You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by br...@apache.org on 2016/04/17 22:39:18 UTC
svn commit: r1739649 - in /subversion/trunk/subversion:
include/private/ra_svn_sasl.h include/private/svn_wrapped_sasl.h
libsvn_ra_svn/cyrus_auth.c libsvn_subr/wrapped_sasl.c svnserve/cyrus_auth.c
Author: brane
Date: Sun Apr 17 20:39:18 2016
New Revision: 1739649
URL: http://svn.apache.org/viewvc?rev=1739649&view=rev
Log:
Wrap all of the SASL API that we use into a set of private functions
in order to silence the horde of warnings that are emitted on OSX
thanks to Apple having deprecated all of SASL.
* subversion/include/private/svn_wrapped_sasl.h,
subversion/libsvn_subr/wrapped_sasl.c: New. SASL API wrappers.
* subversion/include/private/ra_svn_sasl.h:
Include private/svn_wrapped_sasl.h instead of the SASL headers.
* subversion/libsvn_ra_svn/cyrus_auth.c
subversion/svnserve/cyrus_auth.c: Replace all direct calls to SASL
with calls to our wrapper functions.
Added:
subversion/trunk/subversion/include/private/svn_wrapped_sasl.h (with props)
subversion/trunk/subversion/libsvn_subr/wrapped_sasl.c (with props)
Modified:
subversion/trunk/subversion/include/private/ra_svn_sasl.h
subversion/trunk/subversion/libsvn_ra_svn/cyrus_auth.c
subversion/trunk/subversion/svnserve/cyrus_auth.c
Modified: subversion/trunk/subversion/include/private/ra_svn_sasl.h
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/include/private/ra_svn_sasl.h?rev=1739649&r1=1739648&r2=1739649&view=diff
==============================================================================
--- subversion/trunk/subversion/include/private/ra_svn_sasl.h (original)
+++ subversion/trunk/subversion/include/private/ra_svn_sasl.h Sun Apr 17 20:39:18 2016
@@ -27,14 +27,6 @@
#ifndef RA_SVN_SASL_H
#define RA_SVN_SASL_H
-#ifdef WIN32
-/* This prevents sasl.h from redefining iovec, which is always defined by APR
- on win32. */
-#define STRUCT_IOVEC_DEFINED
-#include <sasl.h>
-#else
-#include <sasl/sasl.h>
-#endif
#include <apr_errno.h>
#include <apr_pools.h>
@@ -43,6 +35,7 @@
#include "svn_ra_svn.h"
#include "private/svn_atomic.h"
+#include "private/svn_wrapped_sasl.h"
#ifdef __cplusplus
extern "C" {
Added: subversion/trunk/subversion/include/private/svn_wrapped_sasl.h
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/include/private/svn_wrapped_sasl.h?rev=1739649&view=auto
==============================================================================
--- subversion/trunk/subversion/include/private/svn_wrapped_sasl.h (added)
+++ subversion/trunk/subversion/include/private/svn_wrapped_sasl.h Sun Apr 17 20:39:18 2016
@@ -0,0 +1,127 @@
+/*
+ * svn_wrapped_sasl.h : wrapped SASL API
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ */
+
+#ifndef SVN_WRAPPED_SASL_H
+#define SVN_WRAPPED_SASL_H
+
+#ifdef WIN32
+/* This prevents sasl.h from redefining iovec,
+ which is always defined by APR on win32. */
+# define STRUCT_IOVEC_DEFINED
+# include <sasl.h>
+#else
+# include <sasl/sasl.h>
+#endif
+
+/* Apple deprecated the SASL API on Mac OS X 10.11, causing a
+ moderately huge number of deprecation warnings to be emitted during
+ compilation. Consequently, we wrap the parts of the SASL API that
+ we use in a set of private functions and disable the deprecation
+ warnings for this header and the implementation file. */
+#ifdef __APPLE__
+# if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 2)
+# pragma GCC diagnostic push
+# pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+# endif
+#endif /* __APPLE__ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+void
+svn_sasl__set_mutex(sasl_mutex_alloc_t *, sasl_mutex_lock_t *,
+ sasl_mutex_unlock_t *, sasl_mutex_free_t *);
+
+void
+svn_sasl__done(void);
+
+void
+svn_sasl__dispose(sasl_conn_t **);
+
+const char *
+svn_sasl__errstring(int, const char *, const char **);
+
+const char *
+svn_sasl__errdetail(sasl_conn_t *);
+
+int
+svn_sasl__getprop(sasl_conn_t *, int, const void **);
+
+int
+svn_sasl__setprop(sasl_conn_t *, int, const void *);
+
+int
+svn_sasl__client_init(const sasl_callback_t *);
+
+int
+svn_sasl__client_new(const char *, const char *, const char *, const char *,
+ const sasl_callback_t *, unsigned, sasl_conn_t **);
+
+int
+svn_sasl__client_start(sasl_conn_t *, const char *, sasl_interact_t **,
+ const char **, unsigned *, const char **);
+
+int
+svn_sasl__client_step(sasl_conn_t *, const char *, unsigned,
+ sasl_interact_t **, const char **, unsigned *);
+
+int
+svn_sasl__server_init(const sasl_callback_t *, const char *);
+
+int
+svn_sasl__server_new(const char *, const char *, const char *,
+ const char *, const char *, const sasl_callback_t *,
+ unsigned, sasl_conn_t **);
+
+int
+svn_sasl__listmech(sasl_conn_t *, const char *, const char *, const char *,
+ const char *, const char **, unsigned *, int *);
+
+int
+svn_sasl__server_start(sasl_conn_t *, const char *, const char *, unsigned,
+ const char **, unsigned *);
+
+int
+svn_sasl__server_step(sasl_conn_t *, const char *, unsigned,
+ const char **, unsigned *);
+
+int
+svn_sasl__encode(sasl_conn_t *, const char *, unsigned,
+ const char **, unsigned *);
+
+int
+svn_sasl__decode(sasl_conn_t *, const char *, unsigned,
+ const char **, unsigned *);
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#ifdef __APPLE__
+# if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 2)
+# pragma GCC diagnostic pop
+# endif
+#endif /* __APPLE__ */
+
+#endif /* SVN_WRAPPED_SASL_H */
Propchange: subversion/trunk/subversion/include/private/svn_wrapped_sasl.h
------------------------------------------------------------------------------
svn:eol-style = native
Modified: subversion/trunk/subversion/libsvn_ra_svn/cyrus_auth.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_svn/cyrus_auth.c?rev=1739649&r1=1739648&r2=1739649&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_ra_svn/cyrus_auth.c (original)
+++ subversion/trunk/subversion/libsvn_ra_svn/cyrus_auth.c Sun Apr 17 20:39:18 2016
@@ -68,7 +68,7 @@ static apr_status_t sasl_done_cb(void *d
apr_initialize()/apr_terminate() more than once. */
svn_ra_svn__sasl_status = 0;
if (svn_atomic_dec(&sasl_ctx_count) == 0)
- sasl_done();
+ svn_sasl__done();
return APR_SUCCESS;
}
@@ -174,10 +174,10 @@ svn_ra_svn__sasl_common_init(apr_pool_t
apr_pool_cleanup_register(sasl_pool, NULL, sasl_done_cb,
apr_pool_cleanup_null);
#if APR_HAS_THREADS
- sasl_set_mutex(sasl_mutex_alloc_cb,
- sasl_mutex_lock_cb,
- sasl_mutex_unlock_cb,
- sasl_mutex_free_cb);
+ svn_sasl__set_mutex(sasl_mutex_alloc_cb,
+ sasl_mutex_lock_cb,
+ sasl_mutex_unlock_cb,
+ sasl_mutex_free_cb);
free_mutexes = apr_array_make(sasl_pool, 0, sizeof(svn_mutex__t *));
SVN_ERR(svn_mutex__init(&array_mutex, TRUE, sasl_pool));
@@ -223,7 +223,7 @@ get_sasl_error(sasl_conn_t *sasl_ctx, in
return apr_psprintf(result_pool,
_("SASL authentication error: %s%s"),
- sasl_errdetail(sasl_ctx), sasl_errno_msg);
+ svn_sasl__errdetail(sasl_ctx), sasl_errno_msg);
}
static svn_error_t *sasl_init_cb(void *baton, apr_pool_t *pool)
@@ -232,7 +232,7 @@ static svn_error_t *sasl_init_cb(void *b
SVN_ERR(svn_ra_svn__sasl_common_init(pool));
clear_sasl_errno();
- result = sasl_client_init(NULL);
+ result = svn_sasl__client_init(NULL);
if (result != SASL_OK)
{
const char *sasl_errno_msg = get_sasl_errno_msg(result, pool);
@@ -240,7 +240,7 @@ static svn_error_t *sasl_init_cb(void *b
return svn_error_createf
(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
_("Could not initialized the SASL library: %s%s"),
- sasl_errstring(result, NULL, NULL),
+ svn_sasl__errstring(result, NULL, NULL),
sasl_errno_msg);
}
@@ -257,9 +257,9 @@ svn_error_t *svn_ra_svn__sasl_init(void)
static apr_status_t sasl_dispose_cb(void *data)
{
sasl_conn_t *sasl_ctx = data;
- sasl_dispose(&sasl_ctx);
+ svn_sasl__dispose(&sasl_ctx);
if (svn_atomic_dec(&sasl_ctx_count) == 0)
- sasl_done();
+ svn_sasl__done();
return APR_SUCCESS;
}
@@ -403,17 +403,17 @@ static svn_error_t *new_sasl_ctx(sasl_co
int result;
clear_sasl_errno();
- result = sasl_client_new(SVN_RA_SVN_SASL_NAME,
- hostname, local_addrport, remote_addrport,
- callbacks, SASL_SUCCESS_DATA,
- sasl_ctx);
+ result = svn_sasl__client_new(SVN_RA_SVN_SASL_NAME,
+ hostname, local_addrport, remote_addrport,
+ callbacks, SASL_SUCCESS_DATA,
+ sasl_ctx);
if (result != SASL_OK)
{
const char *sasl_errno_msg = get_sasl_errno_msg(result, pool);
return svn_error_createf(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
_("Could not create SASL context: %s%s"),
- sasl_errstring(result, NULL, NULL),
+ svn_sasl__errstring(result, NULL, NULL),
sasl_errno_msg);
}
svn_atomic_inc(&sasl_ctx_count);
@@ -427,8 +427,8 @@ static svn_error_t *new_sasl_ctx(sasl_co
should be the username, but since SASL doesn't seem
to use it on the client side, any non-empty string will do. */
clear_sasl_errno();
- result = sasl_setprop(*sasl_ctx,
- SASL_AUTH_EXTERNAL, " ");
+ result = svn_sasl__setprop(*sasl_ctx,
+ SASL_AUTH_EXTERNAL, " ");
if (result != SASL_OK)
return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
get_sasl_error(*sasl_ctx, result, pool));
@@ -436,7 +436,7 @@ static svn_error_t *new_sasl_ctx(sasl_co
/* Set security properties. */
svn_ra_svn__default_secprops(&secprops);
- sasl_setprop(*sasl_ctx, SASL_SEC_PROPS, &secprops);
+ svn_sasl__setprop(*sasl_ctx, SASL_SEC_PROPS, &secprops);
return SVN_NO_ERROR;
}
@@ -460,12 +460,12 @@ static svn_error_t *try_auth(svn_ra_svn_
{
again = FALSE;
clear_sasl_errno();
- result = sasl_client_start(sasl_ctx,
- mechstring,
- &client_interact,
- &out,
- &outlen,
- &mech);
+ result = svn_sasl__client_start(sasl_ctx,
+ mechstring,
+ &client_interact,
+ &out,
+ &outlen,
+ &mech);
switch (result)
{
case SASL_OK:
@@ -531,12 +531,12 @@ static svn_error_t *try_auth(svn_ra_svn_
in = svn_base64_decode_string(in, pool);
clear_sasl_errno();
- result = sasl_client_step(sasl_ctx,
- in->data,
- (const unsigned int) in->len,
- &client_interact,
- &out, /* Filled in by SASL. */
- &outlen);
+ result = svn_sasl__client_step(sasl_ctx,
+ in->data,
+ (const unsigned int) in->len,
+ &client_interact,
+ &out, /* Filled in by SASL. */
+ &outlen);
if (result != SASL_OK && result != SASL_CONTINUE)
return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
@@ -620,9 +620,9 @@ static svn_error_t *sasl_read_cb(void *b
return SVN_NO_ERROR;
}
clear_sasl_errno();
- result = sasl_decode(sasl_baton->ctx, buffer, (unsigned int) len2,
- &sasl_baton->read_buf,
- &sasl_baton->read_len);
+ result = svn_sasl__decode(sasl_baton->ctx, buffer, (unsigned int) len2,
+ &sasl_baton->read_buf,
+ &sasl_baton->read_len);
if (result != SASL_OK)
return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
get_sasl_error(sasl_baton->ctx, result,
@@ -662,9 +662,9 @@ sasl_write_cb(void *baton, const char *b
/* Make sure we don't write too much. */
*len = (*len > sasl_baton->maxsize) ? sasl_baton->maxsize : *len;
clear_sasl_errno();
- result = sasl_encode(sasl_baton->ctx, buffer, (unsigned int) *len,
- &sasl_baton->write_buf,
- &sasl_baton->write_len);
+ result = svn_sasl__encode(sasl_baton->ctx, buffer, (unsigned int) *len,
+ &sasl_baton->write_buf,
+ &sasl_baton->write_len);
if (result != SASL_OK)
return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
@@ -725,7 +725,7 @@ svn_error_t *svn_ra_svn__enable_sasl_enc
/* Get the strength of the security layer. */
clear_sasl_errno();
- result = sasl_getprop(sasl_ctx, SASL_SSF, (void*) &ssfp);
+ result = svn_sasl__getprop(sasl_ctx, SASL_SSF, (void*) &ssfp);
if (result != SASL_OK)
return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
get_sasl_error(sasl_ctx, result, pool));
@@ -745,7 +745,7 @@ svn_error_t *svn_ra_svn__enable_sasl_enc
/* Find out the maximum input size for sasl_encode. */
clear_sasl_errno();
- result = sasl_getprop(sasl_ctx, SASL_MAXOUTBUF, &maxsize);
+ result = svn_sasl__getprop(sasl_ctx, SASL_MAXOUTBUF, &maxsize);
if (result != SASL_OK)
return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
get_sasl_error(sasl_ctx, result, pool));
@@ -756,9 +756,10 @@ svn_error_t *svn_ra_svn__enable_sasl_enc
if (conn->read_end > conn->read_ptr)
{
clear_sasl_errno();
- result = sasl_decode(sasl_ctx, conn->read_ptr,
- (unsigned int) (conn->read_end - conn->read_ptr),
- &sasl_baton->read_buf, &sasl_baton->read_len);
+ result = svn_sasl__decode(
+ sasl_ctx, conn->read_ptr,
+ (unsigned int) (conn->read_end - conn->read_ptr),
+ &sasl_baton->read_buf, &sasl_baton->read_len);
if (result != SASL_OK)
return svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
get_sasl_error(sasl_ctx, result, pool));
Added: subversion/trunk/subversion/libsvn_subr/wrapped_sasl.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/wrapped_sasl.c?rev=1739649&view=auto
==============================================================================
--- subversion/trunk/subversion/libsvn_subr/wrapped_sasl.c (added)
+++ subversion/trunk/subversion/libsvn_subr/wrapped_sasl.c Sun Apr 17 20:39:18 2016
@@ -0,0 +1,192 @@
+/*
+ * wrapped_sasl.c : wrapped SASL API
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ */
+
+#include "private/svn_wrapped_sasl.h"
+
+/* See the comment at the top of svn_wrapped_sasl.h */
+#ifdef __APPLE__
+# if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 2)
+# pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+# endif
+#endif /* __APPLE__ */
+
+void
+svn_sasl__set_mutex(sasl_mutex_alloc_t *alloc,
+ sasl_mutex_lock_t *lock,
+ sasl_mutex_unlock_t *unlock,
+ sasl_mutex_free_t *free)
+{
+ sasl_set_mutex(alloc, lock, unlock, free);
+}
+
+void
+svn_sasl__done(void)
+{
+ sasl_done();
+}
+
+void
+svn_sasl__dispose(sasl_conn_t **pconn)
+{
+ sasl_dispose(pconn);
+}
+
+const char *
+svn_sasl__errstring(int saslerr, const char *langlist, const char **outlang)
+{
+ return sasl_errstring(saslerr, langlist, outlang);
+}
+
+const char *
+svn_sasl__errdetail(sasl_conn_t *conn)
+{
+ return sasl_errdetail(conn);
+}
+
+int
+svn_sasl__getprop(sasl_conn_t *conn, int propnum, const void **pvalue)
+{
+ return sasl_getprop(conn, propnum, pvalue);
+}
+
+int
+svn_sasl__setprop(sasl_conn_t *conn, int propnum, const void *value)
+{
+ return sasl_setprop(conn, propnum, value);
+}
+
+int
+svn_sasl__client_init(const sasl_callback_t *callbacks)
+{
+ return sasl_client_init(callbacks);
+}
+
+int
+svn_sasl__client_new(const char *service,
+ const char *serverFQDN,
+ const char *iplocalport,
+ const char *ipremoteport,
+ const sasl_callback_t *prompt_supp,
+ unsigned flags,
+ sasl_conn_t **pconn)
+{
+ return sasl_client_new(service, serverFQDN, iplocalport, ipremoteport,
+ prompt_supp, flags, pconn);
+}
+
+int
+svn_sasl__client_start(sasl_conn_t *conn,
+ const char *mechlist,
+ sasl_interact_t **prompt_need,
+ const char **clientout,
+ unsigned *clientoutlen,
+ const char **mech)
+{
+ return sasl_client_start(conn, mechlist, prompt_need,
+ clientout, clientoutlen, mech);
+}
+
+int
+svn_sasl__client_step(sasl_conn_t *conn,
+ const char *serverin,
+ unsigned serverinlen,
+ sasl_interact_t **prompt_need,
+ const char **clientout,
+ unsigned *clientoutlen)
+{
+ return sasl_client_step(conn, serverin, serverinlen, prompt_need,
+ clientout, clientoutlen);
+}
+
+int
+svn_sasl__server_init(const sasl_callback_t *callbacks,
+ const char *appname)
+{
+ return sasl_server_init(callbacks, appname);
+}
+
+int
+svn_sasl__server_new(const char *service,
+ const char *serverFQDN,
+ const char *user_realm,
+ const char *iplocalport,
+ const char *ipremoteport,
+ const sasl_callback_t *callbacks,
+ unsigned flags,
+ sasl_conn_t **pconn)
+{
+ return sasl_server_new(service, serverFQDN, user_realm,
+ iplocalport, ipremoteport, callbacks, flags, pconn);
+}
+
+int
+svn_sasl__listmech(sasl_conn_t *conn,
+ const char *user,
+ const char *prefix,
+ const char *sep,
+ const char *suffix,
+ const char **result,
+ unsigned *plen,
+ int *pcount)
+{
+ return sasl_listmech(conn, user, prefix, sep, suffix, result, plen, pcount);
+}
+
+int
+svn_sasl__server_start(sasl_conn_t *conn,
+ const char *mech,
+ const char *clientin,
+ unsigned clientinlen,
+ const char **serverout,
+ unsigned *serveroutlen)
+{
+ return sasl_server_start(conn, mech, clientin, clientinlen,
+ serverout, serveroutlen);
+}
+
+int
+svn_sasl__server_step(sasl_conn_t *conn,
+ const char *clientin,
+ unsigned clientinlen,
+ const char **serverout,
+ unsigned *serveroutlen)
+{
+ return sasl_server_step(conn, clientin, clientinlen,
+ serverout, serveroutlen);
+}
+
+int
+svn_sasl__encode(sasl_conn_t *conn,
+ const char *input, unsigned inputlen,
+ const char **output, unsigned *outputlen)
+{
+ return sasl_encode(conn, input, inputlen, output, outputlen);
+}
+
+int
+svn_sasl__decode(sasl_conn_t *conn,
+ const char *input, unsigned inputlen,
+ const char **output, unsigned *outputlen)
+{
+ return sasl_decode(conn, input, inputlen, output, outputlen);
+}
Propchange: subversion/trunk/subversion/libsvn_subr/wrapped_sasl.c
------------------------------------------------------------------------------
svn:eol-style = native
Modified: subversion/trunk/subversion/svnserve/cyrus_auth.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/svnserve/cyrus_auth.c?rev=1739649&r1=1739648&r2=1739649&view=diff
==============================================================================
--- subversion/trunk/subversion/svnserve/cyrus_auth.c (original)
+++ subversion/trunk/subversion/svnserve/cyrus_auth.c Sun Apr 17 20:39:18 2016
@@ -110,11 +110,12 @@ static svn_error_t *initialize(void *bat
/* The second parameter tells SASL to look for a configuration file
named subversion.conf. */
- result = sasl_server_init(callbacks, SVN_RA_SVN_SASL_NAME);
+ result = svn_sasl__server_init(callbacks, SVN_RA_SVN_SASL_NAME);
if (result != SASL_OK)
{
- svn_error_t *err = svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
- sasl_errstring(result, NULL, NULL));
+ svn_error_t *err = svn_error_create(
+ SVN_ERR_RA_NOT_AUTHORIZED, NULL,
+ svn_sasl__errstring(result, NULL, NULL));
return svn_error_quick_wrap(err,
_("Could not initialize the SASL library"));
}
@@ -133,7 +134,7 @@ svn_error_t *cyrus_init(apr_pool_t *pool
static svn_error_t *
fail_auth(svn_ra_svn_conn_t *conn, apr_pool_t *pool, sasl_conn_t *sasl_ctx)
{
- const char *msg = sasl_errdetail(sasl_ctx);
+ const char *msg = svn_sasl__errdetail(sasl_ctx);
SVN_ERR(svn_ra_svn__write_tuple(conn, pool, "w(c)", "failure", msg));
return svn_ra_svn__flush(conn, pool);
}
@@ -154,7 +155,7 @@ static svn_error_t *
fail_cmd(svn_ra_svn_conn_t *conn, apr_pool_t *pool, sasl_conn_t *sasl_ctx)
{
svn_error_t *err = svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
- sasl_errdetail(sasl_ctx));
+ svn_sasl__errdetail(sasl_ctx));
SVN_ERR(write_failure(conn, pool, &err));
return svn_ra_svn__flush(conn, pool);
}
@@ -190,9 +191,10 @@ static svn_error_t *try_auth(svn_ra_svn_
return svn_error_createf(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
_("Initial token is too long"));
- result = sasl_server_start(sasl_ctx, mech,
- in ? in->data : NULL,
- in ? (unsigned int) in->len : 0, &out, &outlen);
+ result = svn_sasl__server_start(sasl_ctx, mech,
+ in ? in->data : NULL,
+ in ? (unsigned int) in->len : 0,
+ &out, &outlen);
if (result != SASL_OK && result != SASL_CONTINUE)
return fail_auth(conn, pool, sasl_ctx);
@@ -221,8 +223,9 @@ static svn_error_t *try_auth(svn_ra_svn_
return svn_error_createf(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
_("Step response is too long"));
- result = sasl_server_step(sasl_ctx, in->data, (unsigned int) in->len,
- &out, &outlen);
+ result = svn_sasl__server_step(sasl_ctx, in->data,
+ (unsigned int) in->len,
+ &out, &outlen);
}
if (result != SASL_OK)
@@ -244,7 +247,7 @@ static svn_error_t *try_auth(svn_ra_svn_
static apr_status_t sasl_dispose_cb(void *data)
{
sasl_conn_t *sasl_ctx = (sasl_conn_t*) data;
- sasl_dispose(&sasl_ctx);
+ svn_sasl__dispose(&sasl_ctx);
return APR_SUCCESS;
}
@@ -276,15 +279,16 @@ svn_error_t *cyrus_auth_request(svn_ra_s
/* Create a SASL context. SASL_SUCCESS_DATA tells SASL that the protocol
supports sending data along with the final "success" message. */
- result = sasl_server_new(SVN_RA_SVN_SASL_NAME,
- hostname, b->repository->realm,
- localaddrport, remoteaddrport,
- NULL, SASL_SUCCESS_DATA,
- &sasl_ctx);
+ result = svn_sasl__server_new(SVN_RA_SVN_SASL_NAME,
+ hostname, b->repository->realm,
+ localaddrport, remoteaddrport,
+ NULL, SASL_SUCCESS_DATA,
+ &sasl_ctx);
if (result != SASL_OK)
{
- svn_error_t *err = svn_error_create(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
- sasl_errstring(result, NULL, NULL));
+ svn_error_t *err = svn_error_create(
+ SVN_ERR_RA_NOT_AUTHORIZED, NULL,
+ svn_sasl__errstring(result, NULL, NULL));
SVN_ERR(write_failure(conn, pool, &err));
return svn_ra_svn__flush(conn, pool);
}
@@ -305,20 +309,20 @@ svn_error_t *cyrus_auth_request(svn_ra_s
secprops.max_ssf = b->repository->max_ssf;
/* Set security properties. */
- result = sasl_setprop(sasl_ctx, SASL_SEC_PROPS, &secprops);
+ result = svn_sasl__setprop(sasl_ctx, SASL_SEC_PROPS, &secprops);
if (result != SASL_OK)
return fail_cmd(conn, pool, sasl_ctx);
/* SASL needs to know if we are externally authenticated. */
if (b->client_info->tunnel_user)
- result = sasl_setprop(sasl_ctx, SASL_AUTH_EXTERNAL,
- b->client_info->tunnel_user);
+ result = svn_sasl__setprop(sasl_ctx, SASL_AUTH_EXTERNAL,
+ b->client_info->tunnel_user);
if (result != SASL_OK)
return fail_cmd(conn, pool, sasl_ctx);
/* Get the list of mechanisms. */
- result = sasl_listmech(sasl_ctx, NULL, NULL, " ", NULL,
- &mechlist, NULL, &mech_count);
+ result = svn_sasl__listmech(sasl_ctx, NULL, NULL, " ", NULL,
+ &mechlist, NULL, &mech_count);
if (result != SASL_OK)
return fail_cmd(conn, pool, sasl_ctx);
@@ -354,7 +358,7 @@ svn_error_t *cyrus_auth_request(svn_ra_s
const void *user;
/* Get the authenticated username. */
- result = sasl_getprop(sasl_ctx, SASL_USERNAME, &user);
+ result = svn_sasl__getprop(sasl_ctx, SASL_USERNAME, &user);
if (result != SASL_OK)
return fail_cmd(conn, pool, sasl_ctx);