char * /* O - Host name */ httpAddrLookup(const http_addr_t *addr, /* I - Address to lookup */ char *name, /* I - Host name buffer */ int namelen) /* I - Size of name buffer */ { struct hostent *host; /* Host from name service */ DEBUG_printf(("httpAddrLookup(addr=%p, name=%p, namelen=%d)\n", addr, name, namelen)); #ifdef AF_INET6 if (addr->addr.sa_family == AF_INET6) host = gethostbyaddr(ADDR_CAST &(addr->ipv6.sin6_addr), sizeof(struct in6_addr), AF_INET6); else #endif /* AF_INET6 */ #ifdef AF_LOCAL if (addr->addr.sa_family == AF_LOCAL) { strlcpy(name, addr->un.sun_path, namelen); return (name); } else #endif /* AF_LOCAL */ if (addr->addr.sa_family == AF_INET) host = gethostbyaddr(ADDR_CAST &(addr->ipv4.sin_addr), sizeof(struct in_addr), AF_INET); else host = NULL; if (host == NULL) { httpAddrString(addr, name, namelen); return (NULL); } strlcpy(name, host->h_name, namelen); return (name); }
static void read_snmp_response(int fd) /* I - SNMP socket file descriptor */ { char addrname[256]; /* Source address name */ cups_snmp_t packet; /* Decoded packet */ snmp_cache_t key, /* Search key */ *device; /* Matching device */ /* * Read the response data... */ if (!_cupsSNMPRead(fd, &packet, -1.0)) { fprintf(stderr, "ERROR: Unable to read data from socket: %s\n", strerror(errno)); return; } if (HostNameLookups) httpAddrLookup(&(packet.address), addrname, sizeof(addrname)); else httpAddrString(&(packet.address), addrname, sizeof(addrname)); debug_printf("DEBUG: %.3f Received data from %s...\n", run_time(), addrname); /* * Look for the response status code in the SNMP message header... */ if (packet.error) { fprintf(stderr, "ERROR: Bad SNMP packet from %s: %s\n", addrname, packet.error); return; } debug_printf("DEBUG: community=\"%s\"\n", packet.community); debug_printf("DEBUG: request-id=%d\n", packet.request_id); debug_printf("DEBUG: error-status=%d\n", packet.error_status); if (packet.error_status && packet.request_id != DEVICE_TYPE) return; /* * Find a matching device in the cache... */ key.addrname = addrname; device = (snmp_cache_t *)cupsArrayFind(Devices, &key); /* * Process the message... */ switch (packet.request_id) { case DEVICE_TYPE : /* * Got the device type response... */ if (device) { debug_printf("DEBUG: Discarding duplicate device type for \"%s\"...\n", addrname); return; } /* * Add the device and request the device data... */ add_cache(&(packet.address), addrname, NULL, NULL, NULL); _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1, packet.community, CUPS_ASN1_GET_REQUEST, DEVICE_DESCRIPTION, DescriptionOID); _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1, packet.community, CUPS_ASN1_GET_REQUEST, DEVICE_ID, DeviceIdOID); _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1, packet.community, CUPS_ASN1_GET_REQUEST, DEVICE_URI, UriOID); _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1, packet.community, CUPS_ASN1_GET_REQUEST, DEVICE_LOCATION, LocationOID); _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1, packet.community, CUPS_ASN1_GET_REQUEST, DEVICE_PRODUCT, LexmarkProductOID); _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1, packet.community, CUPS_ASN1_GET_REQUEST, DEVICE_PRODUCT, LexmarkProductOID2); _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1, packet.community, CUPS_ASN1_GET_REQUEST, DEVICE_ID, LexmarkDeviceIdOID); _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1, packet.community, CUPS_ASN1_GET_REQUEST, DEVICE_PRODUCT, XeroxProductOID); break; case DEVICE_DESCRIPTION : if (device && packet.object_type == CUPS_ASN1_OCTET_STRING) { /* * Update an existing cache entry... */ char make_model[256]; /* Make and model */ if (strchr((char *)packet.object_value.string.bytes, ':') && strchr((char *)packet.object_value.string.bytes, ';')) { /* * Description is the IEEE-1284 device ID... */ char *ptr; /* Pointer into device ID */ for (ptr = (char *)packet.object_value.string.bytes; *ptr; ptr ++) if (*ptr == '\n') *ptr = ';'; /* A lot of bad printers put a newline */ if (!device->id) device->id = strdup((char *)packet.object_value.string.bytes); backendGetMakeModel((char *)packet.object_value.string.bytes, make_model, sizeof(make_model)); if (device->info) free(device->info); device->info = strdup(make_model); } else { /* * Description is plain text... */ fix_make_model(make_model, (char *)packet.object_value.string.bytes, sizeof(make_model)); if (device->info) free(device->info); device->info = strdup((char *)packet.object_value.string.bytes); } if (!device->make_and_model) device->make_and_model = strdup(make_model); } break; case DEVICE_ID : if (device && packet.object_type == CUPS_ASN1_OCTET_STRING && (!device->id || strlen(device->id) < packet.object_value.string.num_bytes)) { /* * Update an existing cache entry... */ char make_model[256]; /* Make and model */ char *ptr; /* Pointer into device ID */ for (ptr = (char *)packet.object_value.string.bytes; *ptr; ptr ++) if (*ptr == '\n') *ptr = ';'; /* A lot of bad printers put a newline */ if (device->id) free(device->id); device->id = strdup((char *)packet.object_value.string.bytes); /* * Convert the ID to a make and model string... */ backendGetMakeModel((char *)packet.object_value.string.bytes, make_model, sizeof(make_model)); if (device->make_and_model) free(device->make_and_model); device->make_and_model = strdup(make_model); } break; case DEVICE_LOCATION : if (device && packet.object_type == CUPS_ASN1_OCTET_STRING && !device->location) device->location = strdup((char *)packet.object_value.string.bytes); break; case DEVICE_PRODUCT : if (device && packet.object_type == CUPS_ASN1_OCTET_STRING && !device->id) { /* * Update an existing cache entry... */ if (!device->info) device->info = strdup((char *)packet.object_value.string.bytes); if (device->make_and_model) free(device->make_and_model); device->make_and_model = strdup((char *)packet.object_value.string.bytes); } break; case DEVICE_URI : if (device && packet.object_type == CUPS_ASN1_OCTET_STRING && !device->uri && packet.object_value.string.num_bytes > 3) { /* * Update an existing cache entry... */ char scheme[32], /* URI scheme */ userpass[256], /* Username:password in URI */ hostname[256], /* Hostname in URI */ resource[1024]; /* Resource path in URI */ int port; /* Port number in URI */ if (!strncmp((char *)packet.object_value.string.bytes, "lpr:", 4)) { /* * We want "lpd://..." for the URI... */ packet.object_value.string.bytes[2] = 'd'; } if (httpSeparateURI(HTTP_URI_CODING_ALL, (char *)packet.object_value.string.bytes, scheme, sizeof(scheme), userpass, sizeof(userpass), hostname, sizeof(hostname), &port, resource, sizeof(resource)) >= HTTP_URI_OK) device->uri = strdup((char *)packet.object_value.string.bytes); } break; } }
static void scan_devices(int ipv4, /* I - SNMP IPv4 socket */ int ipv6) /* I - SNMP IPv6 socket */ { int fd, /* File descriptor for this address */ busy; /* Are we busy processing something? */ char *address, /* Current address */ *community; /* Current community */ fd_set input; /* Input set for select() */ struct timeval timeout; /* Timeout for select() */ time_t endtime; /* End time for scan */ http_addrlist_t *addrs, /* List of addresses */ *addr; /* Current address */ snmp_cache_t *device; /* Current device */ char temp[1024]; /* Temporary address string */ gettimeofday(&StartTime, NULL); /* * First send all of the broadcast queries... */ for (address = (char *)cupsArrayFirst(Addresses); address; address = (char *)cupsArrayNext(Addresses)) { if (!strcmp(address, "@LOCAL")) addrs = get_interface_addresses(NULL); else if (!strncmp(address, "@IF(", 4)) { char ifname[255]; /* Interface name */ strlcpy(ifname, address + 4, sizeof(ifname)); if (ifname[0]) ifname[strlen(ifname) - 1] = '\0'; addrs = get_interface_addresses(ifname); } else addrs = httpAddrGetList(address, AF_UNSPEC, NULL); if (!addrs) { fprintf(stderr, "ERROR: Unable to scan \"%s\"!\n", address); continue; } for (community = (char *)cupsArrayFirst(Communities); community; community = (char *)cupsArrayNext(Communities)) { debug_printf("DEBUG: Scanning for devices in \"%s\" via \"%s\"...\n", community, address); for (addr = addrs; addr; addr = addr->next) { #ifdef AF_INET6 if (httpAddrFamily(&(addr->addr)) == AF_INET6) fd = ipv6; else #endif /* AF_INET6 */ fd = ipv4; debug_printf("DEBUG: Sending get request to %s...\n", httpAddrString(&(addr->addr), temp, sizeof(temp))); _cupsSNMPWrite(fd, &(addr->addr), CUPS_SNMP_VERSION_1, community, CUPS_ASN1_GET_REQUEST, DEVICE_TYPE, DeviceTypeOID); } } httpAddrFreeList(addrs); } /* * Then read any responses that come in over the next 3 seconds... */ endtime = time(NULL) + MaxRunTime; FD_ZERO(&input); while (time(NULL) < endtime) { timeout.tv_sec = 2; timeout.tv_usec = 0; FD_SET(ipv4, &input); if (ipv6 >= 0) FD_SET(ipv6, &input); fd = ipv4 > ipv6 ? ipv4 : ipv6; if (select(fd + 1, &input, NULL, NULL, &timeout) < 0) { fprintf(stderr, "ERROR: %.3f select() for %d/%d failed: %s\n", run_time(), ipv4, ipv6, strerror(errno)); break; } busy = 0; if (FD_ISSET(ipv4, &input)) { read_snmp_response(ipv4); busy = 1; } if (ipv6 >= 0 && FD_ISSET(ipv6, &input)) { read_snmp_response(ipv6); busy = 1; } if (!busy) { /* * List devices with complete information... */ int sent_something = 0; for (device = (snmp_cache_t *)cupsArrayFirst(Devices); device; device = (snmp_cache_t *)cupsArrayNext(Devices)) if (!device->sent && device->info && device->make_and_model) { if (device->uri) list_device(device); else probe_device(device); device->sent = sent_something = 1; } if (!sent_something) break; } } debug_printf("DEBUG: %.3f Scan complete!\n", run_time()); }
static int /* O - 0 if available */ /* 1 if not available */ /* -1 error */ cups_local_auth(http_t *http) /* I - HTTP connection to server */ { #if defined(WIN32) || defined(__EMX__) /* * Currently WIN32 and OS-2 do not support the CUPS server... */ return (1); #else int pid; /* Current process ID */ FILE *fp; /* Certificate file */ char trc[16], /* Try Root Certificate parameter */ filename[1024]; /* Certificate filename */ _cups_globals_t *cg = _cupsGlobals(); /* Global data */ # if defined(HAVE_AUTHORIZATION_H) OSStatus status; /* Status */ AuthorizationItem auth_right; /* Authorization right */ AuthorizationRights auth_rights; /* Authorization rights */ AuthorizationFlags auth_flags; /* Authorization flags */ AuthorizationExternalForm auth_extrn; /* Authorization ref external */ char auth_key[1024]; /* Buffer */ char buffer[1024]; /* Buffer */ # endif /* HAVE_AUTHORIZATION_H */ DEBUG_printf(("7cups_local_auth(http=%p) hostaddr=%s, hostname=\"%s\"", http, httpAddrString(http->hostaddr, filename, sizeof(filename)), http->hostname)); /* * See if we are accessing localhost... */ if (!httpAddrLocalhost(http->hostaddr) && _cups_strcasecmp(http->hostname, "localhost") != 0) { DEBUG_puts("8cups_local_auth: Not a local connection!"); return (1); } # if defined(HAVE_AUTHORIZATION_H) /* * Delete any previous authorization reference... */ if (http->auth_ref) { AuthorizationFree(http->auth_ref, kAuthorizationFlagDefaults); http->auth_ref = NULL; } if (!getenv("GATEWAY_INTERFACE") && httpGetSubField2(http, HTTP_FIELD_WWW_AUTHENTICATE, "authkey", auth_key, sizeof(auth_key))) { status = AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, kAuthorizationFlagDefaults, &http->auth_ref); if (status != errAuthorizationSuccess) { DEBUG_printf(("8cups_local_auth: AuthorizationCreate() returned %d (%s)", (int)status, cssmErrorString(status))); return (-1); } auth_right.name = auth_key; auth_right.valueLength = 0; auth_right.value = NULL; auth_right.flags = 0; auth_rights.count = 1; auth_rights.items = &auth_right; auth_flags = kAuthorizationFlagDefaults | kAuthorizationFlagPreAuthorize | kAuthorizationFlagInteractionAllowed | kAuthorizationFlagExtendRights; status = AuthorizationCopyRights(http->auth_ref, &auth_rights, kAuthorizationEmptyEnvironment, auth_flags, NULL); if (status == errAuthorizationSuccess) status = AuthorizationMakeExternalForm(http->auth_ref, &auth_extrn); if (status == errAuthorizationSuccess) { /* * Set the authorization string and return... */ httpEncode64_2(buffer, sizeof(buffer), (void *)&auth_extrn, sizeof(auth_extrn)); httpSetAuthString(http, "AuthRef", buffer); DEBUG_printf(("8cups_local_auth: Returning authstring=\"%s\"", http->authstring)); return (0); } else if (status == errAuthorizationCanceled) return (-1); DEBUG_printf(("9cups_local_auth: AuthorizationCopyRights() returned %d (%s)", (int)status, cssmErrorString(status))); /* * Fall through to try certificates... */ } # endif /* HAVE_AUTHORIZATION_H */ # if defined(SO_PEERCRED) && defined(AF_LOCAL) /* * See if we can authenticate using the peer credentials provided over a * domain socket; if so, specify "PeerCred username" as the authentication * information... */ if ( # ifdef HAVE_GSSAPI _cups_strncasecmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Negotiate", 9) && # endif /* HAVE_GSSAPI */ # ifdef HAVE_AUTHORIZATION_H !httpGetSubField2(http, HTTP_FIELD_WWW_AUTHENTICATE, "authkey", auth_key, sizeof(auth_key)) && # endif /* HAVE_AUTHORIZATION_H */ http->hostaddr->addr.sa_family == AF_LOCAL && !getenv("GATEWAY_INTERFACE")) /* Not via CGI programs... */ { /* * Verify that the current cupsUser() matches the current UID... */ struct passwd *pwd; /* Password information */ const char *username; /* Current username */ username = cupsUser(); if ((pwd = getpwnam(username)) != NULL && pwd->pw_uid == getuid()) { httpSetAuthString(http, "PeerCred", username); DEBUG_printf(("8cups_local_auth: Returning authstring=\"%s\"", http->authstring)); return (0); } } # endif /* SO_PEERCRED && AF_LOCAL */ /* * Try opening a certificate file for this PID. If that fails, * try the root certificate... */ pid = getpid(); snprintf(filename, sizeof(filename), "%s/certs/%d", cg->cups_statedir, pid); if ((fp = fopen(filename, "r")) == NULL && pid > 0) { /* * No certificate for this PID; see if we can get the root certificate... */ DEBUG_printf(("9cups_local_auth: Unable to open file %s: %s", filename, strerror(errno))); # ifdef HAVE_GSSAPI if (!_cups_strncasecmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Negotiate", 9)) { /* * Kerberos required, don't try the root certificate... */ return (1); } # endif /* HAVE_GSSAPI */ # ifdef HAVE_AUTHORIZATION_H if (httpGetSubField2(http, HTTP_FIELD_WWW_AUTHENTICATE, "authkey", auth_key, sizeof(auth_key))) { /* * Don't use the root certificate as a replacement for an authkey... */ return (1); } # endif /* HAVE_AUTHORIZATION_H */ if (!httpGetSubField2(http, HTTP_FIELD_WWW_AUTHENTICATE, "trc", trc, sizeof(trc))) { /* * Scheduler doesn't want us to use the root certificate... */ return (1); } snprintf(filename, sizeof(filename), "%s/certs/0", cg->cups_statedir); fp = fopen(filename, "r"); } if (fp) { /* * Read the certificate from the file... */ char certificate[33], /* Certificate string */ *certptr; /* Pointer to certificate string */ certptr = fgets(certificate, sizeof(certificate), fp); fclose(fp); if (certptr) { /* * Set the authorization string and return... */ httpSetAuthString(http, "Local", certificate); DEBUG_printf(("8cups_local_auth: Returning authstring=\"%s\"", http->authstring)); return (0); } } return (1); #endif /* WIN32 || __EMX__ */ }
void * /* O - Profile or NULL on error */ cupsdCreateProfile(int job_id, /* I - Job ID or 0 for none */ int allow_networking)/* I - Allow networking off machine? */ { #ifdef HAVE_SANDBOX_H cups_file_t *fp; /* File pointer */ char profile[1024], /* File containing the profile */ bin[1024], /* Quoted ServerBin */ cache[1024], /* Quoted CacheDir */ domain[1024], /* Domain socket, if any */ request[1024], /* Quoted RequestRoot */ root[1024], /* Quoted ServerRoot */ state[1024], /* Quoted StateDir */ temp[1024]; /* Quoted TempDir */ const char *nodebug; /* " (with no-log)" for no debug */ cupsd_listener_t *lis; /* Current listening socket */ if (!UseSandboxing || Sandboxing == CUPSD_SANDBOXING_OFF) { /* * Only use sandbox profiles as root... */ cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d, allow_networking=%d) = NULL", job_id, allow_networking); return (NULL); } if ((fp = cupsTempFile2(profile, sizeof(profile))) == NULL) { cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d, allow_networking=%d) = NULL", job_id, allow_networking); cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to create security profile: %s", strerror(errno)); return (NULL); } fchown(cupsFileNumber(fp), RunUser, Group); fchmod(cupsFileNumber(fp), 0640); cupsd_requote(bin, ServerBin, sizeof(bin)); cupsd_requote(cache, CacheDir, sizeof(cache)); cupsd_requote(request, RequestRoot, sizeof(request)); cupsd_requote(root, ServerRoot, sizeof(root)); cupsd_requote(state, StateDir, sizeof(state)); cupsd_requote(temp, TempDir, sizeof(temp)); nodebug = LogLevel < CUPSD_LOG_DEBUG ? " (with no-log)" : ""; cupsFilePuts(fp, "(version 1)\n"); if (Sandboxing == CUPSD_SANDBOXING_STRICT) cupsFilePuts(fp, "(deny default)\n"); else cupsFilePuts(fp, "(allow default)\n"); if (LogLevel >= CUPSD_LOG_DEBUG) cupsFilePuts(fp, "(debug deny)\n"); cupsFilePuts(fp, "(import \"system.sb\")\n"); cupsFilePuts(fp, "(system-network)\n"); cupsFilePuts(fp, "(allow mach-per-user-lookup)\n"); cupsFilePuts(fp, "(allow ipc-posix-sem)\n"); cupsFilePuts(fp, "(allow ipc-posix-shm)\n"); cupsFilePuts(fp, "(allow ipc-sysv-shm)\n"); cupsFilePuts(fp, "(allow mach-lookup)\n"); if (!RunUser) cupsFilePrintf(fp, "(deny file-write* file-read-data file-read-metadata\n" " (regex" " #\"^/Users$\"" " #\"^/Users/\"" ")%s)\n", nodebug); cupsFilePrintf(fp, "(deny file-write*\n" " (regex" " #\"^%s$\"" /* ServerRoot */ " #\"^%s/\"" /* ServerRoot/... */ " #\"^/private/etc$\"" " #\"^/private/etc/\"" " #\"^/usr/local/etc$\"" " #\"^/usr/local/etc/\"" " #\"^/Library$\"" " #\"^/Library/\"" " #\"^/System$\"" " #\"^/System/\"" ")%s)\n", root, root, nodebug); /* Specifically allow applications to stat RequestRoot and some other system folders */ cupsFilePrintf(fp, "(allow file-read-metadata\n" " (regex" " #\"^/$\"" /* / */ " #\"^/usr$\"" /* /usr */ " #\"^/Library$\"" /* /Library */ " #\"^/Library/Printers$\"" /* /Library/Printers */ " #\"^%s$\"" /* RequestRoot */ "))\n", request); /* Read and write TempDir, CacheDir, and other common folders */ cupsFilePuts(fp, "(allow file-write* file-read-data file-read-metadata\n" " (regex" " #\"^/private/var/db/\"" " #\"^/private/var/folders/\"" " #\"^/private/var/lib/\"" " #\"^/private/var/log/\"" " #\"^/private/var/mysql/\"" " #\"^/private/var/run/\"" " #\"^/private/var/spool/\"" " #\"^/Library/Application Support/\"" " #\"^/Library/Caches/\"" " #\"^/Library/Logs/\"" " #\"^/Library/Preferences/\"" " #\"^/Library/WebServer/\"" " #\"^/Users/Shared/\"" "))\n"); cupsFilePrintf(fp, "(deny file-write*\n" " (regex #\"^%s$\")%s)\n", request, nodebug); cupsFilePrintf(fp, "(deny file-write* file-read-data file-read-metadata\n" " (regex #\"^%s/\")%s)\n", request, nodebug); cupsFilePrintf(fp, "(allow file-write* file-read-data file-read-metadata\n" " (regex" " #\"^%s$\"" /* TempDir */ " #\"^%s/\"" /* TempDir/... */ " #\"^%s$\"" /* CacheDir */ " #\"^%s/\"" /* CacheDir/... */ " #\"^%s$\"" /* StateDir */ " #\"^%s/\"" /* StateDir/... */ "))\n", temp, temp, cache, cache, state, state); /* Read common folders */ cupsFilePrintf(fp, "(allow file-read-data file-read-metadata\n" " (regex" " #\"^/AppleInternal$\"" " #\"^/AppleInternal/\"" " #\"^/bin$\"" /* /bin */ " #\"^/bin/\"" /* /bin/... */ " #\"^/private$\"" " #\"^/private/etc$\"" " #\"^/private/etc/\"" " #\"^/private/tmp$\"" " #\"^/private/tmp/\"" " #\"^/private/var$\"" " #\"^/private/var/db$\"" " #\"^/private/var/folders$\"" " #\"^/private/var/lib$\"" " #\"^/private/var/log$\"" " #\"^/private/var/mysql$\"" " #\"^/private/var/run$\"" " #\"^/private/var/spool$\"" " #\"^/private/var/tmp$\"" " #\"^/private/var/tmp/\"" " #\"^/usr/bin$\"" /* /usr/bin */ " #\"^/usr/bin/\"" /* /usr/bin/... */ " #\"^/usr/libexec/cups$\"" /* /usr/libexec/cups */ " #\"^/usr/libexec/cups/\"" /* /usr/libexec/cups/... */ " #\"^/usr/libexec/fax$\"" /* /usr/libexec/fax */ " #\"^/usr/libexec/fax/\"" /* /usr/libexec/fax/... */ " #\"^/usr/sbin$\"" /* /usr/sbin */ " #\"^/usr/sbin/\"" /* /usr/sbin/... */ " #\"^/Library$\"" /* /Library */ " #\"^/Library/\"" /* /Library/... */ " #\"^/System$\"" /* /System */ " #\"^/System/\"" /* /System/... */ " #\"^%s/Library$\"" /* RequestRoot/Library */ " #\"^%s/Library/\"" /* RequestRoot/Library/... */ " #\"^%s$\"" /* ServerBin */ " #\"^%s/\"" /* ServerBin/... */ " #\"^%s$\"" /* ServerRoot */ " #\"^%s/\"" /* ServerRoot/... */ "))\n", request, request, bin, bin, root, root); if (Sandboxing == CUPSD_SANDBOXING_RELAXED) { /* Limited write access to /Library/Printers/... */ cupsFilePuts(fp, "(allow file-write*\n" " (regex" " #\"^/Library/Printers/.*/\"" "))\n"); cupsFilePrintf(fp, "(deny file-write*\n" " (regex" " #\"^/Library/Printers/PPDs$\"" " #\"^/Library/Printers/PPDs/\"" " #\"^/Library/Printers/PPD Plugins$\"" " #\"^/Library/Printers/PPD Plugins/\"" ")%s)\n", nodebug); } /* Allow execution of child processes as long as the programs are not in a user directory */ cupsFilePuts(fp, "(allow process*)\n"); cupsFilePuts(fp, "(deny process-exec (regex #\"^/Users/\"))\n"); if (RunUser && getenv("CUPS_TESTROOT")) { /* Allow source directory access in "make test" environment */ char testroot[1024]; /* Root directory of test files */ cupsd_requote(testroot, getenv("CUPS_TESTROOT"), sizeof(testroot)); cupsFilePrintf(fp, "(allow file-write* file-read-data file-read-metadata\n" " (regex" " #\"^%s$\"" /* CUPS_TESTROOT */ " #\"^%s/\"" /* CUPS_TESTROOT/... */ "))\n", testroot, testroot); cupsFilePrintf(fp, "(allow process-exec\n" " (regex" " #\"^%s/\"" /* CUPS_TESTROOT/... */ "))\n", testroot); cupsFilePrintf(fp, "(allow sysctl*)\n"); } if (job_id) { /* Allow job filters to read the current job files... */ cupsFilePrintf(fp, "(allow file-read-data file-read-metadata\n" " (regex #\"^%s/([ac]%05d|d%05d-[0-9][0-9][0-9])$\"))\n", request, job_id, job_id); } else { /* Allow email notifications from notifiers... */ cupsFilePuts(fp, "(allow process-exec\n" " (literal \"/usr/sbin/sendmail\")\n" " (with no-sandbox))\n"); } /* Allow access to Bluetooth, USB, and notify_post. */ cupsFilePuts(fp, "(allow iokit*)\n"); cupsFilePuts(fp, "(allow distributed-notification-post)\n"); /* Allow outbound networking to local services */ cupsFilePuts(fp, "(allow network-outbound" "\n (regex #\"^/private/var/run/\" #\"^/private/tmp/\" #\"^/private/var/tmp/\")"); for (lis = (cupsd_listener_t *)cupsArrayFirst(Listeners); lis; lis = (cupsd_listener_t *)cupsArrayNext(Listeners)) { if (httpAddrFamily(&(lis->address)) == AF_LOCAL) { httpAddrString(&(lis->address), domain, sizeof(domain)); cupsFilePrintf(fp, "\n (literal \"%s\")", domain); } } if (allow_networking) { /* Allow TCP and UDP networking off the machine... */ cupsFilePuts(fp, "\n (remote tcp))\n"); cupsFilePuts(fp, "(allow network-bind)\n"); /* for LPD resvport */ cupsFilePuts(fp, "(allow network*\n" " (local udp \"*:*\")\n" " (remote udp \"*:*\"))\n"); /* Also allow access to device files... */ cupsFilePuts(fp, "(allow file-write* file-read-data file-read-metadata file-ioctl\n" " (regex #\"^/dev/\"))\n"); /* And allow kernel extensions to be loaded, e.g., SMB */ cupsFilePuts(fp, "(allow system-kext-load)\n"); } else { /* Only allow SNMP (UDP) and LPD (TCP) off the machine... */ cupsFilePuts(fp, ")\n"); cupsFilePuts(fp, "(allow network-outbound\n" " (remote udp \"*:161\")\n" " (remote tcp \"*:515\"))\n"); cupsFilePuts(fp, "(allow network-inbound\n" " (local udp \"localhost:*\"))\n"); } cupsFileClose(fp); cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d,allow_networking=%d) = \"%s\"", job_id, allow_networking, profile); return ((void *)strdup(profile)); #else cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d, allow_networking=%d) = NULL", job_id, allow_networking); return (NULL); #endif /* HAVE_SANDBOX_H */ }
int /* O - Exit status */ main(int argc, /* I - Number of command-line arguments */ char *argv[]) /* I - Command-line arguments */ { int i; /* Looping var */ int num_defaults; /* Number of default options */ cups_option_t *defaults; /* Default options */ char line[256], /* Command string */ command, /* Command code */ *dest, /* Pointer to destination */ *list, /* Pointer to list */ *agent, /* Pointer to user */ status; /* Status for client */ socklen_t hostlen; /* Size of client address */ http_addr_t hostaddr; /* Address of client */ char hostname[256], /* Name of client */ hostip[256], /* IP address */ *hostfamily; /* Address family */ int hostlookups; /* Do hostname lookups? */ #ifdef __APPLE__ vproc_transaction_t vtran = vproc_transaction_begin(NULL); #endif /* __APPLE__ */ /* * Don't buffer the output... */ setbuf(stdout, NULL); /* * Log things using the "cups-lpd" name... */ openlog("cups-lpd", LOG_PID, LOG_LPR); /* * Scan the command-line for options... */ num_defaults = 0; defaults = NULL; hostlookups = 1; for (i = 1; i < argc; i ++) if (argv[i][0] == '-') { switch (argv[i][1]) { case 'h' : /* -h hostname[:port] */ if (argv[i][2]) cupsSetServer(argv[i] + 2); else { i ++; if (i < argc) cupsSetServer(argv[i]); else syslog(LOG_WARNING, "Expected hostname string after -h option!"); } break; case 'o' : /* Option */ if (argv[i][2]) num_defaults = cupsParseOptions(argv[i] + 2, num_defaults, &defaults); else { i ++; if (i < argc) num_defaults = cupsParseOptions(argv[i], num_defaults, &defaults); else syslog(LOG_WARNING, "Expected option string after -o option!"); } break; case 'n' : /* Don't do hostname lookups */ hostlookups = 0; break; default : syslog(LOG_WARNING, "Unknown option \"%c\" ignored!", argv[i][1]); break; } } else syslog(LOG_WARNING, "Unknown command-line option \"%s\" ignored!", argv[i]); /* * Get the address of the client... */ hostlen = sizeof(hostaddr); if (getpeername(0, (struct sockaddr *)&hostaddr, &hostlen)) { syslog(LOG_WARNING, "Unable to get client address - %s", strerror(errno)); strlcpy(hostname, "unknown", sizeof(hostname)); } else { httpAddrString(&hostaddr, hostip, sizeof(hostip)); if (hostlookups) httpAddrLookup(&hostaddr, hostname, sizeof(hostname)); else strlcpy(hostname, hostip, sizeof(hostname)); #ifdef AF_INET6 if (hostaddr.addr.sa_family == AF_INET6) hostfamily = "IPv6"; else #endif /* AF_INET6 */ hostfamily = "IPv4"; syslog(LOG_INFO, "Connection from %s (%s %s)", hostname, hostfamily, hostip); } num_defaults = cupsAddOption("job-originating-host-name", hostname, num_defaults, &defaults); /* * RFC1179 specifies that only 1 daemon command can be received for * every connection. */ if (smart_gets(line, sizeof(line), stdin) == NULL) { /* * Unable to get command from client! Send an error status and return. */ syslog(LOG_ERR, "Unable to get command line from client!"); putchar(1); #ifdef __APPLE__ vproc_transaction_end(NULL, vtran); #endif /* __APPLE__ */ return (1); } /* * The first byte is the command byte. After that will be the queue name, * resource list, and/or user name. */ if ((command = line[0]) == '\0') dest = line; else dest = line + 1; if (command == 0x02) list = NULL; else { for (list = dest; *list && !isspace(*list & 255); list ++); while (isspace(*list & 255)) *list++ = '\0'; } /* * Do the command... */ switch (command) { default : /* Unknown command */ syslog(LOG_ERR, "Unknown LPD command 0x%02X!", command); syslog(LOG_ERR, "Command line = %s", line + 1); putchar(1); status = 1; break; case 0x01 : /* Print any waiting jobs */ syslog(LOG_INFO, "Print waiting jobs (no-op)"); putchar(0); status = 0; break; case 0x02 : /* Receive a printer job */ syslog(LOG_INFO, "Receive print job for %s", dest); /* recv_print_job() sends initial status byte */ status = (char)recv_print_job(dest, num_defaults, defaults); break; case 0x03 : /* Send queue state (short) */ syslog(LOG_INFO, "Send queue state (short) for %s %s", dest, list); /* no status byte for this command */ status = (char)send_state(dest, list, 0); break; case 0x04 : /* Send queue state (long) */ syslog(LOG_INFO, "Send queue state (long) for %s %s", dest, list); /* no status byte for this command */ status = (char)send_state(dest, list, 1); break; case 0x05 : /* Remove jobs */ if (list) { /* * Grab the agent and skip to the list of users and/or jobs. */ agent = list; for (; *list && !isspace(*list & 255); list ++); while (isspace(*list & 255)) *list++ = '\0'; syslog(LOG_INFO, "Remove jobs %s on %s by %s", list, dest, agent); status = (char)remove_jobs(dest, agent, list); } else status = 1; putchar(status); break; } syslog(LOG_INFO, "Closing connection"); closelog(); #ifdef __APPLE__ vproc_transaction_end(NULL, vtran); #endif /* __APPLE__ */ return (status); }
static int /* O - Zero on success, non-zero on failure */ lpd_queue(const char *hostname, /* I - Host to connect to */ http_addrlist_t *addrlist, /* I - List of host addresses */ const char *printer, /* I - Printer/queue name */ int print_fd, /* I - File to print */ int snmp_fd, /* I - SNMP socket */ int mode, /* I - Print mode */ const char *user, /* I - Requesting user */ const char *title, /* I - Job title */ int copies, /* I - Number of copies */ int banner, /* I - Print LPD banner? */ int format, /* I - Format specifier */ int order, /* I - Order of data/control files */ int reserve, /* I - Reserve ports? */ int manual_copies,/* I - Do copies by hand... */ int timeout, /* I - Timeout... */ int contimeout, /* I - Connection timeout */ const char *orighost) /* I - job-originating-host-name */ { char localhost[255]; /* Local host name */ int error; /* Error number */ struct stat filestats; /* File statistics */ int lport; /* LPD connection local port */ int fd; /* LPD socket */ char control[10240], /* LPD control 'file' */ *cptr; /* Pointer into control file string */ char status; /* Status byte from command */ int delay; /* Delay for retries... */ char addrname[256]; /* Address name */ http_addrlist_t *addr; /* Socket address */ int have_supplies; /* Printer supports supply levels? */ int copy; /* Copies written */ time_t start_time; /* Time of first connect */ size_t nbytes; /* Number of bytes written */ off_t tbytes; /* Total bytes written */ char buffer[32768]; /* Output buffer */ #ifdef WIN32 DWORD tv; /* Timeout in milliseconds */ #else struct timeval tv; /* Timeout in secs and usecs */ #endif /* WIN32 */ /* * Remember when we started trying to connect to the printer... */ start_time = time(NULL); /* * Loop forever trying to print the file... */ while (!abort_job) { /* * First try to reserve a port for this connection... */ fprintf(stderr, "DEBUG: Connecting to %s:%d for printer %s\n", hostname, httpAddrPort(&(addrlist->addr)), printer); _cupsLangPrintFilter(stderr, "INFO", _("Connecting to printer.")); for (lport = reserve == RESERVE_RFC1179 ? 732 : 1024, addr = addrlist, delay = 5;; addr = addr->next) { /* * Stop if this job has been canceled... */ if (abort_job) return (CUPS_BACKEND_FAILED); /* * Choose the next priviledged port... */ if (!addr) addr = addrlist; lport --; if (lport < 721 && reserve == RESERVE_RFC1179) lport = 731; else if (lport < 1) lport = 1023; #ifdef HAVE_GETEUID if (geteuid() || !reserve) #else if (getuid() || !reserve) #endif /* HAVE_GETEUID */ { /* * Just create a regular socket... */ if ((fd = socket(addr->addr.addr.sa_family, SOCK_STREAM, 0)) < 0) { perror("DEBUG: Unable to create socket"); sleep(1); continue; } lport = 0; } else { /* * We're running as root and want to comply with RFC 1179. Reserve a * priviledged lport between 721 and 731... */ if ((fd = rresvport_af(&lport, addr->addr.addr.sa_family)) < 0) { perror("DEBUG: Unable to reserve port"); sleep(1); continue; } } /* * Connect to the printer or server... */ if (abort_job) { close(fd); return (CUPS_BACKEND_FAILED); } if (!connect(fd, &(addr->addr.addr), httpAddrLength(&(addr->addr)))) break; error = errno; close(fd); if (addr->next) continue; if (getenv("CLASS") != NULL) { /* * If the CLASS environment variable is set, the job was submitted * to a class and not to a specific queue. In this case, we want * to abort immediately so that the job can be requeued on the next * available printer in the class. */ _cupsLangPrintFilter(stderr, "INFO", _("Unable to contact printer, queuing on next " "printer in class.")); /* * Sleep 5 seconds to keep the job from requeuing too rapidly... */ sleep(5); return (CUPS_BACKEND_FAILED); } fprintf(stderr, "DEBUG: Connection error: %s\n", strerror(error)); if (error == ECONNREFUSED || error == EHOSTDOWN || error == EHOSTUNREACH) { if (contimeout && (time(NULL) - start_time) > contimeout) { _cupsLangPrintFilter(stderr, "ERROR", _("The printer is not responding.")); return (CUPS_BACKEND_FAILED); } switch (error) { case EHOSTDOWN : _cupsLangPrintFilter(stderr, "WARNING", _("The printer may not exist or " "is unavailable at this time.")); break; case EHOSTUNREACH : _cupsLangPrintFilter(stderr, "WARNING", _("The printer is unreachable at " "this time.")); break; case ECONNREFUSED : default : _cupsLangPrintFilter(stderr, "WARNING", _("The printer is in use.")); break; } sleep(delay); if (delay < 30) delay += 5; } else if (error == EADDRINUSE) { /* * Try on another port... */ sleep(1); } else { _cupsLangPrintFilter(stderr, "ERROR", _("The printer is not responding.")); sleep(30); } } /* * Set the timeout... */ #ifdef WIN32 tv = (DWORD)(timeout * 1000); setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, (char *)&tv, sizeof(tv)); setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, (char *)&tv, sizeof(tv)); #else tv.tv_sec = timeout; tv.tv_usec = 0; setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)); setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, &tv, sizeof(tv)); #endif /* WIN32 */ fputs("STATE: -connecting-to-device\n", stderr); _cupsLangPrintFilter(stderr, "INFO", _("Connected to printer.")); fprintf(stderr, "DEBUG: Connected to %s:%d (local port %d)...\n", httpAddrString(&(addr->addr), addrname, sizeof(addrname)), httpAddrPort(&(addr->addr)), lport); /* * See if the printer supports SNMP... */ if (snmp_fd >= 0) have_supplies = !backendSNMPSupplies(snmp_fd, &(addrlist->addr), NULL, NULL); else have_supplies = 0; /* * Check for side-channel requests... */ backendCheckSideChannel(snmp_fd, &(addrlist->addr)); /* * Next, open the print file and figure out its size... */ if (print_fd) { /* * Use the size from the print file... */ if (fstat(print_fd, &filestats)) { close(fd); perror("DEBUG: unable to stat print file"); return (CUPS_BACKEND_FAILED); } filestats.st_size *= manual_copies; } else { /* * Use a "very large value" for the size so that the printer will * keep printing until we close the connection... */ #ifdef _LARGEFILE_SOURCE filestats.st_size = (size_t)(999999999999.0); #else filestats.st_size = 2147483647; #endif /* _LARGEFILE_SOURCE */ } /* * Send a job header to the printer, specifying no banner page and * literal output... */ if (lpd_command(fd, "\002%s\n", printer)) /* Receive print job(s) */ { close(fd); return (CUPS_BACKEND_FAILED); } if (orighost && _cups_strcasecmp(orighost, "localhost")) strlcpy(localhost, orighost, sizeof(localhost)); else httpGetHostname(NULL, localhost, sizeof(localhost)); snprintf(control, sizeof(control), "H%.31s\n" /* RFC 1179, Section 7.2 - host name <= 31 chars */ "P%.31s\n" /* RFC 1179, Section 7.2 - user name <= 31 chars */ "J%.99s\n", /* RFC 1179, Section 7.2 - job name <= 99 chars */ localhost, user, title); cptr = control + strlen(control); if (banner) { snprintf(cptr, sizeof(control) - (cptr - control), "C%.31s\n" /* RFC 1179, Section 7.2 - class name <= 31 chars */ "L%s\n", localhost, user); cptr += strlen(cptr); } while (copies > 0) { snprintf(cptr, sizeof(control) - (cptr - control), "%cdfA%03d%.15s\n", format, (int)getpid() % 1000, localhost); cptr += strlen(cptr); copies --; } snprintf(cptr, sizeof(control) - (cptr - control), "UdfA%03d%.15s\n" "N%.131s\n", /* RFC 1179, Section 7.2 - sourcefile name <= 131 chars */ (int)getpid() % 1000, localhost, title); fprintf(stderr, "DEBUG: Control file is:\n%s", control); if (order == ORDER_CONTROL_DATA) { /* * Check for side-channel requests... */ backendCheckSideChannel(snmp_fd, &(addr->addr)); /* * Send the control file... */ if (lpd_command(fd, "\002%d cfA%03.3d%.15s\n", strlen(control), (int)getpid() % 1000, localhost)) { close(fd); return (CUPS_BACKEND_FAILED); } fprintf(stderr, "DEBUG: Sending control file (%u bytes)\n", (unsigned)strlen(control)); if (lpd_write(fd, control, strlen(control) + 1) < (strlen(control) + 1)) { status = errno; perror("DEBUG: Unable to write control file"); } else { if (read(fd, &status, 1) < 1) { _cupsLangPrintFilter(stderr, "WARNING", _("The printer did not respond.")); status = errno; } } if (status != 0) _cupsLangPrintFilter(stderr, "ERROR", _("Remote host did not accept control file (%d)."), status); else _cupsLangPrintFilter(stderr, "INFO", _("Control file sent successfully.")); } else status = 0; if (status == 0) { /* * Check for side-channel requests... */ backendCheckSideChannel(snmp_fd, &(addr->addr)); /* * Send the print file... */ if (lpd_command(fd, "\003" CUPS_LLFMT " dfA%03.3d%.15s\n", CUPS_LLCAST filestats.st_size, (int)getpid() % 1000, localhost)) { close(fd); return (CUPS_BACKEND_FAILED); } fprintf(stderr, "DEBUG: Sending data file (" CUPS_LLFMT " bytes)\n", CUPS_LLCAST filestats.st_size); tbytes = 0; for (copy = 0; copy < manual_copies; copy ++) { lseek(print_fd, 0, SEEK_SET); while ((nbytes = read(print_fd, buffer, sizeof(buffer))) > 0) { _cupsLangPrintFilter(stderr, "INFO", _("Spooling job, %.0f%% complete."), 100.0 * tbytes / filestats.st_size); if (lpd_write(fd, buffer, nbytes) < nbytes) { perror("DEBUG: Unable to send print file to printer"); break; } else tbytes += nbytes; } } if (mode == MODE_STANDARD) { if (tbytes < filestats.st_size) status = errno; else if (lpd_write(fd, "", 1) < 1) { perror("DEBUG: Unable to send trailing nul to printer"); status = errno; } else { /* * Read the status byte from the printer; if we can't read the byte * back now, we should set status to "errno", however at this point * we know the printer got the whole file and we don't necessarily * want to requeue it over and over... */ if (recv(fd, &status, 1, 0) < 1) { _cupsLangPrintFilter(stderr, "WARNING", _("The printer did not respond.")); status = 0; } } } else status = 0; if (status != 0) _cupsLangPrintFilter(stderr, "ERROR", _("Remote host did not accept data file (%d)."), status); else _cupsLangPrintFilter(stderr, "INFO", _("Data file sent successfully.")); } if (status == 0 && order == ORDER_DATA_CONTROL) { /* * Check for side-channel requests... */ backendCheckSideChannel(snmp_fd, &(addr->addr)); /* * Send control file... */ if (lpd_command(fd, "\002%d cfA%03.3d%.15s\n", strlen(control), (int)getpid() % 1000, localhost)) { close(fd); return (CUPS_BACKEND_FAILED); } fprintf(stderr, "DEBUG: Sending control file (%lu bytes)\n", (unsigned long)strlen(control)); if (lpd_write(fd, control, strlen(control) + 1) < (strlen(control) + 1)) { status = errno; perror("DEBUG: Unable to write control file"); } else { if (read(fd, &status, 1) < 1) { _cupsLangPrintFilter(stderr, "WARNING", _("The printer did not respond.")); status = errno; } } if (status != 0) _cupsLangPrintFilter(stderr, "ERROR", _("Remote host did not accept control file (%d)."), status); else _cupsLangPrintFilter(stderr, "INFO", _("Control file sent successfully.")); } /* * Collect the final supply levels as needed... */ if (have_supplies) backendSNMPSupplies(snmp_fd, &(addr->addr), NULL, NULL); /* * Close the socket connection and input file... */ close(fd); if (status == 0) return (CUPS_BACKEND_OK); /* * Waiting for a retry... */ sleep(30); } /* * If we get here, then the job has been canceled... */ return (CUPS_BACKEND_FAILED); }
void cupsdStartListening(void) { int p; /* Port number */ cupsd_listener_t *lis; /* Current listening socket */ char s[256]; /* String addresss */ const char *have_domain; /* Have a domain socket? */ static const char * const encryptions[] = { /* Encryption values */ "IfRequested", "Never", "Required", "Always" }; cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartListening: %d Listeners", cupsArrayCount(Listeners)); /* * Setup socket listeners... */ for (lis = (cupsd_listener_t *)cupsArrayFirst(Listeners), LocalPort = 0, have_domain = NULL; lis; lis = (cupsd_listener_t *)cupsArrayNext(Listeners)) { httpAddrString(&(lis->address), s, sizeof(s)); p = httpAddrPort(&(lis->address)); /* * If needed, create a socket for listening... */ if (lis->fd == -1) { /* * Create a socket for listening... */ lis->fd = httpAddrListen(&(lis->address), p); if (lis->fd == -1) { cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to open listen socket for address %s:%d - %s.", s, p, strerror(errno)); #ifdef AF_INET6 /* * IPv6 is often disabled while DNS returns IPv6 addresses... */ if (lis->address.addr.sa_family != AF_INET6 && (FatalErrors & CUPSD_FATAL_LISTEN)) cupsdEndProcess(getpid(), 0); #else if (FatalErrors & CUPSD_FATAL_LISTEN) cupsdEndProcess(getpid(), 0); #endif /* AF_INET6 */ continue; } } if (p) cupsdLogMessage(CUPSD_LOG_INFO, "Listening to %s:%d on fd %d...", s, p, lis->fd); else cupsdLogMessage(CUPSD_LOG_INFO, "Listening to %s on fd %d...", s, lis->fd); /* * Save the first port that is bound to the local loopback or * "any" address... */ if ((!LocalPort || LocalEncryption == HTTP_ENCRYPT_ALWAYS) && p > 0 && (httpAddrLocalhost(&(lis->address)) || httpAddrAny(&(lis->address)))) { LocalPort = p; LocalEncryption = lis->encryption; } #ifdef AF_LOCAL if (lis->address.addr.sa_family == AF_LOCAL && !have_domain) have_domain = lis->address.un.sun_path; #endif /* AF_LOCAL */ } /* * Make sure that we are listening on localhost! */ if (!LocalPort && !have_domain) { cupsdLogMessage(CUPSD_LOG_EMERG, "No Listen or Port lines were found to allow access via " "localhost."); if (FatalErrors & (CUPSD_FATAL_CONFIG | CUPSD_FATAL_LISTEN)) cupsdEndProcess(getpid(), 0); } /* * Set the CUPS_SERVER, IPP_PORT, and CUPS_ENCRYPTION variables based on * the listeners... */ if (have_domain) { /* * Use domain sockets for the local connection... */ cupsdSetEnv("CUPS_SERVER", have_domain); LocalEncryption = HTTP_ENCRYPT_IF_REQUESTED; } else { /* * Use the default local loopback address for the server... */ cupsdSetEnv("CUPS_SERVER", "localhost"); } cupsdSetEnv("CUPS_ENCRYPTION", encryptions[LocalEncryption]); if (LocalPort) cupsdSetEnvf("IPP_PORT", "%d", LocalPort); /* * Resume listening for connections... */ cupsdResumeListening(); }
void cupsdStartListening(void) { int status; /* Bind result */ int p, /* Port number */ val; /* Parameter value */ cupsd_listener_t *lis; /* Current listening socket */ char s[256]; /* String addresss */ const char *have_domain; /* Have a domain socket? */ static const char * const encryptions[] = { /* Encryption values */ "IfRequested", "Never", "Required", "Always" }; cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartListening: %d Listeners", cupsArrayCount(Listeners)); /* * Setup socket listeners... */ for (lis = (cupsd_listener_t *)cupsArrayFirst(Listeners), LocalPort = 0, have_domain = NULL; lis; lis = (cupsd_listener_t *)cupsArrayNext(Listeners)) { httpAddrString(&(lis->address), s, sizeof(s)); p = httpAddrPort(&(lis->address)); /* * If needed, create a socket for listening... */ if (lis->fd == -1) { /* * Create a socket for listening... */ lis->fd = socket(lis->address.addr.sa_family, SOCK_STREAM, 0); if (lis->fd == -1) { cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to open listen socket for address %s:%d - %s.", s, p, strerror(errno)); #ifdef AF_INET6 /* * IPv6 is often disabled while DNS returns IPv6 addresses... */ if (lis->address.addr.sa_family != AF_INET6 && (FatalErrors & CUPSD_FATAL_LISTEN)) cupsdEndProcess(getpid(), 0); #else if (FatalErrors & CUPSD_FATAL_LISTEN) cupsdEndProcess(getpid(), 0); #endif /* AF_INET6 */ continue; } /* * Set things up to reuse the local address for this port. */ val = 1; #ifdef __sun setsockopt(lis->fd, SOL_SOCKET, SO_REUSEADDR, (char *)&val, sizeof(val)); #else setsockopt(lis->fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val)); #endif /* __sun */ /* * Bind to the port we found... */ #ifdef AF_INET6 if (lis->address.addr.sa_family == AF_INET6) { # ifdef IPV6_V6ONLY /* * Accept only IPv6 connections on this socket, to avoid * potential security issues and to make all platforms behave * the same. */ val = 1; # ifdef __sun setsockopt(lis->fd, IPPROTO_IPV6, IPV6_V6ONLY, (char *)&val, sizeof(val)); # else setsockopt(lis->fd, IPPROTO_IPV6, IPV6_V6ONLY, &val, sizeof(val)); # endif /* __sun */ # endif /* IPV6_V6ONLY */ status = bind(lis->fd, (struct sockaddr *)&(lis->address), httpAddrLength(&(lis->address))); } else #endif /* AF_INET6 */ #ifdef AF_LOCAL if (lis->address.addr.sa_family == AF_LOCAL) { mode_t mask; /* Umask setting */ /* * Remove any existing domain socket file... */ unlink(lis->address.un.sun_path); /* * Save the current umask and set it to 0 so that all users can access * the domain socket... */ mask = umask(0); /* * Bind the domain socket... */ status = bind(lis->fd, (struct sockaddr *)&(lis->address), httpAddrLength(&(lis->address))); /* * Restore the umask... */ umask(mask); } else #endif /* AF_LOCAL */ status = bind(lis->fd, (struct sockaddr *)&(lis->address), sizeof(lis->address.ipv4)); if (status < 0) { cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to bind socket for address %s:%d - %s.", s, p, strerror(errno)); close(lis->fd); lis->fd = -1; if (FatalErrors & CUPSD_FATAL_LISTEN) cupsdEndProcess(getpid(), 0); continue; } /* * Listen for new clients. */ if (listen(lis->fd, ListenBackLog) < 0) { cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to listen for clients on address %s:%d - %s.", s, p, strerror(errno)); close(lis->fd); lis->fd = -1; if (FatalErrors & CUPSD_FATAL_LISTEN) cupsdEndProcess(getpid(), 0); continue; } } fcntl(lis->fd, F_SETFD, fcntl(lis->fd, F_GETFD) | FD_CLOEXEC); if (p) cupsdLogMessage(CUPSD_LOG_INFO, "Listening to %s:%d on fd %d...", s, p, lis->fd); else { cupsdLogMessage(CUPSD_LOG_INFO, "Listening to %s on fd %d...", s, lis->fd); if (chmod(s, 0140777)) cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to change permisssions on domain socket " "\"%s\" - %s", s, strerror(errno)); } /* * Save the first port that is bound to the local loopback or * "any" address... */ if ((!LocalPort || LocalEncryption == HTTP_ENCRYPT_ALWAYS) && p > 0 && (httpAddrLocalhost(&(lis->address)) || httpAddrAny(&(lis->address)))) { LocalPort = p; LocalEncryption = lis->encryption; } #ifdef AF_LOCAL if (lis->address.addr.sa_family == AF_LOCAL && !have_domain) have_domain = lis->address.un.sun_path; #endif /* AF_LOCAL */ } /* * Make sure that we are listening on localhost! */ if (!LocalPort && !have_domain) { cupsdLogMessage(CUPSD_LOG_EMERG, "No Listen or Port lines were found to allow access via " "localhost!"); if (FatalErrors & (CUPSD_FATAL_CONFIG | CUPSD_FATAL_LISTEN)) cupsdEndProcess(getpid(), 0); } /* * Set the CUPS_SERVER, IPP_PORT, and CUPS_ENCRYPTION variables based on * the listeners... */ if (have_domain) { /* * Use domain sockets for the local connection... */ cupsdSetEnv("CUPS_SERVER", have_domain); LocalEncryption = HTTP_ENCRYPT_IF_REQUESTED; } else { /* * Use the default local loopback address for the server... */ cupsdSetEnv("CUPS_SERVER", "localhost"); } cupsdSetEnv("CUPS_ENCRYPTION", encryptions[LocalEncryption]); if (LocalPort) cupsdSetEnvf("IPP_PORT", "%d", LocalPort); /* * Resume listening for connections... */ cupsdResumeListening(); }
int /* O - Exit status */ main(int argc, /* I - Number of command-line arguments */ char *argv[]) /* I - Command-line arguments */ { int i, j, k; /* Looping vars */ http_t *http; /* HTTP connection */ http_encryption_t encryption; /* Encryption type */ http_status_t status; /* Status of GET command */ int failures; /* Number of test failures */ char buffer[8192]; /* Input buffer */ long bytes; /* Number of bytes read */ FILE *out; /* Output file */ char encode[256], /* Base64-encoded string */ decode[256]; /* Base64-decoded string */ int decodelen; /* Length of decoded string */ char scheme[HTTP_MAX_URI], /* Scheme from URI */ hostname[HTTP_MAX_URI], /* Hostname from URI */ username[HTTP_MAX_URI], /* Username:password from URI */ resource[HTTP_MAX_URI]; /* Resource from URI */ int port; /* Port number from URI */ http_uri_status_t uri_status; /* Status of URI separation */ http_addrlist_t *addrlist, /* Address list */ *addr; /* Current address */ off_t length, total; /* Length and total bytes */ time_t start, current; /* Start and end time */ const char *encoding; /* Negotiated Content-Encoding */ static const char * const uri_status_strings[] = { "HTTP_URI_STATUS_OVERFLOW", "HTTP_URI_STATUS_BAD_ARGUMENTS", "HTTP_URI_STATUS_BAD_RESOURCE", "HTTP_URI_STATUS_BAD_PORT", "HTTP_URI_STATUS_BAD_HOSTNAME", "HTTP_URI_STATUS_BAD_USERNAME", "HTTP_URI_STATUS_BAD_SCHEME", "HTTP_URI_STATUS_BAD_URI", "HTTP_URI_STATUS_OK", "HTTP_URI_STATUS_MISSING_SCHEME", "HTTP_URI_STATUS_UNKNOWN_SCHEME", "HTTP_URI_STATUS_MISSING_RESOURCE" }; /* * Do API tests if we don't have a URL on the command-line... */ if (argc == 1) { failures = 0; /* * httpGetDateString()/httpGetDateTime() */ fputs("httpGetDateString()/httpGetDateTime(): ", stdout); start = time(NULL); strlcpy(buffer, httpGetDateString(start), sizeof(buffer)); current = httpGetDateTime(buffer); i = (int)(current - start); if (i < 0) i = -i; if (!i) puts("PASS"); else { failures ++; puts("FAIL"); printf(" Difference is %d seconds, %02d:%02d:%02d...\n", i, i / 3600, (i / 60) % 60, i % 60); printf(" httpGetDateString(%d) returned \"%s\"\n", (int)start, buffer); printf(" httpGetDateTime(\"%s\") returned %d\n", buffer, (int)current); printf(" httpGetDateString(%d) returned \"%s\"\n", (int)current, httpGetDateString(current)); } /* * httpDecode64_2()/httpEncode64_2() */ fputs("httpDecode64_2()/httpEncode64_2(): ", stdout); for (i = 0, j = 0; i < (int)(sizeof(base64_tests) / sizeof(base64_tests[0])); i ++) { httpEncode64_2(encode, sizeof(encode), base64_tests[i][0], (int)strlen(base64_tests[i][0])); decodelen = (int)sizeof(decode); httpDecode64_2(decode, &decodelen, base64_tests[i][1]); if (strcmp(decode, base64_tests[i][0])) { failures ++; if (j) { puts("FAIL"); j = 1; } printf(" httpDecode64_2() returned \"%s\", expected \"%s\"...\n", decode, base64_tests[i][0]); } if (strcmp(encode, base64_tests[i][1])) { failures ++; if (j) { puts("FAIL"); j = 1; } printf(" httpEncode64_2() returned \"%s\", expected \"%s\"...\n", encode, base64_tests[i][1]); } } if (!j) puts("PASS"); /* * httpGetHostname() */ fputs("httpGetHostname(): ", stdout); if (httpGetHostname(NULL, hostname, sizeof(hostname))) printf("PASS (%s)\n", hostname); else { failures ++; puts("FAIL"); } /* * httpAddrGetList() */ printf("httpAddrGetList(%s): ", hostname); addrlist = httpAddrGetList(hostname, AF_UNSPEC, NULL); if (addrlist) { for (i = 0, addr = addrlist; addr; i ++, addr = addr->next) { char numeric[1024]; /* Numeric IP address */ httpAddrString(&(addr->addr), numeric, sizeof(numeric)); if (!strcmp(numeric, "UNKNOWN")) break; } if (addr) printf("FAIL (bad address for %s)\n", hostname); else printf("PASS (%d address(es) for %s)\n", i, hostname); httpAddrFreeList(addrlist); } else if (isdigit(hostname[0] & 255)) { puts("FAIL (ignored because hostname is numeric)"); } else { failures ++; puts("FAIL"); } /* * Test httpSeparateURI()... */ fputs("httpSeparateURI(): ", stdout); for (i = 0, j = 0; i < (int)(sizeof(uri_tests) / sizeof(uri_tests[0])); i ++) { uri_status = httpSeparateURI(HTTP_URI_CODING_MOST, uri_tests[i].uri, scheme, sizeof(scheme), username, sizeof(username), hostname, sizeof(hostname), &port, resource, sizeof(resource)); if (uri_status != uri_tests[i].result || strcmp(scheme, uri_tests[i].scheme) || strcmp(username, uri_tests[i].username) || strcmp(hostname, uri_tests[i].hostname) || port != uri_tests[i].port || strcmp(resource, uri_tests[i].resource)) { failures ++; if (!j) { puts("FAIL"); j = 1; } printf(" \"%s\":\n", uri_tests[i].uri); if (uri_status != uri_tests[i].result) printf(" Returned %s instead of %s\n", uri_status_strings[uri_status + 8], uri_status_strings[uri_tests[i].result + 8]); if (strcmp(scheme, uri_tests[i].scheme)) printf(" Scheme \"%s\" instead of \"%s\"\n", scheme, uri_tests[i].scheme); if (strcmp(username, uri_tests[i].username)) printf(" Username \"%s\" instead of \"%s\"\n", username, uri_tests[i].username); if (strcmp(hostname, uri_tests[i].hostname)) printf(" Hostname \"%s\" instead of \"%s\"\n", hostname, uri_tests[i].hostname); if (port != uri_tests[i].port) printf(" Port %d instead of %d\n", port, uri_tests[i].port); if (strcmp(resource, uri_tests[i].resource)) printf(" Resource \"%s\" instead of \"%s\"\n", resource, uri_tests[i].resource); } } if (!j) printf("PASS (%d URIs tested)\n", (int)(sizeof(uri_tests) / sizeof(uri_tests[0]))); /* * Test httpAssembleURI()... */ fputs("httpAssembleURI(): ", stdout); for (i = 0, j = 0, k = 0; i < (int)(sizeof(uri_tests) / sizeof(uri_tests[0])); i ++) if (uri_tests[i].result == HTTP_URI_STATUS_OK && !strstr(uri_tests[i].uri, "%64") && strstr(uri_tests[i].uri, "//")) { k ++; uri_status = httpAssembleURI(uri_tests[i].assemble_coding, buffer, sizeof(buffer), uri_tests[i].scheme, uri_tests[i].username, uri_tests[i].hostname, uri_tests[i].assemble_port, uri_tests[i].resource); if (uri_status != HTTP_URI_STATUS_OK) { failures ++; if (!j) { puts("FAIL"); j = 1; } printf(" \"%s\": %s\n", uri_tests[i].uri, uri_status_strings[uri_status + 8]); } else if (strcmp(buffer, uri_tests[i].uri)) { failures ++; if (!j) { puts("FAIL"); j = 1; } printf(" \"%s\": assembled = \"%s\"\n", uri_tests[i].uri, buffer); } } if (!j) printf("PASS (%d URIs tested)\n", k); /* * httpAssembleUUID */ fputs("httpAssembleUUID: ", stdout); httpAssembleUUID("hostname.example.com", 631, "printer", 12345, buffer, sizeof(buffer)); if (strncmp(buffer, "urn:uuid:", 9)) { printf("FAIL (%s)\n", buffer); failures ++; } else printf("PASS (%s)\n", buffer); /* * Show a summary and return... */ if (failures) printf("\n%d TESTS FAILED!\n", failures); else puts("\nALL TESTS PASSED!"); return (failures); } else if (strstr(argv[1], "._tcp")) { /* * Test resolving an mDNS name. */ char resolved[1024]; /* Resolved URI */ printf("_httpResolveURI(%s, _HTTP_RESOLVE_DEFAULT): ", argv[1]); fflush(stdout); if (!_httpResolveURI(argv[1], resolved, sizeof(resolved), _HTTP_RESOLVE_DEFAULT, NULL, NULL)) { puts("FAIL"); return (1); } else printf("PASS (%s)\n", resolved); printf("_httpResolveURI(%s, _HTTP_RESOLVE_FQDN): ", argv[1]); fflush(stdout); if (!_httpResolveURI(argv[1], resolved, sizeof(resolved), _HTTP_RESOLVE_FQDN, NULL, NULL)) { puts("FAIL"); return (1); } else if (strstr(resolved, ".local:")) { printf("FAIL (%s)\n", resolved); return (1); } else { printf("PASS (%s)\n", resolved); return (0); } } else if (!strcmp(argv[1], "-u") && argc == 3) { /* * Test URI separation... */ uri_status = httpSeparateURI(HTTP_URI_CODING_ALL, argv[2], scheme, sizeof(scheme), username, sizeof(username), hostname, sizeof(hostname), &port, resource, sizeof(resource)); printf("uri_status = %s\n", uri_status_strings[uri_status + 8]); printf("scheme = \"%s\"\n", scheme); printf("username = \"%s\"\n", username); printf("hostname = \"%s\"\n", hostname); printf("port = %d\n", port); printf("resource = \"%s\"\n", resource); return (0); } /* * Test HTTP GET requests... */ http = NULL; out = stdout; for (i = 1; i < argc; i ++) { if (!strcmp(argv[i], "-o")) { i ++; if (i >= argc) break; out = fopen(argv[i], "wb"); continue; } httpSeparateURI(HTTP_URI_CODING_MOST, argv[i], scheme, sizeof(scheme), username, sizeof(username), hostname, sizeof(hostname), &port, resource, sizeof(resource)); if (!_cups_strcasecmp(scheme, "https") || !_cups_strcasecmp(scheme, "ipps") || port == 443) encryption = HTTP_ENCRYPTION_ALWAYS; else encryption = HTTP_ENCRYPTION_IF_REQUESTED; http = httpConnect2(hostname, port, NULL, AF_UNSPEC, encryption, 1, 30000, NULL); if (http == NULL) { perror(hostname); continue; } printf("Checking file \"%s\"...\n", resource); do { if (!_cups_strcasecmp(httpGetField(http, HTTP_FIELD_CONNECTION), "close")) { httpClearFields(http); if (httpReconnect2(http, 30000, NULL)) { status = HTTP_STATUS_ERROR; break; } } httpClearFields(http); httpSetField(http, HTTP_FIELD_AUTHORIZATION, httpGetAuthString(http)); httpSetField(http, HTTP_FIELD_ACCEPT_LANGUAGE, "en"); if (httpHead(http, resource)) { if (httpReconnect2(http, 30000, NULL)) { status = HTTP_STATUS_ERROR; break; } else { status = HTTP_STATUS_UNAUTHORIZED; continue; } } while ((status = httpUpdate(http)) == HTTP_STATUS_CONTINUE); if (status == HTTP_STATUS_UNAUTHORIZED) { /* * Flush any error message... */ httpFlush(http); /* * See if we can do authentication... */ if (cupsDoAuthentication(http, "GET", resource)) { status = HTTP_STATUS_CUPS_AUTHORIZATION_CANCELED; break; } if (httpReconnect2(http, 30000, NULL)) { status = HTTP_STATUS_ERROR; break; } continue; } #ifdef HAVE_SSL else if (status == HTTP_STATUS_UPGRADE_REQUIRED) { /* Flush any error message... */ httpFlush(http); /* Reconnect... */ if (httpReconnect2(http, 30000, NULL)) { status = HTTP_STATUS_ERROR; break; } /* Upgrade with encryption... */ httpEncryption(http, HTTP_ENCRYPTION_REQUIRED); /* Try again, this time with encryption enabled... */ continue; } #endif /* HAVE_SSL */ } while (status == HTTP_STATUS_UNAUTHORIZED || status == HTTP_STATUS_UPGRADE_REQUIRED); if (status == HTTP_STATUS_OK) puts("HEAD OK:"); else printf("HEAD failed with status %d...\n", status); encoding = httpGetContentEncoding(http); printf("Requesting file \"%s\" (Accept-Encoding: %s)...\n", resource, encoding ? encoding : "identity"); do { if (!_cups_strcasecmp(httpGetField(http, HTTP_FIELD_CONNECTION), "close")) { httpClearFields(http); if (httpReconnect2(http, 30000, NULL)) { status = HTTP_STATUS_ERROR; break; } } httpClearFields(http); httpSetField(http, HTTP_FIELD_AUTHORIZATION, httpGetAuthString(http)); httpSetField(http, HTTP_FIELD_ACCEPT_LANGUAGE, "en"); httpSetField(http, HTTP_FIELD_ACCEPT_ENCODING, encoding); if (httpGet(http, resource)) { if (httpReconnect2(http, 30000, NULL)) { status = HTTP_STATUS_ERROR; break; } else { status = HTTP_STATUS_UNAUTHORIZED; continue; } } while ((status = httpUpdate(http)) == HTTP_STATUS_CONTINUE); if (status == HTTP_STATUS_UNAUTHORIZED) { /* * Flush any error message... */ httpFlush(http); /* * See if we can do authentication... */ if (cupsDoAuthentication(http, "GET", resource)) { status = HTTP_STATUS_CUPS_AUTHORIZATION_CANCELED; break; } if (httpReconnect2(http, 30000, NULL)) { status = HTTP_STATUS_ERROR; break; } continue; } #ifdef HAVE_SSL else if (status == HTTP_STATUS_UPGRADE_REQUIRED) { /* Flush any error message... */ httpFlush(http); /* Reconnect... */ if (httpReconnect2(http, 30000, NULL)) { status = HTTP_STATUS_ERROR; break; } /* Upgrade with encryption... */ httpEncryption(http, HTTP_ENCRYPTION_REQUIRED); /* Try again, this time with encryption enabled... */ continue; } #endif /* HAVE_SSL */ } while (status == HTTP_STATUS_UNAUTHORIZED || status == HTTP_STATUS_UPGRADE_REQUIRED); if (status == HTTP_STATUS_OK) puts("GET OK:"); else printf("GET failed with status %d...\n", status); start = time(NULL); length = httpGetLength2(http); total = 0; while ((bytes = httpRead2(http, buffer, sizeof(buffer))) > 0) { total += bytes; fwrite(buffer, bytes, 1, out); if (out != stdout) { current = time(NULL); if (current == start) current ++; printf("\r" CUPS_LLFMT "/" CUPS_LLFMT " bytes (" CUPS_LLFMT " bytes/sec) ", CUPS_LLCAST total, CUPS_LLCAST length, CUPS_LLCAST (total / (current - start))); fflush(stdout); } } } puts("Closing connection to server..."); httpClose(http); if (out != stdout) fclose(out); return (0); }
int /* O - Exit status */ main(int argc, /* I - Number of command-line arguments */ char *argv[]) /* I - Command-line arguments */ { int i, j, k; /* Looping vars */ http_t *http; /* HTTP connection */ http_status_t status; /* Status of GET command */ int failures; /* Number of test failures */ char buffer[8192]; /* Input buffer */ long bytes; /* Number of bytes read */ FILE *out; /* Output file */ char encode[256], /* Base64-encoded string */ decode[256]; /* Base64-decoded string */ int decodelen; /* Length of decoded string */ char scheme[HTTP_MAX_URI], /* Scheme from URI */ hostname[HTTP_MAX_URI], /* Hostname from URI */ username[HTTP_MAX_URI], /* Username:password from URI */ resource[HTTP_MAX_URI]; /* Resource from URI */ int port; /* Port number from URI */ http_uri_status_t uri_status; /* Status of URI separation */ http_addrlist_t *addrlist, /* Address list */ *addr; /* Current address */ off_t length, total; /* Length and total bytes */ time_t start, current; /* Start and end time */ static const char * const uri_status_strings[] = { "HTTP_URI_OVERFLOW", "HTTP_URI_BAD_ARGUMENTS", "HTTP_URI_BAD_RESOURCE", "HTTP_URI_BAD_PORT", "HTTP_URI_BAD_HOSTNAME", "HTTP_URI_BAD_USERNAME", "HTTP_URI_BAD_SCHEME", "HTTP_URI_BAD_URI", "HTTP_URI_OK", "HTTP_URI_MISSING_SCHEME", "HTTP_URI_UNKNOWN_SCHEME", "HTTP_URI_MISSING_RESOURCE" }; /* * Do API tests if we don't have a URL on the command-line... */ if (argc == 1) { failures = 0; /* * httpGetDateString()/httpGetDateTime() */ fputs("httpGetDateString()/httpGetDateTime(): ", stdout); start = time(NULL); strcpy(buffer, httpGetDateString(start)); current = httpGetDateTime(buffer); i = (int)(current - start); if (i < 0) i = -i; if (!i) puts("PASS"); else { failures ++; puts("FAIL"); printf(" Difference is %d seconds, %02d:%02d:%02d...\n", i, i / 3600, (i / 60) % 60, i % 60); printf(" httpGetDateString(%d) returned \"%s\"\n", (int)start, buffer); printf(" httpGetDateTime(\"%s\") returned %d\n", buffer, (int)current); printf(" httpGetDateString(%d) returned \"%s\"\n", (int)current, httpGetDateString(current)); } /* * httpDecode64_2()/httpEncode64_2() */ fputs("httpDecode64_2()/httpEncode64_2(): ", stdout); for (i = 0, j = 0; i < (int)(sizeof(base64_tests) / sizeof(base64_tests[0])); i ++) { httpEncode64_2(encode, sizeof(encode), base64_tests[i][0], strlen(base64_tests[i][0])); decodelen = (int)sizeof(decode); httpDecode64_2(decode, &decodelen, base64_tests[i][1]); if (strcmp(decode, base64_tests[i][0])) { failures ++; if (j) { puts("FAIL"); j = 1; } printf(" httpDecode64_2() returned \"%s\", expected \"%s\"...\n", decode, base64_tests[i][0]); } if (strcmp(encode, base64_tests[i][1])) { failures ++; if (j) { puts("FAIL"); j = 1; } printf(" httpEncode64_2() returned \"%s\", expected \"%s\"...\n", encode, base64_tests[i][1]); } } if (!j) puts("PASS"); /* * httpGetHostname() */ fputs("httpGetHostname(): ", stdout); if (httpGetHostname(NULL, hostname, sizeof(hostname))) printf("PASS (%s)\n", hostname); else { failures ++; puts("FAIL"); } /* * httpAddrGetList() */ printf("httpAddrGetList(%s): ", hostname); addrlist = httpAddrGetList(hostname, AF_UNSPEC, NULL); if (addrlist) { for (i = 0, addr = addrlist; addr; i ++, addr = addr->next) { char numeric[1024]; /* Numeric IP address */ httpAddrString(&(addr->addr), numeric, sizeof(numeric)); if (!strcmp(numeric, "UNKNOWN")) break; } if (addr) printf("FAIL (bad address for %s)\n", hostname); else printf("PASS (%d address(es) for %s)\n", i, hostname); httpAddrFreeList(addrlist); } else { failures ++; puts("FAIL"); } /* * Test httpSeparateURI()... */ fputs("httpSeparateURI(): ", stdout); for (i = 0, j = 0; i < (int)(sizeof(uri_tests) / sizeof(uri_tests[0])); i ++) { uri_status = httpSeparateURI(HTTP_URI_CODING_MOST, uri_tests[i].uri, scheme, sizeof(scheme), username, sizeof(username), hostname, sizeof(hostname), &port, resource, sizeof(resource)); if (uri_status != uri_tests[i].result || strcmp(scheme, uri_tests[i].scheme) || strcmp(username, uri_tests[i].username) || strcmp(hostname, uri_tests[i].hostname) || port != uri_tests[i].port || strcmp(resource, uri_tests[i].resource)) { failures ++; if (!j) { puts("FAIL"); j = 1; } printf(" \"%s\":\n", uri_tests[i].uri); if (uri_status != uri_tests[i].result) printf(" Returned %s instead of %s\n", uri_status_strings[uri_status + 8], uri_status_strings[uri_tests[i].result + 8]); if (strcmp(scheme, uri_tests[i].scheme)) printf(" Scheme \"%s\" instead of \"%s\"\n", scheme, uri_tests[i].scheme); if (strcmp(username, uri_tests[i].username)) printf(" Username \"%s\" instead of \"%s\"\n", username, uri_tests[i].username); if (strcmp(hostname, uri_tests[i].hostname)) printf(" Hostname \"%s\" instead of \"%s\"\n", hostname, uri_tests[i].hostname); if (port != uri_tests[i].port) printf(" Port %d instead of %d\n", port, uri_tests[i].port); if (strcmp(resource, uri_tests[i].resource)) printf(" Resource \"%s\" instead of \"%s\"\n", resource, uri_tests[i].resource); } } if (!j) printf("PASS (%d URIs tested)\n", (int)(sizeof(uri_tests) / sizeof(uri_tests[0]))); /* * Test httpAssembleURI()... */ fputs("httpAssembleURI(): ", stdout); for (i = 0, j = 0, k = 0; i < (int)(sizeof(uri_tests) / sizeof(uri_tests[0])); i ++) if (uri_tests[i].result == HTTP_URI_OK && !strstr(uri_tests[i].uri, "%64") && strstr(uri_tests[i].uri, "//")) { k ++; uri_status = httpAssembleURI(HTTP_URI_CODING_MOST, buffer, sizeof(buffer), uri_tests[i].scheme, uri_tests[i].username, uri_tests[i].hostname, uri_tests[i].assemble_port, uri_tests[i].resource); if (uri_status != HTTP_URI_OK) { failures ++; if (!j) { puts("FAIL"); j = 1; } printf(" \"%s\": %s\n", uri_tests[i].uri, uri_status_strings[uri_status + 8]); } else if (strcmp(buffer, uri_tests[i].uri)) { failures ++; if (!j) { puts("FAIL"); j = 1; } printf(" \"%s\": assembled = \"%s\"\n", uri_tests[i].uri, buffer); } } if (!j) printf("PASS (%d URIs tested)\n", k); /* * Show a summary and return... */ if (failures) printf("\n%d TESTS FAILED!\n", failures); else puts("\nALL TESTS PASSED!"); return (failures); } /* * Test HTTP GET requests... */ http = NULL; out = stdout; for (i = 1; i < argc; i ++) { if (!strcmp(argv[i], "-o")) { i ++; if (i >= argc) break; out = fopen(argv[i], "wb"); continue; } httpSeparateURI(HTTP_URI_CODING_MOST, argv[i], scheme, sizeof(scheme), username, sizeof(username), hostname, sizeof(hostname), &port, resource, sizeof(resource)); http = httpConnectEncrypt(hostname, port, HTTP_ENCRYPT_IF_REQUESTED); if (http == NULL) { perror(hostname); continue; } printf("Requesting file \"%s\"...\n", resource); httpClearFields(http); httpSetField(http, HTTP_FIELD_ACCEPT_LANGUAGE, "en"); httpGet(http, resource); while ((status = httpUpdate(http)) == HTTP_CONTINUE); if (status == HTTP_OK) puts("GET OK:"); else printf("GET failed with status %d...\n", status); start = time(NULL); length = httpGetLength2(http); total = 0; while ((bytes = httpRead2(http, buffer, sizeof(buffer))) > 0) { total += bytes; fwrite(buffer, bytes, 1, out); if (out != stdout) { current = time(NULL); if (current == start) current ++; printf("\r" CUPS_LLFMT "/" CUPS_LLFMT " bytes (" CUPS_LLFMT " bytes/sec) ", CUPS_LLCAST total, CUPS_LLCAST length, CUPS_LLCAST (total / (current - start))); fflush(stdout); } } } puts("Closing connection to server..."); httpClose(http); if (out != stdout) fclose(out); return (0); }
static void backend_init_supplies( int snmp_fd, /* I - SNMP socket */ http_addr_t *addr) /* I - Printer address */ { int i, /* Looping var */ type; /* Current marker type */ cups_file_t *cachefile; /* Cache file */ const char *cachedir; /* CUPS_CACHEDIR value */ char addrstr[1024], /* Address string */ cachefilename[1024], /* Cache filename */ description[CUPS_SNMP_MAX_STRING], /* Device description string */ value[CUPS_MAX_SUPPLIES * (CUPS_SNMP_MAX_STRING * 4 + 3)], /* Value string */ *ptr, /* Pointer into value string */ *name_ptr; /* Pointer into name string */ cups_snmp_t packet; /* SNMP response packet */ ppd_file_t *ppd; /* PPD file for this queue */ ppd_attr_t *ppdattr; /* cupsSNMPSupplies attribute */ static const char * const types[] = /* Supply types */ { "other", "unknown", "toner", "waste-toner", "ink", "ink-cartridge", "ink-ribbon", "waste-ink", "opc", "developer", "fuser-oil", "solid-wax", "ribbon-wax", "waste-wax", "fuser", "corona-wire", "fuser-oil-wick", "cleaner-unit", "fuser-cleaning-pad", "transfer-unit", "toner-cartridge", "fuser-oiler", "water", "waste-water", "glue-water-additive", "waste-paper", "binding-supply", "banding-supply", "stitching-wire", "shrink-wrap", "paper-wrap", "staples", "inserts", "covers" }; /* * Reset state information... */ current_addr = *addr; current_state = -1; num_supplies = -1; charset = -1; memset(supplies, 0, sizeof(supplies)); /* * See if we should be getting supply levels via SNMP... */ if ((ppd = ppdOpenFile(getenv("PPD"))) == NULL || ((ppdattr = ppdFindAttr(ppd, "cupsSNMPSupplies", NULL)) != NULL && ppdattr->value && _cups_strcasecmp(ppdattr->value, "true"))) { ppdClose(ppd); return; } if ((ppdattr = ppdFindAttr(ppd, "cupsSNMPQuirks", NULL)) != NULL) { if (!_cups_strcasecmp(ppdattr->value, "capacity")) quirks |= CUPS_SNMP_CAPACITY; } ppdClose(ppd); /* * Get the device description... */ if (!_cupsSNMPWrite(snmp_fd, addr, CUPS_SNMP_VERSION_1, _cupsSNMPDefaultCommunity(), CUPS_ASN1_GET_REQUEST, 1, hrDeviceDescr)) return; if (!_cupsSNMPRead(snmp_fd, &packet, CUPS_SUPPLY_TIMEOUT) || packet.object_type != CUPS_ASN1_OCTET_STRING) { strlcpy(description, "Unknown", sizeof(description)); num_supplies = 0; } else strlcpy(description, (char *)packet.object_value.string.bytes, sizeof(description)); fprintf(stderr, "DEBUG2: hrDeviceDesc=\"%s\"\n", description); /* * See if we have already queried this device... */ httpAddrString(addr, addrstr, sizeof(addrstr)); if ((cachedir = getenv("CUPS_CACHEDIR")) == NULL) cachedir = CUPS_CACHEDIR; snprintf(cachefilename, sizeof(cachefilename), "%s/%s.snmp", cachedir, addrstr); if ((cachefile = cupsFileOpen(cachefilename, "r")) != NULL) { /* * Yes, read the cache file: * * 3 num_supplies charset * device description * supply structures... */ if (cupsFileGets(cachefile, value, sizeof(value))) { if (sscanf(value, "3 %d%d", &num_supplies, &charset) == 2 && num_supplies <= CUPS_MAX_SUPPLIES && cupsFileGets(cachefile, value, sizeof(value))) { if (!strcmp(description, value)) cupsFileRead(cachefile, (char *)supplies, (size_t)num_supplies * sizeof(backend_supplies_t)); else { num_supplies = -1; charset = -1; } } else { num_supplies = -1; charset = -1; } } cupsFileClose(cachefile); } /* * If the cache information isn't correct, scan for supplies... */ if (charset < 0) { /* * Get the configured character set... */ int oid[CUPS_SNMP_MAX_OID]; /* OID for character set */ if (!_cupsSNMPWrite(snmp_fd, ¤t_addr, CUPS_SNMP_VERSION_1, _cupsSNMPDefaultCommunity(), CUPS_ASN1_GET_REQUEST, 1, prtGeneralCurrentLocalization)) return; if (!_cupsSNMPRead(snmp_fd, &packet, CUPS_SUPPLY_TIMEOUT) || packet.object_type != CUPS_ASN1_INTEGER) { fprintf(stderr, "DEBUG: prtGeneralCurrentLocalization type is %x, expected %x!\n", packet.object_type, CUPS_ASN1_INTEGER); return; } fprintf(stderr, "DEBUG2: prtGeneralCurrentLocalization=%d\n", packet.object_value.integer); _cupsSNMPCopyOID(oid, prtLocalizationCharacterSet, CUPS_SNMP_MAX_OID); oid[prtLocalizationCharacterSetOffset - 2] = packet.object_value.integer; if (!_cupsSNMPWrite(snmp_fd, ¤t_addr, CUPS_SNMP_VERSION_1, _cupsSNMPDefaultCommunity(), CUPS_ASN1_GET_REQUEST, 1, oid)) return; if (!_cupsSNMPRead(snmp_fd, &packet, CUPS_SUPPLY_TIMEOUT) || packet.object_type != CUPS_ASN1_INTEGER) { fprintf(stderr, "DEBUG: prtLocalizationCharacterSet type is %x, expected %x!\n", packet.object_type, CUPS_ASN1_INTEGER); return; } fprintf(stderr, "DEBUG2: prtLocalizationCharacterSet=%d\n", packet.object_value.integer); charset = packet.object_value.integer; } if (num_supplies < 0) { /* * Walk the printer configuration information... */ _cupsSNMPWalk(snmp_fd, ¤t_addr, CUPS_SNMP_VERSION_1, _cupsSNMPDefaultCommunity(), prtMarkerSuppliesEntry, CUPS_SUPPLY_TIMEOUT, backend_walk_cb, NULL); } /* * Save the cached information... */ if (num_supplies < 0) num_supplies = 0; if ((cachefile = cupsFileOpen(cachefilename, "w")) != NULL) { cupsFilePrintf(cachefile, "3 %d %d\n", num_supplies, charset); cupsFilePrintf(cachefile, "%s\n", description); if (num_supplies > 0) cupsFileWrite(cachefile, (char *)supplies, (size_t)num_supplies * sizeof(backend_supplies_t)); cupsFileClose(cachefile); } if (num_supplies <= 0) return; /* * Get the colors... */ for (i = 0; i < num_supplies; i ++) strlcpy(supplies[i].color, "none", sizeof(supplies[i].color)); _cupsSNMPWalk(snmp_fd, ¤t_addr, CUPS_SNMP_VERSION_1, _cupsSNMPDefaultCommunity(), prtMarkerColorantValue, CUPS_SUPPLY_TIMEOUT, backend_walk_cb, NULL); /* * Output the marker-colors attribute... */ for (i = 0, ptr = value; i < num_supplies; i ++, ptr += strlen(ptr)) { if (i) *ptr++ = ','; strlcpy(ptr, supplies[i].color, sizeof(value) - (size_t)(ptr - value)); } fprintf(stderr, "ATTR: marker-colors=%s\n", value); /* * Output the marker-names attribute (the double quoting is necessary to deal * with embedded quotes and commas in the marker names...) */ for (i = 0, ptr = value; i < num_supplies; i ++) { if (i) *ptr++ = ','; *ptr++ = '\''; *ptr++ = '\"'; for (name_ptr = supplies[i].name; *name_ptr;) { if (*name_ptr == '\\' || *name_ptr == '\"' || *name_ptr == '\'') { *ptr++ = '\\'; *ptr++ = '\\'; *ptr++ = '\\'; } *ptr++ = *name_ptr++; } *ptr++ = '\"'; *ptr++ = '\''; } *ptr = '\0'; fprintf(stderr, "ATTR: marker-names=%s\n", value); /* * Output the marker-types attribute... */ for (i = 0, ptr = value; i < num_supplies; i ++, ptr += strlen(ptr)) { if (i) *ptr++ = ','; type = supplies[i].type; if (type < CUPS_TC_other || type > CUPS_TC_covers) strlcpy(ptr, "unknown", sizeof(value) - (size_t)(ptr - value)); else strlcpy(ptr, types[type - CUPS_TC_other], sizeof(value) - (size_t)(ptr - value)); } fprintf(stderr, "ATTR: marker-types=%s\n", value); }
static void service_add_listener(int fd, /* I - Socket file descriptor */ int idx) /* I - Listener number, for logging */ { cupsd_listener_t *lis; /* Listeners array */ http_addr_t addr; /* Address variable */ socklen_t addrlen; /* Length of address */ char s[256]; /* String addresss */ addrlen = sizeof(addr); if (getsockname(fd, (struct sockaddr *)&addr, &addrlen)) { cupsdLogMessage(CUPSD_LOG_ERROR, "service_add_listener: Unable to get local address for listener #%d: %s", idx + 1, strerror(errno)); return; } cupsdLogMessage(CUPSD_LOG_DEBUG, "service_add_listener: Listener #%d at fd %d, \"%s\".", idx + 1, fd, httpAddrString(&addr, s, sizeof(s))); /* * Try to match the on-demand socket address to one of the listeners... */ for (lis = (cupsd_listener_t *)cupsArrayFirst(Listeners); lis; lis = (cupsd_listener_t *)cupsArrayNext(Listeners)) if (httpAddrEqual(&lis->address, &addr)) break; /* * Add a new listener If there's no match... */ if (lis) { cupsdLogMessage(CUPSD_LOG_DEBUG, "service_add_listener: Matched existing listener #%d to %s.", idx + 1, httpAddrString(&(lis->address), s, sizeof(s))); } else { cupsdLogMessage(CUPSD_LOG_DEBUG, "service_add_listener: Adding new listener #%d for %s.", idx + 1, httpAddrString(&addr, s, sizeof(s))); if ((lis = calloc(1, sizeof(cupsd_listener_t))) == NULL) { cupsdLogMessage(CUPSD_LOG_ERROR, "service_add_listener: Unable to allocate listener: %s.", strerror(errno)); exit(EXIT_FAILURE); return; } cupsArrayAdd(Listeners, lis); memcpy(&lis->address, &addr, sizeof(lis->address)); } lis->fd = fd; lis->on_demand = 1; # ifdef HAVE_SSL if (httpAddrPort(&(lis->address)) == 443) lis->encryption = HTTP_ENCRYPT_ALWAYS; # endif /* HAVE_SSL */ }
static void launchd_checkin(void) { size_t i, /* Looping var */ count; /* Number of listeners */ launch_data_t ld_msg, /* Launch data message */ ld_resp, /* Launch data response */ ld_array, /* Launch data array */ ld_sockets, /* Launch data sockets dictionary */ tmp; /* Launch data */ cupsd_listener_t *lis; /* Listeners array */ http_addr_t addr; /* Address variable */ socklen_t addrlen; /* Length of address */ int fd; /* File descriptor */ char s[256]; /* String addresss */ cupsdLogMessage(CUPSD_LOG_DEBUG, "launchd_checkin: pid=%d", (int)getpid()); /* * Check-in with launchd... */ ld_msg = launch_data_new_string(LAUNCH_KEY_CHECKIN); if ((ld_resp = launch_msg(ld_msg)) == NULL) { cupsdLogMessage(CUPSD_LOG_ERROR, "launchd_checkin: launch_msg(\"" LAUNCH_KEY_CHECKIN "\") IPC failure"); exit(EXIT_FAILURE); return; /* anti-compiler-warning */ } if (launch_data_get_type(ld_resp) == LAUNCH_DATA_ERRNO) { errno = launch_data_get_errno(ld_resp); cupsdLogMessage(CUPSD_LOG_ERROR, "launchd_checkin: Check-in failed: %s", strerror(errno)); exit(EXIT_FAILURE); return; /* anti-compiler-warning */ } /* * Get the sockets dictionary... */ if ((ld_sockets = launch_data_dict_lookup(ld_resp, LAUNCH_JOBKEY_SOCKETS)) == NULL) { cupsdLogMessage(CUPSD_LOG_ERROR, "launchd_checkin: No sockets found to answer requests on!"); exit(EXIT_FAILURE); return; /* anti-compiler-warning */ } /* * Get the array of listener sockets... */ if ((ld_array = launch_data_dict_lookup(ld_sockets, "Listeners")) == NULL) { cupsdLogMessage(CUPSD_LOG_ERROR, "launchd_checkin: No sockets found to answer requests on!"); exit(EXIT_FAILURE); return; /* anti-compiler-warning */ } /* * Add listening fd(s) to the Listener array... */ if (launch_data_get_type(ld_array) == LAUNCH_DATA_ARRAY) { count = launch_data_array_get_count(ld_array); for (i = 0; i < count; i ++) { /* * Get the launchd file descriptor and address... */ if ((tmp = launch_data_array_get_index(ld_array, i)) != NULL) { fd = launch_data_get_fd(tmp); addrlen = sizeof(addr); if (getsockname(fd, (struct sockaddr *)&addr, &addrlen)) { cupsdLogMessage(CUPSD_LOG_ERROR, "launchd_checkin: Unable to get local address - %s", strerror(errno)); continue; } /* * Try to match the launchd socket address to one of the listeners... */ for (lis = (cupsd_listener_t *)cupsArrayFirst(Listeners); lis; lis = (cupsd_listener_t *)cupsArrayNext(Listeners)) if (httpAddrEqual(&lis->address, &addr)) break; /* * Add a new listener If there's no match... */ if (lis) { cupsdLogMessage(CUPSD_LOG_DEBUG, "launchd_checkin: Matched existing listener %s with fd %d...", httpAddrString(&(lis->address), s, sizeof(s)), fd); } else { cupsdLogMessage(CUPSD_LOG_DEBUG, "launchd_checkin: Adding new listener %s with fd %d...", httpAddrString(&addr, s, sizeof(s)), fd); if ((lis = calloc(1, sizeof(cupsd_listener_t))) == NULL) { cupsdLogMessage(CUPSD_LOG_ERROR, "launchd_checkin: Unable to allocate listener - " "%s.", strerror(errno)); exit(EXIT_FAILURE); } cupsArrayAdd(Listeners, lis); memcpy(&lis->address, &addr, sizeof(lis->address)); } lis->fd = fd; # ifdef HAVE_SSL if (_httpAddrPort(&(lis->address)) == 443) lis->encryption = HTTP_ENCRYPT_ALWAYS; # endif /* HAVE_SSL */ } } } launch_data_free(ld_msg); launch_data_free(ld_resp); }
void cupsdNetIFUpdate(void) { int match; /* Matching address? */ cupsd_listener_t *lis; /* Listen address */ cupsd_netif_t *temp; /* New interface */ struct ifaddrs *addrs, /* Interface address list */ *addr; /* Current interface address */ char hostname[1024]; /* Hostname for address */ size_t hostlen; /* Length of hostname */ /* * Only update the list if we need to... */ if (!NetIFUpdate) return; NetIFUpdate = 0; /* * Free the old interfaces... */ cupsdNetIFFree(); /* * Make sure we have an array... */ if (!NetIFList) NetIFList = cupsArrayNew((cups_array_func_t)compare_netif, NULL); if (!NetIFList) return; /* * Grab a new list of interfaces... */ if (getifaddrs(&addrs) < 0) { cupsdLogMessage(CUPSD_LOG_DEBUG, "cupsdNetIFUpdate: Unable to get interface list - %s", strerror(errno)); return; } for (addr = addrs; addr != NULL; addr = addr->ifa_next) { /* * See if this interface address is IPv4 or IPv6... */ if (addr->ifa_addr == NULL || (addr->ifa_addr->sa_family != AF_INET #ifdef AF_INET6 && addr->ifa_addr->sa_family != AF_INET6 #endif ) || addr->ifa_netmask == NULL || addr->ifa_name == NULL) { cupsdLogMessage(CUPSD_LOG_DEBUG, "cupsdNetIFUpdate: Ignoring \"%s\".", addr->ifa_name); continue; } /* * Try looking up the hostname for the address as needed... */ if (HostNameLookups) httpAddrLookup((http_addr_t *)(addr->ifa_addr), hostname, sizeof(hostname)); else { /* * Map the default server address and localhost to the server name * and localhost, respectively; for all other addresses, use the * numeric address... */ if (httpAddrLocalhost((http_addr_t *)(addr->ifa_addr))) strlcpy(hostname, "localhost", sizeof(hostname)); else httpAddrString((http_addr_t *)(addr->ifa_addr), hostname, sizeof(hostname)); } /* * Create a new address element... */ hostlen = strlen(hostname); if ((temp = calloc(1, sizeof(cupsd_netif_t) + hostlen)) == NULL) { cupsdLogMessage(CUPSD_LOG_DEBUG, "cupsdNetIFUpdate: Unable to allocate memory for interface."); break; } /* * Copy all of the information... */ strlcpy(temp->name, addr->ifa_name, sizeof(temp->name)); temp->hostlen = hostlen; memcpy(temp->hostname, hostname, hostlen + 1); if (addr->ifa_addr->sa_family == AF_INET) { /* * Copy IPv4 addresses... */ memcpy(&(temp->address), addr->ifa_addr, sizeof(struct sockaddr_in)); memcpy(&(temp->mask), addr->ifa_netmask, sizeof(struct sockaddr_in)); if (addr->ifa_dstaddr) memcpy(&(temp->broadcast), addr->ifa_dstaddr, sizeof(struct sockaddr_in)); } #ifdef AF_INET6 else { /* * Copy IPv6 addresses... */ memcpy(&(temp->address), addr->ifa_addr, sizeof(struct sockaddr_in6)); memcpy(&(temp->mask), addr->ifa_netmask, sizeof(struct sockaddr_in6)); if (addr->ifa_dstaddr) memcpy(&(temp->broadcast), addr->ifa_dstaddr, sizeof(struct sockaddr_in6)); } #endif /* AF_INET6 */ if (!(addr->ifa_flags & IFF_POINTOPOINT) && !httpAddrLocalhost(&(temp->address))) temp->is_local = 1; /* * Determine which port to use when advertising printers... */ for (lis = (cupsd_listener_t *)cupsArrayFirst(Listeners); lis; lis = (cupsd_listener_t *)cupsArrayNext(Listeners)) { match = 0; if (httpAddrAny(&(lis->address))) match = 1; else if (addr->ifa_addr->sa_family == AF_INET && lis->address.addr.sa_family == AF_INET && (lis->address.ipv4.sin_addr.s_addr & temp->mask.ipv4.sin_addr.s_addr) == (temp->address.ipv4.sin_addr.s_addr & temp->mask.ipv4.sin_addr.s_addr)) match = 1; #ifdef AF_INET6 else if (addr->ifa_addr->sa_family == AF_INET6 && lis->address.addr.sa_family == AF_INET6 && (lis->address.ipv6.sin6_addr.s6_addr[0] & temp->mask.ipv6.sin6_addr.s6_addr[0]) == (temp->address.ipv6.sin6_addr.s6_addr[0] & temp->mask.ipv6.sin6_addr.s6_addr[0]) && (lis->address.ipv6.sin6_addr.s6_addr[1] & temp->mask.ipv6.sin6_addr.s6_addr[1]) == (temp->address.ipv6.sin6_addr.s6_addr[1] & temp->mask.ipv6.sin6_addr.s6_addr[1]) && (lis->address.ipv6.sin6_addr.s6_addr[2] & temp->mask.ipv6.sin6_addr.s6_addr[2]) == (temp->address.ipv6.sin6_addr.s6_addr[2] & temp->mask.ipv6.sin6_addr.s6_addr[2]) && (lis->address.ipv6.sin6_addr.s6_addr[3] & temp->mask.ipv6.sin6_addr.s6_addr[3]) == (temp->address.ipv6.sin6_addr.s6_addr[3] & temp->mask.ipv6.sin6_addr.s6_addr[3])) match = 1; #endif /* AF_INET6 */ if (match) { temp->port = httpAddrPort(&(lis->address)); break; } } /* * Add it to the array... */ cupsArrayAdd(NetIFList, temp); cupsdLogMessage(CUPSD_LOG_DEBUG, "cupsdNetIFUpdate: \"%s\" = %s:%d", temp->name, temp->hostname, temp->port); } freeifaddrs(addrs); }
int /* O - Exit status */ main(int argc, /* I - Number of command-line arguments (6 or 7) */ char *argv[]) /* I - Command-line arguments */ { const char *device_uri; /* Device URI */ char scheme[255], /* Scheme in URI */ hostname[1024], /* Hostname */ username[255], /* Username info (not used) */ resource[1024], /* Resource info (not used) */ *options, /* Pointer to options */ *name, /* Name of option */ *value, /* Value of option */ sep; /* Option separator */ int print_fd; /* Print file */ int copies; /* Number of copies to print */ time_t start_time; /* Time of first connect */ #ifdef __APPLE__ time_t current_time, /* Current time */ wait_time; /* Time to wait before shutting down socket */ #endif /* __APPLE__ */ int contimeout; /* Connection timeout */ int waiteof; /* Wait for end-of-file? */ int port; /* Port number */ char portname[255]; /* Port name */ int delay; /* Delay for retries... */ int device_fd; /* AppSocket */ int error; /* Error code (if any) */ http_addrlist_t *addrlist, /* Address list */ *addr; /* Connected address */ char addrname[256]; /* Address name */ int snmp_fd, /* SNMP socket */ start_count, /* Page count via SNMP at start */ page_count, /* Page count via SNMP */ have_supplies; /* Printer supports supply levels? */ ssize_t bytes = 0, /* Initial bytes read */ tbytes; /* Total number of bytes written */ char buffer[1024]; /* Initial print buffer */ #if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET) struct sigaction action; /* Actions for POSIX signals */ #endif /* HAVE_SIGACTION && !HAVE_SIGSET */ /* * Make sure status messages are not buffered... */ setbuf(stderr, NULL); /* * Ignore SIGPIPE signals... */ #ifdef HAVE_SIGSET sigset(SIGPIPE, SIG_IGN); #elif defined(HAVE_SIGACTION) memset(&action, 0, sizeof(action)); action.sa_handler = SIG_IGN; sigaction(SIGPIPE, &action, NULL); #else signal(SIGPIPE, SIG_IGN); #endif /* HAVE_SIGSET */ /* * Check command-line... */ if (argc == 1) { printf("network socket \"Unknown\" \"%s\"\n", _cupsLangString(cupsLangDefault(), _("AppSocket/HP JetDirect"))); return (CUPS_BACKEND_OK); } else if (argc < 6 || argc > 7) { _cupsLangPrintf(stderr, _("Usage: %s job-id user title copies options [file]"), argv[0]); return (CUPS_BACKEND_FAILED); } /* * If we have 7 arguments, print the file named on the command-line. * Otherwise, send stdin instead... */ if (argc == 6) { print_fd = 0; copies = 1; } else { /* * Try to open the print file... */ if ((print_fd = open(argv[6], O_RDONLY)) < 0) { _cupsLangPrintError("ERROR", _("Unable to open print file")); return (CUPS_BACKEND_FAILED); } copies = atoi(argv[4]); } /* * Extract the hostname and port number from the URI... */ while ((device_uri = cupsBackendDeviceURI(argv)) == NULL) { _cupsLangPrintFilter(stderr, "INFO", _("Unable to locate printer.")); sleep(10); if (getenv("CLASS") != NULL) return (CUPS_BACKEND_FAILED); } httpSeparateURI(HTTP_URI_CODING_ALL, device_uri, scheme, sizeof(scheme), username, sizeof(username), hostname, sizeof(hostname), &port, resource, sizeof(resource)); if (port == 0) port = 9100; /* Default to HP JetDirect/Tektronix PhaserShare */ /* * Get options, if any... */ waiteof = 1; contimeout = 7 * 24 * 60 * 60; if ((options = strchr(resource, '?')) != NULL) { /* * Yup, terminate the device name string and move to the first * character of the options... */ *options++ = '\0'; /* * Parse options... */ while (*options) { /* * Get the name... */ name = options; while (*options && *options != '=' && *options != '+' && *options != '&') options ++; if ((sep = *options) != '\0') *options++ = '\0'; if (sep == '=') { /* * Get the value... */ value = options; while (*options && *options != '+' && *options != '&') options ++; if (*options) *options++ = '\0'; } else value = (char *)""; /* * Process the option... */ if (!_cups_strcasecmp(name, "waiteof")) { /* * Set the wait-for-eof value... */ waiteof = !value[0] || !_cups_strcasecmp(value, "on") || !_cups_strcasecmp(value, "yes") || !_cups_strcasecmp(value, "true"); } else if (!_cups_strcasecmp(name, "contimeout")) { /* * Set the connection timeout... */ if (atoi(value) > 0) contimeout = atoi(value); } } } /* * Then try finding the remote host... */ start_time = time(NULL); sprintf(portname, "%d", port); fputs("STATE: +connecting-to-device\n", stderr); fprintf(stderr, "DEBUG: Looking up \"%s\"...\n", hostname); while ((addrlist = httpAddrGetList(hostname, AF_UNSPEC, portname)) == NULL) { _cupsLangPrintFilter(stderr, "INFO", _("Unable to locate printer \"%s\"."), hostname); sleep(10); if (getenv("CLASS") != NULL) { fputs("STATE: -connecting-to-device\n", stderr); return (CUPS_BACKEND_STOP); } } /* * See if the printer supports SNMP... */ if ((snmp_fd = _cupsSNMPOpen(addrlist->addr.addr.sa_family)) >= 0) { have_supplies = !backendSNMPSupplies(snmp_fd, &(addrlist->addr), &start_count, NULL); } else have_supplies = start_count = 0; /* * Wait for data from the filter... */ if (print_fd == 0) { if (!backendWaitLoop(snmp_fd, &(addrlist->addr), 1, backendNetworkSideCB)) return (CUPS_BACKEND_OK); else if ((bytes = read(0, buffer, sizeof(buffer))) <= 0) return (CUPS_BACKEND_OK); } /* * Connect to the printer... */ fprintf(stderr, "DEBUG: Connecting to %s:%d\n", hostname, port); _cupsLangPrintFilter(stderr, "INFO", _("Connecting to printer.")); for (delay = 5;;) { if ((addr = httpAddrConnect(addrlist, &device_fd)) == NULL) { error = errno; device_fd = -1; if (getenv("CLASS") != NULL) { /* * If the CLASS environment variable is set, the job was submitted * to a class and not to a specific queue. In this case, we want * to abort immediately so that the job can be requeued on the next * available printer in the class. */ _cupsLangPrintFilter(stderr, "INFO", _("Unable to contact printer, queuing on next " "printer in class.")); /* * Sleep 5 seconds to keep the job from requeuing too rapidly... */ sleep(5); return (CUPS_BACKEND_FAILED); } fprintf(stderr, "DEBUG: Connection error: %s\n", strerror(error)); if (error == ECONNREFUSED || error == EHOSTDOWN || error == EHOSTUNREACH) { if (contimeout && (time(NULL) - start_time) > contimeout) { _cupsLangPrintFilter(stderr, "ERROR", _("The printer is not responding.")); return (CUPS_BACKEND_FAILED); } switch (error) { case EHOSTDOWN : _cupsLangPrintFilter(stderr, "WARNING", _("The printer may not exist or " "is unavailable at this time.")); break; case EHOSTUNREACH : _cupsLangPrintFilter(stderr, "WARNING", _("The printer is unreachable at this " "time.")); break; case ECONNREFUSED : default : _cupsLangPrintFilter(stderr, "WARNING", _("The printer is in use.")); break; } sleep(delay); if (delay < 30) delay += 5; } else { _cupsLangPrintFilter(stderr, "ERROR", _("The printer is not responding.")); sleep(30); } } else break; } fputs("STATE: -connecting-to-device\n", stderr); _cupsLangPrintFilter(stderr, "INFO", _("Connected to printer.")); fprintf(stderr, "DEBUG: Connected to %s:%d...\n", httpAddrString(&(addr->addr), addrname, sizeof(addrname)), _httpAddrPort(&(addr->addr))); /* * Print everything... */ tbytes = 0; if (bytes > 0) tbytes += write(device_fd, buffer, bytes); while (copies > 0 && tbytes >= 0) { copies --; if (print_fd != 0) { fputs("PAGE: 1 1\n", stderr); lseek(print_fd, 0, SEEK_SET); } tbytes = backendRunLoop(print_fd, device_fd, snmp_fd, &(addrlist->addr), 1, 0, backendNetworkSideCB); if (print_fd != 0 && tbytes >= 0) _cupsLangPrintFilter(stderr, "INFO", _("Print file sent.")); } #ifdef __APPLE__ /* * Wait up to 5 seconds to get any pending back-channel data... */ wait_time = time(NULL) + 5; while (wait_time >= time(¤t_time)) if (wait_bc(device_fd, wait_time - current_time) <= 0) break; #endif /* __APPLE__ */ if (waiteof) { /* * Shutdown the socket and wait for the other end to finish... */ _cupsLangPrintFilter(stderr, "INFO", _("Waiting for printer to finish.")); shutdown(device_fd, 1); while (wait_bc(device_fd, 90) > 0); } /* * Collect the final page count as needed... */ if (have_supplies && !backendSNMPSupplies(snmp_fd, &(addrlist->addr), &page_count, NULL) && page_count > start_count) fprintf(stderr, "PAGE: total %d\n", page_count - start_count); /* * Close the socket connection... */ close(device_fd); httpAddrFreeList(addrlist); /* * Close the input file and return... */ if (print_fd != 0) close(print_fd); return (CUPS_BACKEND_OK); }
http_addrlist_t * /* O - Connected address or NULL on failure */ httpAddrConnect2( http_addrlist_t *addrlist, /* I - List of potential addresses */ int *sock, /* O - Socket */ int msec, /* I - Timeout in milliseconds */ int *cancel) /* I - Pointer to "cancel" variable */ { int val; /* Socket option value */ #ifndef WIN32 int flags; /* Socket flags */ #endif /* !WIN32 */ int remaining; /* Remaining timeout */ int i, /* Looping var */ nfds, /* Number of file descriptors */ fds[100], /* Socket file descriptors */ result; /* Result from select() or poll() */ http_addrlist_t *addrs[100]; /* Addresses */ #ifndef HAVE_POLL int max_fd = -1; /* Highest file descriptor */ #endif /* !HAVE_POLL */ #ifdef O_NONBLOCK # ifdef HAVE_POLL struct pollfd pfds[100]; /* Polled file descriptors */ # else fd_set input_set, /* select() input set */ output_set, /* select() output set */ error_set; /* select() error set */ struct timeval timeout; /* Timeout */ # endif /* HAVE_POLL */ #endif /* O_NONBLOCK */ #ifdef DEBUG socklen_t len; /* Length of value */ http_addr_t peer; /* Peer address */ char temp[256]; /* Temporary address string */ #endif /* DEBUG */ DEBUG_printf(("httpAddrConnect2(addrlist=%p, sock=%p, msec=%d, cancel=%p)", (void *)addrlist, (void *)sock, msec, (void *)cancel)); if (!sock) { errno = EINVAL; _cupsSetError(IPP_STATUS_ERROR_INTERNAL, strerror(errno), 0); return (NULL); } if (cancel && *cancel) return (NULL); if (msec <= 0) msec = INT_MAX; /* * Loop through each address until we connect or run out of addresses... */ nfds = 0; remaining = msec; while (remaining > 0) { if (cancel && *cancel) { while (nfds > 0) { nfds --; httpAddrClose(NULL, fds[nfds]); } return (NULL); } if (addrlist && nfds < (int)(sizeof(fds) / sizeof(fds[0]))) { /* * Create the socket... */ DEBUG_printf(("2httpAddrConnect2: Trying %s:%d...", httpAddrString(&(addrlist->addr), temp, sizeof(temp)), httpAddrPort(&(addrlist->addr)))); if ((fds[nfds] = (int)socket(httpAddrFamily(&(addrlist->addr)), SOCK_STREAM, 0)) < 0) { /* * Don't abort yet, as this could just be an issue with the local * system not being configured with IPv4/IPv6/domain socket enabled. * * Just skip this address... */ addrlist = addrlist->next; continue; } /* * Set options... */ val = 1; setsockopt(fds[nfds], SOL_SOCKET, SO_REUSEADDR, CUPS_SOCAST &val, sizeof(val)); #ifdef SO_REUSEPORT val = 1; setsockopt(fds[nfds], SOL_SOCKET, SO_REUSEPORT, CUPS_SOCAST &val, sizeof(val)); #endif /* SO_REUSEPORT */ #ifdef SO_NOSIGPIPE val = 1; setsockopt(fds[nfds], SOL_SOCKET, SO_NOSIGPIPE, CUPS_SOCAST &val, sizeof(val)); #endif /* SO_NOSIGPIPE */ /* * Using TCP_NODELAY improves responsiveness, especially on systems * with a slow loopback interface... */ val = 1; setsockopt(fds[nfds], IPPROTO_TCP, TCP_NODELAY, CUPS_SOCAST &val, sizeof(val)); #ifdef FD_CLOEXEC /* * Close this socket when starting another process... */ fcntl(fds[nfds], F_SETFD, FD_CLOEXEC); #endif /* FD_CLOEXEC */ #ifdef O_NONBLOCK /* * Do an asynchronous connect by setting the socket non-blocking... */ DEBUG_printf(("httpAddrConnect2: Setting non-blocking connect()")); flags = fcntl(fds[nfds], F_GETFL, 0); fcntl(fds[nfds], F_SETFL, flags | O_NONBLOCK); #endif /* O_NONBLOCK */ /* * Then connect... */ if (!connect(fds[nfds], &(addrlist->addr.addr), (socklen_t)httpAddrLength(&(addrlist->addr)))) { DEBUG_printf(("1httpAddrConnect2: Connected to %s:%d...", httpAddrString(&(addrlist->addr), temp, sizeof(temp)), httpAddrPort(&(addrlist->addr)))); #ifdef O_NONBLOCK fcntl(fds[nfds], F_SETFL, flags); #endif /* O_NONBLOCK */ *sock = fds[nfds]; while (nfds > 0) { nfds --; httpAddrClose(NULL, fds[nfds]); } return (addrlist); } #ifdef WIN32 if (WSAGetLastError() != WSAEINPROGRESS && WSAGetLastError() != WSAEWOULDBLOCK) #else if (errno != EINPROGRESS && errno != EWOULDBLOCK) #endif /* WIN32 */ { DEBUG_printf(("1httpAddrConnect2: Unable to connect to %s:%d: %s", httpAddrString(&(addrlist->addr), temp, sizeof(temp)), httpAddrPort(&(addrlist->addr)), strerror(errno))); httpAddrClose(NULL, fds[nfds]); addrlist = addrlist->next; continue; } #ifndef WIN32 fcntl(fds[nfds], F_SETFL, flags); #endif /* !WIN32 */ #ifndef HAVE_POLL if (fds[nfds] > max_fd) max_fd = fds[nfds]; #endif /* !HAVE_POLL */ addrs[nfds] = addrlist; nfds ++; addrlist = addrlist->next; } if (!addrlist && nfds == 0) break; /* * See if we can connect to any of the addresses so far... */ #ifdef O_NONBLOCK DEBUG_puts("1httpAddrConnect2: Finishing async connect()"); do { if (cancel && *cancel) { /* * Close this socket and return... */ DEBUG_puts("1httpAddrConnect2: Canceled connect()"); while (nfds > 0) { nfds --; httpAddrClose(NULL, fds[nfds]); } *sock = -1; return (NULL); } # ifdef HAVE_POLL for (i = 0; i < nfds; i ++) { pfds[i].fd = fds[i]; pfds[i].events = POLLIN | POLLOUT; } result = poll(pfds, (nfds_t)nfds, addrlist ? 100 : remaining > 250 ? 250 : remaining); DEBUG_printf(("1httpAddrConnect2: poll() returned %d (%d)", result, errno)); # else FD_ZERO(&input_set); for (i = 0; i < nfds; i ++) FD_SET(fds[i], &input_set); output_set = input_set; error_set = input_set; timeout.tv_sec = 0; timeout.tv_usec = (addrlist ? 100 : remaining > 250 ? 250 : remaining) * 1000; result = select(max_fd + 1, &input_set, &output_set, &error_set, &timeout); DEBUG_printf(("1httpAddrConnect2: select() returned %d (%d)", result, errno)); # endif /* HAVE_POLL */ } # ifdef WIN32 while (result < 0 && (WSAGetLastError() == WSAEINTR || WSAGetLastError() == WSAEWOULDBLOCK)); # else while (result < 0 && (errno == EINTR || errno == EAGAIN)); # endif /* WIN32 */ if (result > 0) { http_addrlist_t *connaddr = NULL; /* Connected address, if any */ for (i = 0; i < nfds; i ++) { # ifdef HAVE_POLL DEBUG_printf(("pfds[%d].revents=%x\n", i, pfds[i].revents)); if (pfds[i].revents && !(pfds[i].revents & (POLLERR | POLLHUP))) # else if (FD_ISSET(fds[i], &input_set) && !FD_ISSET(fds[i], &error_set)) # endif /* HAVE_POLL */ { *sock = fds[i]; connaddr = addrs[i]; # ifdef DEBUG len = sizeof(peer); if (!getpeername(fds[i], (struct sockaddr *)&peer, &len)) DEBUG_printf(("1httpAddrConnect2: Connected to %s:%d...", httpAddrString(&peer, temp, sizeof(temp)), httpAddrPort(&peer))); # endif /* DEBUG */ } # ifdef HAVE_POLL else if (pfds[i].revents & (POLLERR | POLLHUP)) # else else if (FD_ISSET(fds[i], &error_set)) # endif /* HAVE_POLL */ { /* * Error on socket, remove from the "pool"... */ httpAddrClose(NULL, fds[i]); nfds --; if (i < nfds) { memmove(fds + i, fds + i + 1, (size_t)(nfds - i) * (sizeof(fds[0]))); memmove(addrs + i, addrs + i + 1, (size_t)(nfds - i) * (sizeof(addrs[0]))); } i --; } } if (connaddr) return (connaddr); } #endif /* O_NONBLOCK */ if (addrlist) remaining -= 100; else remaining -= 250; }