Checkout Tools
  • last updated 2 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 855682 is being indexed.

Add authz callback support to the commit editor.

Patch by: David Anderson <david.anderson@calixo.net>

* subversion/include/svn_error_codes.h

New error message.

* subversion/include/svn_repos.h

(svn_repos_authz_access_t): Move to the begginning of file to avoid

warnings about undeclared types.

(svn_repos_authz_callback_t): New callback type for extended authz

lookups.

(svn_repos_get_commit_editor3): Rev API, add an authz callback and

pointer.

(svn_repos_get_commit_editor2): Deprecate.

* subversion/libsvn_repos/commit.c

(edit_baton): New fields for authz.

(check_authz): New internal function.

(open_root, delete_entry, add_directory, open_directory,

apply_textdelta, add_file, open_file, change_file_prop,

change_dir_prop): Perform authz lookups.

* subversion/libsvn_ra_local/ra_plugin.c

(svn_ra_local__get_commit_editor): Use the new commit editor API.

* subversion/svnserve/serve.c

(commit): Use the new commit editor API.

* subversion/tests/libsvn_repos/repos-test.c

(commit_authz_cb): Callback implementation for the commit editor

authz test.

(commit_editor_authz): New test.

  1. … 5 more files in changeset.
Make the repos-test authz tests cleanup after themselves.

* subversion/tests/libsvn_repos/repos-test.c

Fix some space-before-paren inconsistencies.

(authz_get_handle): Always try to close and remove the authz_test_*

temporary file.

Bugfix for overly-strict rejection by recursive authz lookup algorithm.

Original bug report here:

http://subversion.tigris.org/servlets/ReadMsg?listName=users&msgNo=35734

Suggested by: Bernd Rinn <bernd@sdf.lonestar.org>

Patch by: David Anderson <david.anderson@calixo.net>

* subversion/libsvn_repos/authz.c

(authz_parse_section): use svn_path_is_ancestor to establish

relationships between paths instead of just strncmp.

* subversion/tests/libsvn_repos/repos-test.c

(authz): New regression test.

  1. … 1 more file in changeset.
Followup to r15400 with docstrings and small implementation fixes,

after review by kfogel.

Patch by: David Anderson <david.anderson@calixo.net>

Review by: kfogel

* subversion/include/svn_repos.h

(svn_repos_authz_read): Rewrite the docstring to be less

implementation-oriented.

* subversion/libsvn_repos/authz.c

(authz_lookup_baton, authz_validate_baton,

authz_group_contains_user): Document.

(svn_authz_t): Remove repeat of the public API docstring. Document

implementation info only.

(authz_access_is_granted, authz_access_is_determined,

authz_group_walk, authz_validate_group, authz_validate_section):

Document properly.

(authz_validate_rule): Document properly. Change function parameter

name for clarity. Do not needlessly wrap line.

(svn_repos_authz_read): Change function parameter name for style

consistency. Correct implementation comment within the function.

(svn_repos_authz_check_access): Remove base_name and use

current_path in its stead.

  1. … 2 more files in changeset.
Fix tests on Windows.

* subversion/tests/libsvn_repos/repos-test.c

(authz_get_handle): Manually close and remove the temp config file to

prevent file sharing problems.

Add a function which opens and verifies that an authz configuration

file does not contain any logic errors prior to any lookups.

Patch by: David Anderson <david.anderson@calixo.net>

* subversion/include/svn_error_codes.h: Update copyright notice.

(SVN_ERR_AUTHZ_INVALID_CONFIG): New error code.

* subversion/include/svn_repos.h: Remove useless include.

(svn_authz_t): New opaque data type.

(svn_repos_authz_read): New public API.

(svn_repos_authz_check_access): Fix docstring typo. Use a

svn_authz_t* instead of a svn_config_t*.

* subversion/libsvn_repos/authz.c

Use svn_authz_t instead of svn_config_t for handles to authz

configurations.

(authz_baton): Rename.

(authz_lookup_baton): Renamed from authz_baton. All references

changed.

(authz_validate_baton): New baton for use in validation routines.

(authz_group_contains_user_internal): Remove function.

(authz_group_contains_user): Remove useless protection against

invalid configurations.

(authz_get_path_access): Rewrite docstring.

(authz_get_tree_access): Return the access status directly.

(authz_group_walk, authz_validate_rule,

authz_validate_group, authz_validate_section):

New internal functions.

(svn_repos_authz_read): New function.

(svn_repos_authz_check_access): Change calls to altered internal

functions.

* subversion/tests/libsvn_repos/repos-test.c

Use svn_authz_t instead of svn_config_t for handles to authz

configurations.

(authz_get_handle): New function. Factor out the converting a char*

authz file contents to a parsed svn_authz_t* from the authz test

function.

(authz): Add a second batch of tests to ensure that invalid authz

configurations are caught during the authz loading.

* subversion/mod_authz_svn/mod_authz_svn.c

Use svn_authz_t instead of svn_config_t for handles to authz

configurations.

(req_check_access): replace call to svn_config_read with a call to

svn_repos_authz_read.

  1. … 4 more files in changeset.
Fix tests on Windows.

* subversion/tests/clients/cmdline/stat_tests.py

(text_time_behaviour): Use binary mode when manually reverting the file

to prevent newline translations.

* subversion/tests/clients/cmdline/blame_tests.py

(blame_in_xml): Use platform path separators in xml template.

* subversion/tests/clients/cmdline/svntest/wc.py

(write_to_disk): Use binary mode to write contents so no newline

translating will occur.

* subversion/tests/libsvn_repos/repos-test.c

(authz): Manually close and remove the temp config file to prevent

file locking problems.

  1. … 3 more files in changeset.
Move authz routines from mod_authz_svn to libsvn_repos; rework authz

code to fit in with libsvn_repos; update mod_authz_svn to reflect

the move.

Patch by: David Anderson <david.anderson@calixo.net>

* subversion/mod_authz_svn/mod_authz_svn.c: Add includes, remove

nameless enum. Update copyright notice.

(parse_authz_baton, group_contains_user_internal,

group_contains_user, parse_authz_line,

parse_authz_lines, parse_authz_section,

parse_authz_sections, check_access): Remove, functionality

moves to libsvn_repos.

(req_check_access): Use the authz routines in libsvn_repos and wrap

any errors reported by the authz layer. Test for a NULL repos_path

here rather than in check_access.

* subversion/include/svn_repos.h: Add include. Update copyright notice.

(svn_repos_authz_access_t): New enum type.

(svn_repos_authz_check_access): New public API.

* subversion/libsvn_repos/authz.c: New file. Contains the functionality

moved from mod_authz_svn. Rename functions and variable names to

better fit libsvn_repos. Add internal API and in-function

documentation.

(authz_access_is_granted, authz_access_is_determined): New functions

that refactor and document obfuscated tests that were previously in

authz_parse_section and authz_get_path_access.

* subversion/tests/libsvn_repos/repos-test.c: Add include. Update

copyright notice.

(authz): New test.

* build.conf: Add dependancy on libsvn_repos to mod_authz_svn build

rules.

  1. … 4 more files in changeset.
Fix major autoversioning interoperability bug.

Propagate the svn_lock_t 'xml_comment' boolean field into

svn_fs_lock() and svn_repos_fs_lock() APIs, rather than dropping it

into the ether. While we're at it, rename the boolean to something

more understandable.

This fixes a large autoversioning bug. Because the boolean was always

being written to disk as '0', mod_dav_svn was assuming (upon fetching

locks) that every lock-comment was created by a subversion client.

This caused it to return garbage values back to generic DAV clients.

Bug detected/fixed with cmpilato and fitz.

* subversion/include/svn_types.h

(svn_lock_t): rename 'xml_comment' to 'dav_comment' for clarity.

* subversion/include/svn_fs.h

(svn_fs_lock): take new 'is_dav_comment' boolean arg.

* subversion/include/svn_repos.h

(svn_repos_fs_lock): take new 'is_dav_comment' boolean arg.

* subversion/libsvn_fs/fs-loader.h

(fs_vtable_t): add boolean to vtable->lock().

* subversion/libsvn_repos/fs-wrap.c

(svn_repos_fs_lock): pass new boolean to svn_fs_lock().

* subversion/libsvn_fs/fs-loader.c

(svn_fs_lock): pass new boolean argument to vtable func.

* subversion/libsvn_fs_base/lock.h

(svn_fs_base__lock): take new boolean arg.

* subversion/libsvn_fs_base/lock.c

(struct lock_args, svn_fs_base__lock, txn_body_lock): take new

boolean arg and make use of it.

* subversion/libsvn_fs_base/util/fs_skels.c

(svn_fs_base__unparse_lock_skel, svn_fs_base__parse_lock_skel):

update other users of svn_lock_t to use boolean's new name.

* subversion/libsvn_fs_fs/lock.h

(svn_fs_fs__lock): take new boolean arg.

* subversion/libsvn_fs_fs/lock.c

(IS_DAV_COMMENT_KEY): renamed from IS_XML_COMMENT_KEY.

(write_digest_file, read_digest_file): update callers to use new key name.

(struct lock_baton, svn_fs_fs__lock, lock_body): take new boolean

arg and make use of it.

* subversion/libsvn_ra_local/ra_plugin.c

(svn_ra_local__lock): pass 0 as new argument to svn_repos_fs_lock().

* subversion/svnserve/serve.c

(lock): pass 0 as new argument to svn_repos_fs_lock().

* subversion/mod_dav_svn/lock.c

(svn_lock_to_dav_lock, dav_lock_to_svn_lock): update other users of

svn_lock_t to use boolean's new name.

(dav_svn_append_locks, dav_svn_refresh_locks): pass the boolean

argument into svn_repos_fs_lock().

* subversion/tests/libsvn_fs/locks-test.c

(lock_only, lookup_lock_by_path, attach_lock, get_locks, basic_lock,

lock_credentials, final_lock_check, lock_dir_propchange,

lock_name_reservation, directory_locks_kinda, lock_expiration,

lock_break_steal_refresh, lock_out_of_date):

pass 0 as new argument to svn_fs_lock().

* subversion/tests/libsvn_repos/repos-test.c

(rmlocks): pass 0 as new argument to svn_fs_lock().

  1. … 15 more files in changeset.
Reorganization of the C test libraries and includes.

Move the misplaced svn_test.h file out of subversion/include/.

Merge libsvn_test_fs into libsvn_test.

* build.conf (libsvn_test): Tweak sources and libs, merging in values from

libsvn_test_fs.

(libsvn_test_fs): Remove.

* subversion/include/svn_test.h: Move...

* subversion/tests/svn_test.h: ...to here.

* subversion/tests/fs-helpers.c: Rename...

* subversion/tests/svn_test_fs.c: ...to this.

* subversion/tests/fs-helpers.h: Rename...

* subversion/tests/svn_test_fs.h: ...to this.

* subversion/tests/svn_tests_main.c: Rename...

* subversion/tests/svn_test_main.c: ...to this.

* subversion/tests/libsvn_delta/random-test.c:

* subversion/tests/libsvn_diff/diff-diff3-test.c:

* subversion/tests/libsvn_fs/locks-test.c:

* subversion/tests/libsvn_fs_base/changes-test.c:

* subversion/tests/libsvn_fs_base/fs-test.c:

* subversion/tests/libsvn_fs_base/key-test.c:

* subversion/tests/libsvn_fs_base/skel-test.c:

* subversion/tests/libsvn_fs_base/strings-reps-test.c:

* subversion/tests/libsvn_ra_local/ra-local-test.c:

* subversion/tests/libsvn_repos/dir-delta-editor.c:

* subversion/tests/libsvn_repos/repos-test.c:

* subversion/tests/libsvn_subr/compat-test.c:

* subversion/tests/libsvn_subr/config-test.c:

* subversion/tests/libsvn_subr/hashdump-test.c:

* subversion/tests/libsvn_subr/opt-test.c:

* subversion/tests/libsvn_subr/path-test.c:

* subversion/tests/libsvn_subr/stream-test.c:

* subversion/tests/libsvn_subr/string-test.c:

* subversion/tests/libsvn_subr/time-test.c:

* subversion/tests/libsvn_subr/utf-test.c:

* subversion/tests/libsvn_wc/translate-test.c:

Change #includes appropriately.

  1. … 28 more files in changeset.
Revert r14002 - philip pointed out that it contravened compatibility rules.

  1. … 5 more files in changeset.
* subversion/include/svn_error_codes.h: Remove unused #include "svn_props.h".

* subversion/libsvn_fs_base/tree.c:

* subversion/libsvn_fs_fs/fs_fs.c:

* subversion/libsvn_fs_fs/tree.c:

* subversion/tests/libsvn_fs_base/fs-test.c:

* subversion/tests/libsvn_repos/repos-test.c:

Add missing #include of "svn_props.h", which was previously being picked

up as a side effect of #including other files.

  1. … 5 more files in changeset.
Merge the functionalities of svn_fs_attach_lock() and svn_fs_lock()

into a single function (svn_fs_lock).

* subversion/include/svn_fs.h

(svn_fs_lock): Add (optional) 'token' parameter, and move the

'force' parameter closer to the end.

(svn_fs_attach_lock): Remove.

* subversion/libsvn_fs/fs-loader.h

(fs_vtable_t): Lose 'attach_lock'. Tweak 'lock' param list to match

svn_fs_lock().

* subversion/libsvn_fs/fs-loader.c

(svn_fs_lock): Add 'token' parameter, and move the 'force' parameter

closer to the end. Update call to vtable functions.

(svn_fs_attach_lock): Remove.

* subversion/libsvn_fs_fs/fs.c

(fs_vtable): Lose reference to svn_fs_fs__attach_lock().

* subversion/libsvn_fs_fs/lock.h

(svn_fs_fs__lock): Add 'token' parameter, and move the 'force'

parameter closer to the end.

(svn_fs_fs__attach_lock): Remove.

* subversion/libsvn_fs_fs/lock.c

(generate_new_lock): Remove.

(svn_fs_fs__lock): Add 'token' parameter, and move the 'force'

parameter closer to the end. Eat up generate_new_lock's

functionality. Also, leave a big TODO here for verifying the

legitimacy of a non-NULL input token.

(svn_fs_fs__attach_lock): Remove.

* subversion/libsvn_fs_base/fs.c

(fs_vtable): Lose reference to svn_fs_base__attach_lock().

* subversion/libsvn_fs_base/lock.h

(svn_fs_base__lock): Add 'token' parameter, and move the 'force'

parameter closer to the end.

(svn_fs_base__attach_lock): Remove.

* subversion/libsvn_fs_base/lock.c

(generate_new_lock): Remove.

(struct lock_args): Add 'token' member.

(txn_body_lock): If present, use baton's token as the lock token.

(svn_fs_base__lock): Add 'token' parameter, and move the 'force'

parameter closer to the end. Populate new 'token' baton member.

(struct attach_lock_args, txn_body_attach_lock,

svn_fs_base__attach_lock): Remove.

* subversion/include/svn_repos.h

(svn_repos_fs_attach_lock): Remove.

(svn_repos_fs_lock): Add 'token' parameter, and move the 'force'

parameter closer to the end.

* subversion/libsvn_repos/fs-wrap.c

(svn_repos_fs_lock): Add 'token' parameter, and move the 'force'

parameter closer to the end.

(svn_repos_fs_attach_lock): Remove.

* subversion/libsvn_ra_local/ra_plugin.c

(svn_ra_local__lock): Update call to svn_repos_fs_lock().

* subversion/svnserve/serve.c

(lock): Update call to svn_repos_fs_lock().

* subversion/mod_dav_svn/lock.c

(dav_svn_append_locks, dav_svn_refresh_locks): Use

svn_repos_fs_lock() instead of svn_repos_fs_attach_lock(). Also,

fix a bug where a lock timeout was being used as an expiration date.

* subversion/tests/libsvn_fs/locks-test.c

(lock_only, lookup_lock_by_path, get_locks, basic_lock,

lock_credentials, final_lock_check, lock_dir_propchange,

lock_name_reservation, directory_locks_kinda, lock_expiration,

lock_break_steal_refresh, lock_out_of_date): Update calls to

svn_fs_lock(), and use it instead of svn_fs_attach_lock(). Also,

use TRUE/FALSE instead of 1/0 for the boolean 'force' flag.

(attach_lock): Use svn_fs_lock() instead of svn_fs_attach_lock().

* subversion/tests/libsvn_repos/repos-test.c

(rmlocks): Update calls to svn_fs_lock().

  1. … 15 more files in changeset.
Merge locking branch to trunk, by comparing trunkURL with branchURL.

This is not a test. This is an actual addition of a very large feature.

This merge passes 'make check' over all three RA implementations.

To see commit logs for this feature, examine /branches/locking, r11749:13570.

  1. … 183 more files in changeset.
Yet more buildsystem/testsystem simplification. Dispose of run-*-tests.py, and

just run the appropriate tests directly. Incidentally, re-enable changes-test,

which was erroneously not being run.

* build.conf: Remove the run-*-tests.py script references, and un-skip the

previously contained tests.

* subversion/tests/libsvn_fs_base/run-fs-tests.py:

* subversion/tests/libsvn_repos/run-repos-tests.py:

* subversion/tests/python-libs:

Delete, no longer required.

  1. … 3 more files in changeset.
Remove an unused test helper program.

* subversion/tests/libsvn_repos/md5args.c: Delete.

* build.conf: Remove references.

  1. … 1 more file in changeset.
CAN-2004-0749: path-based authz fixes for /trunk.

For a description of the metadata leak, see:

http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt

This change is the combination of six security patches applied to the

1.1.x branch. Specifically:

r11089

r11092

r11093

r11095

r11096

r11097

See those revisions' log messages for details.

  1. … 17 more files in changeset.
* subversion/tests/libsvn_repos/repos-test.c

(check_locations_info): Make variable unsigned and so avoid a gcc

compiler warning about mixing signed and unsigned.

Fix bug that caused tests to fail introduced in r9965.

* subversion/tests/libsvn_repos/repos-test.c (node_locations): Add forgotten

terminator to array of structs.

Add a repository function to get the revisions of a path@peg_revision in other

revisions.

Patch by: Shlomi Fish <shlomif@iglu.org.il>

me

* include/svn_repos.h (svn_repos_trace_node_locations): New function.

* libsvn_repos/rev_hunt.c (compare_revnums, check_ancestry_of_peg_path,

svn_repos_trace_node_locations): New function.

* tests/libsvn_repos/repos-test.c (struct locations_info,

check_locations_info, check_locations, node_locations): New functions.

(test_funcs): Added node_locations.

  1. … 2 more files in changeset.
Eliminate all uses of SVN_REVNUM_T_FMT in every C source file that used it.

Replace every occurence with 'ld' and concatenate string constants

appropriately.

Approved by brane.

  1. … 55 more files in changeset.
Add '*.exe' to svn:ignore property.

* subversion/tests/libsvn_fs

* subversion/tests/libsvn_diff

* subversion/tests/libsvn_wc

* subversion/tests/libsvn_subr

* subversion/tests/libsvn_ra_local

* subversion/tests/libsvn_repos

* subversion/tests/libsvn_delta

  1. … 6 more files in changeset.
Fix typos in tests. The meaning is not changed. Although the missing commas

caused the third field to be uninitialised (and therefore NULL) instead of the

intended empty string, that field is not used when the first field is 'd'.

* subversion/tests/libsvn_fs/fs-test.c (check_all_revisions):

* subversion/tests/libsvn_repos/repos-test.c (dir_deltas):

Insert missing commas between array initialisers.

  1. … 1 more file in changeset.
For consistency, use "" instead of NULL for a no-op target.

Patch by Greg Hudson, see 1.0-cand issue #999.

* libsvn_wc/update_editor.c, include/svn_wc.h (svn_wc_get_actual_target):

Set target to empty (not NULL) when anchor is subject.

* include/svn_repos.h (svn_repos_begin_report, svn_repos_dir_delta),

include/svn_wc.h (svn_wc_get_status_editor, svn_wc_get_update_editor,

svn_wc_get_switch_editor),

include/svn_ra.h (do_update, do_switch, do_status, do_diff):

Expect target to be empty (not NULL) when anchor is subject.

* libsvn_wc/diff.c (directory_elements_diff),

libsvn_wc/status.c (delete_entry, close_directory):

libsvn_wc/update_editor.c (make_dir_baton, complete_directory,

open_root, close_edit),

libsvn_client/diff.c (diff_wc_wc, diff_repos_wc),

libsvn_client/commit.c (adjust_rel_targets, svn_client_commit),

mod_dav_svn (dav_svn__update_report),

clients/cmdline/commit-cmd.c (svn_cl__commit),

libsvn_repos/delta.c (svn_repos_dir_delta),

libsvn_ra_dav/fetch.c (end_element, make_reporter):

Test for emptiness of target, rather than nullity.

* libsvn_client/switch.c (svn_client_switch),

libsvn_client/export.c (svn_client_export),

libsvn_client/diff.c (do_merge, diff_repos_repos, diff_repos_wc),

mod_dav_svn (dav_svn__update_report),

tests/libsvn_repos/repos-test.c (dir_deltas):

Pass empty target (not NULL) when anchor is subject.

* libsvn_wc/diff.c (svn_wc_diff),

libsvn_wc/update_editor.c (do_entry_deletion),

mod_dav_svn/update.c (dav_svn__update_report),

libsvn_ra_dav/fetch.c (start_element),

libsvn_repos/reporter.c (svn_repos_set_path, svn_repos_link_path,

svn_repos_delete_path, finish_report,

svn_repos_begin_report):

Simplify code by assuming that target is not NULL.

* libsvn_ra_svn/client.c (ra_svn_update, ra_svn_switch, ra_svn_status,

ra_svn_diff),

svnserve/serve.c (update, switch_cmd, status, diff):

Stop translating NULL to "" and back over the wire.

  1. … 17 more files in changeset.
Update copyright notices for 2004, resolving issue #1651.

(See also revision 8019, which fixed a couple of missed spots.)

  1. … 358 more files in changeset.
Fix typos in comments.

  1. … 45 more files in changeset.
Fix a bug where pool memory was used after the pool was cleared.

* subversion/tests/libsvn_repos/repos-test.c (dir_deltas): Get a new

revision root for r4 rather than reusing the one obtained for r3.

Follow up to r7628:

A few spots didn't get converted to use APR_MD5_DIGESTSIZE instead of

MD5_DIGESTSIZE; fix them.

  1. … 2 more files in changeset.
* subversion/tests/libsvn_repos/run-repos-tests.py: Set svn:executable.

Merge /branches/partial-authz-dev to /trunk, r7571:7672.

See the branch for full log messages.

Here's my nutshell summary of the new 'partial read-authz feature':

If a client checks out or updates a tree, a server authz system now

has the ability to selectively deny read-access on arbitrary files and

dirs by supplying a authz_read_func to svn_repos_dir_delta(). In this

situation, dir_delta() will call new absent_[file|dir]() editor

functions instead of the usual [open|add] functions. The DAV layer

now marshals these messages over the network, and libsvn_wc marks the

appropriate wc entries as 'absent'. Entries marked 'absent' are

essentially treated like 'deleted' ones; most client commands can't

see them at all. (But 'svn up' *does* report them to the server, in

case read-access is re-granted.)

(There are still a couple of small wc bugs, specifically triggered by

repeated granting/ungranting of read-access to files. They'll be

fixed RSN.)

Final note: this change upgrades working copies from format 2 to

format 3 'in place'. Format 1 wc's are no longer supported.

  1. … 26 more files in changeset.