You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Stefan Sperling <st...@elego.de> on 2014/08/27 11:38:07 UTC
configurable svn+ssh remote tunnel commands
Apparently people are having trouble in some configurations with
the hardcoded 'svnserve -t' default remote tunnel command.
One problematic case seems to involve running a GUI Subversion
client on a Mac against a server on localhost via svn+ssh.
See #svn chat log at:
http://colabti.org/irclogger/irclogger_log/svn?date=2014-08-26#l248
As far as I understand the situation, apple is shipping an old svnserve
in /usr/bin and the user would prefer running a more recent
/usr/local/bin/svnserve.
Additionally, overriding per-user environment variables like PATH
seems to be a very difficult thing to do. I can't judge if this is
really the case since I don't use MacOS at all.
The user is requesting a config knob to override the default, to be
able to specify a full path to svnserve and add other flags to
svnserve's invocation as desired. This is indeed a fairly trivial
change. Do we want to add this?
Note that, with ssh keys, the server can override the tunnel command
requested by the client, which is another possible workaround.
This is diff is untested, just a proof of concept.
Index: subversion/include/svn_config.h
===================================================================
--- subversion/include/svn_config.h (revision 1618039)
+++ subversion/include/svn_config.h (working copy)
@@ -152,6 +152,8 @@ typedef struct svn_config_t svn_config_t;
#define SVN_CONFIG_OPTION_SQLITE_EXCLUSIVE_CLIENTS "exclusive-locking-clients"
/** @since New in 1.9. */
#define SVN_CONFIG_OPTION_SQLITE_BUSY_TIMEOUT "busy-timeout"
+/** @since New in 1.9. */
+#define SVN_CONFIG_SECTION_TUNNELS_REMOTE "tunnels-remote"
/** @} */
/** @name Repository conf directory configuration files strings
Index: subversion/libsvn_ra_svn/client.c
===================================================================
--- subversion/libsvn_ra_svn/client.c (revision 1618039)
+++ subversion/libsvn_ra_svn/client.c (working copy)
@@ -436,8 +436,32 @@ static svn_error_t *find_tunnel_agent(const char *
*argv = apr_palloc(pool, (n + 4) * sizeof(char *));
memcpy(*argv, cmd_argv, n * sizeof(char *));
(*argv)[n++] = svn_path_uri_decode(hostinfo, pool);
- (*argv)[n++] = "svnserve";
- (*argv)[n++] = "-t";
+
+ /* Look up the tunnel remote command specification in config. */
+ cfg = config ? svn_hash_gets(config, SVN_CONFIG_CATEGORY_CONFIG) : NULL;
+ svn_config_get(cfg, &val, SVN_CONFIG_SECTION_TUNNELS_REMOTE, tunnel, NULL);
+ if (val)
+ {
+ char **remote_cmd_argv;
+
+ /* Tokenize the command into a list of arguments. */
+ status = apr_tokenize_to_argv(val, &remote_cmd_argv, pool);
+ if (status != APR_SUCCESS)
+ return svn_error_wrap_apr(status, _("Can't tokenize command '%s'"),
+ val);
+ while (*remote_cmd_argv != NULL)
+ {
+ (*argv)[n++] = *remote_cmd_argv;
+ remote_cmd_argv++;
+ }
+ }
+ else
+ {
+ /* Default tunnel remote command. */
+ (*argv)[n++] = "svnserve";
+ (*argv)[n++] = "-t";
+ }
+
(*argv)[n] = NULL;
return SVN_NO_ERROR;
Index: subversion/libsvn_subr/config_file.c
===================================================================
--- subversion/libsvn_subr/config_file.c (revision 1618039)
+++ subversion/libsvn_subr/config_file.c (working copy)
@@ -1249,6 +1249,13 @@ svn_config_ensure(const char *config_dir, apr_pool
"### path separator. A single backslash will be treated as an" NL
"### escape for the following character." NL
"" NL
+ "### Section for configuring remote tunnel commands." NL
+ "[tunnels-remote]" NL
+ "### Configure the command to be executed at the remote end" NL
+ "### of a given tunnel configured in the [tunnels] section." NL
+ "### The default remote tunnel command is 'svnserve -t'." NL
+ "ssh = /opt/svn/bin/svnserve -t" NL
+ "" NL
"### Section for configuring miscellaneous Subversion options." NL
"[miscellany]" NL
"### Set global-ignores to a set of whitespace-delimited globs" NL
Re: configurable svn+ssh remote tunnel commands
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
Daniel Shahaf wrote on Wed, Aug 27, 2014 at 12:40:39 +0000:
> Stefan Sperling wrote on Wed, Aug 27, 2014 at 11:38:07 +0200:
> > As far as I understand the situation, apple is shipping an old svnserve
> > in /usr/bin and the user would prefer running a more recent
> > /usr/local/bin/svnserve.
> > Additionally, overriding per-user environment variables like PATH
> > seems to be a very difficult thing to do. I can't judge if this is
> > really the case since I don't use MacOS at all.
> >
>
> Something like this used to work:
>
> [tunnels]
> ssh = _t() { h=$1; shift; ssh $1 env VAR=val /path/to/svnserve -t "$@"; }; _t
That's slightly wrong - the arguments array would be "$host svnserve -t"
and this configuration passes the "svnserve -t" part through, instead of
discarding it. Revised:
[tunnels]
ssh = _t() { local h=$1; shift; shift; shift; ssh "$1" env VAR=val /path/to/svnserve -t "$@"; }; _t
Daniel
Re: configurable svn+ssh remote tunnel commands
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
Stefan Sperling wrote on Wed, Aug 27, 2014 at 11:38:07 +0200:
> As far as I understand the situation, apple is shipping an old svnserve
> in /usr/bin and the user would prefer running a more recent
> /usr/local/bin/svnserve.
> Additionally, overriding per-user environment variables like PATH
> seems to be a very difficult thing to do. I can't judge if this is
> really the case since I don't use MacOS at all.
>
Something like this used to work:
[tunnels]
ssh = _t() { h=$1; shift; ssh $1 env VAR=val /path/to/svnserve -t "$@"; }; _t
> The user is requesting a config knob to override the default, to be
> able to specify a full path to svnserve and add other flags to
> svnserve's invocation as desired. This is indeed a fairly trivial
> change. Do we want to add this?
>
I'm not sure, Bert makes a good point that the server admin should
be expected to make his server work with the client default settings.
> Note that, with ssh keys, the server can override the tunnel command
> requested by the client, which is another possible workaround.
>
> This is diff is untested, just a proof of concept.
>
The code seems to be allocating beyond the end of the array ARGV.
Daniel
RE: configurable svn+ssh remote tunnel commands
Posted by Bert Huijben <be...@qqmail.nl>.
> -----Original Message-----
> From: Stefan Sperling [mailto:stsp@elego.de]
> Sent: woensdag 27 augustus 2014 11:38
> To: dev@subversion.apache.org
> Subject: configurable svn+ssh remote tunnel commands
>
> Apparently people are having trouble in some configurations with
> the hardcoded 'svnserve -t' default remote tunnel command.
>
> One problematic case seems to involve running a GUI Subversion
> client on a Mac against a server on localhost via svn+ssh.
> See #svn chat log at:
> http://colabti.org/irclogger/irclogger_log/svn?date=2014-08-26#l248
>
> As far as I understand the situation, apple is shipping an old svnserve
> in /usr/bin and the user would prefer running a more recent
> /usr/local/bin/svnserve.
> Additionally, overriding per-user environment variables like PATH
> seems to be a very difficult thing to do. I can't judge if this is
> really the case since I don't use MacOS at all.
>
> The user is requesting a config knob to override the default, to be
> able to specify a full path to svnserve and add other flags to
> svnserve's invocation as desired. This is indeed a fairly trivial
> change. Do we want to add this?
>
> Note that, with ssh keys, the server can override the tunnel command
> requested by the client, which is another possible workaround.
>
> This is diff is untested, just a proof of concept.
I think that if we add support for this, we should use the servers file, to
allow setting it globally but also overriding this option per server.
But really: I think the server administrator should fix the config, instead
of making all users do it per install.
(You can probably even change it yourself on the server by updating your
.profile)
Bert