Re: Cannot connect to CUPS web interface in -current

Fred Sat, 07 Mar 2015 13:34:54 -0800

On 03/07/15 17:41, Alessandro DE LAURENZIS wrote:

Dear misc@ readers,


I must admit, I do not have a lot of luck with CUPS...

This time, I'm not even able to connect to the web interface!

Brand new snapshot installation:

just22@poseidon:[~]> uname -a
OpenBSD poseidon.atlantide.net 5.7 GENERIC.MP#875 amd64

CUPS daemon is up and running, but when I try to access to
https://localhost:631, there seems to be troubles with the SSL
encryption; in lynx, for example:

SSL error:unable to get local issuer certificate-Continue? (y)
SSL error:host(localhost)!=cert(CN<poseidon.atlantide.net>)-Continue? (y)
Alert: HTTP/1.0 404 Not Found

There are some evidence the SSL is the culprit in
/var/log/cups/error_log too:

just22@poseidon:[~]> tail /var/log/cups/error_log
E [07/Mar/2015:18:14:42 +0100] [Client 1] Unable to encrypt connection: Error 
in the pull function.

Reinforcing the log level to debug:
I [07/Mar/2015:18:23:47 +0100] Listening to [v1.::1]:631 (IPv6)
I [07/Mar/2015:18:23:47 +0100] Listening to 127.0.0.1:631 (IPv4)
I [07/Mar/2015:18:23:47 +0100] Listening to /var/run/cups/cups.sock (Domain)
I [07/Mar/2015:18:23:47 +0100] Remote access is disabled.
D [07/Mar/2015:18:23:47 +0100] Added auto ServerAlias poseidon.atlantide.net
D [07/Mar/2015:18:23:47 +0100] Added auto ServerAlias poseidon
I [07/Mar/2015:18:23:47 +0100] Loaded configuration file "/etc/cups/cupsd.conf"
D [07/Mar/2015:18:23:47 +0100] Using keychain "/etc/cups/ssl" for server name 
"poseidon.atlantide.net".
I [07/Mar/2015:18:23:47 +0100] Using default TempDir of /var/spool/cups/tmp...
I [07/Mar/2015:18:23:47 +0100] Configured for up to 100 clients.
I [07/Mar/2015:18:23:47 +0100] Allowing up to 100 client connections per host.
I [07/Mar/2015:18:23:47 +0100] Using policy "default" as the default.
I [07/Mar/2015:18:23:47 +0100] Full reload is required.
I [07/Mar/2015:18:23:47 +0100] Loaded MIME database from "/usr/local/share/cups/mime" and 
"/etc/cups": 39 types, 57 filters...
I [07/Mar/2015:18:23:47 +0100] Loading job cache file 
"/var/cache/cups/job.cache"...
I [07/Mar/2015:18:23:47 +0100] Full reload complete.
I [07/Mar/2015:18:23:47 +0100] Listening to [v1.::1]:631 (IPv6)
I [07/Mar/2015:18:23:47 +0100] Listening to 127.0.0.1:631 (IPv4)
I [07/Mar/2015:18:23:47 +0100] Listening to /var/run/cups/cups.sock (Domain)
I [07/Mar/2015:18:23:47 +0100] Remote access is disabled.
D [07/Mar/2015:18:23:47 +0100] Added auto ServerAlias poseidon.atlantide.net
D [07/Mar/2015:18:23:47 +0100] Added auto ServerAlias poseidon
I [07/Mar/2015:18:23:47 +0100] Loaded configuration file "/etc/cups/cupsd.conf"
D [07/Mar/2015:18:23:47 +0100] Using keychain "/etc/cups/ssl" for server name 
"poseidon.atlantide.net".
I [07/Mar/2015:18:23:47 +0100] Using default TempDir of /var/spool/cups/tmp...
I [07/Mar/2015:18:23:47 +0100] Configured for up to 100 clients.
I [07/Mar/2015:18:23:47 +0100] Allowing up to 100 client connections per host.
I [07/Mar/2015:18:23:47 +0100] Using policy "default" as the default.
I [07/Mar/2015:18:23:47 +0100] Full reload is required.
I [07/Mar/2015:18:23:47 +0100] Loaded MIME database from "/usr/local/share/cups/mime" and 
"/etc/cups": 39 types, 57 filters...
D [07/Mar/2015:18:23:47 +0100] Scanning /var/spool/cups for jobs...
I [07/Mar/2015:18:23:47 +0100] Full reload complete.
D [07/Mar/2015:18:23:47 +0100] cupsdCleanFiles(path="/var/spool/cups/tmp", 
pattern="(null)")
I [07/Mar/2015:18:23:47 +0100] Cleaning out old files in "/var/spool/cups/tmp".
D [07/Mar/2015:18:23:47 +0100] cupsdCleanFiles(path="/var/cache/cups", 
pattern="*.ipp")
I [07/Mar/2015:18:23:47 +0100] Cleaning out old files in "/var/cache/cups".
I [07/Mar/2015:18:23:47 +0100] Listening to [v1.::1]:631 on fd 9...
I [07/Mar/2015:18:23:47 +0100] Listening to 127.0.0.1:631 on fd 10...
I [07/Mar/2015:18:23:47 +0100] Listening to /var/run/cups/cups.sock on fd 11...
I [07/Mar/2015:18:23:47 +0100] Resuming new connection processing...
D [07/Mar/2015:18:23:47 +0100] cupsdSetBusyState: newbusy="Not busy", busy="Not 
busy"
D [07/Mar/2015:18:23:47 +0100] cupsdAddCert: Adding certificate for PID 0
D [07/Mar/2015:18:23:47 +0100] Discarding unused server-started event...
D [07/Mar/2015:18:23:48 +0100] Report: clients=0
D [07/Mar/2015:18:23:48 +0100] Report: jobs=0
D [07/Mar/2015:18:23:48 +0100] Report: jobs-active=0
D [07/Mar/2015:18:23:48 +0100] Report: printers=0
D [07/Mar/2015:18:23:48 +0100] Report: stringpool-string-count=297
D [07/Mar/2015:18:23:48 +0100] Report: stringpool-alloc-bytes=4832
D [07/Mar/2015:18:23:48 +0100] Report: stringpool-total-bytes=5000
D [07/Mar/2015:18:24:33 +0100] [Client 1] Accepted from localhost:11723 (IPv4)
D [07/Mar/2015:18:24:33 +0100] [Client 1] Waiting for request.
I [07/Mar/2015:18:24:36 +0100] [Client 1] Connection now encrypted.
D [07/Mar/2015:18:24:37 +0100] [Client 1] GET / HTTP/1.0
D [07/Mar/2015:18:24:37 +0100] cupsdSetBusyState: newbusy="Active clients", 
busy="Not busy"
D [07/Mar/2015:18:24:37 +0100] [Client 1] Read: status=200
D [07/Mar/2015:18:24:37 +0100] [Client 1] No authentication data provided.
D [07/Mar/2015:18:24:37 +0100] [Client 1] Processing GET /
I [07/Mar/2015:18:24:37 +0100] [Client 1] Files/directories such as 
"/usr/local/share/doc/cups/" must be world-readable.
D [07/Mar/2015:18:24:37 +0100] [Client 1] cupsdSendHeader: code=404, 
type="text/html", auth_type=0
D [07/Mar/2015:18:24:37 +0100] [Client 1] Closing because Keep-Alive is 
disabled.
D [07/Mar/2015:18:24:37 +0100] [Client 1] Closing connection.
D [07/Mar/2015:18:24:37 +0100] cupsdSetBusyState: newbusy="Not busy", busy="Active 
clients"
D [07/Mar/2015:18:24:37 +0100] [Client 1] Waiting for socket close.
D [07/Mar/2015:18:24:37 +0100] [Client 1] HTTP_STATE_WAITING Closing for error 
32 (Broken pipe)
D [07/Mar/2015:18:24:37 +0100] [Client 1] Closing connection.

So it seems that the errors are not always reported (even if the
connection always fails); is it just red herring? I'm completely lost...

Any hints? Of course, I'm available for further debug, just let me know.

Thanks in advance for your time

Both Firefox and Chrome let me do https://localhost:631/ but then bothcomplain and I have to add exceptions, once added it works for me.


In chrome the connection is then encrypted with TLS 1.2

port:fred ~> uname -a; dmesg|head -4; pkg_info| grep cups
OpenBSD port.crowsons.com 5.7 GENERIC.MP#860 amd64
OpenBSD 5.7-beta (GENERIC.MP) #860: Sun Feb 22 03:14:54 MST 2015
    t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8447131648 (8055MB)
avail mem = 8218349568 (7837MB)
cups-2.0.2          Common Unix Printing System
cups-filters-1.0.65 OpenPrinting CUPS filters
cups-libs-2.0.2     CUPS libraries and headers
cups-pk-helper-0.2.5 fine-grained privileges PolicyKit helper for CUPS
gtk+3-cups-3.14.8   gtk+3 CUPS print backend

Maybe ktrace cups to seem that can give any clues.

hth

Fred

Re: Cannot connect to CUPS web interface in -current

Reply via email to