subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stef...@apache.org
Subject svn commit: r1614052 - in /subversion/branches/authzperf/subversion/libsvn_repos: authz.c authz_pool.c repos.h
Date Mon, 28 Jul 2014 15:21:43 GMT
Author: stefan2
Date: Mon Jul 28 15:21:43 2014
New Revision: 1614052

URL: http://svn.apache.org/r1614052
Log:
On the authzperf branch: Hide the svn_authz_t definition from
the headers again. This will allow us to later store prefix tree
data etc. in that structure.

To do this, we change private API signatures where needed and
add a private API to construct an svn_authz_t from svn_config_t.
This involves a bit of code shuffling in authz.c to have a nicer
function grouping.

* subversion/libsvn_repos/repos.h
  (svn_authz_t): Remove definition from header.
  (svn_repos__authz_validate): Rename to ...
  (svn_repos__authz_config_validate): ... this and make it take
                                      a config instead of an authz.
  (svn_repos__create_authz): New svn_authz_t construction API.

* subversion/libsvn_repos/authz.c
  (authz_validate_baton): Move into "validating" section of authz.c.
  (svn_authz_t): Define here now instead of repos.h.
  (svn_repos__authz_validate): Rename, update and move to "private API"
                               section of authz.c.
  (authz_copy_groups): Use a svn_config_t parameter instead of svn_authz_t.
  (svn_repos__retrieve_config): Move to "private API" section of authz.c.
  (svn_repos__create_authz): Implement new private API function.
  (svn_repos__authz_read,
   svn_repos_authz_parse): Read and validate authz as svn_config_t and
                           construct the svn_authz_t as a last step.

* subversion/libsvn_repos/authz_pool.c
  (authz_object_t): Be honest that we effectively only cache a config_t.
  (svn_repos__authz_pool_get): Update.  Cache the authz config_t and
                               construct the svn_authz_t dynamically.

Modified:
    subversion/branches/authzperf/subversion/libsvn_repos/authz.c
    subversion/branches/authzperf/subversion/libsvn_repos/authz_pool.c
    subversion/branches/authzperf/subversion/libsvn_repos/repos.h

Modified: subversion/branches/authzperf/subversion/libsvn_repos/authz.c
URL: http://svn.apache.org/viewvc/subversion/branches/authzperf/subversion/libsvn_repos/authz.c?rev=1614052&r1=1614051&r2=1614052&view=diff
==============================================================================
--- subversion/branches/authzperf/subversion/libsvn_repos/authz.c (original)
+++ subversion/branches/authzperf/subversion/libsvn_repos/authz.c Mon Jul 28 15:21:43 2014
@@ -750,7 +750,8 @@ lookup(node_t *root,
   return (access->rights & required) == required;
 }
 
-/*** Structures. ***/
+
+/*** Validating the authz file. ***/
 
 /* Information for the config enumeration functions called during the
    validation process. */
@@ -760,9 +761,6 @@ struct authz_validate_baton {
                            enumerator, if any. */
 };
 
-
-/*** Validating the authz file. ***/
-
 /* Check for errors in GROUP's definition of CFG.  The errors
  * detected are references to non-existent groups and circular
  * dependencies between groups.  If an error is found, return
@@ -1036,21 +1034,16 @@ static svn_boolean_t authz_validate_sect
 }
 
 
-svn_error_t *
-svn_repos__authz_validate(svn_authz_t *authz, apr_pool_t *pool)
-{
-  struct authz_validate_baton baton = { 0 };
+
 
-  baton.err = SVN_NO_ERROR;
-  baton.config = authz->cfg;
+/*** The authz data structure. ***/
 
-  /* Step through the entire rule file stopping on error. */
-  svn_config_enumerate_sections2(authz->cfg, authz_validate_section,
-                                 &baton, pool);
-  SVN_ERR(baton.err);
-
-  return SVN_NO_ERROR;
-}
+struct svn_authz_t
+{
+  /* The configuration containing the raw users, groups, aliases and rule
+   * sets data. */
+  svn_config_t *cfg;
+};
 
 
 /* Retrieve the file at DIRENT (contained in a repo) then parse it as a config
@@ -1147,6 +1140,45 @@ authz_retrieve_config_repo(svn_config_t 
   return SVN_NO_ERROR;
 }
 
+/* Callback to copy (name, value) group into the "groups" section
+   of another configuration. */
+static svn_boolean_t
+authz_copy_group(const char *name, const char *value,
+                 void *baton, apr_pool_t *pool)
+{
+  svn_config_t *authz_cfg = baton;
+
+  svn_config_set(authz_cfg, SVN_CONFIG_SECTION_GROUPS, name, value);
+
+  return TRUE;
+}
+
+/* Copy group definitions from GROUPS_CFG to the resulting authz CONFIG.
+ * If CONFIG already contains any group definition, report an error.
+ * Use POOL for temporary allocations. */
+static svn_error_t *
+authz_copy_groups(svn_config_t *config, svn_config_t *groups_cfg,
+                  apr_pool_t *pool)
+{
+  /* Easy out: we prohibit local groups in the authz file when global
+     groups are being used. */
+  if (svn_config_has_section(config, SVN_CONFIG_SECTION_GROUPS))
+    {
+      return svn_error_create(SVN_ERR_AUTHZ_INVALID_CONFIG, NULL,
+                              "Authz file cannot contain any groups "
+                              "when global groups are being used.");
+    }
+
+  svn_config_enumerate2(groups_cfg, SVN_CONFIG_SECTION_GROUPS,
+                        authz_copy_group, config, pool);
+
+  return SVN_NO_ERROR;
+}
+
+
+
+/*** Private API functions. ***/
+
 svn_error_t *
 svn_repos__retrieve_config(svn_config_t **cfg_p,
                            const char *path,
@@ -1181,39 +1213,33 @@ svn_repos__retrieve_config(svn_config_t 
   return SVN_NO_ERROR;
 }
 
-
-/* Callback to copy (name, value) group into the "groups" section
-   of another configuration. */
-static svn_boolean_t
-authz_copy_group(const char *name, const char *value,
-                 void *baton, apr_pool_t *pool)
+svn_error_t *
+svn_repos__authz_config_validate(svn_config_t *config,
+                                 apr_pool_t *pool)
 {
-  svn_config_t *authz_cfg = baton;
+  struct authz_validate_baton baton = { 0 };
 
-  svn_config_set(authz_cfg, SVN_CONFIG_SECTION_GROUPS, name, value);
+  baton.err = SVN_NO_ERROR;
+  baton.config = config;
 
-  return TRUE;
+  /* Step through the entire rule file stopping on error. */
+  svn_config_enumerate_sections2(config, authz_validate_section,
+                                 &baton, pool);
+  SVN_ERR(baton.err);
+
+  return SVN_NO_ERROR;
 }
 
-/* Copy group definitions from GROUPS_CFG to the resulting AUTHZ.
- * If AUTHZ already contains any group definition, report an error.
- * Use POOL for temporary allocations. */
-static svn_error_t *
-authz_copy_groups(svn_authz_t *authz, svn_config_t *groups_cfg,
-                  apr_pool_t *pool)
+svn_error_t *
+svn_repos__create_authz(svn_authz_t **authz_p,
+                        svn_config_t *config,
+                        apr_pool_t *result_pool)
 {
-  /* Easy out: we prohibit local groups in the authz file when global
-     groups are being used. */
-  if (svn_config_has_section(authz->cfg, SVN_CONFIG_SECTION_GROUPS))
-    {
-      return svn_error_create(SVN_ERR_AUTHZ_INVALID_CONFIG, NULL,
-                              "Authz file cannot contain any groups "
-                              "when global groups are being used.");
-    }
+  svn_authz_t *result = apr_pcalloc(result_pool, sizeof(*result));
 
-  svn_config_enumerate2(groups_cfg, SVN_CONFIG_SECTION_GROUPS,
-                        authz_copy_group, authz->cfg, pool);
+  result->cfg = config;
 
+  *authz_p = result;
   return SVN_NO_ERROR;
 }
 
@@ -1222,15 +1248,14 @@ svn_repos__authz_read(svn_authz_t **auth
                       const char *groups_path, svn_boolean_t must_exist,
                       svn_boolean_t accept_urls, apr_pool_t *pool)
 {
-  svn_authz_t *authz = apr_palloc(pool, sizeof(*authz));
+  svn_config_t *config;
 
   /* Load the authz file */
   if (accept_urls)
-    SVN_ERR(svn_repos__retrieve_config(&authz->cfg, path, must_exist, TRUE,
+    SVN_ERR(svn_repos__retrieve_config(&config, path, must_exist, TRUE,
                                        pool));
   else
-    SVN_ERR(svn_config_read3(&authz->cfg, path, must_exist, TRUE, TRUE,
-                             pool));
+    SVN_ERR(svn_config_read3(&config, path, must_exist, TRUE, TRUE, pool));
 
   if (groups_path)
     {
@@ -1246,7 +1271,7 @@ svn_repos__authz_read(svn_authz_t **auth
                                  TRUE, TRUE, pool));
 
       /* Copy the groups from groups_cfg into authz. */
-      err = authz_copy_groups(authz, groups_cfg, pool);
+      err = authz_copy_groups(config, groups_cfg, pool);
 
       /* Add the paths to the error stack since the authz_copy_groups
          routine knows nothing about them. */
@@ -1257,9 +1282,10 @@ svn_repos__authz_read(svn_authz_t **auth
     }
 
   /* Make sure there are no errors in the configuration. */
-  SVN_ERR(svn_repos__authz_validate(authz, pool));
+  SVN_ERR(svn_repos__authz_config_validate(config, pool));
+
+  SVN_ERR(svn_repos__create_authz(authz_p, config, pool));
 
-  *authz_p = authz;
   return SVN_NO_ERROR;
 }
 
@@ -1281,10 +1307,10 @@ svn_error_t *
 svn_repos_authz_parse(svn_authz_t **authz_p, svn_stream_t *stream,
                       svn_stream_t *groups_stream, apr_pool_t *pool)
 {
-  svn_authz_t *authz = apr_palloc(pool, sizeof(*authz));
+  svn_config_t *config;
 
   /* Parse the authz stream */
-  SVN_ERR(svn_config_parse(&authz->cfg, stream, TRUE, TRUE, pool));
+  SVN_ERR(svn_config_parse(&config, stream, TRUE, TRUE, pool));
 
   if (groups_stream)
     {
@@ -1293,13 +1319,14 @@ svn_repos_authz_parse(svn_authz_t **auth
       /* Parse the groups stream */
       SVN_ERR(svn_config_parse(&groups_cfg, groups_stream, TRUE, TRUE, pool));
 
-      SVN_ERR(authz_copy_groups(authz, groups_cfg, pool));
+      SVN_ERR(authz_copy_groups(config, groups_cfg, pool));
     }
 
   /* Make sure there are no errors in the configuration. */
-  SVN_ERR(svn_repos__authz_validate(authz, pool));
+  SVN_ERR(svn_repos__authz_config_validate(config, pool));
+
+  SVN_ERR(svn_repos__create_authz(authz_p, config, pool));
 
-  *authz_p = authz;
   return SVN_NO_ERROR;
 }
 

Modified: subversion/branches/authzperf/subversion/libsvn_repos/authz_pool.c
URL: http://svn.apache.org/viewvc/subversion/branches/authzperf/subversion/libsvn_repos/authz_pool.c?rev=1614052&r1=1614051&r2=1614052&view=diff
==============================================================================
--- subversion/branches/authzperf/subversion/libsvn_repos/authz_pool.c (original)
+++ subversion/branches/authzperf/subversion/libsvn_repos/authz_pool.c Mon Jul 28 15:21:43
2014
@@ -58,7 +58,7 @@ typedef struct authz_object_t
   svn_config_t *groups_cfg;
 
   /* Case-sensitive config. */
-  svn_authz_t *authz;
+  svn_config_t *authz;
 } authz_object_t;
 
 /* Root data structure simply adding the config_pool to the basic object pool.
@@ -148,7 +148,7 @@ svn_repos__authz_pool_get(svn_authz_t **
   authz_object_t *authz_ref
     = apr_pcalloc(authz_ref_pool, sizeof(*authz_ref));
   svn_boolean_t have_all_keys;
-  
+
   /* read the configurations */
   SVN_ERR(svn_repos__config_pool_get(&authz_ref->authz_cfg,
                                      &authz_ref->authz_key,
@@ -156,7 +156,7 @@ svn_repos__authz_pool_get(svn_authz_t **
                                      path, must_exist, TRUE,
                                      preferred_repos, authz_ref_pool));
   have_all_keys = authz_ref->authz_key != NULL;
-  
+
   if (groups_path)
     {
       SVN_ERR(svn_repos__config_pool_get(&authz_ref->groups_cfg,
@@ -172,28 +172,32 @@ svn_repos__authz_pool_get(svn_authz_t **
   if (!have_all_keys)
     return svn_error_trace(svn_repos_authz_read2(authz_p, path, groups_path,
                                                  must_exist, pool));
-    
+
   /* all keys are known and lookup is unambigious. */
   authz_ref->key = construct_key(authz_ref->authz_key,
                                  authz_ref->groups_key,
                                  authz_ref_pool);
 
-  SVN_ERR(svn_object_pool__lookup((void **)authz_p, authz_pool->object_pool,
+  SVN_ERR(svn_object_pool__lookup((void **)&authz_ref->authz,
+                                  authz_pool->object_pool,
                                   authz_ref->key, NULL, pool));
-  if (*authz_p)
+  if (authz_ref->authz)
     {
+      SVN_ERR(svn_repos__create_authz(authz_p, authz_ref->authz, pool));
       svn_pool_destroy(authz_ref_pool);
+
       return SVN_NO_ERROR;
     }
 
-  authz_ref->authz = apr_palloc(authz_ref_pool, sizeof(*authz_ref->authz));
-  authz_ref->authz->cfg = authz_ref->authz_cfg;
+  /* Initialize with config struct containing the path rules.  Groups may
+   * or may not get added / replaced later on. */
+  authz_ref->authz = authz_ref->authz_cfg;
 
   if (groups_path)
     {
       /* Easy out: we prohibit local groups in the authz file when global
          groups are being used. */
-      if (svn_config_has_section(authz_ref->authz->cfg,
+      if (svn_config_has_section(authz_ref->authz,
                                  SVN_CONFIG_SECTION_GROUPS))
         return svn_error_createf(SVN_ERR_AUTHZ_INVALID_CONFIG, NULL,
                                  "Error reading authz file '%s' with "
@@ -204,15 +208,17 @@ svn_repos__authz_pool_get(svn_authz_t **
 
       /* We simply need to add the [Groups] section to the authz config.
        */
-      svn_config__shallow_replace_section(authz_ref->authz->cfg,
+      svn_config__shallow_replace_section(authz_ref->authz,
                                           authz_ref->groups_cfg,
                                           SVN_CONFIG_SECTION_GROUPS);
     }
 
   /* Make sure there are no errors in the configuration. */
-  SVN_ERR(svn_repos__authz_validate(authz_ref->authz, authz_ref_pool));
+  SVN_ERR(svn_repos__authz_config_validate(authz_ref->authz, authz_ref_pool));
+  SVN_ERR(svn_repos__create_authz(authz_p, authz_ref->authz, pool));
 
-  SVN_ERR(svn_object_pool__insert((void **)authz_p, authz_pool->object_pool,
+  SVN_ERR(svn_object_pool__insert((void **)&authz_ref->authz,
+                                  authz_pool->object_pool,
                                   authz_ref->key, authz_ref, NULL,
                                   authz_ref_pool, pool));
 

Modified: subversion/branches/authzperf/subversion/libsvn_repos/repos.h
URL: http://svn.apache.org/viewvc/subversion/branches/authzperf/subversion/libsvn_repos/repos.h?rev=1614052&r1=1614051&r2=1614052&view=diff
==============================================================================
--- subversion/branches/authzperf/subversion/libsvn_repos/repos.h (original)
+++ subversion/branches/authzperf/subversion/libsvn_repos/repos.h Mon Jul 28 15:21:43 2014
@@ -364,14 +364,6 @@ svn_repos__hooks_post_unlock(svn_repos_t
 
 /*** Authz Functions ***/
 
-/* An authorization object.
-   Currently this structure is just a wrapper around a svn_config_t. */
-struct svn_authz_t
-{
-  struct svn_config_t *cfg;
-};
-
-
 /* Read authz configuration data from PATH into *AUTHZ_P, allocated
    in POOL.  If GROUPS_PATH is set, use the global groups parsed from it.
 
@@ -390,10 +382,15 @@ svn_repos__authz_read(svn_authz_t **auth
                       svn_boolean_t accept_urls,
                       apr_pool_t *pool);
 
-/* Walk the configuration in AUTHZ looking for any errors. */
+/* Walk the authz configuration CONFIG looking for any errors. */
+svn_error_t *
+svn_repos__authz_config_validate(struct svn_config_t *config,
+                                 apr_pool_t *pool);
+
 svn_error_t *
-svn_repos__authz_validate(svn_authz_t *authz,
-                          apr_pool_t *pool);
+svn_repos__create_authz(svn_authz_t **authz_p,
+                        struct svn_config_t *config,
+                        apr_pool_t *result_pool);
 
 
 /*** Utility Functions ***/



Mime
View raw message