+++ This bug was initially created as a clone of Bug #163011 +++ From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4 Description of problem: If you configure CUPS to require SSL encrypted IPP connections it's possible to crash the CUPS server daemon by quickly and repeatedly requesting pages from the web interface. Version-Release number of selected component (if applicable): cups-1.1.22-0.rc1.9.6 How reproducible: Always Steps to Reproduce: 1. Configure CUPS to require SSL IPP connections. 2. Connect with a web browser to the web interface over the SSL port, eg: https://cupsserver:631/printers/testprinter 3. Hit refresh in the browser quickly several times, the CUPS daemon will crash after ~3 refreshes. Actual Results: CUPS daemon crashes with the following in /var/log/cups/error_log: E [12/Jul/2005:09:07:34 +0100] CloseClient: error:1409F07F:SSL routines:SSL3_WRITE_PENDING:bad write retry E [12/Jul/2005:09:07:34 +0100] CloseClient: error:1409F07F:SSL routines:SSL3_WRITE_PENDING:bad write retry Expected Results: Daemon shouldn't crash :) Additional info: -- Additional comment from twaugh on 2005-08-02 08:35 EST -- How precisely are you configuring CUPS to require SSL IPP connections? Are you putting "Encryption Required" in cupsd.conf? Which section are you putting it in? -- Additional comment from peter.harvey.uk on 2005-08-15 10:13 EST -- Config file snippet: SSLPort 443 .. <Location /printers> Order Deny,Allow Allow From x.x.x.x/24 AuthType Basic AuthClass User Encryption required Satisfy all </Location> -- Additional comment from twaugh on 2005-08-15 12:00 EST -- 2. Connect with a web browser to the web interface over the SSL port, eg: https://cupsserver:631/printers/testprinter Can you clarify this please? Do you mean 'https://cupsserver:443/printers/testprinter'? -- Additional comment from twaugh on 2005-08-15 12:01 EST -- Proposing for RHEL4 U3. -- Additional comment from peter.harvey.uk on 2005-08-16 06:07 EST -- Yep sorry, that should've been: SSLPort 631 -- Additional comment from twaugh on 2005-10-05 08:49 EST -- Confirmed.
Reported upstream as: http://www.cups.org/str.php?L1290
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2006-0034.html