Thank you Bert for the explanation and the cautions. I will definitely heed
them and after spending hours on this I'll probably remember the context
for this decision for quite a while :)
On Mon, Jan 6, 2014 at 2:06 PM, Bert Huijben <bert_at_qqmail.nl> wrote:
> First: Note this is an implementation detail. We don’t promise that this
> format stays compatible over versions, and with a default client you would
> see that the password on Windows is crypted in this file.
>
>
>
> In the current implementation the hash string is constructed in
> subversion/libsvn_subr/config_auth.c’s function svn_auth__file_path()
>
>
>
> [[
>
> svn_error_t *
>
> svn_auth__file_path(const char **path,
>
> const char *cred_kind,
>
> const char *realmstring,
>
> const char *config_dir,
>
> apr_pool_t *pool)
>
> {
>
> const char *authdir_path, *hexname;
>
> svn_checksum_t *checksum;
>
>
>
> /* Construct the path to the directory containing the creds files,
>
> e.g. "~/.subversion/auth/svn.simple". The last component is
>
> simply the cred_kind. */
>
> SVN_ERR(svn_config_get_user_config_path(&authdir_path, config_dir,
>
> SVN_CONFIG__AUTH_SUBDIR, pool));
>
> if (authdir_path)
>
> {
>
> authdir_path = svn_dirent_join(authdir_path, cred_kind, pool);
>
>
>
> /* Construct the basename of the creds file. It's just the
>
> realmstring converted into an md5 hex string. */
>
> SVN_ERR(svn_checksum(&checksum, svn_checksum_md5, realmstring,
>
> strlen(realmstring), pool));
>
> hexname = svn_checksum_to_cstring(checksum, pool);
>
>
>
> *path = svn_dirent_join(authdir_path, hexname, pool);
>
> }
>
> else
>
> *path = NULL;
>
>
>
> return SVN_NO_ERROR;
>
> }
>
> ]]
>
>
>
> So we calculate the md5 hash over the realm string in UTF-8 form (your
> first guess)
>
>
>
> But as noted: you should not rely on this. This format may change at any
> time.
>
> Functions like svn_config_walk_auth_data() provide a stable api against
> future versions, while this storage will probably change at some point, and
> is certainly incompatible with other backends like keychains, etc.
>
>
>
> Bert
>
>
>
>
>
> *From:* Tristan Slominski [mailto:tristan.slominski_at_gmail.com]
> *Sent:* maandag 6 januari 2014 20:41
> *To:* users_at_subversion.apache.org
> *Subject:* what do I hash to get .subversion/auth/svn.simple file name?
>
>
>
> Hi,
>
>
>
> I thought this was going to be easy to find out, but after hours
> researching this and trying different things, I still don't know how to
> answer the question.
>
>
>
> I posted it on stack overflow here:
> http://stackoverflow.com/questions/20952004/subversion-auth-svn-simple-hash-algorithm
>
>
>
> It boils down to this:
>
>
> Given ~/.subversion/auth/svn.simple/5671adf2865e267db74f09ba6f872c28 with
> the contents of:
>
> K 8
> username
> V 3
> joe
> K 8
> password
> V 4
> blah
> K 15
> svn:realmstring
> V 45
> <https://svn.domain.com:443> Joe's repository
> END
>
> What string to I hash to get 5671adf2865e267db74f09ba6f872c28?
>
> I tried md5 hashing a lot of strings (first one being "<
> https://svn.domain.com:443> Joe's repository"), and I can't find one that
> generates the correct hash.
>
>
>
> Cheers,
>
>
>
> Tristan
>
Received on 2014-01-06 21:24:12 CET