Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 310824 Details for
Bug 314941
Add configuration to have CUPS exit if it can't bind to required ports
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
cups-fatalerrors.patch
cups-fatalerrors.patch (text/plain), 13.31 KB, created by
Tim Waugh
on 2008-07-02 16:39:21 UTC
(
hide
)
Description:
cups-fatalerrors.patch
Filename:
MIME Type:
Creator:
Tim Waugh
Created:
2008-07-02 16:39:21 UTC
Size:
13.31 KB
patch
obsolete
>diff -up cups-1.3.7/config.h.in.fatalerrors cups-1.3.7/config.h.in >--- cups-1.3.7/config.h.in.fatalerrors 2008-01-07 18:26:57.000000000 +0000 >+++ cups-1.3.7/config.h.in 2008-07-02 16:04:42.000000000 +0100 >@@ -84,6 +84,13 @@ > > > /* >+ * Errors to treat as fatal... >+ */ >+ >+#define CUPS_DEFAULT_FATAL_ERRORS "none" >+ >+ >+/* > * Where are files stored? > * > * Note: These are defaults, which can be overridden by environment >@@ -530,6 +537,13 @@ > #undef HAVE_REMOVEFILE > > >+/* >+ * Are we trying to meet LSPP requirements? >+ */ >+ >+#undef WITH_LSPP >+ >+ > #endif /* !_CUPS_CONFIG_H_ */ > > /* >diff -up cups-1.3.7/scheduler/conf.c.fatalerrors cups-1.3.7/scheduler/conf.c >--- cups-1.3.7/scheduler/conf.c.fatalerrors 2008-07-02 16:04:41.000000000 +0100 >+++ cups-1.3.7/scheduler/conf.c 2008-07-02 16:04:42.000000000 +0100 >@@ -23,9 +23,11 @@ > * access control lines. > * parse_groups() - Parse system group names in a string. > * parse_protocols() - Parse browse protocols in a string. >+ * parse_fatalerrors() - Parse fatal errors in a string. > * read_configuration() - Read a configuration file. > * read_location() - Read a <Location path> definition. > * read_policy() - Read a <Policy name> definition. >+ * is_lspp_config() - Is the system configured for LSPP > */ > > /* >@@ -47,6 +49,9 @@ > # define INADDR_NONE 0xffffffff > #endif /* !INADDR_NONE */ > >+#ifdef WITH_LSPP >+# include <libaudit.h> >+#endif /* WITH_LSPP */ > > /* > * Configuration variable structure... >@@ -160,6 +165,10 @@ static const cupsd_var_t variables[] = > # if defined(HAVE_LIBSSL) || defined(HAVE_GNUTLS) > { "ServerKey", &ServerKey, CUPSD_VARTYPE_PATHNAME }, > # endif /* HAVE_LIBSSL || HAVE_GNUTLS */ >+#ifdef WITH_LSPP >+ { "AuditLog", &AuditLog, CUPSD_VARTYPE_INTEGER }, >+ { "PerPageLabels", &PerPageLabels, CUPSD_VARTYPE_BOOLEAN }, >+#endif /* WITH_LSPP */ > #endif /* HAVE_SSL */ > { "ServerName", &ServerName, CUPSD_VARTYPE_STRING }, > { "ServerRoot", &ServerRoot, CUPSD_VARTYPE_PATHNAME }, >@@ -194,6 +203,7 @@ static int parse_aaa(cupsd_location_t * > char *value, int linenum); > static int parse_groups(const char *s); > static int parse_protocols(const char *s); >+static int parse_fatalerrors(const char *s); > static int read_configuration(cups_file_t *fp); > static int read_location(cups_file_t *fp, char *name, int linenum); > static int read_policy(cups_file_t *fp, char *name, int linenum); >@@ -350,6 +360,9 @@ cupsdReadConfiguration(void) > *old_requestroot; /* Old RequestRoot */ > const char *tmpdir; /* TMPDIR environment variable */ > struct stat tmpinfo; /* Temporary directory info */ >+#ifdef WITH_LSPP >+ char *audit_message; /* Audit message string */ >+#endif /* WITH_LSPP */ > > > /* >@@ -549,6 +562,7 @@ cupsdReadConfiguration(void) > BrowseTimeout = DEFAULT_TIMEOUT; > Browsing = CUPS_DEFAULT_BROWSING; > DefaultShared = CUPS_DEFAULT_DEFAULT_SHARED; >+ FatalErrors = parse_fatalerrors(CUPS_DEFAULT_FATAL_ERRORS); > > cupsdClearString(&BrowseLocalOptions); > cupsdClearString(&BrowseRemoteOptions); >@@ -611,6 +625,25 @@ cupsdReadConfiguration(void) > > RunUser = getuid(); > >+#ifdef WITH_LSPP >+ if (AuditLog != -1) >+ { >+ /* >+ * ClassifyOverride is set during read_configuration, if its ON, report it now >+ */ >+ if (ClassifyOverride) >+ audit_log_user_message(AuditLog, AUDIT_USYS_CONFIG, >+ "[Config] ClassifyOverride=enabled Users can override print banners", >+ ServerName, NULL, NULL, 1); >+ /* >+ * PerPageLabel is set during read_configuration, if its OFF, report it now >+ */ >+ if (!PerPageLabels) >+ audit_log_user_message(AuditLog, AUDIT_USYS_CONFIG, >+ "[Config] PerPageLabels=disabled", ServerName, NULL, NULL, 1); >+ } >+#endif /* WITH_LSPP */ >+ > /* > * See if the ServerName is an IP address... > */ >@@ -885,11 +918,23 @@ cupsdReadConfiguration(void) > if (MaxActiveJobs > (MaxFDs / 3)) > MaxActiveJobs = MaxFDs / 3; > >- if (Classification && !strcasecmp(Classification, "none")) >+ if (Classification && strcasecmp(Classification, "none") == 0) > cupsdClearString(&Classification); > > if (Classification) >+ { > cupsdLogMessage(CUPSD_LOG_INFO, "Security set to \"%s\"", Classification); >+#ifdef WITH_LSPP >+ if (AuditLog != -1) >+ { >+ audit_message = NULL; >+ cupsdSetStringf(&audit_message, "[Config] Classification=%s", Classification); >+ audit_log_user_message(AuditLog, AUDIT_LABEL_LEVEL_CHANGE, audit_message, >+ ServerName, NULL, NULL, 1); >+ cupsdClearString(&audit_message); >+ } >+#endif /* WITH_LSPP */ >+ } > > /* > * Update the MaxClientsPerHost value, as needed... >@@ -2053,6 +2098,68 @@ parse_protocols(const char *s) /* I - S > > > /* >+ * 'parse_fatalerrors()' - Parse fatal errors in a string. >+ */ >+ >+static int /* O - Fatal error bits */ >+parse_fatalerrors(const char *s) /* I - Space-delimited errors */ >+{ >+ int errors; /* Fatal error bits */ >+ char value[1024], /* Value string */ >+ *valstart, /* Pointer into value */ >+ *valend; /* End of value */ >+ >+ >+ /* >+ * Empty protocol line yields NULL pointer... >+ */ >+ >+ if (!s) >+ return (0); >+ >+ /* >+ * Loop through the value string,... >+ */ >+ >+ strlcpy(value, s, sizeof(value)); >+ >+ errors = 0; >+ >+ for (valstart = value; *valstart;) >+ { >+ /* >+ * Get the current space/comma-delimited error name... >+ */ >+ >+ for (valend = valstart; *valend; valend ++) >+ if (isspace(*valend & 255) || *valend == ',') >+ break; >+ >+ if (*valend) >+ *valend++ = '\0'; >+ >+ /* >+ * Add the error to the bitmask... >+ */ >+ >+ if (!strcasecmp(valstart, "browse")) >+ errors |= FATAL_ERROR_BROWSE; >+ else if (!strcasecmp(valstart, "all")) >+ errors |= FATAL_ERROR_ALL; >+ else if (strcasecmp(valstart, "none")) >+ cupsdLogMessage(CUPSD_LOG_ERROR, >+ "Unknown error \"%s\" ignored!", valstart); >+ >+ for (valstart = valend; *valstart; valstart ++) >+ if (!isspace(*valstart & 255) || *valstart != ',') >+ break; >+ } >+ >+ return (errors); >+} >+ >+ >+/* > * 'read_configuration()' - Read a configuration file. > */ > >@@ -3025,6 +3132,24 @@ read_configuration(cups_file_t *fp) /* I > "Missing value for SetEnv directive on line %d.", > linenum); > } >+ else if (!strcasecmp(line, "FatalErrors")) >+ { >+ /* >+ * "FatalErrors name [... name]" >+ */ >+ >+ int errors = parse_fatalerrors(value); >+ >+ if (errors < 0) >+ { >+ cupsdLogMessage(CUPSD_LOG_ERROR, >+ "Unknown error type \"%s\" on line %d.", >+ value, linenum); >+ break; >+ } >+ >+ FatalErrors = errors; >+ } > else > { > /* >@@ -3379,6 +3504,18 @@ read_policy(cups_file_t *fp, /* I - Con > return (0); > } > >+#ifdef WITH_LSPP >+int is_lspp_config() >+{ >+ if (Classification != NULL) >+ return ((strcasecmp(Classification, MLS_CONFIG) == 0) >+ || (strcasecmp(Classification, TE_CONFIG) == 0) >+ || (strcasecmp(Classification, SELINUX_CONFIG) == 0)); >+ else >+ return 0; >+} >+#endif /* WITH_LSPP */ >+ > > /* > * End of "$Id: conf.c 7382 2008-03-20 04:06:01Z mike $". >diff -up cups-1.3.7/scheduler/cupsd.h.fatalerrors cups-1.3.7/scheduler/cupsd.h >--- cups-1.3.7/scheduler/cupsd.h.fatalerrors 2008-02-15 23:26:51.000000000 +0000 >+++ cups-1.3.7/scheduler/cupsd.h 2008-07-02 16:04:42.000000000 +0100 >@@ -178,6 +178,9 @@ VAR PSQUpdateQuotaProcPtr PSQUpdateQuota > /* Apple PrintService quota function */ > #endif /* __APPLE__ && HAVE_DLFCN_H */ > >+#define FATAL_ERROR_BROWSE 1 /* Bind to a browse socket */ >+#define FATAL_ERROR_ALL (FATAL_ERROR_BROWSE) >+VAR int FatalErrors VALUE(FATAL_ERROR_ALL); > > > >diff -up cups-1.3.7/scheduler/dirsvc.c.fatalerrors cups-1.3.7/scheduler/dirsvc.c >--- cups-1.3.7/scheduler/dirsvc.c.fatalerrors 2008-07-02 16:59:27.000000000 +0100 >+++ cups-1.3.7/scheduler/dirsvc.c 2008-07-02 17:14:59.000000000 +0100 >@@ -927,18 +927,19 @@ cupsdSendBrowseList(void) > * 'cupsdStartBrowsing()' - Start sending and receiving broadcast information. > */ > >-void >+int > cupsdStartBrowsing(void) > { > int val; /* Socket option value */ > struct sockaddr_in addr; /* Broadcast address */ > cupsd_printer_t *p; /* Current printer */ >+ int fail = 0; /* Whether anything failed */ > > > BrowseNext = NULL; > > if (!Browsing || !(BrowseLocalProtocols | BrowseRemoteProtocols)) >- return; >+ return (0); > > if ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_CUPS) > { >@@ -955,7 +956,7 @@ cupsdStartBrowsing(void) > strerror(errno)); > BrowseLocalProtocols &= ~BROWSE_CUPS; > BrowseRemoteProtocols &= ~BROWSE_CUPS; >- return; >+ return (1); > } > > /* >@@ -982,7 +983,7 @@ cupsdStartBrowsing(void) > BrowseSocket = -1; > BrowseLocalProtocols &= ~BROWSE_CUPS; > BrowseRemoteProtocols &= ~BROWSE_CUPS; >- return; >+ return (1); > } > } > >@@ -1005,7 +1006,7 @@ cupsdStartBrowsing(void) > BrowseSocket = -1; > BrowseLocalProtocols &= ~BROWSE_CUPS; > BrowseRemoteProtocols &= ~BROWSE_CUPS; >- return; >+ return (1); > } > > /* >@@ -1044,6 +1045,7 @@ cupsdStartBrowsing(void) > "Unable to open an SLP handle; disabling SLP browsing!"); > BrowseLocalProtocols &= ~BROWSE_SLP; > BrowseRemoteProtocols &= ~BROWSE_SLP; >+ fail = 1; > } > > BrowseSLPRefresh = 0; >@@ -1061,6 +1063,7 @@ cupsdStartBrowsing(void) > "Need to set BrowseLDAPDN to use LDAP browsing!"); > BrowseLocalProtocols &= ~BROWSE_LDAP; > BrowseRemoteProtocols &= ~BROWSE_LDAP; >+ fail = 1; > } > else > { >@@ -1086,9 +1089,12 @@ cupsdStartBrowsing(void) > if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, > (void *)BrowseLDAPCACertFile)) > != LDAP_SUCCESS) >+ { > cupsdLogMessage(CUPSD_LOG_ERROR, > "Unable to set CA certificate file for LDAP " > "connections: %d - %s", rc, ldap_err2string(rc)); >+ fail = 1; >+ } > } > > /* >@@ -1106,6 +1112,7 @@ cupsdStartBrowsing(void) > "Unable to initialize LDAP; disabling LDAP browsing!"); > BrowseLocalProtocols &= ~BROWSE_LDAP; > BrowseRemoteProtocols &= ~BROWSE_LDAP; >+ fail = 1; > } > else if (ldap_set_option(BrowseLDAPHandle, LDAP_OPT_PROTOCOL_VERSION, > (const void *)&version) != LDAP_SUCCESS) >@@ -1117,6 +1124,7 @@ cupsdStartBrowsing(void) > "disabling LDAP browsing!"); > BrowseLocalProtocols &= ~BROWSE_LDAP; > BrowseRemoteProtocols &= ~BROWSE_LDAP; >+ fail = 1; > } > else > { >@@ -1135,6 +1143,7 @@ cupsdStartBrowsing(void) > ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL); > BrowseLocalProtocols &= ~BROWSE_LDAP; > BrowseRemoteProtocols &= ~BROWSE_LDAP; >+ fail = 1; > } > } > } >@@ -1152,6 +1161,8 @@ cupsdStartBrowsing(void) > p = (cupsd_printer_t *)cupsArrayNext(Printers)) > if (!(p->type & (CUPS_PRINTER_REMOTE | CUPS_PRINTER_IMPLICIT))) > cupsdRegisterPrinter(p); >+ >+ return (fail); > } > > >@@ -1159,7 +1170,7 @@ cupsdStartBrowsing(void) > * 'cupsdStartPolling()' - Start polling servers as needed. > */ > >-void >+int > cupsdStartPolling(void) > { > int i; /* Looping var */ >@@ -1171,6 +1182,7 @@ cupsdStartPolling(void) > int statusfds[2]; /* Status pipe */ > char *argv[6]; /* Arguments */ > char *envp[100]; /* Environment */ >+ int fail = 0; /* Whether anything failed */ > > > /* >@@ -1181,7 +1193,7 @@ cupsdStartPolling(void) > { > PollPipe = -1; > PollStatusBuffer = NULL; >- return; >+ return (0); > } > > /* >@@ -1217,7 +1229,7 @@ cupsdStartPolling(void) > strerror(errno)); > PollPipe = -1; > PollStatusBuffer = NULL; >- return; >+ return (1); > } > > PollPipe = statusfds[0]; >@@ -1240,6 +1252,7 @@ cupsdStartPolling(void) > "cupsdStartPolling: Unable to fork polling daemon - %s", > strerror(errno)); > pollp->pid = 0; >+ fail = 1; > break; > } > else >@@ -1255,6 +1268,7 @@ cupsdStartPolling(void) > */ > > cupsdAddSelect(PollPipe, (cupsd_selfunc_t)update_polling, NULL, NULL); >+ return (fail); > } > > >diff -up cups-1.3.7/scheduler/dirsvc.h.fatalerrors cups-1.3.7/scheduler/dirsvc.h >--- cups-1.3.7/scheduler/dirsvc.h.fatalerrors 2007-07-11 22:46:42.000000000 +0100 >+++ cups-1.3.7/scheduler/dirsvc.h 2008-07-02 17:15:10.000000000 +0100 >@@ -162,8 +162,8 @@ extern void cupsdRegisterPrinter(cupsd_p > extern void cupsdRestartPolling(void); > extern void cupsdSaveRemoteCache(void); > extern void cupsdSendBrowseList(void); >-extern void cupsdStartBrowsing(void); >-extern void cupsdStartPolling(void); >+extern int cupsdStartBrowsing(void); >+extern int cupsdStartPolling(void); > extern void cupsdStopBrowsing(void); > extern void cupsdStopPolling(void); > #ifdef HAVE_DNSSD >diff -up cups-1.3.7/scheduler/server.c.fatalerrors cups-1.3.7/scheduler/server.c >--- cups-1.3.7/scheduler/server.c.fatalerrors 2008-07-02 17:12:18.000000000 +0100 >+++ cups-1.3.7/scheduler/server.c 2008-07-02 17:15:27.000000000 +0100 >@@ -84,8 +84,12 @@ cupsdStartServer(void) > */ > > cupsdStartListening(); >- cupsdStartBrowsing(); >- cupsdStartPolling(); >+ if (cupsdStartBrowsing() != 0 && >+ (FatalErrors & FATAL_ERROR_BROWSE)) >+ exit (EXIT_FAILURE); >+ if (cupsdStartPolling() != 0 && >+ (FatalErrors & FATAL_ERROR_BROWSE)) >+ exit (EXIT_FAILURE); > > /* > * Create a pipe for CGI processes...
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=310824">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 314941
:
310824
|
310831