← Back to branch summary

~ubuntu-branches/debian/sid/subversion/sid

« back to all changes in this revision

Viewing changes to subversion/libsvn_subr/ssl_client_cert_pw_providers.c

  • Committer: Package Import Robot
  • Author(s): James McCoy
  • Date: 2015-08-07 21:32:47 UTC
  • mfrom: (0.2.15) (4.1.7 experimental)
  • Revision ID: package-import@ubuntu.com-20150807213247-ozyewtmgsr6tkewl
Tags: 1.9.0-1
http://bugs.debian.org/791844
* Upload to unstable
* New upstream release.
  + Security fixes
    - CVE-2015-3184: Mixed anonymous/authenticated path-based authz with
      httpd 2.4
    - CVE-2015-3187: svn_repos_trace_node_locations() reveals paths hidden
      by authz
* Add >= 2.7 requirement for python-all-dev Build-Depends, needed to run
  tests.
* Remove Build-Conflicts against ruby-test-unit.  (Closes: #791844)
* Remove patches/apache_module_dependency in favor of expressing the
  dependencies in authz_svn.load/dav_svn.load.
* Build-Depend on apache2-dev (>= 2.4.16) to ensure ap_some_authn_required()
  is available when building mod_authz_svn and Depend on apache2-bin (>=
  2.4.16) for runtime support.

Show diffs side-by-side

added added

removed removed

Lines of Context:
subversion/libsvn_subr/ssl_client_cert_pw_providers.c
39
39
/* File provider                                                         */
40
40
/*-----------------------------------------------------------------------*/
41
41
 
42
 
/* The keys that will be stored on disk.  These serve the same role as
43
 
 * similar constants in other providers.
44
 
 *
45
 
 * AUTHN_PASSTYPE_KEY just records the passphrase type next to the
46
 
 * passphrase, so that anyone who is manually editing their authn
47
 
 * files can know which provider owns the password.
48
 
 */
49
 
#define AUTHN_PASSPHRASE_KEY            "passphrase"
50
 
#define AUTHN_PASSTYPE_KEY              "passtype"
51
 
 
52
42
/* Baton type for the ssl client cert passphrase provider. */
53
43
typedef struct ssl_client_cert_pw_file_provider_baton_t
54
44
{
75
65
                                 apr_pool_t *pool)
76
66
{
77
67
  svn_string_t *str;
78
 
  str = svn_hash_gets(creds, AUTHN_PASSPHRASE_KEY);
 
68
  str = svn_hash_gets(creds, SVN_CONFIG_AUTHN_PASSPHRASE_KEY);
79
69
  if (str && str->data)
80
70
    {
81
71
      *passphrase = str->data;
98
88
                                 svn_boolean_t non_interactive,
99
89
                                 apr_pool_t *pool)
100
90
{
101
 
  svn_hash_sets(creds, AUTHN_PASSPHRASE_KEY,
 
91
  svn_hash_sets(creds, SVN_CONFIG_AUTHN_PASSPHRASE_KEY,
102
92
                svn_string_create(passphrase, pool));
103
93
  *done = TRUE;
104
94
  return SVN_NO_ERROR;
308
298
 
309
299
          if (*saved && passtype)
310
300
            {
311
 
              svn_hash_sets(creds_hash, AUTHN_PASSTYPE_KEY,
 
301
              svn_hash_sets(creds_hash, SVN_CONFIG_AUTHN_PASSTYPE_KEY,
312
302
                            svn_string_create(passtype, pool));
313
303
            }
314
304