From 66f8d308b9183c6079bfc2b9122ce47da0562d2c Mon Sep 17 00:00:00 2001 From: peter Date: Wed, 27 May 1998 15:26:12 +0000 Subject: Add a new long flag that causes cvs to ignore the CVSROOT/passwd file. This is mostly intended for use on freefall where we'd like to provide a passwd file for easy anoncvs mirroring access, but don't want to open up the pserver on freefall itself. While here, some initial tweaks intended for allowing an empty pserver password. I'm not sure that this works yet. --- contrib/cvs/src/cvs.h | 1 + contrib/cvs/src/main.c | 8 +++++++- contrib/cvs/src/server.c | 13 +++++++++---- 3 files changed, 17 insertions(+), 5 deletions(-) (limited to 'contrib/cvs/src') diff --git a/contrib/cvs/src/cvs.h b/contrib/cvs/src/cvs.h index 713ba79..b194d16 100644 --- a/contrib/cvs/src/cvs.h +++ b/contrib/cvs/src/cvs.h @@ -389,6 +389,7 @@ extern int trace; /* Show all commands */ extern int noexec; /* Don't modify disk anywhere */ extern int readonlyfs; /* fail on all write locks; succeed all read locks */ extern int logoff; /* Don't write history entry */ +extern int require_real_user; /* skip CVSROOT/passwd, /etc/passwd users only*/ #ifdef AUTH_SERVER_SUPPORT extern char *Pserver_Repos; /* used to check that same repos is diff --git a/contrib/cvs/src/main.c b/contrib/cvs/src/main.c index 30358c5..8136f5f 100644 --- a/contrib/cvs/src/main.c +++ b/contrib/cvs/src/main.c @@ -41,6 +41,7 @@ int quiet = 0; int trace = 0; int noexec = 0; int readonlyfs = 0; +int require_real_user = 0; int logoff = 0; mode_t cvsumask = UMASK_DFLT; @@ -479,7 +480,7 @@ main (argc, argv) opterr = 1; while ((c = getopt_long - (argc, argv, "+QqrwtnRlvb:T:e:d:Hfz:s:xa", long_options, &option_index)) + (argc, argv, "+QqrwtnRlvb:T:e:d:Hfz:s:xaU", long_options, &option_index)) != EOF) { switch (c) @@ -602,6 +603,11 @@ Copyright (c) 1989-1998 Brian Berliner, david d `zoo' zuhn, \n\ We will issue an error later if stream authentication is not supported. */ break; + case 'U': +#ifdef SERVER_SUPPORT + require_real_user = 1; +#endif + break; case '?': default: usage (usg); diff --git a/contrib/cvs/src/server.c b/contrib/cvs/src/server.c index 2959ac2..e2cc3aa 100644 --- a/contrib/cvs/src/server.c +++ b/contrib/cvs/src/server.c @@ -4718,15 +4718,17 @@ check_repository_password (username, password, repository, host_user_ptr) /* If found_it != 0, then linebuf contains the information we need. */ if (found_it) { - char *found_password, *host_user_tmp; + char *found_password, *host_user_tmp = NULL; strtok (linebuf, ":"); found_password = strtok (NULL, ": \n"); - host_user_tmp = strtok (NULL, ": \n"); + if (found_password) + host_user_tmp = strtok (NULL, ": \n"); if (host_user_tmp == NULL) host_user_tmp = username; - if (strcmp (found_password, crypt (password, found_password)) == 0) + if (found_passwd == NULL || *found_passwd == '\0' || + strcmp (found_password, crypt (password, found_password)) == 0) { /* Give host_user_ptr permanent storage. */ *host_user_ptr = xstrdup (host_user_tmp); @@ -4764,7 +4766,10 @@ check_password (username, password, repository) password file. If so, that's enough to authenticate with. If not, we'll check /etc/passwd. */ - rc = check_repository_password (username, password, repository, + if (require_real_user) + rc = 0; /* "not found" */ + else + rc = check_repository_password (username, password, repository, &host_user); if (rc == 2) -- cgit v1.1