![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/git-cvsserver.perl b/git-cvsserver.perl
index 709741920f19a057a352d29a5b24c1ac6f7ed2c1..e9f3037df351ceed0262a8995f19903464163af8 100755 (executable)
--- a/git-cvsserver.perl
+++ b/git-cvsserver.perl
$line = <STDIN>; chomp $line;
my $password = $line;
- unless ($user eq 'anonymous') {
+ if ($user eq 'anonymous') {
+ # "A" will be 1 byte, use length instead in case the
+ # encryption method ever changes (yeah, right!)
+ if (length($password) > 1 ) {
+ print "E Don't supply a password for the `anonymous' user\n";
+ print "I HATE YOU\n";
+ exit 1;
+ }
+
+ # Fall through to LOVE
+ } else {
# Trying to authenticate a user
- if (not exists $cfg->{gitcvs}->{users}) {
- print "E the repo config file needs a [gitcvs.users] section with user/password key-value pairs\n";
+ if (not exists $cfg->{gitcvs}->{authdb}) {
+ print "E the repo config file needs a [gitcvs] section with an 'authdb' parameter set to the filename of the authentication database\n";
print "I HATE YOU\n";
exit 1;
- } elsif (exists $cfg->{gitcvs}->{users} and not exists $cfg->{gitcvs}->{users}->{$user}) {
- #print "E the repo config file has a [gitcvs.users] section but the user $user is not defined in it\n";
+ }
+
+ my $authdb = $cfg->{gitcvs}->{authdb};
+
+ unless (-e $authdb) {
+ print "E The authentication database specified in [gitcvs.authdb] does not exist\n";
+ print "I HATE YOU\n";
+ exit 1;
+ }
+
+ my $auth_ok;
+ open my $passwd, "<", $authdb or die $!;
+ while (<$passwd>) {
+ if (m{^\Q$user\E:(.*)}) {
+ if (crypt($user, descramble($password)) eq $1) {
+ $auth_ok = 1;
+ }
+ };
+ }
+ close $passwd;
+
+ unless ($auth_ok) {
print "I HATE YOU\n";
exit 1;
- } else {
- my $descrambled_password = descramble($password);
- my $cleartext_password = $cfg->{gitcvs}->{users}->{$user};
- if ($descrambled_password ne $cleartext_password) {
- #print "E The password supplied for user $user was incorrect\n";
- print "I HATE YOU\n";
- exit 1;
- }
- # else fall through to LOVE
}
+
+ # Fall through to LOVE
}
# For checking whether the user is anonymous on commit
}
foreach my $line ( @gitvars )
{
- next unless ( $line =~ /^(gitcvs)\.(?:(ext|pserver|users)\.)?([\w-]+)=(.*)$/ );
+ next unless ( $line =~ /^(gitcvs)\.(?:(ext|pserver)\.)?([\w-]+)=(.*)$/ );
unless ($2) {
$cfg->{$1}{$3} = $4;
} else {
if ( defined ( $cfg->{gitcvs}{usecrlfattr} ) and
$cfg->{gitcvs}{usecrlfattr} =~ /\s*(1|true|yes)\s*$/i )
{
- my ($val) = check_attr( "crlf", $path );
- if ( $val eq "set" )
+ my ($val) = check_attr( "text", $path );
+ if ( $val eq "unspecified" )
{
- return "";
+ $val = check_attr( "crlf", $path );
}
- elsif ( $val eq "unset" )
+ if ( $val eq "unset" )
{
return "-kb"
}
+ elsif ( check_attr( "eol", $path ) ne "unspecified" ||
+ $val eq "set" || $val eq "input" )
+ {
+ return "";
+ }
else
{
$log->info("Unrecognized check_attr crlf $path : $val");
);
my ($str) = @_;
- # This should never happen, the same password format (A) bas been
+ # This should never happen, the same password format (A) has been
# used by CVS since the beginning of time
- die "invalid password format $1" unless substr($str, 0, 1) eq 'A';
+ {
+ my $fmt = substr($str, 0, 1);
+ die "invalid password format `$fmt'" unless $fmt eq 'A';
+ }
my @str = unpack "C*", substr($str, 1);
my $ret = join '', map { chr $SHIFTS[$_] } @str;