[cups.general] cupsd no longer allows using cname (alias) must use hostname

Michael Sweet msweet at apple.com
Sun Mar 13 19:28:33 PDT 2011 

You are running into the (relatively new) DNS rebinding attack protection code. Sadly, while we do our best at startup we don't always catch all of the aliases for a given server. To work around this, add ServerAlias directives to your cupsd.conf file, either the "allow anything" version:

    ServerAlias *

or one per hostname, e.g.:

    ServerAlias name1.example.com
    ServerAlias name2.example.com
    ServerAlias name3.example.com

On Mar 13, 2011, at 5:39 PM, scott henry wrote:

> I was running debian Lenny on my server, and had a hostname alias (CNAME) setup
> using dnsmasq (since I had to move the printer around, it was easier to
> move the alias than to change the /etc/cups/client.conf on every other computer
> on the network). Lenny was running version 1.3.8. I upgrade the server to
> debian Squeeze, which is running cups v1.4.4, and I can no longer use the
> alias to access the printer server, I must use the hostname of the server.
> If I use the hostname, things work:
> 
> $ lpstat -h filess:631 -t
> scheduler is running
> system default destination: hp940c
> device for hp940c: usb://HP/DESKJET%20940C?serial=XXXXXXXXXXXXX
> device for PDF_to_file: cups-pdf:/
> hp940c accepting requests since Sun Oct 28 12:27:34 2007
> PDF_to_file accepting requests since Wed Oct  3 11:28:25 2007
> printer hp940c is idle.  enabled since Sun Oct 28 12:27:34 2007
> printer PDF_to_file is idle.  enabled since Wed Oct  3 11:28:25 2007
> 
> $ lpstat -h print:631 -t
> scheduler is running
> no system default destination
> lpstat: Bad Request
> lpstat: Bad Request
> lpstat: Bad Request
> lpstat: Bad Request
> lpstat: Bad Request
> 
> And I get similar bad behavior on other commands or using the web admin
> (note that the server is headless). All of the machines on this network
> are Linux or Mac OSX.
> 
> The error_log file shows:
> E [13/Mar/2011:17:31:22 -0700] Request from "192.168.55.24" using invalid Host: field "print"
> however that is a valid CNAME for the host, and it works for every other use.
> 
> Is this a configuration error on my part? I can't find anything about this
> in the docs or searching this site, though I might be looking for the wrong
> thing. I want my old behavior back!
> _______________________________________________
> cups mailing list
> cups at easysw.com
> http://lists.easysw.com/mailman/listinfo/cups

________________________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair

More information about the cups mailing list