openkylin
/
cups
mirror of https://gitee.com/openkylin/cups.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

New upstream version 2.4.7

This commit is contained in:
kreiserlee 2024-06-11 14:13:39 +08:00
parent a1c2fce7d8
commit b8ef8c2fd0
27 changed files with 495 additions and 602 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
CHANGES.md
View File

@ -1,31 +1,49 @@
CHANGES - OpenPrinting CUPS 2.4.6 - TBA
==============================================
CHANGES - OpenPrinting CUPS 2.4.7 - (2023-09-20)
================================================
Changes in CUPS v2.4.6 - TBA
----------------------------
- Fix linking error on old MacOS (Issue #715)
- Fix printing multiple files on specific printers (Issue #643)
- Fix use-after-free when logging warnings in case of failures
in `cupsdAcceptClient()` (fixes CVE-2023-34241)
Changes in CUPS v2.4.5 - 2023-06-13
Changes in CUPS v2.4.7 (2023-09-20)
-----------------------------------
- Fix corruption of locally saved certificates (Issue #724)
- CVE-2023-4504 - Fixed Heap-based buffer overflow when reading Postscript
in PPD files
- Added OpenSSL support for cupsHashData (Issue #762)
- Fixed delays in lpd backend (Issue #741)
- Fixed extensive logging in scheduler (Issue #604)
- Fixed hanging of `lpstat` on IBM AIX (Issue #773)
- Fixed hanging of `lpstat` on Solaris (Issue #156)
- Fixed printing to stderr if we can't open cups-files.conf (Issue #777)
- Fixed purging job files via `cancel -x` (Issue #742)
- Fixed RFC 1179 port reserving behavior in LPD backend (Issue #743)
- Fixed a bug in the PPD command interpretation code (Issue #768)
Changes in CUPS v2.4.4 - 2023-06-06
Changes in CUPS v2.4.6 (2023-06-22)
-----------------------------------
- Fix segfault in `cupsGetNamedDest()` when trying to get default printer, but
- CVE-2023-34241: Fixed use-after-free when logging warnings in case of failures
in `cupsdAcceptClient()`.
- Fixed linking error on old MacOS (Issue #715)
- Fixed printing multiple files on specific printers (Issue #643)
Changes in CUPS v2.4.5 (2023-06-13)
-----------------------------------
- Fixed corruption of locally saved certificates (Issue #724)
Changes in CUPS v2.4.4 (2023-06-06)
-----------------------------------
- Fixed segfault in `cupsGetNamedDest()` when trying to get default printer, but
the default printer is not set (Issue #719)
Changes in CUPS v2.4.3 (2023-06-01)
-----------------------------------
- CVE-2023-32360: Fixed default policy for CUPS-Get-Document operation
- CVE-2023-32324: Fixed possible heap buffer overflow in `_cups_strlcpy()`.
- Added a title with device uri for found network printers (Issues #402, #393)
- Added new media sizes defined by IANA (Issues #501)
- Added quirk for GoDEX label printers (Issue #440)
@ -41,7 +59,6 @@ Changes in CUPS v2.4.3 (2023-06-01)
(Issue #529)
- Fixed default color settings for CMYK printers as well (Issue #500)
- Fixed duplicate PPD2IPP media-type names (Issue #688)
- Fixed possible heap buffer overflow in `_cups_strlcpy()` (fixes CVE-2023-32324)
- Fixed InputSlot heuristic for photo sizes smaller than 5x7" if there is no
media-source in the request (Issue #569)
- Fixed invalid memory access during generating IPP Everywhere queue

2
README.md
View File

@ -1,4 +1,4 @@
OpenPrinting CUPS v2.4.6
OpenPrinting CUPS v2.4.7
========================
![Version](https://img.shields.io/github/v/release/openprinting/cups?include_prereleases)

18
backend/lpd.c
View File

@ -63,14 +63,14 @@ static int abort_job = 0; /* Non-zero if we get SIGTERM */
#define RESERVE_NONE 0 /* Don't reserve a privileged port */
#define RESERVE_RFC1179 1 /* Reserve port 721-731 */
#define RESERVE_ANY 2 /* Reserve port 1-1023 */
#define RESERVE_ANY 2 /* Reserve port 512-1023 */
/*
* Local functions...
*/
static int cups_rresvport(int *port, int family);
static int cups_rresvport(int *port, int min, int family);
static int lpd_command(int lpd_fd, char *format, ...)
# ifdef __GNUC__
__attribute__ ((__format__ (__printf__, 2, 3)))
@ -552,6 +552,7 @@ main(int argc, /* I - Number of command-line arguments (6 or 7) */
static int /* O - Socket or -1 on error */
cups_rresvport(int *port, /* IO - Port number to bind to */
int min, /* I - Minimim port number use */
int family) /* I - Address family */
{
http_addr_t addr; /* Socket address */
@ -576,7 +577,7 @@ cups_rresvport(int *port, /* IO - Port number to bind to */
* Try to bind the socket to a reserved port...
*/
while (*port > 511)
while (*port >= min)
{
/*
* Set the port number...
@ -775,7 +776,7 @@ lpd_queue(const char *hostname, /* I - Host to connect to */
if (lport < 721 && reserve == RESERVE_RFC1179)
lport = 731;
else if (lport < 1)
else if (lport < 512)
lport = 1023;
#ifdef HAVE_GETEUID
@ -801,11 +802,14 @@ lpd_queue(const char *hostname, /* I - Host to connect to */
else
{
/*
* We're running as root and want to comply with RFC 1179. Reserve a
* privileged lport between 721 and 731...
* We're running as root and want to either:
* a) comply with RFC 1179 and reserve a lport between 721 and 731
* b) just reserve a privileged port between 512 and 1023
*/
if ((fd = cups_rresvport(&lport, addr->addr.addr.sa_family)) < 0)
if ((fd = cups_rresvport(&lport,
reserve == RESERVE_RFC1179 ? 721 : 512,
addr->addr.addr.sa_family)) < 0)
{
perror("DEBUG: Unable to reserve port");
sleep(1);

22
configure vendored
View File

@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.71 for CUPS 2.4.6.
# Generated by GNU Autoconf 2.71 for CUPS 2.4.7.
#
# Report bugs to <https://github.com/openprinting/cups/issues>.
#
@ -610,8 +610,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='CUPS'
PACKAGE_TARNAME='cups'
PACKAGE_VERSION='2.4.6'
PACKAGE_STRING='CUPS 2.4.6'
PACKAGE_VERSION='2.4.7'
PACKAGE_STRING='CUPS 2.4.7'
PACKAGE_BUGREPORT='https://github.com/openprinting/cups/issues'
PACKAGE_URL='https://openprinting.github.io/cups'
@ -1504,7 +1504,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures CUPS 2.4.6 to adapt to many kinds of systems.
\`configure' configures CUPS 2.4.7 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1570,7 +1570,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of CUPS 2.4.6:";;
short | recursive ) echo "Configuration of CUPS 2.4.7:";;
esac
cat <<\_ACEOF
@ -1758,7 +1758,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
CUPS configure 2.4.6
CUPS configure 2.4.7
generated by GNU Autoconf 2.71
Copyright (C) 2021 Free Software Foundation, Inc.
@ -2113,7 +2113,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by CUPS $as_me 2.4.6, which was
It was created by CUPS $as_me 2.4.7, which was
generated by GNU Autoconf 2.71. Invocation command line was
$ $0$ac_configure_args_raw
@ -3244,8 +3244,8 @@ done
ac_config_headers="$ac_config_headers config.h"
CUPS_VERSION="2.4.6"
CUPS_API_VERSION="$(echo 2.4.6 | awk -F. '{print $1 "." $2}')"
CUPS_VERSION="2.4.7"
CUPS_API_VERSION="$(echo 2.4.7 | awk -F. '{print $1 "." $2}')"
CUPS_BUILD="cups-$CUPS_VERSION"
@ -12884,7 +12884,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by CUPS $as_me 2.4.6, which was
This file was extended by CUPS $as_me 2.4.7, which was
generated by GNU Autoconf 2.71. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -12949,7 +12949,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config='$ac_cs_config_escaped'
ac_cs_version="\\
CUPS config.status 2.4.6
CUPS config.status 2.4.7
configured by $0, generated by GNU Autoconf 2.71,
with options \\"\$ac_cs_config\\"

2
configure.ac
View File

@ -13,7 +13,7 @@ dnl We need at least autoconf 2.71...
AC_PREREQ([2.71])
dnl Package name and version...
AC_INIT([CUPS],[2.4.6],[https://github.com/openprinting/cups/issues],[cups],[https://openprinting.github.io/cups])
AC_INIT([CUPS],[2.4.7],[https://github.com/openprinting/cups/issues],[cups],[https://openprinting.github.io/cups])
dnl This line is provided to ensure that you don't run the autoheader program
dnl against this project. Doing so is completely unsupported and WILL cause

4
cups/cups.h
View File

@ -43,10 +43,10 @@ extern "C" {
* Constants...
*/
# define CUPS_VERSION 2.0406
# define CUPS_VERSION 2.0407
# define CUPS_VERSION_MAJOR 2
# define CUPS_VERSION_MINOR 4
# define CUPS_VERSION_PATCH 6
# define CUPS_VERSION_PATCH 7
# define CUPS_BC_FD 3
/* Back-channel file descriptor for

675
cups/hash.c
View File

@ -1,52 +1,59 @@
/*
* Hashing function for CUPS.
*
* Copyright © 2015-2019 by Apple Inc.
*
* Licensed under Apache License v2.0. See the file "LICENSE" for more
* information.
*/
/*
* Include necessary headers...
*/
//
// Hashing functions for CUPS.
//
// Copyright © 2022-2023 by OpenPrinting.
// Copyright © 2015-2019 by Apple Inc.
//
// Licensed under Apache License v2.0. See the file "LICENSE" for more
// information.
//
#include "cups-private.h"
#include "debug-internal.h"
#ifdef __APPLE__
# include <CommonCrypto/CommonDigest.h>
#elif defined(HAVE_GNUTLS)
#include "md5-internal.h"
#ifdef HAVE_OPENSSL
# include <openssl/evp.h>
#else // HAVE_GNUTLS
# include <gnutls/crypto.h>
# include "md5-internal.h"
#elif _WIN32
# include <windows.h>
# include <bcrypt.h>
#else
# include "md5-internal.h"
#endif /* __APPLE__ */
#endif // HAVE_OPENSSL
/*
* 'cupsHashData()' - Perform a hash function on the given data.
*
* The "algorithm" argument can be any of the registered, non-deprecated IPP
* hash algorithms for the "job-password-encryption" attribute, including
* "sha" for SHA-1, "sha-256" for SHA2-256, etc.
*
* The "hash" argument points to a buffer of "hashsize" bytes and should be at
* least 64 bytes in length for all of the supported algorithms.
*
* The returned hash is binary data.
*
* @since CUPS 2.2/macOS 10.12@
*/
//
// Note: While both GNU TLS and OpenSSL offer HMAC functions, they also exclude
// certain hashes depending on the version of library and whatever patches are
// applied by the OS vendor/Linux distribution. Since printers sometimes rely
// on otherwise deprecated/obsolete hash functions for things like PIN printing
// ("job-password"), and since such uses already have poor security regardless
// of the hash function used, it is more important to provide guaranteed
// implementations over some imaginary notion of "guaranteed security"...
//
ssize_t /* O - Size of hash or -1 on error */
cupsHashData(const char *algorithm, /* I - Algorithm name */
const void *data, /* I - Data to hash */
size_t datalen, /* I - Length of data to hash */
unsigned char *hash, /* I - Hash buffer */
size_t hashsize) /* I - Size of hash buffer */
//
// Local functions...
//
static ssize_t hash_data(const char *algorithm, unsigned char *hash, size_t hashsize, const void *a, size_t alen, const void *b, size_t blen);
//
// 'cupsHashData()' - Perform a hash function on the given data.
//
// This function performs a hash function on the given data. The "algorithm"
// argument can be any of the registered, non-deprecated IPP hash algorithms for
// the "job-password-encryption" attribute, including "sha" for SHA-1,
// "sha2-256" for SHA2-256, etc.
//
// The "hash" argument points to a buffer of "hashsize" bytes and should be at
// least 64 bytes in length for all of the supported algorithms.
//
// The returned hash is binary data.
//
ssize_t // O - Size of hash or -1 on error
cupsHashData(const char *algorithm, // I - Algorithm name
const void *data, // I - Data to hash
size_t datalen, // I - Length of data to hash
unsigned char *hash, // I - Hash buffer
size_t hashsize) // I - Size of hash buffer
{
if (!algorithm || !data || datalen == 0 || !hash || hashsize == 0)
{
@ -54,367 +61,29 @@ cupsHashData(const char *algorithm, /* I - Algorithm name */
return (-1);
}
#ifdef __APPLE__
if (!strcmp(algorithm, "md5"))
{
/*
* MD5 (deprecated but widely used...)
*/
CC_MD5_CTX ctx; /* MD5 context */
if (hashsize < CC_MD5_DIGEST_LENGTH)
goto too_small;
CC_MD5_Init(&ctx);
CC_MD5_Update(&ctx, data, (CC_LONG)datalen);
CC_MD5_Final(hash, &ctx);
return (CC_MD5_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha"))
{
/*
* SHA-1...
*/
CC_SHA1_CTX ctx; /* SHA-1 context */
if (hashsize < CC_SHA1_DIGEST_LENGTH)
goto too_small;
CC_SHA1_Init(&ctx);
CC_SHA1_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA1_Final(hash, &ctx);
return (CC_SHA1_DIGEST_LENGTH);
}
# ifdef CC_SHA224_DIGEST_LENGTH
else if (!strcmp(algorithm, "sha2-224"))
{
CC_SHA256_CTX ctx; /* SHA-224 context */
if (hashsize < CC_SHA224_DIGEST_LENGTH)
goto too_small;
CC_SHA224_Init(&ctx);
CC_SHA224_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA224_Final(hash, &ctx);
return (CC_SHA224_DIGEST_LENGTH);
}
# endif /* CC_SHA224_DIGEST_LENGTH */
else if (!strcmp(algorithm, "sha2-256"))
{
CC_SHA256_CTX ctx; /* SHA-256 context */
if (hashsize < CC_SHA256_DIGEST_LENGTH)
goto too_small;
CC_SHA256_Init(&ctx);
CC_SHA256_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA256_Final(hash, &ctx);
return (CC_SHA256_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-384"))
{
CC_SHA512_CTX ctx; /* SHA-384 context */
if (hashsize < CC_SHA384_DIGEST_LENGTH)
goto too_small;
CC_SHA384_Init(&ctx);
CC_SHA384_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA384_Final(hash, &ctx);
return (CC_SHA384_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-512"))
{
CC_SHA512_CTX ctx; /* SHA-512 context */
if (hashsize < CC_SHA512_DIGEST_LENGTH)
goto too_small;
CC_SHA512_Init(&ctx);
CC_SHA512_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA512_Final(hash, &ctx);
return (CC_SHA512_DIGEST_LENGTH);
}
# ifdef CC_SHA224_DIGEST_LENGTH
else if (!strcmp(algorithm, "sha2-512_224"))
{
CC_SHA512_CTX ctx; /* SHA-512 context */
unsigned char temp[CC_SHA512_DIGEST_LENGTH];
/* SHA-512 hash */
/*
* SHA2-512 truncated to 224 bits (28 bytes)...
*/
if (hashsize < CC_SHA224_DIGEST_LENGTH)
goto too_small;
CC_SHA512_Init(&ctx);
CC_SHA512_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA512_Final(temp, &ctx);
memcpy(hash, temp, CC_SHA224_DIGEST_LENGTH);
return (CC_SHA224_DIGEST_LENGTH);
}
# endif /* CC_SHA224_DIGEST_LENGTH */
else if (!strcmp(algorithm, "sha2-512_256"))
{
CC_SHA512_CTX ctx; /* SHA-512 context */
unsigned char temp[CC_SHA512_DIGEST_LENGTH];
/* SHA-512 hash */
/*
* SHA2-512 truncated to 256 bits (32 bytes)...
*/
if (hashsize < CC_SHA256_DIGEST_LENGTH)
goto too_small;
CC_SHA512_Init(&ctx);
CC_SHA512_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA512_Final(temp, &ctx);
memcpy(hash, temp, CC_SHA256_DIGEST_LENGTH);
return (CC_SHA256_DIGEST_LENGTH);
}
#elif defined(HAVE_GNUTLS)
gnutls_digest_algorithm_t alg = GNUTLS_DIG_UNKNOWN;
/* Algorithm */
unsigned char temp[64]; /* Temporary hash buffer */
size_t tempsize = 0; /* Truncate to this size? */
if (!strcmp(algorithm, "md5"))
{
/*
* Some versions of GNU TLS disable MD5 without warning...
*/
_cups_md5_state_t state; /* MD5 state info */
if (hashsize < 16)
goto too_small;
_cupsMD5Init(&state);
_cupsMD5Append(&state, data, (int)datalen);
_cupsMD5Finish(&state, hash);
return (16);
}
else if (!strcmp(algorithm, "sha"))
alg = GNUTLS_DIG_SHA1;
else if (!strcmp(algorithm, "sha2-224"))
alg = GNUTLS_DIG_SHA224;
else if (!strcmp(algorithm, "sha2-256"))
alg = GNUTLS_DIG_SHA256;
else if (!strcmp(algorithm, "sha2-384"))
alg = GNUTLS_DIG_SHA384;
else if (!strcmp(algorithm, "sha2-512"))
alg = GNUTLS_DIG_SHA512;
else if (!strcmp(algorithm, "sha2-512_224"))
{
alg = GNUTLS_DIG_SHA512;
tempsize = 28;
}
else if (!strcmp(algorithm, "sha2-512_256"))
{
alg = GNUTLS_DIG_SHA512;
tempsize = 32;
}
if (alg != GNUTLS_DIG_UNKNOWN)
{
if (tempsize > 0)
{
/*
* Truncate result to tempsize bytes...
*/
if (hashsize < tempsize)
goto too_small;
gnutls_hash_fast(alg, data, datalen, temp);
memcpy(hash, temp, tempsize);
return ((ssize_t)tempsize);
}
if (hashsize < gnutls_hash_get_len(alg))
goto too_small;
gnutls_hash_fast(alg, data, datalen, hash);
return ((ssize_t)gnutls_hash_get_len(alg));
}
#elif _WIN32
// Use Windows CNG APIs to perform hashing...
BCRYPT_ALG_HANDLE alg; // Algorithm handle
LPCWSTR algid = NULL; // Algorithm ID
ssize_t hashlen; // Hash length
NTSTATUS status; // Status of hash
unsigned char temp[64]; // Temporary hash buffer
size_t tempsize = 0; // Truncate to this size?
if (!strcmp(algorithm, "md5"))
{
algid = BCRYPT_MD5_ALGORITHM;
hashlen = 16;
}
else if (!strcmp(algorithm, "sha"))
{
algid = BCRYPT_SHA1_ALGORITHM;
hashlen = 20;
}
else if (!strcmp(algorithm, "sha2-256"))
{
algid = BCRYPT_SHA256_ALGORITHM;
hashlen = 32;
}
else if (!strcmp(algorithm, "sha2-384"))
{
algid = BCRYPT_SHA384_ALGORITHM;
hashlen = 48;
}
else if (!strcmp(algorithm, "sha2-512"))
{
algid = BCRYPT_SHA512_ALGORITHM;
hashlen = 64;
}
else if (!strcmp(algorithm, "sha2-512_224"))
{
algid = BCRYPT_SHA512_ALGORITHM;
hashlen = tempsize = 28;
}
else if (!strcmp(algorithm, "sha2-512_256"))
{
algid = BCRYPT_SHA512_ALGORITHM;
hashlen = tempsize = 32;
}
if (algid)
{
if (hashsize < (size_t)hashlen)
goto too_small;
if ((status = BCryptOpenAlgorithmProvider(&alg, algid, NULL, 0)) < 0)
{
DEBUG_printf(("2cupsHashData: BCryptOpenAlgorithmProvider returned %d.", status));
if (status == STATUS_INVALID_PARAMETER)
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Bad algorithm parameter."), 1);
else
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Unable to access cryptographic provider."), 1);
return (-1);
}
if (tempsize > 0)
{
// Do a truncated SHA2-512 hash...
status = BCryptHash(alg, NULL, 0, (PUCHAR)data, (ULONG)datalen, temp, sizeof(temp));
memcpy(hash, temp, hashlen);
}
else
{
// Hash directly to buffer...
status = BCryptHash(alg, NULL, 0, (PUCHAR)data, (ULONG)datalen, hash, (ULONG)hashlen);
}
BCryptCloseAlgorithmProvider(alg, 0);
if (status < 0)
{
DEBUG_printf(("2cupsHashData: BCryptHash returned %d.", status));
if (status == STATUS_INVALID_PARAMETER)
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Bad hashing parameter."), 1);
else
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Hashing failed."), 1);
return (-1);
}
return (hashlen);
}
#else
/*
* No hash support beyond MD5 without CommonCrypto, GNU TLS, or CNG...
*/
if (!strcmp(algorithm, "md5"))
{
_cups_md5_state_t state; /* MD5 state info */
if (hashsize < 16)
goto too_small;
_cupsMD5Init(&state);
_cupsMD5Append(&state, data, datalen);
_cupsMD5Finish(&state, hash);
return (16);
}
else if (hashsize < 64)
goto too_small;
#endif /* __APPLE__ */
/*
* Unknown hash algorithm...
*/
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Unknown hash algorithm."), 1);
return (-1);
/*
* We get here if the buffer is too small.
*/
too_small:
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Hash buffer too small."), 1);
return (-1);
return (hash_data(algorithm, hash, hashsize, data, datalen, NULL, 0));
}
/*
* 'cupsHashString()' - Format a hash value as a hexadecimal string.
*
* The passed buffer must be at least 2 * hashsize + 1 characters in length.
*
* @since CUPS 2.2.7@
*/
//
// 'cupsHashString()' - Format a hash value as a hexadecimal string.
//
// The passed buffer must be at least 2 * hashsize + 1 characters in length.
//
const char * /* O - Formatted string */
const char * // O - Formatted string
cupsHashString(
const unsigned char *hash, /* I - Hash */
size_t hashsize, /* I - Size of hash */
char *buffer, /* I - String buffer */
size_t bufsize) /* I - Size of string buffer */
const unsigned char *hash, // I - Hash
size_t hashsize, // I - Size of hash
char *buffer, // I - String buffer
size_t bufsize) // I - Size of string buffer
{
char *bufptr = buffer; /* Pointer into buffer */
char *bufptr = buffer; // Pointer into buffer
static const char *hex = "0123456789abcdef";
/* Hex characters (lowercase!) */
// Hex characters (lowercase!)
/*
* Range check input...
*/
// Range check input...
if (!hash || hashsize < 1 || !buffer || bufsize < (2 * hashsize + 1))
{
if (buffer)
@ -422,10 +91,7 @@ cupsHashString(
return (NULL);
}
/*
* Loop until we've converted the whole hash...
*/
// Loop until we've converted the whole hash...
while (hashsize > 0)
{
*bufptr++ = hex[*hash >> 4];
@ -439,3 +105,214 @@ cupsHashString(
return (buffer);
}
//
// 'cupsHMACData()' - Perform a HMAC function on the given data.
//
// This function performs a HMAC function on the given data with the given key.
// The "algorithm" argument can be any of the registered, non-deprecated IPP
// hash algorithms for the "job-password-encryption" attribute, including
// "sha" for SHA-1, "sha2-256" for SHA2-256, etc.
//
// The "hmac" argument points to a buffer of "hmacsize" bytes and should be at
// least 64 bytes in length for all of the supported algorithms.
//
// The returned HMAC is binary data.
//
ssize_t // O - The length of the HMAC or `-1` on error
cupsHMACData(
const char *algorithm, // I - Hash algorithm
const unsigned char *key, // I - Key
size_t keylen, // I - Length of key
const void *data, // I - Data to hash
size_t datalen, // I - Length of data to hash
unsigned char *hmac, // I - HMAC buffer
size_t hmacsize) // I - Size of HMAC buffer
{
size_t i, // Looping var
b; // Block size
unsigned char buffer[128], // Intermediate buffer
hash[128], // Hash buffer
hkey[128]; // Hashed key buffer
ssize_t hashlen; // Length of hash
// Range check input...
if (!algorithm || !key || keylen == 0 || !data || datalen == 0 || !hmac || hmacsize < 32)
return (-1);
// Determine the block size...
if (!strcmp(algorithm, "sha2-384") || !strncmp(algorithm, "sha2-512", 8))
b = 128;
else
b = 64;
// If the key length is larger than the block size, hash it and use that
// instead...
if (keylen > b)
{
if ((hashlen = hash_data(algorithm, hkey, sizeof(hkey), key, keylen, NULL, 0)) < 0)
return (-1);
key = hkey;
keylen = (size_t)hashlen;
}
// HMAC = H(K' ^ opad, H(K' ^ ipad, data))
// K' = Klen > b ? H(K) : K, padded with 0's
// opad = 0x5c, ipad = 0x36
for (i = 0; i < b && i < keylen; i ++)
buffer[i] = key[i] ^ 0x36;
for (; i < b; i ++)
buffer[i] = 0x36;
if ((hashlen = hash_data(algorithm, hash, sizeof(hash), buffer, b, data, datalen)) < 0)
return (-1);
for (i = 0; i < b && i < keylen; i ++)
buffer[i] = key[i] ^ 0x5c;
for (; i < b; i ++)
buffer[i] = 0x5c;
return (hash_data(algorithm, hmac, hmacsize, buffer, b, hash, (size_t)hashlen));
}
//
// 'hash_data()' - Hash up to two blocks of data.
//
static ssize_t // O - Size of hash or `-1` on error
hash_data(const char *algorithm, // I - Algorithm
unsigned char *hash, // I - Hash buffer
size_t hashsize, // I - Size of hash buffer
const void *a, // I - First block
size_t alen, // I - Length of first block
const void *b, // I - Second block or `NULL` for none
size_t blen) // I - Length of second block or `0` for none
{
unsigned hashlen; // Length of hash
unsigned char hashtemp[64]; // Temporary hash buffer
#ifdef HAVE_OPENSSL
const EVP_MD *md = NULL; // Message digest implementation
EVP_MD_CTX *ctx; // Context
#else // HAVE_GNUTLS
gnutls_digest_algorithm_t alg = GNUTLS_DIG_UNKNOWN;
// Algorithm
gnutls_hash_hd_t ctx; // Context
#endif // HAVE_OPENSSL
if (!strcmp(algorithm, "md5"))
{
// Some versions of GNU TLS and OpenSSL disable MD5 without warning...
_cups_md5_state_t state; // MD5 state info
if (hashsize < 16)
goto too_small;
_cupsMD5Init(&state);
_cupsMD5Append(&state, a, (int)alen);
if (b && blen)
_cupsMD5Append(&state, b, (int)blen);
_cupsMD5Finish(&state, hash);
return (16);
}
#ifdef HAVE_OPENSSL
if (!strcmp(algorithm, "sha"))
{
// SHA-1
md = EVP_sha1();
}
else if (!strcmp(algorithm, "sha2-224"))
{
md = EVP_sha224();
}
else if (!strcmp(algorithm, "sha2-256"))
{
md = EVP_sha256();
}
else if (!strcmp(algorithm, "sha2-384"))
{
md = EVP_sha384();
}
else if (!strcmp(algorithm, "sha2-512"))
{
md = EVP_sha512();
}
if (md)
{
ctx = EVP_MD_CTX_new();
EVP_DigestInit(ctx, md);
EVP_DigestUpdate(ctx, a, alen);
if (b && blen)
EVP_DigestUpdate(ctx, b, blen);
EVP_DigestFinal(ctx, hashtemp, &hashlen);
if (hashlen > hashsize)
goto too_small;
memcpy(hash, hashtemp, hashlen);
return ((ssize_t)hashlen);
}
#else // HAVE_GNUTLS
if (!strcmp(algorithm, "sha"))
{
// SHA-1
alg = GNUTLS_DIG_SHA1;
}
else if (!strcmp(algorithm, "sha2-224"))
{
alg = GNUTLS_DIG_SHA224;
}
else if (!strcmp(algorithm, "sha2-256"))
{
alg = GNUTLS_DIG_SHA256;
}
else if (!strcmp(algorithm, "sha2-384"))
{
alg = GNUTLS_DIG_SHA384;
}
else if (!strcmp(algorithm, "sha2-512"))
{
alg = GNUTLS_DIG_SHA512;
}
if (alg != GNUTLS_DIG_UNKNOWN)
{
hashlen = gnutls_hash_get_len(alg);
if (hashlen > hashsize)
goto too_small;
gnutls_hash_init(&ctx, alg);
gnutls_hash(ctx, a, alen);
if (b && blen)
gnutls_hash(ctx, b, blen);
gnutls_hash_deinit(ctx, hashtemp);
memcpy(hash, hashtemp, hashlen);
return ((ssize_t)hashlen);
}
#endif // HAVE_OPENSSL
// Unknown hash algorithm...
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Unknown hash algorithm."), 1);
return (-1);
// We get here if the buffer is too small.
too_small:
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Hash buffer too small."), 1);
return (-1);
}

29
cups/http-addrlist.c
View File

@ -318,6 +318,23 @@ httpAddrConnect2(
{
# ifdef HAVE_POLL
DEBUG_printf(("pfds[%d].revents=%x\n", i, pfds[i].revents));
# ifdef __sun
// Solaris connect runs asynchronously returning EINPROGRESS. Following
// poll() does not detect the socket is not connected and returns
// POLLIN|POLLOUT. Check the connection status and update error flag.
int sres, serr;
socklen_t slen = sizeof(serr);
sres = getsockopt(fds[i], SOL_SOCKET, SO_ERROR, &serr, &slen);
if (sres || serr)
{
pfds[i].revents |= POLLERR;
# ifdef DEBUG
DEBUG_printf(("1httpAddrConnect2: getsockopt returned: %d with error: %s", sres, strerror(serr)));
# endif
}
# endif // __sun
if (pfds[i].revents && !(pfds[i].revents & (POLLERR | POLLHUP)))
# else
if (FD_ISSET(fds[i], &input_set) && !FD_ISSET(fds[i], &error_set))
@ -340,18 +357,6 @@ httpAddrConnect2(
else if (FD_ISSET(fds[i], &error_set))
# endif /* HAVE_POLL */
{
# ifdef __sun
// Solaris incorrectly returns errors when you poll() a socket that is
// still connecting. This check prevents us from removing the socket
// from the pool if the "error" is EINPROGRESS...
int sockerr; // Current error on socket
socklen_t socklen = sizeof(sockerr);
// Size of error variable
if (!getsockopt(fds[i], SOL_SOCKET, SO_ERROR, &sockerr, &socklen) && (!sockerr || sockerr == EINPROGRESS))
continue; // Not an error
# endif // __sun
/*
* Error on socket, remove from the "pool"...
*/

179
cups/md5.c
View File

@ -1,9 +1,10 @@
/*
* Private MD5 implementation for CUPS.
*
* Copyright 2007-2017 by Apple Inc.
* Copyright 2005 by Easy Software Products
* Copyright (C) 1999 Aladdin Enterprises. All rights reserved.
* Copyright © 2023 by OpenPrinting.
* Copyright © 2007-2017 by Apple Inc.
* Copyright © 2005 by Easy Software Products
* Copyright © 1999 Aladdin Enterprises. All rights reserved.
*
* This software is provided 'as-is', without any express or implied
* warranty. In no event will the authors be held liable for any damages
@ -43,71 +44,70 @@
#include "md5-internal.h"
#include "string-private.h"
#if !defined(__APPLE__)
# define T1 0xd76aa478
# define T2 0xe8c7b756
# define T3 0x242070db
# define T4 0xc1bdceee
# define T5 0xf57c0faf
# define T6 0x4787c62a
# define T7 0xa8304613
# define T8 0xfd469501
# define T9 0x698098d8
# define T10 0x8b44f7af
# define T11 0xffff5bb1
# define T12 0x895cd7be
# define T13 0x6b901122
# define T14 0xfd987193
# define T15 0xa679438e
# define T16 0x49b40821
# define T17 0xf61e2562
# define T18 0xc040b340
# define T19 0x265e5a51
# define T20 0xe9b6c7aa
# define T21 0xd62f105d
# define T22 0x02441453
# define T23 0xd8a1e681
# define T24 0xe7d3fbc8
# define T25 0x21e1cde6
# define T26 0xc33707d6
# define T27 0xf4d50d87
# define T28 0x455a14ed
# define T29 0xa9e3e905
# define T30 0xfcefa3f8
# define T31 0x676f02d9
# define T32 0x8d2a4c8a
# define T33 0xfffa3942
# define T34 0x8771f681
# define T35 0x6d9d6122
# define T36 0xfde5380c
# define T37 0xa4beea44
# define T38 0x4bdecfa9
# define T39 0xf6bb4b60
# define T40 0xbebfbc70
# define T41 0x289b7ec6
# define T42 0xeaa127fa
# define T43 0xd4ef3085
# define T44 0x04881d05
# define T45 0xd9d4d039
# define T46 0xe6db99e5
# define T47 0x1fa27cf8
# define T48 0xc4ac5665
# define T49 0xf4292244
# define T50 0x432aff97
# define T51 0xab9423a7
# define T52 0xfc93a039
# define T53 0x655b59c3
# define T54 0x8f0ccc92
# define T55 0xffeff47d
# define T56 0x85845dd1
# define T57 0x6fa87e4f
# define T58 0xfe2ce6e0
# define T59 0xa3014314
# define T60 0x4e0811a1
# define T61 0xf7537e82
# define T62 0xbd3af235
# define T63 0x2ad7d2bb
# define T64 0xeb86d391
#define T1 0xd76aa478
#define T2 0xe8c7b756
#define T3 0x242070db
#define T4 0xc1bdceee
#define T5 0xf57c0faf
#define T6 0x4787c62a
#define T7 0xa8304613
#define T8 0xfd469501
#define T9 0x698098d8
#define T10 0x8b44f7af
#define T11 0xffff5bb1
#define T12 0x895cd7be
#define T13 0x6b901122
#define T14 0xfd987193
#define T15 0xa679438e
#define T16 0x49b40821
#define T17 0xf61e2562
#define T18 0xc040b340
#define T19 0x265e5a51
#define T20 0xe9b6c7aa
#define T21 0xd62f105d
#define T22 0x02441453
#define T23 0xd8a1e681
#define T24 0xe7d3fbc8
#define T25 0x21e1cde6
#define T26 0xc33707d6
#define T27 0xf4d50d87
#define T28 0x455a14ed
#define T29 0xa9e3e905
#define T30 0xfcefa3f8
#define T31 0x676f02d9
#define T32 0x8d2a4c8a
#define T33 0xfffa3942
#define T34 0x8771f681
#define T35 0x6d9d6122
#define T36 0xfde5380c
#define T37 0xa4beea44
#define T38 0x4bdecfa9
#define T39 0xf6bb4b60
#define T40 0xbebfbc70
#define T41 0x289b7ec6
#define T42 0xeaa127fa
#define T43 0xd4ef3085
#define T44 0x04881d05
#define T45 0xd9d4d039
#define T46 0xe6db99e5
#define T47 0x1fa27cf8
#define T48 0xc4ac5665
#define T49 0xf4292244
#define T50 0x432aff97
#define T51 0xab9423a7
#define T52 0xfc93a039
#define T53 0x655b59c3
#define T54 0x8f0ccc92
#define T55 0xffeff47d
#define T56 0x85845dd1
#define T57 0x6fa87e4f
#define T58 0xfe2ce6e0
#define T59 0xa3014314
#define T60 0x4e0811a1
#define T61 0xf7537e82
#define T62 0xbd3af235
#define T63 0x2ad7d2bb
#define T64 0xeb86d391
static void
_cups_md5_process(_cups_md5_state_t *pms, const unsigned char *data /*[64]*/)
@ -117,10 +117,10 @@ _cups_md5_process(_cups_md5_state_t *pms, const unsigned char *data /*[64]*/)
c = pms->abcd[2], d = pms->abcd[3];
unsigned int t;
# ifndef ARCH_IS_BIG_ENDIAN
# define ARCH_IS_BIG_ENDIAN 1 /* slower, default implementation */
# endif
# if ARCH_IS_BIG_ENDIAN
#ifndef ARCH_IS_BIG_ENDIAN
# define ARCH_IS_BIG_ENDIAN 1 /* slower, default implementation */
#endif
#if ARCH_IS_BIG_ENDIAN
/*
* On big-endian machines, we must arrange the bytes in the right
@ -131,10 +131,10 @@ _cups_md5_process(_cups_md5_state_t *pms, const unsigned char *data /*[64]*/)
int i;
for (i = 0; i < 16; ++i, xp += 4)
X[i] = (unsigned)xp[0] | ((unsigned)xp[1] << 8) |
((unsigned)xp[2] << 16) | ((unsigned)xp[3] << 24);
X[i] = (unsigned)xp[0] + ((unsigned)xp[1] << 8) +
((unsigned)xp[2] << 16) + ((unsigned)xp[3] << 24);
# else /* !ARCH_IS_BIG_ENDIAN */
#else /* !ARCH_IS_BIG_ENDIAN */
/*
* On little-endian machines, we can process properly aligned data
@ -151,15 +151,15 @@ _cups_md5_process(_cups_md5_state_t *pms, const unsigned char *data /*[64]*/)
memcpy(xbuf, data, 64);
X = xbuf;
}
# endif
#endif
# define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32 - (n))))
#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32 - (n))))
/* Round 1. */
/* Let [abcd k s i] denote the operation
a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s). */
# define F(x, y, z) (((x) & (y)) | (~(x) & (z)))
# define SET(a, b, c, d, k, s, Ti)\
#define F(x, y, z) (((x) & (y)) | (~(x) & (z)))
#define SET(a, b, c, d, k, s, Ti)\
t = a + F(b,c,d) + X[k] + Ti;\
a = ROTATE_LEFT(t, s) + b
/* Do the following 16 operations. */
@ -179,13 +179,13 @@ _cups_md5_process(_cups_md5_state_t *pms, const unsigned char *data /*[64]*/)
SET(d, a, b, c, 13, 12, T14);
SET(c, d, a, b, 14, 17, T15);
SET(b, c, d, a, 15, 22, T16);
# undef SET
#undef SET
/* Round 2. */
/* Let [abcd k s i] denote the operation
a = b + ((a + G(b,c,d) + X[k] + T[i]) <<< s). */
# define G(x, y, z) (((x) & (z)) | ((y) & ~(z)))
# define SET(a, b, c, d, k, s, Ti)\
#define G(x, y, z) (((x) & (z)) | ((y) & ~(z)))
#define SET(a, b, c, d, k, s, Ti)\
t = a + G(b,c,d) + X[k] + Ti;\
a = ROTATE_LEFT(t, s) + b
/* Do the following 16 operations. */
@ -205,13 +205,13 @@ _cups_md5_process(_cups_md5_state_t *pms, const unsigned char *data /*[64]*/)
SET(d, a, b, c, 2, 9, T30);
SET(c, d, a, b, 7, 14, T31);
SET(b, c, d, a, 12, 20, T32);
# undef SET
#undef SET
/* Round 3. */
/* Let [abcd k s t] denote the operation
a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s). */
# define H(x, y, z) ((x) ^ (y) ^ (z))
# define SET(a, b, c, d, k, s, Ti)\
#define H(x, y, z) ((x) ^ (y) ^ (z))
#define SET(a, b, c, d, k, s, Ti)\
t = a + H(b,c,d) + X[k] + Ti;\
a = ROTATE_LEFT(t, s) + b
/* Do the following 16 operations. */
@ -231,13 +231,13 @@ _cups_md5_process(_cups_md5_state_t *pms, const unsigned char *data /*[64]*/)
SET(d, a, b, c, 12, 11, T46);
SET(c, d, a, b, 15, 16, T47);
SET(b, c, d, a, 2, 23, T48);
# undef SET
#undef SET
/* Round 4. */
/* Let [abcd k s t] denote the operation
a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s). */
# define I(x, y, z) ((y) ^ ((x) | ~(z)))
# define SET(a, b, c, d, k, s, Ti)\
#define I(x, y, z) ((y) ^ ((x) | ~(z)))
#define SET(a, b, c, d, k, s, Ti)\
t = a + I(b,c,d) + X[k] + Ti;\
a = ROTATE_LEFT(t, s) + b
/* Do the following 16 operations. */
@ -257,7 +257,7 @@ _cups_md5_process(_cups_md5_state_t *pms, const unsigned char *data /*[64]*/)
SET(d, a, b, c, 11, 10, T62);
SET(c, d, a, b, 2, 15, T63);
SET(b, c, d, a, 9, 21, T64);
# undef SET
#undef SET
/* Then perform the following additions. (That is increment each
of the four registers by the value it had before this block
@ -338,4 +338,3 @@ _cupsMD5Finish(_cups_md5_state_t *pms, unsigned char digest[16])
for (i = 0; i < 16; ++i)
digest[i] = (unsigned char)(pms->abcd[i >> 2] >> ((i & 3) << 3));
}
#endif /* !__APPLE__ */

19
cups/raster-interpret.c
View File

@ -727,7 +727,10 @@ copy_stack(_cups_ps_stack_t *st, /* I - Stack */
while (c > 0)
{
if (!push_stack(st, st->objs + n))
_cups_ps_obj_t temp; /* Temporary copy of object */
temp = st->objs[n];
if (!push_stack(st, &temp))
return (-1);
n ++;
@ -1113,7 +1116,19 @@ scan_ps(_cups_ps_stack_t *st, /* I - Stack */
cur ++;
if (*cur == 'b')
/*
* Return NULL if we reached NULL terminator, a lone backslash
* is not a valid character in PostScript.
*/
if (!*cur)
{
*ptr = NULL;
return (NULL);
}
if (*cur == 'b')
*valptr++ = '\b';
else if (*cur == 'f')
*valptr++ = '\f';

6
cups/request.c
View File

@ -25,9 +25,11 @@
#ifndef O_BINARY
# define O_BINARY 0
#endif /* O_BINARY */
#ifndef MSG_DONTWAIT
#ifdef _AIX
# define MSG_DONTWAIT MSG_NONBLOCK
#elif !defined(MSG_DONTWAIT)
# define MSG_DONTWAIT 0
#endif /* !MSG_DONTWAIT */
#endif /* _AIX */
/*

29
cups/tls-openssl.c
View File

@ -1462,38 +1462,13 @@ static time_t // O - UNIX time in seconds
http_get_date(X509 *cert, // I - Certificate
int which) // I - 0 for notBefore, 1 for notAfter
{
unsigned char *expiration; // Expiration date of cert
struct tm exptm; // Expiration date components
if (which)
ASN1_STRING_to_UTF8(&expiration, X509_get0_notAfter(cert));
ASN1_TIME_to_tm(X509_get0_notAfter(cert), &exptm);
else
ASN1_STRING_to_UTF8(&expiration, X509_get0_notBefore(cert));
memset(&exptm, 0, sizeof(exptm));
if (strlen((char *)expiration) > 13)
{
// 4-digit year
exptm.tm_year = (expiration[0] - '0') * 1000 + (expiration[1] - '0') * 100 + (expiration[2] - '0') * 10 + expiration[3] - '0' - 1900;
exptm.tm_mon = (expiration[4] - '0') * 10 + expiration[5] - '0' - 1;
exptm.tm_mday = (expiration[6] - '0') * 10 + expiration[7] - '0';
exptm.tm_hour = (expiration[8] - '0') * 10 + expiration[9] - '0';
exptm.tm_min = (expiration[10] - '0') * 10 + expiration[11] - '0';
exptm.tm_sec = (expiration[12] - '0') * 10 + expiration[13] - '0';
}
else
{
// 2-digit year
exptm.tm_year = 100 + (expiration[0] - '0') * 10 + expiration[1] - '0';
exptm.tm_mon = (expiration[2] - '0') * 10 + expiration[3] - '0' - 1;
exptm.tm_mday = (expiration[4] - '0') * 10 + expiration[5] - '0';
exptm.tm_hour = (expiration[6] - '0') * 10 + expiration[7] - '0';
exptm.tm_min = (expiration[8] - '0') * 10 + expiration[9] - '0';
exptm.tm_sec = (expiration[10] - '0') * 10 + expiration[11] - '0';
}
OPENSSL_free(expiration);
ASN1_TIME_to_tm(X509_get0_notBefore(cert), &exptm);
return (mktime(&exptm));
}

4
packaging/cups.spec
View File

@ -41,12 +41,12 @@
Summary: CUPS
Name: cups
Version: 2.4.6
Version: 2.4.7
Release: 0
Epoch: 1
License: GPL
Group: System Environment/Daemons
Source: https://github.com/openprinting/cups/releases/download/v2.4.6/cups-2.4.6-source.tar.gz
Source: https://github.com/openprinting/cups/releases/download/v2.4.7/cups-2.4.7-source.tar.gz
Url: https://openprinting.github.io/cups
Packager: Anonymous <anonymous@example.com>
Vendor: OpenPrinting

6
scheduler/conf.c
View File

@ -811,11 +811,7 @@ cupsdReadConfiguration(void)
cupsdLogMessage(CUPSD_LOG_INFO, "No %s, using defaults.", CupsFilesFile);
else
{
#ifdef HAVE_SYSTEMD_SD_JOURNAL_H
sd_journal_print(LOG_ERR, "Unable to open \"%s\" - %s", CupsFilesFile, strerror(errno));
#else
syslog(LOG_LPR, "Unable to open \"%s\" - %s", CupsFilesFile, strerror(errno));
#endif /* HAVE_SYSTEMD_SD_JOURNAL_H */
fprintf(stderr, "Unable to read \"%s\" - %s\n", CupsFilesFile, strerror(errno));
return (0);
}

4
scheduler/job.c
View File

@ -443,12 +443,12 @@ cupsdCleanJobs(void)
job;
job = (cupsd_job_t *)cupsArrayNext(Jobs))
{
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCleanJobs: Job %d, state=%d, printer=%p, history_time=%d, file_time=%d", job->id, (int)job->state_value, (void *)job->printer, (int)job->history_time, (int)job->file_time);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCleanJobs: Job %d, state=%d, printer=%p, history_time=%d, file_time=%d, num_files=%d", job->id, (int)job->state_value, (void *)job->printer, (int)job->history_time, (int)job->file_time, (int)job->num_files);
if ((job->history_time && job->history_time < JobHistoryUpdate) || !JobHistoryUpdate)
JobHistoryUpdate = job->history_time;
if ((job->file_time && job->file_time < JobHistoryUpdate) || !JobHistoryUpdate)
if (job->num_files > 0 && ((job->file_time && job->file_time < JobHistoryUpdate) || !JobHistoryUpdate))
JobHistoryUpdate = job->file_time;
if (job->state_value >= IPP_JOB_CANCELED && !job->printer)

3
scheduler/log.c
View File

@ -22,6 +22,9 @@
# include <systemd/sd-journal.h>
#endif /* HAVE_ASL_H */
#include <syslog.h>
#ifndef va_copy
# define va_copy(__list1, __list2) ((void)(__list1 = __list2))
#endif
/*

4
vcnet/config.h
View File

@ -100,8 +100,8 @@ typedef unsigned long useconds_t;
* Version of software...
*/
#define CUPS_SVERSION "CUPS v2.4.6"
#define CUPS_MINIMAL "CUPS/2.4.6"
#define CUPS_SVERSION "CUPS v2.4.7"
#define CUPS_MINIMAL "CUPS/2.4.7"
/*

4
vcnet/cupstestppd.vcxproj
View File

@ -61,7 +61,7 @@
</Midl>
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>..;..\vcnet;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>..;..\vcnet;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
@ -83,7 +83,7 @@
<TargetEnvironment>X64</TargetEnvironment>
</Midl>
<ClCompile>
<AdditionalIncludeDirectories>..;..\vcnet;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>..;..\vcnet;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<PrecompiledHeader />

4
vcnet/ippeveprinter.vcxproj
View File

@ -61,7 +61,7 @@
</Midl>
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>false</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
@ -84,7 +84,7 @@
<TargetEnvironment>X64</TargetEnvironment>
</Midl>
<ClCompile>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<PrecompiledHeader />

4
vcnet/ippfind.vcxproj
View File

@ -61,7 +61,7 @@
</Midl>
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
@ -84,7 +84,7 @@
<TargetEnvironment>X64</TargetEnvironment>
</Midl>
<ClCompile>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<PrecompiledHeader />

4
vcnet/ipptool.vcxproj
View File

@ -61,7 +61,7 @@
</Midl>
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
@ -83,7 +83,7 @@
<TargetEnvironment>X64</TargetEnvironment>
</Midl>
<ClCompile>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<PrecompiledHeader />

8
vcnet/libcups2.vcxproj
View File

@ -62,7 +62,7 @@
</Midl>
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>DEBUG;_DEBUG;_WINDOWS;_USRDLL;LIBCUPS2_EXPORTS;_CRT_SECURE_NO_DEPRECATE;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@ -72,7 +72,7 @@
<DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
</ClCompile>
<Link>
<AdditionalDependencies>packages\libressl_native.3.5.3.2\build\native\lib\x64\Release\ssl.lib;packages\libressl_native.3.5.3.2\build\native\lib\x64\Release\crypto.lib;bcrypt.lib;ws2_32.lib;advapi32.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies>packages\libressl_native.3.7.3\build\native\lib\x64\Release\ssl.lib;packages\libressl_native.3.7.3\build\native\lib\x64\Release\crypto.lib;bcrypt.lib;ws2_32.lib;advapi32.lib;%(AdditionalDependencies)</AdditionalDependencies>
<OutputFile>$(OutDir)libcups2.dll</OutputFile>
<ModuleDefinitionFile>..\cups\libcups2.def</ModuleDefinitionFile>
<GenerateDebugInformation>true</GenerateDebugInformation>
@ -88,7 +88,7 @@
</Midl>
<ClCompile>
<Optimization>MinSpace</Optimization>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>DEBUG;NDEBUG;_WINDOWS;_USRDLL;LIBCUPS2_EXPORTS;_CRT_SECURE_NO_DEPRECATE;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<PrecompiledHeader />
@ -96,7 +96,7 @@
<DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
</ClCompile>
<Link>
<AdditionalDependencies>packages\libressl_native.3.5.3.2\build\native\lib\x64\Release\ssl.lib;packages\libressl_native.3.5.3.2\build\native\lib\x64\Release\crypto.lib;bcrypt.lib;ws2_32.lib;advapi32.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies>packages\libressl_native.3.7.3\build\native\lib\x64\Release\ssl.lib;packages\libressl_native.3.7.3\build\native\lib\x64\Release\crypto.lib;bcrypt.lib;ws2_32.lib;advapi32.lib;%(AdditionalDependencies)</AdditionalDependencies>
<OutputFile>$(OutDir)libcups2.dll</OutputFile>
<ModuleDefinitionFile>..\cups\libcups2.def</ModuleDefinitionFile>
<GenerateDebugInformation>true</GenerateDebugInformation>

4
vcnet/libcups2_native.nuspec
View File

@ -3,7 +3,7 @@
<metadata>
<id>libcups2_native</id>
<title>OpenPrinting CUPS Library for VS2019+</title>
<version>2.4.6.0</version>
<version>2.4.7.0</version>
<authors>Michael R Sweet, OpenPrinting</authors>
<owners>michaelrsweet</owners>
<projectUrl>https://github.com/OpenPrinting/cups</projectUrl>
@ -16,7 +16,7 @@ and other Unix®-like operating systems. The CUPS library provides a convenient
<copyright>Copyright © 2020-2023 by OpenPrinting, Copyright © 2007-2019 by Apple Inc., Copyright © 1997-2007 by Easy Software Products.</copyright>
<tags>http ipp native</tags>
<dependencies>
<dependency id="libcups2_native.redist" version="2.4.6.0" />
<dependency id="libcups2_native.redist" version="2.4.7.0" />
</dependencies>
</metadata>
<files>

2
vcnet/libcups2_native.redist.nuspec
View File

@ -3,7 +3,7 @@
<metadata>
<id>libcups2_native.redist</id>
<title>OpenPrinting CUPS Library for VS2019+ Redist</title>
<version>2.4.6.0</version>
<version>2.4.7.0</version>
<authors>Michael R Sweet, OpenPrinting</authors>
<owners>michaelrsweet</owners>
<projectUrl>https://github.com/OpenPrinting/cups</projectUrl>

4
vcnet/packages.config
View File

@ -1,7 +1,7 @@
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="libressl_native" version="3.5.3.2" targetFramework="native" />
<package id="libressl_native.redist" version="3.5.3.2" targetFramework="native" />
<package id="libressl_native" version="3.7.3.0" targetFramework="native" />
<package id="libressl_native.redist" version="3.7.3.0" targetFramework="native" />
<package id="zlib_native" version="1.2.11" targetFramework="native" />
<package id="zlib_native.redist" version="1.2.11" targetFramework="native" />
</packages>

4
vcnet/testhttp.vcxproj
View File

@ -58,7 +58,7 @@
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>..\vcnet;..;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>..\vcnet;..;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
@ -79,7 +79,7 @@
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<AdditionalIncludeDirectories>..\vcnet;..;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>..\vcnet;..;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<PrecompiledHeader>

4
xcode/config.h
View File

@ -19,8 +19,8 @@
* Version of software...
*/
#define CUPS_SVERSION "CUPS v2.4.6"
#define CUPS_MINIMAL "CUPS/2.4.6"
#define CUPS_SVERSION "CUPS v2.4.7"
#define CUPS_MINIMAL "CUPS/2.4.7"
/*