You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by ph...@apache.org on 2018/07/27 10:43:54 UTC
svn commit: r1836802 -
/subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c
Author: philip
Date: Fri Jul 27 10:43:54 2018
New Revision: 1836802
URL: http://svn.apache.org/viewvc?rev=1836802&view=rev
Log:
Followup to r1836762, now that we store client cert passwords it
turns out that the libsecret gnome keyring doesn't accept NULL
usernames. Pass a dummy username as a workaround.
* subversion/libsvn_subr/ssl_client_cert_pw_providers.c
(DUMMY_USERNAME): New.
(svn_auth__ssl_client_cert_pw_cache_get,
svn_auth__ssl_client_cert_pw_cache_set): Pass dummy username.
Modified:
subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c
Modified: subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c?rev=1836802&r1=1836801&r2=1836802&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c (original)
+++ subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c Fri Jul 27 10:43:54 2018
@@ -36,7 +36,7 @@
#include "svn_private_config.h"
/*-----------------------------------------------------------------------*/
-/* File provider */
+/* File password provider */
/*-----------------------------------------------------------------------*/
/* Baton type for the ssl client cert passphrase provider. */
@@ -51,6 +51,13 @@ typedef struct ssl_client_cert_pw_file_p
apr_hash_t *plaintext_answers;
} ssl_client_cert_pw_file_provider_baton_t;
+/* The client cert password provider only deals with a password and
+ realm (the client cert filename), there is no username. The gnome
+ keyring backend based on libsecret requires a non-NULL username so
+ we have to invent one. An empty string is acceptable and doesn't
+ change the value stored by the kwallet backend. */
+#define DUMMY_USERNAME ""
+
/* This implements the svn_auth__password_get_t interface.
Set **PASSPHRASE to the plaintext passphrase retrieved from CREDS;
ignore other parameters. */
@@ -132,7 +139,8 @@ svn_auth__ssl_client_cert_pw_cache_get(v
svn_boolean_t done;
SVN_ERR(passphrase_get(&done, &password, creds_hash, realmstring,
- NULL, parameters, non_interactive, pool));
+ DUMMY_USERNAME, parameters, non_interactive,
+ pool));
if (!done)
password = NULL;
}
@@ -293,7 +301,7 @@ svn_auth__ssl_client_cert_pw_cache_set(s
if (may_save_passphrase)
{
SVN_ERR(passphrase_set(saved, creds_hash, realmstring,
- NULL, creds->password, parameters,
+ DUMMY_USERNAME, creds->password, parameters,
non_interactive, pool));
if (*saved && passtype)