Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
srohatgi01
GitHub Repository: srohatgi01/cups
 Path: blob/master/scheduler/auth.h
1090 views
1
/*

2
 * Authorization definitions for the CUPS scheduler.

3
 *

4
 * Copyright © 2021-2022 by OpenPrinting.

5
 * Copyright 2007-2014 by Apple Inc.

6
 * Copyright 1997-2006 by Easy Software Products, all rights reserved.

7
 *

8
 * Licensed under Apache License v2.0.  See the file "LICENSE" for more

9
 * information.

10
 */

11


12
/*

13
 * Include necessary headers...

14
 */

15


16
#include <pwd.h>

17


18


19
/*

20
 * HTTP authorization types and levels...

21
 */

22


23
#define CUPSD_AUTH_DEFAULT	-1	/* Use DefaultAuthType */

24
#define CUPSD_AUTH_NONE		0	/* No authentication */

25
#define CUPSD_AUTH_BASIC	1	/* Basic authentication */

26
#define CUPSD_AUTH_NEGOTIATE	2	/* Kerberos authentication */

27
#define CUPSD_AUTH_AUTO		3	/* Kerberos or Basic, depending on configuration of server */

28


29
#define CUPSD_AUTH_ANON		0	/* Anonymous access */

30
#define CUPSD_AUTH_USER		1	/* Must have a valid username/password */

31
#define CUPSD_AUTH_GROUP	2	/* Must also be in a named group */

32


33
#define CUPSD_AUTH_ALLOW	0	/* Allow access */

34
#define CUPSD_AUTH_DENY		1	/* Deny access */

35


36
#define CUPSD_AUTH_NAME		0	/* Authorize host by name */

37
#define CUPSD_AUTH_IP		1	/* Authorize host by IP */

38
#define CUPSD_AUTH_INTERFACE	2	/* Authorize host by interface */

39


40
#define CUPSD_AUTH_SATISFY_ALL	0	/* Satisfy both address and auth */

41
#define CUPSD_AUTH_SATISFY_ANY	1	/* Satisfy either address or auth */

42


43
#define CUPSD_AUTH_LIMIT_DELETE	1	/* Limit DELETE requests */

44
#define CUPSD_AUTH_LIMIT_GET	2	/* Limit GET requests */

45
#define CUPSD_AUTH_LIMIT_HEAD	4	/* Limit HEAD requests */

46
#define CUPSD_AUTH_LIMIT_OPTIONS 8	/* Limit OPTIONS requests */

47
#define CUPSD_AUTH_LIMIT_POST	16	/* Limit POST requests */

48
#define CUPSD_AUTH_LIMIT_PUT	32	/* Limit PUT requests */

49
#define CUPSD_AUTH_LIMIT_TRACE	64	/* Limit TRACE requests */

50
#define CUPSD_AUTH_LIMIT_ALL	127	/* Limit all requests */

51
#define CUPSD_AUTH_LIMIT_IPP	128	/* Limit IPP requests */

52


53
#define IPP_ANY_OPERATION	(ipp_op_t)0

54
					/* Any IPP operation */

55
#define IPP_BAD_OPERATION	(ipp_op_t)-1

56
					/* No IPP operation */

57


58


59
/*

60
 * HTTP access control structures...

61
 */

62


63
typedef struct

64
{

65
  unsigned	address[4],		/* IP address */

66
		netmask[4];		/* IP netmask */

67
} cupsd_ipmask_t;

68


69
typedef struct

70
{

71
  size_t	length;			/* Length of name */

72
  char		*name;			/* Name string */

73
} cupsd_namemask_t;

74


75
typedef struct

76
{

77
  int		type;			/* Mask type */

78
  union

79
  {

80
    cupsd_namemask_t	name;		/* Host/Domain name */

81
    cupsd_ipmask_t	ip;		/* IP address/network */

82
  }		mask;			/* Mask data */

83
} cupsd_authmask_t;

84


85
typedef struct

86
{

87
  char			*location;	/* Location of resource */

88
  size_t		length;		/* Length of location string */

89
  ipp_op_t		op;		/* IPP operation */

90
  int			limit,		/* Limit for these types of requests */

91
			order_type,	/* Allow or Deny */

92
			type,		/* Type of authentication */

93
			level,		/* Access level required */

94
			satisfy;	/* Satisfy any or all limits? */

95
  cups_array_t		*names,		/* User or group names */

96
			*allow,		/* Allow lines */

97
			*deny;		/* Deny lines */

98
  http_encryption_t	encryption;	/* To encrypt or not to encrypt... */

99
} cupsd_location_t;

100


101
typedef struct cupsd_client_s cupsd_client_t;

102


103


104
/*

105
 * Globals...

106
 */

107


108
VAR cups_array_t	*Locations	VALUE(NULL);

109
					/* Authorization locations */

110
#ifdef HAVE_TLS

111
VAR http_encryption_t	DefaultEncryption VALUE(HTTP_ENCRYPT_REQUIRED);

112
					/* Default encryption for authentication */

113
#endif /* HAVE_TLS */

114


115


116
/*

117
 * Prototypes...

118
 */

119


120
extern int		cupsdAddIPMask(cups_array_t **masks,

121
				       const unsigned address[4],

122
				       const unsigned netmask[4]);

123
extern void		cupsdAddLocation(cupsd_location_t *loc);

124
extern void		cupsdAddName(cupsd_location_t *loc, char *name);

125
extern int		cupsdAddNameMask(cups_array_t **masks, char *name);

126
extern void		cupsdAuthorize(cupsd_client_t *con);

127
extern int		cupsdCheckAccess(unsigned ip[4], const char *name, size_t namelen, cupsd_location_t *loc);

128
extern int		cupsdCheckAuth(unsigned ip[4], const char *name, size_t namelen, cups_array_t *masks);

129
extern int		cupsdCheckGroup(const char *username,

130
			                struct passwd *user,

131
			                const char *groupname);

132
extern cupsd_location_t	*cupsdCopyLocation(cupsd_location_t *loc);

133
extern void		cupsdDeleteAllLocations(void);

134
extern cupsd_location_t	*cupsdFindBest(const char *path, http_state_t state);

135
extern cupsd_location_t	*cupsdFindLocation(const char *location);

136
extern void		cupsdFreeLocation(cupsd_location_t *loc);

137
extern http_status_t	cupsdIsAuthorized(cupsd_client_t *con, const char *owner);

138
extern cupsd_location_t	*cupsdNewLocation(const char *location);

139


140