info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FAQ-O-Matic pserver protocol

From: Mark D. Baushke
Subject: Re: FAQ-O-Matic pserver protocol
Date: Sun, 13 Feb 2005 17:44:35 -0800 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Guus Leeuw jr. <address@hidden> writes:

> > Have you considered moving to the CVSNT fork
> > of CVS? (Yes, it runs on boxes other than
> > Windows.)
> 
> No, and I won't. I am a long time believer of CVS pure ;)

LOL. Okay. :-)

(I just hope you didn't hur Arthur Barrett's feelings. :-)

I honestly think that the cvsnt stuff has its
place in the scheme of things. I just wish they
didn't have so many different authentication
methods...

I am enough of a realist to know that there will
be many different clients out there as well as
more than one server implementation. I think of
this as mostly being healthy.

I am also looking with interest to see what the
OpenBSD folks do with their OpenCVS implementation
of cvs.

> I'd assume most people out there use the CVS
> 1.11 branch of things, so I'd stick passwd in
> the feature release for the hard-edge to test,
> and then maybe a back-port?

Well, it is hoped that sometime this year 1.12.x
will become the STABLE release and 1.11.x would
become deprecated.

We have been resisting putting anything but bug
fixes into 1.11.x and a new option like 'cvs
password' would not fit the criteria for an
official backport.

If you wanted to provide a patch that folks
applied to older releases, you could that.

> Well, if I'd do it, I'd do it because of:
> 1) It seems useful (Jim suggested such)

Yup, I am sure there are a number of folks who
believe it to be useful.

> 2) Larry, Derek, and you Mark would want it in
> the general CVS...

I can not speak for either Larry or Derek.

> > That said, if you really are planning to
> > cleanup pserver to make it 'secure' for
> > changing a password, maybe you can find the
> > time to do a more secure replacement code base
> > for the pserver implementation instead? If you
> > can get security folks to go thru all possible
> > code paths and shake out the next big bug (and
> > fix it), then I am sure a lot of folks would
> > appreciate your work.
> 
> Maybe... We'll see. Let me first tackle the
> password stuff, and later, I might have time to
> go about pserver in general...

Fair enough.

        -- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQFCEAKD3x41pRYZE/gRAgzPAKDaWItMA9nI0C9/F8gSM4uYg1h6dQCfZ8hr
veweDg8v8dR7oUTqKUb/xOc=
=uMBV
-----END PGP SIGNATURE-----
reply via email to
[Prev in Thread] Current Thread [Next in Thread]