Applied additional upstream patch for CVE-2012-5519.

Now the RemoteRoot keyword is recognised in the correct configuration
file.
This commit is contained in:
Tim Waugh 2012-12-03 11:46:35 +00:00
parent 734d6304f3
commit 3f79314945
2 changed files with 97 additions and 87 deletions

View File

@ -1,6 +1,6 @@
diff -up cups-1.5.4/conf/cupsd.conf.in.str4223 cups-1.5.4/conf/cupsd.conf.in diff -up cups-1.5.4/conf/cupsd.conf.in.str4223 cups-1.5.4/conf/cupsd.conf.in
--- cups-1.5.4/conf/cupsd.conf.in.str4223 2010-12-09 21:24:51.000000000 +0000 --- cups-1.5.4/conf/cupsd.conf.in.str4223 2010-12-09 21:24:51.000000000 +0000
+++ cups-1.5.4/conf/cupsd.conf.in 2012-12-03 09:11:03.138115925 +0000 +++ cups-1.5.4/conf/cupsd.conf.in 2012-12-03 11:42:12.451165079 +0000
@@ -9,10 +9,6 @@ @@ -9,10 +9,6 @@
# for troubleshooting... # for troubleshooting...
LogLevel @CUPS_LOG_LEVEL@ LogLevel @CUPS_LOG_LEVEL@
@ -13,8 +13,8 @@ diff -up cups-1.5.4/conf/cupsd.conf.in.str4223 cups-1.5.4/conf/cupsd.conf.in
Listen localhost:@DEFAULT_IPP_PORT@ Listen localhost:@DEFAULT_IPP_PORT@
@CUPS_LISTEN_DOMAINSOCKET@ @CUPS_LISTEN_DOMAINSOCKET@
diff -up cups-1.5.4/conf/cups-files.conf.in.str4223 cups-1.5.4/conf/cups-files.conf.in diff -up cups-1.5.4/conf/cups-files.conf.in.str4223 cups-1.5.4/conf/cups-files.conf.in
--- cups-1.5.4/conf/cups-files.conf.in.str4223 2012-12-03 09:11:03.139115936 +0000 --- cups-1.5.4/conf/cups-files.conf.in.str4223 2012-12-03 11:42:12.451165079 +0000
+++ cups-1.5.4/conf/cups-files.conf.in 2012-12-03 09:11:03.139115936 +0000 +++ cups-1.5.4/conf/cups-files.conf.in 2012-12-03 11:42:38.553234214 +0000
@@ -0,0 +1,98 @@ @@ -0,0 +1,98 @@
+# +#
+# "$Id$" +# "$Id$"
@ -57,7 +57,7 @@ diff -up cups-1.5.4/conf/cups-files.conf.in.str4223 cups-1.5.4/conf/cups-files.c
+#DataDir @CUPS_DATADIR@ +#DataDir @CUPS_DATADIR@
+ +
+# Location of the static web content served by the scheduler... +# Location of the static web content served by the scheduler...
+#DocRoot @CUPS_DOCROOT@ +#DocumentRoot @CUPS_DOCROOT@
+ +
+# Location of the file logging all messages produced by the scheduler and any +# Location of the file logging all messages produced by the scheduler and any
+# helper programs; may be the name "syslog". If not an absolute path, the value +# helper programs; may be the name "syslog". If not an absolute path, the value
@ -116,7 +116,7 @@ diff -up cups-1.5.4/conf/cups-files.conf.in.str4223 cups-1.5.4/conf/cups-files.c
+# +#
diff -up cups-1.5.4/config-scripts/cups-defaults.m4.str4223 cups-1.5.4/config-scripts/cups-defaults.m4 diff -up cups-1.5.4/config-scripts/cups-defaults.m4.str4223 cups-1.5.4/config-scripts/cups-defaults.m4
--- cups-1.5.4/config-scripts/cups-defaults.m4.str4223 2011-05-06 23:53:53.000000000 +0100 --- cups-1.5.4/config-scripts/cups-defaults.m4.str4223 2011-05-06 23:53:53.000000000 +0100
+++ cups-1.5.4/config-scripts/cups-defaults.m4 2012-12-03 09:11:03.139115936 +0000 +++ cups-1.5.4/config-scripts/cups-defaults.m4 2012-12-03 11:42:12.452165082 +0000
@@ -367,6 +367,7 @@ else @@ -367,6 +367,7 @@ else
fi fi
@ -134,8 +134,8 @@ diff -up cups-1.5.4/config-scripts/cups-defaults.m4.str4223 cups-1.5.4/config-sc
dnl Default MaxCopies value... dnl Default MaxCopies value...
AC_ARG_WITH(max-copies, [ --with-max-copies set default max copies value, default=9999 ], AC_ARG_WITH(max-copies, [ --with-max-copies set default max copies value, default=9999 ],
diff -up cups-1.5.4/config-scripts/cups-ssl.m4.str4223 cups-1.5.4/config-scripts/cups-ssl.m4 diff -up cups-1.5.4/config-scripts/cups-ssl.m4.str4223 cups-1.5.4/config-scripts/cups-ssl.m4
--- cups-1.5.4/config-scripts/cups-ssl.m4.str4223 2012-12-03 09:11:02.996114329 +0000 --- cups-1.5.4/config-scripts/cups-ssl.m4.str4223 2012-12-03 11:42:12.302164578 +0000
+++ cups-1.5.4/config-scripts/cups-ssl.m4 2012-12-03 09:11:03.140115947 +0000 +++ cups-1.5.4/config-scripts/cups-ssl.m4 2012-12-03 11:42:12.452165082 +0000
@@ -27,6 +27,8 @@ AC_ARG_WITH(openssl-includes, [ --with- @@ -27,6 +27,8 @@ AC_ARG_WITH(openssl-includes, [ --with-
SSLFLAGS="" SSLFLAGS=""
SSLLIBS="" SSLLIBS=""
@ -183,8 +183,8 @@ diff -up cups-1.5.4/config-scripts/cups-ssl.m4.str4223 cups-1.5.4/config-scripts
AC_SUBST(SSLFLAGS) AC_SUBST(SSLFLAGS)
AC_SUBST(SSLLIBS) AC_SUBST(SSLLIBS)
diff -up cups-1.5.4/configure.in.str4223 cups-1.5.4/configure.in diff -up cups-1.5.4/configure.in.str4223 cups-1.5.4/configure.in
--- cups-1.5.4/configure.in.str4223 2012-12-03 09:11:03.107115578 +0000 --- cups-1.5.4/configure.in.str4223 2012-12-03 11:42:12.426164994 +0000
+++ cups-1.5.4/configure.in 2012-12-03 09:11:03.141115959 +0000 +++ cups-1.5.4/configure.in 2012-12-03 11:42:12.452165082 +0000
@@ -66,6 +66,7 @@ AC_SUBST(INSTALL_LANGUAGES) @@ -66,6 +66,7 @@ AC_SUBST(INSTALL_LANGUAGES)
AC_SUBST(UNINSTALL_LANGUAGES) AC_SUBST(UNINSTALL_LANGUAGES)
@ -202,8 +202,8 @@ diff -up cups-1.5.4/configure.in.str4223 cups-1.5.4/configure.in
man/cupsaddsmb.man man/cupsaddsmb.man
man/cupsd.conf.man man/cupsd.conf.man
diff -up cups-1.5.4/conf/Makefile.str4223 cups-1.5.4/conf/Makefile diff -up cups-1.5.4/conf/Makefile.str4223 cups-1.5.4/conf/Makefile
--- cups-1.5.4/conf/Makefile.str4223 2012-12-03 09:11:02.972114055 +0000 --- cups-1.5.4/conf/Makefile.str4223 2012-12-03 11:42:12.281164507 +0000
+++ cups-1.5.4/conf/Makefile 2012-12-03 09:11:03.141115959 +0000 +++ cups-1.5.4/conf/Makefile 2012-12-03 11:42:12.453165085 +0000
@@ -19,7 +19,7 @@ include ../Makedefs @@ -19,7 +19,7 @@ include ../Makedefs
# Config files... # Config files...
# #
@ -215,7 +215,7 @@ diff -up cups-1.5.4/conf/Makefile.str4223 cups-1.5.4/conf/Makefile
diff -up cups-1.5.4/doc/help/ref-cupsd-conf.html.in.str4223 cups-1.5.4/doc/help/ref-cupsd-conf.html.in diff -up cups-1.5.4/doc/help/ref-cupsd-conf.html.in.str4223 cups-1.5.4/doc/help/ref-cupsd-conf.html.in
--- cups-1.5.4/doc/help/ref-cupsd-conf.html.in.str4223 2012-01-30 21:40:21.000000000 +0000 --- cups-1.5.4/doc/help/ref-cupsd-conf.html.in.str4223 2012-01-30 21:40:21.000000000 +0000
+++ cups-1.5.4/doc/help/ref-cupsd-conf.html.in 2012-12-03 09:11:03.143115982 +0000 +++ cups-1.5.4/doc/help/ref-cupsd-conf.html.in 2012-12-03 11:42:12.453165085 +0000
@@ -191,82 +191,6 @@ HREF="#Location"><CODE>Location</CODE></ @@ -191,82 +191,6 @@ HREF="#Location"><CODE>Location</CODE></
HREF="#Limit"><CODE>Limit</CODE></A> section.</P> HREF="#Limit"><CODE>Limit</CODE></A> section.</P>
@ -584,8 +584,8 @@ diff -up cups-1.5.4/doc/help/ref-cupsd-conf.html.in.str4223 cups-1.5.4/doc/help/
<H3>Examples</H3> <H3>Examples</H3>
diff -up cups-1.5.4/doc/help/ref-cups-files-conf.html.in.str4223 cups-1.5.4/doc/help/ref-cups-files-conf.html.in diff -up cups-1.5.4/doc/help/ref-cups-files-conf.html.in.str4223 cups-1.5.4/doc/help/ref-cups-files-conf.html.in
--- cups-1.5.4/doc/help/ref-cups-files-conf.html.in.str4223 2012-12-03 09:11:03.143115982 +0000 --- cups-1.5.4/doc/help/ref-cups-files-conf.html.in.str4223 2012-12-03 11:42:12.454165088 +0000
+++ cups-1.5.4/doc/help/ref-cups-files-conf.html.in 2012-12-03 09:11:03.143115982 +0000 +++ cups-1.5.4/doc/help/ref-cups-files-conf.html.in 2012-12-03 11:42:12.454165088 +0000
@@ -0,0 +1,531 @@ @@ -0,0 +1,531 @@
+<HTML> +<HTML>
+<!-- SECTION: References --> +<!-- SECTION: References -->
@ -1120,7 +1120,7 @@ diff -up cups-1.5.4/doc/help/ref-cups-files-conf.html.in.str4223 cups-1.5.4/doc/
+</HTML> +</HTML>
diff -up cups-1.5.4/doc/Makefile.str4223 cups-1.5.4/doc/Makefile diff -up cups-1.5.4/doc/Makefile.str4223 cups-1.5.4/doc/Makefile
--- cups-1.5.4/doc/Makefile.str4223 2011-01-17 05:40:28.000000000 +0000 --- cups-1.5.4/doc/Makefile.str4223 2011-01-17 05:40:28.000000000 +0000
+++ cups-1.5.4/doc/Makefile 2012-12-03 09:11:03.144115993 +0000 +++ cups-1.5.4/doc/Makefile 2012-12-03 11:42:12.454165088 +0000
@@ -3,7 +3,7 @@ @@ -3,7 +3,7 @@
# #
# Documentation makefile for CUPS. # Documentation makefile for CUPS.
@ -1132,7 +1132,7 @@ diff -up cups-1.5.4/doc/Makefile.str4223 cups-1.5.4/doc/Makefile
# These coded instructions, statements, and computer programs are the # These coded instructions, statements, and computer programs are the
diff -up cups-1.5.4/man/cupsd.conf.man.in.str4223 cups-1.5.4/man/cupsd.conf.man.in diff -up cups-1.5.4/man/cupsd.conf.man.in.str4223 cups-1.5.4/man/cupsd.conf.man.in
--- cups-1.5.4/man/cupsd.conf.man.in.str4223 2011-05-18 22:33:35.000000000 +0100 --- cups-1.5.4/man/cupsd.conf.man.in.str4223 2011-05-18 22:33:35.000000000 +0100
+++ cups-1.5.4/man/cupsd.conf.man.in 2012-12-03 09:11:03.144115993 +0000 +++ cups-1.5.4/man/cupsd.conf.man.in 2012-12-03 11:42:12.454165088 +0000
@@ -12,12 +12,15 @@ @@ -12,12 +12,15 @@
.\" which should have been included with this file. If this file is .\" which should have been included with this file. If this file is
.\" file is missing or damaged, see the license at "http://www.cups.org/". .\" file is missing or damaged, see the license at "http://www.cups.org/".
@ -1397,8 +1397,8 @@ diff -up cups-1.5.4/man/cupsd.conf.man.in.str4223 cups-1.5.4/man/cupsd.conf.man.
.br .br
http://localhost:631/help http://localhost:631/help
diff -up cups-1.5.4/man/cups-files.conf.man.in.str4223 cups-1.5.4/man/cups-files.conf.man.in diff -up cups-1.5.4/man/cups-files.conf.man.in.str4223 cups-1.5.4/man/cups-files.conf.man.in
--- cups-1.5.4/man/cups-files.conf.man.in.str4223 2012-12-03 09:11:03.145116004 +0000 --- cups-1.5.4/man/cups-files.conf.man.in.str4223 2012-12-03 11:42:12.454165088 +0000
+++ cups-1.5.4/man/cups-files.conf.man.in 2012-12-03 09:11:03.145116004 +0000 +++ cups-1.5.4/man/cups-files.conf.man.in 2012-12-03 11:42:12.454165088 +0000
@@ -0,0 +1,146 @@ @@ -0,0 +1,146 @@
+.\" +.\"
+.\" "$Id$" +.\" "$Id$"
@ -1548,7 +1548,7 @@ diff -up cups-1.5.4/man/cups-files.conf.man.in.str4223 cups-1.5.4/man/cups-files
+.\" +.\"
diff -up cups-1.5.4/man/Makefile.str4223 cups-1.5.4/man/Makefile diff -up cups-1.5.4/man/Makefile.str4223 cups-1.5.4/man/Makefile
--- cups-1.5.4/man/Makefile.str4223 2010-06-22 22:21:37.000000000 +0100 --- cups-1.5.4/man/Makefile.str4223 2010-06-22 22:21:37.000000000 +0100
+++ cups-1.5.4/man/Makefile 2012-12-03 09:11:03.145116004 +0000 +++ cups-1.5.4/man/Makefile 2012-12-03 11:42:12.454165088 +0000
@@ -39,6 +39,7 @@ MAN1 = cancel.$(MAN1EXT) \ @@ -39,6 +39,7 @@ MAN1 = cancel.$(MAN1EXT) \
ppdpo.$(MAN1EXT) ppdpo.$(MAN1EXT)
MAN5 = classes.conf.$(MAN5EXT) \ MAN5 = classes.conf.$(MAN5EXT) \
@ -1559,7 +1559,7 @@ diff -up cups-1.5.4/man/Makefile.str4223 cups-1.5.4/man/Makefile
ipptoolfile.$(MAN5EXT) \ ipptoolfile.$(MAN5EXT) \
diff -up cups-1.5.4/packaging/cups.list.in.str4223 cups-1.5.4/packaging/cups.list.in diff -up cups-1.5.4/packaging/cups.list.in.str4223 cups-1.5.4/packaging/cups.list.in
--- cups-1.5.4/packaging/cups.list.in.str4223 2012-04-24 00:49:19.000000000 +0100 --- cups-1.5.4/packaging/cups.list.in.str4223 2012-04-24 00:49:19.000000000 +0100
+++ cups-1.5.4/packaging/cups.list.in 2012-12-03 09:11:03.146116015 +0000 +++ cups-1.5.4/packaging/cups.list.in 2012-12-03 11:42:12.455165091 +0000
@@ -588,6 +588,7 @@ d 0755 root $CUPS_GROUP $SERVERROOT/inte @@ -588,6 +588,7 @@ d 0755 root $CUPS_GROUP $SERVERROOT/inte
d 0755 root $CUPS_GROUP $SERVERROOT/ppd - d 0755 root $CUPS_GROUP $SERVERROOT/ppd -
d 0700 root $CUPS_GROUP $SERVERROOT/ssl - d 0700 root $CUPS_GROUP $SERVERROOT/ssl -
@ -1570,7 +1570,7 @@ diff -up cups-1.5.4/packaging/cups.list.in.str4223 cups-1.5.4/packaging/cups.lis
%if PAMDIR %if PAMDIR
diff -up cups-1.5.4/packaging/cups.spec.in.str4223 cups-1.5.4/packaging/cups.spec.in diff -up cups-1.5.4/packaging/cups.spec.in.str4223 cups-1.5.4/packaging/cups.spec.in
--- cups-1.5.4/packaging/cups.spec.in.str4223 2012-04-23 18:46:53.000000000 +0100 --- cups-1.5.4/packaging/cups.spec.in.str4223 2012-04-23 18:46:53.000000000 +0100
+++ cups-1.5.4/packaging/cups.spec.in 2012-12-03 09:11:03.146116015 +0000 +++ cups-1.5.4/packaging/cups.spec.in 2012-12-03 11:42:12.455165091 +0000
@@ -152,6 +152,7 @@ rm -rf $RPM_BUILD_ROOT @@ -152,6 +152,7 @@ rm -rf $RPM_BUILD_ROOT
%defattr(-,root,root) %defattr(-,root,root)
%dir /etc/cups %dir /etc/cups
@ -1580,8 +1580,8 @@ diff -up cups-1.5.4/packaging/cups.spec.in.str4223 cups-1.5.4/packaging/cups.spe
%dir /etc/cups/interfaces %dir /etc/cups/interfaces
%dir /etc/cups/ppd %dir /etc/cups/ppd
diff -up cups-1.5.4/scheduler/client.c.str4223 cups-1.5.4/scheduler/client.c diff -up cups-1.5.4/scheduler/client.c.str4223 cups-1.5.4/scheduler/client.c
--- cups-1.5.4/scheduler/client.c.str4223 2012-12-03 09:11:03.087115353 +0000 --- cups-1.5.4/scheduler/client.c.str4223 2012-12-03 11:42:12.408164934 +0000
+++ cups-1.5.4/scheduler/client.c 2012-12-03 09:11:03.148116037 +0000 +++ cups-1.5.4/scheduler/client.c 2012-12-03 11:42:12.456165095 +0000
@@ -35,7 +35,7 @@ @@ -35,7 +35,7 @@
* data_ready() - Check whether data is available from a client. * data_ready() - Check whether data is available from a client.
* encrypt_client() - Enable encryption for the client... * encrypt_client() - Enable encryption for the client...
@ -1681,8 +1681,8 @@ diff -up cups-1.5.4/scheduler/client.c.str4223 cups-1.5.4/scheduler/client.c
/* /*
diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
--- cups-1.5.4/scheduler/conf.c.str4223 2012-12-03 09:11:03.089115374 +0000 --- cups-1.5.4/scheduler/conf.c.str4223 2012-12-03 11:42:12.409164937 +0000
+++ cups-1.5.4/scheduler/conf.c 2012-12-03 09:12:01.425297753 +0000 +++ cups-1.5.4/scheduler/conf.c 2012-12-03 11:43:54.795434434 +0000
@@ -27,7 +27,8 @@ @@ -27,7 +27,8 @@
* parse_fatal_errors() - Parse FatalErrors values in a string. * parse_fatal_errors() - Parse FatalErrors values in a string.
* parse_groups() - Parse system group names in a string. * parse_groups() - Parse system group names in a string.
@ -1749,7 +1749,7 @@ diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
- { "Printcap", &Printcap, CUPSD_VARTYPE_STRING }, - { "Printcap", &Printcap, CUPSD_VARTYPE_STRING },
- { "PrintcapGUI", &PrintcapGUI, CUPSD_VARTYPE_STRING }, - { "PrintcapGUI", &PrintcapGUI, CUPSD_VARTYPE_STRING },
{ "ReloadTimeout", &ReloadTimeout, CUPSD_VARTYPE_INTEGER }, { "ReloadTimeout", &ReloadTimeout, CUPSD_VARTYPE_INTEGER },
{ "RemoteRoot", &RemoteRoot, CUPSD_VARTYPE_STRING }, - { "RemoteRoot", &RemoteRoot, CUPSD_VARTYPE_STRING },
- { "RequestRoot", &RequestRoot, CUPSD_VARTYPE_STRING }, - { "RequestRoot", &RequestRoot, CUPSD_VARTYPE_STRING },
{ "RIPCache", &RIPCache, CUPSD_VARTYPE_STRING }, { "RIPCache", &RIPCache, CUPSD_VARTYPE_STRING },
{ "RootCertDuration", &RootCertDuration, CUPSD_VARTYPE_INTEGER }, { "RootCertDuration", &RootCertDuration, CUPSD_VARTYPE_INTEGER },
@ -1773,6 +1773,7 @@ diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
+ { "LPDConfigFile", &LPDConfigFile, CUPSD_VARTYPE_STRING }, + { "LPDConfigFile", &LPDConfigFile, CUPSD_VARTYPE_STRING },
+ { "PageLog", &PageLog, CUPSD_VARTYPE_STRING }, + { "PageLog", &PageLog, CUPSD_VARTYPE_STRING },
+ { "Printcap", &Printcap, CUPSD_VARTYPE_STRING }, + { "Printcap", &Printcap, CUPSD_VARTYPE_STRING },
+ { "RemoteRoot", &RemoteRoot, CUPSD_VARTYPE_STRING },
+ { "RequestRoot", &RequestRoot, CUPSD_VARTYPE_STRING }, + { "RequestRoot", &RequestRoot, CUPSD_VARTYPE_STRING },
+ +
{ "ServerBin", &ServerBin, CUPSD_VARTYPE_PATHNAME }, { "ServerBin", &ServerBin, CUPSD_VARTYPE_PATHNAME },
@ -1867,16 +1868,29 @@ diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
RunUser = getuid(); RunUser = getuid();
cupsdLogMessage(CUPSD_LOG_INFO, "Remote access is %s.", cupsdLogMessage(CUPSD_LOG_INFO, "Remote access is %s.",
@@ -2512,13 +2546,174 @@ parse_protocols(const char *s) /* I - S @@ -842,6 +876,13 @@ cupsdReadConfiguration(void)
BrowseACL = cupsdFindLocation("CUPS_INTERNAL_BROWSE_ACL");
/*
+ * Make sure ConfigFilePerm and LogFilePerm have sane values...
+ */
+
+ ConfigFilePerm &= 0664;
+ LogFilePerm &= 0664;
+
+ /*
* Open the system log for cupsd if necessary...
*/
@@ -2512,13 +2553,174 @@ parse_protocols(const char *s) /* I - S
/* /*
- * 'read_configuration()' - Read a configuration file. - * 'read_configuration()' - Read a configuration file.
+ * 'parse_variable()' - Parse a variable line. + * 'parse_variable()' - Parse a variable line.
*/ + */
+
static int /* O - 1 on success, 0 on failure */ +static int /* O - 1 on success, 0 on failure */
-read_configuration(cups_file_t *fp) /* I - File to read from */
+parse_variable( +parse_variable(
+ const char *filename, /* I - Name of configuration file */ + const char *filename, /* I - Name of configuration file */
+ int linenum, /* I - Line in configuration file */ + int linenum, /* I - Line in configuration file */
@ -2036,16 +2050,17 @@ diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
+ +
+/* +/*
+ * 'read_cupsd_conf()' - Read the cupsd.conf configuration file. + * 'read_cupsd_conf()' - Read the cupsd.conf configuration file.
+ */ */
+
+static int /* O - 1 on success, 0 on failure */ static int /* O - 1 on success, 0 on failure */
-read_configuration(cups_file_t *fp) /* I - File to read from */
+read_cupsd_conf(cups_file_t *fp) /* I - File to read from */ +read_cupsd_conf(cups_file_t *fp) /* I - File to read from */
{ {
- int i; /* Looping var */ - int i; /* Looping var */
int linenum; /* Current line number */ int linenum; /* Current line number */
char line[HTTP_MAX_BUFFER], char line[HTTP_MAX_BUFFER],
/* Line from file */ /* Line from file */
@@ -2528,7 +2723,6 @@ read_configuration(cups_file_t *fp) /* I @@ -2528,7 +2730,6 @@ read_configuration(cups_file_t *fp) /* I
*value, /* Pointer to value */ *value, /* Pointer to value */
*valueptr; /* Pointer into value */ *valueptr; /* Pointer into value */
int valuelen; /* Length of value */ int valuelen; /* Length of value */
@ -2053,7 +2068,7 @@ diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
http_addrlist_t *addrlist, /* Address list */ http_addrlist_t *addrlist, /* Address list */
*addr; /* Current address */ *addr; /* Current address */
unsigned ip[4], /* Address value */ unsigned ip[4], /* Address value */
@@ -2538,7 +2732,6 @@ read_configuration(cups_file_t *fp) /* I @@ -2538,7 +2739,6 @@ read_configuration(cups_file_t *fp) /* I
cupsd_location_t *location; /* Browse location */ cupsd_location_t *location; /* Browse location */
cups_file_t *incfile; /* Include file */ cups_file_t *incfile; /* Include file */
char incname[1024]; /* Include filename */ char incname[1024]; /* Include filename */
@ -2061,7 +2076,7 @@ diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
/* /*
@@ -2570,7 +2763,7 @@ read_configuration(cups_file_t *fp) /* I @@ -2570,7 +2770,7 @@ read_configuration(cups_file_t *fp) /* I
incname, strerror(errno)); incname, strerror(errno));
else else
{ {
@ -2070,7 +2085,7 @@ diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
cupsFileClose(incfile); cupsFileClose(incfile);
} }
} }
@@ -2594,8 +2787,6 @@ read_configuration(cups_file_t *fp) /* I @@ -2594,8 +2794,6 @@ read_configuration(cups_file_t *fp) /* I
if (linenum == 0) if (linenum == 0)
return (0); return (0);
} }
@ -2079,7 +2094,7 @@ diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
else if (!_cups_strcasecmp(line, "FaxRetryInterval") && value) else if (!_cups_strcasecmp(line, "FaxRetryInterval") && value)
{ {
JobRetryInterval = atoi(value); JobRetryInterval = atoi(value);
@@ -3254,81 +3445,6 @@ read_configuration(cups_file_t *fp) /* I @@ -3254,81 +3452,6 @@ read_configuration(cups_file_t *fp) /* I
} }
} }
#endif /* HAVE_SSL */ #endif /* HAVE_SSL */
@ -2161,7 +2176,7 @@ diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
else if (!_cups_strcasecmp(line, "HostNameLookups") && value) else if (!_cups_strcasecmp(line, "HostNameLookups") && value)
{ {
/* /*
@@ -3407,22 +3523,6 @@ read_configuration(cups_file_t *fp) /* I @@ -3407,22 +3530,6 @@ read_configuration(cups_file_t *fp) /* I
cupsdLogMessage(CUPSD_LOG_WARN, "Unknown LogTimeFormat %s on line %d.", cupsdLogMessage(CUPSD_LOG_WARN, "Unknown LogTimeFormat %s on line %d.",
value, linenum); value, linenum);
} }
@ -2184,7 +2199,7 @@ diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
else if (!_cups_strcasecmp(line, "ServerTokens") && value) else if (!_cups_strcasecmp(line, "ServerTokens") && value)
{ {
/* /*
@@ -3548,117 +3648,192 @@ read_configuration(cups_file_t *fp) /* I @@ -3548,117 +3655,193 @@ read_configuration(cups_file_t *fp) /* I
"line %d.", value, linenum); "line %d.", value, linenum);
} }
#endif /* HAVE_SSL */ #endif /* HAVE_SSL */
@ -2203,6 +2218,7 @@ diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
+ !_cups_strcasecmp(line, "PageLog") || + !_cups_strcasecmp(line, "PageLog") ||
+ !_cups_strcasecmp(line, "Printcap") || + !_cups_strcasecmp(line, "Printcap") ||
+ !_cups_strcasecmp(line, "PrintcapFormat") || + !_cups_strcasecmp(line, "PrintcapFormat") ||
+ !_cups_strcasecmp(line, "RemoteRoot") ||
+ !_cups_strcasecmp(line, "RequestRoot") || + !_cups_strcasecmp(line, "RequestRoot") ||
+ !_cups_strcasecmp(line, "ServerBin") || + !_cups_strcasecmp(line, "ServerBin") ||
+ !_cups_strcasecmp(line, "ServerCertificate") || + !_cups_strcasecmp(line, "ServerCertificate") ||
@ -2471,8 +2487,8 @@ diff -up cups-1.5.4/scheduler/conf.c.str4223 cups-1.5.4/scheduler/conf.c
return (1); return (1);
diff -up cups-1.5.4/scheduler/conf.h.str4223 cups-1.5.4/scheduler/conf.h diff -up cups-1.5.4/scheduler/conf.h.str4223 cups-1.5.4/scheduler/conf.h
--- cups-1.5.4/scheduler/conf.h.str4223 2012-12-03 09:11:02.987114226 +0000 --- cups-1.5.4/scheduler/conf.h.str4223 2012-12-03 11:42:12.291164541 +0000
+++ cups-1.5.4/scheduler/conf.h 2012-12-03 09:11:03.152116083 +0000 +++ cups-1.5.4/scheduler/conf.h 2012-12-03 11:42:12.457165099 +0000
@@ -96,7 +96,9 @@ typedef struct @@ -96,7 +96,9 @@ typedef struct
*/ */
@ -2485,8 +2501,8 @@ diff -up cups-1.5.4/scheduler/conf.h.str4223 cups-1.5.4/scheduler/conf.h
/* FQDN for server */ /* FQDN for server */
*ServerAdmin VALUE(NULL), *ServerAdmin VALUE(NULL),
diff -up cups-1.5.4/scheduler/main.c.str4223 cups-1.5.4/scheduler/main.c diff -up cups-1.5.4/scheduler/main.c.str4223 cups-1.5.4/scheduler/main.c
--- cups-1.5.4/scheduler/main.c.str4223 2012-12-03 09:11:03.110115610 +0000 --- cups-1.5.4/scheduler/main.c.str4223 2012-12-03 11:42:12.428165001 +0000
+++ cups-1.5.4/scheduler/main.c 2012-12-03 09:11:03.153116094 +0000 +++ cups-1.5.4/scheduler/main.c 2012-12-03 11:44:31.837533988 +0000
@@ -225,7 +225,6 @@ main(int argc, /* I - Number of comm @@ -225,7 +225,6 @@ main(int argc, /* I - Number of comm
char *current; /* Current directory */ char *current; /* Current directory */
@ -2495,43 +2511,7 @@ diff -up cups-1.5.4/scheduler/main.c.str4223 cups-1.5.4/scheduler/main.c
/* /*
* Allocate a buffer for the current working directory to * Allocate a buffer for the current working directory to
* reduce run-time stack usage; this approximates the * reduce run-time stack usage; this approximates the
@@ -251,6 +250,35 @@ main(int argc, /* I - Number of comm @@ -289,6 +288,29 @@ main(int argc, /* I - Number of comm
cupsdSetStringf(&ConfigurationFile, "%s/%s", current, argv[i]);
free(current);
}
+
+ if (!CupsFilesFile)
+ {
+ char *filename, /* Copy of cupsd.conf filename */
+ *slash; /* Final slash in cupsd.conf filename */
+ size_t len; /* Size of buffer */
+
+ len = strlen(ConfigurationFile) + 15;
+ if ((filename = malloc(len)) == NULL)
+ {
+ _cupsLangPrintf(stderr,
+ _("cupsd: Unable to get path to "
+ "cups-files.conf file."));
+ return (1);
+ }
+
+ strlcpy(filename, ConfigurationFile, len);
+ if ((slash = strrchr(filename, '/')) == NULL)
+ {
+ _cupsLangPrintf(stderr,
+ _("cupsd: Unable to get path to "
+ "cups-files.conf file."));
+ return (1);
+ }
+
+ strlcpy(slash, "/cups-files.conf", len - (slash - filename));
+ cupsdSetString(&CupsFilesFile, filename);
+ free(filename);
+ }
break;
case 'f' : /* Run in foreground... */
@@ -289,6 +317,29 @@ main(int argc, /* I - Number of comm
UseProfiles = 0; UseProfiles = 0;
break; break;
@ -2561,19 +2541,45 @@ diff -up cups-1.5.4/scheduler/main.c.str4223 cups-1.5.4/scheduler/main.c
#ifdef __APPLE__ #ifdef __APPLE__
case 'S' : /* Disable system management functions */ case 'S' : /* Disable system management functions */
fputs("cupsd: -S (disable system management) for internal " fputs("cupsd: -S (disable system management) for internal "
@@ -318,6 +369,9 @@ main(int argc, /* I - Number of comm @@ -318,6 +340,35 @@ main(int argc, /* I - Number of comm
if (!ConfigurationFile) if (!ConfigurationFile)
cupsdSetString(&ConfigurationFile, CUPS_SERVERROOT "/cupsd.conf"); cupsdSetString(&ConfigurationFile, CUPS_SERVERROOT "/cupsd.conf");
+ if (!CupsFilesFile) + if (!CupsFilesFile)
+ cupsdSetString(&CupsFilesFile, CUPS_SERVERROOT "/cups-files.conf"); + {
+ char *filename, /* Copy of cupsd.conf filename */
+ *slash; /* Final slash in cupsd.conf filename */
+ size_t len; /* Size of buffer */
+
+ len = strlen(ConfigurationFile) + 15;
+ if ((filename = malloc(len)) == NULL)
+ {
+ _cupsLangPrintf(stderr,
+ _("cupsd: Unable to get path to "
+ "cups-files.conf file."));
+ return (1);
+ }
+
+ strlcpy(filename, ConfigurationFile, len);
+ if ((slash = strrchr(filename, '/')) == NULL)
+ {
+ _cupsLangPrintf(stderr,
+ _("cupsd: Unable to get path to "
+ "cups-files.conf file."));
+ return (1);
+ }
+
+ strlcpy(slash, "/cups-files.conf", len - (slash - filename));
+ cupsdSetString(&CupsFilesFile, filename);
+ free(filename);
+ }
+ +
/* /*
* If the user hasn't specified "-f", run in the background... * If the user hasn't specified "-f", run in the background...
*/ */
diff -up cups-1.5.4/test/run-stp-tests.sh.str4223 cups-1.5.4/test/run-stp-tests.sh diff -up cups-1.5.4/test/run-stp-tests.sh.str4223 cups-1.5.4/test/run-stp-tests.sh
--- cups-1.5.4/test/run-stp-tests.sh.str4223 2012-05-15 15:04:18.000000000 +0100 --- cups-1.5.4/test/run-stp-tests.sh.str4223 2012-05-15 15:04:18.000000000 +0100
+++ cups-1.5.4/test/run-stp-tests.sh 2012-12-03 09:11:03.153116094 +0000 +++ cups-1.5.4/test/run-stp-tests.sh 2012-12-03 11:42:12.457165099 +0000
@@ -337,25 +337,10 @@ fi @@ -337,25 +337,10 @@ fi
cat >/tmp/cups-$user/cupsd.conf <<EOF cat >/tmp/cups-$user/cupsd.conf <<EOF

View File

@ -12,7 +12,7 @@
Summary: Common Unix Printing System Summary: Common Unix Printing System
Name: cups Name: cups
Version: 1.5.4 Version: 1.5.4
Release: 17%{?dist} Release: 18%{?dist}
License: GPLv2 License: GPLv2
Group: System Environment/Daemons Group: System Environment/Daemons
Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2 Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2
@ -491,7 +491,7 @@ for keyword in AccessLog CacheDir ConfigFilePerm \
DataDir DocumentRoot ErrorLog FatalErrors \ DataDir DocumentRoot ErrorLog FatalErrors \
FileDevice FontPath Group LogFilePerm \ FileDevice FontPath Group LogFilePerm \
LPDConfigFile PageLog Printcap PrintcapFormat \ LPDConfigFile PageLog Printcap PrintcapFormat \
RequestRoot ServerBin ServerCertificate \ RemoteRoot RequestRoot ServerBin ServerCertificate \
ServerKey ServerRoot SMBConfigFile StateDir \ ServerKey ServerRoot SMBConfigFile StateDir \
SystemGroup SystemGroupAuthKey TempDir User; do SystemGroup SystemGroupAuthKey TempDir User; do
if ! /bin/grep -iq ^$keyword "$IN"; then continue; fi if ! /bin/grep -iq ^$keyword "$IN"; then continue; fi
@ -728,6 +728,10 @@ rm -f %{cups_serverbin}/backend/smb
%{_mandir}/man1/ipptool.1.gz %{_mandir}/man1/ipptool.1.gz
%changelog %changelog
* Mon Dec 3 2012 Tim Waugh <twaugh@redhat.com> 1:1.5.4-18
- Applied additional upstream patch for CVE-2012-5519 so that the
RemoteRoot keyword is recognised in the correct configuration file.
* Mon Dec 3 2012 Tim Waugh <twaugh@redhat.com> 1:1.5.4-17 * Mon Dec 3 2012 Tim Waugh <twaugh@redhat.com> 1:1.5.4-17
- Fixed patch for CVE-2012-5519 so that LogFilePerm and LPDConfigFile - Fixed patch for CVE-2012-5519 so that LogFilePerm and LPDConfigFile
are recognised keywords for cups-files.conf (bug #882379). are recognised keywords for cups-files.conf (bug #882379).