On Thu, Nov 3, 2011 at 8:38 AM, Johannes Meixner <jsmeix@suse.de> wrote:
Hello,
On Nov 3 12:12 Werner Flamme wrote (excerpt):
finally I found a real bug! And a workaround...
In /etc/cups/cupsd.conf, I have lines like:
ServerName printlpz1l.intranet.ufz.de ServerAlias printlpz1l ServerAlias 141.65.124.19
Whenever I try to access <https://printlpz1l.intranet.ufz.de:631>, I get "Bad Request". But: I can access <https://printlpz1l:631> or <https://141.65.124.19:631> without problems.
lpstat -h printlpz1l.intranet.ufz.de -a - -> error
lpstat -h printlpz1l - -> long list
Five minutes ago, I added
ServerAlias printlpz1l.intranet.ufz.de
to /etc/cups/cupsd.conf and voilà - the host is accessible with its FQDN. Via web as well as via lpstat.
Obviously, CUPS allows access to the ServerAlias only, and refuses access to ServerName. In /var/log/cups/error_log I see lines like
Request from "141.65.31.19" using invalid Host: field "printlpz1l.intranet.ufz.de"
That's an interesting bug. They may have invested a lot of brain power for that :-) BTW, The entry after ServerName is the "real" hostname...
Yes, they invested a lot of brain power to protect you against DNS rebinding attacks which unfortunately results in some cases that you get "overprotected".
Is this really a new issue since CUPS 1.5.x (i.e. it worked with 1.4.6)?
I had a *lot* of problems with previous versions of CUPS regarding this "feature". Specifically, it broke printing to a local CUPS server from VirtualBox / QEMU / KVM etc.... in many cases. -- Jon -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org