Uploaded image for project: 'Subversion'
  1. Subversion
  2. SVN-4509

serf does not store client SSL certificate passwords

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: trunk
    • Fix Version/s: ---
    • Component/s: libsvn_ra_serf
    • Labels:
      None

      Description

      When using a client SSL certificate that needs a password Subversion no longer
      attempts to store the password in the auth cache.  This is a regression from
      1.7/neon where the password was stored.
      
      When using neon the Subversion code decrypts the certificate using neon
      functions, this allowed Subversion to determine whether a password was correct
      and store it, see client_ssl_decrypt_cert() in session.c. When using serf the
      Subversion code no longer decrypts the certificate and makes no attempt to store
      the password.
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              philipm Philip Martin
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated: