Attachment #20500 for bug #33118

Lines 80-85 Link Here

(-)rssh-2.1.1/Makefile.in (+1 lines)
80	install_sh = @install_sh@	80	install_sh = @install_sh@
81	scp_path = @scp_path@	81	scp_path = @scp_path@
82	sftp_path = @sftp_path@	82	sftp_path = @sftp_path@
		83	cvs_path = @cvs_path@
83	static = @static@	84	static = @static@
84	AUTOMAKE_OPTIONS = nostdinc	85	AUTOMAKE_OPTIONS = nostdinc
85	ourdefs = -DPATH_RSSH_CONFIG=\"@sysconfdir@/rssh.conf\" -DPATH_CHROOT_HELPER=\"@libexecdir@/rssh_chroot_helper\"	86	ourdefs = -DPATH_RSSH_CONFIG=\"@sysconfdir@/rssh.conf\" -DPATH_CHROOT_HELPER=\"@libexecdir@/rssh_chroot_helper\"




# include <unistd.h>
#endif"

ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO AMTAR install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM AWK SET_MAKE CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE LN_S CPP EGREP LIBOBJS scp_path sftp_path cvs_path static defcflags CHROOT_HELPER LTLIBOBJS'
ac_subst_files=''

# Initialize some variables set by options.

  --without-PACKAGE       do not use PACKAGE (same as --with-PACKAGE=no)
  --with-scp              specify path to scp binary
  --with-sftp-server      specify path to sftp-server binary
  --with-cvs              specify path to cvs binary

Some influential environment variables:
  CC          C compiler command

echo "$as_me: WARNING: specified sftp-server binary does not exist" >&2;}
fi

# Check for cvs binary


# Check whether --with-cvs or --without-cvs was given.
if test "${with_cvs+set}" = set; then
  withval="$with_cvs"
  cvs_path="$withval"
else
  cvs_path=""
fi;

# Extract the first word of "cvs", so it can be a program name with args.
set dummy cvs; ac_word=$2
echo "$as_me:$LINENO: checking for $ac_word" >&5
echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
if test "${ac_cv_path_cvs_path+set}" = set; then
  echo $ECHO_N "(cached) $ECHO_C" >&6
else
  case $cvs_path in
  [\\/]* | ?:[\\/]*)
  ac_cv_path_cvs_path="$cvs_path" # Let the user override the test with a path.
  ;;
  *)
  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
  IFS=$as_save_IFS
  test -z "$as_dir" && as_dir=.
  for ac_exec_ext in '' $ac_executable_extensions; do
  if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
    ac_cv_path_cvs_path="$as_dir/$ac_word$ac_exec_ext"
    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
    break 2
  fi
done
done

  ;;
esac
fi
cvs_path=$ac_cv_path_cvs_path

if test -n "$cvs_path"; then
  echo "$as_me:$LINENO: result: $cvs_path" >&5
echo "${ECHO_T}$cvs_path" >&6
else
  echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
fi

if test -z "$cvs_path"; then
        { { echo "$as_me:$LINENO: error: can't find cvs - please specify with --with-cvs" >&5
echo "$as_me: error: can't find cvs - please specify with --with-cvs" >&2;}
   { (exit 1); exit 1; }; }
fi

if ! test -x "$cvs_path"; then
        { echo "$as_me:$LINENO: WARNING: specified cvs binary does not exist" >&5
echo "$as_me: WARNING: specified cvs binary does not exist" >&2;}
fi

# disable static configuration

# Check whether --enable-static or --disable-static was given.

s,@LIBOBJS@,$LIBOBJS,;t t
s,@scp_path@,$scp_path,;t t
s,@sftp_path@,$sftp_path,;t t
s,@cvs_path@,$cvs_path,;t t
s,@static@,$static,;t t
s,@defcflags@,$defcflags,;t t
s,@CHROOT_HELPER@,$CHROOT_HELPER,;t t




	AC_MSG_WARN([specified sftp-server binary does not exist])
fi

# Check for cvs binary

AC_ARG_WITH(cvs,
[  --with-cvs              specify path to cvs binary],
[cvs_path="$withval"], [cvs_path=""])

AC_PATH_PROG(cvs_path, cvs, [], [])
if test -z "$cvs_path"; then
        AC_MSG_ERROR([can't find cvs - please specify with --with-cvs])
fi

if ! test -x "$cvs_path"; then
        AC_MSG_WARN([specified cvs binary does not exist])
fi

# disable static configuration

AC_ARG_ENABLE(static, 


AC_SUBST(scp_path)
AC_SUBST(sftp_path)
AC_SUBST(cvs_path)
AC_SUBST(prefix)
AC_SUBST(sysconfdir)
AC_SUBST(libexecdir)

Lines 189-194 Link Here

(-)rssh-2.1.1/main.c.in (+2 lines)
189	argvec[1] = root;	189	argvec[1] = root;
190	if ( !(strcmp(*cmd, PATH_SCP)) )	190	if ( !(strcmp(*cmd, PATH_SCP)) )
191	argvec[2] = "1";	191	argvec[2] = "1";
		192	else if ( !(strcmp(*cmd, PATH_CVS)) )
		193	argvec[2] = "3";
192	else	194	else
193	argvec[2] = "2";	195	argvec[2] = "2";
194	if ( !(homedir = extract_root(root, uinfo.pw_dir)) )	196	if ( !(homedir = extract_root(root, uinfo.pw_dir)) )

Lines 33-38 Link Here

(-)rssh-2.1.1/pathnames.h.in (+1 lines)
33		33
34	#define PATH_SFTP_SERVER "@sftp_path@"	34	#define PATH_SFTP_SERVER "@sftp_path@"
35	#define PATH_SCP "@scp_path@"	35	#define PATH_SCP "@scp_path@"
		36	#define PATH_CVS "@cvs_path@"
36		37
37	/* these generally are overridden by the makefile */	38	/* these generally are overridden by the makefile */
38	#ifndef PATH_RSSH_CONFIG	39	#ifndef PATH_RSSH_CONFIG

Lines 7-12 Link Here

(-)rssh-2.1.1/rssh.conf (+1 lines)
7	# users out completely...	7	# users out completely...
8	#allowscp	8	#allowscp
9	#allowsftp	9	#allowsftp
		10	#allowcvs
10		11
11	# set the default umask	12	# set the default umask
12	umask = 022	13	umask = 022

Lines 35-40 Link Here

(-)rssh-2.1.1/rssh.conf.5.in (+6 lines)
35	Tells the shell that sftp is allowed.	35	Tells the shell that sftp is allowed.
36	.RE	36	.RE
37	.P	37	.P
		38	.B allowcvs
		39	.RS
		40	Tells the shell that cvs is allowed.
		41	.RE
		42	.P
		43
38	.B umask	44	.B umask
39	.RS	45	.RS
40	Sets the umask value for file creations in the scp/sftp session. This is	46	Sets the umask value for file creations in the scp/sftp session. This is

Lines 43-48 Link Here

(-)rssh-2.1.1/rssh.h (-1 / +2 lines)
43		43
44	#define RSSH_ALLOW_SCP (1 << 0)	44	#define RSSH_ALLOW_SCP (1 << 0)
45	#define RSSH_ALLOW_SFTP (1 << 1)	45	#define RSSH_ALLOW_SFTP (1 << 1)
46	#define RSSH_USE_CHROOT (1 << 2)	46	#define RSSH_ALLOW_CVS (1 << 2)
		47	#define RSSH_USE_CHROOT (1 << 3)
47		48
48	#endif /* _rssh_h */	49	#endif /* _rssh_h */

Lines 147-152 Link Here

(-)rssh-2.1.1/rssh_chroot_helper.c (+3 lines)
147	case 2:	147	case 2:
148	argv[3] = PATH_SFTP_SERVER;	148	argv[3] = PATH_SFTP_SERVER;
149	break;	149	break;
		150	case 3:
		151	argv[3] = PATH_CVS;
		152	break;
150	default:	153	default:
151	log_msg("invalid command specified");	154	log_msg("invalid command specified");
152	exit(2);	155	exit(2);

Lines 67-72 Link Here

(-)rssh-2.1.1/rsshconf.c (-5 / +34 lines)
67	"#", /* start a comment */	67	"#", /* start a comment */
68	"allowscp",	68	"allowscp",
69	"allowsftp",	69	"allowsftp",
		70	"allowcvs",
70	"chrootpath",	71	"chrootpath",
71	"logfacility",	72	"logfacility",
72	"umask",	73	"umask",
Lines 92-97 Link Here
92	int process_allow_sftp( ShellOptions_t opts, const char line,	93	int process_allow_sftp( ShellOptions_t opts, const char line,
93	const int lineno );	94	const int lineno );
94		95
		96	int process_allow_cvs( ShellOptions_t opts, const char line,
		97	const int lineno );
		98
95	int get_token( const char str, char buf, const int buflen,	99	int get_token( const char str, char buf, const int buflen,
96	const bool colon, const bool ign_spc );	100	const bool colon, const bool ign_spc );
97		101
Lines 184-205 Link Here
184	if ( !(process_allow_sftp(opts, line + pos, lineno) ) )	188	if ( !(process_allow_sftp(opts, line + pos, lineno) ) )
185	return FALSE;	189	return FALSE;
186	return TRUE;	190	return TRUE;
187	case 3:	191	case 3:
		192	/* allow cvs */
		193	if ( !(process_allow_cvs(opts, line + pos, lineno) ) )
		194	return FALSE;
		195	return TRUE;
		196	case 4:
188	/* default chroot path */	197	/* default chroot path */
189	if ( !(process_chroot_path(opts, line + pos, lineno) ) )	198	if ( !(process_chroot_path(opts, line + pos, lineno) ) )
190	return FALSE;	199	return FALSE;
191	return TRUE;	200	return TRUE;
192	case 4:	201	case 5:
193	/* syslog log facility */	202	/* syslog log facility */
194	if ( !(process_log_facility(opts, line + pos, lineno) ) )	203	if ( !(process_log_facility(opts, line + pos, lineno) ) )
195	return FALSE;	204	return FALSE;
196	return TRUE;	205	return TRUE;
197	case 5:	206	case 6:
198	/* set the user's umask */	207	/* set the user's umask */
199	if ( !(process_umask(opts, line + pos, lineno) ) )	208	if ( !(process_umask(opts, line + pos, lineno) ) )
200	return FALSE;	209	return FALSE;
201	return TRUE;	210	return TRUE;
202	case 6:	211	case 7:
203	/* user */	212	/* user */
204	if ( !(process_user(opts, line + pos, lineno) ) )	213	if ( !(process_user(opts, line + pos, lineno) ) )
205	return FALSE;	214	return FALSE;
Lines 425-431 Link Here
425	opts->shell_flags \|= RSSH_ALLOW_SFTP;	434	opts->shell_flags \|= RSSH_ALLOW_SFTP;
426	return TRUE;	435	return TRUE;
427	}	436	}
428		437	/*
		438	* process_allow_cvs() - make sure there are no tokens after the keyword,
		439	* other than a possible comment. If there are
		440	* additional tokens other than comments, there is a
		441	* syntax error, and FALSE is returned. Otherwise, the
		442	* line is ok, so opts are set to allow scp, and TRUE is
		443	* returned.
		444	*/
		445	int process_allow_cvs( ShellOptions_t *opts,
		446	const char *line,
		447	const int lineno )
		448	{
		449	if ( !eat_comment(line) ){
		450	log_msg("line %d: syntax error parsing config file", lineno);
		451	return FALSE;
		452	}
		453	log_set_priority(LOG_INFO);
		454	log_msg("allowing cvs to all users");
		455	opts->shell_flags \|= RSSH_ALLOW_CVS;
		456	return TRUE;
		457	}
429		458
430	int process_chroot_path( ShellOptions_t *opts,	459	int process_chroot_path( ShellOptions_t *opts,
431	const char *line,	460	const char *line,

Lines 105-117 Link Here

(-)rssh-2.1.1/util.c (-3 / +20 lines)
105		105
106	log_set_priority(LOG_ERR);	106	log_set_priority(LOG_ERR);
107	/* determine which commands are usable for error message */	107	/* determine which commands are usable for error message */
108	if ( (flags & (RSSH_ALLOW_SCP \| RSSH_ALLOW_SFTP)) ==	108	if ( (flags & (RSSH_ALLOW_SCP \| RSSH_ALLOW_SFTP \| RSSH_ALLOW_CVS)) ==
109	(RSSH_ALLOW_SCP \| RSSH_ALLOW_SFTP) )	109	(RSSH_ALLOW_SCP \| RSSH_ALLOW_SFTP \| RSSH_ALLOW_CVS) )
110	cmd = " to scp or sftp";	110	cmd = " to scp, sftp or cvs";
		111	else if ( (flags & (RSSH_ALLOW_SCP \| RSSH_ALLOW_SFTP)) ==
		112	(RSSH_ALLOW_SCP \| RSSH_ALLOW_SFTP) )
		113	cmd = " to scp or sftp";
		114	else if ( (flags & (RSSH_ALLOW_SCP \| RSSH_ALLOW_CVS)) ==
		115	(RSSH_ALLOW_SCP \| RSSH_ALLOW_CVS) )
		116	cmd = " to scp or cvs";
		117	else if ( (flags & (RSSH_ALLOW_CVS \| RSSH_ALLOW_SFTP)) ==
		118	(RSSH_ALLOW_CVS \| RSSH_ALLOW_SFTP) )
		119	cmd = " to cvs or sftp";
111	else if ( flags & RSSH_ALLOW_SCP )	120	else if ( flags & RSSH_ALLOW_SCP )
112	cmd = " to scp only";	121	cmd = " to scp only";
113	else if ( flags & RSSH_ALLOW_SFTP )	122	else if ( flags & RSSH_ALLOW_SFTP )
114	cmd = " to sftp only";	123	cmd = " to sftp only";
		124	else if ( flags & RSSH_ALLOW_CVS )
		125	cmd = " to cvs only";
115	else cmd = "";	126	else cmd = "";
116		127
117	/* print error message to user and log attempt */	128	/* print error message to user and log attempt */
Lines 160-165 Link Here
160	opts->shell_flags & RSSH_ALLOW_SCP ){	171	opts->shell_flags & RSSH_ALLOW_SCP ){
161	return PATH_SCP;	172	return PATH_SCP;
162	}	173	}
		174	if ( !(strncmp(cl, "cvs", len)) &&
		175	(isspace(cl[len])) &&
		176	opts->shell_flags & RSSH_ALLOW_CVS ){
		177	return PATH_CVS;
		178	}
		179
163	return NULL;	180	return NULL;
164	}	181	}
165		182

Return to bug 33118

Lines 310-316 Link Here

(-)rssh-2.1.1/configure (-1 / +64 lines)
310	# include <unistd.h>	310	# include <unistd.h>
311	#endif"	311	#endif"
312		312
313	ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO AMTAR install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM AWK SET_MAKE CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE LN_S CPP EGREP LIBOBJS scp_path sftp_path static defcflags CHROOT_HELPER LTLIBOBJS'	313	ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO AMTAR install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM AWK SET_MAKE CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE LN_S CPP EGREP LIBOBJS scp_path sftp_path cvs_path static defcflags CHROOT_HELPER LTLIBOBJS'
314	ac_subst_files=''	314	ac_subst_files=''
315		315
316	# Initialize some variables set by options.	316	# Initialize some variables set by options.
Lines 857-862 Link Here
857	--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)	857	--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
858	--with-scp specify path to scp binary	858	--with-scp specify path to scp binary
859	--with-sftp-server specify path to sftp-server binary	859	--with-sftp-server specify path to sftp-server binary
		860	--with-cvs specify path to cvs binary
860		861
861	Some influential environment variables:	862	Some influential environment variables:
862	CC C compiler command	863	CC C compiler command
Lines 4704-4709 Link Here
4704	echo "$as_me: WARNING: specified sftp-server binary does not exist" >&2;}	4705	echo "$as_me: WARNING: specified sftp-server binary does not exist" >&2;}
4705	fi	4706	fi
4706		4707
		4708	# Check for cvs binary
		4709
		4710
		4711	# Check whether --with-cvs or --without-cvs was given.
		4712	if test "${with_cvs+set}" = set; then
		4713	withval="$with_cvs"
		4714	cvs_path="$withval"
		4715	else
		4716	cvs_path=""
		4717	fi;
		4718
		4719	# Extract the first word of "cvs", so it can be a program name with args.
		4720	set dummy cvs; ac_word=$2
		4721	echo "$as_me:$LINENO: checking for $ac_word" >&5
		4722	echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
		4723	if test "${ac_cv_path_cvs_path+set}" = set; then
		4724	echo $ECHO_N "(cached) $ECHO_C" >&6
		4725	else
		4726	case $cvs_path in
		4727	[\\/]* \| ?:[\\/]*)
		4728	ac_cv_path_cvs_path="$cvs_path" # Let the user override the test with a path.
		4729	;;
		4730	*)
		4731	as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
		4732	for as_dir in $PATH
		4733	do
		4734	IFS=$as_save_IFS
		4735	test -z "$as_dir" && as_dir=.
		4736	for ac_exec_ext in '' $ac_executable_extensions; do
		4737	if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
		4738	ac_cv_path_cvs_path="$as_dir/$ac_word$ac_exec_ext"
		4739	echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
		4740	break 2
		4741	fi
		4742	done
		4743	done
		4744
		4745	;;
		4746	esac
		4747	fi
		4748	cvs_path=$ac_cv_path_cvs_path
		4749
		4750	if test -n "$cvs_path"; then
		4751	echo "$as_me:$LINENO: result: $cvs_path" >&5
		4752	echo "${ECHO_T}$cvs_path" >&6
		4753	else
		4754	echo "$as_me:$LINENO: result: no" >&5
		4755	echo "${ECHO_T}no" >&6
		4756	fi
		4757
		4758	if test -z "$cvs_path"; then
		4759	{ { echo "$as_me:$LINENO: error: can't find cvs - please specify with --with-cvs" >&5
		4760	echo "$as_me: error: can't find cvs - please specify with --with-cvs" >&2;}
		4761	{ (exit 1); exit 1; }; }
		4762	fi
		4763
		4764	if ! test -x "$cvs_path"; then
		4765	{ echo "$as_me:$LINENO: WARNING: specified cvs binary does not exist" >&5
		4766	echo "$as_me: WARNING: specified cvs binary does not exist" >&2;}
		4767	fi
		4768
4707	# disable static configuration	4769	# disable static configuration
4708		4770
4709	# Check whether --enable-static or --disable-static was given.	4771	# Check whether --enable-static or --disable-static was given.
Lines 5419-5424 Link Here
5419	s,@LIBOBJS@,$LIBOBJS,;t t	5481	s,@LIBOBJS@,$LIBOBJS,;t t
5420	s,@scp_path@,$scp_path,;t t	5482	s,@scp_path@,$scp_path,;t t
5421	s,@sftp_path@,$sftp_path,;t t	5483	s,@sftp_path@,$sftp_path,;t t
		5484	s,@cvs_path@,$cvs_path,;t t
5422	s,@static@,$static,;t t	5485	s,@static@,$static,;t t
5423	s,@defcflags@,$defcflags,;t t	5486	s,@defcflags@,$defcflags,;t t
5424	s,@CHROOT_HELPER@,$CHROOT_HELPER,;t t	5487	s,@CHROOT_HELPER@,$CHROOT_HELPER,;t t

Lines 115-120 Link Here

(-)rssh-2.1.1/configure.ac (+16 lines)
115	AC_MSG_WARN([specified sftp-server binary does not exist])	115	AC_MSG_WARN([specified sftp-server binary does not exist])
116	fi	116	fi
117		117
		118	# Check for cvs binary
		119
		120	AC_ARG_WITH(cvs,
		121	[ --with-cvs specify path to cvs binary],
		122	[cvs_path="$withval"], [cvs_path=""])
		123
		124	AC_PATH_PROG(cvs_path, cvs, [], [])
		125	if test -z "$cvs_path"; then
		126	AC_MSG_ERROR([can't find cvs - please specify with --with-cvs])
		127	fi
		128
		129	if ! test -x "$cvs_path"; then
		130	AC_MSG_WARN([specified cvs binary does not exist])
		131	fi
		132
118	# disable static configuration	133	# disable static configuration
119		134
120	AC_ARG_ENABLE(static,	135	AC_ARG_ENABLE(static,
Lines 142-147 Link Here
142		157
143	AC_SUBST(scp_path)	158	AC_SUBST(scp_path)
144	AC_SUBST(sftp_path)	159	AC_SUBST(sftp_path)
		160	AC_SUBST(cvs_path)
145	AC_SUBST(prefix)	161	AC_SUBST(prefix)
146	AC_SUBST(sysconfdir)	162	AC_SUBST(sysconfdir)
147	AC_SUBST(libexecdir)	163	AC_SUBST(libexecdir)