = getenv("CUPS_SERVER"); | |
812 | #ifdef HAVE_GSSAPI | |
813 | cups_gssservicename = getenv("CUPS_GSSSERVICENAME"); | |
814 | #endif /* HAVE_GSSAPI */ | |
815 | cups_anyroot = getenv("CUPS_ANYROOT"); | |
816 | cups_expiredroot = getenv("CUPS_EXPIREDROOT"); | |
817 | cups_expiredcerts = getenv("CUPS_EXPIREDCERTS"); | |
e07d4801 MS |
818 | |
819 | /* | |
10d09e33 MS |
820 | * Then, if needed, read the ~/.cups/client.conf or /etc/cups/client.conf |
821 | * files to get the default values... | |
e07d4801 MS |
822 | */ |
823 | ||
e07d4801 MS |
824 | if (cg->encryption == (http_encryption_t)-1 || !cg->server[0] || |
825 | !cg->ipp_port) | |
826 | { | |
10d09e33 | 827 | if ((home = getenv("HOME")) != NULL) |
d09495fa | 828 | { |
10d09e33 MS |
829 | /* |
830 | * Look for ~/.cups/client.conf... | |
831 | */ | |
e07d4801 | 832 | |
10d09e33 MS |
833 | snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home); |
834 | fp = cupsFileOpen(filename, "r"); | |
835 | } | |
836 | else | |
837 | fp = NULL; | |
e07d4801 | 838 | |
10d09e33 | 839 | if (!fp) |
e07d4801 | 840 | { |
e07d4801 | 841 | /* |
10d09e33 | 842 | * Look for CUPS_SERVERROOT/client.conf... |
e07d4801 MS |
843 | */ |
844 | ||
10d09e33 MS |
845 | snprintf(filename, sizeof(filename), "%s/client.conf", |
846 | cg->cups_serverroot); | |
847 | fp = cupsFileOpen(filename, "r"); | |
e07d4801 MS |
848 | } |
849 | ||
10d09e33 MS |
850 | /* |
851 | * Read the configuration file and apply any environment variables; both | |
852 | * functions handle NULL cups_file_t pointers... | |
853 | */ | |
e07d4801 | 854 | |
10d09e33 | 855 | cups_read_client_conf(fp, cg, cups_encryption, cups_server, |
07ed0e9a MS |
856 | #ifdef HAVE_GSSAPI |
857 | cups_gssservicename, | |
858 | #endif /* HAVE_GSSAPI */ | |
10d09e33 MS |
859 | cups_anyroot, cups_expiredroot, |
860 | cups_expiredcerts); | |
861 | cupsFileClose(fp); | |
e07d4801 MS |
862 | } |
863 | } | |
864 | ||
865 | ||
866 | /* | |
867 | * 'cups_read_client_conf()' - Read a client.conf file. | |
868 | */ | |
869 | ||
870 | static void | |
871 | cups_read_client_conf( | |
872 | cups_file_t *fp, /* I - File to read */ | |
873 | _cups_globals_t *cg, /* I - Global data */ | |
874 | const char *cups_encryption, /* I - CUPS_ENCRYPTION env var */ | |
7cf5915e | 875 | const char *cups_server, /* I - CUPS_SERVER env var */ |
07ed0e9a MS |
876 | #ifdef HAVE_GSSAPI |
877 | const char *cups_gssservicename, | |
878 | /* I - CUPS_GSSSERVICENAME env var */ | |
879 | #endif /* HAVE_GSSAPI */ | |
7cf5915e MS |
880 | const char *cups_anyroot, /* I - CUPS_ANYROOT env var */ |
881 | const char *cups_expiredroot, /* I - CUPS_EXPIREDROOT env var */ | |
882 | const char *cups_expiredcerts) /* I - CUPS_EXPIREDCERTS env var */ | |
e07d4801 MS |
883 | { |
884 | int linenum; /* Current line number */ | |
885 | char line[1024], /* Line from file */ | |
886 | *value, /* Pointer into line */ | |
887 | encryption[1024], /* Encryption value */ | |
85dda01c | 888 | #ifndef __APPLE__ |
7cf5915e | 889 | server_name[1024], /* ServerName value */ |
85dda01c | 890 | #endif /* !__APPLE__ */ |
7cf5915e MS |
891 | any_root[1024], /* AllowAnyRoot value */ |
892 | expired_root[1024], /* AllowExpiredRoot value */ | |
893 | expired_certs[1024]; /* AllowExpiredCerts value */ | |
07ed0e9a MS |
894 | #ifdef HAVE_GSSAPI |
895 | char gss_service_name[32]; /* GSSServiceName value */ | |
896 | #endif /* HAVE_GSSAPI */ | |
e07d4801 MS |
897 | |
898 | ||
899 | /* | |
900 | * Read from the file... | |
901 | */ | |
902 | ||
903 | linenum = 0; | |
904 | while (cupsFileGetConf(fp, line, sizeof(line), &value, &linenum)) | |
905 | { | |
906 | if (!cups_encryption && cg->encryption == (http_encryption_t)-1 && | |
88f9aafc | 907 | !_cups_strcasecmp(line, "Encryption") && value) |
e07d4801 MS |
908 | { |
909 | strlcpy(encryption, value, sizeof(encryption)); | |
910 | cups_encryption = encryption; | |
911 | } | |
85dda01c MS |
912 | #ifndef __APPLE__ |
913 | /* | |
914 | * The Server directive is not supported on Mac OS X due to app sandboxing | |
915 | * restrictions, i.e. not all apps request network access. | |
916 | */ | |
e07d4801 | 917 | else if (!cups_server && (!cg->server[0] || !cg->ipp_port) && |
88f9aafc | 918 | !_cups_strcasecmp(line, "ServerName") && value) |
e07d4801 MS |
919 | { |
920 | strlcpy(server_name, value, sizeof(server_name)); | |
921 | cups_server = server_name; | |
922 | } | |
85dda01c | 923 | #endif /* !__APPLE__ */ |
88f9aafc | 924 | else if (!cups_anyroot && !_cups_strcasecmp(line, "AllowAnyRoot") && value) |
7cf5915e MS |
925 | { |
926 | strlcpy(any_root, value, sizeof(any_root)); | |
927 | cups_anyroot = any_root; | |
928 | } | |
88f9aafc | 929 | else if (!cups_expiredroot && !_cups_strcasecmp(line, "AllowExpiredRoot") && |
7cf5915e MS |
930 | value) |
931 | { | |
932 | strlcpy(expired_root, value, sizeof(expired_root)); | |
933 | cups_expiredroot = expired_root; | |
934 | } | |
88f9aafc | 935 | else if (!cups_expiredcerts && !_cups_strcasecmp(line, "AllowExpiredCerts") && |
7cf5915e MS |
936 | value) |
937 | { | |
938 | strlcpy(expired_certs, value, sizeof(expired_certs)); | |
939 | cups_expiredcerts = expired_certs; | |
940 | } | |
07ed0e9a | 941 | #ifdef HAVE_GSSAPI |
88f9aafc | 942 | else if (!cups_gssservicename && !_cups_strcasecmp(line, "GSSServiceName") && |
07ed0e9a MS |
943 | value) |
944 | { | |
945 | strlcpy(gss_service_name, value, sizeof(gss_service_name)); | |
946 | cups_gssservicename = gss_service_name; | |
947 | } | |
948 | #endif /* HAVE_GSSAPI */ | |
e07d4801 MS |
949 | } |
950 | ||
951 | /* | |
952 | * Set values... | |
953 | */ | |
954 | ||
955 | if (cg->encryption == (http_encryption_t)-1 && cups_encryption) | |
956 | { | |
88f9aafc | 957 | if (!_cups_strcasecmp(cups_encryption, "never")) |
e07d4801 | 958 | cg->encryption = HTTP_ENCRYPT_NEVER; |
88f9aafc | 959 | else if (!_cups_strcasecmp(cups_encryption, "always")) |
e07d4801 | 960 | cg->encryption = HTTP_ENCRYPT_ALWAYS; |
88f9aafc | 961 | else if (!_cups_strcasecmp(cups_encryption, "required")) |
e07d4801 MS |
962 | cg->encryption = HTTP_ENCRYPT_REQUIRED; |
963 | else | |
964 | cg->encryption = HTTP_ENCRYPT_IF_REQUESTED; | |
b423cd4c | 965 | } |
966 | ||
e07d4801 MS |
967 | if ((!cg->server[0] || !cg->ipp_port) && cups_server) |
968 | { | |
969 | if (!cg->server[0]) | |
970 | { | |
971 | /* | |
972 | * Copy server name... | |
973 | */ | |
974 | ||
975 | strlcpy(cg->server, cups_server, sizeof(cg->server)); | |
976 | ||
977 | if (cg->server[0] != '/' && (value = strrchr(cg->server, ':')) != NULL && | |
978 | !strchr(value, ']') && isdigit(value[1] & 255)) | |
979 | *value++ = '\0'; | |
980 | else | |
981 | value = NULL; | |
982 | ||
983 | if (cg->server[0] == '/') | |
984 | strcpy(cg->servername, "localhost"); | |
985 | else | |
986 | strlcpy(cg->servername, cg->server, sizeof(cg->servername)); | |
987 | } | |
988 | else if (cups_server[0] != '/' && | |
989 | (value = strrchr(cups_server, ':')) != NULL && | |
990 | !strchr(value, ']') && isdigit(value[1] & 255)) | |
991 | value ++; | |
992 | else | |
993 | value = NULL; | |
994 | ||
995 | if (!cg->ipp_port && value) | |
996 | cg->ipp_port = atoi(value); | |
997 | } | |
7cf5915e | 998 | |
10d09e33 MS |
999 | if (!cg->server[0]) |
1000 | { | |
1001 | #ifdef CUPS_DEFAULT_DOMAINSOCKET | |
1002 | /* | |
1003 | * If we are compiled with domain socket support, only use the | |
1004 | * domain socket if it exists and has the right permissions... | |
1005 | */ | |
1006 | ||
1007 | struct stat sockinfo; /* Domain socket information */ | |
1008 | ||
1009 | if (!stat(CUPS_DEFAULT_DOMAINSOCKET, &sockinfo) && | |
1010 | (sockinfo.st_mode & S_IRWXO) == S_IRWXO) | |
1011 | cups_server = CUPS_DEFAULT_DOMAINSOCKET; | |
1012 | else | |
1013 | #endif /* CUPS_DEFAULT_DOMAINSOCKET */ | |
1014 | cups_server = "localhost"; | |
1015 | ||
1016 | cupsSetServer(cups_server); | |
1017 | } | |
1018 | ||
1019 | if (!cg->ipp_port) | |
1020 | { | |
88f9aafc | 1021 | const char *ipp_port; /* IPP_PORT environment variable */ |
10d09e33 MS |
1022 | |
1023 | if ((ipp_port = getenv("IPP_PORT")) != NULL) | |
1024 | { | |
1025 | if ((cg->ipp_port = atoi(ipp_port)) <= 0) | |
1026 | cg->ipp_port = CUPS_DEFAULT_IPP_PORT; | |
1027 | } | |
10d09e33 | 1028 | else |
88f9aafc | 1029 | cg->ipp_port = CUPS_DEFAULT_IPP_PORT; |
10d09e33 MS |
1030 | } |
1031 | ||
07ed0e9a MS |
1032 | #ifdef HAVE_GSSAPI |
1033 | if (!cups_gssservicename) | |
1034 | cups_gssservicename = CUPS_DEFAULT_GSSSERVICENAME; | |
1035 | ||
1036 | strlcpy(cg->gss_service_name, cups_gssservicename, | |
1037 | sizeof(cg->gss_service_name)); | |
1038 | #endif /* HAVE_GSSAPI */ | |
1039 | ||
7cf5915e | 1040 | if (cups_anyroot) |
88f9aafc MS |
1041 | cg->any_root = !_cups_strcasecmp(cups_anyroot, "yes") || |
1042 | !_cups_strcasecmp(cups_anyroot, "on") || | |
1043 | !_cups_strcasecmp(cups_anyroot, "true"); | |
7cf5915e MS |
1044 | |
1045 | if (cups_expiredroot) | |
88f9aafc MS |
1046 | cg->expired_root = !_cups_strcasecmp(cups_expiredroot, "yes") || |
1047 | !_cups_strcasecmp(cups_expiredroot, "on") || | |
1048 | !_cups_strcasecmp(cups_expiredroot, "true"); | |
7cf5915e MS |
1049 | |
1050 | if (cups_expiredcerts) | |
88f9aafc MS |
1051 | cg->expired_certs = !_cups_strcasecmp(cups_expiredcerts, "yes") || |
1052 | !_cups_strcasecmp(cups_expiredcerts, "on") || | |
1053 | !_cups_strcasecmp(cups_expiredcerts, "true"); | |
b423cd4c | 1054 | } |
1055 | ||
1056 | ||
1057 | /* | |
e07d4801 | 1058 | * End of "$Id: usersys.c 8498 2009-04-13 17:03:15Z mike $". |
ef416fc2 | 1059 | */ |