Support multiple addresses in Allow and Deny lines (like Apache)

[michaelrsweet]

Version: 1.4-feature
CUPS.org User: mike

Currently Allow and Deny do not support multiple addresses like Apache. Add support for this...

[michaelrsweet]

CUPS.org User: mike

Fixed in Subversion repository.

[michaelrsweet]

"str2947.patch":

Index: CHANGES.txt

--- CHANGES.txt (revision 7962)
+++ CHANGES.txt (working copy)
@@ -4,6 +4,8 @@
CHANGES IN CUPS V1.4b1

- Documentation updates (STR #2567)

• • The scheduler now supports multiple addresses in Allow and

• Deny lines, just like Apache (STR #2947)
  

  • Added CUPS_JOBTYPE environment variable for job filters so
    they know whether they are printing a banner or document
    file (STR Allow filters and backends to differentiate between a job and its banner page(s) #2799)
    Index: scheduler/conf.c

    --- scheduler/conf.c (revision 7961)
    +++ scheduler/conf.c (working copy)
    @@ -1690,92 +1690,113 @@
    • Deny [From] host/ip...
      */

• if (!strncasecmp(value, "from", 4))

• while (*value)
  {

• /*
  

•  \* Strip leading "from"...
  

•  */
  

•  if (!strncasecmp(value, "from", 4))
  

•  {
  

•   /*
  

• * Strip leading "from"...

• */

•  value += 4;
  

• value += 4;

•  while (isspace(*value & 255))
  

• value ++;

• }

• while (isspace(*value & 255))

• value ++;
  

• /*

• * Figure out what form the allow/deny address takes:

• * All

• * None

• * *.domain.com

• * .domain.com

• * host.domain.com

• * nnn.*

• * nnn.nnn.*

• * nnn.nnn.nnn.*

• * nnn.nnn.nnn.nnn

• * nnn.nnn.nnn.nnn/mm

• * nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm

• */

•    if (!*value)
  

• break;
  

•  }
  

• if (!strcasecmp(value, "all"))

• {
  /*

•  \* All hosts...
  

•  * Find the end of the value...
  

  */

•  if (!strcasecmp(line, "Allow"))
  

• cupsdAllowIP(loc, zeros, zeros);

•  else
  

• cupsdDenyIP(loc, zeros, zeros);

• }

• else if (!strcasecmp(value, "none"))

• {

•  for (valptr = value; _valptr && !isspace(_valptr & 255); valptr ++);
  

•  while (isspace(*valptr & 255))
  

•    _valptr++ = '\0';
  

  • /_

•  \* No hosts...
  

•  \* Figure out what form the allow/deny address takes:
  

•  *
  

•  \*    All
  

•  \*    None
  

•  \*    *.domain.com
  

•  \*    .domain.com
  

•  \*    host.domain.com
  

•  \*    nnn.*
  

•  \*    nnn.nnn.*
  

•  \*    nnn.nnn.nnn.*
  

•  \*    nnn.nnn.nnn.nnn
  

•  \*    nnn.nnn.nnn.nnn/mm
  

•  *    nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
  

  */

•  if (!strcasecmp(line, "Allow"))
  

• cupsdAllowIP(loc, ones, zeros);

•  else
  

• cupsdDenyIP(loc, ones, zeros);

• }

•  if (!strcasecmp(value, "all"))
  

•  {
  

•   /*
  

• * All hosts...

• */

• if (!strcasecmp(line, "Allow"))

• cupsdAllowIP(loc, zeros, zeros);
  

• else

• cupsdDenyIP(loc, zeros, zeros);
  

•  }
  

•  else if (!strcasecmp(value, "none"))
  

•  {
  

•   /*
  

• * No hosts...
• */

• if (!strcasecmp(line, "Allow"))

• cupsdAllowIP(loc, ones, zeros);
  

• else

• cupsdDenyIP(loc, ones, zeros);
  

•  }
  

  #ifdef AF_INET6
• else if (value[0] == '*' || value[0] == '.' ||

•         (!isdigit(value[0] & 255) && value[0] != '['))
  

•  else if (value[0] == '*' || value[0] == '.' || 
  

•      (!isdigit(value[0] & 255) && value[0] != '['))
  

  #else
• else if (value[0] == '*' || value[0] == '.' || !isdigit(value[0] & 255))

•  else if (value[0] == '_' || value[0] == '.' || !isdigit(value[0] & 255))
  

  #endif /_ AF_INET6 */
• {

• /*
  

•  \* Host or domain name...
  

•  */
  

•  {
  

•   /*
  

• * Host or domain name...
• */

•  if (value[0] == '*')
  

• value ++;
• if (value[0] == '*')

• value ++;
  

•  if (!strcasecmp(line, "Allow"))
  

• cupsdAllowHost(loc, value);
• if (!strcasecmp(line, "Allow"))

• cupsdAllowHost(loc, value);
  

• else

• cupsdDenyHost(loc, value);
  

•  }
  

  else
• cupsdDenyHost(loc, value);
• }
• else
• {

•  {
  

•   /*
  

• * One of many IP address forms...
• */

• if (!get_addr_and_mask(value, ip, mask))
• {

• cupsdLogMessage(CUPSD_LOG_ERROR, "Bad netmask value %s on line %d.",
  

•         value, linenum);
  

• return (0);
  

• }

• if (!strcasecmp(line, "Allow"))

• cupsdAllowIP(loc, ip, mask);
  

• else

• cupsdDenyIP(loc, ip, mask);
  

•  }
  

  • /*

•  \* One of many IP address forms...
  

•  * Advance to next value...
  

  */

•  if (!get_addr_and_mask(value, ip, mask))
  

•  {
  

•    cupsdLogMessage(CUPSD_LOG_ERROR, "Bad netmask value %s on line %d.",
  

•               value, linenum);
  

•    return (0);
  

- }

•  if (!strcasecmp(line, "Allow"))
  

• cupsdAllowIP(loc, ip, mask);

•  else
  

• cupsdDenyIP(loc, ip, mask);

•  value = valptr;
  

  }
  }
  else if (!strcasecmp(line, "AuthType"))
  @@ -2579,93 +2600,114 @@
  "Unable to initialize browse access control list!");
  else
  {

• if (!strncasecmp(value, "from ", 5))

• while (*value)
  {

• /*

•      \* Strip leading "from"...
  

• */
  

• if (!strncasecmp(value, "from", 4))
  

• {
  

•  /*
  

•   \* Strip leading "from"...
  

•   */
  

• value += 5;
  

•   value += 4;
  

• while (isspace(*value))
  

•   value ++;
  

• }

•   while (isspace(*value & 255))
  

•     value ++;
  

•   /*
  

• * Figure out what form the allow/deny address takes:

• * All

• * None

• * *.domain.com

• * .domain.com

• * host.domain.com

• * nnn.*

• * nnn.nnn.*

• * nnn.nnn.nnn.*

• * nnn.nnn.nnn.nnn

• * nnn.nnn.nnn.nnn/mm

• * nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm

• */

•   if (!*value)
  

•     break;
  

• }
  

• if (!strcasecmp(value, "all"))

• {
  /*

•      \* All hosts...
  

• * Find the end of the value...
  

  */

•      if (!strcasecmp(line, "BrowseAllow"))
  

•   cupsdAllowIP(location, zeros, zeros);
  

• else
  

•   cupsdDenyIP(location, zeros, zeros);
  

• }

• else if (!strcasecmp(value, "none"))

• {

• for (valueptr = value; _valueptr && !isspace(_valueptr & 255); valueptr ++);
  

• while (isspace(*valueptr & 255))
  

•   _valueptr++ = '\0';
  

  /_

•      \* No hosts...
  

• \* Figure out what form the allow/deny address takes:
  

• *
  

• \*    All
  

• \*    None
  

• \*    *.domain.com
  

• \*    .domain.com
  

• \*    host.domain.com
  

• \*    nnn.*
  

• \*    nnn.nnn.*
  

• \*    nnn.nnn.nnn.*
  

• \*    nnn.nnn.nnn.nnn
  

• \*    nnn.nnn.nnn.nnn/mm
  

• *    nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
  

  */

•      if (!strcasecmp(line, "BrowseAllow"))
  

•   cupsdAllowIP(location, ones, zeros);
  

• else
  

•   cupsdDenyIP(location, ones, zeros);
  

• }

• if (!strcasecmp(value, "all"))
  

• {
  

•  /*
  

•   \* All hosts...
  

•   */
  

•   if (!strcasecmp(line, "BrowseAllow"))
  

•     cupsdAllowIP(location, zeros, zeros);
  

•   else
  

•     cupsdDenyIP(location, zeros, zeros);
  

• }
  

• else if (!strcasecmp(value, "none"))
  

• {
  

•  /*
  

•   \* No hosts...
  

•   */
  

•   if (!strcasecmp(line, "BrowseAllow"))
  

•     cupsdAllowIP(location, ones, zeros);
  

•   else
  

•     cupsdDenyIP(location, ones, zeros);
  

• }
  

  #ifdef AF_INET6

• else if (value[0] == '*' || value[0] == '.' ||

•        (!isdigit(value[0] & 255) && value[0] != '['))
  

• else if (value[0] == '*' || value[0] == '.' || 
  

•      (!isdigit(value[0] & 255) && value[0] != '['))
  

  #else

• else if (value[0] == '*' || value[0] == '.' || !isdigit(value[0] & 255))

• else if (value[0] == '_' || value[0] == '.' || !isdigit(value[0] & 255))
  

  #endif /_ AF_INET6 */

• {

• /*

•      \* Host or domain name...
  

• */
  

• {
  

•  /*
  

•   \* Host or domain name...
  

•   */
  

• if (value[0] == '*')
  

•   value ++;
  

•   if (value[0] == '*')
  

•     value ++;
  

•      if (!strcasecmp(line, "BrowseAllow"))
  

•   cupsdAllowHost(location, value);
  

•   if (!strcasecmp(line, "BrowseAllow"))
  

•     cupsdAllowHost(location, value);
  

•   else
  

•     cupsdDenyHost(location, value);
  

• }
  

  else

•   cupsdDenyHost(location, value);
  

• }

• else

• {

• /*

•      \* One of many IP address forms...
  

• */
  

• {
  

•  /*
  

•   \* One of many IP address forms...
  

•   */
  

•      if (!get_addr_and_mask(value, ip, mask))
  

• {
  

•        cupsdLogMessage(CUPSD_LOG_ERROR, "Bad netmask value %s on line %d.",
  

•                   value, linenum);
  

•   break;
  

•   if (!get_addr_and_mask(value, ip, mask))
  

•   {
  

•     cupsdLogMessage(CUPSD_LOG_ERROR, "Bad netmask value %s on line %d.",
  

•             value, linenum);
  

•     break;
  

•   }
  

•   if (!strcasecmp(line, "BrowseAllow"))
  

•     cupsdAllowIP(location, ip, mask);
  

•   else
  

•     cupsdDenyIP(location, ip, mask);
  

  }

• }

•      if (!strcasecmp(line, "BrowseAllow"))
  

•   cupsdAllowIP(location, ip, mask);
  

• else
  

•   cupsdDenyIP(location, ip, mask);
  

• }

•   /*
  

•    \* Advance to next value...
  

• */

•    value = valueptr;
  

  }
  }
  else if (!strcasecmp(line, "BrowseRelay") && value)