Re: [PR PATCH] [Updated] cups: reverting to GunTLS backend (fix broken new CUPS OpenSSL default IPPS issues)

[jpastuszek <jpastuszek@users.noreply.github.com>]

[-- Attachment #1: Type: text/plain, Size: 1473 bytes --]

There is an updated pull request by jpastuszek against master on the void-packages repository

https://github.com/jpastuszek/void-packages cups-guntls
https://github.com/void-linux/void-packages/pull/41193

cups: reverting to GunTLS backend (fix broken new CUPS OpenSSL default IPPS issues)
#### Testing the changes
- I tested the changes in this PR: **YES**

#### Local build testing
- I built this PR locally for my native architecture, (x86_64-libc) (print client)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
  - aarch64 (print server)

The latest version of CUPS default to build against OpenSSL. Before that it was defaulting to GnuTLS. The template is written with GnuTLS in mind (dpes). This change brings back GunTLS as TLS backend.

I was having issues with IPPS (TLS over 631 port) with cups as a print server and as a client (IPP Everywhere). The server compiled against OpenSSL would fail when TLS client was connecting in with error pointing to issue with certificate generation. Also when provided with custom certificate cupsd would crash. 
After this patch for client and server it all works (also tested with MacOS as a client). 

The one thing I needed to do was to remove the certificates generated before (when cups was compiled against OpenSSL) (from /etc/cups/ssl) as they were not accepted by cups client.

A patch file from https://github.com/void-linux/void-packages/pull/41193.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-cups-guntls-41193.patch --]
[-- Type: text/x-diff, Size: 925 bytes --]

From 977fa9c92f80fbbefb4c265833751a3baef45422 Mon Sep 17 00:00:00 2001
From: Jakub Pastuszek <jpastuszek@protonmail.com>
Date: Tue, 13 Dec 2022 20:56:13 +0000
Subject: [PATCH] cups: reverting to GnuTLS backend

---
 srcpkgs/cups/template | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/srcpkgs/cups/template b/srcpkgs/cups/template
index 0776928f2609..5a4ce8d0af76 100644
--- a/srcpkgs/cups/template
+++ b/srcpkgs/cups/template
@@ -1,7 +1,7 @@
 # Template file for 'cups'
 pkgname=cups
 version=2.4.2
-revision=1
+revision=2
 build_style=gnu-configure
 make_install_args="BUILDROOT=${DESTDIR}"
 hostmakedepends="gnutls-devel pkg-config
@@ -42,6 +42,7 @@ do_configure() {
 		--enable-libpaper --with-menudir=/usr/share/applications \
 		--with-xinetd=/etc/xinetd.d --with-optim="${CFLAGS}" \
 		--with-rcdir=no \
+		--with-tls=gnutls \
 		$(vopt_if avahi '--with-dnssd=avahi') $(vopt_enable gssapi)
 }