[cups/f19] Use upstream patch for STR #4461.
Tim Waugh
twaugh at fedoraproject.org
Tue Aug 26 14:41:17 UTC 2014
commit 89ffcf3c458aa59077a4f22e7fd32b29b188a5e4
Author: Tim Waugh <twaugh at redhat.com>
Date: Tue Aug 26 14:58:54 2014 +0100
Use upstream patch for STR #4461.
(cherry picked from commit d10ba264865bb0b7fd944f11cddb450eba74f69c)
Conflicts:
cups-str4461.patch
cups.spec
cups-str4461.patch | 109 +++++++++++++++++++++++++++++++++++++++++++---------
cups.spec | 5 ++-
2 files changed, 95 insertions(+), 19 deletions(-)
---
diff --git a/cups-str4461.patch b/cups-str4461.patch
index 409ba29..ab4fab8 100644
--- a/cups-str4461.patch
+++ b/cups-str4461.patch
@@ -1,24 +1,97 @@
diff -up cups-1.6.4/scheduler/client.c.str4461 cups-1.6.4/scheduler/client.c
---- cups-1.6.4/scheduler/client.c.str4461 2014-08-14 13:37:14.618887315 +0100
-+++ cups-1.6.4/scheduler/client.c 2014-08-14 13:37:14.620887326 +0100
-@@ -3235,8 +3235,18 @@ get_file(cupsd_client_t *con, /* I - C
+--- cups-1.6.4/scheduler/client.c.str4461 2014-08-26 15:07:32.750999443 +0100
++++ cups-1.6.4/scheduler/client.c 2014-08-26 15:07:37.319022923 +0100
+@@ -3138,6 +3138,7 @@ get_file(cupsd_client_t *con, /* I - C
+ char *ptr; /* Pointer info filename */
+ int plen; /* Remaining length after pointer */
+ char language[7]; /* Language subdirectory, if any */
++ int perm_check = 1; /* Do permissions check? */
- if (!status && !(filestats->st_mode & S_IROTH))
+
+ /*
+@@ -3147,17 +3148,27 @@ get_file(cupsd_client_t *con, /* I - C
+ language[0] = '\0';
+
+ if (!strncmp(con->uri, "/ppd/", 5) && !strchr(con->uri + 5, '/'))
++ {
+ snprintf(filename, len, "%s%s", ServerRoot, con->uri);
++
++ perm_check = 0;
++ }
+ else if (!strncmp(con->uri, "/icons/", 7) && !strchr(con->uri + 7, '/'))
{
-- cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Files/directories such as \"%s\" must be world-readable.", con->http.fd, filename);
-- return (NULL);
-+ /*
-+ * The exception is for cupsd.conf and log files for
-+ * authenticated access.
-+ */
+ snprintf(filename, len, "%s/%s", CacheDir, con->uri + 7);
+ if (access(filename, F_OK) < 0)
+ snprintf(filename, len, "%s/images/generic.png", DocumentRoot);
+
-+ if ((strcmp(con->uri, "/admin/conf/cupsd.conf") &&
-+ strncmp(con->uri, "/admin/log/", 11)) ||
-+ cupsdIsAuthorized(con, NULL) != HTTP_OK)
-+ {
-+ cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Files/directories such as \"%s\" must be world-readable.", con->http.fd, filename);
-+ return (NULL);
-+ }
++ perm_check = 0;
}
+ else if (!strncmp(con->uri, "/rss/", 5) && !strchr(con->uri + 5, '/'))
+ snprintf(filename, len, "%s/rss/%s", CacheDir, con->uri + 5);
+- else if (!strncmp(con->uri, "/admin/conf/", 12))
+- snprintf(filename, len, "%s%s", ServerRoot, con->uri + 11);
++ else if (!strcmp(con->uri, "/admin/conf/cupsd.conf"))
++ {
++ strlcpy(filename, ConfigurationFile, len);
++
++ perm_check = 0;
++ }
+ else if (!strncmp(con->uri, "/admin/log/", 11))
+ {
+ if (!strncmp(con->uri + 11, "access_log", 10) && AccessLog[0] == '/')
+@@ -3168,6 +3179,8 @@ get_file(cupsd_client_t *con, /* I - C
+ strlcpy(filename, PageLog, len);
+ else
+ return (NULL);
++
++ perm_check = 0;
+ }
+ else if (con->language)
+ {
+@@ -3233,7 +3246,7 @@ get_file(cupsd_client_t *con, /* I - C
+ * not allow access...
+ */
+
+- if (!status && !(filestats->st_mode & S_IROTH))
++ if (!status && perm_check && !(filestats->st_mode & S_IROTH))
+ {
+ cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Files/directories such as \"%s\" must be world-readable.", con->http.fd, filename);
+ return (NULL);
+@@ -3341,7 +3354,7 @@ get_file(cupsd_client_t *con, /* I - C
+ * not allow access...
+ */
+
+- if (!status && !(filestats->st_mode & S_IROTH))
++ if (!status && perm_check && !(filestats->st_mode & S_IROTH))
+ {
+ cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Files/directories such as \"%s\" must be world-readable.", con->http.fd, filename);
+ return (NULL);
+diff -up cups-1.6.4/scheduler/ipp.c.str4461 cups-1.6.4/scheduler/ipp.c
+--- cups-1.6.4/scheduler/ipp.c.str4461 2014-08-26 15:07:32.560998466 +0100
++++ cups-1.6.4/scheduler/ipp.c 2014-08-26 15:07:37.321022934 +0100
+@@ -2831,7 +2831,6 @@ add_printer(cupsd_client_t *con, /* I -
+
+ cupsdLogMessage(CUPSD_LOG_DEBUG,
+ "Copied PPD file successfully");
+- chmod(dstfile, 0644);
+ }
+ }
+
+@@ -4726,7 +4725,7 @@ copy_model(cupsd_client_t *con, /* I -
+ * Open the destination file for a copy...
+ */
+
+- if ((dst = cupsFileOpen(to, "wb")) == NULL)
++ if ((dst = cupsdCreateConfFile(to, ConfigFilePerm)) == NULL)
+ {
+ cupsFreeOptions(num_defaults, defaults);
+ cupsFileClose(src);
+@@ -4781,7 +4780,7 @@ copy_model(cupsd_client_t *con, /* I -
+
+ unlink(tempfile);
+
+- return (cupsFileClose(dst));
++ return (cupsdCloseCreatedConfFile(dst, to));
+ }
+
- /*
diff --git a/cups.spec b/cups.spec
index b13c4d1..6d46b6b 100644
--- a/cups.spec
+++ b/cups.spec
@@ -11,7 +11,7 @@ Summary: CUPS printing system
Name: cups
Epoch: 1
Version: 1.6.4
-Release: 9%{?dist}
+Release: 10%{?dist}
License: GPLv2
Group: System Environment/Daemons
Url: http://www.cups.org/
@@ -686,6 +686,9 @@ rm -f %{cups_serverbin}/backend/smb
%{_mandir}/man5/ipptoolfile.5.gz
%changelog
+* Tue Aug 26 2014 Tim Waugh <twaugh at redhat.com> - 1:1.6.4-10
+- Use upstream patch for STR #4461.
+
* Thu Aug 21 2014 Tim Waugh <twaugh at redhat.com> - 1:1.6.4-9
- Upstream patch for STR #4396, pre-requisite for STR #2913 patch.
- Upstream patch for STR #2913 to limit Get-Jobs replies to 500 jobs
More information about the scm-commits
mailing list