On Mar 6, 2005, at 12:15 PM, Max Bowsher wrote:
> Stephen Davis wrote:
>> I was playing around with svnserve and created a scenario that seems
>> like a bug. Admittedly, it's contrived. I'll file an issue if
>> confirmed as a bug.
>> # assuming a repo at /svn
>> # create svnserve.conf like so:
>> [general]
>> password-db = users
>> realm = soundgeek
>> # anonymous users can do nothing
>> anon-access = none
>> # authenticated users can both read and write
>> auth-access = write
>> # create a users file like so (note that user1 and user2 have the same
>> password):
>> [users]
>> user1 = passw
>> user2 = passw
>> # run svnserve
>> svnserve -d
>> # co repo as user1
>> svn co svn://localhost/svn user1 --username user1
>> < enter password >
>> # co repo as user2
>> svn co svn://localhost/svn user2 --username user2
>> *** no password is requested and the checkout occurs ***
>> If I look in the auth/svn.simple/ file for this realm, it has been
>> updated with user2's username.
>> K 8
>> password
>> V 5
>> passw
>> K 15
>> svn:realmstring
>> V 32
>> <svn://localhost:3690> soundgeek
>> K 8
>> username
>> V 5
>> user2
>> END
>> Even though the passwords are the same, should the auth system be
>> picking up the cached password from user1? Maybe this is by design
>> but
>> it seems kind of odd to me.
>
> Seems like a bug to me - a fairly minor bug, but a bug nonetheless.
> Please go ahead and file.
http://subversion.tigris.org/issues/show_bug.cgi?id=2242
stephen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Mar 7 00:50:18 2005