[packages/cups.git] / cups-satisfy-any.patch


Removed code prevented "Satisfy Any" directive from working, cupsdCheckPolicy
checks for auth info AND allow/deny access lists and does its job properly
so checking again just for auth info is The Wrong Thing as there may be
an access list allowing unauthorized clients based on their IP.

--- cups-1.3.4/scheduler/ipp.c~	2007-10-22 22:27:22.000000000 +0200
+++ cups-1.3.4/scheduler/ipp.c	2007-12-06 18:25:11.000000000 +0100
@@ -1294,12 +1294,6 @@
     send_http_error(con, status, printer);
     return (NULL);
   }
-  else if ((printer->type & CUPS_PRINTER_AUTHENTICATED) &&
-           !con->username[0] && !auth_info)
-  {
-    send_http_error(con, HTTP_UNAUTHORIZED, printer);
-    return (NULL);
-  }
 #ifdef HAVE_SSL
   else if (auth_info && !con->http.tls &&
            !httpAddrLocalhost(con->http.hostaddr))
Commit	Line	Data
374b6b65	1
736c47f5 JR	2	Removed code prevented "Satisfy Any" directive from working, cupsdCheckPolicy
	3	checks for auth info AND allow/deny access lists and does its job properly
	4	so checking again just for auth info is The Wrong Thing as there may be
	5	an access list allowing unauthorized clients based on their IP.
374b6b65 JR	6
	7	--- cups-1.3.4/scheduler/ipp.c~ 2007-10-22 22:27:22.000000000 +0200
	8	+++ cups-1.3.4/scheduler/ipp.c 2007-12-06 18:25:11.000000000 +0100
	9	@@ -1294,12 +1294,6 @@
	10	send_http_error(con, status, printer);
	11	return (NULL);
	12	}
	13	- else if ((printer->type & CUPS_PRINTER_AUTHENTICATED) &&
	14	- !con->username[0] && !auth_info)
	15	- {
	16	- send_http_error(con, HTTP_UNAUTHORIZED, printer);
	17	- return (NULL);
	18	- }
	19	#ifdef HAVE_SSL
	20	else if (auth_info && !con->http.tls &&
	21	!httpAddrLocalhost(con->http.hostaddr))