A long over due fix to the anoncvs setup

A long over due fix to the anoncvs setup

[Jason Molenda]

Chris and I have been talking about this ever since we upgraded to
cvs 1.11.1p1, and I finally got around to doing it last night:
Passwords are no longer necessary for pserver read-only cvs access.

Any password will be accepted, or users can skip the 'cvs login'
step altogether.  They'll still need to specify the anon login name
'anoncvs' (:pserver:anoncvs@sources.red...), but 'anonymous' and
'cvs' are also recognized - some other anoncvs sites use those
names, I believe.

If your project has a web page explaining how to check out the
sources via pserver, I'd recommend removing the initial login
command from your example.

(I'm sure some people don't believe me :-) - move your $HOME/.cvspass
aside and try it for yourself)

Jason

Re: A long over due fix to the anoncvs setup

[Jason Molenda]

On Tue, Jan 21, 2003 at 10:36:33AM -0800, Jason Molenda wrote:

> 
> If your project has a web page explaining how to check out the
> sources via pserver, I'd recommend removing the initial login
> command from your example.
> 

Incidentally, as long as you're updating this page, if you've got
a "-z9" in there, please tweak that down to "-z3".  Back when
sourceware was on a T1 and the # of anoncvs users was relatively
low -z9 made sense; it doesn't make any sense any longer.

J

Re: A long over due fix to the anoncvs setup

[Jason Molenda]

On Tue, Jan 21, 2003 at 10:36:33AM -0800, Jason Molenda wrote:

> Any password will be accepted, or users can skip the 'cvs login'
> step altogether.  


Sigh - people using cvs 1.10 on the client side still need to do a
'cvs login', where any password is accepted.  Newer cvs clients don't
require this.


BTW in case anyone is curious, Chris and I discussed the new cvs
security advisory last night and patched up the binary appropriately.

J