From 07870b45ae6c3eae9ca6622e2a6bed8e21364405 Mon Sep 17 00:00:00 2001 From: Peter Wemm Date: Wed, 27 May 1998 15:26:12 +0000 Subject: [PATCH] Add a new long flag that causes cvs to ignore the CVSROOT/passwd file. This is mostly intended for use on freefall where we'd like to provide a passwd file for easy anoncvs mirroring access, but don't want to open up the pserver on freefall itself. While here, some initial tweaks intended for allowing an empty pserver password. I'm not sure that this works yet. --- contrib/cvs/src/cvs.h | 1 + contrib/cvs/src/main.c | 8 +++++++- contrib/cvs/src/server.c | 13 +++++++++---- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/contrib/cvs/src/cvs.h b/contrib/cvs/src/cvs.h index 713ba79ca18..b194d163f47 100644 --- a/contrib/cvs/src/cvs.h +++ b/contrib/cvs/src/cvs.h @@ -389,6 +389,7 @@ extern int trace; /* Show all commands */ extern int noexec; /* Don't modify disk anywhere */ extern int readonlyfs; /* fail on all write locks; succeed all read locks */ extern int logoff; /* Don't write history entry */ +extern int require_real_user; /* skip CVSROOT/passwd, /etc/passwd users only*/ #ifdef AUTH_SERVER_SUPPORT extern char *Pserver_Repos; /* used to check that same repos is diff --git a/contrib/cvs/src/main.c b/contrib/cvs/src/main.c index 30358c5fa35..8136f5f5556 100644 --- a/contrib/cvs/src/main.c +++ b/contrib/cvs/src/main.c @@ -41,6 +41,7 @@ int quiet = 0; int trace = 0; int noexec = 0; int readonlyfs = 0; +int require_real_user = 0; int logoff = 0; mode_t cvsumask = UMASK_DFLT; @@ -479,7 +480,7 @@ main (argc, argv) opterr = 1; while ((c = getopt_long - (argc, argv, "+QqrwtnRlvb:T:e:d:Hfz:s:xa", long_options, &option_index)) + (argc, argv, "+QqrwtnRlvb:T:e:d:Hfz:s:xaU", long_options, &option_index)) != EOF) { switch (c) @@ -602,6 +603,11 @@ Copyright (c) 1989-1998 Brian Berliner, david d `zoo' zuhn, \n\ We will issue an error later if stream authentication is not supported. */ break; + case 'U': +#ifdef SERVER_SUPPORT + require_real_user = 1; +#endif + break; case '?': default: usage (usg); diff --git a/contrib/cvs/src/server.c b/contrib/cvs/src/server.c index 2959ac226c2..e2cc3aaf4f8 100644 --- a/contrib/cvs/src/server.c +++ b/contrib/cvs/src/server.c @@ -4718,15 +4718,17 @@ check_repository_password (username, password, repository, host_user_ptr) /* If found_it != 0, then linebuf contains the information we need. */ if (found_it) { - char *found_password, *host_user_tmp; + char *found_password, *host_user_tmp = NULL; strtok (linebuf, ":"); found_password = strtok (NULL, ": \n"); - host_user_tmp = strtok (NULL, ": \n"); + if (found_password) + host_user_tmp = strtok (NULL, ": \n"); if (host_user_tmp == NULL) host_user_tmp = username; - if (strcmp (found_password, crypt (password, found_password)) == 0) + if (found_passwd == NULL || *found_passwd == '\0' || + strcmp (found_password, crypt (password, found_password)) == 0) { /* Give host_user_ptr permanent storage. */ *host_user_ptr = xstrdup (host_user_tmp); @@ -4764,7 +4766,10 @@ check_password (username, password, repository) password file. If so, that's enough to authenticate with. If not, we'll check /etc/passwd. */ - rc = check_repository_password (username, password, repository, + if (require_real_user) + rc = 0; /* "not found" */ + else + rc = check_repository_password (username, password, repository, &host_user); if (rc == 2)