示例#1
0
文件: svn_auth.c 项目: 0x00evil/nmap
svn_error_t *
nmap_update_svn_cmdline_setup_auth_baton(svn_auth_baton_t **ab,
                             svn_boolean_t non_interactive,
                             const char *auth_username,
                             const char *auth_password,
                             const char *config_dir,
                             svn_boolean_t no_auth_cache,
                             svn_config_t *cfg,
                             svn_cancel_func_t cancel_func,
                             void *cancel_baton,
                             apr_pool_t *pool)
{
  svn_boolean_t store_password_val = TRUE;
  svn_auth_provider_object_t *provider;

  /* The whole list of registered providers */
  apr_array_header_t *providers
    = apr_array_make(pool, 12, sizeof(svn_auth_provider_object_t *));

  /* The main disk-caching auth providers, for both
     'username/password' creds and 'username' creds.  */
#if defined(WIN32) && !defined(__MINGW32__)
  svn_auth_get_windows_simple_provider(&provider, pool);
  APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
#endif
#ifdef SVN_HAVE_KEYCHAIN_SERVICES
  svn_auth_get_keychain_simple_provider(&provider, pool);
  APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
#endif
  svn_auth_get_simple_provider(&provider, pool);
  APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
  svn_auth_get_username_provider(&provider, pool);
  APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

  /* The server-cert, client-cert, and client-cert-password providers. */
#if defined(WIN32) && !defined(__MINGW32__)
  svn_auth_get_windows_ssl_server_trust_provider(&provider, pool);
  APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
#endif
  svn_auth_get_ssl_server_trust_file_provider(&provider, pool);
  APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
  svn_auth_get_ssl_client_cert_file_provider(&provider, pool);
  APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
  svn_auth_get_ssl_client_cert_pw_file_provider(&provider, pool);
  APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

  if (non_interactive == FALSE)
    {
      svn_cmdline_prompt_baton_t *pb = NULL;

      if (cancel_func)
        {
          pb = apr_palloc(pool, sizeof(*pb));

          pb->cancel_func = cancel_func;
          pb->cancel_baton = cancel_baton;
        }

      /* Two basic prompt providers: username/password, and just username. */
      nmap_update_svn_auth_get_simple_prompt_provider(&provider,
                                          svn_cmdline_auth_simple_prompt,
                                          pb,
                                          2, /* retry limit */
                                          pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

      svn_auth_get_username_prompt_provider
        (&provider, svn_cmdline_auth_username_prompt, pb,
         2, /* retry limit */ pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

      /* Three ssl prompt providers, for server-certs, client-certs,
         and client-cert-passphrases.  */
      svn_auth_get_ssl_server_trust_prompt_provider
        (&provider, svn_cmdline_auth_ssl_server_trust_prompt, pb, pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

      svn_auth_get_ssl_client_cert_prompt_provider
        (&provider, svn_cmdline_auth_ssl_client_cert_prompt, pb, 2, pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

      svn_auth_get_ssl_client_cert_pw_prompt_provider
        (&provider, svn_cmdline_auth_ssl_client_cert_pw_prompt, pb, 2, pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
    }

  /* Build an authentication baton to give to libsvn_client. */
  svn_auth_open(ab, providers, pool);

  /* Place any default --username or --password credentials into the
     auth_baton's run-time parameter hash. */
  if (auth_username)
    svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_DEFAULT_USERNAME,
                           auth_username);
  if (auth_password)
    svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_DEFAULT_PASSWORD,
                           auth_password);

  /* Same with the --non-interactive option. */
  if (non_interactive)
    svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_NON_INTERACTIVE, "");

  if (config_dir)
    svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_CONFIG_DIR,
                           config_dir);

  SVN_ERR(svn_config_get_bool(cfg, &store_password_val,
                              SVN_CONFIG_SECTION_AUTH,
                              SVN_CONFIG_OPTION_STORE_PASSWORDS,
                              TRUE));

  if (! store_password_val)
    svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_DONT_STORE_PASSWORDS, "");

  /* There are two different ways the user can disable disk caching
     of credentials:  either via --no-auth-cache, or in the config
     file ('store-auth-creds = no'). */
  SVN_ERR(svn_config_get_bool(cfg, &store_password_val,
                              SVN_CONFIG_SECTION_AUTH,
                              SVN_CONFIG_OPTION_STORE_AUTH_CREDS,
                              TRUE));

  if (no_auth_cache || ! store_password_val)
    svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_NO_AUTH_CACHE, "");

  return SVN_NO_ERROR;
}
svn_client_ctx_t *
ClientContext::getContext(CommitMessage *message, SVN::Pool &in_pool)
{
    apr_pool_t *pool = in_pool.getPool();
    svn_auth_baton_t *ab;
    svn_client_ctx_t *ctx = m_context;

    /* Make a temporary copy of ctx to restore at pool cleanup to avoid
       leaving references to dangling pointers.

       Note that this allows creating a stack of context changes if
       the function is invoked multiple times with different pools.
     */
    clearctx_baton_t *bt = (clearctx_baton_t *)apr_pcalloc(pool, sizeof(*bt));
    bt->ctx = ctx;
    bt->backup = (svn_client_ctx_t*)apr_pmemdup(pool, ctx, sizeof(*ctx));
    apr_pool_cleanup_register(in_pool.getPool(), bt, clear_ctx_ptrs,
                              clear_ctx_ptrs);


    if (!ctx->config)
      {
        const char *configDir = m_configDir.c_str();
        if (m_configDir.empty())
            configDir = NULL;
        SVN_JNI_ERR(svn_config_get_config(&(ctx->config), configDir,
                                          m_pool->getPool()),
                    NULL);

        bt->backup->config = ctx->config;
      }
    svn_config_t *config = (svn_config_t *) apr_hash_get(ctx->config,
                                                         SVN_CONFIG_CATEGORY_CONFIG,
                                                         APR_HASH_KEY_STRING);


    /* The whole list of registered providers */
    apr_array_header_t *providers;

    /* Populate the registered providers with the platform-specific providers */
    SVN_JNI_ERR(svn_auth_get_platform_specific_client_providers(&providers,
                                                                config,
                                                                pool),
                NULL);

    /* Use the prompter (if available) to prompt for password and cert
     * caching. */
    svn_auth_plaintext_prompt_func_t plaintext_prompt_func = NULL;
    void *plaintext_prompt_baton = NULL;
    svn_auth_plaintext_passphrase_prompt_func_t plaintext_passphrase_prompt_func;
    void *plaintext_passphrase_prompt_baton = NULL;

    if (m_prompter != NULL)
    {
        plaintext_prompt_func = Prompter::plaintext_prompt;
        plaintext_prompt_baton = m_prompter;
        plaintext_passphrase_prompt_func = Prompter::plaintext_passphrase_prompt;
        plaintext_passphrase_prompt_baton = m_prompter;
    }

    /* The main disk-caching auth providers, for both
     * 'username/password' creds and 'username' creds.  */
    svn_auth_provider_object_t *provider;

    svn_auth_get_simple_provider2(&provider, plaintext_prompt_func,
                                  plaintext_prompt_baton, pool);
    APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

    svn_auth_get_username_provider(&provider, pool);
    APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

    /* The server-cert, client-cert, and client-cert-password providers. */
    SVN_JNI_ERR(svn_auth_get_platform_specific_provider(&provider,
                                                        "windows",
                                                        "ssl_server_trust",
                                                        pool),
                NULL);

    if (provider)
        APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

    svn_auth_get_ssl_server_trust_file_provider(&provider, pool);
    APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
    svn_auth_get_ssl_client_cert_file_provider(&provider, pool);
    APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
    svn_auth_get_ssl_client_cert_pw_file_provider2(&provider,
                        plaintext_passphrase_prompt_func,
                        plaintext_passphrase_prompt_baton, pool);
    APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

    if (m_prompter != NULL)
    {
        /* Two basic prompt providers: username/password, and just username.*/
        provider = m_prompter->getProviderSimple(in_pool);

        APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

        provider = m_prompter->getProviderUsername(in_pool);
        APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

        /* Three ssl prompt providers, for server-certs, client-certs,
         * and client-cert-passphrases.  */
        provider = m_prompter->getProviderServerSSLTrust(in_pool);
        APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

        provider = m_prompter->getProviderClientSSL(in_pool);
        APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

        provider = m_prompter->getProviderClientSSLPassword(in_pool);
        APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
    }

    /* Build an authentication baton to give to libsvn_client. */
    svn_auth_open(&ab, providers, pool);

    /* Place any default --username or --password credentials into the
     * auth_baton's run-time parameter hash.  ### Same with --no-auth-cache? */
    if (!m_userName.empty())
        svn_auth_set_parameter(ab, SVN_AUTH_PARAM_DEFAULT_USERNAME,
                               apr_pstrdup(in_pool.getPool(),
                                           m_userName.c_str()));
    if (!m_passWord.empty())
        svn_auth_set_parameter(ab, SVN_AUTH_PARAM_DEFAULT_PASSWORD,
                               apr_pstrdup(in_pool.getPool(),
                                           m_passWord.c_str()));
    /* Store where to retrieve authentication data? */
    if (!m_configDir.empty())
        svn_auth_set_parameter(ab, SVN_AUTH_PARAM_CONFIG_DIR,
                               apr_pstrdup(in_pool.getPool(),
                                           m_configDir.c_str()));

    ctx->auth_baton = ab;
    ctx->log_msg_baton3 = message;
    m_cancelOperation = false;

    SVN_JNI_ERR(svn_wc_context_create(&ctx->wc_ctx, NULL,
                                      in_pool.getPool(), in_pool.getPool()),
                NULL);

    return ctx;
}
示例#3
0
int a_svn_commit
(char *device_name, char *temp_working_dir, char *commit_as, 
 apr_pool_t *apr_pool, apr_pool_t *svn_pool)
/*
* commit changed file to SVN repository
*
*/
{
    svn_error_t* err;
    int int_err;
    apr_array_header_t *device_arr;
    svn_commit_info_t *commit_info = NULL;
    svn_auth_baton_t *auth_baton;
    svn_auth_provider_object_t *provider;
    svn_error_t *svn_err;
    char temp_svn_path[MAXPATH];
    svn_client_ctx_t* context;

    temp_svn_path[0] = 0x0;

    svn_err = svn_client_create_context( &context, svn_pool );

    if(svn_err){
                a_logmsg("%s: svn error: %s",device_name,svn_err->message);
                a_debug_info2(DEBUGLVL5,"a_svn_commit: svn error: %s",svn_err->message); return -1;
               }


    device_arr = apr_array_make(apr_pool, 1, sizeof(const char*));

    snprintf(temp_svn_path,MAXPATH,"%s/%s",temp_working_dir,device_name);

    *(const char**)apr_array_push(device_arr) = temp_svn_path;


    apr_array_header_t *providers = apr_array_make (apr_pool, 1, sizeof (svn_auth_provider_object_t *));

    svn_auth_get_username_provider(&provider, svn_pool);
    APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
    svn_auth_open(&auth_baton, providers, svn_pool);
    svn_auth_set_parameter(auth_baton, SVN_AUTH_PARAM_DEFAULT_USERNAME, commit_as);

    (*context).auth_baton = auth_baton;

    svn_err = svn_client_commit4(&commit_info,
                           device_arr,
                           svn_depth_empty,
                           FALSE,
                           FALSE,
                           NULL,
                           NULL,
                           context,
                           svn_pool);

    if(svn_err)
     {
      a_logmsg("%s: svn error: %s",device_name,svn_err->message);
      a_debug_info2(DEBUGLVL5,"a_svn_commit: svn error: %s",svn_err->message); return -1;
     }

    return 1;


}
svn_auth_baton_t *
OperationContext::getAuthBaton(SVN::Pool &in_pool)
{
  svn_auth_baton_t *ab;
  apr_pool_t *pool = in_pool.getPool();

  apr_hash_t * configData = getConfigData();

  if (configData == NULL)
    {
      return NULL;
    }

  svn_config_t *config = static_cast<svn_config_t *>(apr_hash_get(configData,
      SVN_CONFIG_CATEGORY_CONFIG, APR_HASH_KEY_STRING));

  const bool use_native_store = GlobalConfig::useNativeCredentialsStore();

  /* The whole list of registered providers */
  apr_array_header_t *providers;
  svn_auth_provider_object_t *provider;

  if (use_native_store)
    {
      /* Populate the registered providers with the platform-specific providers */
      SVN_JNI_ERR(
          svn_auth_get_platform_specific_client_providers(
              &providers, config, pool),
          NULL);

      /* Use the prompter (if available) to prompt for password and cert
       * caching. */
      svn_auth_plaintext_prompt_func_t plaintext_prompt_func;
      void *plaintext_prompt_baton;
      svn_auth_plaintext_passphrase_prompt_func_t plaintext_passphrase_prompt_func;
      void *plaintext_passphrase_prompt_baton;

      if (m_prompter.get())
        {
          plaintext_prompt_func = Prompter::plaintext_prompt;
          plaintext_prompt_baton = m_prompter.get();
          plaintext_passphrase_prompt_func = Prompter::plaintext_passphrase_prompt;
          plaintext_passphrase_prompt_baton = m_prompter.get();
        }
      else
        {
          plaintext_prompt_func = NULL;
          plaintext_prompt_baton = NULL;
          plaintext_passphrase_prompt_func = NULL;
          plaintext_passphrase_prompt_baton = NULL;
        }

      /* The main disk-caching auth providers, for both
       * 'username/password' creds and 'username' creds.  */

      svn_auth_get_simple_provider2(&provider, plaintext_prompt_func,
                                    plaintext_prompt_baton, pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

      svn_auth_get_username_provider(&provider, pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

      svn_auth_get_ssl_server_trust_file_provider(&provider, pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
      svn_auth_get_ssl_client_cert_file_provider(&provider, pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
      svn_auth_get_ssl_client_cert_pw_file_provider2(
          &provider,
          plaintext_passphrase_prompt_func, plaintext_passphrase_prompt_baton,
          pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
    }
  else
    {
      // Not using hte native credentials store, start with an empty
      // providers array.
      providers = apr_array_make(pool, 0, sizeof(svn_auth_provider_object_t *));
    }

  if (m_prompter.get())
    {
      /* Two basic prompt providers: username/password, and just username.*/
      provider = m_prompter->get_provider_simple(in_pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

      provider = m_prompter->get_provider_username(in_pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

      /* Three ssl prompt providers, for server-certs, client-certs,
       * and client-cert-passphrases.  */
      provider = m_prompter->get_provider_server_ssl_trust(in_pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

      provider = m_prompter->get_provider_client_ssl(in_pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;

      provider = m_prompter->get_provider_client_ssl_password(in_pool);
      APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
    }

  /* Build an authentication baton to give to libsvn_client. */
  svn_auth_open(&ab, providers, pool);

  /* Place any default --username or --password credentials into the
   * auth_baton's run-time parameter hash.  ### Same with --no-auth-cache? */
  if (!m_userName.empty())
    svn_auth_set_parameter(ab, SVN_AUTH_PARAM_DEFAULT_USERNAME,
        apr_pstrdup(in_pool.getPool(), m_userName.c_str()));
  if (!m_passWord.empty())
    svn_auth_set_parameter(ab, SVN_AUTH_PARAM_DEFAULT_PASSWORD,
        apr_pstrdup(in_pool.getPool(), m_passWord.c_str()));
  /* Store where to retrieve authentication data? */
  if (!m_configDir.empty())
    svn_auth_set_parameter(ab, SVN_AUTH_PARAM_CONFIG_DIR,
        apr_pstrdup(in_pool.getPool(), m_configDir.c_str()));
  return ab;
}