Commit Graph

63 Commits

Author SHA1 Message Date
Alex Riesen
3c740268c4 cvsserver: Actually implement --export-all
Frank Lichtenheld, Fri, Jun 15, 2007 03:01:53 +0200:
> +test_expect_failure 'req_Root failure (export-all w/o whitelist)' \
> +  'cat request-anonymous | git-cvsserver --export-all pserver >log 2>&1
> +   || false'

This does not work, at least for bash in current Ubuntu:

    GNU bash, version 3.2.13(1)-release

You have to put "||" on the previous line:

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-06-20 16:22:09 -07:00
Frank Lichtenheld
226bccb9ad cvsserver: Actually implement --export-all
Embarrassing bug number two in my options patch.

Also enforce that --export-all is only ever used together with an
explicit whitelist. Otherwise people might export every git repository
on the whole system without realising.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-06-15 22:38:48 -07:00
Frank Lichtenheld
fd1cd91e94 cvsserver: Let --base-path and pserver get along just fine
Embarassing bug number one in my options patch.

Since the code for --base-path support rewrote
the cvsroot value after comparing it with a possible
existing value (i.e. from pserver authentication)
the check always failed.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-06-15 22:38:45 -07:00
Frank Lichtenheld
693b63273e cvsserver: Add some useful commandline options
Make git-cvsserver understand some options inspired by
git-daemon, namely --base-path, --export-all, --strict-paths.

Also allow the caller to specify a whitelist of allowed
directories, again similar to git-daemon.

While already adding option parsing also support the common
--help and --version options.

Rationale:

While the gitcvs.enabled configuration option already
offers means to limit git-cvsserver access to a repository,
there are some use cases where other methods of access
control prove to be more useful.

E.g. if setting up a pserver for a collection of public
repositories one might want limit the exported repositories
to exactly the directory this collection is located whithout
having to worry about other repositories that might lie around
with the configuration variable set (never trust your users ;)

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-06-08 02:56:18 -07:00
Frank Lichtenheld
4890888d74 cvsserver: Make req_Root more critical of its input data
The path submitted with the Root request has to be absolute
(cvs does it this way and it may save us some sanity checks
later)

If multiple roots are specified (e.g. because we use
pserver authentication which will already include the
root), ensure that they say all the same.

Probably neither is a security risk, and neither should ever
be triggered by a sane client, but when validating
input data, it's better to be save than sorry.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-06-08 02:37:18 -07:00
Frank Lichtenheld
24a97d84ad cvsserver: Handle 'cvs login'
Since this is a trivial variation of the general pserver
authentication, there is really no reason not to support
it.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-05-29 00:27:21 -07:00
Frank Lichtenheld
b3c81cff02 t9400: Work around CVS' deficiencies
If we are too fast with our changes, the file in
the working copy might still have the same mtime
as noted in the CVS/Entries. This will cause CVS
to happily report to the server that the file is
unmodified which can lead to data loss (and in
our case test failure).

CVS sucks!

Work around that by sleeping for a second.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-05-29 00:27:21 -07:00
Frank Lichtenheld
240ba7f235 t9400: Add some basic pserver tests
While we can easily test the cvs <-> git-cvsserver
communication with :fork: and git-cvsserver server
there are some pserver specifics we should test, too.

Currently this are two tests of the pserver authentication.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-05-22 00:00:42 -07:00
Frank Lichtenheld
1978659a74 t9400: Add some more cvs update tests
Add some cvs update tests that include various merge
situations. Also add a basic test for update -C
since it fits so well in there.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-05-22 00:00:42 -07:00
Frank Lichtenheld
1d431b2235 t9400: Add test cases for config file handling
Add a few test cases for the config file parsing
done by git-cvsserver.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-05-22 00:00:42 -07:00
Junio Hamano
a25907dac4 t9400: Use the repository config and nothing else.
git-cvsserver has a bug in its configuration file output parser
that makes it choke if the configuration has these:

        [diff]
                color = auto
        [diff.color]
                whitespace = blue reverse

This needs to be fixed, but thanks to that bug, a separate bug
in t9400 test script was discovered.  The test discarded
GIT_CONFIG instead of pointing at the proper one to be used in
the exoprted repository.  This allowed user's .gitconfig and (if
exists) systemwide /etc/gitconfig to affect the outcome of the
test, which is a big no-no.

The patch fixes the problem in the test.  Fixing the
git-cvsserver's configuration parser is left as an exercise to
motivated volunteers ;-)

Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-05-12 10:19:13 -07:00
Junio C Hamano
469be5b258 t9400: skip cvsserver test if Perl SQLite interface is unavailable
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-05-09 12:34:00 -07:00
Frank Lichtenheld
b3b5343970 cvsserver: Add test cases for git-cvsserver
Use the :fork: access method to force cvs to
call "$CVS_SERVER server" even when accessing a local
repository.

Add a basic test for checkout and some tests for update.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-05-08 23:55:58 -07:00