Disabling plain-text password storage by defult

[Branko Čibej]

Given that we support a number of secure credentials stores, I propose
that, starting with 1.14.0 LTS, we disable the on-disk plain-text
password store by default. I've prepared a patch for configure.ac to
issue appropriate warnings before that time. If we decide to do this, we
should also mention it in our roadmap on the site.

-- Brane


Index: configure.ac
===================================================================
--- configure.ac        (revision 1845215)
+++ configure.ac        (working copy)
@@ -866,6 +866,35 @@
 fi
 
 dnl plaintext passwords -------------------
+dnl FIXME: warn when we're at version 1.14
+ifelse(1, regexp(AC_PACKAGE_VERSION, [^\([0-9]*\)\..*], [\1]),
+ifelse(14, regexp(AC_PACKAGE_VERSION, [^[0-9]*\.\([0-9]*\)\..*], [\1]),
+AC_MSG_WARN([
+==================================================================
+
+Remember to make --disable-plaintext-password-storage the default!
+
+==================================================================])))
+dnl
+dnl TODO: After 1.14.0:
+dnl AC_ARG_ENABLE(plaintext-password-storage,
+dnl AS_HELP_STRING([--enable-plaintext-password-storage],
+dnl                [Enable on-disk caching of plaintext passwords and 
passphrases.
+dnl                 (Enabling this functionality will not force Subversion
+dnl                 to store passwords in plaintext, but does permit users to
+dnl                 explicitly allow that behavior via runtime 
configuration.)]),
+dnl [plaintext_passwd_storage="$enableval"],
+dnl [plaintext_passwd_storage="no"])
+dnl
+dnl if test "$plaintext_passwd_storage" = "yes"; then
+dnl   AC_MSG_WARN([Enabling plaintext password/passphrase storage])
+dnl else
+dnl   AC_MSG_NOTICE([Disabling plaintext password/passphrase storage])
+dnl   AC_DEFINE(SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE, 1,
+dnl             [Defined if plaintext password/passphrase storage is disabled])
+dnl fi
+dnl
+dnl Before 1.14.0:
 AC_ARG_ENABLE(plaintext-password-storage,
 AS_HELP_STRING([--disable-plaintext-password-storage],
                [Disable on-disk caching of plaintext passwords and passphrases.
@@ -872,14 +901,24 @@
                 (Leaving this functionality enabled will not force Subversion
                 to store passwords in plaintext, but does permit users to
                 explicitly allow that behavior via runtime configuration.)]),
-[
-   if test "$enableval" = "no"; then
-      AC_MSG_NOTICE([Disabling plaintext password/passphrase storage])
-      AC_DEFINE(SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE, 1,
-                [Defined if plaintext password/passphrase storage is disabled])
-   fi
-])
+[plaintext_passwd_storage="$enableval"],
+[plaintext_passwd_storage="yes"])
 
+if test "$plaintext_passwd_storage" = "no"; then
+  AC_MSG_NOTICE([Disabling plaintext password/passphrase storage])
+  AC_DEFINE(SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE, 1,
+            [Defined if plaintext password/passphrase storage is disabled])
+else
+  AC_MSG_WARN([
+==================================================================
+
+Plaintext password/passphrase storage is enabled.
+Consider using the --disable-plaintext-password-storage option to
+disable it. This will become the default in Subversion 1.14.0 LTS.
+
+==================================================================])
+fi
+
 dnl Build and install rules -------------------
 
 INSTALL_STATIC_RULES="install-bin install-docs"