]> git.ipfire.org Git - thirdparty/cups.git/blob - cups/http-private.h
projects / thirdparty / cups.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Migrate Windows conditional code to _WIN32 define.
[thirdparty/cups.git] / cups / http-private.h
1 /*
2 * Private HTTP definitions for CUPS.
3 *
4 * Copyright 2007-2018 by Apple Inc.
5 * Copyright 1997-2007 by Easy Software Products, all rights reserved.
6 *
7 * Licensed under Apache License v2.0. See the file "LICENSE" for more
8 * information.
9 */
10
11 #ifndef _CUPS_HTTP_PRIVATE_H_
12 # define _CUPS_HTTP_PRIVATE_H_
13
14 /*
15 * Include necessary headers...
16 */
17
18 # include "config.h"
19 # include <cups/language.h>
20 # include <stddef.h>
21 # include <stdlib.h>
22
23 # ifdef __sun
24 # include <sys/select.h>
25 # endif /* __sun */
26
27 # include <limits.h>
28 # ifdef _WIN32
29 # include <io.h>
30 # include <winsock2.h>
31 # define CUPS_SOCAST (const char *)
32 # else
33 # include <unistd.h>
34 # include <fcntl.h>
35 # include <sys/socket.h>
36 # define CUPS_SOCAST
37 # endif /* _WIN32 */
38
39 # ifdef HAVE_GSSAPI
40 # ifdef HAVE_GSS_GSSAPI_H
41 # include <GSS/gssapi.h>
42 # elif defined(HAVE_GSSAPI_GSSAPI_H)
43 # include <gssapi/gssapi.h>
44 # elif defined(HAVE_GSSAPI_H)
45 # include <gssapi.h>
46 # endif /* HAVE_GSS_GSSAPI_H */
47 # ifndef HAVE_GSS_C_NT_HOSTBASED_SERVICE
48 # define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name
49 # endif /* !HAVE_GSS_C_NT_HOSTBASED_SERVICE */
50 # endif /* HAVE_GSSAPI */
51
52 # ifdef HAVE_AUTHORIZATION_H
53 # include <Security/Authorization.h>
54 # endif /* HAVE_AUTHORIZATION_H */
55
56 # if defined(__APPLE__) && !defined(_SOCKLEN_T)
57 /*
58 * macOS 10.2.x does not define socklen_t, and in fact uses an int instead of
59 * unsigned type for length values...
60 */
61
62 typedef int socklen_t;
63 # endif /* __APPLE__ && !_SOCKLEN_T */
64
65 # include <cups/http.h>
66 # include "ipp-private.h"
67
68 # ifdef HAVE_GNUTLS
69 # include <gnutls/gnutls.h>
70 # include <gnutls/x509.h>
71 # elif defined(HAVE_CDSASSL)
72 # include <CoreFoundation/CoreFoundation.h>
73 # include <Security/Security.h>
74 # include <Security/SecureTransport.h>
75 # ifdef HAVE_SECITEM_H
76 # include <Security/SecItem.h>
77 # endif /* HAVE_SECITEM_H */
78 # ifdef HAVE_SECCERTIFICATE_H
79 # include <Security/SecCertificate.h>
80 # include <Security/SecIdentity.h>
81 # endif /* HAVE_SECCERTIFICATE_H */
82 # elif defined(HAVE_SSPISSL)
83 # include <wincrypt.h>
84 # include <wintrust.h>
85 # include <schannel.h>
86 # define SECURITY_WIN32
87 # include <security.h>
88 # include <sspi.h>
89 # endif /* HAVE_GNUTLS */
90
91 # ifndef _WIN32
92 # include <net/if.h>
93 # include <resolv.h>
94 # ifdef HAVE_GETIFADDRS
95 # include <ifaddrs.h>
96 # else
97 # include <sys/ioctl.h>
98 # ifdef HAVE_SYS_SOCKIO_H
99 # include <sys/sockio.h>
100 # endif /* HAVE_SYS_SOCKIO_H */
101 # endif /* HAVE_GETIFADDRS */
102 # endif /* !_WIN32 */
103
104 # ifdef HAVE_LIBZ
105 # include <zlib.h>
106 # endif /* HAVE_LIBZ */
107
108
109 /*
110 * C++ magic...
111 */
112
113 # ifdef __cplusplus
114 extern "C" {
115 # endif /* __cplusplus */
116
117
118 /*
119 * Constants...
120 */
121
122 # define _HTTP_MAX_SBUFFER 65536 /* Size of (de)compression buffer */
123 # define _HTTP_RESOLVE_DEFAULT 0 /* Just resolve with default options */
124 # define _HTTP_RESOLVE_STDERR 1 /* Log resolve progress to stderr */
125 # define _HTTP_RESOLVE_FQDN 2 /* Resolve to a FQDN */
126 # define _HTTP_RESOLVE_FAXOUT 4 /* Resolve FaxOut service? */
127
128 # define _HTTP_TLS_NONE 0 /* No TLS options */
129 # define _HTTP_TLS_ALLOW_RC4 1 /* Allow RC4 cipher suites */
130 # define _HTTP_TLS_ALLOW_DH 2 /* Allow DH/DHE key negotiation */
131 # define _HTTP_TLS_DENY_CBC 4 /* Deny CBC cipher suites */
132 # define _HTTP_TLS_SET_DEFAULT 128 /* Setting the default TLS options */
133
134 # define _HTTP_TLS_SSL3 0 /* Min/max version is SSL/3.0 */
135 # define _HTTP_TLS_1_0 1 /* Min/max version is TLS/1.0 */
136 # define _HTTP_TLS_1_1 2 /* Min/max version is TLS/1.1 */
137 # define _HTTP_TLS_1_2 3 /* Min/max version is TLS/1.2 */
138 # define _HTTP_TLS_1_3 4 /* Min/max version is TLS/1.3 */
139 # define _HTTP_TLS_MAX 5 /* Highest known TLS version */
140
141
142 /*
143 * Types and functions for SSL support...
144 */
145
146 # ifdef HAVE_GNUTLS
147 /*
148 * The GNU TLS library is more of a "bare metal" SSL/TLS library...
149 */
150
151 typedef gnutls_session_t http_tls_t;
152 typedef gnutls_certificate_credentials_t *http_tls_credentials_t;
153
154 # elif defined(HAVE_CDSASSL)
155 /*
156 * Darwin's Security framework provides its own SSL/TLS context structure
157 * for its IO and protocol management...
158 */
159
160 # if !defined(HAVE_SECBASEPRIV_H) && defined(HAVE_CSSMERRORSTRING) /* Declare prototype for function in that header... */
161 extern const char *cssmErrorString(int error);
162 # endif /* !HAVE_SECBASEPRIV_H && HAVE_CSSMERRORSTRING */
163 # if !defined(HAVE_SECIDENTITYSEARCHPRIV_H) && defined(HAVE_SECIDENTITYSEARCHCREATEWITHPOLICY) /* Declare prototype for function in that header... */
164 extern OSStatus SecIdentitySearchCreateWithPolicy(SecPolicyRef policy,
165 CFStringRef idString, CSSM_KEYUSE keyUsage,
166 CFTypeRef keychainOrArray,
167 Boolean returnOnlyValidIdentities,
168 SecIdentitySearchRef* searchRef);
169 # endif /* !HAVE_SECIDENTITYSEARCHPRIV_H && HAVE_SECIDENTITYSEARCHCREATEWITHPOLICY */
170 # if !defined(HAVE_SECPOLICYPRIV_H) && defined(HAVE_SECPOLICYSETVALUE) /* Declare prototype for function in that header... */
171 extern OSStatus SecPolicySetValue(SecPolicyRef policyRef,
172 const CSSM_DATA *value);
173 # endif /* !HAVE_SECPOLICYPRIV_H && HAVE_SECPOLICYSETVALUE */
174
175 typedef SSLContextRef http_tls_t;
176 typedef CFArrayRef http_tls_credentials_t;
177
178 # elif defined(HAVE_SSPISSL)
179 /*
180 * Windows' SSPI library gets a CUPS wrapper...
181 */
182
183 typedef struct _http_sspi_s /**** SSPI/SSL data structure ****/
184 {
185 CredHandle creds; /* Credentials */
186 CtxtHandle context; /* SSL context */
187 BOOL contextInitialized; /* Is context init'd? */
188 SecPkgContext_StreamSizes streamSizes;/* SSL data stream sizes */
189 BYTE *decryptBuffer; /* Data pre-decryption*/
190 size_t decryptBufferLength; /* Length of decrypt buffer */
191 size_t decryptBufferUsed; /* Bytes used in buffer */
192 BYTE *readBuffer; /* Data post-decryption */
193 int readBufferLength; /* Length of read buffer */
194 int readBufferUsed; /* Bytes used in buffer */
195 BYTE *writeBuffer; /* Data pre-encryption */
196 int writeBufferLength; /* Length of write buffer */
197 PCCERT_CONTEXT localCert, /* Local certificate */
198 remoteCert; /* Remote (peer's) certificate */
199 char error[256]; /* Most recent error message */
200 } _http_sspi_t;
201 typedef _http_sspi_t *http_tls_t;
202 typedef PCCERT_CONTEXT http_tls_credentials_t;
203
204 # else
205 /*
206 * Otherwise define stub types since we have no SSL support...
207 */
208
209 typedef void *http_tls_t;
210 typedef void *http_tls_credentials_t;
211 # endif /* HAVE_GNUTLS */
212
213 typedef enum _http_coding_e /**** HTTP content coding enumeration ****/
214 {
215 _HTTP_CODING_IDENTITY, /* No content coding */
216 _HTTP_CODING_GZIP, /* LZ77+gzip decompression */
217 _HTTP_CODING_DEFLATE, /* LZ77+zlib compression */
218 _HTTP_CODING_GUNZIP, /* LZ77+gzip decompression */
219 _HTTP_CODING_INFLATE /* LZ77+zlib decompression */
220 } _http_coding_t;
221
222 typedef enum _http_mode_e /**** HTTP mode enumeration ****/
223 {
224 _HTTP_MODE_CLIENT, /* Client connected to server */
225 _HTTP_MODE_SERVER /* Server connected (accepted) from client */
226 } _http_mode_t;
227
228 # ifndef _HTTP_NO_PRIVATE
229 struct _http_s /**** HTTP connection structure ****/
230 {
231 int fd; /* File descriptor for this socket */
232 int blocking; /* To block or not to block */
233 int error; /* Last error on read */
234 time_t activity; /* Time since last read/write */
235 http_state_t state; /* State of client */
236 http_status_t status; /* Status of last request */
237 http_version_t version; /* Protocol version */
238 http_keepalive_t keep_alive; /* Keep-alive supported? */
239 struct sockaddr_in _hostaddr; /* Address of connected host (deprecated) */
240 char hostname[HTTP_MAX_HOST],
241 /* Name of connected host */
242 _fields[HTTP_FIELD_ACCEPT_ENCODING][HTTP_MAX_VALUE];
243 /* Field values up to Accept-Encoding (deprecated) */
244 char *data; /* Pointer to data buffer */
245 http_encoding_t data_encoding; /* Chunked or not */
246 int _data_remaining;/* Number of bytes left (deprecated) */
247 int used; /* Number of bytes used in buffer */
248 char buffer[HTTP_MAX_BUFFER];
249 /* Buffer for incoming data */
250 int _auth_type; /* Authentication in use (deprecated) */
251 unsigned char _md5_state[88]; /* MD5 state (deprecated) */
252 char nonce[HTTP_MAX_VALUE];
253 /* Nonce value */
254 unsigned nonce_count; /* Nonce count */
255 http_tls_t tls; /* TLS state information */
256 http_encryption_t encryption; /* Encryption requirements */
257
258 /**** New in CUPS 1.1.19 ****/
259 fd_set *input_set; /* select() set for httpWait() (deprecated) */
260 http_status_t expect; /* Expect: header */
261 char *cookie; /* Cookie value(s) */
262
263 /**** New in CUPS 1.1.20 ****/
264 char _authstring[HTTP_MAX_VALUE],
265 /* Current Authorization value (deprecated) */
266 userpass[HTTP_MAX_VALUE];
267 /* Username:password string */
268 int digest_tries; /* Number of tries for digest auth */
269
270 /**** New in CUPS 1.2 ****/
271 off_t data_remaining; /* Number of bytes left */
272 http_addr_t *hostaddr; /* Current host address and port */
273 http_addrlist_t *addrlist; /* List of valid addresses */
274 char wbuffer[HTTP_MAX_BUFFER];
275 /* Buffer for outgoing data */
276 int wused; /* Write buffer bytes used */
277
278 /**** New in CUPS 1.3 ****/
279 char *authstring; /* Current Authorization field */
280 # ifdef HAVE_GSSAPI
281 gss_OID gssmech; /* Authentication mechanism */
282 gss_ctx_id_t gssctx; /* Authentication context */
283 gss_name_t gssname; /* Authentication server name */
284 # endif /* HAVE_GSSAPI */
285 # ifdef HAVE_AUTHORIZATION_H
286 AuthorizationRef auth_ref; /* Authorization ref */
287 # endif /* HAVE_AUTHORIZATION_H */
288
289 /**** New in CUPS 1.5 ****/
290 http_tls_credentials_t tls_credentials;
291 /* TLS credentials */
292 http_timeout_cb_t timeout_cb; /* Timeout callback */
293 void *timeout_data; /* User data pointer */
294 double timeout_value; /* Timeout in seconds */
295 int wait_value; /* httpWait value for timeout */
296 # ifdef HAVE_GSSAPI
297 char gsshost[256]; /* Hostname for Kerberos */
298 # endif /* HAVE_GSSAPI */
299
300 /**** New in CUPS 1.7 ****/
301 int tls_upgrade; /* Non-zero if we are doing an upgrade */
302 _http_mode_t mode; /* _HTTP_MODE_CLIENT or _HTTP_MODE_SERVER */
303 # ifdef HAVE_LIBZ
304 _http_coding_t coding; /* _HTTP_CODING_xxx */
305 z_stream stream; /* (De)compression stream */
306 Bytef *sbuffer; /* (De)compression buffer */
307 # endif /* HAVE_LIBZ */
308
309 /**** New in CUPS 2.2.9 ****/
310 char algorithm[65], /* Algorithm from WWW-Authenticate */
311 nextnonce[HTTP_MAX_VALUE],
312 /* Next nonce value from Authentication-Info */
313 opaque[HTTP_MAX_VALUE],
314 /* Opaque value from WWW-Authenticate */
315 realm[HTTP_MAX_VALUE];
316 /* Realm from WWW-Authenticate */
317
318 /**** New in CUPS 2.3 ****/
319 char *fields[HTTP_FIELD_MAX],
320 /* Allocated field values */
321 *default_fields[HTTP_FIELD_MAX];
322 /* Default field values, if any */
323 };
324 # endif /* !_HTTP_NO_PRIVATE */
325
326
327 /*
328 * Some OS's don't have hstrerror(), most notably Solaris...
329 */
330
331 # ifndef HAVE_HSTRERROR
332 extern const char *_cups_hstrerror(int error);
333 # define hstrerror _cups_hstrerror
334 # endif /* !HAVE_HSTRERROR */
335
336
337 /*
338 * Some OS's don't have getifaddrs() and freeifaddrs()...
339 */
340
341 # if !defined(_WIN32) && !defined(HAVE_GETIFADDRS)
342 # ifdef ifa_dstaddr
343 # undef ifa_dstaddr
344 # endif /* ifa_dstaddr */
345 # ifndef ifr_netmask
346 # define ifr_netmask ifr_addr
347 # endif /* !ifr_netmask */
348
349 struct ifaddrs /**** Interface Structure ****/
350 {
351 struct ifaddrs *ifa_next; /* Next interface in list */
352 char *ifa_name; /* Name of interface */
353 unsigned int ifa_flags; /* Flags (up, point-to-point, etc.) */
354 struct sockaddr *ifa_addr, /* Network address */
355 *ifa_netmask; /* Address mask */
356 union
357 {
358 struct sockaddr *ifu_broadaddr; /* Broadcast address of this interface. */
359 struct sockaddr *ifu_dstaddr; /* Point-to-point destination address. */
360 } ifa_ifu;
361
362 void *ifa_data; /* Interface statistics */
363 };
364
365 # ifndef ifa_broadaddr
366 # define ifa_broadaddr ifa_ifu.ifu_broadaddr
367 # endif /* !ifa_broadaddr */
368 # ifndef ifa_dstaddr
369 # define ifa_dstaddr ifa_ifu.ifu_dstaddr
370 # endif /* !ifa_dstaddr */
371
372 extern int _cups_getifaddrs(struct ifaddrs **addrs);
373 # define getifaddrs _cups_getifaddrs
374 extern void _cups_freeifaddrs(struct ifaddrs *addrs);
375 # define freeifaddrs _cups_freeifaddrs
376 # endif /* !_WIN32 && !HAVE_GETIFADDRS */
377
378
379 /*
380 * Prototypes...
381 */
382
383 extern void _httpAddrSetPort(http_addr_t *addr, int port);
384 extern http_tls_credentials_t
385 _httpCreateCredentials(cups_array_t *credentials);
386 extern char *_httpDecodeURI(char *dst, const char *src,
387 size_t dstsize);
388 extern void _httpDisconnect(http_t *http);
389 extern char *_httpEncodeURI(char *dst, const char *src,
390 size_t dstsize);
391 extern void _httpFreeCredentials(http_tls_credentials_t credentials);
392 extern const char *_httpResolveURI(const char *uri, char *resolved_uri,
393 size_t resolved_size, int options,
394 int (*cb)(void *context),
395 void *context);
396 extern int _httpSetDigestAuthString(http_t *http, const char *nonce, const char *method, const char *resource);
397 extern const char *_httpStatus(cups_lang_t *lang, http_status_t status);
398 extern void _httpTLSInitialize(void);
399 extern size_t _httpTLSPending(http_t *http);
400 extern int _httpTLSRead(http_t *http, char *buf, int len);
401 extern int _httpTLSSetCredentials(http_t *http);
402 extern void _httpTLSSetOptions(int options, int min_version, int max_version);
403 extern int _httpTLSStart(http_t *http);
404 extern void _httpTLSStop(http_t *http);
405 extern int _httpTLSWrite(http_t *http, const char *buf, int len);
406 extern int _httpUpdate(http_t *http, http_status_t *status);
407 extern int _httpWait(http_t *http, int msec, int usessl);
408
409
410 /*
411 * C++ magic...
412 */
413
414 # ifdef __cplusplus
415 }
416 # endif /* __cplusplus */
417
418 #endif /* !_CUPS_HTTP_PRIVATE_H_ */
Unnamed repository; edit this file 'description' to name the repository.