diff options
Diffstat (limited to 'main/cvs/cvs-1.12.12-block-requests.patch')
| -rw-r--r-- | main/cvs/cvs-1.12.12-block-requests.patch | 140 |
1 files changed, 0 insertions, 140 deletions
diff --git a/main/cvs/cvs-1.12.12-block-requests.patch b/main/cvs/cvs-1.12.12-block-requests.patch deleted file mode 100644 index 9c9b49db8f..0000000000 --- a/main/cvs/cvs-1.12.12-block-requests.patch +++ /dev/null @@ -1,140 +0,0 @@ -Author: Robin H. Johnson <robbat2@gentoo.org> -Date: 2006-08-09 - -This patch allows a CVS server to deny usage of specific commands, based on -input in the environment. - -Just set the CVS_BLOCK_REQUESTS env var with all of the commands you want, -seperated by spaces. Eg: -CVS_BLOCK_REQUESTS="Gzip-stream gzip-file-contents" -would block ALL usage of compression. - -Please see the array 'struct request requests[]' in src/server.c for a full -list of commands. - -Please note that if you block any commands marked as RQ_ESSENTIAL, CVS clients -may fail! (This includes 'ci'!). - -See the companion cvs-custom.c for a wrapper that can enforce the environment variable for pserver setups. - -Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> - -diff -Nuar --exclude '*~' -U 10 cvs-1.12.12.orig/src/server.c cvs-1.12.12/src/server.c ---- cvs-1.12.12.orig/src/server.c 2005-04-14 14:13:29.000000000 +0000 -+++ cvs-1.12.12/src/server.c 2006-08-09 01:40:44.000000000 +0000 -@@ -5836,43 +5836,90 @@ - #undef REQ_LINE - }; - #endif /* SERVER_SUPPORT or CLIENT_SUPPORT */ - - - - #ifdef SERVER_SUPPORT - /* - * This server request is not ignored by the secondary. - */ -+ -+/* Hack by Robin H. Johnson <robbat2@gentoo.org>. -+ * Allow the server ENV to specify what request types are to be ignored. -+ */ -+ -+static char blocked_requests[BUFSIZ] = " "; -+ -+static void build_blocked_requests() { -+ char *tmp = getenv("CVS_BLOCK_REQUESTS"); -+ -+ if (tmp != NULL && strlen(tmp) > 0) { -+ // move to our custom buffer -+ strncat(blocked_requests, tmp, sizeof(blocked_requests)-strlen(blocked_requests)); -+ //add a space on the end as well for searching -+ strncat(blocked_requests, " ", sizeof(blocked_requests)-strlen(blocked_requests)); -+ } -+ -+ // now blocked_requests contains the list of every request that we do not -+ // want to serve -+} -+ -+// returns 0 if we should serve this request -+// use as if(checker(FOO)) continue; -+static int serve_valid_requests_checker(char *reqname) { -+ char needle[BUFSIZ] = " "; -+ char *tmp; -+ -+ if(!blocked_requests || strlen(blocked_requests) < 2) -+ return 0; -+ -+ // we want to look for ' 'reqname' ' -+ snprintf(needle, sizeof(needle), " %s ", reqname); -+ -+ // now do the search -+ tmp = strstr(blocked_requests, needle); -+ -+ if (tmp != NULL) -+ return 1; -+ -+ return 0; -+ -+} -+ - static void - serve_valid_requests (char *arg) - { - struct request *rq; - - /* Since this is processed in the first pass, don't reprocess it in the - * second. - * - * We still print errors since new errors could have been generated in the - * second pass. - */ - if (print_pending_error () - #ifdef PROXY_SUPPORT - || reprocessing - #endif /* PROXY_SUPPORT */ - ) - return; -+ -+ build_blocked_requests(); - - buf_output0 (buf_to_net, "Valid-requests"); - for (rq = requests; rq->name != NULL; rq++) - { - if (rq->func != NULL) - { -+ if(serve_valid_requests_checker(rq->name)) -+ continue; - buf_append_char (buf_to_net, ' '); - buf_output0 (buf_to_net, rq->name); - } - } - buf_output0 (buf_to_net, "\nok\n"); - - /* The client is waiting for the list of valid requests, so we - must send the output now. */ - buf_flush (buf_to_net, 1); - } -@@ -6353,20 +6400,24 @@ - cmd += len; - else if (cmd[len] == ' ') - cmd += len + 1; - else - /* - * The first len characters match, but it's a different - * command. e.g. the command is "cooperate" but we matched - * "co". - */ - continue; -+ // Ignore commands that we are supposed to ignore. -+ if(serve_valid_requests_checker(rq->name)) -+ continue; -+ - - if (!(rq->flags & RQ_ROOTLESS) - && current_parsed_root == NULL) - { - /* For commands which change the way in which data - is sent and received, for example Gzip-stream, - this does the wrong thing. Since the client - assumes that everything is being compressed, - unconditionally, there is no way to give this - error to the client without turning on |