From 03bd0d601ea842b2db5bd40a1f7f036989f9b517 Mon Sep 17 00:00:00 2001 From: Phil Miller Date: Wed, 30 Dec 2009 13:35:31 -0600 Subject: [PATCH] CVS Server: Support reading base and roots from environment The Gitosis single-account Git/ssh hosting system runs git commands through git-shell after confirming that the connecting user is authorized to access the requested repository. This works well for upload-pack and receive-pack, which take a repository argument through git-shell. This doesn't work so well for `cvs server', which is passed through literally, with no arguments. Allowing arguments risks sneaking in `--export-all', so that restriction should be maintained. Despite that, passing a repository root is necessary for per-user access control by the hosting software, and passing a base path improves usability without weakening security. Thus, git-cvsserver needs to come up with these values at runtime by some other means. Since git-shell preserves the environment for other purposes, the environment can carry these arguments as well. Thus, modify git-cvsserver to read $GIT_CVSSERVER_{BASE_PATH,ROOT} in the absence of equivalent command line arguments. Signed-off-by: Phil Miller Signed-off-by: Junio C Hamano --- Documentation/git-cvsserver.txt | 15 +++++++++++++++ git-cvsserver.perl | 22 +++++++++++++++++++++- 2 files changed, 36 insertions(+), 1 deletion(-) diff --git a/Documentation/git-cvsserver.txt b/Documentation/git-cvsserver.txt index 99a7c1470..fbab29550 100644 --- a/Documentation/git-cvsserver.txt +++ b/Documentation/git-cvsserver.txt @@ -277,6 +277,21 @@ In `dbdriver` and `dbuser` you can use the following variables: If no name can be determined, the numeric uid is used. +ENVIRONMENT +----------- + +These variables obviate the need for command-line options in some +circumstances, allowing easier restricted usage through git-shell. + +GIT_CVSSERVER_BASE_PATH takes the place of the argument to --base-path. + +GIT_CVSSERVER_ROOT specifies a single-directory whitelist. The +repository must still be configured to allow access through +git-cvsserver, as described above. + +When these environment variables are set, the corresponding +command-line arguments may not be used. + Eclipse CVS Client Notes ------------------------ diff --git a/git-cvsserver.perl b/git-cvsserver.perl index 6dc45f5d4..f5b57b9cb 100755 --- a/git-cvsserver.perl +++ b/git-cvsserver.perl @@ -104,6 +104,7 @@ $log->info("--------------- STARTING -----------------"); my $usage = "Usage: git cvsserver [options] [pserver|server] [ ...]\n". " --base-path : Prepend to requested CVSROOT\n". + " Can be read from GIT_CVSSERVER_BASE_PATH\n". " --strict-paths : Don't allow recursing into subdirectories\n". " --export-all : Don't check for gitcvs.enabled in config\n". " --version, -V : Print version information and exit\n". @@ -111,7 +112,8 @@ my $usage = "\n". " ... is a list of allowed directories. If no directories\n". "are given, all are allowed. This is an additional restriction, gitcvs\n". - "access still needs to be enabled by the gitcvs.enabled config option.\n"; + "access still needs to be enabled by the gitcvs.enabled config option.\n". + "Alternately, one directory may be specified in GIT_CVSSERVER_ROOT.\n"; my @opts = ( 'help|h|H', 'version|V', 'base-path=s', 'strict-paths', 'export-all' ); @@ -148,6 +150,24 @@ if ($state->{'export-all'} && !@{$state->{allowed_roots}}) { die "--export-all can only be used together with an explicit whitelist\n"; } +# Environment handling for running under git-shell +if (exists $ENV{GIT_CVSSERVER_BASE_PATH}) { + if ($state->{'base-path'}) { + die "Cannot specify base path both ways.\n"; + } + my $base_path = $ENV{GIT_CVSSERVER_BASE_PATH}; + $state->{'base-path'} = $base_path; + $log->debug("Picked up base path '$base_path' from environment.\n"); +} +if (exists $ENV{GIT_CVSSERVER_ROOT}) { + if (@{$state->{allowed_roots}}) { + die "Cannot specify roots both ways: @ARGV\n"; + } + my $allowed_root = $ENV{GIT_CVSSERVER_ROOT}; + $state->{allowed_roots} = [ $allowed_root ]; + $log->debug("Picked up allowed root '$allowed_root' from environment.\n"); +} + # if we are called with a pserver argument, # deal with the authentication cat before entering the # main loop -- 2.26.2