Author: cmpilato
Date: Wed Jul 25 15:17:12 2012
New Revision: 1365620
URL: http://svn.apache.org/viewvc?rev=1365620&view=rev
Log:
On the 'master-passphrase' branch: Clean up the cleanup of auth
stores, and move away from a hardcoded master passphrase via the
addition of a prompting callback.
* subversion/include/svn_cmdline.h,
* subversion/libsvn_subr/prompt.c
(svn_cmdline_auth_master_passphrase_prompt): New function.
* subversion/libsvn_subr/auth_store.c
(svn_auth__store_t): Add 'pool' member.
(svn_auth__store_create): Initialize new 'pool' struct member.
(cleanup_auth_store_close): New.
(svn_auth__store_open): Register the cleanup_auth_store_close() pool
cleanup handler with the auth store pool.
(svn_auth__store_close): Don't require that the store be open, but only
attempt to really close it if it is.
* subversion/libsvn_subr/cmdline.c
(fetch_nonsecret_secret, cleanup_auth_store_close): Remove as unused.
(open_auth_store): Add 'pb' parameter, passed as the baton for the
new svn_cmdline_auth_master_passphrase_prompt, which itself
replaces fetch_nonsecret_secret as the master passphrase fetch
callback. Also, don't bother registering a pool cleanup function
for the auth store.
Modified:
subversion/branches/master-passphrase/subversion/include/svn_cmdline.h
subversion/branches/master-passphrase/subversion/libsvn_subr/auth_store.c
subversion/branches/master-passphrase/subversion/libsvn_subr/cmdline.c
subversion/branches/master-passphrase/subversion/libsvn_subr/prompt.c
Modified: subversion/branches/master-passphrase/subversion/include/svn_cmdline.h
URL:
http://svn.apache.org/viewvc/subversion/branches/master-passphrase/subversion/include/svn_cmdline.h?rev=1365620&r1=1365619&r2=1365620&view=diff
==============================================================================
--- subversion/branches/master-passphrase/subversion/include/svn_cmdline.h
(original)
+++ subversion/branches/master-passphrase/subversion/include/svn_cmdline.h Wed
Jul 25 15:17:12 2012
@@ -41,6 +41,7 @@
#include "svn_types.h"
#include "svn_auth.h"
#include "svn_config.h"
+#include "svn_string.h"
#ifdef __cplusplus
extern "C" {
@@ -315,6 +316,19 @@ svn_cmdline_auth_plaintext_passphrase_pr
apr_pool_t *pool);
+/** An implementation of @c svn_auth__master_passphrase_fetch_t that
+ * prompts the user for the master passphrase which protects an
+ * encrypted authentication store.
+ *
+ * @since New in 1.8.
+ */
+svn_error_t *
+svn_cmdline_auth_master_passphrase_prompt(const svn_string_t **secret,
+ void *baton,
+ apr_pool_t *result_pool,
+ apr_pool_t *scratch_pool);
+
+
/** Set @a *ab to an authentication baton allocated from @a pool and
* initialized with the standard set of authentication providers used
* by the command line client.
Modified:
subversion/branches/master-passphrase/subversion/libsvn_subr/auth_store.c
URL:
http://svn.apache.org/viewvc/subversion/branches/master-passphrase/subversion/libsvn_subr/auth_store.c?rev=1365620&r1=1365619&r2=1365620&view=diff
==============================================================================
--- subversion/branches/master-passphrase/subversion/libsvn_subr/auth_store.c
(original)
+++ subversion/branches/master-passphrase/subversion/libsvn_subr/auth_store.c
Wed Jul 25 15:17:12 2012
@@ -33,6 +33,7 @@ struct svn_auth__store_t
svn_auth__store_cb_get_cred_hash_t get_cred_hash_func;
svn_auth__store_cb_set_cred_hash_t set_cred_hash_func;
svn_auth__store_cb_iterate_creds_t iterate_creds_func;
+ apr_pool_t *pool;
};
@@ -41,6 +42,7 @@ svn_auth__store_create(svn_auth__store_t
apr_pool_t *result_pool)
{
*auth_store = apr_pcalloc(result_pool, sizeof(**auth_store));
+ (*auth_store)->pool = result_pool;
return SVN_NO_ERROR;
}
@@ -108,6 +110,15 @@ svn_auth__store_set_iterate_creds(svn_au
}
+/* APR pool cleanup handler which closes an auth_store. */
+static apr_status_t
+cleanup_auth_store_close(void *arg)
+{
+ svn_auth__store_t *auth_store = arg;
+ svn_auth__store_close(auth_store, auth_store->pool);
+ return 0;
+}
+
svn_error_t *
svn_auth__store_open(svn_auth__store_t *auth_store,
@@ -119,6 +130,12 @@ svn_auth__store_open(svn_auth__store_t *
{
SVN_ERR(auth_store->open_func(auth_store->store_baton, create,
scratch_pool));
+
+ /* Register a pool cleanup handler which closes the store. */
+ apr_pool_cleanup_register(auth_store->pool, auth_store,
+ cleanup_auth_store_close,
+ apr_pool_cleanup_null);
+
auth_store->is_open = TRUE;
}
else
@@ -133,8 +150,7 @@ svn_error_t *
svn_auth__store_close(svn_auth__store_t *auth_store,
apr_pool_t *scratch_pool)
{
- SVN_ERR_ASSERT(auth_store->is_open);
- if (auth_store->close_func)
+ if (auth_store->is_open && auth_store->close_func)
SVN_ERR(auth_store->close_func(auth_store->store_baton, scratch_pool));
return SVN_NO_ERROR;
}
Modified: subversion/branches/master-passphrase/subversion/libsvn_subr/cmdline.c
URL:
http://svn.apache.org/viewvc/subversion/branches/master-passphrase/subversion/libsvn_subr/cmdline.c?rev=1365620&r1=1365619&r2=1365620&view=diff
==============================================================================
--- subversion/branches/master-passphrase/subversion/libsvn_subr/cmdline.c
(original)
+++ subversion/branches/master-passphrase/subversion/libsvn_subr/cmdline.c Wed
Jul 25 15:17:12 2012
@@ -447,33 +447,12 @@ ssl_trust_unknown_server_cert
}
-/* Implements `svn_auth__master_passphrase_fetch_t' */
-static svn_error_t *
-fetch_nonsecret_secret(const svn_string_t **secret,
- void *baton,
- apr_pool_t *result_pool,
- apr_pool_t *scratch_pool)
-{
- *secret = svn_string_create("2secretive4u", result_pool);
- return SVN_NO_ERROR;
-}
-
-
-/* APR pool cleanup handler which closes an auth_store. */
-static apr_status_t
-cleanup_auth_store_close(void *arg)
-{
- svn_auth__store_t *auth_store = arg;
- svn_auth__store_close(auth_store, NULL); /* ### FIXME: NULL pool? Uncool. */
- return 0;
-}
-
-
/* Instantiate and open an auth store. */
static svn_error_t *
open_auth_store(svn_auth__store_t **auth_store_p,
const char *config_dir,
svn_boolean_t use_master_password,
+ svn_cmdline_prompt_baton2_t *pb,
apr_pool_t *pool)
{
svn_auth__store_t *auth_store;
@@ -486,21 +465,16 @@ open_auth_store(svn_auth__store_t **auth
SVN_ERR(svn_config_get_user_config_path(&auth_config_path, config_dir,
SVN_CONFIG__AUTH_SUBDIR, pool));
SVN_ERR(svn_crypto__context_create(&crypto_ctx, pool));
- SVN_ERR(svn_auth__pathetic_store_get(&auth_store,
- svn_path_join(auth_config_path,
- "pathetic.db",
- pool),
- crypto_ctx,
- fetch_nonsecret_secret,
- NULL, pool, pool));
+ SVN_ERR(svn_auth__pathetic_store_get(
+ &auth_store,
+ svn_path_join(auth_config_path, "pathetic.db", pool),
+ crypto_ctx, svn_cmdline_auth_master_passphrase_prompt,
+ pb, pool, pool));
}
else
{
SVN_ERR(svn_auth__config_store_get(&auth_store, config_dir, pool, pool));
}
-
- apr_pool_cleanup_register(pool, auth_store, cleanup_auth_store_close,
- apr_pool_cleanup_null);
SVN_ERR(svn_auth__store_open(auth_store, TRUE, pool));
*auth_store_p = auth_store;
@@ -646,7 +620,8 @@ svn_cmdline_create_auth_baton(svn_auth_b
auth_password);
/* Open the appropriate auth store, and cache it in the auth baton. */
- SVN_ERR(open_auth_store(&auth_store, config_dir, use_master_password, pool));
+ SVN_ERR(open_auth_store(&auth_store, config_dir, use_master_password,
+ pb, pool));
svn_auth_set_parameter(*ab, SVN_AUTH_PARAM_AUTH_STORE, auth_store);
/* Same with the --non-interactive option. */
Modified: subversion/branches/master-passphrase/subversion/libsvn_subr/prompt.c
URL:
http://svn.apache.org/viewvc/subversion/branches/master-passphrase/subversion/libsvn_subr/prompt.c?rev=1365620&r1=1365619&r2=1365620&view=diff
==============================================================================
--- subversion/branches/master-passphrase/subversion/libsvn_subr/prompt.c
(original)
+++ subversion/branches/master-passphrase/subversion/libsvn_subr/prompt.c Wed
Jul 25 15:17:12 2012
@@ -35,6 +35,7 @@
#include "svn_auth.h"
#include "svn_error.h"
#include "svn_path.h"
+#include "svn_checksum.h"
#include "private/svn_cmdline_private.h"
#include "svn_private_config.h"
@@ -496,6 +497,31 @@ svn_cmdline_auth_plaintext_passphrase_pr
pool);
}
+
+/* This implements 'svn_auth__master_passphrase_fetch_t'. */
+svn_error_t *
+svn_cmdline_auth_master_passphrase_prompt(const svn_string_t **secret,
+ void *baton,
+ apr_pool_t *result_pool,
+ apr_pool_t *scratch_pool)
+{
+ const char *response;
+ int response_len;
+ svn_cmdline_prompt_baton2_t *pb = baton;
+ svn_checksum_t *checksum;
+
+ SVN_ERR(prompt(&response, _("Enter master passphrase: "),
+ TRUE, pb, scratch_pool));
+ response_len = strlen(response);
+ SVN_ERR(svn_checksum(&checksum, svn_checksum_sha1,
+ response, response_len, scratch_pool));
+ memset((void *)response, 0, response_len);
+ *secret = svn_string_ncreate((const char *)checksum->digest,
+ svn_checksum_size(checksum),
+ result_pool);
+ return SVN_NO_ERROR;
+}
+
�
/** Generic prompting. **/
