/*
- * "$Id: auth.c 5232 2006-03-05 17:59:19Z mike $"
+ * "$Id: auth.c 5305 2006-03-18 03:05:12Z mike $"
*
* Authorization routines for the Common UNIX Printing System (CUPS).
*
* cupsdFindBest() - Find the location entry that best matches the
* resource.
* cupsdFindLocation() - Find the named location.
- * cupsdGetMD5Passwd() - Get an MD5 password.
* cupsdIsAuthorized() - Check to see if the user is authorized...
* add_allow() - Add an allow mask to the location.
* add_deny() - Add a deny mask to the location.
* compare_locations() - Compare two locations.
* cups_crypt() - Encrypt the password using the DES or MD5
* algorithms, as needed.
+ * get_md5_password() - Get an MD5 password.
* pam_func() - PAM conversation function.
* to64() - Base64-encode an integer value...
*/
#if !HAVE_LIBPAM
static char *cups_crypt(const char *pw, const char *salt);
#endif /* !HAVE_LIBPAM */
+static char *get_md5_password(const char *username,
+ const char *group, char passwd[33]);
#if HAVE_LIBPAM
static int pam_func(int, const struct pam_message **,
struct pam_response **, void *);
if (temp == NULL)
{
cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to add name to location %s: %s",
- loc->location, strerror(errno));
+ loc->location ? loc->location : "nil", strerror(errno));
return;
}
{
cupsdLogMessage(CUPSD_LOG_ERROR,
"Unable to duplicate name for location %s: %s",
- loc->location, strerror(errno));
+ loc->location ? loc->location : "nil", strerror(errno));
return;
}
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdAllowHost(loc=%p(%s), name=\"%s\")",
- loc, loc->location, name);
+ loc, loc->location ? loc->location : "nil", name);
if ((temp = add_allow(loc)) == NULL)
return;
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"cupsdAllowIP(loc=%p(%s), address=%x:%x:%x:%x, netmask=%x:%x:%x:%x)",
- loc, loc->location, address[0], address[1], address[2],
- address[3], netmask[0], netmask[1], netmask[2],
- netmask[3]);
+ loc, loc->location ? loc->location : "nil",
+ address[0], address[1], address[2], address[3],
+ netmask[0], netmask[1], netmask[2], netmask[3]);
if ((temp = add_allow(loc)) == NULL)
return;
strlcpy(data.username, username, sizeof(data.username));
strlcpy(data.password, password, sizeof(data.password));
+# ifdef __sun
+ pamdata.conv = (int (*)(int, struct pam_message **,
+ struct pam_response **,
+ void *))pam_func;
+# else
pamdata.conv = pam_func;
+# endif /* __sun */
pamdata.appdata_ptr = &data;
# ifdef __hpux
* Do Basic authentication with the Digest password file...
*/
- if (!cupsdGetMD5Passwd(username, NULL, md5))
+ if (!get_md5_password(username, NULL, md5))
{
cupsdLogMessage(CUPSD_LOG_ERROR,
"cupsdAuthorize: Unknown MD5 username \"%s\"!",
* Validate the username and password...
*/
- if (!cupsdGetMD5Passwd(username, NULL, md5))
+ if (!get_md5_password(username, NULL, md5))
{
cupsdLogMessage(CUPSD_LOG_ERROR,
"cupsdAuthorize: Unknown MD5 username \"%s\"!",
* file...
*/
- if (cupsdGetMD5Passwd(username, groupname, junk) != NULL)
+ if (get_md5_password(username, groupname, junk) != NULL)
return (1);
/*
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdDenyHost(loc=%p(%s), name=\"%s\")",
- loc, loc->location, name);
+ loc, loc->location ? loc->location : "nil", name);
if ((temp = add_deny(loc)) == NULL)
return;
cupsdLogMessage(CUPSD_LOG_DEBUG,
"cupsdDenyIP(loc=%p(%s), address=%x:%x:%x:%x, netmask=%x:%x:%x:%x)",
- loc, loc->location, address[0], address[1], address[2],
- address[3], netmask[0], netmask[1], netmask[2],
- netmask[3]);
+ loc, loc->location ? loc->location : "nil",
+ address[0], address[1], address[2], address[3],
+ netmask[0], netmask[1], netmask[2], netmask[3]);
if ((temp = add_deny(loc)) == NULL)
return;
loc = (cupsd_location_t *)cupsArrayNext(Locations))
{
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdFindBest: Location %s Limit %x",
- loc->location, loc->limit);
+ loc->location ? loc->location : "nil", loc->limit);
if (!strncmp(uri, "/printers/", 10) || !strncmp(uri, "/classes/", 9))
{
* Use case-insensitive comparison for queue names...
*/
- if (loc->length > bestlen &&
+ if (loc->length > bestlen && loc->location &&
!strncasecmp(uri, loc->location, loc->length) &&
loc->location[0] == '/' &&
(limit & loc->limit) != 0)
* Use case-sensitive comparison for other URIs...
*/
- if (loc->length > bestlen &&
+ if (loc->length > bestlen && loc->location &&
!strncmp(uri, loc->location, loc->length) &&
loc->location[0] == '/' &&
(limit & loc->limit) != 0)
}
-/*
- * 'cupsdGetMD5Passwd()' - Get an MD5 password.
- */
-
-char * /* O - MD5 password string */
-cupsdGetMD5Passwd(const char *username, /* I - Username */
- const char *group, /* I - Group */
- char passwd[33])/* O - MD5 password string */
-{
- cups_file_t *fp; /* passwd.md5 file */
- char filename[1024], /* passwd.md5 filename */
- line[256], /* Line from file */
- tempuser[33], /* User from file */
- tempgroup[33]; /* Group from file */
-
-
- cupsdLogMessage(CUPSD_LOG_DEBUG2,
- "cupsdGetMD5Passwd(username=\"%s\", group=\"%s\", passwd=%p)",
- username, group ? group : "(null)", passwd);
-
- snprintf(filename, sizeof(filename), "%s/passwd.md5", ServerRoot);
- if ((fp = cupsFileOpen(filename, "r")) == NULL)
- {
- if (errno != ENOENT)
- cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to open %s - %s", filename,
- strerror(errno));
-
- return (NULL);
- }
-
- while (cupsFileGets(fp, line, sizeof(line)) != NULL)
- {
- if (sscanf(line, "%32[^:]:%32[^:]:%32s", tempuser, tempgroup, passwd) != 3)
- {
- cupsdLogMessage(CUPSD_LOG_ERROR, "Bad MD5 password line: %s", line);
- continue;
- }
-
- if (!strcmp(username, tempuser) &&
- (group == NULL || !strcmp(group, tempgroup)))
- {
- /*
- * Found the password entry!
- */
-
- cupsdLogMessage(CUPSD_LOG_DEBUG2, "Found MD5 user %s, group %s...",
- username, tempgroup);
-
- cupsFileClose(fp);
- return (passwd);
- }
- }
-
- /*
- * Didn't find a password entry - return NULL!
- */
-
- cupsFileClose(fp);
- return (NULL);
-}
-
-
/*
* 'cupsdIsAuthorized()' - Check to see if the user is authorized...
*/
#endif /* !HAVE_LIBPAM */
+/*
+ * 'get_md5_password()' - Get an MD5 password.
+ */
+
+static char * /* O - MD5 password string */
+get_md5_password(const char *username, /* I - Username */
+ const char *group, /* I - Group */
+ char passwd[33]) /* O - MD5 password string */
+{
+ cups_file_t *fp; /* passwd.md5 file */
+ char filename[1024], /* passwd.md5 filename */
+ line[256], /* Line from file */
+ tempuser[33], /* User from file */
+ tempgroup[33]; /* Group from file */
+
+
+ cupsdLogMessage(CUPSD_LOG_DEBUG2,
+ "get_md5_password(username=\"%s\", group=\"%s\", passwd=%p)",
+ username, group ? group : "(null)", passwd);
+
+ snprintf(filename, sizeof(filename), "%s/passwd.md5", ServerRoot);
+ if ((fp = cupsFileOpen(filename, "r")) == NULL)
+ {
+ if (errno != ENOENT)
+ cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to open %s - %s", filename,
+ strerror(errno));
+
+ return (NULL);
+ }
+
+ while (cupsFileGets(fp, line, sizeof(line)) != NULL)
+ {
+ if (sscanf(line, "%32[^:]:%32[^:]:%32s", tempuser, tempgroup, passwd) != 3)
+ {
+ cupsdLogMessage(CUPSD_LOG_ERROR, "Bad MD5 password line: %s", line);
+ continue;
+ }
+
+ if (!strcmp(username, tempuser) &&
+ (group == NULL || !strcmp(group, tempgroup)))
+ {
+ /*
+ * Found the password entry!
+ */
+
+ cupsdLogMessage(CUPSD_LOG_DEBUG2, "Found MD5 user %s, group %s...",
+ username, tempgroup);
+
+ cupsFileClose(fp);
+ return (passwd);
+ }
+ }
+
+ /*
+ * Didn't find a password entry - return NULL!
+ */
+
+ cupsFileClose(fp);
+ return (NULL);
+}
+
+
#if HAVE_LIBPAM
/*
* 'pam_func()' - PAM conversation function.
/*
- * End of "$Id: auth.c 5232 2006-03-05 17:59:19Z mike $".
+ * End of "$Id: auth.c 5305 2006-03-18 03:05:12Z mike $".
*/