From: Michael R Sweet <msweet@msweet.org>
Date: Fri, 5 Apr 2024 13:05:47 +0000 (-0400)
Subject: Fix Upgrade header handling when there is no TLS support (Issue #775)
X-Git-Tag: v2.4.8~12
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5eb736d3b00baa88a1ccc715a3509d8032ea6130;p=thirdparty%2Fcups.git

Fix Upgrade header handling when there is no TLS support (Issue #775)
---

diff --git a/CHANGES.md b/CHANGES.md
index ea219084fb..c3dd08ec9c 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -17,7 +17,8 @@ Changes in CUPS v2.4.8 (TBA)
   (Issue #423)
 - Fixed printing of jobs with job name longer than 255 chars on older printers
   (Issue #644)
-- Really backport fix for Issue #742
+- Really backported fix for Issue #742
+- Fixed "Upgrade" header handling when there is no TLS support (Issue #775)
 - Fixed memory leak when unloading a job (Issue #813)
 - Fixed memory leak when creating color profiles (Issue #815)
 - Fixed crash in `scan_ps()` if incoming argument is NULL (Issue #831)
diff --git a/cups/request.c b/cups/request.c
index 5baa512bb6..2ede4b309e 100644
--- a/cups/request.c
+++ b/cups/request.c
@@ -434,8 +434,6 @@ cupsGetResponse(http_t     *http,	/* I - Connection to server or @code CUPS_HTTP
       else
         http->status = HTTP_STATUS_CUPS_AUTHORIZATION_CANCELED;
     }
-
-#ifdef HAVE_TLS
     else if (status == HTTP_STATUS_UPGRADE_REQUIRED)
     {
      /*
@@ -444,10 +442,14 @@ cupsGetResponse(http_t     *http,	/* I - Connection to server or @code CUPS_HTTP
 
       DEBUG_puts("2cupsGetResponse: Need encryption...");
 
+#ifdef HAVE_TLS
       if (!httpReconnect2(http, 30000, NULL))
         httpEncryption(http, HTTP_ENCRYPTION_REQUIRED);
-    }
+
+#else
+      http->status = HTTP_STATUS_CUPS_PKI_ERROR;
 #endif /* HAVE_TLS */
+    }
   }
 
   if (response)