summaryrefslogtreecommitdiff
path: root/backend/escl/escl.c
diff options
context:
space:
mode:
authorJörg Frings-Fürst <debian@jff.email>2023-02-16 10:20:08 +0100
committerJörg Frings-Fürst <debian@jff.email>2023-02-16 10:20:08 +0100
commit778ebf8ee9cb22ea5727844333bcd5a6ee6bc0de (patch)
treea754e785b286ed82b45fe4e50b980714ad80e0a7 /backend/escl/escl.c
parent7d8aac1f3634dc58785bec7acf097dd6bac8c394 (diff)
parent32cb765f681299af226ca0520993cbe47ba5ecd0 (diff)
Merge branch 'release/debian/1.2.1-1'debian/1.2.1-1
Diffstat (limited to 'backend/escl/escl.c')
-rw-r--r--backend/escl/escl.c97
1 files changed, 92 insertions, 5 deletions
diff --git a/backend/escl/escl.c b/backend/escl/escl.c
index 5f02ec8..cbbdb60 100644
--- a/backend/escl/escl.c
+++ b/backend/escl/escl.c
@@ -61,6 +61,26 @@ static const SANE_Device **devlist = NULL;
static ESCL_Device *list_devices_primary = NULL;
static int num_devices = 0;
+#ifdef CURL_SSLVERSION_MAX_DEFAULT
+static int proto_tls[] = {
+ CURL_SSLVERSION_MAX_DEFAULT,
+ #ifdef CURL_SSLVERSION_MAX_TLSv1_3
+ CURL_SSLVERSION_MAX_TLSv1_3,
+ #endif
+ #ifdef CURL_SSLVERSION_MAX_TLSv1_2
+ CURL_SSLVERSION_MAX_TLSv1_2,
+ #endif
+ #ifdef CURL_SSLVERSION_MAX_TLSv1_1
+ CURL_SSLVERSION_MAX_TLSv1_1,
+ #endif
+ #ifdef CURL_SSLVERSION_MAX_TLSv1_0
+ CURL_SSLVERSION_MAX_TLSv1_0,
+ #endif
+ -1
+};
+#endif
+
+
typedef struct Handled {
struct Handled *next;
ESCL_Device *device;
@@ -99,6 +119,60 @@ escl_free_device(ESCL_Device *current)
return NULL;
}
+
+#ifdef CURL_SSLVERSION_MAX_DEFAULT
+static int
+escl_tls_protocol_supported(char *url, int proto)
+{
+ CURLcode res = CURLE_UNSUPPORTED_PROTOCOL;
+ CURL *curl = curl_easy_init();
+ if(curl) {
+ curl_easy_setopt(curl, CURLOPT_URL, url);
+
+ /* ask libcurl to use TLS version 1.0 or later */
+ curl_easy_setopt(curl, CURLOPT_SSLVERSION, proto);
+ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+ curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
+ curl_easy_setopt(curl, CURLOPT_MAXREDIRS, 3L);
+ /* Perform the request */
+ res = curl_easy_perform(curl);
+ curl_easy_cleanup(curl);
+ }
+ return res;
+}
+
+static int
+escl_is_tls(char * url, char *type)
+{
+ int tls_version = 0;
+ if(!strcmp(type, "_uscans._tcp") ||
+ !strcmp(type, "https"))
+ {
+ while(proto_tls[tls_version] != -1)
+ {
+ if (escl_tls_protocol_supported(url, proto_tls[tls_version]) == CURLE_OK)
+ {
+ DBG(10, "curl tls compatible (%d)\n", proto_tls[tls_version]);
+ break;
+ }
+ tls_version++;
+ }
+ if (proto_tls[tls_version] < 1)
+ return 0;
+ }
+ return proto_tls[tls_version];
+}
+#else
+static int
+escl_is_tls(char * url, char *type)
+{
+ (void)url;
+ (void)type;
+ return 0;
+}
+#endif
+
void
escl_free_handler(escl_sane_t *handler)
{
@@ -187,8 +261,13 @@ escl_device_add(int port_nb,
{
char tmp[PATH_MAX] = { 0 };
char *model = NULL;
+ char url_port[512] = { 0 };
+ int tls_version = 0;
ESCL_Device *current = NULL;
DBG (10, "escl_device_add\n");
+ snprintf(url_port, sizeof(url_port), "https://%s:%d", ip_address, port_nb);
+ tls_version = escl_is_tls(url_port, type);
+
for (current = list_devices_primary; current; current = current->next) {
if ((strcmp(current->ip_address, ip_address) == 0) ||
(uuid && current->uuid && !strcmp(current->uuid, uuid)))
@@ -206,6 +285,7 @@ escl_device_add(int port_nb,
}
current->port_nb = port_nb;
current->https = SANE_TRUE;
+ current->tls = tls_version;
}
return (SANE_STATUS_GOOD);
}
@@ -226,6 +306,7 @@ escl_device_add(int port_nb,
} else {
current->https = SANE_FALSE;
}
+ current->tls = tls_version;
model = (char*)(tmp[0] != 0 ? tmp : model_name);
current->model_name = strdup(model);
current->ip_address = strdup(ip_address);
@@ -470,7 +551,6 @@ attach_one_config(SANEI_Config __sane_unused__ *config, const char *line,
}
escl_device->model_name = opt_model ? opt_model : strdup("Unknown model");
escl_device->is = strdup("flatbed or ADF scanner");
- escl_device->type = strdup("In url");
escl_device->uuid = NULL;
}
@@ -515,6 +595,9 @@ attach_one_config(SANEI_Config __sane_unused__ *config, const char *line,
}
escl_device->is = strdup("flatbed or ADF scanner");
escl_device->uuid = NULL;
+ char url_port[512] = { 0 };
+ snprintf(url_port, sizeof(url_port), "https://%s:%d", escl_device->ip_address, escl_device->port_nb);
+ escl_device->tls = escl_is_tls(url_port, escl_device->type);
status = escl_check_and_add_device(escl_device);
if (status == SANE_STATUS_GOOD)
escl_device = NULL;
@@ -956,7 +1039,7 @@ init_options(SANE_String_Const name_source, escl_sane_t *s)
s->opt[OPT_BRIGHTNESS].constraint_type = SANE_CONSTRAINT_RANGE;
if (s->scanner->brightness) {
s->opt[OPT_BRIGHTNESS].constraint.range = &s->brightness_range;
- s->val[OPT_BRIGHTNESS].w = s->scanner->brightness->normal;
+ s->val[OPT_BRIGHTNESS].w = s->scanner->brightness->value;
s->brightness_range.quant=1;
s->brightness_range.min=s->scanner->brightness->min;
s->brightness_range.max=s->scanner->brightness->max;
@@ -975,7 +1058,7 @@ init_options(SANE_String_Const name_source, escl_sane_t *s)
s->opt[OPT_CONTRAST].constraint_type = SANE_CONSTRAINT_RANGE;
if (s->scanner->contrast) {
s->opt[OPT_CONTRAST].constraint.range = &s->contrast_range;
- s->val[OPT_CONTRAST].w = s->scanner->contrast->normal;
+ s->val[OPT_CONTRAST].w = s->scanner->contrast->value;
s->contrast_range.quant=1;
s->contrast_range.min=s->scanner->contrast->min;
s->contrast_range.max=s->scanner->contrast->max;
@@ -994,7 +1077,7 @@ init_options(SANE_String_Const name_source, escl_sane_t *s)
s->opt[OPT_SHARPEN].constraint_type = SANE_CONSTRAINT_RANGE;
if (s->scanner->sharpen) {
s->opt[OPT_SHARPEN].constraint.range = &s->sharpen_range;
- s->val[OPT_SHARPEN].w = s->scanner->sharpen->normal;
+ s->val[OPT_SHARPEN].w = s->scanner->sharpen->value;
s->sharpen_range.quant=1;
s->sharpen_range.min=s->scanner->sharpen->min;
s->sharpen_range.max=s->scanner->sharpen->max;
@@ -1014,7 +1097,7 @@ init_options(SANE_String_Const name_source, escl_sane_t *s)
s->opt[OPT_THRESHOLD].constraint_type = SANE_CONSTRAINT_RANGE;
if (s->scanner->threshold) {
s->opt[OPT_THRESHOLD].constraint.range = &s->thresold_range;
- s->val[OPT_THRESHOLD].w = s->scanner->threshold->normal;
+ s->val[OPT_THRESHOLD].w = s->scanner->threshold->value;
s->thresold_range.quant=1;
s->thresold_range.min= s->scanner->threshold->min;
s->thresold_range.max=s->scanner->threshold->max;
@@ -1069,9 +1152,11 @@ escl_parse_name(SANE_String_Const name, ESCL_Device *device)
if (strncmp(name, "https://", 8) == 0) {
device->https = SANE_TRUE;
+ device->type = strdup("https");
host = name + 8;
} else if (strncmp(name, "http://", 7) == 0) {
device->https = SANE_FALSE;
+ device->type = strdup("http");
host = name + 7;
} else {
DBG(1, "Unknown URL scheme in %s", name);
@@ -1811,6 +1896,8 @@ escl_curl_url(CURL *handle, const ESCL_Device *device, SANE_String_Const path)
DBG( 1, "Ignoring safety certificates, use https\n");
curl_easy_setopt(handle, CURLOPT_SSL_VERIFYPEER, 0L);
curl_easy_setopt(handle, CURLOPT_SSL_VERIFYHOST, 0L);
+ if (device->tls > 0)
+ curl_easy_setopt(handle, CURLOPT_SSLVERSION, device->tls);
}
if (device->unix_socket != NULL) {
DBG( 1, "Using local socket %s\n", device->unix_socket );