]> git.ipfire.org Git - thirdparty/cups.git/blob - cups/usersys.c
projects / thirdparty / cups.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge changes from CUPS 1.6svn-r10188, including changes for <rdar://problem/10127258...
[thirdparty/cups.git] / cups / usersys.c
1 /*
2 * "$Id: usersys.c 8498 2009-04-13 17:03:15Z mike $"
3 *
4 * User, system, and password routines for CUPS.
5 *
6 * Copyright 2007-2011 by Apple Inc.
7 * Copyright 1997-2006 by Easy Software Products.
8 *
9 * These coded instructions, statements, and computer programs are the
10 * property of Apple Inc. and are protected by Federal copyright
11 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 * which should have been included with this file. If this file is
13 * file is missing or damaged, see the license at "http://www.cups.org/".
14 *
15 * This file is subject to the Apple OS-Developed Software exception.
16 *
17 * Contents:
18 *
19 * cupsEncryption() - Get the current encryption settings.
20 * cupsGetPassword() - Get a password from the user.
21 * cupsGetPassword2() - Get a password from the user using the advanced
22 * password callback.
23 * cupsServer() - Return the hostname/address of the current
24 * server.
25 * cupsSetClientCertCB() - Set the client certificate callback.
26 * cupsSetEncryption() - Set the encryption preference.
27 * cupsSetPasswordCB() - Set the password callback for CUPS.
28 * cupsSetPasswordCB2() - Set the advanced password callback for CUPS.
29 * cupsSetServer() - Set the default server name and port.
30 * cupsSetServerCertCB() - Set the server certificate callback.
31 * cupsSetUser() - Set the default user name.
32 * cupsUser() - Return the current user's name.
33 * _cupsGetPassword() - Get a password from the user.
34 * _cupsGSSServiceName() - Get the GSS (Kerberos) service name.
35 * _cupsSetDefaults() - Set the default server, port, and encryption.
36 * cups_read_client_conf() - Read a client.conf file.
37 */
38
39 /*
40 * Include necessary headers...
41 */
42
43 #include "cups-private.h"
44 #include <stdlib.h>
45 #include <sys/stat.h>
46 #ifdef WIN32
47 # include <windows.h>
48 #else
49 # include <pwd.h>
50 # include <termios.h>
51 #endif /* WIN32 */
52
53
54 /*
55 * Local constants...
56 */
57
58 #define _CUPS_PASSCHAR '*' /* Character that is echoed for password */
59
60
61 /*
62 * Local functions...
63 */
64
65 static void cups_read_client_conf(cups_file_t *fp,
66 _cups_globals_t *cg,
67 const char *cups_encryption,
68 const char *cups_server,
69 #ifdef HAVE_GSSAPI
70 const char *cups_gssservicename,
71 #endif /* HAVE_GSSAPI */
72 const char *cups_anyroot,
73 const char *cups_expiredroot,
74 const char *cups_expiredcerts);
75
76
77 /*
78 * 'cupsEncryption()' - Get the current encryption settings.
79 *
80 * The default encryption setting comes from the CUPS_ENCRYPTION
81 * environment variable, then the ~/.cups/client.conf file, and finally the
82 * /etc/cups/client.conf file. If not set, the default is
83 * @code HTTP_ENCRYPT_IF_REQUESTED@.
84 *
85 * Note: The current encryption setting is tracked separately for each thread
86 * in a program. Multi-threaded programs that override the setting via the
87 * @link cupsSetEncryption@ function need to do so in each thread for the same
88 * setting to be used.
89 */
90
91 http_encryption_t /* O - Encryption settings */
92 cupsEncryption(void)
93 {
94 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
95
96
97 if (cg->encryption == (http_encryption_t)-1)
98 _cupsSetDefaults();
99
100 return (cg->encryption);
101 }
102
103
104 /*
105 * 'cupsGetPassword()' - Get a password from the user.
106 *
107 * Uses the current password callback function. Returns @code NULL@ if the
108 * user does not provide a password.
109 *
110 * Note: The current password callback function is tracked separately for each
111 * thread in a program. Multi-threaded programs that override the setting via
112 * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to
113 * do so in each thread for the same function to be used.
114 */
115
116 const char * /* O - Password */
117 cupsGetPassword(const char *prompt) /* I - Prompt string */
118 {
119 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
120
121
122 return ((cg->password_cb)(prompt, NULL, NULL, NULL, cg->password_data));
123 }
124
125
126 /*
127 * 'cupsGetPassword2()' - Get a password from the user using the advanced
128 * password callback.
129 *
130 * Uses the current password callback function. Returns @code NULL@ if the
131 * user does not provide a password.
132 *
133 * Note: The current password callback function is tracked separately for each
134 * thread in a program. Multi-threaded programs that override the setting via
135 * the @link cupsSetPasswordCB@ or @link cupsSetPasswordCB2@ functions need to
136 * do so in each thread for the same function to be used.
137 *
138 * @since CUPS 1.4/Mac OS X 10.6@
139 */
140
141 const char * /* O - Password */
142 cupsGetPassword2(const char *prompt, /* I - Prompt string */
143 http_t *http, /* I - Connection to server or @code CUPS_HTTP_DEFAULT@ */
144 const char *method, /* I - Request method ("GET", "POST", "PUT") */
145 const char *resource) /* I - Resource path */
146 {
147 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
148
149
150 if (!http)
151 http = _cupsConnect();
152
153 return ((cg->password_cb)(prompt, http, method, resource, cg->password_data));
154 }
155
156
157 /*
158 * 'cupsServer()' - Return the hostname/address of the current server.
159 *
160 * The default server comes from the CUPS_SERVER environment variable, then the
161 * ~/.cups/client.conf file, and finally the /etc/cups/client.conf file. If not
162 * set, the default is the local system - either "localhost" or a domain socket
163 * path.
164 *
165 * The returned value can be a fully-qualified hostname, a numeric IPv4 or IPv6
166 * address, or a domain socket pathname.
167 *
168 * Note: The current server is tracked separately for each thread in a program.
169 * Multi-threaded programs that override the server via the
170 * @link cupsSetServer@ function need to do so in each thread for the same
171 * server to be used.
172 */
173
174 const char * /* O - Server name */
175 cupsServer(void)
176 {
177 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
178
179
180 if (!cg->server[0])
181 _cupsSetDefaults();
182
183 return (cg->server);
184 }
185
186
187 /*
188 * 'cupsSetClientCertCB()' - Set the client certificate callback.
189 *
190 * Pass @code NULL@ to restore the default callback.
191 *
192 * Note: The current certificate callback is tracked separately for each thread
193 * in a program. Multi-threaded programs that override the callback need to do
194 * so in each thread for the same callback to be used.
195 *
196 * @since CUPS 1.5/Mac OS X 10.7@
197 */
198
199 void
200 cupsSetClientCertCB(
201 cups_client_cert_cb_t cb, /* I - Callback function */
202 void *user_data) /* I - User data pointer */
203 {
204 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
205
206
207 cg->client_cert_cb = cb;
208 cg->client_cert_data = user_data;
209 }
210
211
212 /*
213 * 'cupsSetCredentials()' - Set the default credentials to be used for SSL/TLS
214 * connections.
215 *
216 * Note: The default credentials are tracked separately for each thread in a
217 * program. Multi-threaded programs that override the setting need to do so in
218 * each thread for the same setting to be used.
219 *
220 * @since CUPS 1.5/Mac OS X 10.7@
221 */
222
223 int /* O - Status of call (0 = success) */
224 cupsSetCredentials(
225 cups_array_t *credentials) /* I - Array of credentials */
226 {
227 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
228
229
230 if (cupsArrayCount(credentials) < 1)
231 return (-1);
232
233 _httpFreeCredentials(cg->tls_credentials);
234 cg->tls_credentials = _httpCreateCredentials(credentials);
235
236 return (cg->tls_credentials ? 0 : -1);
237 }
238
239
240 /*
241 * 'cupsSetEncryption()' - Set the encryption preference.
242 *
243 * The default encryption setting comes from the CUPS_ENCRYPTION
244 * environment variable, then the ~/.cups/client.conf file, and finally the
245 * /etc/cups/client.conf file. If not set, the default is
246 * @code HTTP_ENCRYPT_IF_REQUESTED@.
247 *
248 * Note: The current encryption setting is tracked separately for each thread
249 * in a program. Multi-threaded programs that override the setting need to do
250 * so in each thread for the same setting to be used.
251 */
252
253 void
254 cupsSetEncryption(http_encryption_t e) /* I - New encryption preference */
255 {
256 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
257
258
259 cg->encryption = e;
260
261 if (cg->http)
262 httpEncryption(cg->http, e);
263 }
264
265
266 /*
267 * 'cupsSetPasswordCB()' - Set the password callback for CUPS.
268 *
269 * Pass @code NULL@ to restore the default (console) password callback, which
270 * reads the password from the console. Programs should call either this
271 * function or @link cupsSetPasswordCB2@, as only one callback can be registered
272 * by a program per thread.
273 *
274 * Note: The current password callback is tracked separately for each thread
275 * in a program. Multi-threaded programs that override the callback need to do
276 * so in each thread for the same callback to be used.
277 */
278
279 void
280 cupsSetPasswordCB(cups_password_cb_t cb)/* I - Callback function */
281 {
282 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
283
284
285 if (cb == (cups_password_cb_t)0)
286 cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
287 else
288 cg->password_cb = (cups_password_cb2_t)cb;
289
290 cg->password_data = NULL;
291 }
292
293
294 /*
295 * 'cupsSetPasswordCB2()' - Set the advanced password callback for CUPS.
296 *
297 * Pass @code NULL@ to restore the default (console) password callback, which
298 * reads the password from the console. Programs should call either this
299 * function or @link cupsSetPasswordCB2@, as only one callback can be registered
300 * by a program per thread.
301 *
302 * Note: The current password callback is tracked separately for each thread
303 * in a program. Multi-threaded programs that override the callback need to do
304 * so in each thread for the same callback to be used.
305 *
306 * @since CUPS 1.4/Mac OS X 10.6@
307 */
308
309 void
310 cupsSetPasswordCB2(
311 cups_password_cb2_t cb, /* I - Callback function */
312 void *user_data) /* I - User data pointer */
313 {
314 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
315
316
317 if (cb == (cups_password_cb2_t)0)
318 cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
319 else
320 cg->password_cb = cb;
321
322 cg->password_data = user_data;
323 }
324
325
326 /*
327 * 'cupsSetServer()' - Set the default server name and port.
328 *
329 * The "server" string can be a fully-qualified hostname, a numeric
330 * IPv4 or IPv6 address, or a domain socket pathname. Hostnames and numeric IP
331 * addresses can be optionally followed by a colon and port number to override
332 * the default port 631, e.g. "hostname:8631". Pass @code NULL@ to restore the
333 * default server name and port.
334 *
335 * Note: The current server is tracked separately for each thread in a program.
336 * Multi-threaded programs that override the server need to do so in each
337 * thread for the same server to be used.
338 */
339
340 void
341 cupsSetServer(const char *server) /* I - Server name */
342 {
343 char *port; /* Pointer to port */
344 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
345
346
347 if (server)
348 {
349 strlcpy(cg->server, server, sizeof(cg->server));
350
351 if (cg->server[0] != '/' && (port = strrchr(cg->server, ':')) != NULL &&
352 !strchr(port, ']') && isdigit(port[1] & 255))
353 {
354 *port++ = '\0';
355
356 cg->ipp_port = atoi(port);
357 }
358
359 if (cg->server[0] == '/')
360 strcpy(cg->servername, "localhost");
361 else
362 strlcpy(cg->servername, cg->server, sizeof(cg->servername));
363 }
364 else
365 {
366 cg->server[0] = '\0';
367 cg->servername[0] = '\0';
368 }
369
370 if (cg->http)
371 {
372 httpClose(cg->http);
373 cg->http = NULL;
374 }
375 }
376
377
378 /*
379 * 'cupsSetServerCertCB()' - Set the server certificate callback.
380 *
381 * Pass @code NULL@ to restore the default callback.
382 *
383 * Note: The current credentials callback is tracked separately for each thread
384 * in a program. Multi-threaded programs that override the callback need to do
385 * so in each thread for the same callback to be used.
386 *
387 * @since CUPS 1.5/Mac OS X 10.7@
388 */
389
390 void
391 cupsSetServerCertCB(
392 cups_server_cert_cb_t cb, /* I - Callback function */
393 void *user_data) /* I - User data pointer */
394 {
395 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
396
397
398 cg->server_cert_cb = cb;
399 cg->server_cert_data = user_data;
400 }
401
402
403 /*
404 * 'cupsSetUser()' - Set the default user name.
405 *
406 * Pass @code NULL@ to restore the default user name.
407 *
408 * Note: The current user name is tracked separately for each thread in a
409 * program. Multi-threaded programs that override the user name need to do so
410 * in each thread for the same user name to be used.
411 */
412
413 void
414 cupsSetUser(const char *user) /* I - User name */
415 {
416 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
417
418
419 if (user)
420 strlcpy(cg->user, user, sizeof(cg->user));
421 else
422 cg->user[0] = '\0';
423 }
424
425
426 /*
427 * 'cupsUser()' - Return the current user's name.
428 *
429 * Note: The current user name is tracked separately for each thread in a
430 * program. Multi-threaded programs that override the user name with the
431 * @link cupsSetUser@ function need to do so in each thread for the same user
432 * name to be used.
433 */
434
435 const char * /* O - User name */
436 cupsUser(void)
437 {
438 const char *user; /* USER environment variable */
439 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
440
441
442 if (!cg->user[0])
443 {
444 #ifdef WIN32
445 /*
446 * Get the current user name from the OS...
447 */
448
449 DWORD size; /* Size of string */
450
451 size = sizeof(cg->user);
452 if (!GetUserName(cg->user, &size))
453 #else
454 /*
455 * Get the user name corresponding to the current UID...
456 */
457
458 struct passwd *pwd; /* User/password entry */
459
460 setpwent();
461 if ((pwd = getpwuid(getuid())) != NULL)
462 {
463 /*
464 * Found a match!
465 */
466
467 strlcpy(cg->user, pwd->pw_name, sizeof(cg->user));
468 }
469 else
470 #endif /* WIN32 */
471 if ((user = getenv("USER")) != NULL)
472 {
473 /*
474 * Use the username from the "USER" environment variable...
475 */
476 strlcpy(cg->user, user, sizeof(cg->user));
477 }
478 else
479 {
480 /*
481 * Use the default "unknown" user name...
482 */
483
484 strcpy(cg->user, "unknown");
485 }
486 }
487
488 return (cg->user);
489 }
490
491
492 /*
493 * '_cupsGetPassword()' - Get a password from the user.
494 */
495
496 const char * /* O - Password or @code NULL@ if none */
497 _cupsGetPassword(const char *prompt) /* I - Prompt string */
498 {
499 #ifdef WIN32
500 HANDLE tty; /* Console handle */
501 DWORD mode; /* Console mode */
502 char passch, /* Current key press */
503 *passptr, /* Pointer into password string */
504 *passend; /* End of password string */
505 ssize_t passbytes; /* Bytes read */
506 _cups_globals_t *cg = _cupsGlobals();
507 /* Thread globals */
508
509
510 /*
511 * Disable input echo and set raw input...
512 */
513
514 if ((tty = GetStdHandle(STD_INPUT_HANDLE)) == INVALID_HANDLE_VALUE)
515 return (NULL);
516
517 if (!GetConsoleMode(tty, &mode))
518 return (NULL);
519
520 if (!SetConsoleMode(tty, 0))
521 return (NULL);
522
523 /*
524 * Display the prompt...
525 */
526
527 printf("%s ", prompt);
528 fflush(stdout);
529
530 /*
531 * Read the password string from /dev/tty until we get interrupted or get a
532 * carriage return or newline...
533 */
534
535 passptr = cg->password;
536 passend = cg->password + sizeof(cg->password) - 1;
537
538 while ((passbytes = read(tty, &passch, 1)) == 1)
539 {
540 if (passch == 0x0A || passch == 0x0D)
541 {
542 /*
543 * Enter/return...
544 */
545
546 break;
547 }
548 else if (passch == 0x08 || passch == 0x7F)
549 {
550 /*
551 * Backspace/delete (erase character)...
552 */
553
554 if (passptr > cg->password)
555 {
556 passptr --;
557 fputs("\010 \010", stdout);
558 }
559 else
560 putchar(0x07);
561 }
562 else if (passch == 0x15)
563 {
564 /*
565 * CTRL+U (erase line)
566 */
567
568 if (passptr > cg->password)
569 {
570 while (passptr > cg->password)
571 {
572 passptr --;
573 fputs("\010 \010", stdout);
574 }
575 }
576 else
577 putchar(0x07);
578 }
579 else if (passch == 0x03)
580 {
581 /*
582 * CTRL+C...
583 */
584
585 passptr = cg->password;
586 break;
587 }
588 else if ((passch & 255) < 0x20 || passptr >= passend)
589 putchar(0x07);
590 else
591 {
592 *passptr++ = passch;
593 putchar(_CUPS_PASSCHAR);
594 }
595
596 fflush(stdout);
597 }
598
599 putchar('\n');
600 fflush(stdout);
601
602 /*
603 * Cleanup...
604 */
605
606 SetConsoleMode(tty, mode);
607
608 /*
609 * Return the proper value...
610 */
611
612 if (passbytes == 1 && passptr > cg->password)
613 {
614 *passptr = '\0';
615 return (cg->password);
616 }
617 else
618 {
619 memset(cg->password, 0, sizeof(cg->password));
620 return (NULL);
621 }
622
623 #else
624 int tty; /* /dev/tty - never read from stdin */
625 struct termios original, /* Original input mode */
626 noecho; /* No echo input mode */
627 char passch, /* Current key press */
628 *passptr, /* Pointer into password string */
629 *passend; /* End of password string */
630 ssize_t passbytes; /* Bytes read */
631 _cups_globals_t *cg = _cupsGlobals();
632 /* Thread globals */
633
634
635 /*
636 * Disable input echo and set raw input...
637 */
638
639 if ((tty = open("/dev/tty", O_RDONLY)) < 0)
640 return (NULL);
641
642 if (tcgetattr(tty, &original))
643 {
644 close(tty);
645 return (NULL);
646 }
647
648 noecho = original;
649 noecho.c_lflag &= ~(ICANON | ECHO | ECHOE | ISIG);
650
651 if (tcsetattr(tty, TCSAFLUSH, &noecho))
652 {
653 close(tty);
654 return (NULL);
655 }
656
657 /*
658 * Display the prompt...
659 */
660
661 printf("%s ", prompt);
662 fflush(stdout);
663
664 /*
665 * Read the password string from /dev/tty until we get interrupted or get a
666 * carriage return or newline...
667 */
668
669 passptr = cg->password;
670 passend = cg->password + sizeof(cg->password) - 1;
671
672 while ((passbytes = read(tty, &passch, 1)) == 1)
673 {
674 if (passch == noecho.c_cc[VEOL] || passch == noecho.c_cc[VEOL2] ||
675 passch == 0x0A || passch == 0x0D)
676 {
677 /*
678 * Enter/return...
679 */
680
681 break;
682 }
683 else if (passch == noecho.c_cc[VERASE] ||
684 passch == 0x08 || passch == 0x7F)
685 {
686 /*
687 * Backspace/delete (erase character)...
688 */
689
690 if (passptr > cg->password)
691 {
692 passptr --;
693 fputs("\010 \010", stdout);
694 }
695 else
696 putchar(0x07);
697 }
698 else if (passch == noecho.c_cc[VKILL])
699 {
700 /*
701 * CTRL+U (erase line)
702 */
703
704 if (passptr > cg->password)
705 {
706 while (passptr > cg->password)
707 {
708 passptr --;
709 fputs("\010 \010", stdout);
710 }
711 }
712 else
713 putchar(0x07);
714 }
715 else if (passch == noecho.c_cc[VINTR] || passch == noecho.c_cc[VQUIT] ||
716 passch == noecho.c_cc[VEOF])
717 {
718 /*
719 * CTRL+C, CTRL+D, or CTRL+Z...
720 */
721
722 passptr = cg->password;
723 break;
724 }
725 else if ((passch & 255) < 0x20 || passptr >= passend)
726 putchar(0x07);
727 else
728 {
729 *passptr++ = passch;
730 putchar(_CUPS_PASSCHAR);
731 }
732
733 fflush(stdout);
734 }
735
736 putchar('\n');
737 fflush(stdout);
738
739 /*
740 * Cleanup...
741 */
742
743 tcsetattr(tty, TCSAFLUSH, &original);
744 close(tty);
745
746 /*
747 * Return the proper value...
748 */
749
750 if (passbytes == 1 && passptr > cg->password)
751 {
752 *passptr = '\0';
753 return (cg->password);
754 }
755 else
756 {
757 memset(cg->password, 0, sizeof(cg->password));
758 return (NULL);
759 }
760 #endif /* WIN32 */
761 }
762
763
764 #ifdef HAVE_GSSAPI
765 /*
766 * '_cupsGSSServiceName()' - Get the GSS (Kerberos) service name.
767 */
768
769 const char *
770 _cupsGSSServiceName(void)
771 {
772 _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */
773
774
775 if (!cg->gss_service_name[0])
776 _cupsSetDefaults();
777
778 return (cg->gss_service_name);
779 }
780 #endif /* HAVE_GSSAPI */
781
782
783 /*
784 * '_cupsSetDefaults()' - Set the default server, port, and encryption.
785 */
786
787 void
788 _cupsSetDefaults(void)
789 {
790 cups_file_t *fp; /* File */
791 const char *home, /* Home directory of user */
792 *cups_encryption, /* CUPS_ENCRYPTION env var */
793 *cups_server, /* CUPS_SERVER env var */
794 #ifdef HAVE_GSSAPI
795 *cups_gssservicename, /* CUPS_GSSSERVICENAME env var */
796 #endif /* HAVE_GSSAPI */
797 *cups_anyroot, /* CUPS_ANYROOT env var */
798 *cups_expiredroot, /* CUPS_EXPIREDROOT env var */
799 *cups_expiredcerts; /* CUPS_EXPIREDCERTS env var */
800 char filename[1024]; /* Filename */
801 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
802
803
804 DEBUG_puts("_cupsSetDefaults()");
805
806 /*
807 * First collect environment variables...
808 */
809
810 cups_encryption = getenv("CUPS_ENCRYPTION");
811 cups_server = getenv("CUPS_SERVER");
812 #ifdef HAVE_GSSAPI
813 cups_gssservicename = getenv("CUPS_GSSSERVICENAME");
814 #endif /* HAVE_GSSAPI */
815 cups_anyroot = getenv("CUPS_ANYROOT");
816 cups_expiredroot = getenv("CUPS_EXPIREDROOT");
817 cups_expiredcerts = getenv("CUPS_EXPIREDCERTS");
818
819 /*
820 * Then, if needed, read the ~/.cups/client.conf or /etc/cups/client.conf
821 * files to get the default values...
822 */
823
824 if (cg->encryption == (http_encryption_t)-1 || !cg->server[0] ||
825 !cg->ipp_port)
826 {
827 if ((home = getenv("HOME")) != NULL)
828 {
829 /*
830 * Look for ~/.cups/client.conf...
831 */
832
833 snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home);
834 fp = cupsFileOpen(filename, "r");
835 }
836 else
837 fp = NULL;
838
839 if (!fp)
840 {
841 /*
842 * Look for CUPS_SERVERROOT/client.conf...
843 */
844
845 snprintf(filename, sizeof(filename), "%s/client.conf",
846 cg->cups_serverroot);
847 fp = cupsFileOpen(filename, "r");
848 }
849
850 /*
851 * Read the configuration file and apply any environment variables; both
852 * functions handle NULL cups_file_t pointers...
853 */
854
855 cups_read_client_conf(fp, cg, cups_encryption, cups_server,
856 #ifdef HAVE_GSSAPI
857 cups_gssservicename,
858 #endif /* HAVE_GSSAPI */
859 cups_anyroot, cups_expiredroot,
860 cups_expiredcerts);
861 cupsFileClose(fp);
862 }
863 }
864
865
866 /*
867 * 'cups_read_client_conf()' - Read a client.conf file.
868 */
869
870 static void
871 cups_read_client_conf(
872 cups_file_t *fp, /* I - File to read */
873 _cups_globals_t *cg, /* I - Global data */
874 const char *cups_encryption, /* I - CUPS_ENCRYPTION env var */
875 const char *cups_server, /* I - CUPS_SERVER env var */
876 #ifdef HAVE_GSSAPI
877 const char *cups_gssservicename,
878 /* I - CUPS_GSSSERVICENAME env var */
879 #endif /* HAVE_GSSAPI */
880 const char *cups_anyroot, /* I - CUPS_ANYROOT env var */
881 const char *cups_expiredroot, /* I - CUPS_EXPIREDROOT env var */
882 const char *cups_expiredcerts) /* I - CUPS_EXPIREDCERTS env var */
883 {
884 int linenum; /* Current line number */
885 char line[1024], /* Line from file */
886 *value, /* Pointer into line */
887 encryption[1024], /* Encryption value */
888 #ifndef __APPLE__
889 server_name[1024], /* ServerName value */
890 #endif /* !__APPLE__ */
891 any_root[1024], /* AllowAnyRoot value */
892 expired_root[1024], /* AllowExpiredRoot value */
893 expired_certs[1024]; /* AllowExpiredCerts value */
894 #ifdef HAVE_GSSAPI
895 char gss_service_name[32]; /* GSSServiceName value */
896 #endif /* HAVE_GSSAPI */
897
898
899 /*
900 * Read from the file...
901 */
902
903 linenum = 0;
904 while (cupsFileGetConf(fp, line, sizeof(line), &value, &linenum))
905 {
906 if (!cups_encryption && cg->encryption == (http_encryption_t)-1 &&
907 !_cups_strcasecmp(line, "Encryption") && value)
908 {
909 strlcpy(encryption, value, sizeof(encryption));
910 cups_encryption = encryption;
911 }
912 #ifndef __APPLE__
913 /*
914 * The Server directive is not supported on Mac OS X due to app sandboxing
915 * restrictions, i.e. not all apps request network access.
916 */
917 else if (!cups_server && (!cg->server[0] || !cg->ipp_port) &&
918 !_cups_strcasecmp(line, "ServerName") && value)
919 {
920 strlcpy(server_name, value, sizeof(server_name));
921 cups_server = server_name;
922 }
923 #endif /* !__APPLE__ */
924 else if (!cups_anyroot && !_cups_strcasecmp(line, "AllowAnyRoot") && value)
925 {
926 strlcpy(any_root, value, sizeof(any_root));
927 cups_anyroot = any_root;
928 }
929 else if (!cups_expiredroot && !_cups_strcasecmp(line, "AllowExpiredRoot") &&
930 value)
931 {
932 strlcpy(expired_root, value, sizeof(expired_root));
933 cups_expiredroot = expired_root;
934 }
935 else if (!cups_expiredcerts && !_cups_strcasecmp(line, "AllowExpiredCerts") &&
936 value)
937 {
938 strlcpy(expired_certs, value, sizeof(expired_certs));
939 cups_expiredcerts = expired_certs;
940 }
941 #ifdef HAVE_GSSAPI
942 else if (!cups_gssservicename && !_cups_strcasecmp(line, "GSSServiceName") &&
943 value)
944 {
945 strlcpy(gss_service_name, value, sizeof(gss_service_name));
946 cups_gssservicename = gss_service_name;
947 }
948 #endif /* HAVE_GSSAPI */
949 }
950
951 /*
952 * Set values...
953 */
954
955 if (cg->encryption == (http_encryption_t)-1 && cups_encryption)
956 {
957 if (!_cups_strcasecmp(cups_encryption, "never"))
958 cg->encryption = HTTP_ENCRYPT_NEVER;
959 else if (!_cups_strcasecmp(cups_encryption, "always"))
960 cg->encryption = HTTP_ENCRYPT_ALWAYS;
961 else if (!_cups_strcasecmp(cups_encryption, "required"))
962 cg->encryption = HTTP_ENCRYPT_REQUIRED;
963 else
964 cg->encryption = HTTP_ENCRYPT_IF_REQUESTED;
965 }
966
967 if ((!cg->server[0] || !cg->ipp_port) && cups_server)
968 {
969 if (!cg->server[0])
970 {
971 /*
972 * Copy server name...
973 */
974
975 strlcpy(cg->server, cups_server, sizeof(cg->server));
976
977 if (cg->server[0] != '/' && (value = strrchr(cg->server, ':')) != NULL &&
978 !strchr(value, ']') && isdigit(value[1] & 255))
979 *value++ = '\0';
980 else
981 value = NULL;
982
983 if (cg->server[0] == '/')
984 strcpy(cg->servername, "localhost");
985 else
986 strlcpy(cg->servername, cg->server, sizeof(cg->servername));
987 }
988 else if (cups_server[0] != '/' &&
989 (value = strrchr(cups_server, ':')) != NULL &&
990 !strchr(value, ']') && isdigit(value[1] & 255))
991 value ++;
992 else
993 value = NULL;
994
995 if (!cg->ipp_port && value)
996 cg->ipp_port = atoi(value);
997 }
998
999 if (!cg->server[0])
1000 {
1001 #ifdef CUPS_DEFAULT_DOMAINSOCKET
1002 /*
1003 * If we are compiled with domain socket support, only use the
1004 * domain socket if it exists and has the right permissions...
1005 */
1006
1007 struct stat sockinfo; /* Domain socket information */
1008
1009 if (!stat(CUPS_DEFAULT_DOMAINSOCKET, &sockinfo) &&
1010 (sockinfo.st_mode & S_IRWXO) == S_IRWXO)
1011 cups_server = CUPS_DEFAULT_DOMAINSOCKET;
1012 else
1013 #endif /* CUPS_DEFAULT_DOMAINSOCKET */
1014 cups_server = "localhost";
1015
1016 cupsSetServer(cups_server);
1017 }
1018
1019 if (!cg->ipp_port)
1020 {
1021 const char *ipp_port; /* IPP_PORT environment variable */
1022
1023 if ((ipp_port = getenv("IPP_PORT")) != NULL)
1024 {
1025 if ((cg->ipp_port = atoi(ipp_port)) <= 0)
1026 cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
1027 }
1028 else
1029 cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
1030 }
1031
1032 #ifdef HAVE_GSSAPI
1033 if (!cups_gssservicename)
1034 cups_gssservicename = CUPS_DEFAULT_GSSSERVICENAME;
1035
1036 strlcpy(cg->gss_service_name, cups_gssservicename,
1037 sizeof(cg->gss_service_name));
1038 #endif /* HAVE_GSSAPI */
1039
1040 if (cups_anyroot)
1041 cg->any_root = !_cups_strcasecmp(cups_anyroot, "yes") ||
1042 !_cups_strcasecmp(cups_anyroot, "on") ||
1043 !_cups_strcasecmp(cups_anyroot, "true");
1044
1045 if (cups_expiredroot)
1046 cg->expired_root = !_cups_strcasecmp(cups_expiredroot, "yes") ||
1047 !_cups_strcasecmp(cups_expiredroot, "on") ||
1048 !_cups_strcasecmp(cups_expiredroot, "true");
1049
1050 if (cups_expiredcerts)
1051 cg->expired_certs = !_cups_strcasecmp(cups_expiredcerts, "yes") ||
1052 !_cups_strcasecmp(cups_expiredcerts, "on") ||
1053 !_cups_strcasecmp(cups_expiredcerts, "true");
1054 }
1055
1056
1057 /*
1058 * End of "$Id: usersys.c 8498 2009-04-13 17:03:15Z mike $".
1059 */
Unnamed repository; edit this file 'description' to name the repository.