[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

[PATCH] Error checking in authz

From: David Anderson <david.anderson_at_calixo.net>
Date: 2005-07-13 05:00:27 CEST

This mail is in fact a followup to
http://svn.haxx.se/dev/archive-2005-07/0090.shtml . I'm now submitting
the complete implementation of error checking in one go (albeit in three
patches), hence the thread change.

The first patch adds error throwing to existing authz functions.
The second adds a function which parsing and validating of an authz file
atomically (which is a drop-in replacement of svn_config_read for authz
The third implements the change, requested by Greg Hudson, to have an
opaque data type representing an authz file, in prevision of a future
change in said representation. You may want to delay this change until
there is actually a change in representation, the change is small enough
to not matter much until then.

As a side note, I'm keeping track of requested enhancements to design
and bring to the authz code once authz is in svnserve. So far I have:
  - Rewrite authz to use a different, more efficient internal
representation of authz files.
  - Add wildcard support to authz files (exactly what that means to be
  - Enable writing of ACLs on properties (and revprops?).

If you have other todos to add to this list, please let me know. When
the time comes I'll send implementation proposals to the list for
further discussion.

- Dave.

Commit message for patch 1:
Make the authz lookup return errors when it runs into an invalid
configuration file during operation.
* subversion/include/svn_error_codes.h: New error. Update copyright
* subversion/libsvn_repos/authz.c
   (authz_baton): Add a svn_error_t* to throw errors out of enumeration
    authz_get_tree_access): Change prototype to return errors, add
     error checking code. All callers changed.
   (authz_parse_line, authz_parse_section): Throw errors and halt
     configuration traversal if necessary.
   (svn_repos_authz_check_access): Throw errors back to the caller.
* subversion/tests/libsvn_repos/repos-test.c
   (authz_get_handle): New function. Factor out the converting a char*
     authz file contents to a parsed svn_config_t* from the authz test
   (authz): Add a second batch of tests to ensure that invalid authz
     configurations are caught during the authz lookup.
Commit message for patch 2:
Add a function which opens and verifies that an authz configuration file
does not contain any logic errors.
* subversion/include/svn_repos.h
   (svn_repos_authz_read): New public API.
* subversion/libsvn_repos/authz.c
   (authz_validate_rule, authz_validate_group, authz_validate_section):
     New internal functions.
   (svn_repos_authz_read): New function.
* subversion/mod_authz_svn/mod_authz_svn.c
   (req_check_access): replace call to svn_config_read with a call to
* subversion/tests/libsvn_repos/repos-test.c
   (authz_get_handle): Replace call to svn_config_read with a call to
   (authz): Modify the error-checking tests to test immediately after
     file load rather than after an authz lookup.
Commit message for patch 3:
Introduce a new data type to represent authz access control lists, in
prevision of rewriting the current authz algorithm to use a different
internal representation.
* subversion/include/svn_repos.h
   (svn_authz_t): New opaque data type.
   (svn_repos_authz_read, svn_repos_authz_check_access): use svn_authz_t
     for authz configuration.
* subversion/mod_authz_svn/mod_authz_svn.c,
     Use svn_authz_t instead of svn_config_t for handles to authz

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Wed Jul 13 05:01:23 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.