<dd style="margin-left: 5.0em"><dt><b>SSLOptions None</b>
<dd style="margin-left: 5.0em">Sets encryption options (only in /etc/cups/client.conf).
By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites.
-The <i>AllowDH</i> option enables cipher suites using plain Diffie-Hellman key negotiation.
-The <i>AllowRC4</i> option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer ones.
+Security is reduced when <i>Allow</i> options are used.
+Security is enhanced when <i>Deny</i> options are used.
+The <i>AllowDH</i> option enables cipher suites using plain Diffie-Hellman key negotiation (not supported on systems using GNU TLS).
+The <i>AllowRC4</i> option enables the 128-bit RC4 cipher suites, which are required for some older clients.
The <i>AllowSSL3</i> option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0.
The <i>DenyCBC</i> option disables all CBC cipher suites.
The <i>DenyTLS1.0</i> option disables TLS v1.0 support - this sets the minimum protocol version to TLS v1.1.
<dt><b>permissions</b>
<dd style="margin-left: 5.0em">Bad startup file permissions are fatal, for example shared TLS certificate and key files with world-read permissions.
</div>
-<dt><a name="FileDevice"></a><b>FileDevice Yes</b>
-<dd style="margin-left: 5.0em"><dt><b>FileDevice No</b>
-<dd style="margin-left: 5.0em">Specifies whether the file pseudo-device can be used for new printer queues.
-The URI "file:///dev/null" is always allowed.
<dt><a name="Group"></a><b>Group </b><i>group-name-or-number</i>
<dd style="margin-left: 5.0em">Specifies the group name or ID that will be used when executing external programs.
The default group is operating system specific but is usually "lp" or "nobody".
<h3><a name="DEPRECATED_DIRECTIVES">Deprecated Directives</a></h3>
The following directives are deprecated and will be removed from a future version of CUPS:
<dl class="man">
+<dt><a name="FileDevice"></a><b>FileDevice Yes</b>
+<dd style="margin-left: 5.0em"><dt><b>FileDevice No</b>
+<dd style="margin-left: 5.0em">Specifies whether the file pseudo-device can be used for new printer queues.
+The URI "file:///dev/null" is always allowed.
+File devices cannot be used with "raw" print queues - a PPD file is required.
+The specified file is overwritten for every print job.
+Writing to directories is not supported.
<dt><a name="FontPath"></a><b>FontPath </b><i>directory[:...:directoryN]</i>
<dd style="margin-left: 5.0em">Specifies a colon separated list of directories where fonts can be found.
On Linux the
<dd style="margin-left: 5.0em"><dt><b>SSLOptions None</b>
<dd style="margin-left: 5.0em">Sets encryption options.
By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites.
-The <i>AllowDH</i> option enables cipher suites using plain Diffie-Hellman key negotiation.
-The <i>AllowRC4</i> option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer ones.
+Security is reduced when <i>Allow</i> options are used.
+Security is enhanced when <i>Deny</i> options are used.
+The <i>AllowDH</i> option enables cipher suites using plain Diffie-Hellman key negotiation (not supported on systems using GNU TLS).
+The <i>AllowRC4</i> option enables the 128-bit RC4 cipher suites, which are required for some older clients.
The <i>AllowSSL3</i> option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0.
The <i>DenyCBC</i> option disables all CBC cipher suites.
The <i>DenyTLS1.0</i> option disables TLS v1.0 support - this sets the minimum protocol version to TLS v1.1.
<a href="man-lpinfo.html?TOPIC=Man+Pages"><b>lpinfo</b>(8)</a>
command to get a list of supported models.
The model "raw" clears any existing PPD file and the model "everywhere" queries the printer referred to by the specified IPP <i>device-uri</i>.
+Note: The "raw" model is deprecated and will not be supported in a future version of CUPS.
<dt><b>-o cupsIPPSupplies=true</b>
<dd style="margin-left: 5.0em"><dt><b>-o cupsIPPSupplies=false</b>
<dd style="margin-left: 5.0em">Specifies whether IPP supply level values should be reported.
.BR lpinfo (8)
command to get a list of supported models.
The model "raw" clears any existing PPD file and the model "everywhere" queries the printer referred to by the specified IPP \fIdevice-uri\fR.
-The "raw" model is deprecated and will not be supported in a future version of CUPS.
+Note: The "raw" model is deprecated and will not be supported in a future version of CUPS.
.TP 5
\fB\-o cupsIPPSupplies=true\fR
.TP 5
projects / thirdparty / cups.git / commitdiff
