[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: r30800 - in branches/dont-save-plaintext-passwords-by-default: . subversion/include subversion/libsvn_subr

From: Stefan Sperling <stsp_at_elego.de>
Date: Mon, 28 Apr 2008 23:54:49 +0200

On Mon, Apr 28, 2008 at 04:11:10PM -0400, Karl Fogel wrote:
> Stefan Sperling <stsp_at_elego.de> writes:
> > I'm not really happy with this, but I found no better way to do it.
> > This is a hack to deal with a rare corner case.

> > I hope this is acceptable?
>
> As long as public doc strings also say it. Should the doc string for
> svn_auth_save_credentials() also mention it, therefore?

Done in r30823:

Index: subversion/include/svn_auth.h
===================================================================
--- subversion/include/svn_auth.h (revision 30800)
+++ subversion/include/svn_auth.h (working copy)
@@ -627,9 +627,12 @@ svn_error_t * svn_auth_next_credentials(void **cre
 /** Save a set of credentials.
  *
  * Ask @a state to store the most recently returned credentials,
- * presumably because they successfully authenticated. Use @a pool
- * for temporary allocation. If no credentials were ever returned, do
- * nothing.
+ * presumably because they successfully authenticated.
+ * All allocations should be done in @a pool, which can be
+ * assumed to survive across RA sessions; auth providers that store
+ * passwords in plaintext rely on this.
+ *
+ * If no credentials were ever returned, do nothing.
  */
 svn_error_t * svn_auth_save_credentials(svn_auth_iterstate_t *state,
                                         apr_pool_t *pool);

> I think your solution is actually fine, by the way. Part of what's
> useful about pools is that they indicate operation scope/lifetime. IOW,
> your solution is a feature, not a bug :-).

Right, that's great then :)

Thanks,

-- 
Stefan Sperling <stsp_at_elego.de>                    Software Monkey
 
German law requires the following banner :(
elego Software Solutions GmbH                            HRB 77719
Gustav-Meyer-Allee 25, Gebaeude 12        Tel:  +49 30 23 45 86 96 
13355 Berlin                              Fax:  +49 30 23 45 86 95
http://www.elego.de                               CEO: Olaf Wagner
 
Store password unencrypted (yes/no)? No

  • application/pgp-signature attachment: stored
Received on 2008-04-28 23:55:07 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.