Skip to content

Commit

Permalink
dnssd.c: Enable service registration on loopback
Browse files Browse the repository at this point in the history 
In case users would like to prevent sharing services from printer
applications to local network, restrict it to localhost and let CUPS do
the sharing.

This can be done by setting `listen-hostname` in PAPPL API - this
prevents accessing the public addresses, but the service is still
published on those public addresses.

The PR does the following:

- update system hostname internally in `papplAddListeners()`
- dnssd functions will check system hostname and if it is localhost, it
  will use loopback index
- in case of Avahi it passes NULL as hostname to let Avahi decide what
  hostname to use (in case of hostname conflicts)

The result is that if system hostname is set to localhost internally, the service is
published on `.local` address, but resolved to loopback because CUPS
uses DNS-SD names in URIs.
  • Loading branch information
@zdohnal
zdohnal committed Mar 19, 2024
1 parent 78d1ee4 commit 3e88a44
Show file tree
Hide file tree
Showing 4 changed files with 60 additions and 12 deletions.
1 change: 1 addition & 0 deletions pappl/dnssd-private.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ typedef void *_pappl_dns_sd_t; // DNS-SD master reference
extern const char *_papplDNSSDCopyHostName(char *buffer, size_t bufsize) _PAPPL_PRIVATE;
extern int _papplDNSSDGetHostChanges(void) _PAPPL_PRIVATE;
extern _pappl_dns_sd_t _papplDNSSDInit(pappl_system_t *system) _PAPPL_PRIVATE;
extern bool _papplDNSSDIsLoopback(const char *name) _PAPPL_PRIVATE;
extern void _papplDNSSDLock(void) _PAPPL_PRIVATE;
extern const char *_papplDNSSDStrError(int error) _PAPPL_PRIVATE;
extern void _papplDNSSDUnlock(void) _PAPPL_PRIVATE;
Expand Down
49 changes: 38 additions & 11 deletions pappl/dnssd.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,13 @@

static char pappl_dns_sd_hostname[256] = "";
// Current DNS-SD hostname
#ifdef HAVE_MDNSRESPONDER
static int pappl_dns_sd_hostname_changes = 0;
// Number of host name changes/collisions
#elif defined(HAVE_AVAHI)
static int pappl_dns_sd_hostname_changes = -1;
// Number of host name changes/collisions
#endif // HAVE_MDNSRESPONDER
static pthread_mutex_t pappl_dns_sd_hostname_mutex = PTHREAD_MUTEX_INITIALIZER;
// Host name mutex
#ifdef HAVE_MDNSRESPONDER
Expand Down Expand Up @@ -386,15 +391,15 @@ _papplPrinterRegisterDNSSDNoLock(
_pappl_dns_sd_t master; // DNS-SD master reference


if (!printer->dns_sd_name || !printer->system->is_running)
if (!printer->dns_sd_name || !printer->system->is_running || !system->hostname)
return (false);

papplLogPrinter(printer, PAPPL_LOGLEVEL_DEBUG, "Registering DNS-SD name '%s' on '%s'", printer->dns_sd_name, printer->system->hostname);

# ifdef HAVE_MDNSRESPONDER
if_index = !strcmp(system->hostname, "localhost") ? kDNSServiceInterfaceIndexLocalOnly : kDNSServiceInterfaceIndexAny;
if_index = _papplDNSSDIsLoopback(system->hostname) ? kDNSServiceInterfaceIndexLocalOnly : kDNSServiceInterfaceIndexAny;
# else
if_index = !strcmp(system->hostname, "localhost") ? if_nametoindex("lo") : AVAHI_IF_UNSPEC;
if_index = _papplDNSSDIsLoopback(system->hostname) ? if_nametoindex("lo") : AVAHI_IF_UNSPEC;
# endif // HAVE_MDNSRESPONDER

// Get attributes and values for the TXT record...
Expand Down Expand Up @@ -741,7 +746,7 @@ _papplPrinterRegisterDNSSDNoLock(
}

// Then register the IPP/IPPS services...
if ((error = avahi_entry_group_add_service_strlst(printer->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, printer->dns_sd_name, "_ipp._tcp", NULL, system->hostname, system->port, txt)) < 0)
if ((error = avahi_entry_group_add_service_strlst(printer->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, printer->dns_sd_name, "_ipp._tcp", NULL, NULL, system->port, txt)) < 0)
{
papplLogPrinter(printer, PAPPL_LOGLEVEL_ERROR, "Unable to register '%s._ipp._tcp': %s", printer->dns_sd_name, _papplDNSSDStrError(error));
ret = false;
Expand Down Expand Up @@ -772,7 +777,7 @@ _papplPrinterRegisterDNSSDNoLock(

if (!(printer->system->options & PAPPL_SOPTIONS_NO_TLS))
{
if ((error = avahi_entry_group_add_service_strlst(printer->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, printer->dns_sd_name, "_ipps._tcp", NULL, system->hostname, system->port, txt)) < 0)
if ((error = avahi_entry_group_add_service_strlst(printer->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, printer->dns_sd_name, "_ipps._tcp", NULL, NULL, system->port, txt)) < 0)
{
papplLogPrinter(printer, PAPPL_LOGLEVEL_ERROR, "Unable to register '%s._ipps._tcp': %s", printer->dns_sd_name, _papplDNSSDStrError(error));
ret = false;
Expand Down Expand Up @@ -827,7 +832,7 @@ _papplPrinterRegisterDNSSDNoLock(
txt = avahi_string_list_add_printf(txt, "PaperMax=%s", papermax);
txt = avahi_string_list_add_printf(txt, "Scan=F");

if ((error = avahi_entry_group_add_service_strlst(printer->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, printer->dns_sd_name, "_pdl-datastream._tcp", NULL, system->hostname, 9099 + printer->printer_id, txt)) < 0)
if ((error = avahi_entry_group_add_service_strlst(printer->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, printer->dns_sd_name, "_pdl-datastream._tcp", NULL, NULL, 9099 + printer->printer_id, txt)) < 0)
{
papplLogPrinter(printer, PAPPL_LOGLEVEL_ERROR, "Unable to register '%s._pdl-datastream._tcp': %s", printer->dns_sd_name, _papplDNSSDStrError(error));
ret = false;
Expand Down Expand Up @@ -860,7 +865,7 @@ _papplPrinterRegisterDNSSDNoLock(
txt = NULL;
txt = avahi_string_list_add_printf(txt, "path=%s/", printer->uriname);

avahi_entry_group_add_service_strlst(printer->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, printer->dns_sd_name, "_http._tcp", NULL, system->hostname, system->port, txt);
avahi_entry_group_add_service_strlst(printer->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, printer->dns_sd_name, "_http._tcp", NULL, NULL, system->port, txt);
avahi_entry_group_add_service_subtype(printer->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, printer->dns_sd_name, "_http._tcp", NULL, "_printer._sub._http._tcp");

avahi_string_list_free(txt);
Expand Down Expand Up @@ -951,9 +956,9 @@ _papplSystemRegisterDNSSDNoLock(
papplLog(system, PAPPL_LOGLEVEL_DEBUG, "Registering DNS-SD name '%s' on '%s'", system->dns_sd_name, system->hostname);

# ifdef HAVE_MDNSRESPONDER
if_index = !strcmp(system->hostname, "localhost") ? kDNSServiceInterfaceIndexLocalOnly : kDNSServiceInterfaceIndexAny;
if_index = _papplDNSSDIsLoopback(system->hostname) ? kDNSServiceInterfaceIndexLocalOnly : kDNSServiceInterfaceIndexAny;
# else
if_index = !strcmp(system->hostname, "localhost") ? if_nametoindex("lo") : AVAHI_IF_UNSPEC;
if_index = _papplDNSSDIsLoopback(system->hostname) ? if_nametoindex("lo") : AVAHI_IF_UNSPEC;
# endif // HAVE_MDNSRESPONDER

if (system->geo_location)
Expand Down Expand Up @@ -1080,7 +1085,7 @@ _papplSystemRegisterDNSSDNoLock(

if (!(system->options & PAPPL_SOPTIONS_NO_TLS))
{
if ((error = avahi_entry_group_add_service_strlst(system->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, system->dns_sd_name, "_ipps-system._tcp", NULL, system->hostname, system->port, txt)) < 0)
if ((error = avahi_entry_group_add_service_strlst(system->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, system->dns_sd_name, "_ipps-system._tcp", NULL, NULL, system->port, txt)) < 0)
{
papplLog(system, PAPPL_LOGLEVEL_ERROR, "Unable to register '%s._ipps-system._tcp': %s", system->dns_sd_name, _papplDNSSDStrError(error));
ret = false;
Expand All @@ -1104,7 +1109,7 @@ _papplSystemRegisterDNSSDNoLock(
// Finally _http.tcp (HTTP) for the web interface...
if (system->options & PAPPL_SOPTIONS_MULTI_QUEUE)
{
avahi_entry_group_add_service_strlst(system->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, system->dns_sd_name, "_http._tcp", NULL, system->hostname, system->port, NULL);
avahi_entry_group_add_service_strlst(system->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, system->dns_sd_name, "_http._tcp", NULL, NULL, system->port, NULL);
avahi_entry_group_add_service_subtype(system->dns_sd_ref, if_index, AVAHI_PROTO_UNSPEC, 0, system->dns_sd_name, "_http._tcp", NULL, "_printer._sub._http._tcp");
}

Expand Down Expand Up @@ -1475,3 +1480,25 @@ dns_sd_system_callback(
}
}
#endif // HAVE_MDNSRESPONDER


//
// '_papplDNSSDIsLoopback()' - Find out whether the string means
// localhost
//

bool
_papplDNSSDIsLoopback(const char *name)
{
if (!name)
return (false);

if (!strcasecmp(name, "localhost"))
return (true);
else if (!strcmp(name, "127.0.0.1"))
return (true);
else if (!strcmp(name, "[::1]"))
return (true);

return (false);
}
20 changes: 20 additions & 0 deletions pappl/system-accessors.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,13 @@ papplSystemAddListeners(
if (ret)
system->port = port;
}

if (system->hostname)
{
free(system->hostname);
}

system->hostname = strdup(name);
}
else if (name && *name == '[')
{
Expand Down Expand Up @@ -128,6 +135,11 @@ papplSystemAddListeners(
if (ret)
system->port = port;
}

if (system->hostname)
free(system->hostname);

system->hostname = strdup(name);
}
else
{
Expand Down Expand Up @@ -160,6 +172,14 @@ papplSystemAddListeners(
add_listeners(system, name, port, AF_INET6);
}
}

if (name && !strcasecmp(name, "localhost"))
{
if (system->hostname)
free(system->hostname);

system->hostname = strdup(name);
}
}

return (ret);
Expand Down
2 changes: 1 addition & 1 deletion pappl/system.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -652,7 +652,7 @@ papplSystemRun(pappl_system_t *system) // I - System
bool force_dns_sd = system->dns_sd_host_changes != dns_sd_host_changes;
// Force re-registration?

if (force_dns_sd)
if (!_papplDNSSDIsLoopback(system->hostname) && force_dns_sd)
_papplSystemSetHostNameNoLock(system, NULL);

if (system->dns_sd_collision || force_dns_sd)
Expand Down

0 comments on commit 3e88a44

Please sign in to comment.