Michael R Sweet [Fri, 10 Nov 2017 20:33:47 +0000 (15:33 -0500)]
Add media-type localizations for printer-specific media types (Issue #5168)
cups/dest-localization.c: Move .strings file loader to language.c.
cups/language-private.h: Add load options for _cupsMessageLoad.
cups/language.c: Move .strings file loader to this file.
cups/ppd-cache.c: Save printer-strings-uri value and load the strings file for m
edia-type
cups/ppd-private.h: Bump cache version and add strings_uri.
locale/checkpo.c: Use _cupsMessageLoad for .strings files.
Michael R Sweet [Wed, 8 Nov 2017 23:00:44 +0000 (18:00 -0500)]
The scheduler no longer logs pages as they are printed, instead just logging
a total of the pages printed at job completion (Issue #4991)
- man/cupsd-logs.man: Update page_log information.
- scheduler/job.c: Move cupsdLogPage to finalize_job, make update_job only
accept a "PAGE: total NNN" message if the count is greater than the total
cupsd already has. Also track sheets.
- test/run-stp-tests.sh: Fix page log verification for Test3 since we now just
have the total lines.
Michael R Sweet [Mon, 6 Nov 2017 21:19:27 +0000 (16:19 -0500)]
Support the latest HTTP Digest authentication specification (Issue #4862)
Also deprecates all httpMD5* functions.
- cgi-bin/var.c: Use cupsHashData to compute SID hash.
- cups/auth.c: Rewrite WWW-Authenticate parser to support multiple auth schemes
and the new RFC 7616 version of HTTP Digest.
- cups/cups.h: Add cupsHashString function to get a hex version of a hash.
- cups/hash.c: Add MD5 support.
- cups/http.c: Track WWW-Authenticate in a long string, concatenate new set
values.
- cups/http.h: Deprecate httpMD5* and recommend cupsDoAuth and cupsHash*.
- cups/http-private.h: Pull MD5 stuff, nonce_count is unsigned, track
WWW-Authenticate header as a potentially long string.
- cups/http-support.c: Use cupsHashData to compute UUID hash.
- cups/md5.c: Comment everything out if we have an OS-supplied MD5 hash
function.
- cups/md5passwd.c: Use cupsHash* functions.
- cups/tls-*.c: Use cupsHash* functions.
- cups/versioning.h: Add CUPS_API_2_3 definition.
- scheduler/client.c: Update WWW-Authenticate header to include AuthRef,
Local, and PeerCred schemes with parameters as needed.
Michael R Sweet [Fri, 3 Nov 2017 15:27:04 +0000 (11:27 -0400)]
Add support for MinTLS and MaxTLS options (Issue #5119)
- cups/http-private.h: Move TLS/SSL version options to separate version
constants, make _httpTLSSetOptions take min/max version numbers.
- cups/tls-*.c: Update _httpTLSSetOptions and _httpTLSStart to use new min/max
version numbers.
- cups/tlscheck.c: Update _httpTLSSetOptions call.
- cups/usersys.c: Support new SSLOptions values, update _httpTLSSetOptions call.
- scheduler/conf.c: Support new SSLOptions values, update _httpTLSSetOptions
calls.
Michael R Sweet [Wed, 1 Nov 2017 19:45:50 +0000 (15:45 -0400)]
The `lp` and `lpr` commands now provide better error messages when the default
printer cannot be found (Issue #5096)
- berkeley/lpr.c: Use cupsLastErrorMessage() for not-found errors.
- cups/dest.c: Set the last error message in cupsGetNamedDest().
- systemv/lp.c: Use cupsLastErrorMessage() for not-found errors.
Michael Sweet [Fri, 20 Oct 2017 02:44:12 +0000 (22:44 -0400)]
Fix cipher suite selection with GNU TLS (Issue #5145)
Also make sure that client.conf SSLOptions do not override cupsd.conf
SSLOptions, and document the (hopefully obvious) fact that Allow* is less
secure and Deny* is more secure.
- cups/http-private.h: Add "_HTTP_TLS_SET_DEFAULT" flag for options set from
client.conf.
- cups/tls-*.c: Use new flag.
- cups/tls-gnutls.c: Fix CBC cipher suite exclusion logic, and always disable
anonymous DH.
- cups/usersys.c: Pass new flag when calling _httpTLSSetOptions.
- man/*: Update documentation.
Michael Sweet [Mon, 2 Oct 2017 23:14:25 +0000 (19:14 -0400)]
The scheduler did not run with a high enough priority, causing problems on
busy systems (rdar://33789342)
- Change ProcessType to Adaptive for both cupsd and cups-lpd
- Add "working" parameter to cupsdSetBusyState
- Call cupsdSetBusyState on startup to boost the priority on startup.