diff options
author | Ævar Arnfjörð Bjarmason <avarab@gmail.com> | 2010-05-15 04:46:02 +0200 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2010-05-20 06:02:59 +0200 |
commit | 475357a32a55c3624011e3945f9659f4cb365f1b (patch) | |
tree | a827fe937836d11d04a647535aea605433f16378 /git-cvsserver.perl | |
parent | git-cvsserver: indent & clean up authdb code (diff) | |
download | git-475357a32a55c3624011e3945f9659f4cb365f1b.tar.xz git-475357a32a55c3624011e3945f9659f4cb365f1b.zip |
git-cvsserver: Improved error handling for pserver
- Produce an error if the user tries to supply a password for anonymous
- Clarify the error message produced when there's no [gitcvs.authdb]
- Produce an E error if the authdb doesn't exist instead of spewing
$! to the user
- do crypt($user, descramble($pass)) eq $hash; crypt($user, $hash)
eq $hash would accept any password
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'git-cvsserver.perl')
-rwxr-xr-x | git-cvsserver.perl | 29 |
1 files changed, 24 insertions, 5 deletions
diff --git a/git-cvsserver.perl b/git-cvsserver.perl index ed1d5b9d60..3833beeef3 100755 --- a/git-cvsserver.perl +++ b/git-cvsserver.perl @@ -187,19 +187,37 @@ if ($state->{method} eq 'pserver') { $line = <STDIN>; chomp $line; my $password = $line; - unless ($user eq 'anonymous') { + if ($user eq 'anonymous') { + # "A" will be 1 byte, use length instead in case the + # encryption method ever changes (yeah, right!) + if (length($password) > 1 ) { + print "E Don't supply a password for the `anonymous' user\n"; + print "I HATE YOU\n"; + exit 1; + } + + # Fall through to LOVE + } else { # Trying to authenticate a user if (not exists $cfg->{gitcvs}->{authdb}) { - print "E the repo config file needs a [gitcvs.authdb] section with a filename\n"; + print "E the repo config file needs a [gitcvs] section with an 'authdb' parameter set to the filename of the authentication database\n"; + print "I HATE YOU\n"; + exit 1; + } + + my $authdb = $cfg->{gitcvs}->{authdb}; + + unless (-e $authdb) { + print "E The authentication database specified in [gitcvs.authdb] does not exist\n"; print "I HATE YOU\n"; exit 1; } my $auth_ok; - open my $passwd, "<", $cfg->{gitcvs}->{authdb} or die $!; + open my $passwd, "<", $authdb or die $!; while (<$passwd>) { if (m{^\Q$user\E:(.*)}) { - if (crypt($user, $1) eq $1) { + if (crypt($user, descramble($password)) eq $1) { $auth_ok = 1; } }; @@ -210,7 +228,8 @@ if ($state->{method} eq 'pserver') { print "I HATE YOU\n"; exit 1; } - # else fall through to LOVE + + # Fall through to LOVE } # For checking whether the user is anonymous on commit |