private void unlock12(Map pathToTokens, boolean force, ISVNLockHandler handler)
     throws SVNException {
   for (Iterator paths = pathToTokens.keySet().iterator(); paths.hasNext(); ) {
     String path = (String) paths.next();
     String id = (String) pathToTokens.get(path);
     path = getRepositoryPath(path);
     if (id == null) {
       Object[] buffer = new Object[] {"get-lock", path};
       write("(w(s))", buffer);
       authenticate();
       read("[((?L))]", buffer, true);
       SVNLock lock = (SVNLock) buffer[0];
       if (lock == null) {
         lock = new SVNLock(path, "", null, null, null, null);
         SVNErrorMessage err =
             SVNErrorMessage.create(SVNErrorCode.RA_NOT_LOCKED, "No lock on path ''{0}''", path);
         handler.handleUnlock(path, lock, err);
         continue;
       }
       id = lock.getID();
     }
     Object[] buffer = new Object[] {"unlock", path, id, Boolean.valueOf(force)};
     write("(w(s(s)w))", buffer);
     authenticate();
     SVNErrorMessage error = null;
     try {
       read("[()]", buffer, true);
     } catch (SVNException e) {
       if (e.getErrorMessage() != null
           && e.getErrorMessage().getErrorCode() == SVNErrorCode.RA_NOT_LOCKED) {
         error = e.getErrorMessage();
         error = SVNErrorMessage.create(error.getErrorCode(), error.getMessageTemplate(), path);
       } else {
         throw e;
       }
     }
     if (handler != null) {
       SVNLock lock = new SVNLock(path, id, null, null, null, null);
       handler.handleUnlock(path, lock, error);
     }
   }
 }
Exemplo n.º 2
0
  public HTTPStatus request(
      String method,
      String path,
      HTTPHeader header,
      InputStream body,
      int ok1,
      int ok2,
      OutputStream dst,
      DefaultHandler handler,
      SVNErrorMessage context)
      throws SVNException {
    if ("".equals(path) || path == null) {
      path = "/";
    }

    // 1. prompt for ssl client cert if needed, if cancelled - throw cancellation exception.
    HTTPSSLKeyManager keyManager =
        myKeyManager == null && myRepository.getAuthenticationManager() != null
            ? createKeyManager()
            : myKeyManager;
    TrustManager trustManager =
        myTrustManager == null && myRepository.getAuthenticationManager() != null
            ? myRepository.getAuthenticationManager().getTrustManager(myRepository.getLocation())
            : myTrustManager;

    String sslRealm =
        "<" + myHost.getProtocol() + "://" + myHost.getHost() + ":" + myHost.getPort() + ">";
    SVNAuthentication httpAuth = myLastValidAuth;
    boolean isAuthForced =
        myRepository.getAuthenticationManager() != null
            ? myRepository.getAuthenticationManager().isAuthenticationForced()
            : false;
    if (httpAuth == null && isAuthForced) {
      httpAuth =
          myRepository
              .getAuthenticationManager()
              .getFirstAuthentication(ISVNAuthenticationManager.PASSWORD, sslRealm, null);
      myChallengeCredentials =
          new HTTPBasicAuthentication((SVNPasswordAuthentication) httpAuth, myCharset);
    }
    String realm = null;

    // 2. create request instance.
    HTTPRequest request = new HTTPRequest(myCharset);
    request.setConnection(this);
    request.setKeepAlive(true);
    request.setRequestBody(body);
    request.setResponseHandler(handler);
    request.setResponseStream(dst);

    SVNErrorMessage err = null;
    boolean ntlmAuthIsRequired = false;
    boolean ntlmProxyAuthIsRequired = false;
    boolean negoAuthIsRequired = false;
    int authAttempts = 0;
    while (true) {
      HTTPStatus status = null;
      if (System.currentTimeMillis() >= myNextRequestTimeout) {
        SVNDebugLog.getDefaultLog().logFine(SVNLogType.NETWORK, "Keep-Alive timeout detected");
        close();
      }
      int retryCount = 1;
      try {
        err = null;
        String httpAuthResponse = null;
        String proxyAuthResponse = null;
        while (retryCount >= 0) {
          connect(keyManager, trustManager);
          request.reset();
          request.setProxied(myIsProxied);
          request.setSecured(myIsSecured);
          if (myProxyAuthentication != null
              && (ntlmProxyAuthIsRequired
                  || !"NTLM".equals(myProxyAuthentication.getAuthenticationScheme()))) {
            if (proxyAuthResponse == null) {
              request.initCredentials(myProxyAuthentication, method, path);
              proxyAuthResponse = myProxyAuthentication.authenticate();
            }
            request.setProxyAuthentication(proxyAuthResponse);
          }

          if (myChallengeCredentials != null
              && (ntlmAuthIsRequired
                  || negoAuthIsRequired
                  || ((!"NTLM".equals(myChallengeCredentials.getAuthenticationScheme()))
                          && !"Negotiate".equals(myChallengeCredentials.getAuthenticationScheme()))
                      && httpAuth != null)) {
            if (httpAuthResponse == null) {
              request.initCredentials(myChallengeCredentials, method, path);
              httpAuthResponse = myChallengeCredentials.authenticate();
            }
            request.setAuthentication(httpAuthResponse);
          }

          try {
            request.dispatch(method, path, header, ok1, ok2, context);
            break;
          } catch (EOFException pe) {
            // retry, EOF always means closed connection.
            if (retryCount > 0) {
              close();
              continue;
            }
            throw (IOException) new IOException(pe.getMessage()).initCause(pe);
          } finally {
            retryCount--;
          }
        }
        myNextRequestTimeout = request.getNextRequestTimeout();
        status = request.getStatus();
      } catch (SSLHandshakeException ssl) {
        myRepository.getDebugLog().logFine(SVNLogType.NETWORK, ssl);
        close();
        if (ssl.getCause() instanceof SVNSSLUtil.CertificateNotTrustedException) {
          SVNErrorManager.cancel(ssl.getCause().getMessage(), SVNLogType.NETWORK);
        }
        SVNErrorMessage sslErr =
            SVNErrorMessage.create(
                SVNErrorCode.RA_NOT_AUTHORIZED,
                "SSL handshake failed: ''{0}''",
                new Object[] {ssl.getMessage()},
                SVNErrorMessage.TYPE_ERROR,
                ssl);
        if (keyManager != null) {
          keyManager.acknowledgeAndClearAuthentication(sslErr);
        }
        err = SVNErrorMessage.create(SVNErrorCode.RA_DAV_REQUEST_FAILED, ssl);
        // continue; http://svnkit.com/tracker/view.php?id=301 - Kohsuke
      } catch (IOException e) {
        myRepository.getDebugLog().logFine(SVNLogType.NETWORK, e);
        if (e instanceof SocketTimeoutException) {
          err =
              SVNErrorMessage.create(
                  SVNErrorCode.RA_DAV_REQUEST_FAILED,
                  "timed out waiting for server",
                  null,
                  SVNErrorMessage.TYPE_ERROR,
                  e);
        } else if (e instanceof UnknownHostException) {
          err =
              SVNErrorMessage.create(
                  SVNErrorCode.RA_DAV_REQUEST_FAILED,
                  "unknown host",
                  null,
                  SVNErrorMessage.TYPE_ERROR,
                  e);
        } else if (e instanceof ConnectException) {
          err =
              SVNErrorMessage.create(
                  SVNErrorCode.RA_DAV_REQUEST_FAILED,
                  "connection refused by the server",
                  null,
                  SVNErrorMessage.TYPE_ERROR,
                  e);
        } else if (e instanceof SVNCancellableOutputStream.IOCancelException) {
          SVNErrorManager.cancel(e.getMessage(), SVNLogType.NETWORK);
        } else if (e instanceof SSLException) {
          err = SVNErrorMessage.create(SVNErrorCode.RA_DAV_REQUEST_FAILED, e);
        } else {
          err = SVNErrorMessage.create(SVNErrorCode.RA_DAV_REQUEST_FAILED, e);
        }
      } catch (SVNException e) {
        myRepository.getDebugLog().logFine(SVNLogType.NETWORK, e);
        // force connection close on SVNException
        // (could be thrown by user's auth manager methods).
        close();
        throw e;
      } finally {
        finishResponse(request);
      }

      if (err != null) {
        close();
        break;
      }

      if (keyManager != null) {
        myKeyManager = keyManager;
        myTrustManager = trustManager;
        keyManager.acknowledgeAndClearAuthentication(null);
      }

      if (status.getCode() == HttpURLConnection.HTTP_FORBIDDEN) {
        myLastValidAuth = null;
        close();
        err = request.getErrorMessage();
      } else if (myIsProxied && status.getCode() == HttpURLConnection.HTTP_PROXY_AUTH) {
        Collection proxyAuthHeaders =
            request.getResponseHeader().getHeaderValues(HTTPHeader.PROXY_AUTHENTICATE_HEADER);
        try {
          myProxyAuthentication =
              HTTPAuthentication.parseAuthParameters(
                  proxyAuthHeaders, myProxyAuthentication, myCharset);
        } catch (SVNException svne) {
          myRepository.getDebugLog().logFine(SVNLogType.NETWORK, svne);
          err = svne.getErrorMessage();
          break;
        }

        if (myProxyAuthentication instanceof HTTPNTLMAuthentication) {
          ntlmProxyAuthIsRequired = true;
          HTTPNTLMAuthentication ntlmProxyAuth = (HTTPNTLMAuthentication) myProxyAuthentication;
          if (ntlmProxyAuth.isInType3State()) {
            continue;
          }
        }

        err =
            SVNErrorMessage.create(
                SVNErrorCode.RA_NOT_AUTHORIZED, "HTTP proxy authorization failed");
        SVNURL location = myRepository.getLocation();
        ISVNAuthenticationManager authManager = myRepository.getAuthenticationManager();
        ISVNProxyManager proxyManager =
            authManager != null ? authManager.getProxyManager(location) : null;
        if (proxyManager != null) {
          proxyManager.acknowledgeProxyContext(false, err);
        }
        close();

        break;
      } else if (status.getCode() == HttpURLConnection.HTTP_UNAUTHORIZED) {
        authAttempts++; // how many times did we try?

        Collection authHeaderValues =
            request.getResponseHeader().getHeaderValues(HTTPHeader.AUTHENTICATE_HEADER);
        if (authHeaderValues == null || authHeaderValues.size() == 0) {
          err = request.getErrorMessage();
          status.setError(
              SVNErrorMessage.create(
                  SVNErrorCode.RA_DAV_REQUEST_FAILED,
                  err.getMessageTemplate(),
                  err.getRelatedObjects()));
          if ("LOCK".equalsIgnoreCase(method)) {
            status
                .getError()
                .setChildErrorMessage(
                    SVNErrorMessage.create(
                        SVNErrorCode.UNSUPPORTED_FEATURE,
                        "Probably you are trying to lock file in repository that only allows anonymous access"));
          }
          SVNErrorManager.error(status.getError(), SVNLogType.NETWORK);
          return status;
        }

        // we should work around a situation when a server
        // does not support Basic authentication while we're
        // forcing it, credentials should not be immediately
        // thrown away
        boolean skip = false;
        isAuthForced =
            myRepository.getAuthenticationManager() != null
                ? myRepository.getAuthenticationManager().isAuthenticationForced()
                : false;
        if (isAuthForced) {
          if (httpAuth != null
              && myChallengeCredentials != null
              && !HTTPAuthentication.isSchemeSupportedByServer(
                  myChallengeCredentials.getAuthenticationScheme(), authHeaderValues)) {
            skip = true;
          }
        }

        try {
          myChallengeCredentials =
              HTTPAuthentication.parseAuthParameters(
                  authHeaderValues, myChallengeCredentials, myCharset);
        } catch (SVNException svne) {
          err = svne.getErrorMessage();
          break;
        }

        myChallengeCredentials.setChallengeParameter("methodname", method);
        myChallengeCredentials.setChallengeParameter("uri", path);

        if (skip) {
          close();
          continue;
        }

        HTTPNTLMAuthentication ntlmAuth = null;
        HTTPNegotiateAuthentication negoAuth = null;
        if (myChallengeCredentials instanceof HTTPNTLMAuthentication) {
          ntlmAuthIsRequired = true;
          ntlmAuth = (HTTPNTLMAuthentication) myChallengeCredentials;
          if (ntlmAuth.isInType3State()) {
            continue;
          }
        } else if (myChallengeCredentials instanceof HTTPDigestAuthentication) {
          // continue (retry once) if previous request was acceppted?
          if (myLastValidAuth != null) {
            myLastValidAuth = null;
            continue;
          }
        } else if (myChallengeCredentials instanceof HTTPNegotiateAuthentication) {
          negoAuthIsRequired = true;
          negoAuth = (HTTPNegotiateAuthentication) myChallengeCredentials;
          if (negoAuth.isStarted()) {
            continue;
          }
        }

        myLastValidAuth = null;

        if (ntlmAuth != null && ntlmAuth.isNative() && authAttempts == 1) {
          /*
           * if this is the first time we get HTTP_UNAUTHORIZED, NTLM is the target auth scheme
           * and JNA is available, we should try a native auth mechanism first without calling
           * auth providers.
           */
          continue;
        }

        if (negoAuth != null) {
          continue;
        }

        ISVNAuthenticationManager authManager = myRepository.getAuthenticationManager();
        if (authManager == null) {
          err = request.getErrorMessage();
          break;
        }

        realm = myChallengeCredentials.getChallengeParameter("realm");
        realm = realm == null ? "" : " " + realm;
        realm =
            "<"
                + myHost.getProtocol()
                + "://"
                + myHost.getHost()
                + ":"
                + myHost.getPort()
                + ">"
                + realm;

        if (httpAuth == null) {
          httpAuth =
              authManager.getFirstAuthentication(
                  ISVNAuthenticationManager.PASSWORD, realm, myRepository.getLocation());
        } else {
          authManager.acknowledgeAuthentication(
              false,
              ISVNAuthenticationManager.PASSWORD,
              realm,
              request.getErrorMessage(),
              httpAuth);
          httpAuth =
              authManager.getNextAuthentication(
                  ISVNAuthenticationManager.PASSWORD, realm, myRepository.getLocation());
        }

        if (httpAuth == null) {
          err = SVNErrorMessage.create(SVNErrorCode.CANCELLED, "HTTP authorization cancelled");
          break;
        }
        if (httpAuth != null) {
          myChallengeCredentials.setCredentials((SVNPasswordAuthentication) httpAuth);
        }
        continue;
      } else if (status.getCode() == HttpURLConnection.HTTP_MOVED_PERM
          || status.getCode() == HttpURLConnection.HTTP_MOVED_TEMP) {
        close();
        String newLocation =
            request.getResponseHeader().getFirstHeaderValue(HTTPHeader.LOCATION_HEADER);
        if (newLocation == null) {
          err = request.getErrorMessage();
          break;
        }
        int hostIndex = newLocation.indexOf("://");
        if (hostIndex > 0) {
          hostIndex += 3;
          hostIndex = newLocation.indexOf("/", hostIndex);
        }
        if (hostIndex > 0 && hostIndex < newLocation.length()) {
          String newPath = newLocation.substring(hostIndex);
          if (newPath.endsWith("/")
              && !newPath.endsWith("//")
              && !path.endsWith("/")
              && newPath.substring(0, newPath.length() - 1).equals(path)) {
            path += "//";
            continue;
          }
        }
        err = request.getErrorMessage();
      } else if (request.getErrorMessage() != null) {
        err = request.getErrorMessage();
      } else {
        ntlmProxyAuthIsRequired = false;
        ntlmAuthIsRequired = false;
        negoAuthIsRequired = false;
      }

      if (err != null) {
        break;
      }

      if (myIsProxied) {
        SVNURL location = myRepository.getLocation();
        ISVNAuthenticationManager authManager = myRepository.getAuthenticationManager();
        ISVNProxyManager proxyManager =
            authManager != null ? authManager.getProxyManager(location) : null;
        if (proxyManager != null) {
          proxyManager.acknowledgeProxyContext(true, null);
        }
      }

      if (httpAuth != null && realm != null && myRepository.getAuthenticationManager() != null) {
        myRepository
            .getAuthenticationManager()
            .acknowledgeAuthentication(
                true, ISVNAuthenticationManager.PASSWORD, realm, null, httpAuth);
      }
      if (trustManager != null && myRepository.getAuthenticationManager() != null) {
        myRepository.getAuthenticationManager().acknowledgeTrustManager(trustManager);
      }

      if (httpAuth != null) {
        myLastValidAuth = httpAuth;
      }

      status.setHeader(request.getResponseHeader());
      return status;
    }
    // force close on error that was not processed before.
    // these are errors that has no relation to http status (processing error or cancellation).
    close();
    if (err != null
        && err.getErrorCode().getCategory() != SVNErrorCode.RA_DAV_CATEGORY
        && err.getErrorCode() != SVNErrorCode.UNSUPPORTED_FEATURE) {
      SVNErrorManager.error(err, SVNLogType.NETWORK);
    }
    // err2 is another default context...
    //        myRepository.getDebugLog().info(err.getMessage());
    myRepository.getDebugLog().logFine(SVNLogType.NETWORK, new Exception(err.getMessage()));
    SVNErrorMessage err2 =
        SVNErrorMessage.create(
            SVNErrorCode.RA_DAV_REQUEST_FAILED,
            "{0} request failed on ''{1}''",
            new Object[] {method, path},
            err.getType(),
            err.getCause());
    SVNErrorManager.error(err, err2, SVNLogType.NETWORK);
    return null;
  }