server.h revision 299742
1/* 2 * svn_server.h : declarations for the svn server 3 * 4 * ==================================================================== 5 * Licensed to the Apache Software Foundation (ASF) under one 6 * or more contributor license agreements. See the NOTICE file 7 * distributed with this work for additional information 8 * regarding copyright ownership. The ASF licenses this file 9 * to you under the Apache License, Version 2.0 (the 10 * "License"); you may not use this file except in compliance 11 * with the License. You may obtain a copy of the License at 12 * 13 * http://www.apache.org/licenses/LICENSE-2.0 14 * 15 * Unless required by applicable law or agreed to in writing, 16 * software distributed under the License is distributed on an 17 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 18 * KIND, either express or implied. See the License for the 19 * specific language governing permissions and limitations 20 * under the License. 21 * ==================================================================== 22 */ 23 24 25 26#ifndef SERVER_H 27#define SERVER_H 28 29#include <apr_network_io.h> 30 31#ifdef __cplusplus 32extern "C" { 33#endif /* __cplusplus */ 34 35#include "svn_config.h" 36#include "svn_repos.h" 37#include "svn_ra_svn.h" 38 39#include "private/svn_atomic.h" 40#include "private/svn_mutex.h" 41#include "private/svn_repos_private.h" 42#include "private/svn_subr_private.h" 43 44enum username_case_type { CASE_FORCE_UPPER, CASE_FORCE_LOWER, CASE_ASIS }; 45 46enum authn_type { UNAUTHENTICATED, AUTHENTICATED }; 47enum access_type { NO_ACCESS, READ_ACCESS, WRITE_ACCESS }; 48 49typedef struct repository_t { 50 svn_repos_t *repos; 51 const char *repos_name; /* URI-encoded name of repository (not for authz) */ 52 const char *repos_root; /* Repository root directory */ 53 svn_fs_t *fs; /* For convenience; same as svn_repos_fs(repos) */ 54 const char *base; /* Base directory for config files */ 55 svn_config_t *pwdb; /* Parsed password database */ 56 svn_authz_t *authzdb; /* Parsed authz rules */ 57 const char *authz_repos_name; /* The name of the repository for authz */ 58 const char *realm; /* Authentication realm */ 59 const char *repos_url; /* URL to base of repository */ 60 const char *hooks_env; /* Path to the hooks environment file or NULL */ 61 const char *uuid; /* Repository ID */ 62 apr_array_header_t *capabilities; 63 /* Client capabilities (SVN_RA_CAPABILITY_*) */ 64 svn_stringbuf_t *fs_path;/* Decoded base in-repos path (w/ leading slash) */ 65 enum username_case_type username_case; /* Case-normalize the username? */ 66 svn_boolean_t use_sasl; /* Use Cyrus SASL for authentication; 67 always false if SVN_HAVE_SASL not defined */ 68 unsigned min_ssf; /* min-encryption SASL parameter */ 69 unsigned max_ssf; /* max-encryption SASL parameter */ 70 71 enum access_type auth_access; /* access granted to authenticated users */ 72 enum access_type anon_access; /* access granted to annonymous users */ 73 74} repository_t; 75 76typedef struct client_info_t { 77 const char *user; /* Authenticated username of the user */ 78 const char *remote_host; /* IP of the client that contacted the server */ 79 const char *authz_user; /* Username for authz ('user' + 'username_case') */ 80 svn_boolean_t tunnel; /* Tunneled through login agent */ 81 const char *tunnel_user; /* Allow EXTERNAL to authenticate as this */ 82} client_info_t; 83 84typedef struct server_baton_t { 85 repository_t *repository; /* repository-specific data to use */ 86 client_info_t *client_info; /* client-specific data to use */ 87 struct logger_t *logger; /* Log file data structure. 88 May be NULL even if log_file is not. */ 89 svn_boolean_t read_only; /* Disallow write access (global flag) */ 90 svn_boolean_t vhost; /* Use virtual-host-based path to repo. */ 91 apr_pool_t *pool; 92} server_baton_t; 93 94typedef struct serve_params_t { 95 /* The virtual root of the repositories to serve. The client URL 96 path is interpreted relative to this root and is not allowed to 97 escape it. */ 98 const char *root; 99 100 /* True if the connection is tunneled over an ssh-like transport, 101 such that the client may use EXTERNAL to authenticate as the 102 current uid's username. */ 103 svn_boolean_t tunnel; 104 105 /* If tunnel is true, overrides the current uid's username as the 106 identity EXTERNAL authenticates as. */ 107 const char *tunnel_user; 108 109 /* True if the read-only flag was specified on the command-line, 110 which forces all connections to be read-only. */ 111 svn_boolean_t read_only; 112 113 /* The base directory for any relative configuration files. */ 114 const char *base; 115 116 /* A parsed repository svnserve configuration file, ala 117 svnserve.conf. If this is NULL, then no configuration file was 118 specified on the command line. If this is non-NULL, then 119 per-repository svnserve.conf are not read. */ 120 svn_config_t *cfg; 121 122 /* logging data structure; possibly NULL. */ 123 struct logger_t *logger; 124 125 /* all configurations should be opened through this factory */ 126 svn_repos__config_pool_t *config_pool; 127 128 /* all authz data should be opened through this factory */ 129 svn_repos__authz_pool_t *authz_pool; 130 131 /* The FS configuration to be applied to all repositories. 132 It mainly contains things like cache settings. */ 133 apr_hash_t *fs_config; 134 135 /* Username case normalization style. */ 136 enum username_case_type username_case; 137 138 /* Size of the in-memory cache (used by FSFS only). */ 139 apr_uint64_t memory_cache_size; 140 141 /* Data compression level to reduce for network traffic. If this 142 is 0, no compression should be applied and the protocol may 143 fall back to svndiff "version 0" bypassing zlib entirely. 144 Defaults to SVN_DELTA_COMPRESSION_LEVEL_DEFAULT. */ 145 int compression_level; 146 147 /* Item size up to which we use the zero-copy code path to transmit 148 them over the network. 0 disables that code path. */ 149 apr_size_t zero_copy_limit; 150 151 /* Amount of data to send between checks for cancellation requests 152 coming in from the client. */ 153 apr_size_t error_check_interval; 154 155 /* Use virtual-host-based path to repo. */ 156 svn_boolean_t vhost; 157} serve_params_t; 158 159/* This structure contains all data that describes a client / server 160 connection. Their lifetime is separated from the thread-local 161 serving pools. */ 162typedef struct connection_t 163{ 164 /* socket return by accept() */ 165 apr_socket_t *usock; 166 167 /* server-global parameters */ 168 serve_params_t *params; 169 170 /* connection-specific objects */ 171 server_baton_t *baton; 172 173 /* buffered connection object used by the marshaller */ 174 svn_ra_svn_conn_t *conn; 175 176 /* memory pool for objects with connection lifetime */ 177 apr_pool_t *pool; 178 179 /* Number of threads using the pool. 180 The pool passed to apr_thread_create can only be released when both 181 182 A: the call to apr_thread_create has returned to the calling thread 183 B: the new thread has started running and reached apr_thread_start_t 184 185 So we set the atomic counter to 2 then both the calling thread and 186 the new thread decrease it and when it reaches 0 the pool can be 187 released. */ 188 svn_atomic_t ref_count; 189 190} connection_t; 191 192/* Return a client_info_t structure allocated in POOL and initialize it 193 * with data from CONN. */ 194client_info_t * get_client_info(svn_ra_svn_conn_t *conn, 195 serve_params_t *params, 196 apr_pool_t *pool); 197 198/* Serve the connection CONN according to the parameters PARAMS. */ 199svn_error_t *serve(svn_ra_svn_conn_t *conn, serve_params_t *params, 200 apr_pool_t *pool); 201 202/* Serve the connection CONNECTION for as long as IS_BUSY does not 203 return TRUE. If IS_BUSY is NULL, serve the connection until it 204 either gets terminated or there is an error. If TERMINATE_P is 205 not NULL, set *TERMINATE_P to TRUE if the connection got 206 terminated. 207 208 For the first call, CONNECTION->CONN may be NULL in which case we 209 will create an ra_svn connection object. Subsequent calls will 210 check for an open repository and automatically re-open the repo 211 in pool if necessary. 212 */ 213svn_error_t * 214serve_interruptable(svn_boolean_t *terminate_p, 215 connection_t *connection, 216 svn_boolean_t (* is_busy)(connection_t *), 217 apr_pool_t *pool); 218 219/* Initialize the Cyrus SASL library. POOL is used for allocations. */ 220svn_error_t *cyrus_init(apr_pool_t *pool); 221 222/* Authenticate using Cyrus SASL. */ 223svn_error_t *cyrus_auth_request(svn_ra_svn_conn_t *conn, 224 apr_pool_t *pool, 225 server_baton_t *b, 226 enum access_type required, 227 svn_boolean_t needs_username); 228 229/* Escape SOURCE into DEST where SOURCE is null-terminated and DEST is 230 size BUFLEN DEST will be null-terminated. Returns number of bytes 231 written, including terminating null byte. */ 232apr_size_t escape_errorlog_item(char *dest, const char *source, 233 apr_size_t buflen); 234 235#ifdef __cplusplus 236} 237#endif /* __cplusplus */ 238 239#endif /* SERVER_H */ 240