summaryrefslogtreecommitdiff
path: root/subversion/libsvn_subr
diff options
context:
space:
mode:
Diffstat (limited to 'subversion/libsvn_subr')
-rw-r--r--subversion/libsvn_subr/auth.c6
-rw-r--r--subversion/libsvn_subr/cache-membuffer.c8
-rw-r--r--subversion/libsvn_subr/cmdline.c11
-rw-r--r--subversion/libsvn_subr/internal_statements.h2
-rw-r--r--subversion/libsvn_subr/io.c17
-rw-r--r--subversion/libsvn_subr/sqlite.c43
-rw-r--r--subversion/libsvn_subr/sqlite3wrapper.c1
-rw-r--r--subversion/libsvn_subr/subst.c16
-rw-r--r--subversion/libsvn_subr/sysinfo.c12
-rw-r--r--subversion/libsvn_subr/win32_crypto.c32
10 files changed, 123 insertions, 25 deletions
diff --git a/subversion/libsvn_subr/auth.c b/subversion/libsvn_subr/auth.c
index 9dc4c776336ae..3c874cf88505b 100644
--- a/subversion/libsvn_subr/auth.c
+++ b/subversion/libsvn_subr/auth.c
@@ -35,6 +35,7 @@
#include "svn_private_config.h"
#include "svn_dso.h"
#include "svn_version.h"
+#include "private/svn_auth_private.h"
#include "private/svn_dep_compat.h"
#include "private/svn_subr_private.h"
@@ -540,6 +541,11 @@ svn_auth_get_platform_specific_provider(svn_auth_provider_object_t **provider,
{
svn_auth_get_windows_ssl_server_trust_provider(provider, pool);
}
+ else if (strcmp(provider_name, "windows") == 0 &&
+ strcmp(provider_type, "ssl_server_authority") == 0)
+ {
+ svn_auth__get_windows_ssl_server_authority_provider(provider, pool);
+ }
#endif
}
diff --git a/subversion/libsvn_subr/cache-membuffer.c b/subversion/libsvn_subr/cache-membuffer.c
index 5f447b3fa9bdc..131d914502c9a 100644
--- a/subversion/libsvn_subr/cache-membuffer.c
+++ b/subversion/libsvn_subr/cache-membuffer.c
@@ -422,7 +422,7 @@ struct svn_membuffer_t
*/
apr_uint64_t current_data;
- /* Total number of data buffer bytes in use. This is for statistics only.
+ /* Total number of data buffer bytes in use.
*/
apr_uint64_t data_used;
@@ -1374,7 +1374,11 @@ membuffer_cache_set_internal(svn_membuffer_t *cache,
* the old spot, just re-use that space. */
if (entry && ALIGN_VALUE(entry->size) >= size && buffer)
{
- cache->data_used += size - entry->size;
+ /* Careful! We need to cast SIZE to the full width of CACHE->DATA_USED
+ * lest we run into trouble with 32 bit underflow *not* treated as a
+ * negative value.
+ */
+ cache->data_used += (apr_uint64_t)size - entry->size;
entry->size = size;
#ifdef SVN_DEBUG_CACHE_MEMBUFFER
diff --git a/subversion/libsvn_subr/cmdline.c b/subversion/libsvn_subr/cmdline.c
index f52fa29833ec5..89d1ff3a3a1cd 100644
--- a/subversion/libsvn_subr/cmdline.c
+++ b/subversion/libsvn_subr/cmdline.c
@@ -505,7 +505,7 @@ svn_cmdline_create_auth_baton(svn_auth_baton_t **ab,
svn_auth_get_username_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
- /* The server-cert, client-cert, and client-cert-password providers. */
+ /* The windows ssl server certificate CRYPTOAPI provider. */
SVN_ERR(svn_auth_get_platform_specific_provider(&provider,
"windows",
"ssl_server_trust",
@@ -514,6 +514,15 @@ svn_cmdline_create_auth_baton(svn_auth_baton_t **ab,
if (provider)
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
+ /* The windows ssl authority certificate CRYPTOAPI provider. */
+ SVN_ERR(svn_auth_get_platform_specific_provider(&provider,
+ "windows",
+ "ssl_server_authority",
+ pool));
+
+ if (provider)
+ APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
+
svn_auth_get_ssl_server_trust_file_provider(&provider, pool);
APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;
svn_auth_get_ssl_client_cert_file_provider(&provider, pool);
diff --git a/subversion/libsvn_subr/internal_statements.h b/subversion/libsvn_subr/internal_statements.h
index 82a85befebd25..84c616f38bee5 100644
--- a/subversion/libsvn_subr/internal_statements.h
+++ b/subversion/libsvn_subr/internal_statements.h
@@ -1,4 +1,4 @@
-/* This file is automatically generated from internal_statements.sql and .dist_sandbox/subversion-1.8.5/subversion/libsvn_subr/token-map.h.
+/* This file is automatically generated from internal_statements.sql and .dist_sandbox/subversion-1.8.8/subversion/libsvn_subr/token-map.h.
* Do not edit this file -- edit the source and rerun gen-make.py */
#define STMT_INTERNAL_SAVEPOINT_SVN 0
diff --git a/subversion/libsvn_subr/io.c b/subversion/libsvn_subr/io.c
index 385ae37dbe801..f0956e2aa8e94 100644
--- a/subversion/libsvn_subr/io.c
+++ b/subversion/libsvn_subr/io.c
@@ -1533,14 +1533,9 @@ io_set_file_perms(const char *path,
{
if (enable_write) /* Make read-write. */
{
- apr_file_t *fd;
-
- /* Get the perms for the original file so we'll have any other bits
- * that were already set (like the execute bits, for example). */
- SVN_ERR(svn_io_file_open(&fd, path, APR_READ,
- APR_OS_DEFAULT, pool));
- SVN_ERR(merge_default_file_perms(fd, &perms_to_set, pool));
- SVN_ERR(svn_io_file_close(fd, pool));
+ /* Tweak the owner bits only. The group/other bits aren't safe to
+ * touch because we may end up setting them in undesired ways. */
+ perms_to_set |= (APR_UREAD|APR_UWRITE);
}
else
{
@@ -4289,7 +4284,7 @@ contents_three_identical_p(svn_boolean_t *identical_p12,
/* As long as a file is not at the end yet, and it is still
* potentially identical to another file, we read the next chunk.*/
- if (!eof1 && (identical_p12 || identical_p13))
+ if (!eof1 && (*identical_p12 || *identical_p13))
{
err = svn_io_file_read_full2(file1_h, buf1,
SVN__STREAM_CHUNK_SIZE, &bytes_read1,
@@ -4299,7 +4294,7 @@ contents_three_identical_p(svn_boolean_t *identical_p12,
read_1 = TRUE;
}
- if (!eof2 && (identical_p12 || identical_p23))
+ if (!eof2 && (*identical_p12 || *identical_p23))
{
err = svn_io_file_read_full2(file2_h, buf2,
SVN__STREAM_CHUNK_SIZE, &bytes_read2,
@@ -4309,7 +4304,7 @@ contents_three_identical_p(svn_boolean_t *identical_p12,
read_2 = TRUE;
}
- if (!eof3 && (identical_p13 || identical_p23))
+ if (!eof3 && (*identical_p13 || *identical_p23))
{
err = svn_io_file_read_full2(file3_h, buf3,
SVN__STREAM_CHUNK_SIZE, &bytes_read3,
diff --git a/subversion/libsvn_subr/sqlite.c b/subversion/libsvn_subr/sqlite.c
index 149b0253be923..295a11c764a70 100644
--- a/subversion/libsvn_subr/sqlite.c
+++ b/subversion/libsvn_subr/sqlite.c
@@ -778,6 +778,21 @@ internal_open(sqlite3 **db3, const char *path, svn_sqlite__mode_t mode,
somebody initialized SQLite before us it is needed anyway. */
flags |= SQLITE_OPEN_NOMUTEX;
+#if !defined(WIN32) && !defined(SVN_SQLITE_INLINE)
+ if (mode == svn_sqlite__mode_rwcreate)
+ {
+ svn_node_kind_t kind;
+
+ /* Create the file before SQLite to avoid any permissions
+ problems with an SQLite build that uses the default
+ SQLITE_DEFAULT_FILE_PERMISSIONS of 644 modified by umask.
+ We simply want umask permissions. */
+ SVN_ERR(svn_io_check_path(path, &kind, scratch_pool));
+ if (kind == svn_node_none)
+ SVN_ERR(svn_io_file_create(path, "", scratch_pool));
+ }
+#endif
+
/* Open the database. Note that a handle is returned, even when an error
occurs (except for out-of-memory); thus, we can safely use it to
extract an error message and construct an svn_error_t. */
@@ -887,6 +902,18 @@ svn_sqlite__open(svn_sqlite__db_t **db, const char *path,
SVN_ERR(internal_open(&(*db)->db3, path, mode, scratch_pool));
+#if SQLITE_VERSION_NUMBER >= 3008000 && SQLITE_VERSION_NUMBER < 3009000
+ /* disable SQLITE_ENABLE_STAT3/4 from 3.8.1 - 3.8.3 (but not 3.8.3.1+)
+ * to prevent using it when it's buggy.
+ * See: https://www.sqlite.org/src/info/4c86b126f2 */
+ if (sqlite3_libversion_number() > 3008000 &&
+ sqlite3_libversion_number() < 3008004 &&
+ strcmp(sqlite3_sourceid(),"2014-02-11")<0)
+ {
+ sqlite3_test_control(SQLITE_TESTCTRL_OPTIMIZATIONS, (*db)->db3, 0x800);
+ }
+#endif
+
#ifdef SQLITE3_DEBUG
sqlite3_trace((*db)->db3, sqlite_tracer, (*db)->db3);
#endif
@@ -918,7 +945,13 @@ svn_sqlite__open(svn_sqlite__db_t **db, const char *path,
/* Enable recursive triggers so that a user trigger will fire
in the deletion phase of an INSERT OR REPLACE statement.
Requires SQLite >= 3.6.18 */
- "PRAGMA recursive_triggers=ON;"));
+ "PRAGMA recursive_triggers=ON;"
+ /* Enforce current Sqlite default behavior. Some distributions
+ might change the Sqlite defaults without realizing how this
+ affects application(read: Subversion) performance/behavior. */
+ "PRAGMA foreign_keys=OFF;" /* SQLITE_DEFAULT_FOREIGN_KEYS*/
+ "PRAGMA locking_mode = NORMAL;" /* SQLITE_DEFAULT_LOCKING_MODE */
+ ));
#if defined(SVN_DEBUG)
/* When running in debug mode, enable the checking of foreign key
@@ -927,6 +960,14 @@ svn_sqlite__open(svn_sqlite__db_t **db, const char *path,
SVN_ERR(exec_sql(*db, "PRAGMA foreign_keys=ON;"));
#endif
+#ifdef SVN_SQLITE_REVERSE_UNORDERED_SELECTS
+ /* When enabled, this PRAGMA causes SELECT statements without an ORDER BY
+ clause to emit their results in the reverse order of what they normally
+ would. This can help detecting invalid assumptions about the result
+ order.*/
+ SVN_ERR(exec_sql(*db, "PRAGMA reverse_unordered_selects=ON;"));
+#endif
+
/* Store temporary tables in RAM instead of in temporary files, but don't
fail on this if this option is disabled in the sqlite compilation by
setting SQLITE_TEMP_STORE to 0 (always to disk) */
diff --git a/subversion/libsvn_subr/sqlite3wrapper.c b/subversion/libsvn_subr/sqlite3wrapper.c
index d1941aa881859..c35642b72d497 100644
--- a/subversion/libsvn_subr/sqlite3wrapper.c
+++ b/subversion/libsvn_subr/sqlite3wrapper.c
@@ -50,6 +50,7 @@
# undef inline
# endif
# endif
+# define SQLITE_DEFAULT_FILE_PERMISSIONS 0666
# include <sqlite3.c>
# if __GNUC__ > 4 || (__GNUC__ == 4 && (__GNUC_MINOR__ >= 6))
# pragma GCC diagnostic pop
diff --git a/subversion/libsvn_subr/subst.c b/subversion/libsvn_subr/subst.c
index 3545289baf81a..223b269a71077 100644
--- a/subversion/libsvn_subr/subst.c
+++ b/subversion/libsvn_subr/subst.c
@@ -1702,9 +1702,19 @@ create_special_file_from_stream(svn_stream_t *source, const char *dst,
### this only writes the first line!
*/
if (create_using_internal_representation)
- SVN_ERR(svn_io_write_unique(&dst_tmp, svn_dirent_dirname(dst, pool),
- contents->data, contents->len,
- svn_io_file_del_none, pool));
+ {
+ apr_file_t *new_file;
+ SVN_ERR(svn_io_open_unique_file3(&new_file, &dst_tmp,
+ svn_dirent_dirname(dst, pool),
+ svn_io_file_del_none,
+ pool, pool));
+
+ SVN_ERR(svn_io_file_write_full(new_file,
+ contents->data, contents->len, NULL,
+ pool));
+
+ SVN_ERR(svn_io_file_close(new_file, pool));
+ }
/* Do the atomic rename from our temporary location. */
return svn_io_file_rename(dst_tmp, dst, pool);
diff --git a/subversion/libsvn_subr/sysinfo.c b/subversion/libsvn_subr/sysinfo.c
index 7c37822d10a35..a506310aa9069 100644
--- a/subversion/libsvn_subr/sysinfo.c
+++ b/subversion/libsvn_subr/sysinfo.c
@@ -290,11 +290,21 @@ stringbuf_split_key(svn_stringbuf_t *buffer, char delim)
return NULL;
svn_stringbuf_strip_whitespace(buffer);
+
+ /* Now we split the currently allocated buffer in two parts:
+ - a const char * HEAD
+ - the remaining stringbuf_t. */
+
+ /* Create HEAD as '\0' terminated const char * */
key = buffer->data;
end = strchr(key, delim);
*end = '\0';
- buffer->len = 1 + end - key;
+
+ /* And update the TAIL to be a smaller, but still valid stringbuf */
buffer->data = end + 1;
+ buffer->len -= 1 + end - key;
+ buffer->blocksize -= 1 + end - key;
+
svn_stringbuf_strip_whitespace(buffer);
return key;
diff --git a/subversion/libsvn_subr/win32_crypto.c b/subversion/libsvn_subr/win32_crypto.c
index a7e3828c90e2e..e16866a68d521 100644
--- a/subversion/libsvn_subr/win32_crypto.c
+++ b/subversion/libsvn_subr/win32_crypto.c
@@ -436,8 +436,9 @@ windows_ssl_server_trust_first_credentials(void **credentials,
const char *realmstring,
apr_pool_t *pool)
{
- apr_uint32_t *failures = svn_hash_gets(parameters,
- SVN_AUTH_PARAM_SSL_SERVER_FAILURES);
+ apr_uint32_t *failure_ptr = svn_hash_gets(parameters,
+ SVN_AUTH_PARAM_SSL_SERVER_FAILURES);
+ apr_uint32_t failures = *failure_ptr;
const svn_auth_ssl_server_cert_info_t *cert_info =
svn_hash_gets(parameters, SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO);
@@ -445,7 +446,7 @@ windows_ssl_server_trust_first_credentials(void **credentials,
*iter_baton = NULL;
/* We can accept only unknown certificate authority. */
- if (*failures & SVN_AUTH_SSL_UNKNOWNCA)
+ if (failures & SVN_AUTH_SSL_UNKNOWNCA)
{
svn_boolean_t ok;
@@ -455,15 +456,16 @@ windows_ssl_server_trust_first_credentials(void **credentials,
if (ok)
{
/* Clear failure flag. */
- *failures &= ~SVN_AUTH_SSL_UNKNOWNCA;
+ failures &= ~SVN_AUTH_SSL_UNKNOWNCA;
}
}
/* If all failures are cleared now, we return the creds */
- if (! *failures)
+ if (! failures)
{
svn_auth_cred_ssl_server_trust_t *creds =
apr_pcalloc(pool, sizeof(*creds));
+ creds->accepted_failures = *failure_ptr & ~failures;
creds->may_save = FALSE; /* No need to save it. */
*credentials = creds;
}
@@ -489,4 +491,24 @@ svn_auth_get_windows_ssl_server_trust_provider
*provider = po;
}
+static const svn_auth_provider_t windows_server_authority_provider = {
+ SVN_AUTH_CRED_SSL_SERVER_AUTHORITY,
+ windows_ssl_server_trust_first_credentials,
+ NULL,
+ NULL,
+};
+
+/* Public API */
+void
+svn_auth__get_windows_ssl_server_authority_provider(
+ svn_auth_provider_object_t **provider,
+ apr_pool_t *pool)
+{
+ svn_auth_provider_object_t *po = apr_pcalloc(pool, sizeof(*po));
+
+ po->vtable = &windows_server_authority_provider;
+ *provider = po;
+}
+
+
#endif /* WIN32 */
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-01 05:04:03 +0000