[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: r30716 - in branches/dont-save-plaintext-passwords-by-default/subversion: include libsvn_subr

From: David Glasser <glasser_at_davidglasser.net>
Date: Sat, 19 Apr 2008 17:11:38 -0700

Yay!

By the way, I guess you were copying what was already there, but
what's up with the error code SVN_ERR_RA_DAV_INVALID_CONFIG_VALUE?

--dave

On Sat, Apr 19, 2008 at 2:49 PM, <stsp_at_tigris.org> wrote:
> Author: stsp
> Date: Sat Apr 19 14:48:59 2008
> New Revision: 30716
>
> Log:
> On the dont-save-plaintext-passwords-by-default branch, make
> store-plaintext-password a 3-way option: 'yes', 'no', or 'prompt'.
> Default to 'prompt'.
>
> * subversion/include/svn_config.h
> (SVN_CONFIG_PROMPT): New constant.
> (svn_config_get_bool2): Undeclare.
> (svn_config_get_bool): Restore docstring.
> (svn_config_get_yes_no_prompt): Declare.
>
> * subversion/include/svn_auth.h
> (SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS): Update docstring to
> reflect that this is now a 3-way option.
> (SVN_AUTH_PARAM_DONT_STORE_PLAINTEXT_PASSWORDS): Remove.
>
> * subversion/libsvn_subr/config_file.c
> (svn_config_ensure): Update default configuration file to reflect
> new semantics of store-plaintext-passwords.
>
> * subversion/libsvn_subr/config.c
> (svn_config_get_bool2): Remove.
> (svn_config_get_bool): Restore.
> (svn_config_get_yes_no_prompt): New function.
>
> * subversion/libsvn_subr/cmdline.c
> (svn_cmdline_setup_auth_baton): Use svn_config_get_yes_no_prompt
> instead of svn_config_get_bool2.
>
> * subversion/libsvn_subr/simple_providers.c
> (simple_save_creds_helper): Heed new semantics of
> SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS. Improve the comment
> regarding clients not implementing the prompt callback.
>
> Modified:
> branches/dont-save-plaintext-passwords-by-default/subversion/include/svn_auth.h
> branches/dont-save-plaintext-passwords-by-default/subversion/include/svn_config.h
> branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/cmdline.c
> branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/config.c
> branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/config_file.c
> branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/simple_providers.c
>
> Modified: branches/dont-save-plaintext-passwords-by-default/subversion/include/svn_auth.h
> URL: http://svn.collab.net/viewvc/svn/branches/dont-save-plaintext-passwords-by-default/subversion/include/svn_auth.h?pathrev=30716&r1=30715&r2=30716
> ==============================================================================
> --- branches/dont-save-plaintext-passwords-by-default/subversion/include/svn_auth.h Sat Apr 19 13:15:59 2008 (r30715)
> +++ branches/dont-save-plaintext-passwords-by-default/subversion/include/svn_auth.h Sat Apr 19 14:48:59 2008 (r30716)
> @@ -550,21 +550,12 @@ const void * svn_auth_get_parameter(svn_
> #define SVN_AUTH_PARAM_DONT_STORE_PASSWORDS SVN_AUTH_PARAM_PREFIX \
> "dont-store-passwords"
>
> -/** @brief The application wants providers to save passwords to disk in
> - * plaintext. Property value is irrelevant; only property's existence
> - * matters. */
> +/** @brief Indicates whether providers may save passwords to disk in
> + * plaintext. Property value can be either SVN_CONFIG_TRUE,
> + * SVN_CONFIG_FALSE, or SVN_CONFIG_PROMPT. */
> #define SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS SVN_AUTH_PARAM_PREFIX \
> "store-plaintext-passwords"
>
> -/** @brief The application does not want providers to save passwords to
> - * disk in plaintext. Property value is irrelevant; only property's existence
> - * matters. This overrides SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS.
> - *
> - * We use two parameters because we need to know whether there is an
> - * explicit setting in the configuration file or not. */
> -#define SVN_AUTH_PARAM_DONT_STORE_PLAINTEXT_PASSWORDS SVN_AUTH_PARAM_PREFIX \
> - "dont-store-plaintext-passwords"
> -
> /** @brief The application doesn't want any providers to save credentials
> * to disk. Property value is irrelevant; only property's existence
> * matters. */
>
> Modified: branches/dont-save-plaintext-passwords-by-default/subversion/include/svn_config.h
> URL: http://svn.collab.net/viewvc/svn/branches/dont-save-plaintext-passwords-by-default/subversion/include/svn_config.h?pathrev=30716&r1=30715&r2=30716
> ==============================================================================
> --- branches/dont-save-plaintext-passwords-by-default/subversion/include/svn_config.h Sat Apr 19 13:15:59 2008 (r30715)
> +++ branches/dont-save-plaintext-passwords-by-default/subversion/include/svn_config.h Sat Apr 19 14:48:59 2008 (r30716)
> @@ -136,8 +136,9 @@ typedef struct svn_config_t svn_config_t
> SVN_CONFIG__DEFAULT_GLOBAL_IGNORES_LINE_1 " " \
> SVN_CONFIG__DEFAULT_GLOBAL_IGNORES_LINE_2
>
> -#define SVN_CONFIG_TRUE "TRUE"
> -#define SVN_CONFIG_FALSE "FALSE"
> +#define SVN_CONFIG_TRUE "TRUE"
> +#define SVN_CONFIG_FALSE "FALSE"
> +#define SVN_CONFIG_PROMPT "PROMPT"
>
>
> /** Read configuration information from the standard sources and merge it
> @@ -214,19 +215,6 @@ void svn_config_set(svn_config_t *cfg,
> * Parses the option as a boolean value. The recognized representations
> * are 'TRUE'/'FALSE', 'yes'/'no', 'on'/'off', '1'/'0'; case does not
> * matter. Returns an error if the option doesn't contain a known string.
> - *
> - * @a *default_value_was_used is non-NULL, it is set to TRUE if the option
> - * was not found in the configuration file, and set to FALSE if it was.
> - *
> - * @since New in 1.6
> - */
> -svn_error_t *svn_config_get_bool2(svn_config_t *cfg, svn_boolean_t *valuep,
> - const char *section, const char *option,
> - svn_boolean_t default_value,
> - svn_boolean_t *default_value_was_used);
> -
> -/** Like svn_config_get_bool2(), but without the ability to determine
> - * whether the supplied default value was used.
> */
> svn_error_t *svn_config_get_bool(svn_config_t *cfg, svn_boolean_t *valuep,
> const char *section, const char *option,
> @@ -240,6 +228,23 @@ void svn_config_set_bool(svn_config_t *c
> const char *section, const char *option,
> svn_boolean_t value);
>
> +/** Like svn_config_get(), but for values which can be either
> + * 'yes', 'no', or 'prompt'.
> + *
> + * Parses the option, and sets *valuep to either SVN_CONFIG_TRUE,
> + * SVN_CONFIG_FALSE, or SVN_CONFIG_PROMPT. The recognized representations
> + * are 'TRUE'/'FALSE', 'yes'/'no', 'on'/'off', '1'/'0', and 'PROMPT';
> + * case does not matter.
> + *
> + * Returns an error if the option doesn't contain a known string.
> + *
> + * @since New in 1.6.
> + */
> +svn_error_t *
> +svn_config_get_yes_no_prompt(svn_config_t *cfg, const char **valuep,
> + const char *section, const char *option,
> + const char* default_value);
> +
> /** Similar to @c svn_config_section_enumerator2_t, but is not
> * provided with a memory pool argument.
> *
>
> Modified: branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/cmdline.c
> URL: http://svn.collab.net/viewvc/svn/branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/cmdline.c?pathrev=30716&r1=30715&r2=30716
> ==============================================================================
> --- branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/cmdline.c Sat Apr 19 13:15:59 2008 (r30715)
> +++ branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/cmdline.c Sat Apr 19 14:48:59 2008 (r30716)
> @@ -365,10 +365,9 @@ svn_cmdline_setup_auth_baton(svn_auth_ba
> apr_pool_t *pool)
> {
> svn_boolean_t store_password_val = TRUE;
> - svn_boolean_t store_plaintext_password_val = FALSE;
> + const char *store_plaintext_password_val;
> svn_boolean_t store_auth_creds_val = TRUE;
> svn_auth_provider_object_t *provider;
> - svn_boolean_t default_value_was_used = FALSE;
>
> /* The whole list of registered providers */
> apr_array_header_t *providers
> @@ -473,23 +472,14 @@ svn_cmdline_setup_auth_baton(svn_auth_ba
> svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_DONT_STORE_PASSWORDS, "");
>
> /* Determine whether storing passwords in plaintext has been
> - * explicitly allowed or denied. */
> - SVN_ERR(svn_config_get_bool2(cfg, &store_plaintext_password_val,
> - SVN_CONFIG_SECTION_AUTH,
> - SVN_CONFIG_OPTION_STORE_PLAINTEXT_PASSWORDS,
> - FALSE, /* <-- arbitrary */
> - &default_value_was_used));
> + * explicitly allowed or denied, or whether we should prompt
> + * the user about it. */
> + SVN_ERR(svn_config_get_yes_no_prompt
> + (cfg, &store_plaintext_password_val, SVN_CONFIG_SECTION_AUTH,
> + SVN_CONFIG_OPTION_STORE_PLAINTEXT_PASSWORDS, SVN_CONFIG_PROMPT));
>
> - if (! default_value_was_used)
> - {
> - if (store_plaintext_password_val)
> - svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS,
> - "");
> - else
> - svn_auth_set_parameter(*ab,
> - SVN_AUTH_PARAM_DONT_STORE_PLAINTEXT_PASSWORDS,
> - "");
> - }
> + svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS,
> + store_plaintext_password_val);
>
> /* Determine whether we are allowed to write to the auth/ area. */
> SVN_ERR(svn_config_get_bool(cfg, &store_auth_creds_val,
>
> Modified: branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/config.c
> URL: http://svn.collab.net/viewvc/svn/branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/config.c?pathrev=30716&r1=30715&r2=30716
> ==============================================================================
> --- branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/config.c Sat Apr 19 13:15:59 2008 (r30715)
> +++ branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/config.c Sat Apr 19 14:48:59 2008 (r30716)
> @@ -609,23 +609,15 @@ svn_config_set(svn_config_t *cfg,
>
>
> svn_error_t *
> -svn_config_get_bool2(svn_config_t *cfg, svn_boolean_t *valuep,
> - const char *section, const char *option,
> - svn_boolean_t default_value,
> - svn_boolean_t *default_value_was_used)
> +svn_config_get_bool(svn_config_t *cfg, svn_boolean_t *valuep,
> + const char *section, const char *option,
> + svn_boolean_t default_value)
> {
> const char *tmp_value;
>
> - if (default_value_was_used)
> - *default_value_was_used = FALSE;
> -
> svn_config_get(cfg, &tmp_value, section, option, NULL);
> if (tmp_value == NULL)
> - {
> - *valuep = default_value;
> - if (default_value_was_used)
> - *default_value_was_used = TRUE;
> - }
> + *valuep = default_value;
> else if (0 == svn_cstring_casecmp(tmp_value, SVN_CONFIG_TRUE)
> || 0 == svn_cstring_casecmp(tmp_value, "yes")
> || 0 == svn_cstring_casecmp(tmp_value, "on")
> @@ -644,15 +636,6 @@ svn_config_get_bool2(svn_config_t *cfg,
> return SVN_NO_ERROR;
> }
>
> -svn_error_t *
> -svn_config_get_bool(svn_config_t *cfg, svn_boolean_t *valuep,
> - const char *section, const char *option,
> - svn_boolean_t default_value)
> -{
> - svn_boolean_t dummy;
> - return svn_config_get_bool2(cfg, valuep, section, option,
> - default_value, &dummy);
> -}
>
>
> void
> @@ -664,6 +647,36 @@ svn_config_set_bool(svn_config_t *cfg,
> (value ? SVN_CONFIG_TRUE : SVN_CONFIG_FALSE));
> }
>
> +svn_error_t *
> +svn_config_get_yes_no_prompt(svn_config_t *cfg, const char **valuep,
> + const char *section, const char *option,
> + const char* default_value)
> +{
> + const char *tmp_value;
> +
> + svn_config_get(cfg, &tmp_value, section, option, NULL);
> + if (tmp_value == NULL)
> + *valuep = default_value;
> + else if (0 == svn_cstring_casecmp(tmp_value, SVN_CONFIG_TRUE)
> + || 0 == svn_cstring_casecmp(tmp_value, "yes")
> + || 0 == svn_cstring_casecmp(tmp_value, "on")
> + || 0 == strcmp(tmp_value, "1"))
> + *valuep = SVN_CONFIG_TRUE;
> + else if (0 == svn_cstring_casecmp(tmp_value, SVN_CONFIG_FALSE)
> + || 0 == svn_cstring_casecmp(tmp_value, "no")
> + || 0 == svn_cstring_casecmp(tmp_value, "off")
> + || 0 == strcmp(tmp_value, "0"))
> + *valuep = SVN_CONFIG_FALSE;
> + else if (0 == svn_cstring_casecmp(tmp_value, SVN_CONFIG_PROMPT))
> + *valuep = SVN_CONFIG_PROMPT;
> + else
> + return svn_error_createf
> + (SVN_ERR_RA_DAV_INVALID_CONFIG_VALUE, NULL,
> + _("Config error: invalid value '%s' for option '%s'"),
> + tmp_value, option);
> +
> + return SVN_NO_ERROR;
> +}
>
>
> int
>
> Modified: branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/config_file.c
> URL: http://svn.collab.net/viewvc/svn/branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/config_file.c?pathrev=30716&r1=30715&r2=30716
> ==============================================================================
> --- branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/config_file.c Sat Apr 19 13:15:59 2008 (r30715)
> +++ branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/config_file.c Sat Apr 19 14:48:59 2008 (r30716)
> @@ -901,18 +901,20 @@ svn_config_ensure(const char *config_dir
> "[auth]" NL
> "### Set store-passwords to 'no' to avoid storing passwords in the" NL
> "### auth/ area of your config directory. It defaults to 'yes'," NL
> - "### but note that Subversion will never save your password in" NL
> - "### plain-text unless you tell it to (see below)." NL
> + "### but Subversion will never save your password to disk in" NL
> + "### plaintext unless you tell it to (see below)." NL
> "### Note that this option only prevents saving of *new* passwords;" NL
> "### it doesn't invalidate existing passwords. (To do that, remove" NL
> "### the cache files by hand as described in the Subversion book.)" NL
> "# store-passwords = no" NL
> - "### Set store-plaintext-passwords to 'yes' or 'no' to avoid being" NL
> - "### prompted about storing plain-text passwords in the auth/" NL
> - "### area of your config directory. If store-passwords (see above)" NL
> - "### is set to 'no', this option has no effect." NL
> + "### Set store-plaintext-passwords to 'no' to avoid storing" NL
> + "### passwords in unencrypted form in the auth/ area of your config" NL
> + "### directory. Set it to 'yes' to allow Subversion to store" NL
> + "### unencrypted passwords in the auth/ area. The default is" NL
> + "### 'prompt', which means that Subversion will ask you before" NL
> + "### saving a password to disk in unencrypted form. Note that" NL
> + "### this option has no effect if 'store-passwords' is set to 'no'." NL
> "# store-plaintext-passwords = no" NL
> - "# store-plaintext-passwords = yes" NL
> "### Set store-auth-creds to 'no' to avoid storing any subversion" NL
> "### credentials in the auth/ area of your config directory." NL
> "### It defaults to 'yes'. Note that this option only prevents" NL
>
> Modified: branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/simple_providers.c
> URL: http://svn.collab.net/viewvc/svn/branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/simple_providers.c?pathrev=30716&r1=30715&r2=30716
> ==============================================================================
> --- branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/simple_providers.c Sat Apr 19 13:15:59 2008 (r30715)
> +++ branches/dont-save-plaintext-passwords-by-default/subversion/libsvn_subr/simple_providers.c Sat Apr 19 14:48:59 2008 (r30716)
> @@ -250,10 +250,6 @@ simple_save_creds_helper(svn_boolean_t *
> apr_hash_get(parameters,
> SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS,
> APR_HASH_KEY_STRING);
> - const char *dont_store_plaintext_passwords =
> - apr_hash_get(parameters,
> - SVN_AUTH_PARAM_DONT_STORE_PLAINTEXT_PASSWORDS,
> - APR_HASH_KEY_STRING);
> svn_boolean_t non_interactive = apr_hash_get(parameters,
> SVN_AUTH_PARAM_NON_INTERACTIVE,
> APR_HASH_KEY_STRING) != NULL;
> @@ -290,25 +286,45 @@ simple_save_creds_helper(svn_boolean_t *
> }
> else
> {
> - if (! dont_store_plaintext_passwords && ! store_plaintext_passwords)
> + if (svn_cstring_casecmp(store_plaintext_passwords,
> + SVN_CONFIG_PROMPT) == 0)
> {
> - /* We have no information from the configuration file whether
> - * saving unencrypted is allowed. Prompt the user. */
> + /* TODO: We might want to default to not storing if the
> + * prompt callback is NULL, i.e. have may_save_plaintext
> + * default to FALSE here, in order to force clients to
> + * implement the callback.
> + *
> + * This would change the semantics of the old API though.
> + *
> + * So for now, clients that don't implement the callback
> + * cause unencrypted passwords to be stored by default.
> + * Needless to say, our own client is sane, but who knows
> + * what other clients are doing. */
> svn_boolean_t may_save_plaintext = TRUE;
> - /* TODO: At some point, we might want to default to not
> - * storing if the callback is NULL. */
> +
> if (b->plaintext_prompt_func)
> SVN_ERR((*b->plaintext_prompt_func)(&may_save_plaintext,
> b->plaintext_prompt_baton,
> pool));
> may_save_password = may_save_plaintext;
> }
> + else if (svn_cstring_casecmp(store_plaintext_passwords,
> + SVN_CONFIG_FALSE) == 0)
> + {
> + may_save_password = FALSE;
> + }
> + else if (svn_cstring_casecmp(store_plaintext_passwords,
> + SVN_CONFIG_TRUE) == 0)
> + {
> + may_save_password = TRUE;
> + }
> else
> {
> - /* dont_store_plaintext_passwords overrides
> - * store_plaintext_passwords */
> - may_save_password = (dont_store_plaintext_passwords
> - ? FALSE : TRUE);
> + return svn_error_createf
> + (SVN_ERR_RA_DAV_INVALID_CONFIG_VALUE, NULL,
> + _("Config error: invalid value '%s' for option '%s'"),
> + store_plaintext_passwords,
> + SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS);
> }
> }
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: svn-unsubscribe_at_subversion.tigris.org
> For additional commands, e-mail: svn-help_at_subversion.tigris.org
>
>

-- 
David Glasser | glasser@davidglasser.net | http://www.davidglasser.net/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-04-20 02:11:52 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.