Author: cmpilato
Date: Fri Jan 13 16:46:41 2012
New Revision: 1231170
URL: http://svn.apache.org/viewvc?rev=1231170&view=rev
Log:
Add support for compile-time crippling of the plaintext
password/passphrase storage logic. Subversion will still happily read
plaintext passwords already on disk, but will not write any new ones.
* configure.ac
Add support for --disable-plaintext-passwords.
* subversion/libsvn_subr/config_file.c
(svn_config_ensure): Don't advertise plaintext password/phrase
storage if it isn't available.
* subversion/libsvn_subr/simple_providers.c
(svn_auth__simple_save_creds_helper): Honor compile-time selection
of plaintext password storage support.
* subversion/libsvn_subr/ssl_client_cert_pw_providers.c
(svn_auth__ssl_client_cert_pw_file_save_creds_helper): Honor
compile-time selection of plaintext client certificate passphrase
storage support.
Modified:
subversion/trunk/configure.ac
subversion/trunk/subversion/libsvn_subr/config_file.c
subversion/trunk/subversion/libsvn_subr/simple_providers.c
subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c
Modified: subversion/trunk/configure.ac
URL:
http://svn.apache.org/viewvc/subversion/trunk/configure.ac?rev=1231170&r1=1231169&r2=1231170&view=diff
==============================================================================
--- subversion/trunk/configure.ac (original)
+++ subversion/trunk/configure.ac Fri Jan 13 16:46:41 2012
@@ -792,6 +792,20 @@ if test "$svn_lib_kwallet" = "yes"; then
[Defined if KWallet support is enabled])
fi
+dnl plaintext passwords -------------------
+AC_ARG_ENABLE(plaintext-passwords,
+AS_HELP_STRING([--disable-plaintext-passwords],
+ [Disable on-disk caching of plaintext passwords and passphrases.
+ (Leaving this functionality enabled will not force Subversion
+ to store passwords in plaintext, but does permit users to
+ explicitly allow that behavior via runtime configuration.)]),
+[
+ if test "$enableval" = "no"; then
+ AC_MSG_NOTICE([Disabling plaintext password/passphrase storage])
+ AC_DEFINE(SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE, 1,
+ [Defined if plaintext password/passphrase storage is disabled])
+ fi
+])
dnl Build and install rules -------------------
Modified: subversion/trunk/subversion/libsvn_subr/config_file.c
URL:
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/config_file.c?rev=1231170&r1=1231169&r2=1231170&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_subr/config_file.c (original)
+++ subversion/trunk/subversion/libsvn_subr/config_file.c Fri Jan 13 16:46:41
2012
@@ -766,16 +766,20 @@ svn_config_ensure(const char *config_dir
"### to authenticate against a" NL
"### Subversion server may be cached" NL
"### to disk in any way." NL
+#ifndef SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE
"### store-plaintext-passwords Specifies whether passwords may" NL
"### be cached on disk unencrypted." NL
+#endif
"### store-ssl-client-cert-pp Specifies whether passphrase used" NL
"### to authenticate against a client" NL
"### certificate may be cached to disk" NL
"### in any way" NL
+#ifndef SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE
"### store-ssl-client-cert-pp-plaintext" NL
"### Specifies whether client cert" NL
"### passphrases may be cached on disk" NL
"### unencrypted (i.e., as plaintext)." NL
+#endif
"### store-auth-creds Specifies whether any auth info" NL
"### (passwords as well as server certs)"
NL
@@ -783,15 +787,14 @@ svn_config_ensure(const char *config_dir
"### username Specifies the default username." NL
"###" NL
"### Set store-passwords to 'no' to avoid storing passwords on disk" NL
- "### in any way, including in password stores. It defaults to 'yes',"
- NL
- "### but Subversion will never save your password to disk in plaintext"
- NL
- "### unless you tell it to." NL
+ "### in any way, including in password stores. It defaults to" NL
+ "### 'yes', but Subversion will never save your password to disk in" NL
+ "### plaintext unless explicitly configured to do so." NL
"### Note that this option only prevents saving of *new* passwords;" NL
"### it doesn't invalidate existing passwords. (To do that, remove" NL
"### the cache files by hand as described in the Subversion book.)" NL
"###" NL
+#ifndef SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE
"### Set store-plaintext-passwords to 'no' to avoid storing" NL
"### passwords in unencrypted form in the auth/ area of your config" NL
"### directory. Set it to 'yes' to allow Subversion to store" NL
@@ -801,11 +804,12 @@ svn_config_ensure(const char *config_dir
"### this option has no effect if either 'store-passwords' or " NL
"### 'store-auth-creds' is set to 'no'." NL
"###" NL
+#endif
"### Set store-ssl-client-cert-pp to 'no' to avoid storing ssl" NL
"### client certificate passphrases in the auth/ area of your" NL
"### config directory. It defaults to 'yes', but Subversion will" NL
- "### never save your passphrase to disk in plaintext unless you tell"NL
- "### it to via 'store-ssl-client-cert-pp-plaintext' (see below)." NL
+ "### never save your passphrase to disk in plaintext unless" NL
+ "### explicitly configured to do so." NL
"###" NL
"### Note store-ssl-client-cert-pp only prevents the saving of *new*"NL
"### passphrases; it doesn't invalidate existing passphrases. To do"NL
@@ -814,6 +818,7 @@ svn_config_ensure(const char *config_dir
"### svn.serverconfig.netmodel.html\\" NL
"### #svn.serverconfig.netmodel.credcache" NL
"###" NL
+#ifndef SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE
"### Set store-ssl-client-cert-pp-plaintext to 'no' to avoid storing"NL
"### passphrases in unencrypted form in the auth/ area of your" NL
"### config directory. Set it to 'yes' to allow Subversion to" NL
@@ -823,6 +828,7 @@ svn_config_ensure(const char *config_dir
"### this option has no effect if either 'store-auth-creds' or " NL
"### 'store-ssl-client-cert-pp' is set to 'no'." NL
"###" NL
+#endif
"### Set store-auth-creds to 'no' to avoid storing any Subversion" NL
"### credentials in the auth/ area of your config directory." NL
"### Note that this includes SSL server certificates." NL
@@ -858,7 +864,9 @@ svn_config_ensure(const char *config_dir
"# http-auth-types = basic;digest;negotiate" NL
#endif
"# neon-debug-mask = 130" NL
+#ifndef SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE
"# store-plaintext-passwords = no" NL
+#endif
"# username = harry" NL
"" NL
"### Information for the second group:" NL
@@ -904,9 +912,13 @@ svn_config_ensure(const char *config_dir
"#" NL
"# Password / passphrase caching parameters:" NL
"# store-passwords = no" NL
- "# store-plaintext-passwords = no" NL
"# store-ssl-client-cert-pp = no" NL
- "# store-ssl-client-cert-pp-plaintext = no"
NL;
+#ifndef SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE
+ "# store-plaintext-passwords = no" NL
+ "# store-ssl-client-cert-pp-plaintext = no" NL
+#else
+ ;
+#endif
err = svn_io_file_open(&f, path,
(APR_WRITE | APR_CREATE | APR_EXCL),
Modified: subversion/trunk/subversion/libsvn_subr/simple_providers.c
URL:
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/simple_providers.c?rev=1231170&r1=1231169&r2=1231170&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_subr/simple_providers.c (original)
+++ subversion/trunk/subversion/libsvn_subr/simple_providers.c Fri Jan 13
16:46:41 2012
@@ -314,15 +314,9 @@ svn_auth__simple_save_creds_helper(svn_b
apr_hash_get(parameters,
SVN_AUTH_PARAM_DONT_STORE_PASSWORDS,
APR_HASH_KEY_STRING) != NULL;
- const char *store_plaintext_passwords =
- apr_hash_get(parameters,
- SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS,
- APR_HASH_KEY_STRING);
svn_boolean_t non_interactive = apr_hash_get(parameters,
SVN_AUTH_PARAM_NON_INTERACTIVE,
APR_HASH_KEY_STRING) != NULL;
- simple_provider_baton_t *b = (simple_provider_baton_t *)provider_baton;
-
svn_boolean_t no_auth_cache =
(! creds->may_save) || (apr_hash_get(parameters,
SVN_AUTH_PARAM_NO_AUTH_CACHE,
@@ -365,6 +359,16 @@ svn_auth__simple_save_creds_helper(svn_b
}
else
{
+#ifdef SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE
+ may_save_password = FALSE;
+#else
+ const char *store_plaintext_passwords =
+ apr_hash_get(parameters,
+ SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS,
+ APR_HASH_KEY_STRING);
+ simple_provider_baton_t *b =
+ (simple_provider_baton_t *)provider_baton;
+
if (svn_cstring_casecmp(store_plaintext_passwords,
SVN_CONFIG_ASK) == 0)
{
@@ -449,6 +453,7 @@ svn_auth__simple_save_creds_helper(svn_b
store_plaintext_passwords,
SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS);
}
+#endif
}
if (may_save_password)
Modified: subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c
URL:
http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c?rev=1231170&r1=1231169&r2=1231170&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c
(original)
+++ subversion/trunk/subversion/libsvn_subr/ssl_client_cert_pw_providers.c Fri
Jan 13 16:46:41 2012
@@ -176,16 +176,9 @@ svn_auth__ssl_client_cert_pw_file_save_c
apr_hash_get(parameters,
SVN_AUTH_PARAM_DONT_STORE_SSL_CLIENT_CERT_PP,
APR_HASH_KEY_STRING) != NULL;
- const char *store_ssl_client_cert_pp_plaintext =
- apr_hash_get(parameters,
- SVN_AUTH_PARAM_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT,
- APR_HASH_KEY_STRING);
svn_boolean_t non_interactive = apr_hash_get(parameters,
SVN_AUTH_PARAM_NON_INTERACTIVE,
APR_HASH_KEY_STRING) != NULL;
- ssl_client_cert_pw_file_provider_baton_t *b =
- (ssl_client_cert_pw_file_provider_baton_t *)provider_baton;
-
svn_boolean_t no_auth_cache =
(! creds->may_save) || (apr_hash_get(parameters,
SVN_AUTH_PARAM_NO_AUTH_CACHE,
@@ -219,6 +212,16 @@ svn_auth__ssl_client_cert_pw_file_save_c
}
else
{
+#ifdef SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE
+ may_save_passphrase = FALSE;
+#else
+ const char *store_ssl_client_cert_pp_plaintext =
+ apr_hash_get(parameters,
+ SVN_AUTH_PARAM_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT,
+ APR_HASH_KEY_STRING);
+ ssl_client_cert_pw_file_provider_baton_t *b =
+ (ssl_client_cert_pw_file_provider_baton_t *)provider_baton;
+
if (svn_cstring_casecmp(store_ssl_client_cert_pp_plaintext,
SVN_CONFIG_ASK) == 0)
{
@@ -297,6 +300,7 @@ svn_auth__ssl_client_cert_pw_file_save_c
store_ssl_client_cert_pp_plaintext,
SVN_AUTH_PARAM_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT);
}
+#endif
}
if (may_save_passphrase)
