I was about to file this same bug. After a few days of research, I found
the following similar or related bug reports:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525910
https://bugs.launchpad.net/ubuntu/+source/cups/+bug/763755
https://answers.launchpad.net/ubuntu/+source/cupsys/+question/7880
http://thismightbehelpful.blogspot.ca/2008/09/remote-access-to-cups-web-interface.html

Note, the issue begins in 1.4.x versions of cups, <=1.3 should work
fine, so a downgrade might be your desired course of action if that's a
possibility for you.

None of the solutions provided in those helped. In case you find this
via google, let me save you some time and enumerate them here:

-In cups.conf, add (or uncomment, or modify) a line at the end to read:
ServerAlias *

-In cups.conf, add (or uncomment, or modify) the entry for "<Location /admin>" 
to:
Allow from all
or
Allow from [some ip here]

-In cups.conf, add a line that reads:
Listen 192.168.1.1:631
or
Listen *:631
(or whatever port you want to use instead of 631)

(with the IP you want to allow access to)


The problem shows up as lines similar to the following in your cups error_log 
file:

E [23/Nov/2015:15:35:28 -0500] Request from "localhost" using invalid
Host: field "cups_local_host:631"


The most relevant link was:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530027

which traces the problem to this patch:

https://bugzilla.redhat.com/attachment.cgi?id=335489
(direct link to msg: 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530027#56 )

Which was submitted to solve:

https://security-tracker.debian.org/tracker/CVE-2009-0164

So with that info, I downloaded the sources on my fedora (fc17) machine,
modified them, rebuilt the packages and installed, and everything works
now as (I) intended.

I have attached the patch I wrote which solves it for me,

WARNING: this might introduce some security issues (related to CVE-2009-0164), 
which I didn't delve too deeply to know whether they do or not. 
So, USE AT YOUR OWN RISK. 

Read this too: 
http://www.cups.org/str.php?L3183


When running the patched version, you still need to have the proper Listen and 
ServerAlias entries, of course.

** Bug watch added: Debian Bug tracker #525910
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525910

** Bug watch added: Debian Bug tracker #530027
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530027

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0164

** Patch added: "cups-patch-for-bad-request.diff"
   
https://bugs.launchpad.net/ubuntu/+source/cups/+bug/1086303/+attachment/4524379/+files/cups-patch-for-bad-request.diff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1086303

Title:
  Cups server can't listen - accept connections to 127.0.1.1  ( Bad
  request )

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cups/+bug/1086303/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to