[arch-commits] Commit in cups/trunk (2 files)

Evangelos Foutras foutrelis at archlinux.org
Mon Apr 16 21:49:12 UTC 2018 

    Date: Monday, April 16, 2018 @ 21:49:11
  Author: foutrelis
Revision: 321918

upgpkg: cups 2.2.7-2

Fix logging in from Chromium (FS#58247).

Added:
  cups/trunk/auth-workaround-for-certain-web-browsers.patch
Modified:
  cups/trunk/PKGBUILD

------------------------------------------------+
 PKGBUILD                                       |    6 +-
 auth-workaround-for-certain-web-browsers.patch |   59 +++++++++++++++++++++++
 2 files changed, 64 insertions(+), 1 deletion(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2018-04-16 17:12:41 UTC (rev 321917)
+++ PKGBUILD	2018-04-16 21:49:11 UTC (rev 321918)
@@ -4,7 +4,7 @@
 pkgbase="cups"
 pkgname=('libcups' 'cups')
 pkgver=2.2.7
-pkgrel=1
+pkgrel=2
 arch=('x86_64')
 license=('GPL')
 url="https://www.cups.org/"
@@ -19,6 +19,7 @@
         cups-no-gzip-man.patch
         cups-1.6.2-statedir.patch
         # bugfixes
+        auth-workaround-for-certain-web-browsers.patch
         cups-systemd-socket.patch)
 sha256sums=('3c4b637b737077565ccdfbd5f61785d03f49461ae736fcc2c0ffaf41d2c6ea6a'
             'SKIP'
@@ -29,6 +30,7 @@
             'ff3eb0782af0405f5dafe89e04b1b4ea7a49afc5496860d724343bd04f375832'
             'b8fc2e3bc603495f0278410350ea8f0161d9d83719feb64f573b63430cb4800b'
             '23349c96f2f7aeb7d48e3bcd35a969f5d5ac8f55a032b0cfaa0a03d7e37ea9af'
+            'e5ad0e967c2ae9a9780211acb41980e4aa203df1dacff49d14d75a6ab6c8b8ed'
             'c04627383d66f19b78e78f960d4d46577111ec9789b937ac4efba4cf369c921f')
 validpgpkeys=('3737FD0D0E63B30172440D2DDBA3A7AB08D76223') # CUPS.org (CUPS.org PGP key) <security at cups.org>
 validpgpkeys+=('45D083946E3035282B3CCA9AF434104235DA97EB') # "CUPS.org <security at cups.org>"
@@ -46,6 +48,8 @@
   patch -Np1 -i ${srcdir}/cups-1.6.2-statedir.patch
 
   # bug fixes
+  # https://github.com/apple/cups/issues/5289
+  patch -Np1 -i ${srcdir}/auth-workaround-for-certain-web-browsers.patch
   # make sure network is up when starting and notify systemd - FC
   patch -Np1 -i ${srcdir}/cups-systemd-socket.patch
 

Added: auth-workaround-for-certain-web-browsers.patch
===================================================================
--- auth-workaround-for-certain-web-browsers.patch	                        (rev 0)
+++ auth-workaround-for-certain-web-browsers.patch	2018-04-16 21:49:11 UTC (rev 321918)
@@ -0,0 +1,59 @@
+From 4feb1fe2e5bb9f418f51f5f517f70b451159baa2 Mon Sep 17 00:00:00 2001
+From: Michael R Sweet <michael.r.sweet at gmail.com>
+Date: Mon, 16 Apr 2018 17:16:31 -0400
+Subject: [PATCH] - Added a workaround for certain web browsers that do not
+ support multiple   authentication schemes in a single response header (Issue
+ #5289)
+
+---
+ scheduler/client.c | 22 +++++++++++++++++-----
+ scheduler/client.h |  8 +++++---
+ 2 files changed, 22 insertions(+), 8 deletions(-)
+
+diff --git a/scheduler/client.c b/scheduler/client.c
+index f388499dc..95c34877d 100644
+--- a/scheduler/client.c
++++ b/scheduler/client.c
+@@ -813,6 +814,18 @@ cupsdReadClient(cupsd_client_t *con)	/* I - Client to read from */
+ 
+   if (status == HTTP_STATUS_OK)
+   {
++   /*
++    * Record whether the client is a web browser.  "Mozilla" was the original
++    * and it seems that every web browser in existence now uses that as the
++    * prefix with additional information identifying *which* browser.
++    *
++    * Chrome (at least) has problems with multiple WWW-Authenticate values in
++    * a single header, so we only report Basic or Negotiate to web browsers and
++    * leave the multiple choices to the native CUPS client...
++    */
++
++    con->is_browser = !strncmp(httpGetField(con->http, HTTP_FIELD_USER_AGENT), "Mozilla/", 8);
++
+     if (httpGetField(con->http, HTTP_FIELD_ACCEPT_LANGUAGE)[0])
+     {
+      /*
+@@ -2103,8 +2116,7 @@ cupsdSendHeader(
+       strlcpy(auth_str, "Negotiate", sizeof(auth_str));
+     }
+ 
+-    if (con->best && auth_type != CUPSD_AUTH_NEGOTIATE &&
+-        !_cups_strcasecmp(httpGetHostname(con->http, NULL, 0), "localhost"))
++    if (con->best && auth_type != CUPSD_AUTH_NEGOTIATE && !con->is_browser && !_cups_strcasecmp(httpGetHostname(con->http, NULL, 0), "localhost"))
+     {
+      /*
+       * Add a "trc" (try root certification) parameter for local non-Kerberos
+diff --git a/scheduler/client.h b/scheduler/client.h
+index aaca8279a..fc7af5400 100644
+--- a/scheduler/client.h
++++ b/scheduler/client.h
+@@ -26,6 +27,7 @@ struct cupsd_client_s
+   struct timeval	start;		/* Request start time */
+   http_state_t		operation;	/* Request operation */
+   off_t			bytes;		/* Bytes transferred for this request */
++  int			is_browser;	/* Is the client a web browser? */
+   int			type;		/* AuthType for username */
+   char			username[HTTP_MAX_VALUE],
+ 					/* Username from Authorization: line */
+-- 
+2.17.0

More information about the arch-commits mailing list