Checkout
cmpilato
committed
on 02 Aug 12
On the 'master-passphrase' branch, introduce flexibility on how master
passphrases are acquired for use with the encrypted store by
introduc… Show more
On the 'master-passphrase' branch, introduce flexibility on how master

passphrases are acquired for use with the encrypted store by

introducing a parallel auth baton/subsystem for this purpose.

(Fortunately, this didn't require code duplication, which would have

been a non-starter for me.)

Intended next step:  see if the GPG-Agent can remember a master

passphrase so that prompting needn't (always) occur.

* subversion/include/svn_auth.h

 (SVN_AUTH_CRED_MASTER_PASSPHRASE): New #define.

 (svn_auth_cred_master_passphrase_t): New structure type.

 (svn_auth_master_passphrase_prompt_func_t): New prompt function type.

 (svn_auth_get_master_passphrase_prompt_provider): New function.

* subversion/libsvn_subr/auth_store.h

 (svn_auth__master_passphrase_fetch_t): Remove as unused.

 (svn_auth__pathetic_store_get): Swap a simple secret-fetching

   callback function for a whole parallel auth subsystem used to

   fetch (possibly cached) master passphrases.

 (svn_auth__pathetic_store_create, svn_auth__pathetic_store_reencrypt):

   New functions.

* subversion/libsvn_subr/cmdline.c

 (open_auth_store): Add 'no_auth_cache' and 'non_interactive'

   parameters.  Build a parallel auth subsystem for master passphrase

   handling when dealing with an encrypted auth store.

 (svn_cmdline_create_auth_baton): Delay opening the auth store until

   other configuration parameters have been investigated.

* subversion/libsvn_subr/masterpass_providers.c

 New file with the guts of a master-passphrase-providing auth system

 plugin.

* subversion/libsvn_subr/pathetic_auth_store.c

 (pathetic_auth_store_baton_t): Lose 'secret_func' and 'secret_baton',

   and pick up a 'secret_auth_baton'.

 (write_auth_store): Add 'create' flag and handling.

 (create_auth_store, set_cred_hash): Update calls to write_auth_store().

 (acquire_secret): New helper function.

 (pathetic_store_open): Reduce the scope of this function a bit,

   disallowing store creation, and offloading secret acquisition to

   acquire_secret().

 (svn_auth__pathetic_store_get): Lose 'secret_func' and

   'secret_baton' parameters, and add 'secret_auth_baton'.  Update

   associated structure members accordingly.

 (svn_auth__pathetic_store_create, svn_auth__pathetic_store_reencrypt):

   New functions (the latter of which is near-empty-bodied).

* subversion/include/svn_cmdline.h,

* subversion/libsvn_subr/prompt.c

 (svn_cmdline_auth_master_passphrase_prompt): Rework as an

   svn_auth_master_passphrase_prompt_func_t implementation.

* subversion/tests/libsvn_subr/crypto-test.c

 (fetch_secret): Morph this into a master-passphrase prompt callback

   function.

 (get_master_passphrase_auth_baton): New helper function.

 (create_ephemeral_auth_store, test_auth_store_basic): Tweak in

   accordance with the changes made to interfaces.

Show less