From 460c6996e27208898d3e24897e2ea35295c1cbf1 Mon Sep 17 00:00:00 2001 From: Frank Lichtenheld Date: Sun, 13 May 2007 19:49:05 +0200 Subject: [PATCH] cvsserver: Don't send mixed messages to clients After we send I HATE YOU we should probably exit and not happily continue with I LOVE YOU and further communication. Most clients will probably just exit and ignore everything we send after the I HATE YOU and it is not a security problem either because we don't really care about the user name anyway. But it is still the right thing to do. [jc: with a minor fixup to its exit code...] Signed-off-by: Frank Lichtenheld Acked-by: "Martin Langhoff" Signed-off-by: Junio C Hamano --- git-cvsserver.perl | 1 + 1 file changed, 1 insertion(+) diff --git a/git-cvsserver.perl b/git-cvsserver.perl index a07c72526..ac88625fc 100755 --- a/git-cvsserver.perl +++ b/git-cvsserver.perl @@ -105,6 +105,7 @@ if (@ARGV && $ARGV[0] eq 'pserver') { unless ($line eq 'anonymous') { print "E Only anonymous user allowed via pserver\n"; print "I HATE YOU\n"; + exit; } $line = ; chomp $line; # validate the password? $line = ; chomp $line; -- 2.30.2