16182423 Update error code for all the failed use of authorization records ...

Sonam Gupta

2013-02-11 83cd9f22b5d0809293b65c5a33b6b121c23b386f

16182423 Update error code for all the failed use of authorization records in CUPS
16182458 Print 3 files requesting nolabel and nobanner should produce 6 audit records
16201093 For remote print requests, the path token in AR from GZ needs modification

 components/cups/patches/20-16182423.patch

New file
@@ -0,0 +1,28 @@
--- scheduler/ipp.c    Thu Jan 17 01:48:12 2013
+++ scheduler/ipp.c    Thu Jan 17 01:47:45 2013
@@ -128,6 +128,7 @@
 #include <deflt.h>
 #include <auth_attr.h>
 #include <secdb.h>
+#include <bsm/adt_event.h>
 #endif /* HAVE_TSOL */
 
 /*
@@ -1523,7 +1524,7 @@
            * print request will fail since user
            * does not have the required authorization.
            */
-      cups_audit_print_request_denial(con, NULL, printer, -1, EACCES);
+      cups_audit_print_request_denial(con, NULL, printer, -1, ADT_FAIL_VALUE_AUTH);
       send_http_error(con, HTTP_UNAUTHORIZED, printer);
       return (NULL);
         }
@@ -1546,7 +1547,7 @@
              * print request will fail since user
              * does not have the required authorization.
              */
-            cups_audit_print_request_denial(con, NULL, printer, -1, EACCES);
+            cups_audit_print_request_denial(con, NULL, printer, -1, ADT_FAIL_VALUE_AUTH);
             send_http_error(con, HTTP_UNAUTHORIZED, printer);
             return (NULL);
           }

 components/cups/patches/21-16182458,16201093.patch

New file
@@ -0,0 +1,82 @@
--- scheduler/audit.c    Tue Feb  5 07:54:29 2013
+++ scheduler/audit.c    Tue Feb  5 07:53:56 2013
@@ -171,7 +171,6 @@
     int job_id, boolean_t remote)
 {
     char        tmpfile[IPP_MAX_NAME];
-    char        tfile[IPP_MAX_NAME];
     char        r_job_ID[IPP_MAX_NAME];
     char        *file, *f_job_ID = NULL;
     struct stat    attributes;
@@ -239,14 +238,9 @@
 
     /*
      * In case of remote request, filelist contains client document-name.
-     * Append the same to filename before writing to the audit record.
      */
     if (remote && (filelist != NULL)) {
-        strlcpy(tfile, "Local file: ", sizeof (tmpfile));
-        strcat(tfile, tmpfile);
-        strcat(tfile, " | Remote file: ");
-        strcat(tfile, filelist);
-        file = tfile;
+        file = filelist;
     }
 
     /* extract label from slabel */
@@ -424,6 +418,7 @@
     int            status, return_val;
     struct addrinfo        *ai = NULL;
     boolean_t        remote = B_FALSE;
+    boolean_t        freedlist = B_FALSE;
 
     if ((event = adt_alloc_event(ah, event_ID)) == NULL) {
         cupsdLogMessage(CUPSD_LOG_EMERG,
@@ -485,10 +480,24 @@
     if (document_list == NULL) {
         dlist = job_name;
     } else {
-        dlist = document_list;
+        dlist = strdup(document_list);
+        freedlist = B_TRUE;
+    }
+
+    if (dlist != NULL) {
         cupsdLogMessage(CUPSD_LOG_DEBUG2,
+                "cups_audit_print_request_sub():"
+                "document-names is %s ", dlist);
+    } else {
+        cupsdLogMessage(CUPSD_LOG_ERROR,
             "cups_audit_print_request_sub():"
-            "document-names is %s ", dlist);
+            "document list is NULL");
+
+        if (ai != NULL)
+            freeaddrinfo(ai);
+
+            adt_free_event(event);
+        return;
     }
 
     /*
@@ -495,9 +504,7 @@
      * document-names=f1,f2,f3...
      * extract the files from it.
      */
-    if (dlist != NULL) {
-        filelist = strtok(dlist, ",");
-    }
+    filelist = strtok(dlist, ",");
 
     if (remote) {
         /* Remote Request */
@@ -540,6 +547,9 @@
         freeaddrinfo(ai);
     }
 
+    if (freedlist)
+        free(dlist);
+
     adt_free_event(event);
 }