[Cvsnt] pserver on UNIX
Anthony Williams
anthwil at nortelnetworks.com
Tue Jun 11 09:12:42 BST 2002
"Anthony Williams" <anthwil at nortelnetworks.com> wrote in message
news:ad51cf$kfu$1 at sisko.nothing-on.tv...
> Can I run CVSNT as a server for pserver protocol on UNIX?
To reply to my own message:
Yes, you can use CVSNT for pserver on UNIX, but it needs to be run as "cvs
authserver" by inetd, not "cvs pserver" as shown in the docs. Below is a
patch for cvs.texi and cvsclient.texi to correct this.
BTW, "cvs --help-commands" lists "authserver" where "pserver" used to be,
not in its alphabetically-correct position, which seems odd as the rest of
the commands are in alphabetical order. Attached is a patch for this too
Anthony
--
Anthony Williams
Software Engineer, Nortel Networks Optical Components Ltd
The opinions expressed in this message are not necessarily those of my
employer
*** sol7/cvsnt-1.11.1.3/doc/cvs.texi Tue Mar 05 16:29:19 2002
--- cvsnt-1.11.1.3/doc/cvs.texi Tue Jun 11 08:57:42 2002
***************
*** 2256,2262 ****
On Unix, on the server side, the file @file{/etc/inetd.conf}
needs to be edited so @code{inetd} knows to run the
! command @code{cvs pserver} when it receives a
connection on the right port.
By default, the port number is for pserver is 2401
--- 2256,2262 ----
On Unix, on the server side, the file @file{/etc/inetd.conf}
needs to be edited so @code{inetd} knows to run the
! command @code{cvs authserver} when it receives a
connection on the right port.
By default, the port number is for pserver is 2401
***************
*** 2273,2279 ****
@example
2401 stream tcp nowait root /usr/local/bin/cvs
! cvs -f --allow-root=/usr/cvsroot pserver
@end example
You could also use the
--- 2273,2279 ----
@example
2401 stream tcp nowait root /usr/local/bin/cvs
! cvs -f --allow-root=/usr/cvsroot authserver
@end example
You could also use the
***************
*** 2690,2696 ****
was:
@example
! /usr/local/bin/cvs -L -b /usr/local/bin -D /home/cvs pserver
@end example
then if the user had the following @code{CVSROOT} variable:
--- 2690,2696 ----
was:
@example
! /usr/local/bin/cvs -L -b /usr/local/bin -D /home/cvs authserver
@end example
then if the user had the following @code{CVSROOT} variable:
***************
*** 13674,13680 ****
caused by having an incorrect path in @file{inetd.conf}).
"unrecognized auth response" errors are caused by a bad command
line in @file{inetd.conf}, typically an invalid option or forgetting
! to put the @samp{pserver} command at the end of the line.
Another less common problem is invisible control characters that
your editor "helpfully" added without you noticing.
--- 13674,13680 ----
caused by having an incorrect path in @file{inetd.conf}).
"unrecognized auth response" errors are caused by a bad command
line in @file{inetd.conf}, typically an invalid option or forgetting
! to put the @samp{authserver} command at the end of the line.
Another less common problem is invisible control characters that
your editor "helpfully" added without you noticing.
***************
*** 13684,13690 ****
correctly, it will respond with
@example
! cvs [pserver aborted]: bad auth protocol start: foo
@end example
If instead you get:
--- 13684,13690 ----
correctly, it will respond with
@example
! cvs [server aborted]: bad auth protocol start: foo
@end example
If instead you get:
***************
*** 13694,13714 ****
...
@end example
! then you're missing the @samp{pserver} command at the end of the
line in @file{inetd.conf}; check to make sure that the entire command
is on one line and that it's complete.
Likewise, if you get something like:
@example
! Unknown command: `pserved'
CVS commands are:
add Add a new file/directory to the repository
...
@end example
! then you've misspelled @samp{pserver} in some way. If it isn't
obvious, check for invisible control characters (particularly
carriage returns) in @file{inetd.conf}.
--- 13694,13714 ----
...
@end example
! then you're missing the @samp{authserver} command at the end of the
line in @file{inetd.conf}; check to make sure that the entire command
is on one line and that it's complete.
Likewise, if you get something like:
@example
! Unknown command: `authserved'
CVS commands are:
add Add a new file/directory to the repository
...
@end example
! then you've misspelled @samp{authserver} in some way. If it isn't
obvious, check for invisible control characters (particularly
carriage returns) in @file{inetd.conf}.
*** sol7/cvsnt-1.11.1.3/doc/cvsclient.texi Thu Nov 22 21:59:10 2001
--- cvsnt-1.11.1.3/doc/cvsclient.texi Tue Jun 11 09:02:27 2002
***************
*** 93,99 ****
@item
Security and authentication are handled outside this protocol (but see
! below about @samp{cvs kserver} and @samp{cvs pserver}).
@item
The protocol makes it possible for updates to be atomic with respect to
--- 93,99 ----
@item
Security and authentication are handled outside this protocol (but see
! below about @samp{cvs kserver} and @samp{cvs authserver}).
@item
The protocol makes it possible for updates to be atomic with respect to
***************
*** 158,172 ****
to support kerberos.
@item pserver
! The name @dfn{pserver} is somewhat confusing. It refers to both a
generic framework which allows the CVS protocol to support several
authentication mechanisms, and a name for a specific mechanism which
! transfers a username and a cleartext password. Servers need not support
! all mechanisms, and in fact servers will typically want to support only
! those mechanisms which meet the relevant security needs.
The pserver server listens on a port (in the current
! implementation, by having inetd call "cvs pserver") which defaults to
2401 (this port is officially registered). The client
connects, and sends the following:
--- 158,174 ----
to support kerberos.
@item pserver
! The name @dfn{pserver} is somewhat confusing. It refers to both a
generic framework which allows the CVS protocol to support several
authentication mechanisms, and a name for a specific mechanism which
! transfers a username and a cleartext password. For this reason, the cvs
! command for starting the server has been changed from "cvs pserver" to
! "cvs authserver". Servers need not support all mechanisms, and in fact
! servers will typically want to support only those mechanisms which meet
! the relevant security needs.
The pserver server listens on a port (in the current
! implementation, by having inetd call "cvs authserver") which defaults to
2401 (this port is officially registered). The client
connects, and sends the following:
*** sol7/cvsnt-1.11.1.3/src/main.c Thu May 23 20:54:41 2002
--- cvsnt-1.11.1.3/src/main.c Tue Jun 11 09:05:39 2002
***************
*** 204,209 ****
--- 204,212 ----
" add Add a new file/directory to the repository\n",
" admin Administration front end for rcs\n",
" annotate Show last revision where each line was
modified\n",
+ #if defined(AUTH_SERVER_SUPPORT)
+ " authserver Authentication server mode\n",
+ #endif
" chacl Change the Access Control List for a
directory\n",
" checkout Checkout sources for editing\n",
" chown Change the owner of a directory\n",
***************
*** 223,231 ****
" ls List files in the repository\n",
" lsacl List the directories Access Control List\n",
" passwd Set the user's password (Admin: Administer
users)\n",
- #if defined(AUTH_SERVER_SUPPORT)
- " authserver Authentication server mode\n",
- #endif
" rannotate Show last revision where each line of module was
modified\n",
" rdiff Create 'patch' format diffs between releases\n",
" release Indicate that a Module is no longer in use\n",
--- 226,231 ----
_______________________________________________
Cvsnt mailing list
Cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
More information about the cvsnt
mailing list