#include "cups-private.h"
#include <stdlib.h>
#include <sys/stat.h>
#ifdef WIN32
# include <windows.h>
#else
# include <pwd.h>
# include <termios.h>
# include <sys/utsname.h>
#endif
#define _CUPS_PASSCHAR '*'
static void cups_read_client_conf(cups_file_t *fp,
_cups_globals_t *cg,
const char *cups_encryption,
const char *cups_server,
const char *cups_user,
#ifdef HAVE_GSSAPI
const char *cups_gssservicename,
#endif
const char *cups_anyroot,
const char *cups_expiredcerts,
const char *cups_validatecerts);
http_encryption_t
cupsEncryption(void)
{
_cups_globals_t *cg = _cupsGlobals();
if (cg->encryption == (http_encryption_t)-1)
_cupsSetDefaults();
return (cg->encryption);
}
const char *
cupsGetPassword(const char *prompt)
{
_cups_globals_t *cg = _cupsGlobals();
return ((cg->password_cb)(prompt, NULL, NULL, NULL, cg->password_data));
}
const char *
cupsGetPassword2(const char *prompt,
http_t *http,
const char *method,
const char *resource)
{
_cups_globals_t *cg = _cupsGlobals();
if (!http)
http = _cupsConnect();
return ((cg->password_cb)(prompt, http, method, resource, cg->password_data));
}
const char *
cupsServer(void)
{
_cups_globals_t *cg = _cupsGlobals();
if (!cg->server[0])
_cupsSetDefaults();
return (cg->server);
}
void
cupsSetClientCertCB(
cups_client_cert_cb_t cb,
void *user_data)
{
_cups_globals_t *cg = _cupsGlobals();
cg->client_cert_cb = cb;
cg->client_cert_data = user_data;
}
int
cupsSetCredentials(
cups_array_t *credentials)
{
_cups_globals_t *cg = _cupsGlobals();
if (cupsArrayCount(credentials) < 1)
return (-1);
#ifdef HAVE_SSL
_httpFreeCredentials(cg->tls_credentials);
cg->tls_credentials = _httpCreateCredentials(credentials);
#endif
return (cg->tls_credentials ? 0 : -1);
}
void
cupsSetEncryption(http_encryption_t e)
{
_cups_globals_t *cg = _cupsGlobals();
cg->encryption = e;
if (cg->http)
httpEncryption(cg->http, e);
}
void
cupsSetPasswordCB(cups_password_cb_t cb)
{
_cups_globals_t *cg = _cupsGlobals();
if (cb == (cups_password_cb_t)0)
cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
else
cg->password_cb = (cups_password_cb2_t)cb;
cg->password_data = NULL;
}
void
cupsSetPasswordCB2(
cups_password_cb2_t cb,
void *user_data)
{
_cups_globals_t *cg = _cupsGlobals();
if (cb == (cups_password_cb2_t)0)
cg->password_cb = (cups_password_cb2_t)_cupsGetPassword;
else
cg->password_cb = cb;
cg->password_data = user_data;
}
void
cupsSetServer(const char *server)
{
char *options,
*port;
_cups_globals_t *cg = _cupsGlobals();
if (server)
{
strlcpy(cg->server, server, sizeof(cg->server));
if (cg->server[0] != '/' && (options = strrchr(cg->server, '/')) != NULL)
{
*options++ = '\0';
if (!strcmp(options, "version=1.0"))
cg->server_version = 10;
else if (!strcmp(options, "version=1.1"))
cg->server_version = 11;
else if (!strcmp(options, "version=2.0"))
cg->server_version = 20;
else if (!strcmp(options, "version=2.1"))
cg->server_version = 21;
else if (!strcmp(options, "version=2.2"))
cg->server_version = 22;
}
else
cg->server_version = 20;
if (cg->server[0] != '/' && (port = strrchr(cg->server, ':')) != NULL &&
!strchr(port, ']') && isdigit(port[1] & 255))
{
*port++ = '\0';
cg->ipp_port = atoi(port);
}
if (cg->server[0] == '/')
strlcpy(cg->servername, "localhost", sizeof(cg->servername));
else
strlcpy(cg->servername, cg->server, sizeof(cg->servername));
}
else
{
cg->server[0] = '\0';
cg->servername[0] = '\0';
cg->server_version = 20;
}
if (cg->http)
{
httpClose(cg->http);
cg->http = NULL;
}
}
void
cupsSetServerCertCB(
cups_server_cert_cb_t cb,
void *user_data)
{
_cups_globals_t *cg = _cupsGlobals();
cg->server_cert_cb = cb;
cg->server_cert_data = user_data;
}
void
cupsSetUser(const char *user)
{
_cups_globals_t *cg = _cupsGlobals();
if (user)
strlcpy(cg->user, user, sizeof(cg->user));
else
cg->user[0] = '\0';
}
void
cupsSetUserAgent(const char *user_agent)
{
_cups_globals_t *cg = _cupsGlobals();
#ifdef WIN32
SYSTEM_INFO sysinfo;
OSVERSIONINFO version;
#else
struct utsname name;
#endif
if (user_agent)
{
strlcpy(cg->user_agent, user_agent, sizeof(cg->user_agent));
return;
}
#ifdef WIN32
version.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
GetVersionEx(&version);
GetNativeSystemInfo(&sysinfo);
snprintf(cg->user_agent, sizeof(cg->user_agent),
CUPS_MINIMAL " (Windows %d.%d; %s) IPP/2.0",
version.dwMajorVersion, version.dwMinorVersion,
sysinfo.wProcessorArchitecture
== PROCESSOR_ARCHITECTURE_AMD64 ? "amd64" :
sysinfo.wProcessorArchitecture
== PROCESSOR_ARCHITECTURE_ARM ? "arm" :
sysinfo.wProcessorArchitecture
== PROCESSOR_ARCHITECTURE_IA64 ? "ia64" :
sysinfo.wProcessorArchitecture
== PROCESSOR_ARCHITECTURE_INTEL ? "intel" :
"unknown");
#else
uname(&name);
snprintf(cg->user_agent, sizeof(cg->user_agent),
CUPS_MINIMAL " (%s %s; %s) IPP/2.0",
name.sysname, name.release, name.machine);
#endif
}
const char *
cupsUser(void)
{
_cups_globals_t *cg = _cupsGlobals();
if (!cg->user[0])
_cupsSetDefaults();
return (cg->user);
}
const char *
cupsUserAgent(void)
{
_cups_globals_t *cg = _cupsGlobals();
if (!cg->user_agent[0])
cupsSetUserAgent(NULL);
return (cg->user_agent);
}
const char *
_cupsGetPassword(const char *prompt)
{
#ifdef WIN32
HANDLE tty;
DWORD mode;
char passch,
*passptr,
*passend;
DWORD passbytes;
_cups_globals_t *cg = _cupsGlobals();
if ((tty = GetStdHandle(STD_INPUT_HANDLE)) == INVALID_HANDLE_VALUE)
return (NULL);
if (!GetConsoleMode(tty, &mode))
return (NULL);
if (!SetConsoleMode(tty, 0))
return (NULL);
printf("%s ", prompt);
fflush(stdout);
passptr = cg->password;
passend = cg->password + sizeof(cg->password) - 1;
while (ReadFile(tty, &passch, 1, &passbytes, NULL))
{
if (passch == 0x0A || passch == 0x0D)
{
break;
}
else if (passch == 0x08 || passch == 0x7F)
{
if (passptr > cg->password)
{
passptr --;
fputs("\010 \010", stdout);
}
else
putchar(0x07);
}
else if (passch == 0x15)
{
if (passptr > cg->password)
{
while (passptr > cg->password)
{
passptr --;
fputs("\010 \010", stdout);
}
}
else
putchar(0x07);
}
else if (passch == 0x03)
{
passptr = cg->password;
break;
}
else if ((passch & 255) < 0x20 || passptr >= passend)
putchar(0x07);
else
{
*passptr++ = passch;
putchar(_CUPS_PASSCHAR);
}
fflush(stdout);
}
putchar('\n');
fflush(stdout);
SetConsoleMode(tty, mode);
if (passbytes == 1 && passptr > cg->password)
{
*passptr = '\0';
return (cg->password);
}
else
{
memset(cg->password, 0, sizeof(cg->password));
return (NULL);
}
#else
int tty;
struct termios original,
noecho;
char passch,
*passptr,
*passend;
ssize_t passbytes;
_cups_globals_t *cg = _cupsGlobals();
if ((tty = open("/dev/tty", O_RDONLY)) < 0)
return (NULL);
if (tcgetattr(tty, &original))
{
close(tty);
return (NULL);
}
noecho = original;
noecho.c_lflag &= (tcflag_t)~(ICANON | ECHO | ECHOE | ISIG);
if (tcsetattr(tty, TCSAFLUSH, &noecho))
{
close(tty);
return (NULL);
}
printf("%s ", prompt);
fflush(stdout);
passptr = cg->password;
passend = cg->password + sizeof(cg->password) - 1;
while ((passbytes = read(tty, &passch, 1)) == 1)
{
if (passch == noecho.c_cc[VEOL] ||
# ifdef VEOL2
passch == noecho.c_cc[VEOL2] ||
# endif
passch == 0x0A || passch == 0x0D)
{
break;
}
else if (passch == noecho.c_cc[VERASE] ||
passch == 0x08 || passch == 0x7F)
{
if (passptr > cg->password)
{
passptr --;
fputs("\010 \010", stdout);
}
else
putchar(0x07);
}
else if (passch == noecho.c_cc[VKILL])
{
if (passptr > cg->password)
{
while (passptr > cg->password)
{
passptr --;
fputs("\010 \010", stdout);
}
}
else
putchar(0x07);
}
else if (passch == noecho.c_cc[VINTR] || passch == noecho.c_cc[VQUIT] ||
passch == noecho.c_cc[VEOF])
{
passptr = cg->password;
break;
}
else if ((passch & 255) < 0x20 || passptr >= passend)
putchar(0x07);
else
{
*passptr++ = passch;
putchar(_CUPS_PASSCHAR);
}
fflush(stdout);
}
putchar('\n');
fflush(stdout);
tcsetattr(tty, TCSAFLUSH, &original);
close(tty);
if (passbytes == 1 && passptr > cg->password)
{
*passptr = '\0';
return (cg->password);
}
else
{
memset(cg->password, 0, sizeof(cg->password));
return (NULL);
}
#endif
}
#ifdef HAVE_GSSAPI
const char *
_cupsGSSServiceName(void)
{
_cups_globals_t *cg = _cupsGlobals();
if (!cg->gss_service_name[0])
_cupsSetDefaults();
return (cg->gss_service_name);
}
#endif
void
_cupsSetDefaults(void)
{
cups_file_t *fp;
const char *home,
*cups_encryption,
*cups_server,
*cups_user,
#ifdef HAVE_GSSAPI
*cups_gssservicename,
#endif
*cups_anyroot,
*cups_expiredcerts,
*cups_validatecerts;
char filename[1024];
_cups_globals_t *cg = _cupsGlobals();
DEBUG_puts("_cupsSetDefaults()");
cups_encryption = getenv("CUPS_ENCRYPTION");
cups_server = getenv("CUPS_SERVER");
#ifdef HAVE_GSSAPI
cups_gssservicename = getenv("CUPS_GSSSERVICENAME");
#endif
cups_anyroot = getenv("CUPS_ANYROOT");
cups_expiredcerts = getenv("CUPS_EXPIREDCERTS");
cups_user = getenv("CUPS_USER");
cups_validatecerts = getenv("CUPS_VALIDATECERTS");
if (cg->encryption == (http_encryption_t)-1 || !cg->server[0] ||
!cg->user[0] || !cg->ipp_port)
{
# ifdef HAVE_GETEUID
if ((geteuid() == getuid() || !getuid()) && getegid() == getgid() && (home = getenv("HOME")) != NULL)
# elif !defined(WIN32)
if (getuid() && (home = getenv("HOME")) != NULL)
# else
if ((home = getenv("HOME")) != NULL)
# endif
{
snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home);
fp = cupsFileOpen(filename, "r");
}
else
fp = NULL;
if (!fp)
{
snprintf(filename, sizeof(filename), "%s/client.conf",
cg->cups_serverroot);
fp = cupsFileOpen(filename, "r");
}
cups_read_client_conf(fp, cg, cups_encryption, cups_server, cups_user,
#ifdef HAVE_GSSAPI
cups_gssservicename,
#endif
cups_anyroot, cups_expiredcerts, cups_validatecerts);
cupsFileClose(fp);
}
}
static void
cups_read_client_conf(
cups_file_t *fp,
_cups_globals_t *cg,
const char *cups_encryption,
const char *cups_server,
const char *cups_user,
#ifdef HAVE_GSSAPI
const char *cups_gssservicename,
#endif
const char *cups_anyroot,
const char *cups_expiredcerts,
const char *cups_validatecerts)
{
int linenum;
char line[1024],
*value,
encryption[1024],
#ifndef __APPLE__
server_name[1024],
#endif
user[256],
any_root[1024],
expired_certs[1024],
validate_certs[1024];
#ifdef HAVE_GSSAPI
char gss_service_name[32];
#endif
linenum = 0;
while (cupsFileGetConf(fp, line, sizeof(line), &value, &linenum))
{
if (!cups_encryption && cg->encryption == (http_encryption_t)-1 &&
!_cups_strcasecmp(line, "Encryption") && value)
{
strlcpy(encryption, value, sizeof(encryption));
cups_encryption = encryption;
}
#ifndef __APPLE__
else if (!cups_server && (!cg->server[0] || !cg->ipp_port) &&
!_cups_strcasecmp(line, "ServerName") && value)
{
strlcpy(server_name, value, sizeof(server_name));
cups_server = server_name;
}
#endif
else if (!cups_user && !_cups_strcasecmp(line, "User") && value)
{
strlcpy(user, value, sizeof(user));
cups_user = user;
}
else if (!cups_anyroot && !_cups_strcasecmp(line, "AllowAnyRoot") && value)
{
strlcpy(any_root, value, sizeof(any_root));
cups_anyroot = any_root;
}
else if (!cups_expiredcerts && !_cups_strcasecmp(line, "AllowExpiredCerts") &&
value)
{
strlcpy(expired_certs, value, sizeof(expired_certs));
cups_expiredcerts = expired_certs;
}
else if (!cups_validatecerts && !_cups_strcasecmp(line, "ValidateCerts") && value)
{
strlcpy(validate_certs, value, sizeof(validate_certs));
cups_validatecerts = validate_certs;
}
#ifdef HAVE_GSSAPI
else if (!cups_gssservicename && !_cups_strcasecmp(line, "GSSServiceName") &&
value)
{
strlcpy(gss_service_name, value, sizeof(gss_service_name));
cups_gssservicename = gss_service_name;
}
#endif
}
if (cg->encryption == (http_encryption_t)-1 && cups_encryption)
{
if (!_cups_strcasecmp(cups_encryption, "never"))
cg->encryption = HTTP_ENCRYPTION_NEVER;
else if (!_cups_strcasecmp(cups_encryption, "always"))
cg->encryption = HTTP_ENCRYPTION_ALWAYS;
else if (!_cups_strcasecmp(cups_encryption, "required"))
cg->encryption = HTTP_ENCRYPTION_REQUIRED;
else
cg->encryption = HTTP_ENCRYPTION_IF_REQUESTED;
}
if ((!cg->server[0] || !cg->ipp_port) && cups_server)
cupsSetServer(cups_server);
if (!cg->server[0])
{
#ifdef CUPS_DEFAULT_DOMAINSOCKET
struct stat sockinfo;
if (!stat(CUPS_DEFAULT_DOMAINSOCKET, &sockinfo) &&
(sockinfo.st_mode & S_IRWXO) == S_IRWXO)
cups_server = CUPS_DEFAULT_DOMAINSOCKET;
else
#endif
cups_server = "localhost";
cupsSetServer(cups_server);
}
if (!cg->ipp_port)
{
const char *ipp_port;
if ((ipp_port = getenv("IPP_PORT")) != NULL)
{
if ((cg->ipp_port = atoi(ipp_port)) <= 0)
cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
}
else
cg->ipp_port = CUPS_DEFAULT_IPP_PORT;
}
if (!cg->user[0])
{
if (cups_user)
strlcpy(cg->user, cups_user, sizeof(cg->user));
else
{
#ifdef WIN32
DWORD size;
size = sizeof(cg->user);
if (!GetUserName(cg->user, &size))
#else
const char *envuser = getenv("USER");
struct passwd *pw = NULL;
if (envuser)
{
if ((pw = getpwnam(envuser)) != NULL && pw->pw_uid != getuid())
pw = NULL;
}
if (!pw)
pw = getpwuid(getuid());
if (pw)
strlcpy(cg->user, pw->pw_name, sizeof(cg->user));
else
#endif
{
strlcpy(cg->user, "unknown", sizeof(cg->user));
}
}
}
#ifdef HAVE_GSSAPI
if (!cups_gssservicename)
cups_gssservicename = CUPS_DEFAULT_GSSSERVICENAME;
strlcpy(cg->gss_service_name, cups_gssservicename,
sizeof(cg->gss_service_name));
#endif
if (cups_anyroot)
cg->any_root = !_cups_strcasecmp(cups_anyroot, "yes") ||
!_cups_strcasecmp(cups_anyroot, "on") ||
!_cups_strcasecmp(cups_anyroot, "true");
if (cups_expiredcerts)
cg->expired_certs = !_cups_strcasecmp(cups_expiredcerts, "yes") ||
!_cups_strcasecmp(cups_expiredcerts, "on") ||
!_cups_strcasecmp(cups_expiredcerts, "true");
if (cups_validatecerts)
cg->validate_certs = !_cups_strcasecmp(cups_validatecerts, "yes") ||
!_cups_strcasecmp(cups_validatecerts, "on") ||
!_cups_strcasecmp(cups_validatecerts, "true");
}