You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by st...@apache.org on 2014/03/03 20:51:48 UTC
svn commit: r1573701 - /subversion/trunk/subversion/svn/auth-cmd.c
Author: stsp
Date: Mon Mar 3 19:51:47 2014
New Revision: 1573701
URL: http://svn.apache.org/r1573701
Log:
Make 'svn auth' match SSL hostnames and fingerprints case-insensitively.
Hostnames and fingerprints should have characters from the ASCII range only.
* subversion/svn/auth-cmd.c
(match_pattern): Add 'caseblind' parameter which triggers case-insensitive
matching.
(match_credential): Update caller. Match SSL hostnames and fingerprints
case-insensitively. Other credential data is matched case-sensitively.
Modified:
subversion/trunk/subversion/svn/auth-cmd.c
Modified: subversion/trunk/subversion/svn/auth-cmd.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/svn/auth-cmd.c?rev=1573701&r1=1573700&r2=1573701&view=diff
==============================================================================
--- subversion/trunk/subversion/svn/auth-cmd.c (original)
+++ subversion/trunk/subversion/svn/auth-cmd.c Mon Mar 3 19:51:47 2014
@@ -104,11 +104,12 @@ struct walk_credentials_baton_t
static svn_boolean_t
match_pattern(const char *pattern, const char *value,
- apr_pool_t *scratch_pool)
+ svn_boolean_t caseblind, apr_pool_t *scratch_pool)
{
const char *p = apr_psprintf(scratch_pool, "*%s*", pattern);
+ int flags = (caseblind ? APR_FNM_CASE_BLIND : 0);
- return (apr_fnmatch(p, value, 0) == APR_SUCCESS);
+ return (apr_fnmatch(p, value, flags) == APR_SUCCESS);
}
static svn_error_t *
@@ -129,9 +130,9 @@ match_credential(svn_boolean_t *match,
const char *pattern = APR_ARRAY_IDX(patterns, i, const char *);
int j;
- *match = match_pattern(pattern, cred_kind, iterpool);
+ *match = match_pattern(pattern, cred_kind, FALSE, iterpool);
if (!*match)
- *match = match_pattern(pattern, realmstring, iterpool);
+ *match = match_pattern(pattern, realmstring, FALSE, iterpool);
if (!*match)
{
svn_pool_clear(iterpool);
@@ -149,8 +150,11 @@ match_credential(svn_boolean_t *match,
continue; /* don't match secrets */
else if (strcmp(key, SVN_CONFIG_AUTHN_ASCII_CERT_KEY) == 0)
continue; /* don't match base64 data */
+ else if (strcmp(key, SVN_CONFIG_AUTHN_HOSTNAME_KEY) == 0 ||
+ strcmp(key, SVN_CONFIG_AUTHN_FINGERPRINT_KEY) == 0)
+ *match = match_pattern(pattern, value->data, TRUE, iterpool);
else
- *match = match_pattern(pattern, value->data, iterpool);
+ *match = match_pattern(pattern, value->data, FALSE, iterpool);
if (*match)
break;