Implement TrustOnFirstUse option and CRLs (GNU TLS) to allow for printing only

to trusted printers/servers (<rdar://problem/25711658>)

This change also makes the default value of AllowExpiredCerts NO instead of YES.

Finally, add support for loading most client.conf options (NOT ServerName or
User) from /Library/Printers/org.cups.PrintingPrefs.plist on OS X.

1 files changed, 11 insertions, 2 deletions

diff --git a/cups/tls-darwin.c b/cups/tls-darwin.c
index aad2db490..ab9fedc6a 100644
--- a/cups/tls-darwin.c
+++ b/cups/tls-darwin.c
@@ -629,8 +629,15 @@ httpCredentialsGetTrust(
       * credentials and allow if the new ones have a later expiration...
       */
 
-      if (httpCredentialsGetExpiration(credentials) <= httpCredentialsGetExpiration(tcreds) ||
-          !httpCredentialsAreValidForName(credentials, common_name))
+      if (!cg->trust_first)
+      {
+       /*
+        * Do not trust certificates on first use...
+	*/
+
+        trust = HTTP_TRUST_INVALID;
+      }
+      else if (httpCredentialsGetExpiration(credentials) <= httpCredentialsGetExpiration(tcreds) || !httpCredentialsAreValidForName(credentials, common_name))
       {
        /*
         * Either the new credentials are not newly issued, or the common name
@@ -660,6 +667,8 @@ httpCredentialsGetTrust(
     trust = HTTP_TRUST_EXPIRED;
   else if (!cg->any_root && cupsArrayCount(credentials) == 1)
     trust = HTTP_TRUST_INVALID;
+  else if (!cg->trust_first)
+    trust = HTTP_TRUST_INVALID;
 
   CFRelease(secCert);