diff -up cups-2.2.0/cups/auth.c.resolv_reload cups-2.2.0/cups/auth.c --- cups-2.2.0/cups/auth.c.resolv_reload 2017-05-09 10:36:47.764075800 +0200 +++ cups-2.2.0/cups/auth.c 2017-05-09 10:40:50.074052694 +0200 @@ -519,6 +519,18 @@ cups_gss_getname( DEBUG_printf(("7cups_gss_getname(http=%p, service_name=\"%s\")", http, service_name)); +#ifdef HAVE_RES_INIT + /* + * Check if /etc/resolv.conf is modified. + * If so, reload resolver. + */ + + dns_resolver_reload_rv retval; + + retval = dnsReloadResolver(); + if (retval.status == DNS_RESOLVER_RELOAD_ERROR) + DEBUG_printf(("1cups_gss_getname: dnsReloadResolver() failed - %s.", strerror(retval.errnum))); +#endif /* HAVE_RES_INIT */ /* * Get the hostname... diff -up cups-2.2.0/cups/http-addr.c.resolv_reload cups-2.2.0/cups/http-addr.c --- cups-2.2.0/cups/http-addr.c.resolv_reload 2017-05-09 10:36:58.094989545 +0200 +++ cups-2.2.0/cups/http-addr.c 2017-05-09 10:43:51.958516333 +0200 @@ -361,6 +361,20 @@ httpAddrLookup( #ifdef HAVE_RES_INIT /* + * Check if /etc/resolv.conf is modified. + * If so, reload resolver and set need_res_init to 0. + */ + + dns_resolver_reload_rv retval; + + retval = dnsReloadResolver(); + + if (retval.status == DNS_RESOLVER_RELOAD_RELOADED && cg->need_res_init == 1) + cg->need_res_init = 0; + + if (retval.status == DNS_RESOLVER_RELOAD_ERROR) + DEBUG_printf(("1httpAddrLookup: dnsReloadResolver() failed - %s.", strerror(retval.errnum))); + /* * STR #2920: Initialize resolver after failure in cups-polld * * If the previous lookup failed, re-initialize the resolver to prevent diff -up cups-2.2.0/cups/http-addrlist.c.resolv_reload cups-2.2.0/cups/http-addrlist.c --- cups-2.2.0/cups/http-addrlist.c.resolv_reload 2017-05-09 10:37:03.834941621 +0200 +++ cups-2.2.0/cups/http-addrlist.c 2017-05-09 10:45:10.426832540 +0200 @@ -483,6 +483,20 @@ httpAddrGetList(const char *hostname, /* #ifdef HAVE_RES_INIT /* + * Check if /etc/resolv.conf is modified. + * If so, reload resolver and set cg->need_res_init to 0 + */ + + dns_resolver_reload_rv retval; + + retval = dnsReloadResolver(); + + if (retval.status == DNS_RESOLVER_RELOAD_RELOADED && cg->need_res_init == 1) + cg->need_res_init = 0; + + if (retval.status == DNS_RESOLVER_RELOAD_ERROR) + DEBUG_printf(("1httpAddrGetList: dnsReloadResolver() failed - %s.", strerror(retval.errnum))); + /* * STR #2920: Initialize resolver after failure in cups-polld * * If the previous lookup failed, re-initialize the resolver to prevent diff -up cups-2.2.0/cups/http.c.resolv_reload cups-2.2.0/cups/http.c --- cups-2.2.0/cups/http.c.resolv_reload 2017-05-09 10:37:23.282779246 +0200 +++ cups-2.2.0/cups/http.c 2017-05-09 10:47:21.406691147 +0200 @@ -107,7 +107,9 @@ static const char * const http_fields[] "Allow", "Server" }; - +#ifdef HAVE_RES_INIT +time_t resolv_conf_modtime = 0; +#endif /* HAVE_RES_INIT */ /* * 'httpAcceptConnection()' - Accept a new HTTP client connection from the @@ -4811,3 +4813,107 @@ http_write_chunk(http_t *http, /* I return (bytes); } + +#ifdef HAVE_RES_INIT +/* + * Function to check modification time of resolv.conf. + * If time is changed, it reloads resolver. + * If /etc/resolv.conf doesn't exist, it tries to reload resolver with local nameserver, if it wasn't reloaded before + * If even reloading resolver with local nameserver doesn't work, it ends with error. + * Global variable resolv_conf_modtime is set to -1 before the first call of this function - this is for prevention of resolver's reloading when cupsd is just started and resolv.conf exists - cupsd has current configuration in that case. + */ + +dns_resolver_reload_rv +dnsReloadResolver() +{ + dns_resolver_reload_rv retval, lstat_retval, stat_retval, res_init_retval; + struct stat resolv_conf_stat, resolv_conf_lstat, resolv_conf_status; + retval.status = DNS_RESOLVER_RELOAD_OK; + retval.errnum = 0; + stat_retval.errnum = 0; + lstat_retval.errnum = 0; + res_init_retval.errnum = 0; + + /* Variable to store /etc/resolv.conf modification time - initialized by actual time*/ + static time_t resolv_conf_modtime = -1; + + /* This part of code is to ensure we get modification time of symlink and original file - we will decide which is newer later */ + stat_retval.status = stat(DNS_RESOLV_CONF_PATH, &resolv_conf_stat); + stat_retval.errnum = errno; + lstat_retval.status = lstat(DNS_RESOLV_CONF_PATH, &resolv_conf_lstat); + lstat_retval.errnum = errno; + + /* symlink /etc/resolv.conf or original file couldn't be stated because it doesn't exist, try resolver on localhost + * Covers cases: + * - resolv.conf and original file existed and it doesn't now - resolv_conf_modtime has different value than 0 - reload resolver with local nameserver + * - resolv.conf and original file didn't exist and still doesn't exist - resolv_conf_modtime is set to 0 - do nothing + */ + if (stat_retval.status == -1 && lstat_retval.status == -1 && stat_retval.errnum == ENOENT && lstat_retval.errnum == ENOENT) + { + /* if resolv_conf_modtime is set to 0, it means previous reload was for resolver with local nameserver - no need to reload again */ + if (resolv_conf_modtime != 0) + { + res_init_retval.status = res_init(); + res_init_retval.errnum = errno; + if (res_init_retval.status == 0) + { + resolv_conf_modtime = 0; + retval.status = DNS_RESOLVER_RELOAD_RELOADED; + } + else + retval.status = res_init_retval.status; + + retval.errnum = res_init_retval.errnum; + } + else + { + retval.status = DNS_RESOLVER_RELOAD_OK; + retval.errnum = ENOENT; + } + + return (retval); + } + + /* If stat ends with different errno, return status - it should return both statuses and errnos, but for simplification it returns only stat */ + if (stat_retval.status == -1 && lstat_retval.status == -1) + { + retval.errnum = stat_retval.errnum; + retval.status = stat_retval.status; + return (retval); + } + + /* Here we compare modification times from lstat and stat to decide which is newer - if they are equal, lstat modification time is used. We are checking only stat() errno, because case with errors in both lstat() and stat() functions is checked before */ + if (stat_retval.errnum == 0) + if (resolv_conf_stat.st_mtime > resolv_conf_lstat.st_mtime) + resolv_conf_status = resolv_conf_stat; + else + resolv_conf_status = resolv_conf_lstat; + else + resolv_conf_status = resolv_conf_lstat; + + /* If /etc/resolv.conf exists and modification times are different, reload resolver. + * Covers cases: + * - resolv.conf or original file exists and it was modified - resolv_conf_modtime has different value than resolv_conf_status.st_mtime - reload resolver with nameserver from /etc/resolv.conf + * - resolv.conf or original file didn't exist and it does now - resolv_conf_modtime is set to 0 and resolv_conf_status.st_mtime has value - reload resolver with nameserver form /etc/resolv.conf + * - resolv.conf or original file exists and it wasn't modified - resolv_conf_modtime is equal to resolv_conf_status.st_mtime - do nothing + */ + if (resolv_conf_status.st_mtime != resolv_conf_modtime) + { + res_init_retval.status = res_init(); + res_init_retval.errnum = errno; + if (res_init_retval.status == 0) + { + retval.status = DNS_RESOLVER_RELOAD_RELOADED; + } + else + retval.status = res_init_retval.status; + + retval.errnum = res_init_retval.errnum; + } + + resolv_conf_modtime = resolv_conf_status.st_mtime; + + return (retval); +} +#endif /* HAVE_RES_INIT */ + diff -up cups-2.2.0/cups/http.h.resolv_reload cups-2.2.0/cups/http.h --- cups-2.2.0/cups/http.h.resolv_reload 2017-05-09 10:37:41.108630413 +0200 +++ cups-2.2.0/cups/http.h 2017-05-09 12:20:16.115333557 +0200 @@ -55,6 +55,12 @@ typedef off_t ssize_t; /* @private@ */ # define SO_PEERCRED LOCAL_PEERCRED # endif /* LOCAL_PEERCRED && !SO_PEERCRED */ # endif /* WIN32 */ +# ifdef HAVE_RES_INIT +# include +# include +# include +# include +# endif /* HAVE_RES_INIT */ /* @@ -95,6 +101,13 @@ extern "C" { #endif /* AF_INET6 && !s6_addr32 */ +#ifdef HAVE_RES_INIT +/* + * Global variable for storing old modification time of resolv.conf + */ + extern time_t resolv_conf_modtime; +#endif /* HAVE_RES_INIT */ + /* * Limits... */ @@ -103,6 +116,9 @@ extern "C" { # define HTTP_MAX_HOST 256 /* Max length of hostname string */ # define HTTP_MAX_BUFFER 2048 /* Max length of data buffer */ # define HTTP_MAX_VALUE 256 /* Max header field value length */ +# ifdef HAVE_RES_INIT +# define DNS_RESOLV_CONF_PATH "/etc/resolv.conf" /* Path to resolv.conf */ +# endif /* HAVE_RES_INIT */ /* @@ -406,6 +422,15 @@ typedef enum http_version_e /**** HTTP # endif /* !_CUPS_NO_DEPRECATED */ } http_version_t; +#ifdef HAVE_RES_INIT +typedef enum dns_resolver_reload_e +{ + DNS_RESOLVER_RELOAD_ERROR = -1, + DNS_RESOLVER_RELOAD_OK = 0, + DNS_RESOLVER_RELOAD_RELOADED = 1 +} dns_resolver_reload_t; +#endif /* HAVE_RES_INIT */ + typedef union _http_addr_u /**** Socket address union, which **** makes using IPv6 and other **** address types easier and @@ -444,6 +469,13 @@ typedef struct http_credential_s /**** H typedef int (*http_timeout_cb_t)(http_t *http, void *user_data); /**** HTTP timeout callback @since CUPS 1.5/macOS 10.7@ ****/ +#ifdef HAVE_RES_INIT +typedef struct dns_resolver_reload_retval +{ + dns_resolver_reload_t status; + int errnum; +} dns_resolver_reload_rv; +#endif /* HAVE_RES_INIT */ /* @@ -590,6 +622,10 @@ extern http_version_t httpGetVersion(htt extern int httpReconnect2(http_t *http, int msec, int *cancel) _CUPS_API_1_6; +/**** Prototype of function to check modification time of /etc/resolv.conf ****/ +#ifdef HAVE_RES_INIT +extern dns_resolver_reload_rv dnsReloadResolver(); +#endif /* HAVE_RES_INIT */ /**** New in CUPS 1.7/macOS 10.9 ****/ extern http_t *httpAcceptConnection(int fd, int blocking) diff -up cups-2.2.0/cups/http-support.c.resolv_reload cups-2.2.0/cups/http-support.c --- cups-2.2.0/cups/http-support.c.resolv_reload 2017-05-09 10:38:11.314378218 +0200 +++ cups-2.2.0/cups/http-support.c 2017-05-09 12:21:40.455565953 +0200 @@ -2258,6 +2258,18 @@ http_resolve_cb( http_addrlist_t *addrlist, /* List of addresses */ *addr; /* Current address */ +#ifdef HAVE_RES_INIT + /* + * Check if resolv.conf is modified, if so, reload resolver + */ + + dns_resolver_reload_rv retval; + + retval = dnsReloadResolver(); + if (retval.status == DNS_RESOLVER_RELOAD_ERROR) + DEBUG_printf(("1http_resolve_cb: dnsReloadResolver() failed - %s.", strerror(retval.errnum))); +#endif /* HAVE_RES_INIT */ + DEBUG_printf(("5http_resolve_cb: Looking up \"%s\".", hostTarget)); snprintf(fqdn, sizeof(fqdn), "%d", ntohs(port)); diff -up cups-2.2.0/scheduler/conf.c.resolv_reload cups-2.2.0/scheduler/conf.c --- cups-2.2.0/scheduler/conf.c.resolv_reload 2017-05-09 10:38:29.869223299 +0200 +++ cups-2.2.0/scheduler/conf.c 2017-05-09 12:22:40.442020000 +0200 @@ -937,6 +937,15 @@ cupsdReadConfiguration(void) if (!RemotePort) BrowseLocalProtocols = 0; /* Disable sharing - no remote access */ +#ifdef HAVE_RES_INIT + dns_resolver_reload_rv retval; /* Return status of dnsReloadResolver() */ + + retval = dnsReloadResolver(); + + if (retval.status == DNS_RESOLVER_RELOAD_ERROR) + syslog(LOG_LPR, "1cupsdReadConfiguration: dnsReloadResolver() failed - %s.", strerror(retval.errnum)); +#endif /* HAVE_RES_INIT */ + /* * See if the ServerName is an IP address... */ diff -up cups-2.2.0/scheduler/main.c.resolv_reload cups-2.2.0/scheduler/main.c --- cups-2.2.0/scheduler/main.c.resolv_reload 2017-05-09 10:38:37.699157925 +0200 +++ cups-2.2.0/scheduler/main.c 2017-05-09 12:23:36.280514244 +0200 @@ -136,6 +136,14 @@ main(int argc, /* I - Number of comm long tmo_delay; /* Time before it must be called */ #endif /* HAVE_AVAHI */ +#ifdef HAVE_RES_INIT + dns_resolver_reload_rv retval; /* Return status from dnsReloadResolver() */ + + retval = dnsReloadResolver(); + if (retval.status == DNS_RESOLVER_RELOAD_ERROR) + fprintf(stderr, "cupsd: Cannot reload a resolver - %s , using old configuration now.\n", strerror(retval.errnum)); +#endif /* HAVE_RES_INIT */ + #ifdef HAVE_GETEUID /* * Check for setuid invocation, which we do not support!