From 47c00b71743c110cdab26b31cf4c4430f6b22d19413c68b1bb3809558a129d74 Mon Sep 17 00:00:00 2001 From: Johannes Meixner Date: Tue, 20 Dec 2011 09:35:50 +0000 Subject: [PATCH] Accepting request 96966 from home:elvigia:branches:Printing - Update systemd patch, Bind to datagram socket as well in systemd cups.socket unit file, to prevent that port being stolen by another service (from RH). - There is no need to use -fno-strict-aliasing in cflags any longer. OBS-URL: https://build.opensuse.org/request/show/96966 OBS-URL: https://build.opensuse.org/package/show/Printing/cups?expand=0&rev=231 --- ...emd-socket-activation-and-unit-files.patch | 225 ++++++++++++++---- cups.changes | 8 + cups.spec | 6 +- 3 files changed, 185 insertions(+), 54 deletions(-) diff --git a/cups-0001-systemd-add-systemd-socket-activation-and-unit-files.patch b/cups-0001-systemd-add-systemd-socket-activation-and-unit-files.patch index 3f1875d..974b9b7 100644 --- a/cups-0001-systemd-add-systemd-socket-activation-and-unit-files.patch +++ b/cups-0001-systemd-add-systemd-socket-activation-and-unit-files.patch @@ -1,7 +1,6 @@ -diff -up cups-1.5.0/config.h.in.systemd-socket cups-1.5.0/config.h.in ---- cups-1.5.0/config.h.in.systemd-socket 2011-10-18 15:32:40.741672460 +0100 -+++ cups-1.5.0/config.h.in 2011-10-18 15:32:40.843670530 +0100 -@@ -503,6 +503,13 @@ +--- config.h.in.orig ++++ config.h.in +@@ -496,6 +496,13 @@ /* @@ -15,9 +14,8 @@ diff -up cups-1.5.0/config.h.in.systemd-socket cups-1.5.0/config.h.in * Various scripting languages... */ -diff -up cups-1.5.0/config-scripts/cups-systemd.m4.systemd-socket cups-1.5.0/config-scripts/cups-systemd.m4 ---- cups-1.5.0/config-scripts/cups-systemd.m4.systemd-socket 2011-10-18 15:32:40.844670511 +0100 -+++ cups-1.5.0/config-scripts/cups-systemd.m4 2011-10-18 15:33:16.861989058 +0100 +--- /dev/null ++++ config-scripts/cups-systemd.m4 @@ -0,0 +1,36 @@ +dnl +dnl "$Id$" @@ -55,9 +53,8 @@ diff -up cups-1.5.0/config-scripts/cups-systemd.m4.systemd-socket cups-1.5.0/con +dnl +dnl "$Id$" +dnl -diff -up cups-1.5.0/configure.in.systemd-socket cups-1.5.0/configure.in ---- cups-1.5.0/configure.in.systemd-socket 2010-11-20 01:03:46.000000000 +0000 -+++ cups-1.5.0/configure.in 2011-10-18 15:32:40.844670511 +0100 +--- configure.in.orig ++++ configure.in @@ -37,6 +37,7 @@ sinclude(config-scripts/cups-pam.m4) sinclude(config-scripts/cups-largefile.m4) sinclude(config-scripts/cups-dnssd.m4) @@ -76,10 +73,9 @@ diff -up cups-1.5.0/configure.in.systemd-socket cups-1.5.0/configure.in desktop/cups.desktop doc/help/ref-cupsd-conf.html doc/help/standard.html -diff -up cups-1.5.0/cups/usersys.c.systemd-socket cups-1.5.0/cups/usersys.c ---- cups-1.5.0/cups/usersys.c.systemd-socket 2011-10-18 15:32:40.645674277 +0100 -+++ cups-1.5.0/cups/usersys.c 2011-10-18 15:32:40.845670492 +0100 -@@ -770,7 +770,7 @@ cups_read_client_conf( +--- cups/usersys.c.orig ++++ cups/usersys.c +@@ -750,7 +750,7 @@ cups_read_client_conf( struct stat sockinfo; /* Domain socket information */ if (!stat(CUPS_DEFAULT_DOMAINSOCKET, &sockinfo) && @@ -88,9 +84,8 @@ diff -up cups-1.5.0/cups/usersys.c.systemd-socket cups-1.5.0/cups/usersys.c cups_server = CUPS_DEFAULT_DOMAINSOCKET; else #endif /* CUPS_DEFAULT_DOMAINSOCKET */ -diff -up cups-1.5.0/data/cups.path.in.systemd-socket cups-1.5.0/data/cups.path.in ---- cups-1.5.0/data/cups.path.in.systemd-socket 2011-10-18 15:32:40.846670473 +0100 -+++ cups-1.5.0/data/cups.path.in 2011-10-18 15:32:40.846670473 +0100 +--- /dev/null ++++ data/cups.path.in @@ -0,0 +1,8 @@ +[Unit] +Description=CUPS Printer Service Spool @@ -100,9 +95,8 @@ diff -up cups-1.5.0/data/cups.path.in.systemd-socket cups-1.5.0/data/cups.path.i + +[Install] +WantedBy=multi-user.target -diff -up cups-1.5.0/data/cups.service.in.systemd-socket cups-1.5.0/data/cups.service.in ---- cups-1.5.0/data/cups.service.in.systemd-socket 2011-10-18 15:32:40.846670473 +0100 -+++ cups-1.5.0/data/cups.service.in 2011-10-18 15:32:40.846670473 +0100 +--- /dev/null ++++ data/cups.service.in @@ -0,0 +1,9 @@ +[Unit] +Description=CUPS Printing Service @@ -113,23 +107,22 @@ diff -up cups-1.5.0/data/cups.service.in.systemd-socket cups-1.5.0/data/cups.ser +[Install] +Also=cups.socket cups.path +WantedBy=printer.target -diff -up cups-1.5.0/data/cups.socket.in.systemd-socket cups-1.5.0/data/cups.socket.in ---- cups-1.5.0/data/cups.socket.in.systemd-socket 2011-10-18 15:32:40.847670454 +0100 -+++ cups-1.5.0/data/cups.socket.in 2011-10-18 15:32:40.847670454 +0100 -@@ -0,0 +1,10 @@ +--- /dev/null ++++ data/cups.socket.in +@@ -0,0 +1,11 @@ +[Unit] +Description=CUPS Printing Service Sockets + +[Socket] +ListenStream=@CUPS_DEFAULT_DOMAINSOCKET@ +ListenStream=631 ++ListenDatagram=0.0.0.0:631 +BindIPv6Only=ipv6-only + +[Install] +WantedBy=sockets.target -diff -up cups-1.5.0/data/Makefile.systemd-socket cups-1.5.0/data/Makefile ---- cups-1.5.0/data/Makefile.systemd-socket 2011-05-12 06:21:56.000000000 +0100 -+++ cups-1.5.0/data/Makefile 2011-10-18 15:32:40.847670454 +0100 +--- data/Makefile.orig ++++ data/Makefile @@ -112,6 +112,12 @@ install-data: $(INSTALL_DATA) $$file $(DATADIR)/ppdc; \ done @@ -153,9 +146,8 @@ diff -up cups-1.5.0/data/Makefile.systemd-socket cups-1.5.0/data/Makefile # -diff -up cups-1.5.0/Makedefs.in.systemd-socket cups-1.5.0/Makedefs.in ---- cups-1.5.0/Makedefs.in.systemd-socket 2011-10-18 15:32:40.719672876 +0100 -+++ cups-1.5.0/Makedefs.in 2011-10-18 15:32:40.848670435 +0100 +--- Makedefs.in.orig ++++ Makedefs.in @@ -143,6 +143,7 @@ CXXFLAGS = @CPPFLAGS@ @CXXFLAGS@ CXXLIBS = @CXXLIBS@ DBUS_NOTIFIER = @DBUS_NOTIFIER@ @@ -180,9 +172,8 @@ diff -up cups-1.5.0/Makedefs.in.systemd-socket cups-1.5.0/Makedefs.in # -diff -up cups-1.5.0/scheduler/client.h.systemd-socket cups-1.5.0/scheduler/client.h ---- cups-1.5.0/scheduler/client.h.systemd-socket 2011-03-25 21:25:38.000000000 +0000 -+++ cups-1.5.0/scheduler/client.h 2011-10-18 15:32:40.848670435 +0100 +--- scheduler/client.h.orig ++++ scheduler/client.h @@ -75,6 +75,9 @@ typedef struct int fd; /* File descriptor for this server */ http_addr_t address; /* Bind address of socket */ @@ -193,9 +184,96 @@ diff -up cups-1.5.0/scheduler/client.h.systemd-socket cups-1.5.0/scheduler/clien } cupsd_listener_t; -diff -up cups-1.5.0/scheduler/listen.c.systemd-socket cups-1.5.0/scheduler/listen.c ---- cups-1.5.0/scheduler/listen.c.systemd-socket 2011-04-16 00:38:13.000000000 +0100 -+++ cups-1.5.0/scheduler/listen.c 2011-10-18 15:32:40.849670416 +0100 +--- scheduler/dirsvc.c.orig ++++ scheduler/dirsvc.c +@@ -1457,7 +1457,7 @@ cupsdStartBrowsing(void) + } + } + +- if (BrowseSocket >= 0) ++ if (BrowseSocket >= 0 && !BrowseSocketIsSystemd) + { + /* + * Bind the socket to browse port... +@@ -1501,13 +1501,17 @@ cupsdStartBrowsing(void) + cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to set broadcast mode - %s.", + strerror(errno)); + ++ if (!BrowseSocketIsSystemd) ++ { + #ifdef WIN32 +- closesocket(BrowseSocket); ++ closesocket(BrowseSocket); + #else +- close(BrowseSocket); ++ close(BrowseSocket); + #endif /* WIN32 */ + +- BrowseSocket = -1; ++ BrowseSocket = -1; ++ } ++ + BrowseLocalProtocols &= ~BROWSE_CUPS; + BrowseRemoteProtocols &= ~BROWSE_CUPS; + +@@ -1820,15 +1824,22 @@ cupsdStopBrowsing(void) + if (((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_CUPS) && + BrowseSocket >= 0) + { +- /* +- * Close the socket and remove it from the input selection set. +- */ ++ if (!BrowseSocketIsSystemd) ++ { ++ /* ++ * Close the socket. ++ */ + + #ifdef WIN32 +- closesocket(BrowseSocket); ++ closesocket(BrowseSocket); + #else +- close(BrowseSocket); ++ close(BrowseSocket); + #endif /* WIN32 */ ++ } ++ ++ /* ++ * Remove it from the input selection set. ++ */ + + cupsdRemoveSelect(BrowseSocket); + BrowseSocket = -1; +@@ -5146,11 +5157,14 @@ update_cups_browse(void) + strerror(errno)); + cupsdLogMessage(CUPSD_LOG_ERROR, "CUPS browsing turned off."); + ++ if (!BrowseSocketIsSystemd) ++ { + #ifdef WIN32 +- closesocket(BrowseSocket); ++ closesocket(BrowseSocket); + #else +- close(BrowseSocket); ++ close(BrowseSocket); + #endif /* WIN32 */ ++ } + + cupsdRemoveSelect(BrowseSocket); + BrowseSocket = -1; +--- scheduler/dirsvc.h.orig ++++ scheduler/dirsvc.h +@@ -96,6 +96,8 @@ VAR int Browsing VALUE(TRUE), + /* Short names for remote printers? */ + BrowseSocket VALUE(-1), + /* Socket for browsing */ ++ BrowseSocketIsSystemd VALUE(0), ++ /* BrowseSocket is systemd-provided? */ + BrowsePort VALUE(IPP_PORT), + /* Port number for broadcasts */ + BrowseInterval VALUE(DEFAULT_INTERVAL), +--- scheduler/listen.c.orig ++++ scheduler/listen.c @@ -401,7 +401,11 @@ cupsdStopListening(void) lis; lis = (cupsd_listener_t *)cupsArrayNext(Listeners)) @@ -209,9 +287,8 @@ diff -up cups-1.5.0/scheduler/listen.c.systemd-socket cups-1.5.0/scheduler/liste { #ifdef WIN32 closesocket(lis->fd); -diff -up cups-1.5.0/scheduler/main.c.systemd-socket cups-1.5.0/scheduler/main.c ---- cups-1.5.0/scheduler/main.c.systemd-socket 2011-10-18 15:32:40.802671306 +0100 -+++ cups-1.5.0/scheduler/main.c 2011-10-18 15:32:40.851670379 +0100 +--- scheduler/main.c.orig ++++ scheduler/main.c @@ -26,6 +26,8 @@ * launchd_checkin() - Check-in with launchd and collect the listening * fds. @@ -242,7 +319,7 @@ diff -up cups-1.5.0/scheduler/main.c.systemd-socket cups-1.5.0/scheduler/main.c static void parent_handler(int sig); static void process_children(void); static void sigchld_handler(int sig); -@@ -537,6 +546,13 @@ main(int argc, /* I - Number of comm +@@ -519,6 +528,13 @@ main(int argc, /* I - Number of comm } #endif /* HAVE_LAUNCHD */ @@ -256,7 +333,7 @@ diff -up cups-1.5.0/scheduler/main.c.systemd-socket cups-1.5.0/scheduler/main.c /* * Startup the server... */ -@@ -759,6 +775,15 @@ main(int argc, /* I - Number of comm +@@ -730,6 +746,15 @@ main(int argc, /* I - Number of comm } #endif /* HAVE_LAUNCHD */ @@ -272,7 +349,7 @@ diff -up cups-1.5.0/scheduler/main.c.systemd-socket cups-1.5.0/scheduler/main.c /* * Startup the server... */ -@@ -1584,6 +1609,100 @@ launchd_checkout(void) +@@ -1535,6 +1560,147 @@ launchd_checkout(void) } #endif /* HAVE_LAUNCHD */ @@ -304,14 +381,61 @@ diff -up cups-1.5.0/scheduler/main.c.systemd-socket cups-1.5.0/scheduler/main.c + char s[256]; + + r = sd_is_socket(fd, AF_UNSPEC, SOCK_STREAM, 1); -+ if (r < 0) { ++ if (r < 0) ++ { + cupsdLogMessage(CUPSD_LOG_ERROR, + "systemd_checkin: Unable to verify socket type - %s", + strerror(-r)); + continue; + } + -+ if (!r) { ++ if (!r) ++ { ++ cupsdLogMessage(CUPSD_LOG_ERROR, ++ "Browsing=%d", Browsing); ++ cupsdLogMessage(CUPSD_LOG_ERROR, ++ "BrowseLocalProtocols=%x", BrowseLocalProtocols); ++ cupsdLogMessage(CUPSD_LOG_ERROR, ++ "BrowseRemoteProtocols=%x", BrowseRemoteProtocols); ++ cupsdLogMessage(CUPSD_LOG_ERROR, ++ "BROWSE_CUPS=%x", BROWSE_CUPS); ++ if (Browsing && ++ ((BrowseLocalProtocols | BrowseRemoteProtocols) & BROWSE_CUPS)) ++ { ++ r = sd_is_socket(fd, AF_UNSPEC, SOCK_DGRAM, 0); ++ if (r < 0) ++ { ++ cupsdLogMessage(CUPSD_LOG_ERROR, ++ "systemd_checkin: Unable to verify socket type - %s", ++ strerror(-r)); ++ continue; ++ } ++ ++ if (r) ++ { ++ /* ++ * This is the browse socket. ++ */ ++ ++ char addrstr[256]; ++ if (getsockname(fd, (struct sockaddr*) &addr, &addrlen)) ++ { ++ cupsdLogMessage(CUPSD_LOG_ERROR, ++ "systemd_checkin: Unable to get local address - %s", ++ strerror(errno)); ++ continue; ++ } ++ ++ httpAddrString (&addr, addrstr, sizeof (addrstr)); ++ BrowseSocket = fd; ++ BrowseSocketIsSystemd = 1; ++ cupsdLogMessage(CUPSD_LOG_DEBUG, ++ "systemd_checkin: Matched browse (port %d) with fd %d:%s...", ++ BrowsePort, fd, addrstr); ++ continue; ++ } ++ ++ } + cupsdLogMessage(CUPSD_LOG_ERROR, + "systemd_checkin: Socket not of the right type"); + continue; @@ -325,7 +449,7 @@ diff -up cups-1.5.0/scheduler/main.c.systemd-socket cups-1.5.0/scheduler/main.c + continue; + } + -+ /* ++ /* + * Try to match the systemd socket address to one of the listeners... + */ + @@ -333,7 +457,7 @@ diff -up cups-1.5.0/scheduler/main.c.systemd-socket cups-1.5.0/scheduler/main.c + lis; + lis = (cupsd_listener_t *)cupsArrayNext(Listeners)) + if (httpAddrEqual(&lis->address, &addr)) -+ break; ++ break; + + if (lis) + { @@ -373,10 +497,9 @@ diff -up cups-1.5.0/scheduler/main.c.systemd-socket cups-1.5.0/scheduler/main.c /* * 'parent_handler()' - Catch USR1/CHLD signals... -diff -up cups-1.5.0/scheduler/Makefile.systemd-socket cups-1.5.0/scheduler/Makefile ---- cups-1.5.0/scheduler/Makefile.systemd-socket 2011-10-18 15:32:40.817671022 +0100 -+++ cups-1.5.0/scheduler/Makefile 2011-10-18 15:32:40.852670360 +0100 -@@ -382,7 +382,7 @@ cupsd: $(CUPSDOBJS) $(LIBCUPSMIME) ../cu +--- scheduler/Makefile.orig ++++ scheduler/Makefile +@@ -379,7 +379,7 @@ cupsd: $(CUPSDOBJS) $(LIBCUPSMIME) ../cu $(CC) $(LDFLAGS) -o cupsd $(CUPSDOBJS) -L. -lcupsmime \ $(LIBZ) $(SSLLIBS) $(LIBSLP) $(LIBLDAP) $(PAMLIBS) \ $(LIBPAPER) $(LIBMALLOC) $(SERVERLIBS) $(DNSSDLIBS) $(LIBS) \ @@ -385,7 +508,7 @@ diff -up cups-1.5.0/scheduler/Makefile.systemd-socket cups-1.5.0/scheduler/Makef cupsd-static: $(CUPSDOBJS) libcupsmime.a ../cups/$(LIBCUPSSTATIC) echo Linking $@... -@@ -390,7 +390,7 @@ cupsd-static: $(CUPSDOBJS) libcupsmime.a +@@ -387,7 +387,7 @@ cupsd-static: $(CUPSDOBJS) libcupsmime.a $(LIBZ) $(SSLLIBS) $(LIBSLP) $(LIBLDAP) $(PAMLIBS) \ ../cups/$(LIBCUPSSTATIC) $(COMMONLIBS) $(LIBZ) $(LIBPAPER) \ $(LIBMALLOC) $(SERVERLIBS) $(DNSSDLIBS) $(LIBGSSAPI) \ diff --git a/cups.changes b/cups.changes index e1efb82..0ffca85 100644 --- a/cups.changes +++ b/cups.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Sat Dec 17 18:19:14 UTC 2011 - crrodriguez@opensuse.org + +- Update systemd patch, Bind to datagram socket as well +in systemd cups.socket unit file, to prevent that port being +stolen by another service (from RH). +- There is no need to use -fno-strict-aliasing in cflags any longer. + ------------------------------------------------------------------- Sat Dec 3 20:09:32 UTC 2011 - crrodriguez@opensuse.org diff --git a/cups.spec b/cups.spec index 841246d..ebcdc7d 100644 --- a/cups.spec +++ b/cups.spec @@ -242,7 +242,7 @@ printer drivers for CUPS. %patch103 # Patch104 adds the 'allowallforanybody' policy to cupsd.conf: %patch104 -%patch105 -p1 +%patch105 %build # Disable SILENT run of make so that make runs verbose as usual: @@ -251,8 +251,8 @@ libtoolize --force aclocal autoconf -export CXXFLAGS="$CXXFLAGS $RPM_OPT_FLAGS -O2 -fno-strict-aliasing -fstack-protector" -export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -fstack-protector -DLDAP_DEPRECATED" +export CXXFLAGS="$CXXFLAGS $RPM_OPT_FLAGS -O2 -fstack-protector" +export CFLAGS="$RPM_OPT_FLAGS -fstack-protector -DLDAP_DEPRECATED" export CXX=g++ # As long as cups-1.4.3-default-webcontent-path.patch is applied # configure --with-docdir=... would be no longer needed