repos.c revision 299742
1/* repos.c : repository creation; shared and exclusive repository locking 2 * 3 * ==================================================================== 4 * Licensed to the Apache Software Foundation (ASF) under one 5 * or more contributor license agreements. See the NOTICE file 6 * distributed with this work for additional information 7 * regarding copyright ownership. The ASF licenses this file 8 * to you under the Apache License, Version 2.0 (the 9 * "License"); you may not use this file except in compliance 10 * with the License. You may obtain a copy of the License at 11 * 12 * http://www.apache.org/licenses/LICENSE-2.0 13 * 14 * Unless required by applicable law or agreed to in writing, 15 * software distributed under the License is distributed on an 16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 17 * KIND, either express or implied. See the License for the 18 * specific language governing permissions and limitations 19 * under the License. 20 * ==================================================================== 21 */ 22 23#include <apr_pools.h> 24#include <apr_file_io.h> 25 26#include "svn_pools.h" 27#include "svn_error.h" 28#include "svn_dirent_uri.h" 29#include "svn_path.h" 30#include "svn_utf.h" 31#include "svn_time.h" 32#include "svn_fs.h" 33#include "svn_ra.h" /* for SVN_RA_CAPABILITY_* */ 34#include "svn_repos.h" 35#include "svn_hash.h" 36#include "svn_version.h" 37#include "svn_config.h" 38 39#include "private/svn_repos_private.h" 40#include "private/svn_subr_private.h" 41#include "svn_private_config.h" /* for SVN_TEMPLATE_ROOT_DIR */ 42 43#include "repos.h" 44 45/* Used to terminate lines in large multi-line string literals. */ 46#define NL APR_EOL_STR 47 48 49/* Path accessor functions. */ 50 51 52const char * 53svn_repos_path(svn_repos_t *repos, apr_pool_t *pool) 54{ 55 return apr_pstrdup(pool, repos->path); 56} 57 58 59const char * 60svn_repos_db_env(svn_repos_t *repos, apr_pool_t *pool) 61{ 62 return apr_pstrdup(pool, repos->db_path); 63} 64 65 66const char * 67svn_repos_conf_dir(svn_repos_t *repos, apr_pool_t *pool) 68{ 69 return apr_pstrdup(pool, repos->conf_path); 70} 71 72 73const char * 74svn_repos_svnserve_conf(svn_repos_t *repos, apr_pool_t *pool) 75{ 76 return svn_dirent_join(repos->conf_path, SVN_REPOS__CONF_SVNSERVE_CONF, pool); 77} 78 79 80const char * 81svn_repos_lock_dir(svn_repos_t *repos, apr_pool_t *pool) 82{ 83 return apr_pstrdup(pool, repos->lock_path); 84} 85 86 87const char * 88svn_repos_db_lockfile(svn_repos_t *repos, apr_pool_t *pool) 89{ 90 return svn_dirent_join(repos->lock_path, SVN_REPOS__DB_LOCKFILE, pool); 91} 92 93 94const char * 95svn_repos_db_logs_lockfile(svn_repos_t *repos, apr_pool_t *pool) 96{ 97 return svn_dirent_join(repos->lock_path, SVN_REPOS__DB_LOGS_LOCKFILE, pool); 98} 99 100const char * 101svn_repos_hook_dir(svn_repos_t *repos, apr_pool_t *pool) 102{ 103 return apr_pstrdup(pool, repos->hook_path); 104} 105 106 107const char * 108svn_repos_start_commit_hook(svn_repos_t *repos, apr_pool_t *pool) 109{ 110 return svn_dirent_join(repos->hook_path, SVN_REPOS__HOOK_START_COMMIT, pool); 111} 112 113 114const char * 115svn_repos_pre_commit_hook(svn_repos_t *repos, apr_pool_t *pool) 116{ 117 return svn_dirent_join(repos->hook_path, SVN_REPOS__HOOK_PRE_COMMIT, pool); 118} 119 120 121const char * 122svn_repos_pre_lock_hook(svn_repos_t *repos, apr_pool_t *pool) 123{ 124 return svn_dirent_join(repos->hook_path, SVN_REPOS__HOOK_PRE_LOCK, pool); 125} 126 127 128const char * 129svn_repos_pre_unlock_hook(svn_repos_t *repos, apr_pool_t *pool) 130{ 131 return svn_dirent_join(repos->hook_path, SVN_REPOS__HOOK_PRE_UNLOCK, pool); 132} 133 134const char * 135svn_repos_post_lock_hook(svn_repos_t *repos, apr_pool_t *pool) 136{ 137 return svn_dirent_join(repos->hook_path, SVN_REPOS__HOOK_POST_LOCK, pool); 138} 139 140 141const char * 142svn_repos_post_unlock_hook(svn_repos_t *repos, apr_pool_t *pool) 143{ 144 return svn_dirent_join(repos->hook_path, SVN_REPOS__HOOK_POST_UNLOCK, pool); 145} 146 147 148const char * 149svn_repos_post_commit_hook(svn_repos_t *repos, apr_pool_t *pool) 150{ 151 return svn_dirent_join(repos->hook_path, SVN_REPOS__HOOK_POST_COMMIT, pool); 152} 153 154 155const char * 156svn_repos_pre_revprop_change_hook(svn_repos_t *repos, apr_pool_t *pool) 157{ 158 return svn_dirent_join(repos->hook_path, SVN_REPOS__HOOK_PRE_REVPROP_CHANGE, 159 pool); 160} 161 162 163const char * 164svn_repos_post_revprop_change_hook(svn_repos_t *repos, apr_pool_t *pool) 165{ 166 return svn_dirent_join(repos->hook_path, SVN_REPOS__HOOK_POST_REVPROP_CHANGE, 167 pool); 168} 169 170static svn_error_t * 171create_repos_dir(const char *path, apr_pool_t *pool) 172{ 173 svn_error_t *err; 174 175 err = svn_io_dir_make(path, APR_OS_DEFAULT, pool); 176 if (err && (APR_STATUS_IS_EEXIST(err->apr_err))) 177 { 178 svn_boolean_t is_empty; 179 180 svn_error_clear(err); 181 182 SVN_ERR(svn_io_dir_empty(&is_empty, path, pool)); 183 184 if (is_empty) 185 err = NULL; 186 else 187 err = svn_error_createf(SVN_ERR_DIR_NOT_EMPTY, 0, 188 _("'%s' exists and is non-empty"), 189 svn_dirent_local_style(path, pool)); 190 } 191 192 return svn_error_trace(err); 193} 194 195static const char * bdb_lock_file_contents = 196 "DB lock file, representing locks on the versioned filesystem." NL 197 "" NL 198 "All accessors -- both readers and writers -- of the repository's" NL 199 "Berkeley DB environment take out shared locks on this file, and" NL 200 "each accessor removes its lock when done. If and when the DB" NL 201 "recovery procedure is run, the recovery code takes out an" NL 202 "exclusive lock on this file, so we can be sure no one else is" NL 203 "using the DB during the recovery." NL 204 "" NL 205 "You should never have to edit or remove this file." NL; 206 207static const char * bdb_logs_lock_file_contents = 208 "DB logs lock file, representing locks on the versioned filesystem logs." NL 209 "" NL 210 "All log manipulators of the repository's Berkeley DB environment" NL 211 "take out exclusive locks on this file to ensure that only one" NL 212 "accessor manipulates the logs at a time." NL 213 "" NL 214 "You should never have to edit or remove this file." NL; 215 216static const char * pre12_compat_unneeded_file_contents = 217 "This file is not used by Subversion 1.3.x or later." NL 218 "However, its existence is required for compatibility with" NL 219 "Subversion 1.2.x or earlier." NL; 220 221/* Create the DB logs lockfile. */ 222static svn_error_t * 223create_db_logs_lock(svn_repos_t *repos, apr_pool_t *pool) { 224 const char *contents; 225 const char *lockfile_path; 226 227 lockfile_path = svn_repos_db_logs_lockfile(repos, pool); 228 if (strcmp(repos->fs_type, SVN_FS_TYPE_BDB) == 0) 229 contents = bdb_logs_lock_file_contents; 230 else 231 contents = pre12_compat_unneeded_file_contents; 232 233 SVN_ERR_W(svn_io_file_create(lockfile_path, contents, pool), 234 _("Creating db logs lock file")); 235 236 return SVN_NO_ERROR; 237} 238 239/* Create the DB lockfile. */ 240static svn_error_t * 241create_db_lock(svn_repos_t *repos, apr_pool_t *pool) { 242 const char *contents; 243 const char *lockfile_path; 244 245 lockfile_path = svn_repos_db_lockfile(repos, pool); 246 if (strcmp(repos->fs_type, SVN_FS_TYPE_BDB) == 0) 247 contents = bdb_lock_file_contents; 248 else 249 contents = pre12_compat_unneeded_file_contents; 250 251 SVN_ERR_W(svn_io_file_create(lockfile_path, contents, pool), 252 _("Creating db lock file")); 253 254 return SVN_NO_ERROR; 255} 256 257static svn_error_t * 258create_locks(svn_repos_t *repos, apr_pool_t *pool) 259{ 260 /* Create the locks directory. */ 261 SVN_ERR_W(create_repos_dir(repos->lock_path, pool), 262 _("Creating lock dir")); 263 264 SVN_ERR(create_db_lock(repos, pool)); 265 return create_db_logs_lock(repos, pool); 266} 267 268 269#define HOOKS_ENVIRONMENT_TEXT \ 270 "# The hook program runs in an empty environment, unless the server is" NL \ 271 "# explicitly configured otherwise. For example, a common problem is for" NL \ 272 "# the PATH environment variable to not be set to its usual value, so" NL \ 273 "# that subprograms fail to launch unless invoked via absolute path." NL \ 274 "# If you're having unexpected problems with a hook program, the" NL \ 275 "# culprit may be unusual (or missing) environment variables." NL 276 277#define PREWRITTEN_HOOKS_TEXT \ 278 "# For more examples and pre-written hooks, see those in" NL \ 279 "# the Subversion repository at" NL \ 280 "# http://svn.apache.org/repos/asf/subversion/trunk/tools/hook-scripts/ and" NL \ 281 "# http://svn.apache.org/repos/asf/subversion/trunk/contrib/hook-scripts/" NL 282 283#define HOOKS_QUOTE_ARGUMENTS_TEXT \ 284 "# CAUTION:" NL \ 285 "# For security reasons, you MUST always properly quote arguments when" NL \ 286 "# you use them, as those arguments could contain whitespace or other" NL \ 287 "# problematic characters. Additionally, you should delimit the list" NL \ 288 "# of options with \"--\" before passing the arguments, so malicious" NL \ 289 "# clients cannot bootleg unexpected options to the commands your" NL \ 290 "# script aims to execute." NL \ 291 "# For similar reasons, you should also add a trailing @ to URLs which" NL \ 292 "# are passed to SVN commands accepting URLs with peg revisions." NL 293 294/* Return template text for a hook script named SCRIPT_NAME. Include 295 * DESCRIPTION and SCRIPT in the template text. 296 */ 297static const char * 298hook_template_text(const char *script_name, 299 const char *description, 300 const char *script, 301 apr_pool_t *result_pool) 302{ 303 return apr_pstrcat(result_pool, 304"#!/bin/sh" NL 305"" NL, 306 description, 307"#" NL 308"# The default working directory for the invocation is undefined, so" NL 309"# the program should set one explicitly if it cares." NL 310"#" NL 311"# On a Unix system, the normal procedure is to have '", script_name, "'" NL 312"# invoke other programs to do the real work, though it may do the" NL 313"# work itself too." NL 314"#" NL 315"# Note that '", script_name, "' must be executable by the user(s) who will" NL 316"# invoke it (typically the user httpd runs as), and that user must" NL 317"# have filesystem-level permission to access the repository." NL 318"#" NL 319"# On a Windows system, you should name the hook program" NL 320"# '", script_name, ".bat' or '", script_name, ".exe'," NL 321"# but the basic idea is the same." NL 322"#" NL 323HOOKS_ENVIRONMENT_TEXT 324"#" NL 325HOOKS_QUOTE_ARGUMENTS_TEXT 326"#" NL 327"# Here is an example hook script, for a Unix /bin/sh interpreter." NL 328PREWRITTEN_HOOKS_TEXT 329"" NL 330"" NL, 331 script, 332 SVN_VA_NULL); 333} 334 335/* Write a template file for a hook script named SCRIPT_NAME (appending 336 * '.tmpl' to that name) in REPOS. Include DESCRIPTION and SCRIPT in the 337 * template text. 338 */ 339static svn_error_t * 340write_hook_template_file(svn_repos_t *repos, const char *script_name, 341 const char *description, 342 const char *script, 343 apr_pool_t *pool) 344{ 345 const char *template_path 346 = svn_dirent_join(repos->hook_path, 347 apr_psprintf(pool, "%s%s", 348 script_name, SVN_REPOS__HOOK_DESC_EXT), 349 pool); 350 const char *contents 351 = hook_template_text(script_name, description, script, pool); 352 353 SVN_ERR(svn_io_file_create(template_path, contents, pool)); 354 SVN_ERR(svn_io_set_file_executable(template_path, TRUE, FALSE, pool)); 355 return SVN_NO_ERROR; 356} 357 358/* Write the hook template files in REPOS. 359 */ 360static svn_error_t * 361create_hooks(svn_repos_t *repos, apr_pool_t *pool) 362{ 363 const char *description, *script; 364 365 /* Create the hook directory. */ 366 SVN_ERR_W(create_repos_dir(repos->hook_path, pool), 367 _("Creating hook directory")); 368 369 /*** Write a default template for each standard hook file. */ 370 371 /* Start-commit hook. */ 372#define SCRIPT_NAME SVN_REPOS__HOOK_START_COMMIT 373 374 description = 375"# START-COMMIT HOOK" NL 376"#" NL 377"# The start-commit hook is invoked immediately after a Subversion txn is" NL 378"# created and populated with initial revprops in the process of doing a" NL 379"# commit. Subversion runs this hook by invoking a program (script, " NL 380"# executable, binary, etc.) named '"SCRIPT_NAME"' (for which this file" NL 381"# is a template) with the following ordered arguments:" NL 382"#" NL 383"# [1] REPOS-PATH (the path to this repository)" NL 384"# [2] USER (the authenticated user attempting to commit)" NL 385"# [3] CAPABILITIES (a colon-separated list of capabilities reported" NL 386"# by the client; see note below)" NL 387"# [4] TXN-NAME (the name of the commit txn just created)" NL 388"#" NL 389"# Note: The CAPABILITIES parameter is new in Subversion 1.5, and 1.5" NL 390"# clients will typically report at least the \"" \ 391 SVN_RA_CAPABILITY_MERGEINFO "\" capability." NL 392"# If there are other capabilities, then the list is colon-separated," NL 393"# e.g.: \"" SVN_RA_CAPABILITY_MERGEINFO ":some-other-capability\" " \ 394 "(the order is undefined)." NL 395"#" NL 396"# Note: The TXN-NAME parameter is new in Subversion 1.8. Prior to version" NL 397"# 1.8, the start-commit hook was invoked before the commit txn was even" NL 398"# created, so the ability to inspect the commit txn and its metadata from" NL 399"# within the start-commit hook was not possible." NL 400"# " NL 401"# The list is self-reported by the client. Therefore, you should not" NL 402"# make security assumptions based on the capabilities list, nor should" NL 403"# you assume that clients reliably report every capability they have." NL 404"#" NL 405"# If the hook program exits with success, the commit continues; but" NL 406"# if it exits with failure (non-zero), the commit is stopped before" NL 407"# a Subversion txn is created, and STDERR is returned to the client." NL; 408 script = 409"REPOS=\"$1\"" NL 410"USER=\"$2\"" NL 411"" NL 412"commit-allower.pl --repository \"$REPOS\" --user \"$USER\" || exit 1" NL 413"special-auth-check.py --user \"$USER\" --auth-level 3 || exit 1" NL 414"" NL 415"# All checks passed, so allow the commit." NL 416"exit 0" NL; 417 418 SVN_ERR_W(write_hook_template_file(repos, SCRIPT_NAME, 419 description, script, pool), 420 _("Creating start-commit hook")); 421 422#undef SCRIPT_NAME 423 424 425 /* Pre-commit hook. */ 426#define SCRIPT_NAME SVN_REPOS__HOOK_PRE_COMMIT 427 428 description = 429"# PRE-COMMIT HOOK" NL 430"#" NL 431"# The pre-commit hook is invoked before a Subversion txn is" NL 432"# committed. Subversion runs this hook by invoking a program" NL 433"# (script, executable, binary, etc.) named '"SCRIPT_NAME"' (for which" NL 434"# this file is a template), with the following ordered arguments:" NL 435"#" NL 436"# [1] REPOS-PATH (the path to this repository)" NL 437"# [2] TXN-NAME (the name of the txn about to be committed)" NL 438"#" NL 439"# [STDIN] LOCK-TOKENS ** the lock tokens are passed via STDIN." NL 440"#" NL 441"# If STDIN contains the line \"LOCK-TOKENS:\\n\" (the \"\\n\" denotes a" NL 442"# single newline), the lines following it are the lock tokens for" NL 443"# this commit. The end of the list is marked by a line containing" NL 444"# only a newline character." NL 445"#" NL 446"# Each lock token line consists of a URI-escaped path, followed" NL 447"# by the separator character '|', followed by the lock token string," NL 448"# followed by a newline." NL 449"#" NL 450"# If the hook program exits with success, the txn is committed; but" NL 451"# if it exits with failure (non-zero), the txn is aborted, no commit" NL 452"# takes place, and STDERR is returned to the client. The hook" NL 453"# program can use the 'svnlook' utility to help it examine the txn." NL 454"#" NL 455"# *** NOTE: THE HOOK PROGRAM MUST NOT MODIFY THE TXN, EXCEPT ***" NL 456"# *** FOR REVISION PROPERTIES (like svn:log or svn:author). ***" NL 457"#" NL 458"# This is why we recommend using the read-only 'svnlook' utility." NL 459"# In the future, Subversion may enforce the rule that pre-commit" NL 460"# hooks should not modify the versioned data in txns, or else come" NL 461"# up with a mechanism to make it safe to do so (by informing the" NL 462"# committing client of the changes). However, right now neither" NL 463"# mechanism is implemented, so hook writers just have to be careful." NL; 464 script = 465"REPOS=\"$1\"" NL 466"TXN=\"$2\"" NL 467"" NL 468"# Make sure that the log message contains some text." NL 469"SVNLOOK=" SVN_BINDIR "/svnlook" NL 470"$SVNLOOK log -t \"$TXN\" \"$REPOS\" | \\" NL 471" grep \"[a-zA-Z0-9]\" > /dev/null || exit 1" NL 472"" NL 473"# Check that the author of this commit has the rights to perform" NL 474"# the commit on the files and directories being modified." NL 475"commit-access-control.pl \"$REPOS\" \"$TXN\" commit-access-control.cfg || exit 1" 476 NL 477"" NL 478"# All checks passed, so allow the commit." NL 479"exit 0" NL; 480 481 SVN_ERR_W(write_hook_template_file(repos, SCRIPT_NAME, 482 description, script, pool), 483 _("Creating pre-commit hook")); 484 485#undef SCRIPT_NAME 486 487 488 /* Pre-revprop-change hook. */ 489#define SCRIPT_NAME SVN_REPOS__HOOK_PRE_REVPROP_CHANGE 490 491 description = 492"# PRE-REVPROP-CHANGE HOOK" NL 493"#" NL 494"# The pre-revprop-change hook is invoked before a revision property" NL 495"# is added, modified or deleted. Subversion runs this hook by invoking" NL 496"# a program (script, executable, binary, etc.) named '"SCRIPT_NAME"'" NL 497"# (for which this file is a template), with the following ordered" NL 498"# arguments:" NL 499"#" NL 500"# [1] REPOS-PATH (the path to this repository)" NL 501"# [2] REV (the revision being tweaked)" NL 502"# [3] USER (the username of the person tweaking the property)" NL 503"# [4] PROPNAME (the property being set on the revision)" NL 504"# [5] ACTION (the property is being 'A'dded, 'M'odified, or 'D'eleted)" 505 NL 506"#" NL 507"# [STDIN] PROPVAL ** the new property value is passed via STDIN." NL 508"#" NL 509"# If the hook program exits with success, the propchange happens; but" NL 510"# if it exits with failure (non-zero), the propchange doesn't happen." NL 511"# The hook program can use the 'svnlook' utility to examine the " NL 512"# existing value of the revision property." NL 513"#" NL 514"# WARNING: unlike other hooks, this hook MUST exist for revision" NL 515"# properties to be changed. If the hook does not exist, Subversion " NL 516"# will behave as if the hook were present, but failed. The reason" NL 517"# for this is that revision properties are UNVERSIONED, meaning that" NL 518"# a successful propchange is destructive; the old value is gone" NL 519"# forever. We recommend the hook back up the old value somewhere." NL; 520 script = 521"REPOS=\"$1\"" NL 522"REV=\"$2\"" NL 523"USER=\"$3\"" NL 524"PROPNAME=\"$4\"" NL 525"ACTION=\"$5\"" NL 526"" NL 527"if [ \"$ACTION\" = \"M\" -a \"$PROPNAME\" = \"svn:log\" ]; then exit 0; fi" NL 528"" NL 529"echo \"Changing revision properties other than svn:log is prohibited\" >&2" NL 530"exit 1" NL; 531 532 SVN_ERR_W(write_hook_template_file(repos, SCRIPT_NAME, 533 description, script, pool), 534 _("Creating pre-revprop-change hook")); 535 536#undef SCRIPT_NAME 537 538 539 /* Pre-lock hook. */ 540#define SCRIPT_NAME SVN_REPOS__HOOK_PRE_LOCK 541 542 description = 543"# PRE-LOCK HOOK" NL 544"#" NL 545"# The pre-lock hook is invoked before an exclusive lock is" NL 546"# created. Subversion runs this hook by invoking a program " NL 547"# (script, executable, binary, etc.) named '"SCRIPT_NAME"' (for which" NL 548"# this file is a template), with the following ordered arguments:" NL 549"#" NL 550"# [1] REPOS-PATH (the path to this repository)" NL 551"# [2] PATH (the path in the repository about to be locked)" NL 552"# [3] USER (the user creating the lock)" NL 553"# [4] COMMENT (the comment of the lock)" NL 554"# [5] STEAL-LOCK (1 if the user is trying to steal the lock, else 0)" NL 555"#" NL 556"# If the hook program outputs anything on stdout, the output string will" NL 557"# be used as the lock token for this lock operation. If you choose to use" NL 558"# this feature, you must guarantee the tokens generated are unique across" NL 559"# the repository each time." NL 560"#" NL 561"# If the hook program exits with success, the lock is created; but" NL 562"# if it exits with failure (non-zero), the lock action is aborted" NL 563"# and STDERR is returned to the client." NL; 564 script = 565"REPOS=\"$1\"" NL 566"PATH=\"$2\"" NL 567"USER=\"$3\"" NL 568"COMMENT=\"$4\"" NL 569"STEAL=\"$5\"" NL 570"" NL 571"# If a lock exists and is owned by a different person, don't allow it" NL 572"# to be stolen (e.g., with 'svn lock --force ...')." NL 573"" NL 574"# (Maybe this script could send email to the lock owner?)" NL 575"SVNLOOK=" SVN_BINDIR "/svnlook" NL 576"GREP=/bin/grep" NL 577"SED=/bin/sed" NL 578"" NL 579"LOCK_OWNER=`$SVNLOOK lock \"$REPOS\" \"$PATH\" | \\" NL 580" $GREP '^Owner: ' | $SED 's/Owner: //'`" NL 581"" NL 582"# If we get no result from svnlook, there's no lock, allow the lock to" NL 583"# happen:" NL 584"if [ \"$LOCK_OWNER\" = \"\" ]; then" NL 585" exit 0" NL 586"fi" NL 587"" NL 588"# If the person locking matches the lock's owner, allow the lock to" NL 589"# happen:" NL 590"if [ \"$LOCK_OWNER\" = \"$USER\" ]; then" NL 591" exit 0" NL 592"fi" NL 593"" NL 594"# Otherwise, we've got an owner mismatch, so return failure:" NL 595"echo \"Error: $PATH already locked by ${LOCK_OWNER}.\" 1>&2" NL 596"exit 1" NL; 597 598 SVN_ERR_W(write_hook_template_file(repos, SCRIPT_NAME, 599 description, script, pool), 600 _("Creating pre-lock hook")); 601 602#undef SCRIPT_NAME 603 604 605 /* Pre-unlock hook. */ 606#define SCRIPT_NAME SVN_REPOS__HOOK_PRE_UNLOCK 607 608 description = 609"# PRE-UNLOCK HOOK" NL 610"#" NL 611"# The pre-unlock hook is invoked before an exclusive lock is" NL 612"# destroyed. Subversion runs this hook by invoking a program " NL 613"# (script, executable, binary, etc.) named '"SCRIPT_NAME"' (for which" NL 614"# this file is a template), with the following ordered arguments:" NL 615"#" NL 616"# [1] REPOS-PATH (the path to this repository)" NL 617"# [2] PATH (the path in the repository about to be unlocked)" NL 618"# [3] USER (the user destroying the lock)" NL 619"# [4] TOKEN (the lock token to be destroyed)" NL 620"# [5] BREAK-UNLOCK (1 if the user is breaking the lock, else 0)" NL 621"#" NL 622"# If the hook program exits with success, the lock is destroyed; but" NL 623"# if it exits with failure (non-zero), the unlock action is aborted" NL 624"# and STDERR is returned to the client." NL; 625 script = 626"REPOS=\"$1\"" NL 627"PATH=\"$2\"" NL 628"USER=\"$3\"" NL 629"TOKEN=\"$4\"" NL 630"BREAK=\"$5\"" NL 631"" NL 632"# If a lock is owned by a different person, don't allow it be broken." NL 633"# (Maybe this script could send email to the lock owner?)" NL 634"" NL 635"SVNLOOK=" SVN_BINDIR "/svnlook" NL 636"GREP=/bin/grep" NL 637"SED=/bin/sed" NL 638"" NL 639"LOCK_OWNER=`$SVNLOOK lock \"$REPOS\" \"$PATH\" | \\" NL 640" $GREP '^Owner: ' | $SED 's/Owner: //'`" NL 641"" NL 642"# If we get no result from svnlook, there's no lock, return success:" NL 643"if [ \"$LOCK_OWNER\" = \"\" ]; then" NL 644" exit 0" NL 645"fi" NL 646"" NL 647"# If the person unlocking matches the lock's owner, return success:" NL 648"if [ \"$LOCK_OWNER\" = \"$USER\" ]; then" NL 649" exit 0" NL 650"fi" NL 651"" NL 652"# Otherwise, we've got an owner mismatch, so return failure:" NL 653"echo \"Error: $PATH locked by ${LOCK_OWNER}.\" 1>&2" NL 654"exit 1" NL; 655 656 SVN_ERR_W(write_hook_template_file(repos, SCRIPT_NAME, 657 description, script, pool), 658 _("Creating pre-unlock hook")); 659 660#undef SCRIPT_NAME 661 662 663 /* Post-commit hook. */ 664#define SCRIPT_NAME SVN_REPOS__HOOK_POST_COMMIT 665 666 description = 667"# POST-COMMIT HOOK" NL 668"#" NL 669"# The post-commit hook is invoked after a commit. Subversion runs" NL 670"# this hook by invoking a program (script, executable, binary, etc.)" NL 671"# named '"SCRIPT_NAME"' (for which this file is a template) with the " NL 672"# following ordered arguments:" NL 673"#" NL 674"# [1] REPOS-PATH (the path to this repository)" NL 675"# [2] REV (the number of the revision just committed)" NL 676"# [3] TXN-NAME (the name of the transaction that has become REV)" NL 677"#" NL 678"# Because the commit has already completed and cannot be undone," NL 679"# the exit code of the hook program is ignored. The hook program" NL 680"# can use the 'svnlook' utility to help it examine the" NL 681"# newly-committed tree." NL; 682 script = 683"REPOS=\"$1\"" NL 684"REV=\"$2\"" NL 685"TXN_NAME=\"$3\"" NL 686 NL 687"mailer.py commit \"$REPOS\" \"$REV\" /path/to/mailer.conf" NL; 688 689 SVN_ERR_W(write_hook_template_file(repos, SCRIPT_NAME, 690 description, script, pool), 691 _("Creating post-commit hook")); 692 693#undef SCRIPT_NAME 694 695 696 /* Post-lock hook. */ 697#define SCRIPT_NAME SVN_REPOS__HOOK_POST_LOCK 698 699 description = 700"# POST-LOCK HOOK" NL 701"#" NL 702"# The post-lock hook is run after a path is locked. Subversion runs" NL 703"# this hook by invoking a program (script, executable, binary, etc.)" NL 704"# named '"SCRIPT_NAME"' (for which this file is a template) with the " NL 705"# following ordered arguments:" NL 706"#" NL 707"# [1] REPOS-PATH (the path to this repository)" NL 708"# [2] USER (the user who created the lock)" NL 709"#" NL 710"# The paths that were just locked are passed to the hook via STDIN." NL 711"#" NL 712"# Because the locks have already been created and cannot be undone," NL 713"# the exit code of the hook program is ignored. The hook program" NL 714"# can use the 'svnlook' utility to examine the paths in the repository" NL 715"# but since the hook is invoked asyncronously the newly-created locks" NL 716"# may no longer be present." NL; 717 script = 718"REPOS=\"$1\"" NL 719"USER=\"$2\"" NL 720"" NL 721"# Send email to interested parties, let them know a lock was created:" NL 722"mailer.py lock \"$REPOS\" \"$USER\" /path/to/mailer.conf" NL; 723 724 SVN_ERR_W(write_hook_template_file(repos, SCRIPT_NAME, 725 description, script, pool), 726 _("Creating post-lock hook")); 727 728#undef SCRIPT_NAME 729 730 731 /* Post-unlock hook. */ 732#define SCRIPT_NAME SVN_REPOS__HOOK_POST_UNLOCK 733 734 description = 735"# POST-UNLOCK HOOK" NL 736"#" NL 737"# The post-unlock hook runs after a path is unlocked. Subversion runs" NL 738"# this hook by invoking a program (script, executable, binary, etc.)" NL 739"# named '"SCRIPT_NAME"' (for which this file is a template) with the " NL 740"# following ordered arguments:" NL 741"#" NL 742"# [1] REPOS-PATH (the path to this repository)" NL 743"# [2] USER (the user who destroyed the lock)" NL 744"#" NL 745"# The paths that were just unlocked are passed to the hook via STDIN." NL 746"#" NL 747"# Because the lock has already been destroyed and cannot be undone," NL 748"# the exit code of the hook program is ignored." NL; 749 script = 750"REPOS=\"$1\"" NL 751"USER=\"$2\"" NL 752"" NL 753"# Send email to interested parties, let them know a lock was removed:" NL 754"mailer.py unlock \"$REPOS\" \"$USER\" /path/to/mailer.conf" NL; 755 756 SVN_ERR_W(write_hook_template_file(repos, SCRIPT_NAME, 757 description, script, pool), 758 _("Creating post-unlock hook")); 759 760#undef SCRIPT_NAME 761 762 763 /* Post-revprop-change hook. */ 764#define SCRIPT_NAME SVN_REPOS__HOOK_POST_REVPROP_CHANGE 765 766 description = 767"# POST-REVPROP-CHANGE HOOK" NL 768"#" NL 769"# The post-revprop-change hook is invoked after a revision property" NL 770"# has been added, modified or deleted. Subversion runs this hook by" NL 771"# invoking a program (script, executable, binary, etc.) named" NL 772"# '"SCRIPT_NAME"' (for which this file is a template), with the" NL 773"# following ordered arguments:" NL 774"#" NL 775"# [1] REPOS-PATH (the path to this repository)" NL 776"# [2] REV (the revision that was tweaked)" NL 777"# [3] USER (the username of the person tweaking the property)" NL 778"# [4] PROPNAME (the property that was changed)" NL 779"# [5] ACTION (the property was 'A'dded, 'M'odified, or 'D'eleted)" NL 780"#" NL 781"# [STDIN] PROPVAL ** the old property value is passed via STDIN." NL 782"#" NL 783"# Because the propchange has already completed and cannot be undone," NL 784"# the exit code of the hook program is ignored. The hook program" NL 785"# can use the 'svnlook' utility to help it examine the" NL 786"# new property value." NL; 787 script = 788"REPOS=\"$1\"" NL 789"REV=\"$2\"" NL 790"USER=\"$3\"" NL 791"PROPNAME=\"$4\"" NL 792"ACTION=\"$5\"" NL 793"" NL 794"mailer.py propchange2 \"$REPOS\" \"$REV\" \"$USER\" \"$PROPNAME\" " 795"\"$ACTION\" /path/to/mailer.conf" NL; 796 797 SVN_ERR_W(write_hook_template_file(repos, SCRIPT_NAME, 798 description, script, pool), 799 _("Creating post-revprop-change hook")); 800 801#undef SCRIPT_NAME 802 803 return SVN_NO_ERROR; 804} 805 806static svn_error_t * 807create_conf(svn_repos_t *repos, apr_pool_t *pool) 808{ 809 SVN_ERR_W(create_repos_dir(repos->conf_path, pool), 810 _("Creating conf directory")); 811 812 /* Write a default template for svnserve.conf. */ 813 { 814 static const char * const svnserve_conf_contents = 815"### This file controls the configuration of the svnserve daemon, if you" NL 816"### use it to allow access to this repository. (If you only allow" NL 817"### access through http: and/or file: URLs, then this file is" NL 818"### irrelevant.)" NL 819"" NL 820"### Visit http://subversion.apache.org/ for more information." NL 821"" NL 822"[general]" NL 823"### The anon-access and auth-access options control access to the" NL 824"### repository for unauthenticated (a.k.a. anonymous) users and" NL 825"### authenticated users, respectively." NL 826"### Valid values are \"write\", \"read\", and \"none\"." NL 827"### Setting the value to \"none\" prohibits both reading and writing;" NL 828"### \"read\" allows read-only access, and \"write\" allows complete " NL 829"### read/write access to the repository." NL 830"### The sample settings below are the defaults and specify that anonymous" NL 831"### users have read-only access to the repository, while authenticated" NL 832"### users have read and write access to the repository." NL 833"# anon-access = read" NL 834"# auth-access = write" NL 835"### The password-db option controls the location of the password" NL 836"### database file. Unless you specify a path starting with a /," NL 837"### the file's location is relative to the directory containing" NL 838"### this configuration file." NL 839"### If SASL is enabled (see below), this file will NOT be used." NL 840"### Uncomment the line below to use the default password file." NL 841"# password-db = passwd" NL 842"### The authz-db option controls the location of the authorization" NL 843"### rules for path-based access control. Unless you specify a path" NL 844"### starting with a /, the file's location is relative to the" NL 845"### directory containing this file. The specified path may be a" NL 846"### repository relative URL (^/) or an absolute file:// URL to a text" NL 847"### file in a Subversion repository. If you don't specify an authz-db," NL 848"### no path-based access control is done." NL 849"### Uncomment the line below to use the default authorization file." NL 850"# authz-db = " SVN_REPOS__CONF_AUTHZ NL 851"### The groups-db option controls the location of the file with the" NL 852"### group definitions and allows maintaining groups separately from the" NL 853"### authorization rules. The groups-db file is of the same format as the" NL 854"### authz-db file and should contain a single [groups] section with the" NL 855"### group definitions. If the option is enabled, the authz-db file cannot" NL 856"### contain a [groups] section. Unless you specify a path starting with" NL 857"### a /, the file's location is relative to the directory containing this" NL 858"### file. The specified path may be a repository relative URL (^/) or an" NL 859"### absolute file:// URL to a text file in a Subversion repository." NL 860"### This option is not being used by default." NL 861"# groups-db = " SVN_REPOS__CONF_GROUPS NL 862"### This option specifies the authentication realm of the repository." NL 863"### If two repositories have the same authentication realm, they should" NL 864"### have the same password database, and vice versa. The default realm" NL 865"### is repository's uuid." NL 866"# realm = My First Repository" NL 867"### The force-username-case option causes svnserve to case-normalize" NL 868"### usernames before comparing them against the authorization rules in the" NL 869"### authz-db file configured above. Valid values are \"upper\" (to upper-" NL 870"### case the usernames), \"lower\" (to lowercase the usernames), and" NL 871"### \"none\" (to compare usernames as-is without case conversion, which" NL 872"### is the default behavior)." NL 873"# force-username-case = none" NL 874"### The hooks-env options specifies a path to the hook script environment " NL 875"### configuration file. This option overrides the per-repository default" NL 876"### and can be used to configure the hook script environment for multiple " NL 877"### repositories in a single file, if an absolute path is specified." NL 878"### Unless you specify an absolute path, the file's location is relative" NL 879"### to the directory containing this file." NL 880"# hooks-env = " SVN_REPOS__CONF_HOOKS_ENV NL 881"" NL 882"[sasl]" NL 883"### This option specifies whether you want to use the Cyrus SASL" NL 884"### library for authentication. Default is false." NL 885"### This section will be ignored if svnserve is not built with Cyrus" NL 886"### SASL support; to check, run 'svnserve --version' and look for a line" NL 887"### reading 'Cyrus SASL authentication is available.'" NL 888"# use-sasl = true" NL 889"### These options specify the desired strength of the security layer" NL 890"### that you want SASL to provide. 0 means no encryption, 1 means" NL 891"### integrity-checking only, values larger than 1 are correlated" NL 892"### to the effective key length for encryption (e.g. 128 means 128-bit" NL 893"### encryption). The values below are the defaults." NL 894"# min-encryption = 0" NL 895"# max-encryption = 256" NL; 896 897 SVN_ERR_W(svn_io_file_create(svn_repos_svnserve_conf(repos, pool), 898 svnserve_conf_contents, pool), 899 _("Creating svnserve.conf file")); 900 } 901 902 { 903 static const char * const passwd_contents = 904"### This file is an example password file for svnserve." NL 905"### Its format is similar to that of svnserve.conf. As shown in the" NL 906"### example below it contains one section labelled [users]." NL 907"### The name and password for each user follow, one account per line." NL 908"" NL 909"[users]" NL 910"# harry = harryssecret" NL 911"# sally = sallyssecret" NL; 912 913 SVN_ERR_W(svn_io_file_create(svn_dirent_join(repos->conf_path, 914 SVN_REPOS__CONF_PASSWD, 915 pool), 916 passwd_contents, pool), 917 _("Creating passwd file")); 918 } 919 920 { 921 static const char * const authz_contents = 922"### This file is an example authorization file for svnserve." NL 923"### Its format is identical to that of mod_authz_svn authorization" NL 924"### files." NL 925"### As shown below each section defines authorizations for the path and" NL 926"### (optional) repository specified by the section name." NL 927"### The authorizations follow. An authorization line can refer to:" NL 928"### - a single user," NL 929"### - a group of users defined in a special [groups] section," NL 930"### - an alias defined in a special [aliases] section," NL 931"### - all authenticated users, using the '$authenticated' token," NL 932"### - only anonymous users, using the '$anonymous' token," NL 933"### - anyone, using the '*' wildcard." NL 934"###" NL 935"### A match can be inverted by prefixing the rule with '~'. Rules can" NL 936"### grant read ('r') access, read-write ('rw') access, or no access" NL 937"### ('')." NL 938"" NL 939"[aliases]" NL 940"# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average" NL 941"" NL 942"[groups]" NL 943"# harry_and_sally = harry,sally" NL 944"# harry_sally_and_joe = harry,sally,&joe" NL 945"" NL 946"# [/foo/bar]" NL 947"# harry = rw" NL 948"# &joe = r" NL 949"# * =" NL 950"" NL 951"# [repository:/baz/fuz]" NL 952"# @harry_and_sally = rw" NL 953"# * = r" NL; 954 955 SVN_ERR_W(svn_io_file_create(svn_dirent_join(repos->conf_path, 956 SVN_REPOS__CONF_AUTHZ, 957 pool), 958 authz_contents, pool), 959 _("Creating authz file")); 960 } 961 962 { 963 static const char * const hooks_env_contents = 964"### This file is an example hook script environment configuration file." NL 965"### Hook scripts run in an empty environment by default." NL 966"### As shown below each section defines environment variables for a" NL 967"### particular hook script. The [default] section defines environment" NL 968"### variables for all hook scripts, unless overridden by a hook-specific" NL 969"### section." NL 970"" NL 971"### This example configures a UTF-8 locale for all hook scripts, so that " NL 972"### special characters, such as umlauts, may be printed to stderr." NL 973"### If UTF-8 is used with a mod_dav_svn server, the SVNUseUTF8 option must" NL 974"### also be set to 'yes' in httpd.conf." NL 975"### With svnserve, the LANG environment variable of the svnserve process" NL 976"### must be set to the same value as given here." NL 977"[default]" NL 978"LANG = en_US.UTF-8" NL 979"" NL 980"### This sets the PATH environment variable for the pre-commit hook." NL 981"[pre-commit]" NL 982"PATH = /usr/local/bin:/usr/bin:/usr/sbin" NL; 983 984 SVN_ERR_W(svn_io_file_create(svn_dirent_join(repos->conf_path, 985 SVN_REPOS__CONF_HOOKS_ENV \ 986 SVN_REPOS__HOOK_DESC_EXT, 987 pool), 988 hooks_env_contents, pool), 989 _("Creating hooks-env file")); 990 } 991 992 return SVN_NO_ERROR; 993} 994 995svn_error_t * 996svn_repos_hooks_setenv(svn_repos_t *repos, 997 const char *hooks_env_path, 998 apr_pool_t *scratch_pool) 999{ 1000 if (hooks_env_path == NULL) 1001 repos->hooks_env_path = svn_dirent_join(repos->conf_path, 1002 SVN_REPOS__CONF_HOOKS_ENV, 1003 repos->pool); 1004 else if (!svn_dirent_is_absolute(hooks_env_path)) 1005 repos->hooks_env_path = svn_dirent_join(repos->conf_path, 1006 hooks_env_path, 1007 repos->pool); 1008 else 1009 repos->hooks_env_path = apr_pstrdup(repos->pool, hooks_env_path); 1010 1011 return SVN_NO_ERROR; 1012} 1013 1014/* Allocate and return a new svn_repos_t * object, initializing the 1015 directory pathname members based on PATH, and initializing the 1016 REPOSITORY_CAPABILITIES member. 1017 The members FS, FORMAT, and FS_TYPE are *not* initialized (they are null), 1018 and it is the caller's responsibility to fill them in if needed. */ 1019static svn_repos_t * 1020create_svn_repos_t(const char *path, apr_pool_t *pool) 1021{ 1022 svn_repos_t *repos = apr_pcalloc(pool, sizeof(*repos)); 1023 1024 repos->path = apr_pstrdup(pool, path); 1025 repos->db_path = svn_dirent_join(path, SVN_REPOS__DB_DIR, pool); 1026 repos->conf_path = svn_dirent_join(path, SVN_REPOS__CONF_DIR, pool); 1027 repos->hook_path = svn_dirent_join(path, SVN_REPOS__HOOK_DIR, pool); 1028 repos->lock_path = svn_dirent_join(path, SVN_REPOS__LOCK_DIR, pool); 1029 repos->hooks_env_path = NULL; 1030 repos->repository_capabilities = apr_hash_make(pool); 1031 repos->pool = pool; 1032 1033 return repos; 1034} 1035 1036 1037static svn_error_t * 1038create_repos_structure(svn_repos_t *repos, 1039 const char *path, 1040 apr_hash_t *fs_config, 1041 apr_pool_t *pool) 1042{ 1043 /* Create the top-level repository directory. */ 1044 SVN_ERR_W(create_repos_dir(path, pool), 1045 _("Could not create top-level directory")); 1046 1047 /* Create the DAV sandbox directory if pre-1.4 or pre-1.5-compatible. */ 1048 if (fs_config 1049 && (svn_hash_gets(fs_config, SVN_FS_CONFIG_PRE_1_4_COMPATIBLE) 1050 || svn_hash_gets(fs_config, SVN_FS_CONFIG_PRE_1_5_COMPATIBLE))) 1051 { 1052 const char *dav_path = svn_dirent_join(repos->path, 1053 SVN_REPOS__DAV_DIR, pool); 1054 SVN_ERR_W(create_repos_dir(dav_path, pool), 1055 _("Creating DAV sandbox dir")); 1056 } 1057 1058 /* Create the lock directory. */ 1059 SVN_ERR(create_locks(repos, pool)); 1060 1061 /* Create the hooks directory. */ 1062 SVN_ERR(create_hooks(repos, pool)); 1063 1064 /* Create the conf directory. */ 1065 SVN_ERR(create_conf(repos, pool)); 1066 1067 /* Write the top-level README file. */ 1068 { 1069 const char * const readme_header = 1070 "This is a Subversion repository; use the 'svnadmin' and 'svnlook' " NL 1071 "tools to examine it. Do not add, delete, or modify files here " NL 1072 "unless you know how to avoid corrupting the repository." NL 1073 "" NL; 1074 const char * const readme_bdb_insert = 1075 "The directory \"" SVN_REPOS__DB_DIR "\" contains a Berkeley DB environment." NL 1076 "you may need to tweak the values in \"" SVN_REPOS__DB_DIR "/DB_CONFIG\" to match the" NL 1077 "requirements of your site." NL 1078 "" NL; 1079 const char * const readme_footer = 1080 "Visit http://subversion.apache.org/ for more information." NL; 1081 apr_file_t *f; 1082 apr_size_t written; 1083 1084 SVN_ERR(svn_io_file_open(&f, 1085 svn_dirent_join(path, SVN_REPOS__README, pool), 1086 (APR_WRITE | APR_CREATE | APR_EXCL), 1087 APR_OS_DEFAULT, pool)); 1088 1089 SVN_ERR(svn_io_file_write_full(f, readme_header, strlen(readme_header), 1090 &written, pool)); 1091 if (strcmp(repos->fs_type, SVN_FS_TYPE_BDB) == 0) 1092 SVN_ERR(svn_io_file_write_full(f, readme_bdb_insert, 1093 strlen(readme_bdb_insert), 1094 &written, pool)); 1095 SVN_ERR(svn_io_file_write_full(f, readme_footer, strlen(readme_footer), 1096 &written, pool)); 1097 1098 return svn_io_file_close(f, pool); 1099 } 1100} 1101 1102 1103/* There is, at present, nothing within the direct responsibility 1104 of libsvn_repos which requires locking. For historical compatibility 1105 reasons, the BDB libsvn_fs backend does not do its own locking, expecting 1106 libsvn_repos to do the locking for it. Here we take care of that 1107 backend-specific requirement. 1108 The kind of lock is controlled by EXCLUSIVE and NONBLOCKING. 1109 The lock is scoped to POOL. */ 1110static svn_error_t * 1111lock_repos(svn_repos_t *repos, 1112 svn_boolean_t exclusive, 1113 svn_boolean_t nonblocking, 1114 apr_pool_t *pool) 1115{ 1116 if (strcmp(repos->fs_type, SVN_FS_TYPE_BDB) == 0) 1117 { 1118 svn_error_t *err; 1119 const char *lockfile_path = svn_repos_db_lockfile(repos, pool); 1120 1121 err = svn_io_file_lock2(lockfile_path, exclusive, nonblocking, pool); 1122 if (err != NULL && APR_STATUS_IS_EAGAIN(err->apr_err)) 1123 return svn_error_trace(err); 1124 SVN_ERR_W(err, _("Error opening db lockfile")); 1125 } 1126 return SVN_NO_ERROR; 1127} 1128 1129 1130svn_error_t * 1131svn_repos_create(svn_repos_t **repos_p, 1132 const char *path, 1133 const char *unused_1, 1134 const char *unused_2, 1135 apr_hash_t *config, 1136 apr_hash_t *fs_config, 1137 apr_pool_t *result_pool) 1138{ 1139 svn_repos_t *repos; 1140 svn_error_t *err; 1141 apr_pool_t *scratch_pool = svn_pool_create(result_pool); 1142 const char *root_path; 1143 const char *local_abspath; 1144 1145 /* Allocate a repository object, filling in the format we will create. */ 1146 repos = create_svn_repos_t(path, result_pool); 1147 repos->format = SVN_REPOS__FORMAT_NUMBER; 1148 1149 /* Discover the type of the filesystem we are about to create. */ 1150 repos->fs_type = svn_hash__get_cstring(fs_config, SVN_FS_CONFIG_FS_TYPE, 1151 DEFAULT_FS_TYPE); 1152 if (svn_hash__get_bool(fs_config, SVN_FS_CONFIG_PRE_1_4_COMPATIBLE, FALSE)) 1153 repos->format = SVN_REPOS__FORMAT_NUMBER_LEGACY; 1154 1155 /* Don't create a repository inside another repository. */ 1156 SVN_ERR(svn_dirent_get_absolute(&local_abspath, path, scratch_pool)); 1157 root_path = svn_repos_find_root_path(local_abspath, scratch_pool); 1158 if (root_path != NULL) 1159 { 1160 if (strcmp(root_path, local_abspath) == 0) 1161 return svn_error_createf(SVN_ERR_REPOS_BAD_ARGS, NULL, 1162 _("'%s' is an existing repository"), 1163 svn_dirent_local_style(root_path, 1164 scratch_pool)); 1165 else 1166 return svn_error_createf(SVN_ERR_REPOS_BAD_ARGS, NULL, 1167 _("'%s' is a subdirectory of an existing " 1168 "repository " "rooted at '%s'"), 1169 svn_dirent_local_style(local_abspath, 1170 scratch_pool), 1171 svn_dirent_local_style(root_path, 1172 scratch_pool)); 1173 } 1174 1175 /* Create the various files and subdirectories for the repository. */ 1176 SVN_ERR_W(create_repos_structure(repos, path, fs_config, scratch_pool), 1177 _("Repository creation failed")); 1178 1179 /* Lock if needed. */ 1180 SVN_ERR(lock_repos(repos, FALSE, FALSE, scratch_pool)); 1181 1182 /* Create an environment for the filesystem. */ 1183 if ((err = svn_fs_create(&repos->fs, repos->db_path, fs_config, 1184 result_pool))) 1185 { 1186 /* If there was an error making the filesytem, e.g. unknown/supported 1187 * filesystem type. Clean up after ourselves. Yes this is safe because 1188 * create_repos_structure will fail if the path existed before we started 1189 * so we can't accidentally remove a directory that previously existed. 1190 */ 1191 svn_pool_destroy(scratch_pool); /* Release lock to allow deleting dir */ 1192 1193 return svn_error_trace( 1194 svn_error_compose_create( 1195 err, 1196 svn_io_remove_dir2(path, FALSE, NULL, NULL, 1197 result_pool))); 1198 } 1199 1200 /* This repository is ready. Stamp it with a format number. */ 1201 SVN_ERR(svn_io_write_version_file 1202 (svn_dirent_join(path, SVN_REPOS__FORMAT, scratch_pool), 1203 repos->format, scratch_pool)); 1204 1205 svn_pool_destroy(scratch_pool); /* Release lock */ 1206 1207 *repos_p = repos; 1208 return SVN_NO_ERROR; 1209} 1210 1211 1212/* Check if @a path is the root of a repository by checking if the 1213 * path contains the expected files and directories. Return TRUE 1214 * on errors (which would be permission errors, probably) so that 1215 * we the user will see them after we try to open the repository 1216 * for real. */ 1217static svn_boolean_t 1218check_repos_path(const char *path, 1219 apr_pool_t *pool) 1220{ 1221 svn_node_kind_t kind; 1222 svn_error_t *err; 1223 1224 err = svn_io_check_path(svn_dirent_join(path, SVN_REPOS__FORMAT, pool), 1225 &kind, pool); 1226 if (err) 1227 { 1228 svn_error_clear(err); 1229 return TRUE; 1230 } 1231 if (kind != svn_node_file) 1232 return FALSE; 1233 1234 /* Check the db/ subdir, but allow it to be a symlink (Subversion 1235 works just fine if it's a symlink). */ 1236 err = svn_io_check_resolved_path 1237 (svn_dirent_join(path, SVN_REPOS__DB_DIR, pool), &kind, pool); 1238 if (err) 1239 { 1240 svn_error_clear(err); 1241 return TRUE; 1242 } 1243 if (kind != svn_node_dir) 1244 return FALSE; 1245 1246 return TRUE; 1247} 1248 1249 1250/* Verify that REPOS's format is suitable. 1251 Use POOL for temporary allocation. */ 1252static svn_error_t * 1253check_repos_format(svn_repos_t *repos, 1254 apr_pool_t *pool) 1255{ 1256 int format; 1257 const char *format_path; 1258 1259 format_path = svn_dirent_join(repos->path, SVN_REPOS__FORMAT, pool); 1260 SVN_ERR(svn_io_read_version_file(&format, format_path, pool)); 1261 1262 if (format != SVN_REPOS__FORMAT_NUMBER && 1263 format != SVN_REPOS__FORMAT_NUMBER_LEGACY) 1264 { 1265 return svn_error_createf 1266 (SVN_ERR_REPOS_UNSUPPORTED_VERSION, NULL, 1267 _("Expected repository format '%d' or '%d'; found format '%d'"), 1268 SVN_REPOS__FORMAT_NUMBER_LEGACY, SVN_REPOS__FORMAT_NUMBER, 1269 format); 1270 } 1271 1272 repos->format = format; 1273 1274 return SVN_NO_ERROR; 1275} 1276 1277 1278/* Set *REPOS_P to a repository at PATH which has been opened. 1279 See lock_repos() above regarding EXCLUSIVE and NONBLOCKING. 1280 OPEN_FS indicates whether the Subversion filesystem should be opened, 1281 the handle being placed into repos->fs. 1282 Do all allocation in POOL. */ 1283static svn_error_t * 1284get_repos(svn_repos_t **repos_p, 1285 const char *path, 1286 svn_boolean_t exclusive, 1287 svn_boolean_t nonblocking, 1288 svn_boolean_t open_fs, 1289 apr_hash_t *fs_config, 1290 apr_pool_t *result_pool, 1291 apr_pool_t *scratch_pool) 1292{ 1293 svn_repos_t *repos; 1294 const char *fs_type; 1295 1296 /* Allocate a repository object. */ 1297 repos = create_svn_repos_t(path, result_pool); 1298 1299 /* Verify the validity of our repository format. */ 1300 SVN_ERR(check_repos_format(repos, scratch_pool)); 1301 1302 /* Discover the FS type. */ 1303 SVN_ERR(svn_fs_type(&fs_type, repos->db_path, scratch_pool)); 1304 repos->fs_type = apr_pstrdup(result_pool, fs_type); 1305 1306 /* Lock if needed. */ 1307 SVN_ERR(lock_repos(repos, exclusive, nonblocking, result_pool)); 1308 1309 /* Open up the filesystem only after obtaining the lock. */ 1310 if (open_fs) 1311 SVN_ERR(svn_fs_open2(&repos->fs, repos->db_path, fs_config, 1312 result_pool, scratch_pool)); 1313 1314#ifdef SVN_DEBUG_CRASH_AT_REPOS_OPEN 1315 /* If $PATH/config/debug-abort exists, crash the server here. 1316 This debugging feature can be used to test client recovery 1317 when the server crashes. 1318 1319 See: Issue #4274 */ 1320 { 1321 svn_node_kind_t kind; 1322 svn_error_t *err = svn_io_check_path( 1323 svn_dirent_join(repos->conf_path, "debug-abort", scratch_pool), 1324 &kind, scratch_pool); 1325 svn_error_clear(err); 1326 if (!err && kind == svn_node_file) 1327 SVN_ERR_MALFUNCTION_NO_RETURN(); 1328 } 1329#endif /* SVN_DEBUG_CRASH_AT_REPOS_OPEN */ 1330 1331 *repos_p = repos; 1332 return SVN_NO_ERROR; 1333} 1334 1335 1336 1337const char * 1338svn_repos_find_root_path(const char *path, 1339 apr_pool_t *pool) 1340{ 1341 const char *candidate = path; 1342 const char *decoded; 1343 svn_error_t *err; 1344 1345 while (1) 1346 { 1347 /* Try to decode the path, so we don't fail if it contains characters 1348 that aren't supported by the OS filesystem. The subversion fs 1349 isn't restricted by the OS filesystem character set. */ 1350 err = svn_path_cstring_from_utf8(&decoded, candidate, pool); 1351 if (!err && check_repos_path(candidate, pool)) 1352 break; 1353 svn_error_clear(err); 1354 1355 if (svn_path_is_empty(candidate) || 1356 svn_dirent_is_root(candidate, strlen(candidate))) 1357 return NULL; 1358 1359 candidate = svn_dirent_dirname(candidate, pool); 1360 } 1361 1362 return candidate; 1363} 1364 1365svn_error_t * 1366svn_repos_open3(svn_repos_t **repos_p, 1367 const char *path, 1368 apr_hash_t *fs_config, 1369 apr_pool_t *result_pool, 1370 apr_pool_t *scratch_pool) 1371{ 1372 /* Fetch a repository object initialized with a shared read/write 1373 lock on the database. */ 1374 1375 return get_repos(repos_p, path, FALSE, FALSE, TRUE, fs_config, 1376 result_pool, scratch_pool); 1377} 1378 1379/* Baton used with fs_upgrade_notify, specifying the svn_repos layer 1380 * notification parameters. 1381 */ 1382struct fs_upgrade_notify_baton_t 1383{ 1384 svn_repos_notify_func_t notify_func; 1385 void *notify_baton; 1386}; 1387 1388/* Implements svn_fs_upgrade_notify_t as forwarding to a 1389 * svn_repos_notify_func_t passed in a fs_upgrade_notify_baton_t* BATON. 1390 */ 1391static svn_error_t * 1392fs_upgrade_notify(void *baton, 1393 apr_uint64_t number, 1394 svn_fs_upgrade_notify_action_t action, 1395 apr_pool_t *pool) 1396{ 1397 struct fs_upgrade_notify_baton_t *fs_baton = baton; 1398 1399 svn_repos_notify_t *notify = svn_repos_notify_create( 1400 svn_repos_notify_mutex_acquired, pool); 1401 switch(action) 1402 { 1403 case svn_fs_upgrade_pack_revprops: 1404 notify->shard = number; 1405 notify->action = svn_repos_notify_pack_revprops; 1406 break; 1407 1408 case svn_fs_upgrade_cleanup_revprops: 1409 notify->shard = number; 1410 notify->action = svn_repos_notify_cleanup_revprops; 1411 break; 1412 1413 case svn_fs_upgrade_format_bumped: 1414 notify->revision = number; 1415 notify->action = svn_repos_notify_format_bumped; 1416 break; 1417 1418 default: 1419 /* unknown notification */ 1420 SVN_ERR_MALFUNCTION(); 1421 } 1422 1423 fs_baton->notify_func(fs_baton->notify_baton, notify, pool); 1424 1425 return SVN_NO_ERROR; 1426} 1427 1428svn_error_t * 1429svn_repos_upgrade2(const char *path, 1430 svn_boolean_t nonblocking, 1431 svn_repos_notify_func_t notify_func, 1432 void *notify_baton, 1433 apr_pool_t *pool) 1434{ 1435 svn_repos_t *repos; 1436 const char *format_path; 1437 int format; 1438 apr_pool_t *subpool = svn_pool_create(pool); 1439 1440 struct fs_upgrade_notify_baton_t fs_notify_baton; 1441 fs_notify_baton.notify_func = notify_func; 1442 fs_notify_baton.notify_baton = notify_baton; 1443 1444 /* Fetch a repository object; for the Berkeley DB backend, it is 1445 initialized with an EXCLUSIVE lock on the database. This will at 1446 least prevent others from trying to read or write to it while we 1447 run recovery. (Other backends should do their own locking; see 1448 lock_repos.) */ 1449 SVN_ERR(get_repos(&repos, path, TRUE, nonblocking, FALSE, NULL, subpool, 1450 subpool)); 1451 1452 if (notify_func) 1453 { 1454 /* We notify *twice* here, because there are two different logistical 1455 actions occuring. */ 1456 svn_repos_notify_t *notify = svn_repos_notify_create( 1457 svn_repos_notify_mutex_acquired, subpool); 1458 notify_func(notify_baton, notify, subpool); 1459 1460 notify->action = svn_repos_notify_upgrade_start; 1461 notify_func(notify_baton, notify, subpool); 1462 } 1463 1464 /* Try to overwrite with its own contents. We do this only to 1465 verify that we can, because we don't want to actually bump the 1466 format of the repository until our underlying filesystem claims 1467 to have been upgraded correctly. */ 1468 format_path = svn_dirent_join(repos->path, SVN_REPOS__FORMAT, subpool); 1469 SVN_ERR(svn_io_read_version_file(&format, format_path, subpool)); 1470 SVN_ERR(svn_io_write_version_file(format_path, format, subpool)); 1471 1472 /* Try to upgrade the filesystem. */ 1473 SVN_ERR(svn_fs_upgrade2(repos->db_path, 1474 notify_func ? fs_upgrade_notify : NULL, 1475 &fs_notify_baton, NULL, NULL, subpool)); 1476 1477 /* Now overwrite our format file with the latest version. */ 1478 SVN_ERR(svn_io_write_version_file(format_path, SVN_REPOS__FORMAT_NUMBER, 1479 subpool)); 1480 1481 /* Close shop and free the subpool, to release the exclusive lock. */ 1482 svn_pool_destroy(subpool); 1483 1484 return SVN_NO_ERROR; 1485} 1486 1487 1488svn_error_t * 1489svn_repos_delete(const char *path, 1490 apr_pool_t *pool) 1491{ 1492 const char *db_path = svn_dirent_join(path, SVN_REPOS__DB_DIR, pool); 1493 1494 /* Delete the filesystem environment... */ 1495 SVN_ERR(svn_fs_delete_fs(db_path, pool)); 1496 1497 /* ...then blow away everything else. */ 1498 return svn_error_trace(svn_io_remove_dir2(path, FALSE, NULL, NULL, pool)); 1499} 1500 1501 1502/* Repository supports the capability. */ 1503static const char *capability_yes = "yes"; 1504/* Repository does not support the capability. */ 1505static const char *capability_no = "no"; 1506 1507svn_error_t * 1508svn_repos_has_capability(svn_repos_t *repos, 1509 svn_boolean_t *has, 1510 const char *capability, 1511 apr_pool_t *pool) 1512{ 1513 const char *val = svn_hash_gets(repos->repository_capabilities, capability); 1514 1515 if (val == capability_yes) 1516 { 1517 *has = TRUE; 1518 } 1519 else if (val == capability_no) 1520 { 1521 *has = FALSE; 1522 } 1523 /* Else don't know, so investigate. */ 1524 else if (strcmp(capability, SVN_REPOS_CAPABILITY_MERGEINFO) == 0) 1525 { 1526 svn_error_t *err; 1527 svn_fs_root_t *root; 1528 svn_mergeinfo_catalog_t ignored; 1529 apr_array_header_t *paths = apr_array_make(pool, 1, 1530 sizeof(char *)); 1531 1532 SVN_ERR(svn_fs_revision_root(&root, repos->fs, 0, pool)); 1533 APR_ARRAY_PUSH(paths, const char *) = ""; 1534 err = svn_fs_get_mergeinfo2(&ignored, root, paths, FALSE, FALSE, 1535 TRUE, pool, pool); 1536 1537 if (err) 1538 { 1539 if (err->apr_err == SVN_ERR_UNSUPPORTED_FEATURE) 1540 { 1541 svn_error_clear(err); 1542 svn_hash_sets(repos->repository_capabilities, 1543 SVN_REPOS_CAPABILITY_MERGEINFO, capability_no); 1544 *has = FALSE; 1545 } 1546 else if (err->apr_err == SVN_ERR_FS_NOT_FOUND) 1547 { 1548 /* Mergeinfo requests use relative paths, and anyway we're 1549 in r0, so we're likely to get this error -- but it 1550 means the repository supports mergeinfo! */ 1551 svn_error_clear(err); 1552 svn_hash_sets(repos->repository_capabilities, 1553 SVN_REPOS_CAPABILITY_MERGEINFO, capability_yes); 1554 *has = TRUE; 1555 } 1556 else 1557 { 1558 return svn_error_trace(err); 1559 } 1560 } 1561 else 1562 { 1563 svn_hash_sets(repos->repository_capabilities, 1564 SVN_REPOS_CAPABILITY_MERGEINFO, capability_yes); 1565 *has = TRUE; 1566 } 1567 } 1568 else 1569 { 1570 return svn_error_createf(SVN_ERR_UNKNOWN_CAPABILITY, 0, 1571 _("unknown capability '%s'"), capability); 1572 } 1573 1574 return SVN_NO_ERROR; 1575} 1576 1577svn_error_t * 1578svn_repos_capabilities(apr_hash_t **capabilities, 1579 svn_repos_t *repos, 1580 apr_pool_t *result_pool, 1581 apr_pool_t *scratch_pool) 1582{ 1583 static const char *const queries[] = { 1584 SVN_REPOS_CAPABILITY_MERGEINFO, 1585 NULL 1586 }; 1587 const char *const *i; 1588 1589 *capabilities = apr_hash_make(result_pool); 1590 1591 for (i = queries; *i; i++) 1592 { 1593 svn_boolean_t has; 1594 SVN_ERR(svn_repos_has_capability(repos, &has, *i, scratch_pool)); 1595 if (has) 1596 svn_hash_sets(*capabilities, *i, *i); 1597 } 1598 1599 return SVN_NO_ERROR; 1600} 1601 1602svn_error_t * 1603svn_repos_info_format(int *repos_format, 1604 svn_version_t **supports_version, 1605 svn_repos_t *repos, 1606 apr_pool_t *result_pool, 1607 apr_pool_t *scratch_pool) 1608{ 1609 *repos_format = repos->format; 1610 *supports_version = apr_palloc(result_pool, sizeof(svn_version_t)); 1611 1612 (*supports_version)->major = SVN_VER_MAJOR; 1613 (*supports_version)->minor = 0; 1614 (*supports_version)->patch = 0; 1615 (*supports_version)->tag = ""; 1616 1617 switch (repos->format) 1618 { 1619 case SVN_REPOS__FORMAT_NUMBER_LEGACY: 1620 break; 1621 case SVN_REPOS__FORMAT_NUMBER_1_4: 1622 (*supports_version)->minor = 4; 1623 break; 1624#ifdef SVN_DEBUG 1625# if SVN_REPOS__FORMAT_NUMBER != SVN_REPOS__FORMAT_NUMBER_1_4 1626# error "Need to add a 'case' statement here" 1627# endif 1628#endif 1629 } 1630 1631 return SVN_NO_ERROR; 1632} 1633 1634svn_fs_t * 1635svn_repos_fs(svn_repos_t *repos) 1636{ 1637 if (! repos) 1638 return NULL; 1639 return repos->fs; 1640} 1641 1642const char * 1643svn_repos_fs_type(svn_repos_t *repos, 1644 apr_pool_t *result_pool) 1645{ 1646 return apr_pstrdup(result_pool, repos->fs_type); 1647} 1648 1649/* For historical reasons, for the Berkeley DB backend, this code uses 1650 * repository locking, which is motivated by the need to support the 1651 * Berkeley DB error DB_RUN_RECOVERY. (FSFS takes care of locking 1652 * itself, inside its implementation of svn_fs_recover.) Here's how 1653 * it works: 1654 * 1655 * Every accessor of a repository's database takes out a shared lock 1656 * on the repository -- both readers and writers get shared locks, and 1657 * there can be an unlimited number of shared locks simultaneously. 1658 * 1659 * Sometimes, a db access returns the error DB_RUN_RECOVERY. When 1660 * this happens, we need to run svn_fs_recover() on the db 1661 * with no other accessors present. So we take out an exclusive lock 1662 * on the repository. From the moment we request the exclusive lock, 1663 * no more shared locks are granted, and when the last shared lock 1664 * disappears, the exclusive lock is granted. As soon as we get it, 1665 * we can run recovery. 1666 * 1667 * We assume that once any berkeley call returns DB_RUN_RECOVERY, they 1668 * all do, until recovery is run. 1669 */ 1670 1671svn_error_t * 1672svn_repos_recover4(const char *path, 1673 svn_boolean_t nonblocking, 1674 svn_repos_notify_func_t notify_func, 1675 void *notify_baton, 1676 svn_cancel_func_t cancel_func, 1677 void * cancel_baton, 1678 apr_pool_t *pool) 1679{ 1680 svn_repos_t *repos; 1681 apr_pool_t *subpool = svn_pool_create(pool); 1682 1683 /* Fetch a repository object; for the Berkeley DB backend, it is 1684 initialized with an EXCLUSIVE lock on the database. This will at 1685 least prevent others from trying to read or write to it while we 1686 run recovery. (Other backends should do their own locking; see 1687 lock_repos.) */ 1688 SVN_ERR(get_repos(&repos, path, TRUE, nonblocking, 1689 FALSE, /* don't try to open the db yet. */ 1690 NULL, 1691 subpool, subpool)); 1692 1693 if (notify_func) 1694 { 1695 /* We notify *twice* here, because there are two different logistical 1696 actions occuring. */ 1697 svn_repos_notify_t *notify = svn_repos_notify_create( 1698 svn_repos_notify_mutex_acquired, subpool); 1699 notify_func(notify_baton, notify, subpool); 1700 1701 notify->action = svn_repos_notify_recover_start; 1702 notify_func(notify_baton, notify, subpool); 1703 } 1704 1705 /* Recover the database to a consistent state. */ 1706 SVN_ERR(svn_fs_recover(repos->db_path, cancel_func, cancel_baton, subpool)); 1707 1708 /* Close shop and free the subpool, to release the exclusive lock. */ 1709 svn_pool_destroy(subpool); 1710 1711 return SVN_NO_ERROR; 1712} 1713 1714struct freeze_baton_t { 1715 apr_array_header_t *paths; 1716 int counter; 1717 svn_repos_freeze_func_t freeze_func; 1718 void *freeze_baton; 1719 1720 /* Scratch pool used for every freeze callback invocation. */ 1721 apr_pool_t *scratch_pool; 1722}; 1723 1724static svn_error_t * 1725multi_freeze(void *baton, 1726 apr_pool_t *pool) 1727{ 1728 struct freeze_baton_t *fb = baton; 1729 1730 svn_pool_clear(fb->scratch_pool); 1731 if (fb->counter == fb->paths->nelts) 1732 { 1733 SVN_ERR(fb->freeze_func(fb->freeze_baton, pool)); 1734 return SVN_NO_ERROR; 1735 } 1736 else 1737 { 1738 /* Using a subpool as the only way to unlock the repos lock used 1739 by BDB is to clear the pool used to take the lock. */ 1740 apr_pool_t *subpool = svn_pool_create(pool); 1741 const char *path = APR_ARRAY_IDX(fb->paths, fb->counter, const char *); 1742 svn_repos_t *repos; 1743 1744 ++fb->counter; 1745 1746 SVN_ERR(get_repos(&repos, path, 1747 TRUE /* exclusive (only applies to BDB) */, 1748 FALSE /* non-blocking */, 1749 FALSE /* open-fs */, 1750 NULL, subpool, fb->scratch_pool)); 1751 1752 1753 if (strcmp(repos->fs_type, SVN_FS_TYPE_BDB) == 0) 1754 { 1755 svn_error_t *err = multi_freeze(fb, subpool); 1756 1757 svn_pool_destroy(subpool); 1758 1759 return err; 1760 } 1761 else 1762 { 1763 SVN_ERR(svn_fs_open2(&repos->fs, repos->db_path, NULL, subpool, 1764 fb->scratch_pool)); 1765 SVN_ERR(svn_fs_freeze(svn_repos_fs(repos), multi_freeze, fb, 1766 subpool)); 1767 } 1768 1769 svn_pool_destroy(subpool); 1770 } 1771 1772 return SVN_NO_ERROR; 1773} 1774 1775/* For BDB we fall back on BDB's repos layer lock which means that the 1776 repository is unreadable while frozen. 1777 1778 For FSFS we delegate to the FS layer which uses the FSFS write-lock 1779 and an SQLite reserved lock which means the repository is readable 1780 while frozen. */ 1781svn_error_t * 1782svn_repos_freeze(apr_array_header_t *paths, 1783 svn_repos_freeze_func_t freeze_func, 1784 void *freeze_baton, 1785 apr_pool_t *pool) 1786{ 1787 struct freeze_baton_t fb; 1788 1789 fb.paths = paths; 1790 fb.counter = 0; 1791 fb.freeze_func = freeze_func; 1792 fb.freeze_baton = freeze_baton; 1793 fb.scratch_pool = svn_pool_create(pool); 1794 1795 SVN_ERR(multi_freeze(&fb, pool)); 1796 1797 svn_pool_destroy(fb.scratch_pool); 1798 return SVN_NO_ERROR; 1799} 1800 1801svn_error_t *svn_repos_db_logfiles(apr_array_header_t **logfiles, 1802 const char *path, 1803 svn_boolean_t only_unused, 1804 apr_pool_t *pool) 1805{ 1806 svn_repos_t *repos; 1807 int i; 1808 1809 SVN_ERR(get_repos(&repos, path, 1810 FALSE, FALSE, 1811 FALSE, /* Do not open fs. */ 1812 NULL, 1813 pool, pool)); 1814 1815 SVN_ERR(svn_fs_berkeley_logfiles(logfiles, 1816 svn_repos_db_env(repos, pool), 1817 only_unused, 1818 pool)); 1819 1820 /* Loop, printing log files. */ 1821 for (i = 0; i < (*logfiles)->nelts; i++) 1822 { 1823 const char ** log_file = &(APR_ARRAY_IDX(*logfiles, i, const char *)); 1824 *log_file = svn_dirent_join(SVN_REPOS__DB_DIR, *log_file, pool); 1825 } 1826 1827 return SVN_NO_ERROR; 1828} 1829 1830/* Baton for hotcopy_structure(). */ 1831struct hotcopy_ctx_t { 1832 const char *dest; /* target location to construct */ 1833 size_t src_len; /* len of the source path*/ 1834 1835 /* As in svn_repos_hotcopy2() */ 1836 svn_boolean_t incremental; 1837 svn_cancel_func_t cancel_func; 1838 void *cancel_baton; 1839}; 1840 1841/* Copy the repository structure of PATH to BATON->DEST, with exception of 1842 * @c SVN_REPOS__DB_DIR, @c SVN_REPOS__LOCK_DIR and @c SVN_REPOS__FORMAT; 1843 * those directories and files are handled separately. 1844 * 1845 * BATON is a (struct hotcopy_ctx_t *). BATON->SRC_LEN is the length 1846 * of PATH. 1847 * 1848 * Implements svn_io_walk_func_t. 1849 */ 1850static svn_error_t *hotcopy_structure(void *baton, 1851 const char *path, 1852 const apr_finfo_t *finfo, 1853 apr_pool_t *pool) 1854{ 1855 const struct hotcopy_ctx_t *ctx = baton; 1856 const char *sub_path; 1857 const char *target; 1858 1859 if (ctx->cancel_func) 1860 SVN_ERR(ctx->cancel_func(ctx->cancel_baton)); 1861 1862 if (strlen(path) == ctx->src_len) 1863 { 1864 sub_path = ""; 1865 } 1866 else 1867 { 1868 sub_path = &path[ctx->src_len+1]; 1869 1870 /* Check if we are inside db directory and if so skip it */ 1871 if (svn_path_compare_paths 1872 (svn_dirent_get_longest_ancestor(SVN_REPOS__DB_DIR, sub_path, pool), 1873 SVN_REPOS__DB_DIR) == 0) 1874 return SVN_NO_ERROR; 1875 1876 if (svn_path_compare_paths 1877 (svn_dirent_get_longest_ancestor(SVN_REPOS__LOCK_DIR, sub_path, 1878 pool), 1879 SVN_REPOS__LOCK_DIR) == 0) 1880 return SVN_NO_ERROR; 1881 1882 if (svn_path_compare_paths 1883 (svn_dirent_get_longest_ancestor(SVN_REPOS__FORMAT, sub_path, pool), 1884 SVN_REPOS__FORMAT) == 0) 1885 return SVN_NO_ERROR; 1886 } 1887 1888 target = svn_dirent_join(ctx->dest, sub_path, pool); 1889 1890 if (finfo->filetype == APR_DIR) 1891 { 1892 svn_error_t *err; 1893 1894 err = create_repos_dir(target, pool); 1895 if (ctx->incremental && err && err->apr_err == SVN_ERR_DIR_NOT_EMPTY) 1896 { 1897 svn_error_clear(err); 1898 err = SVN_NO_ERROR; 1899 } 1900 return svn_error_trace(err); 1901 } 1902 else if (finfo->filetype == APR_REG) 1903 return svn_io_copy_file(path, target, TRUE, pool); 1904 else if (finfo->filetype == APR_LNK) 1905 return svn_io_copy_link(path, target, pool); 1906 else 1907 return SVN_NO_ERROR; 1908} 1909 1910 1911/** Obtain a lock on db logs lock file. Create one if it does not exist. 1912 */ 1913static svn_error_t * 1914lock_db_logs_file(svn_repos_t *repos, 1915 svn_boolean_t exclusive, 1916 apr_pool_t *pool) 1917{ 1918 const char * lock_file = svn_repos_db_logs_lockfile(repos, pool); 1919 1920 /* Try to create a lock file, in case if it is missing. As in case of the 1921 repositories created before hotcopy functionality. */ 1922 svn_error_clear(create_db_logs_lock(repos, pool)); 1923 1924 return svn_io_file_lock2(lock_file, exclusive, FALSE, pool); 1925} 1926 1927 1928/* Baton used with fs_hotcopy_notify(), specifying the svn_repos layer 1929 * notification parameters. 1930 */ 1931struct fs_hotcopy_notify_baton_t 1932{ 1933 svn_repos_notify_func_t notify_func; 1934 void *notify_baton; 1935}; 1936 1937/* Implements svn_fs_hotcopy_notify_t as forwarding to a 1938 * svn_repos_notify_func_t passed in a fs_hotcopy_notify_baton_t* BATON. 1939 */ 1940static void 1941fs_hotcopy_notify(void *baton, 1942 svn_revnum_t start_revision, 1943 svn_revnum_t end_revision, 1944 apr_pool_t *pool) 1945{ 1946 struct fs_hotcopy_notify_baton_t *fs_baton = baton; 1947 svn_repos_notify_t *notify; 1948 1949 notify = svn_repos_notify_create(svn_repos_notify_hotcopy_rev_range, pool); 1950 notify->start_revision = start_revision; 1951 notify->end_revision = end_revision; 1952 1953 fs_baton->notify_func(fs_baton->notify_baton, notify, pool); 1954} 1955 1956/* Make a copy of a repository with hot backup of fs. */ 1957svn_error_t * 1958svn_repos_hotcopy3(const char *src_path, 1959 const char *dst_path, 1960 svn_boolean_t clean_logs, 1961 svn_boolean_t incremental, 1962 svn_repos_notify_func_t notify_func, 1963 void *notify_baton, 1964 svn_cancel_func_t cancel_func, 1965 void *cancel_baton, 1966 apr_pool_t *scratch_pool) 1967{ 1968 svn_fs_hotcopy_notify_t fs_notify_func; 1969 struct fs_hotcopy_notify_baton_t fs_notify_baton; 1970 struct hotcopy_ctx_t hotcopy_context; 1971 const char *src_abspath; 1972 const char *dst_abspath; 1973 svn_repos_t *src_repos; 1974 svn_repos_t *dst_repos; 1975 svn_error_t *err; 1976 1977 SVN_ERR(svn_dirent_get_absolute(&src_abspath, src_path, scratch_pool)); 1978 SVN_ERR(svn_dirent_get_absolute(&dst_abspath, dst_path, scratch_pool)); 1979 if (strcmp(src_abspath, dst_abspath) == 0) 1980 return svn_error_create(SVN_ERR_INCORRECT_PARAMS, NULL, 1981 _("Hotcopy source and destination are equal")); 1982 1983 /* Try to open original repository */ 1984 SVN_ERR(get_repos(&src_repos, src_abspath, 1985 FALSE, FALSE, 1986 FALSE, /* don't try to open the db yet. */ 1987 NULL, 1988 scratch_pool, scratch_pool)); 1989 1990 /* If we are going to clean logs, then get an exclusive lock on 1991 db-logs.lock, to ensure that no one else will work with logs. 1992 1993 If we are just copying, then get a shared lock to ensure that 1994 no one else will clean logs while we copying them */ 1995 1996 SVN_ERR(lock_db_logs_file(src_repos, clean_logs, scratch_pool)); 1997 1998 /* Copy the repository to a new path, with exception of 1999 specially handled directories */ 2000 2001 hotcopy_context.dest = dst_abspath; 2002 hotcopy_context.src_len = strlen(src_abspath); 2003 hotcopy_context.incremental = incremental; 2004 hotcopy_context.cancel_func = cancel_func; 2005 hotcopy_context.cancel_baton = cancel_baton; 2006 SVN_ERR(svn_io_dir_walk2(src_abspath, 2007 0, 2008 hotcopy_structure, 2009 &hotcopy_context, 2010 scratch_pool)); 2011 2012 /* Prepare dst_repos object so that we may create locks, 2013 so that we may open repository */ 2014 2015 dst_repos = create_svn_repos_t(dst_abspath, scratch_pool); 2016 dst_repos->fs_type = src_repos->fs_type; 2017 dst_repos->format = src_repos->format; 2018 2019 err = create_locks(dst_repos, scratch_pool); 2020 if (err) 2021 { 2022 if (incremental && err->apr_err == SVN_ERR_DIR_NOT_EMPTY) 2023 svn_error_clear(err); 2024 else 2025 return svn_error_trace(err); 2026 } 2027 2028 err = svn_io_dir_make_sgid(dst_repos->db_path, APR_OS_DEFAULT, 2029 scratch_pool); 2030 if (err) 2031 { 2032 if (incremental && APR_STATUS_IS_EEXIST(err->apr_err)) 2033 svn_error_clear(err); 2034 else 2035 return svn_error_trace(err); 2036 } 2037 2038 /* Exclusively lock the new repository. 2039 No one should be accessing it at the moment */ 2040 SVN_ERR(lock_repos(dst_repos, TRUE, FALSE, scratch_pool)); 2041 2042 fs_notify_func = notify_func ? fs_hotcopy_notify : NULL; 2043 fs_notify_baton.notify_func = notify_func; 2044 fs_notify_baton.notify_baton = notify_baton; 2045 2046 SVN_ERR(svn_fs_hotcopy3(src_repos->db_path, dst_repos->db_path, 2047 clean_logs, incremental, 2048 fs_notify_func, &fs_notify_baton, 2049 cancel_func, cancel_baton, scratch_pool)); 2050 2051 /* Destination repository is ready. Stamp it with a format number. */ 2052 return svn_io_write_version_file 2053 (svn_dirent_join(dst_repos->path, SVN_REPOS__FORMAT, scratch_pool), 2054 dst_repos->format, scratch_pool); 2055} 2056 2057/* Return the library version number. */ 2058const svn_version_t * 2059svn_repos_version(void) 2060{ 2061 SVN_VERSION_BODY; 2062} 2063 2064 2065 2066svn_error_t * 2067svn_repos_stat(svn_dirent_t **dirent, 2068 svn_fs_root_t *root, 2069 const char *path, 2070 apr_pool_t *pool) 2071{ 2072 svn_node_kind_t kind; 2073 svn_dirent_t *ent; 2074 const char *datestring; 2075 2076 SVN_ERR(svn_fs_check_path(&kind, root, path, pool)); 2077 2078 if (kind == svn_node_none) 2079 { 2080 *dirent = NULL; 2081 return SVN_NO_ERROR; 2082 } 2083 2084 ent = svn_dirent_create(pool); 2085 ent->kind = kind; 2086 2087 if (kind == svn_node_file) 2088 SVN_ERR(svn_fs_file_length(&(ent->size), root, path, pool)); 2089 2090 SVN_ERR(svn_fs_node_has_props(&ent->has_props, root, path, pool)); 2091 2092 SVN_ERR(svn_repos_get_committed_info(&(ent->created_rev), 2093 &datestring, 2094 &(ent->last_author), 2095 root, path, pool)); 2096 if (datestring) 2097 SVN_ERR(svn_time_from_cstring(&(ent->time), datestring, pool)); 2098 2099 *dirent = ent; 2100 return SVN_NO_ERROR; 2101} 2102 2103svn_error_t * 2104svn_repos_remember_client_capabilities(svn_repos_t *repos, 2105 const apr_array_header_t *capabilities) 2106{ 2107 repos->client_capabilities = capabilities; 2108 return SVN_NO_ERROR; 2109} 2110 2111svn_error_t * 2112svn_repos__fs_type(const char **fs_type, 2113 const char *repos_path, 2114 apr_pool_t *pool) 2115{ 2116 svn_repos_t repos; 2117 repos.path = (char*)repos_path; 2118 2119 SVN_ERR(check_repos_format(&repos, pool)); 2120 2121 return svn_fs_type(fs_type, 2122 svn_dirent_join(repos_path, SVN_REPOS__DB_DIR, pool), 2123 pool); 2124} 2125