svn_error_t *svn_ra_svn__cram_client(svn_ra_svn_conn_t *conn, apr_pool_t *pool,
const char *user, const char *password,
const char **message)
{
const char *status, *str, *reply;
unsigned char digest[APR_MD5_DIGESTSIZE];
char hex[2 * APR_MD5_DIGESTSIZE + 1];
/* Read the server challenge. */
SVN_ERR(svn_ra_svn__read_tuple(conn, pool, "w(?c)", &status, &str));
if (strcmp(status, "failure") == 0 && str)
{
*message = str;
return SVN_NO_ERROR;
}
else if (strcmp(status, "step") != 0 || !str)
return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
_("Unexpected server response to authentication"));
/* Write our response. */
compute_digest(digest, str, password);
hex_encode(hex, digest);
hex[sizeof(hex) - 1] = '\0';
reply = apr_psprintf(pool, "%s %s", user, hex);
SVN_ERR(svn_ra_svn__write_cstring(conn, pool, reply));
/* Read the success or failure response from the server. */
SVN_ERR(svn_ra_svn__read_tuple(conn, pool, "w(?c)", &status, &str));
if (strcmp(status, "failure") == 0 && str)
{
*message = str;
return SVN_NO_ERROR;
}
else if (strcmp(status, "success") != 0 || str)
return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
_("Unexpected server response to authentication"));
*message = NULL;
return SVN_NO_ERROR;
}
/* Read the "success" response to ANONYMOUS or EXTERNAL authentication. */
static svn_error_t *read_success(svn_ra_svn_conn_t *conn, apr_pool_t *pool)
{
const char *status, *arg;
SVN_ERR(svn_ra_svn__read_tuple(conn, pool, "w(?c)", &status, &arg));
if (strcmp(status, "failure") == 0 && arg)
return svn_error_createf(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
_("Authentication error from server: %s"), arg);
else if (strcmp(status, "success") != 0 || arg)
return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
_("Unexpected server response to authentication"));
return SVN_NO_ERROR;
}
static svn_error_t *blocked_write(svn_ra_svn_conn_t *conn, apr_pool_t *pool,
void *baton)
{
ra_svn_driver_state_t *ds = baton;
const char *cmd;
apr_array_header_t *params;
/* We blocked trying to send an error. Read and discard an editing
* command in order to avoid deadlock. */
SVN_ERR(svn_ra_svn__read_tuple(conn, pool, "wl", &cmd, ¶ms));
if (strcmp(cmd, "abort-edit") == 0)
{
ds->done = TRUE;
svn_ra_svn__set_block_handler(conn, NULL, NULL);
}
return SVN_NO_ERROR;
}
svn_error_t *svn_ra_svn_drive_editor2(svn_ra_svn_conn_t *conn,
apr_pool_t *pool,
const svn_delta_editor_t *editor,
void *edit_baton,
svn_boolean_t *aborted,
svn_boolean_t for_replay)
{
ra_svn_driver_state_t state;
apr_pool_t *subpool = svn_pool_create(pool);
const char *cmd;
int i;
svn_error_t *err, *write_err;
apr_array_header_t *params;
state.editor = editor;
state.edit_baton = edit_baton;
state.tokens = apr_hash_make(pool);
state.aborted = aborted;
state.done = FALSE;
state.pool = pool;
state.file_pool = svn_pool_create(pool);
state.file_refs = 0;
state.for_replay = for_replay;
while (!state.done)
{
svn_pool_clear(subpool);
if (editor)
{
SVN_ERR(svn_ra_svn__read_tuple(conn, subpool, "wl", &cmd, ¶ms));
for (i = 0; ra_svn_edit_cmds[i].cmd; i++)
if (strcmp(cmd, ra_svn_edit_cmds[i].cmd) == 0)
break;
if (ra_svn_edit_cmds[i].cmd)
err = (*ra_svn_edit_cmds[i].handler)(conn, subpool, params, &state);
else if (strcmp(cmd, "failure") == 0)
{
/* While not really an editor command this can occur when
reporter->finish_report() fails before the first editor
command */
if (aborted)
*aborted = TRUE;
err = svn_ra_svn__handle_failure_status(params, pool);
return svn_error_compose_create(
err,
editor->abort_edit(edit_baton, subpool));
}
else
{
err = svn_error_createf(SVN_ERR_RA_SVN_UNKNOWN_CMD, NULL,
_("Unknown editor command '%s'"), cmd);
err = svn_error_create(SVN_ERR_RA_SVN_CMD_ERR, err, NULL);
}
}
else
{
const char* command = NULL;
SVN_ERR(svn_ra_svn__read_command_only(conn, subpool, &command));
if (strcmp(command, "close-edit") == 0)
{
state.done = TRUE;
if (aborted)
*aborted = FALSE;
err = svn_ra_svn__write_cmd_response(conn, pool, "");
}
else
err = NULL;
}
if (err && err->apr_err == SVN_ERR_RA_SVN_CMD_ERR)
{
if (aborted)
*aborted = TRUE;
if (!state.done)
{
/* Abort the edit and use non-blocking I/O to write the error. */
if (editor)
svn_error_clear(editor->abort_edit(edit_baton, subpool));
svn_ra_svn__set_block_handler(conn, blocked_write, &state);
}
write_err = svn_ra_svn__write_cmd_failure(
conn, subpool,
svn_ra_svn__locate_real_error_child(err));
if (!write_err)
write_err = svn_ra_svn__flush(conn, subpool);
svn_ra_svn__set_block_handler(conn, NULL, NULL);
svn_error_clear(err);
SVN_ERR(write_err);
break;
}
SVN_ERR(err);
}
/* Read and discard editing commands until the edit is complete.
Hopefully, the other side will call another editor command, run
check_for_error, notice the error, write "abort-edit" at us, and
throw the error up a few levels on its side (possibly even
tossing it right back at us, which is why we can return
SVN_NO_ERROR below).
However, if the other side is way ahead of us, it might
completely finish the edit (or sequence of edit/revprops, for
"replay-range") before we send over our "failure". So we should
also stop if we see "success". (Then the other side will try to
interpret our "failure" as a command, which will itself fail...
The net effect is that whatever error we wrote to the other side
will be replaced with SVN_ERR_RA_SVN_UNKNOWN_CMD.)
*/
while (!state.done)
{
svn_pool_clear(subpool);
err = svn_ra_svn__read_tuple(conn, subpool, "wl", &cmd, ¶ms);
if (err && err->apr_err == SVN_ERR_RA_SVN_CONNECTION_CLOSED)
{
/* Other side disconnected; that's no error. */
svn_error_clear(err);
svn_pool_destroy(subpool);
return SVN_NO_ERROR;
}
svn_error_clear(err);
if (strcmp(cmd, "abort-edit") == 0
|| strcmp(cmd, "success") == 0)
state.done = TRUE;
}
svn_pool_destroy(subpool);
return SVN_NO_ERROR;
}
static svn_error_t *try_auth(svn_ra_svn_conn_t *conn,
sasl_conn_t *sasl_ctx,
apr_pool_t *pool,
server_baton_t *b,
svn_boolean_t *success)
{
const char *out, *mech;
const svn_string_t *arg = NULL, *in;
unsigned int outlen;
int result;
svn_boolean_t use_base64;
*success = FALSE;
/* Read the client's chosen mech and the initial token. */
SVN_ERR(svn_ra_svn__read_tuple(conn, pool, "w(?s)", &mech, &in));
if (strcmp(mech, "EXTERNAL") == 0 && !in)
in = svn_string_create(b->client_info->tunnel_user, pool);
else if (in)
in = svn_base64_decode_string(in, pool);
/* For CRAM-MD5, we don't base64-encode stuff. */
use_base64 = (strcmp(mech, "CRAM-MD5") != 0);
/* sasl uses unsigned int for the length of strings, we use apr_size_t
* which may not be the same size. Deal with potential integer overflow */
if (in && in->len > UINT_MAX)
return svn_error_createf(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
_("Initial token is too long"));
result = svn_sasl__server_start(sasl_ctx, mech,
in ? in->data : NULL,
in ? (unsigned int) in->len : 0,
&out, &outlen);
if (result != SASL_OK && result != SASL_CONTINUE)
return fail_auth(conn, pool, sasl_ctx);
while (result == SASL_CONTINUE)
{
svn_ra_svn__item_t *item;
arg = svn_string_ncreate(out, outlen, pool);
/* Encode what we send to the client. */
if (use_base64)
arg = svn_base64_encode_string2(arg, TRUE, pool);
SVN_ERR(svn_ra_svn__write_tuple(conn, pool, "w(s)", "step", arg));
/* Read and decode the client response. */
SVN_ERR(svn_ra_svn__read_item(conn, pool, &item));
if (item->kind != SVN_RA_SVN_STRING)
return SVN_NO_ERROR;
in = &item->u.string;
if (use_base64)
in = svn_base64_decode_string(in, pool);
if (in->len > UINT_MAX)
return svn_error_createf(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
_("Step response is too long"));
result = svn_sasl__server_step(sasl_ctx, in->data,
(unsigned int) in->len,
&out, &outlen);
}
if (result != SASL_OK)
return fail_auth(conn, pool, sasl_ctx);
/* Send our last response, if necessary. */
if (outlen)
arg = svn_base64_encode_string2(svn_string_ncreate(out, outlen, pool), TRUE,
pool);
else
arg = NULL;
*success = TRUE;
SVN_ERR(svn_ra_svn__write_tuple(conn, pool, "w(?s)", "success", arg));
return SVN_NO_ERROR;
}
