* [PATCH] cvsserver: Don't send mixed messages to clients
@ 2007-05-13 17:49 Frank Lichtenheld
[not found] ` <7vd514sg0g.fsf@assigned-by-dhcp.cox.net>
0 siblings, 1 reply; 5+ messages in thread
From: Frank Lichtenheld @ 2007-05-13 17:49 UTC (permalink / raw)
To: Junio C Hamano; +Cc: git, Martin Langhoff, Frank Lichtenheld
After we send I HATE YOU we should probably exit and not happily
continue with I LOVE YOU and further communication.
Most clients will probably just exit and ignore everything we
send after the I HATE YOU and it is not a security problem
either because we don't really care about the user name anyway.
But it is still the right thing to do.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de>
---
git-cvsserver.perl | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/git-cvsserver.perl b/git-cvsserver.perl
index a07c725..fcfb99d 100755
--- a/git-cvsserver.perl
+++ b/git-cvsserver.perl
@@ -105,6 +105,7 @@ if (@ARGV && $ARGV[0] eq 'pserver') {
unless ($line eq 'anonymous') {
print "E Only anonymous user allowed via pserver\n";
print "I HATE YOU\n";
+ exit 1;
}
$line = <STDIN>; chomp $line; # validate the password?
$line = <STDIN>; chomp $line;
--
1.5.1.4
^ permalink raw reply related [flat|nested] 5+ messages in thread[parent not found: <7vd514sg0g.fsf@assigned-by-dhcp.cox.net>]
[parent not found: <46a038f90705132338r12f70599m5845ffce31c945cf@mail.gmail.com>]
[parent not found: <20070514131528.GC5272@planck.djpig.de>]
* Re: [PATCH] cvsserver: Don't send mixed messages to clients [not found] ` <20070514131528.GC5272@planck.djpig.de> @ 2007-05-14 21:28 ` Junio C Hamano 2007-05-20 0:45 ` Frank Lichtenheld 0 siblings, 1 reply; 5+ messages in thread From: Junio C Hamano @ 2007-05-14 21:28 UTC (permalink / raw) To: Frank Lichtenheld; +Cc: Martin Langhoff, git Frank Lichtenheld <frank@lichtenheld.de> writes: > After looking through all the uses of > die "something" > and > print "E something"; > exit; > and > print "error 1 something"; > exit; > > in the current code I fail to see a real pattern there, is there any? > If yes, we should maybe document it in a comment somewhere... > > For the record, cvs (server side) does the following in this particular situation: > buf_output0 (buf_to_net, "I HATE YOU\n"); > buf_flush (buf_to_net, true); > > /* Don't worry about server_cleanup, server_active isn't set > yet. */ > exit (EXIT_FAILURE); Ok, I stand corrected. If there is a pattern to emulate, that should be found in the real cvs server. ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] cvsserver: Don't send mixed messages to clients 2007-05-14 21:28 ` Junio C Hamano @ 2007-05-20 0:45 ` Frank Lichtenheld 2007-05-20 0:51 ` Junio C Hamano 0 siblings, 1 reply; 5+ messages in thread From: Frank Lichtenheld @ 2007-05-20 0:45 UTC (permalink / raw) To: Junio C Hamano; +Cc: Martin Langhoff, git On Mon, May 14, 2007 at 02:28:29PM -0700, Junio C Hamano wrote: > Frank Lichtenheld <frank@lichtenheld.de> writes: > > For the record, cvs (server side) does the following in this particular situation: > > buf_output0 (buf_to_net, "I HATE YOU\n"); > > buf_flush (buf_to_net, true); > > > > /* Don't worry about server_cleanup, server_active isn't set > > yet. */ > > exit (EXIT_FAILURE); > > Ok, I stand corrected. If there is a pattern to emulate, that > should be found in the real cvs server. Will you correct the patch then back to my version? master still has your version of it AFAICT. Gruesse, -- Frank Lichtenheld <frank@lichtenheld.de> www: http://www.djpig.de/ ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] cvsserver: Don't send mixed messages to clients 2007-05-20 0:45 ` Frank Lichtenheld @ 2007-05-20 0:51 ` Junio C Hamano 2007-05-20 1:10 ` Frank Lichtenheld 0 siblings, 1 reply; 5+ messages in thread From: Junio C Hamano @ 2007-05-20 0:51 UTC (permalink / raw) To: Frank Lichtenheld; +Cc: Martin Langhoff, git Frank Lichtenheld <frank@lichtenheld.de> writes: > On Mon, May 14, 2007 at 02:28:29PM -0700, Junio C Hamano wrote: >> Frank Lichtenheld <frank@lichtenheld.de> writes: >> > For the record, cvs (server side) does the following in this particular situation: >> > buf_output0 (buf_to_net, "I HATE YOU\n"); >> > buf_flush (buf_to_net, true); >> > >> > /* Don't worry about server_cleanup, server_active isn't set >> > yet. */ >> > exit (EXIT_FAILURE); >> >> Ok, I stand corrected. If there is a pattern to emulate, that >> should be found in the real cvs server. > > Will you correct the patch then back to my version? master still has > your version of it AFAICT. Will do, but then we would also have to vet all the error exit paths to match what the real cvsserver does, wouldn't we? We've survived without that so far, so while I'll apply the above change before 1.5.2, I think we do not have to have the release wait for fixes to the other error exit paths. ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] cvsserver: Don't send mixed messages to clients 2007-05-20 0:51 ` Junio C Hamano @ 2007-05-20 1:10 ` Frank Lichtenheld 0 siblings, 0 replies; 5+ messages in thread From: Frank Lichtenheld @ 2007-05-20 1:10 UTC (permalink / raw) To: Junio C Hamano; +Cc: Martin Langhoff, git On Sat, May 19, 2007 at 05:51:35PM -0700, Junio C Hamano wrote: > Frank Lichtenheld <frank@lichtenheld.de> writes: > > > On Mon, May 14, 2007 at 02:28:29PM -0700, Junio C Hamano wrote: > >> Frank Lichtenheld <frank@lichtenheld.de> writes: > >> > For the record, cvs (server side) does the following in this particular situation: > >> > buf_output0 (buf_to_net, "I HATE YOU\n"); > >> > buf_flush (buf_to_net, true); > >> > > >> > /* Don't worry about server_cleanup, server_active isn't set > >> > yet. */ > >> > exit (EXIT_FAILURE); > >> > >> Ok, I stand corrected. If there is a pattern to emulate, that > >> should be found in the real cvs server. > > > > Will you correct the patch then back to my version? master still has > > your version of it AFAICT. > > Will do, but then we would also have to vet all the error exit > paths to match what the real cvsserver does, wouldn't we? Sure. But it is nothing utterly important. It just so happens that I already have a test for this one case and would like to see it fixed before submitting the test patches again. > We've survived without that so far, so while I'll apply the > above change before 1.5.2, I think we do not have to have the > release wait for fixes to the other error exit paths. Agreed. Gruesse, -- Frank Lichtenheld <frank@lichtenheld.de> www: http://www.djpig.de/ ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2007-05-20 1:11 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-05-13 17:49 [PATCH] cvsserver: Don't send mixed messages to clients Frank Lichtenheld
[not found] ` <7vd514sg0g.fsf@assigned-by-dhcp.cox.net>
[not found] ` <46a038f90705132338r12f70599m5845ffce31c945cf@mail.gmail.com>
[not found] ` <20070514131528.GC5272@planck.djpig.de>
2007-05-14 21:28 ` Junio C Hamano
2007-05-20 0:45 ` Frank Lichtenheld
2007-05-20 0:51 ` Junio C Hamano
2007-05-20 1:10 ` Frank Lichtenheld
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).