packages/cups
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update to cups-2.2.8

Browse Source
This commit is contained in:
shirely16 2020-06-12 17:13:36 +08:00
parent 08056a7cf0
commit 4104154d87
16 changed files with 325 additions and 911 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

206
0001-Fix-memory-leaks-found-by-Coverity-Issue-5375.patch
View File

@ -1,206 +0,0 @@
diff --git a/backend/ipp.c b/backend/ipp.c
index 32eb3aaa4..2a880bd75 100644
--- a/backend/ipp.c
+++ b/backend/ipp.c
@@ -3612,6 +3612,8 @@ update_reasons(ipp_attribute_t *attr, /* I - printer-state-reasons or NULL */
}
}
+ cupsArrayDelete(new_reasons);
+
_cupsMutexUnlock(&report_mutex);
/*
diff --git a/cgi-bin/search.c b/cgi-bin/search.c
index 3956afc33..ad1f5ed0e 100644
--- a/cgi-bin/search.c
+++ b/cgi-bin/search.c
@@ -361,4 +362,5 @@ void
cgiFreeSearch(void *search) /* I - Search context */
{
regfree((regex_t *)search);
+ free(search);
}
diff --git a/cups/http-addrlist.c b/cups/http-addrlist.c
index 5d510140b..688901a7d 100644
--- a/cups/http-addrlist.c
+++ b/cups/http-addrlist.c
@@ -612,6 +613,7 @@ httpAddrGetList(const char *hostname, /* I - Hostname, IP address, or NULL for p
if (!temp)
{
httpAddrFreeList(first);
+ freeaddrinfo(results);
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, strerror(errno), 0);
return (NULL);
}
diff --git a/cups/http.c b/cups/http.c
index a9235b087..d9332cc83 100644
--- a/cups/http.c
+++ b/cups/http.c
@@ -3915,7 +3915,7 @@ http_create(
if ((http = calloc(sizeof(http_t), 1)) == NULL)
{
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, strerror(errno), 0);
- httpAddrFreeList(addrlist);
+ httpAddrFreeList(myaddrlist);
return (NULL);
}
diff --git a/ppdc/ppdc-source.cxx b/ppdc/ppdc-source.cxx
index be24cebae..4e8cba7bb 100644
--- a/ppdc/ppdc-source.cxx
+++ b/ppdc/ppdc-source.cxx
@@ -2665,6 +2666,7 @@ ppdcSource::scan_file(ppdcFile *fp, // I - File to read
// Add it to the current option...
if (!o)
{
+ c->release();
_cupsLangPrintf(stderr,
_("ppdc: Choice found on line %d of %s with no "
"Option."), fp->line, fp->filename);
diff --git a/scheduler/cups-driverd.cxx b/scheduler/cups-driverd.cxx
index 657eee0a0..b518a9325 100644
--- a/scheduler/cups-driverd.cxx
+++ b/scheduler/cups-driverd.cxx
@@ -153,7 +153,7 @@ static ppd_info_t *add_ppd(const char *filename, const char *name,
size_t size, int model_number, int type,
const char *scheme);
static int cat_drv(const char *name, int request_id);
-static int cat_ppd(const char *name, int request_id);
+static void cat_ppd(const char *name, int request_id);
static int cat_static(const char *name, int request_id);
static int cat_tar(const char *name, int request_id);
static int compare_inodes(struct stat *a, struct stat *b);
@@ -163,12 +163,12 @@ static int compare_names(const ppd_info_t *p0,
const ppd_info_t *p1);
static int compare_ppds(const ppd_info_t *p0,
const ppd_info_t *p1);
-static int dump_ppds_dat(const char *filename);
+static void dump_ppds_dat(const char *filename);
static void free_array(cups_array_t *a);
static cups_file_t *get_file(const char *name, int request_id,
const char *subdir, char *buffer,
size_t bufsize, char **subfile);
-static int list_ppds(int request_id, int limit, const char *opt);
+static void list_ppds(int request_id, int limit, const char *opt);
static int load_drivers(cups_array_t *include,
cups_array_t *exclude);
static int load_drv(const char *filename, const char *name,
@@ -204,13 +204,13 @@ main(int argc, /* I - Number of command-line args */
*/
if (argc == 3 && !strcmp(argv[1], "cat"))
- return (cat_ppd(argv[2], 0));
+ cat_ppd(argv[2], 0);
else if ((argc == 2 || argc == 3) && !strcmp(argv[1], "dump"))
- return (dump_ppds_dat(argv[2]));
+ dump_ppds_dat(argv[2]);
else if (argc == 4 && !strcmp(argv[1], "get"))
- return (cat_ppd(argv[3], atoi(argv[2])));
+ cat_ppd(argv[3], atoi(argv[2]));
else if (argc == 5 && !strcmp(argv[1], "list"))
- return (list_ppds(atoi(argv[2]), atoi(argv[3]), argv[4]));
+ list_ppds(atoi(argv[2]), atoi(argv[3]), argv[4]);
else
{
fputs("Usage: cups-driverd cat ppd-name\n", stderr);
@@ -428,7 +428,7 @@ cat_drv(const char *name, /* I - PPD name */
* 'cat_ppd()' - Copy a PPD file to stdout.
*/
-static int /* O - Exit code */
+static void
cat_ppd(const char *name, /* I - PPD name */
int request_id) /* I - Request ID for response? */
{
@@ -445,7 +445,7 @@ cat_ppd(const char *name, /* I - PPD name */
if (strstr(name, "../"))
{
fputs("ERROR: Invalid PPD name.\n", stderr);
- return (1);
+ exit(1);
}
strlcpy(scheme, name, sizeof(scheme));
@@ -475,11 +475,11 @@ cat_ppd(const char *name, /* I - PPD name */
puts("Content-Type: application/ipp\n");
if (!scheme[0])
- return (cat_static(name, request_id));
+ exit(cat_static(name, request_id));
else if (!strcmp(scheme, "drv"))
- return (cat_drv(name, request_id));
+ exit(cat_drv(name, request_id));
else if (!strcmp(scheme, "file"))
- return (cat_tar(name, request_id));
+ exit(cat_tar(name, request_id));
else
{
/*
@@ -517,7 +517,7 @@ cat_ppd(const char *name, /* I - PPD name */
cupsdSendIPPTrailer();
}
- return (1);
+ exit(1);
}
/*
@@ -547,15 +547,15 @@ cat_ppd(const char *name, /* I - PPD name */
fprintf(stderr, "ERROR: [cups-driverd] Unable to execute \"%s\" - %s\n",
line, strerror(errno));
- return (1);
+ exit(1);
}
}
/*
- * Return with no errors...
+ * Exit with no errors...
*/
- return (0);
+ exit(0);
}
@@ -778,7 +778,7 @@ compare_ppds(const ppd_info_t *p0, /* I - First PPD file */
* 'dump_ppds_dat()' - Dump the contents of the ppds.dat file.
*/
-static int /* O - Exit status */
+static void
dump_ppds_dat(const char *filename) /* I - Filename */
{
char temp[1024]; /* ppds.dat filename */
@@ -810,7 +810,7 @@ dump_ppds_dat(const char *filename) /* I - Filename */
ppd->record.make_and_model, ppd->record.device_id,
ppd->record.scheme);
- return (0);
+ exit(0);
}
@@ -1004,7 +1004,7 @@ get_file(const char *name, /* I - Name */
* 'list_ppds()' - List PPD files.
*/
-static int /* O - Exit code */
+static void
list_ppds(int request_id, /* I - Request ID */
int limit, /* I - Limit */
const char *opt) /* I - Option argument */
@@ -1566,7 +1566,7 @@ list_ppds(int request_id, /* I - Request ID */
if (request_id)
cupsdSendIPPTrailer();
- return (0);
+ exit(0);
}
--
2.17.1

20
CVE-2018-4300.patch
View File

@ -1,20 +0,0 @@
--- a/cgi-bin/var.c 2013-06-07 09:12:52.000000000 +0800
+++ b/cgi-bin/var.c 2019-04-20 18:23:17.835000000 +0800
@@ -1222,6 +1222,7 @@ cgi_set_sid(void)
*server_name, /* SERVER_NAME */
*server_port; /* SERVER_PORT */
+ struct timeval curtime; /* Current time */
if ((remote_addr = getenv("REMOTE_ADDR")) == NULL)
remote_addr = "REMOTE_ADDR";
@@ -1230,7 +1231,8 @@ cgi_set_sid(void)
if ((server_port = getenv("SERVER_PORT")) == NULL)
server_port = "SERVER_PORT";
- CUPS_SRAND(time(NULL));
+ gettimeofday(&curtime, NULL);
+ CUPS_SRAND(curtime.tv_sec + curtime.tv_usec);
snprintf(buffer, sizeof(buffer), "%s:%s:%s:%02X%02X%02X%02X%02X%02X%02X%02X",
remote_addr, server_name, server_port,
(unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,

40
CVE-2019-2228.patch
View File

@ -1,40 +0,0 @@
From a7f63f254bcb43f52dc45ab5d883ae6517678544 Mon Sep 17 00:00:00 2001
From: Michael R Sweet <michael.r.sweet@gmail.com>
Date: Fri, 13 Dec 2019 09:30:46 -0500
Subject: [PATCH] CVE-2019-2228: Fix ippSetValueTag validation of default
language.
---
CHANGES.md | 2 ++
cups/ipp.c | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/CHANGES.md b/CHANGES.md
index 7220dc9..06f96bc 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -5,6 +5,8 @@ CHANGES - 2.2.8 - 2018-06-05
Changes in CUPS v2.2.8
----------------------
+- CVE-2019-2228: The `ippSetValuetag` function did not validate the default
+ language value.
- Additional changes for the scheduler to substitute default values for invalid
job attributes when running in "relaxed conformance" mode (Issue #5229)
- The `ipptool` program no longer checks for duplicate attributes when running
diff --git a/cups/ipp.c b/cups/ipp.c
index 5807de8..1143550 100644
--- a/cups/ipp.c
+++ b/cups/ipp.c
@@ -4654,7 +4654,7 @@ ippSetValueTag(
return (0);
if (ipp->attrs && ipp->attrs->next && ipp->attrs->next->name &&
- !strcmp(ipp->attrs->next->name, "attributes-natural-language"))
+ !strcmp(ipp->attrs->next->name, "attributes-natural-language") && (ipp->attrs->next->value_tag & IPP_TAG_CUPS_MASK) == IPP_TAG_LANGUAGE)
{
/*
* Use the language code from the IPP message...
--
1.8.3.1

187
CVE-2019-8675-CVE-2019-8696.patch
View File

@ -1,187 +0,0 @@
From f24e6cf6a39300ad0c3726a41a4aab51ad54c109 Mon Sep 17 00:00:00 2001
From: Michael R Sweet <michael.r.sweet@gmail.com>
Date: Thu, 15 Aug 2019 14:08:31 -0400
Subject: [PATCH] Fix multiple security/disclosure issues:
- CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows (rdar://51685251)
- Fixed IPP buffer overflow (rdar://50035411)
- Fixed memory disclosure issue in the scheduler (rdar://51373853)
- Fixed DoS issues in the scheduler (rdar://51373929)
---
CHANGES.md | 6 +++++-
cups/http.c | 9 +++++++--
cups/ipp.c | 9 ++-------
cups/snmp.c | 20 +++++++++++++++++++-
scheduler/client.c | 23 ++++++++++++-----------
5 files changed, 45 insertions(+), 22 deletions(-)
diff --git a/cups/http.c b/cups/http.c
index 5c14ef68e..3fadb5acb 100644
--- a/cups/http.c
+++ b/cups/http.c
@@ -1905,7 +1905,7 @@ httpPrintf(http_t *http, /* I - HTTP connection */
...) /* I - Additional args as needed */
{
ssize_t bytes; /* Number of bytes to write */
- char buf[16384]; /* Buffer for formatted string */
+ char buf[65536]; /* Buffer for formatted string */
va_list ap; /* Variable argument pointer */
@@ -1917,7 +1917,12 @@ httpPrintf(http_t *http, /* I - HTTP connection */
DEBUG_printf(("3httpPrintf: (" CUPS_LLFMT " bytes) %s", CUPS_LLCAST bytes, buf));
- if (http->data_encoding == HTTP_ENCODING_FIELDS)
+ if (bytes > (ssize_t)(sizeof(buf) - 1))
+ {
+ http->error = ENOMEM;
+ return (-1);
+ }
+ else if (http->data_encoding == HTTP_ENCODING_FIELDS)
return ((int)httpWrite2(http, buf, (size_t)bytes));
else
{
diff --git a/cups/ipp.c b/cups/ipp.c
index eaa8c78ca..b0762fdcb 100644
--- a/cups/ipp.c
+++ b/cups/ipp.c
@@ -4553,9 +4553,7 @@ ippSetValueTag(
break;
case IPP_TAG_NAME :
- if (temp_tag != IPP_TAG_KEYWORD && temp_tag != IPP_TAG_URI &&
- temp_tag != IPP_TAG_URISCHEME && temp_tag != IPP_TAG_LANGUAGE &&
- temp_tag != IPP_TAG_MIMETYPE)
+ if (temp_tag != IPP_TAG_KEYWORD)
return (0);
(*attr)->value_tag = (ipp_tag_t)(IPP_TAG_NAME | ((*attr)->value_tag & IPP_TAG_CUPS_CONST));
@@ -4563,10 +4561,7 @@ ippSetValueTag(
case IPP_TAG_NAMELANG :
case IPP_TAG_TEXTLANG :
- if (value_tag == IPP_TAG_NAMELANG &&
- (temp_tag != IPP_TAG_NAME && temp_tag != IPP_TAG_KEYWORD &&
- temp_tag != IPP_TAG_URI && temp_tag != IPP_TAG_URISCHEME &&
- temp_tag != IPP_TAG_LANGUAGE && temp_tag != IPP_TAG_MIMETYPE))
+ if (value_tag == IPP_TAG_NAMELANG && (temp_tag != IPP_TAG_NAME && temp_tag != IPP_TAG_KEYWORD))
return (0);
if (value_tag == IPP_TAG_TEXTLANG && temp_tag != IPP_TAG_TEXT)
diff --git a/cups/snmp.c b/cups/snmp.c
index 8437528dd..fc9396177 100644
--- a/cups/snmp.c
+++ b/cups/snmp.c
@@ -1233,6 +1233,9 @@ asn1_get_integer(
int value; /* Integer value */
+ if (*buffer >= bufend)
+ return (0);
+
if (length > sizeof(int))
{
(*buffer) += length;
@@ -1259,6 +1262,9 @@ asn1_get_length(unsigned char **buffer, /* IO - Pointer in buffer */
unsigned length; /* Length */
+ if (*buffer >= bufend)
+ return (0);
+
length = **buffer;
(*buffer) ++;
@@ -1301,6 +1307,9 @@ asn1_get_oid(
int number; /* OID number */
+ if (*buffer >= bufend)
+ return (0);
+
valend = *buffer + length;
oidptr = oid;
oidend = oid + oidsize - 1;
@@ -1349,9 +1358,12 @@ asn1_get_packed(
int value; /* Value */
+ if (*buffer >= bufend)
+ return (0);
+
value = 0;
- while ((**buffer & 128) && *buffer < bufend)
+ while (*buffer < bufend && (**buffer & 128))
{
value = (value << 7) | (**buffer & 127);
(*buffer) ++;
@@ -1379,6 +1391,9 @@ asn1_get_string(
char *string, /* I - String buffer */
size_t strsize) /* I - String buffer size */
{
+ if (*buffer >= bufend)
+ return (NULL);
+
if (length > (unsigned)(bufend - *buffer))
length = (unsigned)(bufend - *buffer);
@@ -1421,6 +1436,9 @@ asn1_get_type(unsigned char **buffer, /* IO - Pointer in buffer */
int type; /* Type */
+ if (*buffer >= bufend)
+ return (0);
+
type = **buffer;
(*buffer) ++;
diff --git a/scheduler/client.c b/scheduler/client.c
index a21b909a8..680508047 100644
--- a/scheduler/client.c
+++ b/scheduler/client.c
@@ -568,6 +568,17 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */
cupsdLogClient(con, CUPSD_LOG_DEBUG2, "cupsdReadClient: error=%d, used=%d, state=%s, data_encoding=HTTP_ENCODING_%s, data_remaining=" CUPS_LLFMT ", request=%p(%s), file=%d", httpError(con->http), (int)httpGetReady(con->http), httpStateString(httpGetState(con->http)), httpIsChunked(con->http) ? "CHUNKED" : "LENGTH", CUPS_LLCAST httpGetRemaining(con->http), con->request, con->request ? ippStateString(ippGetState(con->request)) : "", con->file);
+ if (httpError(con->http) == EPIPE && !httpGetReady(con->http) && recv(httpGetFd(con->http), buf, 1, MSG_PEEK) < 1)
+ {
+ /*
+ * Connection closed...
+ */
+
+ cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing on EOF.");
+ cupsdCloseClient(con);
+ return;
+ }
+
if (httpGetState(con->http) == HTTP_STATE_GET_SEND ||
httpGetState(con->http) == HTTP_STATE_POST_SEND ||
httpGetState(con->http) == HTTP_STATE_STATUS)
@@ -577,17 +588,6 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */
* connection and we need to shut it down...
*/
- if (!httpGetReady(con->http) && recv(httpGetFd(con->http), buf, 1, MSG_PEEK) < 1)
- {
- /*
- * Connection closed...
- */
-
- cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing on EOF.");
- cupsdCloseClient(con);
- return;
- }
-
cupsdLogClient(con, CUPSD_LOG_DEBUG, "Closing on unexpected HTTP read state %s.", httpStateString(httpGetState(con->http)));
cupsdCloseClient(con);
return;
@@ -2209,6 +2209,7 @@ cupsdSendError(cupsd_client_t *con, /* I - Connection */
strlcpy(location, httpGetField(con->http, HTTP_FIELD_LOCATION), sizeof(location));
httpClearFields(con->http);
+ httpClearCookie(con->http);
httpSetField(con->http, HTTP_FIELD_LOCATION, location);

BIN
cups-2.2.8-source.tar.gz → cups-2.2.13-source.tar.gz
View File

Binary file not shown.

13
cups-accesslog-null.patch
View File

@ -1,13 +0,0 @@
diff --git a/scheduler/log.c b/scheduler/log.c
index 74790dc35..b6226201f 100644
--- a/scheduler/log.c
+++ b/scheduler/log.c
@@ -1046,7 +1047,7 @@ cupsdLogRequest(cupsd_client_t *con, /* I - Request to log */
* Filter requests as needed...
*/
- if (AccessLogLevel == CUPSD_ACCESSLOG_NONE)
+ if (AccessLogLevel == CUPSD_ACCESSLOG_NONE || !AccessLog)
return (1);
else if (AccessLogLevel < CUPSD_ACCESSLOG_ALL)
{

50
cups-eggcups.patch
View File

@ -1,7 +1,21 @@
diff -up cups-2.2.5/backend/ipp.c.eggcups cups-2.2.5/backend/ipp.c
--- cups-2.2.5/backend/ipp.c.eggcups 2017-10-13 20:22:26.000000000 +0200
+++ cups-2.2.5/backend/ipp.c 2017-10-17 18:56:42.409024451 +0200
@@ -149,6 +149,70 @@ static char tmpfilename[1024] = "";
diff --git a/backend/Makefile b/backend/Makefile
index 48a1c66..342604f 100644
--- a/backend/Makefile
+++ b/backend/Makefile
@@ -263,7 +263,7 @@ dnssd: dnssd.o ../cups/$(LIBCUPS) libbackend.a
ipp: ipp.o ../cups/$(LIBCUPS) libbackend.a
echo Linking $@...
- $(LD_CC) $(LDFLAGS) -o ipp ipp.o libbackend.a $(LIBS)
+ $(LD_CC) $(LDFLAGS) -o ipp ipp.o libbackend.a $(LIBS) $(SERVERLIBS)
$(CODE_SIGN) -s "$(CODE_SIGN_IDENTITY)" $@
$(RM) http
$(LN) ipp http
diff --git a/backend/ipp.c b/backend/ipp.c
index 482d6f7..f37caee 100644
--- a/backend/ipp.c
+++ b/backend/ipp.c
@@ -152,6 +152,70 @@ static char tmpfilename[1024] = "";
static char mandatory_attrs[1024] = "";
/* cupsMandatory value */
@ -72,7 +86,7 @@ diff -up cups-2.2.5/backend/ipp.c.eggcups cups-2.2.5/backend/ipp.c
/*
* Local functions...
@@ -1743,6 +1807,15 @@ main(int argc, /* I - Number of comm
@@ -1755,6 +1819,15 @@ main(int argc, /* I - Number of command-line args */
fprintf(stderr, "DEBUG: Print job accepted - job ID %d.\n", job_id);
}
@ -88,22 +102,11 @@ diff -up cups-2.2.5/backend/ipp.c.eggcups cups-2.2.5/backend/ipp.c
ippDelete(response);
if (job_canceled)
diff -up cups-2.2.5/backend/Makefile.eggcups cups-2.2.5/backend/Makefile
--- cups-2.2.5/backend/Makefile.eggcups 2017-10-17 18:56:42.409024451 +0200
+++ cups-2.2.5/backend/Makefile 2017-10-17 18:59:11.696781116 +0200
@@ -262,7 +262,7 @@ dnssd: dnssd.o ../cups/$(LIBCUPS) libbac
ipp: ipp.o ../cups/$(LIBCUPS) libbackend.a
echo Linking $@...
- $(LD_CC) $(LDFLAGS) -o ipp ipp.o libbackend.a $(LIBS)
+ $(LD_CC) $(LDFLAGS) -o ipp ipp.o libbackend.a $(LIBS) $(SERVERLIBS)
$(RM) http
$(LN) ipp http
diff -up cups-2.2.5/scheduler/subscriptions.c.eggcups cups-2.2.5/scheduler/subscriptions.c
--- cups-2.2.5/scheduler/subscriptions.c.eggcups 2017-10-13 20:22:26.000000000 +0200
+++ cups-2.2.5/scheduler/subscriptions.c 2017-10-17 18:56:42.409024451 +0200
@@ -1291,13 +1291,13 @@ cupsd_send_dbus(cupsd_eventmask_t event,
diff --git a/scheduler/subscriptions.c b/scheduler/subscriptions.c
index d2c6361..d42f855 100644
--- a/scheduler/subscriptions.c
+++ b/scheduler/subscriptions.c
@@ -1294,13 +1294,13 @@ cupsd_send_dbus(cupsd_eventmask_t event,/* I - Event to send */
what = "PrinterAdded";
else if (event & CUPSD_EVENT_PRINTER_DELETED)
what = "PrinterRemoved";
@ -119,7 +122,7 @@ diff -up cups-2.2.5/scheduler/subscriptions.c.eggcups cups-2.2.5/scheduler/subsc
else
return;
@@ -1333,7 +1333,7 @@ cupsd_send_dbus(cupsd_eventmask_t event,
@@ -1336,7 +1336,7 @@ cupsd_send_dbus(cupsd_eventmask_t event,/* I - Event to send */
dbus_message_append_iter_init(message, &iter);
if (dest)
dbus_message_iter_append_string(&iter, dest->name);
@ -128,3 +131,6 @@ diff -up cups-2.2.5/scheduler/subscriptions.c.eggcups cups-2.2.5/scheduler/subsc
{
dbus_message_iter_append_uint32(&iter, job->id);
dbus_message_iter_append_string(&iter, job->username);
--
2.23.0

13
cups-epson-A6-crash.patch
View File

@ -1,13 +0,0 @@
diff --git a/filter/rastertoepson.c b/filter/rastertoepson.c
index 73e8d0600..4522e6b48 100644
--- a/filter/rastertoepson.c
+++ b/filter/rastertoepson.c
@@ -301,7 +302,7 @@ StartPage(
if (DotBytes)
{
- if ((LineBuffers[0] = calloc((size_t)DotBytes, header->cupsWidth * (size_t)(Shingling + 1))) == NULL)
+ if ((LineBuffers[0] = calloc((size_t)DotBytes, (header->cupsWidth + 7) * (size_t)(Shingling + 1))) == NULL)
{
fputs("ERROR: Unable to allocate memory\n", stderr);
exit(1);

124
cups-ippeve-webui.patch
View File

@ -1,124 +0,0 @@
diff --git a/backend/dnssd.c b/backend/dnssd.c
index 34781d5ce..7074f4294 100644
--- a/backend/dnssd.c
+++ b/backend/dnssd.c
@@ -1252,6 +1252,13 @@ query_callback(
strlcat(make_and_model, " ", sizeof(make_and_model));
strlcat(make_and_model, model, sizeof(make_and_model));
+ if (!_cups_strncasecmp(make_and_model, "EPSON EPSON ", 12))
+ _cups_strcpy(make_and_model, make_and_model + 6);
+ else if (!_cups_strncasecmp(make_and_model, "HP HP ", 6))
+ _cups_strcpy(make_and_model, make_and_model + 3);
+ else if (!_cups_strncasecmp(make_and_model, "Lexmark International Lexmark ", 30))
+ _cups_strcpy(make_and_model, make_and_model + 22);
+
device->make_and_model = strdup(make_and_model);
}
else
diff --git a/cgi-bin/admin.c b/cgi-bin/admin.c
index f788083fb..a3b5057b0 100644
--- a/cgi-bin/admin.c
+++ b/cgi-bin/admin.c
@@ -928,6 +929,8 @@ do_am_printer(http_t *http, /* I - HTTP connection */
else if (!file &&
(!cgiGetVariable("PPD_NAME") || cgiGetVariable("SELECT_MAKE")))
{
+ int ipp_everywhere = !strncmp(var, "ipp://", 6) || !strncmp(var, "ipps://", 7) || (!strncmp(var, "dnssd://", 8) && (strstr(var, "_ipp._tcp") || strstr(var, "_ipps._tcp")));
+
if (modify && !cgiGetVariable("SELECT_MAKE"))
{
/*
@@ -1076,6 +1079,8 @@ do_am_printer(http_t *http, /* I - HTTP connection */
if (!modify)
cgiSetVariable("CURRENT_MAKE_AND_MODEL",
cgiGetArray("PPD_MAKE_AND_MODEL", 0));
+ if (ipp_everywhere)
+ cgiSetVariable("SHOW_IPP_EVERYWHERE", "1");
cgiCopyTemplateLang("choose-model.tmpl");
cgiEndHTML();
}
diff --git a/templates/choose-model.tmpl b/templates/choose-model.tmpl
index ee9338cc5..d72534236 100644
--- a/templates/choose-model.tmpl
+++ b/templates/choose-model.tmpl
@@ -39,6 +39,7 @@
<TD>
<SELECT NAME="PPD_NAME" SIZE="10">
{op=add-printer?:<OPTION VALUE="__no_change__" SELECTED>Current Driver - {current_make_and_model}</OPTION>:}
+{show_ipp_everywhere?<OPTION VALUE="everywhere" SELECTED>IPP Everywhere &trade;</OPTION>:}
{[ppd_name]<OPTION VALUE="{ppd_name}" {op=modify-printer?:{?current_make_and_model={ppd_make_and_model}?SELECTED:}}>{ppd_make_and_model} ({ppd_natural_language})
}</SELECT>
</TD>
diff --git a/templates/de/choose-model.tmpl b/templates/de/choose-model.tmpl
index cb9b6f3bc..a08a8e3e0 100644
--- a/templates/de/choose-model.tmpl
+++ b/templates/de/choose-model.tmpl
@@ -39,6 +39,7 @@ Drucker {?printer_is_shared=?nicht:{?printer_is_shared=0?nicht:}} im Netzwerk fr
<TD>
<SELECT NAME="PPD_NAME" SIZE="10">
{op=add-printer?:<OPTION VALUE="__no_change__" SELECTED>Aktueller Treiber - {current_make_and_model}</OPTION>:}
+{show_ipp_everywhere?<OPTION VALUE="everywhere" SELECTED>IPP Everywhere &trade;</OPTION>:}
{[ppd_name]<OPTION VALUE="{ppd_name}" {op=modify-printer?:{?current_make_and_model={ppd_make_and_model}?SELECTED:}}>{ppd_make_and_model} ({ppd_natural_language})
}</SELECT>
</TD>
diff --git a/templates/es/choose-model.tmpl b/templates/es/choose-model.tmpl
index 8a5a4ba90..74f0a9bb9 100644
--- a/templates/es/choose-model.tmpl
+++ b/templates/es/choose-model.tmpl
@@ -39,6 +39,7 @@
<TD>
<SELECT NAME="PPD_NAME" SIZE="10">
{op=add-printer?:<OPTION VALUE="__no_change__" SELECTED>Controlador actual - {current_make_and_model}</OPTION>:}
+{show_ipp_everywhere?<OPTION VALUE="everywhere" SELECTED>IPP Everywhere &trade;</OPTION>:}
{[ppd_name]<OPTION VALUE="{ppd_name}" {op=modify-printer?:{?current_make_and_model={ppd_make_and_model}?SELECTED:}}>{ppd_make_and_model} ({ppd_natural_language})
}</SELECT>
</TD>
diff --git a/templates/fr/choose-model.tmpl b/templates/fr/choose-model.tmpl
index 1e154f18a..3038b3fe3 100644
--- a/templates/fr/choose-model.tmpl
+++ b/templates/fr/choose-model.tmpl
@@ -39,6 +39,7 @@
<TD>
<SELECT NAME="PPD_NAME" SIZE="10">
{op=add-printer?:<OPTION VALUE="__no_change__" SELECTED>Pilote actuel - {current_make_and_model}</OPTION>:}
+{show_ipp_everywhere?<OPTION VALUE="everywhere" SELECTED>IPP Everywhere &trade;</OPTION>:}
{[ppd_name]<OPTION VALUE="{ppd_name}" {op=modify-printer?:{?current_make_and_model={ppd_make_and_model}?SELECTED:}}>{ppd_make_and_model} ({ppd_natural_language})
}</SELECT>
</TD>
diff --git a/templates/ja/choose-model.tmpl b/templates/ja/choose-model.tmpl
index daf1375fd..b3c286b11 100644
--- a/templates/ja/choose-model.tmpl
+++ b/templates/ja/choose-model.tmpl
@@ -39,6 +39,7 @@
<TD>
<SELECT NAME="PPD_NAME" SIZE="10">
{op=add-printer?:<OPTION VALUE="__no_change__" SELECTED>現在のドライバー - {current_make_and_model}</OPTION>:}
+{show_ipp_everywhere?<OPTION VALUE="everywhere" SELECTED>IPP Everywhere &trade;</OPTION>:}
{[ppd_name]<OPTION VALUE="{ppd_name}" {op=modify-printer?:{?current_make_and_model={ppd_make_and_model}?SELECTED:}}>{ppd_make_and_model} ({ppd_natural_language})
}</SELECT>
</TD>
diff --git a/templates/pt_BR/choose-model.tmpl b/templates/pt_BR/choose-model.tmpl
index 55d8bd8d5..a5939ee9c 100644
--- a/templates/pt_BR/choose-model.tmpl
+++ b/templates/pt_BR/choose-model.tmpl
@@ -39,6 +39,7 @@
<TD>
<SELECT NAME="PPD_NAME" SIZE="10">
{op=add-printer?:<OPTION VALUE="__no_change__" SELECTED>Driver atual - {current_make_and_model}</OPTION>:}
+{show_ipp_everywhere?<OPTION VALUE="everywhere" SELECTED>IPP Everywhere &trade;</OPTION>:}
{[ppd_name]<OPTION VALUE="{ppd_name}" {op=modify-printer?:{?current_make_and_model={ppd_make_and_model}?SELECTED:}}>{ppd_make_and_model} ({ppd_natural_language})
}</SELECT>
</TD>
diff --git a/templates/ru/choose-model.tmpl b/templates/ru/choose-model.tmpl
index 2f0d6d9ba..86507814d 100644
--- a/templates/ru/choose-model.tmpl
+++ b/templates/ru/choose-model.tmpl
@@ -39,6 +39,7 @@
<TD>
<SELECT NAME="PPD_NAME" SIZE="10">
{op=add-printer?:<OPTION VALUE="__no_change__" SELECTED>Текущий драйвер - {current_make_and_model}</OPTION>:}
+{show_ipp_everywhere?<OPTION VALUE="everywhere" SELECTED>IPP Everywhere &trade;</OPTION>:}
{[ppd_name]<OPTION VALUE="{ppd_name}" {op=modify-printer?:{?current_make_and_model={ppd_make_and_model}?SELECTED:}}>{ppd_make_and_model} ({ppd_natural_language})
}</SELECT>
</TD>

63
cups-ippvalidateattr-regression.patch
View File

@ -1,63 +0,0 @@
diff --git a/cups/ipp.c b/cups/ipp.c
index 95d53cc44..325de02b9 100644
--- a/cups/ipp.c
+++ b/cups/ipp.c
@@ -5033,16 +5033,19 @@ ippValidateAttribute(
break;
}
- if (*ptr < ' ' || *ptr == 0x7f)
- {
- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad control character (PWG 5100.14 section 8.3)."), attr->name, attr->values[i].string.text);
- return (0);
- }
- else if (*ptr)
- {
- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.2)."), attr->name, attr->values[i].string.text);
- return (0);
- }
+ if (*ptr)
+ {
+ if (*ptr < ' ' || *ptr == 0x7f)
+ {
+ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad control character (PWG 5100.14 section 8.3)."), attr->name, attr->values[i].string.text);
+ return (0);
+ }
+ else
+ {
+ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.2)."), attr->name, attr->values[i].string.text);
+ return (0);
+ }
+ }
if ((ptr - attr->values[i].string.text) > (IPP_MAX_TEXT - 1))
{
@@ -5091,16 +5094,19 @@ ippValidateAttribute(
break;
}
- if (*ptr < ' ' || *ptr == 0x7f)
- {
- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad control character (PWG 5100.14 section 8.1)."), attr->name, attr->values[i].string.text);
- return (0);
- }
- else if (*ptr)
+ if (*ptr)
{
- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.3)."), attr->name, attr->values[i].string.text);
- return (0);
- }
+ if (*ptr < ' ' || *ptr == 0x7f)
+ {
+ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad control character (PWG 5100.14 section 8.1)."), attr->name, attr->values[i].string.text);
+ return (0);
+ }
+ else
+ {
+ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.3)."), attr->name, attr->values[i].string.text);
+ return (0);
+ }
+ }
if ((ptr - attr->values[i].string.text) > (IPP_MAX_NAME - 1))
{

295
cups-lspp.patch
View File

@ -1,21 +1,21 @@
diff -up cups-2.2.8/config.h.in.lspp cups-2.2.8/config.h.in
--- cups-2.2.8/config.h.in.lspp 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/config.h.in 2018-06-08 17:34:38.682653959 +0200
@@ -730,4 +730,11 @@ static __inline int _cups_abs(int i) { r
# endif /* __GNUC__ || __STDC_VERSION__ */
#endif /* !HAVE_ABS && !abs */
+/*
+ * Are we trying to meet LSPP requirements?
+ */
+
+#undef WITH_LSPP
+
+
#endif /* !_CUPS_CONFIG_H_ */
diff -up cups-2.2.8/config-scripts/cups-lspp.m4.lspp cups-2.2.8/config-scripts/cups-lspp.m4
--- cups-2.2.8/config-scripts/cups-lspp.m4.lspp 2018-06-08 17:34:38.682653959 +0200
+++ cups-2.2.8/config-scripts/cups-lspp.m4 2018-06-08 17:34:38.682653959 +0200
diff --git a/Makedefs.in b/Makedefs.in
index 8541b49..a467ed5 100644
--- a/Makedefs.in
+++ b/Makedefs.in
@@ -165,7 +165,7 @@ LDFLAGS = -L../cgi-bin -L../cups -L../filter -L../ppdc \
@LDFLAGS@ @RELROFLAGS@ @PIEFLAGS@ $(OPTIM)
LINKCUPS = @LINKCUPS@ $(LIBGSSAPI) $(DNSSDLIBS) $(SSLLIBS) $(LIBZ)
LINKCUPSIMAGE = @LINKCUPSIMAGE@
-LIBS = $(LINKCUPS) $(COMMONLIBS)
+LIBS = $(LINKCUPS) $(COMMONLIBS) @LIBAUDIT@ @LIBSELINUX@
ONDEMANDFLAGS = @ONDEMANDFLAGS@
ONDEMANDLIBS = @ONDEMANDLIBS@
OPTIM = @OPTIM@
diff --git a/config-scripts/cups-lspp.m4 b/config-scripts/cups-lspp.m4
new file mode 100644
index 0000000..9c59fab
--- /dev/null
+++ b/config-scripts/cups-lspp.m4
@@ -0,0 +1,36 @@
+dnl
+dnl LSPP code for the Common UNIX Printing System (CUPS).
@ -53,9 +53,26 @@ diff -up cups-2.2.8/config-scripts/cups-lspp.m4.lspp cups-2.2.8/config-scripts/c
+ ;;
+ esac
+fi
diff -up cups-2.2.8/configure.ac.lspp cups-2.2.8/configure.ac
--- cups-2.2.8/configure.ac.lspp 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/configure.ac 2018-06-08 17:34:38.682653959 +0200
diff --git a/config.h.in b/config.h.in
index d81c59e..79da02c 100644
--- a/config.h.in
+++ b/config.h.in
@@ -737,4 +737,11 @@ static __inline int _cups_abs(int i) { return (i < 0 ? -i : i); }
# endif /* __GNUC__ || __STDC_VERSION__ */
#endif /* !HAVE_ABS && !abs */
+/*
+ * Are we trying to meet LSPP requirements?
+ */
+
+#undef WITH_LSPP
+
+
#endif /* !_CUPS_CONFIG_H_ */
diff --git a/configure.ac b/configure.ac
index 38db5f5..725130f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -38,6 +38,8 @@ sinclude(config-scripts/cups-startup.m4)
sinclude(config-scripts/cups-defaults.m4)
sinclude(config-scripts/cups-scripting.m4)
@ -65,9 +82,10 @@ diff -up cups-2.2.8/configure.ac.lspp cups-2.2.8/configure.ac
INSTALL_LANGUAGES=""
UNINSTALL_LANGUAGES=""
LANGFILES=""
diff -up cups-2.2.8/filter/common.c.lspp cups-2.2.8/filter/common.c
--- cups-2.2.8/filter/common.c.lspp 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/filter/common.c 2018-06-08 17:34:38.682653959 +0200
diff --git a/filter/common.c b/filter/common.c
index 86b5f8e..fd88bdc 100644
--- a/filter/common.c
+++ b/filter/common.c
@@ -17,6 +17,12 @@
* Include necessary headers...
*/
@ -81,11 +99,11 @@ diff -up cups-2.2.8/filter/common.c.lspp cups-2.2.8/filter/common.c
#include "common.h"
#include <locale.h>
@@ -299,6 +305,18 @@ WriteLabelProlog(const char *label, /* I
@@ -299,6 +305,18 @@ WriteLabelProlog(const char *label, /* I - Page label */
{
const char *classification; /* CLASSIFICATION environment variable */
const char *ptr; /* Temporary string pointer */
+#ifdef WITH_LSPP
+ #ifdef WITH_LSPP
+ int i, /* counter */
+ n, /* counter */
+ lines, /* number of lines needed */
@ -100,7 +118,7 @@ diff -up cups-2.2.8/filter/common.c.lspp cups-2.2.8/filter/common.c
/*
@@ -321,6 +339,124 @@ WriteLabelProlog(const char *label, /* I
@@ -321,6 +339,124 @@ WriteLabelProlog(const char *label, /* I - Page label */
return;
}
@ -149,7 +167,7 @@ diff -up cups-2.2.8/filter/common.c.lspp cups-2.2.8/filter/common.c
+ }
+ wrapped_label[n] = strndup(&classification[label_index], label_len - label_index);
+ }
+ else
+ else
+ {
+ lines = 1;
+ wrapped_label = malloc(sizeof(*wrapped_label));
@ -225,7 +243,7 @@ diff -up cups-2.2.8/filter/common.c.lspp cups-2.2.8/filter/common.c
/*
* Set the classification + page label string...
*/
@@ -401,7 +537,10 @@ WriteLabelProlog(const char *label, /* I
@@ -401,7 +537,10 @@ WriteLabelProlog(const char *label, /* I - Page label */
printf(" %.0f moveto ESPpl show\n", top - 14.0);
puts("pop");
puts("}bind put");
@ -236,13 +254,14 @@ diff -up cups-2.2.8/filter/common.c.lspp cups-2.2.8/filter/common.c
/*
diff -up cups-2.2.8/filter/pstops.c.lspp cups-2.2.8/filter/pstops.c
--- cups-2.2.8/filter/pstops.c.lspp 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/filter/pstops.c 2018-06-08 17:34:38.683653951 +0200
@@ -3176,6 +3176,18 @@ write_label_prolog(pstops_doc_t *doc, /*
{
diff --git a/filter/pstops.c b/filter/pstops.c
index fab60d9..0722163 100644
--- a/filter/pstops.c
+++ b/filter/pstops.c
@@ -3176,6 +3176,19 @@ write_label_prolog(pstops_doc_t *doc, /* I - Document info */
const char *classification; /* CLASSIFICATION environment variable */
const char *ptr; /* Temporary string pointer */
+#ifdef WITH_LSPP
+ int i, /* counter */
+ n, /* counter */
@ -255,10 +274,11 @@ diff -up cups-2.2.8/filter/pstops.c.lspp cups-2.2.8/filter/pstops.c
+ max_width; /* maximum width in characters */
+ char **wrapped_label; /* label with line breaks */
+#endif /* WITH_LSPP */
+
/*
@@ -3198,6 +3210,124 @@ write_label_prolog(pstops_doc_t *doc, /*
* First get the current classification...
@@ -3197,6 +3210,124 @@ write_label_prolog(pstops_doc_t *doc, /* I - Document info */
return;
}
@ -383,7 +403,7 @@ diff -up cups-2.2.8/filter/pstops.c.lspp cups-2.2.8/filter/pstops.c
/*
* Set the classification + page label string...
*/
@@ -3276,7 +3406,10 @@ write_label_prolog(pstops_doc_t *doc, /*
@@ -3275,7 +3406,10 @@ write_label_prolog(pstops_doc_t *doc, /* I - Document info */
doc_printf(doc, " %.0f moveto ESPpl show\n", top - 14.0);
doc_puts(doc, "pop\n");
doc_puts(doc, "}bind put\n");
@ -394,21 +414,10 @@ diff -up cups-2.2.8/filter/pstops.c.lspp cups-2.2.8/filter/pstops.c
/*
diff -up cups-2.2.8/Makedefs.in.lspp cups-2.2.8/Makedefs.in
--- cups-2.2.8/Makedefs.in.lspp 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/Makedefs.in 2018-06-08 17:34:38.683653951 +0200
@@ -161,7 +161,7 @@ LDFLAGS = -L../cgi-bin -L../cups -L../f
@LDFLAGS@ @RELROFLAGS@ @PIEFLAGS@ $(OPTIM)
LINKCUPS = @LINKCUPS@ $(LIBGSSAPI) $(DNSSDLIBS) $(SSLLIBS) $(LIBZ)
LINKCUPSIMAGE = @LINKCUPSIMAGE@
-LIBS = $(LINKCUPS) $(COMMONLIBS)
+LIBS = $(LINKCUPS) $(COMMONLIBS) @LIBAUDIT@ @LIBSELINUX@
ONDEMANDFLAGS = @ONDEMANDFLAGS@
ONDEMANDLIBS = @ONDEMANDLIBS@
OPTIM = @OPTIM@
diff -up cups-2.2.8/scheduler/client.c.lspp cups-2.2.8/scheduler/client.c
--- cups-2.2.8/scheduler/client.c.lspp 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/scheduler/client.c 2018-06-08 17:34:38.729653586 +0200
diff --git a/scheduler/client.c b/scheduler/client.c
index 6805080..236355a 100644
--- a/scheduler/client.c
+++ b/scheduler/client.c
@@ -22,12 +22,20 @@
#define _HTTP_NO_PRIVATE
#include "cupsd.h"
@ -430,7 +439,7 @@ diff -up cups-2.2.8/scheduler/client.c.lspp cups-2.2.8/scheduler/client.c
/*
@@ -268,6 +276,59 @@ cupsdAcceptClient(cupsd_listener_t *lis)
@@ -268,6 +276,59 @@ cupsdAcceptClient(cupsd_listener_t *lis)/* I - Listener socket */
}
#endif /* HAVE_TCPD_H */
@ -490,7 +499,7 @@ diff -up cups-2.2.8/scheduler/client.c.lspp cups-2.2.8/scheduler/client.c
#ifdef AF_LOCAL
if (httpAddrFamily(httpGetAddress(con->http)) == AF_LOCAL)
{
@@ -562,6 +623,13 @@ cupsdReadClient(cupsd_client_t *con) /*
@@ -562,6 +623,13 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */
mime_type_t *type; /* MIME type of file */
cupsd_printer_t *p; /* Printer */
static unsigned request_id = 0; /* Request ID for temp files */
@ -504,10 +513,10 @@ diff -up cups-2.2.8/scheduler/client.c.lspp cups-2.2.8/scheduler/client.c
status = HTTP_STATUS_CONTINUE;
@@ -1938,6 +2006,73 @@ cupsdReadClient(cupsd_client_t *con) /*
@@ -1937,6 +2005,72 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */
fchown(con->file, RunUser, Group);
fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC);
}
+#ifdef WITH_LSPP
+ if (strncmp(con->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) != 0)
+ {
@ -574,11 +583,10 @@ diff -up cups-2.2.8/scheduler/client.c.lspp cups-2.2.8/scheduler/client.c
+ context_free(clicon);
+ }
+#endif /* WITH_LSPP */
+
if (httpGetState(con->http) != HTTP_STATE_POST_SEND)
{
if (!httpWait(con->http, 0))
@@ -3485,6 +3620,49 @@ is_path_absolute(const char *path) /* I
@@ -3485,6 +3619,49 @@ is_path_absolute(const char *path) /* I - Input path */
return (1);
}
@ -628,9 +636,10 @@ diff -up cups-2.2.8/scheduler/client.c.lspp cups-2.2.8/scheduler/client.c
/*
* 'pipe_command()' - Pipe the output of a command to the remote client.
diff -up cups-2.2.8/scheduler/client.h.lspp cups-2.2.8/scheduler/client.h
--- cups-2.2.8/scheduler/client.h.lspp 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/scheduler/client.h 2018-06-08 17:34:38.729653586 +0200
diff --git a/scheduler/client.h b/scheduler/client.h
index beddab0..7f4e8d4 100644
--- a/scheduler/client.h
+++ b/scheduler/client.h
@@ -16,6 +16,13 @@
#endif /* HAVE_AUTHORIZATION_H */
@ -666,20 +675,22 @@ diff -up cups-2.2.8/scheduler/client.h.lspp cups-2.2.8/scheduler/client.h
#ifdef HAVE_SSL
extern int cupsdEndTLS(cupsd_client_t *con);
diff -up cups-2.2.8/scheduler/conf.c.lspp cups-2.2.8/scheduler/conf.c
--- cups-2.2.8/scheduler/conf.c.lspp 2018-06-08 17:34:38.676654007 +0200
+++ cups-2.2.8/scheduler/conf.c 2018-06-08 17:34:38.730653578 +0200
@@ -40,6 +40,9 @@
diff --git a/scheduler/conf.c b/scheduler/conf.c
index 96993c7..4200b57 100644
--- a/scheduler/conf.c
+++ b/scheduler/conf.c
@@ -40,6 +40,10 @@
# define INADDR_NONE 0xffffffff
#endif /* !INADDR_NONE */
+#ifdef WITH_LSPP
+# include <libaudit.h>
+#endif /* WITH_LSPP */
+
/*
* Configuration variable structure...
@@ -131,6 +134,10 @@ static const cupsd_var_t cupsd_vars[] =
@@ -131,6 +135,10 @@ static const cupsd_var_t cupsd_vars[] =
{ "ServerName", &ServerName, CUPSD_VARTYPE_STRING },
{ "StrictConformance", &StrictConformance, CUPSD_VARTYPE_BOOLEAN },
{ "Timeout", &Timeout, CUPSD_VARTYPE_TIME },
@ -690,7 +701,7 @@ diff -up cups-2.2.8/scheduler/conf.c.lspp cups-2.2.8/scheduler/conf.c
{ "WebInterface", &WebInterface, CUPSD_VARTYPE_BOOLEAN }
};
static const cupsd_var_t cupsfiles_vars[] =
@@ -544,6 +551,9 @@ cupsdReadConfiguration(void)
@@ -544,6 +552,9 @@ cupsdReadConfiguration(void)
const char *tmpdir; /* TMPDIR environment variable */
struct stat tmpinfo; /* Temporary directory info */
cupsd_policy_t *p; /* Policy */
@ -700,7 +711,7 @@ diff -up cups-2.2.8/scheduler/conf.c.lspp cups-2.2.8/scheduler/conf.c
/*
@@ -863,6 +873,25 @@ cupsdReadConfiguration(void)
@@ -863,6 +874,25 @@ cupsdReadConfiguration(void)
RunUser = getuid();
@ -726,7 +737,7 @@ diff -up cups-2.2.8/scheduler/conf.c.lspp cups-2.2.8/scheduler/conf.c
cupsdLogMessage(CUPSD_LOG_INFO, "Remote access is %s.",
RemotePort ? "enabled" : "disabled");
@@ -1274,7 +1303,19 @@ cupsdReadConfiguration(void)
@@ -1274,7 +1304,19 @@ cupsdReadConfiguration(void)
cupsdClearString(&Classification);
if (Classification)
@ -738,7 +749,7 @@ diff -up cups-2.2.8/scheduler/conf.c.lspp cups-2.2.8/scheduler/conf.c
+ audit_message = NULL;
+ cupsdSetStringf(&audit_message, "[Config] Classification=%s", Classification);
+ audit_log_user_message(AuditLog, AUDIT_LABEL_LEVEL_CHANGE, audit_message,
+ ServerName, NULL, NULL, 1);
+ ServerName, NULL, NULL, 1);
+ cupsdClearString(&audit_message);
+ }
+#endif /* WITH_LSPP */
@ -746,7 +757,7 @@ diff -up cups-2.2.8/scheduler/conf.c.lspp cups-2.2.8/scheduler/conf.c
/*
* Check the MaxClients setting, and then allocate memory for it...
@@ -3832,6 +3873,18 @@ read_location(cups_file_t *fp, /* I - C
@@ -3832,6 +3874,18 @@ read_location(cups_file_t *fp, /* I - Configuration file */
return ((FatalErrors & CUPSD_FATAL_CONFIG) ? 0 : linenum);
}
@ -765,9 +776,10 @@ diff -up cups-2.2.8/scheduler/conf.c.lspp cups-2.2.8/scheduler/conf.c
/*
* 'read_policy()' - Read a <Policy name> definition.
diff -up cups-2.2.8/scheduler/conf.h.lspp cups-2.2.8/scheduler/conf.h
--- cups-2.2.8/scheduler/conf.h.lspp 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/scheduler/conf.h 2018-06-08 17:34:38.730653578 +0200
diff --git a/scheduler/conf.h b/scheduler/conf.h
index b608367..cc07a8a 100644
--- a/scheduler/conf.h
+++ b/scheduler/conf.h
@@ -246,6 +246,13 @@ VAR char *ServerKeychain VALUE(NULL);
/* Keychain holding cert + key */
#endif /* HAVE_SSL */
@ -792,9 +804,10 @@ diff -up cups-2.2.8/scheduler/conf.h.lspp cups-2.2.8/scheduler/conf.h
/*
* Prototypes...
diff -up cups-2.2.8/scheduler/cupsd.h.lspp cups-2.2.8/scheduler/cupsd.h
--- cups-2.2.8/scheduler/cupsd.h.lspp 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/scheduler/cupsd.h 2018-06-08 17:34:38.730653578 +0200
diff --git a/scheduler/cupsd.h b/scheduler/cupsd.h
index 54d2a4f..8129586 100644
--- a/scheduler/cupsd.h
+++ b/scheduler/cupsd.h
@@ -11,6 +11,8 @@
* file is missing or damaged, see the license at "http://www.cups.org/".
*/
@ -804,9 +817,9 @@ diff -up cups-2.2.8/scheduler/cupsd.h.lspp cups-2.2.8/scheduler/cupsd.h
/*
* Include necessary headers.
@@ -36,13 +38,20 @@
@@ -36,6 +38,14 @@
# include <unistd.h>
#endif /* WIN32 */
#endif /* _WIN32 */
+#include "config.h"
+#ifdef WITH_LSPP
@ -819,16 +832,10 @@ diff -up cups-2.2.8/scheduler/cupsd.h.lspp cups-2.2.8/scheduler/cupsd.h
#include "mime.h"
#if defined(HAVE_CDSASSL)
# include <CoreFoundation/CoreFoundation.h>
#endif /* HAVE_CDSASSL */
-
/*
* Some OS's don't have hstrerror(), most notably Solaris...
*/
diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
--- cups-2.2.8/scheduler/ipp.c.lspp 2018-06-08 17:34:38.652654197 +0200
+++ cups-2.2.8/scheduler/ipp.c 2018-06-08 17:37:19.166378937 +0200
diff --git a/scheduler/ipp.c b/scheduler/ipp.c
index 07765a1..2ce61b4 100644
--- a/scheduler/ipp.c
+++ b/scheduler/ipp.c
@@ -14,6 +14,9 @@
* missing or damaged, see the license at "http://www.cups.org/".
*/
@ -839,7 +846,7 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
/*
* Include necessary headers...
*/
@@ -37,6 +40,14 @@ extern int mbr_check_membership_by_id(uu
@@ -37,6 +40,15 @@ extern int mbr_check_membership_by_id(uuid_t user, gid_t group, int* ismember);
# endif /* HAVE_MEMBERSHIPPRIV_H */
#endif /* __APPLE__ */
@ -851,10 +858,11 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
+#include <selinux/flask.h>
+#include <selinux/av_permissions.h>
+#endif /* WITH_LSPP */
+
/*
* Local functions...
@@ -61,6 +72,9 @@ static void cancel_all_jobs(cupsd_client
@@ -61,6 +73,9 @@ static void cancel_all_jobs(cupsd_client_t *con, ipp_attribute_t *uri);
static void cancel_job(cupsd_client_t *con, ipp_attribute_t *uri);
static void cancel_subscription(cupsd_client_t *con, int id);
static int check_rss_recipient(const char *recipient);
@ -864,10 +872,11 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
static int check_quotas(cupsd_client_t *con, cupsd_printer_t *p);
static void close_job(cupsd_client_t *con, ipp_attribute_t *uri);
static void copy_attrs(ipp_t *to, ipp_t *from, cups_array_t *ra,
@@ -1250,6 +1264,21 @@ add_job(cupsd_client_t *con, /* I - Cl
@@ -1248,7 +1263,21 @@ add_job(cupsd_client_t *con, /* I - Client connection */
"time-at-creation",
"time-at-processing"
};
-
+#ifdef WITH_LSPP
+ char *audit_message; /* Audit message string */
+ char *printerfile; /* device file pointed to by the printer */
@ -884,9 +893,9 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
+ access_vector_t avr; /* Access method being requested */
+#endif /* WITH_LSPP */
cupsdLogMessage(CUPSD_LOG_DEBUG2, "add_job(%p[%d], %p(%s), %p(%s/%s))",
@@ -1578,6 +1607,106 @@ add_job(cupsd_client_t *con, /* I - Cl
con, con->number, printer, printer->name,
@@ -1576,6 +1605,106 @@ add_job(cupsd_client_t *con, /* I - Client connection */
attr = ippFindAttribute(con->request, "requesting-user-name", IPP_TAG_NAME);
@ -993,7 +1002,7 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
if ((job = cupsdAddJob(priority, printer->name)) == NULL)
{
send_ipp_status(con, IPP_INTERNAL_ERROR,
@@ -1586,6 +1715,32 @@ add_job(cupsd_client_t *con, /* I - Cl
@@ -1584,6 +1713,32 @@ add_job(cupsd_client_t *con, /* I - Client connection */
return (NULL);
}
@ -1026,7 +1035,7 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
job->dtype = printer->type & (CUPS_PRINTER_CLASS | CUPS_PRINTER_REMOTE);
job->attrs = con->request;
job->dirty = 1;
@@ -1773,6 +1928,29 @@ add_job(cupsd_client_t *con, /* I - Cl
@@ -1771,6 +1926,29 @@ add_job(cupsd_client_t *con, /* I - Client connection */
ippSetString(job->attrs, &attr, 0, printer->job_sheets[0]);
ippSetString(job->attrs, &attr, 1, printer->job_sheets[1]);
}
@ -1056,7 +1065,7 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
job->job_sheets = attr;
@@ -1803,6 +1981,9 @@ add_job(cupsd_client_t *con, /* I - Cl
@@ -1801,6 +1979,9 @@ add_job(cupsd_client_t *con, /* I - Client connection */
"job-sheets=\"%s,none\", "
"job-originating-user-name=\"%s\"",
Classification, job->username);
@ -1066,7 +1075,7 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
}
else if (attr->num_values == 2 &&
strcmp(attr->values[0].string.text,
@@ -1821,6 +2002,9 @@ add_job(cupsd_client_t *con, /* I - Cl
@@ -1819,6 +2000,9 @@ add_job(cupsd_client_t *con, /* I - Client connection */
"job-originating-user-name=\"%s\"",
attr->values[0].string.text,
attr->values[1].string.text, job->username);
@ -1076,7 +1085,7 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
}
else if (strcmp(attr->values[0].string.text, Classification) &&
strcmp(attr->values[0].string.text, "none") &&
@@ -1841,6 +2025,9 @@ add_job(cupsd_client_t *con, /* I - Cl
@@ -1839,6 +2023,9 @@ add_job(cupsd_client_t *con, /* I - Client connection */
"job-originating-user-name=\"%s\"",
attr->values[0].string.text,
attr->values[1].string.text, job->username);
@ -1086,7 +1095,7 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
}
}
else if (strcmp(attr->values[0].string.text, Classification) &&
@@ -1881,8 +2068,52 @@ add_job(cupsd_client_t *con, /* I - Cl
@@ -1879,7 +2066,49 @@ add_job(cupsd_client_t *con, /* I - Client connection */
"job-sheets=\"%s\", "
"job-originating-user-name=\"%s\"",
Classification, job->username);
@ -1128,18 +1137,15 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
+ cupsdClearString(&audit_message);
+ }
}
+
+ if (userheader)
+ free(userheader);
+ if (userfooter)
+ free(userfooter);
+#endif /* WITH_LSPP */
}
+
/*
* See if we need to add the starting sheet...
@@ -3656,6 +3887,128 @@ check_rss_recipient(
@@ -3653,6 +3882,128 @@ check_rss_recipient(
}
@ -1244,7 +1250,7 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
+ if (avc_has_perm_noaudit(clisid, filesid, tclass, avr, &avcref, NULL) != 0)
+ {
+ cupsdLogJob(job, CUPSD_LOG_INFO,
+ "check_context: SELinux denied access to the spool file");
+ "check_context: SELinux denied access to the spool file");
+ return 0;
+ }
+ cupsdLogJob(job, CUPSD_LOG_INFO,
@ -1268,7 +1274,7 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
/*
* 'check_quotas()' - Check quotas for a printer and user.
*/
@@ -4112,6 +4465,15 @@ copy_banner(cupsd_client_t *con, /* I -
@@ -4109,6 +4460,14 @@ copy_banner(cupsd_client_t *con, /* I - Client connection */
char attrname[255], /* Name of attribute */
*s; /* Pointer into name */
ipp_attribute_t *attr; /* Attribute */
@ -1280,11 +1286,10 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
+ context_t tmpcon; /* Temp context to set the level */
+ security_context_t spoolcon; /* Context of the file in the spool */
+#endif /* WITH_LSPP */
+
cupsdLogMessage(CUPSD_LOG_DEBUG2,
@@ -4147,6 +4509,85 @@ copy_banner(cupsd_client_t *con, /* I -
@@ -4144,6 +4503,85 @@ copy_banner(cupsd_client_t *con, /* I - Client connection */
fchmod(cupsFileNumber(out), 0640);
fchown(cupsFileNumber(out), RunUser, Group);
@ -1370,7 +1375,7 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
/*
* Try the localized banner file under the subdirectory...
@@ -4241,6 +4682,24 @@ copy_banner(cupsd_client_t *con, /* I -
@@ -4238,6 +4676,24 @@ copy_banner(cupsd_client_t *con, /* I - Client connection */
else
s = attrname;
@ -1395,11 +1400,10 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
if (!strcmp(s, "printer-name"))
{
cupsFilePuts(out, job->dest);
@@ -6480,6 +6939,22 @@ get_job_attrs(cupsd_client_t *con, /* I
@@ -6475,6 +6931,20 @@ get_job_attrs(cupsd_client_t *con, /* I - Client connection */
exclude = cupsdGetPrivateAttrs(policy, con, printer, job->username);
+
+#ifdef WITH_LSPP
+ /*
+ * Check SELinux...
@ -1413,12 +1417,11 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
+ return;
+ }
+#endif /* WITH_LSPP */
+
+
/*
* Copy attributes...
*/
@@ -6877,6 +7352,11 @@ get_jobs(cupsd_client_t *con, /* I - C
@@ -6872,6 +7342,11 @@ get_jobs(cupsd_client_t *con, /* I - Client connection */
if (username[0] && _cups_strcasecmp(username, job->username))
continue;
@ -1430,7 +1433,7 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
if (count > 0)
ippAddSeparator(con->response);
@@ -11475,6 +11955,11 @@ validate_user(cupsd_job_t *job, /* I
@@ -11470,6 +11945,11 @@ validate_user(cupsd_job_t *job, /* I - Job */
strlcpy(username, get_username(con), userlen);
@ -1442,9 +1445,10 @@ diff -up cups-2.2.8/scheduler/ipp.c.lspp cups-2.2.8/scheduler/ipp.c
/*
* Check the username against the owner...
*/
diff -up cups-2.2.8/scheduler/job.c.lspp cups-2.2.8/scheduler/job.c
--- cups-2.2.8/scheduler/job.c.lspp 2018-06-08 17:34:38.657654158 +0200
+++ cups-2.2.8/scheduler/job.c 2018-06-08 17:34:38.733653554 +0200
diff --git a/scheduler/job.c b/scheduler/job.c
index a8373f5..4c94860 100644
--- a/scheduler/job.c
+++ b/scheduler/job.c
@@ -11,6 +11,9 @@
* missing or damaged, see the license at "http://www.cups.org/".
*/
@ -1470,7 +1474,7 @@ diff -up cups-2.2.8/scheduler/job.c.lspp cups-2.2.8/scheduler/job.c
/*
* Design Notes for Job Management
@@ -547,6 +558,14 @@ cupsdContinueJob(cupsd_job_t *job) /* I
@@ -547,6 +558,14 @@ cupsdContinueJob(cupsd_job_t *job) /* I - Job */
/* PRINTER_STATE_REASONS env var */
rip_max_cache[255];
/* RIP_MAX_CACHE env variable */
@ -1485,7 +1489,7 @@ diff -up cups-2.2.8/scheduler/job.c.lspp cups-2.2.8/scheduler/job.c
cupsdLogMessage(CUPSD_LOG_DEBUG2,
@@ -1083,6 +1102,67 @@ cupsdContinueJob(cupsd_job_t *job) /* I
@@ -1065,6 +1084,67 @@ cupsdContinueJob(cupsd_job_t *job) /* I - Job */
if (final_content_type[0])
envp[envc ++] = final_content_type;
@ -1553,7 +1557,7 @@ diff -up cups-2.2.8/scheduler/job.c.lspp cups-2.2.8/scheduler/job.c
if (Classification && !banner_page)
{
if ((attr = ippFindAttribute(job->attrs, "job-sheets",
@@ -1862,6 +1942,22 @@ cupsdLoadJob(cupsd_job_t *job) /* I - J
@@ -1844,6 +1924,22 @@ cupsdLoadJob(cupsd_job_t *job) /* I - Job */
ippSetString(job->attrs, &job->reasons, 0, "none");
}
@ -1576,7 +1580,7 @@ diff -up cups-2.2.8/scheduler/job.c.lspp cups-2.2.8/scheduler/job.c
job->impressions = ippFindAttribute(job->attrs, "job-impressions-completed", IPP_TAG_INTEGER);
job->sheets = ippFindAttribute(job->attrs, "job-media-sheets-completed", IPP_TAG_INTEGER);
job->job_sheets = ippFindAttribute(job->attrs, "job-sheets", IPP_TAG_NAME);
@@ -2275,6 +2371,14 @@ cupsdSaveJob(cupsd_job_t *job) /* I - J
@@ -2259,6 +2355,14 @@ cupsdSaveJob(cupsd_job_t *job) /* I - Job */
{
char filename[1024]; /* Job control filename */
cups_file_t *fp; /* Job file */
@ -1591,7 +1595,7 @@ diff -up cups-2.2.8/scheduler/job.c.lspp cups-2.2.8/scheduler/job.c
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdSaveJob(job=%p(%d)): job->attrs=%p",
@@ -2297,6 +2401,78 @@ cupsdSaveJob(cupsd_job_t *job) /* I - J
@@ -2281,6 +2385,78 @@ cupsdSaveJob(cupsd_job_t *job) /* I - Job */
fchown(cupsFileNumber(fp), RunUser, Group);
@ -1670,7 +1674,7 @@ diff -up cups-2.2.8/scheduler/job.c.lspp cups-2.2.8/scheduler/job.c
job->attrs->state = IPP_IDLE;
if (ippWriteIO(fp, (ipp_iocb_t)cupsFileWrite, 1, NULL,
@@ -3943,6 +4119,19 @@ get_options(cupsd_job_t *job, /* I - Jo
@@ -3969,6 +4145,19 @@ get_options(cupsd_job_t *job, /* I - Job */
banner_page)
continue;
@ -1690,7 +1694,7 @@ diff -up cups-2.2.8/scheduler/job.c.lspp cups-2.2.8/scheduler/job.c
/*
* Otherwise add them to the list...
*/
@@ -4704,6 +4893,18 @@ start_job(cupsd_job_t *job, /* I -
@@ -4779,6 +4968,18 @@ start_job(cupsd_job_t *job, /* I - Job ID */
cupsd_printer_t *printer) /* I - Printer to print job */
{
const char *filename; /* Support filename */
@ -1709,7 +1713,7 @@ diff -up cups-2.2.8/scheduler/job.c.lspp cups-2.2.8/scheduler/job.c
ipp_attribute_t *cancel_after = ippFindAttribute(job->attrs,
"job-cancel-after",
IPP_TAG_INTEGER);
@@ -4892,6 +5093,113 @@ start_job(cupsd_job_t *job, /* I -
@@ -4967,6 +5168,113 @@ start_job(cupsd_job_t *job, /* I - Job ID */
fcntl(job->side_pipes[1], F_SETFD,
fcntl(job->side_pipes[1], F_GETFD) | FD_CLOEXEC);
@ -1823,9 +1827,10 @@ diff -up cups-2.2.8/scheduler/job.c.lspp cups-2.2.8/scheduler/job.c
/*
* Now start the first file in the job...
*/
diff -up cups-2.2.8/scheduler/job.h.lspp cups-2.2.8/scheduler/job.h
--- cups-2.2.8/scheduler/job.h.lspp 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/scheduler/job.h 2018-06-08 17:34:38.733653554 +0200
diff --git a/scheduler/job.h b/scheduler/job.h
index eb59029..9e8b967 100644
--- a/scheduler/job.h
+++ b/scheduler/job.h
@@ -11,6 +11,13 @@
* missing or damaged, see the license at "http://www.cups.org/".
*/
@ -1840,7 +1845,7 @@ diff -up cups-2.2.8/scheduler/job.h.lspp cups-2.2.8/scheduler/job.h
/*
* Constants...
*/
@@ -88,6 +95,10 @@ struct cupsd_job_s /**** Job request *
@@ -88,6 +95,10 @@ struct cupsd_job_s /**** Job request ****/
int progress; /* Printing progress */
int num_keywords; /* Number of PPD keywords */
cups_option_t *keywords; /* PPD keywords */
@ -1851,20 +1856,22 @@ diff -up cups-2.2.8/scheduler/job.h.lspp cups-2.2.8/scheduler/job.h
};
typedef struct cupsd_joblog_s /**** Job log message ****/
diff -up cups-2.2.8/scheduler/main.c.lspp cups-2.2.8/scheduler/main.c
--- cups-2.2.8/scheduler/main.c.lspp 2018-06-08 17:34:38.663654110 +0200
+++ cups-2.2.8/scheduler/main.c 2018-06-08 17:34:38.734653546 +0200
@@ -56,6 +56,9 @@
diff --git a/scheduler/main.c b/scheduler/main.c
index 2764e6a..8984e37 100644
--- a/scheduler/main.c
+++ b/scheduler/main.c
@@ -59,6 +59,10 @@
# include <sys/param.h>
#endif /* HAVE_SYS_PARAM_H */
+#ifdef WITH_LSPP
+# include <libaudit.h>
+#endif /* WITH_LSPP */
+
/*
* Local functions...
@@ -122,6 +125,9 @@ main(int argc, /* I - Number of comm
@@ -125,6 +129,9 @@ main(int argc, /* I - Number of command-line args */
#if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET)
struct sigaction action; /* Actions for POSIX signals */
#endif /* HAVE_SIGACTION && !HAVE_SIGSET */
@ -1874,7 +1881,7 @@ diff -up cups-2.2.8/scheduler/main.c.lspp cups-2.2.8/scheduler/main.c
#ifdef __APPLE__
int use_sysman = 1; /* Use system management functions? */
#else
@@ -495,6 +501,25 @@ main(int argc, /* I - Number of comm
@@ -488,6 +495,25 @@ main(int argc, /* I - Number of command-line args */
exit(errno);
}
@ -1900,7 +1907,7 @@ diff -up cups-2.2.8/scheduler/main.c.lspp cups-2.2.8/scheduler/main.c
/*
* Let the system know we are busy while we bring up cupsd...
*/
@@ -1188,6 +1213,11 @@ main(int argc, /* I - Number of comm
@@ -1196,6 +1222,11 @@ main(int argc, /* I - Number of command-line args */
cupsdStopSelect();
@ -1912,9 +1919,10 @@ diff -up cups-2.2.8/scheduler/main.c.lspp cups-2.2.8/scheduler/main.c
return (!stop_scheduler);
}
diff -up cups-2.2.8/scheduler/printers.c.lspp cups-2.2.8/scheduler/printers.c
--- cups-2.2.8/scheduler/printers.c.lspp 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/scheduler/printers.c 2018-06-08 17:34:38.734653546 +0200
diff --git a/scheduler/printers.c b/scheduler/printers.c
index 22f5ad2..1f16db3 100644
--- a/scheduler/printers.c
+++ b/scheduler/printers.c
@@ -11,6 +11,8 @@
* missing or damaged, see the license at "http://www.cups.org/".
*/
@ -1935,7 +1943,7 @@ diff -up cups-2.2.8/scheduler/printers.c.lspp cups-2.2.8/scheduler/printers.c
/*
* Local functions...
@@ -2202,6 +2208,13 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)
@@ -2196,6 +2202,13 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)/* I - Printer to setup */
ipp_attribute_t *attr; /* Attribute data */
char *name, /* Current user/group name */
*filter; /* Current filter */
@ -1949,7 +1957,7 @@ diff -up cups-2.2.8/scheduler/printers.c.lspp cups-2.2.8/scheduler/printers.c
DEBUG_printf(("cupsdSetPrinterAttrs: entering name = %s, type = %x\n", p->name,
@@ -2329,6 +2342,45 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)
@@ -2323,6 +2336,45 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)/* I - Printer to setup */
attr->values[1].string.text = _cupsStrAlloc(Classification ?
Classification : p->job_sheets[1]);
}
@ -1995,3 +2003,6 @@ diff -up cups-2.2.8/scheduler/printers.c.lspp cups-2.2.8/scheduler/printers.c
}
p->raw = 0;
--
2.23.0

39
cups-synconclose.patch
View File

@ -1,6 +1,7 @@
diff -up cups-2.0.2/conf/cups-files.conf.in.LGOyhq cups-2.0.2/conf/cups-files.conf.in
--- cups-2.0.2/conf/cups-files.conf.in.LGOyhq 2015-02-10 13:51:24.912193296 +0100
+++ cups-2.0.2/conf/cups-files.conf.in 2015-02-10 13:52:49.400997262 +0100
diff --git a/conf/cups-files.conf.in b/conf/cups-files.conf.in
index f4230c9..6609831 100644
--- a/conf/cups-files.conf.in
+++ b/conf/cups-files.conf.in
@@ -7,7 +7,7 @@
#FatalErrors @CUPS_FATAL_ERRORS@
@ -10,10 +11,11 @@ diff -up cups-2.0.2/conf/cups-files.conf.in.LGOyhq cups-2.0.2/conf/cups-files.co
# Default user and group for filters/backends/helper programs; this cannot be
# any user or group that resolves to ID 0 for security reasons...
diff -up cups-2.0.2/doc/help/man-cups-files.conf.html.LGOyhq cups-2.0.2/doc/help/man-cups-files.conf.html
--- cups-2.0.2/doc/help/man-cups-files.conf.html.LGOyhq 2015-02-10 13:52:49.400997262 +0100
+++ cups-2.0.2/doc/help/man-cups-files.conf.html 2015-02-10 13:53:07.057747311 +0100
@@ -136,7 +136,7 @@ The default is "/etc/cups".
diff --git a/doc/help/man-cups-files.conf.html b/doc/help/man-cups-files.conf.html
index 6144a16..b82117c 100644
--- a/doc/help/man-cups-files.conf.html
+++ b/doc/help/man-cups-files.conf.html
@@ -150,7 +150,7 @@ The default is "/var/run/cups" or "/etc/cups" depending on the platform.
<dd style="margin-left: 5.0em">Specifies whether the scheduler calls
<b>fsync</b>(2)
after writing configuration or state files.
@ -22,10 +24,11 @@ diff -up cups-2.0.2/doc/help/man-cups-files.conf.html.LGOyhq cups-2.0.2/doc/help
<dt><a name="SystemGroup"></a><b>SystemGroup </b><i>group-name </i>[ ... <i>group-name</i> ]
<dd style="margin-left: 5.0em">Specifies the group(s) to use for <i>@SYSTEM</i> group authentication.
The default contains "admin", "lpadmin", "root", "sys", and/or "system".
diff -up cups-2.0.2/man/cups-files.conf.man.in.LGOyhq cups-2.0.2/man/cups-files.conf.man.in
--- cups-2.0.2/man/cups-files.conf.man.in.LGOyhq 2015-02-10 13:52:49.400997262 +0100
+++ cups-2.0.2/man/cups-files.conf.man.in 2015-02-10 13:53:23.753510964 +0100
@@ -201,7 +201,7 @@ The default is "/etc/cups".
diff --git a/man/cups-files.conf.man.in b/man/cups-files.conf.man.in
index f5e6a9f..c3d8eeb 100644
--- a/man/cups-files.conf.man.in
+++ b/man/cups-files.conf.man.in
@@ -214,7 +214,7 @@ The default is "/var/run/cups" or "/etc/cups" depending on the platform.
Specifies whether the scheduler calls
.BR fsync (2)
after writing configuration or state files.
@ -34,15 +37,19 @@ diff -up cups-2.0.2/man/cups-files.conf.man.in.LGOyhq cups-2.0.2/man/cups-files.
.\"#SystemGroup
.TP 5
\fBSystemGroup \fIgroup-name \fR[ ... \fIgroup-name\fR ]
diff -up cups-2.0.2/scheduler/conf.c.LGOyhq cups-2.0.2/scheduler/conf.c
--- cups-2.0.2/scheduler/conf.c.LGOyhq 2015-02-10 13:51:24.991192177 +0100
+++ cups-2.0.2/scheduler/conf.c 2015-02-10 13:52:49.401997248 +0100
@@ -717,7 +717,7 @@ cupsdReadConfiguration(void)
diff --git a/scheduler/conf.c b/scheduler/conf.c
index 11c94d2..96993c7 100644
--- a/scheduler/conf.c
+++ b/scheduler/conf.c
@@ -735,7 +735,7 @@ cupsdReadConfiguration(void)
RootCertDuration = 300;
Sandboxing = CUPSD_SANDBOXING_STRICT;
StrictConformance = FALSE;
- SyncOnClose = FALSE;
+ SyncOnClose = TRUE;
Timeout = DEFAULT_TIMEOUT;
Timeout = 900;
WebInterface = CUPS_DEFAULT_WEBIF;
--
2.23.0

57
cups-systemd-socket.patch
View File

@ -1,7 +1,8 @@
diff -up cups-2.2.8/scheduler/main.c.systemd-socket cups-2.2.8/scheduler/main.c
--- cups-2.2.8/scheduler/main.c.systemd-socket 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/scheduler/main.c 2018-09-19 10:38:09.285892238 +0200
@@ -681,8 +681,16 @@ main(int argc, /* I - Number of comm
diff --git a/scheduler/main.c b/scheduler/main.c
index e65060e..2764e6a 100644
--- a/scheduler/main.c
+++ b/scheduler/main.c
@@ -674,8 +674,16 @@ main(int argc, /* I - Number of command-line args */
#ifdef HAVE_ONDEMAND
if (OnDemand)
@ -19,9 +20,22 @@ diff -up cups-2.2.8/scheduler/main.c.systemd-socket cups-2.2.8/scheduler/main.c
#endif /* HAVE_ONDEMAND */
if (fg)
cupsdAddEvent(CUPSD_EVENT_SERVER_STARTED, NULL, NULL, "Scheduler started in foreground.");
diff -up cups-2.2.8/scheduler/org.cups.cupsd.path.in.systemd-socket cups-2.2.8/scheduler/org.cups.cupsd.path.in
--- cups-2.2.8/scheduler/org.cups.cupsd.path.in.systemd-socket 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/scheduler/org.cups.cupsd.path.in 2018-09-19 10:46:11.246666713 +0200
diff --git a/scheduler/org.cups.cups-lpd.socket b/scheduler/org.cups.cups-lpd.socket
index ed23f9d..eb84459 100644
--- a/scheduler/org.cups.cups-lpd.socket
+++ b/scheduler/org.cups.cups-lpd.socket
@@ -1,6 +1,6 @@
[Unit]
Description=CUPS LPD Server Socket
-PartOf=org.cups.cups-lpd.service
+PartOf=cups-lpd.service
[Socket]
ListenStream=515
diff --git a/scheduler/org.cups.cupsd.path.in b/scheduler/org.cups.cupsd.path.in
index 0f1cc46..7c8509f 100644
--- a/scheduler/org.cups.cupsd.path.in
+++ b/scheduler/org.cups.cupsd.path.in
@@ -1,6 +1,6 @@
[Unit]
Description=CUPS Scheduler
@ -30,14 +44,16 @@ diff -up cups-2.2.8/scheduler/org.cups.cupsd.path.in.systemd-socket cups-2.2.8/s
[Path]
PathExists=@CUPS_CACHEDIR@/org.cups.cupsd
diff -up cups-2.2.8/scheduler/org.cups.cupsd.service.in.systemd-socket cups-2.2.8/scheduler/org.cups.cupsd.service.in
--- cups-2.2.8/scheduler/org.cups.cupsd.service.in.systemd-socket 2018-06-05 18:06:54.000000000 +0200
+++ cups-2.2.8/scheduler/org.cups.cupsd.service.in 2018-09-19 10:41:11.378295760 +0200
@@ -1,12 +1,13 @@
diff --git a/scheduler/org.cups.cupsd.service.in b/scheduler/org.cups.cupsd.service.in
index 5273762..c4b2c4f 100644
--- a/scheduler/org.cups.cupsd.service.in
+++ b/scheduler/org.cups.cupsd.service.in
@@ -1,13 +1,14 @@
[Unit]
Description=CUPS Scheduler
Documentation=man:cupsd(8)
+After=network.target
After=sssd.service
[Service]
ExecStart=@sbindir@/cupsd -l
@ -49,9 +65,10 @@ diff -up cups-2.2.8/scheduler/org.cups.cupsd.service.in.systemd-socket cups-2.2.
-Also=org.cups.cupsd.socket org.cups.cupsd.path
+Also=cups.socket cups.path
WantedBy=printer.target
diff -up cups-2.2.8/scheduler/org.cups.cupsd.socket.in.systemd-socket cups-2.2.8/scheduler/org.cups.cupsd.socket.in
--- cups-2.2.8/scheduler/org.cups.cupsd.socket.in.systemd-socket 2018-09-19 10:42:21.411681757 +0200
+++ cups-2.2.8/scheduler/org.cups.cupsd.socket.in 2018-09-19 10:42:44.819476530 +0200
diff --git a/scheduler/org.cups.cupsd.socket.in b/scheduler/org.cups.cupsd.socket.in
index 613b977..3c37d72 100644
--- a/scheduler/org.cups.cupsd.socket.in
+++ b/scheduler/org.cups.cupsd.socket.in
@@ -1,6 +1,6 @@
[Unit]
Description=CUPS Scheduler
@ -60,14 +77,6 @@ diff -up cups-2.2.8/scheduler/org.cups.cupsd.socket.in.systemd-socket cups-2.2.8
[Socket]
ListenStream=@CUPS_DEFAULT_DOMAINSOCKET@
diff -up cups-2.2.8/scheduler/org.cups.cups-lpd.socket.systemd-socket cups-2.2.8/scheduler/org.cups.cups-lpd.socket
--- cups-2.2.8/scheduler/org.cups.cups-lpd.socket.systemd-socket 2018-09-19 10:53:59.222563802 +0200
+++ cups-2.2.8/scheduler/org.cups.cups-lpd.socket 2018-09-19 10:54:16.483412464 +0200
@@ -1,6 +1,6 @@
[Unit]
Description=CUPS LPD Server Socket
-PartOf=org.cups.cups-lpd.service
+PartOf=cups-lpd.service
--
2.23.0
[Socket]
ListenStream=515

12
cups-ypbind.patch
View File

@ -1,12 +1,16 @@
diff -up cups-2.2.0/scheduler/org.cups.cupsd.service.in.ypbind cups-2.2.0/scheduler/org.cups.cupsd.service.in
--- cups-2.2.0/scheduler/org.cups.cupsd.service.in.ypbind 2017-09-22 16:51:39.053585694 +0200
+++ cups-2.2.0/scheduler/org.cups.cupsd.service.in 2017-09-22 16:52:02.588403584 +0200
diff --git a/scheduler/org.cups.cupsd.service.in b/scheduler/org.cups.cupsd.service.in
index c4b2c4f..baa82b7 100644
--- a/scheduler/org.cups.cupsd.service.in
+++ b/scheduler/org.cups.cupsd.service.in
@@ -1,7 +1,7 @@
[Unit]
Description=CUPS Scheduler
Documentation=man:cupsd(8)
-After=network.target
+After=network.target ypbind.service
After=sssd.service
[Service]
ExecStart=@sbindir@/cupsd -l
--
2.23.0

63
cups.spec
View File

@ -1,7 +1,7 @@
Name: cups
Epoch: 1
Version: 2.2.8
Release: 9
Version: 2.2.13
Release: 1
Summary: CUPS is the standards-based, open source printing system for linux operating systems.
License: GPLv2+ and LGPLv2+ with exceptions and AML
Url: http://www.cups.org/
@ -12,34 +12,27 @@ Source3: cups.logrotate
Source4: ncp.backend
Source5: macros.cups
Patch1: cups-no-gzip-man.patch
Patch2: cups-system-auth.patch
Patch3: cups-multilib.patch
Patch5: cups-banners.patch
Patch7: cups-no-export-ssllibs.patch
Patch8: cups-direct-usb.patch
Patch12: cups-eggcups.patch
Patch16: cups-usb-paperout.patch
Patch19: cups-uri-compat.patch
Patch22: cups-hp-deviceid-oid.patch
Patch24: cups-ricoh-deviceid-oid.patch
Patch25: cups-systemd-socket.patch
Patch30: cups-freebind.patch
Patch35: cups-ipp-multifile.patch
Patch37: cups-synconclose.patch
Patch38: cups-ypbind.patch
Patch100: cups-lspp.patch
Patch9: cups-lpr-help.patch
Patch18: cups-filter-debug.patch
Patch29: cups-dymo-deviceid.patch
Patch41: cups-accesslog-null.patch
Patch42: cups-epson-A6-crash.patch
Patch43: cups-ippvalidateattr-regression.patch
Patch44: cups-ippeve-webui.patch
Patch45: 0001-Fix-memory-leaks-found-by-Coverity-Issue-5375.patch
Patch6000: CVE-2018-4300.patch
Patch6001: CVE-2019-8675-CVE-2019-8696.patch
Patch6002: CVE-2019-2228.patch
Patch1: cups-no-gzip-man.patch
Patch2: cups-system-auth.patch
Patch3: cups-multilib.patch
Patch4: cups-banners.patch
Patch5: cups-no-export-ssllibs.patch
Patch6: cups-direct-usb.patch
Patch7: cups-eggcups.patch
Patch8: cups-usb-paperout.patch
Patch9: cups-uri-compat.patch
Patch10: cups-hp-deviceid-oid.patch
Patch11: cups-ricoh-deviceid-oid.patch
Patch12: cups-systemd-socket.patch
Patch13: cups-freebind.patch
Patch14: cups-ipp-multifile.patch
Patch15: cups-synconclose.patch
Patch16: cups-ypbind.patch
Patch17: cups-lspp.patch
Patch18: cups-lpr-help.patch
Patch19: cups-filter-debug.patch
Patch20: cups-dymo-deviceid.patch
Patch21: custom-option-keywords-did-not.patch
Provides: cupsddk cupsddk-drivers cups-filesystem cups-client cups-ipptool cups-lpd
Provides: lpd lpr /usr/bin/lpq /usr/bin/lpr /usr/bin/lp /usr/bin/cancel /usr/bin/lprm /usr/bin/lpstat
@ -332,11 +325,17 @@ rm -f %{_exec_prefix}/lib/cups/backend/smb
%doc %{_datadir}/%{name}/www/apple-touch-icon.png
%changelog
* Thu Mar 26 chenzhen <chenzhen44@huawei.com> - 2.2.8-9
* Fri Jun 12 2020 hanhui <hanhui15@huawei.com> - 2.2.13-1
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:upgrade to 2.2.13
* Thu Mar 26 2020 gaihuiying <gaihuiying1@huawei.com> - 2.2.8-9
- Type:cves
- ID:CVE-2019-2228
- SUG:restart
- DESC: fix CVE-2019-2228
- DESC:fix CVE-2019-2228
* Sat Jan 11 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.2.8-8
- Type:enhancement

44
custom-option-keywords-did-not.patch Normal file
View File

@ -0,0 +1,44 @@
diff --git a/cups/ppd.c b/cups/ppd.c
index fae19c42e..ff52df2e1 100644
--- a/cups/ppd.c
+++ b/cups/ppd.c
@@ -1874,9 +1874,9 @@ _ppdOpen(
{
if (!_cups_strcasecmp(name, "custom") || !_cups_strncasecmp(name, "custom.", 7))
{
- pg->ppd_status = PPD_ILLEGAL_OPTION_KEYWORD;
-
- goto error;
+ char cname[PPD_MAX_NAME]; /* Rewrite with a leading underscore */
+ snprintf(cname, sizeof(cname), "_%s", name);
+ strlcpy(name, cname, sizeof(name));
}
if ((size = ppdPageSize(ppd, name)) == NULL)
@@ -1903,9 +1903,9 @@ _ppdOpen(
{
if (!_cups_strcasecmp(name, "custom") || !_cups_strncasecmp(name, "custom.", 7))
{
- pg->ppd_status = PPD_ILLEGAL_OPTION_KEYWORD;
-
- goto error;
+ char cname[PPD_MAX_NAME]; /* Rewrite with a leading underscore */
+ snprintf(cname, sizeof(cname), "_%s", name);
+ strlcpy(name, cname, sizeof(name));
}
if ((size = ppdPageSize(ppd, name)) == NULL)
@@ -1939,9 +1939,9 @@ _ppdOpen(
if (!_cups_strcasecmp(name, "custom") || !_cups_strncasecmp(name, "custom.", 7))
{
- pg->ppd_status = PPD_ILLEGAL_OPTION_KEYWORD;
-
- goto error;
+ char cname[PPD_MAX_NAME]; /* Rewrite with a leading underscore */
+ snprintf(cname, sizeof(cname), "_%s", name);
+ strlcpy(name, cname, sizeof(name));
}
if (!strcmp(keyword, "PageSize"))