subversion/svnserve/server.h

   1 /*
   2  * svn_server.h :  declarations for the svn server
   3  *
   4  * ====================================================================
   5  * Copyright (c) 2000-2006 CollabNet.  All rights reserved.
   6  *
   7  * This software is licensed as described in the file COPYING, which
   8  * you should have received as part of this distribution.  The terms
   9  * are also available at http://subversion.tigris.org/license-1.html.
  10  * If newer versions of this license are posted there, you may use a
  11  * newer version instead, at your option.
  12  *
  13  * This software consists of voluntary contributions made by many
  14  * individuals.  For exact contribution history, see the revision
  15  * history and logs, available at http://subversion.tigris.org/.
  16  * ====================================================================
  17  */
  18
  19
  20 \f
  21 #ifndef SERVER_H
  22 #define SERVER_H
  23
  24 #include <apr_network_io.h>
  25
  26 #ifdef __cplusplus
  27 extern "C" {
  28 #endif /* __cplusplus */
  29
  30 #include "svn_config.h"
  31 #include "svn_repos.h"
  32 #include "svn_ra_svn.h"
  33
  34 typedef struct server_baton_t {
  35   svn_repos_t *repos;
  36   const char *repos_name;  /* URI-encoded name of repository (not for authz) */
  37   svn_fs_t *fs;            /* For convenience; same as svn_repos_fs(repos) */
  38   svn_config_t *cfg;       /* Parsed repository svnserve.conf */
  39   svn_config_t *pwdb;      /* Parsed password database */
  40   svn_authz_t *authzdb;    /* Parsed authz rules */
  41   const char *authz_repos_name; /* The name of the repository for authz */
  42   const char *realm;       /* Authentication realm */
  43   const char *repos_url;   /* URL to base of repository */
  44   svn_stringbuf_t *fs_path;/* Decoded base in-repos path (w/ leading slash) */
  45   const char *user;
  46   svn_boolean_t tunnel;    /* Tunneled through login agent */
  47   const char *tunnel_user; /* Allow EXTERNAL to authenticate as this */
  48   svn_boolean_t read_only; /* Disallow write access (global flag) */
  49   svn_boolean_t use_sasl;  /* Use Cyrus SASL for authentication;
  50                               always false if SVN_HAVE_SASL not defined */
  51   apr_file_t *log_file;    /* Log filehandle. */
  52   apr_pool_t *pool;
  53 } server_baton_t;
  54
  55 enum authn_type { UNAUTHENTICATED, AUTHENTICATED };
  56 enum access_type { NO_ACCESS, READ_ACCESS, WRITE_ACCESS };
  57
  58 enum access_type get_access(server_baton_t *b, enum authn_type auth);
  59
  60 typedef struct serve_params_t {
  61   /* The virtual root of the repositories to serve.  The client URL
  62      path is interpreted relative to this root and is not allowed to
  63      escape it. */
  64   const char *root;
  65
  66   /* True if the connection is tunneled over an ssh-like transport,
  67      such that the client may use EXTERNAL to authenticate as the
  68      current uid's username. */
  69   svn_boolean_t tunnel;
  70
  71   /* If tunnel is true, overrides the current uid's username as the
  72      identity EXTERNAL authenticates as. */
  73   const char *tunnel_user;
  74
  75   /* True if the read-only flag was specified on the command-line,
  76      which forces all connections to be read-only. */
  77   svn_boolean_t read_only;
  78
  79   /* A parsed repository svnserve configuration file, ala
  80      svnserve.conf.  If this is NULL, then no configuration file was
  81      specified on the command line.  If this is non-NULL, then
  82      per-repository svnserve.conf are not read. */
  83   svn_config_t *cfg;
  84
  85   /* A parsed repository password database.  If this is NULL, then
  86      either no svnserve configuration file was specified on the
  87      command line, or it was specified and it did not refer to a
  88      password database. */
  89   svn_config_t *pwdb;
  90
  91   /* A parsed repository authorization database.  If this is NULL,
  92      then either no svnserve configuration file was specified on the
  93      command line, or it was specified and it did not refer to a
  94      authorization database. */
  95   svn_authz_t *authzdb;
  96
  97   /* A filehandle open for writing logs to; possibly NULL. */
  98   apr_file_t *log_file;
  99 } serve_params_t;
 100
 101 /* Serve the connection CONN according to the parameters PARAMS. */
 102 svn_error_t *serve(svn_ra_svn_conn_t *conn, serve_params_t *params,
 103                    apr_pool_t *pool);
 104
 105 /* Load a svnserve configuration file located at FILENAME into CFG,
 106    any referenced password database into PWDB and any referenced
 107    authorization database into AUTHZDB.  If MUST_EXIST is true and
 108    FILENAME does not exist, then this returns an error.  BASE may be
 109    specified as the base path to any referenced password and
 110    authorization files found in FILENAME.
 111
 112    If SERVER is not NULL, log the real errors with SERVER and CONN but
 113    return generic errors to the client.  CONN must not be NULL if SERVER
 114    is not NULL. */
 115 svn_error_t *load_configs(svn_config_t **cfg,
 116                           svn_config_t **pwdb,
 117                           svn_authz_t **authzdb,
 118                           const char *filename,
 119                           svn_boolean_t must_exist,
 120                           const char *base,
 121                           server_baton_t *server,
 122                           svn_ra_svn_conn_t *conn,
 123                           apr_pool_t *pool);
 124
 125 /* Initialize the Cyrus SASL library. POOL is used for allocations. */
 126 svn_error_t *cyrus_init(apr_pool_t *pool);
 127
 128 /* Authenticate using Cyrus SASL. */
 129 svn_error_t *cyrus_auth_request(svn_ra_svn_conn_t *conn,
 130                                 apr_pool_t *pool,
 131                                 server_baton_t *b,
 132                                 enum access_type required,
 133                                 svn_boolean_t needs_username);
 134
 135 /* Escape SOURCE into DEST where SOURCE is null-terminated and DEST is
 136    size BUFLEN DEST will be null-terminated.  Returns number of bytes
 137    written, including terminating null byte. */
 138 apr_size_t escape_errorlog_item(char *dest, const char *source,
 139                                 apr_size_t buflen);
 140
 141 /* Log ERR to LOG_FILE if LOG_FILE is not NULL.  Include REMOTE_HOST,
 142    USER, and REPOS in the log if they are not NULL.  Allocate temporary
 143    char buffers in POOL (which caller can then clear or dispose of). */
 144 void
 145 log_error(svn_error_t *err, apr_file_t *log_file, const char *remote_host,
 146           const char *user, const char *repos, apr_pool_t *pool);
 147
 148 #ifdef __cplusplus
 149 }
 150 #endif /* __cplusplus */
 151
 152 #endif  /* SERVER_H */