diff options
author | leot <leot@pkgsrc.org> | 2018-04-05 16:31:45 +0000 |
---|---|---|
committer | leot <leot@pkgsrc.org> | 2018-04-05 16:31:45 +0000 |
commit | c340bf5bb710b81c2f540aae82dbfb492f900fd2 (patch) | |
tree | 7a5a62c931fd9afaf4d3d9f55ec1d68691ef04c6 /print | |
parent | 62dc1dd7856214c81f65be4f4d710a8670ed40ab (diff) | |
download | pkgsrc-c340bf5bb710b81c2f540aae82dbfb492f900fd2.tar.gz |
cups{,-base}: Update print/cups{,-base} to 2.2.7
pkgsrc changes:
- Get rid of extra `/' in patches/patch-config-scripts_cups-opsys.m4
(NFCI, pointed out by mkpatches).
- Add to patches/patch-scheduler_auth.c a backport of issue #5283 to fix build
without PAM. This will be not needed in cups-2.2.8.
Changes:
CUPS v2.2.7
-----------
- NOTICE: Raw print queues are now deprecated (Issue #5269)
- Fixed an Avahi crash bug in the scheduler (Issue #5268)
- The IPP Everywhere PPD generator did not include the `cupsJobPassword`
keyword, when supported (Issue #5265)
- Systemd did not restart cupsd when configuration changes were made that
required a restart (Issue #5263)
- The Lexmark Optra E310 printer needs the "no-reattach" USB quirk rule
(Issue #5259)
- The scheduler could crash while adding an IPP Everywhere printer (Issue #5258)
- Label printers supported by the rastertolabel driver don't support SNMP, so
don't delay printing to test it (Issue #5256)
- Fixed a compile issue when PAM is not available (Issue #5253)
- Documentation fixes (Issue #5252)
- Star Micronics printers need the "unidir" USB quirk rule (Issue #5251)
- The scheduler now supports using temporary print queues for older IPP/1.1
print queues like those shared by CUPS 1.3 and earlier (Issue #5241)
- Fixed printing to some IPP Everywhere printers (Issue #5238)
- Kerberized printing to another CUPS server did not work correctly
(Issue #5233)
- The `cupsRasterWritePixels` function did not correctly swap bytes for some
formats (Issue #5225)
- Added a USB quirk rule for Canon MP280 series printers (Issue #5221)
- The `ppdInstallableConflict` tested too many constraints (Issue #5213)
- More fixes for printing to old CUPS servers (Issue #5211)
- The `cupsCopyDest` function now correctly copies the `is_default` value
(Issue #5208)
- The scheduler did not work with older versions of uClibc (Issue #5188)
- The scheduler now substitutes default values for invalid job attributes when
running in "relaxed conformance" mode (Issue #5186)
- Fixed PAM module detection and added support for the common PAM definitions
(Issue #5185)
- Fixed a journald support bug in the scheduler (Issue #5181)
- The cups-driverd program incorrectly stopped scanning PPDs as soon as a loop
was seen (Issue #5170)
- Fixed group validation on OpenBSD (Issue #5166)
- Fixed the `ippserver` sample code when threading is disabled or unavailable
(Issue #5154)
- The `cupsEnumDests` function did not include options from the lpoptions files
(Issue #5144)
- The `SSLOptions` directive now supports `MinTLS` and `MaxTLS` options to
control the minimum and maximum TLS versions that will be allowed,
respectively (Issue #5119)
- The scheduler did not write out dirty configuration and state files if there
were open client connections (Issue #5118)
- The `lpadmin` command now provides a better error message when an unsupported
System V interface script is used (Issue #5111)
- The `lp` and `lpr` commands now provide better error messages when the default
printer cannot be found (Issue #5096)
- No longer support backslash, question mark, or quotes in printer names
(Issue #4966)
- The CUPS library now supports the latest HTTP Digest authentication
specification including support for SHA-256 (Issue #4862)
- The `lpstat` command now reports when new jobs are being held (Issue #4761)
- The `lpoptions` command incorrectly saved default options (Issue #4717)
- The `ppdLocalizeIPPReason` function incorrectly returned a localized version
of "none" (rdar://36566269)
- TLS connections now properly timeout (rdar://34938533)
- The IPP backend did not properly detect failed PDF prints (rdar://34055474)
- Temporary files are now placed in the correct directory for sandboxed
applications on macOS (rdar://problem/37789645)
Diffstat (limited to 'print')
-rw-r--r-- | print/cups-base/Makefile | 3 | ||||
-rw-r--r-- | print/cups-base/distinfo | 14 | ||||
-rw-r--r-- | print/cups-base/patches/patch-config-scripts_cups-opsys.m4 | 6 | ||||
-rw-r--r-- | print/cups-base/patches/patch-scheduler_auth.c | 187 | ||||
-rw-r--r-- | print/cups/Makefile | 3 | ||||
-rw-r--r-- | print/cups/Makefile.common | 4 |
6 files changed, 192 insertions, 25 deletions
diff --git a/print/cups-base/Makefile b/print/cups-base/Makefile index bde8149efbb..64369b0a3bb 100644 --- a/print/cups-base/Makefile +++ b/print/cups-base/Makefile @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.6 2018/03/12 11:15:41 wiz Exp $ +# $NetBSD: Makefile,v 1.7 2018/04/05 16:31:45 leot Exp $ -PKGREVISION= 2 .include "../../print/cups/Makefile.common" DISTNAME= cups-${CUPS_VERS}-source diff --git a/print/cups-base/distinfo b/print/cups-base/distinfo index d8bba1bdd0a..f3e327d6b64 100644 --- a/print/cups-base/distinfo +++ b/print/cups-base/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.4 2018/01/26 17:22:51 jperkin Exp $ +$NetBSD: distinfo,v 1.5 2018/04/05 16:31:45 leot Exp $ -SHA1 (cups-2.2.6-source.tar.gz) = b5e3389fb9450bfed377c95c0230c029c053acc4 -RMD160 (cups-2.2.6-source.tar.gz) = 7f4689e9102916d4190ffbb958e58d447c0fa146 -SHA512 (cups-2.2.6-source.tar.gz) = 52aa26acf5d38de5a4867c70f5b3006cb84fe5b362876c2f907872107bbac3d95fb249389546745249ad24d032963ac2d70f98a0884427a974c5bc4edc199c45 -Size (cups-2.2.6-source.tar.gz) = 10315433 bytes +SHA1 (cups-2.2.7-source.tar.gz) = aa2ae7c486d5957c9fc5f00aec63e453b19311b4 +RMD160 (cups-2.2.7-source.tar.gz) = ae82e358d8e24e14b2a633ec12e4db1fc8eacd48 +SHA512 (cups-2.2.7-source.tar.gz) = 780a6a484f38967ff678456ec7b532aa8445a9562663e4e4f6f7a24aac6ec9e8eae36459ee3c025dff053d59ad1d9ecfb823e8a832bae9d384db3d1a10d8860e +Size (cups-2.2.7-source.tar.gz) = 10330296 bytes SHA1 (patch-ae) = f34ec899f4816bdcf96ff315e001e3ac5a960200 SHA1 (patch-af) = 6ae6ae6006387db69bf7c15f7c8500708c9e8f56 SHA1 (patch-ai) = 2c1ca67ea6f6c1dedb4c8ff97736f328a2b9a7c6 @@ -15,7 +15,7 @@ SHA1 (patch-config-scripts_cups-directories.m4) = 8a6c2f962dafdde20f913fac2e172a SHA1 (patch-config-scripts_cups-gssapi.m4) = ac2df3e82bc844630af8462a461c7efe1da4b354 SHA1 (patch-config-scripts_cups-libtool.m4) = a6139fbbbee7038d11654c0a2387af21f48b7412 SHA1 (patch-config-scripts_cups-manpages.m4) = 5cc943738df29f11fc366557938b82c1e9162344 -SHA1 (patch-config-scripts_cups-opsys.m4) = 73524f5c406664038e3f7111fd5faf67699edf61 +SHA1 (patch-config-scripts_cups-opsys.m4) = 2bbacc401d4d8dbc157889b6a6cf66684c52357b SHA1 (patch-cups-tls.c) = f89c25f8089d9e11a983a270adbb2cbde3c22511 SHA1 (patch-doc-help-man-cups-files.conf.html) = fcd3d06c00b0a85b6c0790235ccb68685252ea68 SHA1 (patch-man-cups-files.conf.man.in) = 1563a7be3327a975ce8753a3287947f1594975a3 @@ -23,6 +23,6 @@ SHA1 (patch-ppdc_Makefile) = cdeb0ef9a68f9dd85453ef3076a0120ad9983698 SHA1 (patch-scheduler-conf.c) = 179964f8d251be3c21f4cfc7b67f3196beda29dc SHA1 (patch-scheduler-conf.h) = d11f3b789af096dcaca13a38f6484727ff895bee SHA1 (patch-scheduler-main.c) = cb31fa7427b497108ce7724bbfee1b784b9330ab -SHA1 (patch-scheduler_auth.c) = ca675a6e903d4b41cd69a0cab27180653e11f501 +SHA1 (patch-scheduler_auth.c) = 9f329eab415dea7d53e45f39e7ce9ff66ba0a128 SHA1 (patch-scheduler_dirsvc.c) = aae5b924fb8fb39007cf04d8b83747e8724485cf SHA1 (patch-test_ippfind.c) = 6db56b9b1b9a26d5c40336af4dc6cde98abd9c19 diff --git a/print/cups-base/patches/patch-config-scripts_cups-opsys.m4 b/print/cups-base/patches/patch-config-scripts_cups-opsys.m4 index 2c5f0c3ac97..e99eeeb3151 100644 --- a/print/cups-base/patches/patch-config-scripts_cups-opsys.m4 +++ b/print/cups-base/patches/patch-config-scripts_cups-opsys.m4 @@ -1,9 +1,9 @@ -$NetBSD: patch-config-scripts_cups-opsys.m4,v 1.1 2017/12/19 08:23:53 adam Exp $ +$NetBSD: patch-config-scripts_cups-opsys.m4,v 1.2 2018/04/05 16:31:45 leot Exp $ Fix building on newer macOS. ---- config-scripts//cups-opsys.m4.orig 2017-12-19 08:18:26.000000000 +0000 -+++ config-scripts//cups-opsys.m4 +--- config-scripts/cups-opsys.m4.orig 2018-03-23 03:48:36.000000000 +0000 ++++ config-scripts/cups-opsys.m4 @@ -22,9 +22,6 @@ if test "x$host_os_version" = x; then host_os_version="0" fi diff --git a/print/cups-base/patches/patch-scheduler_auth.c b/print/cups-base/patches/patch-scheduler_auth.c index ef1abcb0e6d..e517bd34720 100644 --- a/print/cups-base/patches/patch-scheduler_auth.c +++ b/print/cups-base/patches/patch-scheduler_auth.c @@ -1,13 +1,25 @@ -$NetBSD: patch-scheduler_auth.c,v 1.1 2017/11/12 14:10:15 khorben Exp $ +$NetBSD: patch-scheduler_auth.c,v 1.2 2018/04/05 16:31:45 leot Exp $ -Don't pull in sys/ucred.h on Solaris as it results in procfs.h being -included and conflicts between _FILE_OFFSET_BITS=64 and 32-bit procfs. +- Don't pull in sys/ucred.h on Solaris as it results in procfs.h being + included and conflicts between _FILE_OFFSET_BITS=64 and 32-bit procfs. +- OpenBSD defines SO_PEERCRED, but it is different from Linux's one. +- Backport commit `570933a6a3597371bae1beeb754ee8711d6305ab' to fix builds + without PAM (issue #5283). It will not be needed in cups-2.2.8. -OpenBSD defines SO_PEERCRED, but it is different from Linux's one. - ---- scheduler/auth.c.orig 2015-10-26 19:46:02.000000000 +0000 +--- scheduler/auth.c.orig 2018-04-05 16:07:04.209662684 +0000 +++ scheduler/auth.c -@@ -49,7 +49,7 @@ extern const char *cssmErrorString(int e +@@ -1,8 +1,8 @@ + /* + * Authorization routines for the CUPS scheduler. + * +- * Copyright 2007-2016 by Apple Inc. +- * Copyright 1997-2007 by Easy Software Products, all rights reserved. ++ * Copyright © 2007-2018 by Apple Inc. ++ * Copyright © 1997-2007 by Easy Software Products, all rights reserved. + * + * This file contains Kerberos support code, copyright 2006 by + * Jelmer Vernooij. +@@ -47,7 +47,7 @@ extern const char *cssmErrorString(int e #ifdef HAVE_SYS_PARAM_H # include <sys/param.h> #endif /* HAVE_SYS_PARAM_H */ @@ -16,7 +28,17 @@ OpenBSD defines SO_PEERCRED, but it is different from Linux's one. # include <sys/ucred.h> typedef struct xucred cupsd_ucred_t; # define CUPSD_UCRED_UID(c) (c).cr_uid -@@ -404,7 +404,7 @@ cupsdAuthorize(cupsd_client_t *con) /* I +@@ -71,9 +71,6 @@ static int check_authref(cupsd_client_t + static int compare_locations(cupsd_location_t *a, + cupsd_location_t *b); + static cupsd_authmask_t *copy_authmask(cupsd_authmask_t *am, void *data); +-#if !HAVE_LIBPAM +-static char *cups_crypt(const char *pw, const char *salt); +-#endif /* !HAVE_LIBPAM */ + static void free_authmask(cupsd_authmask_t *am, void *data); + #if HAVE_LIBPAM + static int pam_func(int, const struct pam_message **, +@@ -402,7 +399,7 @@ cupsdAuthorize(cupsd_client_t *con) /* I con->type = CUPSD_AUTH_BASIC; } #endif /* HAVE_AUTHORIZATION_H */ @@ -25,7 +47,24 @@ OpenBSD defines SO_PEERCRED, but it is different from Linux's one. else if (!strncmp(authorization, "PeerCred ", 9) && con->http->hostaddr->addr.sa_family == AF_LOCAL && con->best) { -@@ -841,7 +841,7 @@ cupsdAuthorize(cupsd_client_t *con) /* I +@@ -694,14 +691,14 @@ cupsdAuthorize(cupsd_client_t *con) /* I + * client... + */ + +- pass = cups_crypt(password, pw->pw_passwd); ++ pass = crypt(password, pw->pw_passwd); + + if (!pass || strcmp(pw->pw_passwd, pass)) + { + # ifdef HAVE_SHADOW_H + if (spw) + { +- pass = cups_crypt(password, spw->sp_pwdp); ++ pass = crypt(password, spw->sp_pwdp); + + if (pass == NULL || strcmp(spw->sp_pwdp, pass)) + { +@@ -839,7 +836,7 @@ cupsdAuthorize(cupsd_client_t *con) /* I gss_delete_sec_context(&minor_status, &context, GSS_C_NO_BUFFER); @@ -34,3 +73,133 @@ OpenBSD defines SO_PEERCRED, but it is different from Linux's one. /* * Get the client's UID if we are printing locally - that allows a backend * to run as the correct user to get Kerberos credentials of its own. +@@ -1995,129 +1992,6 @@ copy_authmask(cupsd_authmask_t *mask, /* + } + + +-#if !HAVE_LIBPAM +-/* +- * 'cups_crypt()' - Encrypt the password using the DES or MD5 algorithms, +- * as needed. +- */ +- +-static char * /* O - Encrypted password */ +-cups_crypt(const char *pw, /* I - Password string */ +- const char *salt) /* I - Salt (key) string */ +-{ +- if (!strncmp(salt, "$1$", 3)) +- { +- /* +- * Use MD5 passwords without the benefit of PAM; this is for +- * Slackware Linux, and the algorithm was taken from the +- * old shadow-19990827/lib/md5crypt.c source code... :( +- */ +- +- int i; /* Looping var */ +- unsigned long n; /* Output number */ +- int pwlen; /* Length of password string */ +- const char *salt_end; /* End of "salt" data for MD5 */ +- char *ptr; /* Pointer into result string */ +- _cups_md5_state_t state; /* Primary MD5 state info */ +- _cups_md5_state_t state2; /* Secondary MD5 state info */ +- unsigned char digest[16]; /* MD5 digest result */ +- static char result[120]; /* Final password string */ +- +- +- /* +- * Get the salt data between dollar signs, e.g. $1$saltdata$md5. +- * Get a maximum of 8 characters of salt data after $1$... +- */ +- +- for (salt_end = salt + 3; *salt_end && (salt_end - salt) < 11; salt_end ++) +- if (*salt_end == '$') +- break; +- +- /* +- * Compute the MD5 sum we need... +- */ +- +- pwlen = strlen(pw); +- +- _cupsMD5Init(&state); +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); +- _cupsMD5Append(&state, (unsigned char *)salt, salt_end - salt); +- +- _cupsMD5Init(&state2); +- _cupsMD5Append(&state2, (unsigned char *)pw, pwlen); +- _cupsMD5Append(&state2, (unsigned char *)salt + 3, salt_end - salt - 3); +- _cupsMD5Append(&state2, (unsigned char *)pw, pwlen); +- _cupsMD5Finish(&state2, digest); +- +- for (i = pwlen; i > 0; i -= 16) +- _cupsMD5Append(&state, digest, i > 16 ? 16 : i); +- +- for (i = pwlen; i > 0; i >>= 1) +- _cupsMD5Append(&state, (unsigned char *)((i & 1) ? "" : pw), 1); +- +- _cupsMD5Finish(&state, digest); +- +- for (i = 0; i < 1000; i ++) +- { +- _cupsMD5Init(&state); +- +- if (i & 1) +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); +- else +- _cupsMD5Append(&state, digest, 16); +- +- if (i % 3) +- _cupsMD5Append(&state, (unsigned char *)salt + 3, salt_end - salt - 3); +- +- if (i % 7) +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); +- +- if (i & 1) +- _cupsMD5Append(&state, digest, 16); +- else +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); +- +- _cupsMD5Finish(&state, digest); +- } +- +- /* +- * Copy the final sum to the result string and return... +- */ +- +- memcpy(result, salt, (size_t)(salt_end - salt)); +- ptr = result + (salt_end - salt); +- *ptr++ = '$'; +- +- for (i = 0; i < 5; i ++, ptr += 4) +- { +- n = ((((unsigned)digest[i] << 8) | (unsigned)digest[i + 6]) << 8); +- +- if (i < 4) +- n |= (unsigned)digest[i + 12]; +- else +- n |= (unsigned)digest[5]; +- +- to64(ptr, n, 4); +- } +- +- to64(ptr, (unsigned)digest[11], 2); +- ptr += 2; +- *ptr = '\0'; +- +- return (result); +- } +- else +- { +- /* +- * Use the standard crypt() function... +- */ +- +- return (crypt(pw, salt)); +- } +-} +-#endif /* !HAVE_LIBPAM */ +- +- + /* + * 'free_authmask()' - Free function for auth masks. + */ diff --git a/print/cups/Makefile b/print/cups/Makefile index 81e782dd876..854a5d5c9d9 100644 --- a/print/cups/Makefile +++ b/print/cups/Makefile @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.256 2018/03/12 11:17:25 wiz Exp $ +# $NetBSD: Makefile,v 1.257 2018/04/05 16:31:45 leot Exp $ -PKGREVISION= 2 .include "../../print/cups/Makefile.common" PKGNAME= cups-${CUPS_VERS} diff --git a/print/cups/Makefile.common b/print/cups/Makefile.common index 4dee8fd8eda..fb191c9296b 100644 --- a/print/cups/Makefile.common +++ b/print/cups/Makefile.common @@ -1,9 +1,9 @@ -# $NetBSD: Makefile.common,v 1.2 2017/12/02 20:02:34 leot Exp $ +# $NetBSD: Makefile.common,v 1.3 2018/04/05 16:31:45 leot Exp $ # # used by print/cups/Makefile # used by print/cups-base/Makefile -CUPS_VERS= 2.2.6 +CUPS_VERS= 2.2.7 DISTNAME= cups-${CUPS_VERS}-source CATEGORIES= print |