1/*
2 * This program is free software; you can redistribute it and/or
3 * modify it under the terms of the GNU General Public License as
4 * published by the Free Software Foundation; either version 2 of
5 * the License, or (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
15 * MA 02111-1307 USA
16 */
17/***************************************************************************
18 * LPRng - An Extended Print Spooler System
19 *
20 * Copyright 1988-2003, Patrick Powell, San Diego, CA
21 *     papowell@lprng.com
22 * See LICENSE for conditions of use.
23 * $Id: permission.h,v 1.1.1.1 2008/10/15 03:28:27 james26_jang Exp $
24 ***************************************************************************/
25
26
27
28#ifndef _PERMISSION_H_
29#define _PERMISSION_H_ 1
30
31/***************************************************************************
32 * Permissions keywords
33 ***************************************************************************/
34
35#define P_REJECT		-1
36#define P_ACCEPT		1
37#define P_NOT			2	/* invert test condition */
38#define P_SERVICE		3	/* Service listed below */
39#define P_USER			4	/* USER field from control file (LPR) or command */
40							/* if a command, the user name is sent with command */
41#define P_HOST			5	/* HOST field from control file */
42							/* if not a printing operation, then host name
43							sent with command */
44#define P_IP			6	/* IP address of HOST */
45#define P_PORT			7	/* remote connect */
46#define P_REMOTEHOST	8	/* remote end of connnection host name */
47							/* if printing, has the same value as HOST */
48#define P_REMOTEIP		9	/* remote end of connnection IP address */
49							/* if printing, has the same value as IP */
50#define P_PRINTER		10	/* printer */
51#define P_DEFAULT		11
52#define P_FORWARD		12	/* forward - REMOTE IP != IP */
53#define P_SAMEHOST		13	/* same host - REMOTE IP == IP */
54#define P_SAMEUSER		14	/* remote user name on command line == user in file */
55#define P_CONTROLLINE	15	/* line from control file */
56#define P_GROUP	 		16	/* user is in named group - uses getpwname() */
57#define P_SERVER	 	17	/* request is from the server */
58#define P_REMOTEUSER 	18	/* USER from control information */
59#define P_REMOTEGROUP	19	/* remote user is in named group - uses getpwname() */
60#define P_IFIP			20	/* interface IP address */
61#define P_LPC			21	/* LPC operations */
62#define P_AUTH			22	/* authentication type - USER, SERVER, NONE */
63#define P_AUTHTYPE		23	/* authentication type */
64#define P_AUTHUSER		24	/* authentication user name */
65#define P_AUTHFROM		25	/* from client or name */
66#define P_AUTHSAMEUSER	26	/* from same authenticated user name */
67#define P_AUTHJOB		27	/* job has authentication */
68#define P_REMOTEPORT	28	/* alias for PORT */
69#define P_UNIXSOCKET	29	/* connection via unixsocket - localhost + port 0 */
70#define P_AUTHCA		30	/* Certifying authority */
71
72/*
73 * First character of protocol to letter mappings
74 */
75
76#define STARTPR     'P'  /* 1  - from lPc */
77#define RECVJOB     'R'  /* 2  - from lpR, connection for printer */
78#define TRANSFERJOB 'T'  /* 2  - from lpR, user information in job */
79#define SHORTSTAT   'Q'  /* 3  - from lpQ */
80#define LONGSTAT    'Q'  /* 4  - from lpQ */
81#define REMOVEJOB   'M'  /* 5  - from lprM */
82#define CONNECTION  'X'  /* connection from remote host */
83
84struct perm_check {
85	const char *user;				/* USER field from control file */
86							/* or REMOTEUSER from command line */
87	const char *remoteuser;		/* remote user name sent on command line */
88							/* or USER field if no command line */
89	struct host_information *host;	/* HOST field from control file */
90							/* or REMOTEHOST if no control file */
91	struct host_information *remotehost;/* remote HOST name making connection */
92							/* or HOST if no control file */
93	int	port;				/* port for remote connection */
94	const char *printer;			/* printer name */
95	// struct sockaddr addr;	/* IF address information */
96	int unix_socket;		/* connection via unix socket */
97	int service;			/* first character service */
98	const char *lpc;				/* lpc operation */
99
100	const char *authtype;			/* authentication type */
101	const char *authfrom;			/* authentication from */
102	const char *authuser;			/* user from */
103	const char *authca;				/* authentication certifying authority */
104};
105
106EXTERN struct perm_check Perm_check;
107
108/* PROTOTYPES */
109char *perm_str( int n );
110int perm_val( char *s );
111int Perms_check( struct line_list *perms, struct perm_check *check,
112	struct job *job, int job_check );
113int match( struct line_list *list, const char *str, int invert );
114int match_host( struct line_list *list, struct host_information *host,
115	int invert );
116int portmatch( char *val, int port );
117int match_range( struct line_list *list, int port, int invert );
118int match_char( struct line_list *list, int value, int invert );
119int match_group( struct line_list *list, const char *str, int invert );
120int ingroup( char *group, const char *user );
121void Dump_perm_check( char *title,  struct perm_check *check );
122void Perm_check_to_list( struct line_list *list, struct perm_check *check );
123
124#endif
125