Re: crash in 1.4.2 and https

From: Ben Collins-Sussman <sussman_at_red-bean.com>
Date: 2006-11-13 16:21:56 CET

Well, there must be some code somewhere that is calling the svn_auth.h
API incorrectly. The API says that the client code should first call
svn_auth_first_credentials(), which will either return creds or not.
If creds are returned and fail to authenticate, then the caller can
try fetching 'more' credentials by calling svn_auth_next_credentials()
over and over, until we run out of creds (creds comes back as NULL.)

If you look at the code to first_credentials(), the only time the
iter_baton is set to NULL is when there are no creds at all. That
means the some SSPI code must be calling next_credentials() even when
first_credentials() returned nothing! That would very wrong. :-)

I can't help with debugging the SSPI scenario, but perhaps we should
patch next_credentials() to check that (iter_baton != NULL), and throw
a real svn_error_t if it is.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Nov 13 16:22:16 2006

This message: [ Message body ]
Next message: C. Michael Pilato: "Re: 1.4.2 win32 binaries?"
Previous message: Stefan Küng: "Re: crash in 1.4.2 and https"
In reply to: Stefan Küng: "Re: crash in 1.4.2 and https"
Next in thread: C. Michael Pilato: "Re: crash in 1.4.2 and https"
Reply: C. Michael Pilato: "Re: crash in 1.4.2 and https"
Reply: Stefan Küng: "Re: crash in 1.4.2 and https"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]