[PATCH] (to improve gitosis support) CVS Server: Support reading base and roots from environment

git.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] (to improve gitosis support) CVS Server: Support reading base  and roots from environment
@ 2009-11-12 17:25 Phil Miller
  2009-11-18  4:11 ` Phil Miller
  0 siblings, 1 reply; 2+ messages in thread
From: Phil Miller @ 2009-11-12 17:25 UTC (permalink / raw)
  To: Git Mailing List

[-- Attachment #1: Type: text/plain, Size: 1034 bytes --]

The Gitosis single-account Git/ssh hosting system runs git commands
through git-shell after confirming that the connecting user is
authorized to access the requested repository. This works well for
upload-pack and receive-pack, which take a repository argument through
git-shell. This doesn't work so well for `cvs server', which is passed
through literally, with no arguments. Allowing arguments risks
sneaking in `--export-all', so that restriction should be maintained.

Despite that, passing a list of repository roots is necessary for
per-user access control by the hosting software, and passing a base
path improves usability without weakening security. Thus,
git-cvsserver needs to come up with these values at runtime by some
other means. Since git-shell preserves the environment for other
purposes, the environment can carry these arguments as well.

Thus, modify git-cvsserver to read $GIT_CVSSERVER_{BASE_PATH,ROOTS} in
the absence of equivalent command line arguments.

Signed-off-by: Phil Miller <mille121@illinois.edu>

[-- Attachment #2: 0001-CVS-Server-Support-reading-base-and-roots-from-envir.patch --]
[-- Type: text/x-diff, Size: 3480 bytes --]

From f5c911ab8d7f17d2676fc520539f0e87f4cfe015 Mon Sep 17 00:00:00 2001
From: Phil Miller <mille121@illinois.edu>
Date: Wed, 14 Oct 2009 23:20:09 -0500
Subject: [PATCH] CVS Server: Support reading base and roots from environment

The Gitosis single-account Git/ssh hosting system runs git commands
through git-shell after confirming that the connecting user is
authorized to access the requested repository. This works well for
upload-pack and receive-pack, which take a repository argument through
git-shell. This doesn't work so well for `cvs server', which is passed
through literally, with no arguments. Allowing arguments risks
sneaking in `--export-all', so that restriction should be maintained.

Despite that, passing a list of repository roots is necessary for
per-user access control by the hosting software, and passing a base
path improves usability without weakening security. Thus,
git-cvsserver needs to come up with these values at runtime by some
other means. Since git-shell preserves the environment for other
purposes, the environment can carry these arguments as well.

Thus, modify git-cvsserver to read $GIT_CVSSERVER_{BASE_PATH,ROOTS} in
the absence of equivalent command line arguments.

Signed-off-by: Phil Miller <mille121@illinois.edu>
---
 git-cvsserver.perl |   21 ++++++++++++++++++++-
 1 files changed, 20 insertions(+), 1 deletions(-)

diff --git a/git-cvsserver.perl b/git-cvsserver.perl
index 6dc45f5..9e58d2a 100755
--- a/git-cvsserver.perl
+++ b/git-cvsserver.perl
@@ -104,6 +104,7 @@ $log->info("--------------- STARTING -----------------");
 my $usage =
     "Usage: git cvsserver [options] [pserver|server] [<directory> ...]\n".
     "    --base-path <path>  : Prepend to requested CVSROOT\n".
+    "                          Can be read from GIT_CVSSERVER_BASE_PATH\n".
     "    --strict-paths      : Don't allow recursing into subdirectories\n".
     "    --export-all        : Don't check for gitcvs.enabled in config\n".
     "    --version, -V       : Print version information and exit\n".
@@ -111,7 +112,8 @@ my $usage =
     "\n".
     "<directory> ... is a list of allowed directories. If no directories\n".
     "are given, all are allowed. This is an additional restriction, gitcvs\n".
-    "access still needs to be enabled by the gitcvs.enabled config option.\n";
+    "access still needs to be enabled by the gitcvs.enabled config option.\n".
+    "Alternately, these directories may be specified in GIT_CVSSERVER_ROOTS.\n";

 my @opts = ( 'help|h|H', 'version|V',
 	     'base-path=s', 'strict-paths', 'export-all' );
@@ -148,6 +150,23 @@ if ($state->{'export-all'} && !@{$state->{allowed_roots}}) {
     die "--export-all can only be used together with an explicit whitelist\n";
 }

+# Environment handling for running under git-shell
+if ($ENV{GIT_CVSSERVER_BASE_PATH}) {
+    if ($state->{'base-path'}) {
+	die "Cannot specify base path both ways.\n";
+    }
+    my $base_path = $ENV{GIT_CVSSERVER_BASE_PATH};
+    $state->{'base-path'} = $base_path;
+    $log->debug("Picked up base path '$base_path' from environment.\n");
+}
+if ($ENV{GIT_CVSSERVER_ROOTS}) {
+    if (@{$state->{allowed_roots}}) {
+	die "Cannot specify roots both ways: @ARGV\n";
+    }
+    my @allowed_root = split(',', $ENV{GIT_CVSSERVER_ROOTS});
+    $state->{allowed_roots} = [ @allowed_root ];
+}
+
 # if we are called with a pserver argument,
 # deal with the authentication cat before entering the
 # main loop
-- 
1.6.5.2.411.gf7c0f.dirty

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] (to improve gitosis support) CVS Server: Support reading  base and roots from environment
  2009-11-12 17:25 [PATCH] (to improve gitosis support) CVS Server: Support reading base and roots from environment Phil Miller
@ 2009-11-18  4:11 ` Phil Miller
  0 siblings, 0 replies; 2+ messages in thread
From: Phil Miller @ 2009-11-18  4:11 UTC (permalink / raw)
  To: Git Mailing List

I've seen no response or comment on this since sending it in. Does it
need revision of some sort? Did it just get lost in the shuffle? I'll
be happy to do the legwork to get this integrated, so that I don't
have to carry it in a private git tree.

Phil

On Thu, Nov 12, 2009 at 11:25, Phil Miller <mille121@illinois.edu> wrote:
> The Gitosis single-account Git/ssh hosting system runs git commands
> through git-shell after confirming that the connecting user is
> authorized to access the requested repository. This works well for
> upload-pack and receive-pack, which take a repository argument through
> git-shell. This doesn't work so well for `cvs server', which is passed
> through literally, with no arguments. Allowing arguments risks
> sneaking in `--export-all', so that restriction should be maintained.
>
> Despite that, passing a list of repository roots is necessary for
> per-user access control by the hosting software, and passing a base
> path improves usability without weakening security. Thus,
> git-cvsserver needs to come up with these values at runtime by some
> other means. Since git-shell preserves the environment for other
> purposes, the environment can carry these arguments as well.
>
> Thus, modify git-cvsserver to read $GIT_CVSSERVER_{BASE_PATH,ROOTS} in
> the absence of equivalent command line arguments.
>
> Signed-off-by: Phil Miller <mille121@illinois.edu>
>

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2009-11-18  4:12 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-11-12 17:25 [PATCH] (to improve gitosis support) CVS Server: Support reading base and roots from environment Phil Miller
2009-11-18  4:11 ` Phil Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).