static svn_error_t *
construct_auth_baton(svn_auth_baton_t **auth_baton_p,
apr_pool_t *pool)
{
apr_array_header_t *providers;
svn_auth_provider_object_t *simple_provider;
svn_auth_baton_t *auth_baton;
/* A bit of dancing just to pass jrandom:rayjandom. */
providers = apr_array_make(pool, 2, sizeof(svn_auth_provider_object_t *)),
svn_auth_get_simple_prompt_provider(&simple_provider,
aborting_simple_prompt_func, NULL,
0, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = simple_provider;
svn_auth_get_username_prompt_provider(&simple_provider,
aborting_username_prompt_func, NULL,
0, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = simple_provider;
svn_auth_open(&auth_baton, providers, pool);
svn_auth_set_parameter(auth_baton,
SVN_AUTH_PARAM_DEFAULT_USERNAME, "jrandom");
svn_auth_set_parameter(auth_baton,
SVN_AUTH_PARAM_DEFAULT_PASSWORD, "rayjandom");
*auth_baton_p = auth_baton;
return SVN_NO_ERROR;
}
SVNAuthData::SVNAuthData()
: SVNBase()
, m_prompt(false)
{
m_pool = svn_pool_create(NULL);
svn_error_clear(svn_client_create_context2(&m_pctx, SVNConfig::Instance().GetConfig(m_pool), m_pool));
// set up authentication
m_prompt.Init(m_pool, m_pctx);
const char * path = nullptr;
svn_config_get_user_config_path(&path, g_pConfigDir, NULL, m_pool);
svn_auth_set_parameter(m_pctx->auth_baton, SVN_AUTH_PARAM_CONFIG_DIR, path);
m_pctx->client_name = SVNHelper::GetUserAgentString(m_pool);
}
svn_error_t *
nmap_update_svn_cmdline_setup_auth_baton(svn_auth_baton_t **ab,
svn_boolean_t non_interactive,
const char *auth_username,
const char *auth_password,
const char *config_dir,
svn_boolean_t no_auth_cache,
svn_config_t *cfg,
svn_cancel_func_t cancel_func,
void *cancel_baton,
apr_pool_t *pool)
{
svn_boolean_t store_password_val = TRUE;
svn_auth_provider_object_t *provider;
/* The whole list of registered providers */
apr_array_header_t *providers
= apr_array_make(pool, 12, sizeof(svn_auth_provider_object_t *));
/* The main disk-caching auth providers, for both
'username/password' creds and 'username' creds. */
#if defined(WIN32) && !defined(__MINGW32__)
svn_auth_get_windows_simple_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
#endif
#ifdef SVN_HAVE_KEYCHAIN_SERVICES
svn_auth_get_keychain_simple_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
#endif
svn_auth_get_simple_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_username_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
/* The server-cert, client-cert, and client-cert-password providers. */
#if defined(WIN32) && !defined(__MINGW32__)
svn_auth_get_windows_ssl_server_trust_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
#endif
svn_auth_get_ssl_server_trust_file_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_ssl_client_cert_file_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_ssl_client_cert_pw_file_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
if (non_interactive == FALSE)
{
svn_cmdline_prompt_baton_t *pb = NULL;
if (cancel_func)
{
pb = apr_palloc(pool, sizeof(*pb));
pb->cancel_func = cancel_func;
pb->cancel_baton = cancel_baton;
}
/* Two basic prompt providers: username/password, and just username. */
nmap_update_svn_auth_get_simple_prompt_provider(&provider,
svn_cmdline_auth_simple_prompt,
pb,
2, /* retry limit */
pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_username_prompt_provider
(&provider, svn_cmdline_auth_username_prompt, pb,
2, /* retry limit */ pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
/* Three ssl prompt providers, for server-certs, client-certs,
and client-cert-passphrases. */
svn_auth_get_ssl_server_trust_prompt_provider
(&provider, svn_cmdline_auth_ssl_server_trust_prompt, pb, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_ssl_client_cert_prompt_provider
(&provider, svn_cmdline_auth_ssl_client_cert_prompt, pb, 2, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_ssl_client_cert_pw_prompt_provider
(&provider, svn_cmdline_auth_ssl_client_cert_pw_prompt, pb, 2, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
}
/* Build an authentication baton to give to libsvn_client. */
svn_auth_open(ab, providers, pool);
/* Place any default --username or --password credentials into the
auth_baton's run-time parameter hash. */
if (auth_username)
svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_DEFAULT_USERNAME,
auth_username);
if (auth_password)
svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_DEFAULT_PASSWORD,
auth_password);
/* Same with the --non-interactive option. */
if (non_interactive)
svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_NON_INTERACTIVE, "");
if (config_dir)
svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_CONFIG_DIR,
config_dir);
SVN_ERR(svn_config_get_bool(cfg, &store_password_val,
SVN_CONFIG_SECTION_AUTH,
SVN_CONFIG_OPTION_STORE_PASSWORDS,
TRUE));
if (! store_password_val)
svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_DONT_STORE_PASSWORDS, "");
/* There are two different ways the user can disable disk caching
of credentials: either via --no-auth-cache, or in the config
file ('store-auth-creds = no'). */
SVN_ERR(svn_config_get_bool(cfg, &store_password_val,
SVN_CONFIG_SECTION_AUTH,
SVN_CONFIG_OPTION_STORE_AUTH_CREDS,
TRUE));
if (no_auth_cache || ! store_password_val)
svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_NO_AUTH_CACHE, "");
return SVN_NO_ERROR;
}
svn_error_t *svn_ra_open4(svn_ra_session_t **session_p,
const char **corrected_url_p,
const char *repos_URL,
const char *uuid,
const svn_ra_callbacks2_t *callbacks,
void *callback_baton,
apr_hash_t *config,
apr_pool_t *pool)
{
apr_pool_t *sesspool = svn_pool_create(pool);
svn_ra_session_t *session;
const struct ra_lib_defn *defn;
const svn_ra__vtable_t *vtable = NULL;
svn_config_t *servers = NULL;
const char *server_group;
apr_uri_t repos_URI;
apr_status_t apr_err;
#ifdef CHOOSABLE_DAV_MODULE
const char *http_library = DEFAULT_HTTP_LIBRARY;
#endif
/* Auth caching parameters. */
svn_boolean_t store_passwords = SVN_CONFIG_DEFAULT_OPTION_STORE_PASSWORDS;
svn_boolean_t store_auth_creds = SVN_CONFIG_DEFAULT_OPTION_STORE_AUTH_CREDS;
const char *store_plaintext_passwords
= SVN_CONFIG_DEFAULT_OPTION_STORE_PLAINTEXT_PASSWORDS;
svn_boolean_t store_pp = SVN_CONFIG_DEFAULT_OPTION_STORE_SSL_CLIENT_CERT_PP;
const char *store_pp_plaintext
= SVN_CONFIG_DEFAULT_OPTION_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT;
const char *corrected_url;
/* Initialize the return variable. */
*session_p = NULL;
apr_err = apr_uri_parse(sesspool, repos_URL, &repos_URI);
/* ### Should apr_uri_parse leave hostname NULL? It doesn't
* for "file:///" URLs, only for bogus URLs like "bogus".
* If this is the right behavior for apr_uri_parse, maybe we
* should have a svn_uri_parse wrapper. */
if (apr_err != APR_SUCCESS || repos_URI.hostname == NULL)
return svn_error_createf(SVN_ERR_RA_ILLEGAL_URL, NULL,
_("Illegal repository URL '%s'"),
repos_URL);
if (callbacks->auth_baton)
{
/* The 'store-passwords' and 'store-auth-creds' parameters used to
* live in SVN_CONFIG_CATEGORY_CONFIG. For backward compatibility,
* if values for these parameters have already been set by our
* callers, we use those values as defaults.
*
* Note that we can only catch the case where users explicitly set
* "store-passwords = no" or 'store-auth-creds = no".
*
* However, since the default value for both these options is
* currently (and has always been) "yes", users won't know
* the difference if they set "store-passwords = yes" or
* "store-auth-creds = yes" -- they'll get the expected behaviour.
*/
if (svn_auth_get_parameter(callbacks->auth_baton,
SVN_AUTH_PARAM_DONT_STORE_PASSWORDS) != NULL)
store_passwords = FALSE;
if (svn_auth_get_parameter(callbacks->auth_baton,
SVN_AUTH_PARAM_NO_AUTH_CACHE) != NULL)
store_auth_creds = FALSE;
}
if (config)
{
/* Grab the 'servers' config. */
servers = apr_hash_get(config, SVN_CONFIG_CATEGORY_SERVERS,
APR_HASH_KEY_STRING);
if (servers)
{
/* First, look in the global section. */
SVN_ERR(svn_config_get_bool
(servers, &store_passwords, SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_STORE_PASSWORDS,
store_passwords));
SVN_ERR(svn_config_get_yes_no_ask
(servers, &store_plaintext_passwords, SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_STORE_PLAINTEXT_PASSWORDS,
SVN_CONFIG_DEFAULT_OPTION_STORE_PLAINTEXT_PASSWORDS));
SVN_ERR(svn_config_get_bool
(servers, &store_pp, SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_STORE_SSL_CLIENT_CERT_PP,
store_pp));
SVN_ERR(svn_config_get_yes_no_ask
(servers, &store_pp_plaintext,
SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT,
SVN_CONFIG_DEFAULT_OPTION_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT));
SVN_ERR(svn_config_get_bool
(servers, &store_auth_creds, SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_STORE_AUTH_CREDS,
store_auth_creds));
/* Find out where we're about to connect to, and
* try to pick a server group based on the destination. */
server_group = svn_config_find_group(servers, repos_URI.hostname,
SVN_CONFIG_SECTION_GROUPS,
sesspool);
if (server_group)
{
/* Override global auth caching parameters with the ones
* for the server group, if any. */
SVN_ERR(svn_config_get_bool(servers, &store_auth_creds,
server_group,
SVN_CONFIG_OPTION_STORE_AUTH_CREDS,
store_auth_creds));
SVN_ERR(svn_config_get_bool(servers, &store_passwords,
server_group,
SVN_CONFIG_OPTION_STORE_PASSWORDS,
store_passwords));
SVN_ERR(svn_config_get_yes_no_ask
(servers, &store_plaintext_passwords, server_group,
SVN_CONFIG_OPTION_STORE_PLAINTEXT_PASSWORDS,
store_plaintext_passwords));
SVN_ERR(svn_config_get_bool
(servers, &store_pp,
server_group, SVN_CONFIG_OPTION_STORE_SSL_CLIENT_CERT_PP,
store_pp));
SVN_ERR(svn_config_get_yes_no_ask
(servers, &store_pp_plaintext, server_group,
SVN_CONFIG_OPTION_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT,
store_pp_plaintext));
}
#ifdef CHOOSABLE_DAV_MODULE
/* Now, which DAV-based RA method do we want to use today? */
http_library
= svn_config_get_server_setting(servers,
server_group, /* NULL is OK */
SVN_CONFIG_OPTION_HTTP_LIBRARY,
DEFAULT_HTTP_LIBRARY);
if (strcmp(http_library, "neon") != 0 &&
strcmp(http_library, "serf") != 0)
return svn_error_createf(SVN_ERR_BAD_CONFIG_VALUE, NULL,
_("Invalid config: unknown HTTP library "
"'%s'"),
http_library);
#endif
}
}
if (callbacks->auth_baton)
{
/* Save auth caching parameters in the auth parameter hash. */
if (! store_passwords)
svn_auth_set_parameter(callbacks->auth_baton,
SVN_AUTH_PARAM_DONT_STORE_PASSWORDS, "");
svn_auth_set_parameter(callbacks->auth_baton,
SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS,
store_plaintext_passwords);
if (! store_pp)
svn_auth_set_parameter(callbacks->auth_baton,
SVN_AUTH_PARAM_DONT_STORE_SSL_CLIENT_CERT_PP,
"");
svn_auth_set_parameter(callbacks->auth_baton,
SVN_AUTH_PARAM_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT,
store_pp_plaintext);
if (! store_auth_creds)
svn_auth_set_parameter(callbacks->auth_baton,
SVN_AUTH_PARAM_NO_AUTH_CACHE, "");
}
/* Find the library. */
for (defn = ra_libraries; defn->ra_name != NULL; ++defn)
{
const char *scheme;
if ((scheme = has_scheme_of(defn->schemes, repos_URL)))
{
svn_ra__init_func_t initfunc = defn->initfunc;
#ifdef CHOOSABLE_DAV_MODULE
if (defn->schemes == dav_schemes
&& strcmp(defn->ra_name, http_library) != 0)
continue;
#endif
if (! initfunc)
SVN_ERR(load_ra_module(&initfunc, NULL, defn->ra_name,
sesspool));
if (! initfunc)
/* Library not found. */
continue;
SVN_ERR(initfunc(svn_ra_version(), &vtable, sesspool));
SVN_ERR(check_ra_version(vtable->get_version(), scheme));
if (! has_scheme_of(vtable->get_schemes(sesspool), repos_URL))
/* Library doesn't support the scheme at runtime. */
continue;
break;
}
}
if (vtable == NULL)
return svn_error_createf(SVN_ERR_RA_ILLEGAL_URL, NULL,
_("Unrecognized URL scheme for '%s'"),
repos_URL);
/* Create the session object. */
session = apr_pcalloc(sesspool, sizeof(*session));
session->vtable = vtable;
session->pool = sesspool;
/* Ask the library to open the session. */
SVN_ERR_W(vtable->open_session(session, &corrected_url, repos_URL,
callbacks, callback_baton, config, sesspool),
apr_psprintf(pool, "Unable to connect to a repository at URL '%s'",
repos_URL));
/* If the session open stuff detected a server-provided URL
correction (a 301 or 302 redirect response during the initial
OPTIONS request), then kill the session so the caller can decide
what to do. */
if (corrected_url_p && corrected_url)
{
if (! svn_path_is_url(corrected_url))
{
/* RFC1945 and RFC2616 state that the Location header's
value (from whence this CORRECTED_URL ultimately comes),
if present, must be an absolute URI. But some Apache
versions (those older than 2.2.11, it seems) transmit
only the path portion of the URI. See issue #3775 for
details. */
apr_uri_t corrected_URI = repos_URI;
corrected_URI.path = (char *)corrected_url;
corrected_url = apr_uri_unparse(pool, &corrected_URI, 0);
}
*corrected_url_p = svn_uri_canonicalize(corrected_url, pool);
svn_pool_destroy(sesspool);
return SVN_NO_ERROR;
}
/* Check the UUID. */
if (uuid)
{
const char *repository_uuid;
SVN_ERR(vtable->get_uuid(session, &repository_uuid, pool));
if (strcmp(uuid, repository_uuid) != 0)
{
/* Duplicate the uuid as it is allocated in sesspool */
repository_uuid = apr_pstrdup(pool, repository_uuid);
svn_pool_destroy(sesspool);
return svn_error_createf(SVN_ERR_RA_UUID_MISMATCH, NULL,
_("Repository UUID '%s' doesn't match "
"expected UUID '%s'"),
repository_uuid, uuid);
}
}
*session_p = session;
return SVN_NO_ERROR;
}
int a_svn_commit
(char *device_name, char *temp_working_dir, char *commit_as,
apr_pool_t *apr_pool, apr_pool_t *svn_pool)
/*
* commit changed file to SVN repository
*
*/
{
svn_error_t* err;
int int_err;
apr_array_header_t *device_arr;
svn_commit_info_t *commit_info = NULL;
svn_auth_baton_t *auth_baton;
svn_auth_provider_object_t *provider;
svn_error_t *svn_err;
char temp_svn_path[MAXPATH];
svn_client_ctx_t* context;
temp_svn_path[0] = 0x0;
svn_err = svn_client_create_context( &context, svn_pool );
if(svn_err){
a_logmsg("%s: svn error: %s",device_name,svn_err->message);
a_debug_info2(DEBUGLVL5,"a_svn_commit: svn error: %s",svn_err->message); return -1;
}
device_arr = apr_array_make(apr_pool, 1, sizeof(const char*));
snprintf(temp_svn_path,MAXPATH,"%s/%s",temp_working_dir,device_name);
*(const char**)apr_array_push(device_arr) = temp_svn_path;
apr_array_header_t *providers = apr_array_make (apr_pool, 1, sizeof (svn_auth_provider_object_t *));
svn_auth_get_username_provider(&provider, svn_pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_open(&auth_baton, providers, svn_pool);
svn_auth_set_parameter(auth_baton, SVN_AUTH_PARAM_DEFAULT_USERNAME, commit_as);
(*context).auth_baton = auth_baton;
svn_err = svn_client_commit4(&commit_info,
device_arr,
svn_depth_empty,
FALSE,
FALSE,
NULL,
NULL,
context,
svn_pool);
if(svn_err)
{
a_logmsg("%s: svn error: %s",device_name,svn_err->message);
a_debug_info2(DEBUGLVL5,"a_svn_commit: svn error: %s",svn_err->message); return -1;
}
return 1;
}
svn_client_ctx_t *
ClientContext::getContext(CommitMessage *message, SVN::Pool &in_pool)
{
apr_pool_t *pool = in_pool.getPool();
svn_auth_baton_t *ab;
svn_client_ctx_t *ctx = m_context;
/* Make a temporary copy of ctx to restore at pool cleanup to avoid
leaving references to dangling pointers.
Note that this allows creating a stack of context changes if
the function is invoked multiple times with different pools.
*/
clearctx_baton_t *bt = (clearctx_baton_t *)apr_pcalloc(pool, sizeof(*bt));
bt->ctx = ctx;
bt->backup = (svn_client_ctx_t*)apr_pmemdup(pool, ctx, sizeof(*ctx));
apr_pool_cleanup_register(in_pool.getPool(), bt, clear_ctx_ptrs,
clear_ctx_ptrs);
if (!ctx->config)
{
const char *configDir = m_configDir.c_str();
if (m_configDir.empty())
configDir = NULL;
SVN_JNI_ERR(svn_config_get_config(&(ctx->config), configDir,
m_pool->getPool()),
NULL);
bt->backup->config = ctx->config;
}
svn_config_t *config = (svn_config_t *) apr_hash_get(ctx->config,
SVN_CONFIG_CATEGORY_CONFIG,
APR_HASH_KEY_STRING);
/* The whole list of registered providers */
apr_array_header_t *providers;
/* Populate the registered providers with the platform-specific providers */
SVN_JNI_ERR(svn_auth_get_platform_specific_client_providers(&providers,
config,
pool),
NULL);
/* Use the prompter (if available) to prompt for password and cert
* caching. */
svn_auth_plaintext_prompt_func_t plaintext_prompt_func = NULL;
void *plaintext_prompt_baton = NULL;
svn_auth_plaintext_passphrase_prompt_func_t plaintext_passphrase_prompt_func;
void *plaintext_passphrase_prompt_baton = NULL;
if (m_prompter != NULL)
{
plaintext_prompt_func = Prompter::plaintext_prompt;
plaintext_prompt_baton = m_prompter;
plaintext_passphrase_prompt_func = Prompter::plaintext_passphrase_prompt;
plaintext_passphrase_prompt_baton = m_prompter;
}
/* The main disk-caching auth providers, for both
* 'username/password' creds and 'username' creds. */
svn_auth_provider_object_t *provider;
svn_auth_get_simple_provider2(&provider, plaintext_prompt_func,
plaintext_prompt_baton, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_username_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
/* The server-cert, client-cert, and client-cert-password providers. */
SVN_JNI_ERR(svn_auth_get_platform_specific_provider(&provider,
"windows",
"ssl_server_trust",
pool),
NULL);
if (provider)
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_ssl_server_trust_file_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_ssl_client_cert_file_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_ssl_client_cert_pw_file_provider2(&provider,
plaintext_passphrase_prompt_func,
plaintext_passphrase_prompt_baton, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
if (m_prompter != NULL)
{
/* Two basic prompt providers: username/password, and just username.*/
provider = m_prompter->getProviderSimple(in_pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
provider = m_prompter->getProviderUsername(in_pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
/* Three ssl prompt providers, for server-certs, client-certs,
* and client-cert-passphrases. */
provider = m_prompter->getProviderServerSSLTrust(in_pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
provider = m_prompter->getProviderClientSSL(in_pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
provider = m_prompter->getProviderClientSSLPassword(in_pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
}
/* Build an authentication baton to give to libsvn_client. */
svn_auth_open(&ab, providers, pool);
/* Place any default --username or --password credentials into the
* auth_baton's run-time parameter hash. ### Same with --no-auth-cache? */
if (!m_userName.empty())
svn_auth_set_parameter(ab, SVN_AUTH_PARAM_DEFAULT_USERNAME,
apr_pstrdup(in_pool.getPool(),
m_userName.c_str()));
if (!m_passWord.empty())
svn_auth_set_parameter(ab, SVN_AUTH_PARAM_DEFAULT_PASSWORD,
apr_pstrdup(in_pool.getPool(),
m_passWord.c_str()));
/* Store where to retrieve authentication data? */
if (!m_configDir.empty())
svn_auth_set_parameter(ab, SVN_AUTH_PARAM_CONFIG_DIR,
apr_pstrdup(in_pool.getPool(),
m_configDir.c_str()));
ctx->auth_baton = ab;
ctx->log_msg_baton3 = message;
m_cancelOperation = false;
SVN_JNI_ERR(svn_wc_context_create(&ctx->wc_ctx, NULL,
in_pool.getPool(), in_pool.getPool()),
NULL);
return ctx;
}
svn_auth_baton_t *
OperationContext::getAuthBaton(SVN::Pool &in_pool)
{
svn_auth_baton_t *ab;
apr_pool_t *pool = in_pool.getPool();
apr_hash_t * configData = getConfigData();
if (configData == NULL)
{
return NULL;
}
svn_config_t *config = static_cast<svn_config_t *>(apr_hash_get(configData,
SVN_CONFIG_CATEGORY_CONFIG, APR_HASH_KEY_STRING));
const bool use_native_store = GlobalConfig::useNativeCredentialsStore();
/* The whole list of registered providers */
apr_array_header_t *providers;
svn_auth_provider_object_t *provider;
if (use_native_store)
{
/* Populate the registered providers with the platform-specific providers */
SVN_JNI_ERR(
svn_auth_get_platform_specific_client_providers(
&providers, config, pool),
NULL);
/* Use the prompter (if available) to prompt for password and cert
* caching. */
svn_auth_plaintext_prompt_func_t plaintext_prompt_func;
void *plaintext_prompt_baton;
svn_auth_plaintext_passphrase_prompt_func_t plaintext_passphrase_prompt_func;
void *plaintext_passphrase_prompt_baton;
if (m_prompter.get())
{
plaintext_prompt_func = Prompter::plaintext_prompt;
plaintext_prompt_baton = m_prompter.get();
plaintext_passphrase_prompt_func = Prompter::plaintext_passphrase_prompt;
plaintext_passphrase_prompt_baton = m_prompter.get();
}
else
{
plaintext_prompt_func = NULL;
plaintext_prompt_baton = NULL;
plaintext_passphrase_prompt_func = NULL;
plaintext_passphrase_prompt_baton = NULL;
}
/* The main disk-caching auth providers, for both
* 'username/password' creds and 'username' creds. */
svn_auth_get_simple_provider2(&provider, plaintext_prompt_func,
plaintext_prompt_baton, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_username_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_ssl_server_trust_file_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_ssl_client_cert_file_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_ssl_client_cert_pw_file_provider2(
&provider,
plaintext_passphrase_prompt_func, plaintext_passphrase_prompt_baton,
pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
}
else
{
// Not using hte native credentials store, start with an empty
// providers array.
providers = apr_array_make(pool, 0, sizeof(svn_auth_provider_object_t *));
}
if (m_prompter.get())
{
/* Two basic prompt providers: username/password, and just username.*/
provider = m_prompter->get_provider_simple(in_pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
provider = m_prompter->get_provider_username(in_pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
/* Three ssl prompt providers, for server-certs, client-certs,
* and client-cert-passphrases. */
provider = m_prompter->get_provider_server_ssl_trust(in_pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
provider = m_prompter->get_provider_client_ssl(in_pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
provider = m_prompter->get_provider_client_ssl_password(in_pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
}
/* Build an authentication baton to give to libsvn_client. */
svn_auth_open(&ab, providers, pool);
/* Place any default --username or --password credentials into the
* auth_baton's run-time parameter hash. ### Same with --no-auth-cache? */
if (!m_userName.empty())
svn_auth_set_parameter(ab, SVN_AUTH_PARAM_DEFAULT_USERNAME,
apr_pstrdup(in_pool.getPool(), m_userName.c_str()));
if (!m_passWord.empty())
svn_auth_set_parameter(ab, SVN_AUTH_PARAM_DEFAULT_PASSWORD,
apr_pstrdup(in_pool.getPool(), m_passWord.c_str()));
/* Store where to retrieve authentication data? */
if (!m_configDir.empty())
svn_auth_set_parameter(ab, SVN_AUTH_PARAM_CONFIG_DIR,
apr_pstrdup(in_pool.getPool(), m_configDir.c_str()));
return ab;
}
static svn_error_t *
load_config(svn_ra_serf__session_t *session,
apr_hash_t *config_hash,
apr_pool_t *pool)
{
svn_config_t *config, *config_client;
const char *server_group;
const char *proxy_host = NULL;
const char *port_str = NULL;
const char *timeout_str = NULL;
const char *exceptions;
apr_port_t proxy_port;
svn_tristate_t chunked_requests;
#if SERF_VERSION_AT_LEAST(1, 4, 0) && !defined(SVN_SERF_NO_LOGGING)
apr_int64_t log_components;
apr_int64_t log_level;
#endif
if (config_hash)
{
config = svn_hash_gets(config_hash, SVN_CONFIG_CATEGORY_SERVERS);
config_client = svn_hash_gets(config_hash, SVN_CONFIG_CATEGORY_CONFIG);
}
else
{
config = NULL;
config_client = NULL;
}
SVN_ERR(svn_config_get_bool(config, &session->using_compression,
SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_HTTP_COMPRESSION, TRUE));
svn_config_get(config, &timeout_str, SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_HTTP_TIMEOUT, NULL);
if (session->auth_baton)
{
if (config_client)
{
svn_auth_set_parameter(session->auth_baton,
SVN_AUTH_PARAM_CONFIG_CATEGORY_CONFIG,
config_client);
}
if (config)
{
svn_auth_set_parameter(session->auth_baton,
SVN_AUTH_PARAM_CONFIG_CATEGORY_SERVERS,
config);
}
}
/* Use the default proxy-specific settings if and only if
"http-proxy-exceptions" is not set to exclude this host. */
svn_config_get(config, &exceptions, SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_HTTP_PROXY_EXCEPTIONS, "");
if (! svn_cstring_match_glob_list(session->session_url.hostname,
svn_cstring_split(exceptions, ",",
TRUE, pool)))
{
svn_config_get(config, &proxy_host, SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_HTTP_PROXY_HOST, NULL);
svn_config_get(config, &port_str, SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_HTTP_PROXY_PORT, NULL);
svn_config_get(config, &session->proxy_username,
SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_HTTP_PROXY_USERNAME, NULL);
svn_config_get(config, &session->proxy_password,
SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_HTTP_PROXY_PASSWORD, NULL);
}
/* Load the global ssl settings, if set. */
SVN_ERR(svn_config_get_bool(config, &session->trust_default_ca,
SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_SSL_TRUST_DEFAULT_CA,
TRUE));
svn_config_get(config, &session->ssl_authorities, SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_SSL_AUTHORITY_FILES, NULL);
/* If set, read the flag that tells us to do bulk updates or not. Defaults
to skelta updates. */
SVN_ERR(svn_config_get_tristate(config, &session->bulk_updates,
SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_HTTP_BULK_UPDATES,
"auto",
svn_tristate_unknown));
/* Load the maximum number of parallel session connections. */
SVN_ERR(svn_config_get_int64(config, &session->max_connections,
SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_HTTP_MAX_CONNECTIONS,
SVN_CONFIG_DEFAULT_OPTION_HTTP_MAX_CONNECTIONS));
/* Should we use chunked transfer encoding. */
SVN_ERR(svn_config_get_tristate(config, &chunked_requests,
SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_HTTP_CHUNKED_REQUESTS,
"auto", svn_tristate_unknown));
#if SERF_VERSION_AT_LEAST(1, 4, 0) && !defined(SVN_SERF_NO_LOGGING)
SVN_ERR(svn_config_get_int64(config, &log_components,
SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_SERF_LOG_COMPONENTS,
SERF_LOGCOMP_NONE));
SVN_ERR(svn_config_get_int64(config, &log_level,
SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_SERF_LOG_LEVEL,
SERF_LOG_INFO));
#endif
server_group = svn_auth_get_parameter(session->auth_baton,
SVN_AUTH_PARAM_SERVER_GROUP);
if (server_group)
{
SVN_ERR(svn_config_get_bool(config, &session->using_compression,
server_group,
SVN_CONFIG_OPTION_HTTP_COMPRESSION,
session->using_compression));
svn_config_get(config, &timeout_str, server_group,
SVN_CONFIG_OPTION_HTTP_TIMEOUT, timeout_str);
/* Load the group proxy server settings, overriding global
settings. We intentionally ignore 'http-proxy-exceptions'
here because, well, if this site was an exception, why is
there a per-server proxy configuration for it? */
svn_config_get(config, &proxy_host, server_group,
SVN_CONFIG_OPTION_HTTP_PROXY_HOST, proxy_host);
svn_config_get(config, &port_str, server_group,
SVN_CONFIG_OPTION_HTTP_PROXY_PORT, port_str);
svn_config_get(config, &session->proxy_username, server_group,
SVN_CONFIG_OPTION_HTTP_PROXY_USERNAME,
session->proxy_username);
svn_config_get(config, &session->proxy_password, server_group,
SVN_CONFIG_OPTION_HTTP_PROXY_PASSWORD,
session->proxy_password);
/* Load the group ssl settings. */
SVN_ERR(svn_config_get_bool(config, &session->trust_default_ca,
server_group,
SVN_CONFIG_OPTION_SSL_TRUST_DEFAULT_CA,
session->trust_default_ca));
svn_config_get(config, &session->ssl_authorities, server_group,
SVN_CONFIG_OPTION_SSL_AUTHORITY_FILES,
session->ssl_authorities);
/* Load the group bulk updates flag. */
SVN_ERR(svn_config_get_tristate(config, &session->bulk_updates,
server_group,
SVN_CONFIG_OPTION_HTTP_BULK_UPDATES,
"auto",
session->bulk_updates));
/* Load the maximum number of parallel session connections,
overriding global values. */
SVN_ERR(svn_config_get_int64(config, &session->max_connections,
server_group,
SVN_CONFIG_OPTION_HTTP_MAX_CONNECTIONS,
session->max_connections));
/* Should we use chunked transfer encoding. */
SVN_ERR(svn_config_get_tristate(config, &chunked_requests,
server_group,
SVN_CONFIG_OPTION_HTTP_CHUNKED_REQUESTS,
"auto", chunked_requests));
#if SERF_VERSION_AT_LEAST(1, 4, 0) && !defined(SVN_SERF_NO_LOGGING)
SVN_ERR(svn_config_get_int64(config, &log_components,
server_group,
SVN_CONFIG_OPTION_SERF_LOG_COMPONENTS,
log_components));
SVN_ERR(svn_config_get_int64(config, &log_level,
server_group,
SVN_CONFIG_OPTION_SERF_LOG_LEVEL,
log_level));
#endif
}
#if SERF_VERSION_AT_LEAST(1, 4, 0) && !defined(SVN_SERF_NO_LOGGING)
if (log_components != SERF_LOGCOMP_NONE)
{
serf_log_output_t *output;
apr_status_t status;
status = serf_logging_create_stream_output(&output,
session->context,
(apr_uint32_t)log_level,
(apr_uint32_t)log_components,
SERF_LOG_DEFAULT_LAYOUT,
stderr,
pool);
if (!status)
serf_logging_add_output(session->context, output);
}
#endif
/* Don't allow the http-max-connections value to be larger than our
compiled-in limit, or to be too small to operate. Broken
functionality and angry administrators are equally undesirable. */
if (session->max_connections > SVN_RA_SERF__MAX_CONNECTIONS_LIMIT)
session->max_connections = SVN_RA_SERF__MAX_CONNECTIONS_LIMIT;
if (session->max_connections < 2)
session->max_connections = 2;
/* Parse the connection timeout value, if any. */
session->timeout = apr_time_from_sec(DEFAULT_HTTP_TIMEOUT);
if (timeout_str)
{
char *endstr;
const long int timeout = strtol(timeout_str, &endstr, 10);
if (*endstr)
return svn_error_create(SVN_ERR_BAD_CONFIG_VALUE, NULL,
_("Invalid config: illegal character in "
"timeout value"));
if (timeout < 0)
return svn_error_create(SVN_ERR_BAD_CONFIG_VALUE, NULL,
_("Invalid config: negative timeout value"));
session->timeout = apr_time_from_sec(timeout);
}
SVN_ERR_ASSERT(session->timeout >= 0);
/* Convert the proxy port value, if any. */
if (port_str)
{
char *endstr;
const long int port = strtol(port_str, &endstr, 10);
if (*endstr)
return svn_error_create(SVN_ERR_RA_ILLEGAL_URL, NULL,
_("Invalid URL: illegal character in proxy "
"port number"));
if (port < 0)
return svn_error_create(SVN_ERR_RA_ILLEGAL_URL, NULL,
_("Invalid URL: negative proxy port number"));
if (port > 65535)
return svn_error_create(SVN_ERR_RA_ILLEGAL_URL, NULL,
_("Invalid URL: proxy port number greater "
"than maximum TCP port number 65535"));
proxy_port = (apr_port_t) port;
}
else
{
proxy_port = 80;
}
if (proxy_host)
{
apr_sockaddr_t *proxy_addr;
apr_status_t status;
status = apr_sockaddr_info_get(&proxy_addr, proxy_host,
APR_UNSPEC, proxy_port, 0,
session->pool);
if (status)
{
return svn_ra_serf__wrap_err(
status, _("Could not resolve proxy server '%s'"),
proxy_host);
}
session->using_proxy = TRUE;
serf_config_proxy(session->context, proxy_addr);
}
else
{
session->using_proxy = FALSE;
}
/* Setup detect_chunking and using_chunked_requests based on
* the chunked_requests tristate */
if (chunked_requests == svn_tristate_unknown)
{
session->detect_chunking = TRUE;
session->using_chunked_requests = TRUE;
}
else if (chunked_requests == svn_tristate_true)
{
session->detect_chunking = FALSE;
session->using_chunked_requests = TRUE;
}
else /* chunked_requests == svn_tristate_false */
{
session->detect_chunking = FALSE;
session->using_chunked_requests = FALSE;
}
/* Setup authentication. */
SVN_ERR(load_http_auth_types(pool, config, server_group,
&session->authn_types));
serf_config_authn_types(session->context, session->authn_types);
serf_config_credentials_callback(session->context,
svn_ra_serf__credentials_callback);
return SVN_NO_ERROR;
}
