On Sat, 14 Dec 2019 at 13:33, Daniel Shahaf <d.s_at_daniel.shahaf.name> wrote:
> sebb wrote on Sat, 14 Dec 2019 13:17 +00:00:
> > On Sat, 14 Dec 2019 at 11:51, Daniel Shahaf <d.s_at_daniel.shahaf.name>
> wrote:
> > > sebb wrote on Sat, 14 Dec 2019 09:20 +00:00:
> > > > The code comment here [1] and the wiki [2] both state that section
> name
> > > > matching is case-insensitive.
> > > >
> > > > However my reading of the document here [3] says this changed in
> version 1.7.
> > >
> > > Thank you for taking the time to point out the specific text within
> that
> > > page you had in mind, to save us all looking for it. (It's the first
> > > "No Entry" box.)
> > >
> > > > These docs don't seem consistent to me.
> > >
> > > The two documents describe different layers. [1] and [2] describe the
> > > configuration parsing module (svn_config_*), whereas [3] — says that
> > > the implementation of authz (≤1.6) did case conversions before or
> after
> > > calling svn_config_*().
> > >
> >
> > However [2] says:
> >
>
> [2] is not normative. The C API docs are normative. The API errata,
> release notes, and CVE advisories are all fair game. But the wiki serves
> as the whiteboard in our virtual office; it isn't API documentation.
>
> However [1] says:
"Section and option names are case-insensitive, but case is preserved."
Is that still accurate?
> > "This means that, for example, you cannot have two different sections
> > named [Section] and [section];"
>
> This was true through 1.6.x. In 1.7.x, consumers of the svn_config_*
> API can decide whether section-names should be case-sensitive or not.
> See svn_config_read():
>
> [[[
> /** Similar to svn_config_read2, but always passes @c FALSE to
> * @a section_names_case_sensitive.
> *
> * @deprecated Provided for backward compatibility with 1.6 API.
> */
> SVN_DEPRECATED
> svn_error_t *
> svn_config_read(svn_config_t **cfgp,
> const char *file,
> svn_boolean_t must_exist,
> apr_pool_t *result_pool);
> ]]]
>
> > which to me implies that the following is not allowed:
> >
> > [/public]
> > * = r
> >
> > [/PuBliC]
> > * =
> >
> > Whereas according to my reading of [3] that should be allowed.
>
> It's allowed, and works:
>
> % svnauthz accessof --path /foo =(printf '%s\n' '[/foo]' '*=r'
> '[/FOO]' '*=' )
> r
> % svnauthz accessof --path /FOO =(printf '%s\n' '[/foo]' '*=r'
> '[/FOO]' '*=' )
> no
> %
>
> In 1.6 it would be case insensitive.
>
Received on 2019-12-14 14:39:20 CET