Comparar commits
1 Commits
| Autor | SHA1 | Data | |
|---|---|---|---|
| 86243a7551 |
+29
-1
@@ -1,6 +1,34 @@
|
||||
CHANGES.txt - 2.0.0 - 2014-10-01
|
||||
CHANGES.txt - 2.0.1 - 2014-11-14
|
||||
--------------------------------
|
||||
|
||||
CHANGES IN CUPS V2.0.1
|
||||
|
||||
- Security: SSLv3 is now disabled by default to protect against the
|
||||
POODLE attack (STR #4476)
|
||||
- Printer sharing did not work when systemd was being used (STR #4497)
|
||||
- cupsGetPPD* would return a symlink to the PPD in /etc/cups/ppd even if
|
||||
it was not readable by the user (STR #4500)
|
||||
- The web interface now protects against frame "click-jacking" attacks
|
||||
(STR #4492)
|
||||
- Fixed a crash in ippAttributeString (<rdar://problem/17903871>)
|
||||
- Fixed a crash in the scheduler on Linux/*BSD if colord was not running
|
||||
(STR #4496)
|
||||
- Fixed a random crash in the scheduler when not using systemd
|
||||
(STR #4484)
|
||||
- Added systemd support for cups-lpd (STR #4493)
|
||||
- The scheduler did not honor the FatalErrors directive for mis-
|
||||
configured Group and SystemGroup values (STR #4495)
|
||||
- The network backends no longer report waste-receptacle conditions when
|
||||
using SNMP (STR #4499)
|
||||
- The IPP backend did not work with some configurations of Windows
|
||||
(STR #4503)
|
||||
- RPMs did not build (STR #4490)
|
||||
- Added a USB quirk rule for the Brother HL-1250 (STR #4519)
|
||||
- Fixed compiles on unsupported platforms (STR #4510)
|
||||
- "cancel -a" did not cancel all jobs on all destinations (STR #4513)
|
||||
- The web interface did not work on OpenBSD (STR #4496)
|
||||
|
||||
|
||||
CHANGES IN CUPS V2.0.0
|
||||
|
||||
- The scheduler did not preserve listener sockets from launchd or
|
||||
|
||||
+1
-1
@@ -1,4 +1,4 @@
|
||||
INSTALL - CUPS v2.0.0 - 2014-10-01
|
||||
INSTALL - CUPS v2.0.1 - 2014-11-14
|
||||
----------------------------------
|
||||
|
||||
This file describes how to compile and install CUPS from source code. For more
|
||||
|
||||
+1
-1
@@ -1,4 +1,4 @@
|
||||
README - CUPS v2.0.0 - 2014-10-01
|
||||
README - CUPS v2.0.1 - 2014-11-14
|
||||
---------------------------------
|
||||
|
||||
Looking for compile instructions? Read the file "INSTALL.txt" instead...
|
||||
|
||||
@@ -84,6 +84,9 @@
|
||||
# Canon, Inc. MF4150 Printer, https://bugs.launchpad.net/bugs/1160638
|
||||
0x04a9 0x26a3 no-reattach
|
||||
|
||||
# Brother Industries, Ltd HL-1250 Laser Printer, https://bugs.debian.org/712512
|
||||
0x04f9 0x0007 no-reattach
|
||||
|
||||
# Brother Industries, Ltd HL-1430 Laser Printer, https://bugs.launchpad.net/bugs/1038695
|
||||
0x04f9 0x001a no-reattach
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: snmp-supplies.c 11558 2014-02-06 18:33:34Z msweet $"
|
||||
* "$Id: snmp-supplies.c 12228 2014-10-21 13:42:05Z msweet $"
|
||||
*
|
||||
* SNMP supplies functions for CUPS.
|
||||
*
|
||||
@@ -297,6 +297,7 @@ backendSNMPSupplies(
|
||||
else
|
||||
new_supply_state |= CUPS_OPC_NEAR_EOL;
|
||||
break;
|
||||
#if 0 /* Because no two vendors report waste containers the same, disable SNMP reporting of same */
|
||||
case CUPS_TC_wasteInk :
|
||||
case CUPS_TC_wastePaper :
|
||||
case CUPS_TC_wasteToner :
|
||||
@@ -307,6 +308,7 @@ backendSNMPSupplies(
|
||||
else
|
||||
new_supply_state |= CUPS_WASTE_ALMOST_FULL;
|
||||
break;
|
||||
#endif /* 0 */
|
||||
case CUPS_TC_cleanerUnit :
|
||||
case CUPS_TC_fuserCleaningPad :
|
||||
if (percent <= 1)
|
||||
@@ -1096,5 +1098,5 @@ utf16_to_utf8(
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: snmp-supplies.c 11558 2014-02-06 18:33:34Z msweet $".
|
||||
* End of "$Id: snmp-supplies.c 12228 2014-10-21 13:42:05Z msweet $".
|
||||
*/
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
#Group @CUPS_GROUP@
|
||||
|
||||
# Administrator user group, used to match @SYSTEM in cupsd.conf policy rules...
|
||||
# This cannot contain the Group value for security reasons...
|
||||
SystemGroup @CUPS_SYSTEM_GROUPS@
|
||||
@CUPS_SYSTEM_AUTHKEY@
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
dnl
|
||||
dnl "$Id: cups-common.m4 12180 2014-10-01 12:08:02Z msweet $"
|
||||
dnl "$Id: cups-common.m4 12195 2014-10-02 18:45:59Z msweet $"
|
||||
dnl
|
||||
dnl Common configuration stuff for CUPS.
|
||||
dnl
|
||||
@@ -20,7 +20,7 @@ dnl Set the name of the config header file...
|
||||
AC_CONFIG_HEADER(config.h)
|
||||
|
||||
dnl Version number information...
|
||||
CUPS_VERSION=2.0.0
|
||||
CUPS_VERSION=2.0.1
|
||||
CUPS_REVISION=
|
||||
#if test -z "$CUPS_REVISION" -a -d .svn; then
|
||||
# CUPS_REVISION="-r`svnversion . | awk -F: '{print $NF}' | sed -e '1,$s/[[a-zA-Z]]*//g'`"
|
||||
@@ -462,5 +462,5 @@ esac
|
||||
AC_SUBST(BUILDDIRS)
|
||||
|
||||
dnl
|
||||
dnl End of "$Id: cups-common.m4 12180 2014-10-01 12:08:02Z msweet $".
|
||||
dnl End of "$Id: cups-common.m4 12195 2014-10-02 18:45:59Z msweet $".
|
||||
dnl
|
||||
|
||||
externo
+3
-2
@@ -2520,7 +2520,7 @@ esac
|
||||
ac_config_headers="$ac_config_headers config.h"
|
||||
|
||||
|
||||
CUPS_VERSION=2.0.0
|
||||
CUPS_VERSION=2.0.1
|
||||
CUPS_REVISION=
|
||||
#if test -z "$CUPS_REVISION" -a -d .svn; then
|
||||
# CUPS_REVISION="-r`svnversion . | awk -F: '{print $NF}' | sed -e '1,$s/[[a-zA-Z]]*//g'`"
|
||||
@@ -10101,7 +10101,7 @@ fi
|
||||
|
||||
|
||||
|
||||
ac_config_files="$ac_config_files Makedefs conf/cups-files.conf conf/cupsd.conf conf/mime.convs conf/pam.std conf/snmp.conf cups-config data/testprint desktop/cups.desktop doc/index.html man/client.conf.man man/cups-files.conf.man man/cups-lpd.man man/cups-snmp.man man/cupsaddsmb.man man/cupsd.conf.man man/cupsd.man man/lpoptions.man scheduler/cups-lpd.xinetd scheduler/cups.sh scheduler/cups.xml scheduler/org.cups.cups-lpd.plist scheduler/org.cups.cupsd.path scheduler/org.cups.cupsd.service scheduler/org.cups.cupsd.socket templates/header.tmpl packaging/cups.list $LANGFILES"
|
||||
ac_config_files="$ac_config_files Makedefs conf/cups-files.conf conf/cupsd.conf conf/mime.convs conf/pam.std conf/snmp.conf cups-config data/testprint desktop/cups.desktop doc/index.html man/client.conf.man man/cups-files.conf.man man/cups-lpd.man man/cups-snmp.man man/cupsaddsmb.man man/cupsd.conf.man man/cupsd.man man/lpoptions.man scheduler/cups-lpd.xinetd scheduler/cups.sh scheduler/cups.xml scheduler/org.cups.cups-lpd.plist scheduler/org.cups.cups-lpdAT.service scheduler/org.cups.cupsd.path scheduler/org.cups.cupsd.service scheduler/org.cups.cupsd.socket templates/header.tmpl packaging/cups.list $LANGFILES"
|
||||
|
||||
cat >confcache <<\_ACEOF
|
||||
# This file is a shell script that caches the results of configure
|
||||
@@ -10828,6 +10828,7 @@ do
|
||||
"scheduler/cups.sh") CONFIG_FILES="$CONFIG_FILES scheduler/cups.sh" ;;
|
||||
"scheduler/cups.xml") CONFIG_FILES="$CONFIG_FILES scheduler/cups.xml" ;;
|
||||
"scheduler/org.cups.cups-lpd.plist") CONFIG_FILES="$CONFIG_FILES scheduler/org.cups.cups-lpd.plist" ;;
|
||||
"scheduler/org.cups.cups-lpdAT.service") CONFIG_FILES="$CONFIG_FILES scheduler/org.cups.cups-lpdAT.service" ;;
|
||||
"scheduler/org.cups.cupsd.path") CONFIG_FILES="$CONFIG_FILES scheduler/org.cups.cupsd.path" ;;
|
||||
"scheduler/org.cups.cupsd.service") CONFIG_FILES="$CONFIG_FILES scheduler/org.cups.cupsd.service" ;;
|
||||
"scheduler/org.cups.cupsd.socket") CONFIG_FILES="$CONFIG_FILES scheduler/org.cups.cupsd.socket" ;;
|
||||
|
||||
+3
-2
@@ -1,5 +1,5 @@
|
||||
dnl
|
||||
dnl "$Id: configure.ac 11823 2014-04-21 12:22:03Z msweet $"
|
||||
dnl "$Id: configure.ac 12222 2014-10-21 11:55:01Z msweet $"
|
||||
dnl
|
||||
dnl Configuration script for CUPS.
|
||||
dnl
|
||||
@@ -81,6 +81,7 @@ AC_OUTPUT(Makedefs
|
||||
scheduler/cups.sh
|
||||
scheduler/cups.xml
|
||||
scheduler/org.cups.cups-lpd.plist
|
||||
scheduler/org.cups.cups-lpdAT.service
|
||||
scheduler/org.cups.cupsd.path
|
||||
scheduler/org.cups.cupsd.service
|
||||
scheduler/org.cups.cupsd.socket
|
||||
@@ -91,5 +92,5 @@ AC_OUTPUT(Makedefs
|
||||
chmod +x cups-config
|
||||
|
||||
dnl
|
||||
dnl End of "$Id: configure.ac 11823 2014-04-21 12:22:03Z msweet $".
|
||||
dnl End of "$Id: configure.ac 12222 2014-10-21 11:55:01Z msweet $".
|
||||
dnl
|
||||
|
||||
+4
-4
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: auth.c 11776 2014-03-28 19:16:05Z msweet $"
|
||||
* "$Id: auth.c 12230 2014-10-21 13:55:24Z msweet $"
|
||||
*
|
||||
* Authentication functions for CUPS.
|
||||
*
|
||||
@@ -761,7 +761,7 @@ cups_local_auth(http_t *http) /* I - HTTP connection to server */
|
||||
|
||||
if (
|
||||
# ifdef HAVE_GSSAPI
|
||||
strncmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Negotiate", 9) &&
|
||||
_cups_strncasecmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Negotiate", 9) &&
|
||||
# endif /* HAVE_GSSAPI */
|
||||
# ifdef HAVE_AUTHORIZATION_H
|
||||
!httpGetSubField2(http, HTTP_FIELD_WWW_AUTHENTICATE, "authkey",
|
||||
@@ -808,7 +808,7 @@ cups_local_auth(http_t *http) /* I - HTTP connection to server */
|
||||
filename, strerror(errno)));
|
||||
|
||||
# ifdef HAVE_GSSAPI
|
||||
if (!strncmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Negotiate", 9))
|
||||
if (!_cups_strncasecmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Negotiate", 9))
|
||||
{
|
||||
/*
|
||||
* Kerberos required, don't try the root certificate...
|
||||
@@ -876,5 +876,5 @@ cups_local_auth(http_t *http) /* I - HTTP connection to server */
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: auth.c 11776 2014-03-28 19:16:05Z msweet $".
|
||||
* End of "$Id: auth.c 12230 2014-10-21 13:55:24Z msweet $".
|
||||
*/
|
||||
|
||||
+4
-4
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: cups.h 12094 2014-08-19 12:15:11Z msweet $"
|
||||
* "$Id: cups.h 12195 2014-10-02 18:45:59Z msweet $"
|
||||
*
|
||||
* API definitions for CUPS.
|
||||
*
|
||||
@@ -49,10 +49,10 @@ extern "C" {
|
||||
* Constants...
|
||||
*/
|
||||
|
||||
# define CUPS_VERSION 2.0000
|
||||
# define CUPS_VERSION 2.0001
|
||||
# define CUPS_VERSION_MAJOR 2
|
||||
# define CUPS_VERSION_MINOR 0
|
||||
# define CUPS_VERSION_PATCH 0
|
||||
# define CUPS_VERSION_PATCH 1
|
||||
|
||||
# define CUPS_BC_FD 3
|
||||
/* Back-channel file descriptor for
|
||||
@@ -628,5 +628,5 @@ extern int cupsSetServerCredentials(const char *path, const char *common_name,
|
||||
#endif /* !_CUPS_CUPS_H_ */
|
||||
|
||||
/*
|
||||
* End of "$Id: cups.h 12094 2014-08-19 12:15:11Z msweet $".
|
||||
* End of "$Id: cups.h 12195 2014-10-02 18:45:59Z msweet $".
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: http-private.h 12126 2014-08-28 16:02:00Z msweet $"
|
||||
* "$Id: http-private.h 12243 2014-11-12 12:12:59Z msweet $"
|
||||
*
|
||||
* Private HTTP definitions for CUPS.
|
||||
*
|
||||
@@ -161,6 +161,9 @@ extern "C" {
|
||||
#define _HTTP_RESOLVE_FQDN 2 /* Resolve to a FQDN */
|
||||
#define _HTTP_RESOLVE_FAXOUT 4 /* Resolve FaxOut service? */
|
||||
|
||||
#define _HTTP_TLS_ALLOW_RC4 1 /* Allow RC4 cipher suites */
|
||||
#define _HTTP_TLS_ALLOW_SSL3 2 /* Allow SSL 3.0 */
|
||||
|
||||
|
||||
/*
|
||||
* Types and functions for SSL support...
|
||||
@@ -420,6 +423,7 @@ extern void _httpTLSInitialize(void);
|
||||
extern size_t _httpTLSPending(http_t *http);
|
||||
extern int _httpTLSRead(http_t *http, char *buf, int len);
|
||||
extern int _httpTLSSetCredentials(http_t *http);
|
||||
extern void _httpTLSSetOptions(int options);
|
||||
extern int _httpTLSStart(http_t *http);
|
||||
extern void _httpTLSStop(http_t *http);
|
||||
extern int _httpTLSWrite(http_t *http, const char *buf, int len);
|
||||
@@ -438,5 +442,5 @@ extern int _httpWait(http_t *http, int msec, int usessl);
|
||||
#endif /* !_CUPS_HTTP_PRIVATE_H_ */
|
||||
|
||||
/*
|
||||
* End of "$Id: http-private.h 12126 2014-08-28 16:02:00Z msweet $".
|
||||
* End of "$Id: http-private.h 12243 2014-11-12 12:12:59Z msweet $".
|
||||
*/
|
||||
|
||||
+26
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: http.c 12125 2014-08-28 15:49:29Z msweet $"
|
||||
* "$Id: http.c 12230 2014-10-21 13:55:24Z msweet $"
|
||||
*
|
||||
* HTTP routines for CUPS.
|
||||
*
|
||||
@@ -2702,6 +2702,19 @@ httpSetField(http_t *http, /* I - HTTP connection */
|
||||
http->server = _cupsStrAlloc(value);
|
||||
break;
|
||||
|
||||
case HTTP_FIELD_WWW_AUTHENTICATE :
|
||||
/* CUPS STR #4503 - don't override WWW-Authenticate for unknown auth schemes */
|
||||
if (http->fields[HTTP_FIELD_WWW_AUTHENTICATE][0] &&
|
||||
_cups_strncasecmp(value, "Basic ", 6) &&
|
||||
_cups_strncasecmp(value, "Digest ", 7) &&
|
||||
_cups_strncasecmp(value, "Negotiate ", 10))
|
||||
{
|
||||
DEBUG_printf(("1httpSetField: Ignoring unknown auth scheme in \"%s\".", value));
|
||||
return;
|
||||
}
|
||||
|
||||
/* Fall through to copy */
|
||||
|
||||
default :
|
||||
strlcpy(http->fields[field], value, HTTP_MAX_VALUE);
|
||||
break;
|
||||
@@ -3611,6 +3624,17 @@ httpWriteResponse(http_t *http, /* I - HTTP connection */
|
||||
return (-1);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* "Click-jacking" defense (STR #4492)...
|
||||
*/
|
||||
|
||||
if (httpPrintf(http, "X-Frame-Options: DENY\r\n"
|
||||
"Content-Security-Policy: frame-ancestors 'none'\r\n") < 1)
|
||||
{
|
||||
http->status = HTTP_STATUS_ERROR;
|
||||
return (-1);
|
||||
}
|
||||
}
|
||||
|
||||
if (httpWrite2(http, "\r\n", 2) < 2)
|
||||
@@ -4826,5 +4850,5 @@ http_write_chunk(http_t *http, /* I - HTTP connection */
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: http.c 12125 2014-08-28 15:49:29Z msweet $".
|
||||
* End of "$Id: http.c 12230 2014-10-21 13:55:24Z msweet $".
|
||||
*/
|
||||
|
||||
+10
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: ipp-support.c 12095 2014-08-19 16:16:06Z msweet $"
|
||||
* "$Id: ipp-support.c 12194 2014-10-02 18:44:36Z msweet $"
|
||||
*
|
||||
* Internet Printing Protocol support functions for CUPS.
|
||||
*
|
||||
@@ -2223,6 +2223,14 @@ ipp_col_string(ipp_t *col, /* I - Collection attribute */
|
||||
ipp_attribute_t *attr; /* Current member attribute */
|
||||
|
||||
|
||||
if (!col)
|
||||
{
|
||||
if (buffer)
|
||||
*buffer = '\0';
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
||||
bufptr = buffer;
|
||||
bufend = buffer + bufsize - 1;
|
||||
|
||||
@@ -2263,5 +2271,5 @@ ipp_col_string(ipp_t *col, /* I - Collection attribute */
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: ipp-support.c 12095 2014-08-19 16:16:06Z msweet $".
|
||||
* End of "$Id: ipp-support.c 12194 2014-10-02 18:44:36Z msweet $".
|
||||
*/
|
||||
|
||||
+123
-4
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: tls-darwin.c 12159 2014-09-23 14:56:14Z msweet $"
|
||||
* "$Id: tls-darwin.c 12215 2014-10-20 18:24:56Z msweet $"
|
||||
*
|
||||
* TLS support code for CUPS on OS X.
|
||||
*
|
||||
@@ -26,6 +26,14 @@
|
||||
extern char **environ;
|
||||
|
||||
|
||||
/*
|
||||
* Test define - set to 1 to use SSLSetEnabledCiphers. Currently disabled (0)
|
||||
* because of <rdar://problem/18707430>.
|
||||
*/
|
||||
|
||||
#define USE_SET_ENABLED_CIPHERS 0
|
||||
|
||||
|
||||
/*
|
||||
* Local globals...
|
||||
*/
|
||||
@@ -41,6 +49,7 @@ static char *tls_keypath = NULL;
|
||||
/* Server cert keychain path */
|
||||
static _cups_mutex_t tls_mutex = _CUPS_MUTEX_INITIALIZER;
|
||||
/* Mutex for keychain/certs */
|
||||
static int tls_options = 0;/* Options for TLS connections */
|
||||
#endif /* HAVE_SECKEYCHAINOPEN */
|
||||
|
||||
|
||||
@@ -972,6 +981,17 @@ _httpTLSRead(http_t *http, /* I - HTTP connection */
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* '_httpTLSSetOptions()' - Set TLS protocol and cipher suite options.
|
||||
*/
|
||||
|
||||
void
|
||||
_httpTLSSetOptions(int options) /* I - Options */
|
||||
{
|
||||
tls_options = options;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* '_httpTLSStart()' - Set up SSL/TLS support on a connection.
|
||||
*/
|
||||
@@ -1033,10 +1053,109 @@ _httpTLSStart(http_t *http) /* I - HTTP connection */
|
||||
{
|
||||
error = SSLSetSessionOption(http->tls, kSSLSessionOptionBreakOnServerAuth,
|
||||
true);
|
||||
DEBUG_printf(("4_httpTLSStart: SSLSetSessionOption, error=%d",
|
||||
(int)error));
|
||||
DEBUG_printf(("4_httpTLSStart: SSLSetSessionOption, error=%d", (int)error));
|
||||
}
|
||||
|
||||
if (!error)
|
||||
{
|
||||
error = SSLSetProtocolVersionMin(http->tls, (tls_options & _HTTP_TLS_ALLOW_SSL3) ? kSSLProtocol3 : kTLSProtocol1);
|
||||
DEBUG_printf(("4_httpTLSStart: SSLSetProtocolVersionMin, error=%d", (int)error));
|
||||
}
|
||||
|
||||
# if USE_SET_ENABLED_CIPHERS
|
||||
if (!error)
|
||||
{
|
||||
SSLCipherSuite supported[100]; /* Supported cipher suites */
|
||||
size_t num_supported; /* Number of supported cipher suites */
|
||||
SSLCipherSuite enabled[100]; /* Cipher suites to enable */
|
||||
size_t num_enabled; /* Number of cipher suites to enable */
|
||||
|
||||
num_supported = sizeof(supported) / sizeof(supported[0]);
|
||||
error = SSLGetSupportedCiphers(http->tls, supported, &num_supported);
|
||||
|
||||
if (!error)
|
||||
{
|
||||
DEBUG_printf(("4_httpTLSStart: %d cipher suites supported.", (int)num_supported));
|
||||
|
||||
for (i = 0, num_enabled = 0; i < (int)num_supported && num_enabled < (sizeof(enabled) / sizeof(enabled[0])); i ++)
|
||||
{
|
||||
switch (supported[i])
|
||||
{
|
||||
/* Obviously insecure cipher suites that we never want to use */
|
||||
case SSL_NULL_WITH_NULL_NULL :
|
||||
case SSL_RSA_WITH_NULL_MD5 :
|
||||
case SSL_RSA_WITH_NULL_SHA :
|
||||
case SSL_RSA_EXPORT_WITH_RC4_40_MD5 :
|
||||
case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 :
|
||||
case SSL_RSA_EXPORT_WITH_DES40_CBC_SHA :
|
||||
case SSL_RSA_WITH_DES_CBC_SHA :
|
||||
case SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA :
|
||||
case SSL_DH_DSS_WITH_DES_CBC_SHA :
|
||||
case SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA :
|
||||
case SSL_DH_RSA_WITH_DES_CBC_SHA :
|
||||
case SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA :
|
||||
case SSL_DHE_DSS_WITH_DES_CBC_SHA :
|
||||
case SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA :
|
||||
case SSL_DHE_RSA_WITH_DES_CBC_SHA :
|
||||
case SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 :
|
||||
case SSL_DH_anon_WITH_RC4_128_MD5 :
|
||||
case SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA :
|
||||
case SSL_DH_anon_WITH_DES_CBC_SHA :
|
||||
case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA :
|
||||
case SSL_FORTEZZA_DMS_WITH_NULL_SHA :
|
||||
case TLS_DH_anon_WITH_AES_128_CBC_SHA :
|
||||
case TLS_DH_anon_WITH_AES_256_CBC_SHA :
|
||||
case TLS_ECDH_ECDSA_WITH_NULL_SHA :
|
||||
case TLS_ECDHE_RSA_WITH_NULL_SHA :
|
||||
case TLS_ECDH_anon_WITH_NULL_SHA :
|
||||
case TLS_ECDH_anon_WITH_RC4_128_SHA :
|
||||
case TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA :
|
||||
case TLS_ECDH_anon_WITH_AES_128_CBC_SHA :
|
||||
case TLS_ECDH_anon_WITH_AES_256_CBC_SHA :
|
||||
case TLS_RSA_WITH_NULL_SHA256 :
|
||||
case TLS_DH_anon_WITH_AES_128_CBC_SHA256 :
|
||||
case TLS_DH_anon_WITH_AES_256_CBC_SHA256 :
|
||||
case TLS_PSK_WITH_NULL_SHA :
|
||||
case TLS_DHE_PSK_WITH_NULL_SHA :
|
||||
case TLS_RSA_PSK_WITH_NULL_SHA :
|
||||
case TLS_DH_anon_WITH_AES_128_GCM_SHA256 :
|
||||
case TLS_DH_anon_WITH_AES_256_GCM_SHA384 :
|
||||
case TLS_PSK_WITH_NULL_SHA256 :
|
||||
case TLS_PSK_WITH_NULL_SHA384 :
|
||||
case TLS_DHE_PSK_WITH_NULL_SHA256 :
|
||||
case TLS_DHE_PSK_WITH_NULL_SHA384 :
|
||||
case TLS_RSA_PSK_WITH_NULL_SHA256 :
|
||||
case TLS_RSA_PSK_WITH_NULL_SHA384 :
|
||||
case SSL_RSA_WITH_DES_CBC_MD5 :
|
||||
break;
|
||||
|
||||
/* RC4 cipher suites that should only be used as a last resort */
|
||||
case SSL_RSA_WITH_RC4_128_MD5 :
|
||||
case SSL_RSA_WITH_RC4_128_SHA :
|
||||
case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
|
||||
case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
|
||||
case TLS_ECDH_RSA_WITH_RC4_128_SHA :
|
||||
case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
|
||||
case TLS_PSK_WITH_RC4_128_SHA :
|
||||
case TLS_DHE_PSK_WITH_RC4_128_SHA :
|
||||
case TLS_RSA_PSK_WITH_RC4_128_SHA :
|
||||
if (tls_options & _HTTP_TLS_ALLOW_RC4)
|
||||
enabled[num_enabled ++] = supported[i];
|
||||
break;
|
||||
|
||||
/* Anything else we'll assume is secure */
|
||||
default :
|
||||
enabled[num_enabled ++] = supported[i];
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
DEBUG_printf(("4_httpTLSStart: %d cipher suites enabled.", (int)num_enabled));
|
||||
error = SSLSetEnabledCiphers(http->tls, enabled, num_enabled);
|
||||
}
|
||||
}
|
||||
#endif /* USE_SET_ENABLED_CIPHERS */
|
||||
|
||||
if (!error && http->mode == _HTTP_MODE_CLIENT)
|
||||
{
|
||||
/*
|
||||
@@ -1660,5 +1779,5 @@ http_cdsa_write(
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: tls-darwin.c 12159 2014-09-23 14:56:14Z msweet $".
|
||||
* End of "$Id: tls-darwin.c 12215 2014-10-20 18:24:56Z msweet $".
|
||||
*/
|
||||
|
||||
+23
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: tls-gnutls.c 12159 2014-09-23 14:56:14Z msweet $"
|
||||
* "$Id: tls-gnutls.c 12215 2014-10-20 18:24:56Z msweet $"
|
||||
*
|
||||
* TLS support code for CUPS using GNU TLS.
|
||||
*
|
||||
@@ -36,6 +36,7 @@ static char *tls_keypath = NULL;
|
||||
/* Server cert keychain path */
|
||||
static _cups_mutex_t tls_mutex = _CUPS_MUTEX_INITIALIZER;
|
||||
/* Mutex for keychain/certs */
|
||||
static int tls_options = 0;/* Options for TLS connections */
|
||||
|
||||
|
||||
/*
|
||||
@@ -1001,6 +1002,17 @@ _httpTLSSetCredentials(http_t *http) /* I - Connection to server */
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* '_httpTLSSetOptions()' - Set TLS protocol and cipher suite options.
|
||||
*/
|
||||
|
||||
void
|
||||
_httpTLSSetOptions(int options) /* I - Options */
|
||||
{
|
||||
tls_options = options;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* '_httpTLSStart()' - Set up SSL/TLS support on a connection.
|
||||
*/
|
||||
@@ -1185,6 +1197,15 @@ _httpTLSStart(http_t *http) /* I - Connection to server */
|
||||
return (-1);
|
||||
}
|
||||
|
||||
if (!tls_options)
|
||||
gnutls_priority_set_direct(http->tls, "NORMAL:-ARCFOUR-128:VERS-TLS-ALL:-VERS-SSL3.0", NULL);
|
||||
else if ((tls_options & _HTTP_TLS_ALLOW_SSL3) && (tls_options & _HTTP_TLS_ALLOW_RC4))
|
||||
gnutls_priority_set_direct(http->tls, "NORMAL", NULL);
|
||||
else if (tls_options & _HTTP_TLS_ALLOW_SSL3)
|
||||
gnutls_priority_set_direct(http->tls, "NORMAL:-ARCFOUR-128:VERS-TLS-ALL", NULL);
|
||||
else
|
||||
gnutls_priority_set_direct(http->tls, "NORMAL:VERS-TLS-ALL:-VERS-SSL3.0", NULL);
|
||||
|
||||
gnutls_transport_set_ptr(http->tls, (gnutls_transport_ptr_t)http);
|
||||
gnutls_transport_set_pull_function(http->tls, http_gnutls_read);
|
||||
#ifdef HAVE_GNUTLS_TRANSPORT_SET_PULL_TIMEOUT_FUNCTION
|
||||
@@ -1292,5 +1313,5 @@ _httpTLSWrite(http_t *http, /* I - Connection to server */
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: tls-gnutls.c 12159 2014-09-23 14:56:14Z msweet $".
|
||||
* End of "$Id: tls-gnutls.c 12215 2014-10-20 18:24:56Z msweet $".
|
||||
*/
|
||||
|
||||
+57
-5
@@ -1,7 +1,8 @@
|
||||
/*
|
||||
* "$Id: tls-sspi.c 12159 2014-09-23 14:56:14Z msweet $"
|
||||
* "$Id: tls-sspi.c 12215 2014-10-20 18:24:56Z msweet $"
|
||||
*
|
||||
* TLS support for CUPS on Windows using SSPI.
|
||||
* TLS support for CUPS on Windows using the Security Support Provider
|
||||
* Interface (SSPI).
|
||||
*
|
||||
* Copyright 2010-2014 by Apple Inc.
|
||||
*
|
||||
@@ -48,6 +49,14 @@
|
||||
# define SECURITY_FLAG_IGNORE_CERT_DATE_INVALID 0x00002000 /* Expired X509 Cert. */
|
||||
#endif /* !SECURITY_FLAG_IGNORE_CERT_DATE_INVALID */
|
||||
|
||||
|
||||
/*
|
||||
* Local globals...
|
||||
*/
|
||||
|
||||
static int tls_options = 0;/* Options for TLS connections */
|
||||
|
||||
|
||||
/*
|
||||
* Local functions...
|
||||
*/
|
||||
@@ -896,6 +905,17 @@ _httpTLSRead(http_t *http, /* I - HTTP connection */
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* '_httpTLSSetOptions()' - Set TLS protocol and cipher suite options.
|
||||
*/
|
||||
|
||||
void
|
||||
_httpTLSSetOptions(int options) /* I - Options */
|
||||
{
|
||||
tls_options = options;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* '_httpTLSStart()' - Set up SSL/TLS support on a connection.
|
||||
*/
|
||||
@@ -1727,11 +1747,43 @@ http_sspi_find_credentials(
|
||||
SchannelCred.paCred = &storedContext;
|
||||
|
||||
/*
|
||||
* SSPI doesn't seem to like it if grbitEnabledProtocols is set for a client.
|
||||
* Set supported protocols (can also be overriden in the registry...)
|
||||
*/
|
||||
|
||||
#ifdef SP_PROT_TLS1_2_SERVER
|
||||
if (http->mode == _HTTP_MODE_SERVER)
|
||||
SchannelCred.grbitEnabledProtocols = SP_PROT_SSL3TLS1;
|
||||
{
|
||||
if (tls_options & _HTTP_TLS_ALLOW_SSL3)
|
||||
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_2_SERVER | SP_PROT_TLS1_1_SERVER | SP_PROT_TLS1_0_SERVER | SP_PROT_SSL3_SERVER;
|
||||
else
|
||||
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_2_SERVER | SP_PROT_TLS1_1_SERVER | SP_PROT_TLS1_0_SERVER;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (tls_options & _HTTP_TLS_ALLOW_SSL3)
|
||||
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_2_CLIENT | SP_PROT_TLS1_1_CLIENT | SP_PROT_TLS1_0_CLIENT | SP_PROT_SSL3_CLIENT;
|
||||
else
|
||||
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_2_CLIENT | SP_PROT_TLS1_1_CLIENT | SP_PROT_TLS1_0_CLIENT;
|
||||
}
|
||||
|
||||
#else
|
||||
if (http->mode == _HTTP_MODE_SERVER)
|
||||
{
|
||||
if (tls_options & _HTTP_TLS_ALLOW_SSL3)
|
||||
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_SERVER | SP_PROT_SSL3_SERVER;
|
||||
else
|
||||
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_SERVER;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (tls_options & _HTTP_TLS_ALLOW_SSL3)
|
||||
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_CLIENT | SP_PROT_SSL3_CLIENT;
|
||||
else
|
||||
SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_CLIENT;
|
||||
}
|
||||
#endif /* SP_PROT_TLS1_2_SERVER */
|
||||
|
||||
/* TODO: Support _HTTP_TLS_ALLOW_RC4 option; right now we'll rely on Windows registry to enable/disable RC4... */
|
||||
|
||||
/*
|
||||
* Create an SSPI credential.
|
||||
@@ -2361,5 +2413,5 @@ http_sspi_verify(
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: tls-sspi.c 12159 2014-09-23 14:56:14Z msweet $".
|
||||
* End of "$Id: tls-sspi.c 12215 2014-10-20 18:24:56Z msweet $".
|
||||
*/
|
||||
|
||||
+74
-24
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: usersys.c 12124 2014-08-28 15:37:22Z msweet $"
|
||||
* "$Id: usersys.c 12215 2014-10-20 18:24:56Z msweet $"
|
||||
*
|
||||
* User, system, and password routines for CUPS.
|
||||
*
|
||||
@@ -52,7 +52,8 @@ static void cups_read_client_conf(cups_file_t *fp,
|
||||
#endif /* HAVE_GSSAPI */
|
||||
const char *cups_anyroot,
|
||||
const char *cups_expiredcerts,
|
||||
const char *cups_validatecerts);
|
||||
const char *cups_validatecerts,
|
||||
int ssl_options);
|
||||
|
||||
|
||||
/*
|
||||
@@ -863,6 +864,30 @@ _cupsSetDefaults(void)
|
||||
if (cg->encryption == (http_encryption_t)-1 || !cg->server[0] ||
|
||||
!cg->user[0] || !cg->ipp_port)
|
||||
{
|
||||
/*
|
||||
* Look for CUPS_SERVERROOT/client.conf...
|
||||
*/
|
||||
|
||||
snprintf(filename, sizeof(filename), "%s/client.conf",
|
||||
cg->cups_serverroot);
|
||||
fp = cupsFileOpen(filename, "r");
|
||||
|
||||
/*
|
||||
* Read the configuration file and apply any environment variables; both
|
||||
* functions handle NULL cups_file_t pointers...
|
||||
*/
|
||||
|
||||
cups_read_client_conf(fp, cg, cups_encryption, cups_server, cups_user,
|
||||
#ifdef HAVE_GSSAPI
|
||||
cups_gssservicename,
|
||||
#endif /* HAVE_GSSAPI */
|
||||
cups_anyroot, cups_expiredcerts, cups_validatecerts, 1);
|
||||
cupsFileClose(fp);
|
||||
|
||||
/*
|
||||
* Then user defaults, if it is safe to do so...
|
||||
*/
|
||||
|
||||
# ifdef HAVE_GETEUID
|
||||
if ((geteuid() == getuid() || !getuid()) && getegid() == getgid() && (home = getenv("HOME")) != NULL)
|
||||
# elif !defined(WIN32)
|
||||
@@ -877,32 +902,19 @@ _cupsSetDefaults(void)
|
||||
|
||||
snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home);
|
||||
fp = cupsFileOpen(filename, "r");
|
||||
}
|
||||
else
|
||||
fp = NULL;
|
||||
|
||||
if (!fp)
|
||||
{
|
||||
/*
|
||||
* Look for CUPS_SERVERROOT/client.conf...
|
||||
* Read the configuration file and apply any environment variables; both
|
||||
* functions handle NULL cups_file_t pointers...
|
||||
*/
|
||||
|
||||
snprintf(filename, sizeof(filename), "%s/client.conf",
|
||||
cg->cups_serverroot);
|
||||
fp = cupsFileOpen(filename, "r");
|
||||
}
|
||||
|
||||
/*
|
||||
* Read the configuration file and apply any environment variables; both
|
||||
* functions handle NULL cups_file_t pointers...
|
||||
*/
|
||||
|
||||
cups_read_client_conf(fp, cg, cups_encryption, cups_server, cups_user,
|
||||
cups_read_client_conf(fp, cg, cups_encryption, cups_server, cups_user,
|
||||
#ifdef HAVE_GSSAPI
|
||||
cups_gssservicename,
|
||||
cups_gssservicename,
|
||||
#endif /* HAVE_GSSAPI */
|
||||
cups_anyroot, cups_expiredcerts, cups_validatecerts);
|
||||
cupsFileClose(fp);
|
||||
cups_anyroot, cups_expiredcerts, cups_validatecerts, 0);
|
||||
cupsFileClose(fp);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -924,7 +936,8 @@ cups_read_client_conf(
|
||||
#endif /* HAVE_GSSAPI */
|
||||
const char *cups_anyroot, /* I - CUPS_ANYROOT env var */
|
||||
const char *cups_expiredcerts, /* I - CUPS_EXPIREDCERTS env var */
|
||||
const char *cups_validatecerts)/* I - CUPS_VALIDATECERTS env var */
|
||||
const char *cups_validatecerts,/* I - CUPS_VALIDATECERTS env var */
|
||||
int ssl_options) /* I - Allow setting of SSLOptions? */
|
||||
{
|
||||
int linenum; /* Current line number */
|
||||
char line[1024], /* Line from file */
|
||||
@@ -996,6 +1009,43 @@ cups_read_client_conf(
|
||||
cups_gssservicename = gss_service_name;
|
||||
}
|
||||
#endif /* HAVE_GSSAPI */
|
||||
else if (ssl_options && !_cups_strcasecmp(line, "SSLOptions") && value)
|
||||
{
|
||||
/*
|
||||
* SSLOptions [AllowRC4] [AllowSSL3] [None]
|
||||
*/
|
||||
|
||||
int options = 0; /* SSL/TLS options */
|
||||
char *start, /* Start of option */
|
||||
*end; /* End of option */
|
||||
|
||||
for (start = value; *start; start = end)
|
||||
{
|
||||
/*
|
||||
* Find end of keyword...
|
||||
*/
|
||||
|
||||
end = start;
|
||||
while (*end && !_cups_isspace(*end))
|
||||
end ++;
|
||||
|
||||
if (*end)
|
||||
*end++ = '\0';
|
||||
|
||||
/*
|
||||
* Compare...
|
||||
*/
|
||||
|
||||
if (!_cups_strcasecmp(start, "AllowRC4"))
|
||||
options |= _HTTP_TLS_ALLOW_RC4;
|
||||
else if (!_cups_strcasecmp(start, "AllowSSL3"))
|
||||
options |= _HTTP_TLS_ALLOW_SSL3;
|
||||
else if (!_cups_strcasecmp(start, "None"))
|
||||
options = 0;
|
||||
}
|
||||
|
||||
_httpTLSSetOptions(options);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1129,5 +1179,5 @@ cups_read_client_conf(
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: usersys.c 12124 2014-08-28 15:37:22Z msweet $".
|
||||
* End of "$Id: usersys.c 12215 2014-10-20 18:24:56Z msweet $".
|
||||
*/
|
||||
|
||||
+4
-4
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: util.c 12073 2014-07-31 00:58:00Z msweet $"
|
||||
* "$Id: util.c 12220 2014-10-20 22:03:01Z msweet $"
|
||||
*
|
||||
* Printing utilities for CUPS.
|
||||
*
|
||||
@@ -846,10 +846,10 @@ cupsGetPPD3(http_t *http, /* I - HTTP connection or @code CUPS_HTTP_DEFAUL
|
||||
|
||||
snprintf(ppdname, sizeof(ppdname), "%s/ppd/%s.ppd", cg->cups_serverroot,
|
||||
name);
|
||||
if (!stat(ppdname, &ppdinfo))
|
||||
if (!stat(ppdname, &ppdinfo) && !access(ppdname, R_OK))
|
||||
{
|
||||
/*
|
||||
* OK, the file exists, use it!
|
||||
* OK, the file exists and is readable, use it!
|
||||
*/
|
||||
|
||||
if (buffer[0])
|
||||
@@ -1655,5 +1655,5 @@ cups_get_printer_uri(
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: util.c 12073 2014-07-31 00:58:00Z msweet $".
|
||||
* End of "$Id: util.c 12220 2014-10-20 22:03:01Z msweet $".
|
||||
*/
|
||||
|
||||
@@ -38,6 +38,12 @@ CUPS adds the remote hostname ("name@server.example.com") for you. The default n
|
||||
<b>Note: This directive it not supported on OS X 10.7 or later.</b>
|
||||
<dt><b>ServerName </b><i>hostname-or-ip-address</i>[<i>:port</i>]<b>/version=1.1</b>
|
||||
<dd style="margin-left: 5.0em">Specifies the address and optionally the port to use when connecting to a server running CUPS 1.3.12 and earlier.
|
||||
<dt><b>SSLOptions </b>[<i>AllowRC4</i>] [<i>AllowSSL3</i>]
|
||||
<dd style="margin-left: 5.0em"><dt><b>SSLOptions None</b>
|
||||
<dd style="margin-left: 5.0em">Sets encryption options (only in /etc/cups/client.conf).
|
||||
By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites.
|
||||
The <i>AllowRC4</i> option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer ones.
|
||||
The <i>AllowSSL3</i> option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0.
|
||||
<dt><b>User </b><i>name</i>
|
||||
<dd style="margin-left: 5.0em">Specifies the default user name to use for requests.
|
||||
<dt><b>ValidateCerts Yes</b>
|
||||
|
||||
@@ -303,6 +303,12 @@ The default is "Minimal".
|
||||
<dd style="margin-left: 5.0em"><dt><b>SSLListen [</b><i>ipv6-address</i><b>]:</b><i>port</i>
|
||||
<dd style="margin-left: 5.0em"><dt><b>SSLListen *:</b><i>port</i>
|
||||
<dd style="margin-left: 5.0em">Listens on the specified address and port for encrypted connections.
|
||||
<dt><b>SSLOptions </b>[<i>AllowRC4</i>] [<i>AllowSSL3</i>]
|
||||
<dd style="margin-left: 5.0em"><dt><b>SSLOptions None</b>
|
||||
<dd style="margin-left: 5.0em">Sets encryption options.
|
||||
By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites.
|
||||
The <i>AllowRC4</i> option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer ones.
|
||||
The <i>AllowSSL3</i> option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0.
|
||||
<dt><b>SSLPort </b><i>port</i>
|
||||
<dd style="margin-left: 5.0em">Listens on the specified port for encrypted connections.
|
||||
<dt><b>StrictConformance Yes</b>
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\"
|
||||
.\" "$Id: client.conf.man.in 11851 2014-05-07 23:55:35Z msweet $"
|
||||
.\" "$Id: client.conf.man.in 12215 2014-10-20 18:24:56Z msweet $"
|
||||
.\"
|
||||
.\" client.conf man page for CUPS.
|
||||
.\"
|
||||
@@ -12,7 +12,7 @@
|
||||
.\" which should have been included with this file. If this file is
|
||||
.\" file is missing or damaged, see the license at "http://www.cups.org/".
|
||||
.\"
|
||||
.TH client.conf 5 "CUPS" "7 May 2014" "Apple Inc."
|
||||
.TH client.conf 5 "CUPS" "20 October 2014" "Apple Inc."
|
||||
.SH NAME
|
||||
client.conf \- client configuration file for cups (deprecated)
|
||||
.SH DESCRIPTION
|
||||
@@ -56,6 +56,14 @@ Specifies the address and optionally the port to use when connecting to the serv
|
||||
\fBServerName \fIhostname-or-ip-address\fR[\fI:port\fR]\fB/version=1.1\fR
|
||||
Specifies the address and optionally the port to use when connecting to a server running CUPS 1.3.12 and earlier.
|
||||
.TP 5
|
||||
\fBSSLOptions \fR[\fIAllowRC4\fR] [\fIAllowSSL3\fR]
|
||||
.TP 5
|
||||
\fBSSLOptions None\fR
|
||||
Sets encryption options (only in /etc/cups/client.conf).
|
||||
By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites.
|
||||
The \fIAllowRC4\fR option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer ones.
|
||||
The \fIAllowSSL3\fR option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0.
|
||||
.TP 5
|
||||
\fBUser \fIname\fR
|
||||
Specifies the default user name to use for requests.
|
||||
.TP 5
|
||||
@@ -72,5 +80,5 @@ CUPS Online Help (http://localhost:631/help)
|
||||
.SH COPYRIGHT
|
||||
Copyright \[co] 2007-2014 by Apple Inc.
|
||||
.\"
|
||||
.\" End of "$Id: client.conf.man.in 11851 2014-05-07 23:55:35Z msweet $".
|
||||
.\" End of "$Id: client.conf.man.in 12215 2014-10-20 18:24:56Z msweet $".
|
||||
.\"
|
||||
|
||||
+11
-3
@@ -1,5 +1,5 @@
|
||||
.\"
|
||||
.\" "$Id: cupsd.conf.man.in 12059 2014-07-28 14:04:32Z msweet $"
|
||||
.\" "$Id: cupsd.conf.man.in 12215 2014-10-20 18:24:56Z msweet $"
|
||||
.\"
|
||||
.\" cupsd.conf man page for CUPS.
|
||||
.\"
|
||||
@@ -12,7 +12,7 @@
|
||||
.\" which should have been included with this file. If this file is
|
||||
.\" file is missing or damaged, see the license at "http://www.cups.org/".
|
||||
.\"
|
||||
.TH cupsd.conf 5 "CUPS" "28 July 2014" "Apple Inc."
|
||||
.TH cupsd.conf 5 "CUPS" "20 October 2014" "Apple Inc."
|
||||
.SH NAME
|
||||
cupsd.conf \- server configuration file for cups
|
||||
.SH DESCRIPTION
|
||||
@@ -415,6 +415,14 @@ Set the specified environment variable to be passed to child processes.
|
||||
\fBSSLListen *:\fIport\fR
|
||||
Listens on the specified address and port for encrypted connections.
|
||||
.TP 5
|
||||
\fBSSLOptions \fR[\fIAllowRC4\fR] [\fIAllowSSL3\fR]
|
||||
.TP 5
|
||||
\fBSSLOptions None\fR
|
||||
Sets encryption options.
|
||||
By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites.
|
||||
The \fIAllowRC4\fR option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer ones.
|
||||
The \fIAllowSSL3\fR option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0.
|
||||
.TP 5
|
||||
\fBSSLPort \fIport\fR
|
||||
Listens on the specified port for encrypted connections.
|
||||
.TP 5
|
||||
@@ -801,5 +809,5 @@ CUPS Online Help (http://localhost:631/help)
|
||||
.SH COPYRIGHT
|
||||
Copyright \[co] 2007-2014 by Apple Inc.
|
||||
.\"
|
||||
.\" End of "$Id: cupsd.conf.man.in 12059 2014-07-28 14:04:32Z msweet $".
|
||||
.\" End of "$Id: cupsd.conf.man.in 12215 2014-10-20 18:24:56Z msweet $".
|
||||
.\"
|
||||
|
||||
+14
-7
@@ -1,5 +1,5 @@
|
||||
#
|
||||
# "$Id: cups.spec.in 12074 2014-07-31 01:10:14Z msweet $"
|
||||
# "$Id: cups.spec.in 12222 2014-10-21 11:55:01Z msweet $"
|
||||
#
|
||||
# RPM "spec" file for CUPS.
|
||||
#
|
||||
@@ -44,12 +44,12 @@
|
||||
|
||||
Summary: CUPS
|
||||
Name: cups
|
||||
Version: 2.0.0
|
||||
Version: 2.0.1
|
||||
Release: 1
|
||||
Epoch: 1
|
||||
License: GPL
|
||||
Group: System Environment/Daemons
|
||||
Source: http://www.cups.org/software/2.0.0/cups-2.0.0-source.tar.bz2
|
||||
Source: http://www.cups.org/software/2.0.1/cups-2.0.1-source.tar.bz2
|
||||
Url: http://www.cups.org
|
||||
Packager: Anonymous <anonymous@foo.com>
|
||||
Vendor: Apple Inc.
|
||||
@@ -180,7 +180,7 @@ rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%if %{?_with_systemd:1}%{!?_with_systemd:0}
|
||||
# SystemD
|
||||
/usr/lib/systemd/system/*
|
||||
/usr/lib/systemd/system/org.cups.cupsd.*
|
||||
|
||||
%else
|
||||
# Legacy init support on Linux
|
||||
@@ -268,8 +268,8 @@ rm -rf $RPM_BUILD_ROOT
|
||||
#/usr/share/doc/cups/ca/*
|
||||
#%dir /usr/share/doc/cups/cs
|
||||
#/usr/share/doc/cups/cs/*
|
||||
#%dir /usr/share/doc/cups/es
|
||||
#/usr/share/doc/cups/es/*
|
||||
%dir /usr/share/doc/cups/es
|
||||
/usr/share/doc/cups/es/*
|
||||
#%dir /usr/share/doc/cups/fr
|
||||
#/usr/share/doc/cups/fr/*
|
||||
#%dir /usr/share/doc/cups/ja
|
||||
@@ -379,7 +379,14 @@ rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%files lpd
|
||||
%defattr(-,root,root)
|
||||
%if %{?_with_systemd:1}%{!?_with_systemd:0}
|
||||
# SystemD
|
||||
/usr/lib/systemd/system/org.cups.cups-lpd*
|
||||
%else
|
||||
# Legacy xinetd
|
||||
/etc/xinetd.d/cups-lpd
|
||||
%endif
|
||||
|
||||
%dir /usr/lib/cups
|
||||
%dir /usr/lib/cups/daemon
|
||||
/usr/lib/cups/daemon/cups-lpd
|
||||
@@ -388,5 +395,5 @@ rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
|
||||
#
|
||||
# End of "$Id: cups.spec.in 12074 2014-07-31 01:10:14Z msweet $".
|
||||
# End of "$Id: cups.spec.in 12222 2014-10-21 11:55:01Z msweet $".
|
||||
#
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
#
|
||||
# "$Id: cups.spec.in 12074 2014-07-31 01:10:14Z msweet $"
|
||||
# "$Id: cups.spec.in 12222 2014-10-21 11:55:01Z msweet $"
|
||||
#
|
||||
# RPM "spec" file for CUPS.
|
||||
#
|
||||
@@ -180,7 +180,7 @@ rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%if %{?_with_systemd:1}%{!?_with_systemd:0}
|
||||
# SystemD
|
||||
/usr/lib/systemd/system/*
|
||||
/usr/lib/systemd/system/org.cups.cupsd.*
|
||||
|
||||
%else
|
||||
# Legacy init support on Linux
|
||||
@@ -268,8 +268,8 @@ rm -rf $RPM_BUILD_ROOT
|
||||
#/usr/share/doc/cups/ca/*
|
||||
#%dir /usr/share/doc/cups/cs
|
||||
#/usr/share/doc/cups/cs/*
|
||||
#%dir /usr/share/doc/cups/es
|
||||
#/usr/share/doc/cups/es/*
|
||||
%dir /usr/share/doc/cups/es
|
||||
/usr/share/doc/cups/es/*
|
||||
#%dir /usr/share/doc/cups/fr
|
||||
#/usr/share/doc/cups/fr/*
|
||||
#%dir /usr/share/doc/cups/ja
|
||||
@@ -379,7 +379,14 @@ rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%files lpd
|
||||
%defattr(-,root,root)
|
||||
%if %{?_with_systemd:1}%{!?_with_systemd:0}
|
||||
# SystemD
|
||||
/usr/lib/systemd/system/org.cups.cups-lpd*
|
||||
%else
|
||||
# Legacy xinetd
|
||||
/etc/xinetd.d/cups-lpd
|
||||
%endif
|
||||
|
||||
%dir /usr/lib/cups
|
||||
%dir /usr/lib/cups/daemon
|
||||
/usr/lib/cups/daemon/cups-lpd
|
||||
@@ -388,5 +395,5 @@ rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
|
||||
#
|
||||
# End of "$Id: cups.spec.in 12074 2014-07-31 01:10:14Z msweet $".
|
||||
# End of "$Id: cups.spec.in 12222 2014-10-21 11:55:01Z msweet $".
|
||||
#
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
#
|
||||
# "$Id: Makefile 12132 2014-08-29 11:27:18Z msweet $"
|
||||
# "$Id: Makefile 12222 2014-10-21 11:55:01Z msweet $"
|
||||
#
|
||||
# Scheduler Makefile for CUPS.
|
||||
#
|
||||
# Copyright 2007-2013 by Apple Inc.
|
||||
# Copyright 2007-2014 by Apple Inc.
|
||||
# Copyright 1997-2007 by Easy Software Products, all rights reserved.
|
||||
#
|
||||
# These coded instructions, statements, and computer programs are the
|
||||
@@ -206,8 +206,9 @@ install-data:
|
||||
$(INSTALL_DATA) org.cups.cupsd.path $(BUILDROOT)$(SYSTEMD_DIR); \
|
||||
$(INSTALL_DATA) org.cups.cupsd.service $(BUILDROOT)$(SYSTEMD_DIR); \
|
||||
$(INSTALL_DATA) org.cups.cupsd.socket $(BUILDROOT)$(SYSTEMD_DIR); \
|
||||
fi
|
||||
if test "x$(XINETD)" != x; then \
|
||||
$(INSTALL_DATA) org.cups.cups-lpdAT.service $(BUILDROOT)$(SYSTEMD_DIR)/org.cups.cups-lpd@.service; \
|
||||
$(INSTALL_DATA) org.cups.cups-lpd.socket $(BUILDROOT)$(SYSTEMD_DIR); \
|
||||
elif test "x$(XINETD)" != x; then \
|
||||
echo Installing xinetd configuration file for cups-lpd...; \
|
||||
$(INSTALL_DIR) -m 755 $(BUILDROOT)$(XINETD); \
|
||||
$(INSTALL_DATA) cups-lpd.xinetd $(BUILDROOT)$(XINETD)/cups-lpd; \
|
||||
@@ -547,5 +548,5 @@ include Dependencies
|
||||
|
||||
|
||||
#
|
||||
# End of "$Id: Makefile 12132 2014-08-29 11:27:18Z msweet $".
|
||||
# End of "$Id: Makefile 12222 2014-10-21 11:55:01Z msweet $".
|
||||
#
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: colorman.c 11558 2014-02-06 18:33:34Z msweet $"
|
||||
* "$Id: colorman.c 12226 2014-10-21 13:36:05Z msweet $"
|
||||
*
|
||||
* Color management routines for the CUPS scheduler.
|
||||
*
|
||||
@@ -186,7 +186,8 @@ void
|
||||
cupsdStopColor(void)
|
||||
{
|
||||
#if !defined(__APPLE__) && defined(HAVE_DBUS)
|
||||
dbus_connection_unref(colord_con);
|
||||
if (colord_con)
|
||||
dbus_connection_unref(colord_con);
|
||||
colord_con = NULL;
|
||||
#endif /* !__APPLE__ && HAVE_DBUS */
|
||||
}
|
||||
@@ -1514,5 +1515,5 @@ colord_unregister_printer(
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: colorman.c 11558 2014-02-06 18:33:34Z msweet $".
|
||||
* End of "$Id: colorman.c 12226 2014-10-21 13:36:05Z msweet $".
|
||||
*/
|
||||
|
||||
+50
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: conf.c 12178 2014-09-30 18:56:48Z msweet $"
|
||||
* "$Id: conf.c 12224 2014-10-21 13:16:30Z msweet $"
|
||||
*
|
||||
* Configuration routines for the CUPS scheduler.
|
||||
*
|
||||
@@ -596,6 +596,8 @@ cupsdReadConfiguration(void)
|
||||
# else
|
||||
cupsdSetString(&ServerKeychain, "/Library/Keychains/System.keychain");
|
||||
# endif /* HAVE_GNUTLS */
|
||||
|
||||
_httpTLSSetOptions(0);
|
||||
#endif /* HAVE_SSL */
|
||||
|
||||
language = cupsLangDefault();
|
||||
@@ -993,6 +995,9 @@ cupsdReadConfiguration(void)
|
||||
|
||||
cupsdLogMessage(CUPSD_LOG_NOTICE,
|
||||
"Group and SystemGroup cannot use the same groups.");
|
||||
if (FatalErrors & (CUPSD_FATAL_CONFIG | CUPSD_FATAL_PERMISSIONS))
|
||||
return (0);
|
||||
|
||||
cupsdLogMessage(CUPSD_LOG_INFO, "Resetting Group to \"nobody\"...");
|
||||
|
||||
group = getgrnam("nobody");
|
||||
@@ -2929,6 +2934,49 @@ read_cupsd_conf(cups_file_t *fp) /* I - File to read from */
|
||||
"FaxRetryLimit is deprecated; use "
|
||||
"JobRetryLimit on line %d.", linenum);
|
||||
}
|
||||
else if (!_cups_strcasecmp(line, "SSLOptions"))
|
||||
{
|
||||
/*
|
||||
* SSLOptions [AllowRC4] [AllowSSL3] [None]
|
||||
*/
|
||||
|
||||
int options = 0; /* SSL/TLS options */
|
||||
|
||||
if (value)
|
||||
{
|
||||
char *start, /* Start of option */
|
||||
*end; /* End of option */
|
||||
|
||||
for (start = value; *start; start = end)
|
||||
{
|
||||
/*
|
||||
* Find end of keyword...
|
||||
*/
|
||||
|
||||
end = start;
|
||||
while (*end && !_cups_isspace(*end))
|
||||
end ++;
|
||||
|
||||
if (*end)
|
||||
*end++ = '\0';
|
||||
|
||||
/*
|
||||
* Compare...
|
||||
*/
|
||||
|
||||
if (!_cups_strcasecmp(start, "AllowRC4"))
|
||||
options |= _HTTP_TLS_ALLOW_RC4;
|
||||
else if (!_cups_strcasecmp(start, "AllowSSL3"))
|
||||
options |= _HTTP_TLS_ALLOW_SSL3;
|
||||
else if (!_cups_strcasecmp(start, "None"))
|
||||
options = 0;
|
||||
else if (_cups_strcasecmp(start, "NoEmptyFragments"))
|
||||
cupsdLogMessage(CUPSD_LOG_WARN, "Unknown SSL option %s at line %d.", start, linenum);
|
||||
}
|
||||
}
|
||||
|
||||
_httpTLSSetOptions(options);
|
||||
}
|
||||
else if ((!_cups_strcasecmp(line, "Port") || !_cups_strcasecmp(line, "Listen")
|
||||
#ifdef HAVE_SSL
|
||||
|| !_cups_strcasecmp(line, "SSLPort") || !_cups_strcasecmp(line, "SSLListen")
|
||||
@@ -4093,5 +4141,5 @@ set_policy_defaults(cupsd_policy_t *pol)/* I - Policy */
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: conf.c 12178 2014-09-30 18:56:48Z msweet $".
|
||||
* End of "$Id: conf.c 12224 2014-10-21 13:16:30Z msweet $".
|
||||
*/
|
||||
|
||||
+93
-78
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: main.c 12140 2014-08-30 01:51:22Z msweet $"
|
||||
* "$Id: main.c 12248 2014-11-12 16:32:57Z msweet $"
|
||||
*
|
||||
* Main loop for the CUPS scheduler.
|
||||
*
|
||||
@@ -100,7 +100,11 @@ main(int argc, /* I - Number of command-line args */
|
||||
{
|
||||
int i; /* Looping var */
|
||||
char *opt; /* Option character */
|
||||
int fg; /* Run in the foreground */
|
||||
int close_all = 1, /* Close all file descriptors? */
|
||||
disconnect = 1, /* Disconnect from controlling terminal? */
|
||||
fg = 0, /* Run in foreground? */
|
||||
run_as_child = 0;
|
||||
/* Running as child process? */
|
||||
int fds; /* Number of ready descriptors */
|
||||
cupsd_client_t *con; /* Current client */
|
||||
cupsd_job_t *job; /* Current job */
|
||||
@@ -116,8 +120,6 @@ main(int argc, /* I - Number of command-line args */
|
||||
#if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET)
|
||||
struct sigaction action; /* Actions for POSIX signals */
|
||||
#endif /* HAVE_SIGACTION && !HAVE_SIGSET */
|
||||
int run_as_child = 0;
|
||||
/* Needed for background fork/exec */
|
||||
#ifdef __APPLE__
|
||||
int use_sysman = 1; /* Use system management functions? */
|
||||
#else
|
||||
@@ -150,8 +152,10 @@ main(int argc, /* I - Number of command-line args */
|
||||
#ifdef HAVE_LAUNCHD
|
||||
if (getenv("CUPSD_LAUNCHD"))
|
||||
{
|
||||
OnDemand = 1;
|
||||
fg = 1;
|
||||
OnDemand = 1;
|
||||
fg = 1;
|
||||
close_all = 0;
|
||||
disconnect = 0;
|
||||
}
|
||||
#endif /* HAVE_LAUNCHD */
|
||||
|
||||
@@ -162,7 +166,8 @@ main(int argc, /* I - Number of command-line args */
|
||||
{
|
||||
case 'C' : /* Run as child with config file */
|
||||
run_as_child = 1;
|
||||
fg = -1;
|
||||
fg = 1;
|
||||
close_all = 0;
|
||||
|
||||
case 'c' : /* Configuration file */
|
||||
i ++;
|
||||
@@ -217,11 +222,14 @@ main(int argc, /* I - Number of command-line args */
|
||||
break;
|
||||
|
||||
case 'f' : /* Run in foreground... */
|
||||
fg = 1;
|
||||
fg = 1;
|
||||
disconnect = 0;
|
||||
close_all = 0;
|
||||
break;
|
||||
|
||||
case 'F' : /* Run in foreground, but disconnect from terminal... */
|
||||
fg = -1;
|
||||
fg = 1;
|
||||
close_all = 0;
|
||||
break;
|
||||
|
||||
case 'h' : /* Show usage/help */
|
||||
@@ -230,12 +238,16 @@ main(int argc, /* I - Number of command-line args */
|
||||
|
||||
case 'l' : /* Started by launchd/systemd... */
|
||||
#if defined(HAVE_LAUNCHD) || defined(HAVE_SYSTEMD)
|
||||
OnDemand = 1;
|
||||
fg = 1;
|
||||
OnDemand = 1;
|
||||
fg = 1;
|
||||
close_all = 0;
|
||||
disconnect = 0;
|
||||
#else
|
||||
_cupsLangPuts(stderr, _("cupsd: On-demand support not compiled "
|
||||
"in, running in normal mode."));
|
||||
fg = 0;
|
||||
fg = 0;
|
||||
disconnect = 1;
|
||||
close_all = 1;
|
||||
#endif /* HAVE_LAUNCHD || HAVE_SYSTEMD */
|
||||
break;
|
||||
|
||||
@@ -244,6 +256,8 @@ main(int argc, /* I - Number of command-line args */
|
||||
"use only!\n", stderr);
|
||||
stop_scheduler = 1;
|
||||
fg = 1;
|
||||
disconnect = 0;
|
||||
close_all = 0;
|
||||
break;
|
||||
|
||||
case 'P' : /* Disable security profiles */
|
||||
@@ -285,6 +299,8 @@ main(int argc, /* I - Number of command-line args */
|
||||
case 't' : /* Test the cupsd.conf file... */
|
||||
TestConfigFile = 1;
|
||||
fg = 1;
|
||||
disconnect = 0;
|
||||
close_all = 0;
|
||||
break;
|
||||
|
||||
default : /* Unknown option */
|
||||
@@ -332,8 +348,57 @@ main(int argc, /* I - Number of command-line args */
|
||||
free(filename);
|
||||
}
|
||||
|
||||
if (disconnect)
|
||||
{
|
||||
/*
|
||||
* Make sure we aren't tying up any filesystems...
|
||||
*/
|
||||
|
||||
chdir("/");
|
||||
|
||||
/*
|
||||
* Disconnect from the controlling terminal...
|
||||
*/
|
||||
|
||||
setsid();
|
||||
}
|
||||
|
||||
if (close_all)
|
||||
{
|
||||
/*
|
||||
* Close all open files...
|
||||
*/
|
||||
|
||||
getrlimit(RLIMIT_NOFILE, &limit);
|
||||
|
||||
for (i = 0; i < (int)limit.rlim_cur && i < 1024; i ++)
|
||||
close(i);
|
||||
|
||||
/*
|
||||
* Redirect stdin/out/err to /dev/null...
|
||||
*/
|
||||
|
||||
if ((i = open("/dev/null", O_RDONLY)) != 0)
|
||||
{
|
||||
dup2(i, 0);
|
||||
close(i);
|
||||
}
|
||||
|
||||
if ((i = open("/dev/null", O_WRONLY)) != 1)
|
||||
{
|
||||
dup2(i, 1);
|
||||
close(i);
|
||||
}
|
||||
|
||||
if ((i = open("/dev/null", O_WRONLY)) != 2)
|
||||
{
|
||||
dup2(i, 2);
|
||||
close(i);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* If the user hasn't specified "-f", run in the background...
|
||||
* Run in the background as needed...
|
||||
*/
|
||||
|
||||
if (!fg)
|
||||
@@ -408,74 +473,17 @@ main(int argc, /* I - Number of command-line args */
|
||||
#endif /* __OpenBSD__ && OpenBSD < 201211 */
|
||||
|
||||
/*
|
||||
* Since CoreFoundation and DBUS both create fork-unsafe data on execution of
|
||||
* a program, and since this kind of really unfriendly behavior seems to be
|
||||
* more common these days in system libraries, we need to re-execute the
|
||||
* background cupsd with the "-C" option to avoid problems. Unfortunately,
|
||||
* we also have to assume that argv[0] contains the name of the cupsd
|
||||
* executable - there is no portable way to get the real pathname...
|
||||
* Since many system libraries create fork-unsafe data on execution of a
|
||||
* program, we need to re-execute the background cupsd with the "-C" and "-s"
|
||||
* options to avoid problems. Unfortunately, we also have to assume that
|
||||
* argv[0] contains the name of the cupsd executable - there is no portable
|
||||
* way to get the real pathname...
|
||||
*/
|
||||
|
||||
execlp(argv[0], argv[0], "-C", ConfigurationFile, (char *)0);
|
||||
execlp(argv[0], argv[0], "-C", ConfigurationFile, "-s", CupsFilesFile, (char *)0);
|
||||
exit(errno);
|
||||
}
|
||||
|
||||
if (fg < 1)
|
||||
{
|
||||
/*
|
||||
* Make sure we aren't tying up any filesystems...
|
||||
*/
|
||||
|
||||
chdir("/");
|
||||
|
||||
#ifndef DEBUG
|
||||
/*
|
||||
* Disable core dumps...
|
||||
*/
|
||||
|
||||
getrlimit(RLIMIT_CORE, &limit);
|
||||
limit.rlim_cur = 0;
|
||||
setrlimit(RLIMIT_CORE, &limit);
|
||||
|
||||
/*
|
||||
* Disconnect from the controlling terminal...
|
||||
*/
|
||||
|
||||
setsid();
|
||||
|
||||
/*
|
||||
* Close all open files...
|
||||
*/
|
||||
|
||||
getrlimit(RLIMIT_NOFILE, &limit);
|
||||
|
||||
for (i = 0; i < limit.rlim_cur && i < 1024; i ++)
|
||||
close(i);
|
||||
|
||||
/*
|
||||
* Redirect stdin/out/err to /dev/null...
|
||||
*/
|
||||
|
||||
if ((i = open("/dev/null", O_RDONLY)) != 0)
|
||||
{
|
||||
dup2(i, 0);
|
||||
close(i);
|
||||
}
|
||||
|
||||
if ((i = open("/dev/null", O_WRONLY)) != 1)
|
||||
{
|
||||
dup2(i, 1);
|
||||
close(i);
|
||||
}
|
||||
|
||||
if ((i = open("/dev/null", O_WRONLY)) != 2)
|
||||
{
|
||||
dup2(i, 2);
|
||||
close(i);
|
||||
}
|
||||
#endif /* DEBUG */
|
||||
}
|
||||
|
||||
/*
|
||||
* Set the timezone info...
|
||||
*/
|
||||
@@ -763,6 +771,9 @@ main(int argc, /* I - Number of command-line args */
|
||||
|
||||
if (timeout == 86400 && OnDemand && IdleExitTimeout &&
|
||||
!cupsArrayCount(ActiveJobs) &&
|
||||
# ifdef HAVE_SYSTEMD
|
||||
!WebInterface &&
|
||||
# endif /* HAVE_SYSTEMD */
|
||||
(!Browsing || !BrowseLocalProtocols || !cupsArrayCount(Printers)))
|
||||
{
|
||||
timeout = IdleExitTimeout;
|
||||
@@ -2114,8 +2125,12 @@ service_checkout(void)
|
||||
* jobs or shared printers to advertise...
|
||||
*/
|
||||
|
||||
if (cupsArrayCount(ActiveJobs) ||
|
||||
if (cupsArrayCount(ActiveJobs) || /* Active jobs */
|
||||
# ifdef HAVE_SYSTEMD
|
||||
WebInterface || /* Web interface enabled */
|
||||
# endif /* HAVE_SYSTEMD */
|
||||
(Browsing && BrowseLocalProtocols && cupsArrayCount(Printers)))
|
||||
/* Printers being shared */
|
||||
{
|
||||
cupsdLogMessage(CUPSD_LOG_DEBUG, "Creating keep-alive file \"" CUPS_KEEPALIVE "\".");
|
||||
|
||||
@@ -2158,5 +2173,5 @@ usage(int status) /* O - Exit status */
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: main.c 12140 2014-08-30 01:51:22Z msweet $".
|
||||
* End of "$Id: main.c 12248 2014-11-12 16:32:57Z msweet $".
|
||||
*/
|
||||
|
||||
@@ -0,0 +1,9 @@
|
||||
[Unit]
|
||||
Description=CUPS LPD Server Socket
|
||||
|
||||
[Socket]
|
||||
ListenStream=515
|
||||
Accept=yes
|
||||
|
||||
[Install]
|
||||
WantedBy=sockets.target
|
||||
@@ -0,0 +1,9 @@
|
||||
[Unit]
|
||||
Description=CUPS LPD server
|
||||
Documentation=man:cups-lpd(8)
|
||||
|
||||
[Service]
|
||||
ExecStart=-@CUPS_SERVERBIN@/daemon/cups-lpd
|
||||
StandardInput=socket
|
||||
User=@CUPS_USER@
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
[Unit]
|
||||
Description=CUPS Scheduler
|
||||
Documentation=man:cupsd(8)
|
||||
|
||||
[Service]
|
||||
ExecStart=@sbindir@/cupsd -l
|
||||
|
||||
@@ -3,10 +3,6 @@ Description=CUPS Scheduler
|
||||
|
||||
[Socket]
|
||||
ListenStream=@CUPS_DEFAULT_DOMAINSOCKET@
|
||||
ListenStream=[::1]:631
|
||||
ListenStream=127.0.0.1:631
|
||||
BindIPv6Only=ipv6-only
|
||||
ReusePort=true
|
||||
|
||||
[Install]
|
||||
WantedBy=sockets.target
|
||||
|
||||
+22
-14
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: process.c 12102 2014-08-20 15:19:09Z msweet $"
|
||||
* "$Id: process.c 12252 2014-11-14 17:14:45Z msweet $"
|
||||
*
|
||||
* Process management routines for the CUPS scheduler.
|
||||
*
|
||||
@@ -459,18 +459,19 @@ cupsdStartProcess(
|
||||
int i; /* Looping var */
|
||||
const char *exec_path = command; /* Command to be exec'd */
|
||||
char *real_argv[110], /* Real command-line arguments */
|
||||
cups_exec[1024]; /* Path to "cups-exec" program */
|
||||
uid_t user; /* Command UID */
|
||||
cupsd_proc_t *proc; /* New process record */
|
||||
#ifdef HAVE_POSIX_SPAWN
|
||||
posix_spawn_file_actions_t actions; /* Spawn file actions */
|
||||
posix_spawnattr_t attrs; /* Spawn attributes */
|
||||
char user_str[16], /* User string */
|
||||
cups_exec[1024], /* Path to "cups-exec" program */
|
||||
user_str[16], /* User string */
|
||||
group_str[16], /* Group string */
|
||||
nice_str[16]; /* FilterNice string */
|
||||
uid_t user; /* Command UID */
|
||||
cupsd_proc_t *proc; /* New process record */
|
||||
#if defined(HAVE_POSIX_SPAWN) && !defined(__OpenBSD__)
|
||||
posix_spawn_file_actions_t actions; /* Spawn file actions */
|
||||
posix_spawnattr_t attrs; /* Spawn attributes */
|
||||
sigset_t defsignals; /* Default signals */
|
||||
#elif defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET)
|
||||
struct sigaction action; /* POSIX signal handler */
|
||||
#endif /* HAVE_POSIX_SPAWN */
|
||||
#endif /* HAVE_POSIX_SPAWN && !__OpenBSD__ */
|
||||
#if defined(__APPLE__)
|
||||
char processPath[1024], /* CFProcessPath environment variable */
|
||||
linkpath[1024]; /* Link path for symlinks... */
|
||||
@@ -534,9 +535,9 @@ cupsdStartProcess(
|
||||
* Use helper program when we have a sandbox profile...
|
||||
*/
|
||||
|
||||
#ifndef HAVE_POSIX_SPAWN
|
||||
#if !defined(HAVE_POSIX_SPAWN) || defined(__OpenBSD__)
|
||||
if (profile)
|
||||
#endif /* !HAVE_POSIX_SPAWN */
|
||||
#endif /* !HAVE_POSIX_SPAWN || __OpenBSD__ */
|
||||
{
|
||||
snprintf(cups_exec, sizeof(cups_exec), "%s/daemon/cups-exec", ServerBin);
|
||||
snprintf(user_str, sizeof(user_str), "%d", user);
|
||||
@@ -572,14 +573,21 @@ cupsdStartProcess(
|
||||
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartProcess: argv[%d] = \"%s\"", i, argv[i]);
|
||||
}
|
||||
|
||||
#ifdef HAVE_POSIX_SPAWN
|
||||
#if defined(HAVE_POSIX_SPAWN) && !defined(__OpenBSD__) /* OpenBSD posix_spawn is busted with SETSIGDEF */
|
||||
/*
|
||||
* Setup attributes and file actions for the spawn...
|
||||
*/
|
||||
|
||||
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartProcess: Setting spawn attributes.");
|
||||
sigemptyset(&defsignals);
|
||||
sigaddset(&defsignals, SIGTERM);
|
||||
sigaddset(&defsignals, SIGCHLD);
|
||||
sigaddset(&defsignals, SIGPIPE);
|
||||
|
||||
posix_spawnattr_init(&attrs);
|
||||
posix_spawnattr_setflags(&attrs, POSIX_SPAWN_SETPGROUP | POSIX_SPAWN_SETSIGDEF);
|
||||
posix_spawnattr_setpgroup(&attrs, 0);
|
||||
posix_spawnattr_setsigdefault(&attrs, &defsignals);
|
||||
|
||||
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartProcess: Setting file actions.");
|
||||
posix_spawn_file_actions_init(&actions);
|
||||
@@ -788,7 +796,7 @@ cupsdStartProcess(
|
||||
}
|
||||
|
||||
cupsdReleaseSignals();
|
||||
#endif /* HAVE_POSIX_SPAWN */
|
||||
#endif /* HAVE_POSIX_SPAWN && !__OpenBSD__ */
|
||||
|
||||
if (*pid)
|
||||
{
|
||||
@@ -870,5 +878,5 @@ cupsd_requote(char *dst, /* I - Destination buffer */
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: process.c 12102 2014-08-20 15:19:09Z msweet $".
|
||||
* End of "$Id: process.c 12252 2014-11-14 17:14:45Z msweet $".
|
||||
*/
|
||||
|
||||
+3
-3
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: cancel.c 10996 2013-05-29 11:51:34Z msweet $"
|
||||
* "$Id: cancel.c 12248 2014-11-12 16:32:57Z msweet $"
|
||||
*
|
||||
* "cancel" command for CUPS.
|
||||
*
|
||||
@@ -315,7 +315,7 @@ main(int argc, /* I - Number of command-line arguments */
|
||||
ippDelete(response);
|
||||
}
|
||||
|
||||
if (num_dests == 0 && op == IPP_PURGE_JOBS)
|
||||
if (num_dests == 0 && op != IPP_CANCEL_JOB)
|
||||
{
|
||||
/*
|
||||
* Open a connection to the server...
|
||||
@@ -383,5 +383,5 @@ main(int argc, /* I - Number of command-line arguments */
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: cancel.c 10996 2013-05-29 11:51:34Z msweet $".
|
||||
* End of "$Id: cancel.c 12248 2014-11-12 16:32:57Z msweet $".
|
||||
*/
|
||||
|
||||
@@ -8,7 +8,15 @@
|
||||
{refresh_page?<meta http-equiv="refresh" content="{refresh_page}">:}
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=9">
|
||||
<meta name="viewport" content="width=device-width">
|
||||
<style>html{display:none;}</style>
|
||||
<script type="text/javascript"><!--
|
||||
/* Only display document if we are not in a frame... */
|
||||
if (self == top) {
|
||||
document.documentElement.style.display = 'block';
|
||||
} else {
|
||||
top.location = self.location;
|
||||
}
|
||||
|
||||
/* Show an error if cookies are disabled */
|
||||
function check_cookies() {
|
||||
if (!navigator.cookieEnabled) {
|
||||
|
||||
@@ -8,7 +8,15 @@
|
||||
{refresh_page?<meta http-equiv="refresh" content="{refresh_page}">:}
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=9">
|
||||
<meta name="viewport" content="width=device-width">
|
||||
<style>html{display:none;}</style>
|
||||
<script type="text/javascript"><!--
|
||||
/* Only display document if we are not in a frame... */
|
||||
if (self == top) {
|
||||
document.documentElement.style.display = 'block';
|
||||
} else {
|
||||
top.location = self.location;
|
||||
}
|
||||
|
||||
/* Show an error if cookies are disabled */
|
||||
function check_cookies() {
|
||||
if (!navigator.cookieEnabled) {
|
||||
|
||||
+248
-83
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: ippserver.c 12136 2014-08-29 15:19:40Z msweet $"
|
||||
* "$Id: ippserver.c 12215 2014-10-20 18:24:56Z msweet $"
|
||||
*
|
||||
* Sample IPP Everywhere server for CUPS.
|
||||
*
|
||||
@@ -57,6 +57,11 @@ extern char **environ;
|
||||
|
||||
#ifdef HAVE_DNSSD
|
||||
# include <dns_sd.h>
|
||||
#elif defined(HAVE_AVAHI)
|
||||
# include <avahi-client/client.h>
|
||||
# include <avahi-client/publish.h>
|
||||
# include <avahi-common/error.h>
|
||||
# include <avahi-common/thread-watch.h>
|
||||
#endif /* HAVE_DNSSD */
|
||||
#ifdef HAVE_SYS_MOUNT_H
|
||||
# include <sys/mount.h>
|
||||
@@ -231,6 +236,19 @@ static const char * const printer_supplies[] =
|
||||
* Structures...
|
||||
*/
|
||||
|
||||
#ifdef HAVE_DNSSD
|
||||
typedef DNSServiceRef _ipp_srv_t; /* Service reference */
|
||||
typedef TXTRecordRef _ipp_txt_t; /* TXT record */
|
||||
|
||||
#elif defined(HAVE_AVAHI)
|
||||
typedef AvahiEntryGroup *_ipp_srv_t; /* Service reference */
|
||||
typedef AvahiStringList *_ipp_txt_t; /* TXT record */
|
||||
|
||||
#else
|
||||
typedef void *_ipp_srv_t; /* Service reference */
|
||||
typedef void *_ipp_txt_t; /* TXT record */
|
||||
#endif /* HAVE_DNSSD */
|
||||
|
||||
typedef struct _ipp_filter_s /**** Attribute filter ****/
|
||||
{
|
||||
cups_array_t *ra; /* Requested attributes */
|
||||
@@ -243,18 +261,12 @@ typedef struct _ipp_printer_s /**** Printer data ****/
|
||||
{
|
||||
int ipv4, /* IPv4 listener */
|
||||
ipv6; /* IPv6 listener */
|
||||
#ifdef HAVE_DNSSD
|
||||
DNSServiceRef common_ref, /* Shared service connection */
|
||||
ipp_ref, /* Bonjour IPP service */
|
||||
# ifdef HAVE_SSL
|
||||
_ipp_srv_t ipp_ref, /* Bonjour IPP service */
|
||||
ipps_ref, /* Bonjour IPPS service */
|
||||
# endif /* HAVE_SSL */
|
||||
http_ref, /* Bonjour HTTP service */
|
||||
printer_ref; /* Bonjour LPD service */
|
||||
TXTRecordRef ipp_txt; /* Bonjour IPP TXT record */
|
||||
char *dnssd_name; /* printer-dnssd-name */
|
||||
#endif /* HAVE_DNSSD */
|
||||
char *name, /* printer-name */
|
||||
char *dnssd_name, /* printer-dnssd-name */
|
||||
*name, /* printer-name */
|
||||
*icon, /* Icon filename */
|
||||
*directory, /* Spool directory */
|
||||
*hostname, /* Hostname */
|
||||
@@ -340,10 +352,7 @@ static _ipp_printer_t *create_printer(const char *servername,
|
||||
const char *icon,
|
||||
const char *docformats, int ppm,
|
||||
int ppm_color, int duplex, int port,
|
||||
int pin,
|
||||
#ifdef HAVE_DNSSD
|
||||
const char *subtype,
|
||||
#endif /* HAVE_DNSSD */
|
||||
int pin, const char *subtype,
|
||||
const char *directory,
|
||||
const char *command);
|
||||
static void debug_attributes(const char *title, ipp_t *ipp,
|
||||
@@ -359,7 +368,11 @@ static void dnssd_callback(DNSServiceRef sdRef,
|
||||
const char *regtype,
|
||||
const char *domain,
|
||||
_ipp_printer_t *printer);
|
||||
#elif defined(HAVE_AVAHI)
|
||||
static void dnssd_callback(AvahiEntryGroup *p, AvahiEntryGroupState state, void *context);
|
||||
static void dnssd_client_cb(AvahiClient *c, AvahiClientState state, void *userdata);
|
||||
#endif /* HAVE_DNSSD */
|
||||
static void dnssd_init(void);
|
||||
static int filter_cb(_ipp_filter_t *filter, ipp_t *dst, ipp_attribute_t *attr);
|
||||
static _ipp_job_t *find_job(_ipp_client_t *client);
|
||||
static void html_escape(_ipp_client_t *client, const char *s,
|
||||
@@ -386,9 +399,7 @@ static void *process_client(_ipp_client_t *client);
|
||||
static int process_http(_ipp_client_t *client);
|
||||
static int process_ipp(_ipp_client_t *client);
|
||||
static void *process_job(_ipp_job_t *job);
|
||||
#ifdef HAVE_DNSSD
|
||||
static int register_printer(_ipp_printer_t *printer, const char *location, const char *make, const char *model, const char *formats, const char *adminurl, const char *uuid, int color, int duplex, const char *regtype);
|
||||
#endif /* HAVE_DNSSD */
|
||||
static int respond_http(_ipp_client_t *client, http_status_t code,
|
||||
const char *content_coding,
|
||||
const char *type, size_t length);
|
||||
@@ -408,6 +419,13 @@ static int valid_job_attributes(_ipp_client_t *client);
|
||||
* Globals...
|
||||
*/
|
||||
|
||||
# ifdef HAVE_DNSSD
|
||||
static DNSServiceRef DNSSDMaster = NULL;
|
||||
# else /* HAVE_AVAHI */
|
||||
static AvahiThreadedPoll *DNSSDMaster = NULL;
|
||||
static AvahiClient *DNSSDClient = NULL;
|
||||
# endif /* HAVE_DNSSD */
|
||||
|
||||
static int KeepFiles = 0,
|
||||
Verbosity = 0;
|
||||
|
||||
@@ -434,9 +452,7 @@ main(int argc, /* I - Number of command-line args */
|
||||
#ifdef HAVE_SSL
|
||||
const char *keypath = NULL; /* Keychain path */
|
||||
#endif /* HAVE_SSL */
|
||||
#ifdef HAVE_DNSSD
|
||||
const char *subtype = "_print"; /* Bonjour service subtype */
|
||||
#endif /* HAVE_DNSSD */
|
||||
int port = 0, /* Port number (0 = auto) */
|
||||
duplex = 0, /* Duplex mode */
|
||||
ppm = 10, /* Pages per minute for mono */
|
||||
@@ -546,14 +562,12 @@ main(int argc, /* I - Number of command-line args */
|
||||
port = atoi(argv[i]);
|
||||
break;
|
||||
|
||||
#ifdef HAVE_DNSSD
|
||||
case 'r' : /* -r subtype */
|
||||
i ++;
|
||||
if (i >= argc)
|
||||
usage(1);
|
||||
subtype = argv[i];
|
||||
break;
|
||||
#endif /* HAVE_DNSSD */
|
||||
|
||||
case 's' : /* -s speed[,color-speed] */
|
||||
i ++;
|
||||
@@ -597,8 +611,8 @@ main(int argc, /* I - Number of command-line args */
|
||||
{
|
||||
#ifdef WIN32
|
||||
/*
|
||||
* Windows is almost always used as a single user system, so use a default port
|
||||
* number of 8631.
|
||||
* Windows is almost always used as a single user system, so use a default
|
||||
* port number of 8631.
|
||||
*/
|
||||
|
||||
port = 8631;
|
||||
@@ -633,16 +647,19 @@ main(int argc, /* I - Number of command-line args */
|
||||
cupsSetServerCredentials(keypath, servername, 1);
|
||||
#endif /* HAVE_SSL */
|
||||
|
||||
/*
|
||||
* Initialize Bonjour...
|
||||
*/
|
||||
|
||||
dnssd_init();
|
||||
|
||||
/*
|
||||
* Create the printer...
|
||||
*/
|
||||
|
||||
if ((printer = create_printer(servername, name, location, make, model, icon,
|
||||
formats, ppm, ppm_color, duplex, port, pin,
|
||||
#ifdef HAVE_DNSSD
|
||||
subtype,
|
||||
#endif /* HAVE_DNSSD */
|
||||
directory, command)) == NULL)
|
||||
subtype, directory, command)) == NULL)
|
||||
return (1);
|
||||
|
||||
/*
|
||||
@@ -1197,9 +1214,7 @@ create_printer(const char *servername, /* I - Server hostname (NULL for default)
|
||||
int duplex, /* I - 1 = duplex, 0 = simplex */
|
||||
int port, /* I - Port for listeners or 0 for auto */
|
||||
int pin, /* I - Require PIN printing */
|
||||
#ifdef HAVE_DNSSD
|
||||
const char *subtype, /* I - Bonjour service subtype */
|
||||
#endif /* HAVE_DNSSD */
|
||||
const char *directory, /* I - Spool directory */
|
||||
const char *command) /* I - Command to run on job files */
|
||||
{
|
||||
@@ -1435,9 +1450,7 @@ create_printer(const char *servername, /* I - Server hostname (NULL for default)
|
||||
printer->ipv4 = -1;
|
||||
printer->ipv6 = -1;
|
||||
printer->name = strdup(name);
|
||||
#ifdef HAVE_DNSSD
|
||||
printer->dnssd_name = strdup(printer->name);
|
||||
#endif /* HAVE_DNSSD */
|
||||
printer->command = command ? strdup(command) : NULL;
|
||||
printer->directory = strdup(directory);
|
||||
printer->hostname = strdup(servername);
|
||||
@@ -2078,14 +2091,12 @@ create_printer(const char *servername, /* I - Server hostname (NULL for default)
|
||||
|
||||
debug_attributes("Printer", printer->attrs, 0);
|
||||
|
||||
#ifdef HAVE_DNSSD
|
||||
/*
|
||||
* Register the printer with Bonjour...
|
||||
*/
|
||||
|
||||
if (!register_printer(printer, location, make, model, docformats, adminurl, uuid + 9, ppm_color > 0, duplex, subtype))
|
||||
goto bad_printer;
|
||||
#endif /* HAVE_DNSSD */
|
||||
|
||||
/*
|
||||
* Return it!
|
||||
@@ -2227,26 +2238,29 @@ delete_printer(_ipp_printer_t *printer) /* I - Printer */
|
||||
#if HAVE_DNSSD
|
||||
if (printer->printer_ref)
|
||||
DNSServiceRefDeallocate(printer->printer_ref);
|
||||
|
||||
if (printer->ipp_ref)
|
||||
DNSServiceRefDeallocate(printer->ipp_ref);
|
||||
|
||||
# ifdef HAVE_SSL
|
||||
if (printer->ipps_ref)
|
||||
DNSServiceRefDeallocate(printer->ipps_ref);
|
||||
# endif /* HAVE_SSL */
|
||||
if (printer->http_ref)
|
||||
DNSServiceRefDeallocate(printer->http_ref);
|
||||
#elif defined(HAVE_AVAHI)
|
||||
avahi_threaded_poll_lock(DNSSDMaster);
|
||||
|
||||
if (printer->common_ref)
|
||||
DNSServiceRefDeallocate(printer->common_ref);
|
||||
if (printer->printer_ref)
|
||||
avahi_entry_group_free(printer->printer_ref);
|
||||
if (printer->ipp_ref)
|
||||
avahi_entry_group_free(printer->ipp_ref);
|
||||
if (printer->ipps_ref)
|
||||
avahi_entry_group_free(printer->ipps_ref);
|
||||
if (printer->http_ref)
|
||||
avahi_entry_group_free(printer->http_ref);
|
||||
|
||||
TXTRecordDeallocate(&(printer->ipp_txt));
|
||||
avahi_threaded_poll_unlock(DNSSDMaster);
|
||||
#endif /* HAVE_DNSSD */
|
||||
|
||||
if (printer->dnssd_name)
|
||||
free(printer->dnssd_name);
|
||||
#endif /* HAVE_DNSSD */
|
||||
|
||||
if (printer->name)
|
||||
free(printer->name);
|
||||
if (printer->icon)
|
||||
@@ -2302,9 +2316,94 @@ dnssd_callback(
|
||||
printer->dnssd_name = strdup(name);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
#elif defined(HAVE_AVAHI)
|
||||
/*
|
||||
* 'dnssd_callback()' - Handle Bonjour registration events.
|
||||
*/
|
||||
|
||||
static void
|
||||
dnssd_callback(
|
||||
AvahiEntryGroup *srv, /* I - Service */
|
||||
AvahiEntryGroupState state, /* I - Registration state */
|
||||
void *context) /* I - Printer */
|
||||
{
|
||||
(void)srv;
|
||||
(void)state;
|
||||
(void)context;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* 'dnssd_client_cb()' - Client callback for Avahi.
|
||||
*
|
||||
* Called whenever the client or server state changes...
|
||||
*/
|
||||
|
||||
static void
|
||||
dnssd_client_cb(
|
||||
AvahiClient *c, /* I - Client */
|
||||
AvahiClientState state, /* I - Current state */
|
||||
void *userdata) /* I - User data (unused) */
|
||||
{
|
||||
(void)userdata;
|
||||
|
||||
if (!c)
|
||||
return;
|
||||
|
||||
switch (state)
|
||||
{
|
||||
default :
|
||||
fprintf(stderr, "Ignore Avahi state %d.\n", state);
|
||||
break;
|
||||
|
||||
case AVAHI_CLIENT_FAILURE:
|
||||
if (avahi_client_errno(c) == AVAHI_ERR_DISCONNECTED)
|
||||
{
|
||||
fputs("Avahi server crashed, exiting.\n", stderr);
|
||||
exit(1);
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
#endif /* HAVE_DNSSD */
|
||||
|
||||
|
||||
/*
|
||||
* 'dnssd_init()' - Initialize the DNS-SD service connections...
|
||||
*/
|
||||
|
||||
static void
|
||||
dnssd_init(void)
|
||||
{
|
||||
#ifdef HAVE_DNSSD
|
||||
if (DNSServiceCreateConnection(&DNSSDMaster) != kDNSServiceErr_NoError)
|
||||
{
|
||||
fputs("Error: Unable to initialize Bonjour.\n", stderr);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
#elif defined(HAVE_AVAHI)
|
||||
int error; /* Error code, if any */
|
||||
|
||||
if ((DNSSDMaster = avahi_threaded_poll_new()) == NULL)
|
||||
{
|
||||
fputs("Error: Unable to initialize Bonjour.\n", stderr);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
if ((DNSSDClient = avahi_client_new(avahi_threaded_poll_get(DNSSDMaster), AVAHI_CLIENT_NO_FAIL, dnssd_client_cb, NULL, &error)) == NULL)
|
||||
{
|
||||
fputs("Error: Unable to initialize Bonjour.\n", stderr);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
avahi_threaded_poll_start(DNSSDMaster);
|
||||
#endif /* HAVE_DNSSD */
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* 'filter_cb()' - Filter printer attributes based on the requested array.
|
||||
*/
|
||||
@@ -2318,7 +2417,9 @@ filter_cb(_ipp_filter_t *filter, /* I - Filter parameters */
|
||||
* Filter attributes as needed...
|
||||
*/
|
||||
|
||||
// (void)dst;
|
||||
#ifndef WIN32 /* Avoid MS compiler bug */
|
||||
(void)dst;
|
||||
#endif /* !WIN32 */
|
||||
|
||||
ipp_tag_t group = ippGetGroupTag(attr);
|
||||
const char *name = ippGetName(attr);
|
||||
@@ -5426,7 +5527,6 @@ process_job(_ipp_job_t *job) /* I - Job */
|
||||
}
|
||||
|
||||
|
||||
#ifdef HAVE_DNSSD
|
||||
/*
|
||||
* 'register_printer()' - Register a printer object via Bonjour.
|
||||
*/
|
||||
@@ -5444,6 +5544,8 @@ register_printer(
|
||||
int duplex, /* I - 1 = duplex, 0 = simplex */
|
||||
const char *subtype) /* I - Service subtype */
|
||||
{
|
||||
_ipp_txt_t ipp_txt; /* Bonjour IPP TXT record */
|
||||
#ifdef HAVE_DNSSD
|
||||
DNSServiceErrorType error; /* Error from Bonjour */
|
||||
char make_model[256],/* Make and model together */
|
||||
product[256], /* Product string */
|
||||
@@ -5457,47 +5559,36 @@ register_printer(
|
||||
snprintf(make_model, sizeof(make_model), "%s %s", make, model);
|
||||
snprintf(product, sizeof(product), "(%s)", model);
|
||||
|
||||
TXTRecordCreate(&(printer->ipp_txt), 1024, NULL);
|
||||
TXTRecordSetValue(&(printer->ipp_txt), "rp", 9, "ipp/print");
|
||||
TXTRecordSetValue(&(printer->ipp_txt), "ty", (uint8_t)strlen(make_model),
|
||||
TXTRecordCreate(&ipp_txt, 1024, NULL);
|
||||
TXTRecordSetValue(&ipp_txt, "rp", 9, "ipp/print");
|
||||
TXTRecordSetValue(&ipp_txt, "ty", (uint8_t)strlen(make_model),
|
||||
make_model);
|
||||
TXTRecordSetValue(&(printer->ipp_txt), "adminurl", (uint8_t)strlen(adminurl),
|
||||
TXTRecordSetValue(&ipp_txt, "adminurl", (uint8_t)strlen(adminurl),
|
||||
adminurl);
|
||||
if (*location)
|
||||
TXTRecordSetValue(&(printer->ipp_txt), "note", (uint8_t)strlen(location),
|
||||
TXTRecordSetValue(&ipp_txt, "note", (uint8_t)strlen(location),
|
||||
location);
|
||||
TXTRecordSetValue(&(printer->ipp_txt), "product", (uint8_t)strlen(product),
|
||||
TXTRecordSetValue(&ipp_txt, "product", (uint8_t)strlen(product),
|
||||
product);
|
||||
TXTRecordSetValue(&(printer->ipp_txt), "pdl", (uint8_t)strlen(formats),
|
||||
TXTRecordSetValue(&ipp_txt, "pdl", (uint8_t)strlen(formats),
|
||||
formats);
|
||||
TXTRecordSetValue(&(printer->ipp_txt), "Color", 1, color ? "T" : "F");
|
||||
TXTRecordSetValue(&(printer->ipp_txt), "Duplex", 1, duplex ? "T" : "F");
|
||||
TXTRecordSetValue(&(printer->ipp_txt), "usb_MFG", (uint8_t)strlen(make),
|
||||
TXTRecordSetValue(&ipp_txt, "Color", 1, color ? "T" : "F");
|
||||
TXTRecordSetValue(&ipp_txt, "Duplex", 1, duplex ? "T" : "F");
|
||||
TXTRecordSetValue(&ipp_txt, "usb_MFG", (uint8_t)strlen(make),
|
||||
make);
|
||||
TXTRecordSetValue(&(printer->ipp_txt), "usb_MDL", (uint8_t)strlen(model),
|
||||
TXTRecordSetValue(&ipp_txt, "usb_MDL", (uint8_t)strlen(model),
|
||||
model);
|
||||
TXTRecordSetValue(&(printer->ipp_txt), "UUID", (uint8_t)strlen(uuid), uuid);
|
||||
TXTRecordSetValue(&ipp_txt, "UUID", (uint8_t)strlen(uuid), uuid);
|
||||
# ifdef HAVE_SSL
|
||||
TXTRecordSetValue(&(printer->ipp_txt), "TLS", 3, "1.2");
|
||||
TXTRecordSetValue(&ipp_txt, "TLS", 3, "1.2");
|
||||
# endif /* HAVE_SSL */
|
||||
|
||||
/*
|
||||
* Create a shared service reference for Bonjour...
|
||||
*/
|
||||
|
||||
if ((error = DNSServiceCreateConnection(&(printer->common_ref)))
|
||||
!= kDNSServiceErr_NoError)
|
||||
{
|
||||
fprintf(stderr, "Unable to create mDNSResponder connection: %d\n", error);
|
||||
return (0);
|
||||
}
|
||||
|
||||
/*
|
||||
* Register the _printer._tcp (LPD) service type with a port number of 0 to
|
||||
* defend our service name but not actually support LPD...
|
||||
*/
|
||||
|
||||
printer->printer_ref = printer->common_ref;
|
||||
printer->printer_ref = DNSSDMaster;
|
||||
|
||||
if ((error = DNSServiceRegister(&(printer->printer_ref),
|
||||
kDNSServiceFlagsShareConnection,
|
||||
@@ -5518,7 +5609,7 @@ register_printer(
|
||||
* advertise our IPP printer...
|
||||
*/
|
||||
|
||||
printer->ipp_ref = printer->common_ref;
|
||||
printer->ipp_ref = DNSSDMaster;
|
||||
|
||||
if (subtype && *subtype)
|
||||
snprintf(regtype, sizeof(regtype), "_ipp._tcp,%s", subtype);
|
||||
@@ -5530,8 +5621,8 @@ register_printer(
|
||||
0 /* interfaceIndex */, printer->dnssd_name,
|
||||
regtype, NULL /* domain */,
|
||||
NULL /* host */, htons(printer->port),
|
||||
TXTRecordGetLength(&(printer->ipp_txt)),
|
||||
TXTRecordGetBytesPtr(&(printer->ipp_txt)),
|
||||
TXTRecordGetLength(&ipp_txt),
|
||||
TXTRecordGetBytesPtr(&ipp_txt),
|
||||
(DNSServiceRegisterReply)dnssd_callback,
|
||||
printer)) != kDNSServiceErr_NoError)
|
||||
{
|
||||
@@ -5543,10 +5634,10 @@ register_printer(
|
||||
# ifdef HAVE_SSL
|
||||
/*
|
||||
* Then register the _ipps._tcp (IPP) service type with the real port number to
|
||||
* advertise our IPP printer...
|
||||
* advertise our IPPS printer...
|
||||
*/
|
||||
|
||||
printer->ipps_ref = printer->common_ref;
|
||||
printer->ipps_ref = DNSSDMaster;
|
||||
|
||||
if (subtype && *subtype)
|
||||
snprintf(regtype, sizeof(regtype), "_ipps._tcp,%s", subtype);
|
||||
@@ -5558,8 +5649,8 @@ register_printer(
|
||||
0 /* interfaceIndex */, printer->dnssd_name,
|
||||
regtype, NULL /* domain */,
|
||||
NULL /* host */, htons(printer->port),
|
||||
TXTRecordGetLength(&(printer->ipp_txt)),
|
||||
TXTRecordGetBytesPtr(&(printer->ipp_txt)),
|
||||
TXTRecordGetLength(&ipp_txt),
|
||||
TXTRecordGetBytesPtr(&ipp_txt),
|
||||
(DNSServiceRegisterReply)dnssd_callback,
|
||||
printer)) != kDNSServiceErr_NoError)
|
||||
{
|
||||
@@ -5574,7 +5665,7 @@ register_printer(
|
||||
* real port number to advertise our IPP printer...
|
||||
*/
|
||||
|
||||
printer->http_ref = printer->common_ref;
|
||||
printer->http_ref = DNSSDMaster;
|
||||
|
||||
if ((error = DNSServiceRegister(&(printer->http_ref),
|
||||
kDNSServiceFlagsShareConnection,
|
||||
@@ -5590,9 +5681,85 @@ register_printer(
|
||||
return (0);
|
||||
}
|
||||
|
||||
TXTRecordDeallocate(&ipp_txt);
|
||||
|
||||
#elif defined(HAVE_AVAHI)
|
||||
char temp[256]; /* Subtype service string */
|
||||
|
||||
/*
|
||||
* Create the TXT record...
|
||||
*/
|
||||
|
||||
ipp_txt = NULL;
|
||||
ipp_txt = avahi_string_list_add_printf(ipp_txt, "rp=ipp/print");
|
||||
ipp_txt = avahi_string_list_add_printf(ipp_txt, "ty=%s %s", make, model);
|
||||
ipp_txt = avahi_string_list_add_printf(ipp_txt, "adminurl=%s", adminurl);
|
||||
if (*location)
|
||||
ipp_txt = avahi_string_list_add_printf(ipp_txt, "note=%s", location);
|
||||
ipp_txt = avahi_string_list_add_printf(ipp_txt, "product=(%s)", model);
|
||||
ipp_txt = avahi_string_list_add_printf(ipp_txt, "pdl=%s", formats);
|
||||
ipp_txt = avahi_string_list_add_printf(ipp_txt, "Color=%s", color ? "T" : "F");
|
||||
ipp_txt = avahi_string_list_add_printf(ipp_txt, "Duplex=%s", duplex ? "T" : "F");
|
||||
ipp_txt = avahi_string_list_add_printf(ipp_txt, "usb_MFG=%s", make);
|
||||
ipp_txt = avahi_string_list_add_printf(ipp_txt, "usb_MDL=%s", model);
|
||||
ipp_txt = avahi_string_list_add_printf(ipp_txt, "UUID=%s", uuid);
|
||||
# ifdef HAVE_SSL
|
||||
ipp_txt = avahi_string_list_add_printf(ipp_txt, "TLS=1.2");
|
||||
# endif /* HAVE_SSL */
|
||||
|
||||
/*
|
||||
* Register _printer._tcp (LPD) with port 0 to reserve the service name...
|
||||
*/
|
||||
|
||||
avahi_threaded_poll_lock(DNSSDMaster);
|
||||
|
||||
printer->ipp_ref = avahi_entry_group_new(DNSSDClient, dnssd_callback, NULL);
|
||||
|
||||
avahi_entry_group_add_service_strlst(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_printer._tcp", NULL, NULL, 0, NULL);
|
||||
|
||||
/*
|
||||
* Then register the _ipp._tcp (IPP)...
|
||||
*/
|
||||
|
||||
avahi_entry_group_add_service_strlst(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_ipp._tcp", NULL, NULL, printer->port, ipp_txt);
|
||||
if (subtype && *subtype)
|
||||
{
|
||||
snprintf(temp, sizeof(temp), "%s._sub._ipp._tcp", subtype);
|
||||
avahi_entry_group_add_service_subtype(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_ipp._tcp", NULL, temp);
|
||||
}
|
||||
|
||||
#ifdef HAVE_SSL
|
||||
/*
|
||||
* _ipps._tcp (IPPS) for secure printing...
|
||||
*/
|
||||
|
||||
avahi_entry_group_add_service_strlst(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_ipps._tcp", NULL, NULL, printer->port, ipp_txt);
|
||||
if (subtype && *subtype)
|
||||
{
|
||||
snprintf(temp, sizeof(temp), "%s._sub._ipps._tcp", subtype);
|
||||
avahi_entry_group_add_service_subtype(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_ipps._tcp", NULL, temp);
|
||||
}
|
||||
#endif /* HAVE_SSL */
|
||||
|
||||
/*
|
||||
* Finally _http.tcp (HTTP) for the web interface...
|
||||
*/
|
||||
|
||||
avahi_entry_group_add_service_strlst(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_http._tcp", NULL, NULL, printer->port, NULL);
|
||||
avahi_entry_group_add_service_subtype(printer->ipp_ref, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, printer->dnssd_name, "_http._tcp", NULL, "_printer._sub._http._tcp");
|
||||
|
||||
/*
|
||||
* Commit it...
|
||||
*/
|
||||
|
||||
avahi_entry_group_commit(printer->ipp_ref);
|
||||
avahi_threaded_poll_unlock(DNSSDMaster);
|
||||
|
||||
avahi_string_list_free(ipp_txt);
|
||||
#endif /* HAVE_DNSSD */
|
||||
|
||||
return (1);
|
||||
}
|
||||
#endif /* HAVE_DNSSD */
|
||||
|
||||
|
||||
/*
|
||||
@@ -5786,7 +5953,7 @@ run_printer(_ipp_printer_t *printer) /* I - Printer */
|
||||
num_fds = 2;
|
||||
|
||||
#ifdef HAVE_DNSSD
|
||||
polldata[num_fds ].fd = DNSServiceRefSockFD(printer->common_ref);
|
||||
polldata[num_fds ].fd = DNSServiceRefSockFD(DNSSDMaster);
|
||||
polldata[num_fds ++].events = POLLIN;
|
||||
#endif /* HAVE_DNSSD */
|
||||
|
||||
@@ -5833,7 +6000,7 @@ run_printer(_ipp_printer_t *printer) /* I - Printer */
|
||||
|
||||
#ifdef HAVE_DNSSD
|
||||
if (polldata[2].revents & POLLIN)
|
||||
DNSServiceProcessResult(printer->common_ref);
|
||||
DNSServiceProcessResult(DNSSDMaster);
|
||||
#endif /* HAVE_DNSSD */
|
||||
|
||||
/*
|
||||
@@ -5871,7 +6038,7 @@ usage(int status) /* O - Exit status */
|
||||
{
|
||||
if (!status)
|
||||
{
|
||||
puts(CUPS_SVERSION " - Copyright 2010-2013 by Apple Inc. All rights "
|
||||
puts(CUPS_SVERSION " - Copyright 2010-2014 by Apple Inc. All rights "
|
||||
"reserved.");
|
||||
puts("");
|
||||
}
|
||||
@@ -5894,9 +6061,7 @@ usage(int status) /* O - Exit status */
|
||||
puts("-m model Model name (default=Printer)");
|
||||
puts("-n hostname Hostname for printer");
|
||||
puts("-p port Port number (default=auto)");
|
||||
#ifdef HAVE_DNSSD
|
||||
puts("-r subtype Bonjour service subtype (default=_print)");
|
||||
#endif /* HAVE_DNSSD */
|
||||
puts("-s speed[,color-speed] Speed in pages per minute (default=10,0)");
|
||||
puts("-v[vvv] Be (very) verbose");
|
||||
|
||||
@@ -6303,5 +6468,5 @@ valid_job_attributes(
|
||||
|
||||
|
||||
/*
|
||||
* End of "$Id: ippserver.c 12136 2014-08-29 15:19:40Z msweet $".
|
||||
* End of "$Id: ippserver.c 12215 2014-10-20 18:24:56Z msweet $".
|
||||
*/
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# "$Id: run-stp-tests.sh 12151 2014-09-04 00:57:41Z msweet $"
|
||||
# "$Id: run-stp-tests.sh 12248 2014-11-12 16:32:57Z msweet $"
|
||||
#
|
||||
# Perform the complete set of IPP compliance tests specified in the
|
||||
# CUPS Software Test Plan.
|
||||
@@ -875,7 +875,7 @@ fi
|
||||
|
||||
# Requests logged
|
||||
count=`wc -l $BASE/log/access_log | awk '{print $1}'`
|
||||
expected=`expr 37 + 18 + 28 + $pjobs \* 8 + $pprinters \* $pjobs \* 4`
|
||||
expected=`expr 37 + 18 + 29 + $pjobs \* 8 + $pprinters \* $pjobs \* 4`
|
||||
if test $count != $expected; then
|
||||
echo "FAIL: $count requests logged, expected $expected."
|
||||
echo "<P>FAIL: $count requests logged, expected $expected.</P>" >>$strfile
|
||||
@@ -1066,5 +1066,5 @@ if test $fail != 0; then
|
||||
fi
|
||||
|
||||
#
|
||||
# End of "$Id: run-stp-tests.sh 12151 2014-09-04 00:57:41Z msweet $"
|
||||
# End of "$Id: run-stp-tests.sh 12248 2014-11-12 16:32:57Z msweet $"
|
||||
#
|
||||
|
||||
+4
-4
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: config.h 12136 2014-08-29 15:19:40Z msweet $"
|
||||
* "$Id: config.h 12254 2014-11-14 17:24:18Z msweet $"
|
||||
*
|
||||
* Configuration file for CUPS on Windows.
|
||||
*
|
||||
@@ -96,8 +96,8 @@ typedef unsigned long useconds_t;
|
||||
* Version of software...
|
||||
*/
|
||||
|
||||
#define CUPS_SVERSION "CUPS v2.0.0"
|
||||
#define CUPS_MINIMAL "CUPS/2.0.0"
|
||||
#define CUPS_SVERSION "CUPS v2.0.1"
|
||||
#define CUPS_MINIMAL "CUPS/2.0.1"
|
||||
|
||||
|
||||
/*
|
||||
@@ -792,5 +792,5 @@ static __inline int _cups_abs(int i) { return (i < 0 ? -i : i); }
|
||||
#endif /* !_CUPS_CONFIG_H_ */
|
||||
|
||||
/*
|
||||
* End of "$Id: config.h 12136 2014-08-29 15:19:40Z msweet $".
|
||||
* End of "$Id: config.h 12254 2014-11-14 17:24:18Z msweet $".
|
||||
*/
|
||||
|
||||
+4
-4
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* "$Id: config.h 12140 2014-08-30 01:51:22Z msweet $"
|
||||
* "$Id: config.h 12254 2014-11-14 17:24:18Z msweet $"
|
||||
*
|
||||
* Configuration file for CUPS and Xcode.
|
||||
*
|
||||
@@ -20,8 +20,8 @@
|
||||
* Version of software...
|
||||
*/
|
||||
|
||||
#define CUPS_SVERSION "CUPS v2.0.0"
|
||||
#define CUPS_MINIMAL "CUPS/2.0.0"
|
||||
#define CUPS_SVERSION "CUPS v2.0.1"
|
||||
#define CUPS_MINIMAL "CUPS/2.0.1"
|
||||
|
||||
|
||||
/*
|
||||
@@ -699,5 +699,5 @@ static __inline int _cups_abs(int i) { return (i < 0 ? -i : i); }
|
||||
#endif /* !_CUPS_CONFIG_H_ */
|
||||
|
||||
/*
|
||||
* End of "$Id: config.h 12140 2014-08-30 01:51:22Z msweet $".
|
||||
* End of "$Id: config.h 12254 2014-11-14 17:24:18Z msweet $".
|
||||
*/
|
||||
|
||||
Referência em uma Nova Issue
Bloquear um usuário