← Back to branch summary

~ubuntu-branches/debian/sid/subversion/sid

« back to all changes in this revision

Viewing changes to subversion/mod_dav_svn/reports/log.c

  • Committer: Package Import Robot
  • Author(s): James McCoy
  • Date: 2015-08-07 21:32:47 UTC
  • mfrom: (0.2.15) (4.1.7 experimental)
  • Revision ID: package-import@ubuntu.com-20150807213247-ozyewtmgsr6tkewl
Tags: 1.9.0-1
http://bugs.debian.org/791844
* Upload to unstable
* New upstream release.
  + Security fixes
    - CVE-2015-3184: Mixed anonymous/authenticated path-based authz with
      httpd 2.4
    - CVE-2015-3187: svn_repos_trace_node_locations() reveals paths hidden
      by authz
* Add >= 2.7 requirement for python-all-dev Build-Depends, needed to run
  tests.
* Remove Build-Conflicts against ruby-test-unit.  (Closes: #791844)
* Remove patches/apache_module_dependency in favor of expressing the
  dependencies in authz_svn.load/dav_svn.load.
* Build-Depend on apache2-dev (>= 2.4.16) to ensure ap_some_authn_required()
  is available when building mod_authz_svn and Depend on apache2-bin (>=
  2.4.16) for runtime support.

Show diffs side-by-side

added added

removed removed

Lines of Context:
subversion/mod_dav_svn/reports/log.c
65
65
 
66
66
  /* whether the client can handle encoded binary property values */
67
67
  svn_boolean_t encode_binary_props;
 
68
 
 
69
  /* Helper variables to force early bucket brigade flushes */
 
70
  int result_count;
 
71
  int next_forced_flush;
68
72
};
69
73
 
70
74
 
87
91
  return SVN_NO_ERROR;
88
92
}
89
93
 
 
94
/* Utility for log_receiver opening a new XML element in LRB's brigade
 
95
   for LOG_ITEM and return the element's name in *ELEMENT.  Use POOL for
 
96
   temporary allocations.
 
97
 
 
98
   Call this function for items that may have a copy-from */
 
99
static svn_error_t *
 
100
start_path_with_copy_from(const char **element,
 
101
                          struct log_receiver_baton *lrb,
 
102
                          svn_log_changed_path2_t *log_item,
 
103
                          apr_pool_t *pool)
 
104
{
 
105
  switch (log_item->action)
 
106
    {
 
107
      case 'A': *element = "S:added-path";
 
108
                break;
 
109
      case 'R': *element = "S:replaced-path";
 
110
                break;
 
111
      default:  /* Caller, you did wrong! */
 
112
                SVN_ERR_MALFUNCTION();
 
113
    }
 
114
 
 
115
  if (log_item->copyfrom_path
 
116
      && SVN_IS_VALID_REVNUM(log_item->copyfrom_rev))
 
117
    SVN_ERR(dav_svn__brigade_printf
 
118
            (lrb->bb, lrb->output,
 
119
             "<%s copyfrom-path=\"%s\" copyfrom-rev=\"%ld\"",
 
120
             *element,
 
121
             apr_xml_quote_string(pool,
 
122
                                  log_item->copyfrom_path,
 
123
                                  1), /* escape quotes */
 
124
             log_item->copyfrom_rev));
 
125
  else
 
126
    SVN_ERR(dav_svn__brigade_printf(lrb->bb, lrb->output, "<%s", *element));
 
127
 
 
128
  return SVN_NO_ERROR;
 
129
}
 
130
 
90
131
 
91
132
/* This implements `svn_log_entry_receiver_t'.
92
133
   BATON is a `struct log_receiver_baton *'.  */
203
244
          switch (log_item->action)
204
245
            {
205
246
            case 'A':
206
 
              if (log_item->copyfrom_path
207
 
                  && SVN_IS_VALID_REVNUM(log_item->copyfrom_rev))
208
 
                SVN_ERR(dav_svn__brigade_printf
209
 
                        (lrb->bb, lrb->output,
210
 
                         "<S:added-path copyfrom-path=\"%s\""
211
 
                         " copyfrom-rev=\"%ld\"",
212
 
                         apr_xml_quote_string(iterpool,
213
 
                                              log_item->copyfrom_path,
214
 
                                              1), /* escape quotes */
215
 
                         log_item->copyfrom_rev));
216
 
              else
217
 
                SVN_ERR(dav_svn__brigade_puts(lrb->bb, lrb->output,
218
 
                                              "<S:added-path"));
219
 
 
220
 
              close_element = "S:added-path";
221
 
              break;
222
 
 
223
247
            case 'R':
224
 
              if (log_item->copyfrom_path
225
 
                  && SVN_IS_VALID_REVNUM(log_item->copyfrom_rev))
226
 
                SVN_ERR(dav_svn__brigade_printf
227
 
                        (lrb->bb, lrb->output,
228
 
                         "<S:replaced-path copyfrom-path=\"%s\""
229
 
                         " copyfrom-rev=\"%ld\"",
230
 
                         apr_xml_quote_string(iterpool,
231
 
                                              log_item->copyfrom_path,
232
 
                                              1), /* escape quotes */
233
 
                         log_item->copyfrom_rev));
234
 
              else
235
 
                SVN_ERR(dav_svn__brigade_puts(lrb->bb, lrb->output,
236
 
                                              "<S:replaced-path"));
237
 
 
238
 
              close_element = "S:replaced-path";
 
248
              SVN_ERR(start_path_with_copy_from(&close_element, lrb,
 
249
                                                log_item, iterpool));
239
250
              break;
240
251
 
241
252
            case 'D':
275
286
  SVN_ERR(dav_svn__brigade_puts(lrb->bb, lrb->output,
276
287
                                "</S:log-item>" DEBUG_CR));
277
288
 
 
289
  /* In general APR will flush the brigade every 8000 bytes through the filter
 
290
     stack, but log items may not be generated that fast, especially in
 
291
     combination with authz and busy servers. We now explictly flush after
 
292
     log-item 4, 16, 64 and 256 to produce a few results fast.
 
293
 
 
294
     This introduces 4 full flushes of our brigade and the installed output
 
295
     filters at growing intervals and then falls back to the standard
 
296
     buffering of 8000 bytes + whatever buffers are added in output filters. */
 
297
  lrb->result_count++;
 
298
  if (lrb->result_count == lrb->next_forced_flush)
 
299
    {
 
300
      apr_status_t apr_err;
 
301
 
 
302
      /* This flush is similar to that in dav_svn__final_flush_or_error().
 
303
 
 
304
         Compared to using ap_filter_flush(), which we use in other place
 
305
         this adds a flush frame before flushing the brigade, to make output
 
306
         filters perform a flush as well */
 
307
 
 
308
      /* No brigade empty check. We want output filters to flush anyway */
 
309
      apr_err = ap_fflush(lrb->output, lrb->bb);
 
310
      if (apr_err)
 
311
        return svn_error_create(apr_err, NULL, NULL);
 
312
 
 
313
      /* Check for an aborted connection, just like our brigade write
 
314
         helper functions, since the brigade functions don't appear to
 
315
         be return useful errors when the connection is dropped. */
 
316
      if (lrb->output->c->aborted)
 
317
        return svn_error_create(SVN_ERR_APMOD_CONNECTION_ABORTED,
 
318
                                NULL, NULL);
 
319
 
 
320
      if (lrb->result_count < 256)
 
321
        lrb->next_forced_flush = lrb->next_forced_flush * 4;
 
322
    }
 
323
 
278
324
  return SVN_NO_ERROR;
279
325
}
280
326
 
301
347
  svn_boolean_t discover_changed_paths = FALSE;      /* off by default */
302
348
  svn_boolean_t strict_node_history = FALSE;         /* off by default */
303
349
  svn_boolean_t include_merged_revisions = FALSE;    /* off by default */
 
350
 
304
351
  apr_array_header_t *revprops = apr_array_make(resource->pool, 3,
305
352
                                                sizeof(const char *));
306
353
  apr_array_header_t *paths
313
360
  ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
314
361
  if (ns == -1)
315
362
    {
316
 
      return dav_svn__new_error_tag(resource->pool, HTTP_BAD_REQUEST, 0,
 
363
      return dav_svn__new_error_svn(resource->pool, HTTP_BAD_REQUEST, 0,
317
364
                                    "The request does not contain the 'svn:' "
318
365
                                    "namespace, so it is not going to have "
319
 
                                    "certain required elements.",
320
 
                                    SVN_DAV_ERROR_NAMESPACE,
321
 
                                    SVN_DAV_ERROR_TAG);
 
366
                                    "certain required elements");
322
367
    }
323
368
 
324
369
  /* If this is still FALSE after the loop, we haven't seen either of
421
466
  lrb.stack_depth = 0;
422
467
  /* lrb.requested_custom_revprops set above */
423
468
 
 
469
  lrb.result_count = 0;
 
470
  lrb.next_forced_flush = 4;
 
471
 
424
472
  /* Our svn_log_entry_receiver_t sends the <S:log-report> header in
425
473
     a lazy fashion.  Before writing the first log message, it assures
426
474
     that the header has already been sent (checking the needs_header
443
491
                             resource->pool);
444
492
  if (serr)
445
493
    {
446
 
      derr = dav_svn__convert_err(serr, HTTP_BAD_REQUEST, serr->message,
 
494
      derr = dav_svn__convert_err(serr, HTTP_BAD_REQUEST, NULL,
447
495
                                  resource->pool);
448
496
      goto cleanup;
449
497
    }