Author: rhuijben
Date: Sun Feb 8 00:40:19 2015
New Revision: 1658119
URL: http://svn.apache.org/r1658119
Log:
Move some code that should be applied to the auth baton once and only partially
updated per ra-session from the ra_loader's per session init to a private helper
function in the auth layer.
Except for the pool lifetime fix for the server group no functional changes.
* subversion/include/private/svn_auth_private.h
(svn_auth__apply_config_for_server): New function.
* subversion/libsvn_ra/ra_loader.c
(includes): Add svn_auth_private.h.
(svn_ra_open4): Extract auth specific code to
svn_auth__apply_config_for_server().
* subversion/libsvn_subr/auth.c
(svn_auth__apply_config_for_server): New function, extracted from
svn_ra_open4. Duplicate server_group in the right pool.
Modified:
subversion/trunk/subversion/include/private/svn_auth_private.h
subversion/trunk/subversion/libsvn_ra/ra_loader.c
subversion/trunk/subversion/libsvn_subr/auth.c
Modified: subversion/trunk/subversion/include/private/svn_auth_private.h
URL:
http://svn.apache.org/viewvc/subversion/trunk/subversion/include/private/svn_auth_private.h?rev=1658119&r1=1658118&r2=1658119&view=diff
==============================================================================
--- subversion/trunk/subversion/include/private/svn_auth_private.h (original)
+++ subversion/trunk/subversion/include/private/svn_auth_private.h Sun Feb 8
00:40:19 2015
@@ -231,6 +231,14 @@ svn_auth__ssl_client_cert_pw_set(svn_boo
svn_boolean_t non_interactive,
apr_pool_t *pool);
+/* Apply the specified configuration for connecting with SERVER_NAME
+ to the auth baton */
+svn_error_t *
+svn_auth__apply_config_for_server(svn_auth_baton_t *ab,
+ apr_hash_t *config,
+ const char *server_name,
+ apr_pool_t *scratch_pool);
+
#if (defined(WIN32) && !defined(__MINGW32__)) || defined(DOXYGEN)
/**
* Set @a *provider to an authentication provider that implements
Modified: subversion/trunk/subversion/libsvn_ra/ra_loader.c
URL:
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra/ra_loader.c?rev=1658119&r1=1658118&r2=1658119&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra/ra_loader.c (original)
+++ subversion/trunk/subversion/libsvn_ra/ra_loader.c Sun Feb 8 00:40:19 2015
@@ -52,6 +52,7 @@
#include "ra_loader.h"
#include "deprecated.h"
+#include "private/svn_auth_private.h"
#include "private/svn_ra_private.h"
#include "svn_private_config.h"
@@ -263,22 +264,12 @@ svn_error_t *svn_ra_open4(svn_ra_session
svn_ra_session_t *session;
const struct ra_lib_defn *defn;
const svn_ra__vtable_t *vtable = NULL;
- svn_config_t *servers = NULL;
- const char *server_group = NULL;
apr_uri_t repos_URI;
apr_status_t apr_err;
svn_error_t *err;
#ifdef CHOOSABLE_DAV_MODULE
const char *http_library = DEFAULT_HTTP_LIBRARY;
#endif
- /* Auth caching parameters. */
- svn_boolean_t store_passwords = SVN_CONFIG_DEFAULT_OPTION_STORE_PASSWORDS;
- svn_boolean_t store_auth_creds = SVN_CONFIG_DEFAULT_OPTION_STORE_AUTH_CREDS;
- const char *store_plaintext_passwords
- = SVN_CONFIG_DEFAULT_OPTION_STORE_PLAINTEXT_PASSWORDS;
- svn_boolean_t store_pp = SVN_CONFIG_DEFAULT_OPTION_STORE_SSL_CLIENT_CERT_PP;
- const char *store_pp_plaintext
- = SVN_CONFIG_DEFAULT_OPTION_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT;
/* Initialize the return variable. */
*session_p = NULL;
@@ -294,100 +285,27 @@ svn_error_t *svn_ra_open4(svn_ra_session
repos_URL);
if (callbacks->auth_baton)
- {
- /* The 'store-passwords' and 'store-auth-creds' parameters used to
- * live in SVN_CONFIG_CATEGORY_CONFIG. For backward compatibility,
- * if values for these parameters have already been set by our
- * callers, we use those values as defaults.
- *
- * Note that we can only catch the case where users explicitly set
- * "store-passwords = no" or 'store-auth-creds = no".
- *
- * However, since the default value for both these options is
- * currently (and has always been) "yes", users won't know
- * the difference if they set "store-passwords = yes" or
- * "store-auth-creds = yes" -- they'll get the expected behaviour.
- */
-
- if (svn_auth_get_parameter(callbacks->auth_baton,
- SVN_AUTH_PARAM_DONT_STORE_PASSWORDS) != NULL)
- store_passwords = FALSE;
-
- if (svn_auth_get_parameter(callbacks->auth_baton,
- SVN_AUTH_PARAM_NO_AUTH_CACHE) != NULL)
- store_auth_creds = FALSE;
- }
+ SVN_ERR(svn_auth__apply_config_for_server(callbacks->auth_baton, config,
+ repos_URI.hostname, sesspool));
+#ifdef CHOOSABLE_DAV_MODULE
if (config)
{
+ svn_config_t *servers = NULL;
+ const char *server_group = NULL;
+
/* Grab the 'servers' config. */
servers = svn_hash_gets(config, SVN_CONFIG_CATEGORY_SERVERS);
if (servers)
{
/* First, look in the global section. */
- SVN_ERR(svn_config_get_bool
- (servers, &store_passwords, SVN_CONFIG_SECTION_GLOBAL,
- SVN_CONFIG_OPTION_STORE_PASSWORDS,
- store_passwords));
-
- SVN_ERR(svn_config_get_yes_no_ask
- (servers, &store_plaintext_passwords, SVN_CONFIG_SECTION_GLOBAL,
- SVN_CONFIG_OPTION_STORE_PLAINTEXT_PASSWORDS,
- SVN_CONFIG_DEFAULT_OPTION_STORE_PLAINTEXT_PASSWORDS));
-
- SVN_ERR(svn_config_get_bool
- (servers, &store_pp, SVN_CONFIG_SECTION_GLOBAL,
- SVN_CONFIG_OPTION_STORE_SSL_CLIENT_CERT_PP,
- store_pp));
-
- SVN_ERR(svn_config_get_yes_no_ask
- (servers, &store_pp_plaintext,
- SVN_CONFIG_SECTION_GLOBAL,
- SVN_CONFIG_OPTION_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT,
- SVN_CONFIG_DEFAULT_OPTION_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT));
-
- SVN_ERR(svn_config_get_bool
- (servers, &store_auth_creds, SVN_CONFIG_SECTION_GLOBAL,
- SVN_CONFIG_OPTION_STORE_AUTH_CREDS,
- store_auth_creds));
-
/* Find out where we're about to connect to, and
* try to pick a server group based on the destination. */
server_group = svn_config_find_group(servers, repos_URI.hostname,
SVN_CONFIG_SECTION_GROUPS,
sesspool);
- if (server_group)
- {
- /* Override global auth caching parameters with the ones
- * for the server group, if any. */
- SVN_ERR(svn_config_get_bool(servers, &store_auth_creds,
- server_group,
- SVN_CONFIG_OPTION_STORE_AUTH_CREDS,
- store_auth_creds));
-
- SVN_ERR(svn_config_get_bool(servers, &store_passwords,
- server_group,
- SVN_CONFIG_OPTION_STORE_PASSWORDS,
- store_passwords));
-
- SVN_ERR(svn_config_get_yes_no_ask
- (servers, &store_plaintext_passwords, server_group,
- SVN_CONFIG_OPTION_STORE_PLAINTEXT_PASSWORDS,
- store_plaintext_passwords));
-
- SVN_ERR(svn_config_get_bool
- (servers, &store_pp,
- server_group, SVN_CONFIG_OPTION_STORE_SSL_CLIENT_CERT_PP,
- store_pp));
-
- SVN_ERR(svn_config_get_yes_no_ask
- (servers, &store_pp_plaintext, server_group,
- SVN_CONFIG_OPTION_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT,
- store_pp_plaintext));
- }
-#ifdef CHOOSABLE_DAV_MODULE
/* Now, which DAV-based RA method do we want to use today? */
http_library
= svn_config_get_server_setting(servers,
@@ -400,38 +318,9 @@ svn_error_t *svn_ra_open4(svn_ra_session
_("Invalid config: unknown HTTP library "
"'%s'"),
http_library);
-#endif
}
}
-
- if (callbacks->auth_baton)
- {
- /* Save auth caching parameters in the auth parameter hash. */
- if (! store_passwords)
- svn_auth_set_parameter(callbacks->auth_baton,
- SVN_AUTH_PARAM_DONT_STORE_PASSWORDS, "");
-
- svn_auth_set_parameter(callbacks->auth_baton,
- SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS,
- store_plaintext_passwords);
-
- if (! store_pp)
- svn_auth_set_parameter(callbacks->auth_baton,
- SVN_AUTH_PARAM_DONT_STORE_SSL_CLIENT_CERT_PP,
- "");
-
- svn_auth_set_parameter(callbacks->auth_baton,
- SVN_AUTH_PARAM_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT,
- store_pp_plaintext);
-
- if (! store_auth_creds)
- svn_auth_set_parameter(callbacks->auth_baton,
- SVN_AUTH_PARAM_NO_AUTH_CACHE, "");
-
- if (server_group)
- svn_auth_set_parameter(callbacks->auth_baton,
- SVN_AUTH_PARAM_SERVER_GROUP, server_group);
- }
+#endif
/* Find the library. */
for (defn = ra_libraries; defn->ra_name != NULL; ++defn)
Modified: subversion/trunk/subversion/libsvn_subr/auth.c
URL:
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/auth.c?rev=1658119&r1=1658118&r2=1658119&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_subr/auth.c (original)
+++ subversion/trunk/subversion/libsvn_subr/auth.c Sun Feb 8 00:40:19 2015
@@ -685,3 +685,143 @@ svn_auth_get_platform_specific_client_pr
return SVN_NO_ERROR;
}
+
+svn_error_t *
+svn_auth__apply_config_for_server(svn_auth_baton_t *auth_baton,
+ apr_hash_t *config,
+ const char *server_name,
+ apr_pool_t *scratch_pool)
+{
+ svn_boolean_t store_passwords = SVN_CONFIG_DEFAULT_OPTION_STORE_PASSWORDS;
+ svn_boolean_t store_auth_creds = SVN_CONFIG_DEFAULT_OPTION_STORE_AUTH_CREDS;
+ const char *store_plaintext_passwords
+ = SVN_CONFIG_DEFAULT_OPTION_STORE_PLAINTEXT_PASSWORDS;
+ svn_boolean_t store_pp = SVN_CONFIG_DEFAULT_OPTION_STORE_SSL_CLIENT_CERT_PP;
+ const char *store_pp_plaintext
+ = SVN_CONFIG_DEFAULT_OPTION_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT;
+ svn_config_t *servers = NULL;
+ const char *server_group = NULL;
+
+ /* The 'store-passwords' and 'store-auth-creds' parameters used to
+ * live in SVN_CONFIG_CATEGORY_CONFIG. For backward compatibility,
+ * if values for these parameters have already been set by our
+ * callers, we use those values as defaults.
+ *
+ * Note that we can only catch the case where users explicitly set
+ * "store-passwords = no" or 'store-auth-creds = no".
+ *
+ * However, since the default value for both these options is
+ * currently (and has always been) "yes", users won't know
+ * the difference if they set "store-passwords = yes" or
+ * "store-auth-creds = yes" -- they'll get the expected behaviour.
+ */
+
+ if (svn_auth_get_parameter(auth_baton,
+ SVN_AUTH_PARAM_DONT_STORE_PASSWORDS) != NULL)
+ store_passwords = FALSE;
+
+ if (svn_auth_get_parameter(auth_baton,
+ SVN_AUTH_PARAM_NO_AUTH_CACHE) != NULL)
+ store_auth_creds = FALSE;
+
+ if (config)
+ {
+ /* Grab the 'servers' config. */
+ servers = svn_hash_gets(config, SVN_CONFIG_CATEGORY_SERVERS);
+ if (servers)
+ {
+ /* First, look in the global section. */
+
+ SVN_ERR(svn_config_get_bool
+ (servers, &store_passwords, SVN_CONFIG_SECTION_GLOBAL,
+ SVN_CONFIG_OPTION_STORE_PASSWORDS,
+ store_passwords));
+
+ SVN_ERR(svn_config_get_yes_no_ask
+ (servers, &store_plaintext_passwords, SVN_CONFIG_SECTION_GLOBAL,
+ SVN_CONFIG_OPTION_STORE_PLAINTEXT_PASSWORDS,
+ SVN_CONFIG_DEFAULT_OPTION_STORE_PLAINTEXT_PASSWORDS));
+
+ SVN_ERR(svn_config_get_bool
+ (servers, &store_pp, SVN_CONFIG_SECTION_GLOBAL,
+ SVN_CONFIG_OPTION_STORE_SSL_CLIENT_CERT_PP,
+ store_pp));
+
+ SVN_ERR(svn_config_get_yes_no_ask
+ (servers, &store_pp_plaintext,
+ SVN_CONFIG_SECTION_GLOBAL,
+ SVN_CONFIG_OPTION_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT,
+ SVN_CONFIG_DEFAULT_OPTION_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT));
+
+ SVN_ERR(svn_config_get_bool
+ (servers, &store_auth_creds, SVN_CONFIG_SECTION_GLOBAL,
+ SVN_CONFIG_OPTION_STORE_AUTH_CREDS,
+ store_auth_creds));
+
+ /* Find out where we're about to connect to, and
+ * try to pick a server group based on the destination. */
+ server_group = svn_config_find_group(servers, server_name,
+ SVN_CONFIG_SECTION_GROUPS,
+ scratch_pool);
+
+ if (server_group)
+ {
+ /* Override global auth caching parameters with the ones
+ * for the server group, if any. */
+ SVN_ERR(svn_config_get_bool(servers, &store_auth_creds,
+ server_group,
+ SVN_CONFIG_OPTION_STORE_AUTH_CREDS,
+ store_auth_creds));
+
+ SVN_ERR(svn_config_get_bool(servers, &store_passwords,
+ server_group,
+ SVN_CONFIG_OPTION_STORE_PASSWORDS,
+ store_passwords));
+
+ SVN_ERR(svn_config_get_yes_no_ask
+ (servers, &store_plaintext_passwords, server_group,
+ SVN_CONFIG_OPTION_STORE_PLAINTEXT_PASSWORDS,
+ store_plaintext_passwords));
+
+ SVN_ERR(svn_config_get_bool
+ (servers, &store_pp,
+ server_group, SVN_CONFIG_OPTION_STORE_SSL_CLIENT_CERT_PP,
+ store_pp));
+
+ SVN_ERR(svn_config_get_yes_no_ask
+ (servers, &store_pp_plaintext, server_group,
+ SVN_CONFIG_OPTION_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT,
+ store_pp_plaintext));
+ }
+ }
+ }
+
+ /* Save auth caching parameters in the auth parameter hash. */
+ if (! store_passwords)
+ svn_auth_set_parameter(auth_baton,
+ SVN_AUTH_PARAM_DONT_STORE_PASSWORDS, "");
+
+ svn_auth_set_parameter(auth_baton,
+ SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS,
+ store_plaintext_passwords);
+
+ if (! store_pp)
+ svn_auth_set_parameter(auth_baton,
+ SVN_AUTH_PARAM_DONT_STORE_SSL_CLIENT_CERT_PP,
+ "");
+
+ svn_auth_set_parameter(auth_baton,
+ SVN_AUTH_PARAM_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT,
+ store_pp_plaintext);
+
+ if (! store_auth_creds)
+ svn_auth_set_parameter(auth_baton,
+ SVN_AUTH_PARAM_NO_AUTH_CACHE, "");
+
+ if (server_group)
+ svn_auth_set_parameter(auth_baton,
+ SVN_AUTH_PARAM_SERVER_GROUP,
+ apr_pstrdup(auth_baton->pool, server_group));
+
+ return SVN_NO_ERROR;
+}
