- Produce an error if the user tries to supply a password for anonymous
- Clarify the error message produced when there's no [gitcvs.authdb]
- Produce an E error if the authdb doesn't exist instead of spewing
$! to the user
- do crypt($user, descramble($pass)) eq $hash; crypt($user, $hash)
eq $hash would accept any password
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
- Indent the last commit to fit with the rest of the code.
- Use lexical filehandles instead of global globs
- Close the filehandle after the password database has been read.
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
If a git repository is shared via HTTP, the config file is typically
visible. Use an external file instead.
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Allow git-cvsserver to use authentication over pserver mode. The
pserver user/password database is stored in the config file for each
repository.
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Worriedly-Acked-by: Martin Langhoff <martin.langhoff@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
When run in a repository with a path name containing regex metacharacters
(e.g. +), git-cvsserver failed to split the client request into CVSROOT
and module. Now metacharacters are disabled for the value of CVSROOT in
the perl regex so that directory names containing metacharacters are
handled properly.
Signed-off-by: Gerrit Pape <pape@smarden.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Native cvs update outputs the string "cvs update: Updating <DIR>" for
every directory it processes (to stderr) unless -q or -Q is given on
comman-line. This is used, e.g., by emacs pcl-cvs to split files by
directory. This commit implements this feature in cvsserver.
Signed-off-by: Sergei Organov <osv@javad.com>
Acked-by: Martin Langhoff <martin.langhoff@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
The Gitosis single-account Git/ssh hosting system runs git commands
through git-shell after confirming that the connecting user is
authorized to access the requested repository. This works well for
upload-pack and receive-pack, which take a repository argument through
git-shell. This doesn't work so well for `cvs server', which is passed
through literally, with no arguments. Allowing arguments risks
sneaking in `--export-all', so that restriction should be maintained.
Despite that, passing a repository root is necessary for per-user
access control by the hosting software, and passing a base path
improves usability without weakening security. Thus, git-cvsserver
needs to come up with these values at runtime by some other
means. Since git-shell preserves the environment for other purposes,
the environment can carry these arguments as well.
Thus, modify git-cvsserver to read $GIT_CVSSERVER_{BASE_PATH,ROOT} in
the absence of equivalent command line arguments.
Signed-off-by: Phil Miller <mille121@illinois.edu>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
git-cvsserver still references git commands like 'git-config', which
is depcrecated. This commit changes git-cvsserver to use the
'git subcommand' form.
Sylvain Beucler reported the problem through
http://bugs.debian.org/536067
Signed-off-by: Gerrit Pape <pape@smarden.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
CVS server was running the hook before the update action was
actually done. This performs the update before the hook is called.
The original commit that introduced the current incorrect behavior
was 394d66d "git-cvsserver runs hooks/post-update". The error in
ordering of the hook call appears to have gone unnoticed, but since
git-cvsserver is supposed to emulate receive-pack, it stands to
reason that the hook should be run *after* the update. Since this
behavior is inconsistent with recieve-pack, users are either:
1) not using post-update hooks with git-cvsserver;
2) using post-update hooks that don't care whether they are
called before or after the actual update occurs;
3) using post-update hooks *only* with git-cvsserver, and
relying on the hook being called just before the update.
This patch would affect only users in case 3. These users are
depending on fairly obviously wrong behavior, and moreover they can
simply change their current post-update into post-recieve hooks,
and their systems will work correctly again.
Signed-off-by: Stefan Karpinski <stefan.karpinski@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
The CVS protocol documentation, found at
http://www.wandisco.com/techpubs/cvs-protocol.pdf
states the following about the 'noop' command:
Response expected: yes. This request is a null command
in the sense that it doesn't do anything, but merely
(as with any other requests expecting a response) sends
back any responses pertaining to pending errors, pending
Notified responses, etc.
In accordance with this, the correct way to handle the 'noop'
command, when issued by a client, is to call req_EMPTY.
The 'noop' command is called by some CVS clients, notably
TortoiseCVS, thus making it desirable for git-cvsserver to
respond to the command rather than choking on it as unknown.
Signed-off-by: Stefan Karpinski <stefan.karpinski@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
CVS username is generated from local part email address.
We take the whole local part but restrict the character set to the
Portable Filename Character Set, which is used for Unix login names
according to Single Unix Specification v3.
This will obviously report different usernames from existing repositories
for commits with the local part of the author e-mail address that contains
characters outside the PFCS. Hopefully this won't break an old CVS
checkout from an earlier version of git-cvsserver, because the names are
always shown afresh to the CVS clients and not kept on the client side.
Signed-off-by: Fabian Emmes <fabian.emmes@rwth-aachen.de>
Signed-off-by: Lars Noschinski <lars@public.noschinski.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
cvsserver annotates each commit message by "via git-CVS emulator". This is
made configurable via gitcvs.commitmsgannotation.
Signed-off-by: Fabian Emmes <fabian.emmes@rwth-aachen.de>
Signed-off-by: Lars Noschinski <lars@public.noschinski.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Implement cvs checkout's -c option by returning a list of all "modules".
This is more useful than displaying a perl warning if -c is given.
Signed-off-by: Lars Noschinski <lars@public.noschinski.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
req_update still parses /refs/heads manually. Replace this by
a call to show-ref.
Signed-off-by: Lars Noschinski <lars@public.noschinski.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
* sb/dashless:
Make usage strings dash-less
t/: Use "test_must_fail git" instead of "! git"
t/test-lib.sh: exit with small negagive int is ok with test_must_fail
Conflicts:
builtin-blame.c
builtin-mailinfo.c
builtin-mailsplit.c
builtin-shortlog.c
git-am.sh
t/t4150-am.sh
t/t4200-rerere.sh
git-cvsserver.perl contained a single call to a nonexistant function
cleanupWorkDir(). This was obviously a typo for cleanupWorkTree().
Signed-off-by: Lars Noschinski <lars@public.noschinski.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
When you misuse a git command, you are shown the usage string.
But this is currently shown in the dashed form. So if you just
copy what you see, it will not work, when the dashed form
is no longer supported.
This patch makes git commands show the dash-less version.
For shell scripts that do not specify OPTIONS_SPEC, git-sh-setup.sh
generates a dash-less usage string now.
Signed-off-by: Stephan Beyer <s-beyer@gmx.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
If "gitcvs.allbinary" is set to "guess", then any file that has
not been explicitly marked as binary or text using the "crlf" attribute
and the "gitcvs.usecrlfattr" config will guess binary based on the contents
of the file.
Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
If gitcvs.usecrlfattr is set to true, git-cvsserver will consult
the "crlf" for each file to determine if it should mark the file
as binary (-kb).
Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
There are various reasons git-cvsserver needs to manipulate the current
directory, and this patch attempts to clarify and validate such changes:
1. Temporary empty working directory (with index) for certain operations
that require an index file to work.
2. Use a temporary directory with temporary file names for doing
merges of user's dirty sandbox state with latest changes in
repository.
3. Coming up soon: Set up an index and either a valid or empty
working directory when calling git-check-attr to decide
if a file should be marked binary (-kb).
Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
* dd/cvsserver:
cvsserver: Use the user part of the email in log and annotate results
cvsserver: Add test for update -p
cvsserver: Implement update -p (print to stdout)
cvsserver: Add a few tests for 'status' command
cvsserver: Do not include status output for subdirectories if -l is passed
cvsserver: Only print the file part of the filename in status header
cvsserver: Respond to the 'editors' and 'watchers' commands
Adds a gitcvs.dbtablenameprefix config variable, the contents of which
are prepended to any database tables names used by git-cvsserver. The
same substutions as gitcvs.dbname and gitcvs.dbuser are supported, and
any non-alphabetic characters are replaced with underscores.
A typo found in contrib/completion/git-completion.bash is also fixed.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
git-cvsserver does not support changes of type T (file type change,
e.g. symlink->real file). This patch treats them the same as changes
of type M.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Generate the CVS author names by taking the first eight characters of
the user part of the email address. The resulting names are more
likely to make sense (or at least reduce ambiguities) in "corporate"
environments.
Signed-off-by: Damien Diederen <dash@foobox.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Cvs update -p -r <rev> <path> is the documented way to retrieve a
specific revision of a file (similar to git show <rev>:<path>).
Without this patch, the -p flag is ignored and status output is
produced, causing clients to interpret it as the contents of the file.
TkCVS uses update -p as a basis for implementing its various "View"
and "Diff" commands.
Signed-off-by: Damien Diederen <dash@foobox.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This effectively implements the -l switch by pruning the entries whose
filenames contain a path separator. It was previously ignored.
Without this, TkCVS includes strange "ghost" entries in its directory
listings.
Signed-off-by: Damien Diederen <dash@foobox.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
The "File:" header of CVS status output only includes the basename of
the file, even when generating a recursive listing; do the same.
Signed-off-by: Damien Diederen <dash@foobox.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
These commands list users editing and watching locked files. This trivial
implementation always returns an empty response, since git-cvsserver does not
implement file locking.
Without this, TkCVS hangs at startup, waiting forever for a response.
Signed-off-by: Damien Diederen <dash@foobox.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
The following patch will introduce a new configuration variable,
"format.pretty", from then on the pretty format without specifying
"--pretty" might not be the default "--pretty=medium", it depends on
the user's config. So all kinds of Shell/Perl/Emacs scripts that needs
the default medium pretty format must specify it explicitly.
Signed-off-by: Denis Cheng <crquan@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Git histories may have multiple roots, which can cause
git merge-base to fail and this caused git cvsserver to die.
This commit teaches git cvsserver to handle a failing git
merge-base gracefully, and modifies the test case to verify this.
All the test cases now use a history with two roots.
Signed-off-by: Steffen Prohaska <prohaska@zib.de>
git-cvsserver.perl | 9 ++++++++-
t/t9400-git-cvsserver-server.sh | 10 +++++++++-
2 files changed, 17 insertions(+), 2 deletions(-)
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Although we have introduced post-receive, we have not deprecated post-update
hook. This adds support for it to emulate receive-pack better.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
git-cvsserver just did the following:
(1) run hooks/update
(2) commit if hooks/update passed
This commit simply adds:
(3) run hooks/post-receive
Also, there are a few grammar cleanups and
consistency improvements.
Signed-off-by: Michael Witten <mfwitten@mit.edu>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This was causing test failures because die was exiting 255.
Signed-off-by: Brian Gernhardt <benji@silverinsanity.com>
Signed-off-by: Shawn O. Pearce <spearce@spearce.org>
git-cvsserver used checkout-index internally for commit and annotate.
Since a work tree is required for this to function now, this was
breaking. Work around this by defining GIT_WORK_TREE=. in the
appropriate places.
Signed-off-by: Brian Downing <bdowning@lavos.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
There were many operations that did not notice and report errors
to the CVS client, which would have resulted in corrupt working
tree.
Signed-off-by: Jim Meyering <jim@meyering.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Other code assumes that this is initialized, so do it
even if there were no arguments given.
Signed-off-by: Dirk Koopman <djk@tobit.co.uk>
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Embarrassing bug number two in my options patch.
Also enforce that --export-all is only ever used together with an
explicit whitelist. Otherwise people might export every git repository
on the whole system without realising.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Embarassing bug number one in my options patch.
Since the code for --base-path support rewrote
the cvsroot value after comparing it with a possible
existing value (i.e. from pserver authentication)
the check always failed.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Make git-cvsserver understand some options inspired by
git-daemon, namely --base-path, --export-all, --strict-paths.
Also allow the caller to specify a whitelist of allowed
directories, again similar to git-daemon.
While already adding option parsing also support the common
--help and --version options.
Rationale:
While the gitcvs.enabled configuration option already
offers means to limit git-cvsserver access to a repository,
there are some use cases where other methods of access
control prove to be more useful.
E.g. if setting up a pserver for a collection of public
repositories one might want limit the exported repositories
to exactly the directory this collection is located whithout
having to worry about other repositories that might lie around
with the configuration variable set (never trust your users ;)
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
The path submitted with the Root request has to be absolute
(cvs does it this way and it may save us some sanity checks
later)
If multiple roots are specified (e.g. because we use
pserver authentication which will already include the
root), ensure that they say all the same.
Probably neither is a security risk, and neither should ever
be triggered by a sane client, but when validating
input data, it's better to be save than sorry.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Since this is a trivial variation of the general pserver
authentication, there is really no reason not to support
it.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <junkio@cox.net>
When the per-method enable logic disables the access, we should
not even look at the global one.
git-cvsserver.perl | 8 +++-----
1 files changed, 3 insertions(+), 5 deletions(-)
Signed-off-by: Junio C Hamano <junkio@cox.net>
After we send I HATE YOU we should probably exit and not happily
continue with I LOVE YOU and further communication.
Most clients will probably just exit and ignore everything we
send after the I HATE YOU and it is not a security problem
either because we don't really care about the user name anyway.
But it is still the right thing to do.
[jc: with a minor fixup to its exit code...]
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Acked-by: "Martin Langhoff" <martin.langhoff@gmail.com>
Signed-off-by: Junio C Hamano <junkio@cox.net>
Change the configuration parser so that it ignores
everything except for ^gitcvs.((ext|pserver).)?
This greatly reduces the risk of failing while
parsing some unknown and irrelevant config option.
The bug that triggered this change was that the
parsing doesn't handle sections that have a
subsection and a variable with the same name.
While this bug still remains, all remaining
causes can be attributed to user error, since
there are no defined variables gitcvs.ext and
gitcvs.pserver.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <junkio@cox.net>
We can't unconditionally assign revision 1.1 to
newly added files. In case the file did exist in the
past and was deleted we need to honor the old
revision number.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <junkio@cox.net>