1 diff -Nur cups-1.1.14.orig/cups/http.c cups-1.1.14/cups/http.c
2 --- cups-1.1.14.orig/cups/http.c Wed May 21 14:16:24 2003
3 +++ cups-1.1.14/cups/http.c Wed May 21 14:49:40 2003
5 * default HTTP proxy (if any).
6 * httpCheck() - Check to see if there is a pending response from
8 + * httpWait() - Wait for data available on a connection.
9 * httpClose() - Close an HTTP connection...
10 * httpConnect() - Connect to a HTTP server.
11 * httpConnectEncrypt() - Connect to a HTTP server using encryption.
13 int /* O - 0 = no data, 1 = data available */
14 httpCheck(http_t *http) /* I - HTTP connection */
16 + return (httpWait(http, 0));
21 + * 'httpWait()' - Wait for data available on a connection.
24 +int /* O - 0 = no data, 1 = data available */
25 +httpWait(http_t *http, /* I - HTTP connection */
26 + int msec) /* I - Milliseconds to wait */
28 fd_set input; /* Input set for select() */
29 struct timeval timeout; /* Timeout */
38 + if (SSL_pending((SSL *)(http->tls)))
41 +#endif /* HAVE_LIBSSL */
44 * Then try doing a select() to poll the socket...
48 FD_SET(http->fd, &input);
51 - timeout.tv_usec = 0;
54 + timeout.tv_sec = msec / 1000;
55 + timeout.tv_usec = (msec % 1000) * 1000;
57 - return (select(http->fd + 1, &input, NULL, NULL, &timeout) > 0);
58 + return (select(http->fd + 1, &input, NULL, NULL, &timeout) > 0);
61 + return (select(http->fd + 1, &input, NULL, NULL, NULL) > 0);
65 @@ -1132,8 +1158,10 @@
67 char buffer[8192]; /* Junk buffer */
70 - while (httpRead(http, buffer, sizeof(buffer)) > 0);
71 + if (http->state != HTTP_WAITING)
73 + while (httpRead(http, buffer, sizeof(buffer)) > 0);
79 * Buffer small reads for better performance...
82 + if (!http->blocking && !httpWait(http, 1000))
85 if (http->data_remaining > sizeof(http->buffer))
86 bytes = sizeof(http->buffer);
88 @@ -1239,7 +1270,10 @@
93 + http->error = EPIPE;
99 @@ -1259,10 +1293,18 @@
104 + if (!http->blocking && !httpWait(http, 1000))
107 bytes = SSL_read((SSL *)(http->tls), buffer, length);
109 #endif /* HAVE_LIBSSL */
112 + if (!http->blocking && !httpWait(http, 1000))
115 DEBUG_printf(("httpRead: reading %d bytes from socket...\n", length));
116 bytes = recv(http->fd, buffer, length, 0);
117 DEBUG_printf(("httpRead: read %d bytes from socket...\n", bytes));
118 @@ -1276,6 +1318,11 @@
124 + http->error = EPIPE;
128 if (http->data_remaining == 0)
130 @@ -1437,6 +1484,9 @@
131 * No newline; see if there is more data to be read...
134 + if (!http->blocking && !httpWait(http, 1000))
139 bytes = SSL_read((SSL *)(http->tls), bufend,
140 @@ -1473,8 +1523,7 @@
144 - if (http->blocking)
145 - http->error = EPIPE;
146 + http->error = EPIPE;
150 @@ -1768,6 +1817,7 @@
151 case HTTP_POST_RECV :
154 + case HTTP_POST_SEND :
158 diff -Nur cups-1.1.14.orig/cups/http.h cups-1.1.14/cups/http.h
159 --- cups-1.1.14.orig/cups/http.h Sun Jan 27 22:16:11 2002
160 +++ cups-1.1.14/cups/http.h Wed May 21 14:50:15 2003
162 extern char *httpMD5String(const md5_byte_t *, char [33]);
165 +/**** Backported from CUPS 1.1.19 ****/
166 +extern int httpWait(http_t *http, int msec);
172 diff -Nur cups-1.1.14.orig/cups/ipp.c cups-1.1.14/cups/ipp.c
173 --- cups-1.1.14.orig/cups/ipp.c Tue Feb 12 19:47:11 2002
174 +++ cups-1.1.14/cups/ipp.c Wed May 21 14:51:45 2003
175 @@ -2009,7 +2009,14 @@
176 if (http->data_remaining == 0)
178 if (http->data_encoding == HTTP_ENCODE_CHUNKED)
179 - httpGets(len, sizeof(len), http);
182 + * Get the trailing CR LF after the chunk...
185 + if (!httpGets(len, sizeof(len), http))
189 if (http->data_encoding != HTTP_ENCODE_CHUNKED)
191 diff -Nur cups-1.1.14.orig/scheduler/client.c cups-1.1.14/scheduler/client.c
192 --- cups-1.1.14.orig/scheduler/client.c Wed May 21 14:16:24 2003
193 +++ cups-1.1.14/scheduler/client.c Wed May 21 15:03:31 2003
195 client_t *con; /* New client pointer */
196 unsigned address;/* Address of client */
197 struct hostent *host; /* Host entry for address */
198 + static time_t last_dos = 0;
199 + /* Time of last DoS attack */
202 LogMessage(L_DEBUG2, "AcceptClient(%08x) %d NumClients = %d",
204 #endif /* HAVE_LIBSSL */
207 + * Update the activity time so that we timeout after 30 seconds rather
208 + * then the current Timeout setting (300 by default). This prevents
209 + * some DoS situations...
212 + con->http.activity = time(NULL) - Timeout + 30;
215 * Close the socket and clear the file from the input set for select()...
218 @@ -1378,6 +1388,10 @@
222 + else if (con->http.state == HTTP_POST_RECV)
226 else if (con->http.state != HTTP_POST_SEND)