You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by ph...@apache.org on 2018/07/27 10:43:54 UTC

svn commit: r1836802 - /subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c

Author: philip
Date: Fri Jul 27 10:43:54 2018
New Revision: 1836802

URL: http://svn.apache.org/viewvc?rev=1836802&view=rev
Log:
Followup to r1836762, now that we store client cert passwords it
turns out that the libsecret gnome keyring doesn't accept NULL
usernames.  Pass a dummy username as a workaround.

* subversion/libsvn_subr/ssl_client_cert_pw_providers.c
  (DUMMY_USERNAME): New.
  (svn_auth__ssl_client_cert_pw_cache_get,
   svn_auth__ssl_client_cert_pw_cache_set): Pass dummy username.

Modified:
    subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c

Modified: subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c?rev=1836802&r1=1836801&r2=1836802&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c (original)
+++ subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c Fri Jul 27 10:43:54 2018
@@ -36,7 +36,7 @@
 #include "svn_private_config.h"
 
 /*-----------------------------------------------------------------------*/
-/* File provider                                                         */
+/* File password provider                                                */
 /*-----------------------------------------------------------------------*/
 
 /* Baton type for the ssl client cert passphrase provider. */
@@ -51,6 +51,13 @@ typedef struct ssl_client_cert_pw_file_p
   apr_hash_t *plaintext_answers;
 } ssl_client_cert_pw_file_provider_baton_t;
 
+/* The client cert password provider only deals with a password and
+   realm (the client cert filename), there is no username.  The gnome
+   keyring backend based on libsecret requires a non-NULL username so
+   we have to invent one.  An empty string is acceptable and doesn't
+   change the value stored by the kwallet backend. */
+#define DUMMY_USERNAME ""
+
 /* This implements the svn_auth__password_get_t interface.
    Set **PASSPHRASE to the plaintext passphrase retrieved from CREDS;
    ignore other parameters. */
@@ -132,7 +139,8 @@ svn_auth__ssl_client_cert_pw_cache_get(v
           svn_boolean_t done;
 
           SVN_ERR(passphrase_get(&done, &password, creds_hash, realmstring,
-                                 NULL, parameters, non_interactive, pool));
+                                 DUMMY_USERNAME, parameters, non_interactive,
+                                 pool));
           if (!done)
             password = NULL;
         }
@@ -293,7 +301,7 @@ svn_auth__ssl_client_cert_pw_cache_set(s
       if (may_save_passphrase)
         {
           SVN_ERR(passphrase_set(saved, creds_hash, realmstring,
-                                 NULL, creds->password, parameters,
+                                 DUMMY_USERNAME, creds->password, parameters,
                                  non_interactive, pool));
 
           if (*saved && passtype)