You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by ph...@apache.org on 2013/06/04 10:51:04 UTC

svn commit: r1489339 - /subversion/trunk/subversion/mod_dav_svn/lock.c

Author: philip
Date: Tue Jun  4 08:51:03 2013
New Revision: 1489339

URL: http://svn.apache.org/r1489339
Log:
Return "501 Not Implemented" rather than "401 Unathorized" when
anonymous LOCK requests fail.  Return "412 Precondition Failed"
rather than "401 Unathorized" when a LOCK refresh has the wrong
token.  The 401 responses were not valid HTTP.  Fixes part of
issue 4368.

* subversion/mod_dav_svn/lock.c
  (append_locks, remove_lock): Return 501.
  (refresh_locks): Return 501 or 412.

Modified:
    subversion/trunk/subversion/mod_dav_svn/lock.c

Modified: subversion/trunk/subversion/mod_dav_svn/lock.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/mod_dav_svn/lock.c?rev=1489339&r1=1489338&r2=1489339&view=diff
==============================================================================
--- subversion/trunk/subversion/mod_dav_svn/lock.c (original)
+++ subversion/trunk/subversion/mod_dav_svn/lock.c Tue Jun  4 08:51:03 2013
@@ -647,7 +647,7 @@ append_locks(dav_lockdb *lockdb,
 
   /* We don't allow anonymous locks */
   if (! repos->username)
-    return dav_svn__new_error(resource->pool, HTTP_UNAUTHORIZED,
+    return dav_svn__new_error(resource->pool, HTTP_NOT_IMPLEMENTED,
                               DAV_ERR_LOCK_SAVE_LOCK,
                               "Anonymous lock creation is not allowed.");
 
@@ -776,7 +776,7 @@ append_locks(dav_lockdb *lockdb,
   if (serr && serr->apr_err == SVN_ERR_FS_NO_USER)
     {
       svn_error_clear(serr);
-      return dav_svn__new_error(resource->pool, HTTP_UNAUTHORIZED,
+      return dav_svn__new_error(resource->pool, HTTP_NOT_IMPLEMENTED,
                                 DAV_ERR_LOCK_SAVE_LOCK,
                                 "Anonymous lock creation is not allowed.");
     }
@@ -886,7 +886,7 @@ remove_lock(dav_lockdb *lockdb,
       if (serr && serr->apr_err == SVN_ERR_FS_NO_USER)
         {
           svn_error_clear(serr);
-          return dav_svn__new_error(resource->pool, HTTP_UNAUTHORIZED,
+          return dav_svn__new_error(resource->pool, HTTP_NOT_IMPLEMENTED,
                                     DAV_ERR_LOCK_SAVE_LOCK,
                                     "Anonymous lock removal is not allowed.");
         }
@@ -953,7 +953,7 @@ refresh_locks(dav_lockdb *lockdb,
      current lock on the incoming resource? */
   if ((! slock)
       || (strcmp(token->uuid_str, slock->token) != 0))
-    return dav_svn__new_error(resource->pool, HTTP_UNAUTHORIZED,
+    return dav_svn__new_error(resource->pool, HTTP_PRECONDITION_FAILED,
                               DAV_ERR_LOCK_SAVE_LOCK,
                               "Lock refresh request doesn't match existing "
                               "lock.");
@@ -974,7 +974,7 @@ refresh_locks(dav_lockdb *lockdb,
   if (serr && serr->apr_err == SVN_ERR_FS_NO_USER)
     {
       svn_error_clear(serr);
-      return dav_svn__new_error(resource->pool, HTTP_UNAUTHORIZED,
+      return dav_svn__new_error(resource->pool, HTTP_NOT_IMPLEMENTED,
                                 DAV_ERR_LOCK_SAVE_LOCK,
                                 "Anonymous lock refreshing is not allowed.");
     }