Fix cookie handling for web interface.

Allow access to auth certificates in the state directory.

Remove client connection from select when all data has been read from client.

git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@12034 a1ca3aef-8c08-0410-bb20-df032aa958be

diff --git a/cgi-bin/var.c b/cgi-bin/var.c
index 6972eef02ebfbca5fe5fd0a210d1ad8de9df74cd..408634dac447db202b320e5bea4745bff20364f4 100644 (file)
--- a/cgi-bin/var.c
+++ b/cgi-bin/var.c
@@ -437,9 +437,9 @@ cgiSetCookie(const char *name,              /* I - Name */
     printf(" expires=%s;", httpGetDateString2(expires, date, sizeof(date)));
   }
   if (secure)
-    puts(" secure;");
+    puts(" httponly; secure;");
   else
-    putchar('\n');
+    puts(" httponly;");
 }
 
 

diff --git a/cups/http.c b/cups/http.c
index 55398152264a1af33000ba115e575a7fd03a2c20..a9954ed442d5241f60689110768bfa69d03d5f2d 100644 (file)
--- a/cups/http.c
+++ b/cups/http.c
@@ -3593,8 +3593,15 @@ httpWriteResponse(http_t        *http,   /* I - HTTP connection */
 
     if (http->cookie)
     {
-      if (httpPrintf(http, "Set-Cookie: %s path=/ httponly%s\r\n",
-                    http->cookie, http->tls ? " secure" : "") < 1)
+      if (strchr(http->cookie, ';'))
+      {
+        if (httpPrintf(http, "Set-Cookie: %s\r\n", http->cookie) < 1)
+       {
+         http->status = HTTP_STATUS_ERROR;
+         return (-1);
+       }
+      }
+      else if (httpPrintf(http, "Set-Cookie: %s; path=/; httponly;%s\r\n", http->cookie, http->tls ? " secure;" : "") < 1)
       {
        http->status = HTTP_STATUS_ERROR;
        return (-1);

diff --git a/scheduler/cert.c b/scheduler/cert.c
index 893ea331400d78a6c047783c76d153b4625f262e..eb68befb76fbb7ee2d512dbe52da3228bdc0ffb4 100644 (file)
--- a/scheduler/cert.c
+++ b/scheduler/cert.c
@@ -43,8 +43,7 @@ cupsdAddCert(int        pid,          /* I - Process ID */
                                        /* Hex constants... */
 
 
-  cupsdLogMessage(CUPSD_LOG_DEBUG2,
-                  "cupsdAddCert: Adding certificate for PID %d", pid);
+  cupsdLogMessage(CUPSD_LOG_DEBUG, "cupsdAddCert: Adding certificate for PID %d", pid);
 
  /*
   * Allocate memory for the certificate...

diff --git a/scheduler/client.c b/scheduler/client.c
index d7491cbbde202f06a136ea34a96d77dc62e67e94..f5150e5c5ba23dad87820fb5633494e8f3acde11 100644 (file)
--- a/scheduler/client.c
+++ b/scheduler/client.c
@@ -1979,6 +1979,12 @@ cupsdReadClient(cupsd_client_t *con)     /* I - Client to read from */
 
        if (httpGetState(con->http) == HTTP_STATE_POST_SEND)
        {
+        /*
+         * Don't listen for activity until we decide to do something with this...
+         */
+
+          cupsdAddSelect(httpGetFd(con->http), NULL, NULL, con);
+
          if (con->file >= 0)
          {
            fstat(con->file, &filestats);
@@ -2630,12 +2636,6 @@ cupsdWriteClient(cupsd_client_t *con)    /* I - Client connection */
            }
            else if (!_cups_strcasecmp(con->header, "Set-Cookie") && value)
            {
-             char *sep = strchr(value, ';');
-                                       /* Separator between name=value and the rest */
-
-             if (sep)
-               *sep = '\0';
-
              httpSetCookie(con->http, value);
              con->sent_header = 1;
            }

diff --git a/scheduler/process.c b/scheduler/process.c
index 425f3ba9cc402d5936c2381939389694f228101d..639d6464fcdc89cff6f5127dea8c39101cf2d327 100644 (file)
--- a/scheduler/process.c
+++ b/scheduler/process.c
@@ -73,6 +73,7 @@ cupsdCreateProfile(int job_id,                /* I - Job ID or 0 for none */
                        domain[1024],   /* Domain socket, if any */
                        request[1024],  /* Quoted RequestRoot */
                        root[1024],     /* Quoted ServerRoot */
+                       state[1024],    /* Quoted StateDir */
                        temp[1024];     /* Quoted TempDir */
   const char           *nodebug;       /* " (with no-log)" for no debug */
   cupsd_listener_t     *lis;           /* Current listening socket */
@@ -104,6 +105,7 @@ cupsdCreateProfile(int job_id,              /* I - Job ID or 0 for none */
   cupsd_requote(cache, CacheDir, sizeof(cache));
   cupsd_requote(request, RequestRoot, sizeof(request));
   cupsd_requote(root, ServerRoot, sizeof(root));
+  cupsd_requote(state, StateDir, sizeof(state));
   cupsd_requote(temp, TempDir, sizeof(temp));
 
   nodebug = LogLevel < CUPSD_LOG_DEBUG ? " (with no-log)" : "";
@@ -188,8 +190,10 @@ cupsdCreateProfile(int job_id,             /* I - Job ID or 0 for none */
                 " #\"^%s/\""           /* TempDir/... */
                 " #\"^%s$\""           /* CacheDir */
                 " #\"^%s/\""           /* CacheDir/... */
+                " #\"^%s$\""           /* StateDir */
+                " #\"^%s/\""           /* StateDir/... */
                 "))\n",
-                temp, temp, cache, cache);
+                temp, temp, cache, cache, state, state);
   /* Read common folders */
   cupsFilePrintf(fp,
                  "(allow file-read-data file-read-metadata\n"