[Pkg-cups-devel] Bug#588150: cups no longer works with http: HTTP/1.1 426 Upgrade Required + server DoS

[Vincent Lefevre]

Package: cups
Version: 1.4.4-1
Severity: grave

[I'm setting the severity to "grave" mainly because cups does more
than 100 HTTP posts per second to the remote server, and this is
really bad because the server is shared amongst many users.]

While cups 1.4.3-1 works fine (I could check by downgrading to this
version), cups 1.4.4-1 no longer works with http. A strace shows
errors like:

16:07:02 sendto(3, "POST / HTTP/1.1\r\nContent-Length:"..., 153, 0, NULL, 0) = 153
16:07:02 sendto(3, "\1\1@\2\0\0\0\1\1G\0\22attributes-charset\0\5"..., 636, 0, NULL, 0) = 636
16:07:02 poll([{fd=3, events=POLLIN}], 1, 1000) = 1 ([{fd=3, revents=POLLIN|POLLERR}])
16:07:02 recvfrom(3, "HTTP/1.1 426 Upgrade Required\r\nD"..., 2048, 0, NULL, NULL) = 787
16:07:02 close(3)                       = 0

with commands such as lpq, lpr, lpstat.

Sometimes there are lots of such errors. For instance, a

  strace -t lpstat

shows 3868 such errors after 30 seconds (see attached strace output,
compressed with xz). Sometimes the connection freezes. For instance:

16:07:02 socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3
16:07:02 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
16:07:02 setsockopt(3, SOL_TCP, TCP_NODELAY, [1], 4) = 0
16:07:02 fcntl(3, F_SETFD, FD_CLOEXEC)  = 0
16:07:02 connect(3, {sa_family=AF_INET, sin_port=htons(631), sin_addr=inet_addr("140.77.14.157")}, 16) = ? ERESTARTSYS (To be restarted)
16:07:13 --- SIGINT (Interrupt) @ 0 (0) ---
16:07:13 +++ killed by SIGINT +++

Perhaps the server didn't like all the requests that were done
previously.

The only parameter in /etc/cups/client.conf is a ServerName line
with the server name.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash

Versions of packages cups depends on:
ii  adduser                 3.112            add and remove users and groups
ii  bc                      1.06.95-2        The GNU bc arbitrary precision cal
ii  cups-client             1.4.4-1          Common UNIX Printing System(tm) - 
ii  cups-common             1.4.4-1          Common UNIX Printing System(tm) - 
ii  debconf [debconf-2.0]   1.5.32           Debian configuration management sy
ii  ghostscript             8.70~dfsg-2.1    The GPL Ghostscript PostScript/PDF
ii  libavahi-client3        0.6.25-4         Avahi client library
ii  libavahi-common3        0.6.25-4         Avahi common library
ii  libc6                   2.11.2-2         Embedded GNU C Library: Shared lib
ii  libcups2                1.4.4-1          Common UNIX Printing System(tm) - 
ii  libcupscgi1             1.4.4-1          Common UNIX Printing System(tm) - 
ii  libcupsdriver1          1.4.4-1          Common UNIX Printing System(tm) - 
ii  libcupsimage2           1.4.4-1          Common UNIX Printing System(tm) - 
ii  libcupsmime1            1.4.4-1          Common UNIX Printing System(tm) - 
ii  libcupsppdc1            1.4.4-1          Common UNIX Printing System(tm) - 
ii  libdbus-1-3             1.2.24-1         simple interprocess messaging syst
ii  libgcc1                 1:4.4.4-6        GCC support library
ii  libgssapi-krb5-2        1.8.1+dfsg-5     MIT Kerberos runtime libraries - k
ii  libijs-0.35             0.35-7           IJS raster image transport protoco
ii  libkrb5-3               1.8.1+dfsg-5     MIT Kerberos runtime libraries
ii  libldap-2.4-2           2.4.21-1         OpenLDAP libraries
ii  libpam0g                1.1.1-3          Pluggable Authentication Modules l
ii  libpaper1               1.1.24           library for handling paper charact
ii  libpoppler5             0.12.4-1         PDF rendering library
ii  libslp1                 1.2.1-7.7        OpenSLP libraries
ii  libstdc++6              4.4.4-6          The GNU Standard C++ Library v3
ii  libusb-0.1-4            2:0.1.12-15      userspace USB programming library
ii  lsb-base                3.2-23.1         Linux Standard Base 3.2 init scrip
ii  perl-modules            5.10.1-13        Core Perl modules
ii  poppler-utils           0.12.4-1         PDF utilitites (based on libpopple
ii  procps                  1:3.2.8-9        /proc file system utilities
ii  ssl-cert                1.0.25           simple debconf wrapper for OpenSSL
ii  ttf-freefont            20090104-7       Freefont Serif, Sans and Mono True
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

Versions of packages cups recommends:
ii  cups-driver-gutenprint    5.2.5-1        printer drivers for CUPS
ii  foomatic-filters          4.0-20090509-1 OpenPrinting printer support - fil
ii  ghostscript-cups          8.70~dfsg-2.1  The GPL Ghostscript PostScript/PDF

Versions of packages cups suggests:
ii  cups-bsd                      1.4.4-1    Common UNIX Printing System(tm) - 
pn  cups-pdf                      <none>     (no description available)
pn  cups-ppdc                     <none>     (no description available)
ii  foomatic-db                   20100630-1 OpenPrinting printer support - dat
ii  foomatic-db-engine            4.0.4-1    OpenPrinting printer support - pro
ii  hplip                         3.10.5-4   HP Linux Printing and Imaging Syst
pn  smbclient                     <none>     (no description available)
ii  udev                          158-1      /dev/ and hotplug management daemo
pn  xpdf-korean | xpdf-japanese | <none>     (no description available)

-- debconf information:
  cupsys/raw-print: true
  cupsys/backend: ipp, lpd, parallel, scsi, serial, socket, usb, snmp, dnssd
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lpstat-strace.xz
Type: application/octet-stream
Size: 4848 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-cups-devel/attachments/20100705/ff482fd3/attachment-0001.obj>