From 6a9ef211bf8411e78a52c641848e4fa827ffcaf8 Mon Sep 17 00:00:00 2001
From: Till Kamppeter <tkamppeter@mandriva.com>
Date: Tue, 11 Mar 2003 18:34:39 +0000
Subject: Made sure that all IP addresses of the local machine are in 'Allow
 From' lines in the /etc/cups/cupsd.conf, otherwise one can have certain
 configurations with which one cannot access to the options of the local
 printer(s).

---
 perl-install/printer/detect.pm | 42 ++++++++++++++++++++++++++++++++++++++++++
 perl-install/printer/main.pm   | 30 ++++++++++++++++++++++--------
 2 files changed, 64 insertions(+), 8 deletions(-)

(limited to 'perl-install/printer')

diff --git a/perl-install/printer/detect.pm b/perl-install/printer/detect.pm
index 72568ee47..61c39522d 100644
--- a/perl-install/printer/detect.pm
+++ b/perl-install/printer/detect.pm
@@ -269,6 +269,48 @@ sub getNetworkInterfaces {
     @interfaces;
 }
 
+sub getIPsOfLocalMachine {
+
+    # subroutine determines all IPs which point to the local machine,
+    # except 127.0.0.1 (localhost).
+
+    # Return an empty list if no network is running
+    return () unless network_running();
+    
+    # Read the output of "ifconfig" to determine the broadcast addresses of
+    # the local networks
+    my $dev_is_realnet = 0;
+    my @local_ips;
+    my $current_ip = "";
+	
+    local *IFCONFIG_OUT;
+    open IFCONFIG_OUT, ($::testing ? "" : "chroot $::prefix/ ") .
+	"/bin/sh -c \"export LC_ALL=C; ifconfig\" |" or return ();
+    while (my $readline = <IFCONFIG_OUT>) {
+	# New entry ...
+	if ($readline =~ /^(\S+)\s/) {
+	    my $dev = $1;
+	    # ... for a real network (not lo = localhost)
+	    $dev_is_realnet = ($dev ne 'lo');
+	    # delete previous address
+	    $current_ip = "";
+	}
+	# Are we in the important line now?
+	if ($readline =~ /\sinet addr:([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\s/) {
+	    # Rip out the IP address
+	    $current_ip = $1;
+	    
+	    # Are we in an entry for a real network?
+	    if ($dev_is_realnet) {
+		# Store current IP address
+		push @local_ips, $current_ip;
+	    }
+	}
+    }
+    close(IFCONFIG_OUT);
+    @local_ips;
+}
+
 sub getIPsInLocalNetworks {
 
     # subroutine determines the list of all hosts reachable in the local
diff --git a/perl-install/printer/main.pm b/perl-install/printer/main.pm
index 5ca9fc5f8..ec63b6567 100644
--- a/perl-install/printer/main.pm
+++ b/perl-install/printer/main.pm
@@ -1047,7 +1047,9 @@ sub clientnetworks {
 	} elsif (!member($line, map {broadcastaddress($_)} @sharehosts)) {
 	    # Line pointing to remote server
 	    push(@sharehosts, networkaddress($line));
-	    $havebrowseaddresswithoutallowedhost = 1;
+	    if ($printer->{cupsconfig}{localprintersshared}) {
+		$havebrowseaddresswithoutallowedhost = 1;
+	    }
 	}
     }
     my $havebrowseallowwithoutallowedhost = 0;
@@ -1060,7 +1062,7 @@ sub clientnetworks {
 	} elsif (!member($line, @sharehosts)) {
 	    # Line pointing to remote server
 	    push(@sharehosts, $line);
-	    $havebrowseallowwithoutallowedhost = 1;
+	    #$havebrowseallowwithoutallowedhost = 1;
 	}
     }
 
@@ -1199,6 +1201,12 @@ sub read_cups_config {
     @{$printer->{cupsconfig}{root}{AllowFrom}} =
 	handle_configs::read_directives($printer->{cupsconfig}{rootlocation},
 					'Allow From');
+    # Remove the IPs pointing to the local machine
+    my @localips = printer::detect::getIPsOfLocalMachine();
+    @{$printer->{cupsconfig}{root}{AllowFrom}} =
+	grep {
+	    !member($_, @localips)
+	} @{$printer->{cupsconfig}{root}{AllowFrom}};
 
     # Keyword "Deny from" 
     @{$printer->{cupsconfig}{root}{DenyFrom}} =
@@ -1279,19 +1287,25 @@ sub write_cups_config {
 
     # To which machines are the local printers available?
     if (!$printer->{cupsconfig}{customsharingsetup}) {
+	my @localips = printer::detect::getIPsOfLocalMachine();
 	# root location block
 	@{$printer->{cupsconfig}{rootlocation}} =
 	    "<Location />\n" .
-	    ($printer->{cupsconfig}{localprintersshared} ?
-	     "Order Deny,Allow\n" :
-	     "Order Allow,Deny\n") .
+	    "Order Deny,Allow\n" .
 	    "Deny From All\n" .
 	    "Allow From 127.0.0.1\n" .
-	    ($#{$printer->{cupsconfig}{clientnetworks}} >= 0 ?
+	    (@localips ?
+	     "Allow From " .
+	     join("\nAllow From ", @localips).
+	     "\n" : "") .
+	    ($printer->{cupsconfig}{localprintersshared} &&
+	     ($#{$printer->{cupsconfig}{clientnetworks}} >= 0) ?
 	     "Allow From " .
 	     join("\nAllow From ", 
-		  @{$printer->{cupsconfig}{clientnetworks}}) .
-	     "\n" : "").
+		  grep {
+		      !member($_, @localips)
+		  } @{$printer->{cupsconfig}{clientnetworks}}) .
+	     "\n" : "") .
 	    "</Location>\n";
 	my ($location_start, @location) = 
 	    rip_location($printer->{cupsconfig}{cupsd_conf}, "/");
-- 
cgit v1.2.1