[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Different behaviour of storing plaintext passwords under Unix - svn log differes from svn co/up

From: Daniel Shahaf <d.s_at_daniel.shahaf.name>
Date: Sun, 23 Nov 2014 00:03:37 +0000

Bert Huijben wrote on Fri, Nov 21, 2014 at 21:56:11 +0000:
> Does your server support anonymous read only connections?
>
>
> If it allows those, it is completely expected that it doesn't use a
> password for authorizing things like log… and therefore never
> updates/stores passwords in that case.
>

... and if you want the full log, a easy workaround is to set up a
second <Location>, for the same repository, that doesn't permit
anonymous access.

Daniel

>
> Bert
>
>
>
>
>
> From: Schulz, Gunther
> Sent: ‎Friday‎, ‎November‎ ‎21‎, ‎2014 ‎4‎:‎05‎ ‎PM
> To: users_at_subversion.apache.org
>
>
>
>
>
>
> Hello,
>
>
>
> I detected an unexpected behaviour of the subversion client (Debian 7.7, svn version 1.6.12 (r955767)):
>
>
>
> The configuration settings of store-plaintext-passwords (yes/ask/no) are only validated if I execute svn commands like checkout or update, but not for a simple ‘svn log’ command:
>
> - the password file in auth/svn.simple were not generated
>
> - strangely I was asked if I want to store the hostkey certificate which worked seemlessly
>
> - when using a ‘svn update’ or ‘svn checkout’ the expected behaviour was seen (prompt for saving or save automatically)
>
>
>
> Usually this is not detected as one of the first calls are update or checkout commands, but I used here some scripting using ‘svn log’ and was wondering why my password was never updated, no matter where I changed the save-plaintext-passwords settings (/etc/subversion/servers or ~/.subversion/servers, global section or specific local server sections).
>
>
>
> I assume this is a bug or at least a strange feature. Normally I would expect that the same authentication procedure is used for all the remote svn commands which require authentication against the server.
>
>
>
> Please let me know if you need some traces or configuration settings…
>
>
>
> BTW: Subversion server was running on a Windows server machine, access via WebDAV / https
>
>
>
> Best regards,
>
>
>
> Gunther
>
>
>
> --
>
> -----------------------------------------------------------------------------------------------------
>
> Carl Zeiss SMT GmbH
> Carl Zeiss Gruppe
> Lithography Optics Division / Technology Mechatronics
> Department LIT-TES
>
> G u n t h e r S c h u l z
>
> Phone: +49 73 64 20-9672
> mailto: gunther.schulz@zeiss.com | http://www.zeiss.com/smt
>
>
> Carl Zeiss SMT GmbH
> Rudolf-Eber-Straße 2, 73447 Oberkochen
> Geschäftsführung: Dr. Hermann Gerlinger (Vorsitzender), Dr. Andreas Dorsel, Axel Jaeger
> Sitz der Gesellschaft: 73447 Oberkochen, Deutschland
> Amtsgericht Ulm, HRB 725667, USt-IdNr: DE 811119999
> -----------------------------------------------------------------------------------------------------
Received on 2014-11-23 01:08:23 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.