[prev in list] [next in list] [prev in thread] [next in thread]
List: subversion-issues
Subject: [Issue 4416] New - Anonymous checkout of public directory hosted by pre-1.8 fails if repo root is no
From: marktsuchida () tigris ! org
Date: 2013-08-22 5:04:38
Message-ID: iz4416 () subversion ! tigris ! org
[Download RAW message or body]
http://subversion.tigris.org/issues/show_bug.cgi?id=4416
Issue #|4416
Summary|Anonymous checkout of public directory hosted by pre-1
|.8 fails if repo root is not public
Component|subversion
Version|1.8.x
Platform|All
URL|
OS/Version|All
Status|NEW
Status whiteboard|
Keywords|
Resolution|
Issue type|DEFECT
Priority|P2
Subcomponent|libsvn_client
Assigned to|issues@subversion
Reported by|marktsuchida
------- Additional comments from marktsuchida@tigris.org Wed Aug 21 22:04:38 -0700 2013 -------
The 1.8.0 and 1.8.1 clients (tested with Linux and OS X command line and
Windows TortoiseSVN, though not every possible version-OS combination) do not
allow anonymous users to check out a public directory in a repository hosted by
the 1.6.11 (CentOS) server, if the root of the repository is not publicly
readable.
Complete steps to set up a server to reproduce:
(Using HTTP for testing but the behavior is the same if HTTPS is used.)
1. Start a fresh CentOS 6.4 VM and run sudo yum install mod_dav_svn subversion httpd
(I tested with mod_dav_svn-1.6.11-9.el6_4.x86_64,
subversion-1.6.11-9.el6_4.x86_64, and httpd-2.2.15-29.el6_4.x86_64)
2. Open port 80, set ServerName in /etc/httpd/conf/httpd.conf
3. Put the following in /etc/httpd/conf.d/subversion.conf:
-- begin --
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
<Location /svn>
DAV svn
SVNParentPath /var/www/svn
AuthType Basic
AuthName "SVN Realm"
AuthUserFile /etc/svn-auth-conf
AuthzSVNAccessFile /etc/svn-acl-conf
Satisfy Any
Require valid-user
</Location>
-- end --
4. Set password for one user via sudo htpasswd -cm /etc/svn-auth-conf testadmin
5. Put the following in /etc/svn-acl-conf:
-- begin --
[/]
testadmin = rw
* =
[myrepo:/trunk]
testadmin = rw
* = r
-- end --
6. sudo svnadmin create /var/www/svn/myrepo
7. Import an initial revision containing the trunk directory
8. sudo service httpd start
Symptom:
With an 1.8.1 client,
$ svn co http://example.com/svn/myrepo/trunk
-> Requires username/password, unexpectedly
$ svn co http://example.com/svn/myrepo
-> Requires username/password, as expected
$ svn list http://example.com/svn/myrepo/trunk
-> Succeeds without username/password.
Whereas, with an 1.6.18 (neon), 1.7.11 (neon), or 1.7.11 (serf) client,
$ svn co http://example.com/svn/myrepo/trunk
-> Succeeds without username/password, as expected
Access log for successful checkout with 1.7.11 (neon) client:
xx.xx.xx.xx - - [22/Aug/2013:00:41:00 -0400] "OPTIONS /svn/myrepo/trunk HTTP/1.1" 200 190 "-"
"SVN/1.7.11 neon/0.29.6"
xx.xx.xx.xx - - [22/Aug/2013:00:41:00 -0400] "PROPFIND /svn/myrepo/trunk HTTP/1.1" 207 690 "-"
"SVN/1.7.11 neon/0.29.6"
xx.xx.xx.xx - - [22/Aug/2013:00:41:00 -0400] "PROPFIND /svn/myrepo/!svn/vcc/default HTTP/1.1" 207
402 "-" "SVN/1.7.11 neon/0.29.6"
xx.xx.xx.xx - - [22/Aug/2013:00:41:00 -0400] "PROPFIND /svn/myrepo/!svn/bln/1 HTTP/1.1" 207 453 "-
" "SVN/1.7.11 neon/0.29.6"
xx.xx.xx.xx - - [22/Aug/2013:00:41:00 -0400] "PROPFIND /svn/myrepo/trunk HTTP/1.1" 207 690 "-"
"SVN/1.7.11 neon/0.29.6"
xx.xx.xx.xx - - [22/Aug/2013:00:41:00 -0400] "PROPFIND /svn/myrepo/!svn/vcc/default HTTP/1.1" 207
453 "-" "SVN/1.7.11 neon/0.29.6"
xx.xx.xx.xx - - [22/Aug/2013:00:41:00 -0400] "PROPFIND /svn/myrepo/!svn/bc/1/trunk HTTP/1.1" 207
700 "-" "SVN/1.7.11 neon/0.29.6"
xx.xx.xx.xx - - [22/Aug/2013:00:41:00 -0400] "OPTIONS /svn/myrepo/trunk HTTP/1.1" 200 190 "-"
"SVN/1.7.11 neon/0.29.6"
xx.xx.xx.xx - - [22/Aug/2013:00:41:00 -0400] "PROPFIND /svn/myrepo/trunk HTTP/1.1" 207 690 "-"
"SVN/1.7.11 neon/0.29.6"
xx.xx.xx.xx - - [22/Aug/2013:00:41:00 -0400] "PROPFIND /svn/myrepo/trunk HTTP/1.1" 207 690 "-"
"SVN/1.7.11 neon/0.29.6"
xx.xx.xx.xx - - [22/Aug/2013:00:41:00 -0400] "PROPFIND /svn/myrepo/!svn/vcc/default HTTP/1.1" 207
402 "-" "SVN/1.7.11 neon/0.29.6"
xx.xx.xx.xx - - [22/Aug/2013:00:41:00 -0400] "PROPFIND /svn/myrepo/!svn/bln/1 HTTP/1.1" 207 453 "-
" "SVN/1.7.11 neon/0.29.6"
xx.xx.xx.xx - - [22/Aug/2013:00:41:01 -0400] "REPORT /svn/myrepo/!svn/vcc/default HTTP/1.1" 200
1149 "-" "SVN/1.7.11 neon/0.29.6"
Access log for successful checkout with 1.7.11 (serf) client:
xx.xx.xx.xx - - [22/Aug/2013:00:49:19 -0400] "OPTIONS /svn/myrepo/trunk HTTP/1.1" 200 190 "-"
"SVN/1.7.11 serf/1.3.1"
xx.xx.xx.xx - - [22/Aug/2013:00:49:19 -0400] "PROPFIND /svn/myrepo/trunk HTTP/1.1" 207 690 "-"
"SVN/1.7.11 serf/1.3.1"
xx.xx.xx.xx - - [22/Aug/2013:00:49:20 -0400] "PROPFIND /svn/myrepo/!svn/vcc/default HTTP/1.1" 207
402 "-" "SVN/1.7.11 serf/1.3.1"
xx.xx.xx.xx - - [22/Aug/2013:00:49:20 -0400] "PROPFIND /svn/myrepo/!svn/bln/1 HTTP/1.1" 207 453 "-
" "SVN/1.7.11 serf/1.3.1"
xx.xx.xx.xx - - [22/Aug/2013:00:49:20 -0400] "PROPFIND /svn/myrepo/!svn/bc/1/trunk HTTP/1.1" 207
330 "-" "SVN/1.7.11 serf/1.3.1"
xx.xx.xx.xx - - [22/Aug/2013:00:49:20 -0400] "OPTIONS /svn/myrepo/trunk HTTP/1.1" 200 190 "-"
"SVN/1.7.11 serf/1.3.1"
xx.xx.xx.xx - - [22/Aug/2013:00:49:20 -0400] "PROPFIND /svn/myrepo/trunk HTTP/1.1" 207 690 "-"
"SVN/1.7.11 serf/1.3.1"
xx.xx.xx.xx - - [22/Aug/2013:00:49:20 -0400] "PROPFIND /svn/myrepo/!svn/vcc/default HTTP/1.1" 207
402 "-" "SVN/1.7.11 serf/1.3.1"
xx.xx.xx.xx - - [22/Aug/2013:00:49:20 -0400] "PROPFIND /svn/myrepo/!svn/bln/1 HTTP/1.1" 207 453 "-
" "SVN/1.7.11 serf/1.3.1"
xx.xx.xx.xx - - [22/Aug/2013:00:49:20 -0400] "REPORT /svn/myrepo/!svn/vcc/default HTTP/1.1" 200
471 "-" "SVN/1.7.11 serf/1.3.1"
(Note the PROPFIND /svn/myrepo/!svn/bc/1/trunk)
Access log for unsuccessful anonymous checkout with 1.8.1 client:
xx.xx.xx.xx - - [22/Aug/2013:00:46:21 -0400] "OPTIONS /svn/myrepo/trunk HTTP/1.1" 200 190 "-"
"SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:21 -0400] "OPTIONS /svn/myrepo/trunk HTTP/1.1" 200 97 "-"
"SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:21 -0400] "PROPFIND /svn/myrepo/trunk HTTP/1.1" 207 690 "-"
"SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:21 -0400] "PROPFIND /svn/myrepo/!svn/vcc/default HTTP/1.1" 207
402 "-" "SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:21 -0400] "PROPFIND /svn/myrepo/!svn/bln/1 HTTP/1.1" 207 453 "-
" "SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:21 -0400] "PROPFIND /svn/myrepo/!svn/bc/1/trunk HTTP/1.1" 207
766 "-" "SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:21 -0400] "PROPFIND /svn/myrepo/!svn/vcc/default HTTP/1.1" 207
402 "-" "SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:21 -0400] "PROPFIND /svn/myrepo/trunk HTTP/1.1" 207 269 "-"
"SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:21 -0400] "OPTIONS /svn/myrepo/trunk HTTP/1.1" 200 190 "-"
"SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:21 -0400] "OPTIONS /svn/myrepo/trunk HTTP/1.1" 200 97 "-"
"SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:22 -0400] "PROPFIND /svn/myrepo/trunk HTTP/1.1" 207 690 "-"
"SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:22 -0400] "PROPFIND /svn/myrepo/!svn/vcc/default HTTP/1.1" 207
402 "-" "SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:22 -0400] "PROPFIND /svn/myrepo/!svn/bln/1 HTTP/1.1" 207 453 "-
" "SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:22 -0400] "PROPFIND /svn/myrepo/!svn/bc/1/trunk HTTP/1.1" 207
330 "-" "SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:22 -0400] "OPTIONS /svn/myrepo/trunk HTTP/1.1" 200 190 "-"
"SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:22 -0400] "OPTIONS /svn/myrepo/trunk HTTP/1.1" 200 97 "-"
"SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:22 -0400] "PROPFIND /svn/myrepo/trunk HTTP/1.1" 207 690 "-"
"SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:22 -0400] "PROPFIND /svn/myrepo/!svn/vcc/default HTTP/1.1" 207
402 "-" "SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:23 -0400] "PROPFIND /svn/myrepo/!svn/bln/1 HTTP/1.1" 207 453 "-
" "SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
xx.xx.xx.xx - - [22/Aug/2013:00:46:23 -0400] "PROPFIND /svn/myrepo/!svn/bc/1 HTTP/1.1" 401 518 "-"
"SVN/1.8.1 (x86-microsoft-windows) serf/1.3.0 TortoiseSVN-1.8.1.24570"
(Note the PROPFIND /svn/myrepo/!svn/bc/1, without the /trunk, which fails with a 401 Unauthorized)
Please also see: http://svn.haxx.se/users/archive-2013-08/0334.shtml
I have not tested with server 1.7.x (sorry).
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=463&dsMessageId=3063177
To unsubscribe from this discussion, e-mail: [issues-unsubscribe@subversion.tigris.org].
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic