[cups.bugs] [MOD] STR #3518: Infinite loop when not compiled with HAVE_GSSAPI
Christer Bernérus
bernerus at chalmers.se
Wed Mar 3 04:38:08 PST 2010
DO NOT REPLY TO THIS MESSAGE. INSTEAD, POST ANY RESPONSES TO THE LINK BELOW.
[STR New]
If cups is compiled without HAVE_GSSAPI and is used with a server that
requires authorization, the client gets into an infinite loop.
Without HAVE_GSSAPI there is no code in auth.c that tests the
http->digest_tries variable.
The bug does not show unless the http input buffer is flushed after
receiving a HTTP_UNAUTHORIZED, which is necessary to do. If that is not
done, submission fails before getting into this loop.
Fix:
--- cups/auth.c (revision 9014)
+++ cups/auth.c (working copy)
@@ -392,6 +394,13 @@
httpSetAuthString(http, "Digest", digest);
}
+ if (http->status == HTTP_UNAUTHORIZED && http->digest_tries >= 3)
+ {
+ DEBUG_printf(("1cupsDoAuthentication: too many authentication tries
(%d)", http->digest_tries));
+ http->status = HTTP_AUTHORIZATION_CANCELED;
+ return(-1);
+ }
+
DEBUG_printf(("1cupsDoAuthentication: authstring=\"%s\"",
http->authstring));
return (0);
Link: http://www.cups.org/str.php?L3518
Version: 1.4.2
More information about the cups
mailing list