Commit e25f49bb authored by Leigh Stoller's avatar Leigh Stoller

Yak, a bunch of changes for cvs access to project repos that have been

marked publically readable.

Anon users trying to find a project repo are silently redirected over
the ops web server.

Some really disgusting stuff in cvsweb.cgi; do not look!

Note we now install cvsweb and friends into ops:/usr/testbed/www/cvsweb
parent 84c1df2d
This diff is collapsed.
......@@ -46,7 +46,7 @@
# SUCH DAMAGE.
#
# $FreeBSD: projects/cvsweb/cvsweb.cgi,v 1.119.2.6 2002/09/26 20:56:05 scop Exp $
# $Id: cvsweb.cgi,v 1.4 2005-09-01 18:11:43 stoller Exp $
# $Id: cvsweb.cgi,v 1.5 2005-09-02 22:07:23 stoller Exp $
# $Idaemons: /home/cvs/cvsweb/cvsweb.cgi,v 1.84 2001/10/07 20:50:10 knu Exp $
#
###
......@@ -358,11 +358,39 @@ if (defined($input{"content-type"})) {
if ($input{"content-type"} !~ /^[-0-9A-Za-z]+\/[-0-9A-Za-z]+$/);
}
# Emulab Hacks!
if (@ARGV && $ARGV[0] eq "-repo") {
$license = undef;
@CVSrepositories = (
'top' => [$ARGV[1], $ARGV[1]],
);
$cvstreedefault = $CVSrepositories[2 * 0]; # The first one
}
elsif (! -e @{$CVSrepositories[1]}[1] . "/CVSROOT") {
my $dh = do { local (*DH); };
my $topdir = @{$CVSrepositories[1]}[1];
opendir($dh, $topdir) or
fatal("404 Not Found", '%s: %s', $topdir, $!);
my @dirfiles = readdir($dh);
closedir($dh);
@CVSrepositories = ();
foreach my $dir (@dirfiles) {
my $rdir = "$topdir/$dir";
next
if ($dir eq "." || $dir eq "..");
if (-r $rdir && -e "$rdir/CVSROOT") {
push(@CVSrepositories, $dir => [$dir, $rdir]);
}
}
if (! @CVSrepositories) {
fatal("404 Not Found", '%s: %s', $topdir, $!);
}
$cvstreedefault = $CVSrepositories[2 * 0]; # The first one
}
$DEFAULTVALUE{'cvsroot'} = $cvstreedefault;
......@@ -662,7 +690,7 @@ if (-d $fullname) {
# give direct access to dirs
if ($where eq '/') {
chooseMirror ();
#chooseCVSRoot ();
#chooseCVSRoot ();
} else {
print "<p>Current directory: <b>", &clickablePath($where, 0),
"</b></p>\n";
......
......@@ -9,7 +9,7 @@
# based on work by Bill Fenner <fenner@FreeBSD.org>
#
# $FreeBSD: projects/cvsweb/cvsweb.conf,v 1.36.2.3 2002/09/23 05:30:17 scop Exp $
# $Id: cvsweb.conf,v 1.5 2005-09-01 18:11:43 stoller Exp $
# $Id: cvsweb.conf,v 1.6 2005-09-02 22:07:23 stoller Exp $
# $Idaemons: /home/cvs/cvsweb/cvsweb.conf,v 1.27 2001/08/01 09:48:39 knu Exp $
#
###
......@@ -117,7 +117,7 @@ $mancgi =
# hidecvsroot: Don't show the CVSROOT directory
# 1 Hide CVSROOT directory
# 0 Show CVSROOT directory
"hidecvsroot" => "1",
"hidecvsroot" => "0",
# hidenonreadable: Don't show entries which cannot be read
# 1 Hide non-readable entries
......
......@@ -12,13 +12,10 @@ chdir("../");
require("defs.php3");
#
# Only known and logged in users can do this.
# We look for anon access, and if so, redirect to ops web server.
# WARNING: See the LOGGEDINORDIE() calls below.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);
# Just for project specific
$scriptargs = "";
#
# Verify form arguments.
......@@ -30,14 +27,36 @@ if (isset($pid) && $pid != "") {
if (!TBvalid_pid($pid)) {
PAGEARGERROR("Invalid project ID.");
}
# Redirect now, to avoid phishing.
if ($uid) {
LOGGEDINORDIE($uid);
}
else {
$url = $OPSCVSURL . "?cvsroot=$pid";
header("Location: $url");
return;
}
if (! TBValidProject($pid)) {
USERERROR("The project '$pid' is not a valid project.", 1);
}
if (! TBProjAccessCheck($uid, $pid, $pid, $TB_PROJECT_READINFO)) {
USERERROR("You are not a member of Project $pid.", 1);
if (! ISADMIN($uid) &&
! TBProjAccessCheck($uid, $pid, $pid, $TB_PROJECT_READINFO)) {
# Then check to see if the project cvs repo is public.
$query_result =
DBQueryFatal("select cvsrepo_public from projects ".
"where pid='$pid'");
if (!mysql_num_rows($query_result)) {
TBERROR("Error getting cvsrepo_public bit", 1);
}
$row = mysql_fetch_array($query_result);
if ($row[0] == 0) {
USERERROR("You are not a member of Project $pid.", 1);
}
}
}
else {
LOGGEDINORDIE($uid);
if (! TBCvswebAllowed($uid)) {
USERERROR("You do not have permission to use cvsweb!", 1);
}
......@@ -95,7 +114,7 @@ $shellcmd = "env PATH=./cvsweb/ QUERY_STRING=$query PATH_INFO=$path " .
if (isset($pid)) {
# I know, I added an argument to a script that is not supposed to
# take any. So be it; it was easy.
$shellcmd .= "$TBSUEXEC_PATH $uid $pid webcvsweb -repo /proj/$pid/CVS";
$shellcmd .= "$TBSUEXEC_PATH $uid $pid webcvsweb -repo $TBCVSREPO_DIR/$pid";
}
else {
$shellcmd .= "$script";
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment