[PATCH] Unify sasl name from svn/subversion to just svn

From: Eric Gillespie <epg_at_google.com>
Date: Wed, 06 Feb 2008 16:36:04 -0800

[[[
Instead of passing "subversion" to sasl_server_init and "svn" to
sasl_client_new sasl_server_new, define new macro for "svn" and
use that everywhere. Reduces burden on administrators, having to
configure /usr/lib/sasl2/subversion.conf on the one hand but using
svn on the other hand (e.g. in making a Kerberos principal).

* subversion/include/svn_ra_svn.h
(SVN_RA_SVN_SASL_NAME): Add new macro.

* subversion/libsvn_ra_svn/cyrus_auth.c
(new_sasl_ctx): Use SVN_RA_SVN_SASL_NAME instead of "svn".

* subversion/svnserve/cyrus_auth.c
(initialize): Use SVN_RA_SVN_SASL_NAME instead of "subversion".
(cyrus_auth_request): Use SVN_RA_SVN_SASL_NAME instead of "svn".

* notes/sasl.txt
Update.
]]]

Index: notes/sasl.txt
===================================================================
--- notes/sasl.txt (revision 29213)
+++ notes/sasl.txt (working copy)
@@ -82,13 +82,13 @@
   First, you need to configure how the Cyrus SASL library should authenticate
   a client's username and password. These options are not stored in
   svnserve.conf, but in a special configuration file read by Cyrus SASL. This
- file must be named subversion.conf. Cyrus SASL will look for this file in a
+ file must be named svn.conf. Cyrus SASL will look for this file in a
   known location, usually the same directory where its plugins are located,
   i.e. /usr/lib/sasl2. Some SASL distributions will look for the file in a
   different directory, e.g. /etc/sasl2.

   The list of possible options can be found in the doc/options.html file in the
- Cyrus SASL sources. A simple subversion.conf might look like this:
+ Cyrus SASL sources. A simple svn.conf might look like this:

     pwcheck_method: auxprop
     auxprop_plugin: sasldb
@@ -120,7 +120,7 @@
   in a local database, you can use Kerberos, LDAP, you can store passwords in
   a SQL database, etc. Read the SASL documentation for details.

- After creating the subversion.conf file, you need to tell svnserve to start
+ After creating the svn.conf file, you need to tell svnserve to start
   using Cyrus SASL for authentication. To do this, just set "use-sasl" to
   "true" in the [sasl] section of the svnserve.conf file. You should now be
   able to authenticate.
@@ -136,7 +136,7 @@
     "SearchPath": set this to the path where SASL's plugins (the *.dll files)
                   are located
     "ConfFile": set this to the path where Cyrus SASL should look for the
- subversion.conf file
+ svn.conf file

5. Compatibility
================
Index: subversion/include/svn_ra_svn.h
===================================================================
--- subversion/include/svn_ra_svn.h (revision 29213)
+++ subversion/include/svn_ra_svn.h (working copy)
@@ -39,6 +39,10 @@
/** The well-known svn port number. */
#define SVN_RA_SVN_PORT 3690

+/** The application and service name used for sasl_client_new,
+ * sasl_server_init, and sasl_server_new. */
+#define SVN_RA_SVN_SASL_NAME "svn"
+
/** Currently-defined capabilities. */
#define SVN_RA_SVN_CAP_EDIT_PIPELINE "edit-pipeline"
#define SVN_RA_SVN_CAP_SVNDIFF1 "svndiff1"
Index: subversion/libsvn_ra_svn/cyrus_auth.c
===================================================================
--- subversion/libsvn_ra_svn/cyrus_auth.c (revision 29213)
+++ subversion/libsvn_ra_svn/cyrus_auth.c (working copy)
@@ -326,7 +326,8 @@
   sasl_security_properties_t secprops;
   int result;

- result = sasl_client_new("svn", hostname, local_addrport, remote_addrport,
+ result = sasl_client_new(SVN_RA_SVN_SASL_NAME,
+ hostname, local_addrport, remote_addrport,
                            callbacks, SASL_SUCCESS_DATA,
                            sasl_ctx);
   if (result != SASL_OK)
Index: subversion/svnserve/cyrus_auth.c
===================================================================
--- subversion/svnserve/cyrus_auth.c (revision 29213)
+++ subversion/svnserve/cyrus_auth.c (working copy)
@@ -105,7 +105,7 @@

   /* The second parameter tells SASL to look for a configuration file
      named subversion.conf. */
- result = sasl_server_init(callbacks, "subversion");
+ result = sasl_server_init(callbacks, SVN_RA_SVN_SASL_NAME);
   if (result != SASL_OK)
     {
       svn_error_t *err = svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
@@ -247,7 +247,7 @@

   /* Create a SASL context. SASL_SUCCESS_DATA tells SASL that the protocol
      supports sending data along with the final "success" message. */
- result = sasl_server_new("svn",
+ result = sasl_server_new(SVN_RA_SVN_SASL_NAME,
                            hostname, b->realm,
                            localaddrport, remoteaddrport,
                            NULL, SASL_SUCCESS_DATA,

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-02-07 01:38:01 CET

This message: [ Message body ]
Next message: C. Michael Pilato: "Scary test suite issue!"
Previous message: Eric Gillespie: "[PATCH] Fix svnserve gssapi (and likely some other sasl backends)"
Next in thread: David Glasser: "Re: [PATCH] Unify sasl name from svn/subversion to just svn"
Reply: David Glasser: "Re: [PATCH] Unify sasl name from svn/subversion to just svn"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]