[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: multiple password prompts

From: Stefan Sperling <stsp_at_elego.de>
Date: Sat, 14 Jun 2008 12:30:41 +0200

On Sat, Jun 14, 2008 at 11:07:59AM +0200, Stefan Sperling wrote:
> On Fri, Jun 13, 2008 at 03:58:57PM -0700, David Glasser wrote:
> > -----------------------------------------------------------------------
> > Store password unencrypted (yes/no)? yes
> > -----------------------------------------------------------------------
> > Store password unencrypted (yes/no)? yes
> > A REDACTED/trunk
> > A REDACTED/wiki
> > ...
> >
> >
> > Um. Why did it ask me the same question twice?
> Huh. Oh well, I thought I had fixed this.

> I'll setup a https server and try to reproduce.

I cannot reproduce this using a 1.4.4 server with trunk client.

My setup is simple -- the repository contains only a single
file called 'a', and requires authentication for any operation:

<Location /repos>
  DAV svn
  SVNPath /tmp/repos
  AuthType Basic
  AuthName "Subversion repository"
  AuthUserFile /etc/apache2/svn-auth-file
  Require valid-user

stsp_at_jack [~] trunk-power $ svn --version | head -n2
svn, version 1.6.0 (dev build)
   compiled Jun 14 2008, 12:08:15

I'll cause two RA sessions to be used by listing the repository
twice with a single command:

stsp@jack [~] trunk-power $ svn --config-dir /tmp/subversion ls https://localhost/repos https://localhost/repos
Error validating server certificate for 'https://localhost:443':
 - The certificate is not issued by a trusted authority. Use the
   fingerprint to validate the certificate manually!
 - The certificate hostname does not match.
Certificate information:
 - Hostname: jack.stsp.name
 - Valid: from Sat, 14 Jun 2008 08:45:55 GMT until Sun, 14 Jun 2009 08:45:55 GMT
 - Issuer: jack.stsp.name
 - Fingerprint: c3:7b:f0:36:47:b4:dd:72:0e:a8:ed:6b:a9:4f:bf:e9:5b:df:b3:f9
(R)eject, accept (t)emporarily or accept (p)ermanently? t
Authentication realm: <https://localhost:443> Subversion repository
Password for 'stsp':
Authentication realm: <https://localhost:443> Subversion repository
Username: harry
Password for 'harry':
ATTENTION! Your password for authentication realm:

   <https://localhost:443> Subversion repository

can only be stored to disk unencrypted! You are advised to configure
your system so that Subversion can store passwords encrypted, if
possible. See the documentation for details.

You can avoid future appearances of this warning by setting the value
of the 'store-plaintext-passwords' option to either 'yes' or 'no' in
Store password unencrypted (yes/no)? yes
stsp_at_jack [~] trunk-power $

Caching the answer did work, I didn't get prompted in-between
the listings.

Hmmm, so it's not as simple as svn:// vs. https://

Do you have any idea what difference between the googlecode.com
setup and my setup could cause the prompt appear twice for you?
I guess there are many differences since the google setup is likely
quite complex, but I hope we can somehow single out what's causing
this bug.


  • application/pgp-signature attachment: stored
Received on 2008-06-14 12:31:16 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.