[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: FAQ-O-Matic pserver protocol
From: |
Mark D. Baushke |
Subject: |
Re: FAQ-O-Matic pserver protocol |
Date: |
Sun, 13 Feb 2005 17:44:35 -0800 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Guus Leeuw jr. <address@hidden> writes:
> > Have you considered moving to the CVSNT fork
> > of CVS? (Yes, it runs on boxes other than
> > Windows.)
>
> No, and I won't. I am a long time believer of CVS pure ;)
LOL. Okay. :-)
(I just hope you didn't hur Arthur Barrett's feelings. :-)
I honestly think that the cvsnt stuff has its
place in the scheme of things. I just wish they
didn't have so many different authentication
methods...
I am enough of a realist to know that there will
be many different clients out there as well as
more than one server implementation. I think of
this as mostly being healthy.
I am also looking with interest to see what the
OpenBSD folks do with their OpenCVS implementation
of cvs.
> I'd assume most people out there use the CVS
> 1.11 branch of things, so I'd stick passwd in
> the feature release for the hard-edge to test,
> and then maybe a back-port?
Well, it is hoped that sometime this year 1.12.x
will become the STABLE release and 1.11.x would
become deprecated.
We have been resisting putting anything but bug
fixes into 1.11.x and a new option like 'cvs
password' would not fit the criteria for an
official backport.
If you wanted to provide a patch that folks
applied to older releases, you could that.
> Well, if I'd do it, I'd do it because of:
> 1) It seems useful (Jim suggested such)
Yup, I am sure there are a number of folks who
believe it to be useful.
> 2) Larry, Derek, and you Mark would want it in
> the general CVS...
I can not speak for either Larry or Derek.
> > That said, if you really are planning to
> > cleanup pserver to make it 'secure' for
> > changing a password, maybe you can find the
> > time to do a more secure replacement code base
> > for the pserver implementation instead? If you
> > can get security folks to go thru all possible
> > code paths and shake out the next big bug (and
> > fix it), then I am sure a lot of folks would
> > appreciate your work.
>
> Maybe... We'll see. Let me first tackle the
> password stuff, and later, I might have time to
> go about pserver in general...
Fair enough.
-- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
iD8DBQFCEAKD3x41pRYZE/gRAgzPAKDaWItMA9nI0C9/F8gSM4uYg1h6dQCfZ8hr
veweDg8v8dR7oUTqKUb/xOc=
=uMBV
-----END PGP SIGNATURE-----