]> git.ipfire.org Git - thirdparty/cups.git/blob - cups/usersys.c
projects / thirdparty / cups.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Sync up with CUPS 1.7svn-r10893
[thirdparty/cups.git] / cups / usersys.c
1 /*
2 * "$Id: usersys.c 8498 2009-04-13 17:03:15Z mike $"
3 *
4 * User, system, and password routines for CUPS.
5 *
6 * Copyright 2007-2013 by Apple Inc.
7 * Copyright 1997-2006 by Easy Software Products.
8 *
9 * These coded instructions, statements, and computer programs are the
10 * property of Apple Inc. and are protected by Federal copyright
11 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 * which should have been included with this file. If this file is
13 * file is missing or damaged, see the license at "http://www.cups.org/".
14 *
15 * This file is subject to the Apple OS-Developed Software exception.
16 *
17 * Contents:
18 *
19 * cupsEncryption() - Get the current encryption settings.
20 * cupsGetPassword() - Get a password from the user.
21 * cupsGetPassword2() - Get a password from the user using the advanced
22 * password callback.
23 * cupsServer() - Return the hostname/address of the current
24 * server.
25 * cupsSetClientCertCB() - Set the client certificate callback.
26 * cupsSetCredentials() - Set the default credentials to be used for
27 * SSL/TLS connections.
28 * cupsSetEncryption() - Set the encryption preference.
29 * cupsSetPasswordCB() - Set the password callback for CUPS.
30 * cupsSetPasswordCB2() - Set the advanced password callback for CUPS.
31 * cupsSetServer() - Set the default server name and port.
32 * cupsSetServerCertCB() - Set the server certificate callback.
33 * cupsSetUser() - Set the default user name.
34 * cupsSetUserAgent() - Set the default HTTP User-Agent string.
35 * cupsUser() - Return the current user's name.
36 * cupsUserAgent() - Return the default HTTP User-Agent string.
37 * _cupsGetPassword() - Get a password from the user.
38 * _cupsGSSServiceName() - Get the GSS (Kerberos) service name.
39 * _cupsSetDefaults() - Set the default server, port, and encryption.
40 * cups_read_client_conf() - Read a client.conf file.
41 */
42
43 /*
44 * Include necessary headers...
45 */
46
47 #include "cups-private.h"
48 #include <stdlib.h>
49 #include <sys/stat.h>
50 #ifdef WIN32
51 # include <windows.h>
52 #else
53 # include <pwd.h>
54 # include <termios.h>
55 # include <sys/utsname.h>
56 #endif /* WIN32 */
57
58
59 /*
60 * Local constants...
61 */
62
63 #define _CUPS_PASSCHAR '*' /* Character that is echoed for password */
64
65
66 /*
67 * Local functions...
68 */
69
70 static void cups_read_client_conf(cups_file_t *fp,
71 _cups_globals_t *cg,
72 const char *cups_encryption,
73 const char *cups_server,
74 const char *cups_user,
75 #ifdef HAVE_GSSAPI
76 const char *cups_gssservicename,
77 #endif /* HAVE_GSSAPI */
78 const char *cups_anyroot,
79 const char *cups_expiredroot,
80 const char *cups_expiredcerts);
81
82
83 /*
84 * 'cupsEncryption()' - Get the current encryption settings.
85 *
86 * The default encryption setting comes from the CUPS_ENCRYPTION
87 * environment variable, then the ~/.cups/client.conf file, and finally the
88 * /etc/cups/client.conf file. If not set, the default is
89 * @code HTTP_ENCRYPTION_IF_REQUESTED@.
90 *
91 * Note: The current encryption setting is tracked separately for each thread
92 * in a program. Multi-threaded programs that override the setting via the
93 * @link cupsSetEncryption@ function need to do so in each thread for the same
94 * setting to be used.
95 */
96
97 http_encryption_t /* O - Encryption settings */
98 cupsEncryption(void)
99 {
100 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
101
102
103 if (cg->encryption == (http_encryption_t)-1)
104 _cupsSetDefaults();
105
106 return (cg->encryption);
107 }
108
109
110 /*
111 * 'cupsGetPassword()' - Get a password from the user.
112 *
113 * Uses the current password callback function. Returns @code NULL@ if the
114 * user does not provide a password.
115 *
116 * Note: The current password callback function is tracked separately for each
117 * thread in a program. Multi-threaded programs that override the setting via
118 * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to
119 * do so in each thread for the same function to be used.
120 */
121
122 const char * /* O - Password */
123 cupsGetPassword(const char *prompt) /* I - Prompt string */
124 {
125 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
126
127
128 return ((cg->password_cb)(prompt, NULL, NULL, NULL, cg->password_data));
129 }
130
131
132 /*
133 * 'cupsGetPassword2()' - Get a password from the user using the advanced
134 * password callback.
135 *
136 * Uses the current password callback function. Returns @code NULL@ if the
137 * user does not provide a password.
138 *
139 * Note: The current password callback function is tracked separately for each
140 * thread in a program. Multi-threaded programs that override the setting via
141 * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to
142 * do so in each thread for the same function to be used.
143 *
144 * @since CUPS 1.4/OS X 10.6@
145 */
146
147 const char * /* O - Password */
148 cupsGetPassword2(const char *prompt, /* I - Prompt string */
149 http_t *http, /* I - Connection to server or @code CUPS_HTTP_DEFAULT@ */
150 const char *method, /* I - Request method ("GET", "POST", "PUT") */
151 const char *resource) /* I - Resource path */
152 {
153 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
154
155
156 if (!http)
157 http = _cupsConnect();
158
159 return ((cg->password_cb)(prompt, http, method, resource, cg->password_data));
160 }
161
162
163 /*
164 * 'cupsServer()' - Return the hostname/address of the current server.
165 *
166 * The default server comes from the CUPS_SERVER environment variable, then the
167 * ~/.cups/client.conf file, and finally the /etc/cups/client.conf file. If not
168 * set, the default is the local system - either "localhost" or a domain socket
169 * path.
170 *
171 * The returned value can be a fully-qualified hostname, a numeric IPv4 or IPv6
172 * address, or a domain socket pathname.
173 *
174 * Note: The current server is tracked separately for each thread in a program.
175 * Multi-threaded programs that override the server via the
176 * @link cupsSetServer@ function need to do so in each thread for the same
177 * server to be used.
178 */
179
180 const char * /* O - Server name */
181 cupsServer(void)
182 {
183 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
184
185
186 if (!cg->server[0])
187 _cupsSetDefaults();
188
189 return (cg->server);
190 }
191
192
193 /*
194 * 'cupsSetClientCertCB()' - Set the client certificate callback.
195 *
196 * Pass @code NULL@ to restore the default callback.
197 *
198 * Note: The current certificate callback is tracked separately for each thread
199 * in a program. Multi-threaded programs that override the callback need to do
200 * so in each thread for the same callback to be used.
201 *
202 * @since CUPS 1.5/OS X 10.7@
203 */
204
205 void
206 cupsSetClientCertCB(
207 cups_client_cert_cb_t cb, /* I - Callback function */
208 void *user_data) /* I - User data pointer */
209 {
210 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
211
212
213 cg->client_cert_cb = cb;
214 cg->client_cert_data = user_data;
215 }
216
217
218 /*
219 * 'cupsSetCredentials()' - Set the default credentials to be used for SSL/TLS
220 * connections.
221 *
222 * Note: The default credentials are tracked separately for each thread in a
223 * program. Multi-threaded programs that override the setting need to do so in
224 * each thread for the same setting to be used.
225 *
226 * @since CUPS 1.5/OS X 10.7@
227 */
228
229 int /* O - Status of call (0 = success) */
230 cupsSetCredentials(
231 cups_array_t *credentials) /* I - Array of credentials */
232 {
233 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
234
235
236 if (cupsArrayCount(credentials) < 1)
237 return (-1);
238
239 _httpFreeCredentials(cg->tls_credentials);
240 cg->tls_credentials = _httpCreateCredentials(credentials);
241
242 return (cg->tls_credentials ? 0 : -1);
243 }
244
245
246 /*
247 * 'cupsSetEncryption()' - Set the encryption preference.
248 *
249 * The default encryption setting comes from the CUPS_ENCRYPTION
250 * environment variable, then the ~/.cups/client.conf file, and finally the
251 * /etc/cups/client.conf file. If not set, the default is
252 * @code HTTP_ENCRYPTION_IF_REQUESTED@.
253 *
254 * Note: The current encryption setting is tracked separately for each thread
255 * in a program. Multi-threaded programs that override the setting need to do
256 * so in each thread for the same setting to be used.
257 */
258
259 void
260 cupsSetEncryption(http_encryption_t e) /* I - New encryption preference */
261 {
262 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
263
264
265 cg->encryption = e;
266
267 if (cg->http)
268 httpEncryption(cg->http, e);
269 }
270
271
272 /*
273 * 'cupsSetPasswordCB()' - Set the password callback for CUPS.
274 *
275 * Pass @code NULL@ to restore the default (console) password callback, which
276 * reads the password from the console. Programs should call either this
277 * function or @link cupsSetPasswordCB2@, as only one callback can be registered
278 * by a program per thread.
279 *
280 * Note: The current password callback is tracked separately for each thread
281 * in a program. Multi-threaded programs that override the callback need to do
282 * so in each thread for the same callback to be used.
283 */
284
285 void
286 cupsSetPasswordCB(cups_password_cb_t cb)/* I - Callback function */
287 {
288 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
289
290
291 if (cb == (cups_password_cb_t)0)
292 cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
293 else
294 cg->password_cb = (cups_password_cb2_t)cb;
295
296 cg->password_data = NULL;
297 }
298
299
300 /*
301 * 'cupsSetPasswordCB2()' - Set the advanced password callback for CUPS.
302 *
303 * Pass @code NULL@ to restore the default (console) password callback, which
304 * reads the password from the console. Programs should call either this
305 * function or @link cupsSetPasswordCB2@, as only one callback can be registered
306 * by a program per thread.
307 *
308 * Note: The current password callback is tracked separately for each thread
309 * in a program. Multi-threaded programs that override the callback need to do
310 * so in each thread for the same callback to be used.
311 *
312 * @since CUPS 1.4/OS X 10.6@
313 */
314
315 void
316 cupsSetPasswordCB2(
317 cups_password_cb2_t cb, /* I - Callback function */
318 void *user_data) /* I - User data pointer */
319 {
320 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
321
322
323 if (cb == (cups_password_cb2_t)0)
324 cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
325 else
326 cg->password_cb = cb;
327
328 cg->password_data = user_data;
329 }
330
331
332 /*
333 * 'cupsSetServer()' - Set the default server name and port.
334 *
335 * The "server" string can be a fully-qualified hostname, a numeric
336 * IPv4 or IPv6 address, or a domain socket pathname. Hostnames and numeric IP
337 * addresses can be optionally followed by a colon and port number to override
338 * the default port 631, e.g. "hostname:8631". Pass @code NULL@ to restore the
339 * default server name and port.
340 *
341 * Note: The current server is tracked separately for each thread in a program.
342 * Multi-threaded programs that override the server need to do so in each
343 * thread for the same server to be used.
344 */
345
346 void
347 cupsSetServer(const char *server) /* I - Server name */
348 {
349 char *options, /* Options */
350 *port; /* Pointer to port */
351 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
352
353
354 if (server)
355 {
356 strlcpy(cg->server, server, sizeof(cg->server));
357
358 if (cg->server[0] != '/' && (options = strrchr(cg->server, '/')) != NULL)
359 {
360 *options++ = '\0';
361
362 if (!strcmp(options, "version=1.0"))
363 cg->server_version = 10;
364 else if (!strcmp(options, "version=1.1"))
365 cg->server_version = 11;
366 else if (!strcmp(options, "version=2.0"))
367 cg->server_version = 20;
368 else if (!strcmp(options, "version=2.1"))
369 cg->server_version = 21;
370 else if (!strcmp(options, "version=2.2"))
371 cg->server_version = 22;
372 }
373
374 if (cg->server[0] != '/' && (port = strrchr(cg->server, ':')) != NULL &&
375 !strchr(port, ']') && isdigit(port[1] & 255))
376 {
377 *port++ = '\0';
378
379 cg->ipp_port = atoi(port);
380 }
381
382 if (cg->server[0] == '/')
383 strlcpy(cg->servername, "localhost", sizeof(cg->servername));
384 else
385 strlcpy(cg->servername, cg->server, sizeof(cg->servername));
386 }
387 else
388 {
389 cg->server[0] = '\0';
390 cg->servername[0] = '\0';
391 cg->server_version = 20;
392 }
393
394 if (cg->http)
395 {
396 httpClose(cg->http);
397 cg->http = NULL;
398 }
399 }
400
401
402 /*
403 * 'cupsSetServerCertCB()' - Set the server certificate callback.
404 *
405 * Pass @code NULL@ to restore the default callback.
406 *
407 * Note: The current credentials callback is tracked separately for each thread
408 * in a program. Multi-threaded programs that override the callback need to do
409 * so in each thread for the same callback to be used.
410 *
411 * @since CUPS 1.5/OS X 10.7@
412 */
413
414 void
415 cupsSetServerCertCB(
416 cups_server_cert_cb_t cb, /* I - Callback function */
417 void *user_data) /* I - User data pointer */
418 {
419 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
420
421
422 cg->server_cert_cb = cb;
423 cg->server_cert_data = user_data;
424 }
425
426
427 /*
428 * 'cupsSetUser()' - Set the default user name.
429 *
430 * Pass @code NULL@ to restore the default user name.
431 *
432 * Note: The current user name is tracked separately for each thread in a
433 * program. Multi-threaded programs that override the user name need to do so
434 * in each thread for the same user name to be used.
435 */
436
437 void
438 cupsSetUser(const char *user) /* I - User name */
439 {
440 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
441
442
443 if (user)
444 strlcpy(cg->user, user, sizeof(cg->user));
445 else
446 cg->user[0] = '\0';
447 }
448
449
450 /*
451 * 'cupsSetUserAgent()' - Set the default HTTP User-Agent string.
452 *
453 * Setting the string to NULL forces the default value containing the CUPS
454 * version, IPP version, and operating system version and architecture.
455 *
456 * @since CUPS 1.7@
457 */
458
459 void
460 cupsSetUserAgent(const char *user_agent)/* I - User-Agent string or @code NULL@ */
461 {
462 _cups_globals_t *cg = _cupsGlobals();
463 /* Thread globals */
464 #ifdef WIN32
465 SYSTEM_INFO sysinfo; /* System information */
466 OSVERSIONINFO version; /* OS version info */
467 #else
468 struct utsname name; /* uname info */
469 #endif /* WIN32 */
470
471
472 if (user_agent)
473 {
474 strlcpy(cg->user_agent, user_agent, sizeof(cg->user_agent));
475 return;
476 }
477
478 #ifdef WIN32
479 version.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
480 GetVersionEx(&version);
481 GetNativeSystemInfo(&sysinfo);
482
483 snprintf(cg->user_agent, sizeof(cg->user_agent),
484 CUPS_MINIMAL " (Windows %d.%d; %s) IPP/2.0",
485 version.dwMajorVersion, version.dwMinorVersion,
486 sysinfo.wProcessorArchitecture
487 == PROCESSOR_ARCHITECTURE_AMD64 ? "amd64" :
488 sysinfo.wProcessorArchitecture
489 == PROCESSOR_ARCHITECTURE_ARM ? "arm" :
490 sysinfo.wProcessorArchitecture
491 == PROCESSOR_ARCHITECTURE_IA64 ? "ia64" :
492 sysinfo.wProcessorArchitecture
493 == PROCESSOR_ARCHITECTURE_INTEL ? "intel" :
494 "unknown");
495
496 #else
497 uname(&name);
498
499 snprintf(cg->user_agent, sizeof(cg->user_agent),
500 CUPS_MINIMAL " (%s %s; %s) IPP/2.0",
501 name.sysname, name.release, name.machine);
502 #endif /* WIN32 */
503 }
504
505
506 /*
507 * 'cupsUser()' - Return the current user's name.
508 *
509 * Note: The current user name is tracked separately for each thread in a
510 * program. Multi-threaded programs that override the user name with the
511 * @link cupsSetUser@ function need to do so in each thread for the same user
512 * name to be used.
513 */
514
515 const char * /* O - User name */
516 cupsUser(void)
517 {
518 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
519
520
521 if (!cg->user[0])
522 _cupsSetDefaults();
523
524 return (cg->user);
525 }
526
527
528 /*
529 * 'cupsUserAgent()' - Return the default HTTP User-Agent string.
530 *
531 * @since CUPS 1.7@
532 */
533
534 const char * /* O - User-Agent string */
535 cupsUserAgent(void)
536 {
537 _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */
538
539
540 if (!cg->user_agent[0])
541 cupsSetUserAgent(NULL);
542
543 return (cg->user_agent);
544 }
545
546
547 /*
548 * '_cupsGetPassword()' - Get a password from the user.
549 */
550
551 const char * /* O - Password or @code NULL@ if none */
552 _cupsGetPassword(const char *prompt) /* I - Prompt string */
553 {
554 #ifdef WIN32
555 HANDLE tty; /* Console handle */
556 DWORD mode; /* Console mode */
557 char passch, /* Current key press */
558 *passptr, /* Pointer into password string */
559 *passend; /* End of password string */
560 DWORD passbytes; /* Bytes read */
561 _cups_globals_t *cg = _cupsGlobals();
562 /* Thread globals */
563
564
565 /*
566 * Disable input echo and set raw input...
567 */
568
569 if ((tty = GetStdHandle(STD_INPUT_HANDLE)) == INVALID_HANDLE_VALUE)
570 return (NULL);
571
572 if (!GetConsoleMode(tty, &mode))
573 return (NULL);
574
575 if (!SetConsoleMode(tty, 0))
576 return (NULL);
577
578 /*
579 * Display the prompt...
580 */
581
582 printf("%s ", prompt);
583 fflush(stdout);
584
585 /*
586 * Read the password string from /dev/tty until we get interrupted or get a
587 * carriage return or newline...
588 */
589
590 passptr = cg->password;
591 passend = cg->password + sizeof(cg->password) - 1;
592
593 while (ReadFile(tty, &passch, 1, &passbytes, NULL))
594 {
595 if (passch == 0x0A || passch == 0x0D)
596 {
597 /*
598 * Enter/return...
599 */
600
601 break;
602 }
603 else if (passch == 0x08 || passch == 0x7F)
604 {
605 /*
606 * Backspace/delete (erase character)...
607 */
608
609 if (passptr > cg->password)
610 {
611 passptr --;
612 fputs("\010 \010", stdout);
613 }
614 else
615 putchar(0x07);
616 }
617 else if (passch == 0x15)
618 {
619 /*
620 * CTRL+U (erase line)
621 */
622
623 if (passptr > cg->password)
624 {
625 while (passptr > cg->password)
626 {
627 passptr --;
628 fputs("\010 \010", stdout);
629 }
630 }
631 else
632 putchar(0x07);
633 }
634 else if (passch == 0x03)
635 {
636 /*
637 * CTRL+C...
638 */
639
640 passptr = cg->password;
641 break;
642 }
643 else if ((passch & 255) < 0x20 || passptr >= passend)
644 putchar(0x07);
645 else
646 {
647 *passptr++ = passch;
648 putchar(_CUPS_PASSCHAR);
649 }
650
651 fflush(stdout);
652 }
653
654 putchar('\n');
655 fflush(stdout);
656
657 /*
658 * Cleanup...
659 */
660
661 SetConsoleMode(tty, mode);
662
663 /*
664 * Return the proper value...
665 */
666
667 if (passbytes == 1 && passptr > cg->password)
668 {
669 *passptr = '\0';
670 return (cg->password);
671 }
672 else
673 {
674 memset(cg->password, 0, sizeof(cg->password));
675 return (NULL);
676 }
677
678 #else
679 int tty; /* /dev/tty - never read from stdin */
680 struct termios original, /* Original input mode */
681 noecho; /* No echo input mode */
682 char passch, /* Current key press */
683 *passptr, /* Pointer into password string */
684 *passend; /* End of password string */
685 ssize_t passbytes; /* Bytes read */
686 _cups_globals_t *cg = _cupsGlobals();
687 /* Thread globals */
688
689
690 /*
691 * Disable input echo and set raw input...
692 */
693
694 if ((tty = open("/dev/tty", O_RDONLY)) < 0)
695 return (NULL);
696
697 if (tcgetattr(tty, &original))
698 {
699 close(tty);
700 return (NULL);
701 }
702
703 noecho = original;
704 noecho.c_lflag &= ~(ICANON | ECHO | ECHOE | ISIG);
705
706 if (tcsetattr(tty, TCSAFLUSH, &noecho))
707 {
708 close(tty);
709 return (NULL);
710 }
711
712 /*
713 * Display the prompt...
714 */
715
716 printf("%s ", prompt);
717 fflush(stdout);
718
719 /*
720 * Read the password string from /dev/tty until we get interrupted or get a
721 * carriage return or newline...
722 */
723
724 passptr = cg->password;
725 passend = cg->password + sizeof(cg->password) - 1;
726
727 while ((passbytes = read(tty, &passch, 1)) == 1)
728 {
729 if (passch == noecho.c_cc[VEOL] || passch == noecho.c_cc[VEOL2] ||
730 passch == 0x0A || passch == 0x0D)
731 {
732 /*
733 * Enter/return...
734 */
735
736 break;
737 }
738 else if (passch == noecho.c_cc[VERASE] ||
739 passch == 0x08 || passch == 0x7F)
740 {
741 /*
742 * Backspace/delete (erase character)...
743 */
744
745 if (passptr > cg->password)
746 {
747 passptr --;
748 fputs("\010 \010", stdout);
749 }
750 else
751 putchar(0x07);
752 }
753 else if (passch == noecho.c_cc[VKILL])
754 {
755 /*
756 * CTRL+U (erase line)
757 */
758
759 if (passptr > cg->password)
760 {
761 while (passptr > cg->password)
762 {
763 passptr --;
764 fputs("\010 \010", stdout);
765 }
766 }
767 else
768 putchar(0x07);
769 }
770 else if (passch == noecho.c_cc[VINTR] || passch == noecho.c_cc[VQUIT] ||
771 passch == noecho.c_cc[VEOF])
772 {
773 /*
774 * CTRL+C, CTRL+D, or CTRL+Z...
775 */
776
777 passptr = cg->password;
778 break;
779 }
780 else if ((passch & 255) < 0x20 || passptr >= passend)
781 putchar(0x07);
782 else
783 {
784 *passptr++ = passch;
785 putchar(_CUPS_PASSCHAR);
786 }
787
788 fflush(stdout);
789 }
790
791 putchar('\n');
792 fflush(stdout);
793
794 /*
795 * Cleanup...
796 */
797
798 tcsetattr(tty, TCSAFLUSH, &original);
799 close(tty);
800
801 /*
802 * Return the proper value...
803 */
804
805 if (passbytes == 1 && passptr > cg->password)
806 {
807 *passptr = '\0';
808 return (cg->password);
809 }
810 else
811 {
812 memset(cg->password, 0, sizeof(cg->password));
813 return (NULL);
814 }
815 #endif /* WIN32 */
816 }
817
818
819 #ifdef HAVE_GSSAPI
820 /*
821 * '_cupsGSSServiceName()' - Get the GSS (Kerberos) service name.
822 */
823
824 const char *
825 _cupsGSSServiceName(void)
826 {
827 _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */
828
829
830 if (!cg->gss_service_name[0])
831 _cupsSetDefaults();
832
833 return (cg->gss_service_name);
834 }
835 #endif /* HAVE_GSSAPI */
836
837
838 /*
839 * '_cupsSetDefaults()' - Set the default server, port, and encryption.
840 */
841
842 void
843 _cupsSetDefaults(void)
844 {
845 cups_file_t *fp; /* File */
846 const char *home, /* Home directory of user */
847 *cups_encryption, /* CUPS_ENCRYPTION env var */
848 *cups_server, /* CUPS_SERVER env var */
849 *cups_user, /* CUPS_USER/USER env var */
850 #ifdef HAVE_GSSAPI
851 *cups_gssservicename, /* CUPS_GSSSERVICENAME env var */
852 #endif /* HAVE_GSSAPI */
853 *cups_anyroot, /* CUPS_ANYROOT env var */
854 *cups_expiredroot, /* CUPS_EXPIREDROOT env var */
855 *cups_expiredcerts; /* CUPS_EXPIREDCERTS env var */
856 char filename[1024]; /* Filename */
857 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
858
859
860 DEBUG_puts("_cupsSetDefaults()");
861
862 /*
863 * First collect environment variables...
864 */
865
866 cups_encryption = getenv("CUPS_ENCRYPTION");
867 cups_server = getenv("CUPS_SERVER");
868 #ifdef HAVE_GSSAPI
869 cups_gssservicename = getenv("CUPS_GSSSERVICENAME");
870 #endif /* HAVE_GSSAPI */
871 cups_anyroot = getenv("CUPS_ANYROOT");
872 cups_expiredroot = getenv("CUPS_EXPIREDROOT");
873 cups_expiredcerts = getenv("CUPS_EXPIREDCERTS");
874
875 if ((cups_user = getenv("CUPS_USER")) == NULL)
876 cups_user = getenv("USER");
877
878 /*
879 * Then, if needed, read the ~/.cups/client.conf or /etc/cups/client.conf
880 * files to get the default values...
881 */
882
883 if (cg->encryption == (http_encryption_t)-1 || !cg->server[0] ||
884 !cg->user[0] || !cg->ipp_port)
885 {
886 if ((home = getenv("HOME")) != NULL)
887 {
888 /*
889 * Look for ~/.cups/client.conf...
890 */
891
892 snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home);
893 fp = cupsFileOpen(filename, "r");
894 }
895 else
896 fp = NULL;
897
898 if (!fp)
899 {
900 /*
901 * Look for CUPS_SERVERROOT/client.conf...
902 */
903
904 snprintf(filename, sizeof(filename), "%s/client.conf",
905 cg->cups_serverroot);
906 fp = cupsFileOpen(filename, "r");
907 }
908
909 /*
910 * Read the configuration file and apply any environment variables; both
911 * functions handle NULL cups_file_t pointers...
912 */
913
914 cups_read_client_conf(fp, cg, cups_encryption, cups_server, cups_user,
915 #ifdef HAVE_GSSAPI
916 cups_gssservicename,
917 #endif /* HAVE_GSSAPI */
918 cups_anyroot, cups_expiredroot,
919 cups_expiredcerts);
920 cupsFileClose(fp);
921 }
922 }
923
924
925 /*
926 * 'cups_read_client_conf()' - Read a client.conf file.
927 */
928
929 static void
930 cups_read_client_conf(
931 cups_file_t *fp, /* I - File to read */
932 _cups_globals_t *cg, /* I - Global data */
933 const char *cups_encryption, /* I - CUPS_ENCRYPTION env var */
934 const char *cups_server, /* I - CUPS_SERVER env var */
935 const char *cups_user, /* I - CUPS_USER env var */
936 #ifdef HAVE_GSSAPI
937 const char *cups_gssservicename,
938 /* I - CUPS_GSSSERVICENAME env var */
939 #endif /* HAVE_GSSAPI */
940 const char *cups_anyroot, /* I - CUPS_ANYROOT env var */
941 const char *cups_expiredroot, /* I - CUPS_EXPIREDROOT env var */
942 const char *cups_expiredcerts) /* I - CUPS_EXPIREDCERTS env var */
943 {
944 int linenum; /* Current line number */
945 char line[1024], /* Line from file */
946 *value, /* Pointer into line */
947 encryption[1024], /* Encryption value */
948 #ifndef __APPLE__
949 server_name[1024], /* ServerName value */
950 #endif /* !__APPLE__ */
951 user[256], /* User value */
952 any_root[1024], /* AllowAnyRoot value */
953 expired_root[1024], /* AllowExpiredRoot value */
954 expired_certs[1024]; /* AllowExpiredCerts value */
955 #ifdef HAVE_GSSAPI
956 char gss_service_name[32]; /* GSSServiceName value */
957 #endif /* HAVE_GSSAPI */
958
959
960 /*
961 * Read from the file...
962 */
963
964 linenum = 0;
965 while (cupsFileGetConf(fp, line, sizeof(line), &value, &linenum))
966 {
967 if (!cups_encryption && cg->encryption == (http_encryption_t)-1 &&
968 !_cups_strcasecmp(line, "Encryption") && value)
969 {
970 strlcpy(encryption, value, sizeof(encryption));
971 cups_encryption = encryption;
972 }
973 #ifndef __APPLE__
974 /*
975 * The Server directive is not supported on OS X due to app sandboxing
976 * restrictions, i.e. not all apps request network access.
977 */
978 else if (!cups_server && (!cg->server[0] || !cg->ipp_port) &&
979 !_cups_strcasecmp(line, "ServerName") && value)
980 {
981 strlcpy(server_name, value, sizeof(server_name));
982 cups_server = server_name;
983 }
984 #endif /* !__APPLE__ */
985 else if (!cups_user && !_cups_strcasecmp(line, "User") && value)
986 {
987 strlcpy(user, value, sizeof(user));
988 cups_user = user;
989 }
990 else if (!cups_anyroot && !_cups_strcasecmp(line, "AllowAnyRoot") && value)
991 {
992 strlcpy(any_root, value, sizeof(any_root));
993 cups_anyroot = any_root;
994 }
995 else if (!cups_expiredroot && !_cups_strcasecmp(line, "AllowExpiredRoot") &&
996 value)
997 {
998 strlcpy(expired_root, value, sizeof(expired_root));
999 cups_expiredroot = expired_root;
1000 }
1001 else if (!cups_expiredcerts && !_cups_strcasecmp(line, "AllowExpiredCerts") &&
1002 value)
1003 {
1004 strlcpy(expired_certs, value, sizeof(expired_certs));
1005 cups_expiredcerts = expired_certs;
1006 }
1007 #ifdef HAVE_GSSAPI
1008 else if (!cups_gssservicename && !_cups_strcasecmp(line, "GSSServiceName") &&
1009 value)
1010 {
1011 strlcpy(gss_service_name, value, sizeof(gss_service_name));
1012 cups_gssservicename = gss_service_name;
1013 }
1014 #endif /* HAVE_GSSAPI */
1015 }
1016
1017 /*
1018 * Set values...
1019 */
1020
1021 if (cg->encryption == (http_encryption_t)-1 && cups_encryption)
1022 {
1023 if (!_cups_strcasecmp(cups_encryption, "never"))
1024 cg->encryption = HTTP_ENCRYPTION_NEVER;
1025 else if (!_cups_strcasecmp(cups_encryption, "always"))
1026 cg->encryption = HTTP_ENCRYPTION_ALWAYS;
1027 else if (!_cups_strcasecmp(cups_encryption, "required"))
1028 cg->encryption = HTTP_ENCRYPTION_REQUIRED;
1029 else
1030 cg->encryption = HTTP_ENCRYPTION_IF_REQUESTED;
1031 }
1032
1033 if ((!cg->server[0] || !cg->ipp_port) && cups_server)
1034 {
1035 if (!cg->server[0])
1036 {
1037 /*
1038 * Copy server name...
1039 */
1040
1041 strlcpy(cg->server, cups_server, sizeof(cg->server));
1042
1043 if (cg->server[0] != '/' && (value = strrchr(cg->server, ':')) != NULL &&
1044 !strchr(value, ']') && isdigit(value[1] & 255))
1045 *value++ = '\0';
1046 else
1047 value = NULL;
1048
1049 if (cg->server[0] == '/')
1050 strlcpy(cg->servername, "localhost", sizeof(cg->servername));
1051 else
1052 strlcpy(cg->servername, cg->server, sizeof(cg->servername));
1053 }
1054 else if (cups_server[0] != '/' &&
1055 (value = strrchr(cups_server, ':')) != NULL &&
1056 !strchr(value, ']') && isdigit(value[1] & 255))
1057 value ++;
1058 else
1059 value = NULL;
1060
1061 if (!cg->ipp_port && value)
1062 cg->ipp_port = atoi(value);
1063 }
1064
1065 if (!cg->server[0])
1066 {
1067 #ifdef CUPS_DEFAULT_DOMAINSOCKET
1068 /*
1069 * If we are compiled with domain socket support, only use the
1070 * domain socket if it exists and has the right permissions...
1071 */
1072
1073 struct stat sockinfo; /* Domain socket information */
1074
1075 if (!stat(CUPS_DEFAULT_DOMAINSOCKET, &sockinfo) &&
1076 (sockinfo.st_mode & S_IRWXO) == S_IRWXO)
1077 cups_server = CUPS_DEFAULT_DOMAINSOCKET;
1078 else
1079 #endif /* CUPS_DEFAULT_DOMAINSOCKET */
1080 cups_server = "localhost";
1081
1082 cupsSetServer(cups_server);
1083 }
1084
1085 if (!cg->ipp_port)
1086 {
1087 const char *ipp_port; /* IPP_PORT environment variable */
1088
1089 if ((ipp_port = getenv("IPP_PORT")) != NULL)
1090 {
1091 if ((cg->ipp_port = atoi(ipp_port)) <= 0)
1092 cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
1093 }
1094 else
1095 cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
1096 }
1097
1098 if (!cg->user[0])
1099 {
1100 if (cups_user)
1101 strlcpy(cg->user, cups_user, sizeof(cg->user));
1102 else
1103 {
1104 #ifdef WIN32
1105 /*
1106 * Get the current user name from the OS...
1107 */
1108
1109 DWORD size; /* Size of string */
1110
1111 size = sizeof(cg->user);
1112 if (!GetUserName(cg->user, &size))
1113 #else
1114 /*
1115 * Get the user name corresponding to the current UID...
1116 */
1117
1118 struct passwd *pwd; /* User/password entry */
1119
1120 setpwent();
1121 if ((pwd = getpwuid(getuid())) != NULL)
1122 {
1123 /*
1124 * Found a match!
1125 */
1126
1127 strlcpy(cg->user, pwd->pw_name, sizeof(cg->user));
1128 }
1129 else
1130 #endif /* WIN32 */
1131 {
1132 /*
1133 * Use the default "unknown" user name...
1134 */
1135
1136 strlcpy(cg->user, "unknown", sizeof(cg->user));
1137 }
1138 }
1139 }
1140
1141 #ifdef HAVE_GSSAPI
1142 if (!cups_gssservicename)
1143 cups_gssservicename = CUPS_DEFAULT_GSSSERVICENAME;
1144
1145 strlcpy(cg->gss_service_name, cups_gssservicename,
1146 sizeof(cg->gss_service_name));
1147 #endif /* HAVE_GSSAPI */
1148
1149 if (cups_anyroot)
1150 cg->any_root = !_cups_strcasecmp(cups_anyroot, "yes") ||
1151 !_cups_strcasecmp(cups_anyroot, "on") ||
1152 !_cups_strcasecmp(cups_anyroot, "true");
1153
1154 if (cups_expiredroot)
1155 cg->expired_root = !_cups_strcasecmp(cups_expiredroot, "yes") ||
1156 !_cups_strcasecmp(cups_expiredroot, "on") ||
1157 !_cups_strcasecmp(cups_expiredroot, "true");
1158
1159 if (cups_expiredcerts)
1160 cg->expired_certs = !_cups_strcasecmp(cups_expiredcerts, "yes") ||
1161 !_cups_strcasecmp(cups_expiredcerts, "on") ||
1162 !_cups_strcasecmp(cups_expiredcerts, "true");
1163 }
1164
1165
1166 /*
1167 * End of "$Id: usersys.c 8498 2009-04-13 17:03:15Z mike $".
1168 */
Unnamed repository; edit this file 'description' to name the repository.