This release of LPRng has had a set of changes that were pending incorporated into it.
The most obvious to administrators is the control file (cfX...) is no longer present in the spool queue. All of the control file information is duplicated in the 'hold file' (hfX...). This file not only contains the control information, but also many other option settings. The control file contents are still generated and passed to the incoming_control_filter and control_filter programs; this functionality is still retained. However, the incoming_control_filter program can now modify values in the 'hold file'. This allows the job priority, class, hold actions, etc., to be modified in a much easier manner. You should still use the exit codes to set immediate actions such as 'toss this job (JFAIL)', etc. The hold file contents are also passed to filters as the HF environment variable value. Another change is the discard_large_jobs option (default TRUE). If an incoming job exceeds the maximum size limits then it is accepted, but the contents are tossed to /dev/null as they are received. As a side effect, this action is recorded in the spool queue status so you can check to see what happened to the job. Finally, the 'move' action (lpc move from_queue jobid new_queue) has been heavily modified to perform an (almost) immedate 'move' action by copying jobs from one spool queue to another, if they are on the same host. If they are not, then the queue server will transfer the job first before finishing any other actions. This change fits in with the notion that a 'move' operation is an administrators desperate effort to rescue a job that is stuck behind another job. You do not want to stop the printing of the job currently in progess, but you need to get the stuck job printed. Version LPRng-3.8.25 - Wed Jan 7 04:46:12 PST 2004 MAJOR CHANGE in internals: The legacy 'control file' has been removed from the spool queue as all of the information is duplicated in the hold file. The various LPRng documents will be updated to reflect this. Users who access the control file information external to LPRng should be warned that this is not a good idea due to file locking, etc. MAJOR CHANGE in 'move' operation: The 'lpc move' is now 'nonblocking'. If you request a job to be moved, the LPD server will start a process to (almost) immediately move the job. Until this job is moved, no other job processing for the queue will be done. If the move is to a local queue on the same host, then the job will be copied via a file copy. This action is identical to the action for sending a job to a 'load balance' queue, with the difference that the job is immediately marked as done rather than after the load balance queue has printed it. Note: if you enter a non-existent remote queue, then the LPD subserver process trying to move the job will/may sit in an endless loop trying to move the job. Added: discard_large_jobs option discard_large_jobs - if this option is set, large jobs are accepted and then discarded. Fixed: Priority and Class For incoming jobs, the first letter of the C (class) field in the control file is used to set the priority. This action is modified by the: # ignore requested user priority ignore_requested_user_priority=0 # do not set priority from class name break_classname_priority_link=0 If not present or the break_classname_priority_link, the default priority value is used to set the priority. (C=) and class (class=) values in the control file. This deals with several lpd print clients that appear to to assign random control file names and do not have a C field in the control file. Not to mention users who try to manipulate queue priorities. Modified: incoming_control_filter action This filter is applied to the incoming job control file. and is used to modify the actions of the LPD server. options. The output can be in the form: Xoption X (no option) Xoption ... <blank line> key=value key=value The Xoption is equivalent to X=option. The key=value set of options is separated from the first by a blank line. If an option is not specified, it is not modified. The X (no option) or X= (no option) form will remove the option from the control file. It is dangerous to try to modify the A (identifier) option unless the user has intimate knowledge of the LPRng lpd server operation. Modified: filter environment variables Filters are now invoked with the HF environment variable set to the hold file contents. This assists with the incoming_control_filter and control_filter actions. Fixed: The 'Remove_done_jobs' code now removes done and error jobs. This makes the 'done_jobs' and 'done_jobs_max_age' actions symmetrical. Documented: added more details to the -D flags. debug flag format: num | flag[+num] | flag=str flag names: print[+N], lpr[+N], lpc[+N], lprm[+N], lpq[+N], network[+N], database[+N], log[+N], test=num use on command line, or in printcap :db=... entry for server: print: show queue (printing) actions, larger number, more information NUMBER same as print+NUMBER lpr: show servicing lpr actions lpq: show servicing lpq actions lprm: show servicing lprm actions network: show low level network actions database: show low level database actions log: Testing. Don't use this unless you read the code. test: Testing. don't use this unless you read the code. for clients (lpr, lpq, etc): print: show client actions, larger number, more information NUMBER same as print+NUMBER network: show low level network actions. database: show low level database actions. Modified: The lpq display now shows Pr/Class (Priority/Class) information if the priority is different than the class information. This better shows information on the class/priority relationshiop. The Class information is in the 'class=' field in the control file and the Priority information is in the priority field. The 'nonexistent printer message' has been modified to be a little more helpful, or at least more verbose: Status Information, attempt 1 of 3: sending job '[EMAIL PROTECTED]' to [EMAIL PROTECTED] connecting to 'localhost', attempt 1 connected to 'localhost' requesting printer [EMAIL PROTECTED] job '[EMAIL PROTECTED]' transfer to [EMAIL PROTECTED] failed error 'NONZERO RFC1179 ERROR CODE FROM SERVER' with ack 'ACK_FAIL' sending str '^Bxx' to [EMAIL PROTECTED] error msg: 'spool queue for 'xx' does not exist on server h110.private' error msg: 'check for correct printer name or you may need to run' error msg: ''checkpc -f' to create queue' Waiting 10 seconds before retry Version LPRng-3.8.24 - Fri Dec 12 15:03:02 PST 2003 Small bugfixes Cygwin patch applied. (From "Luke Bakken"<[EMAIL PROTECTED]> Comment: I thought I'd check LPRng to make sure that the latest version still works OK with Cygwin. Everything seems OK except for the checkpc.c "root" user warning. Will this patch be OK for that file? GCC 3.xx giveth, GCC 2.95 taketh a hard line. Patch for - t = 0; char buffer[128]; in user_auth.c (From: "Marcus Overhagen" <[EMAIL PROTECTED]> and Jeff Chua <[EMAIL PROTECTED]>) Version LPRng-3.8.23 - Wed Nov 12 13:32:02 PST 2003 I did not document that the default locations of the lpd.conf and lpd.perms file are now /etc/lpd/lpd.conf and /etc/lpd/lpd.perms This change puts all of the lpd files, except /etc/printcap, whose location is hardwired into too many places, in the /etc/lpd directory. You can change this: configure --help --with-config_subdir=CONFIG_SUBDIR configuration subdirectory (default 'lpd') --with-lpddir=DIR lpd executable directory (default \${sbindir}) --with-lpd_conf_path=PATH path of lpd.conf (default: \${sysconfdir}/${CONFIG_SUBDIR}/lpd.conf) --with-lpd_perms_path=PATH path of lpd.perms (default: \${sysconfdir}/${CONFIG_SUBDIR}/lpd/lpd.perms) --with-printcap_path=PATH path of printcap (default \${sysconfdir}/printcap) --with-lpd_printcap_path=PATH path of lpd_printcap (default \${sysconfdir}/${CONFIG_SUBDIR}/lpd_printcap) --with-initpath=PATH path of lpd startup file (default /usr/local/etc/rc.d/lprng.sh) Also, the postinstall will now copy the old files to the new locations and issue a warning message. Fixed up a very subtle problem with 'chooser' functionality. we now have to find out if we really need to call the chooser if we are working and have a single queue, then we do not need to call the chooser if :sv= p1,p2 but none are available then we do not need to call the chooser if :sv == "" - then we do need to call the chooser if :sv == p1,p2 and at least one is available - then we do need to call the chooser Added the 'chooser_scan_queue' flag. If the flag is 1, then we check all the jobs in the spool queue to see if any can be sent to any destination. If the flag is 0 (default), then only the first printable job in the queue is checked. This causes only the first job in the queue to be tested, which is probably the appropriate behaviour for the majority of situations. Determined that it was possible to do a denial of service attack on the LPRng system. Added a zillion timeouts for reads/writes to socket/pipe connections. - for 'non-printing' actions, used Send_query_rw_timeout - for 'printing' actions, used Send_job_rw_timeout - on initial connections, use Send_job_rw_timeout, then Connect_timeout, and finally fall back to 10 seconds. While this does not totally eliminate the attack, it does try to make the LPD server responsive after the timeout periods. This is better than nothing. Note that there is a problem when you use these timeouts AND you are connecting to a slow printer. This solves the mystery of the 'hanging lpr processes' on some systems where a connection is made to the lpd server and then nothing is sent so there is no way to timeout things. Added a further fallback for missing filters: job format X - filter is :Xf=/filter if present, else filter is :filter=/filter if present, else filter is :if=/filter if present. Added --with-config_subdir (=lpd) to allow the $sysconfig/$subdir to be the directory for lpd.conf and lpd.perms files, also SSL files. The :ppd=file option now specifies the location of a PPD file. This is used by foomatic-rip (http://www.linuxprinting.org) to specify options and by ifhp. - checkpc -f checks to see if the file is present and readable - lpc ppd will return the PPD file contents We can now integrate lrpng into KDE in a straight forward manner, as the ppd file should be standard. Also, you can specify a default PPD file in /etc/lpd.conf. This will be added to the printcap entries shown by lpc printcap and passed to the filters. Added a 'pc_entries_required' option that will force the specified printcap entries to be put into the PRINTCAP_ENTRY information if they have a defined value and are not in the printcap entry. The current (only) value is ppd, but I suspect others might be nice. Fixed a bug in the way that the PGP security was implemented. - removed the PGP* environment variables from the default pass list for clients - did sanity checks for PGPPASS, PGPPASSFILE, and PGPPASSFD, and passed only the correct ones. Also opened the PGPPASSFILE and passed the file descriptor. - made sure that the file descriptor specified in PGPPASSFD was actually connected to the open file. - only passed PGPPASS if running as a client. - on clients, passing the PGPPATH environment value, on server using printcap :pgp_server_pgppath value (if specified). - updated the Reference (AKA LPRng-HOWTO) manual to reflect these changes. In summary, we now use: lp: :pgp_path - path of the PGP program :pgp_id - id for clients to use when sending to server - id used by server for decoding client requests :pgp_server_pgppath - PGPPATH environment variable for server :pgp_server_passphrasefile - file containing passphrase (must be absolute path name or is relative to the spool directory) :pgp_forward_id - for server to server communications id of the remote server :pgp_passphrasefile - default client passphrase file For clients, the following environment variables are used: PGPPATH - location of PGP configuration and key files PGPPASS - password PGPPASSFD - file descriptor to file with password PGPPASSFILE - file with password If PGPASSFD and PGPPASSFILE not defined, then - if PGPPATH defined, look for $PGPPATH/$passphrasefile - if $HOME defined, look in $HOME/.pgp/$passphrasefile Error in SSL Support discovered by Geoff Greene and patch supplied. (Patch and hard work by: Geoff Greene <[EMAIL PROTECTED]>) Amazing speed of some systems is so fast that jobs complete in less than the resolution of the system clock. This, needless to say, has some interesting problems with job order. Added some sequence numbers as well as time to various places. Screwed up the patch sent by Henrik Edlund <[EMAIL PROTECTED]>. It should have been: > for(i = 0; i < listv.count; ++i ){ > s = listv.list[i]; > - if( (t = safestrpbrk(s,File_sep)) ) *t++ = 0; > + if( (t = safestrpbrk(s,Value_sep)) ) *t++ = 0; > Free_line_list(&l); > - Split(&l,t,Value_sep,0,0,0,0,0,0); > + Split(&l,t,File_sep,0,0,0,0,0,0); > DEBUGF(DLPQ1)("Job_status: Force_lpq_status '%s'='%s'", s,t); (Correction by: Henrik Edlund <[EMAIL PROTECTED]>) Misimplemented Hendriks accounting fixes. - if( Match_ipaddr_value(&l,&RemoteHost_IP) ){ + if( Match_ipaddr_value(&l,&RemoteHost_IP) == 0 ){ Oooops. (Correction by: Henrik Edlund <[EMAIL PROTECTED]>) utiltities.c: modified the 'Find_{str,flag,decimal}_value routines so that they did not take a separator option. This appears to be an oversite due to the importation from another set of code. Apparently I wanted to used non-printable characters as separators, but this turned out to be too hard to debug, so I used '=', '#', and '@' instead. Modified the init.freebsd.sh, postinstall.freebsd.sh, and preremove.freebsd.sh files to be a bit more 'ports' friendly. Updated the STANDARD_install to be more in line with FreeBSD/NetBSD. Documented the max_accounting_file_size and min_accounting_file_size option and changed the lpd.conf comment to indicate a 0 value disables truncation. (Lack of documentation pointed out by: Jim Trocki <[EMAIL PROTECTED]>) Fixed typos in INSTALL document. (Pointed out by: Daniel E Singer <[EMAIL PROTECTED]>) Version LPRng-3.8.22 - Fri Sep 5 08:45:33 PDT 2003 Updated the LPRng, IFHP, and LPRngTool LICENSE with the new Artistic License from the www.opensource.org web site. Updated the DISTRIBUTIONS/FreeBSD port information to meet the current (new) port format. Renamed LPRng HOWTO to LPRng Reference Manual. Added notes to the Printing Cookbook. lpf.c - removed log() and fatal(). (Suggested by: Torsten Rohlfing <[EMAIL PROTECTED]>) Filter command line options now allows ${X} to reference a control file option. You can now use: $X with -X<value> (if present) $0X with -X <value> (adds space) $'X with -X'<value>' (adds quotes) $-X with <value> (drops key) $0-X with <value> (same as $-X) $'-X with '<value>' (adds quotes) ${ss} with value of printcap option ss $'{ss} with quoted value of printcap option ss or job control file option Example: filter=ifhp -Z '${S},${O}' This will get the O and S options from the job control file. Note that $S is the 'printer comment name' and '$P' is the 'actual printer name'. (prompted by a question from: Paul Armstrong <[EMAIL PROTECTED]>) Fixed vars.c 'fifo' option - -{ "fifo", 0, STRING_K, &Fifo_DYN,0,0,0}, +{ "fifo", 0, FLAG_K, &Fifo_DYN,0,0,0}, (Thanks to the Debian folks - especially Craig Small <[EMAIL PROTECTED]>) Fixed up [EMAIL PROTECTED] parsing so you can do: localhost:[EMAIL PROTECTED] and it gets expanded to: localhost:[EMAIL PROTECTED] This is pretty far down the extrema of wierd... But somebody came up with a use for it. Sigh... (Lots of head scratching caused by: Michael J. Carter <[EMAIL PROTECTED]>) Filters no longer have file descriptor 3 connected to the 'accounting file'. Since the '-a accounting_file' option provides the name of the file and this should be used instead. plp_snprintf now handles '*' in floating precision correctly. (Patch by: Henrik Edlund <[EMAIL PROTECTED]>) if( Run_OF_filter(), Status_file_DYN ) problem found. (Thanks to the Debian List: Sam Lown <[EMAIL PROTECTED]> and Craig Small <[EMAIL PROTECTED]>) If you want to use force_lpq_status according to the docs (HOWTO), the following patch has to be applied. Otherwise it doesn't work when you have several ip netmasks listed as in the example: force_lpq_status=s=pc*.eng.com,130.192.12.0/24,l=sun*.eng.com Change is: - Split(&l,t,Value_sep,0,0,0,0,0,0); Value_sep DEFINE( = " \t=#@" ); + Split(&l,t,File_sep,0,0,0,0,0,0); File_sep DEFINE( = " \t,;:" ); (Pointed out to me by: Henrik Edlund <[EMAIL PROTECTED]>) Updated the configure and src/krb5_auth.c to be consistent with latest Kerberos releases. Added 'accounting_namefixup' option as suggested by Henrik Edlund <[EMAIL PROTECTED]> accounting_namefixup=list[,list]* where list is: host(,host*)[=user(,user*)] The incoming job is check to see if the originating host (RemoteHost_IP) is in the list of hosts; the first matching one found is used. Each host list has the format: host,host... where host has the same format used for the 'oh' and other host name matching options. You can use '!host' to invert matching. For example: host1,127.*,!somehost When a host match is found, the name to be used for the user is determined from the user list; if none is specified then no changes are made. Each entry in the user list has the format ${option} or 'name'; the ${option} values are extracted from the control file (capital letters) or printcap/configuration information (lower case letters/names). The first non-empty value found is used. For example: ${R},${L},${accounting_name},default If the control file 'R' option is present, the R option value is used else if the control file 'L' option is present, the L option value is used, else if the printcap/config option 'accounting_name' is not empty then it is used, otherwise the 'default' value is used. (Original suggestion and patches by: Henrik Edlund <[EMAIL PROTECTED]>) Fought with the various Kerberos distributions and appear to have a new version that compiles with the Kerberos 1.3.1 release and with other legacy releases. Added the "# REJECT NOT SERVER" comment to the lpd.perms file to cause LPRng to reject all jobs/connections from external (non-localhost) clients ----------------------------------------------------------------------------- YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST <mailaddr> | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST <mailaddr> | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. -----------------------------------------------------------------------------