1/***************************************************************************
2 * LPRng - An Extended Print Spooler System
3 *
4 * Copyright 1988-2003, Patrick Powell, San Diego, CA
5 *     papowell@lprng.com
6 * See LICENSE for conditions of use.
7 * $Id: permission.h,v 1.1.1.1 2008/10/15 03:28:27 james26_jang Exp $
8 ***************************************************************************/
9
10
11
12#ifndef _PERMISSION_H_
13#define _PERMISSION_H_ 1
14
15/***************************************************************************
16 * Permissions keywords
17 ***************************************************************************/
18
19#define P_REJECT		-1
20#define P_ACCEPT		1
21#define P_NOT			2	/* invert test condition */
22#define P_SERVICE		3	/* Service listed below */
23#define P_USER			4	/* USER field from control file (LPR) or command */
24							/* if a command, the user name is sent with command */
25#define P_HOST			5	/* HOST field from control file */
26							/* if not a printing operation, then host name
27							sent with command */
28#define P_IP			6	/* IP address of HOST */
29#define P_PORT			7	/* remote connect */
30#define P_REMOTEHOST	8	/* remote end of connnection host name */
31							/* if printing, has the same value as HOST */
32#define P_REMOTEIP		9	/* remote end of connnection IP address */
33							/* if printing, has the same value as IP */
34#define P_PRINTER		10	/* printer */
35#define P_DEFAULT		11
36#define P_FORWARD		12	/* forward - REMOTE IP != IP */
37#define P_SAMEHOST		13	/* same host - REMOTE IP == IP */
38#define P_SAMEUSER		14	/* remote user name on command line == user in file */
39#define P_CONTROLLINE	15	/* line from control file */
40#define P_GROUP	 		16	/* user is in named group - uses getpwname() */
41#define P_SERVER	 	17	/* request is from the server */
42#define P_REMOTEUSER 	18	/* USER from control information */
43#define P_REMOTEGROUP	19	/* remote user is in named group - uses getpwname() */
44#define P_IFIP			20	/* interface IP address */
45#define P_LPC			21	/* LPC operations */
46#define P_AUTH			22	/* authentication type - USER, SERVER, NONE */
47#define P_AUTHTYPE		23	/* authentication type */
48#define P_AUTHUSER		24	/* authentication user name */
49#define P_AUTHFROM		25	/* from client or name */
50#define P_AUTHSAMEUSER	26	/* from same authenticated user name */
51#define P_AUTHJOB		27	/* job has authentication */
52#define P_REMOTEPORT	28	/* alias for PORT */
53#define P_UNIXSOCKET	29	/* connection via unixsocket - localhost + port 0 */
54#define P_AUTHCA		30	/* Certifying authority */
55
56/*
57 * First character of protocol to letter mappings
58 */
59
60#define STARTPR     'P'  /* 1  - from lPc */
61#define RECVJOB     'R'  /* 2  - from lpR, connection for printer */
62#define TRANSFERJOB 'T'  /* 2  - from lpR, user information in job */
63#define SHORTSTAT   'Q'  /* 3  - from lpQ */
64#define LONGSTAT    'Q'  /* 4  - from lpQ */
65#define REMOVEJOB   'M'  /* 5  - from lprM */
66#define CONNECTION  'X'  /* connection from remote host */
67
68struct perm_check {
69	const char *user;				/* USER field from control file */
70							/* or REMOTEUSER from command line */
71	const char *remoteuser;		/* remote user name sent on command line */
72							/* or USER field if no command line */
73	struct host_information *host;	/* HOST field from control file */
74							/* or REMOTEHOST if no control file */
75	struct host_information *remotehost;/* remote HOST name making connection */
76							/* or HOST if no control file */
77	int	port;				/* port for remote connection */
78	const char *printer;			/* printer name */
79	// struct sockaddr addr;	/* IF address information */
80	int unix_socket;		/* connection via unix socket */
81	int service;			/* first character service */
82	const char *lpc;				/* lpc operation */
83
84	const char *authtype;			/* authentication type */
85	const char *authfrom;			/* authentication from */
86	const char *authuser;			/* user from */
87	const char *authca;				/* authentication certifying authority */
88};
89
90EXTERN struct perm_check Perm_check;
91
92/* PROTOTYPES */
93char *perm_str( int n );
94int perm_val( char *s );
95int Perms_check( struct line_list *perms, struct perm_check *check,
96	struct job *job, int job_check );
97int match( struct line_list *list, const char *str, int invert );
98int match_host( struct line_list *list, struct host_information *host,
99	int invert );
100int portmatch( char *val, int port );
101int match_range( struct line_list *list, int port, int invert );
102int match_char( struct line_list *list, int value, int invert );
103int match_group( struct line_list *list, const char *str, int invert );
104int ingroup( char *group, const char *user );
105void Dump_perm_check( char *title,  struct perm_check *check );
106void Perm_check_to_list( struct line_list *list, struct perm_check *check );
107
108#endif
109