You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Garrett Rooney <ro...@electricjellyfish.net> on 2006/11/08 15:35:40 UTC
SASL Support
Hey, Vlad, now that the existing SASL support seems to be reasonably
stable and functional, what do you think about integrating the last
parts of your original patch? If you've got time to put together the
portions that wrap the sockets to allow TLS and other such things I'd
be happy to review and commit them.
-garrett
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: SASL Support
Posted by Garrett Rooney <ro...@electricjellyfish.net>.
On 11/8/06, Vlad Georgescu <vg...@gmail.com> wrote:
> This patch introduces a stream-based I/O abstraction layer for the
> ra_svn protocol, using a new svn_ra_svn__stream_t type. (similar to a
> svn_stream_t, but with additional ra_svn-specific callbacks).
>
> This is largely based on work from the svnserve-ssl branch, with one
> important difference: I only used one stream per connection, instead
> of two. I think this is somewhat nicer (it was kind of redundant to
> write to the 'output' stream and read from the 'input' stream, and it
> also makes it easier to wrap a stream with another).
>
> I tested this with svnserve in daemon and ssh modes (to cover both
> stream types), and everything seems ok.
Looks great! Just committed it in r22238.
Thanks,
-garrett
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: SASL Support
Posted by Vlad Georgescu <vg...@gmail.com>.
On 11/8/06, Garrett Rooney <ro...@electricjellyfish.net> wrote:
> On 11/8/06, Vlad Georgescu <vg...@gmail.com> wrote:
> > On 11/8/06, Garrett Rooney <ro...@electricjellyfish.net> wrote:
> > > Hey, Vlad, now that the existing SASL support seems to be reasonably
> > > stable and functional, what do you think about integrating the last
> > > parts of your original patch? If you've got time to put together the
> > > portions that wrap the sockets to allow TLS and other such things I'd
> > > be happy to review and commit them.
> >
> > Sure. I actually started working on bringing those patches up to date
> > last weekend, and right now it's mostly done, I just need to write a
> > log message and do some more testing.
>
> Great!
And here it is.
This patch introduces a stream-based I/O abstraction layer for the
ra_svn protocol, using a new svn_ra_svn__stream_t type. (similar to a
svn_stream_t, but with additional ra_svn-specific callbacks).
This is largely based on work from the svnserve-ssl branch, with one
important difference: I only used one stream per connection, instead
of two. I think this is somewhat nicer (it was kind of redundant to
write to the 'output' stream and read from the 'input' stream, and it
also makes it easier to wrap a stream with another).
I tested this with svnserve in daemon and ssh modes (to cover both
stream types), and everything seems ok.
[[[
Encapsulate ra_svn's I/O with a stream-based wrapper. This will
facilitate the introduction
of SASL and TLS encryption.
[in subversion/libsvn_ra_svn]
* marshal.c:
Update the copyright date.
(svn_ra_svn_create_conn): Create the connection stream. Don't
initialize in_file and
out_file.
(svn_ra_svn__set_block_handler, svn_ra_svn__input_waiting,
writebuf_output, readbuf_input): Use the new svn_ra_svn__stream_t interface
instead of the old apr_file_t/apr_socket_t code.
* ra_svn.h
(ra_svn_pending_fn_t,
ra_svn_timeout_fn_t,
svn_ra_svn__stream_t): New typedefs.
(svn_ra_svn_conn_st): Add stream. Remove in_file, out_file and proc. Explain
that direct access to sock is still required by SASL.
(svn_ra_svn__stream_from_sock,
svn_ra_svn__stream_from_files,
svn_ra_svn__stream_create,
svn_ra_svn__stream_write,
svn_ra_svn__stream_read,
svn_ra_svn__stream_timeout,
svn_ra_svn__stream_pending): New function declarations.
* streams.c: New file. Implements the svn_ra_svn__stream_t interface for
socket and file streams.
]]]
--
Vlad
Re: SASL Support
Posted by Garrett Rooney <ro...@electricjellyfish.net>.
On 11/8/06, Vlad Georgescu <vg...@gmail.com> wrote:
> On 11/8/06, Garrett Rooney <ro...@electricjellyfish.net> wrote:
> > Hey, Vlad, now that the existing SASL support seems to be reasonably
> > stable and functional, what do you think about integrating the last
> > parts of your original patch? If you've got time to put together the
> > portions that wrap the sockets to allow TLS and other such things I'd
> > be happy to review and commit them.
>
> Sure. I actually started working on bringing those patches up to date
> last weekend, and right now it's mostly done, I just need to write a
> log message and do some more testing.
Great!
-garrett
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: SASL Support
Posted by Vlad Georgescu <vg...@gmail.com>.
On 11/8/06, Garrett Rooney <ro...@electricjellyfish.net> wrote:
> Hey, Vlad, now that the existing SASL support seems to be reasonably
> stable and functional, what do you think about integrating the last
> parts of your original patch? If you've got time to put together the
> portions that wrap the sockets to allow TLS and other such things I'd
> be happy to review and commit them.
Sure. I actually started working on bringing those patches up to date
last weekend, and right now it's mostly done, I just need to write a
log message and do some more testing.
--
Vlad
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org