diff options
author | msweet <msweet@a1ca3aef-8c08-0410-bb20-df032aa958be> | 2011-05-11 05:36:13 +0000 |
---|---|---|
committer | msweet <msweet@a1ca3aef-8c08-0410-bb20-df032aa958be> | 2011-05-11 05:36:13 +0000 |
commit | eac3a0a01bf37d95f4129b28296cb697c54b2613 (patch) | |
tree | a209bfa09edda04d8a339b869b4d5ce3057d8bbe /scheduler/auth.c | |
parent | 22c9029b44a790ba1ee894027431dcea1ec2aeab (diff) | |
download | cups-eac3a0a01bf37d95f4129b28296cb697c54b2613.tar.gz |
Merge changes from CUPS 1.5svn-r9763.
git-svn-id: svn+ssh://src.apple.com/svn/cups/easysw/current@3242 a1ca3aef-8c08-0410-bb20-df032aa958be
Diffstat (limited to 'scheduler/auth.c')
-rw-r--r-- | scheduler/auth.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/scheduler/auth.c b/scheduler/auth.c index 4d99f2653..d44357a08 100644 --- a/scheduler/auth.c +++ b/scheduler/auth.c @@ -559,6 +559,10 @@ cupsdAuthorize(cupsd_client_t *con) /* I - Client connection */ strlcpy(username, authorization + 9, sizeof(username)); +# ifdef HAVE_GSSAPI + con->gss_uid = CUPSD_UCRED_UID(peercred); +# endif /* HAVE_GSSAPI */ + cupsdLogMessage(CUPSD_LOG_DEBUG, "cupsdAuthorize: Authorized as %s using PeerCred", username); @@ -1122,7 +1126,7 @@ cupsdAuthorize(cupsd_client_t *con) /* I - Client connection */ * to run as the correct user to get Kerberos credentials of its own. */ - if (con->http.hostaddr->addr.sa_family == AF_LOCAL) + if (_httpAddrFamily(con->http.hostaddr) == AF_LOCAL) { cupsd_ucred_t peercred; /* Peer credentials */ socklen_t peersize; /* Size of peer credentials */ @@ -1959,7 +1963,11 @@ cupsdIsAuthorized(cupsd_client_t *con, /* I - Connection */ return (HTTP_OK); /* unless overridden with Satisfy */ } + if (con->type != type && type != CUPSD_AUTH_NONE && +#ifdef HAVE_GSSAPI + (type != CUPSD_AUTH_NEGOTIATE || con->gss_uid <= 0) && +#endif /* HAVE_GSSAPI */ (con->type != CUPSD_AUTH_BASIC || type != CUPSD_AUTH_BASICDIGEST)) { cupsdLogMessage(CUPSD_LOG_ERROR, "Authorized using %s, expected %s!", |