blob: 597f6de8dbdbd2bb9529b637846f7fdf001dff68 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
/*
Author: Robin H. Johnson <robbat2@gentoo.org>
Date: 2006-08-09
This patch allows a CVS server to deny usage of specific commands, based on
input in the environment.
Just set the CVS_BLOCK_REQUESTS env var with all of the commands you want,
seperated by spaces. Eg:
CVS_BLOCK_REQUESTS="Gzip-stream gzip-file-contents"
would block ALL usage of compression.
Please see the array 'struct request requests[]' in src/server.c for a full
list of commands.
Please note that if you block any commands marked as RQ_ESSENTIAL, CVS clients
may fail! (This includes 'ci'!).
See the companion cvs-custom.c for a wrapper that can enforce the environment variable for pserver setups.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
*/
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <malloc.h>
#define REAL_CVS "/bin/cvs"
#define CVS_TMPDIR "/tmp"
#define CMDS_BLOCKED " Gzip-stream gzip-file-contents Kerberos-encrypt Gssapi-encrypt Gssapi-authenticate add remove admin import init history watch-on watch-off watch-add watch-remove watchers editors edit version tag rtag "
int main(int argc, char* argv[]) {
char** newargv;
int newargc, offset;
int i;
// 0 for argv[0] we must copy
offset = 0+0;
// +1 for trailing NULL
newargc = argc+offset+1;
newargv = (char**) malloc(newargc*sizeof(char*));
newargv[0] = "cvs";
//newargv[1] = "-T";
//newargv[2] = CVS_TMPDIR;
//newargv[3] = "-R";
for(i=1;i<argc;i++) {
newargv[i+offset] = argv[i];
}
newargv[newargc-1] = NULL;
setenv("CVS_BLOCK_REQUESTS",CMDS_BLOCKED ,1);
//for(i =0;i<newargc;i++) {
// printf("[%d]='%s'\n",i,newargv[i] != NULL ? newargv[i] : "NULL");
//}
execv(REAL_CVS,newargv);
free(newargv);
return 0;
}
|