[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

[PATCH] Unify sasl name from svn/subversion to just svn

From: Eric Gillespie <epg_at_google.com>
Date: Wed, 06 Feb 2008 16:36:04 -0800

Instead of passing "subversion" to sasl_server_init and "svn" to
sasl_client_new sasl_server_new, define new macro for "svn" and
use that everywhere. Reduces burden on administrators, having to
configure /usr/lib/sasl2/subversion.conf on the one hand but using
svn on the other hand (e.g. in making a Kerberos principal).

* subversion/include/svn_ra_svn.h
  (SVN_RA_SVN_SASL_NAME): Add new macro.

* subversion/libsvn_ra_svn/cyrus_auth.c
  (new_sasl_ctx): Use SVN_RA_SVN_SASL_NAME instead of "svn".

* subversion/svnserve/cyrus_auth.c
  (initialize): Use SVN_RA_SVN_SASL_NAME instead of "subversion".
  (cyrus_auth_request): Use SVN_RA_SVN_SASL_NAME instead of "svn".

* notes/sasl.txt

Index: notes/sasl.txt
--- notes/sasl.txt (revision 29213)
+++ notes/sasl.txt (working copy)
@@ -82,13 +82,13 @@
   First, you need to configure how the Cyrus SASL library should authenticate
   a client's username and password. These options are not stored in
   svnserve.conf, but in a special configuration file read by Cyrus SASL. This
- file must be named subversion.conf. Cyrus SASL will look for this file in a
+ file must be named svn.conf. Cyrus SASL will look for this file in a
   known location, usually the same directory where its plugins are located,
   i.e. /usr/lib/sasl2. Some SASL distributions will look for the file in a
   different directory, e.g. /etc/sasl2.
   The list of possible options can be found in the doc/options.html file in the
- Cyrus SASL sources. A simple subversion.conf might look like this:
+ Cyrus SASL sources. A simple svn.conf might look like this:
     pwcheck_method: auxprop
     auxprop_plugin: sasldb
@@ -120,7 +120,7 @@
   in a local database, you can use Kerberos, LDAP, you can store passwords in
   a SQL database, etc. Read the SASL documentation for details.
- After creating the subversion.conf file, you need to tell svnserve to start
+ After creating the svn.conf file, you need to tell svnserve to start
   using Cyrus SASL for authentication. To do this, just set "use-sasl" to
   "true" in the [sasl] section of the svnserve.conf file. You should now be
   able to authenticate.
@@ -136,7 +136,7 @@
     "SearchPath": set this to the path where SASL's plugins (the *.dll files)
                   are located
     "ConfFile": set this to the path where Cyrus SASL should look for the
- subversion.conf file
+ svn.conf file
 5. Compatibility
Index: subversion/include/svn_ra_svn.h
--- subversion/include/svn_ra_svn.h (revision 29213)
+++ subversion/include/svn_ra_svn.h (working copy)
@@ -39,6 +39,10 @@
 /** The well-known svn port number. */
 #define SVN_RA_SVN_PORT 3690
+/** The application and service name used for sasl_client_new,
+ * sasl_server_init, and sasl_server_new. */
+#define SVN_RA_SVN_SASL_NAME "svn"
 /** Currently-defined capabilities. */
 #define SVN_RA_SVN_CAP_EDIT_PIPELINE "edit-pipeline"
 #define SVN_RA_SVN_CAP_SVNDIFF1 "svndiff1"
Index: subversion/libsvn_ra_svn/cyrus_auth.c
--- subversion/libsvn_ra_svn/cyrus_auth.c (revision 29213)
+++ subversion/libsvn_ra_svn/cyrus_auth.c (working copy)
@@ -326,7 +326,8 @@
   sasl_security_properties_t secprops;
   int result;
- result = sasl_client_new("svn", hostname, local_addrport, remote_addrport,
+ result = sasl_client_new(SVN_RA_SVN_SASL_NAME,
+ hostname, local_addrport, remote_addrport,
                            callbacks, SASL_SUCCESS_DATA,
   if (result != SASL_OK)
Index: subversion/svnserve/cyrus_auth.c
--- subversion/svnserve/cyrus_auth.c (revision 29213)
+++ subversion/svnserve/cyrus_auth.c (working copy)
@@ -105,7 +105,7 @@
   /* The second parameter tells SASL to look for a configuration file
      named subversion.conf. */
- result = sasl_server_init(callbacks, "subversion");
+ result = sasl_server_init(callbacks, SVN_RA_SVN_SASL_NAME);
   if (result != SASL_OK)
       svn_error_t *err = svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
@@ -247,7 +247,7 @@
   /* Create a SASL context. SASL_SUCCESS_DATA tells SASL that the protocol
      supports sending data along with the final "success" message. */
- result = sasl_server_new("svn",
+ result = sasl_server_new(SVN_RA_SVN_SASL_NAME,
                            hostname, b->realm,
                            localaddrport, remoteaddrport,
                            NULL, SASL_SUCCESS_DATA,

To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-02-07 01:38:01 CET

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.