summaryrefslogtreecommitdiff
path: root/git-cvsserver.perl
diff options
context:
space:
mode:
authorFrank Lichtenheld <frank@lichtenheld.de>2007-05-13 19:49:05 +0200
committerJunio C Hamano <junkio@cox.net>2007-05-13 23:57:27 -0700
commit460c6996e27208898d3e24897e2ea35295c1cbf1 (patch)
tree58ea0a5693f646bc20ee398e414a0c9e81ab6a9c /git-cvsserver.perl
parentdfaa61bd524799d61b50bbbcee8b7972910ea41c (diff)
downloadgit-460c6996e27208898d3e24897e2ea35295c1cbf1.tar.gz
cvsserver: Don't send mixed messages to clients
After we send I HATE YOU we should probably exit and not happily continue with I LOVE YOU and further communication. Most clients will probably just exit and ignore everything we send after the I HATE YOU and it is not a security problem either because we don't really care about the user name anyway. But it is still the right thing to do. [jc: with a minor fixup to its exit code...] Signed-off-by: Frank Lichtenheld <frank@lichtenheld.de> Acked-by: "Martin Langhoff" <martin.langhoff@gmail.com> Signed-off-by: Junio C Hamano <junkio@cox.net>
Diffstat (limited to 'git-cvsserver.perl')
-rwxr-xr-xgit-cvsserver.perl1
1 files changed, 1 insertions, 0 deletions
diff --git a/git-cvsserver.perl b/git-cvsserver.perl
index a07c72526f..ac88625fc2 100755
--- a/git-cvsserver.perl
+++ b/git-cvsserver.perl
@@ -105,6 +105,7 @@ if (@ARGV && $ARGV[0] eq 'pserver') {
unless ($line eq 'anonymous') {
print "E Only anonymous user allowed via pserver\n";
print "I HATE YOU\n";
+ exit;
}
$line = <STDIN>; chomp $line; # validate the password?
$line = <STDIN>; chomp $line;