On 01/24/08 07:47:59, Gary Funck wrote: > > Doing a little research, I noticed that pserver and > server share the same CVS transaction protocol, except > for the "front end" of the protocol where pserver > authenticates and :ext: server does not. It seemed > to me that it might be possible to write a "server > to pserver" protocol converter, that talks to an > :ext:server client on side and that translates those > requests to a pserver in a meaningful way. > > To demonstrate how this might be done, I've sketched > out the basics as I understand them. > > === > > cvspsproxy - a cvs server proxy that connects to a pserver > > cvspsproxy supports connections from CVS clients using > the :ext: server protocol. cvspsproxy will in turn connect > to a psercer, obtaining the pserver specification by > reading the various :ext:server specifications from stdin, > utilizing the server protocol. The pserver user, host, > and password will be extracted from the ~/.cvspass file. > This authentication information is then sent to the > pserver. Once authenticated cvspsproxy simply passes > data between the client and the pserver. This works > because the pserver and server protocols are identical > once the client has been authenticated. > > Cvspsproxy is intended for use via an ssh connection, > but can be used in other contexts as well.
As a rainy day project (and we've had plenty of rain), I developed an initial implementation of cvspsproxy, described here: http://intrepid.com/~gary/cvspsproxy/ (with a link to download the source code). Cvspspproxy seems to work as expected on a limited set of test cases. You may find the following extension to be of interest: An extended repository syntax is supported, as illustrated by this command: CVS_SERVER=cvspsproxy CVS_RSH=ssh \ cvs -d ':ext:[EMAIL PROTECTED]/[EMAIL PROTECTED]/var/cvs' \ co module Above, puser is a user known to the pserver executing on cvs-host. This user need not have a user account on that system. The CVS pserver will validate puser. This extension makes it possible to define a single cvsuser account on an outward-facing firewall system that serves as a gateway for local pserver access.
