All new accounts created on Gitlab now require administrator approval. If you invite any collaborators, please let Flux staff know so they can approve the accounts.

Commit e25f49bb authored by Leigh B. Stoller's avatar Leigh B. Stoller

Yak, a bunch of changes for cvs access to project repos that have been

marked publically readable.

Anon users trying to find a project repo are silently redirected over
the ops web server.

Some really disgusting stuff in cvsweb.cgi; do not look!

Note we now install cvsweb and friends into ops:/usr/testbed/www/cvsweb
parent 84c1df2d
This diff is collapsed.
......@@ -46,7 +46,7 @@
# SUCH DAMAGE.
#
# $FreeBSD: projects/cvsweb/cvsweb.cgi,v 1.119.2.6 2002/09/26 20:56:05 scop Exp $
# $Id: cvsweb.cgi,v 1.4 2005-09-01 18:11:43 stoller Exp $
# $Id: cvsweb.cgi,v 1.5 2005-09-02 22:07:23 stoller Exp $
# $Idaemons: /home/cvs/cvsweb/cvsweb.cgi,v 1.84 2001/10/07 20:50:10 knu Exp $
#
###
......@@ -358,11 +358,39 @@ if (defined($input{"content-type"})) {
if ($input{"content-type"} !~ /^[-0-9A-Za-z]+\/[-0-9A-Za-z]+$/);
}
# Emulab Hacks!
if (@ARGV && $ARGV[0] eq "-repo") {
$license = undef;
@CVSrepositories = (
'top' => [$ARGV[1], $ARGV[1]],
);
$cvstreedefault = $CVSrepositories[2 * 0]; # The first one
}
elsif (! -e @{$CVSrepositories[1]}[1] . "/CVSROOT") {
my $dh = do { local (*DH); };
my $topdir = @{$CVSrepositories[1]}[1];
opendir($dh, $topdir) or
fatal("404 Not Found", '%s: %s', $topdir, $!);
my @dirfiles = readdir($dh);
closedir($dh);
@CVSrepositories = ();
foreach my $dir (@dirfiles) {
my $rdir = "$topdir/$dir";
next
if ($dir eq "." || $dir eq "..");
if (-r $rdir && -e "$rdir/CVSROOT") {
push(@CVSrepositories, $dir => [$dir, $rdir]);
}
}
if (! @CVSrepositories) {
fatal("404 Not Found", '%s: %s', $topdir, $!);
}
$cvstreedefault = $CVSrepositories[2 * 0]; # The first one
}
$DEFAULTVALUE{'cvsroot'} = $cvstreedefault;
......@@ -662,7 +690,7 @@ if (-d $fullname) {
# give direct access to dirs
if ($where eq '/') {
chooseMirror ();
#chooseCVSRoot ();
#chooseCVSRoot ();
} else {
print "<p>Current directory: <b>", &clickablePath($where, 0),
"</b></p>\n";
......
......@@ -9,7 +9,7 @@
# based on work by Bill Fenner <fenner@FreeBSD.org>
#
# $FreeBSD: projects/cvsweb/cvsweb.conf,v 1.36.2.3 2002/09/23 05:30:17 scop Exp $
# $Id: cvsweb.conf,v 1.5 2005-09-01 18:11:43 stoller Exp $
# $Id: cvsweb.conf,v 1.6 2005-09-02 22:07:23 stoller Exp $
# $Idaemons: /home/cvs/cvsweb/cvsweb.conf,v 1.27 2001/08/01 09:48:39 knu Exp $
#
###
......@@ -117,7 +117,7 @@ $mancgi =
# hidecvsroot: Don't show the CVSROOT directory
# 1 Hide CVSROOT directory
# 0 Show CVSROOT directory
"hidecvsroot" => "1",
"hidecvsroot" => "0",
# hidenonreadable: Don't show entries which cannot be read
# 1 Hide non-readable entries
......
......@@ -12,13 +12,10 @@ chdir("../");
require("defs.php3");
#
# Only known and logged in users can do this.
# We look for anon access, and if so, redirect to ops web server.
# WARNING: See the LOGGEDINORDIE() calls below.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);
# Just for project specific
$scriptargs = "";
#
# Verify form arguments.
......@@ -30,14 +27,36 @@ if (isset($pid) && $pid != "") {
if (!TBvalid_pid($pid)) {
PAGEARGERROR("Invalid project ID.");
}
# Redirect now, to avoid phishing.
if ($uid) {
LOGGEDINORDIE($uid);
}
else {
$url = $OPSCVSURL . "?cvsroot=$pid";
header("Location: $url");
return;
}
if (! TBValidProject($pid)) {
USERERROR("The project '$pid' is not a valid project.", 1);
}
if (! TBProjAccessCheck($uid, $pid, $pid, $TB_PROJECT_READINFO)) {
USERERROR("You are not a member of Project $pid.", 1);
if (! ISADMIN($uid) &&
! TBProjAccessCheck($uid, $pid, $pid, $TB_PROJECT_READINFO)) {
# Then check to see if the project cvs repo is public.
$query_result =
DBQueryFatal("select cvsrepo_public from projects ".
"where pid='$pid'");
if (!mysql_num_rows($query_result)) {
TBERROR("Error getting cvsrepo_public bit", 1);
}
$row = mysql_fetch_array($query_result);
if ($row[0] == 0) {
USERERROR("You are not a member of Project $pid.", 1);
}
}
}
else {
LOGGEDINORDIE($uid);
if (! TBCvswebAllowed($uid)) {
USERERROR("You do not have permission to use cvsweb!", 1);
}
......@@ -95,7 +114,7 @@ $shellcmd = "env PATH=./cvsweb/ QUERY_STRING=$query PATH_INFO=$path " .
if (isset($pid)) {
# I know, I added an argument to a script that is not supposed to
# take any. So be it; it was easy.
$shellcmd .= "$TBSUEXEC_PATH $uid $pid webcvsweb -repo /proj/$pid/CVS";
$shellcmd .= "$TBSUEXEC_PATH $uid $pid webcvsweb -repo $TBCVSREPO_DIR/$pid";
}
else {
$shellcmd .= "$script";
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment