Author: danielsh Date: Wed May 13 09:43:28 2015 New Revision: 1679166 URL: http://svn.apache.org/r1679166 Log: svnsync: Split --trust-server-cert-failures into separate options for the source and destination repositories.
Suggested by: philip * subversion/svnsync/svnsync.c (svnsync_opt_trust_server_cert_failures, svnsync_options."trust-server-cert-failures): Removed option. (svnsync_opt_trust_server_cert_failures_src, svnsync_opt_trust_server_cert_failures_dst, svnsync_options."source-trust-server-cert-failures", svnsync_options."sync-trust-server-cert-failures"): New options. Reflow the help text (due to the longer option name). (SVNSYNC_OPTS_DEFAULT, svnsync_options."trust-server-cert-failures"): Track option split. (opt_baton_t.src_trust, opt_baton_t.dst_trust): New struct members. (sub_main): Parse new options, use them when creating the two auth batons. Modified: subversion/trunk/subversion/svnsync/svnsync.c Modified: subversion/trunk/subversion/svnsync/svnsync.c URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/svnsync/svnsync.c?rev=1679166&r1=1679165&r2=1679166&view=diff ============================================================================== --- subversion/trunk/subversion/svnsync/svnsync.c (original) +++ subversion/trunk/subversion/svnsync/svnsync.c Wed May 13 09:43:28 2015 @@ -68,7 +68,8 @@ enum svnsync__opt { svnsync_opt_disable_locking, svnsync_opt_version, svnsync_opt_trust_server_cert, - svnsync_opt_trust_server_cert_failures, + svnsync_opt_trust_server_cert_failures_src, + svnsync_opt_trust_server_cert_failures_dst, svnsync_opt_allow_non_empty, svnsync_opt_steal_lock }; @@ -79,7 +80,8 @@ enum svnsync__opt { svnsync_opt_auth_username, \ svnsync_opt_auth_password, \ svnsync_opt_trust_server_cert, \ - svnsync_opt_trust_server_cert_failures, \ + svnsync_opt_trust_server_cert_failures_src, \ + svnsync_opt_trust_server_cert_failures_dst, \ svnsync_opt_source_username, \ svnsync_opt_source_password, \ svnsync_opt_sync_username, \ @@ -198,21 +200,35 @@ static const apr_getopt_option_t svnsync {"trust-server-cert", svnsync_opt_trust_server_cert, 0, N_("deprecated; same as\n" " " - "--trust-server-cert-failures=unknown-ca")}, - {"trust-server-cert-failures", svnsync_opt_trust_server_cert_failures, 1, - N_("with --non-interactive, accept SSL server\n" + "--source-trust-server-cert-failures=unknown-ca\n" " " - "certificates with failures; ARG is comma-separated\n" + "--sync-trust-server-cert-failures=unknown-ca")}, + {"source-trust-server-cert-failures", svnsync_opt_trust_server_cert_failures_src, 1, + N_("with --non-interactive, accept SSL\n" " " - "list of 'unknown-ca' (Unknown Authority),\n" + "server certificates with failures.\n" " " - "'cn-mismatch' (Hostname mismatch), 'expired'\n" + "ARG is a comma-separated list of:\n" " " - "(Expired certificate), 'not-yet-valid' (Not yet\n" + "- 'unknown-ca' (Unknown Authority)\n" " " - "valid certificate) and 'other' (all other not\n" + "- 'cn-mismatch' (Hostname mismatch)\n" " " - "separately classified certificate errors).")}, + "- 'expired' (Expired certificate)\n" + " " + "- 'not-yet-valid' (Not yet valid certificate)\n" + " " + "- 'other' (all other not separately classified\n" + " " + " certificate errors).\n" + " " + "Applied to the source URL.")}, + {"sync-trust-server-cert-failures", svnsync_opt_trust_server_cert_failures_dst, 1, + N_("Like\n" + " " + "--source-trust-server-cert-failures,\n" + " " + "but applied to the destination URL.")}, {"source-username", svnsync_opt_source_username, 1, N_("connect to source repository with username ARG") }, {"source-password", svnsync_opt_source_password, 1, @@ -266,11 +282,13 @@ static const apr_getopt_option_t svnsync typedef struct opt_baton_t { svn_boolean_t non_interactive; - svn_boolean_t trust_server_cert_unknown_ca; - svn_boolean_t trust_server_cert_cn_mismatch; - svn_boolean_t trust_server_cert_expired; - svn_boolean_t trust_server_cert_not_yet_valid; - svn_boolean_t trust_server_cert_other_failure; + struct { + svn_boolean_t trust_server_cert_unknown_ca; + svn_boolean_t trust_server_cert_cn_mismatch; + svn_boolean_t trust_server_cert_expired; + svn_boolean_t trust_server_cert_not_yet_valid; + svn_boolean_t trust_server_cert_other_failure; + } src_trust, dst_trust; svn_boolean_t no_auth_cache; svn_auth_baton_t *source_auth_baton; svn_auth_baton_t *sync_auth_baton; @@ -1994,17 +2012,29 @@ sub_main(int *exit_code, int argc, const break; case svnsync_opt_trust_server_cert: /* backwards compat */ - opt_baton.trust_server_cert_unknown_ca = TRUE; + opt_baton.src_trust.trust_server_cert_unknown_ca = TRUE; + opt_baton.dst_trust.trust_server_cert_unknown_ca = TRUE; + break; + + case svnsync_opt_trust_server_cert_failures_src: + SVN_ERR(svn_utf_cstring_to_utf8(&opt_arg, opt_arg, pool)); + SVN_ERR(svn_cmdline__parse_trust_options( + &opt_baton.src_trust.trust_server_cert_unknown_ca, + &opt_baton.src_trust.trust_server_cert_cn_mismatch, + &opt_baton.src_trust.trust_server_cert_expired, + &opt_baton.src_trust.trust_server_cert_not_yet_valid, + &opt_baton.src_trust.trust_server_cert_other_failure, + opt_arg, pool)); break; - case svnsync_opt_trust_server_cert_failures: + case svnsync_opt_trust_server_cert_failures_dst: SVN_ERR(svn_utf_cstring_to_utf8(&opt_arg, opt_arg, pool)); SVN_ERR(svn_cmdline__parse_trust_options( - &opt_baton.trust_server_cert_unknown_ca, - &opt_baton.trust_server_cert_cn_mismatch, - &opt_baton.trust_server_cert_expired, - &opt_baton.trust_server_cert_not_yet_valid, - &opt_baton.trust_server_cert_other_failure, + &opt_baton.dst_trust.trust_server_cert_unknown_ca, + &opt_baton.dst_trust.trust_server_cert_cn_mismatch, + &opt_baton.dst_trust.trust_server_cert_expired, + &opt_baton.dst_trust.trust_server_cert_not_yet_valid, + &opt_baton.dst_trust.trust_server_cert_other_failure, opt_arg, pool)); break; @@ -2196,13 +2226,20 @@ sub_main(int *exit_code, int argc, const /* --trust-* can only be used with --non-interactive */ if (!opt_baton.non_interactive) { - if (opt_baton.trust_server_cert_unknown_ca - || opt_baton.trust_server_cert_cn_mismatch - || opt_baton.trust_server_cert_expired - || opt_baton.trust_server_cert_not_yet_valid - || opt_baton.trust_server_cert_other_failure) + if (opt_baton.src_trust.trust_server_cert_unknown_ca + || opt_baton.src_trust.trust_server_cert_cn_mismatch + || opt_baton.src_trust.trust_server_cert_expired + || opt_baton.src_trust.trust_server_cert_not_yet_valid + || opt_baton.src_trust.trust_server_cert_other_failure + || opt_baton.dst_trust.trust_server_cert_unknown_ca + || opt_baton.dst_trust.trust_server_cert_cn_mismatch + || opt_baton.dst_trust.trust_server_cert_expired + || opt_baton.dst_trust.trust_server_cert_not_yet_valid + || opt_baton.dst_trust.trust_server_cert_other_failure) return svn_error_create(SVN_ERR_CL_ARG_PARSING_ERROR, NULL, - _("--trust-server-cert-failures requires " + _("--source-trust-server-cert-failures " + "and " + "--sync-trust-server-cert-failures require " "--non-interactive")); } @@ -2322,11 +2359,11 @@ sub_main(int *exit_code, int argc, const opt_baton.source_password, opt_baton.config_dir, opt_baton.no_auth_cache, - opt_baton.trust_server_cert_unknown_ca, - opt_baton.trust_server_cert_cn_mismatch, - opt_baton.trust_server_cert_expired, - opt_baton.trust_server_cert_not_yet_valid, - opt_baton.trust_server_cert_other_failure, + opt_baton.src_trust.trust_server_cert_unknown_ca, + opt_baton.src_trust.trust_server_cert_cn_mismatch, + opt_baton.src_trust.trust_server_cert_expired, + opt_baton.src_trust.trust_server_cert_not_yet_valid, + opt_baton.src_trust.trust_server_cert_other_failure, config, check_cancel, NULL, pool); @@ -2338,11 +2375,11 @@ sub_main(int *exit_code, int argc, const opt_baton.sync_password, opt_baton.config_dir, opt_baton.no_auth_cache, - opt_baton.trust_server_cert_unknown_ca, - opt_baton.trust_server_cert_cn_mismatch, - opt_baton.trust_server_cert_expired, - opt_baton.trust_server_cert_not_yet_valid, - opt_baton.trust_server_cert_other_failure, + opt_baton.dst_trust.trust_server_cert_unknown_ca, + opt_baton.dst_trust.trust_server_cert_cn_mismatch, + opt_baton.dst_trust.trust_server_cert_expired, + opt_baton.dst_trust.trust_server_cert_not_yet_valid, + opt_baton.dst_trust.trust_server_cert_other_failure, config, check_cancel, NULL, pool);