]> git.ipfire.org Git - thirdparty/cups.git/blob - scheduler/auth.h
projects / thirdparty / cups.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Load cups into easysw/current.
[thirdparty/cups.git] / scheduler / auth.h
1 /*
2 * "$Id: auth.h 6649 2007-07-11 21:46:42Z mike $"
3 *
4 * Authorization definitions for the Common UNIX Printing System (CUPS)
5 * scheduler.
6 *
7 * Copyright 2007 by Apple Inc.
8 * Copyright 1997-2006 by Easy Software Products, all rights reserved.
9 *
10 * These coded instructions, statements, and computer programs are the
11 * property of Apple Inc. and are protected by Federal copyright
12 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
13 * which should have been included with this file. If this file is
14 * file is missing or damaged, see the license at "http://www.cups.org/".
15 */
16
17 /*
18 * Include necessary headers...
19 */
20
21 #include <pwd.h>
22
23
24 /*
25 * HTTP authorization types and levels...
26 */
27
28 #define AUTH_NONE 0 /* No authentication */
29 #define AUTH_BASIC 1 /* Basic authentication */
30 #define AUTH_DIGEST 2 /* Digest authentication */
31 #define AUTH_BASICDIGEST 3 /* Basic authentication w/passwd.md5 */
32 #define AUTH_NEGOTIATE 4 /* Kerberos authentication */
33
34 #define AUTH_ANON 0 /* Anonymous access */
35 #define AUTH_USER 1 /* Must have a valid username/password */
36 #define AUTH_GROUP 2 /* Must also be in a named group */
37
38 #define AUTH_ALLOW 0 /* Allow access */
39 #define AUTH_DENY 1 /* Deny access */
40
41 #define AUTH_NAME 0 /* Authorize host by name */
42 #define AUTH_IP 1 /* Authorize host by IP */
43 #define AUTH_INTERFACE 2 /* Authorize host by interface */
44
45 #define AUTH_SATISFY_ALL 0 /* Satisfy both address and auth */
46 #define AUTH_SATISFY_ANY 1 /* Satisfy either address or auth */
47
48 #define AUTH_LIMIT_DELETE 1 /* Limit DELETE requests */
49 #define AUTH_LIMIT_GET 2 /* Limit GET requests */
50 #define AUTH_LIMIT_HEAD 4 /* Limit HEAD requests */
51 #define AUTH_LIMIT_OPTIONS 8 /* Limit OPTIONS requests */
52 #define AUTH_LIMIT_POST 16 /* Limit POST requests */
53 #define AUTH_LIMIT_PUT 32 /* Limit PUT requests */
54 #define AUTH_LIMIT_TRACE 64 /* Limit TRACE requests */
55 #define AUTH_LIMIT_ALL 127 /* Limit all requests */
56 #define AUTH_LIMIT_IPP 128 /* Limit IPP requests */
57
58 #define IPP_ANY_OPERATION (ipp_op_t)0
59 /* Any IPP operation */
60 #define IPP_BAD_OPERATION (ipp_op_t)-1
61 /* No IPP operation */
62
63
64 /*
65 * HTTP access control structures...
66 */
67
68 typedef struct
69 {
70 unsigned address[4], /* IP address */
71 netmask[4]; /* IP netmask */
72 } cupsd_ipmask_t;
73
74 typedef struct
75 {
76 int length; /* Length of name */
77 char *name; /* Name string */
78 } cupsd_namemask_t;
79
80 typedef struct
81 {
82 int type; /* Mask type */
83 union
84 {
85 cupsd_namemask_t name; /* Host/Domain name */
86 cupsd_ipmask_t ip; /* IP address/network */
87 } mask; /* Mask data */
88 } cupsd_authmask_t;
89
90 typedef struct
91 {
92 char *location; /* Location of resource */
93 ipp_op_t op; /* IPP operation */
94 int limit, /* Limit for these types of requests */
95 length, /* Length of location string */
96 order_type, /* Allow or Deny */
97 type, /* Type of authentication */
98 level, /* Access level required */
99 satisfy; /* Satisfy any or all limits? */
100 int num_names; /* Number of names */
101 char **names; /* User or group names */
102 int num_allow; /* Number of Allow lines */
103 cupsd_authmask_t *allow; /* Allow lines */
104 int num_deny; /* Number of Deny lines */
105 cupsd_authmask_t *deny; /* Deny lines */
106 http_encryption_t encryption; /* To encrypt or not to encrypt... */
107 } cupsd_location_t;
108
109 typedef struct cupsd_client_s cupsd_client_t;
110
111
112 /*
113 * Globals...
114 */
115
116 VAR cups_array_t *Locations VALUE(NULL);
117 /* Authorization locations */
118 VAR int DefaultAuthType VALUE(AUTH_BASIC);
119 /* Default AuthType, if not specified */
120 #ifdef HAVE_SSL
121 VAR http_encryption_t DefaultEncryption VALUE(HTTP_ENCRYPT_REQUIRED);
122 /* Default encryption for authentication */
123 #endif /* HAVE_SSL */
124
125
126 /*
127 * Prototypes...
128 */
129
130 extern cupsd_location_t *cupsdAddLocation(const char *location);
131 extern void cupsdAddName(cupsd_location_t *loc, char *name);
132 extern void cupsdAllowHost(cupsd_location_t *loc, char *name);
133 extern void cupsdAllowIP(cupsd_location_t *loc, unsigned address[4],
134 unsigned netmask[4]);
135 extern void cupsdAuthorize(cupsd_client_t *con);
136 extern int cupsdCheckAuth(unsigned ip[4], char *name, int namelen,
137 int num_masks, cupsd_authmask_t *masks);
138 extern int cupsdCheckGroup(const char *username,
139 struct passwd *user,
140 const char *groupname);
141 extern cupsd_location_t *cupsdCopyLocation(cupsd_location_t **loc);
142 extern void cupsdDeleteAllLocations(void);
143 extern void cupsdDeleteLocation(cupsd_location_t *loc);
144 extern void cupsdDenyHost(cupsd_location_t *loc, char *name);
145 extern void cupsdDenyIP(cupsd_location_t *loc, unsigned address[4],
146 unsigned netmask[4]);
147 extern cupsd_location_t *cupsdFindBest(const char *path, http_state_t state);
148 extern cupsd_location_t *cupsdFindLocation(const char *location);
149 extern http_status_t cupsdIsAuthorized(cupsd_client_t *con, const char *owner);
150
151
152 /*
153 * End of "$Id: auth.h 6649 2007-07-11 21:46:42Z mike $".
154 */
Unnamed repository; edit this file 'description' to name the repository.