Morning Phil, P.Marek wrote: > Hello Gunnar! > > On Friday 12 February 2010 Gunnar Thielebein wrote: >> Thanks for the fast answer. A small update of mine. >> The issue with servers file was because I put it in the wrong folder, blame >> on me. > No problem, the important thing is that it works. > >> But at least I solved for the caching of the credentials. >> >> The solution is to create the folder via svn_config_ensure, >> somewhere before svn_cmdline_setup_auth_baton. > Fine, can you commit that?
Committed with [2426]. > >> Credentials should be stored userwise so we reuse svn's user path in >> svn_cmdline_setup_auth_baton. I hope thats OK for fsvs in all remote access >> scenarios. > Do I understand you correctly that you want to use $HOME/... as config_dir? No, the config_dir should always be in /etc, /etc/fsvs or whatever you configure it for. All global settings for ssl/ssh-svn access should be stored in the servers file in subfolder /svn, e.g. > [groups] > fsvs = fsvs.agile-admin.net > [fsvs] > ssl-client-cert-file = /home/gthielebein/newcert.p12 > ssl-client-cert-password = test123 > [global] > ssl-authority-files = /etc/ssl/default/cacert.pem You can also store global credentials (also a global username) here if you want that. The servers file is very flexible. If credentials information is not in the global servers file the user will be asked for credentials. This information is now finally stored userwise in ~/.subversion if the global settings in servers file allow that: > store-passwords=yes > store-plaintext-passwords=yes > store-auth-creds=yes > store-ssl-client-cert-pp=yes > store-ssl-client-cert-pp-plaintext=yes What svn and now also fsvs creates looks like that: > ls ~/.subversion/auth/ > svn.simple svn.ssl.client-passphrase svn.ssl.server svn.username Only caveat i've seen by now is that with the use of sudo the folder in home is created with root privileges so when using the normal svn client this folder will only be accessible by root. One option is to switch from ~/.subversion to ~/.fsvs to keep the configuration seperate. Other would be suid to the SUDO_USER when creating the folders. Btw. do you know about problems when creating files in nfs-based homefolders with uid 0? Cheers, Gunnar > > >> Thats only this small change in racallback.c, line 47: >>> cfg = apr_hash_get(cfg_hash, SVN_CONFIG_CATEGORY_CONFIG, >>> APR_HASH_KEY_STRING); >>> >>> /* get svn's user configuration path */ >>> STOPIF_SVNERR( svn_config_get_user_config_path, (&cfg_usr_path, NULL, >>> NULL, pool ) ); >>> >>> /* make sure that folders for storing authentications credentials are >>> created */ STOPIF_SVNERR( svn_config_ensure, (cfg_usr_path, pool)); >>> >>> /* Set up Authentication stuff. */ >>> STOPIF_SVNERR( svn_cmdline_setup_auth_baton, >>> (&cb__cb_table.auth_baton, >>> !(isatty(STDIN_FILENO) && isatty(STDOUT_FILENO)), >>> opt__get_int(OPT__AUTHOR) ? >>> opt__get_string(OPT__AUTHOR) : NULL, >>> NULL, /* Password */ >>> cfg_usr_path, >>> 0, /* no_auth_cache */ >>> cfg, >>> NULL, /* cancel function */ >>> NULL, /* cancel baton */ >>> pool) >>> ); >> The servers file is still globally stored and used via the conf_dir option >> (or not) in the hlp__get_svn_config. > So both directories are used, a global one and a per-user? > >> What do you think, can we go with this? > Very likely. > > Please commit what you have, so that I can take a look at that. > > > Thank you! > > > Regards, > > Phil > ------------------------------------------------------ http://fsvs.tigris.org/ds/viewMessage.do?dsForumId=3923&dsMessageId=2447258 To unsubscribe from this discussion, e-mail: [dev-unsubscr...@fsvs.tigris.org].
