2 # cvs-repouid patch for controlling pserver access. See
3 # README.Debian for details.
5 # Original patch by Wichert Akkerman <wakkerma@debian.org>, fixes by
6 # Steve McIntyre <steve@einval.com> with help from Alberto Garcia
8 diff -ruN cvs-1.12.13-old/src/cvs.h cvs-1.12.13/src/cvs.h
9 --- cvs-1.12.13-old/src/cvs.h 2005-10-02 23:17:20.000000000 +0800
10 +++ cvs-1.12.13/src/cvs.h 2006-02-26 22:08:16.000000000 +0800
12 #define CVSADM_TEMPLATE "CVS/Template"
13 #endif /* USE_VMS_FILENAMES */
15 +/* Global configuration file mapping repositories to uids. This can be
16 + used instead of getting the unix user. This is prevents a security
17 + problem where anyone with commit access can basically become any
18 + user on the machine. Combined with the insecure pserver that is a
19 + problem waiting to happen. */
20 +#define CVS_REPOUIDFILE "/etc/cvs-repouids"
22 /* This is the special directory which we use to store various extra
23 per-directory information in the repository. It must be the same as
24 CVSADM to avoid creating a new reserved directory name which users cannot
25 diff -ruN cvs-1.12.13-old/src/server.c cvs-1.12.13/src/server.c
26 --- cvs-1.12.13-old/src/server.c 2005-09-28 23:25:59.000000000 +0800
27 +++ cvs-1.12.13/src/server.c 2006-02-26 22:08:16.000000000 +0800
28 @@ -6570,6 +6570,12 @@
32 + if (pw->pw_uid == 0)
34 + printf("error 0: root not allowed\n");
35 + exit (EXIT_FAILURE);
39 if (initgroups (pw->pw_name, pw->pw_gid) < 0
41 @@ -6667,6 +6673,51 @@
46 +global_repo_uid(const char* repository)
49 + char *linebuf = NULL;
52 + size_t repolen = strlen (repository);
55 + fp = fopen (CVS_REPOUIDFILE, "r");
58 + if (!existence_error (errno))
59 + error (0, errno, "cannot open %s", CVS_REPOUIDFILE);
63 + while (getline (&linebuf, &linebuf_len, fp) >= 0)
65 + if ((strncmp (linebuf, repository, repolen) == 0)
66 + && (linebuf[repolen] == ':'))
74 + error (0, errno, "cannot read %s", CVS_REPOUIDFILE);
75 + if (fclose (fp) < 0)
76 + error (0, errno, "cannot close %s", CVS_REPOUIDFILE);
83 + strtok (linebuf + repolen, "\n");
84 + user = xstrdup (linebuf + repolen + 1);
90 #ifdef AUTH_SERVER_SUPPORT
92 extern char *crypt (const char *, const char *);
94 /* If found_it, then linebuf contains the information we need. */
97 - char *found_password, *host_user_tmp;
98 + char *found_password, *host_user_tmp, *user_override;
99 char *non_cvsuser_portion;
101 /* We need to make sure lines such as
102 @@ -6805,6 +6856,9 @@
103 /* Give host_user_ptr permanent storage. */
104 *host_user_ptr = xstrdup (host_user_tmp);
106 + user_override = global_repo_uid (repository);
108 + *host_user_ptr = user_override;