[Pkg-cups-devel] Bug#588234: cups: TLS support missing
Arne Nordmark
nordmark at ano.mech.kth.se
Tue Jul 6 10:01:55 UTC 2010
Package: cups
Version: 1.4.4-1
Severity: normal
As of the latest squeeze version, TLS support seems to be gone.
/var/log/cups/error_log:
E [06/Jul/2010:07:52:39 +0200] Unknown directive ServerCertificate on line 142.
E [06/Jul/2010:07:52:39 +0200] Unknown directive ServerKey on line 143.
E [06/Jul/2010:11:57:21 +0200] Bad request line "" from ano6.mech.kth.se!
The last line comes when trying to connect using https://.
The same setup worked fine for the previous squeeze version.
Arne
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=sv_SE.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages cups depends on:
ii adduser 3.112 add and remove users and groups
ii bc 1.06.95-2 The GNU bc arbitrary precision cal
ii cups-client 1.4.4-1 Common UNIX Printing System(tm) -
ii cups-common 1.4.4-1 Common UNIX Printing System(tm) -
ii debconf [debconf-2.0] 1.5.32 Debian configuration management sy
ii ghostscript 8.71~dfsg2-3 The GPL Ghostscript PostScript/PDF
ii libavahi-client3 0.6.25-4 Avahi client library
ii libavahi-common3 0.6.25-4 Avahi common library
ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib
ii libcups2 1.4.4-1 Common UNIX Printing System(tm) -
ii libcupscgi1 1.4.4-1 Common UNIX Printing System(tm) -
ii libcupsdriver1 1.4.4-1 Common UNIX Printing System(tm) -
ii libcupsimage2 1.4.4-1 Common UNIX Printing System(tm) -
ii libcupsmime1 1.4.4-1 Common UNIX Printing System(tm) -
ii libcupsppdc1 1.4.4-1 Common UNIX Printing System(tm) -
ii libdbus-1-3 1.2.24-1 simple interprocess messaging syst
ii libgcc1 1:4.4.4-6 GCC support library
ii libgssapi-krb5-2 1.8.1+dfsg-5 MIT Kerberos runtime libraries - k
ii libijs-0.35 0.35-7 IJS raster image transport protoco
ii libkrb5-3 1.8.1+dfsg-5 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.17-2.1 OpenLDAP libraries
ii libpam0g 1.1.1-3 Pluggable Authentication Modules l
ii libpaper1 1.1.24 library for handling paper charact
ii libpoppler5 0.12.4-1 PDF rendering library
ii libslp1 1.2.1-7.7 OpenSLP libraries
ii libstdc++6 4.4.4-6 The GNU Standard C++ Library v3
ii libusb-0.1-4 2:0.1.12-15 userspace USB programming library
ii lsb-base 3.2-23.1 Linux Standard Base 3.2 init scrip
ii perl-modules 5.10.1-13 Core Perl modules
ii poppler-utils 0.12.4-1 PDF utilitites (based on libpopple
ii procps 1:3.2.8-9 /proc file system utilities
ii ssl-cert 1.0.25 simple debconf wrapper for OpenSSL
ii ttf-freefont 20090104-7 Freefont Serif, Sans and Mono True
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
Versions of packages cups recommends:
ii cups-driver-gutenprint 5.2.5-1 printer drivers for CUPS
ii foomatic-filters 4.0-20090509-1 OpenPrinting printer support - fil
ii ghostscript-cups 8.71~dfsg2-3 The GPL Ghostscript PostScript/PDF
Versions of packages cups suggests:
ii cups-bsd 1.4.4-1 Common UNIX Printing System(tm) -
pn cups-pdf <none> (no description available)
ii cups-ppdc 1.4.4-1 Common UNIX Printing System(tm) -
ii foomatic-db 20090616-1 OpenPrinting printer support - dat
ii foomatic-db-engine 4.0-20090509-2.1 OpenPrinting printer support - pro
ii hplip 3.10.5-1 HP Linux Printing and Imaging Syst
pn smbclient <none> (no description available)
ii udev 158-1 /dev/ and hotplug management daemo
pn xpdf-korean | xpdf-japa <none> (no description available)
-- Configuration Files:
/etc/cups/cupsd.conf changed:
LogLevel warn
MaxLogSize 0
SystemGroup lpadmin
Listen 631
Listen /var/run/cups/cups.sock
Browsing On
BrowseOrder allow,deny
BrowseAllow all
BrowseLocalProtocols CUPS dnssd
BrowseAddress anobhs-bcast.mech.kth.se
BrowseAddress bcast.bockholm.net
BrowseAddress 130.237.233.216
BrowseRelay ano4.mech.kth.se anobhs-bcast.mech.kth.se
BrowseRelay ano4.mech.kth.se bcast.bockholm.net
DefaultAuthType Basic
<Location />
Order allow,deny
Allow localhost
Allow From 130.237.233.208/28
Allow From 130.237.233.224/29
Allow From 172.17.2.0/24
Allow From [2001:6b0:1:1e90:0:0:40:0]/112
Allow From [2001:6b0:1:1e90:0:0:44:0]/112
</Location>
<Location /admin>
Order allow,deny
Allow localhost
Allow 130.237.233.224/29
Allow [2001:6b0:1:1e90:0:0:44:0]/112
</Location>
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
Order allow,deny
Allow localhost
Allow 130.237.233.224/29
Allow [2001:6b0:1:1e90:0:0:44:0]/112
</Location>
<Policy default>
# Job-related operations must be done by the owner or an administrator...
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job CUPS-Get-Document>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
<Policy authenticated>
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI>
AuthType Default
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
ServerCertificate /etc/ssl/certs/ano6/ano6_cert.pem
ServerKey /etc/ssl/certs/ano6/ano6_key.pem
HostNameLookups On
-- debconf information:
cupsys/raw-print: true
cupsys/backend: ipp, lpd, parallel, scsi, serial, socket, usb, snmp, dnssd
More information about the Pkg-cups-devel
mailing list