4 * Private HTTP definitions for CUPS.
6 * Copyright 2007-2013 by Apple Inc.
7 * Copyright 1997-2007 by Easy Software Products, all rights reserved.
9 * These coded instructions, statements, and computer programs are the
10 * property of Apple Inc. and are protected by Federal copyright
11 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 * which should have been included with this file. If this file is
13 * file is missing or damaged, see the license at "http://www.cups.org/".
15 * This file is subject to the Apple OS-Developed Software exception.
18 #ifndef _CUPS_HTTP_PRIVATE_H_
19 # define _CUPS_HTTP_PRIVATE_H_
22 * Include necessary headers...
26 # include <cups/language.h>
31 # include <sys/select.h>
37 # include <winsock2.h>
38 # define CUPS_SOCAST (const char *)
42 # include <sys/socket.h>
43 # define closesocket(f) close(f)
48 # ifdef HAVE_GSS_GSSAPI_H
49 # include <GSS/gssapi.h>
50 # elif defined(HAVE_GSSAPI_GSSAPI_H)
51 # include <gssapi/gssapi.h>
52 # elif defined(HAVE_GSSAPI_H)
54 # endif /* HAVE_GSS_GSSAPI_H */
55 # ifndef HAVE_GSS_C_NT_HOSTBASED_SERVICE
56 # define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name
57 # endif /* !HAVE_GSS_C_NT_HOSTBASED_SERVICE */
58 # endif /* HAVE_GSSAPI */
60 # ifdef HAVE_AUTHORIZATION_H
61 # include <Security/Authorization.h>
62 # endif /* HAVE_AUTHORIZATION_H */
64 # if defined(__APPLE__) && !defined(_SOCKLEN_T)
66 * MacOS X 10.2.x does not define socklen_t, and in fact uses an int instead of
67 * unsigned type for length values...
70 typedef int socklen_t
;
71 # endif /* __APPLE__ && !_SOCKLEN_T */
73 # include <cups/http.h>
74 # include "md5-private.h"
75 # include "ipp-private.h"
77 # if defined HAVE_LIBSSL
78 # include <openssl/err.h>
79 # include <openssl/rand.h>
80 # include <openssl/ssl.h>
81 # elif defined HAVE_GNUTLS
82 # include <gnutls/gnutls.h>
83 # include <gnutls/x509.h>
85 # elif defined(HAVE_CDSASSL)
86 # include <CoreFoundation/CoreFoundation.h>
87 # include <Security/Security.h>
88 # include <Security/SecureTransport.h>
89 # ifdef HAVE_SECURETRANSPORTPRIV_H
90 # include <Security/SecureTransportPriv.h>
91 # endif /* HAVE_SECURETRANSPORTPRIV_H */
92 # ifdef HAVE_SECITEM_H
93 # include <Security/SecItem.h>
94 # endif /* HAVE_SECITEM_H */
95 # ifdef HAVE_SECBASEPRIV_H
96 # include <Security/SecBasePriv.h>
97 # endif /* HAVE_SECBASEPRIV_H */
98 # ifdef HAVE_SECCERTIFICATE_H
99 # include <Security/SecCertificate.h>
100 # include <Security/SecIdentity.h>
101 # endif /* HAVE_SECCERTIFICATE_H */
102 # ifdef HAVE_SECITEMPRIV_H
103 # include <Security/SecItemPriv.h>
104 # endif /* HAVE_SECITEMPRIV_H */
105 # ifdef HAVE_SECIDENTITYSEARCHPRIV_H
106 # include <Security/SecIdentitySearchPriv.h>
107 # endif /* HAVE_SECIDENTITYSEARCHPRIV_H */
108 # ifdef HAVE_SECPOLICYPRIV_H
109 # include <Security/SecPolicyPriv.h>
110 # endif /* HAVE_SECPOLICYPRIV_H */
111 # elif defined(HAVE_SSPISSL)
112 # include "sspi-private.h"
113 # endif /* HAVE_LIBSSL */
117 # ifdef HAVE_GETIFADDRS
118 # include <ifaddrs.h>
120 # include <sys/ioctl.h>
121 # ifdef HAVE_SYS_SOCKIO_H
122 # include <sys/sockio.h>
123 # endif /* HAVE_SYS_SOCKIO_H */
124 # endif /* HAVE_GETIFADDRS */
129 # endif /* HAVE_LIBZ */
138 # endif /* __cplusplus */
146 #define _HTTP_RESOLVE_DEFAULT 0 /* Just resolve with default options */
147 #define _HTTP_RESOLVE_STDERR 1 /* Log resolve progress to stderr */
148 #define _HTTP_RESOLVE_FQDN 2 /* Resolve to a FQDN */
149 #define _HTTP_RESOLVE_FAXOUT 4 /* Resolve FaxOut service? */
153 * Types and functions for SSL support...
156 # if defined HAVE_LIBSSL
158 * The OpenSSL library provides its own SSL/TLS context structure for its
159 * IO and protocol management. However, we need to provide our own BIO
160 * (basic IO) implementation to do timeouts...
163 typedef SSL
*http_tls_t
;
164 typedef void *http_tls_credentials_t
;
166 extern BIO_METHOD
*_httpBIOMethods(void);
168 # elif defined HAVE_GNUTLS
170 * The GNU TLS library is more of a "bare metal" SSL/TLS library...
173 typedef gnutls_session http_tls_t
;
174 typedef void *http_tls_credentials_t
;
176 extern ssize_t
_httpReadGNUTLS(gnutls_transport_ptr ptr
, void *data
,
178 extern ssize_t
_httpWriteGNUTLS(gnutls_transport_ptr ptr
, const void *data
,
181 # elif defined(HAVE_CDSASSL)
183 * Darwin's Security framework provides its own SSL/TLS context structure
184 * for its IO and protocol management...
187 # if !defined(HAVE_SECBASEPRIV_H) && defined(HAVE_CSSMERRORSTRING) /* Declare prototype for function in that header... */
188 extern const char *cssmErrorString(int error
);
189 # endif /* !HAVE_SECBASEPRIV_H && HAVE_CSSMERRORSTRING */
190 # ifndef HAVE_SECITEMPRIV_H /* Declare constants from that header... */
191 extern const CFTypeRef kSecClassCertificate
;
192 extern const CFTypeRef kSecClassIdentity
;
193 # endif /* !HAVE_SECITEMPRIV_H */
194 # if !defined(HAVE_SECIDENTITYSEARCHPRIV_H) && defined(HAVE_SECIDENTITYSEARCHCREATEWITHPOLICY) /* Declare prototype for function in that header... */
195 extern OSStatus
SecIdentitySearchCreateWithPolicy(SecPolicyRef policy
,
196 CFStringRef idString
, CSSM_KEYUSE keyUsage
,
197 CFTypeRef keychainOrArray
,
198 Boolean returnOnlyValidIdentities
,
199 SecIdentitySearchRef
* searchRef
);
200 # endif /* !HAVE_SECIDENTITYSEARCHPRIV_H && HAVE_SECIDENTITYSEARCHCREATEWITHPOLICY */
201 # if !defined(HAVE_SECPOLICYPRIV_H) && defined(HAVE_SECPOLICYSETVALUE) /* Declare prototype for function in that header... */
202 extern OSStatus
SecPolicySetValue(SecPolicyRef policyRef
,
203 const CSSM_DATA
*value
);
204 # endif /* !HAVE_SECPOLICYPRIV_H && HAVE_SECPOLICYSETVALUE */
206 typedef SSLContextRef http_tls_t
;
207 typedef CFArrayRef http_tls_credentials_t
;
209 extern OSStatus
_httpReadCDSA(SSLConnectionRef connection
, void *data
,
211 extern OSStatus
_httpWriteCDSA(SSLConnectionRef connection
, const void *data
,
214 # elif defined(HAVE_SSPISSL)
216 * Windows' SSPI library gets a CUPS wrapper...
219 typedef _sspi_struct_t
* http_tls_t
;
220 typedef void *http_tls_credentials_t
;
224 * Otherwise define stub types since we have no SSL support...
227 typedef void *http_tls_t
;
228 typedef void *http_tls_credentials_t
;
229 # endif /* HAVE_LIBSSL */
231 typedef enum _http_coding_e
/**** HTTP content coding enumeration ****/
233 _HTTP_CODING_IDENTITY
, /* No content coding */
234 _HTTP_CODING_GZIP
, /* LZ77+gzip decompression */
235 _HTTP_CODING_DEFLATE
, /* LZ77+zlib compression */
236 _HTTP_CODING_GUNZIP
, /* LZ77+gzip decompression */
237 _HTTP_CODING_INFLATE
/* LZ77+zlib decompression */
240 typedef enum _http_mode_e
/**** HTTP mode enumeration ****/
242 _HTTP_MODE_CLIENT
, /* Client connected to server */
243 _HTTP_MODE_SERVER
/* Server connected (accepted) from client */
246 # ifndef _HTTP_NO_PRIVATE
247 struct _http_s
/**** HTTP connection structure ****/
249 int fd
; /* File descriptor for this socket */
250 int blocking
; /* To block or not to block */
251 int error
; /* Last error on read */
252 time_t activity
; /* Time since last read/write */
253 http_state_t state
; /* State of client */
254 http_status_t status
; /* Status of last request */
255 http_version_t version
; /* Protocol version */
256 http_keepalive_t keep_alive
; /* Keep-alive supported? */
257 struct sockaddr_in _hostaddr
; /* Address of connected host (deprecated) */
258 char hostname
[HTTP_MAX_HOST
],
259 /* Name of connected host */
260 fields
[HTTP_FIELD_ACCEPT_ENCODING
][HTTP_MAX_VALUE
];
261 /* Field values up to Accept-Encoding */
262 char *data
; /* Pointer to data buffer */
263 http_encoding_t data_encoding
; /* Chunked or not */
264 int _data_remaining
;/* Number of bytes left (deprecated) */
265 int used
; /* Number of bytes used in buffer */
266 char buffer
[HTTP_MAX_BUFFER
];
267 /* Buffer for incoming data */
268 int _auth_type
; /* Authentication in use (deprecated) */
269 _cups_md5_state_t md5_state
; /* MD5 state */
270 char nonce
[HTTP_MAX_VALUE
];
272 int nonce_count
; /* Nonce count */
273 http_tls_t tls
; /* TLS state information */
274 http_encryption_t encryption
; /* Encryption requirements */
276 /**** New in CUPS 1.1.19 ****/
277 fd_set
*input_set
; /* select() set for httpWait() (deprecated) */
278 http_status_t expect
; /* Expect: header */
279 char *cookie
; /* Cookie value(s) */
281 /**** New in CUPS 1.1.20 ****/
282 char _authstring
[HTTP_MAX_VALUE
],
283 /* Current Authorization value (deprecated) */
284 userpass
[HTTP_MAX_VALUE
];
285 /* Username:password string */
286 int digest_tries
; /* Number of tries for digest auth */
288 /**** New in CUPS 1.2 ****/
289 off_t data_remaining
; /* Number of bytes left */
290 http_addr_t
*hostaddr
; /* Current host address and port */
291 http_addrlist_t
*addrlist
; /* List of valid addresses */
292 char wbuffer
[HTTP_MAX_BUFFER
];
293 /* Buffer for outgoing data */
294 int wused
; /* Write buffer bytes used */
296 /**** New in CUPS 1.3 ****/
297 char *field_authorization
;
298 /* Authorization field */
299 char *authstring
; /* Current Authorization field */
301 gss_OID gssmech
; /* Authentication mechanism */
302 gss_ctx_id_t gssctx
; /* Authentication context */
303 gss_name_t gssname
; /* Authentication server name */
304 # endif /* HAVE_GSSAPI */
305 # ifdef HAVE_AUTHORIZATION_H
306 AuthorizationRef auth_ref
; /* Authorization ref */
307 # endif /* HAVE_AUTHORIZATION_H */
309 /**** New in CUPS 1.5 ****/
310 http_tls_credentials_t tls_credentials
;
311 /* TLS credentials */
312 http_timeout_cb_t timeout_cb
; /* Timeout callback */
313 void *timeout_data
; /* User data pointer */
314 double timeout_value
; /* Timeout in seconds */
315 int wait_value
; /* httpWait value for timeout */
317 char gsshost
[256]; /* Hostname for Kerberos */
318 # endif /* HAVE_GSSAPI */
320 /**** New in CUPS 1.7 ****/
321 int tls_upgrade
; /* Non-zero if we are doing an upgrade */
322 _http_mode_t mode
; /* _HTTP_MODE_CLIENT or _HTTP_MODE_SERVER */
323 char *accept_encoding
,
324 /* Accept-Encoding field */
325 *allow
, /* Allow field */
326 *server
, /* Server field */
327 *default_accept_encoding
,
330 /* Default field values */
332 _http_coding_t coding
; /* _HTTP_CODING_xxx */
333 z_stream stream
; /* (De)compression stream */
334 Bytef
*dbuffer
; /* Decompression buffer */
335 # endif /* HAVE_LIBZ */
337 # endif /* !_HTTP_NO_PRIVATE */
341 * Some OS's don't have hstrerror(), most notably Solaris...
344 # ifndef HAVE_HSTRERROR
345 extern const char *_cups_hstrerror(int error
);
346 # define hstrerror _cups_hstrerror
347 # elif defined(_AIX) || defined(__osf__)
349 * AIX and Tru64 UNIX don't provide a prototype but do provide the function...
351 extern const char *hstrerror(int error
);
352 # endif /* !HAVE_HSTRERROR */
356 * Some OS's don't have getifaddrs() and freeifaddrs()...
359 # if !defined(WIN32) && !defined(HAVE_GETIFADDRS)
362 # endif /* ifa_dstaddr */
364 # define ifr_netmask ifr_addr
365 # endif /* !ifr_netmask */
367 struct ifaddrs
/**** Interface Structure ****/
369 struct ifaddrs
*ifa_next
; /* Next interface in list */
370 char *ifa_name
; /* Name of interface */
371 unsigned int ifa_flags
; /* Flags (up, point-to-point, etc.) */
372 struct sockaddr
*ifa_addr
, /* Network address */
373 *ifa_netmask
; /* Address mask */
376 struct sockaddr
*ifu_broadaddr
; /* Broadcast address of this interface. */
377 struct sockaddr
*ifu_dstaddr
; /* Point-to-point destination address. */
380 void *ifa_data
; /* Interface statistics */
383 # ifndef ifa_broadaddr
384 # define ifa_broadaddr ifa_ifu.ifu_broadaddr
385 # endif /* !ifa_broadaddr */
387 # define ifa_dstaddr ifa_ifu.ifu_dstaddr
388 # endif /* !ifa_dstaddr */
390 extern int _cups_getifaddrs(struct ifaddrs
**addrs
);
391 # define getifaddrs _cups_getifaddrs
392 extern void _cups_freeifaddrs(struct ifaddrs
*addrs
);
393 # define freeifaddrs _cups_freeifaddrs
394 # endif /* !WIN32 && !HAVE_GETIFADDRS */
401 extern int _httpAddrPort(http_addr_t
*addr
)
402 _CUPS_INTERNAL_MSG("Use httpAddrPort instead.");
403 extern void _httpAddrSetPort(http_addr_t
*addr
, int port
);
404 extern char *_httpAssembleUUID(const char *server
, int port
,
405 const char *name
, int number
,
406 char *buffer
, size_t bufsize
)
407 _CUPS_INTERNAL_MSG("Use httpAssembleUUID instead.");
408 extern http_t
*_httpCreate(const char *host
, int port
,
409 http_addrlist_t
*addrlist
,
410 http_encryption_t encryption
,
412 _CUPS_INTERNAL_MSG("Use httpConnect2 or httpAccept instead.");
413 extern http_tls_credentials_t
414 _httpCreateCredentials(cups_array_t
*credentials
);
415 extern char *_httpDecodeURI(char *dst
, const char *src
,
417 extern void _httpDisconnect(http_t
*http
);
418 extern char *_httpEncodeURI(char *dst
, const char *src
,
420 extern void _httpFreeCredentials(http_tls_credentials_t credentials
);
421 extern ssize_t
_httpPeek(http_t
*http
, char *buffer
, size_t length
)
422 _CUPS_INTERNAL_MSG("Use httpPeek instead.");
423 extern const char *_httpResolveURI(const char *uri
, char *resolved_uri
,
424 size_t resolved_size
, int options
,
425 int (*cb
)(void *context
),
427 extern const char *_httpStatus(cups_lang_t
*lang
, http_status_t status
);
428 extern int _httpUpdate(http_t
*http
, http_status_t
*status
);
429 extern int _httpWait(http_t
*http
, int msec
, int usessl
);
438 # endif /* __cplusplus */
440 #endif /* !_CUPS_HTTP_PRIVATE_H_ */