Index: conf/cupsd.conf.in
===================================================================
--- conf/cupsd.conf.in (revision 9351)
+++ conf/cupsd.conf.in (revision 9352)
@@ -45,6 +45,12 @@
# Set the default printer/job policies...
+ # Job/subscription privacy...
+ JobPrivateAccess default
+ JobPrivateValues default
+ SubscriptionPrivateAccess default
+ SubscriptionPrivateAccess default
+
# Job-related operations must be done by the owner or an administrator...
Order deny,allow
@@ -63,14 +69,14 @@
# All printer operations require a printer operator to authenticate...
-
+
AuthType Default
Require user @CUPS_DEFAULT_PRINTOPERATOR_AUTH@
Order deny,allow
# Only the owner or an administrator can cancel or authenticate a job...
-
+
Require user @OWNER @CUPS_DEFAULT_PRINTOPERATOR_AUTH@
Order deny,allow
@@ -82,6 +88,12 @@
# Set the authenticated printer/job policies...
+ # Job/subscription privacy...
+ JobPrivateAccess default
+ JobPrivateValues default
+ SubscriptionPrivateAccess default
+ SubscriptionPrivateAccess default
+
# Job-related operations must be done by the owner or an administrator...
AuthType Default
@@ -102,14 +114,14 @@
# All printer operations require a printer operator to authenticate...
-
+
AuthType Default
Require user @CUPS_DEFAULT_PRINTOPERATOR_AUTH@
Order deny,allow
# Only the owner or an administrator can cancel or authenticate a job...
-
+
AuthType Default
Require user @OWNER @CUPS_DEFAULT_PRINTOPERATOR_AUTH@
Order deny,allow
Index: doc/help/ref-cupsd-conf.html.in
===================================================================
--- doc/help/ref-cupsd-conf.html.in (revision 9351)
+++ doc/help/ref-cupsd-conf.html.in (revision 9352)
@@ -1479,6 +1479,48 @@
HREF="#ServerRoot">ServerRoot
directory.
+
+
+Examples
+
+
+JobPrivateAccess all
+JobPrivateAccess default
+JobPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
+
+
+Description
+
+The JobPrivateAccess
directive specifies the access list for a
+job's private values. The "default" access list is "@OWNER @SYSTEM". "@ACL" maps
+to the printer's requesting-user-name-allowed or requesting-user-name-denied
+values.
+
+The JobPrivateAccess
directive must appear inside a Policy
section.
+
+
+
+
+Examples
+
+
+JobPrivateValues all
+JobPrivateValues default
+JobPrivateValues none
+JobPrivateValues attribute-name-1 [ ... attribute-name-N ]
+
+
+Description
+
+The JobPrivateValues
directive specifies the list of job values
+to make private. The "default" values are "job-name",
+"job-originating-host-name", and "job-originating-user-name".
+
+The JobPrivateValues
directive must appear inside a Policy
section.
+
+
Examples
@@ -2985,6 +3027,49 @@
can be specified to listen on multiple ports.
+
+
+Examples
+
+
+SubscriptionPrivateAccess all
+SubscriptionPrivateAccess default
+SubscriptionPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
+
+
+Description
+
+The SubscriptionPrivateAccess
directive specifies the access list for a
+subscription's private values. The "default" access list is "@OWNER @SYSTEM".
+"@ACL" maps to the printer's requesting-user-name-allowed or
+requesting-user-name-denied values.
+
+The SubscriptionPrivateAccess
directive must appear inside a Policy
section.
+
+
+
+
+Examples
+
+
+SubscriptionPrivateValues all
+SubscriptionPrivateValues default
+SubscriptionPrivateValues none
+SubscriptionPrivateValues attribute-name-1 [ ... attribute-name-N ]
+
+
+Description
+
+The SubscriptionPrivateValues
directive specifies the list of
+subscription values to make private. The "default" values are "notify-events",
+"notify-pull-method", "notify-recipient-uri", "notify-subscriber-user-name", and
+"notify-user-data".
+
+The SubscriptionPrivateValues
directive must appear inside a Policy
section.
+
+
Examples
Index: man/cupsd.conf.man.in
===================================================================
--- man/cupsd.conf.man.in (revision 9351)
+++ man/cupsd.conf.man.in (revision 9352)
@@ -12,7 +12,7 @@
.\" which should have been included with this file. If this file is
.\" file is missing or damaged, see the license at "http://www.cups.org/".
.\"
-.TH cupsd.conf 5 "CUPS" "28 January 2010" "Apple Inc."
+.TH cupsd.conf 5 "CUPS" "5 November 2010" "Apple Inc."
.SH NAME
cupsd.conf \- server configuration file for cups
.SH DESCRIPTION
@@ -400,6 +400,26 @@
Specifies the number of seconds to wait before killing the filters and backend
associated with a canceled or held job.
.TP 5
+JobPrivateAccess all
+.TP 5
+JobPrivateAccess default
+.TP 5
+JobPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
+.br
+Specifies an access list for a job's private values. The "default" access list
+is "@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed
+or requesting-user-name-denied values.
+.TP 5
+JobPrivateValues all
+.TP 5
+JobPrivateValues default
+.TP 5
+JobPrivateValues none
+.TP 5
+JobPrivateValues attribute-name-1 [ ... attribute-name-N ]
+Specifies the list of job values to make private. The "default" values are
+"job-name", "job-originating-host-name", and "job-originating-user-name".
+.TP 5
JobRetryInterval seconds
.br
Specifies the interval between retries of jobs in seconds.
@@ -686,6 +706,27 @@
.br
Listens on the specified port for encrypted connections.
.TP 5
+SubscriptionPrivateAccess all
+.TP 5
+SubscriptionPrivateAccess default
+.TP 5
+SubscriptionPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
+.br
+Specifies an access list for a subscription's private values. The "default"
+access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's
+requesting-user-name-allowed or requesting-user-name-denied values.
+.TP 5
+SubscriptionPrivateValues all
+.TP 5
+SubscriptionPrivateValues default
+.TP 5
+SubscriptionPrivateValues none
+.TP 5
+SubscriptionPrivateValues attribute-name-1 [ ... attribute-name-N ]
+Specifies the list of job values to make private. The "default" values are
+"notify-events", "notify-pull-method", "notify-recipient-uri",
+"notify-subscriber-user-name", and "notify-user-data".
+.TP 5
SystemGroup group-name [group-name ...]
.br
Specifies the group(s) to use for System class authentication.
@@ -708,7 +749,7 @@
.br
http://localhost:631/help
.SH COPYRIGHT
-Copyright 2007-2009 by Apple Inc.
+Copyright 2007-2010 by Apple Inc.
.\"
.\" End of "$Id$".
.\"
Index: test/run-stp-tests.sh
===================================================================
--- test/run-stp-tests.sh (revision 9351)
+++ test/run-stp-tests.sh (revision 9352)
@@ -736,10 +736,10 @@
# Warning log messages
count=`grep '^W ' /tmp/cups-$user/log/error_log | wc -l | awk '{print $1}'`
-if test $count != 0; then
- echo "FAIL: $count warning messages, expected 0."
+if test $count != 9; then
+ echo "FAIL: $count warning messages, expected 9."
grep '^W ' /tmp/cups-$user/log/error_log
- echo "FAIL: $count warning messages, expected 0.
" >>$strfile
+ echo "FAIL: $count warning messages, expected 9.
" >>$strfile
echo "" >>$strfile
grep '^W ' /tmp/cups-$user/log/error_log | sed -e '1,$s/&/&/g' -e '1,$s/</g' >>$strfile
echo "
" >>$strfile
Index: test/4.4-subscription-ops.test
===================================================================
--- test/4.4-subscription-ops.test (revision 9351)
+++ test/4.4-subscription-ops.test (revision 9352)
@@ -16,6 +16,7 @@
ATTR charset attributes-charset utf-8
ATTR language attributes-natural-language en
ATTR uri printer-uri $scheme://$hostname:$port/printers/Test1
+ ATTR name requesting-user-name $user
GROUP subscription
ATTR uri notify-recipient-uri testnotify://
@@ -48,6 +49,7 @@
ATTR language attributes-natural-language en
ATTR uri printer-uri $scheme://$hostname:$port/printers/Test1
ATTR integer notify-subscription-id $notify-subscription-id
+ ATTR name requesting-user-name $user
# What statuses are OK?
STATUS client-error-not-found
@@ -69,6 +71,7 @@
ATTR charset attributes-charset utf-8
ATTR language attributes-natural-language en
ATTR uri printer-uri $scheme://$hostname:$port/printers/Test1
+ ATTR name requesting-user-name $user
GROUP subscription
ATTR uri notify-recipient-uri testnotify://
@@ -102,6 +105,7 @@
ATTR charset attributes-charset utf-8
ATTR language attributes-natural-language en
ATTR uri printer-uri $scheme://$hostname:$port/printers/Test1
+ ATTR name requesting-user-name $user
# What statuses are OK?
STATUS successful-ok
@@ -129,6 +133,7 @@
ATTR charset attributes-charset utf-8
ATTR language attributes-natural-language en
ATTR uri printer-uri $scheme://$hostname:$port/printers/Test1
+ ATTR name requesting-user-name $user
GROUP subscription
ATTR uri notify-recipient-uri testnotify://
Index: CHANGES.txt
===================================================================
--- CHANGES.txt (revision 9351)
+++ CHANGES.txt (revision 9352)
@@ -1,8 +1,10 @@
-CHANGES.txt - 2010-11-02
+CHANGES.txt - 2010-11-05
------------------------
CHANGES IN CUPS V1.5b1
+ - The scheduler now provides privacy controls for jobs and subscriptions
+ (STR #2969)
- Added new cupsArrayNew3 API which offers memory management of array
elements.
- Added several new color spaces to the CUPS raster format (STR #3419)
Index: scheduler/policy.c
===================================================================
--- scheduler/policy.c (revision 9351)
+++ scheduler/policy.c (revision 9352)
@@ -14,13 +14,19 @@
*
* Contents:
*
- * cupsdAddPolicy() - Add a policy to the system.
+ * AddPolicy() - Add a policy to the system.
* cupsdAddPolicyOp() - Add an operation to a policy.
- * cupsdCheckPolicy() - Check the IPP operation and username against
- * a policy.
+ * cupsdCheckPolicy() - Check the IPP operation and username against a
+ * policy.
* cupsdDeleteAllPolicies() - Delete all policies in memory.
* cupsdFindPolicy() - Find a named policy.
* cupsdFindPolicyOp() - Find a policy operation.
+ * cupsdGetPrivateAttrs() - Get the private attributes for the current
+ * request.
+ * compare_ops() - Compare two operations.
+ * compare_policies() - Compare two policies.
+ * free_policy() - Free the memory used by a policy.
+ * hash_op() - Generate a lookup hash for the operation.
*/
/*
@@ -28,6 +34,7 @@
*/
#include "cupsd.h"
+#include
/*
@@ -263,6 +270,197 @@
/*
+ * 'cupsdGetPrivateAttrs()' - Get the private attributes for the current
+ * request.
+ */
+
+cups_array_t * /* O - Array or NULL for no restrictions */
+cupsdGetPrivateAttrs(
+ cupsd_policy_t *policy, /* I - Policy */
+ cupsd_client_t *con, /* I - Client connection */
+ cupsd_printer_t *printer, /* I - Printer, if any */
+ const char *owner) /* I - Owner of object */
+{
+ char *name; /* Current name in access list */
+ cups_array_t *access_ptr, /* Access array */
+ *attrs_ptr; /* Attributes array */
+ const char *username; /* Username associated with request */
+ ipp_attribute_t *attr; /* Attribute from request */
+ struct passwd *pw; /* User info */
+
+
+#ifdef DEBUG
+ cupsdLogMessage(CUPSD_LOG_DEBUG2,
+ "cupsdGetPrivateAttrs(policy=%p(%s), con=%p(%d), "
+ "printer=%p(%s), owner=\"%s\")", policy, policy->name, con,
+ con->http.fd, printer, printer ? printer->name : "", owner);
+#endif /* DEBUG */
+
+ /*
+ * Get the access and attributes lists that correspond to the request...
+ */
+
+#ifdef DEBUG
+ cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdGetPrivateAttrs: %s",
+ ippOpString(con->request->request.op.operation_id));
+#endif /* DEBUG */
+
+ switch (con->request->request.op.operation_id)
+ {
+ case IPP_GET_SUBSCRIPTIONS :
+ case IPP_GET_SUBSCRIPTION_ATTRIBUTES :
+ case IPP_GET_NOTIFICATIONS :
+ access_ptr = policy->sub_access;
+ attrs_ptr = policy->sub_attrs;
+ break;
+
+ default :
+ access_ptr = policy->job_access;
+ attrs_ptr = policy->job_attrs;
+ break;
+ }
+
+ /*
+ * If none of the attributes are private, return NULL now...
+ */
+
+ if ((name = (char *)cupsArrayFirst(attrs_ptr)) != NULL &&
+ !strcasecmp(name, "none"))
+ {
+#ifdef DEBUG
+ cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdGetPrivateAttrs: Returning NULL.");
+#endif /* DEBUG */
+
+ return (NULL);
+ }
+
+ /*
+ * Otherwise check the user against the access list...
+ */
+
+ if (con->username[0])
+ username = con->username;
+ else if ((attr = ippFindAttribute(con->request, "requesting-user-name",
+ IPP_TAG_NAME)) != NULL)
+ username = attr->values[0].string.text;
+ else
+ username = "anonymous";
+
+ if (username[0])
+ {
+ pw = getpwnam(username);
+ endpwent();
+ }
+ else
+ pw = NULL;
+
+#ifdef DEBUG
+ cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdGetPrivateAttrs: username=\"%s\"",
+ username);
+#endif /* DEBUG */
+
+ /*
+ * Otherwise check the user against the access list...
+ */
+
+ for (name = (char *)cupsArrayFirst(access_ptr);
+ name;
+ name = (char *)cupsArrayNext(access_ptr))
+ {
+#ifdef DEBUG
+ cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdGetPrivateAttrs: name=%s", name);
+#endif /* DEBUG */
+
+ if (printer && !strcasecmp(name, "@ACL"))
+ {
+ char *acl; /* Current ACL user/group */
+
+ for (acl = (char *)cupsArrayFirst(printer->users);
+ acl;
+ acl = (char *)cupsArrayNext(printer->users))
+ {
+ if (acl[0] == '@')
+ {
+ /*
+ * Check group membership...
+ */
+
+ if (cupsdCheckGroup(username, pw, acl + 1))
+ break;
+ }
+ else if (acl[0] == '#')
+ {
+ /*
+ * Check UUID...
+ */
+
+ if (cupsdCheckGroup(username, pw, acl))
+ break;
+ }
+ else if (!strcasecmp(username, acl))
+ break;
+ }
+ }
+ else if (owner && !strcasecmp(name, "@OWNER") &&
+ !strcasecmp(username, owner))
+ {
+#ifdef DEBUG
+ cupsdLogMessage(CUPSD_LOG_DEBUG2,
+ "cupsdGetPrivateAttrs: Returning NULL.");
+#endif /* DEBUG */
+
+ return (NULL);
+ }
+ else if (!strcasecmp(name, "@SYSTEM"))
+ {
+ int i; /* Looping var */
+
+ for (i = 0; i < NumSystemGroups; i ++)
+ if (cupsdCheckGroup(username, pw, SystemGroups[i]))
+ {
+#ifdef DEBUG
+ cupsdLogMessage(CUPSD_LOG_DEBUG2,
+ "cupsdGetPrivateAttrs: Returning NULL.");
+#endif /* DEBUG */
+
+ return (NULL);
+ }
+ }
+ else if (name[0] == '@')
+ {
+ if (cupsdCheckGroup(username, pw, name + 1))
+ {
+#ifdef DEBUG
+ cupsdLogMessage(CUPSD_LOG_DEBUG2,
+ "cupsdGetPrivateAttrs: Returning NULL.");
+#endif /* DEBUG */
+
+ return (NULL);
+ }
+ }
+ else if (!strcasecmp(username, name))
+ {
+#ifdef DEBUG
+ cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdGetPrivateAttrs: Returning NULL.");
+#endif /* DEBUG */
+
+ return (NULL);
+ }
+ }
+
+ /*
+ * No direct access, so return private attributes list...
+ */
+
+#ifdef DEBUG
+ cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdGetPrivateAttrs: Returning list.");
+#endif /* DEBUG */
+
+ return (attrs_ptr);
+}
+
+
+/*
* 'compare_ops()' - Compare two operations.
*/
@@ -293,6 +491,10 @@
static void
free_policy(cupsd_policy_t *p) /* I - Policy to free */
{
+ cupsArrayDelete(p->job_access);
+ cupsArrayDelete(p->job_attrs);
+ cupsArrayDelete(p->sub_access);
+ cupsArrayDelete(p->sub_attrs);
cupsArrayDelete(p->ops);
cupsdClearString(&p->name);
free(p);
Index: scheduler/policy.h
===================================================================
--- scheduler/policy.h (revision 9351)
+++ scheduler/policy.h (revision 9352)
@@ -21,10 +21,16 @@
typedef struct
{
char *name; /* Policy name */
- cups_array_t *ops; /* Operations */
+ cups_array_t *job_access, /* Private users/groups for jobs */
+ *job_attrs, /* Private attributes for jobs */
+ *sub_access, /* Private users/groups for subscriptions */
+ *sub_attrs, /* Private attributes for subscriptions */
+ *ops; /* Operations */
} cupsd_policy_t;
+typedef struct cupsd_printer_s cupsd_printer_t;
+
/*
* Globals...
*/
@@ -46,6 +52,10 @@
extern void cupsdDeleteAllPolicies(void);
extern cupsd_policy_t *cupsdFindPolicy(const char *policy);
extern cupsd_location_t *cupsdFindPolicyOp(cupsd_policy_t *p, ipp_op_t op);
+extern cups_array_t *cupsdGetPrivateAttrs(cupsd_policy_t *p,
+ cupsd_client_t *con,
+ cupsd_printer_t *printer,
+ const char *owner);
/*
Index: scheduler/conf.c
===================================================================
--- scheduler/conf.c (revision 9351)
+++ scheduler/conf.c (revision 9352)
@@ -29,6 +29,7 @@
* read_configuration() - Read a configuration file.
* read_location() - Read a definition.
* read_policy() - Read a definition.
+ * set_policy_defaults() - Set default policy values as needed.
*/
/*
@@ -209,6 +210,7 @@
static int read_configuration(cups_file_t *fp);
static int read_location(cups_file_t *fp, char *name, int linenum);
static int read_policy(cups_file_t *fp, char *name, int linenum);
+static void set_policy_defaults(cupsd_policy_t *pol);
/*
@@ -1165,6 +1167,27 @@
DefaultPolicyPtr = p = cupsdAddPolicy("default");
cupsdLogMessage(CUPSD_LOG_INFO, "");
+
+ cupsdLogMessage(CUPSD_LOG_INFO, "JobPrivateAccess default");
+ cupsdAddString(&(p->job_access), "@OWNER");
+ cupsdAddString(&(p->job_access), "@SYSTEM");
+
+ cupsdLogMessage(CUPSD_LOG_INFO, "JobPrivateValues default");
+ cupsdAddString(&(p->job_attrs), "job-name");
+ cupsdAddString(&(p->job_attrs), "job-originating-host-name");
+ cupsdAddString(&(p->job_attrs), "job-originating-user-name");
+
+ cupsdLogMessage(CUPSD_LOG_INFO, "SubscriptionPrivateAccess default");
+ cupsdAddString(&(p->sub_access), "@OWNER");
+ cupsdAddString(&(p->sub_access), "@SYSTEM");
+
+ cupsdLogMessage(CUPSD_LOG_INFO, "SubscriptionPrivateValues default");
+ cupsdAddString(&(p->job_attrs), "notify-events");
+ cupsdAddString(&(p->job_attrs), "notify-pull-method");
+ cupsdAddString(&(p->job_attrs), "notify-recipient-uri");
+ cupsdAddString(&(p->job_attrs), "notify-subscriber-user-name");
+ cupsdAddString(&(p->job_attrs), "notify-user-data");
+
cupsdLogMessage(CUPSD_LOG_INFO,
"");
cupsdLogMessage(CUPSD_LOG_INFO, "Order Deny,Allow");
@@ -1184,7 +1207,7 @@
"Set-Job-Attributes Create-Job-Subscription "
"Renew-Subscription Cancel-Subscription "
"Get-Notifications Reprocess-Job Cancel-Current-Job "
- "Suspend-Current-Job Resume-Job Cancel-Jobs "
+ "Suspend-Current-Job Resume-Job "
"Cancel-My-Jobs Close-Job CUPS-Move-Job "
"CUPS-Authenticate-Job CUPS-Get-Document>");
cupsdLogMessage(CUPSD_LOG_INFO, "Order Deny,Allow");
@@ -1212,7 +1235,6 @@
cupsdAddPolicyOp(p, po, IPP_CANCEL_CURRENT_JOB);
cupsdAddPolicyOp(p, po, IPP_SUSPEND_CURRENT_JOB);
cupsdAddPolicyOp(p, po, IPP_RESUME_JOB);
- cupsdAddPolicyOp(p, po, IPP_CANCEL_JOBS);
cupsdAddPolicyOp(p, po, IPP_CANCEL_MY_JOBS);
cupsdAddPolicyOp(p, po, IPP_CLOSE_JOB);
cupsdAddPolicyOp(p, po, CUPS_MOVE_JOB);
@@ -1228,7 +1250,7 @@
"Hold-New-Jobs Release-Held-New-Jobs "
"Deactivate-Printer Activate-Printer Restart-Printer "
"Shutdown-Printer Startup-Printer Promote-Job "
- "Schedule-Job-After CUPS-Add-Printer "
+ "Schedule-Job-After Cancel-Jobs CUPS-Add-Printer "
"CUPS-Delete-Printer CUPS-Add-Class CUPS-Delete-Class "
"CUPS-Accept-Jobs CUPS-Reject-Jobs CUPS-Set-Default>");
cupsdLogMessage(CUPSD_LOG_INFO, "Order Deny,Allow");
@@ -1256,6 +1278,7 @@
cupsdAddPolicyOp(p, po, IPP_STARTUP_PRINTER);
cupsdAddPolicyOp(p, po, IPP_PROMOTE_JOB);
cupsdAddPolicyOp(p, po, IPP_SCHEDULE_JOB_AFTER);
+ cupsdAddPolicyOp(p, po, IPP_CANCEL_JOBS);
cupsdAddPolicyOp(p, po, CUPS_ADD_PRINTER);
cupsdAddPolicyOp(p, po, CUPS_DELETE_PRINTER);
cupsdAddPolicyOp(p, po, CUPS_ADD_CLASS);
@@ -3689,107 +3712,8 @@
"Missing before on line %d!",
linenum);
- /*
- * Verify that we have an explicit policy for Validate-Job, Cancel-Jobs,
- * Cancel-My-Jobs, Close-Job, and CUPS-Get-Document, which ensures that
- * upgrades do not introduce new security issues...
- */
+ set_policy_defaults(pol);
- if ((op = cupsdFindPolicyOp(pol, IPP_VALIDATE_JOB)) == NULL ||
- op->op == IPP_ANY_OPERATION)
- {
- if ((op = cupsdFindPolicyOp(pol, IPP_PRINT_JOB)) != NULL &&
- op->op != IPP_ANY_OPERATION)
- {
- /*
- * Add a new limit for Validate-Job using the Print-Job limit as a
- * template...
- */
-
- cupsdLogMessage(CUPSD_LOG_WARN,
- "No limit for Validate-Job defined in policy %s "
- "- using Print-Job's policy", pol->name);
-
- cupsdAddPolicyOp(pol, op, IPP_VALIDATE_JOB);
- }
- }
-
- if ((op = cupsdFindPolicyOp(pol, IPP_CANCEL_JOBS)) == NULL ||
- op->op == IPP_ANY_OPERATION)
- {
- if ((op = cupsdFindPolicyOp(pol, IPP_CANCEL_JOB)) != NULL &&
- op->op != IPP_ANY_OPERATION)
- {
- /*
- * Add a new limit for Cancel-Jobs using the Cancel-Job limit as a
- * template...
- */
-
- cupsdLogMessage(CUPSD_LOG_WARN,
- "No limit for Cancel-Jobs defined in policy %s "
- "- using Cancel-Job's policy", pol->name);
-
- cupsdAddPolicyOp(pol, op, IPP_CANCEL_JOBS);
- }
- }
-
- if ((op = cupsdFindPolicyOp(pol, IPP_CANCEL_MY_JOBS)) == NULL ||
- op->op == IPP_ANY_OPERATION)
- {
- if ((op = cupsdFindPolicyOp(pol, IPP_SEND_DOCUMENT)) != NULL &&
- op->op != IPP_ANY_OPERATION)
- {
- /*
- * Add a new limit for Cancel-My-Jobs using the Send-Document limit as
- * a template...
- */
-
- cupsdLogMessage(CUPSD_LOG_WARN,
- "No limit for Cancel-My-Jobs defined in policy %s "
- "- using Send-Document's policy", pol->name);
-
- cupsdAddPolicyOp(pol, op, IPP_CANCEL_MY_JOBS);
- }
- }
-
- if ((op = cupsdFindPolicyOp(pol, IPP_CLOSE_JOB)) == NULL ||
- op->op == IPP_ANY_OPERATION)
- {
- if ((op = cupsdFindPolicyOp(pol, IPP_SEND_DOCUMENT)) != NULL &&
- op->op != IPP_ANY_OPERATION)
- {
- /*
- * Add a new limit for Close-Job using the Send-Document limit as a
- * template...
- */
-
- cupsdLogMessage(CUPSD_LOG_WARN,
- "No limit for Close-Job defined in policy %s "
- "- using Send-Document's policy", pol->name);
-
- cupsdAddPolicyOp(pol, op, IPP_CLOSE_JOB);
- }
- }
-
- if ((op = cupsdFindPolicyOp(pol, CUPS_GET_DOCUMENT)) == NULL ||
- op->op == IPP_ANY_OPERATION)
- {
- if ((op = cupsdFindPolicyOp(pol, IPP_SEND_DOCUMENT)) != NULL &&
- op->op != IPP_ANY_OPERATION)
- {
- /*
- * Add a new limit for CUPS-Get-Document using the Send-Document
- * limit as a template...
- */
-
- cupsdLogMessage(CUPSD_LOG_WARN,
- "No limit for CUPS-Get-Document defined in policy %s "
- "- using Send-Document's policy", pol->name);
-
- cupsdAddPolicyOp(pol, op, CUPS_GET_DOCUMENT);
- }
- }
-
return (linenum);
}
else if (!strcasecmp(line, "... "
+ "on line %d.", line, linenum);
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
+ return (0);
+ }
+ else
+ {
+ /*
+ * Pull out whitespace-delimited values...
+ */
+
+ while (*value)
+ {
+ /*
+ * Find the end of the current value...
+ */
+
+ for (valptr = value; !isspace(*valptr & 255) && *valptr; valptr ++);
+
+ if (*valptr)
+ *valptr++ = '\0';
+
+ /*
+ * Save it appropriately...
+ */
+
+ if (!strcasecmp(line, "JobPrivateAccess"))
+ {
+ /*
+ * JobPrivateAccess {all|default|user/group list|@@ACL}
+ */
+
+ if (!strcasecmp(value, "default"))
+ {
+ cupsdAddString(&(pol->job_access), "@OWNER");
+ cupsdAddString(&(pol->job_access), "@SYSTEM");
+ }
+ else
+ cupsdAddString(&(pol->job_access), value);
+ }
+ else if (!strcasecmp(line, "JobPrivateValues"))
+ {
+ /*
+ * JobPrivateValues {all|none|default|attribute list}
+ */
+
+ if (!strcasecmp(value, "default"))
+ {
+ cupsdAddString(&(pol->job_attrs), "job-name");
+ cupsdAddString(&(pol->job_attrs), "job-originating-host-name");
+ cupsdAddString(&(pol->job_attrs), "job-originating-user-name");
+ }
+ else
+ cupsdAddString(&(pol->job_attrs), value);
+ }
+ else if (!strcasecmp(line, "SubscriptionPrivateAccess"))
+ {
+ /*
+ * SubscriptionPrivateAccess {all|default|user/group list|@@ACL}
+ */
+
+ if (!strcasecmp(value, "default"))
+ {
+ cupsdAddString(&(pol->sub_access), "@OWNER");
+ cupsdAddString(&(pol->sub_access), "@SYSTEM");
+ }
+ else
+ cupsdAddString(&(pol->sub_access), value);
+ }
+ else /* if (!strcasecmp(line, "SubscriptionPrivateValues")) */
+ {
+ /*
+ * SubscriptionPrivateValues {all|none|default|attribute list}
+ */
+
+ if (!strcasecmp(value, "default"))
+ {
+ cupsdAddString(&(pol->sub_attrs), "notify-events");
+ cupsdAddString(&(pol->sub_attrs), "notify-pull-method");
+ cupsdAddString(&(pol->sub_attrs), "notify-recipient-uri");
+ cupsdAddString(&(pol->sub_attrs), "notify-subscriber-user-name");
+ cupsdAddString(&(pol->sub_attrs), "notify-user-data");
+ }
+ else
+ cupsdAddString(&(pol->sub_attrs), value);
+ }
+
+ /*
+ * Find the next string on the line...
+ */
+
+ for (value = valptr; isspace(*value & 255); value ++);
+ }
+ }
+ }
else if (!op)
{
cupsdLogMessage(CUPSD_LOG_ERROR,
@@ -3902,5 +3929,183 @@
/*
+ * 'set_policy_defaults()' - Set default policy values as needed.
+ */
+
+static void
+set_policy_defaults(cupsd_policy_t *pol)/* I - Policy */
+{
+ cupsd_location_t *op; /* Policy operation */
+
+
+ /*
+ * Verify that we have an explicit policy for Validate-Job, Cancel-Jobs,
+ * Cancel-My-Jobs, Close-Job, and CUPS-Get-Document, which ensures that
+ * upgrades do not introduce new security issues...
+ */
+
+ if ((op = cupsdFindPolicyOp(pol, IPP_VALIDATE_JOB)) == NULL ||
+ op->op == IPP_ANY_OPERATION)
+ {
+ if ((op = cupsdFindPolicyOp(pol, IPP_PRINT_JOB)) != NULL &&
+ op->op != IPP_ANY_OPERATION)
+ {
+ /*
+ * Add a new limit for Validate-Job using the Print-Job limit as a
+ * template...
+ */
+
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No limit for Validate-Job defined in policy %s "
+ "- using Print-Job's policy.", pol->name);
+
+ cupsdAddPolicyOp(pol, op, IPP_VALIDATE_JOB);
+ }
+ else
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No limit for Validate-Job defined in policy %s "
+ "and no suitable template found.", pol->name);
+ }
+
+ if ((op = cupsdFindPolicyOp(pol, IPP_CANCEL_JOBS)) == NULL ||
+ op->op == IPP_ANY_OPERATION)
+ {
+ if ((op = cupsdFindPolicyOp(pol, IPP_PAUSE_PRINTER)) != NULL &&
+ op->op != IPP_ANY_OPERATION)
+ {
+ /*
+ * Add a new limit for Cancel-Jobs using the Pause-Printer limit as a
+ * template...
+ */
+
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No limit for Cancel-Jobs defined in policy %s "
+ "- using Pause-Printer's policy.", pol->name);
+
+ cupsdAddPolicyOp(pol, op, IPP_CANCEL_JOBS);
+ }
+ else
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No limit for Cancel-Jobs defined in policy %s "
+ "and no suitable template found.", pol->name);
+ }
+
+ if ((op = cupsdFindPolicyOp(pol, IPP_CANCEL_MY_JOBS)) == NULL ||
+ op->op == IPP_ANY_OPERATION)
+ {
+ if ((op = cupsdFindPolicyOp(pol, IPP_SEND_DOCUMENT)) != NULL &&
+ op->op != IPP_ANY_OPERATION)
+ {
+ /*
+ * Add a new limit for Cancel-My-Jobs using the Send-Document limit as
+ * a template...
+ */
+
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No limit for Cancel-My-Jobs defined in policy %s "
+ "- using Send-Document's policy.", pol->name);
+
+ cupsdAddPolicyOp(pol, op, IPP_CANCEL_MY_JOBS);
+ }
+ else
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No limit for Cancel-My-Jobs defined in policy %s "
+ "and no suitable template found.", pol->name);
+ }
+
+ if ((op = cupsdFindPolicyOp(pol, IPP_CLOSE_JOB)) == NULL ||
+ op->op == IPP_ANY_OPERATION)
+ {
+ if ((op = cupsdFindPolicyOp(pol, IPP_SEND_DOCUMENT)) != NULL &&
+ op->op != IPP_ANY_OPERATION)
+ {
+ /*
+ * Add a new limit for Close-Job using the Send-Document limit as a
+ * template...
+ */
+
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No limit for Close-Job defined in policy %s "
+ "- using Send-Document's policy.", pol->name);
+
+ cupsdAddPolicyOp(pol, op, IPP_CLOSE_JOB);
+ }
+ else
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No limit for Close-Job defined in policy %s "
+ "and no suitable template found.", pol->name);
+ }
+
+ if ((op = cupsdFindPolicyOp(pol, CUPS_GET_DOCUMENT)) == NULL ||
+ op->op == IPP_ANY_OPERATION)
+ {
+ if ((op = cupsdFindPolicyOp(pol, IPP_SEND_DOCUMENT)) != NULL &&
+ op->op != IPP_ANY_OPERATION)
+ {
+ /*
+ * Add a new limit for CUPS-Get-Document using the Send-Document
+ * limit as a template...
+ */
+
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No limit for CUPS-Get-Document defined in policy %s "
+ "- using Send-Document's policy.", pol->name);
+
+ cupsdAddPolicyOp(pol, op, CUPS_GET_DOCUMENT);
+ }
+ else
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No limit for CUPS-Get-Document defined in policy %s "
+ "and no suitable template found.", pol->name);
+ }
+
+ /*
+ * Verify we have JobPrivateAccess, JobPrivateValues,
+ * SubscriptionPrivateAccess, and SubscriptionPrivateValues in the policy.
+ */
+
+ if (!pol->job_access)
+ {
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No JobPrivateAccess defined in policy %s "
+ "- using defaults.", pol->name);
+ cupsdAddString(&(pol->job_access), "@OWNER");
+ cupsdAddString(&(pol->job_access), "@SYSTEM");
+ }
+
+ if (!pol->job_attrs)
+ {
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No JobPrivateValues defined in policy %s "
+ "- using defaults.", pol->name);
+ cupsdAddString(&(pol->job_attrs), "job-name");
+ cupsdAddString(&(pol->job_attrs), "job-originating-host-name");
+ cupsdAddString(&(pol->job_attrs), "job-originating-user-name");
+ }
+
+ if (!pol->sub_access)
+ {
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No SubscriptionPrivateAccess defined in policy %s "
+ "- using defaults.", pol->name);
+ cupsdAddString(&(pol->sub_access), "@OWNER");
+ cupsdAddString(&(pol->sub_access), "@SYSTEM");
+ }
+
+ if (!pol->sub_attrs)
+ {
+ cupsdLogMessage(CUPSD_LOG_WARN,
+ "No SubscriptionPrivateValues defined in policy %s "
+ "- using defaults.", pol->name);
+ cupsdAddString(&(pol->sub_attrs), "notify-events");
+ cupsdAddString(&(pol->sub_attrs), "notify-pull-method");
+ cupsdAddString(&(pol->sub_attrs), "notify-recipient-uri");
+ cupsdAddString(&(pol->sub_attrs), "notify-subscriber-user-name");
+ cupsdAddString(&(pol->sub_attrs), "notify-user-data");
+ }
+}
+
+
+/*
* End of "$Id$".
*/
Index: scheduler/ipp.c
===================================================================
--- scheduler/ipp.c (revision 9351)
+++ scheduler/ipp.c (revision 9352)
@@ -167,7 +167,8 @@
int quickcopy);
static void close_job(cupsd_client_t *con, ipp_attribute_t *uri);
static void copy_attrs(ipp_t *to, ipp_t *from, cups_array_t *ra,
- ipp_tag_t group, int quickcopy);
+ ipp_tag_t group, int quickcopy,
+ cups_array_t *exclude);
static int copy_banner(cupsd_client_t *con, cupsd_job_t *job,
const char *name);
static int copy_file(const char *from, const char *to);
@@ -175,13 +176,14 @@
const char *to);
static void copy_job_attrs(cupsd_client_t *con,
cupsd_job_t *job,
- cups_array_t *ra);
+ cups_array_t *ra, cups_array_t *exclude);
static void copy_printer_attrs(cupsd_client_t *con,
cupsd_printer_t *printer,
cups_array_t *ra);
static void copy_subscription_attrs(cupsd_client_t *con,
cupsd_subscription_t *sub,
- cups_array_t *ra);
+ cups_array_t *ra,
+ cups_array_t *exclude);
static void create_job(cupsd_client_t *con, ipp_attribute_t *uri);
static cups_array_t *create_requested_array(ipp_t *request);
static void create_subscription(cupsd_client_t *con, ipp_attribute_t *uri);
@@ -4940,7 +4942,8 @@
ipp_t *from, /* I - Source request */
cups_array_t *ra, /* I - Requested attributes */
ipp_tag_t group, /* I - Group to copy */
- int quickcopy) /* I - Do a quick copy? */
+ int quickcopy, /* I - Do a quick copy? */
+ cups_array_t *exclude) /* I - Attributes to exclude? */
{
ipp_attribute_t *fromattr; /* Source attribute */
@@ -4962,6 +4965,23 @@
fromattr->group_tag != IPP_TAG_ZERO) || !fromattr->name)
continue;
+ if (exclude &&
+ (cupsArrayFind(exclude, fromattr->name) ||
+ cupsArrayFind(exclude, "all")))
+ {
+ /*
+ * We need to exclude this attribute for security reasons; we require the
+ * job-id and job-printer-uri attributes regardless of the security
+ * settings for IPP conformance.
+ *
+ * Subscription attribute security is handled by copy_subscription_attrs().
+ */
+
+ if (strcmp(fromattr->name, "job-id") &&
+ strcmp(fromattr->name, "job-printer-uri"))
+ continue;
+ }
+
if (!ra || cupsArrayFind(ra, fromattr->name))
{
/*
@@ -5608,7 +5628,8 @@
static void
copy_job_attrs(cupsd_client_t *con, /* I - Client connection */
cupsd_job_t *job, /* I - Job */
- cups_array_t *ra) /* I - Requested attributes array */
+ cups_array_t *ra, /* I - Requested attributes array */
+ cups_array_t *exclude) /* I - Private attributes array */
{
char job_uri[HTTP_MAX_URI]; /* Job URI */
@@ -5621,26 +5642,34 @@
con->servername, con->serverport, "/jobs/%d",
job->id);
- if (!ra || cupsArrayFind(ra, "document-count"))
- ippAddInteger(con->response, IPP_TAG_JOB, IPP_TAG_INTEGER,
- "document-count", job->num_files);
+ if (!cupsArrayFind(exclude, "all"))
+ {
+ if ((!exclude || !cupsArrayFind(exclude, "document-count")) &&
+ (!ra || cupsArrayFind(ra, "document-count")))
+ ippAddInteger(con->response, IPP_TAG_JOB, IPP_TAG_INTEGER,
+ "document-count", job->num_files);
- if (!ra || cupsArrayFind(ra, "job-media-progress"))
- ippAddInteger(con->response, IPP_TAG_JOB, IPP_TAG_INTEGER,
- "job-media-progress", job->progress);
+ if ((!exclude || !cupsArrayFind(exclude, "job-media-progress")) &&
+ (!ra || cupsArrayFind(ra, "job-media-progress")))
+ ippAddInteger(con->response, IPP_TAG_JOB, IPP_TAG_INTEGER,
+ "job-media-progress", job->progress);
- if (!ra || cupsArrayFind(ra, "job-more-info"))
- ippAddString(con->response, IPP_TAG_JOB, IPP_TAG_URI,
- "job-more-info", NULL, job_uri);
+ if ((!exclude || !cupsArrayFind(exclude, "job-more-info")) &&
+ (!ra || cupsArrayFind(ra, "job-more-info")))
+ ippAddString(con->response, IPP_TAG_JOB, IPP_TAG_URI,
+ "job-more-info", NULL, job_uri);
- if (job->state_value > IPP_JOB_PROCESSING &&
- (!ra || cupsArrayFind(ra, "job-preserved")))
- ippAddBoolean(con->response, IPP_TAG_JOB, "job-preserved",
- job->num_files > 0);
+ if (job->state_value > IPP_JOB_PROCESSING &&
+ (!exclude || !cupsArrayFind(exclude, "job-preserved")) &&
+ (!ra || cupsArrayFind(ra, "job-preserved")))
+ ippAddBoolean(con->response, IPP_TAG_JOB, "job-preserved",
+ job->num_files > 0);
- if (!ra || cupsArrayFind(ra, "job-printer-up-time"))
- ippAddInteger(con->response, IPP_TAG_JOB, IPP_TAG_INTEGER,
- "job-printer-up-time", time(NULL));
+ if ((!exclude || !cupsArrayFind(exclude, "job-printer-up-time")) &&
+ (!ra || cupsArrayFind(ra, "job-printer-up-time")))
+ ippAddInteger(con->response, IPP_TAG_JOB, IPP_TAG_INTEGER,
+ "job-printer-up-time", time(NULL));
+ }
if (!ra || cupsArrayFind(ra, "job-state-reasons"))
add_job_state_reasons(con, job);
@@ -5649,7 +5678,7 @@
ippAddString(con->response, IPP_TAG_JOB, IPP_TAG_URI,
"job-uri", NULL, job_uri);
- copy_attrs(con->response, job->attrs, ra, IPP_TAG_JOB, 0);
+ copy_attrs(con->response, job->attrs, ra, IPP_TAG_JOB, 0, exclude);
}
@@ -5821,7 +5850,7 @@
for (i = 0; i < printer->num_history; i ++)
copy_attrs(history->values[i].collection = ippNew(), printer->history[i],
- NULL, IPP_TAG_ZERO, 0);
+ NULL, IPP_TAG_ZERO, 0, NULL);
}
if (!ra || cupsArrayFind(ra, "printer-state-message"))
@@ -5875,10 +5904,10 @@
if (!ra || cupsArrayFind(ra, "queued-job-count"))
add_queued_job_count(con, printer);
- copy_attrs(con->response, printer->attrs, ra, IPP_TAG_ZERO, 0);
+ copy_attrs(con->response, printer->attrs, ra, IPP_TAG_ZERO, 0, NULL);
if (printer->ppd_attrs)
- copy_attrs(con->response, printer->ppd_attrs, ra, IPP_TAG_ZERO, 0);
- copy_attrs(con->response, CommonData, ra, IPP_TAG_ZERO, IPP_TAG_COPY);
+ copy_attrs(con->response, printer->ppd_attrs, ra, IPP_TAG_ZERO, 0, NULL);
+ copy_attrs(con->response, CommonData, ra, IPP_TAG_ZERO, IPP_TAG_COPY, NULL);
}
@@ -5890,7 +5919,8 @@
copy_subscription_attrs(
cupsd_client_t *con, /* I - Client connection */
cupsd_subscription_t *sub, /* I - Subscription */
- cups_array_t *ra) /* I - Requested attributes array */
+ cups_array_t *ra, /* I - Requested attributes array */
+ cups_array_t *exclude) /* I - Private attributes array */
{
ipp_attribute_t *attr; /* Current attribute */
char printer_uri[HTTP_MAX_URI];
@@ -5900,56 +5930,92 @@
const char *name; /* Current event name */
+ cupsdLogMessage(CUPSD_LOG_DEBUG2,
+ "copy_subscription_attrs(con=%p, sub=%p, ra=%p, exclude=%p)",
+ con, sub, ra, exclude);
+
/*
* Copy the subscription attributes to the response using the
* requested-attributes attribute that may be provided by the client.
*/
- if (!ra || cupsArrayFind(ra, "notify-events"))
+ if (!exclude || !cupsArrayFind(exclude, "all"))
{
- if ((name = cupsdEventName((cupsd_eventmask_t)sub->mask)) != NULL)
+ if ((!exclude || !cupsArrayFind(exclude, "notify-events")) &&
+ (!ra || cupsArrayFind(ra, "notify-events")))
{
- /*
- * Simple event list...
- */
+ cupsdLogMessage(CUPSD_LOG_DEBUG2, "copy_subscription_attrs: notify-events");
- ippAddString(con->response, IPP_TAG_SUBSCRIPTION,
- (ipp_tag_t)(IPP_TAG_KEYWORD | IPP_TAG_COPY),
- "notify-events", NULL, name);
+ if ((name = cupsdEventName((cupsd_eventmask_t)sub->mask)) != NULL)
+ {
+ /*
+ * Simple event list...
+ */
+
+ ippAddString(con->response, IPP_TAG_SUBSCRIPTION,
+ (ipp_tag_t)(IPP_TAG_KEYWORD | IPP_TAG_COPY),
+ "notify-events", NULL, name);
+ }
+ else
+ {
+ /*
+ * Complex event list...
+ */
+
+ for (mask = 1, count = 0; mask < CUPSD_EVENT_ALL; mask <<= 1)
+ if (sub->mask & mask)
+ count ++;
+
+ attr = ippAddStrings(con->response, IPP_TAG_SUBSCRIPTION,
+ (ipp_tag_t)(IPP_TAG_KEYWORD | IPP_TAG_COPY),
+ "notify-events", count, NULL, NULL);
+
+ for (mask = 1, count = 0; mask < CUPSD_EVENT_ALL; mask <<= 1)
+ if (sub->mask & mask)
+ {
+ attr->values[count].string.text =
+ (char *)cupsdEventName((cupsd_eventmask_t)mask);
+
+ count ++;
+ }
+ }
}
- else
- {
- /*
- * Complex event list...
- */
- for (mask = 1, count = 0; mask < CUPSD_EVENT_ALL; mask <<= 1)
- if (sub->mask & mask)
- count ++;
+ if ((!exclude || !cupsArrayFind(exclude, "notify-lease-duration")) &&
+ (!sub->job && (!ra || cupsArrayFind(ra, "notify-lease-duration"))))
+ ippAddInteger(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_INTEGER,
+ "notify-lease-duration", sub->lease);
- attr = ippAddStrings(con->response, IPP_TAG_SUBSCRIPTION,
- (ipp_tag_t)(IPP_TAG_KEYWORD | IPP_TAG_COPY),
- "notify-events", count, NULL, NULL);
+ if ((!exclude || !cupsArrayFind(exclude, "notify-recipient-uri")) &&
+ (sub->recipient && (!ra || cupsArrayFind(ra, "notify-recipient-uri"))))
+ ippAddString(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_URI,
+ "notify-recipient-uri", NULL, sub->recipient);
+ else if ((!exclude || !cupsArrayFind(exclude, "notify-pull-method")) &&
+ (!ra || cupsArrayFind(ra, "notify-pull-method")))
+ ippAddString(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_KEYWORD,
+ "notify-pull-method", NULL, "ippget");
- for (mask = 1, count = 0; mask < CUPSD_EVENT_ALL; mask <<= 1)
- if (sub->mask & mask)
- {
- attr->values[count].string.text =
- (char *)cupsdEventName((cupsd_eventmask_t)mask);
+ if ((!exclude || !cupsArrayFind(exclude, "notify-subscriber-user-name")) &&
+ (!ra || cupsArrayFind(ra, "notify-subscriber-user-name")))
+ ippAddString(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_NAME,
+ "notify-subscriber-user-name", NULL, sub->owner);
- count ++;
- }
- }
+ if ((!exclude || !cupsArrayFind(exclude, "notify-time-interval")) &&
+ (!ra || cupsArrayFind(ra, "notify-time-interval")))
+ ippAddInteger(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_INTEGER,
+ "notify-time-interval", sub->interval);
+
+ if (sub->user_data_len > 0 &&
+ (!exclude || !cupsArrayFind(exclude, "notify-user-data")) &&
+ (!ra || cupsArrayFind(ra, "notify-user-data")))
+ ippAddOctetString(con->response, IPP_TAG_SUBSCRIPTION, "notify-user-data",
+ sub->user_data, sub->user_data_len);
}
if (sub->job && (!ra || cupsArrayFind(ra, "notify-job-id")))
ippAddInteger(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_INTEGER,
"notify-job-id", sub->job->id);
- if (!sub->job && (!ra || cupsArrayFind(ra, "notify-lease-duration")))
- ippAddInteger(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_INTEGER,
- "notify-lease-duration", sub->lease);
-
if (sub->dest && (!ra || cupsArrayFind(ra, "notify-printer-uri")))
{
httpAssembleURIf(HTTP_URI_CODING_ALL, printer_uri, sizeof(printer_uri),
@@ -5959,28 +6025,9 @@
"notify-printer-uri", NULL, printer_uri);
}
- if (sub->recipient && (!ra || cupsArrayFind(ra, "notify-recipient-uri")))
- ippAddString(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_URI,
- "notify-recipient-uri", NULL, sub->recipient);
- else if (!ra || cupsArrayFind(ra, "notify-pull-method"))
- ippAddString(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_KEYWORD,
- "notify-pull-method", NULL, "ippget");
-
- if (!ra || cupsArrayFind(ra, "notify-subscriber-user-name"))
- ippAddString(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_NAME,
- "notify-subscriber-user-name", NULL, sub->owner);
-
if (!ra || cupsArrayFind(ra, "notify-subscription-id"))
ippAddInteger(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_INTEGER,
"notify-subscription-id", sub->id);
-
- if (!ra || cupsArrayFind(ra, "notify-time-interval"))
- ippAddInteger(con->response, IPP_TAG_SUBSCRIPTION, IPP_TAG_INTEGER,
- "notify-time-interval", sub->interval);
-
- if (sub->user_data_len > 0 && (!ra || cupsArrayFind(ra, "notify-user-data")))
- ippAddOctetString(con->response, IPP_TAG_SUBSCRIPTION, "notify-user-data",
- sub->user_data, sub->user_data_len);
}
@@ -7004,12 +7051,14 @@
int jobid; /* Job ID */
cupsd_job_t *job; /* Current job */
cupsd_printer_t *printer; /* Current printer */
- char scheme[HTTP_MAX_URI], /* Method portion of URI */
+ cupsd_policy_t *policy; /* Current security policy */
+ char scheme[HTTP_MAX_URI], /* Scheme portion of URI */
username[HTTP_MAX_URI], /* Username portion of URI */
host[HTTP_MAX_URI], /* Host portion of URI */
resource[HTTP_MAX_URI]; /* Resource portion of URI */
int port; /* Port portion of URI */
- cups_array_t *ra; /* Requested attributes array */
+ cups_array_t *ra, /* Requested attributes array */
+ *exclude; /* Private attributes array */
cupsdLogMessage(CUPSD_LOG_DEBUG2, "get_job_attrs(%p[%d], %s)", con,
@@ -7082,20 +7131,18 @@
printer = cupsdFindDest(job->dest);
if (printer)
+ policy = printer->op_policy_ptr;
+ else
+ policy = DefaultPolicyPtr;
+
+ if ((status = cupsdCheckPolicy(policy, con, job->username)) != HTTP_OK)
{
- if ((status = cupsdCheckPolicy(printer->op_policy_ptr, con,
- NULL)) != HTTP_OK)
- {
- send_http_error(con, status, printer);
- return;
- }
- }
- else if ((status = cupsdCheckPolicy(DefaultPolicyPtr, con, NULL)) != HTTP_OK)
- {
send_http_error(con, status, NULL);
return;
}
+ exclude = cupsdGetPrivateAttrs(policy, con, printer, job->username);
+
/*
* Copy attributes...
*/
@@ -7103,7 +7150,7 @@
cupsdLoadJob(job);
ra = create_requested_array(con->request);
- copy_job_attrs(con, job, ra);
+ copy_job_attrs(con, job, ra, exclude);
cupsArrayDelete(ra);
con->response->request.status.status_code = IPP_OK;
@@ -7137,7 +7184,9 @@
cupsd_job_t *job; /* Current job pointer */
cupsd_printer_t *printer; /* Printer */
cups_array_t *list; /* Which job list... */
- cups_array_t *ra; /* Requested attributes array */
+ cups_array_t *ra, /* Requested attributes array */
+ *exclude; /* Private attributes array */
+ cupsd_policy_t *policy; /* Current policy */
cupsdLogMessage(CUPSD_LOG_DEBUG2, "get_jobs(%p[%d], %s)", con, con->http.fd,
@@ -7200,16 +7249,12 @@
*/
if (printer)
+ policy = printer->op_policy_ptr;
+ else
+ policy = DefaultPolicyPtr;
+
+ if ((status = cupsdCheckPolicy(policy, con, NULL)) != HTTP_OK)
{
- if ((status = cupsdCheckPolicy(printer->op_policy_ptr, con,
- NULL)) != HTTP_OK)
- {
- send_http_error(con, status, printer);
- return;
- }
- }
- else if ((status = cupsdCheckPolicy(DefaultPolicyPtr, con, NULL)) != HTTP_OK)
- {
send_http_error(con, status, NULL);
return;
}
@@ -7395,7 +7440,12 @@
if (i > 0)
ippAddSeparator(con->response);
- copy_job_attrs(con, job, ra);
+ exclude = cupsdGetPrivateAttrs(job->printer ?
+ job->printer->op_policy_ptr :
+ policy, con, job->printer,
+ job->username);
+
+ copy_job_attrs(con, job, ra, exclude);
}
}
else
@@ -7451,7 +7501,12 @@
count ++;
- copy_job_attrs(con, job, ra);
+ exclude = cupsdGetPrivateAttrs(job->printer ?
+ job->printer->op_policy_ptr :
+ policy, con, job->printer,
+ job->username);
+
+ copy_job_attrs(con, job, ra, exclude);
}
cupsdLogMessage(CUPSD_LOG_DEBUG2, "get_jobs: count=%d", count);
@@ -7595,7 +7650,7 @@
copy_attrs(con->response,
((cupsd_event_t *)cupsArrayIndex(sub->events, j))->attrs, NULL,
- IPP_TAG_EVENT_NOTIFICATION, 0);
+ IPP_TAG_EVENT_NOTIFICATION, 0, NULL);
}
}
}
@@ -8163,7 +8218,8 @@
* access...
*/
- if (printer->num_users && username && !user_allowed(printer, username))
+ if (cupsArrayCount(printer->users) && username &&
+ !user_allowed(printer, username))
continue;
/*
@@ -8200,7 +8256,9 @@
{
http_status_t status; /* Policy status */
cupsd_subscription_t *sub; /* Subscription */
- cups_array_t *ra; /* Requested attributes array */
+ cupsd_policy_t *policy; /* Current security policy */
+ cups_array_t *ra, /* Requested attributes array */
+ *exclude; /* Private attributes array */
cupsdLogMessage(CUPSD_LOG_DEBUG2,
@@ -8226,14 +8284,19 @@
* Check policy...
*/
- if ((status = cupsdCheckPolicy(sub->dest ? sub->dest->op_policy_ptr :
- DefaultPolicyPtr,
- con, sub->owner)) != HTTP_OK)
+ if (sub->dest)
+ policy = sub->dest->op_policy_ptr;
+ else
+ policy = DefaultPolicyPtr;
+
+ if ((status = cupsdCheckPolicy(policy, con, sub->owner)) != HTTP_OK)
{
send_http_error(con, status, sub->dest);
return;
}
+ exclude = cupsdGetPrivateAttrs(policy, con, sub->dest, sub->owner);
+
/*
* Copy the subscription attributes to the response using the
* requested-attributes attribute that may be provided by the client.
@@ -8241,7 +8304,7 @@
ra = create_requested_array(con->request);
- copy_subscription_attrs(con, sub, ra);
+ copy_subscription_attrs(con, sub, ra, exclude);
cupsArrayDelete(ra);
@@ -8275,6 +8338,8 @@
int port; /* Port portion of URI */
cupsd_job_t *job; /* Job pointer */
cupsd_printer_t *printer; /* Printer */
+ cupsd_policy_t *policy; /* Policy */
+ cups_array_t *exclude; /* Private attributes array */
cupsdLogMessage(CUPSD_LOG_DEBUG2,
@@ -8338,9 +8403,12 @@
* Check policy...
*/
- if ((status = cupsdCheckPolicy(printer ? printer->op_policy_ptr :
- DefaultPolicyPtr,
- con, NULL)) != HTTP_OK)
+ if (printer)
+ policy = printer->op_policy_ptr;
+ else
+ policy = DefaultPolicyPtr;
+
+ if ((status = cupsdCheckPolicy(policy, con, NULL)) != HTTP_OK)
{
send_http_error(con, status, printer);
return;
@@ -8377,8 +8445,13 @@
(!username[0] || !strcasecmp(username, sub->owner)))
{
ippAddSeparator(con->response);
- copy_subscription_attrs(con, sub, ra);
+ exclude = cupsdGetPrivateAttrs(sub->dest ? sub->dest->op_policy_ptr :
+ policy, con, sub->dest,
+ sub->owner);
+
+ copy_subscription_attrs(con, sub, ra, exclude);
+
count ++;
if (limit && count >= limit)
break;
Index: scheduler/printers.h
===================================================================
--- scheduler/printers.h (revision 9351)
+++ scheduler/printers.h (revision 9352)
@@ -38,7 +38,7 @@
typedef struct cupsd_job_s cupsd_job_t;
-typedef struct cupsd_printer_s
+struct cupsd_printer_s
{
char *uri, /* Printer URI */
*hostname, /* Host printer resides on */
@@ -81,8 +81,7 @@
page_limit, /* Maximum number of pages */
k_limit; /* Maximum number of kilobytes */
cups_array_t *quotas; /* Quota records */
- int deny_users, /* 1 = deny, 0 = allow */
- num_users; /* Number of allowed/denied users */
+ int deny_users; /* 1 = deny, 0 = allow */
cups_array_t *users; /* Allowed/denied users */
int num_history; /* Number of history collections */
ipp_t **history; /* History data */
@@ -109,7 +108,7 @@
DNSServiceRef ipp_ref, /* Reference for _ipp._tcp,_cups */
printer_ref; /* Reference for _printer._tcp */
#endif /* HAVE_DNSSD */
-} cupsd_printer_t;
+};
/*