Your message dated Mon, 12 Aug 2013 15:52:29 +0100
with message-id <[email protected]>
and subject line Re: Bug#525910: cups fails to print with "400 Bad Request" --
ServerName, ServerAlias
has caused the Debian Bug report #525910,
regarding cups fails to print with "400 Bad Request" -- ServerName, ServerAlias
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
525910: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525910
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: cups
Version: 1.3.10-1
Severity: normal
Hello,
I've been getting "400 Bad Request" errors on CUPS clients and in the CUPS log
file (after enabling debug-level logging).
I think the problem is this:
cupsdNetIFUpdate: "eth0" = hostname.domainname.local:631
Given an entry of...
192.168.196.7 hostname.domainname.local hostname
and a cupsd.conf ServerName of...
ServerName hostname
Listen 631
.... CUPS ties to 192.168.196.7 and hostname "hostname.domainname.local",
subsequently refusing non-FQDN "hostname" in Host: headers.
I think this must have popped up in the most recent update. I also think that
it's a bug. If ServerName is "hostname" (and this address resolves), CUPS
should accept print jobs with that Host: header and not expect the FQDN
hostname (which is usually made-up on local subnets anyway). It is absurd for
CUPS not to accept print jobs to its own "ServerName".
Setting "ServerAlias *" gets CUPS printing again (presumably because it now
accepts the mere "hostname"); so does removing "hostname.domainname.local" from
/etc/hosts and just using the hostname without domainname.
In short, CUPS shouldn't require the FQDN to be used, especially if the
ServerName is the non-FQDN; or it should perhaps create an automatic alias with
both the FQDN and non-FQDN variant.
Thanks for your time,
Wouter
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.25
Locale: LANG=C, LC_CTYPE=en_GB.utf-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages cups depends on:
ii adduser 3.110 add and remove users and groups
ii bc 1.06.94-3.1 The GNU bc arbitrary precision cal
ii cups-common 1.3.10-1 Common UNIX Printing System(tm) -
ii debconf [debconf-2.0 1.5.26 Debian configuration management sy
ii ghostscript 8.64~dfsg-1.1 The GPL Ghostscript PostScript/PDF
ii libavahi-compat-libd 0.6.25-1 Avahi Apple Bonjour compatibility
ii libc6 2.9-7 GNU C Library: Shared libraries
ii libcups2 1.3.10-1 Common UNIX Printing System(tm) -
ii libcupsimage2 1.3.10-1 Common UNIX Printing System(tm) -
ii libdbus-1-3 1.2.12-1 simple interprocess messaging syst
ii libgcc1 1:4.3.3-8 GCC support library
ii libgnutls26 2.6.5-1 the GNU TLS library - runtime libr
ii libgssapi-krb5-2 1.6.dfsg.4~beta1-13 MIT Kerberos runtime libraries - k
ii libijs-0.35 0.35-7 IJS raster image transport protoco
ii libkrb5-3 1.6.dfsg.4~beta1-13 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.15-1.1 OpenLDAP libraries
ii libpam0g 1.0.1-9 Pluggable Authentication Modules l
ii libpaper1 1.1.23+nmu1 library for handling paper charact
ii libpoppler4 0.10.6-1 PDF rendering library
ii libslp1 1.2.1-7.5 OpenSLP libraries
ii libstdc++6 4.3.3-8 The GNU Standard C++ Library v3
ii lsb-base 3.2-22 Linux Standard Base 3.2 init scrip
ii perl-modules 5.10.0-19 Core Perl modules
ii procps 1:3.2.7-11 /proc file system utilities
ii ssl-cert 1.0.23 simple debconf wrapper for OpenSSL
ii ttf-freefont 20090104-2 Freefont Serif, Sans and Mono True
ii xpdf-utils [poppler- 3.02-1.4 Portable Document Format (PDF) sui
ii zlib1g 1:1.2.3.3.dfsg-13 compression library - runtime
Versions of packages cups recommends:
pn avahi-utils <none> (no description available)
ii cups-client 1.3.10-1 Common UNIX Printing System(tm) -
ii foomatic-filters 4.0-20090311-1 OpenPrinting printer support - fil
pn smbclient <none> (no description available)
Versions of packages cups suggests:
ii cups-bsd 1.3.10-1 Common UNIX Printing System(tm) -
pn cups-driver-gutenprint <none> (no description available)
ii cups-pdf 2.5.0-2 PDF printer for CUPS
ii foomatic-db 20090301-2 OpenPrinting printer support - dat
ii foomatic-db-engine 4.0-20090301-1 OpenPrinting printer support - pro
pn hplip <none> (no description available)
pn xpdf-korean | xpdf-japane <none> (no description available)
-- debconf information:
cupsys/raw-print: true
cupsys/backend: ipp, lpd, parallel, scsi, serial, socket, usb, snmp, dnssd
--- End Message ---
--- Begin Message ---
http://article.gmane.org/gmane.comp.printing.cups.bugs/6358
looks like a post on the same issue which is in this report. Upstream's
response was:
Yes, from the original CERT issue, CUPS is vulnerable to DNS rebinding
attacks on the loopback interface out-of-the-box.
and STR #3183 was closed without resolution. Debian usually follows
upstream policy is such situations.
Regards,
Brian.
--- End Message ---
