/*
- * "$Id: conf.c 6930 2007-09-08 00:28:06Z mike $"
+ * "$Id: conf.c 7694 2008-06-26 00:23:20Z mike $"
*
* Configuration routines for the Common UNIX Printing System (CUPS).
*
* get_addr_and_mask() - Get an IP address and netmask.
* parse_aaa() - Parse authentication, authorization, and
* access control lines.
+ * parse_fatal_errors() - Parse FatalErrors values in a string.
* parse_groups() - Parse system group names in a string.
* parse_protocols() - Parse browse protocols in a string.
* read_configuration() - Read a configuration file.
{ "BrowseInterval", &BrowseInterval, CUPSD_VARTYPE_INTEGER },
#ifdef HAVE_LDAP
{ "BrowseLDAPBindDN", &BrowseLDAPBindDN, CUPSD_VARTYPE_STRING },
+# ifdef HAVE_LDAP_SSL
{ "BrowseLDAPCACertFile", &BrowseLDAPCACertFile, CUPSD_VARTYPE_PATHNAME },
+# endif /* HAVE_LDAP_SSL */
{ "BrowseLDAPDN", &BrowseLDAPDN, CUPSD_VARTYPE_STRING },
{ "BrowseLDAPPassword", &BrowseLDAPPassword, CUPSD_VARTYPE_STRING },
{ "BrowseLDAPServer", &BrowseLDAPServer, CUPSD_VARTYPE_STRING },
{ "DefaultCharset", &DefaultCharset, CUPSD_VARTYPE_STRING },
{ "DefaultLanguage", &DefaultLanguage, CUPSD_VARTYPE_STRING },
{ "DefaultLeaseDuration", &DefaultLeaseDuration, CUPSD_VARTYPE_INTEGER },
+ { "DefaultPaperSize", &DefaultPaperSize, CUPSD_VARTYPE_STRING },
{ "DefaultPolicy", &DefaultPolicy, CUPSD_VARTYPE_STRING },
{ "DefaultShared", &DefaultShared, CUPSD_VARTYPE_BOOLEAN },
{ "DirtyCleanInterval", &DirtyCleanInterval, CUPSD_VARTYPE_INTEGER },
unsigned *mask);
static int parse_aaa(cupsd_location_t *loc, char *line,
char *value, int linenum);
+static int parse_fatal_errors(const char *s);
static int parse_groups(const char *s);
static int parse_protocols(const char *s);
static int read_configuration(cups_file_t *fp);
int dir_created = 0; /* Did we create a directory? */
char pathname[1024]; /* File name with prefix */
struct stat fileinfo; /* Stat buffer */
+ int is_symlink; /* Is "filename" a symlink? */
/*
* See if we can stat the file/directory...
*/
- if (stat(filename, &fileinfo))
+ if (lstat(filename, &fileinfo))
{
if (errno == ENOENT && create_dir)
{
return (create_dir ? -1 : 1);
}
+ if ((is_symlink = S_ISLNK(fileinfo.st_mode)) != 0)
+ {
+ if (stat(filename, &fileinfo))
+ {
+ cupsdLogMessage(CUPSD_LOG_ERROR, "\"%s\" is a bad symlink - %s",
+ filename, strerror(errno));
+ return (-1);
+ }
+ }
+
/*
- * Make sure it's a regular file...
+ * Make sure it's a regular file or a directory as needed...
*/
if (!dir_created && !is_dir && !S_ISREG(fileinfo.st_mode))
return (-1);
}
+ /*
+ * If the filename is a symlink, do not change permissions (STR #2937)...
+ */
+
+ if (is_symlink)
+ return (0);
+
/*
* Fix owner, group, and mode as needed...
*/
cups_file_t *fp; /* Configuration file */
int status; /* Return status */
char temp[1024], /* Temporary buffer */
+ mimedir[1024], /* MIME directory */
*slash; /* Directory separator */
cups_lang_t *language; /* Language */
struct passwd *user; /* Default user */
cupsdSetString(&DefaultCharset, _cupsEncodingName(language->encoding));
+ cupsdClearString(&DefaultPaperSize);
+
cupsdSetString(&RIPCache, "8m");
cupsdSetString(&TempDir, NULL);
* Numeric options...
*/
+ AccessLogLevel = CUPSD_ACCESSLOG_ACTIONS;
ConfigFilePerm = CUPS_DEFAULT_CONFIG_FILE_PERM;
+ FatalErrors = parse_fatal_errors(CUPS_DEFAULT_FATAL_ERRORS);
DefaultAuthType = CUPSD_AUTH_BASIC;
#ifdef HAVE_SSL
DefaultEncryption = HTTP_ENCRYPT_REQUIRED;
#endif /* HAVE_SSL */
- DirtyCleanInterval = 60;
+ DirtyCleanInterval = DEFAULT_KEEPALIVE;
JobRetryLimit = 5;
JobRetryInterval = 300;
FileDevice = FALSE;
KeepAliveTimeout = DEFAULT_KEEPALIVE;
ListenBackLog = SOMAXCONN;
LogFilePerm = CUPS_DEFAULT_LOG_FILE_PERM;
- LogLevel = CUPSD_LOG_ERROR;
+ LogLevel = CUPSD_LOG_WARN;
MaxClients = 100;
MaxClientsPerHost = 0;
MaxLogSize = 1024 * 1024;
MaxPrinterHistory = 10;
MaxRequestSize = 0;
- ReloadTimeout = 60;
+ ReloadTimeout = DEFAULT_KEEPALIVE;
RootCertDuration = 300;
Timeout = DEFAULT_TIMEOUT;
NumSystemGroups = 0;
cupsdClearString(&BrowseLDAPDN);
cupsdClearString(&BrowseLDAPPassword);
cupsdClearString(&BrowseLDAPServer);
+# ifdef HAVE_LDAP_SSL
cupsdClearString(&BrowseLDAPCACertFile);
+# endif /* HAVE_LDAP_SSL */
#endif /* HAVE_LDAP */
JobHistory = DEFAULT_HISTORY;
*/
cupsdLogMessage(CUPSD_LOG_EMERG,
- "No valid Listen or Port lines were found in the configuration file!");
+ "No valid Listen or Port lines were found in the "
+ "configuration file!");
/*
* Commit suicide...
if (ServerCertificate[0] != '/')
cupsdSetStringf(&ServerCertificate, "%s/%s", ServerRoot, ServerCertificate);
- if (!strncmp(ServerRoot, ServerCertificate, strlen(ServerRoot)))
- {
- chown(ServerCertificate, RunUser, Group);
- chmod(ServerCertificate, 0600);
- }
+ if (!strncmp(ServerRoot, ServerCertificate, strlen(ServerRoot)) &&
+ cupsdCheckPermissions(ServerCertificate, NULL, 0600, RunUser, Group,
+ 0, 0) < 0 &&
+ (FatalErrors & CUPSD_FATAL_PERMISSIONS))
+ return (0);
# if defined(HAVE_LIBSSL) || defined(HAVE_GNUTLS)
if (ServerKey[0] != '/')
cupsdSetStringf(&ServerKey, "%s/%s", ServerRoot, ServerKey);
- if (!strncmp(ServerRoot, ServerKey, strlen(ServerRoot)))
- {
- chown(ServerKey, RunUser, Group);
- chmod(ServerKey, 0600);
- }
+ if (!strncmp(ServerRoot, ServerKey, strlen(ServerRoot)) &&
+ cupsdCheckPermissions(ServerKey, NULL, 0600, RunUser, Group, 0, 0) < 0 &&
+ (FatalErrors & CUPSD_FATAL_PERMISSIONS))
+ return (0);
# endif /* HAVE_LIBSSL || HAVE_GNUTLS */
#endif /* HAVE_SSL */
snprintf(temp, sizeof(temp), "%s/rss", CacheDir);
- if (cupsdCheckPermissions(RequestRoot, NULL, 0710, RunUser,
- Group, 1, 1) < 0 ||
- cupsdCheckPermissions(CacheDir, NULL, 0775, RunUser,
- Group, 1, 1) < 0 ||
- cupsdCheckPermissions(temp, NULL, 0775, RunUser,
- Group, 1, 1) < 0 ||
- cupsdCheckPermissions(StateDir, NULL, 0755, RunUser,
- Group, 1, 1) < 0 ||
- cupsdCheckPermissions(StateDir, "certs", RunUser ? 0711 : 0511, User,
- SystemGroupIDs[0], 1, 1) < 0 ||
- cupsdCheckPermissions(ServerRoot, NULL, 0755, RunUser,
- Group, 1, 0) < 0 ||
- cupsdCheckPermissions(ServerRoot, "ppd", 0755, RunUser,
- Group, 1, 1) < 0 ||
- cupsdCheckPermissions(ServerRoot, "ssl", 0700, RunUser,
- Group, 1, 0) < 0 ||
- cupsdCheckPermissions(ServerRoot, "cupsd.conf", ConfigFilePerm, RunUser,
- Group, 0, 0) < 0 ||
- cupsdCheckPermissions(ServerRoot, "classes.conf", 0600, RunUser,
- Group, 0, 0) < 0 ||
- cupsdCheckPermissions(ServerRoot, "printers.conf", 0600, RunUser,
- Group, 0, 0) < 0 ||
- cupsdCheckPermissions(ServerRoot, "passwd.md5", 0600, User,
- Group, 0, 0) < 0)
+ if ((cupsdCheckPermissions(RequestRoot, NULL, 0710, RunUser,
+ Group, 1, 1) < 0 ||
+ cupsdCheckPermissions(CacheDir, NULL, 0775, RunUser,
+ Group, 1, 1) < 0 ||
+ cupsdCheckPermissions(temp, NULL, 0775, RunUser,
+ Group, 1, 1) < 0 ||
+ cupsdCheckPermissions(StateDir, NULL, 0755, RunUser,
+ Group, 1, 1) < 0 ||
+ cupsdCheckPermissions(StateDir, "certs", RunUser ? 0711 : 0511, User,
+ SystemGroupIDs[0], 1, 1) < 0 ||
+ cupsdCheckPermissions(ServerRoot, NULL, 0755, RunUser,
+ Group, 1, 0) < 0 ||
+ cupsdCheckPermissions(ServerRoot, "ppd", 0755, RunUser,
+ Group, 1, 1) < 0 ||
+ cupsdCheckPermissions(ServerRoot, "ssl", 0700, RunUser,
+ Group, 1, 0) < 0 ||
+ cupsdCheckPermissions(ServerRoot, "cupsd.conf", ConfigFilePerm, RunUser,
+ Group, 0, 0) < 0 ||
+ cupsdCheckPermissions(ServerRoot, "classes.conf", 0600, RunUser,
+ Group, 0, 0) < 0 ||
+ cupsdCheckPermissions(ServerRoot, "printers.conf", 0600, RunUser,
+ Group, 0, 0) < 0 ||
+ cupsdCheckPermissions(ServerRoot, "passwd.md5", 0600, User,
+ Group, 0, 0) < 0) &&
+ (FatalErrors & CUPSD_FATAL_PERMISSIONS))
return (0);
/*
* is under the spool directory or does not exist...
*/
- if (cupsdCheckPermissions(TempDir, NULL, 01770, RunUser, Group, 1, 1) < 0)
+ if (cupsdCheckPermissions(TempDir, NULL, 01770, RunUser, Group, 1, 1) < 0 &&
+ (FatalErrors & CUPSD_FATAL_PERMISSIONS))
return (0);
}
cupsdInitEnv();
+ /*
+ * Update default paper size setting as needed...
+ */
+
+ if (!DefaultPaperSize)
+ {
+#ifdef HAVE_LIBPAPER
+ char *paper_result; /* Paper size name from libpaper */
+
+ if ((paper_result = systempapername()) != NULL)
+ cupsdSetString(&DefaultPaperSize, paper_result);
+ else
+#endif /* HAVE_LIBPAPER */
+ if (!DefaultLanguage ||
+ !strcasecmp(DefaultLanguage, "C") ||
+ !strcasecmp(DefaultLanguage, "POSIX") ||
+ !strcasecmp(DefaultLanguage, "en") ||
+ !strncasecmp(DefaultLanguage, "en.", 3) ||
+ !strncasecmp(DefaultLanguage, "en_US", 5) ||
+ !strncasecmp(DefaultLanguage, "en_CA", 5) ||
+ !strncasecmp(DefaultLanguage, "fr_CA", 5))
+ {
+ /*
+ * These are the only locales that will default to "letter" size...
+ */
+
+ cupsdSetString(&DefaultPaperSize, "Letter");
+ }
+ else
+ cupsdSetString(&DefaultPaperSize, "A4");
+ }
+
+ /*
+ * Update classification setting as needed...
+ */
+
+ if (Classification && !strcasecmp(Classification, "none"))
+ cupsdClearString(&Classification);
+
+ if (Classification)
+ cupsdLogMessage(CUPSD_LOG_INFO, "Security set to \"%s\"", Classification);
+
/*
* Check the MaxClients setting, and then allocate memory for it...
*/
if (MaxClients > (MaxFDs / 3) || MaxClients <= 0)
{
if (MaxClients > 0)
- cupsdLogMessage(CUPSD_LOG_INFO, "MaxClients limited to 1/3 (%d) of the file descriptor limit (%d)...",
- MaxFDs / 3, MaxFDs);
+ cupsdLogMessage(CUPSD_LOG_INFO,
+ "MaxClients limited to 1/3 (%d) of the file descriptor "
+ "limit (%d)...",
+ MaxFDs / 3, MaxFDs);
MaxClients = MaxFDs / 3;
}
if (MaxActiveJobs > (MaxFDs / 3))
MaxActiveJobs = MaxFDs / 3;
- if (Classification && !strcasecmp(Classification, "none"))
- cupsdClearString(&Classification);
-
- if (Classification)
- cupsdLogMessage(CUPSD_LOG_INFO, "Security set to \"%s\"", Classification);
-
/*
* Update the MaxClientsPerHost value, as needed...
*/
*/
snprintf(temp, sizeof(temp), "%s/filter", ServerBin);
+ snprintf(mimedir, sizeof(mimedir), "%s/mime", DataDir);
- MimeDatabase = mimeLoad(ServerRoot, temp);
+ MimeDatabase = mimeLoadTypes(NULL, mimedir);
+ MimeDatabase = mimeLoadTypes(MimeDatabase, ServerRoot);
+ MimeDatabase = mimeLoadFilters(MimeDatabase, mimedir, temp);
+ MimeDatabase = mimeLoadFilters(MimeDatabase, ServerRoot, temp);
if (!MimeDatabase)
{
cupsdLogMessage(CUPSD_LOG_EMERG,
- "Unable to load MIME database from \'%s\'!", ServerRoot);
- exit(errno);
+ "Unable to load MIME database from \"%s\" or \"%s\"!",
+ mimedir, ServerRoot);
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
+ return (0);
}
cupsdLogMessage(CUPSD_LOG_INFO,
- "Loaded MIME database from \'%s\': %d types, %d filters...",
- ServerRoot, mimeNumTypes(MimeDatabase),
- mimeNumFilters(MimeDatabase));
+ "Loaded MIME database from \"%s\" and \"%s\": %d types, "
+ "%d filters...", mimedir, ServerRoot,
+ mimeNumTypes(MimeDatabase), mimeNumFilters(MimeDatabase));
/*
* Create a list of MIME types for the document-format-supported
}
+/*
+ * 'parse_fatal_errors()' - Parse FatalErrors values in a string.
+ */
+
+static int /* O - FatalErrors bits */
+parse_fatal_errors(const char *s) /* I - FatalErrors string */
+{
+ int fatal; /* FatalErrors bits */
+ char value[1024], /* Value string */
+ *valstart, /* Pointer into value */
+ *valend; /* End of value */
+
+
+ /*
+ * Empty FatalErrors line yields NULL pointer...
+ */
+
+ if (!s)
+ return (CUPSD_FATAL_NONE);
+
+ /*
+ * Loop through the value string,...
+ */
+
+ strlcpy(value, s, sizeof(value));
+
+ fatal = CUPSD_FATAL_NONE;
+
+ for (valstart = value; *valstart;)
+ {
+ /*
+ * Get the current space/comma-delimited kind name...
+ */
+
+ for (valend = valstart; *valend; valend ++)
+ if (isspace(*valend & 255) || *valend == ',')
+ break;
+
+ if (*valend)
+ *valend++ = '\0';
+
+ /*
+ * Add the error to the bitmask...
+ */
+
+ if (!strcasecmp(valstart, "all"))
+ fatal = CUPSD_FATAL_ALL;
+ else if (!strcasecmp(valstart, "browse"))
+ fatal |= CUPSD_FATAL_BROWSE;
+ else if (!strcasecmp(valstart, "-browse"))
+ fatal &= ~CUPSD_FATAL_BROWSE;
+ else if (!strcasecmp(valstart, "config"))
+ fatal |= CUPSD_FATAL_CONFIG;
+ else if (!strcasecmp(valstart, "-config"))
+ fatal &= ~CUPSD_FATAL_CONFIG;
+ else if (!strcasecmp(valstart, "listen"))
+ fatal |= CUPSD_FATAL_LISTEN;
+ else if (!strcasecmp(valstart, "-listen"))
+ fatal &= ~CUPSD_FATAL_LISTEN;
+ else if (!strcasecmp(valstart, "log"))
+ fatal |= CUPSD_FATAL_LOG;
+ else if (!strcasecmp(valstart, "-log"))
+ fatal &= ~CUPSD_FATAL_LOG;
+ else if (!strcasecmp(valstart, "permissions"))
+ fatal |= CUPSD_FATAL_PERMISSIONS;
+ else if (!strcasecmp(valstart, "-permissions"))
+ fatal &= ~CUPSD_FATAL_PERMISSIONS;
+ else if (strcasecmp(valstart, "none"))
+ cupsdLogMessage(CUPSD_LOG_ERROR,
+ "Unknown FatalErrors kind \"%s\" ignored!", valstart);
+
+ for (valstart = valend; *valstart; valstart ++)
+ if (!isspace(*valstart & 255) || *valstart != ',')
+ break;
+ }
+
+ return (fatal);
+}
+
+
/*
* 'parse_groups()' - Parse system group names in a string.
*/
if (linenum == 0)
return (0);
}
+ else if (!strcasecmp(line, "FatalErrors"))
+ FatalErrors = parse_fatal_errors(value);
else if (!strcasecmp(line, "FaxRetryInterval") && value)
{
JobRetryInterval = atoi(value);
for (addr = addrlist; addr; addr = addr->next)
{
+ /*
+ * See if this address is already present...
+ */
+
+ for (lis = (cupsd_listener_t *)cupsArrayFirst(Listeners);
+ lis;
+ lis = (cupsd_listener_t *)cupsArrayNext(Listeners))
+ if (httpAddrEqual(&(addr->addr), &(lis->address)) &&
+ _httpAddrPort(&(addr->addr)) == _httpAddrPort(&(lis->address)))
+ break;
+
+ if (lis)
+ {
+ httpAddrString(&lis->address, temp, sizeof(temp));
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "Duplicate listen address \"%s\" ignored!", temp);
+ continue;
+ }
+
/*
* Allocate another listener...
*/
cupsdLogMessage(CUPSD_LOG_WARN,
"Unknown default authorization type %s on line %d.",
value, linenum);
- return (0);
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
+ return (0);
}
}
#ifdef HAVE_SSL
cupsdLogMessage(CUPSD_LOG_WARN,
"Unknown default encryption %s on line %d.",
value, linenum);
- return (0);
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
+ return (0);
}
}
#endif /* HAVE_SSL */
* Do hostname lookups?
*/
- if (!strcasecmp(value, "off"))
+ if (!strcasecmp(value, "off") || !strcasecmp(value, "no") ||
+ !strcasecmp(value, "false"))
HostNameLookups = 0;
- else if (!strcasecmp(value, "on"))
+ else if (!strcasecmp(value, "on") || !strcasecmp(value, "yes") ||
+ !strcasecmp(value, "true"))
HostNameLookups = 1;
else if (!strcasecmp(value, "double"))
HostNameLookups = 2;
cupsdLogMessage(CUPSD_LOG_WARN, "Unknown HostNameLookups %s on line %d.",
value, linenum);
}
+ else if (!strcasecmp(line, "AccessLogLevel") && value)
+ {
+ /*
+ * Amount of logging to do to access log...
+ */
+
+ if (!strcasecmp(value, "all"))
+ AccessLogLevel = CUPSD_ACCESSLOG_ALL;
+ else if (!strcasecmp(value, "actions"))
+ AccessLogLevel = CUPSD_ACCESSLOG_ACTIONS;
+ else if (!strcasecmp(value, "config"))
+ AccessLogLevel = CUPSD_ACCESSLOG_CONFIG;
+ else
+ cupsdLogMessage(CUPSD_LOG_WARN, "Unknown AccessLogLevel %s on line %d.",
+ value, linenum);
+ }
else if (!strcasecmp(line, "LogLevel") && value)
{
/*
- * Amount of logging to do...
+ * Amount of logging to do to error log...
*/
if (!strcasecmp(value, "debug2"))
if (!value)
{
cupsdLogMessage(CUPSD_LOG_ERROR, "Syntax error on line %d.", linenum);
- return (0);
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
+ return (0);
}
if ((loc = cupsdCopyLocation(&parent)) == NULL)
cupsdLogMessage(CUPSD_LOG_ERROR,
"Unknown Location directive %s on line %d.",
line, linenum);
- return (0);
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
+ return (0);
}
}
"Unexpected end-of-file at line %d while reading location!",
linenum);
- return (0);
+ return ((FatalErrors & CUPSD_FATAL_CONFIG) ? 0 : linenum);
}
if (!value)
{
cupsdLogMessage(CUPSD_LOG_ERROR, "Syntax error on line %d.", linenum);
- return (0);
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
+ return (0);
}
/*
cupsdLogMessage(CUPSD_LOG_ERROR,
"Missing <Limit ops> directive before %s on line %d.",
line, linenum);
- return (0);
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
+ return (0);
}
else if (!parse_aaa(op, line, value, linenum))
{
"Unknown Policy directive %s on line %d.",
line, linenum);
- return (0);
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
+ return (0);
}
}
"Unexpected end-of-file at line %d while reading policy \"%s\"!",
linenum, policy);
- return (0);
+ return ((FatalErrors & CUPSD_FATAL_CONFIG) ? 0 : linenum);
}
/*
- * End of "$Id: conf.c 6930 2007-09-08 00:28:06Z mike $".
+ * End of "$Id: conf.c 7694 2008-06-26 00:23:20Z mike $".
*/
projects / thirdparty / cups.git / blobdiff