Tomodachi94 [Sat, 24 Aug 2024 19:23:51 +0000 (12:23 -0700)]
scheduler: add a systemd slice
From the systemd documentation[1]:
> A slice unit is a concept for hierarchically managing resources of a group of processes.
Benefits of collecting our two systemd services into a slice include
* ease of configuring resource limits on the entire CUPS system,
* ``systemctl status`` showing the CUPS units in an indented subtree,
making it more organized,
* and the possibility of viewing all interlaced logs from all of the CUPS
daemons using ``journalctl -u system-cups.slice``.
[1]:
https://www.freedesktop.org/software/systemd/man/latest/systemd.slice.html
or ``man systemd.slice(5)``
Fix HTTP PeerCred authentication for domain users (fixes #1001)
- Remove domain from user name during local user authentication (e.g., "user@example.com" –> "user"). This practice can be beneficial for maintaining compatibility with older versions of Kerberos. However, enabling this option can have negative consequences. It may result in confusion between domain and local users with identical names, potentially leading to incorrect assignment of user permissions and unintentional permission escalation, thus creating a security risk. Therefore, it is advisable to avoid using this option in most cases.
- Add "StripUserDomain" parameter to cups-files.conf
Sometimes errno is not set when we want to report HTTP error, so we
should use `http->error` if available or internal server error. In cases
of internal HTTP related errors where we don't have HTTP connection
available (before setting of HTTP connection or in callbacks which
process IPP messages), use `_cupsSetError()`.
There was a change in CGI script regarding checkboxes, however it did
not propagate into templates. Based on the change, the only valid check
was if the variable value was checkbox, but some browsers (at least
Firefox) send on as a default value for input form of type checkbox.
Additionally, the value checkbox looks like typo, because we use checked
as value for checkboxes in admin CGI program, so I updated
cgiGetCheckbox() as well.
To fix the behavior, we have to set VALUE="CHECKED" into every tag in
every templates for all checkboxes - this value will be sent in the
input form, so it will properly match with cgiGetCheckbox() logic now.
In the end, I have found out "Preserve Job History" checkbox from
template was handled as text field, which did not look correct.
Zdenek Dohnal [Tue, 18 Jun 2024 08:43:30 +0000 (10:43 +0200)]
scheduler: Fix cupsd activated on-demand via socket
If only the expected cups.sock is set as listener in cupsd.conf, the
array Listeners was NULL. To prevent copying the code, do the array
allocation earlier and have only one check for Listeners, in
service_checkin() which is run every time cupsd starts.
Zdenek Dohnal [Mon, 3 Jun 2024 16:53:58 +0000 (18:53 +0200)]
Fix domain socket handling
- Check status of unlink and bind system calls.
- Don't allow extra domain sockets when running from launchd/systemd.
- Validate length of domain socket path (< sizeof(sun_path))
zdohnal [Mon, 10 Jun 2024 06:27:04 +0000 (08:27 +0200)]
cgi: Fix showing query string in Help
If a string was searched on CUPS Web UI help page, garbage was printed out in search box. It was because text field pointer was freed before and contained garbage - previously it was variable value which was allocated, so the string survived cgCleanVariables((), but the text field is a pointer into form variables which gets cleaned up.
Fix is to use strdup() if cgiGetTextfield() returns non-NULL pointer. The binary exits shortly after either way, so memory is taken care of by OS.
Zdenek Dohnal [Thu, 6 Jun 2024 15:28:59 +0000 (17:28 +0200)]
cgi: Fix showing query string in Help
If a string was searched on CUPS Web UI help page, garbage was printed
out in search box. It was because text field pointer was freed before
and contained garbage - previously it was variable value which was
allocated, so the string survived `cgCleanVariables(()`, but the text
field is a pointer into form variables which gets cleaned up.
Fix is to use `strdup()` if `cgiGetTextfield()` returns non-NULL
pointer. The binary exits shortly after either way, so memory is taken
care of by OS.
zdohnal [Thu, 6 Jun 2024 05:54:22 +0000 (07:54 +0200)]
client.c: Fix web UI job queries on Classes/Printers pages
Web UI query on Classes/Printers should support:
search for class/printer (/?QUERY=)
manage printers (/?)
listing jobs for the printer/class (/name?Which_jobs=completed)
show NOT FOUND for non-existing destinations
The PR reworks the code to fix the 3rd point and support all other at the same time.
Zdenek Dohnal [Wed, 5 Jun 2024 14:13:28 +0000 (16:13 +0200)]
client.c: Fix web UI job queries on Classes/Printers pages
Web UI query on Classes/Printers should support:
- search for class/printer (/?QUERY=)
- manage printers (/?)
- listing jobs for the printer/class (/name?Which_jobs=completed)
- show NOT FOUND for non-existing destinations
The PR reworks the code to fix the 3rd point and support all other at
the same time.
zdohnal [Thu, 16 May 2024 13:45:53 +0000 (15:45 +0200)]
cgi-bin/var.c: Fix return value if the text is invalid
In `cgiGetTextfield()`, if the original value contains double quote, which is forbidden for text, we free the variable and move the next variable from array to its place. However, the return value still contains the original value of freed pointer, and shows garbage when used.
Set it NULL, since we don't have any value to return for the requested name.
Zdenek Dohnal [Thu, 16 May 2024 13:29:34 +0000 (15:29 +0200)]
cgi-bin/var.c: Fix return value if the text is invalid
If the original value contains double quote, which is forbidden for
text, we free the variable and move the next variable from array to its
place. However, the return value still contains the original value of
freed pointer.
Set it NULL, since we don't have any value to return for the requested
name.
projects / thirdparty / cups.git / log
