authprintdir is configured per-server and per printer.
The 'ca' flag in papd.conf now takes a directory ie "ca=/tmp/print"
extern struct oforks *writtenfork;
-/* for CAP style authenticated printing */
-#ifdef CAPDIR
-extern int addr_net, addr_node, addr_uid;
-#endif /* CAPDIR */
-
static AFPObj *child;
static __inline__ void afp_asp_close(AFPObj *obj)
struct sigaction action;
int func, ccnt = 0, reply = 0;
-#ifdef CAPDIR
- char addr_filename[256];
- struct stat cap_st;
-#endif /* CAPDIR */
-
obj->exit = afp_asp_die;
obj->reply = (int (*)()) asp_cmdreply;
obj->attention = (int (*)(void *, AFPUserBytes)) asp_attention;
afp_asp_die(1);
}
-#ifdef CAPDIR
- addr_net = ntohs( asp->asp_sat.sat_addr.s_net );
- addr_node = asp->asp_sat.sat_addr.s_node;
-#endif /* CAPDIR */
-
syslog( LOG_INFO, "session from %u.%u:%u on %u.%u:%u",
ntohs( asp->asp_sat.sat_addr.s_net ),
asp->asp_sat.sat_addr.s_node, asp->asp_sat.sat_port,
while ((reply = asp_getrequest(asp))) {
switch (reply) {
case ASPFUNC_CLOSE :
- afp_asp_close(obj);
- syslog( LOG_INFO, "done" );
+ if (obj->options.authprintdir) {
+ char addr_filename[256];
+ struct stat cap_st;
+
+ sprintf(addr_filename, "%s/net%d.%dnode%d", obj->options.authprintdir,
+ ntohs( asp->asp_sat.sat_addr.s_net )/256,
+ ntohs( asp->asp_sat.sat_addr.s_net )%256,
+ asp->asp_sat.sat_addr.s_node );
-#ifdef CAPDIR
- sprintf(addr_filename, "%s/net%d.%dnode%d", CAPDIR, addr_net/256, addr_net%256, addr_node);
- if(stat(addr_filename, &cap_st) == 0) {
+ if(stat(addr_filename, &cap_st) == 0) {
if(unlink(addr_filename) == 0) {
syslog(LOG_INFO, "removed %s", addr_filename);
} else {
syslog(LOG_INFO, "error removing %s: %m", addr_filename);
}
- } else {
+ } else {
syslog(LOG_INFO, "error stat'ing %s: %m", addr_filename);
+ }
}
-#endif /* CAPDIR */
+
+ afp_asp_close(obj);
+ syslog( LOG_INFO, "done" );
if ( obj->options.flags & OPTION_DEBUG ) {
printf( "done\n" );
options->transports = AFPTRANS_ALL;
options->passwdfile = _PATH_AFPDPWFILE;
options->tickleval = 30;
+ options->authprintdir = NULL;
#ifdef ADMIN_GRP
options->admingid = 0;
#endif ADMIN_GRP
}
}
#endif
+
+ if ((c = getoption(buf, "-authprintdir")) && (opt = strdup(c)))
+ options->authprintdir = opt;
if ((c = getoption(buf, "-uampath")) && (opt = strdup(c)))
options->uampath = opt;
if ((c = getoption(buf, "-uamlist")) && (opt = strdup(c)))
static struct uam_obj *afp_uam = NULL;
-/* Variables for CAP style printer authentication */
-#ifdef CAPDIR
-extern int addr_net, addr_node, addr_uid;
-extern char addr_name[32];
-#endif /* CAPDIR */
-
void status_versions( data )
char *data;
{
static int login(AFPObj *obj, struct passwd *pwd, void (*logout)(void))
{
-#ifdef CAPDIR
- char nodename[256];
- FILE *fp;
-#endif /* CAPDIR */
#ifdef ADMIN_GRP
int admin = 0;
- struct afp_options *options = &obj->options;
#endif ADMIN_GRP
/* UAM had syslog control; afpd needs to reassert itself */
syslog( LOG_INFO, "login %s (uid %d, gid %d)", pwd->pw_name,
pwd->pw_uid, pwd->pw_gid );
-#ifdef CAPDIR
- if(addr_net && addr_node) { /* Do we have a valid Appletalk address? */
- addr_uid = pwd->pw_uid;
- strncpy(addr_name, pwd->pw_name, 32);
- sprintf(nodename, "%s/net%d.%dnode%d", CAPDIR, addr_net / 256, addr_net % 256, addr_node);
- syslog (LOG_INFO, "registering %s (uid %d) on %u.%u as %s",
- addr_name, addr_uid, addr_net, addr_node, nodename);
- fp = fopen(nodename, "w");
- fprintf(fp, "%s\n", addr_name);
- fclose(fp);
- }
-#endif /* CAPDIR */
+ if (obj->proto == AFPPROTO_ASP) {
+ ASP asp = obj->handle;
+ int addr_net = ntohs( asp->asp_sat.sat_addr.s_net );
+ int addr_node = asp->asp_sat.sat_addr.s_node;
+
+ if (obj->options.authprintdir) {
+ if(addr_net && addr_node) { /* Do we have a valid Appletalk address? */
+ char nodename[256];
+ FILE *fp;
+ struct stat stat_buf;
+
+ sprintf(nodename, "%s/net%d.%dnode%d", obj->options.authprintdir,
+ addr_net / 256, addr_net % 256, addr_node);
+ syslog (LOG_INFO, "registering %s (uid %d) on %u.%u as %s",
+ pwd->pw_name, pwd->pw_uid, addr_net, addr_node, nodename);
+
+ if (stat(nodename, &stat_buf) == 0) { /* file exists */
+ if (S_ISREG(stat_buf.st_mode)) { /* normal file */
+ unlink(nodename);
+ fp = fopen(nodename, "w");
+ fprintf(fp, "%s\n", pwd->pw_name);
+ fclose(fp);
+ chown( nodename, pwd->pw_uid, -1 );
+ } else { /* somebody is messing with us */
+ syslog( LOG_ERR, "print authfile %s is not a normal file, it will not be modified", nodename );
+ }
+ } else { /* file 'nodename' does not exist */
+ fp = fopen(nodename, "w");
+ fprintf(fp, "%s\n", pwd->pw_name);
+ fclose(fp);
+ chown( nodename, pwd->pw_uid, -1 );
+ }
+ } /* if (addr_net && addr_node ) */
+ } /* if (options->authprintdir) */
+ } /* if (obj->proto == AFPPROTO_ASP) */
if (initgroups( pwd->pw_name, pwd->pw_gid ) < 0) {
#ifdef RUN_AS_USER
}
#ifdef ADMIN_GRP
#ifdef DEBUG
- syslog(LOG_INFO, "options->admingid == %d", options->admingid);
+ syslog(LOG_INFO, "obj->options.admingid == %d", obj->options.admingid);
#endif DEBUG
- if (options->admingid != 0) {
+ if (obj->options.admingid != 0) {
int i;
for (i = 0; i < ngroups; i++) {
- if (groups[i] == options->admingid) admin = 1;
+ if (groups[i] == obj->options.admingid) admin = 1;
}
}
if (admin) syslog( LOG_INFO, "admin login -- %s", pwd->pw_name );
char *pidfile, *defaultvol, *systemvol;
char *guest, *loginmesg, *keyfile, *passwdfile;
char *uamlist;
+ char *authprintdir;
#ifdef ADMIN_GRP
gid_t admingid;
#endif ADMIN_GRP
/*
- * $Id: main.c,v 1.6 2001-05-22 19:13:36 rufustfirefly Exp $
+ * $Id: main.c,v 1.7 2001-05-23 23:55:23 samnoble Exp $
*
* Copyright (c) 1990,1993 Regents of The University of Michigan.
* All Rights Reserved. See COPYRIGHT.
static server_child *server_children;
static fd_set save_rfds;
-#ifdef CAPDIR
-int addr_net, addr_node, addr_uid;
-char addr_name[32];
-#endif CAPDIR
-
static void afp_exit(const int i)
{
server_unlock(default_options.pidfile);
char cost[ 22 ];
char balance[ 22 ];
#endif ABS_PRINT
-#if defined( CAPDIR ) || defined( USE_CAP )
- char username[32];
- int addr_net, addr_node;
- FILE *cap_file;
- struct stat cap_st;
- char addr_filename[256];
-#endif /* CAPDIR */
if ( printer->p_flags & P_AUTH ) {
authenticated = 0;
-#ifdef CAPDIR
- if ( printer->p_flags & P_AUTH_CAP ) {
- addr_net = ntohs( sat->sat_addr.s_net );
- addr_node = sat->sat_addr.s_node;
- sprintf(addr_filename, "%s/net%d.%dnode%d", CAPDIR, addr_net/256, addr_net%256, addr_node);
+
+ /* cap style "log on to afp server before printing" authentication */
+
+ if ( printer->p_authprintdir && (printer->p_flags & P_AUTH_CAP) ) {
+ int addr_net = ntohs( sat->sat_addr.s_net );
+ int addr_node = sat->sat_addr.s_node;
+ char addr_filename[256];
+ char username[32];
+ struct stat cap_st;
+ FILE *cap_file;
+
+ sprintf(addr_filename, "%s/net%d.%dnode%d",
+ printer->p_authprintdir, addr_net/256, addr_net%256,
+ addr_node);
if (stat(addr_filename, &cap_st) == 0) {
if ((cap_file = fopen(addr_filename, "r")) != NULL) {
if (fscanf(cap_file, "%s", username) != EOF) {
syslog(LOG_INFO, "CAP error: %m");
}
}
-#endif /* CAPDIR */
if ( printer->p_flags & P_AUTH_PSSP ) {
if ( lp.lp_person != NULL ) {
/*
* Do we want authenticated printing?
*/
- if ( pgetflag( "ca", &a ) == 1 ) {
+ if ((p = pgetstr( "ca", &a )) != NULL ) {
+ if ((pr->p_authprintdir = (char *)malloc(strlen(p)+1)) == NULL) {
+ perror( "malloc" );
+ exit(1);
+ }
+ strcpy( pr->p_authprintdir, p );
pr->p_flags |= P_AUTH;
pr->p_flags |= P_AUTH_CAP;
- }
+ } else { pr->p_authprintdir = NULL; }
+
if ( pgetflag( "sp", &a ) == 1 ) {
pr->p_flags |= P_AUTH;
pr->p_flags |= P_AUTH_PSSP;
char *p_psetdir;
#endif notdef
char *p_ppdfile;
+ char *p_authprintdir;
int p_flags;
struct at_addr p_addr;
union {