Index: subversion/mod_authz_svn/mod_authz_svn.c =================================================================== --- subversion/mod_authz_svn/mod_authz_svn.c (revision 1383873) +++ subversion/mod_authz_svn/mod_authz_svn.c (working copy) @@ -44,6 +44,7 @@ #include "svn_config.h" #include "svn_string.h" #include "svn_repos.h" +#include "svn_pools.h" #include "svn_dirent_uri.h" #include "private/svn_fspath.h" @@ -164,7 +165,8 @@ * Get the, possibly cached, svn_authz_t for this request. */ static svn_authz_t * -get_access_conf(request_rec *r, authz_svn_config_rec *conf) +get_access_conf(request_rec *r, authz_svn_config_rec *conf, + apr_pool_t *scratch_pool) { const char *cache_key = NULL; const char *access_file; @@ -182,7 +184,7 @@ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "%s", dav_err->desc); return NULL; } - access_file = svn_dirent_join_many(r->pool, repos_path, "conf", + access_file = svn_dirent_join_many(scratch_pool, repos_path, "conf", conf->repo_relative_access_file, NULL); } @@ -194,7 +196,7 @@ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "Path to authz file is %s", access_file); - cache_key = apr_pstrcat(r->pool, "mod_authz_svn:", + cache_key = apr_pstrcat(scratch_pool, "mod_authz_svn:", access_file, (char *)NULL); apr_pool_userdata_get(&user_data, cache_key, r->connection->pool); access_conf = user_data; @@ -243,12 +245,13 @@ /* Return the username to authorize, with case-conversion performed if CONF->force_username_case is set. */ static char * -get_username_to_authorize(request_rec *r, authz_svn_config_rec *conf) +get_username_to_authorize(request_rec *r, authz_svn_config_rec *conf, + apr_pool_t *pool) { char *username_to_authorize = r->user; if (username_to_authorize && conf->force_username_case) { - username_to_authorize = apr_pstrdup(r->pool, r->user); + username_to_authorize = apr_pstrdup(pool, r->user); convert_case(username_to_authorize, strcasecmp(conf->force_username_case, "upper") == 0); } @@ -283,7 +286,8 @@ svn_authz_t *access_conf = NULL; svn_error_t *svn_err; char errbuf[256]; - const char *username_to_authorize = get_username_to_authorize(r, conf); + const char *username_to_authorize = get_username_to_authorize(r, conf, + r->pool); switch (r->method_number) { @@ -419,7 +423,7 @@ } /* Retrieve/cache authorization file */ - access_conf = get_access_conf(r,conf); + access_conf = get_access_conf(r,conf, r->pool); if (access_conf == NULL) return DECLINED; @@ -577,14 +581,13 @@ } /* - * This function is used as a provider to allow mod_dav_svn to bypass the - * generation of an apache request when checking GET access from - * "mod_dav_svn/authz.c" . + * Implementation of subreq_bypass with scratch_pool parameter. */ static int -subreq_bypass(request_rec *r, - const char *repos_path, - const char *repos_name) +subreq_bypass2(request_rec *r, + const char *repos_path, + const char *repos_name, + apr_pool_t *scratch_pool) { svn_error_t *svn_err = NULL; svn_authz_t *access_conf = NULL; @@ -595,18 +598,18 @@ conf = ap_get_module_config(r->per_dir_config, &authz_svn_module); - username_to_authorize = get_username_to_authorize(r, conf); + username_to_authorize = get_username_to_authorize(r, conf, scratch_pool); /* If configured properly, this should never be true, but just in case. */ if (!conf->anonymous || (! (conf->access_file || conf->repo_relative_access_file))) { log_access_verdict(APLOG_MARK, r, 0, repos_path, NULL); - return HTTP_FORBIDDEN; + return HTTP_FORBIDDEN; } /* Retrieve authorization file */ - access_conf = get_access_conf(r, conf); + access_conf = get_access_conf(r, conf, scratch_pool); if (access_conf == NULL) return HTTP_FORBIDDEN; @@ -620,7 +623,7 @@ username_to_authorize, svn_authz_none|svn_authz_read, &authz_access_granted, - r->pool); + scratch_pool); if (svn_err) { ap_log_rerror(APLOG_MARK, APLOG_ERR, @@ -650,6 +653,25 @@ } /* + * This function is used as a provider to allow mod_dav_svn to bypass the + * generation of an apache request when checking GET access from + * "mod_dav_svn/authz.c" . + */ +static int +subreq_bypass(request_rec *r, + const char *repos_path, + const char *repos_name) +{ + int status; + apr_pool_t *scratch_pool; + + scratch_pool = svn_pool_create(r->pool); + status = subreq_bypass2(r, repos_path, repos_name, scratch_pool); + svn_pool_destroy(scratch_pool); + + return status; +} +/* * Hooks */