Allow access to cupsd-created files with non-world-readable permissions via the

author msweet <msweet@a1ca3aef-8c08-0410-bb20-df032aa958be>

Mon, 25 Aug 2014 13:28:04 +0000 (13:28 +0000)

committer msweet <msweet@a1ca3aef-8c08-0410-bb20-df032aa958be>

Mon, 25 Aug 2014 13:28:04 +0000 (13:28 +0000)
author msweet <msweet@a1ca3aef-8c08-0410-bb20-df032aa958be>
Mon, 25 Aug 2014 13:28:04 +0000 (13:28 +0000)
committer msweet <msweet@a1ca3aef-8c08-0410-bb20-df032aa958be>
Mon, 25 Aug 2014 13:28:04 +0000 (13:28 +0000)
diff --git a/CHANGES.txt b/CHANGES.txt

index 463cb390135063b87de6c81658556efa392e37c2..f80614bd40b5d22432493247668f5451fbae332d 100644 (file)
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,4 @@
-CHANGES.txt - 2.0rc1 - 2014-08-20
+CHANGES.txt - 2.0rc1 - 2014-08-25
  ---------------------------------
  
  CHANGES IN CUPS V2.0rc1
@@ -13,6 +13,8 @@ CHANGES IN CUPS V2.0rc1
         - Dropped the old Epson Stylus Color/Photo sample drivers since they
           don't work with any current printers and there are free alternatives
           that produce much better output (<rdar://problem/18036889>)
+       - Log and configuration files that are read-only are again accessible
+         via the web interface (STR #4461)
  
  
  CHANGES IN CUPS V2.0b1
diff --git a/scheduler/client.c b/scheduler/client.c

index d00d9fb70e8c0fb8b6a06fece9997cac10d0d9b2..36dd3ad0b5a987e40e0239b1469cf6054529b5a7 100644 (file)
--- a/scheduler/client.c
+++ b/scheduler/client.c
@@ -2912,6 +2912,7 @@ get_file(cupsd_client_t *con,             /* I  - Client connection */
    char         *ptr;                   /* Pointer info filename */
    size_t       plen;                   /* Remaining length after pointer */
    char         language[7];            /* Language subdirectory, if any */
+  int          perm_check = 1;         /* Do permissions check? */
  
  
   /*
@@ -2921,17 +2922,27 @@ get_file(cupsd_client_t *con,           /* I  - Client connection */
    language[0] = '\0';
  
    if (!strncmp(con->uri, "/ppd/", 5) && !strchr(con->uri + 5, '/'))
+  {
      snprintf(filename, len, "%s%s", ServerRoot, con->uri);
+
+    perm_check = 0;
+  }
    else if (!strncmp(con->uri, "/icons/", 7) && !strchr(con->uri + 7, '/'))
    {
      snprintf(filename, len, "%s/%s", CacheDir, con->uri + 7);
      if (access(filename, F_OK) < 0)
        snprintf(filename, len, "%s/images/generic.png", DocumentRoot);
+
+    perm_check = 0;
    }
    else if (!strncmp(con->uri, "/rss/", 5) && !strchr(con->uri + 5, '/'))
      snprintf(filename, len, "%s/rss/%s", CacheDir, con->uri + 5);
-  else if (!strncmp(con->uri, "/admin/conf/", 12))
-    snprintf(filename, len, "%s%s", ServerRoot, con->uri + 11);
+  else if (!strcmp(con->uri, "/admin/conf/cupsd.conf"))
+  {
+    strlcpy(filename, ConfigurationFile, len);
+
+    perm_check = 0;
+  }
    else if (!strncmp(con->uri, "/admin/log/", 11))
    {
      if (!strncmp(con->uri + 11, "access_log", 10) && AccessLog[0] == '/')
@@ -2942,6 +2953,8 @@ get_file(cupsd_client_t *con,             /* I  - Client connection */
        strlcpy(filename, PageLog, len);
      else
        return (NULL);
+
+    perm_check = 0;
    }
    else if (con->language)
    {
@@ -3007,7 +3020,7 @@ get_file(cupsd_client_t *con,             /* I  - Client connection */
    * not allow access...
    */
  
-  if (!status && !(filestats->st_mode & S_IROTH))
+  if (!status && perm_check && !(filestats->st_mode & S_IROTH))
    {
      cupsdLogClient(con, CUPSD_LOG_INFO, "Files/directories such as \"%s\" must be world-readable.", filename);
      return (NULL);
@@ -3115,7 +3128,7 @@ get_file(cupsd_client_t *con,             /* I  - Client connection */
      * not allow access...
      */
  
-    if (!status && !(filestats->st_mode & S_IROTH))
+    if (!status && perm_check && !(filestats->st_mode & S_IROTH))
      {
        cupsdLogClient(con, CUPSD_LOG_INFO, "Files/directories such as \"%s\" must be world-readable.", filename);
        return (NULL);
diff --git a/scheduler/ipp.c b/scheduler/ipp.c

index 1f6fe5a39d0601e17149b431e76b0da056d0abed..0e682ee8c2677e1a7051fdbb83d7c59bc4dd727d 100644 (file)
--- a/scheduler/ipp.c
+++ b/scheduler/ipp.c
@@ -2715,7 +2715,6 @@ add_printer(cupsd_client_t  *con, /* I - Client connection */
  
        cupsdLogMessage(CUPSD_LOG_DEBUG,
                       "Copied PPD file successfully");
-      chmod(dstfile, 0644);
      }
    }
  
@@ -4623,7 +4622,7 @@ copy_model(cupsd_client_t *con,           /* I - Client connection */
    * Open the destination file for a copy...
    */
  
-  if ((dst = cupsFileOpen(to, "wb")) == NULL)
+  if ((dst = cupsdCreateConfFile(to, ConfigFilePerm)) == NULL)
    {
      cupsFreeOptions(num_defaults, defaults);
      cupsFileClose(src);
@@ -4678,7 +4677,7 @@ copy_model(cupsd_client_t *con,           /* I - Client connection */
  
    unlink(tempfile);
  
-  return (cupsFileClose(dst));
+  return (cupsdCloseCreatedConfFile(dst, to));
  }
author	msweet <msweet@a1ca3aef-8c08-0410-bb20-df032aa958be>
	Mon, 25 Aug 2014 13:28:04 +0000 (13:28 +0000)
committer	msweet <msweet@a1ca3aef-8c08-0410-bb20-df032aa958be>
	Mon, 25 Aug 2014 13:28:04 +0000 (13:28 +0000)
CHANGES.txt		patch \| blob \| blame \| history
scheduler/client.c		patch \| blob \| blame \| history
scheduler/ipp.c		patch \| blob \| blame \| history