David Waite <mass@akuma.org> (mass)

r847026, r847005, r847004, r847003, r846938, r845591, r845423, r845391, r845360, r845351, r845331, r845311, r845310, r845281, r845258, r845249, r844748, r844725, r844706, r844686, r844676, r844671, r844670, r842961

r842961 | kfogel | 2002-08-05 21:22:22 +0000 (Mon, 05 Aug 2002)

* subversion/clients/cmdline/main.c
  (svn_cl__options): Remove workaround for an issue in the APR getopt
  code which caused a non-null long name to be required.  This has
  been fixed in APR now, so we no longer need the workaround.

Patch by: David Waite <mass@akuma.org>

r844670 | mass | 2003-01-26 22:40:05 +0000 (Sun, 26 Jan 2003)

Branch /branches/issue-650-ssl-certs/ : ssl server and client certificates.

r844671 | mass | 2003-01-26 22:59:34 +0000 (Sun, 26 Jan 2003)

* subversion/libsvn_ra_dav/session.c:
  New function get_server_setting
  New function get_server_setting_int
  Removed function get_server_settings, moving the logic into svn_ra_dav__open

r844676 | mass | 2003-01-27 07:10:47 +0000 (Mon, 27 Jan 2003)

Added beginning of server certificate support. 

* subversion/libsvn_ra_dav/session.c: added struct ssl_verify_baton_t,
  for passing in the appropriate server config group, and passing out
  any valid error. ssl_set_verify_callback now performs verification.
  The ssl-authorities-file config option points to an CA certificate
  collection. Still needs proper error reporting.

r844686 | mass | 2003-01-27 19:08:43 +0000 (Mon, 27 Jan 2003)

* subversion/libsvn_ra_dav/session.c : Cleaned up documentation of
  get_server_setting and get_server_setting_int to match doxygen style. 
  Changed pointer declarations to match subversion style (right-aligned

r844706 | mass | 2003-01-28 06:28:06 +0000 (Tue, 28 Jan 2003)

Avoid re-reading the server config, and report errors via neon.

* subversion/libsvn_subr/config_file.c 
  (svn_config_ensure) : generate comments about SSL server options.
* subversion/libsvn_ra_dav/session.c : 
  (struct ssl_verify_baton_t) : removed svn_error_t member, added svn_config_t member
  (ssl_set_verify_callback) : pass svn_config_t. No need now for a subpool.

r844725 | mass | 2003-01-29 20:02:14 +0000 (Wed, 29 Jan 2003)

Adjusted symbols which began with an ssl prefix, to make it clearer that they
are not part of the OpenSSL library.

* subversion/libsvn_ra_dav/session.c:
  (struct svn_ssl_verify_baton_t) : Renamed from ssl_verify_baton_t.
  (svn_ssl_set_verify_callback) : Renamed from ssl_set_verify_callback,
  adjusted for other symbol name changes.
  (svn_ra_dav__open) : Adjusted for above.

r844748 | mass | 2003-01-30 20:01:27 +0000 (Thu, 30 Jan 2003)

Renamed to indicate struct/functions are not API

* subversion/libsvn_ra_dav/session.c
  (struct verify_ssl_baton_t) : Renamed from svn_ssl_verify_baton_t
  (verify_ssl_callback) : Renamed from svn_ssl_set_verify_callback, adjusted
  for verify_ssl_baton_t name-change
  (svn_ra_dav__open) : Adjusted accordingly.

r845249 | mass | 2003-03-02 06:40:28 +0000 (Sun, 02 Mar 2003)

* issue-650-ssl-certs: remove branch with previous SSL server cert work, to replaced soon by an auth provider mechanism

r845258 | mass | 2003-03-02 21:41:50 +0000 (Sun, 02 Mar 2003)

create new branch for ssl client and server certificate handling

r845281 | mass | 2003-03-05 06:13:12 +0000 (Wed, 05 Mar 2003)

Work towards proper SSL certificate support in the form of auth providers.
This contains most of the logic needed for server certificate validation
against a configuration, while the client providers are stubbed.

* include/svn_ra_dav.h : New file
   svn_ra_dav_get_ssl_client_password_file_provider) : new functions
      for retrieving config file providers for ssl functionality
* include/svn_auth.h
  (SVN_AUTH_CRED_CLIENT_SSL, svn_auth_cred_client_ssl_t) : New auth
      credential type to trigger loading client cert files 
  (SVN_AUTH_CRED_CLIENT_PASS_SSL, svn_auth_cred_client_ssl_pass_t) :
      New auth credential type for requesting client cert passwords 
  (SVN_AUTH_CRED_SERVER_SSL, svn_auth_cred_server_ssl_t) : New auth
      credential type for requesting server cert validation overrides
  (SVN_AUTH_PARAM_SSL_SERVER_DNAME) : New parameter for passing in
      certificate fields 
* libsvn_ra_dav/ra_dav.h (svn_ra_session_t) : Added parameters to hold
      servers configuration and any override group for the server. 
* libsvn_ra_dav/session.c
  (get_server_setting) : New function to retrieve a value from the
      servers config 
  (get_server_setting_int) : New function to retrieve a value from the
      servers config as an integer 
  (server_ssl_file_first_credentials, server_ssl_file_provider,
      svn_ra_dav_get_ssl_server_file_provider) : implement file-based
      server ssl auth provider 
   svn_ra_dav_get_ssl_client_file_provider) : implement file-based
      client ssl cert loader auth provider 
   svn_ra_dav_get_ssl_client_password_file_provider) : implement
      file-based client ssl cert password auth provider 
  (ssl_set_verify_callback) : renamed to server_ssl_callback
  (server_ssl_callback) : now uses auth provider
  (client_ssl_keypw_callback) : New function, call auth provider
  (client_ssl_callback) : same
  (get_server_settings) : take a svn_config_t* rather than looking it
      up internally, since the lookup is now happening outside the
      function anyways.
  (svn_ra_dav__open) : load list of trusted certificate authorities
      based on config, plug in new callbacks 

r845310 | mass | 2003-03-07 07:34:20 +0000 (Fri, 07 Mar 2003)

Correct behavior of SSL server connections; the branch now is back up
to the same point as it was in the previous branch.

* include/svn_auth.h
   (SVN_AUTH_PARAM_SSL_SERVER_CERTIFICATE) : added for passing ssl
   certificate struct around
   previously accepted ssl server validation failures forward to next
   passing in configuration and server group for file-based providers.
* libsvn_subr/config_file.c (svn_config_ensure) : document server ssl
   options in generated config file.
* clients/cmdline/main.c (main) : add file-based ssl providers
* libsvn_ra_dav/ra_dav.h (svn_ra_session_t) : remove cfg and server_group
* libsvn_ra_dav/session.c
   (server_ssl_file_first_credentials) : use config and server group
   from apr_hash_t.
   (svn_ra_dav__open) : store cfg and server_group in auth param hash
   rather than in svn_ra_session_t structure.

r845311 | mass | 2003-03-07 08:06:55 +0000 (Fri, 07 Mar 2003)

libsvn_subr/config_file, libsvn_ra_dav/session.c, clients/cmdline/main.c : Convert tabs to spaces

r845331 | mass | 2003-03-10 06:25:12 +0000 (Mon, 10 Mar 2003)

Implemented file providers for client certs, including passphrase support
via a line in the config. So, it is now possible to authenticate using a ssl

* include/svn_auth.h
  (struct svn_auth_cred_client_ssl_t) : now providers return filenames
      instead of attempting to load certificate themselves
* libsvn_ra_dav/session.c
  (server_ssl_callback) : rename "ignore-ssl-unknown-ca",
     "ignore-ssl-host-mismatch" and "ignore-ssl-invalid-date" to instead
     have a prefix of "ssl-ignore-*"
   client_ssl_pw_file_first_credentials) : Implemented stub functions
  (client_ssl_callback) : altered to match svn_auth_cred_client_ssl_t
* libsvn_subr/config_file.c
  (svn_config_ensure) : added ssl client config options

r845351 | mass | 2003-03-11 14:17:09 +0000 (Tue, 11 Mar 2003)

Cleanup from sussman's review.

* libsvn_subr (svn_config_ensure) : Correct example for the SSL server
     flags in the generated configuration

* include/svn_ra_dav.h
   svn_ra_dav_get_ssl_client_file_provider) : added more-triumphant docs
  (svn_ra_dav_get_ssl_pw_file_provider) : renamed from
     svn_ra_dav_get_ssl_client_password_file_provider, added more-triumphant
* include/svn_auth. (struct svn_auth_cred_client_ssl_t) : more explicit
     docs explaining that cert_file and key_file are full paths
* clients/cmdline/main.c (main) : modified for name change above

*  libsvn_ra_dav/session.c : reformat file for 80 columns
   (svn_ra_dav_get_ssl_pw_file_provider) : renamed as above

r845360 | mass | 2003-03-12 04:20:49 +0000 (Wed, 12 Mar 2003)

Cleanup of comments 

* include/svn_ra_dav.h
   svn_ra_dav_get_ssl_pw_file_provider) : rewrite doxygen comments

r845391 | mass | 2003-03-14 04:35:46 +0000 (Fri, 14 Mar 2003)

Move the auth providers from svn_ra_dav to svn_client, and update the cmdline
client to match. Also define local versions of some Neon constants to
decouple clients.

* include/svn_ra_dav.h
   svn_ra_dav_get_ssl_pw_file_provider) : rename to
      and svn_client_get_ssl_pw_file_provider respectively, and move to 

* include/svn_auth.h
   NE_SSL_UNKNOWNCA. This eliminates the dependancy on neon for the
   providers (except for retrieving additional data from the
   auth_baton later)

* libsvn_ra_dav/session.c
  (get_server_setting, get_server_setting_int): made global functions
     in config, renamed to svn_config_get_server_setting and 
     svn_config_get_server_setting_int and moved impl to
     libsvn_subr/config.c. Moved providers above into

* cients/cmdline/main.c (main) : update with new svn_client* provider names
* libsvn_client/auth.c : See above
* include/svn_client.h : See above
* include/svn_config.h : See above
* libsvn_subr/config.c : See above

r845423 | mass | 2003-03-16 06:24:47 +0000 (Sun, 16 Mar 2003)

Some cleanup, and new improved/implemented prompting providers for the
   command-line client.

* include/svn_ra_dav.h : move to svn_client.h, removing file.

* include/svn_auth.h (struct svn_auth_ssl_cert_type_t) : move out from
      svn_auth_cred_client_ssl_t as own type
  (SVN_AUTH_PARAM_SSL_SERVER_FAILURES_MASKED): remove masked failures; sussman
      commented that auth providers should not be reliant on one-another.

* libsvn_ra_dav/session.c
   svn_ra_dav_get_ssl_pw_prompt_provider) : move to
  (server_ssl_callback) : remove masked failures; sussman commented that
      auth providers should not be reliant on one-another.
  (client_ssl_callback) : use neon methods to load client certificate, 
      based on type

* include/svn_client.h 
   svn_client_get_ssl_pw_prompt_provider): renamed from 
  (svn_client_get_ssl_server_file_provider) : comment 

* libsvn_client/auth.c
   client_ssl_pw_prompt_first_cred) : New functions
  (struct server_ssl_prompt_provider,
   struct client_ssl_prompt_provider,
   struct client_ssl_pass_prompt_provider) : New structures
  (client_ssl_cert_file_first_credentials) : correct handling of certain cases
      where not all the parameters are specified.
  (client_ssl_pw_file_first_credentials) : actually return password
  (struct cred_ssl_provider_baton) : structure to hold prompt function / baton

* clients/cmdline/main.c (main) : add prompting providers above

r845591 | sussman | 2003-04-01 22:02:44 +0000 (Tue, 01 Apr 2003)

Fixes/cleanups for the certificate-handling code.

Patch by: David Waite <mass@akuma.org>

* include/svn_auth.h
* include/svn_client.h
   svn_client_get_ssl_pw_file_provider) : change void **prompt_baton
      to void *prompt_baton
* libsvn_client/auth.c
   server_ssl_prompt_first_cred) : set iter_baton reference to NULL
   svn_client_get_ssl_pw_file_provider) : see above
   server_ssl_prompt_first_cred) : do not return credentials if not all
   failures were approved
  (server_ssl_file_first_credentials) : Chris Foote's server file changes -
     stringently verify ssl-ignore-unknown-ca, ssl-ignore-invalid-date, and
     ssl-ignore-host-mismatch options are set to "true".
* libsvn_ra_dav/session.c
  (server_ssl_callback): remove SVN_AUTH_PARAM_SSL_SERVER_CERTIFICATE
     initializer, use intermediate "void *creds" to avoid aliasing warning
  (client_ssl_keypw_callback, client_ssl_callback): use intermediate
     "void *creds" to avoid aliasing warning

r846938 | mass | 2003-08-25 18:00:20 +0000 (Mon, 25 Aug 2003)

First stab at neon 0.24 support. It is usable for SSL with or without
client authentication, but with the following caveats: 
- ssl-authorities-file only supports loading a single CA certificate
  (due to neon API change) 
- client certificate must be a PKCS#12 file (neon API change)
- ssl-authorities-file and client certificate are not currently freed

* subversion/libsvn_ra_dav/session.c
  (client_ssl_callback): Added code for Neon 0.24 compatibility
  (svn_ra_dav__open): removed dead, #if'd TLS upgrade code. Remove
      #if'd persistent connection shutoff code. Added code for Neon
      0.24 compatibility

r847003 | mass | 2003-08-30 07:01:14 +0000 (Sat, 30 Aug 2003)

Remove support for .PEM-formatted client certificates. Support for
client PEM certificates is removed in Neon 0.24, and support for
multiple certificate file formats is not neccessary.

* subversion/include/svn_auth.h
  (struct svn_auth_ssl_cert_type_t): removed unneeded structure
  (struct svn_auth_cred_client_ssl_t): removed members required to
     support PEM certificates (optional private key location, and
     certificate format selector)

* subversion/libsvn_subr/config_file.c
  (svn_config_ensure): remove unused options from generated 'servers'
     config, add note that the client certificate is in PKCS12 format.

* subversion/libsvn_client/auth.c
   client_ssl_prompt_first_cred): remove code for choosing and
     configuring PEM support 

* subversion/libsvn_ra_dav/session.c
  (svn_auth_first_credentials): remove code relating to PEM support

r847004 | mass | 2003-08-31 00:51:42 +0000 (Sun, 31 Aug 2003)

Remove remaining traces of ssl-client-key-file and ssl-client-cert-type.

* subversion/include/svn_config.h
   SVN_CONFIG_OPTION_SSL_CLIENT_KEY_FILE): remove unused constants

* subversion/libsvn_client/auth.c
  (client_ssl_prompt_first_cred): use unused variables

r847005 | mass | 2003-08-31 01:02:24 +0000 (Sun, 31 Aug 2003)

Make changes neccessary for CA certificate loading which is compatible
with both neon 0.23 and 0.24.

This includes documentation and setup changes, the user-affecting one
being the format of the ssl-authorities-file option in the 'servers'
config has changed. It is now meant to be a semicolon-separated list
of individual PEM-encoded CA certificates, where before it was a
single file holding all of the PEM-encoded certificates.

* subversion/include/svn_config.h
     SSL_CONFIG_OPTION_SSL_AUTHORITY_FILES, and change the value to

* subversion/libsvn_subr/config_file.c
  (svn_config_ensure): update "ssl-authorities-file" to
     "ssl-authority-files", document the expected format
     (semicolon-delimited PEM files), and update the commented
     examples to use the new name and include multiple certificates.
* subversion/libsvn_ra_dav/session.c
  (svn_ra_dav__open): loop across files in ssl-authority-files config
     value, loading each certificate.

r847026 | mass | 2003-09-02 22:58:04 +0000 (Tue, 02 Sep 2003)

Final cleanups for merging the neon-0.24 code to HEAD

* build/buildcheck.sh
  (NEON_WANTED_REGEX): changed to accept both 0.23.x and 0.24.x
  (NEON_LATEST_WORKING_VERSION): updated to 0.24.0

* subversion/libsvn_ra_dav/session.c
  (client_ssl_callback): do not continue if the certificate specified failed
     to load.