[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: r1005065 - in /subversion/branches/gpg-agent-password-store: ./ build/generator/ subversion/include/ subversion/include/private/ subversion/libsvn_auth_gpg_agent/ subversion/libsvn_subr/

From: Philip Martin <philip.martin_at_wandisco.com>
Date: Wed, 06 Oct 2010 16:11:05 +0100

stylesen_at_apache.org writes:

> Author: stylesen
> Date: Wed Oct 6 14:41:35 2010
> New Revision: 1005065

> +static svn_boolean_t
> +password_get_gpg_agent(const char **password,
> + apr_hash_t *creds,
> + const char *realmstring,
> + const char *username,
> + apr_hash_t *parameters,
> + svn_boolean_t non_interactive,
> + apr_pool_t *pool)
> +{
> + int sd;
> + char *gpg_agent_info = NULL;
> + char *value;
> + char *p = NULL;
> + char *ep = NULL;
> + char *buffer;
> +
> + apr_array_header_t *socket_details;
> + char *request = NULL;
> + const char *cache_id = NULL;
> + struct sockaddr_un addr;
> + int recvd;
> + char *tty_name;
> + char *tty_type;
> + const char *socket_name = NULL;
> + svn_checksum_t *digest = NULL;
> +
> + value = getenv( "GPG_AGENT_INFO");
> +
> + if (value != NULL)
> + {
> + gpg_agent_info = apr_pstrmemdup(pool, value, strlen(value));
> + socket_details = svn_cstring_split(gpg_agent_info, ":", TRUE, pool);

No need to apr_pstrmemdup if passing to svn_cstring_split.

> + socket_name = APR_ARRAY_IDX(socket_details, 0, const char *);
> + }
> + else
> + return FALSE;
> +
> + value = getenv("GPG_TTY");
> + if (value != NULL)
> + tty_name = apr_pstrmemdup(pool, value, strlen(value));
> + else
> + return FALSE;
> +
> + value = getenv("TERM");
> + if (value != NULL)
> + tty_type = apr_pstrmemdup(pool, value, strlen(value));
> + else
> + return FALSE;

Do you need to apr_pstrmemdup?

> +
> + if (socket_name != NULL)
> + {
> + addr.sun_family = AF_UNIX;
> + strncpy(addr.sun_path, socket_name, 108);
> + sd = socket(AF_UNIX, SOCK_STREAM, 0);
> + if (sd == -1)
> + return FALSE;
> +
> + if (connect(sd, (struct sockaddr *)&addr, sizeof(addr)) == -1)
> + {
> + close(sd);
> + return FALSE;
> + }
> + }
> + else
> + return FALSE;

Use APR's socket interface?

> +
> + /* Receive the connection status from the gpg-agent daemon. */
> + buffer = apr_palloc(pool, buffer_size);
> + recvd = recv(sd, buffer, buffer_size-1, 0);
> + buffer[recvd] = '\0';
> +
> + if (strncmp(buffer, "OK", 2) != 0)
> + return FALSE;
> +
> + /* Send TTY_NAME to the gpg-agent daemon. */
> + request = apr_psprintf(pool, "OPTION ttyname=%s\n", tty_name);
> + send(sd, request, strlen(request), 0);
> + recvd = recv(sd, buffer, buffer_size - 1, 0);
> + buffer[recvd] = '\0';
> +
> + if (strncmp(buffer, "OK", 2) != 0)
> + return FALSE;
> +
> + /* Send TTY_TYPE to the gpg-agent daemon. */
> + request = apr_psprintf(pool, "OPTION ttytype=%s\n", tty_type);
> + send(sd, request, strlen(request), 0);
> + recvd = recv(sd, buffer, buffer_size - 1, 0);
> + buffer[recvd] = '\0';
> +
> + if (strncmp(buffer, "OK", 2) != 0)
> + return FALSE;
> +
> + /* Create the CACHE_ID which will be generated based on REALMSTRING similar
> + to other password caching mechanisms. */
> + digest = svn_checksum_create(svn_checksum_md5, pool);
> + svn_checksum(&digest, svn_checksum_md5, realmstring, strlen(realmstring),
> + pool);
> + cache_id = svn_checksum_to_cstring(digest, pool);
> +
> + if (non_interactive)
> + request = apr_psprintf(pool,
> + "GET_PASSPHRASE --data --no-ask %s X Password: \n",
> + cache_id);
> + else
> + request = apr_psprintf(pool,
> + "GET_PASSPHRASE --data %s X Password: \n",
> + cache_id);
> +
> + send(sd, request, strlen(request)+1, 0);
> + recvd = recv(sd, buffer, buffer_size - 1, 0);
> + buffer[recvd] = '\0';
> +
> + if (strncmp(buffer, "ERR", 3) == 0)
> + return FALSE;
> +
> + if (strncmp(buffer, "D", 1) == 0)
> + p = &buffer[2];
> +
> + ep = strchr(p, '\n');
> + if (ep != NULL)
> + *ep = '\0';
> +
> + *password = apr_pstrmemdup(pool, p, recvd);

buffer, and so p, is already allocated from pool.

> +
> + close(sd);
> + return TRUE;

> Added: subversion/branches/gpg-agent-password-store/subversion/libsvn_auth_gpg_agent/version.c
> URL: http://svn.apache.org/viewvc/subversion/branches/gpg-agent-password-store/subversion/libsvn_auth_gpg_agent/version.c?rev=1005065&view=auto
> ==============================================================================
> --- subversion/branches/gpg-agent-password-store/subversion/libsvn_auth_gpg_agent/version.c (added)
> +++ subversion/branches/gpg-agent-password-store/subversion/libsvn_auth_gpg_agent/version.c Wed Oct 6 14:41:35 2010
> @@ -0,0 +1,30 @@
> +/*
> + * version.c: libsvn_auth_gpg_agent version number
> + *
> + * ====================================================================
> + * Copyright (c) 2008 CollabNet. All rights reserved.
> + *
> + * This software is licensed as described in the file COPYING, which
> + * you should have received as part of this distribution. The terms
> + * are also available at http://subversion.tigris.org/license-1.html.
> + * If newer versions of this license are posted there, you may use a
> + * newer version instead, at your option.
> + *
> + * This software consists of voluntary contributions made by many
> + * individuals. For exact contribution history, see the revision
> + * history and logs, available at http://subversion.tigris.org/.
> + * ====================================================================
> + */

That's the wrong file header.

> +
> +/* ==================================================================== */
> +
> +
> +
> +#include "svn_auth.h"
> +#include "svn_version.h"
> +
> +const svn_version_t *
> +svn_auth_gpg_agent_version(void)
> +{
> + SVN_VERSION_BODY;
> +}

You need to update the password-stores bit of the config documentation
strings in libsvn_subr/config_file.c.

-- 
Philip
Received on 2010-10-06 17:11:59 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.