- Upstream fix for GNU TLS error handling bug (STR #3381).
This commit is contained in:
parent
1ab3991a96
commit
516ea2440d
208
cups-str3381.patch
Normal file
208
cups-str3381.patch
Normal file
@ -0,0 +1,208 @@
|
||||
diff -up cups-1.4.2/CHANGES.txt.str3381 cups-1.4.2/CHANGES.txt
|
||||
--- cups-1.4.2/CHANGES.txt.str3381 2009-11-09 23:01:17.000000000 +0000
|
||||
+++ cups-1.4.2/CHANGES.txt 2009-11-16 10:55:21.518666538 +0000
|
||||
@@ -1,6 +1,11 @@
|
||||
-CHANGES.txt - 2009-11-09
|
||||
+CHANGES.txt - 2009-11-13
|
||||
------------------------
|
||||
|
||||
+CHANGES IN CUPS V1.4.3
|
||||
+
|
||||
+ - Fixed a GNU TLS error handling bug (STR #3381)
|
||||
+
|
||||
+
|
||||
CHANGES IN CUPS V1.4.2
|
||||
|
||||
- SECURITY: The CUPS web interface was vulnerable to several XSS and
|
||||
diff -up cups-1.4.2/cups/http.c.str3381 cups-1.4.2/cups/http.c
|
||||
--- cups-1.4.2/cups/http.c.str3381 2009-07-01 16:23:28.000000000 +0100
|
||||
+++ cups-1.4.2/cups/http.c 2009-11-16 10:55:21.520666380 +0000
|
||||
@@ -26,7 +26,6 @@
|
||||
* httpClearCookie() - Clear the cookie value(s).
|
||||
* httpClearFields() - Clear HTTP request fields.
|
||||
* httpClose() - Close an HTTP connection...
|
||||
- * httpConnect() - Connect to a HTTP server.
|
||||
* httpConnectEncrypt() - Connect to a HTTP server using encryption.
|
||||
* _httpCreate() - Create an unconnected HTTP connection.
|
||||
* httpDelete() - Send a DELETE request to the server.
|
||||
@@ -721,7 +720,7 @@ httpGetField(http_t *http, /* I -
|
||||
{
|
||||
if (!http || field <= HTTP_FIELD_UNKNOWN || field >= HTTP_FIELD_MAX)
|
||||
return (NULL);
|
||||
- else if (field == HTTP_FIELD_AUTHORIZATION &&
|
||||
+ else if (field == HTTP_FIELD_AUTHORIZATION &&
|
||||
http->field_authorization)
|
||||
{
|
||||
/*
|
||||
@@ -1137,7 +1136,7 @@ httpGets(char *line, /* I - Line to
|
||||
http->activity = time(NULL);
|
||||
|
||||
*lineptr = '\0';
|
||||
-
|
||||
+
|
||||
DEBUG_printf(("3httpGets: Returning \"%s\"", line));
|
||||
|
||||
return (line);
|
||||
@@ -2283,7 +2282,7 @@ httpWait(http_t *http, /* I - Connecti
|
||||
*
|
||||
* @deprecated@
|
||||
*/
|
||||
-
|
||||
+
|
||||
int /* O - Number of bytes written */
|
||||
httpWrite(http_t *http, /* I - Connection to server */
|
||||
const char *buffer, /* I - Buffer for data */
|
||||
@@ -2298,7 +2297,7 @@ httpWrite(http_t *http, /* I - Conn
|
||||
*
|
||||
* @since CUPS 1.2/Mac OS X 10.5@
|
||||
*/
|
||||
-
|
||||
+
|
||||
ssize_t /* O - Number of bytes written */
|
||||
httpWrite2(http_t *http, /* I - Connection to server */
|
||||
const char *buffer, /* I - Buffer for data */
|
||||
@@ -2456,7 +2455,7 @@ _httpWriteCDSA(
|
||||
else
|
||||
{
|
||||
*dataLength = 0;
|
||||
-
|
||||
+
|
||||
if (errno == EAGAIN)
|
||||
result = errSSLWouldBlock;
|
||||
else
|
||||
@@ -2517,7 +2516,7 @@ http_bio_ctrl(BIO *h, /* I - BIO data
|
||||
}
|
||||
else
|
||||
return (0);
|
||||
-
|
||||
+
|
||||
case BIO_CTRL_DUP :
|
||||
case BIO_CTRL_FLUSH :
|
||||
return (1);
|
||||
@@ -2719,7 +2718,36 @@ http_read_ssl(http_t *http, /* I - Conn
|
||||
return (SSL_read((SSL *)(http->tls), buf, len));
|
||||
|
||||
# elif defined(HAVE_GNUTLS)
|
||||
- return (gnutls_record_recv(((http_tls_t *)(http->tls))->session, buf, len));
|
||||
+ ssize_t result; /* Return value */
|
||||
+
|
||||
+
|
||||
+ result = gnutls_record_recv(((http_tls_t *)(http->tls))->session, buf, len);
|
||||
+
|
||||
+ if (result < 0 && !errno)
|
||||
+ {
|
||||
+ /*
|
||||
+ * Convert GNU TLS error to errno value...
|
||||
+ */
|
||||
+
|
||||
+ switch (result)
|
||||
+ {
|
||||
+ case GNUTLS_E_INTERRUPTED :
|
||||
+ errno = EINTR;
|
||||
+ break;
|
||||
+
|
||||
+ case GNUTLS_E_AGAIN :
|
||||
+ errno = EAGAIN;
|
||||
+ break;
|
||||
+
|
||||
+ default :
|
||||
+ errno = EPIPE;
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ result = -1;
|
||||
+ }
|
||||
+
|
||||
+ return ((int)result);
|
||||
|
||||
# elif defined(HAVE_CDSASSL)
|
||||
int result; /* Return value */
|
||||
@@ -2857,7 +2885,7 @@ http_send(http_t *http, /* I - Con
|
||||
DEBUG_printf(("9http_send: %s: %s", http_fields[i],
|
||||
httpGetField(http, i)));
|
||||
|
||||
- if (httpPrintf(http, "%s: %s\r\n", http_fields[i],
|
||||
+ if (httpPrintf(http, "%s: %s\r\n", http_fields[i],
|
||||
httpGetField(http, i)) < 1)
|
||||
{
|
||||
http->status = HTTP_ERROR;
|
||||
@@ -2896,15 +2924,15 @@ http_send(http_t *http, /* I - Con
|
||||
* The Kerberos and AuthRef authentication strings can only be used once...
|
||||
*/
|
||||
|
||||
- if (http->field_authorization && http->authstring &&
|
||||
- (!strncmp(http->authstring, "Negotiate", 9) ||
|
||||
+ if (http->field_authorization && http->authstring &&
|
||||
+ (!strncmp(http->authstring, "Negotiate", 9) ||
|
||||
!strncmp(http->authstring, "AuthRef", 7)))
|
||||
{
|
||||
http->_authstring[0] = '\0';
|
||||
|
||||
if (http->authstring != http->_authstring)
|
||||
free(http->authstring);
|
||||
-
|
||||
+
|
||||
http->authstring = http->_authstring;
|
||||
}
|
||||
|
||||
@@ -3220,7 +3248,7 @@ http_upgrade(http_t *http) /* I - Conne
|
||||
/*
|
||||
* 'http_write()' - Write a buffer to a HTTP connection.
|
||||
*/
|
||||
-
|
||||
+
|
||||
static int /* O - Number of bytes written */
|
||||
http_write(http_t *http, /* I - Connection to server */
|
||||
const char *buffer, /* I - Buffer for data */
|
||||
@@ -3335,7 +3363,36 @@ http_write_ssl(http_t *http, /* I -
|
||||
return (SSL_write((SSL *)(http->tls), buf, len));
|
||||
|
||||
# elif defined(HAVE_GNUTLS)
|
||||
- return (gnutls_record_send(((http_tls_t *)(http->tls))->session, buf, len));
|
||||
+ ssize_t result; /* Return value */
|
||||
+
|
||||
+ result = gnutls_record_send(((http_tls_t *)(http->tls))->session, buf, len);
|
||||
+
|
||||
+ if (result < 0 && !errno)
|
||||
+ {
|
||||
+ /*
|
||||
+ * Convert GNU TLS error to errno value...
|
||||
+ */
|
||||
+
|
||||
+ switch (result)
|
||||
+ {
|
||||
+ case GNUTLS_E_INTERRUPTED :
|
||||
+ errno = EINTR;
|
||||
+ break;
|
||||
+
|
||||
+ case GNUTLS_E_AGAIN :
|
||||
+ errno = EAGAIN;
|
||||
+ break;
|
||||
+
|
||||
+ default :
|
||||
+ errno = EPIPE;
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ result = -1;
|
||||
+ }
|
||||
+
|
||||
+ return ((int)result);
|
||||
+
|
||||
# elif defined(HAVE_CDSASSL)
|
||||
int result; /* Return value */
|
||||
OSStatus error; /* Error info */
|
||||
@@ -3358,11 +3415,11 @@ http_write_ssl(http_t *http, /* I -
|
||||
else
|
||||
{
|
||||
result = -1;
|
||||
- errno = EINTR;
|
||||
+ errno = EINTR;
|
||||
}
|
||||
break;
|
||||
default :
|
||||
- errno = EPIPE;
|
||||
+ errno = EPIPE;
|
||||
result = -1;
|
||||
break;
|
||||
}
|
@ -9,7 +9,7 @@
|
||||
Summary: Common Unix Printing System
|
||||
Name: cups
|
||||
Version: 1.4.2
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
License: GPLv2
|
||||
Group: System Environment/Daemons
|
||||
Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2
|
||||
@ -54,6 +54,7 @@ Patch26: cups-str3382.patch
|
||||
Patch27: cups-str3285_v2.patch
|
||||
Patch28: cups-str3390.patch
|
||||
Patch29: cups-str3391.patch
|
||||
Patch30: cups-str3381.patch
|
||||
|
||||
Patch100: cups-lspp.patch
|
||||
Epoch: 1
|
||||
@ -212,6 +213,7 @@ module.
|
||||
%patch27 -p1 -b .str3285_v2
|
||||
%patch28 -p1 -b .str3390
|
||||
%patch29 -p1 -b .str3391
|
||||
%patch30 -p1 -b .str3381
|
||||
|
||||
%if %lspp
|
||||
%patch100 -p1 -b .lspp
|
||||
@ -509,6 +511,9 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{php_extdir}/phpcups.so
|
||||
|
||||
%changelog
|
||||
* Mon Nov 16 2009 Tim Waugh <twaugh@redhat.com> 1:1.4.2-4
|
||||
- Upstream fix for GNU TLS error handling bug (STR #3381).
|
||||
|
||||
* Wed Nov 11 2009 Jiri Popelka <jpopelka@redhat.com> 1:1.4.2-3
|
||||
- Fixed lspp-patch to avoid memory leak (bug #536741).
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user