Oops. Datestamp CHANGES file.

git-svn-id: http://viewvc.tigris.org/svn/viewvc/tags/1.1.19@2886 8cb11bc2-c004-0410-86c3-e597b4017df7
Tag the 1.1.19 final release.
2019-04-16 04:14:59 +03:00 · 2013-04-22 19:21:28 +00:00 · 2013-04-22 19:09:17 +00:00 · 2013-04-19 20:41:18 +00:00 · 2013-04-19 20:35:23 +00:00 · 2013-04-18 14:06:58 +00:00
69 changed files with 3617 additions and 1430 deletions
--- a/124
+++ b/124
@@ -1,3 +1,127 @@
+Version 1.1.19 (released 22-Apr-2013)
+
+  * improve root lookup performance (issue #523)
+  * new 'max_filesize_kbytes' config option and handling (issue #524)
+  * tarball generation improvements:
+    - preserve Subversion symlinks in generated tarballs (issue #487)
+    - reduce memory usage of tarball generation logic
+    - fix double compression of generated tarballs (issue #525)
+  * file content handling improvements:
+    - expanded support for encoding detection and transcoding (issue #11)
+    - fix tab-to-space conversion bugs in markup, annotate, and diff views
+    - fix handling of trailing whitespace in diff view
+  * add support for timestamp display in ISO8601 format (issue #46)
+
+Version 1.1.18 (released 28-Feb-2013)
+
+  * fix exception raised by BDB-backed SVN repositories (issue #519)
+  * hide revision-less files when rcsparse is in use
+  * include branchpoints in branch views using rcsparse (issue #347)
+  * miscellaneous cvsdb improvements:
+    - add --port option to make-database (issue #521)
+    - explicitly name columns in queries (issue #522)
+    - update MySQL syntax to avoid discontinued "TYPE=" terms
+
+Version 1.1.17 (released 25-Oct-2012)
+
+  * fix exception caused by uninitialized variable usage (issue #516)
+
+Version 1.1.16 (released 24-Oct-2012)
+
+  * security fix: escape "extra" diff info to avoid XSS attack (issue #515)
+  * add 'binary_mime_types' configuration option and handling (issue #510)
+  * fix 'select for diffs' persistence across log pages (issue #512)
+  * remove lock status and filesize check on directories in remote SVN views
+  * fix bogus 'Annotation of' page title for non-annotated view (issue #514)
+
+Version 1.1.15 (released 22-Jun-2012)
+
+  * security fix: complete authz support for remote SVN views (issue #353)
+  * security fix: log msg leak in SVN revision view with unreadable copy source
+  * fix several instances of incorrect information in remote SVN views
+  * increase performance of some revision metadata lookups in remote SVN views
+  * fix RSS feed regression introduced in 1.1.14
+
+Version 1.1.14 (released 12-Jun-2012)
+
+  * fix annotation of svn files with non-URI-safe paths (issue #504)
+  * handle file:/// Subversion rootpaths as local roots (issue #446)
+  * fix bug caused by trying to case-normalize anon usernames (issue #505)
+  * speed up log handling by reusing tokenization results (issue #506)
+  * add support for custom revision log markup rules (issue #246)
+
+Version 1.1.13 (released 23-Jan-2012)
+
+  * fix svndbadmin failure on deleted paths under Subversion 1.7 (issue #499)
+  * fix annotation of files in svn roots with non-URI-safe paths
+  * fix stray annotation warning in markup display of images
+  * more gracefully handle attempts to display binary content (issue #501)
+
+Version 1.1.12 (released 03-Nov-2011)
+
+  * fix path display in patch and certain diff views (issue #485)
+  * fix broken cvsdb glob searching (issue 486)
+  * allow svn revision specifiers to have leading r's (issue #441, #448) 
+  * allow environmental override of configuration location (issue #494)
+  * fix exception HTML-escaping non-string data under WSGI (issue #454)
+  * add links to root logs from roots view (issue #470)
+  * use Pygments lexer-guessing functionality (issue #495)
+
+Version 1.1.11 (released 17-May-2011)
+
+  * security fix: remove user-reachable override of cvsdb row limit
+  * fix broken standalone.py -c and -d options handling
+  * add --help option to standalone.py
+  * fix stack trace when asked to checkout a directory (issue #478)
+  * improve memory usage and speed of revision log markup (issue #477)
+  * fix broken annotation view in CVS keyword-bearing files (issue #479)
+  * warn users when query results are incomplete (issue #433)
+  * avoid parsing errors on RCS newphrases in the admin section (issue #483)
+  * make rlog parsing code more robust in certain error cases (issue #444)
+
+Version 1.1.10 (released 15-Mar-2011)
+
+  * fix stack trace in Subversion revision info logic (issue #475, issue #476)
+
+Version 1.1.9 (released 18-Feb-2011)
+
+  * vcauth universal access determinations (issue #425)
+  * rework svn revision info cache for performance
+  * make revision log "extra pages" count configurable
+  * fix Subversion 1.4.x revision log compatibility code regression
+  * display sanitized error when authzfile is malformed
+  * restore markup of URLs in file contents (issue #455)
+  * optionally display last-committed metadata in roots view (issue #457)
+
+Version 1.1.8 (released 02-Dec-2010)
+
+  * fix slowness triggered by allow_compress=1 configuration (issue #467)
+  * allow use of 'fcrypt' for Windows standalone.py authn support (issue #471)
+  * yield more useful error on directory markup/annotate request (issue #472)
+
+Version 1.1.7 (released 09-Sep-2010)
+
+  * display Subversion revision properties in the revision view (issue #453)
+  * fix exception in 'standalone.py -r REPOS' when run without a config file
+  * fix standalone.py server root deployments (--script-alias='')
+  * add Basic authentication support to standalone.py (Unix only) (issue #49)
+  * fix obscure "unexpected NULL parent pool" Subversion bindings error
+  * enable path info / link display in remote Subversion root revision view
+  * fix vhost name case handling inconsistency (issue #466)
+  * use svn:mime-type property charset param as encoding hint
+  * markup Subversion revision references in log messages (issue #313)
+  * add rudimentary support for FastCGI-based deployments (issue #464)
+  * fix query script WSGI deployment
+  * add configuration to fix query script cross-linking to ViewVC
+
+Version 1.1.6 (released 02-Jun-2010)
+
+  * add rudimentary support for WSGI-based deployments (issue #397)
+  * fix exception caused by trying to HTML-escape non-string data (issue #454)
+  * fix incorrect RSS feed Content-Type header (issue #449)
+  * fix RSS <title> encoding problem (issue #451)
+  * allow 'svndbadmin purge' to work on missing repositories (issue #452)
+
 Version 1.1.5 (released 29-Mar-2010)

  * security fix: escape user-provided search_re input to avoid XSS attack
--- a/105
+++ b/105
@@ -19,7 +19,7 @@ Congratulations on getting this far. :-)

    For CVS Support: 

-      * Python 1.5.2 or later
+      * Python 1.5.2 or later (sorry, no 3.x support yet)
          (http://www.python.org/)
      * RCS, Revision Control System
          (http://www.cs.purdue.edu/homes/trinkle/RCS/)
@@ -30,11 +30,11 @@ Congratulations on getting this far. :-)

    For Subversion Support:

-      * Python 2.0 or later
+      * Python 2.0 or later (sorry, no 3.x support yet)
          (http://www.python.org/)
      * Subversion, Version Control System, 1.3.1 or later
          (binary installation and Python bindings)
-          (http://subversion.tigris.org/)
+          (http://subversion.apache.org/)

    Optional:

@@ -176,7 +176,24 @@ APACHE CONFIGURATION
   or /etc/local. Use the vendor documentation or the find utility if
   in doubt.

-2) Configure Apache to expose ViewVC to users at the URL of your choice.
+2) Depending on how your Apache configuration is setup by default, you
+   might need to explicitly allow high-level access to the ViewVC
+   install location.
+
+      <Directory <VIEWVC_INSTALLATION_DIRECTORY>>
+        Order allow,deny
+        Allow from all
+      </Directory>
+
+   For example, if ViewVC is installed in /usr/local/viewvc-1.0 on
+   your system:
+
+      <Directory /usr/local/viewvc-1.0>
+        Order allow,deny
+        Allow from all
+      </Directory>
+
+3) Configure Apache to expose ViewVC to users at the URL of your choice.

   ViewVC provides several different ways to do this.  Choose one of
   the following methods:
@@ -187,13 +204,13 @@ APACHE CONFIGURATION
   The ScriptAlias directive is very useful for pointing 
   directly to the viewvc.cgi script.  Simply insert a line containing

-     ScriptAlias /viewvc <VIEWVC_INSTALLATION_DIRECTORY>/bin/cgi/viewvc.cgi
+      ScriptAlias /viewvc <VIEWVC_INSTALLATION_DIRECTORY>/bin/cgi/viewvc.cgi

   into your httpd.conf file.  Choose the location in httpd.conf where 
   also the other ScriptAlias lines reside.  Some examples:

-     ScriptAlias /viewvc /usr/local/viewvc-1.0/bin/cgi/viewvc.cgi
-     ScriptAlias /query /usr/local/viewvc-1.0/bin/cgi/query.cgi
+      ScriptAlias /viewvc /usr/local/viewvc-1.0/bin/cgi/viewvc.cgi
+      ScriptAlias /query /usr/local/viewvc-1.0/bin/cgi/query.cgi

   ----------------------------------------
   METHOD B:  CGI mode in cgi-bin directory
@@ -201,6 +218,10 @@ APACHE CONFIGURATION
   Copy the CGI scripts from 
   <VIEWVC_INSTALLATION_DIRECTORY>/bin/cgi/*.cgi
   to the /cgi-bin/ directory configured in your httpd.conf file.
+
+   You can override configuration file location using:
+
+       SetEnv VIEWVC_CONF_PATHNAME /etc/viewvc.conf
   
   ------------------------------------------
   METHOD C:  CGI mode in ExecCGI'd directory
@@ -210,12 +231,12 @@ APACHE CONFIGURATION
   to the directory of your choosing in the Document Root adding the following
   Apache directives for the directory in httpd.conf or an .htaccess file:

-     Options +ExecCGI
-     AddHandler cgi-script .cgi
+      Options +ExecCGI
+      AddHandler cgi-script .cgi
     
-   (Note: For this to work mod_cgi has to be loaded. And for the .htaccess file
+   Note: For this to work mod_cgi has to be loaded.  And for the .htaccess file
   to be effective, "AllowOverride All" or "AllowOverride Options FileInfo"
-   need to have been specified for the directory.)
+   needs to have been specified for the directory.
   
   ------------------------------------------
   METHOD D:  Using mod_python (if installed)
@@ -227,17 +248,60 @@ APACHE CONFIGURATION
   In httpd.conf, make sure that "AllowOverride All" or at least 
   "AllowOverride FileInfo Options" are enabled for the directory
   you copied the files to.
+
+   You can override configuration file location using:
+
+       SetEnv VIEWVC_CONF_PATHNAME /etc/viewvc.conf
   
   Note: If you are using Mod_Python under Apache 1.3 the tarball generation
   feature may not work because it uses multithreading.  This works fine
   under Apache 2.
   
-3) Restart Apache.
+   ----------------------------------------
+   METHOD E:  Using mod_wsgi (if installed)
+   ----------------------------------------
+   Copy the Python scripts file from
+   <VIEWVC_INSTALLATION_DIRECTORY>/bin/mod_python/
+   to the directory of your choosing.  Modify httpd.conf with the
+   following directives:

-   The commands to do this vary.  "httpd -k restart" and "apache -k
-   restart" are two common variants.  On RedHat Linux it is done using
-   the command "/sbin/service httpd restart" and on SuSE Linux it is
-   done with "rcapache restart".  Other systems use "apachectl restart".
+      WSGIScriptAlias /viewvc <VIEWVC_INSTALLATION_DIRECTORY>/bin/wsgi/viewvc.wsgi
+      WSGIScriptAlias /query <VIEWVC_INSTALLATION_DIRECTORY>/bin/wsgi/query.wsgi
+
+   You'll probably also need the following directive because of the
+   not-quite-sanctioned way that ViewVC manipulates Python objects.
+
+      WSGIApplicationGroup %{GLOBAL}
+
+   Note: WSGI support in ViewVC is at this time quite rudimentary,
+   bordering on downright experimental.  Your mileage may vary.
+
+   -----------------------------------------
+   METHOD F:  Using mod_fcgid (if installed)
+   -----------------------------------------
+
+   This uses ViewVC's WSGI support (from above), but supports using FastCGI,
+   and is a somewhat hybrid approach of several of the above methods.
+
+   Especially if fcgi is already being used for other purposes, e.g. PHP,
+   also using fcgi can prevent the need for including additional modules
+   (e.g. mod_python or mod_wsgi) within Apache, which may help lessen Apache's
+   memory usage and/or help improve performance.
+
+   This depends on mod_fcgid:
+
+      http://httpd.apache.org/mod_fcgid/
+
+   as well as the fcgi server from Python's flup package:
+
+      http://pypi.python.org/pypi/flup
+      http://trac.saddi.com/flup
+
+   The following are some example httpd.conf fragments you can use to
+   support this configuration:
+
+      ScriptAlias /viewvc /usr/local/viewvc/bin/wsgi/viewvc.fcgi
+      ScriptAlias /query /usr/local/viewvc/bin/wsgi/query.fcgi

 4) [Optional] Add access control.

@@ -260,7 +324,14 @@ APACHE CONFIGURATION
      http://<server_name>/viewvc/~checkout~/<module_name>
      http://<server_name>/viewvc/<module_name>.tar.gz?view=tar

-5) Optional: Protect your ViewVC instance from server-whacking webcrawlers.
+5) Restart Apache.
+
+   The commands to do this vary.  "httpd -k restart" and "apache -k
+   restart" are two common variants.  On RedHat Linux it is done using
+   the command "/sbin/service httpd restart" and on SuSE Linux it is
+   done with "rcapache restart".  Other systems use "apachectl restart".
+
+6) Optional: Protect your ViewVC instance from server-whacking webcrawlers.

   As ViewVC is a web-based application which each page containing various
   links to other pages and views, you can expect your server's performance
--- a/LICENSE.html
+++ b/LICENSE.html
@@ -15,7 +15,7 @@

 <blockquote>

-<p><strong>Copyright &copy; 1999-2010 The ViewCVS Group.  All rights
+<p><strong>Copyright &copy; 1999-2013 The ViewCVS Group.  All rights
   reserved.</strong></p>

 <p>By using ViewVC, you agree to the terms and conditions set forth
@@ -61,6 +61,9 @@
  <li>February 22, 2008 &mdash; copyright years updated</li>
  <li>March 18, 2009 &mdash; copyright years updated</li>
  <li>March 29, 2010 &mdash; copyright years updated</li>
+  <li>February 18, 2011 &mdash; copyright years updated</li>
+  <li>January 23, 2012 &mdash; copyright years updated</li>
+  <li>January 04, 2013 &mdash; copyright years updated</li>
 </ul>

 </body>
--- a/bin/asp/query.asp
+++ b/bin/asp/query.asp
@@ -3,7 +3,7 @@

 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -54,7 +54,10 @@ import query
 server = sapi.AspServer(Server, Request, Response, Application)
 try:
  cfg = viewvc.load_config(CONF_PATHNAME, server)
-  query.main(server, cfg, "viewvc.asp")
+  viewvc_base_url = cfg.query.viewvc_base_url
+  if viewvc_base_url is None:
+    viewvc_base_url = "viewvc.asp"
+  query.main(server, cfg, viewvc_base_url)
 finally:
  s.close()

--- a/bin/asp/viewvc.asp
+++ b/bin/asp/viewvc.asp
@@ -3,7 +3,7 @@

 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/bin/cgi/query.cgi
+++ b/bin/cgi/query.cgi
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -54,4 +54,7 @@ import query

 server = sapi.CgiServer()
 cfg = viewvc.load_config(CONF_PATHNAME, server)
-query.main(server, cfg, "viewvc.cgi")
+viewvc_base_url = cfg.query.viewvc_base_url
+if viewvc_base_url is None:
+  viewvc_base_url = "viewvc.cgi"
+query.main(server, cfg, viewvc_base_url)
--- a/bin/cgi/viewvc.cgi
+++ b/bin/cgi/viewvc.cgi
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/bin/cvsdbadmin
+++ b/bin/cvsdbadmin
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/bin/loginfo-handler
+++ b/bin/loginfo-handler
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/bin/make-database
+++ b/bin/make-database
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -40,7 +40,7 @@ CREATE TABLE branches (
  branch varchar(64) binary DEFAULT '' NOT NULL,
  PRIMARY KEY (id),
  UNIQUE branch (branch)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS checkins;
 CREATE TABLE checkins (
@@ -63,7 +63,7 @@ CREATE TABLE checkins (
  KEY dirid (dirid),
  KEY fileid (fileid),
  KEY branchid (branchid)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS descs;
 CREATE TABLE descs (
@@ -72,7 +72,7 @@ CREATE TABLE descs (
  hash bigint(20) DEFAULT '0' NOT NULL,
  PRIMARY KEY (id),
  KEY hash (hash)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS dirs;
 CREATE TABLE dirs (
@@ -80,7 +80,7 @@ CREATE TABLE dirs (
  dir varchar(255) binary DEFAULT '' NOT NULL,
  PRIMARY KEY (id),
  UNIQUE dir (dir)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS files;
 CREATE TABLE files (
@@ -88,7 +88,7 @@ CREATE TABLE files (
  file varchar(255) binary DEFAULT '' NOT NULL,
  PRIMARY KEY (id),
  UNIQUE file (file)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS people;
 CREATE TABLE people (
@@ -96,7 +96,7 @@ CREATE TABLE people (
  who varchar(128) binary DEFAULT '' NOT NULL,
  PRIMARY KEY (id),
  UNIQUE who (who)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS repositories;
 CREATE TABLE repositories (
@@ -104,7 +104,7 @@ CREATE TABLE repositories (
  repository varchar(64) binary DEFAULT '' NOT NULL,
  PRIMARY KEY (id),
  UNIQUE repository (repository)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS tags;
 CREATE TABLE tags (
@@ -118,7 +118,7 @@ CREATE TABLE tags (
  KEY dirid (dirid),
  KEY fileid (fileid),
  KEY branchid (branchid)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 """

 ## ------------------------------------------------------------------------
@@ -132,7 +132,7 @@ CREATE TABLE branches (
  branch varchar(64) binary DEFAULT '' NOT NULL,
  PRIMARY KEY (id),
  UNIQUE branch (branch)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS commits;
 CREATE TABLE commits (
@@ -156,7 +156,7 @@ CREATE TABLE commits (
  KEY fileid (fileid),
  KEY branchid (branchid),
  KEY descid (descid)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS descs;
 CREATE TABLE descs (
@@ -165,7 +165,7 @@ CREATE TABLE descs (
  hash bigint(20) DEFAULT '0' NOT NULL,
  PRIMARY KEY (id),
  KEY hash (hash)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS dirs;
 CREATE TABLE dirs (
@@ -173,7 +173,7 @@ CREATE TABLE dirs (
  dir varchar(255) binary DEFAULT '' NOT NULL,
  PRIMARY KEY (id),
  UNIQUE dir (dir)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS files;
 CREATE TABLE files (
@@ -181,7 +181,7 @@ CREATE TABLE files (
  file varchar(255) binary DEFAULT '' NOT NULL,
  PRIMARY KEY (id),
  UNIQUE file (file)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS people;
 CREATE TABLE people (
@@ -189,7 +189,7 @@ CREATE TABLE people (
  who varchar(128) binary DEFAULT '' NOT NULL,
  PRIMARY KEY (id),
  UNIQUE who (who)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS repositories;
 CREATE TABLE repositories (
@@ -197,7 +197,7 @@ CREATE TABLE repositories (
  repository varchar(64) binary DEFAULT '' NOT NULL,
  PRIMARY KEY (id),
  UNIQUE repository (repository)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS tags;
 CREATE TABLE tags (
@@ -211,7 +211,7 @@ CREATE TABLE tags (
  KEY dirid (dirid),
  KEY fileid (fileid),
  KEY branchid (branchid)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;

 DROP TABLE IF EXISTS metadata;
 CREATE TABLE metadata (
@@ -219,7 +219,7 @@ CREATE TABLE metadata (
  value text,
  PRIMARY KEY (name),
  UNIQUE name (name)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 INSERT INTO metadata (name, value) VALUES ('version', '1');
 """

@@ -245,6 +245,10 @@ options.)  This script will use the 'mysql' program to create the
 database for you.  You will then need to set the appropriate
 parameters in the [cvsdb] section of your viewvc.conf file.

+NOTE: If a hostname or port is supplied at the command line or during
+interactive prompting, this script will pass '--protocol=TCP' to
+'mysql'.
+
 Options:

  --dbname=ARG        Use ARG as the ViewVC database name to create.
@@ -253,7 +257,8 @@ Options:
  --help              Show this usage message.
  
  --hostname=ARG      Use ARG as the hostname for the MySQL connection.
-                      [Default: localhost]
+
+  --port=ARG          Use ARG as the port for the MySQL connection.

  --password=ARG      Use ARG as the password for the MySQL connection.

@@ -273,10 +278,11 @@ Options:
 if __name__ == "__main__":
  try:
    # Parse the command-line options, if any.
-    dbname = version = hostname = username = password = None
+    dbname = version = hostname = port = username = password = None
    opts, args = getopt.getopt(sys.argv[1:], '', [ 'dbname=',
                                                   'help',
                                                   'hostname=',
+                                                   'port=',
                                                   'password=',
                                                   'username=',
                                                   'version=',
@@ -290,6 +296,8 @@ if __name__ == "__main__":
        dbname = value
      elif name == '--hostname':
        hostname = value
+      elif name == '--port':
+        port = value
      elif name == '--username':
        username = value
      elif name == '--password':
@@ -302,7 +310,9 @@ if __name__ == "__main__":

    # Prompt for information not provided via command-line options.
    if hostname is None:
-      hostname = raw_input("MySQL Hostname [default: localhost]: ") or ""
+      hostname = raw_input("MySQL Hostname (leave blank for default): ")
+    if port is None:
+      port = raw_input("MySQL Port (leave blank for default): ")
    if username is None:
      username = raw_input("MySQL User: ")
    if password is None:
@@ -310,7 +320,7 @@ if __name__ == "__main__":
    if dbname is None:
      dbname = raw_input("ViewVC Database Name [default: ViewVC]: ") or "ViewVC"

-    # Create the database
+    # Create the database.
    dscript = string.replace(DATABASE_SCRIPT_COMMON, "<dbname>", dbname)
    if version == "1.0":
      print BONSAI_COMPAT
@@ -318,16 +328,22 @@ if __name__ == "__main__":
    else:
      dscript = dscript + DATABASE_SCRIPT_VERSION_1

-    host_option = hostname and "--host=%s" % (hostname) or ""
+    # Calculate command arguments.
+    cmd_args = "--user=%s --password=%s" % (username, password)
+    if hostname or port:
+      cmd_args = cmd_args + " --protocol=TCP"
+    if hostname:
+      cmd_args = cmd_args + " --host=%s" % (hostname)
+    if port:
+      cmd_args = cmd_args + " --port=%s" % (port)
+      
    if sys.platform == "win32":
-      cmd = "mysql --user=%s --password=%s %s "\
-            % (username, password, host_option)
+      cmd = "mysql %s" % (cmd_args)
      mysql = os.popen(cmd, "w") # popen2.Popen3 is not provided on windows
      mysql.write(dscript)
      status = mysql.close()
    else:
-      cmd = "{ mysql --user=%s --password=%s %s ; } 2>&1" \
-            % (username, password, host_option)
+      cmd = "{ mysql %s ; } 2>&1" % (cmd_args)
      pipes = popen2.Popen3(cmd)
      pipes.tochild.write(dscript)
      pipes.tochild.close()
--- a/bin/mod_python/handler.py
+++ b/bin/mod_python/handler.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/bin/mod_python/query.py
+++ b/bin/mod_python/query.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -65,7 +65,10 @@ cfg = viewvc.load_config(CONF_PATHNAME)
 def index(req):
  server = sapi.ModPythonServer(req)
  try:
-    query.main(server, cfg, "viewvc.py")
+    viewvc_base_url = cfg.query.viewvc_base_url
+    if viewvc_base_url is None:
+      viewvc_base_url = "viewvc.py"
+    query.main(server, cfg, viewvc_base_url)
  finally:
    server.close()

--- a/bin/mod_python/viewvc.py
+++ b/bin/mod_python/viewvc.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/bin/standalone.py
+++ b/bin/standalone.py
--- a/bin/svndbadmin
+++ b/bin/svndbadmin
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 2004-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 2004-2013 The ViewCVS Group. All Rights Reserved.
 # Copyright (C) 2004-2007 James Henstridge
 #
 # By using this file, you agree to the terms and conditions set forth in
@@ -153,7 +153,7 @@ class SvnRev:
        fsroot = self._get_root_for_rev(rev)
        
        # find changes in the revision
-        editor = svn.repos.RevisionChangeCollector(repo.fs, rev)
+        editor = svn.repos.ChangeCollector(repo.fs, fsroot)
        e_ptr, e_baton = svn.delta.make_editor(editor)
        svn.repos.svn_repos_replay(fsroot, e_ptr, e_baton)

@@ -164,21 +164,33 @@ class SvnRev:
                continue

            # deal with the change types we handle
+            action = None
            base_root = None
+            base_path = change.base_path
            if change.base_path:
                base_root = self._get_root_for_rev(change.base_rev)
-                
-            if not change.path:
+
+            # figure out what kind of change this is, and get a diff
+            # object for it.  note that prior to 1.4 Subversion's
+            # bindings didn't give us change.action, but that's okay
+            # because back then deleted paths always had a change.path
+            # of None.
+            if hasattr(change, 'action') \
+               and change.action == svn.repos.CHANGE_ACTION_DELETE:
+                action = 'remove'
+            elif not change.path:
                action = 'remove'
            elif change.added:
                action = 'add'
            else:
                action = 'change'

-            diffobj = svn.fs.FileDiff(base_root and base_root or None,
-                                      base_root and change.base_path or None,
-                                      change.path and fsroot or None,
-                                      change.path and change.path or None)
+            if action == 'remove':
+                diffobj = svn.fs.FileDiff(base_root, base_path, None, None)
+            else:
+                diffobj = svn.fs.FileDiff(base_root, base_path,
+                                          fsroot, change.path)
+
            diff_fp = diffobj.get_pipe()
            plus, minus = _get_diff_counts(diff_fp)
            self.changes.append((path, action, plus, minus))
@@ -242,6 +254,7 @@ def main(command, repository, revs=[], verbose=0, force=0):
    cfg = viewvc.load_config(CONF_PATHNAME)
    db = cvsdb.ConnectDatabase(cfg)

+    # Purge what must be purged.
    if command in ('rebuild', 'purge'):
        if verbose:
            print "Purging commit info for repository root `%s'" % repository
@@ -252,18 +265,24 @@ def main(command, repository, revs=[], verbose=0, force=0):
                sys.stderr.write("ERROR: " + str(e) + "\n")
                sys.exit(1)

-    repo = SvnRepo(repository)
-    if command == 'rebuild' or (command == 'update' and not revs):
-        for rev in range(repo.rev_max+1):
-            handle_revision(db, command, repo, rev, verbose)
-    elif command == 'update':
-        if revs[0] is None:
-            revs[0] = repo.rev_max
-        if revs[1] is None:
-            revs[1] = repo.rev_max
-        revs.sort()
-        for rev in range(revs[0], revs[1]+1):
-            handle_revision(db, command, repo, rev, verbose, force)
+    # Record what must be recorded.
+    if command in ('rebuild', 'update'):
+        if not os.path.exists(repository):
+            sys.stderr.write('ERROR: could not find repository %s\n'
+                             % (repository))
+            sys.exit(1)
+        repo = SvnRepo(repository)
+        if command == 'rebuild' or (command == 'update' and not revs):
+            for rev in range(repo.rev_max+1):
+                handle_revision(db, command, repo, rev, verbose)
+        elif command == 'update':
+            if revs[0] is None:
+                revs[0] = repo.rev_max
+            if revs[1] is None:
+                revs[1] = repo.rev_max
+            revs.sort()
+            for rev in range(revs[0], revs[1]+1):
+                handle_revision(db, command, repo, rev, verbose, force)

 def _rev2int(r):
    if r == 'HEAD':
@@ -281,7 +300,7 @@ def usage():
 located at REPOS-PATH.

 Usage: 1. %s [-v] rebuild REPOS-PATH
-       2. %s [-v] update REPOS-PATH [REV:[REV2]] [--force]
+       2. %s [-v] update REPOS-PATH [REV[:REV2]] [--force]
       3. %s [-v] purge REPOS-PATH

 1.  Rebuild the commit database information for the repository located
@@ -330,12 +349,6 @@ if __name__ == '__main__':
        sys.stderr.write('ERROR: unknown command %s\n' % command)
        usage()

-    repository = args[2]
-    if not os.path.exists(repository):
-        sys.stderr.write('ERROR: could not find repository %s\n' % args[2])
-        usage()
-    repository = vclib.svn.canonicalize_rootpath(repository)
-
    revs = []
    if len(sys.argv) > 3:
        if command == 'rebuild':
@@ -358,6 +371,7 @@ if __name__ == '__main__':
        rev = None

    try:
+        repository = vclib.svn.canonicalize_rootpath(args[2])
        repository = cvsdb.CleanRepository(os.path.abspath(repository))
        main(command, repository, revs, verbose, force)
    except KeyboardInterrupt:
--- a/bin/wsgi/query.fcgi
+++ b/bin/wsgi/query.fcgi
@@ -0,0 +1,54 @@
+#!/usr/bin/python
+# -*-python-*-
+#
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
+#
+# By using this file, you agree to the terms and conditions set forth in
+# the LICENSE.html file which can be found at the top level of the ViewVC
+# distribution or at http://viewvc.org/license-1.html.
+#
+# For more information, visit http://viewvc.org/
+#
+# -----------------------------------------------------------------------
+#
+# viewvc: View CVS/SVN repositories via a web browser
+#
+# -----------------------------------------------------------------------
+#
+# This is a fcgi entry point for the query ViewVC app. It's appropriate
+# for use with mod_fcgid and flup. It defines a single application function
+# that is a valid fcgi entry point.
+#
+# mod_fcgid: http://httpd.apache.org/mod_fcgid/
+# flup:
+#   http://pypi.python.org/pypi/flup
+#   http://trac.saddi.com/flup
+#
+# -----------------------------------------------------------------------
+
+import sys, os
+
+LIBRARY_DIR = None
+CONF_PATHNAME = None
+
+if LIBRARY_DIR:
+  sys.path.insert(0, LIBRARY_DIR)
+else:
+  sys.path.insert(0, os.path.abspath(os.path.join(sys.argv[0],
+                                                  "../../../lib")))
+
+import sapi
+import viewvc
+import query
+from flup.server import fcgi
+
+def application(environ, start_response):
+  server = sapi.WsgiServer(environ, start_response)
+  cfg = viewvc.load_config(CONF_PATHNAME, server)
+  viewvc_base_url = cfg.query.viewvc_base_url
+  if viewvc_base_url is None:
+    viewvc_base_url = "viewvc.fcgi"
+  query.main(server, cfg, viewvc_base_url)
+  return []
+
+fcgi.WSGIServer(application).run()
--- a/bin/wsgi/query.wsgi
+++ b/bin/wsgi/query.wsgi
@@ -0,0 +1,45 @@
+# -*-python-*-
+#
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
+#
+# By using this file, you agree to the terms and conditions set forth in
+# the LICENSE.html file which can be found at the top level of the ViewVC
+# distribution or at http://viewvc.org/license-1.html.
+#
+# For more information, visit http://viewvc.org/
+#
+# -----------------------------------------------------------------------
+#
+# viewvc: View CVS/SVN repositories via a web browser
+#
+# -----------------------------------------------------------------------
+#
+# This is a wsgi entry point for the query ViewVC app. It's appropriate
+# for use with mod_wsgi. It defines a single application function that
+# is a valid wsgi entry point.
+#
+# -----------------------------------------------------------------------
+
+import sys, os
+
+LIBRARY_DIR = None
+CONF_PATHNAME = None
+
+if LIBRARY_DIR:
+  sys.path.insert(0, LIBRARY_DIR)
+else:
+  sys.path.insert(0, os.path.abspath(os.path.join(sys.argv[0],
+                                                  "../../../lib")))
+
+import sapi
+import viewvc
+import query
+
+def application(environ, start_response):
+  server = sapi.WsgiServer(environ, start_response)
+  cfg = viewvc.load_config(CONF_PATHNAME, server)
+  viewvc_base_url = cfg.query.viewvc_base_url
+  if viewvc_base_url is None:
+    viewvc_base_url = "viewvc.wsgi"
+  query.main(server, cfg, viewvc_base_url)
+  return []
--- a/bin/wsgi/viewvc.fcgi
+++ b/bin/wsgi/viewvc.fcgi
@@ -0,0 +1,50 @@
+#!/usr/bin/python
+# -*-python-*-
+#
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
+#
+# By using this file, you agree to the terms and conditions set forth in
+# the LICENSE.html file which can be found at the top level of the ViewVC
+# distribution or at http://viewvc.org/license-1.html.
+#
+# For more information, visit http://viewvc.org/
+#
+# -----------------------------------------------------------------------
+#
+# viewvc: View CVS/SVN repositories via a web browser
+#
+# -----------------------------------------------------------------------
+#
+# This is a fcgi entry point for the main ViewVC app. It's appropriate
+# for use with mod_fcgid and flup. It defines a single application function
+# that is a valid fcgi entry point.
+#
+# mod_fcgid: http://httpd.apache.org/mod_fcgid/
+# flup:
+#   http://pypi.python.org/pypi/flup
+#   http://trac.saddi.com/flup
+#
+# -----------------------------------------------------------------------
+
+import sys, os
+
+LIBRARY_DIR = None
+CONF_PATHNAME = None
+
+if LIBRARY_DIR:
+  sys.path.insert(0, LIBRARY_DIR)
+else:
+  sys.path.insert(0, os.path.abspath(os.path.join(sys.argv[0],
+                                                  "../../../lib")))
+
+import sapi
+import viewvc
+from flup.server import fcgi
+
+def application(environ, start_response):
+  server = sapi.WsgiServer(environ, start_response)
+  cfg = viewvc.load_config(CONF_PATHNAME, server)
+  viewvc.main(server, cfg)
+  return []
+
+fcgi.WSGIServer(application).run()
--- a/bin/wsgi/viewvc.wsgi
+++ b/bin/wsgi/viewvc.wsgi
@@ -0,0 +1,41 @@
+# -*-python-*-
+#
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
+#
+# By using this file, you agree to the terms and conditions set forth in
+# the LICENSE.html file which can be found at the top level of the ViewVC
+# distribution or at http://viewvc.org/license-1.html.
+#
+# For more information, visit http://viewvc.org/
+#
+# -----------------------------------------------------------------------
+#
+# viewvc: View CVS/SVN repositories via a web browser
+#
+# -----------------------------------------------------------------------
+#
+# This is a wsgi entry point for the main ViewVC app. It's appropriate
+# for use with mod_wsgi. It defines a single application function that
+# is a valid wsgi entry point.
+#
+# -----------------------------------------------------------------------
+
+import sys, os
+
+LIBRARY_DIR = None
+CONF_PATHNAME = None
+
+if LIBRARY_DIR:
+  sys.path.insert(0, LIBRARY_DIR)
+else:
+  sys.path.insert(0, os.path.abspath(os.path.join(sys.argv[0],
+                                                  "../../../lib")))
+
+import sapi
+import viewvc
+
+def application(environ, start_response):
+  server = sapi.WsgiServer(environ, start_response)
+  cfg = viewvc.load_config(CONF_PATHNAME, server)
+  viewvc.main(server, cfg)
+  return []
--- a/conf/viewvc.conf.dist
+++ b/conf/viewvc.conf.dist
@@ -86,8 +86,8 @@

 ## cvs_roots: Specifies each of the CVS roots on your system and
 ## assigns names to them. Each root should be given by a "name: path"
-## value. Multiple roots should be separated by commas and can be
-## placed on separate lines.
+## value (where the path is an absolute filesystem path). Multiple roots
+## should be separated by commas and can be placed on separate lines.
 ##
 ## Example:
 ## cvs_roots = cvsroot: /opt/cvs/repos1,
@@ -97,8 +97,13 @@

 ## svn_roots: Specifies each of the Subversion roots (repositories) on
 ## your system and assigns names to them. Each root should be given by
-## a "name: path" value. Multiple roots should be separated by commas
-## and can be placed on separate lines.
+## a "name: path" value (where the path is an absolute filesystem path).
+## Multiple roots should be separated by commas and can be placed on
+## separate lines.
+##
+## NOTE: ViewVC offers *experimental* support for displaying remote
+## Subversion repositories.  Simply use the repository's URL instead
+## of a local filesystem path when defining the root.
 ##
 ## Example:
 ## svn_roots = svnrepos: /opt/svn/,
@@ -106,27 +111,48 @@
 ##
 #svn_roots =

-## root_parents:  Specifies a list of directories in which any number of
-## repositories may reside.  Rather than force you to add a new entry
-## to 'cvs_roots' or 'svn_roots' each time you create a new repository,
-## ViewVC rewards you for organising all your repositories under a few
-## parent directories by allowing you to simply specifiy just those
-## parent directories.  ViewVC will then notice each repository in that
-## directory as a new root whose name is the subdirectory of the parent
-## path in which that repository lives.
+## root_parents: Specifies a list of directories under which any
+## number of repositories may reside.  You can specify multiple root
+## parents separated by commas or new lines, each of which is of the
+## form "path: type" (where the type is either "cvs" or "svn", and
+## the path is an absolute filesystem path).
 ##
-## You can specify multiple parent paths separated by commas or new lines.
+## Rather than force you to add a new entry to 'cvs_roots' or
+## 'svn_roots' each time you create a new repository, ViewVC rewards
+## you for organizing all your repositories under a few parent
+## directories by allowing you to simply tell it about those parent
+## directories.  ViewVC will then notice each repository of the
+## specified type in that directory as a root whose name is the
+## subdirectory in which that repository lives.
 ##
-## WARNING: these names can, of course, clash with names you have
-## defined in your cvs_roots or svn_roots configuration items.  If this
-## occurs, you can either rename the offending repository on disk, or
-## grant new names to the clashing item in cvs_roots or svn_roots.
-## Each parent path is processed sequentially, so repositories under
-## later parent paths may override earlier ones.
+## For example, if you have three Subversion repositories located at
+## /opt/svn/projects, /opt/svn/websites, and /opt/svn/devstuff, you
+## could list them individually in svn_roots like so:
+##
+##    svn_roots = projects: /opt/svn/projects,
+##                websites: /opt/svn/websites,
+##                devstuff: /opt/svn/devstuff
+##
+## or you could instead use the root_parents configuration option:
+##
+##    root_parents = /opt/svn: svn
+##
+## The benefit of this latter approach is that, as you add new
+## repositories to your /opt/svn directory, they automatically become
+## available for display in ViewVC without additional configuration.
+##
+## WARNING: the root names derived for repositories configured via the
+## root_parents option can, of course, clash with names you have
+## defined in your cvs_roots or svn_roots configuration items.  If
+## this occurs, you can either rename the offending repository on
+## disk, or grant new names to the clashing item in cvs_roots or
+## svn_roots.  Each parent path is processed sequentially, so the
+## names of repositories under later parent paths may override earlier
+## ones.
 ##
 ## Example:
-## root_parents = /opt/svn : svn,
-##                /opt/cvs : cvs
+## root_parents = /opt/svn: svn,
+##                /opt/cvs: cvs
 ##
 #root_parents =

@@ -325,10 +351,64 @@
 ## allowed_views: List the ViewVC views which are enabled.  Views not
 ## in this comma-delited list will not be served (or, will return an
 ## error on attempted access).
-## Possible values: "annotate", "co", "diff", "markup", "roots", "tar"
+##
+## Valid items for this list include: "annotate", "co", "diff", "markup",
+## "roots", "tar".
+##
+## ----------+---------------------------------------------------------
+##    VIEW   |                       DESCRIPTION
+## ----------+---------------------------------------------------------
+##  annotate | The 'annotate' view shows the contents of a single
+##           | revision of a versioned file in exactly the same way as
+##           | the markup view, but with additional line-by-line
+##           | change attribution (the revision number, author, etc.
+##           | the most recent edit to that line of text as of the
+##           | displayed version).
+## ----------+---------------------------------------------------------
+##  co       | The 'co' (aka "checkout" or "download") view isn't
+##           | really a branded view at all, but allows for direct
+##           | downloading of the contents of a single revision of a 
+##           | versioned file.
+## ----------+---------------------------------------------------------
+##  diff     | The 'diff' view displays line-based differences between
+##           | two revisions of a versioned file in a variety of
+##           | different user-selectable formats.
+## ----------+---------------------------------------------------------
+##  markup   | The 'markup' view shows the contents of a single
+##           | revision of a versioned file, with syntax highlighting
+##           | where possible and enabled.  It can also optionally
+##           | show change log information for that revision of the
+##           | file.
+## ----------+---------------------------------------------------------
+##  roots    | The 'roots' view is a simple listing of the various
+##           | repositories which ViewVC has been configured to serve
+##           | to users.
+## ----------+---------------------------------------------------------
+##  tar      | The 'tar' view isn't a branded view, but generates
+##           | a GNU Tar archive file containing a single versioned
+##           | directory and its contents (recursively).
+## ----------+---------------------------------------------------------
 ##
 #allowed_views = annotate, diff, markup, roots

+## Comma-delimited list of MIME content types (with support for fnmatch-
+## style glob characters) which are considered not-human-readable and for
+## which ViewVC will neither generate links to, nor support the direct
+## display of, non-checkout views which carry the file's content (the
+## 'markup', 'annotate', 'diff', and 'patch' views).
+##
+## NOTE: Handling of this option is given priority over ViewVC's
+## longstanding support for showing web-friendly file formats -- even
+## binary ones such as "image/jpeg" and "image/gif" -- in the 'markup'
+## view.  Thus, if you add "image/*" to this list, 'markup'-view
+## display of JPEG, GIF, and PNG images will be disabled.
+##
+## Example:
+## binary_mime_types = application/octet-stream, image/*, application/pdf, 
+##                     application/vnd*, application/msword, audio/*
+#
+#binary_mime_types =
+
 ## authorizer: The name of the ViewVC authorizer plugin to use when
 ## authorizing access to repository contents.  This value must be the
 ## name of a Python module addressable as vcauth.MODULENAME (most
@@ -371,6 +451,26 @@
 ##
 #mangle_email_addresses = 0

+## custom_log_formatting: Specifies mappings of regular expressions to
+## substitution format strings used to URL-ize strings found in
+## revision log messages.  Multiple mappings (specified as
+## REGEXP:FORMATSTRING) may be defined, separated by commas.
+##
+## NOTE: Due to a limitation of the configuration format, commas may
+## not be used in the regular expression portion of each mapping.
+## Commas "in the raw" may not be used in the format string portion,
+## either, but you can probably use the URI-encoded form of the comma
+## ("%2C") instead with no ill side-effects.  If you must specify a
+## colon character in either the regular expression or the format
+## string, escape it with a preceding backslash ("\:").
+##
+## Example:
+## custom_log_formatting =
+##     artf[0-9]+ : http://example.com/tracker?id=\0,
+##     issue ([0-9]+) : http://example.com/bug?id=\1&opts=full%2csortby=id
+##
+#custom_log_formatting =
+
 ## default_file_view: "log", "co", or "markup"
 ## Controls whether the default view for file URLs is a checkout view or
 ## a log view. "log" is the default for backwards compatibility with old
@@ -410,6 +510,15 @@
 ##
 #svn_ignore_mimetype = 0

+## max_filesize_kbytes: Limit ViewVC's processing of file contents in
+## "markup" and "annotate" views to only those files which are smaller
+## than this setting, expressed in kilobytes.  Set to 0 to disable
+## this safeguard.
+##
+## NOTE: The "co" and "tar" views are unaffected by this setting.
+## 
+#max_filesize_kbytes = 512
+
 ## svn_config_dir: Path of the Subversion runtime configuration
 ## directory ViewVC should consult for various things, including cached
 ## remote authentication credentials.  If unset, Subversion will use
@@ -479,7 +588,7 @@
 ## (Only works well for C source files, otherwise diff's heuristic falls short.)
 ## ('-p' option to diff)
 ##
-#hr_funout = 0
+#hr_funout = 1

 ## hr_ignore_white: Ignore whitespace (indendation and stuff) for human
 ## readable diffs.
@@ -552,6 +661,14 @@
 ##
 #show_subdir_lastmod = 0

+## show_roots_lastmod: In the root listing view, show the most recent
+## modifications made to the root.  (Subversion roots only.)
+##
+## NOTE: Enabling this feature will significantly reduce the
+## performance of the root listing view.
+##
+#show_roots_lastmod = 0
+
 ## show_logs: Show the most recent log entry in directory listings.
 ##
 #show_logs = 1
@@ -569,25 +686,35 @@
 ##
 #use_localtime = 0

+## iso8601_dates: Display timestamps using a standard ISO-8601 format.
+##
+#iso8601_timestamps = 0
+
 ## short_log_len: The length (in characters) to which the most recent
 ## log entry should be truncated when shown in the directory view.
 ##
 #short_log_len = 80

 ## enable_syntax_coloration: Should we colorize known file content
-## syntaxes?  [Requires Pygments Python module]
+## syntaxes?
+##
+## NOTE: This feature requires the Pygments Python module
+## (http://pygments.org) and works only when ViewVC can determine the
+## MIME content type of the file whose contents it wishes to colorize.
+## Use the 'mime_types_files' configuration option to specify MIME
+## type mapping files useful for making that determination.
 ##
 #enable_syntax_coloration = 1

-## tabsize: The number of spaces into which tabstops are converted
-## when viewing file contents.
+## tabsize: The number of spaces into which horizontal tab characters
+## are converted when viewing file contents.  Set to 0 to preserve
+## tab characters.
 ##
 #tabsize = 8

 ## detect_encoding: Should we attempt to detect versioned file
 ## character encodings?  [Requires 'chardet' module, and is currently
-## used only by the syntax coloration logic -- if enabled -- for the
-## 'markup' and 'annotate' views; see 'enable_syntax_coloration'.]
+## used only for the 'markup' and 'annotate' views.]
 ##
 #detect_encoding = 0

@@ -629,6 +756,26 @@
 ##
 #log_pagesize = 0

+## log_pagesextra: Maximum number of extra pages (based on
+## log_pagesize) of revision log data to fetch and present to the user
+## as additional options for display.  Revision log information
+## "beyond" this window is still accessible, but must be navigated to
+## in multiple steps.
+##
+## Example:
+## log_pagesize = 100
+## log_pagesextra = 3
+##
+## For a versioned file with 1000 revisions, the above settings would
+## present to the user the first 100 of those 1000 revisions, with
+## links to three additional pages (the 200-299th revisions, 300-399th
+## revisions, and 400-499th revisions) plus a link to the 500th
+## revision.  Following these links slides the display "window",
+## showing the requested set of revisions plus links to three
+## additional pages beyond those, and so on.
+##
+#log_pagesextra = 3
+
 ## limit_changes: Maximum number of changed paths shown per commit in
 ## the Subversion revision view and in query results. This is not a
 ## hard limit (the UI provides options to show all changed paths), but
@@ -749,6 +896,14 @@
 ## row_limit: Maximum number of rows returned by a given normal query
 ## to the database.
 ##
+## NOTE: This limits the amount of data provided to ViewVC by the
+## database.  It is from this already-reduced data set that ViewVC
+## builds the query response it presents to the user, which may or may
+## not include still more limiting via the query form's 'limit'
+## parameter.  In other words, there is no value which the user can use
+## in the query form's 'limit' parameter which will cause more data to
+## be returned by the database for ViewVC to process.
+##
 #row_limit = 1000

 ## rss_row_limit: Maximum number of rows returned by a given query to
@@ -756,6 +911,9 @@
 ## that RSS readers tend to poll regularly for new data, you might want
 ## to keep this set to a conservative number.)
 ##
+## See also the `NOTE' for the 'row_limit' option, which applies here
+## as well.
+##
 #rss_row_limit = 100

 ## check_database_for_root: Check if the repository is found in the
@@ -997,3 +1155,30 @@
 #force_username_case = 

 ##---------------------------------------------------------------------------
+[query]
+
+## The configuration items in this section are used exclusively by the
+## 'query' script, a separate script from ViewVC itself that ships
+## with ViewVC and allows for queries into the ViewVC commits
+## database.  If you aren't using this separate script (which was made
+## largely irrelevant by the introduction of an integrated "query"
+## view in ViewVC itself, or aren't using the ViewVC commits database
+## functionality at all, you can ignore these configurations items
+## altogether.
+
+## viewvc_base_url: Base URL at which ViewVC may be accessed on this
+## server.  The default value for this option is determined at
+## run-time by the various front-ends to the query script.
+##
+## Examples:
+## viewvc_base_url = /viewvc.py
+## viewvc_base_url = /viewvc.wsgi
+## viewvc_base_url = /cgi-bin/viewvc
+## viewvc_base_url = viewvc
+##
+## To disable cross-linking between the query script and ViewVC,
+## uncomment this option and leave its value empty.
+##
+#viewvc_base_url =
+
+##---------------------------------------------------------------------------
--- a/docs/template-authoring-guide.html
+++ b/docs/template-authoring-guide.html
@@ -1,6 +1,6 @@
 <html>
 <head>
-<title>ViewVC 1.0 Template Authoring Guide</title>
+<title>ViewVC 1.1 Template Authoring Guide</title>
 <style>
 body {
  background-color: rgb(180,193,205);
@@ -38,13 +38,13 @@ td {
 </head>
 <body>

-<h1>ViewVC 1.0 Template Authoring Guide</h1>
+<h1>ViewVC 1.1 Template Authoring Guide</h1>

 <div class="h2">
 <h2 id="introduction">Introduction</h2>

 <p>This document represents an (unfinished) attempt at providing
-   documentation for how to customize ViewVC 1.0-dev's HTML output via
+   instructions for how to customize ViewVC's HTML output via
   modification of its templates.</p>

 </div>
@@ -802,6 +802,11 @@ td {
  <td>String</td>
  <td>This is a URL for the markup view of the left file.</td>
 </tr>
+<tr class="varlevel1">
+  <td class="varname">patch_href</td>
+  <td>String</td>
+  <td>URL of the patch view for the file.</td>
+</tr>
 <tr class="varlevel1">
  <td class="varname">raw_diff</td>
  <td>String</td>
@@ -1821,6 +1826,14 @@ td {
  <td>Indicates how query results are being sorted. Possible values: 
      <tt>date</tt>, <tt>author</tt>, and <tt>file</tt>.</td>
 </tr>
+<tr class="varlevel1">
+  <td class="varname">row_limit_reached</td>
+  <td>Boolean</td>
+  <td>Indicates whether the internal database row limit threshold (set
+      via the <code>cvsdb.row_limit</code>
+      and <code>cvsdb.rss_row_limit</code> configuration options) was
+      reached by the query.</td>
+</tr>
 <tr class="varlevel1">
  <td class="varname">show_branch</td>
  <td>Boolean</td>
@@ -2144,6 +2157,38 @@ td {
  <td>List</td>
  <td>Set of configured viewable repositories.</td>
 </tr>
+<tr class="varlevel2">
+  <td class="varname">roots.ago</td>
+  <td>String</td>
+  <td>Textual description of the time since <var>roots.date</var>.</td>
+</tr>
+<tr class="varlevel2">
+  <td class="varname">roots.author</td>
+  <td>String</td>
+  <td>Username of the last modifier of the root.</td>
+</tr>
+<tr class="varlevel2">
+  <td class="varname">root.date</td>
+  <td>String</td>
+  <td>Date (in UTC if not otherwise configured) of the last
+      modification of the root.</td>
+</tr>
+<tr class="varlevel2">
+  <td class="varname">roots.href</td>
+  <td>String</td>
+  <td>URL of root directory view for a configured repository.</td>
+</tr>
+<tr class="varlevel2">
+  <td class="varname">roots.log</td>
+  <td>String</td>
+  <td>Log message of last modification to the root.</td>
+</tr>
+<tr class="varlevel2">
+  <td class="varname">roots.log_href</td>
+  <td>String</td>
+  <td>URL of log revision view for the top-most (root) directory of
+    the root (repository).</td>
+</tr>
 <tr class="varlevel2">
  <td class="varname">roots.name</td>
  <td>String</td>
@@ -2157,17 +2202,24 @@ td {
      configuration can have negative security implications.  Use this
      token at your own risk.</td>
 </tr>
+<tr class="varlevel2">
+  <td class="varname">roots.rev</td>
+  <td>String</td>
+  <td>Youngest revision of the root.</td>
+</tr>
+<tr class="varlevel2">
+  <td class="varname">roots.short_log</td>
+  <td>String</td>
+  <td>Log message of last modification to the root, truncated to
+      contain no more than the number of characters specified by
+      the <code>short_log_len</code> configuration option.</td>
+</tr>
 <tr class="varlevel2">
  <td class="varname">roots.type</td>
  <td>String</td>
  <td>Version control type of a configured repository.  Valid
      values: <tt>cvs</tt>, <tt>svn</tt>.</td>
 </tr>
-<tr class="varlevel2">
-  <td class="varname">roots.href</td>
-  <td>String</td>
-  <td>URL of root directory view for a configured repository.</td>
-</tr>
 </tbody>
 </table>

--- a/docs/url-reference.html
+++ b/docs/url-reference.html
@@ -1192,13 +1192,6 @@ th.caption {
        commands to back out changes instead showing a normal query result
        page</td>
  </tr>
-  <tr>
-    <td><code>limit=<var>LIMIT</var></code></td>
-    <td>optional</td>
-    <td>maximum number of file-revisions to process during a
-        query. Default is value of <code>row_limit</code> configuration
-        option</td>
-  </tr>
  <tr>
    <td><code>limit_changes=<var>LIMIT_CHANGES</var></code></td>
    <td>optional</td>
--- a/lib/accept.py
+++ b/lib/accept.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/lib/blame.py
+++ b/lib/blame.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 # Copyright (C) 2000 Curt Hagenlocher <curt@hagenlocher.org>
 #
 # By using this file, you agree to the terms and conditions set forth in
@@ -74,7 +74,8 @@ class HTMLBlameSource:
    self.path_parts = path_parts
    self.diff_url = diff_url
    self.include_url = include_url
-    self.annotation, self.revision = self.repos.annotate(path_parts, opt_rev)
+    self.annotation, self.revision = self.repos.annotate(path_parts, opt_rev,
+                                                         True)

  def __getitem__(self, idx):
    item = self.annotation.__getitem__(idx)
--- a/lib/compat.py
+++ b/lib/compat.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2007 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/lib/config.py
+++ b/lib/config.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -88,6 +88,11 @@ import fnmatch
 #                                           |  vhosts   |
 #                                           |           |
 #                                           `-----------'
+#                                           ,-----------.
+#                                           |           |
+#                                           |   query   |
+#                                           |           |
+#                                           `-----------'
 #
 # ### TODO:  Figure out what this all means for the 'kv' stuff.
 #
@@ -100,12 +105,15 @@ class Config:
    'cvsdb',
    'general',
    'options',
+    'query',
    'templates',
    'utilities',
    )
  _force_multi_value = (
    # Configuration values with multiple, comma-separated values.
    'allowed_views',
+    'binary_mime_types',
+    'custom_log_formatting',
    'cvs_roots',
    'kv_files',
    'languages',
@@ -145,11 +153,11 @@ class Config:
    self.conf_path = os.path.isfile(pathname) and pathname or None
    self.base = os.path.dirname(pathname)
    self.parser = ConfigParser.ConfigParser()
+    self.parser.optionxform = lambda x: x # don't case-normalize option names.
    self.parser.read(self.conf_path or [])
    
    for section in self.parser.sections():
-      if self._is_allowed_section(self.parser, section,
-                                  self._base_sections):
+      if self._is_allowed_section(section, self._base_sections):
        self._process_section(self.parser, section, section)

    if vhost and self.parser.has_section('vhosts'):
@@ -172,6 +180,7 @@ class Config:
      fname = string.replace(fname, '%lang%', language)

      parser = ConfigParser.ConfigParser()
+      parser.optionxform = lambda x: x # don't case-normalize option names.
      parser.read(os.path.join(self.base, fname))
      for section in parser.sections():
        for option in parser.options(section):
@@ -214,7 +223,7 @@ class Config:

      setattr(sc, opt, value)

-  def _is_allowed_section(self, parser, section, allowed_sections):
+  def _is_allowed_section(self, section, allowed_sections):
    """Return 1 iff SECTION is an allowed section, defined as being
    explicitly present in the ALLOWED_SECTIONS list or present in the
    form 'someprefix-*' in that list."""
@@ -227,7 +236,7 @@ class Config:
        return 1
    return 0

-  def _is_allowed_override(self, parser, sectype, secspec, section):
+  def _is_allowed_override(self, sectype, secspec, section):
    """Test if SECTION is an allowed override section for sections of
    type SECTYPE ('vhosts' or 'root', currently) and type-specifier
    SECSPEC (a rootname or vhostname, currently).  If it is, return
@@ -240,7 +249,7 @@ class Config:
    if section[:lcv] != cv:
      return None
    base_section = section[lcv:]
-    if self._is_allowed_section(parser, base_section,
+    if self._is_allowed_section(base_section,
                                self._allowed_overrides[sectype]):
      return base_section
    raise IllegalOverrideSection(sectype, section)
@@ -253,8 +262,7 @@ class Config:

    # Overlay any option sections associated with this vhost name.
    for section in parser.sections():
-      base_section = self._is_allowed_override(parser, 'vhost',
-                                               canon_vhost, section)
+      base_section = self._is_allowed_override('vhost', canon_vhost, section)
      if base_section:
        self._process_section(parser, section, base_section)

@@ -280,8 +288,7 @@ class Config:
      return

    for section in self.parser.sections():
-      base_section = self._is_allowed_override(self.parser, 'root',
-                                               rootname, section)
+      base_section = self._is_allowed_override('root', rootname, section)
      if base_section:
        # We can currently only deal with root overlays happening
        # once, so check that we've not yet done any overlaying of
@@ -322,7 +329,7 @@ class Config:
    assert(self.root_options_overlayed == 0)

    if not self.conf_path:
-      return None
+      return None, {}

    # Figure out the authorizer by searching first for a per-root
    # override, then falling back to the base/vhost configuration.
@@ -393,11 +400,14 @@ class Config:
    self.options.allowed_views = ['annotate', 'diff', 'markup', 'roots']
    self.options.authorizer = None
    self.options.mangle_email_addresses = 0
+    self.options.custom_log_formatting = []
    self.options.default_file_view = "log"
+    self.options.binary_mime_types = []
    self.options.http_expiration_time = 600
    self.options.generate_etags = 1
    self.options.svn_ignore_mimetype = 0
    self.options.svn_config_dir = None
+    self.options.max_filesize_kbytes = 512
    self.options.use_rcsparse = 0
    self.options.sort_by = 'file'
    self.options.sort_group_dirs = 1
@@ -415,10 +425,12 @@ class Config:
    self.options.template_dir = "templates"
    self.options.docroot = None
    self.options.show_subdir_lastmod = 0
+    self.options.show_roots_lastmod = 0
    self.options.show_logs = 1
    self.options.show_log_in_markup = 1
    self.options.cross_copies = 1
    self.options.use_localtime = 0
+    self.options.iso8601_timestamps = 0
    self.options.short_log_len = 80
    self.options.enable_syntax_coloration = 1
    self.options.tabsize = 8
@@ -428,6 +440,7 @@ class Config:
    self.options.use_re_search = 0
    self.options.dir_pagesize = 0
    self.options.log_pagesize = 0
+    self.options.log_pagesextra = 3
    self.options.limit_changes = 100

    self.templates.diff = None
@@ -453,6 +466,8 @@ class Config:
    self.cvsdb.rss_row_limit = 100
    self.cvsdb.check_database_for_root = 0

+    self.query.viewvc_base_url = None
+    
 def _startswith(somestr, substr):
  return somestr[:len(substr)] == substr

--- a/lib/cvsdb.py
+++ b/lib/cvsdb.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -38,13 +38,12 @@ error = "cvsdb error"
 ## complient database interface

 class CheckinDatabase:
-    def __init__(self, host, port, user, passwd, database, row_limit):
+    def __init__(self, host, port, user, passwd, database):
        self._host = host
        self._port = port
        self._user = user
        self._passwd = passwd
        self._database = database
-        self._row_limit = row_limit
        self._version = None

        ## database lookup caches
@@ -169,6 +168,9 @@ class CheckinDatabase:

        return list

+    def GetCommitsTable(self):
+        return self._version >= 1 and 'commits' or 'checkins'
+        
    def GetTableList(self):
        sql = "SHOW TABLES"
        cursor = self.db.cursor()
@@ -309,8 +311,7 @@ class CheckinDatabase:
        minus_count = commit.GetMinusCount() or '0'
        description_id = self.GetDescriptionID(commit.GetDescription())

-        commits_table = self._version >= 1 and 'commits' or 'checkins'
-        sql = "REPLACE INTO %s" % (commits_table)
+        sql = "REPLACE INTO %s" % (self.GetCommitsTable())
        sql = sql + \
              "  (type,ci_when,whoid,repositoryid,dirid,fileid,revision,"\
              "   stickytag,branchid,addedlines,removedlines,descid)"\
@@ -351,9 +352,17 @@ class CheckinDatabase:
                match = " LIKE "
            elif query_entry.match == "glob":
                match = " REGEXP "
-                # use fnmatch to translate the glob into a regexp
+                # Use fnmatch to translate the glob into a regular
+                # expression.  Sadly, we have to account for the fact
+                # that in Python 2.6, fnmatch.translate() started
+                # sticking '\Z(?ms)' at the end of the regular
+                # expression instead of just '$', and doesn't prepend
+                # the '^'.
                data = fnmatch.translate(data)
-                if data[0] != '^': data = '^' + data
+                if data[0] != '^':
+                    data = '^' + data
+                if data[-7:] == '\Z(?ms)':
+                    data = data[:-7] + '$'
            elif query_entry.match == "regex":
                match = " REGEXP "
            elif query_entry.match == "notregex":
@@ -363,8 +372,8 @@ class CheckinDatabase:

        return "(%s)" % (string.join(sqlList, " OR "))

-    def CreateSQLQueryString(self, query):
-        commits_table = self._version >= 1 and 'commits' or 'checkins'
+    def CreateSQLQueryString(self, query, detect_leftover=0):
+        commits_table = self.GetCommitsTable()
        tableList = [(commits_table, None)]
        condList = []

@@ -444,13 +453,14 @@ class CheckinDatabase:
        conditions = string.join(joinConds + condList, " AND ")
        conditions = conditions and "WHERE %s" % conditions

-        ## limit the number of rows requested or we could really slam
-        ## a server with a large database
+        ## apply the query's row limit, if any (so we avoid really
+        ## slamming a server with a large database)
        limit = ""
        if query.limit:
-            limit = "LIMIT %s" % (str(query.limit))
-        elif self._row_limit:
-            limit = "LIMIT %s" % (str(self._row_limit))
+            if detect_leftover:
+                limit = "LIMIT %s" % (str(query.limit + 1))
+            else:
+                limit = "LIMIT %s" % (str(query.limit))

        sql = "SELECT %s.* FROM %s %s %s %s" \
              % (commits_table, tables, conditions, order_by, limit)
@@ -458,14 +468,20 @@ class CheckinDatabase:
        return sql
    
    def RunQuery(self, query):
-        sql = self.CreateSQLQueryString(query)
+        sql = self.CreateSQLQueryString(query, 1)
        cursor = self.db.cursor()
        cursor.execute(sql)
+        query.SetExecuted()
+        row_count = 0
        
        while 1:
            row = cursor.fetchone()
            if not row:
                break
+            row_count = row_count + 1
+            if query.limit and (row_count > query.limit):
+                query.SetLimitReached()
+                break
            
            (dbType, dbCI_When, dbAuthorID, dbRepositoryID, dbDirID,
             dbFileID, dbRevision, dbStickyTag, dbBranchID, dbAddedLines,
@@ -504,13 +520,15 @@ class CheckinDatabase:
        if file_id == None:
            return None

-        commits_table = self._version >= 1 and 'commits' or 'checkins'
-        sql = "SELECT * FROM %s WHERE "\
+        sql = "SELECT type, ci_when, whoid, repositoryid, dirid, fileid, " \
+              "revision, stickytag, branchid, addedlines, removedlines, " \
+              "descid "\
+              "  FROM %s WHERE "\
              "  repositoryid=%%s "\
              "  AND dirid=%%s"\
              "  AND fileid=%%s"\
              "  AND revision=%%s"\
-              % (commits_table)
+              % (self.GetCommitsTable())
        sql_args = (repository_id, dir_id, file_id, commit.GetRevision())

        cursor = self.db.cursor()
@@ -527,10 +545,9 @@ class CheckinDatabase:
    def sql_delete(self, table, key, value, keep_fkey = None):
        sql = "DELETE FROM %s WHERE %s=%%s" % (table, key)
        sql_args = (value, )
-        commits_table = self._version >= 1 and 'commits' or 'checkins'
        if keep_fkey:
            sql += " AND %s NOT IN (SELECT %s FROM %s WHERE %s = %%s)" \
-                   % (key, keep_fkey, commits_table, keep_fkey)
+                   % (key, keep_fkey, self.GetCommitsTable(), keep_fkey)
            sql_args = (value, value)
        cursor = self.db.cursor()
        cursor.execute(sql, sql_args)
@@ -556,7 +573,10 @@ class CheckinDatabase:
            self.sql_purge('descs', 'id', 'descid', 'commits')
            self.sql_purge('people', 'id', 'whoid', 'commits')
        else:
-            sql = "SELECT * FROM checkins WHERE repositoryid=%s"
+            sql = "SELECT type, ci_when, whoid, repositoryid, dirid, " \
+                  "fileid, revision, stickytag, branchid, addedlines, " \
+                  "removedlines, descid "\
+                  "  FROM checkins WHERE repositoryid=%s"
            sql_args = (rep_id, )
            cursor = self.db.cursor()
            cursor.execute(sql, sql_args)
@@ -769,8 +789,9 @@ class QueryEntry:
        self.data = data
        self.match = match

-## CheckinDatabaseQueryData is a object which contains the search parameters
-## for a query to the CheckinDatabase
+## CheckinDatabaseQuery is an object which contains the search
+## parameters for a query to the Checkin Database and -- after the
+## query is executed -- the data returned by the query.
 class CheckinDatabaseQuery:
    def __init__(self):
        ## sorting
@@ -790,7 +811,8 @@ class CheckinDatabaseQuery:

        ## limit on number of rows to return
        self.limit = None
-
+        self.limit_reached = 0
+        
        ## list of commits -- filled in by CVS query
        self.commit_list = []

@@ -798,6 +820,9 @@ class CheckinDatabaseQuery:
        ## are added
        self.commit_cb = None

+        ## has this query been run?
+        self.executed = 0
+
    def SetRepository(self, repository, match = "exact"):
        self.repository_list.append(QueryEntry(repository, match))

@@ -843,6 +868,20 @@ class CheckinDatabaseQuery:
    def AddCommit(self, commit):
        self.commit_list.append(commit)

+    def SetExecuted(self):
+        self.executed = 1
+
+    def SetLimitReached(self):
+        self.limit_reached = 1
+
+    def GetLimitReached(self):
+        assert self.executed
+        return self.limit_reached
+
+    def GetCommitList(self):
+        assert self.executed
+        return self.commit_list
+        

 ##
 ## entrypoints
@@ -861,7 +900,7 @@ def ConnectDatabase(cfg, readonly=0):
        user = cfg.cvsdb.user
        passwd = cfg.cvsdb.passwd
    db = CheckinDatabase(cfg.cvsdb.host, cfg.cvsdb.port, user, passwd,
-                         cfg.cvsdb.database_name, cfg.cvsdb.row_limit)
+                         cfg.cvsdb.database_name)
    db.Connect()
    return db

--- a/lib/dbi.py
+++ b/lib/dbi.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/lib/debug.py
+++ b/lib/debug.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/lib/ezt.py
+++ b/lib/ezt.py
@@ -347,7 +347,7 @@ class Template:
      for_names = [ ]

    if base_format:
-      program.append((self._cmd_format, _printers[base_format]))
+      program.append((self._cmd_format, _formatters[base_format]))

    for i in range(len(parts)):
      piece = parts[i]
@@ -405,13 +405,13 @@ class Template:
          elif cmd == 'format':
            if args[1][0]:
              # argument is a variable reference
-              printer = args[1]
+              formatter = args[1]
            else:
-              # argument is a string constant referring to built-in printer
-              printer = _printers.get(args[1][1])
-              if not printer:
+              # argument is a string constant referring to built-in formatter
+              formatter = _formatters.get(args[1][1])
+              if not formatter:
                raise UnknownFormatConstantError(str(args[1:]))
-            program.append((self._cmd_format, printer))
+            program.append((self._cmd_format, formatter))

          # remember the cmd, current pos, args, and a section placeholder
          stack.append([cmd, len(program), args[1:], None])
@@ -465,13 +465,13 @@ class Template:
    except TypeError:
      raise Exception("Unprintable value type for '%s'" % (str(valrefs[0][0])))

-  def _cmd_format(self, printer, ctx):
-    if type(printer) is TupleType:
-      printer = _get_value(printer, ctx)
-    ctx.printers.append(printer)
+  def _cmd_format(self, formatter, ctx):
+    if type(formatter) is TupleType:
+      formatter = _get_value(formatter, ctx)
+    ctx.formatters.append(formatter)

  def _cmd_end_format(self, valref, ctx):
-    ctx.printers.pop()
+    ctx.formatters.pop()

  def _cmd_include(self, (valref, reader), ctx):
    fname = _get_value(valref, ctx)
@@ -637,14 +637,23 @@ def _get_value((refname, start, rest), ctx):
  # string or a sequence
  return ob

+def _print_formatted(formatters, ctx, chunk):
+  # print chunk to ctx.fp after running it sequentially through formatters
+  for formatter in formatters:
+    chunk = formatter(chunk)
+  ctx.fp.write(chunk)
+  
 def _write_value(value, args, ctx):
  # value is a callback function, generates its own output
  if callable(value):
    apply(value, [ctx] + list(args))
    return

-  # pop printer in case it recursively calls _write_value
-  printer = ctx.printers.pop()
+  # squirrel away formatters in case one of them recursively calls
+  # _write_value() -- we'll use them (in reverse order) to format our
+  # output.
+  formatters = ctx.formatters[:]
+  formatters.reverse()

  try:
    # if the value has a 'read' attribute, then it is a stream: copy it
@@ -653,7 +662,7 @@ def _write_value(value, args, ctx):
        chunk = value.read(16384)
        if not chunk:
          break
-        printer(ctx, chunk)
+        _print_formatted(formatters, ctx, chunk)

    # value is a substitution pattern
    elif args:
@@ -666,14 +675,16 @@ def _write_value(value, args, ctx):
            piece = args[idx]
          else:
            piece = '<undef>'
-        printer(ctx, piece)
+        _print_formatted(formatters, ctx, piece)

    # plain old value, write to output
    else:
-      printer(ctx, value)
+      _print_formatted(formatters, ctx, value)

  finally:
-    ctx.printers.append(printer)
+    # restore our formatters
+    formatters.reverse()
+    ctx.formatters = formatters


 class TemplateData:
@@ -715,7 +726,7 @@ class Context:
  """A container for the execution context"""
  def __init__(self, fp):
    self.fp = fp
-    self.printers = []
+    self.formatters = []
  def write(self, value, args=()):
    _write_value(value, args, self)

@@ -828,20 +839,26 @@ class BaseUnavailableError(EZTException):
 class UnknownFormatConstantError(EZTException):
  """The format specifier is an unknown value."""

-def _raw_printer(ctx, s):
-  ctx.fp.write(s)
-  
-def _html_printer(ctx, s):
-  ctx.fp.write(cgi.escape(s))
+def _raw_formatter(s):
+  return s

-def _uri_printer(ctx, s):
-  ctx.fp.write(urllib.quote(s))
+def _html_formatter(s):
+  return cgi.escape(s)

-_printers = {
-  FORMAT_RAW  : _raw_printer,
-  FORMAT_HTML : _html_printer,
-  FORMAT_XML  : _html_printer,
-  FORMAT_URI  : _uri_printer,
+def _xml_formatter(s):
+  s = s.replace('&', '&#x26;')
+  s = s.replace('<', '&#x3C;')
+  s = s.replace('>', '&#x3E;')
+  return s
+
+def _uri_formatter(s):
+  return urllib.quote(s)
+
+_formatters = {
+  FORMAT_RAW  : _raw_formatter,
+  FORMAT_HTML : _html_formatter,
+  FORMAT_XML  : _xml_formatter,
+  FORMAT_URI  : _uri_formatter,
 }

 # --- standard test environment ---
--- a/lib/idiff.py
+++ b/lib/idiff.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/lib/popen.py
+++ b/lib/popen.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/lib/query.py
+++ b/lib/query.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -217,8 +217,9 @@ def decode_command(cmd):
    else:
        return "exact"

-def form_to_cvsdb_query(form_data):
+def form_to_cvsdb_query(cfg, form_data):
    query = cvsdb.CreateCheckinQuery()
+    query.SetLimit(cfg.cvsdb.row_limit)

    if form_data.repository:
        for cmd, str in listparse_string(form_data.repository):
@@ -312,11 +313,7 @@ def is_forbidden(cfg, cvsroot_name, module):
    
 def build_commit(server, cfg, desc, files, cvsroots, viewvc_link):
    ob = _item(num_files=len(files), files=[])
-    
-    if desc:
-        ob.log = string.replace(server.escape(desc), '\n', '<br />')
-    else:
-        ob.log = '&nbsp;'
+    ob.log = desc and string.replace(server.escape(desc), '\n', '<br />') or ''

    for commit in files:
        repository = commit.GetRepository()
@@ -350,9 +347,10 @@ def build_commit(server, cfg, desc, files, cvsroots, viewvc_link):
        except:
            raise Exception, str([directory, commit.GetFile()])

-        ## if we couldn't find the cvsroot path configured in the 
-        ## viewvc.conf file, then don't make the link
-        if cvsroot_name:
+        ## If we couldn't find the cvsroot path configured in the
+        ## viewvc.conf file, or we don't have a VIEWVC_LINK, then
+        ## don't make the link.
+        if cvsroot_name and viewvc_link:
            flink = '[%s] <a href="%s/%s?root=%s">%s</a>' % (
                    cvsroot_name, viewvc_link, urllib.quote(file),
                    cvsroot_name, file)
@@ -380,12 +378,15 @@ def build_commit(server, cfg, desc, files, cvsroots, viewvc_link):
    return ob

 def run_query(server, cfg, form_data, viewvc_link):
-    query = form_to_cvsdb_query(form_data)
+    query = form_to_cvsdb_query(cfg, form_data)
    db = cvsdb.ConnectDatabaseReadOnly(cfg)
    db.RunQuery(query)

-    if not query.commit_list:
-        return [ ]
+    commit_list = query.GetCommitList()
+    if not commit_list:
+        return [ ], 0
+
+    row_limit_reached = query.GetLimitReached()

    commits = [ ]
    files = [ ]
@@ -396,8 +397,8 @@ def run_query(server, cfg, form_data, viewvc_link):
    for key, value in rootitems:
        cvsroots[cvsdb.CleanRepository(value)] = key

-    current_desc = query.commit_list[0].GetDescription()
-    for commit in query.commit_list:
+    current_desc = commit_list[0].GetDescription()
+    for commit in commit_list:
        desc = commit.GetDescription()
        if current_desc == desc:
            files.append(commit)
@@ -420,7 +421,7 @@ def run_query(server, cfg, form_data, viewvc_link):
        return len(commit.files) > 0
    commits = filter(_only_with_files, commits)
  
-    return commits
+    return commits, row_limit_reached

 def main(server, cfg, viewvc_link):
  try:
@@ -429,12 +430,18 @@ def main(server, cfg, viewvc_link):
    form_data = FormData(form)

    if form_data.valid:
-        commits = run_query(server, cfg, form_data, viewvc_link)
+        commits, row_limit_reached = run_query(server, cfg,
+                                               form_data, viewvc_link)
        query = None
    else:
        commits = [ ]
+        row_limit_reached = 0
        query = 'skipped'

+    docroot = cfg.options.docroot
+    if docroot is None and viewvc_link:
+        docroot = viewvc_link + '/' + viewvc.docroot_magic_path
+        
    data = ezt.TemplateData({
      'cfg' : cfg,
      'address' : cfg.general.address,
@@ -444,14 +451,11 @@ def main(server, cfg, viewvc_link):
      'directory' : server.escape(form_data.directory),
      'file' : server.escape(form_data.file),
      'who' : server.escape(form_data.who),
-      'docroot' : cfg.options.docroot is None \
-                  and viewvc_link + '/' + viewvc.docroot_magic_path \
-                  or cfg.options.docroot,
-
+      'docroot' : docroot,
      'sortby' : form_data.sortby,
      'date' : form_data.date,
-
      'query' : query,
+      'row_limit_reached' : ezt.boolean(row_limit_reached),
      'commits' : commits,
      'num_commits' : len(commits),
      'rss_href' : None,
--- a/lib/sapi.py
+++ b/lib/sapi.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -23,8 +23,8 @@ import re
 import cgi


-# global server object. It will be either a CgiServer or a proxy to
-# an AspServer or ModPythonServer object.
+# global server object. It will be either a CgiServer, a WsgiServer,
+# or a proxy to an AspServer or ModPythonServer object.
 server = None


@@ -33,6 +33,7 @@ server = None
 # that character as-is, and sometimes needs to embed escaped values
 # into HTML attributes.
 def escape(s):
+  s = str(s)
  s = string.replace(s, '&', '&amp;')
  s = string.replace(s, '>', '&gt;')
  s = string.replace(s, '<', '&lt;')
@@ -185,7 +186,7 @@ class CgiServer(Server):
  def FieldStorage(fp=None, headers=None, outerboundary="",
                 environ=os.environ, keep_blank_values=0, strict_parsing=0):
    return cgi.FieldStorage(fp, headers, outerboundary, environ,
-      keep_blank_values, strict_parsing)
+                            keep_blank_values, strict_parsing)

  def write(self, s):
    sys.stdout.write(s)
@@ -197,6 +198,63 @@ class CgiServer(Server):
    return sys.stdout


+class WsgiServer(Server):
+  def __init__(self, environ, start_response):
+    Server.__init__(self)
+
+    self._environ = environ
+    self._start_response = start_response;
+    self._headers = []
+    self._wsgi_write = None
+    self.headerSent = False
+
+    global server
+    server = self
+
+    global cgi
+    import cgi
+
+  def addheader(self, name, value):
+    self._headers.append((name, value))
+
+  def header(self, content_type='text/html; charset=UTF-8', status=None):
+    if not status:
+      status = "200 OK"
+    if not self.headerSent:
+      self.headerSent = True
+      self._headers.insert(0, ("Content-Type", content_type),)
+      self._wsgi_write = self._start_response("%s" % status, self._headers)
+
+  def redirect(self, url):
+    """Redirect client to url. This discards any data that has been queued
+    to be sent to the user. But there should never by any anyway.
+    """
+    self.addheader('Location', url)
+    self.header(status='301 Moved')
+    self._wsgi_write('This document is located <a href="%s">here</a>.' % url)
+
+  def getenv(self, name, value=None):
+    return self._environ.get(name, value)
+
+  def params(self):
+    return cgi.parse(environ=self._environ, fp=self._environ["wsgi.input"])
+
+  def FieldStorage(self, fp=None, headers=None, outerboundary="",
+                   environ=os.environ, keep_blank_values=0, strict_parsing=0):
+    return cgi.FieldStorage(self._environ["wsgi.input"], headers,
+                            outerboundary, self._environ, keep_blank_values,
+                            strict_parsing)
+
+  def write(self, s):
+    self._wsgi_write(s)
+
+  def flush(self):
+    pass
+
+  def file(self):
+    return File(self)
+
+
 class AspServer(ThreadedServer):
  def __init__(self, Server, Request, Response, Application):
    ThreadedServer.__init__(self)
--- a/lib/vcauth/init.py
+++ b/lib/vcauth/init.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 2006-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 2006-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -29,7 +29,15 @@ class GenericViewVCAuthorizer:
  def check_root_access(self, rootname):
    """Return 1 iff the associated username is permitted to read ROOTNAME."""
    pass
-  
+
+  def check_universal_access(self, rootname):
+    """Return 1 if the associated username is permitted to read every
+    path in the repository at every revision, 0 if the associated
+    username is prohibited from reading any path in the repository, or
+    None if no such determination can be made (perhaps because the
+    cost of making it is too great)."""
+    pass
+    
  def check_path_access(self, rootname, path_parts, pathtype, rev=None):
    """Return 1 iff the associated username is permitted to read
    revision REV of the path PATH_PARTS (of type PATHTYPE) in
@@ -44,6 +52,9 @@ class ViewVCAuthorizer(GenericViewVCAuthorizer):
  """The uber-permissive authorizer."""
  def check_root_access(self, rootname):
    return 1
+
+  def check_universal_access(self, rootname):
+    return 1
    
  def check_path_access(self, rootname, path_parts, pathtype, rev=None):
    return 1
--- a/lib/vcauth/forbidden/init.py
+++ b/lib/vcauth/forbidden/init.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 2006-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 2006-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -23,7 +23,14 @@ class ViewVCAuthorizer(vcauth.GenericViewVCAuthorizer):

  def check_root_access(self, rootname):
    return 1
-  
+
+  def check_universal_access(self, rootname):
+    # If there aren't any forbidden paths, we can grant universal read
+    # access.  Otherwise, we make no claim.
+    if not self.forbidden:
+      return 1
+    return None
+    
  def check_path_access(self, rootname, path_parts, pathtype, rev=None):
    # No path?  No problem.
    if not path_parts:
--- a/lib/vcauth/forbiddenre/init.py
+++ b/lib/vcauth/forbiddenre/init.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 2008-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -46,6 +46,13 @@ class ViewVCAuthorizer(vcauth.GenericViewVCAuthorizer):
  def check_root_access(self, rootname):
    return self._check_root_path_access(rootname)
  
+  def check_universal_access(self, rootname):
+    # If there aren't any forbidden regexps, we can grant universal
+    # read access.  Otherwise, we make no claim.
+    if not self.forbidden:
+      return 1
+    return None
+    
  def check_path_access(self, rootname, path_parts, pathtype, rev=None):
    root_path = rootname
    if path_parts:
--- a/lib/vcauth/svnauthz/init.py
+++ b/lib/vcauth/svnauthz/init.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 2006-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 2006-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -34,9 +34,9 @@ class ViewVCAuthorizer(vcauth.GenericViewVCAuthorizer):
    # See if the admin wants us to do case normalization of usernames.
    self.force_username_case = params.get('force_username_case')
    if self.force_username_case == "upper":
-      self.username = username.upper()
+      self.username = username and string.upper(username) or username
    elif self.force_username_case == "lower":
-      self.username = username.lower()
+      self.username = username and string.lower(username) or username
    elif not self.force_username_case:
      self.username = username
    else:
@@ -54,7 +54,10 @@ class ViewVCAuthorizer(vcauth.GenericViewVCAuthorizer):
    # option names.
    cp = ConfigParser()
    cp.optionxform = lambda x: x
-    cp.read(self.authz_file)
+    try:
+      cp.read(self.authz_file)
+    except:
+      raise debug.ViewVCException("Unable to parse configured authzfile file")

    # Figure out if there are any aliases for the current username
    aliases = []
@@ -221,6 +224,36 @@ class ViewVCAuthorizer(vcauth.GenericViewVCAuthorizer):
    paths = self._get_paths_for_root(rootname)
    return (paths is not None) and 1 or 0
  
+  def check_universal_access(self, rootname):
+    paths = self._get_paths_for_root(rootname)
+    if not paths: # None or empty.
+      return 0
+
+    # Search the access determinations.  If there's a mix, we can't
+    # claim a universal access determination.
+    found_allow = 0
+    found_deny = 0
+    for access in paths.values():
+      if access:
+        found_allow = 1
+      else:
+        found_deny = 1
+      if found_allow and found_deny:
+        return None
+
+    # We didn't find both allowances and denials, so we must have
+    # found one or the other.  Denials only is a universal denial.
+    if found_deny:
+      return 0
+
+    # ... but allowances only is only a universal allowance if read
+    # access is granted to the root directory.
+    if found_allow and paths.has_key('/'):
+      return 1
+
+    # Anything else is indeterminable.
+    return None
+    
  def check_path_access(self, rootname, path_parts, pathtype, rev=None):
    # Crawl upward from the path represented by PATH_PARTS toward to
    # the root of the repository, looking for an explicitly grant or
--- a/lib/vclib/init.py
+++ b/lib/vclib/init.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -76,7 +76,7 @@ class Repository:
    """
    pass

-  def openfile(self, path_parts, rev):
+  def openfile(self, path_parts, rev, options):
    """Open a file object to read file contents at a given path and revision.

    The return value is a 2-tuple of containg the file object and revision
@@ -86,6 +86,8 @@ class Repository:
    of the repository. e.g. ["subdir1", "subdir2", "filename"]

    rev is the revision of the file to check out
+
+    options is a dictionary of implementation specific options
    """

  def listdir(self, path_parts, rev, options):
@@ -168,20 +170,29 @@ class Repository:
    Return value is a python file object
    """

-  def annotate(self, path_parts, rev):
-    """Return a list of annotate file content lines and a revision.
+  def annotate(self, path_parts, rev, include_text=False):
+    """Return a list of Annotation object, sorted by their
+    "line_number" components, which describe the lines of given
+    version of a file.

-    The result is a list of Annotation objects, sorted by their
-    line_number components.
-    """
+    The file path is specified as a list of components, relative to
+    the root of the repository. e.g. ["subdir1", "subdir2", "filename"]
+
+    rev is the revision of the item to return information about.
+    
+    If include_text is true, populate the Annotation objects' "text"
+    members with the corresponding line of file content; otherwise,
+    leave that member set to None."""

  def revinfo(self, rev):
    """Return information about a global revision

    rev is the revision of the item to return information about
    
-    Return value is a 4-tuple containing the date, author, log
-    message, and a list of ChangedPath items representing paths changed
+    Return value is a 5-tuple containing: the date, author, log
+    message, a list of ChangedPath items representing paths changed,
+    and a dictionary mapping property names to property values for
+    properties stored on an item.

    Raise vclib.UnsupportedFeature if the version control system
    doesn't support a global revision concept.
@@ -196,7 +207,21 @@ class Repository:

    rev is the revision of the item to return information about
    """
+
+  def filesize(self, path_parts, rev):
+    """Return the size of a versioned file's contents if it can be
+    obtained without a brute force measurement; -1 otherwise.
+
+    NOTE: Callers that require a filesize answer when this function
+    returns -1 may obtain it by measuring the data returned via
+    openfile().
    
+    The path is specified as a list of components, relative to the root
+    of the repository. e.g. ["subdir1", "subdir2", "filename"]
+
+    rev is the revision of the item to return information about
+    """
+
    
 # ======================================================================
 class DirEntry:
--- a/lib/vclib/ccvs/init.py
+++ b/lib/vclib/ccvs/init.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -14,6 +14,7 @@ import os.path


 def canonicalize_rootpath(rootpath):
+  assert os.path.isabs(rootpath)
  return os.path.normpath(rootpath)


@@ -22,6 +23,7 @@ def expand_root_parent(parent_path):
  # "CVSROOT/config" is added the set of returned roots.  Or, if the
  # PARENT_PATH itself contains a child "CVSROOT/config", then all its
  # subdirectories are returned as roots.
+  assert os.path.isabs(parent_path)
  roots = {}
  subpaths = os.listdir(parent_path)
  cvsroot = os.path.exists(os.path.join(parent_path, "CVSROOT", "config"))
@@ -33,6 +35,23 @@ def expand_root_parent(parent_path):
  return roots


+def find_root_in_parent(parent_path, rootname):
+  """Search PARENT_PATH for a root named ROOTNAME, returning the
+  canonicalized ROOTPATH of the root if found; return None if no such
+  root is found."""
+
+  assert os.path.isabs(parent_path)
+  # Is PARENT_PATH itself a CVS repository?  If so, we allow ROOTNAME
+  # to be any subdir within it.  Otherwise, we expect
+  # PARENT_PATH/ROOTNAME to be a CVS repository.
+  rootpath = os.path.join(parent_path, rootname)
+  if os.path.exists(os.path.join(parent_path, "CVSROOT", "config")):
+    return canonicalize_rootpath(rootpath)
+  if os.path.exists(os.path.join(rootpath, "CVSROOT", "config")):
+    return canonicalize_rootpath(rootpath)
+  return None
+
+
 def CVSRepository(name, rootpath, authorizer, utilities, use_rcsparse):
  rootpath = canonicalize_rootpath(rootpath)
  if use_rcsparse:
--- a/lib/vclib/ccvs/bincvs.py
+++ b/lib/vclib/ccvs/bincvs.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -40,6 +40,11 @@ class BaseCVSRepository(vclib.Repository):
    if not vclib.check_root_access(self):
      raise vclib.ReposNotFound(name)

+  def open(self):
+    # See if a universal read access determination can be made.
+    if self.auth and self.auth.check_universal_access(self.name) == 1:
+      self.auth = None
+
  def rootname(self):
    return self.name

@@ -144,6 +149,11 @@ class BaseCVSRepository(vclib.Repository):
                        % (string.join(path_parts, "/")))
    rcsfile = self.rcsfile(path_parts, 1)
    return os.access(rcsfile, os.X_OK)
+  
+  def filesize(self, path_parts, rev):
+    if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
+      raise vclib.Error("Path '%s' is not a file." % (_path_join(path_parts)))
+    return -1


 class BinCVSRepository(BaseCVSRepository):
@@ -162,7 +172,14 @@ class BinCVSRepository(BaseCVSRepository):
      return revs[-1]
    return None

-  def openfile(self, path_parts, rev):
+  def openfile(self, path_parts, rev, options):
+    """see vclib.Repository.openfile docstring
+
+    Option values recognized by this implementation:
+
+      cvs_oldkeywords
+        boolean. true to use the original keyword substitution values.
+    """
    if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
      raise vclib.Error("Path '%s' is not a file."
                        % (string.join(path_parts, "/")))
@@ -170,12 +187,14 @@ class BinCVSRepository(BaseCVSRepository):
      rev_flag = '-p'
    else:
      rev_flag = '-p' + rev
+    if options.get('cvs_oldkeywords', 0):
+      kv_flag = '-ko'
+    else:
+      kv_flag = '-kkv'
    full_name = self.rcsfile(path_parts, root=1, v=0)
-
    used_rlog = 0
    tip_rev = None  # used only if we have to fallback to using rlog
-
-    fp = self.rcs_popen('co', (rev_flag, full_name), 'rb') 
+    fp = self.rcs_popen('co', (kv_flag, rev_flag, full_name), 'rb') 
    try:
      filename, revision = _parse_co_header(fp)
    except COMissingRevision:
@@ -318,13 +337,13 @@ class BinCVSRepository(BaseCVSRepository):
      args = rcs_args
    return popen.popen(cmd, args, mode, capture_err)

-  def annotate(self, path_parts, rev=None):
+  def annotate(self, path_parts, rev=None, include_text=False):
    if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
      raise vclib.Error("Path '%s' is not a file."
                        % (string.join(path_parts, "/")))
                        
    from vclib.ccvs import blame
-    source = blame.BlameSource(self.rcsfile(path_parts, 1), rev)
+    source = blame.BlameSource(self.rcsfile(path_parts, 1), rev, include_text)
    return source, source.revision

  def revinfo(self, rev):
@@ -1022,16 +1041,16 @@ def _get_logs(repos, dir_path_parts, entries, view_tag, get_dirs):
        file.errors.append("rlog error: %s" % msg)
        continue

+      tag = None
      if view_tag == 'MAIN' or view_tag == 'HEAD':
        tag = Tag(None, default_branch)
      elif taginfo.has_key(view_tag):
        tag = Tag(None, taginfo[view_tag])
-      elif view_tag:
-        # the tag wasn't found, so skip this file
+      elif view_tag and (eof != _EOF_FILE):
+        # the tag wasn't found, so skip this file (unless we already
+        # know there's nothing left of it to read)
        _skip_file(rlog)
-        eof = 1
-      else:
-        tag = None
+        eof = _EOF_FILE

      # we don't care about the specific values -- just the keys and whether
      # the values point to branches or revisions. this the fastest way to 
--- a/lib/vclib/ccvs/blame.py
+++ b/lib/vclib/ccvs/blame.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 # Copyright (C) 2000 Curt Hagenlocher <curt@hagenlocher.org>
 #
 # By using this file, you agree to the terms and conditions set forth in
@@ -414,7 +414,7 @@ class CVSParser(rcsparse.Sink):


 class BlameSource:
-  def __init__(self, rcs_file, opt_rev=None):
+  def __init__(self, rcs_file, opt_rev=None, include_text=False):
    # Parse the CVS file
    parser = CVSParser()
    revision = parser.parse_cvs_file(rcs_file, opt_rev)
@@ -428,6 +428,7 @@ class BlameSource:
    self.lines = lines
    self.num_lines = count
    self.parser = parser
+    self.include_text = include_text

    # keep track of where we are during an iteration
    self.idx = -1
@@ -447,6 +448,8 @@ class BlameSource:
    line_number = idx + 1
    author = self.parser.revision_author[rev]
    thisline = self.lines[idx]
+    if not self.include_text:
+      thisline = None
    ### TODO:  Put a real date in here.
    item = vclib.Annotation(thisline, line_number, rev, prev_rev, author, None)
    self.last = item
--- a/lib/vclib/ccvs/ccvs.py
+++ b/lib/vclib/ccvs/ccvs.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -127,9 +127,9 @@ class CCVSRepository(BaseCVSRepository):
                        % (string.join(path_parts2, "/")))
    
    temp1 = tempfile.mktemp()
-    open(temp1, 'wb').write(self.openfile(path_parts1, rev1)[0].getvalue())
+    open(temp1, 'wb').write(self.openfile(path_parts1, rev1, {})[0].getvalue())
    temp2 = tempfile.mktemp()
-    open(temp2, 'wb').write(self.openfile(path_parts2, rev2)[0].getvalue())
+    open(temp2, 'wb').write(self.openfile(path_parts2, rev2, {})[0].getvalue())

    r1 = self.itemlog(path_parts1, rev1, vclib.SORTBY_DEFAULT, 0, 0, {})[-1]
    r2 = self.itemlog(path_parts2, rev2, vclib.SORTBY_DEFAULT, 0, 0, {})[-1]
@@ -142,17 +142,17 @@ class CCVSRepository(BaseCVSRepository):
    return vclib._diff_fp(temp1, temp2, info1, info2,
                          self.utilities.diff or 'diff', diff_args)

-  def annotate(self, path_parts, rev=None):
+  def annotate(self, path_parts, rev=None, include_text=False):
    if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
      raise vclib.Error("Path '%s' is not a file."
                        % (string.join(path_parts, "/")))
-    source = blame.BlameSource(self.rcsfile(path_parts, 1), rev)
+    source = blame.BlameSource(self.rcsfile(path_parts, 1), rev, include_text)
    return source, source.revision

  def revinfo(self, rev):
    raise vclib.UnsupportedFeature

-  def openfile(self, path_parts, rev=None):
+  def openfile(self, path_parts, rev, options):
    if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
      raise vclib.Error("Path '%s' is not a file."
                        % (string.join(path_parts, "/")))
@@ -200,6 +200,7 @@ class InfoSink(MatchingSink):
    self.matching_rev = None
    self.perfect_match = 0
    self.lockinfo = { }
+    self.saw_revision = False

  def define_tag(self, name, revision):
    MatchingSink.define_tag(self, name, revision)
@@ -213,10 +214,17 @@ class InfoSink(MatchingSink):
        self.entry.absent = 1
      raise rcsparse.RCSStopParser

+  def parse_completed(self):
+    if not self.saw_revision:
+      #self.entry.errors.append("No revisions exist on %s" % (view_tag or "MAIN"))
+      self.entry.absent = 1
+    
  def set_locker(self, rev, locker):
    self.lockinfo[rev] = locker
    
  def define_revision(self, revision, date, author, state, branches, next):
+    self.saw_revision = True
+    
    if self.perfect_match:
      return

@@ -224,14 +232,18 @@ class InfoSink(MatchingSink):
    rev = Revision(revision, date, author, state == "dead")
    rev.lockinfo = self.lockinfo.get(revision)
    
-    # perfect match if revision number matches tag number or if revision is on
-    # trunk and tag points to trunk. imperfect match if tag refers to a branch
-    # and this revision is the highest revision so far found on that branch
+    # perfect match if revision number matches tag number or if
+    # revision is on trunk and tag points to trunk.  imperfect match
+    # if tag refers to a branch and either a) this revision is the
+    # highest revision so far found on that branch, or b) this
+    # revision is the branchpoint.
    perfect = ((rev.number == tag.number) or
               (not tag.number and len(rev.number) == 2))
-    if perfect or (tag.is_branch and tag.number == rev.number[:-1] and
-                   (not self.matching_rev or
-                    rev.number > self.matching_rev.number)):
+    if perfect or (tag.is_branch and \
+                   ((tag.number == rev.number[:-1] and
+                     (not self.matching_rev or
+                      rev.number > self.matching_rev.number)) or
+                    (rev.number == tag.number[:-1]))):
      self.matching_rev = rev
      self.perfect_match = perfect

--- a/lib/vclib/ccvs/rcsparse/init.py
+++ b/lib/vclib/ccvs/rcsparse/init.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/lib/vclib/ccvs/rcsparse/common.py
+++ b/lib/vclib/ccvs/rcsparse/common.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -194,7 +194,8 @@ class _Parser:
        else:
          # Chew up "newphrase"
          # warn("Unexpected RCS token: $token\n")
-          pass
+          while self.ts.get() != ';':
+            pass
      else:
        if f is None:
          self.ts.unget(token)
--- a/lib/vclib/ccvs/rcsparse/debug.py
+++ b/lib/vclib/ccvs/rcsparse/debug.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/lib/vclib/ccvs/rcsparse/default.py
+++ b/lib/vclib/ccvs/rcsparse/default.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -19,7 +19,11 @@ import string
 import common

 class _TokenStream:
-  token_term = string.whitespace + ';:'
+  token_term = string.whitespace + ";:"
+  try:
+    token_term = frozenset(token_term)
+  except NameError:
+    pass

  # the algorithm is about the same speed for any CHUNK_SIZE chosen.
  # grab a good-sized chunk, but not too large to overwhelm memory.
@@ -44,15 +48,17 @@ class _TokenStream:
    # out more complex solutions.

    buf = self.buf
+    lbuf = len(buf)
    idx = self.idx

    while 1:
-      if idx == len(buf):
+      if idx == lbuf:
        buf = self.rcsfile.read(self.CHUNK_SIZE)
        if buf == '':
          # signal EOF by returning None as the token
          del self.buf   # so we fail if get() is called again
          return None
+        lbuf = len(buf)
        idx = 0

      if buf[idx] not in string.whitespace:
@@ -60,7 +66,7 @@ class _TokenStream:

      idx = idx + 1

-    if buf[idx] == ';' or buf[idx] == ':':
+    if buf[idx] in ';:':
      self.buf = buf
      self.idx = idx + 1
      return buf[idx]
@@ -70,17 +76,18 @@ class _TokenStream:
      token = ''
      while 1:
        # find token characters in the current buffer
-        while end < len(buf) and buf[end] not in self.token_term:
+        while end < lbuf and buf[end] not in self.token_term:
          end = end + 1
        token = token + buf[idx:end]

-        if end < len(buf):
+        if end < lbuf:
          # we stopped before the end, so we have a full token
          idx = end
          break

        # we stopped at the end of the buffer, so we may have a partial token
        buf = self.rcsfile.read(self.CHUNK_SIZE)
+        lbuf = len(buf)
        idx = end = 0

      self.buf = buf
@@ -94,22 +101,24 @@ class _TokenStream:
    chunks = [ ]

    while 1:
-      if idx == len(buf):
+      if idx == lbuf:
        idx = 0
        buf = self.rcsfile.read(self.CHUNK_SIZE)
        if buf == '':
          raise RuntimeError, 'EOF'
+        lbuf = len(buf)
      i = string.find(buf, '@', idx)
      if i == -1:
        chunks.append(buf[idx:])
-        idx = len(buf)
+        idx = lbuf
        continue
-      if i == len(buf) - 1:
+      if i == lbuf - 1:
        chunks.append(buf[idx:i])
        idx = 0
        buf = '@' + self.rcsfile.read(self.CHUNK_SIZE)
        if buf == '@':
          raise RuntimeError, 'EOF'
+        lbuf = len(buf)
        continue
      if buf[i + 1] == '@':
        chunks.append(buf[idx:i+1])
--- a/lib/vclib/ccvs/rcsparse/texttools.py
+++ b/lib/vclib/ccvs/rcsparse/texttools.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/lib/vclib/svn/init.py
+++ b/lib/vclib/svn/init.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -15,17 +15,50 @@
 import os
 import os.path
 import re
+import urllib

 _re_url = re.compile('^(http|https|file|svn|svn\+[^:]+)://')

-def canonicalize_rootpath(rootpath):
+def _canonicalize_path(path):
+  import svn.core
  try:
-    import svn.core
-    return svn.core.svn_path_canonicalize(rootpath)
-  except:
-    if re.search(_re_url, rootpath):
-      return rootpath[-1] == '/' and rootpath[:-1] or rootpath
-    return os.path.normpath(rootpath)
+    return svn.core.svn_path_canonicalize(path)
+  except AttributeError: # svn_path_canonicalize() appeared in 1.4.0 bindings
+    # There's so much more that we *could* do here, but if we're
+    # here at all its because there's a really old Subversion in
+    # place, and those older Subversion versions cared quite a bit
+    # less about the specifics of path canonicalization.
+    if re.search(_re_url, path):
+      return path.rstrip('/')
+    else:
+      return os.path.normpath(path)
+
+
+def canonicalize_rootpath(rootpath):
+  # Try to canonicalize the rootpath using Subversion semantics.
+  rootpath = _canonicalize_path(rootpath)
+  
+  # ViewVC's support for local repositories is more complete and more
+  # performant than its support for remote ones, so if we're on a
+  # Unix-y system and we have a file:/// URL, convert it to a local
+  # path instead.
+  if os.name == 'posix':
+    rootpath_lower = rootpath.lower()
+    if rootpath_lower in ['file://localhost',
+                          'file://localhost/',
+                          'file://',
+                          'file:///'
+                          ]:
+      return '/'
+    if rootpath_lower.startswith('file://localhost/'):
+      rootpath = os.path.normpath(urllib.unquote(rootpath[16:]))
+    elif rootpath_lower.startswith('file:///'):
+      rootpath = os.path.normpath(urllib.unquote(rootpath[7:]))
+
+  # Ensure that we have an absolute path (or URL), and return.
+  if not re.search(_re_url, rootpath):
+    assert os.path.isabs(rootpath)
+  return rootpath


 def expand_root_parent(parent_path):
@@ -35,6 +68,7 @@ def expand_root_parent(parent_path):
  else:
    # Any subdirectories of PARENT_PATH which themselves have a child
    # "format" are returned as roots.
+    assert os.path.isabs(parent_path)
    subpaths = os.listdir(parent_path)
    for rootname in subpaths:
      rootpath = os.path.join(parent_path, rootname)
@@ -43,6 +77,20 @@ def expand_root_parent(parent_path):
  return roots


+def find_root_in_parent(parent_path, rootname):
+  """Search PARENT_PATH for a root named ROOTNAME, returning the
+  canonicalized ROOTPATH of the root if found; return None if no such
+  root is found."""
+  
+  if not re.search(_re_url, parent_path):
+    assert os.path.isabs(parent_path)
+    rootpath = os.path.join(parent_path, rootname)
+    format_path = os.path.join(rootpath, "format")
+    if os.path.exists(format_path):
+      return canonicalize_rootpath(rootpath)
+  return None
+
+
 def SubversionRepository(name, rootpath, authorizer, utilities, config_dir):
  rootpath = canonicalize_rootpath(rootpath)
  if re.search(_re_url, rootpath):
--- a/lib/vclib/svn/svn_ra.py
+++ b/lib/vclib/svn/svn_ra.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -18,10 +18,12 @@ import os
 import string
 import re
 import tempfile
-import popen2
 import time
 import urllib
-from svn_repos import Revision, SVNChangedPath, _datestr_to_date, _compare_paths, _path_parts, _cleanup_path, _rev2optrev, _fix_subversion_exception
+from svn_repos import Revision, SVNChangedPath, _datestr_to_date, \
+                      _compare_paths, _path_parts, _cleanup_path, \
+                      _rev2optrev, _fix_subversion_exception, \
+                      _split_revprops, _canonicalize_path
 from svn import core, delta, client, wc, ra


@@ -52,13 +54,71 @@ def get_directory_props(ra_session, path, rev):
    props = ra.svn_ra_get_dir(ra_session, path, rev)
  return props

+def client_log(url, start_rev, end_rev, log_limit, include_changes,
+               cross_copies, cb_func, ctx):
+  include_changes = include_changes and 1 or 0
+  cross_copies = cross_copies and 1 or 0
+  try:
+    client.svn_client_log4([url], start_rev, start_rev, end_rev,
+                           log_limit, include_changes, not cross_copies,
+                           0, None, cb_func, ctx)
+  except AttributeError:
+    # Wrap old svn_log_message_receiver_t interface with a
+    # svn_log_entry_t one.
+    def cb_convert(paths, revision, author, date, message, pool):
+      class svn_log_entry_t:
+        pass
+      log_entry = svn_log_entry_t()
+      log_entry.changed_paths = paths
+      log_entry.revision = revision
+      log_entry.revprops = { core.SVN_PROP_REVISION_LOG : message,
+                             core.SVN_PROP_REVISION_AUTHOR : author,
+                             core.SVN_PROP_REVISION_DATE : date,
+                             }
+      cb_func(log_entry, pool)
+    client.svn_client_log2([url], start_rev, end_rev, log_limit,
+                           include_changes, not cross_copies, cb_convert, ctx)
+
+
+def setup_client_ctx(config_dir):
+  # Ensure that the configuration directory exists.
+  core.svn_config_ensure(config_dir)
+
+  # Fetch the configuration (and 'config' bit thereof).
+  cfg = core.svn_config_get_config(config_dir)
+  config = cfg.get(core.SVN_CONFIG_CATEGORY_CONFIG)
+
+  # Here's the compat-sensitive part: try to use
+  # svn_cmdline_create_auth_baton(), and fall back to making our own
+  # if that fails.
+  try:
+    auth_baton = core.svn_cmdline_create_auth_baton(1, None, None, config_dir,
+                                                    1, 1, config, None)
+  except AttributeError:
+    auth_baton = core.svn_auth_open([
+      client.svn_client_get_simple_provider(),
+      client.svn_client_get_username_provider(),
+      client.svn_client_get_ssl_server_trust_file_provider(),
+      client.svn_client_get_ssl_client_cert_file_provider(),
+      client.svn_client_get_ssl_client_cert_pw_file_provider(),
+      ])
+    if config_dir is not None:
+      core.svn_auth_set_parameter(auth_baton,
+                                  core.SVN_AUTH_PARAM_CONFIG_DIR,
+                                  config_dir)
+
+  # Create, setup, and return the client context baton.
+  ctx = client.svn_client_create_context()
+  ctx.config = cfg
+  ctx.auth_baton = auth_baton
+  return ctx
+
 ### END COMPATABILITY CODE ###


 class LogCollector:
-  ### TODO: Make this thing authz-aware
  
-  def __init__(self, path, show_all_logs, lockinfo):
+  def __init__(self, path, show_all_logs, lockinfo, access_check_func):
    # This class uses leading slashes for paths internally
    if not path:
      self.path = '/'
@@ -67,8 +127,16 @@ class LogCollector:
    self.logs = []
    self.show_all_logs = show_all_logs
    self.lockinfo = lockinfo
+    self.access_check_func = access_check_func
+    self.done = False
+    
+  def add_log(self, log_entry, pool):
+    if self.done:
+      return
+    paths = log_entry.changed_paths
+    revision = log_entry.revision
+    msg, author, date, revprops = _split_revprops(log_entry.revprops)
    
-  def add_log(self, paths, revision, author, date, message, pool):
    # Changed paths have leading slashes
    changed_paths = paths.keys()
    changed_paths.sort(lambda a, b: _compare_paths(a, b))
@@ -88,13 +156,17 @@ class LogCollector:
          if change.copyfrom_path:
            this_path = change.copyfrom_path + self.path[len(changed_path):]
    if self.show_all_logs or this_path:
-      entry = Revision(revision, _datestr_to_date(date), author, message, None,
-                       self.lockinfo, self.path[1:], None, None)
-      self.logs.append(entry)
+      if self.access_check_func is None \
+         or self.access_check_func(self.path[1:], revision):
+        entry = Revision(revision, date, author, msg, None, self.lockinfo,
+                         self.path[1:], None, None)
+        self.logs.append(entry)
+      else:
+        self.done = True
    if this_path:
      self.path = this_path
    
-def temp_checkout(svnrepos, path, rev):
+def cat_to_tempfile(svnrepos, path, rev):
  """Check out file revision to temporary file"""
  temp = tempfile.mktemp()
  stream = core.svn_stream_from_aprfile(temp)
@@ -155,21 +227,8 @@ class RemoteSubversionRepository(vclib.Repository):

  def open(self):
    # Setup the client context baton, complete with non-prompting authstuffs.
-    # TODO: svn_cmdline_setup_auth_baton() is mo' better (when available)
-    core.svn_config_ensure(self.config_dir)
-    self.ctx = client.svn_client_ctx_t()
-    self.ctx.auth_baton = core.svn_auth_open([
-      client.svn_client_get_simple_provider(),
-      client.svn_client_get_username_provider(),
-      client.svn_client_get_ssl_server_trust_file_provider(),
-      client.svn_client_get_ssl_client_cert_file_provider(),
-      client.svn_client_get_ssl_client_cert_pw_file_provider(),
-      ])
-    self.ctx.config = core.svn_config_get_config(self.config_dir)
-    if self.config_dir is not None:
-      core.svn_auth_set_parameter(self.ctx.auth_baton,
-                                  core.SVN_AUTH_PARAM_CONFIG_DIR,
-                                  self.config_dir)
+    self.ctx = setup_client_ctx(self.config_dir)
+    
    ra_callbacks = ra.svn_ra_callbacks_t()
    ra_callbacks.auth_baton = self.ctx.auth_baton
    self.ra_session = ra.svn_ra_open(self.rootpath, ra_callbacks, None,
@@ -177,6 +236,10 @@ class RemoteSubversionRepository(vclib.Repository):
    self.youngest = ra.svn_ra_get_latest_revnum(self.ra_session)
    self._dirent_cache = { }
    self._revinfo_cache = { }
+
+    # See if a universal read access determination can be made.
+    if self.auth and self.auth.check_universal_access(self.name) == 1:
+      self.auth = None
    
  def rootname(self):
    return self.name
@@ -211,25 +274,23 @@ class RemoteSubversionRepository(vclib.Repository):
      raise vclib.ItemNotFound(path_parts)
    return pathtype

-  def openfile(self, path_parts, rev):
+  def openfile(self, path_parts, rev, options):
    path = self._getpath(path_parts)
    if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
      raise vclib.Error("Path '%s' is not a file." % path)
    rev = self._getrev(rev)
    url = self._geturl(path)
-    tmp_file = tempfile.mktemp()
-    stream = core.svn_stream_from_aprfile(tmp_file)
    ### rev here should be the last history revision of the URL
-    client.svn_client_cat(core.Stream(stream), url, _rev2optrev(rev), self.ctx)
-    core.svn_stream_close(stream)
-    return SelfCleanFP(tmp_file), self._get_last_history_rev(path_parts, rev)
+    fp = SelfCleanFP(cat_to_tempfile(self, path, rev))
+    lh_rev, c_rev = self._get_last_history_rev(path_parts, rev)
+    return fp, lh_rev

  def listdir(self, path_parts, rev, options):
    path = self._getpath(path_parts)
    if self.itemtype(path_parts, rev) != vclib.DIR:  # does auth-check
      raise vclib.Error("Path '%s' is not a directory." % path)
    rev = self._getrev(rev)
-    entries = [ ]
+    entries = []
    dirents, locks = self._get_dirents(path, rev)
    for name in dirents.keys():
      entry = dirents[name]
@@ -237,8 +298,9 @@ class RemoteSubversionRepository(vclib.Repository):
        kind = vclib.DIR
      elif entry.kind == core.svn_node_file:
        kind = vclib.FILE
-      if vclib.check_path_access(self, path_parts + [name], kind, rev):
-        entries.append(vclib.DirEntry(name, kind))
+      else:
+        kind = None
+      entries.append(vclib.DirEntry(name, kind))
    return entries

  def dirlogs(self, path_parts, rev, entries, options):
@@ -249,11 +311,13 @@ class RemoteSubversionRepository(vclib.Repository):
    dirents, locks = self._get_dirents(path, rev)
    for entry in entries:
      entry_path_parts = path_parts + [entry.name]
-      if not vclib.check_path_access(self, entry_path_parts, entry.kind, rev):
+      dirent = dirents.get(entry.name, None)
+      # dirents is authz-sanitized, so ensure the entry is found therein.
+      if dirent is None:
        continue
-      dirent = dirents[entry.name]
-      entry.date, entry.author, entry.log, changes = \
-                  self.revinfo(dirent.created_rev)
+      # Get authz-sanitized revision metadata.
+      entry.date, entry.author, entry.log, revprops, changes = \
+                  self._revinfo(dirent.created_rev)
      entry.rev = str(dirent.created_rev)
      entry.size = dirent.size
      entry.lockinfo = None
@@ -267,29 +331,51 @@ class RemoteSubversionRepository(vclib.Repository):
    rev = self._getrev(rev)
    url = self._geturl(path)

-    # Use ls3 to fetch the lock status for this item.
-    lockinfo = None
-    basename = path_parts and path_parts[-1] or ""
-    dirents, locks = list_directory(url, _rev2optrev(rev),
-                                    _rev2optrev(rev), 0, self.ctx)
-    if locks.has_key(basename):
-      lockinfo = locks[basename].owner
+    # If this is a file, fetch the lock status and size (as of REV)
+    # for this item.
+    lockinfo = size_in_rev = None
+    if path_type == vclib.FILE:
+      basename = path_parts[-1]
+      list_url = self._geturl(self._getpath(path_parts[:-1]))
+      dirents, locks = list_directory(list_url, _rev2optrev(rev),
+                                      _rev2optrev(rev), 0, self.ctx)
+      if locks.has_key(basename):
+        lockinfo = locks[basename].owner
+      if dirents.has_key(basename):
+        size_in_rev = dirents[basename].size
+    
+    # Special handling for the 'svn_latest_log' scenario.
+    ### FIXME: Don't like this hack.  We should just introduce
+    ### something more direct in the vclib API.
+    if options.get('svn_latest_log', 0):
+      dir_lh_rev, dir_c_rev = self._get_last_history_rev(path_parts, rev)
+      date, author, log, revprops, changes = self._revinfo(dir_lh_rev)
+      return [vclib.Revision(dir_lh_rev, str(dir_lh_rev), date, author,
+                             None, log, size_in_rev, lockinfo)]

+    def _access_checker(check_path, check_rev):
+      return vclib.check_path_access(self, _path_parts(check_path),
+                                     path_type, check_rev)
+      
    # It's okay if we're told to not show all logs on a file -- all
    # the revisions should match correctly anyway.
-    lc = LogCollector(path, options.get('svn_show_all_dir_logs', 0), lockinfo)
+    lc = LogCollector(path, options.get('svn_show_all_dir_logs', 0),
+                      lockinfo, _access_checker)

    cross_copies = options.get('svn_cross_copies', 0)
    log_limit = 0
    if limit:
      log_limit = first + limit
-    client.svn_client_log2([url], _rev2optrev(rev), _rev2optrev(1),
-                           log_limit, 1, not cross_copies,
-                           lc.add_log, self.ctx)
+    client_log(url, _rev2optrev(rev), _rev2optrev(1), log_limit, 1,
+               cross_copies, lc.add_log, self.ctx)
    revs = lc.logs
    revs.sort()
    prev = None
    for rev in revs:
+      # Swap out revision info with stuff from the cache (which is
+      # authz-sanitized).
+      rev.date, rev.author, rev.log, revprops, changes \
+                = self._revinfo(rev.number)
      rev.prev = prev
      prev = rev
    revs.reverse()
@@ -309,13 +395,25 @@ class RemoteSubversionRepository(vclib.Repository):
                                        _rev2optrev(rev), 0, self.ctx)
    return pairs and pairs[0][1] or {}
  
-  def annotate(self, path_parts, rev):
+  def annotate(self, path_parts, rev, include_text=False):
    path = self._getpath(path_parts)
    if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
      raise vclib.Error("Path '%s' is not a file." % path)
    rev = self._getrev(rev)
    url = self._geturl(path)

+    # Examine logs for the file to determine the oldest revision we are
+    # permitted to see.
+    log_options = {
+      'svn_cross_copies' : 1,
+      'svn_show_all_dir_logs' : 1,
+      }
+    revs = self.itemlog(path_parts, rev, vclib.SORTBY_REV, 0, 0, log_options)
+    oldest_rev = revs[-1].number
+
+    # Now calculate the annotation data.  Note that we'll not
+    # inherently trust the provided author and date, because authz
+    # rules might necessitate that we strip that information out.
    blame_data = []

    def _blame_cb(line_no, revision, author, date,
@@ -323,21 +421,27 @@ class RemoteSubversionRepository(vclib.Repository):
      prev_rev = None
      if revision > 1:
        prev_rev = revision - 1
-      blame_data.append(vclib.Annotation(line, line_no+1, revision, prev_rev,
-                                         author, None))
-      
-    client.svn_client_blame(url, _rev2optrev(1), _rev2optrev(rev),
-                            _blame_cb, self.ctx)

+      # If we have an invalid revision, clear the date and author
+      # values.  Otherwise, if we have authz filtering to do, use the
+      # revinfo cache to do so.
+      if revision < 0:
+        date = author = None
+      elif self.auth:
+        date, author, msg, revprops, changes = self._revinfo(revision)
+
+      # Strip text if the caller doesn't want it.
+      if not include_text:
+        line = None
+      blame_data.append(vclib.Annotation(line, line_no + 1, revision, prev_rev,
+                                         author, date))
+      
+    client.blame2(url, _rev2optrev(rev), _rev2optrev(oldest_rev),
+                  _rev2optrev(rev), _blame_cb, self.ctx)
    return blame_data, rev

  def revinfo(self, rev):
-    rev = self._getrev(rev)
-    cached_info = self._revinfo_cache.get(rev)
-    if not cached_info:
-      cached_info = self._revinfo_raw(rev)
-      self._revinfo_cache[rev] = cached_info
-    return cached_info[0], cached_info[1], cached_info[2], cached_info[3]
+    return self._revinfo(rev, 1)
    
  def rawdiff(self, path_parts1, rev1, path_parts2, rev2, type, options={}):
    p1 = self._getpath(path_parts1)
@@ -352,12 +456,12 @@ class RemoteSubversionRepository(vclib.Repository):
    args = vclib._diff_args(type, options)

    def _date_from_rev(rev):
-      date, author, msg, changes = self.revinfo(rev)
+      date, author, msg, revprops, changes = self._revinfo(rev)
      return date
    
    try:
-      temp1 = temp_checkout(self, p1, r1)
-      temp2 = temp_checkout(self, p2, r2)
+      temp1 = cat_to_tempfile(self, p1, r1)
+      temp2 = cat_to_tempfile(self, p2, r2)
      info1 = p1, _date_from_rev(r1), r1
      info2 = p2, _date_from_rev(r2), r2
      return vclib._diff_fp(temp1, temp2, info1, info2, self.diff_cmd, args)
@@ -371,6 +475,15 @@ class RemoteSubversionRepository(vclib.Repository):
    props = self.itemprops(path_parts, rev) # does authz-check
    return props.has_key(core.SVN_PROP_EXECUTABLE)
  
+  def filesize(self, path_parts, rev):
+    path = self._getpath(path_parts)
+    if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
+      raise vclib.Error("Path '%s' is not a file." % path)
+    rev = self._getrev(rev)
+    dirents, locks = self._get_dirents(self._getpath(path_parts[:-1]), rev)
+    dirent = dirents.get(path_parts[-1], None)
+    return dirent.size
+    
  def _getpath(self, path_parts):
    return string.join(path_parts, '/')

@@ -378,8 +491,11 @@ class RemoteSubversionRepository(vclib.Repository):
    if rev is None or rev == 'HEAD':
      return self.youngest
    try:
+      if type(rev) == type(''):
+        while rev[0] == 'r':
+          rev = rev[1:]
      rev = int(rev)
-    except ValueError:
+    except:
      raise vclib.InvalidRevision(rev)
    if (rev < 0) or (rev > self.youngest):
      raise vclib.InvalidRevision(rev)
@@ -388,58 +504,139 @@ class RemoteSubversionRepository(vclib.Repository):
  def _geturl(self, path=None):
    if not path:
      return self.rootpath
-    return self.rootpath + '/' + urllib.quote(path, "/*~")
+    path = self.rootpath + '/' + urllib.quote(path)
+    return _canonicalize_path(path)

  def _get_dirents(self, path, rev):
    """Return a 2-type of dirents and locks, possibly reading/writing
-    from a local cache of that information."""
+    from a local cache of that information.  This functions performs
+    authz checks, stripping out unreadable dirents."""

    dir_url = self._geturl(path)
+    path_parts = _path_parts(path)    
    if path:
      key = str(rev) + '/' + path
    else:
      key = str(rev)
+
+    # Ensure that the cache gets filled...
    dirents_locks = self._dirent_cache.get(key)
    if not dirents_locks:
-      dirents, locks = list_directory(dir_url, _rev2optrev(rev),
-                                      _rev2optrev(rev), 0, self.ctx)
+      tmp_dirents, locks = list_directory(dir_url, _rev2optrev(rev),
+                                          _rev2optrev(rev), 0, self.ctx)
+      dirents = {}
+      for name, dirent in tmp_dirents.items():
+        dirent_parts = path_parts + [name]
+        kind = dirent.kind 
+        if (kind == core.svn_node_dir or kind == core.svn_node_file) \
+           and vclib.check_path_access(self, dirent_parts,
+                                       kind == core.svn_node_dir \
+                                         and vclib.DIR or vclib.FILE, rev):
+          lh_rev, c_rev = self._get_last_history_rev(dirent_parts, rev)
+          dirent.created_rev = lh_rev
+          dirents[name] = dirent
      dirents_locks = [dirents, locks]
      self._dirent_cache[key] = dirents_locks
+
+    # ...then return the goodies from the cache.
    return dirents_locks[0], dirents_locks[1]

  def _get_last_history_rev(self, path_parts, rev):
+    """Return the a 2-tuple which contains:
+         - the last interesting revision equal to or older than REV in
+           the history of PATH_PARTS.
+         - the created_rev of of PATH_PARTS as of REV."""
+    
+    path = self._getpath(path_parts)
    url = self._geturl(self._getpath(path_parts))
    optrev = _rev2optrev(rev)
+
+    # Get the last-changed-rev.
    revisions = []
    def _info_cb(path, info, pool, retval=revisions):
      revisions.append(info.last_changed_rev)
    client.svn_client_info(url, optrev, optrev, _info_cb, 0, self.ctx)
-    return revisions[0]
-    
-  def _revinfo_raw(self, rev):
-    # return 5-tuple (date, author, message, changes)
-    optrev = _rev2optrev(rev)
-    revs = []
+    last_changed_rev = revisions[0]

-    def _log_cb(changed_paths, revision, author,
-                datestr, message, pool, retval=revs):
-      date = _datestr_to_date(datestr)
+    # Now, this object might not have been directly edited since the
+    # last-changed-rev, but it might have been the child of a copy.
+    # To determine this, we'll run a potentially no-op log between
+    # LAST_CHANGED_REV and REV.
+    lc = LogCollector(path, 1, None, None)
+    client_log(url, optrev, _rev2optrev(last_changed_rev), 1, 1, 0,
+               lc.add_log, self.ctx)
+    revs = lc.logs
+    if revs:
+      revs.sort()
+      return revs[0].number, last_changed_rev
+    else:
+      return last_changed_rev, last_changed_rev
+    
+  def _revinfo_fetch(self, rev, include_changed_paths=0):
+    need_changes = include_changed_paths or self.auth
+    revs = []
+    
+    def _log_cb(log_entry, pool, retval=revs):
+      # If Subversion happens to call us more than once, we choose not
+      # to care.
+      if retval:
+        return
+      
+      revision = log_entry.revision
+      msg, author, date, revprops = _split_revprops(log_entry.revprops)
      action_map = { 'D' : vclib.DELETED,
                     'A' : vclib.ADDED,
                     'R' : vclib.REPLACED,
                     'M' : vclib.MODIFIED,
                     }
-      paths = (changed_paths or {}).keys()
+
+      # Easy out: if we won't use the changed-path info, just return a
+      # changes-less tuple.
+      if not need_changes:
+        return revs.append([date, author, msg, revprops, None])
+
+      # Subversion 1.5 and earlier didn't offer the 'changed_paths2'
+      # hash, and in Subversion 1.6, it's offered but broken.
+      try: 
+        changed_paths = log_entry.changed_paths2
+        paths = (changed_paths or {}).keys()
+      except:
+        changed_paths = log_entry.changed_paths
+        paths = (changed_paths or {}).keys()
      paths.sort(lambda a, b: _compare_paths(a, b))
+
+      # If we get this far, our caller needs changed-paths, or we need
+      # them for authz-related sanitization.
      changes = []
      found_readable = found_unreadable = 0
      for path in paths:
-        pathtype = None
        change = changed_paths[path]
+
+        # svn_log_changed_path_t (which we might get instead of the
+        # svn_log_changed_path2_t we'd prefer) doesn't have the
+        # 'node_kind' member.        
+        pathtype = None
+        if hasattr(change, 'node_kind'):
+          if change.node_kind == core.svn_node_dir:
+            pathtype = vclib.DIR
+          elif change.node_kind == core.svn_node_file:
+            pathtype = vclib.FILE
+            
+        # svn_log_changed_path2_t only has the 'text_modified' and
+        # 'props_modified' bits in Subversion 1.7 and beyond.  And
+        # svn_log_changed_path_t is without.
+        text_modified = props_modified = 0
+        if hasattr(change, 'text_modified'):
+          if change.text_modified == core.svn_tristate_true:
+            text_modified = 1
+        if hasattr(change, 'props_modified'):
+          if change.props_modified == core.svn_tristate_true:
+            props_modified = 1
+            
+        # Wrong, diddily wrong wrong wrong.  Can you say,
+        # "Manufacturing data left and right because it hurts to
+        # figure out the right stuff?"
        action = action_map.get(change.action, vclib.MODIFIED)
-        ### Wrong, diddily wrong wrong wrong.  Can you say,
-        ### "Manufacturing data left and right because it hurts to
-        ### figure out the right stuff?"
        if change.copyfrom_path and change.copyfrom_rev:
          is_copy = 1
          base_path = change.copyfrom_path
@@ -452,31 +649,61 @@ class RemoteSubversionRepository(vclib.Repository):
          base_path = path
          base_rev = revision - 1

-        ### Check authz rules (we lie about the path type)
+        # Check authz rules (sadly, we have to lie about the path type)
        parts = _path_parts(path)
        if vclib.check_path_access(self, parts, vclib.FILE, revision):
          if is_copy and base_path and (base_path != path):
            parts = _path_parts(base_path)
-            if vclib.check_path_access(self, parts, vclib.FILE, base_rev):
+            if not vclib.check_path_access(self, parts, vclib.FILE, base_rev):
              is_copy = 0
              base_path = None
              base_rev = None
+              found_unreadable = 1
          changes.append(SVNChangedPath(path, revision, pathtype, base_path,
-                                        base_rev, action, is_copy, 0, 0))
+                                        base_rev, action, is_copy,
+                                        text_modified, props_modified))
          found_readable = 1
        else:
          found_unreadable = 1

+        # If our caller doesn't want changed-path stuff, and we have
+        # the info we need to make an authz determination already,
+        # quit this loop and get on with it.
+        if (not include_changed_paths) and found_unreadable and found_readable:
+          break
+
+      # Filter unreadable information.
      if found_unreadable:
-        message = None
+        msg = None
        if not found_readable:
          author = None
          date = None
-      revs.append([date, author, message, changes])

-    client.svn_client_log([self.rootpath], optrev, optrev,
-                          1, 0, _log_cb, self.ctx)
-    return revs[0][0], revs[0][1], revs[0][2], revs[0][3]
+      # Drop unrequested changes.
+      if not include_changed_paths:
+        changes = None
+
+      # Add this revision information to the "return" array.
+      retval.append([date, author, msg, revprops, changes])
+
+    optrev = _rev2optrev(rev)
+    client_log(self.rootpath, optrev, optrev, 1, need_changes, 0,
+               _log_cb, self.ctx)
+    return tuple(revs[0])
+
+  def _revinfo(self, rev, include_changed_paths=0):
+    """Internal-use, cache-friendly revision information harvester."""
+
+    # Consult the revinfo cache first.  If we don't have cached info,
+    # or our caller wants changed paths and we don't have those for
+    # this revision, go do the real work.
+    rev = self._getrev(rev)
+    cached_info = self._revinfo_cache.get(rev)
+    if not cached_info \
+       or (include_changed_paths and cached_info[4] is None):
+      cached_info = self._revinfo_fetch(rev, include_changed_paths)
+      self._revinfo_cache[rev] = cached_info
+    return cached_info

  ##--- custom --##

@@ -495,23 +722,16 @@ class RemoteSubversionRepository(vclib.Repository):
      old_path = results[old_rev]
    except KeyError:
      raise vclib.ItemNotFound(path)
-  
-    return _cleanup_path(old_path)
+    old_path = _cleanup_path(old_path)
+    old_path_parts = _path_parts(old_path)
+    # Check access (lying about path types)
+    if not vclib.check_path_access(self, old_path_parts, vclib.FILE, old_rev):
+      raise vclib.ItemNotFound(path)
+    return old_path
  
  def created_rev(self, path, rev):
-    # NOTE: We can't use svn_client_propget here because the
-    # interfaces in that layer strip out the properties not meant for
-    # human consumption (such as svn:entry:committed-rev, which we are
-    # using here to get the created revision of PATH@REV).
-    kind = ra.svn_ra_check_path(self.ra_session, path, rev)
-    if kind == core.svn_node_none:
-      raise vclib.ItemNotFound(_path_parts(path))
-    elif kind == core.svn_node_dir:
-      props = get_directory_props(self.ra_session, path, rev)
-    elif kind == core.svn_node_file:
-      fetched_rev, props = ra.svn_ra_get_file(self.ra_session, path, rev, None)
-    return int(props.get(core.SVN_PROP_ENTRY_COMMITTED_REV,
-                         SVN_INVALID_REVNUM))
+    lh_rev, c_rev = self._get_last_history_rev(_path_parts(path), rev)
+    return lh_rev

  def last_rev(self, path, peg_revision, limit_revision=None):
    """Given PATH, known to exist in PEG_REVISION, find the youngest
@@ -546,3 +766,33 @@ class RemoteSubversionRepository(vclib.Repository):
        else:
          peg_revision = mid
      return peg_revision, path
+
+  def get_symlink_target(self, path_parts, rev):
+    """Return the target of the symbolic link versioned at PATH_PARTS
+    in REV, or None if that object is not a symlink."""
+
+    path = self._getpath(path_parts)
+    path_type = self.itemtype(path_parts, rev) # does auth-check
+    rev = self._getrev(rev)
+    url = self._geturl(path)
+
+    # Symlinks must be files with the svn:special property set on them
+    # and with file contents which read "link SOME_PATH".
+    if path_type != vclib.FILE:
+      return None
+    pairs = client.svn_client_proplist2(url, _rev2optrev(rev),
+                                        _rev2optrev(rev), 0, self.ctx)
+    props = pairs and pairs[0][1] or {}
+    if not props.has_key(core.SVN_PROP_SPECIAL):
+      return None
+    pathspec = ''
+    ### FIXME: We're being a touch sloppy here, first by grabbing the
+    ### whole file and then by checking only the first line
+    ### of it.
+    fp = SelfCleanFP(cat_to_tempfile(self, path, rev))
+    pathspec = fp.readline()
+    fp.close()
+    if pathspec[:5] != 'link ':
+      return None
+    return pathspec[5:]
+
--- a/lib/vclib/svn/svn_repos.py
+++ b/lib/vclib/svn/svn_repos.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -22,6 +22,7 @@ import time
 import tempfile
 import popen
 import re
+import urllib
 from svn import fs, repos, core, client, delta


@@ -42,7 +43,14 @@ def _fix_subversion_exception(e):
    e.apr_err = e[1]
  if not hasattr(e, 'message'):
    e.message = e[0]
-  
+
+### Pre-1.4 Subversion doesn't have svn_path_canonicalize()
+def _canonicalize_path(path):
+  try:
+    return core.svn_path_canonicalize(path)
+  except AttributeError:
+    return path
+
 def _allow_all(root, path, pool):
  """Generic authz_read_func that permits access to all paths"""
  return 1
@@ -108,11 +116,37 @@ def _rev2optrev(rev):

 def _rootpath2url(rootpath, path):
  rootpath = os.path.abspath(rootpath)
-  if rootpath and rootpath[0] != '/':
-    rootpath = '/' + rootpath
+  drive, rootpath = os.path.splitdrive(rootpath)
  if os.sep != '/':
    rootpath = string.replace(rootpath, os.sep, '/')
-  return 'file://' + string.join([rootpath, path], "/")
+  rootpath = urllib.quote(rootpath)
+  path = urllib.quote(path)
+  if drive:
+    url = 'file:///' + drive + rootpath + '/' + path
+  else:
+    url = 'file://' + rootpath + '/' + path
+  return _canonicalize_path(url)
+
+
+# Given a dictionary REVPROPS of revision properties, pull special
+# ones out of them and return a 4-tuple containing the log message,
+# the author, the date (converted from the date string property), and
+# a dictionary of any/all other revprops.
+def _split_revprops(revprops):
+  if not revprops:
+    return None, None, None, {}
+  special_props = []
+  for prop in core.SVN_PROP_REVISION_LOG, \
+              core.SVN_PROP_REVISION_AUTHOR, \
+              core.SVN_PROP_REVISION_DATE:
+    if revprops.has_key(prop):
+      special_props.append(revprops[prop])
+      del(revprops[prop])
+    else:
+      special_props.append(None)
+  msg, author, datestr = tuple(special_props)
+  date = _datestr_to_date(datestr)
+  return msg, author, date, revprops  


 def _datestr_to_date(datestr):
@@ -183,59 +217,6 @@ class NodeHistory:
  def __getitem__(self, idx):
    return self.histories[idx]

-
-def _get_history(svnrepos, path, rev, path_type, limit=0, options={}):
-  if svnrepos.youngest == 0:
-    return []
-
-  rev_paths = []
-  fsroot = svnrepos._getroot(rev)
-  show_all_logs = options.get('svn_show_all_dir_logs', 0)
-  if not show_all_logs:
-    # See if the path is a file or directory.
-    kind = fs.check_path(fsroot, path)
-    if kind is core.svn_node_file:
-      show_all_logs = 1
-      
-  # Instantiate a NodeHistory collector object, and use it to collect
-  # history items for PATH@REV.
-  history = NodeHistory(svnrepos.fs_ptr, show_all_logs, limit)
-  try:
-    repos.svn_repos_history(svnrepos.fs_ptr, path, history.add_history,
-                            1, rev, options.get('svn_cross_copies', 0))
-  except core.SubversionException, e:
-    _fix_subversion_exception(e)
-    if e.apr_err != _SVN_ERR_CEASE_INVOCATION:
-      raise
-
-  # Now, iterate over those history items, checking for changes of
-  # location, pruning as necessitated by authz rules.
-  for hist_rev, hist_path in history:
-    path_parts = _path_parts(hist_path)
-    if not vclib.check_path_access(svnrepos, path_parts, path_type, hist_rev):
-      break
-    rev_paths.append([hist_rev, hist_path])
-  return rev_paths
-
-
-def _log_helper(svnrepos, path, rev, lockinfo):
-  rev_root = fs.revision_root(svnrepos.fs_ptr, rev)
-
-  # Was this path@rev the target of a copy?
-  copyfrom_rev, copyfrom_path = fs.copied_from(rev_root, path)
-
-  # Assemble our LogEntry
-  date, author, msg, changes = svnrepos._revinfo(rev)
-  if fs.is_file(rev_root, path):
-    size = fs.file_length(rev_root, path)
-  else:
-    size = None
-  entry = Revision(rev, date, author, msg, size, lockinfo, path,
-                   copyfrom_path and _cleanup_path(copyfrom_path),
-                   copyfrom_rev)
-  return entry
-  
-
 def _get_last_history_rev(fsroot, path):
  history = fs.node_history(fsroot, path)
  history = fs.history_prev(history, 0)
@@ -314,12 +295,13 @@ class FileContentsPipe:


 class BlameSource:
-  def __init__(self, local_url, rev, first_rev, config_dir):
+  def __init__(self, local_url, rev, first_rev, include_text, config_dir):
    self.idx = -1
    self.first_rev = first_rev
    self.blame_data = []
+    self.include_text = include_text

-    ctx = client.ctx_t()
+    ctx = client.svn_client_create_context()
    core.svn_config_ensure(config_dir)
    ctx.config = core.svn_config_get_config(config_dir)
    ctx.auth_baton = core.svn_auth_open([])
@@ -338,6 +320,8 @@ class BlameSource:
    prev_rev = None
    if rev > self.first_rev:
      prev_rev = rev - 1
+    if not self.include_text:
+      text = None
    self.blame_data.append(vclib.Annotation(text, line_no + 1, rev,
                                            prev_rev, author, None))

@@ -406,6 +390,10 @@ class LocalSubversionRepository(vclib.Repository):
    self._fsroots = {}
    self._revinfo_cache = {}

+    # See if a universal read access determination can be made.
+    if self.auth and self.auth.check_universal_access(self.name) == 1:
+      self.auth = None
+
  def rootname(self):
    return self.name

@@ -421,19 +409,14 @@ class LocalSubversionRepository(vclib.Repository):
  def itemtype(self, path_parts, rev):
    rev = self._getrev(rev)
    basepath = self._getpath(path_parts)
-    kind = fs.check_path(self._getroot(rev), basepath)
-    pathtype = None
-    if kind == core.svn_node_dir:
-      pathtype = vclib.DIR
-    elif kind == core.svn_node_file:
-      pathtype = vclib.FILE
-    else:
+    pathtype = self._gettype(basepath, rev)
+    if pathtype is None:
      raise vclib.ItemNotFound(path_parts)
    if not vclib.check_path_access(self, path_parts, pathtype, rev):
      raise vclib.ItemNotFound(path_parts)
    return pathtype

-  def openfile(self, path_parts, rev):
+  def openfile(self, path_parts, rev, options):
    path = self._getpath(path_parts)
    if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
      raise vclib.Error("Path '%s' is not a file." % path)
@@ -472,7 +455,7 @@ class LocalSubversionRepository(vclib.Repository):
        continue
      path = self._getpath(entry_path_parts)
      entry_rev = _get_last_history_rev(fsroot, path)
-      date, author, msg, changes = self._revinfo(entry_rev)
+      date, author, msg, revprops, changes = self._revinfo(entry_rev)
      entry.rev = str(entry_rev)
      entry.date = date
      entry.author = author
@@ -521,20 +504,19 @@ class LocalSubversionRepository(vclib.Repository):
    # 'limit' parameter here as numeric cut-off for the depth of our
    # history search.
    if options.get('svn_latest_log', 0):
-      revision = _log_helper(self, path, rev, lockinfo)
+      revision = self._log_helper(path, rev, lockinfo)
      if revision:
        revision.prev = None
        revs.append(revision)
    else:
-      history = _get_history(self, path, rev, path_type,
-                             first + limit, options)
+      history = self._get_history(path, rev, path_type, first + limit, options)
      if len(history) < first:
        history = []
      if limit:
        history = history[first:first+limit]

      for hist_rev, hist_path in history:
-        revision = _log_helper(self, hist_path, hist_rev, lockinfo)
+        revision = self._log_helper(hist_path, hist_rev, lockinfo)
        if revision:
          # If we have unreadable copyfrom data, obscure it.
          if revision.copy_path is not None:
@@ -555,43 +537,70 @@ class LocalSubversionRepository(vclib.Repository):
    fsroot = self._getroot(rev)
    return fs.node_proplist(fsroot, path)
  
-  def annotate(self, path_parts, rev):
+  def annotate(self, path_parts, rev, include_text=False):
    path = self._getpath(path_parts)
    path_type = self.itemtype(path_parts, rev)  # does auth-check
    if path_type != vclib.FILE:
      raise vclib.Error("Path '%s' is not a file." % path)
    rev = self._getrev(rev)
    fsroot = self._getroot(rev)
-    history = _get_history(self, path, rev, path_type, 0,
-                           {'svn_cross_copies': 1})
+    history = self._get_history(path, rev, path_type, 0,
+                                {'svn_cross_copies': 1})
    youngest_rev, youngest_path = history[0]
    oldest_rev, oldest_path = history[-1]
-    source = BlameSource(_rootpath2url(self.rootpath, path),
-                         youngest_rev, oldest_rev, self.config_dir)
+    source = BlameSource(_rootpath2url(self.rootpath, path), youngest_rev,
+                         oldest_rev, include_text, self.config_dir)
    return source, youngest_rev

+  def revinfo(self, rev):
+    return self._revinfo(rev, 1) 
+  
+  def rawdiff(self, path_parts1, rev1, path_parts2, rev2, type, options={}):
+    p1 = self._getpath(path_parts1)
+    p2 = self._getpath(path_parts2)
+    r1 = self._getrev(rev1)
+    r2 = self._getrev(rev2)
+    if not vclib.check_path_access(self, path_parts1, vclib.FILE, rev1):
+      raise vclib.ItemNotFound(path_parts1)
+    if not vclib.check_path_access(self, path_parts2, vclib.FILE, rev2):
+      raise vclib.ItemNotFound(path_parts2)
+    
+    args = vclib._diff_args(type, options)
+
+    def _date_from_rev(rev):
+      date, author, msg, revprops, changes = self._revinfo(rev)
+      return date
+
+    try:
+      temp1 = temp_checkout(self, p1, r1)
+      temp2 = temp_checkout(self, p2, r2)
+      info1 = p1, _date_from_rev(r1), r1
+      info2 = p2, _date_from_rev(r2), r2
+      return vclib._diff_fp(temp1, temp2, info1, info2, self.diff_cmd, args)
+    except core.SubversionException, e:
+      _fix_subversion_exception(e)
+      if e.apr_err == core.SVN_ERR_FS_NOT_FOUND:
+        raise vclib.InvalidRevision
+      raise
+
+  def isexecutable(self, path_parts, rev):
+    props = self.itemprops(path_parts, rev) # does authz-check
+    return props.has_key(core.SVN_PROP_EXECUTABLE)
+
+  def filesize(self, path_parts, rev):
+    path = self._getpath(path_parts)
+    if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
+      raise vclib.Error("Path '%s' is not a file." % path)
+    fsroot = self._getroot(self._getrev(rev))
+    return fs.file_length(fsroot, path)   
+
+  ##--- helpers ---##
+
  def _revinfo(self, rev, include_changed_paths=0):
    """Internal-use, cache-friendly revision information harvester."""
-    
-    def _revinfo_helper(rev, include_changed_paths):
-      # Get the revision property info.  (Would use
-      # editor.get_root_props(), but something is broken there...)
-      revprops = fs.revision_proplist(self.fs_ptr, rev)
-      msg = revprops.get(core.SVN_PROP_REVISION_LOG)
-      author = revprops.get(core.SVN_PROP_REVISION_AUTHOR)
-      datestr = revprops.get(core.SVN_PROP_REVISION_DATE)
-      date = _datestr_to_date(datestr)
-  
-      # Optimization: If our caller doesn't care about the changed
-      # paths, and we don't need them to do authz determinations, let's
-      # get outta here.
-      if self.auth is None and not include_changed_paths:
-        return date, author, msg, None
-  
-      # If we get here, then we either need the changed paths because we
-      # were asked for them, or we need them to do authorization checks.
-      # Either way, we need 'em, so let's get 'em.
-      fsroot = self._getroot(rev)
+
+    def _get_changed_paths(fsroot):
+      """Return a 3-tuple: found_readable, found_unreadable, changed_paths."""
      editor = repos.ChangeCollector(self.fs_ptr, fsroot)
      e_ptr, e_baton = delta.make_editor(editor)
      repos.svn_repos_replay(fsroot, e_ptr, e_baton)
@@ -644,10 +653,12 @@ class LocalSubversionRepository(vclib.Repository):
        if vclib.check_path_access(self, parts, pathtype, rev):
          if is_copy and change.base_path and (change.base_path != path):
            parts = _path_parts(change.base_path)
-            if not vclib.check_path_access(self, parts, pathtype, change.base_rev):
+            if not vclib.check_path_access(self, parts, pathtype,
+                                           change.base_rev):
              is_copy = 0
              change.base_path = None
              change.base_rev = None
+              found_unreadable = 1
          changedpaths[path] = SVNChangedPath(path, rev, pathtype,
                                              change.base_path,
                                              change.base_rev, action,
@@ -656,24 +667,116 @@ class LocalSubversionRepository(vclib.Repository):
          found_readable = 1
        else:
          found_unreadable = 1
+      return found_readable, found_unreadable, changedpaths.values()
+
+    def _get_change_copyinfo(fsroot, path, change):
+      # If we know the copyfrom info, return it...
+      if hasattr(change, 'copyfrom_known') and change.copyfrom_known:
+        copyfrom_path = change.copyfrom_path
+        copyfrom_rev = change.copyfrom_rev
+      # ...otherwise, if this change could be a copy (that is, it
+      # contains an add action), query the copyfrom info ...
+      elif (change.change_kind == fs.path_change_add or
+            change.change_kind == fs.path_change_replace):
+        copyfrom_rev, copyfrom_path = fs.copied_from(fsroot, path)
+      # ...else, there's no copyfrom info.
+      else:
+        copyfrom_rev = core.SVN_INVALID_REVNUM
+        copyfrom_path = None
+      return copyfrom_path, copyfrom_rev
+      
+    def _simple_auth_check(fsroot):
+      """Return a 2-tuple: found_readable, found_unreadable."""
+      found_unreadable = found_readable = 0
+      if hasattr(fs, 'paths_changed2'):
+        changes = fs.paths_changed2(fsroot)
+      else:
+        changes = fs.paths_changed(fsroot)
+      paths = changes.keys()
+      for path in paths:
+        change = changes[path]
+        pathtype = None
+        if hasattr(change, 'node_kind'):
+          if change.node_kind == core.svn_node_file:
+            pathtype = vclib.FILE
+          elif change.node_kind == core.svn_node_dir:
+            pathtype = vclib.DIR
+        parts = _path_parts(path)
+        if pathtype is None:
+          # Figure out the pathtype so we can query the authz subsystem.
+          if change.change_kind == fs.path_change_delete:
+            # Deletions are annoying, because they might be underneath
+            # copies (make their previous location non-trivial).
+            prev_parts = parts
+            prev_rev = rev - 1
+            parent_parts = parts[:-1]
+            while parent_parts:
+              parent_path = '/' + self._getpath(parent_parts)
+              parent_change = changes.get(parent_path)
+              if not (parent_change and \
+                      (parent_change.change_kind == fs.path_change_add or
+                       parent_change.change_kind == fs.path_change_replace)):
+                del(parent_parts[-1])
+                continue
+              copyfrom_path, copyfrom_rev = \
+                _get_change_copyinfo(fsroot, parent_path, parent_change)
+              if copyfrom_path:
+                prev_rev = copyfrom_rev
+                prev_parts = _path_parts(copyfrom_path) + \
+                             parts[len(parent_parts):]
+                break
+              del(parent_parts[-1])
+            pathtype = self._gettype(self._getpath(prev_parts), prev_rev)
+          else:
+            pathtype = self._gettype(self._getpath(parts), rev)
+        if vclib.check_path_access(self, parts, pathtype, rev):
+          found_readable = 1
+          copyfrom_path, copyfrom_rev = \
+            _get_change_copyinfo(fsroot, path, change)
+          if copyfrom_path and copyfrom_path != path:
+            parts = _path_parts(copyfrom_path)
+            if not vclib.check_path_access(self, parts, pathtype,
+                                           copyfrom_rev):
+              found_unreadable = 1
+        else:
+          found_unreadable = 1
+        if found_readable and found_unreadable:
+          break
+      return found_readable, found_unreadable
+      
+    def _revinfo_helper(rev, include_changed_paths):
+      # Get the revision property info.  (Would use
+      # editor.get_root_props(), but something is broken there...)
+      revprops = fs.revision_proplist(self.fs_ptr, rev)
+      msg, author, date, revprops = _split_revprops(revprops)
  
-        # If our caller doesn't care about changed paths, we must be
-        # here for authz reasons only.  That means the minute we've
-        # found both a readable and an unreadable path, we can bail out.
-        if (not include_changed_paths) and found_readable and found_unreadable:
-          return date, author, None, None
+      # Optimization: If our caller doesn't care about the changed
+      # paths, and we don't need them to do authz determinations, let's
+      # get outta here.
+      if self.auth is None and not include_changed_paths:
+        return date, author, msg, revprops, None
+  
+      # If we get here, then we either need the changed paths because we
+      # were asked for them, or we need them to do authorization checks.
+      #
+      # If we only need them for authorization checks, though, we
+      # won't bother generating fully populated ChangedPath items (the
+      # cost is too great).
+      fsroot = self._getroot(rev)
+      if include_changed_paths:
+        found_readable, found_unreadable, changedpaths = \
+          _get_changed_paths(fsroot)
+      else:
+        changedpaths = None
+        found_readable, found_unreadable = _simple_auth_check(fsroot)
        
-      # Okay, we've process all our paths.  Let's filter our metadata,
-      # and return the requested data.
+      # Filter our metadata where necessary, and return the requested data.
      if found_unreadable:
        msg = None
        if not found_readable:
          author = None
          date = None
-      if include_changed_paths:
-        return date, author, msg, changedpaths.values()
-      else:
-        return date, author, msg, None
+      return date, author, msg, revprops, changedpaths

    # Consult the revinfo cache first.  If we don't have cached info,
    # or our caller wants changed paths and we don't have those for
@@ -681,45 +784,55 @@ class LocalSubversionRepository(vclib.Repository):
    rev = self._getrev(rev)
    cached_info = self._revinfo_cache.get(rev)
    if not cached_info \
-       or (include_changed_paths and cached_info[3] is None):
+       or (include_changed_paths and cached_info[4] is None):
      cached_info = _revinfo_helper(rev, include_changed_paths)
      self._revinfo_cache[rev] = cached_info
-    return cached_info[0], cached_info[1], cached_info[2], cached_info[3]
+    return tuple(cached_info)
  
-  def revinfo(self, rev):
-    return self._revinfo(rev, 1) 
-  
-  def rawdiff(self, path_parts1, rev1, path_parts2, rev2, type, options={}):
-    p1 = self._getpath(path_parts1)
-    p2 = self._getpath(path_parts2)
-    r1 = self._getrev(rev1)
-    r2 = self._getrev(rev2)
-    if not vclib.check_path_access(self, path_parts1, vclib.FILE, rev1):
-      raise vclib.ItemNotFound(path_parts1)
-    if not vclib.check_path_access(self, path_parts2, vclib.FILE, rev2):
-      raise vclib.ItemNotFound(path_parts2)
-    
-    args = vclib._diff_args(type, options)
+  def _log_helper(self, path, rev, lockinfo):
+    rev_root = fs.revision_root(self.fs_ptr, rev)
+    copyfrom_rev, copyfrom_path = fs.copied_from(rev_root, path)
+    date, author, msg, revprops, changes = self._revinfo(rev)
+    if fs.is_file(rev_root, path):
+      size = fs.file_length(rev_root, path)
+    else:
+      size = None
+    return Revision(rev, date, author, msg, size, lockinfo, path,
+                    copyfrom_path and _cleanup_path(copyfrom_path),
+                    copyfrom_rev)

-    def _date_from_rev(rev):
-      date, author, msg, changes = self._revinfo(rev)
-      return date
+  def _get_history(self, path, rev, path_type, limit=0, options={}):
+    if self.youngest == 0:
+      return []

+    rev_paths = []
+    fsroot = self._getroot(rev)
+    show_all_logs = options.get('svn_show_all_dir_logs', 0)
+    if not show_all_logs:
+      # See if the path is a file or directory.
+      kind = fs.check_path(fsroot, path)
+      if kind is core.svn_node_file:
+        show_all_logs = 1
+      
+    # Instantiate a NodeHistory collector object, and use it to collect
+    # history items for PATH@REV.
+    history = NodeHistory(self.fs_ptr, show_all_logs, limit)
    try:
-      temp1 = temp_checkout(self, p1, r1)
-      temp2 = temp_checkout(self, p2, r2)
-      info1 = p1, _date_from_rev(r1), r1
-      info2 = p2, _date_from_rev(r2), r2
-      return vclib._diff_fp(temp1, temp2, info1, info2, self.diff_cmd, args)
+      repos.svn_repos_history(self.fs_ptr, path, history.add_history,
+                              1, rev, options.get('svn_cross_copies', 0))
    except core.SubversionException, e:
      _fix_subversion_exception(e)
-      if e.apr_err == core.SVN_ERR_FS_NOT_FOUND:
-        raise vclib.InvalidRevision
-      raise
+      if e.apr_err != _SVN_ERR_CEASE_INVOCATION:
+        raise

-  def isexecutable(self, path_parts, rev):
-    props = self.itemprops(path_parts, rev) # does authz-check
-    return props.has_key(core.SVN_PROP_EXECUTABLE)
+    # Now, iterate over those history items, checking for changes of
+    # location, pruning as necessitated by authz rules.
+    for hist_rev, hist_path in history:
+      path_parts = _path_parts(hist_path)
+      if not vclib.check_path_access(self, path_parts, path_type, hist_rev):
+        break
+      rev_paths.append([hist_rev, hist_path])
+    return rev_paths
  
  def _getpath(self, path_parts):
    return string.join(path_parts, '/')
@@ -728,8 +841,11 @@ class LocalSubversionRepository(vclib.Repository):
    if rev is None or rev == 'HEAD':
      return self.youngest
    try:
+      if type(rev) == type(''):
+        while rev[0] == 'r':
+          rev = rev[1:]
      rev = int(rev)
-    except ValueError:
+    except:
      raise vclib.InvalidRevision(rev)
    if (rev < 0) or (rev > self.youngest):
      raise vclib.InvalidRevision(rev)
@@ -742,7 +858,20 @@ class LocalSubversionRepository(vclib.Repository):
      r = self._fsroots[rev] = fs.revision_root(self.fs_ptr, rev)
      return r

-  ##--- custom --##
+  def _gettype(self, path, rev):
+    # Similar to itemtype(), but without the authz check.  Returns
+    # None for missing paths.
+    try:
+      kind = fs.check_path(self._getroot(rev), path)
+    except:
+      return None
+    if kind == core.svn_node_dir:
+      return vclib.DIR
+    if kind == core.svn_node_file:
+      return vclib.FILE
+    return None
+  
+  ##--- custom ---##

  def get_youngest_revision(self):
    return self.youngest
@@ -820,3 +949,32 @@ class LocalSubversionRepository(vclib.Repository):
        return peg_revision, path
    finally:
      pass
+
+  def get_symlink_target(self, path_parts, rev):
+    """Return the target of the symbolic link versioned at PATH_PARTS
+    in REV, or None if that object is not a symlink."""
+
+    path = self._getpath(path_parts)
+    rev = self._getrev(rev)
+    path_type = self.itemtype(path_parts, rev)  # does auth-check
+    fsroot = self._getroot(rev)
+
+    # Symlinks must be files with the svn:special property set on them
+    # and with file contents which read "link SOME_PATH".
+    if path_type != vclib.FILE:
+      return None
+    props = fs.node_proplist(fsroot, path)
+    if not props.has_key(core.SVN_PROP_SPECIAL):
+      return None
+    pathspec = ''
+    ### FIXME: We're being a touch sloppy here, only checking the first line
+    ### of the file.
+    stream = fs.file_contents(fsroot, path)
+    try:
+      pathspec, eof = core.svn_stream_readline(stream, '\n')
+    finally:
+      core.svn_stream_close(stream)
+    if pathspec[:5] != 'link ':
+      return None
+    return pathspec[5:]
+
--- a/lib/viewvc.py
+++ b/lib/viewvc.py
--- a/lib/win32popen.py
+++ b/lib/win32popen.py
@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2007 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/notes/releases.txt
+++ b/notes/releases.txt
@@ -27,7 +27,9 @@ numbers, and not literal):
 3.  Verify that copyright years are correct in both the license-1.html
    file and the source code.

-4.  Update and commit the 'CHANGES' file.
+4.  Update and commit the 'CHANGES' file, using any available crystal
+    balls or other forward-looking devices to take a stab at the
+    release date.

 5.  Test, test, test!  There is no automatic testsuite available.  So
    just run with permuting different `viewvc.conf' settings... and
@@ -38,50 +40,86 @@ numbers, and not literal):
    should exactly reflect what you wish to distribute and dub "the
    release".

-7.  Edit the file 'lib/viewvc.py' and remove the "-dev" suffix from
+7.  Update your release branch working copy to HEAD.
+
+       svn up
+
+8.  Edit the file 'lib/viewvc.py' and remove the "-dev" suffix from
    __version__.  The remainder should be of the form "X.Y.Z", where X,
-    Y, and Z are positive integers.  Do NOT commit this change.
+    Y, and Z are positive integers.

-8.  Update your working copy to HEAD, and tag the release:
+    *** Do NOT commit this change. ***

-       svn update
-       svn cp -m "Tag the X.Y.Z final release." . \
-                 http://viewvc.tigris.org/svn/viewvc/tags/X.Y.Z
+9.  "Peg" the contributed templates externals definition to the
+    current HEAD revision:

-9.  Go into an empty directory and run the 'make-release' script:
+       svn pedit svn:externals .
+ 
+    (squeeze "-rBASE_REV", where BASE_REV is the current HEAD revision
+    number, between 'templates-contrib' and the target URL).
+
+    *** Do NOT commit this change. ***
+
+10. Tag the release:
+
+       svn cp -m "Tag the X.Y.Z final release." . ^/tags/X.Y.Z
+
+    This will create a copy of the release branch, plus your local
+    modifications to the svn:externals property and lib/viewvc.py
+    file, to the tag location.
+
+11. Revert the changes in your working copy.
+
+       svn revert -R .
+
+12. Go into an empty directory and run the 'make-release' script:

       tools/make-release viewvc-X.Y.Z tags/X.Y.Z

-10. Verify the archive files:
+13. Verify the archive files:

       - do they have a LICENSE.html file?
       - do they have necessary include documentation?
       - do they *not* have unnecessary stuff?
       - do they install and work correctly?

-11. Upload the created archive files (tar.gz and zip) into the Files
+14. Upload the created archive files (tar.gz and zip) into the Files
    and Documents section of the Tigris.org project, and modify the
-    CHECKSUMS document there accordingly.  Also, drop a copy of the
-    archive files into the root directory of the viewvc.org website
-    (unversioned).
+    CHECKSUMS document there accordingly:

-12. On trunk, update the websites (both the viewvc.org/ and www/ ones)
-    to refer to the new release files, and copy the CHANGES for the
-    new release into trunk's CHANGES file.
+       http://viewvc.tigris.org/servlets/ProjectDocumentList?folderID=6004

-13. Edit the file 'lib/viewvc.py' again, re-adding the "-dev" suffix
-    and incrementing the patch number assigned to the __version__
-    variable, and add a new empty block in the branch's CHANGES file,
-    and commit:
+    Also, drop a copy of the archive files into the root directory of
+    the viewvc.org website (unversioned).
+
+15. Update the Tigris.org website (^/trunk/www/index.html) to refer to
+    the new release files and commit.
+
+       svn ci -m "Bump latest advertised release."
+
+16. Back on the release branch, edit the file 'lib/viewvc.py' again,
+    incrementing the patch number assigned to the __version__
+    variable.  Add a new empty block in the branch's CHANGES file.
+    Commit your changes:

       svn ci -m "Begin a new release cycle."

-14. Edit the Issue Tracker configuration options, adding a new Version
+17. Edit the Issue Tracker configuration options, adding a new Version
    for the just-released one, and a new Milestone for the next patch
    (and possibly, minor or major) release.  (For the Milestone sort
    key, use a packed integer XXYYZZ:  1.0.3 == 10003, 2.11.4 == 21104.)

-15. Write an announcement explaining all the cool new features and
-    post it to the announce@ list, to the project's News area, and to
-    other places interested in this sort of stuff, such as Freshmeat
-    (http://www.freshmeat.net).
+       http://viewvc.tigris.org/issues/editversions.cgi?component=viewvc&action=add
+       http://viewvc.tigris.org/issues/editmilestones.cgi?component=viewvc&action=add
+
+18. Send to the announce@ list a message explaining all the cool new
+    features.
+
+       http://viewvc.tigris.org/ds/viewForumSummary.do?dsForumId=4253
+
+19. Post a new release notification at Freecode.
+
+       https://freecode.com/projects/viewvc/releases/new
+
+20. Merge CHANGES for this release into the CHANGES file for newer
+    release lines and commit.
--- a/templates/docroot/styles.css
+++ b/templates/docroot/styles.css
@@ -94,9 +94,6 @@ form { margin: 0; }
 .vc_properties {
  margin: 1em 0;
 }
-.vc_properties h2 {
-  font-size: 115%;
-}


 /*** File Content Markup Styles ***/
@@ -272,3 +269,14 @@ table.vc_idiff tbody th {
 .vc_query_form {
  background-color: #e6e6e6;
 }
+
+
+/*** Warning! ***/
+.vc_warning {
+  border-width: 1px 2px 2px 2px;
+  border-color: black;
+  border-style: solid;
+  background-color: red;
+  color: white;
+  padding: 0.5em;
+}
--- a/templates/file.ezt
+++ b/templates/file.ezt
@@ -9,7 +9,11 @@
 [# ------------------------------------------------------------------------- ]

 [# setup page definitions]
-  [define page_title]Contents of /[where][end]
+  [is annotation "annotated"]
+    [define page_title]Annotation of /[where][end]
+  [else]
+    [define page_title]Contents of /[where][end]
+  [end]
  [define help_href][docroot]/help_rootview.html[end]
 [# end]

--- a/templates/include/footer.ezt
+++ b/templates/include/footer.ezt
@@ -5,7 +5,7 @@
 <table>
 <tr>
  <td>[if-any cfg.general.address]<address><a href="mailto:[cfg.general.address]">[cfg.general.address]</a></address>[else]&nbsp;[end]</td>
-  <td style="text-align: right;"><strong><a href="[help_href]">ViewVC Help</a></strong></td>
+  <td style="text-align: right;">[if-any help_href]<strong><a href="[help_href]">ViewVC Help</a></strong>[else]&nbsp;[end]</td>
 </tr>
 <tr>
  <td>Powered by <a href="http://viewvc.tigris.org/">ViewVC [vsn]</a></td>
--- a/templates/include/header.ezt
+++ b/templates/include/header.ezt
@@ -5,7 +5,7 @@
 <head>
  <title>[if-any rootname][[][rootname]][else]ViewVC[end] [page_title]</title>
  <meta name="generator" content="ViewVC [vsn]" />
-  <link rel="shortcut icon" href="[docroot]/images/favicon.ico" type="image/x-icon" />
+  <link rel="shortcut icon" href="[docroot]/images/favicon.ico" />
  <link rel="stylesheet" href="[docroot]/styles.css" type="text/css" />
  [if-any rss_href]<link rel="alternate" type="application/rss+xml" title="RSS [[][rootname]][where]" href="[rss_href]" />[end]
 </head>
--- a/templates/query.ezt
+++ b/templates/query.ezt
@@ -4,13 +4,13 @@
 <!-- ViewVC :: http://www.viewvc.org/ -->
 <head>
  <title>Checkin Database Query</title>
-  <link rel="stylesheet" href="[docroot]/styles.css" type="text/css" />
+  [if-any docroot]<link rel="stylesheet" href="[docroot]/styles.css" type="text/css" />[end]
 </head>

 <body>

 [# setup page definitions]
-  [define help_href][docroot]/help_query.html[end]
+  [define help_href][if-any docroot][docroot]/help_query.html[end][end]
 [# end]

  <p> 
@@ -158,7 +158,15 @@
 [is query "skipped"]
 [else]
 <p><strong>[num_commits]</strong> matches found.</p>
-
+[if-any row_limit_reached]
+<p class="vc_warning">WARNING:  These query results have been
+   artificially limited by an administrative threshold value and do
+   <em>not</em> represent the entirety of the data set which matches
+   the query.  Consider modifying your query to be more specific</a>,
+   using your version control tool's query capabilities, or asking
+   your administrator to raise the database response size
+   threshold.</p>
+[end]
 [if-any commits]
 <table cellspacing="0" cellpadding="2">
 <thead>
@@ -202,21 +210,21 @@
      </td>

 [# uncommment, if you want a separate Description column:
-      {if-index commits.files first{
+      {if-index commits.files first}
        <td style="vertical-align:top;" rowspan="{commits.num_files}">
-          {commits.log}
+          {if-any commits.log}{commits.log}{else}&nbsp;{end}
        </td>
      {end}

   (substitute brackets for the braces)
 ]
    </tr>
-[# and also take the following out in the "Description column"-case:]
+[# and also take the following out in the "Description column" case:]
      [if-index commits.files last]
 	<tr class="vc_row_[if-index commits even]even[else]odd[end]">
 	  <td>&nbsp;</td>
 	  <td colspan="5"><strong>Log:</strong><br />
-	    <pre class="vc_log">[commits.log]</pre></td>
+	    <pre class="vc_log">[if-any commits.log][commits.log][else]&nbsp;[end]</pre></td>
 	</tr>
      [end]
 [# ---]
--- a/templates/query_results.ezt
+++ b/templates/query_results.ezt
@@ -7,6 +7,15 @@

 <p><strong>[english_query]</strong></p>
 [# <!-- {sql} --> ]
+[if-any row_limit_reached]
+<p class="vc_warning">WARNING:  These query results have been
+   artificially limited by an administrative threshold value and do
+   <em>not</em> represent the entirety of the data set which matches
+   the query.  Consider <a href="[queryform_href]">modifying your
+   query to be more specific</a>, using your version control tool's
+   query capabilities, or asking your administrator to raise the
+   database response size threshold.</p>
+[end]
 <p><a href="[queryform_href]">Modify query</a></p>
 <p><a href="[backout_href]">Show commands which could be used to back out these changes</a></p>

--- a/templates/revision.ezt
+++ b/templates/revision.ezt
@@ -6,6 +6,7 @@
 [include "include/header.ezt" "revision"]

 <hr />
+
 <form method="get" action="[jump_rev_action]">
 <table cellspacing="1" cellpadding="2" style="width: auto;">
  <tr align="left">
@@ -42,7 +43,7 @@

 <hr />

-<p><strong>Changed paths:</strong></p>
+<h2>Changed paths</h2>

 <table cellspacing="1" cellpadding="2">
  <thead>
@@ -77,4 +78,5 @@
  </tbody>
 </table>

+[include "include/props.ezt"]
 [include "include/footer.ezt"]
--- a/templates/roots.ezt
+++ b/templates/roots.ezt
@@ -9,6 +9,12 @@
 <thead>
 <tr>
  <th class="vc_header_sort">Name</th>
+[is cfg.options.show_roots_lastmod "1"]
+  <th class="vc_header">Revision</th>
+  <th class="vc_header">Age</th>
+  <th class="vc_header">Author</th>
+  <th class="vc_header">Log</th>
+[end]
 </tr>
 </thead>

@@ -20,6 +26,12 @@
      <img src="[docroot]/images/dir.png" alt="" class="vc_icon" />
      [roots.name]</a>
    </td>
+[is cfg.options.show_roots_lastmod "1"]
+    <td style="width:20">&nbsp;[if-any roots.log_href]<a href="[roots.log_href]">[roots.rev]</a>[else][roots.rev][end]</td>
+    <td style="width:20">&nbsp;[roots.ago]</td>
+    <td style="width:20">&nbsp;[roots.author]</td>
+    <td style="width:20">&nbsp;[roots.short_log]</td>
+[end]
  </tr>
 [end]
 </tbody>
--- a/templates/rss.ezt
+++ b/templates/rss.ezt
@@ -7,11 +7,11 @@
    <description>[is roottype "svn"]Subversion[else]CVS[end] commits to the[if-any where] [where] directory of the[end] [rootname] repository</description>

 	[for commits]<item>
-        <title>[if-any commits.rev][commits.rev]: [end][[commits.author]] [commits.short_log]</title>
+        <title>[if-any commits.rev][commits.rev]: [end][[commits.author]] [format "xml"][commits.short_log][end]</title>
 		[if-any commits.rss_url]<link>[commits.rss_url]</link>[end]
 		<author>[commits.author]</author>
 		<pubDate>[if-any commits.rss_date][commits.rss_date][else](unknown date)[end]</pubDate>
-		<description>&lt;pre&gt;[format "xml"][commits.log][end]&lt;/pre&gt;</description>
+		<description>&#x3C;pre&#x3E;[format "xml"][format "html"][commits.log][end][end]&#x3C;/pre&#x3E;</description>
    </item>[end]
 </channel>	
 </rss>
--- a/tools/make-release
+++ b/tools/make-release
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 1999-2007 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/tparse/tparse.cpp
+++ b/tparse/tparse.cpp
@@ -1,5 +1,5 @@
 /*
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/tparse/tparse.h
+++ b/tparse/tparse.h
@@ -1,5 +1,5 @@
 /*
-# Copyright (C) 1999-2007 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/tparse/tparsemodule.cpp
+++ b/tparse/tparsemodule.cpp
@@ -1,5 +1,5 @@
 /*
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/tparse/tparsemodule.h
+++ b/tparse/tparsemodule.h
@@ -1,5 +1,5 @@
 /*
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
--- a/8
+++ b/8
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*- Mode: python -*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -49,6 +49,10 @@ CLEAN_MODE = None
 FILE_INFO_LIST = [
    ("bin/cgi/viewvc.cgi",        "bin/cgi/viewvc.cgi",        0755, 1, 0, 0),
    ("bin/cgi/query.cgi",         "bin/cgi/query.cgi",         0755, 1, 0, 0),
+    ("bin/wsgi/viewvc.wsgi",      "bin/wsgi/viewvc.wsgi",      0755, 1, 0, 0),
+    ("bin/wsgi/viewvc.fcgi",      "bin/wsgi/viewvc.fcgi",      0755, 1, 0, 0),
+    ("bin/wsgi/query.wsgi",       "bin/wsgi/query.wsgi",       0755, 1, 0, 0),
+    ("bin/wsgi/query.fcgi",       "bin/wsgi/query.fcgi",       0755, 1, 0, 0),
    ("bin/mod_python/viewvc.py",  "bin/mod_python/viewvc.py",  0755, 1, 0, 0),
    ("bin/mod_python/query.py",   "bin/mod_python/query.py",   0755, 1, 0, 0),
    ("bin/mod_python/handler.py", "bin/mod_python/handler.py", 0755, 1, 0, 0),
@@ -205,6 +209,8 @@ def install_file(src_path, dst_path, mode, subst_path_vars,
                        temp = raw_input("Do you want to [O]verwrite, [D]o "
                                         "not overwrite, or [V]iew "
                                         "differences? ")
+                    if len(temp) == 0:
+                        continue
                    temp = string.lower(temp[0])
                    if temp == "v" and ext not in BINARY_FILE_EXTS:
                        print """