summaryrefslogtreecommitdiff
path: root/git-cvsserver.perl
diff options
context:
space:
mode:
authorÆvar Arnfjörð Bjarmason <avarab@gmail.com>2010-05-15 02:46:02 +0000
committerJunio C Hamano <gitster@pobox.com>2010-05-19 21:02:59 -0700
commit475357a32a55c3624011e3945f9659f4cb365f1b (patch)
treea827fe937836d11d04a647535aea605433f16378 /git-cvsserver.perl
parent3052525effbf4b9ab0cc4a66fe32f0f7261b7323 (diff)
downloadgit-475357a32a55c3624011e3945f9659f4cb365f1b.tar.gz
git-cvsserver: Improved error handling for pserver
- Produce an error if the user tries to supply a password for anonymous - Clarify the error message produced when there's no [gitcvs.authdb] - Produce an E error if the authdb doesn't exist instead of spewing $! to the user - do crypt($user, descramble($pass)) eq $hash; crypt($user, $hash) eq $hash would accept any password Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'git-cvsserver.perl')
-rwxr-xr-xgit-cvsserver.perl29
1 files changed, 24 insertions, 5 deletions
diff --git a/git-cvsserver.perl b/git-cvsserver.perl
index ed1d5b9d60..3833beeef3 100755
--- a/git-cvsserver.perl
+++ b/git-cvsserver.perl
@@ -187,19 +187,37 @@ if ($state->{method} eq 'pserver') {
$line = <STDIN>; chomp $line;
my $password = $line;
- unless ($user eq 'anonymous') {
+ if ($user eq 'anonymous') {
+ # "A" will be 1 byte, use length instead in case the
+ # encryption method ever changes (yeah, right!)
+ if (length($password) > 1 ) {
+ print "E Don't supply a password for the `anonymous' user\n";
+ print "I HATE YOU\n";
+ exit 1;
+ }
+
+ # Fall through to LOVE
+ } else {
# Trying to authenticate a user
if (not exists $cfg->{gitcvs}->{authdb}) {
- print "E the repo config file needs a [gitcvs.authdb] section with a filename\n";
+ print "E the repo config file needs a [gitcvs] section with an 'authdb' parameter set to the filename of the authentication database\n";
+ print "I HATE YOU\n";
+ exit 1;
+ }
+
+ my $authdb = $cfg->{gitcvs}->{authdb};
+
+ unless (-e $authdb) {
+ print "E The authentication database specified in [gitcvs.authdb] does not exist\n";
print "I HATE YOU\n";
exit 1;
}
my $auth_ok;
- open my $passwd, "<", $cfg->{gitcvs}->{authdb} or die $!;
+ open my $passwd, "<", $authdb or die $!;
while (<$passwd>) {
if (m{^\Q$user\E:(.*)}) {
- if (crypt($user, $1) eq $1) {
+ if (crypt($user, descramble($password)) eq $1) {
$auth_ok = 1;
}
};
@@ -210,7 +228,8 @@ if ($state->{method} eq 'pserver') {
print "I HATE YOU\n";
exit 1;
}
- # else fall through to LOVE
+
+ # Fall through to LOVE
}
# For checking whether the user is anonymous on commit