From 43edac159031159671e4bf162455562fa6739001 Mon Sep 17 00:00:00 2001 From: Packit Service Date: Dec 09 2020 13:03:50 +0000 Subject: Prepare for a new update Reverting patches so we can apply the latest update and changes can be seen in the spec file and sources. --- diff --git a/Makedefs.in b/Makedefs.in index 8026060..4055b93 100644 --- a/Makedefs.in +++ b/Makedefs.in @@ -161,7 +161,7 @@ LDFLAGS = -L../cgi-bin -L../cups -L../filter -L../ppdc \ @LDFLAGS@ @RELROFLAGS@ @PIEFLAGS@ $(OPTIM) LINKCUPS = @LINKCUPS@ $(LIBGSSAPI) $(DNSSDLIBS) $(SSLLIBS) $(LIBZ) LINKCUPSIMAGE = @LINKCUPSIMAGE@ -LIBS = $(LINKCUPS) $(COMMONLIBS) @LIBAUDIT@ @LIBSELINUX@ +LIBS = $(LINKCUPS) $(COMMONLIBS) ONDEMANDFLAGS = @ONDEMANDFLAGS@ ONDEMANDLIBS = @ONDEMANDLIBS@ OPTIM = @OPTIM@ diff --git a/backend/Makefile b/backend/Makefile index 6642016..aeb33d8 100644 --- a/backend/Makefile +++ b/backend/Makefile @@ -28,7 +28,6 @@ include ../Makedefs RBACKENDS = \ ipp \ lpd \ - failover \ $(DNSSD_BACKEND) UBACKENDS = \ snmp \ @@ -52,7 +51,6 @@ LIBOBJS = \ OBJS = \ ipp.o \ lpd.o \ - failover.o \ dnssd.o \ snmp.o \ socket.o \ @@ -264,7 +262,7 @@ dnssd: dnssd.o ../cups/$(LIBCUPS) libbackend.a ipp: ipp.o ../cups/$(LIBCUPS) libbackend.a echo Linking $@... - $(LD_CC) $(LDFLAGS) -o ipp ipp.o libbackend.a $(LIBS) $(SERVERLIBS) + $(LD_CC) $(LDFLAGS) -o ipp ipp.o libbackend.a $(LIBS) $(RM) http $(LN) ipp http @@ -277,13 +275,6 @@ lpd: lpd.o ../cups/$(LIBCUPS) libbackend.a echo Linking $@... $(LD_CC) $(LDFLAGS) -o lpd lpd.o libbackend.a $(LIBS) -# -# failover -# - -failover: failover.o ../cups/$(LIBCUPS) libbackend.a - echo Linking $@... - $(LD_CC) $(LDFLAGS) -o failover failover.o libbackend.a $(LIBS) # # snmp diff --git a/backend/dnssd.c b/backend/dnssd.c index 4ca81bc..849595d 100644 --- a/backend/dnssd.c +++ b/backend/dnssd.c @@ -1182,22 +1182,15 @@ query_callback( if (device->device_id) free(device->device_id); -if (device_id[0]) -{ - /* Mark this as the real device ID. */ - ptr = device_id + strlen(device_id); - snprintf(ptr, sizeof(device_id) - (ptr - device_id), "FZY:0;"); -} - if (!device_id[0] && strcmp(model, "Unknown")) { if (make_and_model[0]) - snprintf(device_id, sizeof(device_id), "MFG:%s;MDL:%s;FZY:1;", + snprintf(device_id, sizeof(device_id), "MFG:%s;MDL:%s;", make_and_model, model); else if (!_cups_strncasecmp(model, "designjet ", 10)) - snprintf(device_id, sizeof(device_id), "MFG:HP;MDL:%s;FZY:1;", model + 10); + snprintf(device_id, sizeof(device_id), "MFG:HP;MDL:%s;", model + 10); else if (!_cups_strncasecmp(model, "stylus ", 7)) - snprintf(device_id, sizeof(device_id), "MFG:EPSON;MDL:%s;FZY:1;", model + 7); + snprintf(device_id, sizeof(device_id), "MFG:EPSON;MDL:%s;", model + 7); else if ((ptr = strchr(model, ' ')) != NULL) { /* @@ -1207,7 +1200,7 @@ if (device_id[0]) memcpy(make_and_model, model, (size_t)(ptr - model)); make_and_model[ptr - model] = '\0'; - snprintf(device_id, sizeof(device_id), "MFG:%s;MDL:%s;FZY:1;", + snprintf(device_id, sizeof(device_id), "MFG:%s;MDL:%s;", make_and_model, ptr + 1); } } diff --git a/backend/failover.c b/backend/failover.c deleted file mode 100644 index 9affd8f..0000000 --- a/backend/failover.c +++ /dev/null @@ -1,837 +0,0 @@ -/* - * Failover Backend for the Common UNIX Printing System (CUPS). - * - * Copyright (c) 2014, Red Hat, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * * Neither the name of Red Hat, Inc. nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT, - * INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY - * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE - * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * Original version by Clark Hale, Red Hat, Inc. - * - * This backend presents a fake printer that will choose the first - * available printer from a list of IPP URIs. - * - * Option failover contains a comma separated list of IPP URIs. The - * URIs are attempted in-order. - * - * Option failover-retries contains an integer that indicates how many - * times to iterate through the failover list before completely - * failing. - * - * Contents: - * main() - Checks each printer in a failover list, and - * sends job data to the first available printer - * move_job() - Sends and IPP Move-Job request - * check_printer() - Checks a printer's attributes to see - * if it's enabled and accepting jobs - * read_config() - Read the backends configuration from - * options - * get_printer_attributes() - Sends an IPP Get-Attributes request to - * a URI - * sigterm_handler() - Handle SIGTERM that cancels the job - * password_cb() - Password call back used to disable password - * prompt - */ -#include -#include -#include -#include -#include -#include -#include "backend-private.h" - -/* - * Return Values - */ -typedef enum fo_state_e -{ - FO_PRINTER_GOOD = 0, - FO_PRINTER_BAD, - FO_PRINTER_BUSY, - FO_AUTH_REQUIRED -} fo_state_t; - -/* - * Constants - */ -#define FAILOVER_DEFAULT_RETRIES (3) -#define FAILOVER_PASSWORD_RETRIES_MAX (3) - -/* - * Local Functions - */ -static int check_printer(const char *device_uri); -static int read_config(cups_array_t *printer_array, int *retries, - const char *options); -static int get_printer_attributes(const char *device_uri, - ipp_t **attributes); -static int move_job(int jobid, const char *dest); -static void sigterm_handler(int sig); -static const char *password_cb(const char *); - -/* - * Global Variables - */ -static int job_canceled = 0; /* Job canceled */ -static char *password = NULL; /* password for device */ -static int password_retries = 0; -static const char *auth_info_required = "none"; - -/* - * 'main()' - Checks each printer in a failover list, and - * sends job data to the first available printer - * Usage: - * printer-uri job-id user title copies options [file] - * - * The printer-uri option is not used, but it still required to fit - * to the backend(7) standards. - */ -int -main(int argc, char *argv[]) -{ - const char *selected_uri = NULL; /* URI of selected printer */ - const char *tmp_device_uri; /* Device URI to check */ - cups_array_t *printer_array; /* Array of available printers */ - int printer_count = 0; /* current printer array index */ - int retry_max = 1; /* maximum retries before exit */ - int retry_count = 0; /* current retry number */ - int auth_failed_count = 0; /* auth failures per loop */ - int rc = CUPS_BACKEND_OK; -#if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET) - struct sigaction action; /* Actions for POSIX signals */ -#endif /* HAVE_SIGACTION && !HAVE_SIGSET */ - - /* - * Check args - */ - if (argc == 1) - { - /* - * print out discovery data - */ - char *backendName; - - if ((backendName = strrchr(argv[0], '/')) != NULL) - backendName++; - else - backendName = argv[0]; - - _cupsLangPrintf(stderr,"network %s \"Unknown\" \"%s (%s)\"\n", - backendName, - _cupsLangString(cupsLangDefault(), _("Failover Printer")), - backendName); - - return (CUPS_BACKEND_OK); - } - else if (argc < 6) - { - _cupsLangPrintf(stderr, - _("Usage: %s job-id user title copies options [file]"), - argv[0]); - return (CUPS_BACKEND_STOP); - } - - fprintf(stderr, "DEBUG: Failover backend starting up.\n"); - - /* - * Don't buffer status messages - */ - setbuf(stderr, NULL); - - /* - * Ignore SIGPIPE and catch SIGTERM signals... - */ -#ifdef HAVE_SIGSET - sigset(SIGPIPE, SIG_IGN); - sigset(SIGTERM, sigterm_handler); -#elif defined(HAVE_SIGACTION) - memset(&action, 0, sizeof(action)); - action.sa_handler = SIG_IGN; - sigaction(SIGPIPE, &action, NULL); - - sigemptyset(&action.sa_mask); - sigaddset(&action.sa_mask, SIGTERM); - action.sa_handler = sigterm_handler; - sigaction(SIGTERM, &action, NULL); -#else - signal(SIGPIPE, SIG_IGN); - signal(SIGTERM, sigterm_handler); -#endif /* HAVE_SIGSET */ - - printer_array = cupsArrayNew(NULL, NULL); - - /* - * Read Configuration - */ - if ((rc = read_config(printer_array, &retry_max, - argv[5])) != CUPS_BACKEND_OK) - { - fprintf(stderr, "ERROR: Failed to read configuration options!\n"); - goto cleanup; - } - - /* - * Main Retry Loop - */ - for (retry_count = 0; retry_count < retry_max; retry_count++) - { - fprintf(stderr, "DEBUG: Retry loop #%d\n", retry_count + 1); - - /* - * Reset Counters - */ - printer_count = 0; - auth_failed_count = 0; - - tmp_device_uri = (char *)cupsArrayFirst(printer_array); - - do - { - if (job_canceled) - { - fprintf(stderr, "DEBUG: Job Canceled\n"); - goto cleanup; - } - - fprintf(stderr,"DEBUG: Checking printer #%d: %s\n", - printer_count+1, tmp_device_uri); - - rc = check_printer(tmp_device_uri); - - // Printer is available and not busy. - if ( rc == FO_PRINTER_GOOD ) - { - selected_uri = tmp_device_uri; - break; - } - // Printer is busy - else if (rc == FO_PRINTER_BUSY) - { - fprintf(stderr, "DEBUG: Waiting for job to complete.\n"); - sleep(2); - continue; - } - // Authorization is required to access the printer. - else if (rc == FO_AUTH_REQUIRED) - { - auth_failed_count++; - fprintf(stderr, "DEBUG: auth_failed_count = %d\n", auth_failed_count); - } - // Printer is stopped or not accepting jobs - else - { - if (!printer_count) - fprintf(stderr, "INFO: Primary Printer, %s, not available. " - "Attempting Failovers...\n", - tmp_device_uri); - else - fprintf(stderr, "INFO: Failover Printer, %s, not available. " - "Attempting Failovers..\n", - tmp_device_uri); - printer_count++; - tmp_device_uri = (char *)cupsArrayNext(printer_array); - } - } while (tmp_device_uri != NULL); - - if (selected_uri && !printer_count) - fprintf(stderr, "STATE: -primary-printer-failed\n"); - else - fprintf(stderr, "STATE: +primary-printer-failed\n"); - - if (job_canceled) - { - fprintf(stderr, "DEBUG: Job Canceled\n"); - goto cleanup; - } - - if (!selected_uri && auth_failed_count == printer_count) - { - fprintf(stderr, "ERROR: All failover printers failed with " - "authorization issues.\n"); - rc = CUPS_BACKEND_AUTH_REQUIRED; - fprintf(stderr, "ATTR: auth-info-required=%s\n", auth_info_required); - goto cleanup; - } - else if (!selected_uri && retry_count + 1 < retry_max) - { - fprintf(stderr, "INFO: No suitable printer found...retrying...\n"); - sleep(2); - continue; - } - else if (selected_uri) - { - fprintf(stderr, "DEBUG: Using printer, %s.\n", selected_uri); - break; - } - } - - if (!selected_uri) - { - fprintf(stderr, "ERROR: No suitable printer found. Aborting print\n"); - rc = CUPS_BACKEND_FAILED; - goto cleanup; - } - - rc = move_job(atoi(argv[1]), selected_uri); - - if (job_canceled) - rc = CUPS_BACKEND_OK; - -cleanup : - if (job_canceled) - rc = CUPS_BACKEND_OK; - - tmp_device_uri = (char *)cupsArrayFirst(printer_array); - do - { - free((void *)tmp_device_uri); - } while ((tmp_device_uri = (char *)cupsArrayNext(printer_array)) != NULL); - - cupsArrayDelete(printer_array); - sleep(2); - return (rc); -} - -/* - * 'check_printer()' - Checks the status of a remote printer and returns - * back a good/bad/busy status. - */ -int -check_printer(const char *device_uri) -{ - ipp_t *attributes = NULL; /* attributes for device_uri */ - ipp_attribute_t *tmp_attribute; /* for examining attribs */ - int rc = FO_PRINTER_GOOD; /* return code */ - char *reason; /* printer state reason */ - int i; - - fprintf(stderr, "DEBUG: Checking printer %s\n",device_uri); - - rc = get_printer_attributes(device_uri, &attributes); - if ( rc != CUPS_BACKEND_OK ) - { - fprintf(stderr, "DEBUG: Failed to get attributes from printer: %s\n", - device_uri); - if ( rc == CUPS_BACKEND_AUTH_REQUIRED ) - return (FO_AUTH_REQUIRED); - else - return (FO_PRINTER_BAD); - } - - /* - * Check if printer is accepting jobs - */ - if ((tmp_attribute = ippFindAttribute(attributes, - "printer-is-accepting-jobs", - IPP_TAG_BOOLEAN)) != NULL && - !tmp_attribute->values[0].boolean) - { - fprintf(stderr, - "DEBUG: Printer, %s, is not accepting jobs.\n", - device_uri); - - rc = FO_PRINTER_BAD; - } - - /* - * Check if printer is stopped or busy processing - */ - if ((tmp_attribute = ippFindAttribute(attributes, - "printer-state", - IPP_TAG_ENUM)) != NULL) - { - // Printer Stopped - if ( tmp_attribute->values[0].integer == IPP_PRINTER_STOPPED ) - { - fprintf(stderr, "DEBUG: Printer, %s, stopped.\n", device_uri); - rc = FO_PRINTER_BAD; - } - // Printer Busy - else if ( tmp_attribute->values[0].integer == IPP_PRINTER_PROCESSING ) - { - fprintf(stderr, "DEBUG: Printer %s is busy.\n", device_uri); - rc = FO_PRINTER_BUSY; - } - } - - /* - * Parse through the printer-state-reasons - */ - if ((tmp_attribute = ippFindAttribute(attributes, "printer-state-reasons", - IPP_TAG_KEYWORD)) != NULL) - { - for (i = 0; i < tmp_attribute->num_values; i++) - { - reason = tmp_attribute->values[i].string.text; - int len = strlen(reason); - - if (len > 8 && !strcmp(reason + len - 8, "-warning")) - { - fprintf(stderr, "DEBUG: Printer Supply Warning, %s\n", reason); - rc = FO_PRINTER_BAD; - } - else if (len > 6 && !strcmp(reason + len - 6, "-error")) - { - fprintf(stderr, "DEBUG: Printer Supply Error, %s\n", reason); - rc = FO_PRINTER_BAD; - } - } - } - - return (rc); -} - -/* - * 'read_config()' - Parses the failover and failover-retries options - * - */ -static int -read_config(cups_array_t *printer_array, int *retries, const char *options) -{ - - const char *tmp; /* temporary ptr */ - char *tok_tmp; /* temporary ptr for option parsing */ - int jobopts_count = 0; /* number of options */ - cups_option_t *jobopts = NULL; /* job options */ - - - fprintf(stderr, "DEBUG: Reading Configuration.\n"); - jobopts_count = cupsParseOptions(options, 0, &jobopts); - - if (!jobopts_count) - { - fprintf(stderr, - "ERROR: No job options! Cannot find failover options!\n"); - return (CUPS_BACKEND_STOP); - } - - /* - * Get attributes from the primary printer - */ - fprintf(stderr, "DEBUG: Searching for failover option.\n"); - - if ((tmp = cupsGetOption("failover", jobopts_count, jobopts)) != NULL) - { - fprintf(stderr, "DEBUG: Failover option contents: %s.\n", tmp); - - tok_tmp = strdup(tmp); - - tmp = strtok(tok_tmp, ","); - do - { - cupsArrayAdd(printer_array, strdup(tmp)); - } while ((tmp = strtok(NULL,",")) != NULL); - - free(tok_tmp); - } - else - { - /* - * The queue is misconfigured, so return back CUPS_BACKEND_STOP - */ - fprintf(stderr, "ERROR: failover option not specified!\n"); - return (CUPS_BACKEND_STOP); - } - - /* - * Get the failover-retries value, if it exists. - */ - fprintf(stderr, "DEBUG: Searching for failover-retries option.\n"); - - if ((tmp = cupsGetOption("failover-retries", - jobopts_count, jobopts)) != NULL) - { - fprintf(stderr, "DEBUG: failover-retries option contents: %s.\n", tmp); - *retries = atoi(tmp); - } - else - { - *retries = FAILOVER_DEFAULT_RETRIES; - fprintf(stderr, "DEBUG: Failed to get failover-retries option\n"); - fprintf(stderr, "DEBUG: Defaulted to %d retries\n", *retries); - } - - return (CUPS_BACKEND_OK); -} - -/* - * 'get_printer_attributes()' - Sends an IPP Get-Attributes request to - * a URI - */ -int -get_printer_attributes(const char *device_uri, ipp_t **attributes) -{ - char uri[HTTP_MAX_URI]; /* Updated URI without login */ - int version; /* IPP version */ - char scheme[256]; /* Scheme in URI */ - ipp_status_t ipp_status; /* Status of IPP request */ - char hostname[1024]; /* Hostname */ - char resource[1024]; /* Resource infoo */ - char addrname[256]; /* Address name */ - int port; /* IPP Port number */ - char portname[255]; /* Port as string */ - http_t *http; /* HTTP connection */ - ipp_t *request; /* IPP request */ - int rc = CUPS_BACKEND_OK; /* Return Code */ - char username[256]; /* Username for device URI */ - char *option_ptr; /* for parsing resource opts */ - const char * const pattrs[] = /* Printer attributes wanted */ - { - "printer-is-accepting-jobs", - "printer-state", - "printer-state-reasons" - }; - - if (job_canceled) - return (CUPS_BACKEND_OK); - - fprintf(stderr, "DEBUG: Getting Printer Attributes.\n"); - fprintf(stderr, "DEBUG: Device URL %s.\n", device_uri); - - /* - * Parse device_uri - */ - if (httpSeparateURI(HTTP_URI_CODING_ALL, device_uri, scheme, sizeof(scheme), - username, sizeof(username), hostname, sizeof(hostname), - &port, resource, sizeof(resource)) != HTTP_URI_OK) - { - fprintf(stderr, "ERROR: Problem parsing device_uri, %s\n", device_uri); - return (CUPS_BACKEND_STOP); - } - - if (!port) - port = IPP_PORT; - - sprintf(portname, "%d", port); - - fprintf(stderr, "DEBUG: Getting Printer Attributes.\n"); - - /* - * Configure password - */ - cupsSetPasswordCB(password_cb); - - /* - * reset, in case a previous attempt for - * another printer left residue - */ - cupsSetUser(NULL); - password = NULL; - password_retries = 0; - - if (*username) - { - if ((password = strchr(username, ':')) != NULL) - { - *password = '\0'; - password++; - } - - cupsSetUser(username); - } - else if (!getuid()) - { - const char *username_env; - - if ((username_env = getenv("AUTH_USERNAME")) != NULL) - { - cupsSetUser(username_env); - password = getenv("AUTH_PASSWORD"); - } - } - - /* - * Try connecting to the remote server... - */ - fprintf(stderr, "DEBUG: Connecting to %s:%d\n", hostname, port); - _cupsLangPuts(stderr, _("INFO: Connecting to printer...\n")); - - http = httpConnectEncrypt(hostname, port, cupsEncryption()); - - /* - * Deal the socket not being open. - */ - if (!http) - { - int error = errno; /* Connection error */ - - switch (error) - { - case EHOSTDOWN : - _cupsLangPuts(stderr, _("WARNING: " - "The printer may not exist or " - "is unavailable at this time.\n")); - break; - case EHOSTUNREACH : - _cupsLangPuts(stderr, _("WARNING: " - "The printer is unreachable at this " - "time.\n")); - break; - case ECONNREFUSED : - _cupsLangPuts(stderr, _("WARNING: " - "Connection Refused.\n")); - break; - default : - fprintf(stderr, "DEBUG: Connection error: %s\n", strerror(errno)); - break; - } - - rc = CUPS_BACKEND_FAILED; - sleep(5); - goto prt_available_cleanup; - } - - -#ifdef AF_INET6 - if (http->hostaddr->addr.sa_family == AF_INET6) - fprintf(stderr, "DEBUG: Connected to [%s]:%d (IPv6)...\n", - httpAddrString(http->hostaddr, addrname, sizeof(addrname)), - ntohs(http->hostaddr->ipv6.sin6_port)); - else -#endif /* AF_INET6 */ - if (http->hostaddr->addr.sa_family == AF_INET) - fprintf(stderr, "DEBUG: Connected to %s:%d (IPv4)...\n", - httpAddrString(http->hostaddr, addrname, sizeof(addrname)), - ntohs(http->hostaddr->ipv4.sin_port)); - - /* - * Search the resource string for options. - * We only care about version, for the moment. - */ - version = 11; - - if ((option_ptr = strchr(resource, '?')) != NULL) - { - *option_ptr++ = '\0'; - - if ((option_ptr = strstr(option_ptr, "version="))!=NULL) - { - int minor; /* minor version from URI */ - int major; /* major version from URI */ - char *version_str; /* ipp version */ - - option_ptr += 8; - version_str = option_ptr; - - while (*option_ptr && *option_ptr != '&' && *option_ptr != '+') - option_ptr++; - - if (*option_ptr) - *option_ptr = '\0'; - - sscanf(version_str, "%d.%d", &major, &minor); - - version = (major * 10) + minor; - - switch(version) - { - case 10 : - case 11 : - case 20 : - case 21 : - fprintf(stderr, - "DEBUG: Set version to %d from URI\n", - version); - break; - default : - _cupsLangPrintf(stderr, - _("DEBUG: Invalid version, %d, from URI. " - "Using default of 1.1 \n"), - version); - version = 11; - } - } - } - - - /* - * Build a URI for the printer. We can't use the URI in argv[0] - * because it might contain username:password information... - */ - if (httpAssembleURI(HTTP_URI_CODING_ALL, uri, sizeof(uri), scheme, NULL, - hostname, port, resource) != HTTP_URI_OK) - { - fprintf(stderr, "ERROR: Problem assembling printer URI from host %s, " - "port %d, resource %s\n", hostname, port, resource); - return (CUPS_BACKEND_STOP); - } - - /* - * Build the IPP request... - */ - request = ippNewRequest(IPP_GET_PRINTER_ATTRIBUTES); - request->request.op.version[0] = version / 10; - request->request.op.version[1] = version % 10; - - ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "printer-uri", - NULL, uri); - - ippAddStrings(request, IPP_TAG_OPERATION, IPP_TAG_KEYWORD, - "requested-attributes", sizeof(pattrs) / sizeof(pattrs[0]), - NULL, pattrs); - - /* - * Do the request... - */ - fputs("DEBUG: Getting supported attributes...\n", stderr); - - fprintf(stderr, "DEBUG: IPP Request Structure Built.\n"); - - *attributes = cupsDoRequest(http, request, resource); - ipp_status = cupsLastError(); - - fprintf(stderr, "DEBUG: Get-Printer-Attributes: %s (%s)\n", - ippErrorString(ipp_status), cupsLastErrorString()); - - if (ipp_status > IPP_OK_CONFLICT) - { - fprintf(stderr, "DEBUG: Get-Printer-Attributes returned %s.\n", - ippErrorString(ipp_status)); - switch(ipp_status) - { - case IPP_FORBIDDEN : - case IPP_NOT_AUTHORIZED : - _cupsLangPuts(stderr, _("ERROR: Not Authorized.\n")); - rc = CUPS_BACKEND_AUTH_REQUIRED; - break; - case IPP_PRINTER_BUSY : - case IPP_SERVICE_UNAVAILABLE : - _cupsLangPuts(stderr, _("ERROR: " - "The printer is not responding.\n")); - rc = CUPS_BACKEND_FAILED; - break; - case IPP_BAD_REQUEST : - case IPP_VERSION_NOT_SUPPORTED : - fprintf(stderr, "ERROR: Destination does not support IPP version %d\n", - version); - case IPP_NOT_FOUND : - _cupsLangPuts(stderr, _("ERROR: " - "The printer configuration is incorrect or the " - "printer no longer exists.\n")); - rc = CUPS_BACKEND_STOP; - break; - default : - rc = CUPS_BACKEND_FAILED; - } - goto prt_available_cleanup; - } - -prt_available_cleanup : - httpClose(http); - return (rc); -} - -static int -move_job(int jobid, /* Job ID */ - const char *dest) /* Destination ipp address */ -{ - ipp_t *request; /* IPP Request */ - char job_uri[HTTP_MAX_URI]; /* job-uri */ - - http_t* http = httpConnectEncrypt(cupsServer(), ippPort(), cupsEncryption()); - - if (!http) - { - _cupsLangPrintf(stderr, - _("failover: Unable to connect to server: %s\n"), - strerror(errno)); - return (CUPS_BACKEND_FAILED); - } - - /* - * Build a CUPS_MOVE_JOB request, which requires the following - * attributes: - * - * job-uri/printer-uri - * job-printer-uri - * requesting-user-name - */ - - request = ippNewRequest(CUPS_MOVE_JOB); - - snprintf(job_uri, sizeof(job_uri), "ipp://localhost/jobs/%d", jobid); - ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "job-uri", NULL, - job_uri); - - ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME, - "requesting-user-name", - NULL, cupsUser()); - - ippAddString(request, IPP_TAG_JOB, IPP_TAG_URI, "job-printer-uri", - NULL, dest); - - /* - * Do the request and get back a response... - */ - - ippDelete(cupsDoRequest(http, request, "/jobs")); - - httpClose(http); - - if (cupsLastError() > IPP_OK_CONFLICT) - { - _cupsLangPrintf(stderr, "failover: %s\n", cupsLastErrorString()); - return (CUPS_BACKEND_FAILED); - } - else - return (CUPS_BACKEND_OK); -} - -/* - * 'sigterm_handler()' - handles a sigterm, i.e. job canceled - */ -static void -sigterm_handler(int sig) -{ - if (!job_canceled) - { - write(2, "DEBUG: Got SIGTERM.\n", 20); - job_canceled = 1; - } - else - { - /* - * Job has already been canceled, so just exit - */ - exit(1); - } -} - -/* - * 'password_cb()' - Disable the password prompt for cupsDoFileRequest(). - */ -static const char * /* O - Password */ -password_cb(const char *prompt) /* I - Prompt (not used) */ -{ - auth_info_required = "username,password"; - password_retries++; - - if(password_retries < FAILOVER_PASSWORD_RETRIES_MAX) - return (password); - else - return (NULL); -} diff --git a/backend/ipp.c b/backend/ipp.c index 0a70a87..588ad99 100644 --- a/backend/ipp.c +++ b/backend/ipp.c @@ -149,70 +149,6 @@ static char tmpfilename[1024] = ""; static char mandatory_attrs[1024] = ""; /* cupsMandatory value */ -#if HAVE_DBUS -#include - -static DBusConnection *dbus_connection = NULL; - -static int -init_dbus (void) -{ - DBusConnection *connection; - DBusError error; - - if (dbus_connection && - !dbus_connection_get_is_connected (dbus_connection)) { - dbus_connection_unref (dbus_connection); - dbus_connection = NULL; - } - - dbus_error_init (&error); - connection = dbus_bus_get (getuid () ? DBUS_BUS_SESSION : DBUS_BUS_SYSTEM, &error); - if (connection == NULL) { - dbus_error_free (&error); - return -1; - } - - dbus_connection = connection; - return 0; -} - -int -dbus_broadcast_queued_remote (const char *printer_uri, - ipp_status_t status, - unsigned int local_job_id, - unsigned int remote_job_id, - const char *username, - const char *printer_name) -{ - DBusMessage *message; - DBusMessageIter iter; - const char *errstr; - - if (!dbus_connection || !dbus_connection_get_is_connected (dbus_connection)) { - if (init_dbus () || !dbus_connection) - return -1; - } - - errstr = ippErrorString (status); - message = dbus_message_new_signal ("/com/redhat/PrinterSpooler", - "com.redhat.PrinterSpooler", - "JobQueuedRemote"); - dbus_message_iter_init_append (message, &iter); - dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &printer_uri); - dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &errstr); - dbus_message_iter_append_basic (&iter, DBUS_TYPE_UINT32, &local_job_id); - dbus_message_iter_append_basic (&iter, DBUS_TYPE_UINT32, &remote_job_id); - dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &username); - dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &printer_name); - - dbus_connection_send (dbus_connection, message, NULL); - dbus_connection_flush (dbus_connection); - dbus_message_unref (message); - - return 0; -} -#endif /* HAVE_DBUS */ /* * Local functions... @@ -1807,15 +1743,6 @@ main(int argc, /* I - Number of command-line args */ fprintf(stderr, "DEBUG: Print job accepted - job ID %d.\n", job_id); } -#if HAVE_DBUS - dbus_broadcast_queued_remote (argv[0], - ipp_status, - atoi (argv[1]), - job_id, - argv[2], - getenv ("PRINTER")); -#endif /* HAVE_DBUS */ - ippDelete(response); if (job_canceled) @@ -1851,10 +1778,7 @@ main(int argc, /* I - Number of command-line args */ ippAddBoolean(request, IPP_TAG_OPERATION, "last-document", (i + 1) >= num_files); - if (num_files > 1) - ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_MIMETYPE, - "document-format", NULL, "application/octet-stream"); - else if (document_format) + if (document_format) ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_MIMETYPE, "document-format", NULL, document_format); @@ -3635,8 +3559,6 @@ update_reasons(ipp_attribute_t *attr, /* I - printer-state-reasons or NULL */ } } - cupsArrayDelete(new_reasons); - _cupsMutexUnlock(&report_mutex); /* diff --git a/backend/snmp.c b/backend/snmp.c index a135626..e66edc9 100644 --- a/backend/snmp.c +++ b/backend/snmp.c @@ -159,8 +159,6 @@ static const int UriOID[] = { CUPS_OID_ppmPortServiceNameOrURI, 1, 1, -1 }; static const int LexmarkProductOID[] = { 1,3,6,1,4,1,641,2,1,2,1,2,1,-1 }; static const int LexmarkProductOID2[] = { 1,3,6,1,4,1,674,10898,100,2,1,2,1,2,1,-1 }; static const int LexmarkDeviceIdOID[] = { 1,3,6,1,4,1,641,2,1,2,1,3,1,-1 }; -static const int HPDeviceIdOID[] = { 1,3,6,1,4,1,11,2,3,9,1,1,7,0,-1 }; -static const int RicohDeviceIdOID[] = { 1,3,6,1,4,1,367,3,2,1,1,1,11,0,-1 }; static const int XeroxProductOID[] = { 1,3,6,1,4,1,128,2,1,3,1,2,0,-1 }; static cups_array_t *DeviceURIs = NULL; static int HostNameLookups = 0; @@ -977,14 +975,8 @@ read_snmp_response(int fd) /* I - SNMP socket file descriptor */ packet.community, CUPS_ASN1_GET_REQUEST, DEVICE_ID, LexmarkDeviceIdOID); _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1, - packet.community, CUPS_ASN1_GET_REQUEST, - DEVICE_ID, RicohDeviceIdOID); - _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1, packet.community, CUPS_ASN1_GET_REQUEST, DEVICE_PRODUCT, XeroxProductOID); - _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1, - packet.community, CUPS_ASN1_GET_REQUEST, - DEVICE_ID, HPDeviceIdOID); break; case DEVICE_DESCRIPTION : diff --git a/backend/socket.c b/backend/socket.c index 19ba0cf..c16a1a0 100644 --- a/backend/socket.c +++ b/backend/socket.c @@ -402,10 +402,8 @@ main(int argc, /* I - Number of command-line arguments (6 or 7) */ lseek(print_fd, 0, SEEK_SET); } - if ((bytes = backendRunLoop(print_fd, device_fd, snmp_fd, &(addrlist->addr), 1, 0, backendNetworkSideCB)) < 0) - tbytes = -1; - else - tbytes = bytes; + tbytes = backendRunLoop(print_fd, device_fd, snmp_fd, &(addrlist->addr), 1, + 0, backendNetworkSideCB); if (print_fd != 0 && tbytes >= 0) _cupsLangPrintFilter(stderr, "INFO", _("Print file sent.")); @@ -413,7 +411,7 @@ main(int argc, /* I - Number of command-line arguments (6 or 7) */ fputs("STATE: +cups-waiting-for-job-completed\n", stderr); - if (waiteof && tbytes >= 0) + if (waiteof) { /* * Shutdown the socket and wait for the other end to finish... @@ -450,7 +448,7 @@ main(int argc, /* I - Number of command-line arguments (6 or 7) */ if (print_fd != 0) close(print_fd); - return (tbytes >= 0 ? CUPS_BACKEND_OK : CUPS_BACKEND_FAILED); + return (CUPS_BACKEND_OK); } diff --git a/backend/usb-unix.c b/backend/usb-unix.c index f3a138a..41a5606 100644 --- a/backend/usb-unix.c +++ b/backend/usb-unix.c @@ -21,11 +21,6 @@ #include -#ifdef __linux -#include -#include -#endif /* __linux */ - /* * Local functions... @@ -54,34 +49,11 @@ print_device(const char *uri, /* I - Device URI */ int device_fd; /* USB device */ ssize_t tbytes; /* Total number of bytes written */ struct termios opts; /* Parallel port options */ - char *fixed_uri = strdup (uri); - char *p; (void)argc; (void)argv; - p = strchr (fixed_uri, ':'); - if (p++ != NULL) - { - char *e; - p += strspn (p, "/"); - e = strchr (p, '/'); - if (e > p) - { - size_t mfrlen = e - p; - e++; - if (!strncasecmp (e, p, mfrlen)) - { - char *x = e + mfrlen; - if (!strncmp (x, "%20", 3)) - /* Take mfr name out of mdl name for compatibility with - * Fedora 11 before bug #507244 was fixed. */ - strcpy (e, x + 3); puts(fixed_uri); - } - } - } - /* * Open the USB port device... */ @@ -121,10 +93,7 @@ print_device(const char *uri, /* I - Device URI */ _cups_strncasecmp(hostname, "Minolta", 7); #endif /* __FreeBSD__ || __NetBSD__ || __OpenBSD__ || __DragonFly__ */ - if (use_bc && !strncmp(fixed_uri, "usb:/dev/", 9)) - use_bc = 0; - - if ((device_fd = open_device(fixed_uri, &use_bc)) == -1) + if ((device_fd = open_device(uri, &use_bc)) == -1) { if (getenv("CLASS") != NULL) { @@ -346,19 +315,12 @@ open_device(const char *uri, /* I - Device URI */ if (!strncmp(uri, "usb:/dev/", 9)) #ifdef __linux { - fd = open(uri + 4, O_RDWR | O_EXCL); - - if (fd != -1) - { - /* - * Tell the driver to return from write() with errno==ENOSPACE - * on paper-out. - */ - unsigned int t = 1; - ioctl (fd, LPABORT, &t); - } + /* + * Do not allow direct devices anymore... + */ - return fd; + errno = ENODEV; + return (-1); } else if (!strncmp(uri, "usb://", 6)) { @@ -424,14 +386,7 @@ open_device(const char *uri, /* I - Device URI */ if (!strcmp(uri, device_uri)) { /* - * Yes, tell the driver to return from write() with - * errno==ENOSPACE on paper-out. - */ - unsigned int t = 1; - ioctl (fd, LPABORT, &t); - - /* - * Return this file descriptor... + * Yes, return this file descriptor... */ fprintf(stderr, "DEBUG: Printer using device file \"%s\"...\n", diff --git a/berkeley/lpr.c b/berkeley/lpr.c index c8d8a15..e83f52e 100644 --- a/berkeley/lpr.c +++ b/berkeley/lpr.c @@ -18,31 +18,6 @@ #include -static void -usage (const char *name) -{ - _cupsLangPrintf(stdout, -"Usage: %s [OPTION] [ file(s) ]\n" -"Print files.\n\n" -" -E force encryption\n" -" -H server[:port] specify alternate server\n" -" -C title, -J title, -T title\n" -" set the job name\n\n" -" -P destination/instance print to named printer\n" -" -U username specify alternate username\n" -" -# num-copies set number of copies\n" -" -h disable banner printing\n" -" -l print without filtering\n" -" -m send email on completion\n" -" -o option[=value] set a job option\n" -" -p format text file with header\n" -" -q hold job for printing\n" -" -r delete files after printing\n" -"\nWith no file given, read standard input.\n" -, name); -} - - /* * 'main()' - Parse options and send files for printing. */ @@ -306,12 +281,6 @@ main(int argc, /* I - Number of command-line arguments */ break; default : - if (!strcmp (argv[i], "--help")) - { - usage (argv[0]); - return (0); - } - _cupsLangPrintf(stderr, _("%s: Error - unknown option \"%c\"."), argv[0], *opt); return (1); } diff --git a/cgi-bin/admin.c b/cgi-bin/admin.c index a604a8a..576fac0 100644 --- a/cgi-bin/admin.c +++ b/cgi-bin/admin.c @@ -994,13 +994,13 @@ do_am_printer(http_t *http, /* I - HTTP connection */ } /* - * Scan for devices for up to 10 seconds... + * Scan for devices for up to 30 seconds... */ fputs("DEBUG: Getting list of devices...\n", stderr); current_device = 0; - if (cupsGetDevices(http, 10, CUPS_INCLUDE_ALL, CUPS_EXCLUDE_NONE, + if (cupsGetDevices(http, 5, CUPS_INCLUDE_ALL, CUPS_EXCLUDE_NONE, (cups_device_cb_t)choose_device_cb, (void *)title) == IPP_OK) { diff --git a/cgi-bin/search.c b/cgi-bin/search.c index 5346727..3d1a18d 100644 --- a/cgi-bin/search.c +++ b/cgi-bin/search.c @@ -365,5 +365,4 @@ void cgiFreeSearch(void *search) /* I - Search context */ { regfree((regex_t *)search); - free(search); } diff --git a/cgi-bin/var.c b/cgi-bin/var.c index 20206f5..c50833c 100644 --- a/cgi-bin/var.c +++ b/cgi-bin/var.c @@ -1209,7 +1209,6 @@ cgi_set_sid(void) const char *remote_addr, /* REMOTE_ADDR */ *server_name, /* SERVER_NAME */ *server_port; /* SERVER_PORT */ - struct timeval curtime; /* Current time */ if ((remote_addr = getenv("REMOTE_ADDR")) == NULL) @@ -1219,8 +1218,7 @@ cgi_set_sid(void) if ((server_port = getenv("SERVER_PORT")) == NULL) server_port = "SERVER_PORT"; - gettimeofday(&curtime, NULL); - CUPS_SRAND(curtime.tv_sec + curtime.tv_usec); + CUPS_SRAND(time(NULL)); snprintf(buffer, sizeof(buffer), "%s:%s:%s:%02X%02X%02X%02X%02X%02X%02X%02X", remote_addr, server_name, server_port, (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255, diff --git a/conf/Makefile b/conf/Makefile index adc9896..e8f88ec 100644 --- a/conf/Makefile +++ b/conf/Makefile @@ -88,16 +88,10 @@ install-data: done -if test x$(PAMDIR) != x; then \ $(INSTALL_DIR) -m 755 $(BUILDROOT)$(PAMDIR); \ - if test -f /etc/pam.d/password-auth; then \ - $(INSTALL_DATA) cups.password-auth $(BUILDROOT)$(PAMDIR)/cups; \ - elif test -f /etc/pam.d/system-auth; then \ - $(INSTALL_DATA) cups.system-auth $(BUILDROOT)$(PAMDIR)/cups; \ + if test -r $(BUILDROOT)$(PAMDIR)/cups ; then \ + $(INSTALL_DATA) $(PAMFILE) $(BUILDROOT)$(PAMDIR)/cups.N ; \ else \ - if test -r $(BUILDROOT)$(PAMDIR)/cups ; then \ - $(INSTALL_DATA) $(PAMFILE) $(BUILDROOT)$(PAMDIR)/cups.N ; \ - else \ - $(INSTALL_DATA) $(PAMFILE) $(BUILDROOT)$(PAMDIR)/cups ; \ - fi ; \ + $(INSTALL_DATA) $(PAMFILE) $(BUILDROOT)$(PAMDIR)/cups ; \ fi ; \ fi diff --git a/conf/cups-files.conf.in b/conf/cups-files.conf.in index a3d088d..4a78ba6 100644 --- a/conf/cups-files.conf.in +++ b/conf/cups-files.conf.in @@ -7,7 +7,7 @@ #FatalErrors @CUPS_FATAL_ERRORS@ # Do we call fsync() after writing configuration or status files? -#SyncOnClose Yes +#SyncOnClose No # Default user and group for filters/backends/helper programs; this cannot be # any user or group that resolves to ID 0 for security reasons... diff --git a/conf/cups.password-auth b/conf/cups.password-auth deleted file mode 100644 index 9943b0d..0000000 --- a/conf/cups.password-auth +++ /dev/null @@ -1,4 +0,0 @@ -#%PAM-1.0 -# Use password-auth common PAM configuration for the daemon -auth include password-auth -account include password-auth diff --git a/conf/cups.system-auth b/conf/cups.system-auth deleted file mode 100644 index 658583d..0000000 --- a/conf/cups.system-auth +++ /dev/null @@ -1,3 +0,0 @@ -#%PAM-1.0 -auth include system-auth -account include system-auth diff --git a/config-scripts/cups-lspp.m4 b/config-scripts/cups-lspp.m4 deleted file mode 100644 index 9c59fab..0000000 --- a/config-scripts/cups-lspp.m4 +++ /dev/null @@ -1,36 +0,0 @@ -dnl -dnl LSPP code for the Common UNIX Printing System (CUPS). -dnl -dnl Copyright 2005-2006 by Hewlett-Packard Development Company, L.P. -dnl -dnl This program is free software; you can redistribute it and/or modify -dnl it under the terms of the GNU General Public License as published by -dnl the Free Software Foundation; version 2. -dnl -dnl This program is distributed in the hope that it will be useful, but -dnl WITHOUT ANY WARRANTY; without even the implied warranty of -dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -dnl General Public License for more details. -dnl -dnl You should have received a copy of the GNU General Public License -dnl along with this program; if not, write to the Free Software Foundation, -dnl Inc., 51 Franklin Street, Fifth Floor Boston, MA 02110-1301 USA -dnl - -dnl Are we trying to meet LSPP requirements -AC_ARG_ENABLE(lspp, [ --enable-lspp turn on auditing and label support, default=no]) - -if test x"$enable_lspp" != xno; then - case "$uname" in - Linux) - AC_CHECK_LIB(audit,audit_log_user_message, [LIBAUDIT="-laudit" AC_SUBST(LIBAUDIT)]) - AC_CHECK_HEADER(libaudit.h) - AC_CHECK_LIB(selinux,getpeercon, [LIBSELINUX="-lselinux" AC_SUBST(LIBSELINUX)]) - AC_CHECK_HEADER(selinux/selinux.h) - AC_DEFINE(WITH_LSPP) - ;; - *) - # All others - ;; - esac -fi diff --git a/config-scripts/cups-manpages.m4 b/config-scripts/cups-manpages.m4 index 9a48c08..e693e3a 100644 --- a/config-scripts/cups-manpages.m4 +++ b/config-scripts/cups-manpages.m4 @@ -53,10 +53,10 @@ case "$host_os_name" in ;; linux* | gnu* | darwin*) # Linux, GNU Hurd, and macOS - MAN1EXT=1 - MAN5EXT=5 - MAN7EXT=7 - MAN8EXT=8 + MAN1EXT=1.gz + MAN5EXT=5.gz + MAN7EXT=7.gz + MAN8EXT=8.gz MAN8DIR=8 ;; *) diff --git a/config-scripts/cups-ssl.m4 b/config-scripts/cups-ssl.m4 index 45d8018..52f9c39 100644 --- a/config-scripts/cups-ssl.m4 +++ b/config-scripts/cups-ssl.m4 @@ -101,5 +101,5 @@ AC_SUBST(IPPALIASES) AC_SUBST(SSLFLAGS) AC_SUBST(SSLLIBS) -EXPORT_SSLLIBS="" +EXPORT_SSLLIBS="$SSLLIBS" AC_SUBST(EXPORT_SSLLIBS) diff --git a/config.h.in b/config.h.in index 4c062c2..f3b5e4c 100644 --- a/config.h.in +++ b/config.h.in @@ -730,11 +730,4 @@ static __inline int _cups_abs(int i) { return (i < 0 ? -i : i); } # endif /* __GNUC__ || __STDC_VERSION__ */ #endif /* !HAVE_ABS && !abs */ -/* - * Are we trying to meet LSPP requirements? - */ - -#undef WITH_LSPP - - #endif /* !_CUPS_CONFIG_H_ */ diff --git a/configure.ac b/configure.ac index 362eb37..ac78c48 100644 --- a/configure.ac +++ b/configure.ac @@ -38,8 +38,6 @@ sinclude(config-scripts/cups-startup.m4) sinclude(config-scripts/cups-defaults.m4) sinclude(config-scripts/cups-scripting.m4) -sinclude(config-scripts/cups-lspp.m4) - INSTALL_LANGUAGES="" UNINSTALL_LANGUAGES="" LANGFILES="" diff --git a/cups-config.in b/cups-config.in index fd4b157..f0951d0 100755 --- a/cups-config.in +++ b/cups-config.in @@ -20,10 +20,8 @@ prefix=@prefix@ exec_prefix=@exec_prefix@ bindir=@bindir@ includedir=@includedir@ -# Fetch libdir from gnutls's pkg-config script. This is a bit -# of a cheat, but the cups-devel package requires gnutls-devel anyway. -libdir=`pkg-config --variable=libdir gnutls` -imagelibdir=`pkg-config --variable=libdir gnutls` +libdir=@libdir@ +imagelibdir=@libdir@ datarootdir=@datadir@ datadir=@datadir@ sysconfdir=@sysconfdir@ diff --git a/cups/cups-private.h b/cups/cups-private.h index 1f66fd7..6fd66a9 100644 --- a/cups/cups-private.h +++ b/cups/cups-private.h @@ -237,9 +237,13 @@ extern void _cupsBufferRelease(char *b); extern http_t *_cupsConnect(void); extern char *_cupsCreateDest(const char *name, const char *info, const char *device_id, const char *device_uri, char *uri, size_t urisize); -extern int _cupsGet1284Values(const char *device_id, cups_option_t **values); -extern const char *_cupsGetDestResource(cups_dest_t *dest, unsigned flags, char *resource, size_t resourcesize); -extern int _cupsGetDests(http_t *http, ipp_op_t op, const char *name, cups_dest_t **dests, cups_ptype_t type, cups_ptype_t mask); +extern int _cupsGet1284Values(const char *device_id, + cups_option_t **values); +extern const char *_cupsGetDestResource(cups_dest_t *dest, char *resource, + size_t resourcesize); +extern int _cupsGetDests(http_t *http, ipp_op_t op, + const char *name, cups_dest_t **dests, + cups_ptype_t type, cups_ptype_t mask); extern const char *_cupsGetPassword(const char *prompt); extern void _cupsGlobalLock(void); extern _cups_globals_t *_cupsGlobals(void); @@ -249,10 +253,13 @@ extern const char *_cupsGSSServiceName(void); # endif /* HAVE_GSSAPI */ extern int _cupsNextDelay(int current, int *previous); extern void _cupsSetDefaults(void); -extern void _cupsSetError(ipp_status_t status, const char *message, int localize); +extern void _cupsSetError(ipp_status_t status, const char *message, + int localize); extern void _cupsSetHTTPError(http_status_t status); # ifdef HAVE_GSSAPI -extern int _cupsSetNegotiateAuthString(http_t *http, const char *method, const char *resource); +extern int _cupsSetNegotiateAuthString(http_t *http, + const char *method, + const char *resource); # endif /* HAVE_GSSAPI */ extern char *_cupsUserDefault(char *name, size_t namesize); diff --git a/cups/cups.h b/cups/cups.h index 9d8c3a3..8f5c818 100644 --- a/cups/cups.h +++ b/cups/cups.h @@ -606,9 +606,6 @@ extern ssize_t cupsHashData(const char *algorithm, const void *data, size_t dat extern int cupsAddIntegerOption(const char *name, int value, int num_options, cups_option_t **options) _CUPS_API_2_2_4; extern int cupsGetIntegerOption(const char *name, int num_options, cups_option_t *options) _CUPS_API_2_2_4; -/* New in CUPS 2.3 */ -extern const char *cupsHashString(const unsigned char *hash, size_t hashsize, char *buffer, size_t bufsize); - # ifdef __cplusplus } # endif /* __cplusplus */ diff --git a/cups/dest-options.c b/cups/dest-options.c index cfa28ce..51705a5 100644 --- a/cups/dest-options.c +++ b/cups/dest-options.c @@ -572,7 +572,6 @@ cupsCopyDestInfo( cups_dest_t *dest) /* I - Destination */ { cups_dinfo_t *dinfo; /* Destination information */ - unsigned dflags; /* Destination flags */ ipp_t *request, /* Get-Printer-Attributes request */ *response; /* Supported attributes */ int tries, /* Number of tries so far */ @@ -582,7 +581,6 @@ cupsCopyDestInfo( char resource[1024]; /* Resource path */ int version; /* IPP version */ ipp_status_t status; /* Status of request */ - _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */ static const char * const requested_attrs[] = { /* Requested attributes */ "job-template", @@ -591,25 +589,14 @@ cupsCopyDestInfo( }; - DEBUG_printf(("cupsCopyDestInfo(http=%p, dest=%p(%s))", (void *)http, (void *)dest, dest ? dest->name : "")); + DEBUG_printf(("cupsCopyDestSupported(http=%p, dest=%p(%s))", (void *)http, (void *)dest, dest ? dest->name : "")); /* * Get the default connection as needed... */ if (!http) - { - http = _cupsConnect(); - dflags = CUPS_DEST_FLAGS_NONE; - } -#ifdef AF_LOCAL - else if (strcmp(http->hostname, cg->server) || (httpAddrFamily(http->hostaddr) != AF_LOCAL && cg->ipp_port != httpAddrPort(http->hostaddr))) -#else - else if (strcmp(http->hostname, cg->server) || cg->ipp_port != httpAddrPort(http->hostaddr)) -#endif /* AF_LOCAL */ - dflags = CUPS_DEST_FLAGS_DEVICE; - else - dflags = CUPS_DEST_FLAGS_NONE; + http = _cupsConnect(); /* * Range check input... @@ -622,11 +609,8 @@ cupsCopyDestInfo( * Get the printer URI and resource path... */ - if ((uri = _cupsGetDestResource(dest, dflags, resource, sizeof(resource))) == NULL) - { - DEBUG_puts("1cupsCopyDestInfo: Unable to get resource."); + if ((uri = _cupsGetDestResource(dest, resource, sizeof(resource))) == NULL) return (NULL); - } /* * Get the supported attributes... @@ -644,25 +628,28 @@ cupsCopyDestInfo( */ request = ippNewRequest(IPP_OP_GET_PRINTER_ATTRIBUTES); - - ippSetVersion(request, version / 10, version % 10); - ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "printer-uri", NULL, uri); - ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME, "requesting-user-name", NULL, cupsUser()); - ippAddStrings(request, IPP_TAG_OPERATION, IPP_TAG_KEYWORD, "requested-attributes", (int)(sizeof(requested_attrs) / sizeof(requested_attrs[0])), NULL, requested_attrs); + ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "printer-uri", NULL, + uri); + ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME, + "requesting-user-name", NULL, cupsUser()); + ippAddStrings(request, IPP_TAG_OPERATION, IPP_TAG_KEYWORD, + "requested-attributes", + (int)(sizeof(requested_attrs) / sizeof(requested_attrs[0])), + NULL, requested_attrs); response = cupsDoRequest(http, request, resource); status = cupsLastError(); if (status > IPP_STATUS_OK_IGNORED_OR_SUBSTITUTED) { - DEBUG_printf(("1cupsCopyDestInfo: Get-Printer-Attributes for '%s' returned %s (%s)", dest->name, ippErrorString(status), cupsLastErrorString())); + DEBUG_printf(("cupsCopyDestSupported: Get-Printer-Attributes for '%s' " + "returned %s (%s)", dest->name, ippErrorString(status), + cupsLastErrorString())); ippDelete(response); response = NULL; - if ((status == IPP_STATUS_ERROR_BAD_REQUEST || status == IPP_STATUS_ERROR_VERSION_NOT_SUPPORTED) && version > 11) - { + if (status == IPP_STATUS_ERROR_VERSION_NOT_SUPPORTED && version > 11) version = 11; - } else if (status == IPP_STATUS_ERROR_BUSY) { sleep((unsigned)delay); @@ -678,10 +665,7 @@ cupsCopyDestInfo( while (!response && tries < 10); if (!response) - { - DEBUG_puts("1cupsCopyDestInfo: Unable to get printer attributes."); return (NULL); - } /* * Allocate a cups_dinfo_t structure and return it... @@ -694,8 +678,6 @@ cupsCopyDestInfo( return (NULL); } - DEBUG_printf(("1cupsCopyDestInfo: version=%d, uri=\"%s\", resource=\"%s\".", version, uri, resource)); - dinfo->version = version; dinfo->uri = uri; dinfo->resource = _cupsStrAlloc(resource); diff --git a/cups/dest.c b/cups/dest.c index 3537572..57a8dc9 100644 --- a/cups/dest.c +++ b/cups/dest.c @@ -1103,16 +1103,13 @@ cupsGetDest(const char *name, /* I - Destination name or @code NULL@ for the d * '_cupsGetDestResource()' - Get the resource path and URI for a destination. */ -const char * /* O - URI */ +const char * /* O - Printer URI */ _cupsGetDestResource( cups_dest_t *dest, /* I - Destination */ - unsigned flags, /* I - Destination flags */ char *resource, /* I - Resource buffer */ size_t resourcesize) /* I - Size of resource buffer */ { - const char *uri, /* URI */ - *device_uri, /* Device URI */ - *printer_uri; /* Printer URI */ + const char *uri; /* Printer URI */ char scheme[32], /* URI scheme */ userpass[256], /* Username and password (unused) */ hostname[256]; /* Hostname */ @@ -1135,46 +1132,25 @@ _cupsGetDestResource( } /* - * Grab the printer and device URIs... + * Grab the printer URI... */ - device_uri = cupsGetOption("device-uri", dest->num_options, dest->options); - printer_uri = cupsGetOption("printer-uri-supported", dest->num_options, dest->options); - - DEBUG_printf(("1_cupsGetDestResource: device-uri=\"%s\", printer-uri-supported=\"%s\".", device_uri, printer_uri)); - -#if defined(HAVE_DNSSD) || defined(HAVE_AVAHI) - if (((flags & CUPS_DEST_FLAGS_DEVICE) || !printer_uri) && strstr(device_uri, "._tcp")) + if ((uri = cupsGetOption("printer-uri-supported", dest->num_options, dest->options)) == NULL) { - if ((device_uri = cups_dnssd_resolve(dest, device_uri, 5000, NULL, NULL, NULL)) != NULL) + if ((uri = cupsGetOption("device-uri", dest->num_options, dest->options)) != NULL) { - DEBUG_printf(("1_cupsGetDestResource: Resolved device-uri=\"%s\".", device_uri)); +#if defined(HAVE_DNSSD) || defined(HAVE_AVAHI) + if (strstr(uri, "._tcp")) + uri = cups_dnssd_resolve(dest, uri, 5000, NULL, NULL, NULL); +#endif /* HAVE_DNSSD || HAVE_AVAHI */ } - else - { - DEBUG_puts("1_cupsGetDestResource: Unable to resolve device."); - - if (resource) - *resource = '\0'; - _cupsSetError(IPP_STATUS_ERROR_INTERNAL, strerror(ENOENT), 0); + if (uri) + { + DEBUG_printf(("1_cupsGetDestResource: Resolved printer-uri-supported=\"%s\"", uri)); - return (NULL); + uri = _cupsCreateDest(dest->name, cupsGetOption("printer-info", dest->num_options, dest->options), NULL, uri, resource, resourcesize); } - } -#endif /* HAVE_DNSSD || HAVE_AVAHI */ - - if (flags & CUPS_DEST_FLAGS_DEVICE) - { - uri = device_uri; - } - else if (printer_uri) - { - uri = printer_uri; - } - else - { - uri = _cupsCreateDest(dest->name, cupsGetOption("printer-info", dest->num_options, dest->options), NULL, device_uri, resource, resourcesize); if (uri) { @@ -1184,24 +1160,30 @@ _cupsGetDestResource( uri = cupsGetOption("printer-uri-supported", dest->num_options, dest->options); } - } - - if (!uri) - { - DEBUG_puts("1_cupsGetDestResource: No printer-uri-supported or device-uri found."); + else + { + DEBUG_puts("1_cupsGetDestResource: No printer-uri-supported found."); - if (resource) - *resource = '\0'; + if (resource) + *resource = '\0'; - _cupsSetError(IPP_STATUS_ERROR_INTERNAL, strerror(ENOENT), 0); + _cupsSetError(IPP_STATUS_ERROR_INTERNAL, strerror(ENOENT), 0); - return (NULL); + return (NULL); + } } - else if (httpSeparateURI(HTTP_URI_CODING_ALL, uri, scheme, sizeof(scheme), userpass, sizeof(userpass), hostname, sizeof(hostname), &port, resource, (int)resourcesize) < HTTP_URI_STATUS_OK) + else { - _cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Bad URI."), 1); + DEBUG_printf(("1_cupsGetDestResource: printer-uri-supported=\"%s\"", uri)); - return (NULL); + if (httpSeparateURI(HTTP_URI_CODING_ALL, uri, scheme, sizeof(scheme), + userpass, sizeof(userpass), hostname, sizeof(hostname), + &port, resource, (int)resourcesize) < HTTP_URI_STATUS_OK) + { + _cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Bad printer-uri."), 1); + + return (NULL); + } } DEBUG_printf(("1_cupsGetDestResource: resource=\"%s\"", resource)); diff --git a/cups/hash.c b/cups/hash.c index 8ebe20b..ede5461 100644 --- a/cups/hash.c +++ b/cups/hash.c @@ -21,8 +21,6 @@ # include #elif defined(HAVE_GNUTLS) # include -#else -# include "md5-private.h" #endif /* __APPLE__ */ @@ -173,9 +171,7 @@ cupsHashData(const char *algorithm, /* I - Algorithm name */ unsigned char temp[64]; /* Temporary hash buffer */ size_t tempsize = 0; /* Truncate to this size? */ - if (!strcmp(algorithm, "md5")) - alg = GNUTLS_DIG_MD5; - else if (!strcmp(algorithm, "sha")) + if (!strcmp(algorithm, "sha")) alg = GNUTLS_DIG_SHA1; else if (!strcmp(algorithm, "sha2-224")) alg = GNUTLS_DIG_SHA224; @@ -223,20 +219,10 @@ cupsHashData(const char *algorithm, /* I - Algorithm name */ #else /* - * No hash support beyond MD5 without CommonCrypto or GNU TLS... + * No hash support without CommonCrypto or GNU TLS... */ - if (!strcmp(algorithm, "md5")) - { - _cups_md5_state_t state; /* MD5 state info */ - - _cupsMD5Init(&state); - _cupsMD5Append(&state, data, datalen); - _cupsMD5Finish(&state, hash); - - return (16); - } - else if (hashsize < 64) + if (hashsize < 64) goto too_small; #endif /* __APPLE__ */ @@ -257,51 +243,3 @@ cupsHashData(const char *algorithm, /* I - Algorithm name */ _cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Hash buffer too small."), 1); return (-1); } - - -/* - * 'cupsHashString()' - Format a hash value as a hexadecimal string. - * - * The passed buffer must be at least 2 * hashsize + 1 characters in length. - */ - -const char * /* O - Formatted string */ -cupsHashString( - const unsigned char *hash, /* I - Hash */ - size_t hashsize, /* I - Size of hash */ - char *buffer, /* I - String buffer */ - size_t bufsize) /* I - Size of string buffer */ -{ - char *bufptr = buffer; /* Pointer into buffer */ - static const char *hex = "0123456789abcdef"; - /* Hex characters (lowercase!) */ - - - /* - * Range check input... - */ - - if (!hash || hashsize < 1 || !buffer || bufsize < (2 * hashsize + 1)) - { - if (buffer) - *buffer = '\0'; - return (NULL); - } - - /* - * Loop until we've converted the whole hash... - */ - - while (hashsize > 0) - { - *bufptr++ = hex[*hash >> 4]; - *bufptr++ = hex[*hash & 15]; - - hash ++; - hashsize --; - } - - *bufptr = '\0'; - - return (buffer); -} diff --git a/cups/http-addr.c b/cups/http-addr.c index 234997c..61c8638 100644 --- a/cups/http-addr.c +++ b/cups/http-addr.c @@ -184,10 +184,6 @@ httpAddrListen(http_addr_t *addr, /* I - Address to bind to */ val = 1; setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, CUPS_SOCAST &val, sizeof(val)); -#ifdef __linux - setsockopt(fd, IPPROTO_IP, IP_FREEBIND, CUPS_SOCAST &val, sizeof(val)); -#endif /* __linux */ - #ifdef IPV6_V6ONLY if (addr->addr.sa_family == AF_INET6) setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, CUPS_SOCAST &val, sizeof(val)); @@ -394,8 +390,7 @@ httpAddrLookup( if (error) { - if (error == EAI_FAIL || error == EAI_AGAIN || error == EAI_NODATA || - error == EAI_NONAME) + if (error == EAI_FAIL) cg->need_res_init = 1; return (httpAddrString(addr, name, namelen)); diff --git a/cups/http-addrlist.c b/cups/http-addrlist.c index 962b731..e5fc940 100644 --- a/cups/http-addrlist.c +++ b/cups/http-addrlist.c @@ -240,10 +240,7 @@ httpAddrConnect2( } if (!addrlist && nfds == 0) - { - errno = EHOSTDOWN; break; - } /* * See if we can connect to any of the addresses so far... @@ -374,9 +371,6 @@ httpAddrConnect2( remaining -= 250; } - if (remaining <= 0) - errno = ETIMEDOUT; - while (nfds > 0) { nfds --; @@ -624,7 +618,6 @@ httpAddrGetList(const char *hostname, /* I - Hostname, IP address, or NULL for p if (!temp) { httpAddrFreeList(first); - freeaddrinfo(results); _cupsSetError(IPP_STATUS_ERROR_INTERNAL, strerror(errno), 0); return (NULL); } @@ -657,8 +650,7 @@ httpAddrGetList(const char *hostname, /* I - Hostname, IP address, or NULL for p } else { - if (error == EAI_FAIL || error == EAI_AGAIN || error == EAI_NODATA || - error == EAI_NONAME) + if (error == EAI_FAIL) cg->need_res_init = 1; _cupsSetError(IPP_STATUS_ERROR_INTERNAL, gai_strerror(error), 0); diff --git a/cups/http-private.h b/cups/http-private.h index 508d67e..f71e564 100644 --- a/cups/http-private.h +++ b/cups/http-private.h @@ -180,17 +180,13 @@ extern "C" { # define _HTTP_TLS_NONE 0 /* No TLS options */ # define _HTTP_TLS_ALLOW_RC4 1 /* Allow RC4 cipher suites */ -# define _HTTP_TLS_ALLOW_DH 2 /* Allow DH/DHE key negotiation */ -# define _HTTP_TLS_DENY_CBC 4 /* Deny CBC cipher suites */ +# define _HTTP_TLS_ALLOW_SSL3 2 /* Allow SSL 3.0 */ +# define _HTTP_TLS_ALLOW_DH 4 /* Allow DH/DHE key negotiation */ +# define _HTTP_TLS_DENY_TLS10 16 /* Deny TLS 1.0 */ +# define _HTTP_TLS_DENY_CBC 32 /* Deny CBC cipher suites */ +# define _HTTP_TLS_ONLY_TLS10 64 /* Only use TLS 1.0 */ # define _HTTP_TLS_SET_DEFAULT 128 /* Setting the default TLS options */ -# define _HTTP_TLS_SSL3 0 /* Min/max version is SSL/3.0 */ -# define _HTTP_TLS_1_0 1 /* Min/max version is TLS/1.0 */ -# define _HTTP_TLS_1_1 2 /* Min/max version is TLS/1.1 */ -# define _HTTP_TLS_1_2 3 /* Min/max version is TLS/1.2 */ -# define _HTTP_TLS_1_3 4 /* Min/max version is TLS/1.3 */ -# define _HTTP_TLS_MAX 5 /* Highest known TLS version */ - /* * Types and functions for SSL support... @@ -446,7 +442,7 @@ extern void _httpTLSInitialize(void); extern size_t _httpTLSPending(http_t *http); extern int _httpTLSRead(http_t *http, char *buf, int len); extern int _httpTLSSetCredentials(http_t *http); -extern void _httpTLSSetOptions(int options, int min_version, int max_version); +extern void _httpTLSSetOptions(int options); extern int _httpTLSStart(http_t *http); extern void _httpTLSStop(http_t *http); extern int _httpTLSWrite(http_t *http, const char *buf, int len); diff --git a/cups/http-support.c b/cups/http-support.c index 8ee8400..76dbb7d 100644 --- a/cups/http-support.c +++ b/cups/http-support.c @@ -2346,7 +2346,7 @@ http_resolve_cb( const char *type, /* I - Registration type */ const char *domain, /* I - Domain (unused) */ const char *hostTarget, /* I - Hostname */ - const AvahiAddress *address, /* I - Address */ + const AvahiAddress *address, /* I - Address (unused) */ uint16_t port, /* I - Port number */ AvahiStringList *txt, /* I - TXT record */ AvahiLookupResultFlags flags, /* I - Lookup flags (unused) */ @@ -2499,62 +2499,39 @@ http_resolve_cb( * getting the IP address of the .local name and then do reverse-lookups... */ - http_addr_t addr; - size_t addrlen; - int error; + http_addrlist_t *addrlist, /* List of addresses */ + *addr; /* Current address */ DEBUG_printf(("5http_resolve_cb: Looking up \"%s\".", hostTarget)); - switch (address->proto) + snprintf(fqdn, sizeof(fqdn), "%d", ntohs(port)); + if ((addrlist = httpAddrGetList(hostTarget, AF_UNSPEC, fqdn)) != NULL) { - case AVAHI_PROTO_INET: - addr.ipv4.sin_family = AF_INET; - addrlen = sizeof (addr.ipv4.sin_addr); - memcpy (&addr.ipv4.sin_addr, &address->data, addrlen); - break; - case AVAHI_PROTO_INET6: - addr.ipv6.sin6_family = AF_INET6; - addrlen = sizeof (addr.ipv6.sin6_addr); - memcpy (&addr.ipv6.sin6_addr, &address->data, addrlen); - break; - default: - DEBUG_printf(("8http_resolve_cb: unknown address family %d", - address->proto)); - addrlen = 0; - } - - if (addrlen > 0) { - error = getnameinfo(&addr.addr, httpAddrLength (&addr), - fqdn, sizeof(fqdn), NULL, 0, NI_NAMEREQD); - - if (!error) + for (addr = addrlist; addr; addr = addr->next) { - DEBUG_printf(("8http_resolve_cb: Found \"%s\".", fqdn)); - - if ((hostptr = fqdn + strlen(fqdn) - 6) <= fqdn || - _cups_strcasecmp(hostptr, ".local")) + int error = getnameinfo(&(addr->addr.addr), (socklen_t)httpAddrLength(&(addr->addr)), fqdn, sizeof(fqdn), NULL, 0, NI_NAMEREQD); + if (!error) { - hostTarget = fqdn; - } - } else { - avahi_address_snprint (fqdn, sizeof (fqdn), address); - hostTarget = fqdn; + DEBUG_printf(("5http_resolve_cb: Found \"%s\".", fqdn)); + if ((hostptr = fqdn + strlen(fqdn) - 6) <= fqdn || + _cups_strcasecmp(hostptr, ".local")) + { + hostTarget = fqdn; + break; + } + } #ifdef DEBUG - DEBUG_printf(("8http_resolve_cb: \"%s\" did not resolve: %d", - fqdn, error)); + else + DEBUG_printf(("5http_resolve_cb: \"%s\" did not resolve: %d", + httpAddrString(&(addr->addr), fqdn, sizeof(fqdn)), + error)); #endif /* DEBUG */ } + httpAddrFreeList(addrlist); } - } else { - /* - * Use the IP address that responded... - */ - - avahi_address_snprint (fqdn, sizeof (fqdn), address); - hostTarget = fqdn; } /* diff --git a/cups/http.c b/cups/http.c index 57572a7..61b88c9 100644 --- a/cups/http.c +++ b/cups/http.c @@ -1891,7 +1891,7 @@ httpPrintf(http_t *http, /* I - HTTP connection */ ...) /* I - Additional args as needed */ { ssize_t bytes; /* Number of bytes to write */ - char buf[65536]; /* Buffer for formatted string */ + char buf[16384]; /* Buffer for formatted string */ va_list ap; /* Variable argument pointer */ @@ -1903,12 +1903,7 @@ httpPrintf(http_t *http, /* I - HTTP connection */ DEBUG_printf(("3httpPrintf: (" CUPS_LLFMT " bytes) %s", CUPS_LLCAST bytes, buf)); - if (bytes > (ssize_t)(sizeof(buf) - 1)) - { - http->error = ENOMEM; - return (-1); - } - else if (http->data_encoding == HTTP_ENCODING_FIELDS) + if (http->data_encoding == HTTP_ENCODING_FIELDS) return ((int)httpWrite2(http, buf, (size_t)bytes)); else { @@ -3949,7 +3944,7 @@ http_create( if ((http = calloc(sizeof(http_t), 1)) == NULL) { _cupsSetError(IPP_STATUS_ERROR_INTERNAL, strerror(errno), 0); - httpAddrFreeList(myaddrlist); + httpAddrFreeList(addrlist); return (NULL); } diff --git a/cups/ipp.c b/cups/ipp.c index fd8988f..772b2f0 100644 --- a/cups/ipp.c +++ b/cups/ipp.c @@ -4628,7 +4628,9 @@ ippSetValueTag( break; case IPP_TAG_NAME : - if (temp_tag != IPP_TAG_KEYWORD) + if (temp_tag != IPP_TAG_KEYWORD && temp_tag != IPP_TAG_URI && + temp_tag != IPP_TAG_URISCHEME && temp_tag != IPP_TAG_LANGUAGE && + temp_tag != IPP_TAG_MIMETYPE) return (0); (*attr)->value_tag = (ipp_tag_t)(IPP_TAG_NAME | ((*attr)->value_tag & IPP_TAG_CUPS_CONST)); @@ -4636,7 +4638,10 @@ ippSetValueTag( case IPP_TAG_NAMELANG : case IPP_TAG_TEXTLANG : - if (value_tag == IPP_TAG_NAMELANG && (temp_tag != IPP_TAG_NAME && temp_tag != IPP_TAG_KEYWORD)) + if (value_tag == IPP_TAG_NAMELANG && + (temp_tag != IPP_TAG_NAME && temp_tag != IPP_TAG_KEYWORD && + temp_tag != IPP_TAG_URI && temp_tag != IPP_TAG_URISCHEME && + temp_tag != IPP_TAG_LANGUAGE && temp_tag != IPP_TAG_MIMETYPE)) return (0); if (value_tag == IPP_TAG_TEXTLANG && temp_tag != IPP_TAG_TEXT) diff --git a/cups/md5passwd.c b/cups/md5passwd.c index c9ffe04..a9817aa 100644 --- a/cups/md5passwd.c +++ b/cups/md5passwd.c @@ -17,7 +17,6 @@ * Include necessary headers... */ -#include #include "http-private.h" #include "string-private.h" @@ -32,6 +31,7 @@ httpMD5(const char *username, /* I - User name */ const char *passwd, /* I - Password string */ char md5[33]) /* O - MD5 string */ { + _cups_md5_state_t state; /* MD5 state info */ unsigned char sum[16]; /* Sum data */ char line[256]; /* Line to sum */ @@ -41,13 +41,15 @@ httpMD5(const char *username, /* I - User name */ */ snprintf(line, sizeof(line), "%s:%s:%s", username, realm, passwd); - cupsHashData("md5", (unsigned char *)line, strlen(line), sum, sizeof(sum)); + _cupsMD5Init(&state); + _cupsMD5Append(&state, (unsigned char *)line, (int)strlen(line)); + _cupsMD5Finish(&state, sum); /* * Return the sum... */ - return ((char *)cupsHashString(sum, sizeof(sum), md5, 33)); + return (httpMD5String(sum, md5)); } @@ -63,6 +65,7 @@ httpMD5Final(const char *nonce, /* I - Server nonce value */ const char *resource, /* I - Resource path */ char md5[33]) /* IO - MD5 sum */ { + _cups_md5_state_t state; /* MD5 state info */ unsigned char sum[16]; /* Sum data */ char line[1024]; /* Line of data */ char a2[33]; /* Hash of method and resource */ @@ -73,7 +76,9 @@ httpMD5Final(const char *nonce, /* I - Server nonce value */ */ snprintf(line, sizeof(line), "%s:%s", method, resource); - cupsHashData("md5", (unsigned char *)line, strlen(line), sum, sizeof(sum)); + _cupsMD5Init(&state); + _cupsMD5Append(&state, (unsigned char *)line, (int)strlen(line)); + _cupsMD5Finish(&state, sum); httpMD5String(sum, a2); /* @@ -83,9 +88,12 @@ httpMD5Final(const char *nonce, /* I - Server nonce value */ */ snprintf(line, sizeof(line), "%s:%s:%s", md5, nonce, a2); - cupsHashData("md5", (unsigned char *)line, strlen(line), sum, sizeof(sum)); - return ((char *)cupsHashString(sum, sizeof(sum), md5, 33)); + _cupsMD5Init(&state); + _cupsMD5Append(&state, (unsigned char *)line, (int)strlen(line)); + _cupsMD5Finish(&state, sum); + + return (httpMD5String(sum, md5)); } @@ -98,5 +106,23 @@ httpMD5String(const unsigned char *sum, /* I - MD5 sum data */ char md5[33]) /* O - MD5 sum in hex */ { - return ((char *)cupsHashString(sum, 16, md5, 33)); + int i; /* Looping var */ + char *md5ptr; /* Pointer into MD5 string */ + static const char hex[] = "0123456789abcdef"; + /* Hex digits */ + + + /* + * Convert the MD5 sum to hexadecimal... + */ + + for (i = 16, md5ptr = md5; i > 0; i --, sum ++) + { + *md5ptr++ = hex[*sum >> 4]; + *md5ptr++ = hex[*sum & 15]; + } + + *md5ptr = '\0'; + + return (md5); } diff --git a/cups/ppd-cache.c b/cups/ppd-cache.c index e5f89ee..925ab80 100644 --- a/cups/ppd-cache.c +++ b/cups/ppd-cache.c @@ -508,20 +508,24 @@ _ppdCacheCreateWithFile( else if (!_cups_strcasecmp(line, "Filter")) { if (!pc->filters) - pc->filters = cupsArrayNew3(NULL, NULL, NULL, 0, (cups_acopy_func_t)strdup, (cups_afree_func_t)free); + pc->filters = cupsArrayNew3(NULL, NULL, NULL, 0, + (cups_acopy_func_t)_cupsStrAlloc, + (cups_afree_func_t)_cupsStrFree); cupsArrayAdd(pc->filters, value); } else if (!_cups_strcasecmp(line, "PreFilter")) { if (!pc->prefilters) - pc->prefilters = cupsArrayNew3(NULL, NULL, NULL, 0, (cups_acopy_func_t)strdup, (cups_afree_func_t)free); + pc->prefilters = cupsArrayNew3(NULL, NULL, NULL, 0, + (cups_acopy_func_t)_cupsStrAlloc, + (cups_afree_func_t)_cupsStrFree); cupsArrayAdd(pc->prefilters, value); } else if (!_cups_strcasecmp(line, "Product")) { - pc->product = strdup(value); + pc->product = _cupsStrAlloc(value); } else if (!_cups_strcasecmp(line, "SingleFile")) { @@ -621,8 +625,8 @@ _ppdCacheCreateWithFile( } map = pc->bins + pc->num_bins; - map->pwg = strdup(pwg_keyword); - map->ppd = strdup(ppd_keyword); + map->pwg = _cupsStrAlloc(pwg_keyword); + map->ppd = _cupsStrAlloc(ppd_keyword); pc->num_bins ++; } @@ -676,8 +680,8 @@ _ppdCacheCreateWithFile( goto create_error; } - size->map.pwg = strdup(pwg_keyword); - size->map.ppd = strdup(ppd_keyword); + size->map.pwg = _cupsStrAlloc(pwg_keyword); + size->map.ppd = _cupsStrAlloc(ppd_keyword); pc->num_sizes ++; } @@ -705,15 +709,15 @@ _ppdCacheCreateWithFile( pwgFormatSizeName(pwg_keyword, sizeof(pwg_keyword), "custom", "max", pc->custom_max_width, pc->custom_max_length, NULL); - pc->custom_max_keyword = strdup(pwg_keyword); + pc->custom_max_keyword = _cupsStrAlloc(pwg_keyword); pwgFormatSizeName(pwg_keyword, sizeof(pwg_keyword), "custom", "min", pc->custom_min_width, pc->custom_min_length, NULL); - pc->custom_min_keyword = strdup(pwg_keyword); + pc->custom_min_keyword = _cupsStrAlloc(pwg_keyword); } else if (!_cups_strcasecmp(line, "SourceOption")) { - pc->source_option = strdup(value); + pc->source_option = _cupsStrAlloc(value); } else if (!_cups_strcasecmp(line, "NumSources")) { @@ -760,8 +764,8 @@ _ppdCacheCreateWithFile( } map = pc->sources + pc->num_sources; - map->pwg = strdup(pwg_keyword); - map->ppd = strdup(ppd_keyword); + map->pwg = _cupsStrAlloc(pwg_keyword); + map->ppd = _cupsStrAlloc(ppd_keyword); pc->num_sources ++; } @@ -809,8 +813,8 @@ _ppdCacheCreateWithFile( } map = pc->types + pc->num_types; - map->pwg = strdup(pwg_keyword); - map->ppd = strdup(ppd_keyword); + map->pwg = _cupsStrAlloc(pwg_keyword); + map->ppd = _cupsStrAlloc(ppd_keyword); pc->num_types ++; } @@ -840,13 +844,13 @@ _ppdCacheCreateWithFile( pc->presets[print_color_mode] + print_quality); } else if (!_cups_strcasecmp(line, "SidesOption")) - pc->sides_option = strdup(value); + pc->sides_option = _cupsStrAlloc(value); else if (!_cups_strcasecmp(line, "Sides1Sided")) - pc->sides_1sided = strdup(value); + pc->sides_1sided = _cupsStrAlloc(value); else if (!_cups_strcasecmp(line, "Sides2SidedLong")) - pc->sides_2sided_long = strdup(value); + pc->sides_2sided_long = _cupsStrAlloc(value); else if (!_cups_strcasecmp(line, "Sides2SidedShort")) - pc->sides_2sided_short = strdup(value); + pc->sides_2sided_short = _cupsStrAlloc(value); else if (!_cups_strcasecmp(line, "Finishings")) { if (!pc->finishings) @@ -867,13 +871,13 @@ _ppdCacheCreateWithFile( else if (!_cups_strcasecmp(line, "MaxCopies")) pc->max_copies = atoi(value); else if (!_cups_strcasecmp(line, "ChargeInfoURI")) - pc->charge_info_uri = strdup(value); + pc->charge_info_uri = _cupsStrAlloc(value); else if (!_cups_strcasecmp(line, "JobAccountId")) pc->account_id = !_cups_strcasecmp(value, "true"); else if (!_cups_strcasecmp(line, "JobAccountingUserId")) pc->accounting_user_id = !_cups_strcasecmp(value, "true"); else if (!_cups_strcasecmp(line, "JobPassword")) - pc->password = strdup(value); + pc->password = _cupsStrAlloc(value); else if (!_cups_strcasecmp(line, "Mandatory")) { if (pc->mandatory) @@ -884,7 +888,9 @@ _ppdCacheCreateWithFile( else if (!_cups_strcasecmp(line, "SupportFile")) { if (!pc->support_files) - pc->support_files = cupsArrayNew3(NULL, NULL, NULL, 0, (cups_acopy_func_t)strdup, (cups_afree_func_t)free); + pc->support_files = cupsArrayNew3(NULL, NULL, NULL, 0, + (cups_acopy_func_t)_cupsStrAlloc, + (cups_afree_func_t)_cupsStrFree); cupsArrayAdd(pc->support_files, value); } @@ -1124,8 +1130,8 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ */ new_size = old_size; - free(old_size->map.ppd); - free(old_size->map.pwg); + _cupsStrFree(old_size->map.ppd); + _cupsStrFree(old_size->map.pwg); } } @@ -1146,8 +1152,8 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ * Save this size... */ - new_size->map.ppd = strdup(ppd_size->name); - new_size->map.pwg = strdup(pwg_name); + new_size->map.ppd = _cupsStrAlloc(ppd_size->name); + new_size->map.pwg = _cupsStrAlloc(pwg_name); new_size->width = new_width; new_size->length = new_length; new_size->left = new_left; @@ -1167,14 +1173,14 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ pwgFormatSizeName(pwg_keyword, sizeof(pwg_keyword), "custom", "max", PWG_FROM_POINTS(ppd->custom_max[0]), PWG_FROM_POINTS(ppd->custom_max[1]), NULL); - pc->custom_max_keyword = strdup(pwg_keyword); + pc->custom_max_keyword = _cupsStrAlloc(pwg_keyword); pc->custom_max_width = PWG_FROM_POINTS(ppd->custom_max[0]); pc->custom_max_length = PWG_FROM_POINTS(ppd->custom_max[1]); pwgFormatSizeName(pwg_keyword, sizeof(pwg_keyword), "custom", "min", PWG_FROM_POINTS(ppd->custom_min[0]), PWG_FROM_POINTS(ppd->custom_min[1]), NULL); - pc->custom_min_keyword = strdup(pwg_keyword); + pc->custom_min_keyword = _cupsStrAlloc(pwg_keyword); pc->custom_min_width = PWG_FROM_POINTS(ppd->custom_min[0]); pc->custom_min_length = PWG_FROM_POINTS(ppd->custom_min[1]); @@ -1193,7 +1199,7 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ if (input_slot) { - pc->source_option = strdup(input_slot->keyword); + pc->source_option = _cupsStrAlloc(input_slot->keyword); if ((pc->sources = calloc((size_t)input_slot->num_choices, sizeof(pwg_map_t))) == NULL) { @@ -1245,8 +1251,8 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ "_"); } - map->pwg = strdup(pwg_name); - map->ppd = strdup(choice->choice); + map->pwg = _cupsStrAlloc(pwg_name); + map->ppd = _cupsStrAlloc(choice->choice); } } @@ -1309,8 +1315,8 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ "_"); } - map->pwg = strdup(pwg_name); - map->ppd = strdup(choice->choice); + map->pwg = _cupsStrAlloc(pwg_name); + map->ppd = _cupsStrAlloc(choice->choice); } } @@ -1336,8 +1342,8 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ { pwg_unppdize_name(choice->choice, pwg_keyword, sizeof(pwg_keyword), "_"); - map->pwg = strdup(pwg_keyword); - map->ppd = strdup(choice->choice); + map->pwg = _cupsStrAlloc(pwg_keyword); + map->ppd = _cupsStrAlloc(choice->choice); } } @@ -1552,7 +1558,7 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ if (duplex) { - pc->sides_option = strdup(duplex->keyword); + pc->sides_option = _cupsStrAlloc(duplex->keyword); for (i = duplex->num_choices, choice = duplex->choices; i > 0; @@ -1560,16 +1566,16 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ { if ((!_cups_strcasecmp(choice->choice, "None") || !_cups_strcasecmp(choice->choice, "False")) && !pc->sides_1sided) - pc->sides_1sided = strdup(choice->choice); + pc->sides_1sided = _cupsStrAlloc(choice->choice); else if ((!_cups_strcasecmp(choice->choice, "DuplexNoTumble") || !_cups_strcasecmp(choice->choice, "LongEdge") || !_cups_strcasecmp(choice->choice, "Top")) && !pc->sides_2sided_long) - pc->sides_2sided_long = strdup(choice->choice); + pc->sides_2sided_long = _cupsStrAlloc(choice->choice); else if ((!_cups_strcasecmp(choice->choice, "DuplexTumble") || !_cups_strcasecmp(choice->choice, "ShortEdge") || !_cups_strcasecmp(choice->choice, "Bottom")) && !pc->sides_2sided_short) - pc->sides_2sided_short = strdup(choice->choice); + pc->sides_2sided_short = _cupsStrAlloc(choice->choice); } } @@ -1577,7 +1583,9 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ * Copy filters and pre-filters... */ - pc->filters = cupsArrayNew3(NULL, NULL, NULL, 0, (cups_acopy_func_t)strdup, (cups_afree_func_t)free); + pc->filters = cupsArrayNew3(NULL, NULL, NULL, 0, + (cups_acopy_func_t)_cupsStrAlloc, + (cups_afree_func_t)_cupsStrFree); cupsArrayAdd(pc->filters, "application/vnd.cups-raw application/octet-stream 0 -"); @@ -1634,7 +1642,9 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ if ((ppd_attr = ppdFindAttr(ppd, "cupsPreFilter", NULL)) != NULL) { - pc->prefilters = cupsArrayNew3(NULL, NULL, NULL, 0, (cups_acopy_func_t)strdup, (cups_afree_func_t)free); + pc->prefilters = cupsArrayNew3(NULL, NULL, NULL, 0, + (cups_acopy_func_t)_cupsStrAlloc, + (cups_afree_func_t)_cupsStrFree); do { @@ -1651,7 +1661,7 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ */ if (ppd->product) - pc->product = strdup(ppd->product); + pc->product = _cupsStrAlloc(ppd->product); /* * Copy finishings mapping data... @@ -1808,7 +1818,7 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ */ if ((ppd_attr = ppdFindAttr(ppd, "cupsChargeInfoURI", NULL)) != NULL) - pc->charge_info_uri = strdup(ppd_attr->value); + pc->charge_info_uri = _cupsStrAlloc(ppd_attr->value); if ((ppd_attr = ppdFindAttr(ppd, "cupsJobAccountId", NULL)) != NULL) pc->account_id = !_cups_strcasecmp(ppd_attr->value, "true"); @@ -1817,7 +1827,7 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ pc->accounting_user_id = !_cups_strcasecmp(ppd_attr->value, "true"); if ((ppd_attr = ppdFindAttr(ppd, "cupsJobPassword", NULL)) != NULL) - pc->password = strdup(ppd_attr->value); + pc->password = _cupsStrAlloc(ppd_attr->value); if ((ppd_attr = ppdFindAttr(ppd, "cupsMandatory", NULL)) != NULL) pc->mandatory = _cupsArrayNewStrings(ppd_attr->value, ' '); @@ -1826,7 +1836,9 @@ _ppdCacheCreateWithPPD(ppd_file_t *ppd) /* I - PPD file */ * Support files... */ - pc->support_files = cupsArrayNew3(NULL, NULL, NULL, 0, (cups_acopy_func_t)strdup, (cups_afree_func_t)free); + pc->support_files = cupsArrayNew3(NULL, NULL, NULL, 0, + (cups_acopy_func_t)_cupsStrAlloc, + (cups_afree_func_t)_cupsStrFree); for (ppd_attr = ppdFindAttr(ppd, "cupsICCProfile", NULL); ppd_attr; @@ -1882,8 +1894,8 @@ _ppdCacheDestroy(_ppd_cache_t *pc) /* I - PPD cache and mapping data */ { for (i = pc->num_bins, map = pc->bins; i > 0; i --, map ++) { - free(map->pwg); - free(map->ppd); + _cupsStrFree(map->pwg); + _cupsStrFree(map->ppd); } free(pc->bins); @@ -1893,14 +1905,15 @@ _ppdCacheDestroy(_ppd_cache_t *pc) /* I - PPD cache and mapping data */ { for (i = pc->num_sizes, size = pc->sizes; i > 0; i --, size ++) { - free(size->map.pwg); - free(size->map.ppd); + _cupsStrFree(size->map.pwg); + _cupsStrFree(size->map.ppd); } free(pc->sizes); } - free(pc->source_option); + if (pc->source_option) + _cupsStrFree(pc->source_option); if (pc->sources) { @@ -1917,23 +1930,26 @@ _ppdCacheDestroy(_ppd_cache_t *pc) /* I - PPD cache and mapping data */ { for (i = pc->num_types, map = pc->types; i > 0; i --, map ++) { - free(map->pwg); - free(map->ppd); + _cupsStrFree(map->pwg); + _cupsStrFree(map->ppd); } free(pc->types); } - free(pc->custom_max_keyword); - free(pc->custom_min_keyword); + if (pc->custom_max_keyword) + _cupsStrFree(pc->custom_max_keyword); + + if (pc->custom_min_keyword) + _cupsStrFree(pc->custom_min_keyword); - free(pc->product); + _cupsStrFree(pc->product); cupsArrayDelete(pc->filters); cupsArrayDelete(pc->prefilters); cupsArrayDelete(pc->finishings); - free(pc->charge_info_uri); - free(pc->password); + _cupsStrFree(pc->charge_info_uri); + _cupsStrFree(pc->password); cupsArrayDelete(pc->mandatory); diff --git a/cups/ppd-mark.c b/cups/ppd-mark.c index cb67468..464c09a 100644 --- a/cups/ppd-mark.c +++ b/cups/ppd-mark.c @@ -890,9 +890,9 @@ ppd_mark_option(ppd_file_t *ppd, /* I - PPD file */ case PPD_CUSTOM_PASSWORD : case PPD_CUSTOM_STRING : if (cparam->current.custom_string) - free(cparam->current.custom_string); + _cupsStrFree(cparam->current.custom_string); - cparam->current.custom_string = strdup(choice + 7); + cparam->current.custom_string = _cupsStrAlloc(choice + 7); break; } } @@ -967,9 +967,9 @@ ppd_mark_option(ppd_file_t *ppd, /* I - PPD file */ case PPD_CUSTOM_PASSWORD : case PPD_CUSTOM_STRING : if (cparam->current.custom_string) - free(cparam->current.custom_string); + _cupsStrFree(cparam->current.custom_string); - cparam->current.custom_string = strdup(val->value); + cparam->current.custom_string = _cupsStrRetain(val->value); break; } } diff --git a/cups/ppd.c b/cups/ppd.c index a7cc9cd..5bd839d 100644 --- a/cups/ppd.c +++ b/cups/ppd.c @@ -34,6 +34,8 @@ * Definitions... */ +#define ppd_free(p) if (p) free(p) /* Safe free macro */ + #define PPD_KEYWORD 1 /* Line contained a keyword */ #define PPD_OPTION 2 /* Line contained an option name */ #define PPD_TEXT 4 /* Line contained human-readable text */ @@ -115,6 +117,7 @@ void ppdClose(ppd_file_t *ppd) /* I - PPD file record */ { int i; /* Looping var */ + ppd_emul_t *emul; /* Current emulation */ ppd_group_t *group; /* Current group */ char **font; /* Current font */ ppd_attr_t **attr; /* Current attribute */ @@ -133,12 +136,28 @@ ppdClose(ppd_file_t *ppd) /* I - PPD file record */ * Free all strings at the top level... */ - free(ppd->lang_encoding); - free(ppd->nickname); - free(ppd->patches); - free(ppd->jcl_begin); - free(ppd->jcl_end); - free(ppd->jcl_ps); + _cupsStrFree(ppd->lang_encoding); + _cupsStrFree(ppd->nickname); + if (ppd->patches) + free(ppd->patches); + _cupsStrFree(ppd->jcl_begin); + _cupsStrFree(ppd->jcl_end); + _cupsStrFree(ppd->jcl_ps); + + /* + * Free any emulations... + */ + + if (ppd->num_emulations > 0) + { + for (i = ppd->num_emulations, emul = ppd->emulations; i > 0; i --, emul ++) + { + _cupsStrFree(emul->start); + _cupsStrFree(emul->stop); + } + + ppd_free(ppd->emulations); + } /* * Free any UI groups, subgroups, and options... @@ -149,7 +168,7 @@ ppdClose(ppd_file_t *ppd) /* I - PPD file record */ for (i = ppd->num_groups, group = ppd->groups; i > 0; i --, group ++) ppd_free_group(group); - free(ppd->groups); + ppd_free(ppd->groups); } cupsArrayDelete(ppd->options); @@ -160,14 +179,14 @@ ppdClose(ppd_file_t *ppd) /* I - PPD file record */ */ if (ppd->num_sizes > 0) - free(ppd->sizes); + ppd_free(ppd->sizes); /* * Free any constraints... */ if (ppd->num_consts > 0) - free(ppd->consts); + ppd_free(ppd->consts); /* * Free any filters... @@ -182,9 +201,9 @@ ppdClose(ppd_file_t *ppd) /* I - PPD file record */ if (ppd->num_fonts > 0) { for (i = ppd->num_fonts, font = ppd->fonts; i > 0; i --, font ++) - free(*font); + _cupsStrFree(*font); - free(ppd->fonts); + ppd_free(ppd->fonts); } /* @@ -192,7 +211,7 @@ ppdClose(ppd_file_t *ppd) /* I - PPD file record */ */ if (ppd->num_profiles > 0) - free(ppd->profiles); + ppd_free(ppd->profiles); /* * Free any attributes... @@ -202,11 +221,11 @@ ppdClose(ppd_file_t *ppd) /* I - PPD file record */ { for (i = ppd->num_attrs, attr = ppd->attrs; i > 0; i --, attr ++) { - free((*attr)->value); - free(*attr); + _cupsStrFree((*attr)->value); + ppd_free(*attr); } - free(ppd->attrs); + ppd_free(ppd->attrs); } cupsArrayDelete(ppd->sorted_attrs); @@ -228,7 +247,7 @@ ppdClose(ppd_file_t *ppd) /* I - PPD file record */ case PPD_CUSTOM_PASSCODE : case PPD_CUSTOM_PASSWORD : case PPD_CUSTOM_STRING : - free(cparam->current.custom_string); + _cupsStrFree(cparam->current.custom_string); break; default : @@ -276,7 +295,7 @@ ppdClose(ppd_file_t *ppd) /* I - PPD file record */ * Free the whole record... */ - free(ppd); + ppd_free(ppd); } @@ -422,6 +441,7 @@ _ppdOpen( _ppd_localization_t localization) /* I - Localization to load */ { int i, j, k; /* Looping vars */ + int count; /* Temporary count */ _ppd_line_t line; /* Line buffer */ ppd_file_t *ppd; /* PPD file record */ ppd_group_t *group, /* Current group */ @@ -439,6 +459,7 @@ _ppdOpen( /* Human-readable text from file */ *string, /* Code/text from file */ *sptr, /* Pointer into string */ + *nameptr, /* Pointer into name */ *temp, /* Temporary string pointer */ **tempfonts; /* Temporary fonts pointer */ float order; /* Order dependency number */ @@ -612,14 +633,16 @@ _ppdOpen( if (pg->ppd_status == PPD_OK) pg->ppd_status = PPD_MISSING_PPDADOBE4; - free(string); - free(line.buffer); + _cupsStrFree(string); + ppd_free(line.buffer); return (NULL); } DEBUG_printf(("2_ppdOpen: keyword=%s, string=%p", keyword, string)); + _cupsStrFree(string); + /* * Allocate memory for the PPD file record... */ @@ -628,15 +651,12 @@ _ppdOpen( { pg->ppd_status = PPD_ALLOC_ERROR; - free(string); - free(line.buffer); + _cupsStrFree(string); + ppd_free(line.buffer); return (NULL); } - free(string); - string = NULL; - ppd->language_level = 2; ppd->color_device = 0; ppd->colorspace = PPD_CS_N; @@ -715,8 +735,6 @@ _ppdOpen( strncmp(ll, keyword, ll_len))) { DEBUG_printf(("2_ppdOpen: Ignoring localization: \"%s\"\n", keyword)); - free(string); - string = NULL; continue; } else if (localization == _PPD_LOCALIZATION_ICC_PROFILES) @@ -736,8 +754,6 @@ _ppdOpen( if (i >= (int)(sizeof(color_keywords) / sizeof(color_keywords[0]))) { DEBUG_printf(("2_ppdOpen: Ignoring localization: \"%s\"\n", keyword)); - free(string); - string = NULL; continue; } } @@ -833,7 +849,7 @@ _ppdOpen( * Say all PPD files are UTF-8, since we convert to UTF-8... */ - ppd->lang_encoding = strdup("UTF-8"); + ppd->lang_encoding = _cupsStrAlloc("UTF-8"); encoding = _ppdGetEncoding(string); } else if (!strcmp(keyword, "LanguageVersion")) @@ -854,10 +870,10 @@ _ppdOpen( cupsCharsetToUTF8(utf8, string, sizeof(utf8), encoding); - ppd->nickname = strdup((char *)utf8); + ppd->nickname = _cupsStrAlloc((char *)utf8); } else - ppd->nickname = strdup(string); + ppd->nickname = _cupsStrAlloc(string); } else if (!strcmp(keyword, "Product")) ppd->product = string; @@ -867,17 +883,17 @@ _ppdOpen( ppd->ttrasterizer = string; else if (!strcmp(keyword, "JCLBegin")) { - ppd->jcl_begin = strdup(string); + ppd->jcl_begin = _cupsStrAlloc(string); ppd_decode(ppd->jcl_begin); /* Decode quoted string */ } else if (!strcmp(keyword, "JCLEnd")) { - ppd->jcl_end = strdup(string); + ppd->jcl_end = _cupsStrAlloc(string); ppd_decode(ppd->jcl_end); /* Decode quoted string */ } else if (!strcmp(keyword, "JCLToPSInterpreter")) { - ppd->jcl_ps = strdup(string); + ppd->jcl_ps = _cupsStrAlloc(string); ppd_decode(ppd->jcl_ps); /* Decode quoted string */ } else if (!strcmp(keyword, "AccurateScreensSupport")) @@ -945,10 +961,10 @@ _ppdOpen( ppd->num_filters ++; /* - * Make a copy of the filter string... + * Retain a copy of the filter string... */ - *filter = strdup(string); + *filter = _cupsStrRetain(string); } else if (!strcmp(keyword, "Throughput")) ppd->throughput = atoi(string); @@ -971,7 +987,7 @@ _ppdOpen( } ppd->fonts = tempfonts; - ppd->fonts[ppd->num_fonts] = strdup(name); + ppd->fonts[ppd->num_fonts] = _cupsStrAlloc(name); ppd->num_fonts ++; } else if (!strncmp(keyword, "ParamCustom", 11)) @@ -1136,7 +1152,7 @@ _ppdOpen( strlcpy(choice->text, text[0] ? text : _("Custom"), sizeof(choice->text)); - choice->code = strdup(string); + choice->code = _cupsStrAlloc(string); if (custom_option->section == PPD_ORDER_JCL) ppd_decode(choice->code); @@ -1185,23 +1201,59 @@ _ppdOpen( else if (!strcmp(string, "Plus90")) ppd->landscape = 90; } - else if (!strcmp(keyword, "Emulators") && string && ppd->num_emulations == 0) + else if (!strcmp(keyword, "Emulators") && string) { - /* - * Issue #5562: Samsung printer drivers incorrectly use Emulators keyword - * to configure themselves - * - * The Emulators keyword was loaded but never used by anything in CUPS, - * and has no valid purpose in CUPS. The old code was removed due to a - * memory leak (Issue #5475), so the following (new) code supports a single - * name for the Emulators keyword, allowing these drivers to work until we - * remove PPD and driver support entirely in a future version of CUPS. - */ + for (count = 1, sptr = string; sptr != NULL;) + if ((sptr = strchr(sptr, ' ')) != NULL) + { + count ++; + while (*sptr == ' ') + sptr ++; + } + + ppd->num_emulations = count; + if ((ppd->emulations = calloc((size_t)count, sizeof(ppd_emul_t))) == NULL) + { + pg->ppd_status = PPD_ALLOC_ERROR; + + goto error; + } + + for (i = 0, sptr = string; i < count; i ++) + { + for (nameptr = ppd->emulations[i].name; + *sptr != '\0' && *sptr != ' '; + sptr ++) + if (nameptr < (ppd->emulations[i].name + sizeof(ppd->emulations[i].name) - 1)) + *nameptr++ = *sptr; + + *nameptr = '\0'; - ppd->num_emulations = 1; - ppd->emulations = calloc(1, sizeof(ppd_emul_t)); + while (*sptr == ' ') + sptr ++; + } + } + else if (!strncmp(keyword, "StartEmulator_", 14)) + { + ppd_decode(string); - strlcpy(ppd->emulations[0].name, string, sizeof(ppd->emulations[0].name)); + for (i = 0; i < ppd->num_emulations; i ++) + if (!strcmp(keyword + 14, ppd->emulations[i].name)) + { + ppd->emulations[i].start = string; + string = NULL; + } + } + else if (!strncmp(keyword, "StopEmulator_", 13)) + { + ppd_decode(string); + + for (i = 0; i < ppd->num_emulations; i ++) + if (!strcmp(keyword + 13, ppd->emulations[i].name)) + { + ppd->emulations[i].stop = string; + string = NULL; + } } else if (!strcmp(keyword, "JobPatchFile")) { @@ -1356,7 +1408,7 @@ _ppdOpen( option->section = PPD_ORDER_ANY; - free(string); + _cupsStrFree(string); string = NULL; /* @@ -1384,7 +1436,7 @@ _ppdOpen( strlcpy(choice->text, custom_attr->text[0] ? custom_attr->text : _("Custom"), sizeof(choice->text)); - choice->code = strdup(custom_attr->value); + choice->code = _cupsStrRetain(custom_attr->value); } } else if (!strcmp(keyword, "JCLOpenUI")) @@ -1463,7 +1515,7 @@ _ppdOpen( option->section = PPD_ORDER_JCL; group = NULL; - free(string); + _cupsStrFree(string); string = NULL; /* @@ -1487,14 +1539,14 @@ _ppdOpen( strlcpy(choice->text, custom_attr->text[0] ? custom_attr->text : _("Custom"), sizeof(choice->text)); - choice->code = strdup(custom_attr->value); + choice->code = _cupsStrRetain(custom_attr->value); } } else if (!strcmp(keyword, "CloseUI") || !strcmp(keyword, "JCLCloseUI")) { option = NULL; - free(string); + _cupsStrFree(string); string = NULL; } else if (!strcmp(keyword, "OpenGroup")) @@ -1541,14 +1593,14 @@ _ppdOpen( if (group == NULL) goto error; - free(string); + _cupsStrFree(string); string = NULL; } else if (!strcmp(keyword, "CloseGroup")) { group = NULL; - free(string); + _cupsStrFree(string); string = NULL; } else if (!strcmp(keyword, "OrderDependency")) @@ -1606,7 +1658,7 @@ _ppdOpen( option->order = order; } - free(string); + _cupsStrFree(string); string = NULL; } else if (!strncmp(keyword, "Default", 7)) @@ -1701,7 +1753,8 @@ _ppdOpen( constraint->choice1, constraint->option2, constraint->choice2)) { - default : /* Error */ + case 0 : /* Error */ + case 1 : /* Error */ pg->ppd_status = PPD_BAD_UI_CONSTRAINTS; goto error; @@ -1848,7 +1901,7 @@ _ppdOpen( * Don't add this one as an attribute... */ - free(string); + _cupsStrFree(string); string = NULL; } else if (!strcmp(keyword, "PaperDimension")) @@ -1870,7 +1923,7 @@ _ppdOpen( size->width = (float)_cupsStrScand(string, &sptr, loc); size->length = (float)_cupsStrScand(sptr, NULL, loc); - free(string); + _cupsStrFree(string); string = NULL; } else if (!strcmp(keyword, "ImageableArea")) @@ -1894,7 +1947,7 @@ _ppdOpen( size->right = (float)_cupsStrScand(sptr, &sptr, loc); size->top = (float)_cupsStrScand(sptr, NULL, loc); - free(string); + _cupsStrFree(string); string = NULL; } else if (option != NULL && @@ -1950,7 +2003,7 @@ _ppdOpen( (mask & (PPD_KEYWORD | PPD_STRING)) == (PPD_KEYWORD | PPD_STRING)) ppd_add_attr(ppd, keyword, name, text, string); else - free(string); + _cupsStrFree(string); } /* @@ -1963,8 +2016,7 @@ _ppdOpen( goto error; } - free(string); - free(line.buffer); + ppd_free(line.buffer); /* * Reset language preferences... @@ -2046,8 +2098,8 @@ _ppdOpen( error: - free(string); - free(line.buffer); + _cupsStrFree(string); + ppd_free(line.buffer); ppdClose(ppd); @@ -2485,9 +2537,9 @@ ppd_free_filters(ppd_file_t *ppd) /* I - PPD file */ if (ppd->num_filters > 0) { for (i = ppd->num_filters, filter = ppd->filters; i > 0; i --, filter ++) - free(*filter); + _cupsStrFree(*filter); - free(ppd->filters); + ppd_free(ppd->filters); ppd->num_filters = 0; ppd->filters = NULL; @@ -2514,7 +2566,7 @@ ppd_free_group(ppd_group_t *group) /* I - Group to free */ i --, option ++) ppd_free_option(option); - free(group->options); + ppd_free(group->options); } if (group->num_subgroups > 0) @@ -2524,7 +2576,7 @@ ppd_free_group(ppd_group_t *group) /* I - Group to free */ i --, subgroup ++) ppd_free_group(subgroup); - free(group->subgroups); + ppd_free(group->subgroups); } } @@ -2546,10 +2598,10 @@ ppd_free_option(ppd_option_t *option) /* I - Option to free */ i > 0; i --, choice ++) { - free(choice->code); + _cupsStrFree(choice->code); } - free(option->choices); + ppd_free(option->choices); } } @@ -2944,7 +2996,7 @@ ppd_read(cups_file_t *fp, /* I - File to read from */ *lineptr++ = (char)ch; col ++; - if (col > (PPD_MAX_LINE - 1) && pg->ppd_conform == PPD_CONFORM_STRICT) + if (col > (PPD_MAX_LINE - 1)) { /* * Line is too long... @@ -3005,7 +3057,7 @@ ppd_read(cups_file_t *fp, /* I - File to read from */ { col ++; - if (col > (PPD_MAX_LINE - 1) && pg->ppd_conform == PPD_CONFORM_STRICT) + if (col > (PPD_MAX_LINE - 1)) { /* * Line is too long... @@ -3064,7 +3116,7 @@ ppd_read(cups_file_t *fp, /* I - File to read from */ { col ++; - if (col > (PPD_MAX_LINE - 1) && pg->ppd_conform == PPD_CONFORM_STRICT) + if (col > (PPD_MAX_LINE - 1)) { /* * Line is too long... @@ -3286,7 +3338,7 @@ ppd_read(cups_file_t *fp, /* I - File to read from */ lineptr ++; } - *string = strdup(lineptr); + *string = _cupsStrAlloc(lineptr); mask |= PPD_STRING; } @@ -3408,7 +3460,7 @@ ppd_update_filters(ppd_file_t *ppd, /* I - PPD file */ filter += ppd->num_filters; ppd->num_filters ++; - *filter = strdup(buffer); + *filter = _cupsStrAlloc(buffer); } while ((attr = ppdFindNextAttr(ppd, "cupsFilter2", NULL)) != NULL); diff --git a/cups/ppd.h b/cups/ppd.h index 1c852c7..fb33c08 100644 --- a/cups/ppd.h +++ b/cups/ppd.h @@ -302,8 +302,8 @@ typedef struct ppd_file_s /**** PPD File ****/ int throughput; /* Pages per minute */ ppd_cs_t colorspace; /* Default colorspace */ char *patches; /* Patch commands to be sent to printer */ - int num_emulations; /* Number of emulations supported (no longer supported) @private@ */ - ppd_emul_t *emulations; /* Emulations and the code to invoke them (no longer supported) @private@ */ + int num_emulations; /* Number of emulations supported */ + ppd_emul_t *emulations; /* Emulations and the code to invoke them */ char *jcl_begin; /* Start JCL commands */ char *jcl_ps; /* Enter PostScript interpreter */ char *jcl_end; /* End JCL commands */ diff --git a/cups/snmp.c b/cups/snmp.c index 0f885da..7958b93 100644 --- a/cups/snmp.c +++ b/cups/snmp.c @@ -1233,9 +1233,6 @@ asn1_get_integer( int value; /* Integer value */ - if (*buffer >= bufend) - return (0); - if (length > sizeof(int)) { (*buffer) += length; @@ -1262,9 +1259,6 @@ asn1_get_length(unsigned char **buffer, /* IO - Pointer in buffer */ unsigned length; /* Length */ - if (*buffer >= bufend) - return (0); - length = **buffer; (*buffer) ++; @@ -1307,9 +1301,6 @@ asn1_get_oid( int number; /* OID number */ - if (*buffer >= bufend) - return (0); - valend = *buffer + length; oidptr = oid; oidend = oid + oidsize - 1; @@ -1358,12 +1349,9 @@ asn1_get_packed( int value; /* Value */ - if (*buffer >= bufend) - return (0); - value = 0; - while (*buffer < bufend && (**buffer & 128)) + while ((**buffer & 128) && *buffer < bufend) { value = (value << 7) | (**buffer & 127); (*buffer) ++; @@ -1391,9 +1379,6 @@ asn1_get_string( char *string, /* I - String buffer */ size_t strsize) /* I - String buffer size */ { - if (*buffer >= bufend) - return (NULL); - if (length > (unsigned)(bufend - *buffer)) length = (unsigned)(bufend - *buffer); @@ -1436,9 +1421,6 @@ asn1_get_type(unsigned char **buffer, /* IO - Pointer in buffer */ int type; /* Type */ - if (*buffer >= bufend) - return (0); - type = **buffer; (*buffer) ++; diff --git a/cups/string.c b/cups/string.c index 8f37caf..0d4ed0f 100644 --- a/cups/string.c +++ b/cups/string.c @@ -316,13 +316,6 @@ _cupsStrFree(const char *s) /* I - String to free */ key = (_cups_sp_item_t *)(s - offsetof(_cups_sp_item_t, str)); - if ((item = (_cups_sp_item_t *)cupsArrayFind(stringpool, key)) != NULL && - item == key) - { - /* - * Found it, dereference... - */ - #ifdef DEBUG_GUARDS if (key->guard != _CUPS_STR_GUARD) { @@ -332,6 +325,13 @@ _cupsStrFree(const char *s) /* I - String to free */ } #endif /* DEBUG_GUARDS */ + if ((item = (_cups_sp_item_t *)cupsArrayFind(stringpool, key)) != NULL && + item == key) + { + /* + * Found it, dereference... + */ + item->ref_count --; if (!item->ref_count) diff --git a/cups/tempfile.c b/cups/tempfile.c index 2dd410a..da705a9 100644 --- a/cups/tempfile.c +++ b/cups/tempfile.c @@ -25,7 +25,6 @@ # include #else # include -# include #endif /* WIN32 || __EMX__ */ @@ -47,7 +46,7 @@ cupsTempFd(char *filename, /* I - Pointer to buffer */ char tmppath[1024]; /* Windows temporary directory */ DWORD curtime; /* Current time */ #else - mode_t old_umask; /* Old umask before using mkstemp() */ + struct timeval curtime; /* Current time */ #endif /* WIN32 */ @@ -97,24 +96,32 @@ cupsTempFd(char *filename, /* I - Pointer to buffer */ */ snprintf(filename, (size_t)len - 1, "%s/%05lx%08lx", tmpdir, GetCurrentProcessId(), curtime); +#else + /* + * Get the current time of day... + */ + + gettimeofday(&curtime, NULL); + + /* + * Format a string using the hex time values... + */ + + snprintf(filename, (size_t)len - 1, "%s/%05x%08x", tmpdir, (unsigned)getpid(), (unsigned)(curtime.tv_sec + curtime.tv_usec + tries)); +#endif /* WIN32 */ /* * Open the file in "exclusive" mode, making sure that we don't * stomp on an existing file or someone's symlink crack... */ +#ifdef WIN32 fd = open(filename, _O_CREAT | _O_RDWR | _O_TRUNC | _O_BINARY, _S_IREAD | _S_IWRITE); +#elif defined(O_NOFOLLOW) + fd = open(filename, O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW, 0600); #else - /* - * Use the standard mkstemp() call to make a temporary filename - * securely. -- andrew.wood@jdplc.com - */ - snprintf(filename, len - 1, "%s/cupsXXXXXX", tmpdir); - - old_umask = umask(0077); - fd = mkstemp(filename); - umask(old_umask); + fd = open(filename, O_RDWR | O_CREAT | O_EXCL, 0600); #endif /* WIN32 */ if (fd < 0 && errno != EEXIST) diff --git a/cups/testdest.c b/cups/testdest.c index 27060f6..c5c2052 100644 --- a/cups/testdest.c +++ b/cups/testdest.c @@ -43,12 +43,9 @@ int /* O - Exit status */ main(int argc, /* I - Number of command-line arguments */ char *argv[]) /* I - Command-line arguments */ { - int i; /* Looping var */ http_t *http; /* Connection to destination */ cups_dest_t *dest = NULL; /* Destination */ cups_dinfo_t *dinfo; /* Destination info */ - unsigned dflags = CUPS_DEST_FLAGS_NONE; - /* Destination flags */ if (argc < 2) @@ -106,17 +103,9 @@ main(int argc, /* I - Number of command-line arguments */ return (0); } - - i = 1; - if (!strcmp(argv[i], "--device")) - { - dflags = CUPS_DEST_FLAGS_DEVICE; - i ++; - } - - if (!strncmp(argv[i], "ipp://", 6) || !strncmp(argv[i], "ipps://", 7)) - dest = cupsGetDestWithURI(NULL, argv[i]); - else if (!strcmp(argv[i], "default")) + else if (!strncmp(argv[1], "ipp://", 6) || !strncmp(argv[1], "ipps://", 7)) + dest = cupsGetDestWithURI(NULL, argv[1]); + else if (!strcmp(argv[1], "default")) { dest = cupsGetNamedDest(CUPS_HTTP_DEFAULT, NULL, NULL); if (dest && dest->instance) @@ -125,70 +114,67 @@ main(int argc, /* I - Number of command-line arguments */ printf("default is \"%s\".\n", dest->name); } else - dest = cupsGetNamedDest(CUPS_HTTP_DEFAULT, argv[i], NULL); + dest = cupsGetNamedDest(CUPS_HTTP_DEFAULT, argv[1], NULL); if (!dest) { - printf("testdest: Unable to get destination \"%s\": %s\n", argv[i], cupsLastErrorString()); + printf("testdest: Unable to get destination \"%s\": %s\n", argv[1], cupsLastErrorString()); return (1); } - i ++; - - if ((http = cupsConnectDest(dest, dflags, 30000, NULL, NULL, 0, NULL, NULL)) == NULL) + if ((http = cupsConnectDest(dest, CUPS_DEST_FLAGS_NONE, 30000, NULL, NULL, 0, NULL, NULL)) == NULL) { - printf("testdest: Unable to connect to destination \"%s\": %s\n", dest->name, cupsLastErrorString()); + printf("testdest: Unable to connect to destination \"%s\": %s\n", argv[1], cupsLastErrorString()); return (1); } if ((dinfo = cupsCopyDestInfo(http, dest)) == NULL) { - printf("testdest: Unable to get information for destination \"%s\": %s\n", dest->name, cupsLastErrorString()); + printf("testdest: Unable to get information for destination \"%s\": %s\n", argv[1], cupsLastErrorString()); return (1); } - if (i == argc || !strcmp(argv[i], "supported")) + if (argc == 2 || (!strcmp(argv[2], "supported") && argc < 6)) { - i ++; - - if ((i + 1) < argc) - show_supported(http, dest, dinfo, argv[i], argv[i + 1]); + if (argc > 3) + show_supported(http, dest, dinfo, argv[3], argv[4]); else if (argc > 2) - show_supported(http, dest, dinfo, argv[i], NULL); + show_supported(http, dest, dinfo, argv[3], NULL); else show_supported(http, dest, dinfo, NULL, NULL); } - else if (!strcmp(argv[i], "conflicts") && (i + 1) < argc) + else if (!strcmp(argv[2], "conflicts") && argc > 3) { - int num_options = 0;/* Number of options */ + int i, /* Looping var */ + num_options = 0;/* Number of options */ cups_option_t *options = NULL;/* Options */ - for (i ++; i < argc; i ++) + for (i = 3; i < argc; i ++) num_options = cupsParseOptions(argv[i], num_options, &options); show_conflicts(http, dest, dinfo, num_options, options); } - else if (!strcmp(argv[i], "default") && (i + 1) < argc) + else if (!strcmp(argv[2], "default") && argc == 4) { - show_default(http, dest, dinfo, argv[i + 1]); + show_default(http, dest, dinfo, argv[3]); } - else if (!strcmp(argv[i], "localize")) + else if (!strcmp(argv[2], "localize") && argc < 6) { - i ++; - if ((i + 1) < argc) - localize(http, dest, dinfo, argv[i], argv[i + 1]); + if (argc > 3) + localize(http, dest, dinfo, argv[3], argv[4]); else if (argc > 2) - localize(http, dest, dinfo, argv[i], NULL); + localize(http, dest, dinfo, argv[3], NULL); else localize(http, dest, dinfo, NULL, NULL); } - else if (!strcmp(argv[i], "media")) + else if (!strcmp(argv[2], "media")) { + int i; /* Looping var */ const char *name = NULL; /* Media name, if any */ unsigned flags = CUPS_MEDIA_FLAGS_DEFAULT; /* Media selection flags */ - for (i ++; i < argc; i ++) + for (i = 3; i < argc; i ++) { if (!strcmp(argv[i], "borderless")) flags = CUPS_MEDIA_FLAGS_BORDERLESS; @@ -206,19 +192,19 @@ main(int argc, /* I - Number of command-line arguments */ show_media(http, dest, dinfo, flags, name); } - else if (!strcmp(argv[i], "print") && (i + 1) < argc) + else if (!strcmp(argv[2], "print") && argc > 3) { - int num_options = 0;/* Number of options */ + int i, /* Looping var */ + num_options = 0;/* Number of options */ cups_option_t *options = NULL;/* Options */ - const char *filename = argv[i + 1]; - for (i += 2; i < argc; i ++) + for (i = 4; i < argc; i ++) num_options = cupsParseOptions(argv[i], num_options, &options); - print_file(http, dest, dinfo, filename, num_options, options); + print_file(http, dest, dinfo, argv[3], num_options, options); } else - usage(argv[i]); + usage(argv[2]); return (0); } @@ -754,9 +740,9 @@ usage(const char *arg) /* I - Argument for usage message */ printf("testdest: Unknown option \"%s\".\n", arg); puts("Usage:"); - puts(" ./testdest [--device] name [operation ...]"); - puts(" ./testdest [--device] ipp://... [operation ...]"); - puts(" ./testdest [--device] ipps://... [operation ...]"); + puts(" ./testdest name [operation ...]"); + puts(" ./testdest ipp://... [operation ...]"); + puts(" ./testdest ipps://... [operation ...]"); puts(" ./testdest --enum [grayscale] [color] [duplex] [staple] [small]\n" " [medium] [large]"); puts(""); diff --git a/cups/tls-darwin.c b/cups/tls-darwin.c index 7b28ee4..92430ac 100644 --- a/cups/tls-darwin.c +++ b/cups/tls-darwin.c @@ -53,9 +53,7 @@ static char *tls_keypath = NULL; /* Server cert keychain path */ static _cups_mutex_t tls_mutex = _CUPS_MUTEX_INITIALIZER; /* Mutex for keychain/certs */ -static int tls_options = -1,/* Options for TLS connections */ - tls_min_version = _HTTP_TLS_1_0, - tls_max_version = _HTTP_TLS_MAX; +static int tls_options = -1;/* Options for TLS connections */ /* @@ -1141,16 +1139,10 @@ _httpTLSRead(http_t *http, /* I - HTTP connection */ */ void -_httpTLSSetOptions(int options, /* I - Options */ - int min_version, /* I - Minimum TLS version */ - int max_version) /* I - Maximum TLS version */ +_httpTLSSetOptions(int options) /* I - Options */ { if (!(options & _HTTP_TLS_SET_DEFAULT) || tls_options < 0) - { - tls_options = options; - tls_min_version = min_version; - tls_max_version = max_version; - } + tls_options = options; } @@ -1182,7 +1174,7 @@ _httpTLSStart(http_t *http) /* I - HTTP connection */ { DEBUG_puts("4_httpTLSStart: Setting defaults."); _cupsSetDefaults(); - DEBUG_printf(("4_httpTLSStart: tls_options=%x, tls_min_version=%d, tls_max_version=%d", tls_options, tls_min_version, tls_max_version)); + DEBUG_printf(("4_httpTLSStart: tls_options=%x", tls_options)); } #ifdef HAVE_SECKEYCHAINOPEN @@ -1225,23 +1217,22 @@ _httpTLSStart(http_t *http) /* I - HTTP connection */ if (!error) { - static const SSLProtocol protocols[] = /* Min/max protocol versions */ - { - kSSLProtocol3, - kTLSProtocol1, - kTLSProtocol11, - kTLSProtocol12, - kTLSProtocol13, - kTLSProtocolMaxSupported - }; + SSLProtocol minProtocol; - error = SSLSetProtocolVersionMin(http->tls, protocols[tls_min_version]); - DEBUG_printf(("4_httpTLSStart: SSLSetProtocolVersionMin(%d), error=%d", protocols[tls_min_version], (int)error)); + if (tls_options & _HTTP_TLS_DENY_TLS10) + minProtocol = kTLSProtocol11; + else if (tls_options & _HTTP_TLS_ALLOW_SSL3) + minProtocol = kSSLProtocol3; + else + minProtocol = kTLSProtocol1; - if (!error) + error = SSLSetProtocolVersionMin(http->tls, minProtocol); + DEBUG_printf(("4_httpTLSStart: SSLSetProtocolVersionMin(%d), error=%d", minProtocol, (int)error)); + + if (!error && (tls_options & _HTTP_TLS_ONLY_TLS10)) { - error = SSLSetProtocolVersionMax(http->tls, protocols[tls_max_version]); - DEBUG_printf(("4_httpTLSStart: SSLSetProtocolVersionMax(%d), error=%d", protocols[tls_max_version], (int)error)); + error = SSLSetProtocolVersionMax(http->tls, kTLSProtocol1); + DEBUG_printf(("4_httpTLSStart: SSLSetProtocolVersionMax(kTLSProtocol1), error=%d", (int)error)); } } diff --git a/cups/tls-gnutls.c b/cups/tls-gnutls.c index b427617..2dcb7fe 100644 --- a/cups/tls-gnutls.c +++ b/cups/tls-gnutls.c @@ -35,9 +35,7 @@ static char *tls_keypath = NULL; /* Server cert keychain path */ static _cups_mutex_t tls_mutex = _CUPS_MUTEX_INITIALIZER; /* Mutex for keychain/certs */ -static int tls_options = -1,/* Options for TLS connections */ - tls_min_version = _HTTP_TLS_1_0, - tls_max_version = _HTTP_TLS_MAX; +static int tls_options = -1;/* Options for TLS connections */ /* @@ -1226,16 +1224,10 @@ _httpTLSSetCredentials(http_t *http) /* I - Connection to server */ */ void -_httpTLSSetOptions(int options, /* I - Options */ - int min_version, /* I - Minimum TLS version */ - int max_version) /* I - Maximum TLS version */ +_httpTLSSetOptions(int options) /* I - Options */ { if (!(options & _HTTP_TLS_SET_DEFAULT) || tls_options < 0) - { - tls_options = options; - tls_min_version = min_version; - tls_max_version = max_version; - } + tls_options = options; } @@ -1253,16 +1245,6 @@ _httpTLSStart(http_t *http) /* I - Connection to server */ /* TLS credentials */ char priority_string[2048]; /* Priority string */ - int version; /* Current version */ - static const char * const versions[] =/* SSL/TLS versions */ - { - "VERS-SSL3.0", - "VERS-TLS1.0", - "VERS-TLS1.1", - "VERS-TLS1.2", - "VERS-TLS1.3", - "VERS-TLS-ALL" - }; DEBUG_printf(("3_httpTLSStart(http=%p)", http)); @@ -1524,40 +1506,14 @@ _httpTLSStart(http_t *http) /* I - Connection to server */ strlcpy(priority_string, "NORMAL", sizeof(priority_string)); - if (tls_max_version < _HTTP_TLS_MAX) - { - /* - * Require specific TLS versions... - */ - - strlcat(priority_string, ":-VERS-TLS-ALL", sizeof(priority_string)); - for (version = tls_min_version; version <= tls_max_version; version ++) - { - strlcat(priority_string, ":+", sizeof(priority_string)); - strlcat(priority_string, versions[version], sizeof(priority_string)); - } - } - else if (tls_min_version == _HTTP_TLS_SSL3) - { - /* - * Allow all versions of TLS and SSL/3.0... - */ - + if (tls_options & _HTTP_TLS_DENY_TLS10) + strlcat(priority_string, ":+VERS-TLS-ALL:-VERS-TLS1.0:-VERS-SSL3.0", sizeof(priority_string)); + else if (tls_options & _HTTP_TLS_ALLOW_SSL3) strlcat(priority_string, ":+VERS-TLS-ALL:+VERS-SSL3.0", sizeof(priority_string)); - } + else if (tls_options & _HTTP_TLS_ONLY_TLS10) + strlcat(priority_string, ":-VERS-TLS-ALL:-VERS-SSL3.0:+VERS-TLS1.0", sizeof(priority_string)); else - { - /* - * Require a minimum version... - */ - - strlcat(priority_string, ":+VERS-TLS-ALL", sizeof(priority_string)); - for (version = 0; version < tls_min_version; version ++) - { - strlcat(priority_string, ":-", sizeof(priority_string)); - strlcat(priority_string, versions[version], sizeof(priority_string)); - } - } + strlcat(priority_string, ":+VERS-TLS-ALL:-VERS-SSL3.0", sizeof(priority_string)); if (tls_options & _HTTP_TLS_ALLOW_RC4) strlcat(priority_string, ":+ARCFOUR-128", sizeof(priority_string)); diff --git a/cups/tls-sspi.c b/cups/tls-sspi.c index 962ad6d..6eaec4c 100644 --- a/cups/tls-sspi.c +++ b/cups/tls-sspi.c @@ -52,9 +52,7 @@ * Local globals... */ -static int tls_options = -1,/* Options for TLS connections */ - tls_min_version = _HTTP_TLS_1_0, - tls_max_version = _HTTP_TLS_MAX; +static int tls_options = -1;/* Options for TLS connections */ /* @@ -916,11 +914,7 @@ void _httpTLSSetOptions(int options) /* I - Options */ { if (!(options & _HTTP_TLS_SET_DEFAULT) || tls_options < 0) - { - tls_options = options; - tls_min_version = min_version; - tls_max_version = max_version; - } + tls_options = options; } @@ -1788,14 +1782,14 @@ http_sspi_find_credentials( #else if (http->mode == _HTTP_MODE_SERVER) { - if (tls_min_version == _HTTP_TLS_SSL3) + if (tls_options & _HTTP_TLS_ALLOW_SSL3) SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_SERVER | SP_PROT_SSL3_SERVER; else SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_SERVER; } else { - if (tls_min_version == _HTTP_TLS_SSL3) + if (tls_options & _HTTP_TLS_ALLOW_SSL3) SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_CLIENT | SP_PROT_SSL3_CLIENT; else SchannelCred.grbitEnabledProtocols = SP_PROT_TLS1_CLIENT; diff --git a/cups/tlscheck.c b/cups/tlscheck.c index fa8fdd5..997e7aa 100644 --- a/cups/tlscheck.c +++ b/cups/tlscheck.c @@ -54,8 +54,6 @@ main(int argc, /* I - Number of command-line arguments */ int af = AF_UNSPEC, /* Address family */ tls_options = _HTTP_TLS_NONE, /* TLS options */ - tls_min_version = _HTTP_TLS_1_0, - tls_max_version = _HTTP_TLS_MAX, verbose = 0; /* Verbosity */ ipp_t *request, /* IPP Get-Printer-Attributes request */ *response; /* IPP Get-Printer-Attributes response */ @@ -90,12 +88,11 @@ main(int argc, /* I - Number of command-line arguments */ } else if (!strcmp(argv[i], "--no-tls10")) { - tls_min_version = _HTTP_TLS_1_1; + tls_options |= _HTTP_TLS_DENY_TLS10; } else if (!strcmp(argv[i], "--tls10")) { - tls_min_version = _HTTP_TLS_1_0; - tls_max_version = _HTTP_TLS_1_0; + tls_options |= _HTTP_TLS_ONLY_TLS10; } else if (!strcmp(argv[i], "--rc4")) { @@ -151,7 +148,7 @@ main(int argc, /* I - Number of command-line arguments */ if (!port) port = 631; - _httpTLSSetOptions(tls_options, tls_min_version, tls_max_version); + _httpTLSSetOptions(tls_options); http = httpConnect2(server, port, NULL, af, HTTP_ENCRYPTION_ALWAYS, 1, 30000, NULL); if (!http) diff --git a/cups/usersys.c b/cups/usersys.c index c25aba3..2a004b5 100644 --- a/cups/usersys.c +++ b/cups/usersys.c @@ -54,9 +54,7 @@ typedef struct _cups_client_conf_s /**** client.conf config data ****/ { #ifdef HAVE_SSL - int ssl_options, /* SSLOptions values */ - ssl_min_version,/* Minimum SSL/TLS version */ - ssl_max_version;/* Maximum SSL/TLS version */ + int ssl_options; /* SSLOptions values */ #endif /* HAVE_SSL */ int trust_first, /* Trust on first use? */ any_root, /* Allow any (e.g., self-signed) root */ @@ -394,7 +392,7 @@ cupsSetServer(const char *server) /* I - Server name */ cg->server_version = 22; } else - cg->server_version = 11; + cg->server_version = 20; if (cg->server[0] != '/' && (port = strrchr(cg->server, ':')) != NULL && !strchr(port, ']') && isdigit(port[1] & 255)) @@ -959,7 +957,7 @@ _cupsSetDefaults(void) cg->validate_certs = cc.validate_certs; #ifdef HAVE_SSL - _httpTLSSetOptions(cc.ssl_options | _HTTP_TLS_SET_DEFAULT, cc.ssl_min_version, cc.ssl_max_version); + _httpTLSSetOptions(cc.ssl_options | _HTTP_TLS_SET_DEFAULT); #endif /* HAVE_SSL */ } @@ -1166,15 +1164,11 @@ cups_init_client_conf( memset(cc, 0, sizeof(_cups_client_conf_t)); -#ifdef HAVE_SSL - cc->ssl_min_version = _HTTP_TLS_1_0; - cc->ssl_max_version = _HTTP_TLS_MAX; -#endif /* HAVE_SSL */ - cc->encryption = (http_encryption_t)-1; - cc->trust_first = -1; - cc->any_root = -1; - cc->expired_certs = -1; - cc->validate_certs = -1; + cc->encryption = (http_encryption_t)-1; + cc->trust_first = -1; + cc->any_root = -1; + cc->expired_certs = -1; + cc->validate_certs = -1; /* * Load settings from the org.cups.PrintingPrefs plist (which trump @@ -1342,9 +1336,7 @@ cups_set_ssl_options( * SSLOptions [AllowRC4] [AllowSSL3] [AllowDH] [DenyTLS1.0] [None] */ - int options = _HTTP_TLS_NONE, /* SSL/TLS options */ - min_version = _HTTP_TLS_1_0, /* Minimum SSL/TLS version */ - max_version = _HTTP_TLS_MAX; /* Maximum SSL/TLS version */ + int options = _HTTP_TLS_NONE; /* SSL/TLS options */ char temp[256], /* Copy of value */ *start, /* Start of option */ *end; /* End of option */ @@ -1372,38 +1364,20 @@ cups_set_ssl_options( if (!_cups_strcasecmp(start, "AllowRC4")) options |= _HTTP_TLS_ALLOW_RC4; else if (!_cups_strcasecmp(start, "AllowSSL3")) - min_version = _HTTP_TLS_SSL3; + options |= _HTTP_TLS_ALLOW_SSL3; else if (!_cups_strcasecmp(start, "AllowDH")) options |= _HTTP_TLS_ALLOW_DH; else if (!_cups_strcasecmp(start, "DenyCBC")) options |= _HTTP_TLS_DENY_CBC; else if (!_cups_strcasecmp(start, "DenyTLS1.0")) - min_version = _HTTP_TLS_1_1; - else if (!_cups_strcasecmp(start, "MaxTLS1.0")) - max_version = _HTTP_TLS_1_0; - else if (!_cups_strcasecmp(start, "MaxTLS1.1")) - max_version = _HTTP_TLS_1_1; - else if (!_cups_strcasecmp(start, "MaxTLS1.2")) - max_version = _HTTP_TLS_1_2; - else if (!_cups_strcasecmp(start, "MaxTLS1.3")) - max_version = _HTTP_TLS_1_3; - else if (!_cups_strcasecmp(start, "MinTLS1.0")) - min_version = _HTTP_TLS_1_0; - else if (!_cups_strcasecmp(start, "MinTLS1.1")) - min_version = _HTTP_TLS_1_1; - else if (!_cups_strcasecmp(start, "MinTLS1.2")) - min_version = _HTTP_TLS_1_2; - else if (!_cups_strcasecmp(start, "MinTLS1.3")) - min_version = _HTTP_TLS_1_3; + options |= _HTTP_TLS_DENY_TLS10; else if (!_cups_strcasecmp(start, "None")) options = _HTTP_TLS_NONE; } - cc->ssl_options = options; - cc->ssl_max_version = max_version; - cc->ssl_min_version = min_version; + cc->ssl_options = options; - DEBUG_printf(("4cups_set_ssl_options(cc=%p, value=\"%s\") options=%x, min_version=%d, max_version=%d", (void *)cc, value, options, min_version, max_version)); + DEBUG_printf(("4cups_set_ssl_options(cc=%p, value=\"%s\") options=%x", (void *)cc, value, options)); } #endif /* HAVE_SSL */ diff --git a/doc/help/man-cups-files.conf.html b/doc/help/man-cups-files.conf.html index 92812db..42dae48 100644 --- a/doc/help/man-cups-files.conf.html +++ b/doc/help/man-cups-files.conf.html @@ -148,7 +148,7 @@ The default is "/var/run/cups" or "/etc/cups" depending on the platform.
Specifies whether the scheduler calls fsync(2) after writing configuration or state files. -The default is "Yes". +The default is "No".
SystemGroup group-name [ ... group-name ]
Specifies the group(s) to use for @SYSTEM group authentication. The default contains "admin", "lpadmin", "root", "sys", and/or "system". diff --git a/filter/common.c b/filter/common.c index 65b2848..86b5f8e 100644 --- a/filter/common.c +++ b/filter/common.c @@ -17,12 +17,6 @@ * Include necessary headers... */ -#include "config.h" -#ifdef WITH_LSPP -#define _GNU_SOURCE -#include -#endif /* WITH_LSPP */ - #include "common.h" #include @@ -305,18 +299,6 @@ WriteLabelProlog(const char *label, /* I - Page label */ { const char *classification; /* CLASSIFICATION environment variable */ const char *ptr; /* Temporary string pointer */ -#ifdef WITH_LSPP - int i, /* counter */ - n, /* counter */ - lines, /* number of lines needed */ - line_len, /* index into tmp_label */ - label_len, /* length of the label in characters */ - label_index, /* index into the label */ - longest, /* length of the longest line */ - longest_line, /* index to the longest line */ - max_width; /* maximum width in characters */ - char **wrapped_label; /* label with line breaks */ -#endif /* WITH_LSPP */ /* @@ -339,124 +321,6 @@ WriteLabelProlog(const char *label, /* I - Page label */ return; } -#ifdef WITH_LSPP - if (strncmp(classification, "LSPP:", 5) == 0 && label == NULL) - { - /* - * Based on the 12pt fixed width font below determine the max_width - */ - max_width = width / 8; - longest_line = 0; - longest = 0; - classification += 5; // Skip the "LSPP:" - label_len = strlen(classification); - - if (label_len > max_width) - { - lines = 1 + (int)(label_len / max_width); - line_len = (int)(label_len / lines); - wrapped_label = malloc(sizeof(*wrapped_label) * lines); - label_index = i = n = 0; - while (classification[label_index]) - { - if ((label_index + line_len) > label_len) - break; - switch (classification[label_index + line_len + i]) - { - case ':': - case ',': - case '-': - i++; - wrapped_label[n++] = strndup(&classification[label_index], (line_len + i)); - label_index += line_len + i; - i = 0; - break; - default: - i++; - break; - } - if ((i + line_len) == max_width) - { - wrapped_label[n++] = strndup(&(classification[label_index]), (line_len + i)); - label_index = label_index + line_len + i; - i = 0; - } - } - wrapped_label[n] = strndup(&classification[label_index], label_len - label_index); - } - else - { - lines = 1; - wrapped_label = malloc(sizeof(*wrapped_label)); - wrapped_label[0] = (char*)classification; - } - - for (n = 0; n < lines; n++ ) - { - printf("userdict/ESPp%c(", ('a' + n)); - for (ptr = wrapped_label[n], i = 0; *ptr; ptr ++, i++) - if (*ptr < 32 || *ptr > 126) - printf("\\%03o", *ptr); - else - { - if (*ptr == '(' || *ptr == ')' || *ptr == '\\') - putchar('\\'); - - printf("%c", *ptr); - } - if (i > longest) - { - longest = i; - longest_line = n; - } - printf(")put\n"); - } - - /* - * For LSPP use a fixed width font so that line wrapping can be calculated - */ - - puts("userdict/ESPlf /Nimbus-Mono findfont 12 scalefont put"); - - /* - * Finally, the procedure to write the labels on the page... - */ - - printf("userdict/ESPwl{\n" - " ESPlf setfont\n"); - printf(" ESPp%c stringwidth pop dup 12 add exch -0.5 mul %.0f add\n ", - 'a' + longest_line, width * 0.5f); - for (n = 1; n < lines; n++) - printf(" dup"); - printf("\n 1 setgray\n"); - printf(" dup 6 sub %.0f %d index %.0f ESPrf\n", - (bottom - 2.0), (2 + lines), 6.0 + (16.0 * lines)); - printf(" dup 6 sub %.0f %d index %.0f ESPrf\n", - (top - 6.0 - (16.0 * lines)), (2 + lines), 4.0 + (16.0 * lines)); - printf(" 0 setgray\n"); - printf(" dup 6 sub %.0f %d index %.0f ESPrs\n", - (bottom - 2.0), (2 + lines), 6.0 + (16.0 * lines)); - printf(" dup 6 sub %.0f %d index %.0f ESPrs\n", - (top - 6.0 - (16.0 * lines)), (2 + lines), 4.0 + (16.0 * lines)); - for (n = 0; n < lines; n ++) - { - printf(" dup %.0f moveto ESPp%c show\n", - bottom + 6.0 + ((lines - (n+1)) * 16.0), 'a' + n); - printf(" %.0f moveto ESPp%c show\n", top + 2.0 - ((n + 1) * 16.0), 'a' + n); - } - printf(" pop\n" - "}bind put\n"); - - /* - * Do some clean up at the end of the LSPP special case - */ - free(wrapped_label); - - } - else - { -#endif /* !WITH_LSPP */ - /* * Set the classification + page label string... */ @@ -537,10 +401,7 @@ WriteLabelProlog(const char *label, /* I - Page label */ printf(" %.0f moveto ESPpl show\n", top - 14.0); puts("pop"); puts("}bind put"); - } -#ifdef WITH_LSPP } -#endif /* WITH_LSPP */ /* diff --git a/filter/pstops.c b/filter/pstops.c index ecadc3c..072356e 100644 --- a/filter/pstops.c +++ b/filter/pstops.c @@ -3176,18 +3176,6 @@ write_label_prolog(pstops_doc_t *doc, /* I - Document info */ { const char *classification; /* CLASSIFICATION environment variable */ const char *ptr; /* Temporary string pointer */ -#ifdef WITH_LSPP - int i, /* counter */ - n, /* counter */ - lines, /* number of lines needed */ - line_len, /* index into tmp_label */ - label_len, /* length of the label in characters */ - label_index, /* index into the label */ - longest, /* length of the longest line */ - longest_line, /* index to the longest line */ - max_width; /* maximum width in characters */ - char **wrapped_label; /* label with line breaks */ -#endif /* WITH_LSPP */ /* @@ -3210,124 +3198,6 @@ write_label_prolog(pstops_doc_t *doc, /* I - Document info */ return; } -#ifdef WITH_LSPP - if (strncmp(classification, "LSPP:", 5) == 0 && label == NULL) - { - /* - * Based on the 12pt fixed width font below determine the max_width - */ - max_width = width / 8; - longest_line = 0; - longest = 0; - classification += 5; // Skip the "LSPP:" - label_len = strlen(classification); - - if (label_len > max_width) - { - lines = 1 + (int)(label_len / max_width); - line_len = (int)(label_len / lines); - wrapped_label = malloc(sizeof(*wrapped_label) * lines); - label_index = i = n = 0; - while (classification[label_index]) - { - if ((label_index + line_len) > label_len) - break; - switch (classification[label_index + line_len + i]) - { - case ':': - case ',': - case '-': - i++; - wrapped_label[n++] = strndup(&classification[label_index], (line_len + i)); - label_index += line_len + i; - i = 0; - break; - default: - i++; - break; - } - if ((i + line_len) == max_width) - { - wrapped_label[n++] = strndup(&(classification[label_index]), (line_len + i)); - label_index = label_index + line_len + i; - i = 0; - } - } - wrapped_label[n] = strndup(&classification[label_index], label_len - label_index); - } - else - { - lines = 1; - wrapped_label = malloc(sizeof(*wrapped_label)); - wrapped_label[0] = (char*)classification; - } - - for (n = 0; n < lines; n++ ) - { - printf("userdict/ESPp%c(", ('a' + n)); - for (ptr = wrapped_label[n], i = 0; *ptr; ptr ++, i++) - if (*ptr < 32 || *ptr > 126) - printf("\\%03o", *ptr); - else - { - if (*ptr == '(' || *ptr == ')' || *ptr == '\\') - putchar('\\'); - - printf("%c", *ptr); - } - if (i > longest) - { - longest = i; - longest_line = n; - } - printf(")put\n"); - } - - /* - * For LSPP use a fixed width font so that line wrapping can be calculated - */ - - puts("userdict/ESPlf /Nimbus-Mono findfont 12 scalefont put"); - - /* - * Finally, the procedure to write the labels on the page... - */ - - printf("userdict/ESPwl{\n" - " ESPlf setfont\n"); - printf(" ESPp%c stringwidth pop dup 12 add exch -0.5 mul %.0f add\n ", - 'a' + longest_line, width * 0.5f); - for (n = 1; n < lines; n++) - printf(" dup"); - printf("\n 1 setgray\n"); - printf(" dup 6 sub %.0f %d index %.0f ESPrf\n", - (bottom - 2.0), (2 + lines), 6.0 + (16.0 * lines)); - printf(" dup 6 sub %.0f %d index %.0f ESPrf\n", - (top - 6.0 - (16.0 * lines)), (2 + lines), 4.0 + (16.0 * lines)); - printf(" 0 setgray\n"); - printf(" dup 6 sub %.0f %d index %.0f ESPrs\n", - (bottom - 2.0), (2 + lines), 6.0 + (16.0 * lines)); - printf(" dup 6 sub %.0f %d index %.0f ESPrs\n", - (top - 6.0 - (16.0 * lines)), (2 + lines), 4.0 + (16.0 * lines)); - for (n = 0; n < lines; n ++) - { - printf(" dup %.0f moveto ESPp%c show\n", - bottom + 6.0 + ((lines - (n+1)) * 16.0), 'a' + n); - printf(" %.0f moveto ESPp%c show\n", top + 2.0 - ((n + 1) * 16.0), 'a' + n); - } - printf(" pop\n" - "}bind put\n"); - - /* - * Do some clean up at the end of the LSPP special case - */ - free(wrapped_label); - - } - else - { -#endif /* !WITH_LSPP */ - /* * Set the classification + page label string... */ @@ -3406,10 +3276,7 @@ write_label_prolog(pstops_doc_t *doc, /* I - Document info */ doc_printf(doc, " %.0f moveto ESPpl show\n", top - 14.0); doc_puts(doc, "pop\n"); doc_puts(doc, "}bind put\n"); - } -#ifdef WITH_LSPP } -#endif /* WITH_LSPP */ /* diff --git a/filter/rastertoepson.c b/filter/rastertoepson.c index e8fe0c6..4efe669 100644 --- a/filter/rastertoepson.c +++ b/filter/rastertoepson.c @@ -307,7 +307,7 @@ StartPage( if (DotBytes) { - if ((LineBuffers[0] = calloc((size_t)DotBytes, (header->cupsWidth + 7) * (size_t)(Shingling + 1))) == NULL) + if ((LineBuffers[0] = calloc((size_t)DotBytes, header->cupsWidth * (size_t)(Shingling + 1))) == NULL) { fputs("ERROR: Unable to allocate memory\n", stderr); exit(1); diff --git a/man/client.conf.man.in b/man/client.conf.man.in index 7bbc7d6..c9fb91d 100644 --- a/man/client.conf.man.in +++ b/man/client.conf.man.in @@ -10,7 +10,7 @@ .\" which should have been included with this file. If this file is .\" file is missing or damaged, see the license at "http://www.cups.org/". .\" -.TH client.conf 5 "CUPS" "3 November 2017" "Apple Inc." +.TH client.conf 5 "CUPS" "19 October 2017" "Apple Inc." .SH NAME client.conf \- client configuration file for cups .SH DESCRIPTION @@ -56,7 +56,7 @@ Specifies the address and optionally the port to use when connecting to the serv \fBServerName \fIhostname-or-ip-address\fR[\fI:port\fR]\fB/version=1.1\fR Specifies the address and optionally the port to use when connecting to a server running CUPS 1.3.12 and earlier. .TP 5 -\fBSSLOptions \fR[\fIAllowDH\fR] [\fIAllowRC4\fR] [\fIAllowSSL3\fR] [\fIDenyCBC\fR] [\fIDenyTLS1.0\fR] [\fIMaxTLS1.0\fR] [\fIMaxTLS1.1\fR] [\fIMaxTLS1.2\fR] [\fIMaxTLS1.3\fR] [\fIMinTLS1.0\fR] [\fIMinTLS1.1\fR] [\fIMinTLS1.2\fR] [\fIMinTLS1.3\fR] +\fBSSLOptions \fR[\fIAllowDH\fR] [\fIAllowRC4\fR] [\fIAllowSSL3\fR] [\fIDenyCBC\fR] [\fIDenyTLS1.0\fR] .TP 5 \fBSSLOptions None\fR Sets encryption options (only in /etc/cups/client.conf). @@ -68,9 +68,6 @@ The \fIAllowRC4\fR option enables the 128-bit RC4 cipher suites, which are requi The \fIAllowSSL3\fR option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0. The \fIDenyCBC\fR option disables all CBC cipher suites. The \fIDenyTLS1.0\fR option disables TLS v1.0 support - this sets the minimum protocol version to TLS v1.1. -The \fMinTLS\fR options set the minimum TLS version to support. -The \fMaxTLS\fR options set the maximum TLS version to support. -Not all operating systems support TLS 1.3 at this time. .TP 5 \fBTrustOnFirstUse Yes\fR .TP 5 diff --git a/man/cups-files.conf.man.in b/man/cups-files.conf.man.in index ce4bc8c..2ed4686 100644 --- a/man/cups-files.conf.man.in +++ b/man/cups-files.conf.man.in @@ -157,11 +157,6 @@ The server name may be included in filenames using the string "%s", for example: .fi The default is "/var/log/cups/page_log". -.\"#PassEnv -.TP 5 -\fBPassEnv \fIvariable \fR[ ... \fIvariable \fR] -Passes the specified environment variable(s) to child processes. -Note: the standard CUPS filter and backend environment variables cannot be overridden using this directive. .\"#RemoteRoot .TP 5 \fBRemoteRoot \fIusername\fR @@ -196,11 +191,6 @@ macOS uses its keychain database to store certificates and keys while other plat \fBServerRoot \fIdirectory\fR Specifies the directory containing the server configuration files. The default is "/etc/cups". -.\"#SetEnv -.TP 5 -\fBSetEnv \fIvariable value\fR -Set the specified environment variable to be passed to child processes. -Note: the standard CUPS filter and backend environment variables cannot be overridden using this directive. .\"#StateDir .TP 5 \fBStateDir \fIdirectory\fR @@ -214,7 +204,7 @@ The default is "/var/run/cups" or "/etc/cups" depending on the platform. Specifies whether the scheduler calls .BR fsync (2) after writing configuration or state files. -The default is "Yes". +The default is "No". .\"#SystemGroup .TP 5 \fBSystemGroup \fIgroup-name \fR[ ... \fIgroup-name\fR ] diff --git a/man/cupsd.conf.man.in b/man/cupsd.conf.man.in index 53a028d..ab89e15 100644 --- a/man/cupsd.conf.man.in +++ b/man/cupsd.conf.man.in @@ -342,6 +342,10 @@ The default is "1048576" (1MB). \fBMultipleOperationTimeout \fIseconds\fR Specifies the maximum amount of time to allow between files in a multiple file print job. The default is "300" (5 minutes). +.\"#PassEnv +.TP 5 +\fBPassEnv \fIvariable \fR[ ... \fIvariable \fR] +Passes the specified environment variable(s) to child processes. .\"#Policy .TP 5 \fB \fR... \fB\fR @@ -422,6 +426,10 @@ Specifies what information is included in the Server header of HTTP responses. command. "Full" reports "CUPS 2.0.0 (UNAME) IPP/2.0". The default is "Minimal". +.\"#SetEnv +.TP 5 +\fBSetEnv \fIvariable value\fR +Set the specified environment variable to be passed to child processes. .\"#SSLListen .TP 5 \fBSSLListen \fIipv4-address\fB:\fIport\fR @@ -432,11 +440,10 @@ The default is "Minimal". Listens on the specified address and port for encrypted connections. .\"#SSLOptions .TP 5 -.TP 5 -\fBSSLOptions \fR[\fIAllowDH\fR] [\fIAllowRC4\fR] [\fIAllowSSL3\fR] [\fIDenyCBC\fR] [\fIDenyTLS1.0\fR] [\fIMaxTLS1.0\fR] [\fIMaxTLS1.1\fR] [\fIMaxTLS1.2\fR] [\fIMaxTLS1.3\fR] [\fIMinTLS1.0\fR] [\fIMinTLS1.1\fR] [\fIMinTLS1.2\fR] [\fIMinTLS1.3\fR] +\fBSSLOptions \fR[\fIAllowDH\fR] [\fIAllowRC4\fR] [\fIAllowSSL3\fR] [\fIDenyCBC\fR] [\fIDenyTLS1.0\fR] .TP 5 \fBSSLOptions None\fR -Sets encryption options (only in /etc/cups/client.conf). +Sets encryption options. By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites. Security is reduced when \fIAllow\fR options are used. Security is enhanced when \fIDeny\fR options are used. @@ -445,9 +452,6 @@ The \fIAllowRC4\fR option enables the 128-bit RC4 cipher suites, which are requi The \fIAllowSSL3\fR option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0. The \fIDenyCBC\fR option disables all CBC cipher suites. The \fIDenyTLS1.0\fR option disables TLS v1.0 support - this sets the minimum protocol version to TLS v1.1. -The \fMinTLS\fR options set the minimum TLS version to support. -The \fMaxTLS\fR options set the maximum TLS version to support. -Not all operating systems support TLS 1.3 at this time. .\"#SSLPort .TP 5 \fBSSLPort \fIport\fR diff --git a/ppdc/ppdc-source.cxx b/ppdc/ppdc-source.cxx index 1c67c2f..7b77c2e 100644 --- a/ppdc/ppdc-source.cxx +++ b/ppdc/ppdc-source.cxx @@ -1746,17 +1746,15 @@ ppdcSource::get_resolution(ppdcFile *fp)// I - File to read switch (sscanf(name, "%dx%d", &xdpi, &ydpi)) { + case 0 : + _cupsLangPrintf(stderr, + _("ppdc: Bad resolution name \"%s\" on line %d of " + "%s."), name, fp->line, fp->filename); + break; case 1 : ydpi = xdpi; break; - case 2 : - break; - default : - _cupsLangPrintf(stderr, - _("ppdc: Bad resolution name \"%s\" on line %d of " - "%s."), name, fp->line, fp->filename); - break; -} + } // Create the necessary PS commands... snprintf(command, sizeof(command), @@ -2671,7 +2669,6 @@ ppdcSource::scan_file(ppdcFile *fp, // I - File to read // Add it to the current option... if (!o) { - c->release(); _cupsLangPrintf(stderr, _("ppdc: Choice found on line %d of %s with no " "Option."), fp->line, fp->filename); diff --git a/ppdc/sample.drv b/ppdc/sample.drv index cac5a27..89c75fe 100644 --- a/ppdc/sample.drv +++ b/ppdc/sample.drv @@ -136,7 +136,6 @@ Version "2.1" { Manufacturer "Dymo" ModelName "Label Printer" - Attribute "1284DeviceID" "" "MFG:DYMO;MDL:LabelWriter 400;" Attribute NickName "" "Dymo Label Printer" PCFileName "dymo.ppd" DriverType label diff --git a/scheduler/Makefile b/scheduler/Makefile index 57281f9..0178934 100644 --- a/scheduler/Makefile +++ b/scheduler/Makefile @@ -15,7 +15,6 @@ include ../Makedefs CUPSDOBJS = \ auth.o \ - avahi.o \ banners.o \ cert.o \ classes.o \ @@ -39,8 +38,7 @@ CUPSDOBJS = \ server.o \ statbuf.o \ subscriptions.o \ - sysman.o \ - timeout.o + sysman.o LIBOBJS = \ filter.o \ mime.o \ diff --git a/scheduler/auth.c b/scheduler/auth.c index e7d0006..14a07ae 100644 --- a/scheduler/auth.c +++ b/scheduler/auth.c @@ -18,7 +18,6 @@ * Include necessary headers... */ -#define _GNU_SOURCE #include "cupsd.h" #include #ifdef HAVE_SHADOW_H @@ -72,6 +71,9 @@ static int check_authref(cupsd_client_t *con, const char *right); static int compare_locations(cupsd_location_t *a, cupsd_location_t *b); static cupsd_authmask_t *copy_authmask(cupsd_authmask_t *am, void *data); +#if !HAVE_LIBPAM +static char *cups_crypt(const char *pw, const char *salt); +#endif /* !HAVE_LIBPAM */ static void free_authmask(cupsd_authmask_t *am, void *data); #if HAVE_LIBPAM static int pam_func(int, const struct pam_message **, @@ -692,14 +694,14 @@ cupsdAuthorize(cupsd_client_t *con) /* I - Client connection */ * client... */ - pass = crypt(password, pw->pw_passwd); + pass = cups_crypt(password, pw->pw_passwd); if (!pass || strcmp(pw->pw_passwd, pass)) { # ifdef HAVE_SHADOW_H if (spw) { - pass = crypt(password, spw->sp_pwdp); + pass = cups_crypt(password, spw->sp_pwdp); if (pass == NULL || strcmp(spw->sp_pwdp, pass)) { @@ -1985,6 +1987,129 @@ copy_authmask(cupsd_authmask_t *mask, /* I - Existing auth mask */ } +#if !HAVE_LIBPAM +/* + * 'cups_crypt()' - Encrypt the password using the DES or MD5 algorithms, + * as needed. + */ + +static char * /* O - Encrypted password */ +cups_crypt(const char *pw, /* I - Password string */ + const char *salt) /* I - Salt (key) string */ +{ + if (!strncmp(salt, "$1$", 3)) + { + /* + * Use MD5 passwords without the benefit of PAM; this is for + * Slackware Linux, and the algorithm was taken from the + * old shadow-19990827/lib/md5crypt.c source code... :( + */ + + int i; /* Looping var */ + unsigned long n; /* Output number */ + int pwlen; /* Length of password string */ + const char *salt_end; /* End of "salt" data for MD5 */ + char *ptr; /* Pointer into result string */ + _cups_md5_state_t state; /* Primary MD5 state info */ + _cups_md5_state_t state2; /* Secondary MD5 state info */ + unsigned char digest[16]; /* MD5 digest result */ + static char result[120]; /* Final password string */ + + + /* + * Get the salt data between dollar signs, e.g. $1$saltdata$md5. + * Get a maximum of 8 characters of salt data after $1$... + */ + + for (salt_end = salt + 3; *salt_end && (salt_end - salt) < 11; salt_end ++) + if (*salt_end == '$') + break; + + /* + * Compute the MD5 sum we need... + */ + + pwlen = strlen(pw); + + _cupsMD5Init(&state); + _cupsMD5Append(&state, (unsigned char *)pw, pwlen); + _cupsMD5Append(&state, (unsigned char *)salt, salt_end - salt); + + _cupsMD5Init(&state2); + _cupsMD5Append(&state2, (unsigned char *)pw, pwlen); + _cupsMD5Append(&state2, (unsigned char *)salt + 3, salt_end - salt - 3); + _cupsMD5Append(&state2, (unsigned char *)pw, pwlen); + _cupsMD5Finish(&state2, digest); + + for (i = pwlen; i > 0; i -= 16) + _cupsMD5Append(&state, digest, i > 16 ? 16 : i); + + for (i = pwlen; i > 0; i >>= 1) + _cupsMD5Append(&state, (unsigned char *)((i & 1) ? "" : pw), 1); + + _cupsMD5Finish(&state, digest); + + for (i = 0; i < 1000; i ++) + { + _cupsMD5Init(&state); + + if (i & 1) + _cupsMD5Append(&state, (unsigned char *)pw, pwlen); + else + _cupsMD5Append(&state, digest, 16); + + if (i % 3) + _cupsMD5Append(&state, (unsigned char *)salt + 3, salt_end - salt - 3); + + if (i % 7) + _cupsMD5Append(&state, (unsigned char *)pw, pwlen); + + if (i & 1) + _cupsMD5Append(&state, digest, 16); + else + _cupsMD5Append(&state, (unsigned char *)pw, pwlen); + + _cupsMD5Finish(&state, digest); + } + + /* + * Copy the final sum to the result string and return... + */ + + memcpy(result, salt, (size_t)(salt_end - salt)); + ptr = result + (salt_end - salt); + *ptr++ = '$'; + + for (i = 0; i < 5; i ++, ptr += 4) + { + n = ((((unsigned)digest[i] << 8) | (unsigned)digest[i + 6]) << 8); + + if (i < 4) + n |= (unsigned)digest[i + 12]; + else + n |= (unsigned)digest[5]; + + to64(ptr, n, 4); + } + + to64(ptr, (unsigned)digest[11], 2); + ptr += 2; + *ptr = '\0'; + + return (result); + } + else + { + /* + * Use the standard crypt() function... + */ + + return (crypt(pw, salt)); + } +} +#endif /* !HAVE_LIBPAM */ + + /* * 'free_authmask()' - Free function for auth masks. */ diff --git a/scheduler/avahi.c b/scheduler/avahi.c deleted file mode 100644 index 5761317..0000000 --- a/scheduler/avahi.c +++ /dev/null @@ -1,441 +0,0 @@ -/* - * "$Id$" - * - * Avahi poll implementation for the CUPS scheduler. - * - * Copyright (C) 2010, 2011 Red Hat, Inc. - * Authors: - * Tim Waugh - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - * Contents: - * - * watch_read_cb - Read callback for file descriptor - * watch_write_cb - Write callback for file descriptor - * watched_fd_add_select() - Call cupsdAddSelect() as needed - * watch_new() - Create a new file descriptor watch - * watch_free() - Free a file descriptor watch - * watch_update() - Update watched events for a file descriptor - * watch_get_events() - Get events that happened for a file descriptor - * timeout_cb() - Run a timed Avahi callback - * timeout_new() - Set a wakeup time - * timeout_update() - Update the expiration time for a timeout - * timeout_free() - Free a timeout - * compare_watched_fds() - Compare watched file descriptors for array sorting - * avahi_cups_poll_new() - Create a new Avahi main loop object for CUPS - * avahi_cups_poll_free() - Free an Avahi main loop object for CUPS - * avahi_cups_poll_get() - Get the abstract poll API structure - */ - -#include - -#ifdef HAVE_AVAHI /* Applies to entire file... */ - -/* - * Include necessary headers... - */ - -#include "cupsd.h" - -#if defined(HAVE_MALLOC_H) && defined(HAVE_MALLINFO) -# include -#endif /* HAVE_MALLOC_H && HAVE_MALLINFO */ - -#ifdef HAVE_AVAHI -# include -#endif /* HAVE_AVAHI */ - - -typedef struct -{ - AvahiCupsPoll *cups_poll; - - int fd; - AvahiWatchEvent occurred; - cups_array_t *watches; -} cupsd_watched_fd_t; - -struct AvahiWatch -{ - cupsd_watched_fd_t *watched_fd; - - AvahiWatchEvent events; - AvahiWatchCallback callback; - void *userdata; -}; - -struct AvahiTimeout -{ - AvahiCupsPoll *cups_poll; - AvahiTimeoutCallback callback; - void *userdata; - cupsd_timeout_t *cupsd_timeout; -}; - -/* - * Local functions... - */ - -static AvahiWatch * watch_new(const AvahiPoll *api, - int fd, - AvahiWatchEvent events, - AvahiWatchCallback callback, - void *userdata); -static void watch_free(AvahiWatch *watch); -static void watch_update(AvahiWatch *watch, - AvahiWatchEvent events); -static AvahiWatchEvent watch_get_events(AvahiWatch *watch); - - -/* - * 'watch_read_cb' - Read callback for file descriptor - */ - -static void -watch_read_cb (void *userdata) -{ - AvahiWatch *watch; - cupsd_watched_fd_t *watched_fd = userdata; - watched_fd->occurred |= AVAHI_WATCH_IN; - for (watch = (AvahiWatch *)cupsArrayFirst(watched_fd->watches); - watch; - watch = (AvahiWatch *)cupsArrayNext(watched_fd->watches)) - { - if (watch->events & watched_fd->occurred) - { - (watch->callback) (watch, watched_fd->fd, - AVAHI_WATCH_IN, watch->userdata); - watched_fd->occurred &= ~AVAHI_WATCH_IN; - break; - } - } -} - - -/* - * 'watch_write_cb' - Write callback for file descriptor - */ - -static void -watch_write_cb (void *userdata) -{ - AvahiWatch *watch; - cupsd_watched_fd_t *watched_fd = userdata; - watched_fd->occurred |= AVAHI_WATCH_OUT; - for (watch = (AvahiWatch *)cupsArrayFirst(watched_fd->watches); - watch; - watch = (AvahiWatch *)cupsArrayNext(watched_fd->watches)) - { - if (watch->events & watched_fd->occurred) - { - (watch->callback) (watch, watched_fd->fd, - AVAHI_WATCH_OUT, watch->userdata); - watched_fd->occurred &= ~AVAHI_WATCH_OUT; - break; - } - } -} - - -/* - * 'watched_fd_add_select' - Call cupsdAddSelect() as needed - */ - -static int /* O - Watches? */ -watched_fd_add_select (cupsd_watched_fd_t *watched_fd) -{ - AvahiWatch *watch; - cupsd_selfunc_t read_cb = NULL, write_cb = NULL; - int any_watches = 0; - - for (watch = (AvahiWatch *)cupsArrayFirst(watched_fd->watches); - watch; - watch = (AvahiWatch *)cupsArrayNext(watched_fd->watches)) - { - any_watches = 1; - if (watch->events & (AVAHI_WATCH_IN | - AVAHI_WATCH_ERR | - AVAHI_WATCH_HUP)) - { - read_cb = (cupsd_selfunc_t)watch_read_cb; - if (write_cb != NULL) - break; - } - - if (watch->events & AVAHI_WATCH_OUT) - { - write_cb = (cupsd_selfunc_t)watch_write_cb; - if (read_cb != NULL) - break; - } - } - - if (read_cb || write_cb) - cupsdAddSelect (watched_fd->fd, read_cb, write_cb, watched_fd); - else - cupsdRemoveSelect (watched_fd->fd); - - return (any_watches); -} - -/* - * 'watch_new' - Create a new file descriptor watch - */ - -static AvahiWatch * -watch_new (const AvahiPoll *api, - int fd, - AvahiWatchEvent events, - AvahiWatchCallback callback, - void *userdata) -{ - cupsd_watched_fd_t key, *watched_fd; - AvahiCupsPoll *cups_poll = api->userdata; - AvahiWatch *watch = malloc(sizeof(AvahiWatch)); - if (watch == NULL) - return (NULL); - - watch->events = events; - watch->callback = callback; - watch->userdata = userdata; - - key.fd = fd; - watched_fd = cupsArrayFind (cups_poll->watched_fds, &key); - if (watched_fd == NULL) - { - watched_fd = malloc(sizeof(cupsd_watched_fd_t)); - if (watched_fd == NULL) - { - free (watch); - return (NULL); - } - - watched_fd->fd = fd; - watched_fd->occurred = 0; - watched_fd->cups_poll = cups_poll; - watched_fd->watches = cupsArrayNew (NULL, NULL); - cupsArrayAdd (cups_poll->watched_fds, watched_fd); - } - - watch->watched_fd = watched_fd; - cupsArrayAdd(watched_fd->watches, watch); - watched_fd_add_select (watched_fd); - return (watch); -} - - -/* - * 'watch_free' - Free a file descriptor watch - */ - -static void -watch_free (AvahiWatch *watch) -{ - cupsd_watched_fd_t *watched_fd = watch->watched_fd; - AvahiCupsPoll *cups_poll = watched_fd->cups_poll; - - cupsArrayRemove (watched_fd->watches, watch); - free (watch); - - if (!watched_fd_add_select (watched_fd)) - { - /* No more watches */ - cupsArrayRemove (cups_poll->watched_fds, watched_fd); - free (watched_fd); - } -} - - -/* - * 'watch_update' - Update watched events for a file descriptor - */ - -static void -watch_update (AvahiWatch *watch, - AvahiWatchEvent events) -{ - watch->events = events; - watched_fd_add_select (watch->watched_fd); -} - - -/* - * 'watch_get_events' - Get events that happened for a file descriptor - */ - -static AvahiWatchEvent -watch_get_events (AvahiWatch *watch) -{ - return (watch->watched_fd->occurred); -} - - -/* - * 'timeout_cb()' - Run a timed Avahi callback - */ - -static void -timeout_cb (cupsd_timeout_t *cupsd_timeout, void *userdata) -{ - AvahiTimeout *timeout = userdata; - (timeout->callback) (timeout, timeout->userdata); -} - - -/* - * 'timeout_new' - Set a wakeup time - */ - -static AvahiTimeout * -timeout_new (const AvahiPoll *api, - const struct timeval *tv, - AvahiTimeoutCallback callback, - void *userdata) -{ - AvahiTimeout *timeout; - AvahiCupsPoll *cups_poll = api->userdata; - - timeout = malloc(sizeof(AvahiTimeout)); - if (timeout == NULL) - return (NULL); - - timeout->cups_poll = cups_poll; - timeout->callback = callback; - timeout->userdata = userdata; - timeout->cupsd_timeout = cupsdAddTimeout (tv, - (cupsd_timeoutfunc_t)timeout_cb, - timeout); - cupsArrayAdd (cups_poll->timeouts, timeout); - return (timeout); -} - - -/* - * 'timeout_update' - Update the expiration time for a timeout - */ - -static void -timeout_update (AvahiTimeout *timeout, - const struct timeval *tv) -{ - cupsdUpdateTimeout (timeout->cupsd_timeout, tv); -} - - -/* - * ' timeout_free' - Free a timeout - */ - -static void -timeout_free (AvahiTimeout *timeout) -{ - cupsArrayRemove (timeout->cups_poll->timeouts, timeout); - cupsdRemoveTimeout (timeout->cupsd_timeout); - free (timeout); -} - - -/* - * 'compare_watched_fds' - Compare watched file descriptors for array sorting - */ -static int -compare_watched_fds(cupsd_watched_fd_t *p0, - cupsd_watched_fd_t *p1) -{ - /* - * Compare by fd (no two elements have the same fd) - */ - - if (p0->fd == p1->fd) - return 0; - - return (p0->fd < p1->fd ? -1 : 1); -} - - -/* - * 'avahi_cups_poll_new' - Create a new Avahi main loop object for CUPS - */ - -AvahiCupsPoll * -avahi_cups_poll_new (void) -{ - AvahiCupsPoll *cups_poll = malloc(sizeof(AvahiCupsPoll)); - if (cups_poll == NULL) - return (NULL); - - cups_poll->watched_fds = cupsArrayNew ((cups_array_func_t)compare_watched_fds, - NULL); - cups_poll->timeouts = cupsArrayNew (NULL, NULL); - - cups_poll->api.userdata = cups_poll; - cups_poll->api.watch_new = watch_new; - cups_poll->api.watch_free = watch_free; - cups_poll->api.watch_update = watch_update; - cups_poll->api.watch_get_events = watch_get_events; - - cups_poll->api.timeout_new = timeout_new; - cups_poll->api.timeout_update = timeout_update; - cups_poll->api.timeout_free = timeout_free; - - return (cups_poll); -} - - -/* - * 'avahi_cups_poll_free' - Free an Avahi main loop object for CUPS - */ -void -avahi_cups_poll_free (AvahiCupsPoll *cups_poll) -{ - cupsd_watched_fd_t *watched_fd; - - for (watched_fd = (cupsd_watched_fd_t*)cupsArrayFirst(cups_poll->watched_fds); - watched_fd; - watched_fd = (cupsd_watched_fd_t*)cupsArrayNext(cups_poll->watched_fds)) - cupsArrayClear (watched_fd->watches); - - cupsArrayClear (cups_poll->watched_fds); - cupsArrayClear (cups_poll->timeouts); -} - - -/* - * 'avahi_cups_poll_get' - Get the abstract poll API structure - */ - -const AvahiPoll * -avahi_cups_poll_get (AvahiCupsPoll *cups_poll) -{ - return (&cups_poll->api); -} - - -#endif /* HAVE_AVAHI ... from top of file */ - -/* - * End of "$Id$". - */ diff --git a/scheduler/avahi.h b/scheduler/avahi.h deleted file mode 100644 index d92049d..0000000 --- a/scheduler/avahi.h +++ /dev/null @@ -1,69 +0,0 @@ -/* - * "$Id$" - * - * Avahi poll implementation for the CUPS scheduler. - * - * Copyright (C) 2010, 2011 Red Hat, Inc. - * Authors: - * Tim Waugh - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include - -#ifdef HAVE_AVAHI -# include -# include -#endif /* HAVE_AVAHI */ - -#ifdef HAVE_AUTHORIZATION_H -# include -#endif /* HAVE_AUTHORIZATION_H */ - - -#ifdef HAVE_AVAHI -typedef struct -{ - AvahiPoll api; - cups_array_t *watched_fds; - cups_array_t *timeouts; -} AvahiCupsPoll; -#endif /* HAVE_AVAHI */ - -/* - * Prototypes... - */ - -#ifdef HAVE_AVAHI -extern AvahiCupsPoll * avahi_cups_poll_new(void); -extern void avahi_cups_poll_free(AvahiCupsPoll *cups_poll); -extern const AvahiPoll *avahi_cups_poll_get(AvahiCupsPoll *cups_poll); -#endif /* HAVE_AVAHI */ - - -/* - * End of "$Id$". - */ diff --git a/scheduler/banners.c b/scheduler/banners.c index 5f2fb13..171b015 100644 --- a/scheduler/banners.c +++ b/scheduler/banners.c @@ -100,8 +100,6 @@ cupsdLoadBanners(const char *d) /* I - Directory to search */ if ((ext = strrchr(dent->filename, '.')) != NULL) if (!strcmp(ext, ".bck") || !strcmp(ext, ".bak") || - !strcmp(ext, ".rpmnew") || - !strcmp(ext, ".rpmsave") || !strcmp(ext, ".sav")) continue; diff --git a/scheduler/client.c b/scheduler/client.c index c71b9e5..d628dc6 100644 --- a/scheduler/client.c +++ b/scheduler/client.c @@ -22,20 +22,12 @@ #define _HTTP_NO_PRIVATE #include "cupsd.h" -#ifndef _GNU_SOURCE -#define _GNU_SOURCE -#endif /* !defined(_GNU_SOURCE) */ #ifdef __APPLE__ # include #endif /* __APPLE__ */ #ifdef HAVE_TCPD_H # include #endif /* HAVE_TCPD_H */ -#ifdef WITH_LSPP -# include -# include -# include -#endif /* WITH_LSPP */ /* @@ -276,59 +268,6 @@ cupsdAcceptClient(cupsd_listener_t *lis)/* I - Listener socket */ } #endif /* HAVE_TCPD_H */ -#ifdef WITH_LSPP - if (is_lspp_config()) - { - struct ucred cr; - unsigned int cl=sizeof(cr); - - if (getsockopt(httpGetFd(con->http), SOL_SOCKET, SO_PEERCRED, &cr, &cl) == 0) - { - /* - * client_pid_to_auid() can be racey - * In this case the pid is based on a socket connected to the client - */ - if ((con->auid = client_pid_to_auid(cr.pid)) == -1) - { - httpClose(con->http); - cupsdLogClient(con, CUPSD_LOG_ERROR, - "Unable to determine client auid for client pid=%d", - cr.pid); - free(con); - return; - } - cupsdLogClient(con, CUPSD_LOG_INFO, - "peer's pid=%d, uid=%d, gid=%d, auid=%d", - cr.pid, cr.uid, cr.gid, con->auid); - } - else - { - httpClose(con->http); - cupsdLogClient(con, CUPSD_LOG_ERROR, "getsockopt() failed"); - free(con); - return; - } - - /* - * get the context of the peer connection - */ - if (getpeercon(httpGetFd(con->http), &con->scon)) - { - httpClose(con->http); - cupsdLogClient(con, CUPSD_LOG_ERROR, "getpeercon() failed"); - free(con); - return; - } - - cupsdLogClient(con, CUPSD_LOG_INFO, "client context=%s", con->scon); - } - else - { - cupsdLogClient(con, CUPSD_LOG_DEBUG, "skipping getpeercon()"); - cupsdSetString(&con->scon, UNKNOWN_SL); - } -#endif /* WITH_LSPP */ - #ifdef AF_LOCAL if (httpAddrFamily(httpGetAddress(con->http)) == AF_LOCAL) { @@ -623,30 +562,12 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */ mime_type_t *type; /* MIME type of file */ cupsd_printer_t *p; /* Printer */ static unsigned request_id = 0; /* Request ID for temp files */ -#ifdef WITH_LSPP - security_context_t spoolcon; /* context of the job file */ - context_t clicon; /* contex_t container for con->scon */ - context_t tmpcon; /* temp context to swap the level */ - char *clirange; /* SELinux sensitivity range */ - char *cliclearance; /* SELinux low end clearance */ -#endif /* WITH_LSPP */ status = HTTP_STATUS_CONTINUE; cupsdLogClient(con, CUPSD_LOG_DEBUG2, "cupsdReadClient: error=%d, used=%d, state=%s, data_encoding=HTTP_ENCODING_%s, data_remaining=" CUPS_LLFMT ", request=%p(%s), file=%d", httpError(con->http), (int)httpGetReady(con->http), httpStateString(httpGetState(con->http)), httpIsChunked(con->http) ? "CHUNKED" : "LENGTH", CUPS_LLCAST httpGetRemaining(con->http), con->request, con->request ? ippStateString(ippGetState(con->request)) : "", con->file); - if (httpError(con->http) == EPIPE && !httpGetReady(con->http) && recv(httpGetFd(con->http), buf, 1, MSG_PEEK) < 1) - { - /* - * Connection closed... - */ - - cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing on EOF."); - cupsdCloseClient(con); - return; - } - if (httpGetState(con->http) == HTTP_STATE_GET_SEND || httpGetState(con->http) == HTTP_STATE_POST_SEND || httpGetState(con->http) == HTTP_STATE_STATUS) @@ -656,6 +577,17 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */ * connection and we need to shut it down... */ + if (!httpGetReady(con->http) && recv(httpGetFd(con->http), buf, 1, MSG_PEEK) < 1) + { + /* + * Connection closed... + */ + + cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing on EOF."); + cupsdCloseClient(con); + return; + } + cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing on unexpected HTTP read state %s.", httpStateString(httpGetState(con->http))); cupsdCloseClient(con); return; @@ -1011,6 +943,8 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */ } httpClearFields(con->http); + httpSetField(con->http, HTTP_FIELD_ALLOW, + "GET, HEAD, OPTIONS, POST, PUT"); httpSetField(con->http, HTTP_FIELD_CONTENT_LENGTH, "0"); if (!cupsdSendHeader(con, HTTP_STATUS_OK, NULL, CUPSD_AUTH_NONE)) @@ -1992,73 +1926,6 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */ fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC); } -#ifdef WITH_LSPP - if (strncmp(con->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) != 0) - { - if (getfilecon(con->filename, &spoolcon) == -1) - { - cupsdSendError(con, HTTP_STATUS_SERVER_ERROR, CUPSD_AUTH_NONE); - cupsdCloseClient(con); - return; - } - clicon = context_new(con->scon); - tmpcon = context_new(spoolcon); - freecon(spoolcon); - if (!clicon || !tmpcon) - { - cupsdSendError(con, HTTP_STATUS_SERVER_ERROR, CUPSD_AUTH_NONE); - if (clicon) - context_free(clicon); - if (tmpcon) - context_free(tmpcon); - cupsdCloseClient(con); - return; - } - clirange = (char *) context_range_get(clicon); - if (clirange) - { - clirange = strdup(clirange); - if ((cliclearance = strtok(clirange, "-")) != NULL) - { - if (context_range_set(tmpcon, cliclearance) == -1) - { - cupsdSendError(con, HTTP_STATUS_SERVER_ERROR, CUPSD_AUTH_NONE); - free(clirange); - context_free(tmpcon); - context_free(clicon); - cupsdCloseClient(con); - return; - } - } - else - { - if (context_range_set(tmpcon, (context_range_get(clicon))) == -1) - { - cupsdSendError(con, HTTP_STATUS_SERVER_ERROR, CUPSD_AUTH_NONE); - free(clirange); - context_free(tmpcon); - context_free(clicon); - cupsdCloseClient(con); - return; - } - } - free(clirange); - } - if (setfilecon(con->filename, context_str(tmpcon)) == -1) - { - cupsdSendError(con, HTTP_STATUS_SERVER_ERROR, CUPSD_AUTH_NONE); - context_free(tmpcon); - context_free(clicon); - cupsdCloseClient(con); - return; - } - cupsdLogClient(con, CUPSD_LOG_DEBUG2, "%s set to %s", - con->filename, context_str(tmpcon)); - context_free(tmpcon); - context_free(clicon); - } -#endif /* WITH_LSPP */ - if (httpGetState(con->http) != HTTP_STATE_POST_SEND) { if (!httpWait(con->http, 0)) @@ -2330,7 +2197,6 @@ cupsdSendError(cupsd_client_t *con, /* I - Connection */ strlcpy(location, httpGetField(con->http, HTTP_FIELD_LOCATION), sizeof(location)); httpClearFields(con->http); - httpClearCookie(con->http); httpSetField(con->http, HTTP_FIELD_LOCATION, location); @@ -3590,49 +3456,6 @@ is_path_absolute(const char *path) /* I - Input path */ return (1); } -#ifdef WITH_LSPP -/* - * 'client_pid_to_auid()' - Using the client's pid, read /proc and determine the loginuid. - */ - -uid_t client_pid_to_auid(pid_t clipid) -{ - uid_t uid; - int len, in; - char buf[16] = {0}; - char fname[32] = {0}; - - - /* - * Hopefully this pid is still the one we are interested in. - */ - snprintf(fname, 32, "/proc/%d/loginuid", clipid); - in = open(fname, O_NOFOLLOW|O_RDONLY); - - if (in < 0) - return (uid_t) -1; - - errno = 0; - - do { - len = read(in, buf, sizeof(buf)); - } while (len < 0 && errno == EINTR); - - close(in); - - if (len < 0 || len >= sizeof(buf)) - return (uid_t) -1; - - errno = 0; - buf[len] = 0; - uid = strtol(buf, 0, 10); - - if (errno != 0) - return (uid_t) -1; - else - return uid; -} -#endif /* WITH_LSPP */ /* * 'pipe_command()' - Pipe the output of a command to the remote client. diff --git a/scheduler/client.h b/scheduler/client.h index 318a9aa..b26d04c 100644 --- a/scheduler/client.h +++ b/scheduler/client.h @@ -16,13 +16,6 @@ #endif /* HAVE_AUTHORIZATION_H */ -/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */ -/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */ - -#ifdef WITH_LSPP -#include -#endif /* WITH_LSPP */ - /* * HTTP client structure... */ @@ -72,10 +65,6 @@ struct cupsd_client_s #ifdef HAVE_AUTHORIZATION_H AuthorizationRef authref; /* Authorization ref */ #endif /* HAVE_AUTHORIZATION_H */ -#ifdef WITH_LSPP - security_context_t scon; /* Security context of connection */ - uid_t auid; /* Audit loginuid of the client */ -#endif /* WITH_LSPP */ }; #define HTTP(con) ((con)->http) @@ -149,9 +138,6 @@ extern void cupsdStartListening(void); extern void cupsdStopListening(void); extern void cupsdUpdateCGI(void); extern void cupsdWriteClient(cupsd_client_t *con); -#ifdef WITH_LSPP -extern uid_t client_pid_to_auid(pid_t clipid); -#endif /* WITH_LSPP */ #ifdef HAVE_SSL extern int cupsdEndTLS(cupsd_client_t *con); diff --git a/scheduler/conf.c b/scheduler/conf.c index 1495aee..bc52d2a 100644 --- a/scheduler/conf.c +++ b/scheduler/conf.c @@ -40,9 +40,6 @@ # define INADDR_NONE 0xffffffff #endif /* !INADDR_NONE */ -#ifdef WITH_LSPP -# include -#endif /* WITH_LSPP */ /* * Configuration variable structure... @@ -134,10 +131,6 @@ static const cupsd_var_t cupsd_vars[] = { "ServerName", &ServerName, CUPSD_VARTYPE_STRING }, { "StrictConformance", &StrictConformance, CUPSD_VARTYPE_BOOLEAN }, { "Timeout", &Timeout, CUPSD_VARTYPE_TIME }, -#ifdef WITH_LSPP - { "AuditLog", &AuditLog, CUPSD_VARTYPE_INTEGER }, - { "PerPageLabels", &PerPageLabels, CUPSD_VARTYPE_BOOLEAN }, -#endif /* WITH_LSPP */ { "WebInterface", &WebInterface, CUPSD_VARTYPE_BOOLEAN } }; static const cupsd_var_t cupsfiles_vars[] = @@ -551,9 +544,6 @@ cupsdReadConfiguration(void) const char *tmpdir; /* TMPDIR environment variable */ struct stat tmpinfo; /* Temporary directory info */ cupsd_policy_t *p; /* Policy */ -#ifdef WITH_LSPP - char *audit_message; /* Audit message string */ -#endif /* WITH_LSPP */ /* @@ -586,9 +576,6 @@ cupsdReadConfiguration(void) cupsdClearString(&ServerName); cupsdClearString(&ServerAdmin); cupsdSetString(&ServerBin, CUPS_SERVERBIN); -#ifdef __x86_64__ - cupsdSetString(&ServerBin_compat, "/usr/lib64/cups"); -#endif /* __x86_64__ */ cupsdSetString(&RequestRoot, CUPS_REQUESTS); cupsdSetString(&CacheDir, CUPS_CACHEDIR); cupsdSetString(&DataDir, CUPS_DATADIR); @@ -630,7 +617,7 @@ cupsdReadConfiguration(void) cupsdSetString(&ServerKeychain, "/Library/Keychains/System.keychain"); # endif /* HAVE_GNUTLS */ - _httpTLSSetOptions(_HTTP_TLS_NONE, _HTTP_TLS_1_0, _HTTP_TLS_MAX); + _httpTLSSetOptions(0); #endif /* HAVE_SSL */ language = cupsLangDefault(); @@ -748,7 +735,7 @@ cupsdReadConfiguration(void) RootCertDuration = 300; Sandboxing = CUPSD_SANDBOXING_STRICT; StrictConformance = FALSE; - SyncOnClose = TRUE; + SyncOnClose = FALSE; Timeout = DEFAULT_TIMEOUT; WebInterface = CUPS_DEFAULT_WEBIF; @@ -876,25 +863,6 @@ cupsdReadConfiguration(void) RunUser = getuid(); -#ifdef WITH_LSPP - if (AuditLog != -1) - { - /* - * ClassifyOverride is set during read_configuration, if its ON, report it now - */ - if (ClassifyOverride) - audit_log_user_message(AuditLog, AUDIT_USYS_CONFIG, - "[Config] ClassifyOverride=enabled Users can override print banners", - ServerName, NULL, NULL, 1); - /* - * PerPageLabel is set during read_configuration, if its OFF, report it now - */ - if (!PerPageLabels) - audit_log_user_message(AuditLog, AUDIT_USYS_CONFIG, - "[Config] PerPageLabels=disabled", ServerName, NULL, NULL, 1); - } -#endif /* WITH_LSPP */ - cupsdLogMessage(CUPSD_LOG_INFO, "Remote access is %s.", RemotePort ? "enabled" : "disabled"); @@ -1306,19 +1274,7 @@ cupsdReadConfiguration(void) cupsdClearString(&Classification); if (Classification) - { cupsdLogMessage(CUPSD_LOG_INFO, "Security set to \"%s\"", Classification); -#ifdef WITH_LSPP - if (AuditLog != -1) - { - audit_message = NULL; - cupsdSetStringf(&audit_message, "[Config] Classification=%s", Classification); - audit_log_user_message(AuditLog, AUDIT_LABEL_LEVEL_CHANGE, audit_message, - ServerName, NULL, NULL, 1); - cupsdClearString(&audit_message); - } -#endif /* WITH_LSPP */ - } /* * Check the MaxClients setting, and then allocate memory for it... @@ -1575,12 +1531,7 @@ cupsdReadConfiguration(void) * Read the MIME type and conversion database... */ -#ifdef __x86_64__ - snprintf(temp, sizeof(temp), "%s/filter:%s/filter", ServerBin, - ServerBin_compat); -#else snprintf(temp, sizeof(temp), "%s/filter", ServerBin); -#endif snprintf(mimedir, sizeof(mimedir), "%s/mime", DataDir); MimeDatabase = mimeNew(); @@ -2965,10 +2916,13 @@ read_cupsd_conf(cups_file_t *fp) /* I - File to read from */ /* Line from file */ temp[HTTP_MAX_BUFFER], /* Temporary buffer for value */ - *value; /* Pointer to value */ + *value, /* Pointer to value */ + *valueptr; /* Pointer into value */ int valuelen; /* Length of value */ http_addrlist_t *addrlist, /* Address list */ *addr; /* Current address */ + cups_file_t *incfile; /* Include file */ + char incname[1024]; /* Include filename */ /* @@ -2983,7 +2937,28 @@ read_cupsd_conf(cups_file_t *fp) /* I - File to read from */ * Decode the directive... */ - if (!_cups_strcasecmp(line, " @@ -3024,9 +2999,7 @@ read_cupsd_conf(cups_file_t *fp) /* I - File to read from */ * SSLOptions [AllowRC4] [AllowSSL3] [AllowDH] [DenyCBC] [DenyTLS1.0] [None] */ - int options = _HTTP_TLS_NONE,/* SSL/TLS options */ - min_version = _HTTP_TLS_1_0, - max_version = _HTTP_TLS_MAX; + int options = 0; /* SSL/TLS options */ if (value) { @@ -3050,40 +3023,24 @@ read_cupsd_conf(cups_file_t *fp) /* I - File to read from */ * Compare... */ - if (!_cups_strcasecmp(start, "AllowRC4")) + if (!_cups_strcasecmp(start, "AllowRC4")) options |= _HTTP_TLS_ALLOW_RC4; - else if (!_cups_strcasecmp(start, "AllowSSL3")) - min_version = _HTTP_TLS_SSL3; + else if (!_cups_strcasecmp(start, "AllowSSL3")) + options |= _HTTP_TLS_ALLOW_SSL3; else if (!_cups_strcasecmp(start, "AllowDH")) options |= _HTTP_TLS_ALLOW_DH; else if (!_cups_strcasecmp(start, "DenyCBC")) options |= _HTTP_TLS_DENY_CBC; else if (!_cups_strcasecmp(start, "DenyTLS1.0")) - min_version = _HTTP_TLS_1_1; - else if (!_cups_strcasecmp(start, "MaxTLS1.0")) - max_version = _HTTP_TLS_1_0; - else if (!_cups_strcasecmp(start, "MaxTLS1.1")) - max_version = _HTTP_TLS_1_1; - else if (!_cups_strcasecmp(start, "MaxTLS1.2")) - max_version = _HTTP_TLS_1_2; - else if (!_cups_strcasecmp(start, "MaxTLS1.3")) - max_version = _HTTP_TLS_1_3; - else if (!_cups_strcasecmp(start, "MinTLS1.0")) - min_version = _HTTP_TLS_1_0; - else if (!_cups_strcasecmp(start, "MinTLS1.1")) - min_version = _HTTP_TLS_1_1; - else if (!_cups_strcasecmp(start, "MinTLS1.2")) - min_version = _HTTP_TLS_1_2; - else if (!_cups_strcasecmp(start, "MinTLS1.3")) - min_version = _HTTP_TLS_1_3; - else if (!_cups_strcasecmp(start, "None")) - options = _HTTP_TLS_NONE; + options |= _HTTP_TLS_DENY_TLS10; + else if (!_cups_strcasecmp(start, "None")) + options = 0; else if (_cups_strcasecmp(start, "NoEmptyFragments")) cupsdLogMessage(CUPSD_LOG_WARN, "Unknown SSL option %s at line %d.", start, linenum); } } - _httpTLSSetOptions(options, min_version, max_version); + _httpTLSSetOptions(options); } #endif /* HAVE_SSL */ else if ((!_cups_strcasecmp(line, "Port") || !_cups_strcasecmp(line, "Listen") @@ -3379,6 +3336,31 @@ read_cupsd_conf(cups_file_t *fp) /* I - File to read from */ cupsdLogMessage(CUPSD_LOG_WARN, "Unknown ServerTokens %s on line %d of %s.", value, linenum, ConfigurationFile); } + else if (!_cups_strcasecmp(line, "PassEnv") && value) + { + /* + * PassEnv variable [... variable] + */ + + for (; *value;) + { + for (valuelen = 0; value[valuelen]; valuelen ++) + if (_cups_isspace(value[valuelen]) || value[valuelen] == ',') + break; + + if (value[valuelen]) + { + value[valuelen] = '\0'; + valuelen ++; + } + + cupsdSetEnv(value, NULL); + + for (value += valuelen; *value; value ++) + if (!_cups_isspace(*value) || *value != ',') + break; + } + } else if (!_cups_strcasecmp(line, "ServerAlias") && value) { /* @@ -3407,6 +3389,30 @@ read_cupsd_conf(cups_file_t *fp) /* I - File to read from */ break; } } + else if (!_cups_strcasecmp(line, "SetEnv") && value) + { + /* + * SetEnv variable value + */ + + for (valueptr = value; *valueptr && !isspace(*valueptr & 255); valueptr ++); + + if (*valueptr) + { + /* + * Found a value... + */ + + while (isspace(*valueptr & 255)) + *valueptr++ = '\0'; + + cupsdSetEnv(value, valueptr); + } + else + cupsdLogMessage(CUPSD_LOG_ERROR, + "Missing value for SetEnv directive on line %d of %s.", + linenum, ConfigurationFile); + } else if (!_cups_strcasecmp(line, "AccessLog") || !_cups_strcasecmp(line, "CacheDir") || !_cups_strcasecmp(line, "ConfigFilePerm") || @@ -3420,7 +3426,6 @@ read_cupsd_conf(cups_file_t *fp) /* I - File to read from */ !_cups_strcasecmp(line, "LogFilePerm") || !_cups_strcasecmp(line, "LPDConfigFile") || !_cups_strcasecmp(line, "PageLog") || - !_cups_strcasecmp(line, "PassEnv") || !_cups_strcasecmp(line, "Printcap") || !_cups_strcasecmp(line, "PrintcapFormat") || !_cups_strcasecmp(line, "RemoteRoot") || @@ -3430,7 +3435,6 @@ read_cupsd_conf(cups_file_t *fp) /* I - File to read from */ !_cups_strcasecmp(line, "ServerKey") || !_cups_strcasecmp(line, "ServerKeychain") || !_cups_strcasecmp(line, "ServerRoot") || - !_cups_strcasecmp(line, "SetEnv") || !_cups_strcasecmp(line, "SMBConfigFile") || !_cups_strcasecmp(line, "StateDir") || !_cups_strcasecmp(line, "SystemGroup") || @@ -3460,49 +3464,10 @@ read_cupsd_conf(cups_file_t *fp) /* I - File to read from */ static int /* O - 1 on success, 0 on failure */ read_cups_files_conf(cups_file_t *fp) /* I - File to read from */ { - int i, /* Looping var */ - linenum; /* Current line number */ + int linenum; /* Current line number */ char line[HTTP_MAX_BUFFER], /* Line from file */ *value; /* Value from line */ struct group *group; /* Group */ - static const char * const prohibited_env[] = - { /* Prohibited environment variables */ - "APPLE_LANGUAGE", - "AUTH_DOMAIN", - "AUTH_INFO_REQUIRED", - "AUTH_NEGOTIATE", - "AUTH_PASSWORD", - "AUTH_UID", - "AUTH_USERNAME", - "CHARSET", - "CLASS", - "CLASSIFICATION", - "CONTENT_TYPE", - "CUPS_CACHEDIR", - "CUPS_DATADIR", - "CUPS_DOCROOT", - "CUPS_FILETYPE", - "CUPS_FONTPATH", - "CUPS_MAX_MESSAGE", - "CUPS_REQUESTROOT", - "CUPS_SERVERBIN", - "CUPS_SERVERROOT", - "CUPS_STATEDIR", - "DEVICE_URI", - "FINAL_CONTENT_TYPE", - "HOME", - "LANG", - "PPD", - "PRINTER", - "PRINTER_INFO", - "PRINTER_LOCATION", - "PRINTER_STATE_REASONS", - "RIP_CACHE", - "SERVER_ADMIN", - "SOFTWARE", - "TMPDIR", - "USER" - }; /* @@ -3540,47 +3505,6 @@ read_cups_files_conf(cups_file_t *fp) /* I - File to read from */ } } } - else if (!_cups_strcasecmp(line, "PassEnv") && value) - { - /* - * PassEnv variable [... variable] - */ - - int valuelen; /* Length of variable name */ - - for (; *value;) - { - for (valuelen = 0; value[valuelen]; valuelen ++) - if (_cups_isspace(value[valuelen]) || value[valuelen] == ',') - break; - - if (value[valuelen]) - { - value[valuelen] = '\0'; - valuelen ++; - } - - for (i = 0; i < (int)(sizeof(prohibited_env) / sizeof(prohibited_env[0])); i ++) - { - if (!strcmp(value, prohibited_env[i])) - { - cupsdLogMessage(CUPSD_LOG_ERROR, "Environment variable \"%s\" cannot be passed through on line %d of %s.", value, linenum, CupsFilesFile); - - if (FatalErrors & CUPSD_FATAL_CONFIG) - return (0); - else - break; - } - } - - if (i >= (int)(sizeof(prohibited_env) / sizeof(prohibited_env[0]))) - cupsdSetEnv(value, NULL); - - for (value += valuelen; *value; value ++) - if (!_cups_isspace(*value) || *value != ',') - break; - } - } else if (!_cups_strcasecmp(line, "PrintcapFormat") && value) { /* @@ -3626,46 +3550,6 @@ read_cups_files_conf(cups_file_t *fp) /* I - File to read from */ return (0); } } - else if (!_cups_strcasecmp(line, "SetEnv") && value) - { - /* - * SetEnv variable value - */ - - char *valueptr; /* Pointer to environment variable value */ - - for (valueptr = value; *valueptr && !isspace(*valueptr & 255); valueptr ++); - - if (*valueptr) - { - /* - * Found a value... - */ - - while (isspace(*valueptr & 255)) - *valueptr++ = '\0'; - - for (i = 0; i < (int)(sizeof(prohibited_env) / sizeof(prohibited_env[0])); i ++) - { - if (!strcmp(value, prohibited_env[i])) - { - cupsdLogMessage(CUPSD_LOG_ERROR, "Environment variable \"%s\" cannot be set on line %d of %s.", value, linenum, CupsFilesFile); - - if (FatalErrors & CUPSD_FATAL_CONFIG) - return (0); - else - break; - } - } - - if (i >= (int)(sizeof(prohibited_env) / sizeof(prohibited_env[0]))) - cupsdSetEnv(value, valueptr); - } - else - cupsdLogMessage(CUPSD_LOG_ERROR, - "Missing value for SetEnv directive on line %d of %s.", - linenum, ConfigurationFile); - } else if (!_cups_strcasecmp(line, "SystemGroup") && value) { /* @@ -3869,18 +3753,6 @@ read_location(cups_file_t *fp, /* I - Configuration file */ return ((FatalErrors & CUPSD_FATAL_CONFIG) ? 0 : linenum); } -#ifdef WITH_LSPP -int is_lspp_config() -{ - if (Classification != NULL) - return ((_cups_strcasecmp(Classification, MLS_CONFIG) == 0) - || (_cups_strcasecmp(Classification, TE_CONFIG) == 0) - || (_cups_strcasecmp(Classification, SELINUX_CONFIG) == 0)); - else - return 0; -} -#endif /* WITH_LSPP */ - /* * 'read_policy()' - Read a definition. diff --git a/scheduler/conf.h b/scheduler/conf.h index 1d41792..873c370 100644 --- a/scheduler/conf.h +++ b/scheduler/conf.h @@ -106,10 +106,6 @@ VAR char *ConfigurationFile VALUE(NULL), /* Root directory for scheduler */ *ServerBin VALUE(NULL), /* Root directory for binaries */ -#ifdef __x86_64__ - *ServerBin_compat VALUE(NULL), - /* Compat directory for binaries */ -#endif /* __x86_64__ */ *StateDir VALUE(NULL), /* Root directory for state data */ *RequestRoot VALUE(NULL), @@ -250,13 +246,6 @@ VAR char *ServerKeychain VALUE(NULL); /* Keychain holding cert + key */ #endif /* HAVE_SSL */ -#ifdef WITH_LSPP -VAR int AuditLog VALUE(-1), - /* File descriptor for audit */ - PerPageLabels VALUE(TRUE); - /* Put the label on each page */ -#endif /* WITH_LSPP */ - #ifdef HAVE_ONDEMAND VAR int IdleExitTimeout VALUE(60); /* Time after which an idle cupsd will exit */ @@ -275,9 +264,6 @@ VAR int HaveServerCreds VALUE(0); VAR gss_cred_id_t ServerCreds; /* Server's GSS credentials */ #endif /* HAVE_GSSAPI */ -#ifdef WITH_LSPP -extern int is_lspp_config(void); -#endif /* WITH_LSPP */ /* * Prototypes... diff --git a/scheduler/cups-driverd.cxx b/scheduler/cups-driverd.cxx index 6a8f2ef..9030911 100644 --- a/scheduler/cups-driverd.cxx +++ b/scheduler/cups-driverd.cxx @@ -157,7 +157,7 @@ static ppd_info_t *add_ppd(const char *filename, const char *name, size_t size, int model_number, int type, const char *scheme); static int cat_drv(const char *name, int request_id); -static void cat_ppd(const char *name, int request_id); +static int cat_ppd(const char *name, int request_id); static int cat_static(const char *name, int request_id); static int cat_tar(const char *name, int request_id); static int compare_inodes(struct stat *a, struct stat *b); @@ -167,12 +167,12 @@ static int compare_names(const ppd_info_t *p0, const ppd_info_t *p1); static int compare_ppds(const ppd_info_t *p0, const ppd_info_t *p1); -static void dump_ppds_dat(const char *filename); +static int dump_ppds_dat(const char *filename); static void free_array(cups_array_t *a); static cups_file_t *get_file(const char *name, int request_id, const char *subdir, char *buffer, size_t bufsize, char **subfile); -static void list_ppds(int request_id, int limit, const char *opt); +static int list_ppds(int request_id, int limit, const char *opt); static int load_drivers(cups_array_t *include, cups_array_t *exclude); static int load_drv(const char *filename, const char *name, @@ -208,13 +208,13 @@ main(int argc, /* I - Number of command-line args */ */ if (argc == 3 && !strcmp(argv[1], "cat")) - cat_ppd(argv[2], 0); + return (cat_ppd(argv[2], 0)); else if ((argc == 2 || argc == 3) && !strcmp(argv[1], "dump")) - dump_ppds_dat(argv[2]); + return (dump_ppds_dat(argv[2])); else if (argc == 4 && !strcmp(argv[1], "get")) - cat_ppd(argv[3], atoi(argv[2])); + return (cat_ppd(argv[3], atoi(argv[2]))); else if (argc == 5 && !strcmp(argv[1], "list")) - list_ppds(atoi(argv[2]), atoi(argv[3]), argv[4]); + return (list_ppds(atoi(argv[2]), atoi(argv[3]), argv[4])); else { fputs("Usage: cups-driverd cat ppd-name\n", stderr); @@ -432,7 +432,7 @@ cat_drv(const char *name, /* I - PPD name */ * 'cat_ppd()' - Copy a PPD file to stdout. */ -static void +static int /* O - Exit code */ cat_ppd(const char *name, /* I - PPD name */ int request_id) /* I - Request ID for response? */ { @@ -449,7 +449,7 @@ cat_ppd(const char *name, /* I - PPD name */ if (strstr(name, "../")) { fputs("ERROR: Invalid PPD name.\n", stderr); - exit(1); + return (1); } strlcpy(scheme, name, sizeof(scheme)); @@ -479,11 +479,11 @@ cat_ppd(const char *name, /* I - PPD name */ puts("Content-Type: application/ipp\n"); if (!scheme[0]) - exit(cat_static(name, request_id)); + return (cat_static(name, request_id)); else if (!strcmp(scheme, "drv")) - exit(cat_drv(name, request_id)); + return (cat_drv(name, request_id)); else if (!strcmp(scheme, "file")) - exit(cat_tar(name, request_id)); + return (cat_tar(name, request_id)); else { /* @@ -521,7 +521,7 @@ cat_ppd(const char *name, /* I - PPD name */ cupsdSendIPPTrailer(); } - exit(1); + return (1); } /* @@ -551,15 +551,15 @@ cat_ppd(const char *name, /* I - PPD name */ fprintf(stderr, "ERROR: [cups-driverd] Unable to execute \"%s\" - %s\n", line, strerror(errno)); - exit(1); + return (1); } } /* - * Exit with no errors... + * Return with no errors... */ - exit(0); + return (0); } @@ -782,7 +782,7 @@ compare_ppds(const ppd_info_t *p0, /* I - First PPD file */ * 'dump_ppds_dat()' - Dump the contents of the ppds.dat file. */ -static void +static int /* O - Exit status */ dump_ppds_dat(const char *filename) /* I - Filename */ { char temp[1024]; /* ppds.dat filename */ @@ -814,7 +814,7 @@ dump_ppds_dat(const char *filename) /* I - Filename */ ppd->record.make_and_model, ppd->record.device_id, ppd->record.scheme); - exit(0); + return (0); } @@ -1008,7 +1008,7 @@ get_file(const char *name, /* I - Name */ * 'list_ppds()' - List PPD files. */ -static void +static int /* O - Exit code */ list_ppds(int request_id, /* I - Request ID */ int limit, /* I - Limit */ const char *opt) /* I - Option argument */ @@ -1570,7 +1570,7 @@ list_ppds(int request_id, /* I - Request ID */ if (request_id) cupsdSendIPPTrailer(); - exit(0); + return (0); } diff --git a/scheduler/cupsd.h b/scheduler/cupsd.h index 97d0e2c..ad37bee 100644 --- a/scheduler/cupsd.h +++ b/scheduler/cupsd.h @@ -11,8 +11,6 @@ * file is missing or damaged, see the license at "http://www.cups.org/". */ -/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */ -/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */ /* * Include necessary headers. @@ -38,20 +36,13 @@ # include #endif /* WIN32 */ -#include "config.h" -#ifdef WITH_LSPP -# define MLS_CONFIG "mls" -# define TE_CONFIG "te" -# define SELINUX_CONFIG "SELinux" -# define UNKNOWN_SL "UNKNOWN SL" -#endif /* WITH_LSPP */ - #include "mime.h" #if defined(HAVE_CDSASSL) # include #endif /* HAVE_CDSASSL */ + /* * Some OS's don't have hstrerror(), most notably Solaris... */ @@ -127,7 +118,6 @@ extern const char *cups_hstrerror(int); #include "colorman.h" #include "conf.h" #include "banners.h" -#include "avahi.h" #include "dirsvc.h" #include "network.h" #include "subscriptions.h" @@ -148,15 +138,6 @@ extern const char *cups_hstrerror(int); typedef void (*cupsd_selfunc_t)(void *data); -#ifdef HAVE_AVAHI -/* - * Timeout callback function type... - */ - -typedef struct _cupsd_timeout_s cupsd_timeout_t; -typedef void (*cupsd_timeoutfunc_t)(cupsd_timeout_t *timeout, void *data); -#endif /* HAVE_AVAHI */ - /* * Globals... @@ -181,9 +162,6 @@ VAR int OnDemand VALUE(0); /* Launched on demand */ #endif /* HAVE_ONDEMAND */ -#ifdef HAVE_AVAHI -VAR cups_array_t *Timeouts; /* Timed callbacks for main loop */ -#endif /* HAVE_AVAHI */ /* * Prototypes... @@ -246,15 +224,3 @@ extern void cupsdStopSelect(void); /* server.c */ extern void cupsdStartServer(void); extern void cupsdStopServer(void); - -#ifdef HAVE_AVAHI -extern void cupsdInitTimeouts(void); -extern cupsd_timeout_t *cupsdAddTimeout (const struct timeval *tv, - cupsd_timeoutfunc_t cb, - void *data); -extern cupsd_timeout_t *cupsdNextTimeout (long *delay); -extern void cupsdRunTimeout (cupsd_timeout_t *timeout); -extern void cupsdUpdateTimeout (cupsd_timeout_t *timeout, - const struct timeval *tv); -extern void cupsdRemoveTimeout (cupsd_timeout_t *timeout); -#endif /* HAVE_AVAHI */ \ No newline at end of file diff --git a/scheduler/dirsvc.c b/scheduler/dirsvc.c index 54b31c3..2308e05 100644 --- a/scheduler/dirsvc.c +++ b/scheduler/dirsvc.c @@ -193,7 +193,7 @@ cupsdStartBrowsing(void) cupsdUpdateDNSSDName(); # else /* HAVE_AVAHI */ - if ((DNSSDMaster = avahi_cups_poll_new()) == NULL) + if ((DNSSDMaster = avahi_threaded_poll_new()) == NULL) { cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to create DNS-SD thread."); @@ -204,7 +204,7 @@ cupsdStartBrowsing(void) { int error; /* Error code, if any */ - DNSSDClient = avahi_client_new(avahi_cups_poll_get(DNSSDMaster), AVAHI_CLIENT_NO_FAIL, dnssdClientCallback, NULL, &error); + DNSSDClient = avahi_client_new(avahi_threaded_poll_get(DNSSDMaster), AVAHI_CLIENT_NO_FAIL, dnssdClientCallback, NULL, &error); if (DNSSDClient == NULL) { @@ -215,9 +215,11 @@ cupsdStartBrowsing(void) if (FatalErrors & CUPSD_FATAL_BROWSE) cupsdEndProcess(getpid(), 0); - avahi_cups_poll_free(DNSSDMaster); + avahi_threaded_poll_free(DNSSDMaster); DNSSDMaster = NULL; } + else + avahi_threaded_poll_start(DNSSDMaster); } # endif /* HAVE_DNSSD */ } @@ -633,7 +635,7 @@ dnssdClientCallback( * Renew Avahi client... */ - DNSSDClient = avahi_client_new(avahi_cups_poll_get(DNSSDMaster), AVAHI_CLIENT_NO_FAIL, dnssdClientCallback, NULL, &error); + DNSSDClient = avahi_client_new(avahi_threaded_poll_get(DNSSDMaster), AVAHI_CLIENT_NO_FAIL, dnssdClientCallback, NULL, &error); if (!DNSSDClient) { @@ -699,7 +701,13 @@ dnssdDeregisterInstance( # else /* HAVE_AVAHI */ if (*srv) { + if (!from_callback) + avahi_threaded_poll_lock(DNSSDMaster); + avahi_entry_group_free(*srv); + + if (!from_callback) + avahi_threaded_poll_unlock(DNSSDMaster); } # endif /* HAVE_DNSSD */ @@ -1021,10 +1029,16 @@ dnssdRegisterInstance( (void)commit; # else /* HAVE_AVAHI */ + if (!from_callback) + avahi_threaded_poll_lock(DNSSDMaster); + if (!*srv) *srv = avahi_entry_group_new(DNSSDClient, dnssdRegisterCallback, NULL); if (!*srv) { + if (!from_callback) + avahi_threaded_poll_unlock(DNSSDMaster); + cupsdLogMessage(CUPSD_LOG_WARN, "DNS-SD registration of \"%s\" failed: %s", name, dnssdErrorString(avahi_client_errno(DNSSDClient))); return (0); @@ -1139,6 +1153,9 @@ dnssdRegisterInstance( cupsdLogMessage(CUPSD_LOG_DEBUG, "DNS-SD commit of \"%s\" failed.", name); } + + if (!from_callback) + avahi_threaded_poll_unlock(DNSSDMaster); # endif /* HAVE_DNSSD */ if (error) @@ -1309,6 +1326,9 @@ dnssdStop(void) DNSSDMaster = NULL; # else /* HAVE_AVAHI */ + if (DNSSDMaster) + avahi_threaded_poll_stop(DNSSDMaster); + if (DNSSDClient) { avahi_client_free(DNSSDClient); @@ -1317,7 +1337,7 @@ dnssdStop(void) if (DNSSDMaster) { - avahi_cups_poll_free(DNSSDMaster); + avahi_threaded_poll_free(DNSSDMaster); DNSSDMaster = NULL; } # endif /* HAVE_DNSSD */ diff --git a/scheduler/dirsvc.h b/scheduler/dirsvc.h index c9395e4..5b2d23e 100644 --- a/scheduler/dirsvc.h +++ b/scheduler/dirsvc.h @@ -49,7 +49,7 @@ VAR cups_array_t *DNSSDPrinters VALUE(NULL); VAR DNSServiceRef DNSSDMaster VALUE(NULL); /* Master DNS-SD service reference */ # else /* HAVE_AVAHI */ -VAR AvahiCupsPoll *DNSSDMaster VALUE(NULL); +VAR AvahiThreadedPoll *DNSSDMaster VALUE(NULL); /* Master polling interface for Avahi */ VAR AvahiClient *DNSSDClient VALUE(NULL); /* Client information */ diff --git a/scheduler/env.c b/scheduler/env.c index da37301..01676c3 100644 --- a/scheduler/env.c +++ b/scheduler/env.c @@ -212,13 +212,8 @@ cupsdUpdateEnv(void) set_if_undefined("LD_PRELOAD", NULL); set_if_undefined("NLSPATH", NULL); if (find_env("PATH") < 0) -#ifdef __x86_64__ - cupsdSetEnvf("PATH", "%s/filter:%s/filter:" CUPS_BINDIR ":" CUPS_SBINDIR - ":/bin:/usr/bin", ServerBin, ServerBin_compat); -#else /* ! defined(__x86_64__) */ cupsdSetEnvf("PATH", "%s/filter:" CUPS_BINDIR ":" CUPS_SBINDIR ":/bin:/usr/bin", ServerBin); -#endif set_if_undefined("SERVER_ADMIN", ServerAdmin); set_if_undefined("SHLIB_PATH", NULL); set_if_undefined("SOFTWARE", CUPS_MINIMAL); diff --git a/scheduler/ipp.c b/scheduler/ipp.c index e0dbc4a..5cf980a 100644 --- a/scheduler/ipp.c +++ b/scheduler/ipp.c @@ -14,9 +14,6 @@ * missing or damaged, see the license at "http://www.cups.org/". */ -/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */ -/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */ - /* * Include necessary headers... */ @@ -40,14 +37,6 @@ extern int mbr_check_membership_by_id(uuid_t user, gid_t group, int* ismember); # endif /* HAVE_MEMBERSHIPPRIV_H */ #endif /* __APPLE__ */ -#ifdef WITH_LSPP -#include -#include -#include -#include -#include -#include -#endif /* WITH_LSPP */ /* * Local functions... @@ -72,9 +61,6 @@ static void cancel_all_jobs(cupsd_client_t *con, ipp_attribute_t *uri); static void cancel_job(cupsd_client_t *con, ipp_attribute_t *uri); static void cancel_subscription(cupsd_client_t *con, int id); static int check_rss_recipient(const char *recipient); -#ifdef WITH_LSPP -static int check_context(cupsd_client_t *con, cupsd_job_t *job); -#endif /* WITH_LSPP */ static int check_quotas(cupsd_client_t *con, cupsd_printer_t *p); static void close_job(cupsd_client_t *con, ipp_attribute_t *uri); static void copy_attrs(ipp_t *to, ipp_t *from, cups_array_t *ra, @@ -164,7 +150,6 @@ cupsdProcessIPPRequest( ipp_attribute_t *uri = NULL; /* Printer or job URI attribute */ ipp_attribute_t *username; /* requesting-user-name attr */ int sub_id; /* Subscription ID */ - int valid = 1; /* Valid request? */ cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdProcessIPPRequest(%p[%d]): operation_id=%04x(%s)", con, con->number, con->request->request.op.operation_id, ippOpString(con->request->request.op.operation_id)); @@ -424,55 +409,20 @@ cupsdProcessIPPRequest( else { /* - * OK, all the checks pass so far; validate "requesting-user-name" - * attribute value... + * OK, all the checks pass so far; make sure requesting-user-name is + * not "root" from a remote host... */ - if ((username = ippFindAttribute(con->request, "requesting-user-name", IPP_TAG_ZERO)) != NULL) - { - /* - * Validate "requesting-user-name"... - */ - - if (username->group_tag != IPP_TAG_OPERATION && StrictConformance) - { - cupsdAddEvent(CUPSD_EVENT_SERVER_AUDIT, NULL, NULL, "%04X %s \"requesting-user-name\" attribute in wrong group.", IPP_STATUS_ERROR_BAD_REQUEST, con->http->hostname); - send_ipp_status(con, IPP_STATUS_ERROR_BAD_REQUEST, _("\"requesting-user-name\" attribute in wrong group.")); - valid = 0; - } - else if (username->value_tag != IPP_TAG_NAME && username->value_tag != IPP_TAG_NAMELANG) - { - cupsdAddEvent(CUPSD_EVENT_SERVER_AUDIT, NULL, NULL, "%04X %s \"requesting-user-name\" attribute with wrong syntax.", IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, con->http->hostname); - send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("\"requesting-user-name\" attribute with wrong syntax.")); - if ((attr = ippCopyAttribute(con->response, username, 0)) != NULL) - attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP; - valid = 0; - } - else if (!ippValidateAttribute(username)) - { - cupsdAddEvent(CUPSD_EVENT_SERVER_AUDIT, NULL, NULL, "%04X %s \"requesting-user-name\" attribute with bad value.", IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, con->http->hostname); - - if (StrictConformance) - { - /* - * Throw an error... - */ - - send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("\"requesting-user-name\" attribute with wrong syntax.")); - if ((attr = ippCopyAttribute(con->response, username, 0)) != NULL) - attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP; - valid = 0; - } - else - { - /* - * Map bad "requesting-user-name" to 'anonymous'... - */ - - ippSetString(con->request, &username, 0, "anonymous"); - } - } - else if (!strcmp(username->values[0].string.text, "root") && _cups_strcasecmp(con->http->hostname, "localhost") && strcmp(con->username, "root")) + if ((username = ippFindAttribute(con->request, "requesting-user-name", + IPP_TAG_NAME)) != NULL) + { + /* + * Check for root user... + */ + + if (!strcmp(username->values[0].string.text, "root") && + _cups_strcasecmp(con->http->hostname, "localhost") && + strcmp(con->username, "root")) { /* * Remote unauthenticated user masquerading as local root... @@ -488,8 +438,6 @@ cupsdProcessIPPRequest( else sub_id = 0; - if (valid) - { /* * Then try processing the operation... */ @@ -693,7 +641,6 @@ cupsdProcessIPPRequest( ippOpString( con->request->request.op.operation_id)); break; - } } } } @@ -1339,21 +1286,6 @@ add_job(cupsd_client_t *con, /* I - Client connection */ "time-at-creation", "time-at-processing" }; -#ifdef WITH_LSPP - char *audit_message; /* Audit message string */ - char *printerfile; /* device file pointed to by the printer */ - char *userheader = NULL; /* User supplied job-sheets[0] */ - char *userfooter = NULL; /* User supplied job-sheets[1] */ - int override = 0; /* Was a banner overrode on a job */ - security_id_t clisid; /* SELinux SID for the client */ - security_id_t psid; /* SELinux SID for the printer */ - context_t printercon; /* Printer's context string */ - struct stat printerstat; /* Printer's stat buffer */ - security_context_t devcon; /* Printer's SELinux context */ - struct avc_entry_ref avcref; /* Pointer to the access vector cache */ - security_class_t tclass; /* Object class for the SELinux check */ - access_vector_t avr; /* Access method being requested */ -#endif /* WITH_LSPP */ cupsdLogMessage(CUPSD_LOG_DEBUG2, "add_job(%p[%d], %p(%s), %p(%s/%s))", @@ -1654,133 +1586,26 @@ add_job(cupsd_client_t *con, /* I - Client connection */ _("Bad job-name value: Wrong type or count.")); if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL) attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP; - - if (StrictConformance) - return (NULL); - - /* Don't use invalid attribute */ - ippDeleteAttribute(con->request, attr); - - ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "job-name", NULL, "Untitled"); + return (NULL); } else if (!ippValidateAttribute(attr)) { send_ipp_status(con, IPP_ATTRIBUTES, _("Bad job-name value: %s"), cupsLastErrorString()); - if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL) attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP; - - if (StrictConformance) - return (NULL); - - /* Don't use invalid attribute */ - ippDeleteAttribute(con->request, attr); - - ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "job-name", NULL, "Untitled"); + return (NULL); } attr = ippFindAttribute(con->request, "requesting-user-name", IPP_TAG_NAME); -#ifdef WITH_LSPP - if (is_lspp_config()) + if (attr && !ippValidateAttribute(attr)) { - if (!con->scon || strncmp(con->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) == 0) - { - cupsdLogMessage(CUPSD_LOG_ERROR, "add_job: missing classification for connection \'%s\'!", printer->name); - send_ipp_status(con, IPP_INTERNAL_ERROR, _("Missing required security attributes.")); - return (NULL); - } - - /* - * Perform an access check so that if the user gets feedback at enqueue time - */ - - printerfile = strstr(printer->device_uri, "/dev/"); - if (printerfile == NULL && (strncmp(printer->device_uri, "file:/", 6) == 0)) - printerfile = printer->device_uri + strlen("file:"); - - if (printerfile != NULL) - { - cupsdLogMessage(CUPSD_LOG_DEBUG, "add_job: Attempting an access check on printer device %s", - printerfile); - - if (lstat(printerfile, &printerstat) < 0) - { - if (errno != ENOENT) - { - send_ipp_status(con, IPP_NOT_AUTHORIZED, _("Unable to stat the printer")); - return (NULL); - } - /* - * The printer does not exist, so for now assume it's a FileDevice - */ - tclass = SECCLASS_FILE; - avr = FILE__WRITE; - } - else if (S_ISCHR(printerstat.st_mode)) - { - tclass = SECCLASS_CHR_FILE; - avr = CHR_FILE__WRITE; - } - else if (S_ISREG(printerstat.st_mode)) - { - tclass = SECCLASS_FILE; - avr = FILE__WRITE; - } - else - { - send_ipp_status(con, IPP_NOT_AUTHORIZED, _("Printer is not a character device or regular file")); - return (NULL); - } - static int avc_initialized = 0; - if (!avc_initialized++) - avc_init("cupsd_enqueue_", NULL, NULL, NULL, NULL); - avc_entry_ref_init(&avcref); - if (avc_context_to_sid(con->scon, &clisid) != 0) - { - send_ipp_status(con, IPP_NOT_AUTHORIZED, _("Unable to get the SELinux sid of the client")); - return (NULL); - } - if (getfilecon(printerfile, &devcon) == -1) - { - send_ipp_status(con, IPP_NOT_AUTHORIZED, _("Unable to get the SELinux context of the printer")); - return (NULL); - } - printercon = context_new(devcon); - cupsdLogMessage(CUPSD_LOG_DEBUG, "add_job: printer context %s client context %s", - context_str(printercon), con->scon); - context_free(printercon); - - if (avc_context_to_sid(devcon, &psid) != 0) - { - send_ipp_status(con, IPP_NOT_AUTHORIZED, _("Unable to get the SELinux sid of the printer")); - freecon(devcon); - return (NULL); - } - freecon(devcon); - if (avc_has_perm(clisid, psid, tclass, avr, &avcref, NULL) != 0) - { - /* - * The access check failed, so cancel the job and send an audit message - */ - if (AuditLog != -1) - { - audit_message = NULL; - cupsdSetStringf(&audit_message, "job=? auid=%u acct=%s obj=%s refused" - " unable to access printer=%s", con->auid, - con->username, con->scon, printer->name); - audit_log_user_message(AuditLog, AUDIT_USER_LABELED_EXPORT, audit_message, - ServerName, NULL, NULL, 0); - cupsdClearString(&audit_message); - } - - send_ipp_status(con, IPP_NOT_AUTHORIZED, _("SELinux prohibits access to the printer")); - return (NULL); - } - } + send_ipp_status(con, IPP_ATTRIBUTES, _("Bad requesting-user-name value: %s"), cupsLastErrorString()); + if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL) + attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP; + return (NULL); } -#endif /* WITH_LSPP */ if ((job = cupsdAddJob(priority, printer->name)) == NULL) { @@ -1790,32 +1615,6 @@ add_job(cupsd_client_t *con, /* I - Client connection */ return (NULL); } -#ifdef WITH_LSPP - if (is_lspp_config()) - { - /* - * duplicate the security context and auid of the connection into the job structure - */ - job->scon = strdup(con->scon); - job->auid = con->auid; - - /* - * add the security context to the request so that on a restart the security - * attributes will be able to be restored - */ - ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "security-context", - NULL, job->scon); - } - else - { - /* - * Fill in the security context of the job as unlabeled - */ - cupsdLogMessage(CUPSD_LOG_DEBUG, "add_job: setting context of job to %s", UNKNOWN_SL); - cupsdSetString(&job->scon, UNKNOWN_SL); - } -#endif /* WITH_LSPP */ - job->dtype = printer->type & (CUPS_PRINTER_CLASS | CUPS_PRINTER_REMOTE); job->attrs = con->request; job->dirty = 1; @@ -2003,29 +1802,6 @@ add_job(cupsd_client_t *con, /* I - Client connection */ ippSetString(job->attrs, &attr, 0, printer->job_sheets[0]); ippSetString(job->attrs, &attr, 1, printer->job_sheets[1]); } -#ifdef WITH_LSPP - else - { - /* - * The option was present, so capture the user supplied strings - */ - userheader = strdup(attr->values[0].string.text); - - if (attr->num_values > 1) - userfooter = strdup(attr->values[1].string.text); - - if (Classification != NULL && (strcmp(userheader, Classification) == 0) - && userfooter &&(strcmp(userfooter, Classification) == 0)) - { - /* - * Since both values are Classification, the user is not trying to Override - */ - free(userheader); - if (userfooter) free(userfooter); - userheader = userfooter = NULL; - } - } -#endif /* WITH_LSPP */ job->job_sheets = attr; @@ -2056,9 +1832,6 @@ add_job(cupsd_client_t *con, /* I - Client connection */ "job-sheets=\"%s,none\", " "job-originating-user-name=\"%s\"", Classification, job->username); -#ifdef WITH_LSPP - override = 1; -#endif /* WITH_LSPP */ } else if (attr->num_values == 2 && strcmp(attr->values[0].string.text, @@ -2077,9 +1850,6 @@ add_job(cupsd_client_t *con, /* I - Client connection */ "job-originating-user-name=\"%s\"", attr->values[0].string.text, attr->values[1].string.text, job->username); -#ifdef WITH_LSPP - override = 1; -#endif /* WITH_LSPP */ } else if (strcmp(attr->values[0].string.text, Classification) && strcmp(attr->values[0].string.text, "none") && @@ -2100,9 +1870,6 @@ add_job(cupsd_client_t *con, /* I - Client connection */ "job-originating-user-name=\"%s\"", attr->values[0].string.text, attr->values[1].string.text, job->username); -#ifdef WITH_LSPP - override = 1; -#endif /* WITH_LSPP */ } } else if (strcmp(attr->values[0].string.text, Classification) && @@ -2143,52 +1910,8 @@ add_job(cupsd_client_t *con, /* I - Client connection */ "job-sheets=\"%s\", " "job-originating-user-name=\"%s\"", Classification, job->username); -#ifdef WITH_LSPP - override = 1; -#endif /* WITH_LSPP */ } -#ifdef WITH_LSPP - if (is_lspp_config() && AuditLog != -1) - { - audit_message = NULL; - - if (userheader || userfooter) - { - if (!override) - { - /* - * The user overrode the banner, so audit it - */ - cupsdSetStringf(&audit_message, "job=%d user supplied job-sheets=%s,%s" - " using banners=%s,%s", job->id, userheader, - userfooter, attr->values[0].string.text, - (attr->num_values > 1) ? attr->values[1].string.text : "(null)"); - audit_log_user_message(AuditLog, AUDIT_LABEL_OVERRIDE, audit_message, - ServerName, NULL, NULL, 1); - } - else - { - /* - * The user tried to override the banner, audit the failure - */ - cupsdSetStringf(&audit_message, "job=%d user supplied job-sheets=%s,%s" - " ignored banners=%s,%s", job->id, userheader, - userfooter, attr->values[0].string.text, - (attr->num_values > 1) ? attr->values[1].string.text : "(null)"); - audit_log_user_message(AuditLog, AUDIT_LABEL_OVERRIDE, audit_message, - ServerName, NULL, NULL, 0); - } - cupsdClearString(&audit_message); - } - } - - if (userheader) - free(userheader); - if (userfooter) - free(userfooter); -#endif /* WITH_LSPP */ } - /* * See if we need to add the starting sheet... @@ -2725,21 +2448,12 @@ add_printer(cupsd_client_t *con, /* I - Client connection */ * Could not find device in list! */ -#ifdef __x86_64__ - snprintf(srcfile, sizeof(srcfile), "%s/backend/%s", ServerBin_compat, - scheme); - if (access(srcfile, X_OK)) - { -#endif /* __x86_64__ */ send_ipp_status(con, IPP_NOT_POSSIBLE, _("Bad device-uri scheme \"%s\"."), scheme); if (!modify) cupsdDeletePrinter(printer, 0); return; -#ifdef __x86_64__ - } -#endif /* __x86_64__ */ } } @@ -2918,7 +2632,8 @@ add_printer(cupsd_client_t *con, /* I - Client connection */ if (!strcmp(attr->values[i].string.text, "none")) continue; - printer->reasons[printer->num_reasons] = _cupsStrAlloc(attr->values[i].string.text); + printer->reasons[printer->num_reasons] = + _cupsStrRetain(attr->values[i].string.text); printer->num_reasons ++; if (!strcmp(attr->values[i].string.text, "paused") && @@ -3970,128 +3685,6 @@ check_rss_recipient( } -#ifdef WITH_LSPP -/* - * 'check_context()' - Check SELinux security context of a user and job - */ - -static int /* O - 1 if OK, 0 if not, -1 on error */ -check_context(cupsd_client_t *con, /* I - Client connection */ - cupsd_job_t *job) /* I - Job */ -{ - int enforcing; /* is SELinux in enforcing mode */ - char filename[1024]; /* Filename of the spool file */ - security_id_t clisid; /* SELinux SID of the client */ - security_id_t jobsid; /* SELinux SID of the job */ - security_id_t filesid; /* SELinux SID of the spool file */ - struct avc_entry_ref avcref; /* AVC entry cache pointer */ - security_class_t tclass; /* SELinux security class */ - access_vector_t avr; /* SELinux access being queried */ - security_context_t spoolfilecon; /* SELinux context of the spool file */ - - - /* - * Validate the input to be sure there are contexts to work with... - */ - - if (con->scon == NULL || job->scon == NULL - || strncmp(con->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) == 0 - || strncmp(job->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) == 0) - return -1; - - if ((enforcing = security_getenforce()) == -1) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Error while determining SELinux enforcement"); - return -1; - } - cupsdLogJob(job, CUPSD_LOG_DEBUG, - "check_context: client context %s job context %s", - con->scon, job->scon); - - - /* - * Initialize the avc engine... - */ - - static int avc_initialized = 0; - if (! avc_initialized++) - { - if (avc_init("cupsd", NULL, NULL, NULL, NULL) < 0) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, "check_context: unable avc_init"); - return -1; - } - } - if (avc_context_to_sid(con->scon, &clisid) != 0) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "check_context: unable to convert %s to SELinux sid", - con->scon); - return -1; - } - if (avc_context_to_sid(job->scon, &jobsid) != 0) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "check_context: unable to convert %s to SELinux sid", - job->scon); - return -1; - } - avc_entry_ref_init(&avcref); - tclass = SECCLASS_FILE; - avr = FILE__READ; - - /* - * Perform the check with the client as the subject, first with the job as the object - * if that fails then with the spool file as the object... - */ - - if (avc_has_perm_noaudit(clisid, jobsid, tclass, avr, &avcref, NULL) != 0) - { - cupsdLogJob(job, CUPSD_LOG_INFO, - "check_context: SELinux denied access " - "based on the client context"); - - snprintf(filename, sizeof(filename), "%s/c%05d", RequestRoot, job->id); - if (getfilecon(filename, &spoolfilecon) == -1) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "check_context: Unable to get spoolfile context"); - return -1; - } - if (avc_context_to_sid(spoolfilecon, &filesid) != 0) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "check_context: Unable to determine the " - "SELinux sid for the spool file"); - freecon(spoolfilecon); - return -1; - } - freecon(spoolfilecon); - if (avc_has_perm_noaudit(clisid, filesid, tclass, avr, &avcref, NULL) != 0) - { - cupsdLogJob(job, CUPSD_LOG_INFO, - "check_context: SELinux denied access to the spool file"); - return 0; - } - cupsdLogJob(job, CUPSD_LOG_INFO, - "check_context: SELinux allowed access to the spool file"); - return 1; - } - else - if (enforcing == 0) - cupsdLogJob(job, CUPSD_LOG_INFO, - "check_context: allowing operation due to permissive mode"); - else - cupsdLogJob(job, CUPSD_LOG_INFO, - "check_context: SELinux allowed access based on the " - "client context"); - - return 1; -} -#endif /* WITH_LSPP */ - - /* * 'check_quotas()' - Check quotas for a printer and user. */ @@ -4548,15 +4141,6 @@ copy_banner(cupsd_client_t *con, /* I - Client connection */ char attrname[255], /* Name of attribute */ *s; /* Pointer into name */ ipp_attribute_t *attr; /* Attribute */ -#ifdef WITH_LSPP - const char *mls_label; /* SL of print job */ - char *jobrange; /* SELinux sensitivity range */ - char *jobclearance; /* SELinux low end clearance */ - context_t jobcon; /* SELinux context of the job */ - context_t tmpcon; /* Temp context to set the level */ - security_context_t spoolcon; /* Context of the file in the spool */ -#endif /* WITH_LSPP */ - cupsdLogMessage(CUPSD_LOG_DEBUG2, @@ -4592,85 +4176,6 @@ copy_banner(cupsd_client_t *con, /* I - Client connection */ fchmod(cupsFileNumber(out), 0640); fchown(cupsFileNumber(out), RunUser, Group); -#ifdef WITH_LSPP - if (job->scon != NULL && - strncmp(job->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) != 0) - { - if (getfilecon(filename, &spoolcon) == -1) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Unable to get the context of the banner file %s - %s", - filename, strerror(errno)); - job->num_files --; - return (0); - } - tmpcon = context_new(spoolcon); - jobcon = context_new(job->scon); - freecon(spoolcon); - if (!tmpcon || !jobcon) - { - if (tmpcon) - context_free(tmpcon); - if (jobcon) - context_free(jobcon); - cupsdLogJob(job, CUPSD_LOG_ERROR, - "copy_banner: Unable to get the SELinux contexts"); - job->num_files --; - return (0); - } - jobrange = (char *) context_range_get(jobcon); - if (jobrange) - { - jobrange = strdup(jobrange); - if ((jobclearance = strtok(jobrange, "-")) != NULL) - { - if (context_range_set(tmpcon, jobclearance) == -1) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "copy_banner: Unable to set the " - "level of the context for file %s - %s", - filename, strerror(errno)); - free(jobrange); - context_free(jobcon); - context_free(tmpcon); - job->num_files --; - return (0); - } - } - else - { - if (context_range_set(tmpcon, (context_range_get(jobcon))) == -1) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "copy_banner: Unable to set the " - "level of the context for file %s - %s", - filename, strerror(errno)); - free(jobrange); - context_free(jobcon); - context_free(tmpcon); - job->num_files --; - return (0); - } - } - free(jobrange); - } - if (setfilecon(filename, context_str(tmpcon)) == -1) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "copy_banner: Unable to set the " - "context of the banner file %s - %s", - filename, strerror(errno)); - context_free(jobcon); - context_free(tmpcon); - job->num_files --; - return (0); - } - cupsdLogJob(job, CUPSD_LOG_DEBUG2, "copy_banner: %s set to %s", - filename, context_str(tmpcon)); - context_free(jobcon); - context_free(tmpcon); - } -#endif /* WITH_LSPP */ /* * Try the localized banner file under the subdirectory... @@ -4765,24 +4270,6 @@ copy_banner(cupsd_client_t *con, /* I - Client connection */ else s = attrname; -#ifdef WITH_LSPP - if (strcmp(s, "mls-label") == 0) - { - if (job->scon != NULL && strncmp(job->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) != 0) - { - jobcon = context_new(job->scon); - if (_cups_strcasecmp(name, MLS_CONFIG) == 0) - mls_label = context_range_get(jobcon); - else if (_cups_strcasecmp(name, TE_CONFIG) == 0) - mls_label = context_type_get(jobcon); - else // default to using the whole context string - mls_label = context_str(jobcon); - cupsFilePuts(out, mls_label); - context_free(jobcon); - } - continue; - } -#endif /* WITH_LSPP */ if (!strcmp(s, "printer-name")) { cupsFilePuts(out, job->dest); @@ -5037,7 +4524,7 @@ copy_model(cupsd_client_t *con, /* I - Client connection */ close(temppipe[1]); /* - * Wait up to 70 seconds for the PPD file to be copied... + * Wait up to 30 seconds for the PPD file to be copied... */ total = 0; @@ -5057,7 +4544,7 @@ copy_model(cupsd_client_t *con, /* I - Client connection */ FD_SET(temppipe[0], &input); FD_SET(CGIPipes[0], &input); - timeout.tv_sec = 70; + timeout.tv_sec = 30; timeout.tv_usec = 0; if ((i = select(maxfd, &input, NULL, NULL, &timeout)) < 0) @@ -5409,8 +4896,6 @@ copy_printer_attrs( * and document-format attributes that may be provided by the client. */ - _cupsRWLockRead(&printer->lock); - curtime = time(NULL); if (!ra || cupsArrayFind(ra, "marker-change-time")) @@ -5436,7 +4921,8 @@ copy_printer_attrs( if ((p2_uri = ippFindAttribute(p2->attrs, "printer-uri-supported", IPP_TAG_URI)) != NULL) - member_uris->values[i].string.text = _cupsStrAlloc(p2_uri->values[0].string.text); + member_uris->values[i].string.text = + _cupsStrRetain(p2_uri->values[0].string.text); else { httpAssembleURIf(HTTP_URI_CODING_ALL, printer_uri, @@ -5602,8 +5088,6 @@ copy_printer_attrs( if (printer->ppd_attrs) copy_attrs(con->response, printer->ppd_attrs, ra, IPP_TAG_ZERO, 0, NULL); copy_attrs(con->response, CommonData, ra, IPP_TAG_ZERO, IPP_TAG_COPY, NULL); - - _cupsRWUnlock(&printer->lock); } @@ -6974,22 +6458,6 @@ get_job_attrs(cupsd_client_t *con, /* I - Client connection */ exclude = cupsdGetPrivateAttrs(policy, con, printer, job->username); - -#ifdef WITH_LSPP - /* - * Check SELinux... - */ - if (is_lspp_config() && check_context(con, job) != 1) - { - /* - * Unfortunately we have to lie to the user... - */ - send_ipp_status(con, IPP_NOT_FOUND, _("Job #%d does not exist!"), jobid); - return; - } -#endif /* WITH_LSPP */ - - /* * Copy attributes... */ @@ -7387,11 +6855,6 @@ get_jobs(cupsd_client_t *con, /* I - Client connection */ if (username[0] && _cups_strcasecmp(username, job->username)) continue; -#ifdef WITH_LSPP - if (is_lspp_config() && check_context(con, job) != 1) - continue; -#endif /* WITH_LSPP */ - if (count > 0) ippAddSeparator(con->response); @@ -12023,11 +11486,6 @@ validate_user(cupsd_job_t *job, /* I - Job */ strlcpy(username, get_username(con), userlen); -#ifdef WITH_LSPP - if (is_lspp_config() && check_context(con, job) != 1) - return 0; -#endif /* WITH_LSPP */ - /* * Check the username against the owner... */ diff --git a/scheduler/job.c b/scheduler/job.c index 82ef2eb..86e75e6 100644 --- a/scheduler/job.c +++ b/scheduler/job.c @@ -11,9 +11,6 @@ * missing or damaged, see the license at "http://www.cups.org/". */ -/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */ -/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */ - /* * Include necessary headers... */ @@ -29,14 +26,6 @@ # endif /* HAVE_IOKIT_PWR_MGT_IOPMLIBPRIVATE_H */ #endif /* __APPLE__ */ -#ifdef WITH_LSPP -#include -#include -#include -#include -#include -#include -#endif /* WITH_LSPP */ /* * Design Notes for Job Management @@ -558,14 +547,6 @@ cupsdContinueJob(cupsd_job_t *job) /* I - Job */ /* PRINTER_STATE_REASONS env var */ rip_max_cache[255]; /* RIP_MAX_CACHE env variable */ -#ifdef WITH_LSPP - char *audit_message = NULL; /* Audit message string */ - context_t jobcon; /* SELinux context of the job */ - char *label_template = NULL; /* SL to put in classification - env var */ - const char *mls_label = NULL; /* SL to put in classification - env var */ -#endif /* WITH_LSPP */ cupsdLogMessage(CUPSD_LOG_DEBUG2, @@ -633,28 +614,10 @@ cupsdContinueJob(cupsd_job_t *job) /* I - Job */ if (!filters) { - mime_filter_t *current; - cupsdLogJob(job, CUPSD_LOG_ERROR, "Unable to convert file %d to printable format.", job->current_file); - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Required: %s/%s -> %s/%s", - job->filetypes[job->current_file]->super, - job->filetypes[job->current_file]->type, - job->printer->filetype->super, - job->printer->filetype->type); - - for (current = (mime_filter_t *)cupsArrayFirst(MimeDatabase->srcs); - current; - current = (mime_filter_t *)cupsArrayNext(MimeDatabase->srcs)) - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Available: %s/%s -> %s/%s (%s)", - current->src->super, current->src->type, - current->dst->super, current->dst->type, - current->filter); - abort_message = "Aborting job because it cannot be printed."; abort_state = IPP_JOB_ABORTED; @@ -1102,67 +1065,6 @@ cupsdContinueJob(cupsd_job_t *job) /* I - Job */ if (final_content_type[0]) envp[envc ++] = final_content_type; -#ifdef WITH_LSPP - if (is_lspp_config()) - { - if (!job->scon || strncmp(job->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) == 0) - { - if (AuditLog != -1) - { - audit_message = NULL; - cupsdSetStringf(&audit_message, "job=%d auid=%u acct=%s printer=%s title=%s", - job->id, job->auid, job->username, job->printer->name, title); - audit_log_user_message(AuditLog, AUDIT_USER_UNLABELED_EXPORT, audit_message, - ServerName, NULL, NULL, 1); - cupsdClearString(&audit_message); - } - } - else - { - jobcon = context_new(job->scon); - - if ((attr = ippFindAttribute(job->attrs, "job-sheets", IPP_TAG_NAME)) == NULL) - label_template = strdup(Classification); - else if (attr->num_values > 1 && - strcmp(attr->values[1].string.text, "none") != 0) - label_template = strdup(attr->values[1].string.text); - else - label_template = strdup(attr->values[0].string.text); - - if (_cups_strcasecmp(label_template, MLS_CONFIG) == 0) - mls_label = context_range_get(jobcon); - else if (_cups_strcasecmp(label_template, TE_CONFIG) == 0) - mls_label = context_type_get(jobcon); - else if (_cups_strcasecmp(label_template, SELINUX_CONFIG) == 0) - mls_label = context_str(jobcon); - else - mls_label = label_template; - - if (mls_label && (PerPageLabels || banner_page)) - { - snprintf(classification, sizeof(classification), "CLASSIFICATION=LSPP:%s", mls_label); - envp[envc ++] = classification; - } - - if ((AuditLog != -1) && !banner_page) - { - audit_message = NULL; - cupsdSetStringf(&audit_message, "job=%d auid=%u acct=%s printer=%s title=%s" - " obj=%s label=%s", job->id, job->auid, job->username, - job->printer->name, title, job->scon, mls_label?mls_label:"none"); - audit_log_user_message(AuditLog, AUDIT_USER_LABELED_EXPORT, audit_message, - ServerName, NULL, NULL, 1); - cupsdClearString(&audit_message); - } - context_free(jobcon); - free(label_template); - } - } - else - /* - * Fall through to the non-LSPP behavior - */ -#endif /* WITH_LSPP */ if (Classification && !banner_page) { if ((attr = ippFindAttribute(job->attrs, "job-sheets", @@ -1225,32 +1127,8 @@ cupsdContinueJob(cupsd_job_t *job) /* I - Job */ i ++, filter = (mime_filter_t *)cupsArrayNext(filters)) { if (filter->filter[0] != '/') - { - snprintf(command, sizeof(command), "%s/filter/%s", ServerBin, - filter->filter); -#ifdef __x86_64__ - if (access(command, F_OK)) - { - snprintf(command, sizeof(command), "%s/filter/%s", - ServerBin_compat, filter->filter); - if (!access(command, F_OK)) - { - /* Not in the correct directory, but found it in the compat - * directory. Issue a warning. */ - cupsdLogMessage(CUPSD_LOG_INFO, - "Filter '%s' not in %s/filter!", - filter->filter, ServerBin); - } - else - { - /* Not in the compat directory either; make any error - * messages use the correct directory name then. */ - snprintf(command, sizeof(command), "%s/filter/%s", ServerBin, - filter->filter); - } - } -#endif /* __x86_64__ */ - } + snprintf(command, sizeof(command), "%s/filter/%s", ServerBin, + filter->filter); else strlcpy(command, filter->filter, sizeof(command)); @@ -1406,28 +1284,6 @@ cupsdContinueJob(cupsd_job_t *job) /* I - Job */ { cupsdClosePipe(job->back_pipes); cupsdClosePipe(job->side_pipes); -#ifdef __x86_64__ - if (access(command, F_OK)) - { - snprintf(command, sizeof(command), "%s/backend/%s", ServerBin_compat, - scheme); - if (!access(command, F_OK)) - { - /* Not in the correct directory, but we found it in the compat - * directory. Issue a warning. */ - cupsdLogMessage(CUPSD_LOG_INFO, - "Backend '%s' not in %s/backend!", scheme, - ServerBin); - } - else - { - /* Not in the compat directory either; make any error - messages use the correct directory name then. */ - snprintf(command, sizeof(command), "%s/backend/%s", ServerBin, - scheme); - } - } -#endif /* __x86_64__ */ close(job->status_pipes[1]); job->status_pipes[1] = -1; @@ -1988,22 +1844,6 @@ cupsdLoadJob(cupsd_job_t *job) /* I - Job */ ippSetString(job->attrs, &job->reasons, 0, "none"); } -#ifdef WITH_LSPP - if ((attr = ippFindAttribute(job->attrs, "security-context", IPP_TAG_NAME)) != NULL) - cupsdSetString(&job->scon, attr->values[0].string.text); - else if (is_lspp_config()) - { - /* - * There was no security context so delete the job - */ - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Missing or bad security-context attribute " - "in control file \"%s\"!", - jobfile); - goto error; - } -#endif /* WITH_LSPP */ - job->impressions = ippFindAttribute(job->attrs, "job-impressions-completed", IPP_TAG_INTEGER); job->sheets = ippFindAttribute(job->attrs, "job-media-sheets-completed", IPP_TAG_INTEGER); job->job_sheets = ippFindAttribute(job->attrs, "job-sheets", IPP_TAG_NAME); @@ -2417,14 +2257,6 @@ cupsdSaveJob(cupsd_job_t *job) /* I - Job */ { char filename[1024]; /* Job control filename */ cups_file_t *fp; /* Job file */ -#ifdef WITH_LSPP - security_context_t spoolcon; /* context of the job control file */ - context_t jobcon; /* contex_t container for job->scon */ - context_t tmpcon; /* Temp context to swap the level */ - char *jobclearance; /* SELinux low end clearance */ - const char *jobrange; /* SELinux sensitivity range */ - char *jobrange_copy; /* SELinux sensitivity range */ -#endif /* WITH_LSPP */ cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdSaveJob(job=%p(%d)): job->attrs=%p", @@ -2447,78 +2279,6 @@ cupsdSaveJob(cupsd_job_t *job) /* I - Job */ fchown(cupsFileNumber(fp), RunUser, Group); -#ifdef WITH_LSPP - if (job->scon && strncmp(job->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) != 0) - { - if (getfilecon(filename, &spoolcon) == -1) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Unable to get context of job control file \"%s\" - %s.", - filename, strerror(errno)); - return; - } - jobcon = context_new(job->scon); - tmpcon = context_new(spoolcon); - freecon(spoolcon); - if (!jobcon || !tmpcon) - { - if (jobcon) - context_free(jobcon); - if (tmpcon) - context_free(tmpcon); - cupsdLogJob(job, CUPSD_LOG_ERROR, "Unable to get SELinux contexts"); - return; - } - jobrange = context_range_get(jobcon); - if (jobrange) - { - jobrange_copy = strdup(jobrange); - if ((jobclearance = strtok(jobrange_copy, "-")) != NULL) - { - if (context_range_set(tmpcon, jobclearance) == -1) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Unable to set the range for " - "job control file \"%s\" - %s.", - filename, strerror(errno)); - free(jobrange_copy); - context_free(tmpcon); - context_free(jobcon); - return; - } - } - else - { - if (context_range_set(tmpcon, (context_range_get(jobcon))) == -1) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Unable to set the range for " - "job control file \"%s\" - %s.", - filename, strerror(errno)); - free(jobrange_copy); - context_free(tmpcon); - context_free(jobcon); - return; - } - } - free(jobrange_copy); - } - if (setfilecon(filename, context_str(tmpcon)) == -1) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Unable to set context of job control file \"%s\" - %s.", - filename, strerror(errno)); - context_free(tmpcon); - context_free(jobcon); - return; - } - cupsdLogJob(job, CUPSD_LOG_DEBUG2, "New spool file context=%s", - context_str(tmpcon)); - context_free(tmpcon); - context_free(jobcon); - } -#endif /* WITH_LSPP */ - job->attrs->state = IPP_IDLE; if (ippWriteIO(fp, (ipp_iocb_t)cupsFileWrite, 1, NULL, @@ -4165,19 +3925,6 @@ get_options(cupsd_job_t *job, /* I - Job */ banner_page) continue; -#ifdef WITH_LSPP - /* - * In LSPP mode refuse to honor the page-label - */ - if (is_lspp_config() && - !strcmp(attr->name, "page-label")) - { - cupsdLogJob(job, CUPSD_LOG_DEBUG, - "Ignoring page-label option due to LSPP mode"); - continue; - } -#endif /* WITH_LSPP */ - /* * Otherwise add them to the list... */ @@ -4939,18 +4686,6 @@ start_job(cupsd_job_t *job, /* I - Job ID */ cupsd_printer_t *printer) /* I - Printer to print job */ { const char *filename; /* Support filename */ -#ifdef WITH_LSPP - char *audit_message = NULL; /* Audit message string */ - char *printerfile = NULL; /* Device file pointed to by the printer */ - security_id_t clisid; /* SELinux SID for the client */ - security_id_t psid; /* SELinux SID for the printer */ - context_t printercon; /* Printer's context string */ - struct stat printerstat; /* Printer's stat buffer */ - security_context_t devcon; /* Printer's SELinux context */ - struct avc_entry_ref avcref; /* Pointer to the access vector cache */ - security_class_t tclass; /* Object class for the SELinux check */ - access_vector_t avr; /* Access method being requested */ -#endif /* WITH_LSPP */ ipp_attribute_t *cancel_after = ippFindAttribute(job->attrs, "job-cancel-after", IPP_TAG_INTEGER); @@ -5039,18 +4774,6 @@ start_job(cupsd_job_t *job, /* I - Job ID */ job->profile = cupsdCreateProfile(job->id, 0); job->bprofile = cupsdCreateProfile(job->id, 1); -#ifdef HAVE_SANDBOX_H - if ((!job->profile || !job->bprofile) && UseSandboxing && Sandboxing != CUPSD_SANDBOXING_OFF) - { - /* - * Failure to create the sandbox profile means something really bad has - * happened and we need to shutdown immediately. - */ - - return; - } -#endif /* HAVE_SANDBOX_H */ - /* * Create the status pipes and buffer... */ @@ -5139,113 +4862,6 @@ start_job(cupsd_job_t *job, /* I - Job ID */ fcntl(job->side_pipes[1], F_SETFD, fcntl(job->side_pipes[1], F_GETFD) | FD_CLOEXEC); -#ifdef WITH_LSPP - if (is_lspp_config()) - { - /* - * Perform an access check before printing, but only if the printer starts with /dev/ - */ - printerfile = strstr(printer->device_uri, "/dev/"); - if (printerfile == NULL && (strncmp(printer->device_uri, "file:/", 6) == 0)) - printerfile = printer->device_uri + strlen("file:"); - - if (printerfile != NULL) - { - cupsdLogJob(job, CUPSD_LOG_DEBUG, - "Attempting to check access on printer device %s", - printerfile); - if (lstat(printerfile, &printerstat) < 0) - { - if (errno != ENOENT) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Unable to stat the printer"); - cupsdSetJobState(job, IPP_JOB_ABORTED, CUPSD_JOB_DEFAULT, NULL); - return ; - } - /* - * The printer does not exist, so for now assume it's a FileDevice - */ - tclass = SECCLASS_FILE; - avr = FILE__WRITE; - } - else if (S_ISCHR(printerstat.st_mode)) - { - tclass = SECCLASS_CHR_FILE; - avr = CHR_FILE__WRITE; - } - else if (S_ISREG(printerstat.st_mode)) - { - tclass = SECCLASS_FILE; - avr = FILE__WRITE; - } - else - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "StartJob: Printer is not a character device or " - "regular file"); - cupsdSetJobState(job, IPP_JOB_ABORTED, CUPSD_JOB_DEFAULT, NULL); - return ; - } - static int avc_initialized = 0; - if (!avc_initialized++) - avc_init("cupsd_dequeue_", NULL, NULL, NULL, NULL); - avc_entry_ref_init(&avcref); - if (avc_context_to_sid(job->scon, &clisid) != 0) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Unable to determine the SELinux sid for the job"); - cupsdSetJobState(job, IPP_JOB_ABORTED, CUPSD_JOB_DEFAULT, NULL); - return ; - } - if (getfilecon(printerfile, &devcon) == -1) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Unable to get the SELinux context of %s", - printerfile); - cupsdSetJobState(job, IPP_JOB_ABORTED, CUPSD_JOB_DEFAULT, NULL); - return ; - } - printercon = context_new(devcon); - cupsdLogJob(job, CUPSD_LOG_DEBUG, - "Printer context %s client context %s", - context_str(printercon), job->scon); - context_free(printercon); - - if (avc_context_to_sid(devcon, &psid) != 0) - { - cupsdLogJob(job, CUPSD_LOG_ERROR, - "Unable to determine the SELinux sid for the printer"); - freecon(devcon); - cupsdSetJobState(job, IPP_JOB_ABORTED, CUPSD_JOB_DEFAULT, NULL); - return ; - } - freecon(devcon); - - if (avc_has_perm(clisid, psid, tclass, avr, &avcref, NULL) != 0) - { - /* - * The access check failed, so cancel the job and send an audit message - */ - if (AuditLog != -1) - { - audit_message = NULL; - cupsdSetStringf(&audit_message, "job=%d auid=%u acct=%s obj=%s canceled" - " unable to access printer=%s", job->id, - job->auid, (job->username)?job->username:"?", job->scon, printer->name); - audit_log_user_message(AuditLog, AUDIT_USER_LABELED_EXPORT, audit_message, - ServerName, NULL, NULL, 0); - cupsdClearString(&audit_message); - } - - cupsdSetJobState(job, IPP_JOB_ABORTED, CUPSD_JOB_DEFAULT, NULL); - - return ; - } - } - } -#endif /* WITH_LSPP */ - /* * Now start the first file in the job... */ diff --git a/scheduler/job.h b/scheduler/job.h index a383b53..54f5092 100644 --- a/scheduler/job.h +++ b/scheduler/job.h @@ -11,13 +11,6 @@ * missing or damaged, see the license at "http://www.cups.org/". */ -/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */ -/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */ - -#ifdef WITH_LSPP -#include -#endif /* WITH_LSPP */ - /* * Constants... */ @@ -95,10 +88,6 @@ struct cupsd_job_s /**** Job request ****/ int progress; /* Printing progress */ int num_keywords; /* Number of PPD keywords */ cups_option_t *keywords; /* PPD keywords */ -#ifdef WITH_LSPP - security_context_t scon; /* Security context of job */ - uid_t auid; /* Audit loginuid for this job */ -#endif /* WITH_LSPP */ }; typedef struct cupsd_joblog_s /**** Job log message ****/ diff --git a/scheduler/log.c b/scheduler/log.c index 33cdac6..3ffa193 100644 --- a/scheduler/log.c +++ b/scheduler/log.c @@ -24,9 +24,6 @@ # include #endif /* HAVE_ASL_H */ #include -#include -#include -#include /* @@ -136,10 +133,12 @@ cupsdCheckLogFile(cups_file_t **lf, /* IO - Log file */ } /* - * Format the filename... + * Format the filename as needed... */ - if (strncmp(logname, "/dev/", 5)) + if (!*lf || + (strncmp(logname, "/dev/", 5) && cupsFileTell(*lf) > MaxLogSize && + MaxLogSize > 0)) { /* * Handle format strings... @@ -251,34 +250,6 @@ cupsdCheckLogFile(cups_file_t **lf, /* IO - Log file */ } /* - * Has someone else (i.e. logrotate) already rotated the log for us? - */ - else if (strncmp(filename, "/dev/", 5)) - { - struct stat st; - if (stat(filename, &st) || st.st_size == 0) - { - /* File is either missing or has zero size. */ - - cupsFileClose(*lf); - if ((*lf = cupsFileOpen(filename, "a")) == NULL) - { - syslog(LOG_ERR, "Unable to open log file \"%s\" - %s", filename, - strerror(errno)); - - return (0); - } - - /* - * Change ownership and permissions of non-device logs... - */ - - fchown(cupsFileNumber(*lf), RunUser, Group); - fchmod(cupsFileNumber(*lf), LogFilePerm); - } - } - - /* * Do we need to rotate the log? */ diff --git a/scheduler/main.c b/scheduler/main.c index a6e2c3a..8925c83 100644 --- a/scheduler/main.c +++ b/scheduler/main.c @@ -56,9 +56,6 @@ # include #endif /* HAVE_SYS_PARAM_H */ -#ifdef WITH_LSPP -# include -#endif /* WITH_LSPP */ /* * Local functions... @@ -125,9 +122,6 @@ main(int argc, /* I - Number of command-line args */ #if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET) struct sigaction action; /* Actions for POSIX signals */ #endif /* HAVE_SIGACTION && !HAVE_SIGSET */ -#if WITH_LSPP - auditfail_t failmode; /* Action for audit_open failure */ -#endif /* WITH_LSPP */ #ifdef __APPLE__ int use_sysman = 1; /* Use system management functions? */ #else @@ -137,10 +131,7 @@ main(int argc, /* I - Number of command-line args */ int service_idle_exit; /* Idle exit on select timeout? */ #endif /* HAVE_ONDEMAND */ -#ifdef HAVE_AVAHI - cupsd_timeout_t *tmo; /* Next scheduled timed callback */ - long tmo_delay; /* Time before it must be called */ -#endif /* HAVE_AVAHI */ + #ifdef HAVE_GETEUID /* @@ -427,8 +418,6 @@ main(int argc, /* I - Number of command-line args */ * Setup signal handlers for the parent... */ - pid_t pid; - #ifdef HAVE_SIGSET /* Use System V signals over POSIX to avoid bugs */ sigset(SIGUSR1, parent_handler); sigset(SIGCHLD, parent_handler); @@ -452,7 +441,7 @@ main(int argc, /* I - Number of command-line args */ signal(SIGHUP, SIG_IGN); #endif /* HAVE_SIGSET */ - if ((pid = fork()) > 0) + if (fork() > 0) { /* * OK, wait for the child to startup and send us SIGUSR1 or to crash @@ -464,15 +453,7 @@ main(int argc, /* I - Number of command-line args */ sleep(1); if (parent_signal == SIGUSR1) - { - FILE *f = fopen ("/var/run/cupsd.pid", "w"); - if (f) - { - fprintf (f, "%d\n", pid); - fclose (f); - } return (0); - } if (wait(&i) < 0) { @@ -514,25 +495,6 @@ main(int argc, /* I - Number of command-line args */ exit(errno); } -#ifdef WITH_LSPP - if ((AuditLog = audit_open()) < 0 ) - { - if (get_auditfail_action(&failmode) == 0) - { - if (failmode == FAIL_LOG) - { - cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to connect to audit subsystem."); - AuditLog = -1; - } - else if (failmode == FAIL_TERMINATE) - { - fprintf(stderr, "cupsd: unable to start auditing, terminating"); - return -1; - } - } - } -#endif /* WITH_LSPP */ - /* * Let the system know we are busy while we bring up cupsd... */ @@ -638,14 +600,6 @@ main(int argc, /* I - Number of command-line args */ httpInitialize(); -#ifdef HAVE_AVAHI - /* - * Initialize timed callback structures. - */ - - cupsdInitTimeouts(); -#endif /* HAVE_AVAHI */ - cupsdStartServer(); /* @@ -727,16 +681,8 @@ main(int argc, /* I - Number of command-line args */ #ifdef HAVE_ONDEMAND if (OnDemand) - { cupsdAddEvent(CUPSD_EVENT_SERVER_STARTED, NULL, NULL, "Scheduler started on demand."); -# ifdef HAVE_SYSTEMD - sd_notifyf(0, "READY=1\n" - "STATUS=Scheduler is running...\n" - "MAINPID=%lu", - (unsigned long) getpid()); -# endif /* HAVE_SYSTEMD */ - } else - + else #endif /* HAVE_ONDEMAND */ if (fg) cupsdAddEvent(CUPSD_EVENT_SERVER_STARTED, NULL, NULL, "Scheduler started in foreground."); @@ -947,7 +893,7 @@ main(int argc, /* I - Number of command-line args */ * Write dirty config/state files... */ - if (DirtyCleanTime && current_time >= DirtyCleanTime) + if (DirtyCleanTime && current_time >= DirtyCleanTime && cupsArrayCount(Clients) == 0) cupsdCleanDirty(); #ifdef __APPLE__ @@ -964,16 +910,6 @@ main(int argc, /* I - Number of command-line args */ } #endif /* __APPLE__ */ -#ifdef HAVE_AVAHI - /* - * If a timed callback is due, run it. - */ - - tmo = cupsdNextTimeout (&tmo_delay); - if (tmo && tmo_delay == 0) - cupsdRunTimeout (tmo); -#endif /* HAVE_AVAHI */ - #ifndef __APPLE__ /* * Update the network interfaces once a minute... @@ -1244,11 +1180,6 @@ main(int argc, /* I - Number of command-line args */ cupsdStopSelect(); -#ifdef WITH_LSPP - if (AuditLog != -1) - audit_close(AuditLog); -#endif /* WITH_LSPP */ - return (!stop_scheduler); } @@ -1539,16 +1470,9 @@ process_children(void) (!job->filters[i] && WIFEXITED(old_status))) { /* Backend and filter didn't crash */ if (job->filters[i]) - { job->status = status; /* Filter failed */ - } else - { job->status = -status; /* Backend failed */ - - if (job->current_file < job->num_files) - cupsdSetJobState(job, IPP_JOB_ABORTED, CUPSD_JOB_FORCE, "Canceling multi-file job due to backend failure."); - } } if (job->state_value == IPP_JOB_PROCESSING && @@ -1690,10 +1614,6 @@ select_timeout(int fds) /* I - Number of descriptors returned */ cupsd_job_t *job; /* Job information */ cupsd_printer_t *printer; /* Printer information */ const char *why; /* Debugging aid */ -#ifdef HAVE_AVAHI - cupsd_timeout_t *tmo; /* Timed callback */ - long tmo_delay; /* Seconds before calling it */ -#endif /* HAVE_AVAHI */ cupsdLogMessage(CUPSD_LOG_DEBUG2, "select_timeout: JobHistoryUpdate=%ld", @@ -1739,19 +1659,6 @@ select_timeout(int fds) /* I - Number of descriptors returned */ } #endif /* __APPLE__ */ -#ifdef HAVE_AVAHI - /* - * See if there are any scheduled timed callbacks to run. - */ - - if ((tmo = cupsdNextTimeout(&tmo_delay)) != NULL && - (now + tmo_delay) < timeout) - { - timeout = tmo_delay; - why = "run a timed callback"; - } -#endif /* HAVE_AVAHI */ - /* * Check whether we are accepting new connections... */ diff --git a/scheduler/org.cups.cups-lpd.socket b/scheduler/org.cups.cups-lpd.socket index eb84459..ed23f9d 100644 --- a/scheduler/org.cups.cups-lpd.socket +++ b/scheduler/org.cups.cups-lpd.socket @@ -1,6 +1,6 @@ [Unit] Description=CUPS LPD Server Socket -PartOf=cups-lpd.service +PartOf=org.cups.cups-lpd.service [Socket] ListenStream=515 diff --git a/scheduler/org.cups.cupsd.path.in b/scheduler/org.cups.cupsd.path.in index 7c8509f..0f1cc46 100644 --- a/scheduler/org.cups.cupsd.path.in +++ b/scheduler/org.cups.cupsd.path.in @@ -1,6 +1,6 @@ [Unit] Description=CUPS Scheduler -PartOf=cups.service +PartOf=org.cups.cupsd.service [Path] PathExists=@CUPS_CACHEDIR@/org.cups.cupsd diff --git a/scheduler/org.cups.cupsd.service.in b/scheduler/org.cups.cupsd.service.in index 11e0662..0a27c76 100644 --- a/scheduler/org.cups.cupsd.service.in +++ b/scheduler/org.cups.cupsd.service.in @@ -1,13 +1,11 @@ [Unit] Description=CUPS Scheduler Documentation=man:cupsd(8) -After=network.target ypbind.service [Service] ExecStart=@sbindir@/cupsd -l -Type=notify -Restart=on-failure +Type=simple [Install] -Also=cups.socket cups.path -WantedBy=printer.target multi-user.target +Also=org.cups.cupsd.socket org.cups.cupsd.path +WantedBy=printer.target diff --git a/scheduler/org.cups.cupsd.socket.in b/scheduler/org.cups.cupsd.socket.in index 3c37d72..613b977 100644 --- a/scheduler/org.cups.cupsd.socket.in +++ b/scheduler/org.cups.cupsd.socket.in @@ -1,6 +1,6 @@ [Unit] Description=CUPS Scheduler -PartOf=cups.service +PartOf=org.cups.cupsd.service [Socket] ListenStream=@CUPS_DEFAULT_DOMAINSOCKET@ diff --git a/scheduler/printers.c b/scheduler/printers.c index f16552e..bb99907 100644 --- a/scheduler/printers.c +++ b/scheduler/printers.c @@ -11,8 +11,6 @@ * missing or damaged, see the license at "http://www.cups.org/". */ -/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */ - /* * Include necessary headers... */ @@ -37,10 +35,6 @@ # include #endif /* __APPLE__ */ -#ifdef WITH_LSPP -# include -# include -#endif /* WITH_LSPP */ /* * Local functions... @@ -54,7 +48,8 @@ static int compare_printers(void *first, void *second, void *data); static void delete_printer_filters(cupsd_printer_t *p); static void dirty_printer(cupsd_printer_t *p); static void load_ppd(cupsd_printer_t *p); -static ipp_t *new_media_col(pwg_size_t *size); +static ipp_t *new_media_col(pwg_size_t *size, const char *source, + const char *type); static void write_xml_string(cups_file_t *fp, const char *s); @@ -993,19 +988,9 @@ cupsdLoadAllPrinters(void) * Backend does not exist, stop printer... */ -#ifdef __x86_64__ - snprintf(line, sizeof(line), "%s/backend/%s", ServerBin_compat, - p->device_uri); - if (access(line, 0)) - { -#endif /* __x86_64__ */ - p->state = IPP_PRINTER_STOPPED; snprintf(p->state_message, sizeof(p->state_message), "Backend %s does not exist!", line); -#ifdef __x86_64__ - } -#endif /* __x86_64__ */ } } @@ -2217,13 +2202,6 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)/* I - Printer to setup */ ipp_attribute_t *attr; /* Attribute data */ char *name, /* Current user/group name */ *filter; /* Current filter */ -#ifdef WITH_LSPP - char *audit_message; /* Audit message string */ - char *printerfile; /* Path to a local printer dev */ - char *rangestr; /* Printer's range if its available */ - security_context_t devcon; /* Printer SELinux context */ - context_t printercon; /* context_t for the printer */ -#endif /* WITH_LSPP */ DEBUG_printf(("cupsdSetPrinterAttrs: entering name = %s, type = %x\n", p->name, @@ -2351,45 +2329,6 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)/* I - Printer to setup */ attr->values[1].string.text = _cupsStrAlloc(Classification ? Classification : p->job_sheets[1]); } -#ifdef WITH_LSPP - if (AuditLog != -1) - { - audit_message = NULL; - rangestr = NULL; - printercon = 0; - printerfile = strstr(p->device_uri, "/dev/"); - if (printerfile == NULL && (strncmp(p->device_uri, "file:/", 6) == 0)) - printerfile = p->device_uri + strlen("file:"); - - if (printerfile != NULL) - { - if (getfilecon(printerfile, &devcon) == -1) - { - if(is_selinux_enabled()) - cupsdLogMessage(CUPSD_LOG_DEBUG, "cupsdSetPrinterAttrs: Unable to get printer context"); - } - else - { - printercon = context_new(devcon); - freecon(devcon); - } - } - - if (printercon && context_range_get(printercon)) - rangestr = strdup(context_range_get(printercon)); - else - rangestr = strdup("unknown"); - - cupsdSetStringf(&audit_message, "printer=%s uri=%s banners=%s,%s range=%s", - p->name, p->sanitized_device_uri, p->job_sheets[0], p->job_sheets[1], rangestr); - audit_log_user_message(AuditLog, AUDIT_LABEL_LEVEL_CHANGE, audit_message, - ServerName, NULL, NULL, 1); - if (printercon) - context_free(printercon); - free(rangestr); - cupsdClearString(&audit_message); - } -#endif /* WITH_LSPP */ } p->raw = 0; @@ -3564,20 +3503,8 @@ add_printer_filter( else snprintf(filename, sizeof(filename), "%s/filter/%s", ServerBin, program); -#ifdef __x86_64__ - if (_cupsFileCheck(filename, _CUPS_FILE_CHECK_PROGRAM, !RunUser, - cupsdLogFCMessage, p) == _CUPS_FILE_CHECK_MISSING) { - snprintf(filename, sizeof(filename), "%s/filter/%s", ServerBin_compat, - program); - if (_cupsFileCheck(filename, _CUPS_FILE_CHECK_PROGRAM, !RunUser, - cupsdLogFCMessage, p) == _CUPS_FILE_CHECK_MISSING) - snprintf(filename, sizeof(filename), "%s/filter/%s", ServerBin, - program); - } -#else /* ! defined(__x86_64__) */ _cupsFileCheck(filename, _CUPS_FILE_CHECK_PROGRAM, !RunUser, cupsdLogFCMessage, p); -#endif } /* @@ -3872,19 +3799,21 @@ dirty_printer(cupsd_printer_t *p) /* I - Printer */ static void load_ppd(cupsd_printer_t *p) /* I - Printer */ { - int i, j; /* Looping vars */ + int i, j, k; /* Looping vars */ char cache_name[1024]; /* Cache filename */ struct stat cache_info; /* Cache file info */ ppd_file_t *ppd; /* PPD file */ char ppd_name[1024]; /* PPD filename */ struct stat ppd_info; /* PPD file info */ - int num_media; /* Number of media values */ + int num_media; /* Number of media options */ ppd_size_t *size; /* Current PPD size */ ppd_option_t *duplex, /* Duplex option */ *output_bin, /* OutputBin option */ *output_mode, /* OutputMode option */ *resolution; /* (Set|JCL|)Resolution option */ - ppd_choice_t *choice; /* Current PPD choice */ + ppd_choice_t *choice, /* Current PPD choice */ + *input_slot, /* Current input slot */ + *media_type; /* Current media type */ ppd_attr_t *ppd_attr; /* PPD attribute */ int xdpi, /* Horizontal resolution */ ydpi; /* Vertical resolution */ @@ -4144,7 +4073,18 @@ load_ppd(cupsd_printer_t *p) /* I - Printer */ { ipp_t *col; /* Collection value */ - col = new_media_col(pwgsize); + input_slot = ppdFindMarkedChoice(ppd, "InputSlot"); + media_type = ppdFindMarkedChoice(ppd, "MediaType"); + col = new_media_col(pwgsize, + input_slot ? + _ppdCacheGetSource(p->pc, + input_slot->choice) : + NULL, + media_type ? + _ppdCacheGetType(p->pc, + media_type->choice) : + NULL); + ippAddCollection(p->ppd_attrs, IPP_TAG_PRINTER, "media-col-default", col); ippDelete(col); @@ -4340,19 +4280,89 @@ load_ppd(cupsd_printer_t *p) /* I - Printer */ * media-col-database */ - if ((attr = ippAddCollections(p->ppd_attrs, IPP_TAG_PRINTER, "media-col-database", p->pc->num_sizes, NULL)) != NULL) + num_media = p->pc->num_sizes; + if (p->pc->num_sources) { - /* - * Add each page size without source or type... - */ + if (p->pc->num_types > 0) + num_media += p->pc->num_sizes * p->pc->num_sources * + p->pc->num_types; + else + num_media += p->pc->num_sizes * p->pc->num_sources; + } + else if (p->pc->num_types) + num_media += p->pc->num_sizes * p->pc->num_types; - for (i = 0, pwgsize = p->pc->sizes; i < p->pc->num_sizes; i ++, pwgsize ++) + if ((attr = ippAddCollections(p->ppd_attrs, IPP_TAG_PRINTER, + "media-col-database", num_media, + NULL)) != NULL) + { + for (i = p->pc->num_sizes, pwgsize = p->pc->sizes, val = attr->values; + i > 0; + i --, pwgsize ++) { - ipp_t *col = new_media_col(pwgsize); + /* + * Start by adding the page size without source or type... + */ + + ppdMarkOption(ppd, "PageSize", pwgsize->map.ppd); + + val->collection = new_media_col(pwgsize, NULL, NULL); + val ++; + + /* + * Then add the specific, supported combinations of size, source, and + * type... + */ - ippSetCollection(p->ppd_attrs, &attr, i, col); - ippDelete(col); + if (p->pc->num_sources > 0) + { + for (j = p->pc->num_sources, pwgsource = p->pc->sources; + j > 0; + j --, pwgsource ++) + { + ppdMarkOption(ppd, "InputSlot", pwgsource->ppd); + + if (p->pc->num_types > 0) + { + for (k = p->pc->num_types, pwgtype = p->pc->types; + k > 0; + k --, pwgtype ++) + { + if (!ppdMarkOption(ppd, "MediaType", pwgtype->ppd)) + { + val->collection = new_media_col(pwgsize, pwgsource->pwg, + pwgtype->pwg); + val ++; + } + } + } + else if (!ppdConflicts(ppd)) + { + val->collection = new_media_col(pwgsize, pwgsource->pwg, NULL); + val ++; + } + } + } + else if (p->pc->num_types > 0) + { + for (j = p->pc->num_types, pwgtype = p->pc->types; + j > 0; + j --, pwgtype ++) + { + if (!ppdMarkOption(ppd, "MediaType", pwgtype->ppd)) + { + val->collection = new_media_col(pwgsize, NULL, pwgtype->pwg); + val ++; + } + } + } } + + /* + * Update the number of media-col-database values... + */ + + attr->num_values = val - attr->values; } } @@ -5050,7 +5060,9 @@ load_ppd(cupsd_printer_t *p) /* I - Printer */ */ static ipp_t * /* O - Collection value */ -new_media_col(pwg_size_t *size) /* I - media-size/margin values */ +new_media_col(pwg_size_t *size, /* I - media-size/margin values */ + const char *source, /* I - media-source value */ + const char *type) /* I - media-type value */ { ipp_t *media_col, /* Collection value */ *media_size; /* media-size value */ @@ -5059,15 +5071,29 @@ new_media_col(pwg_size_t *size) /* I - media-size/margin values */ media_col = ippNew(); media_size = ippNew(); - ippAddInteger(media_size, IPP_TAG_PRINTER, IPP_TAG_INTEGER, "x-dimension", size->width); - ippAddInteger(media_size, IPP_TAG_PRINTER, IPP_TAG_INTEGER, "y-dimension", size->length); + ippAddInteger(media_size, IPP_TAG_PRINTER, IPP_TAG_INTEGER, + "x-dimension", size->width); + ippAddInteger(media_size, IPP_TAG_PRINTER, IPP_TAG_INTEGER, + "y-dimension", size->length); ippAddCollection(media_col, IPP_TAG_PRINTER, "media-size", media_size); ippDelete(media_size); - ippAddInteger(media_col, IPP_TAG_PRINTER, IPP_TAG_INTEGER, "media-bottom-margin", size->bottom); - ippAddInteger(media_col, IPP_TAG_PRINTER, IPP_TAG_INTEGER, "media-left-margin", size->left); - ippAddInteger(media_col, IPP_TAG_PRINTER, IPP_TAG_INTEGER, "media-right-margin", size->right); - ippAddInteger(media_col, IPP_TAG_PRINTER, IPP_TAG_INTEGER, "media-top-margin", size->top); + ippAddInteger(media_col, IPP_TAG_PRINTER, IPP_TAG_INTEGER, + "media-bottom-margin", size->bottom); + ippAddInteger(media_col, IPP_TAG_PRINTER, IPP_TAG_INTEGER, + "media-left-margin", size->left); + ippAddInteger(media_col, IPP_TAG_PRINTER, IPP_TAG_INTEGER, + "media-right-margin", size->right); + ippAddInteger(media_col, IPP_TAG_PRINTER, IPP_TAG_INTEGER, + "media-top-margin", size->top); + + if (source) + ippAddString(media_col, IPP_TAG_PRINTER, IPP_TAG_KEYWORD, "media-source", + NULL, source); + + if (type) + ippAddString(media_col, IPP_TAG_PRINTER, IPP_TAG_KEYWORD, "media-type", + NULL, type); return (media_col); } diff --git a/scheduler/process.c b/scheduler/process.c index af341fd..584b82e 100644 --- a/scheduler/process.c +++ b/scheduler/process.c @@ -99,13 +99,9 @@ cupsdCreateProfile(int job_id, /* I - Job ID or 0 for none */ if ((fp = cupsTempFile2(profile, sizeof(profile))) == NULL) { - /* - * This should never happen, and is fatal when sandboxing is enabled. - */ - cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d, allow_networking=%d) = NULL", job_id, allow_networking); - cupsdLogMessage(CUPSD_LOG_EMERG, "Unable to create security profile: %s", strerror(errno)); - kill(getpid(), SIGTERM); + cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to create security profile: %s", + strerror(errno)); return (NULL); } @@ -202,8 +198,10 @@ cupsdCreateProfile(int job_id, /* I - Job ID or 0 for none */ " #\"^%s/\"" /* TempDir/... */ " #\"^%s$\"" /* CacheDir */ " #\"^%s/\"" /* CacheDir/... */ + " #\"^%s$\"" /* StateDir */ + " #\"^%s/\"" /* StateDir/... */ "))\n", - temp, temp, cache, cache); + temp, temp, cache, cache, state, state); /* Read common folders */ cupsFilePrintf(fp, "(allow file-read-data file-read-metadata\n" @@ -245,10 +243,8 @@ cupsdCreateProfile(int job_id, /* I - Job ID or 0 for none */ " #\"^%s/\"" /* ServerBin/... */ " #\"^%s$\"" /* ServerRoot */ " #\"^%s/\"" /* ServerRoot/... */ - " #\"^%s$\"" /* StateDir */ - " #\"^%s/\"" /* StateDir/... */ "))\n", - request, request, bin, bin, root, root, state, state); + request, request, bin, bin, root, root); if (Sandboxing == CUPSD_SANDBOXING_RELAXED) { /* Limited write access to /Library/Printers/... */ diff --git a/scheduler/server.c b/scheduler/server.c index 7dc6d9c..d28cd4a 100644 --- a/scheduler/server.c +++ b/scheduler/server.c @@ -38,28 +38,16 @@ void cupsdStartServer(void) { /* - * Create the default security profile... + * Start color management (as needed)... */ - DefaultProfile = cupsdCreateProfile(0, 1); - -#ifdef HAVE_SANDBOX_H - if (!DefaultProfile && UseSandboxing && Sandboxing != CUPSD_SANDBOXING_OFF) - { - /* - * Failure to create the sandbox profile means something really bad has - * happened and we need to shutdown immediately. - */ - - return; - } -#endif /* HAVE_SANDBOX_H */ + cupsdStartColor(); /* - * Start color management (as needed)... + * Create the default security profile... */ - cupsdStartColor(); + DefaultProfile = cupsdCreateProfile(0, 1); /* * Startup all the networking stuff... diff --git a/scheduler/subscriptions.c b/scheduler/subscriptions.c index a995ece..b2abf14 100644 --- a/scheduler/subscriptions.c +++ b/scheduler/subscriptions.c @@ -1291,13 +1291,13 @@ cupsd_send_dbus(cupsd_eventmask_t event,/* I - Event to send */ what = "PrinterAdded"; else if (event & CUPSD_EVENT_PRINTER_DELETED) what = "PrinterRemoved"; + else if (event & CUPSD_EVENT_PRINTER_CHANGED) + what = "QueueChanged"; else if (event & CUPSD_EVENT_JOB_CREATED) what = "JobQueuedLocal"; else if ((event & CUPSD_EVENT_JOB_STATE) && job && job->state_value == IPP_JOB_PROCESSING) what = "JobStartedLocal"; - else if (event & (CUPSD_EVENT_PRINTER_CHANGED|CUPSD_EVENT_JOB_STATE_CHANGED|CUPSD_EVENT_PRINTER_STATE_CHANGED)) - what = "QueueChanged"; else return; @@ -1333,7 +1333,7 @@ cupsd_send_dbus(cupsd_eventmask_t event,/* I - Event to send */ dbus_message_append_iter_init(message, &iter); if (dest) dbus_message_iter_append_string(&iter, dest->name); - if (job && strcmp (what, "QueueChanged") != 0) + if (job) { dbus_message_iter_append_uint32(&iter, job->id); dbus_message_iter_append_string(&iter, job->username); diff --git a/scheduler/timeout.c b/scheduler/timeout.c deleted file mode 100644 index 9e130c5..0000000 --- a/scheduler/timeout.c +++ /dev/null @@ -1,235 +0,0 @@ -/* - * "$Id$" - * - * Timeout functions for the Common UNIX Printing System (CUPS). - * - * Copyright (C) 2010, 2011 Red Hat, Inc. - * Authors: - * Tim Waugh - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - * Contents: - * - * cupsdInitTimeouts() - Initialise timeout structure. - * cupsdAddTimeout() - Add a timed callback. - * cupsdNextTimeout() - Find the next enabled timed callback. - * cupsdUpdateTimeout() - Adjust the time of a timed callback or disable it. - * cupsdRemoveTimeout() - Discard a timed callback. - * compare_timeouts() - Compare timed callbacks for array sorting. - */ - -#include - -#ifdef HAVE_AVAHI /* Applies to entire file... */ - -/* - * Include necessary headers... - */ - -#include "cupsd.h" - -#if defined(HAVE_MALLOC_H) && defined(HAVE_MALLINFO) -# include -#endif /* HAVE_MALLOC_H && HAVE_MALLINFO */ - -#ifdef HAVE_AVAHI -# include -#endif /* HAVE_AVAHI */ - - -struct _cupsd_timeout_s -{ - struct timeval when; - int enabled; - cupsd_timeoutfunc_t callback; - void *data; -}; - -/* - * Local functions... - */ - -/* - * 'compare_timeouts()' - Compare timed callbacks for array sorting. - */ - -static int -compare_addrs (void *p0, void *p1) -{ - if (p0 == p1) - return (0); - if (p0 < p1) - return (-1); - return (1); -} - -static int -compare_timeouts (cupsd_timeout_t *p0, cupsd_timeout_t *p1) -{ - int addrsdiff = compare_addrs (p0, p1); - int tvdiff; - - if (addrsdiff == 0) - return (0); - - if (!p0->enabled || !p1->enabled) - { - if (!p0->enabled && !p1->enabled) - return (addrsdiff); - - return (p0->enabled ? -1 : 1); - } - - tvdiff = avahi_timeval_compare (&p0->when, &p1->when); - if (tvdiff != 0) - return (tvdiff); - - return (addrsdiff); -} - - -/* - * 'cupsdInitTimeouts()' - Initialise timeout structures. - */ - -void -cupsdInitTimeouts(void) -{ - Timeouts = cupsArrayNew ((cups_array_func_t)compare_timeouts, NULL); -} - - -/* - * 'cupsdAddTimeout()' - Add a timed callback. - */ - -cupsd_timeout_t * /* O - Timeout handle */ -cupsdAddTimeout(const struct timeval *tv, /* I - Absolute time */ - cupsd_timeoutfunc_t cb, /* I - Callback function */ - void *data) /* I - User data */ -{ - cupsd_timeout_t *timeout; - - timeout = malloc (sizeof(cupsd_timeout_t)); - if (timeout != NULL) - { - timeout->enabled = (tv != NULL); - if (tv) - { - timeout->when.tv_sec = tv->tv_sec; - timeout->when.tv_usec = tv->tv_usec; - } - - timeout->callback = cb; - timeout->data = data; - cupsArrayAdd (Timeouts, timeout); - } - - return timeout; -} - - -/* - * 'cupsdNextTimeout()' - Find the next enabled timed callback. - */ - -cupsd_timeout_t * /* O - Next enabled timeout or NULL */ -cupsdNextTimeout(long *delay) /* O - Seconds before scheduled */ -{ - cupsd_timeout_t *first = cupsArrayFirst (Timeouts); - struct timeval curtime; - - if (first && !first->enabled) - first = NULL; - - if (first && delay) - { - gettimeofday (&curtime, NULL); - if (avahi_timeval_compare (&curtime, &first->when) > 0) - { - *delay = 0; - } else { - *delay = 1 + first->when.tv_sec - curtime.tv_sec; - if (first->when.tv_usec < curtime.tv_usec) - (*delay)--; - } - } - - return (first); -} - - -/* - * 'cupsdRunTimeout()' - Run a timed callback. - */ - -void -cupsdRunTimeout(cupsd_timeout_t *timeout) /* I - Timeout */ -{ - if (!timeout) - return; - timeout->enabled = 0; - if (!timeout->callback) - return; - timeout->callback (timeout, timeout->data); -} - -/* - * 'cupsdUpdateTimeout()' - Adjust the time of a timed callback or disable it. - */ - -void -cupsdUpdateTimeout(cupsd_timeout_t *timeout, /* I - Timeout */ - const struct timeval *tv) /* I - Absolute time or NULL */ -{ - cupsArrayRemove (Timeouts, timeout); - timeout->enabled = (tv != NULL); - if (tv) - { - timeout->when.tv_sec = tv->tv_sec; - timeout->when.tv_usec = tv->tv_usec; - } - cupsArrayAdd (Timeouts, timeout); -} - - -/* - * 'cupsdRemoveTimeout()' - Discard a timed callback. - */ - -void -cupsdRemoveTimeout(cupsd_timeout_t *timeout) /* I - Timeout */ -{ - cupsArrayRemove (Timeouts, timeout); - free (timeout); -} - - -#endif /* HAVE_AVAHI ... from top of file */ - -/* - * End of "$Id$". - */ diff --git a/templates/admin.tmpl b/templates/admin.tmpl index a85693c..101f960 100644 --- a/templates/admin.tmpl +++ b/templates/admin.tmpl @@ -27,6 +27,9 @@

+
+
+

{SETTINGS_ERROR?

{SETTINGS_MESSAGE}

diff --git a/templates/de/admin.tmpl b/templates/de/admin.tmpl index f8ddeff..fb2851a 100644 --- a/templates/de/admin.tmpl +++ b/templates/de/admin.tmpl @@ -27,6 +27,9 @@

+
+
+

{SETTINGS_ERROR?

{SETTINGS_MESSAGE}

diff --git a/templates/es/admin.tmpl b/templates/es/admin.tmpl index b83b1a0..097c65c 100644 --- a/templates/es/admin.tmpl +++ b/templates/es/admin.tmpl @@ -27,6 +27,9 @@

+
+
+

{SETTINGS_ERROR?

{SETTINGS_MESSAGE}

diff --git a/templates/fr/admin.tmpl b/templates/fr/admin.tmpl index e365ff3..2fcd9c5 100644 --- a/templates/fr/admin.tmpl +++ b/templates/fr/admin.tmpl @@ -27,6 +27,9 @@

+
+
+

{SETTINGS_ERROR?

{SETTINGS_MESSAGE}

diff --git a/templates/ja/admin.tmpl b/templates/ja/admin.tmpl index b791edf..13d6f13 100644 --- a/templates/ja/admin.tmpl +++ b/templates/ja/admin.tmpl @@ -27,6 +27,9 @@

+
+
+

{SETTINGS_ERROR?

{SETTINGS_MESSAGE}

diff --git a/templates/pt_BR/admin.tmpl b/templates/pt_BR/admin.tmpl index e11d889..b847bef 100644 --- a/templates/pt_BR/admin.tmpl +++ b/templates/pt_BR/admin.tmpl @@ -27,6 +27,9 @@

+
+
+

{SETTINGS_ERROR?

{SETTINGS_MESSAGE}

diff --git a/templates/ru/admin.tmpl b/templates/ru/admin.tmpl index a22d86a..49a168c 100644 --- a/templates/ru/admin.tmpl +++ b/templates/ru/admin.tmpl @@ -26,6 +26,9 @@

+
+
+

{SETTINGS_ERROR?

{SETTINGS_MESSAGE}

diff --git a/test/ippserver.c b/test/ippserver.c index c593d3a..38b304f 100644 --- a/test/ippserver.c +++ b/test/ippserver.c @@ -461,7 +461,6 @@ static AvahiClient *DNSSDClient = NULL; #endif /* HAVE_DNSSD */ static int KeepFiles = 0, - MaxVersion = 20, Verbosity = 0; @@ -534,23 +533,6 @@ main(int argc, /* I - Number of command-line args */ pin = 1; break; - case 'V' : /* -V max-version */ - i ++; - if (i >= argc) - usage(1); - - if (!strcmp(argv[i], "2.2")) - MaxVersion = 22; - else if (!strcmp(argv[i], "2.1")) - MaxVersion = 21; - else if (!strcmp(argv[i], "2.0")) - MaxVersion = 20; - else if (!strcmp(argv[i], "1.1")) - MaxVersion = 11; - else - usage(1); - break; - case 'a' : /* -a attributes-file */ i ++; if (i >= argc) @@ -1342,10 +1324,9 @@ create_printer(const char *servername, /* I - Server hostname (NULL for default) }; static const char * const versions[] =/* ipp-versions-supported values */ { + "1.0", "1.1", - "2.0", - "2.1", - "2.2" + "2.0" }; static const char * const features[] =/* ipp-features-supported values */ { @@ -1757,12 +1738,7 @@ create_printer(const char *servername, /* I - Server hostname (NULL for default) /* ipp-versions-supported */ if (!ippFindAttribute(printer->attrs, "ipp-versions-supported", IPP_TAG_ZERO)) - { - int num_versions = MaxVersion == 11 ? 1 : MaxVersion == 20 ? 2 : MaxVersion == 21 ? 3 : 4; - /* Number of supported versions */ - - ippAddStrings(printer->attrs, IPP_TAG_PRINTER, IPP_CONST_TAG(IPP_TAG_KEYWORD), "ipp-versions-supported", num_versions, NULL, versions); - } + ippAddStrings(printer->attrs, IPP_TAG_PRINTER, IPP_CONST_TAG(IPP_TAG_KEYWORD), "ipp-versions-supported", sizeof(versions) / sizeof(versions[0]), NULL, versions); /* job-account-id-default */ if (!ippFindAttribute(printer->attrs, "job-account-id-default", IPP_TAG_ZERO)) @@ -5824,24 +5800,15 @@ process_ipp(_ipp_client_t *client) /* I - Client */ * Return an error, since we only support IPP 1.x and 2.x. */ - respond_ipp(client, IPP_STATUS_ERROR_VERSION_NOT_SUPPORTED, "Bad request version number %d.%d.", major, minor); - } - else if ((major * 10 + minor) > MaxVersion) - { - if (httpGetState(client->http) != HTTP_STATE_POST_SEND) - httpFlush(client->http); /* Flush trailing (junk) data */ - - respond_http(client, HTTP_STATUS_BAD_REQUEST, NULL, NULL, 0); - return (0); + respond_ipp(client, IPP_STATUS_ERROR_VERSION_NOT_SUPPORTED, + "Bad request version number %d.%d.", major, minor); } else if (ippGetRequestId(client->request) <= 0) - { - respond_ipp(client, IPP_STATUS_ERROR_BAD_REQUEST, "Bad request-id %d.", ippGetRequestId(client->request)); - } + respond_ipp(client, IPP_STATUS_ERROR_BAD_REQUEST, "Bad request-id %d.", + ippGetRequestId(client->request)); else if (!ippFirstAttribute(client->request)) - { - respond_ipp(client, IPP_STATUS_ERROR_BAD_REQUEST, "No attributes in request."); - } + respond_ipp(client, IPP_STATUS_ERROR_BAD_REQUEST, + "No attributes in request."); else { /* @@ -6910,7 +6877,8 @@ usage(int status) /* O - Exit status */ { if (!status) { - puts(CUPS_SVERSION " - Copyright (c) 2010-2018 by Apple Inc. All rights reserved."); + puts(CUPS_SVERSION " - Copyright 2010-2015 by Apple Inc. All rights " + "reserved."); puts(""); } @@ -6920,7 +6888,6 @@ usage(int status) /* O - Exit status */ puts("-2 Supports 2-sided printing (default=1-sided)"); puts("-M manufacturer Manufacturer name (default=Test)"); puts("-P PIN printing mode"); - puts("-V max-version Set maximum supported IPP version"); puts("-a attributes-file Load printer attributes from file"); puts("-c command Run command for every print job"); printf("-d spool-directory Spool directory " diff --git a/test/run-stp-tests.sh b/test/run-stp-tests.sh index 2bf744b..41dace7 100755 --- a/test/run-stp-tests.sh +++ b/test/run-stp-tests.sh @@ -490,6 +490,11 @@ StrictConformance Yes Browsing Off Listen localhost:$port Listen $BASE/sock +PassEnv DYLD_LIBRARY_PATH +PassEnv LD_LIBRARY_PATH +PassEnv LD_PRELOAD +PassEnv LOCALEDIR +PassEnv SHLIB_PATH MaxSubscriptions 3 MaxLogSize 0 AccessLogLevel actions @@ -525,12 +530,6 @@ TempDir $BASE/spool/temp AccessLog $BASE/log/access_log ErrorLog $BASE/log/error_log PageLog $BASE/log/page_log - -PassEnv DYLD_LIBRARY_PATH -PassEnv LD_LIBRARY_PATH -PassEnv LD_PRELOAD -PassEnv LOCALEDIR -PassEnv SHLIB_PATH EOF if test $ssltype != 0 -a `uname` = Darwin; then