cornercorner
FeaturesPluginsDocs & SupportCommunityPartners

CVS :ext: connection method

The paper discusses :ext: connection method support in NetBeans IDE CVS integration.

What is :ext: connection method?

The :ext: connection method is one of well known ways how CVS establishes client to repository (server) communication channel:
  • :local: accesses repository direcly using build-in cvs server
  • :fork: like :local: but executes cvs server and then uses C/S protocol
  • :server: connects using internal rsh [obsolete] (XXX)
  • :pserver: connects using internal pserver client (plain passwords on wire)
  • :gserver: (also :kserver:) connects using internal GSSAPI (requires client and server with Kerberos support) [rare]
  • :ext: connects using external program (shell)
:ext: is typically used to securely access CVS repositories using SSH shell.

With :ext: CVS first reads CVS_RSH environment variable that defines shell executable (defaults to rsh) and CVS_SERVER environment variable that defines path to cvs server executable (by default cvs assuming it's on path). cvs -d :ext:username@hostname:/repositoryPath executes the shell passing hostname -l username $CVS_SERVER server arguments and hijackes shell I/O streams. Finally it uses C/S protocol over the streams:

Root /repositoryPath
Valid-responses ok error Valid-requests Checked-in New-entry Checksum Copy-file Updated Created Update-existing Merged Patched Rcs-diff Mode Mod-time Removed Remove-entry Set-static-directory Clear-static-directory Set-sticky Clear-sticky Template Set-checkin-prog Set-update-prog Notified Module-expansion Wrapper-rcsOption M Mbinary E F MT
valid-requests

Pure :ext: support

IDE could follow command line client approach and execute external program (shell).
  • + It gives unmatched versatility.
  • - There's known issue with Unix SSH implementations that read passwords directly from keyboard. So there is no way how to set it from Java. (There is workaround: public/private keys handshake with empty private key passphrase.)
  • - User behind firewall must setup proxy for the shell and typically also use raw IP addresses instead of symbolic DNS names. It does not apply to command line CVS users, they must configure it anyway.
  • ? SSH users need to study key management.

IDE UI Implications

In checkout wizard and CVSROOT manager there must be a field that accepts path to the shell. Setup errors must be propagated to user.

Dedicated SSH :ext: Support

SSH is far most used shell for external connetions. IDE user could choose 'internal' CVS_RSH - internal SSH implementation.
  • + User can setup everything from IDE.
  • - It's limited to implemented SSH shell.
  • ? User may still need to do some SSH setup if using public/private keys authentification (export public key to server).

IDE Implications

In checkout wizard and CVSROOT manager there must be a panel enabling internal SSH implementation, accepting authentification parameters and linking to help topic on public/private keys setup.

IDE must be bundled withh SSH implementation library.

Petr Kuzel on 11th May 2005
Companion
Projects: 		MySQL Database Server   GlassFish Community: an Open Source Application Server   Open Solaris  Open JDK: an Open SourceJDK   Mobile & Embedded Community     Sponsored by 
Sponsored by Sun Microsystems