From 516ea2440dc79c039caf1861351e1ea5618bd272 Mon Sep 17 00:00:00 2001 From: Tim Waugh Date: Mon, 16 Nov 2009 11:18:15 +0000 Subject: [PATCH] - Upstream fix for GNU TLS error handling bug (STR #3381). --- cups-str3381.patch | 208 +++++++++++++++++++++++++++++++++++++++++++++ cups.spec | 7 +- 2 files changed, 214 insertions(+), 1 deletion(-) create mode 100644 cups-str3381.patch diff --git a/cups-str3381.patch b/cups-str3381.patch new file mode 100644 index 0000000..88a007c --- /dev/null +++ b/cups-str3381.patch @@ -0,0 +1,208 @@ +diff -up cups-1.4.2/CHANGES.txt.str3381 cups-1.4.2/CHANGES.txt +--- cups-1.4.2/CHANGES.txt.str3381 2009-11-09 23:01:17.000000000 +0000 ++++ cups-1.4.2/CHANGES.txt 2009-11-16 10:55:21.518666538 +0000 +@@ -1,6 +1,11 @@ +-CHANGES.txt - 2009-11-09 ++CHANGES.txt - 2009-11-13 + ------------------------ + ++CHANGES IN CUPS V1.4.3 ++ ++ - Fixed a GNU TLS error handling bug (STR #3381) ++ ++ + CHANGES IN CUPS V1.4.2 + + - SECURITY: The CUPS web interface was vulnerable to several XSS and +diff -up cups-1.4.2/cups/http.c.str3381 cups-1.4.2/cups/http.c +--- cups-1.4.2/cups/http.c.str3381 2009-07-01 16:23:28.000000000 +0100 ++++ cups-1.4.2/cups/http.c 2009-11-16 10:55:21.520666380 +0000 +@@ -26,7 +26,6 @@ + * httpClearCookie() - Clear the cookie value(s). + * httpClearFields() - Clear HTTP request fields. + * httpClose() - Close an HTTP connection... +- * httpConnect() - Connect to a HTTP server. + * httpConnectEncrypt() - Connect to a HTTP server using encryption. + * _httpCreate() - Create an unconnected HTTP connection. + * httpDelete() - Send a DELETE request to the server. +@@ -721,7 +720,7 @@ httpGetField(http_t *http, /* I - + { + if (!http || field <= HTTP_FIELD_UNKNOWN || field >= HTTP_FIELD_MAX) + return (NULL); +- else if (field == HTTP_FIELD_AUTHORIZATION && ++ else if (field == HTTP_FIELD_AUTHORIZATION && + http->field_authorization) + { + /* +@@ -1137,7 +1136,7 @@ httpGets(char *line, /* I - Line to + http->activity = time(NULL); + + *lineptr = '\0'; +- ++ + DEBUG_printf(("3httpGets: Returning \"%s\"", line)); + + return (line); +@@ -2283,7 +2282,7 @@ httpWait(http_t *http, /* I - Connecti + * + * @deprecated@ + */ +- ++ + int /* O - Number of bytes written */ + httpWrite(http_t *http, /* I - Connection to server */ + const char *buffer, /* I - Buffer for data */ +@@ -2298,7 +2297,7 @@ httpWrite(http_t *http, /* I - Conn + * + * @since CUPS 1.2/Mac OS X 10.5@ + */ +- ++ + ssize_t /* O - Number of bytes written */ + httpWrite2(http_t *http, /* I - Connection to server */ + const char *buffer, /* I - Buffer for data */ +@@ -2456,7 +2455,7 @@ _httpWriteCDSA( + else + { + *dataLength = 0; +- ++ + if (errno == EAGAIN) + result = errSSLWouldBlock; + else +@@ -2517,7 +2516,7 @@ http_bio_ctrl(BIO *h, /* I - BIO data + } + else + return (0); +- ++ + case BIO_CTRL_DUP : + case BIO_CTRL_FLUSH : + return (1); +@@ -2719,7 +2718,36 @@ http_read_ssl(http_t *http, /* I - Conn + return (SSL_read((SSL *)(http->tls), buf, len)); + + # elif defined(HAVE_GNUTLS) +- return (gnutls_record_recv(((http_tls_t *)(http->tls))->session, buf, len)); ++ ssize_t result; /* Return value */ ++ ++ ++ result = gnutls_record_recv(((http_tls_t *)(http->tls))->session, buf, len); ++ ++ if (result < 0 && !errno) ++ { ++ /* ++ * Convert GNU TLS error to errno value... ++ */ ++ ++ switch (result) ++ { ++ case GNUTLS_E_INTERRUPTED : ++ errno = EINTR; ++ break; ++ ++ case GNUTLS_E_AGAIN : ++ errno = EAGAIN; ++ break; ++ ++ default : ++ errno = EPIPE; ++ break; ++ } ++ ++ result = -1; ++ } ++ ++ return ((int)result); + + # elif defined(HAVE_CDSASSL) + int result; /* Return value */ +@@ -2857,7 +2885,7 @@ http_send(http_t *http, /* I - Con + DEBUG_printf(("9http_send: %s: %s", http_fields[i], + httpGetField(http, i))); + +- if (httpPrintf(http, "%s: %s\r\n", http_fields[i], ++ if (httpPrintf(http, "%s: %s\r\n", http_fields[i], + httpGetField(http, i)) < 1) + { + http->status = HTTP_ERROR; +@@ -2896,15 +2924,15 @@ http_send(http_t *http, /* I - Con + * The Kerberos and AuthRef authentication strings can only be used once... + */ + +- if (http->field_authorization && http->authstring && +- (!strncmp(http->authstring, "Negotiate", 9) || ++ if (http->field_authorization && http->authstring && ++ (!strncmp(http->authstring, "Negotiate", 9) || + !strncmp(http->authstring, "AuthRef", 7))) + { + http->_authstring[0] = '\0'; + + if (http->authstring != http->_authstring) + free(http->authstring); +- ++ + http->authstring = http->_authstring; + } + +@@ -3220,7 +3248,7 @@ http_upgrade(http_t *http) /* I - Conne + /* + * 'http_write()' - Write a buffer to a HTTP connection. + */ +- ++ + static int /* O - Number of bytes written */ + http_write(http_t *http, /* I - Connection to server */ + const char *buffer, /* I - Buffer for data */ +@@ -3335,7 +3363,36 @@ http_write_ssl(http_t *http, /* I - + return (SSL_write((SSL *)(http->tls), buf, len)); + + # elif defined(HAVE_GNUTLS) +- return (gnutls_record_send(((http_tls_t *)(http->tls))->session, buf, len)); ++ ssize_t result; /* Return value */ ++ ++ result = gnutls_record_send(((http_tls_t *)(http->tls))->session, buf, len); ++ ++ if (result < 0 && !errno) ++ { ++ /* ++ * Convert GNU TLS error to errno value... ++ */ ++ ++ switch (result) ++ { ++ case GNUTLS_E_INTERRUPTED : ++ errno = EINTR; ++ break; ++ ++ case GNUTLS_E_AGAIN : ++ errno = EAGAIN; ++ break; ++ ++ default : ++ errno = EPIPE; ++ break; ++ } ++ ++ result = -1; ++ } ++ ++ return ((int)result); ++ + # elif defined(HAVE_CDSASSL) + int result; /* Return value */ + OSStatus error; /* Error info */ +@@ -3358,11 +3415,11 @@ http_write_ssl(http_t *http, /* I - + else + { + result = -1; +- errno = EINTR; ++ errno = EINTR; + } + break; + default : +- errno = EPIPE; ++ errno = EPIPE; + result = -1; + break; + } diff --git a/cups.spec b/cups.spec index 151f2d9..9d5d139 100644 --- a/cups.spec +++ b/cups.spec @@ -9,7 +9,7 @@ Summary: Common Unix Printing System Name: cups Version: 1.4.2 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2 Group: System Environment/Daemons Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2 @@ -54,6 +54,7 @@ Patch26: cups-str3382.patch Patch27: cups-str3285_v2.patch Patch28: cups-str3390.patch Patch29: cups-str3391.patch +Patch30: cups-str3381.patch Patch100: cups-lspp.patch Epoch: 1 @@ -212,6 +213,7 @@ module. %patch27 -p1 -b .str3285_v2 %patch28 -p1 -b .str3390 %patch29 -p1 -b .str3391 +%patch30 -p1 -b .str3381 %if %lspp %patch100 -p1 -b .lspp @@ -509,6 +511,9 @@ rm -rf $RPM_BUILD_ROOT %{php_extdir}/phpcups.so %changelog +* Mon Nov 16 2009 Tim Waugh 1:1.4.2-4 +- Upstream fix for GNU TLS error handling bug (STR #3381). + * Wed Nov 11 2009 Jiri Popelka 1:1.4.2-3 - Fixed lspp-patch to avoid memory leak (bug #536741).