1/*************************************************************************** 2 * LPRng - An Extended Print Spooler System 3 * 4 * Copyright 1988-2003, Patrick Powell, San Diego, CA 5 * papowell@lprng.com 6 * See LICENSE for conditions of use. 7 * $Id: permission.h,v 1.1.1.1 2008/10/15 03:28:27 james26_jang Exp $ 8 ***************************************************************************/ 9 10 11 12#ifndef _PERMISSION_H_ 13#define _PERMISSION_H_ 1 14 15/*************************************************************************** 16 * Permissions keywords 17 ***************************************************************************/ 18 19#define P_REJECT -1 20#define P_ACCEPT 1 21#define P_NOT 2 /* invert test condition */ 22#define P_SERVICE 3 /* Service listed below */ 23#define P_USER 4 /* USER field from control file (LPR) or command */ 24 /* if a command, the user name is sent with command */ 25#define P_HOST 5 /* HOST field from control file */ 26 /* if not a printing operation, then host name 27 sent with command */ 28#define P_IP 6 /* IP address of HOST */ 29#define P_PORT 7 /* remote connect */ 30#define P_REMOTEHOST 8 /* remote end of connnection host name */ 31 /* if printing, has the same value as HOST */ 32#define P_REMOTEIP 9 /* remote end of connnection IP address */ 33 /* if printing, has the same value as IP */ 34#define P_PRINTER 10 /* printer */ 35#define P_DEFAULT 11 36#define P_FORWARD 12 /* forward - REMOTE IP != IP */ 37#define P_SAMEHOST 13 /* same host - REMOTE IP == IP */ 38#define P_SAMEUSER 14 /* remote user name on command line == user in file */ 39#define P_CONTROLLINE 15 /* line from control file */ 40#define P_GROUP 16 /* user is in named group - uses getpwname() */ 41#define P_SERVER 17 /* request is from the server */ 42#define P_REMOTEUSER 18 /* USER from control information */ 43#define P_REMOTEGROUP 19 /* remote user is in named group - uses getpwname() */ 44#define P_IFIP 20 /* interface IP address */ 45#define P_LPC 21 /* LPC operations */ 46#define P_AUTH 22 /* authentication type - USER, SERVER, NONE */ 47#define P_AUTHTYPE 23 /* authentication type */ 48#define P_AUTHUSER 24 /* authentication user name */ 49#define P_AUTHFROM 25 /* from client or name */ 50#define P_AUTHSAMEUSER 26 /* from same authenticated user name */ 51#define P_AUTHJOB 27 /* job has authentication */ 52#define P_REMOTEPORT 28 /* alias for PORT */ 53#define P_UNIXSOCKET 29 /* connection via unixsocket - localhost + port 0 */ 54#define P_AUTHCA 30 /* Certifying authority */ 55 56/* 57 * First character of protocol to letter mappings 58 */ 59 60#define STARTPR 'P' /* 1 - from lPc */ 61#define RECVJOB 'R' /* 2 - from lpR, connection for printer */ 62#define TRANSFERJOB 'T' /* 2 - from lpR, user information in job */ 63#define SHORTSTAT 'Q' /* 3 - from lpQ */ 64#define LONGSTAT 'Q' /* 4 - from lpQ */ 65#define REMOVEJOB 'M' /* 5 - from lprM */ 66#define CONNECTION 'X' /* connection from remote host */ 67 68struct perm_check { 69 const char *user; /* USER field from control file */ 70 /* or REMOTEUSER from command line */ 71 const char *remoteuser; /* remote user name sent on command line */ 72 /* or USER field if no command line */ 73 struct host_information *host; /* HOST field from control file */ 74 /* or REMOTEHOST if no control file */ 75 struct host_information *remotehost;/* remote HOST name making connection */ 76 /* or HOST if no control file */ 77 int port; /* port for remote connection */ 78 const char *printer; /* printer name */ 79 // struct sockaddr addr; /* IF address information */ 80 int unix_socket; /* connection via unix socket */ 81 int service; /* first character service */ 82 const char *lpc; /* lpc operation */ 83 84 const char *authtype; /* authentication type */ 85 const char *authfrom; /* authentication from */ 86 const char *authuser; /* user from */ 87 const char *authca; /* authentication certifying authority */ 88}; 89 90EXTERN struct perm_check Perm_check; 91 92/* PROTOTYPES */ 93char *perm_str( int n ); 94int perm_val( char *s ); 95int Perms_check( struct line_list *perms, struct perm_check *check, 96 struct job *job, int job_check ); 97int match( struct line_list *list, const char *str, int invert ); 98int match_host( struct line_list *list, struct host_information *host, 99 int invert ); 100int portmatch( char *val, int port ); 101int match_range( struct line_list *list, int port, int invert ); 102int match_char( struct line_list *list, int value, int invert ); 103int match_group( struct line_list *list, const char *str, int invert ); 104int ingroup( char *group, const char *user ); 105void Dump_perm_check( char *title, struct perm_check *check ); 106void Perm_check_to_list( struct line_list *list, struct perm_check *check ); 107 108#endif 109