2 * Copyright (c) 1992, Mark D. Baushke
3 * Copyright (c) 2002, Derek R. Price
5 * You may distribute under the terms of the GNU General Public License as
6 * specified in the README file that comes with the CVS source distribution.
10 * Determine the path to the CVSROOT and set "Root" accordingly.
16 /* Printable names for things in the current_parsed_root->method enum variable.
17 Watch out if the enum is changed in cvs.h! */
19 const char method_names[][16] = {
20 "undefined", "local", "server (rsh)", "pserver",
21 "kserver", "gserver", "ext", "fork"
27 Name_Root (const char *dir, const char *update_dir)
31 const char *xupdate_dir;
33 size_t root_allocated = 0;
39 TRACE (TRACE_FLOW, "Name_Root (%s, %s)",
41 update_dir ? update_dir : "(null)");
43 if (update_dir && *update_dir)
44 xupdate_dir = update_dir;
50 cvsadm = xmalloc (strlen (dir) + sizeof (CVSADM) + 10);
51 (void) sprintf (cvsadm, "%s/%s", dir, CVSADM);
52 tmp = xmalloc (strlen (dir) + sizeof (CVSADM_ROOT) + 10);
53 (void) sprintf (tmp, "%s/%s", dir, CVSADM_ROOT);
57 cvsadm = xstrdup (CVSADM);
58 tmp = xstrdup (CVSADM_ROOT);
62 * Do not bother looking for a readable file if there is no cvsadm
65 * It is possible that not all repositories will have a CVS/Root
66 * file. This is ok, but the user will need to specify -d
67 * /path/name or have the environment variable CVSROOT set in
68 * order to continue. */
69 if ((!isdir (cvsadm)) || (!isreadable (tmp)))
76 * The assumption here is that the CVS Root is always contained in the
77 * first line of the "Root" file.
79 fpin = open_file (tmp, "r");
81 if ((len = getline (&root, &root_allocated, fpin)) < 0)
83 int saved_errno = errno;
84 /* FIXME: should be checking for end of file separately; errno
85 is not set in that case. */
86 error (0, 0, "in directory %s:", xupdate_dir);
87 error (0, saved_errno, "cannot read %s", CVSADM_ROOT);
88 error (0, 0, "please correct this problem");
95 *cp = '\0'; /* strip the newline */
98 * root now contains a candidate for CVSroot. It must be an
99 * absolute pathname or specify a remote server.
102 ret = parse_cvsroot (root);
105 error (0, 0, "in directory %s:", xupdate_dir);
107 "ignoring %s because it does not contain a valid root.",
113 #ifdef CLIENT_SUPPORT
116 !isdir (ret->directory))
118 error (0, 0, "in directory %s:", xupdate_dir);
120 "ignoring %s because it specifies a non-existent repository %s",
138 * Write the CVS/Root file so that the environment variable CVSROOT
139 * and/or the -d option to cvs will be validated or not necessary for
143 Create_Root (const char *dir, const char *rootdir)
151 /* record the current cvs root */
157 tmp = xmalloc (strlen (dir) + sizeof (CVSADM_ROOT) + 10);
158 (void) sprintf (tmp, "%s/%s", dir, CVSADM_ROOT);
161 tmp = xstrdup (CVSADM_ROOT);
163 fout = open_file (tmp, "w+");
164 if (fprintf (fout, "%s\n", rootdir) < 0)
165 error (1, errno, "write to %s failed", tmp);
166 if (fclose (fout) == EOF)
167 error (1, errno, "cannot close %s", tmp);
176 /* Translate an absolute repository string for a primary server and return it.
179 * root_in The root to be translated.
182 * A translated string this function owns, or a pointer to the original
183 * string passed in if no translation was necessary.
185 * If the returned string is the translated one, it may be overwritten
186 * by the next call to this function.
189 primary_root_translate (const char *root_in)
192 static char *previous = NULL;
196 /* This can happen, for instance, during `cvs init'. */
197 if (!config) return root_in;
199 if (config->PrimaryServer
200 && !strncmp (root_in, config->PrimaryServer->directory,
201 strlen (config->PrimaryServer->directory))
202 && (ISSLASH (root_in[strlen (config->PrimaryServer->directory)])
203 || root_in[strlen (config->PrimaryServer->directory)] == '\0')
207 Xasnprintf (previous, &len,
208 "%s%s", current_parsed_root->directory,
209 root_in + strlen (config->PrimaryServer->directory));
210 if (previous && previous != translated)
212 return previous = translated;
216 /* There is no primary root configured or it didn't match. */
222 /* Translate a primary root in reverse for PATHNAMEs in responses.
225 * root_in The root to be translated.
228 * A translated string this function owns, or a pointer to the original
229 * string passed in if no translation was necessary.
231 * If the returned string is the translated one, it may be overwritten
232 * by the next call to this function.
235 primary_root_inverse_translate (const char *root_in)
238 static char *previous = NULL;
242 /* This can happen, for instance, during `cvs init'. */
243 if (!config) return root_in;
245 if (config->PrimaryServer
246 && !strncmp (root_in, current_parsed_root->directory,
247 strlen (current_parsed_root->directory))
248 && (ISSLASH (root_in[strlen (current_parsed_root->directory)])
249 || root_in[strlen (current_parsed_root->directory)] == '\0')
253 Xasnprintf (previous, &len,
254 "%s%s", config->PrimaryServer->directory,
255 root_in + strlen (current_parsed_root->directory));
256 if (previous && previous != translated)
258 return previous = translated;
262 /* There is no primary root configured or it didn't match. */
268 /* The root_allow_* stuff maintains a list of valid CVSROOT
269 directories. Then we can check against them when a remote user
270 hands us a CVSROOT directory. */
271 static List *root_allow;
276 if (n->data) free_config (n->data);
282 root_allow_add (const char *arg)
286 if (!root_allow) root_allow = getlist();
288 n->key = xstrdup (arg);
289 n->data = parse_config (arg);
290 n->delproc = delconfig;
291 addnode (root_allow, n);
295 root_allow_free (void)
297 dellist (&root_allow);
301 root_allow_ok (const char *arg)
305 /* Probably someone upgraded from CVS before 1.9.10 to 1.9.10
306 or later without reading the documentation about
307 --allow-root. Printing an error here doesn't disclose any
308 particularly useful information to an attacker because a
309 CVS server configured in this way won't let *anyone* in. */
311 /* Note that we are called from a context where we can spit
312 back "error" rather than waiting for the next request which
313 expects responses. */
315 error 0 Server configuration missing --allow-root in inetd.conf\n");
319 if (findnode (root_allow, arg))
326 /* Get a config we stored in response to root_allow.
329 * The config associated with ARG.
332 get_root_allow_config (const char *arg)
336 TRACE (TRACE_FUNCTION, "get_root_allow_config (%s)", arg);
339 n = findnode (root_allow, arg);
343 if (n) return n->data;
344 return parse_config (arg);
349 /* This global variable holds the global -d option. It is NULL if -d
350 was not used, which means that we must get the CVSroot information
351 from the CVSROOT environment variable or from a CVS/Root file. */
352 char *CVSroot_cmdline;
356 /* FIXME - Deglobalize this. */
357 cvsroot_t *current_parsed_root = NULL;
358 /* Used to save the original root being processed so that we can still find it
359 * in lists and the like after a `Redirect' response. Also set to mirror
360 * current_parsed_root in server mode so that code which runs on both the
361 * client and server but which wants to use original data on the client can
362 * just always reference the original_parsed_root.
364 const cvsroot_t *original_parsed_root;
367 /* allocate and initialize a cvsroot_t
369 * We must initialize the strings to NULL so we know later what we should
372 * Some of the other zeroes remain meaningful as, "never set, use default",
375 /* Functions which allocate memory are not pure. */
376 static cvsroot_t *new_cvsroot_t(void)
377 __attribute__( (__malloc__) );
383 /* gotta store it somewhere */
384 newroot = xmalloc(sizeof(cvsroot_t));
386 newroot->original = NULL;
387 newroot->method = null_method;
388 #ifdef CLIENT_SUPPORT
389 newroot->username = NULL;
390 newroot->password = NULL;
391 newroot->hostname = NULL;
392 newroot->cvs_rsh = NULL;
393 newroot->cvs_server = NULL;
395 newroot->directory = NULL;
396 newroot->proxy_hostname = NULL;
397 newroot->proxy_port = 0;
398 newroot->isremote = 0;
399 newroot->redirect = true; /* Advertise Redirect support */
400 #endif /* CLIENT_SUPPORT */
407 /* Dispose of a cvsroot_t and its component parts */
409 free_cvsroot_t (cvsroot_t *root)
411 if (root->original != NULL)
412 free (root->original);
413 if (root->directory != NULL)
414 free (root->directory);
415 #ifdef CLIENT_SUPPORT
416 if (root->username != NULL)
417 free (root->username);
418 if (root->password != NULL)
420 /* I like to be paranoid */
421 memset (root->password, 0, strlen (root->password));
422 free (root->password);
424 if (root->hostname != NULL)
425 free (root->hostname);
426 if (root->cvs_rsh != NULL)
427 free (root->cvs_rsh);
428 if (root->cvs_server != NULL)
429 free (root->cvs_server);
430 if (root->proxy_hostname != NULL)
431 free (root->proxy_hostname);
432 #endif /* CLIENT_SUPPORT */
439 * Parse a CVSROOT string to allocate and return a new cvsroot_t structure.
440 * Valid specifications are:
442 * :(gserver|kserver|pserver):[[user][:password]@]host[:[port]]/path
443 * [:(ext|server):][[user]@]host[:]/path
448 * root_in C String containing the CVSROOT to be parsed.
451 * A pointer to a newly allocated cvsroot_t structure upon success and
452 * NULL upon failure. The caller should never dispose of this structure,
453 * as it is stored in a cache, but the caller may rely on it not to
457 * This would have been a lot easier to write in Perl.
459 * Would it make sense to reimplement the root and config file parsing
466 parse_cvsroot (const char *root_in)
468 cvsroot_t *newroot; /* the new root to be returned */
469 char *cvsroot_save; /* what we allocated so we can dispose
470 * it when finished */
471 char *firstslash; /* save where the path spec starts
473 * [[user][:password]@]host[:[port]]
475 char *cvsroot_copy, *p, *q; /* temporary pointers for parsing */
476 #ifdef CLIENT_SUPPORT
477 int check_hostname, no_port, no_password, no_proxy;
478 #endif /* CLIENT_SUPPORT */
479 static List *cache = NULL;
482 assert (root_in != NULL);
484 /* This message is TRACE_FLOW since this function is called repeatedly by
485 * the recursion routines.
487 TRACE (TRACE_FLOW, "parse_cvsroot (%s)", root_in);
489 if ((node = findnode (cache, root_in)))
492 /* allocate some space */
493 newroot = new_cvsroot_t();
495 /* save the original string */
496 newroot->original = xstrdup (root_in);
498 /* and another copy we can munge while parsing */
499 cvsroot_save = cvsroot_copy = xstrdup (root_in);
501 if (*cvsroot_copy == ':')
503 char *method = ++cvsroot_copy;
505 /* Access method specified, as in
506 * "cvs -d :(gserver|kserver|pserver):[[user][:password]@]host[:[port]]/path",
507 * "cvs -d [:(ext|server):][[user]@]host[:]/path",
508 * "cvs -d :local:e:\path",
509 * "cvs -d :fork:/path".
510 * We need to get past that part of CVSroot before parsing the
514 if (! (p = strchr (method, ':')))
516 error (0, 0, "No closing `:' on method in CVSROOT.");
522 #ifdef CLIENT_SUPPORT
523 /* Look for method options, for instance, proxy, proxyport.
524 * Calling strtok again is saved until after parsing the method.
526 method = strtok (method, ";");
527 #endif /* CLIENT_SUPPORT */
529 /* Now we have an access method -- see if it's valid. */
531 if (!strcasecmp (method, "local"))
532 newroot->method = local_method;
533 else if (!strcasecmp (method, "pserver"))
534 newroot->method = pserver_method;
535 else if (!strcasecmp (method, "kserver"))
536 newroot->method = kserver_method;
537 else if (!strcasecmp (method, "gserver"))
538 newroot->method = gserver_method;
539 else if (!strcasecmp (method, "server"))
540 newroot->method = server_method;
541 else if (!strcasecmp (method, "ext"))
542 newroot->method = ext_method;
543 else if (!strcasecmp (method, "fork"))
544 newroot->method = fork_method;
547 error (0, 0, "Unknown method (`%s') in CVSROOT.", method);
551 #ifdef CLIENT_SUPPORT
552 /* Parse the method options, for instance, proxy, proxyport */
553 while ((p = strtok (NULL, ";")))
555 char *q = strchr (p, '=');
558 error (0, 0, "Option (`%s') has no argument in CVSROOT.",
564 TRACE (TRACE_DATA, "CVSROOT option=`%s' value=`%s'", p, q);
565 if (!strcasecmp (p, "proxy"))
567 newroot->proxy_hostname = xstrdup (q);
569 else if (!strcasecmp (p, "proxyport"))
578 "CVSROOT may only specify a positive, non-zero, integer proxy port (not `%s').",
583 if ((newroot->proxy_port = atoi (q)) <= 0)
585 "CVSROOT may only specify a positive, non-zero, integer proxy port (not `%s').",
588 else if (!strcasecmp (p, "CVS_RSH"))
590 /* override CVS_RSH environment variable */
591 if (newroot->method == ext_method)
592 newroot->cvs_rsh = xstrdup (q);
594 else if (!strcasecmp (p, "CVS_SERVER"))
596 /* override CVS_SERVER environment variable */
597 if (newroot->method == ext_method
598 || newroot->method == fork_method)
599 newroot->cvs_server = xstrdup (q);
601 else if (!strcasecmp (p, "Redirect"))
602 readBool ("CVSROOT", "Redirect", q, &newroot->redirect);
605 error (0, 0, "Unknown option (`%s') in CVSROOT.", p);
609 #endif /* CLIENT_SUPPORT */
613 /* If the method isn't specified, assume EXT_METHOD if the string looks
614 like a relative path and LOCAL_METHOD otherwise. */
616 newroot->method = ((*cvsroot_copy != '/' && strchr (cvsroot_copy, '/'))
622 * There are a few sanity checks we can do now, only knowing the
623 * method of this root.
626 /* Why do we avoid these checks when DEBUG is set? How is this used? */
627 # ifndef CLIENT_SUPPORT
628 if (newroot->method != local_method)
630 error (0, 0, "CVSROOT is set for a remote access method but your");
631 error (0, 0, "CVS executable doesn't support it.");
637 #ifdef CLIENT_SUPPORT
638 newroot->isremote = (newroot->method != local_method);
640 if (readonlyfs && newroot->isremote)
642 "Read-only repository feature unavailable with remote roots (cvsroot = %s)",
645 if ((newroot->method != local_method)
646 #ifdef CLIENT_SUPPORT
647 && (newroot->method != fork_method)
648 #endif /* SERVER_SUPPORT */
651 /* split the string into [[user][:password]@]host[:[port]] & /path
653 * this will allow some characters such as '@' & ':' to remain unquoted
654 * in the path portion of the spec
656 if ((p = strchr (cvsroot_copy, '/')) == NULL)
658 error (0, 0, "CVSROOT requires a path spec:");
660 ":(gserver|kserver|pserver):[[user][:password]@]host[:[port]]/path");
661 error (0, 0, "[:(ext|server):][[user]@]host[:]/path");
664 firstslash = p; /* == NULL if '/' not in string */
667 /* Check to see if there is a username[:password] in the string. */
668 if ((p = strchr (cvsroot_copy, '@')) != NULL)
671 /* check for a password */
672 if ((q = strchr (cvsroot_copy, ':')) != NULL)
675 newroot->password = xstrdup (++q);
676 /* Don't check for *newroot->password == '\0' since
677 * a user could conceivably wish to specify a blank password
679 * (newroot->password == NULL means to use the
680 * password from .cvspass)
684 /* copy the username */
685 if (*cvsroot_copy != '\0')
686 /* a blank username is impossible, so leave it NULL in that
687 * case so we know to use the default username
689 newroot->username = xstrdup (cvsroot_copy);
694 /* now deal with host[:[port]] */
697 if ((p = strchr (cvsroot_copy, ':')) != NULL)
709 "CVSROOT may only specify a positive, non-zero, integer port (not `%s').",
712 "Perhaps you entered a relative pathname?");
716 if ((newroot->port = atoi (p)) <= 0)
719 "CVSROOT may only specify a positive, non-zero, integer port (not `%s').",
721 error (0, 0, "Perhaps you entered a relative pathname?");
728 if (*cvsroot_copy != '\0')
729 /* blank hostnames are invalid, but for now leave the field NULL
730 * and catch the error during the sanity checks later
732 newroot->hostname = xstrdup (cvsroot_copy);
734 /* restore the '/' */
735 cvsroot_copy = firstslash;
738 #endif /* CLIENT_SUPPORT */
741 * Parse the path for all methods.
743 /* Here & local_cvsroot() should be the only places this needs to be
744 * called on a CVSROOT now. cvsroot->original is saved for error messages
745 * and, otherwise, we want no trailing slashes.
747 Sanitize_Repository_Name (cvsroot_copy);
748 newroot->directory = xstrdup (cvsroot_copy);
751 * Do various sanity checks.
754 #ifdef CLIENT_SUPPORT
755 if (newroot->username && ! newroot->hostname)
757 error (0, 0, "Missing hostname in CVSROOT.");
761 /* We won't have attempted to parse these without CLIENT_SUPPORT */
766 #endif /* CLIENT_SUPPORT */
767 switch (newroot->method)
770 #ifdef CLIENT_SUPPORT
771 if (newroot->username || newroot->hostname)
773 error (0, 0, "Can't specify hostname and username in CVSROOT");
774 error (0, 0, "when using local access method.");
777 #endif /* CLIENT_SUPPORT */
778 /* cvs.texinfo has always told people that CVSROOT must be an
779 absolute pathname. Furthermore, attempts to use a relative
780 pathname produced various errors (I couldn't get it to work),
781 so there would seem to be little risk in making this a fatal
783 if (!isabsolute (newroot->directory))
785 error (0, 0, "CVSROOT must be an absolute pathname (not `%s')",
787 error (0, 0, "when using local access method.");
790 #ifdef CLIENT_SUPPORT
791 /* We don't need to check for these in :local: mode, really, since
792 * we shouldn't be able to hit the code above which parses them, but
793 * I'm leaving them here in lieu of assertions.
796 /* no_password already set */
797 #endif /* CLIENT_SUPPORT */
799 #ifdef CLIENT_SUPPORT
801 /* We want :fork: to behave the same as other remote access
802 methods. Therefore, don't check to see that the repository
803 name is absolute -- let the server do it. */
804 if (newroot->username || newroot->hostname)
806 error (0, 0, "Can't specify hostname and username in CVSROOT");
807 error (0, 0, "when using fork access method.");
810 newroot->hostname = xstrdup("server"); /* for error messages */
811 if (!isabsolute (newroot->directory))
813 error (0, 0, "CVSROOT must be an absolute pathname (not `%s')",
815 error (0, 0, "when using fork access method.");
819 /* no_password already set */
822 # ifndef HAVE_KERBEROS
823 error (0, 0, "CVSROOT is set for a kerberos access method but your");
824 error (0, 0, "CVS executable doesn't support it.");
828 /* no_password already set */
833 error (0, 0, "CVSROOT is set for a GSSAPI access method but your");
834 error (0, 0, "CVS executable doesn't support it.");
839 /* no_password already set */
845 /* no_password already set */
853 #endif /* CLIENT_SUPPORT */
855 error (1, 0, "Invalid method found in parse_cvsroot");
858 #ifdef CLIENT_SUPPORT
859 if (no_password && newroot->password)
861 error (0, 0, "CVSROOT password specification is only valid for");
862 error (0, 0, "pserver connection method.");
865 if (no_proxy && (newroot->proxy_hostname || newroot->proxy_port))
868 "CVSROOT proxy specification is only valid for gserver and");
869 error (0, 0, "pserver connection methods.");
873 if (!newroot->proxy_hostname && newroot->proxy_port)
875 error (0, 0, "Proxy port specified in CVSROOT without proxy host.");
879 if (check_hostname && !newroot->hostname)
881 error (0, 0, "Didn't specify hostname in CVSROOT.");
885 if (no_port && newroot->port)
888 "CVSROOT port specification is only valid for gserver, kserver,");
889 error (0, 0, "and pserver connection methods.");
892 #endif /*CLIENT_SUPPORT */
894 if (*newroot->directory == '\0')
896 error (0, 0, "Missing directory in CVSROOT.");
900 /* Hooray! We finally parsed it! */
903 if (!cache) cache = getlist();
905 node->key = xstrdup (newroot->original);
906 node->data = newroot;
907 addnode (cache, node);
912 free_cvsroot_t (newroot);
918 #ifdef AUTH_CLIENT_SUPPORT
919 /* Use root->username, root->hostname, root->port, and root->directory
920 * to create a normalized CVSROOT fit for the .cvspass file
922 * username defaults to the result of getcaller()
923 * port defaults to the result of get_cvs_port_number()
925 * FIXME - we could cache the canonicalized version of a root inside the
926 * cvsroot_t, but we'd have to un'const the input here and stop expecting the
927 * caller to be responsible for our return value
930 * ROOT->method == pserver_method
933 normalize_cvsroot (const cvsroot_t *root)
935 char *cvsroot_canonical;
938 /* use a lower case hostname since we know hostnames are case insensitive */
939 /* Some logic says we should be tacking our domain name on too if it isn't
940 * there already, but for now this works. Reverse->Forward lookups are
941 * almost certainly too much since that would make CVS immune to some of
942 * the DNS trickery that makes life easier for sysadmins when they want to
943 * move a repository or the like
945 p = hostname = xstrdup (root->hostname);
952 cvsroot_canonical = Xasprintf (":pserver:%s@%s:%d%s",
953 root->username ? root->username
955 hostname, get_cvs_port_number (root),
959 return cvsroot_canonical;
961 #endif /* AUTH_CLIENT_SUPPORT */
966 /* A walklist() function to walk the root_allow list looking for a PrimaryServer
967 * configuration with a directory matching the requested directory.
969 * If found, replace it.
971 static bool get_local_root_dir_done;
973 get_local_root_dir (Node *p, void *root_in)
975 struct config *c = p->data;
978 if (get_local_root_dir_done)
981 if (c->PrimaryServer && !strcmp (*r, c->PrimaryServer->directory))
984 *r = xstrdup (p->key);
985 get_local_root_dir_done = true;
989 #endif /* PROXY_SUPPORT */
993 /* allocate and return a cvsroot_t structure set up as if we're using the local
996 local_cvsroot (const char *dir)
998 cvsroot_t *newroot = new_cvsroot_t();
1000 newroot->original = xstrdup(dir);
1001 newroot->method = local_method;
1002 newroot->directory = xstrdup(dir);
1003 /* Here and parse_cvsroot() should be the only places this needs to be
1004 * called on a CVSROOT now. cvsroot->original is saved for error messages
1005 * and, otherwise, we want no trailing slashes.
1007 Sanitize_Repository_Name (newroot->directory);
1009 #ifdef PROXY_SUPPORT
1010 /* Translate the directory to a local one in the case that we are
1011 * configured as a secondary. If root_allow has not been initialized,
1014 get_local_root_dir_done = false;
1015 walklist (root_allow, get_local_root_dir, &newroot->directory);
1016 #endif /* PROXY_SUPPORT */
1024 /* This is for testing the parsing function. Use
1026 gcc -I. -I.. -I../lib -DDEBUG root.c -o root
1032 char *program_name = "testing";
1033 char *cvs_cmd_name = "parse_cvsroot"; /* XXX is this used??? */
1035 /* Toy versions of various functions when debugging under unix. Yes,
1036 these make various bad assumptions, but they're pretty easy to
1037 debug when something goes wrong. */
1040 isabsolute( const char *dir )
1042 return (dir && (*dir == '/'));
1046 main( int argc, char *argv[] )
1048 program_name = argv[0];
1052 fprintf (stderr, "Usage: %s <CVSROOT>\n", program_name);
1056 if ((current_parsed_root = parse_cvsroot (argv[1])) == NULL)
1058 fprintf (stderr, "%s: Parsing failed.\n", program_name);
1061 printf ("CVSroot: %s\n", argv[1]);
1062 printf ("current_parsed_root->method: %s\n", method_names[current_parsed_root->method]);
1063 printf ("current_parsed_root->username: %s\n",
1064 current_parsed_root->username ? current_parsed_root->username : "NULL");
1065 printf ("current_parsed_root->hostname: %s\n",
1066 current_parsed_root->hostname ? current_parsed_root->hostname : "NULL");
1067 printf ("current_parsed_root->directory: %s\n", current_parsed_root->directory);