Comparar commits

..

1 Commits

Autor SHA1 Mensagem Data
Michael Sweet 86243a7551 Import CUPS v2.0.1 2016-03-15 10:40:34 -04:00
41 arquivos alterados com 911 adições e 286 exclusões
+29 -1
Ver Arquivo
@@ -1,6 +1,34 @@
CHANGES.txt - 2.0.0 - 2014-10-01
CHANGES.txt - 2.0.1 - 2014-11-14
--------------------------------
CHANGES IN CUPS V2.0.1
- Security: SSLv3 is now disabled by default to protect against the
POODLE attack (STR #4476)
- Printer sharing did not work when systemd was being used (STR #4497)
- cupsGetPPD* would return a symlink to the PPD in /etc/cups/ppd even if
it was not readable by the user (STR #4500)
- The web interface now protects against frame "click-jacking" attacks
(STR #4492)
- Fixed a crash in ippAttributeString (<rdar://problem/17903871>)
- Fixed a crash in the scheduler on Linux/*BSD if colord was not running
(STR #4496)
- Fixed a random crash in the scheduler when not using systemd
(STR #4484)
- Added systemd support for cups-lpd (STR #4493)
- The scheduler did not honor the FatalErrors directive for mis-
configured Group and SystemGroup values (STR #4495)
- The network backends no longer report waste-receptacle conditions when
using SNMP (STR #4499)
- The IPP backend did not work with some configurations of Windows
(STR #4503)
- RPMs did not build (STR #4490)
- Added a USB quirk rule for the Brother HL-1250 (STR #4519)
- Fixed compiles on unsupported platforms (STR #4510)
- "cancel -a" did not cancel all jobs on all destinations (STR #4513)
- The web interface did not work on OpenBSD (STR #4496)
CHANGES IN CUPS V2.0.0
- The scheduler did not preserve listener sockets from launchd or
+1 -1
Ver Arquivo
@@ -1,4 +1,4 @@
INSTALL - CUPS v2.0.0 - 2014-10-01
INSTALL - CUPS v2.0.1 - 2014-11-14
----------------------------------
This file describes how to compile and install CUPS from source code. For more
+1 -1
Ver Arquivo
@@ -1,4 +1,4 @@
README - CUPS v2.0.0 - 2014-10-01
README - CUPS v2.0.1 - 2014-11-14
---------------------------------
Looking for compile instructions? Read the file "INSTALL.txt" instead...
+3
Ver Arquivo
@@ -84,6 +84,9 @@
# Canon, Inc. MF4150 Printer, https://bugs.launchpad.net/bugs/1160638
0x04a9 0x26a3 no-reattach
# Brother Industries, Ltd HL-1250 Laser Printer, https://bugs.debian.org/712512
0x04f9 0x0007 no-reattach
# Brother Industries, Ltd HL-1430 Laser Printer, https://bugs.launchpad.net/bugs/1038695
0x04f9 0x001a no-reattach
+4 -2
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: snmp-supplies.c 11558 2014-02-06 18:33:34Z msweet $"
* "$Id: snmp-supplies.c 12228 2014-10-21 13:42:05Z msweet $"
*
* SNMP supplies functions for CUPS.
*
@@ -297,6 +297,7 @@ backendSNMPSupplies(
else
new_supply_state |= CUPS_OPC_NEAR_EOL;
break;
#if 0 /* Because no two vendors report waste containers the same, disable SNMP reporting of same */
case CUPS_TC_wasteInk :
case CUPS_TC_wastePaper :
case CUPS_TC_wasteToner :
@@ -307,6 +308,7 @@ backendSNMPSupplies(
else
new_supply_state |= CUPS_WASTE_ALMOST_FULL;
break;
#endif /* 0 */
case CUPS_TC_cleanerUnit :
case CUPS_TC_fuserCleaningPad :
if (percent <= 1)
@@ -1096,5 +1098,5 @@ utf16_to_utf8(
/*
* End of "$Id: snmp-supplies.c 11558 2014-02-06 18:33:34Z msweet $".
* End of "$Id: snmp-supplies.c 12228 2014-10-21 13:42:05Z msweet $".
*/
+1
Ver Arquivo
@@ -15,6 +15,7 @@
#Group @CUPS_GROUP@
# Administrator user group, used to match @SYSTEM in cupsd.conf policy rules...
# This cannot contain the Group value for security reasons...
SystemGroup @CUPS_SYSTEM_GROUPS@
@CUPS_SYSTEM_AUTHKEY@
+3 -3
Ver Arquivo
@@ -1,5 +1,5 @@
dnl
dnl "$Id: cups-common.m4 12180 2014-10-01 12:08:02Z msweet $"
dnl "$Id: cups-common.m4 12195 2014-10-02 18:45:59Z msweet $"
dnl
dnl Common configuration stuff for CUPS.
dnl
@@ -20,7 +20,7 @@ dnl Set the name of the config header file...
AC_CONFIG_HEADER(config.h)
dnl Version number information...
CUPS_VERSION=2.0.0
CUPS_VERSION=2.0.1
CUPS_REVISION=
#if test -z "$CUPS_REVISION" -a -d .svn; then
# CUPS_REVISION="-r`svnversion . | awk -F: '{print $NF}' | sed -e '1,$s/[[a-zA-Z]]*//g'`"
@@ -462,5 +462,5 @@ esac
AC_SUBST(BUILDDIRS)
dnl
dnl End of "$Id: cups-common.m4 12180 2014-10-01 12:08:02Z msweet $".
dnl End of "$Id: cups-common.m4 12195 2014-10-02 18:45:59Z msweet $".
dnl
externo
+3 -2
Ver Arquivo
@@ -2520,7 +2520,7 @@ esac
ac_config_headers="$ac_config_headers config.h"
CUPS_VERSION=2.0.0
CUPS_VERSION=2.0.1
CUPS_REVISION=
#if test -z "$CUPS_REVISION" -a -d .svn; then
# CUPS_REVISION="-r`svnversion . | awk -F: '{print $NF}' | sed -e '1,$s/[[a-zA-Z]]*//g'`"
@@ -10101,7 +10101,7 @@ fi
ac_config_files="$ac_config_files Makedefs conf/cups-files.conf conf/cupsd.conf conf/mime.convs conf/pam.std conf/snmp.conf cups-config data/testprint desktop/cups.desktop doc/index.html man/client.conf.man man/cups-files.conf.man man/cups-lpd.man man/cups-snmp.man man/cupsaddsmb.man man/cupsd.conf.man man/cupsd.man man/lpoptions.man scheduler/cups-lpd.xinetd scheduler/cups.sh scheduler/cups.xml scheduler/org.cups.cups-lpd.plist scheduler/org.cups.cupsd.path scheduler/org.cups.cupsd.service scheduler/org.cups.cupsd.socket templates/header.tmpl packaging/cups.list $LANGFILES"
ac_config_files="$ac_config_files Makedefs conf/cups-files.conf conf/cupsd.conf conf/mime.convs conf/pam.std conf/snmp.conf cups-config data/testprint desktop/cups.desktop doc/index.html man/client.conf.man man/cups-files.conf.man man/cups-lpd.man man/cups-snmp.man man/cupsaddsmb.man man/cupsd.conf.man man/cupsd.man man/lpoptions.man scheduler/cups-lpd.xinetd scheduler/cups.sh scheduler/cups.xml scheduler/org.cups.cups-lpd.plist scheduler/org.cups.cups-lpdAT.service scheduler/org.cups.cupsd.path scheduler/org.cups.cupsd.service scheduler/org.cups.cupsd.socket templates/header.tmpl packaging/cups.list $LANGFILES"
cat >confcache <<\_ACEOF
# This file is a shell script that caches the results of configure
@@ -10828,6 +10828,7 @@ do
"scheduler/cups.sh") CONFIG_FILES="$CONFIG_FILES scheduler/cups.sh" ;;
"scheduler/cups.xml") CONFIG_FILES="$CONFIG_FILES scheduler/cups.xml" ;;
"scheduler/org.cups.cups-lpd.plist") CONFIG_FILES="$CONFIG_FILES scheduler/org.cups.cups-lpd.plist" ;;
"scheduler/org.cups.cups-lpdAT.service") CONFIG_FILES="$CONFIG_FILES scheduler/org.cups.cups-lpdAT.service" ;;
"scheduler/org.cups.cupsd.path") CONFIG_FILES="$CONFIG_FILES scheduler/org.cups.cupsd.path" ;;
"scheduler/org.cups.cupsd.service") CONFIG_FILES="$CONFIG_FILES scheduler/org.cups.cupsd.service" ;;
"scheduler/org.cups.cupsd.socket") CONFIG_FILES="$CONFIG_FILES scheduler/org.cups.cupsd.socket" ;;
+3 -2
Ver Arquivo
@@ -1,5 +1,5 @@
dnl
dnl "$Id: configure.ac 11823 2014-04-21 12:22:03Z msweet $"
dnl "$Id: configure.ac 12222 2014-10-21 11:55:01Z msweet $"
dnl
dnl Configuration script for CUPS.
dnl
@@ -81,6 +81,7 @@ AC_OUTPUT(Makedefs
scheduler/cups.sh
scheduler/cups.xml
scheduler/org.cups.cups-lpd.plist
scheduler/org.cups.cups-lpdAT.service
scheduler/org.cups.cupsd.path
scheduler/org.cups.cupsd.service
scheduler/org.cups.cupsd.socket
@@ -91,5 +92,5 @@ AC_OUTPUT(Makedefs
chmod +x cups-config
dnl
dnl End of "$Id: configure.ac 11823 2014-04-21 12:22:03Z msweet $".
dnl End of "$Id: configure.ac 12222 2014-10-21 11:55:01Z msweet $".
dnl
+4 -4
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: auth.c 11776 2014-03-28 19:16:05Z msweet $"
* "$Id: auth.c 12230 2014-10-21 13:55:24Z msweet $"
*
* Authentication functions for CUPS.
*
@@ -761,7 +761,7 @@ cups_local_auth(http_t *http) /* I - HTTP connection to server */
if (
# ifdef HAVE_GSSAPI
strncmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Negotiate", 9) &&
_cups_strncasecmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Negotiate", 9) &&
# endif /* HAVE_GSSAPI */
# ifdef HAVE_AUTHORIZATION_H
!httpGetSubField2(http, HTTP_FIELD_WWW_AUTHENTICATE, "authkey",
@@ -808,7 +808,7 @@ cups_local_auth(http_t *http) /* I - HTTP connection to server */
filename, strerror(errno)));
# ifdef HAVE_GSSAPI
if (!strncmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Negotiate", 9))
if (!_cups_strncasecmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Negotiate", 9))
{
/*
* Kerberos required, don't try the root certificate...
@@ -876,5 +876,5 @@ cups_local_auth(http_t *http) /* I - HTTP connection to server */
/*
* End of "$Id: auth.c 11776 2014-03-28 19:16:05Z msweet $".
* End of "$Id: auth.c 12230 2014-10-21 13:55:24Z msweet $".
*/
+4 -4
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: cups.h 12094 2014-08-19 12:15:11Z msweet $"
* "$Id: cups.h 12195 2014-10-02 18:45:59Z msweet $"
*
* API definitions for CUPS.
*
@@ -49,10 +49,10 @@ extern "C" {
* Constants...
*/
# define CUPS_VERSION 2.0000
# define CUPS_VERSION 2.0001
# define CUPS_VERSION_MAJOR 2
# define CUPS_VERSION_MINOR 0
# define CUPS_VERSION_PATCH 0
# define CUPS_VERSION_PATCH 1
# define CUPS_BC_FD 3
/* Back-channel file descriptor for
@@ -628,5 +628,5 @@ extern int cupsSetServerCredentials(const char *path, const char *common_name,
#endif /* !_CUPS_CUPS_H_ */
/*
* End of "$Id: cups.h 12094 2014-08-19 12:15:11Z msweet $".
* End of "$Id: cups.h 12195 2014-10-02 18:45:59Z msweet $".
*/
+6 -2
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: http-private.h 12126 2014-08-28 16:02:00Z msweet $"
* "$Id: http-private.h 12243 2014-11-12 12:12:59Z msweet $"
*
* Private HTTP definitions for CUPS.
*
@@ -161,6 +161,9 @@ extern "C" {
#define _HTTP_RESOLVE_FQDN 2 /* Resolve to a FQDN */
#define _HTTP_RESOLVE_FAXOUT 4 /* Resolve FaxOut service? */
#define _HTTP_TLS_ALLOW_RC4 1 /* Allow RC4 cipher suites */
#define _HTTP_TLS_ALLOW_SSL3 2 /* Allow SSL 3.0 */
/*
* Types and functions for SSL support...
@@ -420,6 +423,7 @@ extern void _httpTLSInitialize(void);
extern size_t _httpTLSPending(http_t *http);
extern int _httpTLSRead(http_t *http, char *buf, int len);
extern int _httpTLSSetCredentials(http_t *http);
extern void _httpTLSSetOptions(int options);
extern int _httpTLSStart(http_t *http);
extern void _httpTLSStop(http_t *http);
extern int _httpTLSWrite(http_t *http, const char *buf, int len);
@@ -438,5 +442,5 @@ extern int _httpWait(http_t *http, int msec, int usessl);
#endif /* !_CUPS_HTTP_PRIVATE_H_ */
/*
* End of "$Id: http-private.h 12126 2014-08-28 16:02:00Z msweet $".
* End of "$Id: http-private.h 12243 2014-11-12 12:12:59Z msweet $".
*/
+26 -2
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: http.c 12125 2014-08-28 15:49:29Z msweet $"
* "$Id: http.c 12230 2014-10-21 13:55:24Z msweet $"
*
* HTTP routines for CUPS.
*
@@ -2702,6 +2702,19 @@ httpSetField(http_t *http, /* I - HTTP connection */
http->server = _cupsStrAlloc(value);
break;
case HTTP_FIELD_WWW_AUTHENTICATE :
/* CUPS STR #4503 - don't override WWW-Authenticate for unknown auth schemes */
if (http->fields[HTTP_FIELD_WWW_AUTHENTICATE][0] &&
_cups_strncasecmp(value, "Basic ", 6) &&
_cups_strncasecmp(value, "Digest ", 7) &&
_cups_strncasecmp(value, "Negotiate ", 10))
{
DEBUG_printf(("1httpSetField: Ignoring unknown auth scheme in \"%s\".", value));
return;
}
/* Fall through to copy */
default :
strlcpy(http->fields[field], value, HTTP_MAX_VALUE);
break;
@@ -3611,6 +3624,17 @@ httpWriteResponse(http_t *http, /* I - HTTP connection */
return (-1);
}
}
/*
* "Click-jacking" defense (STR #4492)...
*/
if (httpPrintf(http, "X-Frame-Options: DENY\r\n"
"Content-Security-Policy: frame-ancestors 'none'\r\n") < 1)
{
http->status = HTTP_STATUS_ERROR;
return (-1);
}
}
if (httpWrite2(http, "\r\n", 2) < 2)
@@ -4826,5 +4850,5 @@ http_write_chunk(http_t *http, /* I - HTTP connection */
/*
* End of "$Id: http.c 12125 2014-08-28 15:49:29Z msweet $".
* End of "$Id: http.c 12230 2014-10-21 13:55:24Z msweet $".
*/
+10 -2
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: ipp-support.c 12095 2014-08-19 16:16:06Z msweet $"
* "$Id: ipp-support.c 12194 2014-10-02 18:44:36Z msweet $"
*
* Internet Printing Protocol support functions for CUPS.
*
@@ -2223,6 +2223,14 @@ ipp_col_string(ipp_t *col, /* I - Collection attribute */
ipp_attribute_t *attr; /* Current member attribute */
if (!col)
{
if (buffer)
*buffer = '\0';
return (0);
}
bufptr = buffer;
bufend = buffer + bufsize - 1;
@@ -2263,5 +2271,5 @@ ipp_col_string(ipp_t *col, /* I - Collection attribute */
/*
* End of "$Id: ipp-support.c 12095 2014-08-19 16:16:06Z msweet $".
* End of "$Id: ipp-support.c 12194 2014-10-02 18:44:36Z msweet $".
*/
+123 -4
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: tls-darwin.c 12159 2014-09-23 14:56:14Z msweet $"
* "$Id: tls-darwin.c 12215 2014-10-20 18:24:56Z msweet $"
*
* TLS support code for CUPS on OS X.
*
@@ -26,6 +26,14 @@
extern char **environ;
/*
* Test define - set to 1 to use SSLSetEnabledCiphers. Currently disabled (0)
* because of <rdar://problem/18707430>.
*/
#define USE_SET_ENABLED_CIPHERS 0
/*
* Local globals...
*/
@@ -41,6 +49,7 @@ static char *tls_keypath = NULL;
/* Server cert keychain path */
static _cups_mutex_t tls_mutex = _CUPS_MUTEX_INITIALIZER;
/* Mutex for keychain/certs */
static int tls_options = 0;/* Options for TLS connections */
#endif /* HAVE_SECKEYCHAINOPEN */
@@ -972,6 +981,17 @@ _httpTLSRead(http_t *http, /* I - HTTP connection */
}
/*
* '_httpTLSSetOptions()' - Set TLS protocol and cipher suite options.
*/
void
_httpTLSSetOptions(int options) /* I - Options */
{
tls_options = options;
}
/*
* '_httpTLSStart()' - Set up SSL/TLS support on a connection.
*/
@@ -1033,10 +1053,109 @@ _httpTLSStart(http_t *http) /* I - HTTP connection */
{
error = SSLSetSessionOption(http->tls, kSSLSessionOptionBreakOnServerAuth,
true);
DEBUG_printf(("4_httpTLSStart: SSLSetSessionOption, error=%d",
(int)error));
DEBUG_printf(("4_httpTLSStart: SSLSetSessionOption, error=%d", (int)error));
}
if (!error)
{
error = SSLSetProtocolVersionMin(http->tls, (tls_options & _HTTP_TLS_ALLOW_SSL3) ? kSSLProtocol3 : kTLSProtocol1);
DEBUG_printf(("4_httpTLSStart: SSLSetProtocolVersionMin, error=%d", (int)error));
}
# if USE_SET_ENABLED_CIPHERS
if (!error)
{
SSLCipherSuite supported[100]; /* Supported cipher suites */
size_t num_supported; /* Number of supported cipher suites */
SSLCipherSuite enabled[100]; /* Cipher suites to enable */
size_t num_enabled; /* Number of cipher suites to enable */
num_supported = sizeof(supported) / sizeof(supported[0]);
error = SSLGetSupportedCiphers(http->tls, supported, &num_supported);
if (!error)
{
DEBUG_printf(("4_httpTLSStart: %d cipher suites supported.", (int)num_supported));
for (i = 0, num_enabled = 0; i < (int)num_supported && num_enabled < (sizeof(enabled) / sizeof(enabled[0])); i ++)
{
switch (supported[i])
{
/* Obviously insecure cipher suites that we never want to use */
case SSL_NULL_WITH_NULL_NULL :
case SSL_RSA_WITH_NULL_MD5 :
case SSL_RSA_WITH_NULL_SHA :
case SSL_RSA_EXPORT_WITH_RC4_40_MD5 :
case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 :
case SSL_RSA_EXPORT_WITH_DES40_CBC_SHA :
case SSL_RSA_WITH_DES_CBC_SHA :
case SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA :
case SSL_DH_DSS_WITH_DES_CBC_SHA :
case SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA :
case SSL_DH_RSA_WITH_DES_CBC_SHA :
case SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA :
case SSL_DHE_DSS_WITH_DES_CBC_SHA :
case SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA :
case SSL_DHE_RSA_WITH_DES_CBC_SHA :
case SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 :
case SSL_DH_anon_WITH_RC4_128_MD5 :
case SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA :
case SSL_DH_anon_WITH_DES_CBC_SHA :
case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA :
case SSL_FORTEZZA_DMS_WITH_NULL_SHA :
case TLS_DH_anon_WITH_AES_128_CBC_SHA :
case TLS_DH_anon_WITH_AES_256_CBC_SHA :
case TLS_ECDH_ECDSA_WITH_NULL_SHA :
case TLS_ECDHE_RSA_WITH_NULL_SHA :
case TLS_ECDH_anon_WITH_NULL_SHA :
case TLS_ECDH_anon_WITH_RC4_128_SHA :
case TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA :
case TLS_ECDH_anon_WITH_AES_128_CBC_SHA :
case TLS_ECDH_anon_WITH_AES_256_CBC_SHA :
case TLS_RSA_WITH_NULL_SHA256 :
case TLS_DH_anon_WITH_AES_128_CBC_SHA256 :
case TLS_DH_anon_WITH_AES_256_CBC_SHA256 :
case TLS_PSK_WITH_NULL_SHA :
case TLS_DHE_PSK_WITH_NULL_SHA :
case TLS_RSA_PSK_WITH_NULL_SHA :
case TLS_DH_anon_WITH_AES_128_GCM_SHA256 :
case TLS_DH_anon_WITH_AES_256_GCM_SHA384 :
case TLS_PSK_WITH_NULL_SHA256 :
case TLS_PSK_WITH_NULL_SHA384 :
case TLS_DHE_PSK_WITH_NULL_SHA256 :
case TLS_DHE_PSK_WITH_NULL_SHA384 :
case TLS_RSA_PSK_WITH_NULL_SHA256 :
case TLS_RSA_PSK_WITH_NULL_SHA384 :
case SSL_RSA_WITH_DES_CBC_MD5 :
break;
/* RC4 cipher suites that should only be used as a last resort */
case SSL_RSA_WITH_RC4_128_MD5 :
case SSL_RSA_WITH_RC4_128_SHA :
case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
case TLS_ECDH_RSA_WITH_RC4_128_SHA :
case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
case TLS_PSK_WITH_RC4_128_SHA :
case TLS_DHE_PSK_WITH_RC4_128_SHA :
case TLS_RSA_PSK_WITH_RC4_128_SHA :
if (tls_options & _HTTP_TLS_ALLOW_RC4)
enabled[num_enabled ++] = supported[i];
break;
/* Anything else we'll assume is secure */
default :
enabled[num_enabled ++] = supported[i];
break;
}
}
DEBUG_printf(("4_httpTLSStart: %d cipher suites enabled.", (int)num_enabled));
error = SSLSetEnabledCiphers(http->tls, enabled, num_enabled);
}
}
#endif /* USE_SET_ENABLED_CIPHERS */
if (!error && http->mode == _HTTP_MODE_CLIENT)
{
/*
@@ -1660,5 +1779,5 @@ http_cdsa_write(
/*
* End of "$Id: tls-darwin.c 12159 2014-09-23 14:56:14Z msweet $".
* End of "$Id: tls-darwin.c 12215 2014-10-20 18:24:56Z msweet $".
*/
+23 -2
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: tls-gnutls.c 12159 2014-09-23 14:56:14Z msweet $"
* "$Id: tls-gnutls.c 12215 2014-10-20 18:24:56Z msweet $"
*
* TLS support code for CUPS using GNU TLS.
*
@@ -36,6 +36,7 @@ static char *tls_keypath = NULL;
/* Server cert keychain path */
static _cups_mutex_t tls_mutex = _CUPS_MUTEX_INITIALIZER;
/* Mutex for keychain/certs */
static int tls_options = 0;/* Options for TLS connections */
/*
@@ -1001,6 +1002,17 @@ _httpTLSSetCredentials(http_t *http) /* I - Connection to server */
}
/*
* '_httpTLSSetOptions()' - Set TLS protocol and cipher suite options.
*/
void
_httpTLSSetOptions(int options) /* I - Options */
{
tls_options = options;
}
/*
* '_httpTLSStart()' - Set up SSL/TLS support on a connection.
*/
@@ -1185,6 +1197,15 @@ _httpTLSStart(http_t *http) /* I - Connection to server */
return (-1);
}
if (!tls_options)
gnutls_priority_set_direct(http->tls, "NORMAL:-ARCFOUR-128:VERS-TLS-ALL:-VERS-SSL3.0", NULL);
else if ((tls_options & _HTTP_TLS_ALLOW_SSL3) && (tls_options & _HTTP_TLS_ALLOW_RC4))
gnutls_priority_set_direct(http->tls, "NORMAL", NULL);
else if (tls_options & _HTTP_TLS_ALLOW_SSL3)
gnutls_priority_set_direct(http->tls, "NORMAL:-ARCFOUR-128:VERS-TLS-ALL", NULL);
else
gnutls_priority_set_direct(http->tls, "NORMAL:VERS-TLS-ALL:-VERS-SSL3.0", NULL);
gnutls_transport_set_ptr(http->tls, (gnutls_transport_ptr_t)http);
gnutls_transport_set_pull_function(http->tls, http_gnutls_read);
#ifdef HAVE_GNUTLS_TRANSPORT_SET_PULL_TIMEOUT_FUNCTION
@@ -1292,5 +1313,5 @@ _httpTLSWrite(http_t *http, /* I - Connection to server */
/*
* End of "$Id: tls-gnutls.c 12159 2014-09-23 14:56:14Z msweet $".
* End of "$Id: tls-gnutls.c 12215 2014-10-20 18:24:56Z msweet $".
*/
+57 -5
Ver Arquivo
@@ -1,7 +1,8 @@
/*
* "$Id: tls-sspi.c 12159 2014-09-23 14:56:14Z msweet $"
* "$Id: tls-sspi.c 12215 2014-10-20 18:24:56Z msweet $"
*
* TLS support for CUPS on Windows using SSPI.
* TLS support for CUPS on Windows using the Security Support Provider
* Interface (SSPI).
*
* Copyright 2010-2014 by Apple Inc.
*
@@ -48,6 +49,14 @@
# define SECURITY_FLAG_IGNORE_CERT_DATE_INVALID 0x00002000 /* Expired X509 Cert. */
#endif /* !SECURITY_FLAG_IGNORE_CERT_DATE_INVALID */
/*
* Local globals...
*/
static int tls_options = 0;/* Options for TLS connections */
/*
* Local functions...
*/
@@ -896,6 +905,17 @@ _httpTLSRead(http_t *http, /* I - HTTP connection */
}
/*
* '_httpTLSSetOptions()' - Set TLS protocol and cipher suite options.
*/
void
_httpTLSSetOptions(int options) /* I - Options */
{
tls_options = options;
}
/*
* '_httpTLSStart()' - Set up SSL/TLS support on a connection.
*/
@@ -1727,11 +1747,43 @@ http_sspi_find_credentials(
SchannelCred.paCred = &storedContext;
/*
* SSPI doesn't seem to like it if grbitEnabledProtocols is set for a client.
* Set supported protocols (can also be overriden in the registry...)
*/
#ifdef SP_PROT_TLS1_2_SERVER
if (http->mode == _HTTP_MODE_SERVER)
SchannelCred.grbitEnabledProtocols = SP_PROT_SSL3TLS1;
{
if (tls_options & _HTTP_TLS_ALLOW_SSL3)
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_2_SERVER | SP_PROT_TLS1_1_SERVER | SP_PROT_TLS1_0_SERVER | SP_PROT_SSL3_SERVER;
else
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_2_SERVER | SP_PROT_TLS1_1_SERVER | SP_PROT_TLS1_0_SERVER;
}
else
{
if (tls_options & _HTTP_TLS_ALLOW_SSL3)
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_2_CLIENT | SP_PROT_TLS1_1_CLIENT | SP_PROT_TLS1_0_CLIENT | SP_PROT_SSL3_CLIENT;
else
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_2_CLIENT | SP_PROT_TLS1_1_CLIENT | SP_PROT_TLS1_0_CLIENT;
}
#else
if (http->mode == _HTTP_MODE_SERVER)
{
if (tls_options & _HTTP_TLS_ALLOW_SSL3)
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_SERVER | SP_PROT_SSL3_SERVER;
else
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_SERVER;
}
else
{
if (tls_options & _HTTP_TLS_ALLOW_SSL3)
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_CLIENT | SP_PROT_SSL3_CLIENT;
else
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_CLIENT;
}
#endif /* SP_PROT_TLS1_2_SERVER */
/* TODO: Support _HTTP_TLS_ALLOW_RC4 option; right now we'll rely on Windows registry to enable/disable RC4... */
/*
* Create an SSPI credential.
@@ -2361,5 +2413,5 @@ http_sspi_verify(
/*
* End of "$Id: tls-sspi.c 12159 2014-09-23 14:56:14Z msweet $".
* End of "$Id: tls-sspi.c 12215 2014-10-20 18:24:56Z msweet $".
*/
+74 -24
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: usersys.c 12124 2014-08-28 15:37:22Z msweet $"
* "$Id: usersys.c 12215 2014-10-20 18:24:56Z msweet $"
*
* User, system, and password routines for CUPS.
*
@@ -52,7 +52,8 @@ static void cups_read_client_conf(cups_file_t *fp,
#endif /* HAVE_GSSAPI */
const char *cups_anyroot,
const char *cups_expiredcerts,
const char *cups_validatecerts);
const char *cups_validatecerts,
int ssl_options);
/*
@@ -863,6 +864,30 @@ _cupsSetDefaults(void)
if (cg->encryption == (http_encryption_t)-1 || !cg->server[0] ||
!cg->user[0] || !cg->ipp_port)
{
/*
* Look for CUPS_SERVERROOT/client.conf...
*/
snprintf(filename, sizeof(filename), "%s/client.conf",
cg->cups_serverroot);
fp = cupsFileOpen(filename, "r");
/*
* Read the configuration file and apply any environment variables; both
* functions handle NULL cups_file_t pointers...
*/
cups_read_client_conf(fp, cg, cups_encryption, cups_server, cups_user,
#ifdef HAVE_GSSAPI
cups_gssservicename,
#endif /* HAVE_GSSAPI */
cups_anyroot, cups_expiredcerts, cups_validatecerts, 1);
cupsFileClose(fp);
/*
* Then user defaults, if it is safe to do so...
*/
# ifdef HAVE_GETEUID
if ((geteuid() == getuid() || !getuid()) && getegid() == getgid() && (home = getenv("HOME")) != NULL)
# elif !defined(WIN32)
@@ -877,32 +902,19 @@ _cupsSetDefaults(void)
snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home);
fp = cupsFileOpen(filename, "r");
}
else
fp = NULL;
if (!fp)
{
/*
* Look for CUPS_SERVERROOT/client.conf...
* Read the configuration file and apply any environment variables; both
* functions handle NULL cups_file_t pointers...
*/
snprintf(filename, sizeof(filename), "%s/client.conf",
cg->cups_serverroot);
fp = cupsFileOpen(filename, "r");
}
/*
* Read the configuration file and apply any environment variables; both
* functions handle NULL cups_file_t pointers...
*/
cups_read_client_conf(fp, cg, cups_encryption, cups_server, cups_user,
cups_read_client_conf(fp, cg, cups_encryption, cups_server, cups_user,
#ifdef HAVE_GSSAPI
cups_gssservicename,
cups_gssservicename,
#endif /* HAVE_GSSAPI */
cups_anyroot, cups_expiredcerts, cups_validatecerts);
cupsFileClose(fp);
cups_anyroot, cups_expiredcerts, cups_validatecerts, 0);
cupsFileClose(fp);
}
}
}
@@ -924,7 +936,8 @@ cups_read_client_conf(
#endif /* HAVE_GSSAPI */
const char *cups_anyroot, /* I - CUPS_ANYROOT env var */
const char *cups_expiredcerts, /* I - CUPS_EXPIREDCERTS env var */
const char *cups_validatecerts)/* I - CUPS_VALIDATECERTS env var */
const char *cups_validatecerts,/* I - CUPS_VALIDATECERTS env var */
int ssl_options) /* I - Allow setting of SSLOptions? */
{
int linenum; /* Current line number */
char line[1024], /* Line from file */
@@ -996,6 +1009,43 @@ cups_read_client_conf(
cups_gssservicename = gss_service_name;
}
#endif /* HAVE_GSSAPI */
else if (ssl_options && !_cups_strcasecmp(line, "SSLOptions") && value)
{
/*
* SSLOptions [AllowRC4] [AllowSSL3] [None]
*/
int options = 0; /* SSL/TLS options */
char *start, /* Start of option */
*end; /* End of option */
for (start = value; *start; start = end)
{
/*
* Find end of keyword...
*/
end = start;
while (*end && !_cups_isspace(*end))
end ++;
if (*end)
*end++ = '\0';
/*
* Compare...
*/
if (!_cups_strcasecmp(start, "AllowRC4"))
options |= _HTTP_TLS_ALLOW_RC4;
else if (!_cups_strcasecmp(start, "AllowSSL3"))
options |= _HTTP_TLS_ALLOW_SSL3;
else if (!_cups_strcasecmp(start, "None"))
options = 0;
}
_httpTLSSetOptions(options);
}
}
/*
@@ -1129,5 +1179,5 @@ cups_read_client_conf(
/*
* End of "$Id: usersys.c 12124 2014-08-28 15:37:22Z msweet $".
* End of "$Id: usersys.c 12215 2014-10-20 18:24:56Z msweet $".
*/
+4 -4
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: util.c 12073 2014-07-31 00:58:00Z msweet $"
* "$Id: util.c 12220 2014-10-20 22:03:01Z msweet $"
*
* Printing utilities for CUPS.
*
@@ -846,10 +846,10 @@ cupsGetPPD3(http_t *http, /* I - HTTP connection or @code CUPS_HTTP_DEFAUL
snprintf(ppdname, sizeof(ppdname), "%s/ppd/%s.ppd", cg->cups_serverroot,
name);
if (!stat(ppdname, &ppdinfo))
if (!stat(ppdname, &ppdinfo) && !access(ppdname, R_OK))
{
/*
* OK, the file exists, use it!
* OK, the file exists and is readable, use it!
*/
if (buffer[0])
@@ -1655,5 +1655,5 @@ cups_get_printer_uri(
/*
* End of "$Id: util.c 12073 2014-07-31 00:58:00Z msweet $".
* End of "$Id: util.c 12220 2014-10-20 22:03:01Z msweet $".
*/
+6
Ver Arquivo
@@ -38,6 +38,12 @@ CUPS adds the remote hostname ("name@server.example.com") for you. The default n
<b>Note: This directive it not supported on OS X 10.7 or later.</b>
<dt><b>ServerName </b><i>hostname-or-ip-address</i>[<i>:port</i>]<b>/version=1.1</b>
<dd style="margin-left: 5.0em">Specifies the address and optionally the port to use when connecting to a server running CUPS 1.3.12 and earlier.
<dt><b>SSLOptions </b>[<i>AllowRC4</i>] [<i>AllowSSL3</i>]
<dd style="margin-left: 5.0em"><dt><b>SSLOptions None</b>
<dd style="margin-left: 5.0em">Sets encryption options (only in /etc/cups/client.conf).
By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites.
The <i>AllowRC4</i> option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer ones.
The <i>AllowSSL3</i> option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0.
<dt><b>User </b><i>name</i>
<dd style="margin-left: 5.0em">Specifies the default user name to use for requests.
<dt><b>ValidateCerts Yes</b>
+6
Ver Arquivo
@@ -303,6 +303,12 @@ The default is "Minimal".
<dd style="margin-left: 5.0em"><dt><b>SSLListen [</b><i>ipv6-address</i><b>]:</b><i>port</i>
<dd style="margin-left: 5.0em"><dt><b>SSLListen *:</b><i>port</i>
<dd style="margin-left: 5.0em">Listens on the specified address and port for encrypted connections.
<dt><b>SSLOptions </b>[<i>AllowRC4</i>] [<i>AllowSSL3</i>]
<dd style="margin-left: 5.0em"><dt><b>SSLOptions None</b>
<dd style="margin-left: 5.0em">Sets encryption options.
By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites.
The <i>AllowRC4</i> option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer ones.
The <i>AllowSSL3</i> option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0.
<dt><b>SSLPort </b><i>port</i>
<dd style="margin-left: 5.0em">Listens on the specified port for encrypted connections.
<dt><b>StrictConformance Yes</b>
+11 -3
Ver Arquivo
@@ -1,5 +1,5 @@
.\"
.\" "$Id: client.conf.man.in 11851 2014-05-07 23:55:35Z msweet $"
.\" "$Id: client.conf.man.in 12215 2014-10-20 18:24:56Z msweet $"
.\"
.\" client.conf man page for CUPS.
.\"
@@ -12,7 +12,7 @@
.\" which should have been included with this file. If this file is
.\" file is missing or damaged, see the license at "http://www.cups.org/".
.\"
.TH client.conf 5 "CUPS" "7 May 2014" "Apple Inc."
.TH client.conf 5 "CUPS" "20 October 2014" "Apple Inc."
.SH NAME
client.conf \- client configuration file for cups (deprecated)
.SH DESCRIPTION
@@ -56,6 +56,14 @@ Specifies the address and optionally the port to use when connecting to the serv
\fBServerName \fIhostname-or-ip-address\fR[\fI:port\fR]\fB/version=1.1\fR
Specifies the address and optionally the port to use when connecting to a server running CUPS 1.3.12 and earlier.
.TP 5
\fBSSLOptions \fR[\fIAllowRC4\fR] [\fIAllowSSL3\fR]
.TP 5
\fBSSLOptions None\fR
Sets encryption options (only in /etc/cups/client.conf).
By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites.
The \fIAllowRC4\fR option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer ones.
The \fIAllowSSL3\fR option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0.
.TP 5
\fBUser \fIname\fR
Specifies the default user name to use for requests.
.TP 5
@@ -72,5 +80,5 @@ CUPS Online Help (http://localhost:631/help)
.SH COPYRIGHT
Copyright \[co] 2007-2014 by Apple Inc.
.\"
.\" End of "$Id: client.conf.man.in 11851 2014-05-07 23:55:35Z msweet $".
.\" End of "$Id: client.conf.man.in 12215 2014-10-20 18:24:56Z msweet $".
.\"
+11 -3
Ver Arquivo
@@ -1,5 +1,5 @@
.\"
.\" "$Id: cupsd.conf.man.in 12059 2014-07-28 14:04:32Z msweet $"
.\" "$Id: cupsd.conf.man.in 12215 2014-10-20 18:24:56Z msweet $"
.\"
.\" cupsd.conf man page for CUPS.
.\"
@@ -12,7 +12,7 @@
.\" which should have been included with this file. If this file is
.\" file is missing or damaged, see the license at "http://www.cups.org/".
.\"
.TH cupsd.conf 5 "CUPS" "28 July 2014" "Apple Inc."
.TH cupsd.conf 5 "CUPS" "20 October 2014" "Apple Inc."
.SH NAME
cupsd.conf \- server configuration file for cups
.SH DESCRIPTION
@@ -415,6 +415,14 @@ Set the specified environment variable to be passed to child processes.
\fBSSLListen *:\fIport\fR
Listens on the specified address and port for encrypted connections.
.TP 5
\fBSSLOptions \fR[\fIAllowRC4\fR] [\fIAllowSSL3\fR]
.TP 5
\fBSSLOptions None\fR
Sets encryption options.
By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites.
The \fIAllowRC4\fR option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer ones.
The \fIAllowSSL3\fR option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0.
.TP 5
\fBSSLPort \fIport\fR
Listens on the specified port for encrypted connections.
.TP 5
@@ -801,5 +809,5 @@ CUPS Online Help (http://localhost:631/help)
.SH COPYRIGHT
Copyright \[co] 2007-2014 by Apple Inc.
.\"
.\" End of "$Id: cupsd.conf.man.in 12059 2014-07-28 14:04:32Z msweet $".
.\" End of "$Id: cupsd.conf.man.in 12215 2014-10-20 18:24:56Z msweet $".
.\"
+14 -7
Ver Arquivo
@@ -1,5 +1,5 @@
#
# "$Id: cups.spec.in 12074 2014-07-31 01:10:14Z msweet $"
# "$Id: cups.spec.in 12222 2014-10-21 11:55:01Z msweet $"
#
# RPM "spec" file for CUPS.
#
@@ -44,12 +44,12 @@
Summary: CUPS
Name: cups
Version: 2.0.0
Version: 2.0.1
Release: 1
Epoch: 1
License: GPL
Group: System Environment/Daemons
Source: http://www.cups.org/software/2.0.0/cups-2.0.0-source.tar.bz2
Source: http://www.cups.org/software/2.0.1/cups-2.0.1-source.tar.bz2
Url: http://www.cups.org
Packager: Anonymous <anonymous@foo.com>
Vendor: Apple Inc.
@@ -180,7 +180,7 @@ rm -rf $RPM_BUILD_ROOT
%if %{?_with_systemd:1}%{!?_with_systemd:0}
# SystemD
/usr/lib/systemd/system/*
/usr/lib/systemd/system/org.cups.cupsd.*
%else
# Legacy init support on Linux
@@ -268,8 +268,8 @@ rm -rf $RPM_BUILD_ROOT
#/usr/share/doc/cups/ca/*
#%dir /usr/share/doc/cups/cs
#/usr/share/doc/cups/cs/*
#%dir /usr/share/doc/cups/es
#/usr/share/doc/cups/es/*
%dir /usr/share/doc/cups/es
/usr/share/doc/cups/es/*
#%dir /usr/share/doc/cups/fr
#/usr/share/doc/cups/fr/*
#%dir /usr/share/doc/cups/ja
@@ -379,7 +379,14 @@ rm -rf $RPM_BUILD_ROOT
%files lpd
%defattr(-,root,root)
%if %{?_with_systemd:1}%{!?_with_systemd:0}
# SystemD
/usr/lib/systemd/system/org.cups.cups-lpd*
%else
# Legacy xinetd
/etc/xinetd.d/cups-lpd
%endif
%dir /usr/lib/cups
%dir /usr/lib/cups/daemon
/usr/lib/cups/daemon/cups-lpd
@@ -388,5 +395,5 @@ rm -rf $RPM_BUILD_ROOT
#
# End of "$Id: cups.spec.in 12074 2014-07-31 01:10:14Z msweet $".
# End of "$Id: cups.spec.in 12222 2014-10-21 11:55:01Z msweet $".
#
+12 -5
Ver Arquivo
@@ -1,5 +1,5 @@
#
# "$Id: cups.spec.in 12074 2014-07-31 01:10:14Z msweet $"
# "$Id: cups.spec.in 12222 2014-10-21 11:55:01Z msweet $"
#
# RPM "spec" file for CUPS.
#
@@ -180,7 +180,7 @@ rm -rf $RPM_BUILD_ROOT
%if %{?_with_systemd:1}%{!?_with_systemd:0}
# SystemD
/usr/lib/systemd/system/*
/usr/lib/systemd/system/org.cups.cupsd.*
%else
# Legacy init support on Linux
@@ -268,8 +268,8 @@ rm -rf $RPM_BUILD_ROOT
#/usr/share/doc/cups/ca/*
#%dir /usr/share/doc/cups/cs
#/usr/share/doc/cups/cs/*
#%dir /usr/share/doc/cups/es
#/usr/share/doc/cups/es/*
%dir /usr/share/doc/cups/es
/usr/share/doc/cups/es/*
#%dir /usr/share/doc/cups/fr
#/usr/share/doc/cups/fr/*
#%dir /usr/share/doc/cups/ja
@@ -379,7 +379,14 @@ rm -rf $RPM_BUILD_ROOT
%files lpd
%defattr(-,root,root)
%if %{?_with_systemd:1}%{!?_with_systemd:0}
# SystemD
/usr/lib/systemd/system/org.cups.cups-lpd*
%else
# Legacy xinetd
/etc/xinetd.d/cups-lpd
%endif
%dir /usr/lib/cups
%dir /usr/lib/cups/daemon
/usr/lib/cups/daemon/cups-lpd
@@ -388,5 +395,5 @@ rm -rf $RPM_BUILD_ROOT
#
# End of "$Id: cups.spec.in 12074 2014-07-31 01:10:14Z msweet $".
# End of "$Id: cups.spec.in 12222 2014-10-21 11:55:01Z msweet $".
#
+6 -5
Ver Arquivo
@@ -1,9 +1,9 @@
#
# "$Id: Makefile 12132 2014-08-29 11:27:18Z msweet $"
# "$Id: Makefile 12222 2014-10-21 11:55:01Z msweet $"
#
# Scheduler Makefile for CUPS.
#
# Copyright 2007-2013 by Apple Inc.
# Copyright 2007-2014 by Apple Inc.
# Copyright 1997-2007 by Easy Software Products, all rights reserved.
#
# These coded instructions, statements, and computer programs are the
@@ -206,8 +206,9 @@ install-data:
$(INSTALL_DATA) org.cups.cupsd.path $(BUILDROOT)$(SYSTEMD_DIR); \
$(INSTALL_DATA) org.cups.cupsd.service $(BUILDROOT)$(SYSTEMD_DIR); \
$(INSTALL_DATA) org.cups.cupsd.socket $(BUILDROOT)$(SYSTEMD_DIR); \
fi
if test "x$(XINETD)" != x; then \
$(INSTALL_DATA) org.cups.cups-lpdAT.service $(BUILDROOT)$(SYSTEMD_DIR)/org.cups.cups-lpd@.service; \
$(INSTALL_DATA) org.cups.cups-lpd.socket $(BUILDROOT)$(SYSTEMD_DIR); \
elif test "x$(XINETD)" != x; then \
echo Installing xinetd configuration file for cups-lpd...; \
$(INSTALL_DIR) -m 755 $(BUILDROOT)$(XINETD); \
$(INSTALL_DATA) cups-lpd.xinetd $(BUILDROOT)$(XINETD)/cups-lpd; \
@@ -547,5 +548,5 @@ include Dependencies
#
# End of "$Id: Makefile 12132 2014-08-29 11:27:18Z msweet $".
# End of "$Id: Makefile 12222 2014-10-21 11:55:01Z msweet $".
#
+4 -3
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: colorman.c 11558 2014-02-06 18:33:34Z msweet $"
* "$Id: colorman.c 12226 2014-10-21 13:36:05Z msweet $"
*
* Color management routines for the CUPS scheduler.
*
@@ -186,7 +186,8 @@ void
cupsdStopColor(void)
{
#if !defined(__APPLE__) && defined(HAVE_DBUS)
dbus_connection_unref(colord_con);
if (colord_con)
dbus_connection_unref(colord_con);
colord_con = NULL;
#endif /* !__APPLE__ && HAVE_DBUS */
}
@@ -1514,5 +1515,5 @@ colord_unregister_printer(
/*
* End of "$Id: colorman.c 11558 2014-02-06 18:33:34Z msweet $".
* End of "$Id: colorman.c 12226 2014-10-21 13:36:05Z msweet $".
*/
+50 -2
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: conf.c 12178 2014-09-30 18:56:48Z msweet $"
* "$Id: conf.c 12224 2014-10-21 13:16:30Z msweet $"
*
* Configuration routines for the CUPS scheduler.
*
@@ -596,6 +596,8 @@ cupsdReadConfiguration(void)
# else
cupsdSetString(&ServerKeychain, "/Library/Keychains/System.keychain");
# endif /* HAVE_GNUTLS */
_httpTLSSetOptions(0);
#endif /* HAVE_SSL */
language = cupsLangDefault();
@@ -993,6 +995,9 @@ cupsdReadConfiguration(void)
cupsdLogMessage(CUPSD_LOG_NOTICE,
"Group and SystemGroup cannot use the same groups.");
if (FatalErrors & (CUPSD_FATAL_CONFIG | CUPSD_FATAL_PERMISSIONS))
return (0);
cupsdLogMessage(CUPSD_LOG_INFO, "Resetting Group to \"nobody\"...");
group = getgrnam("nobody");
@@ -2929,6 +2934,49 @@ read_cupsd_conf(cups_file_t *fp) /* I - File to read from */
"FaxRetryLimit is deprecated; use "
"JobRetryLimit on line %d.", linenum);
}
else if (!_cups_strcasecmp(line, "SSLOptions"))
{
/*
* SSLOptions [AllowRC4] [AllowSSL3] [None]
*/
int options = 0; /* SSL/TLS options */
if (value)
{
char *start, /* Start of option */
*end; /* End of option */
for (start = value; *start; start = end)
{
/*
* Find end of keyword...
*/
end = start;
while (*end && !_cups_isspace(*end))
end ++;
if (*end)
*end++ = '\0';
/*
* Compare...
*/
if (!_cups_strcasecmp(start, "AllowRC4"))
options |= _HTTP_TLS_ALLOW_RC4;
else if (!_cups_strcasecmp(start, "AllowSSL3"))
options |= _HTTP_TLS_ALLOW_SSL3;
else if (!_cups_strcasecmp(start, "None"))
options = 0;
else if (_cups_strcasecmp(start, "NoEmptyFragments"))
cupsdLogMessage(CUPSD_LOG_WARN, "Unknown SSL option %s at line %d.", start, linenum);
}
}
_httpTLSSetOptions(options);
}
else if ((!_cups_strcasecmp(line, "Port") || !_cups_strcasecmp(line, "Listen")
#ifdef HAVE_SSL
|| !_cups_strcasecmp(line, "SSLPort") || !_cups_strcasecmp(line, "SSLListen")
@@ -4093,5 +4141,5 @@ set_policy_defaults(cupsd_policy_t *pol)/* I - Policy */
/*
* End of "$Id: conf.c 12178 2014-09-30 18:56:48Z msweet $".
* End of "$Id: conf.c 12224 2014-10-21 13:16:30Z msweet $".
*/
+93 -78
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: main.c 12140 2014-08-30 01:51:22Z msweet $"
* "$Id: main.c 12248 2014-11-12 16:32:57Z msweet $"
*
* Main loop for the CUPS scheduler.
*
@@ -100,7 +100,11 @@ main(int argc, /* I - Number of command-line args */
{
int i; /* Looping var */
char *opt; /* Option character */
int fg; /* Run in the foreground */
int close_all = 1, /* Close all file descriptors? */
disconnect = 1, /* Disconnect from controlling terminal? */
fg = 0, /* Run in foreground? */
run_as_child = 0;
/* Running as child process? */
int fds; /* Number of ready descriptors */
cupsd_client_t *con; /* Current client */
cupsd_job_t *job; /* Current job */
@@ -116,8 +120,6 @@ main(int argc, /* I - Number of command-line args */
#if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET)
struct sigaction action; /* Actions for POSIX signals */
#endif /* HAVE_SIGACTION && !HAVE_SIGSET */
int run_as_child = 0;
/* Needed for background fork/exec */
#ifdef __APPLE__
int use_sysman = 1; /* Use system management functions? */
#else
@@ -150,8 +152,10 @@ main(int argc, /* I - Number of command-line args */
#ifdef HAVE_LAUNCHD
if (getenv("CUPSD_LAUNCHD"))
{
OnDemand = 1;
fg = 1;
OnDemand = 1;
fg = 1;
close_all = 0;
disconnect = 0;
}
#endif /* HAVE_LAUNCHD */
@@ -162,7 +166,8 @@ main(int argc, /* I - Number of command-line args */
{
case 'C' : /* Run as child with config file */
run_as_child = 1;
fg = -1;
fg = 1;
close_all = 0;
case 'c' : /* Configuration file */
i ++;
@@ -217,11 +222,14 @@ main(int argc, /* I - Number of command-line args */
break;
case 'f' : /* Run in foreground... */
fg = 1;
fg = 1;
disconnect = 0;
close_all = 0;
break;
case 'F' : /* Run in foreground, but disconnect from terminal... */
fg = -1;
fg = 1;
close_all = 0;
break;
case 'h' : /* Show usage/help */
@@ -230,12 +238,16 @@ main(int argc, /* I - Number of command-line args */
case 'l' : /* Started by launchd/systemd... */
#if defined(HAVE_LAUNCHD) || defined(HAVE_SYSTEMD)
OnDemand = 1;
fg = 1;
OnDemand = 1;
fg = 1;
close_all = 0;
disconnect = 0;
#else
_cupsLangPuts(stderr, _("cupsd: On-demand support not compiled "
"in, running in normal mode."));
fg = 0;
fg = 0;
disconnect = 1;
close_all = 1;
#endif /* HAVE_LAUNCHD || HAVE_SYSTEMD */
break;
@@ -244,6 +256,8 @@ main(int argc, /* I - Number of command-line args */
"use only!\n", stderr);
stop_scheduler = 1;
fg = 1;
disconnect = 0;
close_all = 0;
break;
case 'P' : /* Disable security profiles */
@@ -285,6 +299,8 @@ main(int argc, /* I - Number of command-line args */
case 't' : /* Test the cupsd.conf file... */
TestConfigFile = 1;
fg = 1;
disconnect = 0;
close_all = 0;
break;
default : /* Unknown option */
@@ -332,8 +348,57 @@ main(int argc, /* I - Number of command-line args */
free(filename);
}
if (disconnect)
{
/*
* Make sure we aren't tying up any filesystems...
*/
chdir("/");
/*
* Disconnect from the controlling terminal...
*/
setsid();
}
if (close_all)
{
/*
* Close all open files...
*/
getrlimit(RLIMIT_NOFILE, &limit);
for (i = 0; i < (int)limit.rlim_cur && i < 1024; i ++)
close(i);
/*
* Redirect stdin/out/err to /dev/null...
*/
if ((i = open("/dev/null", O_RDONLY)) != 0)
{
dup2(i, 0);
close(i);
}
if ((i = open("/dev/null", O_WRONLY)) != 1)
{
dup2(i, 1);
close(i);
}
if ((i = open("/dev/null", O_WRONLY)) != 2)
{
dup2(i, 2);
close(i);
}
}
/*
* If the user hasn't specified "-f", run in the background...
* Run in the background as needed...
*/
if (!fg)
@@ -408,74 +473,17 @@ main(int argc, /* I - Number of command-line args */
#endif /* __OpenBSD__ && OpenBSD < 201211 */
/*
* Since CoreFoundation and DBUS both create fork-unsafe data on execution of
* a program, and since this kind of really unfriendly behavior seems to be
* more common these days in system libraries, we need to re-execute the
* background cupsd with the "-C" option to avoid problems. Unfortunately,
* we also have to assume that argv[0] contains the name of the cupsd
* executable - there is no portable way to get the real pathname...
* Since many system libraries create fork-unsafe data on execution of a
* program, we need to re-execute the background cupsd with the "-C" and "-s"
* options to avoid problems. Unfortunately, we also have to assume that
* argv[0] contains the name of the cupsd executable - there is no portable
* way to get the real pathname...
*/
execlp(argv[0], argv[0], "-C", ConfigurationFile, (char *)0);
execlp(argv[0], argv[0], "-C", ConfigurationFile, "-s", CupsFilesFile, (char *)0);
exit(errno);
}
if (fg < 1)
{
/*
* Make sure we aren't tying up any filesystems...
*/
chdir("/");
#ifndef DEBUG
/*
* Disable core dumps...
*/
getrlimit(RLIMIT_CORE, &limit);
limit.rlim_cur = 0;
setrlimit(RLIMIT_CORE, &limit);
/*
* Disconnect from the controlling terminal...
*/
setsid();
/*
* Close all open files...
*/
getrlimit(RLIMIT_NOFILE, &limit);
for (i = 0; i < limit.rlim_cur && i < 1024; i ++)
close(i);
/*
* Redirect stdin/out/err to /dev/null...
*/
if ((i = open("/dev/null", O_RDONLY)) != 0)
{
dup2(i, 0);
close(i);
}
if ((i = open("/dev/null", O_WRONLY)) != 1)
{
dup2(i, 1);
close(i);
}
if ((i = open("/dev/null", O_WRONLY)) != 2)
{
dup2(i, 2);
close(i);
}
#endif /* DEBUG */
}
/*
* Set the timezone info...
*/
@@ -763,6 +771,9 @@ main(int argc, /* I - Number of command-line args */
if (timeout == 86400 && OnDemand && IdleExitTimeout &&
!cupsArrayCount(ActiveJobs) &&
# ifdef HAVE_SYSTEMD
!WebInterface &&
# endif /* HAVE_SYSTEMD */
(!Browsing || !BrowseLocalProtocols || !cupsArrayCount(Printers)))
{
timeout = IdleExitTimeout;
@@ -2114,8 +2125,12 @@ service_checkout(void)
* jobs or shared printers to advertise...
*/
if (cupsArrayCount(ActiveJobs) ||
if (cupsArrayCount(ActiveJobs) || /* Active jobs */
# ifdef HAVE_SYSTEMD
WebInterface || /* Web interface enabled */
# endif /* HAVE_SYSTEMD */
(Browsing && BrowseLocalProtocols && cupsArrayCount(Printers)))
/* Printers being shared */
{
cupsdLogMessage(CUPSD_LOG_DEBUG, "Creating keep-alive file \"" CUPS_KEEPALIVE "\".");
@@ -2158,5 +2173,5 @@ usage(int status) /* O - Exit status */
/*
* End of "$Id: main.c 12140 2014-08-30 01:51:22Z msweet $".
* End of "$Id: main.c 12248 2014-11-12 16:32:57Z msweet $".
*/
+9
Ver Arquivo
@@ -0,0 +1,9 @@
[Unit]
Description=CUPS LPD Server Socket
[Socket]
ListenStream=515
Accept=yes
[Install]
WantedBy=sockets.target
+9
Ver Arquivo
@@ -0,0 +1,9 @@
[Unit]
Description=CUPS LPD server
Documentation=man:cups-lpd(8)
[Service]
ExecStart=-@CUPS_SERVERBIN@/daemon/cups-lpd
StandardInput=socket
User=@CUPS_USER@
+1
Ver Arquivo
@@ -1,5 +1,6 @@
[Unit]
Description=CUPS Scheduler
Documentation=man:cupsd(8)
[Service]
ExecStart=@sbindir@/cupsd -l
-4
Ver Arquivo
@@ -3,10 +3,6 @@ Description=CUPS Scheduler
[Socket]
ListenStream=@CUPS_DEFAULT_DOMAINSOCKET@
ListenStream=[::1]:631
ListenStream=127.0.0.1:631
BindIPv6Only=ipv6-only
ReusePort=true
[Install]
WantedBy=sockets.target
+22 -14
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: process.c 12102 2014-08-20 15:19:09Z msweet $"
* "$Id: process.c 12252 2014-11-14 17:14:45Z msweet $"
*
* Process management routines for the CUPS scheduler.
*
@@ -459,18 +459,19 @@ cupsdStartProcess(
int i; /* Looping var */
const char *exec_path = command; /* Command to be exec'd */
char *real_argv[110], /* Real command-line arguments */
cups_exec[1024]; /* Path to "cups-exec" program */
uid_t user; /* Command UID */
cupsd_proc_t *proc; /* New process record */
#ifdef HAVE_POSIX_SPAWN
posix_spawn_file_actions_t actions; /* Spawn file actions */
posix_spawnattr_t attrs; /* Spawn attributes */
char user_str[16], /* User string */
cups_exec[1024], /* Path to "cups-exec" program */
user_str[16], /* User string */
group_str[16], /* Group string */
nice_str[16]; /* FilterNice string */
uid_t user; /* Command UID */
cupsd_proc_t *proc; /* New process record */
#if defined(HAVE_POSIX_SPAWN) && !defined(__OpenBSD__)
posix_spawn_file_actions_t actions; /* Spawn file actions */
posix_spawnattr_t attrs; /* Spawn attributes */
sigset_t defsignals; /* Default signals */
#elif defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET)
struct sigaction action; /* POSIX signal handler */
#endif /* HAVE_POSIX_SPAWN */
#endif /* HAVE_POSIX_SPAWN && !__OpenBSD__ */
#if defined(__APPLE__)
char processPath[1024], /* CFProcessPath environment variable */
linkpath[1024]; /* Link path for symlinks... */
@@ -534,9 +535,9 @@ cupsdStartProcess(
* Use helper program when we have a sandbox profile...
*/
#ifndef HAVE_POSIX_SPAWN
#if !defined(HAVE_POSIX_SPAWN) || defined(__OpenBSD__)
if (profile)
#endif /* !HAVE_POSIX_SPAWN */
#endif /* !HAVE_POSIX_SPAWN || __OpenBSD__ */
{
snprintf(cups_exec, sizeof(cups_exec), "%s/daemon/cups-exec", ServerBin);
snprintf(user_str, sizeof(user_str), "%d", user);
@@ -572,14 +573,21 @@ cupsdStartProcess(
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartProcess: argv[%d] = \"%s\"", i, argv[i]);
}
#ifdef HAVE_POSIX_SPAWN
#if defined(HAVE_POSIX_SPAWN) && !defined(__OpenBSD__) /* OpenBSD posix_spawn is busted with SETSIGDEF */
/*
* Setup attributes and file actions for the spawn...
*/
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartProcess: Setting spawn attributes.");
sigemptyset(&defsignals);
sigaddset(&defsignals, SIGTERM);
sigaddset(&defsignals, SIGCHLD);
sigaddset(&defsignals, SIGPIPE);
posix_spawnattr_init(&attrs);
posix_spawnattr_setflags(&attrs, POSIX_SPAWN_SETPGROUP | POSIX_SPAWN_SETSIGDEF);
posix_spawnattr_setpgroup(&attrs, 0);
posix_spawnattr_setsigdefault(&attrs, &defsignals);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartProcess: Setting file actions.");
posix_spawn_file_actions_init(&actions);
@@ -788,7 +796,7 @@ cupsdStartProcess(
}
cupsdReleaseSignals();
#endif /* HAVE_POSIX_SPAWN */
#endif /* HAVE_POSIX_SPAWN && !__OpenBSD__ */
if (*pid)
{
@@ -870,5 +878,5 @@ cupsd_requote(char *dst, /* I - Destination buffer */
/*
* End of "$Id: process.c 12102 2014-08-20 15:19:09Z msweet $".
* End of "$Id: process.c 12252 2014-11-14 17:14:45Z msweet $".
*/
+3 -3
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: cancel.c 10996 2013-05-29 11:51:34Z msweet $"
* "$Id: cancel.c 12248 2014-11-12 16:32:57Z msweet $"
*
* "cancel" command for CUPS.
*
@@ -315,7 +315,7 @@ main(int argc, /* I - Number of command-line arguments */
ippDelete(response);
}
if (num_dests == 0 && op == IPP_PURGE_JOBS)
if (num_dests == 0 && op != IPP_CANCEL_JOB)
{
/*
* Open a connection to the server...
@@ -383,5 +383,5 @@ main(int argc, /* I - Number of command-line arguments */
/*
* End of "$Id: cancel.c 10996 2013-05-29 11:51:34Z msweet $".
* End of "$Id: cancel.c 12248 2014-11-12 16:32:57Z msweet $".
*/
+8
Ver Arquivo
@@ -8,7 +8,15 @@
{refresh_page?<meta http-equiv="refresh" content="{refresh_page}">:}
<meta http-equiv="X-UA-Compatible" content="IE=9">
<meta name="viewport" content="width=device-width">
<style>html{display:none;}</style>
<script type="text/javascript"><!--
/* Only display document if we are not in a frame... */
if (self == top) {
document.documentElement.style.display = 'block';
} else {
top.location = self.location;
}
/* Show an error if cookies are disabled */
function check_cookies() {
if (!navigator.cookieEnabled) {
+8
Ver Arquivo
@@ -8,7 +8,15 @@
{refresh_page?<meta http-equiv="refresh" content="{refresh_page}">:}
<meta http-equiv="X-UA-Compatible" content="IE=9">
<meta name="viewport" content="width=device-width">
<style>html{display:none;}</style>
<script type="text/javascript"><!--
/* Only display document if we are not in a frame... */
if (self == top) {
document.documentElement.style.display = 'block';
} else {
top.location = self.location;
}
/* Show an error if cookies are disabled */
function check_cookies() {
if (!navigator.cookieEnabled) {
+248 -83
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: ippserver.c 12136 2014-08-29 15:19:40Z msweet $"
* "$Id: ippserver.c 12215 2014-10-20 18:24:56Z msweet $"
*
* Sample IPP Everywhere server for CUPS.
*
@@ -57,6 +57,11 @@ extern char **environ;
#ifdef HAVE_DNSSD
# include <dns_sd.h>
#elif defined(HAVE_AVAHI)
# include <avahi-client/client.h>
# include <avahi-client/publish.h>
# include <avahi-common/error.h>
# include <avahi-common/thread-watch.h>
#endif /* HAVE_DNSSD */
#ifdef HAVE_SYS_MOUNT_H
# include <sys/mount.h>
@@ -231,6 +236,19 @@ static const char * const printer_supplies[] =
* Structures...
*/
#ifdef HAVE_DNSSD
typedef DNSServiceRef _ipp_srv_t; /* Service reference */
typedef TXTRecordRef _ipp_txt_t; /* TXT record */
#elif defined(HAVE_AVAHI)
typedef AvahiEntryGroup *_ipp_srv_t; /* Service reference */
typedef AvahiStringList *_ipp_txt_t; /* TXT record */
#else
typedef void *_ipp_srv_t; /* Service reference */
typedef void *_ipp_txt_t; /* TXT record */
#endif /* HAVE_DNSSD */
typedef struct _ipp_filter_s /**** Attribute filter ****/
{
cups_array_t *ra; /* Requested attributes */
@@ -243,18 +261,12 @@ typedef struct _ipp_printer_s /**** Printer data ****/
{
int ipv4, /* IPv4 listener */
ipv6; /* IPv6 listener */
#ifdef HAVE_DNSSD
DNSServiceRef common_ref, /* Shared service connection */
ipp_ref, /* Bonjour IPP service */
# ifdef HAVE_SSL
_ipp_srv_t ipp_ref, /* Bonjour IPP service */
ipps_ref, /* Bonjour IPPS service */
# endif /* HAVE_SSL */
http_ref, /* Bonjour HTTP service */
printer_ref; /* Bonjour LPD service */
TXTRecordRef ipp_txt; /* Bonjour IPP TXT record */
char *dnssd_name; /* printer-dnssd-name */
#endif /* HAVE_DNSSD */
char *name, /* printer-name */
char *dnssd_name, /* printer-dnssd-name */
*name, /* printer-name */
*icon, /* Icon filename */
*directory, /* Spool directory */
*hostname, /* Hostname */
@@ -340,10 +352,7 @@ static _ipp_printer_t *create_printer(const char *servername,
const char *icon,
const char *docformats, int ppm,
int ppm_color, int duplex, int port,
int pin,
#ifdef HAVE_DNSSD
const char *subtype,
#endif /* HAVE_DNSSD */
int pin, const char *subtype,
const char *directory,
const char *command);
static void debug_attributes(const char *title, ipp_t *ipp,
@@ -359,7 +368,11 @@ static void dnssd_callback(DNSServiceRef sdRef,
const char *regtype,
const char *domain,
_ipp_printer_t *printer);
#elif defined(HAVE_AVAHI)
static void dnssd_callback(AvahiEntryGroup *p, AvahiEntryGroupState state, void *context);
static void dnssd_client_cb(AvahiClient *c, AvahiClientState state, void *userdata);
#endif /* HAVE_DNSSD */
static void dnssd_init(void);
static int filter_cb(_ipp_filter_t *filter, ipp_t *dst, ipp_attribute_t *attr);
static _ipp_job_t *find_job(_ipp_client_t *client);
static void html_escape(_ipp_client_t *client, const char *s,
@@ -386,9 +399,7 @@ static void *process_client(_ipp_client_t *client);
static int process_http(_ipp_client_t *client);
static int process_ipp(_ipp_client_t *client);
static void *process_job(_ipp_job_t *job);
#ifdef HAVE_DNSSD
static int register_printer(_ipp_printer_t *printer, const char *location, const char *make, const char *model, const char *formats, const char *adminurl, const char *uuid, int color, int duplex, const char *regtype);
#endif /* HAVE_DNSSD */
static int respond_http(_ipp_client_t *client, http_status_t code,
const char *content_coding,
const char *type, size_t length);
@@ -408,6 +419,13 @@ static int valid_job_attributes(_ipp_client_t *client);
* Globals...
*/
# ifdef HAVE_DNSSD
static DNSServiceRef DNSSDMaster = NULL;
# else /* HAVE_AVAHI */
static AvahiThreadedPoll *DNSSDMaster = NULL;
static AvahiClient *DNSSDClient = NULL;
# endif /* HAVE_DNSSD */
static int KeepFiles = 0,
Verbosity = 0;
@@ -434,9 +452,7 @@ main(int argc, /* I - Number of command-line args */
#ifdef HAVE_SSL
const char *keypath = NULL; /* Keychain path */
#endif /* HAVE_SSL */
#ifdef HAVE_DNSSD
const char *subtype = "_print"; /* Bonjour service subtype */
#endif /* HAVE_DNSSD */
int port = 0, /* Port number (0 = auto) */
duplex = 0, /* Duplex mode */
ppm = 10, /* Pages per minute for mono */
@@ -546,14 +562,12 @@ main(int argc, /* I - Number of command-line args */
port = atoi(argv[i]);
break;
#ifdef HAVE_DNSSD
case 'r' : /* -r subtype */
i ++;
if (i >= argc)
usage(1);
subtype = argv[i];
break;
#endif /* HAVE_DNSSD */
case 's' : /* -s speed[,color-speed] */
i ++;
@@ -597,8 +611,8 @@ main(int argc, /* I - Number of command-line args */
{
#ifdef WIN32
/*
* Windows is almost always used as a single user system, so use a default port
* number of 8631.
* Windows is almost always used as a single user system, so use a default
* port number of 8631.
*/
port = 8631;
@@ -633,16 +647,19 @@ main(int argc, /* I - Number of command-line args */
cupsSetServerCredentials(keypath, servername, 1);
#endif /* HAVE_SSL */
/*
* Initialize Bonjour...
*/
dnssd_init();
/*
* Create the printer...
*/
if ((printer = create_printer(servername, name, location, make, model, icon,
formats, ppm, ppm_color, duplex, port, pin,
#ifdef HAVE_DNSSD
subtype,
#endif /* HAVE_DNSSD */
directory, command)) == NULL)
subtype, directory, command)) == NULL)
return (1);
/*
@@ -1197,9 +1214,7 @@ create_printer(const char *servername, /* I - Server hostname (NULL for default)
int duplex, /* I - 1 = duplex, 0 = simplex */
int port, /* I - Port for listeners or 0 for auto */
int pin, /* I - Require PIN printing */
#ifdef HAVE_DNSSD
const char *subtype, /* I - Bonjour service subtype */
#endif /* HAVE_DNSSD */
const char *directory, /* I - Spool directory */
const char *command) /* I - Command to run on job files */
{
@@ -1435,9 +1450,7 @@ create_printer(const char *servername, /* I - Server hostname (NULL for default)
printer->ipv4 = -1;
printer->ipv6 = -1;
printer->name = strdup(name);
#ifdef HAVE_DNSSD
printer->dnssd_name = strdup(printer->name);
#endif /* HAVE_DNSSD */
printer->command = command ? strdup(command) : NULL;
printer->directory = strdup(directory);
printer->hostname = strdup(servername);
@@ -2078,14 +2091,12 @@ create_printer(const char *servername, /* I - Server hostname (NULL for default)
debug_attributes("Printer", printer->attrs, 0);
#ifdef HAVE_DNSSD
/*
* Register the printer with Bonjour...
*/
if (!register_printer(printer, location, make, model, docformats, adminurl, uuid + 9, ppm_color > 0, duplex, subtype))
goto bad_printer;
#endif /* HAVE_DNSSD */
/*
* Return it!
@@ -2227,26 +2238,29 @@ delete_printer(_ipp_printer_t *printer) /* I - Printer */
#if HAVE_DNSSD
if (printer->printer_ref)
DNSServiceRefDeallocate(printer->printer_ref);
if (printer->ipp_ref)
DNSServiceRefDeallocate(printer->ipp_ref);
# ifdef HAVE_SSL
if (printer->ipps_ref)
DNSServiceRefDeallocate(printer->ipps_ref);
# endif /* HAVE_SSL */
if (printer->http_ref)
DNSServiceRefDeallocate(printer->http_ref);
#elif defined(HAVE_AVAHI)
avahi_threaded_poll_lock(DNSSDMaster);
if (printer->common_ref)
DNSServiceRefDeallocate(printer->common_ref);
if (printer->printer_ref)
avahi_entry_group_free(printer->printer_ref);
if (printer->ipp_ref)
avahi_entry_group_free(printer->ipp_ref);
if (printer->ipps_ref)
avahi_entry_group_free(printer->ipps_ref);
if (printer->http_ref)
avahi_entry_group_free(printer->http_ref);
TXTRecordDeallocate(&(printer->ipp_txt));
avahi_threaded_poll_unlock(DNSSDMaster);
#endif /* HAVE_DNSSD */
if (printer->dnssd_name)
free(printer->dnssd_name);
#endif /* HAVE_DNSSD */
if (printer->name)
free(printer->name);
if (printer->icon)
@@ -2302,9 +2316,94 @@ dnssd_callback(
printer->dnssd_name = strdup(name);
}
}
#elif defined(HAVE_AVAHI)
/*
* 'dnssd_callback()' - Handle Bonjour registration events.
*/
static void
dnssd_callback(
AvahiEntryGroup *srv, /* I - Service */
AvahiEntryGroupState state, /* I - Registration state */
void *context) /* I - Printer */
{
(void)srv;
(void)state;
(void)context;
}
/*
* 'dnssd_client_cb()' - Client callback for Avahi.
*
* Called whenever the client or server state changes...
*/
static void
dnssd_client_cb(
AvahiClient *c, /* I - Client */
AvahiClientState state, /* I - Current state */
void *userdata) /* I - User data (unused) */
{
(void)userdata;
if (!c)
return;
switch (state)
{
default :
fprintf(stderr, "Ignore Avahi state %d.\n", state);
break;
case AVAHI_CLIENT_FAILURE:
if (avahi_client_errno(c) == AVAHI_ERR_DISCONNECTED)
{
fputs("Avahi server crashed, exiting.\n", stderr);
exit(1);
}
break;
}
}
#endif /* HAVE_DNSSD */
/*
* 'dnssd_init()' - Initialize the DNS-SD service connections...
*/
static void
dnssd_init(void)
{
#ifdef HAVE_DNSSD
if (DNSServiceCreateConnection(&DNSSDMaster) != kDNSServiceErr_NoError)
{
fputs("Error: Unable to initialize Bonjour.\n", stderr);
exit(1);
}
#elif defined(HAVE_AVAHI)
int error; /* Error code, if any */
if ((DNSSDMaster = avahi_threaded_poll_new()) == NULL)
{
fputs("Error: Unable to initialize Bonjour.\n", stderr);
exit(1);
}
if ((DNSSDClient = avahi_client_new(avahi_threaded_poll_get(DNSSDMaster), AVAHI_CLIENT_NO_FAIL, dnssd_client_cb, NULL, &error)) == NULL)
{
fputs("Error: Unable to initialize Bonjour.\n", stderr);
exit(1);
}
avahi_threaded_poll_start(DNSSDMaster);
#endif /* HAVE_DNSSD */
}
/*
* 'filter_cb()' - Filter printer attributes based on the requested array.
*/
@@ -2318,7 +2417,9 @@ filter_cb(_ipp_filter_t *filter, /* I - Filter parameters */
* Filter attributes as needed...
*/
// (void)dst;
#ifndef WIN32 /* Avoid MS compiler bug */
(void)dst;
#endif /* !WIN32 */
ipp_tag_t group = ippGetGroupTag(attr);
const char *name = ippGetName(attr);
@@ -5426,7 +5527,6 @@ process_job(_ipp_job_t *job) /* I - Job */
}
#ifdef HAVE_DNSSD
/*
* 'register_printer()' - Register a printer object via Bonjour.
*/
@@ -5444,6 +5544,8 @@ register_printer(
int duplex, /* I - 1 = duplex, 0 = simplex */
const char *subtype) /* I - Service subtype */
{
_ipp_txt_t ipp_txt; /* Bonjour IPP TXT record */
#ifdef HAVE_DNSSD
DNSServiceErrorType error; /* Error from Bonjour */
char make_model[256],/* Make and model together */
product[256], /* Product string */
@@ -5457,47 +5559,36 @@ register_printer(
snprintf(make_model, sizeof(make_model), "%s %s", make, model);
snprintf(product, sizeof(product), "(%s)", model);
TXTRecordCreate(&(printer->ipp_txt), 1024, NULL);
TXTRecordSetValue(&(printer->ipp_txt), "rp", 9, "ipp/print");
TXTRecordSetValue(&(printer->ipp_txt), "ty", (uint8_t)strlen(make_model),
TXTRecordCreate(&ipp_txt, 1024, NULL);
TXTRecordSetValue(&ipp_txt, "rp", 9, "ipp/print");
TXTRecordSetValue(&ipp_txt, "ty", (uint8_t)strlen(make_model),
make_model);
TXTRecordSetValue(&(printer->ipp_txt), "adminurl", (uint8_t)strlen(adminurl),
TXTRecordSetValue(&ipp_txt, "adminurl", (uint8_t)strlen(adminurl),
adminurl);
if (*location)
TXTRecordSetValue(&(printer->ipp_txt), "note", (uint8_t)strlen(location),
TXTRecordSetValue(&ipp_txt, "note", (uint8_t)strlen(location),
location);
TXTRecordSetValue(&(printer->ipp_txt), "product", (uint8_t)strlen(product),
TXTRecordSetValue(&ipp_txt, "product", (uint8_t)strlen(product),
product);
TXTRecordSetValue(&(printer->ipp_txt), "pdl", (uint8_t)strlen(formats),
TXTRecordSetValue(&ipp_txt, "pdl", (uint8_t)strlen(formats),
formats);
TXTRecordSetValue(&(printer->ipp_txt), "Color", 1, color ? "T" : "F");
TXTRecordSetValue(&(printer->ipp_txt), "Duplex", 1, duplex ? "T" : "F");
TXTRecordSetValue(&(printer->ipp_txt), "usb_MFG", (uint8_t)strlen(make),
TXTRecordSetValue(&ipp_txt, "Color", 1, color ? "T" : "F");
TXTRecordSetValue(&ipp_txt, "Duplex", 1, duplex ? "T" : "F");
TXTRecordSetValue(&ipp_txt, "usb_MFG", (uint8_t)strlen(make),
make);
TXTRecordSetValue(&(printer->ipp_txt), "usb_MDL", (uint8_t)strlen(model),
TXTRecordSetValue(&ipp_txt, "usb_MDL", (uint8_t)strlen(model),
model);
TXTRecordSetValue(&(printer->ipp_txt), "UUID", (uint8_t)strlen(uuid), uuid);
TXTRecordSetValue(&ipp_txt, "UUID", (uint8_t)strlen(uuid), uuid);
# ifdef HAVE_SSL
TXTRecordSetValue(&(printer->ipp_txt), "TLS", 3, "1.2");
TXTRecordSetValue(&ipp_txt, "TLS", 3, "1.2");
# endif /* HAVE_SSL */
/*
* Create a shared service reference for Bonjour...
*/
if ((error = DNSServiceCreateConnection(&(printer->common_ref)))
!= kDNSServiceErr_NoError)
{
fprintf(stderr, "Unable to create mDNSResponder connection: %d\n", error);
return (0);
}
/*
* Register the _printer._tcp (LPD) service type with a port number of 0 to
* defend our service name but not actually support LPD...
*/
printer->printer_ref = printer->common_ref;
printer->printer_ref = DNSSDMaster;
if ((error = DNSServiceRegister(&(printer->printer_ref),
kDNSServiceFlagsShareConnection,
@@ -5518,7 +5609,7 @@ register_printer(
* advertise our IPP printer...
*/
printer->ipp_ref = printer->common_ref;
printer->ipp_ref = DNSSDMaster;
if (subtype && *subtype)
snprintf(regtype, sizeof(regtype), "_ipp._tcp,%s", subtype);
@@ -5530,8 +5621,8 @@ register_printer(
0 /* interfaceIndex */, printer->dnssd_name,
regtype, NULL /* domain */,
NULL /* host */, htons(printer->port),
TXTRecordGetLength(&(printer->ipp_txt)),
TXTRecordGetBytesPtr(&(printer->ipp_txt)),
TXTRecordGetLength(&ipp_txt),
TXTRecordGetBytesPtr(&ipp_txt),
(DNSServiceRegisterReply)dnssd_callback,
printer)) != kDNSServiceErr_NoError)
{
@@ -5543,10 +5634,10 @@ register_printer(
# ifdef HAVE_SSL
/*
* Then register the _ipps._tcp (IPP) service type with the real port number to
* advertise our IPP printer...
* advertise our IPPS printer...
*/
printer->ipps_ref = printer->common_ref;
printer->ipps_ref = DNSSDMaster;
if (subtype && *subtype)
snprintf(regtype, sizeof(regtype), "_ipps._tcp,%s", subtype);
@@ -5558,8 +5649,8 @@ register_printer(
0 /* interfaceIndex */, printer->dnssd_name,
regtype, NULL /* domain */,
NULL /* host */, htons(printer->port),
TXTRecordGetLength(&(printer->ipp_txt)),
TXTRecordGetBytesPtr(&(printer->ipp_txt)),
TXTRecordGetLength(&ipp_txt),
TXTRecordGetBytesPtr(&ipp_txt),
(DNSServiceRegisterReply)dnssd_callback,
printer)) != kDNSServiceErr_NoError)
{
@@ -5574,7 +5665,7 @@ register_printer(
* real port number to advertise our IPP printer...
*/
printer->http_ref = printer->common_ref;
printer->http_ref = DNSSDMaster;
if ((error = DNSServiceRegister(&(printer->http_ref),
kDNSServiceFlagsShareConnection,
@@ -5590,9 +5681,85 @@ register_printer(
return (0);
}
TXTRecordDeallocate(&ipp_txt);
#elif defined(HAVE_AVAHI)
char temp[256]; /* Subtype service string */
/*
* Create the TXT record...
*/
ipp_txt = NULL;
ipp_txt = avahi_string_list_add_printf(ipp_txt, "rp=ipp/print");
ipp_txt = avahi_string_list_add_printf(ipp_txt, "ty=%s %s", make, model);
ipp_txt = avahi_string_list_add_printf(ipp_txt, "adminurl=%s", adminurl);
if (*location)
ipp_txt = avahi_string_list_add_printf(ipp_txt, "note=%s", location);
ipp_txt = avahi_string_list_add_printf(ipp_txt, "product=(%s)", model);
ipp_txt = avahi_string_list_add_printf(ipp_txt, "pdl=%s", formats);
ipp_txt = avahi_string_list_add_printf(ipp_txt, "Color=%s", color ? "T" : "F");
ipp_txt = avahi_string_list_add_printf(ipp_txt, "Duplex=%s", duplex ? "T" : "F");
ipp_txt = avahi_string_list_add_printf(ipp_txt, "usb_MFG=%s", make);
ipp_txt = avahi_string_list_add_printf(ipp_txt, "usb_MDL=%s", model);
ipp_txt = avahi_string_list_add_printf(ipp_txt, "UUID=%s", uuid);
# ifdef HAVE_SSL
ipp_txt = avahi_string_list_add_printf(ipp_txt, "TLS=1.2");
# endif /* HAVE_SSL */
/*
* Register _printer._tcp (LPD) with port 0 to reserve the service name...
*/
avahi_threaded_poll_lock(DNSSDMaster);
printer->ipp_ref = avahi_entry_group_new(DNSSDClient, dnssd_callback, NULL);
avahi_entry_group_add_service_strlst(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_printer._tcp", NULL, NULL, 0, NULL);
/*
* Then register the _ipp._tcp (IPP)...
*/
avahi_entry_group_add_service_strlst(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_ipp._tcp", NULL, NULL, printer->port, ipp_txt);
if (subtype && *subtype)
{
snprintf(temp, sizeof(temp), "%s._sub._ipp._tcp", subtype);
avahi_entry_group_add_service_subtype(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_ipp._tcp", NULL, temp);
}
#ifdef HAVE_SSL
/*
* _ipps._tcp (IPPS) for secure printing...
*/
avahi_entry_group_add_service_strlst(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_ipps._tcp", NULL, NULL, printer->port, ipp_txt);
if (subtype && *subtype)
{
snprintf(temp, sizeof(temp), "%s._sub._ipps._tcp", subtype);
avahi_entry_group_add_service_subtype(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_ipps._tcp", NULL, temp);
}
#endif /* HAVE_SSL */
/*
* Finally _http.tcp (HTTP) for the web interface...
*/
avahi_entry_group_add_service_strlst(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_http._tcp", NULL, NULL, printer->port, NULL);
avahi_entry_group_add_service_subtype(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_http._tcp", NULL, "_printer._sub._http._tcp");
/*
* Commit it...
*/
avahi_entry_group_commit(printer->ipp_ref);
avahi_threaded_poll_unlock(DNSSDMaster);
avahi_string_list_free(ipp_txt);
#endif /* HAVE_DNSSD */
return (1);
}
#endif /* HAVE_DNSSD */
/*
@@ -5786,7 +5953,7 @@ run_printer(_ipp_printer_t *printer) /* I - Printer */
num_fds = 2;
#ifdef HAVE_DNSSD
polldata[num_fds ].fd = DNSServiceRefSockFD(printer->common_ref);
polldata[num_fds ].fd = DNSServiceRefSockFD(DNSSDMaster);
polldata[num_fds ++].events = POLLIN;
#endif /* HAVE_DNSSD */
@@ -5833,7 +6000,7 @@ run_printer(_ipp_printer_t *printer) /* I - Printer */
#ifdef HAVE_DNSSD
if (polldata[2].revents & POLLIN)
DNSServiceProcessResult(printer->common_ref);
DNSServiceProcessResult(DNSSDMaster);
#endif /* HAVE_DNSSD */
/*
@@ -5871,7 +6038,7 @@ usage(int status) /* O - Exit status */
{
if (!status)
{
puts(CUPS_SVERSION " - Copyright 2010-2013 by Apple Inc. All rights "
puts(CUPS_SVERSION " - Copyright 2010-2014 by Apple Inc. All rights "
"reserved.");
puts("");
}
@@ -5894,9 +6061,7 @@ usage(int status) /* O - Exit status */
puts("-m model Model name (default=Printer)");
puts("-n hostname Hostname for printer");
puts("-p port Port number (default=auto)");
#ifdef HAVE_DNSSD
puts("-r subtype Bonjour service subtype (default=_print)");
#endif /* HAVE_DNSSD */
puts("-s speed[,color-speed] Speed in pages per minute (default=10,0)");
puts("-v[vvv] Be (very) verbose");
@@ -6303,5 +6468,5 @@ valid_job_attributes(
/*
* End of "$Id: ippserver.c 12136 2014-08-29 15:19:40Z msweet $".
* End of "$Id: ippserver.c 12215 2014-10-20 18:24:56Z msweet $".
*/
+3 -3
Ver Arquivo
@@ -1,6 +1,6 @@
#!/bin/sh
#
# "$Id: run-stp-tests.sh 12151 2014-09-04 00:57:41Z msweet $"
# "$Id: run-stp-tests.sh 12248 2014-11-12 16:32:57Z msweet $"
#
# Perform the complete set of IPP compliance tests specified in the
# CUPS Software Test Plan.
@@ -875,7 +875,7 @@ fi
# Requests logged
count=`wc -l $BASE/log/access_log | awk '{print $1}'`
expected=`expr 37 + 18 + 28 + $pjobs \* 8 + $pprinters \* $pjobs \* 4`
expected=`expr 37 + 18 + 29 + $pjobs \* 8 + $pprinters \* $pjobs \* 4`
if test $count != $expected; then
echo "FAIL: $count requests logged, expected $expected."
echo "<P>FAIL: $count requests logged, expected $expected.</P>" >>$strfile
@@ -1066,5 +1066,5 @@ if test $fail != 0; then
fi
#
# End of "$Id: run-stp-tests.sh 12151 2014-09-04 00:57:41Z msweet $"
# End of "$Id: run-stp-tests.sh 12248 2014-11-12 16:32:57Z msweet $"
#
+4 -4
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: config.h 12136 2014-08-29 15:19:40Z msweet $"
* "$Id: config.h 12254 2014-11-14 17:24:18Z msweet $"
*
* Configuration file for CUPS on Windows.
*
@@ -96,8 +96,8 @@ typedef unsigned long useconds_t;
* Version of software...
*/
#define CUPS_SVERSION "CUPS v2.0.0"
#define CUPS_MINIMAL "CUPS/2.0.0"
#define CUPS_SVERSION "CUPS v2.0.1"
#define CUPS_MINIMAL "CUPS/2.0.1"
/*
@@ -792,5 +792,5 @@ static __inline int _cups_abs(int i) { return (i < 0 ? -i : i); }
#endif /* !_CUPS_CONFIG_H_ */
/*
* End of "$Id: config.h 12136 2014-08-29 15:19:40Z msweet $".
* End of "$Id: config.h 12254 2014-11-14 17:24:18Z msweet $".
*/
+4 -4
Ver Arquivo
@@ -1,5 +1,5 @@
/*
* "$Id: config.h 12140 2014-08-30 01:51:22Z msweet $"
* "$Id: config.h 12254 2014-11-14 17:24:18Z msweet $"
*
* Configuration file for CUPS and Xcode.
*
@@ -20,8 +20,8 @@
* Version of software...
*/
#define CUPS_SVERSION "CUPS v2.0.0"
#define CUPS_MINIMAL "CUPS/2.0.0"
#define CUPS_SVERSION "CUPS v2.0.1"
#define CUPS_MINIMAL "CUPS/2.0.1"
/*
@@ -699,5 +699,5 @@ static __inline int _cups_abs(int i) { return (i < 0 ? -i : i); }
#endif /* !_CUPS_CONFIG_H_ */
/*
* End of "$Id: config.h 12140 2014-08-30 01:51:22Z msweet $".
* End of "$Id: config.h 12254 2014-11-14 17:24:18Z msweet $".
*/