2 * Copyright (C) 1986-2008 The Free Software Foundation, Inc.
4 * Portions Copyright (C) 1998-2005 Derek Price, Ximbiot <http://ximbiot.com>,
7 * Poritons Copyright (c) 1992, Mark D. Baushke
9 * You may distribute under the terms of the GNU General Public License as
10 * specified in the README file that comes with the CVS source distribution.
14 * Determine the path to the CVSROOT and set "Root" accordingly.
21 /* Printable names for things in the current_parsed_root->method enum variable.
22 Watch out if the enum is changed in cvs.h! */
24 const char method_names[][16] = {
25 "undefined", "local", "server (rsh)", "pserver",
26 "kserver", "gserver", "ext", "extssh", "fork"
32 Name_Root (dir, update_dir)
34 const char *update_dir;
38 const char *xupdate_dir;
40 size_t root_allocated = 0;
46 if (update_dir && *update_dir)
47 xupdate_dir = update_dir;
53 cvsadm = xmalloc (strlen (dir) + sizeof (CVSADM) + 10);
54 (void) sprintf (cvsadm, "%s/%s", dir, CVSADM);
55 tmp = xmalloc (strlen (dir) + sizeof (CVSADM_ROOT) + 10);
56 (void) sprintf (tmp, "%s/%s", dir, CVSADM_ROOT);
60 cvsadm = xstrdup (CVSADM);
61 tmp = xstrdup (CVSADM_ROOT);
65 * Do not bother looking for a readable file if there is no cvsadm
68 * It is possible that not all repositories will have a CVS/Root
69 * file. This is ok, but the user will need to specify -d
70 * /path/name or have the environment variable CVSROOT set in
71 * order to continue. */
72 if ((!isdir (cvsadm)) || (!isreadable (tmp)))
79 * The assumption here is that the CVS Root is always contained in the
80 * first line of the "Root" file.
82 fpin = open_file (tmp, "r");
84 if ((len = getline (&root, &root_allocated, fpin)) < 0)
86 int saved_errno = errno;
87 /* FIXME: should be checking for end of file separately; errno
88 is not set in that case. */
89 error (0, 0, "in directory %s:", xupdate_dir);
90 error (0, saved_errno, "cannot read %s", CVSADM_ROOT);
91 error (0, 0, "please correct this problem");
98 *cp = '\0'; /* strip the newline */
101 * root now contains a candidate for CVSroot. It must be an
102 * absolute pathname or specify a remote server.
105 ret = parse_cvsroot (root);
108 error (0, 0, "in directory %s:", xupdate_dir);
110 "ignoring %s because it does not contain a valid root.",
115 if (!ret->isremote && !isdir (ret->directory))
117 error (0, 0, "in directory %s:", xupdate_dir);
119 "ignoring %s because it specifies a non-existent repository %s",
121 free_cvsroot_t (ret);
138 * Write the CVS/Root file so that the environment variable CVSROOT
139 * and/or the -d option to cvs will be validated or not necessary for
143 Create_Root (dir, rootdir)
153 /* record the current cvs root */
159 tmp = xmalloc (strlen (dir) + sizeof (CVSADM_ROOT) + 10);
160 (void) sprintf (tmp, "%s/%s", dir, CVSADM_ROOT);
163 tmp = xstrdup (CVSADM_ROOT);
165 fout = open_file (tmp, "w+");
166 if (fprintf (fout, "%s\n", rootdir) < 0)
167 error (1, errno, "write to %s failed", tmp);
168 if (fclose (fout) == EOF)
169 error (1, errno, "cannot close %s", tmp);
177 /* The root_allow_* stuff maintains a list of legal CVSROOT
178 directories. Then we can check against them when a remote user
179 hands us a CVSROOT directory. */
181 static int root_allow_count;
182 static char **root_allow_vector;
183 static int root_allow_size;
188 return root_allow_count;
197 if (root_allow_size <= root_allow_count)
199 if (root_allow_size == 0)
203 (char **) xmalloc (root_allow_size * sizeof (char *));
207 root_allow_size *= 2;
209 (char **) xrealloc (root_allow_vector,
210 root_allow_size * sizeof (char *));
213 if (root_allow_vector == NULL)
216 /* Strictly speaking, we're not supposed to output anything
217 now. But we're about to exit(), give it a try. */
218 printf ("E Fatal server error, aborting.\n\
219 error ENOMEM Virtual memory exhausted.\n");
224 p = xmalloc (strlen (arg) + 1);
228 root_allow_vector[root_allow_count++] = p;
234 if (root_allow_vector != NULL)
235 free_names (&root_allow_count, root_allow_vector);
245 if (root_allow_count == 0)
247 /* Probably someone upgraded from CVS before 1.9.10 to 1.9.10
248 or later without reading the documentation about
249 --allow-root. Printing an error here doesn't disclose any
250 particularly useful information to an attacker because a
251 CVS server configured in this way won't let *anyone* in. */
253 /* Note that we are called from a context where we can spit
254 back "error" rather than waiting for the next request which
255 expects responses. */
257 error 0 Server configuration missing --allow-root in inetd.conf\n");
261 for (i = 0; i < root_allow_count; ++i)
262 if (strcmp (root_allow_vector[i], arg) == 0)
269 /* This global variable holds the global -d option. It is NULL if -d
270 was not used, which means that we must get the CVSroot information
271 from the CVSROOT environment variable or from a CVS/Root file. */
272 char *CVSroot_cmdline;
276 /* FIXME - Deglobalize this. */
277 cvsroot_t *current_parsed_root = NULL;
281 /* allocate and initialize a cvsroot_t
283 * We must initialize the strings to NULL so we know later what we should
286 * Some of the other zeroes remain meaningful as, "never set, use default",
294 /* gotta store it somewhere */
295 newroot = xmalloc(sizeof(cvsroot_t));
297 newroot->original = NULL;
298 newroot->method = null_method;
299 newroot->isremote = 0;
300 #ifdef CLIENT_SUPPORT
301 newroot->username = NULL;
302 newroot->password = NULL;
303 newroot->hostname = NULL;
305 newroot->directory = NULL;
306 newroot->proxy_hostname = NULL;
307 newroot->proxy_port = 0;
308 #endif /* CLIENT_SUPPORT */
315 /* Dispose of a cvsroot_t and its component parts */
317 free_cvsroot_t (root)
320 if (root->original != NULL)
321 free (root->original);
322 if (root->directory != NULL)
323 free (root->directory);
324 #ifdef CLIENT_SUPPORT
325 if (root->username != NULL)
326 free (root->username);
327 if (root->password != NULL)
329 /* I like to be paranoid */
330 memset (root->password, 0, strlen (root->password));
331 free (root->password);
333 if (root->hostname != NULL)
334 free (root->hostname);
335 if (root->proxy_hostname != NULL)
336 free (root->proxy_hostname);
337 #endif /* CLIENT_SUPPORT */
344 * Parse a CVSROOT string to allocate and return a new cvsroot_t structure.
345 * Valid specifications are:
347 * :(gserver|kserver|pserver):[[user][:password]@]host[:[port]]/path
348 * [:(ext|server):][[user]@]host[:]/path
353 * root_in C String containing the CVSROOT to be parsed.
356 * A pointer to a newly allocated cvsroot_t structure upon success and
357 * NULL upon failure. The caller is responsible for disposing of
358 * new structures with a call to free_cvsroot_t().
361 * This would have been a lot easier to write in Perl.
367 parse_cvsroot (root_in)
370 cvsroot_t *newroot; /* the new root to be returned */
371 char *cvsroot_save; /* what we allocated so we can dispose
372 * it when finished */
373 char *firstslash; /* save where the path spec starts
375 * [[user][:password]@]host[:[port]]
377 char *cvsroot_copy, *p, *q; /* temporary pointers for parsing */
378 #ifdef CLIENT_SUPPORT
379 int check_hostname, no_port, no_password;
380 #endif /* CLIENT_SUPPORT */
384 /* allocate some space */
385 newroot = new_cvsroot_t();
387 /* save the original string */
388 newroot->original = xstrdup (root_in);
390 /* and another copy we can munge while parsing */
391 cvsroot_save = cvsroot_copy = xstrdup (root_in);
393 if (*cvsroot_copy == ':')
395 char *method = ++cvsroot_copy;
397 /* Access method specified, as in
398 * "cvs -d :(gserver|kserver|pserver):[[user][:password]@]host[:[port]]/path",
399 * "cvs -d [:(ext|server):][[user]@]host[:]/path",
400 * "cvs -d :local:e:\path",
401 * "cvs -d :fork:/path".
402 * We need to get past that part of CVSroot before parsing the
406 if (! (p = strchr (method, ':')))
408 error (0, 0, "No closing `:' on method in CVSROOT.");
414 #ifdef CLIENT_SUPPORT
415 /* Look for method options, for instance, proxy, proxyport.
416 * We don't handle these, but we like to try and warn the user that
417 * they are being ignored.
419 if ((p = strchr (method, ';')) != NULL)
425 "WARNING: Ignoring method options found in CVSROOT: `%s'.",
428 "Use CVS version 1.12.7 or later to handle method options.");
431 #endif /* CLIENT_SUPPORT */
433 /* Now we have an access method -- see if it's valid. */
435 if (strcmp (method, "local") == 0)
436 newroot->method = local_method;
437 else if (strcmp (method, "pserver") == 0)
438 newroot->method = pserver_method;
439 else if (strcmp (method, "kserver") == 0)
440 newroot->method = kserver_method;
441 else if (strcmp (method, "gserver") == 0)
442 newroot->method = gserver_method;
443 else if (strcmp (method, "server") == 0)
444 newroot->method = server_method;
445 else if (strcmp (method, "ext") == 0)
446 newroot->method = ext_method;
447 else if (strcmp (method, "extssh") == 0)
448 newroot->method = extssh_method;
449 else if (strcmp (method, "fork") == 0)
450 newroot->method = fork_method;
453 error (0, 0, "Unknown method (`%s') in CVSROOT.", method);
459 /* If the method isn't specified, assume EXT_METHOD if the string looks
460 like a relative path and LOCAL_METHOD otherwise. */
462 newroot->method = ((*cvsroot_copy != '/' && strchr (cvsroot_copy, '/'))
467 newroot->isremote = (newroot->method != local_method);
469 if ((newroot->method != local_method)
470 && (newroot->method != fork_method))
472 /* split the string into [[user][:password]@]host[:[port]] & /path
474 * this will allow some characters such as '@' & ':' to remain unquoted
475 * in the path portion of the spec
477 if ((p = strchr (cvsroot_copy, '/')) == NULL)
479 error (0, 0, "CVSROOT requires a path spec:");
481 ":(gserver|kserver|pserver):[[user][:password]@]host[:[port]]/path");
482 error (0, 0, "[:(ext|server):][[user]@]host[:]/path");
485 firstslash = p; /* == NULL if '/' not in string */
488 /* Don't parse username, password, hostname, or port without client
491 #ifdef CLIENT_SUPPORT
492 /* Check to see if there is a username[:password] in the string. */
493 if ((p = strchr (cvsroot_copy, '@')) != NULL)
496 /* check for a password */
497 if ((q = strchr (cvsroot_copy, ':')) != NULL)
500 newroot->password = xstrdup (++q);
501 /* Don't check for *newroot->password == '\0' since
502 * a user could conceivably wish to specify a blank password
504 * (newroot->password == NULL means to use the
505 * password from .cvspass)
509 /* copy the username */
510 if (*cvsroot_copy != '\0')
511 /* a blank username is impossible, so leave it NULL in that
512 * case so we know to use the default username
514 newroot->username = xstrdup (cvsroot_copy);
519 /* now deal with host[:[port]] */
522 if ((p = strchr (cvsroot_copy, ':')) != NULL)
534 "CVSROOT may only specify a positive, non-zero, integer port (not `%s').",
537 "Perhaps you entered a relative pathname?");
541 if ((newroot->port = atoi (p)) <= 0)
544 "CVSROOT may only specify a positive, non-zero, integer port (not `%s').",
546 error (0, 0, "Perhaps you entered a relative pathname?");
553 if (*cvsroot_copy != '\0')
554 /* blank hostnames are invalid, but for now leave the field NULL
555 * and catch the error during the sanity checks later
557 newroot->hostname = xstrdup (cvsroot_copy);
559 /* restore the '/' */
560 cvsroot_copy = firstslash;
562 #endif /* CLIENT_SUPPORT */
566 * Parse the path for all methods.
568 /* Here & local_cvsroot() should be the only places this needs to be
569 * called on a CVSROOT now. cvsroot->original is saved for error messages
570 * and, otherwise, we want no trailing slashes.
572 Sanitize_Repository_Name( cvsroot_copy );
573 newroot->directory = xstrdup(cvsroot_copy);
576 * Do various sanity checks.
579 #if ! defined (CLIENT_SUPPORT) && ! defined (DEBUG)
580 if (newroot->method != local_method)
582 error (0, 0, "CVSROOT is set for a remote access method but your");
583 error (0, 0, "CVS executable doesn't support it.");
588 #if ! defined (SERVER_SUPPORT) && ! defined (DEBUG)
589 if (newroot->method == fork_method)
591 error (0, 0, "CVSROOT is set to use the :fork: access method but your");
592 error (0, 0, "CVS executable doesn't support it.");
597 #ifdef CLIENT_SUPPORT
598 if (newroot->username && ! newroot->hostname)
600 error (0, 0, "Missing hostname in CVSROOT.");
607 #endif /* CLIENT_SUPPORT */
608 switch (newroot->method)
611 #ifdef CLIENT_SUPPORT
612 if (newroot->username || newroot->hostname)
614 error (0, 0, "Can't specify hostname and username in CVSROOT");
615 error (0, 0, "when using local access method.");
619 /* no_password already set */
620 #endif /* CLIENT_SUPPORT */
621 /* cvs.texinfo has always told people that CVSROOT must be an
622 absolute pathname. Furthermore, attempts to use a relative
623 pathname produced various errors (I couldn't get it to work),
624 so there would seem to be little risk in making this a fatal
626 if (!isabsolute (newroot->directory))
628 error (0, 0, "CVSROOT must be an absolute pathname (not `%s')",
630 error (0, 0, "when using local access method.");
634 #ifdef CLIENT_SUPPORT
636 /* We want :fork: to behave the same as other remote access
637 methods. Therefore, don't check to see that the repository
638 name is absolute -- let the server do it. */
639 if (newroot->username || newroot->hostname)
641 error (0, 0, "Can't specify hostname and username in CVSROOT");
642 error (0, 0, "when using fork access method.");
645 newroot->hostname = xstrdup("server"); /* for error messages */
646 if (!isabsolute (newroot->directory))
648 error (0, 0, "CVSROOT must be an absolute pathname (not `%s')",
650 error (0, 0, "when using fork access method.");
654 /* no_password already set */
657 # ifndef HAVE_KERBEROS
658 error (0, 0, "CVSROOT is set for a kerberos access method but your");
659 error (0, 0, "CVS executable doesn't support it.");
663 /* no_password already set */
668 error (0, 0, "CVSROOT is set for a GSSAPI access method but your");
669 error (0, 0, "CVS executable doesn't support it.");
673 /* no_password already set */
680 /* no_password already set */
687 #endif /* CLIENT_SUPPORT */
689 error (1, 0, "Invalid method found in parse_cvsroot");
692 #ifdef CLIENT_SUPPORT
693 if (no_password && newroot->password)
695 error (0, 0, "CVSROOT password specification is only valid for");
696 error (0, 0, "pserver connection method.");
700 if (check_hostname && !newroot->hostname)
702 error (0, 0, "Didn't specify hostname in CVSROOT.");
706 if (no_port && newroot->port)
708 error (0, 0, "CVSROOT port specification is only valid for gserver, kserver,");
709 error (0, 0, "and pserver connection methods.");
712 #endif /* CLIENT_SUPPORT */
714 if (*newroot->directory == '\0')
716 error (0, 0, "Missing directory in CVSROOT.");
720 /* Hooray! We finally parsed it! */
726 free_cvsroot_t (newroot);
732 #ifdef AUTH_CLIENT_SUPPORT
733 /* Use root->username, root->hostname, root->port, and root->directory
734 * to create a normalized CVSROOT fit for the .cvspass file
736 * username defaults to the result of getcaller()
737 * port defaults to the result of get_cvs_port_number()
739 * FIXME - we could cache the canonicalized version of a root inside the
740 * cvsroot_t, but we'd have to un'const the input here and stop expecting the
741 * caller to be responsible for our return value
744 normalize_cvsroot (root)
745 const cvsroot_t *root;
747 char *cvsroot_canonical;
748 char *p, *hostname, *username;
751 assert (root && root->hostname && root->directory);
753 /* get the appropriate port string */
754 sprintf (port_s, "%d", get_cvs_port_number (root));
756 /* use a lower case hostname since we know hostnames are case insensitive */
757 /* Some logic says we should be tacking our domain name on too if it isn't
758 * there already, but for now this works. Reverse->Forward lookups are
759 * almost certainly too much since that would make CVS immune to some of
760 * the DNS trickery that makes life easier for sysadmins when they want to
761 * move a repository or the like
763 p = hostname = xstrdup(root->hostname);
770 /* get the username string */
771 username = root->username ? root->username : getcaller();
772 cvsroot_canonical = xmalloc ( strlen(username)
773 + strlen(hostname) + strlen(port_s)
774 + strlen(root->directory) + 12);
775 sprintf (cvsroot_canonical, ":pserver:%s@%s:%s%s",
776 username, hostname, port_s, root->directory);
779 return cvsroot_canonical;
781 #endif /* AUTH_CLIENT_SUPPORT */
785 /* allocate and return a cvsroot_t structure set up as if we're using the local
791 cvsroot_t *newroot = new_cvsroot_t();
793 newroot->original = xstrdup(dir);
794 newroot->method = local_method;
795 newroot->directory = xstrdup(dir);
796 /* Here and parse_cvsroot() should be the only places this needs to be
797 * called on a CVSROOT now. cvsroot->original is saved for error messages
798 * and, otherwise, we want no trailing slashes.
800 Sanitize_Repository_Name( newroot->directory );
807 /* This is for testing the parsing function. Use
809 gcc -I. -I.. -I../lib -DDEBUG root.c -o root
815 char *program_name = "testing";
816 char *cvs_cmd_name = "parse_cvsroot"; /* XXX is this used??? */
818 /* Toy versions of various functions when debugging under unix. Yes,
819 these make various bad assumptions, but they're pretty easy to
820 debug when something goes wrong. */
823 error_exit PROTO ((void))
832 return (dir && (*dir == '/'));
840 program_name = argv[0];
844 fprintf (stderr, "Usage: %s <CVSROOT>\n", program_name);
848 if ((current_parsed_root = parse_cvsroot (argv[1])) == NULL)
850 fprintf (stderr, "%s: Parsing failed.\n", program_name);
853 printf ("CVSroot: %s\n", argv[1]);
854 printf ("current_parsed_root->method: %s\n", method_names[current_parsed_root->method]);
855 printf ("current_parsed_root->username: %s\n",
856 current_parsed_root->username ? current_parsed_root->username : "NULL");
857 printf ("current_parsed_root->hostname: %s\n",
858 current_parsed_root->hostname ? current_parsed_root->hostname : "NULL");
859 printf ("current_parsed_root->directory: %s\n", current_parsed_root->directory);