Author: rhuijben
Date: Wed Mar  4 17:23:46 2015
New Revision: 1664078

URL: http://svn.apache.org/r1664078
Log:
Following up on r1609499, which made all ra layers change the auth baton in a
way that affects all ra session using it, make it possible to create a slave
auth baton that shares everything with the parent baton except for the
parameters.

Each ra session gets its own slave parameters, and thereby allows
applying their own settings from the server group (and other origins),
without affecting other ra sessions.

* subversion/include/private/svn_auth_private.h
  (svn_auth__apply_config_for_server): Rename to...
  (svn_auth__make_session_auth): ... this and provide a new slave auth
    baton as output argument.

* subversion/libsvn_ra/ra_loader.c
  (svn_ra_open4): Create scratch pool. Create slave auth instance.
    Update caller.

* subversion/libsvn_ra/ra_loader.h
  (svn_ra__vtable_t.open_session): Add auth_baton argument and split pools.

* subversion/libsvn_ra/wrapper_template.h
  (compat_open): Update caller.

* subversion/libsvn_ra_local/ra_local.h
  (svn_ra_local__session_baton_t): Store auth baton directly.

* subversion/libsvn_ra_local/ra_plugin.c
  (get_username): Update auth usage.
  (svn_ra_local__open): Update arguments. Store auth baton.

* subversion/libsvn_ra_serf/ra_serf.h
  (svn_ra_serf__session_t): Store auth baton reference.

* subversion/libsvn_ra_serf/serf.c
  (load_config): Use slave auth baton.
  (svn_ra_serf__open): Update arguments. Store auth baton.
    Remove local subpool usage with scratch pool.

* subversion/libsvn_ra_serf/util.c
  (ssl_server_cert,
   handle_client_cert,
   handle_client_cert_pw,
   svn_ra_serf__credentials_callback): Use auth from session instead
     of from callbacks.

* subversion/libsvn_ra_svn/client.c
  (open_session): Update arguments. Store auth baton.
  (ra_svn_open): Add argument.
  (ra_svn_open_pool): Remove function that just doubled the pool.
  (ra_svn_vtable): Update reference.

* subversion/libsvn_ra_svn/cyrus_auth.c
  (svn_ra_svn__do_cyrus_auth): Use auth from session instead of from callbacks.

* subversion/libsvn_ra_svn/internal_auth.c
  (svn_ra_svn__do_internal_auth): Use auth from session instead of from 
callbacks.

* subversion/libsvn_ra_svn/ra_svn.h
  (svn_ra_svn__session_baton_t): Add auth baton.

* subversion/libsvn_subr/auth.c
  (svn_auth_baton_t): Add variable.
  (svn_auth_open): Document initial value.
  (auth_NULL): New constant.
  (svn_auth_set_parameter): Store value in slave parameters if that
    exists.
  (svn_auth_get_parameter): Check slave parameters before primary
    parameters.

  (svn_auth__apply_config_for_server): Rename to...
  (svn_auth__make_session_auth): ... this and create a slave auth baton
    with the new values instead of changing the passed baton.

Modified:
    subversion/trunk/subversion/include/private/svn_auth_private.h
    subversion/trunk/subversion/libsvn_ra/ra_loader.c
    subversion/trunk/subversion/libsvn_ra/ra_loader.h
    subversion/trunk/subversion/libsvn_ra/wrapper_template.h
    subversion/trunk/subversion/libsvn_ra_local/ra_local.h
    subversion/trunk/subversion/libsvn_ra_local/ra_plugin.c
    subversion/trunk/subversion/libsvn_ra_serf/ra_serf.h
    subversion/trunk/subversion/libsvn_ra_serf/serf.c
    subversion/trunk/subversion/libsvn_ra_serf/util.c
    subversion/trunk/subversion/libsvn_ra_svn/client.c
    subversion/trunk/subversion/libsvn_ra_svn/cyrus_auth.c
    subversion/trunk/subversion/libsvn_ra_svn/internal_auth.c
    subversion/trunk/subversion/libsvn_ra_svn/ra_svn.h
    subversion/trunk/subversion/libsvn_subr/auth.c

Modified: subversion/trunk/subversion/include/private/svn_auth_private.h
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/include/private/svn_auth_private.h?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/include/private/svn_auth_private.h (original)
+++ subversion/trunk/subversion/include/private/svn_auth_private.h Wed Mar  4 
17:23:46 2015
@@ -234,10 +234,12 @@ svn_auth__ssl_client_cert_pw_set(svn_boo
 /* Apply the specified configuration for connecting with SERVER_NAME
    to the auth baton */
 svn_error_t *
-svn_auth__apply_config_for_server(svn_auth_baton_t *ab,
-                                  apr_hash_t *config,
-                                  const char *server_name,
-                                  apr_pool_t *scratch_pool);
+svn_auth__make_session_auth(svn_auth_baton_t **session_auth_baton,
+                            const svn_auth_baton_t *auth_baton,
+                            apr_hash_t *config,
+                            const char *server_name,
+                            apr_pool_t *result_pool,
+                            apr_pool_t *scratch_pool);
 
 #if (defined(WIN32) && !defined(__MINGW32__)) || defined(DOXYGEN)
 /**

Modified: subversion/trunk/subversion/libsvn_ra/ra_loader.c
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra/ra_loader.c?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra/ra_loader.c (original)
+++ subversion/trunk/subversion/libsvn_ra/ra_loader.c Wed Mar  4 17:23:46 2015
@@ -266,6 +266,7 @@ svn_error_t *svn_ra_open4(svn_ra_session
                           apr_pool_t *pool)
 {
   apr_pool_t *sesspool = svn_pool_create(pool);
+  apr_pool_t *scratch_pool = svn_pool_create(sesspool);
   svn_ra_session_t *session;
   const struct ra_lib_defn *defn;
   const svn_ra__vtable_t *vtable = NULL;
@@ -275,6 +276,7 @@ svn_error_t *svn_ra_open4(svn_ra_session
 #ifdef CHOOSABLE_DAV_MODULE
   const char *http_library = DEFAULT_HTTP_LIBRARY;
 #endif
+  svn_auth_baton_t *auth_baton;
 
   /* Initialize the return variable. */
   *session_p = NULL;
@@ -290,8 +292,12 @@ svn_error_t *svn_ra_open4(svn_ra_session
                              repos_URL);
 
   if (callbacks->auth_baton)
-    SVN_ERR(svn_auth__apply_config_for_server(callbacks->auth_baton, config,
-                                              repos_URI.hostname, sesspool));
+    SVN_ERR(svn_auth__make_session_auth(&auth_baton,
+                                        callbacks->auth_baton, config,
+                                        repos_URI.hostname,
+                                        sesspool, scratch_pool));
+  else
+    auth_baton = NULL;
 
 #ifdef CHOOSABLE_DAV_MODULE
   if (config)
@@ -344,16 +350,16 @@ svn_error_t *svn_ra_open4(svn_ra_session
 
           if (! initfunc)
             SVN_ERR(load_ra_module(&initfunc, NULL, defn->ra_name,
-                                   sesspool));
+                                   scratch_pool));
           if (! initfunc)
             /* Library not found. */
             continue;
 
-          SVN_ERR(initfunc(svn_ra_version(), &vtable, sesspool));
+          SVN_ERR(initfunc(svn_ra_version(), &vtable, scratch_pool));
 
           SVN_ERR(check_ra_version(vtable->get_version(), scheme));
 
-          if (! has_scheme_of(vtable->get_schemes(sesspool), repos_URL))
+          if (! has_scheme_of(vtable->get_schemes(scratch_pool), repos_URL))
             /* Library doesn't support the scheme at runtime. */
             continue;
 
@@ -377,10 +383,12 @@ svn_error_t *svn_ra_open4(svn_ra_session
   /* Ask the library to open the session. */
   err = vtable->open_session(session, corrected_url_p,
                              repos_URL,
-                             callbacks, callback_baton, config, sesspool);
+                             callbacks, callback_baton, auth_baton,
+                             config, sesspool, scratch_pool);
 
   if (err)
     {
+      svn_pool_clear(scratch_pool);
       if (err->apr_err == SVN_ERR_RA_SESSION_URL_MISMATCH)
         return svn_error_trace(err);
 
@@ -398,7 +406,7 @@ svn_error_t *svn_ra_open4(svn_ra_session
     {
       /* *session_p = NULL; */
       *corrected_url_p = apr_pstrdup(pool, *corrected_url_p);
-      svn_pool_destroy(sesspool);
+      svn_pool_destroy(sesspool); /* Includes scratch_pool */
       return SVN_NO_ERROR;
     }
 
@@ -412,7 +420,7 @@ svn_error_t *svn_ra_open4(svn_ra_session
         {
           /* Duplicate the uuid as it is allocated in sesspool */
           repository_uuid = apr_pstrdup(pool, repository_uuid);
-          svn_pool_destroy(sesspool);
+          svn_pool_destroy(sesspool); /* includes scratch_pool */
           return svn_error_createf(SVN_ERR_RA_UUID_MISMATCH, NULL,
                                    _("Repository UUID '%s' doesn't match "
                                      "expected UUID '%s'"),
@@ -420,6 +428,7 @@ svn_error_t *svn_ra_open4(svn_ra_session
         }
     }
 
+  svn_pool_clear(scratch_pool);
   *session_p = session;
   return SVN_NO_ERROR;
 }

Modified: subversion/trunk/subversion/libsvn_ra/ra_loader.h
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra/ra_loader.h?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra/ra_loader.h (original)
+++ subversion/trunk/subversion/libsvn_ra/ra_loader.h Wed Mar  4 17:23:46 2015
@@ -61,8 +61,10 @@ typedef struct svn_ra__vtable_t {
                                const char *session_URL,
                                const svn_ra_callbacks2_t *callbacks,
                                void *callback_baton,
+                               svn_auth_baton_t *auth_baton,
                                apr_hash_t *config,
-                               apr_pool_t *pool);
+                               apr_pool_t *result_pool,
+                               apr_pool_t *scratch_pool);
   /* Backs svn_ra_dup_session */
   svn_error_t * (*dup_session)(svn_ra_session_t *new_session,
                                svn_ra_session_t *old_session,

Modified: subversion/trunk/subversion/libsvn_ra/wrapper_template.h
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra/wrapper_template.h?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra/wrapper_template.h (original)
+++ subversion/trunk/subversion/libsvn_ra/wrapper_template.h Wed Mar  4 
17:23:46 2015
@@ -91,7 +91,9 @@ static svn_error_t *compat_open(void **s
   callbacks2->progress_baton = NULL;
 
   SVN_ERR(VTBL.open_session(sess, &session_url, repos_URL,
-                            callbacks2, callback_baton, config, sesspool));
+                            callbacks2, callback_baton,
+                            callbacks ? callbacks->auth_baton : NULL,
+                            config, sesspool, sesspool));
 
   if (strcmp(repos_URL, session_url) != 0)
     {

Modified: subversion/trunk/subversion/libsvn_ra_local/ra_local.h
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_local/ra_local.h?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra_local/ra_local.h (original)
+++ subversion/trunk/subversion/libsvn_ra_local/ra_local.h Wed Mar  4 17:23:46 
2015
@@ -63,6 +63,9 @@ typedef struct svn_ra_local__session_bat
   const svn_ra_callbacks2_t *callbacks;
   void *callback_baton;
 
+  /* Slave auth baton */
+  svn_auth_baton_t *auth_baton;
+
   const char *useragent;
 } svn_ra_local__session_baton_t;
 

Modified: subversion/trunk/subversion/libsvn_ra_local/ra_plugin.c
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_local/ra_plugin.c?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra_local/ra_plugin.c (original)
+++ subversion/trunk/subversion/libsvn_ra_local/ra_plugin.c Wed Mar  4 17:23:46 
2015
@@ -86,7 +86,7 @@ get_username(svn_ra_session_t *session,
     {
       /* Get a username somehow, so we have some svn:author property to
          attach to a commit. */
-      if (sess->callbacks->auth_baton)
+      if (sess->auth_baton)
         {
           void *creds;
           svn_auth_cred_username_t *username_creds;
@@ -95,7 +95,7 @@ get_username(svn_ra_session_t *session,
           SVN_ERR(svn_auth_first_credentials(&creds, &iterstate,
                                              SVN_AUTH_CRED_USERNAME,
                                              sess->uuid, /* realmstring */
-                                             sess->callbacks->auth_baton,
+                                             sess->auth_baton,
                                              scratch_pool));
 
           /* No point in calling next_creds(), since that assumes that the
@@ -551,13 +551,16 @@ svn_ra_local__open(svn_ra_session_t *ses
                    const char *repos_URL,
                    const svn_ra_callbacks2_t *callbacks,
                    void *callback_baton,
+                   svn_auth_baton_t *auth_baton,
                    apr_hash_t *config,
-                   apr_pool_t *pool)
+                   apr_pool_t *result_pool,
+                   apr_pool_t *scratch_pool)
 {
   const char *client_string;
   svn_ra_local__session_baton_t *sess;
   const char *fs_path;
   static volatile svn_atomic_t cache_init_state = 0;
+  apr_pool_t *pool = result_pool;
 
   /* Initialise the FSFS memory cache size.  We can only do this once
      so one CONFIG will win the race and all others will be ignored
@@ -572,6 +575,7 @@ svn_ra_local__open(svn_ra_session_t *ses
   sess = apr_pcalloc(pool, sizeof(*sess));
   sess->callbacks = callbacks;
   sess->callback_baton = callback_baton;
+  sess->auth_baton = auth_baton;
 
   /* Look through the URL, figure out which part points to the
      repository, and which part is the path *within* the

Modified: subversion/trunk/subversion/libsvn_ra_serf/ra_serf.h
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_serf/ra_serf.h?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra_serf/ra_serf.h (original)
+++ subversion/trunk/subversion/libsvn_ra_serf/ra_serf.h Wed Mar  4 17:23:46 
2015
@@ -154,6 +154,7 @@ struct svn_ra_serf__session_t {
   /* Callback functions to get info from WC */
   const svn_ra_callbacks2_t *wc_callbacks;
   void *wc_callback_baton;
+  svn_auth_baton_t *auth_baton;
 
   /* Callback function to send progress info to the client */
   svn_ra_progress_notify_func_t progress_func;

Modified: subversion/trunk/subversion/libsvn_ra_serf/serf.c
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_serf/serf.c?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra_serf/serf.c (original)
+++ subversion/trunk/subversion/libsvn_ra_serf/serf.c Wed Mar  4 17:23:46 2015
@@ -180,17 +180,17 @@ load_config(svn_ra_serf__session_t *sess
   svn_config_get(config, &timeout_str, SVN_CONFIG_SECTION_GLOBAL,
                  SVN_CONFIG_OPTION_HTTP_TIMEOUT, NULL);
 
-  if (session->wc_callbacks->auth_baton)
+  if (session->auth_baton)
     {
       if (config_client)
         {
-          svn_auth_set_parameter(session->wc_callbacks->auth_baton,
+          svn_auth_set_parameter(session->auth_baton,
                                  SVN_AUTH_PARAM_CONFIG_CATEGORY_CONFIG,
                                  config_client);
         }
       if (config)
         {
-          svn_auth_set_parameter(session->wc_callbacks->auth_baton,
+          svn_auth_set_parameter(session->auth_baton,
                                  SVN_AUTH_PARAM_CONFIG_CATEGORY_SERVERS,
                                  config);
         }
@@ -255,7 +255,7 @@ load_config(svn_ra_serf__session_t *sess
                                SERF_LOG_INFO));
 #endif
 
-  server_group = svn_auth_get_parameter(session->wc_callbacks->auth_baton,
+  server_group = svn_auth_get_parameter(session->auth_baton,
                                         SVN_AUTH_PARAM_SERVER_GROUP);
 
   if (server_group)
@@ -474,15 +474,17 @@ svn_ra_serf__open(svn_ra_session_t *sess
                   const char *session_URL,
                   const svn_ra_callbacks2_t *callbacks,
                   void *callback_baton,
+                  svn_auth_baton_t *auth_baton,
                   apr_hash_t *config,
-                  apr_pool_t *pool)
+                  apr_pool_t *result_pool,
+                  apr_pool_t *scratch_pool)
 {
   apr_status_t status;
   svn_ra_serf__session_t *serf_sess;
   apr_uri_t url;
   const char *client_string = NULL;
   svn_error_t *err;
-  apr_pool_t *subpool;
+  apr_pool_t *pool = result_pool;
 
   if (corrected_url)
     *corrected_url = NULL;
@@ -495,6 +497,7 @@ svn_ra_serf__open(svn_ra_session_t *sess
     serf_sess->config = NULL;
   serf_sess->wc_callbacks = callbacks;
   serf_sess->wc_callback_baton = callback_baton;
+  serf_sess->auth_baton = auth_baton;
   serf_sess->progress_func = callbacks->progress_func;
   serf_sess->progress_baton = callbacks->progress_baton;
   serf_sess->cancel_func = callbacks->cancel_func;
@@ -586,16 +589,13 @@ svn_ra_serf__open(svn_ra_session_t *sess
      In this specific case the serf connection is cleaned up by the pool
      handlers before our handler is cleaned up (via subpools). Using a
      subpool here cleans up our handler before the connection is cleaned. */
-  subpool = svn_pool_create(pool);
-
   err = svn_ra_serf__exchange_capabilities(serf_sess, corrected_url,
-                                           pool, subpool);
+                                           pool, scratch_pool);
 
   /* serf should produce a usable error code instead of APR_EGENERAL */
   if (err && err->apr_err == APR_EGENERAL)
     err = svn_error_createf(SVN_ERR_RA_DAV_REQUEST_FAILED, err,
                             _("Connection to '%s' failed"), session_URL);
-  svn_pool_clear(subpool);
   SVN_ERR(err);
 
   /* We have set up a useful connection (that doesn't indication a redirect).
@@ -604,9 +604,7 @@ svn_ra_serf__open(svn_ra_session_t *sess
      problems in any proxy.  */
   if ((corrected_url == NULL || *corrected_url == NULL)
       && serf_sess->detect_chunking && !serf_sess->http10)
-    SVN_ERR(svn_ra_serf__probe_proxy(serf_sess, subpool));
-
-  svn_pool_destroy(subpool);
+    SVN_ERR(svn_ra_serf__probe_proxy(serf_sess, scratch_pool));
 
   return SVN_NO_ERROR;
 }

Modified: subversion/trunk/subversion/libsvn_ra_serf/util.c
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_serf/util.c?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra_serf/util.c (original)
+++ subversion/trunk/subversion/libsvn_ra_serf/util.c Wed Mar  4 17:23:46 2015
@@ -313,11 +313,11 @@ ssl_server_cert(void *baton, int failure
     {
       svn_error_t *err;
 
-      svn_auth_set_parameter(conn->session->wc_callbacks->auth_baton,
+      svn_auth_set_parameter(conn->session->auth_baton,
                              SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO,
                              &cert_info);
 
-      svn_auth_set_parameter(conn->session->wc_callbacks->auth_baton,
+      svn_auth_set_parameter(conn->session->auth_baton,
                              SVN_AUTH_PARAM_SSL_SERVER_FAILURES,
                              &svn_failures);
 
@@ -327,13 +327,13 @@ ssl_server_cert(void *baton, int failure
       err = svn_auth_first_credentials(&creds, &state,
                                        SVN_AUTH_CRED_SSL_SERVER_AUTHORITY,
                                        realmstring,
-                                       conn->session->wc_callbacks->auth_baton,
+                                       conn->session->auth_baton,
                                        scratch_pool);
 
-      svn_auth_set_parameter(conn->session->wc_callbacks->auth_baton,
+      svn_auth_set_parameter(conn->session->auth_baton,
                              SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO, NULL);
 
-      svn_auth_set_parameter(conn->session->wc_callbacks->auth_baton,
+      svn_auth_set_parameter(conn->session->auth_baton,
                              SVN_AUTH_PARAM_SSL_SERVER_FAILURES, NULL);
 
       if (err)
@@ -360,11 +360,11 @@ ssl_server_cert(void *baton, int failure
       return APR_SUCCESS;
     }
 
-  svn_auth_set_parameter(conn->session->wc_callbacks->auth_baton,
+  svn_auth_set_parameter(conn->session->auth_baton,
                          SVN_AUTH_PARAM_SSL_SERVER_FAILURES,
                          &svn_failures);
 
-  svn_auth_set_parameter(conn->session->wc_callbacks->auth_baton,
+  svn_auth_set_parameter(conn->session->auth_baton,
                          SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO,
                          &cert_info);
 
@@ -373,7 +373,7 @@ ssl_server_cert(void *baton, int failure
   SVN_ERR(svn_auth_first_credentials(&creds, &state,
                                      SVN_AUTH_CRED_SSL_SERVER_TRUST,
                                      realmstring,
-                                     conn->session->wc_callbacks->auth_baton,
+                                     conn->session->auth_baton,
                                      scratch_pool));
   if (creds)
     {
@@ -394,7 +394,7 @@ ssl_server_cert(void *baton, int failure
         }
     }
 
-  svn_auth_set_parameter(conn->session->wc_callbacks->auth_baton,
+  svn_auth_set_parameter(conn->session->auth_baton,
                          SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO, NULL);
 
   /* Are there non accepted failures left? */
@@ -648,7 +648,7 @@ handle_client_cert(void *data,
                                            &conn->ssl_client_auth_state,
                                            SVN_AUTH_CRED_SSL_CLIENT_CERT,
                                            realm,
-                                           session->wc_callbacks->auth_baton,
+                                           session->auth_baton,
                                            pool));
       }
     else
@@ -700,7 +700,7 @@ handle_client_cert_pw(void *data,
                                            &conn->ssl_client_pw_auth_state,
                                            SVN_AUTH_CRED_SSL_CLIENT_CERT_PW,
                                            cert_path,
-                                           session->wc_callbacks->auth_baton,
+                                           session->auth_baton,
                                            pool));
       }
     else
@@ -1132,7 +1132,7 @@ svn_ra_serf__credentials_callback(char *
                                            &session->auth_state,
                                            SVN_AUTH_CRED_SIMPLE,
                                            realm,
-                                           session->wc_callbacks->auth_baton,
+                                           session->auth_baton,
                                            session->pool);
         }
       else

Modified: subversion/trunk/subversion/libsvn_ra_svn/client.c
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_svn/client.c?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra_svn/client.c (original)
+++ subversion/trunk/subversion/libsvn_ra_svn/client.c Wed Mar  4 17:23:46 2015
@@ -616,7 +616,9 @@ static svn_error_t *open_session(svn_ra_
                                  apr_hash_t *config,
                                  const svn_ra_callbacks2_t *callbacks,
                                  void *callbacks_baton,
-                                 apr_pool_t *pool)
+                                 svn_auth_baton_t *auth_baton,
+                                 apr_pool_t *result_pool,
+                                 apr_pool_t *scratch_pool)
 {
   svn_ra_svn__session_baton_t *sess;
   svn_ra_svn_conn_t *conn;
@@ -624,6 +626,7 @@ static svn_error_t *open_session(svn_ra_
   apr_uint64_t minver, maxver;
   apr_array_header_t *mechlist, *server_caplist, *repos_caplist;
   const char *client_string = NULL;
+  apr_pool_t *pool = result_pool;
 
   sess = apr_palloc(pool, sizeof(*sess));
   sess->pool = pool;
@@ -636,6 +639,7 @@ static svn_error_t *open_session(svn_ra_
   sess->callbacks = callbacks;
   sess->callbacks_baton = callbacks_baton;
   sess->bytes_read = sess->bytes_written = 0;
+  sess->auth_baton = auth_baton;
 
   if (config)
     SVN_ERR(svn_config_copy_config(&sess->config, config, pool));
@@ -804,6 +808,7 @@ static svn_error_t *ra_svn_open(svn_ra_s
                                 const char *url,
                                 const svn_ra_callbacks2_t *callbacks,
                                 void *callback_baton,
+                                svn_auth_baton_t *auth_baton,
                                 apr_hash_t *config,
                                 apr_pool_t *result_pool,
                                 apr_pool_t *scratch_pool)
@@ -839,32 +844,21 @@ static svn_error_t *ra_svn_open(svn_ra_s
                ? svn_hash_gets(config, SVN_CONFIG_CATEGORY_CONFIG)
                : NULL;
   cfg = config ? svn_hash_gets(config, SVN_CONFIG_CATEGORY_SERVERS) : NULL;
-  svn_auth_set_parameter(callbacks->auth_baton,
+  svn_auth_set_parameter(auth_baton,
                          SVN_AUTH_PARAM_CONFIG_CATEGORY_CONFIG, cfg_client);
-  svn_auth_set_parameter(callbacks->auth_baton,
+  svn_auth_set_parameter(auth_baton,
                          SVN_AUTH_PARAM_CONFIG_CATEGORY_SERVERS, cfg);
 
   /* We open the session in a subpool so we can get rid of it if we
      reparent with a server that doesn't support reparenting. */
   SVN_ERR(open_session(&sess, url, &uri, tunnel, tunnel_argv, config,
-                       callbacks, callback_baton, sess_pool));
+                       callbacks, callback_baton,
+                       auth_baton, sess_pool, scratch_pool));
   session->priv = sess;
 
   return SVN_NO_ERROR;
 }
 
-static svn_error_t *ra_svn_open_pool(svn_ra_session_t *session,
-                                     const char **corrected_url,
-                                     const char *url,
-                                     const svn_ra_callbacks2_t *callbacks,
-                                     void *callback_baton,
-                                     apr_hash_t *config,
-                                     apr_pool_t *pool)
-{
-  return ra_svn_open(session, corrected_url, url, callbacks, callback_baton,
-                     config, pool, pool);
-}
-
 static svn_error_t *ra_svn_dup_session(svn_ra_session_t *new_session,
                                        svn_ra_session_t *old_session,
                                        const char *new_session_url,
@@ -875,7 +869,7 @@ static svn_error_t *ra_svn_dup_session(s
 
   SVN_ERR(ra_svn_open(new_session, NULL, new_session_url,
                       old_sess->callbacks, old_sess->callbacks_baton,
-                      old_sess->config,
+                      old_sess->auth_baton, old_sess->config,
                       result_pool, scratch_pool));
 
   return SVN_NO_ERROR;
@@ -912,7 +906,7 @@ static svn_error_t *ra_svn_reparent(svn_
   if (! err)
     err = open_session(&new_sess, url, &uri, sess->tunnel_name, 
sess->tunnel_argv,
                        sess->config, sess->callbacks, sess->callbacks_baton,
-                       sess_pool);
+                       sess->auth_baton, sess_pool, sess_pool);
   /* We destroy the new session pool on error, since it is allocated in
      the main session pool. */
   if (err)
@@ -2872,7 +2866,7 @@ static const svn_ra__vtable_t ra_svn_vta
   svn_ra_svn_version,
   ra_svn_get_description,
   ra_svn_get_schemes,
-  ra_svn_open_pool,
+  ra_svn_open,
   ra_svn_dup_session,
   ra_svn_reparent,
   ra_svn_get_session_url,

Modified: subversion/trunk/subversion/libsvn_ra_svn/cyrus_auth.c
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_svn/cyrus_auth.c?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra_svn/cyrus_auth.c (original)
+++ subversion/trunk/subversion/libsvn_ra_svn/cyrus_auth.c Wed Mar  4 17:23:46 
2015
@@ -867,7 +867,7 @@ svn_ra_svn__do_cyrus_auth(svn_ra_svn__se
   realmstring = apr_psprintf(pool, "%s %s", sess->realm_prefix, realm);
 
   /* Initialize the credential baton. */
-  cred_baton.auth_baton = sess->callbacks->auth_baton;
+  cred_baton.auth_baton = sess->auth_baton;
   cred_baton.realmstring = realmstring;
   cred_baton.pool = pool;
 

Modified: subversion/trunk/subversion/libsvn_ra_svn/internal_auth.c
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_svn/internal_auth.c?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra_svn/internal_auth.c (original)
+++ subversion/trunk/subversion/libsvn_ra_svn/internal_auth.c Wed Mar  4 
17:23:46 2015
@@ -95,7 +95,7 @@ svn_ra_svn__do_internal_auth(svn_ra_svn_
     {
       SVN_ERR(svn_auth_first_credentials(&creds, &iterstate,
                                          SVN_AUTH_CRED_SIMPLE, realmstring,
-                                         sess->callbacks->auth_baton, pool));
+                                         sess->auth_baton, pool));
       if (!creds)
         return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
                                 _("Can't get password"));

Modified: subversion/trunk/subversion/libsvn_ra_svn/ra_svn.h
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_svn/ra_svn.h?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra_svn/ra_svn.h (original)
+++ subversion/trunk/subversion/libsvn_ra_svn/ra_svn.h Wed Mar  4 17:23:46 2015
@@ -123,6 +123,7 @@ struct svn_ra_svn__session_baton_t {
   apr_pool_t *pool;
   svn_ra_svn_conn_t *conn;
   svn_boolean_t is_tunneled;
+  svn_auth_baton_t *auth_baton;
   const char *url;
   const char *user;
   const char *hostname; /* The remote hostname. */

Modified: subversion/trunk/subversion/libsvn_subr/auth.c
URL: 
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/auth.c?rev=1664078&r1=1664077&r2=1664078&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_subr/auth.c (original)
+++ subversion/trunk/subversion/libsvn_subr/auth.c Wed Mar  4 17:23:46 2015
@@ -109,10 +109,10 @@ struct svn_auth_baton_t
 
   /* run-time parameters needed by providers. */
   apr_hash_t *parameters;
+  apr_hash_t *slave_parameters;
 
   /* run-time credentials cache. */
   apr_hash_t *creds_cache;
-
 };
 
 /* Abstracted iteration baton */
@@ -142,6 +142,7 @@ svn_auth_open(svn_auth_baton_t **auth_ba
   ab = apr_pcalloc(pool, sizeof(*ab));
   ab->tables = apr_hash_make(pool);
   ab->parameters = apr_hash_make(pool);
+  /* ab->slave_parameters = NULL; */
   ab->creds_cache = apr_hash_make(pool);
   ab->pool = pool;
 
@@ -170,7 +171,8 @@ svn_auth_open(svn_auth_baton_t **auth_ba
   *auth_baton = ab;
 }
 
-
+/* Magic pointer value to allow storing 'NULL' in an apr_hash_t */
+static const void *auth_NULL = NULL;
 
 void
 svn_auth_set_parameter(svn_auth_baton_t *auth_baton,
@@ -178,17 +180,36 @@ svn_auth_set_parameter(svn_auth_baton_t
                        const void *value)
 {
   if (auth_baton)
-    svn_hash_sets(auth_baton->parameters, name, value);
+    {
+      if (auth_baton->slave_parameters)
+        {
+          if (!value)
+            value = &auth_NULL;
+
+          svn_hash_sets(auth_baton->slave_parameters, name, value);
+        }
+      else
+        svn_hash_sets(auth_baton->parameters, name, value);
+    }
 }
 
 const void *
 svn_auth_get_parameter(svn_auth_baton_t *auth_baton,
                        const char *name)
 {
-  if (auth_baton)
-    return svn_hash_gets(auth_baton->parameters, name);
-  else
+  const void *value;
+  if (!auth_baton)
     return NULL;
+  else if (!auth_baton->slave_parameters)
+    return svn_hash_gets(auth_baton->parameters, name);
+
+  value = svn_hash_gets(auth_baton->slave_parameters, name);
+
+  if (value)
+    return (value == &auth_NULL) ? NULL
+                                : value;
+
+  return svn_hash_gets(auth_baton->parameters, name);
 }
 
 
@@ -687,10 +708,12 @@ svn_auth_get_platform_specific_client_pr
 }
 
 svn_error_t *
-svn_auth__apply_config_for_server(svn_auth_baton_t *auth_baton,
-                                  apr_hash_t *config,
-                                  const char *server_name,
-                                  apr_pool_t *scratch_pool)
+svn_auth__make_session_auth(svn_auth_baton_t **session_auth_baton,
+                            svn_auth_baton_t *auth_baton,
+                            apr_hash_t *config,
+                            const char *server_name,
+                            apr_pool_t *result_pool,
+                            apr_pool_t *scratch_pool)
 {
   svn_boolean_t store_passwords = SVN_CONFIG_DEFAULT_OPTION_STORE_PASSWORDS;
   svn_boolean_t store_auth_creds = SVN_CONFIG_DEFAULT_OPTION_STORE_AUTH_CREDS;
@@ -702,6 +725,12 @@ svn_auth__apply_config_for_server(svn_au
   svn_config_t *servers = NULL;
   const char *server_group = NULL;
 
+  struct svn_auth_baton_t *ab;
+
+  ab = apr_pmemdup(result_pool, auth_baton, sizeof(*ab));
+
+  ab->slave_parameters = apr_hash_make(result_pool);
+
   /* The 'store-passwords' and 'store-auth-creds' parameters used to
   * live in SVN_CONFIG_CATEGORY_CONFIG. For backward compatibility,
   * if values for these parameters have already been set by our
@@ -716,11 +745,11 @@ svn_auth__apply_config_for_server(svn_au
   * "store-auth-creds = yes" -- they'll get the expected behaviour.
   */
 
-  if (svn_auth_get_parameter(auth_baton,
+  if (svn_auth_get_parameter(ab,
                               SVN_AUTH_PARAM_DONT_STORE_PASSWORDS) != NULL)
     store_passwords = FALSE;
 
-  if (svn_auth_get_parameter(auth_baton,
+  if (svn_auth_get_parameter(ab,
                               SVN_AUTH_PARAM_NO_AUTH_CACHE) != NULL)
     store_auth_creds = FALSE;
 
@@ -806,46 +835,32 @@ svn_auth__apply_config_for_server(svn_au
 
   /* Save auth caching parameters in the auth parameter hash. */
   if (! store_passwords)
-    svn_auth_set_parameter(auth_baton,
+    svn_auth_set_parameter(ab,
                            SVN_AUTH_PARAM_DONT_STORE_PASSWORDS, "");
 
-  svn_auth_set_parameter(auth_baton,
+  svn_auth_set_parameter(ab,
                          SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS,
                          store_plaintext_passwords);
 
   if (! store_pp)
-    svn_auth_set_parameter(auth_baton,
+    svn_auth_set_parameter(ab,
                            SVN_AUTH_PARAM_DONT_STORE_SSL_CLIENT_CERT_PP,
                            "");
 
-  svn_auth_set_parameter(auth_baton,
+  svn_auth_set_parameter(ab,
                          SVN_AUTH_PARAM_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT,
                          store_pp_plaintext);
 
   if (! store_auth_creds)
-    svn_auth_set_parameter(auth_baton,
-                            SVN_AUTH_PARAM_NO_AUTH_CACHE, "");
+    svn_auth_set_parameter(ab,
+                           SVN_AUTH_PARAM_NO_AUTH_CACHE, "");
 
-  /* ### This setting may have huge side-effects when the auth baton is shared
-     ### between different ra sessions, as it will change which server settings
-     ### will be used for all future auth requests.
-     ###
-     ### E.g. when you connect using a ssl client cert that is specified in the
-     ### config file, you might have it when you first connect... but if you
-     ### then connect to another repository, you might not see the same
-     ### settings when the SSL connection is built up again later on.
-     ###
-     ### Most current usages should probably have been keyed on the realm
-     ### string instead of this magic flag that changes when multiple 
repositories
-     ### are used.
-     ###
-     ### This especially affects long living ra sessions, such as those on the
-     ### reuse-ra-session branch.
-   */
   if (server_group)
-    svn_auth_set_parameter(auth_baton,
+    svn_auth_set_parameter(ab,
                            SVN_AUTH_PARAM_SERVER_GROUP,
-                           apr_pstrdup(auth_baton->pool, server_group));
+                           apr_pstrdup(ab->pool, server_group));
+
+  *session_auth_baton = ab;
 
   return SVN_NO_ERROR;
 }


Reply via email to