[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-1042-ga51cb3c

James Peach jpeach at samba.org
Mon Apr 21 18:22:08 GMT 2008


The branch, v3-2-test has been updated
       via  a51cb3c1a9549d74c1e5cf05bc43b955af1a25b7 (commit)
       via  831a09ae25e98eacc0b0be5390d3ac3aa671a8a5 (commit)
       via  4244be792eeb69e883a1ece013b62fe6941086f2 (commit)
       via  b294b2055a422e1af59e3b6843b84750b6786d99 (commit)
       via  8eff35bc4acc13807c895af43b52db79ee195cb5 (commit)
       via  8c12c5cea01d9b801fe80c2a87b8139c488a62a5 (commit)
      from  87232351b5e66728f8d602259961909e8c1dfcb6 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -----------------------------------------------------------------
commit a51cb3c1a9549d74c1e5cf05bc43b955af1a25b7
Author: James Peach <jpeach at apple.com>
Date:   Mon Apr 21 11:19:22 2008 -0700

    smbspool: Fix the smbspool build.

commit 831a09ae25e98eacc0b0be5390d3ac3aa671a8a5
Author: James Peach <jpeach at apple.com>
Date:   Mon Apr 21 10:57:09 2008 -0700

    smbspool: minor formatting cleanups.

commit 4244be792eeb69e883a1ece013b62fe6941086f2
Author: James Peach <jpeach at apple.com>
Date:   Mon Apr 21 10:10:29 2008 -0700

    smbspool: Run indent to approximate conding standards.

commit b294b2055a422e1af59e3b6843b84750b6786d99
Author: James Peach <jpeach at apple.com>
Date:   Mon Apr 21 09:29:07 2008 -0700

    smbspool: add my copyright.

commit 8eff35bc4acc13807c895af43b52db79ee195cb5
Author: Mike Sweet <msweet at apple.com>
Date:   Mon Apr 21 09:19:51 2008 -0700

    smbspool: Fix CUPS authentication protocol support.
    
    There were a couple of places where we weren't checking for
    authentication correctly. This chance fixes those places and properly
    supports Kerberos where available.

commit 8c12c5cea01d9b801fe80c2a87b8139c488a62a5
Author: Mike Sweet <msweet at apple.com>
Date:   Mon Apr 21 09:16:01 2008 -0700

    smbspool: fix Kerberos support for CUPS 1.3.
    
    To summarize the changes, the patches remove the old (probably non-
    working) Kerberos support code which is unnecessary with CUPS 1.3
    and adds some checks on the NT status we get back to see whether
    the connection error is related to authentication.  If so, we send
    the ATTR: message to tell CUPS we need a username and password and
    return exit code 2 so cupsd will do the right thing.
    
    AUTH_USERNAME, AUTH_PASSWORD, and KRB5CCNAME are set and supported
    by CUPS 1.3.  The new exit code is supported by CUPS 1.2.x and 1.3,
    and it treated as a general failure in CUPS 1.1.  The ATTR: message
    is only supported by CUPS 1.3, while CUPS 1.2 will assume the
    "username,password" value we are setting.
    
    The current code only uses the AUTH_* env vars if they are set.
    If not, we fall back to the previous behavior.
    
    I really can't tell whether the Kerberos code that was in there
    would work at all. It did not work for Mac OS X which is why
    I dropped it.

-----------------------------------------------------------------------

Summary of changes:
 source/client/smbspool.c | 1104 +++++++++++++++++++++++-----------------------
 1 files changed, 545 insertions(+), 559 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/client/smbspool.c b/source/client/smbspool.c
index e827df4..ed5fc69 100644
--- a/source/client/smbspool.c
+++ b/source/client/smbspool.c
@@ -1,33 +1,47 @@
-/* 
+/*
    Unix SMB/CIFS implementation.
    SMB backend for the Common UNIX Printing System ("CUPS")
-   Copyright 1999 by Easy Software Products
-   Copyright Andrew Tridgell 1994-1998
-   Copyright Andrew Bartlett 2002
-   Copyright Rodrigo Fernandez-Vizarra 2005 
-   
+
+   Copyright (C) Easy Software Products	    1999
+   Copyright (C) Andrew Tridgell	    1994-1998
+   Copyright (C) Andrew Bartlett	    2002
+   Copyright (C) Rodrigo Fernandez-Vizarra  2005
+   Copyright (C) James Peach		    2008
+
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
-   
+
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-   
+
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
 #include "includes.h"
 
-#define TICKET_CC_DIR            "/tmp"
-#define CC_PREFIX                "krb5cc_" /* prefix of the ticket cache */
-#define CC_MAX_FILE_LEN          24   
-#define CC_MAX_FILE_PATH_LEN     (sizeof(TICKET_CC_DIR)-1)+ CC_MAX_FILE_LEN+2   
-#define OVERWRITE                1   
-#define KRB5CCNAME               "KRB5CCNAME"
+/*
+ * Starting with CUPS 1.3, Kerberos support is provided by cupsd including
+ * the forwarding of user credentials via the authenticated session between
+ * user and server and the KRB5CCNAME environment variable which will point
+ * to a temporary file or an in-memory representation depending on the version
+ * of Kerberos you use.  As a result, all of the ticket code that used to
+ * live here has been removed, and we depend on the user session (if you
+ * run smbspool by hand) or cupsd to provide the necessary Kerberos info.
+ *
+ * Also, the AUTH_USERNAME and AUTH_PASSWORD environment variables provide
+ * for per-job authentication for non-Kerberized printing.  We use those
+ * if there is no username and password specified in the device URI.
+ *
+ * Finally, if we have an authentication failure we return exit code 2
+ * which tells CUPS to hold the job for authentication and bug the user
+ * to get the necessary credentials.
+ */
+
 #define MAX_RETRY_CONNECT        3
 
 
@@ -41,523 +55,489 @@
  * Local functions...
  */
 
-static void		list_devices(void);
-static struct cli_state *smb_complete_connection(const char *, const char *,int , const char *, const char *, const char *, const char *, int);
-static struct cli_state	*smb_connect(const char *, const char *, int, const char *, const char *, const char *, const char *);
-static int		smb_print(struct cli_state *, char *, FILE *);
-static char *		uri_unescape_alloc(const char *);
+static int      get_exit_code(struct cli_state * cli, NTSTATUS nt_status);
+static void     list_devices(void);
+static struct cli_state *smb_complete_connection(const char *, const char *,
+	int, const char *, const char *, const char *, const char *, int, bool *need_auth);
+static struct cli_state *smb_connect(const char *, const char *, int, const
+	char *, const char *, const char *, const char *, bool *need_auth);
+static int      smb_print(struct cli_state *, char *, FILE *);
+static char    *uri_unescape_alloc(const char *);
 #if 0
-static bool smb_encrypt;
+static bool     smb_encrypt;
 #endif
 
 /*
  * 'main()' - Main entry for SMB backend.
  */
 
- int				/* O - Exit status */
- main(int  argc,			/* I - Number of command-line arguments */
-     char *argv[])		/* I - Command-line arguments */
-{
-  int		i;		/* Looping var */
-  int		copies;		/* Number of copies */
-  int 		port;		/* Port number */
-  char		uri[1024],	/* URI */
-		*sep,		/* Pointer to separator */
-		*tmp, *tmp2,	/* Temp pointers to do escaping */
-		*password;	/* Password */
-  char		*username,	/* Username */
-		*server,	/* Server name */
-		*printer;	/* Printer name */
-  const char	*workgroup;	/* Workgroup */
-  FILE		*fp;		/* File to print */
-  int		status=1;		/* Status of LPD job */
-  struct cli_state *cli;	/* SMB interface */
-  char null_str[1];
-  int tries = 0;
-  const char *dev_uri;
-  TALLOC_CTX *frame = talloc_stackframe();
-
-  null_str[0] = '\0';
-
-  /* we expect the URI in argv[0]. Detect the case where it is in argv[1] and cope */
-  if (argc > 2 && strncmp(argv[0],"smb://", 6) && !strncmp(argv[1],"smb://", 6)) {
-	  argv++;
-	  argc--;
-  }
-
-  if (argc == 1)
-  {
-   /*
-    * NEW!  In CUPS 1.1 the backends are run with no arguments to list the
-    *       available devices.  These can be devices served by this backend
-    *       or any other backends (i.e. you can have an SNMP backend that
-    *       is only used to enumerate the available network printers... :)
-    */
-
-    list_devices();
-    status = 0;
-    goto done;
-  }
-
-  if (argc < 6 || argc > 7)
-  {
-    fprintf(stderr, "Usage: %s [DEVICE_URI] job-id user title copies options [file]\n",
-            argv[0]);
-    fputs("       The DEVICE_URI environment variable can also contain the\n", stderr);
-    fputs("       destination printer:\n", stderr);
-    fputs("\n", stderr);
-    fputs("           smb://[username:password@][workgroup/]server[:port]/printer\n", stderr);
-    goto done;
-  }
-
- /*
-  * If we have 7 arguments, print the file named on the command-line.
-  * Otherwise, print data from stdin...
-  */
-
-
-  if (argc == 6)
-  {
-   /*
-    * Print from Copy stdin to a temporary file...
-    */
-
-    fp     = stdin;
-    copies = 1;
-  }
-  else if ((fp = fopen(argv[6], "rb")) == NULL)
-  {
-    perror("ERROR: Unable to open print file");
-    goto done;
-  }
-  else
-    copies = atoi(argv[4]);
-
- /*
-  * Find the URI...
-  */
-
-  dev_uri = getenv("DEVICE_URI");
-  if (dev_uri)
-    strncpy(uri, dev_uri, sizeof(uri) - 1);
-  else if (strncmp(argv[0], "smb://", 6) == 0)
-    strncpy(uri, argv[0], sizeof(uri) - 1);
-  else
-  {
-    fputs("ERROR: No device URI found in DEVICE_URI environment variable or argv[0] !\n", stderr);
-    goto done;
-  }
-
-  uri[sizeof(uri) - 1] = '\0';
-
- /*
-  * Extract the destination from the URI...
-  */
-
-  if ((sep = strrchr_m(uri, '@')) != NULL)
-  {
-    tmp = uri + 6;
-    *sep++ = '\0';
-
-    /* username is in tmp */
-
-    server = sep;
-
-   /*
-    * Extract password as needed...
-    */
-
-    if ((tmp2 = strchr_m(tmp, ':')) != NULL) {
-      *tmp2++ = '\0';
-      password = uri_unescape_alloc(tmp2);
-    } else {
-      password = null_str;
-    }
-    username = uri_unescape_alloc(tmp);
-  }
-  else
-  {
-    username = null_str;
-    password = null_str;
-    server   = uri + 6;
-  }
-
-  tmp = server;
-
-  if ((sep = strchr_m(tmp, '/')) == NULL)
-  {
-    fputs("ERROR: Bad URI - need printer name!\n", stderr);
-    goto done;
-  }
-
-  *sep++ = '\0';
-  tmp2 = sep;
-
-  if ((sep = strchr_m(tmp2, '/')) != NULL)
-  {
-   /*
-    * Convert to smb://[username:password@]workgroup/server/printer...
-    */
-
-    *sep++ = '\0';
-
-    workgroup = uri_unescape_alloc(tmp);
-    server    = uri_unescape_alloc(tmp2);
-    printer   = uri_unescape_alloc(sep);
-  }
-  else {
-    workgroup = NULL;
-    server = uri_unescape_alloc(tmp);
-    printer = uri_unescape_alloc(tmp2);
-  }
-  
-  if ((sep = strrchr_m(server, ':')) != NULL)
-  {
-    *sep++ = '\0';
-
-    port=atoi(sep);
-  }
-  else 
-  	port=0;
-	
- 
- /*
-  * Setup the SAMBA server state...
-  */
-
-  setup_logging("smbspool", True);
-
-  lp_set_in_client(True);       /* Make sure that we tell lp_load we are */
-
-  load_case_tables();
-
-  if (!lp_load(get_dyn_CONFIGFILE(), True, False, False, True))
-  {
-    fprintf(stderr, "ERROR: Can't load %s - run testparm to debug it\n", get_dyn_CONFIGFILE());
-    goto done;
-  }
-
-  if (workgroup == NULL)
-    workgroup = lp_workgroup();
-
-  load_interfaces();
-
-  do
-  {
-    if ((cli = smb_connect(workgroup, server, port, printer, username, password, argv[2])) == NULL)
-    {
-      if (getenv("CLASS") == NULL)
-      {
-        fprintf(stderr, "ERROR: Unable to connect to CIFS host, will retry in 60 seconds...\n");
-        sleep (60); /* should just waiting and retrying fix authentication  ??? */
-        tries++;
-      }
-      else
-      {
-        fprintf(stderr, "ERROR: Unable to connect to CIFS host, trying next printer...\n");
-    	goto done;
-      }
-    }
-  }
-  while ((cli == NULL) && (tries < MAX_RETRY_CONNECT));
-
-  if (cli == NULL) {
-        fprintf(stderr, "ERROR: Unable to connect to CIFS host after (tried %d times)\n", tries);
-    	goto done;
-  }
-
- /*
-  * Now that we are connected to the server, ignore SIGTERM so that we
-  * can finish out any page data the driver sends (e.g. to eject the
-  * current page...  Only ignore SIGTERM if we are printing data from
-  * stdin (otherwise you can't cancel raw jobs...)
-  */
-
-  if (argc < 7)
-    CatchSignal(SIGTERM, SIG_IGN);
-
- /*
-  * Queue the job...
-  */
-
-  for (i = 0; i < copies; i ++)
-    if ((status = smb_print(cli, argv[3] /* title */, fp)) != 0)
-      break;
-
-  cli_shutdown(cli);
-
- /*
-  * Return the queue status...
-  */
-
-  done:
-
-  TALLOC_FREE(frame);
-  return (status);
+int				/* O - Exit status */
+main(int argc,			/* I - Number of command-line arguments */
+     char *argv[])
+{				/* I - Command-line arguments */
+	int             i;	/* Looping var */
+	int             copies;	/* Number of copies */
+	int             port;	/* Port number */
+	char            uri[1024],	/* URI */
+	               *sep,	/* Pointer to separator */
+	               *tmp, *tmp2,	/* Temp pointers to do escaping */
+	               *password;	/* Password */
+	char           *username,	/* Username */
+	               *server,	/* Server name */
+	               *printer;/* Printer name */
+	const char     *workgroup;	/* Workgroup */
+	FILE           *fp;	/* File to print */
+	int             status = 1;	/* Status of LPD job */
+	struct cli_state *cli;	/* SMB interface */
+	char            null_str[1];
+	int             tries = 0;
+	bool		need_auth = true;
+	const char     *dev_uri;
+	TALLOC_CTX     *frame = talloc_stackframe();
+
+	null_str[0] = '\0';
+
+	/*
+	 * we expect the URI in argv[0]. Detect the case where it is in
+	 * argv[1] and cope
+	 */
+	if (argc > 2 && strncmp(argv[0], "smb://", 6) &&
+	    strncmp(argv[1], "smb://", 6) == 0) {
+		argv++;
+		argc--;
+	}
+
+	if (argc == 1) {
+		/*
+	         * NEW!  In CUPS 1.1 the backends are run with no arguments
+		 * to list the available devices.  These can be devices
+		 * served by this backend or any other backends (i.e. you
+		 * can have an SNMP backend that is only used to enumerate
+		 * the available network printers... :)
+	         */
+
+		list_devices();
+		status = 0;
+		goto done;
+	}
+
+	if (argc < 6 || argc > 7) {
+		fprintf(stderr,
+"Usage: %s [DEVICE_URI] job-id user title copies options [file]\n"
+"       The DEVICE_URI environment variable can also contain the\n"
+"       destination printer:\n"
+"\n"
+"           smb://[username:password@][workgroup/]server[:port]/printer\n",
+			argv[0]);
+		goto done;
+	}
+
+	/*
+         * If we have 7 arguments, print the file named on the command-line.
+         * Otherwise, print data from stdin...
+         */
+
+	if (argc == 6) {
+		/*
+	         * Print from Copy stdin to a temporary file...
+	         */
+
+		fp = stdin;
+		copies = 1;
+	} else if ((fp = fopen(argv[6], "rb")) == NULL) {
+		perror("ERROR: Unable to open print file");
+		goto done;
+	} else {
+		copies = atoi(argv[4]);
+	}
+
+	/*
+         * Find the URI...
+         */
+
+	dev_uri = getenv("DEVICE_URI");
+	if (dev_uri) {
+		strncpy(uri, dev_uri, sizeof(uri) - 1);
+	} else if (strncmp(argv[0], "smb://", 6) == 0) {
+		strncpy(uri, argv[0], sizeof(uri) - 1);
+	} else {
+		fputs("ERROR: No device URI found in DEVICE_URI environment variable or argv[0] !\n", stderr);
+		goto done;
+	}
+
+	uri[sizeof(uri) - 1] = '\0';
+
+	/*
+         * Extract the destination from the URI...
+         */
+
+	if ((sep = strrchr_m(uri, '@')) != NULL) {
+		tmp = uri + 6;
+		*sep++ = '\0';
+
+		/* username is in tmp */
+
+		server = sep;
+
+		/*
+	         * Extract password as needed...
+	         */
+
+		if ((tmp2 = strchr_m(tmp, ':')) != NULL) {
+			*tmp2++ = '\0';
+			password = uri_unescape_alloc(tmp2);
+		} else {
+			password = null_str;
+		}
+		username = uri_unescape_alloc(tmp);
+	} else {
+		if ((username = getenv("AUTH_USERNAME")) == NULL) {
+			username = null_str;
+		}
+
+		if ((password = getenv("AUTH_PASSWORD")) == NULL) {
+			password = null_str;
+		}
+
+		server = uri + 6;
+	}
+
+	tmp = server;
+
+	if ((sep = strchr_m(tmp, '/')) == NULL) {
+		fputs("ERROR: Bad URI - need printer name!\n", stderr);
+		goto done;
+	}
+
+	*sep++ = '\0';
+	tmp2 = sep;
+
+	if ((sep = strchr_m(tmp2, '/')) != NULL) {
+		/*
+	         * Convert to smb://[username:password@]workgroup/server/printer...
+	         */
+
+		*sep++ = '\0';
+
+		workgroup = uri_unescape_alloc(tmp);
+		server = uri_unescape_alloc(tmp2);
+		printer = uri_unescape_alloc(sep);
+	} else {
+		workgroup = NULL;
+		server = uri_unescape_alloc(tmp);
+		printer = uri_unescape_alloc(tmp2);
+	}
+
+	if ((sep = strrchr_m(server, ':')) != NULL) {
+		*sep++ = '\0';
+
+		port = atoi(sep);
+	} else {
+		port = 445;
+	}
+
+	/*
+         * Setup the SAMBA server state...
+         */


-- 
Samba Shared Repository


More information about the samba-cvs mailing list