On Mon, Oct 7, 2013 at 1:15 PM, Bert Huijben <bert_at_qqmail.nl> wrote:
>
> > - svn_config_get(repository->cfg, &pwdb_path,
> > SVN_CONFIG_SECTION_GENERAL,
> > + svn_config_get(cfg, &pwdb_path,
> > + SVN_CONFIG_SECTION_GENERAL,
> > SVN_CONFIG_OPTION_PASSWORD_DB, NULL);
> >
> > repository->pwdb = NULL;
> > @@ -305,8 +308,6 @@ svn_error_t *load_pwdb_config(server_bat
> > FALSE, FALSE, pool);
> > if (err)
> > {
> > - log_server_error(err, server, conn, pool);
> > -
> > /* Because it may be possible to read the pwdb file with some
> > access methods and not others, ignore errors reading the
> pwdb
> > file and just don't present password authentication as an
> > @@ -319,11 +320,7 @@ svn_error_t *load_pwdb_config(server_bat
> > if (err->apr_err != SVN_ERR_BAD_FILENAME
> > && ! APR_STATUS_IS_EACCES(err->apr_err))
> > {
> > - /* Now that we've logged the error, clear it and return
> a
> > - * nice, generic error to the user:
> > - *
> http://subversion.tigris.org/issues/show_bug.cgi?id=2271 */
> > - svn_error_clear(err);
> > - return svn_error_create(SVN_ERR_AUTHN_FAILED, NULL,
> NULL);
> > + return svn_error_create(SVN_ERR_AUTHN_FAILED, err, NULL);
>
>
> I like the change for debugging, but this clearly re-introduces issue
> #2271 " svnserve expose the path to the password file if it is not found"
>
> Is this message cleaned in a different place now?
>
>
Serve() now calls the new handle_config_error() to sanitize the errors.
BTW, thanks for reviewing!
-- Stefan^2.
Received on 2013-10-07 16:18:01 CEST