Re: user.c, user.h

bug-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: user.c, user.h

From:	Derek Robert Price
Subject:	Re: user.c, user.h
Date:	Tue, 13 Aug 2002 15:37:14 -0400
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020606

Andrey Aristarkhov wrote:

-----Original Message-----
From: bug-cvs-admin@gnu.org [mailto:bug-cvs-admin@gnu.org] On Behalf Of Derek 
Robert Price

Please see the `HACKING' file in the top level of the CVS source
distribution for instructions on the submission of patches.  You are
missing documentation (`cvs.texinfo') changes and test suite
(`src/sanity.sh') changes.  These are required for every change to the
CVS source because otherwise those sections of the code tend to
deteriorate rapidly.

I've never used TeX. I'll try to write.

Texinfo, the TeX wrapper the CVS documentation uses is pretystraightforward. If you ignore some of the setup stuff at thebeginning, then it's mostly simple text tags. You might need to knowhow to declare a new `node' (chapter/section) or add index entries, butyou should be able to get that by scanning what's already incvs.texinfo. Other useful tags are @code{}, @file{}, and @strong{} forblock quote type effects, @sc{cvs} as the name of the application underdiscussion, and @pxref{} and @xref{} for cross references to othernodes, but like I said, you should be able to get most of it by scanningthe file. You don't have to get everything right the first time either.If I check it in I'll review it and tidy up as long as most of theimportant data is there.

Oops, I almost missed getpwpath().  I deleted your code already, but
there is already a construct_cvspass_filename() function in `login.c'

as

well.

construct_cvspass_filename() constructs path to user's password file. My
{set,get}pwpath functions is used to store path to CVSROOT/passwd file.

Yep, you're right. Sorry about that. I like your abstraction and I'mtempted to say it should be in root.c or the like and extended for alladmin files (e.g. get_repository_admin_file(root, CVSROOTADM_PASSWD))simply because all those sprintf("%s/%s/%s",...)'s that litter the codelook messy and don't necessarily remain portable across OSs, but I'mhardly going to require that for acceptance of this patch.

Again, much of this happens in `server.c'.  Please reuse code.  And
unless I'm mistaken, this asks for the admin password - that shouldn't
be happening.  If the user is an administrator they should already have

authenticated.

I've investigated server.c and login.c before writing this code. There

is no reusable code over there.

Sorry. It's your get_password() function that duplicates code, but Ialready mentioned that.

The only thing I've taken from login.c
is GETPASS macro definition. Suppose it should be placed in cvs.h header
file.

I missed that GETPASS was from login.c. `cvs.h' might be an appropriateplace. Maybe a new `user.h' or `subr.h' would be more appropriate.

As for allowing any user's password to be changed if you know the

user's

password, I'm against that.  It's unneeded overhead.  Go ahead and
verify a user's password, but make other users log in to change their
own password or let the admin do it.

I've implemented (I hope) UNIX-like behavior of passwd command.
Try to login and run 'passwd' under UNIX. First you will be asked for
current user password. It's not overhead. If 'cvs pass' will rely on
current user password anyone can change it having physical access to
user workstation.


Sorry yet again.  I think I misread:

3. User's password can be changed either by CVS Administrator or by a
person who knows current user's CVS password.

to mean that a non-admin user specifying another username could changethe password if they knew the user's password, which isn't like any UNIXI've used. But it sounds like you did it Right (tm).


Derek

--
               *8^)

Email: derek@ximbiot.com

Get CVS support at http://ximbiot.com
--
Travel advisories - Alaska:  Tourists are warned to wear tiny bells on
their clothing when hiking in bear country.  The bells warn away MOST
bears.  Tourists are also cautioned to watch the ground on the trail,
paying particular attention to bear droppings, to be alert for the
presence of Grizzly Bears.  One can tell Grizzly droppings by the tiny
bells in them.

[Prev in Thread]

Current Thread

[Next in Thread]

user.c, user.h, Andrey Aristarkhov, 2002/08/12
- Re: user.c, user.h, Derek Robert Price, 2002/08/13
  - RE: user.c, user.h, Andrey Aristarkhov, 2002/08/13
    - Re: user.c, user.h, Derek Robert Price <=
    - RE: user.c, user.h, Andrey Aristarkhov, 2002/08/14
    - Re: user.c, user.h, Derek Robert Price, 2002/08/14
    - RE: user.c, user.h, Andrey Aristarkhov, 2002/08/14
    - Re: user.c, user.h, Derek Robert Price, 2002/08/14
    - RE: user.c, user.h, Andrey Aristarkhov, 2002/08/14
    - Re: user.c, user.h, Derek Robert Price, 2002/08/14

Prev by Date: Re: Is this a bug ?
Next by Date: Re: cvs user, cvs password
Previous by thread: RE: user.c, user.h
Next by thread: RE: user.c, user.h
Index(es):
- Date
- Thread