Author: svn-role Date: Wed Mar 30 05:41:48 2022 New Revision: 1899374 URL: http://svn.apache.org/viewvc?rev=1899374&view=rev Log: Merge the 1.14.x-r1899227 branch:
* r1899227 Don't show unreadable copyfrom paths in 'svn log -v' Justification: Makes 'svn log -v' consistent with spec. Branch: 1.14.x-r1899227 Votes: +1: hartmannathan, dsahlberg, rhuijben Modified: subversion/branches/1.14.x/ (props changed) subversion/branches/1.14.x/STATUS subversion/branches/1.14.x/subversion/libsvn_repos/log.c subversion/branches/1.14.x/subversion/tests/cmdline/authz_tests.py Propchange: subversion/branches/1.14.x/ ------------------------------------------------------------------------------ Merged /subversion/trunk:r1899227 Merged /subversion/branches/1.14.x-r1899227:r1899228-1899373 Modified: subversion/branches/1.14.x/STATUS URL: http://svn.apache.org/viewvc/subversion/branches/1.14.x/STATUS?rev=1899374&r1=1899373&r2=1899374&view=diff ============================================================================== --- subversion/branches/1.14.x/STATUS (original) +++ subversion/branches/1.14.x/STATUS Wed Mar 30 05:41:48 2022 @@ -45,15 +45,6 @@ Veto-blocked changes: Approved changes: ================= - * r1899227 - Don't show unreadable copyfrom paths in 'svn log -v' - Justification: - Makes 'svn log -v' consistent with spec. - Branch: - 1.14.x-r1899227 - Votes: - +1: hartmannathan, dsahlberg, rhuijben - * r1898633 Fix sporadic testCrash_RequestChannel_nativeRead_AfterException failure Justification: Modified: subversion/branches/1.14.x/subversion/libsvn_repos/log.c URL: http://svn.apache.org/viewvc/subversion/branches/1.14.x/subversion/libsvn_repos/log.c?rev=1899374&r1=1899373&r2=1899374&view=diff ============================================================================== --- subversion/branches/1.14.x/subversion/libsvn_repos/log.c (original) +++ subversion/branches/1.14.x/subversion/libsvn_repos/log.c Wed Mar 30 05:41:48 2022 @@ -337,42 +337,36 @@ detect_changed(svn_repos_revision_access if ( (change->change_kind == svn_fs_path_change_add) || (change->change_kind == svn_fs_path_change_replace)) { - const char *copyfrom_path = change->copyfrom_path; - svn_revnum_t copyfrom_rev = change->copyfrom_rev; - /* the following is a potentially expensive operation since on FSFS we will follow the DAG from ROOT to PATH and that requires actually reading the directories along the way. */ if (!change->copyfrom_known) { - SVN_ERR(svn_fs_copied_from(©from_rev, ©from_path, + SVN_ERR(svn_fs_copied_from(&change->copyfrom_rev, &change->copyfrom_path, root, path, iterpool)); change->copyfrom_known = TRUE; } - if (copyfrom_path && SVN_IS_VALID_REVNUM(copyfrom_rev)) + if (change->copyfrom_path && SVN_IS_VALID_REVNUM(change->copyfrom_rev)) { - svn_boolean_t readable = TRUE; - if (callbacks->authz_read_func) { svn_fs_root_t *copyfrom_root; + svn_boolean_t readable; SVN_ERR(svn_fs_revision_root(©from_root, fs, - copyfrom_rev, iterpool)); + change->copyfrom_rev, iterpool)); SVN_ERR(callbacks->authz_read_func(&readable, copyfrom_root, - copyfrom_path, + change->copyfrom_path, callbacks->authz_read_baton, iterpool)); if (! readable) - found_unreadable = TRUE; - } - - if (readable) - { - change->copyfrom_path = copyfrom_path; - change->copyfrom_rev = copyfrom_rev; + { + found_unreadable = TRUE; + change->copyfrom_path = NULL; + change->copyfrom_rev = SVN_INVALID_REVNUM; + } } } } Modified: subversion/branches/1.14.x/subversion/tests/cmdline/authz_tests.py URL: http://svn.apache.org/viewvc/subversion/branches/1.14.x/subversion/tests/cmdline/authz_tests.py?rev=1899374&r1=1899373&r2=1899374&view=diff ============================================================================== --- subversion/branches/1.14.x/subversion/tests/cmdline/authz_tests.py (original) +++ subversion/branches/1.14.x/subversion/tests/cmdline/authz_tests.py Wed Mar 30 05:41:48 2022 @@ -1731,6 +1731,60 @@ def empty_group(sbox): '--username', svntest.main.wc_author, sbox.repo_url) +@Skip(svntest.main.is_ra_type_file) +def log_inaccessible_copyfrom(sbox): + "log doesn't leak inaccessible copyfrom paths" + + sbox.build(empty=True) + sbox.simple_add_text('secret', 'private') + sbox.simple_commit(message='log message for r1') + sbox.simple_copy('private', 'public') + sbox.simple_commit(message='log message for r2') + + svntest.actions.enable_revprop_changes(sbox.repo_dir) + # Remove svn:date and svn:author for predictable output. + svntest.actions.run_and_verify_svn(None, [], 'propdel', '--revprop', + '-r2', 'svn:date', sbox.repo_url) + svntest.actions.run_and_verify_svn(None, [], 'propdel', '--revprop', + '-r2', 'svn:author', sbox.repo_url) + + write_restrictive_svnserve_conf(sbox.repo_dir) + + # First test with blanket access. + write_authz_file(sbox, + {"/" : "* = rw"}) + expected_output = svntest.verify.ExpectedOutput([ + "------------------------------------------------------------------------\n", + "r2 | (no author) | (no date) | 1 line\n", + "Changed paths:\n", + " A /public (from /private:1)\n", + "\n", + "log message for r2\n", + "------------------------------------------------------------------------\n", + ]) + svntest.actions.run_and_verify_svn(expected_output, [], + 'log', '-r2', '-v', + sbox.repo_url) + + # Now test with an inaccessible copy source (/private). + write_authz_file(sbox, + {"/" : "* = rw"}, + {"/private" : "* ="}) + expected_output = svntest.verify.ExpectedOutput([ + "------------------------------------------------------------------------\n", + "r2 | (no author) | (no date) | 1 line\n", + "Changed paths:\n", + # The copy is shown as a plain add with no copyfrom info. + " A /public\n", + "\n", + # No log message, as the revision is only partially visible. + "\n", + "------------------------------------------------------------------------\n", + ]) + svntest.actions.run_and_verify_svn(expected_output, [], + 'log', '-r2', '-v', + sbox.repo_url) + ######################################################################## # Run the tests @@ -1771,6 +1825,7 @@ test_list = [ None, inverted_group_membership, group_member_empty_string, empty_group, + log_inaccessible_copyfrom, ] serial_only = True