[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Cached client credentials not encrypted on Win2K with Subversion 1.2.3.

From: Phillip Susi <psusi_at_cfl.rr.com>
Date: 2005-12-16 17:16:20 CET

Aha, I was still running an older version. I just upgraded to the
latest and deleted the auth cache and it does now seem to be encrypted.

I still have two questions though:

1) what exactly is this wincrypt buisiness? As I understand it, EFS
works by encrypting the file with a random cipher key ( was it 128 bit
3des? ) and then encrypts that key using your public RSA key in your
personal certificate ( as well as the administrator's, so he can recover
the file ), and the private key in your certificate is encrypted using
your password. Because of this, even if the administrator resets your
password, you won't be able to access the file without the original
password. Is this what wincrypt does, but not to the entire file?

2) I am using a client certificate to authenticate to the server via
SSL. Every time I run svn, it prompts me for the password to decrypt my
certificate's private key. It looks like it does save that password in
the auth cache, but it won't use it, and prompts me for it again anyhow.
  It still does this in the latest version ( 1.2.3 r15833 ). Is this a
known bug?

John Szakmeister wrote:
> As I mentioned earlier in the thread, you may need to remove your auth
> directory and try again. This was a new feature in 1.2.0. If you didn't
> wipe out the auth directory at that point, then it's more than likely using
> the format that already existed: which is store it plain text. If you delete
> your auth directory, it will store your password in the wincrypt format
> automatically.
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Dec 16 17:20:58 2005

This is an archived mail posted to the Subversion Users mailing list.