scheduler: Tolerate devices breaking IPPEVE specs if possible
Related to #1033
PPD generator currently is capable to bypass missing attribute
"media-col-database", if attributes "media-size-supported" or
"media-supported" are present.
Although such devices do not pass any IPP Everywhere or AirPrint
certifications, they exist in the wilderness.
Zdenek Dohnal [Fri, 30 Aug 2024 05:34:04 +0000 (07:34 +0200)]
tls-gnutls.c: Pass gnutls pointer to `gnutls_credentials_set()`
`credentials` changed type in 2.5, now gnutls pointer, which is needed
for the mentioned function, is a member of new structure which is
`credentials` now, so pass `credential->creds` to the function,
otherwise it crashes.
Found out during running the test suite with gnutls enabled.
Tomodachi94 [Sat, 24 Aug 2024 19:23:51 +0000 (12:23 -0700)]
scheduler: add a systemd slice
From the systemd documentation[1]:
> A slice unit is a concept for hierarchically managing resources of a group of processes.
Benefits of collecting our two systemd services into a slice include
* ease of configuring resource limits on the entire CUPS system,
* ``systemctl status`` showing the CUPS units in an indented subtree,
making it more organized,
* and the possibility of viewing all interlaced logs from all of the CUPS
daemons using ``journalctl -u system-cups.slice``.
[1]:
https://www.freedesktop.org/software/systemd/man/latest/systemd.slice.html
or ``man systemd.slice(5)``
Fix HTTP PeerCred authentication for domain users (fixes #1001)
- Remove domain from user name during local user authentication (e.g., "user@example.com" –> "user"). This practice can be beneficial for maintaining compatibility with older versions of Kerberos. However, enabling this option can have negative consequences. It may result in confusion between domain and local users with identical names, potentially leading to incorrect assignment of user permissions and unintentional permission escalation, thus creating a security risk. Therefore, it is advisable to avoid using this option in most cases.
- Add "StripUserDomain" parameter to cups-files.conf
Sometimes errno is not set when we want to report HTTP error, so we
should use `http->error` if available or internal server error. In cases
of internal HTTP related errors where we don't have HTTP connection
available (before setting of HTTP connection or in callbacks which
process IPP messages), use `_cupsSetError()`.
There was a change in CGI script regarding checkboxes, however it did
not propagate into templates. Based on the change, the only valid check
was if the variable value was checkbox, but some browsers (at least
Firefox) send on as a default value for input form of type checkbox.
Additionally, the value checkbox looks like typo, because we use checked
as value for checkboxes in admin CGI program, so I updated
cgiGetCheckbox() as well.
To fix the behavior, we have to set VALUE="CHECKED" into every tag in
every templates for all checkboxes - this value will be sent in the
input form, so it will properly match with cgiGetCheckbox() logic now.
In the end, I have found out "Preserve Job History" checkbox from
template was handled as text field, which did not look correct.
Zdenek Dohnal [Tue, 18 Jun 2024 08:43:30 +0000 (10:43 +0200)]
scheduler: Fix cupsd activated on-demand via socket
If only the expected cups.sock is set as listener in cupsd.conf, the
array Listeners was NULL. To prevent copying the code, do the array
allocation earlier and have only one check for Listeners, in
service_checkin() which is run every time cupsd starts.
Zdenek Dohnal [Mon, 3 Jun 2024 16:53:58 +0000 (18:53 +0200)]
Fix domain socket handling
- Check status of unlink and bind system calls.
- Don't allow extra domain sockets when running from launchd/systemd.
- Validate length of domain socket path (< sizeof(sun_path))
zdohnal [Mon, 10 Jun 2024 06:27:04 +0000 (08:27 +0200)]
cgi: Fix showing query string in Help
If a string was searched on CUPS Web UI help page, garbage was printed out in search box. It was because text field pointer was freed before and contained garbage - previously it was variable value which was allocated, so the string survived cgCleanVariables((), but the text field is a pointer into form variables which gets cleaned up.
Fix is to use strdup() if cgiGetTextfield() returns non-NULL pointer. The binary exits shortly after either way, so memory is taken care of by OS.
projects / thirdparty / cups.git / log
