Author: danielsh
Date: Wed Jun 29 22:26:46 2011
New Revision: 1141292
URL: http://svn.apache.org/viewvc?rev=1141292&view=rev
Log:
Don't allow arbitrary strings for the value of the 'SVNPathAuthz' directive.
* subversion/mod_dav_svn/mod_dav_svn.c
(SVNPathAuthz_cmd): Error out when value not in ['on', 'off',
'short_circuit'].
Modified:
subversion/trunk/Makefile.in
subversion/trunk/subversion/tests/cmdline/davautocheck.sh
Modified: subversion/trunk/Makefile.in
URL:
http://svn.apache.org/viewvc/subversion/trunk/Makefile.in?rev=1141292&r1=1141291&r2=1141292&view=diff
==============================================================================
--- subversion/trunk/Makefile.in (original)
+++ subversion/trunk/Makefile.in Wed Jun 29 22:26:46 2011
@@ -501,7 +501,7 @@ davcheck: bin $(TEST_DEPS) @BDB_TEST_DEP
# Automatically configure and run Apache httpd on a random port, and then
# run make check.
davautocheck: bin $(TEST_DEPS) @BDB_TEST_DEPS@ apache-mod
- @# Takes MODULE_PATH and USE_HTTPV1 in the environment.
+ @# Takes MODULE_PATH, USE_HTTPV1 and SVN_PATH_AUTHZ in the environment.
@APXS=$(APXS) bash
$(top_srcdir)/subversion/tests/cmdline/davautocheck.sh
# First, run:
Modified: subversion/trunk/subversion/tests/cmdline/davautocheck.sh
URL:
http://svn.apache.org/viewvc/subversion/trunk/subversion/tests/cmdline/davautocheck.sh?rev=1141292&r1=1141291&r2=1141292&view=diff
==============================================================================
--- subversion/trunk/subversion/tests/cmdline/davautocheck.sh (original)
+++ subversion/trunk/subversion/tests/cmdline/davautocheck.sh Wed Jun 29
22:26:46 2011
@@ -67,6 +67,9 @@
#
# To prevent the server from advertising httpv2, pass USE_HTTPV1 in
# the environment.
+#
+# To use value for "SVNPathAuthz" directive set SVN_PATH_AUTHZ with
+# appropriate value in the environment.
#
# Passing --no-tests as argv[1] will have the script start a server
# but not run any tests.
@@ -160,6 +163,12 @@ if [ ${USE_HTTPV1:+set} ]; then
ADVERTISE_V2_PROTOCOL=off
fi
+# Pick up $SVN_PATH_AUTHZ
+SVN_PATH_AUTHZ_LINE=""
+if [ ${SVN_PATH_AUTHZ:+set} ]; then
+ SVN_PATH_AUTHZ_LINE="SVNPathAuthz ${SVN_PATH_AUTHZ}"
+fi
+
# Find the source and build directories. The build dir can be found if it is
# the current working dir or the source dir.
pushd ${SCRIPTDIR}/../../../ > /dev/null
@@ -326,6 +335,7 @@ CustomLog "$HTTPD_ROOT/ops" "%
AuthUserFile $HTTPD_USERS
Require valid-user
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
+ ${SVN_PATH_AUTHZ_LINE}
</Location>
<Location /svn-test-work/local_tmp/repos>
DAV svn
@@ -336,6 +346,7 @@ CustomLog "$HTTPD_ROOT/ops" "%
AuthUserFile $HTTPD_USERS
Require valid-user
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
+ ${SVN_PATH_AUTHZ_LINE}
</Location>
RedirectMatch permanent ^/svn-test-work/repositories/REDIRECT-PERM-(.*)\$
/svn-test-work/repositories/\$1
RedirectMatch ^/svn-test-work/repositories/REDIRECT-TEMP-(.*)\$
/svn-test-work/repositories/\$1
