subversion/libsvn_subr/config_auth.c

   1 /*
   2  * config_auth.c :  authentication files in the user config area
   3  *
   4  * ====================================================================
   5  * Copyright (c) 2000-2004 CollabNet.  All rights reserved.
   6  *
   7  * This software is licensed as described in the file COPYING, which
   8  * you should have received as part of this distribution.  The terms
   9  * are also available at http://subversion.tigris.org/license-1.html.
  10  * If newer versions of this license are posted there, you may use a
  11  * newer version instead, at your option.
  12  *
  13  * This software consists of voluntary contributions made by many
  14  * individuals.  For exact contribution history, see the revision
  15  * history and logs, available at http://subversion.tigris.org/.
  16  * ====================================================================
  17  */
  18
  19
  20 \f
  21 #include <apr_md5.h>
  22
  23 #include "svn_path.h"
  24 #include "svn_md5.h"
  25 #include "svn_hash.h"
  26 #include "svn_io.h"
  27
  28 #include "config_impl.h"
  29
  30 #include "svn_private_config.h"
  31
  32 /* Helper for svn_config_{read|write}_auth_data.  Return a path to a
  33    file within ~/.subversion/auth/ that holds CRED_KIND credentials
  34    within REALMSTRING.  If no path is available *PATH will be set to
  35    NULL. */
  36 static svn_error_t *
  37 auth_file_path(const char **path,
  38                const char *cred_kind,
  39                const char *realmstring,
  40                const char *config_dir,
  41                apr_pool_t *pool)
  42 {
  43   const char *authdir_path, *hexname;
  44   unsigned char digest[APR_MD5_DIGESTSIZE];
  45
  46   /* Construct the path to the directory containing the creds files,
  47      e.g. "~/.subversion/auth/svn.simple".  The last component is
  48      simply the cred_kind.  */
  49   SVN_ERR(svn_config__user_config_path(config_dir, &authdir_path,
  50                                        SVN_CONFIG__AUTH_SUBDIR, pool));
  51   if (authdir_path)
  52     {
  53       authdir_path = svn_path_join(authdir_path, cred_kind, pool);
  54
  55       /* Construct the basename of the creds file.  It's just the
  56          realmstring converted into an md5 hex string.  */
  57       apr_md5(digest, realmstring, strlen(realmstring));
  58       hexname = svn_md5_digest_to_cstring(digest, pool);
  59
  60       *path = svn_path_join(authdir_path, hexname, pool);
  61     }
  62   else
  63     *path = NULL;
  64
  65   return SVN_NO_ERROR;
  66 }
  67
  68
  69 svn_error_t *
  70 svn_config_read_auth_data(apr_hash_t **hash,
  71                           const char *cred_kind,
  72                           const char *realmstring,
  73                           const char *config_dir,
  74                           apr_pool_t *pool)
  75 {
  76   svn_node_kind_t kind;
  77   const char *auth_path;
  78
  79   *hash = NULL;
  80
  81   SVN_ERR(auth_file_path(&auth_path, cred_kind, realmstring, config_dir,
  82                          pool));
  83   if (! auth_path)
  84     return SVN_NO_ERROR;
  85
  86   SVN_ERR(svn_io_check_path(auth_path, &kind, pool));
  87   if (kind == svn_node_file)
  88     {
  89       apr_file_t *authfile = NULL;
  90
  91       SVN_ERR_W(svn_io_file_open(&authfile, auth_path,
  92                                  APR_READ | APR_BUFFERED, APR_OS_DEFAULT,
  93                                  pool),
  94                 _("Unable to open auth file for reading"));
  95
  96       *hash = apr_hash_make(pool);
  97
  98       SVN_ERR_W(svn_hash_read(*hash, authfile, pool),
  99                 apr_psprintf(pool, _("Error parsing '%s'"),
 100                              svn_path_local_style(auth_path, pool)));
 101
 102       SVN_ERR(svn_io_file_close(authfile, pool));
 103     }
 104
 105   return SVN_NO_ERROR;
 106 }
 107
 108
 109 svn_error_t *
 110 svn_config_write_auth_data(apr_hash_t *hash,
 111                            const char *cred_kind,
 112                            const char *realmstring,
 113                            const char *config_dir,
 114                            apr_pool_t *pool)
 115 {
 116   apr_file_t *authfile = NULL;
 117   const char *auth_path;
 118
 119   SVN_ERR(auth_file_path(&auth_path, cred_kind, realmstring, config_dir,
 120                          pool));
 121   if (! auth_path)
 122     return svn_error_create(SVN_ERR_NO_AUTH_FILE_PATH, NULL,
 123                             _("Unable to locate auth file"));
 124
 125   /* Add the realmstring to the hash, so programs (or users) can
 126      verify exactly which set of credentials this file holds.  */
 127   apr_hash_set(hash, SVN_CONFIG_REALMSTRING_KEY, APR_HASH_KEY_STRING,
 128                svn_string_create(realmstring, pool));
 129
 130   SVN_ERR_W(svn_io_file_open(&authfile, auth_path,
 131                              (APR_WRITE | APR_CREATE | APR_TRUNCATE
 132                               | APR_BUFFERED),
 133                              APR_OS_DEFAULT, pool),
 134             _("Unable to open auth file for writing"));
 135
 136   SVN_ERR_W(svn_hash_write(hash, authfile, pool),
 137             apr_psprintf(pool, _("Error writing hash to '%s'"),
 138                          svn_path_local_style(auth_path, pool)));
 139
 140   SVN_ERR(svn_io_file_close(authfile, pool));
 141
 142   /* To be nice, remove the realmstring from the hash again, just in
 143      case the caller wants their hash unchanged. */
 144   apr_hash_set(hash, SVN_CONFIG_REALMSTRING_KEY, APR_HASH_KEY_STRING, NULL);
 145
 146   return SVN_NO_ERROR;
 147 }