subject:"Bug in docs regarding case\-sensitivity\?"

Re: Bug in docs regarding case-sensitivity?

2019-12-14 Thread Branko Čibej

On 14.12.2019 14:38, sebb wrote:
> On Sat, 14 Dec 2019 at 13:33, Daniel Shahaf  > wrote:
>
> sebb wrote on Sat, 14 Dec 2019 13:17 +00:00:
> > On Sat, 14 Dec 2019 at 11:51, Daniel Shahaf
> mailto:d...@daniel.shahaf.name>> wrote:
> > > sebb wrote on Sat, 14 Dec 2019 09:20 +00:00:
> > >  > The code comment here [1] and the wiki [2] both state that
> section name
> > >  > matching is case-insensitive.
> > >  >
> > >  > However my reading of the document here [3] says this
> changed in version 1.7.
> > >
> > >  Thank you for taking the time to point out the specific text
> within that
> > >  page you had in mind, to save us all looking for it. (It's
> the first
> > >  "No Entry" box.)
> > >
> > >  > These docs don't seem consistent to me.
> > >
> > >  The two documents describe different layers. [1] and [2]
> describe the
> > >  configuration parsing module (svn_config_*), whereas [3] —
> says that
> > >  the implementation of authz (≤1.6) did case conversions
> before or after
> > >  calling svn_config_*().
> > >
> >
> > However [2] says:
> >
>
> [2] is not normative.  The C API docs are normative.  The API errata,
> release notes, and CVE advisories are all fair game.  But the wiki
> serves
> as the whiteboard in our virtual office; it isn't API documentation.
>
> However [1] says:
>
> "Section and option names are case-insensitive, but case is preserved."


Configuration files and authz files no longer use the same
representation. Since you've been reading the section on config files in
the wiki, I propose you also read this:

https://cwiki.apache.org/confluence/display/SVN/Path-Based+Access+Control

It's far from finished, but it *does* describe the differences in syntax
and semantics.

-- Brane

Re: Bug in docs regarding case-sensitivity?

2019-12-14 Thread Daniel Shahaf

sebb wrote on Sat, 14 Dec 2019 13:38 +00:00:
> However [1] says:
> 
> "Section and option names are case-insensitive, but case is preserved."
> 
> Is that still accurate?

Test it and, should you find that it isn't accurate, let us know.

Re: Bug in docs regarding case-sensitivity?

2019-12-14 Thread sebb

On Sat, 14 Dec 2019 at 13:33, Daniel Shahaf  wrote:

> sebb wrote on Sat, 14 Dec 2019 13:17 +00:00:
> > On Sat, 14 Dec 2019 at 11:51, Daniel Shahaf 
> wrote:
> > > sebb wrote on Sat, 14 Dec 2019 09:20 +00:00:
> > >  > The code comment here [1] and the wiki [2] both state that section
> name
> > >  > matching is case-insensitive.
> > >  >
> > >  > However my reading of the document here [3] says this changed in
> version 1.7.
> > >
> > >  Thank you for taking the time to point out the specific text within
> that
> > >  page you had in mind, to save us all looking for it. (It's the first
> > >  "No Entry" box.)
> > >
> > >  > These docs don't seem consistent to me.
> > >
> > >  The two documents describe different layers. [1] and [2] describe the
> > >  configuration parsing module (svn_config_*), whereas [3] — says that
> > >  the implementation of authz (≤1.6) did case conversions before or
> after
> > >  calling svn_config_*().
> > >
> >
> > However [2] says:
> >
>
> [2] is not normative.  The C API docs are normative.  The API errata,
> release notes, and CVE advisories are all fair game.  But the wiki serves
> as the whiteboard in our virtual office; it isn't API documentation.
>
> However [1] says:

"Section and option names are case-insensitive, but case is preserved."

Is that still accurate?


>  > "This means that, for example, you cannot have two different sections
> > named [Section] and [section];"
>
> This was true through 1.6.x.  In 1.7.x, consumers of the svn_config_*
> API can decide whether section-names should be case-sensitive or not.
> See svn_config_read():
>
> [[[
> /** Similar to svn_config_read2, but always passes @c FALSE to
>  * @a section_names_case_sensitive.
>  *
>  * @deprecated Provided for backward compatibility with 1.6 API.
>  */
> SVN_DEPRECATED
> svn_error_t *
> svn_config_read(svn_config_t **cfgp,
> const char *file,
> svn_boolean_t must_exist,
> apr_pool_t *result_pool);
> ]]]
>
> > which to me implies that the following is not allowed:
> >
> > [/public]
> > * = r
> >
> > [/PuBliC]
> > * =
> >
> > Whereas according to my reading of [3] that should be allowed.
>
> It's allowed, and works:
>
> % svnauthz accessof --path /foo =(printf '%s\n' '[/foo]' '*=r'
> '[/FOO]' '*=' )
> r
> % svnauthz accessof --path /FOO =(printf '%s\n' '[/foo]' '*=r'
> '[/FOO]' '*=' )
> no
> %
>
> In 1.6 it would be case insensitive.
>

Re: Bug in docs regarding case-sensitivity?

2019-12-14 Thread Daniel Shahaf

sebb wrote on Sat, 14 Dec 2019 13:17 +00:00:
> On Sat, 14 Dec 2019 at 11:51, Daniel Shahaf  wrote:
> > sebb wrote on Sat, 14 Dec 2019 09:20 +00:00:
> >  > The code comment here [1] and the wiki [2] both state that section name 
> >  > matching is case-insensitive.
> >  > 
> >  > However my reading of the document here [3] says this changed in version 
> > 1.7.
> > 
> >  Thank you for taking the time to point out the specific text within that
> >  page you had in mind, to save us all looking for it. (It's the first
> >  "No Entry" box.)
> > 
> >  > These docs don't seem consistent to me.
> > 
> >  The two documents describe different layers. [1] and [2] describe the
> >  configuration parsing module (svn_config_*), whereas [3] — says that
> >  the implementation of authz (≤1.6) did case conversions before or after
> >  calling svn_config_*().
> > 
> 
> However [2] says:
> 

[2] is not normative.  The C API docs are normative.  The API errata,
release notes, and CVE advisories are all fair game.  But the wiki serves
as the whiteboard in our virtual office; it isn't API documentation.

> "This means that, for example, you cannot have two different sections 
> named [Section] and [section];"

This was true through 1.6.x.  In 1.7.x, consumers of the svn_config_*
API can decide whether section-names should be case-sensitive or not.
See svn_config_read():

[[[
/** Similar to svn_config_read2, but always passes @c FALSE to
 * @a section_names_case_sensitive.
 *
 * @deprecated Provided for backward compatibility with 1.6 API.
 */
SVN_DEPRECATED
svn_error_t *
svn_config_read(svn_config_t **cfgp,
const char *file,
svn_boolean_t must_exist,
apr_pool_t *result_pool);
]]]

> which to me implies that the following is not allowed:
> 
> [/public]
> * = r
> 
> [/PuBliC]
> * =
> 
> Whereas according to my reading of [3] that should be allowed.

It's allowed, and works:

% svnauthz accessof --path /foo =(printf '%s\n' '[/foo]' '*=r' '[/FOO]' 
'*=' ) 
r
% svnauthz accessof --path /FOO =(printf '%s\n' '[/foo]' '*=r' '[/FOO]' 
'*=' ) 
no
% 

In 1.6 it would be case insensitive.

Re: Bug in docs regarding case-sensitivity?

2019-12-14 Thread sebb

On Sat, 14 Dec 2019 at 11:51, Daniel Shahaf  wrote:

> sebb wrote on Sat, 14 Dec 2019 09:20 +00:00:
> > The code comment here [1] and the wiki [2] both state that section name
> > matching is case-insensitive.
> >
> > However my reading of the document here [3] says this changed in version
> 1.7.
>
> Thank you for taking the time to point out the specific text within that
> page you had in mind, to save us all looking for it.  (It's the first
> "No Entry" box.)
>
> > These docs don't seem consistent to me.
>
> The two documents describe different layers.  [1] and [2] describe the
> configuration parsing module (svn_config_*), whereas [3] — says that
> the implementation of authz (≤1.6) did case conversions before or after
> calling svn_config_*().
>
>
However [2] says:

"This means that, for example, you cannot have two different sections named
[Section] and [section];"

which to me implies that the following is not allowed:

[/public]
* = r

[/PuBliC]
* =

Whereas according to my reading of [3] that should be allowed.


> S.
> > [1]
> >
> https://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/config_file.c?view=markup#l1004
> > [2]
> >
> https://cwiki.apache.org/confluence/display/SVN/Configuration+File+Syntax
> > [3]
> > http://svnbook.red-bean.com/en/1.7/svn.serverconfig.pathbasedauthz.html
>

Re: Bug in docs regarding case-sensitivity?

2019-12-14 Thread Daniel Shahaf

sebb wrote on Sat, 14 Dec 2019 09:20 +00:00:
> The code comment here [1] and the wiki [2] both state that section name 
> matching is case-insensitive.
> 
> However my reading of the document here [3] says this changed in version 1.7.

Thank you for taking the time to point out the specific text within that
page you had in mind, to save us all looking for it.  (It's the first
"No Entry" box.)

> These docs don't seem consistent to me.

The two documents describe different layers.  [1] and [2] describe the
configuration parsing module (svn_config_*), whereas [3] — says that
the implementation of authz (≤1.6) did case conversions before or after
calling svn_config_*().

> S.
> [1] 
> https://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/config_file.c?view=markup#l1004
> [2] 
> https://cwiki.apache.org/confluence/display/SVN/Configuration+File+Syntax
> [3] 
> http://svnbook.red-bean.com/en/1.7/svn.serverconfig.pathbasedauthz.html

Bug in docs regarding case-sensitivity?

2019-12-14 Thread sebb

The code comment here [1] and the wiki [2] both state that section name
matching is case-insensitive.

However my reading of the document here [3] says this changed in version
1.7.

These docs don't seem consistent to me.

S.
[1]
https://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/config_file.c?view=markup#l1004
[2]
https://cwiki.apache.org/confluence/display/SVN/Configuration+File+Syntax
[3] http://svnbook.red-bean.com/en/1.7/svn.serverconfig.pathbasedauthz.html

Re: Bug in docs regarding case-sensitivity?

Re: Bug in docs regarding case-sensitivity?

Re: Bug in docs regarding case-sensitivity?

Re: Bug in docs regarding case-sensitivity?

Re: Bug in docs regarding case-sensitivity?

Re: Bug in docs regarding case-sensitivity?

Bug in docs regarding case-sensitivity?

7 matches

Site Navigation

Mail list logo

Footer information