162 lines
5.7 KiB
162 lines
5.7 KiB
# --- SDE-COPYRIGHT-NOTE-BEGIN --- |
|
# This copyright note is auto-generated by ./scripts/Create-CopyPatch. |
|
# |
|
# Filename: package/.../cups-pdf/ForcedUser.patch.disabled |
|
# Copyright (C) 2005 - 2006 The T2 SDE Project |
|
# |
|
# More information can be found in the files COPYING and README. |
|
# |
|
# This patch file is dual-licensed. It is available under the license the |
|
# patched project is licensed under, as long as it is an OpenSource license |
|
# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms |
|
# of the GNU General Public License as published by the Free Software |
|
# Foundation; either version 2 of the License, or (at your option) any later |
|
# version. |
|
# --- SDE-COPYRIGHT-NOTE-END --- |
|
|
|
|
|
This allows forcing all files to be created with a specific user or, if a |
|
unknown user is forced, to create the files as AnonUser, if allowed. |
|
|
|
- Rene Rebe <rene@exactcode.de> |
|
|
|
diff -ur cups-pdf-2.0beta2/extra/cups-pdf.conf cups-pdf-2.0beta2-imp/extra/cups-pdf.conf |
|
--- cups-pdf-2.0beta2/extra/cups-pdf.conf 2005-10-26 14:15:51.000000000 +0200 |
|
+++ cups-pdf-2.0beta2-imp/extra/cups-pdf.conf 2005-12-06 19:20:01.000000000 +0100 |
|
@@ -106,6 +106,13 @@ |
|
|
|
#AnonUser nobody |
|
|
|
+### Key: ForcedUser |
|
+## fixed user for PDF creation (this might be a security issue) |
|
+## set this to an empty value to use the username supplied by CUPS |
|
+### Default: <empty> |
|
+ |
|
+#ForcedUser archiver |
|
+ |
|
### Key: LowerCase |
|
## This options allows to check user names given to CUPS-PDF additionally |
|
## against their lower case variants. This is necessary since in some |
|
diff -ur cups-pdf-2.0beta2/src/cups-pdf.c cups-pdf-2.0beta2-imp/src/cups-pdf.c |
|
--- cups-pdf-2.0beta2/src/cups-pdf.c 2005-10-23 16:04:45.000000000 +0200 |
|
+++ cups-pdf-2.0beta2-imp/src/cups-pdf.c 2005-12-06 19:44:50.000000000 +0100 |
|
@@ -350,11 +350,12 @@ |
|
} |
|
|
|
int main(int argc, char *argv[]) { |
|
- char *user, *dirname, *spoolfile, *outfile, *gscall, *ppcall; |
|
+ char *dirname, *spoolfile, *outfile, *gscall, *ppcall; |
|
cp_string title=""; |
|
- int size; |
|
+ cp_string user=""; |
|
mode_t mode; |
|
struct passwd *passwd; |
|
+ int size; |
|
pid_t pid; |
|
|
|
if (getuid()) { |
|
@@ -376,15 +377,12 @@ |
|
log_event(CPSTATUS, "call contained illegal number of arguments", NULL); |
|
return 0; |
|
} |
|
- size=strlen(conf.userprefix)+strlen(argv[2])+1; |
|
- user=calloc(size, sizeof(char)); |
|
- if (user == NULL) { |
|
- fputs("CUPS-PDF: failed to allocate memory\n", stderr); |
|
- return -2; |
|
- } |
|
- snprintf(user, size, "%s%s", conf.userprefix, argv[2]); |
|
+ if (*conf.forceduser != 0) |
|
+ snprintf(user, BUFSIZE, "%s", conf.forceduser); |
|
+ else |
|
+ snprintf(user, BUFSIZE, "%s%s", conf.userprefix, argv[2]); |
|
passwd=getpwnam(user); |
|
- if (passwd == NULL && conf.lowercase) { |
|
+ if (passwd == NULL && conf.lowercase && *conf.forceduser == 0) { |
|
log_event(CPDEBUG, "unknown user", user); |
|
for (size=0;size<(int) strlen(argv[2]);size++) |
|
argv[2][size]=tolower(argv[2][size]); |
|
@@ -398,7 +396,6 @@ |
|
passwd=getpwnam(conf.anonuser); |
|
if (passwd == NULL) { |
|
log_event(CPERROR, "username for anonymous access unknown", conf.anonuser); |
|
- free(user); |
|
fclose(logfp); |
|
return -2; |
|
} |
|
@@ -408,7 +405,6 @@ |
|
dirname=calloc(size, sizeof(char)); |
|
if (dirname == NULL) { |
|
fputs("CUPS-PDF: failed to allocate memory\n", stderr); |
|
- free(user); |
|
fclose(logfp); |
|
return -2; |
|
} |
|
@@ -419,7 +415,6 @@ |
|
dirname=calloc(size, sizeof(char)); |
|
if (dirname == NULL) { |
|
fputs("CUPS-PDF: failed to allocate memory\n", stderr); |
|
- free(user); |
|
fclose(logfp); |
|
return -2; |
|
} |
|
@@ -428,7 +423,6 @@ |
|
} |
|
else { |
|
log_event(CPSTATUS, "anonymous access denied", user); |
|
- free(user); |
|
fclose(logfp); |
|
return 0; |
|
} |
|
@@ -441,7 +435,6 @@ |
|
dirname=calloc(size, sizeof(char)); |
|
if (dirname == NULL) { |
|
fputs("CUPS-PDF: failed to allocate memory\n", stderr); |
|
- free(user); |
|
fclose(logfp); |
|
return -2; |
|
} |
|
@@ -452,7 +445,6 @@ |
|
dirname=calloc(size, sizeof(char)); |
|
if (dirname == NULL) { |
|
fputs("CUPS-PDF: failed to allocate memory\n", stderr); |
|
- free(user); |
|
fclose(logfp); |
|
return -2; |
|
} |
|
@@ -463,7 +455,6 @@ |
|
} |
|
mode=(0666&~conf.userumask); |
|
} |
|
- free(user); |
|
if (prepareuser(passwd, dirname)) return -2; |
|
log_event(CPDEBUG, "user information prepared", NULL); |
|
|
|
diff -ur cups-pdf-2.0beta2/src/cups-pdf.h cups-pdf-2.0beta2-imp/src/cups-pdf.h |
|
--- cups-pdf-2.0beta2/src/cups-pdf.h 2005-10-23 16:03:20.000000000 +0200 |
|
+++ cups-pdf-2.0beta2-imp/src/cups-pdf.h 2005-12-06 19:14:22.000000000 +0100 |
|
@@ -40,6 +40,7 @@ |
|
struct { |
|
cp_string anondirname; |
|
cp_string anonuser; |
|
+ cp_string forceduser; |
|
cp_string ghostscript; |
|
cp_string gscall; |
|
cp_string grp; |
|
@@ -63,6 +64,7 @@ |
|
void _set_defaults() { |
|
snprintf(conf.anondirname,BUFSIZE,"%s","/var/spool/cups-pdf/ANONYMOUS"); |
|
snprintf(conf.anonuser,BUFSIZE,"%s","nobody"); |
|
+ snprintf(conf.forceduser,BUFSIZE,"%s",""); |
|
snprintf(conf.ghostscript,BUFSIZE,"/usr/bin/gs"); |
|
snprintf(conf.gscall,BUFSIZE,"%s","%s -q -dCompatibilityLevel=%s -dNOPAUSE -dBATCH -dSAFER -sDEVICE=pdfwrite -sOutputFile=\"%s\" -dAutoRotatePages=/PageByPage -dAutoFilterColorImages=false -dColorImageFilter=/FlateEncode -dPDFSETTINGS=/prepress -c save pop -f %s"); |
|
snprintf(conf.grp,BUFSIZE,"%s","lp"); |
|
@@ -91,6 +93,8 @@ |
|
strncpy(conf.anondirname,value,BUFSIZE); |
|
else if (!strcmp("AnonUser",key)) |
|
strncpy(conf.anonuser,value,BUFSIZE); |
|
+ else if (!strcmp("ForcedUser",key)) |
|
+ strncpy(conf.forceduser,value,BUFSIZE); |
|
else if (!strcmp("GhostScript",key)) |
|
strncpy(conf.ghostscript,value,BUFSIZE); |
|
else if (!strcmp("GSCall",key))
|
|
|