Connecting To The CVS Server

This document attempts to provide in depth details of the means by which jCVS connects to the cvs server.

Test Connection Dialog

If you experience any problems, you have two means of debugging the problem. The first thing you can do is to open the Test Connection Dialog via the Test Connection... command in the File menu in the main window. This dialog will attempt the connection and print detailed results of the connection operation.

Another way to debug connections is to use the Checkout Dialog and check all of the tracing checkboxes. This will cause detailed debugging of the server connection and protocols to stderr.

Finally, refer to the common problems page to see if there are any suggestions regarding your specific environment.

UNIX rsh Users

UNIX users of jCVS need to make a change to their 'Properties.txt' file in order to use the proper rsh connection method. To acommodate systems that do not provide an rsh program, jCVS implements the rsh protocol so that it can communicate with the cvs server. However, the rsh protocol requires that the socket used for communications be between 512 and 1023. Alas, under UNIX, these ports are privileged and can not be opened by jCVS unless you run it as root.

Because of this, jCVS provides a means for you to specify that it should exec() the rsh program to communicate to the cvs server. To do this, you must un-comment the following line in the 'Properties.txt' file:

jCVS.rshCommand.default=/usr/ucb/rsh

By defining this property, you are telling jCVS to use the program '/usr/ucb/rsh' to connect to the cvs server. jCVS will use the '-l' argument to the rsh program to pass in the user name that you type into jCVS.

The Properties file has an override of this property for the Solaris operating system, so Solaris users should not have to set this property.

The 'direct' Connection Method

For now, the only method not covered on the Beginning page was the 'direct' method. This method of connecting is DEPRECATED and may not be supported in future releases of jCVS. WORSE, it is VERY INSECURE, opening you up to data theft or loss.

In the case of jCVS, we use the 'direct' method to establish a direct tcp connection to the server with no password authentication, and no rsh protocol. The server must be started via inetd or an equivalent. The inetd entry must start the server with the 'server' argument, as opposed to 'pserver'. Here is an example entry: 

cvss   stream   tcp   nowait   time   /usr/local/bin/cvs   cvs server

NOTE that the process is started with a user id that is NOT 'root'. This is the only level of security that this connection method provides, so select the user carefully.

The default port number is 2402, but this can be controled via the 'Properties.txt' file. Look for property 'jCVS.portNum.direct.default', and company.

To tell jCVS to use the 'direct' method, check the 'Pserver' checkbox, and uncheck the "Use Password" checkbox. This will make the UserName and Password fields disappear, since they are not used with this connection method. Which brings up a very important point.....

WARNING
Running a cvs server in this fashion opens up your source code to BE HACKED! YOU MAY LOSE ALL OF YOUR SOURCE CODE. YOU MAY HAVE YOUR TRADE SECRETS STOLEN. YOU MAY HAVE UNDESIRABLE CODE INSERTED INTO YOUR SOFTWARE WITHOUT YOUR KNOWLEDGE. NEED I GO ON?

THIS CONNECTION METHOD SHOULD ONLY BE USED FOR COMPLETELY ISOLATED LOCAL AREA NETWORKS, WHICH CAN IN NO WAY BE ACCESSED FROM A COMPUTER NOT INTENDED TO ACCESS THE SERVER!!!

You will be hacked if you ignore this advice.

So, with that said, why would anyone do this? There is really no good reason. This is why I intend to remove this connection method in a future release.
$Id: Connecting.html,v 2.2 1997/04/25 04:19:11 time Exp $
Copyright (c) 1997 By Timothy Gerard Endres
jCVS is licensed to you under the GNU General Public License.