[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

dont-save-plaintext-passwords-by-default branch is done

From: Stefan Sperling <stsp_at_elego.de>
Date: Mon, 21 Apr 2008 22:05:01 +0200


from my point of view, the dont-save-plaintext-passwords-by-default
branch is done. Many, many thanks to everyone who contributed helpful
feedback and suggestions, especially to Daniel Shahaf, Mark Phippard,
David Glasser and Karl Fogel. Without these guys this branch wouldn't
be where its at now.

Summary of the functionality implemented:

  Add a 'store-plaintext-passwords' option, which can be set to
  'yes', 'no', or 'ask' (which is the default). If the option
  is set to 'ask', ask the user before saving plaintext passwords
  to disk. This is done from a callback that should be implemented
  by all clients.
  If a client does not implement the callback, and does not provide
  an explicit default value, we default to storing plaintext passwords.
  I don't like this, but it's a compromise because we don't really want
  the semantics of the old API to change retrospectively.
  We can, however, change this default anytime by tweaking a single
  line of code, should we decide to do so. The old interfaces have
  been deprecated.

  Provide an implementation of the callback for our command line
  client, which prints a warning and a prompt, which looks like this:

  Authentication realm: <svn://localhost:3690> My First Repository
  Username: harry
  Password for 'harry':
  ATTENTION! Your password is going to be stored to disk unencrypted!
  You can get rid of this warning by editing /home/stsp/.subversion/config
  and setting 'store-plaintext-passwords' to either 'yes' or 'no'.
  Store password unencrypted (yes/no)?
  The option can be specified both in the ~/.subversion/config
  file (global default), and the ~/.subversion/servers file,
  where the global default can be overridden on a per-server basis.
  The option is ignored if it occurs in the [global] section of
  the servers file, to avoid ambiguous global defaults.

Please consult the log messages of the branch for detailed list
of changes:

  svn log --stop-on-copy \

You can get the diff like this:

  svn diff http://svn.collab.net/repos/svn/trunk@30726 \

I'd like to merge this into trunk, but will wait patiently for a
few +1's before doing so. Since this chance has been quite
controversial, I want to make sure we have something here that
is accepted by a large majority of the community.


Stefan Sperling <stsp_at_elego.de>                    Software Monkey
German law requires the following banner :(
elego Software Solutions GmbH                            HRB 77719
Gustav-Meyer-Allee 25, Gebaeude 12        Tel:  +49 30 23 45 86 96 
13355 Berlin                              Fax:  +49 30 23 45 86 95
http://www.elego.de                               CEO: Olaf Wagner
Store password unencrypted (yes/no)? No

  • application/pgp-signature attachment: stored
Received on 2008-04-22 08:32:30 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.