[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svncpp crash in ssl_server_trust_file_save_credentials

From: Tobias Ringstrom <tobias_at_ringstrom.mine.nu>
Date: 2004-01-20 15:02:09 CET

Barry Scott wrote:
> With the subversion client pb->realmstring will be setup by the code in
> ssl_server_trust_file_first_credentials.
>
> But the svncpp code has its own provider that implements the
> first_credentials callback but not the save_credentials callback.

I've just looked at the svncpp code, and it looks like you're installing
the ssl_server_trust and ssl_client_cert_pw prompt providers before the
corresponding file providers. That means that the prompt functions will
always be called, even if there are cached credentials available. If you
fix the ordering problem, you will also work around the auth bug you
reported.

There is no doubt that you did find a bug in the authentication design,
though. Personally I'd like to have it fixed because it's not good to
have a broken design, and the risk is pretty small. It will have to be
voted for though, so anything can happen. But even if that bug is fixed,
you need to change the order of the providers in svncpp.

/Tobias

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Jan 20 15:02:48 2004

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.