- 1.3.9, including fixes for CVE-2008-3639 (STR #2918, bug #464710),

CVE-2008-3640 (STR #2919, bug #464713) and CVE-2008-3641 (STR #2911,
    bug #464716).
- No longer need str2892 or res_init patches.
This commit is contained in:
Tim Waugh 2008-10-10 09:44:33 +00:00
parent d9669961e9
commit f5608b99a9
6 changed files with 61 additions and 289 deletions

View File

@ -33,3 +33,4 @@ cups-1.3.5-source.tar.bz2
cups-1.3.6-source.tar.bz2
cups-1.3.7-source.tar.bz2
cups-1.3.8-source.tar.bz2
cups-1.3.9-source.tar.bz2

View File

@ -1,6 +1,6 @@
diff -up cups-1.3.8/berkeley/lpr.c.getnameddest cups-1.3.8/berkeley/lpr.c
--- cups-1.3.8/berkeley/lpr.c.getnameddest 2008-07-28 16:28:24.000000000 +0100
+++ cups-1.3.8/berkeley/lpr.c 2008-07-28 16:28:24.000000000 +0100
diff -up cups-1.3.9/berkeley/lpr.c.getnameddest cups-1.3.9/berkeley/lpr.c
--- cups-1.3.9/berkeley/lpr.c.getnameddest 2008-10-10 09:35:05.000000000 +0100
+++ cups-1.3.9/berkeley/lpr.c 2008-10-10 09:35:05.000000000 +0100
@@ -92,9 +92,7 @@ main(int argc, /* I - Number of comm
int num_copies; /* Number of copies per file */
int num_files; /* Number of files to print */
@ -55,9 +55,9 @@ diff -up cups-1.3.8/berkeley/lpr.c.getnameddest cups-1.3.8/berkeley/lpr.c
_cupsLangPrintf(stderr,
_("%s: Error - %s environment variable names "
"non-existent destination \"%s\"!\n"),
diff -up cups-1.3.8/cups/cups.h.getnameddest cups-1.3.8/cups/cups.h
--- cups-1.3.8/cups/cups.h.getnameddest 2008-07-11 23:48:49.000000000 +0100
+++ cups-1.3.8/cups/cups.h 2008-07-28 16:28:24.000000000 +0100
diff -up cups-1.3.9/cups/cups.h.getnameddest cups-1.3.9/cups/cups.h
--- cups-1.3.9/cups/cups.h.getnameddest 2008-07-23 01:06:46.000000000 +0100
+++ cups-1.3.9/cups/cups.h 2008-10-10 09:35:05.000000000 +0100
@@ -248,6 +248,9 @@ extern void cupsSetDefaultDest(const ch
int num_dests,
cups_dest_t *dests);
@ -68,9 +68,9 @@ diff -up cups-1.3.8/cups/cups.h.getnameddest cups-1.3.8/cups/cups.h
# ifdef __cplusplus
}
diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
--- cups-1.3.8/cups/dest.c.getnameddest 2008-07-11 23:48:49.000000000 +0100
+++ cups-1.3.8/cups/dest.c 2008-07-28 16:28:24.000000000 +0100
diff -up cups-1.3.9/cups/dest.c.getnameddest cups-1.3.9/cups/dest.c
--- cups-1.3.9/cups/dest.c.getnameddest 2008-09-17 00:37:56.000000000 +0100
+++ cups-1.3.9/cups/dest.c 2008-10-10 09:36:02.000000000 +0100
@@ -25,6 +25,7 @@
* server.
* cupsGetDests2() - Get the list of destinations from the
@ -128,18 +128,19 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
return (num_dests);
}
@@ -330,8 +333,8 @@ cupsGetDests2(http_t *http, /* I -
@@ -330,9 +333,9 @@ cupsGetDests2(http_t *http, /* I -
* Grab the printers and classes...
*/
- num_dests = cups_get_sdests(http, CUPS_GET_PRINTERS, num_dests, dests);
- num_dests = cups_get_sdests(http, CUPS_GET_CLASSES, num_dests, dests);
+ num_dests = cups_get_sdests(http, CUPS_GET_PRINTERS, NULL, num_dests, dests);
if (cupsLastError() < IPP_REDIRECTION_OTHER_SITE)
- num_dests = cups_get_sdests(http, CUPS_GET_CLASSES, num_dests, dests);
+ num_dests = cups_get_sdests(http, CUPS_GET_CLASSES, NULL, num_dests, dests);
/*
* Make a copy of the "real" queues for a later sanity check...
@@ -390,7 +393,7 @@ cupsGetDests2(http_t *http, /* I -
if (cupsLastError() >= IPP_REDIRECTION_OTHER_SITE)
{
@@ -398,7 +401,7 @@ cupsGetDests2(http_t *http, /* I -
*/
snprintf(filename, sizeof(filename), "%s/lpoptions", cg->cups_serverroot);
@ -148,7 +149,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
if ((home = getenv("HOME")) != NULL)
{
@@ -398,7 +401,7 @@ cupsGetDests2(http_t *http, /* I -
@@ -406,7 +409,7 @@ cupsGetDests2(http_t *http, /* I -
if (access(filename, 0))
snprintf(filename, sizeof(filename), "%s/.lpoptions", home);
@ -157,7 +158,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
}
/*
@@ -452,6 +455,136 @@ cupsGetDests2(http_t *http, /* I -
@@ -460,6 +463,136 @@ cupsGetDests2(http_t *http, /* I -
/*
@ -294,7 +295,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
* 'cupsRemoveDest()' - Remove a destination from the destination list.
*
* Removing a destination/instance does not delete the class or printer
@@ -548,19 +681,17 @@ void
@@ -556,19 +689,17 @@ void
cupsSetDests(int num_dests, /* I - Number of destinations */
cups_dest_t *dests) /* I - Destinations */
{
@ -318,7 +319,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
}
@@ -606,8 +737,8 @@ cupsSetDests2(http_t *http, /* I -
@@ -614,8 +745,8 @@ cupsSetDests2(http_t *http, /* I -
* Get the server destinations...
*/
@ -329,7 +330,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
/*
* Figure out which file to write to...
@@ -622,7 +753,7 @@ cupsSetDests2(http_t *http, /* I -
@@ -630,7 +761,7 @@ cupsSetDests2(http_t *http, /* I -
* Merge in server defaults...
*/
@ -338,7 +339,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
/*
* Point to user defaults...
@@ -789,24 +920,88 @@ cupsSetDests2(http_t *http, /* I -
@@ -797,24 +928,88 @@ cupsSetDests2(http_t *http, /* I -
/*
@ -428,7 +429,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
/*
* Check environment variables...
*/
@@ -816,12 +1011,8 @@ cups_get_dests(const char *filename, /*
@@ -824,12 +1019,8 @@ cups_get_dests(const char *filename, /*
if (strcmp(printer, "lp") == 0)
printer = NULL;
@ -443,7 +444,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
/*
* Read each printer; each line looks like:
@@ -830,28 +1021,22 @@ cups_get_dests(const char *filename, /*
@@ -838,28 +1029,22 @@ cups_get_dests(const char *filename, /*
* Default name[/instance] options
*/
@ -481,7 +482,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
name = lineptr;
@@ -862,9 +1047,6 @@ cups_get_dests(const char *filename, /*
@@ -870,9 +1055,6 @@ cups_get_dests(const char *filename, /*
while (!isspace(*lineptr & 255) && *lineptr && *lineptr != '/')
lineptr ++;
@ -491,7 +492,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
if (*lineptr == '/')
{
/*
@@ -884,30 +1066,49 @@ cups_get_dests(const char *filename, /*
@@ -892,30 +1074,49 @@ cups_get_dests(const char *filename, /*
else
instance = NULL;
@ -554,7 +555,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
}
/*
@@ -918,11 +1119,20 @@ cups_get_dests(const char *filename, /*
@@ -926,11 +1127,20 @@ cups_get_dests(const char *filename, /*
&(dest->options));
/*
@ -576,7 +577,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
for (i = 0; i < num_dests; i ++)
(*dests)[i].is_default = 0;
@@ -934,7 +1144,7 @@ cups_get_dests(const char *filename, /*
@@ -942,7 +1152,7 @@ cups_get_dests(const char *filename, /*
* Close the file and return...
*/
@ -585,7 +586,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
return (num_dests);
}
@@ -946,7 +1156,8 @@ cups_get_dests(const char *filename, /*
@@ -954,7 +1164,8 @@ cups_get_dests(const char *filename, /*
static int /* O - Number of destinations */
cups_get_sdests(http_t *http, /* I - HTTP connection */
@ -595,7 +596,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
int num_dests, /* I - Number of destinations */
cups_dest_t **dests) /* IO - Destinations */
{
@@ -963,8 +1174,9 @@ cups_get_sdests(http_t *http, /* I
@@ -971,8 +1182,9 @@ cups_get_sdests(http_t *http, /* I
const char *info, /* printer-info attribute */
*location, /* printer-location attribute */
*make_model, /* printer-make-and-model attribute */
@ -607,7 +608,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
auth_info_req[1024], /* auth-info-required attribute */
reasons[1024]; /* printer-state-reasons attribute */
int num_options; /* Number of options */
@@ -1008,6 +1220,14 @@ cups_get_sdests(http_t *http, /* I
@@ -1016,6 +1228,14 @@ cups_get_sdests(http_t *http, /* I
ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME,
"requesting-user-name", NULL, cupsUser());
@ -622,7 +623,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
/*
* Do the request and get back a response...
*/
@@ -1030,17 +1250,17 @@ cups_get_sdests(http_t *http, /* I
@@ -1038,17 +1258,17 @@ cups_get_sdests(http_t *http, /* I
* Pull the needed attributes from this printer...
*/
@ -651,7 +652,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
auth_info_req[0] = '\0';
job_sheets[0] = '\0';
@@ -1091,7 +1311,7 @@ cups_get_sdests(http_t *http, /* I
@@ -1099,7 +1319,7 @@ cups_get_sdests(http_t *http, /* I
make_model = attr->values[0].string.text;
else if (!strcmp(attr->name, "printer-name") &&
attr->value_tag == IPP_TAG_NAME)
@ -660,7 +661,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
else if (!strcmp(attr->name, "printer-state") &&
attr->value_tag == IPP_TAG_ENUM)
state = attr->values[0].integer;
@@ -1196,7 +1416,7 @@ cups_get_sdests(http_t *http, /* I
@@ -1204,7 +1424,7 @@ cups_get_sdests(http_t *http, /* I
* See if we have everything needed...
*/
@ -669,7 +670,7 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
{
cupsFreeOptions(num_options, options);
@@ -1206,9 +1426,9 @@ cups_get_sdests(http_t *http, /* I
@@ -1214,9 +1434,9 @@ cups_get_sdests(http_t *http, /* I
continue;
}
@ -681,9 +682,9 @@ diff -up cups-1.3.8/cups/dest.c.getnameddest cups-1.3.8/cups/dest.c
{
dest->num_options = num_options;
dest->options = options;
diff -up cups-1.3.8/cups/libcups.exp.getnameddest cups-1.3.8/cups/libcups.exp
--- cups-1.3.8/cups/libcups.exp.getnameddest 2008-04-09 04:39:40.000000000 +0100
+++ cups-1.3.8/cups/libcups.exp 2008-07-28 16:28:24.000000000 +0100
diff -up cups-1.3.9/cups/libcups.exp.getnameddest cups-1.3.9/cups/libcups.exp
--- cups-1.3.9/cups/libcups.exp.getnameddest 2008-04-09 04:39:40.000000000 +0100
+++ cups-1.3.9/cups/libcups.exp 2008-10-10 09:35:05.000000000 +0100
@@ -114,6 +114,7 @@ _cupsGetFd
_cupsGetFile
_cupsGetJobs
@ -692,9 +693,9 @@ diff -up cups-1.3.8/cups/libcups.exp.getnameddest cups-1.3.8/cups/libcups.exp
_cupsGetOption
_cupsGetPassword
_cupsGetPPD
diff -up cups-1.3.8/cups/Makefile.getnameddest cups-1.3.8/cups/Makefile
--- cups-1.3.8/cups/Makefile.getnameddest 2008-02-20 20:18:33.000000000 +0000
+++ cups-1.3.8/cups/Makefile 2008-07-28 16:28:24.000000000 +0100
diff -up cups-1.3.9/cups/Makefile.getnameddest cups-1.3.9/cups/Makefile
--- cups-1.3.9/cups/Makefile.getnameddest 2008-09-06 01:30:39.000000000 +0100
+++ cups-1.3.9/cups/Makefile 2008-10-10 09:35:05.000000000 +0100
@@ -263,7 +263,7 @@ libcups.so.2 libcups.sl.2: $(LIBOBJS)
# libcups.2.dylib
#
@ -704,9 +705,9 @@ diff -up cups-1.3.8/cups/Makefile.getnameddest cups-1.3.8/cups/Makefile
echo Linking $@...
$(DSO) $(ARCHFLAGS) $(DSOFLAGS) -o $@ \
-install_name $(libdir)/$@ \
diff -up cups-1.3.8/cups/testcups.c.getnameddest cups-1.3.8/cups/testcups.c
--- cups-1.3.8/cups/testcups.c.getnameddest 2008-07-11 23:48:49.000000000 +0100
+++ cups-1.3.8/cups/testcups.c 2008-07-28 16:37:24.000000000 +0100
diff -up cups-1.3.9/cups/testcups.c.getnameddest cups-1.3.9/cups/testcups.c
--- cups-1.3.9/cups/testcups.c.getnameddest 2008-07-11 23:48:49.000000000 +0100
+++ cups-1.3.9/cups/testcups.c 2008-10-10 09:35:05.000000000 +0100
@@ -16,7 +16,8 @@
*
* Contents:
@ -947,9 +948,9 @@ diff -up cups-1.3.8/cups/testcups.c.getnameddest cups-1.3.8/cups/testcups.c
+/*
* End of "$Id: testcups.c 7721 2008-07-11 22:48:49Z mike $".
*/
diff -up cups-1.3.8/systemv/lp.c.getnameddest cups-1.3.8/systemv/lp.c
--- cups-1.3.8/systemv/lp.c.getnameddest 2008-07-11 23:48:49.000000000 +0100
+++ cups-1.3.8/systemv/lp.c 2008-07-28 16:28:24.000000000 +0100
diff -up cups-1.3.9/systemv/lp.c.getnameddest cups-1.3.9/systemv/lp.c
--- cups-1.3.9/systemv/lp.c.getnameddest 2008-07-11 23:48:49.000000000 +0100
+++ cups-1.3.9/systemv/lp.c 2008-10-10 09:35:05.000000000 +0100
@@ -73,9 +73,7 @@ main(int argc, /* I - Number of comm
int num_copies; /* Number of copies per file */
int num_files; /* Number of files to print */

View File

@ -1,146 +0,0 @@
diff -up cups-1.3.8/config.h.in.res_init cups-1.3.8/config.h.in
--- cups-1.3.8/config.h.in.res_init 2008-09-03 15:34:23.000000000 +0100
+++ cups-1.3.8/config.h.in 2008-09-03 15:34:52.000000000 +0100
@@ -365,6 +365,13 @@
/*
+ * Do we have __res_init()?
+ */
+
+#undef HAVE_RES_INIT
+
+
+/*
* Do we have hstrerror()?
*/
diff -up cups-1.3.8/config-scripts/cups-network.m4.res_init cups-1.3.8/config-scripts/cups-network.m4
--- cups-1.3.8/config-scripts/cups-network.m4.res_init 2007-12-19 01:47:57.000000000 +0000
+++ cups-1.3.8/config-scripts/cups-network.m4 2008-09-03 15:34:14.000000000 +0100
@@ -18,6 +18,7 @@ AC_SEARCH_LIBS(gethostbyaddr, nsl)
AC_SEARCH_LIBS(getifaddrs, nsl, AC_DEFINE(HAVE_GETIFADDRS))
AC_SEARCH_LIBS(hstrerror, nsl socket resolv, AC_DEFINE(HAVE_HSTRERROR))
AC_SEARCH_LIBS(rresvport_af, nsl, AC_DEFINE(HAVE_RRESVPORT_AF))
+AC_SEARCH_LIBS(__res_init, resolv bind, AC_DEFINE(HAVE_RES_INIT))
# Tru64 5.1b leaks file descriptors with these functions; disable until
# we can come up with a test for this...
diff -up cups-1.3.8/configure.res_init cups-1.3.8/configure
--- cups-1.3.8/configure.res_init 2008-09-03 15:34:14.000000000 +0100
+++ cups-1.3.8/configure 2008-09-03 15:34:14.000000000 +0100
@@ -12189,6 +12189,92 @@ _ACEOF
fi
+{ echo "$as_me:$LINENO: checking for library containing __res_init" >&5
+echo $ECHO_N "checking for library containing __res_init... $ECHO_C" >&6; }
+if test "${ac_cv_search___res_init+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_func_search_save_LIBS=$LIBS
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char __res_init ();
+int
+main ()
+{
+return __res_init ();
+ ;
+ return 0;
+}
+_ACEOF
+for ac_lib in '' resolv bind; do
+ if test -z "$ac_lib"; then
+ ac_res="none required"
+ else
+ ac_res=-l$ac_lib
+ LIBS="-l$ac_lib $ac_func_search_save_LIBS"
+ fi
+ rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_search___res_init=$ac_res
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext
+ if test "${ac_cv_search___res_init+set}" = set; then
+ break
+fi
+done
+if test "${ac_cv_search___res_init+set}" = set; then
+ :
+else
+ ac_cv_search___res_init=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_search___res_init" >&5
+echo "${ECHO_T}$ac_cv_search___res_init" >&6; }
+ac_res=$ac_cv_search___res_init
+if test "$ac_res" != no; then
+ test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+ cat >>confdefs.h <<\_ACEOF
+#define HAVE_RES_INIT 1
+_ACEOF
+
+fi
+
# Tru64 5.1b leaks file descriptors with these functions; disable until
# we can come up with a test for this...
diff -up cups-1.3.8/scheduler/cups-polld.c.res_init cups-1.3.8/scheduler/cups-polld.c
--- cups-1.3.8/scheduler/cups-polld.c.res_init 2008-01-08 00:16:30.000000000 +0000
+++ cups-1.3.8/scheduler/cups-polld.c 2008-09-03 15:34:14.000000000 +0100
@@ -155,6 +155,18 @@ main(int argc, /* I - Number of comm
restart_polling = 0;
httpClose(http);
+#ifdef HAVE_RES_INIT
+ if (!http)
+ {
+ /*
+ * Reinit the resolver so that it doesn't cache a previous
+ * hostname lookup failure. This fixes the situation where a
+ * network interface becomes available after polling starts.
+ */
+ __res_init ();
+ }
+#endif /* HAVE_RES_INIT */
+
if ((http = httpConnectEncrypt(argv[1], atoi(argv[2]),
cupsEncryption())) == NULL)
{

View File

@ -1,86 +0,0 @@
diff -up cups-1.3.8/scheduler/client.c.str2892 cups-1.3.8/scheduler/client.c
--- cups-1.3.8/scheduler/client.c.str2892 2008-07-11 23:48:49.000000000 +0100
+++ cups-1.3.8/scheduler/client.c 2008-08-03 11:42:35.000000000 +0100
@@ -28,6 +28,7 @@
* cupsdUpdateCGI() - Read status messages from CGI scripts and programs.
* cupsdWriteClient() - Write data to a client as needed.
* check_if_modified() - Decode an "If-Modified-Since" line.
+ * data_ready() - Check whether data is available from a client.
* encrypt_client() - Enable encryption for the client...
* get_cdsa_certificate() - Convert a keychain name into the CFArrayRef
* required by SSLSetCertificate.
@@ -83,6 +84,7 @@ extern const char *cssmErrorString(int e
static int check_if_modified(cupsd_client_t *con,
struct stat *filestats);
+static int data_ready(cupsd_client_t *con);
#ifdef HAVE_SSL
static int encrypt_client(cupsd_client_t *con);
#endif /* HAVE_SSL */
@@ -989,8 +991,7 @@ cupsdReadClient(cupsd_client_t *con) /*
*/
while ((status = httpUpdate(HTTP(con))) == HTTP_CONTINUE)
- if (con->http.used == 0 ||
- !memchr(con->http.buffer, '\n', con->http.used))
+ if (!data_ready(con))
break;
if (status != HTTP_OK && status != HTTP_CONTINUE)
@@ -1889,7 +1890,7 @@ cupsdReadClient(cupsd_client_t *con) /*
}
}
}
- while (con->http.state == HTTP_PUT_RECV && con->http.used > 0);
+ while (con->http.state == HTTP_PUT_RECV && data_ready(con));
if (con->http.state == HTTP_WAITING)
{
@@ -2064,7 +2065,7 @@ cupsdReadClient(cupsd_client_t *con) /*
}
}
}
- while (con->http.state == HTTP_POST_RECV && con->http.used > 0);
+ while (con->http.state == HTTP_POST_RECV && data_ready(con));
if (con->http.state == HTTP_POST_SEND)
{
@@ -2914,6 +2915,38 @@ check_if_modified(
}
+/*
+ * 'data_ready()' - Check whether data is available from a client.
+ */
+
+static int /* O - 1 if data is ready, 0 otherwise */
+data_ready(cupsd_client_t *con) /* I - Client */
+{
+ if (con->http.used > 0)
+ return (1);
+#ifdef HAVE_SSL
+ else if (con->http.tls)
+ {
+# ifdef HAVE_LIBSSL
+ if (SSL_pending((SSL *)(con->http.tls)))
+ return (1);
+# elif defined(HAVE_GNUTLS)
+ if (gnutls_record_check_pending(((http_tls_t *)(con->http.tls))->session))
+ return (1);
+# elif defined(HAVE_CDSASSL)
+ size_t bytes; /* Bytes that are available */
+
+ if (!SSLGetBufferedReadSize(((http_tls_t *)(con->http.tls))->session,
+ &bytes) && bytes > 0)
+ return (1);
+# endif /* HAVE_LIBSSL */
+ }
+#endif /* HAVE_SSL */
+
+ return (0);
+}
+
+
#ifdef HAVE_SSL
/*
* 'encrypt_client()' - Enable encryption for the client...

View File

@ -6,8 +6,8 @@
Summary: Common Unix Printing System
Name: cups
Version: 1.3.8
Release: 6%{?svn:.svn%{svn}}%{?dist}
Version: 1.3.9
Release: 1%{?svn:.svn%{svn}}%{?dist}
License: GPLv2
Group: System Environment/Daemons
Source: ftp://ftp.easysw.com/pub/cups/test//cups-%{version}%{?svn:svn-r%{svn}}-source.tar.bz2
@ -47,10 +47,8 @@ Patch19: cups-strict-ppd-line-length.patch
Patch20: cups-logrotate.patch
Patch21: cups-usb-paperout.patch
Patch22: cups-getnameddest.patch
Patch23: cups-str2892.patch
Patch24: cups-str2101.patch
Patch25: cups-res_init.patch
Patch26: cups-str2536.patch
Patch23: cups-str2101.patch
Patch24: cups-str2536.patch
Patch100: cups-lspp.patch
Epoch: 1
Url: http://www.cups.org/
@ -186,10 +184,8 @@ module.
%patch20 -p1 -b .logrotate
%patch21 -p1 -b .usb-paperout
%patch22 -p1 -b .getnameddest
%patch23 -p1 -b .str2892
%patch24 -p1 -b .str2101
%patch25 -p1 -b .res_init
%patch26 -p1 -b .str2536
%patch23 -p1 -b .str2101
%patch24 -p1 -b .str2536
%if %lspp
%patch100 -p1 -b .lspp
@ -481,6 +477,12 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/php/modules/*.so
%changelog
* Fri Oct 10 2008 Tim Waugh <twaugh@redhat.com> 1:1.3.9-1
- 1.3.9, including fixes for CVE-2008-3639 (STR #2918, bug #464710),
CVE-2008-3640 (STR #2919, bug #464713) and CVE-2008-3641 (STR #2911,
bug #464716).
- No longer need str2892 or res_init patches.
* Wed Sep 10 2008 Tim Waugh <twaugh@redhat.com> 1:1.3.8-6
- Backported patch for FatalErrors configuration directive
(bug #314941, STR #2536).

View File

@ -1,2 +1,2 @@
b0bb017098e8e76b8a25e666c41ce540 postscript.ppd.gz
84e09577d673b212f605dd09caee456c cups-1.3.8-source.tar.bz2
cf63f451c356e6cabb08972d4d11c365 cups-1.3.9-source.tar.bz2