[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

svn Gnome keyring caching broken -- was: svn + Gnome Keyring doesn't always open a dialog for pw entry

From: Neels Janosch Hofmeyr <neels_at_elego.de>
Date: Sat, 18 Apr 2009 04:21:33 +0200

Senthil Kumaran S wrote:
> This is fixed in r37322.

No, I'm afraid it's now entirely broken. Trunk now fails to use the
Gnome-keyring altogether. I ran the same test with 1.6.1 and with trunk.
1.6.1 goes on and on asking svn and Gnome passwords (if I keep entering a
wrong password), but trunk goes straight to the "Store password unencrypted
(yes/no)?" question, no keyring involved. (r37322 likewise)

Note that when the keyring is unlocked, 1.6.1 successfully used the Gnome
Keyring without fuss. But I was testing whether it properly integrates with
a key that needs unlocking by the user. Trunk just fails.

For interest, I'm pasting output by both 1.6.1 and trunk below and attaching
my test script (which simply sets up an "anon-read = none" server with a
user and a password and then checks out a working copy).

~Neels

[[[
[1.6.1]
neels_at_dub:~/hg/svn-tc/test
$ ./gnome-keyring-check.sh.txt
svn, version 1.6.1 (r37116)
   compiled Apr 16 2009, 21:35:43

Copyright (C) 2000-2009 CollabNet.
Subversion is open source software, see http://subversion.tigris.org/
This product includes software developed by CollabNet (http://www.Collab.Net/).

The following repository access (RA) modules are available:

* ra_neon : Module for accessing a repository via WebDAV protocol using Neon.
  - handles 'http' scheme
  - handles 'https' scheme
* ra_svn : Module for accessing a repository using the svn network protocol.
  - handles 'svn' scheme
* ra_local : Module for accessing a repository on local disk.
  - handles 'file' scheme

Password for 'login' GNOME keyring: ### hitting enter
Authentication realm: <svn://localhost:3690> norealm
Password for 'neels': ### entering real svn password
### svn tries to cache it:
Password for 'login' GNOME keyring: ### hitting enter
### dialog windows keep asking for "default" keyring
### until I click "deny".
-----------------------------------------------------------------------
ATTENTION! Your password for authentication realm:

   <svn://localhost:3690> norealm

can only be stored to disk unencrypted! You are advised to configure
your system so that Subversion can store passwords encrypted, if
possible. See the documentation for details.

You can avoid future appearances of this warning by setting the value
of the 'store-plaintext-passwords' option to either 'yes' or 'no' in
'/home/neels/.subversion/servers'.
-----------------------------------------------------------------------
Store password unencrypted (yes/no)? no
Password for 'login' GNOME keyring: ### hitting enter
Password for 'login' GNOME keyring: ### hitting enter
### and done.
]]]

...and in the exact same environment, trunk doesn't do Gnome-Keyring at all:

[[[
[trunk]
$ ./gnome-keyring-check.sh.txt
svn, version 1.7.0 (dev build)
   compiled Apr 18 2009, 03:32:56

Copyright (C) 2000-2009 CollabNet.
Subversion is open source software, see http://subversion.tigris.org/
This product includes software developed by CollabNet (http://www.Collab.Net/).

The following repository access (RA) modules are available:

* ra_neon : Module for accessing a repository via WebDAV protocol using Neon.
  - handles 'http' scheme
  - handles 'https' scheme
* ra_svn : Module for accessing a repository using the svn network protocol.
  - handles 'svn' scheme
* ra_local : Module for accessing a repository on local disk.
  - handles 'file' scheme

Authentication realm: <svn://localhost:3690> norealm
Password for 'neels': ### entering correct svn password.
### svn tries to cache it:
-----------------------------------------------------------------------
ATTENTION! Your password for authentication realm:

   <svn://localhost:3690> norealm

can only be stored to disk unencrypted! You are advised to configure
your system so that Subversion can store passwords encrypted, if
possible. See the documentation for details.

You can avoid future appearances of this warning by setting the value
of the 'store-plaintext-passwords' option to either 'yes' or 'no' in
'/home/neels/.subversion/servers'.
-----------------------------------------------------------------------
Store password unencrypted (yes/no)? no
### done.
]]]

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=1779623

#!/bin/bash

# The next line is the only line you should need to adjust.
SVNDIR=/my/svn/trunk

## ACTUAL TEST STARTS FURTHER DOWN

if [ -f /usr/local/bin/superpower ]; then
  # use my local way if my script is there (neels).
  echo "##### REMEMBER TO SETUP YOUR ENVIRONMENT #####"
else
  # the rest of the world:
  alias svn=${SVNDIR}/subversion/svn/svn
  alias svnserve=${SVNDIR}/subversion/svnserve/svnserve
  alias svnadmin=${SVNDIR}/subversion/svnadmin/svnadmin
fi

svn --version

# Select an access method. If svn://, the svnserve setup is
# handled automagically by this script; but if http://, then
# you'll have to configure it yourself first.
#
# URL=http://localhost/neels/repos
URL=svn://localhost/repos
# URL=file:///`pwd`/repos

rm -rf repos wc

svnadmin create repos

# These are for svnserve only.
echo "[general]" > repos/conf/svnserve.conf
echo "password-db = userfile" >> repos/conf/svnserve.conf
echo "realm = norealm" >> repos/conf/svnserve.conf
echo "anon-access = none" >> repos/conf/svnserve.conf
echo "auth-access = write" >> repos/conf/svnserve.conf

echo "[users]" > repos/conf/userfile
echo "neels = ensel" >> repos/conf/userfile

# The server will only be contacted if $URL is svn://foo, of course.
svnserve --pid-file svnserve-pid -d -r `pwd`
# And put the kill command in a file, in case need to run it manually.
echo "kill -9 `cat svnserve-pid`" > k
chmod a+rwx k

svn co -q ${URL} wc

Received on 2009-04-18 04:22:13 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.