dav_svn_get_repos_path(request_rec *r, const char *root_path, const char **repos_path) { const char *fs_path; const char *fs_parent_path; const char *repos_name; const char *ignored_path_in_repos; const char *ignored_cleaned_uri; const char *ignored_relative; int ignored_had_slash; dav_error *derr; /* Handle the SVNPath case. */ fs_path = dav_svn__get_fs_path(r); if (fs_path != NULL) { *repos_path = fs_path; return NULL; } /* Handle the SVNParentPath case. If neither directive was used, dav_svn_split_uri will throw a suitable error for us - we do not need to check that here. */ fs_parent_path = dav_svn__get_fs_parent_path(r); /* Split the svn URI to get the name of the repository below the parent path. */ derr = dav_svn_split_uri(r, r->uri, root_path, &ignored_cleaned_uri, &ignored_had_slash, &repos_name, &ignored_relative, &ignored_path_in_repos); if (derr) return derr; /* Construct the full path from the parent path base directory and the repository name. */ *repos_path = svn_dirent_join(fs_parent_path, repos_name, r->pool); return NULL; }
/* Fill the filename on the request with a bogus path since we aren't serving * a file off the disk. This means that <Directory> blocks will not match and * that %f in logging formats will show as "svn:/path/to/repo/path/in/repo". */ static int dav_svn__translate_name(request_rec *r) { const char *fs_path, *repos_basename, *repos_path, *slash; const char *ignore_cleaned_uri, *ignore_relative_path; int ignore_had_slash; dir_conf_t *conf = ap_get_module_config(r->per_dir_config, &dav_svn_module); /* module is not configured, bail out early */ if (!conf->fs_path && !conf->fs_parent_path) return DECLINED; if (dav_svn__is_parentpath_list(r)) { /* SVNListParentPath is on and the request is for the conf->root_dir, * so just set the repos_basename to an empty string and the repos_path * to NULL so we end up just reporting our parent path as the bogus * path. */ repos_basename = ""; repos_path = NULL; } else { /* Retrieve path to repo and within repo for the request */ dav_error *err = dav_svn_split_uri(r, r->uri, conf->root_dir, &ignore_cleaned_uri, &ignore_had_slash, &repos_basename, &ignore_relative_path, &repos_path); if (err) { dav_svn__log_err(r, err, APLOG_ERR); return err->status; } } if (conf->fs_parent_path) { fs_path = svn_dirent_join(conf->fs_parent_path, repos_basename, r->pool); } else { fs_path = conf->fs_path; } /* Avoid a trailing slash on the bogus path when repos_path is just "/" and * ensure that there is always a slash between fs_path and repos_path as * long as the repos_path is not an empty path. */ slash = ""; if (repos_path) { if ('/' == repos_path[0] && '\0' == repos_path[1]) repos_path = NULL; else if ('/' != repos_path[0] && '\0' != repos_path[0]) slash = "/"; } /* Combine 'svn:', fs_path and repos_path to produce the bogus path we're * placing in r->filename. We can't use our standard join helpers such * as svn_dirent_join. fs_path is a dirent and repos_path is a fspath * (that can be trivially converted to a relpath by skipping the leading * slash). In general it is safe to join these, but when a path in a * repository is 'trunk/c:hi' this results in a non canonical dirent on * Windows. Instead we just cat them together. */ r->filename = apr_pstrcat(r->pool, "svn:", fs_path, slash, repos_path, NULL); /* Leave a note to ourselves so that we know not to decline in the * map_to_storage hook. */ apr_table_setn(r->notes, NO_MAP_TO_STORAGE_NOTE, (const char*)1); return OK; }
static svn_boolean_t is_this_legal(dontdothat_filter_ctx *ctx, const char *uri) { const char *relative_path; const char *cleaned_uri; const char *repos_name; const char *uri_path; int trailing_slash; dav_error *derr; /* uri can be an absolute uri or just a path, we only want the path to match * against */ if (uri && svn_path_is_url(uri)) { apr_uri_t parsed_uri; apr_status_t rv = apr_uri_parse(ctx->r->pool, uri, &parsed_uri); if (APR_SUCCESS != rv) { /* Error parsing the URI, log and reject request. */ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, ctx->r, "mod_dontdothat: blocked request after failing " "to parse uri: '%s'", uri); return FALSE; } uri_path = parsed_uri.path; } else { uri_path = uri; } if (uri_path) { const char *repos_path; derr = dav_svn_split_uri(ctx->r, uri_path, ctx->cfg->base_path, &cleaned_uri, &trailing_slash, &repos_name, &relative_path, &repos_path); if (! derr) { int idx; if (! repos_path) repos_path = ""; repos_path = svn_fspath__canonicalize(repos_path, ctx->r->pool); /* First check the special cases that are always legal... */ for (idx = 0; idx < ctx->allow_recursive_ops->nelts; ++idx) { const char *wc = APR_ARRAY_IDX(ctx->allow_recursive_ops, idx, const char *); if (matches(wc, repos_path)) { ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, ctx->r, "mod_dontdothat: rule %s allows %s", wc, repos_path); return TRUE; } } /* Then look for stuff we explicitly don't allow. */ for (idx = 0; idx < ctx->no_recursive_ops->nelts; ++idx) { const char *wc = APR_ARRAY_IDX(ctx->no_recursive_ops, idx, const char *); if (matches(wc, repos_path)) { ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, ctx->r, "mod_dontdothat: rule %s forbids %s", wc, repos_path); return FALSE; } } } else {