Source: sane-backends Version: 1.0.25-2 Severity: wishlist Tags: patch Dear Maintainer,
Some time after deploying a network shared scanner I found out that the access to the device could be blocked by an idle client. A brief revision showed that saned has an internal watchdog that can enforce a timeout on idle connections; however, it was disabled in the default debug level and also had a fixed value. Attached you will find a patch that allows the configuration of the watchdog timeout and enables it in the default debug level. The patch builds upon the one sent with report #821255, in order to use the new command line option processing scheme. For completeness, that patch is also attached to the present message. I've performed some brief tests and the changes work as expected. I hope they can be useful. Regards, -- System Information: Debian Release: 8.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=es_VE.UTF-8, LC_CTYPE=es_VE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- Dhionel Díaz Centro Nacional de Desarrollo e Investigación en Tecnologías Libres Ministerio del Poder Popular para Educación Universitaria, Ciencia y Tecnología
diff -Nru sane-backends-1.0.25/debian/patches/0233-saned-remotescanners.patch sane-backends-1.0.25/debian/patches/0233-saned-remotescanners.patch --- sane-backends-1.0.25/debian/patches/0233-saned-remotescanners.patch 1969-12-31 20:00:00.000000000 -0400 +++ sane-backends-1.0.25/debian/patches/0233-saned-remotescanners.patch 2016-04-13 18:38:35.000000000 -0430 @@ -0,0 +1,159 @@ +Description: saned option to report network-attached devices to clients +Author: Jens-U. Mozdzen <[email protected]> +Author: Dhionel DÃaz <[email protected]> +Bug: https://alioth.debian.org/tracker/index.php?func=detail&aid=314768&group_id=30186&atid=410366 +Last-Update: 2016-04-13 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/doc/saned.man ++++ b/doc/saned.man +@@ -10,6 +10,7 @@ + .I [ n ] + .B | \-s + .I [ n ] ++.B | \-r + .B | \-h + .B ] + .SH DESCRIPTION +@@ -37,6 +38,14 @@ + .B saned + will drop root privileges and run as this user (and group). + .PP ++If the ++.B \-r ++flag is specified, saned will also report remote scanners (those that are accessed ++via saned's "net" backend) when receiving an inquiry to list all devices. As the ++remote scanner may not be available at the time of the request, enabling this ++option may cause a significant delay, experienced by the remote client. ++Default is not to report those scanners. ++.PP + The + .B \-d + and +@@ -94,6 +103,14 @@ + machine, we strongly recommend using the Netfilter + \fInf_conntrack_sane\fP module instead. + .PP ++\fBreexport_remote_scanners\fP = \fI[ true | yes | 1 ]\fP ++Enables reporting remote scanners (those accessed via saned's "net" ++backend) to clients. As the remote scanner may not be available at ++the time of the request, enabling this option may cause a significant ++delay, experienced by the remote client. ++Any value other than "true", "yes" or "1" will keep this option disabled, ++which is the default when this option nor the command line flag "-r" is specified. ++.PP + The access list is a list of host names, IP addresses or IP subnets + (CIDR notation) that are permitted to use local SANE devices. IPv6 + addresses must be enclosed in brackets, and should always be specified +--- a/frontend/saned.c ++++ b/frontend/saned.c +@@ -246,6 +246,7 @@ + static int num_handles; + static int debug; + static int run_mode; ++static SANE_Bool reexport_remote_scanners_disabled = SANE_TRUE; + static Handle *handle; + static union + { +@@ -1834,7 +1835,7 @@ + + reply.status = + sane_get_devices ((const SANE_Device ***) &reply.device_list, +- SANE_TRUE); ++ reexport_remote_scanners_disabled); + sanei_w_reply (w, (WireCodecFunc) sanei_w_get_devices_reply, &reply); + } + break; +@@ -2697,6 +2698,23 @@ + DBG (DBG_INFO, "read_config: data port range: %d - %d\n", data_port_lo, data_port_hi); + } + } ++ else if (strstr(config_line, "reexport_remote_scanners") != NULL) ++ { ++ optval = sanei_config_skip_whitespace (++optval); ++ if ((optval != NULL) && (*optval != '\0')) ++ { ++ if (optval == endval) ++ { ++ DBG (DBG_ERR, "read_config: invalid value for data_portrange\n"); ++ continue; ++ } ++ else if ((strcmp( optval, "yes") == 0) || (strcmp( optval, "true") == 0) ||(strcmp( optval, "1") == 0)) ++ { ++ reexport_remote_scanners_disabled = SANE_FALSE; ++ DBG (DBG_INFO, "main: enabled serving remote scanner devices\n"); ++ } ++ } ++ } + } + fclose (fp); + DBG (DBG_INFO, "read_config: done reading config\n"); +@@ -3274,35 +3292,43 @@ + numchildren = 0; + run_mode = SANED_RUN_INETD; + +- if (argc >= 2) +- { +- if (strncmp (argv[1], "-a", 2) == 0) +- run_mode = SANED_RUN_ALONE; +- else if (strncmp (argv[1], "-d", 2) == 0) +- { +- run_mode = SANED_RUN_DEBUG; +- log_to_syslog = SANE_FALSE; +- } +- else if (strncmp (argv[1], "-s", 2) == 0) +- run_mode = SANED_RUN_DEBUG; +- else +- { +- printf ("Usage: saned [ -a [ username ] | -d [ n ] | -s [ n ] ] | -h\n"); +- if ((strncmp (argv[1], "-h", 2) == 0) || +- (strncmp (argv[1], "--help", 6) == 0)) +- exit (EXIT_SUCCESS); +- else +- exit (EXIT_FAILURE); +- } +- } ++ int optc; + +- if (run_mode == SANED_RUN_DEBUG) +- { +- if (argv[1][2]) +- debug = atoi (argv[1] + 2); ++ opterr = 0; /* wir wollen keine fremden Ausgaben */ ++ ++ do { ++ switch (optc = getopt(argc, argv, "ad:s:r")) { ++ ++ case 'a': /* stand-alone */ ++ run_mode = SANED_RUN_ALONE; ++ break; ++ case 'd': /* debug */ ++ run_mode = SANED_RUN_DEBUG; ++ log_to_syslog = SANE_FALSE; + ++ debug = atoi( optarg); + DBG (DBG_WARN, "main: starting debug mode (level %d)\n", debug); ++ break; ++ case 's': /* debug to syslog */ ++ run_mode = SANED_RUN_DEBUG; ++ ++ debug = atoi( optarg); ++ DBG (DBG_WARN, "main: starting debug mode (level %d)\n", debug); ++ break; ++ case 'r': /* re-export network-attached scanners */ ++ reexport_remote_scanners_disabled = SANE_FALSE; ++ DBG (DBG_INFO, "main: enabled serving remote scanner devices\n"); ++ break; ++ case '?': /* unknown option */ ++ printf ("Usage: saned [ -a [ username ] | -d [ n ] | -s [ n ] ] | -r | -h\n"); ++ if ((strncmp (argv[1], "-h", 2) == 0) || ++ (strncmp (argv[1], "--help", 6) == 0)) ++ exit (EXIT_SUCCESS); ++ else ++ exit (EXIT_FAILURE); ++ break; + } ++ } while (optc != -1); + + if (log_to_syslog) + openlog ("saned", LOG_PID | LOG_CONS, LOG_DAEMON); diff -Nru sane-backends-1.0.25/debian/patches/series sane-backends-1.0.25/debian/patches/series --- sane-backends-1.0.25/debian/patches/series 2015-11-06 22:58:19.000000000 -0430 +++ sane-backends-1.0.25/debian/patches/series 2016-04-16 19:37:14.000000000 -0430 @@ -16,3 +16,4 @@ 0705-kfreebsd.patch 0710-sane-desc.c_debian_mods.patch 0125-multiarch_dll_search_path.patch +0233-saned-remotescanners.patch
diff -Nru sane-backends-1.0.25/debian/patches/0239-saned-configurable_timeout.patch sane-backends-1.0.25/debian/patches/0239-saned-configurable_timeout.patch --- sane-backends-1.0.25/debian/patches/0239-saned-configurable_timeout.patch 1969-12-31 20:00:00.000000000 -0400 +++ sane-backends-1.0.25/debian/patches/0239-saned-configurable_timeout.patch 2016-06-06 12:24:17.000000000 -0400 @@ -0,0 +1,121 @@ +Description: Add an option to set the watchdog timeout + An option that allows to set the watchdog timeout is added to both the command line and the configuration file. +The default value is 3600 seconds, to preserve the previous behavior, and the valid range is 60 to 86400 seconds. The watchdog is enabled in the default debug level. +Author: Dhionel DÃaz <[email protected]> +Last-Update: 2016-06-06 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/doc/saned.man ++++ b/doc/saned.man +@@ -11,6 +11,8 @@ + .B | \-s + .I [ n ] + .B | \-r ++.B | \-t ++.I n + .B | \-h + .B ] + .SH DESCRIPTION +@@ -47,6 +49,11 @@ + Default is not to report those scanners. + .PP + The ++.B -t ++flag sets the time, in seconds, that an idle connection is allowed to remain open. ++The default value is 3600 seconds and the valid range is 60 to 86400 seconds. ++.PP ++The + .B \-d + and + .B \-s +@@ -111,6 +118,10 @@ + Any value other than "true", "yes" or "1" will keep this option disabled, + which is the default when this option nor the command line flag "-r" is specified. + .PP ++\fBwatchdog_timeout\fP = \fIn\fP ++Specifies the time, in seconds, that an idle connection is allowed to remain open. ++The default value is 3600 seconds and the valid range is 60 to 86400 seconds. ++.PP + The access list is a list of host names, IP addresses or IP subnets + (CIDR notation) that are permitted to use local SANE devices. IPv6 + addresses must be enclosed in brackets, and should always be specified +--- a/frontend/saned.c ++++ b/frontend/saned.c +@@ -247,6 +247,7 @@ + static int debug; + static int run_mode; + static SANE_Bool reexport_remote_scanners_disabled = SANE_TRUE; ++static int watchdog_timeout = 3600; + static Handle *handle; + static union + { +@@ -333,8 +334,8 @@ + static void + reset_watchdog (void) + { +- if (!debug) +- alarm (3600); ++ if (debug <= DBG_WARN) ++ alarm (watchdog_timeout); + } + + static void +@@ -2715,6 +2716,28 @@ + } + } + } ++ else if (strstr(config_line, "watchdog_timeout") != NULL) ++ { ++ optval = sanei_config_skip_whitespace (++optval); ++ if ((optval != NULL) && (*optval != '\0')) ++ { ++ val = strtol (optval, &endval, 10); ++ if (optval == endval) ++ { ++ DBG (DBG_ERR, "read_config: invalid value for watchdog_timeout\n"); ++ continue; ++ } ++ else if ((val < 60) || (val > 86400)) ++ { ++ DBG (DBG_ERR, "read_config: watchdog_timeout is invalid\n"); ++ continue; ++ } ++ ++ watchdog_timeout = val; ++ ++ DBG (DBG_INFO, "read_config: watchdog_timeout: %d\n", watchdog_timeout); ++ } ++ } + } + fclose (fp); + DBG (DBG_INFO, "read_config: done reading config\n"); +@@ -3297,7 +3320,9 @@ + opterr = 0; /* wir wollen keine fremden Ausgaben */ + + do { +- switch (optc = getopt(argc, argv, "ad:s:r")) { ++ long val; ++ ++ switch (optc = getopt(argc, argv, "ad:s:rt:")) { + + case 'a': /* stand-alone */ + run_mode = SANED_RUN_ALONE; +@@ -3319,8 +3344,17 @@ + reexport_remote_scanners_disabled = SANE_FALSE; + DBG (DBG_INFO, "main: enabled serving remote scanner devices\n"); + break; ++ case 't': /* set watchdog timeout in seconds */ ++ val = strtol(optarg, NULL, 10); ++ if ((val < 60) || (val > 86400)) { ++ DBG (DBG_WARN, "main: watchdog timeout is invalid\n"); ++ break; ++ } ++ watchdog_timeout = val; ++ DBG (DBG_INFO, "main: watchdog timeout set to %d seconds\n", watchdog_timeout); ++ break; + case '?': /* unknown option */ +- printf ("Usage: saned [ -a [ username ] | -d [ n ] | -s [ n ] ] | -r | -h\n"); ++ printf ("Usage: saned [ -a [ username ] | -d [ n ] | -s [ n ] ] | -r | -t n | -h\n"); + if ((strncmp (argv[1], "-h", 2) == 0) || + (strncmp (argv[1], "--help", 6) == 0)) + exit (EXIT_SUCCESS); diff -Nru sane-backends-1.0.25/debian/patches/series sane-backends-1.0.25/debian/patches/series --- sane-backends-1.0.25/debian/patches/series 2016-04-16 19:37:14.000000000 -0430 +++ sane-backends-1.0.25/debian/patches/series 2016-06-01 18:20:35.000000000 -0400 @@ -17,3 +17,4 @@ 0710-sane-desc.c_debian_mods.patch 0125-multiarch_dll_search_path.patch 0233-saned-remotescanners.patch +0239-saned-configurable_timeout.patch
signature.asc
Description: OpenPGP digital signature
