summaryrefslogtreecommitdiff
path: root/git-cvsserver.perl
AgeCommit message (Collapse)AuthorFilesLines
2021-09-16git-cvsserver: protect against NULL in crypt(3)Libravatar Carlo Marcelo Arenas Belón1-2/+3
Some versions of crypt(3) will return NULL when passed an unsupported hash type (ex: OpenBSD with DES), so check for undef instead of using it directly. Also use this to probe the system and select a better hash function in the tests, so it can pass successfully. Signed-off-by: Carlo Marcelo Arenas Belón <carenas@gmail.com> [jc: <CAPUEspjqD5zy8TLuFA96usU7FYi=0wF84y7NgOVFqegtxL9zbw@mail.gmail.com>] Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-09-16git-cvsserver: use crypt correctly to compare password hashesLibravatar Carlo Marcelo Arenas Belón1-1/+1
c057bad370 (git-cvsserver: use a password file cvsserver pserver, 2010-05-15) adds a way for `git cvsserver` to provide authenticated pserver accounts without having clear text passwords, but uses the username instead of the password to the call for crypt(3). Correct that, and make sure the documentation correctly indicates how to obtain hashed passwords that could be used to populate this configuration, as well as correcting the hash that was used for the tests. This change will require that any user of this feature updates the hashes in their configuration, but has the advantage of using a more similar format than cvs uses, probably also easying any migration. Signed-off-by: Carlo Marcelo Arenas Belón <carenas@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-06-14*: fix typos which duplicate a wordLibravatar Andrei Rybak1-1/+1
Fix typos in documentation, code comments, and RelNotes which repeat various words. In trivial cases, just delete the duplicated word and rewrap text, if needed. Reword the affected sentence in Documentation/RelNotes/1.8.4.txt for it to make sense. Signed-off-by: Andrei Rybak <rybak.a.v@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-06-22git-cvsserver: port to SHA-256Libravatar brian m. carlson1-17/+20
The code of git-cvsserver currently has several hard-coded 20 and 40 constants that are the length of SHA-1. When parsing the configuration file, read the extensions.objectformat configuration setting as well as CVS-related ones and adjust the hash sizes accordingly. Use these computed values in all the places we match object IDs. Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net> Acked-by: Eric Wong <e@80x24.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2017-09-11cvsserver: use safe_pipe_capture for `constant commands` as wellLibravatar Junio C Hamano1-4/+4
This is not strictly necessary, but it is a good code hygiene. Signed-off-by: Junio C Hamano <gitster@pobox.com>
2017-09-11cvsserver: use safe_pipe_capture instead of backticksLibravatar joernchen1-11/+11
This makes the script pass arguments that are derived from end-user input in safer way when invoking subcommands. Reported-by: joernchen <joernchen@phenoelit.de> Signed-off-by: joernchen <joernchen@phenoelit.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2017-09-11cvsserver: move safe_pipe_capture() to the main packageLibravatar Junio C Hamano1-25/+22
As a preparation for replacing `command` with a call to this function from outside GITCVS::updater package, move it to the main package. Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-05-06typofix: assorted typofixes in comments, documentation and messagesLibravatar Li Peng1-3/+3
Many instances of duplicate words (e.g. "the the path") and a few typoes are fixed, originally in multiple patches. wildmatch: fix duplicate words of "the" t: fix duplicate words of "output" transport-helper: fix duplicate words of "read" Git.pm: fix duplicate words of "return" path: fix duplicate words of "look" pack-protocol.txt: fix duplicate words of "the" precompose-utf8: fix typo of "sequences" split-index: fix typo worktree.c: fix typo remote-ext: fix typo utf8: fix duplicate words of "the" git-cvsserver: fix duplicate words Signed-off-by: Li Peng <lip@dtdream.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-02-17git-cvsserver.perl: fix typoLibravatar GyuYong Jung1-1/+1
Signed-off-by: GyuYong Jung <obliviscence@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-11-04Merge branch 'ak/cvsserver-stabilize-use-of-hash-keys'Libravatar Junio C Hamano1-5/+5
* ak/cvsserver-stabilize-use-of-hash-keys: cvsserver: Determinize output to combat Perl 5.18 hash randomization
2013-10-30cvsserver: Determinize output to combat Perl 5.18 hash randomizationLibravatar Anders Kaseorg1-5/+5
Perl 5.18 randomizes the seed used by its hash function, so iterating through hashes results in different orders from run to run: http://perldoc.perl.org/perl5180delta.html#Hash-overhaul This usually broke t9400 (gitcvs.dbname, gitcvs.ext.dbname, when running cmp on two .sqlite files) and t9402 (check [cvswork3] diff, when running test_cmp on two diffs). To fix this, hide the internal order of hashes with sort when sending output or running database queries. (An alternative workaround is PERL_HASH_SEED=0, but this seems nicer.) Signed-off-by: Anders Kaseorg <andersk@mit.edu> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-09-18Merge branch 'jc/cvsserver-perm-bit-fix'Libravatar Junio C Hamano1-1/+1
"git cvsserver" computed the permission mode bits incorrectly for executable files. * jc/cvsserver-perm-bit-fix: cvsserver: pick up the right mode bits
2013-09-11cvsserver: pick up the right mode bitsLibravatar Junio C Hamano1-1/+1
When determining the file mode from either ls-tree or diff-tree output, we used to grab these octal mode string (typically 100644 or 100755) and then did $git_perms .= "r" if ( $mode & 4 ); $git_perms .= "w" if ( $mode & 2 ); $git_perms .= "x" if ( $mode & 1 ); which was already wrong, as (100644 & 4) is very different from oct("100644") & 4. An earlier refactoring 2c3af7e7 (cvsserver: factor out git-log parsing logic, 2012-10-13) further changed it to pick the third octal digit (10*0*644 or 10*0*755) from the left and then do the above conversion, which does not make sense, either. Let's use the third digit from the last of the octal mode string to make sure we get the executable and read bits right. Signed-off-by: Junio C Hamano <gitster@pobox.com> Tested-by: Michael Cronenworth <mike@cchtml.com>
2013-09-04use 'tree-ish' instead of 'treeish'Libravatar Richard Hansen1-1/+1
Replace 'treeish' in documentation and comments with 'tree-ish' to match gitglossary(7). The only remaining instances of 'treeish' are: * variable, function, and macro names * "(also treeish)" in the definition of tree-ish in gitglossary(7) Signed-off-by: Richard Hansen <rhansen@bbn.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-04-12Correct common spelling mistakes in comments and testsLibravatar Stefano Lattarini1-2/+2
Most of these were found using Lucas De Marchi's codespell tool. Signed-off-by: Stefano Lattarini <stefano.lattarini@gmail.com> Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Acked-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-02-24git-cvsimport: use a lowercase "usage:" stringLibravatar David Aguilar1-1/+1
Make the usage string consistent with Git. Reviewed-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: David Aguilar <davvid@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: support -r and sticky tags for most operationsLibravatar Matthew Ogilvie1-203/+510
- Split off prepDirForOutput for "update" and "commit". Some low level protocol details were changed to more closely resemble CVS even in non-tagged cases. Hopefully it still works with finicky clients like Eclipse. - Substantial changes to "diff". The output is now closer to standard CVS (including exit status), and can be used as a patch, but there are still a number of differences compared to CVS. - Tweaks to "add", "remove", "status", and "commit". - FUTURE: CVS revision numbers for branches simply encode git commit IDs in a way that resembles CVS revision numbers, dropping all normal CVS structural relations between different revision numbers. - FUTURE: "log" doesn't try to work properly at all with branches and tags. - FUTURE: "annotate" probably doesn't work with branches or tags either (untested)? Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: Add version awareness to argsfromdirLibravatar Matthew Ogilvie1-30/+198
Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: generalize getmeta() to recognize commit refsLibravatar Matthew Ogilvie1-11/+145
This allows getmeta() to recognize any commitish (sha1, tag/branch name, etc). Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: implement req_Sticky and related utilitiesLibravatar Matthew Ogilvie1-2/+169
Nothing sets sticky yet, or uses the values set by this, but soon... Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: add misc commit lookup, file meta data, and file listing functionsLibravatar Matthew Ogilvie1-1/+365
These will be used soon, but not yet. PERFORMANCE NOTE: getMetaFromCommithash() does not scale well as currently implemented. See comment for possible optimization strategies. Fortunately, it will only be used in cases that would not have worked at all before this change. Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: define a tag name character escape mechanismLibravatar Matthew Ogilvie1-0/+91
CVS tags are officially only allowed to use [-_0-9A-Za-f]. Git refs commonly uses other characters, especially [./]. Such characters need to be escaped from CVS in order to be referenced. This just defines functions to escape/unescape names. The functions are not used yet. Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: cleanup extra slashes in filename argumentsLibravatar Matthew Ogilvie1-0/+28
Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: factor out git-log parsing logicLibravatar Matthew Ogilvie1-71/+105
Some field conversion was already duplicated, and more calls will be added soon. Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver status: provide real sticky infoLibravatar Matthew Ogilvie1-4/+20
Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: cvs add: do not expand directory argumentsLibravatar Matthew Ogilvie1-2/+0
Standard "cvs add" never does any recursion. With standard cvs, "cvs add dir" will either add just the "dir" to the repository, or error out. Prior to this change, git-cvsserver would try to recurse (perhaps re-adding sandbox-removed files?) into the existing directory instead. Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: use whole CVS rev number in-process; don't strip "1." prefixLibravatar Matthew Ogilvie1-103/+122
Keep track of the whole CVS revision number in-process. This will clarify code when we start handling non-linear revision numbers later. There is one externally visible change: conflict markers after an update will now include the full CVS revision number, including the "1." prefix. It used to leave off the prefix. Other than the conflict marker, this change doesn't effect external functionality. No new features, and the DB schema is unchanged such that it continues to store just the stripped rev numbers (without prefix). Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: split up long lines in req_{status,diff,log}Libravatar Matthew Ogilvie1-61/+159
Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: clean up client request handler map commentsLibravatar Matthew Ogilvie1-1/+4
- Comment that it should not be considered a complete list. - #'annotate' comment - Uncommented annotate line is 2 lines earlier. Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: remove unused functions _headrev and gethistoryLibravatar Matthew Ogilvie1-32/+4
Remove: - _headrev() - It uses similar functionality from getmeta() and gethead(). - gethistory() - It uses similar functions gethistorydense() and getlog(). Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver update: comment about how we shouldn't remove a user-modified fileLibravatar Matthew Ogilvie1-0/+4
Instead of a comment, we should really add test cases and actually fix it. Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: add comments about database schema/usageLibravatar Matthew Ogilvie1-4/+42
No functionality changes, but these comments should make it easier to understand how it works. Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-10-16cvsserver: removed unused sha1Or-k mode from kopts_from_pathLibravatar Matthew Ogilvie1-33/+5
sha1Or-k was a vestige from an early, never-released attempt to handle some oddball cases of CRLF conversion (-k option). Ultimately it wasn't needed, and I should have gotten rid of it before submitting the CRLF patch in the first place. See also 90948a42892779 (add ability to guess -kb from contents). Signed-off-by: Matthew Ogilvie <mmogilvi_git@miniinfo.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-10-05use -h for synopsis and --help for manpage consistentlyLibravatar Clemens Buchacher1-2/+2
A few scripted Porcelain implementations pretend as if the routine to show their own help messages are triggered upon "git cmd --help", but a command line parser of "git" will hijack such a request and shows the manpage for the cmd subcommand. Leaving the code to handle such input is simply misleading. Signed-off-by: Clemens Buchacher <drizzd@aon.at> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-10-26Merge branch 'ab/require-perl-5.8'Libravatar Junio C Hamano1-0/+1
* ab/require-perl-5.8: perl: use "use warnings" instead of -w perl: bump the required Perl version to 5.8 from 5.6.[21]
2010-10-06Martin Langhoff has a new e-mail addressLibravatar Junio C Hamano1-3/+3
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-09-27perl: bump the required Perl version to 5.8 from 5.6.[21]Libravatar Ævar Arnfjörð Bjarmason1-0/+1
Formalize our dependency on perl 5.8, bumped from 5.6.[12]. We already used the three-arg form of open() which was introduced in 5.6.1, but t/t9700/test.pl explicitly depended on 5.6.2. However git-add--interactive.pl has been failing on the 5.6 line since it was introduced in v1.5.0-rc0~12^2~2 back in 2006 due to this open syntax: sub run_cmd_pipe { my $fh = undef; open($fh, '-|', @_) or die; return <$fh>; } Which when executed dies on "Can't use an undefined value as filehandle reference". Several of our tests also fail on 5.6 (even more when compiled with NO_PERL_MAKEMAKER=1): t2016-checkout-patch.sh t3904-stash-patch.sh t3701-add-interactive.sh t7105-reset-patch.sh t7501-commit.sh t9700-perl-git.sh Our code is bitrotting on 5.6 with no-one interested in fixing it, and pinning us to such an ancient release of Perl is keeping us from using useful features introduced in the 5.8 release. The 5.6 series is now over 10 years old, and the 5.6.2 maintenance release almost 7. 5.8 on the other hand is more than 8 years old. All the modern Unix-like operating systems have now upgraded to it or a later version, and 5.8 packages are available for old IRIX, AIX Solaris and Tru64 systems. Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Acked-by: Tor Arntsen <tor@spacetec.no> Acked-by: Randal L. Schwartz <merlyn@stonehenge.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-06-21Merge branch 'eb/core-eol'Libravatar Junio C Hamano1-4/+9
* eb/core-eol: Add "core.eol" config variable Rename the "crlf" attribute "text" Add per-repository eol normalization Add tests for per-repository eol normalization Conflicts: Documentation/config.txt Makefile
2010-06-20git-cvsserver: fix error for invalid password formatsLibravatar Ævar Arnfjörð Bjarmason1-1/+4
Change the error message to report the erroneous password character. $1 was never set in the previos version, it was a leftover from older code that used a regex for the test. Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-06-20git-cvsserver: typo in a comment: bas -> hasLibravatar Ævar Arnfjörð Bjarmason1-1/+1
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-19git-cvsserver: Improved error handling for pserverLibravatar Ævar Arnfjörð Bjarmason1-5/+24
- Produce an error if the user tries to supply a password for anonymous - Clarify the error message produced when there's no [gitcvs.authdb] - Produce an E error if the authdb doesn't exist instead of spewing $! to the user - do crypt($user, descramble($pass)) eq $hash; crypt($user, $hash) eq $hash would accept any password Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-19git-cvsserver: indent & clean up authdb codeLibravatar Ævar Arnfjörð Bjarmason1-10/+13
- Indent the last commit to fit with the rest of the code. - Use lexical filehandles instead of global globs - Close the filehandle after the password database has been read. Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-19git-cvsserver: use a password file cvsserver pserverLibravatar Sam Vilain1-14/+15
If a git repository is shared via HTTP, the config file is typically visible. Use an external file instead. Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-19git-cvsserver: authentication support for pserverLibravatar Ævar Arnfjörð Bjarmason1-8/+65
Allow git-cvsserver to use authentication over pserver mode. The pserver user/password database is stored in the config file for each repository. Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Worriedly-Acked-by: Martin Langhoff <martin.langhoff@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-19Rename the "crlf" attribute "text"Libravatar Eyvind Bernhardsen1-4/+9
As discussed on the list, "crlf" is not an optimal name. Linus suggested "text", which is much better. Signed-off-by: Eyvind Bernhardsen <eyvind.bernhardsen@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-01-28Merge branch 'gp/maint-cvsserver'Libravatar Junio C Hamano1-1/+1
* gp/maint-cvsserver: git-cvsserver: allow regex metacharacters in CVSROOT
2010-01-26git-cvsserver: allow regex metacharacters in CVSROOTLibravatar Gerrit Pape1-1/+1
When run in a repository with a path name containing regex metacharacters (e.g. +), git-cvsserver failed to split the client request into CVSROOT and module. Now metacharacters are disabled for the value of CVSROOT in the perl regex so that directory names containing metacharacters are handled properly. Signed-off-by: Gerrit Pape <pape@smarden.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-01-10Merge branch 'pm/cvs-environ'Libravatar Junio C Hamano1-1/+21
* pm/cvs-environ: CVS Server: Support reading base and roots from environment
2009-12-31cvsserver: make the output of 'update' more compatible with cvs.Libravatar Sergei Organov1-0/+16
Native cvs update outputs the string "cvs update: Updating <DIR>" for every directory it processes (to stderr) unless -q or -Q is given on comman-line. This is used, e.g., by emacs pcl-cvs to split files by directory. This commit implements this feature in cvsserver. Signed-off-by: Sergei Organov <osv@javad.com> Acked-by: Martin Langhoff <martin.langhoff@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-12-30CVS Server: Support reading base and roots from environmentLibravatar Phil Miller1-1/+21
The Gitosis single-account Git/ssh hosting system runs git commands through git-shell after confirming that the connecting user is authorized to access the requested repository. This works well for upload-pack and receive-pack, which take a repository argument through git-shell. This doesn't work so well for `cvs server', which is passed through literally, with no arguments. Allowing arguments risks sneaking in `--export-all', so that restriction should be maintained. Despite that, passing a repository root is necessary for per-user access control by the hosting software, and passing a base path improves usability without weakening security. Thus, git-cvsserver needs to come up with these values at runtime by some other means. Since git-shell preserves the environment for other purposes, the environment can carry these arguments as well. Thus, modify git-cvsserver to read $GIT_CVSSERVER_{BASE_PATH,ROOT} in the absence of equivalent command line arguments. Signed-off-by: Phil Miller <mille121@illinois.edu> Signed-off-by: Junio C Hamano <gitster@pobox.com>