From 2e201c780e72b49fa6d16f27fa559972503acac4 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Tue, 31 May 2016 11:52:47 +0200 Subject: Sync --- anoncvssh.c | 55 +++++++++++-------------------------------------------- 1 file changed, 11 insertions(+), 44 deletions(-) (limited to 'anoncvssh.c') diff --git a/anoncvssh.c b/anoncvssh.c index ba4ffd1..3a59c98 100644 --- a/anoncvssh.c +++ b/anoncvssh.c @@ -60,7 +60,7 @@ * Hostname to be used when accessing the remote repository. */ #ifndef HOSTNAME -#define HOSTNAME "dim13.org" +#define HOSTNAME "anoncvs1.usa.openbsd.org" #endif /* @@ -85,8 +85,9 @@ #define PSERVER_SUPPORT #endif + /* - * Define USE_SYSLOG if you want anoncvssh to log pserver connections + * Define USE_SYSLOG if you want anoncvssh to log pserver connections * using syslog() */ #define USE_SYSLOG @@ -106,12 +107,6 @@ */ /* #define ANONCVS_USER USERNAME */ -/* - * If you want to be able to run an alternate OpenCVS binary on your - * anoncvs server, define OPENCVS_USER as the user who will invoke it. - */ -/* #define OPENCVS_USER "opencvs" */ - int main __P((int, char *[])); char * const env[] = { @@ -132,9 +127,6 @@ char *argv[]; #ifdef DEBUG int i; #endif /* DEBUG */ -#if defined(OPENCVS_USER) - int opencvs; -#endif pw = getpwuid(getuid()); if (pw == NULL) { @@ -149,17 +141,17 @@ char *argv[]; #ifdef USE_SYSLOG openlog("anoncvssh", LOG_PID | LOG_NDELAY, LOG_FACILITY); #endif /* USE_SYSLOG */ - + #ifdef ANONCVS_USER - /* + /* * I love lusers who have to test every setuid binary on my machine. */ if (getuid() != 0 && (strcmp (pw->pw_name, ANONCVS_USER) != 0)) { - fprintf(stderr, "You're not supposed to be running me!\n"); + fprintf(stderr, "You're not supposed to be running me!\n"); #ifdef USE_SYSLOG syslog(LOG_NOTICE, "User %s(%d) invoked anoncvssh - Possible twink?", - pw->pw_name, pw->pw_uid); + pw->pw_name, pw->pw_uid); #endif /* USE_SYSLOG */ exit(1); } @@ -174,12 +166,8 @@ char *argv[]; chdir("/"); setuid(pw->pw_uid); -#if defined(OPENCVS_USER) - if (!strcmp(pw->pw_name, OPENCVS_USER)) - opencvs = 1; - else - opencvs = 0; -#endif + if (pledge("stdio inet exec", NULL) == -1) + err(1, "pledge"); /* * program now "safe" @@ -193,14 +181,6 @@ char *argv[]; struct sockaddr_in my_sa, peer_sa; char *us, *them; -#if defined(OPENCVS_USER) - if (opencvs == 1) { - fprintf(stderr, "OpenCVS does not support pserver\n"); - sleep(10); - exit(1); - } -#endif - slen = sizeof(my_sa); if (getsockname(0, (struct sockaddr *) &my_sa, &slen) != 0) { @@ -223,7 +203,7 @@ char *argv[]; fprintf(stderr, "malloc failed\n"); exit(1); } - syslog(LOG_PRIO, + syslog(LOG_PRIO, "pserver connection from %s:%d to %s:%d\n", them, ntohs(peer_sa.sin_port), us, ntohs(my_sa.sin_port)); @@ -237,7 +217,7 @@ char *argv[]; } #endif - if (argc != 3 || + if (argc != 3 || strcmp("anoncvssh", argv[0]) != 0 || strcmp("-c", argv[1]) != 0 || (strcmp("cvs server", argv[2]) != 0 && @@ -246,10 +226,6 @@ char *argv[]; fprintf(stderr,"version of CVS on your local machine.\n"); fprintf(stderr,"Then set your CVSROOT environment variable "); fprintf(stderr,"to the following value:\n"); -#if defined(OPENCVS_USER) - fprintf(stderr, "\t%s@%s:%s for OpenCVS\n", OPENCVS_USER, - HOSTNAME, LOCALROOT); -#endif fprintf(stderr,"\t%s\n\n", CVSROOT); #ifdef DEBUG fprintf(stderr, "argc = %d\n", argc); @@ -260,16 +236,7 @@ char *argv[]; exit(0); } -#if defined(OPENCVS_USER) - if (opencvs == 1) { - execle("/usr/bin/opencvs", "opencvs", - "server", (char *)NULL, env); - } else { -#endif execle("/usr/bin/cvs", "cvs", "server", (char *)NULL, env); -#if defined(OPENCVS_USER) - } -#endif perror("execle: cvs"); fprintf(stderr, "unable to exec CVS server!\n"); -- cgit v1.2.3