[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH]: credentials are not saved if username differs from cached version but password does not

From: <kmradke_at_rockwellcollins.com>
Date: Wed, 20 Jun 2012 21:22:01 -0500

Dmitry Pavlenko <pavlenko_at_tmatesoft.com> wrote on 06/20/2012 11:14:58 AM:
> simple_providers.c (svn_auth__simple_creds_cache_get): I propose to
> drop all assignments
> "need_to_save = FALSE" except the initial one; otherwise assignment
> to FALSE may override existing
> TRUE value. This may happen if default_username!=username and
> default_password==password: in this
> case need_to_save will be FALSE. Not very popular case, I guess, but
anyway.
>
> http://colabti.org/irclogger/irclogger_log/svn-dev?date=2012-06-20#l76
>
> I also propose there (not covered by the patch)
> * either not to use 'have_passtype' at all
> * or always save credentials if have_passtype == FALSE
>
> Currently if have_passtype == FALSE (i.e. passsword encryption
> format has been changed) new
> credentials are saved only if old username differs from new username
> (whatever old and new passwords are).

Somehow I've also seen password cache files without a passtype. When
this happens, all you can do is delete it and start over or else it
will repeatedly ask you to save the password and never actually
save it. I'm guessing this situation would also be fixed by
your proposal above.

No idea how this happens, but I've seen it on multiple platforms
and with multiple versions. Here is an example I saw today
(with 1.7.5) where both the passtype and password keys and
values were missing:

K 15
svn:realmstring
V 53
<https://abcd:443> Authorized XXXXXXXXXXX users only
K 8
username
V 7
myusrnm
END
Received on 2012-06-21 04:22:35 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.