packages/cvs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

init package

Browse Source
This commit is contained in:
duyyb 2020-02-14 11:36:11 +08:00
parent a3f228516a
commit 3498ff80f2
40 changed files with 2592 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
cvs-1.11.19-abortabort.patch Normal file
View File

@ -0,0 +1,70 @@
--- cvs-1.11.19/src/server.c.old3 2004-09-24 21:59:08.000000000 +0200
+++ cvs-1.11.19/src/server.c 2005-02-28 13:09:22.000000000 +0100
@@ -4900,6 +4900,15 @@
int status;
int save_noexec;
+#ifndef DONT_USE_SIGNALS
+#ifdef SIGABRT
+ /* Need to deregister the SIGABRT handler so that if an assertion
+ fails and calls abort while we're cleaning up, we won't
+ infinitely recurse in the cleanup function. */
+ SIG_deregister(SIGABRT, server_cleanup);
+#endif
+#endif /* !DONT_USE_SIGNALS */
+
if (buf_to_net != NULL)
{
/* Since we're done, go ahead and put BUF_TO_NET back into blocking
--- cvs-1.11.19/src/main.c.old3 2005-02-03 15:50:51.000000000 +0100
+++ cvs-1.11.19/src/main.c 2005-02-28 13:02:52.000000000 +0100
@@ -341,6 +341,13 @@
const char *name;
char temp[10];
+#ifdef SIGABRT
+ /* Need to deregister the SIGABRT handler so that if an assertion
+ fails and calls abort while we're cleaning up, we won't
+ infinitely recurse in the cleanup function. */
+ SIG_deregister(SIGABRT, main_cleanup);
+#endif
+
switch (sig)
{
#ifdef SIGABRT
--- cvs-1.11.19/src/rcs.c.old3 2005-01-31 23:15:08.000000000 +0100
+++ cvs-1.11.19/src/rcs.c 2005-02-28 13:06:06.000000000 +0100
@@ -8314,6 +8314,15 @@
called from a signal handler, so we don't know whether the
files got created. */
+#ifndef DONT_USE_SIGNALS
+#ifdef SIGABRT
+ /* Need to deregister the SIGABRT handler so that if an assertion
+ fails and calls abort while we're cleaning up, we won't
+ infinitely recurse in the cleanup function. */
+ SIG_deregister(SIGABRT, rcs_cleanup);
+#endif
+#endif /* !DONT_USE_SIGNALS */
+
/* FIXME: Do not perform buffered I/O from an interrupt handler like
this (via error). However, I'm leaving the error-calling code there
in the hope that on the rare occasion the error call is actually made
--- cvs-1.11.19/src/patch.c.old3 2005-01-31 23:15:02.000000000 +0100
+++ cvs-1.11.19/src/patch.c 2005-02-28 13:04:16.000000000 +0100
@@ -796,6 +796,15 @@
called from a signal handler, without SIG_begincrsect, so
we don't know whether the files got created. */
+#ifndef DONT_USE_SIGNALS
+#ifdef SIGABRT
+ /* Need to deregister the SIGABRT handler so that if an assertion
+ fails and calls abort while we're cleaning up, we won't
+ infinitely recurse in the cleanup function. */
+ SIG_deregister(SIGABRT, patch_cleanup);
+#endif
+#endif /* !DONT_USE_SIGNALS */
+
if (tmpfile1 != NULL)
{
if (unlink_file (tmpfile1) < 0

11
cvs-1.11.19-comp.patch Normal file
View File

@ -0,0 +1,11 @@
--- cvs-1.11.19/src/rcs.c.old 2005-03-17 11:21:18.000000000 +0100
+++ cvs-1.11.19/src/rcs.c 2005-03-17 11:21:56.000000000 +0100
@@ -138,7 +138,7 @@
string comparisons. This macro speeds things up a bit by skipping
the function call when the first characters are different. It
evaluates its arguments multiple times. */
-#define STREQ(a, b) (*(char *)(a) == *(char *)(b) && strcmp ((a), (b)) == 0)
+#define STREQ(a, b) ((a) != NULL && (b) != NULL && *(char *)(a) == *(char *)(b) && strcmp ((a), (b)) == 0)
/*
* We don't want to use isspace() from the C library because:

44
cvs-1.11.19-extzlib.patch Normal file
View File

@ -0,0 +1,44 @@
--- cvs-1.11.19/configure.in.old.old4 2005-02-01 00:10:49.000000000 +0100
+++ cvs-1.11.19/configure.in 2005-02-28 13:27:10.000000000 +0100
@@ -1040,8 +1040,8 @@
tools/Makefile \
vms/Makefile \
windows-NT/Makefile \
- windows-NT/SCC/Makefile \
- zlib/Makefile])
+ windows-NT/SCC/Makefile
+ ])
dnl and we're done
AC_OUTPUT
--- cvs-1.11.19/Makefile.am.old.old4 2004-11-11 23:30:36.000000000 +0100
+++ cvs-1.11.19/Makefile.am 2005-02-28 13:25:32.000000000 +0100
@@ -17,7 +17,7 @@
## Subdirectories to run make in for the primary targets.
# Unix source subdirs, where we'll want to run lint and etags:
# This is a legacy variable from b4 Automake
-USOURCE_SUBDIRS = lib zlib diff src
+USOURCE_SUBDIRS = lib diff src
# All other subdirs:
SUBDIRS = $(USOURCE_SUBDIRS) man doc contrib tools \
windows-NT os2 emx vms
--- cvs-1.11.19/src/Makefile.am.old.old4 2005-01-31 23:07:35.000000000 +0100
+++ cvs-1.11.19/src/Makefile.am 2005-02-28 13:24:26.000000000 +0100
@@ -24,7 +24,7 @@
# try and remove naming ocnflicts and fix Automake to allow particular includes
# to be attached only to particular object files. Short term fix is either or.
##INCLUDES = -I. -I.. -I$(srcdir) -I$(top_srcdir)/lib
-INCLUDES = -I$(top_srcdir)/lib -I$(top_srcdir)/diff -I$(top_srcdir)/zlib $(includeopt)
+INCLUDES = -I$(top_srcdir)/lib -I$(top_srcdir)/diff $(includeopt)
bin_PROGRAMS = cvs
bin_SCRIPTS = cvsbug
@@ -105,7 +105,7 @@
cvs_LDADD = \
../diff/libdiff.a \
../lib/libcvs.a \
- ../zlib/libz.a
+ -lz
# extra clean targets
# wish this could be distclean-hdr-local but it's not part of automake

20
cvs-1.11.19-logmsg.patch Normal file
View File

@ -0,0 +1,20 @@
--- cvs-1.11.19/src/logmsg.c.old 2005-03-09 10:45:50.000000000 +0100
+++ cvs-1.11.19/src/logmsg.c 2005-03-09 10:46:36.000000000 +0100
@@ -230,6 +230,8 @@
if ((*messagep)[0] == '\0' ||
(*messagep)[strlen (*messagep) - 1] != '\n')
(void) fprintf (fp, "\n");
+ } else {
+ (void) fprintf (fp, "\n");
}
if (repository != NULL)
@@ -271,7 +273,7 @@
}
(void) fprintf (fp,
- "\n%s----------------------------------------------------------------------\n",
+ "%s----------------------------------------------------------------------\n",
CVSEDITPREFIX);
(void) fprintf (fp,
"%sEnter Log. Lines beginning with `%.*s' are removed automatically\n%s\n",

28
cvs-1.11.19-netbsd-tag.patch Normal file
View File

@ -0,0 +1,28 @@
--- cvs-1.11.19/src/logmsg.c.old2 2005-02-28 11:49:35.000000000 +0100
+++ cvs-1.11.19/src/logmsg.c 2005-02-28 12:58:16.000000000 +0100
@@ -690,6 +690,15 @@
strlen (str_list) + strlen (p->key) + 5);
(void) strcat (str_list, p->key);
break;
+ case 't':
+ str_list =
+ xrealloc (str_list,
+ (strlen (str_list)
+ + (li->tag ? strlen (li->tag) : 0)
+ + 10)
+ );
+ (void) strcat (str_list, (li->tag ? li->tag : ""));
+ break;
case 'V':
str_list =
xrealloc (str_list,
--- cvs-1.11.19/src/mkmodules.c.old2 2005-01-31 23:14:17.000000000 +0100
+++ cvs-1.11.19/src/mkmodules.c 2005-02-28 12:59:03.000000000 +0100
@@ -74,6 +74,7 @@
"# s = file name\n",
"# V = old version number (pre-checkin)\n",
"# v = new version number (post-checkin)\n",
+ "# t = tag or branch name\n",
"#\n",
"# For example:\n",
"#DEFAULT (echo \"\"; id; echo %s; date; cat) >> $CVSROOT/CVSROOT/commitlog\n",

11
cvs-1.11.19-tagname.patch Normal file
View File

@ -0,0 +1,11 @@
--- cvs-1.11.19/src/rcs.c.old 2005-03-14 13:09:39.000000000 +0100
+++ cvs-1.11.19/src/rcs.c 2005-03-14 13:08:24.000000000 +0100
@@ -3382,7 +3382,7 @@
RCS_check_tag (tag)
const char *tag;
{
- char *invalid = "$,.:;@"; /* invalid RCS tag characters */
+ char *invalid = "$,.:;@/"; /* invalid RCS tag characters */
const char *cp;
/*

19
cvs-1.11.19-tmp.patch Normal file
View File

@ -0,0 +1,19 @@
--- cvs-1.11.19/src/cvsbug.in.old 2004-02-03 15:37:52.000000000 +0100
+++ cvs-1.11.19/src/cvsbug.in 2005-08-22 16:35:06.000000000 +0200
@@ -109,14 +109,14 @@
/usr/bin/ypcat passwd 2>/dev/null | cat - /etc/passwd | grep "^$LOGNAME:" |
cut -f5 -d':' | sed -e 's/,.*//' > $TEMP
ORIGINATOR="`cat $TEMP`"
- rm -f $TEMP
+ > $TEMP
fi
fi
if [ "$ORIGINATOR" = "" ]; then
grep "^$LOGNAME:" /etc/passwd | cut -f5 -d':' | sed -e 's/,.*//' > $TEMP
ORIGINATOR="`cat $TEMP`"
- rm -f $TEMP
+ > $TEMP
fi
if [ -n "$ORGANIZATION" ]; then

12
cvs-1.11.1p1-bs.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up cvs-1.11.23/src/sanity.sh.bs cvs-1.11.23/src/sanity.sh
--- cvs-1.11.23/src/sanity.sh.bs 2008-07-15 15:38:59.000000000 -0400
+++ cvs-1.11.23/src/sanity.sh 2008-07-15 15:40:29.000000000 -0400
@@ -18,6 +18,8 @@
#
# Original Author: K. Richard Pixley
+exit 0
+
# usage:
usage ()
{

11
cvs-1.11.21-diff-kk.patch Normal file
View File

@ -0,0 +1,11 @@
--- cvs-1.11.21/src/diff.c.old 2005-12-19 11:01:59.000000000 +0100
+++ cvs-1.11.21/src/diff.c 2005-12-21 15:45:40.000000000 +0100
@@ -438,7 +438,7 @@
/* Send the current files unless diffing two revs from the archive */
if (diff_rev2 == NULL && diff_date2 == NULL)
- send_files (argc, argv, local, 0, 0);
+ send_files (argc, argv, local, 0, options[0] == '\0' ? 0 : SEND_FORCE);
else
send_files (argc, argv, local, 0, SEND_NO_CONTENTS);

21
cvs-1.11.21-diff.patch Normal file
View File

@ -0,0 +1,21 @@
--- cvs-1.11.21/src/diff.c.old 2005-05-27 19:17:03.000000000 +0200
+++ cvs-1.11.21/src/diff.c 2005-12-15 15:22:05.000000000 +0100
@@ -955,14 +955,16 @@
/* The first revision does not exist. If EMPTY_FILES is
true, treat this as an added file. Otherwise, warn
about the missing tag. */
- if( use_rev2 == NULL || RCS_isdead( vers->srcfile, use_rev2 ) )
+ if( use_rev2 == NULL || RCS_isdead( vers->srcfile, use_rev2 ) ) {
/* At least in the case where DIFF_REV1 and DIFF_REV2
* are both numeric (and non-existant (NULL), as opposed to
* dead?), we should be returning some kind of error (see
* basicb-8a0 in testsuite). The symbolic case may be more
* complicated.
*/
- return DIFF_SAME;
+ error (0, 0, "no revision in file %s or missing file %s", finfo->fullname, finfo->fullname);
+ return DIFF_ERROR;
+ }
if( empty_files )
return DIFF_ADDED;
if( use_rev1 != NULL )

137
cvs-1.11.21-pam.patch Normal file
View File

@ -0,0 +1,137 @@
diff -up cvs-1.11.23/configure.in.pam cvs-1.11.23/configure.in
--- cvs-1.11.23/configure.in.pam 2008-07-15 15:40:50.000000000 -0400
+++ cvs-1.11.23/configure.in 2008-07-15 15:40:50.000000000 -0400
@@ -904,6 +904,36 @@ if test no != "$enable_server"; then
[The high water mark in bytes for server flow control. Required if
SERVER_FLOWCONTROL is defined, and useless otherwise.])
fi # enable_server_flow_control
+
+ dnl
+ dnl Give the confiscator control over whether the pam support is used
+ dnl
+ AC_ARG_ENABLE(
+ [pam],
+ AC_HELP_STRING(
+ [--enable-pam],
+ [Include code for running with pam code (default)]), ,
+ [if test "$ac_cv_search_connect" != yes; then
+ enable_pam=no
+ fi])
+
+ if test no != "$enable_pam"; then
+ AC_DEFINE(
+ [PAM_SUPPORT], [1],
+ [Define if you want CVS to be able to serve repositories to remote
+ clients.])
+
+ dnl
+ dnl Finding the pam_authenticate function.
+ dnl
+ AC_SEARCH_LIBS(
+ [pam_authenticate], [pam],
+ [AC_DEFINE(
+ [HAVE_PAM], [1],
+ [Define if you have the pam_authenticate function.])
+ ]) dnl AC_SEARCH_LIBS
+ fi #enable_pam
+
fi # enable_server
diff -up cvs-1.11.23/src/server.c.pam cvs-1.11.23/src/server.c
--- cvs-1.11.23/src/server.c.pam 2008-07-15 15:40:50.000000000 -0400
+++ cvs-1.11.23/src/server.c 2008-07-15 15:42:02.000000000 -0400
@@ -20,6 +20,12 @@
# include <process.h>
#endif
+/* needed for PAM authentication - fk 2000 */
+#if PAM_SUPPORT
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+#endif
+
int server_active = 0;
#if defined(SERVER_SUPPORT) || defined(CLIENT_SUPPORT)
@@ -5673,7 +5679,36 @@ check_repository_password (username, pas
return retval;
}
-
+/* callback for PAM authentication - fk 2000 */
+#if PAM_SUPPORT
+int silent_conv(int num_msg, const struct pam_message **msgm,
+ struct pam_response **response, void *appdata) {
+ int replies;
+ struct pam_response *reply = NULL;
+
+ reply = calloc(num_msg,sizeof(struct pam_response));
+ for (replies=0; replies<num_msg; replies++) {
+ switch (msgm[replies]->msg_style) {
+ case PAM_PROMPT_ECHO_ON:
+ case PAM_PROMPT_ECHO_OFF:
+ /* printf("Prompt: %s\n",msgm[replies]->msg); */
+ reply[replies].resp_retcode = PAM_SUCCESS;
+ reply[replies].resp = strdup((char*)appdata);
+ break;
+ case PAM_ERROR_MSG:
+ case PAM_TEXT_INFO:
+ reply[replies].resp_retcode = PAM_SUCCESS;
+ reply[replies].resp = NULL;
+ break;
+ default:
+ free(reply);
+ return PAM_CONV_ERR;
+ }
+ }
+ *response = reply;
+ return PAM_SUCCESS;
+}
+#endif
/* Return a hosting username if password matches, else NULL. */
static char *
@@ -5761,6 +5796,34 @@ error 0 %s: no such user\n", username);
if (*found_passwd)
{
/* user exists and has a password */
+#if PAM_SUPPORT
+ pam_handle_t *pamh = NULL;
+ struct pam_conv conv;
+ int retval;
+
+ conv.conv = silent_conv;
+ conv.appdata_ptr = password;
+
+ retval = pam_start("cvs", username, &conv, &pamh);
+
+ if (retval == PAM_SUCCESS)
+ retval = pam_authenticate(pamh, 0); /* is user really user? */
+
+ if (retval == PAM_SUCCESS)
+ retval = pam_acct_mgmt(pamh, 0); /* permitted access? */
+
+ /* This is where we have been authorized or not. */
+
+ if (retval == PAM_SUCCESS) {
+ host_user = xstrdup (username);
+ } else {
+ host_user = NULL;
+ }
+
+ if (pam_end(pamh,retval) != PAM_SUCCESS) { /* close Linux-PAM */
+ pamh = NULL;
+ }
+#else
if (strcmp (found_passwd, crypt (password, found_passwd)) == 0)
{
host_user = xstrdup (username);
@@ -5774,6 +5837,7 @@ error 0 %s: no such user\n", username);
crypt(password, found_passwd), found_passwd);
#endif
}
+#endif
goto handle_return;
}

211
cvs-1.11.21-proxy.patch Normal file
View File

@ -0,0 +1,211 @@
--- cvs-1.11.21/src/client.h.proxy 2005-08-02 22:46:57.000000000 +0200
+++ cvs-1.11.21/src/client.h 2005-11-10 10:26:24.000000000 +0100
@@ -83,6 +83,9 @@
# ifndef CVS_AUTH_PORT
# define CVS_AUTH_PORT 2401
# endif /* CVS_AUTH_PORT */
+# ifndef CVS_PROXY_PORT
+# define CVS_PROXY_PORT 80
+# endif /* CVS_PROXY_PORT */
# endif /* (AUTH_CLIENT_SUPPORT) || defined (HAVE_GSSAPI) */
# if HAVE_KERBEROS
--- cvs-1.11.21/src/client.c.proxy 2005-09-22 17:58:46.000000000 +0200
+++ cvs-1.11.21/src/client.c 2005-11-10 10:26:24.000000000 +0100
@@ -144,6 +144,7 @@
static size_t try_read_from_server PROTO ((char *, size_t));
+static void proxy_connect PROTO ((cvsroot_t *, int));
static void auth_server PROTO ((cvsroot_t *, struct buffer *, struct buffer *,
int, int, struct hostent *));
@@ -3802,7 +3803,7 @@
int port_number;
struct sockaddr_in client_sai;
struct hostent *hostinfo;
- struct buffer *to_server, *from_server;
+ struct buffer *local_to_server, *local_from_server;
sock = socket (AF_INET, SOCK_STREAM, 0);
if (sock == -1)
@@ -3810,7 +3811,17 @@
error (1, 0, "cannot create socket: %s", SOCK_STRERROR (SOCK_ERRNO));
}
port_number = get_cvs_port_number (root);
- hostinfo = init_sockaddr (&client_sai, root->hostname, port_number);
+
+ /* if we have a proxy connect to that instead */
+ if (root->proxy_hostname)
+ {
+ hostinfo = init_sockaddr (&client_sai, root->proxy_hostname, root->proxy_port);
+ }
+ else
+ {
+ hostinfo = init_sockaddr (&client_sai, root->hostname, port_number);
+ }
+
if (trace)
{
fprintf (stderr, " -> Connecting to %s(%s):%d\n",
@@ -3820,29 +3831,41 @@
if (connect (sock, (struct sockaddr *) &client_sai, sizeof (client_sai))
< 0)
error (1, 0, "connect to %s(%s):%d failed: %s",
- root->hostname,
+ root->proxy_hostname ? root->proxy_hostname : root->hostname,
inet_ntoa (client_sai.sin_addr),
- port_number, SOCK_STRERROR (SOCK_ERRNO));
+ root->proxy_hostname ? root->proxy_port : port_number,
+ SOCK_STRERROR (SOCK_ERRNO));
- make_bufs_from_fds (sock, sock, 0, &to_server, &from_server, 1);
+ make_bufs_from_fds (sock, sock, 0, &local_to_server, &local_from_server, 1);
- auth_server (root, to_server, from_server, verify_only, do_gssapi, hostinfo);
+ if (root->proxy_hostname)
+ {
+ // REALLY ugly hack to allow proxy_connect() to use send_to_server().
+ // The proper fix would be to remove the global to_server & from_server
+ // variables, and instead let send_to_server() etc. take the target
+ // server struct as a paramter.
+ to_server = local_to_server;
+ from_server = local_from_server;
+ proxy_connect (root, port_number);
+ }
+
+ auth_server (root, local_to_server, local_from_server, verify_only, do_gssapi, hostinfo);
if (verify_only)
{
int status;
- status = buf_shutdown (to_server);
+ status = buf_shutdown (local_to_server);
if (status != 0)
error (0, status, "shutting down buffer to server");
- buf_free (to_server);
- to_server = NULL;
+ buf_free (local_to_server);
+ local_to_server = NULL;
- status = buf_shutdown (from_server);
+ status = buf_shutdown (local_from_server);
if (status != 0)
error (0, status, "shutting down buffer from server");
- buf_free (from_server);
- from_server = NULL;
+ buf_free (local_from_server);
+ local_from_server = NULL;
/* Don't need to set server_started = 0 since we don't set it to 1
* until returning from this call.
@@ -3850,8 +3873,8 @@
}
else
{
- *to_server_p = to_server;
- *from_server_p = from_server;
+ *to_server_p = local_to_server;
+ *from_server_p = local_from_server;
}
return;
@@ -3860,6 +3883,46 @@
static void
+proxy_connect (root, port_number)
+ cvsroot_t *root;
+ int port_number;
+{
+#define CONNECT_STRING "CONNECT %s:%d HTTP/1.0\r\n\r\n"
+ /* Send a "CONNECT" command to proxy: */
+ char* read_buf;
+ int codenum, count;
+
+ /* 4 characters for port covered by the length of %s & %d */
+ char* write_buf = xmalloc (strlen (CONNECT_STRING) + strlen (root->hostname) + 20 + 1);
+ int len = sprintf (write_buf, CONNECT_STRING, root->hostname, port_number);
+ send_to_server (write_buf, len);
+
+ /* Wait for HTTP status code, bail out if you don't get back a 2xx code.*/
+ count = read_line (&read_buf);
+ sscanf (read_buf, "%s %d", write_buf, &codenum);
+
+ if ((codenum / 100) != 2)
+ error (1, 0, "proxy server %s:%d does not support http tunnelling",
+ root->proxy_hostname, root->proxy_port);
+ free (read_buf);
+ free (write_buf);
+
+ /* Skip through remaining part of MIME header, recv_line
+ consumes the trailing \n */
+ while(read_line (&read_buf) > 0)
+ {
+ if (read_buf[0] == '\r' || read_buf[0] == 0)
+ {
+ free (read_buf);
+ break;
+ }
+ free (read_buf);
+ }
+}
+
+
+
+static void
auth_server (root, lto_server, lfrom_server, verify_only, do_gssapi, hostinfo)
cvsroot_t *root;
struct buffer *lto_server;
--- cvs-1.11.21/src/root.c.proxy 2005-09-04 02:26:43.000000000 +0200
+++ cvs-1.11.21/src/root.c 2005-11-10 10:26:24.000000000 +0100
@@ -298,7 +298,7 @@
newroot->port = 0;
newroot->directory = NULL;
newroot->proxy_hostname = NULL;
- newroot->proxy_port = 0;
+ newroot->proxy_port = CVS_PROXY_PORT;
#endif /* CLIENT_SUPPORT */
return newroot;
@@ -371,6 +371,7 @@
char *cvsroot_copy, *p, *q; /* temporary pointers for parsing */
#ifdef CLIENT_SUPPORT
int check_hostname, no_port, no_password;
+ const char *env_var;
#endif /* CLIENT_SUPPORT */
assert (root_in);
@@ -406,6 +407,31 @@
cvsroot_copy = ++p;
#ifdef CLIENT_SUPPORT
+ /* Determine proxy */
+ env_var = getenv("CVS_PROXY");
+/*
+ if (!env_var)
+ env_var = getenv("HTTP_PROXY");
+ if (!env_var)
+ env_var = getenv("http_proxy");
+*/
+ /* Check if a proxy was specified, and if it is a HTTP proxy */
+ if (env_var && !memcmp(env_var, "http://", 7))
+ {
+ char *port_str;
+
+ /* Try to parse the proxy data */
+ env_var += 7;
+ /* TODO - parse username/password data, too */
+ port_str = strchr(env_var, ':');
+ if (port_str)
+ {
+ *port_str++ = 0;
+ newroot->proxy_port = atoi(port_str);
+ newroot->proxy_hostname = xstrdup(env_var);
+ }
+ }
+
/* Look for method options, for instance, proxy, proxyport.
* We don't handle these, but we like to try and warn the user that
* they are being ignored.

12
cvs-1.11.21-sort.patch Normal file
View File

@ -0,0 +1,12 @@
--- cvs-1.11.21/contrib/rcs2log.sh.old 2005-08-02 22:46:43.000000000 +0200
+++ cvs-1.11.21/contrib/rcs2log.sh 2006-05-09 11:49:10.000000000 +0200
@@ -68,6 +68,9 @@
For more information about these matters, see the files named COPYING.
Author: Paul Eggert <eggert@twinsun.com>'
+# set old environment for sort (bug #190009)
+export _POSIX2_VERSION=199209
+
# functions
@MKTEMP_SH_FUNCTION@

439
cvs-1.11.22-ipv6-proxy.patch Normal file
View File

@ -0,0 +1,439 @@
diff -up cvs-1.11.23/src/client.c.ipv6 cvs-1.11.23/src/client.c
--- cvs-1.11.23/src/client.c.ipv6 2008-07-15 15:42:29.000000000 -0400
+++ cvs-1.11.23/src/client.c 2008-07-15 15:43:46.000000000 -0400
@@ -81,7 +81,7 @@ static Key_schedule sched;
/* This is needed for GSSAPI encryption. */
static gss_ctx_id_t gcontext;
-static int connect_to_gserver PROTO((cvsroot_t *, int, struct hostent *));
+static int connect_to_gserver PROTO((cvsroot_t *, int, char *));
# endif /* HAVE_GSSAPI */
@@ -146,7 +146,7 @@ static size_t try_read_from_server PROTO
static void proxy_connect PROTO ((cvsroot_t *, int));
static void auth_server PROTO ((cvsroot_t *, struct buffer *, struct buffer *,
- int, int, struct hostent *));
+ int, int, char *));
/* We need to keep track of the list of directories we've sent to the
server. This list, along with the current CVSROOT, will help us
@@ -3583,30 +3583,6 @@ supported_request (name)
#if defined (AUTH_CLIENT_SUPPORT) || defined (HAVE_KERBEROS) || defined (HAVE_GSSAPI)
-static struct hostent *init_sockaddr PROTO ((struct sockaddr_in *, char *,
- unsigned int));
-
-static struct hostent *
-init_sockaddr (name, hostname, port)
- struct sockaddr_in *name;
- char *hostname;
- unsigned int port;
-{
- struct hostent *hostinfo;
- unsigned short shortport = port;
-
- memset (name, 0, sizeof (*name));
- name->sin_family = AF_INET;
- name->sin_port = htons (shortport);
- hostinfo = gethostbyname (hostname);
- if (hostinfo == NULL)
- {
- fprintf (stderr, "Unknown host %s.\n", hostname);
- error_exit ();
- }
- name->sin_addr = *(struct in_addr *) hostinfo->h_addr;
- return hostinfo;
-}
@@ -3782,41 +3758,63 @@ connect_to_pserver (root, to_server_p, f
{
int sock;
int port_number;
- struct sockaddr_in client_sai;
- struct hostent *hostinfo;
+ int gerr;
+ struct addrinfo hints, *res, *res0;
+ char pbuf[32];
struct buffer *local_to_server, *local_from_server;
+ char *p_hostname;
- sock = socket (AF_INET, SOCK_STREAM, 0);
- if (sock == -1)
- {
- error (1, 0, "cannot create socket: %s", SOCK_STRERROR (SOCK_ERRNO));
- }
port_number = get_cvs_port_number (root);
- /* if we have a proxy connect to that instead */
- if (root->proxy_hostname)
- {
- hostinfo = init_sockaddr (&client_sai, root->proxy_hostname, root->proxy_port);
- }
- else
- {
- hostinfo = init_sockaddr (&client_sai, root->hostname, port_number);
+ sprintf (pbuf, "%u", (root->proxy_hostname) ? root->proxy_port : port_number);
+ pbuf[sizeof(pbuf)-1] = '\0';
+ memset (&hints, 0, sizeof (hints));
+ hints.ai_family = af;
+ hints.ai_socktype = SOCK_STREAM;
+
+ /* do we have a proxy? */
+ p_hostname = (root->proxy_hostname) ? root->proxy_hostname : root->hostname;
+
+ gerr = getaddrinfo (p_hostname, pbuf, &hints, &res0);
+ if (gerr)
+ {
+ fprintf (stderr, "Unknown host %s.\n", p_hostname);
+ error_exit ();
+ }
+
+ /* Try connect to p_hostname using all available families */
+ for (res = res0; res != NULL; res = res->ai_next)
+ {
+ sock = socket (res->ai_family, res->ai_socktype, 0);
+ if (sock == -1) {
+ if (res->ai_next)
+ continue;
+ else {
+ char *sock_error = SOCK_STRERROR (SOCK_ERRNO);
+ freeaddrinfo(res0);
+ error (1, 0, "cannot create socket: %s", sock_error);
+ }
+ }
+
+ if (connect (sock, res->ai_addr, res->ai_addrlen) < 0)
+ {
+ if (res->ai_next)
+ {
+ close(sock);
+ continue;
+ }
+ else
+ {
+ char *sock_error = SOCK_STRERROR (SOCK_ERRNO);
+ freeaddrinfo(res0);
+ error (1, 0, "connect to [%s]:%s failed: %s", p_hostname,
+ pbuf, sock_error);
+ }
+ }
+ /* success */
+ break;
}
- if (trace)
- {
- fprintf (stderr, " -> Connecting to %s(%s):%d\n",
- root->hostname,
- inet_ntoa (client_sai.sin_addr), port_number);
- }
- if (connect (sock, (struct sockaddr *) &client_sai, sizeof (client_sai))
- < 0)
- error (1, 0, "connect to %s(%s):%d failed: %s",
- root->proxy_hostname ? root->proxy_hostname : root->hostname,
- inet_ntoa (client_sai.sin_addr),
- root->proxy_hostname ? root->proxy_port : port_number,
- SOCK_STRERROR (SOCK_ERRNO));
-
make_bufs_from_fds (sock, sock, 0, &local_to_server, &local_from_server, 1);
if (root->proxy_hostname)
@@ -3830,7 +3828,7 @@ connect_to_pserver (root, to_server_p, f
proxy_connect (root, port_number);
}
- auth_server (root, local_to_server, local_from_server, verify_only, do_gssapi, hostinfo);
+ auth_server (root, local_to_server, local_from_server, verify_only, do_gssapi, p_hostname);
if (verify_only)
{
@@ -3904,13 +3902,13 @@ proxy_connect (root, port_number)
static void
-auth_server (root, lto_server, lfrom_server, verify_only, do_gssapi, hostinfo)
+auth_server (root, lto_server, lfrom_server, verify_only, do_gssapi, hostname)
cvsroot_t *root;
struct buffer *lto_server;
struct buffer *lfrom_server;
int verify_only;
int do_gssapi;
- struct hostent *hostinfo;
+ char *hostname;
{
char *username = ""; /* the username we use to connect */
char no_passwd = 0; /* gets set if no password found */
@@ -3940,7 +3938,7 @@ auth_server (root, lto_server, lfrom_ser
error (1, 0, "gserver currently only enabled for socket connections");
}
- if (! connect_to_gserver (root, fd, hostinfo))
+ if (! connect_to_gserver (root, fd, hostname))
{
error (1, 0,
"authorization failed: server %s rejected access to %s",
@@ -3956,7 +3954,7 @@ auth_server (root, lto_server, lfrom_ser
char *begin = NULL;
char *password = NULL;
char *end = NULL;
-
+
if (verify_only)
{
begin = "BEGIN VERIFICATION REQUEST";
@@ -4137,36 +4135,74 @@ start_tcp_server (root, to_server, from_
int s;
const char *portenv;
int port;
- struct hostent *hp;
- struct sockaddr_in sin;
+ int gerr;
+ struct addrinfo hints, *res, *res0;
char *hname;
-
- s = socket (AF_INET, SOCK_STREAM, 0);
- if (s < 0)
- error (1, 0, "cannot create socket: %s", SOCK_STRERROR (SOCK_ERRNO));
+ char pbuf[32], hbuf[1025];
port = get_cvs_port_number (root);
- hp = init_sockaddr (&sin, root->hostname, port);
+ sprintf (pbuf, "%u", port);
+ pbuf[sizeof(pbuf)-1] = '\0';
+ memset (&hints, 0, sizeof(hints));
+ hints.ai_family = af;
+ hints.ai_socktype = SOCK_STREAM;
+ gerr = getaddrinfo (root->hostname, pbuf, &hints, &res0);
+ if (gerr) {
+ fprintf (stderr, "Unknown host %s.\n", root->hostname);
+ error_exit ();
+ }
- hname = xstrdup (hp->h_name);
-
- if (trace)
+ /* Try connect to current_parsed_root->hostname using all available families */
+ gerr = -1;
+ for (res = res0; res != NULL; res = res->ai_next)
{
- fprintf (stderr, " -> Connecting to %s(%s):%d\n",
- root->hostname,
- inet_ntoa (sin.sin_addr), port);
+ s = socket (res->ai_family, res->ai_socktype, 0);
+ if (s < 0)
+ {
+ if (res->ai_next)
+ continue;
+ else
+ {
+ char *sock_error = SOCK_STRERROR (SOCK_ERRNO);
+ freeaddrinfo(res0);
+ error (1, 0, "cannot create socket: %s", sock_error);
+ }
+ }
+ if (trace)
+ {
+ char hbuf[1025];
+ getnameinfo(res->ai_addr, res->ai_addrlen, hbuf, sizeof(hbuf),
+ NULL, 0, NI_NUMERICHOST);
+ fprintf (stderr, " -> Connecting to %s(%s):%d\n",
+ root->hostname, hbuf, port);
+ }
+
+ if (connect (s, res->ai_addr, res->ai_addrlen) < 0)
+ {
+ if (res->ai_next)
+ {
+ close(s);
+ continue;
+ }
+ else
+ {
+ char *sock_error = SOCK_STRERROR (SOCK_ERRNO);
+ freeaddrinfo(res0);
+ error (1, 0, "connect to [%s]:%s failed: %s",
+ root->hostname, pbuf, sock_error);
+ }
+ }
+ getnameinfo(res->ai_addr, res->ai_addrlen, hbuf, sizeof(hbuf), NULL, 0, 0);
+ hname = xmalloc (strlen (hbuf) + 1);
+ strcpy (hname, hbuf);
+ /* success */
+ break;
}
- if (connect (s, (struct sockaddr *) &sin, sizeof sin) < 0)
- error (1, 0, "connect to %s(%s):%d failed: %s",
- root->hostname,
- inet_ntoa (sin.sin_addr),
- port, SOCK_STRERROR (SOCK_ERRNO));
-
{
const char *realm;
- struct sockaddr_in laddr;
+ struct sockaddr_storage laddr;
int laddrlen;
KTEXT_ST ticket;
MSG_DAT msg_data;
@@ -4182,13 +4218,15 @@ start_tcp_server (root, to_server, from_
/* We don't care about the checksum, and pass it as zero. */
status = krb_sendauth (KOPT_DO_MUTUAL, s, &ticket, "rcmd",
hname, realm, (unsigned long) 0, &msg_data,
- &cred, sched, &laddr, &sin, "KCVSV1.0");
+ &cred, sched, &laddr, res->ai_addr, "KCVSV1.0");
if (status != KSUCCESS)
error (1, 0, "kerberos authentication failed: %s",
krb_get_err_text (status));
memcpy (kblock, cred.session, sizeof (C_Block));
}
+ freeaddrinfo(res0);
+
close_on_exec (s);
free (hname);
@@ -4241,10 +4279,10 @@ recv_bytes (sock, buf, need)
*/
#define BUFSIZE 1024
static int
-connect_to_gserver (root, sock, hostinfo)
+connect_to_gserver (root, sock, hostname)
cvsroot_t *root;
int sock;
- struct hostent *hostinfo;
+ char *hostname;
{
char *str;
char buf[BUFSIZE];
@@ -4257,9 +4295,9 @@ connect_to_gserver (root, sock, hostinfo
if (send (sock, str, strlen (str), 0) < 0)
error (1, 0, "cannot send: %s", SOCK_STRERROR (SOCK_ERRNO));
- if (strlen (hostinfo->h_name) > BUFSIZE - 5)
+ if (strlen (hostname) > BUFSIZE - 5)
error (1, 0, "Internal error: hostname exceeds length of buffer");
- sprintf (buf, "cvs@%s", hostinfo->h_name);
+ sprintf (buf, "cvs@%s", hostname);
tok_in.length = strlen (buf);
tok_in.value = buf;
gss_import_name (&stat_min, &tok_in, GSS_C_NT_HOSTBASED_SERVICE,
diff -up cvs-1.11.23/src/cvs.h.ipv6 cvs-1.11.23/src/cvs.h
--- cvs-1.11.23/src/cvs.h.ipv6 2006-08-25 11:48:55.000000000 -0400
+++ cvs-1.11.23/src/cvs.h 2008-07-15 15:42:29.000000000 -0400
@@ -381,6 +381,7 @@ extern char *CurDir;
extern int really_quiet, quiet;
extern int use_editor;
extern int cvswrite;
+extern int af;
extern mode_t cvsumask;
diff -up cvs-1.11.23/src/main.c.ipv6 cvs-1.11.23/src/main.c
--- cvs-1.11.23/src/main.c.ipv6 2008-07-15 15:42:28.000000000 -0400
+++ cvs-1.11.23/src/main.c 2008-07-15 15:42:29.000000000 -0400
@@ -18,6 +18,7 @@
*/
#include <assert.h>
+#include <sys/socket.h>
#include "cvs.h"
#ifdef HAVE_WINSOCK_H
@@ -47,6 +48,7 @@ int quiet = 0;
int trace = 0;
int noexec = 0;
int logoff = 0;
+int af = AF_UNSPEC;
/*
* Zero if compression isn't supported or requested; non-zero to indicate
@@ -164,7 +166,7 @@ static const char *const usg[] =
in --help as it is a rather different format from the rest. */
"Usage: %s [cvs-options] command [command-options-and-arguments]\n",
- " where cvs-options are -q, -n, etc.\n",
+ " where cvs-options are -4, -6,-q, -n, etc.\n",
" (specify --help-options for a list of options)\n",
" where command is add, admin, etc.\n",
" (specify --help-commands for a list of commands\n",
@@ -262,6 +264,8 @@ static const char *const opt_usage[] =
#endif
" -a Authenticate all net traffic.\n",
#endif
+ " -4 Use IPv4.\n",
+ " -6 Use IPv6.\n",
" -s VAR=VAL Set CVS user variable.\n",
"(Specify the --help option for a list of other help options)\n",
NULL
@@ -414,7 +418,7 @@ main (argc, argv)
int help = 0; /* Has the user asked for help? This
lets us support the `cvs -H cmd'
convention to give help for cmd. */
- static const char short_options[] = "+Qqrwtnvb:T:e:d:Hfz:s:xa";
+ static const char short_options[] = "+46Qqrwtnvb:T:e:d:Hfz:s:xa";
static struct option long_options[] =
{
{"help", 0, NULL, 'H'},
@@ -521,6 +525,12 @@ main (argc, argv)
/* --allow-root */
root_allow_add (optarg);
break;
+ case '4':
+ af = AF_INET;
+ break;
+ case '6':
+ af = AF_INET6;
+ break;
case 'Q':
really_quiet = 1;
/* FALL THROUGH */
diff -up cvs-1.11.23/src/server.c.ipv6 cvs-1.11.23/src/server.c
--- cvs-1.11.23/src/server.c.ipv6 2008-07-15 15:42:29.000000000 -0400
+++ cvs-1.11.23/src/server.c 2008-07-15 15:42:29.000000000 -0400
@@ -6091,8 +6091,8 @@ kserver_authenticate_connection ()
{
int status;
char instance[INST_SZ];
- struct sockaddr_in peer;
- struct sockaddr_in laddr;
+ struct sockaddr_storage peer;
+ struct sockaddr_storage laddr;
int len;
KTEXT_ST ticket;
AUTH_DAT auth;
@@ -6169,7 +6169,8 @@ static void
gserver_authenticate_connection ()
{
char hostname[MAXHOSTNAMELEN];
- struct hostent *hp;
+ char hbuf[1025];
+ struct addrinfo hints, *res0;
gss_buffer_desc tok_in, tok_out;
char buf[1024];
char *credbuf;
@@ -6181,11 +6182,16 @@ gserver_authenticate_connection ()
gss_OID mechid;
gethostname (hostname, sizeof hostname);
- hp = gethostbyname (hostname);
- if (hp == NULL)
+ hostname[sizeof(hostname)-1] = '\0';
+ memset (&hints, 0, sizeof(hints));
+ hints.ai_family = af;
+ hints.ai_socktype = SOCK_STREAM;
+ hints.ai_flags = AI_CANONNAME;
+ if (getaddrinfo (hostname, NULL, &hints, &res0))
error (1, 0, "can't get canonical hostname");
- sprintf (buf, "cvs@%s", hp->h_name);
+ sprintf (buf, "cvs@%s", res0->ai_canonname);
+ freeaddrinfo (res0);
tok_in.value = buf;
tok_in.length = strlen (buf);

121
cvs-1.11.22-stdinargs.patch Normal file
View File

@ -0,0 +1,121 @@
--- cvs-1.11.22.orig/src/cvs.h 2008-09-09 13:46:07.000000000 -0400
+++ cvs-1.11.22/src/cvs.h 2008-09-09 13:46:13.000000000 -0400
@@ -695,6 +695,8 @@ void sleep_past PROTO ((time_t desttime)
#define RUN_STDOUT_APPEND 0x0004 /* append to stdout, don't truncate */
#define RUN_STDERR_APPEND 0x0008 /* append to stderr, don't truncate */
#define RUN_SIGIGNORE 0x0010 /* ignore interrupts for command */
+#define RUN_PIPE 0x0020 /* pass the arguments by stdin instead
+ * as arguments */
#define RUN_TTY (char *)0 /* for the benefit of lint */
void run_add_arg_p PROTO ((int *, size_t *, char ***, const char *s));
--- cvs-1.11.22.orig/src/run.c 2005-10-03 16:31:12.000000000 -0400
+++ cvs-1.11.22/src/run.c 2008-09-09 13:49:15.000000000 -0400
@@ -123,6 +123,8 @@ run_exec (stin, stout, sterr, flags)
int rc = -1;
int rerrno = 0;
int pid, w;
+ int pipefd[2];
+ char *run_argv2[3] = { NULL, "-", NULL };
#ifdef POSIX_SIGNALS
sigset_t sigset_mask, sigset_omask;
@@ -163,7 +165,26 @@ run_exec (stin, stout, sterr, flags)
mode_out |= ((flags & RUN_STDOUT_APPEND) ? O_APPEND : O_TRUNC);
mode_err |= ((flags & RUN_STDERR_APPEND) ? O_APPEND : O_TRUNC);
- if (stin && (shin = open (stin, O_RDONLY)) == -1)
+ if (*(run_argv[0]) == '|')
+ {
+ char *buf;
+
+ if (pipe(pipefd) == -1) {
+ rerrno = errno;
+ error (0, errno, "unable to open pipe");
+ goto out0;
+ }
+ flags |= RUN_PIPE;
+ shin = pipefd[0];
+ buf = strdup(run_argv[0] + 1); /* skip '|' */
+ if (buf == NULL) {
+ rc = ENOMEM;
+ error (0, errno, "unable to allocate memory");
+ goto out1;
+ }
+ run_argv2[0] = buf;
+ }
+ else if (stin && (shin = open (stin, O_RDONLY)) == -1)
{
rerrno = errno;
error (0, errno, "cannot open %s for reading (prog %s)",
@@ -239,8 +260,14 @@ run_exec (stin, stout, sterr, flags)
#endif
/* dup'ing is done. try to run it now */
- (void) execvp (run_argv[0], run_argv);
- error (0, errno, "cannot exec %s", run_argv[0]);
+ if (flags & RUN_PIPE) {
+ close(pipefd[1]);
+ (void) execvp (run_argv2[0], run_argv2);
+ error (0, errno, "cannot exec %s", run_argv2[0]);
+ } else {
+ (void) execvp (run_argv[0], run_argv);
+ error (0, errno, "cannot exec %s", run_argv[0]);
+ }
_exit (127);
}
else if (pid == -1)
@@ -283,6 +310,39 @@ run_exec (stin, stout, sterr, flags)
#endif
#endif
+ /* write all the arguments in the stdout if requested */
+ if (flags & RUN_PIPE) {
+ int size, s;
+
+ close(pipefd[0]);
+ for (w = 0; run_argv[w] != NULL; w++) {
+ size = strlen(run_argv[w]);
+ s = 0;
+ while (s < size) {
+ rc = write(pipefd[1], run_argv[w] + s, size - s);
+ if (rc < 0 && errno != EINTR) {
+ /* all other cases we'll just fail */
+ rerrno = errno;
+ error (0, errno, "unable to write to the application's stdin %s",
+ run_argv2[0]);
+ goto wait_for_process;
+ } else if (rc > 0)
+ s += rc;
+ }
+ do {
+ rc = write(pipefd[1], "\n", 1);
+ if (rc < 0 && errno != EINTR) {
+ rerrno = errno;
+ error (0, errno, "unable to write to the application's stdin %s",
+ run_argv2[0]);
+ goto wait_for_process;
+ }
+ } while (rc != 1);
+ }
+wait_for_process:
+ close(pipefd[1]);
+ pipefd[1] = -1;
+ }
/* wait for our process to die and munge return status */
#ifdef POSIX_SIGNALS
while ((w = waitpid (pid, &status, 0)) == -1 && errno == EINTR)
@@ -356,7 +416,14 @@ run_exec (stin, stout, sterr, flags)
* relative to the protocol pipe
*/
cvs_flushout();
+ if (flags & RUN_PIPE)
+ free(run_argv2[0]);
out1:
+ if (flags & RUN_PIPE) {
+ shin = -1;
+ if (pipefd[1] != -1)
+ close(pipefd[1]);
+ }
if (stin)
(void) close (shin);

86
cvs-1.11.23-Allow-CVS-server-to-use-any-Kerberos-key-with-cvs-se.patch Normal file
View File

@ -0,0 +1,86 @@
From 8a186b2754997ed35f8a88d11457699517dd737c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Fri, 21 Jun 2013 13:01:55 +0200
Subject: [PATCH] Allow CVS server to use any Kerberos key with cvs service
name
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This removes restriction for host to be equalled to local hostname.
Previous pinning to hostname prevented from deploying multiple
instances of a CVS server into a cluster where each node has different
hostname.
<https://bugzilla.redhat.com/show_bug.cgi?id=671460>
<https://bugzilla.redhat.com/show_bug.cgi?id=722972>
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
doc/cvs.texinfo | 8 ++++----
src/server.c | 19 +++----------------
2 files changed, 7 insertions(+), 20 deletions(-)
diff --git a/doc/cvs.texinfo b/doc/cvs.texinfo
index ad3a414..3c7796a 100644
--- a/doc/cvs.texinfo
+++ b/doc/cvs.texinfo
@@ -2771,10 +2771,10 @@ an empty @file{CVSROOT/passwd} password file, and set
@code{SystemAuth=no} in the config file
(@pxref{config}).
-The GSSAPI server uses a principal name of
-cvs/@var{hostname}, where @var{hostname} is the
-canonical name of the server host. You will have to
-set this up as required by your GSSAPI mechanism.
+The GSSAPI server uses a principal name of cvs/@var{hostname}, where
+@var{hostname} can be any name. There is no restriction to canonical
+hostname to allow DNS load-balanced clusters. It assumes your GSSAPI
+mechanism can select a key with a host name matching client's request.
To connect using GSSAPI, use the @samp{:gserver:} method. For
example,
diff --git a/src/server.c b/src/server.c
index 0505ab9..586b5da 100644
--- a/src/server.c
+++ b/src/server.c
@@ -6168,9 +6168,7 @@ error 0 kerberos: can't get local name: %s\n", krb_get_err_text(status));
static void
gserver_authenticate_connection ()
{
- char hostname[MAXHOSTNAMELEN];
char hbuf[1025];
- struct addrinfo hints, *res0;
gss_buffer_desc tok_in, tok_out;
char buf[1024];
char *credbuf;
@@ -6181,23 +6179,12 @@ gserver_authenticate_connection ()
int nbytes;
gss_OID mechid;
- gethostname (hostname, sizeof hostname);
- hostname[sizeof(hostname)-1] = '\0';
- memset (&hints, 0, sizeof(hints));
- hints.ai_family = af;
- hints.ai_socktype = SOCK_STREAM;
- hints.ai_flags = AI_CANONNAME;
- if (getaddrinfo (hostname, NULL, &hints, &res0))
- error (1, 0, "can't get canonical hostname");
-
- sprintf (buf, "cvs@%s", res0->ai_canonname);
- freeaddrinfo (res0);
- tok_in.value = buf;
- tok_in.length = strlen (buf);
+ tok_in.value = "cvs";
+ tok_in.length = strlen (tok_in.value);
if (gss_import_name (&stat_min, &tok_in, GSS_C_NT_HOSTBASED_SERVICE,
&server_name) != GSS_S_COMPLETE)
- error (1, 0, "could not import GSSAPI service name %s", buf);
+ error (1, 0, "could not import GSSAPI service name %s", tok_in.value);
/* Acquire the server credential to verify the client's
authentication. */
--
1.8.1.4

266
cvs-1.11.23-Back-port-KeywordExpand-configuration-keyword.patch Normal file
View File

@ -0,0 +1,266 @@
From fe7182d15c93f46212781106b4b63503fcec713f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Tue, 15 Mar 2011 14:44:17 +0100
Subject: [PATCH] Back-port KeywordExpand configuration keyword
This is based on code from developemnt 1.12 branch.
---
doc/cvs.texinfo | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++++---
src/mkmodules.c | 5 +++
src/parseinfo.c | 4 ++
src/rcs.c | 51 ++++++++++++++++++++++++++++--
src/rcs.h | 1 +
5 files changed, 146 insertions(+), 8 deletions(-)
diff --git a/doc/cvs.texinfo b/doc/cvs.texinfo
index ad3a414..943af37 100644
--- a/doc/cvs.texinfo
+++ b/doc/cvs.texinfo
@@ -6847,11 +6847,12 @@ with strings of the form
a new revision of the file.
@menu
-* Keyword list:: Keywords
-* Using keywords:: Using keywords
-* Avoiding substitution:: Avoiding substitution
-* Substitution modes:: Substitution modes
-* Log keyword:: Problems with the $@splitrcskeyword{Log}$ keyword.
+* Keyword list:: Keywords
+* Using keywords:: Using keywords
+* Avoiding substitution:: Avoiding substitution
+* Substitution modes:: Substitution modes
+* Configuring keyword expansion:: Configuring keyword expansion
+* Log keyword:: Problems with the $@splitrcskeyword{Log}$ keyword.
@end menu
@c - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -7032,6 +7033,12 @@ contains @samp{$@@asis@{@}Author$} whenever the text
and @code{troff} you can embed the null-character
@code{\&} inside the keyword for a similar effect.
+It is also possible to specify an explicit list of
+keywords to include or exclude using the
+@code{KeywordExpand} option in the
+@file{CVSROOT/config} file--see @ref{Configuring keyword expansion}
+for more details.
+
@c - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
@node Substitution modes
@section Substitution modes
@@ -7124,6 +7131,74 @@ handle an export containing binary files correctly.
@end table
@c - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+@node Configuring keyword expansion
+@section Configuring Keyword Expansion
+@cindex Configuring keyword expansion
+
+The @code{KeywordExpand} option in the
+@file{CVSROOT/config} file is intended to allow for the
+either the explicit exclusion of a keyword or list of
+keywords, or for the explicit inclusion of a keyword or
+a list of keywords.
+
+The @code{KeywordExpand} option is followed by
+@code{=} and the next character may either be @code{i}
+to start an inclusion list or @code{e} to start an
+exclusion list. If the following lines were added to
+the @file{CVSROOT/config} file:
+
+@example
+ # Restrict keyword expansion to "Log" only
+ KeywordExpand=iLog
+@end example
+
+then only the $@splitrcskeyword{Log}$ keyword would be expanded.
+A list may be used. The this example:
+
+@example
+ # Restrict keyword expansion to the Name and Date keywords.
+ KeywordExpand=iName,Date
+@end example
+
+would allow $@splitrcskeyword{Name}$, and $@splitrcskeyword{Date}$
+to be expanded.
+
+It is also possible to configure an exclusion list
+using the following:
+
+@example
+ # Do not expand the keyword Date
+ KeywordExpand=eDate
+@end example
+
+This allows @sc{cvs} to ignore the
+$@splitrcskeyword{CVSHeader}$ keyword and retain all of the
+others. This could be confusing
+to users that expect RCS keywords to be expanded, so
+care should be taken to properly set user expectations
+for a repository that is configured in that manner.
+
+If there is a desire to not have any RCS keywords
+expanded and not use the @code{-ko} flags everywhere,
+an administrator may disable all keyword expansion
+using the @file{CVSROOT/config} line:
+
+@example
+ # Do not expand any RCS keywords
+ KeywordExpand=i
+@end example
+
+this could be confusing to users that expect RCS
+keywords like $@splitrcskeyword{Id}$ to be expanded properly,
+so care should be taken to properly set user
+expectations for a repository so configured.
+
+It should be noted that a patch to provide the
+@code{KeywordExpand} feature has been around a long time.
+However, that patch implemented this feature using
+@code{tagexpand=} keyword and this keyword is NOT recognized.
+
+@c - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
@node Log keyword
@section Problems with the $@splitrcskeyword{Log}$ keyword.
@@ -13789,6 +13864,14 @@ each command. It also provides a place for the
@file{CVS/Template} file (@pxref{Working directory
storage}).
+@cindex KeywordExpand, in @file{CVSROOT/config}
+@item KeywordExpand=@var{value}
+Specify @samp{i} followed by a list of keywords to be expanded
+(for example, @samp{KeywordExpand=iName,Date}),
+or @samp{e} followed by a list of keywords not to be expanded
+(for example, @samp{KeywordExpand=eName}).
+For more on keyword expansion, see @ref{Configuring keyword expansion}.
+
@cindex LockDir, in CVSROOT/config
@item LockDir=@var{directory}
Put @sc{cvs} lock files in @var{directory} rather than
diff --git a/src/mkmodules.c b/src/mkmodules.c
index 4bb9d74..3be9509 100644
--- a/src/mkmodules.c
+++ b/src/mkmodules.c
@@ -300,6 +300,11 @@ static const char *const config_contents[] = {
"# primary CVS repository.\n",
"#IgnoreUnknownConfigKeys=no\n",
"\n",
+ "# Set `KeywordExpand' to `i' followed by a list of keywords to expand or\n",
+ "# `e' followed by a list of keywords to not expand.\n"
+ "#KeywordExpand=iName,Date\n",
+ "#KeywordExpand=eName\n",
+ "\n",
"# Put CVS lock files in this directory rather than directly in the repository.\n",
"#LockDir=/var/lock/cvs\n",
"\n",
diff --git a/src/parseinfo.c b/src/parseinfo.c
index 86fc6d6..477740a 100644
--- a/src/parseinfo.c
+++ b/src/parseinfo.c
@@ -360,6 +360,10 @@ parse_config (cvsroot)
goto error_return;
}
}
+ else if (strcmp (line, "KeywordExpand") == 0)
+ {
+ RCS_setincexc (p);
+ }
else if (strcmp (line, "PreservePermissions") == 0)
{
if (strcmp (p, "no") == 0)
diff --git a/src/rcs.c b/src/rcs.c
index 20c3162..ba255ce 100644
--- a/src/rcs.c
+++ b/src/rcs.c
@@ -15,6 +15,7 @@
*/
#include <assert.h>
+#include <stdbool.h>
#include "cvs.h"
#include "edit.h"
#include "hardlink.h"
@@ -3509,9 +3510,10 @@ struct rcs_keyword
{
const char *string;
size_t len;
+ bool expandit;
};
-#define KEYWORD_INIT(s) (s), sizeof (s) - 1
-static const struct rcs_keyword keywords[] =
+#define KEYWORD_INIT(s) (s), sizeof (s) - 1, true
+static struct rcs_keyword keywords[] =
{
{ KEYWORD_INIT ("Author") },
{ KEYWORD_INIT ("Date") },
@@ -3717,7 +3719,8 @@ expand_keywords (rcs, ver, name, log, loglen, expand, buf, len, retbuf, retlen)
slen = s - srch;
for (keyword = keywords; keyword->string != NULL; keyword++)
{
- if (keyword->len == slen
+ if (keyword->expandit
+ && keyword->len == slen
&& strncmp (keyword->string, srch, slen) == 0)
{
break;
@@ -8958,3 +8961,45 @@ make_file_label (path, rev, rcs)
}
return label;
}
+
+
+
+void
+RCS_setincexc (const char *arg)
+{
+ char *key;
+ char *copy, *next;
+ bool include = false;
+ struct rcs_keyword *keyword;
+
+ copy = xstrdup(arg);
+ next = copy;
+ switch (*next++) {
+ case 'e':
+ include = false;
+ break;
+ case 'i':
+ include = true;
+ break;
+ default:
+ free(copy);
+ return;
+ }
+
+ if (include)
+ for (keyword = keywords; keyword->string != NULL; keyword++)
+ {
+ keyword->expandit = false;
+ }
+
+ key = strtok(next, ",");
+ while (key) {
+ for (keyword = keywords; keyword->string != NULL; keyword++) {
+ if (strcmp (keyword->string, key) == 0)
+ keyword->expandit = include;
+ }
+ key = strtok(NULL, ",");
+ }
+ free(copy);
+ return;
+}
diff --git a/src/rcs.h b/src/rcs.h
index 3a66640..2126029 100644
--- a/src/rcs.h
+++ b/src/rcs.h
@@ -250,6 +250,7 @@ int rcs_change_text PROTO ((const char *, char *, size_t, const char *,
void RCS_deltas PROTO ((RCSNode *, FILE *, struct rcsbuffer *, const char *,
enum rcs_delta_op, char **, size_t *,
char **, size_t *));
+void RCS_setincexc (const char *arg);
char *make_file_label PROTO ((const char *, const char *, RCSNode *));
extern int preserve_perms;
--
1.7.4

35
cvs-1.11.23-Close-a-configuration-file-on-a-syntax-error.patch Normal file
View File

@ -0,0 +1,35 @@
From 5ff81b29e89509ad425a792fa1bf786940254a52 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Thu, 3 May 2018 12:02:45 +0200
Subject: [PATCH] Close a configuration file on a syntax error
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If a configuration file contains a syntax error, then its file
descriptor is not closed and subsequently executed programs gets
access to the descriptor.
This patch fixes it.
http://savannah.nongnu.org/bugs/?36276
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
src/parseinfo.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/parseinfo.c b/src/parseinfo.c
index 477740a..17c9a69 100644
--- a/src/parseinfo.c
+++ b/src/parseinfo.c
@@ -476,6 +476,7 @@ set_defaults_and_return:
return 0;
error_return:
+ fclose (fp_info);
if (!logHistory)
logHistory = xstrdup (ALL_HISTORY_REC_TYPES);
if (infopath != NULL)
--
2.14.3

58
cvs-1.11.23-Fix-CVE-2017-12836.patch Normal file
View File

@ -0,0 +1,58 @@
From 0afbcf387fbfcc951caa5335e67b7b7eebffdaf9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Mon, 14 Aug 2017 10:32:25 +0200
Subject: [PATCH] Fix CVE-2017-12836
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The hostname passed to RSH (ssh) client could be interpreted by
OpenSSH client as an option and lead to local command execution.
This fix adds no-more-options "--" separator before the hostname
argument to the RSH client command.
Original patch by Thorsten Glaser <tg@mirbsd.de> from
<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871810> ported to
1.11.23.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
src/client.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/client.c b/src/client.c
index 2bef1a0..e87cda9 100644
--- a/src/client.c
+++ b/src/client.c
@@ -4839,7 +4839,7 @@ start_rsh_server (root, to_server, from_server)
char *cvs_rsh;
char *cvs_server = getenv ("CVS_SERVER");
int i = 0;
- /* This needs to fit "rsh", "-b", "-l", "USER", "host",
+ /* This needs to fit "rsh", "-b", "-l", "USER", "--", "host",
"cmd (w/ args)", and NULL. We leave some room to grow. */
char *rsh_argv[10];
@@ -4866,6 +4866,9 @@ start_rsh_server (root, to_server, from_server)
rsh_argv[i++] = root->username;
}
+ /* Only non-option arguments from here. (CVE-2017-12836) */
+ rsh_argv[i++] = "--";
+
rsh_argv[i++] = root->hostname;
rsh_argv[i++] = cvs_server;
rsh_argv[i++] = "server";
@@ -4944,6 +4947,8 @@ start_rsh_server (root, to_server, from_server)
*p++ = root->username;
}
+ *p++ = "--";
+
*p++ = root->hostname;
*p++ = command;
*p++ = NULL;
--
2.9.5

36
cvs-1.11.23-Fix-proxy-response-parser.patch Normal file
View File

@ -0,0 +1,36 @@
From 73d49d17ce8db58e090f82719f7c9aad7340cbac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Tue, 17 Jan 2012 17:55:00 +0100
Subject: [PATCH] Fix proxy response parser
If proxy sends overlong HTTP vesion string, the string will be copied
to unallocatd space (write_buf) causing heap overflow.
This patch fixes it by ignoring the HTTP version string and checking
the response line has been parsed correctly.
See <https://bugzilla.redhat.com/show_bug.cgi?id=773699> for more
details.
---
src/client.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/client.c b/src/client.c
index d0abd41..80872be 100644
--- a/src/client.c
+++ b/src/client.c
@@ -3878,9 +3878,9 @@ proxy_connect (root, port_number)
/* Wait for HTTP status code, bail out if you don't get back a 2xx code.*/
count = read_line (&read_buf);
- sscanf (read_buf, "%s %d", write_buf, &codenum);
+ count = sscanf (read_buf, "%*s %d", &codenum);
- if ((codenum / 100) != 2)
+ if (count != 1 || (codenum / 100) != 2)
error (1, 0, "proxy server %s:%d does not support http tunnelling",
root->proxy_hostname, root->proxy_port);
free (read_buf);
--
1.7.7.5

73
cvs-1.11.23-Pass-compilation-with-Wformat-security.patch Normal file
View File

@ -0,0 +1,73 @@
From 52093add7b3f38156e632fa81fcf1c0b6ad4d549 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Tue, 3 Dec 2013 15:11:14 +0100
Subject: [PATCH] Pass compilation with -Wformat-security
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
diff/diff3.c | 2 +-
src/main.c | 2 +-
src/subr.c | 12 ++++--------
3 files changed, 6 insertions(+), 10 deletions(-)
diff --git a/diff/diff3.c b/diff/diff3.c
index 006039f..e9418ce 100644
--- a/diff/diff3.c
+++ b/diff/diff3.c
@@ -1505,7 +1505,7 @@ output_diff3 (diff, mapping, rev_mapping)
line = 0;
do
{
- printf_output (line_prefix);
+ printf_output ("%s", line_prefix);
cp = D_RELNUM (ptr, realfile, line);
length = D_RELLEN (ptr, realfile, line);
write_output (cp, length);
diff --git a/src/main.c b/src/main.c
index 24a6e6f..e7f0439 100644
--- a/src/main.c
+++ b/src/main.c
@@ -1154,6 +1154,6 @@ usage (cpp)
{
(void) fprintf (stderr, *cpp++, program_name, cvs_cmd_name);
for (; *cpp; cpp++)
- (void) fprintf (stderr, *cpp);
+ (void) fprintf (stderr, "%s", *cpp);
error_exit ();
}
diff --git a/src/subr.c b/src/subr.c
index 0725503..94907ce 100644
--- a/src/subr.c
+++ b/src/subr.c
@@ -46,10 +46,8 @@ xmalloc (bytes)
cp = malloc (bytes);
if (cp == NULL)
{
- char buf[80];
- sprintf (buf, "out of memory; can not allocate %lu bytes",
- (unsigned long) bytes);
- error (1, 0, buf);
+ error (1, 0, "out of memory; can not allocate %lu bytes",
+ (unsigned long) bytes);
}
return (cp);
}
@@ -73,10 +71,8 @@ xrealloc (ptr, bytes)
if (cp == NULL)
{
- char buf[80];
- sprintf (buf, "out of memory; can not reallocate %lu bytes",
- (unsigned long) bytes);
- error (1, 0, buf);
+ error (1, 0, "out of memory; can not reallocate %lu bytes",
+ (unsigned long) bytes);
}
return (cp);
}
--
1.8.3.1

96
cvs-1.11.23-Set-PAM_TTY-and-PAM_RHOST-on-PAM-authentication.patch Normal file
View File

@ -0,0 +1,96 @@
From 923dc05d68031a217684aba87acdadc7f711c88a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Thu, 10 Mar 2011 15:16:04 +0100
Subject: [PATCH] Set PAM_TTY and PAM_RHOST on PAM authentication
When loging to server, PAM can make decision on client network address, so set
it appropriately. Also some modules require non-empy console name, thus set
PAM_TTY to cvs PAM service name (`cvs').
PAM failure is reported back to client.
This code is back-ported from from upstream developemt tree (r1.489).
`peer' and `len' types fixed to cover any address family.
---
src/server.c | 47 ++++++++++++++++++++++++++++++++++++++++++++++-
1 files changed, 46 insertions(+), 1 deletions(-)
diff --git a/src/server.c b/src/server.c
index 0505ab9..bc6f0d0 100644
--- a/src/server.c
+++ b/src/server.c
@@ -5799,18 +5799,61 @@ error 0 %s: no such user\n", username);
#if PAM_SUPPORT
pam_handle_t *pamh = NULL;
struct pam_conv conv;
+ char *pam_stage = "start";
+ struct sockaddr_storage peer;
+ socklen_t len;
+ char host[NI_MAXHOST];
int retval;
+ /* get the client's ip address */
+ len = sizeof (peer);
+ if (getpeername (STDIN_FILENO, (struct sockaddr *)&peer, &len) < 0)
+ {
+ printf ("E Fatal error, aborting.\n\
+error %s getpeername failed\n", strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+
+ /* convert the ip address to text */
+ if (getnameinfo((struct sockaddr *)&peer, len, host, NI_MAXHOST,
+ NULL, 0, NI_NUMERICHOST) < 0)
+ {
+ printf ("E Fatal error, aborting.\n\
+error %s getnameinfo failed\n", strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+
conv.conv = silent_conv;
conv.appdata_ptr = password;
- retval = pam_start("cvs", username, &conv, &pamh);
+#define PAM_SERVICE_NAME "cvs"
+ retval = pam_start(PAM_SERVICE_NAME, username, &conv, &pamh);
+
+ /* sets a dummy tty name which pam modules can check for */
+ if (retval == PAM_SUCCESS)
+ {
+ pam_stage = "set dummy tty";
+ retval = pam_set_item (pamh, PAM_TTY, PAM_SERVICE_NAME);
+ }
+#undef PAM_SERVICE_NAME
+
+ if (retval == PAM_SUCCESS)
+ {
+ pam_stage = "set remote host ip";
+ retval = pam_set_item (pamh, PAM_RHOST, host);
+ }
if (retval == PAM_SUCCESS)
+ {
+ pam_stage = "authenticate";
retval = pam_authenticate(pamh, 0); /* is user really user? */
+ }
if (retval == PAM_SUCCESS)
+ {
+ pam_stage = "account";
retval = pam_acct_mgmt(pamh, 0); /* permitted access? */
+ }
/* This is where we have been authorized or not. */
@@ -5818,6 +5861,8 @@ error 0 %s: no such user\n", username);
host_user = xstrdup (username);
} else {
host_user = NULL;
+ printf ("E PAM %s error: %s\n",
+ pam_stage, pam_strerror (pamh, retval));
}
if (pam_end(pamh,retval) != PAM_SUCCESS) { /* close Linux-PAM */
--
1.7.4

85
cvs-1.11.23-Use-diff-label.patch Normal file
View File

@ -0,0 +1,85 @@
From 59d36094189eea391ffda2dcc34d3de935bf476d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Thu, 3 May 2018 14:23:25 +0200
Subject: [PATCH] Use diff --label
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
diff's "-L" option is deprecated, use "--label" instead.
https://savannah.nongnu.org/bugs/?35267
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
src/diff.c | 3 ++-
src/rcs.c | 4 ++--
src/rcscmds.c | 8 ++++----
3 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/src/diff.c b/src/diff.c
index 084f10d..e362753 100644
--- a/src/diff.c
+++ b/src/diff.c
@@ -357,7 +357,8 @@ diff (argc, argv)
error (0, 0, "extra -L arguments ignored");
break;
}
- /* Fall through. */
+ add_diff_args (0, "--label", optarg);
+ break;
case 'C': case 'F': case 'I': case 'U': case 'W':
add_diff_args (c, NULL, optarg);
break;
diff --git a/src/rcs.c b/src/rcs.c
index ba255ce..9edb598 100644
--- a/src/rcs.c
+++ b/src/rcs.c
@@ -8933,7 +8933,7 @@ make_file_label (path, rev, rcs)
assert (strcmp(DEVNULL, path));
RCS_getrevtime (rcs, rev, datebuf, 0);
(void) date_to_internet (date, datebuf);
- (void) sprintf (label, "-L%s\t%s\t%s", path, date, rev);
+ (void) sprintf (label, "--label=%s\t%s\t%s", path, date, rev);
}
else
{
@@ -8957,7 +8957,7 @@ make_file_label (path, rev, rcs)
}
(void) tm_to_internet (datebuf, wm);
- (void) sprintf (label, "-L%s\t%s", path, datebuf);
+ (void) sprintf (label, "--label=%s\t%s", path, datebuf);
}
return label;
}
diff --git a/src/rcscmds.c b/src/rcscmds.c
index a9e576a..8617216 100644
--- a/src/rcscmds.c
+++ b/src/rcscmds.c
@@ -290,11 +290,11 @@ RCS_merge(rcs, path, workfile, options, rev1, rev2)
call_diff_add_arg ("-E");
call_diff_add_arg ("-am");
- call_diff_add_arg ("-L");
+ call_diff_add_arg ("--label");
call_diff_add_arg (workfile);
- call_diff_add_arg ("-L");
+ call_diff_add_arg ("--label");
call_diff_add_arg (xrev1);
- call_diff_add_arg ("-L");
+ call_diff_add_arg ("--label");
call_diff_add_arg (xrev2);
call_diff_add_arg ("--");
@@ -352,7 +352,7 @@ RCS_merge(rcs, path, workfile, options, rev1, rev2)
against; it must be non-NULL. If REV2 is non-NULL, compare REV1
and REV2; if REV2 is NULL compare REV1 with the file in the working
directory, whose name is WORKFILE. LABEL1 and LABEL2 are default
- file labels, and (if non-NULL) should be added as -L options
+ file labels, and (if non-NULL) should be added as --label options
to diff. Output goes to stdout.
Return value is 0 for success, -1 for a failure which set errno,
--
2.14.3

65
cvs-1.11.23-crypt-2.diff Normal file
View File

@ -0,0 +1,65 @@
From f3ba6614adc715b658fa7ba8de380c5890665de5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Wed, 5 Jun 2013 09:08:42 +0200
Subject: [PATCH] crypt(3) can return NULL
crypt(3) can fail and return NULL since glibc-2.17. This patch
prevents from crashing CVS in that case.
Patch ported from upstream report
<https://savannah.nongnu.org/bugs/index.php?39040> developed by
<mancha1@hush.com>.
---
src/server.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/src/server.c b/src/server.c
index bc6f0d0..348338c 100644
--- a/src/server.c
+++ b/src/server.c
@@ -5647,9 +5647,11 @@ check_repository_password (username, password, repository, host_user_ptr)
host_user_tmp = username;
/* Verify blank passwords directly, otherwise use crypt(). */
+ char *crypt_passwd = found_password ? crypt (password, found_password): NULL;
if ((found_password == NULL)
- || ((strcmp (found_password, crypt (password, found_password))
- == 0)))
+ || (crypt_passwd != NULL
+ && (strcmp (found_password, crypt_passwd)
+ == 0)))
{
/* Give host_user_ptr permanent storage. */
*host_user_ptr = xstrdup (host_user_tmp);
@@ -5660,7 +5662,7 @@ check_repository_password (username, password, repository, host_user_ptr)
#ifdef LOG_AUTHPRIV
syslog (LOG_AUTHPRIV | LOG_NOTICE,
"password mismatch for %s in %s: %s vs. %s", username,
- repository, crypt(password, found_password), found_password);
+ repository, crypt_passwd, found_password);
#endif
*host_user_ptr = NULL;
retval = 2;
@@ -5869,7 +5871,9 @@ error %s getnameinfo failed\n", strerror (errno));
pamh = NULL;
}
#else
- if (strcmp (found_passwd, crypt (password, found_passwd)) == 0)
+ char *crypt_passwd = crypt (password, found_passwd);
+ if ((crypt_passwd != NULL) &&
+ (strcmp (found_passwd, crypt_passwd) == 0))
{
host_user = xstrdup (username);
}
@@ -5879,7 +5883,7 @@ error %s getnameinfo failed\n", strerror (errno));
#ifdef LOG_AUTHPRIV
syslog (LOG_AUTHPRIV | LOG_NOTICE,
"password mismatch for %s: %s vs. %s", username,
- crypt(password, found_passwd), found_passwd);
+ crypt_passwd, found_passwd);
#endif
}
#endif
--
1.8.1.4

167
cvs-1.11.23-cve-2010-3846.patch Normal file
View File

@ -0,0 +1,167 @@
From b122edcb68ff05bb6eb22f6e50423e7f1050841b Mon Sep 17 00:00:00 2001
From: Larry Jones <lawrence.jones@siemens.com>
Date: Thu, 21 Oct 2010 10:08:16 +0200
Subject: [PATCH] Fix for CVE-2010-3846
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Mallformed RCS revision (delete after the end of input file, or overlayed
deleted regions) screws output file image size computation. This leads to
write attempt after the allocated memory opening hiden memory corruption
driven by CVS server.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
src/rcs.c | 52 +++++++++++++++++++++++++++++-----------------------
1 files changed, 29 insertions(+), 23 deletions(-)
diff --git a/src/rcs.c b/src/rcs.c
index 7d0d078..2f88f85 100644
--- a/src/rcs.c
+++ b/src/rcs.c
@@ -7128,7 +7128,7 @@ apply_rcs_changes (orig_lines, diffbuf, difflen, name, addvers, delvers)
struct deltafrag *dfhead;
struct deltafrag **dftail;
struct deltafrag *df;
- unsigned long numlines, lastmodline, offset;
+ unsigned long numlines, offset;
struct linevector lines;
int err;
@@ -7202,12 +7202,12 @@ apply_rcs_changes (orig_lines, diffbuf, difflen, name, addvers, delvers)
/* New temp data structure to hold new org before
copy back into original structure. */
- lines.nlines = lines.lines_alloced = numlines;
+ lines.lines_alloced = numlines;
lines.vector = xmalloc (numlines * sizeof *lines.vector);
/* We changed the list order to first to last -- so the
list never gets larger than the size numlines. */
- lastmodline = 0;
+ lines.nlines = 0;
/* offset created when adding/removing lines
between new and original structure */
@@ -7216,25 +7216,24 @@ apply_rcs_changes (orig_lines, diffbuf, difflen, name, addvers, delvers)
for (df = dfhead; df != NULL; )
{
unsigned int ln;
- unsigned long deltaend;
+ unsigned long newpos = df->pos - offset;
- if (df->pos > orig_lines->nlines)
+ if (newpos < lines.nlines || newpos > numlines)
err = 1;
/* On error, just free the rest of the list. */
if (!err)
{
- /* Here we need to get to the line where the next insert will
+ /* Here we need to get to the line where the next change will
begin, which is DF->pos in ORIG_LINES. We will fill up to
DF->pos - OFFSET in LINES with original items. */
- for (deltaend = df->pos - offset;
- lastmodline < deltaend;
- lastmodline++)
+ while (lines.nlines < newpos)
{
/* we need to copy from the orig structure into new one */
- lines.vector[lastmodline] =
- orig_lines->vector[lastmodline + offset];
- lines.vector[lastmodline]->refcount++;
+ lines.vector[lines.nlines] =
+ orig_lines->vector[lines.nlines + offset];
+ lines.vector[lines.nlines]->refcount++;
+ lines.nlines++;
}
switch (df->type)
@@ -7246,7 +7245,12 @@ apply_rcs_changes (orig_lines, diffbuf, difflen, name, addvers, delvers)
struct line *q;
int nextline_newline;
size_t nextline_len;
-
+
+ if (newpos + df->nlines > numlines)
+ {
+ err = 1;
+ break;
+ }
textend = df->new_lines + df->len;
nextline_newline = 0;
nextline_text = df->new_lines;
@@ -7271,8 +7275,7 @@ apply_rcs_changes (orig_lines, diffbuf, difflen, name, addvers, delvers)
q->has_newline = nextline_newline;
q->refcount = 1;
memcpy (q->text, nextline_text, nextline_len);
- lines.vector[lastmodline++] = q;
- offset--;
+ lines.vector[lines.nlines++] = q;
nextline_text = (char *)p + 1;
nextline_newline = 0;
@@ -7286,11 +7289,11 @@ apply_rcs_changes (orig_lines, diffbuf, difflen, name, addvers, delvers)
q->has_newline = nextline_newline;
q->refcount = 1;
memcpy (q->text, nextline_text, nextline_len);
- lines.vector[lastmodline++] = q;
+ lines.vector[lines.nlines++] = q;
/* For each line we add the offset between the #'s
decreases. */
- offset--;
+ offset -= df->nlines;
break;
}
@@ -7301,7 +7304,9 @@ apply_rcs_changes (orig_lines, diffbuf, difflen, name, addvers, delvers)
if (df->pos + df->nlines > orig_lines->nlines)
err = 1;
else if (delvers)
+ {
for (ln = df->pos; ln < df->pos + df->nlines; ++ln)
+ {
if (orig_lines->vector[ln]->refcount > 1)
/* Annotate needs this but, since the original
* vector is disposed of before returning from
@@ -7309,6 +7314,8 @@ apply_rcs_changes (orig_lines, diffbuf, difflen, name, addvers, delvers)
* there are multiple references.
*/
orig_lines->vector[ln]->vers = delvers;
+ }
+ }
break;
}
}
@@ -7328,21 +7335,20 @@ apply_rcs_changes (orig_lines, diffbuf, difflen, name, addvers, delvers)
else
{
/* add the rest of the remaining lines to the data vector */
- for (; lastmodline < numlines; lastmodline++)
+ while (lines.nlines < numlines)
{
/* we need to copy from the orig structure into new one */
- lines.vector[lastmodline] = orig_lines->vector[lastmodline
+ lines.vector[lines.nlines] = orig_lines->vector[lines.nlines
+ offset];
- lines.vector[lastmodline]->refcount++;
+ lines.vector[lines.nlines]->refcount++;
+ lines.nlines++;
}
/* Move the lines vector to the original structure for output,
* first deleting the old.
*/
linevector_free (orig_lines);
- orig_lines->vector = lines.vector;
- orig_lines->lines_alloced = numlines;
- orig_lines->nlines = lines.nlines;
+ *orig_lines = lines;
}
return !err;
--
1.7.2.3

113
cvs-1.11.23-cvspass.patch Normal file
View File

@ -0,0 +1,113 @@
From e4a25dba948af9211ffea6b27293fe15c4b3ba07 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Wed, 4 Dec 2013 08:37:24 +0100
Subject: [PATCH] Create ~/.cvspass at login if it does not exists
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
<https://bugzilla.redhat.com/show_bug.cgi?id=47457>
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
src/login.c | 9 +++++++++
src/logmsg.c | 2 +-
src/sanity.sh | 7 ++++++-
3 files changed, 16 insertions(+), 2 deletions(-)
diff --git a/src/login.c b/src/login.c
index 50b292b..75dc53a 100644
--- a/src/login.c
+++ b/src/login.c
@@ -315,6 +315,15 @@ internal error: can only call password_entry_operation with pserver method");
fp = CVS_FOPEN (passfile, "r");
if (fp == NULL)
{
+ fp = CVS_FOPEN (passfile, "w");
+ if (fp != NULL)
+ {
+ fclose (fp);
+ fp = CVS_FOPEN (passfile, "r");
+ }
+ }
+ if (fp == NULL)
+ {
error (0, errno, "warning: failed to open %s for reading", passfile);
goto process;
}
diff --git a/src/logmsg.c b/src/logmsg.c
index 741231b..0d4d6a2 100644
--- a/src/logmsg.c
+++ b/src/logmsg.c
@@ -269,7 +269,7 @@ do_editor (dir, messagep, repository, changes)
}
(void) fprintf (fp,
- "%s----------------------------------------------------------------------\n",
+ "\n%s----------------------------------------------------------------------\n",
CVSEDITPREFIX);
(void) fprintf (fp,
"%sEnter Log. Lines beginning with `%.*s' are removed automatically\n%s\n",
diff --git a/src/sanity.sh b/src/sanity.sh
index dbcae19..f119840 100755
--- a/src/sanity.sh
+++ b/src/sanity.sh
@@ -4195,7 +4195,6 @@ ${PROG} commit: Rebuilding administrative file database"
"$PROG logout: WARNING: Ignoring method options found in CVSROOT: \`proxy=localhost;proxyport=8080'\.
$PROG logout: Use CVS version 1\.12\.7 or later to handle method options\.
Logging out of :pserver:$username@localhost:2401/dev/null
-$PROG logout: warning: failed to open $HOME/\.cvspass for reading: No such file or directory
$PROG logout: Entry not found\."
fi
@@ -15552,6 +15551,7 @@ description:
revision 1\.1
date: [0-9/]* [0-9:]*; author: ${username}; state: Exp;
branches: 1\.1\.2;
+x
xCVS: ----------------------------------------------------------------------
xCVS: Enter Log. Lines beginning with .CVS:. are removed automatically
xCVS:
@@ -15563,6 +15563,7 @@ xCVS: ----------------------------------------------------------------------
----------------------------
revision 1\.1\.2\.1
date: [0-9/]* [0-9:]*; author: ${username}; state: Exp; lines: ${PLUS}1 -0
+x
xCVS: ----------------------------------------------------------------------
xCVS: Enter Log. Lines beginning with .CVS:. are removed automatically
xCVS:
@@ -15590,6 +15591,7 @@ description:
revision 1\.1
date: [0-9/]* [0-9:]*; author: ${username}; state: Exp;
branches: 1\.1\.2;
+x
xCVS: ----------------------------------------------------------------------
xCVS: Enter Log. Lines beginning with .CVS:. are removed automatically
xCVS:
@@ -15601,6 +15603,7 @@ xCVS: ----------------------------------------------------------------------
----------------------------
revision 1\.1\.2\.1
date: [0-9/]* [0-9:]*; author: ${username}; state: Exp; lines: ${PLUS}1 -0
+x
xCVS: ----------------------------------------------------------------------
xCVS: Enter Log. Lines beginning with .CVS:. are removed automatically
xCVS:
@@ -15622,6 +15625,7 @@ description:
revision 1\.1
date: [0-9/]* [0-9:]*; author: ${username}; state: Exp;
branches: 1\.1\.2;
+x
xCVS: ----------------------------------------------------------------------
xCVS: Enter Log. Lines beginning with .CVS:. are removed automatically
xCVS:
@@ -15633,6 +15637,7 @@ xCVS: ----------------------------------------------------------------------
----------------------------
revision 1\.1\.2\.1
date: [0-9/]* [0-9:]*; author: ${username}; state: Exp; lines: ${PLUS}1 -0
+x
xCVS: ----------------------------------------------------------------------
xCVS: Enter Log. Lines beginning with .CVS:. are removed automatically
xCVS:
--
1.8.3.1

30
cvs-1.11.23-doc-Add-mandatory-argument-to-sp.patch Normal file
View File

@ -0,0 +1,30 @@
From f40baecd3d09b1018185bcefde35464a79dbd68d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Wed, 5 Jun 2013 08:38:11 +0200
Subject: [PATCH] doc: Add mandatory argument to @sp
Texinfo-5.1 fails if @sp macro is not followed by a number. The
numeric argument is mandatory according to Texinfo documentation.
---
doc/cvs.texinfo | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/doc/cvs.texinfo b/doc/cvs.texinfo
index ad3a414..14bc79a 100644
--- a/doc/cvs.texinfo
+++ b/doc/cvs.texinfo
@@ -111,9 +111,9 @@ approved by the Free Software Foundation.
@sp 4
@comment The title is printed in a large font.
@center @titlefont{Version Management}
-@sp
+@sp 1
@center @titlefont{with}
-@sp
+@sp 1
@center @titlefont{CVS}
@sp 2
@center for @sc{cvs} @value{VERSION}
--
1.8.1.4

34
cvs-1.11.23-getline64.patch Normal file
View File

@ -0,0 +1,34 @@
--- cvs-1.11.23/lib/getline.c 2005-04-04 22:46:05.000000000 +0200
+++ cvs-1.11.23/lib/getline.c.old 2008-06-03 19:06:25.000000000 +0200
@@ -154,7 +154,7 @@
return ret;
}
-int
+ssize_t
getline (lineptr, n, stream)
char **lineptr;
size_t *n;
@@ -163,7 +163,7 @@
return getstr (lineptr, n, stream, '\n', 0, GETLINE_NO_LIMIT);
}
-int
+ssize_t
getline_safe (lineptr, n, stream, limit)
char **lineptr;
size_t *n;
--- cvs-1.11.23/lib/getline.h 2005-04-04 22:46:05.000000000 +0200
+++ cvs-1.11.23/lib/getline.h.old 2008-06-03 19:06:27.000000000 +0200
@@ -11,9 +11,9 @@
#define GETLINE_NO_LIMIT -1
-int
+ssize_t
getline __PROTO ((char **_lineptr, size_t *_n, FILE *_stream));
-int
+ssize_t
getline_safe __PROTO ((char **_lineptr, size_t *_n, FILE *_stream,
int limit));
int

30
cvs-1.11.23-make_make_check_sanity_testing_verbose.patch Normal file
View File

@ -0,0 +1,30 @@
From f923e7c9dd4c71a1f6318d4d9fb0bdd4476ab6c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Mon, 25 Oct 2010 17:14:47 +0200
Subject: [PATCH] Make `make check' sanity testing verbose
---
src/Makefile.am | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/Makefile.am b/src/Makefile.am
index 63e6b18..1adc157 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -125,11 +125,11 @@ check-local: localcheck remotecheck
.PHONY: localcheck
localcheck:
- $(SHELL) $(srcdir)/sanity.sh `pwd`/cvs$(EXEEXT)
+ $(SHELL) $(srcdir)/sanity.sh -v `pwd`/cvs$(EXEEXT)
.PHONY: remotecheck
remotecheck: all
- $(SHELL) $(srcdir)/sanity.sh -r `pwd`/cvs$(EXEEXT)
+ $(SHELL) $(srcdir)/sanity.sh -v -r `pwd`/cvs$(EXEEXT)
## MAINTAINER Targets
--
1.7.2.3

25
cvs-1.11.23-remove_undefined_date_from_cvs_1_header.patch Normal file
View File

@ -0,0 +1,25 @@
From 51ac6e634d6a53f4f2c78eafae599079c628e28e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Mon, 25 Oct 2010 16:21:54 +0200
Subject: [PATCH] Remove undefinded date from cvs(1) header
---
doc/cvs.1 | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/doc/cvs.1 b/doc/cvs.1
index b696d9a..07b7923 100644
--- a/doc/cvs.1
+++ b/doc/cvs.1
@@ -23,7 +23,7 @@
.ds Rv \\$3
.ds Dt \\$4
..
-.TH CVS 1 "\*(Dt"
+.TH CVS 1
.\" Full space in nroff; half space in troff
.de SP
.if n .sp
--
1.7.2.3

39
cvs-1.11.23-sanity.patch Normal file
View File

@ -0,0 +1,39 @@
diff -up cvs-1.11.23/src/sanity.sh.old cvs-1.11.23/src/sanity.sh
--- cvs-1.11.23/src/sanity.sh.old 2008-05-07 03:16:00.000000000 +0200
+++ cvs-1.11.23/src/sanity.sh 2010-04-08 14:35:40.574373789 +0200
@@ -2752,7 +2752,7 @@ ${PROG} \[admin aborted\]: attempt to de
dotest_fail basicb-21 "${testcvs} -q admin -H" \
"admin: illegal option -- H
${PROG} \[admin aborted\]: specify ${PROG} -H admin for usage information" \
-"admin: invalid option -- H
+"admin: invalid option -- 'H'
${PROG} \[admin aborted\]: specify ${PROG} -H admin for usage information"
cd ..
rmdir 1
@@ -22192,7 +22198,7 @@ done"
"-r--r--r-- .*"
else
dotest modes-5 "ls -l ${CVSROOT_DIRNAME}/first-dir/aa,v" \
-"-r--r--r-- .*"
+"-r--r--r--.*"
fi
# Test for whether we can set the execute bit.
@@ -22213,7 +22219,7 @@ done"
"-r--r--r-- .*"
else
dotest modes-7 "ls -l ${CVSROOT_DIRNAME}/first-dir/aa,v" \
-"-r--r--r-- .*"
+"-r--r--r--.*"
fi
# OK, now manually change the modes and see what happens.
@@ -22236,7 +22242,7 @@ done"
"-r--r----- .*"
else
dotest modes-7b "ls -l ${CVSROOT_DIRNAME}/first-dir/aa,v" \
-"-r--r----- .*"
+"-r--r-----.*"
fi
CVSUMASK=007

BIN
cvs-1.11.23.tar.bz2 Normal file
View File

Binary file not shown.

2
cvs.csh Normal file
View File

@ -0,0 +1,2 @@
# change default from rsh to ssh for cvs command
if ( "$?CVS_RSH" == 0 ) setenv CVS_RSH ssh

3
cvs.pam Normal file
View File

@ -0,0 +1,3 @@
#%PAM-1.0
auth include password-auth
account include password-auth

2
cvs.sh Normal file
View File

@ -0,0 +1,2 @@
# change default from rsh to ssh for cvs command
export CVS_RSH=${CVS_RSH-ssh}

10
cvs.socket Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=CVS Server Activation Socket
PartOf=cvs.target
[Socket]
ListenStream=2401
Accept=true
[Install]
WantedBy=sockets.target

140
cvs.spec Normal file
View File

@ -0,0 +1,140 @@
Name: cvs
Version: 1.11.23
Release: 53
Summary: Version control system
License: BSD and GPL+ and GPLv2+ and LGPLv2+ and zlib and Public Domain
URL: http://cvs.nongnu.org/
Source0: ftp://ftp.gnu.org/non-gnu/cvs/source/stable/%{version}/cvs-%{version}.tar.bz2
Source1: cvs.xinetd
Source2: cvs.pam
Source3: cvs.sh
Source4: cvs.csh
Source5: cvs@.service
Source6: cvs.socket
Source7: cvs.target
Patch0: cvs-1.11.23-cvspass.patch
Patch1: cvs-1.11.19-extzlib.patch
Patch2: cvs-1.11.19-netbsd-tag.patch
Patch3: cvs-1.11.19-abortabort.patch
Patch4: cvs-1.11.1p1-bs.patch
Patch5: cvs-1.11.21-proxy.patch
Patch7: cvs-1.11.19-logmsg.patch
Patch8: cvs-1.11.19-tagname.patch
Patch9: cvs-1.11.19-comp.patch
Patch11: cvs-1.11.19-tmp.patch
Patch12: cvs-1.11.21-pam.patch
Patch13: cvs-1.11.21-diff.patch
Patch14: cvs-1.11.21-diff-kk.patch
Patch15: cvs-1.11.21-sort.patch
Patch17: cvs-1.11.22-ipv6-proxy.patch
Patch19: cvs-1.11.23-getline64.patch
Patch20: cvs-1.11.22-stdinargs.patch
Patch21: cvs-1.11.23-cve-2010-3846.patch
Patch22: cvs-1.11.23-remove_undefined_date_from_cvs_1_header.patch
Patch23: cvs-1.11.23-sanity.patch
Patch24: cvs-1.11.23-make_make_check_sanity_testing_verbose.patch
Patch25: cvs-1.11.23-Set-PAM_TTY-and-PAM_RHOST-on-PAM-authentication.patch
Patch26: cvs-1.11.23-Back-port-KeywordExpand-configuration-keyword.patch
Patch27: cvs-1.11.23-Allow-CVS-server-to-use-any-Kerberos-key-with-cvs-se.patch
Patch28: cvs-1.11.23-Fix-proxy-response-parser.patch
Patch29: cvs-1.11.23-doc-Add-mandatory-argument-to-sp.patch
Patch30: cvs-1.11.23-crypt-2.diff
Patch31: cvs-1.11.23-Pass-compilation-with-Wformat-security.patch
Patch32: cvs-1.11.23-Fix-CVE-2017-12836.patch
Patch33: cvs-1.11.23-Close-a-configuration-file-on-a-syntax-error.patch
Patch34: cvs-1.11.23-Use-diff-label.patch
BuildRequires: autoconf automake coreutils glibc-common gzip krb5-devel vim-minimal
BuildRequires: libtool make pam-devel perl-generators systemd texinfo zlib-devel xinetd
Requires: vim-minimal xinetd
%{?systemd_requires}
Provides: cvs-inetd
Obsoletes: cvs-inetd
%description
CVS is a version control system, an important component of Source Configuration
Management (SCM). Using it, you can record the history of sources files, and
documents. It fills a similar role to the free software RCS, PRCS, and Aegis packages.
%package help
Summary: Documents for %{name}
Buildarch: noarch
Requires: man info
Provides: cvs-doc
Obsoletes: cvs-doc
%description help
Man pages and other related documents.
%prep
%autosetup -n %{name}-%{version} -p1
%build
autoreconf --install
PAM_CONFIG="--enable-pam"
k5prefix=`krb5-config --prefix`
CPPFLAGS=-I${k5prefix}/include/kerberosIV; export CPPFLAGS
CFLAGS=-I${k5prefix}/include/kerberosIV; export CFLAGS
LIBS="-lk5crypto"; export LIBS
KRB_CONFIG="--with-gssapi --without-krb4 --enable-encryption"
%configure CFLAGS="$CFLAGS $RPM_OPT_FLAGS \
-D_FILE_OFFSET_BITS=64 %-D_LARGEFILE64_SOURCE" \
$PAM_CONFIG $KRB_CONFIG CSH=/bin/csh
%make_build
%install
%make_install
gzip %{buildroot}/%{_infodir}/cvs*
install -D -m 644 %{SOURCE1} %{buildroot}/%{_sysconfdir}/xinetd.d/%{name}
mkdir -p %{buildroot}%{_localstatedir}/%{name}
install -D -m 644 %{SOURCE2} %{buildroot}/%{_sysconfdir}/pam.d/cvs
install -D -m 644 %{SOURCE3} %{buildroot}/%{_sysconfdir}/profile.d/cvs.sh
install -D -m 644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/profile.d/cvs.csh
install -p -m 644 -D %{SOURCE5} %{buildroot}%{_unitdir}/cvs\@.service
install -p -m 644 -D %{SOURCE6} %{buildroot}%{_unitdir}/cvs.socket
install -p -m 644 -D %{SOURCE7} %{buildroot}%{_unitdir}/cvs.target
%check
make check
%pre
%preun
%systemd_preun cvs.socket
%systemd_preun cvs.target
%post
%systemd_post cvs.socket
%postun
%systemd_postun_with_restart cvs.socket
%files
%defattr(-,root,root)
%license COPYING* AUTHORS
%doc BUGS DEVEL-CVS HACKING MINOR-BUGS NEWS PROJECTS TODO README
%config(noreplace) %{_sysconfdir}/pam.d/*
%config(noreplace) %{_sysconfdir}/profile.d/*
%config(noreplace) %{_sysconfdir}/xinetd.d/%{name}
%{_bindir}/cvs*
%dir %{_localstatedir}/%{name}
%{_unitdir}/*
%exclude %{_bindir}/rcs2log
%exclude %{_datadir}/%{name}
%files help
%license COPYING
%doc FAQ doc/RCSFILES doc/*.pdf
%{_mandir}/*/*
%{_infodir}/*.info*
%exclude %{_infodir}/dir
%changelog
* Tue Feb 11 2020 duyeyu <duyeyu@huawei.com> - 1.11.23-53
- Package init

2
cvs.target Normal file
View File

@ -0,0 +1,2 @@
[Unit]
Description=CVS Servers

19
cvs.xinetd Normal file
View File

@ -0,0 +1,19 @@
# default: off
# description: The CVS service can record the history of your source \
# files. CVS stores all the versions of a file in a single \
# file in a clever way that only stores the differences \
# between versions.
service cvspserver
{
disable = yes
port = 2401
socket_type = stream
protocol = tcp
wait = no
user = root
passenv = PATH
server = /usr/bin/cvs
env = HOME=/var/cvs
server_args = -f --allow-root=/var/cvs pserver
# bind = 127.0.0.1
}

9
cvs@.service Normal file
View File

@ -0,0 +1,9 @@
[Unit]
Description=CVS Server
After=local-fs.target
PartOf=cvs.target
[Service]
Environment=HOME=/var/cvs
ExecStart=-/usr/bin/cvs -f --allow-root=/var/cvs pserver
StandardInput=socket