mirror of https://gitee.com/openkylin/cups.git
New upstream version 2.4.7
This commit is contained in:
parent
a1c2fce7d8
commit
b8ef8c2fd0
49
CHANGES.md
49
CHANGES.md
|
@ -1,31 +1,49 @@
|
|||
CHANGES - OpenPrinting CUPS 2.4.6 - TBA
|
||||
==============================================
|
||||
CHANGES - OpenPrinting CUPS 2.4.7 - (2023-09-20)
|
||||
================================================
|
||||
|
||||
Changes in CUPS v2.4.6 - TBA
|
||||
----------------------------
|
||||
|
||||
- Fix linking error on old MacOS (Issue #715)
|
||||
- Fix printing multiple files on specific printers (Issue #643)
|
||||
- Fix use-after-free when logging warnings in case of failures
|
||||
in `cupsdAcceptClient()` (fixes CVE-2023-34241)
|
||||
|
||||
|
||||
Changes in CUPS v2.4.5 - 2023-06-13
|
||||
Changes in CUPS v2.4.7 (2023-09-20)
|
||||
-----------------------------------
|
||||
|
||||
- Fix corruption of locally saved certificates (Issue #724)
|
||||
- CVE-2023-4504 - Fixed Heap-based buffer overflow when reading Postscript
|
||||
in PPD files
|
||||
- Added OpenSSL support for cupsHashData (Issue #762)
|
||||
- Fixed delays in lpd backend (Issue #741)
|
||||
- Fixed extensive logging in scheduler (Issue #604)
|
||||
- Fixed hanging of `lpstat` on IBM AIX (Issue #773)
|
||||
- Fixed hanging of `lpstat` on Solaris (Issue #156)
|
||||
- Fixed printing to stderr if we can't open cups-files.conf (Issue #777)
|
||||
- Fixed purging job files via `cancel -x` (Issue #742)
|
||||
- Fixed RFC 1179 port reserving behavior in LPD backend (Issue #743)
|
||||
- Fixed a bug in the PPD command interpretation code (Issue #768)
|
||||
|
||||
|
||||
Changes in CUPS v2.4.4 - 2023-06-06
|
||||
Changes in CUPS v2.4.6 (2023-06-22)
|
||||
-----------------------------------
|
||||
|
||||
- Fix segfault in `cupsGetNamedDest()` when trying to get default printer, but
|
||||
- CVE-2023-34241: Fixed use-after-free when logging warnings in case of failures
|
||||
in `cupsdAcceptClient()`.
|
||||
- Fixed linking error on old MacOS (Issue #715)
|
||||
- Fixed printing multiple files on specific printers (Issue #643)
|
||||
|
||||
|
||||
Changes in CUPS v2.4.5 (2023-06-13)
|
||||
-----------------------------------
|
||||
|
||||
- Fixed corruption of locally saved certificates (Issue #724)
|
||||
|
||||
|
||||
Changes in CUPS v2.4.4 (2023-06-06)
|
||||
-----------------------------------
|
||||
|
||||
- Fixed segfault in `cupsGetNamedDest()` when trying to get default printer, but
|
||||
the default printer is not set (Issue #719)
|
||||
|
||||
|
||||
Changes in CUPS v2.4.3 (2023-06-01)
|
||||
-----------------------------------
|
||||
|
||||
- CVE-2023-32360: Fixed default policy for CUPS-Get-Document operation
|
||||
- CVE-2023-32324: Fixed possible heap buffer overflow in `_cups_strlcpy()`.
|
||||
- Added a title with device uri for found network printers (Issues #402, #393)
|
||||
- Added new media sizes defined by IANA (Issues #501)
|
||||
- Added quirk for GoDEX label printers (Issue #440)
|
||||
|
@ -41,7 +59,6 @@ Changes in CUPS v2.4.3 (2023-06-01)
|
|||
(Issue #529)
|
||||
- Fixed default color settings for CMYK printers as well (Issue #500)
|
||||
- Fixed duplicate PPD2IPP media-type names (Issue #688)
|
||||
- Fixed possible heap buffer overflow in `_cups_strlcpy()` (fixes CVE-2023-32324)
|
||||
- Fixed InputSlot heuristic for photo sizes smaller than 5x7" if there is no
|
||||
media-source in the request (Issue #569)
|
||||
- Fixed invalid memory access during generating IPP Everywhere queue
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
OpenPrinting CUPS v2.4.6
|
||||
OpenPrinting CUPS v2.4.7
|
||||
========================
|
||||
|
||||
![Version](https://img.shields.io/github/v/release/openprinting/cups?include_prereleases)
|
||||
|
|
|
@ -63,14 +63,14 @@ static int abort_job = 0; /* Non-zero if we get SIGTERM */
|
|||
|
||||
#define RESERVE_NONE 0 /* Don't reserve a privileged port */
|
||||
#define RESERVE_RFC1179 1 /* Reserve port 721-731 */
|
||||
#define RESERVE_ANY 2 /* Reserve port 1-1023 */
|
||||
#define RESERVE_ANY 2 /* Reserve port 512-1023 */
|
||||
|
||||
|
||||
/*
|
||||
* Local functions...
|
||||
*/
|
||||
|
||||
static int cups_rresvport(int *port, int family);
|
||||
static int cups_rresvport(int *port, int min, int family);
|
||||
static int lpd_command(int lpd_fd, char *format, ...)
|
||||
# ifdef __GNUC__
|
||||
__attribute__ ((__format__ (__printf__, 2, 3)))
|
||||
|
@ -552,6 +552,7 @@ main(int argc, /* I - Number of command-line arguments (6 or 7) */
|
|||
|
||||
static int /* O - Socket or -1 on error */
|
||||
cups_rresvport(int *port, /* IO - Port number to bind to */
|
||||
int min, /* I - Minimim port number use */
|
||||
int family) /* I - Address family */
|
||||
{
|
||||
http_addr_t addr; /* Socket address */
|
||||
|
@ -576,7 +577,7 @@ cups_rresvport(int *port, /* IO - Port number to bind to */
|
|||
* Try to bind the socket to a reserved port...
|
||||
*/
|
||||
|
||||
while (*port > 511)
|
||||
while (*port >= min)
|
||||
{
|
||||
/*
|
||||
* Set the port number...
|
||||
|
@ -775,7 +776,7 @@ lpd_queue(const char *hostname, /* I - Host to connect to */
|
|||
|
||||
if (lport < 721 && reserve == RESERVE_RFC1179)
|
||||
lport = 731;
|
||||
else if (lport < 1)
|
||||
else if (lport < 512)
|
||||
lport = 1023;
|
||||
|
||||
#ifdef HAVE_GETEUID
|
||||
|
@ -801,11 +802,14 @@ lpd_queue(const char *hostname, /* I - Host to connect to */
|
|||
else
|
||||
{
|
||||
/*
|
||||
* We're running as root and want to comply with RFC 1179. Reserve a
|
||||
* privileged lport between 721 and 731...
|
||||
* We're running as root and want to either:
|
||||
* a) comply with RFC 1179 and reserve a lport between 721 and 731
|
||||
* b) just reserve a privileged port between 512 and 1023
|
||||
*/
|
||||
|
||||
if ((fd = cups_rresvport(&lport, addr->addr.addr.sa_family)) < 0)
|
||||
if ((fd = cups_rresvport(&lport,
|
||||
reserve == RESERVE_RFC1179 ? 721 : 512,
|
||||
addr->addr.addr.sa_family)) < 0)
|
||||
{
|
||||
perror("DEBUG: Unable to reserve port");
|
||||
sleep(1);
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#! /bin/sh
|
||||
# Guess values for system-dependent variables and create Makefiles.
|
||||
# Generated by GNU Autoconf 2.71 for CUPS 2.4.6.
|
||||
# Generated by GNU Autoconf 2.71 for CUPS 2.4.7.
|
||||
#
|
||||
# Report bugs to <https://github.com/openprinting/cups/issues>.
|
||||
#
|
||||
|
@ -610,8 +610,8 @@ MAKEFLAGS=
|
|||
# Identity of this package.
|
||||
PACKAGE_NAME='CUPS'
|
||||
PACKAGE_TARNAME='cups'
|
||||
PACKAGE_VERSION='2.4.6'
|
||||
PACKAGE_STRING='CUPS 2.4.6'
|
||||
PACKAGE_VERSION='2.4.7'
|
||||
PACKAGE_STRING='CUPS 2.4.7'
|
||||
PACKAGE_BUGREPORT='https://github.com/openprinting/cups/issues'
|
||||
PACKAGE_URL='https://openprinting.github.io/cups'
|
||||
|
||||
|
@ -1504,7 +1504,7 @@ if test "$ac_init_help" = "long"; then
|
|||
# Omit some internal or obsolete options to make the list less imposing.
|
||||
# This message is too long to be a string in the A/UX 3.1 sh.
|
||||
cat <<_ACEOF
|
||||
\`configure' configures CUPS 2.4.6 to adapt to many kinds of systems.
|
||||
\`configure' configures CUPS 2.4.7 to adapt to many kinds of systems.
|
||||
|
||||
Usage: $0 [OPTION]... [VAR=VALUE]...
|
||||
|
||||
|
@ -1570,7 +1570,7 @@ fi
|
|||
|
||||
if test -n "$ac_init_help"; then
|
||||
case $ac_init_help in
|
||||
short | recursive ) echo "Configuration of CUPS 2.4.6:";;
|
||||
short | recursive ) echo "Configuration of CUPS 2.4.7:";;
|
||||
esac
|
||||
cat <<\_ACEOF
|
||||
|
||||
|
@ -1758,7 +1758,7 @@ fi
|
|||
test -n "$ac_init_help" && exit $ac_status
|
||||
if $ac_init_version; then
|
||||
cat <<\_ACEOF
|
||||
CUPS configure 2.4.6
|
||||
CUPS configure 2.4.7
|
||||
generated by GNU Autoconf 2.71
|
||||
|
||||
Copyright (C) 2021 Free Software Foundation, Inc.
|
||||
|
@ -2113,7 +2113,7 @@ cat >config.log <<_ACEOF
|
|||
This file contains any messages produced by compilers while
|
||||
running configure, to aid debugging if configure makes a mistake.
|
||||
|
||||
It was created by CUPS $as_me 2.4.6, which was
|
||||
It was created by CUPS $as_me 2.4.7, which was
|
||||
generated by GNU Autoconf 2.71. Invocation command line was
|
||||
|
||||
$ $0$ac_configure_args_raw
|
||||
|
@ -3244,8 +3244,8 @@ done
|
|||
ac_config_headers="$ac_config_headers config.h"
|
||||
|
||||
|
||||
CUPS_VERSION="2.4.6"
|
||||
CUPS_API_VERSION="$(echo 2.4.6 | awk -F. '{print $1 "." $2}')"
|
||||
CUPS_VERSION="2.4.7"
|
||||
CUPS_API_VERSION="$(echo 2.4.7 | awk -F. '{print $1 "." $2}')"
|
||||
CUPS_BUILD="cups-$CUPS_VERSION"
|
||||
|
||||
|
||||
|
@ -12884,7 +12884,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
|
|||
# report actual input values of CONFIG_FILES etc. instead of their
|
||||
# values after options handling.
|
||||
ac_log="
|
||||
This file was extended by CUPS $as_me 2.4.6, which was
|
||||
This file was extended by CUPS $as_me 2.4.7, which was
|
||||
generated by GNU Autoconf 2.71. Invocation command line was
|
||||
|
||||
CONFIG_FILES = $CONFIG_FILES
|
||||
|
@ -12949,7 +12949,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\
|
|||
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
||||
ac_cs_config='$ac_cs_config_escaped'
|
||||
ac_cs_version="\\
|
||||
CUPS config.status 2.4.6
|
||||
CUPS config.status 2.4.7
|
||||
configured by $0, generated by GNU Autoconf 2.71,
|
||||
with options \\"\$ac_cs_config\\"
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ dnl We need at least autoconf 2.71...
|
|||
AC_PREREQ([2.71])
|
||||
|
||||
dnl Package name and version...
|
||||
AC_INIT([CUPS],[2.4.6],[https://github.com/openprinting/cups/issues],[cups],[https://openprinting.github.io/cups])
|
||||
AC_INIT([CUPS],[2.4.7],[https://github.com/openprinting/cups/issues],[cups],[https://openprinting.github.io/cups])
|
||||
|
||||
dnl This line is provided to ensure that you don't run the autoheader program
|
||||
dnl against this project. Doing so is completely unsupported and WILL cause
|
||||
|
|
|
@ -43,10 +43,10 @@ extern "C" {
|
|||
* Constants...
|
||||
*/
|
||||
|
||||
# define CUPS_VERSION 2.0406
|
||||
# define CUPS_VERSION 2.0407
|
||||
# define CUPS_VERSION_MAJOR 2
|
||||
# define CUPS_VERSION_MINOR 4
|
||||
# define CUPS_VERSION_PATCH 6
|
||||
# define CUPS_VERSION_PATCH 7
|
||||
|
||||
# define CUPS_BC_FD 3
|
||||
/* Back-channel file descriptor for
|
||||
|
|
675
cups/hash.c
675
cups/hash.c
|
@ -1,52 +1,59 @@
|
|||
/*
|
||||
* Hashing function for CUPS.
|
||||
*
|
||||
* Copyright © 2015-2019 by Apple Inc.
|
||||
*
|
||||
* Licensed under Apache License v2.0. See the file "LICENSE" for more
|
||||
* information.
|
||||
*/
|
||||
|
||||
/*
|
||||
* Include necessary headers...
|
||||
*/
|
||||
//
|
||||
// Hashing functions for CUPS.
|
||||
//
|
||||
// Copyright © 2022-2023 by OpenPrinting.
|
||||
// Copyright © 2015-2019 by Apple Inc.
|
||||
//
|
||||
// Licensed under Apache License v2.0. See the file "LICENSE" for more
|
||||
// information.
|
||||
//
|
||||
|
||||
#include "cups-private.h"
|
||||
#include "debug-internal.h"
|
||||
#ifdef __APPLE__
|
||||
# include <CommonCrypto/CommonDigest.h>
|
||||
#elif defined(HAVE_GNUTLS)
|
||||
#include "md5-internal.h"
|
||||
#ifdef HAVE_OPENSSL
|
||||
# include <openssl/evp.h>
|
||||
#else // HAVE_GNUTLS
|
||||
# include <gnutls/crypto.h>
|
||||
# include "md5-internal.h"
|
||||
#elif _WIN32
|
||||
# include <windows.h>
|
||||
# include <bcrypt.h>
|
||||
#else
|
||||
# include "md5-internal.h"
|
||||
#endif /* __APPLE__ */
|
||||
#endif // HAVE_OPENSSL
|
||||
|
||||
|
||||
/*
|
||||
* 'cupsHashData()' - Perform a hash function on the given data.
|
||||
*
|
||||
* The "algorithm" argument can be any of the registered, non-deprecated IPP
|
||||
* hash algorithms for the "job-password-encryption" attribute, including
|
||||
* "sha" for SHA-1, "sha-256" for SHA2-256, etc.
|
||||
*
|
||||
* The "hash" argument points to a buffer of "hashsize" bytes and should be at
|
||||
* least 64 bytes in length for all of the supported algorithms.
|
||||
*
|
||||
* The returned hash is binary data.
|
||||
*
|
||||
* @since CUPS 2.2/macOS 10.12@
|
||||
*/
|
||||
//
|
||||
// Note: While both GNU TLS and OpenSSL offer HMAC functions, they also exclude
|
||||
// certain hashes depending on the version of library and whatever patches are
|
||||
// applied by the OS vendor/Linux distribution. Since printers sometimes rely
|
||||
// on otherwise deprecated/obsolete hash functions for things like PIN printing
|
||||
// ("job-password"), and since such uses already have poor security regardless
|
||||
// of the hash function used, it is more important to provide guaranteed
|
||||
// implementations over some imaginary notion of "guaranteed security"...
|
||||
//
|
||||
|
||||
ssize_t /* O - Size of hash or -1 on error */
|
||||
cupsHashData(const char *algorithm, /* I - Algorithm name */
|
||||
const void *data, /* I - Data to hash */
|
||||
size_t datalen, /* I - Length of data to hash */
|
||||
unsigned char *hash, /* I - Hash buffer */
|
||||
size_t hashsize) /* I - Size of hash buffer */
|
||||
//
|
||||
// Local functions...
|
||||
//
|
||||
|
||||
static ssize_t hash_data(const char *algorithm, unsigned char *hash, size_t hashsize, const void *a, size_t alen, const void *b, size_t blen);
|
||||
|
||||
|
||||
//
|
||||
// 'cupsHashData()' - Perform a hash function on the given data.
|
||||
//
|
||||
// This function performs a hash function on the given data. The "algorithm"
|
||||
// argument can be any of the registered, non-deprecated IPP hash algorithms for
|
||||
// the "job-password-encryption" attribute, including "sha" for SHA-1,
|
||||
// "sha2-256" for SHA2-256, etc.
|
||||
//
|
||||
// The "hash" argument points to a buffer of "hashsize" bytes and should be at
|
||||
// least 64 bytes in length for all of the supported algorithms.
|
||||
//
|
||||
// The returned hash is binary data.
|
||||
//
|
||||
|
||||
ssize_t // O - Size of hash or -1 on error
|
||||
cupsHashData(const char *algorithm, // I - Algorithm name
|
||||
const void *data, // I - Data to hash
|
||||
size_t datalen, // I - Length of data to hash
|
||||
unsigned char *hash, // I - Hash buffer
|
||||
size_t hashsize) // I - Size of hash buffer
|
||||
{
|
||||
if (!algorithm || !data || datalen == 0 || !hash || hashsize == 0)
|
||||
{
|
||||
|
@ -54,367 +61,29 @@ cupsHashData(const char *algorithm, /* I - Algorithm name */
|
|||
return (-1);
|
||||
}
|
||||
|
||||
#ifdef __APPLE__
|
||||
if (!strcmp(algorithm, "md5"))
|
||||
{
|
||||
/*
|
||||
* MD5 (deprecated but widely used...)
|
||||
*/
|
||||
|
||||
CC_MD5_CTX ctx; /* MD5 context */
|
||||
|
||||
if (hashsize < CC_MD5_DIGEST_LENGTH)
|
||||
goto too_small;
|
||||
|
||||
CC_MD5_Init(&ctx);
|
||||
CC_MD5_Update(&ctx, data, (CC_LONG)datalen);
|
||||
CC_MD5_Final(hash, &ctx);
|
||||
|
||||
return (CC_MD5_DIGEST_LENGTH);
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha"))
|
||||
{
|
||||
/*
|
||||
* SHA-1...
|
||||
*/
|
||||
|
||||
CC_SHA1_CTX ctx; /* SHA-1 context */
|
||||
|
||||
if (hashsize < CC_SHA1_DIGEST_LENGTH)
|
||||
goto too_small;
|
||||
|
||||
CC_SHA1_Init(&ctx);
|
||||
CC_SHA1_Update(&ctx, data, (CC_LONG)datalen);
|
||||
CC_SHA1_Final(hash, &ctx);
|
||||
|
||||
return (CC_SHA1_DIGEST_LENGTH);
|
||||
}
|
||||
# ifdef CC_SHA224_DIGEST_LENGTH
|
||||
else if (!strcmp(algorithm, "sha2-224"))
|
||||
{
|
||||
CC_SHA256_CTX ctx; /* SHA-224 context */
|
||||
|
||||
if (hashsize < CC_SHA224_DIGEST_LENGTH)
|
||||
goto too_small;
|
||||
|
||||
CC_SHA224_Init(&ctx);
|
||||
CC_SHA224_Update(&ctx, data, (CC_LONG)datalen);
|
||||
CC_SHA224_Final(hash, &ctx);
|
||||
|
||||
return (CC_SHA224_DIGEST_LENGTH);
|
||||
}
|
||||
# endif /* CC_SHA224_DIGEST_LENGTH */
|
||||
else if (!strcmp(algorithm, "sha2-256"))
|
||||
{
|
||||
CC_SHA256_CTX ctx; /* SHA-256 context */
|
||||
|
||||
if (hashsize < CC_SHA256_DIGEST_LENGTH)
|
||||
goto too_small;
|
||||
|
||||
CC_SHA256_Init(&ctx);
|
||||
CC_SHA256_Update(&ctx, data, (CC_LONG)datalen);
|
||||
CC_SHA256_Final(hash, &ctx);
|
||||
|
||||
return (CC_SHA256_DIGEST_LENGTH);
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-384"))
|
||||
{
|
||||
CC_SHA512_CTX ctx; /* SHA-384 context */
|
||||
|
||||
if (hashsize < CC_SHA384_DIGEST_LENGTH)
|
||||
goto too_small;
|
||||
|
||||
CC_SHA384_Init(&ctx);
|
||||
CC_SHA384_Update(&ctx, data, (CC_LONG)datalen);
|
||||
CC_SHA384_Final(hash, &ctx);
|
||||
|
||||
return (CC_SHA384_DIGEST_LENGTH);
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-512"))
|
||||
{
|
||||
CC_SHA512_CTX ctx; /* SHA-512 context */
|
||||
|
||||
if (hashsize < CC_SHA512_DIGEST_LENGTH)
|
||||
goto too_small;
|
||||
|
||||
CC_SHA512_Init(&ctx);
|
||||
CC_SHA512_Update(&ctx, data, (CC_LONG)datalen);
|
||||
CC_SHA512_Final(hash, &ctx);
|
||||
|
||||
return (CC_SHA512_DIGEST_LENGTH);
|
||||
}
|
||||
# ifdef CC_SHA224_DIGEST_LENGTH
|
||||
else if (!strcmp(algorithm, "sha2-512_224"))
|
||||
{
|
||||
CC_SHA512_CTX ctx; /* SHA-512 context */
|
||||
unsigned char temp[CC_SHA512_DIGEST_LENGTH];
|
||||
/* SHA-512 hash */
|
||||
|
||||
/*
|
||||
* SHA2-512 truncated to 224 bits (28 bytes)...
|
||||
*/
|
||||
|
||||
if (hashsize < CC_SHA224_DIGEST_LENGTH)
|
||||
goto too_small;
|
||||
|
||||
CC_SHA512_Init(&ctx);
|
||||
CC_SHA512_Update(&ctx, data, (CC_LONG)datalen);
|
||||
CC_SHA512_Final(temp, &ctx);
|
||||
|
||||
memcpy(hash, temp, CC_SHA224_DIGEST_LENGTH);
|
||||
|
||||
return (CC_SHA224_DIGEST_LENGTH);
|
||||
}
|
||||
# endif /* CC_SHA224_DIGEST_LENGTH */
|
||||
else if (!strcmp(algorithm, "sha2-512_256"))
|
||||
{
|
||||
CC_SHA512_CTX ctx; /* SHA-512 context */
|
||||
unsigned char temp[CC_SHA512_DIGEST_LENGTH];
|
||||
/* SHA-512 hash */
|
||||
|
||||
/*
|
||||
* SHA2-512 truncated to 256 bits (32 bytes)...
|
||||
*/
|
||||
|
||||
if (hashsize < CC_SHA256_DIGEST_LENGTH)
|
||||
goto too_small;
|
||||
|
||||
CC_SHA512_Init(&ctx);
|
||||
CC_SHA512_Update(&ctx, data, (CC_LONG)datalen);
|
||||
CC_SHA512_Final(temp, &ctx);
|
||||
|
||||
memcpy(hash, temp, CC_SHA256_DIGEST_LENGTH);
|
||||
|
||||
return (CC_SHA256_DIGEST_LENGTH);
|
||||
}
|
||||
|
||||
#elif defined(HAVE_GNUTLS)
|
||||
gnutls_digest_algorithm_t alg = GNUTLS_DIG_UNKNOWN;
|
||||
/* Algorithm */
|
||||
unsigned char temp[64]; /* Temporary hash buffer */
|
||||
size_t tempsize = 0; /* Truncate to this size? */
|
||||
|
||||
|
||||
if (!strcmp(algorithm, "md5"))
|
||||
{
|
||||
/*
|
||||
* Some versions of GNU TLS disable MD5 without warning...
|
||||
*/
|
||||
|
||||
_cups_md5_state_t state; /* MD5 state info */
|
||||
|
||||
if (hashsize < 16)
|
||||
goto too_small;
|
||||
|
||||
_cupsMD5Init(&state);
|
||||
_cupsMD5Append(&state, data, (int)datalen);
|
||||
_cupsMD5Finish(&state, hash);
|
||||
|
||||
return (16);
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha"))
|
||||
alg = GNUTLS_DIG_SHA1;
|
||||
else if (!strcmp(algorithm, "sha2-224"))
|
||||
alg = GNUTLS_DIG_SHA224;
|
||||
else if (!strcmp(algorithm, "sha2-256"))
|
||||
alg = GNUTLS_DIG_SHA256;
|
||||
else if (!strcmp(algorithm, "sha2-384"))
|
||||
alg = GNUTLS_DIG_SHA384;
|
||||
else if (!strcmp(algorithm, "sha2-512"))
|
||||
alg = GNUTLS_DIG_SHA512;
|
||||
else if (!strcmp(algorithm, "sha2-512_224"))
|
||||
{
|
||||
alg = GNUTLS_DIG_SHA512;
|
||||
tempsize = 28;
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-512_256"))
|
||||
{
|
||||
alg = GNUTLS_DIG_SHA512;
|
||||
tempsize = 32;
|
||||
}
|
||||
|
||||
if (alg != GNUTLS_DIG_UNKNOWN)
|
||||
{
|
||||
if (tempsize > 0)
|
||||
{
|
||||
/*
|
||||
* Truncate result to tempsize bytes...
|
||||
*/
|
||||
|
||||
if (hashsize < tempsize)
|
||||
goto too_small;
|
||||
|
||||
gnutls_hash_fast(alg, data, datalen, temp);
|
||||
memcpy(hash, temp, tempsize);
|
||||
|
||||
return ((ssize_t)tempsize);
|
||||
}
|
||||
|
||||
if (hashsize < gnutls_hash_get_len(alg))
|
||||
goto too_small;
|
||||
|
||||
gnutls_hash_fast(alg, data, datalen, hash);
|
||||
|
||||
return ((ssize_t)gnutls_hash_get_len(alg));
|
||||
}
|
||||
|
||||
#elif _WIN32
|
||||
// Use Windows CNG APIs to perform hashing...
|
||||
BCRYPT_ALG_HANDLE alg; // Algorithm handle
|
||||
LPCWSTR algid = NULL; // Algorithm ID
|
||||
ssize_t hashlen; // Hash length
|
||||
NTSTATUS status; // Status of hash
|
||||
unsigned char temp[64]; // Temporary hash buffer
|
||||
size_t tempsize = 0; // Truncate to this size?
|
||||
|
||||
|
||||
if (!strcmp(algorithm, "md5"))
|
||||
{
|
||||
algid = BCRYPT_MD5_ALGORITHM;
|
||||
hashlen = 16;
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha"))
|
||||
{
|
||||
algid = BCRYPT_SHA1_ALGORITHM;
|
||||
hashlen = 20;
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-256"))
|
||||
{
|
||||
algid = BCRYPT_SHA256_ALGORITHM;
|
||||
hashlen = 32;
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-384"))
|
||||
{
|
||||
algid = BCRYPT_SHA384_ALGORITHM;
|
||||
hashlen = 48;
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-512"))
|
||||
{
|
||||
algid = BCRYPT_SHA512_ALGORITHM;
|
||||
hashlen = 64;
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-512_224"))
|
||||
{
|
||||
algid = BCRYPT_SHA512_ALGORITHM;
|
||||
hashlen = tempsize = 28;
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-512_256"))
|
||||
{
|
||||
algid = BCRYPT_SHA512_ALGORITHM;
|
||||
hashlen = tempsize = 32;
|
||||
}
|
||||
|
||||
if (algid)
|
||||
{
|
||||
if (hashsize < (size_t)hashlen)
|
||||
goto too_small;
|
||||
|
||||
if ((status = BCryptOpenAlgorithmProvider(&alg, algid, NULL, 0)) < 0)
|
||||
{
|
||||
DEBUG_printf(("2cupsHashData: BCryptOpenAlgorithmProvider returned %d.", status));
|
||||
|
||||
if (status == STATUS_INVALID_PARAMETER)
|
||||
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Bad algorithm parameter."), 1);
|
||||
else
|
||||
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Unable to access cryptographic provider."), 1);
|
||||
|
||||
return (-1);
|
||||
}
|
||||
|
||||
if (tempsize > 0)
|
||||
{
|
||||
// Do a truncated SHA2-512 hash...
|
||||
status = BCryptHash(alg, NULL, 0, (PUCHAR)data, (ULONG)datalen, temp, sizeof(temp));
|
||||
memcpy(hash, temp, hashlen);
|
||||
}
|
||||
else
|
||||
{
|
||||
// Hash directly to buffer...
|
||||
status = BCryptHash(alg, NULL, 0, (PUCHAR)data, (ULONG)datalen, hash, (ULONG)hashlen);
|
||||
}
|
||||
|
||||
BCryptCloseAlgorithmProvider(alg, 0);
|
||||
|
||||
if (status < 0)
|
||||
{
|
||||
DEBUG_printf(("2cupsHashData: BCryptHash returned %d.", status));
|
||||
|
||||
if (status == STATUS_INVALID_PARAMETER)
|
||||
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Bad hashing parameter."), 1);
|
||||
else
|
||||
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Hashing failed."), 1);
|
||||
|
||||
return (-1);
|
||||
}
|
||||
|
||||
return (hashlen);
|
||||
}
|
||||
|
||||
#else
|
||||
/*
|
||||
* No hash support beyond MD5 without CommonCrypto, GNU TLS, or CNG...
|
||||
*/
|
||||
|
||||
if (!strcmp(algorithm, "md5"))
|
||||
{
|
||||
_cups_md5_state_t state; /* MD5 state info */
|
||||
|
||||
if (hashsize < 16)
|
||||
goto too_small;
|
||||
|
||||
_cupsMD5Init(&state);
|
||||
_cupsMD5Append(&state, data, datalen);
|
||||
_cupsMD5Finish(&state, hash);
|
||||
|
||||
return (16);
|
||||
}
|
||||
else if (hashsize < 64)
|
||||
goto too_small;
|
||||
#endif /* __APPLE__ */
|
||||
|
||||
/*
|
||||
* Unknown hash algorithm...
|
||||
*/
|
||||
|
||||
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Unknown hash algorithm."), 1);
|
||||
|
||||
return (-1);
|
||||
|
||||
/*
|
||||
* We get here if the buffer is too small.
|
||||
*/
|
||||
|
||||
too_small:
|
||||
|
||||
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Hash buffer too small."), 1);
|
||||
return (-1);
|
||||
return (hash_data(algorithm, hash, hashsize, data, datalen, NULL, 0));
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* 'cupsHashString()' - Format a hash value as a hexadecimal string.
|
||||
*
|
||||
* The passed buffer must be at least 2 * hashsize + 1 characters in length.
|
||||
*
|
||||
* @since CUPS 2.2.7@
|
||||
*/
|
||||
//
|
||||
// 'cupsHashString()' - Format a hash value as a hexadecimal string.
|
||||
//
|
||||
// The passed buffer must be at least 2 * hashsize + 1 characters in length.
|
||||
//
|
||||
|
||||
const char * /* O - Formatted string */
|
||||
const char * // O - Formatted string
|
||||
cupsHashString(
|
||||
const unsigned char *hash, /* I - Hash */
|
||||
size_t hashsize, /* I - Size of hash */
|
||||
char *buffer, /* I - String buffer */
|
||||
size_t bufsize) /* I - Size of string buffer */
|
||||
const unsigned char *hash, // I - Hash
|
||||
size_t hashsize, // I - Size of hash
|
||||
char *buffer, // I - String buffer
|
||||
size_t bufsize) // I - Size of string buffer
|
||||
{
|
||||
char *bufptr = buffer; /* Pointer into buffer */
|
||||
char *bufptr = buffer; // Pointer into buffer
|
||||
static const char *hex = "0123456789abcdef";
|
||||
/* Hex characters (lowercase!) */
|
||||
// Hex characters (lowercase!)
|
||||
|
||||
|
||||
/*
|
||||
* Range check input...
|
||||
*/
|
||||
|
||||
// Range check input...
|
||||
if (!hash || hashsize < 1 || !buffer || bufsize < (2 * hashsize + 1))
|
||||
{
|
||||
if (buffer)
|
||||
|
@ -422,10 +91,7 @@ cupsHashString(
|
|||
return (NULL);
|
||||
}
|
||||
|
||||
/*
|
||||
* Loop until we've converted the whole hash...
|
||||
*/
|
||||
|
||||
// Loop until we've converted the whole hash...
|
||||
while (hashsize > 0)
|
||||
{
|
||||
*bufptr++ = hex[*hash >> 4];
|
||||
|
@ -439,3 +105,214 @@ cupsHashString(
|
|||
|
||||
return (buffer);
|
||||
}
|
||||
|
||||
|
||||
//
|
||||
// 'cupsHMACData()' - Perform a HMAC function on the given data.
|
||||
//
|
||||
// This function performs a HMAC function on the given data with the given key.
|
||||
// The "algorithm" argument can be any of the registered, non-deprecated IPP
|
||||
// hash algorithms for the "job-password-encryption" attribute, including
|
||||
// "sha" for SHA-1, "sha2-256" for SHA2-256, etc.
|
||||
//
|
||||
// The "hmac" argument points to a buffer of "hmacsize" bytes and should be at
|
||||
// least 64 bytes in length for all of the supported algorithms.
|
||||
//
|
||||
// The returned HMAC is binary data.
|
||||
//
|
||||
|
||||
ssize_t // O - The length of the HMAC or `-1` on error
|
||||
cupsHMACData(
|
||||
const char *algorithm, // I - Hash algorithm
|
||||
const unsigned char *key, // I - Key
|
||||
size_t keylen, // I - Length of key
|
||||
const void *data, // I - Data to hash
|
||||
size_t datalen, // I - Length of data to hash
|
||||
unsigned char *hmac, // I - HMAC buffer
|
||||
size_t hmacsize) // I - Size of HMAC buffer
|
||||
{
|
||||
size_t i, // Looping var
|
||||
b; // Block size
|
||||
unsigned char buffer[128], // Intermediate buffer
|
||||
hash[128], // Hash buffer
|
||||
hkey[128]; // Hashed key buffer
|
||||
ssize_t hashlen; // Length of hash
|
||||
|
||||
|
||||
// Range check input...
|
||||
if (!algorithm || !key || keylen == 0 || !data || datalen == 0 || !hmac || hmacsize < 32)
|
||||
return (-1);
|
||||
|
||||
// Determine the block size...
|
||||
if (!strcmp(algorithm, "sha2-384") || !strncmp(algorithm, "sha2-512", 8))
|
||||
b = 128;
|
||||
else
|
||||
b = 64;
|
||||
|
||||
// If the key length is larger than the block size, hash it and use that
|
||||
// instead...
|
||||
if (keylen > b)
|
||||
{
|
||||
if ((hashlen = hash_data(algorithm, hkey, sizeof(hkey), key, keylen, NULL, 0)) < 0)
|
||||
return (-1);
|
||||
|
||||
key = hkey;
|
||||
keylen = (size_t)hashlen;
|
||||
}
|
||||
|
||||
// HMAC = H(K' ^ opad, H(K' ^ ipad, data))
|
||||
// K' = Klen > b ? H(K) : K, padded with 0's
|
||||
// opad = 0x5c, ipad = 0x36
|
||||
for (i = 0; i < b && i < keylen; i ++)
|
||||
buffer[i] = key[i] ^ 0x36;
|
||||
for (; i < b; i ++)
|
||||
buffer[i] = 0x36;
|
||||
|
||||
if ((hashlen = hash_data(algorithm, hash, sizeof(hash), buffer, b, data, datalen)) < 0)
|
||||
return (-1);
|
||||
|
||||
for (i = 0; i < b && i < keylen; i ++)
|
||||
buffer[i] = key[i] ^ 0x5c;
|
||||
for (; i < b; i ++)
|
||||
buffer[i] = 0x5c;
|
||||
|
||||
return (hash_data(algorithm, hmac, hmacsize, buffer, b, hash, (size_t)hashlen));
|
||||
}
|
||||
|
||||
|
||||
//
|
||||
// 'hash_data()' - Hash up to two blocks of data.
|
||||
//
|
||||
|
||||
static ssize_t // O - Size of hash or `-1` on error
|
||||
hash_data(const char *algorithm, // I - Algorithm
|
||||
unsigned char *hash, // I - Hash buffer
|
||||
size_t hashsize, // I - Size of hash buffer
|
||||
const void *a, // I - First block
|
||||
size_t alen, // I - Length of first block
|
||||
const void *b, // I - Second block or `NULL` for none
|
||||
size_t blen) // I - Length of second block or `0` for none
|
||||
{
|
||||
unsigned hashlen; // Length of hash
|
||||
unsigned char hashtemp[64]; // Temporary hash buffer
|
||||
#ifdef HAVE_OPENSSL
|
||||
const EVP_MD *md = NULL; // Message digest implementation
|
||||
EVP_MD_CTX *ctx; // Context
|
||||
#else // HAVE_GNUTLS
|
||||
gnutls_digest_algorithm_t alg = GNUTLS_DIG_UNKNOWN;
|
||||
// Algorithm
|
||||
gnutls_hash_hd_t ctx; // Context
|
||||
#endif // HAVE_OPENSSL
|
||||
|
||||
|
||||
if (!strcmp(algorithm, "md5"))
|
||||
{
|
||||
// Some versions of GNU TLS and OpenSSL disable MD5 without warning...
|
||||
_cups_md5_state_t state; // MD5 state info
|
||||
|
||||
if (hashsize < 16)
|
||||
goto too_small;
|
||||
|
||||
_cupsMD5Init(&state);
|
||||
_cupsMD5Append(&state, a, (int)alen);
|
||||
if (b && blen)
|
||||
_cupsMD5Append(&state, b, (int)blen);
|
||||
_cupsMD5Finish(&state, hash);
|
||||
|
||||
return (16);
|
||||
}
|
||||
|
||||
#ifdef HAVE_OPENSSL
|
||||
if (!strcmp(algorithm, "sha"))
|
||||
{
|
||||
// SHA-1
|
||||
md = EVP_sha1();
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-224"))
|
||||
{
|
||||
md = EVP_sha224();
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-256"))
|
||||
{
|
||||
md = EVP_sha256();
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-384"))
|
||||
{
|
||||
md = EVP_sha384();
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-512"))
|
||||
{
|
||||
md = EVP_sha512();
|
||||
}
|
||||
|
||||
if (md)
|
||||
{
|
||||
ctx = EVP_MD_CTX_new();
|
||||
EVP_DigestInit(ctx, md);
|
||||
EVP_DigestUpdate(ctx, a, alen);
|
||||
if (b && blen)
|
||||
EVP_DigestUpdate(ctx, b, blen);
|
||||
EVP_DigestFinal(ctx, hashtemp, &hashlen);
|
||||
|
||||
if (hashlen > hashsize)
|
||||
goto too_small;
|
||||
|
||||
memcpy(hash, hashtemp, hashlen);
|
||||
|
||||
return ((ssize_t)hashlen);
|
||||
}
|
||||
|
||||
#else // HAVE_GNUTLS
|
||||
if (!strcmp(algorithm, "sha"))
|
||||
{
|
||||
// SHA-1
|
||||
alg = GNUTLS_DIG_SHA1;
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-224"))
|
||||
{
|
||||
alg = GNUTLS_DIG_SHA224;
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-256"))
|
||||
{
|
||||
alg = GNUTLS_DIG_SHA256;
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-384"))
|
||||
{
|
||||
alg = GNUTLS_DIG_SHA384;
|
||||
}
|
||||
else if (!strcmp(algorithm, "sha2-512"))
|
||||
{
|
||||
alg = GNUTLS_DIG_SHA512;
|
||||
}
|
||||
|
||||
if (alg != GNUTLS_DIG_UNKNOWN)
|
||||
{
|
||||
hashlen = gnutls_hash_get_len(alg);
|
||||
|
||||
if (hashlen > hashsize)
|
||||
goto too_small;
|
||||
|
||||
gnutls_hash_init(&ctx, alg);
|
||||
gnutls_hash(ctx, a, alen);
|
||||
if (b && blen)
|
||||
gnutls_hash(ctx, b, blen);
|
||||
gnutls_hash_deinit(ctx, hashtemp);
|
||||
|
||||
memcpy(hash, hashtemp, hashlen);
|
||||
|
||||
return ((ssize_t)hashlen);
|
||||
}
|
||||
#endif // HAVE_OPENSSL
|
||||
|
||||
// Unknown hash algorithm...
|
||||
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Unknown hash algorithm."), 1);
|
||||
|
||||
return (-1);
|
||||
|
||||
// We get here if the buffer is too small.
|
||||
too_small:
|
||||
|
||||
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Hash buffer too small."), 1);
|
||||
return (-1);
|
||||
}
|
||||
|
||||
|
|
|
@ -318,6 +318,23 @@ httpAddrConnect2(
|
|||
{
|
||||
# ifdef HAVE_POLL
|
||||
DEBUG_printf(("pfds[%d].revents=%x\n", i, pfds[i].revents));
|
||||
# ifdef __sun
|
||||
// Solaris connect runs asynchronously returning EINPROGRESS. Following
|
||||
// poll() does not detect the socket is not connected and returns
|
||||
// POLLIN|POLLOUT. Check the connection status and update error flag.
|
||||
int sres, serr;
|
||||
socklen_t slen = sizeof(serr);
|
||||
sres = getsockopt(fds[i], SOL_SOCKET, SO_ERROR, &serr, &slen);
|
||||
if (sres || serr)
|
||||
{
|
||||
pfds[i].revents |= POLLERR;
|
||||
# ifdef DEBUG
|
||||
DEBUG_printf(("1httpAddrConnect2: getsockopt returned: %d with error: %s", sres, strerror(serr)));
|
||||
# endif
|
||||
}
|
||||
# endif // __sun
|
||||
|
||||
|
||||
if (pfds[i].revents && !(pfds[i].revents & (POLLERR | POLLHUP)))
|
||||
# else
|
||||
if (FD_ISSET(fds[i], &input_set) && !FD_ISSET(fds[i], &error_set))
|
||||
|
@ -340,18 +357,6 @@ httpAddrConnect2(
|
|||
else if (FD_ISSET(fds[i], &error_set))
|
||||
# endif /* HAVE_POLL */
|
||||
{
|
||||
# ifdef __sun
|
||||
// Solaris incorrectly returns errors when you poll() a socket that is
|
||||
// still connecting. This check prevents us from removing the socket
|
||||
// from the pool if the "error" is EINPROGRESS...
|
||||
int sockerr; // Current error on socket
|
||||
socklen_t socklen = sizeof(sockerr);
|
||||
// Size of error variable
|
||||
|
||||
if (!getsockopt(fds[i], SOL_SOCKET, SO_ERROR, &sockerr, &socklen) && (!sockerr || sockerr == EINPROGRESS))
|
||||
continue; // Not an error
|
||||
# endif // __sun
|
||||
|
||||
/*
|
||||
* Error on socket, remove from the "pool"...
|
||||
*/
|
||||
|
|
13
cups/md5.c
13
cups/md5.c
|
@ -1,9 +1,10 @@
|
|||
/*
|
||||
* Private MD5 implementation for CUPS.
|
||||
*
|
||||
* Copyright 2007-2017 by Apple Inc.
|
||||
* Copyright 2005 by Easy Software Products
|
||||
* Copyright (C) 1999 Aladdin Enterprises. All rights reserved.
|
||||
* Copyright © 2023 by OpenPrinting.
|
||||
* Copyright © 2007-2017 by Apple Inc.
|
||||
* Copyright © 2005 by Easy Software Products
|
||||
* Copyright © 1999 Aladdin Enterprises. All rights reserved.
|
||||
*
|
||||
* This software is provided 'as-is', without any express or implied
|
||||
* warranty. In no event will the authors be held liable for any damages
|
||||
|
@ -43,7 +44,6 @@
|
|||
#include "md5-internal.h"
|
||||
#include "string-private.h"
|
||||
|
||||
#if !defined(__APPLE__)
|
||||
#define T1 0xd76aa478
|
||||
#define T2 0xe8c7b756
|
||||
#define T3 0x242070db
|
||||
|
@ -131,8 +131,8 @@ _cups_md5_process(_cups_md5_state_t *pms, const unsigned char *data /*[64]*/)
|
|||
int i;
|
||||
|
||||
for (i = 0; i < 16; ++i, xp += 4)
|
||||
X[i] = (unsigned)xp[0] | ((unsigned)xp[1] << 8) |
|
||||
((unsigned)xp[2] << 16) | ((unsigned)xp[3] << 24);
|
||||
X[i] = (unsigned)xp[0] + ((unsigned)xp[1] << 8) +
|
||||
((unsigned)xp[2] << 16) + ((unsigned)xp[3] << 24);
|
||||
|
||||
#else /* !ARCH_IS_BIG_ENDIAN */
|
||||
|
||||
|
@ -338,4 +338,3 @@ _cupsMD5Finish(_cups_md5_state_t *pms, unsigned char digest[16])
|
|||
for (i = 0; i < 16; ++i)
|
||||
digest[i] = (unsigned char)(pms->abcd[i >> 2] >> ((i & 3) << 3));
|
||||
}
|
||||
#endif /* !__APPLE__ */
|
||||
|
|
|
@ -727,7 +727,10 @@ copy_stack(_cups_ps_stack_t *st, /* I - Stack */
|
|||
|
||||
while (c > 0)
|
||||
{
|
||||
if (!push_stack(st, st->objs + n))
|
||||
_cups_ps_obj_t temp; /* Temporary copy of object */
|
||||
|
||||
temp = st->objs[n];
|
||||
if (!push_stack(st, &temp))
|
||||
return (-1);
|
||||
|
||||
n ++;
|
||||
|
@ -1113,6 +1116,18 @@ scan_ps(_cups_ps_stack_t *st, /* I - Stack */
|
|||
|
||||
cur ++;
|
||||
|
||||
/*
|
||||
* Return NULL if we reached NULL terminator, a lone backslash
|
||||
* is not a valid character in PostScript.
|
||||
*/
|
||||
|
||||
if (!*cur)
|
||||
{
|
||||
*ptr = NULL;
|
||||
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
if (*cur == 'b')
|
||||
*valptr++ = '\b';
|
||||
else if (*cur == 'f')
|
||||
|
|
|
@ -25,9 +25,11 @@
|
|||
#ifndef O_BINARY
|
||||
# define O_BINARY 0
|
||||
#endif /* O_BINARY */
|
||||
#ifndef MSG_DONTWAIT
|
||||
#ifdef _AIX
|
||||
# define MSG_DONTWAIT MSG_NONBLOCK
|
||||
#elif !defined(MSG_DONTWAIT)
|
||||
# define MSG_DONTWAIT 0
|
||||
#endif /* !MSG_DONTWAIT */
|
||||
#endif /* _AIX */
|
||||
|
||||
|
||||
/*
|
||||
|
|
|
@ -1462,38 +1462,13 @@ static time_t // O - UNIX time in seconds
|
|||
http_get_date(X509 *cert, // I - Certificate
|
||||
int which) // I - 0 for notBefore, 1 for notAfter
|
||||
{
|
||||
unsigned char *expiration; // Expiration date of cert
|
||||
struct tm exptm; // Expiration date components
|
||||
|
||||
|
||||
if (which)
|
||||
ASN1_STRING_to_UTF8(&expiration, X509_get0_notAfter(cert));
|
||||
ASN1_TIME_to_tm(X509_get0_notAfter(cert), &exptm);
|
||||
else
|
||||
ASN1_STRING_to_UTF8(&expiration, X509_get0_notBefore(cert));
|
||||
|
||||
memset(&exptm, 0, sizeof(exptm));
|
||||
if (strlen((char *)expiration) > 13)
|
||||
{
|
||||
// 4-digit year
|
||||
exptm.tm_year = (expiration[0] - '0') * 1000 + (expiration[1] - '0') * 100 + (expiration[2] - '0') * 10 + expiration[3] - '0' - 1900;
|
||||
exptm.tm_mon = (expiration[4] - '0') * 10 + expiration[5] - '0' - 1;
|
||||
exptm.tm_mday = (expiration[6] - '0') * 10 + expiration[7] - '0';
|
||||
exptm.tm_hour = (expiration[8] - '0') * 10 + expiration[9] - '0';
|
||||
exptm.tm_min = (expiration[10] - '0') * 10 + expiration[11] - '0';
|
||||
exptm.tm_sec = (expiration[12] - '0') * 10 + expiration[13] - '0';
|
||||
}
|
||||
else
|
||||
{
|
||||
// 2-digit year
|
||||
exptm.tm_year = 100 + (expiration[0] - '0') * 10 + expiration[1] - '0';
|
||||
exptm.tm_mon = (expiration[2] - '0') * 10 + expiration[3] - '0' - 1;
|
||||
exptm.tm_mday = (expiration[4] - '0') * 10 + expiration[5] - '0';
|
||||
exptm.tm_hour = (expiration[6] - '0') * 10 + expiration[7] - '0';
|
||||
exptm.tm_min = (expiration[8] - '0') * 10 + expiration[9] - '0';
|
||||
exptm.tm_sec = (expiration[10] - '0') * 10 + expiration[11] - '0';
|
||||
}
|
||||
|
||||
OPENSSL_free(expiration);
|
||||
ASN1_TIME_to_tm(X509_get0_notBefore(cert), &exptm);
|
||||
|
||||
return (mktime(&exptm));
|
||||
}
|
||||
|
|
|
@ -41,12 +41,12 @@
|
|||
|
||||
Summary: CUPS
|
||||
Name: cups
|
||||
Version: 2.4.6
|
||||
Version: 2.4.7
|
||||
Release: 0
|
||||
Epoch: 1
|
||||
License: GPL
|
||||
Group: System Environment/Daemons
|
||||
Source: https://github.com/openprinting/cups/releases/download/v2.4.6/cups-2.4.6-source.tar.gz
|
||||
Source: https://github.com/openprinting/cups/releases/download/v2.4.7/cups-2.4.7-source.tar.gz
|
||||
Url: https://openprinting.github.io/cups
|
||||
Packager: Anonymous <anonymous@example.com>
|
||||
Vendor: OpenPrinting
|
||||
|
|
|
@ -811,11 +811,7 @@ cupsdReadConfiguration(void)
|
|||
cupsdLogMessage(CUPSD_LOG_INFO, "No %s, using defaults.", CupsFilesFile);
|
||||
else
|
||||
{
|
||||
#ifdef HAVE_SYSTEMD_SD_JOURNAL_H
|
||||
sd_journal_print(LOG_ERR, "Unable to open \"%s\" - %s", CupsFilesFile, strerror(errno));
|
||||
#else
|
||||
syslog(LOG_LPR, "Unable to open \"%s\" - %s", CupsFilesFile, strerror(errno));
|
||||
#endif /* HAVE_SYSTEMD_SD_JOURNAL_H */
|
||||
fprintf(stderr, "Unable to read \"%s\" - %s\n", CupsFilesFile, strerror(errno));
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
|
|
@ -443,12 +443,12 @@ cupsdCleanJobs(void)
|
|||
job;
|
||||
job = (cupsd_job_t *)cupsArrayNext(Jobs))
|
||||
{
|
||||
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCleanJobs: Job %d, state=%d, printer=%p, history_time=%d, file_time=%d", job->id, (int)job->state_value, (void *)job->printer, (int)job->history_time, (int)job->file_time);
|
||||
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCleanJobs: Job %d, state=%d, printer=%p, history_time=%d, file_time=%d, num_files=%d", job->id, (int)job->state_value, (void *)job->printer, (int)job->history_time, (int)job->file_time, (int)job->num_files);
|
||||
|
||||
if ((job->history_time && job->history_time < JobHistoryUpdate) || !JobHistoryUpdate)
|
||||
JobHistoryUpdate = job->history_time;
|
||||
|
||||
if ((job->file_time && job->file_time < JobHistoryUpdate) || !JobHistoryUpdate)
|
||||
if (job->num_files > 0 && ((job->file_time && job->file_time < JobHistoryUpdate) || !JobHistoryUpdate))
|
||||
JobHistoryUpdate = job->file_time;
|
||||
|
||||
if (job->state_value >= IPP_JOB_CANCELED && !job->printer)
|
||||
|
|
|
@ -22,6 +22,9 @@
|
|||
# include <systemd/sd-journal.h>
|
||||
#endif /* HAVE_ASL_H */
|
||||
#include <syslog.h>
|
||||
#ifndef va_copy
|
||||
# define va_copy(__list1, __list2) ((void)(__list1 = __list2))
|
||||
#endif
|
||||
|
||||
|
||||
/*
|
||||
|
|
|
@ -100,8 +100,8 @@ typedef unsigned long useconds_t;
|
|||
* Version of software...
|
||||
*/
|
||||
|
||||
#define CUPS_SVERSION "CUPS v2.4.6"
|
||||
#define CUPS_MINIMAL "CUPS/2.4.6"
|
||||
#define CUPS_SVERSION "CUPS v2.4.7"
|
||||
#define CUPS_MINIMAL "CUPS/2.4.7"
|
||||
|
||||
|
||||
/*
|
||||
|
|
|
@ -61,7 +61,7 @@
|
|||
</Midl>
|
||||
<ClCompile>
|
||||
<Optimization>Disabled</Optimization>
|
||||
<AdditionalIncludeDirectories>..;..\vcnet;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>..;..\vcnet;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<MinimalRebuild>true</MinimalRebuild>
|
||||
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
|
||||
|
@ -83,7 +83,7 @@
|
|||
<TargetEnvironment>X64</TargetEnvironment>
|
||||
</Midl>
|
||||
<ClCompile>
|
||||
<AdditionalIncludeDirectories>..;..\vcnet;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>..;..\vcnet;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
|
||||
<PrecompiledHeader />
|
||||
|
|
|
@ -61,7 +61,7 @@
|
|||
</Midl>
|
||||
<ClCompile>
|
||||
<Optimization>Disabled</Optimization>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<MinimalRebuild>false</MinimalRebuild>
|
||||
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
|
||||
|
@ -84,7 +84,7 @@
|
|||
<TargetEnvironment>X64</TargetEnvironment>
|
||||
</Midl>
|
||||
<ClCompile>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
|
||||
<PrecompiledHeader />
|
||||
|
|
|
@ -61,7 +61,7 @@
|
|||
</Midl>
|
||||
<ClCompile>
|
||||
<Optimization>Disabled</Optimization>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<MinimalRebuild>true</MinimalRebuild>
|
||||
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
|
||||
|
@ -84,7 +84,7 @@
|
|||
<TargetEnvironment>X64</TargetEnvironment>
|
||||
</Midl>
|
||||
<ClCompile>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
|
||||
<PrecompiledHeader />
|
||||
|
|
|
@ -61,7 +61,7 @@
|
|||
</Midl>
|
||||
<ClCompile>
|
||||
<Optimization>Disabled</Optimization>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<MinimalRebuild>true</MinimalRebuild>
|
||||
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
|
||||
|
@ -83,7 +83,7 @@
|
|||
<TargetEnvironment>X64</TargetEnvironment>
|
||||
</Midl>
|
||||
<ClCompile>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
|
||||
<PrecompiledHeader />
|
||||
|
|
|
@ -62,7 +62,7 @@
|
|||
</Midl>
|
||||
<ClCompile>
|
||||
<Optimization>Disabled</Optimization>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>DEBUG;_DEBUG;_WINDOWS;_USRDLL;LIBCUPS2_EXPORTS;_CRT_SECURE_NO_DEPRECATE;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
|
||||
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
|
||||
|
@ -72,7 +72,7 @@
|
|||
<DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<AdditionalDependencies>packages\libressl_native.3.5.3.2\build\native\lib\x64\Release\ssl.lib;packages\libressl_native.3.5.3.2\build\native\lib\x64\Release\crypto.lib;bcrypt.lib;ws2_32.lib;advapi32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalDependencies>packages\libressl_native.3.7.3\build\native\lib\x64\Release\ssl.lib;packages\libressl_native.3.7.3\build\native\lib\x64\Release\crypto.lib;bcrypt.lib;ws2_32.lib;advapi32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<OutputFile>$(OutDir)libcups2.dll</OutputFile>
|
||||
<ModuleDefinitionFile>..\cups\libcups2.def</ModuleDefinitionFile>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
|
@ -88,7 +88,7 @@
|
|||
</Midl>
|
||||
<ClCompile>
|
||||
<Optimization>MinSpace</Optimization>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;..\vcnet\regex;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>DEBUG;NDEBUG;_WINDOWS;_USRDLL;LIBCUPS2_EXPORTS;_CRT_SECURE_NO_DEPRECATE;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
|
||||
<PrecompiledHeader />
|
||||
|
@ -96,7 +96,7 @@
|
|||
<DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<AdditionalDependencies>packages\libressl_native.3.5.3.2\build\native\lib\x64\Release\ssl.lib;packages\libressl_native.3.5.3.2\build\native\lib\x64\Release\crypto.lib;bcrypt.lib;ws2_32.lib;advapi32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalDependencies>packages\libressl_native.3.7.3\build\native\lib\x64\Release\ssl.lib;packages\libressl_native.3.7.3\build\native\lib\x64\Release\crypto.lib;bcrypt.lib;ws2_32.lib;advapi32.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<OutputFile>$(OutDir)libcups2.dll</OutputFile>
|
||||
<ModuleDefinitionFile>..\cups\libcups2.def</ModuleDefinitionFile>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
<metadata>
|
||||
<id>libcups2_native</id>
|
||||
<title>OpenPrinting CUPS Library for VS2019+</title>
|
||||
<version>2.4.6.0</version>
|
||||
<version>2.4.7.0</version>
|
||||
<authors>Michael R Sweet, OpenPrinting</authors>
|
||||
<owners>michaelrsweet</owners>
|
||||
<projectUrl>https://github.com/OpenPrinting/cups</projectUrl>
|
||||
|
@ -16,7 +16,7 @@ and other Unix®-like operating systems. The CUPS library provides a convenient
|
|||
<copyright>Copyright © 2020-2023 by OpenPrinting, Copyright © 2007-2019 by Apple Inc., Copyright © 1997-2007 by Easy Software Products.</copyright>
|
||||
<tags>http ipp native</tags>
|
||||
<dependencies>
|
||||
<dependency id="libcups2_native.redist" version="2.4.6.0" />
|
||||
<dependency id="libcups2_native.redist" version="2.4.7.0" />
|
||||
</dependencies>
|
||||
</metadata>
|
||||
<files>
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
<metadata>
|
||||
<id>libcups2_native.redist</id>
|
||||
<title>OpenPrinting CUPS Library for VS2019+ Redist</title>
|
||||
<version>2.4.6.0</version>
|
||||
<version>2.4.7.0</version>
|
||||
<authors>Michael R Sweet, OpenPrinting</authors>
|
||||
<owners>michaelrsweet</owners>
|
||||
<projectUrl>https://github.com/OpenPrinting/cups</projectUrl>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<packages>
|
||||
<package id="libressl_native" version="3.5.3.2" targetFramework="native" />
|
||||
<package id="libressl_native.redist" version="3.5.3.2" targetFramework="native" />
|
||||
<package id="libressl_native" version="3.7.3.0" targetFramework="native" />
|
||||
<package id="libressl_native.redist" version="3.7.3.0" targetFramework="native" />
|
||||
<package id="zlib_native" version="1.2.11" targetFramework="native" />
|
||||
<package id="zlib_native.redist" version="1.2.11" targetFramework="native" />
|
||||
</packages>
|
|
@ -58,7 +58,7 @@
|
|||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<ClCompile>
|
||||
<Optimization>Disabled</Optimization>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
|
||||
<RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
|
||||
|
@ -79,7 +79,7 @@
|
|||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ClCompile>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;packages\libressl_native.3.5.3.2\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>..\vcnet;..;packages\libressl_native.3.7.3\build\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
|
||||
<PrecompiledHeader>
|
||||
|
|
|
@ -19,8 +19,8 @@
|
|||
* Version of software...
|
||||
*/
|
||||
|
||||
#define CUPS_SVERSION "CUPS v2.4.6"
|
||||
#define CUPS_MINIMAL "CUPS/2.4.6"
|
||||
#define CUPS_SVERSION "CUPS v2.4.7"
|
||||
#define CUPS_MINIMAL "CUPS/2.4.7"
|
||||
|
||||
|
||||
/*
|
||||
|
|
Loading…
Reference in New Issue