Den fre 7 aug. 2020 kl 11:34 skrev Daniel Shahaf <d...@daniel.shahaf.name>:
> It successfully adds a password to the storage, in the sense that
> after running it, a subsequent `svn auth --show-passwords` shows the
> password. Still, a subsequent `svn info` doesn't use the password.
> Why? By source inspection, SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE
> affects svn_auth__simple_creds_cache_set() but not
> svn_auth__simple_creds_cache_get(),
> so why doesn't the latter use the password?
>
It seems you also need to set passtype = simple for
svn_auth__simple_creds_cache_get() to accept the password.
Updated script, I changed to use /usr/bin/env to find zsh and explicitly
set LANG to make sure svn auth return the expected text (normally I'm
running sv_SE.UTF-8).
[[[
#!/usr/bin/env -S zsh -f
# Prompt for a realm and a password, then cache that password for that
realm, in plaintext.
LANG=en_US.UTF-8
PS3="Enter the number of the selected option: "
creds=( "${(ps.\n\n.)"$(svn auth)"}" )
creds=( ${(M)creds:#-*} )
select m in $creds
do
realm=${(M)${(f)m}:#Authentication realm: *}
realm=${realm#*: }
IFS= read -s -r pw"?Password: "
md5=${"$(printf %s "$realm" | openssl md5)"##*= }
print -rC1 \
\$ i "K 8" passtype "V 6" simple "K 8" password "V ${#pw}"
"$pw" "." "w" "q" \
| ed -s ~/.subversion/auth/svn.simple/$md5
echo edited $_
break
done
]]]
A proper svn store-password command would be nice to better support non-X11
automated environments in case of "stupid" compile time options. But that
moots the point of SVN_DISABLE_PLAINTEXT_PASSWORD_STORAGE and I understand
the need for it in certain (corporate) environments, I even think it could
prevent reading an already stored password. Better to convince
your favorite distribution to take the approach of OpenBSD (as detailed by
Stefan Sperling elsewhere in the thread).
Kind regards,
Daniel
