Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
trunk
-
None
Description
the plaintext-passwords branch (which is new in 1.6) added an API requirement that the pools passed to save_credentials and svn_auth_save_credentials (in svn_auth.h) survive across RA sessions, and will segfault if this requirement is not met. As described in svn_auth__simple_save_creds_helper of trunk: * XXX: Hopefully, our caller has passed us * a pool that survives across RA sessions! * We use that pool to cache user answers, and * we may be called again for the same realm when the * current RA session is reparented, or when a different * RA session using the same realm is opened. * If the pool does not survive until then, caching * won't work, and for some reason the call to * apr_hash_set() below may even end up crashing in * apr_palloc(). Quoting the tail of a discussion with kfogel and stsp, <stsp> well, I also updated the API docs so people using our libs are made aware of the problem <danielsh> yeah, you documented it, but if someone out there is passing a short-lived pool, they'll segfault when they upgrade to 1.6 <stsp> yes <stsp> it needs to be fixed <stsp> the fix is: put the cache in auth_baton, pass it down to the callback <stsp> this touches public API but I'd rather rev API than have people crash for no reason other than being lazy ;)
http://subversion.tigris.org/servlets/ReadMsg?list=dev&msgNo=137815