---- cvs-1.12.13.orig/debian/patches/66_64bit_crashfix
-+++ cvs-1.12.13/debian/patches/66_64bit_crashfix
-@@ -0,0 +1,15 @@
-+# Fix a 64-bit crash in the entries_time() function and another bug in
-+# the diff code. Thanks to Gabor Gombas for the patch. Closes:
-+# #329127.
-+diff -ruN cvs-1.12.13-old/diff/util.c cvs-1.12.13/diff/util.c
-+--- cvs-1.12.13-old/diff/util.c 2003-02-03 03:52:38.000000000 +0800
-++++ cvs-1.12.13/diff/util.c 2006-02-26 21:32:22.000000000 +0800
-+@@ -235,7 +235,7 @@
-+ close (pipes[0]);
-+ }
-+
-+- execl (PR_PROGRAM, PR_PROGRAM, "-f", "-h", name, 0);
-++ execl (PR_PROGRAM, PR_PROGRAM, "-f", "-h", name, NULL);
-+ pfatal_with_name (PR_PROGRAM);
-+ }
-+ else
+# Fix a 64-bit crash in the entries_time() function and another bug in
+# the diff code. Thanks to Gabor Gombas for the patch. Closes:
+# #329127.
+diff -ruN cvs-1.12.13-old/diff/util.c cvs-1.12.13/diff/util.c
+--- cvs-1.12.13-old/diff/util.c 2003-02-03 03:52:38.000000000 +0800
++++ cvs-1.12.13/diff/util.c 2006-02-26 21:32:22.000000000 +0800
+@@ -235,7 +235,7 @@
+ close (pipes[0]);
+ }
+
+- execl (PR_PROGRAM, PR_PROGRAM, "-f", "-h", name, 0);
++ execl (PR_PROGRAM, PR_PROGRAM, "-f", "-h", name, NULL);
+ pfatal_with_name (PR_PROGRAM);
+ }
+ else
---- cvs-1.12.13.orig/debian/patches/61_remove_-R_warning
-+++ cvs-1.12.13/debian/patches/61_remove_-R_warning
-@@ -0,0 +1,21 @@
-+#
-+# Turn off read-only warning that breaks pserver client access. Doh!
-+# Closes: #319467, #264019
-+# Patch by Steve McIntyre <steve@einval.com>
-+diff -ruN cvs-1.12.13-old/src/main.c cvs-1.12.13/src/main.c
-+--- cvs-1.12.13-old/src/main.c 2005-10-02 23:17:21.000000000 +0800
-++++ cvs-1.12.13/src/main.c 2006-02-26 18:23:04.000000000 +0800
-+@@ -764,13 +764,6 @@
-+ if (argc < 1)
-+ usage (usg);
-+
-+- if (readonlyfs && !really_quiet) {
-+- error (0, 0,
-+- "WARNING: Read-only repository access mode selected via `cvs -R'.\n\
-+-Using this option to access a repository which some users write to may\n\
-+-cause intermittent sandbox corruption.");
-+- }
-+-
-+ /* Calculate the cvs global session ID */
-+
-+ {
+#
+# Turn off read-only warning that breaks pserver client access. Doh!
+# Closes: #319467, #264019
+# Patch by Steve McIntyre <steve@einval.com>
+diff -ruN cvs-1.12.13-old/src/main.c cvs-1.12.13/src/main.c
+--- cvs-1.12.13-old/src/main.c 2005-10-02 23:17:21.000000000 +0800
++++ cvs-1.12.13/src/main.c 2006-02-26 18:23:04.000000000 +0800
+@@ -764,13 +764,6 @@
+ if (argc < 1)
+ usage (usg);
+
+- if (readonlyfs && !really_quiet) {
+- error (0, 0,
+- "WARNING: Read-only repository access mode selected via `cvs -R'.\n\
+-Using this option to access a repository which some users write to may\n\
+-cause intermittent sandbox corruption.");
+- }
+-
+ /* Calculate the cvs global session ID */
+
+ {
---- cvs-1.12.13.orig/debian/patches/11_check_method_crash
-+++ cvs-1.12.13/debian/patches/11_check_method_crash
-@@ -0,0 +1,21 @@
-+#
-+# Do a basic sanity check on the method in the CVSROOT - don't crash
-+# if one is not specified! Bug#274020
-+#
-+# Patch from Steve McIntyre <steve@einval.com>
-+diff -ruN cvs-1.12.13-old/src/root.c cvs-1.12.13/src/root.c
-+--- cvs-1.12.13-old/src/root.c 2005-09-25 08:38:29.000000000 +0800
-++++ cvs-1.12.13/src/root.c 2006-02-26 17:48:32.000000000 +0800
-+@@ -535,6 +535,12 @@
-+ method = "";
-+ #endif /* defined (CLIENT_SUPPORT) || defined (SERVER_SUPPORT) */
-+
-++ if (NULL == method)
-++ {
-++ error (0, 0, "Missing method in CVSROOT.");
-++ goto error_exit;
-++ }
-++
-+ /* Now we have an access method -- see if it's valid. */
-+
-+ if (!strcasecmp (method, "local"))
+#
+# Do a basic sanity check on the method in the CVSROOT - don't crash
+# if one is not specified! Bug#274020
+#
+# Patch from Steve McIntyre <steve@einval.com>
+diff -ruN cvs-1.12.13-old/src/root.c cvs-1.12.13/src/root.c
+--- cvs-1.12.13-old/src/root.c 2005-09-25 08:38:29.000000000 +0800
++++ cvs-1.12.13/src/root.c 2006-02-26 17:48:32.000000000 +0800
+@@ -535,6 +535,12 @@
+ method = "";
+ #endif /* defined (CLIENT_SUPPORT) || defined (SERVER_SUPPORT) */
+
++ if (NULL == method)
++ {
++ error (0, 0, "Missing method in CVSROOT.");
++ goto error_exit;
++ }
++
+ /* Now we have an access method -- see if it's valid. */
+
+ if (!strcasecmp (method, "local"))
---- cvs-1.12.13.orig/debian/patches/71_cvsbug_tmpfix
-+++ cvs-1.12.13/debian/patches/71_cvsbug_tmpfix
-@@ -0,0 +1,22 @@
-+# Patch for a tmp race in cvsbug (in the source package; we don't ship
-+# the script as part of the package). Closes: #325106
-+diff -ruN cvs-1.12.13-old/src/cvsbug.in cvs-1.12.13/src/cvsbug.in
-+--- cvs-1.12.13-old/src/cvsbug.in 2003-02-26 05:31:33.000000000 +0800
-++++ cvs-1.12.13/src/cvsbug.in 2006-02-26 22:07:08.000000000 +0800
-+@@ -109,14 +109,14 @@
-+ /usr/bin/ypcat passwd 2>/dev/null | cat - /etc/passwd | grep "^$LOGNAME:" |
-+ cut -f5 -d':' | sed -e 's/,.*//' > $TEMP
-+ ORIGINATOR="`cat $TEMP`"
-+- rm -f $TEMP
-++ > $TEMP
-+ fi
-+ fi
-+
-+ if [ "$ORIGINATOR" = "" ]; then
-+ grep "^$LOGNAME:" /etc/passwd | cut -f5 -d':' | sed -e 's/,.*//' > $TEMP
-+ ORIGINATOR="`cat $TEMP`"
-+- rm -f $TEMP
-++ > $TEMP
-+ fi
-+
-+ if [ -n "$ORGANIZATION" ]; then
+# Patch for a tmp race in cvsbug (in the source package; we don't ship
+# the script as part of the package). Closes: #325106
+diff -ruN cvs-1.12.13-old/src/cvsbug.in cvs-1.12.13/src/cvsbug.in
+--- cvs-1.12.13-old/src/cvsbug.in 2003-02-26 05:31:33.000000000 +0800
++++ cvs-1.12.13/src/cvsbug.in 2006-02-26 22:07:08.000000000 +0800
+@@ -109,14 +109,14 @@
+ /usr/bin/ypcat passwd 2>/dev/null | cat - /etc/passwd | grep "^$LOGNAME:" |
+ cut -f5 -d':' | sed -e 's/,.*//' > $TEMP
+ ORIGINATOR="`cat $TEMP`"
+- rm -f $TEMP
++ > $TEMP
+ fi
+ fi
+
+ if [ "$ORIGINATOR" = "" ]; then
+ grep "^$LOGNAME:" /etc/passwd | cut -f5 -d':' | sed -e 's/,.*//' > $TEMP
+ ORIGINATOR="`cat $TEMP`"
+- rm -f $TEMP
++ > $TEMP
+ fi
+
+ if [ -n "$ORGANIZATION" ]; then
---- cvs-1.12.13.orig/debian/patches/65_login_cvspass_message
-+++ cvs-1.12.13/debian/patches/65_login_cvspass_message
-@@ -0,0 +1,19 @@
-+# Print a clearer message if ~/.cvspass does not exist when cvs login is
-+# called. Closes: #168163.
-+#
-+# Patch by Steve McIntyre <steve@einval.com>
-+diff -ruN cvs-1.12.13-old/src/login.c cvs-1.12.13/src/login.c
-+--- cvs-1.12.13-old/src/login.c 2005-05-14 05:47:28.000000000 +0800
-++++ cvs-1.12.13/src/login.c 2006-02-26 21:31:17.000000000 +0800
-+@@ -309,7 +309,10 @@
-+ fp = CVS_FOPEN (passfile, "r");
-+ if (fp == NULL)
-+ {
-+- error (0, errno, "warning: failed to open %s for reading", passfile);
-++ if (errno == ENOENT)
-++ error (0, 0, "CVS password file %s does not exist - creating a new file", passfile);
-++ else
-++ error (0, errno, "warning: failed to open %s for reading", passfile);
-+ goto process;
-+ }
-+
+# Print a clearer message if ~/.cvspass does not exist when cvs login is
+# called. Closes: #168163.
+#
+# Patch by Steve McIntyre <steve@einval.com>
+diff -ruN cvs-1.12.13-old/src/login.c cvs-1.12.13/src/login.c
+--- cvs-1.12.13-old/src/login.c 2005-05-14 05:47:28.000000000 +0800
++++ cvs-1.12.13/src/login.c 2006-02-26 21:31:17.000000000 +0800
+@@ -309,7 +309,10 @@
+ fp = CVS_FOPEN (passfile, "r");
+ if (fp == NULL)
+ {
+- error (0, errno, "warning: failed to open %s for reading", passfile);
++ if (errno == ENOENT)
++ error (0, 0, "CVS password file %s does not exist - creating a new file", passfile);
++ else
++ error (0, errno, "warning: failed to open %s for reading", passfile);
+ goto process;
+ }
+
---- cvs-1.12.13.orig/debian/patches/62_cvsrc_whitespace
-+++ cvs-1.12.13/debian/patches/62_cvsrc_whitespace
-@@ -0,0 +1,37 @@
-+# Ignore leading whitespace in .cvsrc files. Closes: #212415. Thanks
-+# to James R. Van Zandt for the patch.
-+diff -ruN cvs-1.12.13-old/src/cvsrc.c cvs-1.12.13/src/cvsrc.c
-+--- cvs-1.12.13-old/src/cvsrc.c 2005-03-16 23:52:14.000000000 +0800
-++++ cvs-1.12.13/src/cvsrc.c 2006-02-26 18:25:18.000000000 +0800
-+@@ -41,6 +41,7 @@
-+ size_t line_chars_allocated;
-+
-+ char *optstart;
-++ int white_len;
-+
-+ int command_len;
-+ int found = 0;
-+@@ -96,9 +97,12 @@
-+ if (line[0] == '#')
-+ continue;
-+
-++ for (white_len=0; isspace(line[white_len]); white_len++)
-++ ;
-++
-+ /* stop if we match the current command */
-+- if (!strncmp (line, cmdname, command_len)
-+- && isspace ((unsigned char) *(line + command_len)))
-++ if (!strncmp (line + white_len, cmdname, command_len)
-++ && isspace ((unsigned char) *(line + white_len + command_len)))
-+ {
-+ found = 1;
-+ break;
-+@@ -120,7 +124,7 @@
-+ if (found)
-+ {
-+ /* skip over command in the options line */
-+- for (optstart = strtok (line + command_len, "\t \n");
-++ for (optstart = strtok (line + white_len + command_len, "\t \n");
-+ optstart;
-+ optstart = strtok (NULL, "\t \n"))
-+ {
+# Ignore leading whitespace in .cvsrc files. Closes: #212415. Thanks
+# to James R. Van Zandt for the patch.
+diff -ruN cvs-1.12.13-old/src/cvsrc.c cvs-1.12.13/src/cvsrc.c
+--- cvs-1.12.13-old/src/cvsrc.c 2005-03-16 23:52:14.000000000 +0800
++++ cvs-1.12.13/src/cvsrc.c 2006-02-26 18:25:18.000000000 +0800
+@@ -41,6 +41,7 @@
+ size_t line_chars_allocated;
+
+ char *optstart;
++ int white_len;
+
+ int command_len;
+ int found = 0;
+@@ -96,9 +97,12 @@
+ if (line[0] == '#')
+ continue;
+
++ for (white_len=0; isspace(line[white_len]); white_len++)
++ ;
++
+ /* stop if we match the current command */
+- if (!strncmp (line, cmdname, command_len)
+- && isspace ((unsigned char) *(line + command_len)))
++ if (!strncmp (line + white_len, cmdname, command_len)
++ && isspace ((unsigned char) *(line + white_len + command_len)))
+ {
+ found = 1;
+ break;
+@@ -120,7 +124,7 @@
+ if (found)
+ {
+ /* skip over command in the options line */
+- for (optstart = strtok (line + command_len, "\t \n");
++ for (optstart = strtok (line + white_len + command_len, "\t \n");
+ optstart;
+ optstart = strtok (NULL, "\t \n"))
+ {
---- cvs-1.12.13.orig/debian/patches/67_date_format_option
-+++ cvs-1.12.13/debian/patches/67_date_format_option
-@@ -0,0 +1,151 @@
-+#
-+# Add an extra option to set the DateFormat used in log output.
-+#
-+# Patch by Steve McIntyre <steve@einval.com>
-+diff -ruN cvs-1.12.13-old/doc/cvs.texinfo cvs-1.12.13/doc/cvs.texinfo
-+--- cvs-1.12.13-old/doc/cvs.texinfo 2005-09-23 10:02:53.000000000 +0800
-++++ cvs-1.12.13/doc/cvs.texinfo 2006-02-26 23:03:05.000000000 +0800
-+@@ -14840,9 +14840,17 @@
-+ group to using @code{cvs admin} to change the default keyword
-+ substitution mode, lock revisions, unlock revisions, and
-+ replace the log message, use @samp{UserAdminOptions=klum}.
-+-@end table
-+-
-+
-++@cindex DateFormat, in CVSROOT/config
-++@item DateFormat=@var{value}
-++Control the output format of dates from cvs. cvs version 1.12.x
-++changed the default format to use ``iso8601'' dates, which are
-++better for many reasons. However, old scripts/programs written to
-++parse the output of various cvs commands (especially cvs log) may
-++not cope with the change in date format (e.g. gcvs). The default
-++value of DateFormat will be ``iso8601'', but if you need temporary
-++backwards-compatibility set DateFormat=old.
-++@end table
-+
-+ @c ---------------------------------------------------------------------
-+ @node Environment variables
-+diff -ruN cvs-1.12.13-old/src/log.c cvs-1.12.13/src/log.c
-+--- cvs-1.12.13-old/src/log.c 2005-03-22 21:19:57.000000000 +0800
-++++ cvs-1.12.13/src/log.c 2006-02-26 23:03:05.000000000 +0800
-+@@ -1607,8 +1607,12 @@
-+ &sec);
-+ if (year < 1900)
-+ year += 1900;
-+- sprintf (buf, "%04d-%02d-%02d %02d:%02d:%02d +0000", year, mon, mday,
-+- hour, min, sec);
-++ if ('-' == datesep)
-++ sprintf (buf, "%04d%c%02d%c%02d %02d:%02d:%02d +0000", year, datesep,
-++ mon, datesep, mday, hour, min, sec);
-++ else
-++ sprintf (buf, "%04d%c%02d%c%02d %02d:%02d:%02d", year, datesep,
-++ mon, datesep, mday, hour, min, sec);
-+ cvs_output_tagged ("date", buf);
-+
-+ cvs_output_tagged ("text", "; author: ");
-+diff -ruN cvs-1.12.13-old/src/main.c cvs-1.12.13/src/main.c
-+--- cvs-1.12.13-old/src/main.c 2006-02-26 23:03:04.000000000 +0800
-++++ cvs-1.12.13/src/main.c 2006-02-26 23:10:12.000000000 +0800
-+@@ -1371,9 +1371,19 @@
-+ static char buf[sizeof ("yyyy-mm-dd HH:MM:SS -HHMM")];
-+ /* Convert to a time in the local time zone. */
-+ struct tm ltm = *(localtime (&unixtime));
-+-
-+- if (!my_strftime (buf, sizeof (buf), "%Y-%m-%d %H:%M:%S %z", <m, 0, 0))
-+- return NULL;
-++ char *format = NULL;
-++
-++ switch (datesep)
-++ {
-++ case '/':
-++ format = "%Y/%m/%d %H:%M:%S";
-++ break;
-++ default:
-++ format = "%Y-%m-%d %H:%M:%S %z";
-++ break;
-++ }
-++ if (my_strftime (buf, sizeof (buf), format, <m, 0, 0) == 0)
-++ return NULL;
-+
-+ return xstrdup (buf);
-+ }
-+@@ -1388,9 +1398,19 @@
-+ static char buf[sizeof ("yyyy-mm-dd HH:MM:SS -HHMM")];
-+ /* Convert to a time in the local time zone. */
-+ struct tm ltm = *(gmtime (&unixtime));
-+-
-+- if (!my_strftime (buf, sizeof (buf), "%Y-%m-%d %H:%M:%S %z", <m, 0, 0))
-+- return NULL;
-++ char *format = NULL;
-++
-++ switch (datesep)
-++ {
-++ case '/':
-++ format = "%Y/%m/%d %H:%M:%S";
-++ break;
-++ default:
-++ format = "%Y-%m-%d %H:%M:%S %z";
-++ break;
-++ }
-++ if (my_strftime (buf, sizeof (buf), format, <m, 0, 0) == 0)
-++ return NULL;
-+
-+ return xstrdup (buf);
-+ }
-+diff -ruN cvs-1.12.13-old/src/parseinfo.c cvs-1.12.13/src/parseinfo.c
-+--- cvs-1.12.13-old/src/parseinfo.c 2005-09-06 12:40:37.000000000 +0800
-++++ cvs-1.12.13/src/parseinfo.c 2006-02-26 23:03:05.000000000 +0800
-+@@ -626,6 +626,19 @@
-+ retval->logHistory = xstrdup (p);
-+ }
-+ }
-++ /* grab FreeBSD date format idea */
-++ else if (strcmp (line, "DateFormat") == 0)
-++ {
-++ if (strcmp (p, "old") == 0)
-++ {
-++ datesep = '/';
-++ }
-++ else if (strcmp (p, "iso8601") == 0)
-++ {
-++ datesep = '-';
-++ }
-++ }
-++ /* end grabbing */
-+ else if (strcmp (line, "RereadLogAfterVerify") == 0)
-+ {
-+ if (!strcasecmp (p, "never"))
-+diff -ruN cvs-1.12.13-old/src/rcs.c cvs-1.12.13/src/rcs.c
-+--- cvs-1.12.13-old/src/rcs.c 2006-02-26 23:03:04.000000000 +0800
-++++ cvs-1.12.13/src/rcs.c 2006-02-26 23:03:05.000000000 +0800
-+@@ -33,6 +33,8 @@
-+ # endif
-+ #endif
-+
-++int datesep = '-';
-++
-+ /* The RCS -k options, and a set of enums that must match the array.
-+ These come first so that we can use enum kflag in function
-+ prototypes. */
-+@@ -3537,8 +3539,8 @@
-+ &sec);
-+ if (year < 1900)
-+ year += 1900;
-+- sprintf (buf, "%04d/%02d/%02d %02d:%02d:%02d", year, mon, mday,
-+- hour, min, sec);
-++ sprintf (buf, "%04d%c%02d%c%02d %02d:%02d:%02d", year, datesep, mon,
-++ datesep, mday, hour, min, sec);
-+ return xstrdup (buf);
-+ }
-+
-+diff -ruN cvs-1.12.13-old/src/rcs.h cvs-1.12.13/src/rcs.h
-+--- cvs-1.12.13-old/src/rcs.h 2005-03-18 06:36:24.000000000 +0800
-++++ cvs-1.12.13/src/rcs.h 2006-02-26 23:03:05.000000000 +0800
-+@@ -254,6 +254,7 @@
-+ void RCS_setlocalid (const char *, unsigned int, void **, const char *arg);
-+ char *make_file_label (const char *, const char *, RCSNode *);
-+
-++extern int datesep;
-+ extern bool preserve_perms;
-+
-+ /* From import.c. */
+#
+# Add an extra option to set the DateFormat used in log output.
+#
+# Patch by Steve McIntyre <steve@einval.com>
+diff -ruN cvs-1.12.13-old/doc/cvs.texinfo cvs-1.12.13/doc/cvs.texinfo
+--- cvs-1.12.13-old/doc/cvs.texinfo 2005-09-23 10:02:53.000000000 +0800
++++ cvs-1.12.13/doc/cvs.texinfo 2006-02-26 23:03:05.000000000 +0800
+@@ -14840,9 +14840,17 @@
+ group to using @code{cvs admin} to change the default keyword
+ substitution mode, lock revisions, unlock revisions, and
+ replace the log message, use @samp{UserAdminOptions=klum}.
+-@end table
+-
+
++@cindex DateFormat, in CVSROOT/config
++@item DateFormat=@var{value}
++Control the output format of dates from cvs. cvs version 1.12.x
++changed the default format to use ``iso8601'' dates, which are
++better for many reasons. However, old scripts/programs written to
++parse the output of various cvs commands (especially cvs log) may
++not cope with the change in date format (e.g. gcvs). The default
++value of DateFormat will be ``iso8601'', but if you need temporary
++backwards-compatibility set DateFormat=old.
++@end table
+
+ @c ---------------------------------------------------------------------
+ @node Environment variables
+diff -ruN cvs-1.12.13-old/src/log.c cvs-1.12.13/src/log.c
+--- cvs-1.12.13-old/src/log.c 2005-03-22 21:19:57.000000000 +0800
++++ cvs-1.12.13/src/log.c 2006-02-26 23:03:05.000000000 +0800
+@@ -1607,8 +1607,12 @@
+ &sec);
+ if (year < 1900)
+ year += 1900;
+- sprintf (buf, "%04d-%02d-%02d %02d:%02d:%02d +0000", year, mon, mday,
+- hour, min, sec);
++ if ('-' == datesep)
++ sprintf (buf, "%04d%c%02d%c%02d %02d:%02d:%02d +0000", year, datesep,
++ mon, datesep, mday, hour, min, sec);
++ else
++ sprintf (buf, "%04d%c%02d%c%02d %02d:%02d:%02d", year, datesep,
++ mon, datesep, mday, hour, min, sec);
+ cvs_output_tagged ("date", buf);
+
+ cvs_output_tagged ("text", "; author: ");
+diff -ruN cvs-1.12.13-old/src/main.c cvs-1.12.13/src/main.c
+--- cvs-1.12.13-old/src/main.c 2006-02-26 23:03:04.000000000 +0800
++++ cvs-1.12.13/src/main.c 2006-02-26 23:10:12.000000000 +0800
+@@ -1371,9 +1371,19 @@
+ static char buf[sizeof ("yyyy-mm-dd HH:MM:SS -HHMM")];
+ /* Convert to a time in the local time zone. */
+ struct tm ltm = *(localtime (&unixtime));
+-
+- if (!my_strftime (buf, sizeof (buf), "%Y-%m-%d %H:%M:%S %z", <m, 0, 0))
+- return NULL;
++ char *format = NULL;
++
++ switch (datesep)
++ {
++ case '/':
++ format = "%Y/%m/%d %H:%M:%S";
++ break;
++ default:
++ format = "%Y-%m-%d %H:%M:%S %z";
++ break;
++ }
++ if (my_strftime (buf, sizeof (buf), format, <m, 0, 0) == 0)
++ return NULL;
+
+ return xstrdup (buf);
+ }
+@@ -1388,9 +1398,19 @@
+ static char buf[sizeof ("yyyy-mm-dd HH:MM:SS -HHMM")];
+ /* Convert to a time in the local time zone. */
+ struct tm ltm = *(gmtime (&unixtime));
+-
+- if (!my_strftime (buf, sizeof (buf), "%Y-%m-%d %H:%M:%S %z", <m, 0, 0))
+- return NULL;
++ char *format = NULL;
++
++ switch (datesep)
++ {
++ case '/':
++ format = "%Y/%m/%d %H:%M:%S";
++ break;
++ default:
++ format = "%Y-%m-%d %H:%M:%S %z";
++ break;
++ }
++ if (my_strftime (buf, sizeof (buf), format, <m, 0, 0) == 0)
++ return NULL;
+
+ return xstrdup (buf);
+ }
+diff -ruN cvs-1.12.13-old/src/parseinfo.c cvs-1.12.13/src/parseinfo.c
+--- cvs-1.12.13-old/src/parseinfo.c 2005-09-06 12:40:37.000000000 +0800
++++ cvs-1.12.13/src/parseinfo.c 2006-02-26 23:03:05.000000000 +0800
+@@ -626,6 +626,19 @@
+ retval->logHistory = xstrdup (p);
+ }
+ }
++ /* grab FreeBSD date format idea */
++ else if (strcmp (line, "DateFormat") == 0)
++ {
++ if (strcmp (p, "old") == 0)
++ {
++ datesep = '/';
++ }
++ else if (strcmp (p, "iso8601") == 0)
++ {
++ datesep = '-';
++ }
++ }
++ /* end grabbing */
+ else if (strcmp (line, "RereadLogAfterVerify") == 0)
+ {
+ if (!strcasecmp (p, "never"))
+diff -ruN cvs-1.12.13-old/src/rcs.c cvs-1.12.13/src/rcs.c
+--- cvs-1.12.13-old/src/rcs.c 2006-02-26 23:03:04.000000000 +0800
++++ cvs-1.12.13/src/rcs.c 2006-02-26 23:03:05.000000000 +0800
+@@ -33,6 +33,8 @@
+ # endif
+ #endif
+
++int datesep = '-';
++
+ /* The RCS -k options, and a set of enums that must match the array.
+ These come first so that we can use enum kflag in function
+ prototypes. */
+@@ -3537,8 +3539,8 @@
+ &sec);
+ if (year < 1900)
+ year += 1900;
+- sprintf (buf, "%04d/%02d/%02d %02d:%02d:%02d", year, mon, mday,
+- hour, min, sec);
++ sprintf (buf, "%04d%c%02d%c%02d %02d:%02d:%02d", year, datesep, mon,
++ datesep, mday, hour, min, sec);
+ return xstrdup (buf);
+ }
+
+diff -ruN cvs-1.12.13-old/src/rcs.h cvs-1.12.13/src/rcs.h
+--- cvs-1.12.13-old/src/rcs.h 2005-03-18 06:36:24.000000000 +0800
++++ cvs-1.12.13/src/rcs.h 2006-02-26 23:03:05.000000000 +0800
+@@ -254,6 +254,7 @@
+ void RCS_setlocalid (const char *, unsigned int, void **, const char *arg);
+ char *make_file_label (const char *, const char *, RCSNode *);
+
++extern int datesep;
+ extern bool preserve_perms;
+
+ /* From import.c. */
---- cvs-1.12.13.orig/debian/patches/68_DSA_external_passwd_file
-+++ cvs-1.12.13/debian/patches/68_DSA_external_passwd_file
-@@ -0,0 +1,388 @@
-+# Add support for overriding lookups in CVSROOT/passwd
-+# Specify --password-file <file> on the pserver command line to use it
-+# Initial patch from the Debian DSA team, adapted by Steve McIntyre.
-+# See README.Debian for more details.
-+diff -ruN cvs-1.12.13-old/src/cvs.h cvs-1.12.13/src/cvs.h
-+--- cvs-1.12.13-old/src/cvs.h 2005-10-02 16:17:20.000000000 +0100
-++++ cvs-1.12.13/src/cvs.h 2006-08-19 01:20:33.000000000 +0100
-+@@ -371,6 +371,7 @@
-+ extern int use_editor;
-+ extern int cvswrite;
-+ extern mode_t cvsumask;
-++extern char *PasswordFileName;
-+
-+ /* Temp dir abstraction. */
-+ /* From main.c. */
-+diff -ruN cvs-1.12.13-old/src/main.c cvs-1.12.13/src/main.c
-+--- cvs-1.12.13-old/src/main.c 2006-08-17 00:25:16.000000000 +0100
-++++ cvs-1.12.13/src/main.c 2006-08-19 01:20:03.000000000 +0100
-+@@ -43,8 +43,7 @@
-+ int noexec = 0;
-+ int readonlyfs = 0;
-+ int logoff = 0;
-+-
-+-
-++char *PasswordFileName = NULL;
-+
-+ /***
-+ ***
-+@@ -519,6 +518,7 @@
-+ {"help-commands", 0, NULL, 1},
-+ {"help-synonyms", 0, NULL, 2},
-+ {"help-options", 0, NULL, 4},
-++ {"password-file", required_argument, NULL, 5},
-+ #ifdef SERVER_SUPPORT
-+ {"allow-root", required_argument, NULL, 3},
-+ #endif /* SERVER_SUPPORT */
-+@@ -646,6 +646,10 @@
-+ root_allow_add (optarg, gConfigPath);
-+ break;
-+ #endif /* SERVER_SUPPORT */
-++ case 5:
-++ /* --password-file */
-++ PasswordFileName = xstrdup(optarg);
-++ break;
-+ case 'Q':
-+ really_quiet = 1;
-+ /* FALL THROUGH */
-+diff -ruN cvs-1.12.13-old/src/Makefile.in cvs-1.12.13/src/Makefile.in
-+--- cvs-1.12.13-old/src/Makefile.in 2005-10-03 14:37:18.000000000 +0100
-++++ cvs-1.12.13/src/Makefile.in 2006-08-17 00:28:35.000000000 +0100
-+@@ -146,7 +146,7 @@
-+ ls.$(OBJEXT) main.$(OBJEXT) mkmodules.$(OBJEXT) \
-+ modules.$(OBJEXT) ms-buffer.$(OBJEXT) myndbm.$(OBJEXT) \
-+ no_diff.$(OBJEXT) parseinfo.$(OBJEXT) patch.$(OBJEXT) \
-+- rcs.$(OBJEXT) rcscmds.$(OBJEXT) recurse.$(OBJEXT) \
-++ rcs.$(OBJEXT) rcscmds.$(OBJEXT) readpw.$(OBJEXT) recurse.$(OBJEXT) \
-+ release.$(OBJEXT) remove.$(OBJEXT) repos.$(OBJEXT) \
-+ root.$(OBJEXT) rsh-client.$(OBJEXT) run.$(OBJEXT) \
-+ scramble.$(OBJEXT) server.$(OBJEXT) stack.$(OBJEXT) \
-+@@ -349,6 +349,7 @@
-+ patch.c \
-+ rcs.c \
-+ rcscmds.c \
-++ readpw.c \
-+ recurse.c \
-+ release.c \
-+ remove.c \
-+@@ -543,6 +544,7 @@
-+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/patch.Po@am__quote@
-+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rcs.Po@am__quote@
-+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rcscmds.Po@am__quote@
-++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/readpw.Po@am__quote@
-+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/recurse.Po@am__quote@
-+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/release.Po@am__quote@
-+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/remove.Po@am__quote@
-+diff -ruN cvs-1.12.13-old/src/parseinfo.h cvs-1.12.13/src/parseinfo.h
-+--- cvs-1.12.13-old/src/parseinfo.h 2006-08-17 00:25:16.000000000 +0100
-++++ cvs-1.12.13/src/parseinfo.h 2006-08-17 00:58:25.000000000 +0100
-+@@ -21,6 +21,7 @@
-+ char *HistoryLogPath;
-+ char *HistorySearchPath;
-+ char *TmpDir;
-++ char *PasswordFileName;
-+
-+ /* Should the logmsg be re-read during the do_verify phase?
-+ * RereadLogAfterVerify=no|stat|yes
-+diff -ruN cvs-1.12.13-old/src/readpw.c cvs-1.12.13/src/readpw.c
-+--- cvs-1.12.13-old/src/readpw.c 1970-01-01 01:00:00.000000000 +0100
-++++ cvs-1.12.13/src/readpw.c 2006-08-19 01:45:26.000000000 +0100
-+@@ -0,0 +1,158 @@
-++/*
-++ readpw.c - read the CVS password from an external file
-++ Copyright (c) 2006 Martin Schulze <joey@infodrom.org>
-++
-++ This program is free software; you can redistribute it and/or modify
-++ it under the terms of the GNU General Public License as published by
-++ the Free Software Foundation; either version 2 of the License, or
-++ (at your option) any later version.
-++
-++ This program is distributed in the hope that it will be useful,
-++ but WITHOUT ANY WARRANTY; without even the implied warranty of
-++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-++ GNU General Public License for more details.
-++
-++ You should have received a copy of the GNU General Public License
-++ along with this program; if not, write to the Free Software
-++ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-++*/
-++
-++#include <string.h>
-++#include <stdio.h>
-++#include <errno.h>
-++#include <syslog.h>
-++
-++#define PWFILE "/tmp/work/cvs/cvs.passwd"
-++
-++/*
-++ * Source: control_nextline() in dtaus.c from dtaus
-++ */
-++size_t readline (FILE *f, char **buf, unsigned int len)
-++{
-++ char line[100];
-++ char tmp[100];
-++ char *cp;
-++ int i;
-++
-++ memset (line, 0, sizeof(line));
-++ memset (*buf, 0, len);
-++
-++ cp = line;
-++
-++ while (!strlen(line) && (cp = fgets(line, 100, f))) {
-++ if (strlen(line)) {
-++ if (line[0] != '#') {
-++ if (line[strlen(line)-1] != '\n') {
-++ strcpy(tmp, line);
-++ while (tmp[strlen(tmp)-1] != '\n' && (cp = fgets(tmp, 100, f)));
-++ } else
-++ line[strlen(line)-1] = '\0';
-++ if (line[strlen(line)-1] == '\r')
-++ line[strlen(line)-1] = '\0';
-++ for (i=strlen(line);(line[i-1] == ' '||line[i-1] == '\t')&&i>0; i--)
-++ line[i-1] = '\0';
-++ } else
-++ line[0] = '\0';
-++ }
-++ }
-++ for (cp=line; *cp==' '; cp++);
-++
-++ if (strlen(cp)) {
-++ memcpy(*buf, cp, strlen(cp) >= len ? len-1 : strlen(cp));
-++ return (strlen (cp));
-++ } else
-++ return 0;
-++}
-++
-++#define MAXLINE 100
-++#define PWLEN 20
-++
-++char *getpwline (const char *fname, const char *repository, const char *logname)
-++{
-++ FILE *f;
-++ char buf[MAXLINE], *bp = buf;
-++ static char line[MAXLINE];
-++ int inrepo = 0;
-++ char *cp;
-++
-++ memset (line, 0, sizeof (line));
-++
-++ if ((f = fopen (fname, "r")) == NULL) {
-++ perror ("fopen");
-++ return line;
-++ }
-++
-++ while (readline (f, &bp, 50)) {
-++ if (buf[0] == '/') {
-++ syslog(LOG_ERR, "Looking for repo %s in %s\n", repository, buf);
-++ if (!inrepo && !strcmp (buf, repository))
-++ {
-++ syslog(LOG_ERR, "matched repository %s\n", repository);
-++ inrepo = 1;
-++ }
-++ else if (inrepo)
-++ inrepo = 0;
-++ } else {
-++ if (inrepo) {
-++ if ((cp = strchr (buf, ':')) != NULL) {
-++ if ( (cp - buf) == strlen (logname)
-++ && !strncmp (buf, logname, strlen (logname))) {
-++ memcpy (line, buf, strlen(buf) >= MAXLINE ? MAXLINE-1 : strlen(buf));
-++ }
-++ }
-++ }
-++ }
-++ }
-++
-++ if (ferror (f))
-++ perror ("ferror");
-++ if (fclose (f) < 0)
-++ perror ("fclose");
-++
-++ return line;
-++}
-++
-++/*
-++*****************************************************************
-++ */
-++#ifdef TEST_READPW
-++
-++void getpasswd (const char *fname, const char *repository, const char *logname, char **pw, char **user)
-++{
-++ char *line;
-++ char *cp, *xp;
-++
-++ memset (*pw, 0, PWLEN);
-++ memset (*user, 0, PWLEN);
-++
-++ line = getpwline(fname, repository, logname);
-++
-++ if (line[0] == '\0')
-++ return;
-++
-++ cp = strchr (line, ':');
-++ cp++;
-++
-++ if ((xp = strchr (cp, ':')) != NULL) {
-++ memcpy (*pw, cp, xp-cp >= PWLEN ? PWLEN-1 : xp-cp);
-++
-++ xp++;
-++
-++ if (strlen (xp))
-++ memcpy (*user, xp, strlen(xp) >= PWLEN ? PWLEN-1 : strlen(xp));
-++ }
-++}
-++
-++int main ()
-++{
-++ char pw[PWLEN], *ppw = pw;
-++ char cvsuser[PWLEN], *pcu = cvsuser;
-++
-++ getpasswd (PWFILE, "/cvs/debian-doc", "jseidel", &ppw, &pcu);
-++
-++ printf ("%s<:>%s\n", pw, cvsuser);
-++ printf ("XXXXXXXXXXXXX\n");
-++
-++ return 0;
-++}
-++#endif /*TEST_READPW */
-+diff -ruN cvs-1.12.13-old/src/server.c cvs-1.12.13/src/server.c
-+--- cvs-1.12.13-old/src/server.c 2006-08-17 00:25:16.000000000 +0100
-++++ cvs-1.12.13/src/server.c 2006-08-20 00:31:22.000000000 +0100
-+@@ -22,6 +22,8 @@
-+
-+ int server_active = 0;
-+
-++char *getpwline (const char *fname, const char *repository, const char *logname);
-++
-+ #if defined (SERVER_SUPPORT) || defined (CLIENT_SUPPORT)
-+
-+ # include "log-buffer.h"
-+@@ -6689,51 +6691,71 @@
-+ {
-+ int retval = 0;
-+ FILE *fp;
-+- char *filename;
-++ char *filename = NULL;
-++ char *cp;
-+ char *linebuf = NULL;
-+ size_t linebuf_len;
-+ int found_it = 0;
-+ int namelen;
-+
-+- /* We don't use current_parsed_root->directory because it hasn't been
-+- * set yet -- our `repository' argument came from the authentication
-+- * protocol, not the regular CVS protocol.
-+- */
-+-
-+- filename = xmalloc (strlen (repository)
-+- + 1
-+- + strlen (CVSROOTADM)
-+- + 1
-+- + strlen (CVSROOTADM_PASSWD)
-+- + 1);
-++ if (!PasswordFileName)
-++ {
-++ /* We don't use current_parsed_root->directory because it hasn't been
-++ * set yet -- our `repository' argument came from the authentication
-++ * protocol, not the regular CVS protocol.
-++ */
-++
-++ filename = xmalloc (strlen (repository)
-++ + 1
-++ + strlen (CVSROOTADM)
-++ + 1
-++ + strlen (CVSROOTADM_PASSWD)
-++ + 1);
-+
-+- (void) sprintf (filename, "%s/%s/%s", repository,
-+- CVSROOTADM, CVSROOTADM_PASSWD);
-++ (void) sprintf (filename, "%s/%s/%s", repository,
-++ CVSROOTADM, CVSROOTADM_PASSWD);
-+
-+- fp = CVS_FOPEN (filename, "r");
-+- if (fp == NULL)
-+- {
-+- if (!existence_error (errno))
-+- error (0, errno, "cannot open %s", filename);
-+- free (filename);
-+- return 0;
-+- }
-++ fp = CVS_FOPEN (filename, "r");
-++ if (fp == NULL)
-++ {
-++ if (!existence_error (errno))
-++ error (0, errno, "cannot open %s", filename);
-++ free (filename);
-++ return 0;
-++ }
-+
-+- /* Look for a relevant line -- one with this user's name. */
-+- namelen = strlen (username);
-+- while (getline (&linebuf, &linebuf_len, fp) >= 0)
-+- {
-+- if ((strncmp (linebuf, username, namelen) == 0)
-+- && (linebuf[namelen] == ':'))
-+- {
-+- found_it = 1;
-+- break;
-+- }
-++ /* Look for a relevant line -- one with this user's name. */
-++ namelen = strlen (username);
-++ while (getline (&linebuf, &linebuf_len, fp) >= 0)
-++ {
-++ if ((strncmp (linebuf, username, namelen) == 0)
-++ && (linebuf[namelen] == ':'))
-++ {
-++ found_it = 1;
-++ break;
-++ }
-++ }
-++ if (ferror (fp))
-++ error (0, errno, "cannot read %s", filename);
-++ if (fclose (fp) < 0)
-++ error (0, errno, "cannot close %s", filename);
-++ }
-++ else /* DSA_VERSION */
-++ {
-++ namelen = strlen (username);
-++
-++ cp = getpwline (PasswordFileName, repository, username);
-++ /* syslog (LOG_NOTICE, "cp=%s", cp); */
-++ if (strlen (cp)) {
-++ linebuf = xmalloc (strlen (cp) + 1);
-++ memcpy (linebuf, cp, strlen(cp)+1);
-++ /* syslog (LOG_NOTICE, "line=%s", linebuf); */
-++ found_it = 1;
-++ } else
-++ found_it = 0;
-++
-++ /* syslog (LOG_NOTICE, "username=%s, password=%s, repository=%s", username, password, repository); */
-+ }
-+- if (ferror (fp))
-+- error (0, errno, "cannot read %s", filename);
-+- if (fclose (fp) < 0)
-+- error (0, errno, "cannot close %s", filename);
-+
-+ /* If found_it, then linebuf contains the information we need. */
-+ if (found_it)
-+@@ -6823,6 +6845,7 @@
-+ retval = 0;
-+ }
-+
-++ if (filename)
-+ free (filename);
-+ if (linebuf)
-+ free (linebuf);
-+@@ -7043,7 +7066,10 @@
-+ letting you in if it won't say why, and I am not convinced
-+ that the potential information disclosure to an attacker
-+ outweighs this. */
-+- printf ("error 0 no such user %s in CVSROOT/passwd\n", username);
-++ if (PasswordFileName)
-++ printf ("error 0 no such user %s in %s\n", username, PasswordFileName);
-++ else
-++ printf ("error 0 no such user %s in CVSROOT/passwd\n", username);
-+
-+ exit (EXIT_FAILURE);
-+ }
+# Add support for overriding lookups in CVSROOT/passwd
+# Specify --password-file <file> on the pserver command line to use it
+# Initial patch from the Debian DSA team, adapted by Steve McIntyre.
+# See README.Debian for more details.
+diff -ruN cvs-1.12.13-old/src/cvs.h cvs-1.12.13/src/cvs.h
+--- cvs-1.12.13-old/src/cvs.h 2005-10-02 16:17:20.000000000 +0100
++++ cvs-1.12.13/src/cvs.h 2006-08-19 01:20:33.000000000 +0100
+@@ -371,6 +371,7 @@
+ extern int use_editor;
+ extern int cvswrite;
+ extern mode_t cvsumask;
++extern char *PasswordFileName;
+
+ /* Temp dir abstraction. */
+ /* From main.c. */
+diff -ruN cvs-1.12.13-old/src/main.c cvs-1.12.13/src/main.c
+--- cvs-1.12.13-old/src/main.c 2006-08-17 00:25:16.000000000 +0100
++++ cvs-1.12.13/src/main.c 2006-08-19 01:20:03.000000000 +0100
+@@ -43,8 +43,7 @@
+ int noexec = 0;
+ int readonlyfs = 0;
+ int logoff = 0;
+-
+-
++char *PasswordFileName = NULL;
+
+ /***
+ ***
+@@ -519,6 +518,7 @@
+ {"help-commands", 0, NULL, 1},
+ {"help-synonyms", 0, NULL, 2},
+ {"help-options", 0, NULL, 4},
++ {"password-file", required_argument, NULL, 5},
+ #ifdef SERVER_SUPPORT
+ {"allow-root", required_argument, NULL, 3},
+ #endif /* SERVER_SUPPORT */
+@@ -646,6 +646,10 @@
+ root_allow_add (optarg, gConfigPath);
+ break;
+ #endif /* SERVER_SUPPORT */
++ case 5:
++ /* --password-file */
++ PasswordFileName = xstrdup(optarg);
++ break;
+ case 'Q':
+ really_quiet = 1;
+ /* FALL THROUGH */
+diff -ruN cvs-1.12.13-old/src/Makefile.in cvs-1.12.13/src/Makefile.in
+--- cvs-1.12.13-old/src/Makefile.in 2005-10-03 14:37:18.000000000 +0100
++++ cvs-1.12.13/src/Makefile.in 2006-08-17 00:28:35.000000000 +0100
+@@ -146,7 +146,7 @@
+ ls.$(OBJEXT) main.$(OBJEXT) mkmodules.$(OBJEXT) \
+ modules.$(OBJEXT) ms-buffer.$(OBJEXT) myndbm.$(OBJEXT) \
+ no_diff.$(OBJEXT) parseinfo.$(OBJEXT) patch.$(OBJEXT) \
+- rcs.$(OBJEXT) rcscmds.$(OBJEXT) recurse.$(OBJEXT) \
++ rcs.$(OBJEXT) rcscmds.$(OBJEXT) readpw.$(OBJEXT) recurse.$(OBJEXT) \
+ release.$(OBJEXT) remove.$(OBJEXT) repos.$(OBJEXT) \
+ root.$(OBJEXT) rsh-client.$(OBJEXT) run.$(OBJEXT) \
+ scramble.$(OBJEXT) server.$(OBJEXT) stack.$(OBJEXT) \
+@@ -349,6 +349,7 @@
+ patch.c \
+ rcs.c \
+ rcscmds.c \
++ readpw.c \
+ recurse.c \
+ release.c \
+ remove.c \
+@@ -543,6 +544,7 @@
+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/patch.Po@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rcs.Po@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rcscmds.Po@am__quote@
++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/readpw.Po@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/recurse.Po@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/release.Po@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/remove.Po@am__quote@
+diff -ruN cvs-1.12.13-old/src/parseinfo.h cvs-1.12.13/src/parseinfo.h
+--- cvs-1.12.13-old/src/parseinfo.h 2006-08-17 00:25:16.000000000 +0100
++++ cvs-1.12.13/src/parseinfo.h 2006-08-17 00:58:25.000000000 +0100
+@@ -21,6 +21,7 @@
+ char *HistoryLogPath;
+ char *HistorySearchPath;
+ char *TmpDir;
++ char *PasswordFileName;
+
+ /* Should the logmsg be re-read during the do_verify phase?
+ * RereadLogAfterVerify=no|stat|yes
+diff -ruN cvs-1.12.13-old/src/readpw.c cvs-1.12.13/src/readpw.c
+--- cvs-1.12.13-old/src/readpw.c 1970-01-01 01:00:00.000000000 +0100
++++ cvs-1.12.13/src/readpw.c 2006-08-19 01:45:26.000000000 +0100
+@@ -0,0 +1,158 @@
++/*
++ readpw.c - read the CVS password from an external file
++ Copyright (c) 2006 Martin Schulze <joey@infodrom.org>
++
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2 of the License, or
++ (at your option) any later version.
++
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with this program; if not, write to the Free Software
++ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++*/
++
++#include <string.h>
++#include <stdio.h>
++#include <errno.h>
++#include <syslog.h>
++
++#define PWFILE "/tmp/work/cvs/cvs.passwd"
++
++/*
++ * Source: control_nextline() in dtaus.c from dtaus
++ */
++size_t readline (FILE *f, char **buf, unsigned int len)
++{
++ char line[100];
++ char tmp[100];
++ char *cp;
++ int i;
++
++ memset (line, 0, sizeof(line));
++ memset (*buf, 0, len);
++
++ cp = line;
++
++ while (!strlen(line) && (cp = fgets(line, 100, f))) {
++ if (strlen(line)) {
++ if (line[0] != '#') {
++ if (line[strlen(line)-1] != '\n') {
++ strcpy(tmp, line);
++ while (tmp[strlen(tmp)-1] != '\n' && (cp = fgets(tmp, 100, f)));
++ } else
++ line[strlen(line)-1] = '\0';
++ if (line[strlen(line)-1] == '\r')
++ line[strlen(line)-1] = '\0';
++ for (i=strlen(line);(line[i-1] == ' '||line[i-1] == '\t')&&i>0; i--)
++ line[i-1] = '\0';
++ } else
++ line[0] = '\0';
++ }
++ }
++ for (cp=line; *cp==' '; cp++);
++
++ if (strlen(cp)) {
++ memcpy(*buf, cp, strlen(cp) >= len ? len-1 : strlen(cp));
++ return (strlen (cp));
++ } else
++ return 0;
++}
++
++#define MAXLINE 100
++#define PWLEN 20
++
++char *getpwline (const char *fname, const char *repository, const char *logname)
++{
++ FILE *f;
++ char buf[MAXLINE], *bp = buf;
++ static char line[MAXLINE];
++ int inrepo = 0;
++ char *cp;
++
++ memset (line, 0, sizeof (line));
++
++ if ((f = fopen (fname, "r")) == NULL) {
++ perror ("fopen");
++ return line;
++ }
++
++ while (readline (f, &bp, 50)) {
++ if (buf[0] == '/') {
++ syslog(LOG_ERR, "Looking for repo %s in %s\n", repository, buf);
++ if (!inrepo && !strcmp (buf, repository))
++ {
++ syslog(LOG_ERR, "matched repository %s\n", repository);
++ inrepo = 1;
++ }
++ else if (inrepo)
++ inrepo = 0;
++ } else {
++ if (inrepo) {
++ if ((cp = strchr (buf, ':')) != NULL) {
++ if ( (cp - buf) == strlen (logname)
++ && !strncmp (buf, logname, strlen (logname))) {
++ memcpy (line, buf, strlen(buf) >= MAXLINE ? MAXLINE-1 : strlen(buf));
++ }
++ }
++ }
++ }
++ }
++
++ if (ferror (f))
++ perror ("ferror");
++ if (fclose (f) < 0)
++ perror ("fclose");
++
++ return line;
++}
++
++/*
++*****************************************************************
++ */
++#ifdef TEST_READPW
++
++void getpasswd (const char *fname, const char *repository, const char *logname, char **pw, char **user)
++{
++ char *line;
++ char *cp, *xp;
++
++ memset (*pw, 0, PWLEN);
++ memset (*user, 0, PWLEN);
++
++ line = getpwline(fname, repository, logname);
++
++ if (line[0] == '\0')
++ return;
++
++ cp = strchr (line, ':');
++ cp++;
++
++ if ((xp = strchr (cp, ':')) != NULL) {
++ memcpy (*pw, cp, xp-cp >= PWLEN ? PWLEN-1 : xp-cp);
++
++ xp++;
++
++ if (strlen (xp))
++ memcpy (*user, xp, strlen(xp) >= PWLEN ? PWLEN-1 : strlen(xp));
++ }
++}
++
++int main ()
++{
++ char pw[PWLEN], *ppw = pw;
++ char cvsuser[PWLEN], *pcu = cvsuser;
++
++ getpasswd (PWFILE, "/cvs/debian-doc", "jseidel", &ppw, &pcu);
++
++ printf ("%s<:>%s\n", pw, cvsuser);
++ printf ("XXXXXXXXXXXXX\n");
++
++ return 0;
++}
++#endif /*TEST_READPW */
+diff -ruN cvs-1.12.13-old/src/server.c cvs-1.12.13/src/server.c
+--- cvs-1.12.13-old/src/server.c 2006-08-17 00:25:16.000000000 +0100
++++ cvs-1.12.13/src/server.c 2006-08-20 00:31:22.000000000 +0100
+@@ -22,6 +22,8 @@
+
+ int server_active = 0;
+
++char *getpwline (const char *fname, const char *repository, const char *logname);
++
+ #if defined (SERVER_SUPPORT) || defined (CLIENT_SUPPORT)
+
+ # include "log-buffer.h"
+@@ -6689,51 +6691,71 @@
+ {
+ int retval = 0;
+ FILE *fp;
+- char *filename;
++ char *filename = NULL;
++ char *cp;
+ char *linebuf = NULL;
+ size_t linebuf_len;
+ int found_it = 0;
+ int namelen;
+
+- /* We don't use current_parsed_root->directory because it hasn't been
+- * set yet -- our `repository' argument came from the authentication
+- * protocol, not the regular CVS protocol.
+- */
+-
+- filename = xmalloc (strlen (repository)
+- + 1
+- + strlen (CVSROOTADM)
+- + 1
+- + strlen (CVSROOTADM_PASSWD)
+- + 1);
++ if (!PasswordFileName)
++ {
++ /* We don't use current_parsed_root->directory because it hasn't been
++ * set yet -- our `repository' argument came from the authentication
++ * protocol, not the regular CVS protocol.
++ */
++
++ filename = xmalloc (strlen (repository)
++ + 1
++ + strlen (CVSROOTADM)
++ + 1
++ + strlen (CVSROOTADM_PASSWD)
++ + 1);
+
+- (void) sprintf (filename, "%s/%s/%s", repository,
+- CVSROOTADM, CVSROOTADM_PASSWD);
++ (void) sprintf (filename, "%s/%s/%s", repository,
++ CVSROOTADM, CVSROOTADM_PASSWD);
+
+- fp = CVS_FOPEN (filename, "r");
+- if (fp == NULL)
+- {
+- if (!existence_error (errno))
+- error (0, errno, "cannot open %s", filename);
+- free (filename);
+- return 0;
+- }
++ fp = CVS_FOPEN (filename, "r");
++ if (fp == NULL)
++ {
++ if (!existence_error (errno))
++ error (0, errno, "cannot open %s", filename);
++ free (filename);
++ return 0;
++ }
+
+- /* Look for a relevant line -- one with this user's name. */
+- namelen = strlen (username);
+- while (getline (&linebuf, &linebuf_len, fp) >= 0)
+- {
+- if ((strncmp (linebuf, username, namelen) == 0)
+- && (linebuf[namelen] == ':'))
+- {
+- found_it = 1;
+- break;
+- }
++ /* Look for a relevant line -- one with this user's name. */
++ namelen = strlen (username);
++ while (getline (&linebuf, &linebuf_len, fp) >= 0)
++ {
++ if ((strncmp (linebuf, username, namelen) == 0)
++ && (linebuf[namelen] == ':'))
++ {
++ found_it = 1;
++ break;
++ }
++ }
++ if (ferror (fp))
++ error (0, errno, "cannot read %s", filename);
++ if (fclose (fp) < 0)
++ error (0, errno, "cannot close %s", filename);
++ }
++ else /* DSA_VERSION */
++ {
++ namelen = strlen (username);
++
++ cp = getpwline (PasswordFileName, repository, username);
++ /* syslog (LOG_NOTICE, "cp=%s", cp); */
++ if (strlen (cp)) {
++ linebuf = xmalloc (strlen (cp) + 1);
++ memcpy (linebuf, cp, strlen(cp)+1);
++ /* syslog (LOG_NOTICE, "line=%s", linebuf); */
++ found_it = 1;
++ } else
++ found_it = 0;
++
++ /* syslog (LOG_NOTICE, "username=%s, password=%s, repository=%s", username, password, repository); */
+ }
+- if (ferror (fp))
+- error (0, errno, "cannot read %s", filename);
+- if (fclose (fp) < 0)
+- error (0, errno, "cannot close %s", filename);
+
+ /* If found_it, then linebuf contains the information we need. */
+ if (found_it)
+@@ -6823,6 +6845,7 @@
+ retval = 0;
+ }
+
++ if (filename)
+ free (filename);
+ if (linebuf)
+ free (linebuf);
+@@ -7043,7 +7066,10 @@
+ letting you in if it won't say why, and I am not convinced
+ that the potential information disclosure to an attacker
+ outweighs this. */
+- printf ("error 0 no such user %s in CVSROOT/passwd\n", username);
++ if (PasswordFileName)
++ printf ("error 0 no such user %s in %s\n", username, PasswordFileName);
++ else
++ printf ("error 0 no such user %s in CVSROOT/passwd\n", username);
+
+ exit (EXIT_FAILURE);
+ }
---- cvs-1.12.13.orig/debian/patches/14_ext_expansion
-+++ cvs-1.12.13/debian/patches/14_ext_expansion
-@@ -0,0 +1,29 @@
-+#
-+# Make the "ext" method more intelligent; allow specification of the
-+# "rsh" command using ext=<command>. Extended to recognise "extssh" the
-+# same way as "ext=ssh"
-+#
-+# Original patch by Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>,
-+# extension by Steve McIntyre <steve@einval.com>. Bugs #165432 and #276328
-+diff -Nru3 ./cvs-1.12.13/src/root.c ../build-tree.new/cvs-1.12.13/src/root.c
-+--- ./cvs-1.12.13/src/root.c 2006-05-05 23:35:40.000000000 +0800
-++++ ../build-tree.new/cvs-1.12.13/src/root.c 2006-05-05 23:34:12.000000000 +0800
-+@@ -553,6 +547,18 @@
-+ newroot->method = gserver_method;
-+ else if (!strcasecmp (method, "server"))
-+ newroot->method = server_method;
-++ else if (strncmp (method, "ext=", 4) == 0)
-++ {
-++ const char *rsh = method + 4;
-++ setenv ("CVS_RSH", rsh, 1); /* This is a hack, but simplifies */
-++ newroot->method = ext_method;
-++ }
-++ else if (strncmp (method, "extssh", 6) == 0)
-++ {
-++ const char *rsh = method + 3;
-++ setenv ("CVS_RSH", rsh, 1); /* This is a hack, but simplifies */
-++ newroot->method = ext_method;
-++ }
-+ else if (!strcasecmp (method, "ext"))
-+ newroot->method = ext_method;
-+ else if (!strcasecmp (method, "fork"))
+#
+# Make the "ext" method more intelligent; allow specification of the
+# "rsh" command using ext=<command>. Extended to recognise "extssh" the
+# same way as "ext=ssh"
+#
+# Original patch by Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>,
+# extension by Steve McIntyre <steve@einval.com>. Bugs #165432 and #276328
+diff -Nru3 ./cvs-1.12.13/src/root.c ../build-tree.new/cvs-1.12.13/src/root.c
+--- ./cvs-1.12.13/src/root.c 2006-05-05 23:35:40.000000000 +0800
++++ ../build-tree.new/cvs-1.12.13/src/root.c 2006-05-05 23:34:12.000000000 +0800
+@@ -553,6 +547,18 @@
+ newroot->method = gserver_method;
+ else if (!strcasecmp (method, "server"))
+ newroot->method = server_method;
++ else if (strncmp (method, "ext=", 4) == 0)
++ {
++ const char *rsh = method + 4;
++ setenv ("CVS_RSH", rsh, 1); /* This is a hack, but simplifies */
++ newroot->method = ext_method;
++ }
++ else if (strncmp (method, "extssh", 6) == 0)
++ {
++ const char *rsh = method + 3;
++ setenv ("CVS_RSH", rsh, 1); /* This is a hack, but simplifies */
++ newroot->method = ext_method;
++ }
+ else if (!strcasecmp (method, "ext"))
+ newroot->method = ext_method;
+ else if (!strcasecmp (method, "fork"))
---- cvs-1.12.13.orig/debian/patches/56_extra_tags
-+++ cvs-1.12.13/debian/patches/56_extra_tags
-@@ -0,0 +1,29 @@
-+#
-+# Add extra tag keyword expansion options
-+#
-+# Patch by Steve McIntyre <steve@einval.com>
-+diff -ruN cvs-1.12.13-old/src/logmsg.c cvs-1.12.13/src/logmsg.c
-+--- cvs-1.12.13-old/src/logmsg.c 2006-02-26 22:54:52.000000000 +0800
-++++ cvs-1.12.13/src/logmsg.c 2006-02-26 22:56:36.000000000 +0800
-+@@ -642,7 +642,11 @@
-+ break;
-+ case 'T':
-+ li = p->data;
-+- arg = li->tag ? li->tag : "";
-++ arg = li->tag ? li->tag : "TRUNK";
-++ break;
-++ case 'S':
-++ arg = xmalloc(strlen(p->key) + 5);
-++ sprintf(arg, "\\\"%s\\\"", p->key);
-+ break;
-+ case 'V':
-+ li = p->data;
-+@@ -814,7 +818,7 @@
-+ #endif /* SERVER_SUPPORT */
-+ "p", "s", srepos,
-+ "r", "s", current_parsed_root->directory,
-+- "sVv", ",", changes,
-++ "SsTVv", ",", changes,
-+ logmsg_list_to_args_proc, (void *) NULL,
-+ (char *) NULL);
-+ if (!cmdline || !strlen (cmdline))
+#
+# Add extra tag keyword expansion options
+#
+# Patch by Steve McIntyre <steve@einval.com>
+diff -ruN cvs-1.12.13-old/src/logmsg.c cvs-1.12.13/src/logmsg.c
+--- cvs-1.12.13-old/src/logmsg.c 2006-02-26 22:54:52.000000000 +0800
++++ cvs-1.12.13/src/logmsg.c 2006-02-26 22:56:36.000000000 +0800
+@@ -642,7 +642,11 @@
+ break;
+ case 'T':
+ li = p->data;
+- arg = li->tag ? li->tag : "";
++ arg = li->tag ? li->tag : "TRUNK";
++ break;
++ case 'S':
++ arg = xmalloc(strlen(p->key) + 5);
++ sprintf(arg, "\\\"%s\\\"", p->key);
+ break;
+ case 'V':
+ li = p->data;
+@@ -814,7 +818,7 @@
+ #endif /* SERVER_SUPPORT */
+ "p", "s", srepos,
+ "r", "s", current_parsed_root->directory,
+- "sVv", ",", changes,
++ "SsTVv", ",", changes,
+ logmsg_list_to_args_proc, (void *) NULL,
+ (char *) NULL);
+ if (!cmdline || !strlen (cmdline))
---- cvs-1.12.13.orig/debian/patches/95_flag_conflicted_copies
-+++ cvs-1.12.13/debian/patches/95_flag_conflicted_copies
-@@ -0,0 +1,21 @@
-+# Undo not flagging conflicted copies anymore, as reported by
-+# Henrique de Moraes Holschuh <hmh@debian.org>
-+# Closes: #368681
-+# Fix as described in message to the CVS mailing list at
-+# http://lists.gnu.org/archive/html/info-cvs/2006-06/msg00050.html
-+--- cvs-1.12.13/src/client.c~ 2005-10-02 16:17:20.000000000 +0100
-++++ cvs-1.12.13/src/client.c 2006-06-09 20:12:06.000000000 +0100
-+@@ -4533,10 +4533,9 @@
-+ /* File no longer exists. Don't do anything, missing files
-+ just happen. */
-+ }
-+- else if (!vers->ts_rcs || args->force
-+- || strcmp (vers->ts_conflict
-+- ? vers->ts_conflict : vers->ts_rcs, vers->ts_user)
-+- || (vers->ts_conflict && !strcmp (cvs_cmd_name, "diff")))
-++ else if (vers->ts_rcs == NULL
-++ || args->force
-++ || strcmp (vers->ts_user, vers->ts_rcs) != 0)
-+ {
-+ if (args->no_contents
-+ && supported_request ("Is-modified"))
+# Undo not flagging conflicted copies anymore, as reported by
+# Henrique de Moraes Holschuh <hmh@debian.org>
+# Closes: #368681
+# Fix as described in message to the CVS mailing list at
+# http://lists.gnu.org/archive/html/info-cvs/2006-06/msg00050.html
+--- cvs-1.12.13/src/client.c~ 2005-10-02 16:17:20.000000000 +0100
++++ cvs-1.12.13/src/client.c 2006-06-09 20:12:06.000000000 +0100
+@@ -4533,10 +4533,9 @@
+ /* File no longer exists. Don't do anything, missing files
+ just happen. */
+ }
+- else if (!vers->ts_rcs || args->force
+- || strcmp (vers->ts_conflict
+- ? vers->ts_conflict : vers->ts_rcs, vers->ts_user)
+- || (vers->ts_conflict && !strcmp (cvs_cmd_name, "diff")))
++ else if (vers->ts_rcs == NULL
++ || args->force
++ || strcmp (vers->ts_user, vers->ts_rcs) != 0)
+ {
+ if (args->no_contents
+ && supported_request ("Is-modified"))
---- cvs-1.12.13.orig/debian/patches/93_homedir
-+++ cvs-1.12.13/debian/patches/93_homedir
-@@ -0,0 +1,44 @@
-+# Fix handling of homedirectory for pserver, patch from
-+# Jim Studt <jim@federated.com>. Closes: Bug#51234
-+diff -ruN cvs-1.12.13-old/src/filesubr.c cvs-1.12.13/src/filesubr.c
-+--- cvs-1.12.13-old/src/filesubr.c 2005-09-28 23:25:59.000000000 +0800
-++++ cvs-1.12.13/src/filesubr.c 2006-02-26 22:31:57.000000000 +0800
-+@@ -795,6 +795,11 @@
-+ The workaround is to put -f in inetd.conf which means that
-+ get_homedir won't get called until after the switch in user ID.
-+
-++ NOTE: the above paragraph is not sufficient if the HOME environment
-++ variable is set, it overrides the uid based password lookup, hence
-++ the change_uid logic path that blocks the HOME environment variable
-++ when the uid gets changed.
-++
-+ The whole concept of a "home directory" on the server is pretty
-+ iffy, although I suppose some people probably are relying on it for
-+ .cvsrc and such, in the cases where it works. */
-+@@ -802,15 +807,24 @@
-+ get_homedir (void)
-+ {
-+ static char *home = NULL;
-++ static uid_t home_uid = 0;
-++ static int changed_uid = 0;
-+ char *env;
-++ uid_t uid = getuid();
-+ struct passwd *pw;
-+
-++ if ( home && home_uid != uid) {
-++ home = 0;
-++ home_uid = uid;
-++ changed_uid = 1;
-++ }
-++
-+ if (home != NULL)
-+ return home;
-+
-+- if (!server_active && (env = getenv ("HOME")) != NULL)
-++ if (!server_active && ((env = getenv ("HOME")) != NULL) && !changed_uid)
-+ home = env;
-+- else if ((pw = (struct passwd *) getpwuid (getuid ()))
-++ else if ((pw = (struct passwd *) getpwuid (uid))
-+ && pw->pw_dir)
-+ home = xstrdup (pw->pw_dir);
-+ else
+# Fix handling of homedirectory for pserver, patch from
+# Jim Studt <jim@federated.com>. Closes: Bug#51234
+diff -ruN cvs-1.12.13-old/src/filesubr.c cvs-1.12.13/src/filesubr.c
+--- cvs-1.12.13-old/src/filesubr.c 2005-09-28 23:25:59.000000000 +0800
++++ cvs-1.12.13/src/filesubr.c 2006-02-26 22:31:57.000000000 +0800
+@@ -795,6 +795,11 @@
+ The workaround is to put -f in inetd.conf which means that
+ get_homedir won't get called until after the switch in user ID.
+
++ NOTE: the above paragraph is not sufficient if the HOME environment
++ variable is set, it overrides the uid based password lookup, hence
++ the change_uid logic path that blocks the HOME environment variable
++ when the uid gets changed.
++
+ The whole concept of a "home directory" on the server is pretty
+ iffy, although I suppose some people probably are relying on it for
+ .cvsrc and such, in the cases where it works. */
+@@ -802,15 +807,24 @@
+ get_homedir (void)
+ {
+ static char *home = NULL;
++ static uid_t home_uid = 0;
++ static int changed_uid = 0;
+ char *env;
++ uid_t uid = getuid();
+ struct passwd *pw;
+
++ if ( home && home_uid != uid) {
++ home = 0;
++ home_uid = uid;
++ changed_uid = 1;
++ }
++
+ if (home != NULL)
+ return home;
+
+- if (!server_active && (env = getenv ("HOME")) != NULL)
++ if (!server_active && ((env = getenv ("HOME")) != NULL) && !changed_uid)
+ home = env;
+- else if ((pw = (struct passwd *) getpwuid (getuid ()))
++ else if ((pw = (struct passwd *) getpwuid (uid))
+ && pw->pw_dir)
+ home = xstrdup (pw->pw_dir);
+ else
---- cvs-1.12.13.orig/debian/patches/25_import-n-X
-+++ cvs-1.12.13/debian/patches/25_import-n-X
-@@ -0,0 +1,15 @@
-+# Fix `cvs import -X' failure
-+# Fixes: #374964
-+# Patch by Florian Zschocke <zschocke@gmx.net>
-+diff -ruN cvs-1.12.13-old/src/import.c cvs-1.12.13/src/import.c
-+--- cvs-1.12.13-old/src/import.c 2005-09-04 02:27:44.000000000 +0200
-++++ cvs-1.12.13/src/import.c 2006-06-19 19:41:57.000000000 +0200
-+@@ -595,7 +595,7 @@
-+ /* Attempt to make the Attic directory, in case it
-+ does not exist. */
-+ (void) sprintf (rcs, "%s/%s", repository, CVSATTIC);
-+- if (CVS_MKDIR (rcs, 0777 ) != 0 && errno != EEXIST)
-++ if (noexec == 0 && CVS_MKDIR (rcs, 0777 ) != 0 && errno != EEXIST)
-+ error (1, errno, "cannot make directory `%s'", rcs);
-+
-+ /* Note that the above clobbered the path name, so we
+# Fix `cvs import -X' failure
+# Fixes: #374964
+# Patch by Florian Zschocke <zschocke@gmx.net>
+diff -ruN cvs-1.12.13-old/src/import.c cvs-1.12.13/src/import.c
+--- cvs-1.12.13-old/src/import.c 2005-09-04 02:27:44.000000000 +0200
++++ cvs-1.12.13/src/import.c 2006-06-19 19:41:57.000000000 +0200
+@@ -595,7 +595,7 @@
+ /* Attempt to make the Attic directory, in case it
+ does not exist. */
+ (void) sprintf (rcs, "%s/%s", repository, CVSATTIC);
+- if (CVS_MKDIR (rcs, 0777 ) != 0 && errno != EEXIST)
++ if (noexec == 0 && CVS_MKDIR (rcs, 0777 ) != 0 && errno != EEXIST)
+ error (1, errno, "cannot make directory `%s'", rcs);
+
+ /* Note that the above clobbered the path name, so we
---- cvs-1.12.13.orig/debian/patches/97_cvs.info.typo
-+++ cvs-1.12.13/debian/patches/97_cvs.info.typo
-@@ -0,0 +1,58 @@
-+# Minor documentation changes
-+#
-+# Patch by Steve McIntyre <steve@einval.com> and Britton Leo Kerin <fsblk@aurora.uaf.edu>
-+diff -ruN cvs-1.12.13-old/doc/cvsclient.texi cvs-1.12.13/doc/cvsclient.texi
-+--- cvs-1.12.13-old/doc/cvsclient.texi 2005-07-20 18:39:59.000000000 +0800
-++++ cvs-1.12.13/doc/cvsclient.texi 2006-02-26 22:39:20.000000000 +0800
-+@@ -3,9 +3,10 @@
-+ @setfilename cvsclient.info
-+ @include version-client.texi
-+
-+-@dircategory Programming
-++@dircategory Development
-+ @direntry
-+-* cvsclient: (cvsclient). The CVS client/server protocol.
-++* CVS client/server: (cvsclient). Describes the client/server protocol
-++ used by CVS.
-+ @end direntry
-+
-+ @node Top
-+diff -ruN cvs-1.12.13-old/doc/cvs.texinfo cvs-1.12.13/doc/cvs.texinfo
-+--- cvs-1.12.13-old/doc/cvs.texinfo 2006-02-26 22:39:19.000000000 +0800
-++++ cvs-1.12.13/doc/cvs.texinfo 2006-02-26 22:39:20.000000000 +0800
-+@@ -97,7 +97,7 @@
-+ @end macro
-+ @end ifhtml
-+
-+-@dircategory GNU Packages
-++@dircategory Development
-+ @direntry
-+ * CVS: (cvs). Concurrent Versions System
-+ @end direntry
-+@@ -2385,13 +2385,16 @@
-+ There are two access methods that you use in @code{CVSROOT}
-+ for rsh. @code{:server:} specifies an internal rsh
-+ client, which is supported only by some @sc{cvs} ports.
-++This is not supported on most Unix-style systems,
-++including Debian.
-+ @code{:ext:} specifies an external rsh program. By
-+ default this is @code{rsh} (unless otherwise specified
-+ by the @file{--with-rsh} flag to configure) but you may set the
-+ @code{CVS_RSH} environment variable to invoke another
-+ program which can access the remote server (for
-+ example, @code{remsh} on HP-UX 9 because @code{rsh} is
-+-something different). It must be a program which can
-++something different, or @code{ssh} to allow the use of
-++secure and/or compressed connections). It must be a program which can
-+ transmit data to and from the server without modifying
-+ it; for example the Windows NT @code{rsh} is not
-+ suitable since it by default translates between CRLF
-+@@ -12711,7 +12714,7 @@
-+ @item @var{mname} [ options ] @var{dir} [ @var{files}@dots{} ]
-+ In the simplest case, this form of module definition
-+ reduces to @samp{@var{mname} @var{dir}}. This defines
-+-all the files in directory @var{dir} as module mname.
-++all the files in directory @var{dir} as module @var{mname}.
-+ @var{dir} is a relative path (from @code{$CVSROOT}) to a
-+ directory of source in the source repository. In this
-+ case, on checkout, a single directory called
+# Minor documentation changes
+#
+# Patch by Steve McIntyre <steve@einval.com> and Britton Leo Kerin <fsblk@aurora.uaf.edu>
+diff -ruN cvs-1.12.13-old/doc/cvsclient.texi cvs-1.12.13/doc/cvsclient.texi
+--- cvs-1.12.13-old/doc/cvsclient.texi 2005-07-20 18:39:59.000000000 +0800
++++ cvs-1.12.13/doc/cvsclient.texi 2006-02-26 22:39:20.000000000 +0800
+@@ -3,9 +3,10 @@
+ @setfilename cvsclient.info
+ @include version-client.texi
+
+-@dircategory Programming
++@dircategory Development
+ @direntry
+-* cvsclient: (cvsclient). The CVS client/server protocol.
++* CVS client/server: (cvsclient). Describes the client/server protocol
++ used by CVS.
+ @end direntry
+
+ @node Top
+diff -ruN cvs-1.12.13-old/doc/cvs.texinfo cvs-1.12.13/doc/cvs.texinfo
+--- cvs-1.12.13-old/doc/cvs.texinfo 2006-02-26 22:39:19.000000000 +0800
++++ cvs-1.12.13/doc/cvs.texinfo 2006-02-26 22:39:20.000000000 +0800
+@@ -97,7 +97,7 @@
+ @end macro
+ @end ifhtml
+
+-@dircategory GNU Packages
++@dircategory Development
+ @direntry
+ * CVS: (cvs). Concurrent Versions System
+ @end direntry
+@@ -2385,13 +2385,16 @@
+ There are two access methods that you use in @code{CVSROOT}
+ for rsh. @code{:server:} specifies an internal rsh
+ client, which is supported only by some @sc{cvs} ports.
++This is not supported on most Unix-style systems,
++including Debian.
+ @code{:ext:} specifies an external rsh program. By
+ default this is @code{rsh} (unless otherwise specified
+ by the @file{--with-rsh} flag to configure) but you may set the
+ @code{CVS_RSH} environment variable to invoke another
+ program which can access the remote server (for
+ example, @code{remsh} on HP-UX 9 because @code{rsh} is
+-something different). It must be a program which can
++something different, or @code{ssh} to allow the use of
++secure and/or compressed connections). It must be a program which can
+ transmit data to and from the server without modifying
+ it; for example the Windows NT @code{rsh} is not
+ suitable since it by default translates between CRLF
+@@ -12711,7 +12714,7 @@
+ @item @var{mname} [ options ] @var{dir} [ @var{files}@dots{} ]
+ In the simplest case, this form of module definition
+ reduces to @samp{@var{mname} @var{dir}}. This defines
+-all the files in directory @var{dir} as module mname.
++all the files in directory @var{dir} as module @var{mname}.
+ @var{dir} is a relative path (from @code{$CVSROOT}) to a
+ directory of source in the source repository. In this
+ case, on checkout, a single directory called
---- cvs-1.12.13.orig/debian/patches/55_keyword_alphanumerics
-+++ cvs-1.12.13/debian/patches/55_keyword_alphanumerics
-@@ -0,0 +1,27 @@
-+# Fix keyword handling to accept alphanumerics, not just alphabetics.
-+# Thanks to Branden Robinson for this fix.
-+diff -ruN cvs-1.12.13-old/src/rcs.c cvs-1.12.13/src/rcs.c
-+--- cvs-1.12.13-old/src/rcs.c 2005-09-28 23:25:59.000000000 +0800
-++++ cvs-1.12.13/src/rcs.c 2006-02-26 17:58:32.000000000 +0800
-+@@ -3680,13 +3680,18 @@
-+ srch_len -= (srch_next + 1) - srch;
-+ srch = srch_next + 1;
-+
-+- /* Look for the first non alphabetic character after the '$'. */
-++ /*
-++ * Accept alphanumerics, not just alphabetics. XFree86, anyone?
-++ * Branden Robinson Sat, 7 Sep 2002 02:04:59 -0500
-++ */
-++
-++ /* Look for the first non alphanumeric character after the '$'. */
-+ send = srch + srch_len;
-+ for (s = srch; s < send; s++)
-+- if (! isalpha ((unsigned char) *s))
-++ if (! isalnum ((unsigned char) *s))
-+ break;
-+
-+- /* If the first non alphabetic character is not '$' or ':',
-++ /* If the first non alphanumeric character is not '$' or ':',
-+ then this is not an RCS keyword. */
-+ if (s == send || (*s != '$' && *s != ':'))
-+ continue;
+# Fix keyword handling to accept alphanumerics, not just alphabetics.
+# Thanks to Branden Robinson for this fix.
+diff -ruN cvs-1.12.13-old/src/rcs.c cvs-1.12.13/src/rcs.c
+--- cvs-1.12.13-old/src/rcs.c 2005-09-28 23:25:59.000000000 +0800
++++ cvs-1.12.13/src/rcs.c 2006-02-26 17:58:32.000000000 +0800
+@@ -3680,13 +3680,18 @@
+ srch_len -= (srch_next + 1) - srch;
+ srch = srch_next + 1;
+
+- /* Look for the first non alphabetic character after the '$'. */
++ /*
++ * Accept alphanumerics, not just alphabetics. XFree86, anyone?
++ * Branden Robinson Sat, 7 Sep 2002 02:04:59 -0500
++ */
++
++ /* Look for the first non alphanumeric character after the '$'. */
+ send = srch + srch_len;
+ for (s = srch; s < send; s++)
+- if (! isalpha ((unsigned char) *s))
++ if (! isalnum ((unsigned char) *s))
+ break;
+
+- /* If the first non alphabetic character is not '$' or ':',
++ /* If the first non alphanumeric character is not '$' or ':',
+ then this is not an RCS keyword. */
+ if (s == send || (*s != '$' && *s != ':'))
+ continue;
---- cvs-1.12.13.orig/debian/patches/81_fix_-l
-+++ cvs-1.12.13/debian/patches/81_fix_-l
-@@ -0,0 +1,26 @@
-+# Re-added -l option to the client. Does nothing, but stops
-+# warnings/errors. Will really fix #219950 and #224737, and also a
-+# differently-described bug (220379). Closes: #219950, #220379
-+#
-+# Patch by Steve McIntyre <steve@einval.com>
-+diff -ruN cvs-1.12.13-old/src/main.c cvs-1.12.13/src/main.c
-+--- cvs-1.12.13-old/src/main.c 2006-02-26 22:09:42.000000000 +0800
-++++ cvs-1.12.13/src/main.c 2006-02-26 22:09:43.000000000 +0800
-+@@ -511,7 +511,7 @@
-+ int help = 0; /* Has the user asked for help? This
-+ lets us support the `cvs -H cmd'
-+ convention to give help for cmd. */
-+- static const char short_options[] = "+QqrwtnRvb:T:e:d:Hfz:s:xa";
-++ static const char short_options[] = "+QqrwtnRvb:T:e:d:Hfz:s:xal";
-+ static struct option long_options[] =
-+ {
-+ {"help", 0, NULL, 'H'},
-+@@ -669,6 +669,8 @@
-+ noexec = 1;
-+ logoff = 1;
-+ break;
-++ case 'l': /* no-op to simply ignore the old -l option */
-++ break;
-+ case 'v':
-+ (void) fputs ("\n", stdout);
-+ version (0, NULL);
+# Re-added -l option to the client. Does nothing, but stops
+# warnings/errors. Will really fix #219950 and #224737, and also a
+# differently-described bug (220379). Closes: #219950, #220379
+#
+# Patch by Steve McIntyre <steve@einval.com>
+diff -ruN cvs-1.12.13-old/src/main.c cvs-1.12.13/src/main.c
+--- cvs-1.12.13-old/src/main.c 2006-02-26 22:09:42.000000000 +0800
++++ cvs-1.12.13/src/main.c 2006-02-26 22:09:43.000000000 +0800
+@@ -511,7 +511,7 @@
+ int help = 0; /* Has the user asked for help? This
+ lets us support the `cvs -H cmd'
+ convention to give help for cmd. */
+- static const char short_options[] = "+QqrwtnRvb:T:e:d:Hfz:s:xa";
++ static const char short_options[] = "+QqrwtnRvb:T:e:d:Hfz:s:xal";
+ static struct option long_options[] =
+ {
+ {"help", 0, NULL, 'H'},
+@@ -669,6 +669,8 @@
+ noexec = 1;
+ logoff = 1;
+ break;
++ case 'l': /* no-op to simply ignore the old -l option */
++ break;
+ case 'v':
+ (void) fputs ("\n", stdout);
+ version (0, NULL);
---- cvs-1.12.13.orig/debian/patches/51_newlines_in_commit_template
-+++ cvs-1.12.13/debian/patches/51_newlines_in_commit_template
-@@ -0,0 +1,32 @@
-+# Change commit template so that there are two newlines at the
-+# beginning. (closes: #102624)
-+#
-+# Patch from Tollef Fog Heen <tfheen@debian.org>
-+diff -ruN cvs-1.12.13-old/src/logmsg.c cvs-1.12.13/src/logmsg.c
-+--- cvs-1.12.13-old/src/logmsg.c 2005-09-04 08:27:44.000000000 +0800
-++++ cvs-1.12.13/src/logmsg.c 2006-02-26 17:57:28.000000000 +0800
-+@@ -264,6 +264,11 @@
-+ }
-+ }
-+
-++ if (!*messagep)
-++ {
-++ (void) fprintf (fp, "\n");
-++ }
-++
-+ (void) fprintf (fp,
-+ "%s----------------------------------------------------------------------\n",
-+ CVSEDITPREFIX);
-+@@ -349,7 +354,11 @@
-+ *messagep = NULL;
-+ }
-+
-+- if (pre_stbuf.st_mtime == post_stbuf.st_mtime || *messagep == NULL)
-++ if (pre_stbuf.st_mtime == post_stbuf.st_mtime ||
-++ *messagep == NULL ||
-++ (*messagep)[0] == '\0' ||
-++ strcmp (*messagep, "\n") == 0 ||
-++ strcmp (*messagep, "\n\n") == 0)
-+ {
-+ for (;;)
-+ {
+# Change commit template so that there are two newlines at the
+# beginning. (closes: #102624)
+#
+# Patch from Tollef Fog Heen <tfheen@debian.org>
+diff -ruN cvs-1.12.13-old/src/logmsg.c cvs-1.12.13/src/logmsg.c
+--- cvs-1.12.13-old/src/logmsg.c 2005-09-04 08:27:44.000000000 +0800
++++ cvs-1.12.13/src/logmsg.c 2006-02-26 17:57:28.000000000 +0800
+@@ -264,6 +264,11 @@
+ }
+ }
+
++ if (!*messagep)
++ {
++ (void) fprintf (fp, "\n");
++ }
++
+ (void) fprintf (fp,
+ "%s----------------------------------------------------------------------\n",
+ CVSEDITPREFIX);
+@@ -349,7 +354,11 @@
+ *messagep = NULL;
+ }
+
+- if (pre_stbuf.st_mtime == post_stbuf.st_mtime || *messagep == NULL)
++ if (pre_stbuf.st_mtime == post_stbuf.st_mtime ||
++ *messagep == NULL ||
++ (*messagep)[0] == '\0' ||
++ strcmp (*messagep, "\n") == 0 ||
++ strcmp (*messagep, "\n\n") == 0)
+ {
+ for (;;)
+ {
---- cvs-1.12.13.orig/debian/patches/85_normalize_correct_roots
-+++ cvs-1.12.13/debian/patches/85_normalize_correct_roots
-@@ -0,0 +1,34 @@
-+# Apply patch from 120042, which only tries to parse pserver, gserver
-+# and kserver methods when doing cvs login. (closes: #120042).
-+#
-+# Patch from Horms <horms@vergenet.net>
-+diff -ruN cvs-1.12.13-old/src/login.c cvs-1.12.13/src/login.c
-+--- cvs-1.12.13-old/src/login.c 2006-02-26 22:10:42.000000000 +0800
-++++ cvs-1.12.13/src/login.c 2006-02-26 22:25:14.000000000 +0800
-+@@ -200,11 +200,21 @@
-+ return NULL;
-+ }
-+ *p = ' ';
-+- tmp_root_canonical = normalize_cvsroot (tmp_root);
-+- if (strcmp (cvsroot_canonical, tmp_root_canonical) == 0)
-+- password = p + 1;
-+-
-+- free (tmp_root_canonical);
-++ switch (tmp_root->method)
-++ {
-++ case gserver_method:
-++ case pserver_method:
-++#ifdef HAVE_KERBEROS
-++ case kserver_method:
-++#endif /* HAVE_KERBEROS */
-++ tmp_root_canonical = normalize_cvsroot (tmp_root);
-++ if (strcmp (cvsroot_canonical, tmp_root_canonical) == 0)
-++ password = p + 1;
-++ free (tmp_root_canonical);
-++ break;
-++ default:
-++ break;
-++ }
-+ }
-+
-+ return password;
+# Apply patch from 120042, which only tries to parse pserver, gserver
+# and kserver methods when doing cvs login. (closes: #120042).
+#
+# Patch from Horms <horms@vergenet.net>
+diff -ruN cvs-1.12.13-old/src/login.c cvs-1.12.13/src/login.c
+--- cvs-1.12.13-old/src/login.c 2006-02-26 22:10:42.000000000 +0800
++++ cvs-1.12.13/src/login.c 2006-02-26 22:25:14.000000000 +0800
+@@ -200,11 +200,21 @@
+ return NULL;
+ }
+ *p = ' ';
+- tmp_root_canonical = normalize_cvsroot (tmp_root);
+- if (strcmp (cvsroot_canonical, tmp_root_canonical) == 0)
+- password = p + 1;
+-
+- free (tmp_root_canonical);
++ switch (tmp_root->method)
++ {
++ case gserver_method:
++ case pserver_method:
++#ifdef HAVE_KERBEROS
++ case kserver_method:
++#endif /* HAVE_KERBEROS */
++ tmp_root_canonical = normalize_cvsroot (tmp_root);
++ if (strcmp (cvsroot_canonical, tmp_root_canonical) == 0)
++ password = p + 1;
++ free (tmp_root_canonical);
++ break;
++ default:
++ break;
++ }
+ }
+
+ return password;
---- cvs-1.12.13.orig/debian/patches/60_PAM_support
-+++ cvs-1.12.13/debian/patches/60_PAM_support
-@@ -0,0 +1,144 @@
-+#
-+# Add in extra PAM options compared to upstream's own PAM code:
-+# * Add an extra option PamAuth to control use of PAM separately from
-+# SystemAuth
-+# * Add support for DefaultPamUser - try that if the specified
-+# user does not exist
-+#
-+# Patch by Steve McIntyre <steve@einval.com>
-+diff -ruN cvs-1.12.13-old/doc/cvs.texinfo cvs-1.12.13/doc/cvs.texinfo
-+--- cvs-1.12.13-old/doc/cvs.texinfo 2005-09-23 03:02:53.000000000 +0100
-++++ cvs-1.12.13/doc/cvs.texinfo 2006-05-19 23:50:10.000000000 +0100
-+@@ -2662,8 +2662,18 @@
-+ system has PAM (Pluggable Authentication Modules)
-+ and your @sc{cvs} server executable was configured to
-+ use it at compile time (using @code{./configure --enable-pam} - see the
-+-INSTALL file for more). In this case, PAM will be consulted instead.
-+-This means that @sc{cvs} can be configured to use any password
-++INSTALL file for more). In this case, PAM may be
-++consulted first (or instead). The
-++"fallback" behaviour can be controlled using the two
-++variables @code{PamAuth} and @code{SystemAuth}. On a
-++Debian system, @code{PamAuth} defaults to @code{yes}
-++and @code{SystemAuth} to @code{no} - after all, PAM can
-++supports passwd file lookups itself. Changing these is
-++possible by setting @code{PamAuth=no} and
-++@code{SystemAuth=yes} in the @sc{cvs} @file{config}
-++file, @pxref{config}).
-++
-++Use of PAM means that @sc{cvs} can be configured to use any password
-+ authentication source PAM can be configured to use (possibilities
-+ include a simple UNIX password, NIS, LDAP, and others) in its
-+ global configuration file (usually @file{/etc/pam.conf}
-+@@ -2691,7 +2701,7 @@
-+ cvs session required pam_unix.so
-+ @end example
-+
-+-The the equivalent @file{/etc/pam.d/cvs} would contain
-++The equivalent @file{/etc/pam.d/cvs} would contain
-+
-+ @example
-+ auth required pam_unix.so
-+@@ -2715,6 +2725,13 @@
-+ feature should not be used if you may not have control of the name
-+ @sc{cvs} will be invoked as.
-+
-++If you wish to use PAM for authentication, and details
-++of your users are not available using getpwnam(), you
-++may set a default name for the account on the server
-++that will be used after authentication. To do this,
-++either set @code{DefaultPamUser=user} in the @sc{cvs}
-++@file{config} file, @pxref{config}.
-++
-+ Be aware, also, that falling back to system
-+ authentication might be a security risk: @sc{cvs}
-+ operations would then be authenticated with that user's
-+diff -ruN cvs-1.12.13-old/src/parseinfo.c cvs-1.12.13/src/parseinfo.c
-+--- cvs-1.12.13-old/src/parseinfo.c 2005-09-06 05:40:37.000000000 +0100
-++++ cvs-1.12.13/src/parseinfo.c 2006-05-19 22:46:00.000000000 +0100
-+@@ -303,8 +303,12 @@
-+ */
-+ #endif /* PROXY_SUPPORT */
-+ #ifdef AUTH_SERVER_SUPPORT
-+- new->system_auth = true;
-++ new->system_auth = false;
-+ #endif /* AUTH_SERVER_SUPPORT */
-++#ifdef HAVE_PAM
-++ new->PamAuth = true;
-++ new->DefaultPamUser = NULL;
-++#endif
-+
-+ return new;
-+ }
-+@@ -696,6 +700,13 @@
-+ readSizeT (infopath, "MaxCompressionLevel", p,
-+ &retval->MaxCompressionLevel);
-+ #endif /* SERVER_SUPPORT */
-++#ifdef HAVE_PAM
-++ else if (!strcmp (line, "DefaultPamUser"))
-++ retval->DefaultPamUser = xstrdup(p);
-++ else if (!strcmp (line, "PamAuth"))
-++ readBool (infopath, "PamAuth", p,
-++ &retval->PamAuth);
-++#endif
-+ else
-+ /* We may be dealing with a keyword which was added in a
-+ subsequent version of CVS. In that case it is a good idea
-+diff -ruN cvs-1.12.13-old/src/parseinfo.h cvs-1.12.13/src/parseinfo.h
-+--- cvs-1.12.13-old/src/parseinfo.h 2005-09-05 04:03:38.000000000 +0100
-++++ cvs-1.12.13/src/parseinfo.h 2006-05-19 22:40:31.000000000 +0100
-+@@ -59,6 +59,10 @@
-+ #ifdef PRESERVE_PERMISSIONS_SUPPORT
-+ bool preserve_perms;
-+ #endif /* PRESERVE_PERMISSIONS_SUPPORT */
-++#ifdef HAVE_PAM
-++ char *DefaultPamUser;
-++ bool PamAuth;
-++#endif
-+ };
-+
-+ bool parse_error (const char *, unsigned int);
-+diff -ruN cvs-1.12.13-old/src/server.c cvs-1.12.13/src/server.c
-+--- cvs-1.12.13-old/src/server.c 2005-09-28 16:25:59.000000000 +0100
-++++ cvs-1.12.13/src/server.c 2006-05-20 00:45:14.000000000 +0100
-+@@ -6919,6 +6919,15 @@
-+ {
-+ pam_stage = "get pam user";
-+ retval = pam_get_item (pamh, PAM_USER, (const void **)username);
-++ if ((retval != PAM_SUCCESS) && (NULL != config->DefaultPamUser))
-++ {
-++ /* An issue with using pam is that the host may well not have
-++ a local user entry to match the authenticated user. If this
-++ has failed, optionally fall back to a specified local
-++ username */
-++ *username = xstrdup(config->DefaultPamUser);
-++ retval = PAM_SUCCESS;
-++ }
-+ }
-+
-+ if (retval != PAM_SUCCESS)
-+@@ -7022,7 +7031,11 @@
-+
-+ assert (rc == 0);
-+
-++#ifdef HAVE_PAM
-++ if (!config->system_auth && !config->PamAuth)
-++#else
-+ if (!config->system_auth)
-++#endif
-+ {
-+ /* Note that the message _does_ distinguish between the case in
-+ which we check for a system password and the case in which
-+@@ -7037,9 +7050,10 @@
-+
-+ /* No cvs password found, so try /etc/passwd. */
-+ #ifdef HAVE_PAM
-+- if (check_pam_password (&username, password))
-++ if ( (config->PamAuth && check_pam_password (&username, password)) ||
-++ (config->system_auth && check_system_password (username, password)))
-+ #else /* !HAVE_PAM */
-+- if (check_system_password (username, password))
-++ if (config->system_auth && check_system_password (username, password))
-+ #endif /* HAVE_PAM */
-+ host_user = xstrdup (username);
-+ else
+#
+# Add in extra PAM options compared to upstream's own PAM code:
+# * Add an extra option PamAuth to control use of PAM separately from
+# SystemAuth
+# * Add support for DefaultPamUser - try that if the specified
+# user does not exist
+#
+# Patch by Steve McIntyre <steve@einval.com>
+diff -ruN cvs-1.12.13-old/doc/cvs.texinfo cvs-1.12.13/doc/cvs.texinfo
+--- cvs-1.12.13-old/doc/cvs.texinfo 2005-09-23 03:02:53.000000000 +0100
++++ cvs-1.12.13/doc/cvs.texinfo 2006-05-19 23:50:10.000000000 +0100
+@@ -2662,8 +2662,18 @@
+ system has PAM (Pluggable Authentication Modules)
+ and your @sc{cvs} server executable was configured to
+ use it at compile time (using @code{./configure --enable-pam} - see the
+-INSTALL file for more). In this case, PAM will be consulted instead.
+-This means that @sc{cvs} can be configured to use any password
++INSTALL file for more). In this case, PAM may be
++consulted first (or instead). The
++"fallback" behaviour can be controlled using the two
++variables @code{PamAuth} and @code{SystemAuth}. On a
++Debian system, @code{PamAuth} defaults to @code{yes}
++and @code{SystemAuth} to @code{no} - after all, PAM can
++supports passwd file lookups itself. Changing these is
++possible by setting @code{PamAuth=no} and
++@code{SystemAuth=yes} in the @sc{cvs} @file{config}
++file, @pxref{config}).
++
++Use of PAM means that @sc{cvs} can be configured to use any password
+ authentication source PAM can be configured to use (possibilities
+ include a simple UNIX password, NIS, LDAP, and others) in its
+ global configuration file (usually @file{/etc/pam.conf}
+@@ -2691,7 +2701,7 @@
+ cvs session required pam_unix.so
+ @end example
+
+-The the equivalent @file{/etc/pam.d/cvs} would contain
++The equivalent @file{/etc/pam.d/cvs} would contain
+
+ @example
+ auth required pam_unix.so
+@@ -2715,6 +2725,13 @@
+ feature should not be used if you may not have control of the name
+ @sc{cvs} will be invoked as.
+
++If you wish to use PAM for authentication, and details
++of your users are not available using getpwnam(), you
++may set a default name for the account on the server
++that will be used after authentication. To do this,
++either set @code{DefaultPamUser=user} in the @sc{cvs}
++@file{config} file, @pxref{config}.
++
+ Be aware, also, that falling back to system
+ authentication might be a security risk: @sc{cvs}
+ operations would then be authenticated with that user's
+diff -ruN cvs-1.12.13-old/src/parseinfo.c cvs-1.12.13/src/parseinfo.c
+--- cvs-1.12.13-old/src/parseinfo.c 2005-09-06 05:40:37.000000000 +0100
++++ cvs-1.12.13/src/parseinfo.c 2006-05-19 22:46:00.000000000 +0100
+@@ -303,8 +303,12 @@
+ */
+ #endif /* PROXY_SUPPORT */
+ #ifdef AUTH_SERVER_SUPPORT
+- new->system_auth = true;
++ new->system_auth = false;
+ #endif /* AUTH_SERVER_SUPPORT */
++#ifdef HAVE_PAM
++ new->PamAuth = true;
++ new->DefaultPamUser = NULL;
++#endif
+
+ return new;
+ }
+@@ -696,6 +700,13 @@
+ readSizeT (infopath, "MaxCompressionLevel", p,
+ &retval->MaxCompressionLevel);
+ #endif /* SERVER_SUPPORT */
++#ifdef HAVE_PAM
++ else if (!strcmp (line, "DefaultPamUser"))
++ retval->DefaultPamUser = xstrdup(p);
++ else if (!strcmp (line, "PamAuth"))
++ readBool (infopath, "PamAuth", p,
++ &retval->PamAuth);
++#endif
+ else
+ /* We may be dealing with a keyword which was added in a
+ subsequent version of CVS. In that case it is a good idea
+diff -ruN cvs-1.12.13-old/src/parseinfo.h cvs-1.12.13/src/parseinfo.h
+--- cvs-1.12.13-old/src/parseinfo.h 2005-09-05 04:03:38.000000000 +0100
++++ cvs-1.12.13/src/parseinfo.h 2006-05-19 22:40:31.000000000 +0100
+@@ -59,6 +59,10 @@
+ #ifdef PRESERVE_PERMISSIONS_SUPPORT
+ bool preserve_perms;
+ #endif /* PRESERVE_PERMISSIONS_SUPPORT */
++#ifdef HAVE_PAM
++ char *DefaultPamUser;
++ bool PamAuth;
++#endif
+ };
+
+ bool parse_error (const char *, unsigned int);
+diff -ruN cvs-1.12.13-old/src/server.c cvs-1.12.13/src/server.c
+--- cvs-1.12.13-old/src/server.c 2005-09-28 16:25:59.000000000 +0100
++++ cvs-1.12.13/src/server.c 2006-05-20 00:45:14.000000000 +0100
+@@ -6919,6 +6919,15 @@
+ {
+ pam_stage = "get pam user";
+ retval = pam_get_item (pamh, PAM_USER, (const void **)username);
++ if ((retval != PAM_SUCCESS) && (NULL != config->DefaultPamUser))
++ {
++ /* An issue with using pam is that the host may well not have
++ a local user entry to match the authenticated user. If this
++ has failed, optionally fall back to a specified local
++ username */
++ *username = xstrdup(config->DefaultPamUser);
++ retval = PAM_SUCCESS;
++ }
+ }
+
+ if (retval != PAM_SUCCESS)
+@@ -7022,7 +7031,11 @@
+
+ assert (rc == 0);
+
++#ifdef HAVE_PAM
++ if (!config->system_auth && !config->PamAuth)
++#else
+ if (!config->system_auth)
++#endif
+ {
+ /* Note that the message _does_ distinguish between the case in
+ which we check for a system password and the case in which
+@@ -7037,9 +7050,10 @@
+
+ /* No cvs password found, so try /etc/passwd. */
+ #ifdef HAVE_PAM
+- if (check_pam_password (&username, password))
++ if ( (config->PamAuth && check_pam_password (&username, password)) ||
++ (config->system_auth && check_system_password (username, password)))
+ #else /* !HAVE_PAM */
+- if (check_system_password (username, password))
++ if (config->system_auth && check_system_password (username, password))
+ #endif /* HAVE_PAM */
+ host_user = xstrdup (username);
+ else
---- cvs-1.12.13.orig/debian/patches/94_parseopts
-+++ cvs-1.12.13/debian/patches/94_parseopts
-@@ -0,0 +1,108 @@
-+diff -ruN cvs-1.12.13-old/src/cvs.h cvs-1.12.13/src/cvs.h
-+--- cvs-1.12.13-old/src/cvs.h 2006-08-19 00:05:38.000000000 +0100
-++++ cvs-1.12.13/src/cvs.h 2006-08-19 00:05:41.000000000 +0100
-+@@ -177,6 +177,7 @@
-+ #define CVSROOTADM_LOGINFO "loginfo"
-+ #define CVSROOTADM_MODULES "modules"
-+ #define CVSROOTADM_NOTIFY "notify"
-++#define CVSROOTADM_OPTIONS "options"
-+ #define CVSROOTADM_PASSWD "passwd"
-+ #define CVSROOTADM_POSTADMIN "postadmin"
-+ #define CVSROOTADM_POSTPROXY "postproxy"
-+@@ -506,6 +507,7 @@
-+ char *strcat_filename_onto_homedir (const char *, const char *);
-+ char *cvs_temp_name (void);
-+ FILE *cvs_temp_file (char **filename);
-++void parseopts (const char *root);
-+
-+ int ls (int argc, char *argv[]);
-+ int unlink_file (const char *f);
-+diff -ruN cvs-1.12.13-old/src/main.c cvs-1.12.13/src/main.c
-+--- cvs-1.12.13-old/src/main.c 2006-08-19 00:05:38.000000000 +0100
-++++ cvs-1.12.13/src/main.c 2006-08-19 00:08:14.000000000 +0100
-+@@ -1108,6 +1108,8 @@
-+ CVSROOT/config file to fix the broken one! */
-+ if (config) free_config (config);
-+ config = parse_config (current_parsed_root->directory, NULL);
-++ /* Now is a convenient time to read CVSROOT/options */
-++ parseopts(current_parsed_root->directory);
-+
-+ /* Can set TMPDIR in the environment if necessary now, since
-+ * if it was set in config, we now know it.
-+@@ -1482,5 +1484,63 @@
-+ exit (EXIT_FAILURE);
-+ }
-+
-++void
-++parseopts(root)
-++ const char *root;
-++{
-++ char path[PATH_MAX];
-++ int save_errno;
-++ char buf[1024];
-++ const char *p;
-++ char *q;
-++ FILE *fp;
-++
-++ if (root == NULL) {
-++ printf("no CVSROOT in parseopts\n");
-++ return;
-++ }
-++ p = strchr (root, ':');
-++ if (p)
-++ p++;
-++ else
-++ p = root;
-++ if (p == NULL) {
-++ printf("mangled CVSROOT in parseopts\n");
-++ return;
-++ }
-++ (void) sprintf (path, "%s/%s/%s", p, CVSROOTADM, CVSROOTADM_OPTIONS);
-++ if ((fp = fopen(path, "r")) != NULL) {
-++ while (fgets(buf, sizeof buf, fp) != NULL) {
-++ if (buf[0] == '#')
-++ continue;
-++ q = strrchr(buf, '\n');
-++ if (q)
-++ *q = '\0';
-++
-++ if (!strncmp(buf, "tag=", 4)) {
-++ char *what;
-++ char *rcs_localid;
-++
-++ rcs_localid = buf + 4;
-++ RCS_setlocalid(path, 0, &config->keywords, rcs_localid);
-++ }
-++ if (!strncmp(buf, "tagexpand=", 10)) {
-++ char *what;
-++ char *rcs_incexc;
-++
-++ rcs_incexc = buf + 10;
-++ RCS_setincexc(&config->keywords, rcs_incexc);
-++ }
-++ /*
-++ * OpenBSD has a "umask=" and "dlimit=" command, we silently
-++ * ignore them here since they are not much use to us. cvsumask
-++ * defaults to 002 already, and the dlimit (data size limit)
-++ * should really be handled elsewhere (eg: login.conf).
-++ */
-++ }
-++ fclose(fp);
-++ }
-++}
-++
-+ /* vim:tabstop=8:shiftwidth=4
-+ */
-+diff -ruN cvs-1.12.13-old/src/server.c cvs-1.12.13/src/server.c
-+--- cvs-1.12.13-old/src/server.c 2006-08-19 00:05:38.000000000 +0100
-++++ cvs-1.12.13/src/server.c 2006-08-19 00:05:41.000000000 +0100
-+@@ -985,6 +985,9 @@
-+ config->MaxCompressionLevel);
-+ }
-+
-++ /* Now is a good time to read CVSROOT/options too. */
-++ parseopts(current_parsed_root->directory);
-++
-+ path = xmalloc (strlen (current_parsed_root->directory)
-+ + sizeof (CVSROOTADM)
-+ + 2);
+diff -ruN cvs-1.12.13-old/src/cvs.h cvs-1.12.13/src/cvs.h
+--- cvs-1.12.13-old/src/cvs.h 2006-08-19 00:05:38.000000000 +0100
++++ cvs-1.12.13/src/cvs.h 2006-08-19 00:05:41.000000000 +0100
+@@ -177,6 +177,7 @@
+ #define CVSROOTADM_LOGINFO "loginfo"
+ #define CVSROOTADM_MODULES "modules"
+ #define CVSROOTADM_NOTIFY "notify"
++#define CVSROOTADM_OPTIONS "options"
+ #define CVSROOTADM_PASSWD "passwd"
+ #define CVSROOTADM_POSTADMIN "postadmin"
+ #define CVSROOTADM_POSTPROXY "postproxy"
+@@ -506,6 +507,7 @@
+ char *strcat_filename_onto_homedir (const char *, const char *);
+ char *cvs_temp_name (void);
+ FILE *cvs_temp_file (char **filename);
++void parseopts (const char *root);
+
+ int ls (int argc, char *argv[]);
+ int unlink_file (const char *f);
+diff -ruN cvs-1.12.13-old/src/main.c cvs-1.12.13/src/main.c
+--- cvs-1.12.13-old/src/main.c 2006-08-19 00:05:38.000000000 +0100
++++ cvs-1.12.13/src/main.c 2006-08-19 00:08:14.000000000 +0100
+@@ -1108,6 +1108,8 @@
+ CVSROOT/config file to fix the broken one! */
+ if (config) free_config (config);
+ config = parse_config (current_parsed_root->directory, NULL);
++ /* Now is a convenient time to read CVSROOT/options */
++ parseopts(current_parsed_root->directory);
+
+ /* Can set TMPDIR in the environment if necessary now, since
+ * if it was set in config, we now know it.
+@@ -1482,5 +1484,63 @@
+ exit (EXIT_FAILURE);
+ }
+
++void
++parseopts(root)
++ const char *root;
++{
++ char path[PATH_MAX];
++ int save_errno;
++ char buf[1024];
++ const char *p;
++ char *q;
++ FILE *fp;
++
++ if (root == NULL) {
++ printf("no CVSROOT in parseopts\n");
++ return;
++ }
++ p = strchr (root, ':');
++ if (p)
++ p++;
++ else
++ p = root;
++ if (p == NULL) {
++ printf("mangled CVSROOT in parseopts\n");
++ return;
++ }
++ (void) sprintf (path, "%s/%s/%s", p, CVSROOTADM, CVSROOTADM_OPTIONS);
++ if ((fp = fopen(path, "r")) != NULL) {
++ while (fgets(buf, sizeof buf, fp) != NULL) {
++ if (buf[0] == '#')
++ continue;
++ q = strrchr(buf, '\n');
++ if (q)
++ *q = '\0';
++
++ if (!strncmp(buf, "tag=", 4)) {
++ char *what;
++ char *rcs_localid;
++
++ rcs_localid = buf + 4;
++ RCS_setlocalid(path, 0, &config->keywords, rcs_localid);
++ }
++ if (!strncmp(buf, "tagexpand=", 10)) {
++ char *what;
++ char *rcs_incexc;
++
++ rcs_incexc = buf + 10;
++ RCS_setincexc(&config->keywords, rcs_incexc);
++ }
++ /*
++ * OpenBSD has a "umask=" and "dlimit=" command, we silently
++ * ignore them here since they are not much use to us. cvsumask
++ * defaults to 002 already, and the dlimit (data size limit)
++ * should really be handled elsewhere (eg: login.conf).
++ */
++ }
++ fclose(fp);
++ }
++}
++
+ /* vim:tabstop=8:shiftwidth=4
+ */
+diff -ruN cvs-1.12.13-old/src/server.c cvs-1.12.13/src/server.c
+--- cvs-1.12.13-old/src/server.c 2006-08-19 00:05:38.000000000 +0100
++++ cvs-1.12.13/src/server.c 2006-08-19 00:05:41.000000000 +0100
+@@ -985,6 +985,9 @@
+ config->MaxCompressionLevel);
+ }
+
++ /* Now is a good time to read CVSROOT/options too. */
++ parseopts(current_parsed_root->directory);
++
+ path = xmalloc (strlen (current_parsed_root->directory)
+ + sizeof (CVSROOTADM)
+ + 2);
---- cvs-1.12.13.orig/debian/patches/89_history_val-tag_world_writeable
-+++ cvs-1.12.13/debian/patches/89_history_val-tag_world_writeable
-@@ -0,0 +1,31 @@
-+# Don't make history and val-tags files world-writable when creating a
-+# new repository. (Closes: #125892)
-+#
-+# Author unknown, probably Eric Gillespie, Jr. <epg@debian.org>
-+diff -ruN cvs-1.12.13-old/src/mkmodules.c cvs-1.12.13/src/mkmodules.c
-+--- cvs-1.12.13-old/src/mkmodules.c 2005-05-25 04:59:01.000000000 +0800
-++++ cvs-1.12.13/src/mkmodules.c 2006-02-26 22:27:55.000000000 +0800
-+@@ -1249,11 +1249,6 @@
-+ fp = xfopen (info, "w");
-+ if (fclose (fp) < 0)
-+ error (1, errno, "cannot close %s", info);
-+-
-+- /* Make the new history file world-writeable, since every CVS
-+- user will need to be able to write to it. We use chmod()
-+- because xchmod() is too shy. */
-+- chmod (info, 0666);
-+ }
-+
-+ /* Make an empty val-tags file to prevent problems creating it later. */
-+@@ -1267,11 +1262,6 @@
-+ fp = xfopen (info, "w");
-+ if (fclose (fp) < 0)
-+ error (1, errno, "cannot close %s", info);
-+-
-+- /* Make the new val-tags file world-writeable, since every CVS
-+- user will need to be able to write to it. We use chmod()
-+- because xchmod() is too shy. */
-+- chmod (info, 0666);
-+ }
-+
-+ free (info);
+# Don't make history and val-tags files world-writable when creating a
+# new repository. (Closes: #125892)
+#
+# Author unknown, probably Eric Gillespie, Jr. <epg@debian.org>
+diff -ruN cvs-1.12.13-old/src/mkmodules.c cvs-1.12.13/src/mkmodules.c
+--- cvs-1.12.13-old/src/mkmodules.c 2005-05-25 04:59:01.000000000 +0800
++++ cvs-1.12.13/src/mkmodules.c 2006-02-26 22:27:55.000000000 +0800
+@@ -1249,11 +1249,6 @@
+ fp = xfopen (info, "w");
+ if (fclose (fp) < 0)
+ error (1, errno, "cannot close %s", info);
+-
+- /* Make the new history file world-writeable, since every CVS
+- user will need to be able to write to it. We use chmod()
+- because xchmod() is too shy. */
+- chmod (info, 0666);
+ }
+
+ /* Make an empty val-tags file to prevent problems creating it later. */
+@@ -1267,11 +1262,6 @@
+ fp = xfopen (info, "w");
+ if (fclose (fp) < 0)
+ error (1, errno, "cannot close %s", info);
+-
+- /* Make the new val-tags file world-writeable, since every CVS
+- user will need to be able to write to it. We use chmod()
+- because xchmod() is too shy. */
+- chmod (info, 0666);
+ }
+
+ free (info);
---- cvs-1.12.13.orig/debian/patches/12_rcs2log_POSIX_sort
-+++ cvs-1.12.13/debian/patches/12_rcs2log_POSIX_sort
-@@ -0,0 +1,15 @@
-+# Make rcs2log use POSIX 1003.1-2001 compliant `sort'. Closes: #368909
-+# Patch taken from http://cvs.pld.org.pl/SOURCES/cvs-POSIX.patch?rev=1.1 ,
-+# Thanks to the PLD Team.
-+diff -Nru ../build-tree.old/cvs-1.12.13/contrib/rcs2log.sh ./cvs-1.12.13/contrib/rcs2log.sh
-+--- ../build-tree.old/cvs-1.12.13/contrib/rcs2log.sh 2006-05-26 15:16:54.000000000 +0800
-++++ ./cvs-1.12.13/contrib/rcs2log.sh 2006-05-26 15:16:35.000000000 +0800
-+@@ -649,7 +649,7 @@
-+ # Sort the log entries, first by date+time (in reverse order),
-+ # then by author, then by log entry, and finally by file name and revision
-+ # (just in case).
-+-sort -t"$SOH" +2 -4r +4 +0 |
-++sort -t"$SOH" -k 3,4r -k 5 -k 1 |
-+
-+ # Finally, reformat the sorted log entries.
-+ $AWK -F"$SOH" '
+# Make rcs2log use POSIX 1003.1-2001 compliant `sort'. Closes: #368909
+# Patch taken from http://cvs.pld.org.pl/SOURCES/cvs-POSIX.patch?rev=1.1 ,
+# Thanks to the PLD Team.
+diff -Nru ../build-tree.old/cvs-1.12.13/contrib/rcs2log.sh ./cvs-1.12.13/contrib/rcs2log.sh
+--- ../build-tree.old/cvs-1.12.13/contrib/rcs2log.sh 2006-05-26 15:16:54.000000000 +0800
++++ ./cvs-1.12.13/contrib/rcs2log.sh 2006-05-26 15:16:35.000000000 +0800
+@@ -649,7 +649,7 @@
+ # Sort the log entries, first by date+time (in reverse order),
+ # then by author, then by log entry, and finally by file name and revision
+ # (just in case).
+-sort -t"$SOH" +2 -4r +4 +0 |
++sort -t"$SOH" -k 3,4r -k 5 -k 1 |
+
+ # Finally, reformat the sorted log entries.
+ $AWK -F"$SOH" '
---- cvs-1.12.13.orig/debian/patches/80_cvs-repouid-0.1
-+++ cvs-1.12.13/debian/patches/80_cvs-repouid-0.1
-@@ -0,0 +1,111 @@
-+#
-+# cvs-repouid patch for controlling pserver access. See
-+# README.Debian for details.
-+#
-+# Original patch by Wichert Akkerman <wakkerma@debian.org>, fixes by
-+# Steve McIntyre <steve@einval.com> with help from Alberto Garcia
-+# <agarcia@igalia.com>
-+diff -ruN cvs-1.12.13-old/src/cvs.h cvs-1.12.13/src/cvs.h
-+--- cvs-1.12.13-old/src/cvs.h 2005-10-02 23:17:20.000000000 +0800
-++++ cvs-1.12.13/src/cvs.h 2006-02-26 22:08:16.000000000 +0800
-+@@ -145,6 +145,13 @@
-+ #define CVSADM_TEMPLATE "CVS/Template"
-+ #endif /* USE_VMS_FILENAMES */
-+
-++/* Global configuration file mapping repositories to uids. This can be
-++ used instead of getting the unix user. This is prevents a security
-++ problem where anyone with commit access can basically become any
-++ user on the machine. Combined with the insecure pserver that is a
-++ problem waiting to happen. */
-++#define CVS_REPOUIDFILE "/etc/cvs-repouids"
-++
-+ /* This is the special directory which we use to store various extra
-+ per-directory information in the repository. It must be the same as
-+ CVSADM to avoid creating a new reserved directory name which users cannot
-+diff -ruN cvs-1.12.13-old/src/server.c cvs-1.12.13/src/server.c
-+--- cvs-1.12.13-old/src/server.c 2005-09-28 23:25:59.000000000 +0800
-++++ cvs-1.12.13/src/server.c 2006-02-26 22:08:16.000000000 +0800
-+@@ -6570,6 +6570,12 @@
-+ exit (EXIT_FAILURE);
-+ }
-+
-++ if (pw->pw_uid == 0)
-++ {
-++ printf("error 0: root not allowed\n");
-++ exit (EXIT_FAILURE);
-++ }
-++
-+ #if HAVE_INITGROUPS
-+ if (initgroups (pw->pw_name, pw->pw_gid) < 0
-+ # ifdef EPERM
-+@@ -6667,6 +6673,51 @@
-+ }
-+ #endif
-+
-++static char*
-++global_repo_uid(const char* repository)
-++{
-++ FILE *fp;
-++ char *linebuf = NULL;
-++ size_t linebuf_len;
-++ int found_it = 0;
-++ size_t repolen = strlen (repository);
-++ char *user;
-++
-++ fp = fopen (CVS_REPOUIDFILE, "r");
-++ if (fp == NULL)
-++ {
-++ if (!existence_error (errno))
-++ error (0, errno, "cannot open %s", CVS_REPOUIDFILE);
-++ return NULL;
-++ }
-++
-++ while (getline (&linebuf, &linebuf_len, fp) >= 0)
-++ {
-++ if ((strncmp (linebuf, repository, repolen) == 0)
-++ && (linebuf[repolen] == ':'))
-++ {
-++ found_it = 1;
-++ break;
-++ }
-++ }
-++
-++ if (ferror (fp))
-++ error (0, errno, "cannot read %s", CVS_REPOUIDFILE);
-++ if (fclose (fp) < 0)
-++ error (0, errno, "cannot close %s", CVS_REPOUIDFILE);
-++
-++ if (!found_it) {
-++ free (linebuf);
-++ return NULL;
-++ }
-++
-++ strtok (linebuf + repolen, "\n");
-++ user = xstrdup (linebuf + repolen + 1);
-++ free (linebuf);
-++
-++ return user;
-++}
-++
-+ #ifdef AUTH_SERVER_SUPPORT
-+
-+ extern char *crypt (const char *, const char *);
-+@@ -6738,7 +6789,7 @@
-+ /* If found_it, then linebuf contains the information we need. */
-+ if (found_it)
-+ {
-+- char *found_password, *host_user_tmp;
-++ char *found_password, *host_user_tmp, *user_override;
-+ char *non_cvsuser_portion;
-+
-+ /* We need to make sure lines such as
-+@@ -6805,6 +6856,9 @@
-+ /* Give host_user_ptr permanent storage. */
-+ *host_user_ptr = xstrdup (host_user_tmp);
-+ retval = 1;
-++ user_override = global_repo_uid (repository);
-++ if (user_override)
-++ *host_user_ptr = user_override;
-+ }
-+ else
-+ {
+#
+# cvs-repouid patch for controlling pserver access. See
+# README.Debian for details.
+#
+# Original patch by Wichert Akkerman <wakkerma@debian.org>, fixes by
+# Steve McIntyre <steve@einval.com> with help from Alberto Garcia
+# <agarcia@igalia.com>
+diff -ruN cvs-1.12.13-old/src/cvs.h cvs-1.12.13/src/cvs.h
+--- cvs-1.12.13-old/src/cvs.h 2005-10-02 23:17:20.000000000 +0800
++++ cvs-1.12.13/src/cvs.h 2006-02-26 22:08:16.000000000 +0800
+@@ -145,6 +145,13 @@
+ #define CVSADM_TEMPLATE "CVS/Template"
+ #endif /* USE_VMS_FILENAMES */
+
++/* Global configuration file mapping repositories to uids. This can be
++ used instead of getting the unix user. This is prevents a security
++ problem where anyone with commit access can basically become any
++ user on the machine. Combined with the insecure pserver that is a
++ problem waiting to happen. */
++#define CVS_REPOUIDFILE "/etc/cvs-repouids"
++
+ /* This is the special directory which we use to store various extra
+ per-directory information in the repository. It must be the same as
+ CVSADM to avoid creating a new reserved directory name which users cannot
+diff -ruN cvs-1.12.13-old/src/server.c cvs-1.12.13/src/server.c
+--- cvs-1.12.13-old/src/server.c 2005-09-28 23:25:59.000000000 +0800
++++ cvs-1.12.13/src/server.c 2006-02-26 22:08:16.000000000 +0800
+@@ -6570,6 +6570,12 @@
+ exit (EXIT_FAILURE);
+ }
+
++ if (pw->pw_uid == 0)
++ {
++ printf("error 0: root not allowed\n");
++ exit (EXIT_FAILURE);
++ }
++
+ #if HAVE_INITGROUPS
+ if (initgroups (pw->pw_name, pw->pw_gid) < 0
+ # ifdef EPERM
+@@ -6667,6 +6673,51 @@
+ }
+ #endif
+
++static char*
++global_repo_uid(const char* repository)
++{
++ FILE *fp;
++ char *linebuf = NULL;
++ size_t linebuf_len;
++ int found_it = 0;
++ size_t repolen = strlen (repository);
++ char *user;
++
++ fp = fopen (CVS_REPOUIDFILE, "r");
++ if (fp == NULL)
++ {
++ if (!existence_error (errno))
++ error (0, errno, "cannot open %s", CVS_REPOUIDFILE);
++ return NULL;
++ }
++
++ while (getline (&linebuf, &linebuf_len, fp) >= 0)
++ {
++ if ((strncmp (linebuf, repository, repolen) == 0)
++ && (linebuf[repolen] == ':'))
++ {
++ found_it = 1;
++ break;
++ }
++ }
++
++ if (ferror (fp))
++ error (0, errno, "cannot read %s", CVS_REPOUIDFILE);
++ if (fclose (fp) < 0)
++ error (0, errno, "cannot close %s", CVS_REPOUIDFILE);
++
++ if (!found_it) {
++ free (linebuf);
++ return NULL;
++ }
++
++ strtok (linebuf + repolen, "\n");
++ user = xstrdup (linebuf + repolen + 1);
++ free (linebuf);
++
++ return user;
++}
++
+ #ifdef AUTH_SERVER_SUPPORT
+
+ extern char *crypt (const char *, const char *);
+@@ -6738,7 +6789,7 @@
+ /* If found_it, then linebuf contains the information we need. */
+ if (found_it)
+ {
+- char *found_password, *host_user_tmp;
++ char *found_password, *host_user_tmp, *user_override;
+ char *non_cvsuser_portion;
+
+ /* We need to make sure lines such as
+@@ -6805,6 +6856,9 @@
+ /* Give host_user_ptr permanent storage. */
+ *host_user_ptr = xstrdup (host_user_tmp);
+ retval = 1;
++ user_override = global_repo_uid (repository);
++ if (user_override)
++ *host_user_ptr = user_override;
+ }
+ else
+ {
---- cvs-1.12.13.orig/debian/patches/10_rsc2log_fix
-+++ cvs-1.12.13/debian/patches/10_rsc2log_fix
-@@ -0,0 +1,49 @@
-+#
-+# Patch to make the rcs2log script cope with old-format (5 parameter)
-+# and new-format (6 parameter) log output. Bug#258140
-+#
-+# Patch from Ludovic Rousseau <rousseau@debian.org>
-+diff -ruN cvs-1.12.13-old/contrib/rcs2log.sh cvs-1.12.13/contrib/rcs2log.sh
-+--- cvs-1.12.13-old/contrib/rcs2log.sh 2005-07-12 22:12:55.000000000 +0800
-++++ cvs-1.12.13/contrib/rcs2log.sh 2006-02-26 17:43:11.000000000 +0800
-+@@ -416,11 +416,24 @@
-+ : ;;
-+ esac >$llogout || exit
-+
-++# the date format in 'cvs -q log' changed
-++# it was
-++# date: 2003/05/06 21:23:30; author: rousseau; state: Exp; lines: +29 -31
-++# it is now
-++# date: 2003-05-06 21:23:30 +0000; author: rousseau; state: Exp; lines: +29 -31
-+ output_authors='/^date: / {
-+- if ($2 ~ /^[0-9]*[-\/][0-9][0-9][-\/][0-9][0-9]$/ && $3 ~ /^[0-9][0-9]:[0-9][0-9]:[0-9][0-9][-+0-9:]*;$/ && $4 == "author:" && $5 ~ /^[^;]*;$/) {
-+- print substr($5, 1, length($5)-1)
-+- }
-++ # old date format
-++ if ($2 ~ /^[0-9]*[-\/][0-9][0-9][-\/][0-9][0-9]$/ && $3 ~ /^[0-9][0-9]:[0-9][0-9]:[0-9][0-9][-+0-9:]*;$/ && $4 == "author:" && $5 ~ /^[^;]*;$/) {
-++ print substr($5, 1, length($5)-1)
-++ }
-++ else {
-++ # new date format
-++ if ($2 ~ /^[0-9]*[-\/][0-9][0-9][-\/][0-9][0-9]$/ && $3 ~ /^[0-9][0-9]:[0-9][0-9]:[0-9][0-9][-+0-9:]*$/ && $5 == "author:" && $6 ~ /^[^;]*;$/) {
-++ print substr($6, 1, length($6)-1)
-++ }
-++ }
-+ }'
-++
-+ authors=`
-+ $AWK "$output_authors" <"$rlogfile" | sort -u | comm -23 - $llogout
-+ `
-+@@ -611,7 +624,11 @@
-+ date = newdate date
-+ }
-+ time = substr($3, 1, length($3) - 1)
-+- author = substr($5, 1, length($5)-1)
-++ author = substr($5, 1, length($5)-1)
-++ if (author ~ /author/) {
-++ # new date format
-++ author = substr($6, 1, length($6)-1)
-++ }
-+ printf "%s%s%s%s%s%s%s%s%s%s", filename, SOH, rev, SOH, date, SOH, time, SOH, author, SOH
-+ rev = "?"
-+ next
+#
+# Patch to make the rcs2log script cope with old-format (5 parameter)
+# and new-format (6 parameter) log output. Bug#258140
+#
+# Patch from Ludovic Rousseau <rousseau@debian.org>
+diff -ruN cvs-1.12.13-old/contrib/rcs2log.sh cvs-1.12.13/contrib/rcs2log.sh
+--- cvs-1.12.13-old/contrib/rcs2log.sh 2005-07-12 22:12:55.000000000 +0800
++++ cvs-1.12.13/contrib/rcs2log.sh 2006-02-26 17:43:11.000000000 +0800
+@@ -416,11 +416,24 @@
+ : ;;
+ esac >$llogout || exit
+
++# the date format in 'cvs -q log' changed
++# it was
++# date: 2003/05/06 21:23:30; author: rousseau; state: Exp; lines: +29 -31
++# it is now
++# date: 2003-05-06 21:23:30 +0000; author: rousseau; state: Exp; lines: +29 -31
+ output_authors='/^date: / {
+- if ($2 ~ /^[0-9]*[-\/][0-9][0-9][-\/][0-9][0-9]$/ && $3 ~ /^[0-9][0-9]:[0-9][0-9]:[0-9][0-9][-+0-9:]*;$/ && $4 == "author:" && $5 ~ /^[^;]*;$/) {
+- print substr($5, 1, length($5)-1)
+- }
++ # old date format
++ if ($2 ~ /^[0-9]*[-\/][0-9][0-9][-\/][0-9][0-9]$/ && $3 ~ /^[0-9][0-9]:[0-9][0-9]:[0-9][0-9][-+0-9:]*;$/ && $4 == "author:" && $5 ~ /^[^;]*;$/) {
++ print substr($5, 1, length($5)-1)
++ }
++ else {
++ # new date format
++ if ($2 ~ /^[0-9]*[-\/][0-9][0-9][-\/][0-9][0-9]$/ && $3 ~ /^[0-9][0-9]:[0-9][0-9]:[0-9][0-9][-+0-9:]*$/ && $5 == "author:" && $6 ~ /^[^;]*;$/) {
++ print substr($6, 1, length($6)-1)
++ }
++ }
+ }'
++
+ authors=`
+ $AWK "$output_authors" <"$rlogfile" | sort -u | comm -23 - $llogout
+ `
+@@ -611,7 +624,11 @@
+ date = newdate date
+ }
+ time = substr($3, 1, length($3) - 1)
+- author = substr($5, 1, length($5)-1)
++ author = substr($5, 1, length($5)-1)
++ if (author ~ /author/) {
++ # new date format
++ author = substr($6, 1, length($6)-1)
++ }
+ printf "%s%s%s%s%s%s%s%s%s%s", filename, SOH, rev, SOH, date, SOH, time, SOH, author, SOH
+ rev = "?"
+ next
---- cvs-1.12.13.orig/debian/patches/86_server_wrapper
-+++ cvs-1.12.13/debian/patches/86_server_wrapper
-@@ -0,0 +1,51 @@
-+#
-+# Added patch to support cvs -W ! - clears all wrappers (patch also
-+# forwarded to CVS people) #3374
-+#
-+# Patch by Michael Alan Dorman <mdorman@lot49.med.miami.edu>
-+diff -ruN cvs-1.12.13-old/src/wrapper.c cvs-1.12.13/src/wrapper.c
-+--- cvs-1.12.13-old/src/wrapper.c 2005-09-04 08:27:44.000000000 +0800
-++++ cvs-1.12.13/src/wrapper.c 2006-02-26 22:26:53.000000000 +0800
-+@@ -86,7 +86,7 @@
-+ move this to a per-connection data structure, or better yet
-+ think about a cleaner solution. */
-+ static int wrap_setup_already_done = 0;
-+- char *homedir;
-++ char *homedir = NULL;
-+
-+ if (wrap_setup_already_done != 0)
-+ return;
-+@@ -107,6 +107,11 @@
-+ free (file);
-+ }
-+
-++#ifdef SERVER_SUPPORT
-++ if (!server_active)
-++#endif
-++ {
-++
-+ /* Then add entries found in home dir, (if user has one) and file
-+ exists. */
-+ homedir = get_homedir ();
-+@@ -115,6 +120,8 @@
-+ hand it might be obnoxious to complain when CVS will function
-+ just fine without .cvswrappers (and many users won't even know what
-+ .cvswrappers is). */
-++ }
-++
-+ if (homedir != NULL)
-+ {
-+ char *file = strcat_filename_onto_homedir (homedir, CVSDOTWRAPPER);
-+@@ -339,6 +346,12 @@
-+ if (!line || line[0] == '#')
-+ return;
-+
-++ /* Allows user to declare all wrappers null and void */
-++ if ( line[0] == '!') {
-++ wrap_kill ( );
-++ return;
-++ }
-++
-+ memset (&e, 0, sizeof(e));
-+
-+ /* Search for the wild card */
+#
+# Added patch to support cvs -W ! - clears all wrappers (patch also
+# forwarded to CVS people) #3374
+#
+# Patch by Michael Alan Dorman <mdorman@lot49.med.miami.edu>
+diff -ruN cvs-1.12.13-old/src/wrapper.c cvs-1.12.13/src/wrapper.c
+--- cvs-1.12.13-old/src/wrapper.c 2005-09-04 08:27:44.000000000 +0800
++++ cvs-1.12.13/src/wrapper.c 2006-02-26 22:26:53.000000000 +0800
+@@ -86,7 +86,7 @@
+ move this to a per-connection data structure, or better yet
+ think about a cleaner solution. */
+ static int wrap_setup_already_done = 0;
+- char *homedir;
++ char *homedir = NULL;
+
+ if (wrap_setup_already_done != 0)
+ return;
+@@ -107,6 +107,11 @@
+ free (file);
+ }
+
++#ifdef SERVER_SUPPORT
++ if (!server_active)
++#endif
++ {
++
+ /* Then add entries found in home dir, (if user has one) and file
+ exists. */
+ homedir = get_homedir ();
+@@ -115,6 +120,8 @@
+ hand it might be obnoxious to complain when CVS will function
+ just fine without .cvswrappers (and many users won't even know what
+ .cvswrappers is). */
++ }
++
+ if (homedir != NULL)
+ {
+ char *file = strcat_filename_onto_homedir (homedir, CVSDOTWRAPPER);
+@@ -339,6 +346,12 @@
+ if (!line || line[0] == '#')
+ return;
+
++ /* Allows user to declare all wrappers null and void */
++ if ( line[0] == '!') {
++ wrap_kill ( );
++ return;
++ }
++
+ memset (&e, 0, sizeof(e));
+
+ /* Search for the wild card */
---- cvs-1.12.13.orig/debian/patches/98_fix_sparc_sigbus.diff
-+++ cvs-1.12.13/debian/patches/98_fix_sparc_sigbus.diff
-@@ -0,0 +1,30 @@
-+diff -Nru cvs-1.12.13.orig/src/update.c cvs-1.12.13/src/update.c
-+--- cvs-1.12.13.orig/src/update.c 2005-09-22 20:49:17.000000000 +0200
-++++ cvs-1.12.13/src/update.c 2006-12-15 01:35:54.000000000 +0100
-+@@ -58,7 +58,7 @@
-+ static int patch_file (struct file_info *finfo,
-+ Vers_TS *vers_ts,
-+ int *docheckout, struct stat *file_info,
-+- unsigned char *checksum);
-++ md5_uint32 *checksum);
-+ static void patch_file_write (void *, const char *, size_t);
-+ #endif
-+ static int merge_file (struct file_info *finfo, Vers_TS *vers);
-+@@ -723,7 +723,7 @@
-+ {
-+ int docheckout;
-+ struct stat file_info;
-+- unsigned char checksum[16];
-++ md5_uint32 checksum[4];
-+
-+ retval = patch_file (finfo,
-+ vers, &docheckout,
-+@@ -1511,7 +1511,7 @@
-+ */
-+ static int
-+ patch_file (struct file_info *finfo, Vers_TS *vers_ts, int *docheckout,
-+- struct stat *file_info, unsigned char *checksum)
-++ struct stat *file_info, md5_uint32 *checksum)
-+ {
-+ char *backup;
-+ char *file1;
+diff -Nru cvs-1.12.13.orig/src/update.c cvs-1.12.13/src/update.c
+--- cvs-1.12.13.orig/src/update.c 2005-09-22 20:49:17.000000000 +0200
++++ cvs-1.12.13/src/update.c 2006-12-15 01:35:54.000000000 +0100
+@@ -58,7 +58,7 @@
+ static int patch_file (struct file_info *finfo,
+ Vers_TS *vers_ts,
+ int *docheckout, struct stat *file_info,
+- unsigned char *checksum);
++ md5_uint32 *checksum);
+ static void patch_file_write (void *, const char *, size_t);
+ #endif
+ static int merge_file (struct file_info *finfo, Vers_TS *vers);
+@@ -723,7 +723,7 @@
+ {
+ int docheckout;
+ struct stat file_info;
+- unsigned char checksum[16];
++ md5_uint32 checksum[4];
+
+ retval = patch_file (finfo,
+ vers, &docheckout,
+@@ -1511,7 +1511,7 @@
+ */
+ static int
+ patch_file (struct file_info *finfo, Vers_TS *vers_ts, int *docheckout,
+- struct stat *file_info, unsigned char *checksum)
++ struct stat *file_info, md5_uint32 *checksum)
+ {
+ char *backup;
+ char *file1;
---- cvs-1.12.13.orig/debian/patches/90zlib-read-compressed.diff
-+++ cvs-1.12.13/debian/patches/90zlib-read-compressed.diff
-@@ -0,0 +1,11 @@
-+--- cvs-1.12.13/src/zlib.c~ 3 Jun 2005 18:26:09 -0000 1.31
-++++ cvs-1.12.13/src/zlib.c 27 Oct 2005 17:59:49 -0000
-+@@ -229,7 +229,7 @@ compress_buffer_input (void *closure, ch
-+ would fetch all the available bytes, and at least one byte. */
-+
-+ status = (*cb->buf->input) (cb->buf->closure, bd->text,
-+- need, BUFFER_DATA_SIZE, &nread);
-++ need ? 1 : 0, BUFFER_DATA_SIZE, &nread);
-+
-+ if (status == -2)
-+ /* Don't try to recover from memory allcoation errors. */
+--- cvs-1.12.13/src/zlib.c~ 3 Jun 2005 18:26:09 -0000 1.31
++++ cvs-1.12.13/src/zlib.c 27 Oct 2005 17:59:49 -0000
+@@ -229,7 +229,7 @@ compress_buffer_input (void *closure, ch
+ would fetch all the available bytes, and at least one byte. */
+
+ status = (*cb->buf->input) (cb->buf->closure, bd->text,
+- need, BUFFER_DATA_SIZE, &nread);
++ need ? 1 : 0, BUFFER_DATA_SIZE, &nread);
+
+ if (status == -2)
+ /* Don't try to recover from memory allcoation errors. */
projects / packages / cvs.git / commitdiff