At 20-01-2004 14:02, Tobias Ringstrom wrote:
>Barry Scott wrote:
>>With the subversion client pb->realmstring will be setup by the code in
>>ssl_server_trust_file_first_credentials.
>>But the svncpp code has its own provider that implements the
>>first_credentials callback but not the save_credentials callback.
>
>I've just looked at the svncpp code, and it looks like you're installing
>the ssl_server_trust and ssl_client_cert_pw prompt providers before the
>corresponding file providers. That means that the prompt functions will
>always be called, even if there are cached credentials available. If you
>fix the ordering problem, you will also work around the auth bug you reported.
Thanks for taking the trouble to look at the svncpp code.
Reordering the providers to put the file ones first fixes the crash.
I'll update the svncpp patch for 0.36.0 support to include this fix.
>There is no doubt that you did find a bug in the authentication design,
>though. Personally I'd like to have it fixed because it's not good to have
>a broken design, and the risk is pretty small. It will have to be voted
>for though, so anything can happen. But even if that bug is fixed, you
>need to change the order of the providers in svncpp.
Yes it would be good to fix the design bug.
Barry
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Jan 20 22:37:52 2004