[Cvs-dev] Re: cvs-passwd patch

[Mark D. Baushke]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Prasad J Pandit <address@hidden> writes:

> Almost all the changes, that you suggested, are done. But, 'sanity.sh'
> is still the same mess, with me lost deep into it. I'm just not able
> to get anything of it.

Yeah, it can be difficult.

> On Fri, 22 Sep 2006, Mark D. Baushke wrote:
> >            cat >$CVSROOT_DIRNAME/CVSROOT/passwd <<EOF
> > testme:q6WV9d2t848B2:$username
> > dontroot:q6WV9d2t848B2:root
> > anonymous::$username
> > $username:
> > willfail:   :whocares
> > EOF
> >
> >     # NOTE THIS next test shows that the passwd command does not
> >        # properly deal with bogus arguments. This is a bug that should
> >        # be fixed... the problem appears that spasswd can send garbage
> >        # to the descramble() function if that is what the user
> >        # provides. This is a bad thing.
> >
> >         # Tets how the passwd command works
> >            dotest_fail passwd-1 \
> > "$servercvs --allow-root=${CVSROOT_DIRNAME} pserver" \
> > "$DOTSTAR LOVE YOU
> > error  unrecognized request `'
> > E Terminated with fatal signal 11
> > # Core dumped; preserving $DOTSTAR on server\.
> > E CVS locks may need cleaning up\.
> > error" <<EOF
> > BEGIN AUTH REQUEST
> > $CVSROOT_DIRNAME
> > testme
> > Ay::'d
> > END AUTH REQUEST
> > Root $CVSROOT_DIRNAME
> > passwd
> 
>    See, I tried the above test as it is, but it fails with the message,
> "I LOVE YOU
> E Terminated with fatal signal 11
> error
> exit status was 0"

Well, the fatal signal 11 typically means that something core dumped and
there may be a core file in your /tmp/cvs-sanity/ tree somewhere.

What is happening? Well, let us take a closer look....

|            dotest_fail passwd-1 \

The dotest_fail means we believe that this test should exist with a
non-zero return code. We believe this because arguments are expected by
the 'passwd' command and we are not actually going to send any to the
protocol engine.

| "$servercvs --allow-root=${CVSROOT_DIRNAME} pserver" \

This is the command we are running. Just like the inetd program would
fire off a copy of the pserver connection and feed stdin from the remote
connection and return stdout and stderr to the return connection.

The lines which follow are the expected output of the program. I
probably got the real output wrong. You could see what really came out
by running going to the src directory and running the
../contrib/debug_check_log script to see what comparisons were not
correct, or by just looking at the output found in the src/check.log
file itself.

| "$DOTSTAR LOVE YOU
| error  unrecognized request `'
| E Terminated with fatal signal 11
| # Core dumped; preserving $DOTSTAR on server\.
| E CVS locks may need cleaning up\.
| error" <<EOF

Everything after the <<EOF up to the EOF below will sent to the stdin of
the cvs pserver command. So, the lines between the BEGIN AUTH REQUEST
and the END AUTH REQUEST should tell the cvs pserver that we are running
on the /tmp/cvs-sanity/cvsroot repository with the 'testme' username 
and the Ay::'d password. With luck, this is going to match the testme
entry of the CVSROOT/passwd file we provided in the step above.

| BEGIN AUTH REQUEST
| $CVSROOT_DIRNAME
| testme
| Ay::'d
| END AUTH REQUEST

At this point, we issue the 'Root /tmp/cvs-sanity/cvsroot' command
to tell the remote server the repository we are planning to use.

| Root $CVSROOT_DIRNAME
| passwd

The 'passwd' command by itself with no arguments to follow should be a
protocol error of some kind and will probably need to be handled by
your server-side passwd command argument validation processing.

> Could you please tell me, what exactly it's doing; And what I'm should
> to do to understand it??

I hope this helps somewhat.

        -- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (FreeBSD)

iD8DBQFFIiWTCg7APGsDnFERAnyrAJsH0KuWV8b/xWsw6hTT0VbytwPPvQCg49nc
hCBbsN5EtaU5WPFpRvsYotw=
=5Sd7
-----END PGP SIGNATURE-----