2
* ssl_client_cert_pw_providers.c: providers for
3
* SVN_AUTH_CRED_SSL_CLIENT_CERT_PW
5
* ====================================================================
6
* Copyright (c) 2000-2004 CollabNet. All rights reserved.
8
* This software is licensed as described in the file COPYING, which
9
* you should have received as part of this distribution. The terms
10
* are also available at http://subversion.tigris.org/license-1.html.
11
* If newer versions of this license are posted there, you may use a
12
* newer version instead, at your option.
14
* This software consists of voluntary contributions made by many
15
* individuals. For exact contribution history, see the revision
16
* history and logs, available at http://subversion.tigris.org/.
17
* ====================================================================
20
/* ==================================================================== */
26
#include <apr_pools.h>
27
#include "svn_client.h"
29
#include "svn_error.h"
30
#include "svn_config.h"
33
/*-----------------------------------------------------------------------*/
35
/*-----------------------------------------------------------------------*/
37
/* retrieve and load a password for a client certificate from servers file */
39
ssl_client_cert_pw_file_first_credentials (void **credentials_p,
42
apr_hash_t *parameters,
43
const char *realmstring,
46
svn_config_t *cfg = apr_hash_get (parameters,
47
SVN_AUTH_PARAM_CONFIG,
49
const char *server_group = apr_hash_get (parameters,
50
SVN_AUTH_PARAM_SERVER_GROUP,
53
const char *password =
54
svn_config_get_server_setting (cfg, server_group,
55
SVN_CONFIG_OPTION_SSL_CLIENT_CERT_PASSWORD,
59
svn_auth_cred_ssl_client_cert_pw_t *cred
60
= apr_palloc (pool, sizeof (*cred));
61
cred->password = password;
62
cred->may_save = FALSE;
63
*credentials_p = cred;
65
else *credentials_p = NULL;
71
static const svn_auth_provider_t ssl_client_cert_pw_file_provider = {
72
SVN_AUTH_CRED_SSL_CLIENT_CERT_PW,
73
ssl_client_cert_pw_file_first_credentials,
79
/*** Public API to SSL file providers. ***/
81
svn_client_get_ssl_client_cert_pw_file_provider (
82
svn_auth_provider_object_t **provider,
85
svn_auth_provider_object_t *po = apr_pcalloc (pool, sizeof(*po));
86
po->vtable = &ssl_client_cert_pw_file_provider;
91
/*-----------------------------------------------------------------------*/
93
/*-----------------------------------------------------------------------*/
95
/* Baton type for client passphrase prompting.
96
There is no iteration baton type. */
99
svn_auth_ssl_client_cert_pw_prompt_func_t prompt_func;
102
/* how many times to re-prompt after the first one fails */
104
} ssl_client_cert_pw_prompt_provider_baton_t;
106
/* Iteration baton. */
109
/* The original provider baton */
110
ssl_client_cert_pw_prompt_provider_baton_t *pb;
112
/* The original realmstring */
113
const char *realmstring;
115
/* how many times we've reprompted */
117
} ssl_client_cert_pw_prompt_iter_baton_t;
121
ssl_client_cert_pw_prompt_first_cred (void **credentials_p,
123
void *provider_baton,
124
apr_hash_t *parameters,
125
const char *realmstring,
128
ssl_client_cert_pw_prompt_provider_baton_t *pb = provider_baton;
129
ssl_client_cert_pw_prompt_iter_baton_t *ib =
130
apr_pcalloc (pool, sizeof (*ib));
131
const char *no_auth_cache = apr_hash_get (parameters,
132
SVN_AUTH_PARAM_NO_AUTH_CACHE,
133
APR_HASH_KEY_STRING);
135
SVN_ERR (pb->prompt_func ((svn_auth_cred_ssl_client_cert_pw_t **)
136
credentials_p, pb->prompt_baton, realmstring,
137
! no_auth_cache, pool));
140
ib->realmstring = apr_pstrdup (pool, realmstring);
149
ssl_client_cert_pw_prompt_next_cred (void **credentials_p,
151
void *provider_baton,
152
apr_hash_t *parameters,
153
const char *realmstring,
156
ssl_client_cert_pw_prompt_iter_baton_t *ib = iter_baton;
157
const char *no_auth_cache = apr_hash_get (parameters,
158
SVN_AUTH_PARAM_NO_AUTH_CACHE,
159
APR_HASH_KEY_STRING);
161
if (ib->retries >= ib->pb->retry_limit)
163
/* give up, go on to next provider. */
164
*credentials_p = NULL;
169
SVN_ERR (ib->pb->prompt_func ((svn_auth_cred_ssl_client_cert_pw_t **)
170
credentials_p, ib->pb->prompt_baton,
171
ib->realmstring, ! no_auth_cache, pool));
177
static const svn_auth_provider_t client_cert_pw_prompt_provider = {
178
SVN_AUTH_CRED_SSL_CLIENT_CERT_PW,
179
ssl_client_cert_pw_prompt_first_cred,
180
ssl_client_cert_pw_prompt_next_cred,
185
void svn_client_get_ssl_client_cert_pw_prompt_provider (
186
svn_auth_provider_object_t **provider,
187
svn_auth_ssl_client_cert_pw_prompt_func_t prompt_func,
192
svn_auth_provider_object_t *po = apr_pcalloc (pool, sizeof(*po));
193
ssl_client_cert_pw_prompt_provider_baton_t *pb =
194
apr_palloc (pool, sizeof(*pb));
196
pb->prompt_func = prompt_func;
197
pb->prompt_baton = prompt_baton;
198
pb->retry_limit = retry_limit;
200
po->vtable = &client_cert_pw_prompt_provider;
201
po->provider_baton = pb;