[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: r30723 - in branches/dont-save-plaintext-passwords-by-default: . subversion/include subversion/libsvn_subr subversion/svn

From: Karl Fogel <kfogel_at_red-bean.com>
Date: Tue, 22 Apr 2008 14:33:18 -0400

Stefan Sperling <stsp_at_elego.de> writes:
> I will deprecate the old location in the comments, like this:
> "[auth]" NL
> "### Set store-passwords to 'no' to avoid storing passwords in the" NL
> "### auth/ area of your config directory. It defaults to 'yes'," NL
> "### but Subversion will never save your password to disk in" NL
> "### plaintext unless you tell it to (see below)." NL
> "### Note that this option only prevents saving of *new* passwords;" NL
> "### it doesn't invalidate existing passwords. (To do that, remove" NL
> "### the cache files by hand as described in the Subversion book.)" NL
> + "### NOTE: This option can now be specified in the 'servers' file" NL
> + "### in your config directory. This location for this option has" NL
> + "### been deprecated. Anything specified here is overridden by" NL
> + "### settings specified in the 'servers' file." NL
> "# store-passwords = no" NL

+1, but put the deprecation notice at the top of the block, so people
see it and then know that everything they read after that is about
something deprecated anyway.

> No, the code enforces this. But note that having all the [auth]
> settings in 'servers' makes much more sense anyway, because
> there, they can be configured on a per-server basis.
> It also aligns much more naturally with the layering, since
> authentication is done only if the RA layer is entered anyway,
> which has always been getting its configuration from 'servers'.
> The [auth] section in 'config' was a mistake, it would have
> been much more natural to put it in 'servers' in the first place.

Okay, I'm convinced.

Might be good to do this deprecation/move on a separate branch, merge
that to trunk, then incorporate into the dont-save-plaintext branch and
DTRT. They're kind of separate changes, I think.

To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-04-22 20:33:45 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.