[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: r30723 - in branches/dont-save-plaintext-passwords-by-default: . subversion/include subversion/libsvn_subr subversion/svn

From: Stefan Sperling <stsp_at_elego.de>
Date: Tue, 22 Apr 2008 23:36:24 +0200

On Tue, Apr 22, 2008 at 02:33:18PM -0400, Karl Fogel wrote:
> Stefan Sperling <stsp_at_elego.de> writes:
> > I will deprecate the old location in the comments, like this:
> >
> > "[auth]" NL
> > "### Set store-passwords to 'no' to avoid storing passwords in the" NL
> > "### auth/ area of your config directory. It defaults to 'yes'," NL
> > "### but Subversion will never save your password to disk in" NL
> > "### plaintext unless you tell it to (see below)." NL
> > "### Note that this option only prevents saving of *new* passwords;" NL
> > "### it doesn't invalidate existing passwords. (To do that, remove" NL
> > "### the cache files by hand as described in the Subversion book.)" NL
> > + "### NOTE: This option can now be specified in the 'servers' file" NL
> > + "### in your config directory. This location for this option has" NL
> > + "### been deprecated. Anything specified here is overridden by" NL
> > + "### settings specified in the 'servers' file." NL
> > "# store-passwords = no" NL
>
> +1, but put the deprecation notice at the top of the block, so people
> see it and then know that everything they read after that is about
> something deprecated anyway.

Yes, that's a good idea.

> > No, the code enforces this. But note that having all the [auth]
> > settings in 'servers' makes much more sense anyway, because
> > there, they can be configured on a per-server basis.
> >
> > It also aligns much more naturally with the layering, since
> > authentication is done only if the RA layer is entered anyway,
> > which has always been getting its configuration from 'servers'.
> >
> > The [auth] section in 'config' was a mistake, it would have
> > been much more natural to put it in 'servers' in the first place.
>
> Okay, I'm convinced.
>
> Might be good to do this deprecation/move on a separate branch, merge
> that to trunk, then incorporate into the dont-save-plaintext branch and
> DTRT. They're kind of separate changes, I think.

I've already done the move in my branch WC now, basically about to
commit the change, and I'm too lazy right now to untangle these two
admittedly separate topics. I hope that is OK? :)

-- 
Stefan Sperling <stsp_at_elego.de>                    Software Monkey
 
German law requires the following banner :(
elego Software Solutions GmbH                            HRB 77719
Gustav-Meyer-Allee 25, Gebaeude 12        Tel:  +49 30 23 45 86 96 
13355 Berlin                              Fax:  +49 30 23 45 86 95
http://www.elego.de                               CEO: Olaf Wagner
 
Store password unencrypted (yes/no)? No

  • application/pgp-signature attachment: stored
Received on 2008-04-22 23:34:41 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.