Fix: Satisfy all with multiple Require directives (issue #1304)#1577
Open
abubakarsabir924-cell wants to merge 1 commit into
Open
Fix: Satisfy all with multiple Require directives (issue #1304)#1577abubakarsabir924-cell wants to merge 1 commit into
abubakarsabir924-cell wants to merge 1 commit into
Conversation
- conf.c: Prevent level overwrite when multiple Require directives are used in same Location block - auth.c: Implement AND logic for Satisfy all with multiple Require conditions instead of OR logic Fixes OpenPrinting#1304
Contributor
Author
|
Hi @michaelrsweet Sir! This PR addresses #1304 by fixing the Satisfy all logic. I’ve corrected the level overwrite in conf.c and ensured that auth.c now uses AND logic for multiple Require directives. Tested locally and it now correctly restricts access unless all requirements are satisfied. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
When using Satisfy all with multiple Require directives,
CUPS was granting access if ANY one condition passed instead
of requiring ALL conditions to pass.
Two bugs were found:
conf.c: Second Require directive was overwriting the
level set by first Require
auth.c: OR logic was used instead of AND logic when
Satisfy all was set
Fix
conf.c: Prevent level overwrite on multiple Require directives
auth.c: Implement proper AND logic for Satisfy all
Testing
Tested with user joe in @System group:
joe in @System only → 401 Unauthorized ✅
joe in @System + printadmin → 200 OK ✅
Fixes #1304