You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@subversion.apache.org by cm...@apache.org on 2012/10/05 15:45:24 UTC

svn commit: r1394519 - /subversion/trunk/subversion/libsvn_repos/authz.c

Author: cmpilato
Date: Fri Oct  5 13:45:24 2012
New Revision: 1394519

URL: http://svn.apache.org/viewvc?rev=1394519&view=rev
Log:
Fix issue #3531 ("Error with AuthzSVNAccessFile groups parsing in
mod_authz_svn").  The authz validation logic was treating any section
whose name began with "groups" (e.g. "groupsomething" or
"groups:/trunk") as a group section; likewise for aliases and sections
which begin with "aliases".  This prevented users from defining access
rules for repositories with those names, resulting in some cases in
access being forbidden to those repositories.

* subversion/libsvn_repos/authz.c
  (authz_validate_section): Use strcmp() instead of strncmp() when
    checking for the special authz sections "groups" and "aliases".
    While here, fix a bit of stale commentary.

Modified:
    subversion/trunk/subversion/libsvn_repos/authz.c

Modified: subversion/trunk/subversion/libsvn_repos/authz.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_repos/authz.c?rev=1394519&r1=1394518&r2=1394519&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_repos/authz.c (original)
+++ subversion/trunk/subversion/libsvn_repos/authz.c Fri Oct  5 13:45:24 2012
@@ -714,14 +714,15 @@ static svn_boolean_t authz_validate_sect
 {
   struct authz_validate_baton *b = baton;
 
-  /* If the section is the groups definition, use the group checking
-     callback. Otherwise, use the rule checking callback. */
-  if (strncmp(name, "groups", 6) == 0)
+  /* Use the group checking callback for the "groups" section... */
+  if (strcmp(name, "groups") == 0)
     svn_config_enumerate2(b->config, name, authz_validate_group,
                           baton, pool);
-  else if (strncmp(name, "aliases", 7) == 0)
+  /* ...and the alias checking callback for "aliases"... */
+  else if (strcmp(name, "aliases") == 0)
     svn_config_enumerate2(b->config, name, authz_validate_alias,
                           baton, pool);
+  /* ...but for everything else use the rule checking callback. */
   else
     {
       /* Validate the section's name. Skip the optional REPOS_NAME. */