From: msweet Date: Thu, 19 Jul 2007 23:13:28 +0000 (+0000) Subject: Update to CUPS trunk r6695. X-Git-Tag: release-1.6.3~211 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cc0d019f5e08f870f94b8fee5f264b287fcecc3c;p=thirdparty%2Fcups.git Update to CUPS trunk r6695. git-svn-id: svn+ssh://src.apple.com/svn/cups/easysw/current@352 a1ca3aef-8c08-0410-bb20-df032aa958be --- diff --git a/CHANGES.txt b/CHANGES.txt index a66fe2dc5d..02ea9533e7 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,8 +1,22 @@ -CHANGES.txt - 2007-07-16 +CHANGES.txt - 2007-07-19 ------------------------ CHANGES IN CUPS V1.3?? + - Backends could (incorrectly) run as root during discovery + (STR #2454) + - Avahi is now supported for DNS-SD (Bonjour) printer sharing + (STR #2455) + - The default cupsd.conf file had typos and old operation names + (STR #2450) + - The scheduler now erases authentication cache files using the + 7-pass US DoD algorithm. + - Delegated Kerberos credentials (proxy authentication) did not + work. + - The filter makefile did not optimize the libcupsimage.2.dylib + with a sectorder file. + - The IPP backend incorrectly wrote an empty printer message + when processing the "none" state reason. - The USB backend could deadlock on Mac OS X while performing a side-channel command. - The scheduler did not prevent remote queues from being diff --git a/Makedefs.in b/Makedefs.in index 01480314c7..ab06b0ce14 100644 --- a/Makedefs.in +++ b/Makedefs.in @@ -1,5 +1,5 @@ # -# "$Id: Makedefs.in 6649 2007-07-11 21:46:42Z mike $" +# "$Id: Makedefs.in 6687 2007-07-18 19:49:45Z mike $" # # Common makefile definitions for the Common UNIX Printing System (CUPS). # @@ -131,6 +131,7 @@ LDFLAGS = -L../cups -L../filter @LDARCHFLAGS@ \ @LDFLAGS@ @RELROFLAGS@ @PIEFLAGS@ $(OPTIM) LEGACY_BACKENDS = @LEGACY_BACKENDS@ LIBCUPSORDER = @LIBCUPSORDER@ +LIBCUPSIMAGEORDER = @LIBCUPSIMAGEORDER@ LINKCUPS = @LINKCUPS@ $(SSLLIBS) LINKCUPSIMAGE = @LINKCUPSIMAGE@ LIBS = $(LINKCUPS) $(COMMONLIBS) @@ -271,5 +272,5 @@ DBUSDIR = @DBUSDIR@ # -# End of "$Id: Makedefs.in 6649 2007-07-11 21:46:42Z mike $" +# End of "$Id: Makedefs.in 6687 2007-07-18 19:49:45Z mike $" # diff --git a/backend/ipp.c b/backend/ipp.c index 457e36bfd4..65a5a7e697 100644 --- a/backend/ipp.c +++ b/backend/ipp.c @@ -1,5 +1,5 @@ /* - * "$Id: ipp.c 6649 2007-07-11 21:46:42Z mike $" + * "$Id: ipp.c 6687 2007-07-18 19:49:45Z mike $" * * IPP backend for the Common UNIX Printing System (CUPS). * @@ -1482,7 +1482,7 @@ report_printer_state(ipp_t *ipp) /* I - IPP response */ reason); } - if (message) + if (message[0]) { count ++; if (strstr(reasons->values[i].string.text, "error")) @@ -1711,5 +1711,5 @@ sigterm_handler(int sig) /* I - Signal */ /* - * End of "$Id: ipp.c 6649 2007-07-11 21:46:42Z mike $". + * End of "$Id: ipp.c 6687 2007-07-18 19:49:45Z mike $". */ diff --git a/conf/cupsd.conf.in b/conf/cupsd.conf.in index 96138db38f..c2cda06752 100644 --- a/conf/cupsd.conf.in +++ b/conf/cupsd.conf.in @@ -1,5 +1,5 @@ # -# "$Id: cupsd.conf.in 6634 2007-07-09 20:15:40Z mike $" +# "$Id: cupsd.conf.in 6690 2007-07-18 23:58:37Z mike $" # # Sample configuration file for the Common UNIX Printing System (CUPS) # scheduler. See "man cupsd.conf" for a complete description of this @@ -49,14 +49,14 @@ DefaultAuthType Basic # Set the default printer/job policies... - # Job-related operations must be done by the owner or an adminstrator... + # Job-related operations must be done by the owner or an administrator... Require user @OWNER @SYSTEM Order deny,allow - # All administration operations require an adminstrator to authenticate... - + # All administration operations require an administrator to authenticate... + AuthType Default Require user @SYSTEM Order deny,allow @@ -74,5 +74,5 @@ DefaultAuthType Basic # -# End of "$Id: cupsd.conf.in 6634 2007-07-09 20:15:40Z mike $". +# End of "$Id: cupsd.conf.in 6690 2007-07-18 23:58:37Z mike $". # diff --git a/config-scripts/cups-common.m4 b/config-scripts/cups-common.m4 index e360095e4f..7e344e41e9 100644 --- a/config-scripts/cups-common.m4 +++ b/config-scripts/cups-common.m4 @@ -1,5 +1,5 @@ dnl -dnl "$Id: cups-common.m4 6682 2007-07-16 20:22:37Z mike $" +dnl "$Id: cups-common.m4 6689 2007-07-18 23:52:15Z mike $" dnl dnl Common configuration stuff for the Common UNIX Printing System (CUPS). dnl @@ -157,8 +157,7 @@ esac AC_CHECK_FUNCS(sigaction) dnl Checks for wait functions. -AC_CHECK_FUNCS(waitpid) -AC_CHECK_FUNCS(wait3) +AC_CHECK_FUNCS(waitpid wait3) dnl See if the tm structure has the tm_gmtoff member... AC_MSG_CHECKING(for tm_gmtoff member in tm structure) @@ -168,6 +167,9 @@ AC_TRY_COMPILE([#include ],[struct tm t; AC_DEFINE(HAVE_TM_GMTOFF), AC_MSG_RESULT(no)) +dnl See if we have the removefile(3) function for securely removing files +AC_CHECK_FUNCS(removefile) + dnl Flags for "ar" command... case $uname in Darwin* | *BSD*) @@ -188,11 +190,6 @@ CUPS_SYSTEM_AUTHKEY="" AC_ARG_ENABLE(dbus, [ --enable-dbus enable DBUS support, default=auto]) -AC_ARG_WITH(libcupsorder, [ --with-libcupsorder libcups secorder file, default=libcups.order], - LIBCUPSORDER="$withval", - LIBCUPSORDER="libcups.order") -AC_SUBST(LIBCUPSORDER) - FONTS="fonts" AC_SUBST(FONTS) LEGACY_BACKENDS="parallel scsi" @@ -285,5 +282,5 @@ AC_SUBST(DEFAULT_IPP_PORT) AC_DEFINE_UNQUOTED(CUPS_DEFAULT_IPP_PORT,$DEFAULT_IPP_PORT) dnl -dnl End of "$Id: cups-common.m4 6682 2007-07-16 20:22:37Z mike $". +dnl End of "$Id: cups-common.m4 6689 2007-07-18 23:52:15Z mike $". dnl diff --git a/config-scripts/cups-compiler.m4 b/config-scripts/cups-compiler.m4 index c87069cac0..93302113f5 100644 --- a/config-scripts/cups-compiler.m4 +++ b/config-scripts/cups-compiler.m4 @@ -1,5 +1,5 @@ dnl -dnl "$Id: cups-compiler.m4 6649 2007-07-11 21:46:42Z mike $" +dnl "$Id: cups-compiler.m4 6687 2007-07-18 19:49:45Z mike $" dnl dnl Compiler stuff for the Common UNIX Printing System (CUPS). dnl @@ -72,6 +72,16 @@ AC_SUBST(PIEFLAGS) RELROFLAGS="" AC_SUBST(RELROFLAGS) +AC_ARG_WITH(libcupsorder, [ --with-libcupsorder libcups secorder file, default=libcups.order], + LIBCUPSORDER="$withval", + LIBCUPSORDER="libcups.order") +AC_SUBST(LIBCUPSORDER) + +AC_ARG_WITH(libcupsimageorder, [ --with-libcupimagesorder libcupsimage secorder file, default=libcups.order], + LIBCUPSIMAGEORDER="$withval", + LIBCUPSIMAGEORDER="libcupsimage.order") +AC_SUBST(LIBCUPSIMAGEORDER) + if test -n "$GCC"; then # Add GCC-specific compiler options... if test -z "$OPTIM"; then @@ -449,5 +459,5 @@ case $uname in esac dnl -dnl End of "$Id: cups-compiler.m4 6649 2007-07-11 21:46:42Z mike $". +dnl End of "$Id: cups-compiler.m4 6687 2007-07-18 19:49:45Z mike $". dnl diff --git a/config-scripts/cups-dnssd.m4 b/config-scripts/cups-dnssd.m4 index 001c79f9aa..fd82700488 100644 --- a/config-scripts/cups-dnssd.m4 +++ b/config-scripts/cups-dnssd.m4 @@ -29,17 +29,19 @@ DNSSDLIBS="" if test x$enable_dnssd != xno; then AC_CHECK_HEADER(dns_sd.h, [ - AC_DEFINE(HAVE_DNSSD) case "$uname" in Darwin*) # Darwin and MacOS X... DNSSDLIBS="-framework CoreFoundation -framework SystemConfiguration" + AC_DEFINE(HAVE_DNSSD) AC_DEFINE(HAVE_COREFOUNDATION) AC_DEFINE(HAVE_SYSTEMCONFIGURATION) ;; *) # All others... - DNSSDLIBS="???" + AC_CHECK_LIB(dns_sd,DNSServiceProcessResult, + AC_DEFINE(HAVE_DNSSD) + DNSSDLIBS="-ldns_sd") ;; esac ]) diff --git a/config.h.in b/config.h.in index ebd9ab4bf3..8f7347a748 100644 --- a/config.h.in +++ b/config.h.in @@ -1,5 +1,5 @@ /* - * "$Id: config.h.in 6649 2007-07-11 21:46:42Z mike $" + * "$Id: config.h.in 6689 2007-07-18 23:52:15Z mike $" * * Configuration file for the Common UNIX Printing System (CUPS). * @@ -529,8 +529,15 @@ #undef HAVE_SYS_UCRED_H +/* + * Do we have removefile()? + */ + +#undef HAVE_REMOVEFILE + + #endif /* !_CUPS_CONFIG_H_ */ /* - * End of "$Id: config.h.in 6649 2007-07-11 21:46:42Z mike $". + * End of "$Id: config.h.in 6689 2007-07-18 23:52:15Z mike $". */ diff --git a/filter/Makefile b/filter/Makefile index 36e947ce25..9961806ec6 100644 --- a/filter/Makefile +++ b/filter/Makefile @@ -1,5 +1,5 @@ # -# "$Id: Makefile 6649 2007-07-11 21:46:42Z mike $" +# "$Id: Makefile 6687 2007-07-18 19:49:45Z mike $" # # Filter makefile for the Common UNIX Printing System (CUPS). # @@ -242,6 +242,7 @@ libcupsimage.2.dylib: $(IMAGEOBJS) -install_name $(libdir)/$@ \ -current_version 2.3.0 \ -compatibility_version 2.0.0 \ + -sectorder __TEXT __text $(LIBCUPSIMAGEORDER) \ $(IMAGEOBJS) $(DSOLIBS) -L../cups $(LINKCUPS) -lm $(RM) libcupsimage.dylib $(LN) $@ libcupsimage.dylib @@ -386,5 +387,5 @@ include Dependencies # -# End of "$Id: Makefile 6649 2007-07-11 21:46:42Z mike $". +# End of "$Id: Makefile 6687 2007-07-18 19:49:45Z mike $". # diff --git a/filter/libcupsimage.order b/filter/libcupsimage.order new file mode 100644 index 0000000000..92820f7c2b --- /dev/null +++ b/filter/libcupsimage.order @@ -0,0 +1 @@ +single module:dyld_stub_binding_helper diff --git a/scheduler/Makefile b/scheduler/Makefile index fa945ff1a5..fc49576187 100644 --- a/scheduler/Makefile +++ b/scheduler/Makefile @@ -1,5 +1,5 @@ # -# "$Id: Makefile 6664 2007-07-13 17:41:02Z mike $" +# "$Id: Makefile 6692 2007-07-19 19:28:16Z mike $" # # Scheduler Makefile for the Common UNIX Printing System (CUPS). # @@ -34,6 +34,7 @@ CUPSDOBJS = \ printers.o \ process.o \ quotas.o \ + removefile.o \ select.o \ server.o \ statbuf.o \ @@ -85,7 +86,7 @@ all: $(TARGETS) clean: $(RM) $(OBJS) - $(RM) $(TARGETS) + $(RM) $(TARGETS) convert # @@ -127,7 +128,10 @@ install: all echo Creating $(SERVERROOT)/ppd... $(INSTALL_DIR) -m 755 $(SERVERROOT)/ppd -chgrp $(CUPS_GROUP) $(SERVERROOT)/ppd - -if test "x`uname`" != xDarwin; then \ + -if test "x`uname`" = xDarwin; then \ + $(INSTALL_DIR) $(BUILDROOT)/System/Library/Printers/Libraries; \ + $(LN) $(sbindir)/cupsfilter $(BUILDROOT)/System/Library/Printers/Libraries/convert; \ + else \ echo Creating $(SERVERROOT)/ssl...; \ $(INSTALL_DIR) -m 700 $(SERVERROOT)/ssl; \ -chgrp $(CUPS_GROUP) $(SERVERROOT)/ssl; \ @@ -165,10 +169,12 @@ install: all uninstall: all $(RM) $(SBINDIR)/cupsd + $(RM) $(SBINDIR)/cupsfilter $(RM) $(SERVERBIN)/daemon/cups-deviced $(RM) $(SERVERBIN)/daemon/cups-driverd $(RM) $(SERVERBIN)/daemon/cups-lpd $(RM) $(SERVERBIN)/daemon/cups-polld + $(RM) $(BUILDROOT)/System/Library/Printers/Libraries/convert -$(RMDIR) $(STATEDIR)/certs -$(RMDIR) $(STATEDIR) -$(RMDIR) $(SERVERROOT)/ppd @@ -210,6 +216,8 @@ cupsd-static: $(CUPSDOBJS) libmime.a ../cups/libcups.a cupsfilter: cupsfilter.o libmime.a ../cups/$(LIBCUPS) echo Linking $@... $(CC) $(LDFLAGS) -o cupsfilter cupsfilter.o libmime.a $(LIBS) + $(RM) convert + $(LN) cupsfilter convert # @@ -316,5 +324,5 @@ include Dependencies # -# End of "$Id: Makefile 6664 2007-07-13 17:41:02Z mike $". +# End of "$Id: Makefile 6692 2007-07-19 19:28:16Z mike $". # diff --git a/scheduler/conf.c b/scheduler/conf.c index 7426eab26b..d962739985 100644 --- a/scheduler/conf.c +++ b/scheduler/conf.c @@ -1,5 +1,5 @@ /* - * "$Id: conf.c 6649 2007-07-11 21:46:42Z mike $" + * "$Id: conf.c 6689 2007-07-18 23:52:15Z mike $" * * Configuration routines for the Common UNIX Printing System (CUPS). * @@ -37,7 +37,6 @@ #include #include #include -#include /* @@ -851,43 +850,6 @@ cupsdReadConfiguration(void) return (0); } - if (!strncmp(TempDir, RequestRoot, strlen(RequestRoot))) - { - /* - * Clean out the temporary directory... - */ - - cups_dir_t *dir; /* Temporary directory */ - cups_dentry_t *dent; /* Directory entry */ - char tempfile[1024]; /* Temporary filename */ - - - if ((dir = cupsDirOpen(TempDir)) != NULL) - { - cupsdLogMessage(CUPSD_LOG_INFO, - "Cleaning out old temporary files in \"%s\"...", TempDir); - - while ((dent = cupsDirRead(dir)) != NULL) - { - snprintf(tempfile, sizeof(tempfile), "%s/%s", TempDir, dent->filename); - - if (unlink(tempfile)) - cupsdLogMessage(CUPSD_LOG_ERROR, - "Unable to remove temporary file \"%s\" - %s", - tempfile, strerror(errno)); - else - cupsdLogMessage(CUPSD_LOG_DEBUG, "Removed temporary file \"%s\"...", - tempfile); - } - - cupsDirClose(dir); - } - else - cupsdLogMessage(CUPSD_LOG_ERROR, - "Unable to open temporary directory \"%s\" - %s", - TempDir, strerror(errno)); - } - /* * Setup environment variables... */ @@ -3373,5 +3335,5 @@ read_policy(cups_file_t *fp, /* I - Configuration file */ /* - * End of "$Id: conf.c 6649 2007-07-11 21:46:42Z mike $". + * End of "$Id: conf.c 6689 2007-07-18 23:52:15Z mike $". */ diff --git a/scheduler/cups-deviced.c b/scheduler/cups-deviced.c index 55aa577f4a..9a92732b55 100644 --- a/scheduler/cups-deviced.c +++ b/scheduler/cups-deviced.c @@ -1,5 +1,5 @@ /* - * "$Id: cups-deviced.c 6649 2007-07-11 21:46:42Z mike $" + * "$Id: cups-deviced.c 6693 2007-07-19 21:02:36Z mike $" * * Device scanning mini-daemon for the Common UNIX Printing System (CUPS). * @@ -17,6 +17,7 @@ * main() - Scan for devices and return an IPP response. * add_dev() - Add a new device to the list. * compare_devs() - Compare device names for sorting. + * run_backend() - Run a backend to gather the available devices. * sigalrm_handler() - Handle alarm signals for backends that get hung */ @@ -27,10 +28,7 @@ #include "util.h" #include #include - -#ifdef __hpux -# define seteuid(uid) setresuid(-1, (uid), -1) -#endif /* __hpux */ +#include /* @@ -66,6 +64,7 @@ static dev_info_t *add_dev(const char *device_class, const char *device_uri, const char *device_id); static int compare_devs(dev_info_t *p0, dev_info_t *p1); +static FILE *run_backend(const char *backend, int uid, int *pid); static void sigalrm_handler(int sig); @@ -87,6 +86,7 @@ main(int argc, /* I - Number of command-line args */ int count; /* Number of devices from backend */ int compat; /* Compatibility device? */ FILE *fp; /* Pipe to device backend */ + int pid; /* Process ID of backend */ cups_dir_t *dir; /* Directory pointer */ cups_dentry_t *dent; /* Directory entry */ char filename[1024], /* Name of backend */ @@ -204,25 +204,23 @@ main(int argc, /* I - Number of command-line args */ * Change effective users depending on the backend permissions... */ - if (!getuid()) - { - /* - * Backends without permissions for normal users run as root, - * all others run as the unprivileged user... - */ + snprintf(filename, sizeof(filename), "%s/%s", backends, dent->filename); - if (!(dent->fileinfo.st_mode & (S_IRWXG | S_IRWXO))) - seteuid(0); - else - seteuid(normal_user); - } + /* + * Backends without permissions for normal users run as root, + * all others run as the unprivileged user... + */ + + fp = run_backend(filename, + (dent->fileinfo.st_mode & (S_IRWXG | S_IRWXO)) + ? normal_user : 0, + &pid); /* - * Run the backend with no arguments and collect the output... + * Collect the output from the backend... */ - snprintf(filename, sizeof(filename), "%s/%s", backends, dent->filename); - if ((fp = popen(filename, "r")) != NULL) + if (fp) { /* * Set an alarm for the first read from the backend; this avoids @@ -312,7 +310,8 @@ main(int argc, /* I - Number of command-line args */ fprintf(stderr, "WARNING: [cups-deviced] Backend \"%s\" did not " "respond within 30 seconds!\n", dent->filename); - pclose(fp); + fclose(fp); + kill(pid, SIGTERM); /* * Hack for backends that don't support the CUPS 1.1 calling convention: @@ -342,13 +341,6 @@ main(int argc, /* I - Number of command-line args */ cupsDirClose(dir); - /* - * Switch back to root as needed... - */ - - if (!getuid() && geteuid()) - seteuid(0); - /* * Output the list of devices... */ @@ -476,6 +468,71 @@ compare_devs(dev_info_t *d0, /* I - First device */ } +/* + * 'run_backend()' - Run a backend to gather the available devices. + */ + +static FILE * /* O - stdout of backend */ +run_backend(const char *backend, /* I - Backend to run */ + int uid, /* I - User ID to run as */ + int *pid) /* O - Process ID of backend */ +{ + int fds[2]; /* Pipe file descriptors */ + + + if (pipe(fds)) + { + fprintf(stderr, "ERROR: Unable to create a pipe for \"%s\" - %s\n", + backend, strerror(errno)); + return (NULL); + } + + if ((*pid = fork()) < 0) + { + /* + * Error! + */ + + fprintf(stderr, "ERROR: Unable to fork for \"%s\" - %s\n", backend, + strerror(errno)); + close(fds[0]); + close(fds[1]); + return (NULL); + } + else if (!*pid) + { + /* + * Child comes here... + */ + + if (!getuid() && uid) + setuid(uid); /* Run as restricted user */ + + close(0); /* pipe */ + dup(fds[1]); + + close(fds[0]); /* Close copies of pipes */ + close(fds[1]); + + execl(backend, backend, (char *)0); /* Run it! */ + fprintf(stderr, "ERROR: Unable to execute \"%s\" - %s\n", backend, + strerror(errno)); + exit(1); + } + + /* + * Parent comes here, make a FILE * from the input side of the pipe... + */ + + close(fds[1]); + + return (fdopen(fds[0], "r")); +} + + /* * 'sigalrm_handler()' - Handle alarm signals for backends that get hung * trying to list the available devices... @@ -491,5 +548,5 @@ sigalrm_handler(int sig) /* I - Signal number */ /* - * End of "$Id: cups-deviced.c 6649 2007-07-11 21:46:42Z mike $". + * End of "$Id: cups-deviced.c 6693 2007-07-19 21:02:36Z mike $". */ diff --git a/scheduler/cupsd.h b/scheduler/cupsd.h index 7fe930a1ce..8f7b3d905a 100644 --- a/scheduler/cupsd.h +++ b/scheduler/cupsd.h @@ -1,5 +1,5 @@ /* - * "$Id: cupsd.h 6649 2007-07-11 21:46:42Z mike $" + * "$Id: cupsd.h 6689 2007-07-18 23:52:15Z mike $" * * Main header file for the Common UNIX Printing System (CUPS) scheduler. * @@ -218,7 +218,8 @@ extern void cupsdRemoveSelect(int fd); extern void cupsdStartSelect(void); extern void cupsdStopSelect(void); +extern int cupsdRemoveFile(const char *filename); /* - * End of "$Id: cupsd.h 6649 2007-07-11 21:46:42Z mike $". + * End of "$Id: cupsd.h 6689 2007-07-18 23:52:15Z mike $". */ diff --git a/scheduler/cupsfilter.c b/scheduler/cupsfilter.c index 5c5e776a38..f69aa820f3 100644 --- a/scheduler/cupsfilter.c +++ b/scheduler/cupsfilter.c @@ -1,5 +1,5 @@ /* - * "$Id: cupsfilter.c 6668 2007-07-13 23:09:49Z mike $" + * "$Id: cupsfilter.c 6695 2007-07-19 21:59:30Z mike $" * * CUPS filtering program for the Common UNIX Printing System (CUPS). * @@ -74,13 +74,14 @@ static int compare_pids(mime_filter_t *a, mime_filter_t *b); static char *escape_options(int num_options, cups_option_t *options); static int exec_filter(const char *filter, char **argv, char **envp, int infd, int outfd); -static int exec_filters(cups_array_t *filters, const char *filename, - const char *ppdfile, const char *title, +static int exec_filters(cups_array_t *filters, const char *infile, + const char *outfile, const char *ppdfile, + const char *user, const char *title, int num_options, cups_option_t *options); static int open_pipe(int *fds); static int read_cupsd_conf(const char *filename); static void set_string(char **s, const char *val); -static void usage(const char *opt); +static void usage(const char *command, const char *opt); /* @@ -92,13 +93,17 @@ main(int argc, /* I - Number of command-line args */ char *argv[]) /* I - Command-line arguments */ { int i; /* Looping vars */ - const char *opt; /* Current option */ - char super[MIME_MAX_SUPER], /* Super-type name */ + const char *command, /* Command name */ + *opt; /* Current option */ + char *srctype, /* Source type */ + *dsttype, /* Destination type */ + super[MIME_MAX_SUPER], /* Super-type name */ type[MIME_MAX_TYPE]; /* Type name */ int compression; /* Compression of file */ int cost; /* Cost of filters */ mime_t *mime; /* MIME database */ - char *filename; /* File to filter */ + char *infile, /* File to filter */ + *outfile; /* File to create */ char cupsdconf[1024]; /* cupsd.conf file */ const char *server_root; /* CUPS_SERVERROOT environment variable */ mime_type_t *src, /* Source type */ @@ -107,23 +112,34 @@ main(int argc, /* I - Number of command-line args */ int num_options; /* Number of options */ cups_option_t *options; /* Options */ const char *ppdfile; /* PPD file */ - const char *title; /* Title string */ + const char *title, /* Title string */ + *user; /* Username */ + int removeppd, /* Remove PPD file */ + removeinfile; /* Remove input file */ + int status; /* Execution status */ /* * Setup defaults... */ - mime = NULL; - src = NULL; - dst = NULL; - filename = NULL; - num_options = 0; - options = NULL; - ppdfile = NULL; - title = NULL; - super[0] = '\0'; - type[0] = '\0'; + if ((command = strrchr(argv[0], '/')) != NULL) + command ++; + else + command = argv[0]; + + mime = NULL; + srctype = NULL; + dsttype = "application/pdf"; + infile = NULL; + outfile = NULL; + num_options = 0; + options = NULL; + ppdfile = NULL; + title = NULL; + user = cupsUser(); + removeppd = 0; + removeinfile = 0; if ((server_root = getenv("CUPS_SERVERROOT")) == NULL) server_root = CUPS_SERVERROOT; @@ -144,29 +160,71 @@ main(int argc, /* I - Number of command-line args */ { case '-' : /* Next argument is a filename... */ i ++; - if (i < argc && !filename) - filename = argv[i]; + if (i < argc && !infile) + infile = argv[i]; else - usage(opt); + usage(command, opt); + break; + + case 'a' : /* Specify option... */ + i ++; + if (i < argc) + num_options = cupsParseOptions(argv[i], num_options, &options); + else + usage(command, opt); break; case 'c' : /* Specify cupsd.conf file location... */ i ++; if (i < argc) - strlcpy(cupsdconf, argv[i], sizeof(cupsdconf)); + { + if (!strcmp(command, "convert")) + num_options = cupsAddOption("copies", argv[i], num_options, + &options); + else + strlcpy(cupsdconf, argv[i], sizeof(cupsdconf)); + } + else + usage(command, opt); + break; + + case 'D' : /* Delete input file after conversion */ + removeinfile = 1; + break; + + case 'f' : /* Specify input file... */ + i ++; + if (i < argc && !infile) + infile = argv[i]; + else + usage(command, opt); + break; + + case 'i' : /* Specify source MIME type... */ + i ++; + if (i < argc) + { + if (sscanf(argv[i], "%15[^/]/%255s", super, type) != 2) + usage(command, opt); + + srctype = argv[i]; + } else - usage(opt); + usage(command, opt); break; + case 'j' : /* Specify destination MIME type... */ case 'm' : /* Specify destination MIME type... */ i ++; if (i < argc) { if (sscanf(argv[i], "%15[^/]/%255s", super, type) != 2) - usage(opt); + usage(command, opt); + + dsttype = argv[i]; } else - usage(opt); + usage(command, opt); break; case 'n' : /* Specify number of copies... */ @@ -175,56 +233,93 @@ main(int argc, /* I - Number of command-line args */ num_options = cupsAddOption("copies", argv[i], num_options, &options); else - usage(opt); + usage(command, opt); break; - case 'o' : /* Specify option... */ + case 'o' : /* Specify option(s) or output filename */ i ++; if (i < argc) - num_options = cupsParseOptions(argv[i], num_options, &options); + { + if (!strcmp(command, "convert")) + { + if (outfile) + usage(command, NULL); + else + outfile = argv[i]; + } + else + num_options = cupsParseOptions(argv[i], num_options, + &options); + } else - usage(opt); + usage(command, opt); break; case 'p' : /* Specify PPD file... */ + case 'P' : /* Specify PPD file... */ i ++; if (i < argc) ppdfile = argv[i]; else - usage(opt); + usage(command, opt); break; - case 't' : /* Specify number of copies... */ + case 't' : /* Specify title... */ + case 'J' : /* Specify title... */ i ++; if (i < argc) title = argv[i]; else - usage(opt); + usage(command, opt); + break; + + case 'u' : /* Delete PPD file after conversion */ + removeinfile = 1; + break; + + case 'U' : /* Specify username... */ + i ++; + if (i < argc) + user = argv[i]; + else + usage(command, opt); break; default : /* Something we don't understand... */ - usage(opt); + usage(command, opt); break; } } - else if (!filename) - filename = argv[i]; + else if (!infile) + { + if (strcmp(command, "convert")) + infile = argv[i]; + else + { + _cupsLangPuts(stderr, + _("convert: Use the -f option to specify a file to " + "convert.\n")); + usage(command, NULL); + } + } else { _cupsLangPuts(stderr, _("cupsfilter: Only one filename can be specified!\n")); - usage(NULL); + usage(command, NULL); } - if (!filename || !super[0] || !type[0]) - usage(NULL); + if (!infile && !srctype) + usage(command, NULL); if (!title) { - if ((title = strrchr(filename, '/')) != NULL) + if (!infile) + title = "(stdin)"; + else if ((title = strrchr(infile, '/')) != NULL) title ++; else - title = filename; + title = infile; } /* @@ -237,8 +332,8 @@ main(int argc, /* I - Number of command-line args */ if ((mime = mimeLoad(ServerRoot, Path)) == NULL) { _cupsLangPrintf(stderr, - _("cupsfilter: Unable to read MIME database from \"%s\"!\n"), - ServerRoot); + _("%s: Unable to read MIME database from \"%s\"!\n"), + command, ServerRoot); return (1); } @@ -246,19 +341,31 @@ main(int argc, /* I - Number of command-line args */ * Get the source and destination types... */ - if ((src = mimeFileType(mime, filename, filename, &compression)) == NULL) + if (srctype) + { + sscanf(srctype, "%15[^/]/%255s", super, type); + if ((src = mimeType(mime, super, type)) == NULL) + { + _cupsLangPrintf(stderr, + _("%s: Unknown source MIME type %s/%s!\n"), + command, super, type); + return (1); + } + } + else if ((src = mimeFileType(mime, infile, infile, &compression)) == NULL) { _cupsLangPrintf(stderr, - _("cupsfilter: Unable to determine MIME type of \"%s\"!\n"), - filename); + _("%s: Unable to determine MIME type of \"%s\"!\n"), + command, infile); return (1); } + sscanf(dsttype, "%15[^/]/%255s", super, type); if ((dst = mimeType(mime, super, type)) == NULL) { _cupsLangPrintf(stderr, - _("cupsfilter: Unknown destination MIME type %s/%s!\n"), - super, type); + _("%s: Unknown destination MIME type %s/%s!\n"), + command, super, type); return (1); } @@ -278,8 +385,8 @@ main(int argc, /* I - Number of command-line args */ else if ((filters = mimeFilter(mime, src, dst, &cost)) == NULL) { _cupsLangPrintf(stderr, - _("cupsfilter: No filter to convert from %s/%s to %s/%s!\n"), - src->super, src->type, dst->super, dst->type); + _("%s: No filter to convert from %s/%s to %s/%s!\n"), + command, src->super, src->type, dst->super, dst->type); return (1); } else if (compression) @@ -289,7 +396,20 @@ main(int argc, /* I - Number of command-line args */ * Do it! */ - return (exec_filters(filters, filename, ppdfile, title, num_options, options)); + status = exec_filters(filters, infile, outfile, ppdfile, user, title, + num_options, options); + + /* + * Remove files as needed, then exit... + */ + + if (removeppd && ppdfile) + unlink(ppdfile); + + if (removeinfile && infile) + unlink(infile); + + return (status); } @@ -363,8 +483,6 @@ escape_options( *sptr = '\0'; - fprintf(stderr, "DEBUG: options=\"%s\"\n", s); - return (s); } @@ -469,12 +587,15 @@ exec_filter(const char *filter, /* I - Filter to execute */ static int /* O - 0 on success, 1 on error */ exec_filters(cups_array_t *filters, /* I - Array of filters to run */ - const char *filename, /* I - File to filter */ + const char *infile, /* I - File to filter */ + const char *outfile, /* I - File to create */ const char *ppdfile, /* I - PPD file, if any */ + const char *user, /* I - Username */ const char *title, /* I - Job title */ int num_options, /* I - Number of filter options */ cups_option_t *options) /* I - Filter options */ { + int i; /* Looping var */ const char *argv[8], /* Command-line arguments */ *envp[11], /* Environment variables */ *temp; /* Temporary string */ @@ -487,7 +608,7 @@ exec_filters(cups_array_t *filters, /* I - Array of filters to run */ path[1024], /* PATH */ ppd[1024], /* PPD */ rip_cache[1024], /* RIP_CACHE */ - user[1024], /* USER */ + userenv[1024], /* USER */ program[1024]; /* Program to run */ mime_filter_t *filter, /* Current filter */ *next; /* Next filter */ @@ -498,6 +619,7 @@ exec_filters(cups_array_t *filters, /* I - Array of filters to run */ retval; /* Return value */ cups_array_t *pids; /* Executed filters array */ mime_filter_t key; /* Search key for filters */ + cups_lang_t *language; /* Current language */ /* @@ -512,29 +634,31 @@ exec_filters(cups_array_t *filters, /* I - Array of filters to run */ ServerBin); snprintf(cups_serverroot, sizeof(cups_serverroot), "CUPS_SERVERROOT=%s", ServerRoot); - if ((temp = getenv("LANG")) != NULL) - snprintf(lang, sizeof(lang), "LANG=%s", temp); - else if ((temp = getenv("LC_ALL")) != NULL) - snprintf(lang, sizeof(lang), "LC_ALL=%s", temp); - else - strcpy(lang, "LANG=C"); + language = cupsLangDefault(); + snprintf(lang, sizeof(lang), "LANG=%s.UTF8", language->language); snprintf(path, sizeof(path), "PATH=%s", Path); if (ppdfile) snprintf(ppd, sizeof(ppd), "PPD=%s", ppdfile); else if ((temp = getenv("PPD")) != NULL) snprintf(ppd, sizeof(ppd), "PPD=%s", temp); else +#ifdef __APPLE__ + strlcpy(ppd, "PPD=/System/Library/Frameworks/ApplicationServices.framework/" + "Versions/A/Frameworks/PrintCore.framework/Versions/A/" + "Resources/English.lproj/Generic.ppd", sizeof(ppd)); +#else snprintf(ppd, sizeof(ppd), "PPD=%s/model/laserjet.ppd", DataDir); +#endif /* __APPLE__ */ snprintf(rip_cache, sizeof(rip_cache), "RIP_CACHE=%s", RIPCache); - snprintf(user, sizeof(user), "USER=%s", cupsUser()); + snprintf(userenv, sizeof(userenv), "USER=%s", user); argv[0] = "cupsfilter"; argv[1] = "0"; - argv[2] = cupsUser(); + argv[2] = user; argv[3] = title; argv[4] = cupsGetOption("copies", num_options, options); argv[5] = optstr; - argv[6] = filename; + argv[6] = infile; argv[7] = NULL; if (!argv[4]) @@ -549,9 +673,15 @@ exec_filters(cups_array_t *filters, /* I - Array of filters to run */ envp[6] = path; envp[7] = ppd; envp[8] = rip_cache; - envp[9] = user; + envp[9] = userenv; envp[10] = NULL; + for (i = 0; argv[i]; i ++) + fprintf(stderr, "DEBUG: argv[%d]=\"%s\"\n", i, argv[i]); + + for (i = 0; envp[i]; i ++) + fprintf(stderr, "DEBUG: envp[%d]=\"%s\"\n", i, envp[i]); + /* * Execute all of the filters... */ @@ -563,6 +693,9 @@ exec_filters(cups_array_t *filters, /* I - Array of filters to run */ filterfds[1][0] = -1; filterfds[1][1] = -1; + if (!infile) + filterfds[0][0] = 0; + for (filter = (mime_filter_t *)cupsArrayFirst(filters); filter; filter = next, current = 1 - current) @@ -586,6 +719,15 @@ exec_filters(cups_array_t *filters, /* I - Array of filters to run */ if (next) open_pipe(filterfds[1 - current]); + else if (outfile) + { + filterfds[1 - current][1] = open(outfile, O_CREAT | O_TRUNC | O_WRONLY, + 0666); + + if (filterfds[1 - current][1] < 0) + fprintf(stderr, "ERROR: Unable to create \"%s\" - %s\n", outfile, + strerror(errno)); + } else filterfds[1 - current][1] = 1; @@ -718,9 +860,11 @@ open_pipe(int *fds) /* O - Pipe file descriptors (2) */ static int /* O - 0 on success, 1 on error */ read_cupsd_conf(const char *filename) /* I - File to read */ { + cups_file_t *fp; /* cupsd.conf file */ const char *temp; /* Temporary string */ char line[1024], /* Line from file */ *ptr; /* Pointer into line */ + int linenum; /* Current line number */ if ((temp = getenv("CUPS_DATADIR")) != NULL) @@ -733,6 +877,8 @@ read_cupsd_conf(const char *filename) /* I - File to read */ else set_string(&FontPath, CUPS_FONTPATH); + set_string(&RIPCache, "8m"); + if ((temp = getenv("CUPS_SERVERBIN")) != NULL) set_string(&ServerBin, temp); else @@ -746,6 +892,27 @@ read_cupsd_conf(const char *filename) /* I - File to read */ set_string(&ServerRoot, line); + if ((fp = cupsFileOpen(filename, "r")) != NULL) + { + linenum = 0; + + while (cupsFileGetConf(fp, line, sizeof(line), &ptr, &linenum)) + { + if (!strcasecmp(line, "DataDir")) + set_string(&DataDir, ptr); + else if (!strcasecmp(line, "FontPath")) + set_string(&FontPath, ptr); + else if (!strcasecmp(line, "RIPCache")) + set_string(&RIPCache, ptr); + else if (!strcasecmp(line, "ServerBin")) + set_string(&ServerBin, ptr); + else if (!strcasecmp(line, "ServerRoot")) + set_string(&ServerRoot, ptr); + } + + cupsFileClose(fp); + } + snprintf(line, sizeof(line), "%s/filter:" CUPS_BINDIR ":" CUPS_SBINDIR ":/bin/usr/bin", ServerBin); @@ -775,27 +942,45 @@ set_string(char **s, /* O - Copy of string */ */ static void -usage(const char *opt) /* I - Incorrect option, if any */ +usage(const char *command, /* I - Command name */ + const char *opt) /* I - Incorrect option, if any */ { if (opt) - _cupsLangPrintf(stderr, _("%s: Unknown option '%c'!\n"), "cupsfilter", - *opt); - - _cupsLangPuts(stdout, - _("Usage: cupsfilter -m mime/type [ options ] filename(s)\n" - "\n" - "Options:\n" - "\n" - " -c cupsd.conf Set cupsd.conf file to use\n" - " -n copies Set number of copies\n" - " -o name=value Set option(s)\n" - " -p filename.ppd Set PPD file\n" - " -t title Set title\n")); + _cupsLangPrintf(stderr, _("%s: Unknown option '%c'!\n"), command, *opt); + + if (!strcmp(command, "cupsfilter")) + _cupsLangPuts(stdout, + _("Usage: cupsfilter -m mime/type [ options ] filename\n" + "\n" + "Options:\n" + "\n" + " -c cupsd.conf Set cupsd.conf file to use\n" + " -n copies Set number of copies\n" + " -o name=value Set option(s)\n" + " -p filename.ppd Set PPD file\n" + " -t title Set title\n")); + else + _cupsLangPuts(stdout, + _("Usage: convert [ options ]\n" + "\n" + "Options:\n" + "\n" + " -f filename Set file to be converted (otherwise stdin)\n" + " -o filename Set file to be generated (otherwise stdout)\n" + " -i mime/type Set input MIME type (otherwise auto-typed)\n" + " -j mime/type Set output MIME type (otherwise application/pdf)\n" + " -P filename.ppd Set PPD file\n" + " -a 'name=value ...' Set option(s)\n" + " -U username Set username for job\n" + " -J title Set title\n" + " -c copies Set number of copies\n" + " -u Remove the PPD file when finished\n" + " -D Remove the input file when finished\n")); exit(1); } /* - * End of "$Id: cupsfilter.c 6668 2007-07-13 23:09:49Z mike $". + * End of "$Id: cupsfilter.c 6695 2007-07-19 21:59:30Z mike $". */ diff --git a/scheduler/dirsvc.c b/scheduler/dirsvc.c index 1a826c295a..7c3f32dca9 100644 --- a/scheduler/dirsvc.c +++ b/scheduler/dirsvc.c @@ -1,5 +1,5 @@ /* - * "$Id: dirsvc.c 6649 2007-07-11 21:46:42Z mike $" + * "$Id: dirsvc.c 6691 2007-07-19 19:09:46Z mike $" * * Directory services routines for the Common UNIX Printing System (CUPS). * @@ -65,14 +65,15 @@ #ifdef HAVE_DNSSD # include -# include -# include -# ifdef HAVE_COREFOUNDATION -# include -# endif /* HAVE_COREFOUNDATION */ -# ifdef HAVE_SYSTEMCONFIGURATION -# include -# endif /* HAVE_SYSTEMCONFIGURATION */ +# ifdef __APPLE__ +# include +# ifdef HAVE_COREFOUNDATION +# include +# endif /* HAVE_COREFOUNDATION */ +# ifdef HAVE_SYSTEMCONFIGURATION +# include +# endif /* HAVE_SYSTEMCONFIGURATION */ +# endif /* __APPLE__ */ #endif /* HAVE_DNSSD */ @@ -3810,5 +3811,5 @@ update_polling(void) /* - * End of "$Id: dirsvc.c 6649 2007-07-11 21:46:42Z mike $". + * End of "$Id: dirsvc.c 6691 2007-07-19 19:09:46Z mike $". */ diff --git a/scheduler/ipp.c b/scheduler/ipp.c index eb71f7c7bf..ac24f6d4f0 100644 --- a/scheduler/ipp.c +++ b/scheduler/ipp.c @@ -1,5 +1,5 @@ /* - * "$Id: ipp.c 6678 2007-07-16 18:03:35Z mike $" + * "$Id: ipp.c 6689 2007-07-18 23:52:15Z mike $" * * IPP routines for the Common UNIX Printing System (CUPS) scheduler. * @@ -8274,8 +8274,13 @@ save_krb5_creds(cupsd_client_t *con, /* I - Client connection */ return; } + /* + * We MUST create a file-based cache because memory-based caches are + * only valid for the current process/address space. + */ + # ifdef HAVE_KRB5_CC_RESOLVE - if (krb5_cc_resolve(krb_context, "MEMORY:", &ccache)) + if (krb5_cc_resolve(krb_context, "FILE:", &ccache)) # elif defined(HAVE_HEIMDAL) if (krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache)) # else @@ -8297,13 +8302,11 @@ save_krb5_creds(cupsd_client_t *con, /* I - Client connection */ return; } -#ifdef HAVE_KRB5_CC_RESOLVE - cupsdSetStringf(&(job->ccname), "KRB5CCNAME=MEMORY:%s", - krb5_cc_get_name(krb_context, ccache)); -#else cupsdSetStringf(&(job->ccname), "KRB5CCNAME=FILE:%s", krb5_cc_get_name(krb_context, ccache)); -#endif /* HAVE_KRB5_CC_RESOLVE */ + + cupsdLogMessage(CUPSD_LOG_DEBUG2, "[Job %d] save_krb5_creds: %s", job->id, + job->ccname); krb5_cc_close(krb_context, ccache); } @@ -9869,5 +9872,5 @@ validate_user(cupsd_job_t *job, /* I - Job */ /* - * End of "$Id: ipp.c 6678 2007-07-16 18:03:35Z mike $". + * End of "$Id: ipp.c 6689 2007-07-18 23:52:15Z mike $". */ diff --git a/scheduler/job.c b/scheduler/job.c index ab1ffab2be..71c7be5ba8 100644 --- a/scheduler/job.c +++ b/scheduler/job.c @@ -1,5 +1,5 @@ /* - * "$Id: job.c 6671 2007-07-13 23:35:24Z mike $" + * "$Id: job.c 6689 2007-07-18 23:52:15Z mike $" * * Job management routines for the Common UNIX Printing System (CUPS). * @@ -220,7 +220,10 @@ cupsdCancelJob(cupsd_job_t *job, /* I - Job to cancel */ */ snprintf(filename, sizeof(filename), "%s/a%05d", RequestRoot, job->id); - unlink(filename); + if (cupsdRemoveFile(filename)) + cupsdLogMessage(CUPSD_LOG_ERROR, + "Unable to remove authentication cache: %s", + strerror(errno)); cupsdClearString(&job->auth_username); cupsdClearString(&job->auth_domain); @@ -1780,7 +1783,21 @@ free_job(cupsd_job_t *job) /* I - Job */ cupsdClearString(&job->auth_domain); cupsdClearString(&job->auth_password); #ifdef HAVE_GSSAPI - cupsdClearString(&job->ccname); + if (job->ccname) + { + /* + * First erase the credential cache file, then clear the string referencing + * it. We know the filename since the string will be of the form + * "KRB5CCNAME=FILE:/foo/bar"... + */ + + if (cupsdRemoveFile(job->ccname + 16)) + cupsdLogMessage(CUPSD_LOG_ERROR, + "Unable to remove Kerberos credential cache: %s", + strerror(errno)); + + cupsdClearString(&job->ccname); + } #endif /* HAVE_GSSAPI */ if (job->num_files > 0) @@ -3453,10 +3470,12 @@ unload_job(cupsd_job_t *job) /* I - Job */ ippDelete(job->attrs); - job->attrs = NULL; - job->state = NULL; - job->sheets = NULL; - job->job_sheets = NULL; + job->attrs = NULL; + job->state = NULL; + job->sheets = NULL; + job->job_sheets = NULL; + job->printer_message = NULL; + job->printer_reasons = NULL; } @@ -3616,7 +3635,8 @@ update_job(cupsd_job_t *job) /* I - Job to check */ * Some message to show in the printer-state-message attribute... */ - job->status_level = loglevel; + if (loglevel != CUPSD_LOG_NOTICE) + job->status_level = loglevel; strlcpy(job->printer->state_message, message, sizeof(job->printer->state_message)); @@ -3741,5 +3761,5 @@ update_job_attrs(cupsd_job_t *job) /* I - Job to update */ /* - * End of "$Id: job.c 6671 2007-07-13 23:35:24Z mike $". + * End of "$Id: job.c 6689 2007-07-18 23:52:15Z mike $". */ diff --git a/scheduler/main.c b/scheduler/main.c index 8e1e385f8e..fc15de1f0a 100644 --- a/scheduler/main.c +++ b/scheduler/main.c @@ -1,5 +1,5 @@ /* - * "$Id: main.c 6654 2007-07-12 22:07:57Z mike $" + * "$Id: main.c 6689 2007-07-18 23:52:15Z mike $" * * Scheduler main loop for the Common UNIX Printing System (CUPS). * @@ -44,6 +44,7 @@ #include #include #include +#include #ifdef HAVE_LAUNCH_H # include @@ -402,6 +403,43 @@ main(int argc, /* I - Number of command-line args */ return (1); } + if (!strncmp(TempDir, RequestRoot, strlen(RequestRoot))) + { + /* + * Clean out the temporary directory... + */ + + cups_dir_t *dir; /* Temporary directory */ + cups_dentry_t *dent; /* Directory entry */ + char tempfile[1024]; /* Temporary filename */ + + + if ((dir = cupsDirOpen(TempDir)) != NULL) + { + cupsdLogMessage(CUPSD_LOG_INFO, + "Cleaning out old temporary files in \"%s\"...", TempDir); + + while ((dent = cupsDirRead(dir)) != NULL) + { + snprintf(tempfile, sizeof(tempfile), "%s/%s", TempDir, dent->filename); + + if (cupsdRemoveFile(tempfile)) + cupsdLogMessage(CUPSD_LOG_ERROR, + "Unable to remove temporary file \"%s\" - %s", + tempfile, strerror(errno)); + else + cupsdLogMessage(CUPSD_LOG_DEBUG, "Removed temporary file \"%s\"...", + tempfile); + } + + cupsDirClose(dir); + } + else + cupsdLogMessage(CUPSD_LOG_ERROR, + "Unable to open temporary directory \"%s\" - %s", + TempDir, strerror(errno)); + } + #if HAVE_LAUNCHD if (Launchd) { @@ -1777,5 +1815,5 @@ usage(int status) /* O - Exit status */ /* - * End of "$Id: main.c 6654 2007-07-12 22:07:57Z mike $". + * End of "$Id: main.c 6689 2007-07-18 23:52:15Z mike $". */ diff --git a/scheduler/removefile.c b/scheduler/removefile.c new file mode 100644 index 0000000000..10de4ea749 --- /dev/null +++ b/scheduler/removefile.c @@ -0,0 +1,227 @@ +/* + * "$Id$" + * + * "Secure" file removal function for the Common UNIX Printing System (CUPS). + * + * Copyright 2007 by Apple Inc. + * Copyright 1997-2007 by Easy Software Products, all rights reserved. + * + * These coded instructions, statements, and computer programs are the + * property of Apple Inc. and are protected by Federal copyright + * law. Distribution and use rights are outlined in the file "LICENSE.txt" + * "LICENSE" which should have been included with this file. If this + * file is missing or damaged, see the license at "http://www.cups.org/". + * + * Contents: + * + * cupsdRemoveFile() - Remove a file using the 7-pass US DoD method. + * overwrite_data() - Overwrite the data in a file. + */ + +/* + * Include necessary headers... + */ + +#include "cupsd.h" +#ifdef HAVE_REMOVEFILE +# include +#else +static int overwrite_data(int fd, const char *buffer, int bufsize, + int filesize); +#endif /* HAVE_REMOVEFILE */ + + +/* + * 'cupsdRemoveFile()' - Remove a file using the 7-pass US DoD method. + */ + +int /* O - 0 on success, -1 on error */ +cupsdRemoveFile(const char *filename) /* I - File to remove */ +{ +#ifdef HAVE_REMOVEFILE + int ret; /* Return value */ + removefile_state_t s; /* Remove state variable */ + + + s = removefile_state_alloc(); + ret = removefile(filename, s, REMOVEFILE_SECURE_7_PASS); + + removefile_state_free(s); + + return (ret); + +#else + int fd; /* File descriptor */ + struct stat info; /* File information */ + char buffer[512]; /* Data buffer */ + int i; /* Looping var */ + + + /* + * First open the file for writing in exclusive mode. + */ + + if ((fd = open(filename, O_WRONLY | O_EXCL)) < 0) + return (-1); + + /* + * Delete the file now - it will still be around as long as the file is + * open... + */ + + unlink(filename); + + /* + * Then get the file size... + */ + + if (fstat(fd, &info)) + { + close(fd); + return (-1); + } + + /* + * Overwrite the file 7 times with 0xF6, 0x00, 0xFF, random, 0x00, 0xFF, + * and more random data. + */ + + memset(buffer, 0xF6, sizeof(buffer)); + if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) + { + close(fd); + return (-1); + } + + memset(buffer, 0x00, sizeof(buffer)); + if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) + { + close(fd); + return (-1); + } + + memset(buffer, 0xFF, sizeof(buffer)); + if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) + { + close(fd); + return (-1); + } + + for (i = 0; i < sizeof(buffer); i ++) + buffer[i] = rand(); + if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) + { + close(fd); + return (-1); + } + + memset(buffer, 0x00, sizeof(buffer)); + if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) + { + close(fd); + return (-1); + } + + memset(buffer, 0xFF, sizeof(buffer)); + if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) + { + close(fd); + return (-1); + } + + for (i = 0; i < sizeof(buffer); i ++) + buffer[i] = rand(); + if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) + { + close(fd); + return (-1); + } + + /* + * Whew! Close the file (which will lead to the actual deletion) and + * return success... + */ + + close(fd); + return (0); +#endif /* HAVE_REMOVEFILE */ +} + + +#ifndef HAVE_REMOVEFILE +/* + * 'overwrite_data()' - Overwrite the data in a file. + */ + +static int /* O - 0 on success, -1 on error */ +overwrite_data(int fd, /* I - File descriptor */ + const char *buffer, /* I - Buffer to write */ + int bufsize, /* I - Size of buffer */ + int filesize) /* I - Size of file */ +{ + int bytes; /* Bytes to write/written */ + + + /* + * Start at the beginning of the file... + */ + + if (lseek(fd, 0, SEEK_SET) < 0) + return (-1); + + /* + * Fill the file with the provided data... + */ + + while (filesize > 0) + { + if (filesize > bufsize) + bytes = bufsize; + else + bytes = filesize; + + if ((bytes = write(fd, buffer, bytes)) < 0) + return (-1); + + filesize -= bytes; + } + + /* + * Force the changes to disk... + */ + + return (fsync(fd)); +} +#endif /* HAVE_REMOVEFILE */ + + +#ifdef TEST +int +main(void) +{ + FILE *fp; + + + fp = fopen("testfile.secure", "w"); + fputs("Hello, World!\n", fp); + fputs("Now is the time for all good men to come to the aid of their " + "country.\n", fp); + fclose(fp); + + if (cupsdRemoveFile("testfile.secure")) + { + printf("cupsdRemoveFile: FAIL (%s)\n", strerror(errno)); + return (1); + } + else + { + puts("cupsdRemoveFile: PASS"); + return (0); + } +} +#endif /* TEST */ + + +/* + * End of "$Id$". + */ diff --git a/templates/de/edit-config.tmpl.in b/templates/de/edit-config.tmpl.in index 58340b8eb3..e9763177d8 100644 --- a/templates/de/edit-config.tmpl.in +++ b/templates/de/edit-config.tmpl.in @@ -49,14 +49,14 @@ function reset_config() "\\n" + "# Set the default printer/job policies...\\n" + "\\n" + -" # Job-related operations must be done by the owner or an adminstrator...\\n" + +" # Job-related operations must be done by the owner or an administrator...\\n" + " \\n" + " Require user @OWNER @SYSTEM\\n" + " Order deny,allow\\n" + " \\n" + "\\n" + -" # All administration operations require an adminstrator to authenticate...\\n" + -" \\n" + +" # All administration operations require an administrator to authenticate...\\n" + +" \\n" + " AuthType Default\\n" + " Require user @SYSTEM\\n" + " Order deny,allow\\n" + diff --git a/templates/edit-config.tmpl.in b/templates/edit-config.tmpl.in index c3248a5936..31dd725d37 100644 --- a/templates/edit-config.tmpl.in +++ b/templates/edit-config.tmpl.in @@ -49,14 +49,14 @@ function reset_config() "\\n" + "# Set the default printer/job policies...\\n" + "\\n" + -" # Job-related operations must be done by the owner or an adminstrator...\\n" + +" # Job-related operations must be done by the owner or an administrator...\\n" + " \\n" + " Require user @OWNER @SYSTEM\\n" + " Order deny,allow\\n" + " \\n" + "\\n" + -" # All administration operations require an adminstrator to authenticate...\\n" + -" \\n" + +" # All administration operations require an administrator to authenticate...\\n" + +" \\n" + " AuthType Default\\n" + " Require user @SYSTEM\\n" + " Order deny,allow\\n" + diff --git a/templates/es/edit-config.tmpl.in b/templates/es/edit-config.tmpl.in index 30213cfefd..a8d981ab67 100644 --- a/templates/es/edit-config.tmpl.in +++ b/templates/es/edit-config.tmpl.in @@ -49,14 +49,14 @@ function reset_config() "\\n" + "# Set the default printer/job policies...\\n" + "\\n" + -" # Job-related operations must be done by the owner or an adminstrator...\\n" + +" # Job-related operations must be done by the owner or an administrator...\\n" + " \\n" + " Require user @OWNER @SYSTEM\\n" + " Order deny,allow\\n" + " \\n" + "\\n" + -" # All administration operations require an adminstrator to authenticate...\\n" + -" \\n" + +" # All administration operations require an administrator to authenticate...\\n" + +" \\n" + " AuthType Default\\n" + " Require user @SYSTEM\\n" + " Order deny,allow\\n" + diff --git a/templates/et/edit-config.tmpl.in b/templates/et/edit-config.tmpl.in index a5af26da33..ff5cf413a3 100644 --- a/templates/et/edit-config.tmpl.in +++ b/templates/et/edit-config.tmpl.in @@ -49,14 +49,14 @@ function reset_config() "\\n" + "# Set the default printer/job policies...\\n" + "\\n" + -" # Job-related operations must be done by the owner or an adminstrator...\\n" + +" # Job-related operations must be done by the owner or an administrator...\\n" + " \\n" + " Require user @OWNER @SYSTEM\\n" + " Order deny,allow\\n" + " \\n" + "\\n" + -" # All administration operations require an adminstrator to authenticate...\\n" + -" \\n" + +" # All administration operations require an administrator to authenticate...\\n" + +" \\n" + " AuthType Default\\n" + " Require user @SYSTEM\\n" + " Order deny,allow\\n" + diff --git a/templates/fr/edit-config.tmpl.in b/templates/fr/edit-config.tmpl.in index 7ce96f7108..9bcb18abec 100644 --- a/templates/fr/edit-config.tmpl.in +++ b/templates/fr/edit-config.tmpl.in @@ -49,14 +49,14 @@ function reset_config() "\\n" + "# Définir la politique par défaut des tâches d'impression...\\n" + "\\n" + -" # Les opérations sur les tâches doivent être faites par leur propriétaire ou un adminstrateur...\\n" + +" # Job-related operations must be done by the owner or an administrator...\\n" + " \\n" + " Require user @OWNER @SYSTEM\\n" + " Order deny,allow\\n" + " \\n" + "\\n" + -" # Toutes les opérations d'administration nécessite l'authentification d'un adminstrateur...\\n" + -" \\n" + +" # All administration operations require an administrator to authenticate...\\n" + +" \\n" + " AuthType Default\\n" + " Require user @SYSTEM\\n" + " Order deny,allow\\n" + diff --git a/templates/he/edit-config.tmpl.in b/templates/he/edit-config.tmpl.in index 948b0529d4..5dac27565f 100644 --- a/templates/he/edit-config.tmpl.in +++ b/templates/he/edit-config.tmpl.in @@ -48,14 +48,14 @@ function reset_config() "\\n" + "# Set the default printer/job policies...\\n" + "\\n" + -" # Job-related operations must be done by the owner or an adminstrator...\\n" + +" # Job-related operations must be done by the owner or an administrator...\\n" + " \\n" + " Require user @OWNER @SYSTEM\\n" + " Order deny,allow\\n" + " \\n" + "\\n" + -" # All administration operations require an adminstrator to authenticate...\\n" + -" \\n" + +" # All administration operations require an administrator to authenticate...\\n" + +" \\n" + " AuthType Default\\n" + " Require user @SYSTEM\\n" + " Order deny,allow\\n" + diff --git a/templates/it/edit-config.tmpl.in b/templates/it/edit-config.tmpl.in index 8669fc96d2..4fbc04c35e 100644 --- a/templates/it/edit-config.tmpl.in +++ b/templates/it/edit-config.tmpl.in @@ -49,14 +49,14 @@ function reset_config() "\\n" + "# Set the default printer/job policies...\\n" + "\\n" + -" # Job-related operations must be done by the owner or an adminstrator...\\n" + +" # Job-related operations must be done by the owner or an administrator...\\n" + " \\n" + " Require user @OWNER @SYSTEM\\n" + " Order deny,allow\\n" + " \\n" + "\\n" + -" # All administration operations require an adminstrator to authenticate...\\n" + -" \\n" + +" # All administration operations require an administrator to authenticate...\\n" + +" \\n" + " AuthType Default\\n" + " Require user @SYSTEM\\n" + " Order deny,allow\\n" + diff --git a/templates/ja/edit-config.tmpl.in b/templates/ja/edit-config.tmpl.in index 9f42211cf0..d059c03d19 100644 --- a/templates/ja/edit-config.tmpl.in +++ b/templates/ja/edit-config.tmpl.in @@ -49,14 +49,14 @@ function reset_config() "\\n" + "# Set the default printer/job policies...\\n" + "\\n" + -" # Job-related operations must be done by the owner or an adminstrator...\\n" + +" # Job-related operations must be done by the owner or an administrator...\\n" + " \\n" + " Require user @OWNER @SYSTEM\\n" + " Order deny,allow\\n" + " \\n" + "\\n" + -" # All administration operations require an adminstrator to authenticate...\\n" + -" \\n" + +" # All administration operations require an administrator to authenticate...\\n" + +" \\n" + " AuthType Default\\n" + " Require user @SYSTEM\\n" + " Order deny,allow\\n" + diff --git a/templates/pl/edit-config.tmpl.in b/templates/pl/edit-config.tmpl.in index 06e3c5e80b..59539606d3 100644 --- a/templates/pl/edit-config.tmpl.in +++ b/templates/pl/edit-config.tmpl.in @@ -49,14 +49,14 @@ function reset_config() "\\n" + "# Set the default printer/job policies...\\n" + "\\n" + -" # Job-related operations must be done by the owner or an adminstrator...\\n" + +" # Job-related operations must be done by the owner or an administrator...\\n" + " \\n" + " Require user @OWNER @SYSTEM\\n" + " Order deny,allow\\n" + " \\n" + "\\n" + -" # All administration operations require an adminstrator to authenticate...\\n" + -" \\n" + +" # All administration operations require an administrator to authenticate...\\n" + +" \\n" + " AuthType Default\\n" + " Require user @SYSTEM\\n" + " Order deny,allow\\n" + diff --git a/templates/sv/edit-config.tmpl.in b/templates/sv/edit-config.tmpl.in index f55c5b8545..39cd08f303 100644 --- a/templates/sv/edit-config.tmpl.in +++ b/templates/sv/edit-config.tmpl.in @@ -49,14 +49,14 @@ function reset_config() "\\n" + "# Set the default printer/job policies...\\n" + "\\n" + -" # Job-related operations must be done by the owner or an adminstrator...\\n" + +" # Job-related operations must be done by the owner or an administrator...\\n" + " \\n" + " Require user @OWNER @SYSTEM\\n" + " Order deny,allow\\n" + " \\n" + "\\n" + -" # All administration operations require an adminstrator to authenticate...\\n" + -" \\n" + +" # All administration operations require an administrator to authenticate...\\n" + +" \\n" + " AuthType Default\\n" + " Require user @SYSTEM\\n" + " Order deny,allow\\n" + diff --git a/templates/zh_TW/edit-config.tmpl.in b/templates/zh_TW/edit-config.tmpl.in index adfc6706fc..f0c26bda32 100644 --- a/templates/zh_TW/edit-config.tmpl.in +++ b/templates/zh_TW/edit-config.tmpl.in @@ -48,14 +48,14 @@ function reset_config() "\\n" + "# Set the default printer/job policies...\\n" + "\\n" + -" # Job-related operations must be done by the owner or an adminstrator...\\n" + +" # Job-related operations must be done by the owner or an administrator...\\n" + " \\n" + " Require user @OWNER @SYSTEM\\n" + " Order deny,allow\\n" + " \\n" + "\\n" + -" # All administration operations require an adminstrator to authenticate...\\n" + -" \\n" + +" # All administration operations require an administrator to authenticate...\\n" + +" \\n" + " AuthType Default\\n" + " Require user @SYSTEM\\n" + " Order deny,allow\\n" +