diff options
| author | Sam Vilain <sam.vilain@catalyst.net.nz> | 2010-05-15 15:07:54 (GMT) |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2010-05-20 04:02:59 (GMT) |
| commit | c057bad3701682a208b72473b746de6bb5d89792 (patch) | |
| tree | 962a302998692c9dde20cc12110ad5d7032d0da0 /git-cvsserver.perl | |
| parent | 031a027a72a62ccf45ae22dee5721e554f6ba6e9 (diff) | |
| download | git-c057bad3701682a208b72473b746de6bb5d89792.zip git-c057bad3701682a208b72473b746de6bb5d89792.tar.gz git-c057bad3701682a208b72473b746de6bb5d89792.tar.bz2 | |
git-cvsserver: use a password file cvsserver pserver
If a git repository is shared via HTTP, the config file is typically
visible. Use an external file instead.
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'git-cvsserver.perl')
| -rwxr-xr-x | git-cvsserver.perl | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/git-cvsserver.perl b/git-cvsserver.perl index 7097419..8b97fb8 100755 --- a/git-cvsserver.perl +++ b/git-cvsserver.perl @@ -189,24 +189,25 @@ if ($state->{method} eq 'pserver') { unless ($user eq 'anonymous') { # Trying to authenticate a user - if (not exists $cfg->{gitcvs}->{users}) { - print "E the repo config file needs a [gitcvs.users] section with user/password key-value pairs\n"; + if (not exists $cfg->{gitcvs}->{authdb}) { + print "E the repo config file needs a [gitcvs.authdb] section with a filename\n"; print "I HATE YOU\n"; exit 1; - } elsif (exists $cfg->{gitcvs}->{users} and not exists $cfg->{gitcvs}->{users}->{$user}) { - #print "E the repo config file has a [gitcvs.users] section but the user $user is not defined in it\n"; + } + my $auth_ok; + open PASSWD, "<$cfg->{gitcvs}->{authdb}" or die $!; + while(<PASSWD>) { + if (m{^\Q$user\E:(.*)}) { + if (crypt($user, $1) eq $1) { + $auth_ok = 1; + } + }; + } + unless ($auth_ok) { print "I HATE YOU\n"; exit 1; - } else { - my $descrambled_password = descramble($password); - my $cleartext_password = $cfg->{gitcvs}->{users}->{$user}; - if ($descrambled_password ne $cleartext_password) { - #print "E The password supplied for user $user was incorrect\n"; - print "I HATE YOU\n"; - exit 1; - } - # else fall through to LOVE } + # else fall through to LOVE } # For checking whether the user is anonymous on commit @@ -337,7 +338,7 @@ sub req_Root } foreach my $line ( @gitvars ) { - next unless ( $line =~ /^(gitcvs)\.(?:(ext|pserver|users)\.)?([\w-]+)=(.*)$/ ); + next unless ( $line =~ /^(gitcvs)\.(?:(ext|pserver)\.)?([\w-]+)=(.*)$/ ); unless ($2) { $cfg->{$1}{$3} = $4; } else { |