You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by cm...@apache.org on 2010/09/15 21:39:04 UTC

svn commit: r997474 - in /subversion/trunk/subversion: svnserve/serve.c tests/cmdline/authz_tests.py

Author: cmpilato
Date: Wed Sep 15 19:39:04 2010
New Revision: 997474

URL: http://svn.apache.org/viewvc?rev=997474&view=rev
Log:
For issue #3709 ("Inconsistency between "svn list" and "svn
checkout"), teach svnserve not to transmit unreadable paths in its
get-dir command response.  I think this completes the fixes for this
issue.

* subversion/svnserve/serve.c
  (get_dir): Authorize each child to be returned, omitting those that
    the user isn't allowed to read.

* subversion/tests/cmdline/authz_tests.py
  (test_list): No longer expect authz_recursive_ls() to fail over ra-svn.

Modified:
    subversion/trunk/subversion/svnserve/serve.c
    subversion/trunk/subversion/tests/cmdline/authz_tests.py

Modified: subversion/trunk/subversion/svnserve/serve.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/svnserve/serve.c?rev=997474&r1=997473&r2=997474&view=diff
==============================================================================
--- subversion/trunk/subversion/svnserve/serve.c (original)
+++ subversion/trunk/subversion/svnserve/serve.c Wed Sep 15 19:39:04 2010
@@ -1452,6 +1452,14 @@ static svn_error_t *get_dir(svn_ra_svn_c
           svn_pool_clear(subpool);
 
           file_path = svn_uri_join(full_path, name, subpool);
+
+          if (! lookup_access(subpool, b, conn, svn_authz_read,
+                              file_path, FALSE))
+            {
+              apr_hash_set(entries, name, APR_HASH_KEY_STRING, NULL);
+              continue;
+            }
+
           entry = apr_pcalloc(pool, sizeof(*entry));
 
           if (dirent_fields & SVN_DIRENT_KIND)

Modified: subversion/trunk/subversion/tests/cmdline/authz_tests.py
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/tests/cmdline/authz_tests.py?rev=997474&r1=997473&r2=997474&view=diff
==============================================================================
--- subversion/trunk/subversion/tests/cmdline/authz_tests.py (original)
+++ subversion/trunk/subversion/tests/cmdline/authz_tests.py Wed Sep 15 19:39:04 2010
@@ -1091,9 +1091,8 @@ test_list = [ None,
               Skip(wc_wc_copy, svntest.main.is_ra_type_file),
               Skip(wc_wc_copy_revert,
                    svntest.main.is_ra_type_file),
-              XFail(Skip(authz_recursive_ls,
-                         svntest.main.is_ra_type_file),
-                    svntest.main.is_ra_type_svn),
+              Skip(authz_recursive_ls,
+                   svntest.main.is_ra_type_file),
              ]
 
 if __name__ == '__main__':