From 8bec88adea5366d64d9f2618b1fa8b3c95dcbf13 Mon Sep 17 00:00:00 2001 From: Michael R Sweet Date: Tue, 17 Jan 2023 06:17:37 -0500 Subject: [PATCH] Fix default cupsd keychain with OpenSSL (Issue #529) --- CHANGES.md | 11 ++++++++--- scheduler/conf.c | 4 ++-- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 3dcc3fba8f..6cbf7230e0 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -15,16 +15,21 @@ Changes in CUPS v2.4.3 (TBA) - Fixed a potential SNMP OID value overflow issue (Issue #431) - Fixed an OpenSSL certificate loading issue (Issue #465) - Fixed Brazilian Portuguese translations (Issue #288) -- Fixed invalid memory access during generating IPP Everywhere queue (Issue #466) +- Fixed invalid memory access during generating IPP Everywhere queue + (Issue #466) - Fixed memory leaks in `create_local_bg_thread()` (Issue #466) +- Fixed `cupsd` default keychain location when building with OpenSSL + (Issue #529) - Fixed TLS certificate generation bugs. - `ippDeleteValues` would not delete the last value (Issue #556) -- Ignore some of IPP defaults if the application sends its PPD alternative (Issue #484) +- Ignore some of IPP defaults if the application sends its PPD alternative + (Issue #484) - Now look for default printer on network if needed (Issue #452) - Now report fax attributes and values as needed (Issue #459) - Now localize HTTP responses using the Content-Language value (Issue #426) - Raised file size limit for importing PPD via Web UI (Issue #433) -- Update print-color-mode if the printer is modified via ColorModel PPD option (Issue #451) +- Update print-color-mode if the printer is modified via ColorModel PPD option + (Issue #451) - Use localhost when printing via printer application (Issue #353) - Write defaults into /etc/cups/lpoptions if we're root (Issue #456) diff --git a/scheduler/conf.c b/scheduler/conf.c index c8b4d1d6a4..168ee9ef9c 100644 --- a/scheduler/conf.c +++ b/scheduler/conf.c @@ -605,11 +605,11 @@ cupsdReadConfiguration(void) ClassifyOverride = 0; #ifdef HAVE_TLS -# ifdef HAVE_GNUTLS +# if defined HAVE_GNUTLS || defined HAVE_OPENSSL cupsdSetString(&ServerKeychain, "ssl"); # else cupsdSetString(&ServerKeychain, "/Library/Keychains/System.keychain"); -# endif /* HAVE_GNUTLS */ +# endif /* HAVE_GNUTLS || HAVE_OPENSSL */ _httpTLSSetOptions(_HTTP_TLS_NONE, _HTTP_TLS_1_0, _HTTP_TLS_MAX); #endif /* HAVE_TLS */ -- 2.47.3