[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: "svn lock" crash against certain 1.1.x servers

From: Branko Čibej <brane_at_xbc.nu>
Date: 2005-08-12 19:29:02 CEST

Ben Collins-Sussman wrote:

> On Aug 12, 2005, at 7:15 AM, Branko Čibej wrote:
>>> It's possible the different behaviour is due to a different auth setup
>>> between the tsvn server and my server. I used httpd to require
>>> read/write auth for all access, tsvn uses mod_auth_svn and probably
>>> allows read-only access as well as read/write access.
>> D'you know, I think you're right! The damn mod_authz_svn takes it
>> upon itself to return HTTP_UNAUTHORIZED in the auth_checker hook,
>> even though it's thecking authorization, not authentication. I think
>> this is a bug in mod_authz_svn. It should be returning
>> HTTP_FORBIDDEN (as in the access_checker hook), and probably
>> shouldn't provide an auth checker at all.
> CEE (tigris.org) doesn't use mod_authz_svn, but a proprietary module
> called mod_auth_svn. The name is deliberately ambiguous, because it
> registers itself as both an authn and authz hook with apache. It
> performs authn by checking the basic-auth-creds against a central CEE
> database, and performs authz by checking paths against another
> central CEE database.

Indeed, I was a bit quick off the mark here. I tested with a local
svn-1.1.1 over http with mod_authz_svn configured, and I still get a
405, not a 401. So it looks like the bug is in that mod_auth_svn?

Anyway, I've decided to commit Philip's patch, which avoids all auth
caching in this situation.

-- Brane

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Aug 12 19:33:25 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.