Compile with TLS support results in endless loop for admin commands

[StefCoene]

Describe the bug When cups is compiled without TLS support (--without-tls) commands like cupsaccept loops forever. It also keeps flooding the cups server with requests. This is tested on an AIX and Ubuntu with a remote CUPS server compiled from the master branch.

To Reproduce Steps to reproduce the behavior:

1. git clone ./configure --prefix=/opt/cups-master --without-tls
2. cd cups
3. ./configure --prefix=/opt/cups-master --without-tls
4. make && sudo make install
5. /opt/cups-master/sbin/cupsaccept -h
6. Command hangs & cups server logs are flooded.

Additional context My C code knowledge is very limited, but this patch solves the issue.

diff --git a/cups/request.c b/cups/request.c
index 66c803a04..dad81310e 100644
--- a/cups/request.c
+++ b/cups/request.c
@@ -433,19 +433,23 @@ cupsGetResponse(http_t     *http, /* I - Connection to server or @code CUPS_HTTP
         http->status = HTTP_STATUS_CUPS_AUTHORIZATION_CANCELED;
     }

-#ifdef HAVE_TLS
     else if (status == HTTP_STATUS_UPGRADE_REQUIRED)
     {
      /*
       * Force a reconnect with encryption...
       */

+#ifdef HAVE_TLS
       DEBUG_puts("2cupsGetResponse: Need encryption...");

       if (!httpReconnect2(http, 30000, NULL))
         httpEncryption(http, HTTP_ENCRYPTION_REQUIRED);
-    }
+#else
+      DEBUG_puts("2cupsGetResponse: Need encryption... but no TLS support");
+        http->status = HTTP_STATUS_CUPS_AUTHORIZATION_CANCELED;
+        /*http->status = HTTP_STATUS_CUPS_ENCRYPTION_REQUIRED_CANCELED;*/
 #endif /* HAVE_TLS */
+    }
   }

   if (response)

I tried to add a new status HTTP_STATUS_CUPS_ENCRYPTION_REQUIRED_CANCELED to proper handle the case, but I'm unable to get it working.

Stef

[michaelrsweet]

We could use the HTTP_STATUS_CUPS_PKI_ERROR status code...

[michaelrsweet]

[2.4.x 5eb736d3b] Fix Upgrade header handling when there is no TLS support (Issue #775)

Not included in 2.5 and later since we require TLS support after 2.4.x...