diff options
Diffstat (limited to 'net-print')
-rw-r--r-- | net-print/cups/ChangeLog | 8 | ||||
-rw-r--r-- | net-print/cups/Manifest | 35 | ||||
-rw-r--r-- | net-print/cups/cups-1.1.20-r3.ebuild | 121 | ||||
-rw-r--r-- | net-print/cups/cups-1.1.21-r1.ebuild | 128 | ||||
-rw-r--r-- | net-print/cups/files/digest-cups-1.1.20-r3 | 1 | ||||
-rw-r--r-- | net-print/cups/files/digest-cups-1.1.21-r1 | 1 | ||||
-rw-r--r-- | net-print/cups/files/str920.patch | 181 |
7 files changed, 454 insertions, 21 deletions
diff --git a/net-print/cups/ChangeLog b/net-print/cups/ChangeLog index 4bc18a01df66..6ee71d54ccdb 100644 --- a/net-print/cups/ChangeLog +++ b/net-print/cups/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-print/cups # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.84 2004/09/22 13:08:33 lanius Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.85 2004/10/06 13:17:28 lanius Exp $ + +*cups-1.1.20-r3 (06 Oct 2004) + + 06 Oct 2004; Heinrich Wendel <lanius@gentoo.org> +files/str920.patch, + +cups-1.1.20-r3.ebuild, +cups-1.1.21-r1.ebuild: + fix security issue in logfiles; bug #66501 22 Sep 2004; Joshua Kinard <kumba@gentoo.org> cups-1.1.20-r2.ebuild: Marked stable on mips. diff --git a/net-print/cups/Manifest b/net-print/cups/Manifest index f87a3805b309..c2a03b0187d6 100644 --- a/net-print/cups/Manifest +++ b/net-print/cups/Manifest @@ -1,25 +1,20 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -MD5 8c34ff33585e8b6f285b6dfec784d8cb ChangeLog 11238 -MD5 26b4b081d538c195dc39bcb2ec8e6f3a metadata.xml 161 +MD5 f5057d27985014e55cb3a184662ab1d6 cups-1.1.21-r1.ebuild 3799 MD5 21c3793835074509964b5f3c108364a0 cups-1.1.20-r1.ebuild 3381 -MD5 a0febdd1dfbea0ccee6699ef83628cb1 cups-1.1.20-r2.ebuild 3427 +MD5 f455b3ef9f70df9eda1d15806d60020c cups-1.1.20-r3.ebuild 3468 MD5 49d8636f749e452a342f3faa84555fcb cups-1.1.21.ebuild 3766 -MD5 7242b8a2000fe4c5a2b398e6602f7f1c files/cups.pam 234 -MD5 b041836e6ee51876ca7ec86869643018 files/cups.xinetd 368 -MD5 e8608b3605ae84d0f10dbc635d65292a files/cupsd.conf-1.1.18 20538 +MD5 a0febdd1dfbea0ccee6699ef83628cb1 cups-1.1.20-r2.ebuild 3427 +MD5 2b837ad55af59c395555125c84f6c3bd ChangeLog 11437 +MD5 26b4b081d538c195dc39bcb2ec8e6f3a metadata.xml 161 +MD5 9c55a09b3413579b2e2daf30895541f1 files/str920.patch 5792 MD5 d7e6454c7e8062203b324c5f6a1a2c65 files/cupsd.rc6 515 -MD5 7bce495a238ee9dbebb61496f3b3ae51 files/disable-strip.patch 422 -MD5 152f70bcd644a5da56756b8b82193d10 files/cups-1.1.20-str633.patch 268 -MD5 baaa1e0bc63f959779998f5e57de6f9d files/digest-cups-1.1.20-r1 72 MD5 fbd28fb7593c247a7151704df5a253ea files/cups-1.1.20-zero-len-udp-dos.patch 965 -MD5 baaa1e0bc63f959779998f5e57de6f9d files/digest-cups-1.1.20-r2 72 +MD5 7242b8a2000fe4c5a2b398e6602f7f1c files/cups.pam 234 MD5 91e81d96543dd250e610b0d542becb3a files/digest-cups-1.1.21 72 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.9.10 (GNU/Linux) - -iD8DBQFBUktmHTu7gpaalycRAoGaAJ9kjbOgJxAdB1aQsywP2QtX7pTMjgCgsx/K -lNKpo8y3PY/eErbmkjT7iwo= -=ta1R ------END PGP SIGNATURE----- +MD5 baaa1e0bc63f959779998f5e57de6f9d files/digest-cups-1.1.20-r1 72 +MD5 baaa1e0bc63f959779998f5e57de6f9d files/digest-cups-1.1.20-r2 72 +MD5 baaa1e0bc63f959779998f5e57de6f9d files/digest-cups-1.1.20-r3 72 +MD5 91e81d96543dd250e610b0d542becb3a files/digest-cups-1.1.21-r1 72 +MD5 7bce495a238ee9dbebb61496f3b3ae51 files/disable-strip.patch 422 +MD5 152f70bcd644a5da56756b8b82193d10 files/cups-1.1.20-str633.patch 268 +MD5 e8608b3605ae84d0f10dbc635d65292a files/cupsd.conf-1.1.18 20538 +MD5 b041836e6ee51876ca7ec86869643018 files/cups.xinetd 368 diff --git a/net-print/cups/cups-1.1.20-r3.ebuild b/net-print/cups/cups-1.1.20-r3.ebuild new file mode 100644 index 000000000000..caeb0a0b4270 --- /dev/null +++ b/net-print/cups/cups-1.1.20-r3.ebuild @@ -0,0 +1,121 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.1.20-r3.ebuild,v 1.1 2004/10/06 13:17:28 lanius Exp $ + +inherit eutils flag-o-matic + +DESCRIPTION="The Common Unix Printing System" +HOMEPAGE="http://www.cups.org/" +SRC_URI="ftp://ftp.easysw.com/pub/cups/${PV}/${P}-source.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="x86 ~ppc ~sparc ~mips ~alpha ~arm ~hppa ~amd64 ~ia64 ~s390 ~ppc64" +IUSE="ssl slp pam" + +DEP="virtual/libc + pam? ( >=sys-libs/pam-0.75 ) + ssl? ( >=dev-libs/openssl-0.9.6b ) + slp? ( >=net-libs/openslp-1.0.4 ) + >=media-libs/libpng-1.2.1 + >=media-libs/tiff-3.5.5 + >=media-libs/jpeg-6b" +DEPEND="${DEP} + >=sys-devel/autoconf-2.58" +RDEPEND="${DEP} + !virtual/lpr" +PROVIDE="virtual/lpr" + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${FILESDIR}/disable-strip.patch + epatch ${FILESDIR}/${P}-str633.patch + epatch ${FILESDIR}/${P}-zero-len-udp-dos.patch + epatch ${FILESDIR}/str920.patch + WANT_AUTOCONF=2.5 autoconf || die +} + +src_compile() { + filter-flags -fomit-frame-pointer + + local myconf + use amd64 && replace-flags -Os -O2 + use pam || myconf="${myconf} --disable-pam" + use ssl || myconf="${myconf} --disable-ssl" + use slp || myconf="${myconf} --disable-slp" + + ./configure \ + --with-cups-user=lp \ + --with-cups-group=lp \ + --host=${CHOST} ${myconf} || die "bad ./configure" + + make || die "compile problem" +} + +src_install() { + dodir /var/spool /var/log/cups /etc/cups + + make \ + LOCALEDIR=${D}/usr/share/locale \ + DOCDIR=${D}/usr/share/cups/docs \ + REQUESTS=${D}/var/spool/cups \ + SERVERBIN=${D}/usr/$(get_libdir)/cups \ + DATADIR=${D}/usr/share/cups \ + INCLUDEDIR=${D}/usr/include \ + AMANDIR=${D}/usr/share/man \ + PMANDIR=${D}/usr/share/man \ + MANDIR=${D}/usr/share/man \ + SERVERROOT=${D}/etc/cups \ + LOGDIR=${D}/var/log/cups \ + SBINDIR=${D}/usr/sbin \ + PAMDIR=${D}/etc/pam.d \ + EXEC_PREFIX=${D}/usr \ + LIBDIR=${D}/usr/$(get_libdir) \ + BINDIR=${D}/usr/bin \ + bindir=${D}/usr/bin \ + INITDIR=${D}/etc \ + PREFIX=${D} \ + install || die "install problem" + + dodoc {CHANGES,CREDITS,ENCRYPTION,LICENSE,README}.txt + dosym /usr/share/cups/docs /usr/share/doc/${PF}/html + + #seems nobody installs it like this anymore.. security risk? + #fowners lp.root /usr/bin/lppasswd + #fperms 4755 /usr/bin/lppasswd + + # cleanups + rm -rf ${D}/etc/init.d + rm -rf ${D}/etc/pam.d + rm -rf ${D}/etc/rc* + rm -rf ${D}/usr/share/man/cat* + rm -rf ${D}/etc/cups/{certs,interfaces,ppd} + rm -rf ${D}/var + + sed -i -e "s:^#\(DocumentRoot\).*:\1 /usr/share/cups/docs:" \ + -e "s:^#\(SystemGroup\).*:\1 lp:" \ + -e "s:^#\(User\).*:\1 lp:" \ + -e "s:^#\(Group\).*:\1 lp:" \ + ${D}/etc/cups/cupsd.conf + + insinto /etc/pam.d ; newins ${FILESDIR}/cups.pam cups + exeinto /etc/init.d ; newexe ${FILESDIR}/cupsd.rc6 cupsd + insinto /etc/xinetd.d ; newins ${FILESDIR}/cups.xinetd cups-lpd + + #insinto /etc/cups; newins ${FILESDIR}/cupsd.conf-1.1.18 cupsd.conf +} + +pkg_postinst() { + install -d -m0755 ${ROOT}/var/log/cups + install -d -m0755 ${ROOT}/var/spool + install -m0700 -o lp -d ${ROOT}/var/spool/cups + install -m1700 -o lp -d ${ROOT}/var/spool/cups/tmp + install -m0711 -o lp -d ${ROOT}/etc/cups/certs + install -d -m0755 ${ROOT}/etc/cups/{interfaces,ppd} + + einfo "If you're using a USB printer, \"emerge hotplug; rc-update add" + einfo "hotplug default\" is something you should probably do. This" + einfo "will allow any USB kernel modules (if present) to be loaded" + einfo "automatically at boot." +} diff --git a/net-print/cups/cups-1.1.21-r1.ebuild b/net-print/cups/cups-1.1.21-r1.ebuild new file mode 100644 index 000000000000..50bf65e14194 --- /dev/null +++ b/net-print/cups/cups-1.1.21-r1.ebuild @@ -0,0 +1,128 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.1.21-r1.ebuild,v 1.1 2004/10/06 13:17:28 lanius Exp $ + +inherit eutils flag-o-matic + +MY_P=${P/_/} + +DESCRIPTION="The Common Unix Printing System" +HOMEPAGE="http://www.cups.org/" +SRC_URI="ftp://ftp2.easysw.com/pub/cups/${PV}/${MY_P}-source.tar.bz2 ftp://ftp.easysw.com/pub/cups/${PV}/${MY_P}-source.tar.bz2 ftp://ftp.funet.fi/pub/mirrors/ftp.easysw.com/pub/cups/${PV}/${MY_P}-source.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~ppc ~sparc ~mips ~alpha ~arm ~hppa ~amd64 ~ia64 ~s390 ~ppc64" +IUSE="ssl slp pam samba" + +DEP="virtual/libc + pam? ( >=sys-libs/pam-0.75 ) + ssl? ( >=dev-libs/openssl-0.9.6b ) + slp? ( >=net-libs/openslp-1.0.4 ) + >=media-libs/libpng-1.2.1 + >=media-libs/tiff-3.5.5 + >=media-libs/jpeg-6b" +DEPEND="${DEP} + >=sys-devel/autoconf-2.58" +RDEPEND="${DEP} + !virtual/lpr + samba? ( net-fs/samba )" +PROVIDE="virtual/lpr" + +S=${WORKDIR}/${MY_P} + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${FILESDIR}/disable-strip.patch + epatch ${FILESDIR}/str920.patch + WANT_AUTOCONF=2.5 autoconf || die +} + +src_compile() { + filter-flags -fomit-frame-pointer + + local myconf + use amd64 && replace-flags -Os -O2 + use pam || myconf="${myconf} --disable-pam" + use ssl || myconf="${myconf} --disable-ssl" + use slp || myconf="${myconf} --disable-slp" + + ./configure \ + --with-cups-user=lp \ + --with-cups-group=lp \ + --host=${CHOST} ${myconf} || die "bad ./configure" + + make || die "compile problem" +} + +src_install() { + dodir /var/spool /var/log/cups /etc/cups + + make \ + LOCALEDIR=${D}/usr/share/locale \ + DOCDIR=${D}/usr/share/cups/docs \ + REQUESTS=${D}/var/spool/cups \ + SERVERBIN=${D}/usr/$(get_libdir)/cups \ + DATADIR=${D}/usr/share/cups \ + INCLUDEDIR=${D}/usr/include \ + AMANDIR=${D}/usr/share/man \ + PMANDIR=${D}/usr/share/man \ + MANDIR=${D}/usr/share/man \ + SERVERROOT=${D}/etc/cups \ + LOGDIR=${D}/var/log/cups \ + SBINDIR=${D}/usr/sbin \ + PAMDIR=${D}/etc/pam.d \ + EXEC_PREFIX=${D}/usr \ + LIBDIR=${D}/usr/$(get_libdir) \ + BINDIR=${D}/usr/bin \ + bindir=${D}/usr/bin \ + INITDIR=${D}/etc \ + PREFIX=${D} \ + install || die "install problem" + + dodoc {CHANGES,CREDITS,ENCRYPTION,LICENSE,README}.txt + dosym /usr/share/cups/docs /usr/share/doc/${PF}/html + + #seems nobody installs it like this anymore.. security risk? + #fowners lp.root /usr/bin/lppasswd + #fperms 4755 /usr/bin/lppasswd + + # cleanups + rm -rf ${D}/etc/init.d + rm -rf ${D}/etc/pam.d + rm -rf ${D}/etc/rc* + rm -rf ${D}/usr/share/man/cat* + rm -rf ${D}/etc/cups/{certs,interfaces,ppd} + rm -rf ${D}/var + + sed -i -e "s:^#\(DocumentRoot\).*:\1 /usr/share/cups/docs:" \ + -e "s:^#\(SystemGroup\).*:\1 lp:" \ + -e "s:^#\(User\).*:\1 lp:" \ + -e "s:^#\(Group\).*:\1 lp:" \ + ${D}/etc/cups/cupsd.conf + + insinto /etc/pam.d ; newins ${FILESDIR}/cups.pam cups + exeinto /etc/init.d ; newexe ${FILESDIR}/cupsd.rc6 cupsd + insinto /etc/xinetd.d ; newins ${FILESDIR}/cups.xinetd cups-lpd + + #insinto /etc/cups; newins ${FILESDIR}/cupsd.conf-1.1.18 cupsd.conf + + # allow raw printing + sed -i -e "s:#application/octet-stream:application/octet-stream" ${D}/etc/cups/mime.types + sed -i -e "s:#application/octet-stream:application/octet-stream" ${D}/etc/cups/mime.conv +} + +pkg_postinst() { + install -d -m0755 ${ROOT}/var/log/cups + install -d -m0755 ${ROOT}/var/spool + install -m0700 -o lp -d ${ROOT}/var/spool/cups + install -m1700 -o lp -d ${ROOT}/var/spool/cups/tmp + install -m0711 -o lp -d ${ROOT}/etc/cups/certs + install -d -m0755 ${ROOT}/etc/cups/{interfaces,ppd} + + einfo "If you're using a USB printer, \"emerge hotplug; rc-update add" + einfo "hotplug default\" is something you should probably do. This" + einfo "will allow any USB kernel modules (if present) to be loaded" + einfo "automatically at boot." +} diff --git a/net-print/cups/files/digest-cups-1.1.20-r3 b/net-print/cups/files/digest-cups-1.1.20-r3 new file mode 100644 index 000000000000..002ebb34be36 --- /dev/null +++ b/net-print/cups/files/digest-cups-1.1.20-r3 @@ -0,0 +1 @@ +MD5 09d0be2bad1b0617bc0eba6eef81f6e9 cups-1.1.20-source.tar.bz2 3741510 diff --git a/net-print/cups/files/digest-cups-1.1.21-r1 b/net-print/cups/files/digest-cups-1.1.21-r1 new file mode 100644 index 000000000000..71015b6895ef --- /dev/null +++ b/net-print/cups/files/digest-cups-1.1.21-r1 @@ -0,0 +1 @@ +MD5 54e9b0d9c0bdb45b956f88c14793ef65 cups-1.1.21-source.tar.bz2 8549181 diff --git a/net-print/cups/files/str920.patch b/net-print/cups/files/str920.patch new file mode 100644 index 000000000000..27a3f12c5b5c --- /dev/null +++ b/net-print/cups/files/str920.patch @@ -0,0 +1,181 @@ +Index: ipp.c +=================================================================== +RCS file: /development/cvs/cups/scheduler/ipp.c,v +retrieving revision 1.233 +diff -u -r1.233 ipp.c +--- scheduler/ipp.c 23 Aug 2004 18:36:50 -0000 1.233 ++++ scheduler/ipp.c 4 Oct 2004 20:19:17 -0000 +@@ -1222,7 +1222,9 @@ + } + + LogMessage(L_INFO, "Setting %s device-uri to \"%s\" (was \"%s\".)", +- printer->name, attr->values[0].string.text, printer->device_uri); ++ printer->name, ++ cupsdSanitizeURI(attr->values[0].string.text, line, sizeof(line)), ++ cupsdSanitizeURI(printer->device_uri, resource, sizeof(resource))); + + SetString(&printer->device_uri, attr->values[0].string.text); + } +Index: job.c +=================================================================== +RCS file: /development/cvs/cups/scheduler/job.c,v +retrieving revision 1.231 +diff -u -r1.231 job.c +--- scheduler/job.c 4 Oct 2004 19:40:35 -0000 1.231 ++++ scheduler/job.c 4 Oct 2004 20:19:17 -0000 +@@ -1202,6 +1202,7 @@ + classification[1024], /* CLASSIFICATION environment variable */ + content_type[1024], /* CONTENT_TYPE environment variable */ + device_uri[1024], /* DEVICE_URI environment variable */ ++ sani_uri[1024], /* Sanitized DEVICE_URI env var */ + ppd[1024], /* PPD environment variable */ + class_name[255], /* CLASS environment variable */ + printer_name[255], /* PRINTER environment variable */ +@@ -1803,7 +1804,12 @@ + envp[envc] = NULL; + + for (i = 0; i < envc; i ++) +- LogMessage(L_DEBUG, "StartJob: envp[%d]=\"%s\"", i, envp[i]); ++ if (strncmp(envp[i], "DEVICE_URI=", 11)) ++ LogMessage(L_DEBUG, "StartJob: envp[%d]=\"%s\"", i, envp[i]); ++ else ++ LogMessage(L_DEBUG, "StartJob: envp[%d]=\"DEVICE_URI=%s\"", i, ++ cupsdSanitizeURI(printer->device_uri, sani_uri, ++ sizeof(sani_uri))); + + current->current_file ++; + +Index: printers.c +=================================================================== +RCS file: /development/cvs/cups/scheduler/printers.c,v +retrieving revision 1.164 +diff -u -r1.164 printers.c +--- scheduler/printers.c 4 Oct 2004 19:40:35 -0000 1.164 ++++ scheduler/printers.c 4 Oct 2004 20:19:17 -0000 +@@ -43,6 +43,7 @@ + * ValidateDest() - Validate a printer/class destination. + * WritePrintcap() - Write a pseudo-printcap file for older + * applications that need it... ++ * cupsdSanitizeURI() - Sanitize a device URI... + * write_irix_config() - Update the config files used by the IRIX + * desktop tools. + * write_irix_state() - Update the status files used by IRIX printing +@@ -1150,11 +1151,7 @@ + SetPrinterAttrs(printer_t *p) /* I - Printer to setup */ + { + char uri[HTTP_MAX_URI]; /* URI for printer */ +- char method[HTTP_MAX_URI], /* Method portion of URI */ +- username[HTTP_MAX_URI], /* Username portion of URI */ +- host[HTTP_MAX_URI], /* Host portion of URI */ +- resource[HTTP_MAX_URI]; /* Resource portion of URI */ +- int port; /* Port portion of URI */ ++ char resource[HTTP_MAX_URI]; /* Resource portion of URI */ + int i; /* Looping var */ + char filename[1024]; /* Name of PPD file */ + int num_media; /* Number of media options */ +@@ -1360,12 +1357,7 @@ + * http://..., ipp://..., etc. + */ + +- httpSeparate(p->device_uri, method, username, host, &port, resource); +- if (port) +- snprintf(uri, sizeof(uri), "%s://%s:%d%s", method, host, port, +- resource); +- else +- snprintf(uri, sizeof(uri), "%s://%s%s", method, host, resource); ++ cupsdSanitizeURI(p->device_uri, uri, sizeof(uri)); + } + else + { +@@ -2172,6 +2164,74 @@ + */ + + cupsFileClose(fp); ++} ++ ++ ++/* ++ * 'cupsdSanitizeURI()' - Sanitize a device URI... ++ */ ++ ++char * /* O - New device URI */ ++cupsdSanitizeURI(const char *uri, /* I - Original device URI */ ++ char *buffer, /* O - New device URI */ ++ int buflen) /* I - Size of new device URI buffer */ ++{ ++ char *start, /* Start of data after scheme */ ++ *slash, /* First slash after scheme:// */ ++ *ptr; /* Pointer into user@host:port part */ ++ ++ ++ /* ++ * Range check input... ++ */ ++ ++ if (!uri || !buffer || buflen < 2) ++ return (NULL); ++ ++ /* ++ * Copy the device URI to the new buffer... ++ */ ++ ++ strlcpy(buffer, uri, buflen); ++ ++ /* ++ * Find the end of the scheme:// part... ++ */ ++ ++ if ((ptr = strchr(buffer, ':')) == NULL) ++ return (buffer); /* No scheme: part... */ ++ ++ for (start = ptr + 1; *start; start ++) ++ if (*start != '/') ++ break; ++ ++ /* ++ * Find the next slash (/) in the URI... ++ */ ++ ++ if ((slash = strchr(start, '/')) == NULL) ++ slash = start + strlen(start); /* No slash, point to the end */ ++ ++ /* ++ * Check for an @ sign before the slash... ++ */ ++ ++ if ((ptr = strchr(start, '@')) != NULL && ptr < slash) ++ { ++ /* ++ * Found an @ sign and it is before the resource part, so we have ++ * an authentication string. Copy the remaining URI over the ++ * authentication string... ++ */ ++ ++ cups_strcpy(start, ptr + 1); ++ } ++ ++ /* ++ * Return the new device URI... ++ */ ++ ++ return (buffer); + } + + +Index: printers.h +=================================================================== +RCS file: /development/cvs/cups/scheduler/printers.h,v +retrieving revision 1.39 +diff -u -r1.39 printers.h +--- scheduler/printers.h 23 Aug 2004 18:00:59 -0000 1.39 ++++ pscheduler/rinters.h 4 Oct 2004 20:19:17 -0000 +@@ -126,6 +126,9 @@ + cups_ptype_t *dtype); + extern void WritePrintcap(void); + ++extern char *cupsdSanitizeURI(const char *uri, char *buffer, ++ int buflen); ++ + + /* + * End of "$Id: str920.patch,v 1.1 2004/10/06 13:17:28 lanius Exp $". |