[Pkg-cups-devel] Bug#506702: NMU

Bastian Blank waldi at debian.org
Tue Jan 13 16:01:22 UTC 2009 

Hi folks

I intend to NMU cups for this problem now. It makes it impossible to add
or change printers using a Gecko-based browser.

Diff attached.

Bastian

-- 
Worlds are conquered, galaxies destroyed -- but a woman is always a woman.
		-- Kirk, "The Conscience of the King", stardate 2818.9
-------------- next part --------------
diff -u cups-1.3.9/debian/changelog cups-1.3.9/debian/changelog
--- cups-1.3.9/debian/changelog
+++ cups-1.3.9/debian/changelog
@@ -1,3 +1,11 @@
+cups (1.3.9-11.1) UNRELEASED; urgency=low
+
+  * Non-maintainer upload.
+  * Apply upstream patch to fix client request loop for large request over
+    SSL. (closes: #506702)
+
+ -- Bastian Blank <waldi at debian.org>  Tue, 13 Jan 2009 16:36:16 +0100
+
 cups (1.3.9-11) experimental; urgency=low
 
   * debian/local/filters/cpdftocps: Fixed the fix for the number of copies.
diff -u cups-1.3.9/debian/patches/00list cups-1.3.9/debian/patches/00list
--- cups-1.3.9/debian/patches/00list
+++ cups-1.3.9/debian/patches/00list
@@ -10,6 +10,7 @@
 hpgl-regression.dpatch
 runloop-backchannel-eof-spin.dpatch
 png-image-int-overflow.dpatch
+client-ssl-hang.patch
 
 # patches sent upstream
 removecvstag.dpatch
only in patch2:
unchanged:
--- cups-1.3.9.orig/debian/patches/client-ssl-hang.patch
+++ cups-1.3.9/debian/patches/client-ssl-hang.patch
@@ -0,0 +1,92 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+##
+## DP: Fix client loop for SSL connections.
+
+Index: scheduler/client.c
+===================================================================
+--- scheduler/client.c	(revision 7820)
++++ scheduler/client.c	(working copy)
+@@ -28,6 +28,7 @@
+  *   cupsdUpdateCGI()        - Read status messages from CGI scripts and programs.
+  *   cupsdWriteClient()      - Write data to a client as needed.
+  *   check_if_modified()     - Decode an "If-Modified-Since" line.
++ *   data_ready()            - Check whether data is available from a client.
+  *   encrypt_client()        - Enable encryption for the client...
+  *   get_cdsa_certificate()  - Convert a keychain name into the CFArrayRef
+  *			       required by SSLSetCertificate.
+@@ -83,6 +84,7 @@
+ 
+ static int		check_if_modified(cupsd_client_t *con,
+ 			                  struct stat *filestats);
++static int		data_ready(cupsd_client_t *con);
+ #ifdef HAVE_SSL
+ static int		encrypt_client(cupsd_client_t *con);
+ #endif /* HAVE_SSL */
+@@ -989,8 +991,7 @@
+ 	*/
+ 
+         while ((status = httpUpdate(HTTP(con))) == HTTP_CONTINUE)
+-	  if (con->http.used == 0 ||
+-	      !memchr(con->http.buffer, '\n', con->http.used))
++	  if (!data_ready(con))
+ 	    break;
+ 
+ 	if (status != HTTP_OK && status != HTTP_CONTINUE)
+@@ -1889,7 +1890,7 @@
+ 	    }
+ 	  }
+         }
+-	while (con->http.state == HTTP_PUT_RECV && con->http.used > 0);
++	while (con->http.state == HTTP_PUT_RECV && data_ready(con));
+ 
+         if (con->http.state == HTTP_WAITING)
+ 	{
+@@ -2064,7 +2065,7 @@
+ 	    }
+ 	  }
+         }
+-	while (con->http.state == HTTP_POST_RECV && con->http.used > 0);
++	while (con->http.state == HTTP_POST_RECV && data_ready(con));
+ 
+ 	if (con->http.state == HTTP_POST_SEND)
+ 	{
+@@ -2914,7 +2915,39 @@
+ }
+ 
+ 
++/*
++ * 'data_ready()' - Check whether data is available from a client.
++ */
++
++static int				/* O - 1 if data is ready, 0 otherwise */
++data_ready(cupsd_client_t *con)		/* I - Client */
++{
++  if (con->http.used > 0)
++    return (1);
+ #ifdef HAVE_SSL
++  else if (con->http.tls)
++  {
++#  ifdef HAVE_LIBSSL
++    if (SSL_pending((SSL *)(con->http.tls)))
++      return (1);
++#  elif defined(HAVE_GNUTLS)
++    if (gnutls_record_check_pending(((http_tls_t *)(con->http.tls))->session))
++      return (1);
++#  elif defined(HAVE_CDSASSL)
++    size_t bytes;			/* Bytes that are available */
++
++    if (!SSLGetBufferedReadSize(((http_tls_t *)(con->http.tls))->session,
++                                &bytes) && bytes > 0)
++      return (1);
++#  endif /* HAVE_LIBSSL */
++  }
++#endif /* HAVE_SSL */
++
++  return (0);
++}
++
++
++#ifdef HAVE_SSL
+ /*
+  * 'encrypt_client()' - Enable encryption for the client...
+  */
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-cups-devel/attachments/20090113/a4c5e242/attachment.pgp

More information about the Pkg-cups-devel mailing list