dnssd.c: Enable service registration on loopback only

In case users would like to prevent sharing services from printer applications to local network, restrict it to localhost and let CUPS do the sharing. This can be done by setting system hostname in PAPPL API - this prevents accessing the public addresses, but the service is still published on those public addresses. The PR does the following: - set/reset system hostname in `papplSystemAddListeners()` directly, not via API. It prevents changing machine' hostname. - dnssd function will check the hostname and if it is localhost or matching IP address, it will use loopback index, - in case of Avahi it passes NULL as hostname to let Avahi decide what hostname to use (in case of hostname conflicts - and Avahi forbids using localhost if it is not FQDN). The result is that if system hostname is set to localhost internally, the service is published on .local address, but resolved to loopback because CUPS uses DNS-SD names in URIs. PAPPL 2.x version requires CUPS PR OpenPrinting/cups#902 to have it working.
michaelrsweet · Mar 15, 2024 · b1d529e · b1d529e
1 parent 988b90a
commit b1d529e
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 4 deletions.
diff --git a/pappl/dnssd.c b/pappl/dnssd.c
@@ -51,12 +51,12 @@ _papplPrinterRegisterDNSSDNoLock(
   const char		*papermax;	// PaperMax string value (legacy)
 
 
-  if (!printer->dns_sd_name || !printer->system->is_running || (printer->system->options & PAPPL_SOPTIONS_NO_DNS_SD))
+  if (!printer->dns_sd_name || !printer->system->is_running || (printer->system->options & PAPPL_SOPTIONS_NO_DNS_SD) || !system->hostname)
     return (false);
 
   papplLogPrinter(printer, PAPPL_LOGLEVEL_DEBUG, "Registering DNS-SD name '%s' on '%s'", printer->dns_sd_name, printer->system->hostname);
 
-  if_index = !strcmp(system->hostname, "localhost") ? CUPS_DNSSD_IF_INDEX_LOCAL : CUPS_DNSSD_IF_INDEX_ANY;
+  if_index = _papplDNSSDIsLoopback(system->hostname) ? CUPS_DNSSD_IF_INDEX_LOCAL : CUPS_DNSSD_IF_INDEX_ANY;
 
   // Get attributes and values for the TXT record...
   color_supported           = ippFindAttribute(printer->driver_attrs, "color-supported", IPP_TAG_BOOLEAN);
@@ -303,7 +303,7 @@ _papplSystemRegisterDNSSDNoLock(
 
   papplLog(system, PAPPL_LOGLEVEL_DEBUG, "Registering DNS-SD name '%s' on '%s'", system->dns_sd_name, system->hostname);
 
-  if_index = !strcmp(system->hostname, "localhost") ? CUPS_DNSSD_IF_INDEX_LOCAL : CUPS_DNSSD_IF_INDEX_ANY;
+  if_index = _papplDNSSDIsLoopback(system->hostname) ? CUPS_DNSSD_IF_INDEX_LOCAL : CUPS_DNSSD_IF_INDEX_ANY;
 
   // Rename the service as needed...
   if (system->dns_sd_collision)
@@ -460,3 +460,25 @@ dns_sd_system_callback(
   if (flags & CUPS_DNSSD_FLAGS_ERROR)
     papplLog(system, PAPPL_LOGLEVEL_ERROR, "DNS-SD registration of '%s' failed.", system->dns_sd_name);
 }
+
+
+//
+// '_papplDNSSDIsLoopback()' - Find out whether the string means
+//                             localhost
+//
+
+bool
+_papplDNSSDIsLoopback(const char *name)
+{
+  if (!name)
+    return (false);
+
+  if (!strcasecmp(name, "localhost"))
+    return (true);
+  else if (!strcmp(name, "127.0.0.1"))
+    return (true);
+  else if (!strcmp(name, "[::1]"))
+    return (true);
+
+  return (false);
+}
diff --git a/pappl/printer-private.h b/pappl/printer-private.h
@@ -94,6 +94,8 @@ struct _pappl_printer_s			// Printer data
 //
 // Functions...
 //
+//
+extern bool		_papplDNSSDIsLoopback(const char *name) _PAPPL_PRIVATE;
 
 extern bool		_papplPrinterAddRawListeners(pappl_printer_t *printer) _PAPPL_PRIVATE;
 extern void		*_papplPrinterRunRaw(pappl_printer_t *printer) _PAPPL_PRIVATE;

diff --git a/pappl/system-accessors.c b/pappl/system-accessors.c
@@ -141,6 +141,13 @@ papplSystemAddListeners(
       if (ret)
         system->port = port;
     }
+
+    if (system->hostname)
+    {
+      free(system->hostname);
+    }
+
+    system->hostname = strdup(name);
   }
   else if (name && *name == '[')
   {
@@ -169,6 +176,11 @@ papplSystemAddListeners(
       if (ret)
         system->port = port;
     }
+
+    if (system->hostname)
+      free(system->hostname);
+
+    system->hostname = strdup(name);
   }
   else
   {
@@ -201,6 +213,14 @@ papplSystemAddListeners(
         add_listeners(system, name, port, AF_INET6);
       }
     }
+
+    if (name && !strcasecmp(name, "localhost"))
+    {
+      if (system->hostname)
+        free(system->hostname);
+
+      system->hostname = strdup(name);
+    }
   }
 
   return (ret);

diff --git a/pappl/system.c b/pappl/system.c
@@ -677,7 +677,7 @@ papplSystemRun(pappl_system_t *system)	// I - System
       bool		force_dns_sd = system->dns_sd_host_changes != dns_sd_host_changes;
 					// Force re-registration?
 
-      if (force_dns_sd)
+      if (!_papplDNSSDIsLoopback(system->hostname) && force_dns_sd)
         _papplSystemSetHostNameNoLock(system, NULL);
 
       if (system->dns_sd_collision || force_dns_sd)