]>
Commit | Line | Data |
---|---|---|
ef416fc2 | 1 | /* |
f7faf1f5 | 2 | * "$Id: auth.h 5305 2006-03-18 03:05:12Z mike $" |
ef416fc2 | 3 | * |
4 | * Authorization definitions for the Common UNIX Printing System (CUPS) | |
5 | * scheduler. | |
6 | * | |
bd7854cb | 7 | * Copyright 1997-2006 by Easy Software Products, all rights reserved. |
ef416fc2 | 8 | * |
9 | * These coded instructions, statements, and computer programs are the | |
10 | * property of Easy Software Products and are protected by Federal | |
11 | * copyright law. Distribution and use rights are outlined in the file | |
12 | * "LICENSE.txt" which should have been included with this file. If this | |
13 | * file is missing or damaged please contact Easy Software Products | |
14 | * at: | |
15 | * | |
16 | * Attn: CUPS Licensing Information | |
17 | * Easy Software Products | |
18 | * 44141 Airport View Drive, Suite 204 | |
19 | * Hollywood, Maryland 20636 USA | |
20 | * | |
21 | * Voice: (301) 373-9600 | |
22 | * EMail: cups-info@cups.org | |
23 | * WWW: http://www.cups.org | |
24 | */ | |
25 | ||
26 | /* | |
27 | * Include necessary headers... | |
28 | */ | |
29 | ||
30 | #include <pwd.h> | |
31 | ||
32 | ||
33 | /* | |
34 | * HTTP authorization types and levels... | |
35 | */ | |
36 | ||
37 | #define AUTH_NONE 0 /* No authentication */ | |
38 | #define AUTH_BASIC 1 /* Basic authentication */ | |
39 | #define AUTH_DIGEST 2 /* Digest authentication */ | |
40 | #define AUTH_BASICDIGEST 3 /* Basic authentication w/passwd.md5 */ | |
41 | ||
42 | #define AUTH_ANON 0 /* Anonymous access */ | |
43 | #define AUTH_USER 1 /* Must have a valid username/password */ | |
44 | #define AUTH_GROUP 2 /* Must also be in a named group */ | |
45 | ||
46 | #define AUTH_ALLOW 0 /* Allow access */ | |
47 | #define AUTH_DENY 1 /* Deny access */ | |
48 | ||
49 | #define AUTH_NAME 0 /* Authorize host by name */ | |
50 | #define AUTH_IP 1 /* Authorize host by IP */ | |
51 | #define AUTH_INTERFACE 2 /* Authorize host by interface */ | |
52 | ||
53 | #define AUTH_SATISFY_ALL 0 /* Satisfy both address and auth */ | |
54 | #define AUTH_SATISFY_ANY 1 /* Satisfy either address or auth */ | |
55 | ||
56 | #define AUTH_LIMIT_DELETE 1 /* Limit DELETE requests */ | |
57 | #define AUTH_LIMIT_GET 2 /* Limit GET requests */ | |
58 | #define AUTH_LIMIT_HEAD 4 /* Limit HEAD requests */ | |
59 | #define AUTH_LIMIT_OPTIONS 8 /* Limit OPTIONS requests */ | |
60 | #define AUTH_LIMIT_POST 16 /* Limit POST requests */ | |
61 | #define AUTH_LIMIT_PUT 32 /* Limit PUT requests */ | |
62 | #define AUTH_LIMIT_TRACE 64 /* Limit TRACE requests */ | |
63 | #define AUTH_LIMIT_ALL 127 /* Limit all requests */ | |
64 | #define AUTH_LIMIT_IPP 128 /* Limit IPP requests */ | |
65 | ||
66 | #define IPP_ANY_OPERATION (ipp_op_t)0 | |
67 | /* Any IPP operation */ | |
68 | #define IPP_BAD_OPERATION (ipp_op_t)-1 | |
69 | /* No IPP operation */ | |
70 | ||
71 | ||
72 | /* | |
73 | * HTTP access control structures... | |
74 | */ | |
75 | ||
76 | typedef struct | |
77 | { | |
78 | unsigned address[4], /* IP address */ | |
79 | netmask[4]; /* IP netmask */ | |
80 | } cupsd_ipmask_t; | |
81 | ||
82 | typedef struct | |
83 | { | |
84 | int length; /* Length of name */ | |
85 | char *name; /* Name string */ | |
86 | } cupsd_namemask_t; | |
87 | ||
88 | typedef struct | |
89 | { | |
90 | int type; /* Mask type */ | |
91 | union | |
92 | { | |
93 | cupsd_namemask_t name; /* Host/Domain name */ | |
94 | cupsd_ipmask_t ip; /* IP address/network */ | |
95 | } mask; /* Mask data */ | |
96 | } cupsd_authmask_t; | |
97 | ||
98 | typedef struct | |
99 | { | |
bd7854cb | 100 | char *location; /* Location of resource */ |
ef416fc2 | 101 | ipp_op_t op; /* IPP operation */ |
102 | int limit, /* Limit for these types of requests */ | |
103 | length, /* Length of location string */ | |
104 | order_type, /* Allow or Deny */ | |
105 | type, /* Type of authentication */ | |
106 | level, /* Access level required */ | |
107 | satisfy; /* Satisfy any or all limits? */ | |
108 | int num_names; /* Number of names */ | |
109 | char **names; /* User or group names */ | |
110 | int num_allow; /* Number of Allow lines */ | |
111 | cupsd_authmask_t *allow; /* Allow lines */ | |
112 | int num_deny; /* Number of Deny lines */ | |
113 | cupsd_authmask_t *deny; /* Deny lines */ | |
114 | http_encryption_t encryption; /* To encrypt or not to encrypt... */ | |
115 | } cupsd_location_t; | |
116 | ||
117 | typedef struct cupsd_client_s cupsd_client_t; | |
118 | ||
119 | ||
120 | /* | |
121 | * Globals... | |
122 | */ | |
123 | ||
bd7854cb | 124 | VAR cups_array_t *Locations VALUE(NULL); |
ef416fc2 | 125 | /* Authorization locations */ |
126 | VAR int DefaultAuthType VALUE(AUTH_BASIC); | |
127 | /* Default AuthType, if not specified */ | |
4744bd90 | 128 | #ifdef HAVE_SSL |
129 | VAR http_encryption_t DefaultEncryption VALUE(HTTP_ENCRYPT_REQUIRED); | |
130 | /* Default encryption for authentication */ | |
131 | #endif /* HAVE_SSL */ | |
ef416fc2 | 132 | |
133 | ||
134 | /* | |
135 | * Prototypes... | |
136 | */ | |
137 | ||
138 | extern cupsd_location_t *cupsdAddLocation(const char *location); | |
139 | extern void cupsdAddName(cupsd_location_t *loc, char *name); | |
140 | extern void cupsdAllowHost(cupsd_location_t *loc, char *name); | |
141 | extern void cupsdAllowIP(cupsd_location_t *loc, unsigned address[4], | |
142 | unsigned netmask[4]); | |
143 | extern void cupsdAuthorize(cupsd_client_t *con); | |
144 | extern int cupsdCheckAuth(unsigned ip[4], char *name, int namelen, | |
145 | int num_masks, cupsd_authmask_t *masks); | |
146 | extern int cupsdCheckGroup(const char *username, | |
147 | struct passwd *user, | |
148 | const char *groupname); | |
149 | extern cupsd_location_t *cupsdCopyLocation(cupsd_location_t **loc); | |
150 | extern void cupsdDeleteAllLocations(void); | |
151 | extern void cupsdDeleteLocation(cupsd_location_t *loc); | |
152 | extern void cupsdDenyHost(cupsd_location_t *loc, char *name); | |
153 | extern void cupsdDenyIP(cupsd_location_t *loc, unsigned address[4], | |
154 | unsigned netmask[4]); | |
155 | extern cupsd_location_t *cupsdFindBest(const char *path, http_state_t state); | |
156 | extern cupsd_location_t *cupsdFindLocation(const char *location); | |
ef416fc2 | 157 | extern http_status_t cupsdIsAuthorized(cupsd_client_t *con, const char *owner); |
158 | ||
159 | ||
160 | /* | |
f7faf1f5 | 161 | * End of "$Id: auth.h 5305 2006-03-18 03:05:12Z mike $". |
ef416fc2 | 162 | */ |