You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by cm...@apache.org on 2012/07/23 20:24:47 UTC
svn commit: r1364744 - in /subversion/branches/master-passphrase/subversion:
include/ include/private/ libsvn_subr/ svn/
Author: cmpilato
Date: Mon Jul 23 18:24:46 2012
New Revision: 1364744
URL: http://svn.apache.org/viewvc?rev=1364744&view=rev
Log:
On the 'master-passphrase' branch, revert r1304538 and r1311958, which
introduces changes along a direction I've since decided not to go on
this branch. (I'm trying to get this crazy playground whipped into
some reasonably reviewable shape.)
Removed:
subversion/branches/master-passphrase/subversion/libsvn_subr/masterpass.c
subversion/branches/master-passphrase/subversion/svn/changepassword-cmd.c
Modified:
subversion/branches/master-passphrase/subversion/include/private/svn_auth_private.h
subversion/branches/master-passphrase/subversion/include/svn_auth.h
subversion/branches/master-passphrase/subversion/libsvn_subr/auth.c
subversion/branches/master-passphrase/subversion/libsvn_subr/config_file.c
subversion/branches/master-passphrase/subversion/libsvn_subr/gpg_agent.c
subversion/branches/master-passphrase/subversion/svn/cl.h
subversion/branches/master-passphrase/subversion/svn/main.c
Modified: subversion/branches/master-passphrase/subversion/include/private/svn_auth_private.h
URL: http://svn.apache.org/viewvc/subversion/branches/master-passphrase/subversion/include/private/svn_auth_private.h?rev=1364744&r1=1364743&r2=1364744&view=diff
==============================================================================
--- subversion/branches/master-passphrase/subversion/include/private/svn_auth_private.h (original)
+++ subversion/branches/master-passphrase/subversion/include/private/svn_auth_private.h Mon Jul 23 18:24:46 2012
@@ -213,63 +213,6 @@ svn_auth__ssl_client_cert_pw_set(svn_boo
svn_boolean_t non_interactive,
apr_pool_t *pool);
-
-/*** Master Passphrase ***/
-
-/** The master passphrase "provider" vtable. */
-typedef struct svn_auth__masterpass_provider_t
-{
- /* Set *PASSPHRASE to the value of the Subversion master passphrase
- hash digest string. If NON_INTERACTIVE is set, do not prompt
- the user. Set *DONE to TRUE if the passphrase is successfully
- fetched; to FALSE otherwise. */
- svn_error_t *
- (*svn_auth__masterpass_fetch_t)(const char **passphrase,
- svn_boolean_t non_interactive,
- void *provider_baton,
- apr_pool_t *pool);
-
- /* Store PASSPHRASE as the value of the Subversion master
- passphrase hash digest string. If NON_INTERACTIVE is set, do
- not prompt the user. Set *DONE to TRUE if the passphrase is
- successfully stored; to FALSE otherwise. */
- svn_error_t *
- (*svn_auth__masterpass_store_t)(const char *passphrase,
- svn_boolean_t non_interactive,
- void *provider_baton,
- apr_pool_t *pool);
-
-} svn_auth__masterpass_provider_t;
-
-/** A master passphrase provider object and baton. */
-typedef struct svn__auth_masterpass_provider_object_t
-{
- const svn_auth__masterpass_provider_t *vtable;
- void *provider_baton;
-
-} svn_auth__masterpass_provider_object_t;
-
-/** The type of function returning a master passphrase provider. */
-typedef void (*svn_auth__masterpass_provider_func_t)(
- svn_auth__masterpass_provider_object_t **provider,
- apr_pool_t *pool);
-
-/* Set *PROVIDERS to an array of svn_auth_provider_object_t's
- appropriate for the client platform and which honor the allowed
- providers specified in CONFIG. Allocate providers from POOL. */
-svn_error_t *
-svn_auth__get_masterpass_providers(apr_array_header_t **providers,
- svn_config_t *config,
- apr_pool_t *pool);
-
-#if !defined(WIN32)
-/* Set *PROVIDER to a master passphrase provider which uses the GPG
- Agent for storage/retrieval. */
-void svn_auth__get_gpg_agent_masterpass_provider(
- svn_auth__masterpass_provider_object_t **provider,
- apr_pool_t *pool);
-#endif /* !defined(WIN32) */
-
#ifdef __cplusplus
}
#endif /* __cplusplus */
Modified: subversion/branches/master-passphrase/subversion/include/svn_auth.h
URL: http://svn.apache.org/viewvc/subversion/branches/master-passphrase/subversion/include/svn_auth.h?rev=1364744&r1=1364743&r2=1364744&view=diff
==============================================================================
--- subversion/branches/master-passphrase/subversion/include/svn_auth.h (original)
+++ subversion/branches/master-passphrase/subversion/include/svn_auth.h Mon Jul 23 18:24:46 2012
@@ -340,52 +340,6 @@ typedef struct svn_auth_cred_ssl_server_
} svn_auth_cred_ssl_server_trust_t;
-/** Master passphrase credential type.
- *
- * This is a special type of credential used locally only, not as part
- * of any server-related challenge.
- *
- * The following auth parameters are available to the providers:
- *
- * - @c SVN_AUTH_PARAM_CONFIG_CATEGORY_SERVERS (@c svn_config_t*)
- * - @c SVN_AUTH_PARAM_SERVER_GROUP (@c char*)
- *
- * The following optional auth parameters are relevant to the providers:
- *
- * - @c SVN_AUTH_PARAM_NO_AUTH_CACHE (@c void*)
- */
-#define SVN_AUTH_CRED_MASTER_PASSPHRASE "svn.masterpassphrase"
-
-typedef struct svn_auth_cred_master_passphrase_t
-{
- /** Master passphrase */
- const char *passphrase;
- /** Indicates if the credentials may be saved (to disk). For example, a
- * GUI prompt implementation with a remember password checkbox shall set
- * @a may_save to TRUE if the checkbox is checked.
- */
- svn_boolean_t may_save;
-} svn_auth_cred_master_passphrase_t;
-
-/* Set *PASSPHRASE to the master passphrase for authentication
- credentials stored in the runtime configuration associated with
- AUTH_BATON, allocated from RESULT_POOL. Use SCRATCH_POOL for
- temporary allocations. */
-svn_error_t *
-svn_auth_master_passphrase_get(const char **passphrase,
- svn_auth_baton_t *auth_baton,
- apr_pool_t *result_pool,
- apr_pool_t *scratch_pool);
-
-/* Set the master passphrase for authentication credentials stored in the
- runtime configuration associated with AUTH_BATON to NEW_PASSPHRASE
- (which may be NULL to remove an existing passphrase). Use
- SCRATCH_POOL for necessary allocation. */
-svn_error_t *
-svn_auth_master_passphrase_set(svn_auth_baton_t *auth_baton,
- const char *new_passphrase,
- apr_pool_t *scratch_pool);
-
/** Credential-constructing prompt functions. **/
@@ -623,12 +577,6 @@ svn_auth_get_parameter(svn_auth_baton_t
#define SVN_AUTH_PARAM_DEFAULT_PASSWORD SVN_AUTH_PARAM_PREFIX "password"
/** @} */
-/** @brief Cached value of the master passphrase.
- * @since New in 1.7.
- */
-#define SVN_AUTH_PARAM_DEFAULT_MASTER_PASSPHRASE SVN_AUTH_PARAM_PREFIX \
- "master-passphrase"
-
/** @brief The application doesn't want any providers to prompt
* users. Property value is irrelevant; only property's existence
* matters. */
Modified: subversion/branches/master-passphrase/subversion/libsvn_subr/auth.c
URL: http://svn.apache.org/viewvc/subversion/branches/master-passphrase/subversion/libsvn_subr/auth.c?rev=1364744&r1=1364743&r2=1364744&view=diff
==============================================================================
--- subversion/branches/master-passphrase/subversion/libsvn_subr/auth.c (original)
+++ subversion/branches/master-passphrase/subversion/libsvn_subr/auth.c Mon Jul 23 18:24:46 2012
@@ -33,7 +33,6 @@
#include "svn_config.h"
#include "svn_private_config.h"
#include "svn_dso.h"
-#include "svn_base64.h"
#include "svn_version.h"
/* AN OVERVIEW
Modified: subversion/branches/master-passphrase/subversion/libsvn_subr/config_file.c
URL: http://svn.apache.org/viewvc/subversion/branches/master-passphrase/subversion/libsvn_subr/config_file.c?rev=1364744&r1=1364743&r2=1364744&view=diff
==============================================================================
--- subversion/branches/master-passphrase/subversion/libsvn_subr/config_file.c (original)
+++ subversion/branches/master-passphrase/subversion/libsvn_subr/config_file.c Mon Jul 23 18:24:46 2012
@@ -552,7 +552,6 @@ ensure_auth_dirs(const char *path,
/* If a provider exists that wants to store credentials in
~/.subversion, a subdirectory for the cred_kind must exist. */
- ensure_auth_subdir(auth_dir, SVN_AUTH_CRED_MASTER_PASSPHRASE, pool);
ensure_auth_subdir(auth_dir, SVN_AUTH_CRED_SIMPLE, pool);
ensure_auth_subdir(auth_dir, SVN_AUTH_CRED_USERNAME, pool);
ensure_auth_subdir(auth_dir, SVN_AUTH_CRED_SSL_SERVER_TRUST, pool);
Modified: subversion/branches/master-passphrase/subversion/libsvn_subr/gpg_agent.c
URL: http://svn.apache.org/viewvc/subversion/branches/master-passphrase/subversion/libsvn_subr/gpg_agent.c?rev=1364744&r1=1364743&r2=1364744&view=diff
==============================================================================
--- subversion/branches/master-passphrase/subversion/libsvn_subr/gpg_agent.c (original)
+++ subversion/branches/master-passphrase/subversion/libsvn_subr/gpg_agent.c Mon Jul 23 18:24:46 2012
@@ -152,29 +152,17 @@ send_option(int sd, char *buf, size_t n,
return (strncmp(buf, "OK", 2) == 0);
}
-/* Create the CACHE_ID which will be generated based on REALMSTRING
- (similar to other password caching mechanisms). */
-static const char *
-cacheid_from_realmstring(const char *realmstring,
- apr_pool_t *pool)
-{
- svn_checksum_t *digest = svn_checksum_create(svn_checksum_md5, pool);
- svn_checksum(&digest, svn_checksum_md5, realmstring,
- strlen(realmstring), pool);
- return svn_checksum_to_cstring(digest, pool);
-}
-
-
/* Implementation of svn_auth__password_get_t that retrieves the password
from gpg-agent */
static svn_error_t *
-password_get_gpg_agent_helper(svn_boolean_t *done,
- const char **password,
- const char *password_prompt,
- const char *realm_prompt,
- const char *cache_id,
- svn_boolean_t non_interactive,
- apr_pool_t *pool)
+password_get_gpg_agent(svn_boolean_t *done,
+ const char **password,
+ apr_hash_t *creds,
+ const char *realmstring,
+ const char *username,
+ apr_hash_t *parameters,
+ svn_boolean_t non_interactive,
+ apr_pool_t *pool)
{
int sd;
char *gpg_agent_info = NULL;
@@ -184,12 +172,16 @@ password_get_gpg_agent_helper(svn_boolea
apr_array_header_t *socket_details;
const char *request = NULL;
+ const char *cache_id = NULL;
struct sockaddr_un addr;
const char *tty_name;
const char *tty_type;
const char *lc_ctype;
const char *display;
const char *socket_name = NULL;
+ svn_checksum_t *digest = NULL;
+ char *password_prompt;
+ char *realm_prompt;
*done = FALSE;
@@ -338,11 +330,23 @@ password_get_gpg_agent_helper(svn_boolea
}
}
+ /* Create the CACHE_ID which will be generated based on REALMSTRING similar
+ to other password caching mechanisms. */
+ digest = svn_checksum_create(svn_checksum_md5, pool);
+ svn_checksum(&digest, svn_checksum_md5, realmstring, strlen(realmstring),
+ pool);
+ cache_id = svn_checksum_to_cstring(digest, pool);
+
+ password_prompt = apr_psprintf(pool, _("Password for '%s': "), username);
+ realm_prompt = apr_psprintf(pool, _("Enter your Subversion password for %s"),
+ realmstring);
request = apr_psprintf(pool,
"GET_PASSPHRASE --data %s--repeat=1 "
"%s X %s %s\n",
non_interactive ? "--no-ask " : "",
- cache_id, password_prompt, realm_prompt);
+ cache_id,
+ escape_blanks(password_prompt),
+ escape_blanks(realm_prompt));
if (write(sd, request, strlen(request)) == -1)
{
@@ -378,35 +382,6 @@ password_get_gpg_agent_helper(svn_boolea
}
-/* Implementation of svn_auth__password_get_t that retrieves the password
- from gpg-agent */
-static svn_error_t *
-password_get_gpg_agent(svn_boolean_t *done,
- const char **password,
- apr_hash_t *creds,
- const char *realmstring,
- const char *username,
- apr_hash_t *parameters,
- svn_boolean_t non_interactive,
- apr_pool_t *pool)
-{
- const char *cache_id = cacheid_from_realmstring(realmstring, pool);
- char *password_prompt =
- apr_psprintf(pool, _("Password for '%s': "), username);
- char *realm_prompt =
- apr_psprintf(pool, _("Enter your Subversion password for %s"), realmstring);
-
- escape_blanks(realm_prompt);
- escape_blanks(password_prompt);
-
- return svn_error_trace(password_get_gpg_agent_helper(done, password,
- cache_id,
- password_prompt,
- realm_prompt,
- non_interactive,
- pool));
-}
-
/* Implementation of svn_auth__password_set_t that would store the
password in GPG Agent if that's how this particular integration
worked. But it isn't. GPG Agent stores the password provided by
@@ -482,65 +457,5 @@ svn_auth_get_gpg_agent_simple_provider(s
*provider = po;
}
-
-
-
-/*-----------------------------------------------------------------------*/
-/* GPG Agent master passphrase. */
-/*-----------------------------------------------------------------------*/
-
-/* Implements svn_auth__masterpass_fetch_t. */
-static svn_error_t *
-gpg_agent_masterpass_fetch(const char **passphrase,
- svn_boolean_t non_interactive,
- void *provider_baton,
- apr_pool_t *pool)
-{
- const char *cache_id = "Subversion Master Password";
- const char *password_prompt = _("Password:");
- const char *realm_prompt = _("Enter+your+Subversion+master+password");
- svn_boolean_t done;
- const char *password;
- svn_checksum_t *digest;
-
- SVN_ERR(password_get_gpg_agent_helper(&done, &password, cache_id,
- password_prompt, realm_prompt,
- non_interactive, pool));
-
- /* ### FIXME: Should be SHA-256 */
- svn_checksum(&digest, svn_checksum_sha1, password, strlen(password), pool);
- *passphrase = svn_checksum_to_cstring_display(digest, pool);
- return SVN_NO_ERROR;
-}
-
-/* Implements svn_auth__masterpass_store_t. */
-static svn_error_t *
-gpg_agent_masterpass_store(const char *passphrase,
- svn_boolean_t non_interactive,
- void *provider_baton,
- apr_pool_t *pool)
-{
- return SVN_NO_ERROR;
-}
-
-static const svn_auth__masterpass_provider_t
-gpg_agent_masterpass_provider = {
- gpg_agent_masterpass_fetch,
- gpg_agent_masterpass_store
-};
-
-/* Public API */
-void
-svn_auth__get_gpg_agent_masterpass_provider(
- svn_auth__masterpass_provider_object_t **provider,
- apr_pool_t *pool)
-{
- svn_auth__masterpass_provider_object_t *po = apr_pcalloc(pool, sizeof(*po));
-
- po->vtable = &gpg_agent_masterpass_provider;
- *provider = po;
-}
-
-
#endif /* SVN_HAVE_GPG_AGENT */
#endif /* !WIN32 */
Modified: subversion/branches/master-passphrase/subversion/svn/cl.h
URL: http://svn.apache.org/viewvc/subversion/branches/master-passphrase/subversion/svn/cl.h?rev=1364744&r1=1364743&r2=1364744&view=diff
==============================================================================
--- subversion/branches/master-passphrase/subversion/svn/cl.h (original)
+++ subversion/branches/master-passphrase/subversion/svn/cl.h Mon Jul 23 18:24:46 2012
@@ -258,7 +258,6 @@ svn_opt_subcommand_t
svn_cl__blame,
svn_cl__cat,
svn_cl__changelist,
- svn_cl__changepassword,
svn_cl__checkout,
svn_cl__cleanup,
svn_cl__commit,
Modified: subversion/branches/master-passphrase/subversion/svn/main.c
URL: http://svn.apache.org/viewvc/subversion/branches/master-passphrase/subversion/svn/main.c?rev=1364744&r1=1364743&r2=1364744&view=diff
==============================================================================
--- subversion/branches/master-passphrase/subversion/svn/main.c (original)
+++ subversion/branches/master-passphrase/subversion/svn/main.c Mon Jul 23 18:24:46 2012
@@ -279,7 +279,7 @@ const apr_getopt_option_t svn_cl__option
"ARG may be one of 'LF', 'CR', 'CRLF'")},
{"limit", 'l', 1, N_("maximum number of log entries")},
{"no-unlock", opt_no_unlock, 0, N_("don't unlock the targets")},
- {"remove", opt_remove, 0, N_("remove an existing association")},
+ {"remove", opt_remove, 0, N_("remove changelist association")},
{"changelist", opt_changelist, 1,
N_("operate only on members of changelist ARG")},
{"keep-changelists", opt_keep_changelists, 0,
@@ -458,13 +458,6 @@ const svn_opt_subcommand_desc2_t svn_cl_
" 2. changelist --remove PATH...\n"),
{ 'q', 'R', opt_depth, opt_remove, opt_targets, opt_changelist} },
- { "changepassword", svn_cl__changepassword, {"chpasswd"}, N_
- ("Set (or unset) the master password/passphrase used to encrypt locally\n"
- "cached authentication credentials.\n"
- "usage: 1. changepassword NEWPASSWORD\n"
- " 2. changepassword --remove\n"),
- { 'q', 'R', opt_depth, opt_remove, opt_targets, opt_changelist} },
-
{ "checkout", svn_cl__checkout, {"co"}, N_
("Check out a working copy from a repository.\n"
"usage: checkout URL[@REV]... [PATH]\n"