]>
Commit | Line | Data |
---|---|---|
ef416fc2 | 1 | /* |
2 | * "$Id: auth.h 4812 2005-10-25 18:23:10Z mike $" | |
3 | * | |
4 | * Authorization definitions for the Common UNIX Printing System (CUPS) | |
5 | * scheduler. | |
6 | * | |
7 | * Copyright 1997-2005 by Easy Software Products, all rights reserved. | |
8 | * | |
9 | * These coded instructions, statements, and computer programs are the | |
10 | * property of Easy Software Products and are protected by Federal | |
11 | * copyright law. Distribution and use rights are outlined in the file | |
12 | * "LICENSE.txt" which should have been included with this file. If this | |
13 | * file is missing or damaged please contact Easy Software Products | |
14 | * at: | |
15 | * | |
16 | * Attn: CUPS Licensing Information | |
17 | * Easy Software Products | |
18 | * 44141 Airport View Drive, Suite 204 | |
19 | * Hollywood, Maryland 20636 USA | |
20 | * | |
21 | * Voice: (301) 373-9600 | |
22 | * EMail: cups-info@cups.org | |
23 | * WWW: http://www.cups.org | |
24 | */ | |
25 | ||
26 | /* | |
27 | * Include necessary headers... | |
28 | */ | |
29 | ||
30 | #include <pwd.h> | |
31 | ||
32 | ||
33 | /* | |
34 | * HTTP authorization types and levels... | |
35 | */ | |
36 | ||
37 | #define AUTH_NONE 0 /* No authentication */ | |
38 | #define AUTH_BASIC 1 /* Basic authentication */ | |
39 | #define AUTH_DIGEST 2 /* Digest authentication */ | |
40 | #define AUTH_BASICDIGEST 3 /* Basic authentication w/passwd.md5 */ | |
41 | ||
42 | #define AUTH_ANON 0 /* Anonymous access */ | |
43 | #define AUTH_USER 1 /* Must have a valid username/password */ | |
44 | #define AUTH_GROUP 2 /* Must also be in a named group */ | |
45 | ||
46 | #define AUTH_ALLOW 0 /* Allow access */ | |
47 | #define AUTH_DENY 1 /* Deny access */ | |
48 | ||
49 | #define AUTH_NAME 0 /* Authorize host by name */ | |
50 | #define AUTH_IP 1 /* Authorize host by IP */ | |
51 | #define AUTH_INTERFACE 2 /* Authorize host by interface */ | |
52 | ||
53 | #define AUTH_SATISFY_ALL 0 /* Satisfy both address and auth */ | |
54 | #define AUTH_SATISFY_ANY 1 /* Satisfy either address or auth */ | |
55 | ||
56 | #define AUTH_LIMIT_DELETE 1 /* Limit DELETE requests */ | |
57 | #define AUTH_LIMIT_GET 2 /* Limit GET requests */ | |
58 | #define AUTH_LIMIT_HEAD 4 /* Limit HEAD requests */ | |
59 | #define AUTH_LIMIT_OPTIONS 8 /* Limit OPTIONS requests */ | |
60 | #define AUTH_LIMIT_POST 16 /* Limit POST requests */ | |
61 | #define AUTH_LIMIT_PUT 32 /* Limit PUT requests */ | |
62 | #define AUTH_LIMIT_TRACE 64 /* Limit TRACE requests */ | |
63 | #define AUTH_LIMIT_ALL 127 /* Limit all requests */ | |
64 | #define AUTH_LIMIT_IPP 128 /* Limit IPP requests */ | |
65 | ||
66 | #define IPP_ANY_OPERATION (ipp_op_t)0 | |
67 | /* Any IPP operation */ | |
68 | #define IPP_BAD_OPERATION (ipp_op_t)-1 | |
69 | /* No IPP operation */ | |
70 | ||
71 | ||
72 | /* | |
73 | * HTTP access control structures... | |
74 | */ | |
75 | ||
76 | typedef struct | |
77 | { | |
78 | unsigned address[4], /* IP address */ | |
79 | netmask[4]; /* IP netmask */ | |
80 | } cupsd_ipmask_t; | |
81 | ||
82 | typedef struct | |
83 | { | |
84 | int length; /* Length of name */ | |
85 | char *name; /* Name string */ | |
86 | } cupsd_namemask_t; | |
87 | ||
88 | typedef struct | |
89 | { | |
90 | int type; /* Mask type */ | |
91 | union | |
92 | { | |
93 | cupsd_namemask_t name; /* Host/Domain name */ | |
94 | cupsd_ipmask_t ip; /* IP address/network */ | |
95 | } mask; /* Mask data */ | |
96 | } cupsd_authmask_t; | |
97 | ||
98 | typedef struct | |
99 | { | |
100 | char location[HTTP_MAX_URI]; | |
101 | /* Location of resource */ | |
102 | ipp_op_t op; /* IPP operation */ | |
103 | int limit, /* Limit for these types of requests */ | |
104 | length, /* Length of location string */ | |
105 | order_type, /* Allow or Deny */ | |
106 | type, /* Type of authentication */ | |
107 | level, /* Access level required */ | |
108 | satisfy; /* Satisfy any or all limits? */ | |
109 | int num_names; /* Number of names */ | |
110 | char **names; /* User or group names */ | |
111 | int num_allow; /* Number of Allow lines */ | |
112 | cupsd_authmask_t *allow; /* Allow lines */ | |
113 | int num_deny; /* Number of Deny lines */ | |
114 | cupsd_authmask_t *deny; /* Deny lines */ | |
115 | http_encryption_t encryption; /* To encrypt or not to encrypt... */ | |
116 | } cupsd_location_t; | |
117 | ||
118 | typedef struct cupsd_client_s cupsd_client_t; | |
119 | ||
120 | ||
121 | /* | |
122 | * Globals... | |
123 | */ | |
124 | ||
125 | VAR int NumLocations VALUE(0); | |
126 | /* Number of authorization locations */ | |
127 | VAR cupsd_location_t *Locations VALUE(NULL); | |
128 | /* Authorization locations */ | |
129 | VAR int DefaultAuthType VALUE(AUTH_BASIC); | |
130 | /* Default AuthType, if not specified */ | |
131 | ||
132 | ||
133 | /* | |
134 | * Prototypes... | |
135 | */ | |
136 | ||
137 | extern cupsd_location_t *cupsdAddLocation(const char *location); | |
138 | extern void cupsdAddName(cupsd_location_t *loc, char *name); | |
139 | extern void cupsdAllowHost(cupsd_location_t *loc, char *name); | |
140 | extern void cupsdAllowIP(cupsd_location_t *loc, unsigned address[4], | |
141 | unsigned netmask[4]); | |
142 | extern void cupsdAuthorize(cupsd_client_t *con); | |
143 | extern int cupsdCheckAuth(unsigned ip[4], char *name, int namelen, | |
144 | int num_masks, cupsd_authmask_t *masks); | |
145 | extern int cupsdCheckGroup(const char *username, | |
146 | struct passwd *user, | |
147 | const char *groupname); | |
148 | extern cupsd_location_t *cupsdCopyLocation(cupsd_location_t **loc); | |
149 | extern void cupsdDeleteAllLocations(void); | |
150 | extern void cupsdDeleteLocation(cupsd_location_t *loc); | |
151 | extern void cupsdDenyHost(cupsd_location_t *loc, char *name); | |
152 | extern void cupsdDenyIP(cupsd_location_t *loc, unsigned address[4], | |
153 | unsigned netmask[4]); | |
154 | extern cupsd_location_t *cupsdFindBest(const char *path, http_state_t state); | |
155 | extern cupsd_location_t *cupsdFindLocation(const char *location); | |
156 | extern char *cupsdGetMD5Passwd(const char *username, const char *group, | |
157 | char passwd[33]); | |
158 | extern http_status_t cupsdIsAuthorized(cupsd_client_t *con, const char *owner); | |
159 | ||
160 | ||
161 | /* | |
162 | * End of "$Id: auth.h 4812 2005-10-25 18:23:10Z mike $". | |
163 | */ |