Re: allow list patch

bug-cvs
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: allow list patch

From:	Mike Sutton
Subject:	Re: allow list patch
Date:	Wed, 20 Feb 2002 13:29:25 -0500
User-agent:	Mutt/1.3.15i
On 02/19/02 08:05:22, Mike Sutton wrote:
> I'll see if I can dig it up.  I believe its based on 1.10.8.  I have
> not ported it to 1.11.1p1 yet.
> 
As promised.  See diff bellow.  The diff is against 1.10.  But you
should be able to get the idea of the patch.

-- 
Mike Sutton                      | public class
SAIC                             | software_failure : management_failure
Beavercreek, OH                  | 
Suttonm at saic .com             | These are MY opinions, not SAIC's

-------------------- begin patch --------------------
Index: doc/ChangeLog
===================================================================
RCS file: /cvs/misc_cvsroot/cvs/doc/ChangeLog,v
retrieving revision 1.1.1.9
retrieving revision 1.1.1.9.2.1
diff -u -r1.1.1.9 -r1.1.1.9.2.1
--- ChangeLog   1998/08/20 15:11:10     1.1.1.9
+++ ChangeLog   1998/08/24 15:58:23     1.1.1.9.2.1
@@ -1,3 +1,8 @@
+Mon Aug 24 10:31:38 EDT 1998 Mike Sutton <suttonm@saic.[com>
+
+       * cvs.texinfo: Added documentation for --allow-list pserver
+       option.
+
 Sun Jul 26 02:42:20 1998  Noel Cragg  <noel@swish.red-bean.com>
 
        * cvs.texinfo (config): TopLevelAdmin variable.
Index: doc/cvs.texinfo
===================================================================
RCS file: /cvs/misc_cvsroot/cvs/doc/cvs.texinfo,v
retrieving revision 1.1.1.9
retrieving revision 1.1.1.9.2.1
diff -u -r1.1.1.9 -r1.1.1.9.2.1
--- cvs.texinfo 1998/08/20 15:11:21     1.1.1.9
+++ cvs.texinfo 1998/08/24 15:58:25     1.1.1.9.2.1
@@ -2159,6 +2159,14 @@
 cvs --allow-root=/usr/cvsroot pserver
 @end example
 
+or
+
+@example
+2401  stream  tcp  nowait  root  /usr/local/bin/cvs
+cvs --allow-list=/etc/cvsroots.list pserver
+@end example
+
+
 You could also use the
 @samp{-T} option to specify a temporary directory.
 
@@ -2168,6 +2176,15 @@
 connect.  If there is more than one @sc{cvsroot}
 directory which you want to allow, repeat the option.
 
+The @samp{--allow-list} option specifies the file name
+containing the list of allowable @sc{cvsroot}
+directories.  The @samp{--allow-list} option is useful
+when many @sc{cvsroot} directories must be specified.
+Another advantage of the @samp{--allow-list} option is
+that inetd does not have to be restarted every time a
+new @sc{cvsroot} directory is added to the
+@samp{--allow-list} file.
+
         If your @code{inetd} wants a symbolic service
 name instead of a raw port number, then put this in
 @file{/etc/services}:
@@ -7047,6 +7064,10 @@
 Specify legal @sc{cvsroot} directory.  See
 @ref{Password authentication server}.
 
+@item --allow-list=@file{/etc/cvsroots.list}
+Specify a list of legal @sc{cvsroot} directories.  See
+@ref{Password authentication server}.
+
 @cindex authentication, stream
 @cindex stream authentication
 @item -a
@@ -9891,6 +9912,11 @@
 in @sc{cvs} 1.9 and older).  See @ref{Password
 authentication server}.
 
+@item --allow-list=@file{/etc/cvsroots.list}
+Specify a list of legal @sc{cvsroot} directories
+(server only) (not in @sc{cvs} 1.9 and older).  See
+@ref{Password authentication server}.
+
 @item -a
 Authenticate all communication (client only) (not in @sc{cvs}
 1.9 and older).  See @ref{Global options}.
@@ -12380,11 +12406,12 @@
 @c choice?  Texinfo gurus?
 @item cvs @var{command}: authorization failed: server @var{host} rejected 
access
 This is a generic response when trying to connect to a
-pserver server which chooses not to provide a
-specific reason for denying authorization.  Check that
-the username and password specified are correct and
-that the CVSROOT specified is allowed by --allow-root
-in inetd.conf.  See @ref{Password authenticated}.
+pserver server which chooses not to provide a specific
+reason for denying authorization.  Check that the
+username and password specified are correct and that
+the CVSROOT specified is allowed by --allow-root or
+--allow-list in inetd.conf.  See @ref{Password
+authenticated}.
 
 @item @var{file}:@var{line}: Assertion '@var{text}' failed
 The exact format of this message may vary depending on
Index: src/ChangeLog
===================================================================
RCS file: /cvs/misc_cvsroot/cvs/src/ChangeLog,v
retrieving revision 1.1.1.9
retrieving revision 1.1.1.9.2.1
diff -u -r1.1.1.9 -r1.1.1.9.2.1
--- ChangeLog   1998/08/20 15:09:11     1.1.1.9
+++ ChangeLog   1998/08/24 15:58:46     1.1.1.9.2.1
@@ -1,3 +1,13 @@
+Mon Aug 24 10:11:04 EDT 1998 Mike Sutton <suttonm@saic.[com>
+
+       * main.c: Added --allow-list option for specifying a file
+       contianing the list of allowed roots.
+
+       * root.c: Added root_allow_list routine to process the allowed
+       roots list file.
+       
+       * cvs.h: Added allow_root_list prototype.
+
 Thu Aug 13 11:15:24 1998  Noel Cragg  <noel@swish.red-bean.com>
 
        * version.c: Change version number to 1.10 and name to `Halibut'.
Index: src/cvs.h
===================================================================
RCS file: /cvs/misc_cvsroot/cvs/src/cvs.h,v
retrieving revision 1.1.1.9
retrieving revision 1.1.1.9.2.1
diff -u -r1.1.1.9 -r1.1.1.9.2.1
--- cvs.h       1998/08/20 15:09:56     1.1.1.9
+++ cvs.h       1998/08/24 15:58:50     1.1.1.9.2.1
@@ -441,6 +441,7 @@
 int parse_cvsroot PROTO((char *CVSroot));
 void set_local_cvsroot PROTO((char *dir));
 void Create_Root PROTO((char *dir, char *rootdir));
+void root_allow_list PROTO ((char *));
 void root_allow_add PROTO ((char *));
 void root_allow_free PROTO ((void));
 int root_allow_ok PROTO ((char *));
Index: src/main.c
===================================================================
RCS file: /cvs/misc_cvsroot/cvs/src/main.c,v
retrieving revision 1.1.1.9
retrieving revision 1.1.1.9.2.1
diff -u -r1.1.1.9 -r1.1.1.9.2.1
--- main.c      1998/08/20 15:10:32     1.1.1.9
+++ main.c      1998/08/24 15:58:51     1.1.1.9.2.1
@@ -401,6 +401,7 @@
        {"help-synonyms", 0, NULL, 2},
        {"help-options", 0, NULL, 4},
        {"allow-root", required_argument, NULL, 3},
+       {"allow-list", required_argument, NULL, 6},
         {0, 0, 0, 0}
     };
     /* `getopt_long' stores the option index here, but right now we
@@ -505,6 +506,10 @@
            case 3:
                /* --allow-root */
                root_allow_add (optarg);
+               break;
+           case 6:
+               /* --allow-list */
+               root_allow_list (optarg);
                break;
            case 'Q':
                really_quiet = 1;
Index: src/root.c
===================================================================
RCS file: /cvs/misc_cvsroot/cvs/src/root.c,v
retrieving revision 1.1.1.7
retrieving revision 1.1.1.7.2.1
diff -u -r1.1.1.7 -r1.1.1.7.2.1
--- root.c      1998/08/20 15:10:47     1.1.1.7
+++ root.c      1998/08/24 15:58:52     1.1.1.7.2.1
@@ -181,6 +181,30 @@
 static unsigned int root_allow_size;
 
 void
+root_allow_list(file)
+    char *file;
+{
+    FILE *fp;
+
+    char *line = NULL;
+    size_t line_allocated = 0;
+
+    /* open a file containing the list of allowed CVS root
+     * directories.  A # character represents a comment line.
+     */
+    fp = open_file(file, "r");
+    while (fp && getline(&line, &line_allocated, fp) >= 0)
+    {
+       if (line[0] == '#')
+           continue;
+
+       line[strlen(line) -1] = '\0'; /* chop off newline */
+       root_allow_add(line);
+    }
+    if (fp) fclose(fp);
+}
+
+void
 root_allow_add (arg)
     char *arg;
 {
[Prev in Thread]
Current Thread
[Next in Thread]
allow list patch, tom, 2002/02/18
- Re: allow list patch, Matt Riechers, 2002/02/18
- Re: allow list patch, Mike Sutton, 2002/02/19
  - Re: allow list patch, Mike Sutton <=
Prev by Date: Re: [Fwd: Help needed with bufferoverflow in cvs]
Next by Date: Re: [Fwd: Help needed with bufferoverflow in cvs]
Previous by thread: Re: allow list patch
Next by thread: ��Ƕ��и��ջ�
Index(es):
- Date
- Thread