Don't use the machine store for certs on Windows.

diff --git a/cups/tls-sspi.c b/cups/tls-sspi.c
index 7493400f89592f09b96634625bcbd74baab8f00a..6c3dd0158035c1dd00d8ef1492acc101887e75cc 100644 (file)
--- a/cups/tls-sspi.c
+++ b/cups/tls-sspi.c
@@ -2,9 +2,11 @@
  * TLS support for CUPS on Windows using the Security Support Provider
  * Interface (SSPI).
  *
- * Copyright 2010-2018 by Apple Inc.
+ * Copyright © 2020-2022 by OpenPrinting.
+ * Copyright © 2010-2018 by Apple Inc.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 /**** This file is included from tls.c ****/
@@ -445,11 +447,11 @@ httpLoadCredentials(
     return (-1);
   }
 
-  if (!CryptAcquireContextW(&hProv, L"RememberedContainer", MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET | CRYPT_MACHINE_KEYSET))
+  if (!CryptAcquireContextW(&hProv, L"RememberedContainer", MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET /*| CRYPT_MACHINE_KEYSET*/))
   {
     if (GetLastError() == NTE_EXISTS)
     {
-      if (!CryptAcquireContextW(&hProv, L"RememberedContainer", MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_MACHINE_KEYSET))
+      if (!CryptAcquireContextW(&hProv, L"RememberedContainer", MS_DEF_PROV_W, PROV_RSA_FULL, 0 /*CRYPT_MACHINE_KEYSET*/))
       {
         DEBUG_printf(("1httpLoadCredentials: CryptAcquireContext failed: %s", http_sspi_strerror(error, sizeof(error), GetLastError())));
         goto cleanup;
@@ -568,11 +570,11 @@ httpSaveCredentials(
     return (-1);
   }
 
-  if (!CryptAcquireContextW(&hProv, L"RememberedContainer", MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET | CRYPT_MACHINE_KEYSET))
+  if (!CryptAcquireContextW(&hProv, L"RememberedContainer", MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET /*| CRYPT_MACHINE_KEYSET*/))
   {
     if (GetLastError() == NTE_EXISTS)
     {
-      if (!CryptAcquireContextW(&hProv, L"RememberedContainer", MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_MACHINE_KEYSET))
+      if (!CryptAcquireContextW(&hProv, L"RememberedContainer", MS_DEF_PROV_W, PROV_RSA_FULL, 0 /*CRYPT_MACHINE_KEYSET*/))
       {
         DEBUG_printf(("1httpSaveCredentials: CryptAcquireContext failed: %s", http_sspi_strerror(error, sizeof(error), GetLastError())));
         goto cleanup;
@@ -625,7 +627,7 @@ httpSaveCredentials(
   ckp.pwszContainerName = L"RememberedContainer";
   ckp.pwszProvName      = MS_DEF_PROV_W;
   ckp.dwProvType        = PROV_RSA_FULL;
-  ckp.dwFlags           = CRYPT_MACHINE_KEYSET;
+  ckp.dwFlags           = 0 /*CRYPT_MACHINE_KEYSET*/;
   ckp.dwKeySpec         = AT_KEYEXCHANGE;
 
   if (!CertSetCertificateContextProperty(storedContext, CERT_KEY_PROV_INFO_PROP_ID, 0, &ckp))
@@ -1689,11 +1691,11 @@ http_sspi_find_credentials(
   BOOL         ok = TRUE;              /* Return value */
 
 
-  if (!CryptAcquireContextW(&hProv, (LPWSTR)container, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET | CRYPT_MACHINE_KEYSET))
+  if (!CryptAcquireContextW(&hProv, (LPWSTR)container, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET /*| CRYPT_MACHINE_KEYSET*/))
   {
     if (GetLastError() == NTE_EXISTS)
     {
-      if (!CryptAcquireContextW(&hProv, (LPWSTR)container, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_MACHINE_KEYSET))
+      if (!CryptAcquireContextW(&hProv, (LPWSTR)container, MS_DEF_PROV_W, PROV_RSA_FULL, 0 /*CRYPT_MACHINE_KEYSET*/))
       {
         DEBUG_printf(("5http_sspi_find_credentials: CryptAcquireContext failed: %s", http_sspi_strerror(sspi->error, sizeof(sspi->error), GetLastError())));
         ok = FALSE;
@@ -1907,11 +1909,11 @@ http_sspi_make_credentials(
 
   DEBUG_printf(("4http_sspi_make_credentials(sspi=%p, container=%p, common_name=\"%s\", mode=%d, years=%d)", sspi, container, common_name, mode, years));
 
-  if (!CryptAcquireContextW(&hProv, (LPWSTR)container, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET | CRYPT_MACHINE_KEYSET))
+  if (!CryptAcquireContextW(&hProv, (LPWSTR)container, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET /* | CRYPT_MACHINE_KEYSET*/))
   {
     if (GetLastError() == NTE_EXISTS)
     {
-      if (!CryptAcquireContextW(&hProv, (LPWSTR)container, MS_DEF_PROV_W, PROV_RSA_FULL, CRYPT_MACHINE_KEYSET))
+      if (!CryptAcquireContextW(&hProv, (LPWSTR)container, MS_DEF_PROV_W, PROV_RSA_FULL, 0 /*CRYPT_MACHINE_KEYSET*/))
       {
         DEBUG_printf(("5http_sspi_make_credentials: CryptAcquireContext failed: %s", http_sspi_strerror(sspi->error, sizeof(sspi->error), GetLastError())));
 //        fprintf(stderr, "5http_sspi_make_credentials: CryptAcquireContext failed: %s\n", http_sspi_strerror(sspi->error, sizeof(sspi->error), GetLastError()));
@@ -2015,7 +2017,7 @@ http_sspi_make_credentials(
   ckp.pwszContainerName = (LPWSTR) container;
   ckp.pwszProvName      = MS_DEF_PROV_W;
   ckp.dwProvType        = PROV_RSA_FULL;
-  ckp.dwFlags           = CRYPT_MACHINE_KEYSET;
+  ckp.dwFlags           = 0 /*CRYPT_MACHINE_KEYSET*/;
   ckp.dwKeySpec         = AT_KEYEXCHANGE;
 
   if (!CertSetCertificateContextProperty(storedContext, CERT_KEY_PROV_INFO_PROP_ID, 0, &ckp))

diff --git a/vcnet/config.h b/vcnet/config.h
index 7d6e30829a7b28c7b44153f63746da4bd0819861..e58373206a858db93523843e4afe6f98084c1549 100644 (file)
--- a/vcnet/config.h
+++ b/vcnet/config.h
@@ -100,8 +100,8 @@ typedef unsigned long useconds_t;
  * Version of software...
  */
 
-#define CUPS_SVERSION "CUPS v2.4rc1"
-#define CUPS_MINIMAL "CUPS/2.4rc1"
+#define CUPS_SVERSION "CUPS v2.4.1"
+#define CUPS_MINIMAL "CUPS/2.4.1"
 
 
 /*

diff --git a/vcnet/libcups2_native.nuspec b/vcnet/libcups2_native.nuspec
index 101b196c45122e967d33d21195c1913613cfdb67..06261da2edbf0240e5b8ca36080d2d283f5b628d 100644 (file)
--- a/vcnet/libcups2_native.nuspec
+++ b/vcnet/libcups2_native.nuspec
@@ -3,7 +3,7 @@
     <metadata>
         <id>libcups2_native</id>
         <title>OpenPrinting CUPS Library for VS2019+</title>
-        <version>2.4.0.3</version>
+        <version>2.4.1.0</version>
         <authors>Michael R Sweet, OpenPrinting</authors>
         <owners>michaelrsweet</owners>
         <projectUrl>https://github.com/OpenPrinting/cups</projectUrl>
@@ -16,7 +16,7 @@ and other Unix®-like operating systems. The CUPS library provides a convenient
         <copyright>Copyright © 2020-2022 by OpenPrinting, Copyright © 2007-2019 by Apple Inc., Copyright © 1997-2007 by Easy Software Products.</copyright>
         <tags>http ipp native</tags>
        <dependencies>
-           <dependency id="libcups2_native.redist" version="2.4.0.3" />
+           <dependency id="libcups2_native.redist" version="2.4.1.0" />
        </dependencies>
     </metadata>
     <files>

diff --git a/vcnet/libcups2_native.redist.nuspec b/vcnet/libcups2_native.redist.nuspec
index 19929922f73b41fb4f35e331227860e4e983f8e6..ee4001a59f0da111b6bf95bd64c4201da38038f4 100644 (file)
--- a/vcnet/libcups2_native.redist.nuspec
+++ b/vcnet/libcups2_native.redist.nuspec
@@ -3,7 +3,7 @@
     <metadata>
         <id>libcups2_native.redist</id>
         <title>OpenPrinting CUPS Library for VS2019+ Redist</title>
-        <version>2.4.0.3</version>
+        <version>2.4.1.0</version>
         <authors>Michael R Sweet, OpenPrinting</authors>
         <owners>michaelrsweet</owners>
         <projectUrl>https://github.com/OpenPrinting/cups</projectUrl>

diff --git a/xcode/config.h b/xcode/config.h
index 3eedc67abf25d1084b59f4db69af8d85a48a2a1f..34e34aea7cdae724fc4a905714379296191df50d 100644 (file)
--- a/xcode/config.h
+++ b/xcode/config.h
@@ -1,7 +1,7 @@
 /*
  * Configuration file for CUPS and Xcode.
  *
- * Copyright © 2021 by OpenPrinting
+ * Copyright © 2021-2022 by OpenPrinting
  * Copyright © 2007-2019 by Apple Inc.
  * Copyright © 1997-2007 by Easy Software Products.
  *
@@ -19,8 +19,8 @@
  * Version of software...
  */
 
-#define CUPS_SVERSION "CUPS v2.4rc1"
-#define CUPS_MINIMAL "CUPS/2.4rc1"
+#define CUPS_SVERSION "CUPS v2.4.1"
+#define CUPS_MINIMAL "CUPS/2.4.1"
 
 
 /*